From 815da8477db61aec4c1ec6b5b5b918d589284054 Mon Sep 17 00:00:00 2001 From: LouHaina <86720774+LouHaina@users.noreply.github.com> Date: Sat, 24 Feb 2024 15:46:48 +0800 Subject: [PATCH 01/38] Fix statefulset test property_name error (#327) * Fix statefulset test schema type error * Fix statefulSet test property_name error * Fix property name for statefulset update strategy --------- Co-authored-by: Jiawei "Tyler" Gu <47795840+tylergu@users.noreply.github.com> --- acto/input/test_generators/stateful_set.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/acto/input/test_generators/stateful_set.py b/acto/input/test_generators/stateful_set.py index 03aaf3da1c..7ee6c478c4 100644 --- a/acto/input/test_generators/stateful_set.py +++ b/acto/input/test_generators/stateful_set.py @@ -62,7 +62,7 @@ def replicas_tests(schema: IntegerSchema) -> list[TestCase]: @test_generator( - property_name="statefulSetUpdateStrategy", priority=Priority.SEMANTIC + property_name="updateStrategy", priority=Priority.SEMANTIC ) def stateful_set_update_strategy_tests(schema: ObjectSchema) -> list[TestCase]: """Generate test cases for StatefulSetUpdateStrategy field""" From 1e1a46f207e13e844a489d8d0c61ed516283ff99 Mon Sep 17 00:00:00 2001 From: Tianyin Xu Date: Sun, 25 Feb 2024 12:05:21 -0600 Subject: [PATCH 02/38] Update bugs.md --- bugs.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/bugs.md b/bugs.md index 51f259af47..e32a718992 100644 --- a/bugs.md +++ b/bugs.md @@ -90,7 +90,7 @@ | kubernetes/kubernetes | [https://github.com/kubernetes/kubernetes/issues/112609](https://github.com/kubernetes/kubernetes/issues/112609) | confirmed | | runtime/cgo | [https://github.com/golang/go/issues/53958](https://github.com/golang/go/issues/53958) | fixed | -# Unrelated +# Others | Operator | Link | Status | | ----------------------- | ------------------------------------------------------------------------------------------------------------------------------ | ------ | | k8ssandra/cass-operator | [https://github.com/k8ssandra/cass-operator/issues/324](https://github.com/k8ssandra/cass-operator/issues/324) | | From 674438f04fa3b1d751dbdd11becbe23045f9accd Mon Sep 17 00:00:00 2001 From: Tianyang Zhou Date: Sun, 25 Feb 2024 12:08:06 -0600 Subject: [PATCH 03/38] Set subprocess.run check to False if returncode is used later (#330) Co-authored-by: Jiawei "Tyler" Gu <47795840+tylergu@users.noreply.github.com> --- acto/kubernetes_engine/kind.py | 8 ++++---- acto/kubernetes_engine/minikube.py | 28 ++++++++++++++-------------- 2 files changed, 18 insertions(+), 18 deletions(-) diff --git a/acto/kubernetes_engine/kind.py b/acto/kubernetes_engine/kind.py index 826ca10793..09dac36752 100644 --- a/acto/kubernetes_engine/kind.py +++ b/acto/kubernetes_engine/kind.py @@ -110,7 +110,7 @@ def create_cluster(self, name: str, kubeconfig: str): cmd.extend(["--image", f"kindest/node:{self._k8s_version}"]) - p = subprocess.run(cmd, check=True) + p = subprocess.run(cmd, check=False) i = 0 while p.returncode != 0: if i == 3: @@ -122,7 +122,7 @@ def create_cluster(self, name: str, kubeconfig: str): i += 1 self.delete_cluster(name, kubeconfig) time.sleep(5) - p = subprocess.run(cmd, check=True) + p = subprocess.run(cmd, check=False) try: kubernetes.config.load_kube_config( @@ -154,7 +154,7 @@ def load_images(self, images_archive_path: str, name: str): else: logging.error("Missing cluster name for kind load") - p = subprocess.run(cmd + [images_archive_path], check=True) + p = subprocess.run(cmd + [images_archive_path], check=False) if p.returncode != 0: logging.error("Failed to preload images archive") @@ -171,7 +171,7 @@ def delete_cluster(self, name: str, kubeconfig: str): else: raise RuntimeError("Missing kubeconfig for kind create") - while subprocess.run(cmd, check=True).returncode != 0: + while subprocess.run(cmd, check=False).returncode != 0: continue def get_node_list(self, name: str): diff --git a/acto/kubernetes_engine/minikube.py b/acto/kubernetes_engine/minikube.py index 6041012e7f..400bd7c965 100644 --- a/acto/kubernetes_engine/minikube.py +++ b/acto/kubernetes_engine/minikube.py @@ -69,7 +69,7 @@ def create_cluster(self, name: str, kubeconfig: str): cmd, stdout=subprocess.DEVNULL, stderr=subprocess.DEVNULL, - check=True, + check=False, ) i = 0 @@ -83,7 +83,7 @@ def create_cluster(self, name: str, kubeconfig: str): i += 1 self.delete_cluster(name, kubeconfig) time.sleep(5) - p = subprocess.run(cmd, check=True) + p = subprocess.run(cmd, check=False) # csi driver cmd = ["minikube", "addons", "disable", "storage-provisioner"] @@ -93,7 +93,7 @@ def create_cluster(self, name: str, kubeconfig: str): cmd, stdout=subprocess.DEVNULL, stderr=subprocess.DEVNULL, - check=True, + check=False, ) i = 0 print(cmd) @@ -107,7 +107,7 @@ def create_cluster(self, name: str, kubeconfig: str): i += 1 self.delete_cluster(name, kubeconfig) time.sleep(5) - p = subprocess.run(cmd, check=True) + p = subprocess.run(cmd, check=False) cmd = ["minikube", "addons", "disable", "default-storageclass"] cmd.extend(["--profile", name]) @@ -116,7 +116,7 @@ def create_cluster(self, name: str, kubeconfig: str): cmd, stdout=subprocess.DEVNULL, stderr=subprocess.DEVNULL, - check=True, + check=False, ) i = 0 print(cmd) @@ -130,7 +130,7 @@ def create_cluster(self, name: str, kubeconfig: str): i += 1 self.delete_cluster(name, kubeconfig) time.sleep(5) - p = subprocess.run(cmd, check=True) + p = subprocess.run(cmd, check=False) cmd = ["minikube", "addons", "enable", "volumesnapshots"] cmd.extend(["--profile", name]) @@ -138,7 +138,7 @@ def create_cluster(self, name: str, kubeconfig: str): cmd, stdout=subprocess.DEVNULL, stderr=subprocess.DEVNULL, - check=True, + check=False, ) i = 0 print(cmd) @@ -152,7 +152,7 @@ def create_cluster(self, name: str, kubeconfig: str): i += 1 self.delete_cluster(name, kubeconfig) time.sleep(5) - p = subprocess.run(cmd, check=True) + p = subprocess.run(cmd, check=False) cmd = ["minikube", "addons", "enable", "csi-hostpath-driver"] cmd.extend(["--profile", name]) @@ -160,7 +160,7 @@ def create_cluster(self, name: str, kubeconfig: str): cmd, stdout=subprocess.DEVNULL, stderr=subprocess.DEVNULL, - check=True, + check=False, ) i = 0 print(cmd) @@ -174,7 +174,7 @@ def create_cluster(self, name: str, kubeconfig: str): i += 1 self.delete_cluster(name, kubeconfig) time.sleep(5) - p = subprocess.run(cmd, check=True) + p = subprocess.run(cmd, check=False) cmd = [ "kubectl", @@ -188,7 +188,7 @@ def create_cluster(self, name: str, kubeconfig: str): cmd, stdout=subprocess.DEVNULL, stderr=subprocess.DEVNULL, - check=True, + check=False, ) i = 0 print(cmd) @@ -202,7 +202,7 @@ def create_cluster(self, name: str, kubeconfig: str): i += 1 self.delete_cluster(name, kubeconfig) time.sleep(5) - p = subprocess.run(cmd, check=True) + p = subprocess.run(cmd, check=False) # minikube mount cmd = ["minikube", "mount", "profile/data:/tmp/profile"] @@ -239,7 +239,7 @@ def load_images(self, images_archive_path: str, name: str): else: logging.error("Missing cluster name for minikube load") - p = subprocess.run(cmd + [images_archive_path], check=True) + p = subprocess.run(cmd + [images_archive_path], check=False) if p.returncode != 0: logging.error("Failed to preload images archive") @@ -257,7 +257,7 @@ def delete_cluster(self, name: str, kubeconfig: str): else: raise RuntimeError("Missing kubeconfig for minikube create") - while subprocess.run(cmd, check=True).returncode != 0: + while subprocess.run(cmd, check=False).returncode != 0: continue os.environ.pop("KUBECONFIG", None) From 13fdf39b97369f33beb1d22e57f86f05e649e226 Mon Sep 17 00:00:00 2001 From: Tyler Gu Date: Sun, 25 Feb 2024 19:13:03 -0600 Subject: [PATCH 04/38] Update FAQ in docs Signed-off-by: Tyler Gu --- docs/FAQ.md | 16 +++++++++++++++- 1 file changed, 15 insertions(+), 1 deletion(-) diff --git a/docs/FAQ.md b/docs/FAQ.md index 312d7a58f2..7e0cd156e5 100644 --- a/docs/FAQ.md +++ b/docs/FAQ.md @@ -1,4 +1,18 @@ -# Known Limitations +# Frequently Asked Questions + +### Error message: `k8sutil.so: cannot open shared object file: No such file or directory.` + +The `k8sutil.so` is a shared object used by Acto. To produce this shared object, in the acto’s root directory, run `make` + +### Acto only supports deploying operators using YAML files, but my operator is deployed with Helm/Kustomize. How should I write the deploy section of the config file? + You can produce the equivalent YAML files from the Helm chart/Kustomize using the following commands +- [helm template](https://helm.sh/docs/helm/helm_template/) / [helm get manifest](https://helm.sh/docs/helm/helm_get_manifest/) +- [kustomize build](https://kubectl.docs.kubernetes.io/references/kustomize/cmd/build/) +### How do I know which Kubernetes release I should use for my operator (i.e. the `kubernetes_version` field in the config.json)? +You should be able to find the client’s version in the operator’s version control file. For example, Golang operators have `client-go` dependency in their go.mod files. You can use the `client-go`'s version to get the appropriate Kubernetes version following their semver practice: [https://github.com/kubernetes/client-go?tab=readme-ov-file#kubernetes-tags](https://github.com/kubernetes/client-go?tab=readme-ov-file#kubernetes-tags) +### How many have Acto generated for the operator? How many tests are there left? +At the beginning of the `test.log`, you can find a line in the log of the format `Generated %d test cases to run` +To get the number of tests left to run, you can do a keyword search in the log for `Progress [` to get the number of tests left for a worker. ### Failed cluster creation when using the multiple worker functionality by specifying `--num-workers` ([A Known Issue of Kind](https://kind.sigs.k8s.io/docs/user/known-issues/#pod-errors-due-to-too-many-open-files)) From 430927d23c411352c97f2c7c3e11975e629534cb Mon Sep 17 00:00:00 2001 From: Xinze Zheng <112009367+xinze-zheng@users.noreply.github.com> Date: Sun, 25 Feb 2024 19:34:22 -0600 Subject: [PATCH 05/38] Update result collection in port.md (#333) --- docs/port.md | 68 ++++++++++++++++++++++++++++------------------------ 1 file changed, 37 insertions(+), 31 deletions(-) diff --git a/docs/port.md b/docs/port.md index 13e4c34896..b92ab91f28 100644 --- a/docs/port.md +++ b/docs/port.md @@ -888,42 +888,48 @@ You can easily inspect the alarms by importing it into Google Sheet or Excel ## Interpreting Acto's test result -Acto will first generate a test plan using the operator's CRD and the semantic information. -The test plan is serialized at `testrun-cass/testplan.json` (You don't need to manually inspect the `testplan.json`, it is just to give an overview of the tests going to be run). -Note that Acto does not run the tests according to the order in the `testplan.json`, the tests are run in a random order at runtime. - -Acto then constructs the number of Kubernetes clusters according to the `--num-workers` argument, - and start to run tests. -Tests are run in parallel in separate Kubernetes clusters. -Under the `testrun-cass` directory, Acto creates directories `trial-XX-YYYY`. `XX` corresponds to the worker ID, i.e. `XX` ranges from `0` to `3` if there are 4 workers. -`YYYY` starts from `0000`, and Acto increments `YYYY` every time it has to restart the cluster. -This means every step inside the same `trial-xx-yyyy` directory runs in the same instance of Kubernetes cluster. - -Acto takes steps to run the testcases over the previous CR one by one. -One testcase is to change the current CR to provide the next CR to be applied. -Acto starts from the sample CR given from the operator configuration. - -At each step, Acto applies a test case over the existing CR to produce the next CR. -It then uses `kubectl apply` to apply the CR in a declarative fashion. -Acto waits for the operator to reconcile the system to match the CR, - then collects a "snapshot" of the system state at this point of time. -It then runs a collection of oracles(checkers) over the snapshot to detect bugs. -Acto serializes the "snapshot" and the runtime result from the oracles in the `trial-xx-yyyy` directory. - -The schema of the "snapshot" is defined at [acto/snapshot.py](../acto/snapshot.py). -It is serialized to the following files: -- `mutated-*.yaml`: These files are the inputs Acto submitted to Kubernetes to run the state transitions. Concretely, Acto first applies `mutated-0.yaml`, and wait for the system to converge, and then applies `mutated-1.yaml`, and so on. -- `cli-output-*.log` and `operator-*.log`: These two files contain the command line result and operator log after submitting the input. -- `system-state-*.json`: After each step submitting `mutated-*.yaml`, Acto collects the system state and store it as `system-state-*.json`. This file contains the serialized state objects from Kubernetes. +Acto will first generate a test plan using the operator's CRD and the semantic information. The test plan is serialized at `testrun-cass/testplan.json` (You don't need to manually inspect the `testplan.json`, it is just to give an overview of the tests going to be run). Note that Acto does not run the tests according to the order in the `testplan.json`, the tests are run in a random order at runtime. + +Acto then constructs the number of Kubernetes clusters according to the `--num-workers` argument, and start to run tests. Tests are run in parallel in separate Kubernetes clusters. Under the `testrun-cass` directory, Acto creates directories `trial-XX-YYYY`. `XX` corresponds to the worker ID, i.e. `XX` ranges from `0` to `3` if there are 4 workers. `YYYY` starts from `0000`, and Acto increments `YYYY` every time it has to restart the cluster. This means every step inside the same `trial-xx-yyyy` directory runs in the same instance of Kubernetes cluster. + +Acto takes steps to run the testcases over the previous CR one by one. One testcase is to change the current CR to provide the next CR to be applied. Acto starts from the sample CR given from the operator configuration. + +At each step, Acto applies a test case over the existing CR to produce the next CR. It then uses `kubectl apply` to apply the CR in a declarative fashion. Acto waits for the operator to reconcile the system to match the CR, then collects a "snapshot" of the system state at this point of time. It then runs a collection of oracles(checkers) over the snapshot to detect bugs. Acto serializes the "snapshot" and the runtime result from the oracles in the `trial-xx-yyyy` directory. + +The schema of the "snapshot" is defined at [acto/snapshot.py](https://github.com/xlab-uiuc/acto/blob/main/acto/snapshot.py). It is serialized to the following files: + +- `mutated-*.yaml`: These files are the inputs Acto submitted to Kubernetes to run the state transitions. Concretely, Acto first applies `mutated-0.yaml`, and wait for the system to converge, and then applies `mutated-1.yaml`, and so on. +- `cli-output-*.log` and `operator-*.log`: These two files contain the command line result and operator log after submitting the input. +- `system-state-*.json`: After each step submitting `mutated-*.yaml`, Acto collects the system state and store it as `system-state-*.json`. This file contains the serialized state objects from Kubernetes. - `events-*.log`: This file contains the list of detailed Kubernetes event objects happened after each step. -- `not-ready-pod-*.log`: Acto collects the log from pods which are in `unready` state. This information is helpful for debugging the reason the pod crashed or is unhealthy. +- `not-ready-pod-*.log`: Acto collects the log from pods which are in `unready` state. This information is helpful for debugging the reason the pod crashed or is unhealthy. + +The schema of the runtime result is defined at [acto/result.py](https://github.com/xlab-uiuc/acto/blob/main/acto/result.py). It is serialized to the `generation-XXX-runtime.json` files. It mainly includes the result from the oracles: -The schema of the runtime result is defined at [acto/result.py](../acto/result.py). -It is serialized to the `generation-XXX-runtime.json` files. -It mainly includes the result from the oracles: - `crash`: if any container crashed or not - `health`: if any StatefulSet or Deployment is unhealthy, by comparing the ready replicas in status and desired replicas in spec - `consistency`: consistency oracle, checking if the desired system state matches the actual system state - `operator_log`: if the log indicates invalid input - `custom`: result of custom oracles, defined by users - `differential`: if the recovery step is successful after the error state + +### Gathering Test Results + +After Acto finishes all the tests, you can use the following script to collect all the test results into a .csv file and inspect them in Google Sheet. + +Run the following command in the Acto repo, it will produce a csv file under the testrun directory(workdir). +``` +python3 -m acto.post_process.collect_test_result --config OPERATOR_CONFIG --testrun-dir TESTRUN_DIR +``` + +Usage documentation: +``` +usage: collect_test_result.py [-h] --config CONFIG --testrun-dir TESTRUN_DIR + +Collect all test results into a CSV file for analysis. + +options: + -h, --help show this help message and exit + --config CONFIG Path to the operator config file + --testrun-dir TESTRUN_DIR + Path to the testrun dir which contains the testing result From 5b3e29e857cfef750a9bb7000450a3bb88d84bfb Mon Sep 17 00:00:00 2001 From: Tyler Gu Date: Sun, 25 Feb 2024 19:38:52 -0600 Subject: [PATCH 06/38] Backport port instructions from kube-523 Signed-off-by: Tyler Gu --- docs/port.md | 54 ++++++++++++++++++++++++++++++++++++++++------------ 1 file changed, 42 insertions(+), 12 deletions(-) diff --git a/docs/port.md b/docs/port.md index b92ab91f28..3173f151fd 100644 --- a/docs/port.md +++ b/docs/port.md @@ -178,7 +178,13 @@ Specify this through the `seed_custom_resource` property in the configuration. For example, cass-operator provides a list of sample CRs in their [repo](https://github.com/k8ssandra/cass-operator/tree/master/config/samples) -Copy one CR into the port directory, and specify the path of the copied CR in the `seed_custom_resource` property +Copy one CR into the port directory, and specify the path of the copied CR in the `seed_custom_resource` property. + +**Important** Please specify the `metadata.name` as `test-cluster` in the CR YAML. + +### Extending and customizing Acto +Please refer to [https://github.com/xlab-uiuc/acto/blob/main/docs/test_generator.md](https://github.com/xlab-uiuc/acto/blob/main/docs/test_generator.md) + ### Providing source code information for whitebox mode (advanced) Acto supports a whitebox mode to enable more accurate testing by utilizing source code information. @@ -859,7 +865,34 @@ First run `make` to build the required shared object: make ``` -Then invoke `acto` +Hold your horses, before launching a full test campaign, you may want to validate that your operator config. You wouldn’t want to run Acto for overnight and realize the operator was crashing all the time. + +### Run the “learn” phase of Acto + +Acto has a pre-flight “learn” phase, which does some first-time information collection and checking. + +To only run the “learn” phase: + +```bash +python3 -m acto --config CONFIG --learn +``` + +It does the following tasks: + +1. Create a “learn” Kubernetes cluster +2. Parse the Operator deployment steps to figure out which namespace the operator is deployed to. +3. Deploy the Operator according to the Deploy section of the operator config. +4. Get the CRD from the Kubernetes cluster, which should be created at step 3. +5. Deploy the CR. +6. Inspect the Kubernetes nodes to get the list of images being used. These images will be preloaded to the Kubernetes nodes during the test campaign to avoid the Docker’s pull rate limit. +7. Conduct pre-flight checking to make sure the system state is at least healthy. It also checks whether the pods have “IfNotPresent” as the ImagePullPolicy. + +At the end, it produces a `context.json` file in the same directory with the seed CR. The context.json file will be used for the actual test campaign, so that the above “learn” phase is only one-time effort. + +### Kick-off Acto’s Test Campaign + +Now you are all set to test your operator! +Invoke `acto` ```sh python3 -m acto --config CONFIG, -c CONFIG @@ -875,16 +908,13 @@ Example: python3 -m acto --config data/cass-operator/config.json --num-workers 4 --workdir testrun-cass ``` -Acto records the runtime information and test result in the workdir. -To focus on the alarms which indicate potential bugs, run -```sh -python3 -m acto.checker.checker --config data/cass-operator/config.json --num-workers 8 --testrun-dir testrun-cass -python3 scripts/feature_results_to_csv.py --testrun-dir testrun-cass -``` -It generates the `result.xlsx` file under the `testrun-cass` which contains - all the oracle results. -You can easily inspect the alarms by importing it into Google Sheet or Excel - and filter by `alarm==True`. +### Babysitting Acto + +Acto is still a research prototype, and it is very likely to have problems when being applied to different operators. + +Since the testing usually takes hours, it is recommended to monitor Acto’s log at the beginning to make sure it does not crash (to avoid the bad experience where you waited for one day to check the result, and realize that Acto crashed after 10 mins after starting). When Acto crashes, it dumps the stacktrace with all the local variable values. Acto prints log at `CRTICIAL` level when it crashes. To check whether Acto has crashed, simply do a keyword search of `CRITICAL` in Acto’s log. + +Acto writes the test log to `{WORKDIR}/test.log` . If you did not specify the `--workdir` command line argument, `{WORKDIR}` would be `testrun-{TIMESTAMP` in the current directory. ## Interpreting Acto's test result From 9f845f45f2cfbf004a027cc65f66d8372313546e Mon Sep 17 00:00:00 2001 From: Tyler Gu Date: Sun, 25 Feb 2024 19:40:54 -0600 Subject: [PATCH 07/38] Link to FAQ in port.md Signed-off-by: Tyler Gu --- docs/port.md | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/docs/port.md b/docs/port.md index 3173f151fd..b78e6d296e 100644 --- a/docs/port.md +++ b/docs/port.md @@ -948,12 +948,12 @@ The schema of the runtime result is defined at [acto/result.py](https://github. After Acto finishes all the tests, you can use the following script to collect all the test results into a .csv file and inspect them in Google Sheet. Run the following command in the Acto repo, it will produce a csv file under the testrun directory(workdir). -``` +```sh python3 -m acto.post_process.collect_test_result --config OPERATOR_CONFIG --testrun-dir TESTRUN_DIR ``` Usage documentation: -``` +```sh usage: collect_test_result.py [-h] --config CONFIG --testrun-dir TESTRUN_DIR Collect all test results into a CSV file for analysis. @@ -963,3 +963,7 @@ options: --config CONFIG Path to the operator config file --testrun-dir TESTRUN_DIR Path to the testrun dir which contains the testing result +``` + +## FAQ +Please refer to [FAQ](./FAQ.md) for frequently asked questions. From fed230396896b3a3d8f44fdd4bd66ac8f9f38924 Mon Sep 17 00:00:00 2001 From: Tyler Gu Date: Tue, 27 Feb 2024 07:31:59 -0600 Subject: [PATCH 08/38] Add examples for interpreting testing results Signed-off-by: Tyler Gu --- .../false_alarm/events--01.json | 2548 ++ .../false_alarm/events-000.json | 2548 ++ .../false_alarm/events-001.json | 2548 ++ .../false_alarm/events-002.json | 2548 ++ .../false_alarm/generation-000-runtime.json | 17 + .../false_alarm/generation-001-runtime.json | 20 + .../false_alarm/generation-002-runtime.json | 35 + .../false_alarm/mutated--01.yaml | 21 + .../false_alarm/mutated-000.yaml | 18 + .../false_alarm/mutated-001.yaml | 21 + .../false_alarm/mutated-002.yaml | 21 + docs/alarm_examples/false_alarm/result.json | 27 + .../false_alarm/system-state--01.json | 5303 +++ .../false_alarm/system-state-000.json | 5298 +++ .../false_alarm/system-state-001.json | 5303 +++ .../false_alarm/system-state-002.json | 5303 +++ .../misoperation/events--01.json | 11482 ++++++ .../misoperation/events-000.json | 11000 ++++++ .../misoperation/events-001.json | 11482 ++++++ .../misoperation/generation-000-runtime.json | 17 + .../misoperation/generation-001-runtime.json | 22 + .../misoperation/mutated--01.yaml | 40 + .../misoperation/mutated-000.yaml | 40 + .../misoperation/mutated-001.yaml | 49 + docs/alarm_examples/misoperation/result.json | 31594 ++++++++++++++++ .../misoperation/system-state--01.json | 15715 ++++++++ .../misoperation/system-state-000.json | 15823 ++++++++ .../misoperation/system-state-001.json | 15747 ++++++++ .../alarm_examples/true_alarm/events--01.json | 6753 ++++ .../alarm_examples/true_alarm/events-000.json | 6753 ++++ .../alarm_examples/true_alarm/events-001.json | 6753 ++++ .../alarm_examples/true_alarm/events-002.json | 6753 ++++ .../true_alarm/generation-000-runtime.json | 17 + .../true_alarm/generation-001-runtime.json | 20 + .../true_alarm/generation-002-runtime.json | 36 + .../true_alarm/mutated--01.yaml | 31 + .../true_alarm/mutated-000.yaml | 27 + .../true_alarm/mutated-001.yaml | 31 + .../true_alarm/mutated-002.yaml | 30 + docs/alarm_examples/true_alarm/result.json | 28 + .../true_alarm/system-state--01.json | 8503 +++++ .../true_alarm/system-state-000.json | 8501 +++++ .../true_alarm/system-state-001.json | 8503 +++++ .../true_alarm/system-state-002.json | 8501 +++++ docs/port.md | 103 + 45 files changed, 205933 insertions(+) create mode 100644 docs/alarm_examples/false_alarm/events--01.json create mode 100644 docs/alarm_examples/false_alarm/events-000.json create mode 100644 docs/alarm_examples/false_alarm/events-001.json create mode 100644 docs/alarm_examples/false_alarm/events-002.json create mode 100644 docs/alarm_examples/false_alarm/generation-000-runtime.json create mode 100644 docs/alarm_examples/false_alarm/generation-001-runtime.json create mode 100644 docs/alarm_examples/false_alarm/generation-002-runtime.json create mode 100644 docs/alarm_examples/false_alarm/mutated--01.yaml create mode 100644 docs/alarm_examples/false_alarm/mutated-000.yaml create mode 100644 docs/alarm_examples/false_alarm/mutated-001.yaml create mode 100644 docs/alarm_examples/false_alarm/mutated-002.yaml create mode 100644 docs/alarm_examples/false_alarm/result.json create mode 100644 docs/alarm_examples/false_alarm/system-state--01.json create mode 100644 docs/alarm_examples/false_alarm/system-state-000.json create mode 100644 docs/alarm_examples/false_alarm/system-state-001.json create mode 100644 docs/alarm_examples/false_alarm/system-state-002.json create mode 100644 docs/alarm_examples/misoperation/events--01.json create mode 100644 docs/alarm_examples/misoperation/events-000.json create mode 100644 docs/alarm_examples/misoperation/events-001.json create mode 100644 docs/alarm_examples/misoperation/generation-000-runtime.json create mode 100644 docs/alarm_examples/misoperation/generation-001-runtime.json create mode 100644 docs/alarm_examples/misoperation/mutated--01.yaml create mode 100644 docs/alarm_examples/misoperation/mutated-000.yaml create mode 100644 docs/alarm_examples/misoperation/mutated-001.yaml create mode 100644 docs/alarm_examples/misoperation/result.json create mode 100644 docs/alarm_examples/misoperation/system-state--01.json create mode 100644 docs/alarm_examples/misoperation/system-state-000.json create mode 100644 docs/alarm_examples/misoperation/system-state-001.json create mode 100644 docs/alarm_examples/true_alarm/events--01.json create mode 100644 docs/alarm_examples/true_alarm/events-000.json create mode 100644 docs/alarm_examples/true_alarm/events-001.json create mode 100644 docs/alarm_examples/true_alarm/events-002.json create mode 100644 docs/alarm_examples/true_alarm/generation-000-runtime.json create mode 100644 docs/alarm_examples/true_alarm/generation-001-runtime.json create mode 100644 docs/alarm_examples/true_alarm/generation-002-runtime.json create mode 100644 docs/alarm_examples/true_alarm/mutated--01.yaml create mode 100644 docs/alarm_examples/true_alarm/mutated-000.yaml create mode 100644 docs/alarm_examples/true_alarm/mutated-001.yaml create mode 100644 docs/alarm_examples/true_alarm/mutated-002.yaml create mode 100644 docs/alarm_examples/true_alarm/result.json create mode 100644 docs/alarm_examples/true_alarm/system-state--01.json create mode 100644 docs/alarm_examples/true_alarm/system-state-000.json create mode 100644 docs/alarm_examples/true_alarm/system-state-001.json create mode 100644 docs/alarm_examples/true_alarm/system-state-002.json diff --git a/docs/alarm_examples/false_alarm/events--01.json b/docs/alarm_examples/false_alarm/events--01.json new file mode 100644 index 0000000000..16e632cc91 --- /dev/null +++ b/docs/alarm_examples/false_alarm/events--01.json @@ -0,0 +1,2548 @@ +{ + "api_version": "v1", + "items": [ + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T04:27:55+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "Pod", + "name": "acto-test-operator-zookeeper-operator-f56b66895-xgnpm", + "namespace": "acto-namespace", + "resource_version": "634", + "uid": "b75052f7-2f5d-4c24-9c77-cb51321f43a4" + }, + "kind": null, + "last_timestamp": "2024-02-27T04:27:55+00:00", + "message": "Successfully assigned acto-namespace/acto-test-operator-zookeeper-operator-f56b66895-xgnpm to acto-0-cluster-0-worker", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T04:27:55+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-scheduler", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T04:27:55+00:00" + } + ], + "name": "acto-test-operator-zookeeper-operator-f56b66895-xgnpm.17b79dca408ec5fe", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "639", + "self_link": null, + "uid": "ff7b1e26-f169-40bb-8d30-877ff95b7884" + }, + "reason": "Scheduled", + "related": null, + "reporting_component": "default-scheduler", + "reporting_instance": "", + "series": null, + "source": { + "component": "default-scheduler", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T04:27:56+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{acto-test-operator-zookeeper-operator}", + "kind": "Pod", + "name": "acto-test-operator-zookeeper-operator-f56b66895-xgnpm", + "namespace": "acto-namespace", + "resource_version": "636", + "uid": "b75052f7-2f5d-4c24-9c77-cb51321f43a4" + }, + "kind": null, + "last_timestamp": "2024-02-27T04:27:56+00:00", + "message": "Container image \"pravega/zookeeper-operator:0.2.13\" already present on machine", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T04:27:56+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:reportingInstance": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T04:27:56+00:00" + } + ], + "name": "acto-test-operator-zookeeper-operator-f56b66895-xgnpm.17b79dca5b339e4b", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "645", + "self_link": null, + "uid": "af4237c8-482c-4a91-9f07-65a2534182c7" + }, + "reason": "Pulled", + "related": null, + "reporting_component": "kubelet", + "reporting_instance": "acto-0-cluster-0-worker", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T04:27:56+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{acto-test-operator-zookeeper-operator}", + "kind": "Pod", + "name": "acto-test-operator-zookeeper-operator-f56b66895-xgnpm", + "namespace": "acto-namespace", + "resource_version": "636", + "uid": "b75052f7-2f5d-4c24-9c77-cb51321f43a4" + }, + "kind": null, + "last_timestamp": "2024-02-27T04:27:56+00:00", + "message": "Created container acto-test-operator-zookeeper-operator", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T04:27:56+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:reportingInstance": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T04:27:56+00:00" + } + ], + "name": "acto-test-operator-zookeeper-operator-f56b66895-xgnpm.17b79dca5bd57959", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "646", + "self_link": null, + "uid": "72fa7530-7708-421c-9297-04fa3a3be6e2" + }, + "reason": "Created", + "related": null, + "reporting_component": "kubelet", + "reporting_instance": "acto-0-cluster-0-worker", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T04:27:56+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{acto-test-operator-zookeeper-operator}", + "kind": "Pod", + "name": "acto-test-operator-zookeeper-operator-f56b66895-xgnpm", + "namespace": "acto-namespace", + "resource_version": "636", + "uid": "b75052f7-2f5d-4c24-9c77-cb51321f43a4" + }, + "kind": null, + "last_timestamp": "2024-02-27T04:27:56+00:00", + "message": "Started container acto-test-operator-zookeeper-operator", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T04:27:56+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:reportingInstance": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T04:27:56+00:00" + } + ], + "name": "acto-test-operator-zookeeper-operator-f56b66895-xgnpm.17b79dca61ed46fe", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "647", + "self_link": null, + "uid": "5602a164-93a5-4f66-b66a-4ece02714a01" + }, + "reason": "Started", + "related": null, + "reporting_component": "kubelet", + "reporting_instance": "acto-0-cluster-0-worker", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T04:27:55+00:00", + "involved_object": { + "api_version": "apps/v1", + "field_path": null, + "kind": "ReplicaSet", + "name": "acto-test-operator-zookeeper-operator-f56b66895", + "namespace": "acto-namespace", + "resource_version": "630", + "uid": "1b23e2bb-3559-4aa5-81e0-684e828d90ab" + }, + "kind": null, + "last_timestamp": "2024-02-27T04:27:55+00:00", + "message": "Created pod: acto-test-operator-zookeeper-operator-f56b66895-xgnpm", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T04:27:55+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T04:27:55+00:00" + } + ], + "name": "acto-test-operator-zookeeper-operator-f56b66895.17b79dca4052e4be", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "635", + "self_link": null, + "uid": "6ee37dc4-df87-4770-abef-55b3691dfecc" + }, + "reason": "SuccessfulCreate", + "related": null, + "reporting_component": "replicaset-controller", + "reporting_instance": "", + "series": null, + "source": { + "component": "replicaset-controller", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T04:27:55+00:00", + "involved_object": { + "api_version": "apps/v1", + "field_path": null, + "kind": "Deployment", + "name": "acto-test-operator-zookeeper-operator", + "namespace": "acto-namespace", + "resource_version": "629", + "uid": "e6a6837c-b4cd-4886-9b00-c0cf0cee78e7" + }, + "kind": null, + "last_timestamp": "2024-02-27T04:27:55+00:00", + "message": "Scaled up replica set acto-test-operator-zookeeper-operator-f56b66895 to 1", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T04:27:55+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T04:27:55+00:00" + } + ], + "name": "acto-test-operator-zookeeper-operator.17b79dca4003ab6e", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "632", + "self_link": null, + "uid": "2d4015ca-af0d-4005-8827-0bc6f579875b" + }, + "reason": "ScalingReplicaSet", + "related": null, + "reporting_component": "deployment-controller", + "reporting_instance": "", + "series": null, + "source": { + "component": "deployment-controller", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T04:28:26+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "PersistentVolumeClaim", + "name": "data-test-cluster-0", + "namespace": "acto-namespace", + "resource_version": "713", + "uid": "8211e23f-273c-4f5e-8d6b-a7791954a1ad" + }, + "kind": null, + "last_timestamp": "2024-02-27T04:28:26+00:00", + "message": "waiting for first consumer to be created before binding", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T04:28:26+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T04:28:26+00:00" + } + ], + "name": "data-test-cluster-0.17b79dd162b96be9", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "724", + "self_link": null, + "uid": "45c592e6-1694-4f42-99e0-576d70145c52" + }, + "reason": "WaitForFirstConsumer", + "related": null, + "reporting_component": "persistentvolume-controller", + "reporting_instance": "", + "series": null, + "source": { + "component": "persistentvolume-controller", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 2, + "event_time": null, + "first_timestamp": "2024-02-27T04:28:26+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "PersistentVolumeClaim", + "name": "data-test-cluster-0", + "namespace": "acto-namespace", + "resource_version": "725", + "uid": "8211e23f-273c-4f5e-8d6b-a7791954a1ad" + }, + "kind": null, + "last_timestamp": "2024-02-27T04:28:26+00:00", + "message": "Waiting for a volume to be created either by the external provisioner 'rancher.io/local-path' or manually by the system administrator. If volume creation is delayed, please verify that the provisioner is running and correctly registered.", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T04:28:26+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T04:28:26+00:00" + } + ], + "name": "data-test-cluster-0.17b79dd163624453", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "730", + "self_link": null, + "uid": "09252211-8156-4897-85f4-3998f35ed4eb" + }, + "reason": "ExternalProvisioning", + "related": null, + "reporting_component": "persistentvolume-controller", + "reporting_instance": "", + "series": null, + "source": { + "component": "persistentvolume-controller", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T04:28:26+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "PersistentVolumeClaim", + "name": "data-test-cluster-0", + "namespace": "acto-namespace", + "resource_version": "725", + "uid": "8211e23f-273c-4f5e-8d6b-a7791954a1ad" + }, + "kind": null, + "last_timestamp": "2024-02-27T04:28:26+00:00", + "message": "External provisioner is provisioning volume for claim \"acto-namespace/data-test-cluster-0\"", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T04:28:26+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "local-path-provisioner", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T04:28:26+00:00" + } + ], + "name": "data-test-cluster-0.17b79dd1638a33ee", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "731", + "self_link": null, + "uid": "826e7aef-d859-40de-ad79-c7c01906cc7c" + }, + "reason": "Provisioning", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "rancher.io/local-path_local-path-provisioner-6f8956fb48-s94nx_c074f479-9dbc-432e-a14c-40b662177b7e", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T04:28:29+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "PersistentVolumeClaim", + "name": "data-test-cluster-0", + "namespace": "acto-namespace", + "resource_version": "725", + "uid": "8211e23f-273c-4f5e-8d6b-a7791954a1ad" + }, + "kind": null, + "last_timestamp": "2024-02-27T04:28:29+00:00", + "message": "Successfully provisioned volume pvc-8211e23f-273c-4f5e-8d6b-a7791954a1ad", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T04:28:29+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "local-path-provisioner", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T04:28:29+00:00" + } + ], + "name": "data-test-cluster-0.17b79dd217e0dae7", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "750", + "self_link": null, + "uid": "dbfce239-64b3-471e-ae2b-4a29d14cc73f" + }, + "reason": "ProvisioningSucceeded", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "rancher.io/local-path_local-path-provisioner-6f8956fb48-s94nx_c074f479-9dbc-432e-a14c-40b662177b7e", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T04:28:40+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "PersistentVolumeClaim", + "name": "data-test-cluster-1", + "namespace": "acto-namespace", + "resource_version": "790", + "uid": "b8c6a1b0-0e69-48a2-9fc8-f1a89199e606" + }, + "kind": null, + "last_timestamp": "2024-02-27T04:28:40+00:00", + "message": "waiting for first consumer to be created before binding", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T04:28:40+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T04:28:40+00:00" + } + ], + "name": "data-test-cluster-1.17b79dd4be6cc48a", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "792", + "self_link": null, + "uid": "9735ed19-43c9-4d11-98b2-3fbf234d6d59" + }, + "reason": "WaitForFirstConsumer", + "related": null, + "reporting_component": "persistentvolume-controller", + "reporting_instance": "", + "series": null, + "source": { + "component": "persistentvolume-controller", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T04:28:40+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "PersistentVolumeClaim", + "name": "data-test-cluster-1", + "namespace": "acto-namespace", + "resource_version": "797", + "uid": "b8c6a1b0-0e69-48a2-9fc8-f1a89199e606" + }, + "kind": null, + "last_timestamp": "2024-02-27T04:28:40+00:00", + "message": "Waiting for a volume to be created either by the external provisioner 'rancher.io/local-path' or manually by the system administrator. If volume creation is delayed, please verify that the provisioner is running and correctly registered.", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T04:28:40+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T04:28:40+00:00" + } + ], + "name": "data-test-cluster-1.17b79dd4bef0fe04", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "798", + "self_link": null, + "uid": "b7e6a67b-3c71-4bd5-bafc-47e6a637232c" + }, + "reason": "ExternalProvisioning", + "related": null, + "reporting_component": "persistentvolume-controller", + "reporting_instance": "", + "series": null, + "source": { + "component": "persistentvolume-controller", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T04:28:40+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "PersistentVolumeClaim", + "name": "data-test-cluster-1", + "namespace": "acto-namespace", + "resource_version": "797", + "uid": "b8c6a1b0-0e69-48a2-9fc8-f1a89199e606" + }, + "kind": null, + "last_timestamp": "2024-02-27T04:28:40+00:00", + "message": "External provisioner is provisioning volume for claim \"acto-namespace/data-test-cluster-1\"", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T04:28:40+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "local-path-provisioner", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T04:28:40+00:00" + } + ], + "name": "data-test-cluster-1.17b79dd4bf0ea00b", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "800", + "self_link": null, + "uid": "e0aee1f2-b70e-4755-9deb-cfc5755f7ab4" + }, + "reason": "Provisioning", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "rancher.io/local-path_local-path-provisioner-6f8956fb48-s94nx_c074f479-9dbc-432e-a14c-40b662177b7e", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T04:28:43+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "PersistentVolumeClaim", + "name": "data-test-cluster-1", + "namespace": "acto-namespace", + "resource_version": "797", + "uid": "b8c6a1b0-0e69-48a2-9fc8-f1a89199e606" + }, + "kind": null, + "last_timestamp": "2024-02-27T04:28:43+00:00", + "message": "Successfully provisioned volume pvc-b8c6a1b0-0e69-48a2-9fc8-f1a89199e606", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T04:28:43+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "local-path-provisioner", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T04:28:43+00:00" + } + ], + "name": "data-test-cluster-1.17b79dd572ce08ba", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "816", + "self_link": null, + "uid": "084a13e4-7cfb-4039-9183-cdc149ca36b6" + }, + "reason": "ProvisioningSucceeded", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "rancher.io/local-path_local-path-provisioner-6f8956fb48-s94nx_c074f479-9dbc-432e-a14c-40b662177b7e", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T04:29:27+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "PersistentVolumeClaim", + "name": "data-test-cluster-2", + "namespace": "acto-namespace", + "resource_version": "922", + "uid": "47ad8dc1-68a9-4120-bda1-27f533dcb698" + }, + "kind": null, + "last_timestamp": "2024-02-27T04:29:27+00:00", + "message": "waiting for first consumer to be created before binding", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T04:29:27+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T04:29:27+00:00" + } + ], + "name": "data-test-cluster-2.17b79ddf8e3900ed", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "925", + "self_link": null, + "uid": "725b9f90-18af-46c6-83a1-137686873162" + }, + "reason": "WaitForFirstConsumer", + "related": null, + "reporting_component": "persistentvolume-controller", + "reporting_instance": "", + "series": null, + "source": { + "component": "persistentvolume-controller", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 2, + "event_time": null, + "first_timestamp": "2024-02-27T04:29:27+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "PersistentVolumeClaim", + "name": "data-test-cluster-2", + "namespace": "acto-namespace", + "resource_version": "929", + "uid": "47ad8dc1-68a9-4120-bda1-27f533dcb698" + }, + "kind": null, + "last_timestamp": "2024-02-27T04:29:27+00:00", + "message": "Waiting for a volume to be created either by the external provisioner 'rancher.io/local-path' or manually by the system administrator. If volume creation is delayed, please verify that the provisioner is running and correctly registered.", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T04:29:27+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T04:29:27+00:00" + } + ], + "name": "data-test-cluster-2.17b79ddf8efbe69c", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "933", + "self_link": null, + "uid": "a4d9bfb8-32c1-4b71-9058-bb50b2e9e883" + }, + "reason": "ExternalProvisioning", + "related": null, + "reporting_component": "persistentvolume-controller", + "reporting_instance": "", + "series": null, + "source": { + "component": "persistentvolume-controller", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T04:29:27+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "PersistentVolumeClaim", + "name": "data-test-cluster-2", + "namespace": "acto-namespace", + "resource_version": "929", + "uid": "47ad8dc1-68a9-4120-bda1-27f533dcb698" + }, + "kind": null, + "last_timestamp": "2024-02-27T04:29:27+00:00", + "message": "External provisioner is provisioning volume for claim \"acto-namespace/data-test-cluster-2\"", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T04:29:27+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "local-path-provisioner", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T04:29:27+00:00" + } + ], + "name": "data-test-cluster-2.17b79ddf8f17b52b", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "932", + "self_link": null, + "uid": "235eaf18-ef17-410d-9c44-430a967575bc" + }, + "reason": "Provisioning", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "rancher.io/local-path_local-path-provisioner-6f8956fb48-s94nx_c074f479-9dbc-432e-a14c-40b662177b7e", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T04:29:30+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "PersistentVolumeClaim", + "name": "data-test-cluster-2", + "namespace": "acto-namespace", + "resource_version": "929", + "uid": "47ad8dc1-68a9-4120-bda1-27f533dcb698" + }, + "kind": null, + "last_timestamp": "2024-02-27T04:29:30+00:00", + "message": "Successfully provisioned volume pvc-47ad8dc1-68a9-4120-bda1-27f533dcb698", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T04:29:30+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "local-path-provisioner", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T04:29:30+00:00" + } + ], + "name": "data-test-cluster-2.17b79de04397f99a", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "949", + "self_link": null, + "uid": "03571a51-b4ff-481c-80d9-97ef86dbd20d" + }, + "reason": "ProvisioningSucceeded", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "rancher.io/local-path_local-path-provisioner-6f8956fb48-s94nx_c074f479-9dbc-432e-a14c-40b662177b7e", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T04:28:30+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "Pod", + "name": "test-cluster-0", + "namespace": "acto-namespace", + "resource_version": "717", + "uid": "18231edd-dc42-4fd5-8319-07d839343e12" + }, + "kind": null, + "last_timestamp": "2024-02-27T04:28:30+00:00", + "message": "Successfully assigned acto-namespace/test-cluster-0 to acto-0-cluster-0-worker3", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T04:28:30+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-scheduler", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T04:28:30+00:00" + } + ], + "name": "test-cluster-0.17b79dd251d6b72b", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "754", + "self_link": null, + "uid": "1d17a557-20b4-4825-8a80-a40757a16ec4" + }, + "reason": "Scheduled", + "related": null, + "reporting_component": "default-scheduler", + "reporting_instance": "", + "series": null, + "source": { + "component": "default-scheduler", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T04:28:30+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{zookeeper}", + "kind": "Pod", + "name": "test-cluster-0", + "namespace": "acto-namespace", + "resource_version": "753", + "uid": "18231edd-dc42-4fd5-8319-07d839343e12" + }, + "kind": null, + "last_timestamp": "2024-02-27T04:28:30+00:00", + "message": "Container image \"pravega/zookeeper:0.2.14\" already present on machine", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T04:28:30+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:reportingInstance": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T04:28:30+00:00" + } + ], + "name": "test-cluster-0.17b79dd26be37759", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "757", + "self_link": null, + "uid": "6d042fda-39f1-4ec5-ad84-2163c3ab5592" + }, + "reason": "Pulled", + "related": null, + "reporting_component": "kubelet", + "reporting_instance": "acto-0-cluster-0-worker3", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker3" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T04:28:30+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{zookeeper}", + "kind": "Pod", + "name": "test-cluster-0", + "namespace": "acto-namespace", + "resource_version": "753", + "uid": "18231edd-dc42-4fd5-8319-07d839343e12" + }, + "kind": null, + "last_timestamp": "2024-02-27T04:28:30+00:00", + "message": "Created container zookeeper", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T04:28:30+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:reportingInstance": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T04:28:30+00:00" + } + ], + "name": "test-cluster-0.17b79dd26cb2f343", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "758", + "self_link": null, + "uid": "ec2f645c-96de-4947-b9b0-66b5c4b708e5" + }, + "reason": "Created", + "related": null, + "reporting_component": "kubelet", + "reporting_instance": "acto-0-cluster-0-worker3", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker3" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T04:28:30+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{zookeeper}", + "kind": "Pod", + "name": "test-cluster-0", + "namespace": "acto-namespace", + "resource_version": "753", + "uid": "18231edd-dc42-4fd5-8319-07d839343e12" + }, + "kind": null, + "last_timestamp": "2024-02-27T04:28:30+00:00", + "message": "Started container zookeeper", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T04:28:30+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:reportingInstance": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T04:28:30+00:00" + } + ], + "name": "test-cluster-0.17b79dd26ffabb2d", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "759", + "self_link": null, + "uid": "e95459b0-a660-4b76-936a-6b670a26d126" + }, + "reason": "Started", + "related": null, + "reporting_component": "kubelet", + "reporting_instance": "acto-0-cluster-0-worker3", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker3" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T04:28:44+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "Pod", + "name": "test-cluster-1", + "namespace": "acto-namespace", + "resource_version": "793", + "uid": "29624fa3-b1bd-4a49-b9ce-4a745541e131" + }, + "kind": null, + "last_timestamp": "2024-02-27T04:28:44+00:00", + "message": "Successfully assigned acto-namespace/test-cluster-1 to acto-0-cluster-0-worker2", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T04:28:44+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-scheduler", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T04:28:44+00:00" + } + ], + "name": "test-cluster-1.17b79dd5ad662880", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "823", + "self_link": null, + "uid": "4f1a0a60-39a4-4f58-807d-b544ace4698f" + }, + "reason": "Scheduled", + "related": null, + "reporting_component": "default-scheduler", + "reporting_instance": "", + "series": null, + "source": { + "component": "default-scheduler", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 3, + "event_time": null, + "first_timestamp": "2024-02-27T04:28:45+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{zookeeper}", + "kind": "Pod", + "name": "test-cluster-1", + "namespace": "acto-namespace", + "resource_version": "822", + "uid": "29624fa3-b1bd-4a49-b9ce-4a745541e131" + }, + "kind": null, + "last_timestamp": "2024-02-27T04:29:11+00:00", + "message": "Container image \"pravega/zookeeper:0.2.14\" already present on machine", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T04:28:45+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:reportingInstance": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T04:29:11+00:00" + } + ], + "name": "test-cluster-1.17b79dd5c858ec4e", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "886", + "self_link": null, + "uid": "fc358a78-7bb9-4623-8c50-c2771b372f84" + }, + "reason": "Pulled", + "related": null, + "reporting_component": "kubelet", + "reporting_instance": "acto-0-cluster-0-worker2", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker2" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 3, + "event_time": null, + "first_timestamp": "2024-02-27T04:28:45+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{zookeeper}", + "kind": "Pod", + "name": "test-cluster-1", + "namespace": "acto-namespace", + "resource_version": "822", + "uid": "29624fa3-b1bd-4a49-b9ce-4a745541e131" + }, + "kind": null, + "last_timestamp": "2024-02-27T04:29:11+00:00", + "message": "Created container zookeeper", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T04:28:45+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:reportingInstance": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T04:29:11+00:00" + } + ], + "name": "test-cluster-1.17b79dd5c91c4855", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "887", + "self_link": null, + "uid": "8497d7a2-e806-43d9-973b-e7f21e9b16a8" + }, + "reason": "Created", + "related": null, + "reporting_component": "kubelet", + "reporting_instance": "acto-0-cluster-0-worker2", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker2" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 3, + "event_time": null, + "first_timestamp": "2024-02-27T04:28:45+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{zookeeper}", + "kind": "Pod", + "name": "test-cluster-1", + "namespace": "acto-namespace", + "resource_version": "822", + "uid": "29624fa3-b1bd-4a49-b9ce-4a745541e131" + }, + "kind": null, + "last_timestamp": "2024-02-27T04:29:11+00:00", + "message": "Started container zookeeper", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T04:28:45+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:reportingInstance": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T04:29:11+00:00" + } + ], + "name": "test-cluster-1.17b79dd5ceed7cd1", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "888", + "self_link": null, + "uid": "2556d3e9-2d26-4960-a3ee-165fb381f14a" + }, + "reason": "Started", + "related": null, + "reporting_component": "kubelet", + "reporting_instance": "acto-0-cluster-0-worker2", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker2" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 3, + "event_time": null, + "first_timestamp": "2024-02-27T04:28:46+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{zookeeper}", + "kind": "Pod", + "name": "test-cluster-1", + "namespace": "acto-namespace", + "resource_version": "822", + "uid": "29624fa3-b1bd-4a49-b9ce-4a745541e131" + }, + "kind": null, + "last_timestamp": "2024-02-27T04:28:55+00:00", + "message": "Back-off restarting failed container zookeeper in pod test-cluster-1_acto-namespace(29624fa3-b1bd-4a49-b9ce-4a745541e131)", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T04:28:46+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:reportingInstance": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T04:28:55+00:00" + } + ], + "name": "test-cluster-1.17b79dd627ac2e4b", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "860", + "self_link": null, + "uid": "185e690a-45d2-4df2-aa59-daaec7c54a2a" + }, + "reason": "BackOff", + "related": null, + "reporting_component": "kubelet", + "reporting_instance": "acto-0-cluster-0-worker2", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker2" + }, + "type": "Warning" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T04:29:31+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "Pod", + "name": "test-cluster-2", + "namespace": "acto-namespace", + "resource_version": "923", + "uid": "ba425a9d-cf57-4e27-8ef2-a64a42681f9e" + }, + "kind": null, + "last_timestamp": "2024-02-27T04:29:31+00:00", + "message": "Successfully assigned acto-namespace/test-cluster-2 to acto-0-cluster-0-worker", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T04:29:31+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-scheduler", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T04:29:31+00:00" + } + ], + "name": "test-cluster-2.17b79de07d83511b", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "956", + "self_link": null, + "uid": "859a39a5-19da-4ea8-af1f-f702185feb45" + }, + "reason": "Scheduled", + "related": null, + "reporting_component": "default-scheduler", + "reporting_instance": "", + "series": null, + "source": { + "component": "default-scheduler", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T04:29:31+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{zookeeper}", + "kind": "Pod", + "name": "test-cluster-2", + "namespace": "acto-namespace", + "resource_version": "955", + "uid": "ba425a9d-cf57-4e27-8ef2-a64a42681f9e" + }, + "kind": null, + "last_timestamp": "2024-02-27T04:29:31+00:00", + "message": "Container image \"pravega/zookeeper:0.2.14\" already present on machine", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T04:29:31+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:reportingInstance": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T04:29:31+00:00" + } + ], + "name": "test-cluster-2.17b79de097006518", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "958", + "self_link": null, + "uid": "e81eedcf-05ce-498b-91e0-8f6b08f6b1b5" + }, + "reason": "Pulled", + "related": null, + "reporting_component": "kubelet", + "reporting_instance": "acto-0-cluster-0-worker", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T04:29:31+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{zookeeper}", + "kind": "Pod", + "name": "test-cluster-2", + "namespace": "acto-namespace", + "resource_version": "955", + "uid": "ba425a9d-cf57-4e27-8ef2-a64a42681f9e" + }, + "kind": null, + "last_timestamp": "2024-02-27T04:29:31+00:00", + "message": "Created container zookeeper", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T04:29:31+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:reportingInstance": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T04:29:31+00:00" + } + ], + "name": "test-cluster-2.17b79de097cb07d4", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "959", + "self_link": null, + "uid": "5b74845d-c792-4b39-8bd2-a3bef95485ad" + }, + "reason": "Created", + "related": null, + "reporting_component": "kubelet", + "reporting_instance": "acto-0-cluster-0-worker", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T04:29:31+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{zookeeper}", + "kind": "Pod", + "name": "test-cluster-2", + "namespace": "acto-namespace", + "resource_version": "955", + "uid": "ba425a9d-cf57-4e27-8ef2-a64a42681f9e" + }, + "kind": null, + "last_timestamp": "2024-02-27T04:29:31+00:00", + "message": "Started container zookeeper", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T04:29:31+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:reportingInstance": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T04:29:31+00:00" + } + ], + "name": "test-cluster-2.17b79de09b18fe20", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "960", + "self_link": null, + "uid": "2b36ae2f-d8f3-49a6-8e20-d7a96be671b6" + }, + "reason": "Started", + "related": null, + "reporting_component": "kubelet", + "reporting_instance": "acto-0-cluster-0-worker", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T04:28:26+00:00", + "involved_object": { + "api_version": "apps/v1", + "field_path": null, + "kind": "StatefulSet", + "name": "test-cluster", + "namespace": "acto-namespace", + "resource_version": "707", + "uid": "364b3b40-def1-40ea-8bc1-1c52af79123c" + }, + "kind": null, + "last_timestamp": "2024-02-27T04:28:26+00:00", + "message": "create Claim data-test-cluster-0 Pod test-cluster-0 in StatefulSet test-cluster success", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T04:28:26+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T04:28:26+00:00" + } + ], + "name": "test-cluster.17b79dd162bce985", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "718", + "self_link": null, + "uid": "dcd1c841-8380-4444-92c5-bfdd6d91f8f1" + }, + "reason": "SuccessfulCreate", + "related": null, + "reporting_component": "statefulset-controller", + "reporting_instance": "", + "series": null, + "source": { + "component": "statefulset-controller", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T04:28:26+00:00", + "involved_object": { + "api_version": "apps/v1", + "field_path": null, + "kind": "StatefulSet", + "name": "test-cluster", + "namespace": "acto-namespace", + "resource_version": "707", + "uid": "364b3b40-def1-40ea-8bc1-1c52af79123c" + }, + "kind": null, + "last_timestamp": "2024-02-27T04:28:26+00:00", + "message": "create Pod test-cluster-0 in StatefulSet test-cluster successful", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T04:28:26+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T04:28:26+00:00" + } + ], + "name": "test-cluster.17b79dd162ee974b", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "721", + "self_link": null, + "uid": "7fa7f738-bdb9-4562-995a-6b339cdd9e6d" + }, + "reason": "SuccessfulCreate", + "related": null, + "reporting_component": "statefulset-controller", + "reporting_instance": "", + "series": null, + "source": { + "component": "statefulset-controller", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T04:28:40+00:00", + "involved_object": { + "api_version": "apps/v1", + "field_path": null, + "kind": "StatefulSet", + "name": "test-cluster", + "namespace": "acto-namespace", + "resource_version": "740", + "uid": "364b3b40-def1-40ea-8bc1-1c52af79123c" + }, + "kind": null, + "last_timestamp": "2024-02-27T04:28:40+00:00", + "message": "create Claim data-test-cluster-1 Pod test-cluster-1 in StatefulSet test-cluster success", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T04:28:40+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T04:28:40+00:00" + } + ], + "name": "test-cluster.17b79dd4be6f5aa1", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "791", + "self_link": null, + "uid": "b720cd6e-0f98-4a88-b7e9-6ab2e3c8e676" + }, + "reason": "SuccessfulCreate", + "related": null, + "reporting_component": "statefulset-controller", + "reporting_instance": "", + "series": null, + "source": { + "component": "statefulset-controller", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T04:28:40+00:00", + "involved_object": { + "api_version": "apps/v1", + "field_path": null, + "kind": "StatefulSet", + "name": "test-cluster", + "namespace": "acto-namespace", + "resource_version": "740", + "uid": "364b3b40-def1-40ea-8bc1-1c52af79123c" + }, + "kind": null, + "last_timestamp": "2024-02-27T04:28:40+00:00", + "message": "create Pod test-cluster-1 in StatefulSet test-cluster successful", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T04:28:40+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T04:28:40+00:00" + } + ], + "name": "test-cluster.17b79dd4bea779c2", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "794", + "self_link": null, + "uid": "9117e0bf-ee35-4550-bf49-7d2543e34852" + }, + "reason": "SuccessfulCreate", + "related": null, + "reporting_component": "statefulset-controller", + "reporting_instance": "", + "series": null, + "source": { + "component": "statefulset-controller", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T04:29:27+00:00", + "involved_object": { + "api_version": "apps/v1", + "field_path": null, + "kind": "StatefulSet", + "name": "test-cluster", + "namespace": "acto-namespace", + "resource_version": "820", + "uid": "364b3b40-def1-40ea-8bc1-1c52af79123c" + }, + "kind": null, + "last_timestamp": "2024-02-27T04:29:27+00:00", + "message": "create Claim data-test-cluster-2 Pod test-cluster-2 in StatefulSet test-cluster success", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T04:29:27+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T04:29:27+00:00" + } + ], + "name": "test-cluster.17b79ddf8e37d9b1", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "924", + "self_link": null, + "uid": "9370e11f-feb7-446b-b92f-e7fdabd2625b" + }, + "reason": "SuccessfulCreate", + "related": null, + "reporting_component": "statefulset-controller", + "reporting_instance": "", + "series": null, + "source": { + "component": "statefulset-controller", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T04:29:27+00:00", + "involved_object": { + "api_version": "apps/v1", + "field_path": null, + "kind": "StatefulSet", + "name": "test-cluster", + "namespace": "acto-namespace", + "resource_version": "820", + "uid": "364b3b40-def1-40ea-8bc1-1c52af79123c" + }, + "kind": null, + "last_timestamp": "2024-02-27T04:29:27+00:00", + "message": "create Pod test-cluster-2 in StatefulSet test-cluster successful", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T04:29:27+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T04:29:27+00:00" + } + ], + "name": "test-cluster.17b79ddf8eaf7d78", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "926", + "self_link": null, + "uid": "3cbb14b6-0a7f-41b8-9942-95744d02f9b1" + }, + "reason": "SuccessfulCreate", + "related": null, + "reporting_component": "statefulset-controller", + "reporting_instance": "", + "series": null, + "source": { + "component": "statefulset-controller", + "host": null + }, + "type": "Normal" + } + ], + "kind": "EventList", + "metadata": { + "_continue": null, + "remaining_item_count": null, + "resource_version": "1272", + "self_link": null + } +} diff --git a/docs/alarm_examples/false_alarm/events-000.json b/docs/alarm_examples/false_alarm/events-000.json new file mode 100644 index 0000000000..335cf806f9 --- /dev/null +++ b/docs/alarm_examples/false_alarm/events-000.json @@ -0,0 +1,2548 @@ +{ + "api_version": "v1", + "items": [ + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T04:27:55+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "Pod", + "name": "acto-test-operator-zookeeper-operator-f56b66895-xgnpm", + "namespace": "acto-namespace", + "resource_version": "634", + "uid": "b75052f7-2f5d-4c24-9c77-cb51321f43a4" + }, + "kind": null, + "last_timestamp": "2024-02-27T04:27:55+00:00", + "message": "Successfully assigned acto-namespace/acto-test-operator-zookeeper-operator-f56b66895-xgnpm to acto-0-cluster-0-worker", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T04:27:55+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-scheduler", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T04:27:55+00:00" + } + ], + "name": "acto-test-operator-zookeeper-operator-f56b66895-xgnpm.17b79dca408ec5fe", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "639", + "self_link": null, + "uid": "ff7b1e26-f169-40bb-8d30-877ff95b7884" + }, + "reason": "Scheduled", + "related": null, + "reporting_component": "default-scheduler", + "reporting_instance": "", + "series": null, + "source": { + "component": "default-scheduler", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T04:27:56+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{acto-test-operator-zookeeper-operator}", + "kind": "Pod", + "name": "acto-test-operator-zookeeper-operator-f56b66895-xgnpm", + "namespace": "acto-namespace", + "resource_version": "636", + "uid": "b75052f7-2f5d-4c24-9c77-cb51321f43a4" + }, + "kind": null, + "last_timestamp": "2024-02-27T04:27:56+00:00", + "message": "Container image \"pravega/zookeeper-operator:0.2.13\" already present on machine", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T04:27:56+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:reportingInstance": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T04:27:56+00:00" + } + ], + "name": "acto-test-operator-zookeeper-operator-f56b66895-xgnpm.17b79dca5b339e4b", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "645", + "self_link": null, + "uid": "af4237c8-482c-4a91-9f07-65a2534182c7" + }, + "reason": "Pulled", + "related": null, + "reporting_component": "kubelet", + "reporting_instance": "acto-0-cluster-0-worker", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T04:27:56+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{acto-test-operator-zookeeper-operator}", + "kind": "Pod", + "name": "acto-test-operator-zookeeper-operator-f56b66895-xgnpm", + "namespace": "acto-namespace", + "resource_version": "636", + "uid": "b75052f7-2f5d-4c24-9c77-cb51321f43a4" + }, + "kind": null, + "last_timestamp": "2024-02-27T04:27:56+00:00", + "message": "Created container acto-test-operator-zookeeper-operator", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T04:27:56+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:reportingInstance": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T04:27:56+00:00" + } + ], + "name": "acto-test-operator-zookeeper-operator-f56b66895-xgnpm.17b79dca5bd57959", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "646", + "self_link": null, + "uid": "72fa7530-7708-421c-9297-04fa3a3be6e2" + }, + "reason": "Created", + "related": null, + "reporting_component": "kubelet", + "reporting_instance": "acto-0-cluster-0-worker", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T04:27:56+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{acto-test-operator-zookeeper-operator}", + "kind": "Pod", + "name": "acto-test-operator-zookeeper-operator-f56b66895-xgnpm", + "namespace": "acto-namespace", + "resource_version": "636", + "uid": "b75052f7-2f5d-4c24-9c77-cb51321f43a4" + }, + "kind": null, + "last_timestamp": "2024-02-27T04:27:56+00:00", + "message": "Started container acto-test-operator-zookeeper-operator", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T04:27:56+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:reportingInstance": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T04:27:56+00:00" + } + ], + "name": "acto-test-operator-zookeeper-operator-f56b66895-xgnpm.17b79dca61ed46fe", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "647", + "self_link": null, + "uid": "5602a164-93a5-4f66-b66a-4ece02714a01" + }, + "reason": "Started", + "related": null, + "reporting_component": "kubelet", + "reporting_instance": "acto-0-cluster-0-worker", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T04:27:55+00:00", + "involved_object": { + "api_version": "apps/v1", + "field_path": null, + "kind": "ReplicaSet", + "name": "acto-test-operator-zookeeper-operator-f56b66895", + "namespace": "acto-namespace", + "resource_version": "630", + "uid": "1b23e2bb-3559-4aa5-81e0-684e828d90ab" + }, + "kind": null, + "last_timestamp": "2024-02-27T04:27:55+00:00", + "message": "Created pod: acto-test-operator-zookeeper-operator-f56b66895-xgnpm", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T04:27:55+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T04:27:55+00:00" + } + ], + "name": "acto-test-operator-zookeeper-operator-f56b66895.17b79dca4052e4be", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "635", + "self_link": null, + "uid": "6ee37dc4-df87-4770-abef-55b3691dfecc" + }, + "reason": "SuccessfulCreate", + "related": null, + "reporting_component": "replicaset-controller", + "reporting_instance": "", + "series": null, + "source": { + "component": "replicaset-controller", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T04:27:55+00:00", + "involved_object": { + "api_version": "apps/v1", + "field_path": null, + "kind": "Deployment", + "name": "acto-test-operator-zookeeper-operator", + "namespace": "acto-namespace", + "resource_version": "629", + "uid": "e6a6837c-b4cd-4886-9b00-c0cf0cee78e7" + }, + "kind": null, + "last_timestamp": "2024-02-27T04:27:55+00:00", + "message": "Scaled up replica set acto-test-operator-zookeeper-operator-f56b66895 to 1", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T04:27:55+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T04:27:55+00:00" + } + ], + "name": "acto-test-operator-zookeeper-operator.17b79dca4003ab6e", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "632", + "self_link": null, + "uid": "2d4015ca-af0d-4005-8827-0bc6f579875b" + }, + "reason": "ScalingReplicaSet", + "related": null, + "reporting_component": "deployment-controller", + "reporting_instance": "", + "series": null, + "source": { + "component": "deployment-controller", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T04:28:26+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "PersistentVolumeClaim", + "name": "data-test-cluster-0", + "namespace": "acto-namespace", + "resource_version": "713", + "uid": "8211e23f-273c-4f5e-8d6b-a7791954a1ad" + }, + "kind": null, + "last_timestamp": "2024-02-27T04:28:26+00:00", + "message": "waiting for first consumer to be created before binding", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T04:28:26+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T04:28:26+00:00" + } + ], + "name": "data-test-cluster-0.17b79dd162b96be9", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "724", + "self_link": null, + "uid": "45c592e6-1694-4f42-99e0-576d70145c52" + }, + "reason": "WaitForFirstConsumer", + "related": null, + "reporting_component": "persistentvolume-controller", + "reporting_instance": "", + "series": null, + "source": { + "component": "persistentvolume-controller", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 2, + "event_time": null, + "first_timestamp": "2024-02-27T04:28:26+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "PersistentVolumeClaim", + "name": "data-test-cluster-0", + "namespace": "acto-namespace", + "resource_version": "725", + "uid": "8211e23f-273c-4f5e-8d6b-a7791954a1ad" + }, + "kind": null, + "last_timestamp": "2024-02-27T04:28:26+00:00", + "message": "Waiting for a volume to be created either by the external provisioner 'rancher.io/local-path' or manually by the system administrator. If volume creation is delayed, please verify that the provisioner is running and correctly registered.", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T04:28:26+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T04:28:26+00:00" + } + ], + "name": "data-test-cluster-0.17b79dd163624453", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "730", + "self_link": null, + "uid": "09252211-8156-4897-85f4-3998f35ed4eb" + }, + "reason": "ExternalProvisioning", + "related": null, + "reporting_component": "persistentvolume-controller", + "reporting_instance": "", + "series": null, + "source": { + "component": "persistentvolume-controller", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T04:28:26+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "PersistentVolumeClaim", + "name": "data-test-cluster-0", + "namespace": "acto-namespace", + "resource_version": "725", + "uid": "8211e23f-273c-4f5e-8d6b-a7791954a1ad" + }, + "kind": null, + "last_timestamp": "2024-02-27T04:28:26+00:00", + "message": "External provisioner is provisioning volume for claim \"acto-namespace/data-test-cluster-0\"", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T04:28:26+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "local-path-provisioner", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T04:28:26+00:00" + } + ], + "name": "data-test-cluster-0.17b79dd1638a33ee", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "731", + "self_link": null, + "uid": "826e7aef-d859-40de-ad79-c7c01906cc7c" + }, + "reason": "Provisioning", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "rancher.io/local-path_local-path-provisioner-6f8956fb48-s94nx_c074f479-9dbc-432e-a14c-40b662177b7e", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T04:28:29+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "PersistentVolumeClaim", + "name": "data-test-cluster-0", + "namespace": "acto-namespace", + "resource_version": "725", + "uid": "8211e23f-273c-4f5e-8d6b-a7791954a1ad" + }, + "kind": null, + "last_timestamp": "2024-02-27T04:28:29+00:00", + "message": "Successfully provisioned volume pvc-8211e23f-273c-4f5e-8d6b-a7791954a1ad", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T04:28:29+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "local-path-provisioner", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T04:28:29+00:00" + } + ], + "name": "data-test-cluster-0.17b79dd217e0dae7", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "750", + "self_link": null, + "uid": "dbfce239-64b3-471e-ae2b-4a29d14cc73f" + }, + "reason": "ProvisioningSucceeded", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "rancher.io/local-path_local-path-provisioner-6f8956fb48-s94nx_c074f479-9dbc-432e-a14c-40b662177b7e", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T04:28:40+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "PersistentVolumeClaim", + "name": "data-test-cluster-1", + "namespace": "acto-namespace", + "resource_version": "790", + "uid": "b8c6a1b0-0e69-48a2-9fc8-f1a89199e606" + }, + "kind": null, + "last_timestamp": "2024-02-27T04:28:40+00:00", + "message": "waiting for first consumer to be created before binding", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T04:28:40+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T04:28:40+00:00" + } + ], + "name": "data-test-cluster-1.17b79dd4be6cc48a", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "792", + "self_link": null, + "uid": "9735ed19-43c9-4d11-98b2-3fbf234d6d59" + }, + "reason": "WaitForFirstConsumer", + "related": null, + "reporting_component": "persistentvolume-controller", + "reporting_instance": "", + "series": null, + "source": { + "component": "persistentvolume-controller", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T04:28:40+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "PersistentVolumeClaim", + "name": "data-test-cluster-1", + "namespace": "acto-namespace", + "resource_version": "797", + "uid": "b8c6a1b0-0e69-48a2-9fc8-f1a89199e606" + }, + "kind": null, + "last_timestamp": "2024-02-27T04:28:40+00:00", + "message": "Waiting for a volume to be created either by the external provisioner 'rancher.io/local-path' or manually by the system administrator. If volume creation is delayed, please verify that the provisioner is running and correctly registered.", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T04:28:40+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T04:28:40+00:00" + } + ], + "name": "data-test-cluster-1.17b79dd4bef0fe04", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "798", + "self_link": null, + "uid": "b7e6a67b-3c71-4bd5-bafc-47e6a637232c" + }, + "reason": "ExternalProvisioning", + "related": null, + "reporting_component": "persistentvolume-controller", + "reporting_instance": "", + "series": null, + "source": { + "component": "persistentvolume-controller", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T04:28:40+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "PersistentVolumeClaim", + "name": "data-test-cluster-1", + "namespace": "acto-namespace", + "resource_version": "797", + "uid": "b8c6a1b0-0e69-48a2-9fc8-f1a89199e606" + }, + "kind": null, + "last_timestamp": "2024-02-27T04:28:40+00:00", + "message": "External provisioner is provisioning volume for claim \"acto-namespace/data-test-cluster-1\"", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T04:28:40+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "local-path-provisioner", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T04:28:40+00:00" + } + ], + "name": "data-test-cluster-1.17b79dd4bf0ea00b", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "800", + "self_link": null, + "uid": "e0aee1f2-b70e-4755-9deb-cfc5755f7ab4" + }, + "reason": "Provisioning", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "rancher.io/local-path_local-path-provisioner-6f8956fb48-s94nx_c074f479-9dbc-432e-a14c-40b662177b7e", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T04:28:43+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "PersistentVolumeClaim", + "name": "data-test-cluster-1", + "namespace": "acto-namespace", + "resource_version": "797", + "uid": "b8c6a1b0-0e69-48a2-9fc8-f1a89199e606" + }, + "kind": null, + "last_timestamp": "2024-02-27T04:28:43+00:00", + "message": "Successfully provisioned volume pvc-b8c6a1b0-0e69-48a2-9fc8-f1a89199e606", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T04:28:43+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "local-path-provisioner", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T04:28:43+00:00" + } + ], + "name": "data-test-cluster-1.17b79dd572ce08ba", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "816", + "self_link": null, + "uid": "084a13e4-7cfb-4039-9183-cdc149ca36b6" + }, + "reason": "ProvisioningSucceeded", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "rancher.io/local-path_local-path-provisioner-6f8956fb48-s94nx_c074f479-9dbc-432e-a14c-40b662177b7e", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T04:29:27+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "PersistentVolumeClaim", + "name": "data-test-cluster-2", + "namespace": "acto-namespace", + "resource_version": "922", + "uid": "47ad8dc1-68a9-4120-bda1-27f533dcb698" + }, + "kind": null, + "last_timestamp": "2024-02-27T04:29:27+00:00", + "message": "waiting for first consumer to be created before binding", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T04:29:27+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T04:29:27+00:00" + } + ], + "name": "data-test-cluster-2.17b79ddf8e3900ed", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "925", + "self_link": null, + "uid": "725b9f90-18af-46c6-83a1-137686873162" + }, + "reason": "WaitForFirstConsumer", + "related": null, + "reporting_component": "persistentvolume-controller", + "reporting_instance": "", + "series": null, + "source": { + "component": "persistentvolume-controller", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 2, + "event_time": null, + "first_timestamp": "2024-02-27T04:29:27+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "PersistentVolumeClaim", + "name": "data-test-cluster-2", + "namespace": "acto-namespace", + "resource_version": "929", + "uid": "47ad8dc1-68a9-4120-bda1-27f533dcb698" + }, + "kind": null, + "last_timestamp": "2024-02-27T04:29:27+00:00", + "message": "Waiting for a volume to be created either by the external provisioner 'rancher.io/local-path' or manually by the system administrator. If volume creation is delayed, please verify that the provisioner is running and correctly registered.", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T04:29:27+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T04:29:27+00:00" + } + ], + "name": "data-test-cluster-2.17b79ddf8efbe69c", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "933", + "self_link": null, + "uid": "a4d9bfb8-32c1-4b71-9058-bb50b2e9e883" + }, + "reason": "ExternalProvisioning", + "related": null, + "reporting_component": "persistentvolume-controller", + "reporting_instance": "", + "series": null, + "source": { + "component": "persistentvolume-controller", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T04:29:27+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "PersistentVolumeClaim", + "name": "data-test-cluster-2", + "namespace": "acto-namespace", + "resource_version": "929", + "uid": "47ad8dc1-68a9-4120-bda1-27f533dcb698" + }, + "kind": null, + "last_timestamp": "2024-02-27T04:29:27+00:00", + "message": "External provisioner is provisioning volume for claim \"acto-namespace/data-test-cluster-2\"", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T04:29:27+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "local-path-provisioner", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T04:29:27+00:00" + } + ], + "name": "data-test-cluster-2.17b79ddf8f17b52b", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "932", + "self_link": null, + "uid": "235eaf18-ef17-410d-9c44-430a967575bc" + }, + "reason": "Provisioning", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "rancher.io/local-path_local-path-provisioner-6f8956fb48-s94nx_c074f479-9dbc-432e-a14c-40b662177b7e", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T04:29:30+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "PersistentVolumeClaim", + "name": "data-test-cluster-2", + "namespace": "acto-namespace", + "resource_version": "929", + "uid": "47ad8dc1-68a9-4120-bda1-27f533dcb698" + }, + "kind": null, + "last_timestamp": "2024-02-27T04:29:30+00:00", + "message": "Successfully provisioned volume pvc-47ad8dc1-68a9-4120-bda1-27f533dcb698", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T04:29:30+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "local-path-provisioner", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T04:29:30+00:00" + } + ], + "name": "data-test-cluster-2.17b79de04397f99a", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "949", + "self_link": null, + "uid": "03571a51-b4ff-481c-80d9-97ef86dbd20d" + }, + "reason": "ProvisioningSucceeded", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "rancher.io/local-path_local-path-provisioner-6f8956fb48-s94nx_c074f479-9dbc-432e-a14c-40b662177b7e", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T04:28:30+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "Pod", + "name": "test-cluster-0", + "namespace": "acto-namespace", + "resource_version": "717", + "uid": "18231edd-dc42-4fd5-8319-07d839343e12" + }, + "kind": null, + "last_timestamp": "2024-02-27T04:28:30+00:00", + "message": "Successfully assigned acto-namespace/test-cluster-0 to acto-0-cluster-0-worker3", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T04:28:30+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-scheduler", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T04:28:30+00:00" + } + ], + "name": "test-cluster-0.17b79dd251d6b72b", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "754", + "self_link": null, + "uid": "1d17a557-20b4-4825-8a80-a40757a16ec4" + }, + "reason": "Scheduled", + "related": null, + "reporting_component": "default-scheduler", + "reporting_instance": "", + "series": null, + "source": { + "component": "default-scheduler", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T04:28:30+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{zookeeper}", + "kind": "Pod", + "name": "test-cluster-0", + "namespace": "acto-namespace", + "resource_version": "753", + "uid": "18231edd-dc42-4fd5-8319-07d839343e12" + }, + "kind": null, + "last_timestamp": "2024-02-27T04:28:30+00:00", + "message": "Container image \"pravega/zookeeper:0.2.14\" already present on machine", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T04:28:30+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:reportingInstance": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T04:28:30+00:00" + } + ], + "name": "test-cluster-0.17b79dd26be37759", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "757", + "self_link": null, + "uid": "6d042fda-39f1-4ec5-ad84-2163c3ab5592" + }, + "reason": "Pulled", + "related": null, + "reporting_component": "kubelet", + "reporting_instance": "acto-0-cluster-0-worker3", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker3" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T04:28:30+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{zookeeper}", + "kind": "Pod", + "name": "test-cluster-0", + "namespace": "acto-namespace", + "resource_version": "753", + "uid": "18231edd-dc42-4fd5-8319-07d839343e12" + }, + "kind": null, + "last_timestamp": "2024-02-27T04:28:30+00:00", + "message": "Created container zookeeper", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T04:28:30+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:reportingInstance": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T04:28:30+00:00" + } + ], + "name": "test-cluster-0.17b79dd26cb2f343", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "758", + "self_link": null, + "uid": "ec2f645c-96de-4947-b9b0-66b5c4b708e5" + }, + "reason": "Created", + "related": null, + "reporting_component": "kubelet", + "reporting_instance": "acto-0-cluster-0-worker3", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker3" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T04:28:30+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{zookeeper}", + "kind": "Pod", + "name": "test-cluster-0", + "namespace": "acto-namespace", + "resource_version": "753", + "uid": "18231edd-dc42-4fd5-8319-07d839343e12" + }, + "kind": null, + "last_timestamp": "2024-02-27T04:28:30+00:00", + "message": "Started container zookeeper", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T04:28:30+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:reportingInstance": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T04:28:30+00:00" + } + ], + "name": "test-cluster-0.17b79dd26ffabb2d", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "759", + "self_link": null, + "uid": "e95459b0-a660-4b76-936a-6b670a26d126" + }, + "reason": "Started", + "related": null, + "reporting_component": "kubelet", + "reporting_instance": "acto-0-cluster-0-worker3", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker3" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T04:28:44+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "Pod", + "name": "test-cluster-1", + "namespace": "acto-namespace", + "resource_version": "793", + "uid": "29624fa3-b1bd-4a49-b9ce-4a745541e131" + }, + "kind": null, + "last_timestamp": "2024-02-27T04:28:44+00:00", + "message": "Successfully assigned acto-namespace/test-cluster-1 to acto-0-cluster-0-worker2", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T04:28:44+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-scheduler", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T04:28:44+00:00" + } + ], + "name": "test-cluster-1.17b79dd5ad662880", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "823", + "self_link": null, + "uid": "4f1a0a60-39a4-4f58-807d-b544ace4698f" + }, + "reason": "Scheduled", + "related": null, + "reporting_component": "default-scheduler", + "reporting_instance": "", + "series": null, + "source": { + "component": "default-scheduler", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 3, + "event_time": null, + "first_timestamp": "2024-02-27T04:28:45+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{zookeeper}", + "kind": "Pod", + "name": "test-cluster-1", + "namespace": "acto-namespace", + "resource_version": "822", + "uid": "29624fa3-b1bd-4a49-b9ce-4a745541e131" + }, + "kind": null, + "last_timestamp": "2024-02-27T04:29:11+00:00", + "message": "Container image \"pravega/zookeeper:0.2.14\" already present on machine", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T04:28:45+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:reportingInstance": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T04:29:11+00:00" + } + ], + "name": "test-cluster-1.17b79dd5c858ec4e", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "886", + "self_link": null, + "uid": "fc358a78-7bb9-4623-8c50-c2771b372f84" + }, + "reason": "Pulled", + "related": null, + "reporting_component": "kubelet", + "reporting_instance": "acto-0-cluster-0-worker2", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker2" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 3, + "event_time": null, + "first_timestamp": "2024-02-27T04:28:45+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{zookeeper}", + "kind": "Pod", + "name": "test-cluster-1", + "namespace": "acto-namespace", + "resource_version": "822", + "uid": "29624fa3-b1bd-4a49-b9ce-4a745541e131" + }, + "kind": null, + "last_timestamp": "2024-02-27T04:29:11+00:00", + "message": "Created container zookeeper", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T04:28:45+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:reportingInstance": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T04:29:11+00:00" + } + ], + "name": "test-cluster-1.17b79dd5c91c4855", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "887", + "self_link": null, + "uid": "8497d7a2-e806-43d9-973b-e7f21e9b16a8" + }, + "reason": "Created", + "related": null, + "reporting_component": "kubelet", + "reporting_instance": "acto-0-cluster-0-worker2", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker2" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 3, + "event_time": null, + "first_timestamp": "2024-02-27T04:28:45+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{zookeeper}", + "kind": "Pod", + "name": "test-cluster-1", + "namespace": "acto-namespace", + "resource_version": "822", + "uid": "29624fa3-b1bd-4a49-b9ce-4a745541e131" + }, + "kind": null, + "last_timestamp": "2024-02-27T04:29:11+00:00", + "message": "Started container zookeeper", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T04:28:45+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:reportingInstance": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T04:29:11+00:00" + } + ], + "name": "test-cluster-1.17b79dd5ceed7cd1", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "888", + "self_link": null, + "uid": "2556d3e9-2d26-4960-a3ee-165fb381f14a" + }, + "reason": "Started", + "related": null, + "reporting_component": "kubelet", + "reporting_instance": "acto-0-cluster-0-worker2", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker2" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 3, + "event_time": null, + "first_timestamp": "2024-02-27T04:28:46+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{zookeeper}", + "kind": "Pod", + "name": "test-cluster-1", + "namespace": "acto-namespace", + "resource_version": "822", + "uid": "29624fa3-b1bd-4a49-b9ce-4a745541e131" + }, + "kind": null, + "last_timestamp": "2024-02-27T04:28:55+00:00", + "message": "Back-off restarting failed container zookeeper in pod test-cluster-1_acto-namespace(29624fa3-b1bd-4a49-b9ce-4a745541e131)", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T04:28:46+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:reportingInstance": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T04:28:55+00:00" + } + ], + "name": "test-cluster-1.17b79dd627ac2e4b", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "860", + "self_link": null, + "uid": "185e690a-45d2-4df2-aa59-daaec7c54a2a" + }, + "reason": "BackOff", + "related": null, + "reporting_component": "kubelet", + "reporting_instance": "acto-0-cluster-0-worker2", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker2" + }, + "type": "Warning" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T04:29:31+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "Pod", + "name": "test-cluster-2", + "namespace": "acto-namespace", + "resource_version": "923", + "uid": "ba425a9d-cf57-4e27-8ef2-a64a42681f9e" + }, + "kind": null, + "last_timestamp": "2024-02-27T04:29:31+00:00", + "message": "Successfully assigned acto-namespace/test-cluster-2 to acto-0-cluster-0-worker", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T04:29:31+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-scheduler", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T04:29:31+00:00" + } + ], + "name": "test-cluster-2.17b79de07d83511b", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "956", + "self_link": null, + "uid": "859a39a5-19da-4ea8-af1f-f702185feb45" + }, + "reason": "Scheduled", + "related": null, + "reporting_component": "default-scheduler", + "reporting_instance": "", + "series": null, + "source": { + "component": "default-scheduler", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T04:29:31+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{zookeeper}", + "kind": "Pod", + "name": "test-cluster-2", + "namespace": "acto-namespace", + "resource_version": "955", + "uid": "ba425a9d-cf57-4e27-8ef2-a64a42681f9e" + }, + "kind": null, + "last_timestamp": "2024-02-27T04:29:31+00:00", + "message": "Container image \"pravega/zookeeper:0.2.14\" already present on machine", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T04:29:31+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:reportingInstance": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T04:29:31+00:00" + } + ], + "name": "test-cluster-2.17b79de097006518", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "958", + "self_link": null, + "uid": "e81eedcf-05ce-498b-91e0-8f6b08f6b1b5" + }, + "reason": "Pulled", + "related": null, + "reporting_component": "kubelet", + "reporting_instance": "acto-0-cluster-0-worker", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T04:29:31+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{zookeeper}", + "kind": "Pod", + "name": "test-cluster-2", + "namespace": "acto-namespace", + "resource_version": "955", + "uid": "ba425a9d-cf57-4e27-8ef2-a64a42681f9e" + }, + "kind": null, + "last_timestamp": "2024-02-27T04:29:31+00:00", + "message": "Created container zookeeper", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T04:29:31+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:reportingInstance": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T04:29:31+00:00" + } + ], + "name": "test-cluster-2.17b79de097cb07d4", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "959", + "self_link": null, + "uid": "5b74845d-c792-4b39-8bd2-a3bef95485ad" + }, + "reason": "Created", + "related": null, + "reporting_component": "kubelet", + "reporting_instance": "acto-0-cluster-0-worker", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T04:29:31+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{zookeeper}", + "kind": "Pod", + "name": "test-cluster-2", + "namespace": "acto-namespace", + "resource_version": "955", + "uid": "ba425a9d-cf57-4e27-8ef2-a64a42681f9e" + }, + "kind": null, + "last_timestamp": "2024-02-27T04:29:31+00:00", + "message": "Started container zookeeper", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T04:29:31+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:reportingInstance": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T04:29:31+00:00" + } + ], + "name": "test-cluster-2.17b79de09b18fe20", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "960", + "self_link": null, + "uid": "2b36ae2f-d8f3-49a6-8e20-d7a96be671b6" + }, + "reason": "Started", + "related": null, + "reporting_component": "kubelet", + "reporting_instance": "acto-0-cluster-0-worker", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T04:28:26+00:00", + "involved_object": { + "api_version": "apps/v1", + "field_path": null, + "kind": "StatefulSet", + "name": "test-cluster", + "namespace": "acto-namespace", + "resource_version": "707", + "uid": "364b3b40-def1-40ea-8bc1-1c52af79123c" + }, + "kind": null, + "last_timestamp": "2024-02-27T04:28:26+00:00", + "message": "create Claim data-test-cluster-0 Pod test-cluster-0 in StatefulSet test-cluster success", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T04:28:26+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T04:28:26+00:00" + } + ], + "name": "test-cluster.17b79dd162bce985", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "718", + "self_link": null, + "uid": "dcd1c841-8380-4444-92c5-bfdd6d91f8f1" + }, + "reason": "SuccessfulCreate", + "related": null, + "reporting_component": "statefulset-controller", + "reporting_instance": "", + "series": null, + "source": { + "component": "statefulset-controller", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T04:28:26+00:00", + "involved_object": { + "api_version": "apps/v1", + "field_path": null, + "kind": "StatefulSet", + "name": "test-cluster", + "namespace": "acto-namespace", + "resource_version": "707", + "uid": "364b3b40-def1-40ea-8bc1-1c52af79123c" + }, + "kind": null, + "last_timestamp": "2024-02-27T04:28:26+00:00", + "message": "create Pod test-cluster-0 in StatefulSet test-cluster successful", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T04:28:26+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T04:28:26+00:00" + } + ], + "name": "test-cluster.17b79dd162ee974b", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "721", + "self_link": null, + "uid": "7fa7f738-bdb9-4562-995a-6b339cdd9e6d" + }, + "reason": "SuccessfulCreate", + "related": null, + "reporting_component": "statefulset-controller", + "reporting_instance": "", + "series": null, + "source": { + "component": "statefulset-controller", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T04:28:40+00:00", + "involved_object": { + "api_version": "apps/v1", + "field_path": null, + "kind": "StatefulSet", + "name": "test-cluster", + "namespace": "acto-namespace", + "resource_version": "740", + "uid": "364b3b40-def1-40ea-8bc1-1c52af79123c" + }, + "kind": null, + "last_timestamp": "2024-02-27T04:28:40+00:00", + "message": "create Claim data-test-cluster-1 Pod test-cluster-1 in StatefulSet test-cluster success", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T04:28:40+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T04:28:40+00:00" + } + ], + "name": "test-cluster.17b79dd4be6f5aa1", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "791", + "self_link": null, + "uid": "b720cd6e-0f98-4a88-b7e9-6ab2e3c8e676" + }, + "reason": "SuccessfulCreate", + "related": null, + "reporting_component": "statefulset-controller", + "reporting_instance": "", + "series": null, + "source": { + "component": "statefulset-controller", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T04:28:40+00:00", + "involved_object": { + "api_version": "apps/v1", + "field_path": null, + "kind": "StatefulSet", + "name": "test-cluster", + "namespace": "acto-namespace", + "resource_version": "740", + "uid": "364b3b40-def1-40ea-8bc1-1c52af79123c" + }, + "kind": null, + "last_timestamp": "2024-02-27T04:28:40+00:00", + "message": "create Pod test-cluster-1 in StatefulSet test-cluster successful", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T04:28:40+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T04:28:40+00:00" + } + ], + "name": "test-cluster.17b79dd4bea779c2", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "794", + "self_link": null, + "uid": "9117e0bf-ee35-4550-bf49-7d2543e34852" + }, + "reason": "SuccessfulCreate", + "related": null, + "reporting_component": "statefulset-controller", + "reporting_instance": "", + "series": null, + "source": { + "component": "statefulset-controller", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T04:29:27+00:00", + "involved_object": { + "api_version": "apps/v1", + "field_path": null, + "kind": "StatefulSet", + "name": "test-cluster", + "namespace": "acto-namespace", + "resource_version": "820", + "uid": "364b3b40-def1-40ea-8bc1-1c52af79123c" + }, + "kind": null, + "last_timestamp": "2024-02-27T04:29:27+00:00", + "message": "create Claim data-test-cluster-2 Pod test-cluster-2 in StatefulSet test-cluster success", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T04:29:27+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T04:29:27+00:00" + } + ], + "name": "test-cluster.17b79ddf8e37d9b1", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "924", + "self_link": null, + "uid": "9370e11f-feb7-446b-b92f-e7fdabd2625b" + }, + "reason": "SuccessfulCreate", + "related": null, + "reporting_component": "statefulset-controller", + "reporting_instance": "", + "series": null, + "source": { + "component": "statefulset-controller", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T04:29:27+00:00", + "involved_object": { + "api_version": "apps/v1", + "field_path": null, + "kind": "StatefulSet", + "name": "test-cluster", + "namespace": "acto-namespace", + "resource_version": "820", + "uid": "364b3b40-def1-40ea-8bc1-1c52af79123c" + }, + "kind": null, + "last_timestamp": "2024-02-27T04:29:27+00:00", + "message": "create Pod test-cluster-2 in StatefulSet test-cluster successful", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T04:29:27+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T04:29:27+00:00" + } + ], + "name": "test-cluster.17b79ddf8eaf7d78", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "926", + "self_link": null, + "uid": "3cbb14b6-0a7f-41b8-9942-95744d02f9b1" + }, + "reason": "SuccessfulCreate", + "related": null, + "reporting_component": "statefulset-controller", + "reporting_instance": "", + "series": null, + "source": { + "component": "statefulset-controller", + "host": null + }, + "type": "Normal" + } + ], + "kind": "EventList", + "metadata": { + "_continue": null, + "remaining_item_count": null, + "resource_version": "1047", + "self_link": null + } +} diff --git a/docs/alarm_examples/false_alarm/events-001.json b/docs/alarm_examples/false_alarm/events-001.json new file mode 100644 index 0000000000..ff5f4ee96b --- /dev/null +++ b/docs/alarm_examples/false_alarm/events-001.json @@ -0,0 +1,2548 @@ +{ + "api_version": "v1", + "items": [ + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T04:27:55+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "Pod", + "name": "acto-test-operator-zookeeper-operator-f56b66895-xgnpm", + "namespace": "acto-namespace", + "resource_version": "634", + "uid": "b75052f7-2f5d-4c24-9c77-cb51321f43a4" + }, + "kind": null, + "last_timestamp": "2024-02-27T04:27:55+00:00", + "message": "Successfully assigned acto-namespace/acto-test-operator-zookeeper-operator-f56b66895-xgnpm to acto-0-cluster-0-worker", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T04:27:55+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-scheduler", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T04:27:55+00:00" + } + ], + "name": "acto-test-operator-zookeeper-operator-f56b66895-xgnpm.17b79dca408ec5fe", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "639", + "self_link": null, + "uid": "ff7b1e26-f169-40bb-8d30-877ff95b7884" + }, + "reason": "Scheduled", + "related": null, + "reporting_component": "default-scheduler", + "reporting_instance": "", + "series": null, + "source": { + "component": "default-scheduler", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T04:27:56+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{acto-test-operator-zookeeper-operator}", + "kind": "Pod", + "name": "acto-test-operator-zookeeper-operator-f56b66895-xgnpm", + "namespace": "acto-namespace", + "resource_version": "636", + "uid": "b75052f7-2f5d-4c24-9c77-cb51321f43a4" + }, + "kind": null, + "last_timestamp": "2024-02-27T04:27:56+00:00", + "message": "Container image \"pravega/zookeeper-operator:0.2.13\" already present on machine", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T04:27:56+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:reportingInstance": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T04:27:56+00:00" + } + ], + "name": "acto-test-operator-zookeeper-operator-f56b66895-xgnpm.17b79dca5b339e4b", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "645", + "self_link": null, + "uid": "af4237c8-482c-4a91-9f07-65a2534182c7" + }, + "reason": "Pulled", + "related": null, + "reporting_component": "kubelet", + "reporting_instance": "acto-0-cluster-0-worker", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T04:27:56+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{acto-test-operator-zookeeper-operator}", + "kind": "Pod", + "name": "acto-test-operator-zookeeper-operator-f56b66895-xgnpm", + "namespace": "acto-namespace", + "resource_version": "636", + "uid": "b75052f7-2f5d-4c24-9c77-cb51321f43a4" + }, + "kind": null, + "last_timestamp": "2024-02-27T04:27:56+00:00", + "message": "Created container acto-test-operator-zookeeper-operator", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T04:27:56+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:reportingInstance": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T04:27:56+00:00" + } + ], + "name": "acto-test-operator-zookeeper-operator-f56b66895-xgnpm.17b79dca5bd57959", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "646", + "self_link": null, + "uid": "72fa7530-7708-421c-9297-04fa3a3be6e2" + }, + "reason": "Created", + "related": null, + "reporting_component": "kubelet", + "reporting_instance": "acto-0-cluster-0-worker", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T04:27:56+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{acto-test-operator-zookeeper-operator}", + "kind": "Pod", + "name": "acto-test-operator-zookeeper-operator-f56b66895-xgnpm", + "namespace": "acto-namespace", + "resource_version": "636", + "uid": "b75052f7-2f5d-4c24-9c77-cb51321f43a4" + }, + "kind": null, + "last_timestamp": "2024-02-27T04:27:56+00:00", + "message": "Started container acto-test-operator-zookeeper-operator", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T04:27:56+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:reportingInstance": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T04:27:56+00:00" + } + ], + "name": "acto-test-operator-zookeeper-operator-f56b66895-xgnpm.17b79dca61ed46fe", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "647", + "self_link": null, + "uid": "5602a164-93a5-4f66-b66a-4ece02714a01" + }, + "reason": "Started", + "related": null, + "reporting_component": "kubelet", + "reporting_instance": "acto-0-cluster-0-worker", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T04:27:55+00:00", + "involved_object": { + "api_version": "apps/v1", + "field_path": null, + "kind": "ReplicaSet", + "name": "acto-test-operator-zookeeper-operator-f56b66895", + "namespace": "acto-namespace", + "resource_version": "630", + "uid": "1b23e2bb-3559-4aa5-81e0-684e828d90ab" + }, + "kind": null, + "last_timestamp": "2024-02-27T04:27:55+00:00", + "message": "Created pod: acto-test-operator-zookeeper-operator-f56b66895-xgnpm", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T04:27:55+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T04:27:55+00:00" + } + ], + "name": "acto-test-operator-zookeeper-operator-f56b66895.17b79dca4052e4be", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "635", + "self_link": null, + "uid": "6ee37dc4-df87-4770-abef-55b3691dfecc" + }, + "reason": "SuccessfulCreate", + "related": null, + "reporting_component": "replicaset-controller", + "reporting_instance": "", + "series": null, + "source": { + "component": "replicaset-controller", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T04:27:55+00:00", + "involved_object": { + "api_version": "apps/v1", + "field_path": null, + "kind": "Deployment", + "name": "acto-test-operator-zookeeper-operator", + "namespace": "acto-namespace", + "resource_version": "629", + "uid": "e6a6837c-b4cd-4886-9b00-c0cf0cee78e7" + }, + "kind": null, + "last_timestamp": "2024-02-27T04:27:55+00:00", + "message": "Scaled up replica set acto-test-operator-zookeeper-operator-f56b66895 to 1", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T04:27:55+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T04:27:55+00:00" + } + ], + "name": "acto-test-operator-zookeeper-operator.17b79dca4003ab6e", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "632", + "self_link": null, + "uid": "2d4015ca-af0d-4005-8827-0bc6f579875b" + }, + "reason": "ScalingReplicaSet", + "related": null, + "reporting_component": "deployment-controller", + "reporting_instance": "", + "series": null, + "source": { + "component": "deployment-controller", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T04:28:26+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "PersistentVolumeClaim", + "name": "data-test-cluster-0", + "namespace": "acto-namespace", + "resource_version": "713", + "uid": "8211e23f-273c-4f5e-8d6b-a7791954a1ad" + }, + "kind": null, + "last_timestamp": "2024-02-27T04:28:26+00:00", + "message": "waiting for first consumer to be created before binding", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T04:28:26+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T04:28:26+00:00" + } + ], + "name": "data-test-cluster-0.17b79dd162b96be9", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "724", + "self_link": null, + "uid": "45c592e6-1694-4f42-99e0-576d70145c52" + }, + "reason": "WaitForFirstConsumer", + "related": null, + "reporting_component": "persistentvolume-controller", + "reporting_instance": "", + "series": null, + "source": { + "component": "persistentvolume-controller", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 2, + "event_time": null, + "first_timestamp": "2024-02-27T04:28:26+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "PersistentVolumeClaim", + "name": "data-test-cluster-0", + "namespace": "acto-namespace", + "resource_version": "725", + "uid": "8211e23f-273c-4f5e-8d6b-a7791954a1ad" + }, + "kind": null, + "last_timestamp": "2024-02-27T04:28:26+00:00", + "message": "Waiting for a volume to be created either by the external provisioner 'rancher.io/local-path' or manually by the system administrator. If volume creation is delayed, please verify that the provisioner is running and correctly registered.", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T04:28:26+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T04:28:26+00:00" + } + ], + "name": "data-test-cluster-0.17b79dd163624453", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "730", + "self_link": null, + "uid": "09252211-8156-4897-85f4-3998f35ed4eb" + }, + "reason": "ExternalProvisioning", + "related": null, + "reporting_component": "persistentvolume-controller", + "reporting_instance": "", + "series": null, + "source": { + "component": "persistentvolume-controller", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T04:28:26+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "PersistentVolumeClaim", + "name": "data-test-cluster-0", + "namespace": "acto-namespace", + "resource_version": "725", + "uid": "8211e23f-273c-4f5e-8d6b-a7791954a1ad" + }, + "kind": null, + "last_timestamp": "2024-02-27T04:28:26+00:00", + "message": "External provisioner is provisioning volume for claim \"acto-namespace/data-test-cluster-0\"", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T04:28:26+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "local-path-provisioner", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T04:28:26+00:00" + } + ], + "name": "data-test-cluster-0.17b79dd1638a33ee", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "731", + "self_link": null, + "uid": "826e7aef-d859-40de-ad79-c7c01906cc7c" + }, + "reason": "Provisioning", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "rancher.io/local-path_local-path-provisioner-6f8956fb48-s94nx_c074f479-9dbc-432e-a14c-40b662177b7e", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T04:28:29+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "PersistentVolumeClaim", + "name": "data-test-cluster-0", + "namespace": "acto-namespace", + "resource_version": "725", + "uid": "8211e23f-273c-4f5e-8d6b-a7791954a1ad" + }, + "kind": null, + "last_timestamp": "2024-02-27T04:28:29+00:00", + "message": "Successfully provisioned volume pvc-8211e23f-273c-4f5e-8d6b-a7791954a1ad", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T04:28:29+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "local-path-provisioner", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T04:28:29+00:00" + } + ], + "name": "data-test-cluster-0.17b79dd217e0dae7", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "750", + "self_link": null, + "uid": "dbfce239-64b3-471e-ae2b-4a29d14cc73f" + }, + "reason": "ProvisioningSucceeded", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "rancher.io/local-path_local-path-provisioner-6f8956fb48-s94nx_c074f479-9dbc-432e-a14c-40b662177b7e", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T04:28:40+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "PersistentVolumeClaim", + "name": "data-test-cluster-1", + "namespace": "acto-namespace", + "resource_version": "790", + "uid": "b8c6a1b0-0e69-48a2-9fc8-f1a89199e606" + }, + "kind": null, + "last_timestamp": "2024-02-27T04:28:40+00:00", + "message": "waiting for first consumer to be created before binding", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T04:28:40+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T04:28:40+00:00" + } + ], + "name": "data-test-cluster-1.17b79dd4be6cc48a", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "792", + "self_link": null, + "uid": "9735ed19-43c9-4d11-98b2-3fbf234d6d59" + }, + "reason": "WaitForFirstConsumer", + "related": null, + "reporting_component": "persistentvolume-controller", + "reporting_instance": "", + "series": null, + "source": { + "component": "persistentvolume-controller", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T04:28:40+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "PersistentVolumeClaim", + "name": "data-test-cluster-1", + "namespace": "acto-namespace", + "resource_version": "797", + "uid": "b8c6a1b0-0e69-48a2-9fc8-f1a89199e606" + }, + "kind": null, + "last_timestamp": "2024-02-27T04:28:40+00:00", + "message": "Waiting for a volume to be created either by the external provisioner 'rancher.io/local-path' or manually by the system administrator. If volume creation is delayed, please verify that the provisioner is running and correctly registered.", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T04:28:40+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T04:28:40+00:00" + } + ], + "name": "data-test-cluster-1.17b79dd4bef0fe04", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "798", + "self_link": null, + "uid": "b7e6a67b-3c71-4bd5-bafc-47e6a637232c" + }, + "reason": "ExternalProvisioning", + "related": null, + "reporting_component": "persistentvolume-controller", + "reporting_instance": "", + "series": null, + "source": { + "component": "persistentvolume-controller", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T04:28:40+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "PersistentVolumeClaim", + "name": "data-test-cluster-1", + "namespace": "acto-namespace", + "resource_version": "797", + "uid": "b8c6a1b0-0e69-48a2-9fc8-f1a89199e606" + }, + "kind": null, + "last_timestamp": "2024-02-27T04:28:40+00:00", + "message": "External provisioner is provisioning volume for claim \"acto-namespace/data-test-cluster-1\"", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T04:28:40+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "local-path-provisioner", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T04:28:40+00:00" + } + ], + "name": "data-test-cluster-1.17b79dd4bf0ea00b", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "800", + "self_link": null, + "uid": "e0aee1f2-b70e-4755-9deb-cfc5755f7ab4" + }, + "reason": "Provisioning", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "rancher.io/local-path_local-path-provisioner-6f8956fb48-s94nx_c074f479-9dbc-432e-a14c-40b662177b7e", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T04:28:43+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "PersistentVolumeClaim", + "name": "data-test-cluster-1", + "namespace": "acto-namespace", + "resource_version": "797", + "uid": "b8c6a1b0-0e69-48a2-9fc8-f1a89199e606" + }, + "kind": null, + "last_timestamp": "2024-02-27T04:28:43+00:00", + "message": "Successfully provisioned volume pvc-b8c6a1b0-0e69-48a2-9fc8-f1a89199e606", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T04:28:43+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "local-path-provisioner", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T04:28:43+00:00" + } + ], + "name": "data-test-cluster-1.17b79dd572ce08ba", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "816", + "self_link": null, + "uid": "084a13e4-7cfb-4039-9183-cdc149ca36b6" + }, + "reason": "ProvisioningSucceeded", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "rancher.io/local-path_local-path-provisioner-6f8956fb48-s94nx_c074f479-9dbc-432e-a14c-40b662177b7e", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T04:29:27+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "PersistentVolumeClaim", + "name": "data-test-cluster-2", + "namespace": "acto-namespace", + "resource_version": "922", + "uid": "47ad8dc1-68a9-4120-bda1-27f533dcb698" + }, + "kind": null, + "last_timestamp": "2024-02-27T04:29:27+00:00", + "message": "waiting for first consumer to be created before binding", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T04:29:27+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T04:29:27+00:00" + } + ], + "name": "data-test-cluster-2.17b79ddf8e3900ed", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "925", + "self_link": null, + "uid": "725b9f90-18af-46c6-83a1-137686873162" + }, + "reason": "WaitForFirstConsumer", + "related": null, + "reporting_component": "persistentvolume-controller", + "reporting_instance": "", + "series": null, + "source": { + "component": "persistentvolume-controller", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 2, + "event_time": null, + "first_timestamp": "2024-02-27T04:29:27+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "PersistentVolumeClaim", + "name": "data-test-cluster-2", + "namespace": "acto-namespace", + "resource_version": "929", + "uid": "47ad8dc1-68a9-4120-bda1-27f533dcb698" + }, + "kind": null, + "last_timestamp": "2024-02-27T04:29:27+00:00", + "message": "Waiting for a volume to be created either by the external provisioner 'rancher.io/local-path' or manually by the system administrator. If volume creation is delayed, please verify that the provisioner is running and correctly registered.", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T04:29:27+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T04:29:27+00:00" + } + ], + "name": "data-test-cluster-2.17b79ddf8efbe69c", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "933", + "self_link": null, + "uid": "a4d9bfb8-32c1-4b71-9058-bb50b2e9e883" + }, + "reason": "ExternalProvisioning", + "related": null, + "reporting_component": "persistentvolume-controller", + "reporting_instance": "", + "series": null, + "source": { + "component": "persistentvolume-controller", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T04:29:27+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "PersistentVolumeClaim", + "name": "data-test-cluster-2", + "namespace": "acto-namespace", + "resource_version": "929", + "uid": "47ad8dc1-68a9-4120-bda1-27f533dcb698" + }, + "kind": null, + "last_timestamp": "2024-02-27T04:29:27+00:00", + "message": "External provisioner is provisioning volume for claim \"acto-namespace/data-test-cluster-2\"", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T04:29:27+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "local-path-provisioner", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T04:29:27+00:00" + } + ], + "name": "data-test-cluster-2.17b79ddf8f17b52b", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "932", + "self_link": null, + "uid": "235eaf18-ef17-410d-9c44-430a967575bc" + }, + "reason": "Provisioning", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "rancher.io/local-path_local-path-provisioner-6f8956fb48-s94nx_c074f479-9dbc-432e-a14c-40b662177b7e", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T04:29:30+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "PersistentVolumeClaim", + "name": "data-test-cluster-2", + "namespace": "acto-namespace", + "resource_version": "929", + "uid": "47ad8dc1-68a9-4120-bda1-27f533dcb698" + }, + "kind": null, + "last_timestamp": "2024-02-27T04:29:30+00:00", + "message": "Successfully provisioned volume pvc-47ad8dc1-68a9-4120-bda1-27f533dcb698", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T04:29:30+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "local-path-provisioner", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T04:29:30+00:00" + } + ], + "name": "data-test-cluster-2.17b79de04397f99a", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "949", + "self_link": null, + "uid": "03571a51-b4ff-481c-80d9-97ef86dbd20d" + }, + "reason": "ProvisioningSucceeded", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "rancher.io/local-path_local-path-provisioner-6f8956fb48-s94nx_c074f479-9dbc-432e-a14c-40b662177b7e", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T04:28:30+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "Pod", + "name": "test-cluster-0", + "namespace": "acto-namespace", + "resource_version": "717", + "uid": "18231edd-dc42-4fd5-8319-07d839343e12" + }, + "kind": null, + "last_timestamp": "2024-02-27T04:28:30+00:00", + "message": "Successfully assigned acto-namespace/test-cluster-0 to acto-0-cluster-0-worker3", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T04:28:30+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-scheduler", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T04:28:30+00:00" + } + ], + "name": "test-cluster-0.17b79dd251d6b72b", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "754", + "self_link": null, + "uid": "1d17a557-20b4-4825-8a80-a40757a16ec4" + }, + "reason": "Scheduled", + "related": null, + "reporting_component": "default-scheduler", + "reporting_instance": "", + "series": null, + "source": { + "component": "default-scheduler", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T04:28:30+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{zookeeper}", + "kind": "Pod", + "name": "test-cluster-0", + "namespace": "acto-namespace", + "resource_version": "753", + "uid": "18231edd-dc42-4fd5-8319-07d839343e12" + }, + "kind": null, + "last_timestamp": "2024-02-27T04:28:30+00:00", + "message": "Container image \"pravega/zookeeper:0.2.14\" already present on machine", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T04:28:30+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:reportingInstance": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T04:28:30+00:00" + } + ], + "name": "test-cluster-0.17b79dd26be37759", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "757", + "self_link": null, + "uid": "6d042fda-39f1-4ec5-ad84-2163c3ab5592" + }, + "reason": "Pulled", + "related": null, + "reporting_component": "kubelet", + "reporting_instance": "acto-0-cluster-0-worker3", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker3" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T04:28:30+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{zookeeper}", + "kind": "Pod", + "name": "test-cluster-0", + "namespace": "acto-namespace", + "resource_version": "753", + "uid": "18231edd-dc42-4fd5-8319-07d839343e12" + }, + "kind": null, + "last_timestamp": "2024-02-27T04:28:30+00:00", + "message": "Created container zookeeper", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T04:28:30+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:reportingInstance": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T04:28:30+00:00" + } + ], + "name": "test-cluster-0.17b79dd26cb2f343", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "758", + "self_link": null, + "uid": "ec2f645c-96de-4947-b9b0-66b5c4b708e5" + }, + "reason": "Created", + "related": null, + "reporting_component": "kubelet", + "reporting_instance": "acto-0-cluster-0-worker3", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker3" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T04:28:30+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{zookeeper}", + "kind": "Pod", + "name": "test-cluster-0", + "namespace": "acto-namespace", + "resource_version": "753", + "uid": "18231edd-dc42-4fd5-8319-07d839343e12" + }, + "kind": null, + "last_timestamp": "2024-02-27T04:28:30+00:00", + "message": "Started container zookeeper", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T04:28:30+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:reportingInstance": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T04:28:30+00:00" + } + ], + "name": "test-cluster-0.17b79dd26ffabb2d", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "759", + "self_link": null, + "uid": "e95459b0-a660-4b76-936a-6b670a26d126" + }, + "reason": "Started", + "related": null, + "reporting_component": "kubelet", + "reporting_instance": "acto-0-cluster-0-worker3", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker3" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T04:28:44+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "Pod", + "name": "test-cluster-1", + "namespace": "acto-namespace", + "resource_version": "793", + "uid": "29624fa3-b1bd-4a49-b9ce-4a745541e131" + }, + "kind": null, + "last_timestamp": "2024-02-27T04:28:44+00:00", + "message": "Successfully assigned acto-namespace/test-cluster-1 to acto-0-cluster-0-worker2", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T04:28:44+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-scheduler", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T04:28:44+00:00" + } + ], + "name": "test-cluster-1.17b79dd5ad662880", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "823", + "self_link": null, + "uid": "4f1a0a60-39a4-4f58-807d-b544ace4698f" + }, + "reason": "Scheduled", + "related": null, + "reporting_component": "default-scheduler", + "reporting_instance": "", + "series": null, + "source": { + "component": "default-scheduler", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 3, + "event_time": null, + "first_timestamp": "2024-02-27T04:28:45+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{zookeeper}", + "kind": "Pod", + "name": "test-cluster-1", + "namespace": "acto-namespace", + "resource_version": "822", + "uid": "29624fa3-b1bd-4a49-b9ce-4a745541e131" + }, + "kind": null, + "last_timestamp": "2024-02-27T04:29:11+00:00", + "message": "Container image \"pravega/zookeeper:0.2.14\" already present on machine", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T04:28:45+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:reportingInstance": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T04:29:11+00:00" + } + ], + "name": "test-cluster-1.17b79dd5c858ec4e", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "886", + "self_link": null, + "uid": "fc358a78-7bb9-4623-8c50-c2771b372f84" + }, + "reason": "Pulled", + "related": null, + "reporting_component": "kubelet", + "reporting_instance": "acto-0-cluster-0-worker2", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker2" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 3, + "event_time": null, + "first_timestamp": "2024-02-27T04:28:45+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{zookeeper}", + "kind": "Pod", + "name": "test-cluster-1", + "namespace": "acto-namespace", + "resource_version": "822", + "uid": "29624fa3-b1bd-4a49-b9ce-4a745541e131" + }, + "kind": null, + "last_timestamp": "2024-02-27T04:29:11+00:00", + "message": "Created container zookeeper", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T04:28:45+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:reportingInstance": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T04:29:11+00:00" + } + ], + "name": "test-cluster-1.17b79dd5c91c4855", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "887", + "self_link": null, + "uid": "8497d7a2-e806-43d9-973b-e7f21e9b16a8" + }, + "reason": "Created", + "related": null, + "reporting_component": "kubelet", + "reporting_instance": "acto-0-cluster-0-worker2", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker2" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 3, + "event_time": null, + "first_timestamp": "2024-02-27T04:28:45+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{zookeeper}", + "kind": "Pod", + "name": "test-cluster-1", + "namespace": "acto-namespace", + "resource_version": "822", + "uid": "29624fa3-b1bd-4a49-b9ce-4a745541e131" + }, + "kind": null, + "last_timestamp": "2024-02-27T04:29:11+00:00", + "message": "Started container zookeeper", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T04:28:45+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:reportingInstance": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T04:29:11+00:00" + } + ], + "name": "test-cluster-1.17b79dd5ceed7cd1", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "888", + "self_link": null, + "uid": "2556d3e9-2d26-4960-a3ee-165fb381f14a" + }, + "reason": "Started", + "related": null, + "reporting_component": "kubelet", + "reporting_instance": "acto-0-cluster-0-worker2", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker2" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 3, + "event_time": null, + "first_timestamp": "2024-02-27T04:28:46+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{zookeeper}", + "kind": "Pod", + "name": "test-cluster-1", + "namespace": "acto-namespace", + "resource_version": "822", + "uid": "29624fa3-b1bd-4a49-b9ce-4a745541e131" + }, + "kind": null, + "last_timestamp": "2024-02-27T04:28:55+00:00", + "message": "Back-off restarting failed container zookeeper in pod test-cluster-1_acto-namespace(29624fa3-b1bd-4a49-b9ce-4a745541e131)", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T04:28:46+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:reportingInstance": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T04:28:55+00:00" + } + ], + "name": "test-cluster-1.17b79dd627ac2e4b", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "860", + "self_link": null, + "uid": "185e690a-45d2-4df2-aa59-daaec7c54a2a" + }, + "reason": "BackOff", + "related": null, + "reporting_component": "kubelet", + "reporting_instance": "acto-0-cluster-0-worker2", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker2" + }, + "type": "Warning" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T04:29:31+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "Pod", + "name": "test-cluster-2", + "namespace": "acto-namespace", + "resource_version": "923", + "uid": "ba425a9d-cf57-4e27-8ef2-a64a42681f9e" + }, + "kind": null, + "last_timestamp": "2024-02-27T04:29:31+00:00", + "message": "Successfully assigned acto-namespace/test-cluster-2 to acto-0-cluster-0-worker", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T04:29:31+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-scheduler", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T04:29:31+00:00" + } + ], + "name": "test-cluster-2.17b79de07d83511b", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "956", + "self_link": null, + "uid": "859a39a5-19da-4ea8-af1f-f702185feb45" + }, + "reason": "Scheduled", + "related": null, + "reporting_component": "default-scheduler", + "reporting_instance": "", + "series": null, + "source": { + "component": "default-scheduler", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T04:29:31+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{zookeeper}", + "kind": "Pod", + "name": "test-cluster-2", + "namespace": "acto-namespace", + "resource_version": "955", + "uid": "ba425a9d-cf57-4e27-8ef2-a64a42681f9e" + }, + "kind": null, + "last_timestamp": "2024-02-27T04:29:31+00:00", + "message": "Container image \"pravega/zookeeper:0.2.14\" already present on machine", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T04:29:31+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:reportingInstance": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T04:29:31+00:00" + } + ], + "name": "test-cluster-2.17b79de097006518", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "958", + "self_link": null, + "uid": "e81eedcf-05ce-498b-91e0-8f6b08f6b1b5" + }, + "reason": "Pulled", + "related": null, + "reporting_component": "kubelet", + "reporting_instance": "acto-0-cluster-0-worker", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T04:29:31+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{zookeeper}", + "kind": "Pod", + "name": "test-cluster-2", + "namespace": "acto-namespace", + "resource_version": "955", + "uid": "ba425a9d-cf57-4e27-8ef2-a64a42681f9e" + }, + "kind": null, + "last_timestamp": "2024-02-27T04:29:31+00:00", + "message": "Created container zookeeper", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T04:29:31+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:reportingInstance": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T04:29:31+00:00" + } + ], + "name": "test-cluster-2.17b79de097cb07d4", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "959", + "self_link": null, + "uid": "5b74845d-c792-4b39-8bd2-a3bef95485ad" + }, + "reason": "Created", + "related": null, + "reporting_component": "kubelet", + "reporting_instance": "acto-0-cluster-0-worker", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T04:29:31+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{zookeeper}", + "kind": "Pod", + "name": "test-cluster-2", + "namespace": "acto-namespace", + "resource_version": "955", + "uid": "ba425a9d-cf57-4e27-8ef2-a64a42681f9e" + }, + "kind": null, + "last_timestamp": "2024-02-27T04:29:31+00:00", + "message": "Started container zookeeper", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T04:29:31+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:reportingInstance": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T04:29:31+00:00" + } + ], + "name": "test-cluster-2.17b79de09b18fe20", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "960", + "self_link": null, + "uid": "2b36ae2f-d8f3-49a6-8e20-d7a96be671b6" + }, + "reason": "Started", + "related": null, + "reporting_component": "kubelet", + "reporting_instance": "acto-0-cluster-0-worker", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T04:28:26+00:00", + "involved_object": { + "api_version": "apps/v1", + "field_path": null, + "kind": "StatefulSet", + "name": "test-cluster", + "namespace": "acto-namespace", + "resource_version": "707", + "uid": "364b3b40-def1-40ea-8bc1-1c52af79123c" + }, + "kind": null, + "last_timestamp": "2024-02-27T04:28:26+00:00", + "message": "create Claim data-test-cluster-0 Pod test-cluster-0 in StatefulSet test-cluster success", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T04:28:26+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T04:28:26+00:00" + } + ], + "name": "test-cluster.17b79dd162bce985", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "718", + "self_link": null, + "uid": "dcd1c841-8380-4444-92c5-bfdd6d91f8f1" + }, + "reason": "SuccessfulCreate", + "related": null, + "reporting_component": "statefulset-controller", + "reporting_instance": "", + "series": null, + "source": { + "component": "statefulset-controller", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T04:28:26+00:00", + "involved_object": { + "api_version": "apps/v1", + "field_path": null, + "kind": "StatefulSet", + "name": "test-cluster", + "namespace": "acto-namespace", + "resource_version": "707", + "uid": "364b3b40-def1-40ea-8bc1-1c52af79123c" + }, + "kind": null, + "last_timestamp": "2024-02-27T04:28:26+00:00", + "message": "create Pod test-cluster-0 in StatefulSet test-cluster successful", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T04:28:26+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T04:28:26+00:00" + } + ], + "name": "test-cluster.17b79dd162ee974b", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "721", + "self_link": null, + "uid": "7fa7f738-bdb9-4562-995a-6b339cdd9e6d" + }, + "reason": "SuccessfulCreate", + "related": null, + "reporting_component": "statefulset-controller", + "reporting_instance": "", + "series": null, + "source": { + "component": "statefulset-controller", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T04:28:40+00:00", + "involved_object": { + "api_version": "apps/v1", + "field_path": null, + "kind": "StatefulSet", + "name": "test-cluster", + "namespace": "acto-namespace", + "resource_version": "740", + "uid": "364b3b40-def1-40ea-8bc1-1c52af79123c" + }, + "kind": null, + "last_timestamp": "2024-02-27T04:28:40+00:00", + "message": "create Claim data-test-cluster-1 Pod test-cluster-1 in StatefulSet test-cluster success", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T04:28:40+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T04:28:40+00:00" + } + ], + "name": "test-cluster.17b79dd4be6f5aa1", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "791", + "self_link": null, + "uid": "b720cd6e-0f98-4a88-b7e9-6ab2e3c8e676" + }, + "reason": "SuccessfulCreate", + "related": null, + "reporting_component": "statefulset-controller", + "reporting_instance": "", + "series": null, + "source": { + "component": "statefulset-controller", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T04:28:40+00:00", + "involved_object": { + "api_version": "apps/v1", + "field_path": null, + "kind": "StatefulSet", + "name": "test-cluster", + "namespace": "acto-namespace", + "resource_version": "740", + "uid": "364b3b40-def1-40ea-8bc1-1c52af79123c" + }, + "kind": null, + "last_timestamp": "2024-02-27T04:28:40+00:00", + "message": "create Pod test-cluster-1 in StatefulSet test-cluster successful", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T04:28:40+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T04:28:40+00:00" + } + ], + "name": "test-cluster.17b79dd4bea779c2", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "794", + "self_link": null, + "uid": "9117e0bf-ee35-4550-bf49-7d2543e34852" + }, + "reason": "SuccessfulCreate", + "related": null, + "reporting_component": "statefulset-controller", + "reporting_instance": "", + "series": null, + "source": { + "component": "statefulset-controller", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T04:29:27+00:00", + "involved_object": { + "api_version": "apps/v1", + "field_path": null, + "kind": "StatefulSet", + "name": "test-cluster", + "namespace": "acto-namespace", + "resource_version": "820", + "uid": "364b3b40-def1-40ea-8bc1-1c52af79123c" + }, + "kind": null, + "last_timestamp": "2024-02-27T04:29:27+00:00", + "message": "create Claim data-test-cluster-2 Pod test-cluster-2 in StatefulSet test-cluster success", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T04:29:27+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T04:29:27+00:00" + } + ], + "name": "test-cluster.17b79ddf8e37d9b1", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "924", + "self_link": null, + "uid": "9370e11f-feb7-446b-b92f-e7fdabd2625b" + }, + "reason": "SuccessfulCreate", + "related": null, + "reporting_component": "statefulset-controller", + "reporting_instance": "", + "series": null, + "source": { + "component": "statefulset-controller", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T04:29:27+00:00", + "involved_object": { + "api_version": "apps/v1", + "field_path": null, + "kind": "StatefulSet", + "name": "test-cluster", + "namespace": "acto-namespace", + "resource_version": "820", + "uid": "364b3b40-def1-40ea-8bc1-1c52af79123c" + }, + "kind": null, + "last_timestamp": "2024-02-27T04:29:27+00:00", + "message": "create Pod test-cluster-2 in StatefulSet test-cluster successful", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T04:29:27+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T04:29:27+00:00" + } + ], + "name": "test-cluster.17b79ddf8eaf7d78", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "926", + "self_link": null, + "uid": "3cbb14b6-0a7f-41b8-9942-95744d02f9b1" + }, + "reason": "SuccessfulCreate", + "related": null, + "reporting_component": "statefulset-controller", + "reporting_instance": "", + "series": null, + "source": { + "component": "statefulset-controller", + "host": null + }, + "type": "Normal" + } + ], + "kind": "EventList", + "metadata": { + "_continue": null, + "remaining_item_count": null, + "resource_version": "1122", + "self_link": null + } +} diff --git a/docs/alarm_examples/false_alarm/events-002.json b/docs/alarm_examples/false_alarm/events-002.json new file mode 100644 index 0000000000..9097b8589a --- /dev/null +++ b/docs/alarm_examples/false_alarm/events-002.json @@ -0,0 +1,2548 @@ +{ + "api_version": "v1", + "items": [ + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T04:27:55+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "Pod", + "name": "acto-test-operator-zookeeper-operator-f56b66895-xgnpm", + "namespace": "acto-namespace", + "resource_version": "634", + "uid": "b75052f7-2f5d-4c24-9c77-cb51321f43a4" + }, + "kind": null, + "last_timestamp": "2024-02-27T04:27:55+00:00", + "message": "Successfully assigned acto-namespace/acto-test-operator-zookeeper-operator-f56b66895-xgnpm to acto-0-cluster-0-worker", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T04:27:55+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-scheduler", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T04:27:55+00:00" + } + ], + "name": "acto-test-operator-zookeeper-operator-f56b66895-xgnpm.17b79dca408ec5fe", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "639", + "self_link": null, + "uid": "ff7b1e26-f169-40bb-8d30-877ff95b7884" + }, + "reason": "Scheduled", + "related": null, + "reporting_component": "default-scheduler", + "reporting_instance": "", + "series": null, + "source": { + "component": "default-scheduler", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T04:27:56+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{acto-test-operator-zookeeper-operator}", + "kind": "Pod", + "name": "acto-test-operator-zookeeper-operator-f56b66895-xgnpm", + "namespace": "acto-namespace", + "resource_version": "636", + "uid": "b75052f7-2f5d-4c24-9c77-cb51321f43a4" + }, + "kind": null, + "last_timestamp": "2024-02-27T04:27:56+00:00", + "message": "Container image \"pravega/zookeeper-operator:0.2.13\" already present on machine", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T04:27:56+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:reportingInstance": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T04:27:56+00:00" + } + ], + "name": "acto-test-operator-zookeeper-operator-f56b66895-xgnpm.17b79dca5b339e4b", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "645", + "self_link": null, + "uid": "af4237c8-482c-4a91-9f07-65a2534182c7" + }, + "reason": "Pulled", + "related": null, + "reporting_component": "kubelet", + "reporting_instance": "acto-0-cluster-0-worker", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T04:27:56+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{acto-test-operator-zookeeper-operator}", + "kind": "Pod", + "name": "acto-test-operator-zookeeper-operator-f56b66895-xgnpm", + "namespace": "acto-namespace", + "resource_version": "636", + "uid": "b75052f7-2f5d-4c24-9c77-cb51321f43a4" + }, + "kind": null, + "last_timestamp": "2024-02-27T04:27:56+00:00", + "message": "Created container acto-test-operator-zookeeper-operator", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T04:27:56+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:reportingInstance": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T04:27:56+00:00" + } + ], + "name": "acto-test-operator-zookeeper-operator-f56b66895-xgnpm.17b79dca5bd57959", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "646", + "self_link": null, + "uid": "72fa7530-7708-421c-9297-04fa3a3be6e2" + }, + "reason": "Created", + "related": null, + "reporting_component": "kubelet", + "reporting_instance": "acto-0-cluster-0-worker", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T04:27:56+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{acto-test-operator-zookeeper-operator}", + "kind": "Pod", + "name": "acto-test-operator-zookeeper-operator-f56b66895-xgnpm", + "namespace": "acto-namespace", + "resource_version": "636", + "uid": "b75052f7-2f5d-4c24-9c77-cb51321f43a4" + }, + "kind": null, + "last_timestamp": "2024-02-27T04:27:56+00:00", + "message": "Started container acto-test-operator-zookeeper-operator", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T04:27:56+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:reportingInstance": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T04:27:56+00:00" + } + ], + "name": "acto-test-operator-zookeeper-operator-f56b66895-xgnpm.17b79dca61ed46fe", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "647", + "self_link": null, + "uid": "5602a164-93a5-4f66-b66a-4ece02714a01" + }, + "reason": "Started", + "related": null, + "reporting_component": "kubelet", + "reporting_instance": "acto-0-cluster-0-worker", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T04:27:55+00:00", + "involved_object": { + "api_version": "apps/v1", + "field_path": null, + "kind": "ReplicaSet", + "name": "acto-test-operator-zookeeper-operator-f56b66895", + "namespace": "acto-namespace", + "resource_version": "630", + "uid": "1b23e2bb-3559-4aa5-81e0-684e828d90ab" + }, + "kind": null, + "last_timestamp": "2024-02-27T04:27:55+00:00", + "message": "Created pod: acto-test-operator-zookeeper-operator-f56b66895-xgnpm", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T04:27:55+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T04:27:55+00:00" + } + ], + "name": "acto-test-operator-zookeeper-operator-f56b66895.17b79dca4052e4be", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "635", + "self_link": null, + "uid": "6ee37dc4-df87-4770-abef-55b3691dfecc" + }, + "reason": "SuccessfulCreate", + "related": null, + "reporting_component": "replicaset-controller", + "reporting_instance": "", + "series": null, + "source": { + "component": "replicaset-controller", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T04:27:55+00:00", + "involved_object": { + "api_version": "apps/v1", + "field_path": null, + "kind": "Deployment", + "name": "acto-test-operator-zookeeper-operator", + "namespace": "acto-namespace", + "resource_version": "629", + "uid": "e6a6837c-b4cd-4886-9b00-c0cf0cee78e7" + }, + "kind": null, + "last_timestamp": "2024-02-27T04:27:55+00:00", + "message": "Scaled up replica set acto-test-operator-zookeeper-operator-f56b66895 to 1", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T04:27:55+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T04:27:55+00:00" + } + ], + "name": "acto-test-operator-zookeeper-operator.17b79dca4003ab6e", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "632", + "self_link": null, + "uid": "2d4015ca-af0d-4005-8827-0bc6f579875b" + }, + "reason": "ScalingReplicaSet", + "related": null, + "reporting_component": "deployment-controller", + "reporting_instance": "", + "series": null, + "source": { + "component": "deployment-controller", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T04:28:26+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "PersistentVolumeClaim", + "name": "data-test-cluster-0", + "namespace": "acto-namespace", + "resource_version": "713", + "uid": "8211e23f-273c-4f5e-8d6b-a7791954a1ad" + }, + "kind": null, + "last_timestamp": "2024-02-27T04:28:26+00:00", + "message": "waiting for first consumer to be created before binding", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T04:28:26+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T04:28:26+00:00" + } + ], + "name": "data-test-cluster-0.17b79dd162b96be9", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "724", + "self_link": null, + "uid": "45c592e6-1694-4f42-99e0-576d70145c52" + }, + "reason": "WaitForFirstConsumer", + "related": null, + "reporting_component": "persistentvolume-controller", + "reporting_instance": "", + "series": null, + "source": { + "component": "persistentvolume-controller", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 2, + "event_time": null, + "first_timestamp": "2024-02-27T04:28:26+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "PersistentVolumeClaim", + "name": "data-test-cluster-0", + "namespace": "acto-namespace", + "resource_version": "725", + "uid": "8211e23f-273c-4f5e-8d6b-a7791954a1ad" + }, + "kind": null, + "last_timestamp": "2024-02-27T04:28:26+00:00", + "message": "Waiting for a volume to be created either by the external provisioner 'rancher.io/local-path' or manually by the system administrator. If volume creation is delayed, please verify that the provisioner is running and correctly registered.", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T04:28:26+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T04:28:26+00:00" + } + ], + "name": "data-test-cluster-0.17b79dd163624453", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "730", + "self_link": null, + "uid": "09252211-8156-4897-85f4-3998f35ed4eb" + }, + "reason": "ExternalProvisioning", + "related": null, + "reporting_component": "persistentvolume-controller", + "reporting_instance": "", + "series": null, + "source": { + "component": "persistentvolume-controller", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T04:28:26+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "PersistentVolumeClaim", + "name": "data-test-cluster-0", + "namespace": "acto-namespace", + "resource_version": "725", + "uid": "8211e23f-273c-4f5e-8d6b-a7791954a1ad" + }, + "kind": null, + "last_timestamp": "2024-02-27T04:28:26+00:00", + "message": "External provisioner is provisioning volume for claim \"acto-namespace/data-test-cluster-0\"", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T04:28:26+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "local-path-provisioner", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T04:28:26+00:00" + } + ], + "name": "data-test-cluster-0.17b79dd1638a33ee", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "731", + "self_link": null, + "uid": "826e7aef-d859-40de-ad79-c7c01906cc7c" + }, + "reason": "Provisioning", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "rancher.io/local-path_local-path-provisioner-6f8956fb48-s94nx_c074f479-9dbc-432e-a14c-40b662177b7e", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T04:28:29+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "PersistentVolumeClaim", + "name": "data-test-cluster-0", + "namespace": "acto-namespace", + "resource_version": "725", + "uid": "8211e23f-273c-4f5e-8d6b-a7791954a1ad" + }, + "kind": null, + "last_timestamp": "2024-02-27T04:28:29+00:00", + "message": "Successfully provisioned volume pvc-8211e23f-273c-4f5e-8d6b-a7791954a1ad", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T04:28:29+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "local-path-provisioner", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T04:28:29+00:00" + } + ], + "name": "data-test-cluster-0.17b79dd217e0dae7", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "750", + "self_link": null, + "uid": "dbfce239-64b3-471e-ae2b-4a29d14cc73f" + }, + "reason": "ProvisioningSucceeded", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "rancher.io/local-path_local-path-provisioner-6f8956fb48-s94nx_c074f479-9dbc-432e-a14c-40b662177b7e", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T04:28:40+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "PersistentVolumeClaim", + "name": "data-test-cluster-1", + "namespace": "acto-namespace", + "resource_version": "790", + "uid": "b8c6a1b0-0e69-48a2-9fc8-f1a89199e606" + }, + "kind": null, + "last_timestamp": "2024-02-27T04:28:40+00:00", + "message": "waiting for first consumer to be created before binding", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T04:28:40+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T04:28:40+00:00" + } + ], + "name": "data-test-cluster-1.17b79dd4be6cc48a", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "792", + "self_link": null, + "uid": "9735ed19-43c9-4d11-98b2-3fbf234d6d59" + }, + "reason": "WaitForFirstConsumer", + "related": null, + "reporting_component": "persistentvolume-controller", + "reporting_instance": "", + "series": null, + "source": { + "component": "persistentvolume-controller", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T04:28:40+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "PersistentVolumeClaim", + "name": "data-test-cluster-1", + "namespace": "acto-namespace", + "resource_version": "797", + "uid": "b8c6a1b0-0e69-48a2-9fc8-f1a89199e606" + }, + "kind": null, + "last_timestamp": "2024-02-27T04:28:40+00:00", + "message": "Waiting for a volume to be created either by the external provisioner 'rancher.io/local-path' or manually by the system administrator. If volume creation is delayed, please verify that the provisioner is running and correctly registered.", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T04:28:40+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T04:28:40+00:00" + } + ], + "name": "data-test-cluster-1.17b79dd4bef0fe04", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "798", + "self_link": null, + "uid": "b7e6a67b-3c71-4bd5-bafc-47e6a637232c" + }, + "reason": "ExternalProvisioning", + "related": null, + "reporting_component": "persistentvolume-controller", + "reporting_instance": "", + "series": null, + "source": { + "component": "persistentvolume-controller", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T04:28:40+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "PersistentVolumeClaim", + "name": "data-test-cluster-1", + "namespace": "acto-namespace", + "resource_version": "797", + "uid": "b8c6a1b0-0e69-48a2-9fc8-f1a89199e606" + }, + "kind": null, + "last_timestamp": "2024-02-27T04:28:40+00:00", + "message": "External provisioner is provisioning volume for claim \"acto-namespace/data-test-cluster-1\"", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T04:28:40+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "local-path-provisioner", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T04:28:40+00:00" + } + ], + "name": "data-test-cluster-1.17b79dd4bf0ea00b", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "800", + "self_link": null, + "uid": "e0aee1f2-b70e-4755-9deb-cfc5755f7ab4" + }, + "reason": "Provisioning", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "rancher.io/local-path_local-path-provisioner-6f8956fb48-s94nx_c074f479-9dbc-432e-a14c-40b662177b7e", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T04:28:43+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "PersistentVolumeClaim", + "name": "data-test-cluster-1", + "namespace": "acto-namespace", + "resource_version": "797", + "uid": "b8c6a1b0-0e69-48a2-9fc8-f1a89199e606" + }, + "kind": null, + "last_timestamp": "2024-02-27T04:28:43+00:00", + "message": "Successfully provisioned volume pvc-b8c6a1b0-0e69-48a2-9fc8-f1a89199e606", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T04:28:43+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "local-path-provisioner", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T04:28:43+00:00" + } + ], + "name": "data-test-cluster-1.17b79dd572ce08ba", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "816", + "self_link": null, + "uid": "084a13e4-7cfb-4039-9183-cdc149ca36b6" + }, + "reason": "ProvisioningSucceeded", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "rancher.io/local-path_local-path-provisioner-6f8956fb48-s94nx_c074f479-9dbc-432e-a14c-40b662177b7e", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T04:29:27+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "PersistentVolumeClaim", + "name": "data-test-cluster-2", + "namespace": "acto-namespace", + "resource_version": "922", + "uid": "47ad8dc1-68a9-4120-bda1-27f533dcb698" + }, + "kind": null, + "last_timestamp": "2024-02-27T04:29:27+00:00", + "message": "waiting for first consumer to be created before binding", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T04:29:27+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T04:29:27+00:00" + } + ], + "name": "data-test-cluster-2.17b79ddf8e3900ed", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "925", + "self_link": null, + "uid": "725b9f90-18af-46c6-83a1-137686873162" + }, + "reason": "WaitForFirstConsumer", + "related": null, + "reporting_component": "persistentvolume-controller", + "reporting_instance": "", + "series": null, + "source": { + "component": "persistentvolume-controller", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 2, + "event_time": null, + "first_timestamp": "2024-02-27T04:29:27+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "PersistentVolumeClaim", + "name": "data-test-cluster-2", + "namespace": "acto-namespace", + "resource_version": "929", + "uid": "47ad8dc1-68a9-4120-bda1-27f533dcb698" + }, + "kind": null, + "last_timestamp": "2024-02-27T04:29:27+00:00", + "message": "Waiting for a volume to be created either by the external provisioner 'rancher.io/local-path' or manually by the system administrator. If volume creation is delayed, please verify that the provisioner is running and correctly registered.", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T04:29:27+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T04:29:27+00:00" + } + ], + "name": "data-test-cluster-2.17b79ddf8efbe69c", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "933", + "self_link": null, + "uid": "a4d9bfb8-32c1-4b71-9058-bb50b2e9e883" + }, + "reason": "ExternalProvisioning", + "related": null, + "reporting_component": "persistentvolume-controller", + "reporting_instance": "", + "series": null, + "source": { + "component": "persistentvolume-controller", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T04:29:27+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "PersistentVolumeClaim", + "name": "data-test-cluster-2", + "namespace": "acto-namespace", + "resource_version": "929", + "uid": "47ad8dc1-68a9-4120-bda1-27f533dcb698" + }, + "kind": null, + "last_timestamp": "2024-02-27T04:29:27+00:00", + "message": "External provisioner is provisioning volume for claim \"acto-namespace/data-test-cluster-2\"", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T04:29:27+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "local-path-provisioner", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T04:29:27+00:00" + } + ], + "name": "data-test-cluster-2.17b79ddf8f17b52b", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "932", + "self_link": null, + "uid": "235eaf18-ef17-410d-9c44-430a967575bc" + }, + "reason": "Provisioning", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "rancher.io/local-path_local-path-provisioner-6f8956fb48-s94nx_c074f479-9dbc-432e-a14c-40b662177b7e", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T04:29:30+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "PersistentVolumeClaim", + "name": "data-test-cluster-2", + "namespace": "acto-namespace", + "resource_version": "929", + "uid": "47ad8dc1-68a9-4120-bda1-27f533dcb698" + }, + "kind": null, + "last_timestamp": "2024-02-27T04:29:30+00:00", + "message": "Successfully provisioned volume pvc-47ad8dc1-68a9-4120-bda1-27f533dcb698", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T04:29:30+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "local-path-provisioner", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T04:29:30+00:00" + } + ], + "name": "data-test-cluster-2.17b79de04397f99a", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "949", + "self_link": null, + "uid": "03571a51-b4ff-481c-80d9-97ef86dbd20d" + }, + "reason": "ProvisioningSucceeded", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "rancher.io/local-path_local-path-provisioner-6f8956fb48-s94nx_c074f479-9dbc-432e-a14c-40b662177b7e", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T04:28:30+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "Pod", + "name": "test-cluster-0", + "namespace": "acto-namespace", + "resource_version": "717", + "uid": "18231edd-dc42-4fd5-8319-07d839343e12" + }, + "kind": null, + "last_timestamp": "2024-02-27T04:28:30+00:00", + "message": "Successfully assigned acto-namespace/test-cluster-0 to acto-0-cluster-0-worker3", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T04:28:30+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-scheduler", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T04:28:30+00:00" + } + ], + "name": "test-cluster-0.17b79dd251d6b72b", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "754", + "self_link": null, + "uid": "1d17a557-20b4-4825-8a80-a40757a16ec4" + }, + "reason": "Scheduled", + "related": null, + "reporting_component": "default-scheduler", + "reporting_instance": "", + "series": null, + "source": { + "component": "default-scheduler", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T04:28:30+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{zookeeper}", + "kind": "Pod", + "name": "test-cluster-0", + "namespace": "acto-namespace", + "resource_version": "753", + "uid": "18231edd-dc42-4fd5-8319-07d839343e12" + }, + "kind": null, + "last_timestamp": "2024-02-27T04:28:30+00:00", + "message": "Container image \"pravega/zookeeper:0.2.14\" already present on machine", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T04:28:30+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:reportingInstance": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T04:28:30+00:00" + } + ], + "name": "test-cluster-0.17b79dd26be37759", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "757", + "self_link": null, + "uid": "6d042fda-39f1-4ec5-ad84-2163c3ab5592" + }, + "reason": "Pulled", + "related": null, + "reporting_component": "kubelet", + "reporting_instance": "acto-0-cluster-0-worker3", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker3" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T04:28:30+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{zookeeper}", + "kind": "Pod", + "name": "test-cluster-0", + "namespace": "acto-namespace", + "resource_version": "753", + "uid": "18231edd-dc42-4fd5-8319-07d839343e12" + }, + "kind": null, + "last_timestamp": "2024-02-27T04:28:30+00:00", + "message": "Created container zookeeper", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T04:28:30+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:reportingInstance": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T04:28:30+00:00" + } + ], + "name": "test-cluster-0.17b79dd26cb2f343", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "758", + "self_link": null, + "uid": "ec2f645c-96de-4947-b9b0-66b5c4b708e5" + }, + "reason": "Created", + "related": null, + "reporting_component": "kubelet", + "reporting_instance": "acto-0-cluster-0-worker3", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker3" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T04:28:30+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{zookeeper}", + "kind": "Pod", + "name": "test-cluster-0", + "namespace": "acto-namespace", + "resource_version": "753", + "uid": "18231edd-dc42-4fd5-8319-07d839343e12" + }, + "kind": null, + "last_timestamp": "2024-02-27T04:28:30+00:00", + "message": "Started container zookeeper", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T04:28:30+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:reportingInstance": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T04:28:30+00:00" + } + ], + "name": "test-cluster-0.17b79dd26ffabb2d", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "759", + "self_link": null, + "uid": "e95459b0-a660-4b76-936a-6b670a26d126" + }, + "reason": "Started", + "related": null, + "reporting_component": "kubelet", + "reporting_instance": "acto-0-cluster-0-worker3", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker3" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T04:28:44+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "Pod", + "name": "test-cluster-1", + "namespace": "acto-namespace", + "resource_version": "793", + "uid": "29624fa3-b1bd-4a49-b9ce-4a745541e131" + }, + "kind": null, + "last_timestamp": "2024-02-27T04:28:44+00:00", + "message": "Successfully assigned acto-namespace/test-cluster-1 to acto-0-cluster-0-worker2", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T04:28:44+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-scheduler", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T04:28:44+00:00" + } + ], + "name": "test-cluster-1.17b79dd5ad662880", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "823", + "self_link": null, + "uid": "4f1a0a60-39a4-4f58-807d-b544ace4698f" + }, + "reason": "Scheduled", + "related": null, + "reporting_component": "default-scheduler", + "reporting_instance": "", + "series": null, + "source": { + "component": "default-scheduler", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 3, + "event_time": null, + "first_timestamp": "2024-02-27T04:28:45+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{zookeeper}", + "kind": "Pod", + "name": "test-cluster-1", + "namespace": "acto-namespace", + "resource_version": "822", + "uid": "29624fa3-b1bd-4a49-b9ce-4a745541e131" + }, + "kind": null, + "last_timestamp": "2024-02-27T04:29:11+00:00", + "message": "Container image \"pravega/zookeeper:0.2.14\" already present on machine", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T04:28:45+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:reportingInstance": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T04:29:11+00:00" + } + ], + "name": "test-cluster-1.17b79dd5c858ec4e", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "886", + "self_link": null, + "uid": "fc358a78-7bb9-4623-8c50-c2771b372f84" + }, + "reason": "Pulled", + "related": null, + "reporting_component": "kubelet", + "reporting_instance": "acto-0-cluster-0-worker2", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker2" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 3, + "event_time": null, + "first_timestamp": "2024-02-27T04:28:45+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{zookeeper}", + "kind": "Pod", + "name": "test-cluster-1", + "namespace": "acto-namespace", + "resource_version": "822", + "uid": "29624fa3-b1bd-4a49-b9ce-4a745541e131" + }, + "kind": null, + "last_timestamp": "2024-02-27T04:29:11+00:00", + "message": "Created container zookeeper", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T04:28:45+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:reportingInstance": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T04:29:11+00:00" + } + ], + "name": "test-cluster-1.17b79dd5c91c4855", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "887", + "self_link": null, + "uid": "8497d7a2-e806-43d9-973b-e7f21e9b16a8" + }, + "reason": "Created", + "related": null, + "reporting_component": "kubelet", + "reporting_instance": "acto-0-cluster-0-worker2", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker2" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 3, + "event_time": null, + "first_timestamp": "2024-02-27T04:28:45+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{zookeeper}", + "kind": "Pod", + "name": "test-cluster-1", + "namespace": "acto-namespace", + "resource_version": "822", + "uid": "29624fa3-b1bd-4a49-b9ce-4a745541e131" + }, + "kind": null, + "last_timestamp": "2024-02-27T04:29:11+00:00", + "message": "Started container zookeeper", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T04:28:45+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:reportingInstance": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T04:29:11+00:00" + } + ], + "name": "test-cluster-1.17b79dd5ceed7cd1", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "888", + "self_link": null, + "uid": "2556d3e9-2d26-4960-a3ee-165fb381f14a" + }, + "reason": "Started", + "related": null, + "reporting_component": "kubelet", + "reporting_instance": "acto-0-cluster-0-worker2", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker2" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 3, + "event_time": null, + "first_timestamp": "2024-02-27T04:28:46+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{zookeeper}", + "kind": "Pod", + "name": "test-cluster-1", + "namespace": "acto-namespace", + "resource_version": "822", + "uid": "29624fa3-b1bd-4a49-b9ce-4a745541e131" + }, + "kind": null, + "last_timestamp": "2024-02-27T04:28:55+00:00", + "message": "Back-off restarting failed container zookeeper in pod test-cluster-1_acto-namespace(29624fa3-b1bd-4a49-b9ce-4a745541e131)", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T04:28:46+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:reportingInstance": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T04:28:55+00:00" + } + ], + "name": "test-cluster-1.17b79dd627ac2e4b", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "860", + "self_link": null, + "uid": "185e690a-45d2-4df2-aa59-daaec7c54a2a" + }, + "reason": "BackOff", + "related": null, + "reporting_component": "kubelet", + "reporting_instance": "acto-0-cluster-0-worker2", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker2" + }, + "type": "Warning" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T04:29:31+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "Pod", + "name": "test-cluster-2", + "namespace": "acto-namespace", + "resource_version": "923", + "uid": "ba425a9d-cf57-4e27-8ef2-a64a42681f9e" + }, + "kind": null, + "last_timestamp": "2024-02-27T04:29:31+00:00", + "message": "Successfully assigned acto-namespace/test-cluster-2 to acto-0-cluster-0-worker", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T04:29:31+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-scheduler", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T04:29:31+00:00" + } + ], + "name": "test-cluster-2.17b79de07d83511b", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "956", + "self_link": null, + "uid": "859a39a5-19da-4ea8-af1f-f702185feb45" + }, + "reason": "Scheduled", + "related": null, + "reporting_component": "default-scheduler", + "reporting_instance": "", + "series": null, + "source": { + "component": "default-scheduler", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T04:29:31+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{zookeeper}", + "kind": "Pod", + "name": "test-cluster-2", + "namespace": "acto-namespace", + "resource_version": "955", + "uid": "ba425a9d-cf57-4e27-8ef2-a64a42681f9e" + }, + "kind": null, + "last_timestamp": "2024-02-27T04:29:31+00:00", + "message": "Container image \"pravega/zookeeper:0.2.14\" already present on machine", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T04:29:31+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:reportingInstance": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T04:29:31+00:00" + } + ], + "name": "test-cluster-2.17b79de097006518", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "958", + "self_link": null, + "uid": "e81eedcf-05ce-498b-91e0-8f6b08f6b1b5" + }, + "reason": "Pulled", + "related": null, + "reporting_component": "kubelet", + "reporting_instance": "acto-0-cluster-0-worker", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T04:29:31+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{zookeeper}", + "kind": "Pod", + "name": "test-cluster-2", + "namespace": "acto-namespace", + "resource_version": "955", + "uid": "ba425a9d-cf57-4e27-8ef2-a64a42681f9e" + }, + "kind": null, + "last_timestamp": "2024-02-27T04:29:31+00:00", + "message": "Created container zookeeper", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T04:29:31+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:reportingInstance": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T04:29:31+00:00" + } + ], + "name": "test-cluster-2.17b79de097cb07d4", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "959", + "self_link": null, + "uid": "5b74845d-c792-4b39-8bd2-a3bef95485ad" + }, + "reason": "Created", + "related": null, + "reporting_component": "kubelet", + "reporting_instance": "acto-0-cluster-0-worker", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T04:29:31+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{zookeeper}", + "kind": "Pod", + "name": "test-cluster-2", + "namespace": "acto-namespace", + "resource_version": "955", + "uid": "ba425a9d-cf57-4e27-8ef2-a64a42681f9e" + }, + "kind": null, + "last_timestamp": "2024-02-27T04:29:31+00:00", + "message": "Started container zookeeper", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T04:29:31+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:reportingInstance": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T04:29:31+00:00" + } + ], + "name": "test-cluster-2.17b79de09b18fe20", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "960", + "self_link": null, + "uid": "2b36ae2f-d8f3-49a6-8e20-d7a96be671b6" + }, + "reason": "Started", + "related": null, + "reporting_component": "kubelet", + "reporting_instance": "acto-0-cluster-0-worker", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T04:28:26+00:00", + "involved_object": { + "api_version": "apps/v1", + "field_path": null, + "kind": "StatefulSet", + "name": "test-cluster", + "namespace": "acto-namespace", + "resource_version": "707", + "uid": "364b3b40-def1-40ea-8bc1-1c52af79123c" + }, + "kind": null, + "last_timestamp": "2024-02-27T04:28:26+00:00", + "message": "create Claim data-test-cluster-0 Pod test-cluster-0 in StatefulSet test-cluster success", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T04:28:26+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T04:28:26+00:00" + } + ], + "name": "test-cluster.17b79dd162bce985", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "718", + "self_link": null, + "uid": "dcd1c841-8380-4444-92c5-bfdd6d91f8f1" + }, + "reason": "SuccessfulCreate", + "related": null, + "reporting_component": "statefulset-controller", + "reporting_instance": "", + "series": null, + "source": { + "component": "statefulset-controller", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T04:28:26+00:00", + "involved_object": { + "api_version": "apps/v1", + "field_path": null, + "kind": "StatefulSet", + "name": "test-cluster", + "namespace": "acto-namespace", + "resource_version": "707", + "uid": "364b3b40-def1-40ea-8bc1-1c52af79123c" + }, + "kind": null, + "last_timestamp": "2024-02-27T04:28:26+00:00", + "message": "create Pod test-cluster-0 in StatefulSet test-cluster successful", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T04:28:26+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T04:28:26+00:00" + } + ], + "name": "test-cluster.17b79dd162ee974b", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "721", + "self_link": null, + "uid": "7fa7f738-bdb9-4562-995a-6b339cdd9e6d" + }, + "reason": "SuccessfulCreate", + "related": null, + "reporting_component": "statefulset-controller", + "reporting_instance": "", + "series": null, + "source": { + "component": "statefulset-controller", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T04:28:40+00:00", + "involved_object": { + "api_version": "apps/v1", + "field_path": null, + "kind": "StatefulSet", + "name": "test-cluster", + "namespace": "acto-namespace", + "resource_version": "740", + "uid": "364b3b40-def1-40ea-8bc1-1c52af79123c" + }, + "kind": null, + "last_timestamp": "2024-02-27T04:28:40+00:00", + "message": "create Claim data-test-cluster-1 Pod test-cluster-1 in StatefulSet test-cluster success", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T04:28:40+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T04:28:40+00:00" + } + ], + "name": "test-cluster.17b79dd4be6f5aa1", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "791", + "self_link": null, + "uid": "b720cd6e-0f98-4a88-b7e9-6ab2e3c8e676" + }, + "reason": "SuccessfulCreate", + "related": null, + "reporting_component": "statefulset-controller", + "reporting_instance": "", + "series": null, + "source": { + "component": "statefulset-controller", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T04:28:40+00:00", + "involved_object": { + "api_version": "apps/v1", + "field_path": null, + "kind": "StatefulSet", + "name": "test-cluster", + "namespace": "acto-namespace", + "resource_version": "740", + "uid": "364b3b40-def1-40ea-8bc1-1c52af79123c" + }, + "kind": null, + "last_timestamp": "2024-02-27T04:28:40+00:00", + "message": "create Pod test-cluster-1 in StatefulSet test-cluster successful", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T04:28:40+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T04:28:40+00:00" + } + ], + "name": "test-cluster.17b79dd4bea779c2", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "794", + "self_link": null, + "uid": "9117e0bf-ee35-4550-bf49-7d2543e34852" + }, + "reason": "SuccessfulCreate", + "related": null, + "reporting_component": "statefulset-controller", + "reporting_instance": "", + "series": null, + "source": { + "component": "statefulset-controller", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T04:29:27+00:00", + "involved_object": { + "api_version": "apps/v1", + "field_path": null, + "kind": "StatefulSet", + "name": "test-cluster", + "namespace": "acto-namespace", + "resource_version": "820", + "uid": "364b3b40-def1-40ea-8bc1-1c52af79123c" + }, + "kind": null, + "last_timestamp": "2024-02-27T04:29:27+00:00", + "message": "create Claim data-test-cluster-2 Pod test-cluster-2 in StatefulSet test-cluster success", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T04:29:27+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T04:29:27+00:00" + } + ], + "name": "test-cluster.17b79ddf8e37d9b1", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "924", + "self_link": null, + "uid": "9370e11f-feb7-446b-b92f-e7fdabd2625b" + }, + "reason": "SuccessfulCreate", + "related": null, + "reporting_component": "statefulset-controller", + "reporting_instance": "", + "series": null, + "source": { + "component": "statefulset-controller", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T04:29:27+00:00", + "involved_object": { + "api_version": "apps/v1", + "field_path": null, + "kind": "StatefulSet", + "name": "test-cluster", + "namespace": "acto-namespace", + "resource_version": "820", + "uid": "364b3b40-def1-40ea-8bc1-1c52af79123c" + }, + "kind": null, + "last_timestamp": "2024-02-27T04:29:27+00:00", + "message": "create Pod test-cluster-2 in StatefulSet test-cluster successful", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T04:29:27+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T04:29:27+00:00" + } + ], + "name": "test-cluster.17b79ddf8eaf7d78", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "926", + "self_link": null, + "uid": "3cbb14b6-0a7f-41b8-9942-95744d02f9b1" + }, + "reason": "SuccessfulCreate", + "related": null, + "reporting_component": "statefulset-controller", + "reporting_instance": "", + "series": null, + "source": { + "component": "statefulset-controller", + "host": null + }, + "type": "Normal" + } + ], + "kind": "EventList", + "metadata": { + "_continue": null, + "remaining_item_count": null, + "resource_version": "1195", + "self_link": null + } +} diff --git a/docs/alarm_examples/false_alarm/generation-000-runtime.json b/docs/alarm_examples/false_alarm/generation-000-runtime.json new file mode 100644 index 0000000000..2d61d68658 --- /dev/null +++ b/docs/alarm_examples/false_alarm/generation-000-runtime.json @@ -0,0 +1,17 @@ +{ + "testcase": {}, + "step_id": { + "trial": "testrun-2024-02-26-22-27/trial-00-0000", + "generation": 0 + }, + "oracle_result": { + "crash": null, + "health": null, + "operator_log": null, + "consistency": null, + "differential": null, + "custom": null + }, + "cli_status": "Pass", + "is_revert": false +} diff --git a/docs/alarm_examples/false_alarm/generation-001-runtime.json b/docs/alarm_examples/false_alarm/generation-001-runtime.json new file mode 100644 index 0000000000..6b718cd40f --- /dev/null +++ b/docs/alarm_examples/false_alarm/generation-001-runtime.json @@ -0,0 +1,20 @@ +{ + "testcase": { + "field": "[\"spec\"]", + "testcase": "step-1" + }, + "step_id": { + "trial": "testrun-2024-02-26-22-27/trial-00-0000", + "generation": 1 + }, + "oracle_result": { + "crash": null, + "health": null, + "operator_log": null, + "consistency": null, + "differential": null, + "custom": null + }, + "cli_status": "Pass", + "is_revert": false +} diff --git a/docs/alarm_examples/false_alarm/generation-002-runtime.json b/docs/alarm_examples/false_alarm/generation-002-runtime.json new file mode 100644 index 0000000000..c9c905f373 --- /dev/null +++ b/docs/alarm_examples/false_alarm/generation-002-runtime.json @@ -0,0 +1,35 @@ +{ + "testcase": { + "field": "[\"spec\"]", + "testcase": "step-2" + }, + "step_id": { + "trial": "testrun-2024-02-26-22-27/trial-00-0000", + "generation": 2 + }, + "oracle_result": { + "crash": null, + "health": null, + "operator_log": null, + "consistency": { + "message": "Found no matching fields for input", + "input_diff": { + "prev": "1Gi", + "curr": "2Gi", + "path": { + "path": [ + "spec", + "ephemeral", + "emptydirvolumesource", + "sizeLimit" + ] + } + }, + "system_state_diff": null + }, + "differential": null, + "custom": null + }, + "cli_status": "Pass", + "is_revert": false +} diff --git a/docs/alarm_examples/false_alarm/mutated--01.yaml b/docs/alarm_examples/false_alarm/mutated--01.yaml new file mode 100644 index 0000000000..26aa053934 --- /dev/null +++ b/docs/alarm_examples/false_alarm/mutated--01.yaml @@ -0,0 +1,21 @@ +apiVersion: zookeeper.pravega.io/v1beta1 +kind: ZookeeperCluster +metadata: + name: test-cluster +spec: + ephemeral: + emptydirvolumesource: + sizeLimit: 1Gi + image: + pullPolicy: IfNotPresent + repository: pravega/zookeeper + tag: 0.2.14 + persistence: + reclaimPolicy: Delete + spec: + resources: + requests: + storage: 20Gi + storageClassName: standard + replicas: 3 + storageType: persistence diff --git a/docs/alarm_examples/false_alarm/mutated-000.yaml b/docs/alarm_examples/false_alarm/mutated-000.yaml new file mode 100644 index 0000000000..637bd143f5 --- /dev/null +++ b/docs/alarm_examples/false_alarm/mutated-000.yaml @@ -0,0 +1,18 @@ +apiVersion: zookeeper.pravega.io/v1beta1 +kind: ZookeeperCluster +metadata: + name: test-cluster +spec: + image: + pullPolicy: IfNotPresent + repository: pravega/zookeeper + tag: 0.2.14 + persistence: + reclaimPolicy: Delete + spec: + resources: + requests: + storage: 20Gi + storageClassName: standard + replicas: 3 + storageType: persistence diff --git a/docs/alarm_examples/false_alarm/mutated-001.yaml b/docs/alarm_examples/false_alarm/mutated-001.yaml new file mode 100644 index 0000000000..26aa053934 --- /dev/null +++ b/docs/alarm_examples/false_alarm/mutated-001.yaml @@ -0,0 +1,21 @@ +apiVersion: zookeeper.pravega.io/v1beta1 +kind: ZookeeperCluster +metadata: + name: test-cluster +spec: + ephemeral: + emptydirvolumesource: + sizeLimit: 1Gi + image: + pullPolicy: IfNotPresent + repository: pravega/zookeeper + tag: 0.2.14 + persistence: + reclaimPolicy: Delete + spec: + resources: + requests: + storage: 20Gi + storageClassName: standard + replicas: 3 + storageType: persistence diff --git a/docs/alarm_examples/false_alarm/mutated-002.yaml b/docs/alarm_examples/false_alarm/mutated-002.yaml new file mode 100644 index 0000000000..ae975cee8d --- /dev/null +++ b/docs/alarm_examples/false_alarm/mutated-002.yaml @@ -0,0 +1,21 @@ +apiVersion: zookeeper.pravega.io/v1beta1 +kind: ZookeeperCluster +metadata: + name: test-cluster +spec: + ephemeral: + emptydirvolumesource: + sizeLimit: 2Gi + image: + pullPolicy: IfNotPresent + repository: pravega/zookeeper + tag: 0.2.14 + persistence: + reclaimPolicy: Delete + spec: + resources: + requests: + storage: 20Gi + storageClassName: standard + replicas: 3 + storageType: persistence diff --git a/docs/alarm_examples/false_alarm/result.json b/docs/alarm_examples/false_alarm/result.json new file mode 100644 index 0000000000..2dcb9822d1 --- /dev/null +++ b/docs/alarm_examples/false_alarm/result.json @@ -0,0 +1,27 @@ +{ + "trial_id": "trial-00-0000", + "duration": 248.0545175075531, + "error": { + "crash": null, + "health": null, + "operator_log": null, + "consistency": { + "message": "Found no matching fields for input", + "input_diff": { + "prev": "1Gi", + "curr": "2Gi", + "path": { + "path": [ + "spec", + "ephemeral", + "emptydirvolumesource", + "sizeLimit" + ] + } + }, + "system_state_diff": null + }, + "differential": null, + "custom": null + } +} diff --git a/docs/alarm_examples/false_alarm/system-state--01.json b/docs/alarm_examples/false_alarm/system-state--01.json new file mode 100644 index 0000000000..f668a35fec --- /dev/null +++ b/docs/alarm_examples/false_alarm/system-state--01.json @@ -0,0 +1,5303 @@ +{ + "pod": { + "test-cluster-0": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T04:28:26+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": "test-cluster-", + "generation": null, + "labels": { + "app": "test-cluster", + "apps.kubernetes.io/pod-index": "0", + "controller-revision-hash": "test-cluster-66f4d88fc7", + "kind": "ZookeeperMember", + "release": "test-cluster", + "statefulset.kubernetes.io/pod-name": "test-cluster-0" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:generateName": {}, + "f:labels": { + ".": {}, + "f:app": {}, + "f:apps.kubernetes.io/pod-index": {}, + "f:controller-revision-hash": {}, + "f:kind": {}, + "f:release": {}, + "f:statefulset.kubernetes.io/pod-name": {} + }, + "f:ownerReferences": { + ".": {}, + "k:{\"uid\":\"364b3b40-def1-40ea-8bc1-1c52af79123c\"}": {} + } + }, + "f:spec": { + "f:affinity": { + ".": {}, + "f:podAntiAffinity": { + ".": {}, + "f:preferredDuringSchedulingIgnoredDuringExecution": {} + } + }, + "f:containers": { + "k:{\"name\":\"zookeeper\"}": { + ".": {}, + "f:command": {}, + "f:env": { + ".": {}, + "k:{\"name\":\"ENVOY_SIDECAR_STATUS\"}": { + ".": {}, + "f:name": {}, + "f:valueFrom": { + ".": {}, + "f:fieldRef": {} + } + } + }, + "f:image": {}, + "f:imagePullPolicy": {}, + "f:lifecycle": { + ".": {}, + "f:preStop": { + ".": {}, + "f:exec": { + ".": {}, + "f:command": {} + } + } + }, + "f:livenessProbe": { + ".": {}, + "f:exec": { + ".": {}, + "f:command": {} + }, + "f:failureThreshold": {}, + "f:initialDelaySeconds": {}, + "f:periodSeconds": {}, + "f:successThreshold": {}, + "f:timeoutSeconds": {} + }, + "f:name": {}, + "f:ports": { + ".": {}, + "k:{\"containerPort\":2181,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + }, + "k:{\"containerPort\":2888,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + }, + "k:{\"containerPort\":3888,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + }, + "k:{\"containerPort\":7000,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + }, + "k:{\"containerPort\":8080,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + } + }, + "f:readinessProbe": { + ".": {}, + "f:exec": { + ".": {}, + "f:command": {} + }, + "f:failureThreshold": {}, + "f:initialDelaySeconds": {}, + "f:periodSeconds": {}, + "f:successThreshold": {}, + "f:timeoutSeconds": {} + }, + "f:resources": {}, + "f:terminationMessagePath": {}, + "f:terminationMessagePolicy": {}, + "f:volumeMounts": { + ".": {}, + "k:{\"mountPath\":\"/conf\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {} + }, + "k:{\"mountPath\":\"/data\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {} + } + } + } + }, + "f:dnsPolicy": {}, + "f:enableServiceLinks": {}, + "f:hostname": {}, + "f:restartPolicy": {}, + "f:schedulerName": {}, + "f:securityContext": {}, + "f:serviceAccount": {}, + "f:serviceAccountName": {}, + "f:subdomain": {}, + "f:terminationGracePeriodSeconds": {}, + "f:volumes": { + ".": {}, + "k:{\"name\":\"conf\"}": { + ".": {}, + "f:configMap": { + ".": {}, + "f:defaultMode": {}, + "f:name": {} + }, + "f:name": {} + }, + "k:{\"name\":\"data\"}": { + ".": {}, + "f:name": {}, + "f:persistentVolumeClaim": { + ".": {}, + "f:claimName": {} + } + } + } + } + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T04:28:26+00:00" + }, + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:status": { + "f:conditions": { + "k:{\"type\":\"ContainersReady\"}": { + ".": {}, + "f:lastProbeTime": {}, + "f:lastTransitionTime": {}, + "f:status": {}, + "f:type": {} + }, + "k:{\"type\":\"Initialized\"}": { + ".": {}, + "f:lastProbeTime": {}, + "f:lastTransitionTime": {}, + "f:status": {}, + "f:type": {} + }, + "k:{\"type\":\"Ready\"}": { + ".": {}, + "f:lastProbeTime": {}, + "f:lastTransitionTime": {}, + "f:status": {}, + "f:type": {} + } + }, + "f:containerStatuses": {}, + "f:hostIP": {}, + "f:phase": {}, + "f:podIP": {}, + "f:podIPs": { + ".": {}, + "k:{\"ip\":\"10.244.3.3\"}": { + ".": {}, + "f:ip": {} + } + }, + "f:startTime": {} + } + }, + "manager": "kubelet", + "operation": "Update", + "subresource": "status", + "time": "2024-02-27T04:28:40+00:00" + } + ], + "name": "test-cluster-0", + "namespace": "acto-namespace", + "owner_references": [ + { + "api_version": "apps/v1", + "block_owner_deletion": true, + "controller": true, + "kind": "StatefulSet", + "name": "test-cluster", + "uid": "364b3b40-def1-40ea-8bc1-1c52af79123c" + } + ], + "resource_version": "783", + "self_link": null, + "uid": "18231edd-dc42-4fd5-8319-07d839343e12" + }, + "spec": { + "active_deadline_seconds": null, + "affinity": { + "node_affinity": null, + "pod_affinity": null, + "pod_anti_affinity": { + "preferred_during_scheduling_ignored_during_execution": [ + { + "pod_affinity_term": { + "label_selector": { + "match_expressions": [ + { + "key": "app", + "operator": "In", + "values": [ + "test-cluster" + ] + } + ], + "match_labels": null + }, + "namespace_selector": null, + "namespaces": null, + "topology_key": "kubernetes.io/hostname" + }, + "weight": 20 + } + ], + "required_during_scheduling_ignored_during_execution": null + } + }, + "automount_service_account_token": null, + "containers": [ + { + "args": null, + "command": [ + "/usr/local/bin/zookeeperStart.sh" + ], + "env": [ + { + "name": "ENVOY_SIDECAR_STATUS", + "value": null, + "value_from": { + "config_map_key_ref": null, + "field_ref": { + "api_version": "v1", + "field_path": "metadata.annotations['sidecar.istio.io/status']" + }, + "resource_field_ref": null, + "secret_key_ref": null + } + } + ], + "env_from": null, + "image": "pravega/zookeeper:0.2.14", + "image_pull_policy": "IfNotPresent", + "lifecycle": { + "post_start": null, + "pre_stop": { + "_exec": { + "command": [ + "zookeeperTeardown.sh" + ] + }, + "http_get": null, + "tcp_socket": null + } + }, + "liveness_probe": { + "_exec": { + "command": [ + "zookeeperLive.sh" + ] + }, + "failure_threshold": 3, + "grpc": null, + "http_get": null, + "initial_delay_seconds": 10, + "period_seconds": 10, + "success_threshold": 1, + "tcp_socket": null, + "termination_grace_period_seconds": null, + "timeout_seconds": 10 + }, + "name": "zookeeper", + "ports": [ + { + "container_port": 2181, + "host_ip": null, + "host_port": null, + "name": "client", + "protocol": "TCP" + }, + { + "container_port": 2888, + "host_ip": null, + "host_port": null, + "name": "quorum", + "protocol": "TCP" + }, + { + "container_port": 3888, + "host_ip": null, + "host_port": null, + "name": "leader-election", + "protocol": "TCP" + }, + { + "container_port": 7000, + "host_ip": null, + "host_port": null, + "name": "metrics", + "protocol": "TCP" + }, + { + "container_port": 8080, + "host_ip": null, + "host_port": null, + "name": "admin-server", + "protocol": "TCP" + } + ], + "readiness_probe": { + "_exec": { + "command": [ + "zookeeperReady.sh" + ] + }, + "failure_threshold": 3, + "grpc": null, + "http_get": null, + "initial_delay_seconds": 10, + "period_seconds": 10, + "success_threshold": 1, + "tcp_socket": null, + "termination_grace_period_seconds": null, + "timeout_seconds": 10 + }, + "resources": { + "claims": null, + "limits": null, + "requests": null + }, + "security_context": null, + "startup_probe": null, + "stdin": null, + "stdin_once": null, + "termination_message_path": "/dev/termination-log", + "termination_message_policy": "File", + "tty": null, + "volume_devices": null, + "volume_mounts": [ + { + "mount_path": "/data", + "mount_propagation": null, + "name": "data", + "read_only": null, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/conf", + "mount_propagation": null, + "name": "conf", + "read_only": null, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/var/run/secrets/kubernetes.io/serviceaccount", + "mount_propagation": null, + "name": "kube-api-access-g8nxm", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + } + ], + "working_dir": null + } + ], + "dns_config": null, + "dns_policy": "ClusterFirst", + "enable_service_links": true, + "ephemeral_containers": null, + "host_aliases": null, + "host_ipc": null, + "host_network": null, + "host_pid": null, + "host_users": null, + "hostname": "test-cluster-0", + "image_pull_secrets": null, + "init_containers": null, + "node_name": "acto-0-cluster-0-worker3", + "node_selector": null, + "os": null, + "overhead": null, + "preemption_policy": "PreemptLowerPriority", + "priority": 0, + "priority_class_name": null, + "readiness_gates": null, + "resource_claims": null, + "restart_policy": "Always", + "runtime_class_name": null, + "scheduler_name": "default-scheduler", + "scheduling_gates": null, + "security_context": { + "fs_group": null, + "fs_group_change_policy": null, + "run_as_group": null, + "run_as_non_root": null, + "run_as_user": null, + "se_linux_options": null, + "seccomp_profile": null, + "supplemental_groups": null, + "sysctls": null, + "windows_options": null + }, + "service_account": "default", + "service_account_name": "default", + "set_hostname_as_fqdn": null, + "share_process_namespace": null, + "subdomain": "test-cluster-headless", + "termination_grace_period_seconds": 30, + "tolerations": [ + { + "effect": "NoExecute", + "key": "node.kubernetes.io/not-ready", + "operator": "Exists", + "toleration_seconds": 300, + "value": null + }, + { + "effect": "NoExecute", + "key": "node.kubernetes.io/unreachable", + "operator": "Exists", + "toleration_seconds": 300, + "value": null + } + ], + "topology_spread_constraints": null, + "volumes": [ + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "data", + "nfs": null, + "persistent_volume_claim": { + "claim_name": "data-test-cluster-0", + "read_only": null + }, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": { + "default_mode": 420, + "items": null, + "name": "test-cluster-configmap", + "optional": null + }, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "conf", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "kube-api-access-g8nxm", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": { + "default_mode": 420, + "sources": [ + { + "config_map": null, + "downward_api": null, + "secret": null, + "service_account_token": { + "audience": null, + "expiration_seconds": 3607, + "path": "token" + } + }, + { + "config_map": { + "items": [ + { + "key": "ca.crt", + "mode": null, + "path": "ca.crt" + } + ], + "name": "kube-root-ca.crt", + "optional": null + }, + "downward_api": null, + "secret": null, + "service_account_token": null + }, + { + "config_map": null, + "downward_api": { + "items": [ + { + "field_ref": { + "api_version": "v1", + "field_path": "metadata.namespace" + }, + "mode": null, + "path": "namespace", + "resource_field_ref": null + } + ] + }, + "secret": null, + "service_account_token": null + } + ] + }, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + } + ] + }, + "status": { + "conditions": [ + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T04:28:30+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "Initialized" + }, + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T04:28:40+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "Ready" + }, + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T04:28:40+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "ContainersReady" + }, + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T04:28:30+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "PodScheduled" + } + ], + "container_statuses": [ + { + "container_id": "containerd://f6e8919acaa36a02cfb7e5f5e68ab4086c9b3c8bd71657f71cd1f1d9f0af0622", + "image": "docker.io/pravega/zookeeper:0.2.14", + "image_id": "docker.io/library/import-2024-02-27@sha256:7f2584253004a3a8f2cbd60d47f9333098ad7ac912757eb7591a60ea021b79bd", + "last_state": { + "running": null, + "terminated": null, + "waiting": null + }, + "name": "zookeeper", + "ready": true, + "restart_count": 0, + "started": true, + "state": { + "running": { + "started_at": "2024-02-27T04:28:30+00:00" + }, + "terminated": null, + "waiting": null + } + } + ], + "ephemeral_container_statuses": null, + "host_ip": "172.18.0.4", + "init_container_statuses": null, + "message": null, + "nominated_node_name": null, + "phase": "Running", + "pod_ip": "10.244.3.3", + "pod_i_ps": [ + { + "ip": "10.244.3.3" + } + ], + "qos_class": "BestEffort", + "reason": null, + "start_time": "2024-02-27T04:28:30+00:00" + } + }, + "test-cluster-1": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T04:28:40+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": "test-cluster-", + "generation": null, + "labels": { + "app": "test-cluster", + "apps.kubernetes.io/pod-index": "1", + "controller-revision-hash": "test-cluster-66f4d88fc7", + "kind": "ZookeeperMember", + "release": "test-cluster", + "statefulset.kubernetes.io/pod-name": "test-cluster-1" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:generateName": {}, + "f:labels": { + ".": {}, + "f:app": {}, + "f:apps.kubernetes.io/pod-index": {}, + "f:controller-revision-hash": {}, + "f:kind": {}, + "f:release": {}, + "f:statefulset.kubernetes.io/pod-name": {} + }, + "f:ownerReferences": { + ".": {}, + "k:{\"uid\":\"364b3b40-def1-40ea-8bc1-1c52af79123c\"}": {} + } + }, + "f:spec": { + "f:affinity": { + ".": {}, + "f:podAntiAffinity": { + ".": {}, + "f:preferredDuringSchedulingIgnoredDuringExecution": {} + } + }, + "f:containers": { + "k:{\"name\":\"zookeeper\"}": { + ".": {}, + "f:command": {}, + "f:env": { + ".": {}, + "k:{\"name\":\"ENVOY_SIDECAR_STATUS\"}": { + ".": {}, + "f:name": {}, + "f:valueFrom": { + ".": {}, + "f:fieldRef": {} + } + } + }, + "f:image": {}, + "f:imagePullPolicy": {}, + "f:lifecycle": { + ".": {}, + "f:preStop": { + ".": {}, + "f:exec": { + ".": {}, + "f:command": {} + } + } + }, + "f:livenessProbe": { + ".": {}, + "f:exec": { + ".": {}, + "f:command": {} + }, + "f:failureThreshold": {}, + "f:initialDelaySeconds": {}, + "f:periodSeconds": {}, + "f:successThreshold": {}, + "f:timeoutSeconds": {} + }, + "f:name": {}, + "f:ports": { + ".": {}, + "k:{\"containerPort\":2181,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + }, + "k:{\"containerPort\":2888,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + }, + "k:{\"containerPort\":3888,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + }, + "k:{\"containerPort\":7000,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + }, + "k:{\"containerPort\":8080,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + } + }, + "f:readinessProbe": { + ".": {}, + "f:exec": { + ".": {}, + "f:command": {} + }, + "f:failureThreshold": {}, + "f:initialDelaySeconds": {}, + "f:periodSeconds": {}, + "f:successThreshold": {}, + "f:timeoutSeconds": {} + }, + "f:resources": {}, + "f:terminationMessagePath": {}, + "f:terminationMessagePolicy": {}, + "f:volumeMounts": { + ".": {}, + "k:{\"mountPath\":\"/conf\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {} + }, + "k:{\"mountPath\":\"/data\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {} + } + } + } + }, + "f:dnsPolicy": {}, + "f:enableServiceLinks": {}, + "f:hostname": {}, + "f:restartPolicy": {}, + "f:schedulerName": {}, + "f:securityContext": {}, + "f:serviceAccount": {}, + "f:serviceAccountName": {}, + "f:subdomain": {}, + "f:terminationGracePeriodSeconds": {}, + "f:volumes": { + ".": {}, + "k:{\"name\":\"conf\"}": { + ".": {}, + "f:configMap": { + ".": {}, + "f:defaultMode": {}, + "f:name": {} + }, + "f:name": {} + }, + "k:{\"name\":\"data\"}": { + ".": {}, + "f:name": {}, + "f:persistentVolumeClaim": { + ".": {}, + "f:claimName": {} + } + } + } + } + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T04:28:40+00:00" + }, + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:status": { + "f:conditions": { + "k:{\"type\":\"ContainersReady\"}": { + ".": {}, + "f:lastProbeTime": {}, + "f:lastTransitionTime": {}, + "f:status": {}, + "f:type": {} + }, + "k:{\"type\":\"Initialized\"}": { + ".": {}, + "f:lastProbeTime": {}, + "f:lastTransitionTime": {}, + "f:status": {}, + "f:type": {} + }, + "k:{\"type\":\"Ready\"}": { + ".": {}, + "f:lastProbeTime": {}, + "f:lastTransitionTime": {}, + "f:status": {}, + "f:type": {} + } + }, + "f:containerStatuses": {}, + "f:hostIP": {}, + "f:phase": {}, + "f:podIP": {}, + "f:podIPs": { + ".": {}, + "k:{\"ip\":\"10.244.2.3\"}": { + ".": {}, + "f:ip": {} + } + }, + "f:startTime": {} + } + }, + "manager": "kubelet", + "operation": "Update", + "subresource": "status", + "time": "2024-02-27T04:29:27+00:00" + } + ], + "name": "test-cluster-1", + "namespace": "acto-namespace", + "owner_references": [ + { + "api_version": "apps/v1", + "block_owner_deletion": true, + "controller": true, + "kind": "StatefulSet", + "name": "test-cluster", + "uid": "364b3b40-def1-40ea-8bc1-1c52af79123c" + } + ], + "resource_version": "915", + "self_link": null, + "uid": "29624fa3-b1bd-4a49-b9ce-4a745541e131" + }, + "spec": { + "active_deadline_seconds": null, + "affinity": { + "node_affinity": null, + "pod_affinity": null, + "pod_anti_affinity": { + "preferred_during_scheduling_ignored_during_execution": [ + { + "pod_affinity_term": { + "label_selector": { + "match_expressions": [ + { + "key": "app", + "operator": "In", + "values": [ + "test-cluster" + ] + } + ], + "match_labels": null + }, + "namespace_selector": null, + "namespaces": null, + "topology_key": "kubernetes.io/hostname" + }, + "weight": 20 + } + ], + "required_during_scheduling_ignored_during_execution": null + } + }, + "automount_service_account_token": null, + "containers": [ + { + "args": null, + "command": [ + "/usr/local/bin/zookeeperStart.sh" + ], + "env": [ + { + "name": "ENVOY_SIDECAR_STATUS", + "value": null, + "value_from": { + "config_map_key_ref": null, + "field_ref": { + "api_version": "v1", + "field_path": "metadata.annotations['sidecar.istio.io/status']" + }, + "resource_field_ref": null, + "secret_key_ref": null + } + } + ], + "env_from": null, + "image": "pravega/zookeeper:0.2.14", + "image_pull_policy": "IfNotPresent", + "lifecycle": { + "post_start": null, + "pre_stop": { + "_exec": { + "command": [ + "zookeeperTeardown.sh" + ] + }, + "http_get": null, + "tcp_socket": null + } + }, + "liveness_probe": { + "_exec": { + "command": [ + "zookeeperLive.sh" + ] + }, + "failure_threshold": 3, + "grpc": null, + "http_get": null, + "initial_delay_seconds": 10, + "period_seconds": 10, + "success_threshold": 1, + "tcp_socket": null, + "termination_grace_period_seconds": null, + "timeout_seconds": 10 + }, + "name": "zookeeper", + "ports": [ + { + "container_port": 2181, + "host_ip": null, + "host_port": null, + "name": "client", + "protocol": "TCP" + }, + { + "container_port": 2888, + "host_ip": null, + "host_port": null, + "name": "quorum", + "protocol": "TCP" + }, + { + "container_port": 3888, + "host_ip": null, + "host_port": null, + "name": "leader-election", + "protocol": "TCP" + }, + { + "container_port": 7000, + "host_ip": null, + "host_port": null, + "name": "metrics", + "protocol": "TCP" + }, + { + "container_port": 8080, + "host_ip": null, + "host_port": null, + "name": "admin-server", + "protocol": "TCP" + } + ], + "readiness_probe": { + "_exec": { + "command": [ + "zookeeperReady.sh" + ] + }, + "failure_threshold": 3, + "grpc": null, + "http_get": null, + "initial_delay_seconds": 10, + "period_seconds": 10, + "success_threshold": 1, + "tcp_socket": null, + "termination_grace_period_seconds": null, + "timeout_seconds": 10 + }, + "resources": { + "claims": null, + "limits": null, + "requests": null + }, + "security_context": null, + "startup_probe": null, + "stdin": null, + "stdin_once": null, + "termination_message_path": "/dev/termination-log", + "termination_message_policy": "File", + "tty": null, + "volume_devices": null, + "volume_mounts": [ + { + "mount_path": "/data", + "mount_propagation": null, + "name": "data", + "read_only": null, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/conf", + "mount_propagation": null, + "name": "conf", + "read_only": null, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/var/run/secrets/kubernetes.io/serviceaccount", + "mount_propagation": null, + "name": "kube-api-access-kv8hc", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + } + ], + "working_dir": null + } + ], + "dns_config": null, + "dns_policy": "ClusterFirst", + "enable_service_links": true, + "ephemeral_containers": null, + "host_aliases": null, + "host_ipc": null, + "host_network": null, + "host_pid": null, + "host_users": null, + "hostname": "test-cluster-1", + "image_pull_secrets": null, + "init_containers": null, + "node_name": "acto-0-cluster-0-worker2", + "node_selector": null, + "os": null, + "overhead": null, + "preemption_policy": "PreemptLowerPriority", + "priority": 0, + "priority_class_name": null, + "readiness_gates": null, + "resource_claims": null, + "restart_policy": "Always", + "runtime_class_name": null, + "scheduler_name": "default-scheduler", + "scheduling_gates": null, + "security_context": { + "fs_group": null, + "fs_group_change_policy": null, + "run_as_group": null, + "run_as_non_root": null, + "run_as_user": null, + "se_linux_options": null, + "seccomp_profile": null, + "supplemental_groups": null, + "sysctls": null, + "windows_options": null + }, + "service_account": "default", + "service_account_name": "default", + "set_hostname_as_fqdn": null, + "share_process_namespace": null, + "subdomain": "test-cluster-headless", + "termination_grace_period_seconds": 30, + "tolerations": [ + { + "effect": "NoExecute", + "key": "node.kubernetes.io/not-ready", + "operator": "Exists", + "toleration_seconds": 300, + "value": null + }, + { + "effect": "NoExecute", + "key": "node.kubernetes.io/unreachable", + "operator": "Exists", + "toleration_seconds": 300, + "value": null + } + ], + "topology_spread_constraints": null, + "volumes": [ + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "data", + "nfs": null, + "persistent_volume_claim": { + "claim_name": "data-test-cluster-1", + "read_only": null + }, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": { + "default_mode": 420, + "items": null, + "name": "test-cluster-configmap", + "optional": null + }, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "conf", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "kube-api-access-kv8hc", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": { + "default_mode": 420, + "sources": [ + { + "config_map": null, + "downward_api": null, + "secret": null, + "service_account_token": { + "audience": null, + "expiration_seconds": 3607, + "path": "token" + } + }, + { + "config_map": { + "items": [ + { + "key": "ca.crt", + "mode": null, + "path": "ca.crt" + } + ], + "name": "kube-root-ca.crt", + "optional": null + }, + "downward_api": null, + "secret": null, + "service_account_token": null + }, + { + "config_map": null, + "downward_api": { + "items": [ + { + "field_ref": { + "api_version": "v1", + "field_path": "metadata.namespace" + }, + "mode": null, + "path": "namespace", + "resource_field_ref": null + } + ] + }, + "secret": null, + "service_account_token": null + } + ] + }, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + } + ] + }, + "status": { + "conditions": [ + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T04:28:44+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "Initialized" + }, + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T04:29:27+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "Ready" + }, + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T04:29:27+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "ContainersReady" + }, + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T04:28:44+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "PodScheduled" + } + ], + "container_statuses": [ + { + "container_id": "containerd://e0a062004552de47c60046b989f1895b7fd8df9e6dffda07ab02e9326a1d76d4", + "image": "docker.io/pravega/zookeeper:0.2.14", + "image_id": "docker.io/library/import-2024-02-27@sha256:7f2584253004a3a8f2cbd60d47f9333098ad7ac912757eb7591a60ea021b79bd", + "last_state": { + "running": null, + "terminated": { + "container_id": "containerd://23f059b1f43bedd626d3cd6572c9bd3cf950577dac1e4209545207d1540ad758", + "exit_code": 1, + "finished_at": "2024-02-27T04:28:45+00:00", + "message": null, + "reason": "Error", + "signal": null, + "started_at": "2024-02-27T04:28:45+00:00" + }, + "waiting": null + }, + "name": "zookeeper", + "ready": true, + "restart_count": 2, + "started": true, + "state": { + "running": { + "started_at": "2024-02-27T04:29:11+00:00" + }, + "terminated": null, + "waiting": null + } + } + ], + "ephemeral_container_statuses": null, + "host_ip": "172.18.0.3", + "init_container_statuses": null, + "message": null, + "nominated_node_name": null, + "phase": "Running", + "pod_ip": "10.244.2.3", + "pod_i_ps": [ + { + "ip": "10.244.2.3" + } + ], + "qos_class": "BestEffort", + "reason": null, + "start_time": "2024-02-27T04:28:44+00:00" + } + }, + "test-cluster-2": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T04:29:27+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": "test-cluster-", + "generation": null, + "labels": { + "app": "test-cluster", + "apps.kubernetes.io/pod-index": "2", + "controller-revision-hash": "test-cluster-66f4d88fc7", + "kind": "ZookeeperMember", + "release": "test-cluster", + "statefulset.kubernetes.io/pod-name": "test-cluster-2" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:generateName": {}, + "f:labels": { + ".": {}, + "f:app": {}, + "f:apps.kubernetes.io/pod-index": {}, + "f:controller-revision-hash": {}, + "f:kind": {}, + "f:release": {}, + "f:statefulset.kubernetes.io/pod-name": {} + }, + "f:ownerReferences": { + ".": {}, + "k:{\"uid\":\"364b3b40-def1-40ea-8bc1-1c52af79123c\"}": {} + } + }, + "f:spec": { + "f:affinity": { + ".": {}, + "f:podAntiAffinity": { + ".": {}, + "f:preferredDuringSchedulingIgnoredDuringExecution": {} + } + }, + "f:containers": { + "k:{\"name\":\"zookeeper\"}": { + ".": {}, + "f:command": {}, + "f:env": { + ".": {}, + "k:{\"name\":\"ENVOY_SIDECAR_STATUS\"}": { + ".": {}, + "f:name": {}, + "f:valueFrom": { + ".": {}, + "f:fieldRef": {} + } + } + }, + "f:image": {}, + "f:imagePullPolicy": {}, + "f:lifecycle": { + ".": {}, + "f:preStop": { + ".": {}, + "f:exec": { + ".": {}, + "f:command": {} + } + } + }, + "f:livenessProbe": { + ".": {}, + "f:exec": { + ".": {}, + "f:command": {} + }, + "f:failureThreshold": {}, + "f:initialDelaySeconds": {}, + "f:periodSeconds": {}, + "f:successThreshold": {}, + "f:timeoutSeconds": {} + }, + "f:name": {}, + "f:ports": { + ".": {}, + "k:{\"containerPort\":2181,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + }, + "k:{\"containerPort\":2888,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + }, + "k:{\"containerPort\":3888,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + }, + "k:{\"containerPort\":7000,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + }, + "k:{\"containerPort\":8080,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + } + }, + "f:readinessProbe": { + ".": {}, + "f:exec": { + ".": {}, + "f:command": {} + }, + "f:failureThreshold": {}, + "f:initialDelaySeconds": {}, + "f:periodSeconds": {}, + "f:successThreshold": {}, + "f:timeoutSeconds": {} + }, + "f:resources": {}, + "f:terminationMessagePath": {}, + "f:terminationMessagePolicy": {}, + "f:volumeMounts": { + ".": {}, + "k:{\"mountPath\":\"/conf\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {} + }, + "k:{\"mountPath\":\"/data\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {} + } + } + } + }, + "f:dnsPolicy": {}, + "f:enableServiceLinks": {}, + "f:hostname": {}, + "f:restartPolicy": {}, + "f:schedulerName": {}, + "f:securityContext": {}, + "f:serviceAccount": {}, + "f:serviceAccountName": {}, + "f:subdomain": {}, + "f:terminationGracePeriodSeconds": {}, + "f:volumes": { + ".": {}, + "k:{\"name\":\"conf\"}": { + ".": {}, + "f:configMap": { + ".": {}, + "f:defaultMode": {}, + "f:name": {} + }, + "f:name": {} + }, + "k:{\"name\":\"data\"}": { + ".": {}, + "f:name": {}, + "f:persistentVolumeClaim": { + ".": {}, + "f:claimName": {} + } + } + } + } + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T04:29:27+00:00" + }, + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:status": { + "f:conditions": { + "k:{\"type\":\"ContainersReady\"}": { + ".": {}, + "f:lastProbeTime": {}, + "f:lastTransitionTime": {}, + "f:status": {}, + "f:type": {} + }, + "k:{\"type\":\"Initialized\"}": { + ".": {}, + "f:lastProbeTime": {}, + "f:lastTransitionTime": {}, + "f:status": {}, + "f:type": {} + }, + "k:{\"type\":\"Ready\"}": { + ".": {}, + "f:lastProbeTime": {}, + "f:lastTransitionTime": {}, + "f:status": {}, + "f:type": {} + } + }, + "f:containerStatuses": {}, + "f:hostIP": {}, + "f:phase": {}, + "f:podIP": {}, + "f:podIPs": { + ".": {}, + "k:{\"ip\":\"10.244.1.4\"}": { + ".": {}, + "f:ip": {} + } + }, + "f:startTime": {} + } + }, + "manager": "kubelet", + "operation": "Update", + "subresource": "status", + "time": "2024-02-27T04:29:43+00:00" + } + ], + "name": "test-cluster-2", + "namespace": "acto-namespace", + "owner_references": [ + { + "api_version": "apps/v1", + "block_owner_deletion": true, + "controller": true, + "kind": "StatefulSet", + "name": "test-cluster", + "uid": "364b3b40-def1-40ea-8bc1-1c52af79123c" + } + ], + "resource_version": "987", + "self_link": null, + "uid": "ba425a9d-cf57-4e27-8ef2-a64a42681f9e" + }, + "spec": { + "active_deadline_seconds": null, + "affinity": { + "node_affinity": null, + "pod_affinity": null, + "pod_anti_affinity": { + "preferred_during_scheduling_ignored_during_execution": [ + { + "pod_affinity_term": { + "label_selector": { + "match_expressions": [ + { + "key": "app", + "operator": "In", + "values": [ + "test-cluster" + ] + } + ], + "match_labels": null + }, + "namespace_selector": null, + "namespaces": null, + "topology_key": "kubernetes.io/hostname" + }, + "weight": 20 + } + ], + "required_during_scheduling_ignored_during_execution": null + } + }, + "automount_service_account_token": null, + "containers": [ + { + "args": null, + "command": [ + "/usr/local/bin/zookeeperStart.sh" + ], + "env": [ + { + "name": "ENVOY_SIDECAR_STATUS", + "value": null, + "value_from": { + "config_map_key_ref": null, + "field_ref": { + "api_version": "v1", + "field_path": "metadata.annotations['sidecar.istio.io/status']" + }, + "resource_field_ref": null, + "secret_key_ref": null + } + } + ], + "env_from": null, + "image": "pravega/zookeeper:0.2.14", + "image_pull_policy": "IfNotPresent", + "lifecycle": { + "post_start": null, + "pre_stop": { + "_exec": { + "command": [ + "zookeeperTeardown.sh" + ] + }, + "http_get": null, + "tcp_socket": null + } + }, + "liveness_probe": { + "_exec": { + "command": [ + "zookeeperLive.sh" + ] + }, + "failure_threshold": 3, + "grpc": null, + "http_get": null, + "initial_delay_seconds": 10, + "period_seconds": 10, + "success_threshold": 1, + "tcp_socket": null, + "termination_grace_period_seconds": null, + "timeout_seconds": 10 + }, + "name": "zookeeper", + "ports": [ + { + "container_port": 2181, + "host_ip": null, + "host_port": null, + "name": "client", + "protocol": "TCP" + }, + { + "container_port": 2888, + "host_ip": null, + "host_port": null, + "name": "quorum", + "protocol": "TCP" + }, + { + "container_port": 3888, + "host_ip": null, + "host_port": null, + "name": "leader-election", + "protocol": "TCP" + }, + { + "container_port": 7000, + "host_ip": null, + "host_port": null, + "name": "metrics", + "protocol": "TCP" + }, + { + "container_port": 8080, + "host_ip": null, + "host_port": null, + "name": "admin-server", + "protocol": "TCP" + } + ], + "readiness_probe": { + "_exec": { + "command": [ + "zookeeperReady.sh" + ] + }, + "failure_threshold": 3, + "grpc": null, + "http_get": null, + "initial_delay_seconds": 10, + "period_seconds": 10, + "success_threshold": 1, + "tcp_socket": null, + "termination_grace_period_seconds": null, + "timeout_seconds": 10 + }, + "resources": { + "claims": null, + "limits": null, + "requests": null + }, + "security_context": null, + "startup_probe": null, + "stdin": null, + "stdin_once": null, + "termination_message_path": "/dev/termination-log", + "termination_message_policy": "File", + "tty": null, + "volume_devices": null, + "volume_mounts": [ + { + "mount_path": "/data", + "mount_propagation": null, + "name": "data", + "read_only": null, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/conf", + "mount_propagation": null, + "name": "conf", + "read_only": null, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/var/run/secrets/kubernetes.io/serviceaccount", + "mount_propagation": null, + "name": "kube-api-access-9wbg7", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + } + ], + "working_dir": null + } + ], + "dns_config": null, + "dns_policy": "ClusterFirst", + "enable_service_links": true, + "ephemeral_containers": null, + "host_aliases": null, + "host_ipc": null, + "host_network": null, + "host_pid": null, + "host_users": null, + "hostname": "test-cluster-2", + "image_pull_secrets": null, + "init_containers": null, + "node_name": "acto-0-cluster-0-worker", + "node_selector": null, + "os": null, + "overhead": null, + "preemption_policy": "PreemptLowerPriority", + "priority": 0, + "priority_class_name": null, + "readiness_gates": null, + "resource_claims": null, + "restart_policy": "Always", + "runtime_class_name": null, + "scheduler_name": "default-scheduler", + "scheduling_gates": null, + "security_context": { + "fs_group": null, + "fs_group_change_policy": null, + "run_as_group": null, + "run_as_non_root": null, + "run_as_user": null, + "se_linux_options": null, + "seccomp_profile": null, + "supplemental_groups": null, + "sysctls": null, + "windows_options": null + }, + "service_account": "default", + "service_account_name": "default", + "set_hostname_as_fqdn": null, + "share_process_namespace": null, + "subdomain": "test-cluster-headless", + "termination_grace_period_seconds": 30, + "tolerations": [ + { + "effect": "NoExecute", + "key": "node.kubernetes.io/not-ready", + "operator": "Exists", + "toleration_seconds": 300, + "value": null + }, + { + "effect": "NoExecute", + "key": "node.kubernetes.io/unreachable", + "operator": "Exists", + "toleration_seconds": 300, + "value": null + } + ], + "topology_spread_constraints": null, + "volumes": [ + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "data", + "nfs": null, + "persistent_volume_claim": { + "claim_name": "data-test-cluster-2", + "read_only": null + }, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": { + "default_mode": 420, + "items": null, + "name": "test-cluster-configmap", + "optional": null + }, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "conf", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "kube-api-access-9wbg7", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": { + "default_mode": 420, + "sources": [ + { + "config_map": null, + "downward_api": null, + "secret": null, + "service_account_token": { + "audience": null, + "expiration_seconds": 3607, + "path": "token" + } + }, + { + "config_map": { + "items": [ + { + "key": "ca.crt", + "mode": null, + "path": "ca.crt" + } + ], + "name": "kube-root-ca.crt", + "optional": null + }, + "downward_api": null, + "secret": null, + "service_account_token": null + }, + { + "config_map": null, + "downward_api": { + "items": [ + { + "field_ref": { + "api_version": "v1", + "field_path": "metadata.namespace" + }, + "mode": null, + "path": "namespace", + "resource_field_ref": null + } + ] + }, + "secret": null, + "service_account_token": null + } + ] + }, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + } + ] + }, + "status": { + "conditions": [ + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T04:29:31+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "Initialized" + }, + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T04:29:43+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "Ready" + }, + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T04:29:43+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "ContainersReady" + }, + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T04:29:31+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "PodScheduled" + } + ], + "container_statuses": [ + { + "container_id": "containerd://d57a3d1981f648b551655d791a54b27c3cdb626d2ef55805831096a0d0045743", + "image": "docker.io/pravega/zookeeper:0.2.14", + "image_id": "docker.io/library/import-2024-02-27@sha256:7f2584253004a3a8f2cbd60d47f9333098ad7ac912757eb7591a60ea021b79bd", + "last_state": { + "running": null, + "terminated": null, + "waiting": null + }, + "name": "zookeeper", + "ready": true, + "restart_count": 0, + "started": true, + "state": { + "running": { + "started_at": "2024-02-27T04:29:31+00:00" + }, + "terminated": null, + "waiting": null + } + } + ], + "ephemeral_container_statuses": null, + "host_ip": "172.18.0.5", + "init_container_statuses": null, + "message": null, + "nominated_node_name": null, + "phase": "Running", + "pod_ip": "10.244.1.4", + "pod_i_ps": [ + { + "ip": "10.244.1.4" + } + ], + "qos_class": "BestEffort", + "reason": null, + "start_time": "2024-02-27T04:29:31+00:00" + } + } + }, + "deployment_pods": { + "acto-test-operator-zookeeper-operator": [ + { + "api_version": null, + "kind": null, + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T04:27:55+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": "acto-test-operator-zookeeper-operator-f56b66895-", + "generation": null, + "labels": { + "acto/tag": "operator-pod", + "component": "zookeeper-operator", + "name": "acto-test-operator-zookeeper-operator", + "pod-template-hash": "f56b66895" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:generateName": {}, + "f:labels": { + ".": {}, + "f:acto/tag": {}, + "f:component": {}, + "f:name": {}, + "f:pod-template-hash": {} + }, + "f:ownerReferences": { + ".": {}, + "k:{\"uid\":\"1b23e2bb-3559-4aa5-81e0-684e828d90ab\"}": {} + } + }, + "f:spec": { + "f:containers": { + "k:{\"name\":\"acto-test-operator-zookeeper-operator\"}": { + ".": {}, + "f:command": {}, + "f:env": { + ".": {}, + "k:{\"name\":\"OPERATOR_NAME\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"POD_NAME\"}": { + ".": {}, + "f:name": {}, + "f:valueFrom": { + ".": {}, + "f:fieldRef": {} + } + }, + "k:{\"name\":\"WATCH_NAMESPACE\"}": { + ".": {}, + "f:name": {} + } + }, + "f:image": {}, + "f:imagePullPolicy": {}, + "f:name": {}, + "f:ports": { + ".": {}, + "k:{\"containerPort\":6000,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + } + }, + "f:resources": {}, + "f:terminationMessagePath": {}, + "f:terminationMessagePolicy": {} + } + }, + "f:dnsPolicy": {}, + "f:enableServiceLinks": {}, + "f:restartPolicy": {}, + "f:schedulerName": {}, + "f:securityContext": {}, + "f:serviceAccount": {}, + "f:serviceAccountName": {}, + "f:terminationGracePeriodSeconds": {} + } + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T04:27:55+00:00" + }, + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:status": { + "f:conditions": { + "k:{\"type\":\"ContainersReady\"}": { + ".": {}, + "f:lastProbeTime": {}, + "f:lastTransitionTime": {}, + "f:status": {}, + "f:type": {} + }, + "k:{\"type\":\"Initialized\"}": { + ".": {}, + "f:lastProbeTime": {}, + "f:lastTransitionTime": {}, + "f:status": {}, + "f:type": {} + }, + "k:{\"type\":\"Ready\"}": { + ".": {}, + "f:lastProbeTime": {}, + "f:lastTransitionTime": {}, + "f:status": {}, + "f:type": {} + } + }, + "f:containerStatuses": {}, + "f:hostIP": {}, + "f:phase": {}, + "f:podIP": {}, + "f:podIPs": { + ".": {}, + "k:{\"ip\":\"10.244.1.2\"}": { + ".": {}, + "f:ip": {} + } + }, + "f:startTime": {} + } + }, + "manager": "kubelet", + "operation": "Update", + "subresource": "status", + "time": "2024-02-27T04:27:57+00:00" + } + ], + "name": "acto-test-operator-zookeeper-operator-f56b66895-xgnpm", + "namespace": "acto-namespace", + "owner_references": [ + { + "api_version": "apps/v1", + "block_owner_deletion": true, + "controller": true, + "kind": "ReplicaSet", + "name": "acto-test-operator-zookeeper-operator-f56b66895", + "uid": "1b23e2bb-3559-4aa5-81e0-684e828d90ab" + } + ], + "resource_version": "652", + "self_link": null, + "uid": "b75052f7-2f5d-4c24-9c77-cb51321f43a4" + }, + "spec": { + "active_deadline_seconds": null, + "affinity": null, + "automount_service_account_token": null, + "containers": [ + { + "args": null, + "command": [ + "zookeeper-operator" + ], + "env": [ + { + "name": "WATCH_NAMESPACE", + "value": null, + "value_from": null + }, + { + "name": "POD_NAME", + "value": null, + "value_from": { + "config_map_key_ref": null, + "field_ref": { + "api_version": "v1", + "field_path": "metadata.name" + }, + "resource_field_ref": null, + "secret_key_ref": null + } + }, + { + "name": "OPERATOR_NAME", + "value": "acto-test-operator-zookeeper-operator", + "value_from": null + } + ], + "env_from": null, + "image": "pravega/zookeeper-operator:0.2.13", + "image_pull_policy": "IfNotPresent", + "lifecycle": null, + "liveness_probe": null, + "name": "acto-test-operator-zookeeper-operator", + "ports": [ + { + "container_port": 6000, + "host_ip": null, + "host_port": null, + "name": "metrics", + "protocol": "TCP" + } + ], + "readiness_probe": null, + "resources": { + "claims": null, + "limits": null, + "requests": null + }, + "security_context": null, + "startup_probe": null, + "stdin": null, + "stdin_once": null, + "termination_message_path": "/dev/termination-log", + "termination_message_policy": "File", + "tty": null, + "volume_devices": null, + "volume_mounts": [ + { + "mount_path": "/var/run/secrets/kubernetes.io/serviceaccount", + "mount_propagation": null, + "name": "kube-api-access-7lxg6", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + } + ], + "working_dir": null + } + ], + "dns_config": null, + "dns_policy": "ClusterFirst", + "enable_service_links": true, + "ephemeral_containers": null, + "host_aliases": null, + "host_ipc": null, + "host_network": null, + "host_pid": null, + "host_users": null, + "hostname": null, + "image_pull_secrets": null, + "init_containers": null, + "node_name": "acto-0-cluster-0-worker", + "node_selector": null, + "os": null, + "overhead": null, + "preemption_policy": "PreemptLowerPriority", + "priority": 0, + "priority_class_name": null, + "readiness_gates": null, + "resource_claims": null, + "restart_policy": "Always", + "runtime_class_name": null, + "scheduler_name": "default-scheduler", + "scheduling_gates": null, + "security_context": { + "fs_group": null, + "fs_group_change_policy": null, + "run_as_group": null, + "run_as_non_root": null, + "run_as_user": null, + "se_linux_options": null, + "seccomp_profile": null, + "supplemental_groups": null, + "sysctls": null, + "windows_options": null + }, + "service_account": "zookeeper-operator", + "service_account_name": "zookeeper-operator", + "set_hostname_as_fqdn": null, + "share_process_namespace": null, + "subdomain": null, + "termination_grace_period_seconds": 30, + "tolerations": [ + { + "effect": "NoExecute", + "key": "node.kubernetes.io/not-ready", + "operator": "Exists", + "toleration_seconds": 300, + "value": null + }, + { + "effect": "NoExecute", + "key": "node.kubernetes.io/unreachable", + "operator": "Exists", + "toleration_seconds": 300, + "value": null + } + ], + "topology_spread_constraints": null, + "volumes": [ + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "kube-api-access-7lxg6", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": { + "default_mode": 420, + "sources": [ + { + "config_map": null, + "downward_api": null, + "secret": null, + "service_account_token": { + "audience": null, + "expiration_seconds": 3607, + "path": "token" + } + }, + { + "config_map": { + "items": [ + { + "key": "ca.crt", + "mode": null, + "path": "ca.crt" + } + ], + "name": "kube-root-ca.crt", + "optional": null + }, + "downward_api": null, + "secret": null, + "service_account_token": null + }, + { + "config_map": null, + "downward_api": { + "items": [ + { + "field_ref": { + "api_version": "v1", + "field_path": "metadata.namespace" + }, + "mode": null, + "path": "namespace", + "resource_field_ref": null + } + ] + }, + "secret": null, + "service_account_token": null + } + ] + }, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + } + ] + }, + "status": { + "conditions": [ + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T04:27:55+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "Initialized" + }, + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T04:27:57+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "Ready" + }, + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T04:27:57+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "ContainersReady" + }, + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T04:27:55+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "PodScheduled" + } + ], + "container_statuses": [ + { + "container_id": "containerd://93da00e688354f4c1ae4d78bcb1c5f713d2335e11845ffb4fa52cfc5134ce058", + "image": "docker.io/pravega/zookeeper-operator:0.2.13", + "image_id": "docker.io/library/import-2024-02-27@sha256:136c9853896b8cec99ef856a29284fbc599a5d73df3a5279be744b776a322ab8", + "last_state": { + "running": null, + "terminated": null, + "waiting": null + }, + "name": "acto-test-operator-zookeeper-operator", + "ready": true, + "restart_count": 0, + "started": true, + "state": { + "running": { + "started_at": "2024-02-27T04:27:56+00:00" + }, + "terminated": null, + "waiting": null + } + } + ], + "ephemeral_container_statuses": null, + "host_ip": "172.18.0.5", + "init_container_statuses": null, + "message": null, + "nominated_node_name": null, + "phase": "Running", + "pod_ip": "10.244.1.2", + "pod_i_ps": [ + { + "ip": "10.244.1.2" + } + ], + "qos_class": "BestEffort", + "reason": null, + "start_time": "2024-02-27T04:27:55+00:00" + } + } + ] + }, + "daemonset_pods": {}, + "stateful_set": { + "test-cluster": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T04:28:26+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": 1, + "labels": { + "app": "test-cluster", + "owner-rv": "1197", + "release": "test-cluster" + }, + "managed_fields": [ + { + "api_version": "apps/v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:status": { + "f:availableReplicas": {}, + "f:currentReplicas": {}, + "f:readyReplicas": {}, + "f:replicas": {}, + "f:updatedReplicas": {} + } + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T04:29:43+00:00" + }, + { + "api_version": "apps/v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:labels": { + ".": {}, + "f:app": {}, + "f:owner-rv": {}, + "f:release": {} + }, + "f:ownerReferences": { + ".": {}, + "k:{\"uid\":\"5b55aa11-70e5-43b3-aee8-24fbe8180a7c\"}": {} + } + }, + "f:spec": { + "f:persistentVolumeClaimRetentionPolicy": { + ".": {}, + "f:whenDeleted": {}, + "f:whenScaled": {} + }, + "f:podManagementPolicy": {}, + "f:replicas": {}, + "f:revisionHistoryLimit": {}, + "f:selector": {}, + "f:serviceName": {}, + "f:template": { + "f:metadata": { + "f:generateName": {}, + "f:labels": { + ".": {}, + "f:app": {}, + "f:kind": {}, + "f:release": {} + } + }, + "f:spec": { + "f:affinity": { + ".": {}, + "f:podAntiAffinity": { + ".": {}, + "f:preferredDuringSchedulingIgnoredDuringExecution": {} + } + }, + "f:containers": { + "k:{\"name\":\"zookeeper\"}": { + ".": {}, + "f:command": {}, + "f:env": { + ".": {}, + "k:{\"name\":\"ENVOY_SIDECAR_STATUS\"}": { + ".": {}, + "f:name": {}, + "f:valueFrom": { + ".": {}, + "f:fieldRef": {} + } + } + }, + "f:image": {}, + "f:imagePullPolicy": {}, + "f:lifecycle": { + ".": {}, + "f:preStop": { + ".": {}, + "f:exec": { + ".": {}, + "f:command": {} + } + } + }, + "f:livenessProbe": { + ".": {}, + "f:exec": { + ".": {}, + "f:command": {} + }, + "f:failureThreshold": {}, + "f:initialDelaySeconds": {}, + "f:periodSeconds": {}, + "f:successThreshold": {}, + "f:timeoutSeconds": {} + }, + "f:name": {}, + "f:ports": { + ".": {}, + "k:{\"containerPort\":2181,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + }, + "k:{\"containerPort\":2888,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + }, + "k:{\"containerPort\":3888,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + }, + "k:{\"containerPort\":7000,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + }, + "k:{\"containerPort\":8080,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + } + }, + "f:readinessProbe": { + ".": {}, + "f:exec": { + ".": {}, + "f:command": {} + }, + "f:failureThreshold": {}, + "f:initialDelaySeconds": {}, + "f:periodSeconds": {}, + "f:successThreshold": {}, + "f:timeoutSeconds": {} + }, + "f:resources": {}, + "f:terminationMessagePath": {}, + "f:terminationMessagePolicy": {}, + "f:volumeMounts": { + ".": {}, + "k:{\"mountPath\":\"/conf\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {} + }, + "k:{\"mountPath\":\"/data\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {} + } + } + } + }, + "f:dnsPolicy": {}, + "f:restartPolicy": {}, + "f:schedulerName": {}, + "f:securityContext": {}, + "f:serviceAccount": {}, + "f:serviceAccountName": {}, + "f:terminationGracePeriodSeconds": {}, + "f:volumes": { + ".": {}, + "k:{\"name\":\"conf\"}": { + ".": {}, + "f:configMap": { + ".": {}, + "f:defaultMode": {}, + "f:name": {} + }, + "f:name": {} + } + } + } + }, + "f:updateStrategy": { + "f:type": {} + }, + "f:volumeClaimTemplates": {} + } + }, + "manager": "zookeeper-operator", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T04:31:48+00:00" + } + ], + "name": "test-cluster", + "namespace": "acto-namespace", + "owner_references": [ + { + "api_version": "zookeeper.pravega.io/v1beta1", + "block_owner_deletion": true, + "controller": true, + "kind": "ZookeeperCluster", + "name": "test-cluster", + "uid": "5b55aa11-70e5-43b3-aee8-24fbe8180a7c" + } + ], + "resource_version": "1198", + "self_link": null, + "uid": "364b3b40-def1-40ea-8bc1-1c52af79123c" + }, + "spec": { + "min_ready_seconds": null, + "ordinals": null, + "persistent_volume_claim_retention_policy": { + "when_deleted": "Retain", + "when_scaled": "Retain" + }, + "pod_management_policy": "OrderedReady", + "replicas": 3, + "revision_history_limit": 10, + "selector": { + "match_expressions": null, + "match_labels": { + "app": "test-cluster" + } + }, + "service_name": "test-cluster-headless", + "template": { + "metadata": { + "annotations": null, + "creation_timestamp": null, + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": "test-cluster", + "generation": null, + "labels": { + "app": "test-cluster", + "kind": "ZookeeperMember", + "release": "test-cluster" + }, + "managed_fields": null, + "name": null, + "namespace": null, + "owner_references": null, + "resource_version": null, + "self_link": null, + "uid": null + }, + "spec": { + "active_deadline_seconds": null, + "affinity": { + "node_affinity": null, + "pod_affinity": null, + "pod_anti_affinity": { + "preferred_during_scheduling_ignored_during_execution": [ + { + "pod_affinity_term": { + "label_selector": { + "match_expressions": [ + { + "key": "app", + "operator": "In", + "values": [ + "test-cluster" + ] + } + ], + "match_labels": null + }, + "namespace_selector": null, + "namespaces": null, + "topology_key": "kubernetes.io/hostname" + }, + "weight": 20 + } + ], + "required_during_scheduling_ignored_during_execution": null + } + }, + "automount_service_account_token": null, + "containers": [ + { + "args": null, + "command": [ + "/usr/local/bin/zookeeperStart.sh" + ], + "env": [ + { + "name": "ENVOY_SIDECAR_STATUS", + "value": null, + "value_from": { + "config_map_key_ref": null, + "field_ref": { + "api_version": "v1", + "field_path": "metadata.annotations['sidecar.istio.io/status']" + }, + "resource_field_ref": null, + "secret_key_ref": null + } + } + ], + "env_from": null, + "image": "pravega/zookeeper:0.2.14", + "image_pull_policy": "IfNotPresent", + "lifecycle": { + "post_start": null, + "pre_stop": { + "_exec": { + "command": [ + "zookeeperTeardown.sh" + ] + }, + "http_get": null, + "tcp_socket": null + } + }, + "liveness_probe": { + "_exec": { + "command": [ + "zookeeperLive.sh" + ] + }, + "failure_threshold": 3, + "grpc": null, + "http_get": null, + "initial_delay_seconds": 10, + "period_seconds": 10, + "success_threshold": 1, + "tcp_socket": null, + "termination_grace_period_seconds": null, + "timeout_seconds": 10 + }, + "name": "zookeeper", + "ports": [ + { + "container_port": 2181, + "host_ip": null, + "host_port": null, + "name": "client", + "protocol": "TCP" + }, + { + "container_port": 2888, + "host_ip": null, + "host_port": null, + "name": "quorum", + "protocol": "TCP" + }, + { + "container_port": 3888, + "host_ip": null, + "host_port": null, + "name": "leader-election", + "protocol": "TCP" + }, + { + "container_port": 7000, + "host_ip": null, + "host_port": null, + "name": "metrics", + "protocol": "TCP" + }, + { + "container_port": 8080, + "host_ip": null, + "host_port": null, + "name": "admin-server", + "protocol": "TCP" + } + ], + "readiness_probe": { + "_exec": { + "command": [ + "zookeeperReady.sh" + ] + }, + "failure_threshold": 3, + "grpc": null, + "http_get": null, + "initial_delay_seconds": 10, + "period_seconds": 10, + "success_threshold": 1, + "tcp_socket": null, + "termination_grace_period_seconds": null, + "timeout_seconds": 10 + }, + "resources": { + "claims": null, + "limits": null, + "requests": null + }, + "security_context": null, + "startup_probe": null, + "stdin": null, + "stdin_once": null, + "termination_message_path": "/dev/termination-log", + "termination_message_policy": "File", + "tty": null, + "volume_devices": null, + "volume_mounts": [ + { + "mount_path": "/data", + "mount_propagation": null, + "name": "data", + "read_only": null, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/conf", + "mount_propagation": null, + "name": "conf", + "read_only": null, + "sub_path": null, + "sub_path_expr": null + } + ], + "working_dir": null + } + ], + "dns_config": null, + "dns_policy": "ClusterFirst", + "enable_service_links": null, + "ephemeral_containers": null, + "host_aliases": null, + "host_ipc": null, + "host_network": null, + "host_pid": null, + "host_users": null, + "hostname": null, + "image_pull_secrets": null, + "init_containers": null, + "node_name": null, + "node_selector": null, + "os": null, + "overhead": null, + "preemption_policy": null, + "priority": null, + "priority_class_name": null, + "readiness_gates": null, + "resource_claims": null, + "restart_policy": "Always", + "runtime_class_name": null, + "scheduler_name": "default-scheduler", + "scheduling_gates": null, + "security_context": { + "fs_group": null, + "fs_group_change_policy": null, + "run_as_group": null, + "run_as_non_root": null, + "run_as_user": null, + "se_linux_options": null, + "seccomp_profile": null, + "supplemental_groups": null, + "sysctls": null, + "windows_options": null + }, + "service_account": "default", + "service_account_name": "default", + "set_hostname_as_fqdn": null, + "share_process_namespace": null, + "subdomain": null, + "termination_grace_period_seconds": 30, + "tolerations": null, + "topology_spread_constraints": null, + "volumes": [ + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": { + "default_mode": 420, + "items": null, + "name": "test-cluster-configmap", + "optional": null + }, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "conf", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + } + ] + } + }, + "update_strategy": { + "rolling_update": null, + "type": "RollingUpdate" + }, + "volume_claim_templates": [ + { + "api_version": "v1", + "kind": "PersistentVolumeClaim", + "metadata": { + "annotations": null, + "creation_timestamp": null, + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": { + "app": "test-cluster", + "release": "test-cluster", + "uid": "5b55aa11-70e5-43b3-aee8-24fbe8180a7c" + }, + "managed_fields": null, + "name": "data", + "namespace": null, + "owner_references": null, + "resource_version": null, + "self_link": null, + "uid": null + }, + "spec": { + "access_modes": [ + "ReadWriteOnce" + ], + "data_source": null, + "data_source_ref": null, + "resources": { + "claims": null, + "limits": null, + "requests": { + "storage": "20Gi" + } + }, + "selector": null, + "storage_class_name": "standard", + "volume_mode": "Filesystem", + "volume_name": null + }, + "status": { + "access_modes": null, + "allocated_resources": null, + "capacity": null, + "conditions": null, + "phase": "Pending", + "resize_status": null + } + } + ] + }, + "status": { + "available_replicas": 3, + "collision_count": 0, + "conditions": null, + "current_replicas": 3, + "current_revision": "test-cluster-66f4d88fc7", + "observed_generation": 1, + "ready_replicas": 3, + "replicas": 3, + "update_revision": "test-cluster-66f4d88fc7", + "updated_replicas": 3 + } + } + }, + "deployment": { + "acto-test-operator-zookeeper-operator": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": { + "deployment.kubernetes.io/revision": "1" + }, + "creation_timestamp": "2024-02-27T04:27:55+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": 1, + "labels": { + "acto/tag": "operator-deployment", + "app.kubernetes.io/managed-by": "Helm", + "app.kubernetes.io/name": "zookeeper-operator", + "app.kubernetes.io/version": "0.2.13", + "helm.sh/chart": "zookeeper-operator-0.2.13" + }, + "managed_fields": [ + { + "api_version": "apps/v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:labels": { + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {}, + "f:app.kubernetes.io/version": {}, + "f:helm.sh/chart": {} + } + }, + "f:spec": { + "f:replicas": {}, + "f:selector": {}, + "f:template": { + "f:metadata": { + "f:labels": { + "f:acto/tag": {}, + "f:component": {}, + "f:name": {} + } + }, + "f:spec": { + "f:containers": { + "k:{\"name\":\"acto-test-operator-zookeeper-operator\"}": { + ".": {}, + "f:command": {}, + "f:env": { + "k:{\"name\":\"OPERATOR_NAME\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"POD_NAME\"}": { + ".": {}, + "f:name": {}, + "f:valueFrom": { + "f:fieldRef": {} + } + }, + "k:{\"name\":\"WATCH_NAMESPACE\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + } + }, + "f:image": {}, + "f:imagePullPolicy": {}, + "f:name": {}, + "f:ports": { + "k:{\"containerPort\":6000,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {} + } + } + } + }, + "f:serviceAccountName": {} + } + } + } + }, + "manager": "kubectl", + "operation": "Apply", + "subresource": null, + "time": "2024-02-27T04:27:55+00:00" + }, + { + "api_version": "apps/v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + ".": {}, + "f:deployment.kubernetes.io/revision": {} + } + }, + "f:status": { + "f:availableReplicas": {}, + "f:conditions": { + ".": {}, + "k:{\"type\":\"Available\"}": { + ".": {}, + "f:lastTransitionTime": {}, + "f:lastUpdateTime": {}, + "f:message": {}, + "f:reason": {}, + "f:status": {}, + "f:type": {} + }, + "k:{\"type\":\"Progressing\"}": { + ".": {}, + "f:lastTransitionTime": {}, + "f:lastUpdateTime": {}, + "f:message": {}, + "f:reason": {}, + "f:status": {}, + "f:type": {} + } + }, + "f:observedGeneration": {}, + "f:readyReplicas": {}, + "f:replicas": {}, + "f:updatedReplicas": {} + } + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": "status", + "time": "2024-02-27T04:27:57+00:00" + }, + { + "api_version": "apps/v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:labels": { + "f:acto/tag": {} + } + } + }, + "manager": "OpenAPI-Generator", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T04:28:00+00:00" + } + ], + "name": "acto-test-operator-zookeeper-operator", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "658", + "self_link": null, + "uid": "e6a6837c-b4cd-4886-9b00-c0cf0cee78e7" + }, + "spec": { + "min_ready_seconds": null, + "paused": null, + "progress_deadline_seconds": 600, + "replicas": 1, + "revision_history_limit": 10, + "selector": { + "match_expressions": null, + "match_labels": { + "name": "acto-test-operator-zookeeper-operator" + } + }, + "strategy": { + "rolling_update": { + "max_surge": "25%", + "max_unavailable": "25%" + }, + "type": "RollingUpdate" + }, + "template": { + "metadata": { + "annotations": null, + "creation_timestamp": null, + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": { + "acto/tag": "operator-pod", + "component": "zookeeper-operator", + "name": "acto-test-operator-zookeeper-operator" + }, + "managed_fields": null, + "name": null, + "namespace": null, + "owner_references": null, + "resource_version": null, + "self_link": null, + "uid": null + }, + "spec": { + "active_deadline_seconds": null, + "affinity": null, + "automount_service_account_token": null, + "containers": [ + { + "args": null, + "command": [ + "zookeeper-operator" + ], + "env": [ + { + "name": "WATCH_NAMESPACE", + "value": null, + "value_from": null + }, + { + "name": "POD_NAME", + "value": null, + "value_from": { + "config_map_key_ref": null, + "field_ref": { + "api_version": "v1", + "field_path": "metadata.name" + }, + "resource_field_ref": null, + "secret_key_ref": null + } + }, + { + "name": "OPERATOR_NAME", + "value": "acto-test-operator-zookeeper-operator", + "value_from": null + } + ], + "env_from": null, + "image": "pravega/zookeeper-operator:0.2.13", + "image_pull_policy": "IfNotPresent", + "lifecycle": null, + "liveness_probe": null, + "name": "acto-test-operator-zookeeper-operator", + "ports": [ + { + "container_port": 6000, + "host_ip": null, + "host_port": null, + "name": "metrics", + "protocol": "TCP" + } + ], + "readiness_probe": null, + "resources": { + "claims": null, + "limits": null, + "requests": null + }, + "security_context": null, + "startup_probe": null, + "stdin": null, + "stdin_once": null, + "termination_message_path": "/dev/termination-log", + "termination_message_policy": "File", + "tty": null, + "volume_devices": null, + "volume_mounts": null, + "working_dir": null + } + ], + "dns_config": null, + "dns_policy": "ClusterFirst", + "enable_service_links": null, + "ephemeral_containers": null, + "host_aliases": null, + "host_ipc": null, + "host_network": null, + "host_pid": null, + "host_users": null, + "hostname": null, + "image_pull_secrets": null, + "init_containers": null, + "node_name": null, + "node_selector": null, + "os": null, + "overhead": null, + "preemption_policy": null, + "priority": null, + "priority_class_name": null, + "readiness_gates": null, + "resource_claims": null, + "restart_policy": "Always", + "runtime_class_name": null, + "scheduler_name": "default-scheduler", + "scheduling_gates": null, + "security_context": { + "fs_group": null, + "fs_group_change_policy": null, + "run_as_group": null, + "run_as_non_root": null, + "run_as_user": null, + "se_linux_options": null, + "seccomp_profile": null, + "supplemental_groups": null, + "sysctls": null, + "windows_options": null + }, + "service_account": "zookeeper-operator", + "service_account_name": "zookeeper-operator", + "set_hostname_as_fqdn": null, + "share_process_namespace": null, + "subdomain": null, + "termination_grace_period_seconds": 30, + "tolerations": null, + "topology_spread_constraints": null, + "volumes": null + } + } + }, + "status": { + "available_replicas": 1, + "collision_count": null, + "conditions": [ + { + "last_transition_time": "2024-02-27T04:27:57+00:00", + "last_update_time": "2024-02-27T04:27:57+00:00", + "message": "Deployment has minimum availability.", + "reason": "MinimumReplicasAvailable", + "status": "True", + "type": "Available" + }, + { + "last_transition_time": "2024-02-27T04:27:55+00:00", + "last_update_time": "2024-02-27T04:27:57+00:00", + "message": "ReplicaSet \"acto-test-operator-zookeeper-operator-f56b66895\" has successfully progressed.", + "reason": "NewReplicaSetAvailable", + "status": "True", + "type": "Progressing" + } + ], + "observed_generation": 1, + "ready_replicas": 1, + "replicas": 1, + "unavailable_replicas": null, + "updated_replicas": 1 + } + } + }, + "daemon_set": {}, + "config_map": { + "kube-root-ca.crt": { + "api_version": null, + "binary_data": null, + "data": { + "ca.crt": "-----BEGIN CERTIFICATE-----\nMIIDBTCCAe2gAwIBAgIIGAg7H0YfUXcwDQYJKoZIhvcNAQELBQAwFTETMBEGA1UE\nAxMKa3ViZXJuZXRlczAeFw0yNDAyMjcwNDIyMTRaFw0zNDAyMjQwNDI3MTRaMBUx\nEzARBgNVBAMTCmt1YmVybmV0ZXMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK\nAoIBAQCdxmB3VLnTJXedH5C0njbMX4+k8Rot/abG3gOhbDMzj9SeNVGinEhcyq0h\nzRAipZDHv7StwjVzcpV6RwMmlRI1jazLFQy3RpbuOTJAuksdHnD+zvvhES7rP4Hb\nJG/aNMkgBh9gvOYKzIWwx9LgWM4fZ/MwkzuzZK1ll0kGkEdKBaeVaR3T9X4irr4P\n4/PbLijX4pApZXv6wxbdTypde8qExHGq/usdmXFI1p7STtHYJ8BqygLE/vXKaOlA\nuWDMLY7t3unNa5mlvgy8Hw97Ykb0lScMYpa3WXlKVxkGa1Q3URLGT9alrX20XA9v\nysVIOQp4KES5B6SbKQN6UN0kagf1AgMBAAGjWTBXMA4GA1UdDwEB/wQEAwICpDAP\nBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBTMIiYFRO2umwj2b48LUqNc7SWRDzAV\nBgNVHREEDjAMggprdWJlcm5ldGVzMA0GCSqGSIb3DQEBCwUAA4IBAQANMuyKyPBr\n1/5RixyIHwr6EUeYHHsMXArGAEywb5VTciv774LXZVaxj4ebVwXnb/GcqsSnd+Vx\nt2evZyhOxr5+Q28RH7q2+vI20VeYE6SybC0YbIY/C/TZixo/V4h2VHMAJC1FMbYo\nsCXoKrXVHHuWtMueioKB7iXZ/59CfsQ2Fr8HjU2mQgIeb2r2KWXgvrwOegvo8tQM\nsdBPvYsUOgxu9PMqJ2vqZlk4Yg/xdceqt7wbBvkx0mvYWW1hLwUL2gXXSwRIzdEJ\nLj51vPFw9EpB1gWMlp2TxM24066UQzYJc9GA4orr3akrCBbzvrEYUhRNN2SuVfcL\ndf824dkhiOG5\n-----END CERTIFICATE-----\n" + }, + "immutable": null, + "kind": null, + "metadata": { + "annotations": { + "kubernetes.io/description": "Contains a CA bundle that can be used to verify the kube-apiserver when using internal endpoints such as the internal service IP or kubernetes.default.svc. No other usage is guaranteed across distributions of Kubernetes clusters." + }, + "creation_timestamp": "2024-02-27T04:27:55+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:data": { + ".": {}, + "f:ca.crt": {} + }, + "f:metadata": { + "f:annotations": { + ".": {}, + "f:kubernetes.io/description": {} + } + } + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T04:27:55+00:00" + } + ], + "name": "kube-root-ca.crt", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "618", + "self_link": null, + "uid": "a10cd95d-90be-4436-ab6f-1da2b2f148a0" + } + }, + "test-cluster-configmap": { + "api_version": null, + "binary_data": null, + "data": { + "env.sh": "#!/usr/bin/env bash\n\nDOMAIN=test-cluster-headless.acto-namespace.svc.cluster.local\nQUORUM_PORT=2888\nLEADER_PORT=3888\nCLIENT_HOST=test-cluster-client\nCLIENT_PORT=2181\nADMIN_SERVER_HOST=test-cluster-admin-server\nADMIN_SERVER_PORT=8080\nCLUSTER_NAME=test-cluster\nCLUSTER_SIZE=3\n", + "log4j-quiet.properties": "log4j.rootLogger=ERROR, CONSOLE\nlog4j.appender.CONSOLE=org.apache.log4j.ConsoleAppender\nlog4j.appender.CONSOLE.Threshold=ERROR\nlog4j.appender.CONSOLE.layout=org.apache.log4j.PatternLayout\nlog4j.appender.CONSOLE.layout.ConversionPattern=%d{ISO8601} [myid:%X{myid}] - %-5p [%t:%C{1}@%L] - %m%n\n", + "log4j.properties": "zookeeper.root.logger=CONSOLE\nzookeeper.console.threshold=INFO\nlog4j.rootLogger=${zookeeper.root.logger}\nlog4j.appender.CONSOLE=org.apache.log4j.ConsoleAppender\nlog4j.appender.CONSOLE.Threshold=${zookeeper.console.threshold}\nlog4j.appender.CONSOLE.layout=org.apache.log4j.PatternLayout\nlog4j.appender.CONSOLE.layout.ConversionPattern=%d{ISO8601} [myid:%X{myid}] - %-5p [%t:%C{1}@%L] - %m%n\n", + "zoo.cfg": "4lw.commands.whitelist=cons, envi, conf, crst, srvr, stat, mntr, ruok\ndataDir=/data\nstandaloneEnabled=false\nreconfigEnabled=true\nskipACL=yes\nmetricsProvider.className=org.apache.zookeeper.metrics.prometheus.PrometheusMetricsProvider\nmetricsProvider.httpPort=7000\nmetricsProvider.exportJvmInfo=true\ninitLimit=10\nsyncLimit=2\ntickTime=2000\nglobalOutstandingLimit=1000\npreAllocSize=65536\nsnapCount=10000\ncommitLogCount=500\nsnapSizeLimitInKb=4194304\nmaxCnxns=0\nmaxClientCnxns=60\nminSessionTimeout=4000\nmaxSessionTimeout=40000\nautopurge.snapRetainCount=3\nautopurge.purgeInterval=1\nquorumListenOnAllIPs=false\nadmin.serverPort=8080\ndynamicConfigFile=/data/zoo.cfg.dynamic\n" + }, + "immutable": null, + "kind": null, + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T04:28:26+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": { + "app": "test-cluster", + "release": "test-cluster" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:data": { + ".": {}, + "f:env.sh": {}, + "f:log4j-quiet.properties": {}, + "f:log4j.properties": {}, + "f:zoo.cfg": {} + }, + "f:metadata": { + "f:labels": { + ".": {}, + "f:app": {}, + "f:release": {} + }, + "f:ownerReferences": { + ".": {}, + "k:{\"uid\":\"5b55aa11-70e5-43b3-aee8-24fbe8180a7c\"}": {} + } + } + }, + "manager": "zookeeper-operator", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T04:28:26+00:00" + } + ], + "name": "test-cluster-configmap", + "namespace": "acto-namespace", + "owner_references": [ + { + "api_version": "zookeeper.pravega.io/v1beta1", + "block_owner_deletion": true, + "controller": true, + "kind": "ZookeeperCluster", + "name": "test-cluster", + "uid": "5b55aa11-70e5-43b3-aee8-24fbe8180a7c" + } + ], + "resource_version": "706", + "self_link": null, + "uid": "6a974065-fe15-4686-bc05-fb75ddda6c0b" + } + }, + "zookeeper-operator-lock": { + "api_version": null, + "binary_data": null, + "data": null, + "immutable": null, + "kind": null, + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T04:27:56+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:ownerReferences": { + ".": {}, + "k:{\"uid\":\"b75052f7-2f5d-4c24-9c77-cb51321f43a4\"}": {} + } + } + }, + "manager": "zookeeper-operator", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T04:27:56+00:00" + } + ], + "name": "zookeeper-operator-lock", + "namespace": "acto-namespace", + "owner_references": [ + { + "api_version": "v1", + "block_owner_deletion": null, + "controller": null, + "kind": "Pod", + "name": "acto-test-operator-zookeeper-operator-f56b66895-xgnpm", + "uid": "b75052f7-2f5d-4c24-9c77-cb51321f43a4" + } + ], + "resource_version": "648", + "self_link": null, + "uid": "86e2035c-4594-4db7-b908-d3ecc357bbc4" + } + } + }, + "service": { + "test-cluster-admin-server": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T04:28:26+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": { + "app": "test-cluster", + "headless": "false", + "owner-rv": "704", + "release": "test-cluster" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:labels": { + ".": {}, + "f:app": {}, + "f:headless": {}, + "f:owner-rv": {}, + "f:release": {} + }, + "f:ownerReferences": { + ".": {}, + "k:{\"uid\":\"5b55aa11-70e5-43b3-aee8-24fbe8180a7c\"}": {} + } + }, + "f:spec": { + "f:internalTrafficPolicy": {}, + "f:ports": { + ".": {}, + "k:{\"port\":8080,\"protocol\":\"TCP\"}": { + ".": {}, + "f:name": {}, + "f:port": {}, + "f:protocol": {}, + "f:targetPort": {} + } + }, + "f:selector": {}, + "f:sessionAffinity": {}, + "f:type": {} + } + }, + "manager": "zookeeper-operator", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T04:28:26+00:00" + } + ], + "name": "test-cluster-admin-server", + "namespace": "acto-namespace", + "owner_references": [ + { + "api_version": "zookeeper.pravega.io/v1beta1", + "block_owner_deletion": true, + "controller": true, + "kind": "ZookeeperCluster", + "name": "test-cluster", + "uid": "5b55aa11-70e5-43b3-aee8-24fbe8180a7c" + } + ], + "resource_version": "723", + "self_link": null, + "uid": "7cf99594-997f-4255-bdcb-e8da6a51a516" + }, + "spec": { + "allocate_load_balancer_node_ports": null, + "cluster_ip": "10.96.75.94", + "cluster_i_ps": [ + "10.96.75.94" + ], + "external_i_ps": null, + "external_name": null, + "external_traffic_policy": null, + "health_check_node_port": null, + "internal_traffic_policy": "Cluster", + "ip_families": [ + "IPv4" + ], + "ip_family_policy": "SingleStack", + "load_balancer_class": null, + "load_balancer_ip": null, + "load_balancer_source_ranges": null, + "ports": [ + { + "app_protocol": null, + "name": "tcp-admin-server", + "node_port": null, + "port": 8080, + "protocol": "TCP", + "target_port": 8080 + } + ], + "publish_not_ready_addresses": null, + "selector": { + "app": "test-cluster" + }, + "session_affinity": "None", + "session_affinity_config": null, + "type": "ClusterIP" + }, + "status": { + "conditions": null, + "load_balancer": { + "ingress": null + } + } + }, + "test-cluster-client": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T04:28:26+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": { + "app": "test-cluster", + "headless": "false", + "owner-rv": "704", + "release": "test-cluster" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:labels": { + ".": {}, + "f:app": {}, + "f:headless": {}, + "f:owner-rv": {}, + "f:release": {} + }, + "f:ownerReferences": { + ".": {}, + "k:{\"uid\":\"5b55aa11-70e5-43b3-aee8-24fbe8180a7c\"}": {} + } + }, + "f:spec": { + "f:internalTrafficPolicy": {}, + "f:ports": { + ".": {}, + "k:{\"port\":2181,\"protocol\":\"TCP\"}": { + ".": {}, + "f:name": {}, + "f:port": {}, + "f:protocol": {}, + "f:targetPort": {} + } + }, + "f:selector": {}, + "f:sessionAffinity": {}, + "f:type": {} + } + }, + "manager": "zookeeper-operator", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T04:28:26+00:00" + } + ], + "name": "test-cluster-client", + "namespace": "acto-namespace", + "owner_references": [ + { + "api_version": "zookeeper.pravega.io/v1beta1", + "block_owner_deletion": true, + "controller": true, + "kind": "ZookeeperCluster", + "name": "test-cluster", + "uid": "5b55aa11-70e5-43b3-aee8-24fbe8180a7c" + } + ], + "resource_version": "710", + "self_link": null, + "uid": "228b5e54-94bc-4a99-9e4b-67cc659c3584" + }, + "spec": { + "allocate_load_balancer_node_ports": null, + "cluster_ip": "10.96.250.171", + "cluster_i_ps": [ + "10.96.250.171" + ], + "external_i_ps": null, + "external_name": null, + "external_traffic_policy": null, + "health_check_node_port": null, + "internal_traffic_policy": "Cluster", + "ip_families": [ + "IPv4" + ], + "ip_family_policy": "SingleStack", + "load_balancer_class": null, + "load_balancer_ip": null, + "load_balancer_source_ranges": null, + "ports": [ + { + "app_protocol": null, + "name": "tcp-client", + "node_port": null, + "port": 2181, + "protocol": "TCP", + "target_port": 2181 + } + ], + "publish_not_ready_addresses": null, + "selector": { + "app": "test-cluster" + }, + "session_affinity": "None", + "session_affinity_config": null, + "type": "ClusterIP" + }, + "status": { + "conditions": null, + "load_balancer": { + "ingress": null + } + } + }, + "test-cluster-headless": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T04:28:26+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": { + "app": "test-cluster", + "headless": "true", + "owner-rv": "704", + "release": "test-cluster" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:labels": { + ".": {}, + "f:app": {}, + "f:headless": {}, + "f:owner-rv": {}, + "f:release": {} + }, + "f:ownerReferences": { + ".": {}, + "k:{\"uid\":\"5b55aa11-70e5-43b3-aee8-24fbe8180a7c\"}": {} + } + }, + "f:spec": { + "f:clusterIP": {}, + "f:internalTrafficPolicy": {}, + "f:ports": { + ".": {}, + "k:{\"port\":2181,\"protocol\":\"TCP\"}": { + ".": {}, + "f:name": {}, + "f:port": {}, + "f:protocol": {}, + "f:targetPort": {} + }, + "k:{\"port\":2888,\"protocol\":\"TCP\"}": { + ".": {}, + "f:name": {}, + "f:port": {}, + "f:protocol": {}, + "f:targetPort": {} + }, + "k:{\"port\":3888,\"protocol\":\"TCP\"}": { + ".": {}, + "f:name": {}, + "f:port": {}, + "f:protocol": {}, + "f:targetPort": {} + }, + "k:{\"port\":7000,\"protocol\":\"TCP\"}": { + ".": {}, + "f:name": {}, + "f:port": {}, + "f:protocol": {}, + "f:targetPort": {} + }, + "k:{\"port\":8080,\"protocol\":\"TCP\"}": { + ".": {}, + "f:name": {}, + "f:port": {}, + "f:protocol": {}, + "f:targetPort": {} + } + }, + "f:selector": {}, + "f:sessionAffinity": {}, + "f:type": {} + } + }, + "manager": "zookeeper-operator", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T04:28:26+00:00" + } + ], + "name": "test-cluster-headless", + "namespace": "acto-namespace", + "owner_references": [ + { + "api_version": "zookeeper.pravega.io/v1beta1", + "block_owner_deletion": true, + "controller": true, + "kind": "ZookeeperCluster", + "name": "test-cluster", + "uid": "5b55aa11-70e5-43b3-aee8-24fbe8180a7c" + } + ], + "resource_version": "714", + "self_link": null, + "uid": "c4fa9fd8-3766-4886-b96a-b93bfbc64aaa" + }, + "spec": { + "allocate_load_balancer_node_ports": null, + "cluster_ip": "None", + "cluster_i_ps": [ + "None" + ], + "external_i_ps": null, + "external_name": null, + "external_traffic_policy": null, + "health_check_node_port": null, + "internal_traffic_policy": "Cluster", + "ip_families": [ + "IPv4" + ], + "ip_family_policy": "SingleStack", + "load_balancer_class": null, + "load_balancer_ip": null, + "load_balancer_source_ranges": null, + "ports": [ + { + "app_protocol": null, + "name": "tcp-client", + "node_port": null, + "port": 2181, + "protocol": "TCP", + "target_port": 2181 + }, + { + "app_protocol": null, + "name": "tcp-quorum", + "node_port": null, + "port": 2888, + "protocol": "TCP", + "target_port": 2888 + }, + { + "app_protocol": null, + "name": "tcp-leader-election", + "node_port": null, + "port": 3888, + "protocol": "TCP", + "target_port": 3888 + }, + { + "app_protocol": null, + "name": "tcp-metrics", + "node_port": null, + "port": 7000, + "protocol": "TCP", + "target_port": 7000 + }, + { + "app_protocol": null, + "name": "tcp-admin-server", + "node_port": null, + "port": 8080, + "protocol": "TCP", + "target_port": 8080 + } + ], + "publish_not_ready_addresses": null, + "selector": { + "app": "test-cluster" + }, + "session_affinity": "None", + "session_affinity_config": null, + "type": "ClusterIP" + }, + "status": { + "conditions": null, + "load_balancer": { + "ingress": null + } + } + } + }, + "pvc": { + "data-test-cluster-0": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": { + "pv.kubernetes.io/bind-completed": "yes", + "pv.kubernetes.io/bound-by-controller": "yes", + "volume.beta.kubernetes.io/storage-provisioner": "rancher.io/local-path", + "volume.kubernetes.io/selected-node": "acto-0-cluster-0-worker3", + "volume.kubernetes.io/storage-provisioner": "rancher.io/local-path" + }, + "creation_timestamp": "2024-02-27T04:28:26+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": [ + "kubernetes.io/pvc-protection" + ], + "generate_name": null, + "generation": null, + "labels": { + "app": "test-cluster", + "release": "test-cluster", + "uid": "5b55aa11-70e5-43b3-aee8-24fbe8180a7c" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + ".": {}, + "f:volume.kubernetes.io/selected-node": {} + } + } + }, + "manager": "kube-scheduler", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T04:28:26+00:00" + }, + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + "f:pv.kubernetes.io/bind-completed": {}, + "f:pv.kubernetes.io/bound-by-controller": {}, + "f:volume.beta.kubernetes.io/storage-provisioner": {}, + "f:volume.kubernetes.io/storage-provisioner": {} + }, + "f:labels": { + ".": {}, + "f:app": {}, + "f:release": {}, + "f:uid": {} + } + }, + "f:spec": { + "f:accessModes": {}, + "f:resources": { + "f:requests": { + ".": {}, + "f:storage": {} + } + }, + "f:storageClassName": {}, + "f:volumeMode": {}, + "f:volumeName": {} + } + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T04:28:29+00:00" + }, + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:status": { + "f:accessModes": {}, + "f:capacity": { + ".": {}, + "f:storage": {} + }, + "f:phase": {} + } + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": "status", + "time": "2024-02-27T04:28:29+00:00" + } + ], + "name": "data-test-cluster-0", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "752", + "self_link": null, + "uid": "8211e23f-273c-4f5e-8d6b-a7791954a1ad" + }, + "spec": { + "access_modes": [ + "ReadWriteOnce" + ], + "data_source": null, + "data_source_ref": null, + "resources": { + "claims": null, + "limits": null, + "requests": { + "storage": "20Gi" + } + }, + "selector": null, + "storage_class_name": "standard", + "volume_mode": "Filesystem", + "volume_name": "pvc-8211e23f-273c-4f5e-8d6b-a7791954a1ad" + }, + "status": { + "access_modes": [ + "ReadWriteOnce" + ], + "allocated_resources": null, + "capacity": { + "storage": "20Gi" + }, + "conditions": null, + "phase": "Bound", + "resize_status": null + } + }, + "data-test-cluster-1": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": { + "pv.kubernetes.io/bind-completed": "yes", + "pv.kubernetes.io/bound-by-controller": "yes", + "volume.beta.kubernetes.io/storage-provisioner": "rancher.io/local-path", + "volume.kubernetes.io/selected-node": "acto-0-cluster-0-worker2", + "volume.kubernetes.io/storage-provisioner": "rancher.io/local-path" + }, + "creation_timestamp": "2024-02-27T04:28:40+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": [ + "kubernetes.io/pvc-protection" + ], + "generate_name": null, + "generation": null, + "labels": { + "app": "test-cluster", + "release": "test-cluster", + "uid": "5b55aa11-70e5-43b3-aee8-24fbe8180a7c" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + ".": {}, + "f:volume.kubernetes.io/selected-node": {} + } + } + }, + "manager": "kube-scheduler", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T04:28:40+00:00" + }, + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + "f:pv.kubernetes.io/bind-completed": {}, + "f:pv.kubernetes.io/bound-by-controller": {}, + "f:volume.beta.kubernetes.io/storage-provisioner": {}, + "f:volume.kubernetes.io/storage-provisioner": {} + }, + "f:labels": { + ".": {}, + "f:app": {}, + "f:release": {}, + "f:uid": {} + } + }, + "f:spec": { + "f:accessModes": {}, + "f:resources": { + "f:requests": { + ".": {}, + "f:storage": {} + } + }, + "f:storageClassName": {}, + "f:volumeMode": {}, + "f:volumeName": {} + } + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T04:28:43+00:00" + }, + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:status": { + "f:accessModes": {}, + "f:capacity": { + ".": {}, + "f:storage": {} + }, + "f:phase": {} + } + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": "status", + "time": "2024-02-27T04:28:43+00:00" + } + ], + "name": "data-test-cluster-1", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "819", + "self_link": null, + "uid": "b8c6a1b0-0e69-48a2-9fc8-f1a89199e606" + }, + "spec": { + "access_modes": [ + "ReadWriteOnce" + ], + "data_source": null, + "data_source_ref": null, + "resources": { + "claims": null, + "limits": null, + "requests": { + "storage": "20Gi" + } + }, + "selector": null, + "storage_class_name": "standard", + "volume_mode": "Filesystem", + "volume_name": "pvc-b8c6a1b0-0e69-48a2-9fc8-f1a89199e606" + }, + "status": { + "access_modes": [ + "ReadWriteOnce" + ], + "allocated_resources": null, + "capacity": { + "storage": "20Gi" + }, + "conditions": null, + "phase": "Bound", + "resize_status": null + } + }, + "data-test-cluster-2": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": { + "pv.kubernetes.io/bind-completed": "yes", + "pv.kubernetes.io/bound-by-controller": "yes", + "volume.beta.kubernetes.io/storage-provisioner": "rancher.io/local-path", + "volume.kubernetes.io/selected-node": "acto-0-cluster-0-worker", + "volume.kubernetes.io/storage-provisioner": "rancher.io/local-path" + }, + "creation_timestamp": "2024-02-27T04:29:27+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": [ + "kubernetes.io/pvc-protection" + ], + "generate_name": null, + "generation": null, + "labels": { + "app": "test-cluster", + "release": "test-cluster", + "uid": "5b55aa11-70e5-43b3-aee8-24fbe8180a7c" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + ".": {}, + "f:volume.kubernetes.io/selected-node": {} + } + } + }, + "manager": "kube-scheduler", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T04:29:27+00:00" + }, + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + "f:pv.kubernetes.io/bind-completed": {}, + "f:pv.kubernetes.io/bound-by-controller": {}, + "f:volume.beta.kubernetes.io/storage-provisioner": {}, + "f:volume.kubernetes.io/storage-provisioner": {} + }, + "f:labels": { + ".": {}, + "f:app": {}, + "f:release": {}, + "f:uid": {} + } + }, + "f:spec": { + "f:accessModes": {}, + "f:resources": { + "f:requests": { + ".": {}, + "f:storage": {} + } + }, + "f:storageClassName": {}, + "f:volumeMode": {}, + "f:volumeName": {} + } + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T04:29:30+00:00" + }, + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:status": { + "f:accessModes": {}, + "f:capacity": { + ".": {}, + "f:storage": {} + }, + "f:phase": {} + } + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": "status", + "time": "2024-02-27T04:29:30+00:00" + } + ], + "name": "data-test-cluster-2", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "952", + "self_link": null, + "uid": "47ad8dc1-68a9-4120-bda1-27f533dcb698" + }, + "spec": { + "access_modes": [ + "ReadWriteOnce" + ], + "data_source": null, + "data_source_ref": null, + "resources": { + "claims": null, + "limits": null, + "requests": { + "storage": "20Gi" + } + }, + "selector": null, + "storage_class_name": "standard", + "volume_mode": "Filesystem", + "volume_name": "pvc-47ad8dc1-68a9-4120-bda1-27f533dcb698" + }, + "status": { + "access_modes": [ + "ReadWriteOnce" + ], + "allocated_resources": null, + "capacity": { + "storage": "20Gi" + }, + "conditions": null, + "phase": "Bound", + "resize_status": null + } + } + }, + "cronjob": {}, + "ingress": {}, + "network_policy": {}, + "pod_disruption_budget": {}, + "secret": {}, + "endpoints": { + "test-cluster-admin-server": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": { + "endpoints.kubernetes.io/last-change-trigger-time": "2024-02-27T04:29:43Z" + }, + "creation_timestamp": "2024-02-27T04:28:26+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": { + "app": "test-cluster", + "headless": "false", + "owner-rv": "704", + "release": "test-cluster" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + ".": {}, + "f:endpoints.kubernetes.io/last-change-trigger-time": {} + }, + "f:labels": { + ".": {}, + "f:app": {}, + "f:headless": {}, + "f:owner-rv": {}, + "f:release": {} + } + }, + "f:subsets": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T04:29:43+00:00" + } + ], + "name": "test-cluster-admin-server", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "991", + "self_link": null, + "uid": "ecf9a993-d8e9-4db0-9e77-a815721e5e8e" + }, + "subsets": [ + { + "addresses": [ + { + "hostname": null, + "ip": "10.244.1.4", + "node_name": "acto-0-cluster-0-worker", + "target_ref": { + "api_version": null, + "field_path": null, + "kind": "Pod", + "name": "test-cluster-2", + "namespace": "acto-namespace", + "resource_version": null, + "uid": "ba425a9d-cf57-4e27-8ef2-a64a42681f9e" + } + }, + { + "hostname": null, + "ip": "10.244.2.3", + "node_name": "acto-0-cluster-0-worker2", + "target_ref": { + "api_version": null, + "field_path": null, + "kind": "Pod", + "name": "test-cluster-1", + "namespace": "acto-namespace", + "resource_version": null, + "uid": "29624fa3-b1bd-4a49-b9ce-4a745541e131" + } + }, + { + "hostname": null, + "ip": "10.244.3.3", + "node_name": "acto-0-cluster-0-worker3", + "target_ref": { + "api_version": null, + "field_path": null, + "kind": "Pod", + "name": "test-cluster-0", + "namespace": "acto-namespace", + "resource_version": null, + "uid": "18231edd-dc42-4fd5-8319-07d839343e12" + } + } + ], + "not_ready_addresses": null, + "ports": [ + { + "app_protocol": null, + "name": "tcp-admin-server", + "port": 8080, + "protocol": "TCP" + } + ] + } + ] + }, + "test-cluster-client": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": { + "endpoints.kubernetes.io/last-change-trigger-time": "2024-02-27T04:29:43Z" + }, + "creation_timestamp": "2024-02-27T04:28:26+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": { + "app": "test-cluster", + "headless": "false", + "owner-rv": "704", + "release": "test-cluster" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + ".": {}, + "f:endpoints.kubernetes.io/last-change-trigger-time": {} + }, + "f:labels": { + ".": {}, + "f:app": {}, + "f:headless": {}, + "f:owner-rv": {}, + "f:release": {} + } + }, + "f:subsets": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T04:29:43+00:00" + } + ], + "name": "test-cluster-client", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "988", + "self_link": null, + "uid": "c30cd621-85fb-4608-9558-5018f0d0cc09" + }, + "subsets": [ + { + "addresses": [ + { + "hostname": null, + "ip": "10.244.1.4", + "node_name": "acto-0-cluster-0-worker", + "target_ref": { + "api_version": null, + "field_path": null, + "kind": "Pod", + "name": "test-cluster-2", + "namespace": "acto-namespace", + "resource_version": null, + "uid": "ba425a9d-cf57-4e27-8ef2-a64a42681f9e" + } + }, + { + "hostname": null, + "ip": "10.244.2.3", + "node_name": "acto-0-cluster-0-worker2", + "target_ref": { + "api_version": null, + "field_path": null, + "kind": "Pod", + "name": "test-cluster-1", + "namespace": "acto-namespace", + "resource_version": null, + "uid": "29624fa3-b1bd-4a49-b9ce-4a745541e131" + } + }, + { + "hostname": null, + "ip": "10.244.3.3", + "node_name": "acto-0-cluster-0-worker3", + "target_ref": { + "api_version": null, + "field_path": null, + "kind": "Pod", + "name": "test-cluster-0", + "namespace": "acto-namespace", + "resource_version": null, + "uid": "18231edd-dc42-4fd5-8319-07d839343e12" + } + } + ], + "not_ready_addresses": null, + "ports": [ + { + "app_protocol": null, + "name": "tcp-client", + "port": 2181, + "protocol": "TCP" + } + ] + } + ] + }, + "test-cluster-headless": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": { + "endpoints.kubernetes.io/last-change-trigger-time": "2024-02-27T04:29:43Z" + }, + "creation_timestamp": "2024-02-27T04:28:26+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": { + "app": "test-cluster", + "headless": "true", + "owner-rv": "704", + "release": "test-cluster", + "service.kubernetes.io/headless": "" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + ".": {}, + "f:endpoints.kubernetes.io/last-change-trigger-time": {} + }, + "f:labels": { + ".": {}, + "f:app": {}, + "f:headless": {}, + "f:owner-rv": {}, + "f:release": {}, + "f:service.kubernetes.io/headless": {} + } + }, + "f:subsets": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T04:29:43+00:00" + } + ], + "name": "test-cluster-headless", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "989", + "self_link": null, + "uid": "2a224cdf-2b56-4249-9850-afee23de615c" + }, + "subsets": [ + { + "addresses": [ + { + "hostname": "test-cluster-2", + "ip": "10.244.1.4", + "node_name": "acto-0-cluster-0-worker", + "target_ref": { + "api_version": null, + "field_path": null, + "kind": "Pod", + "name": "test-cluster-2", + "namespace": "acto-namespace", + "resource_version": null, + "uid": "ba425a9d-cf57-4e27-8ef2-a64a42681f9e" + } + }, + { + "hostname": "test-cluster-1", + "ip": "10.244.2.3", + "node_name": "acto-0-cluster-0-worker2", + "target_ref": { + "api_version": null, + "field_path": null, + "kind": "Pod", + "name": "test-cluster-1", + "namespace": "acto-namespace", + "resource_version": null, + "uid": "29624fa3-b1bd-4a49-b9ce-4a745541e131" + } + }, + { + "hostname": "test-cluster-0", + "ip": "10.244.3.3", + "node_name": "acto-0-cluster-0-worker3", + "target_ref": { + "api_version": null, + "field_path": null, + "kind": "Pod", + "name": "test-cluster-0", + "namespace": "acto-namespace", + "resource_version": null, + "uid": "18231edd-dc42-4fd5-8319-07d839343e12" + } + } + ], + "not_ready_addresses": null, + "ports": [ + { + "app_protocol": null, + "name": "tcp-quorum", + "port": 2888, + "protocol": "TCP" + }, + { + "app_protocol": null, + "name": "tcp-metrics", + "port": 7000, + "protocol": "TCP" + }, + { + "app_protocol": null, + "name": "tcp-client", + "port": 2181, + "protocol": "TCP" + }, + { + "app_protocol": null, + "name": "tcp-admin-server", + "port": 8080, + "protocol": "TCP" + }, + { + "app_protocol": null, + "name": "tcp-leader-election", + "port": 3888, + "protocol": "TCP" + } + ] + } + ] + } + }, + "service_account": { + "default": { + "api_version": null, + "automount_service_account_token": null, + "image_pull_secrets": null, + "kind": null, + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T04:27:55+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": null, + "name": "default", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "619", + "self_link": null, + "uid": "3d5925cb-2a0c-4e81-8024-82fa86c15eb1" + }, + "secrets": null + }, + "zookeeper-operator": { + "api_version": null, + "automount_service_account_token": null, + "image_pull_secrets": null, + "kind": null, + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T04:27:55+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": { + "app.kubernetes.io/managed-by": "Helm", + "app.kubernetes.io/name": "zookeeper-operator", + "app.kubernetes.io/version": "0.2.13", + "helm.sh/chart": "zookeeper-operator-0.2.13" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:labels": { + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {}, + "f:app.kubernetes.io/version": {}, + "f:helm.sh/chart": {} + } + } + }, + "manager": "kubectl", + "operation": "Apply", + "subresource": null, + "time": "2024-02-27T04:27:55+00:00" + } + ], + "name": "zookeeper-operator", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "621", + "self_link": null, + "uid": "9dd1aed1-1a4c-4a4c-ad8b-5d9d6a785426" + }, + "secrets": null + } + }, + "job": {}, + "role": { + "acto-test-operator-zookeeper-operator": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T04:27:55+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": { + "app.kubernetes.io/managed-by": "Helm", + "app.kubernetes.io/name": "zookeeper-operator", + "app.kubernetes.io/version": "0.2.13", + "helm.sh/chart": "zookeeper-operator-0.2.13" + }, + "managed_fields": [ + { + "api_version": "rbac.authorization.k8s.io/v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:labels": { + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {}, + "f:app.kubernetes.io/version": {}, + "f:helm.sh/chart": {} + } + }, + "f:rules": {} + }, + "manager": "kubectl", + "operation": "Apply", + "subresource": null, + "time": "2024-02-27T04:27:55+00:00" + } + ], + "name": "acto-test-operator-zookeeper-operator", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "627", + "self_link": null, + "uid": "e948c235-d387-480d-8a3e-b4a7e83c3ef2" + }, + "rules": [ + { + "api_groups": [ + "zookeeper.pravega.io" + ], + "non_resource_ur_ls": null, + "resource_names": null, + "resources": [ + "*" + ], + "verbs": [ + "*" + ] + }, + { + "api_groups": [ + "" + ], + "non_resource_ur_ls": null, + "resource_names": null, + "resources": [ + "pods", + "services", + "endpoints", + "persistentvolumeclaims", + "events", + "configmaps", + "secrets" + ], + "verbs": [ + "*" + ] + }, + { + "api_groups": [ + "apps" + ], + "non_resource_ur_ls": null, + "resource_names": null, + "resources": [ + "deployments", + "daemonsets", + "replicasets", + "statefulsets" + ], + "verbs": [ + "*" + ] + }, + { + "api_groups": [ + "policy" + ], + "non_resource_ur_ls": null, + "resource_names": null, + "resources": [ + "poddisruptionbudgets" + ], + "verbs": [ + "*" + ] + } + ] + } + }, + "role_binding": { + "acto-test-operator-zookeeper-operator": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T04:27:55+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": { + "app.kubernetes.io/managed-by": "Helm", + "app.kubernetes.io/name": "zookeeper-operator", + "app.kubernetes.io/version": "0.2.13", + "helm.sh/chart": "zookeeper-operator-0.2.13" + }, + "managed_fields": [ + { + "api_version": "rbac.authorization.k8s.io/v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:labels": { + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {}, + "f:app.kubernetes.io/version": {}, + "f:helm.sh/chart": {} + } + }, + "f:roleRef": {}, + "f:subjects": {} + }, + "manager": "kubectl", + "operation": "Apply", + "subresource": null, + "time": "2024-02-27T04:27:55+00:00" + } + ], + "name": "acto-test-operator-zookeeper-operator", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "628", + "self_link": null, + "uid": "4b66e029-90e6-4475-86ff-e7232bff53b2" + }, + "role_ref": { + "api_group": "rbac.authorization.k8s.io", + "kind": "Role", + "name": "acto-test-operator-zookeeper-operator" + }, + "subjects": [ + { + "api_group": null, + "kind": "ServiceAccount", + "name": "zookeeper-operator", + "namespace": null + } + ] + } + }, + "custom_resource_spec": { + "adminServerService": {}, + "clientService": {}, + "config": { + "autoPurgePurgeInterval": 1, + "autoPurgeSnapRetainCount": 3, + "commitLogCount": 500, + "globalOutstandingLimit": 1000, + "initLimit": 10, + "maxClientCnxns": 60, + "maxSessionTimeout": 40000, + "minSessionTimeout": 4000, + "preAllocSize": 65536, + "snapCount": 10000, + "snapSizeLimitInKb": 4194304, + "syncLimit": 2, + "tickTime": 2000 + }, + "ephemeral": { + "emptydirvolumesource": { + "sizeLimit": "1Gi" + } + }, + "headlessService": {}, + "image": { + "pullPolicy": "IfNotPresent", + "repository": "pravega/zookeeper", + "tag": "0.2.14" + }, + "labels": { + "app": "test-cluster", + "release": "test-cluster" + }, + "persistence": { + "reclaimPolicy": "Delete", + "spec": { + "accessModes": [ + "ReadWriteOnce" + ], + "resources": { + "requests": { + "storage": "20Gi" + } + }, + "storageClassName": "standard" + } + }, + "pod": { + "affinity": { + "podAntiAffinity": { + "preferredDuringSchedulingIgnoredDuringExecution": [ + { + "podAffinityTerm": { + "labelSelector": { + "matchExpressions": [ + { + "key": "app", + "operator": "In", + "values": [ + "test-cluster" + ] + } + ] + }, + "topologyKey": "kubernetes.io/hostname" + }, + "weight": 20 + } + ] + } + }, + "labels": { + "app": "test-cluster", + "release": "test-cluster" + }, + "resources": {}, + "serviceAccountName": "default", + "terminationGracePeriodSeconds": 30 + }, + "ports": [ + { + "containerPort": 2181, + "name": "client" + }, + { + "containerPort": 2888, + "name": "quorum" + }, + { + "containerPort": 3888, + "name": "leader-election" + }, + { + "containerPort": 7000, + "name": "metrics" + }, + { + "containerPort": 8080, + "name": "admin-server" + } + ], + "probes": { + "livenessProbe": { + "failureThreshold": 3, + "initialDelaySeconds": 10, + "periodSeconds": 10, + "successThreshold": 0, + "timeoutSeconds": 10 + }, + "readinessProbe": { + "failureThreshold": 3, + "initialDelaySeconds": 10, + "periodSeconds": 10, + "successThreshold": 1, + "timeoutSeconds": 10 + } + }, + "replicas": 3, + "storageType": "persistence" + }, + "custom_resource_status": null +} diff --git a/docs/alarm_examples/false_alarm/system-state-000.json b/docs/alarm_examples/false_alarm/system-state-000.json new file mode 100644 index 0000000000..4785b74ab6 --- /dev/null +++ b/docs/alarm_examples/false_alarm/system-state-000.json @@ -0,0 +1,5298 @@ +{ + "pod": { + "test-cluster-0": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T04:28:26+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": "test-cluster-", + "generation": null, + "labels": { + "app": "test-cluster", + "apps.kubernetes.io/pod-index": "0", + "controller-revision-hash": "test-cluster-66f4d88fc7", + "kind": "ZookeeperMember", + "release": "test-cluster", + "statefulset.kubernetes.io/pod-name": "test-cluster-0" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:generateName": {}, + "f:labels": { + ".": {}, + "f:app": {}, + "f:apps.kubernetes.io/pod-index": {}, + "f:controller-revision-hash": {}, + "f:kind": {}, + "f:release": {}, + "f:statefulset.kubernetes.io/pod-name": {} + }, + "f:ownerReferences": { + ".": {}, + "k:{\"uid\":\"364b3b40-def1-40ea-8bc1-1c52af79123c\"}": {} + } + }, + "f:spec": { + "f:affinity": { + ".": {}, + "f:podAntiAffinity": { + ".": {}, + "f:preferredDuringSchedulingIgnoredDuringExecution": {} + } + }, + "f:containers": { + "k:{\"name\":\"zookeeper\"}": { + ".": {}, + "f:command": {}, + "f:env": { + ".": {}, + "k:{\"name\":\"ENVOY_SIDECAR_STATUS\"}": { + ".": {}, + "f:name": {}, + "f:valueFrom": { + ".": {}, + "f:fieldRef": {} + } + } + }, + "f:image": {}, + "f:imagePullPolicy": {}, + "f:lifecycle": { + ".": {}, + "f:preStop": { + ".": {}, + "f:exec": { + ".": {}, + "f:command": {} + } + } + }, + "f:livenessProbe": { + ".": {}, + "f:exec": { + ".": {}, + "f:command": {} + }, + "f:failureThreshold": {}, + "f:initialDelaySeconds": {}, + "f:periodSeconds": {}, + "f:successThreshold": {}, + "f:timeoutSeconds": {} + }, + "f:name": {}, + "f:ports": { + ".": {}, + "k:{\"containerPort\":2181,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + }, + "k:{\"containerPort\":2888,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + }, + "k:{\"containerPort\":3888,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + }, + "k:{\"containerPort\":7000,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + }, + "k:{\"containerPort\":8080,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + } + }, + "f:readinessProbe": { + ".": {}, + "f:exec": { + ".": {}, + "f:command": {} + }, + "f:failureThreshold": {}, + "f:initialDelaySeconds": {}, + "f:periodSeconds": {}, + "f:successThreshold": {}, + "f:timeoutSeconds": {} + }, + "f:resources": {}, + "f:terminationMessagePath": {}, + "f:terminationMessagePolicy": {}, + "f:volumeMounts": { + ".": {}, + "k:{\"mountPath\":\"/conf\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {} + }, + "k:{\"mountPath\":\"/data\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {} + } + } + } + }, + "f:dnsPolicy": {}, + "f:enableServiceLinks": {}, + "f:hostname": {}, + "f:restartPolicy": {}, + "f:schedulerName": {}, + "f:securityContext": {}, + "f:serviceAccount": {}, + "f:serviceAccountName": {}, + "f:subdomain": {}, + "f:terminationGracePeriodSeconds": {}, + "f:volumes": { + ".": {}, + "k:{\"name\":\"conf\"}": { + ".": {}, + "f:configMap": { + ".": {}, + "f:defaultMode": {}, + "f:name": {} + }, + "f:name": {} + }, + "k:{\"name\":\"data\"}": { + ".": {}, + "f:name": {}, + "f:persistentVolumeClaim": { + ".": {}, + "f:claimName": {} + } + } + } + } + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T04:28:26+00:00" + }, + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:status": { + "f:conditions": { + "k:{\"type\":\"ContainersReady\"}": { + ".": {}, + "f:lastProbeTime": {}, + "f:lastTransitionTime": {}, + "f:status": {}, + "f:type": {} + }, + "k:{\"type\":\"Initialized\"}": { + ".": {}, + "f:lastProbeTime": {}, + "f:lastTransitionTime": {}, + "f:status": {}, + "f:type": {} + }, + "k:{\"type\":\"Ready\"}": { + ".": {}, + "f:lastProbeTime": {}, + "f:lastTransitionTime": {}, + "f:status": {}, + "f:type": {} + } + }, + "f:containerStatuses": {}, + "f:hostIP": {}, + "f:phase": {}, + "f:podIP": {}, + "f:podIPs": { + ".": {}, + "k:{\"ip\":\"10.244.3.3\"}": { + ".": {}, + "f:ip": {} + } + }, + "f:startTime": {} + } + }, + "manager": "kubelet", + "operation": "Update", + "subresource": "status", + "time": "2024-02-27T04:28:40+00:00" + } + ], + "name": "test-cluster-0", + "namespace": "acto-namespace", + "owner_references": [ + { + "api_version": "apps/v1", + "block_owner_deletion": true, + "controller": true, + "kind": "StatefulSet", + "name": "test-cluster", + "uid": "364b3b40-def1-40ea-8bc1-1c52af79123c" + } + ], + "resource_version": "783", + "self_link": null, + "uid": "18231edd-dc42-4fd5-8319-07d839343e12" + }, + "spec": { + "active_deadline_seconds": null, + "affinity": { + "node_affinity": null, + "pod_affinity": null, + "pod_anti_affinity": { + "preferred_during_scheduling_ignored_during_execution": [ + { + "pod_affinity_term": { + "label_selector": { + "match_expressions": [ + { + "key": "app", + "operator": "In", + "values": [ + "test-cluster" + ] + } + ], + "match_labels": null + }, + "namespace_selector": null, + "namespaces": null, + "topology_key": "kubernetes.io/hostname" + }, + "weight": 20 + } + ], + "required_during_scheduling_ignored_during_execution": null + } + }, + "automount_service_account_token": null, + "containers": [ + { + "args": null, + "command": [ + "/usr/local/bin/zookeeperStart.sh" + ], + "env": [ + { + "name": "ENVOY_SIDECAR_STATUS", + "value": null, + "value_from": { + "config_map_key_ref": null, + "field_ref": { + "api_version": "v1", + "field_path": "metadata.annotations['sidecar.istio.io/status']" + }, + "resource_field_ref": null, + "secret_key_ref": null + } + } + ], + "env_from": null, + "image": "pravega/zookeeper:0.2.14", + "image_pull_policy": "IfNotPresent", + "lifecycle": { + "post_start": null, + "pre_stop": { + "_exec": { + "command": [ + "zookeeperTeardown.sh" + ] + }, + "http_get": null, + "tcp_socket": null + } + }, + "liveness_probe": { + "_exec": { + "command": [ + "zookeeperLive.sh" + ] + }, + "failure_threshold": 3, + "grpc": null, + "http_get": null, + "initial_delay_seconds": 10, + "period_seconds": 10, + "success_threshold": 1, + "tcp_socket": null, + "termination_grace_period_seconds": null, + "timeout_seconds": 10 + }, + "name": "zookeeper", + "ports": [ + { + "container_port": 2181, + "host_ip": null, + "host_port": null, + "name": "client", + "protocol": "TCP" + }, + { + "container_port": 2888, + "host_ip": null, + "host_port": null, + "name": "quorum", + "protocol": "TCP" + }, + { + "container_port": 3888, + "host_ip": null, + "host_port": null, + "name": "leader-election", + "protocol": "TCP" + }, + { + "container_port": 7000, + "host_ip": null, + "host_port": null, + "name": "metrics", + "protocol": "TCP" + }, + { + "container_port": 8080, + "host_ip": null, + "host_port": null, + "name": "admin-server", + "protocol": "TCP" + } + ], + "readiness_probe": { + "_exec": { + "command": [ + "zookeeperReady.sh" + ] + }, + "failure_threshold": 3, + "grpc": null, + "http_get": null, + "initial_delay_seconds": 10, + "period_seconds": 10, + "success_threshold": 1, + "tcp_socket": null, + "termination_grace_period_seconds": null, + "timeout_seconds": 10 + }, + "resources": { + "claims": null, + "limits": null, + "requests": null + }, + "security_context": null, + "startup_probe": null, + "stdin": null, + "stdin_once": null, + "termination_message_path": "/dev/termination-log", + "termination_message_policy": "File", + "tty": null, + "volume_devices": null, + "volume_mounts": [ + { + "mount_path": "/data", + "mount_propagation": null, + "name": "data", + "read_only": null, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/conf", + "mount_propagation": null, + "name": "conf", + "read_only": null, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/var/run/secrets/kubernetes.io/serviceaccount", + "mount_propagation": null, + "name": "kube-api-access-g8nxm", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + } + ], + "working_dir": null + } + ], + "dns_config": null, + "dns_policy": "ClusterFirst", + "enable_service_links": true, + "ephemeral_containers": null, + "host_aliases": null, + "host_ipc": null, + "host_network": null, + "host_pid": null, + "host_users": null, + "hostname": "test-cluster-0", + "image_pull_secrets": null, + "init_containers": null, + "node_name": "acto-0-cluster-0-worker3", + "node_selector": null, + "os": null, + "overhead": null, + "preemption_policy": "PreemptLowerPriority", + "priority": 0, + "priority_class_name": null, + "readiness_gates": null, + "resource_claims": null, + "restart_policy": "Always", + "runtime_class_name": null, + "scheduler_name": "default-scheduler", + "scheduling_gates": null, + "security_context": { + "fs_group": null, + "fs_group_change_policy": null, + "run_as_group": null, + "run_as_non_root": null, + "run_as_user": null, + "se_linux_options": null, + "seccomp_profile": null, + "supplemental_groups": null, + "sysctls": null, + "windows_options": null + }, + "service_account": "default", + "service_account_name": "default", + "set_hostname_as_fqdn": null, + "share_process_namespace": null, + "subdomain": "test-cluster-headless", + "termination_grace_period_seconds": 30, + "tolerations": [ + { + "effect": "NoExecute", + "key": "node.kubernetes.io/not-ready", + "operator": "Exists", + "toleration_seconds": 300, + "value": null + }, + { + "effect": "NoExecute", + "key": "node.kubernetes.io/unreachable", + "operator": "Exists", + "toleration_seconds": 300, + "value": null + } + ], + "topology_spread_constraints": null, + "volumes": [ + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "data", + "nfs": null, + "persistent_volume_claim": { + "claim_name": "data-test-cluster-0", + "read_only": null + }, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": { + "default_mode": 420, + "items": null, + "name": "test-cluster-configmap", + "optional": null + }, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "conf", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "kube-api-access-g8nxm", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": { + "default_mode": 420, + "sources": [ + { + "config_map": null, + "downward_api": null, + "secret": null, + "service_account_token": { + "audience": null, + "expiration_seconds": 3607, + "path": "token" + } + }, + { + "config_map": { + "items": [ + { + "key": "ca.crt", + "mode": null, + "path": "ca.crt" + } + ], + "name": "kube-root-ca.crt", + "optional": null + }, + "downward_api": null, + "secret": null, + "service_account_token": null + }, + { + "config_map": null, + "downward_api": { + "items": [ + { + "field_ref": { + "api_version": "v1", + "field_path": "metadata.namespace" + }, + "mode": null, + "path": "namespace", + "resource_field_ref": null + } + ] + }, + "secret": null, + "service_account_token": null + } + ] + }, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + } + ] + }, + "status": { + "conditions": [ + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T04:28:30+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "Initialized" + }, + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T04:28:40+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "Ready" + }, + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T04:28:40+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "ContainersReady" + }, + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T04:28:30+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "PodScheduled" + } + ], + "container_statuses": [ + { + "container_id": "containerd://f6e8919acaa36a02cfb7e5f5e68ab4086c9b3c8bd71657f71cd1f1d9f0af0622", + "image": "docker.io/pravega/zookeeper:0.2.14", + "image_id": "docker.io/library/import-2024-02-27@sha256:7f2584253004a3a8f2cbd60d47f9333098ad7ac912757eb7591a60ea021b79bd", + "last_state": { + "running": null, + "terminated": null, + "waiting": null + }, + "name": "zookeeper", + "ready": true, + "restart_count": 0, + "started": true, + "state": { + "running": { + "started_at": "2024-02-27T04:28:30+00:00" + }, + "terminated": null, + "waiting": null + } + } + ], + "ephemeral_container_statuses": null, + "host_ip": "172.18.0.4", + "init_container_statuses": null, + "message": null, + "nominated_node_name": null, + "phase": "Running", + "pod_ip": "10.244.3.3", + "pod_i_ps": [ + { + "ip": "10.244.3.3" + } + ], + "qos_class": "BestEffort", + "reason": null, + "start_time": "2024-02-27T04:28:30+00:00" + } + }, + "test-cluster-1": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T04:28:40+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": "test-cluster-", + "generation": null, + "labels": { + "app": "test-cluster", + "apps.kubernetes.io/pod-index": "1", + "controller-revision-hash": "test-cluster-66f4d88fc7", + "kind": "ZookeeperMember", + "release": "test-cluster", + "statefulset.kubernetes.io/pod-name": "test-cluster-1" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:generateName": {}, + "f:labels": { + ".": {}, + "f:app": {}, + "f:apps.kubernetes.io/pod-index": {}, + "f:controller-revision-hash": {}, + "f:kind": {}, + "f:release": {}, + "f:statefulset.kubernetes.io/pod-name": {} + }, + "f:ownerReferences": { + ".": {}, + "k:{\"uid\":\"364b3b40-def1-40ea-8bc1-1c52af79123c\"}": {} + } + }, + "f:spec": { + "f:affinity": { + ".": {}, + "f:podAntiAffinity": { + ".": {}, + "f:preferredDuringSchedulingIgnoredDuringExecution": {} + } + }, + "f:containers": { + "k:{\"name\":\"zookeeper\"}": { + ".": {}, + "f:command": {}, + "f:env": { + ".": {}, + "k:{\"name\":\"ENVOY_SIDECAR_STATUS\"}": { + ".": {}, + "f:name": {}, + "f:valueFrom": { + ".": {}, + "f:fieldRef": {} + } + } + }, + "f:image": {}, + "f:imagePullPolicy": {}, + "f:lifecycle": { + ".": {}, + "f:preStop": { + ".": {}, + "f:exec": { + ".": {}, + "f:command": {} + } + } + }, + "f:livenessProbe": { + ".": {}, + "f:exec": { + ".": {}, + "f:command": {} + }, + "f:failureThreshold": {}, + "f:initialDelaySeconds": {}, + "f:periodSeconds": {}, + "f:successThreshold": {}, + "f:timeoutSeconds": {} + }, + "f:name": {}, + "f:ports": { + ".": {}, + "k:{\"containerPort\":2181,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + }, + "k:{\"containerPort\":2888,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + }, + "k:{\"containerPort\":3888,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + }, + "k:{\"containerPort\":7000,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + }, + "k:{\"containerPort\":8080,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + } + }, + "f:readinessProbe": { + ".": {}, + "f:exec": { + ".": {}, + "f:command": {} + }, + "f:failureThreshold": {}, + "f:initialDelaySeconds": {}, + "f:periodSeconds": {}, + "f:successThreshold": {}, + "f:timeoutSeconds": {} + }, + "f:resources": {}, + "f:terminationMessagePath": {}, + "f:terminationMessagePolicy": {}, + "f:volumeMounts": { + ".": {}, + "k:{\"mountPath\":\"/conf\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {} + }, + "k:{\"mountPath\":\"/data\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {} + } + } + } + }, + "f:dnsPolicy": {}, + "f:enableServiceLinks": {}, + "f:hostname": {}, + "f:restartPolicy": {}, + "f:schedulerName": {}, + "f:securityContext": {}, + "f:serviceAccount": {}, + "f:serviceAccountName": {}, + "f:subdomain": {}, + "f:terminationGracePeriodSeconds": {}, + "f:volumes": { + ".": {}, + "k:{\"name\":\"conf\"}": { + ".": {}, + "f:configMap": { + ".": {}, + "f:defaultMode": {}, + "f:name": {} + }, + "f:name": {} + }, + "k:{\"name\":\"data\"}": { + ".": {}, + "f:name": {}, + "f:persistentVolumeClaim": { + ".": {}, + "f:claimName": {} + } + } + } + } + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T04:28:40+00:00" + }, + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:status": { + "f:conditions": { + "k:{\"type\":\"ContainersReady\"}": { + ".": {}, + "f:lastProbeTime": {}, + "f:lastTransitionTime": {}, + "f:status": {}, + "f:type": {} + }, + "k:{\"type\":\"Initialized\"}": { + ".": {}, + "f:lastProbeTime": {}, + "f:lastTransitionTime": {}, + "f:status": {}, + "f:type": {} + }, + "k:{\"type\":\"Ready\"}": { + ".": {}, + "f:lastProbeTime": {}, + "f:lastTransitionTime": {}, + "f:status": {}, + "f:type": {} + } + }, + "f:containerStatuses": {}, + "f:hostIP": {}, + "f:phase": {}, + "f:podIP": {}, + "f:podIPs": { + ".": {}, + "k:{\"ip\":\"10.244.2.3\"}": { + ".": {}, + "f:ip": {} + } + }, + "f:startTime": {} + } + }, + "manager": "kubelet", + "operation": "Update", + "subresource": "status", + "time": "2024-02-27T04:29:27+00:00" + } + ], + "name": "test-cluster-1", + "namespace": "acto-namespace", + "owner_references": [ + { + "api_version": "apps/v1", + "block_owner_deletion": true, + "controller": true, + "kind": "StatefulSet", + "name": "test-cluster", + "uid": "364b3b40-def1-40ea-8bc1-1c52af79123c" + } + ], + "resource_version": "915", + "self_link": null, + "uid": "29624fa3-b1bd-4a49-b9ce-4a745541e131" + }, + "spec": { + "active_deadline_seconds": null, + "affinity": { + "node_affinity": null, + "pod_affinity": null, + "pod_anti_affinity": { + "preferred_during_scheduling_ignored_during_execution": [ + { + "pod_affinity_term": { + "label_selector": { + "match_expressions": [ + { + "key": "app", + "operator": "In", + "values": [ + "test-cluster" + ] + } + ], + "match_labels": null + }, + "namespace_selector": null, + "namespaces": null, + "topology_key": "kubernetes.io/hostname" + }, + "weight": 20 + } + ], + "required_during_scheduling_ignored_during_execution": null + } + }, + "automount_service_account_token": null, + "containers": [ + { + "args": null, + "command": [ + "/usr/local/bin/zookeeperStart.sh" + ], + "env": [ + { + "name": "ENVOY_SIDECAR_STATUS", + "value": null, + "value_from": { + "config_map_key_ref": null, + "field_ref": { + "api_version": "v1", + "field_path": "metadata.annotations['sidecar.istio.io/status']" + }, + "resource_field_ref": null, + "secret_key_ref": null + } + } + ], + "env_from": null, + "image": "pravega/zookeeper:0.2.14", + "image_pull_policy": "IfNotPresent", + "lifecycle": { + "post_start": null, + "pre_stop": { + "_exec": { + "command": [ + "zookeeperTeardown.sh" + ] + }, + "http_get": null, + "tcp_socket": null + } + }, + "liveness_probe": { + "_exec": { + "command": [ + "zookeeperLive.sh" + ] + }, + "failure_threshold": 3, + "grpc": null, + "http_get": null, + "initial_delay_seconds": 10, + "period_seconds": 10, + "success_threshold": 1, + "tcp_socket": null, + "termination_grace_period_seconds": null, + "timeout_seconds": 10 + }, + "name": "zookeeper", + "ports": [ + { + "container_port": 2181, + "host_ip": null, + "host_port": null, + "name": "client", + "protocol": "TCP" + }, + { + "container_port": 2888, + "host_ip": null, + "host_port": null, + "name": "quorum", + "protocol": "TCP" + }, + { + "container_port": 3888, + "host_ip": null, + "host_port": null, + "name": "leader-election", + "protocol": "TCP" + }, + { + "container_port": 7000, + "host_ip": null, + "host_port": null, + "name": "metrics", + "protocol": "TCP" + }, + { + "container_port": 8080, + "host_ip": null, + "host_port": null, + "name": "admin-server", + "protocol": "TCP" + } + ], + "readiness_probe": { + "_exec": { + "command": [ + "zookeeperReady.sh" + ] + }, + "failure_threshold": 3, + "grpc": null, + "http_get": null, + "initial_delay_seconds": 10, + "period_seconds": 10, + "success_threshold": 1, + "tcp_socket": null, + "termination_grace_period_seconds": null, + "timeout_seconds": 10 + }, + "resources": { + "claims": null, + "limits": null, + "requests": null + }, + "security_context": null, + "startup_probe": null, + "stdin": null, + "stdin_once": null, + "termination_message_path": "/dev/termination-log", + "termination_message_policy": "File", + "tty": null, + "volume_devices": null, + "volume_mounts": [ + { + "mount_path": "/data", + "mount_propagation": null, + "name": "data", + "read_only": null, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/conf", + "mount_propagation": null, + "name": "conf", + "read_only": null, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/var/run/secrets/kubernetes.io/serviceaccount", + "mount_propagation": null, + "name": "kube-api-access-kv8hc", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + } + ], + "working_dir": null + } + ], + "dns_config": null, + "dns_policy": "ClusterFirst", + "enable_service_links": true, + "ephemeral_containers": null, + "host_aliases": null, + "host_ipc": null, + "host_network": null, + "host_pid": null, + "host_users": null, + "hostname": "test-cluster-1", + "image_pull_secrets": null, + "init_containers": null, + "node_name": "acto-0-cluster-0-worker2", + "node_selector": null, + "os": null, + "overhead": null, + "preemption_policy": "PreemptLowerPriority", + "priority": 0, + "priority_class_name": null, + "readiness_gates": null, + "resource_claims": null, + "restart_policy": "Always", + "runtime_class_name": null, + "scheduler_name": "default-scheduler", + "scheduling_gates": null, + "security_context": { + "fs_group": null, + "fs_group_change_policy": null, + "run_as_group": null, + "run_as_non_root": null, + "run_as_user": null, + "se_linux_options": null, + "seccomp_profile": null, + "supplemental_groups": null, + "sysctls": null, + "windows_options": null + }, + "service_account": "default", + "service_account_name": "default", + "set_hostname_as_fqdn": null, + "share_process_namespace": null, + "subdomain": "test-cluster-headless", + "termination_grace_period_seconds": 30, + "tolerations": [ + { + "effect": "NoExecute", + "key": "node.kubernetes.io/not-ready", + "operator": "Exists", + "toleration_seconds": 300, + "value": null + }, + { + "effect": "NoExecute", + "key": "node.kubernetes.io/unreachable", + "operator": "Exists", + "toleration_seconds": 300, + "value": null + } + ], + "topology_spread_constraints": null, + "volumes": [ + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "data", + "nfs": null, + "persistent_volume_claim": { + "claim_name": "data-test-cluster-1", + "read_only": null + }, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": { + "default_mode": 420, + "items": null, + "name": "test-cluster-configmap", + "optional": null + }, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "conf", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "kube-api-access-kv8hc", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": { + "default_mode": 420, + "sources": [ + { + "config_map": null, + "downward_api": null, + "secret": null, + "service_account_token": { + "audience": null, + "expiration_seconds": 3607, + "path": "token" + } + }, + { + "config_map": { + "items": [ + { + "key": "ca.crt", + "mode": null, + "path": "ca.crt" + } + ], + "name": "kube-root-ca.crt", + "optional": null + }, + "downward_api": null, + "secret": null, + "service_account_token": null + }, + { + "config_map": null, + "downward_api": { + "items": [ + { + "field_ref": { + "api_version": "v1", + "field_path": "metadata.namespace" + }, + "mode": null, + "path": "namespace", + "resource_field_ref": null + } + ] + }, + "secret": null, + "service_account_token": null + } + ] + }, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + } + ] + }, + "status": { + "conditions": [ + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T04:28:44+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "Initialized" + }, + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T04:29:27+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "Ready" + }, + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T04:29:27+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "ContainersReady" + }, + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T04:28:44+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "PodScheduled" + } + ], + "container_statuses": [ + { + "container_id": "containerd://e0a062004552de47c60046b989f1895b7fd8df9e6dffda07ab02e9326a1d76d4", + "image": "docker.io/pravega/zookeeper:0.2.14", + "image_id": "docker.io/library/import-2024-02-27@sha256:7f2584253004a3a8f2cbd60d47f9333098ad7ac912757eb7591a60ea021b79bd", + "last_state": { + "running": null, + "terminated": { + "container_id": "containerd://23f059b1f43bedd626d3cd6572c9bd3cf950577dac1e4209545207d1540ad758", + "exit_code": 1, + "finished_at": "2024-02-27T04:28:45+00:00", + "message": null, + "reason": "Error", + "signal": null, + "started_at": "2024-02-27T04:28:45+00:00" + }, + "waiting": null + }, + "name": "zookeeper", + "ready": true, + "restart_count": 2, + "started": true, + "state": { + "running": { + "started_at": "2024-02-27T04:29:11+00:00" + }, + "terminated": null, + "waiting": null + } + } + ], + "ephemeral_container_statuses": null, + "host_ip": "172.18.0.3", + "init_container_statuses": null, + "message": null, + "nominated_node_name": null, + "phase": "Running", + "pod_ip": "10.244.2.3", + "pod_i_ps": [ + { + "ip": "10.244.2.3" + } + ], + "qos_class": "BestEffort", + "reason": null, + "start_time": "2024-02-27T04:28:44+00:00" + } + }, + "test-cluster-2": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T04:29:27+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": "test-cluster-", + "generation": null, + "labels": { + "app": "test-cluster", + "apps.kubernetes.io/pod-index": "2", + "controller-revision-hash": "test-cluster-66f4d88fc7", + "kind": "ZookeeperMember", + "release": "test-cluster", + "statefulset.kubernetes.io/pod-name": "test-cluster-2" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:generateName": {}, + "f:labels": { + ".": {}, + "f:app": {}, + "f:apps.kubernetes.io/pod-index": {}, + "f:controller-revision-hash": {}, + "f:kind": {}, + "f:release": {}, + "f:statefulset.kubernetes.io/pod-name": {} + }, + "f:ownerReferences": { + ".": {}, + "k:{\"uid\":\"364b3b40-def1-40ea-8bc1-1c52af79123c\"}": {} + } + }, + "f:spec": { + "f:affinity": { + ".": {}, + "f:podAntiAffinity": { + ".": {}, + "f:preferredDuringSchedulingIgnoredDuringExecution": {} + } + }, + "f:containers": { + "k:{\"name\":\"zookeeper\"}": { + ".": {}, + "f:command": {}, + "f:env": { + ".": {}, + "k:{\"name\":\"ENVOY_SIDECAR_STATUS\"}": { + ".": {}, + "f:name": {}, + "f:valueFrom": { + ".": {}, + "f:fieldRef": {} + } + } + }, + "f:image": {}, + "f:imagePullPolicy": {}, + "f:lifecycle": { + ".": {}, + "f:preStop": { + ".": {}, + "f:exec": { + ".": {}, + "f:command": {} + } + } + }, + "f:livenessProbe": { + ".": {}, + "f:exec": { + ".": {}, + "f:command": {} + }, + "f:failureThreshold": {}, + "f:initialDelaySeconds": {}, + "f:periodSeconds": {}, + "f:successThreshold": {}, + "f:timeoutSeconds": {} + }, + "f:name": {}, + "f:ports": { + ".": {}, + "k:{\"containerPort\":2181,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + }, + "k:{\"containerPort\":2888,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + }, + "k:{\"containerPort\":3888,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + }, + "k:{\"containerPort\":7000,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + }, + "k:{\"containerPort\":8080,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + } + }, + "f:readinessProbe": { + ".": {}, + "f:exec": { + ".": {}, + "f:command": {} + }, + "f:failureThreshold": {}, + "f:initialDelaySeconds": {}, + "f:periodSeconds": {}, + "f:successThreshold": {}, + "f:timeoutSeconds": {} + }, + "f:resources": {}, + "f:terminationMessagePath": {}, + "f:terminationMessagePolicy": {}, + "f:volumeMounts": { + ".": {}, + "k:{\"mountPath\":\"/conf\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {} + }, + "k:{\"mountPath\":\"/data\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {} + } + } + } + }, + "f:dnsPolicy": {}, + "f:enableServiceLinks": {}, + "f:hostname": {}, + "f:restartPolicy": {}, + "f:schedulerName": {}, + "f:securityContext": {}, + "f:serviceAccount": {}, + "f:serviceAccountName": {}, + "f:subdomain": {}, + "f:terminationGracePeriodSeconds": {}, + "f:volumes": { + ".": {}, + "k:{\"name\":\"conf\"}": { + ".": {}, + "f:configMap": { + ".": {}, + "f:defaultMode": {}, + "f:name": {} + }, + "f:name": {} + }, + "k:{\"name\":\"data\"}": { + ".": {}, + "f:name": {}, + "f:persistentVolumeClaim": { + ".": {}, + "f:claimName": {} + } + } + } + } + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T04:29:27+00:00" + }, + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:status": { + "f:conditions": { + "k:{\"type\":\"ContainersReady\"}": { + ".": {}, + "f:lastProbeTime": {}, + "f:lastTransitionTime": {}, + "f:status": {}, + "f:type": {} + }, + "k:{\"type\":\"Initialized\"}": { + ".": {}, + "f:lastProbeTime": {}, + "f:lastTransitionTime": {}, + "f:status": {}, + "f:type": {} + }, + "k:{\"type\":\"Ready\"}": { + ".": {}, + "f:lastProbeTime": {}, + "f:lastTransitionTime": {}, + "f:status": {}, + "f:type": {} + } + }, + "f:containerStatuses": {}, + "f:hostIP": {}, + "f:phase": {}, + "f:podIP": {}, + "f:podIPs": { + ".": {}, + "k:{\"ip\":\"10.244.1.4\"}": { + ".": {}, + "f:ip": {} + } + }, + "f:startTime": {} + } + }, + "manager": "kubelet", + "operation": "Update", + "subresource": "status", + "time": "2024-02-27T04:29:43+00:00" + } + ], + "name": "test-cluster-2", + "namespace": "acto-namespace", + "owner_references": [ + { + "api_version": "apps/v1", + "block_owner_deletion": true, + "controller": true, + "kind": "StatefulSet", + "name": "test-cluster", + "uid": "364b3b40-def1-40ea-8bc1-1c52af79123c" + } + ], + "resource_version": "987", + "self_link": null, + "uid": "ba425a9d-cf57-4e27-8ef2-a64a42681f9e" + }, + "spec": { + "active_deadline_seconds": null, + "affinity": { + "node_affinity": null, + "pod_affinity": null, + "pod_anti_affinity": { + "preferred_during_scheduling_ignored_during_execution": [ + { + "pod_affinity_term": { + "label_selector": { + "match_expressions": [ + { + "key": "app", + "operator": "In", + "values": [ + "test-cluster" + ] + } + ], + "match_labels": null + }, + "namespace_selector": null, + "namespaces": null, + "topology_key": "kubernetes.io/hostname" + }, + "weight": 20 + } + ], + "required_during_scheduling_ignored_during_execution": null + } + }, + "automount_service_account_token": null, + "containers": [ + { + "args": null, + "command": [ + "/usr/local/bin/zookeeperStart.sh" + ], + "env": [ + { + "name": "ENVOY_SIDECAR_STATUS", + "value": null, + "value_from": { + "config_map_key_ref": null, + "field_ref": { + "api_version": "v1", + "field_path": "metadata.annotations['sidecar.istio.io/status']" + }, + "resource_field_ref": null, + "secret_key_ref": null + } + } + ], + "env_from": null, + "image": "pravega/zookeeper:0.2.14", + "image_pull_policy": "IfNotPresent", + "lifecycle": { + "post_start": null, + "pre_stop": { + "_exec": { + "command": [ + "zookeeperTeardown.sh" + ] + }, + "http_get": null, + "tcp_socket": null + } + }, + "liveness_probe": { + "_exec": { + "command": [ + "zookeeperLive.sh" + ] + }, + "failure_threshold": 3, + "grpc": null, + "http_get": null, + "initial_delay_seconds": 10, + "period_seconds": 10, + "success_threshold": 1, + "tcp_socket": null, + "termination_grace_period_seconds": null, + "timeout_seconds": 10 + }, + "name": "zookeeper", + "ports": [ + { + "container_port": 2181, + "host_ip": null, + "host_port": null, + "name": "client", + "protocol": "TCP" + }, + { + "container_port": 2888, + "host_ip": null, + "host_port": null, + "name": "quorum", + "protocol": "TCP" + }, + { + "container_port": 3888, + "host_ip": null, + "host_port": null, + "name": "leader-election", + "protocol": "TCP" + }, + { + "container_port": 7000, + "host_ip": null, + "host_port": null, + "name": "metrics", + "protocol": "TCP" + }, + { + "container_port": 8080, + "host_ip": null, + "host_port": null, + "name": "admin-server", + "protocol": "TCP" + } + ], + "readiness_probe": { + "_exec": { + "command": [ + "zookeeperReady.sh" + ] + }, + "failure_threshold": 3, + "grpc": null, + "http_get": null, + "initial_delay_seconds": 10, + "period_seconds": 10, + "success_threshold": 1, + "tcp_socket": null, + "termination_grace_period_seconds": null, + "timeout_seconds": 10 + }, + "resources": { + "claims": null, + "limits": null, + "requests": null + }, + "security_context": null, + "startup_probe": null, + "stdin": null, + "stdin_once": null, + "termination_message_path": "/dev/termination-log", + "termination_message_policy": "File", + "tty": null, + "volume_devices": null, + "volume_mounts": [ + { + "mount_path": "/data", + "mount_propagation": null, + "name": "data", + "read_only": null, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/conf", + "mount_propagation": null, + "name": "conf", + "read_only": null, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/var/run/secrets/kubernetes.io/serviceaccount", + "mount_propagation": null, + "name": "kube-api-access-9wbg7", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + } + ], + "working_dir": null + } + ], + "dns_config": null, + "dns_policy": "ClusterFirst", + "enable_service_links": true, + "ephemeral_containers": null, + "host_aliases": null, + "host_ipc": null, + "host_network": null, + "host_pid": null, + "host_users": null, + "hostname": "test-cluster-2", + "image_pull_secrets": null, + "init_containers": null, + "node_name": "acto-0-cluster-0-worker", + "node_selector": null, + "os": null, + "overhead": null, + "preemption_policy": "PreemptLowerPriority", + "priority": 0, + "priority_class_name": null, + "readiness_gates": null, + "resource_claims": null, + "restart_policy": "Always", + "runtime_class_name": null, + "scheduler_name": "default-scheduler", + "scheduling_gates": null, + "security_context": { + "fs_group": null, + "fs_group_change_policy": null, + "run_as_group": null, + "run_as_non_root": null, + "run_as_user": null, + "se_linux_options": null, + "seccomp_profile": null, + "supplemental_groups": null, + "sysctls": null, + "windows_options": null + }, + "service_account": "default", + "service_account_name": "default", + "set_hostname_as_fqdn": null, + "share_process_namespace": null, + "subdomain": "test-cluster-headless", + "termination_grace_period_seconds": 30, + "tolerations": [ + { + "effect": "NoExecute", + "key": "node.kubernetes.io/not-ready", + "operator": "Exists", + "toleration_seconds": 300, + "value": null + }, + { + "effect": "NoExecute", + "key": "node.kubernetes.io/unreachable", + "operator": "Exists", + "toleration_seconds": 300, + "value": null + } + ], + "topology_spread_constraints": null, + "volumes": [ + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "data", + "nfs": null, + "persistent_volume_claim": { + "claim_name": "data-test-cluster-2", + "read_only": null + }, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": { + "default_mode": 420, + "items": null, + "name": "test-cluster-configmap", + "optional": null + }, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "conf", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "kube-api-access-9wbg7", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": { + "default_mode": 420, + "sources": [ + { + "config_map": null, + "downward_api": null, + "secret": null, + "service_account_token": { + "audience": null, + "expiration_seconds": 3607, + "path": "token" + } + }, + { + "config_map": { + "items": [ + { + "key": "ca.crt", + "mode": null, + "path": "ca.crt" + } + ], + "name": "kube-root-ca.crt", + "optional": null + }, + "downward_api": null, + "secret": null, + "service_account_token": null + }, + { + "config_map": null, + "downward_api": { + "items": [ + { + "field_ref": { + "api_version": "v1", + "field_path": "metadata.namespace" + }, + "mode": null, + "path": "namespace", + "resource_field_ref": null + } + ] + }, + "secret": null, + "service_account_token": null + } + ] + }, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + } + ] + }, + "status": { + "conditions": [ + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T04:29:31+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "Initialized" + }, + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T04:29:43+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "Ready" + }, + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T04:29:43+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "ContainersReady" + }, + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T04:29:31+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "PodScheduled" + } + ], + "container_statuses": [ + { + "container_id": "containerd://d57a3d1981f648b551655d791a54b27c3cdb626d2ef55805831096a0d0045743", + "image": "docker.io/pravega/zookeeper:0.2.14", + "image_id": "docker.io/library/import-2024-02-27@sha256:7f2584253004a3a8f2cbd60d47f9333098ad7ac912757eb7591a60ea021b79bd", + "last_state": { + "running": null, + "terminated": null, + "waiting": null + }, + "name": "zookeeper", + "ready": true, + "restart_count": 0, + "started": true, + "state": { + "running": { + "started_at": "2024-02-27T04:29:31+00:00" + }, + "terminated": null, + "waiting": null + } + } + ], + "ephemeral_container_statuses": null, + "host_ip": "172.18.0.5", + "init_container_statuses": null, + "message": null, + "nominated_node_name": null, + "phase": "Running", + "pod_ip": "10.244.1.4", + "pod_i_ps": [ + { + "ip": "10.244.1.4" + } + ], + "qos_class": "BestEffort", + "reason": null, + "start_time": "2024-02-27T04:29:31+00:00" + } + } + }, + "deployment_pods": { + "acto-test-operator-zookeeper-operator": [ + { + "api_version": null, + "kind": null, + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T04:27:55+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": "acto-test-operator-zookeeper-operator-f56b66895-", + "generation": null, + "labels": { + "acto/tag": "operator-pod", + "component": "zookeeper-operator", + "name": "acto-test-operator-zookeeper-operator", + "pod-template-hash": "f56b66895" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:generateName": {}, + "f:labels": { + ".": {}, + "f:acto/tag": {}, + "f:component": {}, + "f:name": {}, + "f:pod-template-hash": {} + }, + "f:ownerReferences": { + ".": {}, + "k:{\"uid\":\"1b23e2bb-3559-4aa5-81e0-684e828d90ab\"}": {} + } + }, + "f:spec": { + "f:containers": { + "k:{\"name\":\"acto-test-operator-zookeeper-operator\"}": { + ".": {}, + "f:command": {}, + "f:env": { + ".": {}, + "k:{\"name\":\"OPERATOR_NAME\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"POD_NAME\"}": { + ".": {}, + "f:name": {}, + "f:valueFrom": { + ".": {}, + "f:fieldRef": {} + } + }, + "k:{\"name\":\"WATCH_NAMESPACE\"}": { + ".": {}, + "f:name": {} + } + }, + "f:image": {}, + "f:imagePullPolicy": {}, + "f:name": {}, + "f:ports": { + ".": {}, + "k:{\"containerPort\":6000,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + } + }, + "f:resources": {}, + "f:terminationMessagePath": {}, + "f:terminationMessagePolicy": {} + } + }, + "f:dnsPolicy": {}, + "f:enableServiceLinks": {}, + "f:restartPolicy": {}, + "f:schedulerName": {}, + "f:securityContext": {}, + "f:serviceAccount": {}, + "f:serviceAccountName": {}, + "f:terminationGracePeriodSeconds": {} + } + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T04:27:55+00:00" + }, + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:status": { + "f:conditions": { + "k:{\"type\":\"ContainersReady\"}": { + ".": {}, + "f:lastProbeTime": {}, + "f:lastTransitionTime": {}, + "f:status": {}, + "f:type": {} + }, + "k:{\"type\":\"Initialized\"}": { + ".": {}, + "f:lastProbeTime": {}, + "f:lastTransitionTime": {}, + "f:status": {}, + "f:type": {} + }, + "k:{\"type\":\"Ready\"}": { + ".": {}, + "f:lastProbeTime": {}, + "f:lastTransitionTime": {}, + "f:status": {}, + "f:type": {} + } + }, + "f:containerStatuses": {}, + "f:hostIP": {}, + "f:phase": {}, + "f:podIP": {}, + "f:podIPs": { + ".": {}, + "k:{\"ip\":\"10.244.1.2\"}": { + ".": {}, + "f:ip": {} + } + }, + "f:startTime": {} + } + }, + "manager": "kubelet", + "operation": "Update", + "subresource": "status", + "time": "2024-02-27T04:27:57+00:00" + } + ], + "name": "acto-test-operator-zookeeper-operator-f56b66895-xgnpm", + "namespace": "acto-namespace", + "owner_references": [ + { + "api_version": "apps/v1", + "block_owner_deletion": true, + "controller": true, + "kind": "ReplicaSet", + "name": "acto-test-operator-zookeeper-operator-f56b66895", + "uid": "1b23e2bb-3559-4aa5-81e0-684e828d90ab" + } + ], + "resource_version": "652", + "self_link": null, + "uid": "b75052f7-2f5d-4c24-9c77-cb51321f43a4" + }, + "spec": { + "active_deadline_seconds": null, + "affinity": null, + "automount_service_account_token": null, + "containers": [ + { + "args": null, + "command": [ + "zookeeper-operator" + ], + "env": [ + { + "name": "WATCH_NAMESPACE", + "value": null, + "value_from": null + }, + { + "name": "POD_NAME", + "value": null, + "value_from": { + "config_map_key_ref": null, + "field_ref": { + "api_version": "v1", + "field_path": "metadata.name" + }, + "resource_field_ref": null, + "secret_key_ref": null + } + }, + { + "name": "OPERATOR_NAME", + "value": "acto-test-operator-zookeeper-operator", + "value_from": null + } + ], + "env_from": null, + "image": "pravega/zookeeper-operator:0.2.13", + "image_pull_policy": "IfNotPresent", + "lifecycle": null, + "liveness_probe": null, + "name": "acto-test-operator-zookeeper-operator", + "ports": [ + { + "container_port": 6000, + "host_ip": null, + "host_port": null, + "name": "metrics", + "protocol": "TCP" + } + ], + "readiness_probe": null, + "resources": { + "claims": null, + "limits": null, + "requests": null + }, + "security_context": null, + "startup_probe": null, + "stdin": null, + "stdin_once": null, + "termination_message_path": "/dev/termination-log", + "termination_message_policy": "File", + "tty": null, + "volume_devices": null, + "volume_mounts": [ + { + "mount_path": "/var/run/secrets/kubernetes.io/serviceaccount", + "mount_propagation": null, + "name": "kube-api-access-7lxg6", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + } + ], + "working_dir": null + } + ], + "dns_config": null, + "dns_policy": "ClusterFirst", + "enable_service_links": true, + "ephemeral_containers": null, + "host_aliases": null, + "host_ipc": null, + "host_network": null, + "host_pid": null, + "host_users": null, + "hostname": null, + "image_pull_secrets": null, + "init_containers": null, + "node_name": "acto-0-cluster-0-worker", + "node_selector": null, + "os": null, + "overhead": null, + "preemption_policy": "PreemptLowerPriority", + "priority": 0, + "priority_class_name": null, + "readiness_gates": null, + "resource_claims": null, + "restart_policy": "Always", + "runtime_class_name": null, + "scheduler_name": "default-scheduler", + "scheduling_gates": null, + "security_context": { + "fs_group": null, + "fs_group_change_policy": null, + "run_as_group": null, + "run_as_non_root": null, + "run_as_user": null, + "se_linux_options": null, + "seccomp_profile": null, + "supplemental_groups": null, + "sysctls": null, + "windows_options": null + }, + "service_account": "zookeeper-operator", + "service_account_name": "zookeeper-operator", + "set_hostname_as_fqdn": null, + "share_process_namespace": null, + "subdomain": null, + "termination_grace_period_seconds": 30, + "tolerations": [ + { + "effect": "NoExecute", + "key": "node.kubernetes.io/not-ready", + "operator": "Exists", + "toleration_seconds": 300, + "value": null + }, + { + "effect": "NoExecute", + "key": "node.kubernetes.io/unreachable", + "operator": "Exists", + "toleration_seconds": 300, + "value": null + } + ], + "topology_spread_constraints": null, + "volumes": [ + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "kube-api-access-7lxg6", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": { + "default_mode": 420, + "sources": [ + { + "config_map": null, + "downward_api": null, + "secret": null, + "service_account_token": { + "audience": null, + "expiration_seconds": 3607, + "path": "token" + } + }, + { + "config_map": { + "items": [ + { + "key": "ca.crt", + "mode": null, + "path": "ca.crt" + } + ], + "name": "kube-root-ca.crt", + "optional": null + }, + "downward_api": null, + "secret": null, + "service_account_token": null + }, + { + "config_map": null, + "downward_api": { + "items": [ + { + "field_ref": { + "api_version": "v1", + "field_path": "metadata.namespace" + }, + "mode": null, + "path": "namespace", + "resource_field_ref": null + } + ] + }, + "secret": null, + "service_account_token": null + } + ] + }, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + } + ] + }, + "status": { + "conditions": [ + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T04:27:55+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "Initialized" + }, + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T04:27:57+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "Ready" + }, + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T04:27:57+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "ContainersReady" + }, + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T04:27:55+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "PodScheduled" + } + ], + "container_statuses": [ + { + "container_id": "containerd://93da00e688354f4c1ae4d78bcb1c5f713d2335e11845ffb4fa52cfc5134ce058", + "image": "docker.io/pravega/zookeeper-operator:0.2.13", + "image_id": "docker.io/library/import-2024-02-27@sha256:136c9853896b8cec99ef856a29284fbc599a5d73df3a5279be744b776a322ab8", + "last_state": { + "running": null, + "terminated": null, + "waiting": null + }, + "name": "acto-test-operator-zookeeper-operator", + "ready": true, + "restart_count": 0, + "started": true, + "state": { + "running": { + "started_at": "2024-02-27T04:27:56+00:00" + }, + "terminated": null, + "waiting": null + } + } + ], + "ephemeral_container_statuses": null, + "host_ip": "172.18.0.5", + "init_container_statuses": null, + "message": null, + "nominated_node_name": null, + "phase": "Running", + "pod_ip": "10.244.1.2", + "pod_i_ps": [ + { + "ip": "10.244.1.2" + } + ], + "qos_class": "BestEffort", + "reason": null, + "start_time": "2024-02-27T04:27:55+00:00" + } + } + ] + }, + "daemonset_pods": {}, + "stateful_set": { + "test-cluster": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T04:28:26+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": 1, + "labels": { + "app": "test-cluster", + "owner-rv": "704", + "release": "test-cluster" + }, + "managed_fields": [ + { + "api_version": "apps/v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:labels": { + ".": {}, + "f:app": {}, + "f:owner-rv": {}, + "f:release": {} + }, + "f:ownerReferences": { + ".": {}, + "k:{\"uid\":\"5b55aa11-70e5-43b3-aee8-24fbe8180a7c\"}": {} + } + }, + "f:spec": { + "f:persistentVolumeClaimRetentionPolicy": { + ".": {}, + "f:whenDeleted": {}, + "f:whenScaled": {} + }, + "f:podManagementPolicy": {}, + "f:replicas": {}, + "f:revisionHistoryLimit": {}, + "f:selector": {}, + "f:serviceName": {}, + "f:template": { + "f:metadata": { + "f:generateName": {}, + "f:labels": { + ".": {}, + "f:app": {}, + "f:kind": {}, + "f:release": {} + } + }, + "f:spec": { + "f:affinity": { + ".": {}, + "f:podAntiAffinity": { + ".": {}, + "f:preferredDuringSchedulingIgnoredDuringExecution": {} + } + }, + "f:containers": { + "k:{\"name\":\"zookeeper\"}": { + ".": {}, + "f:command": {}, + "f:env": { + ".": {}, + "k:{\"name\":\"ENVOY_SIDECAR_STATUS\"}": { + ".": {}, + "f:name": {}, + "f:valueFrom": { + ".": {}, + "f:fieldRef": {} + } + } + }, + "f:image": {}, + "f:imagePullPolicy": {}, + "f:lifecycle": { + ".": {}, + "f:preStop": { + ".": {}, + "f:exec": { + ".": {}, + "f:command": {} + } + } + }, + "f:livenessProbe": { + ".": {}, + "f:exec": { + ".": {}, + "f:command": {} + }, + "f:failureThreshold": {}, + "f:initialDelaySeconds": {}, + "f:periodSeconds": {}, + "f:successThreshold": {}, + "f:timeoutSeconds": {} + }, + "f:name": {}, + "f:ports": { + ".": {}, + "k:{\"containerPort\":2181,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + }, + "k:{\"containerPort\":2888,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + }, + "k:{\"containerPort\":3888,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + }, + "k:{\"containerPort\":7000,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + }, + "k:{\"containerPort\":8080,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + } + }, + "f:readinessProbe": { + ".": {}, + "f:exec": { + ".": {}, + "f:command": {} + }, + "f:failureThreshold": {}, + "f:initialDelaySeconds": {}, + "f:periodSeconds": {}, + "f:successThreshold": {}, + "f:timeoutSeconds": {} + }, + "f:resources": {}, + "f:terminationMessagePath": {}, + "f:terminationMessagePolicy": {}, + "f:volumeMounts": { + ".": {}, + "k:{\"mountPath\":\"/conf\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {} + }, + "k:{\"mountPath\":\"/data\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {} + } + } + } + }, + "f:dnsPolicy": {}, + "f:restartPolicy": {}, + "f:schedulerName": {}, + "f:securityContext": {}, + "f:serviceAccount": {}, + "f:serviceAccountName": {}, + "f:terminationGracePeriodSeconds": {}, + "f:volumes": { + ".": {}, + "k:{\"name\":\"conf\"}": { + ".": {}, + "f:configMap": { + ".": {}, + "f:defaultMode": {}, + "f:name": {} + }, + "f:name": {} + } + } + } + }, + "f:updateStrategy": { + "f:type": {} + }, + "f:volumeClaimTemplates": {} + } + }, + "manager": "zookeeper-operator", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T04:28:26+00:00" + }, + { + "api_version": "apps/v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:status": { + "f:availableReplicas": {}, + "f:currentReplicas": {}, + "f:readyReplicas": {}, + "f:replicas": {}, + "f:updatedReplicas": {} + } + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T04:29:43+00:00" + } + ], + "name": "test-cluster", + "namespace": "acto-namespace", + "owner_references": [ + { + "api_version": "zookeeper.pravega.io/v1beta1", + "block_owner_deletion": true, + "controller": true, + "kind": "ZookeeperCluster", + "name": "test-cluster", + "uid": "5b55aa11-70e5-43b3-aee8-24fbe8180a7c" + } + ], + "resource_version": "1014", + "self_link": null, + "uid": "364b3b40-def1-40ea-8bc1-1c52af79123c" + }, + "spec": { + "min_ready_seconds": null, + "ordinals": null, + "persistent_volume_claim_retention_policy": { + "when_deleted": "Retain", + "when_scaled": "Retain" + }, + "pod_management_policy": "OrderedReady", + "replicas": 3, + "revision_history_limit": 10, + "selector": { + "match_expressions": null, + "match_labels": { + "app": "test-cluster" + } + }, + "service_name": "test-cluster-headless", + "template": { + "metadata": { + "annotations": null, + "creation_timestamp": null, + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": "test-cluster", + "generation": null, + "labels": { + "app": "test-cluster", + "kind": "ZookeeperMember", + "release": "test-cluster" + }, + "managed_fields": null, + "name": null, + "namespace": null, + "owner_references": null, + "resource_version": null, + "self_link": null, + "uid": null + }, + "spec": { + "active_deadline_seconds": null, + "affinity": { + "node_affinity": null, + "pod_affinity": null, + "pod_anti_affinity": { + "preferred_during_scheduling_ignored_during_execution": [ + { + "pod_affinity_term": { + "label_selector": { + "match_expressions": [ + { + "key": "app", + "operator": "In", + "values": [ + "test-cluster" + ] + } + ], + "match_labels": null + }, + "namespace_selector": null, + "namespaces": null, + "topology_key": "kubernetes.io/hostname" + }, + "weight": 20 + } + ], + "required_during_scheduling_ignored_during_execution": null + } + }, + "automount_service_account_token": null, + "containers": [ + { + "args": null, + "command": [ + "/usr/local/bin/zookeeperStart.sh" + ], + "env": [ + { + "name": "ENVOY_SIDECAR_STATUS", + "value": null, + "value_from": { + "config_map_key_ref": null, + "field_ref": { + "api_version": "v1", + "field_path": "metadata.annotations['sidecar.istio.io/status']" + }, + "resource_field_ref": null, + "secret_key_ref": null + } + } + ], + "env_from": null, + "image": "pravega/zookeeper:0.2.14", + "image_pull_policy": "IfNotPresent", + "lifecycle": { + "post_start": null, + "pre_stop": { + "_exec": { + "command": [ + "zookeeperTeardown.sh" + ] + }, + "http_get": null, + "tcp_socket": null + } + }, + "liveness_probe": { + "_exec": { + "command": [ + "zookeeperLive.sh" + ] + }, + "failure_threshold": 3, + "grpc": null, + "http_get": null, + "initial_delay_seconds": 10, + "period_seconds": 10, + "success_threshold": 1, + "tcp_socket": null, + "termination_grace_period_seconds": null, + "timeout_seconds": 10 + }, + "name": "zookeeper", + "ports": [ + { + "container_port": 2181, + "host_ip": null, + "host_port": null, + "name": "client", + "protocol": "TCP" + }, + { + "container_port": 2888, + "host_ip": null, + "host_port": null, + "name": "quorum", + "protocol": "TCP" + }, + { + "container_port": 3888, + "host_ip": null, + "host_port": null, + "name": "leader-election", + "protocol": "TCP" + }, + { + "container_port": 7000, + "host_ip": null, + "host_port": null, + "name": "metrics", + "protocol": "TCP" + }, + { + "container_port": 8080, + "host_ip": null, + "host_port": null, + "name": "admin-server", + "protocol": "TCP" + } + ], + "readiness_probe": { + "_exec": { + "command": [ + "zookeeperReady.sh" + ] + }, + "failure_threshold": 3, + "grpc": null, + "http_get": null, + "initial_delay_seconds": 10, + "period_seconds": 10, + "success_threshold": 1, + "tcp_socket": null, + "termination_grace_period_seconds": null, + "timeout_seconds": 10 + }, + "resources": { + "claims": null, + "limits": null, + "requests": null + }, + "security_context": null, + "startup_probe": null, + "stdin": null, + "stdin_once": null, + "termination_message_path": "/dev/termination-log", + "termination_message_policy": "File", + "tty": null, + "volume_devices": null, + "volume_mounts": [ + { + "mount_path": "/data", + "mount_propagation": null, + "name": "data", + "read_only": null, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/conf", + "mount_propagation": null, + "name": "conf", + "read_only": null, + "sub_path": null, + "sub_path_expr": null + } + ], + "working_dir": null + } + ], + "dns_config": null, + "dns_policy": "ClusterFirst", + "enable_service_links": null, + "ephemeral_containers": null, + "host_aliases": null, + "host_ipc": null, + "host_network": null, + "host_pid": null, + "host_users": null, + "hostname": null, + "image_pull_secrets": null, + "init_containers": null, + "node_name": null, + "node_selector": null, + "os": null, + "overhead": null, + "preemption_policy": null, + "priority": null, + "priority_class_name": null, + "readiness_gates": null, + "resource_claims": null, + "restart_policy": "Always", + "runtime_class_name": null, + "scheduler_name": "default-scheduler", + "scheduling_gates": null, + "security_context": { + "fs_group": null, + "fs_group_change_policy": null, + "run_as_group": null, + "run_as_non_root": null, + "run_as_user": null, + "se_linux_options": null, + "seccomp_profile": null, + "supplemental_groups": null, + "sysctls": null, + "windows_options": null + }, + "service_account": "default", + "service_account_name": "default", + "set_hostname_as_fqdn": null, + "share_process_namespace": null, + "subdomain": null, + "termination_grace_period_seconds": 30, + "tolerations": null, + "topology_spread_constraints": null, + "volumes": [ + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": { + "default_mode": 420, + "items": null, + "name": "test-cluster-configmap", + "optional": null + }, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "conf", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + } + ] + } + }, + "update_strategy": { + "rolling_update": null, + "type": "RollingUpdate" + }, + "volume_claim_templates": [ + { + "api_version": "v1", + "kind": "PersistentVolumeClaim", + "metadata": { + "annotations": null, + "creation_timestamp": null, + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": { + "app": "test-cluster", + "release": "test-cluster", + "uid": "5b55aa11-70e5-43b3-aee8-24fbe8180a7c" + }, + "managed_fields": null, + "name": "data", + "namespace": null, + "owner_references": null, + "resource_version": null, + "self_link": null, + "uid": null + }, + "spec": { + "access_modes": [ + "ReadWriteOnce" + ], + "data_source": null, + "data_source_ref": null, + "resources": { + "claims": null, + "limits": null, + "requests": { + "storage": "20Gi" + } + }, + "selector": null, + "storage_class_name": "standard", + "volume_mode": "Filesystem", + "volume_name": null + }, + "status": { + "access_modes": null, + "allocated_resources": null, + "capacity": null, + "conditions": null, + "phase": "Pending", + "resize_status": null + } + } + ] + }, + "status": { + "available_replicas": 3, + "collision_count": 0, + "conditions": null, + "current_replicas": 3, + "current_revision": "test-cluster-66f4d88fc7", + "observed_generation": 1, + "ready_replicas": 3, + "replicas": 3, + "update_revision": "test-cluster-66f4d88fc7", + "updated_replicas": 3 + } + } + }, + "deployment": { + "acto-test-operator-zookeeper-operator": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": { + "deployment.kubernetes.io/revision": "1" + }, + "creation_timestamp": "2024-02-27T04:27:55+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": 1, + "labels": { + "acto/tag": "operator-deployment", + "app.kubernetes.io/managed-by": "Helm", + "app.kubernetes.io/name": "zookeeper-operator", + "app.kubernetes.io/version": "0.2.13", + "helm.sh/chart": "zookeeper-operator-0.2.13" + }, + "managed_fields": [ + { + "api_version": "apps/v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:labels": { + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {}, + "f:app.kubernetes.io/version": {}, + "f:helm.sh/chart": {} + } + }, + "f:spec": { + "f:replicas": {}, + "f:selector": {}, + "f:template": { + "f:metadata": { + "f:labels": { + "f:acto/tag": {}, + "f:component": {}, + "f:name": {} + } + }, + "f:spec": { + "f:containers": { + "k:{\"name\":\"acto-test-operator-zookeeper-operator\"}": { + ".": {}, + "f:command": {}, + "f:env": { + "k:{\"name\":\"OPERATOR_NAME\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"POD_NAME\"}": { + ".": {}, + "f:name": {}, + "f:valueFrom": { + "f:fieldRef": {} + } + }, + "k:{\"name\":\"WATCH_NAMESPACE\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + } + }, + "f:image": {}, + "f:imagePullPolicy": {}, + "f:name": {}, + "f:ports": { + "k:{\"containerPort\":6000,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {} + } + } + } + }, + "f:serviceAccountName": {} + } + } + } + }, + "manager": "kubectl", + "operation": "Apply", + "subresource": null, + "time": "2024-02-27T04:27:55+00:00" + }, + { + "api_version": "apps/v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + ".": {}, + "f:deployment.kubernetes.io/revision": {} + } + }, + "f:status": { + "f:availableReplicas": {}, + "f:conditions": { + ".": {}, + "k:{\"type\":\"Available\"}": { + ".": {}, + "f:lastTransitionTime": {}, + "f:lastUpdateTime": {}, + "f:message": {}, + "f:reason": {}, + "f:status": {}, + "f:type": {} + }, + "k:{\"type\":\"Progressing\"}": { + ".": {}, + "f:lastTransitionTime": {}, + "f:lastUpdateTime": {}, + "f:message": {}, + "f:reason": {}, + "f:status": {}, + "f:type": {} + } + }, + "f:observedGeneration": {}, + "f:readyReplicas": {}, + "f:replicas": {}, + "f:updatedReplicas": {} + } + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": "status", + "time": "2024-02-27T04:27:57+00:00" + }, + { + "api_version": "apps/v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:labels": { + "f:acto/tag": {} + } + } + }, + "manager": "OpenAPI-Generator", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T04:28:00+00:00" + } + ], + "name": "acto-test-operator-zookeeper-operator", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "658", + "self_link": null, + "uid": "e6a6837c-b4cd-4886-9b00-c0cf0cee78e7" + }, + "spec": { + "min_ready_seconds": null, + "paused": null, + "progress_deadline_seconds": 600, + "replicas": 1, + "revision_history_limit": 10, + "selector": { + "match_expressions": null, + "match_labels": { + "name": "acto-test-operator-zookeeper-operator" + } + }, + "strategy": { + "rolling_update": { + "max_surge": "25%", + "max_unavailable": "25%" + }, + "type": "RollingUpdate" + }, + "template": { + "metadata": { + "annotations": null, + "creation_timestamp": null, + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": { + "acto/tag": "operator-pod", + "component": "zookeeper-operator", + "name": "acto-test-operator-zookeeper-operator" + }, + "managed_fields": null, + "name": null, + "namespace": null, + "owner_references": null, + "resource_version": null, + "self_link": null, + "uid": null + }, + "spec": { + "active_deadline_seconds": null, + "affinity": null, + "automount_service_account_token": null, + "containers": [ + { + "args": null, + "command": [ + "zookeeper-operator" + ], + "env": [ + { + "name": "WATCH_NAMESPACE", + "value": null, + "value_from": null + }, + { + "name": "POD_NAME", + "value": null, + "value_from": { + "config_map_key_ref": null, + "field_ref": { + "api_version": "v1", + "field_path": "metadata.name" + }, + "resource_field_ref": null, + "secret_key_ref": null + } + }, + { + "name": "OPERATOR_NAME", + "value": "acto-test-operator-zookeeper-operator", + "value_from": null + } + ], + "env_from": null, + "image": "pravega/zookeeper-operator:0.2.13", + "image_pull_policy": "IfNotPresent", + "lifecycle": null, + "liveness_probe": null, + "name": "acto-test-operator-zookeeper-operator", + "ports": [ + { + "container_port": 6000, + "host_ip": null, + "host_port": null, + "name": "metrics", + "protocol": "TCP" + } + ], + "readiness_probe": null, + "resources": { + "claims": null, + "limits": null, + "requests": null + }, + "security_context": null, + "startup_probe": null, + "stdin": null, + "stdin_once": null, + "termination_message_path": "/dev/termination-log", + "termination_message_policy": "File", + "tty": null, + "volume_devices": null, + "volume_mounts": null, + "working_dir": null + } + ], + "dns_config": null, + "dns_policy": "ClusterFirst", + "enable_service_links": null, + "ephemeral_containers": null, + "host_aliases": null, + "host_ipc": null, + "host_network": null, + "host_pid": null, + "host_users": null, + "hostname": null, + "image_pull_secrets": null, + "init_containers": null, + "node_name": null, + "node_selector": null, + "os": null, + "overhead": null, + "preemption_policy": null, + "priority": null, + "priority_class_name": null, + "readiness_gates": null, + "resource_claims": null, + "restart_policy": "Always", + "runtime_class_name": null, + "scheduler_name": "default-scheduler", + "scheduling_gates": null, + "security_context": { + "fs_group": null, + "fs_group_change_policy": null, + "run_as_group": null, + "run_as_non_root": null, + "run_as_user": null, + "se_linux_options": null, + "seccomp_profile": null, + "supplemental_groups": null, + "sysctls": null, + "windows_options": null + }, + "service_account": "zookeeper-operator", + "service_account_name": "zookeeper-operator", + "set_hostname_as_fqdn": null, + "share_process_namespace": null, + "subdomain": null, + "termination_grace_period_seconds": 30, + "tolerations": null, + "topology_spread_constraints": null, + "volumes": null + } + } + }, + "status": { + "available_replicas": 1, + "collision_count": null, + "conditions": [ + { + "last_transition_time": "2024-02-27T04:27:57+00:00", + "last_update_time": "2024-02-27T04:27:57+00:00", + "message": "Deployment has minimum availability.", + "reason": "MinimumReplicasAvailable", + "status": "True", + "type": "Available" + }, + { + "last_transition_time": "2024-02-27T04:27:55+00:00", + "last_update_time": "2024-02-27T04:27:57+00:00", + "message": "ReplicaSet \"acto-test-operator-zookeeper-operator-f56b66895\" has successfully progressed.", + "reason": "NewReplicaSetAvailable", + "status": "True", + "type": "Progressing" + } + ], + "observed_generation": 1, + "ready_replicas": 1, + "replicas": 1, + "unavailable_replicas": null, + "updated_replicas": 1 + } + } + }, + "daemon_set": {}, + "config_map": { + "kube-root-ca.crt": { + "api_version": null, + "binary_data": null, + "data": { + "ca.crt": "-----BEGIN CERTIFICATE-----\nMIIDBTCCAe2gAwIBAgIIGAg7H0YfUXcwDQYJKoZIhvcNAQELBQAwFTETMBEGA1UE\nAxMKa3ViZXJuZXRlczAeFw0yNDAyMjcwNDIyMTRaFw0zNDAyMjQwNDI3MTRaMBUx\nEzARBgNVBAMTCmt1YmVybmV0ZXMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK\nAoIBAQCdxmB3VLnTJXedH5C0njbMX4+k8Rot/abG3gOhbDMzj9SeNVGinEhcyq0h\nzRAipZDHv7StwjVzcpV6RwMmlRI1jazLFQy3RpbuOTJAuksdHnD+zvvhES7rP4Hb\nJG/aNMkgBh9gvOYKzIWwx9LgWM4fZ/MwkzuzZK1ll0kGkEdKBaeVaR3T9X4irr4P\n4/PbLijX4pApZXv6wxbdTypde8qExHGq/usdmXFI1p7STtHYJ8BqygLE/vXKaOlA\nuWDMLY7t3unNa5mlvgy8Hw97Ykb0lScMYpa3WXlKVxkGa1Q3URLGT9alrX20XA9v\nysVIOQp4KES5B6SbKQN6UN0kagf1AgMBAAGjWTBXMA4GA1UdDwEB/wQEAwICpDAP\nBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBTMIiYFRO2umwj2b48LUqNc7SWRDzAV\nBgNVHREEDjAMggprdWJlcm5ldGVzMA0GCSqGSIb3DQEBCwUAA4IBAQANMuyKyPBr\n1/5RixyIHwr6EUeYHHsMXArGAEywb5VTciv774LXZVaxj4ebVwXnb/GcqsSnd+Vx\nt2evZyhOxr5+Q28RH7q2+vI20VeYE6SybC0YbIY/C/TZixo/V4h2VHMAJC1FMbYo\nsCXoKrXVHHuWtMueioKB7iXZ/59CfsQ2Fr8HjU2mQgIeb2r2KWXgvrwOegvo8tQM\nsdBPvYsUOgxu9PMqJ2vqZlk4Yg/xdceqt7wbBvkx0mvYWW1hLwUL2gXXSwRIzdEJ\nLj51vPFw9EpB1gWMlp2TxM24066UQzYJc9GA4orr3akrCBbzvrEYUhRNN2SuVfcL\ndf824dkhiOG5\n-----END CERTIFICATE-----\n" + }, + "immutable": null, + "kind": null, + "metadata": { + "annotations": { + "kubernetes.io/description": "Contains a CA bundle that can be used to verify the kube-apiserver when using internal endpoints such as the internal service IP or kubernetes.default.svc. No other usage is guaranteed across distributions of Kubernetes clusters." + }, + "creation_timestamp": "2024-02-27T04:27:55+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:data": { + ".": {}, + "f:ca.crt": {} + }, + "f:metadata": { + "f:annotations": { + ".": {}, + "f:kubernetes.io/description": {} + } + } + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T04:27:55+00:00" + } + ], + "name": "kube-root-ca.crt", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "618", + "self_link": null, + "uid": "a10cd95d-90be-4436-ab6f-1da2b2f148a0" + } + }, + "test-cluster-configmap": { + "api_version": null, + "binary_data": null, + "data": { + "env.sh": "#!/usr/bin/env bash\n\nDOMAIN=test-cluster-headless.acto-namespace.svc.cluster.local\nQUORUM_PORT=2888\nLEADER_PORT=3888\nCLIENT_HOST=test-cluster-client\nCLIENT_PORT=2181\nADMIN_SERVER_HOST=test-cluster-admin-server\nADMIN_SERVER_PORT=8080\nCLUSTER_NAME=test-cluster\nCLUSTER_SIZE=3\n", + "log4j-quiet.properties": "log4j.rootLogger=ERROR, CONSOLE\nlog4j.appender.CONSOLE=org.apache.log4j.ConsoleAppender\nlog4j.appender.CONSOLE.Threshold=ERROR\nlog4j.appender.CONSOLE.layout=org.apache.log4j.PatternLayout\nlog4j.appender.CONSOLE.layout.ConversionPattern=%d{ISO8601} [myid:%X{myid}] - %-5p [%t:%C{1}@%L] - %m%n\n", + "log4j.properties": "zookeeper.root.logger=CONSOLE\nzookeeper.console.threshold=INFO\nlog4j.rootLogger=${zookeeper.root.logger}\nlog4j.appender.CONSOLE=org.apache.log4j.ConsoleAppender\nlog4j.appender.CONSOLE.Threshold=${zookeeper.console.threshold}\nlog4j.appender.CONSOLE.layout=org.apache.log4j.PatternLayout\nlog4j.appender.CONSOLE.layout.ConversionPattern=%d{ISO8601} [myid:%X{myid}] - %-5p [%t:%C{1}@%L] - %m%n\n", + "zoo.cfg": "4lw.commands.whitelist=cons, envi, conf, crst, srvr, stat, mntr, ruok\ndataDir=/data\nstandaloneEnabled=false\nreconfigEnabled=true\nskipACL=yes\nmetricsProvider.className=org.apache.zookeeper.metrics.prometheus.PrometheusMetricsProvider\nmetricsProvider.httpPort=7000\nmetricsProvider.exportJvmInfo=true\ninitLimit=10\nsyncLimit=2\ntickTime=2000\nglobalOutstandingLimit=1000\npreAllocSize=65536\nsnapCount=10000\ncommitLogCount=500\nsnapSizeLimitInKb=4194304\nmaxCnxns=0\nmaxClientCnxns=60\nminSessionTimeout=4000\nmaxSessionTimeout=40000\nautopurge.snapRetainCount=3\nautopurge.purgeInterval=1\nquorumListenOnAllIPs=false\nadmin.serverPort=8080\ndynamicConfigFile=/data/zoo.cfg.dynamic\n" + }, + "immutable": null, + "kind": null, + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T04:28:26+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": { + "app": "test-cluster", + "release": "test-cluster" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:data": { + ".": {}, + "f:env.sh": {}, + "f:log4j-quiet.properties": {}, + "f:log4j.properties": {}, + "f:zoo.cfg": {} + }, + "f:metadata": { + "f:labels": { + ".": {}, + "f:app": {}, + "f:release": {} + }, + "f:ownerReferences": { + ".": {}, + "k:{\"uid\":\"5b55aa11-70e5-43b3-aee8-24fbe8180a7c\"}": {} + } + } + }, + "manager": "zookeeper-operator", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T04:28:26+00:00" + } + ], + "name": "test-cluster-configmap", + "namespace": "acto-namespace", + "owner_references": [ + { + "api_version": "zookeeper.pravega.io/v1beta1", + "block_owner_deletion": true, + "controller": true, + "kind": "ZookeeperCluster", + "name": "test-cluster", + "uid": "5b55aa11-70e5-43b3-aee8-24fbe8180a7c" + } + ], + "resource_version": "706", + "self_link": null, + "uid": "6a974065-fe15-4686-bc05-fb75ddda6c0b" + } + }, + "zookeeper-operator-lock": { + "api_version": null, + "binary_data": null, + "data": null, + "immutable": null, + "kind": null, + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T04:27:56+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:ownerReferences": { + ".": {}, + "k:{\"uid\":\"b75052f7-2f5d-4c24-9c77-cb51321f43a4\"}": {} + } + } + }, + "manager": "zookeeper-operator", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T04:27:56+00:00" + } + ], + "name": "zookeeper-operator-lock", + "namespace": "acto-namespace", + "owner_references": [ + { + "api_version": "v1", + "block_owner_deletion": null, + "controller": null, + "kind": "Pod", + "name": "acto-test-operator-zookeeper-operator-f56b66895-xgnpm", + "uid": "b75052f7-2f5d-4c24-9c77-cb51321f43a4" + } + ], + "resource_version": "648", + "self_link": null, + "uid": "86e2035c-4594-4db7-b908-d3ecc357bbc4" + } + } + }, + "service": { + "test-cluster-admin-server": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T04:28:26+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": { + "app": "test-cluster", + "headless": "false", + "owner-rv": "704", + "release": "test-cluster" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:labels": { + ".": {}, + "f:app": {}, + "f:headless": {}, + "f:owner-rv": {}, + "f:release": {} + }, + "f:ownerReferences": { + ".": {}, + "k:{\"uid\":\"5b55aa11-70e5-43b3-aee8-24fbe8180a7c\"}": {} + } + }, + "f:spec": { + "f:internalTrafficPolicy": {}, + "f:ports": { + ".": {}, + "k:{\"port\":8080,\"protocol\":\"TCP\"}": { + ".": {}, + "f:name": {}, + "f:port": {}, + "f:protocol": {}, + "f:targetPort": {} + } + }, + "f:selector": {}, + "f:sessionAffinity": {}, + "f:type": {} + } + }, + "manager": "zookeeper-operator", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T04:28:26+00:00" + } + ], + "name": "test-cluster-admin-server", + "namespace": "acto-namespace", + "owner_references": [ + { + "api_version": "zookeeper.pravega.io/v1beta1", + "block_owner_deletion": true, + "controller": true, + "kind": "ZookeeperCluster", + "name": "test-cluster", + "uid": "5b55aa11-70e5-43b3-aee8-24fbe8180a7c" + } + ], + "resource_version": "723", + "self_link": null, + "uid": "7cf99594-997f-4255-bdcb-e8da6a51a516" + }, + "spec": { + "allocate_load_balancer_node_ports": null, + "cluster_ip": "10.96.75.94", + "cluster_i_ps": [ + "10.96.75.94" + ], + "external_i_ps": null, + "external_name": null, + "external_traffic_policy": null, + "health_check_node_port": null, + "internal_traffic_policy": "Cluster", + "ip_families": [ + "IPv4" + ], + "ip_family_policy": "SingleStack", + "load_balancer_class": null, + "load_balancer_ip": null, + "load_balancer_source_ranges": null, + "ports": [ + { + "app_protocol": null, + "name": "tcp-admin-server", + "node_port": null, + "port": 8080, + "protocol": "TCP", + "target_port": 8080 + } + ], + "publish_not_ready_addresses": null, + "selector": { + "app": "test-cluster" + }, + "session_affinity": "None", + "session_affinity_config": null, + "type": "ClusterIP" + }, + "status": { + "conditions": null, + "load_balancer": { + "ingress": null + } + } + }, + "test-cluster-client": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T04:28:26+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": { + "app": "test-cluster", + "headless": "false", + "owner-rv": "704", + "release": "test-cluster" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:labels": { + ".": {}, + "f:app": {}, + "f:headless": {}, + "f:owner-rv": {}, + "f:release": {} + }, + "f:ownerReferences": { + ".": {}, + "k:{\"uid\":\"5b55aa11-70e5-43b3-aee8-24fbe8180a7c\"}": {} + } + }, + "f:spec": { + "f:internalTrafficPolicy": {}, + "f:ports": { + ".": {}, + "k:{\"port\":2181,\"protocol\":\"TCP\"}": { + ".": {}, + "f:name": {}, + "f:port": {}, + "f:protocol": {}, + "f:targetPort": {} + } + }, + "f:selector": {}, + "f:sessionAffinity": {}, + "f:type": {} + } + }, + "manager": "zookeeper-operator", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T04:28:26+00:00" + } + ], + "name": "test-cluster-client", + "namespace": "acto-namespace", + "owner_references": [ + { + "api_version": "zookeeper.pravega.io/v1beta1", + "block_owner_deletion": true, + "controller": true, + "kind": "ZookeeperCluster", + "name": "test-cluster", + "uid": "5b55aa11-70e5-43b3-aee8-24fbe8180a7c" + } + ], + "resource_version": "710", + "self_link": null, + "uid": "228b5e54-94bc-4a99-9e4b-67cc659c3584" + }, + "spec": { + "allocate_load_balancer_node_ports": null, + "cluster_ip": "10.96.250.171", + "cluster_i_ps": [ + "10.96.250.171" + ], + "external_i_ps": null, + "external_name": null, + "external_traffic_policy": null, + "health_check_node_port": null, + "internal_traffic_policy": "Cluster", + "ip_families": [ + "IPv4" + ], + "ip_family_policy": "SingleStack", + "load_balancer_class": null, + "load_balancer_ip": null, + "load_balancer_source_ranges": null, + "ports": [ + { + "app_protocol": null, + "name": "tcp-client", + "node_port": null, + "port": 2181, + "protocol": "TCP", + "target_port": 2181 + } + ], + "publish_not_ready_addresses": null, + "selector": { + "app": "test-cluster" + }, + "session_affinity": "None", + "session_affinity_config": null, + "type": "ClusterIP" + }, + "status": { + "conditions": null, + "load_balancer": { + "ingress": null + } + } + }, + "test-cluster-headless": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T04:28:26+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": { + "app": "test-cluster", + "headless": "true", + "owner-rv": "704", + "release": "test-cluster" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:labels": { + ".": {}, + "f:app": {}, + "f:headless": {}, + "f:owner-rv": {}, + "f:release": {} + }, + "f:ownerReferences": { + ".": {}, + "k:{\"uid\":\"5b55aa11-70e5-43b3-aee8-24fbe8180a7c\"}": {} + } + }, + "f:spec": { + "f:clusterIP": {}, + "f:internalTrafficPolicy": {}, + "f:ports": { + ".": {}, + "k:{\"port\":2181,\"protocol\":\"TCP\"}": { + ".": {}, + "f:name": {}, + "f:port": {}, + "f:protocol": {}, + "f:targetPort": {} + }, + "k:{\"port\":2888,\"protocol\":\"TCP\"}": { + ".": {}, + "f:name": {}, + "f:port": {}, + "f:protocol": {}, + "f:targetPort": {} + }, + "k:{\"port\":3888,\"protocol\":\"TCP\"}": { + ".": {}, + "f:name": {}, + "f:port": {}, + "f:protocol": {}, + "f:targetPort": {} + }, + "k:{\"port\":7000,\"protocol\":\"TCP\"}": { + ".": {}, + "f:name": {}, + "f:port": {}, + "f:protocol": {}, + "f:targetPort": {} + }, + "k:{\"port\":8080,\"protocol\":\"TCP\"}": { + ".": {}, + "f:name": {}, + "f:port": {}, + "f:protocol": {}, + "f:targetPort": {} + } + }, + "f:selector": {}, + "f:sessionAffinity": {}, + "f:type": {} + } + }, + "manager": "zookeeper-operator", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T04:28:26+00:00" + } + ], + "name": "test-cluster-headless", + "namespace": "acto-namespace", + "owner_references": [ + { + "api_version": "zookeeper.pravega.io/v1beta1", + "block_owner_deletion": true, + "controller": true, + "kind": "ZookeeperCluster", + "name": "test-cluster", + "uid": "5b55aa11-70e5-43b3-aee8-24fbe8180a7c" + } + ], + "resource_version": "714", + "self_link": null, + "uid": "c4fa9fd8-3766-4886-b96a-b93bfbc64aaa" + }, + "spec": { + "allocate_load_balancer_node_ports": null, + "cluster_ip": "None", + "cluster_i_ps": [ + "None" + ], + "external_i_ps": null, + "external_name": null, + "external_traffic_policy": null, + "health_check_node_port": null, + "internal_traffic_policy": "Cluster", + "ip_families": [ + "IPv4" + ], + "ip_family_policy": "SingleStack", + "load_balancer_class": null, + "load_balancer_ip": null, + "load_balancer_source_ranges": null, + "ports": [ + { + "app_protocol": null, + "name": "tcp-client", + "node_port": null, + "port": 2181, + "protocol": "TCP", + "target_port": 2181 + }, + { + "app_protocol": null, + "name": "tcp-quorum", + "node_port": null, + "port": 2888, + "protocol": "TCP", + "target_port": 2888 + }, + { + "app_protocol": null, + "name": "tcp-leader-election", + "node_port": null, + "port": 3888, + "protocol": "TCP", + "target_port": 3888 + }, + { + "app_protocol": null, + "name": "tcp-metrics", + "node_port": null, + "port": 7000, + "protocol": "TCP", + "target_port": 7000 + }, + { + "app_protocol": null, + "name": "tcp-admin-server", + "node_port": null, + "port": 8080, + "protocol": "TCP", + "target_port": 8080 + } + ], + "publish_not_ready_addresses": null, + "selector": { + "app": "test-cluster" + }, + "session_affinity": "None", + "session_affinity_config": null, + "type": "ClusterIP" + }, + "status": { + "conditions": null, + "load_balancer": { + "ingress": null + } + } + } + }, + "pvc": { + "data-test-cluster-0": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": { + "pv.kubernetes.io/bind-completed": "yes", + "pv.kubernetes.io/bound-by-controller": "yes", + "volume.beta.kubernetes.io/storage-provisioner": "rancher.io/local-path", + "volume.kubernetes.io/selected-node": "acto-0-cluster-0-worker3", + "volume.kubernetes.io/storage-provisioner": "rancher.io/local-path" + }, + "creation_timestamp": "2024-02-27T04:28:26+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": [ + "kubernetes.io/pvc-protection" + ], + "generate_name": null, + "generation": null, + "labels": { + "app": "test-cluster", + "release": "test-cluster", + "uid": "5b55aa11-70e5-43b3-aee8-24fbe8180a7c" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + ".": {}, + "f:volume.kubernetes.io/selected-node": {} + } + } + }, + "manager": "kube-scheduler", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T04:28:26+00:00" + }, + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + "f:pv.kubernetes.io/bind-completed": {}, + "f:pv.kubernetes.io/bound-by-controller": {}, + "f:volume.beta.kubernetes.io/storage-provisioner": {}, + "f:volume.kubernetes.io/storage-provisioner": {} + }, + "f:labels": { + ".": {}, + "f:app": {}, + "f:release": {}, + "f:uid": {} + } + }, + "f:spec": { + "f:accessModes": {}, + "f:resources": { + "f:requests": { + ".": {}, + "f:storage": {} + } + }, + "f:storageClassName": {}, + "f:volumeMode": {}, + "f:volumeName": {} + } + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T04:28:29+00:00" + }, + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:status": { + "f:accessModes": {}, + "f:capacity": { + ".": {}, + "f:storage": {} + }, + "f:phase": {} + } + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": "status", + "time": "2024-02-27T04:28:29+00:00" + } + ], + "name": "data-test-cluster-0", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "752", + "self_link": null, + "uid": "8211e23f-273c-4f5e-8d6b-a7791954a1ad" + }, + "spec": { + "access_modes": [ + "ReadWriteOnce" + ], + "data_source": null, + "data_source_ref": null, + "resources": { + "claims": null, + "limits": null, + "requests": { + "storage": "20Gi" + } + }, + "selector": null, + "storage_class_name": "standard", + "volume_mode": "Filesystem", + "volume_name": "pvc-8211e23f-273c-4f5e-8d6b-a7791954a1ad" + }, + "status": { + "access_modes": [ + "ReadWriteOnce" + ], + "allocated_resources": null, + "capacity": { + "storage": "20Gi" + }, + "conditions": null, + "phase": "Bound", + "resize_status": null + } + }, + "data-test-cluster-1": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": { + "pv.kubernetes.io/bind-completed": "yes", + "pv.kubernetes.io/bound-by-controller": "yes", + "volume.beta.kubernetes.io/storage-provisioner": "rancher.io/local-path", + "volume.kubernetes.io/selected-node": "acto-0-cluster-0-worker2", + "volume.kubernetes.io/storage-provisioner": "rancher.io/local-path" + }, + "creation_timestamp": "2024-02-27T04:28:40+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": [ + "kubernetes.io/pvc-protection" + ], + "generate_name": null, + "generation": null, + "labels": { + "app": "test-cluster", + "release": "test-cluster", + "uid": "5b55aa11-70e5-43b3-aee8-24fbe8180a7c" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + ".": {}, + "f:volume.kubernetes.io/selected-node": {} + } + } + }, + "manager": "kube-scheduler", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T04:28:40+00:00" + }, + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + "f:pv.kubernetes.io/bind-completed": {}, + "f:pv.kubernetes.io/bound-by-controller": {}, + "f:volume.beta.kubernetes.io/storage-provisioner": {}, + "f:volume.kubernetes.io/storage-provisioner": {} + }, + "f:labels": { + ".": {}, + "f:app": {}, + "f:release": {}, + "f:uid": {} + } + }, + "f:spec": { + "f:accessModes": {}, + "f:resources": { + "f:requests": { + ".": {}, + "f:storage": {} + } + }, + "f:storageClassName": {}, + "f:volumeMode": {}, + "f:volumeName": {} + } + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T04:28:43+00:00" + }, + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:status": { + "f:accessModes": {}, + "f:capacity": { + ".": {}, + "f:storage": {} + }, + "f:phase": {} + } + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": "status", + "time": "2024-02-27T04:28:43+00:00" + } + ], + "name": "data-test-cluster-1", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "819", + "self_link": null, + "uid": "b8c6a1b0-0e69-48a2-9fc8-f1a89199e606" + }, + "spec": { + "access_modes": [ + "ReadWriteOnce" + ], + "data_source": null, + "data_source_ref": null, + "resources": { + "claims": null, + "limits": null, + "requests": { + "storage": "20Gi" + } + }, + "selector": null, + "storage_class_name": "standard", + "volume_mode": "Filesystem", + "volume_name": "pvc-b8c6a1b0-0e69-48a2-9fc8-f1a89199e606" + }, + "status": { + "access_modes": [ + "ReadWriteOnce" + ], + "allocated_resources": null, + "capacity": { + "storage": "20Gi" + }, + "conditions": null, + "phase": "Bound", + "resize_status": null + } + }, + "data-test-cluster-2": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": { + "pv.kubernetes.io/bind-completed": "yes", + "pv.kubernetes.io/bound-by-controller": "yes", + "volume.beta.kubernetes.io/storage-provisioner": "rancher.io/local-path", + "volume.kubernetes.io/selected-node": "acto-0-cluster-0-worker", + "volume.kubernetes.io/storage-provisioner": "rancher.io/local-path" + }, + "creation_timestamp": "2024-02-27T04:29:27+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": [ + "kubernetes.io/pvc-protection" + ], + "generate_name": null, + "generation": null, + "labels": { + "app": "test-cluster", + "release": "test-cluster", + "uid": "5b55aa11-70e5-43b3-aee8-24fbe8180a7c" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + ".": {}, + "f:volume.kubernetes.io/selected-node": {} + } + } + }, + "manager": "kube-scheduler", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T04:29:27+00:00" + }, + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + "f:pv.kubernetes.io/bind-completed": {}, + "f:pv.kubernetes.io/bound-by-controller": {}, + "f:volume.beta.kubernetes.io/storage-provisioner": {}, + "f:volume.kubernetes.io/storage-provisioner": {} + }, + "f:labels": { + ".": {}, + "f:app": {}, + "f:release": {}, + "f:uid": {} + } + }, + "f:spec": { + "f:accessModes": {}, + "f:resources": { + "f:requests": { + ".": {}, + "f:storage": {} + } + }, + "f:storageClassName": {}, + "f:volumeMode": {}, + "f:volumeName": {} + } + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T04:29:30+00:00" + }, + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:status": { + "f:accessModes": {}, + "f:capacity": { + ".": {}, + "f:storage": {} + }, + "f:phase": {} + } + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": "status", + "time": "2024-02-27T04:29:30+00:00" + } + ], + "name": "data-test-cluster-2", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "952", + "self_link": null, + "uid": "47ad8dc1-68a9-4120-bda1-27f533dcb698" + }, + "spec": { + "access_modes": [ + "ReadWriteOnce" + ], + "data_source": null, + "data_source_ref": null, + "resources": { + "claims": null, + "limits": null, + "requests": { + "storage": "20Gi" + } + }, + "selector": null, + "storage_class_name": "standard", + "volume_mode": "Filesystem", + "volume_name": "pvc-47ad8dc1-68a9-4120-bda1-27f533dcb698" + }, + "status": { + "access_modes": [ + "ReadWriteOnce" + ], + "allocated_resources": null, + "capacity": { + "storage": "20Gi" + }, + "conditions": null, + "phase": "Bound", + "resize_status": null + } + } + }, + "cronjob": {}, + "ingress": {}, + "network_policy": {}, + "pod_disruption_budget": {}, + "secret": {}, + "endpoints": { + "test-cluster-admin-server": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": { + "endpoints.kubernetes.io/last-change-trigger-time": "2024-02-27T04:29:43Z" + }, + "creation_timestamp": "2024-02-27T04:28:26+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": { + "app": "test-cluster", + "headless": "false", + "owner-rv": "704", + "release": "test-cluster" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + ".": {}, + "f:endpoints.kubernetes.io/last-change-trigger-time": {} + }, + "f:labels": { + ".": {}, + "f:app": {}, + "f:headless": {}, + "f:owner-rv": {}, + "f:release": {} + } + }, + "f:subsets": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T04:29:43+00:00" + } + ], + "name": "test-cluster-admin-server", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "991", + "self_link": null, + "uid": "ecf9a993-d8e9-4db0-9e77-a815721e5e8e" + }, + "subsets": [ + { + "addresses": [ + { + "hostname": null, + "ip": "10.244.1.4", + "node_name": "acto-0-cluster-0-worker", + "target_ref": { + "api_version": null, + "field_path": null, + "kind": "Pod", + "name": "test-cluster-2", + "namespace": "acto-namespace", + "resource_version": null, + "uid": "ba425a9d-cf57-4e27-8ef2-a64a42681f9e" + } + }, + { + "hostname": null, + "ip": "10.244.2.3", + "node_name": "acto-0-cluster-0-worker2", + "target_ref": { + "api_version": null, + "field_path": null, + "kind": "Pod", + "name": "test-cluster-1", + "namespace": "acto-namespace", + "resource_version": null, + "uid": "29624fa3-b1bd-4a49-b9ce-4a745541e131" + } + }, + { + "hostname": null, + "ip": "10.244.3.3", + "node_name": "acto-0-cluster-0-worker3", + "target_ref": { + "api_version": null, + "field_path": null, + "kind": "Pod", + "name": "test-cluster-0", + "namespace": "acto-namespace", + "resource_version": null, + "uid": "18231edd-dc42-4fd5-8319-07d839343e12" + } + } + ], + "not_ready_addresses": null, + "ports": [ + { + "app_protocol": null, + "name": "tcp-admin-server", + "port": 8080, + "protocol": "TCP" + } + ] + } + ] + }, + "test-cluster-client": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": { + "endpoints.kubernetes.io/last-change-trigger-time": "2024-02-27T04:29:43Z" + }, + "creation_timestamp": "2024-02-27T04:28:26+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": { + "app": "test-cluster", + "headless": "false", + "owner-rv": "704", + "release": "test-cluster" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + ".": {}, + "f:endpoints.kubernetes.io/last-change-trigger-time": {} + }, + "f:labels": { + ".": {}, + "f:app": {}, + "f:headless": {}, + "f:owner-rv": {}, + "f:release": {} + } + }, + "f:subsets": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T04:29:43+00:00" + } + ], + "name": "test-cluster-client", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "988", + "self_link": null, + "uid": "c30cd621-85fb-4608-9558-5018f0d0cc09" + }, + "subsets": [ + { + "addresses": [ + { + "hostname": null, + "ip": "10.244.1.4", + "node_name": "acto-0-cluster-0-worker", + "target_ref": { + "api_version": null, + "field_path": null, + "kind": "Pod", + "name": "test-cluster-2", + "namespace": "acto-namespace", + "resource_version": null, + "uid": "ba425a9d-cf57-4e27-8ef2-a64a42681f9e" + } + }, + { + "hostname": null, + "ip": "10.244.2.3", + "node_name": "acto-0-cluster-0-worker2", + "target_ref": { + "api_version": null, + "field_path": null, + "kind": "Pod", + "name": "test-cluster-1", + "namespace": "acto-namespace", + "resource_version": null, + "uid": "29624fa3-b1bd-4a49-b9ce-4a745541e131" + } + }, + { + "hostname": null, + "ip": "10.244.3.3", + "node_name": "acto-0-cluster-0-worker3", + "target_ref": { + "api_version": null, + "field_path": null, + "kind": "Pod", + "name": "test-cluster-0", + "namespace": "acto-namespace", + "resource_version": null, + "uid": "18231edd-dc42-4fd5-8319-07d839343e12" + } + } + ], + "not_ready_addresses": null, + "ports": [ + { + "app_protocol": null, + "name": "tcp-client", + "port": 2181, + "protocol": "TCP" + } + ] + } + ] + }, + "test-cluster-headless": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": { + "endpoints.kubernetes.io/last-change-trigger-time": "2024-02-27T04:29:43Z" + }, + "creation_timestamp": "2024-02-27T04:28:26+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": { + "app": "test-cluster", + "headless": "true", + "owner-rv": "704", + "release": "test-cluster", + "service.kubernetes.io/headless": "" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + ".": {}, + "f:endpoints.kubernetes.io/last-change-trigger-time": {} + }, + "f:labels": { + ".": {}, + "f:app": {}, + "f:headless": {}, + "f:owner-rv": {}, + "f:release": {}, + "f:service.kubernetes.io/headless": {} + } + }, + "f:subsets": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T04:29:43+00:00" + } + ], + "name": "test-cluster-headless", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "989", + "self_link": null, + "uid": "2a224cdf-2b56-4249-9850-afee23de615c" + }, + "subsets": [ + { + "addresses": [ + { + "hostname": "test-cluster-2", + "ip": "10.244.1.4", + "node_name": "acto-0-cluster-0-worker", + "target_ref": { + "api_version": null, + "field_path": null, + "kind": "Pod", + "name": "test-cluster-2", + "namespace": "acto-namespace", + "resource_version": null, + "uid": "ba425a9d-cf57-4e27-8ef2-a64a42681f9e" + } + }, + { + "hostname": "test-cluster-1", + "ip": "10.244.2.3", + "node_name": "acto-0-cluster-0-worker2", + "target_ref": { + "api_version": null, + "field_path": null, + "kind": "Pod", + "name": "test-cluster-1", + "namespace": "acto-namespace", + "resource_version": null, + "uid": "29624fa3-b1bd-4a49-b9ce-4a745541e131" + } + }, + { + "hostname": "test-cluster-0", + "ip": "10.244.3.3", + "node_name": "acto-0-cluster-0-worker3", + "target_ref": { + "api_version": null, + "field_path": null, + "kind": "Pod", + "name": "test-cluster-0", + "namespace": "acto-namespace", + "resource_version": null, + "uid": "18231edd-dc42-4fd5-8319-07d839343e12" + } + } + ], + "not_ready_addresses": null, + "ports": [ + { + "app_protocol": null, + "name": "tcp-quorum", + "port": 2888, + "protocol": "TCP" + }, + { + "app_protocol": null, + "name": "tcp-metrics", + "port": 7000, + "protocol": "TCP" + }, + { + "app_protocol": null, + "name": "tcp-client", + "port": 2181, + "protocol": "TCP" + }, + { + "app_protocol": null, + "name": "tcp-admin-server", + "port": 8080, + "protocol": "TCP" + }, + { + "app_protocol": null, + "name": "tcp-leader-election", + "port": 3888, + "protocol": "TCP" + } + ] + } + ] + } + }, + "service_account": { + "default": { + "api_version": null, + "automount_service_account_token": null, + "image_pull_secrets": null, + "kind": null, + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T04:27:55+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": null, + "name": "default", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "619", + "self_link": null, + "uid": "3d5925cb-2a0c-4e81-8024-82fa86c15eb1" + }, + "secrets": null + }, + "zookeeper-operator": { + "api_version": null, + "automount_service_account_token": null, + "image_pull_secrets": null, + "kind": null, + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T04:27:55+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": { + "app.kubernetes.io/managed-by": "Helm", + "app.kubernetes.io/name": "zookeeper-operator", + "app.kubernetes.io/version": "0.2.13", + "helm.sh/chart": "zookeeper-operator-0.2.13" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:labels": { + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {}, + "f:app.kubernetes.io/version": {}, + "f:helm.sh/chart": {} + } + } + }, + "manager": "kubectl", + "operation": "Apply", + "subresource": null, + "time": "2024-02-27T04:27:55+00:00" + } + ], + "name": "zookeeper-operator", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "621", + "self_link": null, + "uid": "9dd1aed1-1a4c-4a4c-ad8b-5d9d6a785426" + }, + "secrets": null + } + }, + "job": {}, + "role": { + "acto-test-operator-zookeeper-operator": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T04:27:55+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": { + "app.kubernetes.io/managed-by": "Helm", + "app.kubernetes.io/name": "zookeeper-operator", + "app.kubernetes.io/version": "0.2.13", + "helm.sh/chart": "zookeeper-operator-0.2.13" + }, + "managed_fields": [ + { + "api_version": "rbac.authorization.k8s.io/v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:labels": { + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {}, + "f:app.kubernetes.io/version": {}, + "f:helm.sh/chart": {} + } + }, + "f:rules": {} + }, + "manager": "kubectl", + "operation": "Apply", + "subresource": null, + "time": "2024-02-27T04:27:55+00:00" + } + ], + "name": "acto-test-operator-zookeeper-operator", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "627", + "self_link": null, + "uid": "e948c235-d387-480d-8a3e-b4a7e83c3ef2" + }, + "rules": [ + { + "api_groups": [ + "zookeeper.pravega.io" + ], + "non_resource_ur_ls": null, + "resource_names": null, + "resources": [ + "*" + ], + "verbs": [ + "*" + ] + }, + { + "api_groups": [ + "" + ], + "non_resource_ur_ls": null, + "resource_names": null, + "resources": [ + "pods", + "services", + "endpoints", + "persistentvolumeclaims", + "events", + "configmaps", + "secrets" + ], + "verbs": [ + "*" + ] + }, + { + "api_groups": [ + "apps" + ], + "non_resource_ur_ls": null, + "resource_names": null, + "resources": [ + "deployments", + "daemonsets", + "replicasets", + "statefulsets" + ], + "verbs": [ + "*" + ] + }, + { + "api_groups": [ + "policy" + ], + "non_resource_ur_ls": null, + "resource_names": null, + "resources": [ + "poddisruptionbudgets" + ], + "verbs": [ + "*" + ] + } + ] + } + }, + "role_binding": { + "acto-test-operator-zookeeper-operator": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T04:27:55+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": { + "app.kubernetes.io/managed-by": "Helm", + "app.kubernetes.io/name": "zookeeper-operator", + "app.kubernetes.io/version": "0.2.13", + "helm.sh/chart": "zookeeper-operator-0.2.13" + }, + "managed_fields": [ + { + "api_version": "rbac.authorization.k8s.io/v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:labels": { + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {}, + "f:app.kubernetes.io/version": {}, + "f:helm.sh/chart": {} + } + }, + "f:roleRef": {}, + "f:subjects": {} + }, + "manager": "kubectl", + "operation": "Apply", + "subresource": null, + "time": "2024-02-27T04:27:55+00:00" + } + ], + "name": "acto-test-operator-zookeeper-operator", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "628", + "self_link": null, + "uid": "4b66e029-90e6-4475-86ff-e7232bff53b2" + }, + "role_ref": { + "api_group": "rbac.authorization.k8s.io", + "kind": "Role", + "name": "acto-test-operator-zookeeper-operator" + }, + "subjects": [ + { + "api_group": null, + "kind": "ServiceAccount", + "name": "zookeeper-operator", + "namespace": null + } + ] + } + }, + "custom_resource_spec": { + "adminServerService": {}, + "clientService": {}, + "config": { + "autoPurgePurgeInterval": 1, + "autoPurgeSnapRetainCount": 3, + "commitLogCount": 500, + "globalOutstandingLimit": 1000, + "initLimit": 10, + "maxClientCnxns": 60, + "maxSessionTimeout": 40000, + "minSessionTimeout": 4000, + "preAllocSize": 65536, + "snapCount": 10000, + "snapSizeLimitInKb": 4194304, + "syncLimit": 2, + "tickTime": 2000 + }, + "headlessService": {}, + "image": { + "pullPolicy": "IfNotPresent", + "repository": "pravega/zookeeper", + "tag": "0.2.14" + }, + "labels": { + "app": "test-cluster", + "release": "test-cluster" + }, + "persistence": { + "reclaimPolicy": "Delete", + "spec": { + "accessModes": [ + "ReadWriteOnce" + ], + "resources": { + "requests": { + "storage": "20Gi" + } + }, + "storageClassName": "standard" + } + }, + "pod": { + "affinity": { + "podAntiAffinity": { + "preferredDuringSchedulingIgnoredDuringExecution": [ + { + "podAffinityTerm": { + "labelSelector": { + "matchExpressions": [ + { + "key": "app", + "operator": "In", + "values": [ + "test-cluster" + ] + } + ] + }, + "topologyKey": "kubernetes.io/hostname" + }, + "weight": 20 + } + ] + } + }, + "labels": { + "app": "test-cluster", + "release": "test-cluster" + }, + "resources": {}, + "serviceAccountName": "default", + "terminationGracePeriodSeconds": 30 + }, + "ports": [ + { + "containerPort": 2181, + "name": "client" + }, + { + "containerPort": 2888, + "name": "quorum" + }, + { + "containerPort": 3888, + "name": "leader-election" + }, + { + "containerPort": 7000, + "name": "metrics" + }, + { + "containerPort": 8080, + "name": "admin-server" + } + ], + "probes": { + "livenessProbe": { + "failureThreshold": 3, + "initialDelaySeconds": 10, + "periodSeconds": 10, + "successThreshold": 0, + "timeoutSeconds": 10 + }, + "readinessProbe": { + "failureThreshold": 3, + "initialDelaySeconds": 10, + "periodSeconds": 10, + "successThreshold": 1, + "timeoutSeconds": 10 + } + }, + "replicas": 3, + "storageType": "persistence" + }, + "custom_resource_status": null +} diff --git a/docs/alarm_examples/false_alarm/system-state-001.json b/docs/alarm_examples/false_alarm/system-state-001.json new file mode 100644 index 0000000000..397df140e5 --- /dev/null +++ b/docs/alarm_examples/false_alarm/system-state-001.json @@ -0,0 +1,5303 @@ +{ + "pod": { + "test-cluster-0": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T04:28:26+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": "test-cluster-", + "generation": null, + "labels": { + "app": "test-cluster", + "apps.kubernetes.io/pod-index": "0", + "controller-revision-hash": "test-cluster-66f4d88fc7", + "kind": "ZookeeperMember", + "release": "test-cluster", + "statefulset.kubernetes.io/pod-name": "test-cluster-0" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:generateName": {}, + "f:labels": { + ".": {}, + "f:app": {}, + "f:apps.kubernetes.io/pod-index": {}, + "f:controller-revision-hash": {}, + "f:kind": {}, + "f:release": {}, + "f:statefulset.kubernetes.io/pod-name": {} + }, + "f:ownerReferences": { + ".": {}, + "k:{\"uid\":\"364b3b40-def1-40ea-8bc1-1c52af79123c\"}": {} + } + }, + "f:spec": { + "f:affinity": { + ".": {}, + "f:podAntiAffinity": { + ".": {}, + "f:preferredDuringSchedulingIgnoredDuringExecution": {} + } + }, + "f:containers": { + "k:{\"name\":\"zookeeper\"}": { + ".": {}, + "f:command": {}, + "f:env": { + ".": {}, + "k:{\"name\":\"ENVOY_SIDECAR_STATUS\"}": { + ".": {}, + "f:name": {}, + "f:valueFrom": { + ".": {}, + "f:fieldRef": {} + } + } + }, + "f:image": {}, + "f:imagePullPolicy": {}, + "f:lifecycle": { + ".": {}, + "f:preStop": { + ".": {}, + "f:exec": { + ".": {}, + "f:command": {} + } + } + }, + "f:livenessProbe": { + ".": {}, + "f:exec": { + ".": {}, + "f:command": {} + }, + "f:failureThreshold": {}, + "f:initialDelaySeconds": {}, + "f:periodSeconds": {}, + "f:successThreshold": {}, + "f:timeoutSeconds": {} + }, + "f:name": {}, + "f:ports": { + ".": {}, + "k:{\"containerPort\":2181,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + }, + "k:{\"containerPort\":2888,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + }, + "k:{\"containerPort\":3888,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + }, + "k:{\"containerPort\":7000,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + }, + "k:{\"containerPort\":8080,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + } + }, + "f:readinessProbe": { + ".": {}, + "f:exec": { + ".": {}, + "f:command": {} + }, + "f:failureThreshold": {}, + "f:initialDelaySeconds": {}, + "f:periodSeconds": {}, + "f:successThreshold": {}, + "f:timeoutSeconds": {} + }, + "f:resources": {}, + "f:terminationMessagePath": {}, + "f:terminationMessagePolicy": {}, + "f:volumeMounts": { + ".": {}, + "k:{\"mountPath\":\"/conf\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {} + }, + "k:{\"mountPath\":\"/data\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {} + } + } + } + }, + "f:dnsPolicy": {}, + "f:enableServiceLinks": {}, + "f:hostname": {}, + "f:restartPolicy": {}, + "f:schedulerName": {}, + "f:securityContext": {}, + "f:serviceAccount": {}, + "f:serviceAccountName": {}, + "f:subdomain": {}, + "f:terminationGracePeriodSeconds": {}, + "f:volumes": { + ".": {}, + "k:{\"name\":\"conf\"}": { + ".": {}, + "f:configMap": { + ".": {}, + "f:defaultMode": {}, + "f:name": {} + }, + "f:name": {} + }, + "k:{\"name\":\"data\"}": { + ".": {}, + "f:name": {}, + "f:persistentVolumeClaim": { + ".": {}, + "f:claimName": {} + } + } + } + } + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T04:28:26+00:00" + }, + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:status": { + "f:conditions": { + "k:{\"type\":\"ContainersReady\"}": { + ".": {}, + "f:lastProbeTime": {}, + "f:lastTransitionTime": {}, + "f:status": {}, + "f:type": {} + }, + "k:{\"type\":\"Initialized\"}": { + ".": {}, + "f:lastProbeTime": {}, + "f:lastTransitionTime": {}, + "f:status": {}, + "f:type": {} + }, + "k:{\"type\":\"Ready\"}": { + ".": {}, + "f:lastProbeTime": {}, + "f:lastTransitionTime": {}, + "f:status": {}, + "f:type": {} + } + }, + "f:containerStatuses": {}, + "f:hostIP": {}, + "f:phase": {}, + "f:podIP": {}, + "f:podIPs": { + ".": {}, + "k:{\"ip\":\"10.244.3.3\"}": { + ".": {}, + "f:ip": {} + } + }, + "f:startTime": {} + } + }, + "manager": "kubelet", + "operation": "Update", + "subresource": "status", + "time": "2024-02-27T04:28:40+00:00" + } + ], + "name": "test-cluster-0", + "namespace": "acto-namespace", + "owner_references": [ + { + "api_version": "apps/v1", + "block_owner_deletion": true, + "controller": true, + "kind": "StatefulSet", + "name": "test-cluster", + "uid": "364b3b40-def1-40ea-8bc1-1c52af79123c" + } + ], + "resource_version": "783", + "self_link": null, + "uid": "18231edd-dc42-4fd5-8319-07d839343e12" + }, + "spec": { + "active_deadline_seconds": null, + "affinity": { + "node_affinity": null, + "pod_affinity": null, + "pod_anti_affinity": { + "preferred_during_scheduling_ignored_during_execution": [ + { + "pod_affinity_term": { + "label_selector": { + "match_expressions": [ + { + "key": "app", + "operator": "In", + "values": [ + "test-cluster" + ] + } + ], + "match_labels": null + }, + "namespace_selector": null, + "namespaces": null, + "topology_key": "kubernetes.io/hostname" + }, + "weight": 20 + } + ], + "required_during_scheduling_ignored_during_execution": null + } + }, + "automount_service_account_token": null, + "containers": [ + { + "args": null, + "command": [ + "/usr/local/bin/zookeeperStart.sh" + ], + "env": [ + { + "name": "ENVOY_SIDECAR_STATUS", + "value": null, + "value_from": { + "config_map_key_ref": null, + "field_ref": { + "api_version": "v1", + "field_path": "metadata.annotations['sidecar.istio.io/status']" + }, + "resource_field_ref": null, + "secret_key_ref": null + } + } + ], + "env_from": null, + "image": "pravega/zookeeper:0.2.14", + "image_pull_policy": "IfNotPresent", + "lifecycle": { + "post_start": null, + "pre_stop": { + "_exec": { + "command": [ + "zookeeperTeardown.sh" + ] + }, + "http_get": null, + "tcp_socket": null + } + }, + "liveness_probe": { + "_exec": { + "command": [ + "zookeeperLive.sh" + ] + }, + "failure_threshold": 3, + "grpc": null, + "http_get": null, + "initial_delay_seconds": 10, + "period_seconds": 10, + "success_threshold": 1, + "tcp_socket": null, + "termination_grace_period_seconds": null, + "timeout_seconds": 10 + }, + "name": "zookeeper", + "ports": [ + { + "container_port": 2181, + "host_ip": null, + "host_port": null, + "name": "client", + "protocol": "TCP" + }, + { + "container_port": 2888, + "host_ip": null, + "host_port": null, + "name": "quorum", + "protocol": "TCP" + }, + { + "container_port": 3888, + "host_ip": null, + "host_port": null, + "name": "leader-election", + "protocol": "TCP" + }, + { + "container_port": 7000, + "host_ip": null, + "host_port": null, + "name": "metrics", + "protocol": "TCP" + }, + { + "container_port": 8080, + "host_ip": null, + "host_port": null, + "name": "admin-server", + "protocol": "TCP" + } + ], + "readiness_probe": { + "_exec": { + "command": [ + "zookeeperReady.sh" + ] + }, + "failure_threshold": 3, + "grpc": null, + "http_get": null, + "initial_delay_seconds": 10, + "period_seconds": 10, + "success_threshold": 1, + "tcp_socket": null, + "termination_grace_period_seconds": null, + "timeout_seconds": 10 + }, + "resources": { + "claims": null, + "limits": null, + "requests": null + }, + "security_context": null, + "startup_probe": null, + "stdin": null, + "stdin_once": null, + "termination_message_path": "/dev/termination-log", + "termination_message_policy": "File", + "tty": null, + "volume_devices": null, + "volume_mounts": [ + { + "mount_path": "/data", + "mount_propagation": null, + "name": "data", + "read_only": null, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/conf", + "mount_propagation": null, + "name": "conf", + "read_only": null, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/var/run/secrets/kubernetes.io/serviceaccount", + "mount_propagation": null, + "name": "kube-api-access-g8nxm", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + } + ], + "working_dir": null + } + ], + "dns_config": null, + "dns_policy": "ClusterFirst", + "enable_service_links": true, + "ephemeral_containers": null, + "host_aliases": null, + "host_ipc": null, + "host_network": null, + "host_pid": null, + "host_users": null, + "hostname": "test-cluster-0", + "image_pull_secrets": null, + "init_containers": null, + "node_name": "acto-0-cluster-0-worker3", + "node_selector": null, + "os": null, + "overhead": null, + "preemption_policy": "PreemptLowerPriority", + "priority": 0, + "priority_class_name": null, + "readiness_gates": null, + "resource_claims": null, + "restart_policy": "Always", + "runtime_class_name": null, + "scheduler_name": "default-scheduler", + "scheduling_gates": null, + "security_context": { + "fs_group": null, + "fs_group_change_policy": null, + "run_as_group": null, + "run_as_non_root": null, + "run_as_user": null, + "se_linux_options": null, + "seccomp_profile": null, + "supplemental_groups": null, + "sysctls": null, + "windows_options": null + }, + "service_account": "default", + "service_account_name": "default", + "set_hostname_as_fqdn": null, + "share_process_namespace": null, + "subdomain": "test-cluster-headless", + "termination_grace_period_seconds": 30, + "tolerations": [ + { + "effect": "NoExecute", + "key": "node.kubernetes.io/not-ready", + "operator": "Exists", + "toleration_seconds": 300, + "value": null + }, + { + "effect": "NoExecute", + "key": "node.kubernetes.io/unreachable", + "operator": "Exists", + "toleration_seconds": 300, + "value": null + } + ], + "topology_spread_constraints": null, + "volumes": [ + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "data", + "nfs": null, + "persistent_volume_claim": { + "claim_name": "data-test-cluster-0", + "read_only": null + }, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": { + "default_mode": 420, + "items": null, + "name": "test-cluster-configmap", + "optional": null + }, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "conf", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "kube-api-access-g8nxm", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": { + "default_mode": 420, + "sources": [ + { + "config_map": null, + "downward_api": null, + "secret": null, + "service_account_token": { + "audience": null, + "expiration_seconds": 3607, + "path": "token" + } + }, + { + "config_map": { + "items": [ + { + "key": "ca.crt", + "mode": null, + "path": "ca.crt" + } + ], + "name": "kube-root-ca.crt", + "optional": null + }, + "downward_api": null, + "secret": null, + "service_account_token": null + }, + { + "config_map": null, + "downward_api": { + "items": [ + { + "field_ref": { + "api_version": "v1", + "field_path": "metadata.namespace" + }, + "mode": null, + "path": "namespace", + "resource_field_ref": null + } + ] + }, + "secret": null, + "service_account_token": null + } + ] + }, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + } + ] + }, + "status": { + "conditions": [ + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T04:28:30+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "Initialized" + }, + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T04:28:40+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "Ready" + }, + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T04:28:40+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "ContainersReady" + }, + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T04:28:30+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "PodScheduled" + } + ], + "container_statuses": [ + { + "container_id": "containerd://f6e8919acaa36a02cfb7e5f5e68ab4086c9b3c8bd71657f71cd1f1d9f0af0622", + "image": "docker.io/pravega/zookeeper:0.2.14", + "image_id": "docker.io/library/import-2024-02-27@sha256:7f2584253004a3a8f2cbd60d47f9333098ad7ac912757eb7591a60ea021b79bd", + "last_state": { + "running": null, + "terminated": null, + "waiting": null + }, + "name": "zookeeper", + "ready": true, + "restart_count": 0, + "started": true, + "state": { + "running": { + "started_at": "2024-02-27T04:28:30+00:00" + }, + "terminated": null, + "waiting": null + } + } + ], + "ephemeral_container_statuses": null, + "host_ip": "172.18.0.4", + "init_container_statuses": null, + "message": null, + "nominated_node_name": null, + "phase": "Running", + "pod_ip": "10.244.3.3", + "pod_i_ps": [ + { + "ip": "10.244.3.3" + } + ], + "qos_class": "BestEffort", + "reason": null, + "start_time": "2024-02-27T04:28:30+00:00" + } + }, + "test-cluster-1": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T04:28:40+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": "test-cluster-", + "generation": null, + "labels": { + "app": "test-cluster", + "apps.kubernetes.io/pod-index": "1", + "controller-revision-hash": "test-cluster-66f4d88fc7", + "kind": "ZookeeperMember", + "release": "test-cluster", + "statefulset.kubernetes.io/pod-name": "test-cluster-1" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:generateName": {}, + "f:labels": { + ".": {}, + "f:app": {}, + "f:apps.kubernetes.io/pod-index": {}, + "f:controller-revision-hash": {}, + "f:kind": {}, + "f:release": {}, + "f:statefulset.kubernetes.io/pod-name": {} + }, + "f:ownerReferences": { + ".": {}, + "k:{\"uid\":\"364b3b40-def1-40ea-8bc1-1c52af79123c\"}": {} + } + }, + "f:spec": { + "f:affinity": { + ".": {}, + "f:podAntiAffinity": { + ".": {}, + "f:preferredDuringSchedulingIgnoredDuringExecution": {} + } + }, + "f:containers": { + "k:{\"name\":\"zookeeper\"}": { + ".": {}, + "f:command": {}, + "f:env": { + ".": {}, + "k:{\"name\":\"ENVOY_SIDECAR_STATUS\"}": { + ".": {}, + "f:name": {}, + "f:valueFrom": { + ".": {}, + "f:fieldRef": {} + } + } + }, + "f:image": {}, + "f:imagePullPolicy": {}, + "f:lifecycle": { + ".": {}, + "f:preStop": { + ".": {}, + "f:exec": { + ".": {}, + "f:command": {} + } + } + }, + "f:livenessProbe": { + ".": {}, + "f:exec": { + ".": {}, + "f:command": {} + }, + "f:failureThreshold": {}, + "f:initialDelaySeconds": {}, + "f:periodSeconds": {}, + "f:successThreshold": {}, + "f:timeoutSeconds": {} + }, + "f:name": {}, + "f:ports": { + ".": {}, + "k:{\"containerPort\":2181,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + }, + "k:{\"containerPort\":2888,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + }, + "k:{\"containerPort\":3888,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + }, + "k:{\"containerPort\":7000,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + }, + "k:{\"containerPort\":8080,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + } + }, + "f:readinessProbe": { + ".": {}, + "f:exec": { + ".": {}, + "f:command": {} + }, + "f:failureThreshold": {}, + "f:initialDelaySeconds": {}, + "f:periodSeconds": {}, + "f:successThreshold": {}, + "f:timeoutSeconds": {} + }, + "f:resources": {}, + "f:terminationMessagePath": {}, + "f:terminationMessagePolicy": {}, + "f:volumeMounts": { + ".": {}, + "k:{\"mountPath\":\"/conf\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {} + }, + "k:{\"mountPath\":\"/data\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {} + } + } + } + }, + "f:dnsPolicy": {}, + "f:enableServiceLinks": {}, + "f:hostname": {}, + "f:restartPolicy": {}, + "f:schedulerName": {}, + "f:securityContext": {}, + "f:serviceAccount": {}, + "f:serviceAccountName": {}, + "f:subdomain": {}, + "f:terminationGracePeriodSeconds": {}, + "f:volumes": { + ".": {}, + "k:{\"name\":\"conf\"}": { + ".": {}, + "f:configMap": { + ".": {}, + "f:defaultMode": {}, + "f:name": {} + }, + "f:name": {} + }, + "k:{\"name\":\"data\"}": { + ".": {}, + "f:name": {}, + "f:persistentVolumeClaim": { + ".": {}, + "f:claimName": {} + } + } + } + } + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T04:28:40+00:00" + }, + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:status": { + "f:conditions": { + "k:{\"type\":\"ContainersReady\"}": { + ".": {}, + "f:lastProbeTime": {}, + "f:lastTransitionTime": {}, + "f:status": {}, + "f:type": {} + }, + "k:{\"type\":\"Initialized\"}": { + ".": {}, + "f:lastProbeTime": {}, + "f:lastTransitionTime": {}, + "f:status": {}, + "f:type": {} + }, + "k:{\"type\":\"Ready\"}": { + ".": {}, + "f:lastProbeTime": {}, + "f:lastTransitionTime": {}, + "f:status": {}, + "f:type": {} + } + }, + "f:containerStatuses": {}, + "f:hostIP": {}, + "f:phase": {}, + "f:podIP": {}, + "f:podIPs": { + ".": {}, + "k:{\"ip\":\"10.244.2.3\"}": { + ".": {}, + "f:ip": {} + } + }, + "f:startTime": {} + } + }, + "manager": "kubelet", + "operation": "Update", + "subresource": "status", + "time": "2024-02-27T04:29:27+00:00" + } + ], + "name": "test-cluster-1", + "namespace": "acto-namespace", + "owner_references": [ + { + "api_version": "apps/v1", + "block_owner_deletion": true, + "controller": true, + "kind": "StatefulSet", + "name": "test-cluster", + "uid": "364b3b40-def1-40ea-8bc1-1c52af79123c" + } + ], + "resource_version": "915", + "self_link": null, + "uid": "29624fa3-b1bd-4a49-b9ce-4a745541e131" + }, + "spec": { + "active_deadline_seconds": null, + "affinity": { + "node_affinity": null, + "pod_affinity": null, + "pod_anti_affinity": { + "preferred_during_scheduling_ignored_during_execution": [ + { + "pod_affinity_term": { + "label_selector": { + "match_expressions": [ + { + "key": "app", + "operator": "In", + "values": [ + "test-cluster" + ] + } + ], + "match_labels": null + }, + "namespace_selector": null, + "namespaces": null, + "topology_key": "kubernetes.io/hostname" + }, + "weight": 20 + } + ], + "required_during_scheduling_ignored_during_execution": null + } + }, + "automount_service_account_token": null, + "containers": [ + { + "args": null, + "command": [ + "/usr/local/bin/zookeeperStart.sh" + ], + "env": [ + { + "name": "ENVOY_SIDECAR_STATUS", + "value": null, + "value_from": { + "config_map_key_ref": null, + "field_ref": { + "api_version": "v1", + "field_path": "metadata.annotations['sidecar.istio.io/status']" + }, + "resource_field_ref": null, + "secret_key_ref": null + } + } + ], + "env_from": null, + "image": "pravega/zookeeper:0.2.14", + "image_pull_policy": "IfNotPresent", + "lifecycle": { + "post_start": null, + "pre_stop": { + "_exec": { + "command": [ + "zookeeperTeardown.sh" + ] + }, + "http_get": null, + "tcp_socket": null + } + }, + "liveness_probe": { + "_exec": { + "command": [ + "zookeeperLive.sh" + ] + }, + "failure_threshold": 3, + "grpc": null, + "http_get": null, + "initial_delay_seconds": 10, + "period_seconds": 10, + "success_threshold": 1, + "tcp_socket": null, + "termination_grace_period_seconds": null, + "timeout_seconds": 10 + }, + "name": "zookeeper", + "ports": [ + { + "container_port": 2181, + "host_ip": null, + "host_port": null, + "name": "client", + "protocol": "TCP" + }, + { + "container_port": 2888, + "host_ip": null, + "host_port": null, + "name": "quorum", + "protocol": "TCP" + }, + { + "container_port": 3888, + "host_ip": null, + "host_port": null, + "name": "leader-election", + "protocol": "TCP" + }, + { + "container_port": 7000, + "host_ip": null, + "host_port": null, + "name": "metrics", + "protocol": "TCP" + }, + { + "container_port": 8080, + "host_ip": null, + "host_port": null, + "name": "admin-server", + "protocol": "TCP" + } + ], + "readiness_probe": { + "_exec": { + "command": [ + "zookeeperReady.sh" + ] + }, + "failure_threshold": 3, + "grpc": null, + "http_get": null, + "initial_delay_seconds": 10, + "period_seconds": 10, + "success_threshold": 1, + "tcp_socket": null, + "termination_grace_period_seconds": null, + "timeout_seconds": 10 + }, + "resources": { + "claims": null, + "limits": null, + "requests": null + }, + "security_context": null, + "startup_probe": null, + "stdin": null, + "stdin_once": null, + "termination_message_path": "/dev/termination-log", + "termination_message_policy": "File", + "tty": null, + "volume_devices": null, + "volume_mounts": [ + { + "mount_path": "/data", + "mount_propagation": null, + "name": "data", + "read_only": null, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/conf", + "mount_propagation": null, + "name": "conf", + "read_only": null, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/var/run/secrets/kubernetes.io/serviceaccount", + "mount_propagation": null, + "name": "kube-api-access-kv8hc", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + } + ], + "working_dir": null + } + ], + "dns_config": null, + "dns_policy": "ClusterFirst", + "enable_service_links": true, + "ephemeral_containers": null, + "host_aliases": null, + "host_ipc": null, + "host_network": null, + "host_pid": null, + "host_users": null, + "hostname": "test-cluster-1", + "image_pull_secrets": null, + "init_containers": null, + "node_name": "acto-0-cluster-0-worker2", + "node_selector": null, + "os": null, + "overhead": null, + "preemption_policy": "PreemptLowerPriority", + "priority": 0, + "priority_class_name": null, + "readiness_gates": null, + "resource_claims": null, + "restart_policy": "Always", + "runtime_class_name": null, + "scheduler_name": "default-scheduler", + "scheduling_gates": null, + "security_context": { + "fs_group": null, + "fs_group_change_policy": null, + "run_as_group": null, + "run_as_non_root": null, + "run_as_user": null, + "se_linux_options": null, + "seccomp_profile": null, + "supplemental_groups": null, + "sysctls": null, + "windows_options": null + }, + "service_account": "default", + "service_account_name": "default", + "set_hostname_as_fqdn": null, + "share_process_namespace": null, + "subdomain": "test-cluster-headless", + "termination_grace_period_seconds": 30, + "tolerations": [ + { + "effect": "NoExecute", + "key": "node.kubernetes.io/not-ready", + "operator": "Exists", + "toleration_seconds": 300, + "value": null + }, + { + "effect": "NoExecute", + "key": "node.kubernetes.io/unreachable", + "operator": "Exists", + "toleration_seconds": 300, + "value": null + } + ], + "topology_spread_constraints": null, + "volumes": [ + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "data", + "nfs": null, + "persistent_volume_claim": { + "claim_name": "data-test-cluster-1", + "read_only": null + }, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": { + "default_mode": 420, + "items": null, + "name": "test-cluster-configmap", + "optional": null + }, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "conf", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "kube-api-access-kv8hc", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": { + "default_mode": 420, + "sources": [ + { + "config_map": null, + "downward_api": null, + "secret": null, + "service_account_token": { + "audience": null, + "expiration_seconds": 3607, + "path": "token" + } + }, + { + "config_map": { + "items": [ + { + "key": "ca.crt", + "mode": null, + "path": "ca.crt" + } + ], + "name": "kube-root-ca.crt", + "optional": null + }, + "downward_api": null, + "secret": null, + "service_account_token": null + }, + { + "config_map": null, + "downward_api": { + "items": [ + { + "field_ref": { + "api_version": "v1", + "field_path": "metadata.namespace" + }, + "mode": null, + "path": "namespace", + "resource_field_ref": null + } + ] + }, + "secret": null, + "service_account_token": null + } + ] + }, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + } + ] + }, + "status": { + "conditions": [ + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T04:28:44+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "Initialized" + }, + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T04:29:27+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "Ready" + }, + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T04:29:27+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "ContainersReady" + }, + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T04:28:44+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "PodScheduled" + } + ], + "container_statuses": [ + { + "container_id": "containerd://e0a062004552de47c60046b989f1895b7fd8df9e6dffda07ab02e9326a1d76d4", + "image": "docker.io/pravega/zookeeper:0.2.14", + "image_id": "docker.io/library/import-2024-02-27@sha256:7f2584253004a3a8f2cbd60d47f9333098ad7ac912757eb7591a60ea021b79bd", + "last_state": { + "running": null, + "terminated": { + "container_id": "containerd://23f059b1f43bedd626d3cd6572c9bd3cf950577dac1e4209545207d1540ad758", + "exit_code": 1, + "finished_at": "2024-02-27T04:28:45+00:00", + "message": null, + "reason": "Error", + "signal": null, + "started_at": "2024-02-27T04:28:45+00:00" + }, + "waiting": null + }, + "name": "zookeeper", + "ready": true, + "restart_count": 2, + "started": true, + "state": { + "running": { + "started_at": "2024-02-27T04:29:11+00:00" + }, + "terminated": null, + "waiting": null + } + } + ], + "ephemeral_container_statuses": null, + "host_ip": "172.18.0.3", + "init_container_statuses": null, + "message": null, + "nominated_node_name": null, + "phase": "Running", + "pod_ip": "10.244.2.3", + "pod_i_ps": [ + { + "ip": "10.244.2.3" + } + ], + "qos_class": "BestEffort", + "reason": null, + "start_time": "2024-02-27T04:28:44+00:00" + } + }, + "test-cluster-2": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T04:29:27+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": "test-cluster-", + "generation": null, + "labels": { + "app": "test-cluster", + "apps.kubernetes.io/pod-index": "2", + "controller-revision-hash": "test-cluster-66f4d88fc7", + "kind": "ZookeeperMember", + "release": "test-cluster", + "statefulset.kubernetes.io/pod-name": "test-cluster-2" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:generateName": {}, + "f:labels": { + ".": {}, + "f:app": {}, + "f:apps.kubernetes.io/pod-index": {}, + "f:controller-revision-hash": {}, + "f:kind": {}, + "f:release": {}, + "f:statefulset.kubernetes.io/pod-name": {} + }, + "f:ownerReferences": { + ".": {}, + "k:{\"uid\":\"364b3b40-def1-40ea-8bc1-1c52af79123c\"}": {} + } + }, + "f:spec": { + "f:affinity": { + ".": {}, + "f:podAntiAffinity": { + ".": {}, + "f:preferredDuringSchedulingIgnoredDuringExecution": {} + } + }, + "f:containers": { + "k:{\"name\":\"zookeeper\"}": { + ".": {}, + "f:command": {}, + "f:env": { + ".": {}, + "k:{\"name\":\"ENVOY_SIDECAR_STATUS\"}": { + ".": {}, + "f:name": {}, + "f:valueFrom": { + ".": {}, + "f:fieldRef": {} + } + } + }, + "f:image": {}, + "f:imagePullPolicy": {}, + "f:lifecycle": { + ".": {}, + "f:preStop": { + ".": {}, + "f:exec": { + ".": {}, + "f:command": {} + } + } + }, + "f:livenessProbe": { + ".": {}, + "f:exec": { + ".": {}, + "f:command": {} + }, + "f:failureThreshold": {}, + "f:initialDelaySeconds": {}, + "f:periodSeconds": {}, + "f:successThreshold": {}, + "f:timeoutSeconds": {} + }, + "f:name": {}, + "f:ports": { + ".": {}, + "k:{\"containerPort\":2181,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + }, + "k:{\"containerPort\":2888,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + }, + "k:{\"containerPort\":3888,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + }, + "k:{\"containerPort\":7000,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + }, + "k:{\"containerPort\":8080,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + } + }, + "f:readinessProbe": { + ".": {}, + "f:exec": { + ".": {}, + "f:command": {} + }, + "f:failureThreshold": {}, + "f:initialDelaySeconds": {}, + "f:periodSeconds": {}, + "f:successThreshold": {}, + "f:timeoutSeconds": {} + }, + "f:resources": {}, + "f:terminationMessagePath": {}, + "f:terminationMessagePolicy": {}, + "f:volumeMounts": { + ".": {}, + "k:{\"mountPath\":\"/conf\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {} + }, + "k:{\"mountPath\":\"/data\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {} + } + } + } + }, + "f:dnsPolicy": {}, + "f:enableServiceLinks": {}, + "f:hostname": {}, + "f:restartPolicy": {}, + "f:schedulerName": {}, + "f:securityContext": {}, + "f:serviceAccount": {}, + "f:serviceAccountName": {}, + "f:subdomain": {}, + "f:terminationGracePeriodSeconds": {}, + "f:volumes": { + ".": {}, + "k:{\"name\":\"conf\"}": { + ".": {}, + "f:configMap": { + ".": {}, + "f:defaultMode": {}, + "f:name": {} + }, + "f:name": {} + }, + "k:{\"name\":\"data\"}": { + ".": {}, + "f:name": {}, + "f:persistentVolumeClaim": { + ".": {}, + "f:claimName": {} + } + } + } + } + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T04:29:27+00:00" + }, + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:status": { + "f:conditions": { + "k:{\"type\":\"ContainersReady\"}": { + ".": {}, + "f:lastProbeTime": {}, + "f:lastTransitionTime": {}, + "f:status": {}, + "f:type": {} + }, + "k:{\"type\":\"Initialized\"}": { + ".": {}, + "f:lastProbeTime": {}, + "f:lastTransitionTime": {}, + "f:status": {}, + "f:type": {} + }, + "k:{\"type\":\"Ready\"}": { + ".": {}, + "f:lastProbeTime": {}, + "f:lastTransitionTime": {}, + "f:status": {}, + "f:type": {} + } + }, + "f:containerStatuses": {}, + "f:hostIP": {}, + "f:phase": {}, + "f:podIP": {}, + "f:podIPs": { + ".": {}, + "k:{\"ip\":\"10.244.1.4\"}": { + ".": {}, + "f:ip": {} + } + }, + "f:startTime": {} + } + }, + "manager": "kubelet", + "operation": "Update", + "subresource": "status", + "time": "2024-02-27T04:29:43+00:00" + } + ], + "name": "test-cluster-2", + "namespace": "acto-namespace", + "owner_references": [ + { + "api_version": "apps/v1", + "block_owner_deletion": true, + "controller": true, + "kind": "StatefulSet", + "name": "test-cluster", + "uid": "364b3b40-def1-40ea-8bc1-1c52af79123c" + } + ], + "resource_version": "987", + "self_link": null, + "uid": "ba425a9d-cf57-4e27-8ef2-a64a42681f9e" + }, + "spec": { + "active_deadline_seconds": null, + "affinity": { + "node_affinity": null, + "pod_affinity": null, + "pod_anti_affinity": { + "preferred_during_scheduling_ignored_during_execution": [ + { + "pod_affinity_term": { + "label_selector": { + "match_expressions": [ + { + "key": "app", + "operator": "In", + "values": [ + "test-cluster" + ] + } + ], + "match_labels": null + }, + "namespace_selector": null, + "namespaces": null, + "topology_key": "kubernetes.io/hostname" + }, + "weight": 20 + } + ], + "required_during_scheduling_ignored_during_execution": null + } + }, + "automount_service_account_token": null, + "containers": [ + { + "args": null, + "command": [ + "/usr/local/bin/zookeeperStart.sh" + ], + "env": [ + { + "name": "ENVOY_SIDECAR_STATUS", + "value": null, + "value_from": { + "config_map_key_ref": null, + "field_ref": { + "api_version": "v1", + "field_path": "metadata.annotations['sidecar.istio.io/status']" + }, + "resource_field_ref": null, + "secret_key_ref": null + } + } + ], + "env_from": null, + "image": "pravega/zookeeper:0.2.14", + "image_pull_policy": "IfNotPresent", + "lifecycle": { + "post_start": null, + "pre_stop": { + "_exec": { + "command": [ + "zookeeperTeardown.sh" + ] + }, + "http_get": null, + "tcp_socket": null + } + }, + "liveness_probe": { + "_exec": { + "command": [ + "zookeeperLive.sh" + ] + }, + "failure_threshold": 3, + "grpc": null, + "http_get": null, + "initial_delay_seconds": 10, + "period_seconds": 10, + "success_threshold": 1, + "tcp_socket": null, + "termination_grace_period_seconds": null, + "timeout_seconds": 10 + }, + "name": "zookeeper", + "ports": [ + { + "container_port": 2181, + "host_ip": null, + "host_port": null, + "name": "client", + "protocol": "TCP" + }, + { + "container_port": 2888, + "host_ip": null, + "host_port": null, + "name": "quorum", + "protocol": "TCP" + }, + { + "container_port": 3888, + "host_ip": null, + "host_port": null, + "name": "leader-election", + "protocol": "TCP" + }, + { + "container_port": 7000, + "host_ip": null, + "host_port": null, + "name": "metrics", + "protocol": "TCP" + }, + { + "container_port": 8080, + "host_ip": null, + "host_port": null, + "name": "admin-server", + "protocol": "TCP" + } + ], + "readiness_probe": { + "_exec": { + "command": [ + "zookeeperReady.sh" + ] + }, + "failure_threshold": 3, + "grpc": null, + "http_get": null, + "initial_delay_seconds": 10, + "period_seconds": 10, + "success_threshold": 1, + "tcp_socket": null, + "termination_grace_period_seconds": null, + "timeout_seconds": 10 + }, + "resources": { + "claims": null, + "limits": null, + "requests": null + }, + "security_context": null, + "startup_probe": null, + "stdin": null, + "stdin_once": null, + "termination_message_path": "/dev/termination-log", + "termination_message_policy": "File", + "tty": null, + "volume_devices": null, + "volume_mounts": [ + { + "mount_path": "/data", + "mount_propagation": null, + "name": "data", + "read_only": null, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/conf", + "mount_propagation": null, + "name": "conf", + "read_only": null, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/var/run/secrets/kubernetes.io/serviceaccount", + "mount_propagation": null, + "name": "kube-api-access-9wbg7", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + } + ], + "working_dir": null + } + ], + "dns_config": null, + "dns_policy": "ClusterFirst", + "enable_service_links": true, + "ephemeral_containers": null, + "host_aliases": null, + "host_ipc": null, + "host_network": null, + "host_pid": null, + "host_users": null, + "hostname": "test-cluster-2", + "image_pull_secrets": null, + "init_containers": null, + "node_name": "acto-0-cluster-0-worker", + "node_selector": null, + "os": null, + "overhead": null, + "preemption_policy": "PreemptLowerPriority", + "priority": 0, + "priority_class_name": null, + "readiness_gates": null, + "resource_claims": null, + "restart_policy": "Always", + "runtime_class_name": null, + "scheduler_name": "default-scheduler", + "scheduling_gates": null, + "security_context": { + "fs_group": null, + "fs_group_change_policy": null, + "run_as_group": null, + "run_as_non_root": null, + "run_as_user": null, + "se_linux_options": null, + "seccomp_profile": null, + "supplemental_groups": null, + "sysctls": null, + "windows_options": null + }, + "service_account": "default", + "service_account_name": "default", + "set_hostname_as_fqdn": null, + "share_process_namespace": null, + "subdomain": "test-cluster-headless", + "termination_grace_period_seconds": 30, + "tolerations": [ + { + "effect": "NoExecute", + "key": "node.kubernetes.io/not-ready", + "operator": "Exists", + "toleration_seconds": 300, + "value": null + }, + { + "effect": "NoExecute", + "key": "node.kubernetes.io/unreachable", + "operator": "Exists", + "toleration_seconds": 300, + "value": null + } + ], + "topology_spread_constraints": null, + "volumes": [ + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "data", + "nfs": null, + "persistent_volume_claim": { + "claim_name": "data-test-cluster-2", + "read_only": null + }, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": { + "default_mode": 420, + "items": null, + "name": "test-cluster-configmap", + "optional": null + }, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "conf", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "kube-api-access-9wbg7", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": { + "default_mode": 420, + "sources": [ + { + "config_map": null, + "downward_api": null, + "secret": null, + "service_account_token": { + "audience": null, + "expiration_seconds": 3607, + "path": "token" + } + }, + { + "config_map": { + "items": [ + { + "key": "ca.crt", + "mode": null, + "path": "ca.crt" + } + ], + "name": "kube-root-ca.crt", + "optional": null + }, + "downward_api": null, + "secret": null, + "service_account_token": null + }, + { + "config_map": null, + "downward_api": { + "items": [ + { + "field_ref": { + "api_version": "v1", + "field_path": "metadata.namespace" + }, + "mode": null, + "path": "namespace", + "resource_field_ref": null + } + ] + }, + "secret": null, + "service_account_token": null + } + ] + }, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + } + ] + }, + "status": { + "conditions": [ + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T04:29:31+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "Initialized" + }, + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T04:29:43+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "Ready" + }, + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T04:29:43+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "ContainersReady" + }, + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T04:29:31+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "PodScheduled" + } + ], + "container_statuses": [ + { + "container_id": "containerd://d57a3d1981f648b551655d791a54b27c3cdb626d2ef55805831096a0d0045743", + "image": "docker.io/pravega/zookeeper:0.2.14", + "image_id": "docker.io/library/import-2024-02-27@sha256:7f2584253004a3a8f2cbd60d47f9333098ad7ac912757eb7591a60ea021b79bd", + "last_state": { + "running": null, + "terminated": null, + "waiting": null + }, + "name": "zookeeper", + "ready": true, + "restart_count": 0, + "started": true, + "state": { + "running": { + "started_at": "2024-02-27T04:29:31+00:00" + }, + "terminated": null, + "waiting": null + } + } + ], + "ephemeral_container_statuses": null, + "host_ip": "172.18.0.5", + "init_container_statuses": null, + "message": null, + "nominated_node_name": null, + "phase": "Running", + "pod_ip": "10.244.1.4", + "pod_i_ps": [ + { + "ip": "10.244.1.4" + } + ], + "qos_class": "BestEffort", + "reason": null, + "start_time": "2024-02-27T04:29:31+00:00" + } + } + }, + "deployment_pods": { + "acto-test-operator-zookeeper-operator": [ + { + "api_version": null, + "kind": null, + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T04:27:55+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": "acto-test-operator-zookeeper-operator-f56b66895-", + "generation": null, + "labels": { + "acto/tag": "operator-pod", + "component": "zookeeper-operator", + "name": "acto-test-operator-zookeeper-operator", + "pod-template-hash": "f56b66895" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:generateName": {}, + "f:labels": { + ".": {}, + "f:acto/tag": {}, + "f:component": {}, + "f:name": {}, + "f:pod-template-hash": {} + }, + "f:ownerReferences": { + ".": {}, + "k:{\"uid\":\"1b23e2bb-3559-4aa5-81e0-684e828d90ab\"}": {} + } + }, + "f:spec": { + "f:containers": { + "k:{\"name\":\"acto-test-operator-zookeeper-operator\"}": { + ".": {}, + "f:command": {}, + "f:env": { + ".": {}, + "k:{\"name\":\"OPERATOR_NAME\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"POD_NAME\"}": { + ".": {}, + "f:name": {}, + "f:valueFrom": { + ".": {}, + "f:fieldRef": {} + } + }, + "k:{\"name\":\"WATCH_NAMESPACE\"}": { + ".": {}, + "f:name": {} + } + }, + "f:image": {}, + "f:imagePullPolicy": {}, + "f:name": {}, + "f:ports": { + ".": {}, + "k:{\"containerPort\":6000,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + } + }, + "f:resources": {}, + "f:terminationMessagePath": {}, + "f:terminationMessagePolicy": {} + } + }, + "f:dnsPolicy": {}, + "f:enableServiceLinks": {}, + "f:restartPolicy": {}, + "f:schedulerName": {}, + "f:securityContext": {}, + "f:serviceAccount": {}, + "f:serviceAccountName": {}, + "f:terminationGracePeriodSeconds": {} + } + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T04:27:55+00:00" + }, + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:status": { + "f:conditions": { + "k:{\"type\":\"ContainersReady\"}": { + ".": {}, + "f:lastProbeTime": {}, + "f:lastTransitionTime": {}, + "f:status": {}, + "f:type": {} + }, + "k:{\"type\":\"Initialized\"}": { + ".": {}, + "f:lastProbeTime": {}, + "f:lastTransitionTime": {}, + "f:status": {}, + "f:type": {} + }, + "k:{\"type\":\"Ready\"}": { + ".": {}, + "f:lastProbeTime": {}, + "f:lastTransitionTime": {}, + "f:status": {}, + "f:type": {} + } + }, + "f:containerStatuses": {}, + "f:hostIP": {}, + "f:phase": {}, + "f:podIP": {}, + "f:podIPs": { + ".": {}, + "k:{\"ip\":\"10.244.1.2\"}": { + ".": {}, + "f:ip": {} + } + }, + "f:startTime": {} + } + }, + "manager": "kubelet", + "operation": "Update", + "subresource": "status", + "time": "2024-02-27T04:27:57+00:00" + } + ], + "name": "acto-test-operator-zookeeper-operator-f56b66895-xgnpm", + "namespace": "acto-namespace", + "owner_references": [ + { + "api_version": "apps/v1", + "block_owner_deletion": true, + "controller": true, + "kind": "ReplicaSet", + "name": "acto-test-operator-zookeeper-operator-f56b66895", + "uid": "1b23e2bb-3559-4aa5-81e0-684e828d90ab" + } + ], + "resource_version": "652", + "self_link": null, + "uid": "b75052f7-2f5d-4c24-9c77-cb51321f43a4" + }, + "spec": { + "active_deadline_seconds": null, + "affinity": null, + "automount_service_account_token": null, + "containers": [ + { + "args": null, + "command": [ + "zookeeper-operator" + ], + "env": [ + { + "name": "WATCH_NAMESPACE", + "value": null, + "value_from": null + }, + { + "name": "POD_NAME", + "value": null, + "value_from": { + "config_map_key_ref": null, + "field_ref": { + "api_version": "v1", + "field_path": "metadata.name" + }, + "resource_field_ref": null, + "secret_key_ref": null + } + }, + { + "name": "OPERATOR_NAME", + "value": "acto-test-operator-zookeeper-operator", + "value_from": null + } + ], + "env_from": null, + "image": "pravega/zookeeper-operator:0.2.13", + "image_pull_policy": "IfNotPresent", + "lifecycle": null, + "liveness_probe": null, + "name": "acto-test-operator-zookeeper-operator", + "ports": [ + { + "container_port": 6000, + "host_ip": null, + "host_port": null, + "name": "metrics", + "protocol": "TCP" + } + ], + "readiness_probe": null, + "resources": { + "claims": null, + "limits": null, + "requests": null + }, + "security_context": null, + "startup_probe": null, + "stdin": null, + "stdin_once": null, + "termination_message_path": "/dev/termination-log", + "termination_message_policy": "File", + "tty": null, + "volume_devices": null, + "volume_mounts": [ + { + "mount_path": "/var/run/secrets/kubernetes.io/serviceaccount", + "mount_propagation": null, + "name": "kube-api-access-7lxg6", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + } + ], + "working_dir": null + } + ], + "dns_config": null, + "dns_policy": "ClusterFirst", + "enable_service_links": true, + "ephemeral_containers": null, + "host_aliases": null, + "host_ipc": null, + "host_network": null, + "host_pid": null, + "host_users": null, + "hostname": null, + "image_pull_secrets": null, + "init_containers": null, + "node_name": "acto-0-cluster-0-worker", + "node_selector": null, + "os": null, + "overhead": null, + "preemption_policy": "PreemptLowerPriority", + "priority": 0, + "priority_class_name": null, + "readiness_gates": null, + "resource_claims": null, + "restart_policy": "Always", + "runtime_class_name": null, + "scheduler_name": "default-scheduler", + "scheduling_gates": null, + "security_context": { + "fs_group": null, + "fs_group_change_policy": null, + "run_as_group": null, + "run_as_non_root": null, + "run_as_user": null, + "se_linux_options": null, + "seccomp_profile": null, + "supplemental_groups": null, + "sysctls": null, + "windows_options": null + }, + "service_account": "zookeeper-operator", + "service_account_name": "zookeeper-operator", + "set_hostname_as_fqdn": null, + "share_process_namespace": null, + "subdomain": null, + "termination_grace_period_seconds": 30, + "tolerations": [ + { + "effect": "NoExecute", + "key": "node.kubernetes.io/not-ready", + "operator": "Exists", + "toleration_seconds": 300, + "value": null + }, + { + "effect": "NoExecute", + "key": "node.kubernetes.io/unreachable", + "operator": "Exists", + "toleration_seconds": 300, + "value": null + } + ], + "topology_spread_constraints": null, + "volumes": [ + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "kube-api-access-7lxg6", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": { + "default_mode": 420, + "sources": [ + { + "config_map": null, + "downward_api": null, + "secret": null, + "service_account_token": { + "audience": null, + "expiration_seconds": 3607, + "path": "token" + } + }, + { + "config_map": { + "items": [ + { + "key": "ca.crt", + "mode": null, + "path": "ca.crt" + } + ], + "name": "kube-root-ca.crt", + "optional": null + }, + "downward_api": null, + "secret": null, + "service_account_token": null + }, + { + "config_map": null, + "downward_api": { + "items": [ + { + "field_ref": { + "api_version": "v1", + "field_path": "metadata.namespace" + }, + "mode": null, + "path": "namespace", + "resource_field_ref": null + } + ] + }, + "secret": null, + "service_account_token": null + } + ] + }, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + } + ] + }, + "status": { + "conditions": [ + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T04:27:55+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "Initialized" + }, + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T04:27:57+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "Ready" + }, + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T04:27:57+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "ContainersReady" + }, + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T04:27:55+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "PodScheduled" + } + ], + "container_statuses": [ + { + "container_id": "containerd://93da00e688354f4c1ae4d78bcb1c5f713d2335e11845ffb4fa52cfc5134ce058", + "image": "docker.io/pravega/zookeeper-operator:0.2.13", + "image_id": "docker.io/library/import-2024-02-27@sha256:136c9853896b8cec99ef856a29284fbc599a5d73df3a5279be744b776a322ab8", + "last_state": { + "running": null, + "terminated": null, + "waiting": null + }, + "name": "acto-test-operator-zookeeper-operator", + "ready": true, + "restart_count": 0, + "started": true, + "state": { + "running": { + "started_at": "2024-02-27T04:27:56+00:00" + }, + "terminated": null, + "waiting": null + } + } + ], + "ephemeral_container_statuses": null, + "host_ip": "172.18.0.5", + "init_container_statuses": null, + "message": null, + "nominated_node_name": null, + "phase": "Running", + "pod_ip": "10.244.1.2", + "pod_i_ps": [ + { + "ip": "10.244.1.2" + } + ], + "qos_class": "BestEffort", + "reason": null, + "start_time": "2024-02-27T04:27:55+00:00" + } + } + ] + }, + "daemonset_pods": {}, + "stateful_set": { + "test-cluster": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T04:28:26+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": 1, + "labels": { + "app": "test-cluster", + "owner-rv": "1049", + "release": "test-cluster" + }, + "managed_fields": [ + { + "api_version": "apps/v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:status": { + "f:availableReplicas": {}, + "f:currentReplicas": {}, + "f:readyReplicas": {}, + "f:replicas": {}, + "f:updatedReplicas": {} + } + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T04:29:43+00:00" + }, + { + "api_version": "apps/v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:labels": { + ".": {}, + "f:app": {}, + "f:owner-rv": {}, + "f:release": {} + }, + "f:ownerReferences": { + ".": {}, + "k:{\"uid\":\"5b55aa11-70e5-43b3-aee8-24fbe8180a7c\"}": {} + } + }, + "f:spec": { + "f:persistentVolumeClaimRetentionPolicy": { + ".": {}, + "f:whenDeleted": {}, + "f:whenScaled": {} + }, + "f:podManagementPolicy": {}, + "f:replicas": {}, + "f:revisionHistoryLimit": {}, + "f:selector": {}, + "f:serviceName": {}, + "f:template": { + "f:metadata": { + "f:generateName": {}, + "f:labels": { + ".": {}, + "f:app": {}, + "f:kind": {}, + "f:release": {} + } + }, + "f:spec": { + "f:affinity": { + ".": {}, + "f:podAntiAffinity": { + ".": {}, + "f:preferredDuringSchedulingIgnoredDuringExecution": {} + } + }, + "f:containers": { + "k:{\"name\":\"zookeeper\"}": { + ".": {}, + "f:command": {}, + "f:env": { + ".": {}, + "k:{\"name\":\"ENVOY_SIDECAR_STATUS\"}": { + ".": {}, + "f:name": {}, + "f:valueFrom": { + ".": {}, + "f:fieldRef": {} + } + } + }, + "f:image": {}, + "f:imagePullPolicy": {}, + "f:lifecycle": { + ".": {}, + "f:preStop": { + ".": {}, + "f:exec": { + ".": {}, + "f:command": {} + } + } + }, + "f:livenessProbe": { + ".": {}, + "f:exec": { + ".": {}, + "f:command": {} + }, + "f:failureThreshold": {}, + "f:initialDelaySeconds": {}, + "f:periodSeconds": {}, + "f:successThreshold": {}, + "f:timeoutSeconds": {} + }, + "f:name": {}, + "f:ports": { + ".": {}, + "k:{\"containerPort\":2181,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + }, + "k:{\"containerPort\":2888,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + }, + "k:{\"containerPort\":3888,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + }, + "k:{\"containerPort\":7000,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + }, + "k:{\"containerPort\":8080,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + } + }, + "f:readinessProbe": { + ".": {}, + "f:exec": { + ".": {}, + "f:command": {} + }, + "f:failureThreshold": {}, + "f:initialDelaySeconds": {}, + "f:periodSeconds": {}, + "f:successThreshold": {}, + "f:timeoutSeconds": {} + }, + "f:resources": {}, + "f:terminationMessagePath": {}, + "f:terminationMessagePolicy": {}, + "f:volumeMounts": { + ".": {}, + "k:{\"mountPath\":\"/conf\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {} + }, + "k:{\"mountPath\":\"/data\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {} + } + } + } + }, + "f:dnsPolicy": {}, + "f:restartPolicy": {}, + "f:schedulerName": {}, + "f:securityContext": {}, + "f:serviceAccount": {}, + "f:serviceAccountName": {}, + "f:terminationGracePeriodSeconds": {}, + "f:volumes": { + ".": {}, + "k:{\"name\":\"conf\"}": { + ".": {}, + "f:configMap": { + ".": {}, + "f:defaultMode": {}, + "f:name": {} + }, + "f:name": {} + } + } + } + }, + "f:updateStrategy": { + "f:type": {} + }, + "f:volumeClaimTemplates": {} + } + }, + "manager": "zookeeper-operator", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T04:30:17+00:00" + } + ], + "name": "test-cluster", + "namespace": "acto-namespace", + "owner_references": [ + { + "api_version": "zookeeper.pravega.io/v1beta1", + "block_owner_deletion": true, + "controller": true, + "kind": "ZookeeperCluster", + "name": "test-cluster", + "uid": "5b55aa11-70e5-43b3-aee8-24fbe8180a7c" + } + ], + "resource_version": "1050", + "self_link": null, + "uid": "364b3b40-def1-40ea-8bc1-1c52af79123c" + }, + "spec": { + "min_ready_seconds": null, + "ordinals": null, + "persistent_volume_claim_retention_policy": { + "when_deleted": "Retain", + "when_scaled": "Retain" + }, + "pod_management_policy": "OrderedReady", + "replicas": 3, + "revision_history_limit": 10, + "selector": { + "match_expressions": null, + "match_labels": { + "app": "test-cluster" + } + }, + "service_name": "test-cluster-headless", + "template": { + "metadata": { + "annotations": null, + "creation_timestamp": null, + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": "test-cluster", + "generation": null, + "labels": { + "app": "test-cluster", + "kind": "ZookeeperMember", + "release": "test-cluster" + }, + "managed_fields": null, + "name": null, + "namespace": null, + "owner_references": null, + "resource_version": null, + "self_link": null, + "uid": null + }, + "spec": { + "active_deadline_seconds": null, + "affinity": { + "node_affinity": null, + "pod_affinity": null, + "pod_anti_affinity": { + "preferred_during_scheduling_ignored_during_execution": [ + { + "pod_affinity_term": { + "label_selector": { + "match_expressions": [ + { + "key": "app", + "operator": "In", + "values": [ + "test-cluster" + ] + } + ], + "match_labels": null + }, + "namespace_selector": null, + "namespaces": null, + "topology_key": "kubernetes.io/hostname" + }, + "weight": 20 + } + ], + "required_during_scheduling_ignored_during_execution": null + } + }, + "automount_service_account_token": null, + "containers": [ + { + "args": null, + "command": [ + "/usr/local/bin/zookeeperStart.sh" + ], + "env": [ + { + "name": "ENVOY_SIDECAR_STATUS", + "value": null, + "value_from": { + "config_map_key_ref": null, + "field_ref": { + "api_version": "v1", + "field_path": "metadata.annotations['sidecar.istio.io/status']" + }, + "resource_field_ref": null, + "secret_key_ref": null + } + } + ], + "env_from": null, + "image": "pravega/zookeeper:0.2.14", + "image_pull_policy": "IfNotPresent", + "lifecycle": { + "post_start": null, + "pre_stop": { + "_exec": { + "command": [ + "zookeeperTeardown.sh" + ] + }, + "http_get": null, + "tcp_socket": null + } + }, + "liveness_probe": { + "_exec": { + "command": [ + "zookeeperLive.sh" + ] + }, + "failure_threshold": 3, + "grpc": null, + "http_get": null, + "initial_delay_seconds": 10, + "period_seconds": 10, + "success_threshold": 1, + "tcp_socket": null, + "termination_grace_period_seconds": null, + "timeout_seconds": 10 + }, + "name": "zookeeper", + "ports": [ + { + "container_port": 2181, + "host_ip": null, + "host_port": null, + "name": "client", + "protocol": "TCP" + }, + { + "container_port": 2888, + "host_ip": null, + "host_port": null, + "name": "quorum", + "protocol": "TCP" + }, + { + "container_port": 3888, + "host_ip": null, + "host_port": null, + "name": "leader-election", + "protocol": "TCP" + }, + { + "container_port": 7000, + "host_ip": null, + "host_port": null, + "name": "metrics", + "protocol": "TCP" + }, + { + "container_port": 8080, + "host_ip": null, + "host_port": null, + "name": "admin-server", + "protocol": "TCP" + } + ], + "readiness_probe": { + "_exec": { + "command": [ + "zookeeperReady.sh" + ] + }, + "failure_threshold": 3, + "grpc": null, + "http_get": null, + "initial_delay_seconds": 10, + "period_seconds": 10, + "success_threshold": 1, + "tcp_socket": null, + "termination_grace_period_seconds": null, + "timeout_seconds": 10 + }, + "resources": { + "claims": null, + "limits": null, + "requests": null + }, + "security_context": null, + "startup_probe": null, + "stdin": null, + "stdin_once": null, + "termination_message_path": "/dev/termination-log", + "termination_message_policy": "File", + "tty": null, + "volume_devices": null, + "volume_mounts": [ + { + "mount_path": "/data", + "mount_propagation": null, + "name": "data", + "read_only": null, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/conf", + "mount_propagation": null, + "name": "conf", + "read_only": null, + "sub_path": null, + "sub_path_expr": null + } + ], + "working_dir": null + } + ], + "dns_config": null, + "dns_policy": "ClusterFirst", + "enable_service_links": null, + "ephemeral_containers": null, + "host_aliases": null, + "host_ipc": null, + "host_network": null, + "host_pid": null, + "host_users": null, + "hostname": null, + "image_pull_secrets": null, + "init_containers": null, + "node_name": null, + "node_selector": null, + "os": null, + "overhead": null, + "preemption_policy": null, + "priority": null, + "priority_class_name": null, + "readiness_gates": null, + "resource_claims": null, + "restart_policy": "Always", + "runtime_class_name": null, + "scheduler_name": "default-scheduler", + "scheduling_gates": null, + "security_context": { + "fs_group": null, + "fs_group_change_policy": null, + "run_as_group": null, + "run_as_non_root": null, + "run_as_user": null, + "se_linux_options": null, + "seccomp_profile": null, + "supplemental_groups": null, + "sysctls": null, + "windows_options": null + }, + "service_account": "default", + "service_account_name": "default", + "set_hostname_as_fqdn": null, + "share_process_namespace": null, + "subdomain": null, + "termination_grace_period_seconds": 30, + "tolerations": null, + "topology_spread_constraints": null, + "volumes": [ + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": { + "default_mode": 420, + "items": null, + "name": "test-cluster-configmap", + "optional": null + }, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "conf", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + } + ] + } + }, + "update_strategy": { + "rolling_update": null, + "type": "RollingUpdate" + }, + "volume_claim_templates": [ + { + "api_version": "v1", + "kind": "PersistentVolumeClaim", + "metadata": { + "annotations": null, + "creation_timestamp": null, + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": { + "app": "test-cluster", + "release": "test-cluster", + "uid": "5b55aa11-70e5-43b3-aee8-24fbe8180a7c" + }, + "managed_fields": null, + "name": "data", + "namespace": null, + "owner_references": null, + "resource_version": null, + "self_link": null, + "uid": null + }, + "spec": { + "access_modes": [ + "ReadWriteOnce" + ], + "data_source": null, + "data_source_ref": null, + "resources": { + "claims": null, + "limits": null, + "requests": { + "storage": "20Gi" + } + }, + "selector": null, + "storage_class_name": "standard", + "volume_mode": "Filesystem", + "volume_name": null + }, + "status": { + "access_modes": null, + "allocated_resources": null, + "capacity": null, + "conditions": null, + "phase": "Pending", + "resize_status": null + } + } + ] + }, + "status": { + "available_replicas": 3, + "collision_count": 0, + "conditions": null, + "current_replicas": 3, + "current_revision": "test-cluster-66f4d88fc7", + "observed_generation": 1, + "ready_replicas": 3, + "replicas": 3, + "update_revision": "test-cluster-66f4d88fc7", + "updated_replicas": 3 + } + } + }, + "deployment": { + "acto-test-operator-zookeeper-operator": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": { + "deployment.kubernetes.io/revision": "1" + }, + "creation_timestamp": "2024-02-27T04:27:55+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": 1, + "labels": { + "acto/tag": "operator-deployment", + "app.kubernetes.io/managed-by": "Helm", + "app.kubernetes.io/name": "zookeeper-operator", + "app.kubernetes.io/version": "0.2.13", + "helm.sh/chart": "zookeeper-operator-0.2.13" + }, + "managed_fields": [ + { + "api_version": "apps/v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:labels": { + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {}, + "f:app.kubernetes.io/version": {}, + "f:helm.sh/chart": {} + } + }, + "f:spec": { + "f:replicas": {}, + "f:selector": {}, + "f:template": { + "f:metadata": { + "f:labels": { + "f:acto/tag": {}, + "f:component": {}, + "f:name": {} + } + }, + "f:spec": { + "f:containers": { + "k:{\"name\":\"acto-test-operator-zookeeper-operator\"}": { + ".": {}, + "f:command": {}, + "f:env": { + "k:{\"name\":\"OPERATOR_NAME\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"POD_NAME\"}": { + ".": {}, + "f:name": {}, + "f:valueFrom": { + "f:fieldRef": {} + } + }, + "k:{\"name\":\"WATCH_NAMESPACE\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + } + }, + "f:image": {}, + "f:imagePullPolicy": {}, + "f:name": {}, + "f:ports": { + "k:{\"containerPort\":6000,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {} + } + } + } + }, + "f:serviceAccountName": {} + } + } + } + }, + "manager": "kubectl", + "operation": "Apply", + "subresource": null, + "time": "2024-02-27T04:27:55+00:00" + }, + { + "api_version": "apps/v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + ".": {}, + "f:deployment.kubernetes.io/revision": {} + } + }, + "f:status": { + "f:availableReplicas": {}, + "f:conditions": { + ".": {}, + "k:{\"type\":\"Available\"}": { + ".": {}, + "f:lastTransitionTime": {}, + "f:lastUpdateTime": {}, + "f:message": {}, + "f:reason": {}, + "f:status": {}, + "f:type": {} + }, + "k:{\"type\":\"Progressing\"}": { + ".": {}, + "f:lastTransitionTime": {}, + "f:lastUpdateTime": {}, + "f:message": {}, + "f:reason": {}, + "f:status": {}, + "f:type": {} + } + }, + "f:observedGeneration": {}, + "f:readyReplicas": {}, + "f:replicas": {}, + "f:updatedReplicas": {} + } + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": "status", + "time": "2024-02-27T04:27:57+00:00" + }, + { + "api_version": "apps/v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:labels": { + "f:acto/tag": {} + } + } + }, + "manager": "OpenAPI-Generator", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T04:28:00+00:00" + } + ], + "name": "acto-test-operator-zookeeper-operator", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "658", + "self_link": null, + "uid": "e6a6837c-b4cd-4886-9b00-c0cf0cee78e7" + }, + "spec": { + "min_ready_seconds": null, + "paused": null, + "progress_deadline_seconds": 600, + "replicas": 1, + "revision_history_limit": 10, + "selector": { + "match_expressions": null, + "match_labels": { + "name": "acto-test-operator-zookeeper-operator" + } + }, + "strategy": { + "rolling_update": { + "max_surge": "25%", + "max_unavailable": "25%" + }, + "type": "RollingUpdate" + }, + "template": { + "metadata": { + "annotations": null, + "creation_timestamp": null, + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": { + "acto/tag": "operator-pod", + "component": "zookeeper-operator", + "name": "acto-test-operator-zookeeper-operator" + }, + "managed_fields": null, + "name": null, + "namespace": null, + "owner_references": null, + "resource_version": null, + "self_link": null, + "uid": null + }, + "spec": { + "active_deadline_seconds": null, + "affinity": null, + "automount_service_account_token": null, + "containers": [ + { + "args": null, + "command": [ + "zookeeper-operator" + ], + "env": [ + { + "name": "WATCH_NAMESPACE", + "value": null, + "value_from": null + }, + { + "name": "POD_NAME", + "value": null, + "value_from": { + "config_map_key_ref": null, + "field_ref": { + "api_version": "v1", + "field_path": "metadata.name" + }, + "resource_field_ref": null, + "secret_key_ref": null + } + }, + { + "name": "OPERATOR_NAME", + "value": "acto-test-operator-zookeeper-operator", + "value_from": null + } + ], + "env_from": null, + "image": "pravega/zookeeper-operator:0.2.13", + "image_pull_policy": "IfNotPresent", + "lifecycle": null, + "liveness_probe": null, + "name": "acto-test-operator-zookeeper-operator", + "ports": [ + { + "container_port": 6000, + "host_ip": null, + "host_port": null, + "name": "metrics", + "protocol": "TCP" + } + ], + "readiness_probe": null, + "resources": { + "claims": null, + "limits": null, + "requests": null + }, + "security_context": null, + "startup_probe": null, + "stdin": null, + "stdin_once": null, + "termination_message_path": "/dev/termination-log", + "termination_message_policy": "File", + "tty": null, + "volume_devices": null, + "volume_mounts": null, + "working_dir": null + } + ], + "dns_config": null, + "dns_policy": "ClusterFirst", + "enable_service_links": null, + "ephemeral_containers": null, + "host_aliases": null, + "host_ipc": null, + "host_network": null, + "host_pid": null, + "host_users": null, + "hostname": null, + "image_pull_secrets": null, + "init_containers": null, + "node_name": null, + "node_selector": null, + "os": null, + "overhead": null, + "preemption_policy": null, + "priority": null, + "priority_class_name": null, + "readiness_gates": null, + "resource_claims": null, + "restart_policy": "Always", + "runtime_class_name": null, + "scheduler_name": "default-scheduler", + "scheduling_gates": null, + "security_context": { + "fs_group": null, + "fs_group_change_policy": null, + "run_as_group": null, + "run_as_non_root": null, + "run_as_user": null, + "se_linux_options": null, + "seccomp_profile": null, + "supplemental_groups": null, + "sysctls": null, + "windows_options": null + }, + "service_account": "zookeeper-operator", + "service_account_name": "zookeeper-operator", + "set_hostname_as_fqdn": null, + "share_process_namespace": null, + "subdomain": null, + "termination_grace_period_seconds": 30, + "tolerations": null, + "topology_spread_constraints": null, + "volumes": null + } + } + }, + "status": { + "available_replicas": 1, + "collision_count": null, + "conditions": [ + { + "last_transition_time": "2024-02-27T04:27:57+00:00", + "last_update_time": "2024-02-27T04:27:57+00:00", + "message": "Deployment has minimum availability.", + "reason": "MinimumReplicasAvailable", + "status": "True", + "type": "Available" + }, + { + "last_transition_time": "2024-02-27T04:27:55+00:00", + "last_update_time": "2024-02-27T04:27:57+00:00", + "message": "ReplicaSet \"acto-test-operator-zookeeper-operator-f56b66895\" has successfully progressed.", + "reason": "NewReplicaSetAvailable", + "status": "True", + "type": "Progressing" + } + ], + "observed_generation": 1, + "ready_replicas": 1, + "replicas": 1, + "unavailable_replicas": null, + "updated_replicas": 1 + } + } + }, + "daemon_set": {}, + "config_map": { + "kube-root-ca.crt": { + "api_version": null, + "binary_data": null, + "data": { + "ca.crt": "-----BEGIN CERTIFICATE-----\nMIIDBTCCAe2gAwIBAgIIGAg7H0YfUXcwDQYJKoZIhvcNAQELBQAwFTETMBEGA1UE\nAxMKa3ViZXJuZXRlczAeFw0yNDAyMjcwNDIyMTRaFw0zNDAyMjQwNDI3MTRaMBUx\nEzARBgNVBAMTCmt1YmVybmV0ZXMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK\nAoIBAQCdxmB3VLnTJXedH5C0njbMX4+k8Rot/abG3gOhbDMzj9SeNVGinEhcyq0h\nzRAipZDHv7StwjVzcpV6RwMmlRI1jazLFQy3RpbuOTJAuksdHnD+zvvhES7rP4Hb\nJG/aNMkgBh9gvOYKzIWwx9LgWM4fZ/MwkzuzZK1ll0kGkEdKBaeVaR3T9X4irr4P\n4/PbLijX4pApZXv6wxbdTypde8qExHGq/usdmXFI1p7STtHYJ8BqygLE/vXKaOlA\nuWDMLY7t3unNa5mlvgy8Hw97Ykb0lScMYpa3WXlKVxkGa1Q3URLGT9alrX20XA9v\nysVIOQp4KES5B6SbKQN6UN0kagf1AgMBAAGjWTBXMA4GA1UdDwEB/wQEAwICpDAP\nBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBTMIiYFRO2umwj2b48LUqNc7SWRDzAV\nBgNVHREEDjAMggprdWJlcm5ldGVzMA0GCSqGSIb3DQEBCwUAA4IBAQANMuyKyPBr\n1/5RixyIHwr6EUeYHHsMXArGAEywb5VTciv774LXZVaxj4ebVwXnb/GcqsSnd+Vx\nt2evZyhOxr5+Q28RH7q2+vI20VeYE6SybC0YbIY/C/TZixo/V4h2VHMAJC1FMbYo\nsCXoKrXVHHuWtMueioKB7iXZ/59CfsQ2Fr8HjU2mQgIeb2r2KWXgvrwOegvo8tQM\nsdBPvYsUOgxu9PMqJ2vqZlk4Yg/xdceqt7wbBvkx0mvYWW1hLwUL2gXXSwRIzdEJ\nLj51vPFw9EpB1gWMlp2TxM24066UQzYJc9GA4orr3akrCBbzvrEYUhRNN2SuVfcL\ndf824dkhiOG5\n-----END CERTIFICATE-----\n" + }, + "immutable": null, + "kind": null, + "metadata": { + "annotations": { + "kubernetes.io/description": "Contains a CA bundle that can be used to verify the kube-apiserver when using internal endpoints such as the internal service IP or kubernetes.default.svc. No other usage is guaranteed across distributions of Kubernetes clusters." + }, + "creation_timestamp": "2024-02-27T04:27:55+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:data": { + ".": {}, + "f:ca.crt": {} + }, + "f:metadata": { + "f:annotations": { + ".": {}, + "f:kubernetes.io/description": {} + } + } + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T04:27:55+00:00" + } + ], + "name": "kube-root-ca.crt", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "618", + "self_link": null, + "uid": "a10cd95d-90be-4436-ab6f-1da2b2f148a0" + } + }, + "test-cluster-configmap": { + "api_version": null, + "binary_data": null, + "data": { + "env.sh": "#!/usr/bin/env bash\n\nDOMAIN=test-cluster-headless.acto-namespace.svc.cluster.local\nQUORUM_PORT=2888\nLEADER_PORT=3888\nCLIENT_HOST=test-cluster-client\nCLIENT_PORT=2181\nADMIN_SERVER_HOST=test-cluster-admin-server\nADMIN_SERVER_PORT=8080\nCLUSTER_NAME=test-cluster\nCLUSTER_SIZE=3\n", + "log4j-quiet.properties": "log4j.rootLogger=ERROR, CONSOLE\nlog4j.appender.CONSOLE=org.apache.log4j.ConsoleAppender\nlog4j.appender.CONSOLE.Threshold=ERROR\nlog4j.appender.CONSOLE.layout=org.apache.log4j.PatternLayout\nlog4j.appender.CONSOLE.layout.ConversionPattern=%d{ISO8601} [myid:%X{myid}] - %-5p [%t:%C{1}@%L] - %m%n\n", + "log4j.properties": "zookeeper.root.logger=CONSOLE\nzookeeper.console.threshold=INFO\nlog4j.rootLogger=${zookeeper.root.logger}\nlog4j.appender.CONSOLE=org.apache.log4j.ConsoleAppender\nlog4j.appender.CONSOLE.Threshold=${zookeeper.console.threshold}\nlog4j.appender.CONSOLE.layout=org.apache.log4j.PatternLayout\nlog4j.appender.CONSOLE.layout.ConversionPattern=%d{ISO8601} [myid:%X{myid}] - %-5p [%t:%C{1}@%L] - %m%n\n", + "zoo.cfg": "4lw.commands.whitelist=cons, envi, conf, crst, srvr, stat, mntr, ruok\ndataDir=/data\nstandaloneEnabled=false\nreconfigEnabled=true\nskipACL=yes\nmetricsProvider.className=org.apache.zookeeper.metrics.prometheus.PrometheusMetricsProvider\nmetricsProvider.httpPort=7000\nmetricsProvider.exportJvmInfo=true\ninitLimit=10\nsyncLimit=2\ntickTime=2000\nglobalOutstandingLimit=1000\npreAllocSize=65536\nsnapCount=10000\ncommitLogCount=500\nsnapSizeLimitInKb=4194304\nmaxCnxns=0\nmaxClientCnxns=60\nminSessionTimeout=4000\nmaxSessionTimeout=40000\nautopurge.snapRetainCount=3\nautopurge.purgeInterval=1\nquorumListenOnAllIPs=false\nadmin.serverPort=8080\ndynamicConfigFile=/data/zoo.cfg.dynamic\n" + }, + "immutable": null, + "kind": null, + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T04:28:26+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": { + "app": "test-cluster", + "release": "test-cluster" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:data": { + ".": {}, + "f:env.sh": {}, + "f:log4j-quiet.properties": {}, + "f:log4j.properties": {}, + "f:zoo.cfg": {} + }, + "f:metadata": { + "f:labels": { + ".": {}, + "f:app": {}, + "f:release": {} + }, + "f:ownerReferences": { + ".": {}, + "k:{\"uid\":\"5b55aa11-70e5-43b3-aee8-24fbe8180a7c\"}": {} + } + } + }, + "manager": "zookeeper-operator", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T04:28:26+00:00" + } + ], + "name": "test-cluster-configmap", + "namespace": "acto-namespace", + "owner_references": [ + { + "api_version": "zookeeper.pravega.io/v1beta1", + "block_owner_deletion": true, + "controller": true, + "kind": "ZookeeperCluster", + "name": "test-cluster", + "uid": "5b55aa11-70e5-43b3-aee8-24fbe8180a7c" + } + ], + "resource_version": "706", + "self_link": null, + "uid": "6a974065-fe15-4686-bc05-fb75ddda6c0b" + } + }, + "zookeeper-operator-lock": { + "api_version": null, + "binary_data": null, + "data": null, + "immutable": null, + "kind": null, + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T04:27:56+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:ownerReferences": { + ".": {}, + "k:{\"uid\":\"b75052f7-2f5d-4c24-9c77-cb51321f43a4\"}": {} + } + } + }, + "manager": "zookeeper-operator", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T04:27:56+00:00" + } + ], + "name": "zookeeper-operator-lock", + "namespace": "acto-namespace", + "owner_references": [ + { + "api_version": "v1", + "block_owner_deletion": null, + "controller": null, + "kind": "Pod", + "name": "acto-test-operator-zookeeper-operator-f56b66895-xgnpm", + "uid": "b75052f7-2f5d-4c24-9c77-cb51321f43a4" + } + ], + "resource_version": "648", + "self_link": null, + "uid": "86e2035c-4594-4db7-b908-d3ecc357bbc4" + } + } + }, + "service": { + "test-cluster-admin-server": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T04:28:26+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": { + "app": "test-cluster", + "headless": "false", + "owner-rv": "704", + "release": "test-cluster" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:labels": { + ".": {}, + "f:app": {}, + "f:headless": {}, + "f:owner-rv": {}, + "f:release": {} + }, + "f:ownerReferences": { + ".": {}, + "k:{\"uid\":\"5b55aa11-70e5-43b3-aee8-24fbe8180a7c\"}": {} + } + }, + "f:spec": { + "f:internalTrafficPolicy": {}, + "f:ports": { + ".": {}, + "k:{\"port\":8080,\"protocol\":\"TCP\"}": { + ".": {}, + "f:name": {}, + "f:port": {}, + "f:protocol": {}, + "f:targetPort": {} + } + }, + "f:selector": {}, + "f:sessionAffinity": {}, + "f:type": {} + } + }, + "manager": "zookeeper-operator", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T04:28:26+00:00" + } + ], + "name": "test-cluster-admin-server", + "namespace": "acto-namespace", + "owner_references": [ + { + "api_version": "zookeeper.pravega.io/v1beta1", + "block_owner_deletion": true, + "controller": true, + "kind": "ZookeeperCluster", + "name": "test-cluster", + "uid": "5b55aa11-70e5-43b3-aee8-24fbe8180a7c" + } + ], + "resource_version": "723", + "self_link": null, + "uid": "7cf99594-997f-4255-bdcb-e8da6a51a516" + }, + "spec": { + "allocate_load_balancer_node_ports": null, + "cluster_ip": "10.96.75.94", + "cluster_i_ps": [ + "10.96.75.94" + ], + "external_i_ps": null, + "external_name": null, + "external_traffic_policy": null, + "health_check_node_port": null, + "internal_traffic_policy": "Cluster", + "ip_families": [ + "IPv4" + ], + "ip_family_policy": "SingleStack", + "load_balancer_class": null, + "load_balancer_ip": null, + "load_balancer_source_ranges": null, + "ports": [ + { + "app_protocol": null, + "name": "tcp-admin-server", + "node_port": null, + "port": 8080, + "protocol": "TCP", + "target_port": 8080 + } + ], + "publish_not_ready_addresses": null, + "selector": { + "app": "test-cluster" + }, + "session_affinity": "None", + "session_affinity_config": null, + "type": "ClusterIP" + }, + "status": { + "conditions": null, + "load_balancer": { + "ingress": null + } + } + }, + "test-cluster-client": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T04:28:26+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": { + "app": "test-cluster", + "headless": "false", + "owner-rv": "704", + "release": "test-cluster" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:labels": { + ".": {}, + "f:app": {}, + "f:headless": {}, + "f:owner-rv": {}, + "f:release": {} + }, + "f:ownerReferences": { + ".": {}, + "k:{\"uid\":\"5b55aa11-70e5-43b3-aee8-24fbe8180a7c\"}": {} + } + }, + "f:spec": { + "f:internalTrafficPolicy": {}, + "f:ports": { + ".": {}, + "k:{\"port\":2181,\"protocol\":\"TCP\"}": { + ".": {}, + "f:name": {}, + "f:port": {}, + "f:protocol": {}, + "f:targetPort": {} + } + }, + "f:selector": {}, + "f:sessionAffinity": {}, + "f:type": {} + } + }, + "manager": "zookeeper-operator", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T04:28:26+00:00" + } + ], + "name": "test-cluster-client", + "namespace": "acto-namespace", + "owner_references": [ + { + "api_version": "zookeeper.pravega.io/v1beta1", + "block_owner_deletion": true, + "controller": true, + "kind": "ZookeeperCluster", + "name": "test-cluster", + "uid": "5b55aa11-70e5-43b3-aee8-24fbe8180a7c" + } + ], + "resource_version": "710", + "self_link": null, + "uid": "228b5e54-94bc-4a99-9e4b-67cc659c3584" + }, + "spec": { + "allocate_load_balancer_node_ports": null, + "cluster_ip": "10.96.250.171", + "cluster_i_ps": [ + "10.96.250.171" + ], + "external_i_ps": null, + "external_name": null, + "external_traffic_policy": null, + "health_check_node_port": null, + "internal_traffic_policy": "Cluster", + "ip_families": [ + "IPv4" + ], + "ip_family_policy": "SingleStack", + "load_balancer_class": null, + "load_balancer_ip": null, + "load_balancer_source_ranges": null, + "ports": [ + { + "app_protocol": null, + "name": "tcp-client", + "node_port": null, + "port": 2181, + "protocol": "TCP", + "target_port": 2181 + } + ], + "publish_not_ready_addresses": null, + "selector": { + "app": "test-cluster" + }, + "session_affinity": "None", + "session_affinity_config": null, + "type": "ClusterIP" + }, + "status": { + "conditions": null, + "load_balancer": { + "ingress": null + } + } + }, + "test-cluster-headless": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T04:28:26+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": { + "app": "test-cluster", + "headless": "true", + "owner-rv": "704", + "release": "test-cluster" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:labels": { + ".": {}, + "f:app": {}, + "f:headless": {}, + "f:owner-rv": {}, + "f:release": {} + }, + "f:ownerReferences": { + ".": {}, + "k:{\"uid\":\"5b55aa11-70e5-43b3-aee8-24fbe8180a7c\"}": {} + } + }, + "f:spec": { + "f:clusterIP": {}, + "f:internalTrafficPolicy": {}, + "f:ports": { + ".": {}, + "k:{\"port\":2181,\"protocol\":\"TCP\"}": { + ".": {}, + "f:name": {}, + "f:port": {}, + "f:protocol": {}, + "f:targetPort": {} + }, + "k:{\"port\":2888,\"protocol\":\"TCP\"}": { + ".": {}, + "f:name": {}, + "f:port": {}, + "f:protocol": {}, + "f:targetPort": {} + }, + "k:{\"port\":3888,\"protocol\":\"TCP\"}": { + ".": {}, + "f:name": {}, + "f:port": {}, + "f:protocol": {}, + "f:targetPort": {} + }, + "k:{\"port\":7000,\"protocol\":\"TCP\"}": { + ".": {}, + "f:name": {}, + "f:port": {}, + "f:protocol": {}, + "f:targetPort": {} + }, + "k:{\"port\":8080,\"protocol\":\"TCP\"}": { + ".": {}, + "f:name": {}, + "f:port": {}, + "f:protocol": {}, + "f:targetPort": {} + } + }, + "f:selector": {}, + "f:sessionAffinity": {}, + "f:type": {} + } + }, + "manager": "zookeeper-operator", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T04:28:26+00:00" + } + ], + "name": "test-cluster-headless", + "namespace": "acto-namespace", + "owner_references": [ + { + "api_version": "zookeeper.pravega.io/v1beta1", + "block_owner_deletion": true, + "controller": true, + "kind": "ZookeeperCluster", + "name": "test-cluster", + "uid": "5b55aa11-70e5-43b3-aee8-24fbe8180a7c" + } + ], + "resource_version": "714", + "self_link": null, + "uid": "c4fa9fd8-3766-4886-b96a-b93bfbc64aaa" + }, + "spec": { + "allocate_load_balancer_node_ports": null, + "cluster_ip": "None", + "cluster_i_ps": [ + "None" + ], + "external_i_ps": null, + "external_name": null, + "external_traffic_policy": null, + "health_check_node_port": null, + "internal_traffic_policy": "Cluster", + "ip_families": [ + "IPv4" + ], + "ip_family_policy": "SingleStack", + "load_balancer_class": null, + "load_balancer_ip": null, + "load_balancer_source_ranges": null, + "ports": [ + { + "app_protocol": null, + "name": "tcp-client", + "node_port": null, + "port": 2181, + "protocol": "TCP", + "target_port": 2181 + }, + { + "app_protocol": null, + "name": "tcp-quorum", + "node_port": null, + "port": 2888, + "protocol": "TCP", + "target_port": 2888 + }, + { + "app_protocol": null, + "name": "tcp-leader-election", + "node_port": null, + "port": 3888, + "protocol": "TCP", + "target_port": 3888 + }, + { + "app_protocol": null, + "name": "tcp-metrics", + "node_port": null, + "port": 7000, + "protocol": "TCP", + "target_port": 7000 + }, + { + "app_protocol": null, + "name": "tcp-admin-server", + "node_port": null, + "port": 8080, + "protocol": "TCP", + "target_port": 8080 + } + ], + "publish_not_ready_addresses": null, + "selector": { + "app": "test-cluster" + }, + "session_affinity": "None", + "session_affinity_config": null, + "type": "ClusterIP" + }, + "status": { + "conditions": null, + "load_balancer": { + "ingress": null + } + } + } + }, + "pvc": { + "data-test-cluster-0": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": { + "pv.kubernetes.io/bind-completed": "yes", + "pv.kubernetes.io/bound-by-controller": "yes", + "volume.beta.kubernetes.io/storage-provisioner": "rancher.io/local-path", + "volume.kubernetes.io/selected-node": "acto-0-cluster-0-worker3", + "volume.kubernetes.io/storage-provisioner": "rancher.io/local-path" + }, + "creation_timestamp": "2024-02-27T04:28:26+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": [ + "kubernetes.io/pvc-protection" + ], + "generate_name": null, + "generation": null, + "labels": { + "app": "test-cluster", + "release": "test-cluster", + "uid": "5b55aa11-70e5-43b3-aee8-24fbe8180a7c" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + ".": {}, + "f:volume.kubernetes.io/selected-node": {} + } + } + }, + "manager": "kube-scheduler", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T04:28:26+00:00" + }, + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + "f:pv.kubernetes.io/bind-completed": {}, + "f:pv.kubernetes.io/bound-by-controller": {}, + "f:volume.beta.kubernetes.io/storage-provisioner": {}, + "f:volume.kubernetes.io/storage-provisioner": {} + }, + "f:labels": { + ".": {}, + "f:app": {}, + "f:release": {}, + "f:uid": {} + } + }, + "f:spec": { + "f:accessModes": {}, + "f:resources": { + "f:requests": { + ".": {}, + "f:storage": {} + } + }, + "f:storageClassName": {}, + "f:volumeMode": {}, + "f:volumeName": {} + } + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T04:28:29+00:00" + }, + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:status": { + "f:accessModes": {}, + "f:capacity": { + ".": {}, + "f:storage": {} + }, + "f:phase": {} + } + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": "status", + "time": "2024-02-27T04:28:29+00:00" + } + ], + "name": "data-test-cluster-0", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "752", + "self_link": null, + "uid": "8211e23f-273c-4f5e-8d6b-a7791954a1ad" + }, + "spec": { + "access_modes": [ + "ReadWriteOnce" + ], + "data_source": null, + "data_source_ref": null, + "resources": { + "claims": null, + "limits": null, + "requests": { + "storage": "20Gi" + } + }, + "selector": null, + "storage_class_name": "standard", + "volume_mode": "Filesystem", + "volume_name": "pvc-8211e23f-273c-4f5e-8d6b-a7791954a1ad" + }, + "status": { + "access_modes": [ + "ReadWriteOnce" + ], + "allocated_resources": null, + "capacity": { + "storage": "20Gi" + }, + "conditions": null, + "phase": "Bound", + "resize_status": null + } + }, + "data-test-cluster-1": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": { + "pv.kubernetes.io/bind-completed": "yes", + "pv.kubernetes.io/bound-by-controller": "yes", + "volume.beta.kubernetes.io/storage-provisioner": "rancher.io/local-path", + "volume.kubernetes.io/selected-node": "acto-0-cluster-0-worker2", + "volume.kubernetes.io/storage-provisioner": "rancher.io/local-path" + }, + "creation_timestamp": "2024-02-27T04:28:40+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": [ + "kubernetes.io/pvc-protection" + ], + "generate_name": null, + "generation": null, + "labels": { + "app": "test-cluster", + "release": "test-cluster", + "uid": "5b55aa11-70e5-43b3-aee8-24fbe8180a7c" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + ".": {}, + "f:volume.kubernetes.io/selected-node": {} + } + } + }, + "manager": "kube-scheduler", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T04:28:40+00:00" + }, + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + "f:pv.kubernetes.io/bind-completed": {}, + "f:pv.kubernetes.io/bound-by-controller": {}, + "f:volume.beta.kubernetes.io/storage-provisioner": {}, + "f:volume.kubernetes.io/storage-provisioner": {} + }, + "f:labels": { + ".": {}, + "f:app": {}, + "f:release": {}, + "f:uid": {} + } + }, + "f:spec": { + "f:accessModes": {}, + "f:resources": { + "f:requests": { + ".": {}, + "f:storage": {} + } + }, + "f:storageClassName": {}, + "f:volumeMode": {}, + "f:volumeName": {} + } + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T04:28:43+00:00" + }, + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:status": { + "f:accessModes": {}, + "f:capacity": { + ".": {}, + "f:storage": {} + }, + "f:phase": {} + } + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": "status", + "time": "2024-02-27T04:28:43+00:00" + } + ], + "name": "data-test-cluster-1", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "819", + "self_link": null, + "uid": "b8c6a1b0-0e69-48a2-9fc8-f1a89199e606" + }, + "spec": { + "access_modes": [ + "ReadWriteOnce" + ], + "data_source": null, + "data_source_ref": null, + "resources": { + "claims": null, + "limits": null, + "requests": { + "storage": "20Gi" + } + }, + "selector": null, + "storage_class_name": "standard", + "volume_mode": "Filesystem", + "volume_name": "pvc-b8c6a1b0-0e69-48a2-9fc8-f1a89199e606" + }, + "status": { + "access_modes": [ + "ReadWriteOnce" + ], + "allocated_resources": null, + "capacity": { + "storage": "20Gi" + }, + "conditions": null, + "phase": "Bound", + "resize_status": null + } + }, + "data-test-cluster-2": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": { + "pv.kubernetes.io/bind-completed": "yes", + "pv.kubernetes.io/bound-by-controller": "yes", + "volume.beta.kubernetes.io/storage-provisioner": "rancher.io/local-path", + "volume.kubernetes.io/selected-node": "acto-0-cluster-0-worker", + "volume.kubernetes.io/storage-provisioner": "rancher.io/local-path" + }, + "creation_timestamp": "2024-02-27T04:29:27+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": [ + "kubernetes.io/pvc-protection" + ], + "generate_name": null, + "generation": null, + "labels": { + "app": "test-cluster", + "release": "test-cluster", + "uid": "5b55aa11-70e5-43b3-aee8-24fbe8180a7c" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + ".": {}, + "f:volume.kubernetes.io/selected-node": {} + } + } + }, + "manager": "kube-scheduler", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T04:29:27+00:00" + }, + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + "f:pv.kubernetes.io/bind-completed": {}, + "f:pv.kubernetes.io/bound-by-controller": {}, + "f:volume.beta.kubernetes.io/storage-provisioner": {}, + "f:volume.kubernetes.io/storage-provisioner": {} + }, + "f:labels": { + ".": {}, + "f:app": {}, + "f:release": {}, + "f:uid": {} + } + }, + "f:spec": { + "f:accessModes": {}, + "f:resources": { + "f:requests": { + ".": {}, + "f:storage": {} + } + }, + "f:storageClassName": {}, + "f:volumeMode": {}, + "f:volumeName": {} + } + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T04:29:30+00:00" + }, + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:status": { + "f:accessModes": {}, + "f:capacity": { + ".": {}, + "f:storage": {} + }, + "f:phase": {} + } + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": "status", + "time": "2024-02-27T04:29:30+00:00" + } + ], + "name": "data-test-cluster-2", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "952", + "self_link": null, + "uid": "47ad8dc1-68a9-4120-bda1-27f533dcb698" + }, + "spec": { + "access_modes": [ + "ReadWriteOnce" + ], + "data_source": null, + "data_source_ref": null, + "resources": { + "claims": null, + "limits": null, + "requests": { + "storage": "20Gi" + } + }, + "selector": null, + "storage_class_name": "standard", + "volume_mode": "Filesystem", + "volume_name": "pvc-47ad8dc1-68a9-4120-bda1-27f533dcb698" + }, + "status": { + "access_modes": [ + "ReadWriteOnce" + ], + "allocated_resources": null, + "capacity": { + "storage": "20Gi" + }, + "conditions": null, + "phase": "Bound", + "resize_status": null + } + } + }, + "cronjob": {}, + "ingress": {}, + "network_policy": {}, + "pod_disruption_budget": {}, + "secret": {}, + "endpoints": { + "test-cluster-admin-server": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": { + "endpoints.kubernetes.io/last-change-trigger-time": "2024-02-27T04:29:43Z" + }, + "creation_timestamp": "2024-02-27T04:28:26+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": { + "app": "test-cluster", + "headless": "false", + "owner-rv": "704", + "release": "test-cluster" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + ".": {}, + "f:endpoints.kubernetes.io/last-change-trigger-time": {} + }, + "f:labels": { + ".": {}, + "f:app": {}, + "f:headless": {}, + "f:owner-rv": {}, + "f:release": {} + } + }, + "f:subsets": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T04:29:43+00:00" + } + ], + "name": "test-cluster-admin-server", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "991", + "self_link": null, + "uid": "ecf9a993-d8e9-4db0-9e77-a815721e5e8e" + }, + "subsets": [ + { + "addresses": [ + { + "hostname": null, + "ip": "10.244.1.4", + "node_name": "acto-0-cluster-0-worker", + "target_ref": { + "api_version": null, + "field_path": null, + "kind": "Pod", + "name": "test-cluster-2", + "namespace": "acto-namespace", + "resource_version": null, + "uid": "ba425a9d-cf57-4e27-8ef2-a64a42681f9e" + } + }, + { + "hostname": null, + "ip": "10.244.2.3", + "node_name": "acto-0-cluster-0-worker2", + "target_ref": { + "api_version": null, + "field_path": null, + "kind": "Pod", + "name": "test-cluster-1", + "namespace": "acto-namespace", + "resource_version": null, + "uid": "29624fa3-b1bd-4a49-b9ce-4a745541e131" + } + }, + { + "hostname": null, + "ip": "10.244.3.3", + "node_name": "acto-0-cluster-0-worker3", + "target_ref": { + "api_version": null, + "field_path": null, + "kind": "Pod", + "name": "test-cluster-0", + "namespace": "acto-namespace", + "resource_version": null, + "uid": "18231edd-dc42-4fd5-8319-07d839343e12" + } + } + ], + "not_ready_addresses": null, + "ports": [ + { + "app_protocol": null, + "name": "tcp-admin-server", + "port": 8080, + "protocol": "TCP" + } + ] + } + ] + }, + "test-cluster-client": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": { + "endpoints.kubernetes.io/last-change-trigger-time": "2024-02-27T04:29:43Z" + }, + "creation_timestamp": "2024-02-27T04:28:26+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": { + "app": "test-cluster", + "headless": "false", + "owner-rv": "704", + "release": "test-cluster" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + ".": {}, + "f:endpoints.kubernetes.io/last-change-trigger-time": {} + }, + "f:labels": { + ".": {}, + "f:app": {}, + "f:headless": {}, + "f:owner-rv": {}, + "f:release": {} + } + }, + "f:subsets": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T04:29:43+00:00" + } + ], + "name": "test-cluster-client", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "988", + "self_link": null, + "uid": "c30cd621-85fb-4608-9558-5018f0d0cc09" + }, + "subsets": [ + { + "addresses": [ + { + "hostname": null, + "ip": "10.244.1.4", + "node_name": "acto-0-cluster-0-worker", + "target_ref": { + "api_version": null, + "field_path": null, + "kind": "Pod", + "name": "test-cluster-2", + "namespace": "acto-namespace", + "resource_version": null, + "uid": "ba425a9d-cf57-4e27-8ef2-a64a42681f9e" + } + }, + { + "hostname": null, + "ip": "10.244.2.3", + "node_name": "acto-0-cluster-0-worker2", + "target_ref": { + "api_version": null, + "field_path": null, + "kind": "Pod", + "name": "test-cluster-1", + "namespace": "acto-namespace", + "resource_version": null, + "uid": "29624fa3-b1bd-4a49-b9ce-4a745541e131" + } + }, + { + "hostname": null, + "ip": "10.244.3.3", + "node_name": "acto-0-cluster-0-worker3", + "target_ref": { + "api_version": null, + "field_path": null, + "kind": "Pod", + "name": "test-cluster-0", + "namespace": "acto-namespace", + "resource_version": null, + "uid": "18231edd-dc42-4fd5-8319-07d839343e12" + } + } + ], + "not_ready_addresses": null, + "ports": [ + { + "app_protocol": null, + "name": "tcp-client", + "port": 2181, + "protocol": "TCP" + } + ] + } + ] + }, + "test-cluster-headless": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": { + "endpoints.kubernetes.io/last-change-trigger-time": "2024-02-27T04:29:43Z" + }, + "creation_timestamp": "2024-02-27T04:28:26+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": { + "app": "test-cluster", + "headless": "true", + "owner-rv": "704", + "release": "test-cluster", + "service.kubernetes.io/headless": "" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + ".": {}, + "f:endpoints.kubernetes.io/last-change-trigger-time": {} + }, + "f:labels": { + ".": {}, + "f:app": {}, + "f:headless": {}, + "f:owner-rv": {}, + "f:release": {}, + "f:service.kubernetes.io/headless": {} + } + }, + "f:subsets": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T04:29:43+00:00" + } + ], + "name": "test-cluster-headless", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "989", + "self_link": null, + "uid": "2a224cdf-2b56-4249-9850-afee23de615c" + }, + "subsets": [ + { + "addresses": [ + { + "hostname": "test-cluster-2", + "ip": "10.244.1.4", + "node_name": "acto-0-cluster-0-worker", + "target_ref": { + "api_version": null, + "field_path": null, + "kind": "Pod", + "name": "test-cluster-2", + "namespace": "acto-namespace", + "resource_version": null, + "uid": "ba425a9d-cf57-4e27-8ef2-a64a42681f9e" + } + }, + { + "hostname": "test-cluster-1", + "ip": "10.244.2.3", + "node_name": "acto-0-cluster-0-worker2", + "target_ref": { + "api_version": null, + "field_path": null, + "kind": "Pod", + "name": "test-cluster-1", + "namespace": "acto-namespace", + "resource_version": null, + "uid": "29624fa3-b1bd-4a49-b9ce-4a745541e131" + } + }, + { + "hostname": "test-cluster-0", + "ip": "10.244.3.3", + "node_name": "acto-0-cluster-0-worker3", + "target_ref": { + "api_version": null, + "field_path": null, + "kind": "Pod", + "name": "test-cluster-0", + "namespace": "acto-namespace", + "resource_version": null, + "uid": "18231edd-dc42-4fd5-8319-07d839343e12" + } + } + ], + "not_ready_addresses": null, + "ports": [ + { + "app_protocol": null, + "name": "tcp-quorum", + "port": 2888, + "protocol": "TCP" + }, + { + "app_protocol": null, + "name": "tcp-metrics", + "port": 7000, + "protocol": "TCP" + }, + { + "app_protocol": null, + "name": "tcp-client", + "port": 2181, + "protocol": "TCP" + }, + { + "app_protocol": null, + "name": "tcp-admin-server", + "port": 8080, + "protocol": "TCP" + }, + { + "app_protocol": null, + "name": "tcp-leader-election", + "port": 3888, + "protocol": "TCP" + } + ] + } + ] + } + }, + "service_account": { + "default": { + "api_version": null, + "automount_service_account_token": null, + "image_pull_secrets": null, + "kind": null, + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T04:27:55+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": null, + "name": "default", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "619", + "self_link": null, + "uid": "3d5925cb-2a0c-4e81-8024-82fa86c15eb1" + }, + "secrets": null + }, + "zookeeper-operator": { + "api_version": null, + "automount_service_account_token": null, + "image_pull_secrets": null, + "kind": null, + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T04:27:55+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": { + "app.kubernetes.io/managed-by": "Helm", + "app.kubernetes.io/name": "zookeeper-operator", + "app.kubernetes.io/version": "0.2.13", + "helm.sh/chart": "zookeeper-operator-0.2.13" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:labels": { + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {}, + "f:app.kubernetes.io/version": {}, + "f:helm.sh/chart": {} + } + } + }, + "manager": "kubectl", + "operation": "Apply", + "subresource": null, + "time": "2024-02-27T04:27:55+00:00" + } + ], + "name": "zookeeper-operator", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "621", + "self_link": null, + "uid": "9dd1aed1-1a4c-4a4c-ad8b-5d9d6a785426" + }, + "secrets": null + } + }, + "job": {}, + "role": { + "acto-test-operator-zookeeper-operator": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T04:27:55+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": { + "app.kubernetes.io/managed-by": "Helm", + "app.kubernetes.io/name": "zookeeper-operator", + "app.kubernetes.io/version": "0.2.13", + "helm.sh/chart": "zookeeper-operator-0.2.13" + }, + "managed_fields": [ + { + "api_version": "rbac.authorization.k8s.io/v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:labels": { + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {}, + "f:app.kubernetes.io/version": {}, + "f:helm.sh/chart": {} + } + }, + "f:rules": {} + }, + "manager": "kubectl", + "operation": "Apply", + "subresource": null, + "time": "2024-02-27T04:27:55+00:00" + } + ], + "name": "acto-test-operator-zookeeper-operator", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "627", + "self_link": null, + "uid": "e948c235-d387-480d-8a3e-b4a7e83c3ef2" + }, + "rules": [ + { + "api_groups": [ + "zookeeper.pravega.io" + ], + "non_resource_ur_ls": null, + "resource_names": null, + "resources": [ + "*" + ], + "verbs": [ + "*" + ] + }, + { + "api_groups": [ + "" + ], + "non_resource_ur_ls": null, + "resource_names": null, + "resources": [ + "pods", + "services", + "endpoints", + "persistentvolumeclaims", + "events", + "configmaps", + "secrets" + ], + "verbs": [ + "*" + ] + }, + { + "api_groups": [ + "apps" + ], + "non_resource_ur_ls": null, + "resource_names": null, + "resources": [ + "deployments", + "daemonsets", + "replicasets", + "statefulsets" + ], + "verbs": [ + "*" + ] + }, + { + "api_groups": [ + "policy" + ], + "non_resource_ur_ls": null, + "resource_names": null, + "resources": [ + "poddisruptionbudgets" + ], + "verbs": [ + "*" + ] + } + ] + } + }, + "role_binding": { + "acto-test-operator-zookeeper-operator": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T04:27:55+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": { + "app.kubernetes.io/managed-by": "Helm", + "app.kubernetes.io/name": "zookeeper-operator", + "app.kubernetes.io/version": "0.2.13", + "helm.sh/chart": "zookeeper-operator-0.2.13" + }, + "managed_fields": [ + { + "api_version": "rbac.authorization.k8s.io/v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:labels": { + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {}, + "f:app.kubernetes.io/version": {}, + "f:helm.sh/chart": {} + } + }, + "f:roleRef": {}, + "f:subjects": {} + }, + "manager": "kubectl", + "operation": "Apply", + "subresource": null, + "time": "2024-02-27T04:27:55+00:00" + } + ], + "name": "acto-test-operator-zookeeper-operator", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "628", + "self_link": null, + "uid": "4b66e029-90e6-4475-86ff-e7232bff53b2" + }, + "role_ref": { + "api_group": "rbac.authorization.k8s.io", + "kind": "Role", + "name": "acto-test-operator-zookeeper-operator" + }, + "subjects": [ + { + "api_group": null, + "kind": "ServiceAccount", + "name": "zookeeper-operator", + "namespace": null + } + ] + } + }, + "custom_resource_spec": { + "adminServerService": {}, + "clientService": {}, + "config": { + "autoPurgePurgeInterval": 1, + "autoPurgeSnapRetainCount": 3, + "commitLogCount": 500, + "globalOutstandingLimit": 1000, + "initLimit": 10, + "maxClientCnxns": 60, + "maxSessionTimeout": 40000, + "minSessionTimeout": 4000, + "preAllocSize": 65536, + "snapCount": 10000, + "snapSizeLimitInKb": 4194304, + "syncLimit": 2, + "tickTime": 2000 + }, + "ephemeral": { + "emptydirvolumesource": { + "sizeLimit": "1Gi" + } + }, + "headlessService": {}, + "image": { + "pullPolicy": "IfNotPresent", + "repository": "pravega/zookeeper", + "tag": "0.2.14" + }, + "labels": { + "app": "test-cluster", + "release": "test-cluster" + }, + "persistence": { + "reclaimPolicy": "Delete", + "spec": { + "accessModes": [ + "ReadWriteOnce" + ], + "resources": { + "requests": { + "storage": "20Gi" + } + }, + "storageClassName": "standard" + } + }, + "pod": { + "affinity": { + "podAntiAffinity": { + "preferredDuringSchedulingIgnoredDuringExecution": [ + { + "podAffinityTerm": { + "labelSelector": { + "matchExpressions": [ + { + "key": "app", + "operator": "In", + "values": [ + "test-cluster" + ] + } + ] + }, + "topologyKey": "kubernetes.io/hostname" + }, + "weight": 20 + } + ] + } + }, + "labels": { + "app": "test-cluster", + "release": "test-cluster" + }, + "resources": {}, + "serviceAccountName": "default", + "terminationGracePeriodSeconds": 30 + }, + "ports": [ + { + "containerPort": 2181, + "name": "client" + }, + { + "containerPort": 2888, + "name": "quorum" + }, + { + "containerPort": 3888, + "name": "leader-election" + }, + { + "containerPort": 7000, + "name": "metrics" + }, + { + "containerPort": 8080, + "name": "admin-server" + } + ], + "probes": { + "livenessProbe": { + "failureThreshold": 3, + "initialDelaySeconds": 10, + "periodSeconds": 10, + "successThreshold": 0, + "timeoutSeconds": 10 + }, + "readinessProbe": { + "failureThreshold": 3, + "initialDelaySeconds": 10, + "periodSeconds": 10, + "successThreshold": 1, + "timeoutSeconds": 10 + } + }, + "replicas": 3, + "storageType": "persistence" + }, + "custom_resource_status": null +} diff --git a/docs/alarm_examples/false_alarm/system-state-002.json b/docs/alarm_examples/false_alarm/system-state-002.json new file mode 100644 index 0000000000..936899bbfd --- /dev/null +++ b/docs/alarm_examples/false_alarm/system-state-002.json @@ -0,0 +1,5303 @@ +{ + "pod": { + "test-cluster-0": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T04:28:26+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": "test-cluster-", + "generation": null, + "labels": { + "app": "test-cluster", + "apps.kubernetes.io/pod-index": "0", + "controller-revision-hash": "test-cluster-66f4d88fc7", + "kind": "ZookeeperMember", + "release": "test-cluster", + "statefulset.kubernetes.io/pod-name": "test-cluster-0" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:generateName": {}, + "f:labels": { + ".": {}, + "f:app": {}, + "f:apps.kubernetes.io/pod-index": {}, + "f:controller-revision-hash": {}, + "f:kind": {}, + "f:release": {}, + "f:statefulset.kubernetes.io/pod-name": {} + }, + "f:ownerReferences": { + ".": {}, + "k:{\"uid\":\"364b3b40-def1-40ea-8bc1-1c52af79123c\"}": {} + } + }, + "f:spec": { + "f:affinity": { + ".": {}, + "f:podAntiAffinity": { + ".": {}, + "f:preferredDuringSchedulingIgnoredDuringExecution": {} + } + }, + "f:containers": { + "k:{\"name\":\"zookeeper\"}": { + ".": {}, + "f:command": {}, + "f:env": { + ".": {}, + "k:{\"name\":\"ENVOY_SIDECAR_STATUS\"}": { + ".": {}, + "f:name": {}, + "f:valueFrom": { + ".": {}, + "f:fieldRef": {} + } + } + }, + "f:image": {}, + "f:imagePullPolicy": {}, + "f:lifecycle": { + ".": {}, + "f:preStop": { + ".": {}, + "f:exec": { + ".": {}, + "f:command": {} + } + } + }, + "f:livenessProbe": { + ".": {}, + "f:exec": { + ".": {}, + "f:command": {} + }, + "f:failureThreshold": {}, + "f:initialDelaySeconds": {}, + "f:periodSeconds": {}, + "f:successThreshold": {}, + "f:timeoutSeconds": {} + }, + "f:name": {}, + "f:ports": { + ".": {}, + "k:{\"containerPort\":2181,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + }, + "k:{\"containerPort\":2888,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + }, + "k:{\"containerPort\":3888,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + }, + "k:{\"containerPort\":7000,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + }, + "k:{\"containerPort\":8080,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + } + }, + "f:readinessProbe": { + ".": {}, + "f:exec": { + ".": {}, + "f:command": {} + }, + "f:failureThreshold": {}, + "f:initialDelaySeconds": {}, + "f:periodSeconds": {}, + "f:successThreshold": {}, + "f:timeoutSeconds": {} + }, + "f:resources": {}, + "f:terminationMessagePath": {}, + "f:terminationMessagePolicy": {}, + "f:volumeMounts": { + ".": {}, + "k:{\"mountPath\":\"/conf\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {} + }, + "k:{\"mountPath\":\"/data\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {} + } + } + } + }, + "f:dnsPolicy": {}, + "f:enableServiceLinks": {}, + "f:hostname": {}, + "f:restartPolicy": {}, + "f:schedulerName": {}, + "f:securityContext": {}, + "f:serviceAccount": {}, + "f:serviceAccountName": {}, + "f:subdomain": {}, + "f:terminationGracePeriodSeconds": {}, + "f:volumes": { + ".": {}, + "k:{\"name\":\"conf\"}": { + ".": {}, + "f:configMap": { + ".": {}, + "f:defaultMode": {}, + "f:name": {} + }, + "f:name": {} + }, + "k:{\"name\":\"data\"}": { + ".": {}, + "f:name": {}, + "f:persistentVolumeClaim": { + ".": {}, + "f:claimName": {} + } + } + } + } + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T04:28:26+00:00" + }, + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:status": { + "f:conditions": { + "k:{\"type\":\"ContainersReady\"}": { + ".": {}, + "f:lastProbeTime": {}, + "f:lastTransitionTime": {}, + "f:status": {}, + "f:type": {} + }, + "k:{\"type\":\"Initialized\"}": { + ".": {}, + "f:lastProbeTime": {}, + "f:lastTransitionTime": {}, + "f:status": {}, + "f:type": {} + }, + "k:{\"type\":\"Ready\"}": { + ".": {}, + "f:lastProbeTime": {}, + "f:lastTransitionTime": {}, + "f:status": {}, + "f:type": {} + } + }, + "f:containerStatuses": {}, + "f:hostIP": {}, + "f:phase": {}, + "f:podIP": {}, + "f:podIPs": { + ".": {}, + "k:{\"ip\":\"10.244.3.3\"}": { + ".": {}, + "f:ip": {} + } + }, + "f:startTime": {} + } + }, + "manager": "kubelet", + "operation": "Update", + "subresource": "status", + "time": "2024-02-27T04:28:40+00:00" + } + ], + "name": "test-cluster-0", + "namespace": "acto-namespace", + "owner_references": [ + { + "api_version": "apps/v1", + "block_owner_deletion": true, + "controller": true, + "kind": "StatefulSet", + "name": "test-cluster", + "uid": "364b3b40-def1-40ea-8bc1-1c52af79123c" + } + ], + "resource_version": "783", + "self_link": null, + "uid": "18231edd-dc42-4fd5-8319-07d839343e12" + }, + "spec": { + "active_deadline_seconds": null, + "affinity": { + "node_affinity": null, + "pod_affinity": null, + "pod_anti_affinity": { + "preferred_during_scheduling_ignored_during_execution": [ + { + "pod_affinity_term": { + "label_selector": { + "match_expressions": [ + { + "key": "app", + "operator": "In", + "values": [ + "test-cluster" + ] + } + ], + "match_labels": null + }, + "namespace_selector": null, + "namespaces": null, + "topology_key": "kubernetes.io/hostname" + }, + "weight": 20 + } + ], + "required_during_scheduling_ignored_during_execution": null + } + }, + "automount_service_account_token": null, + "containers": [ + { + "args": null, + "command": [ + "/usr/local/bin/zookeeperStart.sh" + ], + "env": [ + { + "name": "ENVOY_SIDECAR_STATUS", + "value": null, + "value_from": { + "config_map_key_ref": null, + "field_ref": { + "api_version": "v1", + "field_path": "metadata.annotations['sidecar.istio.io/status']" + }, + "resource_field_ref": null, + "secret_key_ref": null + } + } + ], + "env_from": null, + "image": "pravega/zookeeper:0.2.14", + "image_pull_policy": "IfNotPresent", + "lifecycle": { + "post_start": null, + "pre_stop": { + "_exec": { + "command": [ + "zookeeperTeardown.sh" + ] + }, + "http_get": null, + "tcp_socket": null + } + }, + "liveness_probe": { + "_exec": { + "command": [ + "zookeeperLive.sh" + ] + }, + "failure_threshold": 3, + "grpc": null, + "http_get": null, + "initial_delay_seconds": 10, + "period_seconds": 10, + "success_threshold": 1, + "tcp_socket": null, + "termination_grace_period_seconds": null, + "timeout_seconds": 10 + }, + "name": "zookeeper", + "ports": [ + { + "container_port": 2181, + "host_ip": null, + "host_port": null, + "name": "client", + "protocol": "TCP" + }, + { + "container_port": 2888, + "host_ip": null, + "host_port": null, + "name": "quorum", + "protocol": "TCP" + }, + { + "container_port": 3888, + "host_ip": null, + "host_port": null, + "name": "leader-election", + "protocol": "TCP" + }, + { + "container_port": 7000, + "host_ip": null, + "host_port": null, + "name": "metrics", + "protocol": "TCP" + }, + { + "container_port": 8080, + "host_ip": null, + "host_port": null, + "name": "admin-server", + "protocol": "TCP" + } + ], + "readiness_probe": { + "_exec": { + "command": [ + "zookeeperReady.sh" + ] + }, + "failure_threshold": 3, + "grpc": null, + "http_get": null, + "initial_delay_seconds": 10, + "period_seconds": 10, + "success_threshold": 1, + "tcp_socket": null, + "termination_grace_period_seconds": null, + "timeout_seconds": 10 + }, + "resources": { + "claims": null, + "limits": null, + "requests": null + }, + "security_context": null, + "startup_probe": null, + "stdin": null, + "stdin_once": null, + "termination_message_path": "/dev/termination-log", + "termination_message_policy": "File", + "tty": null, + "volume_devices": null, + "volume_mounts": [ + { + "mount_path": "/data", + "mount_propagation": null, + "name": "data", + "read_only": null, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/conf", + "mount_propagation": null, + "name": "conf", + "read_only": null, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/var/run/secrets/kubernetes.io/serviceaccount", + "mount_propagation": null, + "name": "kube-api-access-g8nxm", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + } + ], + "working_dir": null + } + ], + "dns_config": null, + "dns_policy": "ClusterFirst", + "enable_service_links": true, + "ephemeral_containers": null, + "host_aliases": null, + "host_ipc": null, + "host_network": null, + "host_pid": null, + "host_users": null, + "hostname": "test-cluster-0", + "image_pull_secrets": null, + "init_containers": null, + "node_name": "acto-0-cluster-0-worker3", + "node_selector": null, + "os": null, + "overhead": null, + "preemption_policy": "PreemptLowerPriority", + "priority": 0, + "priority_class_name": null, + "readiness_gates": null, + "resource_claims": null, + "restart_policy": "Always", + "runtime_class_name": null, + "scheduler_name": "default-scheduler", + "scheduling_gates": null, + "security_context": { + "fs_group": null, + "fs_group_change_policy": null, + "run_as_group": null, + "run_as_non_root": null, + "run_as_user": null, + "se_linux_options": null, + "seccomp_profile": null, + "supplemental_groups": null, + "sysctls": null, + "windows_options": null + }, + "service_account": "default", + "service_account_name": "default", + "set_hostname_as_fqdn": null, + "share_process_namespace": null, + "subdomain": "test-cluster-headless", + "termination_grace_period_seconds": 30, + "tolerations": [ + { + "effect": "NoExecute", + "key": "node.kubernetes.io/not-ready", + "operator": "Exists", + "toleration_seconds": 300, + "value": null + }, + { + "effect": "NoExecute", + "key": "node.kubernetes.io/unreachable", + "operator": "Exists", + "toleration_seconds": 300, + "value": null + } + ], + "topology_spread_constraints": null, + "volumes": [ + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "data", + "nfs": null, + "persistent_volume_claim": { + "claim_name": "data-test-cluster-0", + "read_only": null + }, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": { + "default_mode": 420, + "items": null, + "name": "test-cluster-configmap", + "optional": null + }, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "conf", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "kube-api-access-g8nxm", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": { + "default_mode": 420, + "sources": [ + { + "config_map": null, + "downward_api": null, + "secret": null, + "service_account_token": { + "audience": null, + "expiration_seconds": 3607, + "path": "token" + } + }, + { + "config_map": { + "items": [ + { + "key": "ca.crt", + "mode": null, + "path": "ca.crt" + } + ], + "name": "kube-root-ca.crt", + "optional": null + }, + "downward_api": null, + "secret": null, + "service_account_token": null + }, + { + "config_map": null, + "downward_api": { + "items": [ + { + "field_ref": { + "api_version": "v1", + "field_path": "metadata.namespace" + }, + "mode": null, + "path": "namespace", + "resource_field_ref": null + } + ] + }, + "secret": null, + "service_account_token": null + } + ] + }, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + } + ] + }, + "status": { + "conditions": [ + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T04:28:30+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "Initialized" + }, + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T04:28:40+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "Ready" + }, + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T04:28:40+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "ContainersReady" + }, + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T04:28:30+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "PodScheduled" + } + ], + "container_statuses": [ + { + "container_id": "containerd://f6e8919acaa36a02cfb7e5f5e68ab4086c9b3c8bd71657f71cd1f1d9f0af0622", + "image": "docker.io/pravega/zookeeper:0.2.14", + "image_id": "docker.io/library/import-2024-02-27@sha256:7f2584253004a3a8f2cbd60d47f9333098ad7ac912757eb7591a60ea021b79bd", + "last_state": { + "running": null, + "terminated": null, + "waiting": null + }, + "name": "zookeeper", + "ready": true, + "restart_count": 0, + "started": true, + "state": { + "running": { + "started_at": "2024-02-27T04:28:30+00:00" + }, + "terminated": null, + "waiting": null + } + } + ], + "ephemeral_container_statuses": null, + "host_ip": "172.18.0.4", + "init_container_statuses": null, + "message": null, + "nominated_node_name": null, + "phase": "Running", + "pod_ip": "10.244.3.3", + "pod_i_ps": [ + { + "ip": "10.244.3.3" + } + ], + "qos_class": "BestEffort", + "reason": null, + "start_time": "2024-02-27T04:28:30+00:00" + } + }, + "test-cluster-1": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T04:28:40+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": "test-cluster-", + "generation": null, + "labels": { + "app": "test-cluster", + "apps.kubernetes.io/pod-index": "1", + "controller-revision-hash": "test-cluster-66f4d88fc7", + "kind": "ZookeeperMember", + "release": "test-cluster", + "statefulset.kubernetes.io/pod-name": "test-cluster-1" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:generateName": {}, + "f:labels": { + ".": {}, + "f:app": {}, + "f:apps.kubernetes.io/pod-index": {}, + "f:controller-revision-hash": {}, + "f:kind": {}, + "f:release": {}, + "f:statefulset.kubernetes.io/pod-name": {} + }, + "f:ownerReferences": { + ".": {}, + "k:{\"uid\":\"364b3b40-def1-40ea-8bc1-1c52af79123c\"}": {} + } + }, + "f:spec": { + "f:affinity": { + ".": {}, + "f:podAntiAffinity": { + ".": {}, + "f:preferredDuringSchedulingIgnoredDuringExecution": {} + } + }, + "f:containers": { + "k:{\"name\":\"zookeeper\"}": { + ".": {}, + "f:command": {}, + "f:env": { + ".": {}, + "k:{\"name\":\"ENVOY_SIDECAR_STATUS\"}": { + ".": {}, + "f:name": {}, + "f:valueFrom": { + ".": {}, + "f:fieldRef": {} + } + } + }, + "f:image": {}, + "f:imagePullPolicy": {}, + "f:lifecycle": { + ".": {}, + "f:preStop": { + ".": {}, + "f:exec": { + ".": {}, + "f:command": {} + } + } + }, + "f:livenessProbe": { + ".": {}, + "f:exec": { + ".": {}, + "f:command": {} + }, + "f:failureThreshold": {}, + "f:initialDelaySeconds": {}, + "f:periodSeconds": {}, + "f:successThreshold": {}, + "f:timeoutSeconds": {} + }, + "f:name": {}, + "f:ports": { + ".": {}, + "k:{\"containerPort\":2181,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + }, + "k:{\"containerPort\":2888,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + }, + "k:{\"containerPort\":3888,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + }, + "k:{\"containerPort\":7000,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + }, + "k:{\"containerPort\":8080,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + } + }, + "f:readinessProbe": { + ".": {}, + "f:exec": { + ".": {}, + "f:command": {} + }, + "f:failureThreshold": {}, + "f:initialDelaySeconds": {}, + "f:periodSeconds": {}, + "f:successThreshold": {}, + "f:timeoutSeconds": {} + }, + "f:resources": {}, + "f:terminationMessagePath": {}, + "f:terminationMessagePolicy": {}, + "f:volumeMounts": { + ".": {}, + "k:{\"mountPath\":\"/conf\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {} + }, + "k:{\"mountPath\":\"/data\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {} + } + } + } + }, + "f:dnsPolicy": {}, + "f:enableServiceLinks": {}, + "f:hostname": {}, + "f:restartPolicy": {}, + "f:schedulerName": {}, + "f:securityContext": {}, + "f:serviceAccount": {}, + "f:serviceAccountName": {}, + "f:subdomain": {}, + "f:terminationGracePeriodSeconds": {}, + "f:volumes": { + ".": {}, + "k:{\"name\":\"conf\"}": { + ".": {}, + "f:configMap": { + ".": {}, + "f:defaultMode": {}, + "f:name": {} + }, + "f:name": {} + }, + "k:{\"name\":\"data\"}": { + ".": {}, + "f:name": {}, + "f:persistentVolumeClaim": { + ".": {}, + "f:claimName": {} + } + } + } + } + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T04:28:40+00:00" + }, + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:status": { + "f:conditions": { + "k:{\"type\":\"ContainersReady\"}": { + ".": {}, + "f:lastProbeTime": {}, + "f:lastTransitionTime": {}, + "f:status": {}, + "f:type": {} + }, + "k:{\"type\":\"Initialized\"}": { + ".": {}, + "f:lastProbeTime": {}, + "f:lastTransitionTime": {}, + "f:status": {}, + "f:type": {} + }, + "k:{\"type\":\"Ready\"}": { + ".": {}, + "f:lastProbeTime": {}, + "f:lastTransitionTime": {}, + "f:status": {}, + "f:type": {} + } + }, + "f:containerStatuses": {}, + "f:hostIP": {}, + "f:phase": {}, + "f:podIP": {}, + "f:podIPs": { + ".": {}, + "k:{\"ip\":\"10.244.2.3\"}": { + ".": {}, + "f:ip": {} + } + }, + "f:startTime": {} + } + }, + "manager": "kubelet", + "operation": "Update", + "subresource": "status", + "time": "2024-02-27T04:29:27+00:00" + } + ], + "name": "test-cluster-1", + "namespace": "acto-namespace", + "owner_references": [ + { + "api_version": "apps/v1", + "block_owner_deletion": true, + "controller": true, + "kind": "StatefulSet", + "name": "test-cluster", + "uid": "364b3b40-def1-40ea-8bc1-1c52af79123c" + } + ], + "resource_version": "915", + "self_link": null, + "uid": "29624fa3-b1bd-4a49-b9ce-4a745541e131" + }, + "spec": { + "active_deadline_seconds": null, + "affinity": { + "node_affinity": null, + "pod_affinity": null, + "pod_anti_affinity": { + "preferred_during_scheduling_ignored_during_execution": [ + { + "pod_affinity_term": { + "label_selector": { + "match_expressions": [ + { + "key": "app", + "operator": "In", + "values": [ + "test-cluster" + ] + } + ], + "match_labels": null + }, + "namespace_selector": null, + "namespaces": null, + "topology_key": "kubernetes.io/hostname" + }, + "weight": 20 + } + ], + "required_during_scheduling_ignored_during_execution": null + } + }, + "automount_service_account_token": null, + "containers": [ + { + "args": null, + "command": [ + "/usr/local/bin/zookeeperStart.sh" + ], + "env": [ + { + "name": "ENVOY_SIDECAR_STATUS", + "value": null, + "value_from": { + "config_map_key_ref": null, + "field_ref": { + "api_version": "v1", + "field_path": "metadata.annotations['sidecar.istio.io/status']" + }, + "resource_field_ref": null, + "secret_key_ref": null + } + } + ], + "env_from": null, + "image": "pravega/zookeeper:0.2.14", + "image_pull_policy": "IfNotPresent", + "lifecycle": { + "post_start": null, + "pre_stop": { + "_exec": { + "command": [ + "zookeeperTeardown.sh" + ] + }, + "http_get": null, + "tcp_socket": null + } + }, + "liveness_probe": { + "_exec": { + "command": [ + "zookeeperLive.sh" + ] + }, + "failure_threshold": 3, + "grpc": null, + "http_get": null, + "initial_delay_seconds": 10, + "period_seconds": 10, + "success_threshold": 1, + "tcp_socket": null, + "termination_grace_period_seconds": null, + "timeout_seconds": 10 + }, + "name": "zookeeper", + "ports": [ + { + "container_port": 2181, + "host_ip": null, + "host_port": null, + "name": "client", + "protocol": "TCP" + }, + { + "container_port": 2888, + "host_ip": null, + "host_port": null, + "name": "quorum", + "protocol": "TCP" + }, + { + "container_port": 3888, + "host_ip": null, + "host_port": null, + "name": "leader-election", + "protocol": "TCP" + }, + { + "container_port": 7000, + "host_ip": null, + "host_port": null, + "name": "metrics", + "protocol": "TCP" + }, + { + "container_port": 8080, + "host_ip": null, + "host_port": null, + "name": "admin-server", + "protocol": "TCP" + } + ], + "readiness_probe": { + "_exec": { + "command": [ + "zookeeperReady.sh" + ] + }, + "failure_threshold": 3, + "grpc": null, + "http_get": null, + "initial_delay_seconds": 10, + "period_seconds": 10, + "success_threshold": 1, + "tcp_socket": null, + "termination_grace_period_seconds": null, + "timeout_seconds": 10 + }, + "resources": { + "claims": null, + "limits": null, + "requests": null + }, + "security_context": null, + "startup_probe": null, + "stdin": null, + "stdin_once": null, + "termination_message_path": "/dev/termination-log", + "termination_message_policy": "File", + "tty": null, + "volume_devices": null, + "volume_mounts": [ + { + "mount_path": "/data", + "mount_propagation": null, + "name": "data", + "read_only": null, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/conf", + "mount_propagation": null, + "name": "conf", + "read_only": null, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/var/run/secrets/kubernetes.io/serviceaccount", + "mount_propagation": null, + "name": "kube-api-access-kv8hc", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + } + ], + "working_dir": null + } + ], + "dns_config": null, + "dns_policy": "ClusterFirst", + "enable_service_links": true, + "ephemeral_containers": null, + "host_aliases": null, + "host_ipc": null, + "host_network": null, + "host_pid": null, + "host_users": null, + "hostname": "test-cluster-1", + "image_pull_secrets": null, + "init_containers": null, + "node_name": "acto-0-cluster-0-worker2", + "node_selector": null, + "os": null, + "overhead": null, + "preemption_policy": "PreemptLowerPriority", + "priority": 0, + "priority_class_name": null, + "readiness_gates": null, + "resource_claims": null, + "restart_policy": "Always", + "runtime_class_name": null, + "scheduler_name": "default-scheduler", + "scheduling_gates": null, + "security_context": { + "fs_group": null, + "fs_group_change_policy": null, + "run_as_group": null, + "run_as_non_root": null, + "run_as_user": null, + "se_linux_options": null, + "seccomp_profile": null, + "supplemental_groups": null, + "sysctls": null, + "windows_options": null + }, + "service_account": "default", + "service_account_name": "default", + "set_hostname_as_fqdn": null, + "share_process_namespace": null, + "subdomain": "test-cluster-headless", + "termination_grace_period_seconds": 30, + "tolerations": [ + { + "effect": "NoExecute", + "key": "node.kubernetes.io/not-ready", + "operator": "Exists", + "toleration_seconds": 300, + "value": null + }, + { + "effect": "NoExecute", + "key": "node.kubernetes.io/unreachable", + "operator": "Exists", + "toleration_seconds": 300, + "value": null + } + ], + "topology_spread_constraints": null, + "volumes": [ + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "data", + "nfs": null, + "persistent_volume_claim": { + "claim_name": "data-test-cluster-1", + "read_only": null + }, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": { + "default_mode": 420, + "items": null, + "name": "test-cluster-configmap", + "optional": null + }, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "conf", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "kube-api-access-kv8hc", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": { + "default_mode": 420, + "sources": [ + { + "config_map": null, + "downward_api": null, + "secret": null, + "service_account_token": { + "audience": null, + "expiration_seconds": 3607, + "path": "token" + } + }, + { + "config_map": { + "items": [ + { + "key": "ca.crt", + "mode": null, + "path": "ca.crt" + } + ], + "name": "kube-root-ca.crt", + "optional": null + }, + "downward_api": null, + "secret": null, + "service_account_token": null + }, + { + "config_map": null, + "downward_api": { + "items": [ + { + "field_ref": { + "api_version": "v1", + "field_path": "metadata.namespace" + }, + "mode": null, + "path": "namespace", + "resource_field_ref": null + } + ] + }, + "secret": null, + "service_account_token": null + } + ] + }, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + } + ] + }, + "status": { + "conditions": [ + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T04:28:44+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "Initialized" + }, + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T04:29:27+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "Ready" + }, + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T04:29:27+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "ContainersReady" + }, + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T04:28:44+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "PodScheduled" + } + ], + "container_statuses": [ + { + "container_id": "containerd://e0a062004552de47c60046b989f1895b7fd8df9e6dffda07ab02e9326a1d76d4", + "image": "docker.io/pravega/zookeeper:0.2.14", + "image_id": "docker.io/library/import-2024-02-27@sha256:7f2584253004a3a8f2cbd60d47f9333098ad7ac912757eb7591a60ea021b79bd", + "last_state": { + "running": null, + "terminated": { + "container_id": "containerd://23f059b1f43bedd626d3cd6572c9bd3cf950577dac1e4209545207d1540ad758", + "exit_code": 1, + "finished_at": "2024-02-27T04:28:45+00:00", + "message": null, + "reason": "Error", + "signal": null, + "started_at": "2024-02-27T04:28:45+00:00" + }, + "waiting": null + }, + "name": "zookeeper", + "ready": true, + "restart_count": 2, + "started": true, + "state": { + "running": { + "started_at": "2024-02-27T04:29:11+00:00" + }, + "terminated": null, + "waiting": null + } + } + ], + "ephemeral_container_statuses": null, + "host_ip": "172.18.0.3", + "init_container_statuses": null, + "message": null, + "nominated_node_name": null, + "phase": "Running", + "pod_ip": "10.244.2.3", + "pod_i_ps": [ + { + "ip": "10.244.2.3" + } + ], + "qos_class": "BestEffort", + "reason": null, + "start_time": "2024-02-27T04:28:44+00:00" + } + }, + "test-cluster-2": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T04:29:27+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": "test-cluster-", + "generation": null, + "labels": { + "app": "test-cluster", + "apps.kubernetes.io/pod-index": "2", + "controller-revision-hash": "test-cluster-66f4d88fc7", + "kind": "ZookeeperMember", + "release": "test-cluster", + "statefulset.kubernetes.io/pod-name": "test-cluster-2" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:generateName": {}, + "f:labels": { + ".": {}, + "f:app": {}, + "f:apps.kubernetes.io/pod-index": {}, + "f:controller-revision-hash": {}, + "f:kind": {}, + "f:release": {}, + "f:statefulset.kubernetes.io/pod-name": {} + }, + "f:ownerReferences": { + ".": {}, + "k:{\"uid\":\"364b3b40-def1-40ea-8bc1-1c52af79123c\"}": {} + } + }, + "f:spec": { + "f:affinity": { + ".": {}, + "f:podAntiAffinity": { + ".": {}, + "f:preferredDuringSchedulingIgnoredDuringExecution": {} + } + }, + "f:containers": { + "k:{\"name\":\"zookeeper\"}": { + ".": {}, + "f:command": {}, + "f:env": { + ".": {}, + "k:{\"name\":\"ENVOY_SIDECAR_STATUS\"}": { + ".": {}, + "f:name": {}, + "f:valueFrom": { + ".": {}, + "f:fieldRef": {} + } + } + }, + "f:image": {}, + "f:imagePullPolicy": {}, + "f:lifecycle": { + ".": {}, + "f:preStop": { + ".": {}, + "f:exec": { + ".": {}, + "f:command": {} + } + } + }, + "f:livenessProbe": { + ".": {}, + "f:exec": { + ".": {}, + "f:command": {} + }, + "f:failureThreshold": {}, + "f:initialDelaySeconds": {}, + "f:periodSeconds": {}, + "f:successThreshold": {}, + "f:timeoutSeconds": {} + }, + "f:name": {}, + "f:ports": { + ".": {}, + "k:{\"containerPort\":2181,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + }, + "k:{\"containerPort\":2888,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + }, + "k:{\"containerPort\":3888,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + }, + "k:{\"containerPort\":7000,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + }, + "k:{\"containerPort\":8080,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + } + }, + "f:readinessProbe": { + ".": {}, + "f:exec": { + ".": {}, + "f:command": {} + }, + "f:failureThreshold": {}, + "f:initialDelaySeconds": {}, + "f:periodSeconds": {}, + "f:successThreshold": {}, + "f:timeoutSeconds": {} + }, + "f:resources": {}, + "f:terminationMessagePath": {}, + "f:terminationMessagePolicy": {}, + "f:volumeMounts": { + ".": {}, + "k:{\"mountPath\":\"/conf\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {} + }, + "k:{\"mountPath\":\"/data\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {} + } + } + } + }, + "f:dnsPolicy": {}, + "f:enableServiceLinks": {}, + "f:hostname": {}, + "f:restartPolicy": {}, + "f:schedulerName": {}, + "f:securityContext": {}, + "f:serviceAccount": {}, + "f:serviceAccountName": {}, + "f:subdomain": {}, + "f:terminationGracePeriodSeconds": {}, + "f:volumes": { + ".": {}, + "k:{\"name\":\"conf\"}": { + ".": {}, + "f:configMap": { + ".": {}, + "f:defaultMode": {}, + "f:name": {} + }, + "f:name": {} + }, + "k:{\"name\":\"data\"}": { + ".": {}, + "f:name": {}, + "f:persistentVolumeClaim": { + ".": {}, + "f:claimName": {} + } + } + } + } + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T04:29:27+00:00" + }, + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:status": { + "f:conditions": { + "k:{\"type\":\"ContainersReady\"}": { + ".": {}, + "f:lastProbeTime": {}, + "f:lastTransitionTime": {}, + "f:status": {}, + "f:type": {} + }, + "k:{\"type\":\"Initialized\"}": { + ".": {}, + "f:lastProbeTime": {}, + "f:lastTransitionTime": {}, + "f:status": {}, + "f:type": {} + }, + "k:{\"type\":\"Ready\"}": { + ".": {}, + "f:lastProbeTime": {}, + "f:lastTransitionTime": {}, + "f:status": {}, + "f:type": {} + } + }, + "f:containerStatuses": {}, + "f:hostIP": {}, + "f:phase": {}, + "f:podIP": {}, + "f:podIPs": { + ".": {}, + "k:{\"ip\":\"10.244.1.4\"}": { + ".": {}, + "f:ip": {} + } + }, + "f:startTime": {} + } + }, + "manager": "kubelet", + "operation": "Update", + "subresource": "status", + "time": "2024-02-27T04:29:43+00:00" + } + ], + "name": "test-cluster-2", + "namespace": "acto-namespace", + "owner_references": [ + { + "api_version": "apps/v1", + "block_owner_deletion": true, + "controller": true, + "kind": "StatefulSet", + "name": "test-cluster", + "uid": "364b3b40-def1-40ea-8bc1-1c52af79123c" + } + ], + "resource_version": "987", + "self_link": null, + "uid": "ba425a9d-cf57-4e27-8ef2-a64a42681f9e" + }, + "spec": { + "active_deadline_seconds": null, + "affinity": { + "node_affinity": null, + "pod_affinity": null, + "pod_anti_affinity": { + "preferred_during_scheduling_ignored_during_execution": [ + { + "pod_affinity_term": { + "label_selector": { + "match_expressions": [ + { + "key": "app", + "operator": "In", + "values": [ + "test-cluster" + ] + } + ], + "match_labels": null + }, + "namespace_selector": null, + "namespaces": null, + "topology_key": "kubernetes.io/hostname" + }, + "weight": 20 + } + ], + "required_during_scheduling_ignored_during_execution": null + } + }, + "automount_service_account_token": null, + "containers": [ + { + "args": null, + "command": [ + "/usr/local/bin/zookeeperStart.sh" + ], + "env": [ + { + "name": "ENVOY_SIDECAR_STATUS", + "value": null, + "value_from": { + "config_map_key_ref": null, + "field_ref": { + "api_version": "v1", + "field_path": "metadata.annotations['sidecar.istio.io/status']" + }, + "resource_field_ref": null, + "secret_key_ref": null + } + } + ], + "env_from": null, + "image": "pravega/zookeeper:0.2.14", + "image_pull_policy": "IfNotPresent", + "lifecycle": { + "post_start": null, + "pre_stop": { + "_exec": { + "command": [ + "zookeeperTeardown.sh" + ] + }, + "http_get": null, + "tcp_socket": null + } + }, + "liveness_probe": { + "_exec": { + "command": [ + "zookeeperLive.sh" + ] + }, + "failure_threshold": 3, + "grpc": null, + "http_get": null, + "initial_delay_seconds": 10, + "period_seconds": 10, + "success_threshold": 1, + "tcp_socket": null, + "termination_grace_period_seconds": null, + "timeout_seconds": 10 + }, + "name": "zookeeper", + "ports": [ + { + "container_port": 2181, + "host_ip": null, + "host_port": null, + "name": "client", + "protocol": "TCP" + }, + { + "container_port": 2888, + "host_ip": null, + "host_port": null, + "name": "quorum", + "protocol": "TCP" + }, + { + "container_port": 3888, + "host_ip": null, + "host_port": null, + "name": "leader-election", + "protocol": "TCP" + }, + { + "container_port": 7000, + "host_ip": null, + "host_port": null, + "name": "metrics", + "protocol": "TCP" + }, + { + "container_port": 8080, + "host_ip": null, + "host_port": null, + "name": "admin-server", + "protocol": "TCP" + } + ], + "readiness_probe": { + "_exec": { + "command": [ + "zookeeperReady.sh" + ] + }, + "failure_threshold": 3, + "grpc": null, + "http_get": null, + "initial_delay_seconds": 10, + "period_seconds": 10, + "success_threshold": 1, + "tcp_socket": null, + "termination_grace_period_seconds": null, + "timeout_seconds": 10 + }, + "resources": { + "claims": null, + "limits": null, + "requests": null + }, + "security_context": null, + "startup_probe": null, + "stdin": null, + "stdin_once": null, + "termination_message_path": "/dev/termination-log", + "termination_message_policy": "File", + "tty": null, + "volume_devices": null, + "volume_mounts": [ + { + "mount_path": "/data", + "mount_propagation": null, + "name": "data", + "read_only": null, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/conf", + "mount_propagation": null, + "name": "conf", + "read_only": null, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/var/run/secrets/kubernetes.io/serviceaccount", + "mount_propagation": null, + "name": "kube-api-access-9wbg7", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + } + ], + "working_dir": null + } + ], + "dns_config": null, + "dns_policy": "ClusterFirst", + "enable_service_links": true, + "ephemeral_containers": null, + "host_aliases": null, + "host_ipc": null, + "host_network": null, + "host_pid": null, + "host_users": null, + "hostname": "test-cluster-2", + "image_pull_secrets": null, + "init_containers": null, + "node_name": "acto-0-cluster-0-worker", + "node_selector": null, + "os": null, + "overhead": null, + "preemption_policy": "PreemptLowerPriority", + "priority": 0, + "priority_class_name": null, + "readiness_gates": null, + "resource_claims": null, + "restart_policy": "Always", + "runtime_class_name": null, + "scheduler_name": "default-scheduler", + "scheduling_gates": null, + "security_context": { + "fs_group": null, + "fs_group_change_policy": null, + "run_as_group": null, + "run_as_non_root": null, + "run_as_user": null, + "se_linux_options": null, + "seccomp_profile": null, + "supplemental_groups": null, + "sysctls": null, + "windows_options": null + }, + "service_account": "default", + "service_account_name": "default", + "set_hostname_as_fqdn": null, + "share_process_namespace": null, + "subdomain": "test-cluster-headless", + "termination_grace_period_seconds": 30, + "tolerations": [ + { + "effect": "NoExecute", + "key": "node.kubernetes.io/not-ready", + "operator": "Exists", + "toleration_seconds": 300, + "value": null + }, + { + "effect": "NoExecute", + "key": "node.kubernetes.io/unreachable", + "operator": "Exists", + "toleration_seconds": 300, + "value": null + } + ], + "topology_spread_constraints": null, + "volumes": [ + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "data", + "nfs": null, + "persistent_volume_claim": { + "claim_name": "data-test-cluster-2", + "read_only": null + }, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": { + "default_mode": 420, + "items": null, + "name": "test-cluster-configmap", + "optional": null + }, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "conf", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "kube-api-access-9wbg7", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": { + "default_mode": 420, + "sources": [ + { + "config_map": null, + "downward_api": null, + "secret": null, + "service_account_token": { + "audience": null, + "expiration_seconds": 3607, + "path": "token" + } + }, + { + "config_map": { + "items": [ + { + "key": "ca.crt", + "mode": null, + "path": "ca.crt" + } + ], + "name": "kube-root-ca.crt", + "optional": null + }, + "downward_api": null, + "secret": null, + "service_account_token": null + }, + { + "config_map": null, + "downward_api": { + "items": [ + { + "field_ref": { + "api_version": "v1", + "field_path": "metadata.namespace" + }, + "mode": null, + "path": "namespace", + "resource_field_ref": null + } + ] + }, + "secret": null, + "service_account_token": null + } + ] + }, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + } + ] + }, + "status": { + "conditions": [ + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T04:29:31+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "Initialized" + }, + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T04:29:43+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "Ready" + }, + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T04:29:43+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "ContainersReady" + }, + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T04:29:31+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "PodScheduled" + } + ], + "container_statuses": [ + { + "container_id": "containerd://d57a3d1981f648b551655d791a54b27c3cdb626d2ef55805831096a0d0045743", + "image": "docker.io/pravega/zookeeper:0.2.14", + "image_id": "docker.io/library/import-2024-02-27@sha256:7f2584253004a3a8f2cbd60d47f9333098ad7ac912757eb7591a60ea021b79bd", + "last_state": { + "running": null, + "terminated": null, + "waiting": null + }, + "name": "zookeeper", + "ready": true, + "restart_count": 0, + "started": true, + "state": { + "running": { + "started_at": "2024-02-27T04:29:31+00:00" + }, + "terminated": null, + "waiting": null + } + } + ], + "ephemeral_container_statuses": null, + "host_ip": "172.18.0.5", + "init_container_statuses": null, + "message": null, + "nominated_node_name": null, + "phase": "Running", + "pod_ip": "10.244.1.4", + "pod_i_ps": [ + { + "ip": "10.244.1.4" + } + ], + "qos_class": "BestEffort", + "reason": null, + "start_time": "2024-02-27T04:29:31+00:00" + } + } + }, + "deployment_pods": { + "acto-test-operator-zookeeper-operator": [ + { + "api_version": null, + "kind": null, + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T04:27:55+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": "acto-test-operator-zookeeper-operator-f56b66895-", + "generation": null, + "labels": { + "acto/tag": "operator-pod", + "component": "zookeeper-operator", + "name": "acto-test-operator-zookeeper-operator", + "pod-template-hash": "f56b66895" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:generateName": {}, + "f:labels": { + ".": {}, + "f:acto/tag": {}, + "f:component": {}, + "f:name": {}, + "f:pod-template-hash": {} + }, + "f:ownerReferences": { + ".": {}, + "k:{\"uid\":\"1b23e2bb-3559-4aa5-81e0-684e828d90ab\"}": {} + } + }, + "f:spec": { + "f:containers": { + "k:{\"name\":\"acto-test-operator-zookeeper-operator\"}": { + ".": {}, + "f:command": {}, + "f:env": { + ".": {}, + "k:{\"name\":\"OPERATOR_NAME\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"POD_NAME\"}": { + ".": {}, + "f:name": {}, + "f:valueFrom": { + ".": {}, + "f:fieldRef": {} + } + }, + "k:{\"name\":\"WATCH_NAMESPACE\"}": { + ".": {}, + "f:name": {} + } + }, + "f:image": {}, + "f:imagePullPolicy": {}, + "f:name": {}, + "f:ports": { + ".": {}, + "k:{\"containerPort\":6000,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + } + }, + "f:resources": {}, + "f:terminationMessagePath": {}, + "f:terminationMessagePolicy": {} + } + }, + "f:dnsPolicy": {}, + "f:enableServiceLinks": {}, + "f:restartPolicy": {}, + "f:schedulerName": {}, + "f:securityContext": {}, + "f:serviceAccount": {}, + "f:serviceAccountName": {}, + "f:terminationGracePeriodSeconds": {} + } + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T04:27:55+00:00" + }, + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:status": { + "f:conditions": { + "k:{\"type\":\"ContainersReady\"}": { + ".": {}, + "f:lastProbeTime": {}, + "f:lastTransitionTime": {}, + "f:status": {}, + "f:type": {} + }, + "k:{\"type\":\"Initialized\"}": { + ".": {}, + "f:lastProbeTime": {}, + "f:lastTransitionTime": {}, + "f:status": {}, + "f:type": {} + }, + "k:{\"type\":\"Ready\"}": { + ".": {}, + "f:lastProbeTime": {}, + "f:lastTransitionTime": {}, + "f:status": {}, + "f:type": {} + } + }, + "f:containerStatuses": {}, + "f:hostIP": {}, + "f:phase": {}, + "f:podIP": {}, + "f:podIPs": { + ".": {}, + "k:{\"ip\":\"10.244.1.2\"}": { + ".": {}, + "f:ip": {} + } + }, + "f:startTime": {} + } + }, + "manager": "kubelet", + "operation": "Update", + "subresource": "status", + "time": "2024-02-27T04:27:57+00:00" + } + ], + "name": "acto-test-operator-zookeeper-operator-f56b66895-xgnpm", + "namespace": "acto-namespace", + "owner_references": [ + { + "api_version": "apps/v1", + "block_owner_deletion": true, + "controller": true, + "kind": "ReplicaSet", + "name": "acto-test-operator-zookeeper-operator-f56b66895", + "uid": "1b23e2bb-3559-4aa5-81e0-684e828d90ab" + } + ], + "resource_version": "652", + "self_link": null, + "uid": "b75052f7-2f5d-4c24-9c77-cb51321f43a4" + }, + "spec": { + "active_deadline_seconds": null, + "affinity": null, + "automount_service_account_token": null, + "containers": [ + { + "args": null, + "command": [ + "zookeeper-operator" + ], + "env": [ + { + "name": "WATCH_NAMESPACE", + "value": null, + "value_from": null + }, + { + "name": "POD_NAME", + "value": null, + "value_from": { + "config_map_key_ref": null, + "field_ref": { + "api_version": "v1", + "field_path": "metadata.name" + }, + "resource_field_ref": null, + "secret_key_ref": null + } + }, + { + "name": "OPERATOR_NAME", + "value": "acto-test-operator-zookeeper-operator", + "value_from": null + } + ], + "env_from": null, + "image": "pravega/zookeeper-operator:0.2.13", + "image_pull_policy": "IfNotPresent", + "lifecycle": null, + "liveness_probe": null, + "name": "acto-test-operator-zookeeper-operator", + "ports": [ + { + "container_port": 6000, + "host_ip": null, + "host_port": null, + "name": "metrics", + "protocol": "TCP" + } + ], + "readiness_probe": null, + "resources": { + "claims": null, + "limits": null, + "requests": null + }, + "security_context": null, + "startup_probe": null, + "stdin": null, + "stdin_once": null, + "termination_message_path": "/dev/termination-log", + "termination_message_policy": "File", + "tty": null, + "volume_devices": null, + "volume_mounts": [ + { + "mount_path": "/var/run/secrets/kubernetes.io/serviceaccount", + "mount_propagation": null, + "name": "kube-api-access-7lxg6", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + } + ], + "working_dir": null + } + ], + "dns_config": null, + "dns_policy": "ClusterFirst", + "enable_service_links": true, + "ephemeral_containers": null, + "host_aliases": null, + "host_ipc": null, + "host_network": null, + "host_pid": null, + "host_users": null, + "hostname": null, + "image_pull_secrets": null, + "init_containers": null, + "node_name": "acto-0-cluster-0-worker", + "node_selector": null, + "os": null, + "overhead": null, + "preemption_policy": "PreemptLowerPriority", + "priority": 0, + "priority_class_name": null, + "readiness_gates": null, + "resource_claims": null, + "restart_policy": "Always", + "runtime_class_name": null, + "scheduler_name": "default-scheduler", + "scheduling_gates": null, + "security_context": { + "fs_group": null, + "fs_group_change_policy": null, + "run_as_group": null, + "run_as_non_root": null, + "run_as_user": null, + "se_linux_options": null, + "seccomp_profile": null, + "supplemental_groups": null, + "sysctls": null, + "windows_options": null + }, + "service_account": "zookeeper-operator", + "service_account_name": "zookeeper-operator", + "set_hostname_as_fqdn": null, + "share_process_namespace": null, + "subdomain": null, + "termination_grace_period_seconds": 30, + "tolerations": [ + { + "effect": "NoExecute", + "key": "node.kubernetes.io/not-ready", + "operator": "Exists", + "toleration_seconds": 300, + "value": null + }, + { + "effect": "NoExecute", + "key": "node.kubernetes.io/unreachable", + "operator": "Exists", + "toleration_seconds": 300, + "value": null + } + ], + "topology_spread_constraints": null, + "volumes": [ + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "kube-api-access-7lxg6", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": { + "default_mode": 420, + "sources": [ + { + "config_map": null, + "downward_api": null, + "secret": null, + "service_account_token": { + "audience": null, + "expiration_seconds": 3607, + "path": "token" + } + }, + { + "config_map": { + "items": [ + { + "key": "ca.crt", + "mode": null, + "path": "ca.crt" + } + ], + "name": "kube-root-ca.crt", + "optional": null + }, + "downward_api": null, + "secret": null, + "service_account_token": null + }, + { + "config_map": null, + "downward_api": { + "items": [ + { + "field_ref": { + "api_version": "v1", + "field_path": "metadata.namespace" + }, + "mode": null, + "path": "namespace", + "resource_field_ref": null + } + ] + }, + "secret": null, + "service_account_token": null + } + ] + }, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + } + ] + }, + "status": { + "conditions": [ + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T04:27:55+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "Initialized" + }, + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T04:27:57+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "Ready" + }, + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T04:27:57+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "ContainersReady" + }, + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T04:27:55+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "PodScheduled" + } + ], + "container_statuses": [ + { + "container_id": "containerd://93da00e688354f4c1ae4d78bcb1c5f713d2335e11845ffb4fa52cfc5134ce058", + "image": "docker.io/pravega/zookeeper-operator:0.2.13", + "image_id": "docker.io/library/import-2024-02-27@sha256:136c9853896b8cec99ef856a29284fbc599a5d73df3a5279be744b776a322ab8", + "last_state": { + "running": null, + "terminated": null, + "waiting": null + }, + "name": "acto-test-operator-zookeeper-operator", + "ready": true, + "restart_count": 0, + "started": true, + "state": { + "running": { + "started_at": "2024-02-27T04:27:56+00:00" + }, + "terminated": null, + "waiting": null + } + } + ], + "ephemeral_container_statuses": null, + "host_ip": "172.18.0.5", + "init_container_statuses": null, + "message": null, + "nominated_node_name": null, + "phase": "Running", + "pod_ip": "10.244.1.2", + "pod_i_ps": [ + { + "ip": "10.244.1.2" + } + ], + "qos_class": "BestEffort", + "reason": null, + "start_time": "2024-02-27T04:27:55+00:00" + } + } + ] + }, + "daemonset_pods": {}, + "stateful_set": { + "test-cluster": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T04:28:26+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": 1, + "labels": { + "app": "test-cluster", + "owner-rv": "1123", + "release": "test-cluster" + }, + "managed_fields": [ + { + "api_version": "apps/v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:status": { + "f:availableReplicas": {}, + "f:currentReplicas": {}, + "f:readyReplicas": {}, + "f:replicas": {}, + "f:updatedReplicas": {} + } + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T04:29:43+00:00" + }, + { + "api_version": "apps/v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:labels": { + ".": {}, + "f:app": {}, + "f:owner-rv": {}, + "f:release": {} + }, + "f:ownerReferences": { + ".": {}, + "k:{\"uid\":\"5b55aa11-70e5-43b3-aee8-24fbe8180a7c\"}": {} + } + }, + "f:spec": { + "f:persistentVolumeClaimRetentionPolicy": { + ".": {}, + "f:whenDeleted": {}, + "f:whenScaled": {} + }, + "f:podManagementPolicy": {}, + "f:replicas": {}, + "f:revisionHistoryLimit": {}, + "f:selector": {}, + "f:serviceName": {}, + "f:template": { + "f:metadata": { + "f:generateName": {}, + "f:labels": { + ".": {}, + "f:app": {}, + "f:kind": {}, + "f:release": {} + } + }, + "f:spec": { + "f:affinity": { + ".": {}, + "f:podAntiAffinity": { + ".": {}, + "f:preferredDuringSchedulingIgnoredDuringExecution": {} + } + }, + "f:containers": { + "k:{\"name\":\"zookeeper\"}": { + ".": {}, + "f:command": {}, + "f:env": { + ".": {}, + "k:{\"name\":\"ENVOY_SIDECAR_STATUS\"}": { + ".": {}, + "f:name": {}, + "f:valueFrom": { + ".": {}, + "f:fieldRef": {} + } + } + }, + "f:image": {}, + "f:imagePullPolicy": {}, + "f:lifecycle": { + ".": {}, + "f:preStop": { + ".": {}, + "f:exec": { + ".": {}, + "f:command": {} + } + } + }, + "f:livenessProbe": { + ".": {}, + "f:exec": { + ".": {}, + "f:command": {} + }, + "f:failureThreshold": {}, + "f:initialDelaySeconds": {}, + "f:periodSeconds": {}, + "f:successThreshold": {}, + "f:timeoutSeconds": {} + }, + "f:name": {}, + "f:ports": { + ".": {}, + "k:{\"containerPort\":2181,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + }, + "k:{\"containerPort\":2888,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + }, + "k:{\"containerPort\":3888,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + }, + "k:{\"containerPort\":7000,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + }, + "k:{\"containerPort\":8080,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + } + }, + "f:readinessProbe": { + ".": {}, + "f:exec": { + ".": {}, + "f:command": {} + }, + "f:failureThreshold": {}, + "f:initialDelaySeconds": {}, + "f:periodSeconds": {}, + "f:successThreshold": {}, + "f:timeoutSeconds": {} + }, + "f:resources": {}, + "f:terminationMessagePath": {}, + "f:terminationMessagePolicy": {}, + "f:volumeMounts": { + ".": {}, + "k:{\"mountPath\":\"/conf\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {} + }, + "k:{\"mountPath\":\"/data\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {} + } + } + } + }, + "f:dnsPolicy": {}, + "f:restartPolicy": {}, + "f:schedulerName": {}, + "f:securityContext": {}, + "f:serviceAccount": {}, + "f:serviceAccountName": {}, + "f:terminationGracePeriodSeconds": {}, + "f:volumes": { + ".": {}, + "k:{\"name\":\"conf\"}": { + ".": {}, + "f:configMap": { + ".": {}, + "f:defaultMode": {}, + "f:name": {} + }, + "f:name": {} + } + } + } + }, + "f:updateStrategy": { + "f:type": {} + }, + "f:volumeClaimTemplates": {} + } + }, + "manager": "zookeeper-operator", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T04:31:02+00:00" + } + ], + "name": "test-cluster", + "namespace": "acto-namespace", + "owner_references": [ + { + "api_version": "zookeeper.pravega.io/v1beta1", + "block_owner_deletion": true, + "controller": true, + "kind": "ZookeeperCluster", + "name": "test-cluster", + "uid": "5b55aa11-70e5-43b3-aee8-24fbe8180a7c" + } + ], + "resource_version": "1124", + "self_link": null, + "uid": "364b3b40-def1-40ea-8bc1-1c52af79123c" + }, + "spec": { + "min_ready_seconds": null, + "ordinals": null, + "persistent_volume_claim_retention_policy": { + "when_deleted": "Retain", + "when_scaled": "Retain" + }, + "pod_management_policy": "OrderedReady", + "replicas": 3, + "revision_history_limit": 10, + "selector": { + "match_expressions": null, + "match_labels": { + "app": "test-cluster" + } + }, + "service_name": "test-cluster-headless", + "template": { + "metadata": { + "annotations": null, + "creation_timestamp": null, + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": "test-cluster", + "generation": null, + "labels": { + "app": "test-cluster", + "kind": "ZookeeperMember", + "release": "test-cluster" + }, + "managed_fields": null, + "name": null, + "namespace": null, + "owner_references": null, + "resource_version": null, + "self_link": null, + "uid": null + }, + "spec": { + "active_deadline_seconds": null, + "affinity": { + "node_affinity": null, + "pod_affinity": null, + "pod_anti_affinity": { + "preferred_during_scheduling_ignored_during_execution": [ + { + "pod_affinity_term": { + "label_selector": { + "match_expressions": [ + { + "key": "app", + "operator": "In", + "values": [ + "test-cluster" + ] + } + ], + "match_labels": null + }, + "namespace_selector": null, + "namespaces": null, + "topology_key": "kubernetes.io/hostname" + }, + "weight": 20 + } + ], + "required_during_scheduling_ignored_during_execution": null + } + }, + "automount_service_account_token": null, + "containers": [ + { + "args": null, + "command": [ + "/usr/local/bin/zookeeperStart.sh" + ], + "env": [ + { + "name": "ENVOY_SIDECAR_STATUS", + "value": null, + "value_from": { + "config_map_key_ref": null, + "field_ref": { + "api_version": "v1", + "field_path": "metadata.annotations['sidecar.istio.io/status']" + }, + "resource_field_ref": null, + "secret_key_ref": null + } + } + ], + "env_from": null, + "image": "pravega/zookeeper:0.2.14", + "image_pull_policy": "IfNotPresent", + "lifecycle": { + "post_start": null, + "pre_stop": { + "_exec": { + "command": [ + "zookeeperTeardown.sh" + ] + }, + "http_get": null, + "tcp_socket": null + } + }, + "liveness_probe": { + "_exec": { + "command": [ + "zookeeperLive.sh" + ] + }, + "failure_threshold": 3, + "grpc": null, + "http_get": null, + "initial_delay_seconds": 10, + "period_seconds": 10, + "success_threshold": 1, + "tcp_socket": null, + "termination_grace_period_seconds": null, + "timeout_seconds": 10 + }, + "name": "zookeeper", + "ports": [ + { + "container_port": 2181, + "host_ip": null, + "host_port": null, + "name": "client", + "protocol": "TCP" + }, + { + "container_port": 2888, + "host_ip": null, + "host_port": null, + "name": "quorum", + "protocol": "TCP" + }, + { + "container_port": 3888, + "host_ip": null, + "host_port": null, + "name": "leader-election", + "protocol": "TCP" + }, + { + "container_port": 7000, + "host_ip": null, + "host_port": null, + "name": "metrics", + "protocol": "TCP" + }, + { + "container_port": 8080, + "host_ip": null, + "host_port": null, + "name": "admin-server", + "protocol": "TCP" + } + ], + "readiness_probe": { + "_exec": { + "command": [ + "zookeeperReady.sh" + ] + }, + "failure_threshold": 3, + "grpc": null, + "http_get": null, + "initial_delay_seconds": 10, + "period_seconds": 10, + "success_threshold": 1, + "tcp_socket": null, + "termination_grace_period_seconds": null, + "timeout_seconds": 10 + }, + "resources": { + "claims": null, + "limits": null, + "requests": null + }, + "security_context": null, + "startup_probe": null, + "stdin": null, + "stdin_once": null, + "termination_message_path": "/dev/termination-log", + "termination_message_policy": "File", + "tty": null, + "volume_devices": null, + "volume_mounts": [ + { + "mount_path": "/data", + "mount_propagation": null, + "name": "data", + "read_only": null, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/conf", + "mount_propagation": null, + "name": "conf", + "read_only": null, + "sub_path": null, + "sub_path_expr": null + } + ], + "working_dir": null + } + ], + "dns_config": null, + "dns_policy": "ClusterFirst", + "enable_service_links": null, + "ephemeral_containers": null, + "host_aliases": null, + "host_ipc": null, + "host_network": null, + "host_pid": null, + "host_users": null, + "hostname": null, + "image_pull_secrets": null, + "init_containers": null, + "node_name": null, + "node_selector": null, + "os": null, + "overhead": null, + "preemption_policy": null, + "priority": null, + "priority_class_name": null, + "readiness_gates": null, + "resource_claims": null, + "restart_policy": "Always", + "runtime_class_name": null, + "scheduler_name": "default-scheduler", + "scheduling_gates": null, + "security_context": { + "fs_group": null, + "fs_group_change_policy": null, + "run_as_group": null, + "run_as_non_root": null, + "run_as_user": null, + "se_linux_options": null, + "seccomp_profile": null, + "supplemental_groups": null, + "sysctls": null, + "windows_options": null + }, + "service_account": "default", + "service_account_name": "default", + "set_hostname_as_fqdn": null, + "share_process_namespace": null, + "subdomain": null, + "termination_grace_period_seconds": 30, + "tolerations": null, + "topology_spread_constraints": null, + "volumes": [ + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": { + "default_mode": 420, + "items": null, + "name": "test-cluster-configmap", + "optional": null + }, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "conf", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + } + ] + } + }, + "update_strategy": { + "rolling_update": null, + "type": "RollingUpdate" + }, + "volume_claim_templates": [ + { + "api_version": "v1", + "kind": "PersistentVolumeClaim", + "metadata": { + "annotations": null, + "creation_timestamp": null, + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": { + "app": "test-cluster", + "release": "test-cluster", + "uid": "5b55aa11-70e5-43b3-aee8-24fbe8180a7c" + }, + "managed_fields": null, + "name": "data", + "namespace": null, + "owner_references": null, + "resource_version": null, + "self_link": null, + "uid": null + }, + "spec": { + "access_modes": [ + "ReadWriteOnce" + ], + "data_source": null, + "data_source_ref": null, + "resources": { + "claims": null, + "limits": null, + "requests": { + "storage": "20Gi" + } + }, + "selector": null, + "storage_class_name": "standard", + "volume_mode": "Filesystem", + "volume_name": null + }, + "status": { + "access_modes": null, + "allocated_resources": null, + "capacity": null, + "conditions": null, + "phase": "Pending", + "resize_status": null + } + } + ] + }, + "status": { + "available_replicas": 3, + "collision_count": 0, + "conditions": null, + "current_replicas": 3, + "current_revision": "test-cluster-66f4d88fc7", + "observed_generation": 1, + "ready_replicas": 3, + "replicas": 3, + "update_revision": "test-cluster-66f4d88fc7", + "updated_replicas": 3 + } + } + }, + "deployment": { + "acto-test-operator-zookeeper-operator": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": { + "deployment.kubernetes.io/revision": "1" + }, + "creation_timestamp": "2024-02-27T04:27:55+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": 1, + "labels": { + "acto/tag": "operator-deployment", + "app.kubernetes.io/managed-by": "Helm", + "app.kubernetes.io/name": "zookeeper-operator", + "app.kubernetes.io/version": "0.2.13", + "helm.sh/chart": "zookeeper-operator-0.2.13" + }, + "managed_fields": [ + { + "api_version": "apps/v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:labels": { + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {}, + "f:app.kubernetes.io/version": {}, + "f:helm.sh/chart": {} + } + }, + "f:spec": { + "f:replicas": {}, + "f:selector": {}, + "f:template": { + "f:metadata": { + "f:labels": { + "f:acto/tag": {}, + "f:component": {}, + "f:name": {} + } + }, + "f:spec": { + "f:containers": { + "k:{\"name\":\"acto-test-operator-zookeeper-operator\"}": { + ".": {}, + "f:command": {}, + "f:env": { + "k:{\"name\":\"OPERATOR_NAME\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"POD_NAME\"}": { + ".": {}, + "f:name": {}, + "f:valueFrom": { + "f:fieldRef": {} + } + }, + "k:{\"name\":\"WATCH_NAMESPACE\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + } + }, + "f:image": {}, + "f:imagePullPolicy": {}, + "f:name": {}, + "f:ports": { + "k:{\"containerPort\":6000,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {} + } + } + } + }, + "f:serviceAccountName": {} + } + } + } + }, + "manager": "kubectl", + "operation": "Apply", + "subresource": null, + "time": "2024-02-27T04:27:55+00:00" + }, + { + "api_version": "apps/v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + ".": {}, + "f:deployment.kubernetes.io/revision": {} + } + }, + "f:status": { + "f:availableReplicas": {}, + "f:conditions": { + ".": {}, + "k:{\"type\":\"Available\"}": { + ".": {}, + "f:lastTransitionTime": {}, + "f:lastUpdateTime": {}, + "f:message": {}, + "f:reason": {}, + "f:status": {}, + "f:type": {} + }, + "k:{\"type\":\"Progressing\"}": { + ".": {}, + "f:lastTransitionTime": {}, + "f:lastUpdateTime": {}, + "f:message": {}, + "f:reason": {}, + "f:status": {}, + "f:type": {} + } + }, + "f:observedGeneration": {}, + "f:readyReplicas": {}, + "f:replicas": {}, + "f:updatedReplicas": {} + } + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": "status", + "time": "2024-02-27T04:27:57+00:00" + }, + { + "api_version": "apps/v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:labels": { + "f:acto/tag": {} + } + } + }, + "manager": "OpenAPI-Generator", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T04:28:00+00:00" + } + ], + "name": "acto-test-operator-zookeeper-operator", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "658", + "self_link": null, + "uid": "e6a6837c-b4cd-4886-9b00-c0cf0cee78e7" + }, + "spec": { + "min_ready_seconds": null, + "paused": null, + "progress_deadline_seconds": 600, + "replicas": 1, + "revision_history_limit": 10, + "selector": { + "match_expressions": null, + "match_labels": { + "name": "acto-test-operator-zookeeper-operator" + } + }, + "strategy": { + "rolling_update": { + "max_surge": "25%", + "max_unavailable": "25%" + }, + "type": "RollingUpdate" + }, + "template": { + "metadata": { + "annotations": null, + "creation_timestamp": null, + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": { + "acto/tag": "operator-pod", + "component": "zookeeper-operator", + "name": "acto-test-operator-zookeeper-operator" + }, + "managed_fields": null, + "name": null, + "namespace": null, + "owner_references": null, + "resource_version": null, + "self_link": null, + "uid": null + }, + "spec": { + "active_deadline_seconds": null, + "affinity": null, + "automount_service_account_token": null, + "containers": [ + { + "args": null, + "command": [ + "zookeeper-operator" + ], + "env": [ + { + "name": "WATCH_NAMESPACE", + "value": null, + "value_from": null + }, + { + "name": "POD_NAME", + "value": null, + "value_from": { + "config_map_key_ref": null, + "field_ref": { + "api_version": "v1", + "field_path": "metadata.name" + }, + "resource_field_ref": null, + "secret_key_ref": null + } + }, + { + "name": "OPERATOR_NAME", + "value": "acto-test-operator-zookeeper-operator", + "value_from": null + } + ], + "env_from": null, + "image": "pravega/zookeeper-operator:0.2.13", + "image_pull_policy": "IfNotPresent", + "lifecycle": null, + "liveness_probe": null, + "name": "acto-test-operator-zookeeper-operator", + "ports": [ + { + "container_port": 6000, + "host_ip": null, + "host_port": null, + "name": "metrics", + "protocol": "TCP" + } + ], + "readiness_probe": null, + "resources": { + "claims": null, + "limits": null, + "requests": null + }, + "security_context": null, + "startup_probe": null, + "stdin": null, + "stdin_once": null, + "termination_message_path": "/dev/termination-log", + "termination_message_policy": "File", + "tty": null, + "volume_devices": null, + "volume_mounts": null, + "working_dir": null + } + ], + "dns_config": null, + "dns_policy": "ClusterFirst", + "enable_service_links": null, + "ephemeral_containers": null, + "host_aliases": null, + "host_ipc": null, + "host_network": null, + "host_pid": null, + "host_users": null, + "hostname": null, + "image_pull_secrets": null, + "init_containers": null, + "node_name": null, + "node_selector": null, + "os": null, + "overhead": null, + "preemption_policy": null, + "priority": null, + "priority_class_name": null, + "readiness_gates": null, + "resource_claims": null, + "restart_policy": "Always", + "runtime_class_name": null, + "scheduler_name": "default-scheduler", + "scheduling_gates": null, + "security_context": { + "fs_group": null, + "fs_group_change_policy": null, + "run_as_group": null, + "run_as_non_root": null, + "run_as_user": null, + "se_linux_options": null, + "seccomp_profile": null, + "supplemental_groups": null, + "sysctls": null, + "windows_options": null + }, + "service_account": "zookeeper-operator", + "service_account_name": "zookeeper-operator", + "set_hostname_as_fqdn": null, + "share_process_namespace": null, + "subdomain": null, + "termination_grace_period_seconds": 30, + "tolerations": null, + "topology_spread_constraints": null, + "volumes": null + } + } + }, + "status": { + "available_replicas": 1, + "collision_count": null, + "conditions": [ + { + "last_transition_time": "2024-02-27T04:27:57+00:00", + "last_update_time": "2024-02-27T04:27:57+00:00", + "message": "Deployment has minimum availability.", + "reason": "MinimumReplicasAvailable", + "status": "True", + "type": "Available" + }, + { + "last_transition_time": "2024-02-27T04:27:55+00:00", + "last_update_time": "2024-02-27T04:27:57+00:00", + "message": "ReplicaSet \"acto-test-operator-zookeeper-operator-f56b66895\" has successfully progressed.", + "reason": "NewReplicaSetAvailable", + "status": "True", + "type": "Progressing" + } + ], + "observed_generation": 1, + "ready_replicas": 1, + "replicas": 1, + "unavailable_replicas": null, + "updated_replicas": 1 + } + } + }, + "daemon_set": {}, + "config_map": { + "kube-root-ca.crt": { + "api_version": null, + "binary_data": null, + "data": { + "ca.crt": "-----BEGIN CERTIFICATE-----\nMIIDBTCCAe2gAwIBAgIIGAg7H0YfUXcwDQYJKoZIhvcNAQELBQAwFTETMBEGA1UE\nAxMKa3ViZXJuZXRlczAeFw0yNDAyMjcwNDIyMTRaFw0zNDAyMjQwNDI3MTRaMBUx\nEzARBgNVBAMTCmt1YmVybmV0ZXMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK\nAoIBAQCdxmB3VLnTJXedH5C0njbMX4+k8Rot/abG3gOhbDMzj9SeNVGinEhcyq0h\nzRAipZDHv7StwjVzcpV6RwMmlRI1jazLFQy3RpbuOTJAuksdHnD+zvvhES7rP4Hb\nJG/aNMkgBh9gvOYKzIWwx9LgWM4fZ/MwkzuzZK1ll0kGkEdKBaeVaR3T9X4irr4P\n4/PbLijX4pApZXv6wxbdTypde8qExHGq/usdmXFI1p7STtHYJ8BqygLE/vXKaOlA\nuWDMLY7t3unNa5mlvgy8Hw97Ykb0lScMYpa3WXlKVxkGa1Q3URLGT9alrX20XA9v\nysVIOQp4KES5B6SbKQN6UN0kagf1AgMBAAGjWTBXMA4GA1UdDwEB/wQEAwICpDAP\nBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBTMIiYFRO2umwj2b48LUqNc7SWRDzAV\nBgNVHREEDjAMggprdWJlcm5ldGVzMA0GCSqGSIb3DQEBCwUAA4IBAQANMuyKyPBr\n1/5RixyIHwr6EUeYHHsMXArGAEywb5VTciv774LXZVaxj4ebVwXnb/GcqsSnd+Vx\nt2evZyhOxr5+Q28RH7q2+vI20VeYE6SybC0YbIY/C/TZixo/V4h2VHMAJC1FMbYo\nsCXoKrXVHHuWtMueioKB7iXZ/59CfsQ2Fr8HjU2mQgIeb2r2KWXgvrwOegvo8tQM\nsdBPvYsUOgxu9PMqJ2vqZlk4Yg/xdceqt7wbBvkx0mvYWW1hLwUL2gXXSwRIzdEJ\nLj51vPFw9EpB1gWMlp2TxM24066UQzYJc9GA4orr3akrCBbzvrEYUhRNN2SuVfcL\ndf824dkhiOG5\n-----END CERTIFICATE-----\n" + }, + "immutable": null, + "kind": null, + "metadata": { + "annotations": { + "kubernetes.io/description": "Contains a CA bundle that can be used to verify the kube-apiserver when using internal endpoints such as the internal service IP or kubernetes.default.svc. No other usage is guaranteed across distributions of Kubernetes clusters." + }, + "creation_timestamp": "2024-02-27T04:27:55+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:data": { + ".": {}, + "f:ca.crt": {} + }, + "f:metadata": { + "f:annotations": { + ".": {}, + "f:kubernetes.io/description": {} + } + } + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T04:27:55+00:00" + } + ], + "name": "kube-root-ca.crt", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "618", + "self_link": null, + "uid": "a10cd95d-90be-4436-ab6f-1da2b2f148a0" + } + }, + "test-cluster-configmap": { + "api_version": null, + "binary_data": null, + "data": { + "env.sh": "#!/usr/bin/env bash\n\nDOMAIN=test-cluster-headless.acto-namespace.svc.cluster.local\nQUORUM_PORT=2888\nLEADER_PORT=3888\nCLIENT_HOST=test-cluster-client\nCLIENT_PORT=2181\nADMIN_SERVER_HOST=test-cluster-admin-server\nADMIN_SERVER_PORT=8080\nCLUSTER_NAME=test-cluster\nCLUSTER_SIZE=3\n", + "log4j-quiet.properties": "log4j.rootLogger=ERROR, CONSOLE\nlog4j.appender.CONSOLE=org.apache.log4j.ConsoleAppender\nlog4j.appender.CONSOLE.Threshold=ERROR\nlog4j.appender.CONSOLE.layout=org.apache.log4j.PatternLayout\nlog4j.appender.CONSOLE.layout.ConversionPattern=%d{ISO8601} [myid:%X{myid}] - %-5p [%t:%C{1}@%L] - %m%n\n", + "log4j.properties": "zookeeper.root.logger=CONSOLE\nzookeeper.console.threshold=INFO\nlog4j.rootLogger=${zookeeper.root.logger}\nlog4j.appender.CONSOLE=org.apache.log4j.ConsoleAppender\nlog4j.appender.CONSOLE.Threshold=${zookeeper.console.threshold}\nlog4j.appender.CONSOLE.layout=org.apache.log4j.PatternLayout\nlog4j.appender.CONSOLE.layout.ConversionPattern=%d{ISO8601} [myid:%X{myid}] - %-5p [%t:%C{1}@%L] - %m%n\n", + "zoo.cfg": "4lw.commands.whitelist=cons, envi, conf, crst, srvr, stat, mntr, ruok\ndataDir=/data\nstandaloneEnabled=false\nreconfigEnabled=true\nskipACL=yes\nmetricsProvider.className=org.apache.zookeeper.metrics.prometheus.PrometheusMetricsProvider\nmetricsProvider.httpPort=7000\nmetricsProvider.exportJvmInfo=true\ninitLimit=10\nsyncLimit=2\ntickTime=2000\nglobalOutstandingLimit=1000\npreAllocSize=65536\nsnapCount=10000\ncommitLogCount=500\nsnapSizeLimitInKb=4194304\nmaxCnxns=0\nmaxClientCnxns=60\nminSessionTimeout=4000\nmaxSessionTimeout=40000\nautopurge.snapRetainCount=3\nautopurge.purgeInterval=1\nquorumListenOnAllIPs=false\nadmin.serverPort=8080\ndynamicConfigFile=/data/zoo.cfg.dynamic\n" + }, + "immutable": null, + "kind": null, + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T04:28:26+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": { + "app": "test-cluster", + "release": "test-cluster" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:data": { + ".": {}, + "f:env.sh": {}, + "f:log4j-quiet.properties": {}, + "f:log4j.properties": {}, + "f:zoo.cfg": {} + }, + "f:metadata": { + "f:labels": { + ".": {}, + "f:app": {}, + "f:release": {} + }, + "f:ownerReferences": { + ".": {}, + "k:{\"uid\":\"5b55aa11-70e5-43b3-aee8-24fbe8180a7c\"}": {} + } + } + }, + "manager": "zookeeper-operator", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T04:28:26+00:00" + } + ], + "name": "test-cluster-configmap", + "namespace": "acto-namespace", + "owner_references": [ + { + "api_version": "zookeeper.pravega.io/v1beta1", + "block_owner_deletion": true, + "controller": true, + "kind": "ZookeeperCluster", + "name": "test-cluster", + "uid": "5b55aa11-70e5-43b3-aee8-24fbe8180a7c" + } + ], + "resource_version": "706", + "self_link": null, + "uid": "6a974065-fe15-4686-bc05-fb75ddda6c0b" + } + }, + "zookeeper-operator-lock": { + "api_version": null, + "binary_data": null, + "data": null, + "immutable": null, + "kind": null, + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T04:27:56+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:ownerReferences": { + ".": {}, + "k:{\"uid\":\"b75052f7-2f5d-4c24-9c77-cb51321f43a4\"}": {} + } + } + }, + "manager": "zookeeper-operator", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T04:27:56+00:00" + } + ], + "name": "zookeeper-operator-lock", + "namespace": "acto-namespace", + "owner_references": [ + { + "api_version": "v1", + "block_owner_deletion": null, + "controller": null, + "kind": "Pod", + "name": "acto-test-operator-zookeeper-operator-f56b66895-xgnpm", + "uid": "b75052f7-2f5d-4c24-9c77-cb51321f43a4" + } + ], + "resource_version": "648", + "self_link": null, + "uid": "86e2035c-4594-4db7-b908-d3ecc357bbc4" + } + } + }, + "service": { + "test-cluster-admin-server": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T04:28:26+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": { + "app": "test-cluster", + "headless": "false", + "owner-rv": "704", + "release": "test-cluster" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:labels": { + ".": {}, + "f:app": {}, + "f:headless": {}, + "f:owner-rv": {}, + "f:release": {} + }, + "f:ownerReferences": { + ".": {}, + "k:{\"uid\":\"5b55aa11-70e5-43b3-aee8-24fbe8180a7c\"}": {} + } + }, + "f:spec": { + "f:internalTrafficPolicy": {}, + "f:ports": { + ".": {}, + "k:{\"port\":8080,\"protocol\":\"TCP\"}": { + ".": {}, + "f:name": {}, + "f:port": {}, + "f:protocol": {}, + "f:targetPort": {} + } + }, + "f:selector": {}, + "f:sessionAffinity": {}, + "f:type": {} + } + }, + "manager": "zookeeper-operator", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T04:28:26+00:00" + } + ], + "name": "test-cluster-admin-server", + "namespace": "acto-namespace", + "owner_references": [ + { + "api_version": "zookeeper.pravega.io/v1beta1", + "block_owner_deletion": true, + "controller": true, + "kind": "ZookeeperCluster", + "name": "test-cluster", + "uid": "5b55aa11-70e5-43b3-aee8-24fbe8180a7c" + } + ], + "resource_version": "723", + "self_link": null, + "uid": "7cf99594-997f-4255-bdcb-e8da6a51a516" + }, + "spec": { + "allocate_load_balancer_node_ports": null, + "cluster_ip": "10.96.75.94", + "cluster_i_ps": [ + "10.96.75.94" + ], + "external_i_ps": null, + "external_name": null, + "external_traffic_policy": null, + "health_check_node_port": null, + "internal_traffic_policy": "Cluster", + "ip_families": [ + "IPv4" + ], + "ip_family_policy": "SingleStack", + "load_balancer_class": null, + "load_balancer_ip": null, + "load_balancer_source_ranges": null, + "ports": [ + { + "app_protocol": null, + "name": "tcp-admin-server", + "node_port": null, + "port": 8080, + "protocol": "TCP", + "target_port": 8080 + } + ], + "publish_not_ready_addresses": null, + "selector": { + "app": "test-cluster" + }, + "session_affinity": "None", + "session_affinity_config": null, + "type": "ClusterIP" + }, + "status": { + "conditions": null, + "load_balancer": { + "ingress": null + } + } + }, + "test-cluster-client": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T04:28:26+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": { + "app": "test-cluster", + "headless": "false", + "owner-rv": "704", + "release": "test-cluster" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:labels": { + ".": {}, + "f:app": {}, + "f:headless": {}, + "f:owner-rv": {}, + "f:release": {} + }, + "f:ownerReferences": { + ".": {}, + "k:{\"uid\":\"5b55aa11-70e5-43b3-aee8-24fbe8180a7c\"}": {} + } + }, + "f:spec": { + "f:internalTrafficPolicy": {}, + "f:ports": { + ".": {}, + "k:{\"port\":2181,\"protocol\":\"TCP\"}": { + ".": {}, + "f:name": {}, + "f:port": {}, + "f:protocol": {}, + "f:targetPort": {} + } + }, + "f:selector": {}, + "f:sessionAffinity": {}, + "f:type": {} + } + }, + "manager": "zookeeper-operator", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T04:28:26+00:00" + } + ], + "name": "test-cluster-client", + "namespace": "acto-namespace", + "owner_references": [ + { + "api_version": "zookeeper.pravega.io/v1beta1", + "block_owner_deletion": true, + "controller": true, + "kind": "ZookeeperCluster", + "name": "test-cluster", + "uid": "5b55aa11-70e5-43b3-aee8-24fbe8180a7c" + } + ], + "resource_version": "710", + "self_link": null, + "uid": "228b5e54-94bc-4a99-9e4b-67cc659c3584" + }, + "spec": { + "allocate_load_balancer_node_ports": null, + "cluster_ip": "10.96.250.171", + "cluster_i_ps": [ + "10.96.250.171" + ], + "external_i_ps": null, + "external_name": null, + "external_traffic_policy": null, + "health_check_node_port": null, + "internal_traffic_policy": "Cluster", + "ip_families": [ + "IPv4" + ], + "ip_family_policy": "SingleStack", + "load_balancer_class": null, + "load_balancer_ip": null, + "load_balancer_source_ranges": null, + "ports": [ + { + "app_protocol": null, + "name": "tcp-client", + "node_port": null, + "port": 2181, + "protocol": "TCP", + "target_port": 2181 + } + ], + "publish_not_ready_addresses": null, + "selector": { + "app": "test-cluster" + }, + "session_affinity": "None", + "session_affinity_config": null, + "type": "ClusterIP" + }, + "status": { + "conditions": null, + "load_balancer": { + "ingress": null + } + } + }, + "test-cluster-headless": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T04:28:26+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": { + "app": "test-cluster", + "headless": "true", + "owner-rv": "704", + "release": "test-cluster" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:labels": { + ".": {}, + "f:app": {}, + "f:headless": {}, + "f:owner-rv": {}, + "f:release": {} + }, + "f:ownerReferences": { + ".": {}, + "k:{\"uid\":\"5b55aa11-70e5-43b3-aee8-24fbe8180a7c\"}": {} + } + }, + "f:spec": { + "f:clusterIP": {}, + "f:internalTrafficPolicy": {}, + "f:ports": { + ".": {}, + "k:{\"port\":2181,\"protocol\":\"TCP\"}": { + ".": {}, + "f:name": {}, + "f:port": {}, + "f:protocol": {}, + "f:targetPort": {} + }, + "k:{\"port\":2888,\"protocol\":\"TCP\"}": { + ".": {}, + "f:name": {}, + "f:port": {}, + "f:protocol": {}, + "f:targetPort": {} + }, + "k:{\"port\":3888,\"protocol\":\"TCP\"}": { + ".": {}, + "f:name": {}, + "f:port": {}, + "f:protocol": {}, + "f:targetPort": {} + }, + "k:{\"port\":7000,\"protocol\":\"TCP\"}": { + ".": {}, + "f:name": {}, + "f:port": {}, + "f:protocol": {}, + "f:targetPort": {} + }, + "k:{\"port\":8080,\"protocol\":\"TCP\"}": { + ".": {}, + "f:name": {}, + "f:port": {}, + "f:protocol": {}, + "f:targetPort": {} + } + }, + "f:selector": {}, + "f:sessionAffinity": {}, + "f:type": {} + } + }, + "manager": "zookeeper-operator", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T04:28:26+00:00" + } + ], + "name": "test-cluster-headless", + "namespace": "acto-namespace", + "owner_references": [ + { + "api_version": "zookeeper.pravega.io/v1beta1", + "block_owner_deletion": true, + "controller": true, + "kind": "ZookeeperCluster", + "name": "test-cluster", + "uid": "5b55aa11-70e5-43b3-aee8-24fbe8180a7c" + } + ], + "resource_version": "714", + "self_link": null, + "uid": "c4fa9fd8-3766-4886-b96a-b93bfbc64aaa" + }, + "spec": { + "allocate_load_balancer_node_ports": null, + "cluster_ip": "None", + "cluster_i_ps": [ + "None" + ], + "external_i_ps": null, + "external_name": null, + "external_traffic_policy": null, + "health_check_node_port": null, + "internal_traffic_policy": "Cluster", + "ip_families": [ + "IPv4" + ], + "ip_family_policy": "SingleStack", + "load_balancer_class": null, + "load_balancer_ip": null, + "load_balancer_source_ranges": null, + "ports": [ + { + "app_protocol": null, + "name": "tcp-client", + "node_port": null, + "port": 2181, + "protocol": "TCP", + "target_port": 2181 + }, + { + "app_protocol": null, + "name": "tcp-quorum", + "node_port": null, + "port": 2888, + "protocol": "TCP", + "target_port": 2888 + }, + { + "app_protocol": null, + "name": "tcp-leader-election", + "node_port": null, + "port": 3888, + "protocol": "TCP", + "target_port": 3888 + }, + { + "app_protocol": null, + "name": "tcp-metrics", + "node_port": null, + "port": 7000, + "protocol": "TCP", + "target_port": 7000 + }, + { + "app_protocol": null, + "name": "tcp-admin-server", + "node_port": null, + "port": 8080, + "protocol": "TCP", + "target_port": 8080 + } + ], + "publish_not_ready_addresses": null, + "selector": { + "app": "test-cluster" + }, + "session_affinity": "None", + "session_affinity_config": null, + "type": "ClusterIP" + }, + "status": { + "conditions": null, + "load_balancer": { + "ingress": null + } + } + } + }, + "pvc": { + "data-test-cluster-0": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": { + "pv.kubernetes.io/bind-completed": "yes", + "pv.kubernetes.io/bound-by-controller": "yes", + "volume.beta.kubernetes.io/storage-provisioner": "rancher.io/local-path", + "volume.kubernetes.io/selected-node": "acto-0-cluster-0-worker3", + "volume.kubernetes.io/storage-provisioner": "rancher.io/local-path" + }, + "creation_timestamp": "2024-02-27T04:28:26+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": [ + "kubernetes.io/pvc-protection" + ], + "generate_name": null, + "generation": null, + "labels": { + "app": "test-cluster", + "release": "test-cluster", + "uid": "5b55aa11-70e5-43b3-aee8-24fbe8180a7c" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + ".": {}, + "f:volume.kubernetes.io/selected-node": {} + } + } + }, + "manager": "kube-scheduler", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T04:28:26+00:00" + }, + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + "f:pv.kubernetes.io/bind-completed": {}, + "f:pv.kubernetes.io/bound-by-controller": {}, + "f:volume.beta.kubernetes.io/storage-provisioner": {}, + "f:volume.kubernetes.io/storage-provisioner": {} + }, + "f:labels": { + ".": {}, + "f:app": {}, + "f:release": {}, + "f:uid": {} + } + }, + "f:spec": { + "f:accessModes": {}, + "f:resources": { + "f:requests": { + ".": {}, + "f:storage": {} + } + }, + "f:storageClassName": {}, + "f:volumeMode": {}, + "f:volumeName": {} + } + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T04:28:29+00:00" + }, + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:status": { + "f:accessModes": {}, + "f:capacity": { + ".": {}, + "f:storage": {} + }, + "f:phase": {} + } + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": "status", + "time": "2024-02-27T04:28:29+00:00" + } + ], + "name": "data-test-cluster-0", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "752", + "self_link": null, + "uid": "8211e23f-273c-4f5e-8d6b-a7791954a1ad" + }, + "spec": { + "access_modes": [ + "ReadWriteOnce" + ], + "data_source": null, + "data_source_ref": null, + "resources": { + "claims": null, + "limits": null, + "requests": { + "storage": "20Gi" + } + }, + "selector": null, + "storage_class_name": "standard", + "volume_mode": "Filesystem", + "volume_name": "pvc-8211e23f-273c-4f5e-8d6b-a7791954a1ad" + }, + "status": { + "access_modes": [ + "ReadWriteOnce" + ], + "allocated_resources": null, + "capacity": { + "storage": "20Gi" + }, + "conditions": null, + "phase": "Bound", + "resize_status": null + } + }, + "data-test-cluster-1": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": { + "pv.kubernetes.io/bind-completed": "yes", + "pv.kubernetes.io/bound-by-controller": "yes", + "volume.beta.kubernetes.io/storage-provisioner": "rancher.io/local-path", + "volume.kubernetes.io/selected-node": "acto-0-cluster-0-worker2", + "volume.kubernetes.io/storage-provisioner": "rancher.io/local-path" + }, + "creation_timestamp": "2024-02-27T04:28:40+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": [ + "kubernetes.io/pvc-protection" + ], + "generate_name": null, + "generation": null, + "labels": { + "app": "test-cluster", + "release": "test-cluster", + "uid": "5b55aa11-70e5-43b3-aee8-24fbe8180a7c" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + ".": {}, + "f:volume.kubernetes.io/selected-node": {} + } + } + }, + "manager": "kube-scheduler", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T04:28:40+00:00" + }, + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + "f:pv.kubernetes.io/bind-completed": {}, + "f:pv.kubernetes.io/bound-by-controller": {}, + "f:volume.beta.kubernetes.io/storage-provisioner": {}, + "f:volume.kubernetes.io/storage-provisioner": {} + }, + "f:labels": { + ".": {}, + "f:app": {}, + "f:release": {}, + "f:uid": {} + } + }, + "f:spec": { + "f:accessModes": {}, + "f:resources": { + "f:requests": { + ".": {}, + "f:storage": {} + } + }, + "f:storageClassName": {}, + "f:volumeMode": {}, + "f:volumeName": {} + } + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T04:28:43+00:00" + }, + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:status": { + "f:accessModes": {}, + "f:capacity": { + ".": {}, + "f:storage": {} + }, + "f:phase": {} + } + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": "status", + "time": "2024-02-27T04:28:43+00:00" + } + ], + "name": "data-test-cluster-1", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "819", + "self_link": null, + "uid": "b8c6a1b0-0e69-48a2-9fc8-f1a89199e606" + }, + "spec": { + "access_modes": [ + "ReadWriteOnce" + ], + "data_source": null, + "data_source_ref": null, + "resources": { + "claims": null, + "limits": null, + "requests": { + "storage": "20Gi" + } + }, + "selector": null, + "storage_class_name": "standard", + "volume_mode": "Filesystem", + "volume_name": "pvc-b8c6a1b0-0e69-48a2-9fc8-f1a89199e606" + }, + "status": { + "access_modes": [ + "ReadWriteOnce" + ], + "allocated_resources": null, + "capacity": { + "storage": "20Gi" + }, + "conditions": null, + "phase": "Bound", + "resize_status": null + } + }, + "data-test-cluster-2": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": { + "pv.kubernetes.io/bind-completed": "yes", + "pv.kubernetes.io/bound-by-controller": "yes", + "volume.beta.kubernetes.io/storage-provisioner": "rancher.io/local-path", + "volume.kubernetes.io/selected-node": "acto-0-cluster-0-worker", + "volume.kubernetes.io/storage-provisioner": "rancher.io/local-path" + }, + "creation_timestamp": "2024-02-27T04:29:27+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": [ + "kubernetes.io/pvc-protection" + ], + "generate_name": null, + "generation": null, + "labels": { + "app": "test-cluster", + "release": "test-cluster", + "uid": "5b55aa11-70e5-43b3-aee8-24fbe8180a7c" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + ".": {}, + "f:volume.kubernetes.io/selected-node": {} + } + } + }, + "manager": "kube-scheduler", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T04:29:27+00:00" + }, + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + "f:pv.kubernetes.io/bind-completed": {}, + "f:pv.kubernetes.io/bound-by-controller": {}, + "f:volume.beta.kubernetes.io/storage-provisioner": {}, + "f:volume.kubernetes.io/storage-provisioner": {} + }, + "f:labels": { + ".": {}, + "f:app": {}, + "f:release": {}, + "f:uid": {} + } + }, + "f:spec": { + "f:accessModes": {}, + "f:resources": { + "f:requests": { + ".": {}, + "f:storage": {} + } + }, + "f:storageClassName": {}, + "f:volumeMode": {}, + "f:volumeName": {} + } + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T04:29:30+00:00" + }, + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:status": { + "f:accessModes": {}, + "f:capacity": { + ".": {}, + "f:storage": {} + }, + "f:phase": {} + } + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": "status", + "time": "2024-02-27T04:29:30+00:00" + } + ], + "name": "data-test-cluster-2", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "952", + "self_link": null, + "uid": "47ad8dc1-68a9-4120-bda1-27f533dcb698" + }, + "spec": { + "access_modes": [ + "ReadWriteOnce" + ], + "data_source": null, + "data_source_ref": null, + "resources": { + "claims": null, + "limits": null, + "requests": { + "storage": "20Gi" + } + }, + "selector": null, + "storage_class_name": "standard", + "volume_mode": "Filesystem", + "volume_name": "pvc-47ad8dc1-68a9-4120-bda1-27f533dcb698" + }, + "status": { + "access_modes": [ + "ReadWriteOnce" + ], + "allocated_resources": null, + "capacity": { + "storage": "20Gi" + }, + "conditions": null, + "phase": "Bound", + "resize_status": null + } + } + }, + "cronjob": {}, + "ingress": {}, + "network_policy": {}, + "pod_disruption_budget": {}, + "secret": {}, + "endpoints": { + "test-cluster-admin-server": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": { + "endpoints.kubernetes.io/last-change-trigger-time": "2024-02-27T04:29:43Z" + }, + "creation_timestamp": "2024-02-27T04:28:26+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": { + "app": "test-cluster", + "headless": "false", + "owner-rv": "704", + "release": "test-cluster" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + ".": {}, + "f:endpoints.kubernetes.io/last-change-trigger-time": {} + }, + "f:labels": { + ".": {}, + "f:app": {}, + "f:headless": {}, + "f:owner-rv": {}, + "f:release": {} + } + }, + "f:subsets": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T04:29:43+00:00" + } + ], + "name": "test-cluster-admin-server", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "991", + "self_link": null, + "uid": "ecf9a993-d8e9-4db0-9e77-a815721e5e8e" + }, + "subsets": [ + { + "addresses": [ + { + "hostname": null, + "ip": "10.244.1.4", + "node_name": "acto-0-cluster-0-worker", + "target_ref": { + "api_version": null, + "field_path": null, + "kind": "Pod", + "name": "test-cluster-2", + "namespace": "acto-namespace", + "resource_version": null, + "uid": "ba425a9d-cf57-4e27-8ef2-a64a42681f9e" + } + }, + { + "hostname": null, + "ip": "10.244.2.3", + "node_name": "acto-0-cluster-0-worker2", + "target_ref": { + "api_version": null, + "field_path": null, + "kind": "Pod", + "name": "test-cluster-1", + "namespace": "acto-namespace", + "resource_version": null, + "uid": "29624fa3-b1bd-4a49-b9ce-4a745541e131" + } + }, + { + "hostname": null, + "ip": "10.244.3.3", + "node_name": "acto-0-cluster-0-worker3", + "target_ref": { + "api_version": null, + "field_path": null, + "kind": "Pod", + "name": "test-cluster-0", + "namespace": "acto-namespace", + "resource_version": null, + "uid": "18231edd-dc42-4fd5-8319-07d839343e12" + } + } + ], + "not_ready_addresses": null, + "ports": [ + { + "app_protocol": null, + "name": "tcp-admin-server", + "port": 8080, + "protocol": "TCP" + } + ] + } + ] + }, + "test-cluster-client": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": { + "endpoints.kubernetes.io/last-change-trigger-time": "2024-02-27T04:29:43Z" + }, + "creation_timestamp": "2024-02-27T04:28:26+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": { + "app": "test-cluster", + "headless": "false", + "owner-rv": "704", + "release": "test-cluster" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + ".": {}, + "f:endpoints.kubernetes.io/last-change-trigger-time": {} + }, + "f:labels": { + ".": {}, + "f:app": {}, + "f:headless": {}, + "f:owner-rv": {}, + "f:release": {} + } + }, + "f:subsets": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T04:29:43+00:00" + } + ], + "name": "test-cluster-client", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "988", + "self_link": null, + "uid": "c30cd621-85fb-4608-9558-5018f0d0cc09" + }, + "subsets": [ + { + "addresses": [ + { + "hostname": null, + "ip": "10.244.1.4", + "node_name": "acto-0-cluster-0-worker", + "target_ref": { + "api_version": null, + "field_path": null, + "kind": "Pod", + "name": "test-cluster-2", + "namespace": "acto-namespace", + "resource_version": null, + "uid": "ba425a9d-cf57-4e27-8ef2-a64a42681f9e" + } + }, + { + "hostname": null, + "ip": "10.244.2.3", + "node_name": "acto-0-cluster-0-worker2", + "target_ref": { + "api_version": null, + "field_path": null, + "kind": "Pod", + "name": "test-cluster-1", + "namespace": "acto-namespace", + "resource_version": null, + "uid": "29624fa3-b1bd-4a49-b9ce-4a745541e131" + } + }, + { + "hostname": null, + "ip": "10.244.3.3", + "node_name": "acto-0-cluster-0-worker3", + "target_ref": { + "api_version": null, + "field_path": null, + "kind": "Pod", + "name": "test-cluster-0", + "namespace": "acto-namespace", + "resource_version": null, + "uid": "18231edd-dc42-4fd5-8319-07d839343e12" + } + } + ], + "not_ready_addresses": null, + "ports": [ + { + "app_protocol": null, + "name": "tcp-client", + "port": 2181, + "protocol": "TCP" + } + ] + } + ] + }, + "test-cluster-headless": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": { + "endpoints.kubernetes.io/last-change-trigger-time": "2024-02-27T04:29:43Z" + }, + "creation_timestamp": "2024-02-27T04:28:26+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": { + "app": "test-cluster", + "headless": "true", + "owner-rv": "704", + "release": "test-cluster", + "service.kubernetes.io/headless": "" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + ".": {}, + "f:endpoints.kubernetes.io/last-change-trigger-time": {} + }, + "f:labels": { + ".": {}, + "f:app": {}, + "f:headless": {}, + "f:owner-rv": {}, + "f:release": {}, + "f:service.kubernetes.io/headless": {} + } + }, + "f:subsets": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T04:29:43+00:00" + } + ], + "name": "test-cluster-headless", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "989", + "self_link": null, + "uid": "2a224cdf-2b56-4249-9850-afee23de615c" + }, + "subsets": [ + { + "addresses": [ + { + "hostname": "test-cluster-2", + "ip": "10.244.1.4", + "node_name": "acto-0-cluster-0-worker", + "target_ref": { + "api_version": null, + "field_path": null, + "kind": "Pod", + "name": "test-cluster-2", + "namespace": "acto-namespace", + "resource_version": null, + "uid": "ba425a9d-cf57-4e27-8ef2-a64a42681f9e" + } + }, + { + "hostname": "test-cluster-1", + "ip": "10.244.2.3", + "node_name": "acto-0-cluster-0-worker2", + "target_ref": { + "api_version": null, + "field_path": null, + "kind": "Pod", + "name": "test-cluster-1", + "namespace": "acto-namespace", + "resource_version": null, + "uid": "29624fa3-b1bd-4a49-b9ce-4a745541e131" + } + }, + { + "hostname": "test-cluster-0", + "ip": "10.244.3.3", + "node_name": "acto-0-cluster-0-worker3", + "target_ref": { + "api_version": null, + "field_path": null, + "kind": "Pod", + "name": "test-cluster-0", + "namespace": "acto-namespace", + "resource_version": null, + "uid": "18231edd-dc42-4fd5-8319-07d839343e12" + } + } + ], + "not_ready_addresses": null, + "ports": [ + { + "app_protocol": null, + "name": "tcp-quorum", + "port": 2888, + "protocol": "TCP" + }, + { + "app_protocol": null, + "name": "tcp-metrics", + "port": 7000, + "protocol": "TCP" + }, + { + "app_protocol": null, + "name": "tcp-client", + "port": 2181, + "protocol": "TCP" + }, + { + "app_protocol": null, + "name": "tcp-admin-server", + "port": 8080, + "protocol": "TCP" + }, + { + "app_protocol": null, + "name": "tcp-leader-election", + "port": 3888, + "protocol": "TCP" + } + ] + } + ] + } + }, + "service_account": { + "default": { + "api_version": null, + "automount_service_account_token": null, + "image_pull_secrets": null, + "kind": null, + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T04:27:55+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": null, + "name": "default", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "619", + "self_link": null, + "uid": "3d5925cb-2a0c-4e81-8024-82fa86c15eb1" + }, + "secrets": null + }, + "zookeeper-operator": { + "api_version": null, + "automount_service_account_token": null, + "image_pull_secrets": null, + "kind": null, + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T04:27:55+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": { + "app.kubernetes.io/managed-by": "Helm", + "app.kubernetes.io/name": "zookeeper-operator", + "app.kubernetes.io/version": "0.2.13", + "helm.sh/chart": "zookeeper-operator-0.2.13" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:labels": { + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {}, + "f:app.kubernetes.io/version": {}, + "f:helm.sh/chart": {} + } + } + }, + "manager": "kubectl", + "operation": "Apply", + "subresource": null, + "time": "2024-02-27T04:27:55+00:00" + } + ], + "name": "zookeeper-operator", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "621", + "self_link": null, + "uid": "9dd1aed1-1a4c-4a4c-ad8b-5d9d6a785426" + }, + "secrets": null + } + }, + "job": {}, + "role": { + "acto-test-operator-zookeeper-operator": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T04:27:55+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": { + "app.kubernetes.io/managed-by": "Helm", + "app.kubernetes.io/name": "zookeeper-operator", + "app.kubernetes.io/version": "0.2.13", + "helm.sh/chart": "zookeeper-operator-0.2.13" + }, + "managed_fields": [ + { + "api_version": "rbac.authorization.k8s.io/v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:labels": { + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {}, + "f:app.kubernetes.io/version": {}, + "f:helm.sh/chart": {} + } + }, + "f:rules": {} + }, + "manager": "kubectl", + "operation": "Apply", + "subresource": null, + "time": "2024-02-27T04:27:55+00:00" + } + ], + "name": "acto-test-operator-zookeeper-operator", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "627", + "self_link": null, + "uid": "e948c235-d387-480d-8a3e-b4a7e83c3ef2" + }, + "rules": [ + { + "api_groups": [ + "zookeeper.pravega.io" + ], + "non_resource_ur_ls": null, + "resource_names": null, + "resources": [ + "*" + ], + "verbs": [ + "*" + ] + }, + { + "api_groups": [ + "" + ], + "non_resource_ur_ls": null, + "resource_names": null, + "resources": [ + "pods", + "services", + "endpoints", + "persistentvolumeclaims", + "events", + "configmaps", + "secrets" + ], + "verbs": [ + "*" + ] + }, + { + "api_groups": [ + "apps" + ], + "non_resource_ur_ls": null, + "resource_names": null, + "resources": [ + "deployments", + "daemonsets", + "replicasets", + "statefulsets" + ], + "verbs": [ + "*" + ] + }, + { + "api_groups": [ + "policy" + ], + "non_resource_ur_ls": null, + "resource_names": null, + "resources": [ + "poddisruptionbudgets" + ], + "verbs": [ + "*" + ] + } + ] + } + }, + "role_binding": { + "acto-test-operator-zookeeper-operator": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T04:27:55+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": { + "app.kubernetes.io/managed-by": "Helm", + "app.kubernetes.io/name": "zookeeper-operator", + "app.kubernetes.io/version": "0.2.13", + "helm.sh/chart": "zookeeper-operator-0.2.13" + }, + "managed_fields": [ + { + "api_version": "rbac.authorization.k8s.io/v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:labels": { + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {}, + "f:app.kubernetes.io/version": {}, + "f:helm.sh/chart": {} + } + }, + "f:roleRef": {}, + "f:subjects": {} + }, + "manager": "kubectl", + "operation": "Apply", + "subresource": null, + "time": "2024-02-27T04:27:55+00:00" + } + ], + "name": "acto-test-operator-zookeeper-operator", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "628", + "self_link": null, + "uid": "4b66e029-90e6-4475-86ff-e7232bff53b2" + }, + "role_ref": { + "api_group": "rbac.authorization.k8s.io", + "kind": "Role", + "name": "acto-test-operator-zookeeper-operator" + }, + "subjects": [ + { + "api_group": null, + "kind": "ServiceAccount", + "name": "zookeeper-operator", + "namespace": null + } + ] + } + }, + "custom_resource_spec": { + "adminServerService": {}, + "clientService": {}, + "config": { + "autoPurgePurgeInterval": 1, + "autoPurgeSnapRetainCount": 3, + "commitLogCount": 500, + "globalOutstandingLimit": 1000, + "initLimit": 10, + "maxClientCnxns": 60, + "maxSessionTimeout": 40000, + "minSessionTimeout": 4000, + "preAllocSize": 65536, + "snapCount": 10000, + "snapSizeLimitInKb": 4194304, + "syncLimit": 2, + "tickTime": 2000 + }, + "ephemeral": { + "emptydirvolumesource": { + "sizeLimit": "2Gi" + } + }, + "headlessService": {}, + "image": { + "pullPolicy": "IfNotPresent", + "repository": "pravega/zookeeper", + "tag": "0.2.14" + }, + "labels": { + "app": "test-cluster", + "release": "test-cluster" + }, + "persistence": { + "reclaimPolicy": "Delete", + "spec": { + "accessModes": [ + "ReadWriteOnce" + ], + "resources": { + "requests": { + "storage": "20Gi" + } + }, + "storageClassName": "standard" + } + }, + "pod": { + "affinity": { + "podAntiAffinity": { + "preferredDuringSchedulingIgnoredDuringExecution": [ + { + "podAffinityTerm": { + "labelSelector": { + "matchExpressions": [ + { + "key": "app", + "operator": "In", + "values": [ + "test-cluster" + ] + } + ] + }, + "topologyKey": "kubernetes.io/hostname" + }, + "weight": 20 + } + ] + } + }, + "labels": { + "app": "test-cluster", + "release": "test-cluster" + }, + "resources": {}, + "serviceAccountName": "default", + "terminationGracePeriodSeconds": 30 + }, + "ports": [ + { + "containerPort": 2181, + "name": "client" + }, + { + "containerPort": 2888, + "name": "quorum" + }, + { + "containerPort": 3888, + "name": "leader-election" + }, + { + "containerPort": 7000, + "name": "metrics" + }, + { + "containerPort": 8080, + "name": "admin-server" + } + ], + "probes": { + "livenessProbe": { + "failureThreshold": 3, + "initialDelaySeconds": 10, + "periodSeconds": 10, + "successThreshold": 0, + "timeoutSeconds": 10 + }, + "readinessProbe": { + "failureThreshold": 3, + "initialDelaySeconds": 10, + "periodSeconds": 10, + "successThreshold": 1, + "timeoutSeconds": 10 + } + }, + "replicas": 3, + "storageType": "persistence" + }, + "custom_resource_status": null +} diff --git a/docs/alarm_examples/misoperation/events--01.json b/docs/alarm_examples/misoperation/events--01.json new file mode 100644 index 0000000000..03b523138c --- /dev/null +++ b/docs/alarm_examples/misoperation/events--01.json @@ -0,0 +1,11482 @@ +{ + "api_version": "v1", + "items": [ + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:19:59+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "PersistentVolumeClaim", + "name": "pd-test-cluster-pd-0", + "namespace": "acto-namespace", + "resource_version": "887", + "uid": "6e74bcf6-9557-43e9-975d-c258e0774be5" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:19:59+00:00", + "message": "waiting for first consumer to be created before binding", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:19:59+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:59+00:00" + } + ], + "name": "pd-test-cluster-pd-0.17b79388ec975231", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "893", + "self_link": null, + "uid": "7692a623-a1f3-4fa6-b1e1-acfb0465a5f9" + }, + "reason": "WaitForFirstConsumer", + "related": null, + "reporting_component": "persistentvolume-controller", + "reporting_instance": "", + "series": null, + "source": { + "component": "persistentvolume-controller", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:19:59+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "PersistentVolumeClaim", + "name": "pd-test-cluster-pd-0", + "namespace": "acto-namespace", + "resource_version": "899", + "uid": "6e74bcf6-9557-43e9-975d-c258e0774be5" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:19:59+00:00", + "message": "Waiting for a volume to be created either by the external provisioner 'rancher.io/local-path' or manually by the system administrator. If volume creation is delayed, please verify that the provisioner is running and correctly registered.", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:19:59+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:59+00:00" + } + ], + "name": "pd-test-cluster-pd-0.17b79388eddd4b8d", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "907", + "self_link": null, + "uid": "2a3f90a4-a6c0-4fed-9419-a50c4187f854" + }, + "reason": "ExternalProvisioning", + "related": null, + "reporting_component": "persistentvolume-controller", + "reporting_instance": "", + "series": null, + "source": { + "component": "persistentvolume-controller", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:19:59+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "PersistentVolumeClaim", + "name": "pd-test-cluster-pd-0", + "namespace": "acto-namespace", + "resource_version": "899", + "uid": "6e74bcf6-9557-43e9-975d-c258e0774be5" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:19:59+00:00", + "message": "External provisioner is provisioning volume for claim \"acto-namespace/pd-test-cluster-pd-0\"", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:19:59+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "local-path-provisioner", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:59+00:00" + } + ], + "name": "pd-test-cluster-pd-0.17b79388eeb853b0", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "911", + "self_link": null, + "uid": "dc4c5f1d-cf00-4052-bdc2-72ea5a533a4c" + }, + "reason": "Provisioning", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "rancher.io/local-path_local-path-provisioner-6f8956fb48-lwlfv_e2117ef4-1e8a-440b-bb31-b48086ca1c88", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:02+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "PersistentVolumeClaim", + "name": "pd-test-cluster-pd-0", + "namespace": "acto-namespace", + "resource_version": "899", + "uid": "6e74bcf6-9557-43e9-975d-c258e0774be5" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:02+00:00", + "message": "Successfully provisioned volume pvc-6e74bcf6-9557-43e9-975d-c258e0774be5", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:02+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "local-path-provisioner", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:02+00:00" + } + ], + "name": "pd-test-cluster-pd-0.17b79389a3f8a69c", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "970", + "self_link": null, + "uid": "f6f0dbe6-cefd-42af-be0b-5c1280b014a7" + }, + "reason": "ProvisioningSucceeded", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "rancher.io/local-path_local-path-provisioner-6f8956fb48-lwlfv_e2117ef4-1e8a-440b-bb31-b48086ca1c88", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:19:59+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "PersistentVolumeClaim", + "name": "pd-test-cluster-pd-1", + "namespace": "acto-namespace", + "resource_version": "891", + "uid": "4347573f-2369-4cd1-aa31-97a0edae4ab5" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:19:59+00:00", + "message": "waiting for first consumer to be created before binding", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:19:59+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:59+00:00" + } + ], + "name": "pd-test-cluster-pd-1.17b79388ed57f4fb", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "898", + "self_link": null, + "uid": "6a7920b6-8051-4c87-83b1-e9c7ac579207" + }, + "reason": "WaitForFirstConsumer", + "related": null, + "reporting_component": "persistentvolume-controller", + "reporting_instance": "", + "series": null, + "source": { + "component": "persistentvolume-controller", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 2, + "event_time": null, + "first_timestamp": "2024-02-27T01:19:59+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "PersistentVolumeClaim", + "name": "pd-test-cluster-pd-1", + "namespace": "acto-namespace", + "resource_version": "910", + "uid": "4347573f-2369-4cd1-aa31-97a0edae4ab5" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:19:59+00:00", + "message": "Waiting for a volume to be created either by the external provisioner 'rancher.io/local-path' or manually by the system administrator. If volume creation is delayed, please verify that the provisioner is running and correctly registered.", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:19:59+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:59+00:00" + } + ], + "name": "pd-test-cluster-pd-1.17b79388eed13cb8", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "920", + "self_link": null, + "uid": "c1eacb59-48bc-4fcc-b031-1baf1f321f9a" + }, + "reason": "ExternalProvisioning", + "related": null, + "reporting_component": "persistentvolume-controller", + "reporting_instance": "", + "series": null, + "source": { + "component": "persistentvolume-controller", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:19:59+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "PersistentVolumeClaim", + "name": "pd-test-cluster-pd-1", + "namespace": "acto-namespace", + "resource_version": "910", + "uid": "4347573f-2369-4cd1-aa31-97a0edae4ab5" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:19:59+00:00", + "message": "External provisioner is provisioning volume for claim \"acto-namespace/pd-test-cluster-pd-1\"", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:19:59+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "local-path-provisioner", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:59+00:00" + } + ], + "name": "pd-test-cluster-pd-1.17b79388ef19449a", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "915", + "self_link": null, + "uid": "1ab4d84f-0ca7-406e-a1b3-0a45d2c37c12" + }, + "reason": "Provisioning", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "rancher.io/local-path_local-path-provisioner-6f8956fb48-lwlfv_e2117ef4-1e8a-440b-bb31-b48086ca1c88", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:03+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "PersistentVolumeClaim", + "name": "pd-test-cluster-pd-1", + "namespace": "acto-namespace", + "resource_version": "910", + "uid": "4347573f-2369-4cd1-aa31-97a0edae4ab5" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:03+00:00", + "message": "Successfully provisioned volume pvc-4347573f-2369-4cd1-aa31-97a0edae4ab5", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:03+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "local-path-provisioner", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:03+00:00" + } + ], + "name": "pd-test-cluster-pd-1.17b79389d09ca68a", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "990", + "self_link": null, + "uid": "8e007679-a668-474e-9512-fcf90dab5019" + }, + "reason": "ProvisioningSucceeded", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "rancher.io/local-path_local-path-provisioner-6f8956fb48-lwlfv_e2117ef4-1e8a-440b-bb31-b48086ca1c88", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:19:59+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "PersistentVolumeClaim", + "name": "pd-test-cluster-pd-2", + "namespace": "acto-namespace", + "resource_version": "892", + "uid": "4ca5c277-cce5-49c9-8693-75ec1a7ef074" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:19:59+00:00", + "message": "waiting for first consumer to be created before binding", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:19:59+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:59+00:00" + } + ], + "name": "pd-test-cluster-pd-2.17b79388ed590aa1", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "904", + "self_link": null, + "uid": "bcacad43-3460-4b97-b472-b8c38e58bd82" + }, + "reason": "WaitForFirstConsumer", + "related": null, + "reporting_component": "persistentvolume-controller", + "reporting_instance": "", + "series": null, + "source": { + "component": "persistentvolume-controller", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:19:59+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "PersistentVolumeClaim", + "name": "pd-test-cluster-pd-2", + "namespace": "acto-namespace", + "resource_version": "909", + "uid": "4ca5c277-cce5-49c9-8693-75ec1a7ef074" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:19:59+00:00", + "message": "Waiting for a volume to be created either by the external provisioner 'rancher.io/local-path' or manually by the system administrator. If volume creation is delayed, please verify that the provisioner is running and correctly registered.", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:19:59+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:59+00:00" + } + ], + "name": "pd-test-cluster-pd-2.17b79388eed553c1", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "914", + "self_link": null, + "uid": "84745bd3-558c-4e5f-8e4e-fe4cbf939aa5" + }, + "reason": "ExternalProvisioning", + "related": null, + "reporting_component": "persistentvolume-controller", + "reporting_instance": "", + "series": null, + "source": { + "component": "persistentvolume-controller", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:19:59+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "PersistentVolumeClaim", + "name": "pd-test-cluster-pd-2", + "namespace": "acto-namespace", + "resource_version": "909", + "uid": "4ca5c277-cce5-49c9-8693-75ec1a7ef074" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:19:59+00:00", + "message": "External provisioner is provisioning volume for claim \"acto-namespace/pd-test-cluster-pd-2\"", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:19:59+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "local-path-provisioner", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:59+00:00" + } + ], + "name": "pd-test-cluster-pd-2.17b79388ef1fc895", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "918", + "self_link": null, + "uid": "7ed22656-c385-4924-9988-1f53d1086d55" + }, + "reason": "Provisioning", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "rancher.io/local-path_local-path-provisioner-6f8956fb48-lwlfv_e2117ef4-1e8a-440b-bb31-b48086ca1c88", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:03+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "PersistentVolumeClaim", + "name": "pd-test-cluster-pd-2", + "namespace": "acto-namespace", + "resource_version": "909", + "uid": "4ca5c277-cce5-49c9-8693-75ec1a7ef074" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:03+00:00", + "message": "Successfully provisioned volume pvc-4ca5c277-cce5-49c9-8693-75ec1a7ef074", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:03+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "local-path-provisioner", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:03+00:00" + } + ], + "name": "pd-test-cluster-pd-2.17b79389b0998849", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "977", + "self_link": null, + "uid": "6fe3725f-efa1-46da-86a1-d94e5b77c057" + }, + "reason": "ProvisioningSucceeded", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "rancher.io/local-path_local-path-provisioner-6f8956fb48-lwlfv_e2117ef4-1e8a-440b-bb31-b48086ca1c88", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:19:59+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "Pod", + "name": "test-cluster-discovery-689d8466cb-rkhsw", + "namespace": "acto-namespace", + "resource_version": "865", + "uid": "7d5c38de-d388-4f79-a1eb-dbfcb1333562" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:19:59+00:00", + "message": "Successfully assigned acto-namespace/test-cluster-discovery-689d8466cb-rkhsw to acto-0-cluster-0-worker2", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:19:59+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-scheduler", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:59+00:00" + } + ], + "name": "test-cluster-discovery-689d8466cb-rkhsw.17b79388ea25f7af", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "875", + "self_link": null, + "uid": "d4bcad3a-7602-490a-bb7e-cb56c8a2764c" + }, + "reason": "Scheduled", + "related": null, + "reporting_component": "default-scheduler", + "reporting_instance": "", + "series": null, + "source": { + "component": "default-scheduler", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:00+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{discovery}", + "kind": "Pod", + "name": "test-cluster-discovery-689d8466cb-rkhsw", + "namespace": "acto-namespace", + "resource_version": "867", + "uid": "7d5c38de-d388-4f79-a1eb-dbfcb1333562" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:00+00:00", + "message": "Container image \"pingcap/tidb-operator:v1.3.2\" already present on machine", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:00+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:reportingInstance": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:00+00:00" + } + ], + "name": "test-cluster-discovery-689d8466cb-rkhsw.17b793890852b695", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "935", + "self_link": null, + "uid": "5eb8f029-72f1-473b-a597-12c498b5af85" + }, + "reason": "Pulled", + "related": null, + "reporting_component": "kubelet", + "reporting_instance": "acto-0-cluster-0-worker2", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker2" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:00+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{discovery}", + "kind": "Pod", + "name": "test-cluster-discovery-689d8466cb-rkhsw", + "namespace": "acto-namespace", + "resource_version": "867", + "uid": "7d5c38de-d388-4f79-a1eb-dbfcb1333562" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:00+00:00", + "message": "Created container discovery", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:00+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:reportingInstance": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:00+00:00" + } + ], + "name": "test-cluster-discovery-689d8466cb-rkhsw.17b793890bf7c0f0", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "938", + "self_link": null, + "uid": "348db08c-2252-4563-9b9e-99b74f8a33f0" + }, + "reason": "Created", + "related": null, + "reporting_component": "kubelet", + "reporting_instance": "acto-0-cluster-0-worker2", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker2" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:00+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{discovery}", + "kind": "Pod", + "name": "test-cluster-discovery-689d8466cb-rkhsw", + "namespace": "acto-namespace", + "resource_version": "867", + "uid": "7d5c38de-d388-4f79-a1eb-dbfcb1333562" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:00+00:00", + "message": "Started container discovery", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:00+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:reportingInstance": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:00+00:00" + } + ], + "name": "test-cluster-discovery-689d8466cb-rkhsw.17b7938914e6d051", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "940", + "self_link": null, + "uid": "0e1a419d-d8a3-4f9e-8a6d-8e576a8b9cf1" + }, + "reason": "Started", + "related": null, + "reporting_component": "kubelet", + "reporting_instance": "acto-0-cluster-0-worker2", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker2" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:19:59+00:00", + "involved_object": { + "api_version": "apps/v1", + "field_path": null, + "kind": "ReplicaSet", + "name": "test-cluster-discovery-689d8466cb", + "namespace": "acto-namespace", + "resource_version": "856", + "uid": "a6ae946c-e641-488e-8d11-8f8a0e04bed1" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:19:59+00:00", + "message": "Created pod: test-cluster-discovery-689d8466cb-rkhsw", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:19:59+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:59+00:00" + } + ], + "name": "test-cluster-discovery-689d8466cb.17b79388e989cb9b", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "869", + "self_link": null, + "uid": "ef21c4c1-e0fc-44e6-a602-0c4ec3d34e15" + }, + "reason": "SuccessfulCreate", + "related": null, + "reporting_component": "replicaset-controller", + "reporting_instance": "", + "series": null, + "source": { + "component": "replicaset-controller", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:19:59+00:00", + "involved_object": { + "api_version": "apps/v1", + "field_path": null, + "kind": "Deployment", + "name": "test-cluster-discovery", + "namespace": "acto-namespace", + "resource_version": "854", + "uid": "8fd66bd1-82d7-4fd7-95b8-c25c509219de" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:19:59+00:00", + "message": "Scaled up replica set test-cluster-discovery-689d8466cb to 1", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:19:59+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:59+00:00" + } + ], + "name": "test-cluster-discovery.17b79388e86c8336", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "859", + "self_link": null, + "uid": "0f1a8fdb-a0bf-457b-93fa-7a9729b48068" + }, + "reason": "ScalingReplicaSet", + "related": null, + "reporting_component": "deployment-controller", + "reporting_instance": "", + "series": null, + "source": { + "component": "deployment-controller", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:03+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "Pod", + "name": "test-cluster-pd-0", + "namespace": "acto-namespace", + "resource_version": "889", + "uid": "801ba666-3b2f-49bf-aec4-e595107bc95d" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:03+00:00", + "message": "Successfully assigned acto-namespace/test-cluster-pd-0 to acto-0-cluster-0-worker", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:03+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-scheduler", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:03+00:00" + } + ], + "name": "test-cluster-pd-0.17b79389dc3a67ca", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "989", + "self_link": null, + "uid": "cee61977-3af9-4af4-829d-d99e118b98cf" + }, + "reason": "Scheduled", + "related": null, + "reporting_component": "default-scheduler", + "reporting_instance": "", + "series": null, + "source": { + "component": "default-scheduler", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 2, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:04+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{pd}", + "kind": "Pod", + "name": "test-cluster-pd-0", + "namespace": "acto-namespace", + "resource_version": "988", + "uid": "801ba666-3b2f-49bf-aec4-e595107bc95d" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:25+00:00", + "message": "Container image \"pingcap/pd:v5.4.0\" already present on machine", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:04+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:reportingInstance": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:25+00:00" + } + ], + "name": "test-cluster-pd-0.17b79389f61aadab", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1183", + "self_link": null, + "uid": "e08a1391-e215-4b84-983a-739362c76e6f" + }, + "reason": "Pulled", + "related": null, + "reporting_component": "kubelet", + "reporting_instance": "acto-0-cluster-0-worker", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 2, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:04+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{pd}", + "kind": "Pod", + "name": "test-cluster-pd-0", + "namespace": "acto-namespace", + "resource_version": "988", + "uid": "801ba666-3b2f-49bf-aec4-e595107bc95d" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:25+00:00", + "message": "Created container pd", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:04+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:reportingInstance": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:25+00:00" + } + ], + "name": "test-cluster-pd-0.17b79389f7767600", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1189", + "self_link": null, + "uid": "948f7f70-f8b7-46a1-b06f-b0812abe14f7" + }, + "reason": "Created", + "related": null, + "reporting_component": "kubelet", + "reporting_instance": "acto-0-cluster-0-worker", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 2, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:04+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{pd}", + "kind": "Pod", + "name": "test-cluster-pd-0", + "namespace": "acto-namespace", + "resource_version": "988", + "uid": "801ba666-3b2f-49bf-aec4-e595107bc95d" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:25+00:00", + "message": "Started container pd", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:04+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:reportingInstance": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:25+00:00" + } + ], + "name": "test-cluster-pd-0.17b79389fcfb7885", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1197", + "self_link": null, + "uid": "4a93eed7-a4f0-45a7-9a3b-0266fcfa32ff" + }, + "reason": "Started", + "related": null, + "reporting_component": "kubelet", + "reporting_instance": "acto-0-cluster-0-worker", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:03+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "Pod", + "name": "test-cluster-pd-1", + "namespace": "acto-namespace", + "resource_version": "896", + "uid": "fddcab1c-5c70-49b9-8a97-afe4d7dec60e" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:03+00:00", + "message": "Successfully assigned acto-namespace/test-cluster-pd-1 to acto-0-cluster-0-worker2", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:03+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-scheduler", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:03+00:00" + } + ], + "name": "test-cluster-pd-1.17b79389dd2a3a82", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "995", + "self_link": null, + "uid": "2acbb8db-1b5e-42b8-9413-76899f88e3ea" + }, + "reason": "Scheduled", + "related": null, + "reporting_component": "default-scheduler", + "reporting_instance": "", + "series": null, + "source": { + "component": "default-scheduler", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:04+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{pd}", + "kind": "Pod", + "name": "test-cluster-pd-1", + "namespace": "acto-namespace", + "resource_version": "992", + "uid": "fddcab1c-5c70-49b9-8a97-afe4d7dec60e" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:04+00:00", + "message": "Container image \"pingcap/pd:v5.4.0\" already present on machine", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:04+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:reportingInstance": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:04+00:00" + } + ], + "name": "test-cluster-pd-1.17b79389f639d7a1", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1000", + "self_link": null, + "uid": "3274dc44-7802-4b4d-9b23-1708badee316" + }, + "reason": "Pulled", + "related": null, + "reporting_component": "kubelet", + "reporting_instance": "acto-0-cluster-0-worker2", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker2" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:04+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{pd}", + "kind": "Pod", + "name": "test-cluster-pd-1", + "namespace": "acto-namespace", + "resource_version": "992", + "uid": "fddcab1c-5c70-49b9-8a97-afe4d7dec60e" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:04+00:00", + "message": "Created container pd", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:04+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:reportingInstance": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:04+00:00" + } + ], + "name": "test-cluster-pd-1.17b79389f7a8aacc", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1003", + "self_link": null, + "uid": "40e51a88-3e86-4d5e-b845-70f5d710e46f" + }, + "reason": "Created", + "related": null, + "reporting_component": "kubelet", + "reporting_instance": "acto-0-cluster-0-worker2", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker2" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:04+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{pd}", + "kind": "Pod", + "name": "test-cluster-pd-1", + "namespace": "acto-namespace", + "resource_version": "992", + "uid": "fddcab1c-5c70-49b9-8a97-afe4d7dec60e" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:04+00:00", + "message": "Started container pd", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:04+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:reportingInstance": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:04+00:00" + } + ], + "name": "test-cluster-pd-1.17b79389fd0a5101", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1007", + "self_link": null, + "uid": "72354dc0-df2a-43c7-92c5-e0f78fb6eaf9" + }, + "reason": "Started", + "related": null, + "reporting_component": "kubelet", + "reporting_instance": "acto-0-cluster-0-worker2", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker2" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:03+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "Pod", + "name": "test-cluster-pd-2", + "namespace": "acto-namespace", + "resource_version": "897", + "uid": "6c47980f-aa16-4023-b5b9-150257844cb0" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:03+00:00", + "message": "Successfully assigned acto-namespace/test-cluster-pd-2 to acto-0-cluster-0-worker3", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:03+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-scheduler", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:03+00:00" + } + ], + "name": "test-cluster-pd-2.17b79389dd25b56d", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "994", + "self_link": null, + "uid": "36300ac1-8f91-42ce-8ccb-197c04286b9e" + }, + "reason": "Scheduled", + "related": null, + "reporting_component": "default-scheduler", + "reporting_instance": "", + "series": null, + "source": { + "component": "default-scheduler", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:04+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{pd}", + "kind": "Pod", + "name": "test-cluster-pd-2", + "namespace": "acto-namespace", + "resource_version": "993", + "uid": "6c47980f-aa16-4023-b5b9-150257844cb0" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:04+00:00", + "message": "Container image \"pingcap/pd:v5.4.0\" already present on machine", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:04+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:reportingInstance": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:04+00:00" + } + ], + "name": "test-cluster-pd-2.17b79389f630c7af", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "999", + "self_link": null, + "uid": "cbf51387-c4c1-472b-87c3-a8e9e605e82f" + }, + "reason": "Pulled", + "related": null, + "reporting_component": "kubelet", + "reporting_instance": "acto-0-cluster-0-worker3", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker3" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:04+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{pd}", + "kind": "Pod", + "name": "test-cluster-pd-2", + "namespace": "acto-namespace", + "resource_version": "993", + "uid": "6c47980f-aa16-4023-b5b9-150257844cb0" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:04+00:00", + "message": "Created container pd", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:04+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:reportingInstance": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:04+00:00" + } + ], + "name": "test-cluster-pd-2.17b79389f793d91f", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1002", + "self_link": null, + "uid": "49cbd93f-5282-4ee5-bfd5-018cbdc5e89b" + }, + "reason": "Created", + "related": null, + "reporting_component": "kubelet", + "reporting_instance": "acto-0-cluster-0-worker3", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker3" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:04+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{pd}", + "kind": "Pod", + "name": "test-cluster-pd-2", + "namespace": "acto-namespace", + "resource_version": "993", + "uid": "6c47980f-aa16-4023-b5b9-150257844cb0" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:04+00:00", + "message": "Started container pd", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:04+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:reportingInstance": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:04+00:00" + } + ], + "name": "test-cluster-pd-2.17b79389fcf62246", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1005", + "self_link": null, + "uid": "7a670268-099d-439b-a23b-7c0d48da2ae6" + }, + "reason": "Started", + "related": null, + "reporting_component": "kubelet", + "reporting_instance": "acto-0-cluster-0-worker3", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker3" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:19:59+00:00", + "involved_object": { + "api_version": "apps/v1", + "field_path": null, + "kind": "StatefulSet", + "name": "test-cluster-pd", + "namespace": "acto-namespace", + "resource_version": "883", + "uid": "88522170-1faf-4a03-8d4e-f4f6a40c72a7" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:19:59+00:00", + "message": "create Claim pd-test-cluster-pd-0 Pod test-cluster-pd-0 in StatefulSet test-cluster-pd success", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:19:59+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:59+00:00" + } + ], + "name": "test-cluster-pd.17b79388ec958bd5", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "888", + "self_link": null, + "uid": "28201e3a-31da-40b5-8490-011b2928f443" + }, + "reason": "SuccessfulCreate", + "related": null, + "reporting_component": "statefulset-controller", + "reporting_instance": "", + "series": null, + "source": { + "component": "statefulset-controller", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:19:59+00:00", + "involved_object": { + "api_version": "apps/v1", + "field_path": null, + "kind": "StatefulSet", + "name": "test-cluster-pd", + "namespace": "acto-namespace", + "resource_version": "883", + "uid": "88522170-1faf-4a03-8d4e-f4f6a40c72a7" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:19:59+00:00", + "message": "create Pod test-cluster-pd-0 in StatefulSet test-cluster-pd successful", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:19:59+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:59+00:00" + } + ], + "name": "test-cluster-pd.17b79388ed0eec08", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "890", + "self_link": null, + "uid": "2f2d2edf-e4ef-4c60-a256-b18254a2b334" + }, + "reason": "SuccessfulCreate", + "related": null, + "reporting_component": "statefulset-controller", + "reporting_instance": "", + "series": null, + "source": { + "component": "statefulset-controller", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:19:59+00:00", + "involved_object": { + "api_version": "apps/v1", + "field_path": null, + "kind": "StatefulSet", + "name": "test-cluster-pd", + "namespace": "acto-namespace", + "resource_version": "883", + "uid": "88522170-1faf-4a03-8d4e-f4f6a40c72a7" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:19:59+00:00", + "message": "create Claim pd-test-cluster-pd-1 Pod test-cluster-pd-1 in StatefulSet test-cluster-pd success", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:19:59+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:59+00:00" + } + ], + "name": "test-cluster-pd.17b79388ed5820c2", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "895", + "self_link": null, + "uid": "d84feaef-78b8-479a-a850-1f2f1e932f30" + }, + "reason": "SuccessfulCreate", + "related": null, + "reporting_component": "statefulset-controller", + "reporting_instance": "", + "series": null, + "source": { + "component": "statefulset-controller", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:19:59+00:00", + "involved_object": { + "api_version": "apps/v1", + "field_path": null, + "kind": "StatefulSet", + "name": "test-cluster-pd", + "namespace": "acto-namespace", + "resource_version": "883", + "uid": "88522170-1faf-4a03-8d4e-f4f6a40c72a7" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:19:59+00:00", + "message": "create Claim pd-test-cluster-pd-2 Pod test-cluster-pd-2 in StatefulSet test-cluster-pd success", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:19:59+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:59+00:00" + } + ], + "name": "test-cluster-pd.17b79388ed5823d8", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "900", + "self_link": null, + "uid": "8c7aa465-b0b5-4380-a84b-84e37a1eba1d" + }, + "reason": "SuccessfulCreate", + "related": null, + "reporting_component": "statefulset-controller", + "reporting_instance": "", + "series": null, + "source": { + "component": "statefulset-controller", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:19:59+00:00", + "involved_object": { + "api_version": "apps/v1", + "field_path": null, + "kind": "StatefulSet", + "name": "test-cluster-pd", + "namespace": "acto-namespace", + "resource_version": "883", + "uid": "88522170-1faf-4a03-8d4e-f4f6a40c72a7" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:19:59+00:00", + "message": "create Pod test-cluster-pd-1 in StatefulSet test-cluster-pd successful", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:19:59+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:59+00:00" + } + ], + "name": "test-cluster-pd.17b79388edadbb00", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "905", + "self_link": null, + "uid": "5d73b74d-2a17-4242-a5ab-09ed122b2b1b" + }, + "reason": "SuccessfulCreate", + "related": null, + "reporting_component": "statefulset-controller", + "reporting_instance": "", + "series": null, + "source": { + "component": "statefulset-controller", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:19:59+00:00", + "involved_object": { + "api_version": "apps/v1", + "field_path": null, + "kind": "StatefulSet", + "name": "test-cluster-pd", + "namespace": "acto-namespace", + "resource_version": "883", + "uid": "88522170-1faf-4a03-8d4e-f4f6a40c72a7" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:19:59+00:00", + "message": "create Pod test-cluster-pd-2 in StatefulSet test-cluster-pd successful", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:19:59+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:59+00:00" + } + ], + "name": "test-cluster-pd.17b79388edae04c7", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "908", + "self_link": null, + "uid": "6fefadac-e79d-4ccf-8a64-263ace5084c9" + }, + "reason": "SuccessfulCreate", + "related": null, + "reporting_component": "statefulset-controller", + "reporting_instance": "", + "series": null, + "source": { + "component": "statefulset-controller", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:52+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "Pod", + "name": "test-cluster-tidb-0", + "namespace": "acto-namespace", + "resource_version": "1341", + "uid": "33b4a064-47e7-4ea8-a6eb-4638ba7c5753" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:52+00:00", + "message": "Successfully assigned acto-namespace/test-cluster-tidb-0 to acto-0-cluster-0-worker", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:52+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-scheduler", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:52+00:00" + } + ], + "name": "test-cluster-tidb-0.17b7939524337fda", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1350", + "self_link": null, + "uid": "6432d4b6-fdf1-4b3d-ad3d-d0c99a8ce0ec" + }, + "reason": "Scheduled", + "related": null, + "reporting_component": "default-scheduler", + "reporting_instance": "", + "series": null, + "source": { + "component": "default-scheduler", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:52+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{slowlog}", + "kind": "Pod", + "name": "test-cluster-tidb-0", + "namespace": "acto-namespace", + "resource_version": "1344", + "uid": "33b4a064-47e7-4ea8-a6eb-4638ba7c5753" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:52+00:00", + "message": "Container image \"busybox:1.34.1\" already present on machine", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:52+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:reportingInstance": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:52+00:00" + } + ], + "name": "test-cluster-tidb-0.17b79395409f5daa", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1364", + "self_link": null, + "uid": "4f5de4f8-fab3-4d60-bff4-5c6fc6eb8a62" + }, + "reason": "Pulled", + "related": null, + "reporting_component": "kubelet", + "reporting_instance": "acto-0-cluster-0-worker", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:52+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{slowlog}", + "kind": "Pod", + "name": "test-cluster-tidb-0", + "namespace": "acto-namespace", + "resource_version": "1344", + "uid": "33b4a064-47e7-4ea8-a6eb-4638ba7c5753" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:52+00:00", + "message": "Created container slowlog", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:52+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:reportingInstance": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:52+00:00" + } + ], + "name": "test-cluster-tidb-0.17b793954192e9a0", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1368", + "self_link": null, + "uid": "cc70bfd0-c915-4375-a1a2-b43cb230cc11" + }, + "reason": "Created", + "related": null, + "reporting_component": "kubelet", + "reporting_instance": "acto-0-cluster-0-worker", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:52+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{slowlog}", + "kind": "Pod", + "name": "test-cluster-tidb-0", + "namespace": "acto-namespace", + "resource_version": "1344", + "uid": "33b4a064-47e7-4ea8-a6eb-4638ba7c5753" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:52+00:00", + "message": "Started container slowlog", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:53+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:reportingInstance": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:53+00:00" + } + ], + "name": "test-cluster-tidb-0.17b793954950a9a9", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1372", + "self_link": null, + "uid": "579de100-2070-4417-bf19-522dacc5fb1a" + }, + "reason": "Started", + "related": null, + "reporting_component": "kubelet", + "reporting_instance": "acto-0-cluster-0-worker", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:53+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{tidb}", + "kind": "Pod", + "name": "test-cluster-tidb-0", + "namespace": "acto-namespace", + "resource_version": "1344", + "uid": "33b4a064-47e7-4ea8-a6eb-4638ba7c5753" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:53+00:00", + "message": "Container image \"pingcap/tidb:v5.4.0\" already present on machine", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:53+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:reportingInstance": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:53+00:00" + } + ], + "name": "test-cluster-tidb-0.17b7939549576e68", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1374", + "self_link": null, + "uid": "0268a10d-712e-4555-93a6-7740b95f3b78" + }, + "reason": "Pulled", + "related": null, + "reporting_component": "kubelet", + "reporting_instance": "acto-0-cluster-0-worker", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:53+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{tidb}", + "kind": "Pod", + "name": "test-cluster-tidb-0", + "namespace": "acto-namespace", + "resource_version": "1344", + "uid": "33b4a064-47e7-4ea8-a6eb-4638ba7c5753" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:53+00:00", + "message": "Created container tidb", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:53+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:reportingInstance": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:53+00:00" + } + ], + "name": "test-cluster-tidb-0.17b793954a763c6a", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1379", + "self_link": null, + "uid": "f3c8ccc9-c3cd-4f16-a10d-c82fd88cff3b" + }, + "reason": "Created", + "related": null, + "reporting_component": "kubelet", + "reporting_instance": "acto-0-cluster-0-worker", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:53+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{tidb}", + "kind": "Pod", + "name": "test-cluster-tidb-0", + "namespace": "acto-namespace", + "resource_version": "1344", + "uid": "33b4a064-47e7-4ea8-a6eb-4638ba7c5753" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:53+00:00", + "message": "Started container tidb", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:53+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:reportingInstance": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:53+00:00" + } + ], + "name": "test-cluster-tidb-0.17b7939550c18dd3", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1380", + "self_link": null, + "uid": "b325fc76-7986-4636-9023-bb3ea419be96" + }, + "reason": "Started", + "related": null, + "reporting_component": "kubelet", + "reporting_instance": "acto-0-cluster-0-worker", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:52+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "Pod", + "name": "test-cluster-tidb-1", + "namespace": "acto-namespace", + "resource_version": "1345", + "uid": "b39da1e7-81ed-4250-9545-8ebd713753dc" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:52+00:00", + "message": "Successfully assigned acto-namespace/test-cluster-tidb-1 to acto-0-cluster-0-worker2", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:52+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-scheduler", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:52+00:00" + } + ], + "name": "test-cluster-tidb-1.17b79395248fe30d", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1356", + "self_link": null, + "uid": "35bfbd61-d0c2-4fae-80a4-e85425afe7a5" + }, + "reason": "Scheduled", + "related": null, + "reporting_component": "default-scheduler", + "reporting_instance": "", + "series": null, + "source": { + "component": "default-scheduler", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:52+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{slowlog}", + "kind": "Pod", + "name": "test-cluster-tidb-1", + "namespace": "acto-namespace", + "resource_version": "1349", + "uid": "b39da1e7-81ed-4250-9545-8ebd713753dc" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:52+00:00", + "message": "Container image \"busybox:1.34.1\" already present on machine", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:52+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:reportingInstance": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:52+00:00" + } + ], + "name": "test-cluster-tidb-1.17b7939540a119b1", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1365", + "self_link": null, + "uid": "c414f161-9aab-4fff-b694-f311d7f4fc88" + }, + "reason": "Pulled", + "related": null, + "reporting_component": "kubelet", + "reporting_instance": "acto-0-cluster-0-worker2", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker2" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:52+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{slowlog}", + "kind": "Pod", + "name": "test-cluster-tidb-1", + "namespace": "acto-namespace", + "resource_version": "1349", + "uid": "b39da1e7-81ed-4250-9545-8ebd713753dc" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:52+00:00", + "message": "Created container slowlog", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:52+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:reportingInstance": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:52+00:00" + } + ], + "name": "test-cluster-tidb-1.17b7939541836638", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1367", + "self_link": null, + "uid": "faf54f40-d6fb-4b7e-b974-96ff859c34ff" + }, + "reason": "Created", + "related": null, + "reporting_component": "kubelet", + "reporting_instance": "acto-0-cluster-0-worker2", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker2" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:53+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{slowlog}", + "kind": "Pod", + "name": "test-cluster-tidb-1", + "namespace": "acto-namespace", + "resource_version": "1349", + "uid": "b39da1e7-81ed-4250-9545-8ebd713753dc" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:53+00:00", + "message": "Started container slowlog", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:53+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:reportingInstance": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:53+00:00" + } + ], + "name": "test-cluster-tidb-1.17b7939549875930", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1375", + "self_link": null, + "uid": "52d4653e-9c3c-4423-9368-a1a10f9dda0c" + }, + "reason": "Started", + "related": null, + "reporting_component": "kubelet", + "reporting_instance": "acto-0-cluster-0-worker2", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker2" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:53+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{tidb}", + "kind": "Pod", + "name": "test-cluster-tidb-1", + "namespace": "acto-namespace", + "resource_version": "1349", + "uid": "b39da1e7-81ed-4250-9545-8ebd713753dc" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:53+00:00", + "message": "Container image \"pingcap/tidb:v5.4.0\" already present on machine", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:53+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:reportingInstance": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:53+00:00" + } + ], + "name": "test-cluster-tidb-1.17b79395498c5e26", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1376", + "self_link": null, + "uid": "486b8f2f-c7cd-4578-a123-3ee874e8bd89" + }, + "reason": "Pulled", + "related": null, + "reporting_component": "kubelet", + "reporting_instance": "acto-0-cluster-0-worker2", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker2" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:53+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{tidb}", + "kind": "Pod", + "name": "test-cluster-tidb-1", + "namespace": "acto-namespace", + "resource_version": "1349", + "uid": "b39da1e7-81ed-4250-9545-8ebd713753dc" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:53+00:00", + "message": "Created container tidb", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:53+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:reportingInstance": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:53+00:00" + } + ], + "name": "test-cluster-tidb-1.17b793954a6771e3", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1378", + "self_link": null, + "uid": "a979655b-455e-4283-8073-eac29b052c7c" + }, + "reason": "Created", + "related": null, + "reporting_component": "kubelet", + "reporting_instance": "acto-0-cluster-0-worker2", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker2" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:53+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{tidb}", + "kind": "Pod", + "name": "test-cluster-tidb-1", + "namespace": "acto-namespace", + "resource_version": "1349", + "uid": "b39da1e7-81ed-4250-9545-8ebd713753dc" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:53+00:00", + "message": "Started container tidb", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:53+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:reportingInstance": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:53+00:00" + } + ], + "name": "test-cluster-tidb-1.17b79395516eafcd", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1382", + "self_link": null, + "uid": "7dd16cef-6290-4ed1-bad9-51041f1950ec" + }, + "reason": "Started", + "related": null, + "reporting_component": "kubelet", + "reporting_instance": "acto-0-cluster-0-worker2", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker2" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:52+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "Pod", + "name": "test-cluster-tidb-2", + "namespace": "acto-namespace", + "resource_version": "1346", + "uid": "77704408-f6a8-425e-a89c-3877fadbf8b6" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:52+00:00", + "message": "Successfully assigned acto-namespace/test-cluster-tidb-2 to acto-0-cluster-0-worker3", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:52+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-scheduler", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:52+00:00" + } + ], + "name": "test-cluster-tidb-2.17b7939524a9b36f", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1358", + "self_link": null, + "uid": "fd4ed1cf-1e9e-4645-9338-8210e37afbbc" + }, + "reason": "Scheduled", + "related": null, + "reporting_component": "default-scheduler", + "reporting_instance": "", + "series": null, + "source": { + "component": "default-scheduler", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:52+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{slowlog}", + "kind": "Pod", + "name": "test-cluster-tidb-2", + "namespace": "acto-namespace", + "resource_version": "1351", + "uid": "77704408-f6a8-425e-a89c-3877fadbf8b6" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:52+00:00", + "message": "Container image \"busybox:1.34.1\" already present on machine", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:52+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:reportingInstance": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:52+00:00" + } + ], + "name": "test-cluster-tidb-2.17b7939540a1aae7", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1366", + "self_link": null, + "uid": "2b667dda-9fde-43c4-abf7-c1edb10833a8" + }, + "reason": "Pulled", + "related": null, + "reporting_component": "kubelet", + "reporting_instance": "acto-0-cluster-0-worker3", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker3" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:52+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{slowlog}", + "kind": "Pod", + "name": "test-cluster-tidb-2", + "namespace": "acto-namespace", + "resource_version": "1351", + "uid": "77704408-f6a8-425e-a89c-3877fadbf8b6" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:52+00:00", + "message": "Created container slowlog", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:52+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:reportingInstance": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:52+00:00" + } + ], + "name": "test-cluster-tidb-2.17b793954192ab0e", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1369", + "self_link": null, + "uid": "0228ee79-ad66-4e62-992d-625dbe8bce44" + }, + "reason": "Created", + "related": null, + "reporting_component": "kubelet", + "reporting_instance": "acto-0-cluster-0-worker3", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker3" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:52+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{slowlog}", + "kind": "Pod", + "name": "test-cluster-tidb-2", + "namespace": "acto-namespace", + "resource_version": "1351", + "uid": "77704408-f6a8-425e-a89c-3877fadbf8b6" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:52+00:00", + "message": "Started container slowlog", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:52+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:reportingInstance": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:52+00:00" + } + ], + "name": "test-cluster-tidb-2.17b79395491b8b31", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1371", + "self_link": null, + "uid": "68a92cf7-2e68-4655-b4c0-5a19e5a30dbf" + }, + "reason": "Started", + "related": null, + "reporting_component": "kubelet", + "reporting_instance": "acto-0-cluster-0-worker3", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker3" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:52+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{tidb}", + "kind": "Pod", + "name": "test-cluster-tidb-2", + "namespace": "acto-namespace", + "resource_version": "1351", + "uid": "77704408-f6a8-425e-a89c-3877fadbf8b6" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:52+00:00", + "message": "Container image \"pingcap/tidb:v5.4.0\" already present on machine", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:53+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:reportingInstance": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:53+00:00" + } + ], + "name": "test-cluster-tidb-2.17b79395492413f7", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1373", + "self_link": null, + "uid": "c8665f32-2543-4c25-8c0a-17ac610c9888" + }, + "reason": "Pulled", + "related": null, + "reporting_component": "kubelet", + "reporting_instance": "acto-0-cluster-0-worker3", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker3" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:53+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{tidb}", + "kind": "Pod", + "name": "test-cluster-tidb-2", + "namespace": "acto-namespace", + "resource_version": "1351", + "uid": "77704408-f6a8-425e-a89c-3877fadbf8b6" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:53+00:00", + "message": "Created container tidb", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:53+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:reportingInstance": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:53+00:00" + } + ], + "name": "test-cluster-tidb-2.17b793954a5843eb", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1377", + "self_link": null, + "uid": "d77706c6-b198-4511-b169-ff7bac72705c" + }, + "reason": "Created", + "related": null, + "reporting_component": "kubelet", + "reporting_instance": "acto-0-cluster-0-worker3", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker3" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:53+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{tidb}", + "kind": "Pod", + "name": "test-cluster-tidb-2", + "namespace": "acto-namespace", + "resource_version": "1351", + "uid": "77704408-f6a8-425e-a89c-3877fadbf8b6" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:53+00:00", + "message": "Started container tidb", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:53+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:reportingInstance": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:53+00:00" + } + ], + "name": "test-cluster-tidb-2.17b7939550cf1132", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1381", + "self_link": null, + "uid": "4acfb5cd-a5ec-4ac1-8aac-3a8d26b69818" + }, + "reason": "Started", + "related": null, + "reporting_component": "kubelet", + "reporting_instance": "acto-0-cluster-0-worker3", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker3" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:21:54+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{slowlog}", + "kind": "Pod", + "name": "test-cluster-tidb-2", + "namespace": "acto-namespace", + "resource_version": "1351", + "uid": "77704408-f6a8-425e-a89c-3877fadbf8b6" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:21:54+00:00", + "message": "Stopping container slowlog", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:21:54+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:reportingInstance": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:21:54+00:00" + } + ], + "name": "test-cluster-tidb-2.17b793a3a69edd1e", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1599", + "self_link": null, + "uid": "e4cffb00-294e-4575-9f3b-d85b45dcf55c" + }, + "reason": "Killing", + "related": null, + "reporting_component": "kubelet", + "reporting_instance": "acto-0-cluster-0-worker3", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker3" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:21:54+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{tidb}", + "kind": "Pod", + "name": "test-cluster-tidb-2", + "namespace": "acto-namespace", + "resource_version": "1351", + "uid": "77704408-f6a8-425e-a89c-3877fadbf8b6" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:21:54+00:00", + "message": "Stopping container tidb", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:21:54+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:reportingInstance": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:21:54+00:00" + } + ], + "name": "test-cluster-tidb-2.17b793a3a6a177d9", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1600", + "self_link": null, + "uid": "211e1c2f-99b5-449e-8e2c-cd3c5dc70f27" + }, + "reason": "Killing", + "related": null, + "reporting_component": "kubelet", + "reporting_instance": "acto-0-cluster-0-worker3", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker3" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 3, + "event_time": null, + "first_timestamp": "2024-02-27T01:22:02+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{tidb}", + "kind": "Pod", + "name": "test-cluster-tidb-2", + "namespace": "acto-namespace", + "resource_version": "1351", + "uid": "77704408-f6a8-425e-a89c-3877fadbf8b6" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:22:22+00:00", + "message": "Readiness probe failed: dial tcp 10.244.3.8:4000: connect: connection refused", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:22:02+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:reportingInstance": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:22:22+00:00" + } + ], + "name": "test-cluster-tidb-2.17b793a5849ceece", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1678", + "self_link": null, + "uid": "09ad9f0c-ffa0-4272-b3c5-7f0fa0bde1f6" + }, + "reason": "Unhealthy", + "related": null, + "reporting_component": "kubelet", + "reporting_instance": "acto-0-cluster-0-worker3", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker3" + }, + "type": "Warning" + }, + { + "action": null, + "api_version": null, + "count": 4, + "event_time": null, + "first_timestamp": "2024-02-27T01:22:26+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "Pod", + "name": "test-cluster-tidb-2", + "namespace": "acto-namespace", + "resource_version": "1725", + "uid": "2e5d49fd-c5d9-4a8f-b18f-3a0d431c120c" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:35:14+00:00", + "message": "0/4 nodes are available: 1 node(s) had untolerated taint {node-role.kubernetes.io/control-plane: }, 3 node(s) didn't match Pod's node affinity/selector. preemption: 0/4 nodes are available: 4 Preemption is not helpful for scheduling..", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:22:26+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-scheduler", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:35:14+00:00" + } + ], + "name": "test-cluster-tidb-2.17b793ab12e2d03d", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "3440", + "self_link": null, + "uid": "9d583810-173c-4fc3-b645-bbf90534be36" + }, + "reason": "FailedScheduling", + "related": null, + "reporting_component": "default-scheduler", + "reporting_instance": "", + "series": null, + "source": { + "component": "default-scheduler", + "host": null + }, + "type": "Warning" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:52+00:00", + "involved_object": { + "api_version": "apps/v1", + "field_path": null, + "kind": "StatefulSet", + "name": "test-cluster-tidb", + "namespace": "acto-namespace", + "resource_version": "1337", + "uid": "275a96f1-4db6-4070-a665-2df5d784b843" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:52+00:00", + "message": "create Pod test-cluster-tidb-0 in StatefulSet test-cluster-tidb successful", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:52+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:52+00:00" + } + ], + "name": "test-cluster-tidb.17b7939523f6ddc4", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1343", + "self_link": null, + "uid": "53072102-fc7f-426c-b778-284e9913d834" + }, + "reason": "SuccessfulCreate", + "related": null, + "reporting_component": "statefulset-controller", + "reporting_instance": "", + "series": null, + "source": { + "component": "statefulset-controller", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:52+00:00", + "involved_object": { + "api_version": "apps/v1", + "field_path": null, + "kind": "StatefulSet", + "name": "test-cluster-tidb", + "namespace": "acto-namespace", + "resource_version": "1337", + "uid": "275a96f1-4db6-4070-a665-2df5d784b843" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:52+00:00", + "message": "create Pod test-cluster-tidb-1 in StatefulSet test-cluster-tidb successful", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:52+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:52+00:00" + } + ], + "name": "test-cluster-tidb.17b7939524339fab", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1348", + "self_link": null, + "uid": "098b3e5d-5832-4a18-93b2-ff3d28e51bcc" + }, + "reason": "SuccessfulCreate", + "related": null, + "reporting_component": "statefulset-controller", + "reporting_instance": "", + "series": null, + "source": { + "component": "statefulset-controller", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 2, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:52+00:00", + "involved_object": { + "api_version": "apps/v1", + "field_path": null, + "kind": "StatefulSet", + "name": "test-cluster-tidb", + "namespace": "acto-namespace", + "resource_version": "1337", + "uid": "275a96f1-4db6-4070-a665-2df5d784b843" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:22:26+00:00", + "message": "create Pod test-cluster-tidb-2 in StatefulSet test-cluster-tidb successful", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:52+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:22:26+00:00" + } + ], + "name": "test-cluster-tidb.17b793952455ebb2", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1727", + "self_link": null, + "uid": "0106d653-753e-42fb-8031-341c44eff844" + }, + "reason": "SuccessfulCreate", + "related": null, + "reporting_component": "statefulset-controller", + "reporting_instance": "", + "series": null, + "source": { + "component": "statefulset-controller", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 8, + "event_time": null, + "first_timestamp": "2024-02-27T01:21:54+00:00", + "involved_object": { + "api_version": "apps/v1", + "field_path": null, + "kind": "StatefulSet", + "name": "test-cluster-tidb", + "namespace": "acto-namespace", + "resource_version": "1592", + "uid": "275a96f1-4db6-4070-a665-2df5d784b843" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:22:26+00:00", + "message": "delete Pod test-cluster-tidb-2 in StatefulSet test-cluster-tidb successful", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:21:54+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:22:26+00:00" + } + ], + "name": "test-cluster-tidb.17b793a3a6990867", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1721", + "self_link": null, + "uid": "35b32f39-dadc-4f42-92c7-76d4bc9322e5" + }, + "reason": "SuccessfulDelete", + "related": null, + "reporting_component": "statefulset-controller", + "reporting_instance": "", + "series": null, + "source": { + "component": "statefulset-controller", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 8, + "event_time": null, + "first_timestamp": "2024-02-27T01:22:26+00:00", + "involved_object": { + "api_version": "apps/v1", + "field_path": null, + "kind": "StatefulSet", + "name": "test-cluster-tidb", + "namespace": "acto-namespace", + "resource_version": "1682", + "uid": "275a96f1-4db6-4070-a665-2df5d784b843" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:22:26+00:00", + "message": "StatefulSet acto-namespace/test-cluster-tidb is recreating failed Pod test-cluster-tidb-2", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:22:26+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:22:26+00:00" + } + ], + "name": "test-cluster-tidb.17b793aafe412a6f", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1722", + "self_link": null, + "uid": "2bf310e0-0784-40de-a318-9ad1757b4e93" + }, + "reason": "RecreatingFailedPod", + "related": null, + "reporting_component": "statefulset-controller", + "reporting_instance": "", + "series": null, + "source": { + "component": "statefulset-controller", + "host": null + }, + "type": "Warning" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:22:26+00:00", + "involved_object": { + "api_version": "apps/v1", + "field_path": null, + "kind": "StatefulSet", + "name": "test-cluster-tidb", + "namespace": "acto-namespace", + "resource_version": "1701", + "uid": "275a96f1-4db6-4070-a665-2df5d784b843" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:22:26+00:00", + "message": "delete Pod test-cluster-tidb-2 in StatefulSet test-cluster-tidb failed error: pods \"test-cluster-tidb-2\" not found", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:22:26+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:22:26+00:00" + } + ], + "name": "test-cluster-tidb.17b793ab124d334a", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1723", + "self_link": null, + "uid": "b6086da5-9719-46f5-a776-efc953336ef9" + }, + "reason": "FailedDelete", + "related": null, + "reporting_component": "statefulset-controller", + "reporting_instance": "", + "series": null, + "source": { + "component": "statefulset-controller", + "host": null + }, + "type": "Warning" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:26+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "Pod", + "name": "test-cluster-tikv-0", + "namespace": "acto-namespace", + "resource_version": "1096", + "uid": "ebc480d7-eef9-48ca-8d1f-31c413ae8bab" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:26+00:00", + "message": "Successfully assigned acto-namespace/test-cluster-tikv-0 to acto-0-cluster-0-worker2", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:26+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-scheduler", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:26+00:00" + } + ], + "name": "test-cluster-tikv-0.17b7938f1563d7ab", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1220", + "self_link": null, + "uid": "b33609ca-2180-47bf-9f89-a5b5939e2142" + }, + "reason": "Scheduled", + "related": null, + "reporting_component": "default-scheduler", + "reporting_instance": "", + "series": null, + "source": { + "component": "default-scheduler", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:26+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{raftlog}", + "kind": "Pod", + "name": "test-cluster-tikv-0", + "namespace": "acto-namespace", + "resource_version": "1219", + "uid": "ebc480d7-eef9-48ca-8d1f-31c413ae8bab" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:26+00:00", + "message": "Container image \"busybox:1.34.1\" already present on machine", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:26+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:reportingInstance": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:26+00:00" + } + ], + "name": "test-cluster-tikv-0.17b7938f338bbba6", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1246", + "self_link": null, + "uid": "bc42e495-58d6-4115-8ac5-87a9b4a471f5" + }, + "reason": "Pulled", + "related": null, + "reporting_component": "kubelet", + "reporting_instance": "acto-0-cluster-0-worker2", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker2" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:26+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{raftlog}", + "kind": "Pod", + "name": "test-cluster-tikv-0", + "namespace": "acto-namespace", + "resource_version": "1219", + "uid": "ebc480d7-eef9-48ca-8d1f-31c413ae8bab" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:26+00:00", + "message": "Created container raftlog", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:26+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:reportingInstance": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:26+00:00" + } + ], + "name": "test-cluster-tikv-0.17b7938f34d203b1", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1249", + "self_link": null, + "uid": "80bacca9-60d6-4176-b6a9-b3fa384d925b" + }, + "reason": "Created", + "related": null, + "reporting_component": "kubelet", + "reporting_instance": "acto-0-cluster-0-worker2", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker2" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:26+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{raftlog}", + "kind": "Pod", + "name": "test-cluster-tikv-0", + "namespace": "acto-namespace", + "resource_version": "1219", + "uid": "ebc480d7-eef9-48ca-8d1f-31c413ae8bab" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:26+00:00", + "message": "Started container raftlog", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:26+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:reportingInstance": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:26+00:00" + } + ], + "name": "test-cluster-tikv-0.17b7938f3b4b3c60", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1250", + "self_link": null, + "uid": "3c31e1da-664a-44e4-87e9-e65d7cf45b51" + }, + "reason": "Started", + "related": null, + "reporting_component": "kubelet", + "reporting_instance": "acto-0-cluster-0-worker2", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker2" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:26+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{tikv}", + "kind": "Pod", + "name": "test-cluster-tikv-0", + "namespace": "acto-namespace", + "resource_version": "1219", + "uid": "ebc480d7-eef9-48ca-8d1f-31c413ae8bab" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:26+00:00", + "message": "Container image \"pingcap/tikv:v5.4.0\" already present on machine", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:26+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:reportingInstance": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:26+00:00" + } + ], + "name": "test-cluster-tikv-0.17b7938f3b507234", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1251", + "self_link": null, + "uid": "d44e9bd5-188b-4ed0-a1fa-a62b8d9e4500" + }, + "reason": "Pulled", + "related": null, + "reporting_component": "kubelet", + "reporting_instance": "acto-0-cluster-0-worker2", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker2" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:27+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{tikv}", + "kind": "Pod", + "name": "test-cluster-tikv-0", + "namespace": "acto-namespace", + "resource_version": "1219", + "uid": "ebc480d7-eef9-48ca-8d1f-31c413ae8bab" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:27+00:00", + "message": "Created container tikv", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:27+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:reportingInstance": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:27+00:00" + } + ], + "name": "test-cluster-tikv-0.17b7938f3c547f8a", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1252", + "self_link": null, + "uid": "9035dbda-7fb9-4de4-81ab-e6c23f514684" + }, + "reason": "Created", + "related": null, + "reporting_component": "kubelet", + "reporting_instance": "acto-0-cluster-0-worker2", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker2" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:27+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{tikv}", + "kind": "Pod", + "name": "test-cluster-tikv-0", + "namespace": "acto-namespace", + "resource_version": "1219", + "uid": "ebc480d7-eef9-48ca-8d1f-31c413ae8bab" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:27+00:00", + "message": "Started container tikv", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:27+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:reportingInstance": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:27+00:00" + } + ], + "name": "test-cluster-tikv-0.17b7938f42e43538", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1253", + "self_link": null, + "uid": "a152ff66-323d-48f9-beec-e55197e2fb89" + }, + "reason": "Started", + "related": null, + "reporting_component": "kubelet", + "reporting_instance": "acto-0-cluster-0-worker2", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker2" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:25+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "Pod", + "name": "test-cluster-tikv-1", + "namespace": "acto-namespace", + "resource_version": "1104", + "uid": "fe7fca3f-2c5a-406e-856b-3b0bec9e4bfc" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:25+00:00", + "message": "Successfully assigned acto-namespace/test-cluster-tikv-1 to acto-0-cluster-0-worker", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:25+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-scheduler", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:25+00:00" + } + ], + "name": "test-cluster-tikv-1.17b7938eda2a61fe", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1176", + "self_link": null, + "uid": "0463f690-1dd7-4fad-806f-8a69ecb34cb1" + }, + "reason": "Scheduled", + "related": null, + "reporting_component": "default-scheduler", + "reporting_instance": "", + "series": null, + "source": { + "component": "default-scheduler", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:25+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{raftlog}", + "kind": "Pod", + "name": "test-cluster-tikv-1", + "namespace": "acto-namespace", + "resource_version": "1174", + "uid": "fe7fca3f-2c5a-406e-856b-3b0bec9e4bfc" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:25+00:00", + "message": "Container image \"busybox:1.34.1\" already present on machine", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:25+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:reportingInstance": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:25+00:00" + } + ], + "name": "test-cluster-tikv-1.17b7938ef5050c72", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1205", + "self_link": null, + "uid": "dd4a712e-21f6-454a-a713-9bc741f43fa4" + }, + "reason": "Pulled", + "related": null, + "reporting_component": "kubelet", + "reporting_instance": "acto-0-cluster-0-worker", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:25+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{raftlog}", + "kind": "Pod", + "name": "test-cluster-tikv-1", + "namespace": "acto-namespace", + "resource_version": "1174", + "uid": "fe7fca3f-2c5a-406e-856b-3b0bec9e4bfc" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:25+00:00", + "message": "Created container raftlog", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:25+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:reportingInstance": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:25+00:00" + } + ], + "name": "test-cluster-tikv-1.17b7938ef601720d", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1207", + "self_link": null, + "uid": "d32f74d7-cb1c-4120-84cb-c3a3cce1bfac" + }, + "reason": "Created", + "related": null, + "reporting_component": "kubelet", + "reporting_instance": "acto-0-cluster-0-worker", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:25+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{raftlog}", + "kind": "Pod", + "name": "test-cluster-tikv-1", + "namespace": "acto-namespace", + "resource_version": "1174", + "uid": "fe7fca3f-2c5a-406e-856b-3b0bec9e4bfc" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:25+00:00", + "message": "Started container raftlog", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:25+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:reportingInstance": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:25+00:00" + } + ], + "name": "test-cluster-tikv-1.17b7938efb2c6424", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1209", + "self_link": null, + "uid": "96ecec4f-90df-4372-a6d4-76db6acba939" + }, + "reason": "Started", + "related": null, + "reporting_component": "kubelet", + "reporting_instance": "acto-0-cluster-0-worker", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:25+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{tikv}", + "kind": "Pod", + "name": "test-cluster-tikv-1", + "namespace": "acto-namespace", + "resource_version": "1174", + "uid": "fe7fca3f-2c5a-406e-856b-3b0bec9e4bfc" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:25+00:00", + "message": "Container image \"pingcap/tikv:v5.4.0\" already present on machine", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:25+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:reportingInstance": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:25+00:00" + } + ], + "name": "test-cluster-tikv-1.17b7938efb32e67b", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1211", + "self_link": null, + "uid": "41a8db24-c0ed-4148-ae38-d10208560d2a" + }, + "reason": "Pulled", + "related": null, + "reporting_component": "kubelet", + "reporting_instance": "acto-0-cluster-0-worker", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:25+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{tikv}", + "kind": "Pod", + "name": "test-cluster-tikv-1", + "namespace": "acto-namespace", + "resource_version": "1174", + "uid": "fe7fca3f-2c5a-406e-856b-3b0bec9e4bfc" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:25+00:00", + "message": "Created container tikv", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:25+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:reportingInstance": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:25+00:00" + } + ], + "name": "test-cluster-tikv-1.17b7938efc6dbba0", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1214", + "self_link": null, + "uid": "113e1a56-a068-4b14-b752-8a245cfe80d7" + }, + "reason": "Created", + "related": null, + "reporting_component": "kubelet", + "reporting_instance": "acto-0-cluster-0-worker", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:26+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{tikv}", + "kind": "Pod", + "name": "test-cluster-tikv-1", + "namespace": "acto-namespace", + "resource_version": "1174", + "uid": "fe7fca3f-2c5a-406e-856b-3b0bec9e4bfc" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:26+00:00", + "message": "Started container tikv", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:26+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:reportingInstance": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:26+00:00" + } + ], + "name": "test-cluster-tikv-1.17b7938f018bf99b", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1216", + "self_link": null, + "uid": "10bfc8b3-c943-4a18-93f2-20fe5254fb0c" + }, + "reason": "Started", + "related": null, + "reporting_component": "kubelet", + "reporting_instance": "acto-0-cluster-0-worker", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:25+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "Pod", + "name": "test-cluster-tikv-2", + "namespace": "acto-namespace", + "resource_version": "1105", + "uid": "15df53c3-220b-48c9-82e6-5bde9ad0ef90" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:25+00:00", + "message": "Successfully assigned acto-namespace/test-cluster-tikv-2 to acto-0-cluster-0-worker3", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:25+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-scheduler", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:25+00:00" + } + ], + "name": "test-cluster-tikv-2.17b7938eda505013", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1177", + "self_link": null, + "uid": "0fd091de-ad3c-4af8-9a8b-c6fb8e720321" + }, + "reason": "Scheduled", + "related": null, + "reporting_component": "default-scheduler", + "reporting_instance": "", + "series": null, + "source": { + "component": "default-scheduler", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:25+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{raftlog}", + "kind": "Pod", + "name": "test-cluster-tikv-2", + "namespace": "acto-namespace", + "resource_version": "1175", + "uid": "15df53c3-220b-48c9-82e6-5bde9ad0ef90" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:25+00:00", + "message": "Container image \"busybox:1.34.1\" already present on machine", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:25+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:reportingInstance": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:25+00:00" + } + ], + "name": "test-cluster-tikv-2.17b7938ef4f1c233", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1204", + "self_link": null, + "uid": "9732e420-9792-4c51-b55c-d7a2e738ff0c" + }, + "reason": "Pulled", + "related": null, + "reporting_component": "kubelet", + "reporting_instance": "acto-0-cluster-0-worker3", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker3" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:25+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{raftlog}", + "kind": "Pod", + "name": "test-cluster-tikv-2", + "namespace": "acto-namespace", + "resource_version": "1175", + "uid": "15df53c3-220b-48c9-82e6-5bde9ad0ef90" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:25+00:00", + "message": "Created container raftlog", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:25+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:reportingInstance": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:25+00:00" + } + ], + "name": "test-cluster-tikv-2.17b7938ef6014ea5", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1206", + "self_link": null, + "uid": "e0710cfd-0271-4af7-8b1d-14fb8e605fbd" + }, + "reason": "Created", + "related": null, + "reporting_component": "kubelet", + "reporting_instance": "acto-0-cluster-0-worker3", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker3" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:25+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{raftlog}", + "kind": "Pod", + "name": "test-cluster-tikv-2", + "namespace": "acto-namespace", + "resource_version": "1175", + "uid": "15df53c3-220b-48c9-82e6-5bde9ad0ef90" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:25+00:00", + "message": "Started container raftlog", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:25+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:reportingInstance": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:25+00:00" + } + ], + "name": "test-cluster-tikv-2.17b7938efb2d54d4", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1210", + "self_link": null, + "uid": "ff6663bc-a414-42ac-bf11-f1bdc29b68e8" + }, + "reason": "Started", + "related": null, + "reporting_component": "kubelet", + "reporting_instance": "acto-0-cluster-0-worker3", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker3" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:25+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{tikv}", + "kind": "Pod", + "name": "test-cluster-tikv-2", + "namespace": "acto-namespace", + "resource_version": "1175", + "uid": "15df53c3-220b-48c9-82e6-5bde9ad0ef90" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:25+00:00", + "message": "Container image \"pingcap/tikv:v5.4.0\" already present on machine", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:25+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:reportingInstance": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:25+00:00" + } + ], + "name": "test-cluster-tikv-2.17b7938efb369687", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1212", + "self_link": null, + "uid": "e38f9d00-6f20-4214-93d3-1ddb141799ff" + }, + "reason": "Pulled", + "related": null, + "reporting_component": "kubelet", + "reporting_instance": "acto-0-cluster-0-worker3", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker3" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:25+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{tikv}", + "kind": "Pod", + "name": "test-cluster-tikv-2", + "namespace": "acto-namespace", + "resource_version": "1175", + "uid": "15df53c3-220b-48c9-82e6-5bde9ad0ef90" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:25+00:00", + "message": "Created container tikv", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:25+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:reportingInstance": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:25+00:00" + } + ], + "name": "test-cluster-tikv-2.17b7938efc5fdae4", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1213", + "self_link": null, + "uid": "e0c8c664-847b-4136-af74-b46d13981566" + }, + "reason": "Created", + "related": null, + "reporting_component": "kubelet", + "reporting_instance": "acto-0-cluster-0-worker3", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker3" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:26+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{tikv}", + "kind": "Pod", + "name": "test-cluster-tikv-2", + "namespace": "acto-namespace", + "resource_version": "1175", + "uid": "15df53c3-220b-48c9-82e6-5bde9ad0ef90" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:26+00:00", + "message": "Started container tikv", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:26+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:reportingInstance": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:26+00:00" + } + ], + "name": "test-cluster-tikv-2.17b7938f019c65a4", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1217", + "self_link": null, + "uid": "09f60d89-5169-4f60-b47d-ca02bc3cced1" + }, + "reason": "Started", + "related": null, + "reporting_component": "kubelet", + "reporting_instance": "acto-0-cluster-0-worker3", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker3" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:22+00:00", + "involved_object": { + "api_version": "apps/v1", + "field_path": null, + "kind": "StatefulSet", + "name": "test-cluster-tikv", + "namespace": "acto-namespace", + "resource_version": "1089", + "uid": "0ef3c69e-a6cc-4a35-915f-a63fca1b67f8" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:22+00:00", + "message": "create Claim tikv-test-cluster-tikv-0 Pod test-cluster-tikv-0 in StatefulSet test-cluster-tikv success", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:22+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:22+00:00" + } + ], + "name": "test-cluster-tikv.17b7938e26093aff", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1094", + "self_link": null, + "uid": "77a320ca-9a8c-4f97-a049-c2645f731417" + }, + "reason": "SuccessfulCreate", + "related": null, + "reporting_component": "statefulset-controller", + "reporting_instance": "", + "series": null, + "source": { + "component": "statefulset-controller", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:22+00:00", + "involved_object": { + "api_version": "apps/v1", + "field_path": null, + "kind": "StatefulSet", + "name": "test-cluster-tikv", + "namespace": "acto-namespace", + "resource_version": "1089", + "uid": "0ef3c69e-a6cc-4a35-915f-a63fca1b67f8" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:22+00:00", + "message": "create Pod test-cluster-tikv-0 in StatefulSet test-cluster-tikv successful", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:22+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:22+00:00" + } + ], + "name": "test-cluster-tikv.17b7938e263a792c", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1098", + "self_link": null, + "uid": "1dc470e2-ec1d-4950-a26f-76ac7fbc0197" + }, + "reason": "SuccessfulCreate", + "related": null, + "reporting_component": "statefulset-controller", + "reporting_instance": "", + "series": null, + "source": { + "component": "statefulset-controller", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:22+00:00", + "involved_object": { + "api_version": "apps/v1", + "field_path": null, + "kind": "StatefulSet", + "name": "test-cluster-tikv", + "namespace": "acto-namespace", + "resource_version": "1089", + "uid": "0ef3c69e-a6cc-4a35-915f-a63fca1b67f8" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:22+00:00", + "message": "create Claim tikv-test-cluster-tikv-2 Pod test-cluster-tikv-2 in StatefulSet test-cluster-tikv success", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:22+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:22+00:00" + } + ], + "name": "test-cluster-tikv.17b7938e266aaaf6", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1102", + "self_link": null, + "uid": "e8ef4fe5-2487-4b40-8256-1885a3174bf3" + }, + "reason": "SuccessfulCreate", + "related": null, + "reporting_component": "statefulset-controller", + "reporting_instance": "", + "series": null, + "source": { + "component": "statefulset-controller", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:22+00:00", + "involved_object": { + "api_version": "apps/v1", + "field_path": null, + "kind": "StatefulSet", + "name": "test-cluster-tikv", + "namespace": "acto-namespace", + "resource_version": "1089", + "uid": "0ef3c69e-a6cc-4a35-915f-a63fca1b67f8" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:22+00:00", + "message": "create Claim tikv-test-cluster-tikv-1 Pod test-cluster-tikv-1 in StatefulSet test-cluster-tikv success", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:22+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:22+00:00" + } + ], + "name": "test-cluster-tikv.17b7938e266ae1e0", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1107", + "self_link": null, + "uid": "1958e536-4c54-4571-a229-b5e5c3af998c" + }, + "reason": "SuccessfulCreate", + "related": null, + "reporting_component": "statefulset-controller", + "reporting_instance": "", + "series": null, + "source": { + "component": "statefulset-controller", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:22+00:00", + "involved_object": { + "api_version": "apps/v1", + "field_path": null, + "kind": "StatefulSet", + "name": "test-cluster-tikv", + "namespace": "acto-namespace", + "resource_version": "1089", + "uid": "0ef3c69e-a6cc-4a35-915f-a63fca1b67f8" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:22+00:00", + "message": "create Pod test-cluster-tikv-1 in StatefulSet test-cluster-tikv successful", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:22+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:22+00:00" + } + ], + "name": "test-cluster-tikv.17b7938e26e2599d", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1112", + "self_link": null, + "uid": "4e0f202a-3c2e-473d-a8c3-c63bc5675d86" + }, + "reason": "SuccessfulCreate", + "related": null, + "reporting_component": "statefulset-controller", + "reporting_instance": "", + "series": null, + "source": { + "component": "statefulset-controller", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:22+00:00", + "involved_object": { + "api_version": "apps/v1", + "field_path": null, + "kind": "StatefulSet", + "name": "test-cluster-tikv", + "namespace": "acto-namespace", + "resource_version": "1089", + "uid": "0ef3c69e-a6cc-4a35-915f-a63fca1b67f8" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:22+00:00", + "message": "create Pod test-cluster-tikv-2 in StatefulSet test-cluster-tikv successful", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:22+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:22+00:00" + } + ], + "name": "test-cluster-tikv.17b7938e26ef465d", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1116", + "self_link": null, + "uid": "97bce85e-b38b-4e06-9c31-4e6daec7f789" + }, + "reason": "SuccessfulCreate", + "related": null, + "reporting_component": "statefulset-controller", + "reporting_instance": "", + "series": null, + "source": { + "component": "statefulset-controller", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:19:59+00:00", + "involved_object": { + "api_version": "pingcap.com/v1alpha1", + "field_path": null, + "kind": "TidbCluster", + "name": "test-cluster", + "namespace": "acto-namespace", + "resource_version": "847", + "uid": "eff6561e-bf0d-471c-99a1-71f35603bc87" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:19:59+00:00", + "message": "create Role/test-cluster-discovery for controller TidbCluster/test-cluster successfully", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:19:59+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "tidb-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:59+00:00" + } + ], + "name": "test-cluster.17b79388e6fe1841", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "850", + "self_link": null, + "uid": "d1153126-7b8a-4905-9a2a-18f4f006157d" + }, + "reason": "Successfully Create", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "tidb-controller-manager", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:19:59+00:00", + "involved_object": { + "api_version": "pingcap.com/v1alpha1", + "field_path": null, + "kind": "TidbCluster", + "name": "test-cluster", + "namespace": "acto-namespace", + "resource_version": "847", + "uid": "eff6561e-bf0d-471c-99a1-71f35603bc87" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:19:59+00:00", + "message": "create ServiceAccount/test-cluster-discovery for controller TidbCluster/test-cluster successfully", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:19:59+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "tidb-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:59+00:00" + } + ], + "name": "test-cluster.17b79388e72b4b95", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "851", + "self_link": null, + "uid": "d9f054b1-5798-4859-b3ee-b5c986acb40f" + }, + "reason": "Successfully Create", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "tidb-controller-manager", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:19:59+00:00", + "involved_object": { + "api_version": "pingcap.com/v1alpha1", + "field_path": null, + "kind": "TidbCluster", + "name": "test-cluster", + "namespace": "acto-namespace", + "resource_version": "847", + "uid": "eff6561e-bf0d-471c-99a1-71f35603bc87" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:19:59+00:00", + "message": "create RoleBinding/test-cluster-discovery for controller TidbCluster/test-cluster successfully", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:19:59+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "tidb-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:59+00:00" + } + ], + "name": "test-cluster.17b79388e7c2be3c", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "853", + "self_link": null, + "uid": "4ed8ddb4-b194-4db7-8959-e5358e822d8d" + }, + "reason": "Successfully Create", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "tidb-controller-manager", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:19:59+00:00", + "involved_object": { + "api_version": "pingcap.com/v1alpha1", + "field_path": null, + "kind": "TidbCluster", + "name": "test-cluster", + "namespace": "acto-namespace", + "resource_version": "847", + "uid": "eff6561e-bf0d-471c-99a1-71f35603bc87" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:19:59+00:00", + "message": "create Deployment/test-cluster-discovery for controller TidbCluster/test-cluster successfully", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:19:59+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "tidb-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:59+00:00" + } + ], + "name": "test-cluster.17b79388e80b74bc", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "855", + "self_link": null, + "uid": "056cfa64-e9c0-47e1-8e2a-53390fa15cbe" + }, + "reason": "Successfully Create", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "tidb-controller-manager", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:19:59+00:00", + "involved_object": { + "api_version": "pingcap.com/v1alpha1", + "field_path": null, + "kind": "TidbCluster", + "name": "test-cluster", + "namespace": "acto-namespace", + "resource_version": "847", + "uid": "eff6561e-bf0d-471c-99a1-71f35603bc87" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:19:59+00:00", + "message": "create Service/test-cluster-discovery for controller TidbCluster/test-cluster successfully", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:19:59+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "tidb-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:59+00:00" + } + ], + "name": "test-cluster.17b79388e88f80ac", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "861", + "self_link": null, + "uid": "8f877bf5-4025-476a-bff6-eaf3bfab14fb" + }, + "reason": "Successfully Create", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "tidb-controller-manager", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:19:59+00:00", + "involved_object": { + "api_version": "pingcap.com/v1alpha1", + "field_path": null, + "kind": "TidbCluster", + "name": "test-cluster", + "namespace": "acto-namespace", + "resource_version": "847", + "uid": "eff6561e-bf0d-471c-99a1-71f35603bc87" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:19:59+00:00", + "message": "create Service test-cluster-pd in test-cluster successful", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:19:59+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "tidb-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:59+00:00" + } + ], + "name": "test-cluster.17b79388e9d43701", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "874", + "self_link": null, + "uid": "8cd414ea-06a7-41f4-a4a5-4a89d9f4455b" + }, + "reason": "SuccessfulCreate", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "tidb-controller-manager", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:19:59+00:00", + "involved_object": { + "api_version": "pingcap.com/v1alpha1", + "field_path": null, + "kind": "TidbCluster", + "name": "test-cluster", + "namespace": "acto-namespace", + "resource_version": "847", + "uid": "eff6561e-bf0d-471c-99a1-71f35603bc87" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:19:59+00:00", + "message": "create Service test-cluster-pd-peer in test-cluster successful", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:19:59+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "tidb-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:59+00:00" + } + ], + "name": "test-cluster.17b79388ea6c9b18", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "879", + "self_link": null, + "uid": "7a3fbfcc-9b78-433d-b846-bf8ddd889320" + }, + "reason": "SuccessfulCreate", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "tidb-controller-manager", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:19:59+00:00", + "involved_object": { + "api_version": "pingcap.com/v1alpha1", + "field_path": null, + "kind": "TidbCluster", + "name": "test-cluster", + "namespace": "acto-namespace", + "resource_version": "847", + "uid": "eff6561e-bf0d-471c-99a1-71f35603bc87" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:19:59+00:00", + "message": "create ConfigMap/test-cluster-pd-3731616 for controller TidbCluster/test-cluster successfully", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:19:59+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "tidb-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:59+00:00" + } + ], + "name": "test-cluster.17b79388eae13d40", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "880", + "self_link": null, + "uid": "f1922fb7-999a-447a-a263-41237abd9edb" + }, + "reason": "Successfully Create", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "tidb-controller-manager", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:19:59+00:00", + "involved_object": { + "api_version": "pingcap.com/v1alpha1", + "field_path": null, + "kind": "TidbCluster", + "name": "test-cluster", + "namespace": "acto-namespace", + "resource_version": "847", + "uid": "eff6561e-bf0d-471c-99a1-71f35603bc87" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:19:59+00:00", + "message": "create StatefulSet test-cluster-pd in test-cluster successful", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:00+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "tidb-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:00+00:00" + } + ], + "name": "test-cluster.17b79388eb7661c1", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "929", + "self_link": null, + "uid": "f257f95f-cb87-4d88-a892-22d2dcf6aa60" + }, + "reason": "SuccessfulCreate", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "tidb-controller-manager", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:04+00:00", + "involved_object": { + "api_version": "pingcap.com/v1alpha1", + "field_path": null, + "kind": "TidbCluster", + "name": "test-cluster", + "namespace": "acto-namespace", + "resource_version": "930", + "uid": "eff6561e-bf0d-471c-99a1-71f35603bc87" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:04+00:00", + "message": "patch PV pvc-4ca5c277-cce5-49c9-8693-75ec1a7ef074 in TidbCluster test-cluster successful", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:04+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "tidb-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:04+00:00" + } + ], + "name": "test-cluster.17b7938a00a53dfc", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1015", + "self_link": null, + "uid": "4f05f19b-51a0-41a5-b8d3-42010ccfda5b" + }, + "reason": "SuccessfulPatch", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "tidb-controller-manager", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:04+00:00", + "involved_object": { + "api_version": "pingcap.com/v1alpha1", + "field_path": null, + "kind": "TidbCluster", + "name": "test-cluster", + "namespace": "acto-namespace", + "resource_version": "930", + "uid": "eff6561e-bf0d-471c-99a1-71f35603bc87" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:04+00:00", + "message": "patch PV pvc-6e74bcf6-9557-43e9-975d-c258e0774be5 in TidbCluster test-cluster successful", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:04+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "tidb-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:04+00:00" + } + ], + "name": "test-cluster.17b7938a00e9c1bf", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1018", + "self_link": null, + "uid": "86f0e3a9-67c0-4709-b87e-7fde20e1068e" + }, + "reason": "SuccessfulPatch", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "tidb-controller-manager", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:04+00:00", + "involved_object": { + "api_version": "pingcap.com/v1alpha1", + "field_path": null, + "kind": "TidbCluster", + "name": "test-cluster", + "namespace": "acto-namespace", + "resource_version": "930", + "uid": "eff6561e-bf0d-471c-99a1-71f35603bc87" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:04+00:00", + "message": "patch PV pvc-4347573f-2369-4cd1-aa31-97a0edae4ab5 in TidbCluster test-cluster successful", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:04+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "tidb-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:04+00:00" + } + ], + "name": "test-cluster.17b7938a01b33691", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1025", + "self_link": null, + "uid": "332f6656-3f92-4389-812b-7de699cf2ea1" + }, + "reason": "SuccessfulPatch", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "tidb-controller-manager", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:22+00:00", + "involved_object": { + "api_version": "pingcap.com/v1alpha1", + "field_path": null, + "kind": "TidbCluster", + "name": "test-cluster", + "namespace": "acto-namespace", + "resource_version": "1051", + "uid": "eff6561e-bf0d-471c-99a1-71f35603bc87" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:22+00:00", + "message": "create Service test-cluster-tikv-peer in test-cluster successful", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:22+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "tidb-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:22+00:00" + } + ], + "name": "test-cluster.17b7938e2536098f", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1085", + "self_link": null, + "uid": "6614bee4-0758-4cd3-b354-6a20a7bdffe6" + }, + "reason": "SuccessfulCreate", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "tidb-controller-manager", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:22+00:00", + "involved_object": { + "api_version": "pingcap.com/v1alpha1", + "field_path": null, + "kind": "TidbCluster", + "name": "test-cluster", + "namespace": "acto-namespace", + "resource_version": "1051", + "uid": "eff6561e-bf0d-471c-99a1-71f35603bc87" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:22+00:00", + "message": "create ConfigMap/test-cluster-tikv-3831336 for controller TidbCluster/test-cluster successfully", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:22+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "tidb-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:22+00:00" + } + ], + "name": "test-cluster.17b7938e255f3e2e", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1088", + "self_link": null, + "uid": "c75c89a6-d407-4f98-a6c9-56990e9b2db2" + }, + "reason": "Successfully Create", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "tidb-controller-manager", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:22+00:00", + "involved_object": { + "api_version": "pingcap.com/v1alpha1", + "field_path": null, + "kind": "TidbCluster", + "name": "test-cluster", + "namespace": "acto-namespace", + "resource_version": "1051", + "uid": "eff6561e-bf0d-471c-99a1-71f35603bc87" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:22+00:00", + "message": "create StatefulSet test-cluster-tikv in test-cluster successful", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:22+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "tidb-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:22+00:00" + } + ], + "name": "test-cluster.17b7938e25915b5c", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1090", + "self_link": null, + "uid": "326addc5-8efa-43dd-a011-63c6f4aac654" + }, + "reason": "SuccessfulCreate", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "tidb-controller-manager", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:25+00:00", + "involved_object": { + "api_version": "pingcap.com/v1alpha1", + "field_path": null, + "kind": "TidbCluster", + "name": "test-cluster", + "namespace": "acto-namespace", + "resource_version": "1132", + "uid": "eff6561e-bf0d-471c-99a1-71f35603bc87" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:25+00:00", + "message": "patch PV pvc-4c76d8f3-3a67-412e-875b-dae964805d9f in TidbCluster test-cluster successful", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:25+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "tidb-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:25+00:00" + } + ], + "name": "test-cluster.17b7938ee7768479", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1191", + "self_link": null, + "uid": "9089839a-3aae-405a-835e-89055e563b62" + }, + "reason": "SuccessfulPatch", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "tidb-controller-manager", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:25+00:00", + "involved_object": { + "api_version": "pingcap.com/v1alpha1", + "field_path": null, + "kind": "TidbCluster", + "name": "test-cluster", + "namespace": "acto-namespace", + "resource_version": "1132", + "uid": "eff6561e-bf0d-471c-99a1-71f35603bc87" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:25+00:00", + "message": "patch PV pvc-36ffe414-4968-4c09-977a-799a62b46134 in TidbCluster test-cluster successful", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:25+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "tidb-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:25+00:00" + } + ], + "name": "test-cluster.17b7938ee7a92c24", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1193", + "self_link": null, + "uid": "25ad7962-2cd5-4fb1-a7fd-31560c157dff" + }, + "reason": "SuccessfulPatch", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "tidb-controller-manager", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:26+00:00", + "involved_object": { + "api_version": "pingcap.com/v1alpha1", + "field_path": null, + "kind": "TidbCluster", + "name": "test-cluster", + "namespace": "acto-namespace", + "resource_version": "1196", + "uid": "eff6561e-bf0d-471c-99a1-71f35603bc87" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:26+00:00", + "message": "patch PV pvc-c3881bdf-3987-4437-afed-2cce93ffbdf3 in TidbCluster test-cluster successful", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:26+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "tidb-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:26+00:00" + } + ], + "name": "test-cluster.17b7938f192d7eb0", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1227", + "self_link": null, + "uid": "d664759b-d6f1-45e0-b371-a58626ae85f6" + }, + "reason": "SuccessfulPatch", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "tidb-controller-manager", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:52+00:00", + "involved_object": { + "api_version": "pingcap.com/v1alpha1", + "field_path": null, + "kind": "TidbCluster", + "name": "test-cluster", + "namespace": "acto-namespace", + "resource_version": "1276", + "uid": "eff6561e-bf0d-471c-99a1-71f35603bc87" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:52+00:00", + "message": "create Service test-cluster-tidb-peer in test-cluster successful", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:52+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "tidb-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:52+00:00" + } + ], + "name": "test-cluster.17b7939522422f7f", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1328", + "self_link": null, + "uid": "42b87236-9ae6-46c7-ac5a-7c2ded1c2dbf" + }, + "reason": "SuccessfulCreate", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "tidb-controller-manager", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:52+00:00", + "involved_object": { + "api_version": "pingcap.com/v1alpha1", + "field_path": null, + "kind": "TidbCluster", + "name": "test-cluster", + "namespace": "acto-namespace", + "resource_version": "1276", + "uid": "eff6561e-bf0d-471c-99a1-71f35603bc87" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:52+00:00", + "message": "create Service test-cluster-tidb in test-cluster successful", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:52+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "tidb-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:52+00:00" + } + ], + "name": "test-cluster.17b7939522d7ca82", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1335", + "self_link": null, + "uid": "7b1a3adc-4975-46c0-8081-006f50546121" + }, + "reason": "SuccessfulCreate", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "tidb-controller-manager", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:52+00:00", + "involved_object": { + "api_version": "pingcap.com/v1alpha1", + "field_path": null, + "kind": "TidbCluster", + "name": "test-cluster", + "namespace": "acto-namespace", + "resource_version": "1276", + "uid": "eff6561e-bf0d-471c-99a1-71f35603bc87" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:52+00:00", + "message": "create ConfigMap/test-cluster-tidb-6662316 for controller TidbCluster/test-cluster successfully", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:52+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "tidb-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:52+00:00" + } + ], + "name": "test-cluster.17b793952310eb7c", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1336", + "self_link": null, + "uid": "4da22bf8-763d-48d7-b40f-3d971c6b90f2" + }, + "reason": "Successfully Create", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "tidb-controller-manager", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:52+00:00", + "involved_object": { + "api_version": "pingcap.com/v1alpha1", + "field_path": null, + "kind": "TidbCluster", + "name": "test-cluster", + "namespace": "acto-namespace", + "resource_version": "1276", + "uid": "eff6561e-bf0d-471c-99a1-71f35603bc87" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:52+00:00", + "message": "create StatefulSet test-cluster-tidb in test-cluster successful", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:52+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "tidb-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:52+00:00" + } + ], + "name": "test-cluster.17b79395235139f8", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1338", + "self_link": null, + "uid": "690663af-229f-4973-80c8-d08287f45821" + }, + "reason": "SuccessfulCreate", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "tidb-controller-manager", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:19:29+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "Pod", + "name": "tidb-controller-manager-557c4dfc97-7cn54", + "namespace": "acto-namespace", + "resource_version": "683", + "uid": "1b5f4287-9e8f-4dfd-b476-83d117b0f171" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:19:29+00:00", + "message": "Successfully assigned acto-namespace/tidb-controller-manager-557c4dfc97-7cn54 to acto-0-cluster-0-worker3", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:19:29+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-scheduler", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:29+00:00" + } + ], + "name": "tidb-controller-manager-557c4dfc97-7cn54.17b79381c28e1d3e", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "694", + "self_link": null, + "uid": "69b39543-6ac4-474d-97a6-2ffcd89960ae" + }, + "reason": "Scheduled", + "related": null, + "reporting_component": "default-scheduler", + "reporting_instance": "", + "series": null, + "source": { + "component": "default-scheduler", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:19:29+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{tidb-operator}", + "kind": "Pod", + "name": "tidb-controller-manager-557c4dfc97-7cn54", + "namespace": "acto-namespace", + "resource_version": "688", + "uid": "1b5f4287-9e8f-4dfd-b476-83d117b0f171" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:19:29+00:00", + "message": "Container image \"pingcap/tidb-operator:v1.3.2\" already present on machine", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:19:29+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:reportingInstance": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:29+00:00" + } + ], + "name": "tidb-controller-manager-557c4dfc97-7cn54.17b79381f31bf100", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "703", + "self_link": null, + "uid": "bdb1507f-1ef4-43e0-adef-cd025e9d9999" + }, + "reason": "Pulled", + "related": null, + "reporting_component": "kubelet", + "reporting_instance": "acto-0-cluster-0-worker3", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker3" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:19:29+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{tidb-operator}", + "kind": "Pod", + "name": "tidb-controller-manager-557c4dfc97-7cn54", + "namespace": "acto-namespace", + "resource_version": "688", + "uid": "1b5f4287-9e8f-4dfd-b476-83d117b0f171" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:19:29+00:00", + "message": "Created container tidb-operator", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:19:29+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:reportingInstance": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:29+00:00" + } + ], + "name": "tidb-controller-manager-557c4dfc97-7cn54.17b79381f5221b31", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "705", + "self_link": null, + "uid": "eecc9382-c45f-45c1-913e-b1e24feef0ca" + }, + "reason": "Created", + "related": null, + "reporting_component": "kubelet", + "reporting_instance": "acto-0-cluster-0-worker3", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker3" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:19:30+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{tidb-operator}", + "kind": "Pod", + "name": "tidb-controller-manager-557c4dfc97-7cn54", + "namespace": "acto-namespace", + "resource_version": "688", + "uid": "1b5f4287-9e8f-4dfd-b476-83d117b0f171" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:19:30+00:00", + "message": "Started container tidb-operator", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:19:30+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:reportingInstance": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:30+00:00" + } + ], + "name": "tidb-controller-manager-557c4dfc97-7cn54.17b79381fecb40a5", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "707", + "self_link": null, + "uid": "d421a566-e8dd-4edb-a641-45aa286e5dce" + }, + "reason": "Started", + "related": null, + "reporting_component": "kubelet", + "reporting_instance": "acto-0-cluster-0-worker3", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker3" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:19:35+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{tidb-operator}", + "kind": "Pod", + "name": "tidb-controller-manager-557c4dfc97-7cn54", + "namespace": "acto-namespace", + "resource_version": "688", + "uid": "1b5f4287-9e8f-4dfd-b476-83d117b0f171" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:19:35+00:00", + "message": "Stopping container tidb-operator", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:19:35+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:reportingInstance": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:35+00:00" + } + ], + "name": "tidb-controller-manager-557c4dfc97-7cn54.17b793833f242946", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "779", + "self_link": null, + "uid": "30ee6997-c5d1-4e9e-a856-0f69b161d829" + }, + "reason": "Killing", + "related": null, + "reporting_component": "kubelet", + "reporting_instance": "acto-0-cluster-0-worker3", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker3" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:19:29+00:00", + "involved_object": { + "api_version": "apps/v1", + "field_path": null, + "kind": "ReplicaSet", + "name": "tidb-controller-manager-557c4dfc97", + "namespace": "acto-namespace", + "resource_version": "678", + "uid": "9180745c-6c23-4a06-a200-47a31555f8ce" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:19:29+00:00", + "message": "Created pod: tidb-controller-manager-557c4dfc97-7cn54", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:19:29+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:29+00:00" + } + ], + "name": "tidb-controller-manager-557c4dfc97.17b79381c2558677", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "687", + "self_link": null, + "uid": "00f5807c-5093-4833-b382-d1754c3d5297" + }, + "reason": "SuccessfulCreate", + "related": null, + "reporting_component": "replicaset-controller", + "reporting_instance": "", + "series": null, + "source": { + "component": "replicaset-controller", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:19:35+00:00", + "involved_object": { + "api_version": "apps/v1", + "field_path": null, + "kind": "ReplicaSet", + "name": "tidb-controller-manager-557c4dfc97", + "namespace": "acto-namespace", + "resource_version": "774", + "uid": "9180745c-6c23-4a06-a200-47a31555f8ce" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:19:35+00:00", + "message": "Deleted pod: tidb-controller-manager-557c4dfc97-7cn54", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:19:35+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:35+00:00" + } + ], + "name": "tidb-controller-manager-557c4dfc97.17b793833f1f6637", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "778", + "self_link": null, + "uid": "05f1fb77-fe6c-40c0-a01e-2e70869edd5d" + }, + "reason": "SuccessfulDelete", + "related": null, + "reporting_component": "replicaset-controller", + "reporting_instance": "", + "series": null, + "source": { + "component": "replicaset-controller", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:19:34+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "Pod", + "name": "tidb-controller-manager-7b6bdb846c-75s8q", + "namespace": "acto-namespace", + "resource_version": "733", + "uid": "b93e5400-95b9-4849-81cd-5e05969d0494" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:19:34+00:00", + "message": "Successfully assigned acto-namespace/tidb-controller-manager-7b6bdb846c-75s8q to acto-0-cluster-0-worker", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:19:34+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-scheduler", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:34+00:00" + } + ], + "name": "tidb-controller-manager-7b6bdb846c-75s8q.17b79382f0ef9d5d", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "739", + "self_link": null, + "uid": "abb007ec-30c8-44bf-ba8d-ee8d162898fa" + }, + "reason": "Scheduled", + "related": null, + "reporting_component": "default-scheduler", + "reporting_instance": "", + "series": null, + "source": { + "component": "default-scheduler", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:19:34+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{tidb-operator}", + "kind": "Pod", + "name": "tidb-controller-manager-7b6bdb846c-75s8q", + "namespace": "acto-namespace", + "resource_version": "736", + "uid": "b93e5400-95b9-4849-81cd-5e05969d0494" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:19:34+00:00", + "message": "Container image \"pingcap/tidb-operator:v1.3.2\" already present on machine", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:19:34+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:reportingInstance": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:34+00:00" + } + ], + "name": "tidb-controller-manager-7b6bdb846c-75s8q.17b793830dbfd9db", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "760", + "self_link": null, + "uid": "351f136c-c251-425c-a0d5-198a76e5f8c4" + }, + "reason": "Pulled", + "related": null, + "reporting_component": "kubelet", + "reporting_instance": "acto-0-cluster-0-worker", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:19:34+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{tidb-operator}", + "kind": "Pod", + "name": "tidb-controller-manager-7b6bdb846c-75s8q", + "namespace": "acto-namespace", + "resource_version": "736", + "uid": "b93e5400-95b9-4849-81cd-5e05969d0494" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:19:34+00:00", + "message": "Created container tidb-operator", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:19:34+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:reportingInstance": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:34+00:00" + } + ], + "name": "tidb-controller-manager-7b6bdb846c-75s8q.17b79383103b9d93", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "762", + "self_link": null, + "uid": "189bf675-5df0-4040-8e95-441bf2769244" + }, + "reason": "Created", + "related": null, + "reporting_component": "kubelet", + "reporting_instance": "acto-0-cluster-0-worker", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:19:34+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{tidb-operator}", + "kind": "Pod", + "name": "tidb-controller-manager-7b6bdb846c-75s8q", + "namespace": "acto-namespace", + "resource_version": "736", + "uid": "b93e5400-95b9-4849-81cd-5e05969d0494" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:19:34+00:00", + "message": "Started container tidb-operator", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:19:34+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:reportingInstance": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:34+00:00" + } + ], + "name": "tidb-controller-manager-7b6bdb846c-75s8q.17b7938315b8e0ae", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "764", + "self_link": null, + "uid": "ddad3e10-12d8-4f8d-8402-e9618638303a" + }, + "reason": "Started", + "related": null, + "reporting_component": "kubelet", + "reporting_instance": "acto-0-cluster-0-worker", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:19:34+00:00", + "involved_object": { + "api_version": "apps/v1", + "field_path": null, + "kind": "ReplicaSet", + "name": "tidb-controller-manager-7b6bdb846c", + "namespace": "acto-namespace", + "resource_version": "730", + "uid": "bb205349-db16-4be3-a580-837c95106a43" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:19:34+00:00", + "message": "Created pod: tidb-controller-manager-7b6bdb846c-75s8q", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:19:34+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:34+00:00" + } + ], + "name": "tidb-controller-manager-7b6bdb846c.17b79382f0b85ff8", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "735", + "self_link": null, + "uid": "438f5cb3-56de-4997-aaa9-1a2bdd39ee57" + }, + "reason": "SuccessfulCreate", + "related": null, + "reporting_component": "replicaset-controller", + "reporting_instance": "", + "series": null, + "source": { + "component": "replicaset-controller", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:19:29+00:00", + "involved_object": { + "api_version": "apps/v1", + "field_path": null, + "kind": "Deployment", + "name": "tidb-controller-manager", + "namespace": "acto-namespace", + "resource_version": "677", + "uid": "9c9a1175-4094-401b-b70a-d6cf986e73ea" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:19:29+00:00", + "message": "Scaled up replica set tidb-controller-manager-557c4dfc97 to 1", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:19:29+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:29+00:00" + } + ], + "name": "tidb-controller-manager.17b79381c2020862", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "680", + "self_link": null, + "uid": "8c975d09-3a93-447f-a68d-a1750538a27c" + }, + "reason": "ScalingReplicaSet", + "related": null, + "reporting_component": "deployment-controller", + "reporting_instance": "", + "series": null, + "source": { + "component": "deployment-controller", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:19:34+00:00", + "involved_object": { + "api_version": "apps/v1", + "field_path": null, + "kind": "Deployment", + "name": "tidb-controller-manager", + "namespace": "acto-namespace", + "resource_version": "729", + "uid": "9c9a1175-4094-401b-b70a-d6cf986e73ea" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:19:34+00:00", + "message": "Scaled up replica set tidb-controller-manager-7b6bdb846c to 1", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:19:34+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:34+00:00" + } + ], + "name": "tidb-controller-manager.17b79382f089349d", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "732", + "self_link": null, + "uid": "77e5954f-a6cd-4bbe-ada7-a4ae06c953fe" + }, + "reason": "ScalingReplicaSet", + "related": null, + "reporting_component": "deployment-controller", + "reporting_instance": "", + "series": null, + "source": { + "component": "deployment-controller", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:19:35+00:00", + "involved_object": { + "api_version": "apps/v1", + "field_path": null, + "kind": "Deployment", + "name": "tidb-controller-manager", + "namespace": "acto-namespace", + "resource_version": "745", + "uid": "9c9a1175-4094-401b-b70a-d6cf986e73ea" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:19:35+00:00", + "message": "Scaled down replica set tidb-controller-manager-557c4dfc97 to 0 from 1", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:19:35+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:35+00:00" + } + ], + "name": "tidb-controller-manager.17b793833ee02683", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "775", + "self_link": null, + "uid": "dc4f188e-ae44-4d36-8be6-1d6b8b4637f4" + }, + "reason": "ScalingReplicaSet", + "related": null, + "reporting_component": "deployment-controller", + "reporting_instance": "", + "series": null, + "source": { + "component": "deployment-controller", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:19:34+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "Pod", + "name": "tidb-scheduler-77874455fc-dxfhz", + "namespace": "acto-namespace", + "resource_version": "746", + "uid": "b5ef8809-da58-498b-8b27-4d7f2c32a074" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:19:34+00:00", + "message": "Successfully assigned acto-namespace/tidb-scheduler-77874455fc-dxfhz to acto-0-cluster-0-worker3", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:19:34+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-scheduler", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:34+00:00" + } + ], + "name": "tidb-scheduler-77874455fc-dxfhz.17b79382f1bab450", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "751", + "self_link": null, + "uid": "76105014-dc43-4da9-837f-63321a24daf4" + }, + "reason": "Scheduled", + "related": null, + "reporting_component": "default-scheduler", + "reporting_instance": "", + "series": null, + "source": { + "component": "default-scheduler", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:19:34+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{tidb-scheduler}", + "kind": "Pod", + "name": "tidb-scheduler-77874455fc-dxfhz", + "namespace": "acto-namespace", + "resource_version": "749", + "uid": "b5ef8809-da58-498b-8b27-4d7f2c32a074" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:19:34+00:00", + "message": "Container image \"pingcap/tidb-operator:v1.3.2\" already present on machine", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:19:34+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:reportingInstance": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:34+00:00" + } + ], + "name": "tidb-scheduler-77874455fc-dxfhz.17b793830d91d436", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "759", + "self_link": null, + "uid": "df3dc8ab-add8-4fcb-8251-1e7b66c0f09f" + }, + "reason": "Pulled", + "related": null, + "reporting_component": "kubelet", + "reporting_instance": "acto-0-cluster-0-worker3", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker3" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:19:34+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{tidb-scheduler}", + "kind": "Pod", + "name": "tidb-scheduler-77874455fc-dxfhz", + "namespace": "acto-namespace", + "resource_version": "749", + "uid": "b5ef8809-da58-498b-8b27-4d7f2c32a074" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:19:34+00:00", + "message": "Created container tidb-scheduler", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:19:34+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:reportingInstance": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:34+00:00" + } + ], + "name": "tidb-scheduler-77874455fc-dxfhz.17b7938310187511", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "761", + "self_link": null, + "uid": "3563840d-22c3-4d0b-b94d-134320807e14" + }, + "reason": "Created", + "related": null, + "reporting_component": "kubelet", + "reporting_instance": "acto-0-cluster-0-worker3", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker3" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:19:34+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{tidb-scheduler}", + "kind": "Pod", + "name": "tidb-scheduler-77874455fc-dxfhz", + "namespace": "acto-namespace", + "resource_version": "749", + "uid": "b5ef8809-da58-498b-8b27-4d7f2c32a074" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:19:34+00:00", + "message": "Started container tidb-scheduler", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:19:34+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:reportingInstance": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:34+00:00" + } + ], + "name": "tidb-scheduler-77874455fc-dxfhz.17b7938318eabb82", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "765", + "self_link": null, + "uid": "c4fb5270-327b-4d1a-af07-c21b490be25a" + }, + "reason": "Started", + "related": null, + "reporting_component": "kubelet", + "reporting_instance": "acto-0-cluster-0-worker3", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker3" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:19:34+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{kube-scheduler}", + "kind": "Pod", + "name": "tidb-scheduler-77874455fc-dxfhz", + "namespace": "acto-namespace", + "resource_version": "749", + "uid": "b5ef8809-da58-498b-8b27-4d7f2c32a074" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:19:34+00:00", + "message": "Pulling image \"k8s.gcr.io/kube-scheduler:v1.22.9\"", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:19:34+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:reportingInstance": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:34+00:00" + } + ], + "name": "tidb-scheduler-77874455fc-dxfhz.17b7938318f2ca88", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "766", + "self_link": null, + "uid": "10a53c7a-7c7e-4a6d-a9d5-80392239ad02" + }, + "reason": "Pulling", + "related": null, + "reporting_component": "kubelet", + "reporting_instance": "acto-0-cluster-0-worker3", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker3" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:19:36+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{kube-scheduler}", + "kind": "Pod", + "name": "tidb-scheduler-77874455fc-dxfhz", + "namespace": "acto-namespace", + "resource_version": "749", + "uid": "b5ef8809-da58-498b-8b27-4d7f2c32a074" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:19:36+00:00", + "message": "Successfully pulled image \"k8s.gcr.io/kube-scheduler:v1.22.9\" in 1.455s (1.455s including waiting)", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:19:36+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:reportingInstance": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:36+00:00" + } + ], + "name": "tidb-scheduler-77874455fc-dxfhz.17b793836fad6d59", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "784", + "self_link": null, + "uid": "601a8526-4199-4231-a569-ec42d57166c2" + }, + "reason": "Pulled", + "related": null, + "reporting_component": "kubelet", + "reporting_instance": "acto-0-cluster-0-worker3", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker3" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:19:36+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{kube-scheduler}", + "kind": "Pod", + "name": "tidb-scheduler-77874455fc-dxfhz", + "namespace": "acto-namespace", + "resource_version": "749", + "uid": "b5ef8809-da58-498b-8b27-4d7f2c32a074" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:19:36+00:00", + "message": "Created container kube-scheduler", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:19:36+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:reportingInstance": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:36+00:00" + } + ], + "name": "tidb-scheduler-77874455fc-dxfhz.17b7938370ac20c5", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "786", + "self_link": null, + "uid": "23293e52-71f2-4aba-ba42-803e422c5e73" + }, + "reason": "Created", + "related": null, + "reporting_component": "kubelet", + "reporting_instance": "acto-0-cluster-0-worker3", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker3" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:19:36+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{kube-scheduler}", + "kind": "Pod", + "name": "tidb-scheduler-77874455fc-dxfhz", + "namespace": "acto-namespace", + "resource_version": "749", + "uid": "b5ef8809-da58-498b-8b27-4d7f2c32a074" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:19:36+00:00", + "message": "Started container kube-scheduler", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:19:36+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:reportingInstance": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:36+00:00" + } + ], + "name": "tidb-scheduler-77874455fc-dxfhz.17b7938376bc6e76", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "787", + "self_link": null, + "uid": "83973356-a659-4c38-8c6d-9a447f166c92" + }, + "reason": "Started", + "related": null, + "reporting_component": "kubelet", + "reporting_instance": "acto-0-cluster-0-worker3", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker3" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:19:34+00:00", + "involved_object": { + "api_version": "apps/v1", + "field_path": null, + "kind": "ReplicaSet", + "name": "tidb-scheduler-77874455fc", + "namespace": "acto-namespace", + "resource_version": "742", + "uid": "c9b2667a-583a-46ba-9e81-967fa44bd897" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:19:34+00:00", + "message": "Created pod: tidb-scheduler-77874455fc-dxfhz", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:19:34+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:34+00:00" + } + ], + "name": "tidb-scheduler-77874455fc.17b79382f17cefc8", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "748", + "self_link": null, + "uid": "b2e2b420-148c-41ac-8439-7136dd7f8ed1" + }, + "reason": "SuccessfulCreate", + "related": null, + "reporting_component": "replicaset-controller", + "reporting_instance": "", + "series": null, + "source": { + "component": "replicaset-controller", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:19:29+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "Pod", + "name": "tidb-scheduler-9cbd6945f-8qz6m", + "namespace": "acto-namespace", + "resource_version": "685", + "uid": "a50b4b85-3b9b-4858-9bf7-36c17086b4f9" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:19:29+00:00", + "message": "Successfully assigned acto-namespace/tidb-scheduler-9cbd6945f-8qz6m to acto-0-cluster-0-worker2", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:19:29+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-scheduler", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:29+00:00" + } + ], + "name": "tidb-scheduler-9cbd6945f-8qz6m.17b79381c2aeebc2", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "698", + "self_link": null, + "uid": "081dfeb2-aba1-401b-9113-ba441134f1cc" + }, + "reason": "Scheduled", + "related": null, + "reporting_component": "default-scheduler", + "reporting_instance": "", + "series": null, + "source": { + "component": "default-scheduler", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:19:29+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{tidb-scheduler}", + "kind": "Pod", + "name": "tidb-scheduler-9cbd6945f-8qz6m", + "namespace": "acto-namespace", + "resource_version": "692", + "uid": "a50b4b85-3b9b-4858-9bf7-36c17086b4f9" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:19:29+00:00", + "message": "Container image \"pingcap/tidb-operator:v1.3.2\" already present on machine", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:19:29+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:reportingInstance": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:29+00:00" + } + ], + "name": "tidb-scheduler-9cbd6945f-8qz6m.17b79381f329a917", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "704", + "self_link": null, + "uid": "80e38923-172c-4048-bdff-743580034687" + }, + "reason": "Pulled", + "related": null, + "reporting_component": "kubelet", + "reporting_instance": "acto-0-cluster-0-worker2", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker2" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:19:29+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{tidb-scheduler}", + "kind": "Pod", + "name": "tidb-scheduler-9cbd6945f-8qz6m", + "namespace": "acto-namespace", + "resource_version": "692", + "uid": "a50b4b85-3b9b-4858-9bf7-36c17086b4f9" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:19:29+00:00", + "message": "Created container tidb-scheduler", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:19:29+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:reportingInstance": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:29+00:00" + } + ], + "name": "tidb-scheduler-9cbd6945f-8qz6m.17b79381f534e7ac", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "706", + "self_link": null, + "uid": "c34387bc-b1f6-4183-89e0-52dd5b64663f" + }, + "reason": "Created", + "related": null, + "reporting_component": "kubelet", + "reporting_instance": "acto-0-cluster-0-worker2", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker2" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:19:30+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{tidb-scheduler}", + "kind": "Pod", + "name": "tidb-scheduler-9cbd6945f-8qz6m", + "namespace": "acto-namespace", + "resource_version": "692", + "uid": "a50b4b85-3b9b-4858-9bf7-36c17086b4f9" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:19:30+00:00", + "message": "Started container tidb-scheduler", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:19:30+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:reportingInstance": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:30+00:00" + } + ], + "name": "tidb-scheduler-9cbd6945f-8qz6m.17b79381fedf92fb", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "708", + "self_link": null, + "uid": "28676b59-cf5d-4b20-b3b9-0b1c12a57deb" + }, + "reason": "Started", + "related": null, + "reporting_component": "kubelet", + "reporting_instance": "acto-0-cluster-0-worker2", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker2" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:19:30+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{kube-scheduler}", + "kind": "Pod", + "name": "tidb-scheduler-9cbd6945f-8qz6m", + "namespace": "acto-namespace", + "resource_version": "692", + "uid": "a50b4b85-3b9b-4858-9bf7-36c17086b4f9" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:19:30+00:00", + "message": "Pulling image \"k8s.gcr.io/kube-scheduler:v1.22.9\"", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:19:30+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:reportingInstance": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:30+00:00" + } + ], + "name": "tidb-scheduler-9cbd6945f-8qz6m.17b79381feec63af", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "709", + "self_link": null, + "uid": "470165b6-c4b9-4dff-a92f-4eab2e11ba16" + }, + "reason": "Pulling", + "related": null, + "reporting_component": "kubelet", + "reporting_instance": "acto-0-cluster-0-worker2", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker2" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:19:31+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{kube-scheduler}", + "kind": "Pod", + "name": "tidb-scheduler-9cbd6945f-8qz6m", + "namespace": "acto-namespace", + "resource_version": "692", + "uid": "a50b4b85-3b9b-4858-9bf7-36c17086b4f9" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:19:31+00:00", + "message": "Successfully pulled image \"k8s.gcr.io/kube-scheduler:v1.22.9\" in 1.318s (1.318s including waiting)", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:19:31+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:reportingInstance": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:31+00:00" + } + ], + "name": "tidb-scheduler-9cbd6945f-8qz6m.17b793824d7bc8c6", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "717", + "self_link": null, + "uid": "1387368b-2cf6-4356-bfad-199112e0abc4" + }, + "reason": "Pulled", + "related": null, + "reporting_component": "kubelet", + "reporting_instance": "acto-0-cluster-0-worker2", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker2" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:19:31+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{kube-scheduler}", + "kind": "Pod", + "name": "tidb-scheduler-9cbd6945f-8qz6m", + "namespace": "acto-namespace", + "resource_version": "692", + "uid": "a50b4b85-3b9b-4858-9bf7-36c17086b4f9" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:19:31+00:00", + "message": "Created container kube-scheduler", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:19:31+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:reportingInstance": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:31+00:00" + } + ], + "name": "tidb-scheduler-9cbd6945f-8qz6m.17b793824e8eae31", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "718", + "self_link": null, + "uid": "d218df26-0c9e-4f80-84ff-6282d7072e35" + }, + "reason": "Created", + "related": null, + "reporting_component": "kubelet", + "reporting_instance": "acto-0-cluster-0-worker2", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker2" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:19:31+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{kube-scheduler}", + "kind": "Pod", + "name": "tidb-scheduler-9cbd6945f-8qz6m", + "namespace": "acto-namespace", + "resource_version": "692", + "uid": "a50b4b85-3b9b-4858-9bf7-36c17086b4f9" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:19:31+00:00", + "message": "Started container kube-scheduler", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:19:31+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:reportingInstance": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:31+00:00" + } + ], + "name": "tidb-scheduler-9cbd6945f-8qz6m.17b7938257e3c299", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "719", + "self_link": null, + "uid": "d488ad29-de1a-4eeb-ab1e-d03803e3379f" + }, + "reason": "Started", + "related": null, + "reporting_component": "kubelet", + "reporting_instance": "acto-0-cluster-0-worker2", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker2" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:19:37+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{tidb-scheduler}", + "kind": "Pod", + "name": "tidb-scheduler-9cbd6945f-8qz6m", + "namespace": "acto-namespace", + "resource_version": "692", + "uid": "a50b4b85-3b9b-4858-9bf7-36c17086b4f9" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:19:37+00:00", + "message": "Stopping container tidb-scheduler", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:19:37+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:reportingInstance": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:37+00:00" + } + ], + "name": "tidb-scheduler-9cbd6945f-8qz6m.17b79383ac8e41e0", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "799", + "self_link": null, + "uid": "f04403ab-a7e4-4eda-bdcf-ea4d070f402d" + }, + "reason": "Killing", + "related": null, + "reporting_component": "kubelet", + "reporting_instance": "acto-0-cluster-0-worker2", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker2" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:19:37+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{kube-scheduler}", + "kind": "Pod", + "name": "tidb-scheduler-9cbd6945f-8qz6m", + "namespace": "acto-namespace", + "resource_version": "692", + "uid": "a50b4b85-3b9b-4858-9bf7-36c17086b4f9" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:19:37+00:00", + "message": "Stopping container kube-scheduler", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:19:37+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:reportingInstance": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:37+00:00" + } + ], + "name": "tidb-scheduler-9cbd6945f-8qz6m.17b79383ac8f11c6", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "801", + "self_link": null, + "uid": "af6113a7-3b4d-4a4c-b3f7-c469abf9d11a" + }, + "reason": "Killing", + "related": null, + "reporting_component": "kubelet", + "reporting_instance": "acto-0-cluster-0-worker2", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker2" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:19:29+00:00", + "involved_object": { + "api_version": "apps/v1", + "field_path": null, + "kind": "ReplicaSet", + "name": "tidb-scheduler-9cbd6945f", + "namespace": "acto-namespace", + "resource_version": "682", + "uid": "f692c4ab-ad60-4ebc-a2dc-e0dbbe13e0dc" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:19:29+00:00", + "message": "Created pod: tidb-scheduler-9cbd6945f-8qz6m", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:19:29+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:29+00:00" + } + ], + "name": "tidb-scheduler-9cbd6945f.17b79381c27813d8", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "693", + "self_link": null, + "uid": "f03b16cd-0651-4742-abe7-335db9507fa0" + }, + "reason": "SuccessfulCreate", + "related": null, + "reporting_component": "replicaset-controller", + "reporting_instance": "", + "series": null, + "source": { + "component": "replicaset-controller", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:19:37+00:00", + "involved_object": { + "api_version": "apps/v1", + "field_path": null, + "kind": "ReplicaSet", + "name": "tidb-scheduler-9cbd6945f", + "namespace": "acto-namespace", + "resource_version": "794", + "uid": "f692c4ab-ad60-4ebc-a2dc-e0dbbe13e0dc" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:19:37+00:00", + "message": "Deleted pod: tidb-scheduler-9cbd6945f-8qz6m", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:19:37+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:37+00:00" + } + ], + "name": "tidb-scheduler-9cbd6945f.17b79383ac86ee05", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "800", + "self_link": null, + "uid": "b36f6ad9-bafe-44b8-9a8e-21a260f97113" + }, + "reason": "SuccessfulDelete", + "related": null, + "reporting_component": "replicaset-controller", + "reporting_instance": "", + "series": null, + "source": { + "component": "replicaset-controller", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:19:29+00:00", + "involved_object": { + "api_version": "apps/v1", + "field_path": null, + "kind": "Deployment", + "name": "tidb-scheduler", + "namespace": "acto-namespace", + "resource_version": "679", + "uid": "20ba2e7c-07eb-48ca-a4b7-a91c7be753f3" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:19:29+00:00", + "message": "Scaled up replica set tidb-scheduler-9cbd6945f to 1", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:19:29+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:29+00:00" + } + ], + "name": "tidb-scheduler.17b79381c2416642", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "684", + "self_link": null, + "uid": "673a9351-dfcd-41cd-bffd-ba681663237f" + }, + "reason": "ScalingReplicaSet", + "related": null, + "reporting_component": "deployment-controller", + "reporting_instance": "", + "series": null, + "source": { + "component": "deployment-controller", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:19:34+00:00", + "involved_object": { + "api_version": "apps/v1", + "field_path": null, + "kind": "Deployment", + "name": "tidb-scheduler", + "namespace": "acto-namespace", + "resource_version": "738", + "uid": "20ba2e7c-07eb-48ca-a4b7-a91c7be753f3" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:19:34+00:00", + "message": "Scaled up replica set tidb-scheduler-77874455fc to 1", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:19:34+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:34+00:00" + } + ], + "name": "tidb-scheduler.17b79382f143e7b4", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "744", + "self_link": null, + "uid": "5478cb68-49c6-4f25-9772-d4d1297a6b19" + }, + "reason": "ScalingReplicaSet", + "related": null, + "reporting_component": "deployment-controller", + "reporting_instance": "", + "series": null, + "source": { + "component": "deployment-controller", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:19:37+00:00", + "involved_object": { + "api_version": "apps/v1", + "field_path": null, + "kind": "Deployment", + "name": "tidb-scheduler", + "namespace": "acto-namespace", + "resource_version": "755", + "uid": "20ba2e7c-07eb-48ca-a4b7-a91c7be753f3" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:19:37+00:00", + "message": "Scaled down replica set tidb-scheduler-9cbd6945f to 0 from 1", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:19:37+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:37+00:00" + } + ], + "name": "tidb-scheduler.17b79383ac5ae688", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "795", + "self_link": null, + "uid": "525c03fa-f30a-4afd-a5b3-56e8b460843b" + }, + "reason": "ScalingReplicaSet", + "related": null, + "reporting_component": "deployment-controller", + "reporting_instance": "", + "series": null, + "source": { + "component": "deployment-controller", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:22+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "PersistentVolumeClaim", + "name": "tikv-test-cluster-tikv-0", + "namespace": "acto-namespace", + "resource_version": "1093", + "uid": "c3881bdf-3987-4437-afed-2cce93ffbdf3" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:22+00:00", + "message": "waiting for first consumer to be created before binding", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:22+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:22+00:00" + } + ], + "name": "tikv-test-cluster-tikv-0.17b7938e260950e7", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1095", + "self_link": null, + "uid": "64438c94-efc5-4c6b-983f-e57e09c77c2e" + }, + "reason": "WaitForFirstConsumer", + "related": null, + "reporting_component": "persistentvolume-controller", + "reporting_instance": "", + "series": null, + "source": { + "component": "persistentvolume-controller", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:22+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "PersistentVolumeClaim", + "name": "tikv-test-cluster-tikv-0", + "namespace": "acto-namespace", + "resource_version": "1103", + "uid": "c3881bdf-3987-4437-afed-2cce93ffbdf3" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:22+00:00", + "message": "Waiting for a volume to be created either by the external provisioner 'rancher.io/local-path' or manually by the system administrator. If volume creation is delayed, please verify that the provisioner is running and correctly registered.", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:22+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:22+00:00" + } + ], + "name": "tikv-test-cluster-tikv-0.17b7938e26e1f133", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1108", + "self_link": null, + "uid": "4bb3c423-b6b0-404b-a169-39a8fcbeb51f" + }, + "reason": "ExternalProvisioning", + "related": null, + "reporting_component": "persistentvolume-controller", + "reporting_instance": "", + "series": null, + "source": { + "component": "persistentvolume-controller", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:22+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "PersistentVolumeClaim", + "name": "tikv-test-cluster-tikv-0", + "namespace": "acto-namespace", + "resource_version": "1103", + "uid": "c3881bdf-3987-4437-afed-2cce93ffbdf3" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:22+00:00", + "message": "External provisioner is provisioning volume for claim \"acto-namespace/tikv-test-cluster-tikv-0\"", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:22+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "local-path-provisioner", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:22+00:00" + } + ], + "name": "tikv-test-cluster-tikv-0.17b7938e26fb3ebf", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1111", + "self_link": null, + "uid": "e2f01bd9-f947-416c-8aa5-d4ee0d0371e5" + }, + "reason": "Provisioning", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "rancher.io/local-path_local-path-provisioner-6f8956fb48-lwlfv_e2117ef4-1e8a-440b-bb31-b48086ca1c88", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:25+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "PersistentVolumeClaim", + "name": "tikv-test-cluster-tikv-0", + "namespace": "acto-namespace", + "resource_version": "1103", + "uid": "c3881bdf-3987-4437-afed-2cce93ffbdf3" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:25+00:00", + "message": "Successfully provisioned volume pvc-c3881bdf-3987-4437-afed-2cce93ffbdf3", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:25+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "local-path-provisioner", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:25+00:00" + } + ], + "name": "tikv-test-cluster-tikv-0.17b7938ef1b29926", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1215", + "self_link": null, + "uid": "fb8fe91f-c554-4501-82ba-70a3ace2096c" + }, + "reason": "ProvisioningSucceeded", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "rancher.io/local-path_local-path-provisioner-6f8956fb48-lwlfv_e2117ef4-1e8a-440b-bb31-b48086ca1c88", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:22+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "PersistentVolumeClaim", + "name": "tikv-test-cluster-tikv-1", + "namespace": "acto-namespace", + "resource_version": "1099", + "uid": "36ffe414-4968-4c09-977a-799a62b46134" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:22+00:00", + "message": "waiting for first consumer to be created before binding", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:22+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:22+00:00" + } + ], + "name": "tikv-test-cluster-tikv-1.17b7938e266f2208", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1106", + "self_link": null, + "uid": "8fb7b579-61fe-4131-a82a-3c04473529f9" + }, + "reason": "WaitForFirstConsumer", + "related": null, + "reporting_component": "persistentvolume-controller", + "reporting_instance": "", + "series": null, + "source": { + "component": "persistentvolume-controller", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 2, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:22+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "PersistentVolumeClaim", + "name": "tikv-test-cluster-tikv-1", + "namespace": "acto-namespace", + "resource_version": "1115", + "uid": "36ffe414-4968-4c09-977a-799a62b46134" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:22+00:00", + "message": "Waiting for a volume to be created either by the external provisioner 'rancher.io/local-path' or manually by the system administrator. If volume creation is delayed, please verify that the provisioner is running and correctly registered.", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:22+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:22+00:00" + } + ], + "name": "tikv-test-cluster-tikv-1.17b7938e275074f3", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1119", + "self_link": null, + "uid": "ba852644-d68d-4b80-9a61-1ca19a18cf4c" + }, + "reason": "ExternalProvisioning", + "related": null, + "reporting_component": "persistentvolume-controller", + "reporting_instance": "", + "series": null, + "source": { + "component": "persistentvolume-controller", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:22+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "PersistentVolumeClaim", + "name": "tikv-test-cluster-tikv-1", + "namespace": "acto-namespace", + "resource_version": "1115", + "uid": "36ffe414-4968-4c09-977a-799a62b46134" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:22+00:00", + "message": "External provisioner is provisioning volume for claim \"acto-namespace/tikv-test-cluster-tikv-1\"", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:22+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "local-path-provisioner", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:22+00:00" + } + ], + "name": "tikv-test-cluster-tikv-1.17b7938e2780dd91", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1120", + "self_link": null, + "uid": "2266c434-7103-412a-9c93-d6d8b220bd3c" + }, + "reason": "Provisioning", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "rancher.io/local-path_local-path-provisioner-6f8956fb48-lwlfv_e2117ef4-1e8a-440b-bb31-b48086ca1c88", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:24+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "PersistentVolumeClaim", + "name": "tikv-test-cluster-tikv-1", + "namespace": "acto-namespace", + "resource_version": "1115", + "uid": "36ffe414-4968-4c09-977a-799a62b46134" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:24+00:00", + "message": "Successfully provisioned volume pvc-36ffe414-4968-4c09-977a-799a62b46134", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:25+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "local-path-provisioner", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:25+00:00" + } + ], + "name": "tikv-test-cluster-tikv-1.17b7938ec209f5d4", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1172", + "self_link": null, + "uid": "5dcdfa01-3356-4b05-8a93-6d204d05f22d" + }, + "reason": "ProvisioningSucceeded", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "rancher.io/local-path_local-path-provisioner-6f8956fb48-lwlfv_e2117ef4-1e8a-440b-bb31-b48086ca1c88", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:22+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "PersistentVolumeClaim", + "name": "tikv-test-cluster-tikv-2", + "namespace": "acto-namespace", + "resource_version": "1097", + "uid": "4c76d8f3-3a67-412e-875b-dae964805d9f" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:22+00:00", + "message": "waiting for first consumer to be created before binding", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:22+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:22+00:00" + } + ], + "name": "tikv-test-cluster-tikv-2.17b7938e266e04ca", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1101", + "self_link": null, + "uid": "e6a4065b-4d06-493a-ba52-02dc77f9a968" + }, + "reason": "WaitForFirstConsumer", + "related": null, + "reporting_component": "persistentvolume-controller", + "reporting_instance": "", + "series": null, + "source": { + "component": "persistentvolume-controller", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 2, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:22+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "PersistentVolumeClaim", + "name": "tikv-test-cluster-tikv-2", + "namespace": "acto-namespace", + "resource_version": "1117", + "uid": "4c76d8f3-3a67-412e-875b-dae964805d9f" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:22+00:00", + "message": "Waiting for a volume to be created either by the external provisioner 'rancher.io/local-path' or manually by the system administrator. If volume creation is delayed, please verify that the provisioner is running and correctly registered.", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:22+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:22+00:00" + } + ], + "name": "tikv-test-cluster-tikv-2.17b7938e276fb066", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1126", + "self_link": null, + "uid": "fd23a2cf-12a1-4149-9aac-f21972472316" + }, + "reason": "ExternalProvisioning", + "related": null, + "reporting_component": "persistentvolume-controller", + "reporting_instance": "", + "series": null, + "source": { + "component": "persistentvolume-controller", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:22+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "PersistentVolumeClaim", + "name": "tikv-test-cluster-tikv-2", + "namespace": "acto-namespace", + "resource_version": "1117", + "uid": "4c76d8f3-3a67-412e-875b-dae964805d9f" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:22+00:00", + "message": "External provisioner is provisioning volume for claim \"acto-namespace/tikv-test-cluster-tikv-2\"", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:22+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "local-path-provisioner", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:22+00:00" + } + ], + "name": "tikv-test-cluster-tikv-2.17b7938e27868fb7", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1125", + "self_link": null, + "uid": "ad158bde-6068-4573-a300-e072514d7732" + }, + "reason": "Provisioning", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "rancher.io/local-path_local-path-provisioner-6f8956fb48-lwlfv_e2117ef4-1e8a-440b-bb31-b48086ca1c88", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:24+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "PersistentVolumeClaim", + "name": "tikv-test-cluster-tikv-2", + "namespace": "acto-namespace", + "resource_version": "1117", + "uid": "4c76d8f3-3a67-412e-875b-dae964805d9f" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:24+00:00", + "message": "Successfully provisioned volume pvc-4c76d8f3-3a67-412e-875b-dae964805d9f", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:24+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "local-path-provisioner", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:24+00:00" + } + ], + "name": "tikv-test-cluster-tikv-2.17b7938eab1b1a44", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1159", + "self_link": null, + "uid": "36da393b-2b91-4e6b-bd00-27bef8238dbb" + }, + "reason": "ProvisioningSucceeded", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "rancher.io/local-path_local-path-provisioner-6f8956fb48-lwlfv_e2117ef4-1e8a-440b-bb31-b48086ca1c88", + "host": null + }, + "type": "Normal" + } + ], + "kind": "EventList", + "metadata": { + "_continue": null, + "remaining_item_count": null, + "resource_version": "3791", + "self_link": null + } +} diff --git a/docs/alarm_examples/misoperation/events-000.json b/docs/alarm_examples/misoperation/events-000.json new file mode 100644 index 0000000000..eb31cdb14c --- /dev/null +++ b/docs/alarm_examples/misoperation/events-000.json @@ -0,0 +1,11000 @@ +{ + "api_version": "v1", + "items": [ + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:19:59+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "PersistentVolumeClaim", + "name": "pd-test-cluster-pd-0", + "namespace": "acto-namespace", + "resource_version": "887", + "uid": "6e74bcf6-9557-43e9-975d-c258e0774be5" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:19:59+00:00", + "message": "waiting for first consumer to be created before binding", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:19:59+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:59+00:00" + } + ], + "name": "pd-test-cluster-pd-0.17b79388ec975231", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "893", + "self_link": null, + "uid": "7692a623-a1f3-4fa6-b1e1-acfb0465a5f9" + }, + "reason": "WaitForFirstConsumer", + "related": null, + "reporting_component": "persistentvolume-controller", + "reporting_instance": "", + "series": null, + "source": { + "component": "persistentvolume-controller", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:19:59+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "PersistentVolumeClaim", + "name": "pd-test-cluster-pd-0", + "namespace": "acto-namespace", + "resource_version": "899", + "uid": "6e74bcf6-9557-43e9-975d-c258e0774be5" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:19:59+00:00", + "message": "Waiting for a volume to be created either by the external provisioner 'rancher.io/local-path' or manually by the system administrator. If volume creation is delayed, please verify that the provisioner is running and correctly registered.", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:19:59+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:59+00:00" + } + ], + "name": "pd-test-cluster-pd-0.17b79388eddd4b8d", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "907", + "self_link": null, + "uid": "2a3f90a4-a6c0-4fed-9419-a50c4187f854" + }, + "reason": "ExternalProvisioning", + "related": null, + "reporting_component": "persistentvolume-controller", + "reporting_instance": "", + "series": null, + "source": { + "component": "persistentvolume-controller", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:19:59+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "PersistentVolumeClaim", + "name": "pd-test-cluster-pd-0", + "namespace": "acto-namespace", + "resource_version": "899", + "uid": "6e74bcf6-9557-43e9-975d-c258e0774be5" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:19:59+00:00", + "message": "External provisioner is provisioning volume for claim \"acto-namespace/pd-test-cluster-pd-0\"", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:19:59+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "local-path-provisioner", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:59+00:00" + } + ], + "name": "pd-test-cluster-pd-0.17b79388eeb853b0", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "911", + "self_link": null, + "uid": "dc4c5f1d-cf00-4052-bdc2-72ea5a533a4c" + }, + "reason": "Provisioning", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "rancher.io/local-path_local-path-provisioner-6f8956fb48-lwlfv_e2117ef4-1e8a-440b-bb31-b48086ca1c88", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:02+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "PersistentVolumeClaim", + "name": "pd-test-cluster-pd-0", + "namespace": "acto-namespace", + "resource_version": "899", + "uid": "6e74bcf6-9557-43e9-975d-c258e0774be5" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:02+00:00", + "message": "Successfully provisioned volume pvc-6e74bcf6-9557-43e9-975d-c258e0774be5", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:02+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "local-path-provisioner", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:02+00:00" + } + ], + "name": "pd-test-cluster-pd-0.17b79389a3f8a69c", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "970", + "self_link": null, + "uid": "f6f0dbe6-cefd-42af-be0b-5c1280b014a7" + }, + "reason": "ProvisioningSucceeded", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "rancher.io/local-path_local-path-provisioner-6f8956fb48-lwlfv_e2117ef4-1e8a-440b-bb31-b48086ca1c88", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:19:59+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "PersistentVolumeClaim", + "name": "pd-test-cluster-pd-1", + "namespace": "acto-namespace", + "resource_version": "891", + "uid": "4347573f-2369-4cd1-aa31-97a0edae4ab5" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:19:59+00:00", + "message": "waiting for first consumer to be created before binding", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:19:59+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:59+00:00" + } + ], + "name": "pd-test-cluster-pd-1.17b79388ed57f4fb", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "898", + "self_link": null, + "uid": "6a7920b6-8051-4c87-83b1-e9c7ac579207" + }, + "reason": "WaitForFirstConsumer", + "related": null, + "reporting_component": "persistentvolume-controller", + "reporting_instance": "", + "series": null, + "source": { + "component": "persistentvolume-controller", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 2, + "event_time": null, + "first_timestamp": "2024-02-27T01:19:59+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "PersistentVolumeClaim", + "name": "pd-test-cluster-pd-1", + "namespace": "acto-namespace", + "resource_version": "910", + "uid": "4347573f-2369-4cd1-aa31-97a0edae4ab5" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:19:59+00:00", + "message": "Waiting for a volume to be created either by the external provisioner 'rancher.io/local-path' or manually by the system administrator. If volume creation is delayed, please verify that the provisioner is running and correctly registered.", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:19:59+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:59+00:00" + } + ], + "name": "pd-test-cluster-pd-1.17b79388eed13cb8", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "920", + "self_link": null, + "uid": "c1eacb59-48bc-4fcc-b031-1baf1f321f9a" + }, + "reason": "ExternalProvisioning", + "related": null, + "reporting_component": "persistentvolume-controller", + "reporting_instance": "", + "series": null, + "source": { + "component": "persistentvolume-controller", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:19:59+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "PersistentVolumeClaim", + "name": "pd-test-cluster-pd-1", + "namespace": "acto-namespace", + "resource_version": "910", + "uid": "4347573f-2369-4cd1-aa31-97a0edae4ab5" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:19:59+00:00", + "message": "External provisioner is provisioning volume for claim \"acto-namespace/pd-test-cluster-pd-1\"", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:19:59+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "local-path-provisioner", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:59+00:00" + } + ], + "name": "pd-test-cluster-pd-1.17b79388ef19449a", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "915", + "self_link": null, + "uid": "1ab4d84f-0ca7-406e-a1b3-0a45d2c37c12" + }, + "reason": "Provisioning", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "rancher.io/local-path_local-path-provisioner-6f8956fb48-lwlfv_e2117ef4-1e8a-440b-bb31-b48086ca1c88", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:03+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "PersistentVolumeClaim", + "name": "pd-test-cluster-pd-1", + "namespace": "acto-namespace", + "resource_version": "910", + "uid": "4347573f-2369-4cd1-aa31-97a0edae4ab5" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:03+00:00", + "message": "Successfully provisioned volume pvc-4347573f-2369-4cd1-aa31-97a0edae4ab5", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:03+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "local-path-provisioner", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:03+00:00" + } + ], + "name": "pd-test-cluster-pd-1.17b79389d09ca68a", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "990", + "self_link": null, + "uid": "8e007679-a668-474e-9512-fcf90dab5019" + }, + "reason": "ProvisioningSucceeded", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "rancher.io/local-path_local-path-provisioner-6f8956fb48-lwlfv_e2117ef4-1e8a-440b-bb31-b48086ca1c88", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:19:59+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "PersistentVolumeClaim", + "name": "pd-test-cluster-pd-2", + "namespace": "acto-namespace", + "resource_version": "892", + "uid": "4ca5c277-cce5-49c9-8693-75ec1a7ef074" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:19:59+00:00", + "message": "waiting for first consumer to be created before binding", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:19:59+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:59+00:00" + } + ], + "name": "pd-test-cluster-pd-2.17b79388ed590aa1", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "904", + "self_link": null, + "uid": "bcacad43-3460-4b97-b472-b8c38e58bd82" + }, + "reason": "WaitForFirstConsumer", + "related": null, + "reporting_component": "persistentvolume-controller", + "reporting_instance": "", + "series": null, + "source": { + "component": "persistentvolume-controller", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:19:59+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "PersistentVolumeClaim", + "name": "pd-test-cluster-pd-2", + "namespace": "acto-namespace", + "resource_version": "909", + "uid": "4ca5c277-cce5-49c9-8693-75ec1a7ef074" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:19:59+00:00", + "message": "Waiting for a volume to be created either by the external provisioner 'rancher.io/local-path' or manually by the system administrator. If volume creation is delayed, please verify that the provisioner is running and correctly registered.", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:19:59+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:59+00:00" + } + ], + "name": "pd-test-cluster-pd-2.17b79388eed553c1", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "914", + "self_link": null, + "uid": "84745bd3-558c-4e5f-8e4e-fe4cbf939aa5" + }, + "reason": "ExternalProvisioning", + "related": null, + "reporting_component": "persistentvolume-controller", + "reporting_instance": "", + "series": null, + "source": { + "component": "persistentvolume-controller", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:19:59+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "PersistentVolumeClaim", + "name": "pd-test-cluster-pd-2", + "namespace": "acto-namespace", + "resource_version": "909", + "uid": "4ca5c277-cce5-49c9-8693-75ec1a7ef074" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:19:59+00:00", + "message": "External provisioner is provisioning volume for claim \"acto-namespace/pd-test-cluster-pd-2\"", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:19:59+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "local-path-provisioner", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:59+00:00" + } + ], + "name": "pd-test-cluster-pd-2.17b79388ef1fc895", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "918", + "self_link": null, + "uid": "7ed22656-c385-4924-9988-1f53d1086d55" + }, + "reason": "Provisioning", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "rancher.io/local-path_local-path-provisioner-6f8956fb48-lwlfv_e2117ef4-1e8a-440b-bb31-b48086ca1c88", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:03+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "PersistentVolumeClaim", + "name": "pd-test-cluster-pd-2", + "namespace": "acto-namespace", + "resource_version": "909", + "uid": "4ca5c277-cce5-49c9-8693-75ec1a7ef074" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:03+00:00", + "message": "Successfully provisioned volume pvc-4ca5c277-cce5-49c9-8693-75ec1a7ef074", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:03+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "local-path-provisioner", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:03+00:00" + } + ], + "name": "pd-test-cluster-pd-2.17b79389b0998849", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "977", + "self_link": null, + "uid": "6fe3725f-efa1-46da-86a1-d94e5b77c057" + }, + "reason": "ProvisioningSucceeded", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "rancher.io/local-path_local-path-provisioner-6f8956fb48-lwlfv_e2117ef4-1e8a-440b-bb31-b48086ca1c88", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:19:59+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "Pod", + "name": "test-cluster-discovery-689d8466cb-rkhsw", + "namespace": "acto-namespace", + "resource_version": "865", + "uid": "7d5c38de-d388-4f79-a1eb-dbfcb1333562" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:19:59+00:00", + "message": "Successfully assigned acto-namespace/test-cluster-discovery-689d8466cb-rkhsw to acto-0-cluster-0-worker2", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:19:59+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-scheduler", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:59+00:00" + } + ], + "name": "test-cluster-discovery-689d8466cb-rkhsw.17b79388ea25f7af", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "875", + "self_link": null, + "uid": "d4bcad3a-7602-490a-bb7e-cb56c8a2764c" + }, + "reason": "Scheduled", + "related": null, + "reporting_component": "default-scheduler", + "reporting_instance": "", + "series": null, + "source": { + "component": "default-scheduler", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:00+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{discovery}", + "kind": "Pod", + "name": "test-cluster-discovery-689d8466cb-rkhsw", + "namespace": "acto-namespace", + "resource_version": "867", + "uid": "7d5c38de-d388-4f79-a1eb-dbfcb1333562" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:00+00:00", + "message": "Container image \"pingcap/tidb-operator:v1.3.2\" already present on machine", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:00+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:reportingInstance": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:00+00:00" + } + ], + "name": "test-cluster-discovery-689d8466cb-rkhsw.17b793890852b695", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "935", + "self_link": null, + "uid": "5eb8f029-72f1-473b-a597-12c498b5af85" + }, + "reason": "Pulled", + "related": null, + "reporting_component": "kubelet", + "reporting_instance": "acto-0-cluster-0-worker2", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker2" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:00+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{discovery}", + "kind": "Pod", + "name": "test-cluster-discovery-689d8466cb-rkhsw", + "namespace": "acto-namespace", + "resource_version": "867", + "uid": "7d5c38de-d388-4f79-a1eb-dbfcb1333562" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:00+00:00", + "message": "Created container discovery", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:00+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:reportingInstance": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:00+00:00" + } + ], + "name": "test-cluster-discovery-689d8466cb-rkhsw.17b793890bf7c0f0", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "938", + "self_link": null, + "uid": "348db08c-2252-4563-9b9e-99b74f8a33f0" + }, + "reason": "Created", + "related": null, + "reporting_component": "kubelet", + "reporting_instance": "acto-0-cluster-0-worker2", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker2" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:00+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{discovery}", + "kind": "Pod", + "name": "test-cluster-discovery-689d8466cb-rkhsw", + "namespace": "acto-namespace", + "resource_version": "867", + "uid": "7d5c38de-d388-4f79-a1eb-dbfcb1333562" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:00+00:00", + "message": "Started container discovery", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:00+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:reportingInstance": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:00+00:00" + } + ], + "name": "test-cluster-discovery-689d8466cb-rkhsw.17b7938914e6d051", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "940", + "self_link": null, + "uid": "0e1a419d-d8a3-4f9e-8a6d-8e576a8b9cf1" + }, + "reason": "Started", + "related": null, + "reporting_component": "kubelet", + "reporting_instance": "acto-0-cluster-0-worker2", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker2" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:19:59+00:00", + "involved_object": { + "api_version": "apps/v1", + "field_path": null, + "kind": "ReplicaSet", + "name": "test-cluster-discovery-689d8466cb", + "namespace": "acto-namespace", + "resource_version": "856", + "uid": "a6ae946c-e641-488e-8d11-8f8a0e04bed1" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:19:59+00:00", + "message": "Created pod: test-cluster-discovery-689d8466cb-rkhsw", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:19:59+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:59+00:00" + } + ], + "name": "test-cluster-discovery-689d8466cb.17b79388e989cb9b", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "869", + "self_link": null, + "uid": "ef21c4c1-e0fc-44e6-a602-0c4ec3d34e15" + }, + "reason": "SuccessfulCreate", + "related": null, + "reporting_component": "replicaset-controller", + "reporting_instance": "", + "series": null, + "source": { + "component": "replicaset-controller", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:19:59+00:00", + "involved_object": { + "api_version": "apps/v1", + "field_path": null, + "kind": "Deployment", + "name": "test-cluster-discovery", + "namespace": "acto-namespace", + "resource_version": "854", + "uid": "8fd66bd1-82d7-4fd7-95b8-c25c509219de" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:19:59+00:00", + "message": "Scaled up replica set test-cluster-discovery-689d8466cb to 1", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:19:59+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:59+00:00" + } + ], + "name": "test-cluster-discovery.17b79388e86c8336", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "859", + "self_link": null, + "uid": "0f1a8fdb-a0bf-457b-93fa-7a9729b48068" + }, + "reason": "ScalingReplicaSet", + "related": null, + "reporting_component": "deployment-controller", + "reporting_instance": "", + "series": null, + "source": { + "component": "deployment-controller", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:03+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "Pod", + "name": "test-cluster-pd-0", + "namespace": "acto-namespace", + "resource_version": "889", + "uid": "801ba666-3b2f-49bf-aec4-e595107bc95d" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:03+00:00", + "message": "Successfully assigned acto-namespace/test-cluster-pd-0 to acto-0-cluster-0-worker", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:03+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-scheduler", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:03+00:00" + } + ], + "name": "test-cluster-pd-0.17b79389dc3a67ca", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "989", + "self_link": null, + "uid": "cee61977-3af9-4af4-829d-d99e118b98cf" + }, + "reason": "Scheduled", + "related": null, + "reporting_component": "default-scheduler", + "reporting_instance": "", + "series": null, + "source": { + "component": "default-scheduler", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 2, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:04+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{pd}", + "kind": "Pod", + "name": "test-cluster-pd-0", + "namespace": "acto-namespace", + "resource_version": "988", + "uid": "801ba666-3b2f-49bf-aec4-e595107bc95d" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:25+00:00", + "message": "Container image \"pingcap/pd:v5.4.0\" already present on machine", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:04+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:reportingInstance": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:25+00:00" + } + ], + "name": "test-cluster-pd-0.17b79389f61aadab", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1183", + "self_link": null, + "uid": "e08a1391-e215-4b84-983a-739362c76e6f" + }, + "reason": "Pulled", + "related": null, + "reporting_component": "kubelet", + "reporting_instance": "acto-0-cluster-0-worker", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 2, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:04+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{pd}", + "kind": "Pod", + "name": "test-cluster-pd-0", + "namespace": "acto-namespace", + "resource_version": "988", + "uid": "801ba666-3b2f-49bf-aec4-e595107bc95d" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:25+00:00", + "message": "Created container pd", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:04+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:reportingInstance": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:25+00:00" + } + ], + "name": "test-cluster-pd-0.17b79389f7767600", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1189", + "self_link": null, + "uid": "948f7f70-f8b7-46a1-b06f-b0812abe14f7" + }, + "reason": "Created", + "related": null, + "reporting_component": "kubelet", + "reporting_instance": "acto-0-cluster-0-worker", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 2, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:04+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{pd}", + "kind": "Pod", + "name": "test-cluster-pd-0", + "namespace": "acto-namespace", + "resource_version": "988", + "uid": "801ba666-3b2f-49bf-aec4-e595107bc95d" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:25+00:00", + "message": "Started container pd", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:04+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:reportingInstance": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:25+00:00" + } + ], + "name": "test-cluster-pd-0.17b79389fcfb7885", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1197", + "self_link": null, + "uid": "4a93eed7-a4f0-45a7-9a3b-0266fcfa32ff" + }, + "reason": "Started", + "related": null, + "reporting_component": "kubelet", + "reporting_instance": "acto-0-cluster-0-worker", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:03+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "Pod", + "name": "test-cluster-pd-1", + "namespace": "acto-namespace", + "resource_version": "896", + "uid": "fddcab1c-5c70-49b9-8a97-afe4d7dec60e" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:03+00:00", + "message": "Successfully assigned acto-namespace/test-cluster-pd-1 to acto-0-cluster-0-worker2", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:03+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-scheduler", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:03+00:00" + } + ], + "name": "test-cluster-pd-1.17b79389dd2a3a82", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "995", + "self_link": null, + "uid": "2acbb8db-1b5e-42b8-9413-76899f88e3ea" + }, + "reason": "Scheduled", + "related": null, + "reporting_component": "default-scheduler", + "reporting_instance": "", + "series": null, + "source": { + "component": "default-scheduler", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:04+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{pd}", + "kind": "Pod", + "name": "test-cluster-pd-1", + "namespace": "acto-namespace", + "resource_version": "992", + "uid": "fddcab1c-5c70-49b9-8a97-afe4d7dec60e" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:04+00:00", + "message": "Container image \"pingcap/pd:v5.4.0\" already present on machine", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:04+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:reportingInstance": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:04+00:00" + } + ], + "name": "test-cluster-pd-1.17b79389f639d7a1", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1000", + "self_link": null, + "uid": "3274dc44-7802-4b4d-9b23-1708badee316" + }, + "reason": "Pulled", + "related": null, + "reporting_component": "kubelet", + "reporting_instance": "acto-0-cluster-0-worker2", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker2" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:04+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{pd}", + "kind": "Pod", + "name": "test-cluster-pd-1", + "namespace": "acto-namespace", + "resource_version": "992", + "uid": "fddcab1c-5c70-49b9-8a97-afe4d7dec60e" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:04+00:00", + "message": "Created container pd", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:04+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:reportingInstance": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:04+00:00" + } + ], + "name": "test-cluster-pd-1.17b79389f7a8aacc", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1003", + "self_link": null, + "uid": "40e51a88-3e86-4d5e-b845-70f5d710e46f" + }, + "reason": "Created", + "related": null, + "reporting_component": "kubelet", + "reporting_instance": "acto-0-cluster-0-worker2", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker2" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:04+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{pd}", + "kind": "Pod", + "name": "test-cluster-pd-1", + "namespace": "acto-namespace", + "resource_version": "992", + "uid": "fddcab1c-5c70-49b9-8a97-afe4d7dec60e" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:04+00:00", + "message": "Started container pd", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:04+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:reportingInstance": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:04+00:00" + } + ], + "name": "test-cluster-pd-1.17b79389fd0a5101", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1007", + "self_link": null, + "uid": "72354dc0-df2a-43c7-92c5-e0f78fb6eaf9" + }, + "reason": "Started", + "related": null, + "reporting_component": "kubelet", + "reporting_instance": "acto-0-cluster-0-worker2", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker2" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:03+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "Pod", + "name": "test-cluster-pd-2", + "namespace": "acto-namespace", + "resource_version": "897", + "uid": "6c47980f-aa16-4023-b5b9-150257844cb0" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:03+00:00", + "message": "Successfully assigned acto-namespace/test-cluster-pd-2 to acto-0-cluster-0-worker3", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:03+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-scheduler", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:03+00:00" + } + ], + "name": "test-cluster-pd-2.17b79389dd25b56d", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "994", + "self_link": null, + "uid": "36300ac1-8f91-42ce-8ccb-197c04286b9e" + }, + "reason": "Scheduled", + "related": null, + "reporting_component": "default-scheduler", + "reporting_instance": "", + "series": null, + "source": { + "component": "default-scheduler", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:04+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{pd}", + "kind": "Pod", + "name": "test-cluster-pd-2", + "namespace": "acto-namespace", + "resource_version": "993", + "uid": "6c47980f-aa16-4023-b5b9-150257844cb0" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:04+00:00", + "message": "Container image \"pingcap/pd:v5.4.0\" already present on machine", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:04+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:reportingInstance": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:04+00:00" + } + ], + "name": "test-cluster-pd-2.17b79389f630c7af", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "999", + "self_link": null, + "uid": "cbf51387-c4c1-472b-87c3-a8e9e605e82f" + }, + "reason": "Pulled", + "related": null, + "reporting_component": "kubelet", + "reporting_instance": "acto-0-cluster-0-worker3", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker3" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:04+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{pd}", + "kind": "Pod", + "name": "test-cluster-pd-2", + "namespace": "acto-namespace", + "resource_version": "993", + "uid": "6c47980f-aa16-4023-b5b9-150257844cb0" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:04+00:00", + "message": "Created container pd", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:04+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:reportingInstance": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:04+00:00" + } + ], + "name": "test-cluster-pd-2.17b79389f793d91f", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1002", + "self_link": null, + "uid": "49cbd93f-5282-4ee5-bfd5-018cbdc5e89b" + }, + "reason": "Created", + "related": null, + "reporting_component": "kubelet", + "reporting_instance": "acto-0-cluster-0-worker3", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker3" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:04+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{pd}", + "kind": "Pod", + "name": "test-cluster-pd-2", + "namespace": "acto-namespace", + "resource_version": "993", + "uid": "6c47980f-aa16-4023-b5b9-150257844cb0" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:04+00:00", + "message": "Started container pd", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:04+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:reportingInstance": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:04+00:00" + } + ], + "name": "test-cluster-pd-2.17b79389fcf62246", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1005", + "self_link": null, + "uid": "7a670268-099d-439b-a23b-7c0d48da2ae6" + }, + "reason": "Started", + "related": null, + "reporting_component": "kubelet", + "reporting_instance": "acto-0-cluster-0-worker3", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker3" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:19:59+00:00", + "involved_object": { + "api_version": "apps/v1", + "field_path": null, + "kind": "StatefulSet", + "name": "test-cluster-pd", + "namespace": "acto-namespace", + "resource_version": "883", + "uid": "88522170-1faf-4a03-8d4e-f4f6a40c72a7" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:19:59+00:00", + "message": "create Claim pd-test-cluster-pd-0 Pod test-cluster-pd-0 in StatefulSet test-cluster-pd success", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:19:59+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:59+00:00" + } + ], + "name": "test-cluster-pd.17b79388ec958bd5", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "888", + "self_link": null, + "uid": "28201e3a-31da-40b5-8490-011b2928f443" + }, + "reason": "SuccessfulCreate", + "related": null, + "reporting_component": "statefulset-controller", + "reporting_instance": "", + "series": null, + "source": { + "component": "statefulset-controller", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:19:59+00:00", + "involved_object": { + "api_version": "apps/v1", + "field_path": null, + "kind": "StatefulSet", + "name": "test-cluster-pd", + "namespace": "acto-namespace", + "resource_version": "883", + "uid": "88522170-1faf-4a03-8d4e-f4f6a40c72a7" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:19:59+00:00", + "message": "create Pod test-cluster-pd-0 in StatefulSet test-cluster-pd successful", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:19:59+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:59+00:00" + } + ], + "name": "test-cluster-pd.17b79388ed0eec08", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "890", + "self_link": null, + "uid": "2f2d2edf-e4ef-4c60-a256-b18254a2b334" + }, + "reason": "SuccessfulCreate", + "related": null, + "reporting_component": "statefulset-controller", + "reporting_instance": "", + "series": null, + "source": { + "component": "statefulset-controller", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:19:59+00:00", + "involved_object": { + "api_version": "apps/v1", + "field_path": null, + "kind": "StatefulSet", + "name": "test-cluster-pd", + "namespace": "acto-namespace", + "resource_version": "883", + "uid": "88522170-1faf-4a03-8d4e-f4f6a40c72a7" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:19:59+00:00", + "message": "create Claim pd-test-cluster-pd-1 Pod test-cluster-pd-1 in StatefulSet test-cluster-pd success", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:19:59+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:59+00:00" + } + ], + "name": "test-cluster-pd.17b79388ed5820c2", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "895", + "self_link": null, + "uid": "d84feaef-78b8-479a-a850-1f2f1e932f30" + }, + "reason": "SuccessfulCreate", + "related": null, + "reporting_component": "statefulset-controller", + "reporting_instance": "", + "series": null, + "source": { + "component": "statefulset-controller", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:19:59+00:00", + "involved_object": { + "api_version": "apps/v1", + "field_path": null, + "kind": "StatefulSet", + "name": "test-cluster-pd", + "namespace": "acto-namespace", + "resource_version": "883", + "uid": "88522170-1faf-4a03-8d4e-f4f6a40c72a7" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:19:59+00:00", + "message": "create Claim pd-test-cluster-pd-2 Pod test-cluster-pd-2 in StatefulSet test-cluster-pd success", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:19:59+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:59+00:00" + } + ], + "name": "test-cluster-pd.17b79388ed5823d8", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "900", + "self_link": null, + "uid": "8c7aa465-b0b5-4380-a84b-84e37a1eba1d" + }, + "reason": "SuccessfulCreate", + "related": null, + "reporting_component": "statefulset-controller", + "reporting_instance": "", + "series": null, + "source": { + "component": "statefulset-controller", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:19:59+00:00", + "involved_object": { + "api_version": "apps/v1", + "field_path": null, + "kind": "StatefulSet", + "name": "test-cluster-pd", + "namespace": "acto-namespace", + "resource_version": "883", + "uid": "88522170-1faf-4a03-8d4e-f4f6a40c72a7" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:19:59+00:00", + "message": "create Pod test-cluster-pd-1 in StatefulSet test-cluster-pd successful", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:19:59+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:59+00:00" + } + ], + "name": "test-cluster-pd.17b79388edadbb00", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "905", + "self_link": null, + "uid": "5d73b74d-2a17-4242-a5ab-09ed122b2b1b" + }, + "reason": "SuccessfulCreate", + "related": null, + "reporting_component": "statefulset-controller", + "reporting_instance": "", + "series": null, + "source": { + "component": "statefulset-controller", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:19:59+00:00", + "involved_object": { + "api_version": "apps/v1", + "field_path": null, + "kind": "StatefulSet", + "name": "test-cluster-pd", + "namespace": "acto-namespace", + "resource_version": "883", + "uid": "88522170-1faf-4a03-8d4e-f4f6a40c72a7" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:19:59+00:00", + "message": "create Pod test-cluster-pd-2 in StatefulSet test-cluster-pd successful", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:19:59+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:59+00:00" + } + ], + "name": "test-cluster-pd.17b79388edae04c7", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "908", + "self_link": null, + "uid": "6fefadac-e79d-4ccf-8a64-263ace5084c9" + }, + "reason": "SuccessfulCreate", + "related": null, + "reporting_component": "statefulset-controller", + "reporting_instance": "", + "series": null, + "source": { + "component": "statefulset-controller", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:52+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "Pod", + "name": "test-cluster-tidb-0", + "namespace": "acto-namespace", + "resource_version": "1341", + "uid": "33b4a064-47e7-4ea8-a6eb-4638ba7c5753" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:52+00:00", + "message": "Successfully assigned acto-namespace/test-cluster-tidb-0 to acto-0-cluster-0-worker", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:52+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-scheduler", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:52+00:00" + } + ], + "name": "test-cluster-tidb-0.17b7939524337fda", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1350", + "self_link": null, + "uid": "6432d4b6-fdf1-4b3d-ad3d-d0c99a8ce0ec" + }, + "reason": "Scheduled", + "related": null, + "reporting_component": "default-scheduler", + "reporting_instance": "", + "series": null, + "source": { + "component": "default-scheduler", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:52+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{slowlog}", + "kind": "Pod", + "name": "test-cluster-tidb-0", + "namespace": "acto-namespace", + "resource_version": "1344", + "uid": "33b4a064-47e7-4ea8-a6eb-4638ba7c5753" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:52+00:00", + "message": "Container image \"busybox:1.34.1\" already present on machine", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:52+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:reportingInstance": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:52+00:00" + } + ], + "name": "test-cluster-tidb-0.17b79395409f5daa", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1364", + "self_link": null, + "uid": "4f5de4f8-fab3-4d60-bff4-5c6fc6eb8a62" + }, + "reason": "Pulled", + "related": null, + "reporting_component": "kubelet", + "reporting_instance": "acto-0-cluster-0-worker", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:52+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{slowlog}", + "kind": "Pod", + "name": "test-cluster-tidb-0", + "namespace": "acto-namespace", + "resource_version": "1344", + "uid": "33b4a064-47e7-4ea8-a6eb-4638ba7c5753" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:52+00:00", + "message": "Created container slowlog", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:52+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:reportingInstance": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:52+00:00" + } + ], + "name": "test-cluster-tidb-0.17b793954192e9a0", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1368", + "self_link": null, + "uid": "cc70bfd0-c915-4375-a1a2-b43cb230cc11" + }, + "reason": "Created", + "related": null, + "reporting_component": "kubelet", + "reporting_instance": "acto-0-cluster-0-worker", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:52+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{slowlog}", + "kind": "Pod", + "name": "test-cluster-tidb-0", + "namespace": "acto-namespace", + "resource_version": "1344", + "uid": "33b4a064-47e7-4ea8-a6eb-4638ba7c5753" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:52+00:00", + "message": "Started container slowlog", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:53+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:reportingInstance": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:53+00:00" + } + ], + "name": "test-cluster-tidb-0.17b793954950a9a9", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1372", + "self_link": null, + "uid": "579de100-2070-4417-bf19-522dacc5fb1a" + }, + "reason": "Started", + "related": null, + "reporting_component": "kubelet", + "reporting_instance": "acto-0-cluster-0-worker", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:53+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{tidb}", + "kind": "Pod", + "name": "test-cluster-tidb-0", + "namespace": "acto-namespace", + "resource_version": "1344", + "uid": "33b4a064-47e7-4ea8-a6eb-4638ba7c5753" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:53+00:00", + "message": "Container image \"pingcap/tidb:v5.4.0\" already present on machine", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:53+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:reportingInstance": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:53+00:00" + } + ], + "name": "test-cluster-tidb-0.17b7939549576e68", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1374", + "self_link": null, + "uid": "0268a10d-712e-4555-93a6-7740b95f3b78" + }, + "reason": "Pulled", + "related": null, + "reporting_component": "kubelet", + "reporting_instance": "acto-0-cluster-0-worker", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:53+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{tidb}", + "kind": "Pod", + "name": "test-cluster-tidb-0", + "namespace": "acto-namespace", + "resource_version": "1344", + "uid": "33b4a064-47e7-4ea8-a6eb-4638ba7c5753" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:53+00:00", + "message": "Created container tidb", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:53+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:reportingInstance": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:53+00:00" + } + ], + "name": "test-cluster-tidb-0.17b793954a763c6a", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1379", + "self_link": null, + "uid": "f3c8ccc9-c3cd-4f16-a10d-c82fd88cff3b" + }, + "reason": "Created", + "related": null, + "reporting_component": "kubelet", + "reporting_instance": "acto-0-cluster-0-worker", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:53+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{tidb}", + "kind": "Pod", + "name": "test-cluster-tidb-0", + "namespace": "acto-namespace", + "resource_version": "1344", + "uid": "33b4a064-47e7-4ea8-a6eb-4638ba7c5753" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:53+00:00", + "message": "Started container tidb", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:53+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:reportingInstance": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:53+00:00" + } + ], + "name": "test-cluster-tidb-0.17b7939550c18dd3", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1380", + "self_link": null, + "uid": "b325fc76-7986-4636-9023-bb3ea419be96" + }, + "reason": "Started", + "related": null, + "reporting_component": "kubelet", + "reporting_instance": "acto-0-cluster-0-worker", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:52+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "Pod", + "name": "test-cluster-tidb-1", + "namespace": "acto-namespace", + "resource_version": "1345", + "uid": "b39da1e7-81ed-4250-9545-8ebd713753dc" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:52+00:00", + "message": "Successfully assigned acto-namespace/test-cluster-tidb-1 to acto-0-cluster-0-worker2", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:52+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-scheduler", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:52+00:00" + } + ], + "name": "test-cluster-tidb-1.17b79395248fe30d", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1356", + "self_link": null, + "uid": "35bfbd61-d0c2-4fae-80a4-e85425afe7a5" + }, + "reason": "Scheduled", + "related": null, + "reporting_component": "default-scheduler", + "reporting_instance": "", + "series": null, + "source": { + "component": "default-scheduler", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:52+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{slowlog}", + "kind": "Pod", + "name": "test-cluster-tidb-1", + "namespace": "acto-namespace", + "resource_version": "1349", + "uid": "b39da1e7-81ed-4250-9545-8ebd713753dc" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:52+00:00", + "message": "Container image \"busybox:1.34.1\" already present on machine", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:52+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:reportingInstance": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:52+00:00" + } + ], + "name": "test-cluster-tidb-1.17b7939540a119b1", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1365", + "self_link": null, + "uid": "c414f161-9aab-4fff-b694-f311d7f4fc88" + }, + "reason": "Pulled", + "related": null, + "reporting_component": "kubelet", + "reporting_instance": "acto-0-cluster-0-worker2", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker2" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:52+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{slowlog}", + "kind": "Pod", + "name": "test-cluster-tidb-1", + "namespace": "acto-namespace", + "resource_version": "1349", + "uid": "b39da1e7-81ed-4250-9545-8ebd713753dc" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:52+00:00", + "message": "Created container slowlog", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:52+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:reportingInstance": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:52+00:00" + } + ], + "name": "test-cluster-tidb-1.17b7939541836638", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1367", + "self_link": null, + "uid": "faf54f40-d6fb-4b7e-b974-96ff859c34ff" + }, + "reason": "Created", + "related": null, + "reporting_component": "kubelet", + "reporting_instance": "acto-0-cluster-0-worker2", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker2" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:53+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{slowlog}", + "kind": "Pod", + "name": "test-cluster-tidb-1", + "namespace": "acto-namespace", + "resource_version": "1349", + "uid": "b39da1e7-81ed-4250-9545-8ebd713753dc" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:53+00:00", + "message": "Started container slowlog", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:53+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:reportingInstance": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:53+00:00" + } + ], + "name": "test-cluster-tidb-1.17b7939549875930", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1375", + "self_link": null, + "uid": "52d4653e-9c3c-4423-9368-a1a10f9dda0c" + }, + "reason": "Started", + "related": null, + "reporting_component": "kubelet", + "reporting_instance": "acto-0-cluster-0-worker2", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker2" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:53+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{tidb}", + "kind": "Pod", + "name": "test-cluster-tidb-1", + "namespace": "acto-namespace", + "resource_version": "1349", + "uid": "b39da1e7-81ed-4250-9545-8ebd713753dc" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:53+00:00", + "message": "Container image \"pingcap/tidb:v5.4.0\" already present on machine", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:53+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:reportingInstance": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:53+00:00" + } + ], + "name": "test-cluster-tidb-1.17b79395498c5e26", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1376", + "self_link": null, + "uid": "486b8f2f-c7cd-4578-a123-3ee874e8bd89" + }, + "reason": "Pulled", + "related": null, + "reporting_component": "kubelet", + "reporting_instance": "acto-0-cluster-0-worker2", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker2" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:53+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{tidb}", + "kind": "Pod", + "name": "test-cluster-tidb-1", + "namespace": "acto-namespace", + "resource_version": "1349", + "uid": "b39da1e7-81ed-4250-9545-8ebd713753dc" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:53+00:00", + "message": "Created container tidb", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:53+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:reportingInstance": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:53+00:00" + } + ], + "name": "test-cluster-tidb-1.17b793954a6771e3", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1378", + "self_link": null, + "uid": "a979655b-455e-4283-8073-eac29b052c7c" + }, + "reason": "Created", + "related": null, + "reporting_component": "kubelet", + "reporting_instance": "acto-0-cluster-0-worker2", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker2" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:53+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{tidb}", + "kind": "Pod", + "name": "test-cluster-tidb-1", + "namespace": "acto-namespace", + "resource_version": "1349", + "uid": "b39da1e7-81ed-4250-9545-8ebd713753dc" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:53+00:00", + "message": "Started container tidb", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:53+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:reportingInstance": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:53+00:00" + } + ], + "name": "test-cluster-tidb-1.17b79395516eafcd", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1382", + "self_link": null, + "uid": "7dd16cef-6290-4ed1-bad9-51041f1950ec" + }, + "reason": "Started", + "related": null, + "reporting_component": "kubelet", + "reporting_instance": "acto-0-cluster-0-worker2", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker2" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:52+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "Pod", + "name": "test-cluster-tidb-2", + "namespace": "acto-namespace", + "resource_version": "1346", + "uid": "77704408-f6a8-425e-a89c-3877fadbf8b6" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:52+00:00", + "message": "Successfully assigned acto-namespace/test-cluster-tidb-2 to acto-0-cluster-0-worker3", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:52+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-scheduler", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:52+00:00" + } + ], + "name": "test-cluster-tidb-2.17b7939524a9b36f", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1358", + "self_link": null, + "uid": "fd4ed1cf-1e9e-4645-9338-8210e37afbbc" + }, + "reason": "Scheduled", + "related": null, + "reporting_component": "default-scheduler", + "reporting_instance": "", + "series": null, + "source": { + "component": "default-scheduler", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:52+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{slowlog}", + "kind": "Pod", + "name": "test-cluster-tidb-2", + "namespace": "acto-namespace", + "resource_version": "1351", + "uid": "77704408-f6a8-425e-a89c-3877fadbf8b6" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:52+00:00", + "message": "Container image \"busybox:1.34.1\" already present on machine", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:52+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:reportingInstance": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:52+00:00" + } + ], + "name": "test-cluster-tidb-2.17b7939540a1aae7", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1366", + "self_link": null, + "uid": "2b667dda-9fde-43c4-abf7-c1edb10833a8" + }, + "reason": "Pulled", + "related": null, + "reporting_component": "kubelet", + "reporting_instance": "acto-0-cluster-0-worker3", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker3" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:52+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{slowlog}", + "kind": "Pod", + "name": "test-cluster-tidb-2", + "namespace": "acto-namespace", + "resource_version": "1351", + "uid": "77704408-f6a8-425e-a89c-3877fadbf8b6" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:52+00:00", + "message": "Created container slowlog", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:52+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:reportingInstance": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:52+00:00" + } + ], + "name": "test-cluster-tidb-2.17b793954192ab0e", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1369", + "self_link": null, + "uid": "0228ee79-ad66-4e62-992d-625dbe8bce44" + }, + "reason": "Created", + "related": null, + "reporting_component": "kubelet", + "reporting_instance": "acto-0-cluster-0-worker3", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker3" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:52+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{slowlog}", + "kind": "Pod", + "name": "test-cluster-tidb-2", + "namespace": "acto-namespace", + "resource_version": "1351", + "uid": "77704408-f6a8-425e-a89c-3877fadbf8b6" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:52+00:00", + "message": "Started container slowlog", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:52+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:reportingInstance": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:52+00:00" + } + ], + "name": "test-cluster-tidb-2.17b79395491b8b31", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1371", + "self_link": null, + "uid": "68a92cf7-2e68-4655-b4c0-5a19e5a30dbf" + }, + "reason": "Started", + "related": null, + "reporting_component": "kubelet", + "reporting_instance": "acto-0-cluster-0-worker3", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker3" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:52+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{tidb}", + "kind": "Pod", + "name": "test-cluster-tidb-2", + "namespace": "acto-namespace", + "resource_version": "1351", + "uid": "77704408-f6a8-425e-a89c-3877fadbf8b6" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:52+00:00", + "message": "Container image \"pingcap/tidb:v5.4.0\" already present on machine", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:53+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:reportingInstance": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:53+00:00" + } + ], + "name": "test-cluster-tidb-2.17b79395492413f7", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1373", + "self_link": null, + "uid": "c8665f32-2543-4c25-8c0a-17ac610c9888" + }, + "reason": "Pulled", + "related": null, + "reporting_component": "kubelet", + "reporting_instance": "acto-0-cluster-0-worker3", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker3" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:53+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{tidb}", + "kind": "Pod", + "name": "test-cluster-tidb-2", + "namespace": "acto-namespace", + "resource_version": "1351", + "uid": "77704408-f6a8-425e-a89c-3877fadbf8b6" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:53+00:00", + "message": "Created container tidb", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:53+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:reportingInstance": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:53+00:00" + } + ], + "name": "test-cluster-tidb-2.17b793954a5843eb", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1377", + "self_link": null, + "uid": "d77706c6-b198-4511-b169-ff7bac72705c" + }, + "reason": "Created", + "related": null, + "reporting_component": "kubelet", + "reporting_instance": "acto-0-cluster-0-worker3", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker3" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:53+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{tidb}", + "kind": "Pod", + "name": "test-cluster-tidb-2", + "namespace": "acto-namespace", + "resource_version": "1351", + "uid": "77704408-f6a8-425e-a89c-3877fadbf8b6" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:53+00:00", + "message": "Started container tidb", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:53+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:reportingInstance": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:53+00:00" + } + ], + "name": "test-cluster-tidb-2.17b7939550cf1132", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1381", + "self_link": null, + "uid": "4acfb5cd-a5ec-4ac1-8aac-3a8d26b69818" + }, + "reason": "Started", + "related": null, + "reporting_component": "kubelet", + "reporting_instance": "acto-0-cluster-0-worker3", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker3" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:52+00:00", + "involved_object": { + "api_version": "apps/v1", + "field_path": null, + "kind": "StatefulSet", + "name": "test-cluster-tidb", + "namespace": "acto-namespace", + "resource_version": "1337", + "uid": "275a96f1-4db6-4070-a665-2df5d784b843" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:52+00:00", + "message": "create Pod test-cluster-tidb-0 in StatefulSet test-cluster-tidb successful", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:52+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:52+00:00" + } + ], + "name": "test-cluster-tidb.17b7939523f6ddc4", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1343", + "self_link": null, + "uid": "53072102-fc7f-426c-b778-284e9913d834" + }, + "reason": "SuccessfulCreate", + "related": null, + "reporting_component": "statefulset-controller", + "reporting_instance": "", + "series": null, + "source": { + "component": "statefulset-controller", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:52+00:00", + "involved_object": { + "api_version": "apps/v1", + "field_path": null, + "kind": "StatefulSet", + "name": "test-cluster-tidb", + "namespace": "acto-namespace", + "resource_version": "1337", + "uid": "275a96f1-4db6-4070-a665-2df5d784b843" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:52+00:00", + "message": "create Pod test-cluster-tidb-1 in StatefulSet test-cluster-tidb successful", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:52+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:52+00:00" + } + ], + "name": "test-cluster-tidb.17b7939524339fab", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1348", + "self_link": null, + "uid": "098b3e5d-5832-4a18-93b2-ff3d28e51bcc" + }, + "reason": "SuccessfulCreate", + "related": null, + "reporting_component": "statefulset-controller", + "reporting_instance": "", + "series": null, + "source": { + "component": "statefulset-controller", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:52+00:00", + "involved_object": { + "api_version": "apps/v1", + "field_path": null, + "kind": "StatefulSet", + "name": "test-cluster-tidb", + "namespace": "acto-namespace", + "resource_version": "1337", + "uid": "275a96f1-4db6-4070-a665-2df5d784b843" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:52+00:00", + "message": "create Pod test-cluster-tidb-2 in StatefulSet test-cluster-tidb successful", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:52+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:52+00:00" + } + ], + "name": "test-cluster-tidb.17b793952455ebb2", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1353", + "self_link": null, + "uid": "0106d653-753e-42fb-8031-341c44eff844" + }, + "reason": "SuccessfulCreate", + "related": null, + "reporting_component": "statefulset-controller", + "reporting_instance": "", + "series": null, + "source": { + "component": "statefulset-controller", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:26+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "Pod", + "name": "test-cluster-tikv-0", + "namespace": "acto-namespace", + "resource_version": "1096", + "uid": "ebc480d7-eef9-48ca-8d1f-31c413ae8bab" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:26+00:00", + "message": "Successfully assigned acto-namespace/test-cluster-tikv-0 to acto-0-cluster-0-worker2", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:26+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-scheduler", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:26+00:00" + } + ], + "name": "test-cluster-tikv-0.17b7938f1563d7ab", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1220", + "self_link": null, + "uid": "b33609ca-2180-47bf-9f89-a5b5939e2142" + }, + "reason": "Scheduled", + "related": null, + "reporting_component": "default-scheduler", + "reporting_instance": "", + "series": null, + "source": { + "component": "default-scheduler", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:26+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{raftlog}", + "kind": "Pod", + "name": "test-cluster-tikv-0", + "namespace": "acto-namespace", + "resource_version": "1219", + "uid": "ebc480d7-eef9-48ca-8d1f-31c413ae8bab" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:26+00:00", + "message": "Container image \"busybox:1.34.1\" already present on machine", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:26+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:reportingInstance": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:26+00:00" + } + ], + "name": "test-cluster-tikv-0.17b7938f338bbba6", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1246", + "self_link": null, + "uid": "bc42e495-58d6-4115-8ac5-87a9b4a471f5" + }, + "reason": "Pulled", + "related": null, + "reporting_component": "kubelet", + "reporting_instance": "acto-0-cluster-0-worker2", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker2" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:26+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{raftlog}", + "kind": "Pod", + "name": "test-cluster-tikv-0", + "namespace": "acto-namespace", + "resource_version": "1219", + "uid": "ebc480d7-eef9-48ca-8d1f-31c413ae8bab" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:26+00:00", + "message": "Created container raftlog", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:26+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:reportingInstance": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:26+00:00" + } + ], + "name": "test-cluster-tikv-0.17b7938f34d203b1", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1249", + "self_link": null, + "uid": "80bacca9-60d6-4176-b6a9-b3fa384d925b" + }, + "reason": "Created", + "related": null, + "reporting_component": "kubelet", + "reporting_instance": "acto-0-cluster-0-worker2", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker2" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:26+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{raftlog}", + "kind": "Pod", + "name": "test-cluster-tikv-0", + "namespace": "acto-namespace", + "resource_version": "1219", + "uid": "ebc480d7-eef9-48ca-8d1f-31c413ae8bab" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:26+00:00", + "message": "Started container raftlog", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:26+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:reportingInstance": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:26+00:00" + } + ], + "name": "test-cluster-tikv-0.17b7938f3b4b3c60", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1250", + "self_link": null, + "uid": "3c31e1da-664a-44e4-87e9-e65d7cf45b51" + }, + "reason": "Started", + "related": null, + "reporting_component": "kubelet", + "reporting_instance": "acto-0-cluster-0-worker2", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker2" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:26+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{tikv}", + "kind": "Pod", + "name": "test-cluster-tikv-0", + "namespace": "acto-namespace", + "resource_version": "1219", + "uid": "ebc480d7-eef9-48ca-8d1f-31c413ae8bab" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:26+00:00", + "message": "Container image \"pingcap/tikv:v5.4.0\" already present on machine", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:26+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:reportingInstance": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:26+00:00" + } + ], + "name": "test-cluster-tikv-0.17b7938f3b507234", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1251", + "self_link": null, + "uid": "d44e9bd5-188b-4ed0-a1fa-a62b8d9e4500" + }, + "reason": "Pulled", + "related": null, + "reporting_component": "kubelet", + "reporting_instance": "acto-0-cluster-0-worker2", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker2" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:27+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{tikv}", + "kind": "Pod", + "name": "test-cluster-tikv-0", + "namespace": "acto-namespace", + "resource_version": "1219", + "uid": "ebc480d7-eef9-48ca-8d1f-31c413ae8bab" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:27+00:00", + "message": "Created container tikv", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:27+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:reportingInstance": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:27+00:00" + } + ], + "name": "test-cluster-tikv-0.17b7938f3c547f8a", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1252", + "self_link": null, + "uid": "9035dbda-7fb9-4de4-81ab-e6c23f514684" + }, + "reason": "Created", + "related": null, + "reporting_component": "kubelet", + "reporting_instance": "acto-0-cluster-0-worker2", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker2" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:27+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{tikv}", + "kind": "Pod", + "name": "test-cluster-tikv-0", + "namespace": "acto-namespace", + "resource_version": "1219", + "uid": "ebc480d7-eef9-48ca-8d1f-31c413ae8bab" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:27+00:00", + "message": "Started container tikv", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:27+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:reportingInstance": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:27+00:00" + } + ], + "name": "test-cluster-tikv-0.17b7938f42e43538", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1253", + "self_link": null, + "uid": "a152ff66-323d-48f9-beec-e55197e2fb89" + }, + "reason": "Started", + "related": null, + "reporting_component": "kubelet", + "reporting_instance": "acto-0-cluster-0-worker2", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker2" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:25+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "Pod", + "name": "test-cluster-tikv-1", + "namespace": "acto-namespace", + "resource_version": "1104", + "uid": "fe7fca3f-2c5a-406e-856b-3b0bec9e4bfc" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:25+00:00", + "message": "Successfully assigned acto-namespace/test-cluster-tikv-1 to acto-0-cluster-0-worker", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:25+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-scheduler", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:25+00:00" + } + ], + "name": "test-cluster-tikv-1.17b7938eda2a61fe", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1176", + "self_link": null, + "uid": "0463f690-1dd7-4fad-806f-8a69ecb34cb1" + }, + "reason": "Scheduled", + "related": null, + "reporting_component": "default-scheduler", + "reporting_instance": "", + "series": null, + "source": { + "component": "default-scheduler", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:25+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{raftlog}", + "kind": "Pod", + "name": "test-cluster-tikv-1", + "namespace": "acto-namespace", + "resource_version": "1174", + "uid": "fe7fca3f-2c5a-406e-856b-3b0bec9e4bfc" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:25+00:00", + "message": "Container image \"busybox:1.34.1\" already present on machine", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:25+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:reportingInstance": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:25+00:00" + } + ], + "name": "test-cluster-tikv-1.17b7938ef5050c72", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1205", + "self_link": null, + "uid": "dd4a712e-21f6-454a-a713-9bc741f43fa4" + }, + "reason": "Pulled", + "related": null, + "reporting_component": "kubelet", + "reporting_instance": "acto-0-cluster-0-worker", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:25+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{raftlog}", + "kind": "Pod", + "name": "test-cluster-tikv-1", + "namespace": "acto-namespace", + "resource_version": "1174", + "uid": "fe7fca3f-2c5a-406e-856b-3b0bec9e4bfc" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:25+00:00", + "message": "Created container raftlog", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:25+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:reportingInstance": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:25+00:00" + } + ], + "name": "test-cluster-tikv-1.17b7938ef601720d", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1207", + "self_link": null, + "uid": "d32f74d7-cb1c-4120-84cb-c3a3cce1bfac" + }, + "reason": "Created", + "related": null, + "reporting_component": "kubelet", + "reporting_instance": "acto-0-cluster-0-worker", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:25+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{raftlog}", + "kind": "Pod", + "name": "test-cluster-tikv-1", + "namespace": "acto-namespace", + "resource_version": "1174", + "uid": "fe7fca3f-2c5a-406e-856b-3b0bec9e4bfc" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:25+00:00", + "message": "Started container raftlog", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:25+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:reportingInstance": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:25+00:00" + } + ], + "name": "test-cluster-tikv-1.17b7938efb2c6424", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1209", + "self_link": null, + "uid": "96ecec4f-90df-4372-a6d4-76db6acba939" + }, + "reason": "Started", + "related": null, + "reporting_component": "kubelet", + "reporting_instance": "acto-0-cluster-0-worker", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:25+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{tikv}", + "kind": "Pod", + "name": "test-cluster-tikv-1", + "namespace": "acto-namespace", + "resource_version": "1174", + "uid": "fe7fca3f-2c5a-406e-856b-3b0bec9e4bfc" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:25+00:00", + "message": "Container image \"pingcap/tikv:v5.4.0\" already present on machine", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:25+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:reportingInstance": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:25+00:00" + } + ], + "name": "test-cluster-tikv-1.17b7938efb32e67b", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1211", + "self_link": null, + "uid": "41a8db24-c0ed-4148-ae38-d10208560d2a" + }, + "reason": "Pulled", + "related": null, + "reporting_component": "kubelet", + "reporting_instance": "acto-0-cluster-0-worker", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:25+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{tikv}", + "kind": "Pod", + "name": "test-cluster-tikv-1", + "namespace": "acto-namespace", + "resource_version": "1174", + "uid": "fe7fca3f-2c5a-406e-856b-3b0bec9e4bfc" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:25+00:00", + "message": "Created container tikv", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:25+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:reportingInstance": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:25+00:00" + } + ], + "name": "test-cluster-tikv-1.17b7938efc6dbba0", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1214", + "self_link": null, + "uid": "113e1a56-a068-4b14-b752-8a245cfe80d7" + }, + "reason": "Created", + "related": null, + "reporting_component": "kubelet", + "reporting_instance": "acto-0-cluster-0-worker", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:26+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{tikv}", + "kind": "Pod", + "name": "test-cluster-tikv-1", + "namespace": "acto-namespace", + "resource_version": "1174", + "uid": "fe7fca3f-2c5a-406e-856b-3b0bec9e4bfc" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:26+00:00", + "message": "Started container tikv", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:26+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:reportingInstance": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:26+00:00" + } + ], + "name": "test-cluster-tikv-1.17b7938f018bf99b", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1216", + "self_link": null, + "uid": "10bfc8b3-c943-4a18-93f2-20fe5254fb0c" + }, + "reason": "Started", + "related": null, + "reporting_component": "kubelet", + "reporting_instance": "acto-0-cluster-0-worker", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:25+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "Pod", + "name": "test-cluster-tikv-2", + "namespace": "acto-namespace", + "resource_version": "1105", + "uid": "15df53c3-220b-48c9-82e6-5bde9ad0ef90" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:25+00:00", + "message": "Successfully assigned acto-namespace/test-cluster-tikv-2 to acto-0-cluster-0-worker3", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:25+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-scheduler", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:25+00:00" + } + ], + "name": "test-cluster-tikv-2.17b7938eda505013", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1177", + "self_link": null, + "uid": "0fd091de-ad3c-4af8-9a8b-c6fb8e720321" + }, + "reason": "Scheduled", + "related": null, + "reporting_component": "default-scheduler", + "reporting_instance": "", + "series": null, + "source": { + "component": "default-scheduler", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:25+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{raftlog}", + "kind": "Pod", + "name": "test-cluster-tikv-2", + "namespace": "acto-namespace", + "resource_version": "1175", + "uid": "15df53c3-220b-48c9-82e6-5bde9ad0ef90" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:25+00:00", + "message": "Container image \"busybox:1.34.1\" already present on machine", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:25+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:reportingInstance": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:25+00:00" + } + ], + "name": "test-cluster-tikv-2.17b7938ef4f1c233", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1204", + "self_link": null, + "uid": "9732e420-9792-4c51-b55c-d7a2e738ff0c" + }, + "reason": "Pulled", + "related": null, + "reporting_component": "kubelet", + "reporting_instance": "acto-0-cluster-0-worker3", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker3" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:25+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{raftlog}", + "kind": "Pod", + "name": "test-cluster-tikv-2", + "namespace": "acto-namespace", + "resource_version": "1175", + "uid": "15df53c3-220b-48c9-82e6-5bde9ad0ef90" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:25+00:00", + "message": "Created container raftlog", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:25+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:reportingInstance": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:25+00:00" + } + ], + "name": "test-cluster-tikv-2.17b7938ef6014ea5", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1206", + "self_link": null, + "uid": "e0710cfd-0271-4af7-8b1d-14fb8e605fbd" + }, + "reason": "Created", + "related": null, + "reporting_component": "kubelet", + "reporting_instance": "acto-0-cluster-0-worker3", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker3" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:25+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{raftlog}", + "kind": "Pod", + "name": "test-cluster-tikv-2", + "namespace": "acto-namespace", + "resource_version": "1175", + "uid": "15df53c3-220b-48c9-82e6-5bde9ad0ef90" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:25+00:00", + "message": "Started container raftlog", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:25+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:reportingInstance": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:25+00:00" + } + ], + "name": "test-cluster-tikv-2.17b7938efb2d54d4", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1210", + "self_link": null, + "uid": "ff6663bc-a414-42ac-bf11-f1bdc29b68e8" + }, + "reason": "Started", + "related": null, + "reporting_component": "kubelet", + "reporting_instance": "acto-0-cluster-0-worker3", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker3" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:25+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{tikv}", + "kind": "Pod", + "name": "test-cluster-tikv-2", + "namespace": "acto-namespace", + "resource_version": "1175", + "uid": "15df53c3-220b-48c9-82e6-5bde9ad0ef90" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:25+00:00", + "message": "Container image \"pingcap/tikv:v5.4.0\" already present on machine", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:25+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:reportingInstance": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:25+00:00" + } + ], + "name": "test-cluster-tikv-2.17b7938efb369687", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1212", + "self_link": null, + "uid": "e38f9d00-6f20-4214-93d3-1ddb141799ff" + }, + "reason": "Pulled", + "related": null, + "reporting_component": "kubelet", + "reporting_instance": "acto-0-cluster-0-worker3", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker3" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:25+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{tikv}", + "kind": "Pod", + "name": "test-cluster-tikv-2", + "namespace": "acto-namespace", + "resource_version": "1175", + "uid": "15df53c3-220b-48c9-82e6-5bde9ad0ef90" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:25+00:00", + "message": "Created container tikv", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:25+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:reportingInstance": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:25+00:00" + } + ], + "name": "test-cluster-tikv-2.17b7938efc5fdae4", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1213", + "self_link": null, + "uid": "e0c8c664-847b-4136-af74-b46d13981566" + }, + "reason": "Created", + "related": null, + "reporting_component": "kubelet", + "reporting_instance": "acto-0-cluster-0-worker3", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker3" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:26+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{tikv}", + "kind": "Pod", + "name": "test-cluster-tikv-2", + "namespace": "acto-namespace", + "resource_version": "1175", + "uid": "15df53c3-220b-48c9-82e6-5bde9ad0ef90" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:26+00:00", + "message": "Started container tikv", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:26+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:reportingInstance": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:26+00:00" + } + ], + "name": "test-cluster-tikv-2.17b7938f019c65a4", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1217", + "self_link": null, + "uid": "09f60d89-5169-4f60-b47d-ca02bc3cced1" + }, + "reason": "Started", + "related": null, + "reporting_component": "kubelet", + "reporting_instance": "acto-0-cluster-0-worker3", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker3" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:22+00:00", + "involved_object": { + "api_version": "apps/v1", + "field_path": null, + "kind": "StatefulSet", + "name": "test-cluster-tikv", + "namespace": "acto-namespace", + "resource_version": "1089", + "uid": "0ef3c69e-a6cc-4a35-915f-a63fca1b67f8" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:22+00:00", + "message": "create Claim tikv-test-cluster-tikv-0 Pod test-cluster-tikv-0 in StatefulSet test-cluster-tikv success", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:22+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:22+00:00" + } + ], + "name": "test-cluster-tikv.17b7938e26093aff", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1094", + "self_link": null, + "uid": "77a320ca-9a8c-4f97-a049-c2645f731417" + }, + "reason": "SuccessfulCreate", + "related": null, + "reporting_component": "statefulset-controller", + "reporting_instance": "", + "series": null, + "source": { + "component": "statefulset-controller", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:22+00:00", + "involved_object": { + "api_version": "apps/v1", + "field_path": null, + "kind": "StatefulSet", + "name": "test-cluster-tikv", + "namespace": "acto-namespace", + "resource_version": "1089", + "uid": "0ef3c69e-a6cc-4a35-915f-a63fca1b67f8" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:22+00:00", + "message": "create Pod test-cluster-tikv-0 in StatefulSet test-cluster-tikv successful", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:22+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:22+00:00" + } + ], + "name": "test-cluster-tikv.17b7938e263a792c", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1098", + "self_link": null, + "uid": "1dc470e2-ec1d-4950-a26f-76ac7fbc0197" + }, + "reason": "SuccessfulCreate", + "related": null, + "reporting_component": "statefulset-controller", + "reporting_instance": "", + "series": null, + "source": { + "component": "statefulset-controller", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:22+00:00", + "involved_object": { + "api_version": "apps/v1", + "field_path": null, + "kind": "StatefulSet", + "name": "test-cluster-tikv", + "namespace": "acto-namespace", + "resource_version": "1089", + "uid": "0ef3c69e-a6cc-4a35-915f-a63fca1b67f8" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:22+00:00", + "message": "create Claim tikv-test-cluster-tikv-2 Pod test-cluster-tikv-2 in StatefulSet test-cluster-tikv success", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:22+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:22+00:00" + } + ], + "name": "test-cluster-tikv.17b7938e266aaaf6", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1102", + "self_link": null, + "uid": "e8ef4fe5-2487-4b40-8256-1885a3174bf3" + }, + "reason": "SuccessfulCreate", + "related": null, + "reporting_component": "statefulset-controller", + "reporting_instance": "", + "series": null, + "source": { + "component": "statefulset-controller", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:22+00:00", + "involved_object": { + "api_version": "apps/v1", + "field_path": null, + "kind": "StatefulSet", + "name": "test-cluster-tikv", + "namespace": "acto-namespace", + "resource_version": "1089", + "uid": "0ef3c69e-a6cc-4a35-915f-a63fca1b67f8" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:22+00:00", + "message": "create Claim tikv-test-cluster-tikv-1 Pod test-cluster-tikv-1 in StatefulSet test-cluster-tikv success", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:22+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:22+00:00" + } + ], + "name": "test-cluster-tikv.17b7938e266ae1e0", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1107", + "self_link": null, + "uid": "1958e536-4c54-4571-a229-b5e5c3af998c" + }, + "reason": "SuccessfulCreate", + "related": null, + "reporting_component": "statefulset-controller", + "reporting_instance": "", + "series": null, + "source": { + "component": "statefulset-controller", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:22+00:00", + "involved_object": { + "api_version": "apps/v1", + "field_path": null, + "kind": "StatefulSet", + "name": "test-cluster-tikv", + "namespace": "acto-namespace", + "resource_version": "1089", + "uid": "0ef3c69e-a6cc-4a35-915f-a63fca1b67f8" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:22+00:00", + "message": "create Pod test-cluster-tikv-1 in StatefulSet test-cluster-tikv successful", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:22+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:22+00:00" + } + ], + "name": "test-cluster-tikv.17b7938e26e2599d", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1112", + "self_link": null, + "uid": "4e0f202a-3c2e-473d-a8c3-c63bc5675d86" + }, + "reason": "SuccessfulCreate", + "related": null, + "reporting_component": "statefulset-controller", + "reporting_instance": "", + "series": null, + "source": { + "component": "statefulset-controller", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:22+00:00", + "involved_object": { + "api_version": "apps/v1", + "field_path": null, + "kind": "StatefulSet", + "name": "test-cluster-tikv", + "namespace": "acto-namespace", + "resource_version": "1089", + "uid": "0ef3c69e-a6cc-4a35-915f-a63fca1b67f8" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:22+00:00", + "message": "create Pod test-cluster-tikv-2 in StatefulSet test-cluster-tikv successful", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:22+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:22+00:00" + } + ], + "name": "test-cluster-tikv.17b7938e26ef465d", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1116", + "self_link": null, + "uid": "97bce85e-b38b-4e06-9c31-4e6daec7f789" + }, + "reason": "SuccessfulCreate", + "related": null, + "reporting_component": "statefulset-controller", + "reporting_instance": "", + "series": null, + "source": { + "component": "statefulset-controller", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:19:59+00:00", + "involved_object": { + "api_version": "pingcap.com/v1alpha1", + "field_path": null, + "kind": "TidbCluster", + "name": "test-cluster", + "namespace": "acto-namespace", + "resource_version": "847", + "uid": "eff6561e-bf0d-471c-99a1-71f35603bc87" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:19:59+00:00", + "message": "create Role/test-cluster-discovery for controller TidbCluster/test-cluster successfully", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:19:59+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "tidb-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:59+00:00" + } + ], + "name": "test-cluster.17b79388e6fe1841", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "850", + "self_link": null, + "uid": "d1153126-7b8a-4905-9a2a-18f4f006157d" + }, + "reason": "Successfully Create", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "tidb-controller-manager", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:19:59+00:00", + "involved_object": { + "api_version": "pingcap.com/v1alpha1", + "field_path": null, + "kind": "TidbCluster", + "name": "test-cluster", + "namespace": "acto-namespace", + "resource_version": "847", + "uid": "eff6561e-bf0d-471c-99a1-71f35603bc87" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:19:59+00:00", + "message": "create ServiceAccount/test-cluster-discovery for controller TidbCluster/test-cluster successfully", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:19:59+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "tidb-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:59+00:00" + } + ], + "name": "test-cluster.17b79388e72b4b95", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "851", + "self_link": null, + "uid": "d9f054b1-5798-4859-b3ee-b5c986acb40f" + }, + "reason": "Successfully Create", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "tidb-controller-manager", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:19:59+00:00", + "involved_object": { + "api_version": "pingcap.com/v1alpha1", + "field_path": null, + "kind": "TidbCluster", + "name": "test-cluster", + "namespace": "acto-namespace", + "resource_version": "847", + "uid": "eff6561e-bf0d-471c-99a1-71f35603bc87" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:19:59+00:00", + "message": "create RoleBinding/test-cluster-discovery for controller TidbCluster/test-cluster successfully", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:19:59+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "tidb-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:59+00:00" + } + ], + "name": "test-cluster.17b79388e7c2be3c", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "853", + "self_link": null, + "uid": "4ed8ddb4-b194-4db7-8959-e5358e822d8d" + }, + "reason": "Successfully Create", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "tidb-controller-manager", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:19:59+00:00", + "involved_object": { + "api_version": "pingcap.com/v1alpha1", + "field_path": null, + "kind": "TidbCluster", + "name": "test-cluster", + "namespace": "acto-namespace", + "resource_version": "847", + "uid": "eff6561e-bf0d-471c-99a1-71f35603bc87" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:19:59+00:00", + "message": "create Deployment/test-cluster-discovery for controller TidbCluster/test-cluster successfully", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:19:59+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "tidb-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:59+00:00" + } + ], + "name": "test-cluster.17b79388e80b74bc", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "855", + "self_link": null, + "uid": "056cfa64-e9c0-47e1-8e2a-53390fa15cbe" + }, + "reason": "Successfully Create", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "tidb-controller-manager", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:19:59+00:00", + "involved_object": { + "api_version": "pingcap.com/v1alpha1", + "field_path": null, + "kind": "TidbCluster", + "name": "test-cluster", + "namespace": "acto-namespace", + "resource_version": "847", + "uid": "eff6561e-bf0d-471c-99a1-71f35603bc87" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:19:59+00:00", + "message": "create Service/test-cluster-discovery for controller TidbCluster/test-cluster successfully", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:19:59+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "tidb-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:59+00:00" + } + ], + "name": "test-cluster.17b79388e88f80ac", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "861", + "self_link": null, + "uid": "8f877bf5-4025-476a-bff6-eaf3bfab14fb" + }, + "reason": "Successfully Create", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "tidb-controller-manager", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:19:59+00:00", + "involved_object": { + "api_version": "pingcap.com/v1alpha1", + "field_path": null, + "kind": "TidbCluster", + "name": "test-cluster", + "namespace": "acto-namespace", + "resource_version": "847", + "uid": "eff6561e-bf0d-471c-99a1-71f35603bc87" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:19:59+00:00", + "message": "create Service test-cluster-pd in test-cluster successful", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:19:59+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "tidb-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:59+00:00" + } + ], + "name": "test-cluster.17b79388e9d43701", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "874", + "self_link": null, + "uid": "8cd414ea-06a7-41f4-a4a5-4a89d9f4455b" + }, + "reason": "SuccessfulCreate", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "tidb-controller-manager", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:19:59+00:00", + "involved_object": { + "api_version": "pingcap.com/v1alpha1", + "field_path": null, + "kind": "TidbCluster", + "name": "test-cluster", + "namespace": "acto-namespace", + "resource_version": "847", + "uid": "eff6561e-bf0d-471c-99a1-71f35603bc87" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:19:59+00:00", + "message": "create Service test-cluster-pd-peer in test-cluster successful", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:19:59+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "tidb-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:59+00:00" + } + ], + "name": "test-cluster.17b79388ea6c9b18", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "879", + "self_link": null, + "uid": "7a3fbfcc-9b78-433d-b846-bf8ddd889320" + }, + "reason": "SuccessfulCreate", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "tidb-controller-manager", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:19:59+00:00", + "involved_object": { + "api_version": "pingcap.com/v1alpha1", + "field_path": null, + "kind": "TidbCluster", + "name": "test-cluster", + "namespace": "acto-namespace", + "resource_version": "847", + "uid": "eff6561e-bf0d-471c-99a1-71f35603bc87" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:19:59+00:00", + "message": "create ConfigMap/test-cluster-pd-3731616 for controller TidbCluster/test-cluster successfully", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:19:59+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "tidb-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:59+00:00" + } + ], + "name": "test-cluster.17b79388eae13d40", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "880", + "self_link": null, + "uid": "f1922fb7-999a-447a-a263-41237abd9edb" + }, + "reason": "Successfully Create", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "tidb-controller-manager", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:19:59+00:00", + "involved_object": { + "api_version": "pingcap.com/v1alpha1", + "field_path": null, + "kind": "TidbCluster", + "name": "test-cluster", + "namespace": "acto-namespace", + "resource_version": "847", + "uid": "eff6561e-bf0d-471c-99a1-71f35603bc87" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:19:59+00:00", + "message": "create StatefulSet test-cluster-pd in test-cluster successful", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:00+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "tidb-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:00+00:00" + } + ], + "name": "test-cluster.17b79388eb7661c1", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "929", + "self_link": null, + "uid": "f257f95f-cb87-4d88-a892-22d2dcf6aa60" + }, + "reason": "SuccessfulCreate", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "tidb-controller-manager", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:04+00:00", + "involved_object": { + "api_version": "pingcap.com/v1alpha1", + "field_path": null, + "kind": "TidbCluster", + "name": "test-cluster", + "namespace": "acto-namespace", + "resource_version": "930", + "uid": "eff6561e-bf0d-471c-99a1-71f35603bc87" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:04+00:00", + "message": "patch PV pvc-4ca5c277-cce5-49c9-8693-75ec1a7ef074 in TidbCluster test-cluster successful", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:04+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "tidb-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:04+00:00" + } + ], + "name": "test-cluster.17b7938a00a53dfc", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1015", + "self_link": null, + "uid": "4f05f19b-51a0-41a5-b8d3-42010ccfda5b" + }, + "reason": "SuccessfulPatch", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "tidb-controller-manager", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:04+00:00", + "involved_object": { + "api_version": "pingcap.com/v1alpha1", + "field_path": null, + "kind": "TidbCluster", + "name": "test-cluster", + "namespace": "acto-namespace", + "resource_version": "930", + "uid": "eff6561e-bf0d-471c-99a1-71f35603bc87" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:04+00:00", + "message": "patch PV pvc-6e74bcf6-9557-43e9-975d-c258e0774be5 in TidbCluster test-cluster successful", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:04+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "tidb-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:04+00:00" + } + ], + "name": "test-cluster.17b7938a00e9c1bf", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1018", + "self_link": null, + "uid": "86f0e3a9-67c0-4709-b87e-7fde20e1068e" + }, + "reason": "SuccessfulPatch", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "tidb-controller-manager", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:04+00:00", + "involved_object": { + "api_version": "pingcap.com/v1alpha1", + "field_path": null, + "kind": "TidbCluster", + "name": "test-cluster", + "namespace": "acto-namespace", + "resource_version": "930", + "uid": "eff6561e-bf0d-471c-99a1-71f35603bc87" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:04+00:00", + "message": "patch PV pvc-4347573f-2369-4cd1-aa31-97a0edae4ab5 in TidbCluster test-cluster successful", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:04+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "tidb-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:04+00:00" + } + ], + "name": "test-cluster.17b7938a01b33691", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1025", + "self_link": null, + "uid": "332f6656-3f92-4389-812b-7de699cf2ea1" + }, + "reason": "SuccessfulPatch", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "tidb-controller-manager", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:22+00:00", + "involved_object": { + "api_version": "pingcap.com/v1alpha1", + "field_path": null, + "kind": "TidbCluster", + "name": "test-cluster", + "namespace": "acto-namespace", + "resource_version": "1051", + "uid": "eff6561e-bf0d-471c-99a1-71f35603bc87" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:22+00:00", + "message": "create Service test-cluster-tikv-peer in test-cluster successful", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:22+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "tidb-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:22+00:00" + } + ], + "name": "test-cluster.17b7938e2536098f", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1085", + "self_link": null, + "uid": "6614bee4-0758-4cd3-b354-6a20a7bdffe6" + }, + "reason": "SuccessfulCreate", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "tidb-controller-manager", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:22+00:00", + "involved_object": { + "api_version": "pingcap.com/v1alpha1", + "field_path": null, + "kind": "TidbCluster", + "name": "test-cluster", + "namespace": "acto-namespace", + "resource_version": "1051", + "uid": "eff6561e-bf0d-471c-99a1-71f35603bc87" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:22+00:00", + "message": "create ConfigMap/test-cluster-tikv-3831336 for controller TidbCluster/test-cluster successfully", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:22+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "tidb-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:22+00:00" + } + ], + "name": "test-cluster.17b7938e255f3e2e", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1088", + "self_link": null, + "uid": "c75c89a6-d407-4f98-a6c9-56990e9b2db2" + }, + "reason": "Successfully Create", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "tidb-controller-manager", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:22+00:00", + "involved_object": { + "api_version": "pingcap.com/v1alpha1", + "field_path": null, + "kind": "TidbCluster", + "name": "test-cluster", + "namespace": "acto-namespace", + "resource_version": "1051", + "uid": "eff6561e-bf0d-471c-99a1-71f35603bc87" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:22+00:00", + "message": "create StatefulSet test-cluster-tikv in test-cluster successful", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:22+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "tidb-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:22+00:00" + } + ], + "name": "test-cluster.17b7938e25915b5c", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1090", + "self_link": null, + "uid": "326addc5-8efa-43dd-a011-63c6f4aac654" + }, + "reason": "SuccessfulCreate", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "tidb-controller-manager", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:25+00:00", + "involved_object": { + "api_version": "pingcap.com/v1alpha1", + "field_path": null, + "kind": "TidbCluster", + "name": "test-cluster", + "namespace": "acto-namespace", + "resource_version": "1132", + "uid": "eff6561e-bf0d-471c-99a1-71f35603bc87" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:25+00:00", + "message": "patch PV pvc-4c76d8f3-3a67-412e-875b-dae964805d9f in TidbCluster test-cluster successful", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:25+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "tidb-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:25+00:00" + } + ], + "name": "test-cluster.17b7938ee7768479", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1191", + "self_link": null, + "uid": "9089839a-3aae-405a-835e-89055e563b62" + }, + "reason": "SuccessfulPatch", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "tidb-controller-manager", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:25+00:00", + "involved_object": { + "api_version": "pingcap.com/v1alpha1", + "field_path": null, + "kind": "TidbCluster", + "name": "test-cluster", + "namespace": "acto-namespace", + "resource_version": "1132", + "uid": "eff6561e-bf0d-471c-99a1-71f35603bc87" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:25+00:00", + "message": "patch PV pvc-36ffe414-4968-4c09-977a-799a62b46134 in TidbCluster test-cluster successful", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:25+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "tidb-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:25+00:00" + } + ], + "name": "test-cluster.17b7938ee7a92c24", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1193", + "self_link": null, + "uid": "25ad7962-2cd5-4fb1-a7fd-31560c157dff" + }, + "reason": "SuccessfulPatch", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "tidb-controller-manager", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:26+00:00", + "involved_object": { + "api_version": "pingcap.com/v1alpha1", + "field_path": null, + "kind": "TidbCluster", + "name": "test-cluster", + "namespace": "acto-namespace", + "resource_version": "1196", + "uid": "eff6561e-bf0d-471c-99a1-71f35603bc87" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:26+00:00", + "message": "patch PV pvc-c3881bdf-3987-4437-afed-2cce93ffbdf3 in TidbCluster test-cluster successful", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:26+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "tidb-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:26+00:00" + } + ], + "name": "test-cluster.17b7938f192d7eb0", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1227", + "self_link": null, + "uid": "d664759b-d6f1-45e0-b371-a58626ae85f6" + }, + "reason": "SuccessfulPatch", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "tidb-controller-manager", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:52+00:00", + "involved_object": { + "api_version": "pingcap.com/v1alpha1", + "field_path": null, + "kind": "TidbCluster", + "name": "test-cluster", + "namespace": "acto-namespace", + "resource_version": "1276", + "uid": "eff6561e-bf0d-471c-99a1-71f35603bc87" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:52+00:00", + "message": "create Service test-cluster-tidb-peer in test-cluster successful", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:52+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "tidb-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:52+00:00" + } + ], + "name": "test-cluster.17b7939522422f7f", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1328", + "self_link": null, + "uid": "42b87236-9ae6-46c7-ac5a-7c2ded1c2dbf" + }, + "reason": "SuccessfulCreate", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "tidb-controller-manager", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:52+00:00", + "involved_object": { + "api_version": "pingcap.com/v1alpha1", + "field_path": null, + "kind": "TidbCluster", + "name": "test-cluster", + "namespace": "acto-namespace", + "resource_version": "1276", + "uid": "eff6561e-bf0d-471c-99a1-71f35603bc87" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:52+00:00", + "message": "create Service test-cluster-tidb in test-cluster successful", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:52+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "tidb-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:52+00:00" + } + ], + "name": "test-cluster.17b7939522d7ca82", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1335", + "self_link": null, + "uid": "7b1a3adc-4975-46c0-8081-006f50546121" + }, + "reason": "SuccessfulCreate", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "tidb-controller-manager", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:52+00:00", + "involved_object": { + "api_version": "pingcap.com/v1alpha1", + "field_path": null, + "kind": "TidbCluster", + "name": "test-cluster", + "namespace": "acto-namespace", + "resource_version": "1276", + "uid": "eff6561e-bf0d-471c-99a1-71f35603bc87" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:52+00:00", + "message": "create ConfigMap/test-cluster-tidb-6662316 for controller TidbCluster/test-cluster successfully", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:52+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "tidb-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:52+00:00" + } + ], + "name": "test-cluster.17b793952310eb7c", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1336", + "self_link": null, + "uid": "4da22bf8-763d-48d7-b40f-3d971c6b90f2" + }, + "reason": "Successfully Create", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "tidb-controller-manager", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:52+00:00", + "involved_object": { + "api_version": "pingcap.com/v1alpha1", + "field_path": null, + "kind": "TidbCluster", + "name": "test-cluster", + "namespace": "acto-namespace", + "resource_version": "1276", + "uid": "eff6561e-bf0d-471c-99a1-71f35603bc87" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:52+00:00", + "message": "create StatefulSet test-cluster-tidb in test-cluster successful", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:52+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "tidb-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:52+00:00" + } + ], + "name": "test-cluster.17b79395235139f8", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1338", + "self_link": null, + "uid": "690663af-229f-4973-80c8-d08287f45821" + }, + "reason": "SuccessfulCreate", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "tidb-controller-manager", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:19:29+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "Pod", + "name": "tidb-controller-manager-557c4dfc97-7cn54", + "namespace": "acto-namespace", + "resource_version": "683", + "uid": "1b5f4287-9e8f-4dfd-b476-83d117b0f171" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:19:29+00:00", + "message": "Successfully assigned acto-namespace/tidb-controller-manager-557c4dfc97-7cn54 to acto-0-cluster-0-worker3", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:19:29+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-scheduler", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:29+00:00" + } + ], + "name": "tidb-controller-manager-557c4dfc97-7cn54.17b79381c28e1d3e", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "694", + "self_link": null, + "uid": "69b39543-6ac4-474d-97a6-2ffcd89960ae" + }, + "reason": "Scheduled", + "related": null, + "reporting_component": "default-scheduler", + "reporting_instance": "", + "series": null, + "source": { + "component": "default-scheduler", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:19:29+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{tidb-operator}", + "kind": "Pod", + "name": "tidb-controller-manager-557c4dfc97-7cn54", + "namespace": "acto-namespace", + "resource_version": "688", + "uid": "1b5f4287-9e8f-4dfd-b476-83d117b0f171" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:19:29+00:00", + "message": "Container image \"pingcap/tidb-operator:v1.3.2\" already present on machine", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:19:29+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:reportingInstance": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:29+00:00" + } + ], + "name": "tidb-controller-manager-557c4dfc97-7cn54.17b79381f31bf100", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "703", + "self_link": null, + "uid": "bdb1507f-1ef4-43e0-adef-cd025e9d9999" + }, + "reason": "Pulled", + "related": null, + "reporting_component": "kubelet", + "reporting_instance": "acto-0-cluster-0-worker3", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker3" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:19:29+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{tidb-operator}", + "kind": "Pod", + "name": "tidb-controller-manager-557c4dfc97-7cn54", + "namespace": "acto-namespace", + "resource_version": "688", + "uid": "1b5f4287-9e8f-4dfd-b476-83d117b0f171" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:19:29+00:00", + "message": "Created container tidb-operator", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:19:29+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:reportingInstance": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:29+00:00" + } + ], + "name": "tidb-controller-manager-557c4dfc97-7cn54.17b79381f5221b31", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "705", + "self_link": null, + "uid": "eecc9382-c45f-45c1-913e-b1e24feef0ca" + }, + "reason": "Created", + "related": null, + "reporting_component": "kubelet", + "reporting_instance": "acto-0-cluster-0-worker3", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker3" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:19:30+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{tidb-operator}", + "kind": "Pod", + "name": "tidb-controller-manager-557c4dfc97-7cn54", + "namespace": "acto-namespace", + "resource_version": "688", + "uid": "1b5f4287-9e8f-4dfd-b476-83d117b0f171" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:19:30+00:00", + "message": "Started container tidb-operator", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:19:30+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:reportingInstance": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:30+00:00" + } + ], + "name": "tidb-controller-manager-557c4dfc97-7cn54.17b79381fecb40a5", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "707", + "self_link": null, + "uid": "d421a566-e8dd-4edb-a641-45aa286e5dce" + }, + "reason": "Started", + "related": null, + "reporting_component": "kubelet", + "reporting_instance": "acto-0-cluster-0-worker3", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker3" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:19:35+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{tidb-operator}", + "kind": "Pod", + "name": "tidb-controller-manager-557c4dfc97-7cn54", + "namespace": "acto-namespace", + "resource_version": "688", + "uid": "1b5f4287-9e8f-4dfd-b476-83d117b0f171" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:19:35+00:00", + "message": "Stopping container tidb-operator", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:19:35+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:reportingInstance": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:35+00:00" + } + ], + "name": "tidb-controller-manager-557c4dfc97-7cn54.17b793833f242946", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "779", + "self_link": null, + "uid": "30ee6997-c5d1-4e9e-a856-0f69b161d829" + }, + "reason": "Killing", + "related": null, + "reporting_component": "kubelet", + "reporting_instance": "acto-0-cluster-0-worker3", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker3" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:19:29+00:00", + "involved_object": { + "api_version": "apps/v1", + "field_path": null, + "kind": "ReplicaSet", + "name": "tidb-controller-manager-557c4dfc97", + "namespace": "acto-namespace", + "resource_version": "678", + "uid": "9180745c-6c23-4a06-a200-47a31555f8ce" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:19:29+00:00", + "message": "Created pod: tidb-controller-manager-557c4dfc97-7cn54", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:19:29+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:29+00:00" + } + ], + "name": "tidb-controller-manager-557c4dfc97.17b79381c2558677", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "687", + "self_link": null, + "uid": "00f5807c-5093-4833-b382-d1754c3d5297" + }, + "reason": "SuccessfulCreate", + "related": null, + "reporting_component": "replicaset-controller", + "reporting_instance": "", + "series": null, + "source": { + "component": "replicaset-controller", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:19:35+00:00", + "involved_object": { + "api_version": "apps/v1", + "field_path": null, + "kind": "ReplicaSet", + "name": "tidb-controller-manager-557c4dfc97", + "namespace": "acto-namespace", + "resource_version": "774", + "uid": "9180745c-6c23-4a06-a200-47a31555f8ce" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:19:35+00:00", + "message": "Deleted pod: tidb-controller-manager-557c4dfc97-7cn54", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:19:35+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:35+00:00" + } + ], + "name": "tidb-controller-manager-557c4dfc97.17b793833f1f6637", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "778", + "self_link": null, + "uid": "05f1fb77-fe6c-40c0-a01e-2e70869edd5d" + }, + "reason": "SuccessfulDelete", + "related": null, + "reporting_component": "replicaset-controller", + "reporting_instance": "", + "series": null, + "source": { + "component": "replicaset-controller", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:19:34+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "Pod", + "name": "tidb-controller-manager-7b6bdb846c-75s8q", + "namespace": "acto-namespace", + "resource_version": "733", + "uid": "b93e5400-95b9-4849-81cd-5e05969d0494" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:19:34+00:00", + "message": "Successfully assigned acto-namespace/tidb-controller-manager-7b6bdb846c-75s8q to acto-0-cluster-0-worker", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:19:34+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-scheduler", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:34+00:00" + } + ], + "name": "tidb-controller-manager-7b6bdb846c-75s8q.17b79382f0ef9d5d", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "739", + "self_link": null, + "uid": "abb007ec-30c8-44bf-ba8d-ee8d162898fa" + }, + "reason": "Scheduled", + "related": null, + "reporting_component": "default-scheduler", + "reporting_instance": "", + "series": null, + "source": { + "component": "default-scheduler", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:19:34+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{tidb-operator}", + "kind": "Pod", + "name": "tidb-controller-manager-7b6bdb846c-75s8q", + "namespace": "acto-namespace", + "resource_version": "736", + "uid": "b93e5400-95b9-4849-81cd-5e05969d0494" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:19:34+00:00", + "message": "Container image \"pingcap/tidb-operator:v1.3.2\" already present on machine", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:19:34+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:reportingInstance": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:34+00:00" + } + ], + "name": "tidb-controller-manager-7b6bdb846c-75s8q.17b793830dbfd9db", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "760", + "self_link": null, + "uid": "351f136c-c251-425c-a0d5-198a76e5f8c4" + }, + "reason": "Pulled", + "related": null, + "reporting_component": "kubelet", + "reporting_instance": "acto-0-cluster-0-worker", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:19:34+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{tidb-operator}", + "kind": "Pod", + "name": "tidb-controller-manager-7b6bdb846c-75s8q", + "namespace": "acto-namespace", + "resource_version": "736", + "uid": "b93e5400-95b9-4849-81cd-5e05969d0494" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:19:34+00:00", + "message": "Created container tidb-operator", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:19:34+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:reportingInstance": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:34+00:00" + } + ], + "name": "tidb-controller-manager-7b6bdb846c-75s8q.17b79383103b9d93", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "762", + "self_link": null, + "uid": "189bf675-5df0-4040-8e95-441bf2769244" + }, + "reason": "Created", + "related": null, + "reporting_component": "kubelet", + "reporting_instance": "acto-0-cluster-0-worker", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:19:34+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{tidb-operator}", + "kind": "Pod", + "name": "tidb-controller-manager-7b6bdb846c-75s8q", + "namespace": "acto-namespace", + "resource_version": "736", + "uid": "b93e5400-95b9-4849-81cd-5e05969d0494" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:19:34+00:00", + "message": "Started container tidb-operator", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:19:34+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:reportingInstance": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:34+00:00" + } + ], + "name": "tidb-controller-manager-7b6bdb846c-75s8q.17b7938315b8e0ae", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "764", + "self_link": null, + "uid": "ddad3e10-12d8-4f8d-8402-e9618638303a" + }, + "reason": "Started", + "related": null, + "reporting_component": "kubelet", + "reporting_instance": "acto-0-cluster-0-worker", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:19:34+00:00", + "involved_object": { + "api_version": "apps/v1", + "field_path": null, + "kind": "ReplicaSet", + "name": "tidb-controller-manager-7b6bdb846c", + "namespace": "acto-namespace", + "resource_version": "730", + "uid": "bb205349-db16-4be3-a580-837c95106a43" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:19:34+00:00", + "message": "Created pod: tidb-controller-manager-7b6bdb846c-75s8q", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:19:34+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:34+00:00" + } + ], + "name": "tidb-controller-manager-7b6bdb846c.17b79382f0b85ff8", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "735", + "self_link": null, + "uid": "438f5cb3-56de-4997-aaa9-1a2bdd39ee57" + }, + "reason": "SuccessfulCreate", + "related": null, + "reporting_component": "replicaset-controller", + "reporting_instance": "", + "series": null, + "source": { + "component": "replicaset-controller", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:19:29+00:00", + "involved_object": { + "api_version": "apps/v1", + "field_path": null, + "kind": "Deployment", + "name": "tidb-controller-manager", + "namespace": "acto-namespace", + "resource_version": "677", + "uid": "9c9a1175-4094-401b-b70a-d6cf986e73ea" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:19:29+00:00", + "message": "Scaled up replica set tidb-controller-manager-557c4dfc97 to 1", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:19:29+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:29+00:00" + } + ], + "name": "tidb-controller-manager.17b79381c2020862", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "680", + "self_link": null, + "uid": "8c975d09-3a93-447f-a68d-a1750538a27c" + }, + "reason": "ScalingReplicaSet", + "related": null, + "reporting_component": "deployment-controller", + "reporting_instance": "", + "series": null, + "source": { + "component": "deployment-controller", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:19:34+00:00", + "involved_object": { + "api_version": "apps/v1", + "field_path": null, + "kind": "Deployment", + "name": "tidb-controller-manager", + "namespace": "acto-namespace", + "resource_version": "729", + "uid": "9c9a1175-4094-401b-b70a-d6cf986e73ea" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:19:34+00:00", + "message": "Scaled up replica set tidb-controller-manager-7b6bdb846c to 1", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:19:34+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:34+00:00" + } + ], + "name": "tidb-controller-manager.17b79382f089349d", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "732", + "self_link": null, + "uid": "77e5954f-a6cd-4bbe-ada7-a4ae06c953fe" + }, + "reason": "ScalingReplicaSet", + "related": null, + "reporting_component": "deployment-controller", + "reporting_instance": "", + "series": null, + "source": { + "component": "deployment-controller", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:19:35+00:00", + "involved_object": { + "api_version": "apps/v1", + "field_path": null, + "kind": "Deployment", + "name": "tidb-controller-manager", + "namespace": "acto-namespace", + "resource_version": "745", + "uid": "9c9a1175-4094-401b-b70a-d6cf986e73ea" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:19:35+00:00", + "message": "Scaled down replica set tidb-controller-manager-557c4dfc97 to 0 from 1", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:19:35+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:35+00:00" + } + ], + "name": "tidb-controller-manager.17b793833ee02683", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "775", + "self_link": null, + "uid": "dc4f188e-ae44-4d36-8be6-1d6b8b4637f4" + }, + "reason": "ScalingReplicaSet", + "related": null, + "reporting_component": "deployment-controller", + "reporting_instance": "", + "series": null, + "source": { + "component": "deployment-controller", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:19:34+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "Pod", + "name": "tidb-scheduler-77874455fc-dxfhz", + "namespace": "acto-namespace", + "resource_version": "746", + "uid": "b5ef8809-da58-498b-8b27-4d7f2c32a074" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:19:34+00:00", + "message": "Successfully assigned acto-namespace/tidb-scheduler-77874455fc-dxfhz to acto-0-cluster-0-worker3", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:19:34+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-scheduler", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:34+00:00" + } + ], + "name": "tidb-scheduler-77874455fc-dxfhz.17b79382f1bab450", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "751", + "self_link": null, + "uid": "76105014-dc43-4da9-837f-63321a24daf4" + }, + "reason": "Scheduled", + "related": null, + "reporting_component": "default-scheduler", + "reporting_instance": "", + "series": null, + "source": { + "component": "default-scheduler", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:19:34+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{tidb-scheduler}", + "kind": "Pod", + "name": "tidb-scheduler-77874455fc-dxfhz", + "namespace": "acto-namespace", + "resource_version": "749", + "uid": "b5ef8809-da58-498b-8b27-4d7f2c32a074" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:19:34+00:00", + "message": "Container image \"pingcap/tidb-operator:v1.3.2\" already present on machine", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:19:34+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:reportingInstance": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:34+00:00" + } + ], + "name": "tidb-scheduler-77874455fc-dxfhz.17b793830d91d436", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "759", + "self_link": null, + "uid": "df3dc8ab-add8-4fcb-8251-1e7b66c0f09f" + }, + "reason": "Pulled", + "related": null, + "reporting_component": "kubelet", + "reporting_instance": "acto-0-cluster-0-worker3", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker3" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:19:34+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{tidb-scheduler}", + "kind": "Pod", + "name": "tidb-scheduler-77874455fc-dxfhz", + "namespace": "acto-namespace", + "resource_version": "749", + "uid": "b5ef8809-da58-498b-8b27-4d7f2c32a074" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:19:34+00:00", + "message": "Created container tidb-scheduler", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:19:34+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:reportingInstance": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:34+00:00" + } + ], + "name": "tidb-scheduler-77874455fc-dxfhz.17b7938310187511", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "761", + "self_link": null, + "uid": "3563840d-22c3-4d0b-b94d-134320807e14" + }, + "reason": "Created", + "related": null, + "reporting_component": "kubelet", + "reporting_instance": "acto-0-cluster-0-worker3", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker3" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:19:34+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{tidb-scheduler}", + "kind": "Pod", + "name": "tidb-scheduler-77874455fc-dxfhz", + "namespace": "acto-namespace", + "resource_version": "749", + "uid": "b5ef8809-da58-498b-8b27-4d7f2c32a074" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:19:34+00:00", + "message": "Started container tidb-scheduler", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:19:34+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:reportingInstance": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:34+00:00" + } + ], + "name": "tidb-scheduler-77874455fc-dxfhz.17b7938318eabb82", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "765", + "self_link": null, + "uid": "c4fb5270-327b-4d1a-af07-c21b490be25a" + }, + "reason": "Started", + "related": null, + "reporting_component": "kubelet", + "reporting_instance": "acto-0-cluster-0-worker3", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker3" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:19:34+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{kube-scheduler}", + "kind": "Pod", + "name": "tidb-scheduler-77874455fc-dxfhz", + "namespace": "acto-namespace", + "resource_version": "749", + "uid": "b5ef8809-da58-498b-8b27-4d7f2c32a074" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:19:34+00:00", + "message": "Pulling image \"k8s.gcr.io/kube-scheduler:v1.22.9\"", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:19:34+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:reportingInstance": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:34+00:00" + } + ], + "name": "tidb-scheduler-77874455fc-dxfhz.17b7938318f2ca88", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "766", + "self_link": null, + "uid": "10a53c7a-7c7e-4a6d-a9d5-80392239ad02" + }, + "reason": "Pulling", + "related": null, + "reporting_component": "kubelet", + "reporting_instance": "acto-0-cluster-0-worker3", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker3" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:19:36+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{kube-scheduler}", + "kind": "Pod", + "name": "tidb-scheduler-77874455fc-dxfhz", + "namespace": "acto-namespace", + "resource_version": "749", + "uid": "b5ef8809-da58-498b-8b27-4d7f2c32a074" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:19:36+00:00", + "message": "Successfully pulled image \"k8s.gcr.io/kube-scheduler:v1.22.9\" in 1.455s (1.455s including waiting)", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:19:36+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:reportingInstance": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:36+00:00" + } + ], + "name": "tidb-scheduler-77874455fc-dxfhz.17b793836fad6d59", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "784", + "self_link": null, + "uid": "601a8526-4199-4231-a569-ec42d57166c2" + }, + "reason": "Pulled", + "related": null, + "reporting_component": "kubelet", + "reporting_instance": "acto-0-cluster-0-worker3", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker3" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:19:36+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{kube-scheduler}", + "kind": "Pod", + "name": "tidb-scheduler-77874455fc-dxfhz", + "namespace": "acto-namespace", + "resource_version": "749", + "uid": "b5ef8809-da58-498b-8b27-4d7f2c32a074" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:19:36+00:00", + "message": "Created container kube-scheduler", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:19:36+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:reportingInstance": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:36+00:00" + } + ], + "name": "tidb-scheduler-77874455fc-dxfhz.17b7938370ac20c5", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "786", + "self_link": null, + "uid": "23293e52-71f2-4aba-ba42-803e422c5e73" + }, + "reason": "Created", + "related": null, + "reporting_component": "kubelet", + "reporting_instance": "acto-0-cluster-0-worker3", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker3" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:19:36+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{kube-scheduler}", + "kind": "Pod", + "name": "tidb-scheduler-77874455fc-dxfhz", + "namespace": "acto-namespace", + "resource_version": "749", + "uid": "b5ef8809-da58-498b-8b27-4d7f2c32a074" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:19:36+00:00", + "message": "Started container kube-scheduler", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:19:36+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:reportingInstance": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:36+00:00" + } + ], + "name": "tidb-scheduler-77874455fc-dxfhz.17b7938376bc6e76", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "787", + "self_link": null, + "uid": "83973356-a659-4c38-8c6d-9a447f166c92" + }, + "reason": "Started", + "related": null, + "reporting_component": "kubelet", + "reporting_instance": "acto-0-cluster-0-worker3", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker3" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:19:34+00:00", + "involved_object": { + "api_version": "apps/v1", + "field_path": null, + "kind": "ReplicaSet", + "name": "tidb-scheduler-77874455fc", + "namespace": "acto-namespace", + "resource_version": "742", + "uid": "c9b2667a-583a-46ba-9e81-967fa44bd897" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:19:34+00:00", + "message": "Created pod: tidb-scheduler-77874455fc-dxfhz", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:19:34+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:34+00:00" + } + ], + "name": "tidb-scheduler-77874455fc.17b79382f17cefc8", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "748", + "self_link": null, + "uid": "b2e2b420-148c-41ac-8439-7136dd7f8ed1" + }, + "reason": "SuccessfulCreate", + "related": null, + "reporting_component": "replicaset-controller", + "reporting_instance": "", + "series": null, + "source": { + "component": "replicaset-controller", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:19:29+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "Pod", + "name": "tidb-scheduler-9cbd6945f-8qz6m", + "namespace": "acto-namespace", + "resource_version": "685", + "uid": "a50b4b85-3b9b-4858-9bf7-36c17086b4f9" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:19:29+00:00", + "message": "Successfully assigned acto-namespace/tidb-scheduler-9cbd6945f-8qz6m to acto-0-cluster-0-worker2", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:19:29+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-scheduler", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:29+00:00" + } + ], + "name": "tidb-scheduler-9cbd6945f-8qz6m.17b79381c2aeebc2", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "698", + "self_link": null, + "uid": "081dfeb2-aba1-401b-9113-ba441134f1cc" + }, + "reason": "Scheduled", + "related": null, + "reporting_component": "default-scheduler", + "reporting_instance": "", + "series": null, + "source": { + "component": "default-scheduler", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:19:29+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{tidb-scheduler}", + "kind": "Pod", + "name": "tidb-scheduler-9cbd6945f-8qz6m", + "namespace": "acto-namespace", + "resource_version": "692", + "uid": "a50b4b85-3b9b-4858-9bf7-36c17086b4f9" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:19:29+00:00", + "message": "Container image \"pingcap/tidb-operator:v1.3.2\" already present on machine", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:19:29+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:reportingInstance": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:29+00:00" + } + ], + "name": "tidb-scheduler-9cbd6945f-8qz6m.17b79381f329a917", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "704", + "self_link": null, + "uid": "80e38923-172c-4048-bdff-743580034687" + }, + "reason": "Pulled", + "related": null, + "reporting_component": "kubelet", + "reporting_instance": "acto-0-cluster-0-worker2", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker2" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:19:29+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{tidb-scheduler}", + "kind": "Pod", + "name": "tidb-scheduler-9cbd6945f-8qz6m", + "namespace": "acto-namespace", + "resource_version": "692", + "uid": "a50b4b85-3b9b-4858-9bf7-36c17086b4f9" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:19:29+00:00", + "message": "Created container tidb-scheduler", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:19:29+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:reportingInstance": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:29+00:00" + } + ], + "name": "tidb-scheduler-9cbd6945f-8qz6m.17b79381f534e7ac", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "706", + "self_link": null, + "uid": "c34387bc-b1f6-4183-89e0-52dd5b64663f" + }, + "reason": "Created", + "related": null, + "reporting_component": "kubelet", + "reporting_instance": "acto-0-cluster-0-worker2", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker2" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:19:30+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{tidb-scheduler}", + "kind": "Pod", + "name": "tidb-scheduler-9cbd6945f-8qz6m", + "namespace": "acto-namespace", + "resource_version": "692", + "uid": "a50b4b85-3b9b-4858-9bf7-36c17086b4f9" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:19:30+00:00", + "message": "Started container tidb-scheduler", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:19:30+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:reportingInstance": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:30+00:00" + } + ], + "name": "tidb-scheduler-9cbd6945f-8qz6m.17b79381fedf92fb", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "708", + "self_link": null, + "uid": "28676b59-cf5d-4b20-b3b9-0b1c12a57deb" + }, + "reason": "Started", + "related": null, + "reporting_component": "kubelet", + "reporting_instance": "acto-0-cluster-0-worker2", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker2" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:19:30+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{kube-scheduler}", + "kind": "Pod", + "name": "tidb-scheduler-9cbd6945f-8qz6m", + "namespace": "acto-namespace", + "resource_version": "692", + "uid": "a50b4b85-3b9b-4858-9bf7-36c17086b4f9" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:19:30+00:00", + "message": "Pulling image \"k8s.gcr.io/kube-scheduler:v1.22.9\"", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:19:30+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:reportingInstance": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:30+00:00" + } + ], + "name": "tidb-scheduler-9cbd6945f-8qz6m.17b79381feec63af", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "709", + "self_link": null, + "uid": "470165b6-c4b9-4dff-a92f-4eab2e11ba16" + }, + "reason": "Pulling", + "related": null, + "reporting_component": "kubelet", + "reporting_instance": "acto-0-cluster-0-worker2", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker2" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:19:31+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{kube-scheduler}", + "kind": "Pod", + "name": "tidb-scheduler-9cbd6945f-8qz6m", + "namespace": "acto-namespace", + "resource_version": "692", + "uid": "a50b4b85-3b9b-4858-9bf7-36c17086b4f9" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:19:31+00:00", + "message": "Successfully pulled image \"k8s.gcr.io/kube-scheduler:v1.22.9\" in 1.318s (1.318s including waiting)", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:19:31+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:reportingInstance": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:31+00:00" + } + ], + "name": "tidb-scheduler-9cbd6945f-8qz6m.17b793824d7bc8c6", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "717", + "self_link": null, + "uid": "1387368b-2cf6-4356-bfad-199112e0abc4" + }, + "reason": "Pulled", + "related": null, + "reporting_component": "kubelet", + "reporting_instance": "acto-0-cluster-0-worker2", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker2" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:19:31+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{kube-scheduler}", + "kind": "Pod", + "name": "tidb-scheduler-9cbd6945f-8qz6m", + "namespace": "acto-namespace", + "resource_version": "692", + "uid": "a50b4b85-3b9b-4858-9bf7-36c17086b4f9" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:19:31+00:00", + "message": "Created container kube-scheduler", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:19:31+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:reportingInstance": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:31+00:00" + } + ], + "name": "tidb-scheduler-9cbd6945f-8qz6m.17b793824e8eae31", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "718", + "self_link": null, + "uid": "d218df26-0c9e-4f80-84ff-6282d7072e35" + }, + "reason": "Created", + "related": null, + "reporting_component": "kubelet", + "reporting_instance": "acto-0-cluster-0-worker2", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker2" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:19:31+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{kube-scheduler}", + "kind": "Pod", + "name": "tidb-scheduler-9cbd6945f-8qz6m", + "namespace": "acto-namespace", + "resource_version": "692", + "uid": "a50b4b85-3b9b-4858-9bf7-36c17086b4f9" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:19:31+00:00", + "message": "Started container kube-scheduler", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:19:31+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:reportingInstance": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:31+00:00" + } + ], + "name": "tidb-scheduler-9cbd6945f-8qz6m.17b7938257e3c299", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "719", + "self_link": null, + "uid": "d488ad29-de1a-4eeb-ab1e-d03803e3379f" + }, + "reason": "Started", + "related": null, + "reporting_component": "kubelet", + "reporting_instance": "acto-0-cluster-0-worker2", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker2" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:19:37+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{tidb-scheduler}", + "kind": "Pod", + "name": "tidb-scheduler-9cbd6945f-8qz6m", + "namespace": "acto-namespace", + "resource_version": "692", + "uid": "a50b4b85-3b9b-4858-9bf7-36c17086b4f9" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:19:37+00:00", + "message": "Stopping container tidb-scheduler", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:19:37+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:reportingInstance": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:37+00:00" + } + ], + "name": "tidb-scheduler-9cbd6945f-8qz6m.17b79383ac8e41e0", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "799", + "self_link": null, + "uid": "f04403ab-a7e4-4eda-bdcf-ea4d070f402d" + }, + "reason": "Killing", + "related": null, + "reporting_component": "kubelet", + "reporting_instance": "acto-0-cluster-0-worker2", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker2" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:19:37+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{kube-scheduler}", + "kind": "Pod", + "name": "tidb-scheduler-9cbd6945f-8qz6m", + "namespace": "acto-namespace", + "resource_version": "692", + "uid": "a50b4b85-3b9b-4858-9bf7-36c17086b4f9" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:19:37+00:00", + "message": "Stopping container kube-scheduler", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:19:37+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:reportingInstance": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:37+00:00" + } + ], + "name": "tidb-scheduler-9cbd6945f-8qz6m.17b79383ac8f11c6", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "801", + "self_link": null, + "uid": "af6113a7-3b4d-4a4c-b3f7-c469abf9d11a" + }, + "reason": "Killing", + "related": null, + "reporting_component": "kubelet", + "reporting_instance": "acto-0-cluster-0-worker2", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker2" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:19:29+00:00", + "involved_object": { + "api_version": "apps/v1", + "field_path": null, + "kind": "ReplicaSet", + "name": "tidb-scheduler-9cbd6945f", + "namespace": "acto-namespace", + "resource_version": "682", + "uid": "f692c4ab-ad60-4ebc-a2dc-e0dbbe13e0dc" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:19:29+00:00", + "message": "Created pod: tidb-scheduler-9cbd6945f-8qz6m", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:19:29+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:29+00:00" + } + ], + "name": "tidb-scheduler-9cbd6945f.17b79381c27813d8", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "693", + "self_link": null, + "uid": "f03b16cd-0651-4742-abe7-335db9507fa0" + }, + "reason": "SuccessfulCreate", + "related": null, + "reporting_component": "replicaset-controller", + "reporting_instance": "", + "series": null, + "source": { + "component": "replicaset-controller", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:19:37+00:00", + "involved_object": { + "api_version": "apps/v1", + "field_path": null, + "kind": "ReplicaSet", + "name": "tidb-scheduler-9cbd6945f", + "namespace": "acto-namespace", + "resource_version": "794", + "uid": "f692c4ab-ad60-4ebc-a2dc-e0dbbe13e0dc" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:19:37+00:00", + "message": "Deleted pod: tidb-scheduler-9cbd6945f-8qz6m", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:19:37+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:37+00:00" + } + ], + "name": "tidb-scheduler-9cbd6945f.17b79383ac86ee05", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "800", + "self_link": null, + "uid": "b36f6ad9-bafe-44b8-9a8e-21a260f97113" + }, + "reason": "SuccessfulDelete", + "related": null, + "reporting_component": "replicaset-controller", + "reporting_instance": "", + "series": null, + "source": { + "component": "replicaset-controller", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:19:29+00:00", + "involved_object": { + "api_version": "apps/v1", + "field_path": null, + "kind": "Deployment", + "name": "tidb-scheduler", + "namespace": "acto-namespace", + "resource_version": "679", + "uid": "20ba2e7c-07eb-48ca-a4b7-a91c7be753f3" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:19:29+00:00", + "message": "Scaled up replica set tidb-scheduler-9cbd6945f to 1", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:19:29+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:29+00:00" + } + ], + "name": "tidb-scheduler.17b79381c2416642", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "684", + "self_link": null, + "uid": "673a9351-dfcd-41cd-bffd-ba681663237f" + }, + "reason": "ScalingReplicaSet", + "related": null, + "reporting_component": "deployment-controller", + "reporting_instance": "", + "series": null, + "source": { + "component": "deployment-controller", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:19:34+00:00", + "involved_object": { + "api_version": "apps/v1", + "field_path": null, + "kind": "Deployment", + "name": "tidb-scheduler", + "namespace": "acto-namespace", + "resource_version": "738", + "uid": "20ba2e7c-07eb-48ca-a4b7-a91c7be753f3" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:19:34+00:00", + "message": "Scaled up replica set tidb-scheduler-77874455fc to 1", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:19:34+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:34+00:00" + } + ], + "name": "tidb-scheduler.17b79382f143e7b4", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "744", + "self_link": null, + "uid": "5478cb68-49c6-4f25-9772-d4d1297a6b19" + }, + "reason": "ScalingReplicaSet", + "related": null, + "reporting_component": "deployment-controller", + "reporting_instance": "", + "series": null, + "source": { + "component": "deployment-controller", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:19:37+00:00", + "involved_object": { + "api_version": "apps/v1", + "field_path": null, + "kind": "Deployment", + "name": "tidb-scheduler", + "namespace": "acto-namespace", + "resource_version": "755", + "uid": "20ba2e7c-07eb-48ca-a4b7-a91c7be753f3" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:19:37+00:00", + "message": "Scaled down replica set tidb-scheduler-9cbd6945f to 0 from 1", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:19:37+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:37+00:00" + } + ], + "name": "tidb-scheduler.17b79383ac5ae688", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "795", + "self_link": null, + "uid": "525c03fa-f30a-4afd-a5b3-56e8b460843b" + }, + "reason": "ScalingReplicaSet", + "related": null, + "reporting_component": "deployment-controller", + "reporting_instance": "", + "series": null, + "source": { + "component": "deployment-controller", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:22+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "PersistentVolumeClaim", + "name": "tikv-test-cluster-tikv-0", + "namespace": "acto-namespace", + "resource_version": "1093", + "uid": "c3881bdf-3987-4437-afed-2cce93ffbdf3" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:22+00:00", + "message": "waiting for first consumer to be created before binding", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:22+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:22+00:00" + } + ], + "name": "tikv-test-cluster-tikv-0.17b7938e260950e7", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1095", + "self_link": null, + "uid": "64438c94-efc5-4c6b-983f-e57e09c77c2e" + }, + "reason": "WaitForFirstConsumer", + "related": null, + "reporting_component": "persistentvolume-controller", + "reporting_instance": "", + "series": null, + "source": { + "component": "persistentvolume-controller", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:22+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "PersistentVolumeClaim", + "name": "tikv-test-cluster-tikv-0", + "namespace": "acto-namespace", + "resource_version": "1103", + "uid": "c3881bdf-3987-4437-afed-2cce93ffbdf3" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:22+00:00", + "message": "Waiting for a volume to be created either by the external provisioner 'rancher.io/local-path' or manually by the system administrator. If volume creation is delayed, please verify that the provisioner is running and correctly registered.", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:22+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:22+00:00" + } + ], + "name": "tikv-test-cluster-tikv-0.17b7938e26e1f133", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1108", + "self_link": null, + "uid": "4bb3c423-b6b0-404b-a169-39a8fcbeb51f" + }, + "reason": "ExternalProvisioning", + "related": null, + "reporting_component": "persistentvolume-controller", + "reporting_instance": "", + "series": null, + "source": { + "component": "persistentvolume-controller", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:22+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "PersistentVolumeClaim", + "name": "tikv-test-cluster-tikv-0", + "namespace": "acto-namespace", + "resource_version": "1103", + "uid": "c3881bdf-3987-4437-afed-2cce93ffbdf3" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:22+00:00", + "message": "External provisioner is provisioning volume for claim \"acto-namespace/tikv-test-cluster-tikv-0\"", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:22+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "local-path-provisioner", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:22+00:00" + } + ], + "name": "tikv-test-cluster-tikv-0.17b7938e26fb3ebf", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1111", + "self_link": null, + "uid": "e2f01bd9-f947-416c-8aa5-d4ee0d0371e5" + }, + "reason": "Provisioning", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "rancher.io/local-path_local-path-provisioner-6f8956fb48-lwlfv_e2117ef4-1e8a-440b-bb31-b48086ca1c88", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:25+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "PersistentVolumeClaim", + "name": "tikv-test-cluster-tikv-0", + "namespace": "acto-namespace", + "resource_version": "1103", + "uid": "c3881bdf-3987-4437-afed-2cce93ffbdf3" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:25+00:00", + "message": "Successfully provisioned volume pvc-c3881bdf-3987-4437-afed-2cce93ffbdf3", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:25+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "local-path-provisioner", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:25+00:00" + } + ], + "name": "tikv-test-cluster-tikv-0.17b7938ef1b29926", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1215", + "self_link": null, + "uid": "fb8fe91f-c554-4501-82ba-70a3ace2096c" + }, + "reason": "ProvisioningSucceeded", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "rancher.io/local-path_local-path-provisioner-6f8956fb48-lwlfv_e2117ef4-1e8a-440b-bb31-b48086ca1c88", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:22+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "PersistentVolumeClaim", + "name": "tikv-test-cluster-tikv-1", + "namespace": "acto-namespace", + "resource_version": "1099", + "uid": "36ffe414-4968-4c09-977a-799a62b46134" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:22+00:00", + "message": "waiting for first consumer to be created before binding", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:22+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:22+00:00" + } + ], + "name": "tikv-test-cluster-tikv-1.17b7938e266f2208", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1106", + "self_link": null, + "uid": "8fb7b579-61fe-4131-a82a-3c04473529f9" + }, + "reason": "WaitForFirstConsumer", + "related": null, + "reporting_component": "persistentvolume-controller", + "reporting_instance": "", + "series": null, + "source": { + "component": "persistentvolume-controller", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 2, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:22+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "PersistentVolumeClaim", + "name": "tikv-test-cluster-tikv-1", + "namespace": "acto-namespace", + "resource_version": "1115", + "uid": "36ffe414-4968-4c09-977a-799a62b46134" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:22+00:00", + "message": "Waiting for a volume to be created either by the external provisioner 'rancher.io/local-path' or manually by the system administrator. If volume creation is delayed, please verify that the provisioner is running and correctly registered.", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:22+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:22+00:00" + } + ], + "name": "tikv-test-cluster-tikv-1.17b7938e275074f3", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1119", + "self_link": null, + "uid": "ba852644-d68d-4b80-9a61-1ca19a18cf4c" + }, + "reason": "ExternalProvisioning", + "related": null, + "reporting_component": "persistentvolume-controller", + "reporting_instance": "", + "series": null, + "source": { + "component": "persistentvolume-controller", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:22+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "PersistentVolumeClaim", + "name": "tikv-test-cluster-tikv-1", + "namespace": "acto-namespace", + "resource_version": "1115", + "uid": "36ffe414-4968-4c09-977a-799a62b46134" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:22+00:00", + "message": "External provisioner is provisioning volume for claim \"acto-namespace/tikv-test-cluster-tikv-1\"", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:22+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "local-path-provisioner", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:22+00:00" + } + ], + "name": "tikv-test-cluster-tikv-1.17b7938e2780dd91", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1120", + "self_link": null, + "uid": "2266c434-7103-412a-9c93-d6d8b220bd3c" + }, + "reason": "Provisioning", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "rancher.io/local-path_local-path-provisioner-6f8956fb48-lwlfv_e2117ef4-1e8a-440b-bb31-b48086ca1c88", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:24+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "PersistentVolumeClaim", + "name": "tikv-test-cluster-tikv-1", + "namespace": "acto-namespace", + "resource_version": "1115", + "uid": "36ffe414-4968-4c09-977a-799a62b46134" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:24+00:00", + "message": "Successfully provisioned volume pvc-36ffe414-4968-4c09-977a-799a62b46134", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:25+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "local-path-provisioner", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:25+00:00" + } + ], + "name": "tikv-test-cluster-tikv-1.17b7938ec209f5d4", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1172", + "self_link": null, + "uid": "5dcdfa01-3356-4b05-8a93-6d204d05f22d" + }, + "reason": "ProvisioningSucceeded", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "rancher.io/local-path_local-path-provisioner-6f8956fb48-lwlfv_e2117ef4-1e8a-440b-bb31-b48086ca1c88", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:22+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "PersistentVolumeClaim", + "name": "tikv-test-cluster-tikv-2", + "namespace": "acto-namespace", + "resource_version": "1097", + "uid": "4c76d8f3-3a67-412e-875b-dae964805d9f" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:22+00:00", + "message": "waiting for first consumer to be created before binding", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:22+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:22+00:00" + } + ], + "name": "tikv-test-cluster-tikv-2.17b7938e266e04ca", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1101", + "self_link": null, + "uid": "e6a4065b-4d06-493a-ba52-02dc77f9a968" + }, + "reason": "WaitForFirstConsumer", + "related": null, + "reporting_component": "persistentvolume-controller", + "reporting_instance": "", + "series": null, + "source": { + "component": "persistentvolume-controller", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 2, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:22+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "PersistentVolumeClaim", + "name": "tikv-test-cluster-tikv-2", + "namespace": "acto-namespace", + "resource_version": "1117", + "uid": "4c76d8f3-3a67-412e-875b-dae964805d9f" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:22+00:00", + "message": "Waiting for a volume to be created either by the external provisioner 'rancher.io/local-path' or manually by the system administrator. If volume creation is delayed, please verify that the provisioner is running and correctly registered.", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:22+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:22+00:00" + } + ], + "name": "tikv-test-cluster-tikv-2.17b7938e276fb066", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1126", + "self_link": null, + "uid": "fd23a2cf-12a1-4149-9aac-f21972472316" + }, + "reason": "ExternalProvisioning", + "related": null, + "reporting_component": "persistentvolume-controller", + "reporting_instance": "", + "series": null, + "source": { + "component": "persistentvolume-controller", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:22+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "PersistentVolumeClaim", + "name": "tikv-test-cluster-tikv-2", + "namespace": "acto-namespace", + "resource_version": "1117", + "uid": "4c76d8f3-3a67-412e-875b-dae964805d9f" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:22+00:00", + "message": "External provisioner is provisioning volume for claim \"acto-namespace/tikv-test-cluster-tikv-2\"", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:22+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "local-path-provisioner", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:22+00:00" + } + ], + "name": "tikv-test-cluster-tikv-2.17b7938e27868fb7", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1125", + "self_link": null, + "uid": "ad158bde-6068-4573-a300-e072514d7732" + }, + "reason": "Provisioning", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "rancher.io/local-path_local-path-provisioner-6f8956fb48-lwlfv_e2117ef4-1e8a-440b-bb31-b48086ca1c88", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:24+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "PersistentVolumeClaim", + "name": "tikv-test-cluster-tikv-2", + "namespace": "acto-namespace", + "resource_version": "1117", + "uid": "4c76d8f3-3a67-412e-875b-dae964805d9f" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:24+00:00", + "message": "Successfully provisioned volume pvc-4c76d8f3-3a67-412e-875b-dae964805d9f", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:24+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "local-path-provisioner", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:24+00:00" + } + ], + "name": "tikv-test-cluster-tikv-2.17b7938eab1b1a44", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1159", + "self_link": null, + "uid": "36da393b-2b91-4e6b-bd00-27bef8238dbb" + }, + "reason": "ProvisioningSucceeded", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "rancher.io/local-path_local-path-provisioner-6f8956fb48-lwlfv_e2117ef4-1e8a-440b-bb31-b48086ca1c88", + "host": null + }, + "type": "Normal" + } + ], + "kind": "EventList", + "metadata": { + "_continue": null, + "remaining_item_count": null, + "resource_version": "1581", + "self_link": null + } +} diff --git a/docs/alarm_examples/misoperation/events-001.json b/docs/alarm_examples/misoperation/events-001.json new file mode 100644 index 0000000000..eadf98d9e5 --- /dev/null +++ b/docs/alarm_examples/misoperation/events-001.json @@ -0,0 +1,11482 @@ +{ + "api_version": "v1", + "items": [ + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:19:59+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "PersistentVolumeClaim", + "name": "pd-test-cluster-pd-0", + "namespace": "acto-namespace", + "resource_version": "887", + "uid": "6e74bcf6-9557-43e9-975d-c258e0774be5" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:19:59+00:00", + "message": "waiting for first consumer to be created before binding", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:19:59+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:59+00:00" + } + ], + "name": "pd-test-cluster-pd-0.17b79388ec975231", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "893", + "self_link": null, + "uid": "7692a623-a1f3-4fa6-b1e1-acfb0465a5f9" + }, + "reason": "WaitForFirstConsumer", + "related": null, + "reporting_component": "persistentvolume-controller", + "reporting_instance": "", + "series": null, + "source": { + "component": "persistentvolume-controller", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:19:59+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "PersistentVolumeClaim", + "name": "pd-test-cluster-pd-0", + "namespace": "acto-namespace", + "resource_version": "899", + "uid": "6e74bcf6-9557-43e9-975d-c258e0774be5" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:19:59+00:00", + "message": "Waiting for a volume to be created either by the external provisioner 'rancher.io/local-path' or manually by the system administrator. If volume creation is delayed, please verify that the provisioner is running and correctly registered.", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:19:59+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:59+00:00" + } + ], + "name": "pd-test-cluster-pd-0.17b79388eddd4b8d", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "907", + "self_link": null, + "uid": "2a3f90a4-a6c0-4fed-9419-a50c4187f854" + }, + "reason": "ExternalProvisioning", + "related": null, + "reporting_component": "persistentvolume-controller", + "reporting_instance": "", + "series": null, + "source": { + "component": "persistentvolume-controller", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:19:59+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "PersistentVolumeClaim", + "name": "pd-test-cluster-pd-0", + "namespace": "acto-namespace", + "resource_version": "899", + "uid": "6e74bcf6-9557-43e9-975d-c258e0774be5" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:19:59+00:00", + "message": "External provisioner is provisioning volume for claim \"acto-namespace/pd-test-cluster-pd-0\"", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:19:59+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "local-path-provisioner", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:59+00:00" + } + ], + "name": "pd-test-cluster-pd-0.17b79388eeb853b0", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "911", + "self_link": null, + "uid": "dc4c5f1d-cf00-4052-bdc2-72ea5a533a4c" + }, + "reason": "Provisioning", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "rancher.io/local-path_local-path-provisioner-6f8956fb48-lwlfv_e2117ef4-1e8a-440b-bb31-b48086ca1c88", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:02+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "PersistentVolumeClaim", + "name": "pd-test-cluster-pd-0", + "namespace": "acto-namespace", + "resource_version": "899", + "uid": "6e74bcf6-9557-43e9-975d-c258e0774be5" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:02+00:00", + "message": "Successfully provisioned volume pvc-6e74bcf6-9557-43e9-975d-c258e0774be5", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:02+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "local-path-provisioner", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:02+00:00" + } + ], + "name": "pd-test-cluster-pd-0.17b79389a3f8a69c", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "970", + "self_link": null, + "uid": "f6f0dbe6-cefd-42af-be0b-5c1280b014a7" + }, + "reason": "ProvisioningSucceeded", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "rancher.io/local-path_local-path-provisioner-6f8956fb48-lwlfv_e2117ef4-1e8a-440b-bb31-b48086ca1c88", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:19:59+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "PersistentVolumeClaim", + "name": "pd-test-cluster-pd-1", + "namespace": "acto-namespace", + "resource_version": "891", + "uid": "4347573f-2369-4cd1-aa31-97a0edae4ab5" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:19:59+00:00", + "message": "waiting for first consumer to be created before binding", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:19:59+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:59+00:00" + } + ], + "name": "pd-test-cluster-pd-1.17b79388ed57f4fb", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "898", + "self_link": null, + "uid": "6a7920b6-8051-4c87-83b1-e9c7ac579207" + }, + "reason": "WaitForFirstConsumer", + "related": null, + "reporting_component": "persistentvolume-controller", + "reporting_instance": "", + "series": null, + "source": { + "component": "persistentvolume-controller", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 2, + "event_time": null, + "first_timestamp": "2024-02-27T01:19:59+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "PersistentVolumeClaim", + "name": "pd-test-cluster-pd-1", + "namespace": "acto-namespace", + "resource_version": "910", + "uid": "4347573f-2369-4cd1-aa31-97a0edae4ab5" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:19:59+00:00", + "message": "Waiting for a volume to be created either by the external provisioner 'rancher.io/local-path' or manually by the system administrator. If volume creation is delayed, please verify that the provisioner is running and correctly registered.", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:19:59+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:59+00:00" + } + ], + "name": "pd-test-cluster-pd-1.17b79388eed13cb8", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "920", + "self_link": null, + "uid": "c1eacb59-48bc-4fcc-b031-1baf1f321f9a" + }, + "reason": "ExternalProvisioning", + "related": null, + "reporting_component": "persistentvolume-controller", + "reporting_instance": "", + "series": null, + "source": { + "component": "persistentvolume-controller", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:19:59+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "PersistentVolumeClaim", + "name": "pd-test-cluster-pd-1", + "namespace": "acto-namespace", + "resource_version": "910", + "uid": "4347573f-2369-4cd1-aa31-97a0edae4ab5" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:19:59+00:00", + "message": "External provisioner is provisioning volume for claim \"acto-namespace/pd-test-cluster-pd-1\"", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:19:59+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "local-path-provisioner", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:59+00:00" + } + ], + "name": "pd-test-cluster-pd-1.17b79388ef19449a", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "915", + "self_link": null, + "uid": "1ab4d84f-0ca7-406e-a1b3-0a45d2c37c12" + }, + "reason": "Provisioning", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "rancher.io/local-path_local-path-provisioner-6f8956fb48-lwlfv_e2117ef4-1e8a-440b-bb31-b48086ca1c88", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:03+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "PersistentVolumeClaim", + "name": "pd-test-cluster-pd-1", + "namespace": "acto-namespace", + "resource_version": "910", + "uid": "4347573f-2369-4cd1-aa31-97a0edae4ab5" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:03+00:00", + "message": "Successfully provisioned volume pvc-4347573f-2369-4cd1-aa31-97a0edae4ab5", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:03+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "local-path-provisioner", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:03+00:00" + } + ], + "name": "pd-test-cluster-pd-1.17b79389d09ca68a", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "990", + "self_link": null, + "uid": "8e007679-a668-474e-9512-fcf90dab5019" + }, + "reason": "ProvisioningSucceeded", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "rancher.io/local-path_local-path-provisioner-6f8956fb48-lwlfv_e2117ef4-1e8a-440b-bb31-b48086ca1c88", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:19:59+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "PersistentVolumeClaim", + "name": "pd-test-cluster-pd-2", + "namespace": "acto-namespace", + "resource_version": "892", + "uid": "4ca5c277-cce5-49c9-8693-75ec1a7ef074" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:19:59+00:00", + "message": "waiting for first consumer to be created before binding", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:19:59+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:59+00:00" + } + ], + "name": "pd-test-cluster-pd-2.17b79388ed590aa1", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "904", + "self_link": null, + "uid": "bcacad43-3460-4b97-b472-b8c38e58bd82" + }, + "reason": "WaitForFirstConsumer", + "related": null, + "reporting_component": "persistentvolume-controller", + "reporting_instance": "", + "series": null, + "source": { + "component": "persistentvolume-controller", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:19:59+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "PersistentVolumeClaim", + "name": "pd-test-cluster-pd-2", + "namespace": "acto-namespace", + "resource_version": "909", + "uid": "4ca5c277-cce5-49c9-8693-75ec1a7ef074" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:19:59+00:00", + "message": "Waiting for a volume to be created either by the external provisioner 'rancher.io/local-path' or manually by the system administrator. If volume creation is delayed, please verify that the provisioner is running and correctly registered.", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:19:59+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:59+00:00" + } + ], + "name": "pd-test-cluster-pd-2.17b79388eed553c1", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "914", + "self_link": null, + "uid": "84745bd3-558c-4e5f-8e4e-fe4cbf939aa5" + }, + "reason": "ExternalProvisioning", + "related": null, + "reporting_component": "persistentvolume-controller", + "reporting_instance": "", + "series": null, + "source": { + "component": "persistentvolume-controller", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:19:59+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "PersistentVolumeClaim", + "name": "pd-test-cluster-pd-2", + "namespace": "acto-namespace", + "resource_version": "909", + "uid": "4ca5c277-cce5-49c9-8693-75ec1a7ef074" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:19:59+00:00", + "message": "External provisioner is provisioning volume for claim \"acto-namespace/pd-test-cluster-pd-2\"", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:19:59+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "local-path-provisioner", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:59+00:00" + } + ], + "name": "pd-test-cluster-pd-2.17b79388ef1fc895", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "918", + "self_link": null, + "uid": "7ed22656-c385-4924-9988-1f53d1086d55" + }, + "reason": "Provisioning", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "rancher.io/local-path_local-path-provisioner-6f8956fb48-lwlfv_e2117ef4-1e8a-440b-bb31-b48086ca1c88", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:03+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "PersistentVolumeClaim", + "name": "pd-test-cluster-pd-2", + "namespace": "acto-namespace", + "resource_version": "909", + "uid": "4ca5c277-cce5-49c9-8693-75ec1a7ef074" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:03+00:00", + "message": "Successfully provisioned volume pvc-4ca5c277-cce5-49c9-8693-75ec1a7ef074", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:03+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "local-path-provisioner", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:03+00:00" + } + ], + "name": "pd-test-cluster-pd-2.17b79389b0998849", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "977", + "self_link": null, + "uid": "6fe3725f-efa1-46da-86a1-d94e5b77c057" + }, + "reason": "ProvisioningSucceeded", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "rancher.io/local-path_local-path-provisioner-6f8956fb48-lwlfv_e2117ef4-1e8a-440b-bb31-b48086ca1c88", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:19:59+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "Pod", + "name": "test-cluster-discovery-689d8466cb-rkhsw", + "namespace": "acto-namespace", + "resource_version": "865", + "uid": "7d5c38de-d388-4f79-a1eb-dbfcb1333562" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:19:59+00:00", + "message": "Successfully assigned acto-namespace/test-cluster-discovery-689d8466cb-rkhsw to acto-0-cluster-0-worker2", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:19:59+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-scheduler", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:59+00:00" + } + ], + "name": "test-cluster-discovery-689d8466cb-rkhsw.17b79388ea25f7af", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "875", + "self_link": null, + "uid": "d4bcad3a-7602-490a-bb7e-cb56c8a2764c" + }, + "reason": "Scheduled", + "related": null, + "reporting_component": "default-scheduler", + "reporting_instance": "", + "series": null, + "source": { + "component": "default-scheduler", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:00+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{discovery}", + "kind": "Pod", + "name": "test-cluster-discovery-689d8466cb-rkhsw", + "namespace": "acto-namespace", + "resource_version": "867", + "uid": "7d5c38de-d388-4f79-a1eb-dbfcb1333562" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:00+00:00", + "message": "Container image \"pingcap/tidb-operator:v1.3.2\" already present on machine", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:00+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:reportingInstance": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:00+00:00" + } + ], + "name": "test-cluster-discovery-689d8466cb-rkhsw.17b793890852b695", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "935", + "self_link": null, + "uid": "5eb8f029-72f1-473b-a597-12c498b5af85" + }, + "reason": "Pulled", + "related": null, + "reporting_component": "kubelet", + "reporting_instance": "acto-0-cluster-0-worker2", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker2" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:00+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{discovery}", + "kind": "Pod", + "name": "test-cluster-discovery-689d8466cb-rkhsw", + "namespace": "acto-namespace", + "resource_version": "867", + "uid": "7d5c38de-d388-4f79-a1eb-dbfcb1333562" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:00+00:00", + "message": "Created container discovery", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:00+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:reportingInstance": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:00+00:00" + } + ], + "name": "test-cluster-discovery-689d8466cb-rkhsw.17b793890bf7c0f0", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "938", + "self_link": null, + "uid": "348db08c-2252-4563-9b9e-99b74f8a33f0" + }, + "reason": "Created", + "related": null, + "reporting_component": "kubelet", + "reporting_instance": "acto-0-cluster-0-worker2", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker2" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:00+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{discovery}", + "kind": "Pod", + "name": "test-cluster-discovery-689d8466cb-rkhsw", + "namespace": "acto-namespace", + "resource_version": "867", + "uid": "7d5c38de-d388-4f79-a1eb-dbfcb1333562" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:00+00:00", + "message": "Started container discovery", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:00+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:reportingInstance": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:00+00:00" + } + ], + "name": "test-cluster-discovery-689d8466cb-rkhsw.17b7938914e6d051", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "940", + "self_link": null, + "uid": "0e1a419d-d8a3-4f9e-8a6d-8e576a8b9cf1" + }, + "reason": "Started", + "related": null, + "reporting_component": "kubelet", + "reporting_instance": "acto-0-cluster-0-worker2", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker2" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:19:59+00:00", + "involved_object": { + "api_version": "apps/v1", + "field_path": null, + "kind": "ReplicaSet", + "name": "test-cluster-discovery-689d8466cb", + "namespace": "acto-namespace", + "resource_version": "856", + "uid": "a6ae946c-e641-488e-8d11-8f8a0e04bed1" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:19:59+00:00", + "message": "Created pod: test-cluster-discovery-689d8466cb-rkhsw", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:19:59+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:59+00:00" + } + ], + "name": "test-cluster-discovery-689d8466cb.17b79388e989cb9b", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "869", + "self_link": null, + "uid": "ef21c4c1-e0fc-44e6-a602-0c4ec3d34e15" + }, + "reason": "SuccessfulCreate", + "related": null, + "reporting_component": "replicaset-controller", + "reporting_instance": "", + "series": null, + "source": { + "component": "replicaset-controller", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:19:59+00:00", + "involved_object": { + "api_version": "apps/v1", + "field_path": null, + "kind": "Deployment", + "name": "test-cluster-discovery", + "namespace": "acto-namespace", + "resource_version": "854", + "uid": "8fd66bd1-82d7-4fd7-95b8-c25c509219de" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:19:59+00:00", + "message": "Scaled up replica set test-cluster-discovery-689d8466cb to 1", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:19:59+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:59+00:00" + } + ], + "name": "test-cluster-discovery.17b79388e86c8336", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "859", + "self_link": null, + "uid": "0f1a8fdb-a0bf-457b-93fa-7a9729b48068" + }, + "reason": "ScalingReplicaSet", + "related": null, + "reporting_component": "deployment-controller", + "reporting_instance": "", + "series": null, + "source": { + "component": "deployment-controller", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:03+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "Pod", + "name": "test-cluster-pd-0", + "namespace": "acto-namespace", + "resource_version": "889", + "uid": "801ba666-3b2f-49bf-aec4-e595107bc95d" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:03+00:00", + "message": "Successfully assigned acto-namespace/test-cluster-pd-0 to acto-0-cluster-0-worker", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:03+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-scheduler", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:03+00:00" + } + ], + "name": "test-cluster-pd-0.17b79389dc3a67ca", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "989", + "self_link": null, + "uid": "cee61977-3af9-4af4-829d-d99e118b98cf" + }, + "reason": "Scheduled", + "related": null, + "reporting_component": "default-scheduler", + "reporting_instance": "", + "series": null, + "source": { + "component": "default-scheduler", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 2, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:04+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{pd}", + "kind": "Pod", + "name": "test-cluster-pd-0", + "namespace": "acto-namespace", + "resource_version": "988", + "uid": "801ba666-3b2f-49bf-aec4-e595107bc95d" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:25+00:00", + "message": "Container image \"pingcap/pd:v5.4.0\" already present on machine", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:04+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:reportingInstance": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:25+00:00" + } + ], + "name": "test-cluster-pd-0.17b79389f61aadab", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1183", + "self_link": null, + "uid": "e08a1391-e215-4b84-983a-739362c76e6f" + }, + "reason": "Pulled", + "related": null, + "reporting_component": "kubelet", + "reporting_instance": "acto-0-cluster-0-worker", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 2, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:04+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{pd}", + "kind": "Pod", + "name": "test-cluster-pd-0", + "namespace": "acto-namespace", + "resource_version": "988", + "uid": "801ba666-3b2f-49bf-aec4-e595107bc95d" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:25+00:00", + "message": "Created container pd", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:04+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:reportingInstance": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:25+00:00" + } + ], + "name": "test-cluster-pd-0.17b79389f7767600", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1189", + "self_link": null, + "uid": "948f7f70-f8b7-46a1-b06f-b0812abe14f7" + }, + "reason": "Created", + "related": null, + "reporting_component": "kubelet", + "reporting_instance": "acto-0-cluster-0-worker", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 2, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:04+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{pd}", + "kind": "Pod", + "name": "test-cluster-pd-0", + "namespace": "acto-namespace", + "resource_version": "988", + "uid": "801ba666-3b2f-49bf-aec4-e595107bc95d" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:25+00:00", + "message": "Started container pd", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:04+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:reportingInstance": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:25+00:00" + } + ], + "name": "test-cluster-pd-0.17b79389fcfb7885", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1197", + "self_link": null, + "uid": "4a93eed7-a4f0-45a7-9a3b-0266fcfa32ff" + }, + "reason": "Started", + "related": null, + "reporting_component": "kubelet", + "reporting_instance": "acto-0-cluster-0-worker", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:03+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "Pod", + "name": "test-cluster-pd-1", + "namespace": "acto-namespace", + "resource_version": "896", + "uid": "fddcab1c-5c70-49b9-8a97-afe4d7dec60e" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:03+00:00", + "message": "Successfully assigned acto-namespace/test-cluster-pd-1 to acto-0-cluster-0-worker2", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:03+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-scheduler", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:03+00:00" + } + ], + "name": "test-cluster-pd-1.17b79389dd2a3a82", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "995", + "self_link": null, + "uid": "2acbb8db-1b5e-42b8-9413-76899f88e3ea" + }, + "reason": "Scheduled", + "related": null, + "reporting_component": "default-scheduler", + "reporting_instance": "", + "series": null, + "source": { + "component": "default-scheduler", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:04+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{pd}", + "kind": "Pod", + "name": "test-cluster-pd-1", + "namespace": "acto-namespace", + "resource_version": "992", + "uid": "fddcab1c-5c70-49b9-8a97-afe4d7dec60e" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:04+00:00", + "message": "Container image \"pingcap/pd:v5.4.0\" already present on machine", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:04+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:reportingInstance": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:04+00:00" + } + ], + "name": "test-cluster-pd-1.17b79389f639d7a1", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1000", + "self_link": null, + "uid": "3274dc44-7802-4b4d-9b23-1708badee316" + }, + "reason": "Pulled", + "related": null, + "reporting_component": "kubelet", + "reporting_instance": "acto-0-cluster-0-worker2", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker2" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:04+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{pd}", + "kind": "Pod", + "name": "test-cluster-pd-1", + "namespace": "acto-namespace", + "resource_version": "992", + "uid": "fddcab1c-5c70-49b9-8a97-afe4d7dec60e" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:04+00:00", + "message": "Created container pd", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:04+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:reportingInstance": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:04+00:00" + } + ], + "name": "test-cluster-pd-1.17b79389f7a8aacc", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1003", + "self_link": null, + "uid": "40e51a88-3e86-4d5e-b845-70f5d710e46f" + }, + "reason": "Created", + "related": null, + "reporting_component": "kubelet", + "reporting_instance": "acto-0-cluster-0-worker2", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker2" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:04+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{pd}", + "kind": "Pod", + "name": "test-cluster-pd-1", + "namespace": "acto-namespace", + "resource_version": "992", + "uid": "fddcab1c-5c70-49b9-8a97-afe4d7dec60e" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:04+00:00", + "message": "Started container pd", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:04+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:reportingInstance": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:04+00:00" + } + ], + "name": "test-cluster-pd-1.17b79389fd0a5101", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1007", + "self_link": null, + "uid": "72354dc0-df2a-43c7-92c5-e0f78fb6eaf9" + }, + "reason": "Started", + "related": null, + "reporting_component": "kubelet", + "reporting_instance": "acto-0-cluster-0-worker2", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker2" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:03+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "Pod", + "name": "test-cluster-pd-2", + "namespace": "acto-namespace", + "resource_version": "897", + "uid": "6c47980f-aa16-4023-b5b9-150257844cb0" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:03+00:00", + "message": "Successfully assigned acto-namespace/test-cluster-pd-2 to acto-0-cluster-0-worker3", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:03+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-scheduler", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:03+00:00" + } + ], + "name": "test-cluster-pd-2.17b79389dd25b56d", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "994", + "self_link": null, + "uid": "36300ac1-8f91-42ce-8ccb-197c04286b9e" + }, + "reason": "Scheduled", + "related": null, + "reporting_component": "default-scheduler", + "reporting_instance": "", + "series": null, + "source": { + "component": "default-scheduler", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:04+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{pd}", + "kind": "Pod", + "name": "test-cluster-pd-2", + "namespace": "acto-namespace", + "resource_version": "993", + "uid": "6c47980f-aa16-4023-b5b9-150257844cb0" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:04+00:00", + "message": "Container image \"pingcap/pd:v5.4.0\" already present on machine", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:04+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:reportingInstance": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:04+00:00" + } + ], + "name": "test-cluster-pd-2.17b79389f630c7af", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "999", + "self_link": null, + "uid": "cbf51387-c4c1-472b-87c3-a8e9e605e82f" + }, + "reason": "Pulled", + "related": null, + "reporting_component": "kubelet", + "reporting_instance": "acto-0-cluster-0-worker3", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker3" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:04+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{pd}", + "kind": "Pod", + "name": "test-cluster-pd-2", + "namespace": "acto-namespace", + "resource_version": "993", + "uid": "6c47980f-aa16-4023-b5b9-150257844cb0" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:04+00:00", + "message": "Created container pd", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:04+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:reportingInstance": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:04+00:00" + } + ], + "name": "test-cluster-pd-2.17b79389f793d91f", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1002", + "self_link": null, + "uid": "49cbd93f-5282-4ee5-bfd5-018cbdc5e89b" + }, + "reason": "Created", + "related": null, + "reporting_component": "kubelet", + "reporting_instance": "acto-0-cluster-0-worker3", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker3" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:04+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{pd}", + "kind": "Pod", + "name": "test-cluster-pd-2", + "namespace": "acto-namespace", + "resource_version": "993", + "uid": "6c47980f-aa16-4023-b5b9-150257844cb0" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:04+00:00", + "message": "Started container pd", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:04+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:reportingInstance": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:04+00:00" + } + ], + "name": "test-cluster-pd-2.17b79389fcf62246", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1005", + "self_link": null, + "uid": "7a670268-099d-439b-a23b-7c0d48da2ae6" + }, + "reason": "Started", + "related": null, + "reporting_component": "kubelet", + "reporting_instance": "acto-0-cluster-0-worker3", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker3" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:19:59+00:00", + "involved_object": { + "api_version": "apps/v1", + "field_path": null, + "kind": "StatefulSet", + "name": "test-cluster-pd", + "namespace": "acto-namespace", + "resource_version": "883", + "uid": "88522170-1faf-4a03-8d4e-f4f6a40c72a7" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:19:59+00:00", + "message": "create Claim pd-test-cluster-pd-0 Pod test-cluster-pd-0 in StatefulSet test-cluster-pd success", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:19:59+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:59+00:00" + } + ], + "name": "test-cluster-pd.17b79388ec958bd5", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "888", + "self_link": null, + "uid": "28201e3a-31da-40b5-8490-011b2928f443" + }, + "reason": "SuccessfulCreate", + "related": null, + "reporting_component": "statefulset-controller", + "reporting_instance": "", + "series": null, + "source": { + "component": "statefulset-controller", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:19:59+00:00", + "involved_object": { + "api_version": "apps/v1", + "field_path": null, + "kind": "StatefulSet", + "name": "test-cluster-pd", + "namespace": "acto-namespace", + "resource_version": "883", + "uid": "88522170-1faf-4a03-8d4e-f4f6a40c72a7" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:19:59+00:00", + "message": "create Pod test-cluster-pd-0 in StatefulSet test-cluster-pd successful", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:19:59+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:59+00:00" + } + ], + "name": "test-cluster-pd.17b79388ed0eec08", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "890", + "self_link": null, + "uid": "2f2d2edf-e4ef-4c60-a256-b18254a2b334" + }, + "reason": "SuccessfulCreate", + "related": null, + "reporting_component": "statefulset-controller", + "reporting_instance": "", + "series": null, + "source": { + "component": "statefulset-controller", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:19:59+00:00", + "involved_object": { + "api_version": "apps/v1", + "field_path": null, + "kind": "StatefulSet", + "name": "test-cluster-pd", + "namespace": "acto-namespace", + "resource_version": "883", + "uid": "88522170-1faf-4a03-8d4e-f4f6a40c72a7" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:19:59+00:00", + "message": "create Claim pd-test-cluster-pd-1 Pod test-cluster-pd-1 in StatefulSet test-cluster-pd success", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:19:59+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:59+00:00" + } + ], + "name": "test-cluster-pd.17b79388ed5820c2", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "895", + "self_link": null, + "uid": "d84feaef-78b8-479a-a850-1f2f1e932f30" + }, + "reason": "SuccessfulCreate", + "related": null, + "reporting_component": "statefulset-controller", + "reporting_instance": "", + "series": null, + "source": { + "component": "statefulset-controller", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:19:59+00:00", + "involved_object": { + "api_version": "apps/v1", + "field_path": null, + "kind": "StatefulSet", + "name": "test-cluster-pd", + "namespace": "acto-namespace", + "resource_version": "883", + "uid": "88522170-1faf-4a03-8d4e-f4f6a40c72a7" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:19:59+00:00", + "message": "create Claim pd-test-cluster-pd-2 Pod test-cluster-pd-2 in StatefulSet test-cluster-pd success", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:19:59+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:59+00:00" + } + ], + "name": "test-cluster-pd.17b79388ed5823d8", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "900", + "self_link": null, + "uid": "8c7aa465-b0b5-4380-a84b-84e37a1eba1d" + }, + "reason": "SuccessfulCreate", + "related": null, + "reporting_component": "statefulset-controller", + "reporting_instance": "", + "series": null, + "source": { + "component": "statefulset-controller", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:19:59+00:00", + "involved_object": { + "api_version": "apps/v1", + "field_path": null, + "kind": "StatefulSet", + "name": "test-cluster-pd", + "namespace": "acto-namespace", + "resource_version": "883", + "uid": "88522170-1faf-4a03-8d4e-f4f6a40c72a7" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:19:59+00:00", + "message": "create Pod test-cluster-pd-1 in StatefulSet test-cluster-pd successful", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:19:59+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:59+00:00" + } + ], + "name": "test-cluster-pd.17b79388edadbb00", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "905", + "self_link": null, + "uid": "5d73b74d-2a17-4242-a5ab-09ed122b2b1b" + }, + "reason": "SuccessfulCreate", + "related": null, + "reporting_component": "statefulset-controller", + "reporting_instance": "", + "series": null, + "source": { + "component": "statefulset-controller", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:19:59+00:00", + "involved_object": { + "api_version": "apps/v1", + "field_path": null, + "kind": "StatefulSet", + "name": "test-cluster-pd", + "namespace": "acto-namespace", + "resource_version": "883", + "uid": "88522170-1faf-4a03-8d4e-f4f6a40c72a7" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:19:59+00:00", + "message": "create Pod test-cluster-pd-2 in StatefulSet test-cluster-pd successful", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:19:59+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:59+00:00" + } + ], + "name": "test-cluster-pd.17b79388edae04c7", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "908", + "self_link": null, + "uid": "6fefadac-e79d-4ccf-8a64-263ace5084c9" + }, + "reason": "SuccessfulCreate", + "related": null, + "reporting_component": "statefulset-controller", + "reporting_instance": "", + "series": null, + "source": { + "component": "statefulset-controller", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:52+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "Pod", + "name": "test-cluster-tidb-0", + "namespace": "acto-namespace", + "resource_version": "1341", + "uid": "33b4a064-47e7-4ea8-a6eb-4638ba7c5753" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:52+00:00", + "message": "Successfully assigned acto-namespace/test-cluster-tidb-0 to acto-0-cluster-0-worker", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:52+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-scheduler", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:52+00:00" + } + ], + "name": "test-cluster-tidb-0.17b7939524337fda", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1350", + "self_link": null, + "uid": "6432d4b6-fdf1-4b3d-ad3d-d0c99a8ce0ec" + }, + "reason": "Scheduled", + "related": null, + "reporting_component": "default-scheduler", + "reporting_instance": "", + "series": null, + "source": { + "component": "default-scheduler", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:52+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{slowlog}", + "kind": "Pod", + "name": "test-cluster-tidb-0", + "namespace": "acto-namespace", + "resource_version": "1344", + "uid": "33b4a064-47e7-4ea8-a6eb-4638ba7c5753" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:52+00:00", + "message": "Container image \"busybox:1.34.1\" already present on machine", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:52+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:reportingInstance": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:52+00:00" + } + ], + "name": "test-cluster-tidb-0.17b79395409f5daa", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1364", + "self_link": null, + "uid": "4f5de4f8-fab3-4d60-bff4-5c6fc6eb8a62" + }, + "reason": "Pulled", + "related": null, + "reporting_component": "kubelet", + "reporting_instance": "acto-0-cluster-0-worker", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:52+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{slowlog}", + "kind": "Pod", + "name": "test-cluster-tidb-0", + "namespace": "acto-namespace", + "resource_version": "1344", + "uid": "33b4a064-47e7-4ea8-a6eb-4638ba7c5753" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:52+00:00", + "message": "Created container slowlog", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:52+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:reportingInstance": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:52+00:00" + } + ], + "name": "test-cluster-tidb-0.17b793954192e9a0", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1368", + "self_link": null, + "uid": "cc70bfd0-c915-4375-a1a2-b43cb230cc11" + }, + "reason": "Created", + "related": null, + "reporting_component": "kubelet", + "reporting_instance": "acto-0-cluster-0-worker", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:52+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{slowlog}", + "kind": "Pod", + "name": "test-cluster-tidb-0", + "namespace": "acto-namespace", + "resource_version": "1344", + "uid": "33b4a064-47e7-4ea8-a6eb-4638ba7c5753" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:52+00:00", + "message": "Started container slowlog", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:53+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:reportingInstance": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:53+00:00" + } + ], + "name": "test-cluster-tidb-0.17b793954950a9a9", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1372", + "self_link": null, + "uid": "579de100-2070-4417-bf19-522dacc5fb1a" + }, + "reason": "Started", + "related": null, + "reporting_component": "kubelet", + "reporting_instance": "acto-0-cluster-0-worker", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:53+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{tidb}", + "kind": "Pod", + "name": "test-cluster-tidb-0", + "namespace": "acto-namespace", + "resource_version": "1344", + "uid": "33b4a064-47e7-4ea8-a6eb-4638ba7c5753" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:53+00:00", + "message": "Container image \"pingcap/tidb:v5.4.0\" already present on machine", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:53+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:reportingInstance": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:53+00:00" + } + ], + "name": "test-cluster-tidb-0.17b7939549576e68", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1374", + "self_link": null, + "uid": "0268a10d-712e-4555-93a6-7740b95f3b78" + }, + "reason": "Pulled", + "related": null, + "reporting_component": "kubelet", + "reporting_instance": "acto-0-cluster-0-worker", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:53+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{tidb}", + "kind": "Pod", + "name": "test-cluster-tidb-0", + "namespace": "acto-namespace", + "resource_version": "1344", + "uid": "33b4a064-47e7-4ea8-a6eb-4638ba7c5753" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:53+00:00", + "message": "Created container tidb", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:53+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:reportingInstance": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:53+00:00" + } + ], + "name": "test-cluster-tidb-0.17b793954a763c6a", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1379", + "self_link": null, + "uid": "f3c8ccc9-c3cd-4f16-a10d-c82fd88cff3b" + }, + "reason": "Created", + "related": null, + "reporting_component": "kubelet", + "reporting_instance": "acto-0-cluster-0-worker", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:53+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{tidb}", + "kind": "Pod", + "name": "test-cluster-tidb-0", + "namespace": "acto-namespace", + "resource_version": "1344", + "uid": "33b4a064-47e7-4ea8-a6eb-4638ba7c5753" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:53+00:00", + "message": "Started container tidb", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:53+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:reportingInstance": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:53+00:00" + } + ], + "name": "test-cluster-tidb-0.17b7939550c18dd3", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1380", + "self_link": null, + "uid": "b325fc76-7986-4636-9023-bb3ea419be96" + }, + "reason": "Started", + "related": null, + "reporting_component": "kubelet", + "reporting_instance": "acto-0-cluster-0-worker", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:52+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "Pod", + "name": "test-cluster-tidb-1", + "namespace": "acto-namespace", + "resource_version": "1345", + "uid": "b39da1e7-81ed-4250-9545-8ebd713753dc" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:52+00:00", + "message": "Successfully assigned acto-namespace/test-cluster-tidb-1 to acto-0-cluster-0-worker2", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:52+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-scheduler", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:52+00:00" + } + ], + "name": "test-cluster-tidb-1.17b79395248fe30d", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1356", + "self_link": null, + "uid": "35bfbd61-d0c2-4fae-80a4-e85425afe7a5" + }, + "reason": "Scheduled", + "related": null, + "reporting_component": "default-scheduler", + "reporting_instance": "", + "series": null, + "source": { + "component": "default-scheduler", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:52+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{slowlog}", + "kind": "Pod", + "name": "test-cluster-tidb-1", + "namespace": "acto-namespace", + "resource_version": "1349", + "uid": "b39da1e7-81ed-4250-9545-8ebd713753dc" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:52+00:00", + "message": "Container image \"busybox:1.34.1\" already present on machine", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:52+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:reportingInstance": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:52+00:00" + } + ], + "name": "test-cluster-tidb-1.17b7939540a119b1", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1365", + "self_link": null, + "uid": "c414f161-9aab-4fff-b694-f311d7f4fc88" + }, + "reason": "Pulled", + "related": null, + "reporting_component": "kubelet", + "reporting_instance": "acto-0-cluster-0-worker2", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker2" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:52+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{slowlog}", + "kind": "Pod", + "name": "test-cluster-tidb-1", + "namespace": "acto-namespace", + "resource_version": "1349", + "uid": "b39da1e7-81ed-4250-9545-8ebd713753dc" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:52+00:00", + "message": "Created container slowlog", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:52+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:reportingInstance": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:52+00:00" + } + ], + "name": "test-cluster-tidb-1.17b7939541836638", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1367", + "self_link": null, + "uid": "faf54f40-d6fb-4b7e-b974-96ff859c34ff" + }, + "reason": "Created", + "related": null, + "reporting_component": "kubelet", + "reporting_instance": "acto-0-cluster-0-worker2", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker2" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:53+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{slowlog}", + "kind": "Pod", + "name": "test-cluster-tidb-1", + "namespace": "acto-namespace", + "resource_version": "1349", + "uid": "b39da1e7-81ed-4250-9545-8ebd713753dc" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:53+00:00", + "message": "Started container slowlog", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:53+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:reportingInstance": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:53+00:00" + } + ], + "name": "test-cluster-tidb-1.17b7939549875930", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1375", + "self_link": null, + "uid": "52d4653e-9c3c-4423-9368-a1a10f9dda0c" + }, + "reason": "Started", + "related": null, + "reporting_component": "kubelet", + "reporting_instance": "acto-0-cluster-0-worker2", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker2" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:53+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{tidb}", + "kind": "Pod", + "name": "test-cluster-tidb-1", + "namespace": "acto-namespace", + "resource_version": "1349", + "uid": "b39da1e7-81ed-4250-9545-8ebd713753dc" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:53+00:00", + "message": "Container image \"pingcap/tidb:v5.4.0\" already present on machine", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:53+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:reportingInstance": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:53+00:00" + } + ], + "name": "test-cluster-tidb-1.17b79395498c5e26", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1376", + "self_link": null, + "uid": "486b8f2f-c7cd-4578-a123-3ee874e8bd89" + }, + "reason": "Pulled", + "related": null, + "reporting_component": "kubelet", + "reporting_instance": "acto-0-cluster-0-worker2", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker2" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:53+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{tidb}", + "kind": "Pod", + "name": "test-cluster-tidb-1", + "namespace": "acto-namespace", + "resource_version": "1349", + "uid": "b39da1e7-81ed-4250-9545-8ebd713753dc" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:53+00:00", + "message": "Created container tidb", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:53+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:reportingInstance": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:53+00:00" + } + ], + "name": "test-cluster-tidb-1.17b793954a6771e3", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1378", + "self_link": null, + "uid": "a979655b-455e-4283-8073-eac29b052c7c" + }, + "reason": "Created", + "related": null, + "reporting_component": "kubelet", + "reporting_instance": "acto-0-cluster-0-worker2", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker2" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:53+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{tidb}", + "kind": "Pod", + "name": "test-cluster-tidb-1", + "namespace": "acto-namespace", + "resource_version": "1349", + "uid": "b39da1e7-81ed-4250-9545-8ebd713753dc" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:53+00:00", + "message": "Started container tidb", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:53+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:reportingInstance": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:53+00:00" + } + ], + "name": "test-cluster-tidb-1.17b79395516eafcd", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1382", + "self_link": null, + "uid": "7dd16cef-6290-4ed1-bad9-51041f1950ec" + }, + "reason": "Started", + "related": null, + "reporting_component": "kubelet", + "reporting_instance": "acto-0-cluster-0-worker2", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker2" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:52+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "Pod", + "name": "test-cluster-tidb-2", + "namespace": "acto-namespace", + "resource_version": "1346", + "uid": "77704408-f6a8-425e-a89c-3877fadbf8b6" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:52+00:00", + "message": "Successfully assigned acto-namespace/test-cluster-tidb-2 to acto-0-cluster-0-worker3", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:52+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-scheduler", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:52+00:00" + } + ], + "name": "test-cluster-tidb-2.17b7939524a9b36f", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1358", + "self_link": null, + "uid": "fd4ed1cf-1e9e-4645-9338-8210e37afbbc" + }, + "reason": "Scheduled", + "related": null, + "reporting_component": "default-scheduler", + "reporting_instance": "", + "series": null, + "source": { + "component": "default-scheduler", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:52+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{slowlog}", + "kind": "Pod", + "name": "test-cluster-tidb-2", + "namespace": "acto-namespace", + "resource_version": "1351", + "uid": "77704408-f6a8-425e-a89c-3877fadbf8b6" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:52+00:00", + "message": "Container image \"busybox:1.34.1\" already present on machine", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:52+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:reportingInstance": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:52+00:00" + } + ], + "name": "test-cluster-tidb-2.17b7939540a1aae7", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1366", + "self_link": null, + "uid": "2b667dda-9fde-43c4-abf7-c1edb10833a8" + }, + "reason": "Pulled", + "related": null, + "reporting_component": "kubelet", + "reporting_instance": "acto-0-cluster-0-worker3", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker3" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:52+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{slowlog}", + "kind": "Pod", + "name": "test-cluster-tidb-2", + "namespace": "acto-namespace", + "resource_version": "1351", + "uid": "77704408-f6a8-425e-a89c-3877fadbf8b6" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:52+00:00", + "message": "Created container slowlog", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:52+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:reportingInstance": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:52+00:00" + } + ], + "name": "test-cluster-tidb-2.17b793954192ab0e", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1369", + "self_link": null, + "uid": "0228ee79-ad66-4e62-992d-625dbe8bce44" + }, + "reason": "Created", + "related": null, + "reporting_component": "kubelet", + "reporting_instance": "acto-0-cluster-0-worker3", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker3" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:52+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{slowlog}", + "kind": "Pod", + "name": "test-cluster-tidb-2", + "namespace": "acto-namespace", + "resource_version": "1351", + "uid": "77704408-f6a8-425e-a89c-3877fadbf8b6" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:52+00:00", + "message": "Started container slowlog", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:52+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:reportingInstance": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:52+00:00" + } + ], + "name": "test-cluster-tidb-2.17b79395491b8b31", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1371", + "self_link": null, + "uid": "68a92cf7-2e68-4655-b4c0-5a19e5a30dbf" + }, + "reason": "Started", + "related": null, + "reporting_component": "kubelet", + "reporting_instance": "acto-0-cluster-0-worker3", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker3" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:52+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{tidb}", + "kind": "Pod", + "name": "test-cluster-tidb-2", + "namespace": "acto-namespace", + "resource_version": "1351", + "uid": "77704408-f6a8-425e-a89c-3877fadbf8b6" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:52+00:00", + "message": "Container image \"pingcap/tidb:v5.4.0\" already present on machine", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:53+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:reportingInstance": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:53+00:00" + } + ], + "name": "test-cluster-tidb-2.17b79395492413f7", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1373", + "self_link": null, + "uid": "c8665f32-2543-4c25-8c0a-17ac610c9888" + }, + "reason": "Pulled", + "related": null, + "reporting_component": "kubelet", + "reporting_instance": "acto-0-cluster-0-worker3", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker3" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:53+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{tidb}", + "kind": "Pod", + "name": "test-cluster-tidb-2", + "namespace": "acto-namespace", + "resource_version": "1351", + "uid": "77704408-f6a8-425e-a89c-3877fadbf8b6" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:53+00:00", + "message": "Created container tidb", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:53+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:reportingInstance": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:53+00:00" + } + ], + "name": "test-cluster-tidb-2.17b793954a5843eb", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1377", + "self_link": null, + "uid": "d77706c6-b198-4511-b169-ff7bac72705c" + }, + "reason": "Created", + "related": null, + "reporting_component": "kubelet", + "reporting_instance": "acto-0-cluster-0-worker3", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker3" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:53+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{tidb}", + "kind": "Pod", + "name": "test-cluster-tidb-2", + "namespace": "acto-namespace", + "resource_version": "1351", + "uid": "77704408-f6a8-425e-a89c-3877fadbf8b6" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:53+00:00", + "message": "Started container tidb", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:53+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:reportingInstance": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:53+00:00" + } + ], + "name": "test-cluster-tidb-2.17b7939550cf1132", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1381", + "self_link": null, + "uid": "4acfb5cd-a5ec-4ac1-8aac-3a8d26b69818" + }, + "reason": "Started", + "related": null, + "reporting_component": "kubelet", + "reporting_instance": "acto-0-cluster-0-worker3", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker3" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:21:54+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{slowlog}", + "kind": "Pod", + "name": "test-cluster-tidb-2", + "namespace": "acto-namespace", + "resource_version": "1351", + "uid": "77704408-f6a8-425e-a89c-3877fadbf8b6" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:21:54+00:00", + "message": "Stopping container slowlog", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:21:54+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:reportingInstance": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:21:54+00:00" + } + ], + "name": "test-cluster-tidb-2.17b793a3a69edd1e", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1599", + "self_link": null, + "uid": "e4cffb00-294e-4575-9f3b-d85b45dcf55c" + }, + "reason": "Killing", + "related": null, + "reporting_component": "kubelet", + "reporting_instance": "acto-0-cluster-0-worker3", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker3" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:21:54+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{tidb}", + "kind": "Pod", + "name": "test-cluster-tidb-2", + "namespace": "acto-namespace", + "resource_version": "1351", + "uid": "77704408-f6a8-425e-a89c-3877fadbf8b6" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:21:54+00:00", + "message": "Stopping container tidb", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:21:54+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:reportingInstance": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:21:54+00:00" + } + ], + "name": "test-cluster-tidb-2.17b793a3a6a177d9", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1600", + "self_link": null, + "uid": "211e1c2f-99b5-449e-8e2c-cd3c5dc70f27" + }, + "reason": "Killing", + "related": null, + "reporting_component": "kubelet", + "reporting_instance": "acto-0-cluster-0-worker3", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker3" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 3, + "event_time": null, + "first_timestamp": "2024-02-27T01:22:02+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{tidb}", + "kind": "Pod", + "name": "test-cluster-tidb-2", + "namespace": "acto-namespace", + "resource_version": "1351", + "uid": "77704408-f6a8-425e-a89c-3877fadbf8b6" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:22:22+00:00", + "message": "Readiness probe failed: dial tcp 10.244.3.8:4000: connect: connection refused", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:22:02+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:reportingInstance": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:22:22+00:00" + } + ], + "name": "test-cluster-tidb-2.17b793a5849ceece", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1678", + "self_link": null, + "uid": "09ad9f0c-ffa0-4272-b3c5-7f0fa0bde1f6" + }, + "reason": "Unhealthy", + "related": null, + "reporting_component": "kubelet", + "reporting_instance": "acto-0-cluster-0-worker3", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker3" + }, + "type": "Warning" + }, + { + "action": null, + "api_version": null, + "count": 2, + "event_time": null, + "first_timestamp": "2024-02-27T01:22:26+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "Pod", + "name": "test-cluster-tidb-2", + "namespace": "acto-namespace", + "resource_version": "1725", + "uid": "2e5d49fd-c5d9-4a8f-b18f-3a0d431c120c" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:27:44+00:00", + "message": "0/4 nodes are available: 1 node(s) had untolerated taint {node-role.kubernetes.io/control-plane: }, 3 node(s) didn't match Pod's node affinity/selector. preemption: 0/4 nodes are available: 4 Preemption is not helpful for scheduling..", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:22:26+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-scheduler", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:27:44+00:00" + } + ], + "name": "test-cluster-tidb-2.17b793ab12e2d03d", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "2437", + "self_link": null, + "uid": "9d583810-173c-4fc3-b645-bbf90534be36" + }, + "reason": "FailedScheduling", + "related": null, + "reporting_component": "default-scheduler", + "reporting_instance": "", + "series": null, + "source": { + "component": "default-scheduler", + "host": null + }, + "type": "Warning" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:52+00:00", + "involved_object": { + "api_version": "apps/v1", + "field_path": null, + "kind": "StatefulSet", + "name": "test-cluster-tidb", + "namespace": "acto-namespace", + "resource_version": "1337", + "uid": "275a96f1-4db6-4070-a665-2df5d784b843" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:52+00:00", + "message": "create Pod test-cluster-tidb-0 in StatefulSet test-cluster-tidb successful", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:52+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:52+00:00" + } + ], + "name": "test-cluster-tidb.17b7939523f6ddc4", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1343", + "self_link": null, + "uid": "53072102-fc7f-426c-b778-284e9913d834" + }, + "reason": "SuccessfulCreate", + "related": null, + "reporting_component": "statefulset-controller", + "reporting_instance": "", + "series": null, + "source": { + "component": "statefulset-controller", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:52+00:00", + "involved_object": { + "api_version": "apps/v1", + "field_path": null, + "kind": "StatefulSet", + "name": "test-cluster-tidb", + "namespace": "acto-namespace", + "resource_version": "1337", + "uid": "275a96f1-4db6-4070-a665-2df5d784b843" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:52+00:00", + "message": "create Pod test-cluster-tidb-1 in StatefulSet test-cluster-tidb successful", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:52+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:52+00:00" + } + ], + "name": "test-cluster-tidb.17b7939524339fab", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1348", + "self_link": null, + "uid": "098b3e5d-5832-4a18-93b2-ff3d28e51bcc" + }, + "reason": "SuccessfulCreate", + "related": null, + "reporting_component": "statefulset-controller", + "reporting_instance": "", + "series": null, + "source": { + "component": "statefulset-controller", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 2, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:52+00:00", + "involved_object": { + "api_version": "apps/v1", + "field_path": null, + "kind": "StatefulSet", + "name": "test-cluster-tidb", + "namespace": "acto-namespace", + "resource_version": "1337", + "uid": "275a96f1-4db6-4070-a665-2df5d784b843" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:22:26+00:00", + "message": "create Pod test-cluster-tidb-2 in StatefulSet test-cluster-tidb successful", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:52+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:22:26+00:00" + } + ], + "name": "test-cluster-tidb.17b793952455ebb2", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1727", + "self_link": null, + "uid": "0106d653-753e-42fb-8031-341c44eff844" + }, + "reason": "SuccessfulCreate", + "related": null, + "reporting_component": "statefulset-controller", + "reporting_instance": "", + "series": null, + "source": { + "component": "statefulset-controller", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 8, + "event_time": null, + "first_timestamp": "2024-02-27T01:21:54+00:00", + "involved_object": { + "api_version": "apps/v1", + "field_path": null, + "kind": "StatefulSet", + "name": "test-cluster-tidb", + "namespace": "acto-namespace", + "resource_version": "1592", + "uid": "275a96f1-4db6-4070-a665-2df5d784b843" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:22:26+00:00", + "message": "delete Pod test-cluster-tidb-2 in StatefulSet test-cluster-tidb successful", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:21:54+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:22:26+00:00" + } + ], + "name": "test-cluster-tidb.17b793a3a6990867", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1721", + "self_link": null, + "uid": "35b32f39-dadc-4f42-92c7-76d4bc9322e5" + }, + "reason": "SuccessfulDelete", + "related": null, + "reporting_component": "statefulset-controller", + "reporting_instance": "", + "series": null, + "source": { + "component": "statefulset-controller", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 8, + "event_time": null, + "first_timestamp": "2024-02-27T01:22:26+00:00", + "involved_object": { + "api_version": "apps/v1", + "field_path": null, + "kind": "StatefulSet", + "name": "test-cluster-tidb", + "namespace": "acto-namespace", + "resource_version": "1682", + "uid": "275a96f1-4db6-4070-a665-2df5d784b843" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:22:26+00:00", + "message": "StatefulSet acto-namespace/test-cluster-tidb is recreating failed Pod test-cluster-tidb-2", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:22:26+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:22:26+00:00" + } + ], + "name": "test-cluster-tidb.17b793aafe412a6f", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1722", + "self_link": null, + "uid": "2bf310e0-0784-40de-a318-9ad1757b4e93" + }, + "reason": "RecreatingFailedPod", + "related": null, + "reporting_component": "statefulset-controller", + "reporting_instance": "", + "series": null, + "source": { + "component": "statefulset-controller", + "host": null + }, + "type": "Warning" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:22:26+00:00", + "involved_object": { + "api_version": "apps/v1", + "field_path": null, + "kind": "StatefulSet", + "name": "test-cluster-tidb", + "namespace": "acto-namespace", + "resource_version": "1701", + "uid": "275a96f1-4db6-4070-a665-2df5d784b843" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:22:26+00:00", + "message": "delete Pod test-cluster-tidb-2 in StatefulSet test-cluster-tidb failed error: pods \"test-cluster-tidb-2\" not found", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:22:26+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:22:26+00:00" + } + ], + "name": "test-cluster-tidb.17b793ab124d334a", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1723", + "self_link": null, + "uid": "b6086da5-9719-46f5-a776-efc953336ef9" + }, + "reason": "FailedDelete", + "related": null, + "reporting_component": "statefulset-controller", + "reporting_instance": "", + "series": null, + "source": { + "component": "statefulset-controller", + "host": null + }, + "type": "Warning" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:26+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "Pod", + "name": "test-cluster-tikv-0", + "namespace": "acto-namespace", + "resource_version": "1096", + "uid": "ebc480d7-eef9-48ca-8d1f-31c413ae8bab" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:26+00:00", + "message": "Successfully assigned acto-namespace/test-cluster-tikv-0 to acto-0-cluster-0-worker2", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:26+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-scheduler", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:26+00:00" + } + ], + "name": "test-cluster-tikv-0.17b7938f1563d7ab", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1220", + "self_link": null, + "uid": "b33609ca-2180-47bf-9f89-a5b5939e2142" + }, + "reason": "Scheduled", + "related": null, + "reporting_component": "default-scheduler", + "reporting_instance": "", + "series": null, + "source": { + "component": "default-scheduler", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:26+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{raftlog}", + "kind": "Pod", + "name": "test-cluster-tikv-0", + "namespace": "acto-namespace", + "resource_version": "1219", + "uid": "ebc480d7-eef9-48ca-8d1f-31c413ae8bab" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:26+00:00", + "message": "Container image \"busybox:1.34.1\" already present on machine", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:26+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:reportingInstance": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:26+00:00" + } + ], + "name": "test-cluster-tikv-0.17b7938f338bbba6", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1246", + "self_link": null, + "uid": "bc42e495-58d6-4115-8ac5-87a9b4a471f5" + }, + "reason": "Pulled", + "related": null, + "reporting_component": "kubelet", + "reporting_instance": "acto-0-cluster-0-worker2", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker2" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:26+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{raftlog}", + "kind": "Pod", + "name": "test-cluster-tikv-0", + "namespace": "acto-namespace", + "resource_version": "1219", + "uid": "ebc480d7-eef9-48ca-8d1f-31c413ae8bab" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:26+00:00", + "message": "Created container raftlog", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:26+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:reportingInstance": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:26+00:00" + } + ], + "name": "test-cluster-tikv-0.17b7938f34d203b1", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1249", + "self_link": null, + "uid": "80bacca9-60d6-4176-b6a9-b3fa384d925b" + }, + "reason": "Created", + "related": null, + "reporting_component": "kubelet", + "reporting_instance": "acto-0-cluster-0-worker2", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker2" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:26+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{raftlog}", + "kind": "Pod", + "name": "test-cluster-tikv-0", + "namespace": "acto-namespace", + "resource_version": "1219", + "uid": "ebc480d7-eef9-48ca-8d1f-31c413ae8bab" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:26+00:00", + "message": "Started container raftlog", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:26+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:reportingInstance": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:26+00:00" + } + ], + "name": "test-cluster-tikv-0.17b7938f3b4b3c60", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1250", + "self_link": null, + "uid": "3c31e1da-664a-44e4-87e9-e65d7cf45b51" + }, + "reason": "Started", + "related": null, + "reporting_component": "kubelet", + "reporting_instance": "acto-0-cluster-0-worker2", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker2" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:26+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{tikv}", + "kind": "Pod", + "name": "test-cluster-tikv-0", + "namespace": "acto-namespace", + "resource_version": "1219", + "uid": "ebc480d7-eef9-48ca-8d1f-31c413ae8bab" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:26+00:00", + "message": "Container image \"pingcap/tikv:v5.4.0\" already present on machine", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:26+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:reportingInstance": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:26+00:00" + } + ], + "name": "test-cluster-tikv-0.17b7938f3b507234", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1251", + "self_link": null, + "uid": "d44e9bd5-188b-4ed0-a1fa-a62b8d9e4500" + }, + "reason": "Pulled", + "related": null, + "reporting_component": "kubelet", + "reporting_instance": "acto-0-cluster-0-worker2", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker2" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:27+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{tikv}", + "kind": "Pod", + "name": "test-cluster-tikv-0", + "namespace": "acto-namespace", + "resource_version": "1219", + "uid": "ebc480d7-eef9-48ca-8d1f-31c413ae8bab" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:27+00:00", + "message": "Created container tikv", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:27+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:reportingInstance": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:27+00:00" + } + ], + "name": "test-cluster-tikv-0.17b7938f3c547f8a", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1252", + "self_link": null, + "uid": "9035dbda-7fb9-4de4-81ab-e6c23f514684" + }, + "reason": "Created", + "related": null, + "reporting_component": "kubelet", + "reporting_instance": "acto-0-cluster-0-worker2", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker2" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:27+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{tikv}", + "kind": "Pod", + "name": "test-cluster-tikv-0", + "namespace": "acto-namespace", + "resource_version": "1219", + "uid": "ebc480d7-eef9-48ca-8d1f-31c413ae8bab" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:27+00:00", + "message": "Started container tikv", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:27+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:reportingInstance": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:27+00:00" + } + ], + "name": "test-cluster-tikv-0.17b7938f42e43538", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1253", + "self_link": null, + "uid": "a152ff66-323d-48f9-beec-e55197e2fb89" + }, + "reason": "Started", + "related": null, + "reporting_component": "kubelet", + "reporting_instance": "acto-0-cluster-0-worker2", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker2" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:25+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "Pod", + "name": "test-cluster-tikv-1", + "namespace": "acto-namespace", + "resource_version": "1104", + "uid": "fe7fca3f-2c5a-406e-856b-3b0bec9e4bfc" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:25+00:00", + "message": "Successfully assigned acto-namespace/test-cluster-tikv-1 to acto-0-cluster-0-worker", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:25+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-scheduler", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:25+00:00" + } + ], + "name": "test-cluster-tikv-1.17b7938eda2a61fe", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1176", + "self_link": null, + "uid": "0463f690-1dd7-4fad-806f-8a69ecb34cb1" + }, + "reason": "Scheduled", + "related": null, + "reporting_component": "default-scheduler", + "reporting_instance": "", + "series": null, + "source": { + "component": "default-scheduler", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:25+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{raftlog}", + "kind": "Pod", + "name": "test-cluster-tikv-1", + "namespace": "acto-namespace", + "resource_version": "1174", + "uid": "fe7fca3f-2c5a-406e-856b-3b0bec9e4bfc" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:25+00:00", + "message": "Container image \"busybox:1.34.1\" already present on machine", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:25+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:reportingInstance": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:25+00:00" + } + ], + "name": "test-cluster-tikv-1.17b7938ef5050c72", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1205", + "self_link": null, + "uid": "dd4a712e-21f6-454a-a713-9bc741f43fa4" + }, + "reason": "Pulled", + "related": null, + "reporting_component": "kubelet", + "reporting_instance": "acto-0-cluster-0-worker", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:25+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{raftlog}", + "kind": "Pod", + "name": "test-cluster-tikv-1", + "namespace": "acto-namespace", + "resource_version": "1174", + "uid": "fe7fca3f-2c5a-406e-856b-3b0bec9e4bfc" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:25+00:00", + "message": "Created container raftlog", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:25+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:reportingInstance": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:25+00:00" + } + ], + "name": "test-cluster-tikv-1.17b7938ef601720d", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1207", + "self_link": null, + "uid": "d32f74d7-cb1c-4120-84cb-c3a3cce1bfac" + }, + "reason": "Created", + "related": null, + "reporting_component": "kubelet", + "reporting_instance": "acto-0-cluster-0-worker", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:25+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{raftlog}", + "kind": "Pod", + "name": "test-cluster-tikv-1", + "namespace": "acto-namespace", + "resource_version": "1174", + "uid": "fe7fca3f-2c5a-406e-856b-3b0bec9e4bfc" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:25+00:00", + "message": "Started container raftlog", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:25+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:reportingInstance": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:25+00:00" + } + ], + "name": "test-cluster-tikv-1.17b7938efb2c6424", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1209", + "self_link": null, + "uid": "96ecec4f-90df-4372-a6d4-76db6acba939" + }, + "reason": "Started", + "related": null, + "reporting_component": "kubelet", + "reporting_instance": "acto-0-cluster-0-worker", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:25+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{tikv}", + "kind": "Pod", + "name": "test-cluster-tikv-1", + "namespace": "acto-namespace", + "resource_version": "1174", + "uid": "fe7fca3f-2c5a-406e-856b-3b0bec9e4bfc" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:25+00:00", + "message": "Container image \"pingcap/tikv:v5.4.0\" already present on machine", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:25+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:reportingInstance": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:25+00:00" + } + ], + "name": "test-cluster-tikv-1.17b7938efb32e67b", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1211", + "self_link": null, + "uid": "41a8db24-c0ed-4148-ae38-d10208560d2a" + }, + "reason": "Pulled", + "related": null, + "reporting_component": "kubelet", + "reporting_instance": "acto-0-cluster-0-worker", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:25+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{tikv}", + "kind": "Pod", + "name": "test-cluster-tikv-1", + "namespace": "acto-namespace", + "resource_version": "1174", + "uid": "fe7fca3f-2c5a-406e-856b-3b0bec9e4bfc" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:25+00:00", + "message": "Created container tikv", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:25+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:reportingInstance": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:25+00:00" + } + ], + "name": "test-cluster-tikv-1.17b7938efc6dbba0", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1214", + "self_link": null, + "uid": "113e1a56-a068-4b14-b752-8a245cfe80d7" + }, + "reason": "Created", + "related": null, + "reporting_component": "kubelet", + "reporting_instance": "acto-0-cluster-0-worker", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:26+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{tikv}", + "kind": "Pod", + "name": "test-cluster-tikv-1", + "namespace": "acto-namespace", + "resource_version": "1174", + "uid": "fe7fca3f-2c5a-406e-856b-3b0bec9e4bfc" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:26+00:00", + "message": "Started container tikv", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:26+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:reportingInstance": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:26+00:00" + } + ], + "name": "test-cluster-tikv-1.17b7938f018bf99b", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1216", + "self_link": null, + "uid": "10bfc8b3-c943-4a18-93f2-20fe5254fb0c" + }, + "reason": "Started", + "related": null, + "reporting_component": "kubelet", + "reporting_instance": "acto-0-cluster-0-worker", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:25+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "Pod", + "name": "test-cluster-tikv-2", + "namespace": "acto-namespace", + "resource_version": "1105", + "uid": "15df53c3-220b-48c9-82e6-5bde9ad0ef90" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:25+00:00", + "message": "Successfully assigned acto-namespace/test-cluster-tikv-2 to acto-0-cluster-0-worker3", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:25+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-scheduler", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:25+00:00" + } + ], + "name": "test-cluster-tikv-2.17b7938eda505013", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1177", + "self_link": null, + "uid": "0fd091de-ad3c-4af8-9a8b-c6fb8e720321" + }, + "reason": "Scheduled", + "related": null, + "reporting_component": "default-scheduler", + "reporting_instance": "", + "series": null, + "source": { + "component": "default-scheduler", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:25+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{raftlog}", + "kind": "Pod", + "name": "test-cluster-tikv-2", + "namespace": "acto-namespace", + "resource_version": "1175", + "uid": "15df53c3-220b-48c9-82e6-5bde9ad0ef90" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:25+00:00", + "message": "Container image \"busybox:1.34.1\" already present on machine", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:25+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:reportingInstance": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:25+00:00" + } + ], + "name": "test-cluster-tikv-2.17b7938ef4f1c233", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1204", + "self_link": null, + "uid": "9732e420-9792-4c51-b55c-d7a2e738ff0c" + }, + "reason": "Pulled", + "related": null, + "reporting_component": "kubelet", + "reporting_instance": "acto-0-cluster-0-worker3", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker3" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:25+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{raftlog}", + "kind": "Pod", + "name": "test-cluster-tikv-2", + "namespace": "acto-namespace", + "resource_version": "1175", + "uid": "15df53c3-220b-48c9-82e6-5bde9ad0ef90" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:25+00:00", + "message": "Created container raftlog", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:25+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:reportingInstance": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:25+00:00" + } + ], + "name": "test-cluster-tikv-2.17b7938ef6014ea5", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1206", + "self_link": null, + "uid": "e0710cfd-0271-4af7-8b1d-14fb8e605fbd" + }, + "reason": "Created", + "related": null, + "reporting_component": "kubelet", + "reporting_instance": "acto-0-cluster-0-worker3", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker3" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:25+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{raftlog}", + "kind": "Pod", + "name": "test-cluster-tikv-2", + "namespace": "acto-namespace", + "resource_version": "1175", + "uid": "15df53c3-220b-48c9-82e6-5bde9ad0ef90" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:25+00:00", + "message": "Started container raftlog", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:25+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:reportingInstance": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:25+00:00" + } + ], + "name": "test-cluster-tikv-2.17b7938efb2d54d4", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1210", + "self_link": null, + "uid": "ff6663bc-a414-42ac-bf11-f1bdc29b68e8" + }, + "reason": "Started", + "related": null, + "reporting_component": "kubelet", + "reporting_instance": "acto-0-cluster-0-worker3", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker3" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:25+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{tikv}", + "kind": "Pod", + "name": "test-cluster-tikv-2", + "namespace": "acto-namespace", + "resource_version": "1175", + "uid": "15df53c3-220b-48c9-82e6-5bde9ad0ef90" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:25+00:00", + "message": "Container image \"pingcap/tikv:v5.4.0\" already present on machine", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:25+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:reportingInstance": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:25+00:00" + } + ], + "name": "test-cluster-tikv-2.17b7938efb369687", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1212", + "self_link": null, + "uid": "e38f9d00-6f20-4214-93d3-1ddb141799ff" + }, + "reason": "Pulled", + "related": null, + "reporting_component": "kubelet", + "reporting_instance": "acto-0-cluster-0-worker3", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker3" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:25+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{tikv}", + "kind": "Pod", + "name": "test-cluster-tikv-2", + "namespace": "acto-namespace", + "resource_version": "1175", + "uid": "15df53c3-220b-48c9-82e6-5bde9ad0ef90" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:25+00:00", + "message": "Created container tikv", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:25+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:reportingInstance": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:25+00:00" + } + ], + "name": "test-cluster-tikv-2.17b7938efc5fdae4", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1213", + "self_link": null, + "uid": "e0c8c664-847b-4136-af74-b46d13981566" + }, + "reason": "Created", + "related": null, + "reporting_component": "kubelet", + "reporting_instance": "acto-0-cluster-0-worker3", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker3" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:26+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{tikv}", + "kind": "Pod", + "name": "test-cluster-tikv-2", + "namespace": "acto-namespace", + "resource_version": "1175", + "uid": "15df53c3-220b-48c9-82e6-5bde9ad0ef90" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:26+00:00", + "message": "Started container tikv", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:26+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:reportingInstance": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:26+00:00" + } + ], + "name": "test-cluster-tikv-2.17b7938f019c65a4", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1217", + "self_link": null, + "uid": "09f60d89-5169-4f60-b47d-ca02bc3cced1" + }, + "reason": "Started", + "related": null, + "reporting_component": "kubelet", + "reporting_instance": "acto-0-cluster-0-worker3", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker3" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:22+00:00", + "involved_object": { + "api_version": "apps/v1", + "field_path": null, + "kind": "StatefulSet", + "name": "test-cluster-tikv", + "namespace": "acto-namespace", + "resource_version": "1089", + "uid": "0ef3c69e-a6cc-4a35-915f-a63fca1b67f8" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:22+00:00", + "message": "create Claim tikv-test-cluster-tikv-0 Pod test-cluster-tikv-0 in StatefulSet test-cluster-tikv success", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:22+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:22+00:00" + } + ], + "name": "test-cluster-tikv.17b7938e26093aff", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1094", + "self_link": null, + "uid": "77a320ca-9a8c-4f97-a049-c2645f731417" + }, + "reason": "SuccessfulCreate", + "related": null, + "reporting_component": "statefulset-controller", + "reporting_instance": "", + "series": null, + "source": { + "component": "statefulset-controller", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:22+00:00", + "involved_object": { + "api_version": "apps/v1", + "field_path": null, + "kind": "StatefulSet", + "name": "test-cluster-tikv", + "namespace": "acto-namespace", + "resource_version": "1089", + "uid": "0ef3c69e-a6cc-4a35-915f-a63fca1b67f8" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:22+00:00", + "message": "create Pod test-cluster-tikv-0 in StatefulSet test-cluster-tikv successful", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:22+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:22+00:00" + } + ], + "name": "test-cluster-tikv.17b7938e263a792c", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1098", + "self_link": null, + "uid": "1dc470e2-ec1d-4950-a26f-76ac7fbc0197" + }, + "reason": "SuccessfulCreate", + "related": null, + "reporting_component": "statefulset-controller", + "reporting_instance": "", + "series": null, + "source": { + "component": "statefulset-controller", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:22+00:00", + "involved_object": { + "api_version": "apps/v1", + "field_path": null, + "kind": "StatefulSet", + "name": "test-cluster-tikv", + "namespace": "acto-namespace", + "resource_version": "1089", + "uid": "0ef3c69e-a6cc-4a35-915f-a63fca1b67f8" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:22+00:00", + "message": "create Claim tikv-test-cluster-tikv-2 Pod test-cluster-tikv-2 in StatefulSet test-cluster-tikv success", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:22+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:22+00:00" + } + ], + "name": "test-cluster-tikv.17b7938e266aaaf6", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1102", + "self_link": null, + "uid": "e8ef4fe5-2487-4b40-8256-1885a3174bf3" + }, + "reason": "SuccessfulCreate", + "related": null, + "reporting_component": "statefulset-controller", + "reporting_instance": "", + "series": null, + "source": { + "component": "statefulset-controller", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:22+00:00", + "involved_object": { + "api_version": "apps/v1", + "field_path": null, + "kind": "StatefulSet", + "name": "test-cluster-tikv", + "namespace": "acto-namespace", + "resource_version": "1089", + "uid": "0ef3c69e-a6cc-4a35-915f-a63fca1b67f8" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:22+00:00", + "message": "create Claim tikv-test-cluster-tikv-1 Pod test-cluster-tikv-1 in StatefulSet test-cluster-tikv success", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:22+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:22+00:00" + } + ], + "name": "test-cluster-tikv.17b7938e266ae1e0", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1107", + "self_link": null, + "uid": "1958e536-4c54-4571-a229-b5e5c3af998c" + }, + "reason": "SuccessfulCreate", + "related": null, + "reporting_component": "statefulset-controller", + "reporting_instance": "", + "series": null, + "source": { + "component": "statefulset-controller", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:22+00:00", + "involved_object": { + "api_version": "apps/v1", + "field_path": null, + "kind": "StatefulSet", + "name": "test-cluster-tikv", + "namespace": "acto-namespace", + "resource_version": "1089", + "uid": "0ef3c69e-a6cc-4a35-915f-a63fca1b67f8" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:22+00:00", + "message": "create Pod test-cluster-tikv-1 in StatefulSet test-cluster-tikv successful", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:22+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:22+00:00" + } + ], + "name": "test-cluster-tikv.17b7938e26e2599d", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1112", + "self_link": null, + "uid": "4e0f202a-3c2e-473d-a8c3-c63bc5675d86" + }, + "reason": "SuccessfulCreate", + "related": null, + "reporting_component": "statefulset-controller", + "reporting_instance": "", + "series": null, + "source": { + "component": "statefulset-controller", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:22+00:00", + "involved_object": { + "api_version": "apps/v1", + "field_path": null, + "kind": "StatefulSet", + "name": "test-cluster-tikv", + "namespace": "acto-namespace", + "resource_version": "1089", + "uid": "0ef3c69e-a6cc-4a35-915f-a63fca1b67f8" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:22+00:00", + "message": "create Pod test-cluster-tikv-2 in StatefulSet test-cluster-tikv successful", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:22+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:22+00:00" + } + ], + "name": "test-cluster-tikv.17b7938e26ef465d", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1116", + "self_link": null, + "uid": "97bce85e-b38b-4e06-9c31-4e6daec7f789" + }, + "reason": "SuccessfulCreate", + "related": null, + "reporting_component": "statefulset-controller", + "reporting_instance": "", + "series": null, + "source": { + "component": "statefulset-controller", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:19:59+00:00", + "involved_object": { + "api_version": "pingcap.com/v1alpha1", + "field_path": null, + "kind": "TidbCluster", + "name": "test-cluster", + "namespace": "acto-namespace", + "resource_version": "847", + "uid": "eff6561e-bf0d-471c-99a1-71f35603bc87" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:19:59+00:00", + "message": "create Role/test-cluster-discovery for controller TidbCluster/test-cluster successfully", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:19:59+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "tidb-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:59+00:00" + } + ], + "name": "test-cluster.17b79388e6fe1841", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "850", + "self_link": null, + "uid": "d1153126-7b8a-4905-9a2a-18f4f006157d" + }, + "reason": "Successfully Create", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "tidb-controller-manager", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:19:59+00:00", + "involved_object": { + "api_version": "pingcap.com/v1alpha1", + "field_path": null, + "kind": "TidbCluster", + "name": "test-cluster", + "namespace": "acto-namespace", + "resource_version": "847", + "uid": "eff6561e-bf0d-471c-99a1-71f35603bc87" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:19:59+00:00", + "message": "create ServiceAccount/test-cluster-discovery for controller TidbCluster/test-cluster successfully", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:19:59+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "tidb-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:59+00:00" + } + ], + "name": "test-cluster.17b79388e72b4b95", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "851", + "self_link": null, + "uid": "d9f054b1-5798-4859-b3ee-b5c986acb40f" + }, + "reason": "Successfully Create", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "tidb-controller-manager", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:19:59+00:00", + "involved_object": { + "api_version": "pingcap.com/v1alpha1", + "field_path": null, + "kind": "TidbCluster", + "name": "test-cluster", + "namespace": "acto-namespace", + "resource_version": "847", + "uid": "eff6561e-bf0d-471c-99a1-71f35603bc87" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:19:59+00:00", + "message": "create RoleBinding/test-cluster-discovery for controller TidbCluster/test-cluster successfully", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:19:59+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "tidb-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:59+00:00" + } + ], + "name": "test-cluster.17b79388e7c2be3c", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "853", + "self_link": null, + "uid": "4ed8ddb4-b194-4db7-8959-e5358e822d8d" + }, + "reason": "Successfully Create", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "tidb-controller-manager", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:19:59+00:00", + "involved_object": { + "api_version": "pingcap.com/v1alpha1", + "field_path": null, + "kind": "TidbCluster", + "name": "test-cluster", + "namespace": "acto-namespace", + "resource_version": "847", + "uid": "eff6561e-bf0d-471c-99a1-71f35603bc87" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:19:59+00:00", + "message": "create Deployment/test-cluster-discovery for controller TidbCluster/test-cluster successfully", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:19:59+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "tidb-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:59+00:00" + } + ], + "name": "test-cluster.17b79388e80b74bc", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "855", + "self_link": null, + "uid": "056cfa64-e9c0-47e1-8e2a-53390fa15cbe" + }, + "reason": "Successfully Create", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "tidb-controller-manager", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:19:59+00:00", + "involved_object": { + "api_version": "pingcap.com/v1alpha1", + "field_path": null, + "kind": "TidbCluster", + "name": "test-cluster", + "namespace": "acto-namespace", + "resource_version": "847", + "uid": "eff6561e-bf0d-471c-99a1-71f35603bc87" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:19:59+00:00", + "message": "create Service/test-cluster-discovery for controller TidbCluster/test-cluster successfully", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:19:59+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "tidb-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:59+00:00" + } + ], + "name": "test-cluster.17b79388e88f80ac", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "861", + "self_link": null, + "uid": "8f877bf5-4025-476a-bff6-eaf3bfab14fb" + }, + "reason": "Successfully Create", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "tidb-controller-manager", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:19:59+00:00", + "involved_object": { + "api_version": "pingcap.com/v1alpha1", + "field_path": null, + "kind": "TidbCluster", + "name": "test-cluster", + "namespace": "acto-namespace", + "resource_version": "847", + "uid": "eff6561e-bf0d-471c-99a1-71f35603bc87" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:19:59+00:00", + "message": "create Service test-cluster-pd in test-cluster successful", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:19:59+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "tidb-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:59+00:00" + } + ], + "name": "test-cluster.17b79388e9d43701", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "874", + "self_link": null, + "uid": "8cd414ea-06a7-41f4-a4a5-4a89d9f4455b" + }, + "reason": "SuccessfulCreate", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "tidb-controller-manager", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:19:59+00:00", + "involved_object": { + "api_version": "pingcap.com/v1alpha1", + "field_path": null, + "kind": "TidbCluster", + "name": "test-cluster", + "namespace": "acto-namespace", + "resource_version": "847", + "uid": "eff6561e-bf0d-471c-99a1-71f35603bc87" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:19:59+00:00", + "message": "create Service test-cluster-pd-peer in test-cluster successful", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:19:59+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "tidb-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:59+00:00" + } + ], + "name": "test-cluster.17b79388ea6c9b18", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "879", + "self_link": null, + "uid": "7a3fbfcc-9b78-433d-b846-bf8ddd889320" + }, + "reason": "SuccessfulCreate", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "tidb-controller-manager", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:19:59+00:00", + "involved_object": { + "api_version": "pingcap.com/v1alpha1", + "field_path": null, + "kind": "TidbCluster", + "name": "test-cluster", + "namespace": "acto-namespace", + "resource_version": "847", + "uid": "eff6561e-bf0d-471c-99a1-71f35603bc87" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:19:59+00:00", + "message": "create ConfigMap/test-cluster-pd-3731616 for controller TidbCluster/test-cluster successfully", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:19:59+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "tidb-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:59+00:00" + } + ], + "name": "test-cluster.17b79388eae13d40", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "880", + "self_link": null, + "uid": "f1922fb7-999a-447a-a263-41237abd9edb" + }, + "reason": "Successfully Create", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "tidb-controller-manager", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:19:59+00:00", + "involved_object": { + "api_version": "pingcap.com/v1alpha1", + "field_path": null, + "kind": "TidbCluster", + "name": "test-cluster", + "namespace": "acto-namespace", + "resource_version": "847", + "uid": "eff6561e-bf0d-471c-99a1-71f35603bc87" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:19:59+00:00", + "message": "create StatefulSet test-cluster-pd in test-cluster successful", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:00+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "tidb-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:00+00:00" + } + ], + "name": "test-cluster.17b79388eb7661c1", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "929", + "self_link": null, + "uid": "f257f95f-cb87-4d88-a892-22d2dcf6aa60" + }, + "reason": "SuccessfulCreate", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "tidb-controller-manager", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:04+00:00", + "involved_object": { + "api_version": "pingcap.com/v1alpha1", + "field_path": null, + "kind": "TidbCluster", + "name": "test-cluster", + "namespace": "acto-namespace", + "resource_version": "930", + "uid": "eff6561e-bf0d-471c-99a1-71f35603bc87" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:04+00:00", + "message": "patch PV pvc-4ca5c277-cce5-49c9-8693-75ec1a7ef074 in TidbCluster test-cluster successful", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:04+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "tidb-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:04+00:00" + } + ], + "name": "test-cluster.17b7938a00a53dfc", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1015", + "self_link": null, + "uid": "4f05f19b-51a0-41a5-b8d3-42010ccfda5b" + }, + "reason": "SuccessfulPatch", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "tidb-controller-manager", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:04+00:00", + "involved_object": { + "api_version": "pingcap.com/v1alpha1", + "field_path": null, + "kind": "TidbCluster", + "name": "test-cluster", + "namespace": "acto-namespace", + "resource_version": "930", + "uid": "eff6561e-bf0d-471c-99a1-71f35603bc87" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:04+00:00", + "message": "patch PV pvc-6e74bcf6-9557-43e9-975d-c258e0774be5 in TidbCluster test-cluster successful", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:04+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "tidb-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:04+00:00" + } + ], + "name": "test-cluster.17b7938a00e9c1bf", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1018", + "self_link": null, + "uid": "86f0e3a9-67c0-4709-b87e-7fde20e1068e" + }, + "reason": "SuccessfulPatch", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "tidb-controller-manager", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:04+00:00", + "involved_object": { + "api_version": "pingcap.com/v1alpha1", + "field_path": null, + "kind": "TidbCluster", + "name": "test-cluster", + "namespace": "acto-namespace", + "resource_version": "930", + "uid": "eff6561e-bf0d-471c-99a1-71f35603bc87" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:04+00:00", + "message": "patch PV pvc-4347573f-2369-4cd1-aa31-97a0edae4ab5 in TidbCluster test-cluster successful", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:04+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "tidb-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:04+00:00" + } + ], + "name": "test-cluster.17b7938a01b33691", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1025", + "self_link": null, + "uid": "332f6656-3f92-4389-812b-7de699cf2ea1" + }, + "reason": "SuccessfulPatch", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "tidb-controller-manager", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:22+00:00", + "involved_object": { + "api_version": "pingcap.com/v1alpha1", + "field_path": null, + "kind": "TidbCluster", + "name": "test-cluster", + "namespace": "acto-namespace", + "resource_version": "1051", + "uid": "eff6561e-bf0d-471c-99a1-71f35603bc87" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:22+00:00", + "message": "create Service test-cluster-tikv-peer in test-cluster successful", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:22+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "tidb-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:22+00:00" + } + ], + "name": "test-cluster.17b7938e2536098f", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1085", + "self_link": null, + "uid": "6614bee4-0758-4cd3-b354-6a20a7bdffe6" + }, + "reason": "SuccessfulCreate", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "tidb-controller-manager", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:22+00:00", + "involved_object": { + "api_version": "pingcap.com/v1alpha1", + "field_path": null, + "kind": "TidbCluster", + "name": "test-cluster", + "namespace": "acto-namespace", + "resource_version": "1051", + "uid": "eff6561e-bf0d-471c-99a1-71f35603bc87" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:22+00:00", + "message": "create ConfigMap/test-cluster-tikv-3831336 for controller TidbCluster/test-cluster successfully", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:22+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "tidb-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:22+00:00" + } + ], + "name": "test-cluster.17b7938e255f3e2e", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1088", + "self_link": null, + "uid": "c75c89a6-d407-4f98-a6c9-56990e9b2db2" + }, + "reason": "Successfully Create", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "tidb-controller-manager", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:22+00:00", + "involved_object": { + "api_version": "pingcap.com/v1alpha1", + "field_path": null, + "kind": "TidbCluster", + "name": "test-cluster", + "namespace": "acto-namespace", + "resource_version": "1051", + "uid": "eff6561e-bf0d-471c-99a1-71f35603bc87" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:22+00:00", + "message": "create StatefulSet test-cluster-tikv in test-cluster successful", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:22+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "tidb-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:22+00:00" + } + ], + "name": "test-cluster.17b7938e25915b5c", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1090", + "self_link": null, + "uid": "326addc5-8efa-43dd-a011-63c6f4aac654" + }, + "reason": "SuccessfulCreate", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "tidb-controller-manager", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:25+00:00", + "involved_object": { + "api_version": "pingcap.com/v1alpha1", + "field_path": null, + "kind": "TidbCluster", + "name": "test-cluster", + "namespace": "acto-namespace", + "resource_version": "1132", + "uid": "eff6561e-bf0d-471c-99a1-71f35603bc87" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:25+00:00", + "message": "patch PV pvc-4c76d8f3-3a67-412e-875b-dae964805d9f in TidbCluster test-cluster successful", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:25+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "tidb-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:25+00:00" + } + ], + "name": "test-cluster.17b7938ee7768479", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1191", + "self_link": null, + "uid": "9089839a-3aae-405a-835e-89055e563b62" + }, + "reason": "SuccessfulPatch", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "tidb-controller-manager", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:25+00:00", + "involved_object": { + "api_version": "pingcap.com/v1alpha1", + "field_path": null, + "kind": "TidbCluster", + "name": "test-cluster", + "namespace": "acto-namespace", + "resource_version": "1132", + "uid": "eff6561e-bf0d-471c-99a1-71f35603bc87" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:25+00:00", + "message": "patch PV pvc-36ffe414-4968-4c09-977a-799a62b46134 in TidbCluster test-cluster successful", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:25+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "tidb-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:25+00:00" + } + ], + "name": "test-cluster.17b7938ee7a92c24", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1193", + "self_link": null, + "uid": "25ad7962-2cd5-4fb1-a7fd-31560c157dff" + }, + "reason": "SuccessfulPatch", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "tidb-controller-manager", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:26+00:00", + "involved_object": { + "api_version": "pingcap.com/v1alpha1", + "field_path": null, + "kind": "TidbCluster", + "name": "test-cluster", + "namespace": "acto-namespace", + "resource_version": "1196", + "uid": "eff6561e-bf0d-471c-99a1-71f35603bc87" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:26+00:00", + "message": "patch PV pvc-c3881bdf-3987-4437-afed-2cce93ffbdf3 in TidbCluster test-cluster successful", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:26+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "tidb-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:26+00:00" + } + ], + "name": "test-cluster.17b7938f192d7eb0", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1227", + "self_link": null, + "uid": "d664759b-d6f1-45e0-b371-a58626ae85f6" + }, + "reason": "SuccessfulPatch", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "tidb-controller-manager", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:52+00:00", + "involved_object": { + "api_version": "pingcap.com/v1alpha1", + "field_path": null, + "kind": "TidbCluster", + "name": "test-cluster", + "namespace": "acto-namespace", + "resource_version": "1276", + "uid": "eff6561e-bf0d-471c-99a1-71f35603bc87" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:52+00:00", + "message": "create Service test-cluster-tidb-peer in test-cluster successful", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:52+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "tidb-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:52+00:00" + } + ], + "name": "test-cluster.17b7939522422f7f", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1328", + "self_link": null, + "uid": "42b87236-9ae6-46c7-ac5a-7c2ded1c2dbf" + }, + "reason": "SuccessfulCreate", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "tidb-controller-manager", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:52+00:00", + "involved_object": { + "api_version": "pingcap.com/v1alpha1", + "field_path": null, + "kind": "TidbCluster", + "name": "test-cluster", + "namespace": "acto-namespace", + "resource_version": "1276", + "uid": "eff6561e-bf0d-471c-99a1-71f35603bc87" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:52+00:00", + "message": "create Service test-cluster-tidb in test-cluster successful", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:52+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "tidb-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:52+00:00" + } + ], + "name": "test-cluster.17b7939522d7ca82", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1335", + "self_link": null, + "uid": "7b1a3adc-4975-46c0-8081-006f50546121" + }, + "reason": "SuccessfulCreate", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "tidb-controller-manager", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:52+00:00", + "involved_object": { + "api_version": "pingcap.com/v1alpha1", + "field_path": null, + "kind": "TidbCluster", + "name": "test-cluster", + "namespace": "acto-namespace", + "resource_version": "1276", + "uid": "eff6561e-bf0d-471c-99a1-71f35603bc87" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:52+00:00", + "message": "create ConfigMap/test-cluster-tidb-6662316 for controller TidbCluster/test-cluster successfully", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:52+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "tidb-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:52+00:00" + } + ], + "name": "test-cluster.17b793952310eb7c", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1336", + "self_link": null, + "uid": "4da22bf8-763d-48d7-b40f-3d971c6b90f2" + }, + "reason": "Successfully Create", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "tidb-controller-manager", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:52+00:00", + "involved_object": { + "api_version": "pingcap.com/v1alpha1", + "field_path": null, + "kind": "TidbCluster", + "name": "test-cluster", + "namespace": "acto-namespace", + "resource_version": "1276", + "uid": "eff6561e-bf0d-471c-99a1-71f35603bc87" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:52+00:00", + "message": "create StatefulSet test-cluster-tidb in test-cluster successful", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:52+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "tidb-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:52+00:00" + } + ], + "name": "test-cluster.17b79395235139f8", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1338", + "self_link": null, + "uid": "690663af-229f-4973-80c8-d08287f45821" + }, + "reason": "SuccessfulCreate", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "tidb-controller-manager", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:19:29+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "Pod", + "name": "tidb-controller-manager-557c4dfc97-7cn54", + "namespace": "acto-namespace", + "resource_version": "683", + "uid": "1b5f4287-9e8f-4dfd-b476-83d117b0f171" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:19:29+00:00", + "message": "Successfully assigned acto-namespace/tidb-controller-manager-557c4dfc97-7cn54 to acto-0-cluster-0-worker3", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:19:29+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-scheduler", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:29+00:00" + } + ], + "name": "tidb-controller-manager-557c4dfc97-7cn54.17b79381c28e1d3e", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "694", + "self_link": null, + "uid": "69b39543-6ac4-474d-97a6-2ffcd89960ae" + }, + "reason": "Scheduled", + "related": null, + "reporting_component": "default-scheduler", + "reporting_instance": "", + "series": null, + "source": { + "component": "default-scheduler", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:19:29+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{tidb-operator}", + "kind": "Pod", + "name": "tidb-controller-manager-557c4dfc97-7cn54", + "namespace": "acto-namespace", + "resource_version": "688", + "uid": "1b5f4287-9e8f-4dfd-b476-83d117b0f171" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:19:29+00:00", + "message": "Container image \"pingcap/tidb-operator:v1.3.2\" already present on machine", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:19:29+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:reportingInstance": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:29+00:00" + } + ], + "name": "tidb-controller-manager-557c4dfc97-7cn54.17b79381f31bf100", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "703", + "self_link": null, + "uid": "bdb1507f-1ef4-43e0-adef-cd025e9d9999" + }, + "reason": "Pulled", + "related": null, + "reporting_component": "kubelet", + "reporting_instance": "acto-0-cluster-0-worker3", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker3" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:19:29+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{tidb-operator}", + "kind": "Pod", + "name": "tidb-controller-manager-557c4dfc97-7cn54", + "namespace": "acto-namespace", + "resource_version": "688", + "uid": "1b5f4287-9e8f-4dfd-b476-83d117b0f171" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:19:29+00:00", + "message": "Created container tidb-operator", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:19:29+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:reportingInstance": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:29+00:00" + } + ], + "name": "tidb-controller-manager-557c4dfc97-7cn54.17b79381f5221b31", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "705", + "self_link": null, + "uid": "eecc9382-c45f-45c1-913e-b1e24feef0ca" + }, + "reason": "Created", + "related": null, + "reporting_component": "kubelet", + "reporting_instance": "acto-0-cluster-0-worker3", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker3" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:19:30+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{tidb-operator}", + "kind": "Pod", + "name": "tidb-controller-manager-557c4dfc97-7cn54", + "namespace": "acto-namespace", + "resource_version": "688", + "uid": "1b5f4287-9e8f-4dfd-b476-83d117b0f171" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:19:30+00:00", + "message": "Started container tidb-operator", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:19:30+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:reportingInstance": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:30+00:00" + } + ], + "name": "tidb-controller-manager-557c4dfc97-7cn54.17b79381fecb40a5", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "707", + "self_link": null, + "uid": "d421a566-e8dd-4edb-a641-45aa286e5dce" + }, + "reason": "Started", + "related": null, + "reporting_component": "kubelet", + "reporting_instance": "acto-0-cluster-0-worker3", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker3" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:19:35+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{tidb-operator}", + "kind": "Pod", + "name": "tidb-controller-manager-557c4dfc97-7cn54", + "namespace": "acto-namespace", + "resource_version": "688", + "uid": "1b5f4287-9e8f-4dfd-b476-83d117b0f171" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:19:35+00:00", + "message": "Stopping container tidb-operator", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:19:35+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:reportingInstance": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:35+00:00" + } + ], + "name": "tidb-controller-manager-557c4dfc97-7cn54.17b793833f242946", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "779", + "self_link": null, + "uid": "30ee6997-c5d1-4e9e-a856-0f69b161d829" + }, + "reason": "Killing", + "related": null, + "reporting_component": "kubelet", + "reporting_instance": "acto-0-cluster-0-worker3", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker3" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:19:29+00:00", + "involved_object": { + "api_version": "apps/v1", + "field_path": null, + "kind": "ReplicaSet", + "name": "tidb-controller-manager-557c4dfc97", + "namespace": "acto-namespace", + "resource_version": "678", + "uid": "9180745c-6c23-4a06-a200-47a31555f8ce" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:19:29+00:00", + "message": "Created pod: tidb-controller-manager-557c4dfc97-7cn54", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:19:29+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:29+00:00" + } + ], + "name": "tidb-controller-manager-557c4dfc97.17b79381c2558677", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "687", + "self_link": null, + "uid": "00f5807c-5093-4833-b382-d1754c3d5297" + }, + "reason": "SuccessfulCreate", + "related": null, + "reporting_component": "replicaset-controller", + "reporting_instance": "", + "series": null, + "source": { + "component": "replicaset-controller", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:19:35+00:00", + "involved_object": { + "api_version": "apps/v1", + "field_path": null, + "kind": "ReplicaSet", + "name": "tidb-controller-manager-557c4dfc97", + "namespace": "acto-namespace", + "resource_version": "774", + "uid": "9180745c-6c23-4a06-a200-47a31555f8ce" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:19:35+00:00", + "message": "Deleted pod: tidb-controller-manager-557c4dfc97-7cn54", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:19:35+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:35+00:00" + } + ], + "name": "tidb-controller-manager-557c4dfc97.17b793833f1f6637", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "778", + "self_link": null, + "uid": "05f1fb77-fe6c-40c0-a01e-2e70869edd5d" + }, + "reason": "SuccessfulDelete", + "related": null, + "reporting_component": "replicaset-controller", + "reporting_instance": "", + "series": null, + "source": { + "component": "replicaset-controller", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:19:34+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "Pod", + "name": "tidb-controller-manager-7b6bdb846c-75s8q", + "namespace": "acto-namespace", + "resource_version": "733", + "uid": "b93e5400-95b9-4849-81cd-5e05969d0494" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:19:34+00:00", + "message": "Successfully assigned acto-namespace/tidb-controller-manager-7b6bdb846c-75s8q to acto-0-cluster-0-worker", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:19:34+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-scheduler", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:34+00:00" + } + ], + "name": "tidb-controller-manager-7b6bdb846c-75s8q.17b79382f0ef9d5d", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "739", + "self_link": null, + "uid": "abb007ec-30c8-44bf-ba8d-ee8d162898fa" + }, + "reason": "Scheduled", + "related": null, + "reporting_component": "default-scheduler", + "reporting_instance": "", + "series": null, + "source": { + "component": "default-scheduler", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:19:34+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{tidb-operator}", + "kind": "Pod", + "name": "tidb-controller-manager-7b6bdb846c-75s8q", + "namespace": "acto-namespace", + "resource_version": "736", + "uid": "b93e5400-95b9-4849-81cd-5e05969d0494" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:19:34+00:00", + "message": "Container image \"pingcap/tidb-operator:v1.3.2\" already present on machine", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:19:34+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:reportingInstance": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:34+00:00" + } + ], + "name": "tidb-controller-manager-7b6bdb846c-75s8q.17b793830dbfd9db", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "760", + "self_link": null, + "uid": "351f136c-c251-425c-a0d5-198a76e5f8c4" + }, + "reason": "Pulled", + "related": null, + "reporting_component": "kubelet", + "reporting_instance": "acto-0-cluster-0-worker", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:19:34+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{tidb-operator}", + "kind": "Pod", + "name": "tidb-controller-manager-7b6bdb846c-75s8q", + "namespace": "acto-namespace", + "resource_version": "736", + "uid": "b93e5400-95b9-4849-81cd-5e05969d0494" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:19:34+00:00", + "message": "Created container tidb-operator", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:19:34+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:reportingInstance": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:34+00:00" + } + ], + "name": "tidb-controller-manager-7b6bdb846c-75s8q.17b79383103b9d93", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "762", + "self_link": null, + "uid": "189bf675-5df0-4040-8e95-441bf2769244" + }, + "reason": "Created", + "related": null, + "reporting_component": "kubelet", + "reporting_instance": "acto-0-cluster-0-worker", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:19:34+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{tidb-operator}", + "kind": "Pod", + "name": "tidb-controller-manager-7b6bdb846c-75s8q", + "namespace": "acto-namespace", + "resource_version": "736", + "uid": "b93e5400-95b9-4849-81cd-5e05969d0494" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:19:34+00:00", + "message": "Started container tidb-operator", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:19:34+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:reportingInstance": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:34+00:00" + } + ], + "name": "tidb-controller-manager-7b6bdb846c-75s8q.17b7938315b8e0ae", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "764", + "self_link": null, + "uid": "ddad3e10-12d8-4f8d-8402-e9618638303a" + }, + "reason": "Started", + "related": null, + "reporting_component": "kubelet", + "reporting_instance": "acto-0-cluster-0-worker", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:19:34+00:00", + "involved_object": { + "api_version": "apps/v1", + "field_path": null, + "kind": "ReplicaSet", + "name": "tidb-controller-manager-7b6bdb846c", + "namespace": "acto-namespace", + "resource_version": "730", + "uid": "bb205349-db16-4be3-a580-837c95106a43" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:19:34+00:00", + "message": "Created pod: tidb-controller-manager-7b6bdb846c-75s8q", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:19:34+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:34+00:00" + } + ], + "name": "tidb-controller-manager-7b6bdb846c.17b79382f0b85ff8", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "735", + "self_link": null, + "uid": "438f5cb3-56de-4997-aaa9-1a2bdd39ee57" + }, + "reason": "SuccessfulCreate", + "related": null, + "reporting_component": "replicaset-controller", + "reporting_instance": "", + "series": null, + "source": { + "component": "replicaset-controller", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:19:29+00:00", + "involved_object": { + "api_version": "apps/v1", + "field_path": null, + "kind": "Deployment", + "name": "tidb-controller-manager", + "namespace": "acto-namespace", + "resource_version": "677", + "uid": "9c9a1175-4094-401b-b70a-d6cf986e73ea" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:19:29+00:00", + "message": "Scaled up replica set tidb-controller-manager-557c4dfc97 to 1", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:19:29+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:29+00:00" + } + ], + "name": "tidb-controller-manager.17b79381c2020862", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "680", + "self_link": null, + "uid": "8c975d09-3a93-447f-a68d-a1750538a27c" + }, + "reason": "ScalingReplicaSet", + "related": null, + "reporting_component": "deployment-controller", + "reporting_instance": "", + "series": null, + "source": { + "component": "deployment-controller", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:19:34+00:00", + "involved_object": { + "api_version": "apps/v1", + "field_path": null, + "kind": "Deployment", + "name": "tidb-controller-manager", + "namespace": "acto-namespace", + "resource_version": "729", + "uid": "9c9a1175-4094-401b-b70a-d6cf986e73ea" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:19:34+00:00", + "message": "Scaled up replica set tidb-controller-manager-7b6bdb846c to 1", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:19:34+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:34+00:00" + } + ], + "name": "tidb-controller-manager.17b79382f089349d", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "732", + "self_link": null, + "uid": "77e5954f-a6cd-4bbe-ada7-a4ae06c953fe" + }, + "reason": "ScalingReplicaSet", + "related": null, + "reporting_component": "deployment-controller", + "reporting_instance": "", + "series": null, + "source": { + "component": "deployment-controller", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:19:35+00:00", + "involved_object": { + "api_version": "apps/v1", + "field_path": null, + "kind": "Deployment", + "name": "tidb-controller-manager", + "namespace": "acto-namespace", + "resource_version": "745", + "uid": "9c9a1175-4094-401b-b70a-d6cf986e73ea" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:19:35+00:00", + "message": "Scaled down replica set tidb-controller-manager-557c4dfc97 to 0 from 1", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:19:35+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:35+00:00" + } + ], + "name": "tidb-controller-manager.17b793833ee02683", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "775", + "self_link": null, + "uid": "dc4f188e-ae44-4d36-8be6-1d6b8b4637f4" + }, + "reason": "ScalingReplicaSet", + "related": null, + "reporting_component": "deployment-controller", + "reporting_instance": "", + "series": null, + "source": { + "component": "deployment-controller", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:19:34+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "Pod", + "name": "tidb-scheduler-77874455fc-dxfhz", + "namespace": "acto-namespace", + "resource_version": "746", + "uid": "b5ef8809-da58-498b-8b27-4d7f2c32a074" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:19:34+00:00", + "message": "Successfully assigned acto-namespace/tidb-scheduler-77874455fc-dxfhz to acto-0-cluster-0-worker3", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:19:34+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-scheduler", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:34+00:00" + } + ], + "name": "tidb-scheduler-77874455fc-dxfhz.17b79382f1bab450", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "751", + "self_link": null, + "uid": "76105014-dc43-4da9-837f-63321a24daf4" + }, + "reason": "Scheduled", + "related": null, + "reporting_component": "default-scheduler", + "reporting_instance": "", + "series": null, + "source": { + "component": "default-scheduler", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:19:34+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{tidb-scheduler}", + "kind": "Pod", + "name": "tidb-scheduler-77874455fc-dxfhz", + "namespace": "acto-namespace", + "resource_version": "749", + "uid": "b5ef8809-da58-498b-8b27-4d7f2c32a074" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:19:34+00:00", + "message": "Container image \"pingcap/tidb-operator:v1.3.2\" already present on machine", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:19:34+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:reportingInstance": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:34+00:00" + } + ], + "name": "tidb-scheduler-77874455fc-dxfhz.17b793830d91d436", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "759", + "self_link": null, + "uid": "df3dc8ab-add8-4fcb-8251-1e7b66c0f09f" + }, + "reason": "Pulled", + "related": null, + "reporting_component": "kubelet", + "reporting_instance": "acto-0-cluster-0-worker3", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker3" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:19:34+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{tidb-scheduler}", + "kind": "Pod", + "name": "tidb-scheduler-77874455fc-dxfhz", + "namespace": "acto-namespace", + "resource_version": "749", + "uid": "b5ef8809-da58-498b-8b27-4d7f2c32a074" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:19:34+00:00", + "message": "Created container tidb-scheduler", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:19:34+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:reportingInstance": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:34+00:00" + } + ], + "name": "tidb-scheduler-77874455fc-dxfhz.17b7938310187511", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "761", + "self_link": null, + "uid": "3563840d-22c3-4d0b-b94d-134320807e14" + }, + "reason": "Created", + "related": null, + "reporting_component": "kubelet", + "reporting_instance": "acto-0-cluster-0-worker3", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker3" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:19:34+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{tidb-scheduler}", + "kind": "Pod", + "name": "tidb-scheduler-77874455fc-dxfhz", + "namespace": "acto-namespace", + "resource_version": "749", + "uid": "b5ef8809-da58-498b-8b27-4d7f2c32a074" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:19:34+00:00", + "message": "Started container tidb-scheduler", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:19:34+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:reportingInstance": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:34+00:00" + } + ], + "name": "tidb-scheduler-77874455fc-dxfhz.17b7938318eabb82", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "765", + "self_link": null, + "uid": "c4fb5270-327b-4d1a-af07-c21b490be25a" + }, + "reason": "Started", + "related": null, + "reporting_component": "kubelet", + "reporting_instance": "acto-0-cluster-0-worker3", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker3" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:19:34+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{kube-scheduler}", + "kind": "Pod", + "name": "tidb-scheduler-77874455fc-dxfhz", + "namespace": "acto-namespace", + "resource_version": "749", + "uid": "b5ef8809-da58-498b-8b27-4d7f2c32a074" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:19:34+00:00", + "message": "Pulling image \"k8s.gcr.io/kube-scheduler:v1.22.9\"", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:19:34+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:reportingInstance": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:34+00:00" + } + ], + "name": "tidb-scheduler-77874455fc-dxfhz.17b7938318f2ca88", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "766", + "self_link": null, + "uid": "10a53c7a-7c7e-4a6d-a9d5-80392239ad02" + }, + "reason": "Pulling", + "related": null, + "reporting_component": "kubelet", + "reporting_instance": "acto-0-cluster-0-worker3", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker3" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:19:36+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{kube-scheduler}", + "kind": "Pod", + "name": "tidb-scheduler-77874455fc-dxfhz", + "namespace": "acto-namespace", + "resource_version": "749", + "uid": "b5ef8809-da58-498b-8b27-4d7f2c32a074" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:19:36+00:00", + "message": "Successfully pulled image \"k8s.gcr.io/kube-scheduler:v1.22.9\" in 1.455s (1.455s including waiting)", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:19:36+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:reportingInstance": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:36+00:00" + } + ], + "name": "tidb-scheduler-77874455fc-dxfhz.17b793836fad6d59", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "784", + "self_link": null, + "uid": "601a8526-4199-4231-a569-ec42d57166c2" + }, + "reason": "Pulled", + "related": null, + "reporting_component": "kubelet", + "reporting_instance": "acto-0-cluster-0-worker3", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker3" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:19:36+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{kube-scheduler}", + "kind": "Pod", + "name": "tidb-scheduler-77874455fc-dxfhz", + "namespace": "acto-namespace", + "resource_version": "749", + "uid": "b5ef8809-da58-498b-8b27-4d7f2c32a074" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:19:36+00:00", + "message": "Created container kube-scheduler", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:19:36+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:reportingInstance": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:36+00:00" + } + ], + "name": "tidb-scheduler-77874455fc-dxfhz.17b7938370ac20c5", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "786", + "self_link": null, + "uid": "23293e52-71f2-4aba-ba42-803e422c5e73" + }, + "reason": "Created", + "related": null, + "reporting_component": "kubelet", + "reporting_instance": "acto-0-cluster-0-worker3", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker3" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:19:36+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{kube-scheduler}", + "kind": "Pod", + "name": "tidb-scheduler-77874455fc-dxfhz", + "namespace": "acto-namespace", + "resource_version": "749", + "uid": "b5ef8809-da58-498b-8b27-4d7f2c32a074" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:19:36+00:00", + "message": "Started container kube-scheduler", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:19:36+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:reportingInstance": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:36+00:00" + } + ], + "name": "tidb-scheduler-77874455fc-dxfhz.17b7938376bc6e76", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "787", + "self_link": null, + "uid": "83973356-a659-4c38-8c6d-9a447f166c92" + }, + "reason": "Started", + "related": null, + "reporting_component": "kubelet", + "reporting_instance": "acto-0-cluster-0-worker3", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker3" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:19:34+00:00", + "involved_object": { + "api_version": "apps/v1", + "field_path": null, + "kind": "ReplicaSet", + "name": "tidb-scheduler-77874455fc", + "namespace": "acto-namespace", + "resource_version": "742", + "uid": "c9b2667a-583a-46ba-9e81-967fa44bd897" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:19:34+00:00", + "message": "Created pod: tidb-scheduler-77874455fc-dxfhz", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:19:34+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:34+00:00" + } + ], + "name": "tidb-scheduler-77874455fc.17b79382f17cefc8", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "748", + "self_link": null, + "uid": "b2e2b420-148c-41ac-8439-7136dd7f8ed1" + }, + "reason": "SuccessfulCreate", + "related": null, + "reporting_component": "replicaset-controller", + "reporting_instance": "", + "series": null, + "source": { + "component": "replicaset-controller", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:19:29+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "Pod", + "name": "tidb-scheduler-9cbd6945f-8qz6m", + "namespace": "acto-namespace", + "resource_version": "685", + "uid": "a50b4b85-3b9b-4858-9bf7-36c17086b4f9" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:19:29+00:00", + "message": "Successfully assigned acto-namespace/tidb-scheduler-9cbd6945f-8qz6m to acto-0-cluster-0-worker2", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:19:29+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-scheduler", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:29+00:00" + } + ], + "name": "tidb-scheduler-9cbd6945f-8qz6m.17b79381c2aeebc2", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "698", + "self_link": null, + "uid": "081dfeb2-aba1-401b-9113-ba441134f1cc" + }, + "reason": "Scheduled", + "related": null, + "reporting_component": "default-scheduler", + "reporting_instance": "", + "series": null, + "source": { + "component": "default-scheduler", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:19:29+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{tidb-scheduler}", + "kind": "Pod", + "name": "tidb-scheduler-9cbd6945f-8qz6m", + "namespace": "acto-namespace", + "resource_version": "692", + "uid": "a50b4b85-3b9b-4858-9bf7-36c17086b4f9" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:19:29+00:00", + "message": "Container image \"pingcap/tidb-operator:v1.3.2\" already present on machine", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:19:29+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:reportingInstance": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:29+00:00" + } + ], + "name": "tidb-scheduler-9cbd6945f-8qz6m.17b79381f329a917", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "704", + "self_link": null, + "uid": "80e38923-172c-4048-bdff-743580034687" + }, + "reason": "Pulled", + "related": null, + "reporting_component": "kubelet", + "reporting_instance": "acto-0-cluster-0-worker2", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker2" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:19:29+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{tidb-scheduler}", + "kind": "Pod", + "name": "tidb-scheduler-9cbd6945f-8qz6m", + "namespace": "acto-namespace", + "resource_version": "692", + "uid": "a50b4b85-3b9b-4858-9bf7-36c17086b4f9" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:19:29+00:00", + "message": "Created container tidb-scheduler", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:19:29+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:reportingInstance": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:29+00:00" + } + ], + "name": "tidb-scheduler-9cbd6945f-8qz6m.17b79381f534e7ac", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "706", + "self_link": null, + "uid": "c34387bc-b1f6-4183-89e0-52dd5b64663f" + }, + "reason": "Created", + "related": null, + "reporting_component": "kubelet", + "reporting_instance": "acto-0-cluster-0-worker2", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker2" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:19:30+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{tidb-scheduler}", + "kind": "Pod", + "name": "tidb-scheduler-9cbd6945f-8qz6m", + "namespace": "acto-namespace", + "resource_version": "692", + "uid": "a50b4b85-3b9b-4858-9bf7-36c17086b4f9" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:19:30+00:00", + "message": "Started container tidb-scheduler", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:19:30+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:reportingInstance": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:30+00:00" + } + ], + "name": "tidb-scheduler-9cbd6945f-8qz6m.17b79381fedf92fb", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "708", + "self_link": null, + "uid": "28676b59-cf5d-4b20-b3b9-0b1c12a57deb" + }, + "reason": "Started", + "related": null, + "reporting_component": "kubelet", + "reporting_instance": "acto-0-cluster-0-worker2", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker2" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:19:30+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{kube-scheduler}", + "kind": "Pod", + "name": "tidb-scheduler-9cbd6945f-8qz6m", + "namespace": "acto-namespace", + "resource_version": "692", + "uid": "a50b4b85-3b9b-4858-9bf7-36c17086b4f9" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:19:30+00:00", + "message": "Pulling image \"k8s.gcr.io/kube-scheduler:v1.22.9\"", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:19:30+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:reportingInstance": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:30+00:00" + } + ], + "name": "tidb-scheduler-9cbd6945f-8qz6m.17b79381feec63af", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "709", + "self_link": null, + "uid": "470165b6-c4b9-4dff-a92f-4eab2e11ba16" + }, + "reason": "Pulling", + "related": null, + "reporting_component": "kubelet", + "reporting_instance": "acto-0-cluster-0-worker2", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker2" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:19:31+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{kube-scheduler}", + "kind": "Pod", + "name": "tidb-scheduler-9cbd6945f-8qz6m", + "namespace": "acto-namespace", + "resource_version": "692", + "uid": "a50b4b85-3b9b-4858-9bf7-36c17086b4f9" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:19:31+00:00", + "message": "Successfully pulled image \"k8s.gcr.io/kube-scheduler:v1.22.9\" in 1.318s (1.318s including waiting)", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:19:31+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:reportingInstance": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:31+00:00" + } + ], + "name": "tidb-scheduler-9cbd6945f-8qz6m.17b793824d7bc8c6", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "717", + "self_link": null, + "uid": "1387368b-2cf6-4356-bfad-199112e0abc4" + }, + "reason": "Pulled", + "related": null, + "reporting_component": "kubelet", + "reporting_instance": "acto-0-cluster-0-worker2", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker2" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:19:31+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{kube-scheduler}", + "kind": "Pod", + "name": "tidb-scheduler-9cbd6945f-8qz6m", + "namespace": "acto-namespace", + "resource_version": "692", + "uid": "a50b4b85-3b9b-4858-9bf7-36c17086b4f9" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:19:31+00:00", + "message": "Created container kube-scheduler", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:19:31+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:reportingInstance": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:31+00:00" + } + ], + "name": "tidb-scheduler-9cbd6945f-8qz6m.17b793824e8eae31", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "718", + "self_link": null, + "uid": "d218df26-0c9e-4f80-84ff-6282d7072e35" + }, + "reason": "Created", + "related": null, + "reporting_component": "kubelet", + "reporting_instance": "acto-0-cluster-0-worker2", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker2" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:19:31+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{kube-scheduler}", + "kind": "Pod", + "name": "tidb-scheduler-9cbd6945f-8qz6m", + "namespace": "acto-namespace", + "resource_version": "692", + "uid": "a50b4b85-3b9b-4858-9bf7-36c17086b4f9" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:19:31+00:00", + "message": "Started container kube-scheduler", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:19:31+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:reportingInstance": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:31+00:00" + } + ], + "name": "tidb-scheduler-9cbd6945f-8qz6m.17b7938257e3c299", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "719", + "self_link": null, + "uid": "d488ad29-de1a-4eeb-ab1e-d03803e3379f" + }, + "reason": "Started", + "related": null, + "reporting_component": "kubelet", + "reporting_instance": "acto-0-cluster-0-worker2", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker2" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:19:37+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{tidb-scheduler}", + "kind": "Pod", + "name": "tidb-scheduler-9cbd6945f-8qz6m", + "namespace": "acto-namespace", + "resource_version": "692", + "uid": "a50b4b85-3b9b-4858-9bf7-36c17086b4f9" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:19:37+00:00", + "message": "Stopping container tidb-scheduler", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:19:37+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:reportingInstance": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:37+00:00" + } + ], + "name": "tidb-scheduler-9cbd6945f-8qz6m.17b79383ac8e41e0", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "799", + "self_link": null, + "uid": "f04403ab-a7e4-4eda-bdcf-ea4d070f402d" + }, + "reason": "Killing", + "related": null, + "reporting_component": "kubelet", + "reporting_instance": "acto-0-cluster-0-worker2", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker2" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:19:37+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{kube-scheduler}", + "kind": "Pod", + "name": "tidb-scheduler-9cbd6945f-8qz6m", + "namespace": "acto-namespace", + "resource_version": "692", + "uid": "a50b4b85-3b9b-4858-9bf7-36c17086b4f9" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:19:37+00:00", + "message": "Stopping container kube-scheduler", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:19:37+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:reportingInstance": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:37+00:00" + } + ], + "name": "tidb-scheduler-9cbd6945f-8qz6m.17b79383ac8f11c6", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "801", + "self_link": null, + "uid": "af6113a7-3b4d-4a4c-b3f7-c469abf9d11a" + }, + "reason": "Killing", + "related": null, + "reporting_component": "kubelet", + "reporting_instance": "acto-0-cluster-0-worker2", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker2" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:19:29+00:00", + "involved_object": { + "api_version": "apps/v1", + "field_path": null, + "kind": "ReplicaSet", + "name": "tidb-scheduler-9cbd6945f", + "namespace": "acto-namespace", + "resource_version": "682", + "uid": "f692c4ab-ad60-4ebc-a2dc-e0dbbe13e0dc" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:19:29+00:00", + "message": "Created pod: tidb-scheduler-9cbd6945f-8qz6m", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:19:29+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:29+00:00" + } + ], + "name": "tidb-scheduler-9cbd6945f.17b79381c27813d8", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "693", + "self_link": null, + "uid": "f03b16cd-0651-4742-abe7-335db9507fa0" + }, + "reason": "SuccessfulCreate", + "related": null, + "reporting_component": "replicaset-controller", + "reporting_instance": "", + "series": null, + "source": { + "component": "replicaset-controller", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:19:37+00:00", + "involved_object": { + "api_version": "apps/v1", + "field_path": null, + "kind": "ReplicaSet", + "name": "tidb-scheduler-9cbd6945f", + "namespace": "acto-namespace", + "resource_version": "794", + "uid": "f692c4ab-ad60-4ebc-a2dc-e0dbbe13e0dc" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:19:37+00:00", + "message": "Deleted pod: tidb-scheduler-9cbd6945f-8qz6m", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:19:37+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:37+00:00" + } + ], + "name": "tidb-scheduler-9cbd6945f.17b79383ac86ee05", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "800", + "self_link": null, + "uid": "b36f6ad9-bafe-44b8-9a8e-21a260f97113" + }, + "reason": "SuccessfulDelete", + "related": null, + "reporting_component": "replicaset-controller", + "reporting_instance": "", + "series": null, + "source": { + "component": "replicaset-controller", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:19:29+00:00", + "involved_object": { + "api_version": "apps/v1", + "field_path": null, + "kind": "Deployment", + "name": "tidb-scheduler", + "namespace": "acto-namespace", + "resource_version": "679", + "uid": "20ba2e7c-07eb-48ca-a4b7-a91c7be753f3" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:19:29+00:00", + "message": "Scaled up replica set tidb-scheduler-9cbd6945f to 1", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:19:29+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:29+00:00" + } + ], + "name": "tidb-scheduler.17b79381c2416642", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "684", + "self_link": null, + "uid": "673a9351-dfcd-41cd-bffd-ba681663237f" + }, + "reason": "ScalingReplicaSet", + "related": null, + "reporting_component": "deployment-controller", + "reporting_instance": "", + "series": null, + "source": { + "component": "deployment-controller", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:19:34+00:00", + "involved_object": { + "api_version": "apps/v1", + "field_path": null, + "kind": "Deployment", + "name": "tidb-scheduler", + "namespace": "acto-namespace", + "resource_version": "738", + "uid": "20ba2e7c-07eb-48ca-a4b7-a91c7be753f3" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:19:34+00:00", + "message": "Scaled up replica set tidb-scheduler-77874455fc to 1", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:19:34+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:34+00:00" + } + ], + "name": "tidb-scheduler.17b79382f143e7b4", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "744", + "self_link": null, + "uid": "5478cb68-49c6-4f25-9772-d4d1297a6b19" + }, + "reason": "ScalingReplicaSet", + "related": null, + "reporting_component": "deployment-controller", + "reporting_instance": "", + "series": null, + "source": { + "component": "deployment-controller", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:19:37+00:00", + "involved_object": { + "api_version": "apps/v1", + "field_path": null, + "kind": "Deployment", + "name": "tidb-scheduler", + "namespace": "acto-namespace", + "resource_version": "755", + "uid": "20ba2e7c-07eb-48ca-a4b7-a91c7be753f3" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:19:37+00:00", + "message": "Scaled down replica set tidb-scheduler-9cbd6945f to 0 from 1", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:19:37+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:37+00:00" + } + ], + "name": "tidb-scheduler.17b79383ac5ae688", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "795", + "self_link": null, + "uid": "525c03fa-f30a-4afd-a5b3-56e8b460843b" + }, + "reason": "ScalingReplicaSet", + "related": null, + "reporting_component": "deployment-controller", + "reporting_instance": "", + "series": null, + "source": { + "component": "deployment-controller", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:22+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "PersistentVolumeClaim", + "name": "tikv-test-cluster-tikv-0", + "namespace": "acto-namespace", + "resource_version": "1093", + "uid": "c3881bdf-3987-4437-afed-2cce93ffbdf3" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:22+00:00", + "message": "waiting for first consumer to be created before binding", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:22+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:22+00:00" + } + ], + "name": "tikv-test-cluster-tikv-0.17b7938e260950e7", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1095", + "self_link": null, + "uid": "64438c94-efc5-4c6b-983f-e57e09c77c2e" + }, + "reason": "WaitForFirstConsumer", + "related": null, + "reporting_component": "persistentvolume-controller", + "reporting_instance": "", + "series": null, + "source": { + "component": "persistentvolume-controller", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:22+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "PersistentVolumeClaim", + "name": "tikv-test-cluster-tikv-0", + "namespace": "acto-namespace", + "resource_version": "1103", + "uid": "c3881bdf-3987-4437-afed-2cce93ffbdf3" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:22+00:00", + "message": "Waiting for a volume to be created either by the external provisioner 'rancher.io/local-path' or manually by the system administrator. If volume creation is delayed, please verify that the provisioner is running and correctly registered.", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:22+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:22+00:00" + } + ], + "name": "tikv-test-cluster-tikv-0.17b7938e26e1f133", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1108", + "self_link": null, + "uid": "4bb3c423-b6b0-404b-a169-39a8fcbeb51f" + }, + "reason": "ExternalProvisioning", + "related": null, + "reporting_component": "persistentvolume-controller", + "reporting_instance": "", + "series": null, + "source": { + "component": "persistentvolume-controller", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:22+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "PersistentVolumeClaim", + "name": "tikv-test-cluster-tikv-0", + "namespace": "acto-namespace", + "resource_version": "1103", + "uid": "c3881bdf-3987-4437-afed-2cce93ffbdf3" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:22+00:00", + "message": "External provisioner is provisioning volume for claim \"acto-namespace/tikv-test-cluster-tikv-0\"", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:22+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "local-path-provisioner", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:22+00:00" + } + ], + "name": "tikv-test-cluster-tikv-0.17b7938e26fb3ebf", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1111", + "self_link": null, + "uid": "e2f01bd9-f947-416c-8aa5-d4ee0d0371e5" + }, + "reason": "Provisioning", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "rancher.io/local-path_local-path-provisioner-6f8956fb48-lwlfv_e2117ef4-1e8a-440b-bb31-b48086ca1c88", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:25+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "PersistentVolumeClaim", + "name": "tikv-test-cluster-tikv-0", + "namespace": "acto-namespace", + "resource_version": "1103", + "uid": "c3881bdf-3987-4437-afed-2cce93ffbdf3" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:25+00:00", + "message": "Successfully provisioned volume pvc-c3881bdf-3987-4437-afed-2cce93ffbdf3", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:25+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "local-path-provisioner", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:25+00:00" + } + ], + "name": "tikv-test-cluster-tikv-0.17b7938ef1b29926", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1215", + "self_link": null, + "uid": "fb8fe91f-c554-4501-82ba-70a3ace2096c" + }, + "reason": "ProvisioningSucceeded", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "rancher.io/local-path_local-path-provisioner-6f8956fb48-lwlfv_e2117ef4-1e8a-440b-bb31-b48086ca1c88", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:22+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "PersistentVolumeClaim", + "name": "tikv-test-cluster-tikv-1", + "namespace": "acto-namespace", + "resource_version": "1099", + "uid": "36ffe414-4968-4c09-977a-799a62b46134" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:22+00:00", + "message": "waiting for first consumer to be created before binding", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:22+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:22+00:00" + } + ], + "name": "tikv-test-cluster-tikv-1.17b7938e266f2208", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1106", + "self_link": null, + "uid": "8fb7b579-61fe-4131-a82a-3c04473529f9" + }, + "reason": "WaitForFirstConsumer", + "related": null, + "reporting_component": "persistentvolume-controller", + "reporting_instance": "", + "series": null, + "source": { + "component": "persistentvolume-controller", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 2, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:22+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "PersistentVolumeClaim", + "name": "tikv-test-cluster-tikv-1", + "namespace": "acto-namespace", + "resource_version": "1115", + "uid": "36ffe414-4968-4c09-977a-799a62b46134" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:22+00:00", + "message": "Waiting for a volume to be created either by the external provisioner 'rancher.io/local-path' or manually by the system administrator. If volume creation is delayed, please verify that the provisioner is running and correctly registered.", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:22+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:22+00:00" + } + ], + "name": "tikv-test-cluster-tikv-1.17b7938e275074f3", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1119", + "self_link": null, + "uid": "ba852644-d68d-4b80-9a61-1ca19a18cf4c" + }, + "reason": "ExternalProvisioning", + "related": null, + "reporting_component": "persistentvolume-controller", + "reporting_instance": "", + "series": null, + "source": { + "component": "persistentvolume-controller", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:22+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "PersistentVolumeClaim", + "name": "tikv-test-cluster-tikv-1", + "namespace": "acto-namespace", + "resource_version": "1115", + "uid": "36ffe414-4968-4c09-977a-799a62b46134" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:22+00:00", + "message": "External provisioner is provisioning volume for claim \"acto-namespace/tikv-test-cluster-tikv-1\"", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:22+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "local-path-provisioner", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:22+00:00" + } + ], + "name": "tikv-test-cluster-tikv-1.17b7938e2780dd91", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1120", + "self_link": null, + "uid": "2266c434-7103-412a-9c93-d6d8b220bd3c" + }, + "reason": "Provisioning", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "rancher.io/local-path_local-path-provisioner-6f8956fb48-lwlfv_e2117ef4-1e8a-440b-bb31-b48086ca1c88", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:24+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "PersistentVolumeClaim", + "name": "tikv-test-cluster-tikv-1", + "namespace": "acto-namespace", + "resource_version": "1115", + "uid": "36ffe414-4968-4c09-977a-799a62b46134" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:24+00:00", + "message": "Successfully provisioned volume pvc-36ffe414-4968-4c09-977a-799a62b46134", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:25+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "local-path-provisioner", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:25+00:00" + } + ], + "name": "tikv-test-cluster-tikv-1.17b7938ec209f5d4", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1172", + "self_link": null, + "uid": "5dcdfa01-3356-4b05-8a93-6d204d05f22d" + }, + "reason": "ProvisioningSucceeded", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "rancher.io/local-path_local-path-provisioner-6f8956fb48-lwlfv_e2117ef4-1e8a-440b-bb31-b48086ca1c88", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:22+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "PersistentVolumeClaim", + "name": "tikv-test-cluster-tikv-2", + "namespace": "acto-namespace", + "resource_version": "1097", + "uid": "4c76d8f3-3a67-412e-875b-dae964805d9f" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:22+00:00", + "message": "waiting for first consumer to be created before binding", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:22+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:22+00:00" + } + ], + "name": "tikv-test-cluster-tikv-2.17b7938e266e04ca", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1101", + "self_link": null, + "uid": "e6a4065b-4d06-493a-ba52-02dc77f9a968" + }, + "reason": "WaitForFirstConsumer", + "related": null, + "reporting_component": "persistentvolume-controller", + "reporting_instance": "", + "series": null, + "source": { + "component": "persistentvolume-controller", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 2, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:22+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "PersistentVolumeClaim", + "name": "tikv-test-cluster-tikv-2", + "namespace": "acto-namespace", + "resource_version": "1117", + "uid": "4c76d8f3-3a67-412e-875b-dae964805d9f" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:22+00:00", + "message": "Waiting for a volume to be created either by the external provisioner 'rancher.io/local-path' or manually by the system administrator. If volume creation is delayed, please verify that the provisioner is running and correctly registered.", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:22+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:reportingComponent": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:22+00:00" + } + ], + "name": "tikv-test-cluster-tikv-2.17b7938e276fb066", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1126", + "self_link": null, + "uid": "fd23a2cf-12a1-4149-9aac-f21972472316" + }, + "reason": "ExternalProvisioning", + "related": null, + "reporting_component": "persistentvolume-controller", + "reporting_instance": "", + "series": null, + "source": { + "component": "persistentvolume-controller", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:22+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "PersistentVolumeClaim", + "name": "tikv-test-cluster-tikv-2", + "namespace": "acto-namespace", + "resource_version": "1117", + "uid": "4c76d8f3-3a67-412e-875b-dae964805d9f" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:22+00:00", + "message": "External provisioner is provisioning volume for claim \"acto-namespace/tikv-test-cluster-tikv-2\"", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:22+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "local-path-provisioner", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:22+00:00" + } + ], + "name": "tikv-test-cluster-tikv-2.17b7938e27868fb7", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1125", + "self_link": null, + "uid": "ad158bde-6068-4573-a300-e072514d7732" + }, + "reason": "Provisioning", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "rancher.io/local-path_local-path-provisioner-6f8956fb48-lwlfv_e2117ef4-1e8a-440b-bb31-b48086ca1c88", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-27T01:20:24+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "PersistentVolumeClaim", + "name": "tikv-test-cluster-tikv-2", + "namespace": "acto-namespace", + "resource_version": "1117", + "uid": "4c76d8f3-3a67-412e-875b-dae964805d9f" + }, + "kind": null, + "last_timestamp": "2024-02-27T01:20:24+00:00", + "message": "Successfully provisioned volume pvc-4c76d8f3-3a67-412e-875b-dae964805d9f", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:24+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "local-path-provisioner", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:24+00:00" + } + ], + "name": "tikv-test-cluster-tikv-2.17b7938eab1b1a44", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1159", + "self_link": null, + "uid": "36da393b-2b91-4e6b-bd00-27bef8238dbb" + }, + "reason": "ProvisioningSucceeded", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "rancher.io/local-path_local-path-provisioner-6f8956fb48-lwlfv_e2117ef4-1e8a-440b-bb31-b48086ca1c88", + "host": null + }, + "type": "Normal" + } + ], + "kind": "EventList", + "metadata": { + "_continue": null, + "remaining_item_count": null, + "resource_version": "2725", + "self_link": null + } +} diff --git a/docs/alarm_examples/misoperation/generation-000-runtime.json b/docs/alarm_examples/misoperation/generation-000-runtime.json new file mode 100644 index 0000000000..17b7e9f0bb --- /dev/null +++ b/docs/alarm_examples/misoperation/generation-000-runtime.json @@ -0,0 +1,17 @@ +{ + "testcase": {}, + "step_id": { + "trial": "testrun-2024-02-26-19-18/trial-00-0000", + "generation": 0 + }, + "oracle_result": { + "crash": null, + "health": null, + "operator_log": null, + "consistency": null, + "differential": null, + "custom": null + }, + "cli_status": "Pass", + "is_revert": false +} diff --git a/docs/alarm_examples/misoperation/generation-001-runtime.json b/docs/alarm_examples/misoperation/generation-001-runtime.json new file mode 100644 index 0000000000..678a736f0f --- /dev/null +++ b/docs/alarm_examples/misoperation/generation-001-runtime.json @@ -0,0 +1,22 @@ +{ + "testcase": { + "field": "[\"spec\"]", + "testcase": "step-1" + }, + "step_id": { + "trial": "testrun-2024-02-26-19-18/trial-00-0000", + "generation": 1 + }, + "oracle_result": { + "crash": null, + "health": { + "message": "statefulset: test-cluster-tidb replicas [3] ready_replicas [2]\npod: test-cluster-tidb-2" + }, + "operator_log": null, + "consistency": null, + "differential": null, + "custom": null + }, + "cli_status": "Pass", + "is_revert": false +} diff --git a/docs/alarm_examples/misoperation/mutated--01.yaml b/docs/alarm_examples/misoperation/mutated--01.yaml new file mode 100644 index 0000000000..2d797c2f9c --- /dev/null +++ b/docs/alarm_examples/misoperation/mutated--01.yaml @@ -0,0 +1,40 @@ +apiVersion: pingcap.com/v1alpha1 +kind: TidbCluster +metadata: + name: test-cluster +spec: + configUpdateStrategy: RollingUpdate + enableDynamicConfiguration: true + helper: + image: busybox:1.34.1 + pd: + baseImage: pingcap/pd + config: "[dashboard]\n internal-proxy = true\n" + maxFailoverCount: 0 + mountClusterClientSecret: true + replicas: 3 + requests: + storage: 10Gi + pvReclaimPolicy: Retain + tidb: + baseImage: pingcap/tidb + config: "[performance]\n tcp-keep-alive = true\n" + maxFailoverCount: 0 + replicas: 3 + service: + externalTrafficPolicy: Local + type: NodePort + tikv: + baseImage: pingcap/tikv + config: 'log-level = "info" + + ' + maxFailoverCount: 0 + mountClusterClientSecret: true + recoverFailover: false + replicas: 3 + requests: + storage: 100Gi + separateRaftLog: true + timezone: UTC + version: v5.4.0 diff --git a/docs/alarm_examples/misoperation/mutated-000.yaml b/docs/alarm_examples/misoperation/mutated-000.yaml new file mode 100644 index 0000000000..2d797c2f9c --- /dev/null +++ b/docs/alarm_examples/misoperation/mutated-000.yaml @@ -0,0 +1,40 @@ +apiVersion: pingcap.com/v1alpha1 +kind: TidbCluster +metadata: + name: test-cluster +spec: + configUpdateStrategy: RollingUpdate + enableDynamicConfiguration: true + helper: + image: busybox:1.34.1 + pd: + baseImage: pingcap/pd + config: "[dashboard]\n internal-proxy = true\n" + maxFailoverCount: 0 + mountClusterClientSecret: true + replicas: 3 + requests: + storage: 10Gi + pvReclaimPolicy: Retain + tidb: + baseImage: pingcap/tidb + config: "[performance]\n tcp-keep-alive = true\n" + maxFailoverCount: 0 + replicas: 3 + service: + externalTrafficPolicy: Local + type: NodePort + tikv: + baseImage: pingcap/tikv + config: 'log-level = "info" + + ' + maxFailoverCount: 0 + mountClusterClientSecret: true + recoverFailover: false + replicas: 3 + requests: + storage: 100Gi + separateRaftLog: true + timezone: UTC + version: v5.4.0 diff --git a/docs/alarm_examples/misoperation/mutated-001.yaml b/docs/alarm_examples/misoperation/mutated-001.yaml new file mode 100644 index 0000000000..cfcfe3a940 --- /dev/null +++ b/docs/alarm_examples/misoperation/mutated-001.yaml @@ -0,0 +1,49 @@ +apiVersion: pingcap.com/v1alpha1 +kind: TidbCluster +metadata: + name: test-cluster +spec: + configUpdateStrategy: RollingUpdate + enableDynamicConfiguration: true + helper: + image: busybox:1.34.1 + pd: + baseImage: pingcap/pd + config: "[dashboard]\n internal-proxy = true\n" + maxFailoverCount: 0 + mountClusterClientSecret: true + replicas: 3 + requests: + storage: 10Gi + pvReclaimPolicy: Retain + tidb: + affinity: + nodeAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: + - matchExpressions: + - key: kubernetes.io/hostname + operator: In + values: + - NONE + baseImage: pingcap/tidb + config: "[performance]\n tcp-keep-alive = true\n" + maxFailoverCount: 0 + replicas: 3 + service: + externalTrafficPolicy: Local + type: NodePort + tikv: + baseImage: pingcap/tikv + config: 'log-level = "info" + + ' + maxFailoverCount: 0 + mountClusterClientSecret: true + recoverFailover: false + replicas: 3 + requests: + storage: 100Gi + separateRaftLog: true + timezone: UTC + version: v5.4.0 diff --git a/docs/alarm_examples/misoperation/result.json b/docs/alarm_examples/misoperation/result.json new file mode 100644 index 0000000000..8808dfcc4e --- /dev/null +++ b/docs/alarm_examples/misoperation/result.json @@ -0,0 +1,31594 @@ +{ + "trial_id": "trial-00-0000", + "duration": 1077.7577970027924, + "error": { + "crash": null, + "health": { + "message": "statefulset: test-cluster-tidb replicas [3] ready_replicas [2]\npod: test-cluster-tidb-2" + }, + "operator_log": null, + "consistency": null, + "differential": { + "message": "Recovery test case", + "diff": { + "type_changes": { + "root['pod']['test-cluster-tidb-2']['spec']['affinity']": { + "old_type": "NoneType", + "new_type": "dict", + "old_value": null, + "new_value": { + "node_affinity": { + "preferred_during_scheduling_ignored_during_execution": null, + "required_during_scheduling_ignored_during_execution": { + "node_selector_terms": [ + { + "match_expressions": [ + { + "key": "kubernetes.io/hostname", + "operator": "In", + "values": [ + "NONE" + ] + } + ], + "match_fields": null + } + ] + } + }, + "pod_affinity": null, + "pod_anti_affinity": null + } + } + } + }, + "from_step": { + "trial": "trial-00-0000", + "generation": -2 + }, + "from_state": { + "pod": { + "test-cluster-pd-0": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": { + "prometheus.io/path": "/metrics", + "prometheus.io/port": "2379", + "prometheus.io/scrape": "true" + }, + "creation_timestamp": "2024-02-27T01:19:59+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": "test-cluster-pd-", + "generation": null, + "labels": { + "app.kubernetes.io/component": "pd", + "app.kubernetes.io/instance": "test-cluster", + "app.kubernetes.io/managed-by": "tidb-operator", + "app.kubernetes.io/name": "tidb-cluster", + "apps.kubernetes.io/pod-index": "0", + "controller-revision-hash": "test-cluster-pd-859db88ddf", + "statefulset.kubernetes.io/pod-name": "test-cluster-pd-0", + "tidb.pingcap.com/cluster-id": "7340085439264123903", + "tidb.pingcap.com/member-id": "1141335897322686879" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + ".": {}, + "f:prometheus.io/path": {}, + "f:prometheus.io/port": {}, + "f:prometheus.io/scrape": {} + }, + "f:generateName": {}, + "f:labels": { + ".": {}, + "f:app.kubernetes.io/component": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {}, + "f:apps.kubernetes.io/pod-index": {}, + "f:controller-revision-hash": {}, + "f:statefulset.kubernetes.io/pod-name": {} + }, + "f:ownerReferences": { + ".": {}, + "k:{\"uid\":\"88522170-1faf-4a03-8d4e-f4f6a40c72a7\"}": {} + } + }, + "f:spec": { + "f:containers": { + "k:{\"name\":\"pd\"}": { + ".": {}, + "f:command": {}, + "f:env": { + ".": {}, + "k:{\"name\":\"NAMESPACE\"}": { + ".": {}, + "f:name": {}, + "f:valueFrom": { + ".": {}, + "f:fieldRef": {} + } + }, + "k:{\"name\":\"PEER_SERVICE_NAME\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"SERVICE_NAME\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"SET_NAME\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"TZ\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + } + }, + "f:image": {}, + "f:imagePullPolicy": {}, + "f:name": {}, + "f:ports": { + ".": {}, + "k:{\"containerPort\":2379,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + }, + "k:{\"containerPort\":2380,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + } + }, + "f:resources": {}, + "f:terminationMessagePath": {}, + "f:terminationMessagePolicy": {}, + "f:volumeMounts": { + ".": {}, + "k:{\"mountPath\":\"/etc/pd\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {}, + "f:readOnly": {} + }, + "k:{\"mountPath\":\"/etc/podinfo\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {}, + "f:readOnly": {} + }, + "k:{\"mountPath\":\"/usr/local/bin\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {}, + "f:readOnly": {} + }, + "k:{\"mountPath\":\"/var/lib/pd\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {} + } + } + } + }, + "f:dnsPolicy": {}, + "f:enableServiceLinks": {}, + "f:hostname": {}, + "f:restartPolicy": {}, + "f:schedulerName": {}, + "f:securityContext": {}, + "f:subdomain": {}, + "f:terminationGracePeriodSeconds": {}, + "f:volumes": { + ".": {}, + "k:{\"name\":\"annotations\"}": { + ".": {}, + "f:downwardAPI": { + ".": {}, + "f:defaultMode": {}, + "f:items": {} + }, + "f:name": {} + }, + "k:{\"name\":\"config\"}": { + ".": {}, + "f:configMap": { + ".": {}, + "f:defaultMode": {}, + "f:items": {}, + "f:name": {} + }, + "f:name": {} + }, + "k:{\"name\":\"pd\"}": { + ".": {}, + "f:name": {}, + "f:persistentVolumeClaim": { + ".": {}, + "f:claimName": {} + } + }, + "k:{\"name\":\"startup-script\"}": { + ".": {}, + "f:configMap": { + ".": {}, + "f:defaultMode": {}, + "f:items": {}, + "f:name": {} + }, + "f:name": {} + } + } + } + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:59+00:00" + }, + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:status": { + "f:conditions": { + "k:{\"type\":\"ContainersReady\"}": { + ".": {}, + "f:lastProbeTime": {}, + "f:lastTransitionTime": {}, + "f:status": {}, + "f:type": {} + }, + "k:{\"type\":\"Initialized\"}": { + ".": {}, + "f:lastProbeTime": {}, + "f:lastTransitionTime": {}, + "f:status": {}, + "f:type": {} + }, + "k:{\"type\":\"Ready\"}": { + ".": {}, + "f:lastProbeTime": {}, + "f:lastTransitionTime": {}, + "f:status": {}, + "f:type": {} + } + }, + "f:containerStatuses": {}, + "f:hostIP": {}, + "f:phase": {}, + "f:podIP": {}, + "f:podIPs": { + ".": {}, + "k:{\"ip\":\"10.244.1.4\"}": { + ".": {}, + "f:ip": {} + } + }, + "f:startTime": {} + } + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:26+00:00" + }, + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:labels": { + "f:tidb.pingcap.com/cluster-id": {}, + "f:tidb.pingcap.com/member-id": {} + } + } + }, + "manager": "tidb-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:55+00:00" + } + ], + "name": "test-cluster-pd-0", + "namespace": "acto-namespace", + "owner_references": [ + { + "api_version": "apps/v1", + "block_owner_deletion": true, + "controller": true, + "kind": "StatefulSet", + "name": "test-cluster-pd", + "uid": "88522170-1faf-4a03-8d4e-f4f6a40c72a7" + } + ], + "resource_version": "1412", + "self_link": null, + "uid": "801ba666-3b2f-49bf-aec4-e595107bc95d" + }, + "spec": { + "active_deadline_seconds": null, + "affinity": null, + "automount_service_account_token": null, + "containers": [ + { + "args": null, + "command": [ + "/bin/sh", + "/usr/local/bin/pd_start_script.sh" + ], + "env": [ + { + "name": "NAMESPACE", + "value": null, + "value_from": { + "config_map_key_ref": null, + "field_ref": { + "api_version": "v1", + "field_path": "metadata.namespace" + }, + "resource_field_ref": null, + "secret_key_ref": null + } + }, + { + "name": "PEER_SERVICE_NAME", + "value": "test-cluster-pd-peer", + "value_from": null + }, + { + "name": "SERVICE_NAME", + "value": "test-cluster-pd", + "value_from": null + }, + { + "name": "SET_NAME", + "value": "test-cluster-pd", + "value_from": null + }, + { + "name": "TZ", + "value": "UTC", + "value_from": null + } + ], + "env_from": null, + "image": "pingcap/pd:v5.4.0", + "image_pull_policy": "IfNotPresent", + "lifecycle": null, + "liveness_probe": null, + "name": "pd", + "ports": [ + { + "container_port": 2380, + "host_ip": null, + "host_port": null, + "name": "server", + "protocol": "TCP" + }, + { + "container_port": 2379, + "host_ip": null, + "host_port": null, + "name": "client", + "protocol": "TCP" + } + ], + "readiness_probe": null, + "resources": { + "claims": null, + "limits": null, + "requests": null + }, + "security_context": null, + "startup_probe": null, + "stdin": null, + "stdin_once": null, + "termination_message_path": "/dev/termination-log", + "termination_message_policy": "File", + "tty": null, + "volume_devices": null, + "volume_mounts": [ + { + "mount_path": "/etc/podinfo", + "mount_propagation": null, + "name": "annotations", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/etc/pd", + "mount_propagation": null, + "name": "config", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/usr/local/bin", + "mount_propagation": null, + "name": "startup-script", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/var/lib/pd", + "mount_propagation": null, + "name": "pd", + "read_only": null, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/var/run/secrets/kubernetes.io/serviceaccount", + "mount_propagation": null, + "name": "kube-api-access-jwwwg", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + } + ], + "working_dir": null + } + ], + "dns_config": null, + "dns_policy": "ClusterFirst", + "enable_service_links": true, + "ephemeral_containers": null, + "host_aliases": null, + "host_ipc": null, + "host_network": null, + "host_pid": null, + "host_users": null, + "hostname": "test-cluster-pd-0", + "image_pull_secrets": null, + "init_containers": null, + "node_name": "acto-0-cluster-0-worker", + "node_selector": null, + "os": null, + "overhead": null, + "preemption_policy": "PreemptLowerPriority", + "priority": 0, + "priority_class_name": null, + "readiness_gates": null, + "resource_claims": null, + "restart_policy": "Always", + "runtime_class_name": null, + "scheduler_name": "default-scheduler", + "scheduling_gates": null, + "security_context": { + "fs_group": null, + "fs_group_change_policy": null, + "run_as_group": null, + "run_as_non_root": null, + "run_as_user": null, + "se_linux_options": null, + "seccomp_profile": null, + "supplemental_groups": null, + "sysctls": null, + "windows_options": null + }, + "service_account": "default", + "service_account_name": "default", + "set_hostname_as_fqdn": null, + "share_process_namespace": null, + "subdomain": "test-cluster-pd-peer", + "termination_grace_period_seconds": 30, + "tolerations": [ + { + "effect": "NoExecute", + "key": "node.kubernetes.io/not-ready", + "operator": "Exists", + "toleration_seconds": 300, + "value": null + }, + { + "effect": "NoExecute", + "key": "node.kubernetes.io/unreachable", + "operator": "Exists", + "toleration_seconds": 300, + "value": null + } + ], + "topology_spread_constraints": null, + "volumes": [ + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "pd", + "nfs": null, + "persistent_volume_claim": { + "claim_name": "pd-test-cluster-pd-0", + "read_only": null + }, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": { + "default_mode": 420, + "items": [ + { + "field_ref": { + "api_version": "v1", + "field_path": "metadata.annotations" + }, + "mode": null, + "path": "annotations", + "resource_field_ref": null + } + ] + }, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "annotations", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": { + "default_mode": 420, + "items": [ + { + "key": "config-file", + "mode": null, + "path": "pd.toml" + } + ], + "name": "test-cluster-pd-3731616", + "optional": null + }, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "config", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": { + "default_mode": 420, + "items": [ + { + "key": "startup-script", + "mode": null, + "path": "pd_start_script.sh" + } + ], + "name": "test-cluster-pd-3731616", + "optional": null + }, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "startup-script", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "kube-api-access-jwwwg", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": { + "default_mode": 420, + "sources": [ + { + "config_map": null, + "downward_api": null, + "secret": null, + "service_account_token": { + "audience": null, + "expiration_seconds": 3607, + "path": "token" + } + }, + { + "config_map": { + "items": [ + { + "key": "ca.crt", + "mode": null, + "path": "ca.crt" + } + ], + "name": "kube-root-ca.crt", + "optional": null + }, + "downward_api": null, + "secret": null, + "service_account_token": null + }, + { + "config_map": null, + "downward_api": { + "items": [ + { + "field_ref": { + "api_version": "v1", + "field_path": "metadata.namespace" + }, + "mode": null, + "path": "namespace", + "resource_field_ref": null + } + ] + }, + "secret": null, + "service_account_token": null + } + ] + }, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + } + ] + }, + "status": { + "conditions": [ + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T01:20:03+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "Initialized" + }, + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T01:20:26+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "Ready" + }, + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T01:20:26+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "ContainersReady" + }, + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T01:20:03+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "PodScheduled" + } + ], + "container_statuses": [ + { + "container_id": "containerd://27a3d82f16f69a11bf9dde6813844be50e843e3d53d63a441944e1f441d505f1", + "image": "docker.io/pingcap/pd:v5.4.0", + "image_id": "docker.io/library/import-2024-02-27@sha256:e69d83ac856c43909b810402d2fcbeb543ca3580d5be3ecfc008c3f522d89285", + "last_state": { + "running": null, + "terminated": { + "container_id": "containerd://20f57c8c5b28a8a4e754d8f7119707034f67a46a84eaf63987e9d2de84921b4a", + "exit_code": 1, + "finished_at": "2024-02-27T01:20:24+00:00", + "message": null, + "reason": "Error", + "signal": null, + "started_at": "2024-02-27T01:20:04+00:00" + }, + "waiting": null + }, + "name": "pd", + "ready": true, + "restart_count": 1, + "started": true, + "state": { + "running": { + "started_at": "2024-02-27T01:20:25+00:00" + }, + "terminated": null, + "waiting": null + } + } + ], + "ephemeral_container_statuses": null, + "host_ip": "172.18.0.2", + "init_container_statuses": null, + "message": null, + "nominated_node_name": null, + "phase": "Running", + "pod_ip": "10.244.1.4", + "pod_i_ps": [ + { + "ip": "10.244.1.4" + } + ], + "qos_class": "BestEffort", + "reason": null, + "start_time": "2024-02-27T01:20:03+00:00" + } + }, + "test-cluster-pd-1": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": { + "prometheus.io/path": "/metrics", + "prometheus.io/port": "2379", + "prometheus.io/scrape": "true" + }, + "creation_timestamp": "2024-02-27T01:19:59+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": "test-cluster-pd-", + "generation": null, + "labels": { + "app.kubernetes.io/component": "pd", + "app.kubernetes.io/instance": "test-cluster", + "app.kubernetes.io/managed-by": "tidb-operator", + "app.kubernetes.io/name": "tidb-cluster", + "apps.kubernetes.io/pod-index": "1", + "controller-revision-hash": "test-cluster-pd-859db88ddf", + "statefulset.kubernetes.io/pod-name": "test-cluster-pd-1", + "tidb.pingcap.com/cluster-id": "7340085439264123903", + "tidb.pingcap.com/member-id": "13142663148032253862" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + ".": {}, + "f:prometheus.io/path": {}, + "f:prometheus.io/port": {}, + "f:prometheus.io/scrape": {} + }, + "f:generateName": {}, + "f:labels": { + ".": {}, + "f:app.kubernetes.io/component": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {}, + "f:apps.kubernetes.io/pod-index": {}, + "f:controller-revision-hash": {}, + "f:statefulset.kubernetes.io/pod-name": {} + }, + "f:ownerReferences": { + ".": {}, + "k:{\"uid\":\"88522170-1faf-4a03-8d4e-f4f6a40c72a7\"}": {} + } + }, + "f:spec": { + "f:containers": { + "k:{\"name\":\"pd\"}": { + ".": {}, + "f:command": {}, + "f:env": { + ".": {}, + "k:{\"name\":\"NAMESPACE\"}": { + ".": {}, + "f:name": {}, + "f:valueFrom": { + ".": {}, + "f:fieldRef": {} + } + }, + "k:{\"name\":\"PEER_SERVICE_NAME\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"SERVICE_NAME\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"SET_NAME\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"TZ\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + } + }, + "f:image": {}, + "f:imagePullPolicy": {}, + "f:name": {}, + "f:ports": { + ".": {}, + "k:{\"containerPort\":2379,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + }, + "k:{\"containerPort\":2380,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + } + }, + "f:resources": {}, + "f:terminationMessagePath": {}, + "f:terminationMessagePolicy": {}, + "f:volumeMounts": { + ".": {}, + "k:{\"mountPath\":\"/etc/pd\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {}, + "f:readOnly": {} + }, + "k:{\"mountPath\":\"/etc/podinfo\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {}, + "f:readOnly": {} + }, + "k:{\"mountPath\":\"/usr/local/bin\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {}, + "f:readOnly": {} + }, + "k:{\"mountPath\":\"/var/lib/pd\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {} + } + } + } + }, + "f:dnsPolicy": {}, + "f:enableServiceLinks": {}, + "f:hostname": {}, + "f:restartPolicy": {}, + "f:schedulerName": {}, + "f:securityContext": {}, + "f:subdomain": {}, + "f:terminationGracePeriodSeconds": {}, + "f:volumes": { + ".": {}, + "k:{\"name\":\"annotations\"}": { + ".": {}, + "f:downwardAPI": { + ".": {}, + "f:defaultMode": {}, + "f:items": {} + }, + "f:name": {} + }, + "k:{\"name\":\"config\"}": { + ".": {}, + "f:configMap": { + ".": {}, + "f:defaultMode": {}, + "f:items": {}, + "f:name": {} + }, + "f:name": {} + }, + "k:{\"name\":\"pd\"}": { + ".": {}, + "f:name": {}, + "f:persistentVolumeClaim": { + ".": {}, + "f:claimName": {} + } + }, + "k:{\"name\":\"startup-script\"}": { + ".": {}, + "f:configMap": { + ".": {}, + "f:defaultMode": {}, + "f:items": {}, + "f:name": {} + }, + "f:name": {} + } + } + } + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:59+00:00" + }, + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:status": { + "f:conditions": { + "k:{\"type\":\"ContainersReady\"}": { + ".": {}, + "f:lastProbeTime": {}, + "f:lastTransitionTime": {}, + "f:status": {}, + "f:type": {} + }, + "k:{\"type\":\"Initialized\"}": { + ".": {}, + "f:lastProbeTime": {}, + "f:lastTransitionTime": {}, + "f:status": {}, + "f:type": {} + }, + "k:{\"type\":\"Ready\"}": { + ".": {}, + "f:lastProbeTime": {}, + "f:lastTransitionTime": {}, + "f:status": {}, + "f:type": {} + } + }, + "f:containerStatuses": {}, + "f:hostIP": {}, + "f:phase": {}, + "f:podIP": {}, + "f:podIPs": { + ".": {}, + "k:{\"ip\":\"10.244.2.5\"}": { + ".": {}, + "f:ip": {} + } + }, + "f:startTime": {} + } + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:04+00:00" + }, + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:labels": { + "f:tidb.pingcap.com/cluster-id": {}, + "f:tidb.pingcap.com/member-id": {} + } + } + }, + "manager": "tidb-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:52+00:00" + } + ], + "name": "test-cluster-pd-1", + "namespace": "acto-namespace", + "owner_references": [ + { + "api_version": "apps/v1", + "block_owner_deletion": true, + "controller": true, + "kind": "StatefulSet", + "name": "test-cluster-pd", + "uid": "88522170-1faf-4a03-8d4e-f4f6a40c72a7" + } + ], + "resource_version": "1340", + "self_link": null, + "uid": "fddcab1c-5c70-49b9-8a97-afe4d7dec60e" + }, + "spec": { + "active_deadline_seconds": null, + "affinity": null, + "automount_service_account_token": null, + "containers": [ + { + "args": null, + "command": [ + "/bin/sh", + "/usr/local/bin/pd_start_script.sh" + ], + "env": [ + { + "name": "NAMESPACE", + "value": null, + "value_from": { + "config_map_key_ref": null, + "field_ref": { + "api_version": "v1", + "field_path": "metadata.namespace" + }, + "resource_field_ref": null, + "secret_key_ref": null + } + }, + { + "name": "PEER_SERVICE_NAME", + "value": "test-cluster-pd-peer", + "value_from": null + }, + { + "name": "SERVICE_NAME", + "value": "test-cluster-pd", + "value_from": null + }, + { + "name": "SET_NAME", + "value": "test-cluster-pd", + "value_from": null + }, + { + "name": "TZ", + "value": "UTC", + "value_from": null + } + ], + "env_from": null, + "image": "pingcap/pd:v5.4.0", + "image_pull_policy": "IfNotPresent", + "lifecycle": null, + "liveness_probe": null, + "name": "pd", + "ports": [ + { + "container_port": 2380, + "host_ip": null, + "host_port": null, + "name": "server", + "protocol": "TCP" + }, + { + "container_port": 2379, + "host_ip": null, + "host_port": null, + "name": "client", + "protocol": "TCP" + } + ], + "readiness_probe": null, + "resources": { + "claims": null, + "limits": null, + "requests": null + }, + "security_context": null, + "startup_probe": null, + "stdin": null, + "stdin_once": null, + "termination_message_path": "/dev/termination-log", + "termination_message_policy": "File", + "tty": null, + "volume_devices": null, + "volume_mounts": [ + { + "mount_path": "/etc/podinfo", + "mount_propagation": null, + "name": "annotations", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/etc/pd", + "mount_propagation": null, + "name": "config", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/usr/local/bin", + "mount_propagation": null, + "name": "startup-script", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/var/lib/pd", + "mount_propagation": null, + "name": "pd", + "read_only": null, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/var/run/secrets/kubernetes.io/serviceaccount", + "mount_propagation": null, + "name": "kube-api-access-bclcz", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + } + ], + "working_dir": null + } + ], + "dns_config": null, + "dns_policy": "ClusterFirst", + "enable_service_links": true, + "ephemeral_containers": null, + "host_aliases": null, + "host_ipc": null, + "host_network": null, + "host_pid": null, + "host_users": null, + "hostname": "test-cluster-pd-1", + "image_pull_secrets": null, + "init_containers": null, + "node_name": "acto-0-cluster-0-worker2", + "node_selector": null, + "os": null, + "overhead": null, + "preemption_policy": "PreemptLowerPriority", + "priority": 0, + "priority_class_name": null, + "readiness_gates": null, + "resource_claims": null, + "restart_policy": "Always", + "runtime_class_name": null, + "scheduler_name": "default-scheduler", + "scheduling_gates": null, + "security_context": { + "fs_group": null, + "fs_group_change_policy": null, + "run_as_group": null, + "run_as_non_root": null, + "run_as_user": null, + "se_linux_options": null, + "seccomp_profile": null, + "supplemental_groups": null, + "sysctls": null, + "windows_options": null + }, + "service_account": "default", + "service_account_name": "default", + "set_hostname_as_fqdn": null, + "share_process_namespace": null, + "subdomain": "test-cluster-pd-peer", + "termination_grace_period_seconds": 30, + "tolerations": [ + { + "effect": "NoExecute", + "key": "node.kubernetes.io/not-ready", + "operator": "Exists", + "toleration_seconds": 300, + "value": null + }, + { + "effect": "NoExecute", + "key": "node.kubernetes.io/unreachable", + "operator": "Exists", + "toleration_seconds": 300, + "value": null + } + ], + "topology_spread_constraints": null, + "volumes": [ + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "pd", + "nfs": null, + "persistent_volume_claim": { + "claim_name": "pd-test-cluster-pd-1", + "read_only": null + }, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": { + "default_mode": 420, + "items": [ + { + "field_ref": { + "api_version": "v1", + "field_path": "metadata.annotations" + }, + "mode": null, + "path": "annotations", + "resource_field_ref": null + } + ] + }, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "annotations", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": { + "default_mode": 420, + "items": [ + { + "key": "config-file", + "mode": null, + "path": "pd.toml" + } + ], + "name": "test-cluster-pd-3731616", + "optional": null + }, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "config", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": { + "default_mode": 420, + "items": [ + { + "key": "startup-script", + "mode": null, + "path": "pd_start_script.sh" + } + ], + "name": "test-cluster-pd-3731616", + "optional": null + }, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "startup-script", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "kube-api-access-bclcz", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": { + "default_mode": 420, + "sources": [ + { + "config_map": null, + "downward_api": null, + "secret": null, + "service_account_token": { + "audience": null, + "expiration_seconds": 3607, + "path": "token" + } + }, + { + "config_map": { + "items": [ + { + "key": "ca.crt", + "mode": null, + "path": "ca.crt" + } + ], + "name": "kube-root-ca.crt", + "optional": null + }, + "downward_api": null, + "secret": null, + "service_account_token": null + }, + { + "config_map": null, + "downward_api": { + "items": [ + { + "field_ref": { + "api_version": "v1", + "field_path": "metadata.namespace" + }, + "mode": null, + "path": "namespace", + "resource_field_ref": null + } + ] + }, + "secret": null, + "service_account_token": null + } + ] + }, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + } + ] + }, + "status": { + "conditions": [ + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T01:20:03+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "Initialized" + }, + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T01:20:04+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "Ready" + }, + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T01:20:04+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "ContainersReady" + }, + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T01:20:03+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "PodScheduled" + } + ], + "container_statuses": [ + { + "container_id": "containerd://0a7d143f5be0063988eb0aef7c4aa201ac0ecd29e34a77c5d3e3e0c4d420b13f", + "image": "docker.io/pingcap/pd:v5.4.0", + "image_id": "docker.io/library/import-2024-02-27@sha256:e69d83ac856c43909b810402d2fcbeb543ca3580d5be3ecfc008c3f522d89285", + "last_state": { + "running": null, + "terminated": null, + "waiting": null + }, + "name": "pd", + "ready": true, + "restart_count": 0, + "started": true, + "state": { + "running": { + "started_at": "2024-02-27T01:20:04+00:00" + }, + "terminated": null, + "waiting": null + } + } + ], + "ephemeral_container_statuses": null, + "host_ip": "172.18.0.5", + "init_container_statuses": null, + "message": null, + "nominated_node_name": null, + "phase": "Running", + "pod_ip": "10.244.2.5", + "pod_i_ps": [ + { + "ip": "10.244.2.5" + } + ], + "qos_class": "BestEffort", + "reason": null, + "start_time": "2024-02-27T01:20:03+00:00" + } + }, + "test-cluster-pd-2": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": { + "prometheus.io/path": "/metrics", + "prometheus.io/port": "2379", + "prometheus.io/scrape": "true" + }, + "creation_timestamp": "2024-02-27T01:19:59+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": "test-cluster-pd-", + "generation": null, + "labels": { + "app.kubernetes.io/component": "pd", + "app.kubernetes.io/instance": "test-cluster", + "app.kubernetes.io/managed-by": "tidb-operator", + "app.kubernetes.io/name": "tidb-cluster", + "apps.kubernetes.io/pod-index": "2", + "controller-revision-hash": "test-cluster-pd-859db88ddf", + "statefulset.kubernetes.io/pod-name": "test-cluster-pd-2", + "tidb.pingcap.com/cluster-id": "7340085439264123903", + "tidb.pingcap.com/member-id": "5110389971597451409" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + ".": {}, + "f:prometheus.io/path": {}, + "f:prometheus.io/port": {}, + "f:prometheus.io/scrape": {} + }, + "f:generateName": {}, + "f:labels": { + ".": {}, + "f:app.kubernetes.io/component": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {}, + "f:apps.kubernetes.io/pod-index": {}, + "f:controller-revision-hash": {}, + "f:statefulset.kubernetes.io/pod-name": {} + }, + "f:ownerReferences": { + ".": {}, + "k:{\"uid\":\"88522170-1faf-4a03-8d4e-f4f6a40c72a7\"}": {} + } + }, + "f:spec": { + "f:containers": { + "k:{\"name\":\"pd\"}": { + ".": {}, + "f:command": {}, + "f:env": { + ".": {}, + "k:{\"name\":\"NAMESPACE\"}": { + ".": {}, + "f:name": {}, + "f:valueFrom": { + ".": {}, + "f:fieldRef": {} + } + }, + "k:{\"name\":\"PEER_SERVICE_NAME\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"SERVICE_NAME\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"SET_NAME\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"TZ\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + } + }, + "f:image": {}, + "f:imagePullPolicy": {}, + "f:name": {}, + "f:ports": { + ".": {}, + "k:{\"containerPort\":2379,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + }, + "k:{\"containerPort\":2380,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + } + }, + "f:resources": {}, + "f:terminationMessagePath": {}, + "f:terminationMessagePolicy": {}, + "f:volumeMounts": { + ".": {}, + "k:{\"mountPath\":\"/etc/pd\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {}, + "f:readOnly": {} + }, + "k:{\"mountPath\":\"/etc/podinfo\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {}, + "f:readOnly": {} + }, + "k:{\"mountPath\":\"/usr/local/bin\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {}, + "f:readOnly": {} + }, + "k:{\"mountPath\":\"/var/lib/pd\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {} + } + } + } + }, + "f:dnsPolicy": {}, + "f:enableServiceLinks": {}, + "f:hostname": {}, + "f:restartPolicy": {}, + "f:schedulerName": {}, + "f:securityContext": {}, + "f:subdomain": {}, + "f:terminationGracePeriodSeconds": {}, + "f:volumes": { + ".": {}, + "k:{\"name\":\"annotations\"}": { + ".": {}, + "f:downwardAPI": { + ".": {}, + "f:defaultMode": {}, + "f:items": {} + }, + "f:name": {} + }, + "k:{\"name\":\"config\"}": { + ".": {}, + "f:configMap": { + ".": {}, + "f:defaultMode": {}, + "f:items": {}, + "f:name": {} + }, + "f:name": {} + }, + "k:{\"name\":\"pd\"}": { + ".": {}, + "f:name": {}, + "f:persistentVolumeClaim": { + ".": {}, + "f:claimName": {} + } + }, + "k:{\"name\":\"startup-script\"}": { + ".": {}, + "f:configMap": { + ".": {}, + "f:defaultMode": {}, + "f:items": {}, + "f:name": {} + }, + "f:name": {} + } + } + } + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:59+00:00" + }, + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:status": { + "f:conditions": { + "k:{\"type\":\"ContainersReady\"}": { + ".": {}, + "f:lastProbeTime": {}, + "f:lastTransitionTime": {}, + "f:status": {}, + "f:type": {} + }, + "k:{\"type\":\"Initialized\"}": { + ".": {}, + "f:lastProbeTime": {}, + "f:lastTransitionTime": {}, + "f:status": {}, + "f:type": {} + }, + "k:{\"type\":\"Ready\"}": { + ".": {}, + "f:lastProbeTime": {}, + "f:lastTransitionTime": {}, + "f:status": {}, + "f:type": {} + } + }, + "f:containerStatuses": {}, + "f:hostIP": {}, + "f:phase": {}, + "f:podIP": {}, + "f:podIPs": { + ".": {}, + "k:{\"ip\":\"10.244.3.5\"}": { + ".": {}, + "f:ip": {} + } + }, + "f:startTime": {} + } + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:05+00:00" + }, + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:labels": { + "f:tidb.pingcap.com/cluster-id": {}, + "f:tidb.pingcap.com/member-id": {} + } + } + }, + "manager": "tidb-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:52+00:00" + } + ], + "name": "test-cluster-pd-2", + "namespace": "acto-namespace", + "owner_references": [ + { + "api_version": "apps/v1", + "block_owner_deletion": true, + "controller": true, + "kind": "StatefulSet", + "name": "test-cluster-pd", + "uid": "88522170-1faf-4a03-8d4e-f4f6a40c72a7" + } + ], + "resource_version": "1354", + "self_link": null, + "uid": "6c47980f-aa16-4023-b5b9-150257844cb0" + }, + "spec": { + "active_deadline_seconds": null, + "affinity": null, + "automount_service_account_token": null, + "containers": [ + { + "args": null, + "command": [ + "/bin/sh", + "/usr/local/bin/pd_start_script.sh" + ], + "env": [ + { + "name": "NAMESPACE", + "value": null, + "value_from": { + "config_map_key_ref": null, + "field_ref": { + "api_version": "v1", + "field_path": "metadata.namespace" + }, + "resource_field_ref": null, + "secret_key_ref": null + } + }, + { + "name": "PEER_SERVICE_NAME", + "value": "test-cluster-pd-peer", + "value_from": null + }, + { + "name": "SERVICE_NAME", + "value": "test-cluster-pd", + "value_from": null + }, + { + "name": "SET_NAME", + "value": "test-cluster-pd", + "value_from": null + }, + { + "name": "TZ", + "value": "UTC", + "value_from": null + } + ], + "env_from": null, + "image": "pingcap/pd:v5.4.0", + "image_pull_policy": "IfNotPresent", + "lifecycle": null, + "liveness_probe": null, + "name": "pd", + "ports": [ + { + "container_port": 2380, + "host_ip": null, + "host_port": null, + "name": "server", + "protocol": "TCP" + }, + { + "container_port": 2379, + "host_ip": null, + "host_port": null, + "name": "client", + "protocol": "TCP" + } + ], + "readiness_probe": null, + "resources": { + "claims": null, + "limits": null, + "requests": null + }, + "security_context": null, + "startup_probe": null, + "stdin": null, + "stdin_once": null, + "termination_message_path": "/dev/termination-log", + "termination_message_policy": "File", + "tty": null, + "volume_devices": null, + "volume_mounts": [ + { + "mount_path": "/etc/podinfo", + "mount_propagation": null, + "name": "annotations", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/etc/pd", + "mount_propagation": null, + "name": "config", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/usr/local/bin", + "mount_propagation": null, + "name": "startup-script", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/var/lib/pd", + "mount_propagation": null, + "name": "pd", + "read_only": null, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/var/run/secrets/kubernetes.io/serviceaccount", + "mount_propagation": null, + "name": "kube-api-access-656c8", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + } + ], + "working_dir": null + } + ], + "dns_config": null, + "dns_policy": "ClusterFirst", + "enable_service_links": true, + "ephemeral_containers": null, + "host_aliases": null, + "host_ipc": null, + "host_network": null, + "host_pid": null, + "host_users": null, + "hostname": "test-cluster-pd-2", + "image_pull_secrets": null, + "init_containers": null, + "node_name": "acto-0-cluster-0-worker3", + "node_selector": null, + "os": null, + "overhead": null, + "preemption_policy": "PreemptLowerPriority", + "priority": 0, + "priority_class_name": null, + "readiness_gates": null, + "resource_claims": null, + "restart_policy": "Always", + "runtime_class_name": null, + "scheduler_name": "default-scheduler", + "scheduling_gates": null, + "security_context": { + "fs_group": null, + "fs_group_change_policy": null, + "run_as_group": null, + "run_as_non_root": null, + "run_as_user": null, + "se_linux_options": null, + "seccomp_profile": null, + "supplemental_groups": null, + "sysctls": null, + "windows_options": null + }, + "service_account": "default", + "service_account_name": "default", + "set_hostname_as_fqdn": null, + "share_process_namespace": null, + "subdomain": "test-cluster-pd-peer", + "termination_grace_period_seconds": 30, + "tolerations": [ + { + "effect": "NoExecute", + "key": "node.kubernetes.io/not-ready", + "operator": "Exists", + "toleration_seconds": 300, + "value": null + }, + { + "effect": "NoExecute", + "key": "node.kubernetes.io/unreachable", + "operator": "Exists", + "toleration_seconds": 300, + "value": null + } + ], + "topology_spread_constraints": null, + "volumes": [ + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "pd", + "nfs": null, + "persistent_volume_claim": { + "claim_name": "pd-test-cluster-pd-2", + "read_only": null + }, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": { + "default_mode": 420, + "items": [ + { + "field_ref": { + "api_version": "v1", + "field_path": "metadata.annotations" + }, + "mode": null, + "path": "annotations", + "resource_field_ref": null + } + ] + }, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "annotations", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": { + "default_mode": 420, + "items": [ + { + "key": "config-file", + "mode": null, + "path": "pd.toml" + } + ], + "name": "test-cluster-pd-3731616", + "optional": null + }, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "config", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": { + "default_mode": 420, + "items": [ + { + "key": "startup-script", + "mode": null, + "path": "pd_start_script.sh" + } + ], + "name": "test-cluster-pd-3731616", + "optional": null + }, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "startup-script", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "kube-api-access-656c8", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": { + "default_mode": 420, + "sources": [ + { + "config_map": null, + "downward_api": null, + "secret": null, + "service_account_token": { + "audience": null, + "expiration_seconds": 3607, + "path": "token" + } + }, + { + "config_map": { + "items": [ + { + "key": "ca.crt", + "mode": null, + "path": "ca.crt" + } + ], + "name": "kube-root-ca.crt", + "optional": null + }, + "downward_api": null, + "secret": null, + "service_account_token": null + }, + { + "config_map": null, + "downward_api": { + "items": [ + { + "field_ref": { + "api_version": "v1", + "field_path": "metadata.namespace" + }, + "mode": null, + "path": "namespace", + "resource_field_ref": null + } + ] + }, + "secret": null, + "service_account_token": null + } + ] + }, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + } + ] + }, + "status": { + "conditions": [ + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T01:20:03+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "Initialized" + }, + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T01:20:05+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "Ready" + }, + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T01:20:05+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "ContainersReady" + }, + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T01:20:03+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "PodScheduled" + } + ], + "container_statuses": [ + { + "container_id": "containerd://4cfe567e533bd251147cb392cc365315c020abcd2441c32cdfffc0a08ad62b43", + "image": "docker.io/pingcap/pd:v5.4.0", + "image_id": "docker.io/library/import-2024-02-27@sha256:e69d83ac856c43909b810402d2fcbeb543ca3580d5be3ecfc008c3f522d89285", + "last_state": { + "running": null, + "terminated": null, + "waiting": null + }, + "name": "pd", + "ready": true, + "restart_count": 0, + "started": true, + "state": { + "running": { + "started_at": "2024-02-27T01:20:04+00:00" + }, + "terminated": null, + "waiting": null + } + } + ], + "ephemeral_container_statuses": null, + "host_ip": "172.18.0.3", + "init_container_statuses": null, + "message": null, + "nominated_node_name": null, + "phase": "Running", + "pod_ip": "10.244.3.5", + "pod_i_ps": [ + { + "ip": "10.244.3.5" + } + ], + "qos_class": "BestEffort", + "reason": null, + "start_time": "2024-02-27T01:20:03+00:00" + } + }, + "test-cluster-tidb-0": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": { + "prometheus.io/path": "/metrics", + "prometheus.io/port": "10080", + "prometheus.io/scrape": "true" + }, + "creation_timestamp": "2024-02-27T01:20:52+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": "test-cluster-tidb-", + "generation": null, + "labels": { + "app.kubernetes.io/component": "tidb", + "app.kubernetes.io/instance": "test-cluster", + "app.kubernetes.io/managed-by": "tidb-operator", + "app.kubernetes.io/name": "tidb-cluster", + "apps.kubernetes.io/pod-index": "0", + "controller-revision-hash": "test-cluster-tidb-788bdc6cfc", + "statefulset.kubernetes.io/pod-name": "test-cluster-tidb-0", + "tidb.pingcap.com/cluster-id": "7340085439264123903" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + ".": {}, + "f:prometheus.io/path": {}, + "f:prometheus.io/port": {}, + "f:prometheus.io/scrape": {} + }, + "f:generateName": {}, + "f:labels": { + ".": {}, + "f:app.kubernetes.io/component": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {}, + "f:apps.kubernetes.io/pod-index": {}, + "f:controller-revision-hash": {}, + "f:statefulset.kubernetes.io/pod-name": {} + }, + "f:ownerReferences": { + ".": {}, + "k:{\"uid\":\"275a96f1-4db6-4070-a665-2df5d784b843\"}": {} + } + }, + "f:spec": { + "f:containers": { + "k:{\"name\":\"slowlog\"}": { + ".": {}, + "f:command": {}, + "f:image": {}, + "f:imagePullPolicy": {}, + "f:name": {}, + "f:resources": {}, + "f:terminationMessagePath": {}, + "f:terminationMessagePolicy": {}, + "f:volumeMounts": { + ".": {}, + "k:{\"mountPath\":\"/var/log/tidb\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {} + } + } + }, + "k:{\"name\":\"tidb\"}": { + ".": {}, + "f:command": {}, + "f:env": { + ".": {}, + "k:{\"name\":\"BINLOG_ENABLED\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"CLUSTER_NAME\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"HEADLESS_SERVICE_NAME\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"NAMESPACE\"}": { + ".": {}, + "f:name": {}, + "f:valueFrom": { + ".": {}, + "f:fieldRef": {} + } + }, + "k:{\"name\":\"POD_NAME\"}": { + ".": {}, + "f:name": {}, + "f:valueFrom": { + ".": {}, + "f:fieldRef": {} + } + }, + "k:{\"name\":\"SLOW_LOG_FILE\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"TZ\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + } + }, + "f:image": {}, + "f:imagePullPolicy": {}, + "f:name": {}, + "f:ports": { + ".": {}, + "k:{\"containerPort\":4000,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + }, + "k:{\"containerPort\":10080,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + } + }, + "f:readinessProbe": { + ".": {}, + "f:failureThreshold": {}, + "f:initialDelaySeconds": {}, + "f:periodSeconds": {}, + "f:successThreshold": {}, + "f:tcpSocket": { + ".": {}, + "f:port": {} + }, + "f:timeoutSeconds": {} + }, + "f:resources": {}, + "f:terminationMessagePath": {}, + "f:terminationMessagePolicy": {}, + "f:volumeMounts": { + ".": {}, + "k:{\"mountPath\":\"/etc/podinfo\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {}, + "f:readOnly": {} + }, + "k:{\"mountPath\":\"/etc/tidb\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {}, + "f:readOnly": {} + }, + "k:{\"mountPath\":\"/usr/local/bin\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {}, + "f:readOnly": {} + }, + "k:{\"mountPath\":\"/var/log/tidb\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {} + } + } + } + }, + "f:dnsPolicy": {}, + "f:enableServiceLinks": {}, + "f:hostname": {}, + "f:restartPolicy": {}, + "f:schedulerName": {}, + "f:securityContext": {}, + "f:subdomain": {}, + "f:terminationGracePeriodSeconds": {}, + "f:volumes": { + ".": {}, + "k:{\"name\":\"annotations\"}": { + ".": {}, + "f:downwardAPI": { + ".": {}, + "f:defaultMode": {}, + "f:items": {} + }, + "f:name": {} + }, + "k:{\"name\":\"config\"}": { + ".": {}, + "f:configMap": { + ".": {}, + "f:defaultMode": {}, + "f:items": {}, + "f:name": {} + }, + "f:name": {} + }, + "k:{\"name\":\"slowlog\"}": { + ".": {}, + "f:emptyDir": {}, + "f:name": {} + }, + "k:{\"name\":\"startup-script\"}": { + ".": {}, + "f:configMap": { + ".": {}, + "f:defaultMode": {}, + "f:items": {}, + "f:name": {} + }, + "f:name": {} + } + } + } + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:52+00:00" + }, + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:status": { + "f:conditions": { + "k:{\"type\":\"ContainersReady\"}": { + ".": {}, + "f:lastProbeTime": {}, + "f:type": {} + }, + "k:{\"type\":\"Initialized\"}": { + ".": {}, + "f:lastProbeTime": {}, + "f:lastTransitionTime": {}, + "f:status": {}, + "f:type": {} + }, + "k:{\"type\":\"Ready\"}": { + ".": {}, + "f:lastProbeTime": {}, + "f:type": {} + } + }, + "f:hostIP": {}, + "f:phase": {}, + "f:podIP": {}, + "f:podIPs": { + ".": {}, + "k:{\"ip\":\"10.244.1.7\"}": { + ".": {}, + "f:ip": {} + } + }, + "f:startTime": {} + } + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:53+00:00" + }, + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:labels": { + "f:tidb.pingcap.com/cluster-id": {} + } + } + }, + "manager": "tidb-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:56+00:00" + }, + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:status": { + "f:conditions": { + "k:{\"type\":\"ContainersReady\"}": { + "f:lastTransitionTime": {}, + "f:status": {} + }, + "k:{\"type\":\"Ready\"}": { + "f:lastTransitionTime": {}, + "f:status": {} + } + }, + "f:containerStatuses": {} + } + }, + "manager": "kubelet", + "operation": "Update", + "subresource": "status", + "time": "2024-02-27T01:21:12+00:00" + } + ], + "name": "test-cluster-tidb-0", + "namespace": "acto-namespace", + "owner_references": [ + { + "api_version": "apps/v1", + "block_owner_deletion": true, + "controller": true, + "kind": "StatefulSet", + "name": "test-cluster-tidb", + "uid": "275a96f1-4db6-4070-a665-2df5d784b843" + } + ], + "resource_version": "1476", + "self_link": null, + "uid": "33b4a064-47e7-4ea8-a6eb-4638ba7c5753" + }, + "spec": { + "active_deadline_seconds": null, + "affinity": null, + "automount_service_account_token": null, + "containers": [ + { + "args": null, + "command": [ + "sh", + "-c", + "touch /var/log/tidb/slowlog; tail -n0 -F /var/log/tidb/slowlog;" + ], + "env": null, + "env_from": null, + "image": "busybox:1.34.1", + "image_pull_policy": "IfNotPresent", + "lifecycle": null, + "liveness_probe": null, + "name": "slowlog", + "ports": null, + "readiness_probe": null, + "resources": { + "claims": null, + "limits": null, + "requests": null + }, + "security_context": null, + "startup_probe": null, + "stdin": null, + "stdin_once": null, + "termination_message_path": "/dev/termination-log", + "termination_message_policy": "File", + "tty": null, + "volume_devices": null, + "volume_mounts": [ + { + "mount_path": "/var/log/tidb", + "mount_propagation": null, + "name": "slowlog", + "read_only": null, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/var/run/secrets/kubernetes.io/serviceaccount", + "mount_propagation": null, + "name": "kube-api-access-bn9wq", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + } + ], + "working_dir": null + }, + { + "args": null, + "command": [ + "/bin/sh", + "/usr/local/bin/tidb_start_script.sh" + ], + "env": [ + { + "name": "CLUSTER_NAME", + "value": "test-cluster", + "value_from": null + }, + { + "name": "TZ", + "value": "UTC", + "value_from": null + }, + { + "name": "BINLOG_ENABLED", + "value": "false", + "value_from": null + }, + { + "name": "SLOW_LOG_FILE", + "value": "/var/log/tidb/slowlog", + "value_from": null + }, + { + "name": "POD_NAME", + "value": null, + "value_from": { + "config_map_key_ref": null, + "field_ref": { + "api_version": "v1", + "field_path": "metadata.name" + }, + "resource_field_ref": null, + "secret_key_ref": null + } + }, + { + "name": "NAMESPACE", + "value": null, + "value_from": { + "config_map_key_ref": null, + "field_ref": { + "api_version": "v1", + "field_path": "metadata.namespace" + }, + "resource_field_ref": null, + "secret_key_ref": null + } + }, + { + "name": "HEADLESS_SERVICE_NAME", + "value": "test-cluster-tidb-peer", + "value_from": null + } + ], + "env_from": null, + "image": "pingcap/tidb:v5.4.0", + "image_pull_policy": "IfNotPresent", + "lifecycle": null, + "liveness_probe": null, + "name": "tidb", + "ports": [ + { + "container_port": 4000, + "host_ip": null, + "host_port": null, + "name": "server", + "protocol": "TCP" + }, + { + "container_port": 10080, + "host_ip": null, + "host_port": null, + "name": "status", + "protocol": "TCP" + } + ], + "readiness_probe": { + "_exec": null, + "failure_threshold": 3, + "grpc": null, + "http_get": null, + "initial_delay_seconds": 10, + "period_seconds": 10, + "success_threshold": 1, + "tcp_socket": { + "host": null, + "port": 4000 + }, + "termination_grace_period_seconds": null, + "timeout_seconds": 1 + }, + "resources": { + "claims": null, + "limits": null, + "requests": null + }, + "security_context": null, + "startup_probe": null, + "stdin": null, + "stdin_once": null, + "termination_message_path": "/dev/termination-log", + "termination_message_policy": "File", + "tty": null, + "volume_devices": null, + "volume_mounts": [ + { + "mount_path": "/etc/podinfo", + "mount_propagation": null, + "name": "annotations", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/etc/tidb", + "mount_propagation": null, + "name": "config", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/usr/local/bin", + "mount_propagation": null, + "name": "startup-script", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/var/log/tidb", + "mount_propagation": null, + "name": "slowlog", + "read_only": null, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/var/run/secrets/kubernetes.io/serviceaccount", + "mount_propagation": null, + "name": "kube-api-access-bn9wq", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + } + ], + "working_dir": null + } + ], + "dns_config": null, + "dns_policy": "ClusterFirst", + "enable_service_links": true, + "ephemeral_containers": null, + "host_aliases": null, + "host_ipc": null, + "host_network": null, + "host_pid": null, + "host_users": null, + "hostname": "test-cluster-tidb-0", + "image_pull_secrets": null, + "init_containers": null, + "node_name": "acto-0-cluster-0-worker", + "node_selector": null, + "os": null, + "overhead": null, + "preemption_policy": "PreemptLowerPriority", + "priority": 0, + "priority_class_name": null, + "readiness_gates": null, + "resource_claims": null, + "restart_policy": "Always", + "runtime_class_name": null, + "scheduler_name": "default-scheduler", + "scheduling_gates": null, + "security_context": { + "fs_group": null, + "fs_group_change_policy": null, + "run_as_group": null, + "run_as_non_root": null, + "run_as_user": null, + "se_linux_options": null, + "seccomp_profile": null, + "supplemental_groups": null, + "sysctls": null, + "windows_options": null + }, + "service_account": "default", + "service_account_name": "default", + "set_hostname_as_fqdn": null, + "share_process_namespace": null, + "subdomain": "test-cluster-tidb-peer", + "termination_grace_period_seconds": 30, + "tolerations": [ + { + "effect": "NoExecute", + "key": "node.kubernetes.io/not-ready", + "operator": "Exists", + "toleration_seconds": 300, + "value": null + }, + { + "effect": "NoExecute", + "key": "node.kubernetes.io/unreachable", + "operator": "Exists", + "toleration_seconds": 300, + "value": null + } + ], + "topology_spread_constraints": null, + "volumes": [ + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": { + "default_mode": 420, + "items": [ + { + "field_ref": { + "api_version": "v1", + "field_path": "metadata.annotations" + }, + "mode": null, + "path": "annotations", + "resource_field_ref": null + } + ] + }, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "annotations", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": { + "default_mode": 420, + "items": [ + { + "key": "config-file", + "mode": null, + "path": "tidb.toml" + } + ], + "name": "test-cluster-tidb-6662316", + "optional": null + }, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "config", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": { + "default_mode": 420, + "items": [ + { + "key": "startup-script", + "mode": null, + "path": "tidb_start_script.sh" + } + ], + "name": "test-cluster-tidb-6662316", + "optional": null + }, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "startup-script", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": null, + "empty_dir": { + "medium": null, + "size_limit": null + }, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "slowlog", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "kube-api-access-bn9wq", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": { + "default_mode": 420, + "sources": [ + { + "config_map": null, + "downward_api": null, + "secret": null, + "service_account_token": { + "audience": null, + "expiration_seconds": 3607, + "path": "token" + } + }, + { + "config_map": { + "items": [ + { + "key": "ca.crt", + "mode": null, + "path": "ca.crt" + } + ], + "name": "kube-root-ca.crt", + "optional": null + }, + "downward_api": null, + "secret": null, + "service_account_token": null + }, + { + "config_map": null, + "downward_api": { + "items": [ + { + "field_ref": { + "api_version": "v1", + "field_path": "metadata.namespace" + }, + "mode": null, + "path": "namespace", + "resource_field_ref": null + } + ] + }, + "secret": null, + "service_account_token": null + } + ] + }, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + } + ] + }, + "status": { + "conditions": [ + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T01:20:52+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "Initialized" + }, + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T01:21:12+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "Ready" + }, + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T01:21:12+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "ContainersReady" + }, + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T01:20:52+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "PodScheduled" + } + ], + "container_statuses": [ + { + "container_id": "containerd://2ad24452cf6402683212a2d6d2849bc1145c5e44bddeb8e4baa6302f36f3a8c7", + "image": "docker.io/library/busybox:1.34.1", + "image_id": "docker.io/library/import-2024-02-27@sha256:c4d04d75f4fed737c946055f12e8eae66b6272e59afc5c9ed865428d7c215dad", + "last_state": { + "running": null, + "terminated": null, + "waiting": null + }, + "name": "slowlog", + "ready": true, + "restart_count": 0, + "started": true, + "state": { + "running": { + "started_at": "2024-02-27T01:20:52+00:00" + }, + "terminated": null, + "waiting": null + } + }, + { + "container_id": "containerd://f444e63c46317f049b2930f01b3386f18d2cbd204fef61c0c0959c564a310e03", + "image": "docker.io/pingcap/tidb:v5.4.0", + "image_id": "docker.io/library/import-2024-02-27@sha256:a79108254173688e4d6f8502e165ed9ef323e4af82c390a2afa40c6dfa4aa712", + "last_state": { + "running": null, + "terminated": null, + "waiting": null + }, + "name": "tidb", + "ready": true, + "restart_count": 0, + "started": true, + "state": { + "running": { + "started_at": "2024-02-27T01:20:53+00:00" + }, + "terminated": null, + "waiting": null + } + } + ], + "ephemeral_container_statuses": null, + "host_ip": "172.18.0.2", + "init_container_statuses": null, + "message": null, + "nominated_node_name": null, + "phase": "Running", + "pod_ip": "10.244.1.7", + "pod_i_ps": [ + { + "ip": "10.244.1.7" + } + ], + "qos_class": "BestEffort", + "reason": null, + "start_time": "2024-02-27T01:20:52+00:00" + } + }, + "test-cluster-tidb-1": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": { + "prometheus.io/path": "/metrics", + "prometheus.io/port": "10080", + "prometheus.io/scrape": "true" + }, + "creation_timestamp": "2024-02-27T01:20:52+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": "test-cluster-tidb-", + "generation": null, + "labels": { + "app.kubernetes.io/component": "tidb", + "app.kubernetes.io/instance": "test-cluster", + "app.kubernetes.io/managed-by": "tidb-operator", + "app.kubernetes.io/name": "tidb-cluster", + "apps.kubernetes.io/pod-index": "1", + "controller-revision-hash": "test-cluster-tidb-788bdc6cfc", + "statefulset.kubernetes.io/pod-name": "test-cluster-tidb-1", + "tidb.pingcap.com/cluster-id": "7340085439264123903" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + ".": {}, + "f:prometheus.io/path": {}, + "f:prometheus.io/port": {}, + "f:prometheus.io/scrape": {} + }, + "f:generateName": {}, + "f:labels": { + ".": {}, + "f:app.kubernetes.io/component": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {}, + "f:apps.kubernetes.io/pod-index": {}, + "f:controller-revision-hash": {}, + "f:statefulset.kubernetes.io/pod-name": {} + }, + "f:ownerReferences": { + ".": {}, + "k:{\"uid\":\"275a96f1-4db6-4070-a665-2df5d784b843\"}": {} + } + }, + "f:spec": { + "f:containers": { + "k:{\"name\":\"slowlog\"}": { + ".": {}, + "f:command": {}, + "f:image": {}, + "f:imagePullPolicy": {}, + "f:name": {}, + "f:resources": {}, + "f:terminationMessagePath": {}, + "f:terminationMessagePolicy": {}, + "f:volumeMounts": { + ".": {}, + "k:{\"mountPath\":\"/var/log/tidb\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {} + } + } + }, + "k:{\"name\":\"tidb\"}": { + ".": {}, + "f:command": {}, + "f:env": { + ".": {}, + "k:{\"name\":\"BINLOG_ENABLED\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"CLUSTER_NAME\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"HEADLESS_SERVICE_NAME\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"NAMESPACE\"}": { + ".": {}, + "f:name": {}, + "f:valueFrom": { + ".": {}, + "f:fieldRef": {} + } + }, + "k:{\"name\":\"POD_NAME\"}": { + ".": {}, + "f:name": {}, + "f:valueFrom": { + ".": {}, + "f:fieldRef": {} + } + }, + "k:{\"name\":\"SLOW_LOG_FILE\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"TZ\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + } + }, + "f:image": {}, + "f:imagePullPolicy": {}, + "f:name": {}, + "f:ports": { + ".": {}, + "k:{\"containerPort\":4000,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + }, + "k:{\"containerPort\":10080,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + } + }, + "f:readinessProbe": { + ".": {}, + "f:failureThreshold": {}, + "f:initialDelaySeconds": {}, + "f:periodSeconds": {}, + "f:successThreshold": {}, + "f:tcpSocket": { + ".": {}, + "f:port": {} + }, + "f:timeoutSeconds": {} + }, + "f:resources": {}, + "f:terminationMessagePath": {}, + "f:terminationMessagePolicy": {}, + "f:volumeMounts": { + ".": {}, + "k:{\"mountPath\":\"/etc/podinfo\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {}, + "f:readOnly": {} + }, + "k:{\"mountPath\":\"/etc/tidb\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {}, + "f:readOnly": {} + }, + "k:{\"mountPath\":\"/usr/local/bin\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {}, + "f:readOnly": {} + }, + "k:{\"mountPath\":\"/var/log/tidb\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {} + } + } + } + }, + "f:dnsPolicy": {}, + "f:enableServiceLinks": {}, + "f:hostname": {}, + "f:restartPolicy": {}, + "f:schedulerName": {}, + "f:securityContext": {}, + "f:subdomain": {}, + "f:terminationGracePeriodSeconds": {}, + "f:volumes": { + ".": {}, + "k:{\"name\":\"annotations\"}": { + ".": {}, + "f:downwardAPI": { + ".": {}, + "f:defaultMode": {}, + "f:items": {} + }, + "f:name": {} + }, + "k:{\"name\":\"config\"}": { + ".": {}, + "f:configMap": { + ".": {}, + "f:defaultMode": {}, + "f:items": {}, + "f:name": {} + }, + "f:name": {} + }, + "k:{\"name\":\"slowlog\"}": { + ".": {}, + "f:emptyDir": {}, + "f:name": {} + }, + "k:{\"name\":\"startup-script\"}": { + ".": {}, + "f:configMap": { + ".": {}, + "f:defaultMode": {}, + "f:items": {}, + "f:name": {} + }, + "f:name": {} + } + } + } + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:52+00:00" + }, + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:status": { + "f:conditions": { + "k:{\"type\":\"ContainersReady\"}": { + ".": {}, + "f:lastProbeTime": {}, + "f:type": {} + }, + "k:{\"type\":\"Initialized\"}": { + ".": {}, + "f:lastProbeTime": {}, + "f:lastTransitionTime": {}, + "f:status": {}, + "f:type": {} + }, + "k:{\"type\":\"Ready\"}": { + ".": {}, + "f:lastProbeTime": {}, + "f:type": {} + } + }, + "f:hostIP": {}, + "f:phase": {}, + "f:podIP": {}, + "f:podIPs": { + ".": {}, + "k:{\"ip\":\"10.244.2.8\"}": { + ".": {}, + "f:ip": {} + } + }, + "f:startTime": {} + } + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:53+00:00" + }, + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:labels": { + "f:tidb.pingcap.com/cluster-id": {} + } + } + }, + "manager": "tidb-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:56+00:00" + }, + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:status": { + "f:conditions": { + "k:{\"type\":\"ContainersReady\"}": { + "f:lastTransitionTime": {}, + "f:status": {} + }, + "k:{\"type\":\"Ready\"}": { + "f:lastTransitionTime": {}, + "f:status": {} + } + }, + "f:containerStatuses": {} + } + }, + "manager": "kubelet", + "operation": "Update", + "subresource": "status", + "time": "2024-02-27T01:21:12+00:00" + } + ], + "name": "test-cluster-tidb-1", + "namespace": "acto-namespace", + "owner_references": [ + { + "api_version": "apps/v1", + "block_owner_deletion": true, + "controller": true, + "kind": "StatefulSet", + "name": "test-cluster-tidb", + "uid": "275a96f1-4db6-4070-a665-2df5d784b843" + } + ], + "resource_version": "1471", + "self_link": null, + "uid": "b39da1e7-81ed-4250-9545-8ebd713753dc" + }, + "spec": { + "active_deadline_seconds": null, + "affinity": null, + "automount_service_account_token": null, + "containers": [ + { + "args": null, + "command": [ + "sh", + "-c", + "touch /var/log/tidb/slowlog; tail -n0 -F /var/log/tidb/slowlog;" + ], + "env": null, + "env_from": null, + "image": "busybox:1.34.1", + "image_pull_policy": "IfNotPresent", + "lifecycle": null, + "liveness_probe": null, + "name": "slowlog", + "ports": null, + "readiness_probe": null, + "resources": { + "claims": null, + "limits": null, + "requests": null + }, + "security_context": null, + "startup_probe": null, + "stdin": null, + "stdin_once": null, + "termination_message_path": "/dev/termination-log", + "termination_message_policy": "File", + "tty": null, + "volume_devices": null, + "volume_mounts": [ + { + "mount_path": "/var/log/tidb", + "mount_propagation": null, + "name": "slowlog", + "read_only": null, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/var/run/secrets/kubernetes.io/serviceaccount", + "mount_propagation": null, + "name": "kube-api-access-rw5pc", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + } + ], + "working_dir": null + }, + { + "args": null, + "command": [ + "/bin/sh", + "/usr/local/bin/tidb_start_script.sh" + ], + "env": [ + { + "name": "CLUSTER_NAME", + "value": "test-cluster", + "value_from": null + }, + { + "name": "TZ", + "value": "UTC", + "value_from": null + }, + { + "name": "BINLOG_ENABLED", + "value": "false", + "value_from": null + }, + { + "name": "SLOW_LOG_FILE", + "value": "/var/log/tidb/slowlog", + "value_from": null + }, + { + "name": "POD_NAME", + "value": null, + "value_from": { + "config_map_key_ref": null, + "field_ref": { + "api_version": "v1", + "field_path": "metadata.name" + }, + "resource_field_ref": null, + "secret_key_ref": null + } + }, + { + "name": "NAMESPACE", + "value": null, + "value_from": { + "config_map_key_ref": null, + "field_ref": { + "api_version": "v1", + "field_path": "metadata.namespace" + }, + "resource_field_ref": null, + "secret_key_ref": null + } + }, + { + "name": "HEADLESS_SERVICE_NAME", + "value": "test-cluster-tidb-peer", + "value_from": null + } + ], + "env_from": null, + "image": "pingcap/tidb:v5.4.0", + "image_pull_policy": "IfNotPresent", + "lifecycle": null, + "liveness_probe": null, + "name": "tidb", + "ports": [ + { + "container_port": 4000, + "host_ip": null, + "host_port": null, + "name": "server", + "protocol": "TCP" + }, + { + "container_port": 10080, + "host_ip": null, + "host_port": null, + "name": "status", + "protocol": "TCP" + } + ], + "readiness_probe": { + "_exec": null, + "failure_threshold": 3, + "grpc": null, + "http_get": null, + "initial_delay_seconds": 10, + "period_seconds": 10, + "success_threshold": 1, + "tcp_socket": { + "host": null, + "port": 4000 + }, + "termination_grace_period_seconds": null, + "timeout_seconds": 1 + }, + "resources": { + "claims": null, + "limits": null, + "requests": null + }, + "security_context": null, + "startup_probe": null, + "stdin": null, + "stdin_once": null, + "termination_message_path": "/dev/termination-log", + "termination_message_policy": "File", + "tty": null, + "volume_devices": null, + "volume_mounts": [ + { + "mount_path": "/etc/podinfo", + "mount_propagation": null, + "name": "annotations", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/etc/tidb", + "mount_propagation": null, + "name": "config", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/usr/local/bin", + "mount_propagation": null, + "name": "startup-script", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/var/log/tidb", + "mount_propagation": null, + "name": "slowlog", + "read_only": null, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/var/run/secrets/kubernetes.io/serviceaccount", + "mount_propagation": null, + "name": "kube-api-access-rw5pc", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + } + ], + "working_dir": null + } + ], + "dns_config": null, + "dns_policy": "ClusterFirst", + "enable_service_links": true, + "ephemeral_containers": null, + "host_aliases": null, + "host_ipc": null, + "host_network": null, + "host_pid": null, + "host_users": null, + "hostname": "test-cluster-tidb-1", + "image_pull_secrets": null, + "init_containers": null, + "node_name": "acto-0-cluster-0-worker2", + "node_selector": null, + "os": null, + "overhead": null, + "preemption_policy": "PreemptLowerPriority", + "priority": 0, + "priority_class_name": null, + "readiness_gates": null, + "resource_claims": null, + "restart_policy": "Always", + "runtime_class_name": null, + "scheduler_name": "default-scheduler", + "scheduling_gates": null, + "security_context": { + "fs_group": null, + "fs_group_change_policy": null, + "run_as_group": null, + "run_as_non_root": null, + "run_as_user": null, + "se_linux_options": null, + "seccomp_profile": null, + "supplemental_groups": null, + "sysctls": null, + "windows_options": null + }, + "service_account": "default", + "service_account_name": "default", + "set_hostname_as_fqdn": null, + "share_process_namespace": null, + "subdomain": "test-cluster-tidb-peer", + "termination_grace_period_seconds": 30, + "tolerations": [ + { + "effect": "NoExecute", + "key": "node.kubernetes.io/not-ready", + "operator": "Exists", + "toleration_seconds": 300, + "value": null + }, + { + "effect": "NoExecute", + "key": "node.kubernetes.io/unreachable", + "operator": "Exists", + "toleration_seconds": 300, + "value": null + } + ], + "topology_spread_constraints": null, + "volumes": [ + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": { + "default_mode": 420, + "items": [ + { + "field_ref": { + "api_version": "v1", + "field_path": "metadata.annotations" + }, + "mode": null, + "path": "annotations", + "resource_field_ref": null + } + ] + }, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "annotations", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": { + "default_mode": 420, + "items": [ + { + "key": "config-file", + "mode": null, + "path": "tidb.toml" + } + ], + "name": "test-cluster-tidb-6662316", + "optional": null + }, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "config", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": { + "default_mode": 420, + "items": [ + { + "key": "startup-script", + "mode": null, + "path": "tidb_start_script.sh" + } + ], + "name": "test-cluster-tidb-6662316", + "optional": null + }, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "startup-script", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": null, + "empty_dir": { + "medium": null, + "size_limit": null + }, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "slowlog", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "kube-api-access-rw5pc", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": { + "default_mode": 420, + "sources": [ + { + "config_map": null, + "downward_api": null, + "secret": null, + "service_account_token": { + "audience": null, + "expiration_seconds": 3607, + "path": "token" + } + }, + { + "config_map": { + "items": [ + { + "key": "ca.crt", + "mode": null, + "path": "ca.crt" + } + ], + "name": "kube-root-ca.crt", + "optional": null + }, + "downward_api": null, + "secret": null, + "service_account_token": null + }, + { + "config_map": null, + "downward_api": { + "items": [ + { + "field_ref": { + "api_version": "v1", + "field_path": "metadata.namespace" + }, + "mode": null, + "path": "namespace", + "resource_field_ref": null + } + ] + }, + "secret": null, + "service_account_token": null + } + ] + }, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + } + ] + }, + "status": { + "conditions": [ + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T01:20:52+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "Initialized" + }, + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T01:21:12+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "Ready" + }, + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T01:21:12+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "ContainersReady" + }, + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T01:20:52+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "PodScheduled" + } + ], + "container_statuses": [ + { + "container_id": "containerd://6fc7c7c9dcb235ad59187d63b85140c79966544c06ac3cb4aad3ed5bf5a5df6b", + "image": "docker.io/library/busybox:1.34.1", + "image_id": "docker.io/library/import-2024-02-27@sha256:c4d04d75f4fed737c946055f12e8eae66b6272e59afc5c9ed865428d7c215dad", + "last_state": { + "running": null, + "terminated": null, + "waiting": null + }, + "name": "slowlog", + "ready": true, + "restart_count": 0, + "started": true, + "state": { + "running": { + "started_at": "2024-02-27T01:20:53+00:00" + }, + "terminated": null, + "waiting": null + } + }, + { + "container_id": "containerd://f092dd22c8f76105fb6b06a6ecd05efa4e205b3362e4e6c8d9723658411a9931", + "image": "docker.io/pingcap/tidb:v5.4.0", + "image_id": "docker.io/library/import-2024-02-27@sha256:a79108254173688e4d6f8502e165ed9ef323e4af82c390a2afa40c6dfa4aa712", + "last_state": { + "running": null, + "terminated": null, + "waiting": null + }, + "name": "tidb", + "ready": true, + "restart_count": 0, + "started": true, + "state": { + "running": { + "started_at": "2024-02-27T01:20:53+00:00" + }, + "terminated": null, + "waiting": null + } + } + ], + "ephemeral_container_statuses": null, + "host_ip": "172.18.0.5", + "init_container_statuses": null, + "message": null, + "nominated_node_name": null, + "phase": "Running", + "pod_ip": "10.244.2.8", + "pod_i_ps": [ + { + "ip": "10.244.2.8" + } + ], + "qos_class": "BestEffort", + "reason": null, + "start_time": "2024-02-27T01:20:52+00:00" + } + }, + "test-cluster-tidb-2": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": { + "prometheus.io/path": "/metrics", + "prometheus.io/port": "10080", + "prometheus.io/scrape": "true" + }, + "creation_timestamp": "2024-02-27T01:20:52+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": "test-cluster-tidb-", + "generation": null, + "labels": { + "app.kubernetes.io/component": "tidb", + "app.kubernetes.io/instance": "test-cluster", + "app.kubernetes.io/managed-by": "tidb-operator", + "app.kubernetes.io/name": "tidb-cluster", + "apps.kubernetes.io/pod-index": "2", + "controller-revision-hash": "test-cluster-tidb-788bdc6cfc", + "statefulset.kubernetes.io/pod-name": "test-cluster-tidb-2", + "tidb.pingcap.com/cluster-id": "7340085439264123903" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + ".": {}, + "f:prometheus.io/path": {}, + "f:prometheus.io/port": {}, + "f:prometheus.io/scrape": {} + }, + "f:generateName": {}, + "f:labels": { + ".": {}, + "f:app.kubernetes.io/component": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {}, + "f:apps.kubernetes.io/pod-index": {}, + "f:controller-revision-hash": {}, + "f:statefulset.kubernetes.io/pod-name": {} + }, + "f:ownerReferences": { + ".": {}, + "k:{\"uid\":\"275a96f1-4db6-4070-a665-2df5d784b843\"}": {} + } + }, + "f:spec": { + "f:containers": { + "k:{\"name\":\"slowlog\"}": { + ".": {}, + "f:command": {}, + "f:image": {}, + "f:imagePullPolicy": {}, + "f:name": {}, + "f:resources": {}, + "f:terminationMessagePath": {}, + "f:terminationMessagePolicy": {}, + "f:volumeMounts": { + ".": {}, + "k:{\"mountPath\":\"/var/log/tidb\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {} + } + } + }, + "k:{\"name\":\"tidb\"}": { + ".": {}, + "f:command": {}, + "f:env": { + ".": {}, + "k:{\"name\":\"BINLOG_ENABLED\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"CLUSTER_NAME\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"HEADLESS_SERVICE_NAME\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"NAMESPACE\"}": { + ".": {}, + "f:name": {}, + "f:valueFrom": { + ".": {}, + "f:fieldRef": {} + } + }, + "k:{\"name\":\"POD_NAME\"}": { + ".": {}, + "f:name": {}, + "f:valueFrom": { + ".": {}, + "f:fieldRef": {} + } + }, + "k:{\"name\":\"SLOW_LOG_FILE\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"TZ\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + } + }, + "f:image": {}, + "f:imagePullPolicy": {}, + "f:name": {}, + "f:ports": { + ".": {}, + "k:{\"containerPort\":4000,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + }, + "k:{\"containerPort\":10080,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + } + }, + "f:readinessProbe": { + ".": {}, + "f:failureThreshold": {}, + "f:initialDelaySeconds": {}, + "f:periodSeconds": {}, + "f:successThreshold": {}, + "f:tcpSocket": { + ".": {}, + "f:port": {} + }, + "f:timeoutSeconds": {} + }, + "f:resources": {}, + "f:terminationMessagePath": {}, + "f:terminationMessagePolicy": {}, + "f:volumeMounts": { + ".": {}, + "k:{\"mountPath\":\"/etc/podinfo\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {}, + "f:readOnly": {} + }, + "k:{\"mountPath\":\"/etc/tidb\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {}, + "f:readOnly": {} + }, + "k:{\"mountPath\":\"/usr/local/bin\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {}, + "f:readOnly": {} + }, + "k:{\"mountPath\":\"/var/log/tidb\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {} + } + } + } + }, + "f:dnsPolicy": {}, + "f:enableServiceLinks": {}, + "f:hostname": {}, + "f:restartPolicy": {}, + "f:schedulerName": {}, + "f:securityContext": {}, + "f:subdomain": {}, + "f:terminationGracePeriodSeconds": {}, + "f:volumes": { + ".": {}, + "k:{\"name\":\"annotations\"}": { + ".": {}, + "f:downwardAPI": { + ".": {}, + "f:defaultMode": {}, + "f:items": {} + }, + "f:name": {} + }, + "k:{\"name\":\"config\"}": { + ".": {}, + "f:configMap": { + ".": {}, + "f:defaultMode": {}, + "f:items": {}, + "f:name": {} + }, + "f:name": {} + }, + "k:{\"name\":\"slowlog\"}": { + ".": {}, + "f:emptyDir": {}, + "f:name": {} + }, + "k:{\"name\":\"startup-script\"}": { + ".": {}, + "f:configMap": { + ".": {}, + "f:defaultMode": {}, + "f:items": {}, + "f:name": {} + }, + "f:name": {} + } + } + } + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:52+00:00" + }, + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:status": { + "f:conditions": { + "k:{\"type\":\"ContainersReady\"}": { + ".": {}, + "f:lastProbeTime": {}, + "f:type": {} + }, + "k:{\"type\":\"Initialized\"}": { + ".": {}, + "f:lastProbeTime": {}, + "f:lastTransitionTime": {}, + "f:status": {}, + "f:type": {} + }, + "k:{\"type\":\"Ready\"}": { + ".": {}, + "f:lastProbeTime": {}, + "f:type": {} + } + }, + "f:hostIP": {}, + "f:phase": {}, + "f:podIP": {}, + "f:podIPs": { + ".": {}, + "k:{\"ip\":\"10.244.3.8\"}": { + ".": {}, + "f:ip": {} + } + }, + "f:startTime": {} + } + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:53+00:00" + }, + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:labels": { + "f:tidb.pingcap.com/cluster-id": {} + } + } + }, + "manager": "tidb-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:56+00:00" + }, + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:status": { + "f:conditions": { + "k:{\"type\":\"ContainersReady\"}": { + "f:lastTransitionTime": {}, + "f:status": {} + }, + "k:{\"type\":\"Ready\"}": { + "f:lastTransitionTime": {}, + "f:status": {} + } + }, + "f:containerStatuses": {} + } + }, + "manager": "kubelet", + "operation": "Update", + "subresource": "status", + "time": "2024-02-27T01:21:12+00:00" + } + ], + "name": "test-cluster-tidb-2", + "namespace": "acto-namespace", + "owner_references": [ + { + "api_version": "apps/v1", + "block_owner_deletion": true, + "controller": true, + "kind": "StatefulSet", + "name": "test-cluster-tidb", + "uid": "275a96f1-4db6-4070-a665-2df5d784b843" + } + ], + "resource_version": "1470", + "self_link": null, + "uid": "77704408-f6a8-425e-a89c-3877fadbf8b6" + }, + "spec": { + "active_deadline_seconds": null, + "affinity": null, + "automount_service_account_token": null, + "containers": [ + { + "args": null, + "command": [ + "sh", + "-c", + "touch /var/log/tidb/slowlog; tail -n0 -F /var/log/tidb/slowlog;" + ], + "env": null, + "env_from": null, + "image": "busybox:1.34.1", + "image_pull_policy": "IfNotPresent", + "lifecycle": null, + "liveness_probe": null, + "name": "slowlog", + "ports": null, + "readiness_probe": null, + "resources": { + "claims": null, + "limits": null, + "requests": null + }, + "security_context": null, + "startup_probe": null, + "stdin": null, + "stdin_once": null, + "termination_message_path": "/dev/termination-log", + "termination_message_policy": "File", + "tty": null, + "volume_devices": null, + "volume_mounts": [ + { + "mount_path": "/var/log/tidb", + "mount_propagation": null, + "name": "slowlog", + "read_only": null, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/var/run/secrets/kubernetes.io/serviceaccount", + "mount_propagation": null, + "name": "kube-api-access-ttnk7", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + } + ], + "working_dir": null + }, + { + "args": null, + "command": [ + "/bin/sh", + "/usr/local/bin/tidb_start_script.sh" + ], + "env": [ + { + "name": "CLUSTER_NAME", + "value": "test-cluster", + "value_from": null + }, + { + "name": "TZ", + "value": "UTC", + "value_from": null + }, + { + "name": "BINLOG_ENABLED", + "value": "false", + "value_from": null + }, + { + "name": "SLOW_LOG_FILE", + "value": "/var/log/tidb/slowlog", + "value_from": null + }, + { + "name": "POD_NAME", + "value": null, + "value_from": { + "config_map_key_ref": null, + "field_ref": { + "api_version": "v1", + "field_path": "metadata.name" + }, + "resource_field_ref": null, + "secret_key_ref": null + } + }, + { + "name": "NAMESPACE", + "value": null, + "value_from": { + "config_map_key_ref": null, + "field_ref": { + "api_version": "v1", + "field_path": "metadata.namespace" + }, + "resource_field_ref": null, + "secret_key_ref": null + } + }, + { + "name": "HEADLESS_SERVICE_NAME", + "value": "test-cluster-tidb-peer", + "value_from": null + } + ], + "env_from": null, + "image": "pingcap/tidb:v5.4.0", + "image_pull_policy": "IfNotPresent", + "lifecycle": null, + "liveness_probe": null, + "name": "tidb", + "ports": [ + { + "container_port": 4000, + "host_ip": null, + "host_port": null, + "name": "server", + "protocol": "TCP" + }, + { + "container_port": 10080, + "host_ip": null, + "host_port": null, + "name": "status", + "protocol": "TCP" + } + ], + "readiness_probe": { + "_exec": null, + "failure_threshold": 3, + "grpc": null, + "http_get": null, + "initial_delay_seconds": 10, + "period_seconds": 10, + "success_threshold": 1, + "tcp_socket": { + "host": null, + "port": 4000 + }, + "termination_grace_period_seconds": null, + "timeout_seconds": 1 + }, + "resources": { + "claims": null, + "limits": null, + "requests": null + }, + "security_context": null, + "startup_probe": null, + "stdin": null, + "stdin_once": null, + "termination_message_path": "/dev/termination-log", + "termination_message_policy": "File", + "tty": null, + "volume_devices": null, + "volume_mounts": [ + { + "mount_path": "/etc/podinfo", + "mount_propagation": null, + "name": "annotations", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/etc/tidb", + "mount_propagation": null, + "name": "config", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/usr/local/bin", + "mount_propagation": null, + "name": "startup-script", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/var/log/tidb", + "mount_propagation": null, + "name": "slowlog", + "read_only": null, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/var/run/secrets/kubernetes.io/serviceaccount", + "mount_propagation": null, + "name": "kube-api-access-ttnk7", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + } + ], + "working_dir": null + } + ], + "dns_config": null, + "dns_policy": "ClusterFirst", + "enable_service_links": true, + "ephemeral_containers": null, + "host_aliases": null, + "host_ipc": null, + "host_network": null, + "host_pid": null, + "host_users": null, + "hostname": "test-cluster-tidb-2", + "image_pull_secrets": null, + "init_containers": null, + "node_name": "acto-0-cluster-0-worker3", + "node_selector": null, + "os": null, + "overhead": null, + "preemption_policy": "PreemptLowerPriority", + "priority": 0, + "priority_class_name": null, + "readiness_gates": null, + "resource_claims": null, + "restart_policy": "Always", + "runtime_class_name": null, + "scheduler_name": "default-scheduler", + "scheduling_gates": null, + "security_context": { + "fs_group": null, + "fs_group_change_policy": null, + "run_as_group": null, + "run_as_non_root": null, + "run_as_user": null, + "se_linux_options": null, + "seccomp_profile": null, + "supplemental_groups": null, + "sysctls": null, + "windows_options": null + }, + "service_account": "default", + "service_account_name": "default", + "set_hostname_as_fqdn": null, + "share_process_namespace": null, + "subdomain": "test-cluster-tidb-peer", + "termination_grace_period_seconds": 30, + "tolerations": [ + { + "effect": "NoExecute", + "key": "node.kubernetes.io/not-ready", + "operator": "Exists", + "toleration_seconds": 300, + "value": null + }, + { + "effect": "NoExecute", + "key": "node.kubernetes.io/unreachable", + "operator": "Exists", + "toleration_seconds": 300, + "value": null + } + ], + "topology_spread_constraints": null, + "volumes": [ + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": { + "default_mode": 420, + "items": [ + { + "field_ref": { + "api_version": "v1", + "field_path": "metadata.annotations" + }, + "mode": null, + "path": "annotations", + "resource_field_ref": null + } + ] + }, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "annotations", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": { + "default_mode": 420, + "items": [ + { + "key": "config-file", + "mode": null, + "path": "tidb.toml" + } + ], + "name": "test-cluster-tidb-6662316", + "optional": null + }, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "config", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": { + "default_mode": 420, + "items": [ + { + "key": "startup-script", + "mode": null, + "path": "tidb_start_script.sh" + } + ], + "name": "test-cluster-tidb-6662316", + "optional": null + }, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "startup-script", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": null, + "empty_dir": { + "medium": null, + "size_limit": null + }, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "slowlog", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "kube-api-access-ttnk7", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": { + "default_mode": 420, + "sources": [ + { + "config_map": null, + "downward_api": null, + "secret": null, + "service_account_token": { + "audience": null, + "expiration_seconds": 3607, + "path": "token" + } + }, + { + "config_map": { + "items": [ + { + "key": "ca.crt", + "mode": null, + "path": "ca.crt" + } + ], + "name": "kube-root-ca.crt", + "optional": null + }, + "downward_api": null, + "secret": null, + "service_account_token": null + }, + { + "config_map": null, + "downward_api": { + "items": [ + { + "field_ref": { + "api_version": "v1", + "field_path": "metadata.namespace" + }, + "mode": null, + "path": "namespace", + "resource_field_ref": null + } + ] + }, + "secret": null, + "service_account_token": null + } + ] + }, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + } + ] + }, + "status": { + "conditions": [ + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T01:20:52+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "Initialized" + }, + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T01:21:12+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "Ready" + }, + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T01:21:12+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "ContainersReady" + }, + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T01:20:52+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "PodScheduled" + } + ], + "container_statuses": [ + { + "container_id": "containerd://4993593e5b0431a79020843de23e9df055527d1f4d468ce54c816327bac5e8a5", + "image": "docker.io/library/busybox:1.34.1", + "image_id": "docker.io/library/import-2024-02-27@sha256:c4d04d75f4fed737c946055f12e8eae66b6272e59afc5c9ed865428d7c215dad", + "last_state": { + "running": null, + "terminated": null, + "waiting": null + }, + "name": "slowlog", + "ready": true, + "restart_count": 0, + "started": true, + "state": { + "running": { + "started_at": "2024-02-27T01:20:52+00:00" + }, + "terminated": null, + "waiting": null + } + }, + { + "container_id": "containerd://2f71403193259cc83a9ba1542f4c1990c6b5989e88408ade946622d5de34361e", + "image": "docker.io/pingcap/tidb:v5.4.0", + "image_id": "docker.io/library/import-2024-02-27@sha256:a79108254173688e4d6f8502e165ed9ef323e4af82c390a2afa40c6dfa4aa712", + "last_state": { + "running": null, + "terminated": null, + "waiting": null + }, + "name": "tidb", + "ready": true, + "restart_count": 0, + "started": true, + "state": { + "running": { + "started_at": "2024-02-27T01:20:53+00:00" + }, + "terminated": null, + "waiting": null + } + } + ], + "ephemeral_container_statuses": null, + "host_ip": "172.18.0.3", + "init_container_statuses": null, + "message": null, + "nominated_node_name": null, + "phase": "Running", + "pod_ip": "10.244.3.8", + "pod_i_ps": [ + { + "ip": "10.244.3.8" + } + ], + "qos_class": "BestEffort", + "reason": null, + "start_time": "2024-02-27T01:20:52+00:00" + } + }, + "test-cluster-tikv-0": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": { + "prometheus.io/path": "/metrics", + "prometheus.io/port": "20180", + "prometheus.io/scrape": "true" + }, + "creation_timestamp": "2024-02-27T01:20:22+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": "test-cluster-tikv-", + "generation": null, + "labels": { + "app.kubernetes.io/component": "tikv", + "app.kubernetes.io/instance": "test-cluster", + "app.kubernetes.io/managed-by": "tidb-operator", + "app.kubernetes.io/name": "tidb-cluster", + "apps.kubernetes.io/pod-index": "0", + "controller-revision-hash": "test-cluster-tikv-797dfd54bf", + "statefulset.kubernetes.io/pod-name": "test-cluster-tikv-0", + "tidb.pingcap.com/cluster-id": "7340085439264123903", + "tidb.pingcap.com/store-id": "5" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + ".": {}, + "f:prometheus.io/path": {}, + "f:prometheus.io/port": {}, + "f:prometheus.io/scrape": {} + }, + "f:generateName": {}, + "f:labels": { + ".": {}, + "f:app.kubernetes.io/component": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {}, + "f:apps.kubernetes.io/pod-index": {}, + "f:controller-revision-hash": {}, + "f:statefulset.kubernetes.io/pod-name": {} + }, + "f:ownerReferences": { + ".": {}, + "k:{\"uid\":\"0ef3c69e-a6cc-4a35-915f-a63fca1b67f8\"}": {} + } + }, + "f:spec": { + "f:containers": { + "k:{\"name\":\"raftlog\"}": { + ".": {}, + "f:command": {}, + "f:image": {}, + "f:imagePullPolicy": {}, + "f:name": {}, + "f:resources": {}, + "f:terminationMessagePath": {}, + "f:terminationMessagePolicy": {}, + "f:volumeMounts": { + ".": {}, + "k:{\"mountPath\":\"/var/lib/tikv\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {} + } + } + }, + "k:{\"name\":\"tikv\"}": { + ".": {}, + "f:command": {}, + "f:env": { + ".": {}, + "k:{\"name\":\"CAPACITY\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"CLUSTER_NAME\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"HEADLESS_SERVICE_NAME\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"NAMESPACE\"}": { + ".": {}, + "f:name": {}, + "f:valueFrom": { + ".": {}, + "f:fieldRef": {} + } + }, + "k:{\"name\":\"TZ\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + } + }, + "f:image": {}, + "f:imagePullPolicy": {}, + "f:name": {}, + "f:ports": { + ".": {}, + "k:{\"containerPort\":20160,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + } + }, + "f:resources": {}, + "f:securityContext": { + ".": {}, + "f:privileged": {} + }, + "f:terminationMessagePath": {}, + "f:terminationMessagePolicy": {}, + "f:volumeMounts": { + ".": {}, + "k:{\"mountPath\":\"/etc/podinfo\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {}, + "f:readOnly": {} + }, + "k:{\"mountPath\":\"/etc/tikv\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {}, + "f:readOnly": {} + }, + "k:{\"mountPath\":\"/usr/local/bin\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {}, + "f:readOnly": {} + }, + "k:{\"mountPath\":\"/var/lib/tikv\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {} + } + } + } + }, + "f:dnsPolicy": {}, + "f:enableServiceLinks": {}, + "f:hostname": {}, + "f:restartPolicy": {}, + "f:schedulerName": {}, + "f:securityContext": {}, + "f:subdomain": {}, + "f:terminationGracePeriodSeconds": {}, + "f:volumes": { + ".": {}, + "k:{\"name\":\"annotations\"}": { + ".": {}, + "f:downwardAPI": { + ".": {}, + "f:defaultMode": {}, + "f:items": {} + }, + "f:name": {} + }, + "k:{\"name\":\"config\"}": { + ".": {}, + "f:configMap": { + ".": {}, + "f:defaultMode": {}, + "f:items": {}, + "f:name": {} + }, + "f:name": {} + }, + "k:{\"name\":\"startup-script\"}": { + ".": {}, + "f:configMap": { + ".": {}, + "f:defaultMode": {}, + "f:items": {}, + "f:name": {} + }, + "f:name": {} + }, + "k:{\"name\":\"tikv\"}": { + ".": {}, + "f:name": {}, + "f:persistentVolumeClaim": { + ".": {}, + "f:claimName": {} + } + } + } + } + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:22+00:00" + }, + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:status": { + "f:conditions": { + "k:{\"type\":\"ContainersReady\"}": { + ".": {}, + "f:lastProbeTime": {}, + "f:lastTransitionTime": {}, + "f:status": {}, + "f:type": {} + }, + "k:{\"type\":\"Initialized\"}": { + ".": {}, + "f:lastProbeTime": {}, + "f:lastTransitionTime": {}, + "f:status": {}, + "f:type": {} + }, + "k:{\"type\":\"Ready\"}": { + ".": {}, + "f:lastProbeTime": {}, + "f:lastTransitionTime": {}, + "f:status": {}, + "f:type": {} + } + }, + "f:containerStatuses": {}, + "f:hostIP": {}, + "f:phase": {}, + "f:podIP": {}, + "f:podIPs": { + ".": {}, + "k:{\"ip\":\"10.244.2.7\"}": { + ".": {}, + "f:ip": {} + } + }, + "f:startTime": {} + } + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:27+00:00" + }, + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:labels": { + "f:tidb.pingcap.com/cluster-id": {}, + "f:tidb.pingcap.com/store-id": {} + } + } + }, + "manager": "tidb-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:53+00:00" + } + ], + "name": "test-cluster-tikv-0", + "namespace": "acto-namespace", + "owner_references": [ + { + "api_version": "apps/v1", + "block_owner_deletion": true, + "controller": true, + "kind": "StatefulSet", + "name": "test-cluster-tikv", + "uid": "0ef3c69e-a6cc-4a35-915f-a63fca1b67f8" + } + ], + "resource_version": "1384", + "self_link": null, + "uid": "ebc480d7-eef9-48ca-8d1f-31c413ae8bab" + }, + "spec": { + "active_deadline_seconds": null, + "affinity": null, + "automount_service_account_token": null, + "containers": [ + { + "args": null, + "command": [ + "sh", + "-c", + "touch /var/lib/tikv/raftdb.info; tail -n0 -F /var/lib/tikv/raftdb.info;" + ], + "env": null, + "env_from": null, + "image": "busybox:1.34.1", + "image_pull_policy": "IfNotPresent", + "lifecycle": null, + "liveness_probe": null, + "name": "raftlog", + "ports": null, + "readiness_probe": null, + "resources": { + "claims": null, + "limits": null, + "requests": null + }, + "security_context": null, + "startup_probe": null, + "stdin": null, + "stdin_once": null, + "termination_message_path": "/dev/termination-log", + "termination_message_policy": "File", + "tty": null, + "volume_devices": null, + "volume_mounts": [ + { + "mount_path": "/var/lib/tikv", + "mount_propagation": null, + "name": "tikv", + "read_only": null, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/var/run/secrets/kubernetes.io/serviceaccount", + "mount_propagation": null, + "name": "kube-api-access-5khkx", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + } + ], + "working_dir": null + }, + { + "args": null, + "command": [ + "/bin/sh", + "/usr/local/bin/tikv_start_script.sh" + ], + "env": [ + { + "name": "NAMESPACE", + "value": null, + "value_from": { + "config_map_key_ref": null, + "field_ref": { + "api_version": "v1", + "field_path": "metadata.namespace" + }, + "resource_field_ref": null, + "secret_key_ref": null + } + }, + { + "name": "CLUSTER_NAME", + "value": "test-cluster", + "value_from": null + }, + { + "name": "HEADLESS_SERVICE_NAME", + "value": "test-cluster-tikv-peer", + "value_from": null + }, + { + "name": "CAPACITY", + "value": "0", + "value_from": null + }, + { + "name": "TZ", + "value": "UTC", + "value_from": null + } + ], + "env_from": null, + "image": "pingcap/tikv:v5.4.0", + "image_pull_policy": "IfNotPresent", + "lifecycle": null, + "liveness_probe": null, + "name": "tikv", + "ports": [ + { + "container_port": 20160, + "host_ip": null, + "host_port": null, + "name": "server", + "protocol": "TCP" + } + ], + "readiness_probe": null, + "resources": { + "claims": null, + "limits": null, + "requests": null + }, + "security_context": { + "allow_privilege_escalation": null, + "capabilities": null, + "privileged": false, + "proc_mount": null, + "read_only_root_filesystem": null, + "run_as_group": null, + "run_as_non_root": null, + "run_as_user": null, + "se_linux_options": null, + "seccomp_profile": null, + "windows_options": null + }, + "startup_probe": null, + "stdin": null, + "stdin_once": null, + "termination_message_path": "/dev/termination-log", + "termination_message_policy": "File", + "tty": null, + "volume_devices": null, + "volume_mounts": [ + { + "mount_path": "/etc/podinfo", + "mount_propagation": null, + "name": "annotations", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/var/lib/tikv", + "mount_propagation": null, + "name": "tikv", + "read_only": null, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/etc/tikv", + "mount_propagation": null, + "name": "config", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/usr/local/bin", + "mount_propagation": null, + "name": "startup-script", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/var/run/secrets/kubernetes.io/serviceaccount", + "mount_propagation": null, + "name": "kube-api-access-5khkx", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + } + ], + "working_dir": null + } + ], + "dns_config": null, + "dns_policy": "ClusterFirst", + "enable_service_links": true, + "ephemeral_containers": null, + "host_aliases": null, + "host_ipc": null, + "host_network": null, + "host_pid": null, + "host_users": null, + "hostname": "test-cluster-tikv-0", + "image_pull_secrets": null, + "init_containers": null, + "node_name": "acto-0-cluster-0-worker2", + "node_selector": null, + "os": null, + "overhead": null, + "preemption_policy": "PreemptLowerPriority", + "priority": 0, + "priority_class_name": null, + "readiness_gates": null, + "resource_claims": null, + "restart_policy": "Always", + "runtime_class_name": null, + "scheduler_name": "default-scheduler", + "scheduling_gates": null, + "security_context": { + "fs_group": null, + "fs_group_change_policy": null, + "run_as_group": null, + "run_as_non_root": null, + "run_as_user": null, + "se_linux_options": null, + "seccomp_profile": null, + "supplemental_groups": null, + "sysctls": null, + "windows_options": null + }, + "service_account": "default", + "service_account_name": "default", + "set_hostname_as_fqdn": null, + "share_process_namespace": null, + "subdomain": "test-cluster-tikv-peer", + "termination_grace_period_seconds": 30, + "tolerations": [ + { + "effect": "NoExecute", + "key": "node.kubernetes.io/not-ready", + "operator": "Exists", + "toleration_seconds": 300, + "value": null + }, + { + "effect": "NoExecute", + "key": "node.kubernetes.io/unreachable", + "operator": "Exists", + "toleration_seconds": 300, + "value": null + } + ], + "topology_spread_constraints": null, + "volumes": [ + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "tikv", + "nfs": null, + "persistent_volume_claim": { + "claim_name": "tikv-test-cluster-tikv-0", + "read_only": null + }, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": { + "default_mode": 420, + "items": [ + { + "field_ref": { + "api_version": "v1", + "field_path": "metadata.annotations" + }, + "mode": null, + "path": "annotations", + "resource_field_ref": null + } + ] + }, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "annotations", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": { + "default_mode": 420, + "items": [ + { + "key": "config-file", + "mode": null, + "path": "tikv.toml" + } + ], + "name": "test-cluster-tikv-3831336", + "optional": null + }, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "config", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": { + "default_mode": 420, + "items": [ + { + "key": "startup-script", + "mode": null, + "path": "tikv_start_script.sh" + } + ], + "name": "test-cluster-tikv-3831336", + "optional": null + }, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "startup-script", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "kube-api-access-5khkx", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": { + "default_mode": 420, + "sources": [ + { + "config_map": null, + "downward_api": null, + "secret": null, + "service_account_token": { + "audience": null, + "expiration_seconds": 3607, + "path": "token" + } + }, + { + "config_map": { + "items": [ + { + "key": "ca.crt", + "mode": null, + "path": "ca.crt" + } + ], + "name": "kube-root-ca.crt", + "optional": null + }, + "downward_api": null, + "secret": null, + "service_account_token": null + }, + { + "config_map": null, + "downward_api": { + "items": [ + { + "field_ref": { + "api_version": "v1", + "field_path": "metadata.namespace" + }, + "mode": null, + "path": "namespace", + "resource_field_ref": null + } + ] + }, + "secret": null, + "service_account_token": null + } + ] + }, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + } + ] + }, + "status": { + "conditions": [ + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T01:20:26+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "Initialized" + }, + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T01:20:27+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "Ready" + }, + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T01:20:27+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "ContainersReady" + }, + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T01:20:26+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "PodScheduled" + } + ], + "container_statuses": [ + { + "container_id": "containerd://df4daa47dd320abba4bc8728d6330bef46c1bf0636c96a7d259c383acfbdc5e1", + "image": "docker.io/library/busybox:1.34.1", + "image_id": "docker.io/library/import-2024-02-27@sha256:c4d04d75f4fed737c946055f12e8eae66b6272e59afc5c9ed865428d7c215dad", + "last_state": { + "running": null, + "terminated": null, + "waiting": null + }, + "name": "raftlog", + "ready": true, + "restart_count": 0, + "started": true, + "state": { + "running": { + "started_at": "2024-02-27T01:20:26+00:00" + }, + "terminated": null, + "waiting": null + } + }, + { + "container_id": "containerd://c7aed758922ca184352acd913f730d982841dedd2461ef6574289f6d6f11c22b", + "image": "docker.io/pingcap/tikv:v5.4.0", + "image_id": "docker.io/library/import-2024-02-27@sha256:6a5cc1deaa123c842cd3537ed4e322ce7e9ab42b8f45ee1d59dd0a7520ca6acc", + "last_state": { + "running": null, + "terminated": null, + "waiting": null + }, + "name": "tikv", + "ready": true, + "restart_count": 0, + "started": true, + "state": { + "running": { + "started_at": "2024-02-27T01:20:27+00:00" + }, + "terminated": null, + "waiting": null + } + } + ], + "ephemeral_container_statuses": null, + "host_ip": "172.18.0.5", + "init_container_statuses": null, + "message": null, + "nominated_node_name": null, + "phase": "Running", + "pod_ip": "10.244.2.7", + "pod_i_ps": [ + { + "ip": "10.244.2.7" + } + ], + "qos_class": "BestEffort", + "reason": null, + "start_time": "2024-02-27T01:20:26+00:00" + } + }, + "test-cluster-tikv-1": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": { + "prometheus.io/path": "/metrics", + "prometheus.io/port": "20180", + "prometheus.io/scrape": "true" + }, + "creation_timestamp": "2024-02-27T01:20:22+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": "test-cluster-tikv-", + "generation": null, + "labels": { + "app.kubernetes.io/component": "tikv", + "app.kubernetes.io/instance": "test-cluster", + "app.kubernetes.io/managed-by": "tidb-operator", + "app.kubernetes.io/name": "tidb-cluster", + "apps.kubernetes.io/pod-index": "1", + "controller-revision-hash": "test-cluster-tikv-797dfd54bf", + "statefulset.kubernetes.io/pod-name": "test-cluster-tikv-1", + "tidb.pingcap.com/cluster-id": "7340085439264123903", + "tidb.pingcap.com/store-id": "1" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + ".": {}, + "f:prometheus.io/path": {}, + "f:prometheus.io/port": {}, + "f:prometheus.io/scrape": {} + }, + "f:generateName": {}, + "f:labels": { + ".": {}, + "f:app.kubernetes.io/component": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {}, + "f:apps.kubernetes.io/pod-index": {}, + "f:controller-revision-hash": {}, + "f:statefulset.kubernetes.io/pod-name": {} + }, + "f:ownerReferences": { + ".": {}, + "k:{\"uid\":\"0ef3c69e-a6cc-4a35-915f-a63fca1b67f8\"}": {} + } + }, + "f:spec": { + "f:containers": { + "k:{\"name\":\"raftlog\"}": { + ".": {}, + "f:command": {}, + "f:image": {}, + "f:imagePullPolicy": {}, + "f:name": {}, + "f:resources": {}, + "f:terminationMessagePath": {}, + "f:terminationMessagePolicy": {}, + "f:volumeMounts": { + ".": {}, + "k:{\"mountPath\":\"/var/lib/tikv\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {} + } + } + }, + "k:{\"name\":\"tikv\"}": { + ".": {}, + "f:command": {}, + "f:env": { + ".": {}, + "k:{\"name\":\"CAPACITY\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"CLUSTER_NAME\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"HEADLESS_SERVICE_NAME\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"NAMESPACE\"}": { + ".": {}, + "f:name": {}, + "f:valueFrom": { + ".": {}, + "f:fieldRef": {} + } + }, + "k:{\"name\":\"TZ\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + } + }, + "f:image": {}, + "f:imagePullPolicy": {}, + "f:name": {}, + "f:ports": { + ".": {}, + "k:{\"containerPort\":20160,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + } + }, + "f:resources": {}, + "f:securityContext": { + ".": {}, + "f:privileged": {} + }, + "f:terminationMessagePath": {}, + "f:terminationMessagePolicy": {}, + "f:volumeMounts": { + ".": {}, + "k:{\"mountPath\":\"/etc/podinfo\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {}, + "f:readOnly": {} + }, + "k:{\"mountPath\":\"/etc/tikv\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {}, + "f:readOnly": {} + }, + "k:{\"mountPath\":\"/usr/local/bin\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {}, + "f:readOnly": {} + }, + "k:{\"mountPath\":\"/var/lib/tikv\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {} + } + } + } + }, + "f:dnsPolicy": {}, + "f:enableServiceLinks": {}, + "f:hostname": {}, + "f:restartPolicy": {}, + "f:schedulerName": {}, + "f:securityContext": {}, + "f:subdomain": {}, + "f:terminationGracePeriodSeconds": {}, + "f:volumes": { + ".": {}, + "k:{\"name\":\"annotations\"}": { + ".": {}, + "f:downwardAPI": { + ".": {}, + "f:defaultMode": {}, + "f:items": {} + }, + "f:name": {} + }, + "k:{\"name\":\"config\"}": { + ".": {}, + "f:configMap": { + ".": {}, + "f:defaultMode": {}, + "f:items": {}, + "f:name": {} + }, + "f:name": {} + }, + "k:{\"name\":\"startup-script\"}": { + ".": {}, + "f:configMap": { + ".": {}, + "f:defaultMode": {}, + "f:items": {}, + "f:name": {} + }, + "f:name": {} + }, + "k:{\"name\":\"tikv\"}": { + ".": {}, + "f:name": {}, + "f:persistentVolumeClaim": { + ".": {}, + "f:claimName": {} + } + } + } + } + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:22+00:00" + }, + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:status": { + "f:conditions": { + "k:{\"type\":\"ContainersReady\"}": { + ".": {}, + "f:lastProbeTime": {}, + "f:lastTransitionTime": {}, + "f:status": {}, + "f:type": {} + }, + "k:{\"type\":\"Initialized\"}": { + ".": {}, + "f:lastProbeTime": {}, + "f:lastTransitionTime": {}, + "f:status": {}, + "f:type": {} + }, + "k:{\"type\":\"Ready\"}": { + ".": {}, + "f:lastProbeTime": {}, + "f:lastTransitionTime": {}, + "f:status": {}, + "f:type": {} + } + }, + "f:containerStatuses": {}, + "f:hostIP": {}, + "f:phase": {}, + "f:podIP": {}, + "f:podIPs": { + ".": {}, + "k:{\"ip\":\"10.244.1.6\"}": { + ".": {}, + "f:ip": {} + } + }, + "f:startTime": {} + } + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:26+00:00" + }, + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:labels": { + "f:tidb.pingcap.com/cluster-id": {}, + "f:tidb.pingcap.com/store-id": {} + } + } + }, + "manager": "tidb-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:53+00:00" + } + ], + "name": "test-cluster-tikv-1", + "namespace": "acto-namespace", + "owner_references": [ + { + "api_version": "apps/v1", + "block_owner_deletion": true, + "controller": true, + "kind": "StatefulSet", + "name": "test-cluster-tikv", + "uid": "0ef3c69e-a6cc-4a35-915f-a63fca1b67f8" + } + ], + "resource_version": "1402", + "self_link": null, + "uid": "fe7fca3f-2c5a-406e-856b-3b0bec9e4bfc" + }, + "spec": { + "active_deadline_seconds": null, + "affinity": null, + "automount_service_account_token": null, + "containers": [ + { + "args": null, + "command": [ + "sh", + "-c", + "touch /var/lib/tikv/raftdb.info; tail -n0 -F /var/lib/tikv/raftdb.info;" + ], + "env": null, + "env_from": null, + "image": "busybox:1.34.1", + "image_pull_policy": "IfNotPresent", + "lifecycle": null, + "liveness_probe": null, + "name": "raftlog", + "ports": null, + "readiness_probe": null, + "resources": { + "claims": null, + "limits": null, + "requests": null + }, + "security_context": null, + "startup_probe": null, + "stdin": null, + "stdin_once": null, + "termination_message_path": "/dev/termination-log", + "termination_message_policy": "File", + "tty": null, + "volume_devices": null, + "volume_mounts": [ + { + "mount_path": "/var/lib/tikv", + "mount_propagation": null, + "name": "tikv", + "read_only": null, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/var/run/secrets/kubernetes.io/serviceaccount", + "mount_propagation": null, + "name": "kube-api-access-5s7tz", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + } + ], + "working_dir": null + }, + { + "args": null, + "command": [ + "/bin/sh", + "/usr/local/bin/tikv_start_script.sh" + ], + "env": [ + { + "name": "NAMESPACE", + "value": null, + "value_from": { + "config_map_key_ref": null, + "field_ref": { + "api_version": "v1", + "field_path": "metadata.namespace" + }, + "resource_field_ref": null, + "secret_key_ref": null + } + }, + { + "name": "CLUSTER_NAME", + "value": "test-cluster", + "value_from": null + }, + { + "name": "HEADLESS_SERVICE_NAME", + "value": "test-cluster-tikv-peer", + "value_from": null + }, + { + "name": "CAPACITY", + "value": "0", + "value_from": null + }, + { + "name": "TZ", + "value": "UTC", + "value_from": null + } + ], + "env_from": null, + "image": "pingcap/tikv:v5.4.0", + "image_pull_policy": "IfNotPresent", + "lifecycle": null, + "liveness_probe": null, + "name": "tikv", + "ports": [ + { + "container_port": 20160, + "host_ip": null, + "host_port": null, + "name": "server", + "protocol": "TCP" + } + ], + "readiness_probe": null, + "resources": { + "claims": null, + "limits": null, + "requests": null + }, + "security_context": { + "allow_privilege_escalation": null, + "capabilities": null, + "privileged": false, + "proc_mount": null, + "read_only_root_filesystem": null, + "run_as_group": null, + "run_as_non_root": null, + "run_as_user": null, + "se_linux_options": null, + "seccomp_profile": null, + "windows_options": null + }, + "startup_probe": null, + "stdin": null, + "stdin_once": null, + "termination_message_path": "/dev/termination-log", + "termination_message_policy": "File", + "tty": null, + "volume_devices": null, + "volume_mounts": [ + { + "mount_path": "/etc/podinfo", + "mount_propagation": null, + "name": "annotations", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/var/lib/tikv", + "mount_propagation": null, + "name": "tikv", + "read_only": null, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/etc/tikv", + "mount_propagation": null, + "name": "config", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/usr/local/bin", + "mount_propagation": null, + "name": "startup-script", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/var/run/secrets/kubernetes.io/serviceaccount", + "mount_propagation": null, + "name": "kube-api-access-5s7tz", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + } + ], + "working_dir": null + } + ], + "dns_config": null, + "dns_policy": "ClusterFirst", + "enable_service_links": true, + "ephemeral_containers": null, + "host_aliases": null, + "host_ipc": null, + "host_network": null, + "host_pid": null, + "host_users": null, + "hostname": "test-cluster-tikv-1", + "image_pull_secrets": null, + "init_containers": null, + "node_name": "acto-0-cluster-0-worker", + "node_selector": null, + "os": null, + "overhead": null, + "preemption_policy": "PreemptLowerPriority", + "priority": 0, + "priority_class_name": null, + "readiness_gates": null, + "resource_claims": null, + "restart_policy": "Always", + "runtime_class_name": null, + "scheduler_name": "default-scheduler", + "scheduling_gates": null, + "security_context": { + "fs_group": null, + "fs_group_change_policy": null, + "run_as_group": null, + "run_as_non_root": null, + "run_as_user": null, + "se_linux_options": null, + "seccomp_profile": null, + "supplemental_groups": null, + "sysctls": null, + "windows_options": null + }, + "service_account": "default", + "service_account_name": "default", + "set_hostname_as_fqdn": null, + "share_process_namespace": null, + "subdomain": "test-cluster-tikv-peer", + "termination_grace_period_seconds": 30, + "tolerations": [ + { + "effect": "NoExecute", + "key": "node.kubernetes.io/not-ready", + "operator": "Exists", + "toleration_seconds": 300, + "value": null + }, + { + "effect": "NoExecute", + "key": "node.kubernetes.io/unreachable", + "operator": "Exists", + "toleration_seconds": 300, + "value": null + } + ], + "topology_spread_constraints": null, + "volumes": [ + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "tikv", + "nfs": null, + "persistent_volume_claim": { + "claim_name": "tikv-test-cluster-tikv-1", + "read_only": null + }, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": { + "default_mode": 420, + "items": [ + { + "field_ref": { + "api_version": "v1", + "field_path": "metadata.annotations" + }, + "mode": null, + "path": "annotations", + "resource_field_ref": null + } + ] + }, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "annotations", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": { + "default_mode": 420, + "items": [ + { + "key": "config-file", + "mode": null, + "path": "tikv.toml" + } + ], + "name": "test-cluster-tikv-3831336", + "optional": null + }, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "config", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": { + "default_mode": 420, + "items": [ + { + "key": "startup-script", + "mode": null, + "path": "tikv_start_script.sh" + } + ], + "name": "test-cluster-tikv-3831336", + "optional": null + }, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "startup-script", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "kube-api-access-5s7tz", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": { + "default_mode": 420, + "sources": [ + { + "config_map": null, + "downward_api": null, + "secret": null, + "service_account_token": { + "audience": null, + "expiration_seconds": 3607, + "path": "token" + } + }, + { + "config_map": { + "items": [ + { + "key": "ca.crt", + "mode": null, + "path": "ca.crt" + } + ], + "name": "kube-root-ca.crt", + "optional": null + }, + "downward_api": null, + "secret": null, + "service_account_token": null + }, + { + "config_map": null, + "downward_api": { + "items": [ + { + "field_ref": { + "api_version": "v1", + "field_path": "metadata.namespace" + }, + "mode": null, + "path": "namespace", + "resource_field_ref": null + } + ] + }, + "secret": null, + "service_account_token": null + } + ] + }, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + } + ] + }, + "status": { + "conditions": [ + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T01:20:25+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "Initialized" + }, + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T01:20:26+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "Ready" + }, + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T01:20:26+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "ContainersReady" + }, + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T01:20:25+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "PodScheduled" + } + ], + "container_statuses": [ + { + "container_id": "containerd://2a903ff218205ca1847d4a658fd553f9f83105cae8e452a0ab49a45a9cb519aa", + "image": "docker.io/library/busybox:1.34.1", + "image_id": "docker.io/library/import-2024-02-27@sha256:c4d04d75f4fed737c946055f12e8eae66b6272e59afc5c9ed865428d7c215dad", + "last_state": { + "running": null, + "terminated": null, + "waiting": null + }, + "name": "raftlog", + "ready": true, + "restart_count": 0, + "started": true, + "state": { + "running": { + "started_at": "2024-02-27T01:20:25+00:00" + }, + "terminated": null, + "waiting": null + } + }, + { + "container_id": "containerd://e1f2bab2135a4fc029b9b2e4b8bb1277707a8d62f0459081cbf008887a9f1ae1", + "image": "docker.io/pingcap/tikv:v5.4.0", + "image_id": "docker.io/library/import-2024-02-27@sha256:6a5cc1deaa123c842cd3537ed4e322ce7e9ab42b8f45ee1d59dd0a7520ca6acc", + "last_state": { + "running": null, + "terminated": null, + "waiting": null + }, + "name": "tikv", + "ready": true, + "restart_count": 0, + "started": true, + "state": { + "running": { + "started_at": "2024-02-27T01:20:26+00:00" + }, + "terminated": null, + "waiting": null + } + } + ], + "ephemeral_container_statuses": null, + "host_ip": "172.18.0.2", + "init_container_statuses": null, + "message": null, + "nominated_node_name": null, + "phase": "Running", + "pod_ip": "10.244.1.6", + "pod_i_ps": [ + { + "ip": "10.244.1.6" + } + ], + "qos_class": "BestEffort", + "reason": null, + "start_time": "2024-02-27T01:20:25+00:00" + } + }, + "test-cluster-tikv-2": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": { + "prometheus.io/path": "/metrics", + "prometheus.io/port": "20180", + "prometheus.io/scrape": "true" + }, + "creation_timestamp": "2024-02-27T01:20:22+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": "test-cluster-tikv-", + "generation": null, + "labels": { + "app.kubernetes.io/component": "tikv", + "app.kubernetes.io/instance": "test-cluster", + "app.kubernetes.io/managed-by": "tidb-operator", + "app.kubernetes.io/name": "tidb-cluster", + "apps.kubernetes.io/pod-index": "2", + "controller-revision-hash": "test-cluster-tikv-797dfd54bf", + "statefulset.kubernetes.io/pod-name": "test-cluster-tikv-2", + "tidb.pingcap.com/cluster-id": "7340085439264123903", + "tidb.pingcap.com/store-id": "4" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + ".": {}, + "f:prometheus.io/path": {}, + "f:prometheus.io/port": {}, + "f:prometheus.io/scrape": {} + }, + "f:generateName": {}, + "f:labels": { + ".": {}, + "f:app.kubernetes.io/component": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {}, + "f:apps.kubernetes.io/pod-index": {}, + "f:controller-revision-hash": {}, + "f:statefulset.kubernetes.io/pod-name": {} + }, + "f:ownerReferences": { + ".": {}, + "k:{\"uid\":\"0ef3c69e-a6cc-4a35-915f-a63fca1b67f8\"}": {} + } + }, + "f:spec": { + "f:containers": { + "k:{\"name\":\"raftlog\"}": { + ".": {}, + "f:command": {}, + "f:image": {}, + "f:imagePullPolicy": {}, + "f:name": {}, + "f:resources": {}, + "f:terminationMessagePath": {}, + "f:terminationMessagePolicy": {}, + "f:volumeMounts": { + ".": {}, + "k:{\"mountPath\":\"/var/lib/tikv\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {} + } + } + }, + "k:{\"name\":\"tikv\"}": { + ".": {}, + "f:command": {}, + "f:env": { + ".": {}, + "k:{\"name\":\"CAPACITY\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"CLUSTER_NAME\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"HEADLESS_SERVICE_NAME\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"NAMESPACE\"}": { + ".": {}, + "f:name": {}, + "f:valueFrom": { + ".": {}, + "f:fieldRef": {} + } + }, + "k:{\"name\":\"TZ\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + } + }, + "f:image": {}, + "f:imagePullPolicy": {}, + "f:name": {}, + "f:ports": { + ".": {}, + "k:{\"containerPort\":20160,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + } + }, + "f:resources": {}, + "f:securityContext": { + ".": {}, + "f:privileged": {} + }, + "f:terminationMessagePath": {}, + "f:terminationMessagePolicy": {}, + "f:volumeMounts": { + ".": {}, + "k:{\"mountPath\":\"/etc/podinfo\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {}, + "f:readOnly": {} + }, + "k:{\"mountPath\":\"/etc/tikv\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {}, + "f:readOnly": {} + }, + "k:{\"mountPath\":\"/usr/local/bin\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {}, + "f:readOnly": {} + }, + "k:{\"mountPath\":\"/var/lib/tikv\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {} + } + } + } + }, + "f:dnsPolicy": {}, + "f:enableServiceLinks": {}, + "f:hostname": {}, + "f:restartPolicy": {}, + "f:schedulerName": {}, + "f:securityContext": {}, + "f:subdomain": {}, + "f:terminationGracePeriodSeconds": {}, + "f:volumes": { + ".": {}, + "k:{\"name\":\"annotations\"}": { + ".": {}, + "f:downwardAPI": { + ".": {}, + "f:defaultMode": {}, + "f:items": {} + }, + "f:name": {} + }, + "k:{\"name\":\"config\"}": { + ".": {}, + "f:configMap": { + ".": {}, + "f:defaultMode": {}, + "f:items": {}, + "f:name": {} + }, + "f:name": {} + }, + "k:{\"name\":\"startup-script\"}": { + ".": {}, + "f:configMap": { + ".": {}, + "f:defaultMode": {}, + "f:items": {}, + "f:name": {} + }, + "f:name": {} + }, + "k:{\"name\":\"tikv\"}": { + ".": {}, + "f:name": {}, + "f:persistentVolumeClaim": { + ".": {}, + "f:claimName": {} + } + } + } + } + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:22+00:00" + }, + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:status": { + "f:conditions": { + "k:{\"type\":\"ContainersReady\"}": { + ".": {}, + "f:lastProbeTime": {}, + "f:lastTransitionTime": {}, + "f:status": {}, + "f:type": {} + }, + "k:{\"type\":\"Initialized\"}": { + ".": {}, + "f:lastProbeTime": {}, + "f:lastTransitionTime": {}, + "f:status": {}, + "f:type": {} + }, + "k:{\"type\":\"Ready\"}": { + ".": {}, + "f:lastProbeTime": {}, + "f:lastTransitionTime": {}, + "f:status": {}, + "f:type": {} + } + }, + "f:containerStatuses": {}, + "f:hostIP": {}, + "f:phase": {}, + "f:podIP": {}, + "f:podIPs": { + ".": {}, + "k:{\"ip\":\"10.244.3.7\"}": { + ".": {}, + "f:ip": {} + } + }, + "f:startTime": {} + } + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:26+00:00" + }, + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:labels": { + "f:tidb.pingcap.com/cluster-id": {}, + "f:tidb.pingcap.com/store-id": {} + } + } + }, + "manager": "tidb-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:54+00:00" + } + ], + "name": "test-cluster-tikv-2", + "namespace": "acto-namespace", + "owner_references": [ + { + "api_version": "apps/v1", + "block_owner_deletion": true, + "controller": true, + "kind": "StatefulSet", + "name": "test-cluster-tikv", + "uid": "0ef3c69e-a6cc-4a35-915f-a63fca1b67f8" + } + ], + "resource_version": "1406", + "self_link": null, + "uid": "15df53c3-220b-48c9-82e6-5bde9ad0ef90" + }, + "spec": { + "active_deadline_seconds": null, + "affinity": null, + "automount_service_account_token": null, + "containers": [ + { + "args": null, + "command": [ + "sh", + "-c", + "touch /var/lib/tikv/raftdb.info; tail -n0 -F /var/lib/tikv/raftdb.info;" + ], + "env": null, + "env_from": null, + "image": "busybox:1.34.1", + "image_pull_policy": "IfNotPresent", + "lifecycle": null, + "liveness_probe": null, + "name": "raftlog", + "ports": null, + "readiness_probe": null, + "resources": { + "claims": null, + "limits": null, + "requests": null + }, + "security_context": null, + "startup_probe": null, + "stdin": null, + "stdin_once": null, + "termination_message_path": "/dev/termination-log", + "termination_message_policy": "File", + "tty": null, + "volume_devices": null, + "volume_mounts": [ + { + "mount_path": "/var/lib/tikv", + "mount_propagation": null, + "name": "tikv", + "read_only": null, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/var/run/secrets/kubernetes.io/serviceaccount", + "mount_propagation": null, + "name": "kube-api-access-b2gzd", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + } + ], + "working_dir": null + }, + { + "args": null, + "command": [ + "/bin/sh", + "/usr/local/bin/tikv_start_script.sh" + ], + "env": [ + { + "name": "NAMESPACE", + "value": null, + "value_from": { + "config_map_key_ref": null, + "field_ref": { + "api_version": "v1", + "field_path": "metadata.namespace" + }, + "resource_field_ref": null, + "secret_key_ref": null + } + }, + { + "name": "CLUSTER_NAME", + "value": "test-cluster", + "value_from": null + }, + { + "name": "HEADLESS_SERVICE_NAME", + "value": "test-cluster-tikv-peer", + "value_from": null + }, + { + "name": "CAPACITY", + "value": "0", + "value_from": null + }, + { + "name": "TZ", + "value": "UTC", + "value_from": null + } + ], + "env_from": null, + "image": "pingcap/tikv:v5.4.0", + "image_pull_policy": "IfNotPresent", + "lifecycle": null, + "liveness_probe": null, + "name": "tikv", + "ports": [ + { + "container_port": 20160, + "host_ip": null, + "host_port": null, + "name": "server", + "protocol": "TCP" + } + ], + "readiness_probe": null, + "resources": { + "claims": null, + "limits": null, + "requests": null + }, + "security_context": { + "allow_privilege_escalation": null, + "capabilities": null, + "privileged": false, + "proc_mount": null, + "read_only_root_filesystem": null, + "run_as_group": null, + "run_as_non_root": null, + "run_as_user": null, + "se_linux_options": null, + "seccomp_profile": null, + "windows_options": null + }, + "startup_probe": null, + "stdin": null, + "stdin_once": null, + "termination_message_path": "/dev/termination-log", + "termination_message_policy": "File", + "tty": null, + "volume_devices": null, + "volume_mounts": [ + { + "mount_path": "/etc/podinfo", + "mount_propagation": null, + "name": "annotations", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/var/lib/tikv", + "mount_propagation": null, + "name": "tikv", + "read_only": null, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/etc/tikv", + "mount_propagation": null, + "name": "config", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/usr/local/bin", + "mount_propagation": null, + "name": "startup-script", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/var/run/secrets/kubernetes.io/serviceaccount", + "mount_propagation": null, + "name": "kube-api-access-b2gzd", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + } + ], + "working_dir": null + } + ], + "dns_config": null, + "dns_policy": "ClusterFirst", + "enable_service_links": true, + "ephemeral_containers": null, + "host_aliases": null, + "host_ipc": null, + "host_network": null, + "host_pid": null, + "host_users": null, + "hostname": "test-cluster-tikv-2", + "image_pull_secrets": null, + "init_containers": null, + "node_name": "acto-0-cluster-0-worker3", + "node_selector": null, + "os": null, + "overhead": null, + "preemption_policy": "PreemptLowerPriority", + "priority": 0, + "priority_class_name": null, + "readiness_gates": null, + "resource_claims": null, + "restart_policy": "Always", + "runtime_class_name": null, + "scheduler_name": "default-scheduler", + "scheduling_gates": null, + "security_context": { + "fs_group": null, + "fs_group_change_policy": null, + "run_as_group": null, + "run_as_non_root": null, + "run_as_user": null, + "se_linux_options": null, + "seccomp_profile": null, + "supplemental_groups": null, + "sysctls": null, + "windows_options": null + }, + "service_account": "default", + "service_account_name": "default", + "set_hostname_as_fqdn": null, + "share_process_namespace": null, + "subdomain": "test-cluster-tikv-peer", + "termination_grace_period_seconds": 30, + "tolerations": [ + { + "effect": "NoExecute", + "key": "node.kubernetes.io/not-ready", + "operator": "Exists", + "toleration_seconds": 300, + "value": null + }, + { + "effect": "NoExecute", + "key": "node.kubernetes.io/unreachable", + "operator": "Exists", + "toleration_seconds": 300, + "value": null + } + ], + "topology_spread_constraints": null, + "volumes": [ + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "tikv", + "nfs": null, + "persistent_volume_claim": { + "claim_name": "tikv-test-cluster-tikv-2", + "read_only": null + }, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": { + "default_mode": 420, + "items": [ + { + "field_ref": { + "api_version": "v1", + "field_path": "metadata.annotations" + }, + "mode": null, + "path": "annotations", + "resource_field_ref": null + } + ] + }, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "annotations", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": { + "default_mode": 420, + "items": [ + { + "key": "config-file", + "mode": null, + "path": "tikv.toml" + } + ], + "name": "test-cluster-tikv-3831336", + "optional": null + }, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "config", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": { + "default_mode": 420, + "items": [ + { + "key": "startup-script", + "mode": null, + "path": "tikv_start_script.sh" + } + ], + "name": "test-cluster-tikv-3831336", + "optional": null + }, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "startup-script", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "kube-api-access-b2gzd", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": { + "default_mode": 420, + "sources": [ + { + "config_map": null, + "downward_api": null, + "secret": null, + "service_account_token": { + "audience": null, + "expiration_seconds": 3607, + "path": "token" + } + }, + { + "config_map": { + "items": [ + { + "key": "ca.crt", + "mode": null, + "path": "ca.crt" + } + ], + "name": "kube-root-ca.crt", + "optional": null + }, + "downward_api": null, + "secret": null, + "service_account_token": null + }, + { + "config_map": null, + "downward_api": { + "items": [ + { + "field_ref": { + "api_version": "v1", + "field_path": "metadata.namespace" + }, + "mode": null, + "path": "namespace", + "resource_field_ref": null + } + ] + }, + "secret": null, + "service_account_token": null + } + ] + }, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + } + ] + }, + "status": { + "conditions": [ + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T01:20:25+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "Initialized" + }, + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T01:20:26+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "Ready" + }, + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T01:20:26+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "ContainersReady" + }, + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T01:20:25+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "PodScheduled" + } + ], + "container_statuses": [ + { + "container_id": "containerd://2be24527e2ca73029ada8ae9cba4260d770721b6b115118d852522a43906260e", + "image": "docker.io/library/busybox:1.34.1", + "image_id": "docker.io/library/import-2024-02-27@sha256:c4d04d75f4fed737c946055f12e8eae66b6272e59afc5c9ed865428d7c215dad", + "last_state": { + "running": null, + "terminated": null, + "waiting": null + }, + "name": "raftlog", + "ready": true, + "restart_count": 0, + "started": true, + "state": { + "running": { + "started_at": "2024-02-27T01:20:25+00:00" + }, + "terminated": null, + "waiting": null + } + }, + { + "container_id": "containerd://56d376cf937d44d43a9352cdab2a3c102609b651357f357c5062676a99d63dcd", + "image": "docker.io/pingcap/tikv:v5.4.0", + "image_id": "docker.io/library/import-2024-02-27@sha256:6a5cc1deaa123c842cd3537ed4e322ce7e9ab42b8f45ee1d59dd0a7520ca6acc", + "last_state": { + "running": null, + "terminated": null, + "waiting": null + }, + "name": "tikv", + "ready": true, + "restart_count": 0, + "started": true, + "state": { + "running": { + "started_at": "2024-02-27T01:20:26+00:00" + }, + "terminated": null, + "waiting": null + } + } + ], + "ephemeral_container_statuses": null, + "host_ip": "172.18.0.3", + "init_container_statuses": null, + "message": null, + "nominated_node_name": null, + "phase": "Running", + "pod_ip": "10.244.3.7", + "pod_i_ps": [ + { + "ip": "10.244.3.7" + } + ], + "qos_class": "BestEffort", + "reason": null, + "start_time": "2024-02-27T01:20:25+00:00" + } + } + }, + "deployment_pods": { + "test-cluster-discovery": [ + { + "api_version": null, + "kind": null, + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:19:59+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": "test-cluster-discovery-689d8466cb-", + "generation": null, + "labels": { + "app.kubernetes.io/component": "discovery", + "app.kubernetes.io/instance": "test-cluster", + "app.kubernetes.io/managed-by": "tidb-operator", + "app.kubernetes.io/name": "tidb-cluster", + "pod-template-hash": "689d8466cb", + "tidb.pingcap.com/cluster-id": "7340085439264123903" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:generateName": {}, + "f:labels": { + ".": {}, + "f:app.kubernetes.io/component": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {}, + "f:pod-template-hash": {} + }, + "f:ownerReferences": { + ".": {}, + "k:{\"uid\":\"a6ae946c-e641-488e-8d11-8f8a0e04bed1\"}": {} + } + }, + "f:spec": { + "f:containers": { + "k:{\"name\":\"discovery\"}": { + ".": {}, + "f:command": {}, + "f:env": { + ".": {}, + "k:{\"name\":\"MY_POD_NAMESPACE\"}": { + ".": {}, + "f:name": {}, + "f:valueFrom": { + ".": {}, + "f:fieldRef": {} + } + }, + "k:{\"name\":\"TC_NAME\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"TZ\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + } + }, + "f:image": {}, + "f:imagePullPolicy": {}, + "f:name": {}, + "f:ports": { + ".": {}, + "k:{\"containerPort\":10261,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + }, + "k:{\"containerPort\":10262,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + } + }, + "f:resources": {}, + "f:terminationMessagePath": {}, + "f:terminationMessagePolicy": {} + } + }, + "f:dnsPolicy": {}, + "f:enableServiceLinks": {}, + "f:restartPolicy": {}, + "f:schedulerName": {}, + "f:securityContext": {}, + "f:serviceAccount": {}, + "f:serviceAccountName": {}, + "f:terminationGracePeriodSeconds": {} + } + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:59+00:00" + }, + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:status": { + "f:conditions": { + "k:{\"type\":\"ContainersReady\"}": { + ".": {}, + "f:lastProbeTime": {}, + "f:lastTransitionTime": {}, + "f:status": {}, + "f:type": {} + }, + "k:{\"type\":\"Initialized\"}": { + ".": {}, + "f:lastProbeTime": {}, + "f:lastTransitionTime": {}, + "f:status": {}, + "f:type": {} + }, + "k:{\"type\":\"Ready\"}": { + ".": {}, + "f:lastProbeTime": {}, + "f:lastTransitionTime": {}, + "f:status": {}, + "f:type": {} + } + }, + "f:containerStatuses": {}, + "f:hostIP": {}, + "f:phase": {}, + "f:podIP": {}, + "f:podIPs": { + ".": {}, + "k:{\"ip\":\"10.244.2.3\"}": { + ".": {}, + "f:ip": {} + } + }, + "f:startTime": {} + } + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:01+00:00" + }, + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:labels": { + "f:tidb.pingcap.com/cluster-id": {} + } + } + }, + "manager": "tidb-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:55+00:00" + } + ], + "name": "test-cluster-discovery-689d8466cb-rkhsw", + "namespace": "acto-namespace", + "owner_references": [ + { + "api_version": "apps/v1", + "block_owner_deletion": true, + "controller": true, + "kind": "ReplicaSet", + "name": "test-cluster-discovery-689d8466cb", + "uid": "a6ae946c-e641-488e-8d11-8f8a0e04bed1" + } + ], + "resource_version": "1411", + "self_link": null, + "uid": "7d5c38de-d388-4f79-a1eb-dbfcb1333562" + }, + "spec": { + "active_deadline_seconds": null, + "affinity": null, + "automount_service_account_token": null, + "containers": [ + { + "args": null, + "command": [ + "/usr/local/bin/tidb-discovery" + ], + "env": [ + { + "name": "MY_POD_NAMESPACE", + "value": null, + "value_from": { + "config_map_key_ref": null, + "field_ref": { + "api_version": "v1", + "field_path": "metadata.namespace" + }, + "resource_field_ref": null, + "secret_key_ref": null + } + }, + { + "name": "TZ", + "value": "UTC", + "value_from": null + }, + { + "name": "TC_NAME", + "value": "test-cluster", + "value_from": null + } + ], + "env_from": null, + "image": "pingcap/tidb-operator:v1.3.2", + "image_pull_policy": "IfNotPresent", + "lifecycle": null, + "liveness_probe": null, + "name": "discovery", + "ports": [ + { + "container_port": 10261, + "host_ip": null, + "host_port": null, + "name": "discovery", + "protocol": "TCP" + }, + { + "container_port": 10262, + "host_ip": null, + "host_port": null, + "name": "proxy", + "protocol": "TCP" + } + ], + "readiness_probe": null, + "resources": { + "claims": null, + "limits": null, + "requests": null + }, + "security_context": null, + "startup_probe": null, + "stdin": null, + "stdin_once": null, + "termination_message_path": "/dev/termination-log", + "termination_message_policy": "File", + "tty": null, + "volume_devices": null, + "volume_mounts": [ + { + "mount_path": "/var/run/secrets/kubernetes.io/serviceaccount", + "mount_propagation": null, + "name": "kube-api-access-kvn5p", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + } + ], + "working_dir": null + } + ], + "dns_config": null, + "dns_policy": "ClusterFirst", + "enable_service_links": true, + "ephemeral_containers": null, + "host_aliases": null, + "host_ipc": null, + "host_network": null, + "host_pid": null, + "host_users": null, + "hostname": null, + "image_pull_secrets": null, + "init_containers": null, + "node_name": "acto-0-cluster-0-worker2", + "node_selector": null, + "os": null, + "overhead": null, + "preemption_policy": "PreemptLowerPriority", + "priority": 0, + "priority_class_name": null, + "readiness_gates": null, + "resource_claims": null, + "restart_policy": "Always", + "runtime_class_name": null, + "scheduler_name": "default-scheduler", + "scheduling_gates": null, + "security_context": { + "fs_group": null, + "fs_group_change_policy": null, + "run_as_group": null, + "run_as_non_root": null, + "run_as_user": null, + "se_linux_options": null, + "seccomp_profile": null, + "supplemental_groups": null, + "sysctls": null, + "windows_options": null + }, + "service_account": "test-cluster-discovery", + "service_account_name": "test-cluster-discovery", + "set_hostname_as_fqdn": null, + "share_process_namespace": null, + "subdomain": null, + "termination_grace_period_seconds": 30, + "tolerations": [ + { + "effect": "NoExecute", + "key": "node.kubernetes.io/not-ready", + "operator": "Exists", + "toleration_seconds": 300, + "value": null + }, + { + "effect": "NoExecute", + "key": "node.kubernetes.io/unreachable", + "operator": "Exists", + "toleration_seconds": 300, + "value": null + } + ], + "topology_spread_constraints": null, + "volumes": [ + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "kube-api-access-kvn5p", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": { + "default_mode": 420, + "sources": [ + { + "config_map": null, + "downward_api": null, + "secret": null, + "service_account_token": { + "audience": null, + "expiration_seconds": 3607, + "path": "token" + } + }, + { + "config_map": { + "items": [ + { + "key": "ca.crt", + "mode": null, + "path": "ca.crt" + } + ], + "name": "kube-root-ca.crt", + "optional": null + }, + "downward_api": null, + "secret": null, + "service_account_token": null + }, + { + "config_map": null, + "downward_api": { + "items": [ + { + "field_ref": { + "api_version": "v1", + "field_path": "metadata.namespace" + }, + "mode": null, + "path": "namespace", + "resource_field_ref": null + } + ] + }, + "secret": null, + "service_account_token": null + } + ] + }, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + } + ] + }, + "status": { + "conditions": [ + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T01:19:59+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "Initialized" + }, + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T01:20:01+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "Ready" + }, + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T01:20:01+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "ContainersReady" + }, + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T01:19:59+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "PodScheduled" + } + ], + "container_statuses": [ + { + "container_id": "containerd://28e3a899abba97d805ee331d8c6d6c446d517b15a8803a799a37537f194899b1", + "image": "docker.io/pingcap/tidb-operator:v1.3.2", + "image_id": "docker.io/library/import-2024-02-27@sha256:c76b0aaafb25be29b2618f334a63ffbc5be84d1ddc1660eb0c9e1aa43854b9bc", + "last_state": { + "running": null, + "terminated": null, + "waiting": null + }, + "name": "discovery", + "ready": true, + "restart_count": 0, + "started": true, + "state": { + "running": { + "started_at": "2024-02-27T01:20:00+00:00" + }, + "terminated": null, + "waiting": null + } + } + ], + "ephemeral_container_statuses": null, + "host_ip": "172.18.0.5", + "init_container_statuses": null, + "message": null, + "nominated_node_name": null, + "phase": "Running", + "pod_ip": "10.244.2.3", + "pod_i_ps": [ + { + "ip": "10.244.2.3" + } + ], + "qos_class": "BestEffort", + "reason": null, + "start_time": "2024-02-27T01:19:59+00:00" + } + } + ], + "tidb-controller-manager": [ + { + "api_version": null, + "kind": null, + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:19:34+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": "tidb-controller-manager-7b6bdb846c-", + "generation": null, + "labels": { + "acto/tag": "operator-pod", + "app.kubernetes.io/component": "controller-manager", + "app.kubernetes.io/instance": "acto-test-operator", + "app.kubernetes.io/name": "tidb-operator", + "pod-template-hash": "7b6bdb846c" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:generateName": {}, + "f:labels": { + ".": {}, + "f:acto/tag": {}, + "f:app.kubernetes.io/component": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/name": {}, + "f:pod-template-hash": {} + }, + "f:ownerReferences": { + ".": {}, + "k:{\"uid\":\"bb205349-db16-4be3-a580-837c95106a43\"}": {} + } + }, + "f:spec": { + "f:containers": { + "k:{\"name\":\"tidb-operator\"}": { + ".": {}, + "f:command": {}, + "f:env": { + ".": {}, + "k:{\"name\":\"NAMESPACE\"}": { + ".": {}, + "f:name": {}, + "f:valueFrom": { + ".": {}, + "f:fieldRef": {} + } + }, + "k:{\"name\":\"TZ\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + } + }, + "f:image": {}, + "f:imagePullPolicy": {}, + "f:livenessProbe": { + ".": {}, + "f:failureThreshold": {}, + "f:initialDelaySeconds": {}, + "f:periodSeconds": {}, + "f:successThreshold": {}, + "f:tcpSocket": { + ".": {}, + "f:port": {} + }, + "f:timeoutSeconds": {} + }, + "f:name": {}, + "f:resources": { + ".": {}, + "f:requests": { + ".": {}, + "f:cpu": {}, + "f:memory": {} + } + }, + "f:terminationMessagePath": {}, + "f:terminationMessagePolicy": {} + } + }, + "f:dnsPolicy": {}, + "f:enableServiceLinks": {}, + "f:restartPolicy": {}, + "f:schedulerName": {}, + "f:securityContext": {}, + "f:serviceAccount": {}, + "f:serviceAccountName": {}, + "f:terminationGracePeriodSeconds": {} + } + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:34+00:00" + }, + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:status": { + "f:conditions": { + "k:{\"type\":\"ContainersReady\"}": { + ".": {}, + "f:lastProbeTime": {}, + "f:lastTransitionTime": {}, + "f:status": {}, + "f:type": {} + }, + "k:{\"type\":\"Initialized\"}": { + ".": {}, + "f:lastProbeTime": {}, + "f:lastTransitionTime": {}, + "f:status": {}, + "f:type": {} + }, + "k:{\"type\":\"Ready\"}": { + ".": {}, + "f:lastProbeTime": {}, + "f:lastTransitionTime": {}, + "f:status": {}, + "f:type": {} + } + }, + "f:containerStatuses": {}, + "f:hostIP": {}, + "f:phase": {}, + "f:podIP": {}, + "f:podIPs": { + ".": {}, + "k:{\"ip\":\"10.244.1.2\"}": { + ".": {}, + "f:ip": {} + } + }, + "f:startTime": {} + } + }, + "manager": "kubelet", + "operation": "Update", + "subresource": "status", + "time": "2024-02-27T01:19:35+00:00" + } + ], + "name": "tidb-controller-manager-7b6bdb846c-75s8q", + "namespace": "acto-namespace", + "owner_references": [ + { + "api_version": "apps/v1", + "block_owner_deletion": true, + "controller": true, + "kind": "ReplicaSet", + "name": "tidb-controller-manager-7b6bdb846c", + "uid": "bb205349-db16-4be3-a580-837c95106a43" + } + ], + "resource_version": "772", + "self_link": null, + "uid": "b93e5400-95b9-4849-81cd-5e05969d0494" + }, + "spec": { + "active_deadline_seconds": null, + "affinity": null, + "automount_service_account_token": null, + "containers": [ + { + "args": null, + "command": [ + "/usr/local/bin/tidb-controller-manager", + "-tidb-backup-manager-image=pingcap/tidb-backup-manager:v1.3.2", + "-tidb-discovery-image=pingcap/tidb-operator:v1.3.2", + "-cluster-scoped=true", + "-cluster-permission-node=true", + "-cluster-permission-pv=true", + "-cluster-permission-sc=true", + "-auto-failover=true", + "-pd-failover-period=5m", + "-tikv-failover-period=5m", + "-tiflash-failover-period=5m", + "-tidb-failover-period=5m", + "-dm-master-failover-period=5m", + "-dm-worker-failover-period=5m", + "-v=2" + ], + "env": [ + { + "name": "NAMESPACE", + "value": null, + "value_from": { + "config_map_key_ref": null, + "field_ref": { + "api_version": "v1", + "field_path": "metadata.namespace" + }, + "resource_field_ref": null, + "secret_key_ref": null + } + }, + { + "name": "TZ", + "value": "UTC", + "value_from": null + } + ], + "env_from": null, + "image": "pingcap/tidb-operator:v1.3.2", + "image_pull_policy": "IfNotPresent", + "lifecycle": null, + "liveness_probe": { + "_exec": null, + "failure_threshold": 10, + "grpc": null, + "http_get": null, + "initial_delay_seconds": 30, + "period_seconds": 10, + "success_threshold": 1, + "tcp_socket": { + "host": null, + "port": 6060 + }, + "termination_grace_period_seconds": null, + "timeout_seconds": 1 + }, + "name": "tidb-operator", + "ports": null, + "readiness_probe": null, + "resources": { + "claims": null, + "limits": null, + "requests": { + "cpu": "80m", + "memory": "50Mi" + } + }, + "security_context": null, + "startup_probe": null, + "stdin": null, + "stdin_once": null, + "termination_message_path": "/dev/termination-log", + "termination_message_policy": "File", + "tty": null, + "volume_devices": null, + "volume_mounts": [ + { + "mount_path": "/var/run/secrets/kubernetes.io/serviceaccount", + "mount_propagation": null, + "name": "kube-api-access-cwpt2", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + } + ], + "working_dir": null + } + ], + "dns_config": null, + "dns_policy": "ClusterFirst", + "enable_service_links": true, + "ephemeral_containers": null, + "host_aliases": null, + "host_ipc": null, + "host_network": null, + "host_pid": null, + "host_users": null, + "hostname": null, + "image_pull_secrets": null, + "init_containers": null, + "node_name": "acto-0-cluster-0-worker", + "node_selector": null, + "os": null, + "overhead": null, + "preemption_policy": "PreemptLowerPriority", + "priority": 0, + "priority_class_name": null, + "readiness_gates": null, + "resource_claims": null, + "restart_policy": "Always", + "runtime_class_name": null, + "scheduler_name": "default-scheduler", + "scheduling_gates": null, + "security_context": { + "fs_group": null, + "fs_group_change_policy": null, + "run_as_group": null, + "run_as_non_root": null, + "run_as_user": null, + "se_linux_options": null, + "seccomp_profile": null, + "supplemental_groups": null, + "sysctls": null, + "windows_options": null + }, + "service_account": "tidb-controller-manager", + "service_account_name": "tidb-controller-manager", + "set_hostname_as_fqdn": null, + "share_process_namespace": null, + "subdomain": null, + "termination_grace_period_seconds": 30, + "tolerations": [ + { + "effect": "NoExecute", + "key": "node.kubernetes.io/not-ready", + "operator": "Exists", + "toleration_seconds": 300, + "value": null + }, + { + "effect": "NoExecute", + "key": "node.kubernetes.io/unreachable", + "operator": "Exists", + "toleration_seconds": 300, + "value": null + } + ], + "topology_spread_constraints": null, + "volumes": [ + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "kube-api-access-cwpt2", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": { + "default_mode": 420, + "sources": [ + { + "config_map": null, + "downward_api": null, + "secret": null, + "service_account_token": { + "audience": null, + "expiration_seconds": 3607, + "path": "token" + } + }, + { + "config_map": { + "items": [ + { + "key": "ca.crt", + "mode": null, + "path": "ca.crt" + } + ], + "name": "kube-root-ca.crt", + "optional": null + }, + "downward_api": null, + "secret": null, + "service_account_token": null + }, + { + "config_map": null, + "downward_api": { + "items": [ + { + "field_ref": { + "api_version": "v1", + "field_path": "metadata.namespace" + }, + "mode": null, + "path": "namespace", + "resource_field_ref": null + } + ] + }, + "secret": null, + "service_account_token": null + } + ] + }, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + } + ] + }, + "status": { + "conditions": [ + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T01:19:34+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "Initialized" + }, + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T01:19:35+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "Ready" + }, + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T01:19:35+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "ContainersReady" + }, + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T01:19:34+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "PodScheduled" + } + ], + "container_statuses": [ + { + "container_id": "containerd://caea90884ede486bbd27d844516f0cc0e2902939d2af7a26eb8e979f7a95f801", + "image": "docker.io/pingcap/tidb-operator:v1.3.2", + "image_id": "docker.io/library/import-2024-02-27@sha256:c76b0aaafb25be29b2618f334a63ffbc5be84d1ddc1660eb0c9e1aa43854b9bc", + "last_state": { + "running": null, + "terminated": null, + "waiting": null + }, + "name": "tidb-operator", + "ready": true, + "restart_count": 0, + "started": true, + "state": { + "running": { + "started_at": "2024-02-27T01:19:34+00:00" + }, + "terminated": null, + "waiting": null + } + } + ], + "ephemeral_container_statuses": null, + "host_ip": "172.18.0.2", + "init_container_statuses": null, + "message": null, + "nominated_node_name": null, + "phase": "Running", + "pod_ip": "10.244.1.2", + "pod_i_ps": [ + { + "ip": "10.244.1.2" + } + ], + "qos_class": "Burstable", + "reason": null, + "start_time": "2024-02-27T01:19:34+00:00" + } + } + ], + "tidb-scheduler": [ + { + "api_version": null, + "kind": null, + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:19:34+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": "tidb-scheduler-77874455fc-", + "generation": null, + "labels": { + "acto/tag": "operator-pod", + "app.kubernetes.io/component": "scheduler", + "app.kubernetes.io/instance": "acto-test-operator", + "app.kubernetes.io/name": "tidb-operator", + "pod-template-hash": "77874455fc" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:generateName": {}, + "f:labels": { + ".": {}, + "f:acto/tag": {}, + "f:app.kubernetes.io/component": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/name": {}, + "f:pod-template-hash": {} + }, + "f:ownerReferences": { + ".": {}, + "k:{\"uid\":\"c9b2667a-583a-46ba-9e81-967fa44bd897\"}": {} + } + }, + "f:spec": { + "f:containers": { + "k:{\"name\":\"kube-scheduler\"}": { + ".": {}, + "f:command": {}, + "f:image": {}, + "f:imagePullPolicy": {}, + "f:name": {}, + "f:resources": { + ".": {}, + "f:limits": { + ".": {}, + "f:cpu": {}, + "f:memory": {} + }, + "f:requests": { + ".": {}, + "f:cpu": {}, + "f:memory": {} + } + }, + "f:terminationMessagePath": {}, + "f:terminationMessagePolicy": {}, + "f:volumeMounts": { + ".": {}, + "k:{\"mountPath\":\"/etc/kubernetes\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {} + } + } + }, + "k:{\"name\":\"tidb-scheduler\"}": { + ".": {}, + "f:command": {}, + "f:image": {}, + "f:imagePullPolicy": {}, + "f:name": {}, + "f:resources": { + ".": {}, + "f:limits": { + ".": {}, + "f:cpu": {}, + "f:memory": {} + }, + "f:requests": { + ".": {}, + "f:cpu": {}, + "f:memory": {} + } + }, + "f:terminationMessagePath": {}, + "f:terminationMessagePolicy": {} + } + }, + "f:dnsPolicy": {}, + "f:enableServiceLinks": {}, + "f:restartPolicy": {}, + "f:schedulerName": {}, + "f:securityContext": {}, + "f:serviceAccount": {}, + "f:serviceAccountName": {}, + "f:terminationGracePeriodSeconds": {}, + "f:volumes": { + ".": {}, + "k:{\"name\":\"scheduler-config\"}": { + ".": {}, + "f:configMap": { + ".": {}, + "f:defaultMode": {}, + "f:name": {} + }, + "f:name": {} + } + } + } + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:34+00:00" + }, + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:status": { + "f:conditions": { + "k:{\"type\":\"ContainersReady\"}": { + ".": {}, + "f:lastProbeTime": {}, + "f:lastTransitionTime": {}, + "f:status": {}, + "f:type": {} + }, + "k:{\"type\":\"Initialized\"}": { + ".": {}, + "f:lastProbeTime": {}, + "f:lastTransitionTime": {}, + "f:status": {}, + "f:type": {} + }, + "k:{\"type\":\"Ready\"}": { + ".": {}, + "f:lastProbeTime": {}, + "f:lastTransitionTime": {}, + "f:status": {}, + "f:type": {} + } + }, + "f:containerStatuses": {}, + "f:hostIP": {}, + "f:phase": {}, + "f:podIP": {}, + "f:podIPs": { + ".": {}, + "k:{\"ip\":\"10.244.3.3\"}": { + ".": {}, + "f:ip": {} + } + }, + "f:startTime": {} + } + }, + "manager": "kubelet", + "operation": "Update", + "subresource": "status", + "time": "2024-02-27T01:19:37+00:00" + } + ], + "name": "tidb-scheduler-77874455fc-dxfhz", + "namespace": "acto-namespace", + "owner_references": [ + { + "api_version": "apps/v1", + "block_owner_deletion": true, + "controller": true, + "kind": "ReplicaSet", + "name": "tidb-scheduler-77874455fc", + "uid": "c9b2667a-583a-46ba-9e81-967fa44bd897" + } + ], + "resource_version": "792", + "self_link": null, + "uid": "b5ef8809-da58-498b-8b27-4d7f2c32a074" + }, + "spec": { + "active_deadline_seconds": null, + "affinity": null, + "automount_service_account_token": null, + "containers": [ + { + "args": null, + "command": [ + "/usr/local/bin/tidb-scheduler", + "-v=2", + "-port=10262" + ], + "env": null, + "env_from": null, + "image": "pingcap/tidb-operator:v1.3.2", + "image_pull_policy": "IfNotPresent", + "lifecycle": null, + "liveness_probe": null, + "name": "tidb-scheduler", + "ports": null, + "readiness_probe": null, + "resources": { + "claims": null, + "limits": { + "cpu": "250m", + "memory": "150Mi" + }, + "requests": { + "cpu": "80m", + "memory": "50Mi" + } + }, + "security_context": null, + "startup_probe": null, + "stdin": null, + "stdin_once": null, + "termination_message_path": "/dev/termination-log", + "termination_message_policy": "File", + "tty": null, + "volume_devices": null, + "volume_mounts": [ + { + "mount_path": "/var/run/secrets/kubernetes.io/serviceaccount", + "mount_propagation": null, + "name": "kube-api-access-8nw56", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + } + ], + "working_dir": null + }, + { + "args": null, + "command": [ + "kube-scheduler", + "--v=2", + "--config=/etc/kubernetes/scheduler-config.yaml" + ], + "env": null, + "env_from": null, + "image": "k8s.gcr.io/kube-scheduler:v1.22.9", + "image_pull_policy": "IfNotPresent", + "lifecycle": null, + "liveness_probe": null, + "name": "kube-scheduler", + "ports": null, + "readiness_probe": null, + "resources": { + "claims": null, + "limits": { + "cpu": "250m", + "memory": "150Mi" + }, + "requests": { + "cpu": "80m", + "memory": "50Mi" + } + }, + "security_context": null, + "startup_probe": null, + "stdin": null, + "stdin_once": null, + "termination_message_path": "/dev/termination-log", + "termination_message_policy": "File", + "tty": null, + "volume_devices": null, + "volume_mounts": [ + { + "mount_path": "/etc/kubernetes", + "mount_propagation": null, + "name": "scheduler-config", + "read_only": null, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/var/run/secrets/kubernetes.io/serviceaccount", + "mount_propagation": null, + "name": "kube-api-access-8nw56", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + } + ], + "working_dir": null + } + ], + "dns_config": null, + "dns_policy": "ClusterFirst", + "enable_service_links": true, + "ephemeral_containers": null, + "host_aliases": null, + "host_ipc": null, + "host_network": null, + "host_pid": null, + "host_users": null, + "hostname": null, + "image_pull_secrets": null, + "init_containers": null, + "node_name": "acto-0-cluster-0-worker3", + "node_selector": null, + "os": null, + "overhead": null, + "preemption_policy": "PreemptLowerPriority", + "priority": 0, + "priority_class_name": null, + "readiness_gates": null, + "resource_claims": null, + "restart_policy": "Always", + "runtime_class_name": null, + "scheduler_name": "default-scheduler", + "scheduling_gates": null, + "security_context": { + "fs_group": null, + "fs_group_change_policy": null, + "run_as_group": null, + "run_as_non_root": null, + "run_as_user": null, + "se_linux_options": null, + "seccomp_profile": null, + "supplemental_groups": null, + "sysctls": null, + "windows_options": null + }, + "service_account": "tidb-scheduler", + "service_account_name": "tidb-scheduler", + "set_hostname_as_fqdn": null, + "share_process_namespace": null, + "subdomain": null, + "termination_grace_period_seconds": 30, + "tolerations": [ + { + "effect": "NoExecute", + "key": "node.kubernetes.io/not-ready", + "operator": "Exists", + "toleration_seconds": 300, + "value": null + }, + { + "effect": "NoExecute", + "key": "node.kubernetes.io/unreachable", + "operator": "Exists", + "toleration_seconds": 300, + "value": null + } + ], + "topology_spread_constraints": null, + "volumes": [ + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": { + "default_mode": 420, + "items": null, + "name": "tidb-scheduler-config", + "optional": null + }, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "scheduler-config", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "kube-api-access-8nw56", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": { + "default_mode": 420, + "sources": [ + { + "config_map": null, + "downward_api": null, + "secret": null, + "service_account_token": { + "audience": null, + "expiration_seconds": 3607, + "path": "token" + } + }, + { + "config_map": { + "items": [ + { + "key": "ca.crt", + "mode": null, + "path": "ca.crt" + } + ], + "name": "kube-root-ca.crt", + "optional": null + }, + "downward_api": null, + "secret": null, + "service_account_token": null + }, + { + "config_map": null, + "downward_api": { + "items": [ + { + "field_ref": { + "api_version": "v1", + "field_path": "metadata.namespace" + }, + "mode": null, + "path": "namespace", + "resource_field_ref": null + } + ] + }, + "secret": null, + "service_account_token": null + } + ] + }, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + } + ] + }, + "status": { + "conditions": [ + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T01:19:34+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "Initialized" + }, + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T01:19:37+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "Ready" + }, + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T01:19:37+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "ContainersReady" + }, + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T01:19:34+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "PodScheduled" + } + ], + "container_statuses": [ + { + "container_id": "containerd://f2223ddc3676158fe84acccc0915ced286e7cbdff99b443ff4b154774a88a874", + "image": "k8s.gcr.io/kube-scheduler:v1.22.9", + "image_id": "k8s.gcr.io/kube-scheduler@sha256:9748f115f11151a0e5ffda770f696bef46371b819a84b95e77bbfc7843b64404", + "last_state": { + "running": null, + "terminated": null, + "waiting": null + }, + "name": "kube-scheduler", + "ready": true, + "restart_count": 0, + "started": true, + "state": { + "running": { + "started_at": "2024-02-27T01:19:36+00:00" + }, + "terminated": null, + "waiting": null + } + }, + { + "container_id": "containerd://d8f8fb1a875d8c68c580f21b9aab9d182a3f31657b2bb3ef878c85ac42128d55", + "image": "docker.io/pingcap/tidb-operator:v1.3.2", + "image_id": "docker.io/library/import-2024-02-27@sha256:c76b0aaafb25be29b2618f334a63ffbc5be84d1ddc1660eb0c9e1aa43854b9bc", + "last_state": { + "running": null, + "terminated": null, + "waiting": null + }, + "name": "tidb-scheduler", + "ready": true, + "restart_count": 0, + "started": true, + "state": { + "running": { + "started_at": "2024-02-27T01:19:34+00:00" + }, + "terminated": null, + "waiting": null + } + } + ], + "ephemeral_container_statuses": null, + "host_ip": "172.18.0.3", + "init_container_statuses": null, + "message": null, + "nominated_node_name": null, + "phase": "Running", + "pod_ip": "10.244.3.3", + "pod_i_ps": [ + { + "ip": "10.244.3.3" + } + ], + "qos_class": "Burstable", + "reason": null, + "start_time": "2024-02-27T01:19:34+00:00" + } + } + ] + }, + "daemonset_pods": {}, + "stateful_set": { + "test-cluster-pd": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": { + "pingcap.com/last-applied-configuration": "{\"replicas\":3,\"selector\":{\"matchLabels\":{\"app.kubernetes.io/component\":\"pd\",\"app.kubernetes.io/instance\":\"test-cluster\",\"app.kubernetes.io/managed-by\":\"tidb-operator\",\"app.kubernetes.io/name\":\"tidb-cluster\"}},\"template\":{\"metadata\":{\"creationTimestamp\":null,\"labels\":{\"app.kubernetes.io/component\":\"pd\",\"app.kubernetes.io/instance\":\"test-cluster\",\"app.kubernetes.io/managed-by\":\"tidb-operator\",\"app.kubernetes.io/name\":\"tidb-cluster\"},\"annotations\":{\"prometheus.io/path\":\"/metrics\",\"prometheus.io/port\":\"2379\",\"prometheus.io/scrape\":\"true\"}},\"spec\":{\"volumes\":[{\"name\":\"annotations\",\"downwardAPI\":{\"items\":[{\"path\":\"annotations\",\"fieldRef\":{\"fieldPath\":\"metadata.annotations\"}}]}},{\"name\":\"config\",\"configMap\":{\"name\":\"test-cluster-pd-3731616\",\"items\":[{\"key\":\"config-file\",\"path\":\"pd.toml\"}]}},{\"name\":\"startup-script\",\"configMap\":{\"name\":\"test-cluster-pd-3731616\",\"items\":[{\"key\":\"startup-script\",\"path\":\"pd_start_script.sh\"}]}}],\"containers\":[{\"name\":\"pd\",\"image\":\"pingcap/pd:v5.4.0\",\"command\":[\"/bin/sh\",\"/usr/local/bin/pd_start_script.sh\"],\"ports\":[{\"name\":\"server\",\"containerPort\":2380,\"protocol\":\"TCP\"},{\"name\":\"client\",\"containerPort\":2379,\"protocol\":\"TCP\"}],\"env\":[{\"name\":\"NAMESPACE\",\"valueFrom\":{\"fieldRef\":{\"fieldPath\":\"metadata.namespace\"}}},{\"name\":\"PEER_SERVICE_NAME\",\"value\":\"test-cluster-pd-peer\"},{\"name\":\"SERVICE_NAME\",\"value\":\"test-cluster-pd\"},{\"name\":\"SET_NAME\",\"value\":\"test-cluster-pd\"},{\"name\":\"TZ\",\"value\":\"UTC\"}],\"resources\":{},\"volumeMounts\":[{\"name\":\"annotations\",\"readOnly\":true,\"mountPath\":\"/etc/podinfo\"},{\"name\":\"config\",\"readOnly\":true,\"mountPath\":\"/etc/pd\"},{\"name\":\"startup-script\",\"readOnly\":true,\"mountPath\":\"/usr/local/bin\"},{\"name\":\"pd\",\"mountPath\":\"/var/lib/pd\"}],\"imagePullPolicy\":\"IfNotPresent\"}],\"restartPolicy\":\"Always\",\"dnsPolicy\":\"ClusterFirst\"}},\"volumeClaimTemplates\":[{\"metadata\":{\"name\":\"pd\",\"creationTimestamp\":null},\"spec\":{\"accessModes\":[\"ReadWriteOnce\"],\"resources\":{\"requests\":{\"storage\":\"10Gi\"}}},\"status\":{}}],\"serviceName\":\"test-cluster-pd-peer\",\"podManagementPolicy\":\"Parallel\",\"updateStrategy\":{\"type\":\"RollingUpdate\",\"rollingUpdate\":{\"partition\":3}}}" + }, + "creation_timestamp": "2024-02-27T01:19:59+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": 1, + "labels": { + "app.kubernetes.io/component": "pd", + "app.kubernetes.io/instance": "test-cluster", + "app.kubernetes.io/managed-by": "tidb-operator", + "app.kubernetes.io/name": "tidb-cluster" + }, + "managed_fields": [ + { + "api_version": "apps/v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + ".": {}, + "f:pingcap.com/last-applied-configuration": {} + }, + "f:labels": { + ".": {}, + "f:app.kubernetes.io/component": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {} + }, + "f:ownerReferences": { + ".": {}, + "k:{\"uid\":\"eff6561e-bf0d-471c-99a1-71f35603bc87\"}": {} + } + }, + "f:spec": { + "f:persistentVolumeClaimRetentionPolicy": { + ".": {}, + "f:whenDeleted": {}, + "f:whenScaled": {} + }, + "f:podManagementPolicy": {}, + "f:replicas": {}, + "f:revisionHistoryLimit": {}, + "f:selector": {}, + "f:serviceName": {}, + "f:template": { + "f:metadata": { + "f:annotations": { + ".": {}, + "f:prometheus.io/path": {}, + "f:prometheus.io/port": {}, + "f:prometheus.io/scrape": {} + }, + "f:labels": { + ".": {}, + "f:app.kubernetes.io/component": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {} + } + }, + "f:spec": { + "f:containers": { + "k:{\"name\":\"pd\"}": { + ".": {}, + "f:command": {}, + "f:env": { + ".": {}, + "k:{\"name\":\"NAMESPACE\"}": { + ".": {}, + "f:name": {}, + "f:valueFrom": { + ".": {}, + "f:fieldRef": {} + } + }, + "k:{\"name\":\"PEER_SERVICE_NAME\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"SERVICE_NAME\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"SET_NAME\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"TZ\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + } + }, + "f:image": {}, + "f:imagePullPolicy": {}, + "f:name": {}, + "f:ports": { + ".": {}, + "k:{\"containerPort\":2379,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + }, + "k:{\"containerPort\":2380,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + } + }, + "f:resources": {}, + "f:terminationMessagePath": {}, + "f:terminationMessagePolicy": {}, + "f:volumeMounts": { + ".": {}, + "k:{\"mountPath\":\"/etc/pd\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {}, + "f:readOnly": {} + }, + "k:{\"mountPath\":\"/etc/podinfo\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {}, + "f:readOnly": {} + }, + "k:{\"mountPath\":\"/usr/local/bin\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {}, + "f:readOnly": {} + }, + "k:{\"mountPath\":\"/var/lib/pd\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {} + } + } + } + }, + "f:dnsPolicy": {}, + "f:restartPolicy": {}, + "f:schedulerName": {}, + "f:securityContext": {}, + "f:terminationGracePeriodSeconds": {}, + "f:volumes": { + ".": {}, + "k:{\"name\":\"annotations\"}": { + ".": {}, + "f:downwardAPI": { + ".": {}, + "f:defaultMode": {}, + "f:items": {} + }, + "f:name": {} + }, + "k:{\"name\":\"config\"}": { + ".": {}, + "f:configMap": { + ".": {}, + "f:defaultMode": {}, + "f:items": {}, + "f:name": {} + }, + "f:name": {} + }, + "k:{\"name\":\"startup-script\"}": { + ".": {}, + "f:configMap": { + ".": {}, + "f:defaultMode": {}, + "f:items": {}, + "f:name": {} + }, + "f:name": {} + } + } + } + }, + "f:updateStrategy": { + "f:rollingUpdate": { + ".": {}, + "f:partition": {} + }, + "f:type": {} + }, + "f:volumeClaimTemplates": {} + } + }, + "manager": "tidb-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:59+00:00" + }, + { + "api_version": "apps/v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:status": { + "f:availableReplicas": {}, + "f:collisionCount": {}, + "f:currentReplicas": {}, + "f:currentRevision": {}, + "f:observedGeneration": {}, + "f:readyReplicas": {}, + "f:replicas": {}, + "f:updateRevision": {}, + "f:updatedReplicas": {} + } + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": "status", + "time": "2024-02-27T01:20:26+00:00" + } + ], + "name": "test-cluster-pd", + "namespace": "acto-namespace", + "owner_references": [ + { + "api_version": "pingcap.com/v1alpha1", + "block_owner_deletion": true, + "controller": true, + "kind": "TidbCluster", + "name": "test-cluster", + "uid": "eff6561e-bf0d-471c-99a1-71f35603bc87" + } + ], + "resource_version": "1238", + "self_link": null, + "uid": "88522170-1faf-4a03-8d4e-f4f6a40c72a7" + }, + "spec": { + "min_ready_seconds": null, + "ordinals": null, + "persistent_volume_claim_retention_policy": { + "when_deleted": "Retain", + "when_scaled": "Retain" + }, + "pod_management_policy": "Parallel", + "replicas": 3, + "revision_history_limit": 10, + "selector": { + "match_expressions": null, + "match_labels": { + "app.kubernetes.io/component": "pd", + "app.kubernetes.io/instance": "test-cluster", + "app.kubernetes.io/managed-by": "tidb-operator", + "app.kubernetes.io/name": "tidb-cluster" + } + }, + "service_name": "test-cluster-pd-peer", + "template": { + "metadata": { + "annotations": { + "prometheus.io/path": "/metrics", + "prometheus.io/port": "2379", + "prometheus.io/scrape": "true" + }, + "creation_timestamp": null, + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": { + "app.kubernetes.io/component": "pd", + "app.kubernetes.io/instance": "test-cluster", + "app.kubernetes.io/managed-by": "tidb-operator", + "app.kubernetes.io/name": "tidb-cluster" + }, + "managed_fields": null, + "name": null, + "namespace": null, + "owner_references": null, + "resource_version": null, + "self_link": null, + "uid": null + }, + "spec": { + "active_deadline_seconds": null, + "affinity": null, + "automount_service_account_token": null, + "containers": [ + { + "args": null, + "command": [ + "/bin/sh", + "/usr/local/bin/pd_start_script.sh" + ], + "env": [ + { + "name": "NAMESPACE", + "value": null, + "value_from": { + "config_map_key_ref": null, + "field_ref": { + "api_version": "v1", + "field_path": "metadata.namespace" + }, + "resource_field_ref": null, + "secret_key_ref": null + } + }, + { + "name": "PEER_SERVICE_NAME", + "value": "test-cluster-pd-peer", + "value_from": null + }, + { + "name": "SERVICE_NAME", + "value": "test-cluster-pd", + "value_from": null + }, + { + "name": "SET_NAME", + "value": "test-cluster-pd", + "value_from": null + }, + { + "name": "TZ", + "value": "UTC", + "value_from": null + } + ], + "env_from": null, + "image": "pingcap/pd:v5.4.0", + "image_pull_policy": "IfNotPresent", + "lifecycle": null, + "liveness_probe": null, + "name": "pd", + "ports": [ + { + "container_port": 2380, + "host_ip": null, + "host_port": null, + "name": "server", + "protocol": "TCP" + }, + { + "container_port": 2379, + "host_ip": null, + "host_port": null, + "name": "client", + "protocol": "TCP" + } + ], + "readiness_probe": null, + "resources": { + "claims": null, + "limits": null, + "requests": null + }, + "security_context": null, + "startup_probe": null, + "stdin": null, + "stdin_once": null, + "termination_message_path": "/dev/termination-log", + "termination_message_policy": "File", + "tty": null, + "volume_devices": null, + "volume_mounts": [ + { + "mount_path": "/etc/podinfo", + "mount_propagation": null, + "name": "annotations", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/etc/pd", + "mount_propagation": null, + "name": "config", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/usr/local/bin", + "mount_propagation": null, + "name": "startup-script", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/var/lib/pd", + "mount_propagation": null, + "name": "pd", + "read_only": null, + "sub_path": null, + "sub_path_expr": null + } + ], + "working_dir": null + } + ], + "dns_config": null, + "dns_policy": "ClusterFirst", + "enable_service_links": null, + "ephemeral_containers": null, + "host_aliases": null, + "host_ipc": null, + "host_network": null, + "host_pid": null, + "host_users": null, + "hostname": null, + "image_pull_secrets": null, + "init_containers": null, + "node_name": null, + "node_selector": null, + "os": null, + "overhead": null, + "preemption_policy": null, + "priority": null, + "priority_class_name": null, + "readiness_gates": null, + "resource_claims": null, + "restart_policy": "Always", + "runtime_class_name": null, + "scheduler_name": "default-scheduler", + "scheduling_gates": null, + "security_context": { + "fs_group": null, + "fs_group_change_policy": null, + "run_as_group": null, + "run_as_non_root": null, + "run_as_user": null, + "se_linux_options": null, + "seccomp_profile": null, + "supplemental_groups": null, + "sysctls": null, + "windows_options": null + }, + "service_account": null, + "service_account_name": null, + "set_hostname_as_fqdn": null, + "share_process_namespace": null, + "subdomain": null, + "termination_grace_period_seconds": 30, + "tolerations": null, + "topology_spread_constraints": null, + "volumes": [ + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": { + "default_mode": 420, + "items": [ + { + "field_ref": { + "api_version": "v1", + "field_path": "metadata.annotations" + }, + "mode": null, + "path": "annotations", + "resource_field_ref": null + } + ] + }, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "annotations", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": { + "default_mode": 420, + "items": [ + { + "key": "config-file", + "mode": null, + "path": "pd.toml" + } + ], + "name": "test-cluster-pd-3731616", + "optional": null + }, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "config", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": { + "default_mode": 420, + "items": [ + { + "key": "startup-script", + "mode": null, + "path": "pd_start_script.sh" + } + ], + "name": "test-cluster-pd-3731616", + "optional": null + }, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "startup-script", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + } + ] + } + }, + "update_strategy": { + "rolling_update": { + "max_unavailable": null, + "partition": 3 + }, + "type": "RollingUpdate" + }, + "volume_claim_templates": [ + { + "api_version": "v1", + "kind": "PersistentVolumeClaim", + "metadata": { + "annotations": null, + "creation_timestamp": null, + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": null, + "name": "pd", + "namespace": null, + "owner_references": null, + "resource_version": null, + "self_link": null, + "uid": null + }, + "spec": { + "access_modes": [ + "ReadWriteOnce" + ], + "data_source": null, + "data_source_ref": null, + "resources": { + "claims": null, + "limits": null, + "requests": { + "storage": "10Gi" + } + }, + "selector": null, + "storage_class_name": null, + "volume_mode": "Filesystem", + "volume_name": null + }, + "status": { + "access_modes": null, + "allocated_resources": null, + "capacity": null, + "conditions": null, + "phase": "Pending", + "resize_status": null + } + } + ] + }, + "status": { + "available_replicas": 3, + "collision_count": 0, + "conditions": null, + "current_replicas": 3, + "current_revision": "test-cluster-pd-859db88ddf", + "observed_generation": 1, + "ready_replicas": 3, + "replicas": 3, + "update_revision": "test-cluster-pd-859db88ddf", + "updated_replicas": 3 + } + }, + "test-cluster-tidb": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": { + "pingcap.com/last-applied-configuration": "{\"replicas\":3,\"selector\":{\"matchLabels\":{\"app.kubernetes.io/component\":\"tidb\",\"app.kubernetes.io/instance\":\"test-cluster\",\"app.kubernetes.io/managed-by\":\"tidb-operator\",\"app.kubernetes.io/name\":\"tidb-cluster\"}},\"template\":{\"metadata\":{\"creationTimestamp\":null,\"labels\":{\"app.kubernetes.io/component\":\"tidb\",\"app.kubernetes.io/instance\":\"test-cluster\",\"app.kubernetes.io/managed-by\":\"tidb-operator\",\"app.kubernetes.io/name\":\"tidb-cluster\"},\"annotations\":{\"prometheus.io/path\":\"/metrics\",\"prometheus.io/port\":\"10080\",\"prometheus.io/scrape\":\"true\"}},\"spec\":{\"volumes\":[{\"name\":\"annotations\",\"downwardAPI\":{\"items\":[{\"path\":\"annotations\",\"fieldRef\":{\"fieldPath\":\"metadata.annotations\"}}]}},{\"name\":\"config\",\"configMap\":{\"name\":\"test-cluster-tidb-6662316\",\"items\":[{\"key\":\"config-file\",\"path\":\"tidb.toml\"}]}},{\"name\":\"startup-script\",\"configMap\":{\"name\":\"test-cluster-tidb-6662316\",\"items\":[{\"key\":\"startup-script\",\"path\":\"tidb_start_script.sh\"}]}},{\"name\":\"slowlog\",\"emptyDir\":{}}],\"containers\":[{\"name\":\"slowlog\",\"image\":\"busybox:1.34.1\",\"command\":[\"sh\",\"-c\",\"touch /var/log/tidb/slowlog; tail -n0 -F /var/log/tidb/slowlog;\"],\"resources\":{},\"volumeMounts\":[{\"name\":\"slowlog\",\"mountPath\":\"/var/log/tidb\"}],\"imagePullPolicy\":\"IfNotPresent\"},{\"name\":\"tidb\",\"image\":\"pingcap/tidb:v5.4.0\",\"command\":[\"/bin/sh\",\"/usr/local/bin/tidb_start_script.sh\"],\"ports\":[{\"name\":\"server\",\"containerPort\":4000,\"protocol\":\"TCP\"},{\"name\":\"status\",\"containerPort\":10080,\"protocol\":\"TCP\"}],\"env\":[{\"name\":\"CLUSTER_NAME\",\"value\":\"test-cluster\"},{\"name\":\"TZ\",\"value\":\"UTC\"},{\"name\":\"BINLOG_ENABLED\",\"value\":\"false\"},{\"name\":\"SLOW_LOG_FILE\",\"value\":\"/var/log/tidb/slowlog\"},{\"name\":\"POD_NAME\",\"valueFrom\":{\"fieldRef\":{\"fieldPath\":\"metadata.name\"}}},{\"name\":\"NAMESPACE\",\"valueFrom\":{\"fieldRef\":{\"fieldPath\":\"metadata.namespace\"}}},{\"name\":\"HEADLESS_SERVICE_NAME\",\"value\":\"test-cluster-tidb-peer\"}],\"resources\":{},\"volumeMounts\":[{\"name\":\"annotations\",\"readOnly\":true,\"mountPath\":\"/etc/podinfo\"},{\"name\":\"config\",\"readOnly\":true,\"mountPath\":\"/etc/tidb\"},{\"name\":\"startup-script\",\"readOnly\":true,\"mountPath\":\"/usr/local/bin\"},{\"name\":\"slowlog\",\"mountPath\":\"/var/log/tidb\"}],\"readinessProbe\":{\"tcpSocket\":{\"port\":4000},\"initialDelaySeconds\":10},\"imagePullPolicy\":\"IfNotPresent\"}],\"restartPolicy\":\"Always\",\"dnsPolicy\":\"ClusterFirst\"}},\"serviceName\":\"test-cluster-tidb-peer\",\"podManagementPolicy\":\"Parallel\",\"updateStrategy\":{\"type\":\"RollingUpdate\",\"rollingUpdate\":{\"partition\":3}}}" + }, + "creation_timestamp": "2024-02-27T01:20:52+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": 1, + "labels": { + "app.kubernetes.io/component": "tidb", + "app.kubernetes.io/instance": "test-cluster", + "app.kubernetes.io/managed-by": "tidb-operator", + "app.kubernetes.io/name": "tidb-cluster" + }, + "managed_fields": [ + { + "api_version": "apps/v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + ".": {}, + "f:pingcap.com/last-applied-configuration": {} + }, + "f:labels": { + ".": {}, + "f:app.kubernetes.io/component": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {} + }, + "f:ownerReferences": { + ".": {}, + "k:{\"uid\":\"eff6561e-bf0d-471c-99a1-71f35603bc87\"}": {} + } + }, + "f:spec": { + "f:persistentVolumeClaimRetentionPolicy": { + ".": {}, + "f:whenDeleted": {}, + "f:whenScaled": {} + }, + "f:podManagementPolicy": {}, + "f:replicas": {}, + "f:revisionHistoryLimit": {}, + "f:selector": {}, + "f:serviceName": {}, + "f:template": { + "f:metadata": { + "f:annotations": { + ".": {}, + "f:prometheus.io/path": {}, + "f:prometheus.io/port": {}, + "f:prometheus.io/scrape": {} + }, + "f:labels": { + ".": {}, + "f:app.kubernetes.io/component": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {} + } + }, + "f:spec": { + "f:containers": { + "k:{\"name\":\"slowlog\"}": { + ".": {}, + "f:command": {}, + "f:image": {}, + "f:imagePullPolicy": {}, + "f:name": {}, + "f:resources": {}, + "f:terminationMessagePath": {}, + "f:terminationMessagePolicy": {}, + "f:volumeMounts": { + ".": {}, + "k:{\"mountPath\":\"/var/log/tidb\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {} + } + } + }, + "k:{\"name\":\"tidb\"}": { + ".": {}, + "f:command": {}, + "f:env": { + ".": {}, + "k:{\"name\":\"BINLOG_ENABLED\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"CLUSTER_NAME\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"HEADLESS_SERVICE_NAME\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"NAMESPACE\"}": { + ".": {}, + "f:name": {}, + "f:valueFrom": { + ".": {}, + "f:fieldRef": {} + } + }, + "k:{\"name\":\"POD_NAME\"}": { + ".": {}, + "f:name": {}, + "f:valueFrom": { + ".": {}, + "f:fieldRef": {} + } + }, + "k:{\"name\":\"SLOW_LOG_FILE\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"TZ\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + } + }, + "f:image": {}, + "f:imagePullPolicy": {}, + "f:name": {}, + "f:ports": { + ".": {}, + "k:{\"containerPort\":4000,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + }, + "k:{\"containerPort\":10080,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + } + }, + "f:readinessProbe": { + ".": {}, + "f:failureThreshold": {}, + "f:initialDelaySeconds": {}, + "f:periodSeconds": {}, + "f:successThreshold": {}, + "f:tcpSocket": { + ".": {}, + "f:port": {} + }, + "f:timeoutSeconds": {} + }, + "f:resources": {}, + "f:terminationMessagePath": {}, + "f:terminationMessagePolicy": {}, + "f:volumeMounts": { + ".": {}, + "k:{\"mountPath\":\"/etc/podinfo\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {}, + "f:readOnly": {} + }, + "k:{\"mountPath\":\"/etc/tidb\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {}, + "f:readOnly": {} + }, + "k:{\"mountPath\":\"/usr/local/bin\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {}, + "f:readOnly": {} + }, + "k:{\"mountPath\":\"/var/log/tidb\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {} + } + } + } + }, + "f:dnsPolicy": {}, + "f:restartPolicy": {}, + "f:schedulerName": {}, + "f:securityContext": {}, + "f:terminationGracePeriodSeconds": {}, + "f:volumes": { + ".": {}, + "k:{\"name\":\"annotations\"}": { + ".": {}, + "f:downwardAPI": { + ".": {}, + "f:defaultMode": {}, + "f:items": {} + }, + "f:name": {} + }, + "k:{\"name\":\"config\"}": { + ".": {}, + "f:configMap": { + ".": {}, + "f:defaultMode": {}, + "f:items": {}, + "f:name": {} + }, + "f:name": {} + }, + "k:{\"name\":\"slowlog\"}": { + ".": {}, + "f:emptyDir": {}, + "f:name": {} + }, + "k:{\"name\":\"startup-script\"}": { + ".": {}, + "f:configMap": { + ".": {}, + "f:defaultMode": {}, + "f:items": {}, + "f:name": {} + }, + "f:name": {} + } + } + } + }, + "f:updateStrategy": { + "f:rollingUpdate": { + ".": {}, + "f:partition": {} + }, + "f:type": {} + } + } + }, + "manager": "tidb-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:52+00:00" + }, + { + "api_version": "apps/v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:status": { + "f:availableReplicas": {}, + "f:collisionCount": {}, + "f:currentReplicas": {}, + "f:currentRevision": {}, + "f:observedGeneration": {}, + "f:readyReplicas": {}, + "f:replicas": {}, + "f:updateRevision": {}, + "f:updatedReplicas": {} + } + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": "status", + "time": "2024-02-27T01:21:12+00:00" + } + ], + "name": "test-cluster-tidb", + "namespace": "acto-namespace", + "owner_references": [ + { + "api_version": "pingcap.com/v1alpha1", + "block_owner_deletion": true, + "controller": true, + "kind": "TidbCluster", + "name": "test-cluster", + "uid": "eff6561e-bf0d-471c-99a1-71f35603bc87" + } + ], + "resource_version": "1484", + "self_link": null, + "uid": "275a96f1-4db6-4070-a665-2df5d784b843" + }, + "spec": { + "min_ready_seconds": null, + "ordinals": null, + "persistent_volume_claim_retention_policy": { + "when_deleted": "Retain", + "when_scaled": "Retain" + }, + "pod_management_policy": "Parallel", + "replicas": 3, + "revision_history_limit": 10, + "selector": { + "match_expressions": null, + "match_labels": { + "app.kubernetes.io/component": "tidb", + "app.kubernetes.io/instance": "test-cluster", + "app.kubernetes.io/managed-by": "tidb-operator", + "app.kubernetes.io/name": "tidb-cluster" + } + }, + "service_name": "test-cluster-tidb-peer", + "template": { + "metadata": { + "annotations": { + "prometheus.io/path": "/metrics", + "prometheus.io/port": "10080", + "prometheus.io/scrape": "true" + }, + "creation_timestamp": null, + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": { + "app.kubernetes.io/component": "tidb", + "app.kubernetes.io/instance": "test-cluster", + "app.kubernetes.io/managed-by": "tidb-operator", + "app.kubernetes.io/name": "tidb-cluster" + }, + "managed_fields": null, + "name": null, + "namespace": null, + "owner_references": null, + "resource_version": null, + "self_link": null, + "uid": null + }, + "spec": { + "active_deadline_seconds": null, + "affinity": null, + "automount_service_account_token": null, + "containers": [ + { + "args": null, + "command": [ + "sh", + "-c", + "touch /var/log/tidb/slowlog; tail -n0 -F /var/log/tidb/slowlog;" + ], + "env": null, + "env_from": null, + "image": "busybox:1.34.1", + "image_pull_policy": "IfNotPresent", + "lifecycle": null, + "liveness_probe": null, + "name": "slowlog", + "ports": null, + "readiness_probe": null, + "resources": { + "claims": null, + "limits": null, + "requests": null + }, + "security_context": null, + "startup_probe": null, + "stdin": null, + "stdin_once": null, + "termination_message_path": "/dev/termination-log", + "termination_message_policy": "File", + "tty": null, + "volume_devices": null, + "volume_mounts": [ + { + "mount_path": "/var/log/tidb", + "mount_propagation": null, + "name": "slowlog", + "read_only": null, + "sub_path": null, + "sub_path_expr": null + } + ], + "working_dir": null + }, + { + "args": null, + "command": [ + "/bin/sh", + "/usr/local/bin/tidb_start_script.sh" + ], + "env": [ + { + "name": "CLUSTER_NAME", + "value": "test-cluster", + "value_from": null + }, + { + "name": "TZ", + "value": "UTC", + "value_from": null + }, + { + "name": "BINLOG_ENABLED", + "value": "false", + "value_from": null + }, + { + "name": "SLOW_LOG_FILE", + "value": "/var/log/tidb/slowlog", + "value_from": null + }, + { + "name": "POD_NAME", + "value": null, + "value_from": { + "config_map_key_ref": null, + "field_ref": { + "api_version": "v1", + "field_path": "metadata.name" + }, + "resource_field_ref": null, + "secret_key_ref": null + } + }, + { + "name": "NAMESPACE", + "value": null, + "value_from": { + "config_map_key_ref": null, + "field_ref": { + "api_version": "v1", + "field_path": "metadata.namespace" + }, + "resource_field_ref": null, + "secret_key_ref": null + } + }, + { + "name": "HEADLESS_SERVICE_NAME", + "value": "test-cluster-tidb-peer", + "value_from": null + } + ], + "env_from": null, + "image": "pingcap/tidb:v5.4.0", + "image_pull_policy": "IfNotPresent", + "lifecycle": null, + "liveness_probe": null, + "name": "tidb", + "ports": [ + { + "container_port": 4000, + "host_ip": null, + "host_port": null, + "name": "server", + "protocol": "TCP" + }, + { + "container_port": 10080, + "host_ip": null, + "host_port": null, + "name": "status", + "protocol": "TCP" + } + ], + "readiness_probe": { + "_exec": null, + "failure_threshold": 3, + "grpc": null, + "http_get": null, + "initial_delay_seconds": 10, + "period_seconds": 10, + "success_threshold": 1, + "tcp_socket": { + "host": null, + "port": 4000 + }, + "termination_grace_period_seconds": null, + "timeout_seconds": 1 + }, + "resources": { + "claims": null, + "limits": null, + "requests": null + }, + "security_context": null, + "startup_probe": null, + "stdin": null, + "stdin_once": null, + "termination_message_path": "/dev/termination-log", + "termination_message_policy": "File", + "tty": null, + "volume_devices": null, + "volume_mounts": [ + { + "mount_path": "/etc/podinfo", + "mount_propagation": null, + "name": "annotations", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/etc/tidb", + "mount_propagation": null, + "name": "config", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/usr/local/bin", + "mount_propagation": null, + "name": "startup-script", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/var/log/tidb", + "mount_propagation": null, + "name": "slowlog", + "read_only": null, + "sub_path": null, + "sub_path_expr": null + } + ], + "working_dir": null + } + ], + "dns_config": null, + "dns_policy": "ClusterFirst", + "enable_service_links": null, + "ephemeral_containers": null, + "host_aliases": null, + "host_ipc": null, + "host_network": null, + "host_pid": null, + "host_users": null, + "hostname": null, + "image_pull_secrets": null, + "init_containers": null, + "node_name": null, + "node_selector": null, + "os": null, + "overhead": null, + "preemption_policy": null, + "priority": null, + "priority_class_name": null, + "readiness_gates": null, + "resource_claims": null, + "restart_policy": "Always", + "runtime_class_name": null, + "scheduler_name": "default-scheduler", + "scheduling_gates": null, + "security_context": { + "fs_group": null, + "fs_group_change_policy": null, + "run_as_group": null, + "run_as_non_root": null, + "run_as_user": null, + "se_linux_options": null, + "seccomp_profile": null, + "supplemental_groups": null, + "sysctls": null, + "windows_options": null + }, + "service_account": null, + "service_account_name": null, + "set_hostname_as_fqdn": null, + "share_process_namespace": null, + "subdomain": null, + "termination_grace_period_seconds": 30, + "tolerations": null, + "topology_spread_constraints": null, + "volumes": [ + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": { + "default_mode": 420, + "items": [ + { + "field_ref": { + "api_version": "v1", + "field_path": "metadata.annotations" + }, + "mode": null, + "path": "annotations", + "resource_field_ref": null + } + ] + }, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "annotations", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": { + "default_mode": 420, + "items": [ + { + "key": "config-file", + "mode": null, + "path": "tidb.toml" + } + ], + "name": "test-cluster-tidb-6662316", + "optional": null + }, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "config", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": { + "default_mode": 420, + "items": [ + { + "key": "startup-script", + "mode": null, + "path": "tidb_start_script.sh" + } + ], + "name": "test-cluster-tidb-6662316", + "optional": null + }, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "startup-script", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": null, + "empty_dir": { + "medium": null, + "size_limit": null + }, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "slowlog", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + } + ] + } + }, + "update_strategy": { + "rolling_update": { + "max_unavailable": null, + "partition": 3 + }, + "type": "RollingUpdate" + }, + "volume_claim_templates": null + }, + "status": { + "available_replicas": 3, + "collision_count": 0, + "conditions": null, + "current_replicas": 3, + "current_revision": "test-cluster-tidb-788bdc6cfc", + "observed_generation": 1, + "ready_replicas": 3, + "replicas": 3, + "update_revision": "test-cluster-tidb-788bdc6cfc", + "updated_replicas": 3 + } + }, + "test-cluster-tikv": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": { + "pingcap.com/last-applied-configuration": "{\"replicas\":3,\"selector\":{\"matchLabels\":{\"app.kubernetes.io/component\":\"tikv\",\"app.kubernetes.io/instance\":\"test-cluster\",\"app.kubernetes.io/managed-by\":\"tidb-operator\",\"app.kubernetes.io/name\":\"tidb-cluster\"}},\"template\":{\"metadata\":{\"creationTimestamp\":null,\"labels\":{\"app.kubernetes.io/component\":\"tikv\",\"app.kubernetes.io/instance\":\"test-cluster\",\"app.kubernetes.io/managed-by\":\"tidb-operator\",\"app.kubernetes.io/name\":\"tidb-cluster\"},\"annotations\":{\"prometheus.io/path\":\"/metrics\",\"prometheus.io/port\":\"20180\",\"prometheus.io/scrape\":\"true\"}},\"spec\":{\"volumes\":[{\"name\":\"annotations\",\"downwardAPI\":{\"items\":[{\"path\":\"annotations\",\"fieldRef\":{\"fieldPath\":\"metadata.annotations\"}}]}},{\"name\":\"config\",\"configMap\":{\"name\":\"test-cluster-tikv-3831336\",\"items\":[{\"key\":\"config-file\",\"path\":\"tikv.toml\"}]}},{\"name\":\"startup-script\",\"configMap\":{\"name\":\"test-cluster-tikv-3831336\",\"items\":[{\"key\":\"startup-script\",\"path\":\"tikv_start_script.sh\"}]}}],\"containers\":[{\"name\":\"raftlog\",\"image\":\"busybox:1.34.1\",\"command\":[\"sh\",\"-c\",\"touch /var/lib/tikv/raftdb.info; tail -n0 -F /var/lib/tikv/raftdb.info;\"],\"resources\":{},\"volumeMounts\":[{\"name\":\"tikv\",\"mountPath\":\"/var/lib/tikv\"}],\"imagePullPolicy\":\"IfNotPresent\"},{\"name\":\"tikv\",\"image\":\"pingcap/tikv:v5.4.0\",\"command\":[\"/bin/sh\",\"/usr/local/bin/tikv_start_script.sh\"],\"ports\":[{\"name\":\"server\",\"containerPort\":20160,\"protocol\":\"TCP\"}],\"env\":[{\"name\":\"NAMESPACE\",\"valueFrom\":{\"fieldRef\":{\"fieldPath\":\"metadata.namespace\"}}},{\"name\":\"CLUSTER_NAME\",\"value\":\"test-cluster\"},{\"name\":\"HEADLESS_SERVICE_NAME\",\"value\":\"test-cluster-tikv-peer\"},{\"name\":\"CAPACITY\",\"value\":\"0\"},{\"name\":\"TZ\",\"value\":\"UTC\"}],\"resources\":{},\"volumeMounts\":[{\"name\":\"annotations\",\"readOnly\":true,\"mountPath\":\"/etc/podinfo\"},{\"name\":\"tikv\",\"mountPath\":\"/var/lib/tikv\"},{\"name\":\"config\",\"readOnly\":true,\"mountPath\":\"/etc/tikv\"},{\"name\":\"startup-script\",\"readOnly\":true,\"mountPath\":\"/usr/local/bin\"}],\"imagePullPolicy\":\"IfNotPresent\",\"securityContext\":{\"privileged\":false}}],\"restartPolicy\":\"Always\",\"dnsPolicy\":\"ClusterFirst\"}},\"volumeClaimTemplates\":[{\"metadata\":{\"name\":\"tikv\",\"creationTimestamp\":null},\"spec\":{\"accessModes\":[\"ReadWriteOnce\"],\"resources\":{\"requests\":{\"storage\":\"100Gi\"}}},\"status\":{}}],\"serviceName\":\"test-cluster-tikv-peer\",\"podManagementPolicy\":\"Parallel\",\"updateStrategy\":{\"type\":\"RollingUpdate\",\"rollingUpdate\":{\"partition\":3}}}" + }, + "creation_timestamp": "2024-02-27T01:20:22+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": 1, + "labels": { + "app.kubernetes.io/component": "tikv", + "app.kubernetes.io/instance": "test-cluster", + "app.kubernetes.io/managed-by": "tidb-operator", + "app.kubernetes.io/name": "tidb-cluster" + }, + "managed_fields": [ + { + "api_version": "apps/v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + ".": {}, + "f:pingcap.com/last-applied-configuration": {} + }, + "f:labels": { + ".": {}, + "f:app.kubernetes.io/component": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {} + }, + "f:ownerReferences": { + ".": {}, + "k:{\"uid\":\"eff6561e-bf0d-471c-99a1-71f35603bc87\"}": {} + } + }, + "f:spec": { + "f:persistentVolumeClaimRetentionPolicy": { + ".": {}, + "f:whenDeleted": {}, + "f:whenScaled": {} + }, + "f:podManagementPolicy": {}, + "f:replicas": {}, + "f:revisionHistoryLimit": {}, + "f:selector": {}, + "f:serviceName": {}, + "f:template": { + "f:metadata": { + "f:annotations": { + ".": {}, + "f:prometheus.io/path": {}, + "f:prometheus.io/port": {}, + "f:prometheus.io/scrape": {} + }, + "f:labels": { + ".": {}, + "f:app.kubernetes.io/component": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {} + } + }, + "f:spec": { + "f:containers": { + "k:{\"name\":\"raftlog\"}": { + ".": {}, + "f:command": {}, + "f:image": {}, + "f:imagePullPolicy": {}, + "f:name": {}, + "f:resources": {}, + "f:terminationMessagePath": {}, + "f:terminationMessagePolicy": {}, + "f:volumeMounts": { + ".": {}, + "k:{\"mountPath\":\"/var/lib/tikv\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {} + } + } + }, + "k:{\"name\":\"tikv\"}": { + ".": {}, + "f:command": {}, + "f:env": { + ".": {}, + "k:{\"name\":\"CAPACITY\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"CLUSTER_NAME\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"HEADLESS_SERVICE_NAME\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"NAMESPACE\"}": { + ".": {}, + "f:name": {}, + "f:valueFrom": { + ".": {}, + "f:fieldRef": {} + } + }, + "k:{\"name\":\"TZ\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + } + }, + "f:image": {}, + "f:imagePullPolicy": {}, + "f:name": {}, + "f:ports": { + ".": {}, + "k:{\"containerPort\":20160,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + } + }, + "f:resources": {}, + "f:securityContext": { + ".": {}, + "f:privileged": {} + }, + "f:terminationMessagePath": {}, + "f:terminationMessagePolicy": {}, + "f:volumeMounts": { + ".": {}, + "k:{\"mountPath\":\"/etc/podinfo\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {}, + "f:readOnly": {} + }, + "k:{\"mountPath\":\"/etc/tikv\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {}, + "f:readOnly": {} + }, + "k:{\"mountPath\":\"/usr/local/bin\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {}, + "f:readOnly": {} + }, + "k:{\"mountPath\":\"/var/lib/tikv\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {} + } + } + } + }, + "f:dnsPolicy": {}, + "f:restartPolicy": {}, + "f:schedulerName": {}, + "f:securityContext": {}, + "f:terminationGracePeriodSeconds": {}, + "f:volumes": { + ".": {}, + "k:{\"name\":\"annotations\"}": { + ".": {}, + "f:downwardAPI": { + ".": {}, + "f:defaultMode": {}, + "f:items": {} + }, + "f:name": {} + }, + "k:{\"name\":\"config\"}": { + ".": {}, + "f:configMap": { + ".": {}, + "f:defaultMode": {}, + "f:items": {}, + "f:name": {} + }, + "f:name": {} + }, + "k:{\"name\":\"startup-script\"}": { + ".": {}, + "f:configMap": { + ".": {}, + "f:defaultMode": {}, + "f:items": {}, + "f:name": {} + }, + "f:name": {} + } + } + } + }, + "f:updateStrategy": { + "f:rollingUpdate": { + ".": {}, + "f:partition": {} + }, + "f:type": {} + }, + "f:volumeClaimTemplates": {} + } + }, + "manager": "tidb-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:22+00:00" + }, + { + "api_version": "apps/v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:status": { + "f:availableReplicas": {}, + "f:collisionCount": {}, + "f:currentReplicas": {}, + "f:currentRevision": {}, + "f:observedGeneration": {}, + "f:readyReplicas": {}, + "f:replicas": {}, + "f:updateRevision": {}, + "f:updatedReplicas": {} + } + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": "status", + "time": "2024-02-27T01:20:27+00:00" + } + ], + "name": "test-cluster-tikv", + "namespace": "acto-namespace", + "owner_references": [ + { + "api_version": "pingcap.com/v1alpha1", + "block_owner_deletion": true, + "controller": true, + "kind": "TidbCluster", + "name": "test-cluster", + "uid": "eff6561e-bf0d-471c-99a1-71f35603bc87" + } + ], + "resource_version": "1257", + "self_link": null, + "uid": "0ef3c69e-a6cc-4a35-915f-a63fca1b67f8" + }, + "spec": { + "min_ready_seconds": null, + "ordinals": null, + "persistent_volume_claim_retention_policy": { + "when_deleted": "Retain", + "when_scaled": "Retain" + }, + "pod_management_policy": "Parallel", + "replicas": 3, + "revision_history_limit": 10, + "selector": { + "match_expressions": null, + "match_labels": { + "app.kubernetes.io/component": "tikv", + "app.kubernetes.io/instance": "test-cluster", + "app.kubernetes.io/managed-by": "tidb-operator", + "app.kubernetes.io/name": "tidb-cluster" + } + }, + "service_name": "test-cluster-tikv-peer", + "template": { + "metadata": { + "annotations": { + "prometheus.io/path": "/metrics", + "prometheus.io/port": "20180", + "prometheus.io/scrape": "true" + }, + "creation_timestamp": null, + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": { + "app.kubernetes.io/component": "tikv", + "app.kubernetes.io/instance": "test-cluster", + "app.kubernetes.io/managed-by": "tidb-operator", + "app.kubernetes.io/name": "tidb-cluster" + }, + "managed_fields": null, + "name": null, + "namespace": null, + "owner_references": null, + "resource_version": null, + "self_link": null, + "uid": null + }, + "spec": { + "active_deadline_seconds": null, + "affinity": null, + "automount_service_account_token": null, + "containers": [ + { + "args": null, + "command": [ + "sh", + "-c", + "touch /var/lib/tikv/raftdb.info; tail -n0 -F /var/lib/tikv/raftdb.info;" + ], + "env": null, + "env_from": null, + "image": "busybox:1.34.1", + "image_pull_policy": "IfNotPresent", + "lifecycle": null, + "liveness_probe": null, + "name": "raftlog", + "ports": null, + "readiness_probe": null, + "resources": { + "claims": null, + "limits": null, + "requests": null + }, + "security_context": null, + "startup_probe": null, + "stdin": null, + "stdin_once": null, + "termination_message_path": "/dev/termination-log", + "termination_message_policy": "File", + "tty": null, + "volume_devices": null, + "volume_mounts": [ + { + "mount_path": "/var/lib/tikv", + "mount_propagation": null, + "name": "tikv", + "read_only": null, + "sub_path": null, + "sub_path_expr": null + } + ], + "working_dir": null + }, + { + "args": null, + "command": [ + "/bin/sh", + "/usr/local/bin/tikv_start_script.sh" + ], + "env": [ + { + "name": "NAMESPACE", + "value": null, + "value_from": { + "config_map_key_ref": null, + "field_ref": { + "api_version": "v1", + "field_path": "metadata.namespace" + }, + "resource_field_ref": null, + "secret_key_ref": null + } + }, + { + "name": "CLUSTER_NAME", + "value": "test-cluster", + "value_from": null + }, + { + "name": "HEADLESS_SERVICE_NAME", + "value": "test-cluster-tikv-peer", + "value_from": null + }, + { + "name": "CAPACITY", + "value": "0", + "value_from": null + }, + { + "name": "TZ", + "value": "UTC", + "value_from": null + } + ], + "env_from": null, + "image": "pingcap/tikv:v5.4.0", + "image_pull_policy": "IfNotPresent", + "lifecycle": null, + "liveness_probe": null, + "name": "tikv", + "ports": [ + { + "container_port": 20160, + "host_ip": null, + "host_port": null, + "name": "server", + "protocol": "TCP" + } + ], + "readiness_probe": null, + "resources": { + "claims": null, + "limits": null, + "requests": null + }, + "security_context": { + "allow_privilege_escalation": null, + "capabilities": null, + "privileged": false, + "proc_mount": null, + "read_only_root_filesystem": null, + "run_as_group": null, + "run_as_non_root": null, + "run_as_user": null, + "se_linux_options": null, + "seccomp_profile": null, + "windows_options": null + }, + "startup_probe": null, + "stdin": null, + "stdin_once": null, + "termination_message_path": "/dev/termination-log", + "termination_message_policy": "File", + "tty": null, + "volume_devices": null, + "volume_mounts": [ + { + "mount_path": "/etc/podinfo", + "mount_propagation": null, + "name": "annotations", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/var/lib/tikv", + "mount_propagation": null, + "name": "tikv", + "read_only": null, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/etc/tikv", + "mount_propagation": null, + "name": "config", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/usr/local/bin", + "mount_propagation": null, + "name": "startup-script", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + } + ], + "working_dir": null + } + ], + "dns_config": null, + "dns_policy": "ClusterFirst", + "enable_service_links": null, + "ephemeral_containers": null, + "host_aliases": null, + "host_ipc": null, + "host_network": null, + "host_pid": null, + "host_users": null, + "hostname": null, + "image_pull_secrets": null, + "init_containers": null, + "node_name": null, + "node_selector": null, + "os": null, + "overhead": null, + "preemption_policy": null, + "priority": null, + "priority_class_name": null, + "readiness_gates": null, + "resource_claims": null, + "restart_policy": "Always", + "runtime_class_name": null, + "scheduler_name": "default-scheduler", + "scheduling_gates": null, + "security_context": { + "fs_group": null, + "fs_group_change_policy": null, + "run_as_group": null, + "run_as_non_root": null, + "run_as_user": null, + "se_linux_options": null, + "seccomp_profile": null, + "supplemental_groups": null, + "sysctls": null, + "windows_options": null + }, + "service_account": null, + "service_account_name": null, + "set_hostname_as_fqdn": null, + "share_process_namespace": null, + "subdomain": null, + "termination_grace_period_seconds": 30, + "tolerations": null, + "topology_spread_constraints": null, + "volumes": [ + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": { + "default_mode": 420, + "items": [ + { + "field_ref": { + "api_version": "v1", + "field_path": "metadata.annotations" + }, + "mode": null, + "path": "annotations", + "resource_field_ref": null + } + ] + }, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "annotations", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": { + "default_mode": 420, + "items": [ + { + "key": "config-file", + "mode": null, + "path": "tikv.toml" + } + ], + "name": "test-cluster-tikv-3831336", + "optional": null + }, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "config", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": { + "default_mode": 420, + "items": [ + { + "key": "startup-script", + "mode": null, + "path": "tikv_start_script.sh" + } + ], + "name": "test-cluster-tikv-3831336", + "optional": null + }, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "startup-script", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + } + ] + } + }, + "update_strategy": { + "rolling_update": { + "max_unavailable": null, + "partition": 3 + }, + "type": "RollingUpdate" + }, + "volume_claim_templates": [ + { + "api_version": "v1", + "kind": "PersistentVolumeClaim", + "metadata": { + "annotations": null, + "creation_timestamp": null, + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": null, + "name": "tikv", + "namespace": null, + "owner_references": null, + "resource_version": null, + "self_link": null, + "uid": null + }, + "spec": { + "access_modes": [ + "ReadWriteOnce" + ], + "data_source": null, + "data_source_ref": null, + "resources": { + "claims": null, + "limits": null, + "requests": { + "storage": "100Gi" + } + }, + "selector": null, + "storage_class_name": null, + "volume_mode": "Filesystem", + "volume_name": null + }, + "status": { + "access_modes": null, + "allocated_resources": null, + "capacity": null, + "conditions": null, + "phase": "Pending", + "resize_status": null + } + } + ] + }, + "status": { + "available_replicas": 3, + "collision_count": 0, + "conditions": null, + "current_replicas": 3, + "current_revision": "test-cluster-tikv-797dfd54bf", + "observed_generation": 1, + "ready_replicas": 3, + "replicas": 3, + "update_revision": "test-cluster-tikv-797dfd54bf", + "updated_replicas": 3 + } + } + }, + "deployment": { + "test-cluster-discovery": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": { + "deployment.kubernetes.io/revision": "1", + "pingcap.com/last-applied-configuration": "{\"containers\":[{\"name\":\"discovery\",\"image\":\"pingcap/tidb-operator:v1.3.2\",\"command\":[\"/usr/local/bin/tidb-discovery\"],\"ports\":[{\"name\":\"discovery\",\"containerPort\":10261,\"protocol\":\"TCP\"},{\"name\":\"proxy\",\"containerPort\":10262,\"protocol\":\"TCP\"}],\"env\":[{\"name\":\"MY_POD_NAMESPACE\",\"valueFrom\":{\"fieldRef\":{\"fieldPath\":\"metadata.namespace\"}}},{\"name\":\"TZ\",\"value\":\"UTC\"},{\"name\":\"TC_NAME\",\"value\":\"test-cluster\"}],\"resources\":{},\"imagePullPolicy\":\"IfNotPresent\"}],\"restartPolicy\":\"Always\",\"dnsPolicy\":\"ClusterFirst\",\"serviceAccountName\":\"test-cluster-discovery\"}", + "pingcap.com/last-applied-podtemplate": "{\"containers\":[{\"name\":\"discovery\",\"image\":\"pingcap/tidb-operator:v1.3.2\",\"command\":[\"/usr/local/bin/tidb-discovery\"],\"ports\":[{\"name\":\"discovery\",\"containerPort\":10261,\"protocol\":\"TCP\"},{\"name\":\"proxy\",\"containerPort\":10262,\"protocol\":\"TCP\"}],\"env\":[{\"name\":\"MY_POD_NAMESPACE\",\"valueFrom\":{\"fieldRef\":{\"fieldPath\":\"metadata.namespace\"}}},{\"name\":\"TZ\",\"value\":\"UTC\"},{\"name\":\"TC_NAME\",\"value\":\"test-cluster\"}],\"resources\":{},\"imagePullPolicy\":\"IfNotPresent\"}],\"restartPolicy\":\"Always\",\"dnsPolicy\":\"ClusterFirst\",\"serviceAccountName\":\"test-cluster-discovery\"}" + }, + "creation_timestamp": "2024-02-27T01:19:59+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": 2, + "labels": { + "app.kubernetes.io/component": "discovery", + "app.kubernetes.io/instance": "test-cluster", + "app.kubernetes.io/managed-by": "tidb-operator", + "app.kubernetes.io/name": "tidb-cluster" + }, + "managed_fields": [ + { + "api_version": "apps/v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + ".": {}, + "f:pingcap.com/last-applied-configuration": {}, + "f:pingcap.com/last-applied-podtemplate": {} + }, + "f:labels": { + ".": {}, + "f:app.kubernetes.io/component": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {} + }, + "f:ownerReferences": { + ".": {}, + "k:{\"uid\":\"eff6561e-bf0d-471c-99a1-71f35603bc87\"}": {} + } + }, + "f:spec": { + "f:progressDeadlineSeconds": {}, + "f:replicas": {}, + "f:revisionHistoryLimit": {}, + "f:selector": {}, + "f:strategy": { + "f:type": {} + }, + "f:template": { + "f:metadata": { + "f:labels": { + ".": {}, + "f:app.kubernetes.io/component": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {} + } + }, + "f:spec": { + "f:containers": { + "k:{\"name\":\"discovery\"}": { + ".": {}, + "f:command": {}, + "f:env": { + ".": {}, + "k:{\"name\":\"MY_POD_NAMESPACE\"}": { + ".": {}, + "f:name": {}, + "f:valueFrom": { + ".": {}, + "f:fieldRef": {} + } + }, + "k:{\"name\":\"TC_NAME\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"TZ\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + } + }, + "f:image": {}, + "f:imagePullPolicy": {}, + "f:name": {}, + "f:ports": { + ".": {}, + "k:{\"containerPort\":10261,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + }, + "k:{\"containerPort\":10262,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + } + }, + "f:resources": {}, + "f:terminationMessagePath": {}, + "f:terminationMessagePolicy": {} + } + }, + "f:dnsPolicy": {}, + "f:restartPolicy": {}, + "f:schedulerName": {}, + "f:securityContext": {}, + "f:serviceAccount": {}, + "f:serviceAccountName": {}, + "f:terminationGracePeriodSeconds": {} + } + } + } + }, + "manager": "tidb-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:59+00:00" + }, + { + "api_version": "apps/v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:status": { + "f:availableReplicas": {}, + "f:conditions": { + "k:{\"type\":\"Available\"}": { + "f:lastTransitionTime": {}, + "f:lastUpdateTime": {}, + "f:message": {}, + "f:reason": {}, + "f:status": {} + }, + "k:{\"type\":\"Progressing\"}": { + "f:lastUpdateTime": {}, + "f:message": {}, + "f:reason": {} + } + }, + "f:readyReplicas": {} + } + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:01+00:00" + } + ], + "name": "test-cluster-discovery", + "namespace": "acto-namespace", + "owner_references": [ + { + "api_version": "pingcap.com/v1alpha1", + "block_owner_deletion": true, + "controller": true, + "kind": "TidbCluster", + "name": "test-cluster", + "uid": "eff6561e-bf0d-471c-99a1-71f35603bc87" + } + ], + "resource_version": "1026", + "self_link": null, + "uid": "8fd66bd1-82d7-4fd7-95b8-c25c509219de" + }, + "spec": { + "min_ready_seconds": null, + "paused": null, + "progress_deadline_seconds": 600, + "replicas": 1, + "revision_history_limit": 10, + "selector": { + "match_expressions": null, + "match_labels": { + "app.kubernetes.io/component": "discovery", + "app.kubernetes.io/instance": "test-cluster", + "app.kubernetes.io/managed-by": "tidb-operator", + "app.kubernetes.io/name": "tidb-cluster" + } + }, + "strategy": { + "rolling_update": null, + "type": "Recreate" + }, + "template": { + "metadata": { + "annotations": null, + "creation_timestamp": null, + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": { + "app.kubernetes.io/component": "discovery", + "app.kubernetes.io/instance": "test-cluster", + "app.kubernetes.io/managed-by": "tidb-operator", + "app.kubernetes.io/name": "tidb-cluster" + }, + "managed_fields": null, + "name": null, + "namespace": null, + "owner_references": null, + "resource_version": null, + "self_link": null, + "uid": null + }, + "spec": { + "active_deadline_seconds": null, + "affinity": null, + "automount_service_account_token": null, + "containers": [ + { + "args": null, + "command": [ + "/usr/local/bin/tidb-discovery" + ], + "env": [ + { + "name": "MY_POD_NAMESPACE", + "value": null, + "value_from": { + "config_map_key_ref": null, + "field_ref": { + "api_version": "v1", + "field_path": "metadata.namespace" + }, + "resource_field_ref": null, + "secret_key_ref": null + } + }, + { + "name": "TZ", + "value": "UTC", + "value_from": null + }, + { + "name": "TC_NAME", + "value": "test-cluster", + "value_from": null + } + ], + "env_from": null, + "image": "pingcap/tidb-operator:v1.3.2", + "image_pull_policy": "IfNotPresent", + "lifecycle": null, + "liveness_probe": null, + "name": "discovery", + "ports": [ + { + "container_port": 10261, + "host_ip": null, + "host_port": null, + "name": "discovery", + "protocol": "TCP" + }, + { + "container_port": 10262, + "host_ip": null, + "host_port": null, + "name": "proxy", + "protocol": "TCP" + } + ], + "readiness_probe": null, + "resources": { + "claims": null, + "limits": null, + "requests": null + }, + "security_context": null, + "startup_probe": null, + "stdin": null, + "stdin_once": null, + "termination_message_path": "/dev/termination-log", + "termination_message_policy": "File", + "tty": null, + "volume_devices": null, + "volume_mounts": null, + "working_dir": null + } + ], + "dns_config": null, + "dns_policy": "ClusterFirst", + "enable_service_links": null, + "ephemeral_containers": null, + "host_aliases": null, + "host_ipc": null, + "host_network": null, + "host_pid": null, + "host_users": null, + "hostname": null, + "image_pull_secrets": null, + "init_containers": null, + "node_name": null, + "node_selector": null, + "os": null, + "overhead": null, + "preemption_policy": null, + "priority": null, + "priority_class_name": null, + "readiness_gates": null, + "resource_claims": null, + "restart_policy": "Always", + "runtime_class_name": null, + "scheduler_name": "default-scheduler", + "scheduling_gates": null, + "security_context": { + "fs_group": null, + "fs_group_change_policy": null, + "run_as_group": null, + "run_as_non_root": null, + "run_as_user": null, + "se_linux_options": null, + "seccomp_profile": null, + "supplemental_groups": null, + "sysctls": null, + "windows_options": null + }, + "service_account": "test-cluster-discovery", + "service_account_name": "test-cluster-discovery", + "set_hostname_as_fqdn": null, + "share_process_namespace": null, + "subdomain": null, + "termination_grace_period_seconds": 30, + "tolerations": null, + "topology_spread_constraints": null, + "volumes": null + } + } + }, + "status": { + "available_replicas": 1, + "collision_count": null, + "conditions": [ + { + "last_transition_time": "2024-02-27T01:20:01+00:00", + "last_update_time": "2024-02-27T01:20:01+00:00", + "message": "Deployment has minimum availability.", + "reason": "MinimumReplicasAvailable", + "status": "True", + "type": "Available" + }, + { + "last_transition_time": "2024-02-27T01:19:59+00:00", + "last_update_time": "2024-02-27T01:20:01+00:00", + "message": "ReplicaSet \"test-cluster-discovery-689d8466cb\" has successfully progressed.", + "reason": "NewReplicaSetAvailable", + "status": "True", + "type": "Progressing" + } + ], + "observed_generation": 2, + "ready_replicas": 1, + "replicas": 1, + "unavailable_replicas": null, + "updated_replicas": 1 + } + }, + "tidb-controller-manager": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": { + "deployment.kubernetes.io/revision": "2" + }, + "creation_timestamp": "2024-02-27T01:19:29+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": 2, + "labels": { + "acto/tag": "operator-deployment", + "app.kubernetes.io/component": "controller-manager", + "app.kubernetes.io/instance": "acto-test-operator", + "app.kubernetes.io/managed-by": "Helm", + "app.kubernetes.io/name": "tidb-operator", + "helm.sh/chart": "tidb-operator-v1-canary" + }, + "managed_fields": [ + { + "api_version": "apps/v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:labels": { + "f:app.kubernetes.io/component": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {}, + "f:helm.sh/chart": {} + } + }, + "f:spec": { + "f:replicas": {}, + "f:selector": {}, + "f:template": { + "f:metadata": { + "f:labels": { + "f:app.kubernetes.io/component": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/name": {} + } + }, + "f:spec": { + "f:containers": { + "k:{\"name\":\"tidb-operator\"}": { + ".": {}, + "f:command": {}, + "f:env": { + "k:{\"name\":\"NAMESPACE\"}": { + ".": {}, + "f:name": {}, + "f:valueFrom": { + "f:fieldRef": {} + } + }, + "k:{\"name\":\"TZ\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + } + }, + "f:image": {}, + "f:imagePullPolicy": {}, + "f:livenessProbe": { + "f:failureThreshold": {}, + "f:initialDelaySeconds": {}, + "f:periodSeconds": {}, + "f:tcpSocket": { + "f:port": {} + } + }, + "f:name": {}, + "f:resources": { + "f:requests": { + "f:cpu": {}, + "f:memory": {} + } + } + } + }, + "f:serviceAccount": {} + } + } + } + }, + "manager": "kubectl", + "operation": "Apply", + "subresource": null, + "time": "2024-02-27T01:19:29+00:00" + }, + { + "api_version": "apps/v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:labels": { + "f:acto/tag": {} + } + }, + "f:spec": { + "f:template": { + "f:metadata": { + "f:labels": { + "f:acto/tag": {} + } + } + } + } + }, + "manager": "OpenAPI-Generator", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:34+00:00" + }, + { + "api_version": "apps/v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + ".": {}, + "f:deployment.kubernetes.io/revision": {} + } + }, + "f:status": { + "f:availableReplicas": {}, + "f:conditions": { + ".": {}, + "k:{\"type\":\"Available\"}": { + ".": {}, + "f:lastTransitionTime": {}, + "f:lastUpdateTime": {}, + "f:message": {}, + "f:reason": {}, + "f:status": {}, + "f:type": {} + }, + "k:{\"type\":\"Progressing\"}": { + ".": {}, + "f:lastTransitionTime": {}, + "f:lastUpdateTime": {}, + "f:message": {}, + "f:reason": {}, + "f:status": {}, + "f:type": {} + } + }, + "f:observedGeneration": {}, + "f:readyReplicas": {}, + "f:replicas": {}, + "f:updatedReplicas": {} + } + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": "status", + "time": "2024-02-27T01:19:35+00:00" + } + ], + "name": "tidb-controller-manager", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "782", + "self_link": null, + "uid": "9c9a1175-4094-401b-b70a-d6cf986e73ea" + }, + "spec": { + "min_ready_seconds": null, + "paused": null, + "progress_deadline_seconds": 600, + "replicas": 1, + "revision_history_limit": 10, + "selector": { + "match_expressions": null, + "match_labels": { + "app.kubernetes.io/component": "controller-manager", + "app.kubernetes.io/instance": "acto-test-operator", + "app.kubernetes.io/name": "tidb-operator" + } + }, + "strategy": { + "rolling_update": { + "max_surge": "25%", + "max_unavailable": "25%" + }, + "type": "RollingUpdate" + }, + "template": { + "metadata": { + "annotations": null, + "creation_timestamp": null, + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": { + "acto/tag": "operator-pod", + "app.kubernetes.io/component": "controller-manager", + "app.kubernetes.io/instance": "acto-test-operator", + "app.kubernetes.io/name": "tidb-operator" + }, + "managed_fields": null, + "name": null, + "namespace": null, + "owner_references": null, + "resource_version": null, + "self_link": null, + "uid": null + }, + "spec": { + "active_deadline_seconds": null, + "affinity": null, + "automount_service_account_token": null, + "containers": [ + { + "args": null, + "command": [ + "/usr/local/bin/tidb-controller-manager", + "-tidb-backup-manager-image=pingcap/tidb-backup-manager:v1.3.2", + "-tidb-discovery-image=pingcap/tidb-operator:v1.3.2", + "-cluster-scoped=true", + "-cluster-permission-node=true", + "-cluster-permission-pv=true", + "-cluster-permission-sc=true", + "-auto-failover=true", + "-pd-failover-period=5m", + "-tikv-failover-period=5m", + "-tiflash-failover-period=5m", + "-tidb-failover-period=5m", + "-dm-master-failover-period=5m", + "-dm-worker-failover-period=5m", + "-v=2" + ], + "env": [ + { + "name": "NAMESPACE", + "value": null, + "value_from": { + "config_map_key_ref": null, + "field_ref": { + "api_version": "v1", + "field_path": "metadata.namespace" + }, + "resource_field_ref": null, + "secret_key_ref": null + } + }, + { + "name": "TZ", + "value": "UTC", + "value_from": null + } + ], + "env_from": null, + "image": "pingcap/tidb-operator:v1.3.2", + "image_pull_policy": "IfNotPresent", + "lifecycle": null, + "liveness_probe": { + "_exec": null, + "failure_threshold": 10, + "grpc": null, + "http_get": null, + "initial_delay_seconds": 30, + "period_seconds": 10, + "success_threshold": 1, + "tcp_socket": { + "host": null, + "port": 6060 + }, + "termination_grace_period_seconds": null, + "timeout_seconds": 1 + }, + "name": "tidb-operator", + "ports": null, + "readiness_probe": null, + "resources": { + "claims": null, + "limits": null, + "requests": { + "cpu": "80m", + "memory": "50Mi" + } + }, + "security_context": null, + "startup_probe": null, + "stdin": null, + "stdin_once": null, + "termination_message_path": "/dev/termination-log", + "termination_message_policy": "File", + "tty": null, + "volume_devices": null, + "volume_mounts": null, + "working_dir": null + } + ], + "dns_config": null, + "dns_policy": "ClusterFirst", + "enable_service_links": null, + "ephemeral_containers": null, + "host_aliases": null, + "host_ipc": null, + "host_network": null, + "host_pid": null, + "host_users": null, + "hostname": null, + "image_pull_secrets": null, + "init_containers": null, + "node_name": null, + "node_selector": null, + "os": null, + "overhead": null, + "preemption_policy": null, + "priority": null, + "priority_class_name": null, + "readiness_gates": null, + "resource_claims": null, + "restart_policy": "Always", + "runtime_class_name": null, + "scheduler_name": "default-scheduler", + "scheduling_gates": null, + "security_context": { + "fs_group": null, + "fs_group_change_policy": null, + "run_as_group": null, + "run_as_non_root": null, + "run_as_user": null, + "se_linux_options": null, + "seccomp_profile": null, + "supplemental_groups": null, + "sysctls": null, + "windows_options": null + }, + "service_account": "tidb-controller-manager", + "service_account_name": "tidb-controller-manager", + "set_hostname_as_fqdn": null, + "share_process_namespace": null, + "subdomain": null, + "termination_grace_period_seconds": 30, + "tolerations": null, + "topology_spread_constraints": null, + "volumes": null + } + } + }, + "status": { + "available_replicas": 1, + "collision_count": null, + "conditions": [ + { + "last_transition_time": "2024-02-27T01:19:30+00:00", + "last_update_time": "2024-02-27T01:19:30+00:00", + "message": "Deployment has minimum availability.", + "reason": "MinimumReplicasAvailable", + "status": "True", + "type": "Available" + }, + { + "last_transition_time": "2024-02-27T01:19:29+00:00", + "last_update_time": "2024-02-27T01:19:35+00:00", + "message": "ReplicaSet \"tidb-controller-manager-7b6bdb846c\" has successfully progressed.", + "reason": "NewReplicaSetAvailable", + "status": "True", + "type": "Progressing" + } + ], + "observed_generation": 2, + "ready_replicas": 1, + "replicas": 1, + "unavailable_replicas": null, + "updated_replicas": 1 + } + }, + "tidb-scheduler": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": { + "deployment.kubernetes.io/revision": "2" + }, + "creation_timestamp": "2024-02-27T01:19:29+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": 2, + "labels": { + "acto/tag": "operator-deployment", + "app.kubernetes.io/component": "scheduler", + "app.kubernetes.io/instance": "acto-test-operator", + "app.kubernetes.io/managed-by": "Helm", + "app.kubernetes.io/name": "tidb-operator", + "helm.sh/chart": "tidb-operator-v1-canary" + }, + "managed_fields": [ + { + "api_version": "apps/v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:labels": { + "f:app.kubernetes.io/component": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {}, + "f:helm.sh/chart": {} + } + }, + "f:spec": { + "f:replicas": {}, + "f:selector": {}, + "f:template": { + "f:metadata": { + "f:labels": { + "f:app.kubernetes.io/component": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/name": {} + } + }, + "f:spec": { + "f:containers": { + "k:{\"name\":\"kube-scheduler\"}": { + ".": {}, + "f:command": {}, + "f:image": {}, + "f:imagePullPolicy": {}, + "f:name": {}, + "f:resources": { + "f:limits": { + "f:cpu": {}, + "f:memory": {} + }, + "f:requests": { + "f:cpu": {}, + "f:memory": {} + } + }, + "f:volumeMounts": { + "k:{\"mountPath\":\"/etc/kubernetes\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {} + } + } + }, + "k:{\"name\":\"tidb-scheduler\"}": { + ".": {}, + "f:command": {}, + "f:image": {}, + "f:imagePullPolicy": {}, + "f:name": {}, + "f:resources": { + "f:limits": { + "f:cpu": {}, + "f:memory": {} + }, + "f:requests": { + "f:cpu": {}, + "f:memory": {} + } + } + } + }, + "f:serviceAccount": {}, + "f:volumes": { + "k:{\"name\":\"scheduler-config\"}": { + ".": {}, + "f:configMap": { + "f:name": {} + }, + "f:name": {} + } + } + } + } + } + }, + "manager": "kubectl", + "operation": "Apply", + "subresource": null, + "time": "2024-02-27T01:19:29+00:00" + }, + { + "api_version": "apps/v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:labels": { + "f:acto/tag": {} + } + }, + "f:spec": { + "f:template": { + "f:metadata": { + "f:labels": { + "f:acto/tag": {} + } + } + } + } + }, + "manager": "OpenAPI-Generator", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:34+00:00" + }, + { + "api_version": "apps/v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + ".": {}, + "f:deployment.kubernetes.io/revision": {} + } + }, + "f:status": { + "f:availableReplicas": {}, + "f:conditions": { + ".": {}, + "k:{\"type\":\"Available\"}": { + ".": {}, + "f:lastTransitionTime": {}, + "f:lastUpdateTime": {}, + "f:message": {}, + "f:reason": {}, + "f:status": {}, + "f:type": {} + }, + "k:{\"type\":\"Progressing\"}": { + ".": {}, + "f:lastTransitionTime": {}, + "f:lastUpdateTime": {}, + "f:message": {}, + "f:reason": {}, + "f:status": {}, + "f:type": {} + } + }, + "f:observedGeneration": {}, + "f:readyReplicas": {}, + "f:replicas": {}, + "f:updatedReplicas": {} + } + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": "status", + "time": "2024-02-27T01:19:37+00:00" + } + ], + "name": "tidb-scheduler", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "803", + "self_link": null, + "uid": "20ba2e7c-07eb-48ca-a4b7-a91c7be753f3" + }, + "spec": { + "min_ready_seconds": null, + "paused": null, + "progress_deadline_seconds": 600, + "replicas": 1, + "revision_history_limit": 10, + "selector": { + "match_expressions": null, + "match_labels": { + "app.kubernetes.io/component": "scheduler", + "app.kubernetes.io/instance": "acto-test-operator", + "app.kubernetes.io/name": "tidb-operator" + } + }, + "strategy": { + "rolling_update": { + "max_surge": "25%", + "max_unavailable": "25%" + }, + "type": "RollingUpdate" + }, + "template": { + "metadata": { + "annotations": null, + "creation_timestamp": null, + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": { + "acto/tag": "operator-pod", + "app.kubernetes.io/component": "scheduler", + "app.kubernetes.io/instance": "acto-test-operator", + "app.kubernetes.io/name": "tidb-operator" + }, + "managed_fields": null, + "name": null, + "namespace": null, + "owner_references": null, + "resource_version": null, + "self_link": null, + "uid": null + }, + "spec": { + "active_deadline_seconds": null, + "affinity": null, + "automount_service_account_token": null, + "containers": [ + { + "args": null, + "command": [ + "/usr/local/bin/tidb-scheduler", + "-v=2", + "-port=10262" + ], + "env": null, + "env_from": null, + "image": "pingcap/tidb-operator:v1.3.2", + "image_pull_policy": "IfNotPresent", + "lifecycle": null, + "liveness_probe": null, + "name": "tidb-scheduler", + "ports": null, + "readiness_probe": null, + "resources": { + "claims": null, + "limits": { + "cpu": "250m", + "memory": "150Mi" + }, + "requests": { + "cpu": "80m", + "memory": "50Mi" + } + }, + "security_context": null, + "startup_probe": null, + "stdin": null, + "stdin_once": null, + "termination_message_path": "/dev/termination-log", + "termination_message_policy": "File", + "tty": null, + "volume_devices": null, + "volume_mounts": null, + "working_dir": null + }, + { + "args": null, + "command": [ + "kube-scheduler", + "--v=2", + "--config=/etc/kubernetes/scheduler-config.yaml" + ], + "env": null, + "env_from": null, + "image": "k8s.gcr.io/kube-scheduler:v1.22.9", + "image_pull_policy": "IfNotPresent", + "lifecycle": null, + "liveness_probe": null, + "name": "kube-scheduler", + "ports": null, + "readiness_probe": null, + "resources": { + "claims": null, + "limits": { + "cpu": "250m", + "memory": "150Mi" + }, + "requests": { + "cpu": "80m", + "memory": "50Mi" + } + }, + "security_context": null, + "startup_probe": null, + "stdin": null, + "stdin_once": null, + "termination_message_path": "/dev/termination-log", + "termination_message_policy": "File", + "tty": null, + "volume_devices": null, + "volume_mounts": [ + { + "mount_path": "/etc/kubernetes", + "mount_propagation": null, + "name": "scheduler-config", + "read_only": null, + "sub_path": null, + "sub_path_expr": null + } + ], + "working_dir": null + } + ], + "dns_config": null, + "dns_policy": "ClusterFirst", + "enable_service_links": null, + "ephemeral_containers": null, + "host_aliases": null, + "host_ipc": null, + "host_network": null, + "host_pid": null, + "host_users": null, + "hostname": null, + "image_pull_secrets": null, + "init_containers": null, + "node_name": null, + "node_selector": null, + "os": null, + "overhead": null, + "preemption_policy": null, + "priority": null, + "priority_class_name": null, + "readiness_gates": null, + "resource_claims": null, + "restart_policy": "Always", + "runtime_class_name": null, + "scheduler_name": "default-scheduler", + "scheduling_gates": null, + "security_context": { + "fs_group": null, + "fs_group_change_policy": null, + "run_as_group": null, + "run_as_non_root": null, + "run_as_user": null, + "se_linux_options": null, + "seccomp_profile": null, + "supplemental_groups": null, + "sysctls": null, + "windows_options": null + }, + "service_account": "tidb-scheduler", + "service_account_name": "tidb-scheduler", + "set_hostname_as_fqdn": null, + "share_process_namespace": null, + "subdomain": null, + "termination_grace_period_seconds": 30, + "tolerations": null, + "topology_spread_constraints": null, + "volumes": [ + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": { + "default_mode": 420, + "items": null, + "name": "tidb-scheduler-config", + "optional": null + }, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "scheduler-config", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + } + ] + } + } + }, + "status": { + "available_replicas": 1, + "collision_count": null, + "conditions": [ + { + "last_transition_time": "2024-02-27T01:19:32+00:00", + "last_update_time": "2024-02-27T01:19:32+00:00", + "message": "Deployment has minimum availability.", + "reason": "MinimumReplicasAvailable", + "status": "True", + "type": "Available" + }, + { + "last_transition_time": "2024-02-27T01:19:29+00:00", + "last_update_time": "2024-02-27T01:19:37+00:00", + "message": "ReplicaSet \"tidb-scheduler-77874455fc\" has successfully progressed.", + "reason": "NewReplicaSetAvailable", + "status": "True", + "type": "Progressing" + } + ], + "observed_generation": 2, + "ready_replicas": 1, + "replicas": 1, + "unavailable_replicas": null, + "updated_replicas": 1 + } + } + }, + "daemon_set": {}, + "config_map": { + "kube-root-ca.crt": { + "api_version": null, + "binary_data": null, + "data": { + "ca.crt": "-----BEGIN CERTIFICATE-----\nMIIDBTCCAe2gAwIBAgIIZ5THVDJZXfowDQYJKoZIhvcNAQELBQAwFTETMBEGA1UE\nAxMKa3ViZXJuZXRlczAeFw0yNDAyMjcwMTEzMzJaFw0zNDAyMjQwMTE4MzJaMBUx\nEzARBgNVBAMTCmt1YmVybmV0ZXMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK\nAoIBAQC1Y4Rwx+jwrwtDWJJOZ5NwOv+A8BinI3IHkXxnDLtH/gQzmHBGaJzQA78w\nLenHuRBNkouaCJ3LzEcivIhb40aYsM8uwu2eTQBEHBENK3OxkJ9QTr5fmYDLwBvb\nj7cvsRExy9fQV9ObFYJPDIw5u6DgiyXRbT2PFDuet6rwVFShRlrrIJ+iL5WtWvKK\n0Kn2qO9/iSSdDUcIIXP07pzVPYDrg+tlND4YrdIgl8LYqBiF1wDloi+Zl09vOGmt\nLbDY5mvkQxlSpUcIviLLNHbQ7KMLTzIZz2gvzWEPyQ20mWWiwDWdTB4H2w9Qiu42\n99G9Q8CglQtExnt56cSkqdJhJvwfAgMBAAGjWTBXMA4GA1UdDwEB/wQEAwICpDAP\nBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBQk8EwlGFM1CP/e8qI04IrQOALf1jAV\nBgNVHREEDjAMggprdWJlcm5ldGVzMA0GCSqGSIb3DQEBCwUAA4IBAQBXUKZmiMjl\nMbH5fAemGhfEC019prVPcP7ABB5cIq+V8bsPzGjhEv/+ZTeqwzYM8gU4Dq+vFErz\n2Mx55UmHkqo/yamqnKm19LvuSRmdE0Bhww4/WanACPJjvRJRh85IsI/cKiFPziIl\n0JbqWiV2o7HEDpLDA0Ya7fGSfQGmbgz3wo7+yU80eU9blO7J3fclTKfrDgvCERQO\nqqztfNuP/tOD42f2+El7F4O+yReF/aXA3BvQDNa2zT8PRs+dNFmQNwW12VVnFbuZ\nm0cbmXKnQs7Zm5gE9kqk0zjQRvd7UDLQC0YTBUBK7L18piQN0PdwySvsJkvMZkhn\nI5yzUmqVRIMn\n-----END CERTIFICATE-----\n" + }, + "immutable": null, + "kind": null, + "metadata": { + "annotations": { + "kubernetes.io/description": "Contains a CA bundle that can be used to verify the kube-apiserver when using internal endpoints such as the internal service IP or kubernetes.default.svc. No other usage is guaranteed across distributions of Kubernetes clusters." + }, + "creation_timestamp": "2024-02-27T01:19:22+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:data": { + ".": {}, + "f:ca.crt": {} + }, + "f:metadata": { + "f:annotations": { + ".": {}, + "f:kubernetes.io/description": {} + } + } + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:22+00:00" + } + ], + "name": "kube-root-ca.crt", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "628", + "self_link": null, + "uid": "99d40a37-6559-48b4-b71a-a3dd53006a1f" + } + }, + "test-cluster-pd-3731616": { + "api_version": null, + "binary_data": null, + "data": { + "config-file": "[dashboard]\n internal-proxy = true\n", + "startup-script": "#!/bin/sh\n\n# This script is used to start pd containers in kubernetes cluster\n\n# Use DownwardAPIVolumeFiles to store informations of the cluster:\n# https://kubernetes.io/docs/tasks/inject-data-application/downward-api-volume-expose-pod-information/#the-downward-api\n#\n# runmode=\"normal/debug\"\n#\n\nset -uo pipefail\n\nANNOTATIONS=\"/etc/podinfo/annotations\"\n\nif [[ ! -f \"${ANNOTATIONS}\" ]]\nthen\n echo \"${ANNOTATIONS} does't exist, exiting.\"\n exit 1\nfi\nsource ${ANNOTATIONS} 2>/dev/null\n\nrunmode=${runmode:-normal}\nif [[ X${runmode} == Xdebug ]]\nthen\n echo \"entering debug mode.\"\n tail -f /dev/null\nfi\n\n# Use HOSTNAME if POD_NAME is unset for backward compatibility.\nPOD_NAME=${POD_NAME:-$HOSTNAME}\n# the general form of variable PEER_SERVICE_NAME is: \"-pd-peer\"\ncluster_name=`echo ${PEER_SERVICE_NAME} | sed 's/-pd-peer//'`\ndomain=\"${POD_NAME}.${PEER_SERVICE_NAME}.${NAMESPACE}.svc\"\ndiscovery_url=\"${cluster_name}-discovery.${NAMESPACE}.svc:10261\"\nencoded_domain_url=`echo ${domain}:2380 | base64 | tr \"\\n\" \" \" | sed \"s/ //g\"`\nelapseTime=0\nperiod=1\nthreshold=30\nwhile true; do\nsleep ${period}\nelapseTime=$(( elapseTime+period ))\n\nif [[ ${elapseTime} -ge ${threshold} ]]\nthen\necho \"waiting for pd cluster ready timeout\" >&2\nexit 1\nfi\n\nif nslookup ${domain} 2>/dev/null\nthen\necho \"nslookup domain ${domain}.svc success\"\nbreak\nelse\necho \"nslookup domain ${domain} failed\" >&2\nfi\ndone\n\nARGS=\"--data-dir=/var/lib/pd \\\n--name=${POD_NAME} \\\n--peer-urls=http://0.0.0.0:2380 \\\n--advertise-peer-urls=http://${domain}:2380 \\\n--client-urls=http://0.0.0.0:2379 \\\n--advertise-client-urls=http://${domain}:2379 \\\n--config=/etc/pd/pd.toml \\\n\"\n\nif [[ -f /var/lib/pd/join ]]\nthen\n# The content of the join file is:\n# demo-pd-0=http://demo-pd-0.demo-pd-peer.demo.svc:2380,demo-pd-1=http://demo-pd-1.demo-pd-peer.demo.svc:2380\n# The --join args must be:\n# --join=http://demo-pd-0.demo-pd-peer.demo.svc:2380,http://demo-pd-1.demo-pd-peer.demo.svc:2380\njoin=`cat /var/lib/pd/join | tr \",\" \"\\n\" | awk -F'=' '{print $2}' | tr \"\\n\" \",\"`\njoin=${join%,}\nARGS=\"${ARGS} --join=${join}\"\nelif [[ ! -d /var/lib/pd/member/wal ]]\nthen\nuntil result=$(wget -qO- -T 3 http://${discovery_url}/new/${encoded_domain_url} 2>/dev/null); do\necho \"waiting for discovery service to return start args ...\"\nsleep $((RANDOM % 5))\ndone\nARGS=\"${ARGS}${result}\"\nfi\n\necho \"starting pd-server ...\"\nsleep $((RANDOM % 10))\necho \"/pd-server ${ARGS}\"\nexec /pd-server ${ARGS}\n" + }, + "immutable": null, + "kind": null, + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:19:59+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": { + "app.kubernetes.io/component": "pd", + "app.kubernetes.io/instance": "test-cluster", + "app.kubernetes.io/managed-by": "tidb-operator", + "app.kubernetes.io/name": "tidb-cluster" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:data": { + ".": {}, + "f:config-file": {}, + "f:startup-script": {} + }, + "f:metadata": { + "f:labels": { + ".": {}, + "f:app.kubernetes.io/component": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {} + }, + "f:ownerReferences": { + ".": {}, + "k:{\"uid\":\"eff6561e-bf0d-471c-99a1-71f35603bc87\"}": {} + } + } + }, + "manager": "tidb-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:59+00:00" + } + ], + "name": "test-cluster-pd-3731616", + "namespace": "acto-namespace", + "owner_references": [ + { + "api_version": "pingcap.com/v1alpha1", + "block_owner_deletion": true, + "controller": true, + "kind": "TidbCluster", + "name": "test-cluster", + "uid": "eff6561e-bf0d-471c-99a1-71f35603bc87" + } + ], + "resource_version": "878", + "self_link": null, + "uid": "e8f0acba-3029-41d3-97f4-d296393f3014" + } + }, + "test-cluster-tidb-6662316": { + "api_version": null, + "binary_data": null, + "data": { + "config-file": "[log]\n [log.file]\n max-backups = 3\n\n[performance]\n tcp-keep-alive = true\n", + "startup-script": "#!/bin/sh\n\n# This script is used to start tidb containers in kubernetes cluster\n\n# Use DownwardAPIVolumeFiles to store informations of the cluster:\n# https://kubernetes.io/docs/tasks/inject-data-application/downward-api-volume-expose-pod-information/#the-downward-api\n#\n# runmode=\"normal/debug\"\n#\nset -uo pipefail\n\nANNOTATIONS=\"/etc/podinfo/annotations\"\n\nif [[ ! -f \"${ANNOTATIONS}\" ]]\nthen\n echo \"${ANNOTATIONS} does't exist, exiting.\"\n exit 1\nfi\nsource ${ANNOTATIONS} 2>/dev/null\nrunmode=${runmode:-normal}\nif [[ X${runmode} == Xdebug ]]\nthen\n echo \"entering debug mode.\"\n tail -f /dev/null\nfi\n\n# Use HOSTNAME if POD_NAME is unset for backward compatibility.\nPOD_NAME=${POD_NAME:-$HOSTNAME}\nARGS=\"--store=tikv \\\n--advertise-address=${POD_NAME}.${HEADLESS_SERVICE_NAME}.${NAMESPACE}.svc \\\n--host=0.0.0.0 \\\n--path=${CLUSTER_NAME}-pd:2379 \\\n--config=/etc/tidb/tidb.toml\n\"\n\nif [[ X${BINLOG_ENABLED:-} == Xtrue ]]\nthen\n ARGS=\"${ARGS} --enable-binlog=true\"\nfi\n\nSLOW_LOG_FILE=${SLOW_LOG_FILE:-\"\"}\nif [[ ! -z \"${SLOW_LOG_FILE}\" ]]\nthen\n ARGS=\"${ARGS} --log-slow-query=${SLOW_LOG_FILE:-}\"\nfi\n\necho \"start tidb-server ...\"\necho \"/tidb-server ${ARGS}\"\nexec /tidb-server ${ARGS}\n" + }, + "immutable": null, + "kind": null, + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:52+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": { + "app.kubernetes.io/component": "tidb", + "app.kubernetes.io/instance": "test-cluster", + "app.kubernetes.io/managed-by": "tidb-operator", + "app.kubernetes.io/name": "tidb-cluster" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:data": { + ".": {}, + "f:config-file": {}, + "f:startup-script": {} + }, + "f:metadata": { + "f:labels": { + ".": {}, + "f:app.kubernetes.io/component": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {} + }, + "f:ownerReferences": { + ".": {}, + "k:{\"uid\":\"eff6561e-bf0d-471c-99a1-71f35603bc87\"}": {} + } + } + }, + "manager": "tidb-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:52+00:00" + } + ], + "name": "test-cluster-tidb-6662316", + "namespace": "acto-namespace", + "owner_references": [ + { + "api_version": "pingcap.com/v1alpha1", + "block_owner_deletion": true, + "controller": true, + "kind": "TidbCluster", + "name": "test-cluster", + "uid": "eff6561e-bf0d-471c-99a1-71f35603bc87" + } + ], + "resource_version": "1334", + "self_link": null, + "uid": "5d469b64-8189-40ac-ac5d-66c114e75604" + } + }, + "test-cluster-tikv-3831336": { + "api_version": null, + "binary_data": null, + "data": { + "config-file": "log-level = \"info\"\n", + "startup-script": "#!/bin/sh\n\n# This script is used to start tikv containers in kubernetes cluster\n\n# Use DownwardAPIVolumeFiles to store informations of the cluster:\n# https://kubernetes.io/docs/tasks/inject-data-application/downward-api-volume-expose-pod-information/#the-downward-api\n#\n# runmode=\"normal/debug\"\n#\n\nset -uo pipefail\n\nANNOTATIONS=\"/etc/podinfo/annotations\"\n\nif [[ ! -f \"${ANNOTATIONS}\" ]]\nthen\n echo \"${ANNOTATIONS} does't exist, exiting.\"\n exit 1\nfi\nsource ${ANNOTATIONS} 2>/dev/null\n\nrunmode=${runmode:-normal}\nif [[ X${runmode} == Xdebug ]]\nthen\n\techo \"entering debug mode.\"\n\ttail -f /dev/null\nfi\n\n# Use HOSTNAME if POD_NAME is unset for backward compatibility.\nPOD_NAME=${POD_NAME:-$HOSTNAME}\nARGS=\"--pd=http://${CLUSTER_NAME}-pd:2379 \\\n--advertise-addr=${POD_NAME}.${HEADLESS_SERVICE_NAME}.${NAMESPACE}.svc:20160 \\\n--addr=0.0.0.0:20160 \\\n--status-addr=0.0.0.0:20180 \\\n--advertise-status-addr=${POD_NAME}.${HEADLESS_SERVICE_NAME}.${NAMESPACE}.svc:20180 \\\n--data-dir=/var/lib/tikv \\\n--capacity=${CAPACITY} \\\n--config=/etc/tikv/tikv.toml\n\"\n\nif [ ! -z \"${STORE_LABELS:-}\" ]; then\n LABELS=\" --labels ${STORE_LABELS} \"\n ARGS=\"${ARGS}${LABELS}\"\nfi\n\necho \"starting tikv-server ...\"\necho \"/tikv-server ${ARGS}\"\nexec /tikv-server ${ARGS}\n" + }, + "immutable": null, + "kind": null, + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:22+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": { + "app.kubernetes.io/component": "tikv", + "app.kubernetes.io/instance": "test-cluster", + "app.kubernetes.io/managed-by": "tidb-operator", + "app.kubernetes.io/name": "tidb-cluster" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:data": { + ".": {}, + "f:config-file": {}, + "f:startup-script": {} + }, + "f:metadata": { + "f:labels": { + ".": {}, + "f:app.kubernetes.io/component": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {} + }, + "f:ownerReferences": { + ".": {}, + "k:{\"uid\":\"eff6561e-bf0d-471c-99a1-71f35603bc87\"}": {} + } + } + }, + "manager": "tidb-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:22+00:00" + } + ], + "name": "test-cluster-tikv-3831336", + "namespace": "acto-namespace", + "owner_references": [ + { + "api_version": "pingcap.com/v1alpha1", + "block_owner_deletion": true, + "controller": true, + "kind": "TidbCluster", + "name": "test-cluster", + "uid": "eff6561e-bf0d-471c-99a1-71f35603bc87" + } + ], + "resource_version": "1084", + "self_link": null, + "uid": "b38eb8e1-5d60-4588-bc0e-63f9fcd141ed" + } + }, + "tidb-scheduler-config": { + "api_version": null, + "binary_data": null, + "data": { + "scheduler-config.yaml": "\napiVersion: kubescheduler.config.k8s.io/v1beta1\nkind: KubeSchedulerConfiguration\nleaderElection:\n leaderElect: true\n resourceNamespace: acto-namespace\n resourceName: tidb-scheduler\nhealthzBindAddress: 0.0.0.0:10261\nmetricsBindAddress: 0.0.0.0:10261\nprofiles:\n - schedulerName: tidb-scheduler\nextenders:\n - urlPrefix: http://127.0.0.1:10262/scheduler\n filterVerb: filter\n preemptVerb: preempt\n weight: 1\n enableHTTPS: false\n httpTimeout: 30s" + }, + "immutable": null, + "kind": null, + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:19:29+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": { + "app.kubernetes.io/component": "scheduler", + "app.kubernetes.io/instance": "acto-test-operator", + "app.kubernetes.io/managed-by": "Helm", + "app.kubernetes.io/name": "tidb-operator", + "helm.sh/chart": "tidb-operator-v1-canary" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:data": { + "f:scheduler-config.yaml": {} + }, + "f:metadata": { + "f:labels": { + "f:app.kubernetes.io/component": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {}, + "f:helm.sh/chart": {} + } + } + }, + "manager": "kubectl", + "operation": "Apply", + "subresource": null, + "time": "2024-02-27T01:19:29+00:00" + } + ], + "name": "tidb-scheduler-config", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "670", + "self_link": null, + "uid": "6638d1a4-a2e6-4b27-9cac-00d69352ad49" + } + } + }, + "service": { + "test-cluster-discovery": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": { + "pingcap.com/last-applied-configuration": "{\"ports\":[{\"name\":\"discovery\",\"protocol\":\"TCP\",\"port\":10261,\"targetPort\":10261},{\"name\":\"proxy\",\"protocol\":\"TCP\",\"port\":10262,\"targetPort\":10262}],\"selector\":{\"app.kubernetes.io/component\":\"discovery\",\"app.kubernetes.io/instance\":\"test-cluster\",\"app.kubernetes.io/managed-by\":\"tidb-operator\",\"app.kubernetes.io/name\":\"tidb-cluster\"},\"type\":\"ClusterIP\"}" + }, + "creation_timestamp": "2024-02-27T01:19:59+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": { + "app.kubernetes.io/component": "discovery", + "app.kubernetes.io/instance": "test-cluster", + "app.kubernetes.io/managed-by": "tidb-operator", + "app.kubernetes.io/name": "tidb-cluster" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + ".": {}, + "f:pingcap.com/last-applied-configuration": {} + }, + "f:labels": { + ".": {}, + "f:app.kubernetes.io/component": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {} + }, + "f:ownerReferences": { + ".": {}, + "k:{\"uid\":\"eff6561e-bf0d-471c-99a1-71f35603bc87\"}": {} + } + }, + "f:spec": { + "f:internalTrafficPolicy": {}, + "f:ports": { + ".": {}, + "k:{\"port\":10261,\"protocol\":\"TCP\"}": { + ".": {}, + "f:name": {}, + "f:port": {}, + "f:protocol": {}, + "f:targetPort": {} + }, + "k:{\"port\":10262,\"protocol\":\"TCP\"}": { + ".": {}, + "f:name": {}, + "f:port": {}, + "f:protocol": {}, + "f:targetPort": {} + } + }, + "f:selector": {}, + "f:sessionAffinity": {}, + "f:type": {} + } + }, + "manager": "tidb-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:00+00:00" + } + ], + "name": "test-cluster-discovery", + "namespace": "acto-namespace", + "owner_references": [ + { + "api_version": "pingcap.com/v1alpha1", + "block_owner_deletion": true, + "controller": true, + "kind": "TidbCluster", + "name": "test-cluster", + "uid": "eff6561e-bf0d-471c-99a1-71f35603bc87" + } + ], + "resource_version": "928", + "self_link": null, + "uid": "dacb197f-8ce0-4941-90a3-0afbc90920be" + }, + "spec": { + "allocate_load_balancer_node_ports": null, + "cluster_ip": "10.96.113.100", + "cluster_i_ps": [ + "10.96.113.100" + ], + "external_i_ps": null, + "external_name": null, + "external_traffic_policy": null, + "health_check_node_port": null, + "internal_traffic_policy": "Cluster", + "ip_families": [ + "IPv4" + ], + "ip_family_policy": "SingleStack", + "load_balancer_class": null, + "load_balancer_ip": null, + "load_balancer_source_ranges": null, + "ports": [ + { + "app_protocol": null, + "name": "discovery", + "node_port": null, + "port": 10261, + "protocol": "TCP", + "target_port": 10261 + }, + { + "app_protocol": null, + "name": "proxy", + "node_port": null, + "port": 10262, + "protocol": "TCP", + "target_port": 10262 + } + ], + "publish_not_ready_addresses": null, + "selector": { + "app.kubernetes.io/component": "discovery", + "app.kubernetes.io/instance": "test-cluster", + "app.kubernetes.io/managed-by": "tidb-operator", + "app.kubernetes.io/name": "tidb-cluster" + }, + "session_affinity": "None", + "session_affinity_config": null, + "type": "ClusterIP" + }, + "status": { + "conditions": null, + "load_balancer": { + "ingress": null + } + } + }, + "test-cluster-pd": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": { + "pingcap.com/last-applied-configuration": "{\"ports\":[{\"name\":\"client\",\"protocol\":\"TCP\",\"port\":2379,\"targetPort\":2379}],\"selector\":{\"app.kubernetes.io/component\":\"pd\",\"app.kubernetes.io/instance\":\"test-cluster\",\"app.kubernetes.io/managed-by\":\"tidb-operator\",\"app.kubernetes.io/name\":\"tidb-cluster\"},\"type\":\"ClusterIP\"}" + }, + "creation_timestamp": "2024-02-27T01:19:59+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": { + "app.kubernetes.io/component": "pd", + "app.kubernetes.io/instance": "test-cluster", + "app.kubernetes.io/managed-by": "tidb-operator", + "app.kubernetes.io/name": "tidb-cluster", + "app.kubernetes.io/used-by": "end-user" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + ".": {}, + "f:pingcap.com/last-applied-configuration": {} + }, + "f:labels": { + ".": {}, + "f:app.kubernetes.io/component": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {}, + "f:app.kubernetes.io/used-by": {} + }, + "f:ownerReferences": { + ".": {}, + "k:{\"uid\":\"eff6561e-bf0d-471c-99a1-71f35603bc87\"}": {} + } + }, + "f:spec": { + "f:internalTrafficPolicy": {}, + "f:ports": { + ".": {}, + "k:{\"port\":2379,\"protocol\":\"TCP\"}": { + ".": {}, + "f:name": {}, + "f:port": {}, + "f:protocol": {}, + "f:targetPort": {} + } + }, + "f:selector": {}, + "f:sessionAffinity": {}, + "f:type": {} + } + }, + "manager": "tidb-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:59+00:00" + } + ], + "name": "test-cluster-pd", + "namespace": "acto-namespace", + "owner_references": [ + { + "api_version": "pingcap.com/v1alpha1", + "block_owner_deletion": true, + "controller": true, + "kind": "TidbCluster", + "name": "test-cluster", + "uid": "eff6561e-bf0d-471c-99a1-71f35603bc87" + } + ], + "resource_version": "866", + "self_link": null, + "uid": "bfca2001-d6f7-43f8-a2a7-49cd50d33a5c" + }, + "spec": { + "allocate_load_balancer_node_ports": null, + "cluster_ip": "10.96.11.162", + "cluster_i_ps": [ + "10.96.11.162" + ], + "external_i_ps": null, + "external_name": null, + "external_traffic_policy": null, + "health_check_node_port": null, + "internal_traffic_policy": "Cluster", + "ip_families": [ + "IPv4" + ], + "ip_family_policy": "SingleStack", + "load_balancer_class": null, + "load_balancer_ip": null, + "load_balancer_source_ranges": null, + "ports": [ + { + "app_protocol": null, + "name": "client", + "node_port": null, + "port": 2379, + "protocol": "TCP", + "target_port": 2379 + } + ], + "publish_not_ready_addresses": null, + "selector": { + "app.kubernetes.io/component": "pd", + "app.kubernetes.io/instance": "test-cluster", + "app.kubernetes.io/managed-by": "tidb-operator", + "app.kubernetes.io/name": "tidb-cluster" + }, + "session_affinity": "None", + "session_affinity_config": null, + "type": "ClusterIP" + }, + "status": { + "conditions": null, + "load_balancer": { + "ingress": null + } + } + }, + "test-cluster-pd-peer": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": { + "pingcap.com/last-applied-configuration": "{\"ports\":[{\"name\":\"tcp-peer-2380\",\"protocol\":\"TCP\",\"port\":2380,\"targetPort\":2380},{\"name\":\"tcp-peer-2379\",\"protocol\":\"TCP\",\"port\":2379,\"targetPort\":2379}],\"selector\":{\"app.kubernetes.io/component\":\"pd\",\"app.kubernetes.io/instance\":\"test-cluster\",\"app.kubernetes.io/managed-by\":\"tidb-operator\",\"app.kubernetes.io/name\":\"tidb-cluster\"},\"clusterIP\":\"None\",\"publishNotReadyAddresses\":true}" + }, + "creation_timestamp": "2024-02-27T01:19:59+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": { + "app.kubernetes.io/component": "pd", + "app.kubernetes.io/instance": "test-cluster", + "app.kubernetes.io/managed-by": "tidb-operator", + "app.kubernetes.io/name": "tidb-cluster", + "app.kubernetes.io/used-by": "peer" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + ".": {}, + "f:pingcap.com/last-applied-configuration": {} + }, + "f:labels": { + ".": {}, + "f:app.kubernetes.io/component": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {}, + "f:app.kubernetes.io/used-by": {} + }, + "f:ownerReferences": { + ".": {}, + "k:{\"uid\":\"eff6561e-bf0d-471c-99a1-71f35603bc87\"}": {} + } + }, + "f:spec": { + "f:clusterIP": {}, + "f:internalTrafficPolicy": {}, + "f:ports": { + ".": {}, + "k:{\"port\":2379,\"protocol\":\"TCP\"}": { + ".": {}, + "f:name": {}, + "f:port": {}, + "f:protocol": {}, + "f:targetPort": {} + }, + "k:{\"port\":2380,\"protocol\":\"TCP\"}": { + ".": {}, + "f:name": {}, + "f:port": {}, + "f:protocol": {}, + "f:targetPort": {} + } + }, + "f:publishNotReadyAddresses": {}, + "f:selector": {}, + "f:sessionAffinity": {}, + "f:type": {} + } + }, + "manager": "tidb-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:59+00:00" + } + ], + "name": "test-cluster-pd-peer", + "namespace": "acto-namespace", + "owner_references": [ + { + "api_version": "pingcap.com/v1alpha1", + "block_owner_deletion": true, + "controller": true, + "kind": "TidbCluster", + "name": "test-cluster", + "uid": "eff6561e-bf0d-471c-99a1-71f35603bc87" + } + ], + "resource_version": "873", + "self_link": null, + "uid": "4be4a2f6-d8ec-4083-8b16-079122485476" + }, + "spec": { + "allocate_load_balancer_node_ports": null, + "cluster_ip": "None", + "cluster_i_ps": [ + "None" + ], + "external_i_ps": null, + "external_name": null, + "external_traffic_policy": null, + "health_check_node_port": null, + "internal_traffic_policy": "Cluster", + "ip_families": [ + "IPv4" + ], + "ip_family_policy": "SingleStack", + "load_balancer_class": null, + "load_balancer_ip": null, + "load_balancer_source_ranges": null, + "ports": [ + { + "app_protocol": null, + "name": "tcp-peer-2380", + "node_port": null, + "port": 2380, + "protocol": "TCP", + "target_port": 2380 + }, + { + "app_protocol": null, + "name": "tcp-peer-2379", + "node_port": null, + "port": 2379, + "protocol": "TCP", + "target_port": 2379 + } + ], + "publish_not_ready_addresses": true, + "selector": { + "app.kubernetes.io/component": "pd", + "app.kubernetes.io/instance": "test-cluster", + "app.kubernetes.io/managed-by": "tidb-operator", + "app.kubernetes.io/name": "tidb-cluster" + }, + "session_affinity": "None", + "session_affinity_config": null, + "type": "ClusterIP" + }, + "status": { + "conditions": null, + "load_balancer": { + "ingress": null + } + } + }, + "test-cluster-tidb": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": { + "pingcap.com/last-applied-configuration": "{\"ports\":[{\"name\":\"mysql-client\",\"protocol\":\"TCP\",\"port\":4000,\"targetPort\":4000,\"nodePort\":31115},{\"name\":\"status\",\"protocol\":\"TCP\",\"port\":10080,\"targetPort\":10080,\"nodePort\":32125}],\"selector\":{\"app.kubernetes.io/component\":\"tidb\",\"app.kubernetes.io/instance\":\"test-cluster\",\"app.kubernetes.io/managed-by\":\"tidb-operator\",\"app.kubernetes.io/name\":\"tidb-cluster\"},\"type\":\"NodePort\",\"externalTrafficPolicy\":\"Local\"}" + }, + "creation_timestamp": "2024-02-27T01:20:52+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": { + "app.kubernetes.io/component": "tidb", + "app.kubernetes.io/instance": "test-cluster", + "app.kubernetes.io/managed-by": "tidb-operator", + "app.kubernetes.io/name": "tidb-cluster", + "app.kubernetes.io/used-by": "end-user" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + ".": {}, + "f:pingcap.com/last-applied-configuration": {} + }, + "f:labels": { + ".": {}, + "f:app.kubernetes.io/component": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {}, + "f:app.kubernetes.io/used-by": {} + }, + "f:ownerReferences": { + ".": {}, + "k:{\"uid\":\"eff6561e-bf0d-471c-99a1-71f35603bc87\"}": {} + } + }, + "f:spec": { + "f:externalTrafficPolicy": {}, + "f:internalTrafficPolicy": {}, + "f:ports": { + ".": {}, + "k:{\"port\":4000,\"protocol\":\"TCP\"}": { + ".": {}, + "f:name": {}, + "f:port": {}, + "f:protocol": {}, + "f:targetPort": {} + }, + "k:{\"port\":10080,\"protocol\":\"TCP\"}": { + ".": {}, + "f:name": {}, + "f:port": {}, + "f:protocol": {}, + "f:targetPort": {} + } + }, + "f:selector": {}, + "f:sessionAffinity": {}, + "f:type": {} + } + }, + "manager": "tidb-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:56+00:00" + } + ], + "name": "test-cluster-tidb", + "namespace": "acto-namespace", + "owner_references": [ + { + "api_version": "pingcap.com/v1alpha1", + "block_owner_deletion": true, + "controller": true, + "kind": "TidbCluster", + "name": "test-cluster", + "uid": "eff6561e-bf0d-471c-99a1-71f35603bc87" + } + ], + "resource_version": "1420", + "self_link": null, + "uid": "cfb9a88d-a203-4da8-9845-679a2d34ddae" + }, + "spec": { + "allocate_load_balancer_node_ports": null, + "cluster_ip": "10.96.9.145", + "cluster_i_ps": [ + "10.96.9.145" + ], + "external_i_ps": null, + "external_name": null, + "external_traffic_policy": "Local", + "health_check_node_port": null, + "internal_traffic_policy": "Cluster", + "ip_families": [ + "IPv4" + ], + "ip_family_policy": "SingleStack", + "load_balancer_class": null, + "load_balancer_ip": null, + "load_balancer_source_ranges": null, + "ports": [ + { + "app_protocol": null, + "name": "mysql-client", + "node_port": 31115, + "port": 4000, + "protocol": "TCP", + "target_port": 4000 + }, + { + "app_protocol": null, + "name": "status", + "node_port": 32125, + "port": 10080, + "protocol": "TCP", + "target_port": 10080 + } + ], + "publish_not_ready_addresses": null, + "selector": { + "app.kubernetes.io/component": "tidb", + "app.kubernetes.io/instance": "test-cluster", + "app.kubernetes.io/managed-by": "tidb-operator", + "app.kubernetes.io/name": "tidb-cluster" + }, + "session_affinity": "None", + "session_affinity_config": null, + "type": "NodePort" + }, + "status": { + "conditions": null, + "load_balancer": { + "ingress": null + } + } + }, + "test-cluster-tidb-peer": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": { + "pingcap.com/last-applied-configuration": "{\"ports\":[{\"name\":\"status\",\"protocol\":\"TCP\",\"port\":10080,\"targetPort\":10080}],\"selector\":{\"app.kubernetes.io/component\":\"tidb\",\"app.kubernetes.io/instance\":\"test-cluster\",\"app.kubernetes.io/managed-by\":\"tidb-operator\",\"app.kubernetes.io/name\":\"tidb-cluster\"},\"clusterIP\":\"None\",\"publishNotReadyAddresses\":true}" + }, + "creation_timestamp": "2024-02-27T01:20:52+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": { + "app.kubernetes.io/component": "tidb", + "app.kubernetes.io/instance": "test-cluster", + "app.kubernetes.io/managed-by": "tidb-operator", + "app.kubernetes.io/name": "tidb-cluster", + "app.kubernetes.io/used-by": "peer" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + ".": {}, + "f:pingcap.com/last-applied-configuration": {} + }, + "f:labels": { + ".": {}, + "f:app.kubernetes.io/component": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {}, + "f:app.kubernetes.io/used-by": {} + }, + "f:ownerReferences": { + ".": {}, + "k:{\"uid\":\"eff6561e-bf0d-471c-99a1-71f35603bc87\"}": {} + } + }, + "f:spec": { + "f:clusterIP": {}, + "f:internalTrafficPolicy": {}, + "f:ports": { + ".": {}, + "k:{\"port\":10080,\"protocol\":\"TCP\"}": { + ".": {}, + "f:name": {}, + "f:port": {}, + "f:protocol": {}, + "f:targetPort": {} + } + }, + "f:publishNotReadyAddresses": {}, + "f:selector": {}, + "f:sessionAffinity": {}, + "f:type": {} + } + }, + "manager": "tidb-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:52+00:00" + } + ], + "name": "test-cluster-tidb-peer", + "namespace": "acto-namespace", + "owner_references": [ + { + "api_version": "pingcap.com/v1alpha1", + "block_owner_deletion": true, + "controller": true, + "kind": "TidbCluster", + "name": "test-cluster", + "uid": "eff6561e-bf0d-471c-99a1-71f35603bc87" + } + ], + "resource_version": "1324", + "self_link": null, + "uid": "abae9ada-e2f2-4dd5-b77d-f56c4bd4422f" + }, + "spec": { + "allocate_load_balancer_node_ports": null, + "cluster_ip": "None", + "cluster_i_ps": [ + "None" + ], + "external_i_ps": null, + "external_name": null, + "external_traffic_policy": null, + "health_check_node_port": null, + "internal_traffic_policy": "Cluster", + "ip_families": [ + "IPv4" + ], + "ip_family_policy": "SingleStack", + "load_balancer_class": null, + "load_balancer_ip": null, + "load_balancer_source_ranges": null, + "ports": [ + { + "app_protocol": null, + "name": "status", + "node_port": null, + "port": 10080, + "protocol": "TCP", + "target_port": 10080 + } + ], + "publish_not_ready_addresses": true, + "selector": { + "app.kubernetes.io/component": "tidb", + "app.kubernetes.io/instance": "test-cluster", + "app.kubernetes.io/managed-by": "tidb-operator", + "app.kubernetes.io/name": "tidb-cluster" + }, + "session_affinity": "None", + "session_affinity_config": null, + "type": "ClusterIP" + }, + "status": { + "conditions": null, + "load_balancer": { + "ingress": null + } + } + }, + "test-cluster-tikv-peer": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": { + "pingcap.com/last-applied-configuration": "{\"ports\":[{\"name\":\"peer\",\"protocol\":\"TCP\",\"port\":20160,\"targetPort\":20160}],\"selector\":{\"app.kubernetes.io/component\":\"tikv\",\"app.kubernetes.io/instance\":\"test-cluster\",\"app.kubernetes.io/managed-by\":\"tidb-operator\",\"app.kubernetes.io/name\":\"tidb-cluster\"},\"clusterIP\":\"None\",\"publishNotReadyAddresses\":true}" + }, + "creation_timestamp": "2024-02-27T01:20:22+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": { + "app.kubernetes.io/component": "tikv", + "app.kubernetes.io/instance": "test-cluster", + "app.kubernetes.io/managed-by": "tidb-operator", + "app.kubernetes.io/name": "tidb-cluster", + "app.kubernetes.io/used-by": "peer" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + ".": {}, + "f:pingcap.com/last-applied-configuration": {} + }, + "f:labels": { + ".": {}, + "f:app.kubernetes.io/component": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {}, + "f:app.kubernetes.io/used-by": {} + }, + "f:ownerReferences": { + ".": {}, + "k:{\"uid\":\"eff6561e-bf0d-471c-99a1-71f35603bc87\"}": {} + } + }, + "f:spec": { + "f:clusterIP": {}, + "f:internalTrafficPolicy": {}, + "f:ports": { + ".": {}, + "k:{\"port\":20160,\"protocol\":\"TCP\"}": { + ".": {}, + "f:name": {}, + "f:port": {}, + "f:protocol": {}, + "f:targetPort": {} + } + }, + "f:publishNotReadyAddresses": {}, + "f:selector": {}, + "f:sessionAffinity": {}, + "f:type": {} + } + }, + "manager": "tidb-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:22+00:00" + } + ], + "name": "test-cluster-tikv-peer", + "namespace": "acto-namespace", + "owner_references": [ + { + "api_version": "pingcap.com/v1alpha1", + "block_owner_deletion": true, + "controller": true, + "kind": "TidbCluster", + "name": "test-cluster", + "uid": "eff6561e-bf0d-471c-99a1-71f35603bc87" + } + ], + "resource_version": "1083", + "self_link": null, + "uid": "c2fcd9d2-d1cf-48b4-9d62-c8c5d2555f3b" + }, + "spec": { + "allocate_load_balancer_node_ports": null, + "cluster_ip": "None", + "cluster_i_ps": [ + "None" + ], + "external_i_ps": null, + "external_name": null, + "external_traffic_policy": null, + "health_check_node_port": null, + "internal_traffic_policy": "Cluster", + "ip_families": [ + "IPv4" + ], + "ip_family_policy": "SingleStack", + "load_balancer_class": null, + "load_balancer_ip": null, + "load_balancer_source_ranges": null, + "ports": [ + { + "app_protocol": null, + "name": "peer", + "node_port": null, + "port": 20160, + "protocol": "TCP", + "target_port": 20160 + } + ], + "publish_not_ready_addresses": true, + "selector": { + "app.kubernetes.io/component": "tikv", + "app.kubernetes.io/instance": "test-cluster", + "app.kubernetes.io/managed-by": "tidb-operator", + "app.kubernetes.io/name": "tidb-cluster" + }, + "session_affinity": "None", + "session_affinity_config": null, + "type": "ClusterIP" + }, + "status": { + "conditions": null, + "load_balancer": { + "ingress": null + } + } + } + }, + "pvc": { + "pd-test-cluster-pd-0": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": { + "pv.kubernetes.io/bind-completed": "yes", + "pv.kubernetes.io/bound-by-controller": "yes", + "tidb.pingcap.com/pod-name": "test-cluster-pd-0", + "volume.beta.kubernetes.io/storage-provisioner": "rancher.io/local-path", + "volume.kubernetes.io/selected-node": "acto-0-cluster-0-worker", + "volume.kubernetes.io/storage-provisioner": "rancher.io/local-path" + }, + "creation_timestamp": "2024-02-27T01:19:59+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": [ + "kubernetes.io/pvc-protection" + ], + "generate_name": null, + "generation": null, + "labels": { + "app.kubernetes.io/component": "pd", + "app.kubernetes.io/instance": "test-cluster", + "app.kubernetes.io/managed-by": "tidb-operator", + "app.kubernetes.io/name": "tidb-cluster", + "tidb.pingcap.com/cluster-id": "7340085439264123903", + "tidb.pingcap.com/member-id": "1141335897322686879", + "tidb.pingcap.com/pod-name": "test-cluster-pd-0" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + ".": {}, + "f:volume.kubernetes.io/selected-node": {} + } + } + }, + "manager": "kube-scheduler", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:59+00:00" + }, + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:status": { + "f:accessModes": {}, + "f:capacity": { + ".": {}, + "f:storage": {} + }, + "f:phase": {} + } + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:02+00:00" + }, + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + "f:tidb.pingcap.com/pod-name": {} + }, + "f:labels": { + "f:tidb.pingcap.com/cluster-id": {}, + "f:tidb.pingcap.com/member-id": {}, + "f:tidb.pingcap.com/pod-name": {} + } + } + }, + "manager": "tidb-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:55+00:00" + } + ], + "name": "pd-test-cluster-pd-0", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1415", + "self_link": null, + "uid": "6e74bcf6-9557-43e9-975d-c258e0774be5" + }, + "spec": { + "access_modes": [ + "ReadWriteOnce" + ], + "data_source": null, + "data_source_ref": null, + "resources": { + "claims": null, + "limits": null, + "requests": { + "storage": "10Gi" + } + }, + "selector": null, + "storage_class_name": "standard", + "volume_mode": "Filesystem", + "volume_name": "pvc-6e74bcf6-9557-43e9-975d-c258e0774be5" + }, + "status": { + "access_modes": [ + "ReadWriteOnce" + ], + "allocated_resources": null, + "capacity": { + "storage": "10Gi" + }, + "conditions": null, + "phase": "Bound", + "resize_status": null + } + }, + "pd-test-cluster-pd-1": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": { + "pv.kubernetes.io/bind-completed": "yes", + "pv.kubernetes.io/bound-by-controller": "yes", + "tidb.pingcap.com/pod-name": "test-cluster-pd-1", + "volume.beta.kubernetes.io/storage-provisioner": "rancher.io/local-path", + "volume.kubernetes.io/selected-node": "acto-0-cluster-0-worker2", + "volume.kubernetes.io/storage-provisioner": "rancher.io/local-path" + }, + "creation_timestamp": "2024-02-27T01:19:59+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": [ + "kubernetes.io/pvc-protection" + ], + "generate_name": null, + "generation": null, + "labels": { + "app.kubernetes.io/component": "pd", + "app.kubernetes.io/instance": "test-cluster", + "app.kubernetes.io/managed-by": "tidb-operator", + "app.kubernetes.io/name": "tidb-cluster", + "tidb.pingcap.com/cluster-id": "7340085439264123903", + "tidb.pingcap.com/member-id": "13142663148032253862", + "tidb.pingcap.com/pod-name": "test-cluster-pd-1" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + ".": {}, + "f:volume.kubernetes.io/selected-node": {} + } + } + }, + "manager": "kube-scheduler", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:59+00:00" + }, + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:status": { + "f:accessModes": {}, + "f:capacity": { + ".": {}, + "f:storage": {} + }, + "f:phase": {} + } + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:03+00:00" + }, + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + "f:tidb.pingcap.com/pod-name": {} + }, + "f:labels": { + "f:tidb.pingcap.com/cluster-id": {}, + "f:tidb.pingcap.com/member-id": {}, + "f:tidb.pingcap.com/pod-name": {} + } + } + }, + "manager": "tidb-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:52+00:00" + } + ], + "name": "pd-test-cluster-pd-1", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1342", + "self_link": null, + "uid": "4347573f-2369-4cd1-aa31-97a0edae4ab5" + }, + "spec": { + "access_modes": [ + "ReadWriteOnce" + ], + "data_source": null, + "data_source_ref": null, + "resources": { + "claims": null, + "limits": null, + "requests": { + "storage": "10Gi" + } + }, + "selector": null, + "storage_class_name": "standard", + "volume_mode": "Filesystem", + "volume_name": "pvc-4347573f-2369-4cd1-aa31-97a0edae4ab5" + }, + "status": { + "access_modes": [ + "ReadWriteOnce" + ], + "allocated_resources": null, + "capacity": { + "storage": "10Gi" + }, + "conditions": null, + "phase": "Bound", + "resize_status": null + } + }, + "pd-test-cluster-pd-2": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": { + "pv.kubernetes.io/bind-completed": "yes", + "pv.kubernetes.io/bound-by-controller": "yes", + "tidb.pingcap.com/pod-name": "test-cluster-pd-2", + "volume.beta.kubernetes.io/storage-provisioner": "rancher.io/local-path", + "volume.kubernetes.io/selected-node": "acto-0-cluster-0-worker3", + "volume.kubernetes.io/storage-provisioner": "rancher.io/local-path" + }, + "creation_timestamp": "2024-02-27T01:19:59+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": [ + "kubernetes.io/pvc-protection" + ], + "generate_name": null, + "generation": null, + "labels": { + "app.kubernetes.io/component": "pd", + "app.kubernetes.io/instance": "test-cluster", + "app.kubernetes.io/managed-by": "tidb-operator", + "app.kubernetes.io/name": "tidb-cluster", + "tidb.pingcap.com/cluster-id": "7340085439264123903", + "tidb.pingcap.com/member-id": "5110389971597451409", + "tidb.pingcap.com/pod-name": "test-cluster-pd-2" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + ".": {}, + "f:volume.kubernetes.io/selected-node": {} + } + } + }, + "manager": "kube-scheduler", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:59+00:00" + }, + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:status": { + "f:accessModes": {}, + "f:capacity": { + ".": {}, + "f:storage": {} + }, + "f:phase": {} + } + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:03+00:00" + }, + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + "f:tidb.pingcap.com/pod-name": {} + }, + "f:labels": { + "f:tidb.pingcap.com/cluster-id": {}, + "f:tidb.pingcap.com/member-id": {}, + "f:tidb.pingcap.com/pod-name": {} + } + } + }, + "manager": "tidb-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:52+00:00" + } + ], + "name": "pd-test-cluster-pd-2", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1361", + "self_link": null, + "uid": "4ca5c277-cce5-49c9-8693-75ec1a7ef074" + }, + "spec": { + "access_modes": [ + "ReadWriteOnce" + ], + "data_source": null, + "data_source_ref": null, + "resources": { + "claims": null, + "limits": null, + "requests": { + "storage": "10Gi" + } + }, + "selector": null, + "storage_class_name": "standard", + "volume_mode": "Filesystem", + "volume_name": "pvc-4ca5c277-cce5-49c9-8693-75ec1a7ef074" + }, + "status": { + "access_modes": [ + "ReadWriteOnce" + ], + "allocated_resources": null, + "capacity": { + "storage": "10Gi" + }, + "conditions": null, + "phase": "Bound", + "resize_status": null + } + }, + "tikv-test-cluster-tikv-0": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": { + "pv.kubernetes.io/bind-completed": "yes", + "pv.kubernetes.io/bound-by-controller": "yes", + "tidb.pingcap.com/pod-name": "test-cluster-tikv-0", + "volume.beta.kubernetes.io/storage-provisioner": "rancher.io/local-path", + "volume.kubernetes.io/selected-node": "acto-0-cluster-0-worker2", + "volume.kubernetes.io/storage-provisioner": "rancher.io/local-path" + }, + "creation_timestamp": "2024-02-27T01:20:22+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": [ + "kubernetes.io/pvc-protection" + ], + "generate_name": null, + "generation": null, + "labels": { + "app.kubernetes.io/component": "tikv", + "app.kubernetes.io/instance": "test-cluster", + "app.kubernetes.io/managed-by": "tidb-operator", + "app.kubernetes.io/name": "tidb-cluster", + "tidb.pingcap.com/cluster-id": "7340085439264123903", + "tidb.pingcap.com/pod-name": "test-cluster-tikv-0", + "tidb.pingcap.com/store-id": "5" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + ".": {}, + "f:volume.kubernetes.io/selected-node": {} + } + } + }, + "manager": "kube-scheduler", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:22+00:00" + }, + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:status": { + "f:accessModes": {}, + "f:capacity": { + ".": {}, + "f:storage": {} + }, + "f:phase": {} + } + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:25+00:00" + }, + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + "f:tidb.pingcap.com/pod-name": {} + }, + "f:labels": { + "f:tidb.pingcap.com/cluster-id": {}, + "f:tidb.pingcap.com/pod-name": {}, + "f:tidb.pingcap.com/store-id": {} + } + } + }, + "manager": "tidb-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:53+00:00" + } + ], + "name": "tikv-test-cluster-tikv-0", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1390", + "self_link": null, + "uid": "c3881bdf-3987-4437-afed-2cce93ffbdf3" + }, + "spec": { + "access_modes": [ + "ReadWriteOnce" + ], + "data_source": null, + "data_source_ref": null, + "resources": { + "claims": null, + "limits": null, + "requests": { + "storage": "100Gi" + } + }, + "selector": null, + "storage_class_name": "standard", + "volume_mode": "Filesystem", + "volume_name": "pvc-c3881bdf-3987-4437-afed-2cce93ffbdf3" + }, + "status": { + "access_modes": [ + "ReadWriteOnce" + ], + "allocated_resources": null, + "capacity": { + "storage": "100Gi" + }, + "conditions": null, + "phase": "Bound", + "resize_status": null + } + }, + "tikv-test-cluster-tikv-1": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": { + "pv.kubernetes.io/bind-completed": "yes", + "pv.kubernetes.io/bound-by-controller": "yes", + "tidb.pingcap.com/pod-name": "test-cluster-tikv-1", + "volume.beta.kubernetes.io/storage-provisioner": "rancher.io/local-path", + "volume.kubernetes.io/selected-node": "acto-0-cluster-0-worker", + "volume.kubernetes.io/storage-provisioner": "rancher.io/local-path" + }, + "creation_timestamp": "2024-02-27T01:20:22+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": [ + "kubernetes.io/pvc-protection" + ], + "generate_name": null, + "generation": null, + "labels": { + "app.kubernetes.io/component": "tikv", + "app.kubernetes.io/instance": "test-cluster", + "app.kubernetes.io/managed-by": "tidb-operator", + "app.kubernetes.io/name": "tidb-cluster", + "tidb.pingcap.com/cluster-id": "7340085439264123903", + "tidb.pingcap.com/pod-name": "test-cluster-tikv-1", + "tidb.pingcap.com/store-id": "1" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + ".": {}, + "f:volume.kubernetes.io/selected-node": {} + } + } + }, + "manager": "kube-scheduler", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:22+00:00" + }, + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:status": { + "f:accessModes": {}, + "f:capacity": { + ".": {}, + "f:storage": {} + }, + "f:phase": {} + } + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:24+00:00" + }, + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + "f:tidb.pingcap.com/pod-name": {} + }, + "f:labels": { + "f:tidb.pingcap.com/cluster-id": {}, + "f:tidb.pingcap.com/pod-name": {}, + "f:tidb.pingcap.com/store-id": {} + } + } + }, + "manager": "tidb-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:54+00:00" + } + ], + "name": "tikv-test-cluster-tikv-1", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1404", + "self_link": null, + "uid": "36ffe414-4968-4c09-977a-799a62b46134" + }, + "spec": { + "access_modes": [ + "ReadWriteOnce" + ], + "data_source": null, + "data_source_ref": null, + "resources": { + "claims": null, + "limits": null, + "requests": { + "storage": "100Gi" + } + }, + "selector": null, + "storage_class_name": "standard", + "volume_mode": "Filesystem", + "volume_name": "pvc-36ffe414-4968-4c09-977a-799a62b46134" + }, + "status": { + "access_modes": [ + "ReadWriteOnce" + ], + "allocated_resources": null, + "capacity": { + "storage": "100Gi" + }, + "conditions": null, + "phase": "Bound", + "resize_status": null + } + }, + "tikv-test-cluster-tikv-2": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": { + "pv.kubernetes.io/bind-completed": "yes", + "pv.kubernetes.io/bound-by-controller": "yes", + "tidb.pingcap.com/pod-name": "test-cluster-tikv-2", + "volume.beta.kubernetes.io/storage-provisioner": "rancher.io/local-path", + "volume.kubernetes.io/selected-node": "acto-0-cluster-0-worker3", + "volume.kubernetes.io/storage-provisioner": "rancher.io/local-path" + }, + "creation_timestamp": "2024-02-27T01:20:22+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": [ + "kubernetes.io/pvc-protection" + ], + "generate_name": null, + "generation": null, + "labels": { + "app.kubernetes.io/component": "tikv", + "app.kubernetes.io/instance": "test-cluster", + "app.kubernetes.io/managed-by": "tidb-operator", + "app.kubernetes.io/name": "tidb-cluster", + "tidb.pingcap.com/cluster-id": "7340085439264123903", + "tidb.pingcap.com/pod-name": "test-cluster-tikv-2", + "tidb.pingcap.com/store-id": "4" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + ".": {}, + "f:volume.kubernetes.io/selected-node": {} + } + } + }, + "manager": "kube-scheduler", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:22+00:00" + }, + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:status": { + "f:accessModes": {}, + "f:capacity": { + ".": {}, + "f:storage": {} + }, + "f:phase": {} + } + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:24+00:00" + }, + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + "f:tidb.pingcap.com/pod-name": {} + }, + "f:labels": { + "f:tidb.pingcap.com/cluster-id": {}, + "f:tidb.pingcap.com/pod-name": {}, + "f:tidb.pingcap.com/store-id": {} + } + } + }, + "manager": "tidb-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:54+00:00" + } + ], + "name": "tikv-test-cluster-tikv-2", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1407", + "self_link": null, + "uid": "4c76d8f3-3a67-412e-875b-dae964805d9f" + }, + "spec": { + "access_modes": [ + "ReadWriteOnce" + ], + "data_source": null, + "data_source_ref": null, + "resources": { + "claims": null, + "limits": null, + "requests": { + "storage": "100Gi" + } + }, + "selector": null, + "storage_class_name": "standard", + "volume_mode": "Filesystem", + "volume_name": "pvc-4c76d8f3-3a67-412e-875b-dae964805d9f" + }, + "status": { + "access_modes": [ + "ReadWriteOnce" + ], + "allocated_resources": null, + "capacity": { + "storage": "100Gi" + }, + "conditions": null, + "phase": "Bound", + "resize_status": null + } + } + }, + "cronjob": {}, + "ingress": {}, + "network_policy": {}, + "pod_disruption_budget": {}, + "secret": {}, + "endpoints": { + "test-cluster-discovery": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": { + "endpoints.kubernetes.io/last-change-trigger-time": "2024-02-27T01:20:01Z" + }, + "creation_timestamp": "2024-02-27T01:19:59+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": { + "app.kubernetes.io/component": "discovery", + "app.kubernetes.io/instance": "test-cluster", + "app.kubernetes.io/managed-by": "tidb-operator", + "app.kubernetes.io/name": "tidb-cluster" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + ".": {}, + "f:endpoints.kubernetes.io/last-change-trigger-time": {} + }, + "f:labels": { + ".": {}, + "f:app.kubernetes.io/component": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {} + } + }, + "f:subsets": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:01+00:00" + } + ], + "name": "test-cluster-discovery", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "956", + "self_link": null, + "uid": "531c0eca-2805-49f4-b843-7390f011d559" + }, + "subsets": [ + { + "addresses": [ + { + "hostname": null, + "ip": "10.244.2.3", + "node_name": "acto-0-cluster-0-worker2", + "target_ref": { + "api_version": null, + "field_path": null, + "kind": "Pod", + "name": "test-cluster-discovery-689d8466cb-rkhsw", + "namespace": "acto-namespace", + "resource_version": null, + "uid": "7d5c38de-d388-4f79-a1eb-dbfcb1333562" + } + } + ], + "not_ready_addresses": null, + "ports": [ + { + "app_protocol": null, + "name": "discovery", + "port": 10261, + "protocol": "TCP" + }, + { + "app_protocol": null, + "name": "proxy", + "port": 10262, + "protocol": "TCP" + } + ] + } + ] + }, + "test-cluster-pd": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": { + "endpoints.kubernetes.io/last-change-trigger-time": "2024-02-27T01:20:26Z" + }, + "creation_timestamp": "2024-02-27T01:19:59+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": { + "app.kubernetes.io/component": "pd", + "app.kubernetes.io/instance": "test-cluster", + "app.kubernetes.io/managed-by": "tidb-operator", + "app.kubernetes.io/name": "tidb-cluster", + "app.kubernetes.io/used-by": "end-user" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + ".": {}, + "f:endpoints.kubernetes.io/last-change-trigger-time": {} + }, + "f:labels": { + ".": {}, + "f:app.kubernetes.io/component": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {}, + "f:app.kubernetes.io/used-by": {} + } + }, + "f:subsets": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:26+00:00" + } + ], + "name": "test-cluster-pd", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1236", + "self_link": null, + "uid": "6458dd97-d77d-44d1-9d13-4e1bff4b941d" + }, + "subsets": [ + { + "addresses": [ + { + "hostname": null, + "ip": "10.244.1.4", + "node_name": "acto-0-cluster-0-worker", + "target_ref": { + "api_version": null, + "field_path": null, + "kind": "Pod", + "name": "test-cluster-pd-0", + "namespace": "acto-namespace", + "resource_version": null, + "uid": "801ba666-3b2f-49bf-aec4-e595107bc95d" + } + }, + { + "hostname": null, + "ip": "10.244.2.5", + "node_name": "acto-0-cluster-0-worker2", + "target_ref": { + "api_version": null, + "field_path": null, + "kind": "Pod", + "name": "test-cluster-pd-1", + "namespace": "acto-namespace", + "resource_version": null, + "uid": "fddcab1c-5c70-49b9-8a97-afe4d7dec60e" + } + }, + { + "hostname": null, + "ip": "10.244.3.5", + "node_name": "acto-0-cluster-0-worker3", + "target_ref": { + "api_version": null, + "field_path": null, + "kind": "Pod", + "name": "test-cluster-pd-2", + "namespace": "acto-namespace", + "resource_version": null, + "uid": "6c47980f-aa16-4023-b5b9-150257844cb0" + } + } + ], + "not_ready_addresses": null, + "ports": [ + { + "app_protocol": null, + "name": "client", + "port": 2379, + "protocol": "TCP" + } + ] + } + ] + }, + "test-cluster-pd-peer": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": { + "endpoints.kubernetes.io/last-change-trigger-time": "2024-02-27T01:20:05Z" + }, + "creation_timestamp": "2024-02-27T01:19:59+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": { + "app.kubernetes.io/component": "pd", + "app.kubernetes.io/instance": "test-cluster", + "app.kubernetes.io/managed-by": "tidb-operator", + "app.kubernetes.io/name": "tidb-cluster", + "app.kubernetes.io/used-by": "peer", + "service.kubernetes.io/headless": "" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + ".": {}, + "f:endpoints.kubernetes.io/last-change-trigger-time": {} + }, + "f:labels": { + ".": {}, + "f:app.kubernetes.io/component": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {}, + "f:app.kubernetes.io/used-by": {}, + "f:service.kubernetes.io/headless": {} + } + }, + "f:subsets": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:05+00:00" + } + ], + "name": "test-cluster-pd-peer", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1034", + "self_link": null, + "uid": "0c1a4e11-f222-4597-8c09-480fa11c8847" + }, + "subsets": [ + { + "addresses": [ + { + "hostname": "test-cluster-pd-0", + "ip": "10.244.1.4", + "node_name": "acto-0-cluster-0-worker", + "target_ref": { + "api_version": null, + "field_path": null, + "kind": "Pod", + "name": "test-cluster-pd-0", + "namespace": "acto-namespace", + "resource_version": null, + "uid": "801ba666-3b2f-49bf-aec4-e595107bc95d" + } + }, + { + "hostname": "test-cluster-pd-1", + "ip": "10.244.2.5", + "node_name": "acto-0-cluster-0-worker2", + "target_ref": { + "api_version": null, + "field_path": null, + "kind": "Pod", + "name": "test-cluster-pd-1", + "namespace": "acto-namespace", + "resource_version": null, + "uid": "fddcab1c-5c70-49b9-8a97-afe4d7dec60e" + } + }, + { + "hostname": "test-cluster-pd-2", + "ip": "10.244.3.5", + "node_name": "acto-0-cluster-0-worker3", + "target_ref": { + "api_version": null, + "field_path": null, + "kind": "Pod", + "name": "test-cluster-pd-2", + "namespace": "acto-namespace", + "resource_version": null, + "uid": "6c47980f-aa16-4023-b5b9-150257844cb0" + } + } + ], + "not_ready_addresses": null, + "ports": [ + { + "app_protocol": null, + "name": "tcp-peer-2379", + "port": 2379, + "protocol": "TCP" + }, + { + "app_protocol": null, + "name": "tcp-peer-2380", + "port": 2380, + "protocol": "TCP" + } + ] + } + ] + }, + "test-cluster-tidb": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": { + "endpoints.kubernetes.io/last-change-trigger-time": "2024-02-27T01:21:12Z" + }, + "creation_timestamp": "2024-02-27T01:20:52+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": { + "app.kubernetes.io/component": "tidb", + "app.kubernetes.io/instance": "test-cluster", + "app.kubernetes.io/managed-by": "tidb-operator", + "app.kubernetes.io/name": "tidb-cluster", + "app.kubernetes.io/used-by": "end-user" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + ".": {}, + "f:endpoints.kubernetes.io/last-change-trigger-time": {} + }, + "f:labels": { + ".": {}, + "f:app.kubernetes.io/component": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {}, + "f:app.kubernetes.io/used-by": {} + } + }, + "f:subsets": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:21:12+00:00" + } + ], + "name": "test-cluster-tidb", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1481", + "self_link": null, + "uid": "92b151e9-478a-40fd-8af2-02348b397057" + }, + "subsets": [ + { + "addresses": [ + { + "hostname": null, + "ip": "10.244.1.7", + "node_name": "acto-0-cluster-0-worker", + "target_ref": { + "api_version": null, + "field_path": null, + "kind": "Pod", + "name": "test-cluster-tidb-0", + "namespace": "acto-namespace", + "resource_version": null, + "uid": "33b4a064-47e7-4ea8-a6eb-4638ba7c5753" + } + }, + { + "hostname": null, + "ip": "10.244.2.8", + "node_name": "acto-0-cluster-0-worker2", + "target_ref": { + "api_version": null, + "field_path": null, + "kind": "Pod", + "name": "test-cluster-tidb-1", + "namespace": "acto-namespace", + "resource_version": null, + "uid": "b39da1e7-81ed-4250-9545-8ebd713753dc" + } + }, + { + "hostname": null, + "ip": "10.244.3.8", + "node_name": "acto-0-cluster-0-worker3", + "target_ref": { + "api_version": null, + "field_path": null, + "kind": "Pod", + "name": "test-cluster-tidb-2", + "namespace": "acto-namespace", + "resource_version": null, + "uid": "77704408-f6a8-425e-a89c-3877fadbf8b6" + } + } + ], + "not_ready_addresses": null, + "ports": [ + { + "app_protocol": null, + "name": "status", + "port": 10080, + "protocol": "TCP" + }, + { + "app_protocol": null, + "name": "mysql-client", + "port": 4000, + "protocol": "TCP" + } + ] + } + ] + }, + "test-cluster-tidb-peer": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:52+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": { + "app.kubernetes.io/component": "tidb", + "app.kubernetes.io/instance": "test-cluster", + "app.kubernetes.io/managed-by": "tidb-operator", + "app.kubernetes.io/name": "tidb-cluster", + "app.kubernetes.io/used-by": "peer", + "service.kubernetes.io/headless": "" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:labels": { + ".": {}, + "f:app.kubernetes.io/component": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {}, + "f:app.kubernetes.io/used-by": {}, + "f:service.kubernetes.io/headless": {} + } + }, + "f:subsets": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:53+00:00" + } + ], + "name": "test-cluster-tidb-peer", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1398", + "self_link": null, + "uid": "709cfbb2-a95b-4f52-8847-e56b0adbf616" + }, + "subsets": [ + { + "addresses": [ + { + "hostname": "test-cluster-tidb-0", + "ip": "10.244.1.7", + "node_name": "acto-0-cluster-0-worker", + "target_ref": { + "api_version": null, + "field_path": null, + "kind": "Pod", + "name": "test-cluster-tidb-0", + "namespace": "acto-namespace", + "resource_version": null, + "uid": "33b4a064-47e7-4ea8-a6eb-4638ba7c5753" + } + }, + { + "hostname": "test-cluster-tidb-1", + "ip": "10.244.2.8", + "node_name": "acto-0-cluster-0-worker2", + "target_ref": { + "api_version": null, + "field_path": null, + "kind": "Pod", + "name": "test-cluster-tidb-1", + "namespace": "acto-namespace", + "resource_version": null, + "uid": "b39da1e7-81ed-4250-9545-8ebd713753dc" + } + }, + { + "hostname": "test-cluster-tidb-2", + "ip": "10.244.3.8", + "node_name": "acto-0-cluster-0-worker3", + "target_ref": { + "api_version": null, + "field_path": null, + "kind": "Pod", + "name": "test-cluster-tidb-2", + "namespace": "acto-namespace", + "resource_version": null, + "uid": "77704408-f6a8-425e-a89c-3877fadbf8b6" + } + } + ], + "not_ready_addresses": null, + "ports": [ + { + "app_protocol": null, + "name": "status", + "port": 10080, + "protocol": "TCP" + } + ] + } + ] + }, + "test-cluster-tikv-peer": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": { + "endpoints.kubernetes.io/last-change-trigger-time": "2024-02-27T01:20:27Z" + }, + "creation_timestamp": "2024-02-27T01:20:22+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": { + "app.kubernetes.io/component": "tikv", + "app.kubernetes.io/instance": "test-cluster", + "app.kubernetes.io/managed-by": "tidb-operator", + "app.kubernetes.io/name": "tidb-cluster", + "app.kubernetes.io/used-by": "peer", + "service.kubernetes.io/headless": "" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + ".": {}, + "f:endpoints.kubernetes.io/last-change-trigger-time": {} + }, + "f:labels": { + ".": {}, + "f:app.kubernetes.io/component": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {}, + "f:app.kubernetes.io/used-by": {}, + "f:service.kubernetes.io/headless": {} + } + }, + "f:subsets": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:27+00:00" + } + ], + "name": "test-cluster-tikv-peer", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1255", + "self_link": null, + "uid": "51825553-b652-45c7-b9ed-a12f85fb7489" + }, + "subsets": [ + { + "addresses": [ + { + "hostname": "test-cluster-tikv-1", + "ip": "10.244.1.6", + "node_name": "acto-0-cluster-0-worker", + "target_ref": { + "api_version": null, + "field_path": null, + "kind": "Pod", + "name": "test-cluster-tikv-1", + "namespace": "acto-namespace", + "resource_version": null, + "uid": "fe7fca3f-2c5a-406e-856b-3b0bec9e4bfc" + } + }, + { + "hostname": "test-cluster-tikv-0", + "ip": "10.244.2.7", + "node_name": "acto-0-cluster-0-worker2", + "target_ref": { + "api_version": null, + "field_path": null, + "kind": "Pod", + "name": "test-cluster-tikv-0", + "namespace": "acto-namespace", + "resource_version": null, + "uid": "ebc480d7-eef9-48ca-8d1f-31c413ae8bab" + } + }, + { + "hostname": "test-cluster-tikv-2", + "ip": "10.244.3.7", + "node_name": "acto-0-cluster-0-worker3", + "target_ref": { + "api_version": null, + "field_path": null, + "kind": "Pod", + "name": "test-cluster-tikv-2", + "namespace": "acto-namespace", + "resource_version": null, + "uid": "15df53c3-220b-48c9-82e6-5bde9ad0ef90" + } + } + ], + "not_ready_addresses": null, + "ports": [ + { + "app_protocol": null, + "name": "peer", + "port": 20160, + "protocol": "TCP" + } + ] + } + ] + }, + "tidb-controller-manager": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": { + "control-plane.alpha.kubernetes.io/leader": "{\"holderIdentity\":\"tidb-controller-manager-7b6bdb846c-75s8q\",\"leaseDurationSeconds\":15,\"acquireTime\":\"2024-02-27T01:19:52Z\",\"renewTime\":\"2024-02-27T01:21:51Z\",\"leaderTransitions\":1}" + }, + "creation_timestamp": "2024-02-27T01:19:30+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + ".": {}, + "f:control-plane.alpha.kubernetes.io/leader": {} + } + } + }, + "manager": "tidb-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:21:51+00:00" + } + ], + "name": "tidb-controller-manager", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1577", + "self_link": null, + "uid": "f34e8ea1-3cf4-4632-8f1c-639acd494b56" + }, + "subsets": null + } + }, + "service_account": { + "default": { + "api_version": null, + "automount_service_account_token": null, + "image_pull_secrets": null, + "kind": null, + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:19:22+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": null, + "name": "default", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "629", + "self_link": null, + "uid": "b35afad6-609f-438c-b513-54693f9f507b" + }, + "secrets": null + }, + "test-cluster-discovery": { + "api_version": null, + "automount_service_account_token": null, + "image_pull_secrets": null, + "kind": null, + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:19:59+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": { + "app.kubernetes.io/component": "discovery", + "app.kubernetes.io/instance": "test-cluster", + "app.kubernetes.io/managed-by": "tidb-operator", + "app.kubernetes.io/name": "tidb-cluster" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:labels": { + ".": {}, + "f:app.kubernetes.io/component": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {} + }, + "f:ownerReferences": { + ".": {}, + "k:{\"uid\":\"eff6561e-bf0d-471c-99a1-71f35603bc87\"}": {} + } + } + }, + "manager": "tidb-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:59+00:00" + } + ], + "name": "test-cluster-discovery", + "namespace": "acto-namespace", + "owner_references": [ + { + "api_version": "pingcap.com/v1alpha1", + "block_owner_deletion": true, + "controller": true, + "kind": "TidbCluster", + "name": "test-cluster", + "uid": "eff6561e-bf0d-471c-99a1-71f35603bc87" + } + ], + "resource_version": "849", + "self_link": null, + "uid": "0fd11616-b3a2-4bd2-adaa-fcfa072bd781" + }, + "secrets": null + }, + "tidb-controller-manager": { + "api_version": null, + "automount_service_account_token": null, + "image_pull_secrets": null, + "kind": null, + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:19:29+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": { + "app.kubernetes.io/component": "controller-manager", + "app.kubernetes.io/instance": "acto-test-operator", + "app.kubernetes.io/managed-by": "Helm", + "app.kubernetes.io/name": "tidb-operator", + "helm.sh/chart": "tidb-operator-v1-canary" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:labels": { + "f:app.kubernetes.io/component": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {}, + "f:helm.sh/chart": {} + } + } + }, + "manager": "kubectl", + "operation": "Apply", + "subresource": null, + "time": "2024-02-27T01:19:29+00:00" + } + ], + "name": "tidb-controller-manager", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "668", + "self_link": null, + "uid": "64ae3b2d-b193-4773-9789-6a843c16a808" + }, + "secrets": null + }, + "tidb-scheduler": { + "api_version": null, + "automount_service_account_token": null, + "image_pull_secrets": null, + "kind": null, + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:19:29+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": { + "app.kubernetes.io/component": "scheduler", + "app.kubernetes.io/instance": "acto-test-operator", + "app.kubernetes.io/managed-by": "Helm", + "app.kubernetes.io/name": "tidb-operator", + "helm.sh/chart": "tidb-operator-v1-canary" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:labels": { + "f:app.kubernetes.io/component": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {}, + "f:helm.sh/chart": {} + } + } + }, + "manager": "kubectl", + "operation": "Apply", + "subresource": null, + "time": "2024-02-27T01:19:29+00:00" + } + ], + "name": "tidb-scheduler", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "669", + "self_link": null, + "uid": "9c95f44c-e826-4847-a2ca-cb7af4ea3f60" + }, + "secrets": null + } + }, + "job": {}, + "role": { + "test-cluster-discovery": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:19:59+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": { + "app.kubernetes.io/component": "discovery", + "app.kubernetes.io/instance": "test-cluster", + "app.kubernetes.io/managed-by": "tidb-operator", + "app.kubernetes.io/name": "tidb-cluster" + }, + "managed_fields": [ + { + "api_version": "rbac.authorization.k8s.io/v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:labels": { + ".": {}, + "f:app.kubernetes.io/component": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {} + }, + "f:ownerReferences": { + ".": {}, + "k:{\"uid\":\"eff6561e-bf0d-471c-99a1-71f35603bc87\"}": {} + } + }, + "f:rules": {} + }, + "manager": "tidb-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:59+00:00" + } + ], + "name": "test-cluster-discovery", + "namespace": "acto-namespace", + "owner_references": [ + { + "api_version": "pingcap.com/v1alpha1", + "block_owner_deletion": true, + "controller": true, + "kind": "TidbCluster", + "name": "test-cluster", + "uid": "eff6561e-bf0d-471c-99a1-71f35603bc87" + } + ], + "resource_version": "848", + "self_link": null, + "uid": "0239b8e9-c3cf-4178-b83b-897dcc08e31e" + }, + "rules": [ + { + "api_groups": [ + "pingcap.com" + ], + "non_resource_ur_ls": null, + "resource_names": [ + "test-cluster" + ], + "resources": [ + "tidbclusters" + ], + "verbs": [ + "get" + ] + }, + { + "api_groups": [ + "" + ], + "non_resource_ur_ls": null, + "resource_names": null, + "resources": [ + "secrets" + ], + "verbs": [ + "get", + "list", + "watch" + ] + } + ] + } + }, + "role_binding": { + "test-cluster-discovery": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:19:59+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": { + "app.kubernetes.io/component": "discovery", + "app.kubernetes.io/instance": "test-cluster", + "app.kubernetes.io/managed-by": "tidb-operator", + "app.kubernetes.io/name": "tidb-cluster" + }, + "managed_fields": [ + { + "api_version": "rbac.authorization.k8s.io/v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:labels": { + ".": {}, + "f:app.kubernetes.io/component": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {} + }, + "f:ownerReferences": { + ".": {}, + "k:{\"uid\":\"eff6561e-bf0d-471c-99a1-71f35603bc87\"}": {} + } + }, + "f:roleRef": {}, + "f:subjects": {} + }, + "manager": "tidb-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:59+00:00" + } + ], + "name": "test-cluster-discovery", + "namespace": "acto-namespace", + "owner_references": [ + { + "api_version": "pingcap.com/v1alpha1", + "block_owner_deletion": true, + "controller": true, + "kind": "TidbCluster", + "name": "test-cluster", + "uid": "eff6561e-bf0d-471c-99a1-71f35603bc87" + } + ], + "resource_version": "852", + "self_link": null, + "uid": "80f61952-9b43-4d3d-8085-809784c1c77f" + }, + "role_ref": { + "api_group": "rbac.authorization.k8s.io", + "kind": "Role", + "name": "test-cluster-discovery" + }, + "subjects": [ + { + "api_group": null, + "kind": "ServiceAccount", + "name": "test-cluster-discovery", + "namespace": null + } + ] + } + }, + "custom_resource_spec": { + "configUpdateStrategy": "RollingUpdate", + "discovery": {}, + "enableDynamicConfiguration": true, + "enablePVReclaim": false, + "helper": { + "image": "busybox:1.34.1" + }, + "imagePullPolicy": "IfNotPresent", + "pd": { + "baseImage": "pingcap/pd", + "config": "[dashboard]\n internal-proxy = true\n", + "maxFailoverCount": 0, + "mountClusterClientSecret": true, + "replicas": 3, + "requests": { + "storage": "10Gi" + } + }, + "pvReclaimPolicy": "Retain", + "tidb": { + "baseImage": "pingcap/tidb", + "config": "[log]\n [log.file]\n max-backups = 3\n\n[performance]\n tcp-keep-alive = true\n", + "maxFailoverCount": 0, + "replicas": 3, + "service": { + "externalTrafficPolicy": "Local", + "type": "NodePort" + } + }, + "tikv": { + "baseImage": "pingcap/tikv", + "config": "log-level = \"info\"\n", + "maxFailoverCount": 0, + "mountClusterClientSecret": true, + "replicas": 3, + "requests": { + "storage": "100Gi" + }, + "separateRaftLog": true + }, + "timezone": "UTC", + "tlsCluster": {}, + "version": "v5.4.0" + }, + "custom_resource_status": { + "clusterID": "7340085439264123903", + "conditions": [ + { + "lastTransitionTime": "2024-02-27T01:20:58Z", + "lastUpdateTime": "2024-02-27T01:20:58Z", + "message": "TiDB cluster is fully up and running", + "reason": "Ready", + "status": "True", + "type": "Ready" + } + ], + "pd": { + "image": "pingcap/pd:v5.4.0", + "leader": { + "clientURL": "http://test-cluster-pd-2.test-cluster-pd-peer.acto-namespace.svc:2379", + "health": true, + "id": "5110389971597451409", + "lastTransitionTime": "2024-02-27T01:20:22Z", + "name": "test-cluster-pd-2" + }, + "members": { + "test-cluster-pd-0": { + "clientURL": "http://test-cluster-pd-0.test-cluster-pd-peer.acto-namespace.svc:2379", + "health": true, + "id": "1141335897322686879", + "lastTransitionTime": "2024-02-27T01:20:52Z", + "name": "test-cluster-pd-0" + }, + "test-cluster-pd-1": { + "clientURL": "http://test-cluster-pd-1.test-cluster-pd-peer.acto-namespace.svc:2379", + "health": true, + "id": "13142663148032253862", + "lastTransitionTime": "2024-02-27T01:20:22Z", + "name": "test-cluster-pd-1" + }, + "test-cluster-pd-2": { + "clientURL": "http://test-cluster-pd-2.test-cluster-pd-peer.acto-namespace.svc:2379", + "health": true, + "id": "5110389971597451409", + "lastTransitionTime": "2024-02-27T01:20:22Z", + "name": "test-cluster-pd-2" + } + }, + "phase": "Normal", + "statefulSet": { + "collisionCount": 0, + "currentReplicas": 3, + "currentRevision": "test-cluster-pd-859db88ddf", + "observedGeneration": 1, + "readyReplicas": 3, + "replicas": 3, + "updateRevision": "test-cluster-pd-859db88ddf", + "updatedReplicas": 3 + }, + "synced": true + }, + "pump": {}, + "ticdc": {}, + "tidb": { + "image": "pingcap/tidb:v5.4.0", + "members": { + "test-cluster-tidb-0": { + "health": true, + "lastTransitionTime": "2024-02-27T01:20:58Z", + "name": "test-cluster-tidb-0", + "node": "acto-0-cluster-0-worker" + }, + "test-cluster-tidb-1": { + "health": true, + "lastTransitionTime": "2024-02-27T01:20:58Z", + "name": "test-cluster-tidb-1", + "node": "acto-0-cluster-0-worker2" + }, + "test-cluster-tidb-2": { + "health": true, + "lastTransitionTime": "2024-02-27T01:20:58Z", + "name": "test-cluster-tidb-2", + "node": "acto-0-cluster-0-worker3" + } + }, + "phase": "Normal", + "statefulSet": { + "collisionCount": 0, + "currentReplicas": 3, + "currentRevision": "test-cluster-tidb-788bdc6cfc", + "observedGeneration": 1, + "readyReplicas": 3, + "replicas": 3, + "updateRevision": "test-cluster-tidb-788bdc6cfc", + "updatedReplicas": 3 + } + }, + "tiflash": {}, + "tikv": { + "bootStrapped": true, + "image": "pingcap/tikv:v5.4.0", + "phase": "Normal", + "statefulSet": { + "collisionCount": 0, + "currentReplicas": 3, + "currentRevision": "test-cluster-tikv-797dfd54bf", + "observedGeneration": 1, + "readyReplicas": 3, + "replicas": 3, + "updateRevision": "test-cluster-tikv-797dfd54bf", + "updatedReplicas": 3 + }, + "stores": { + "1": { + "id": "1", + "ip": "test-cluster-tikv-1.test-cluster-tikv-peer.acto-namespace.svc", + "lastTransitionTime": "2024-02-27T01:20:52Z", + "leaderCount": 16, + "podName": "test-cluster-tikv-1", + "state": "Up" + }, + "4": { + "id": "4", + "ip": "test-cluster-tikv-2.test-cluster-tikv-peer.acto-namespace.svc", + "lastTransitionTime": "2024-02-27T01:20:52Z", + "leaderCount": 7, + "podName": "test-cluster-tikv-2", + "state": "Up" + }, + "5": { + "id": "5", + "ip": "test-cluster-tikv-0.test-cluster-tikv-peer.acto-namespace.svc", + "lastTransitionTime": "2024-02-27T01:20:52Z", + "leaderCount": 6, + "podName": "test-cluster-tikv-0", + "state": "Up" + } + }, + "synced": true + } + } + }, + "to_step": { + "trial": "trial-00-0000", + "generation": -1 + }, + "to_state": { + "pod": { + "test-cluster-pd-0": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": { + "prometheus.io/path": "/metrics", + "prometheus.io/port": "2379", + "prometheus.io/scrape": "true" + }, + "creation_timestamp": "2024-02-27T01:19:59+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": "test-cluster-pd-", + "generation": null, + "labels": { + "app.kubernetes.io/component": "pd", + "app.kubernetes.io/instance": "test-cluster", + "app.kubernetes.io/managed-by": "tidb-operator", + "app.kubernetes.io/name": "tidb-cluster", + "apps.kubernetes.io/pod-index": "0", + "controller-revision-hash": "test-cluster-pd-859db88ddf", + "statefulset.kubernetes.io/pod-name": "test-cluster-pd-0", + "tidb.pingcap.com/cluster-id": "7340085439264123903", + "tidb.pingcap.com/member-id": "1141335897322686879" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + ".": {}, + "f:prometheus.io/path": {}, + "f:prometheus.io/port": {}, + "f:prometheus.io/scrape": {} + }, + "f:generateName": {}, + "f:labels": { + ".": {}, + "f:app.kubernetes.io/component": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {}, + "f:apps.kubernetes.io/pod-index": {}, + "f:controller-revision-hash": {}, + "f:statefulset.kubernetes.io/pod-name": {} + }, + "f:ownerReferences": { + ".": {}, + "k:{\"uid\":\"88522170-1faf-4a03-8d4e-f4f6a40c72a7\"}": {} + } + }, + "f:spec": { + "f:containers": { + "k:{\"name\":\"pd\"}": { + ".": {}, + "f:command": {}, + "f:env": { + ".": {}, + "k:{\"name\":\"NAMESPACE\"}": { + ".": {}, + "f:name": {}, + "f:valueFrom": { + ".": {}, + "f:fieldRef": {} + } + }, + "k:{\"name\":\"PEER_SERVICE_NAME\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"SERVICE_NAME\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"SET_NAME\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"TZ\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + } + }, + "f:image": {}, + "f:imagePullPolicy": {}, + "f:name": {}, + "f:ports": { + ".": {}, + "k:{\"containerPort\":2379,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + }, + "k:{\"containerPort\":2380,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + } + }, + "f:resources": {}, + "f:terminationMessagePath": {}, + "f:terminationMessagePolicy": {}, + "f:volumeMounts": { + ".": {}, + "k:{\"mountPath\":\"/etc/pd\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {}, + "f:readOnly": {} + }, + "k:{\"mountPath\":\"/etc/podinfo\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {}, + "f:readOnly": {} + }, + "k:{\"mountPath\":\"/usr/local/bin\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {}, + "f:readOnly": {} + }, + "k:{\"mountPath\":\"/var/lib/pd\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {} + } + } + } + }, + "f:dnsPolicy": {}, + "f:enableServiceLinks": {}, + "f:hostname": {}, + "f:restartPolicy": {}, + "f:schedulerName": {}, + "f:securityContext": {}, + "f:subdomain": {}, + "f:terminationGracePeriodSeconds": {}, + "f:volumes": { + ".": {}, + "k:{\"name\":\"annotations\"}": { + ".": {}, + "f:downwardAPI": { + ".": {}, + "f:defaultMode": {}, + "f:items": {} + }, + "f:name": {} + }, + "k:{\"name\":\"config\"}": { + ".": {}, + "f:configMap": { + ".": {}, + "f:defaultMode": {}, + "f:items": {}, + "f:name": {} + }, + "f:name": {} + }, + "k:{\"name\":\"pd\"}": { + ".": {}, + "f:name": {}, + "f:persistentVolumeClaim": { + ".": {}, + "f:claimName": {} + } + }, + "k:{\"name\":\"startup-script\"}": { + ".": {}, + "f:configMap": { + ".": {}, + "f:defaultMode": {}, + "f:items": {}, + "f:name": {} + }, + "f:name": {} + } + } + } + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:59+00:00" + }, + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:status": { + "f:conditions": { + "k:{\"type\":\"ContainersReady\"}": { + ".": {}, + "f:lastProbeTime": {}, + "f:lastTransitionTime": {}, + "f:status": {}, + "f:type": {} + }, + "k:{\"type\":\"Initialized\"}": { + ".": {}, + "f:lastProbeTime": {}, + "f:lastTransitionTime": {}, + "f:status": {}, + "f:type": {} + }, + "k:{\"type\":\"Ready\"}": { + ".": {}, + "f:lastProbeTime": {}, + "f:lastTransitionTime": {}, + "f:status": {}, + "f:type": {} + } + }, + "f:containerStatuses": {}, + "f:hostIP": {}, + "f:phase": {}, + "f:podIP": {}, + "f:podIPs": { + ".": {}, + "k:{\"ip\":\"10.244.1.4\"}": { + ".": {}, + "f:ip": {} + } + }, + "f:startTime": {} + } + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:26+00:00" + }, + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:labels": { + "f:tidb.pingcap.com/cluster-id": {}, + "f:tidb.pingcap.com/member-id": {} + } + } + }, + "manager": "tidb-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:55+00:00" + } + ], + "name": "test-cluster-pd-0", + "namespace": "acto-namespace", + "owner_references": [ + { + "api_version": "apps/v1", + "block_owner_deletion": true, + "controller": true, + "kind": "StatefulSet", + "name": "test-cluster-pd", + "uid": "88522170-1faf-4a03-8d4e-f4f6a40c72a7" + } + ], + "resource_version": "1412", + "self_link": null, + "uid": "801ba666-3b2f-49bf-aec4-e595107bc95d" + }, + "spec": { + "active_deadline_seconds": null, + "affinity": null, + "automount_service_account_token": null, + "containers": [ + { + "args": null, + "command": [ + "/bin/sh", + "/usr/local/bin/pd_start_script.sh" + ], + "env": [ + { + "name": "NAMESPACE", + "value": null, + "value_from": { + "config_map_key_ref": null, + "field_ref": { + "api_version": "v1", + "field_path": "metadata.namespace" + }, + "resource_field_ref": null, + "secret_key_ref": null + } + }, + { + "name": "PEER_SERVICE_NAME", + "value": "test-cluster-pd-peer", + "value_from": null + }, + { + "name": "SERVICE_NAME", + "value": "test-cluster-pd", + "value_from": null + }, + { + "name": "SET_NAME", + "value": "test-cluster-pd", + "value_from": null + }, + { + "name": "TZ", + "value": "UTC", + "value_from": null + } + ], + "env_from": null, + "image": "pingcap/pd:v5.4.0", + "image_pull_policy": "IfNotPresent", + "lifecycle": null, + "liveness_probe": null, + "name": "pd", + "ports": [ + { + "container_port": 2380, + "host_ip": null, + "host_port": null, + "name": "server", + "protocol": "TCP" + }, + { + "container_port": 2379, + "host_ip": null, + "host_port": null, + "name": "client", + "protocol": "TCP" + } + ], + "readiness_probe": null, + "resources": { + "claims": null, + "limits": null, + "requests": null + }, + "security_context": null, + "startup_probe": null, + "stdin": null, + "stdin_once": null, + "termination_message_path": "/dev/termination-log", + "termination_message_policy": "File", + "tty": null, + "volume_devices": null, + "volume_mounts": [ + { + "mount_path": "/etc/podinfo", + "mount_propagation": null, + "name": "annotations", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/etc/pd", + "mount_propagation": null, + "name": "config", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/usr/local/bin", + "mount_propagation": null, + "name": "startup-script", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/var/lib/pd", + "mount_propagation": null, + "name": "pd", + "read_only": null, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/var/run/secrets/kubernetes.io/serviceaccount", + "mount_propagation": null, + "name": "kube-api-access-jwwwg", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + } + ], + "working_dir": null + } + ], + "dns_config": null, + "dns_policy": "ClusterFirst", + "enable_service_links": true, + "ephemeral_containers": null, + "host_aliases": null, + "host_ipc": null, + "host_network": null, + "host_pid": null, + "host_users": null, + "hostname": "test-cluster-pd-0", + "image_pull_secrets": null, + "init_containers": null, + "node_name": "acto-0-cluster-0-worker", + "node_selector": null, + "os": null, + "overhead": null, + "preemption_policy": "PreemptLowerPriority", + "priority": 0, + "priority_class_name": null, + "readiness_gates": null, + "resource_claims": null, + "restart_policy": "Always", + "runtime_class_name": null, + "scheduler_name": "default-scheduler", + "scheduling_gates": null, + "security_context": { + "fs_group": null, + "fs_group_change_policy": null, + "run_as_group": null, + "run_as_non_root": null, + "run_as_user": null, + "se_linux_options": null, + "seccomp_profile": null, + "supplemental_groups": null, + "sysctls": null, + "windows_options": null + }, + "service_account": "default", + "service_account_name": "default", + "set_hostname_as_fqdn": null, + "share_process_namespace": null, + "subdomain": "test-cluster-pd-peer", + "termination_grace_period_seconds": 30, + "tolerations": [ + { + "effect": "NoExecute", + "key": "node.kubernetes.io/not-ready", + "operator": "Exists", + "toleration_seconds": 300, + "value": null + }, + { + "effect": "NoExecute", + "key": "node.kubernetes.io/unreachable", + "operator": "Exists", + "toleration_seconds": 300, + "value": null + } + ], + "topology_spread_constraints": null, + "volumes": [ + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "pd", + "nfs": null, + "persistent_volume_claim": { + "claim_name": "pd-test-cluster-pd-0", + "read_only": null + }, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": { + "default_mode": 420, + "items": [ + { + "field_ref": { + "api_version": "v1", + "field_path": "metadata.annotations" + }, + "mode": null, + "path": "annotations", + "resource_field_ref": null + } + ] + }, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "annotations", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": { + "default_mode": 420, + "items": [ + { + "key": "config-file", + "mode": null, + "path": "pd.toml" + } + ], + "name": "test-cluster-pd-3731616", + "optional": null + }, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "config", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": { + "default_mode": 420, + "items": [ + { + "key": "startup-script", + "mode": null, + "path": "pd_start_script.sh" + } + ], + "name": "test-cluster-pd-3731616", + "optional": null + }, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "startup-script", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "kube-api-access-jwwwg", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": { + "default_mode": 420, + "sources": [ + { + "config_map": null, + "downward_api": null, + "secret": null, + "service_account_token": { + "audience": null, + "expiration_seconds": 3607, + "path": "token" + } + }, + { + "config_map": { + "items": [ + { + "key": "ca.crt", + "mode": null, + "path": "ca.crt" + } + ], + "name": "kube-root-ca.crt", + "optional": null + }, + "downward_api": null, + "secret": null, + "service_account_token": null + }, + { + "config_map": null, + "downward_api": { + "items": [ + { + "field_ref": { + "api_version": "v1", + "field_path": "metadata.namespace" + }, + "mode": null, + "path": "namespace", + "resource_field_ref": null + } + ] + }, + "secret": null, + "service_account_token": null + } + ] + }, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + } + ] + }, + "status": { + "conditions": [ + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T01:20:03+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "Initialized" + }, + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T01:20:26+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "Ready" + }, + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T01:20:26+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "ContainersReady" + }, + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T01:20:03+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "PodScheduled" + } + ], + "container_statuses": [ + { + "container_id": "containerd://27a3d82f16f69a11bf9dde6813844be50e843e3d53d63a441944e1f441d505f1", + "image": "docker.io/pingcap/pd:v5.4.0", + "image_id": "docker.io/library/import-2024-02-27@sha256:e69d83ac856c43909b810402d2fcbeb543ca3580d5be3ecfc008c3f522d89285", + "last_state": { + "running": null, + "terminated": { + "container_id": "containerd://20f57c8c5b28a8a4e754d8f7119707034f67a46a84eaf63987e9d2de84921b4a", + "exit_code": 1, + "finished_at": "2024-02-27T01:20:24+00:00", + "message": null, + "reason": "Error", + "signal": null, + "started_at": "2024-02-27T01:20:04+00:00" + }, + "waiting": null + }, + "name": "pd", + "ready": true, + "restart_count": 1, + "started": true, + "state": { + "running": { + "started_at": "2024-02-27T01:20:25+00:00" + }, + "terminated": null, + "waiting": null + } + } + ], + "ephemeral_container_statuses": null, + "host_ip": "172.18.0.2", + "init_container_statuses": null, + "message": null, + "nominated_node_name": null, + "phase": "Running", + "pod_ip": "10.244.1.4", + "pod_i_ps": [ + { + "ip": "10.244.1.4" + } + ], + "qos_class": "BestEffort", + "reason": null, + "start_time": "2024-02-27T01:20:03+00:00" + } + }, + "test-cluster-pd-1": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": { + "prometheus.io/path": "/metrics", + "prometheus.io/port": "2379", + "prometheus.io/scrape": "true" + }, + "creation_timestamp": "2024-02-27T01:19:59+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": "test-cluster-pd-", + "generation": null, + "labels": { + "app.kubernetes.io/component": "pd", + "app.kubernetes.io/instance": "test-cluster", + "app.kubernetes.io/managed-by": "tidb-operator", + "app.kubernetes.io/name": "tidb-cluster", + "apps.kubernetes.io/pod-index": "1", + "controller-revision-hash": "test-cluster-pd-859db88ddf", + "statefulset.kubernetes.io/pod-name": "test-cluster-pd-1", + "tidb.pingcap.com/cluster-id": "7340085439264123903", + "tidb.pingcap.com/member-id": "13142663148032253862" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + ".": {}, + "f:prometheus.io/path": {}, + "f:prometheus.io/port": {}, + "f:prometheus.io/scrape": {} + }, + "f:generateName": {}, + "f:labels": { + ".": {}, + "f:app.kubernetes.io/component": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {}, + "f:apps.kubernetes.io/pod-index": {}, + "f:controller-revision-hash": {}, + "f:statefulset.kubernetes.io/pod-name": {} + }, + "f:ownerReferences": { + ".": {}, + "k:{\"uid\":\"88522170-1faf-4a03-8d4e-f4f6a40c72a7\"}": {} + } + }, + "f:spec": { + "f:containers": { + "k:{\"name\":\"pd\"}": { + ".": {}, + "f:command": {}, + "f:env": { + ".": {}, + "k:{\"name\":\"NAMESPACE\"}": { + ".": {}, + "f:name": {}, + "f:valueFrom": { + ".": {}, + "f:fieldRef": {} + } + }, + "k:{\"name\":\"PEER_SERVICE_NAME\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"SERVICE_NAME\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"SET_NAME\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"TZ\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + } + }, + "f:image": {}, + "f:imagePullPolicy": {}, + "f:name": {}, + "f:ports": { + ".": {}, + "k:{\"containerPort\":2379,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + }, + "k:{\"containerPort\":2380,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + } + }, + "f:resources": {}, + "f:terminationMessagePath": {}, + "f:terminationMessagePolicy": {}, + "f:volumeMounts": { + ".": {}, + "k:{\"mountPath\":\"/etc/pd\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {}, + "f:readOnly": {} + }, + "k:{\"mountPath\":\"/etc/podinfo\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {}, + "f:readOnly": {} + }, + "k:{\"mountPath\":\"/usr/local/bin\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {}, + "f:readOnly": {} + }, + "k:{\"mountPath\":\"/var/lib/pd\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {} + } + } + } + }, + "f:dnsPolicy": {}, + "f:enableServiceLinks": {}, + "f:hostname": {}, + "f:restartPolicy": {}, + "f:schedulerName": {}, + "f:securityContext": {}, + "f:subdomain": {}, + "f:terminationGracePeriodSeconds": {}, + "f:volumes": { + ".": {}, + "k:{\"name\":\"annotations\"}": { + ".": {}, + "f:downwardAPI": { + ".": {}, + "f:defaultMode": {}, + "f:items": {} + }, + "f:name": {} + }, + "k:{\"name\":\"config\"}": { + ".": {}, + "f:configMap": { + ".": {}, + "f:defaultMode": {}, + "f:items": {}, + "f:name": {} + }, + "f:name": {} + }, + "k:{\"name\":\"pd\"}": { + ".": {}, + "f:name": {}, + "f:persistentVolumeClaim": { + ".": {}, + "f:claimName": {} + } + }, + "k:{\"name\":\"startup-script\"}": { + ".": {}, + "f:configMap": { + ".": {}, + "f:defaultMode": {}, + "f:items": {}, + "f:name": {} + }, + "f:name": {} + } + } + } + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:59+00:00" + }, + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:status": { + "f:conditions": { + "k:{\"type\":\"ContainersReady\"}": { + ".": {}, + "f:lastProbeTime": {}, + "f:lastTransitionTime": {}, + "f:status": {}, + "f:type": {} + }, + "k:{\"type\":\"Initialized\"}": { + ".": {}, + "f:lastProbeTime": {}, + "f:lastTransitionTime": {}, + "f:status": {}, + "f:type": {} + }, + "k:{\"type\":\"Ready\"}": { + ".": {}, + "f:lastProbeTime": {}, + "f:lastTransitionTime": {}, + "f:status": {}, + "f:type": {} + } + }, + "f:containerStatuses": {}, + "f:hostIP": {}, + "f:phase": {}, + "f:podIP": {}, + "f:podIPs": { + ".": {}, + "k:{\"ip\":\"10.244.2.5\"}": { + ".": {}, + "f:ip": {} + } + }, + "f:startTime": {} + } + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:04+00:00" + }, + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:labels": { + "f:tidb.pingcap.com/cluster-id": {}, + "f:tidb.pingcap.com/member-id": {} + } + } + }, + "manager": "tidb-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:52+00:00" + } + ], + "name": "test-cluster-pd-1", + "namespace": "acto-namespace", + "owner_references": [ + { + "api_version": "apps/v1", + "block_owner_deletion": true, + "controller": true, + "kind": "StatefulSet", + "name": "test-cluster-pd", + "uid": "88522170-1faf-4a03-8d4e-f4f6a40c72a7" + } + ], + "resource_version": "1340", + "self_link": null, + "uid": "fddcab1c-5c70-49b9-8a97-afe4d7dec60e" + }, + "spec": { + "active_deadline_seconds": null, + "affinity": null, + "automount_service_account_token": null, + "containers": [ + { + "args": null, + "command": [ + "/bin/sh", + "/usr/local/bin/pd_start_script.sh" + ], + "env": [ + { + "name": "NAMESPACE", + "value": null, + "value_from": { + "config_map_key_ref": null, + "field_ref": { + "api_version": "v1", + "field_path": "metadata.namespace" + }, + "resource_field_ref": null, + "secret_key_ref": null + } + }, + { + "name": "PEER_SERVICE_NAME", + "value": "test-cluster-pd-peer", + "value_from": null + }, + { + "name": "SERVICE_NAME", + "value": "test-cluster-pd", + "value_from": null + }, + { + "name": "SET_NAME", + "value": "test-cluster-pd", + "value_from": null + }, + { + "name": "TZ", + "value": "UTC", + "value_from": null + } + ], + "env_from": null, + "image": "pingcap/pd:v5.4.0", + "image_pull_policy": "IfNotPresent", + "lifecycle": null, + "liveness_probe": null, + "name": "pd", + "ports": [ + { + "container_port": 2380, + "host_ip": null, + "host_port": null, + "name": "server", + "protocol": "TCP" + }, + { + "container_port": 2379, + "host_ip": null, + "host_port": null, + "name": "client", + "protocol": "TCP" + } + ], + "readiness_probe": null, + "resources": { + "claims": null, + "limits": null, + "requests": null + }, + "security_context": null, + "startup_probe": null, + "stdin": null, + "stdin_once": null, + "termination_message_path": "/dev/termination-log", + "termination_message_policy": "File", + "tty": null, + "volume_devices": null, + "volume_mounts": [ + { + "mount_path": "/etc/podinfo", + "mount_propagation": null, + "name": "annotations", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/etc/pd", + "mount_propagation": null, + "name": "config", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/usr/local/bin", + "mount_propagation": null, + "name": "startup-script", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/var/lib/pd", + "mount_propagation": null, + "name": "pd", + "read_only": null, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/var/run/secrets/kubernetes.io/serviceaccount", + "mount_propagation": null, + "name": "kube-api-access-bclcz", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + } + ], + "working_dir": null + } + ], + "dns_config": null, + "dns_policy": "ClusterFirst", + "enable_service_links": true, + "ephemeral_containers": null, + "host_aliases": null, + "host_ipc": null, + "host_network": null, + "host_pid": null, + "host_users": null, + "hostname": "test-cluster-pd-1", + "image_pull_secrets": null, + "init_containers": null, + "node_name": "acto-0-cluster-0-worker2", + "node_selector": null, + "os": null, + "overhead": null, + "preemption_policy": "PreemptLowerPriority", + "priority": 0, + "priority_class_name": null, + "readiness_gates": null, + "resource_claims": null, + "restart_policy": "Always", + "runtime_class_name": null, + "scheduler_name": "default-scheduler", + "scheduling_gates": null, + "security_context": { + "fs_group": null, + "fs_group_change_policy": null, + "run_as_group": null, + "run_as_non_root": null, + "run_as_user": null, + "se_linux_options": null, + "seccomp_profile": null, + "supplemental_groups": null, + "sysctls": null, + "windows_options": null + }, + "service_account": "default", + "service_account_name": "default", + "set_hostname_as_fqdn": null, + "share_process_namespace": null, + "subdomain": "test-cluster-pd-peer", + "termination_grace_period_seconds": 30, + "tolerations": [ + { + "effect": "NoExecute", + "key": "node.kubernetes.io/not-ready", + "operator": "Exists", + "toleration_seconds": 300, + "value": null + }, + { + "effect": "NoExecute", + "key": "node.kubernetes.io/unreachable", + "operator": "Exists", + "toleration_seconds": 300, + "value": null + } + ], + "topology_spread_constraints": null, + "volumes": [ + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "pd", + "nfs": null, + "persistent_volume_claim": { + "claim_name": "pd-test-cluster-pd-1", + "read_only": null + }, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": { + "default_mode": 420, + "items": [ + { + "field_ref": { + "api_version": "v1", + "field_path": "metadata.annotations" + }, + "mode": null, + "path": "annotations", + "resource_field_ref": null + } + ] + }, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "annotations", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": { + "default_mode": 420, + "items": [ + { + "key": "config-file", + "mode": null, + "path": "pd.toml" + } + ], + "name": "test-cluster-pd-3731616", + "optional": null + }, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "config", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": { + "default_mode": 420, + "items": [ + { + "key": "startup-script", + "mode": null, + "path": "pd_start_script.sh" + } + ], + "name": "test-cluster-pd-3731616", + "optional": null + }, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "startup-script", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "kube-api-access-bclcz", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": { + "default_mode": 420, + "sources": [ + { + "config_map": null, + "downward_api": null, + "secret": null, + "service_account_token": { + "audience": null, + "expiration_seconds": 3607, + "path": "token" + } + }, + { + "config_map": { + "items": [ + { + "key": "ca.crt", + "mode": null, + "path": "ca.crt" + } + ], + "name": "kube-root-ca.crt", + "optional": null + }, + "downward_api": null, + "secret": null, + "service_account_token": null + }, + { + "config_map": null, + "downward_api": { + "items": [ + { + "field_ref": { + "api_version": "v1", + "field_path": "metadata.namespace" + }, + "mode": null, + "path": "namespace", + "resource_field_ref": null + } + ] + }, + "secret": null, + "service_account_token": null + } + ] + }, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + } + ] + }, + "status": { + "conditions": [ + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T01:20:03+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "Initialized" + }, + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T01:20:04+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "Ready" + }, + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T01:20:04+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "ContainersReady" + }, + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T01:20:03+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "PodScheduled" + } + ], + "container_statuses": [ + { + "container_id": "containerd://0a7d143f5be0063988eb0aef7c4aa201ac0ecd29e34a77c5d3e3e0c4d420b13f", + "image": "docker.io/pingcap/pd:v5.4.0", + "image_id": "docker.io/library/import-2024-02-27@sha256:e69d83ac856c43909b810402d2fcbeb543ca3580d5be3ecfc008c3f522d89285", + "last_state": { + "running": null, + "terminated": null, + "waiting": null + }, + "name": "pd", + "ready": true, + "restart_count": 0, + "started": true, + "state": { + "running": { + "started_at": "2024-02-27T01:20:04+00:00" + }, + "terminated": null, + "waiting": null + } + } + ], + "ephemeral_container_statuses": null, + "host_ip": "172.18.0.5", + "init_container_statuses": null, + "message": null, + "nominated_node_name": null, + "phase": "Running", + "pod_ip": "10.244.2.5", + "pod_i_ps": [ + { + "ip": "10.244.2.5" + } + ], + "qos_class": "BestEffort", + "reason": null, + "start_time": "2024-02-27T01:20:03+00:00" + } + }, + "test-cluster-pd-2": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": { + "prometheus.io/path": "/metrics", + "prometheus.io/port": "2379", + "prometheus.io/scrape": "true" + }, + "creation_timestamp": "2024-02-27T01:19:59+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": "test-cluster-pd-", + "generation": null, + "labels": { + "app.kubernetes.io/component": "pd", + "app.kubernetes.io/instance": "test-cluster", + "app.kubernetes.io/managed-by": "tidb-operator", + "app.kubernetes.io/name": "tidb-cluster", + "apps.kubernetes.io/pod-index": "2", + "controller-revision-hash": "test-cluster-pd-859db88ddf", + "statefulset.kubernetes.io/pod-name": "test-cluster-pd-2", + "tidb.pingcap.com/cluster-id": "7340085439264123903", + "tidb.pingcap.com/member-id": "5110389971597451409" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + ".": {}, + "f:prometheus.io/path": {}, + "f:prometheus.io/port": {}, + "f:prometheus.io/scrape": {} + }, + "f:generateName": {}, + "f:labels": { + ".": {}, + "f:app.kubernetes.io/component": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {}, + "f:apps.kubernetes.io/pod-index": {}, + "f:controller-revision-hash": {}, + "f:statefulset.kubernetes.io/pod-name": {} + }, + "f:ownerReferences": { + ".": {}, + "k:{\"uid\":\"88522170-1faf-4a03-8d4e-f4f6a40c72a7\"}": {} + } + }, + "f:spec": { + "f:containers": { + "k:{\"name\":\"pd\"}": { + ".": {}, + "f:command": {}, + "f:env": { + ".": {}, + "k:{\"name\":\"NAMESPACE\"}": { + ".": {}, + "f:name": {}, + "f:valueFrom": { + ".": {}, + "f:fieldRef": {} + } + }, + "k:{\"name\":\"PEER_SERVICE_NAME\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"SERVICE_NAME\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"SET_NAME\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"TZ\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + } + }, + "f:image": {}, + "f:imagePullPolicy": {}, + "f:name": {}, + "f:ports": { + ".": {}, + "k:{\"containerPort\":2379,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + }, + "k:{\"containerPort\":2380,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + } + }, + "f:resources": {}, + "f:terminationMessagePath": {}, + "f:terminationMessagePolicy": {}, + "f:volumeMounts": { + ".": {}, + "k:{\"mountPath\":\"/etc/pd\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {}, + "f:readOnly": {} + }, + "k:{\"mountPath\":\"/etc/podinfo\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {}, + "f:readOnly": {} + }, + "k:{\"mountPath\":\"/usr/local/bin\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {}, + "f:readOnly": {} + }, + "k:{\"mountPath\":\"/var/lib/pd\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {} + } + } + } + }, + "f:dnsPolicy": {}, + "f:enableServiceLinks": {}, + "f:hostname": {}, + "f:restartPolicy": {}, + "f:schedulerName": {}, + "f:securityContext": {}, + "f:subdomain": {}, + "f:terminationGracePeriodSeconds": {}, + "f:volumes": { + ".": {}, + "k:{\"name\":\"annotations\"}": { + ".": {}, + "f:downwardAPI": { + ".": {}, + "f:defaultMode": {}, + "f:items": {} + }, + "f:name": {} + }, + "k:{\"name\":\"config\"}": { + ".": {}, + "f:configMap": { + ".": {}, + "f:defaultMode": {}, + "f:items": {}, + "f:name": {} + }, + "f:name": {} + }, + "k:{\"name\":\"pd\"}": { + ".": {}, + "f:name": {}, + "f:persistentVolumeClaim": { + ".": {}, + "f:claimName": {} + } + }, + "k:{\"name\":\"startup-script\"}": { + ".": {}, + "f:configMap": { + ".": {}, + "f:defaultMode": {}, + "f:items": {}, + "f:name": {} + }, + "f:name": {} + } + } + } + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:59+00:00" + }, + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:status": { + "f:conditions": { + "k:{\"type\":\"ContainersReady\"}": { + ".": {}, + "f:lastProbeTime": {}, + "f:lastTransitionTime": {}, + "f:status": {}, + "f:type": {} + }, + "k:{\"type\":\"Initialized\"}": { + ".": {}, + "f:lastProbeTime": {}, + "f:lastTransitionTime": {}, + "f:status": {}, + "f:type": {} + }, + "k:{\"type\":\"Ready\"}": { + ".": {}, + "f:lastProbeTime": {}, + "f:lastTransitionTime": {}, + "f:status": {}, + "f:type": {} + } + }, + "f:containerStatuses": {}, + "f:hostIP": {}, + "f:phase": {}, + "f:podIP": {}, + "f:podIPs": { + ".": {}, + "k:{\"ip\":\"10.244.3.5\"}": { + ".": {}, + "f:ip": {} + } + }, + "f:startTime": {} + } + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:05+00:00" + }, + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:labels": { + "f:tidb.pingcap.com/cluster-id": {}, + "f:tidb.pingcap.com/member-id": {} + } + } + }, + "manager": "tidb-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:52+00:00" + } + ], + "name": "test-cluster-pd-2", + "namespace": "acto-namespace", + "owner_references": [ + { + "api_version": "apps/v1", + "block_owner_deletion": true, + "controller": true, + "kind": "StatefulSet", + "name": "test-cluster-pd", + "uid": "88522170-1faf-4a03-8d4e-f4f6a40c72a7" + } + ], + "resource_version": "1354", + "self_link": null, + "uid": "6c47980f-aa16-4023-b5b9-150257844cb0" + }, + "spec": { + "active_deadline_seconds": null, + "affinity": null, + "automount_service_account_token": null, + "containers": [ + { + "args": null, + "command": [ + "/bin/sh", + "/usr/local/bin/pd_start_script.sh" + ], + "env": [ + { + "name": "NAMESPACE", + "value": null, + "value_from": { + "config_map_key_ref": null, + "field_ref": { + "api_version": "v1", + "field_path": "metadata.namespace" + }, + "resource_field_ref": null, + "secret_key_ref": null + } + }, + { + "name": "PEER_SERVICE_NAME", + "value": "test-cluster-pd-peer", + "value_from": null + }, + { + "name": "SERVICE_NAME", + "value": "test-cluster-pd", + "value_from": null + }, + { + "name": "SET_NAME", + "value": "test-cluster-pd", + "value_from": null + }, + { + "name": "TZ", + "value": "UTC", + "value_from": null + } + ], + "env_from": null, + "image": "pingcap/pd:v5.4.0", + "image_pull_policy": "IfNotPresent", + "lifecycle": null, + "liveness_probe": null, + "name": "pd", + "ports": [ + { + "container_port": 2380, + "host_ip": null, + "host_port": null, + "name": "server", + "protocol": "TCP" + }, + { + "container_port": 2379, + "host_ip": null, + "host_port": null, + "name": "client", + "protocol": "TCP" + } + ], + "readiness_probe": null, + "resources": { + "claims": null, + "limits": null, + "requests": null + }, + "security_context": null, + "startup_probe": null, + "stdin": null, + "stdin_once": null, + "termination_message_path": "/dev/termination-log", + "termination_message_policy": "File", + "tty": null, + "volume_devices": null, + "volume_mounts": [ + { + "mount_path": "/etc/podinfo", + "mount_propagation": null, + "name": "annotations", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/etc/pd", + "mount_propagation": null, + "name": "config", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/usr/local/bin", + "mount_propagation": null, + "name": "startup-script", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/var/lib/pd", + "mount_propagation": null, + "name": "pd", + "read_only": null, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/var/run/secrets/kubernetes.io/serviceaccount", + "mount_propagation": null, + "name": "kube-api-access-656c8", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + } + ], + "working_dir": null + } + ], + "dns_config": null, + "dns_policy": "ClusterFirst", + "enable_service_links": true, + "ephemeral_containers": null, + "host_aliases": null, + "host_ipc": null, + "host_network": null, + "host_pid": null, + "host_users": null, + "hostname": "test-cluster-pd-2", + "image_pull_secrets": null, + "init_containers": null, + "node_name": "acto-0-cluster-0-worker3", + "node_selector": null, + "os": null, + "overhead": null, + "preemption_policy": "PreemptLowerPriority", + "priority": 0, + "priority_class_name": null, + "readiness_gates": null, + "resource_claims": null, + "restart_policy": "Always", + "runtime_class_name": null, + "scheduler_name": "default-scheduler", + "scheduling_gates": null, + "security_context": { + "fs_group": null, + "fs_group_change_policy": null, + "run_as_group": null, + "run_as_non_root": null, + "run_as_user": null, + "se_linux_options": null, + "seccomp_profile": null, + "supplemental_groups": null, + "sysctls": null, + "windows_options": null + }, + "service_account": "default", + "service_account_name": "default", + "set_hostname_as_fqdn": null, + "share_process_namespace": null, + "subdomain": "test-cluster-pd-peer", + "termination_grace_period_seconds": 30, + "tolerations": [ + { + "effect": "NoExecute", + "key": "node.kubernetes.io/not-ready", + "operator": "Exists", + "toleration_seconds": 300, + "value": null + }, + { + "effect": "NoExecute", + "key": "node.kubernetes.io/unreachable", + "operator": "Exists", + "toleration_seconds": 300, + "value": null + } + ], + "topology_spread_constraints": null, + "volumes": [ + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "pd", + "nfs": null, + "persistent_volume_claim": { + "claim_name": "pd-test-cluster-pd-2", + "read_only": null + }, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": { + "default_mode": 420, + "items": [ + { + "field_ref": { + "api_version": "v1", + "field_path": "metadata.annotations" + }, + "mode": null, + "path": "annotations", + "resource_field_ref": null + } + ] + }, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "annotations", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": { + "default_mode": 420, + "items": [ + { + "key": "config-file", + "mode": null, + "path": "pd.toml" + } + ], + "name": "test-cluster-pd-3731616", + "optional": null + }, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "config", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": { + "default_mode": 420, + "items": [ + { + "key": "startup-script", + "mode": null, + "path": "pd_start_script.sh" + } + ], + "name": "test-cluster-pd-3731616", + "optional": null + }, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "startup-script", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "kube-api-access-656c8", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": { + "default_mode": 420, + "sources": [ + { + "config_map": null, + "downward_api": null, + "secret": null, + "service_account_token": { + "audience": null, + "expiration_seconds": 3607, + "path": "token" + } + }, + { + "config_map": { + "items": [ + { + "key": "ca.crt", + "mode": null, + "path": "ca.crt" + } + ], + "name": "kube-root-ca.crt", + "optional": null + }, + "downward_api": null, + "secret": null, + "service_account_token": null + }, + { + "config_map": null, + "downward_api": { + "items": [ + { + "field_ref": { + "api_version": "v1", + "field_path": "metadata.namespace" + }, + "mode": null, + "path": "namespace", + "resource_field_ref": null + } + ] + }, + "secret": null, + "service_account_token": null + } + ] + }, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + } + ] + }, + "status": { + "conditions": [ + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T01:20:03+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "Initialized" + }, + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T01:20:05+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "Ready" + }, + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T01:20:05+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "ContainersReady" + }, + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T01:20:03+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "PodScheduled" + } + ], + "container_statuses": [ + { + "container_id": "containerd://4cfe567e533bd251147cb392cc365315c020abcd2441c32cdfffc0a08ad62b43", + "image": "docker.io/pingcap/pd:v5.4.0", + "image_id": "docker.io/library/import-2024-02-27@sha256:e69d83ac856c43909b810402d2fcbeb543ca3580d5be3ecfc008c3f522d89285", + "last_state": { + "running": null, + "terminated": null, + "waiting": null + }, + "name": "pd", + "ready": true, + "restart_count": 0, + "started": true, + "state": { + "running": { + "started_at": "2024-02-27T01:20:04+00:00" + }, + "terminated": null, + "waiting": null + } + } + ], + "ephemeral_container_statuses": null, + "host_ip": "172.18.0.3", + "init_container_statuses": null, + "message": null, + "nominated_node_name": null, + "phase": "Running", + "pod_ip": "10.244.3.5", + "pod_i_ps": [ + { + "ip": "10.244.3.5" + } + ], + "qos_class": "BestEffort", + "reason": null, + "start_time": "2024-02-27T01:20:03+00:00" + } + }, + "test-cluster-tidb-0": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": { + "prometheus.io/path": "/metrics", + "prometheus.io/port": "10080", + "prometheus.io/scrape": "true" + }, + "creation_timestamp": "2024-02-27T01:20:52+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": "test-cluster-tidb-", + "generation": null, + "labels": { + "app.kubernetes.io/component": "tidb", + "app.kubernetes.io/instance": "test-cluster", + "app.kubernetes.io/managed-by": "tidb-operator", + "app.kubernetes.io/name": "tidb-cluster", + "apps.kubernetes.io/pod-index": "0", + "controller-revision-hash": "test-cluster-tidb-788bdc6cfc", + "statefulset.kubernetes.io/pod-name": "test-cluster-tidb-0", + "tidb.pingcap.com/cluster-id": "7340085439264123903" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + ".": {}, + "f:prometheus.io/path": {}, + "f:prometheus.io/port": {}, + "f:prometheus.io/scrape": {} + }, + "f:generateName": {}, + "f:labels": { + ".": {}, + "f:app.kubernetes.io/component": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {}, + "f:apps.kubernetes.io/pod-index": {}, + "f:controller-revision-hash": {}, + "f:statefulset.kubernetes.io/pod-name": {} + }, + "f:ownerReferences": { + ".": {}, + "k:{\"uid\":\"275a96f1-4db6-4070-a665-2df5d784b843\"}": {} + } + }, + "f:spec": { + "f:containers": { + "k:{\"name\":\"slowlog\"}": { + ".": {}, + "f:command": {}, + "f:image": {}, + "f:imagePullPolicy": {}, + "f:name": {}, + "f:resources": {}, + "f:terminationMessagePath": {}, + "f:terminationMessagePolicy": {}, + "f:volumeMounts": { + ".": {}, + "k:{\"mountPath\":\"/var/log/tidb\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {} + } + } + }, + "k:{\"name\":\"tidb\"}": { + ".": {}, + "f:command": {}, + "f:env": { + ".": {}, + "k:{\"name\":\"BINLOG_ENABLED\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"CLUSTER_NAME\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"HEADLESS_SERVICE_NAME\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"NAMESPACE\"}": { + ".": {}, + "f:name": {}, + "f:valueFrom": { + ".": {}, + "f:fieldRef": {} + } + }, + "k:{\"name\":\"POD_NAME\"}": { + ".": {}, + "f:name": {}, + "f:valueFrom": { + ".": {}, + "f:fieldRef": {} + } + }, + "k:{\"name\":\"SLOW_LOG_FILE\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"TZ\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + } + }, + "f:image": {}, + "f:imagePullPolicy": {}, + "f:name": {}, + "f:ports": { + ".": {}, + "k:{\"containerPort\":4000,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + }, + "k:{\"containerPort\":10080,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + } + }, + "f:readinessProbe": { + ".": {}, + "f:failureThreshold": {}, + "f:initialDelaySeconds": {}, + "f:periodSeconds": {}, + "f:successThreshold": {}, + "f:tcpSocket": { + ".": {}, + "f:port": {} + }, + "f:timeoutSeconds": {} + }, + "f:resources": {}, + "f:terminationMessagePath": {}, + "f:terminationMessagePolicy": {}, + "f:volumeMounts": { + ".": {}, + "k:{\"mountPath\":\"/etc/podinfo\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {}, + "f:readOnly": {} + }, + "k:{\"mountPath\":\"/etc/tidb\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {}, + "f:readOnly": {} + }, + "k:{\"mountPath\":\"/usr/local/bin\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {}, + "f:readOnly": {} + }, + "k:{\"mountPath\":\"/var/log/tidb\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {} + } + } + } + }, + "f:dnsPolicy": {}, + "f:enableServiceLinks": {}, + "f:hostname": {}, + "f:restartPolicy": {}, + "f:schedulerName": {}, + "f:securityContext": {}, + "f:subdomain": {}, + "f:terminationGracePeriodSeconds": {}, + "f:volumes": { + ".": {}, + "k:{\"name\":\"annotations\"}": { + ".": {}, + "f:downwardAPI": { + ".": {}, + "f:defaultMode": {}, + "f:items": {} + }, + "f:name": {} + }, + "k:{\"name\":\"config\"}": { + ".": {}, + "f:configMap": { + ".": {}, + "f:defaultMode": {}, + "f:items": {}, + "f:name": {} + }, + "f:name": {} + }, + "k:{\"name\":\"slowlog\"}": { + ".": {}, + "f:emptyDir": {}, + "f:name": {} + }, + "k:{\"name\":\"startup-script\"}": { + ".": {}, + "f:configMap": { + ".": {}, + "f:defaultMode": {}, + "f:items": {}, + "f:name": {} + }, + "f:name": {} + } + } + } + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:52+00:00" + }, + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:status": { + "f:conditions": { + "k:{\"type\":\"ContainersReady\"}": { + ".": {}, + "f:lastProbeTime": {}, + "f:type": {} + }, + "k:{\"type\":\"Initialized\"}": { + ".": {}, + "f:lastProbeTime": {}, + "f:lastTransitionTime": {}, + "f:status": {}, + "f:type": {} + }, + "k:{\"type\":\"Ready\"}": { + ".": {}, + "f:lastProbeTime": {}, + "f:type": {} + } + }, + "f:hostIP": {}, + "f:phase": {}, + "f:podIP": {}, + "f:podIPs": { + ".": {}, + "k:{\"ip\":\"10.244.1.7\"}": { + ".": {}, + "f:ip": {} + } + }, + "f:startTime": {} + } + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:53+00:00" + }, + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:labels": { + "f:tidb.pingcap.com/cluster-id": {} + } + } + }, + "manager": "tidb-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:56+00:00" + }, + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:status": { + "f:conditions": { + "k:{\"type\":\"ContainersReady\"}": { + "f:lastTransitionTime": {}, + "f:status": {} + }, + "k:{\"type\":\"Ready\"}": { + "f:lastTransitionTime": {}, + "f:status": {} + } + }, + "f:containerStatuses": {} + } + }, + "manager": "kubelet", + "operation": "Update", + "subresource": "status", + "time": "2024-02-27T01:21:12+00:00" + } + ], + "name": "test-cluster-tidb-0", + "namespace": "acto-namespace", + "owner_references": [ + { + "api_version": "apps/v1", + "block_owner_deletion": true, + "controller": true, + "kind": "StatefulSet", + "name": "test-cluster-tidb", + "uid": "275a96f1-4db6-4070-a665-2df5d784b843" + } + ], + "resource_version": "1476", + "self_link": null, + "uid": "33b4a064-47e7-4ea8-a6eb-4638ba7c5753" + }, + "spec": { + "active_deadline_seconds": null, + "affinity": null, + "automount_service_account_token": null, + "containers": [ + { + "args": null, + "command": [ + "sh", + "-c", + "touch /var/log/tidb/slowlog; tail -n0 -F /var/log/tidb/slowlog;" + ], + "env": null, + "env_from": null, + "image": "busybox:1.34.1", + "image_pull_policy": "IfNotPresent", + "lifecycle": null, + "liveness_probe": null, + "name": "slowlog", + "ports": null, + "readiness_probe": null, + "resources": { + "claims": null, + "limits": null, + "requests": null + }, + "security_context": null, + "startup_probe": null, + "stdin": null, + "stdin_once": null, + "termination_message_path": "/dev/termination-log", + "termination_message_policy": "File", + "tty": null, + "volume_devices": null, + "volume_mounts": [ + { + "mount_path": "/var/log/tidb", + "mount_propagation": null, + "name": "slowlog", + "read_only": null, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/var/run/secrets/kubernetes.io/serviceaccount", + "mount_propagation": null, + "name": "kube-api-access-bn9wq", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + } + ], + "working_dir": null + }, + { + "args": null, + "command": [ + "/bin/sh", + "/usr/local/bin/tidb_start_script.sh" + ], + "env": [ + { + "name": "CLUSTER_NAME", + "value": "test-cluster", + "value_from": null + }, + { + "name": "TZ", + "value": "UTC", + "value_from": null + }, + { + "name": "BINLOG_ENABLED", + "value": "false", + "value_from": null + }, + { + "name": "SLOW_LOG_FILE", + "value": "/var/log/tidb/slowlog", + "value_from": null + }, + { + "name": "POD_NAME", + "value": null, + "value_from": { + "config_map_key_ref": null, + "field_ref": { + "api_version": "v1", + "field_path": "metadata.name" + }, + "resource_field_ref": null, + "secret_key_ref": null + } + }, + { + "name": "NAMESPACE", + "value": null, + "value_from": { + "config_map_key_ref": null, + "field_ref": { + "api_version": "v1", + "field_path": "metadata.namespace" + }, + "resource_field_ref": null, + "secret_key_ref": null + } + }, + { + "name": "HEADLESS_SERVICE_NAME", + "value": "test-cluster-tidb-peer", + "value_from": null + } + ], + "env_from": null, + "image": "pingcap/tidb:v5.4.0", + "image_pull_policy": "IfNotPresent", + "lifecycle": null, + "liveness_probe": null, + "name": "tidb", + "ports": [ + { + "container_port": 4000, + "host_ip": null, + "host_port": null, + "name": "server", + "protocol": "TCP" + }, + { + "container_port": 10080, + "host_ip": null, + "host_port": null, + "name": "status", + "protocol": "TCP" + } + ], + "readiness_probe": { + "_exec": null, + "failure_threshold": 3, + "grpc": null, + "http_get": null, + "initial_delay_seconds": 10, + "period_seconds": 10, + "success_threshold": 1, + "tcp_socket": { + "host": null, + "port": 4000 + }, + "termination_grace_period_seconds": null, + "timeout_seconds": 1 + }, + "resources": { + "claims": null, + "limits": null, + "requests": null + }, + "security_context": null, + "startup_probe": null, + "stdin": null, + "stdin_once": null, + "termination_message_path": "/dev/termination-log", + "termination_message_policy": "File", + "tty": null, + "volume_devices": null, + "volume_mounts": [ + { + "mount_path": "/etc/podinfo", + "mount_propagation": null, + "name": "annotations", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/etc/tidb", + "mount_propagation": null, + "name": "config", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/usr/local/bin", + "mount_propagation": null, + "name": "startup-script", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/var/log/tidb", + "mount_propagation": null, + "name": "slowlog", + "read_only": null, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/var/run/secrets/kubernetes.io/serviceaccount", + "mount_propagation": null, + "name": "kube-api-access-bn9wq", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + } + ], + "working_dir": null + } + ], + "dns_config": null, + "dns_policy": "ClusterFirst", + "enable_service_links": true, + "ephemeral_containers": null, + "host_aliases": null, + "host_ipc": null, + "host_network": null, + "host_pid": null, + "host_users": null, + "hostname": "test-cluster-tidb-0", + "image_pull_secrets": null, + "init_containers": null, + "node_name": "acto-0-cluster-0-worker", + "node_selector": null, + "os": null, + "overhead": null, + "preemption_policy": "PreemptLowerPriority", + "priority": 0, + "priority_class_name": null, + "readiness_gates": null, + "resource_claims": null, + "restart_policy": "Always", + "runtime_class_name": null, + "scheduler_name": "default-scheduler", + "scheduling_gates": null, + "security_context": { + "fs_group": null, + "fs_group_change_policy": null, + "run_as_group": null, + "run_as_non_root": null, + "run_as_user": null, + "se_linux_options": null, + "seccomp_profile": null, + "supplemental_groups": null, + "sysctls": null, + "windows_options": null + }, + "service_account": "default", + "service_account_name": "default", + "set_hostname_as_fqdn": null, + "share_process_namespace": null, + "subdomain": "test-cluster-tidb-peer", + "termination_grace_period_seconds": 30, + "tolerations": [ + { + "effect": "NoExecute", + "key": "node.kubernetes.io/not-ready", + "operator": "Exists", + "toleration_seconds": 300, + "value": null + }, + { + "effect": "NoExecute", + "key": "node.kubernetes.io/unreachable", + "operator": "Exists", + "toleration_seconds": 300, + "value": null + } + ], + "topology_spread_constraints": null, + "volumes": [ + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": { + "default_mode": 420, + "items": [ + { + "field_ref": { + "api_version": "v1", + "field_path": "metadata.annotations" + }, + "mode": null, + "path": "annotations", + "resource_field_ref": null + } + ] + }, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "annotations", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": { + "default_mode": 420, + "items": [ + { + "key": "config-file", + "mode": null, + "path": "tidb.toml" + } + ], + "name": "test-cluster-tidb-6662316", + "optional": null + }, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "config", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": { + "default_mode": 420, + "items": [ + { + "key": "startup-script", + "mode": null, + "path": "tidb_start_script.sh" + } + ], + "name": "test-cluster-tidb-6662316", + "optional": null + }, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "startup-script", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": null, + "empty_dir": { + "medium": null, + "size_limit": null + }, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "slowlog", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "kube-api-access-bn9wq", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": { + "default_mode": 420, + "sources": [ + { + "config_map": null, + "downward_api": null, + "secret": null, + "service_account_token": { + "audience": null, + "expiration_seconds": 3607, + "path": "token" + } + }, + { + "config_map": { + "items": [ + { + "key": "ca.crt", + "mode": null, + "path": "ca.crt" + } + ], + "name": "kube-root-ca.crt", + "optional": null + }, + "downward_api": null, + "secret": null, + "service_account_token": null + }, + { + "config_map": null, + "downward_api": { + "items": [ + { + "field_ref": { + "api_version": "v1", + "field_path": "metadata.namespace" + }, + "mode": null, + "path": "namespace", + "resource_field_ref": null + } + ] + }, + "secret": null, + "service_account_token": null + } + ] + }, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + } + ] + }, + "status": { + "conditions": [ + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T01:20:52+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "Initialized" + }, + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T01:21:12+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "Ready" + }, + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T01:21:12+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "ContainersReady" + }, + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T01:20:52+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "PodScheduled" + } + ], + "container_statuses": [ + { + "container_id": "containerd://2ad24452cf6402683212a2d6d2849bc1145c5e44bddeb8e4baa6302f36f3a8c7", + "image": "docker.io/library/busybox:1.34.1", + "image_id": "docker.io/library/import-2024-02-27@sha256:c4d04d75f4fed737c946055f12e8eae66b6272e59afc5c9ed865428d7c215dad", + "last_state": { + "running": null, + "terminated": null, + "waiting": null + }, + "name": "slowlog", + "ready": true, + "restart_count": 0, + "started": true, + "state": { + "running": { + "started_at": "2024-02-27T01:20:52+00:00" + }, + "terminated": null, + "waiting": null + } + }, + { + "container_id": "containerd://f444e63c46317f049b2930f01b3386f18d2cbd204fef61c0c0959c564a310e03", + "image": "docker.io/pingcap/tidb:v5.4.0", + "image_id": "docker.io/library/import-2024-02-27@sha256:a79108254173688e4d6f8502e165ed9ef323e4af82c390a2afa40c6dfa4aa712", + "last_state": { + "running": null, + "terminated": null, + "waiting": null + }, + "name": "tidb", + "ready": true, + "restart_count": 0, + "started": true, + "state": { + "running": { + "started_at": "2024-02-27T01:20:53+00:00" + }, + "terminated": null, + "waiting": null + } + } + ], + "ephemeral_container_statuses": null, + "host_ip": "172.18.0.2", + "init_container_statuses": null, + "message": null, + "nominated_node_name": null, + "phase": "Running", + "pod_ip": "10.244.1.7", + "pod_i_ps": [ + { + "ip": "10.244.1.7" + } + ], + "qos_class": "BestEffort", + "reason": null, + "start_time": "2024-02-27T01:20:52+00:00" + } + }, + "test-cluster-tidb-1": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": { + "prometheus.io/path": "/metrics", + "prometheus.io/port": "10080", + "prometheus.io/scrape": "true" + }, + "creation_timestamp": "2024-02-27T01:20:52+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": "test-cluster-tidb-", + "generation": null, + "labels": { + "app.kubernetes.io/component": "tidb", + "app.kubernetes.io/instance": "test-cluster", + "app.kubernetes.io/managed-by": "tidb-operator", + "app.kubernetes.io/name": "tidb-cluster", + "apps.kubernetes.io/pod-index": "1", + "controller-revision-hash": "test-cluster-tidb-788bdc6cfc", + "statefulset.kubernetes.io/pod-name": "test-cluster-tidb-1", + "tidb.pingcap.com/cluster-id": "7340085439264123903" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + ".": {}, + "f:prometheus.io/path": {}, + "f:prometheus.io/port": {}, + "f:prometheus.io/scrape": {} + }, + "f:generateName": {}, + "f:labels": { + ".": {}, + "f:app.kubernetes.io/component": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {}, + "f:apps.kubernetes.io/pod-index": {}, + "f:controller-revision-hash": {}, + "f:statefulset.kubernetes.io/pod-name": {} + }, + "f:ownerReferences": { + ".": {}, + "k:{\"uid\":\"275a96f1-4db6-4070-a665-2df5d784b843\"}": {} + } + }, + "f:spec": { + "f:containers": { + "k:{\"name\":\"slowlog\"}": { + ".": {}, + "f:command": {}, + "f:image": {}, + "f:imagePullPolicy": {}, + "f:name": {}, + "f:resources": {}, + "f:terminationMessagePath": {}, + "f:terminationMessagePolicy": {}, + "f:volumeMounts": { + ".": {}, + "k:{\"mountPath\":\"/var/log/tidb\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {} + } + } + }, + "k:{\"name\":\"tidb\"}": { + ".": {}, + "f:command": {}, + "f:env": { + ".": {}, + "k:{\"name\":\"BINLOG_ENABLED\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"CLUSTER_NAME\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"HEADLESS_SERVICE_NAME\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"NAMESPACE\"}": { + ".": {}, + "f:name": {}, + "f:valueFrom": { + ".": {}, + "f:fieldRef": {} + } + }, + "k:{\"name\":\"POD_NAME\"}": { + ".": {}, + "f:name": {}, + "f:valueFrom": { + ".": {}, + "f:fieldRef": {} + } + }, + "k:{\"name\":\"SLOW_LOG_FILE\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"TZ\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + } + }, + "f:image": {}, + "f:imagePullPolicy": {}, + "f:name": {}, + "f:ports": { + ".": {}, + "k:{\"containerPort\":4000,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + }, + "k:{\"containerPort\":10080,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + } + }, + "f:readinessProbe": { + ".": {}, + "f:failureThreshold": {}, + "f:initialDelaySeconds": {}, + "f:periodSeconds": {}, + "f:successThreshold": {}, + "f:tcpSocket": { + ".": {}, + "f:port": {} + }, + "f:timeoutSeconds": {} + }, + "f:resources": {}, + "f:terminationMessagePath": {}, + "f:terminationMessagePolicy": {}, + "f:volumeMounts": { + ".": {}, + "k:{\"mountPath\":\"/etc/podinfo\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {}, + "f:readOnly": {} + }, + "k:{\"mountPath\":\"/etc/tidb\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {}, + "f:readOnly": {} + }, + "k:{\"mountPath\":\"/usr/local/bin\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {}, + "f:readOnly": {} + }, + "k:{\"mountPath\":\"/var/log/tidb\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {} + } + } + } + }, + "f:dnsPolicy": {}, + "f:enableServiceLinks": {}, + "f:hostname": {}, + "f:restartPolicy": {}, + "f:schedulerName": {}, + "f:securityContext": {}, + "f:subdomain": {}, + "f:terminationGracePeriodSeconds": {}, + "f:volumes": { + ".": {}, + "k:{\"name\":\"annotations\"}": { + ".": {}, + "f:downwardAPI": { + ".": {}, + "f:defaultMode": {}, + "f:items": {} + }, + "f:name": {} + }, + "k:{\"name\":\"config\"}": { + ".": {}, + "f:configMap": { + ".": {}, + "f:defaultMode": {}, + "f:items": {}, + "f:name": {} + }, + "f:name": {} + }, + "k:{\"name\":\"slowlog\"}": { + ".": {}, + "f:emptyDir": {}, + "f:name": {} + }, + "k:{\"name\":\"startup-script\"}": { + ".": {}, + "f:configMap": { + ".": {}, + "f:defaultMode": {}, + "f:items": {}, + "f:name": {} + }, + "f:name": {} + } + } + } + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:52+00:00" + }, + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:status": { + "f:conditions": { + "k:{\"type\":\"ContainersReady\"}": { + ".": {}, + "f:lastProbeTime": {}, + "f:type": {} + }, + "k:{\"type\":\"Initialized\"}": { + ".": {}, + "f:lastProbeTime": {}, + "f:lastTransitionTime": {}, + "f:status": {}, + "f:type": {} + }, + "k:{\"type\":\"Ready\"}": { + ".": {}, + "f:lastProbeTime": {}, + "f:type": {} + } + }, + "f:hostIP": {}, + "f:phase": {}, + "f:podIP": {}, + "f:podIPs": { + ".": {}, + "k:{\"ip\":\"10.244.2.8\"}": { + ".": {}, + "f:ip": {} + } + }, + "f:startTime": {} + } + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:53+00:00" + }, + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:labels": { + "f:tidb.pingcap.com/cluster-id": {} + } + } + }, + "manager": "tidb-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:56+00:00" + }, + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:status": { + "f:conditions": { + "k:{\"type\":\"ContainersReady\"}": { + "f:lastTransitionTime": {}, + "f:status": {} + }, + "k:{\"type\":\"Ready\"}": { + "f:lastTransitionTime": {}, + "f:status": {} + } + }, + "f:containerStatuses": {} + } + }, + "manager": "kubelet", + "operation": "Update", + "subresource": "status", + "time": "2024-02-27T01:21:12+00:00" + } + ], + "name": "test-cluster-tidb-1", + "namespace": "acto-namespace", + "owner_references": [ + { + "api_version": "apps/v1", + "block_owner_deletion": true, + "controller": true, + "kind": "StatefulSet", + "name": "test-cluster-tidb", + "uid": "275a96f1-4db6-4070-a665-2df5d784b843" + } + ], + "resource_version": "1471", + "self_link": null, + "uid": "b39da1e7-81ed-4250-9545-8ebd713753dc" + }, + "spec": { + "active_deadline_seconds": null, + "affinity": null, + "automount_service_account_token": null, + "containers": [ + { + "args": null, + "command": [ + "sh", + "-c", + "touch /var/log/tidb/slowlog; tail -n0 -F /var/log/tidb/slowlog;" + ], + "env": null, + "env_from": null, + "image": "busybox:1.34.1", + "image_pull_policy": "IfNotPresent", + "lifecycle": null, + "liveness_probe": null, + "name": "slowlog", + "ports": null, + "readiness_probe": null, + "resources": { + "claims": null, + "limits": null, + "requests": null + }, + "security_context": null, + "startup_probe": null, + "stdin": null, + "stdin_once": null, + "termination_message_path": "/dev/termination-log", + "termination_message_policy": "File", + "tty": null, + "volume_devices": null, + "volume_mounts": [ + { + "mount_path": "/var/log/tidb", + "mount_propagation": null, + "name": "slowlog", + "read_only": null, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/var/run/secrets/kubernetes.io/serviceaccount", + "mount_propagation": null, + "name": "kube-api-access-rw5pc", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + } + ], + "working_dir": null + }, + { + "args": null, + "command": [ + "/bin/sh", + "/usr/local/bin/tidb_start_script.sh" + ], + "env": [ + { + "name": "CLUSTER_NAME", + "value": "test-cluster", + "value_from": null + }, + { + "name": "TZ", + "value": "UTC", + "value_from": null + }, + { + "name": "BINLOG_ENABLED", + "value": "false", + "value_from": null + }, + { + "name": "SLOW_LOG_FILE", + "value": "/var/log/tidb/slowlog", + "value_from": null + }, + { + "name": "POD_NAME", + "value": null, + "value_from": { + "config_map_key_ref": null, + "field_ref": { + "api_version": "v1", + "field_path": "metadata.name" + }, + "resource_field_ref": null, + "secret_key_ref": null + } + }, + { + "name": "NAMESPACE", + "value": null, + "value_from": { + "config_map_key_ref": null, + "field_ref": { + "api_version": "v1", + "field_path": "metadata.namespace" + }, + "resource_field_ref": null, + "secret_key_ref": null + } + }, + { + "name": "HEADLESS_SERVICE_NAME", + "value": "test-cluster-tidb-peer", + "value_from": null + } + ], + "env_from": null, + "image": "pingcap/tidb:v5.4.0", + "image_pull_policy": "IfNotPresent", + "lifecycle": null, + "liveness_probe": null, + "name": "tidb", + "ports": [ + { + "container_port": 4000, + "host_ip": null, + "host_port": null, + "name": "server", + "protocol": "TCP" + }, + { + "container_port": 10080, + "host_ip": null, + "host_port": null, + "name": "status", + "protocol": "TCP" + } + ], + "readiness_probe": { + "_exec": null, + "failure_threshold": 3, + "grpc": null, + "http_get": null, + "initial_delay_seconds": 10, + "period_seconds": 10, + "success_threshold": 1, + "tcp_socket": { + "host": null, + "port": 4000 + }, + "termination_grace_period_seconds": null, + "timeout_seconds": 1 + }, + "resources": { + "claims": null, + "limits": null, + "requests": null + }, + "security_context": null, + "startup_probe": null, + "stdin": null, + "stdin_once": null, + "termination_message_path": "/dev/termination-log", + "termination_message_policy": "File", + "tty": null, + "volume_devices": null, + "volume_mounts": [ + { + "mount_path": "/etc/podinfo", + "mount_propagation": null, + "name": "annotations", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/etc/tidb", + "mount_propagation": null, + "name": "config", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/usr/local/bin", + "mount_propagation": null, + "name": "startup-script", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/var/log/tidb", + "mount_propagation": null, + "name": "slowlog", + "read_only": null, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/var/run/secrets/kubernetes.io/serviceaccount", + "mount_propagation": null, + "name": "kube-api-access-rw5pc", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + } + ], + "working_dir": null + } + ], + "dns_config": null, + "dns_policy": "ClusterFirst", + "enable_service_links": true, + "ephemeral_containers": null, + "host_aliases": null, + "host_ipc": null, + "host_network": null, + "host_pid": null, + "host_users": null, + "hostname": "test-cluster-tidb-1", + "image_pull_secrets": null, + "init_containers": null, + "node_name": "acto-0-cluster-0-worker2", + "node_selector": null, + "os": null, + "overhead": null, + "preemption_policy": "PreemptLowerPriority", + "priority": 0, + "priority_class_name": null, + "readiness_gates": null, + "resource_claims": null, + "restart_policy": "Always", + "runtime_class_name": null, + "scheduler_name": "default-scheduler", + "scheduling_gates": null, + "security_context": { + "fs_group": null, + "fs_group_change_policy": null, + "run_as_group": null, + "run_as_non_root": null, + "run_as_user": null, + "se_linux_options": null, + "seccomp_profile": null, + "supplemental_groups": null, + "sysctls": null, + "windows_options": null + }, + "service_account": "default", + "service_account_name": "default", + "set_hostname_as_fqdn": null, + "share_process_namespace": null, + "subdomain": "test-cluster-tidb-peer", + "termination_grace_period_seconds": 30, + "tolerations": [ + { + "effect": "NoExecute", + "key": "node.kubernetes.io/not-ready", + "operator": "Exists", + "toleration_seconds": 300, + "value": null + }, + { + "effect": "NoExecute", + "key": "node.kubernetes.io/unreachable", + "operator": "Exists", + "toleration_seconds": 300, + "value": null + } + ], + "topology_spread_constraints": null, + "volumes": [ + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": { + "default_mode": 420, + "items": [ + { + "field_ref": { + "api_version": "v1", + "field_path": "metadata.annotations" + }, + "mode": null, + "path": "annotations", + "resource_field_ref": null + } + ] + }, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "annotations", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": { + "default_mode": 420, + "items": [ + { + "key": "config-file", + "mode": null, + "path": "tidb.toml" + } + ], + "name": "test-cluster-tidb-6662316", + "optional": null + }, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "config", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": { + "default_mode": 420, + "items": [ + { + "key": "startup-script", + "mode": null, + "path": "tidb_start_script.sh" + } + ], + "name": "test-cluster-tidb-6662316", + "optional": null + }, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "startup-script", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": null, + "empty_dir": { + "medium": null, + "size_limit": null + }, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "slowlog", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "kube-api-access-rw5pc", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": { + "default_mode": 420, + "sources": [ + { + "config_map": null, + "downward_api": null, + "secret": null, + "service_account_token": { + "audience": null, + "expiration_seconds": 3607, + "path": "token" + } + }, + { + "config_map": { + "items": [ + { + "key": "ca.crt", + "mode": null, + "path": "ca.crt" + } + ], + "name": "kube-root-ca.crt", + "optional": null + }, + "downward_api": null, + "secret": null, + "service_account_token": null + }, + { + "config_map": null, + "downward_api": { + "items": [ + { + "field_ref": { + "api_version": "v1", + "field_path": "metadata.namespace" + }, + "mode": null, + "path": "namespace", + "resource_field_ref": null + } + ] + }, + "secret": null, + "service_account_token": null + } + ] + }, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + } + ] + }, + "status": { + "conditions": [ + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T01:20:52+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "Initialized" + }, + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T01:21:12+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "Ready" + }, + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T01:21:12+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "ContainersReady" + }, + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T01:20:52+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "PodScheduled" + } + ], + "container_statuses": [ + { + "container_id": "containerd://6fc7c7c9dcb235ad59187d63b85140c79966544c06ac3cb4aad3ed5bf5a5df6b", + "image": "docker.io/library/busybox:1.34.1", + "image_id": "docker.io/library/import-2024-02-27@sha256:c4d04d75f4fed737c946055f12e8eae66b6272e59afc5c9ed865428d7c215dad", + "last_state": { + "running": null, + "terminated": null, + "waiting": null + }, + "name": "slowlog", + "ready": true, + "restart_count": 0, + "started": true, + "state": { + "running": { + "started_at": "2024-02-27T01:20:53+00:00" + }, + "terminated": null, + "waiting": null + } + }, + { + "container_id": "containerd://f092dd22c8f76105fb6b06a6ecd05efa4e205b3362e4e6c8d9723658411a9931", + "image": "docker.io/pingcap/tidb:v5.4.0", + "image_id": "docker.io/library/import-2024-02-27@sha256:a79108254173688e4d6f8502e165ed9ef323e4af82c390a2afa40c6dfa4aa712", + "last_state": { + "running": null, + "terminated": null, + "waiting": null + }, + "name": "tidb", + "ready": true, + "restart_count": 0, + "started": true, + "state": { + "running": { + "started_at": "2024-02-27T01:20:53+00:00" + }, + "terminated": null, + "waiting": null + } + } + ], + "ephemeral_container_statuses": null, + "host_ip": "172.18.0.5", + "init_container_statuses": null, + "message": null, + "nominated_node_name": null, + "phase": "Running", + "pod_ip": "10.244.2.8", + "pod_i_ps": [ + { + "ip": "10.244.2.8" + } + ], + "qos_class": "BestEffort", + "reason": null, + "start_time": "2024-02-27T01:20:52+00:00" + } + }, + "test-cluster-tidb-2": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": { + "prometheus.io/path": "/metrics", + "prometheus.io/port": "10080", + "prometheus.io/scrape": "true" + }, + "creation_timestamp": "2024-02-27T01:22:26+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": "test-cluster-tidb-", + "generation": null, + "labels": { + "app.kubernetes.io/component": "tidb", + "app.kubernetes.io/instance": "test-cluster", + "app.kubernetes.io/managed-by": "tidb-operator", + "app.kubernetes.io/name": "tidb-cluster", + "apps.kubernetes.io/pod-index": "2", + "controller-revision-hash": "test-cluster-tidb-64f7fcc656", + "statefulset.kubernetes.io/pod-name": "test-cluster-tidb-2", + "tidb.pingcap.com/cluster-id": "7340085439264123903" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + ".": {}, + "f:prometheus.io/path": {}, + "f:prometheus.io/port": {}, + "f:prometheus.io/scrape": {} + }, + "f:generateName": {}, + "f:labels": { + ".": {}, + "f:app.kubernetes.io/component": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {}, + "f:apps.kubernetes.io/pod-index": {}, + "f:controller-revision-hash": {}, + "f:statefulset.kubernetes.io/pod-name": {} + }, + "f:ownerReferences": { + ".": {}, + "k:{\"uid\":\"275a96f1-4db6-4070-a665-2df5d784b843\"}": {} + } + }, + "f:spec": { + "f:affinity": { + ".": {}, + "f:nodeAffinity": { + ".": {}, + "f:requiredDuringSchedulingIgnoredDuringExecution": {} + } + }, + "f:containers": { + "k:{\"name\":\"slowlog\"}": { + ".": {}, + "f:command": {}, + "f:image": {}, + "f:imagePullPolicy": {}, + "f:name": {}, + "f:resources": {}, + "f:terminationMessagePath": {}, + "f:terminationMessagePolicy": {}, + "f:volumeMounts": { + ".": {}, + "k:{\"mountPath\":\"/var/log/tidb\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {} + } + } + }, + "k:{\"name\":\"tidb\"}": { + ".": {}, + "f:command": {}, + "f:env": { + ".": {}, + "k:{\"name\":\"BINLOG_ENABLED\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"CLUSTER_NAME\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"HEADLESS_SERVICE_NAME\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"NAMESPACE\"}": { + ".": {}, + "f:name": {}, + "f:valueFrom": { + ".": {}, + "f:fieldRef": {} + } + }, + "k:{\"name\":\"POD_NAME\"}": { + ".": {}, + "f:name": {}, + "f:valueFrom": { + ".": {}, + "f:fieldRef": {} + } + }, + "k:{\"name\":\"SLOW_LOG_FILE\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"TZ\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + } + }, + "f:image": {}, + "f:imagePullPolicy": {}, + "f:name": {}, + "f:ports": { + ".": {}, + "k:{\"containerPort\":4000,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + }, + "k:{\"containerPort\":10080,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + } + }, + "f:readinessProbe": { + ".": {}, + "f:failureThreshold": {}, + "f:initialDelaySeconds": {}, + "f:periodSeconds": {}, + "f:successThreshold": {}, + "f:tcpSocket": { + ".": {}, + "f:port": {} + }, + "f:timeoutSeconds": {} + }, + "f:resources": {}, + "f:terminationMessagePath": {}, + "f:terminationMessagePolicy": {}, + "f:volumeMounts": { + ".": {}, + "k:{\"mountPath\":\"/etc/podinfo\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {}, + "f:readOnly": {} + }, + "k:{\"mountPath\":\"/etc/tidb\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {}, + "f:readOnly": {} + }, + "k:{\"mountPath\":\"/usr/local/bin\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {}, + "f:readOnly": {} + }, + "k:{\"mountPath\":\"/var/log/tidb\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {} + } + } + } + }, + "f:dnsPolicy": {}, + "f:enableServiceLinks": {}, + "f:hostname": {}, + "f:restartPolicy": {}, + "f:schedulerName": {}, + "f:securityContext": {}, + "f:subdomain": {}, + "f:terminationGracePeriodSeconds": {}, + "f:volumes": { + ".": {}, + "k:{\"name\":\"annotations\"}": { + ".": {}, + "f:downwardAPI": { + ".": {}, + "f:defaultMode": {}, + "f:items": {} + }, + "f:name": {} + }, + "k:{\"name\":\"config\"}": { + ".": {}, + "f:configMap": { + ".": {}, + "f:defaultMode": {}, + "f:items": {}, + "f:name": {} + }, + "f:name": {} + }, + "k:{\"name\":\"slowlog\"}": { + ".": {}, + "f:emptyDir": {}, + "f:name": {} + }, + "k:{\"name\":\"startup-script\"}": { + ".": {}, + "f:configMap": { + ".": {}, + "f:defaultMode": {}, + "f:items": {}, + "f:name": {} + }, + "f:name": {} + } + } + } + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:22:26+00:00" + }, + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:status": { + "f:conditions": { + ".": {}, + "k:{\"type\":\"PodScheduled\"}": { + ".": {}, + "f:lastProbeTime": {}, + "f:lastTransitionTime": {}, + "f:message": {}, + "f:reason": {}, + "f:status": {}, + "f:type": {} + } + } + } + }, + "manager": "kube-scheduler", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:22:26+00:00" + }, + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:labels": { + "f:tidb.pingcap.com/cluster-id": {} + } + } + }, + "manager": "tidb-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:29:55+00:00" + } + ], + "name": "test-cluster-tidb-2", + "namespace": "acto-namespace", + "owner_references": [ + { + "api_version": "apps/v1", + "block_owner_deletion": true, + "controller": true, + "kind": "StatefulSet", + "name": "test-cluster-tidb", + "uid": "275a96f1-4db6-4070-a665-2df5d784b843" + } + ], + "resource_version": "2732", + "self_link": null, + "uid": "2e5d49fd-c5d9-4a8f-b18f-3a0d431c120c" + }, + "spec": { + "active_deadline_seconds": null, + "affinity": { + "node_affinity": { + "preferred_during_scheduling_ignored_during_execution": null, + "required_during_scheduling_ignored_during_execution": { + "node_selector_terms": [ + { + "match_expressions": [ + { + "key": "kubernetes.io/hostname", + "operator": "In", + "values": [ + "NONE" + ] + } + ], + "match_fields": null + } + ] + } + }, + "pod_affinity": null, + "pod_anti_affinity": null + }, + "automount_service_account_token": null, + "containers": [ + { + "args": null, + "command": [ + "sh", + "-c", + "touch /var/log/tidb/slowlog; tail -n0 -F /var/log/tidb/slowlog;" + ], + "env": null, + "env_from": null, + "image": "busybox:1.34.1", + "image_pull_policy": "IfNotPresent", + "lifecycle": null, + "liveness_probe": null, + "name": "slowlog", + "ports": null, + "readiness_probe": null, + "resources": { + "claims": null, + "limits": null, + "requests": null + }, + "security_context": null, + "startup_probe": null, + "stdin": null, + "stdin_once": null, + "termination_message_path": "/dev/termination-log", + "termination_message_policy": "File", + "tty": null, + "volume_devices": null, + "volume_mounts": [ + { + "mount_path": "/var/log/tidb", + "mount_propagation": null, + "name": "slowlog", + "read_only": null, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/var/run/secrets/kubernetes.io/serviceaccount", + "mount_propagation": null, + "name": "kube-api-access-mplv7", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + } + ], + "working_dir": null + }, + { + "args": null, + "command": [ + "/bin/sh", + "/usr/local/bin/tidb_start_script.sh" + ], + "env": [ + { + "name": "CLUSTER_NAME", + "value": "test-cluster", + "value_from": null + }, + { + "name": "TZ", + "value": "UTC", + "value_from": null + }, + { + "name": "BINLOG_ENABLED", + "value": "false", + "value_from": null + }, + { + "name": "SLOW_LOG_FILE", + "value": "/var/log/tidb/slowlog", + "value_from": null + }, + { + "name": "POD_NAME", + "value": null, + "value_from": { + "config_map_key_ref": null, + "field_ref": { + "api_version": "v1", + "field_path": "metadata.name" + }, + "resource_field_ref": null, + "secret_key_ref": null + } + }, + { + "name": "NAMESPACE", + "value": null, + "value_from": { + "config_map_key_ref": null, + "field_ref": { + "api_version": "v1", + "field_path": "metadata.namespace" + }, + "resource_field_ref": null, + "secret_key_ref": null + } + }, + { + "name": "HEADLESS_SERVICE_NAME", + "value": "test-cluster-tidb-peer", + "value_from": null + } + ], + "env_from": null, + "image": "pingcap/tidb:v5.4.0", + "image_pull_policy": "IfNotPresent", + "lifecycle": null, + "liveness_probe": null, + "name": "tidb", + "ports": [ + { + "container_port": 4000, + "host_ip": null, + "host_port": null, + "name": "server", + "protocol": "TCP" + }, + { + "container_port": 10080, + "host_ip": null, + "host_port": null, + "name": "status", + "protocol": "TCP" + } + ], + "readiness_probe": { + "_exec": null, + "failure_threshold": 3, + "grpc": null, + "http_get": null, + "initial_delay_seconds": 10, + "period_seconds": 10, + "success_threshold": 1, + "tcp_socket": { + "host": null, + "port": 4000 + }, + "termination_grace_period_seconds": null, + "timeout_seconds": 1 + }, + "resources": { + "claims": null, + "limits": null, + "requests": null + }, + "security_context": null, + "startup_probe": null, + "stdin": null, + "stdin_once": null, + "termination_message_path": "/dev/termination-log", + "termination_message_policy": "File", + "tty": null, + "volume_devices": null, + "volume_mounts": [ + { + "mount_path": "/etc/podinfo", + "mount_propagation": null, + "name": "annotations", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/etc/tidb", + "mount_propagation": null, + "name": "config", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/usr/local/bin", + "mount_propagation": null, + "name": "startup-script", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/var/log/tidb", + "mount_propagation": null, + "name": "slowlog", + "read_only": null, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/var/run/secrets/kubernetes.io/serviceaccount", + "mount_propagation": null, + "name": "kube-api-access-mplv7", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + } + ], + "working_dir": null + } + ], + "dns_config": null, + "dns_policy": "ClusterFirst", + "enable_service_links": true, + "ephemeral_containers": null, + "host_aliases": null, + "host_ipc": null, + "host_network": null, + "host_pid": null, + "host_users": null, + "hostname": "test-cluster-tidb-2", + "image_pull_secrets": null, + "init_containers": null, + "node_name": null, + "node_selector": null, + "os": null, + "overhead": null, + "preemption_policy": "PreemptLowerPriority", + "priority": 0, + "priority_class_name": null, + "readiness_gates": null, + "resource_claims": null, + "restart_policy": "Always", + "runtime_class_name": null, + "scheduler_name": "default-scheduler", + "scheduling_gates": null, + "security_context": { + "fs_group": null, + "fs_group_change_policy": null, + "run_as_group": null, + "run_as_non_root": null, + "run_as_user": null, + "se_linux_options": null, + "seccomp_profile": null, + "supplemental_groups": null, + "sysctls": null, + "windows_options": null + }, + "service_account": "default", + "service_account_name": "default", + "set_hostname_as_fqdn": null, + "share_process_namespace": null, + "subdomain": "test-cluster-tidb-peer", + "termination_grace_period_seconds": 30, + "tolerations": [ + { + "effect": "NoExecute", + "key": "node.kubernetes.io/not-ready", + "operator": "Exists", + "toleration_seconds": 300, + "value": null + }, + { + "effect": "NoExecute", + "key": "node.kubernetes.io/unreachable", + "operator": "Exists", + "toleration_seconds": 300, + "value": null + } + ], + "topology_spread_constraints": null, + "volumes": [ + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": { + "default_mode": 420, + "items": [ + { + "field_ref": { + "api_version": "v1", + "field_path": "metadata.annotations" + }, + "mode": null, + "path": "annotations", + "resource_field_ref": null + } + ] + }, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "annotations", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": { + "default_mode": 420, + "items": [ + { + "key": "config-file", + "mode": null, + "path": "tidb.toml" + } + ], + "name": "test-cluster-tidb-6662316", + "optional": null + }, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "config", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": { + "default_mode": 420, + "items": [ + { + "key": "startup-script", + "mode": null, + "path": "tidb_start_script.sh" + } + ], + "name": "test-cluster-tidb-6662316", + "optional": null + }, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "startup-script", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": null, + "empty_dir": { + "medium": null, + "size_limit": null + }, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "slowlog", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "kube-api-access-mplv7", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": { + "default_mode": 420, + "sources": [ + { + "config_map": null, + "downward_api": null, + "secret": null, + "service_account_token": { + "audience": null, + "expiration_seconds": 3607, + "path": "token" + } + }, + { + "config_map": { + "items": [ + { + "key": "ca.crt", + "mode": null, + "path": "ca.crt" + } + ], + "name": "kube-root-ca.crt", + "optional": null + }, + "downward_api": null, + "secret": null, + "service_account_token": null + }, + { + "config_map": null, + "downward_api": { + "items": [ + { + "field_ref": { + "api_version": "v1", + "field_path": "metadata.namespace" + }, + "mode": null, + "path": "namespace", + "resource_field_ref": null + } + ] + }, + "secret": null, + "service_account_token": null + } + ] + }, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + } + ] + }, + "status": { + "conditions": [ + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T01:22:26+00:00", + "message": "0/4 nodes are available: 1 node(s) had untolerated taint {node-role.kubernetes.io/control-plane: }, 3 node(s) didn't match Pod's node affinity/selector. preemption: 0/4 nodes are available: 4 Preemption is not helpful for scheduling..", + "reason": "Unschedulable", + "status": "False", + "type": "PodScheduled" + } + ], + "container_statuses": null, + "ephemeral_container_statuses": null, + "host_ip": null, + "init_container_statuses": null, + "message": null, + "nominated_node_name": null, + "phase": "Pending", + "pod_ip": null, + "pod_i_ps": null, + "qos_class": "BestEffort", + "reason": null, + "start_time": null + } + }, + "test-cluster-tikv-0": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": { + "prometheus.io/path": "/metrics", + "prometheus.io/port": "20180", + "prometheus.io/scrape": "true" + }, + "creation_timestamp": "2024-02-27T01:20:22+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": "test-cluster-tikv-", + "generation": null, + "labels": { + "app.kubernetes.io/component": "tikv", + "app.kubernetes.io/instance": "test-cluster", + "app.kubernetes.io/managed-by": "tidb-operator", + "app.kubernetes.io/name": "tidb-cluster", + "apps.kubernetes.io/pod-index": "0", + "controller-revision-hash": "test-cluster-tikv-797dfd54bf", + "statefulset.kubernetes.io/pod-name": "test-cluster-tikv-0", + "tidb.pingcap.com/cluster-id": "7340085439264123903", + "tidb.pingcap.com/store-id": "5" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + ".": {}, + "f:prometheus.io/path": {}, + "f:prometheus.io/port": {}, + "f:prometheus.io/scrape": {} + }, + "f:generateName": {}, + "f:labels": { + ".": {}, + "f:app.kubernetes.io/component": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {}, + "f:apps.kubernetes.io/pod-index": {}, + "f:controller-revision-hash": {}, + "f:statefulset.kubernetes.io/pod-name": {} + }, + "f:ownerReferences": { + ".": {}, + "k:{\"uid\":\"0ef3c69e-a6cc-4a35-915f-a63fca1b67f8\"}": {} + } + }, + "f:spec": { + "f:containers": { + "k:{\"name\":\"raftlog\"}": { + ".": {}, + "f:command": {}, + "f:image": {}, + "f:imagePullPolicy": {}, + "f:name": {}, + "f:resources": {}, + "f:terminationMessagePath": {}, + "f:terminationMessagePolicy": {}, + "f:volumeMounts": { + ".": {}, + "k:{\"mountPath\":\"/var/lib/tikv\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {} + } + } + }, + "k:{\"name\":\"tikv\"}": { + ".": {}, + "f:command": {}, + "f:env": { + ".": {}, + "k:{\"name\":\"CAPACITY\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"CLUSTER_NAME\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"HEADLESS_SERVICE_NAME\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"NAMESPACE\"}": { + ".": {}, + "f:name": {}, + "f:valueFrom": { + ".": {}, + "f:fieldRef": {} + } + }, + "k:{\"name\":\"TZ\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + } + }, + "f:image": {}, + "f:imagePullPolicy": {}, + "f:name": {}, + "f:ports": { + ".": {}, + "k:{\"containerPort\":20160,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + } + }, + "f:resources": {}, + "f:securityContext": { + ".": {}, + "f:privileged": {} + }, + "f:terminationMessagePath": {}, + "f:terminationMessagePolicy": {}, + "f:volumeMounts": { + ".": {}, + "k:{\"mountPath\":\"/etc/podinfo\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {}, + "f:readOnly": {} + }, + "k:{\"mountPath\":\"/etc/tikv\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {}, + "f:readOnly": {} + }, + "k:{\"mountPath\":\"/usr/local/bin\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {}, + "f:readOnly": {} + }, + "k:{\"mountPath\":\"/var/lib/tikv\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {} + } + } + } + }, + "f:dnsPolicy": {}, + "f:enableServiceLinks": {}, + "f:hostname": {}, + "f:restartPolicy": {}, + "f:schedulerName": {}, + "f:securityContext": {}, + "f:subdomain": {}, + "f:terminationGracePeriodSeconds": {}, + "f:volumes": { + ".": {}, + "k:{\"name\":\"annotations\"}": { + ".": {}, + "f:downwardAPI": { + ".": {}, + "f:defaultMode": {}, + "f:items": {} + }, + "f:name": {} + }, + "k:{\"name\":\"config\"}": { + ".": {}, + "f:configMap": { + ".": {}, + "f:defaultMode": {}, + "f:items": {}, + "f:name": {} + }, + "f:name": {} + }, + "k:{\"name\":\"startup-script\"}": { + ".": {}, + "f:configMap": { + ".": {}, + "f:defaultMode": {}, + "f:items": {}, + "f:name": {} + }, + "f:name": {} + }, + "k:{\"name\":\"tikv\"}": { + ".": {}, + "f:name": {}, + "f:persistentVolumeClaim": { + ".": {}, + "f:claimName": {} + } + } + } + } + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:22+00:00" + }, + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:status": { + "f:conditions": { + "k:{\"type\":\"ContainersReady\"}": { + ".": {}, + "f:lastProbeTime": {}, + "f:lastTransitionTime": {}, + "f:status": {}, + "f:type": {} + }, + "k:{\"type\":\"Initialized\"}": { + ".": {}, + "f:lastProbeTime": {}, + "f:lastTransitionTime": {}, + "f:status": {}, + "f:type": {} + }, + "k:{\"type\":\"Ready\"}": { + ".": {}, + "f:lastProbeTime": {}, + "f:lastTransitionTime": {}, + "f:status": {}, + "f:type": {} + } + }, + "f:containerStatuses": {}, + "f:hostIP": {}, + "f:phase": {}, + "f:podIP": {}, + "f:podIPs": { + ".": {}, + "k:{\"ip\":\"10.244.2.7\"}": { + ".": {}, + "f:ip": {} + } + }, + "f:startTime": {} + } + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:27+00:00" + }, + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:labels": { + "f:tidb.pingcap.com/cluster-id": {}, + "f:tidb.pingcap.com/store-id": {} + } + } + }, + "manager": "tidb-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:53+00:00" + } + ], + "name": "test-cluster-tikv-0", + "namespace": "acto-namespace", + "owner_references": [ + { + "api_version": "apps/v1", + "block_owner_deletion": true, + "controller": true, + "kind": "StatefulSet", + "name": "test-cluster-tikv", + "uid": "0ef3c69e-a6cc-4a35-915f-a63fca1b67f8" + } + ], + "resource_version": "1384", + "self_link": null, + "uid": "ebc480d7-eef9-48ca-8d1f-31c413ae8bab" + }, + "spec": { + "active_deadline_seconds": null, + "affinity": null, + "automount_service_account_token": null, + "containers": [ + { + "args": null, + "command": [ + "sh", + "-c", + "touch /var/lib/tikv/raftdb.info; tail -n0 -F /var/lib/tikv/raftdb.info;" + ], + "env": null, + "env_from": null, + "image": "busybox:1.34.1", + "image_pull_policy": "IfNotPresent", + "lifecycle": null, + "liveness_probe": null, + "name": "raftlog", + "ports": null, + "readiness_probe": null, + "resources": { + "claims": null, + "limits": null, + "requests": null + }, + "security_context": null, + "startup_probe": null, + "stdin": null, + "stdin_once": null, + "termination_message_path": "/dev/termination-log", + "termination_message_policy": "File", + "tty": null, + "volume_devices": null, + "volume_mounts": [ + { + "mount_path": "/var/lib/tikv", + "mount_propagation": null, + "name": "tikv", + "read_only": null, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/var/run/secrets/kubernetes.io/serviceaccount", + "mount_propagation": null, + "name": "kube-api-access-5khkx", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + } + ], + "working_dir": null + }, + { + "args": null, + "command": [ + "/bin/sh", + "/usr/local/bin/tikv_start_script.sh" + ], + "env": [ + { + "name": "NAMESPACE", + "value": null, + "value_from": { + "config_map_key_ref": null, + "field_ref": { + "api_version": "v1", + "field_path": "metadata.namespace" + }, + "resource_field_ref": null, + "secret_key_ref": null + } + }, + { + "name": "CLUSTER_NAME", + "value": "test-cluster", + "value_from": null + }, + { + "name": "HEADLESS_SERVICE_NAME", + "value": "test-cluster-tikv-peer", + "value_from": null + }, + { + "name": "CAPACITY", + "value": "0", + "value_from": null + }, + { + "name": "TZ", + "value": "UTC", + "value_from": null + } + ], + "env_from": null, + "image": "pingcap/tikv:v5.4.0", + "image_pull_policy": "IfNotPresent", + "lifecycle": null, + "liveness_probe": null, + "name": "tikv", + "ports": [ + { + "container_port": 20160, + "host_ip": null, + "host_port": null, + "name": "server", + "protocol": "TCP" + } + ], + "readiness_probe": null, + "resources": { + "claims": null, + "limits": null, + "requests": null + }, + "security_context": { + "allow_privilege_escalation": null, + "capabilities": null, + "privileged": false, + "proc_mount": null, + "read_only_root_filesystem": null, + "run_as_group": null, + "run_as_non_root": null, + "run_as_user": null, + "se_linux_options": null, + "seccomp_profile": null, + "windows_options": null + }, + "startup_probe": null, + "stdin": null, + "stdin_once": null, + "termination_message_path": "/dev/termination-log", + "termination_message_policy": "File", + "tty": null, + "volume_devices": null, + "volume_mounts": [ + { + "mount_path": "/etc/podinfo", + "mount_propagation": null, + "name": "annotations", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/var/lib/tikv", + "mount_propagation": null, + "name": "tikv", + "read_only": null, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/etc/tikv", + "mount_propagation": null, + "name": "config", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/usr/local/bin", + "mount_propagation": null, + "name": "startup-script", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/var/run/secrets/kubernetes.io/serviceaccount", + "mount_propagation": null, + "name": "kube-api-access-5khkx", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + } + ], + "working_dir": null + } + ], + "dns_config": null, + "dns_policy": "ClusterFirst", + "enable_service_links": true, + "ephemeral_containers": null, + "host_aliases": null, + "host_ipc": null, + "host_network": null, + "host_pid": null, + "host_users": null, + "hostname": "test-cluster-tikv-0", + "image_pull_secrets": null, + "init_containers": null, + "node_name": "acto-0-cluster-0-worker2", + "node_selector": null, + "os": null, + "overhead": null, + "preemption_policy": "PreemptLowerPriority", + "priority": 0, + "priority_class_name": null, + "readiness_gates": null, + "resource_claims": null, + "restart_policy": "Always", + "runtime_class_name": null, + "scheduler_name": "default-scheduler", + "scheduling_gates": null, + "security_context": { + "fs_group": null, + "fs_group_change_policy": null, + "run_as_group": null, + "run_as_non_root": null, + "run_as_user": null, + "se_linux_options": null, + "seccomp_profile": null, + "supplemental_groups": null, + "sysctls": null, + "windows_options": null + }, + "service_account": "default", + "service_account_name": "default", + "set_hostname_as_fqdn": null, + "share_process_namespace": null, + "subdomain": "test-cluster-tikv-peer", + "termination_grace_period_seconds": 30, + "tolerations": [ + { + "effect": "NoExecute", + "key": "node.kubernetes.io/not-ready", + "operator": "Exists", + "toleration_seconds": 300, + "value": null + }, + { + "effect": "NoExecute", + "key": "node.kubernetes.io/unreachable", + "operator": "Exists", + "toleration_seconds": 300, + "value": null + } + ], + "topology_spread_constraints": null, + "volumes": [ + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "tikv", + "nfs": null, + "persistent_volume_claim": { + "claim_name": "tikv-test-cluster-tikv-0", + "read_only": null + }, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": { + "default_mode": 420, + "items": [ + { + "field_ref": { + "api_version": "v1", + "field_path": "metadata.annotations" + }, + "mode": null, + "path": "annotations", + "resource_field_ref": null + } + ] + }, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "annotations", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": { + "default_mode": 420, + "items": [ + { + "key": "config-file", + "mode": null, + "path": "tikv.toml" + } + ], + "name": "test-cluster-tikv-3831336", + "optional": null + }, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "config", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": { + "default_mode": 420, + "items": [ + { + "key": "startup-script", + "mode": null, + "path": "tikv_start_script.sh" + } + ], + "name": "test-cluster-tikv-3831336", + "optional": null + }, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "startup-script", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "kube-api-access-5khkx", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": { + "default_mode": 420, + "sources": [ + { + "config_map": null, + "downward_api": null, + "secret": null, + "service_account_token": { + "audience": null, + "expiration_seconds": 3607, + "path": "token" + } + }, + { + "config_map": { + "items": [ + { + "key": "ca.crt", + "mode": null, + "path": "ca.crt" + } + ], + "name": "kube-root-ca.crt", + "optional": null + }, + "downward_api": null, + "secret": null, + "service_account_token": null + }, + { + "config_map": null, + "downward_api": { + "items": [ + { + "field_ref": { + "api_version": "v1", + "field_path": "metadata.namespace" + }, + "mode": null, + "path": "namespace", + "resource_field_ref": null + } + ] + }, + "secret": null, + "service_account_token": null + } + ] + }, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + } + ] + }, + "status": { + "conditions": [ + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T01:20:26+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "Initialized" + }, + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T01:20:27+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "Ready" + }, + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T01:20:27+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "ContainersReady" + }, + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T01:20:26+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "PodScheduled" + } + ], + "container_statuses": [ + { + "container_id": "containerd://df4daa47dd320abba4bc8728d6330bef46c1bf0636c96a7d259c383acfbdc5e1", + "image": "docker.io/library/busybox:1.34.1", + "image_id": "docker.io/library/import-2024-02-27@sha256:c4d04d75f4fed737c946055f12e8eae66b6272e59afc5c9ed865428d7c215dad", + "last_state": { + "running": null, + "terminated": null, + "waiting": null + }, + "name": "raftlog", + "ready": true, + "restart_count": 0, + "started": true, + "state": { + "running": { + "started_at": "2024-02-27T01:20:26+00:00" + }, + "terminated": null, + "waiting": null + } + }, + { + "container_id": "containerd://c7aed758922ca184352acd913f730d982841dedd2461ef6574289f6d6f11c22b", + "image": "docker.io/pingcap/tikv:v5.4.0", + "image_id": "docker.io/library/import-2024-02-27@sha256:6a5cc1deaa123c842cd3537ed4e322ce7e9ab42b8f45ee1d59dd0a7520ca6acc", + "last_state": { + "running": null, + "terminated": null, + "waiting": null + }, + "name": "tikv", + "ready": true, + "restart_count": 0, + "started": true, + "state": { + "running": { + "started_at": "2024-02-27T01:20:27+00:00" + }, + "terminated": null, + "waiting": null + } + } + ], + "ephemeral_container_statuses": null, + "host_ip": "172.18.0.5", + "init_container_statuses": null, + "message": null, + "nominated_node_name": null, + "phase": "Running", + "pod_ip": "10.244.2.7", + "pod_i_ps": [ + { + "ip": "10.244.2.7" + } + ], + "qos_class": "BestEffort", + "reason": null, + "start_time": "2024-02-27T01:20:26+00:00" + } + }, + "test-cluster-tikv-1": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": { + "prometheus.io/path": "/metrics", + "prometheus.io/port": "20180", + "prometheus.io/scrape": "true" + }, + "creation_timestamp": "2024-02-27T01:20:22+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": "test-cluster-tikv-", + "generation": null, + "labels": { + "app.kubernetes.io/component": "tikv", + "app.kubernetes.io/instance": "test-cluster", + "app.kubernetes.io/managed-by": "tidb-operator", + "app.kubernetes.io/name": "tidb-cluster", + "apps.kubernetes.io/pod-index": "1", + "controller-revision-hash": "test-cluster-tikv-797dfd54bf", + "statefulset.kubernetes.io/pod-name": "test-cluster-tikv-1", + "tidb.pingcap.com/cluster-id": "7340085439264123903", + "tidb.pingcap.com/store-id": "1" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + ".": {}, + "f:prometheus.io/path": {}, + "f:prometheus.io/port": {}, + "f:prometheus.io/scrape": {} + }, + "f:generateName": {}, + "f:labels": { + ".": {}, + "f:app.kubernetes.io/component": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {}, + "f:apps.kubernetes.io/pod-index": {}, + "f:controller-revision-hash": {}, + "f:statefulset.kubernetes.io/pod-name": {} + }, + "f:ownerReferences": { + ".": {}, + "k:{\"uid\":\"0ef3c69e-a6cc-4a35-915f-a63fca1b67f8\"}": {} + } + }, + "f:spec": { + "f:containers": { + "k:{\"name\":\"raftlog\"}": { + ".": {}, + "f:command": {}, + "f:image": {}, + "f:imagePullPolicy": {}, + "f:name": {}, + "f:resources": {}, + "f:terminationMessagePath": {}, + "f:terminationMessagePolicy": {}, + "f:volumeMounts": { + ".": {}, + "k:{\"mountPath\":\"/var/lib/tikv\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {} + } + } + }, + "k:{\"name\":\"tikv\"}": { + ".": {}, + "f:command": {}, + "f:env": { + ".": {}, + "k:{\"name\":\"CAPACITY\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"CLUSTER_NAME\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"HEADLESS_SERVICE_NAME\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"NAMESPACE\"}": { + ".": {}, + "f:name": {}, + "f:valueFrom": { + ".": {}, + "f:fieldRef": {} + } + }, + "k:{\"name\":\"TZ\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + } + }, + "f:image": {}, + "f:imagePullPolicy": {}, + "f:name": {}, + "f:ports": { + ".": {}, + "k:{\"containerPort\":20160,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + } + }, + "f:resources": {}, + "f:securityContext": { + ".": {}, + "f:privileged": {} + }, + "f:terminationMessagePath": {}, + "f:terminationMessagePolicy": {}, + "f:volumeMounts": { + ".": {}, + "k:{\"mountPath\":\"/etc/podinfo\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {}, + "f:readOnly": {} + }, + "k:{\"mountPath\":\"/etc/tikv\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {}, + "f:readOnly": {} + }, + "k:{\"mountPath\":\"/usr/local/bin\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {}, + "f:readOnly": {} + }, + "k:{\"mountPath\":\"/var/lib/tikv\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {} + } + } + } + }, + "f:dnsPolicy": {}, + "f:enableServiceLinks": {}, + "f:hostname": {}, + "f:restartPolicy": {}, + "f:schedulerName": {}, + "f:securityContext": {}, + "f:subdomain": {}, + "f:terminationGracePeriodSeconds": {}, + "f:volumes": { + ".": {}, + "k:{\"name\":\"annotations\"}": { + ".": {}, + "f:downwardAPI": { + ".": {}, + "f:defaultMode": {}, + "f:items": {} + }, + "f:name": {} + }, + "k:{\"name\":\"config\"}": { + ".": {}, + "f:configMap": { + ".": {}, + "f:defaultMode": {}, + "f:items": {}, + "f:name": {} + }, + "f:name": {} + }, + "k:{\"name\":\"startup-script\"}": { + ".": {}, + "f:configMap": { + ".": {}, + "f:defaultMode": {}, + "f:items": {}, + "f:name": {} + }, + "f:name": {} + }, + "k:{\"name\":\"tikv\"}": { + ".": {}, + "f:name": {}, + "f:persistentVolumeClaim": { + ".": {}, + "f:claimName": {} + } + } + } + } + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:22+00:00" + }, + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:status": { + "f:conditions": { + "k:{\"type\":\"ContainersReady\"}": { + ".": {}, + "f:lastProbeTime": {}, + "f:lastTransitionTime": {}, + "f:status": {}, + "f:type": {} + }, + "k:{\"type\":\"Initialized\"}": { + ".": {}, + "f:lastProbeTime": {}, + "f:lastTransitionTime": {}, + "f:status": {}, + "f:type": {} + }, + "k:{\"type\":\"Ready\"}": { + ".": {}, + "f:lastProbeTime": {}, + "f:lastTransitionTime": {}, + "f:status": {}, + "f:type": {} + } + }, + "f:containerStatuses": {}, + "f:hostIP": {}, + "f:phase": {}, + "f:podIP": {}, + "f:podIPs": { + ".": {}, + "k:{\"ip\":\"10.244.1.6\"}": { + ".": {}, + "f:ip": {} + } + }, + "f:startTime": {} + } + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:26+00:00" + }, + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:labels": { + "f:tidb.pingcap.com/cluster-id": {}, + "f:tidb.pingcap.com/store-id": {} + } + } + }, + "manager": "tidb-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:53+00:00" + } + ], + "name": "test-cluster-tikv-1", + "namespace": "acto-namespace", + "owner_references": [ + { + "api_version": "apps/v1", + "block_owner_deletion": true, + "controller": true, + "kind": "StatefulSet", + "name": "test-cluster-tikv", + "uid": "0ef3c69e-a6cc-4a35-915f-a63fca1b67f8" + } + ], + "resource_version": "1402", + "self_link": null, + "uid": "fe7fca3f-2c5a-406e-856b-3b0bec9e4bfc" + }, + "spec": { + "active_deadline_seconds": null, + "affinity": null, + "automount_service_account_token": null, + "containers": [ + { + "args": null, + "command": [ + "sh", + "-c", + "touch /var/lib/tikv/raftdb.info; tail -n0 -F /var/lib/tikv/raftdb.info;" + ], + "env": null, + "env_from": null, + "image": "busybox:1.34.1", + "image_pull_policy": "IfNotPresent", + "lifecycle": null, + "liveness_probe": null, + "name": "raftlog", + "ports": null, + "readiness_probe": null, + "resources": { + "claims": null, + "limits": null, + "requests": null + }, + "security_context": null, + "startup_probe": null, + "stdin": null, + "stdin_once": null, + "termination_message_path": "/dev/termination-log", + "termination_message_policy": "File", + "tty": null, + "volume_devices": null, + "volume_mounts": [ + { + "mount_path": "/var/lib/tikv", + "mount_propagation": null, + "name": "tikv", + "read_only": null, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/var/run/secrets/kubernetes.io/serviceaccount", + "mount_propagation": null, + "name": "kube-api-access-5s7tz", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + } + ], + "working_dir": null + }, + { + "args": null, + "command": [ + "/bin/sh", + "/usr/local/bin/tikv_start_script.sh" + ], + "env": [ + { + "name": "NAMESPACE", + "value": null, + "value_from": { + "config_map_key_ref": null, + "field_ref": { + "api_version": "v1", + "field_path": "metadata.namespace" + }, + "resource_field_ref": null, + "secret_key_ref": null + } + }, + { + "name": "CLUSTER_NAME", + "value": "test-cluster", + "value_from": null + }, + { + "name": "HEADLESS_SERVICE_NAME", + "value": "test-cluster-tikv-peer", + "value_from": null + }, + { + "name": "CAPACITY", + "value": "0", + "value_from": null + }, + { + "name": "TZ", + "value": "UTC", + "value_from": null + } + ], + "env_from": null, + "image": "pingcap/tikv:v5.4.0", + "image_pull_policy": "IfNotPresent", + "lifecycle": null, + "liveness_probe": null, + "name": "tikv", + "ports": [ + { + "container_port": 20160, + "host_ip": null, + "host_port": null, + "name": "server", + "protocol": "TCP" + } + ], + "readiness_probe": null, + "resources": { + "claims": null, + "limits": null, + "requests": null + }, + "security_context": { + "allow_privilege_escalation": null, + "capabilities": null, + "privileged": false, + "proc_mount": null, + "read_only_root_filesystem": null, + "run_as_group": null, + "run_as_non_root": null, + "run_as_user": null, + "se_linux_options": null, + "seccomp_profile": null, + "windows_options": null + }, + "startup_probe": null, + "stdin": null, + "stdin_once": null, + "termination_message_path": "/dev/termination-log", + "termination_message_policy": "File", + "tty": null, + "volume_devices": null, + "volume_mounts": [ + { + "mount_path": "/etc/podinfo", + "mount_propagation": null, + "name": "annotations", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/var/lib/tikv", + "mount_propagation": null, + "name": "tikv", + "read_only": null, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/etc/tikv", + "mount_propagation": null, + "name": "config", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/usr/local/bin", + "mount_propagation": null, + "name": "startup-script", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/var/run/secrets/kubernetes.io/serviceaccount", + "mount_propagation": null, + "name": "kube-api-access-5s7tz", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + } + ], + "working_dir": null + } + ], + "dns_config": null, + "dns_policy": "ClusterFirst", + "enable_service_links": true, + "ephemeral_containers": null, + "host_aliases": null, + "host_ipc": null, + "host_network": null, + "host_pid": null, + "host_users": null, + "hostname": "test-cluster-tikv-1", + "image_pull_secrets": null, + "init_containers": null, + "node_name": "acto-0-cluster-0-worker", + "node_selector": null, + "os": null, + "overhead": null, + "preemption_policy": "PreemptLowerPriority", + "priority": 0, + "priority_class_name": null, + "readiness_gates": null, + "resource_claims": null, + "restart_policy": "Always", + "runtime_class_name": null, + "scheduler_name": "default-scheduler", + "scheduling_gates": null, + "security_context": { + "fs_group": null, + "fs_group_change_policy": null, + "run_as_group": null, + "run_as_non_root": null, + "run_as_user": null, + "se_linux_options": null, + "seccomp_profile": null, + "supplemental_groups": null, + "sysctls": null, + "windows_options": null + }, + "service_account": "default", + "service_account_name": "default", + "set_hostname_as_fqdn": null, + "share_process_namespace": null, + "subdomain": "test-cluster-tikv-peer", + "termination_grace_period_seconds": 30, + "tolerations": [ + { + "effect": "NoExecute", + "key": "node.kubernetes.io/not-ready", + "operator": "Exists", + "toleration_seconds": 300, + "value": null + }, + { + "effect": "NoExecute", + "key": "node.kubernetes.io/unreachable", + "operator": "Exists", + "toleration_seconds": 300, + "value": null + } + ], + "topology_spread_constraints": null, + "volumes": [ + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "tikv", + "nfs": null, + "persistent_volume_claim": { + "claim_name": "tikv-test-cluster-tikv-1", + "read_only": null + }, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": { + "default_mode": 420, + "items": [ + { + "field_ref": { + "api_version": "v1", + "field_path": "metadata.annotations" + }, + "mode": null, + "path": "annotations", + "resource_field_ref": null + } + ] + }, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "annotations", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": { + "default_mode": 420, + "items": [ + { + "key": "config-file", + "mode": null, + "path": "tikv.toml" + } + ], + "name": "test-cluster-tikv-3831336", + "optional": null + }, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "config", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": { + "default_mode": 420, + "items": [ + { + "key": "startup-script", + "mode": null, + "path": "tikv_start_script.sh" + } + ], + "name": "test-cluster-tikv-3831336", + "optional": null + }, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "startup-script", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "kube-api-access-5s7tz", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": { + "default_mode": 420, + "sources": [ + { + "config_map": null, + "downward_api": null, + "secret": null, + "service_account_token": { + "audience": null, + "expiration_seconds": 3607, + "path": "token" + } + }, + { + "config_map": { + "items": [ + { + "key": "ca.crt", + "mode": null, + "path": "ca.crt" + } + ], + "name": "kube-root-ca.crt", + "optional": null + }, + "downward_api": null, + "secret": null, + "service_account_token": null + }, + { + "config_map": null, + "downward_api": { + "items": [ + { + "field_ref": { + "api_version": "v1", + "field_path": "metadata.namespace" + }, + "mode": null, + "path": "namespace", + "resource_field_ref": null + } + ] + }, + "secret": null, + "service_account_token": null + } + ] + }, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + } + ] + }, + "status": { + "conditions": [ + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T01:20:25+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "Initialized" + }, + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T01:20:26+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "Ready" + }, + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T01:20:26+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "ContainersReady" + }, + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T01:20:25+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "PodScheduled" + } + ], + "container_statuses": [ + { + "container_id": "containerd://2a903ff218205ca1847d4a658fd553f9f83105cae8e452a0ab49a45a9cb519aa", + "image": "docker.io/library/busybox:1.34.1", + "image_id": "docker.io/library/import-2024-02-27@sha256:c4d04d75f4fed737c946055f12e8eae66b6272e59afc5c9ed865428d7c215dad", + "last_state": { + "running": null, + "terminated": null, + "waiting": null + }, + "name": "raftlog", + "ready": true, + "restart_count": 0, + "started": true, + "state": { + "running": { + "started_at": "2024-02-27T01:20:25+00:00" + }, + "terminated": null, + "waiting": null + } + }, + { + "container_id": "containerd://e1f2bab2135a4fc029b9b2e4b8bb1277707a8d62f0459081cbf008887a9f1ae1", + "image": "docker.io/pingcap/tikv:v5.4.0", + "image_id": "docker.io/library/import-2024-02-27@sha256:6a5cc1deaa123c842cd3537ed4e322ce7e9ab42b8f45ee1d59dd0a7520ca6acc", + "last_state": { + "running": null, + "terminated": null, + "waiting": null + }, + "name": "tikv", + "ready": true, + "restart_count": 0, + "started": true, + "state": { + "running": { + "started_at": "2024-02-27T01:20:26+00:00" + }, + "terminated": null, + "waiting": null + } + } + ], + "ephemeral_container_statuses": null, + "host_ip": "172.18.0.2", + "init_container_statuses": null, + "message": null, + "nominated_node_name": null, + "phase": "Running", + "pod_ip": "10.244.1.6", + "pod_i_ps": [ + { + "ip": "10.244.1.6" + } + ], + "qos_class": "BestEffort", + "reason": null, + "start_time": "2024-02-27T01:20:25+00:00" + } + }, + "test-cluster-tikv-2": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": { + "prometheus.io/path": "/metrics", + "prometheus.io/port": "20180", + "prometheus.io/scrape": "true" + }, + "creation_timestamp": "2024-02-27T01:20:22+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": "test-cluster-tikv-", + "generation": null, + "labels": { + "app.kubernetes.io/component": "tikv", + "app.kubernetes.io/instance": "test-cluster", + "app.kubernetes.io/managed-by": "tidb-operator", + "app.kubernetes.io/name": "tidb-cluster", + "apps.kubernetes.io/pod-index": "2", + "controller-revision-hash": "test-cluster-tikv-797dfd54bf", + "statefulset.kubernetes.io/pod-name": "test-cluster-tikv-2", + "tidb.pingcap.com/cluster-id": "7340085439264123903", + "tidb.pingcap.com/store-id": "4" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + ".": {}, + "f:prometheus.io/path": {}, + "f:prometheus.io/port": {}, + "f:prometheus.io/scrape": {} + }, + "f:generateName": {}, + "f:labels": { + ".": {}, + "f:app.kubernetes.io/component": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {}, + "f:apps.kubernetes.io/pod-index": {}, + "f:controller-revision-hash": {}, + "f:statefulset.kubernetes.io/pod-name": {} + }, + "f:ownerReferences": { + ".": {}, + "k:{\"uid\":\"0ef3c69e-a6cc-4a35-915f-a63fca1b67f8\"}": {} + } + }, + "f:spec": { + "f:containers": { + "k:{\"name\":\"raftlog\"}": { + ".": {}, + "f:command": {}, + "f:image": {}, + "f:imagePullPolicy": {}, + "f:name": {}, + "f:resources": {}, + "f:terminationMessagePath": {}, + "f:terminationMessagePolicy": {}, + "f:volumeMounts": { + ".": {}, + "k:{\"mountPath\":\"/var/lib/tikv\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {} + } + } + }, + "k:{\"name\":\"tikv\"}": { + ".": {}, + "f:command": {}, + "f:env": { + ".": {}, + "k:{\"name\":\"CAPACITY\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"CLUSTER_NAME\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"HEADLESS_SERVICE_NAME\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"NAMESPACE\"}": { + ".": {}, + "f:name": {}, + "f:valueFrom": { + ".": {}, + "f:fieldRef": {} + } + }, + "k:{\"name\":\"TZ\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + } + }, + "f:image": {}, + "f:imagePullPolicy": {}, + "f:name": {}, + "f:ports": { + ".": {}, + "k:{\"containerPort\":20160,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + } + }, + "f:resources": {}, + "f:securityContext": { + ".": {}, + "f:privileged": {} + }, + "f:terminationMessagePath": {}, + "f:terminationMessagePolicy": {}, + "f:volumeMounts": { + ".": {}, + "k:{\"mountPath\":\"/etc/podinfo\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {}, + "f:readOnly": {} + }, + "k:{\"mountPath\":\"/etc/tikv\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {}, + "f:readOnly": {} + }, + "k:{\"mountPath\":\"/usr/local/bin\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {}, + "f:readOnly": {} + }, + "k:{\"mountPath\":\"/var/lib/tikv\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {} + } + } + } + }, + "f:dnsPolicy": {}, + "f:enableServiceLinks": {}, + "f:hostname": {}, + "f:restartPolicy": {}, + "f:schedulerName": {}, + "f:securityContext": {}, + "f:subdomain": {}, + "f:terminationGracePeriodSeconds": {}, + "f:volumes": { + ".": {}, + "k:{\"name\":\"annotations\"}": { + ".": {}, + "f:downwardAPI": { + ".": {}, + "f:defaultMode": {}, + "f:items": {} + }, + "f:name": {} + }, + "k:{\"name\":\"config\"}": { + ".": {}, + "f:configMap": { + ".": {}, + "f:defaultMode": {}, + "f:items": {}, + "f:name": {} + }, + "f:name": {} + }, + "k:{\"name\":\"startup-script\"}": { + ".": {}, + "f:configMap": { + ".": {}, + "f:defaultMode": {}, + "f:items": {}, + "f:name": {} + }, + "f:name": {} + }, + "k:{\"name\":\"tikv\"}": { + ".": {}, + "f:name": {}, + "f:persistentVolumeClaim": { + ".": {}, + "f:claimName": {} + } + } + } + } + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:22+00:00" + }, + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:status": { + "f:conditions": { + "k:{\"type\":\"ContainersReady\"}": { + ".": {}, + "f:lastProbeTime": {}, + "f:lastTransitionTime": {}, + "f:status": {}, + "f:type": {} + }, + "k:{\"type\":\"Initialized\"}": { + ".": {}, + "f:lastProbeTime": {}, + "f:lastTransitionTime": {}, + "f:status": {}, + "f:type": {} + }, + "k:{\"type\":\"Ready\"}": { + ".": {}, + "f:lastProbeTime": {}, + "f:lastTransitionTime": {}, + "f:status": {}, + "f:type": {} + } + }, + "f:containerStatuses": {}, + "f:hostIP": {}, + "f:phase": {}, + "f:podIP": {}, + "f:podIPs": { + ".": {}, + "k:{\"ip\":\"10.244.3.7\"}": { + ".": {}, + "f:ip": {} + } + }, + "f:startTime": {} + } + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:26+00:00" + }, + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:labels": { + "f:tidb.pingcap.com/cluster-id": {}, + "f:tidb.pingcap.com/store-id": {} + } + } + }, + "manager": "tidb-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:54+00:00" + } + ], + "name": "test-cluster-tikv-2", + "namespace": "acto-namespace", + "owner_references": [ + { + "api_version": "apps/v1", + "block_owner_deletion": true, + "controller": true, + "kind": "StatefulSet", + "name": "test-cluster-tikv", + "uid": "0ef3c69e-a6cc-4a35-915f-a63fca1b67f8" + } + ], + "resource_version": "1406", + "self_link": null, + "uid": "15df53c3-220b-48c9-82e6-5bde9ad0ef90" + }, + "spec": { + "active_deadline_seconds": null, + "affinity": null, + "automount_service_account_token": null, + "containers": [ + { + "args": null, + "command": [ + "sh", + "-c", + "touch /var/lib/tikv/raftdb.info; tail -n0 -F /var/lib/tikv/raftdb.info;" + ], + "env": null, + "env_from": null, + "image": "busybox:1.34.1", + "image_pull_policy": "IfNotPresent", + "lifecycle": null, + "liveness_probe": null, + "name": "raftlog", + "ports": null, + "readiness_probe": null, + "resources": { + "claims": null, + "limits": null, + "requests": null + }, + "security_context": null, + "startup_probe": null, + "stdin": null, + "stdin_once": null, + "termination_message_path": "/dev/termination-log", + "termination_message_policy": "File", + "tty": null, + "volume_devices": null, + "volume_mounts": [ + { + "mount_path": "/var/lib/tikv", + "mount_propagation": null, + "name": "tikv", + "read_only": null, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/var/run/secrets/kubernetes.io/serviceaccount", + "mount_propagation": null, + "name": "kube-api-access-b2gzd", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + } + ], + "working_dir": null + }, + { + "args": null, + "command": [ + "/bin/sh", + "/usr/local/bin/tikv_start_script.sh" + ], + "env": [ + { + "name": "NAMESPACE", + "value": null, + "value_from": { + "config_map_key_ref": null, + "field_ref": { + "api_version": "v1", + "field_path": "metadata.namespace" + }, + "resource_field_ref": null, + "secret_key_ref": null + } + }, + { + "name": "CLUSTER_NAME", + "value": "test-cluster", + "value_from": null + }, + { + "name": "HEADLESS_SERVICE_NAME", + "value": "test-cluster-tikv-peer", + "value_from": null + }, + { + "name": "CAPACITY", + "value": "0", + "value_from": null + }, + { + "name": "TZ", + "value": "UTC", + "value_from": null + } + ], + "env_from": null, + "image": "pingcap/tikv:v5.4.0", + "image_pull_policy": "IfNotPresent", + "lifecycle": null, + "liveness_probe": null, + "name": "tikv", + "ports": [ + { + "container_port": 20160, + "host_ip": null, + "host_port": null, + "name": "server", + "protocol": "TCP" + } + ], + "readiness_probe": null, + "resources": { + "claims": null, + "limits": null, + "requests": null + }, + "security_context": { + "allow_privilege_escalation": null, + "capabilities": null, + "privileged": false, + "proc_mount": null, + "read_only_root_filesystem": null, + "run_as_group": null, + "run_as_non_root": null, + "run_as_user": null, + "se_linux_options": null, + "seccomp_profile": null, + "windows_options": null + }, + "startup_probe": null, + "stdin": null, + "stdin_once": null, + "termination_message_path": "/dev/termination-log", + "termination_message_policy": "File", + "tty": null, + "volume_devices": null, + "volume_mounts": [ + { + "mount_path": "/etc/podinfo", + "mount_propagation": null, + "name": "annotations", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/var/lib/tikv", + "mount_propagation": null, + "name": "tikv", + "read_only": null, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/etc/tikv", + "mount_propagation": null, + "name": "config", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/usr/local/bin", + "mount_propagation": null, + "name": "startup-script", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/var/run/secrets/kubernetes.io/serviceaccount", + "mount_propagation": null, + "name": "kube-api-access-b2gzd", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + } + ], + "working_dir": null + } + ], + "dns_config": null, + "dns_policy": "ClusterFirst", + "enable_service_links": true, + "ephemeral_containers": null, + "host_aliases": null, + "host_ipc": null, + "host_network": null, + "host_pid": null, + "host_users": null, + "hostname": "test-cluster-tikv-2", + "image_pull_secrets": null, + "init_containers": null, + "node_name": "acto-0-cluster-0-worker3", + "node_selector": null, + "os": null, + "overhead": null, + "preemption_policy": "PreemptLowerPriority", + "priority": 0, + "priority_class_name": null, + "readiness_gates": null, + "resource_claims": null, + "restart_policy": "Always", + "runtime_class_name": null, + "scheduler_name": "default-scheduler", + "scheduling_gates": null, + "security_context": { + "fs_group": null, + "fs_group_change_policy": null, + "run_as_group": null, + "run_as_non_root": null, + "run_as_user": null, + "se_linux_options": null, + "seccomp_profile": null, + "supplemental_groups": null, + "sysctls": null, + "windows_options": null + }, + "service_account": "default", + "service_account_name": "default", + "set_hostname_as_fqdn": null, + "share_process_namespace": null, + "subdomain": "test-cluster-tikv-peer", + "termination_grace_period_seconds": 30, + "tolerations": [ + { + "effect": "NoExecute", + "key": "node.kubernetes.io/not-ready", + "operator": "Exists", + "toleration_seconds": 300, + "value": null + }, + { + "effect": "NoExecute", + "key": "node.kubernetes.io/unreachable", + "operator": "Exists", + "toleration_seconds": 300, + "value": null + } + ], + "topology_spread_constraints": null, + "volumes": [ + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "tikv", + "nfs": null, + "persistent_volume_claim": { + "claim_name": "tikv-test-cluster-tikv-2", + "read_only": null + }, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": { + "default_mode": 420, + "items": [ + { + "field_ref": { + "api_version": "v1", + "field_path": "metadata.annotations" + }, + "mode": null, + "path": "annotations", + "resource_field_ref": null + } + ] + }, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "annotations", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": { + "default_mode": 420, + "items": [ + { + "key": "config-file", + "mode": null, + "path": "tikv.toml" + } + ], + "name": "test-cluster-tikv-3831336", + "optional": null + }, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "config", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": { + "default_mode": 420, + "items": [ + { + "key": "startup-script", + "mode": null, + "path": "tikv_start_script.sh" + } + ], + "name": "test-cluster-tikv-3831336", + "optional": null + }, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "startup-script", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "kube-api-access-b2gzd", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": { + "default_mode": 420, + "sources": [ + { + "config_map": null, + "downward_api": null, + "secret": null, + "service_account_token": { + "audience": null, + "expiration_seconds": 3607, + "path": "token" + } + }, + { + "config_map": { + "items": [ + { + "key": "ca.crt", + "mode": null, + "path": "ca.crt" + } + ], + "name": "kube-root-ca.crt", + "optional": null + }, + "downward_api": null, + "secret": null, + "service_account_token": null + }, + { + "config_map": null, + "downward_api": { + "items": [ + { + "field_ref": { + "api_version": "v1", + "field_path": "metadata.namespace" + }, + "mode": null, + "path": "namespace", + "resource_field_ref": null + } + ] + }, + "secret": null, + "service_account_token": null + } + ] + }, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + } + ] + }, + "status": { + "conditions": [ + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T01:20:25+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "Initialized" + }, + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T01:20:26+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "Ready" + }, + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T01:20:26+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "ContainersReady" + }, + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T01:20:25+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "PodScheduled" + } + ], + "container_statuses": [ + { + "container_id": "containerd://2be24527e2ca73029ada8ae9cba4260d770721b6b115118d852522a43906260e", + "image": "docker.io/library/busybox:1.34.1", + "image_id": "docker.io/library/import-2024-02-27@sha256:c4d04d75f4fed737c946055f12e8eae66b6272e59afc5c9ed865428d7c215dad", + "last_state": { + "running": null, + "terminated": null, + "waiting": null + }, + "name": "raftlog", + "ready": true, + "restart_count": 0, + "started": true, + "state": { + "running": { + "started_at": "2024-02-27T01:20:25+00:00" + }, + "terminated": null, + "waiting": null + } + }, + { + "container_id": "containerd://56d376cf937d44d43a9352cdab2a3c102609b651357f357c5062676a99d63dcd", + "image": "docker.io/pingcap/tikv:v5.4.0", + "image_id": "docker.io/library/import-2024-02-27@sha256:6a5cc1deaa123c842cd3537ed4e322ce7e9ab42b8f45ee1d59dd0a7520ca6acc", + "last_state": { + "running": null, + "terminated": null, + "waiting": null + }, + "name": "tikv", + "ready": true, + "restart_count": 0, + "started": true, + "state": { + "running": { + "started_at": "2024-02-27T01:20:26+00:00" + }, + "terminated": null, + "waiting": null + } + } + ], + "ephemeral_container_statuses": null, + "host_ip": "172.18.0.3", + "init_container_statuses": null, + "message": null, + "nominated_node_name": null, + "phase": "Running", + "pod_ip": "10.244.3.7", + "pod_i_ps": [ + { + "ip": "10.244.3.7" + } + ], + "qos_class": "BestEffort", + "reason": null, + "start_time": "2024-02-27T01:20:25+00:00" + } + } + }, + "deployment_pods": { + "test-cluster-discovery": [ + { + "api_version": null, + "kind": null, + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:19:59+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": "test-cluster-discovery-689d8466cb-", + "generation": null, + "labels": { + "app.kubernetes.io/component": "discovery", + "app.kubernetes.io/instance": "test-cluster", + "app.kubernetes.io/managed-by": "tidb-operator", + "app.kubernetes.io/name": "tidb-cluster", + "pod-template-hash": "689d8466cb", + "tidb.pingcap.com/cluster-id": "7340085439264123903" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:generateName": {}, + "f:labels": { + ".": {}, + "f:app.kubernetes.io/component": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {}, + "f:pod-template-hash": {} + }, + "f:ownerReferences": { + ".": {}, + "k:{\"uid\":\"a6ae946c-e641-488e-8d11-8f8a0e04bed1\"}": {} + } + }, + "f:spec": { + "f:containers": { + "k:{\"name\":\"discovery\"}": { + ".": {}, + "f:command": {}, + "f:env": { + ".": {}, + "k:{\"name\":\"MY_POD_NAMESPACE\"}": { + ".": {}, + "f:name": {}, + "f:valueFrom": { + ".": {}, + "f:fieldRef": {} + } + }, + "k:{\"name\":\"TC_NAME\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"TZ\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + } + }, + "f:image": {}, + "f:imagePullPolicy": {}, + "f:name": {}, + "f:ports": { + ".": {}, + "k:{\"containerPort\":10261,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + }, + "k:{\"containerPort\":10262,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + } + }, + "f:resources": {}, + "f:terminationMessagePath": {}, + "f:terminationMessagePolicy": {} + } + }, + "f:dnsPolicy": {}, + "f:enableServiceLinks": {}, + "f:restartPolicy": {}, + "f:schedulerName": {}, + "f:securityContext": {}, + "f:serviceAccount": {}, + "f:serviceAccountName": {}, + "f:terminationGracePeriodSeconds": {} + } + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:59+00:00" + }, + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:status": { + "f:conditions": { + "k:{\"type\":\"ContainersReady\"}": { + ".": {}, + "f:lastProbeTime": {}, + "f:lastTransitionTime": {}, + "f:status": {}, + "f:type": {} + }, + "k:{\"type\":\"Initialized\"}": { + ".": {}, + "f:lastProbeTime": {}, + "f:lastTransitionTime": {}, + "f:status": {}, + "f:type": {} + }, + "k:{\"type\":\"Ready\"}": { + ".": {}, + "f:lastProbeTime": {}, + "f:lastTransitionTime": {}, + "f:status": {}, + "f:type": {} + } + }, + "f:containerStatuses": {}, + "f:hostIP": {}, + "f:phase": {}, + "f:podIP": {}, + "f:podIPs": { + ".": {}, + "k:{\"ip\":\"10.244.2.3\"}": { + ".": {}, + "f:ip": {} + } + }, + "f:startTime": {} + } + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:01+00:00" + }, + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:labels": { + "f:tidb.pingcap.com/cluster-id": {} + } + } + }, + "manager": "tidb-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:55+00:00" + } + ], + "name": "test-cluster-discovery-689d8466cb-rkhsw", + "namespace": "acto-namespace", + "owner_references": [ + { + "api_version": "apps/v1", + "block_owner_deletion": true, + "controller": true, + "kind": "ReplicaSet", + "name": "test-cluster-discovery-689d8466cb", + "uid": "a6ae946c-e641-488e-8d11-8f8a0e04bed1" + } + ], + "resource_version": "1411", + "self_link": null, + "uid": "7d5c38de-d388-4f79-a1eb-dbfcb1333562" + }, + "spec": { + "active_deadline_seconds": null, + "affinity": null, + "automount_service_account_token": null, + "containers": [ + { + "args": null, + "command": [ + "/usr/local/bin/tidb-discovery" + ], + "env": [ + { + "name": "MY_POD_NAMESPACE", + "value": null, + "value_from": { + "config_map_key_ref": null, + "field_ref": { + "api_version": "v1", + "field_path": "metadata.namespace" + }, + "resource_field_ref": null, + "secret_key_ref": null + } + }, + { + "name": "TZ", + "value": "UTC", + "value_from": null + }, + { + "name": "TC_NAME", + "value": "test-cluster", + "value_from": null + } + ], + "env_from": null, + "image": "pingcap/tidb-operator:v1.3.2", + "image_pull_policy": "IfNotPresent", + "lifecycle": null, + "liveness_probe": null, + "name": "discovery", + "ports": [ + { + "container_port": 10261, + "host_ip": null, + "host_port": null, + "name": "discovery", + "protocol": "TCP" + }, + { + "container_port": 10262, + "host_ip": null, + "host_port": null, + "name": "proxy", + "protocol": "TCP" + } + ], + "readiness_probe": null, + "resources": { + "claims": null, + "limits": null, + "requests": null + }, + "security_context": null, + "startup_probe": null, + "stdin": null, + "stdin_once": null, + "termination_message_path": "/dev/termination-log", + "termination_message_policy": "File", + "tty": null, + "volume_devices": null, + "volume_mounts": [ + { + "mount_path": "/var/run/secrets/kubernetes.io/serviceaccount", + "mount_propagation": null, + "name": "kube-api-access-kvn5p", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + } + ], + "working_dir": null + } + ], + "dns_config": null, + "dns_policy": "ClusterFirst", + "enable_service_links": true, + "ephemeral_containers": null, + "host_aliases": null, + "host_ipc": null, + "host_network": null, + "host_pid": null, + "host_users": null, + "hostname": null, + "image_pull_secrets": null, + "init_containers": null, + "node_name": "acto-0-cluster-0-worker2", + "node_selector": null, + "os": null, + "overhead": null, + "preemption_policy": "PreemptLowerPriority", + "priority": 0, + "priority_class_name": null, + "readiness_gates": null, + "resource_claims": null, + "restart_policy": "Always", + "runtime_class_name": null, + "scheduler_name": "default-scheduler", + "scheduling_gates": null, + "security_context": { + "fs_group": null, + "fs_group_change_policy": null, + "run_as_group": null, + "run_as_non_root": null, + "run_as_user": null, + "se_linux_options": null, + "seccomp_profile": null, + "supplemental_groups": null, + "sysctls": null, + "windows_options": null + }, + "service_account": "test-cluster-discovery", + "service_account_name": "test-cluster-discovery", + "set_hostname_as_fqdn": null, + "share_process_namespace": null, + "subdomain": null, + "termination_grace_period_seconds": 30, + "tolerations": [ + { + "effect": "NoExecute", + "key": "node.kubernetes.io/not-ready", + "operator": "Exists", + "toleration_seconds": 300, + "value": null + }, + { + "effect": "NoExecute", + "key": "node.kubernetes.io/unreachable", + "operator": "Exists", + "toleration_seconds": 300, + "value": null + } + ], + "topology_spread_constraints": null, + "volumes": [ + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "kube-api-access-kvn5p", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": { + "default_mode": 420, + "sources": [ + { + "config_map": null, + "downward_api": null, + "secret": null, + "service_account_token": { + "audience": null, + "expiration_seconds": 3607, + "path": "token" + } + }, + { + "config_map": { + "items": [ + { + "key": "ca.crt", + "mode": null, + "path": "ca.crt" + } + ], + "name": "kube-root-ca.crt", + "optional": null + }, + "downward_api": null, + "secret": null, + "service_account_token": null + }, + { + "config_map": null, + "downward_api": { + "items": [ + { + "field_ref": { + "api_version": "v1", + "field_path": "metadata.namespace" + }, + "mode": null, + "path": "namespace", + "resource_field_ref": null + } + ] + }, + "secret": null, + "service_account_token": null + } + ] + }, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + } + ] + }, + "status": { + "conditions": [ + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T01:19:59+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "Initialized" + }, + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T01:20:01+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "Ready" + }, + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T01:20:01+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "ContainersReady" + }, + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T01:19:59+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "PodScheduled" + } + ], + "container_statuses": [ + { + "container_id": "containerd://28e3a899abba97d805ee331d8c6d6c446d517b15a8803a799a37537f194899b1", + "image": "docker.io/pingcap/tidb-operator:v1.3.2", + "image_id": "docker.io/library/import-2024-02-27@sha256:c76b0aaafb25be29b2618f334a63ffbc5be84d1ddc1660eb0c9e1aa43854b9bc", + "last_state": { + "running": null, + "terminated": null, + "waiting": null + }, + "name": "discovery", + "ready": true, + "restart_count": 0, + "started": true, + "state": { + "running": { + "started_at": "2024-02-27T01:20:00+00:00" + }, + "terminated": null, + "waiting": null + } + } + ], + "ephemeral_container_statuses": null, + "host_ip": "172.18.0.5", + "init_container_statuses": null, + "message": null, + "nominated_node_name": null, + "phase": "Running", + "pod_ip": "10.244.2.3", + "pod_i_ps": [ + { + "ip": "10.244.2.3" + } + ], + "qos_class": "BestEffort", + "reason": null, + "start_time": "2024-02-27T01:19:59+00:00" + } + } + ], + "tidb-controller-manager": [ + { + "api_version": null, + "kind": null, + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:19:34+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": "tidb-controller-manager-7b6bdb846c-", + "generation": null, + "labels": { + "acto/tag": "operator-pod", + "app.kubernetes.io/component": "controller-manager", + "app.kubernetes.io/instance": "acto-test-operator", + "app.kubernetes.io/name": "tidb-operator", + "pod-template-hash": "7b6bdb846c" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:generateName": {}, + "f:labels": { + ".": {}, + "f:acto/tag": {}, + "f:app.kubernetes.io/component": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/name": {}, + "f:pod-template-hash": {} + }, + "f:ownerReferences": { + ".": {}, + "k:{\"uid\":\"bb205349-db16-4be3-a580-837c95106a43\"}": {} + } + }, + "f:spec": { + "f:containers": { + "k:{\"name\":\"tidb-operator\"}": { + ".": {}, + "f:command": {}, + "f:env": { + ".": {}, + "k:{\"name\":\"NAMESPACE\"}": { + ".": {}, + "f:name": {}, + "f:valueFrom": { + ".": {}, + "f:fieldRef": {} + } + }, + "k:{\"name\":\"TZ\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + } + }, + "f:image": {}, + "f:imagePullPolicy": {}, + "f:livenessProbe": { + ".": {}, + "f:failureThreshold": {}, + "f:initialDelaySeconds": {}, + "f:periodSeconds": {}, + "f:successThreshold": {}, + "f:tcpSocket": { + ".": {}, + "f:port": {} + }, + "f:timeoutSeconds": {} + }, + "f:name": {}, + "f:resources": { + ".": {}, + "f:requests": { + ".": {}, + "f:cpu": {}, + "f:memory": {} + } + }, + "f:terminationMessagePath": {}, + "f:terminationMessagePolicy": {} + } + }, + "f:dnsPolicy": {}, + "f:enableServiceLinks": {}, + "f:restartPolicy": {}, + "f:schedulerName": {}, + "f:securityContext": {}, + "f:serviceAccount": {}, + "f:serviceAccountName": {}, + "f:terminationGracePeriodSeconds": {} + } + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:34+00:00" + }, + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:status": { + "f:conditions": { + "k:{\"type\":\"ContainersReady\"}": { + ".": {}, + "f:lastProbeTime": {}, + "f:lastTransitionTime": {}, + "f:status": {}, + "f:type": {} + }, + "k:{\"type\":\"Initialized\"}": { + ".": {}, + "f:lastProbeTime": {}, + "f:lastTransitionTime": {}, + "f:status": {}, + "f:type": {} + }, + "k:{\"type\":\"Ready\"}": { + ".": {}, + "f:lastProbeTime": {}, + "f:lastTransitionTime": {}, + "f:status": {}, + "f:type": {} + } + }, + "f:containerStatuses": {}, + "f:hostIP": {}, + "f:phase": {}, + "f:podIP": {}, + "f:podIPs": { + ".": {}, + "k:{\"ip\":\"10.244.1.2\"}": { + ".": {}, + "f:ip": {} + } + }, + "f:startTime": {} + } + }, + "manager": "kubelet", + "operation": "Update", + "subresource": "status", + "time": "2024-02-27T01:19:35+00:00" + } + ], + "name": "tidb-controller-manager-7b6bdb846c-75s8q", + "namespace": "acto-namespace", + "owner_references": [ + { + "api_version": "apps/v1", + "block_owner_deletion": true, + "controller": true, + "kind": "ReplicaSet", + "name": "tidb-controller-manager-7b6bdb846c", + "uid": "bb205349-db16-4be3-a580-837c95106a43" + } + ], + "resource_version": "772", + "self_link": null, + "uid": "b93e5400-95b9-4849-81cd-5e05969d0494" + }, + "spec": { + "active_deadline_seconds": null, + "affinity": null, + "automount_service_account_token": null, + "containers": [ + { + "args": null, + "command": [ + "/usr/local/bin/tidb-controller-manager", + "-tidb-backup-manager-image=pingcap/tidb-backup-manager:v1.3.2", + "-tidb-discovery-image=pingcap/tidb-operator:v1.3.2", + "-cluster-scoped=true", + "-cluster-permission-node=true", + "-cluster-permission-pv=true", + "-cluster-permission-sc=true", + "-auto-failover=true", + "-pd-failover-period=5m", + "-tikv-failover-period=5m", + "-tiflash-failover-period=5m", + "-tidb-failover-period=5m", + "-dm-master-failover-period=5m", + "-dm-worker-failover-period=5m", + "-v=2" + ], + "env": [ + { + "name": "NAMESPACE", + "value": null, + "value_from": { + "config_map_key_ref": null, + "field_ref": { + "api_version": "v1", + "field_path": "metadata.namespace" + }, + "resource_field_ref": null, + "secret_key_ref": null + } + }, + { + "name": "TZ", + "value": "UTC", + "value_from": null + } + ], + "env_from": null, + "image": "pingcap/tidb-operator:v1.3.2", + "image_pull_policy": "IfNotPresent", + "lifecycle": null, + "liveness_probe": { + "_exec": null, + "failure_threshold": 10, + "grpc": null, + "http_get": null, + "initial_delay_seconds": 30, + "period_seconds": 10, + "success_threshold": 1, + "tcp_socket": { + "host": null, + "port": 6060 + }, + "termination_grace_period_seconds": null, + "timeout_seconds": 1 + }, + "name": "tidb-operator", + "ports": null, + "readiness_probe": null, + "resources": { + "claims": null, + "limits": null, + "requests": { + "cpu": "80m", + "memory": "50Mi" + } + }, + "security_context": null, + "startup_probe": null, + "stdin": null, + "stdin_once": null, + "termination_message_path": "/dev/termination-log", + "termination_message_policy": "File", + "tty": null, + "volume_devices": null, + "volume_mounts": [ + { + "mount_path": "/var/run/secrets/kubernetes.io/serviceaccount", + "mount_propagation": null, + "name": "kube-api-access-cwpt2", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + } + ], + "working_dir": null + } + ], + "dns_config": null, + "dns_policy": "ClusterFirst", + "enable_service_links": true, + "ephemeral_containers": null, + "host_aliases": null, + "host_ipc": null, + "host_network": null, + "host_pid": null, + "host_users": null, + "hostname": null, + "image_pull_secrets": null, + "init_containers": null, + "node_name": "acto-0-cluster-0-worker", + "node_selector": null, + "os": null, + "overhead": null, + "preemption_policy": "PreemptLowerPriority", + "priority": 0, + "priority_class_name": null, + "readiness_gates": null, + "resource_claims": null, + "restart_policy": "Always", + "runtime_class_name": null, + "scheduler_name": "default-scheduler", + "scheduling_gates": null, + "security_context": { + "fs_group": null, + "fs_group_change_policy": null, + "run_as_group": null, + "run_as_non_root": null, + "run_as_user": null, + "se_linux_options": null, + "seccomp_profile": null, + "supplemental_groups": null, + "sysctls": null, + "windows_options": null + }, + "service_account": "tidb-controller-manager", + "service_account_name": "tidb-controller-manager", + "set_hostname_as_fqdn": null, + "share_process_namespace": null, + "subdomain": null, + "termination_grace_period_seconds": 30, + "tolerations": [ + { + "effect": "NoExecute", + "key": "node.kubernetes.io/not-ready", + "operator": "Exists", + "toleration_seconds": 300, + "value": null + }, + { + "effect": "NoExecute", + "key": "node.kubernetes.io/unreachable", + "operator": "Exists", + "toleration_seconds": 300, + "value": null + } + ], + "topology_spread_constraints": null, + "volumes": [ + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "kube-api-access-cwpt2", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": { + "default_mode": 420, + "sources": [ + { + "config_map": null, + "downward_api": null, + "secret": null, + "service_account_token": { + "audience": null, + "expiration_seconds": 3607, + "path": "token" + } + }, + { + "config_map": { + "items": [ + { + "key": "ca.crt", + "mode": null, + "path": "ca.crt" + } + ], + "name": "kube-root-ca.crt", + "optional": null + }, + "downward_api": null, + "secret": null, + "service_account_token": null + }, + { + "config_map": null, + "downward_api": { + "items": [ + { + "field_ref": { + "api_version": "v1", + "field_path": "metadata.namespace" + }, + "mode": null, + "path": "namespace", + "resource_field_ref": null + } + ] + }, + "secret": null, + "service_account_token": null + } + ] + }, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + } + ] + }, + "status": { + "conditions": [ + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T01:19:34+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "Initialized" + }, + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T01:19:35+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "Ready" + }, + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T01:19:35+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "ContainersReady" + }, + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T01:19:34+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "PodScheduled" + } + ], + "container_statuses": [ + { + "container_id": "containerd://caea90884ede486bbd27d844516f0cc0e2902939d2af7a26eb8e979f7a95f801", + "image": "docker.io/pingcap/tidb-operator:v1.3.2", + "image_id": "docker.io/library/import-2024-02-27@sha256:c76b0aaafb25be29b2618f334a63ffbc5be84d1ddc1660eb0c9e1aa43854b9bc", + "last_state": { + "running": null, + "terminated": null, + "waiting": null + }, + "name": "tidb-operator", + "ready": true, + "restart_count": 0, + "started": true, + "state": { + "running": { + "started_at": "2024-02-27T01:19:34+00:00" + }, + "terminated": null, + "waiting": null + } + } + ], + "ephemeral_container_statuses": null, + "host_ip": "172.18.0.2", + "init_container_statuses": null, + "message": null, + "nominated_node_name": null, + "phase": "Running", + "pod_ip": "10.244.1.2", + "pod_i_ps": [ + { + "ip": "10.244.1.2" + } + ], + "qos_class": "Burstable", + "reason": null, + "start_time": "2024-02-27T01:19:34+00:00" + } + } + ], + "tidb-scheduler": [ + { + "api_version": null, + "kind": null, + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:19:34+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": "tidb-scheduler-77874455fc-", + "generation": null, + "labels": { + "acto/tag": "operator-pod", + "app.kubernetes.io/component": "scheduler", + "app.kubernetes.io/instance": "acto-test-operator", + "app.kubernetes.io/name": "tidb-operator", + "pod-template-hash": "77874455fc" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:generateName": {}, + "f:labels": { + ".": {}, + "f:acto/tag": {}, + "f:app.kubernetes.io/component": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/name": {}, + "f:pod-template-hash": {} + }, + "f:ownerReferences": { + ".": {}, + "k:{\"uid\":\"c9b2667a-583a-46ba-9e81-967fa44bd897\"}": {} + } + }, + "f:spec": { + "f:containers": { + "k:{\"name\":\"kube-scheduler\"}": { + ".": {}, + "f:command": {}, + "f:image": {}, + "f:imagePullPolicy": {}, + "f:name": {}, + "f:resources": { + ".": {}, + "f:limits": { + ".": {}, + "f:cpu": {}, + "f:memory": {} + }, + "f:requests": { + ".": {}, + "f:cpu": {}, + "f:memory": {} + } + }, + "f:terminationMessagePath": {}, + "f:terminationMessagePolicy": {}, + "f:volumeMounts": { + ".": {}, + "k:{\"mountPath\":\"/etc/kubernetes\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {} + } + } + }, + "k:{\"name\":\"tidb-scheduler\"}": { + ".": {}, + "f:command": {}, + "f:image": {}, + "f:imagePullPolicy": {}, + "f:name": {}, + "f:resources": { + ".": {}, + "f:limits": { + ".": {}, + "f:cpu": {}, + "f:memory": {} + }, + "f:requests": { + ".": {}, + "f:cpu": {}, + "f:memory": {} + } + }, + "f:terminationMessagePath": {}, + "f:terminationMessagePolicy": {} + } + }, + "f:dnsPolicy": {}, + "f:enableServiceLinks": {}, + "f:restartPolicy": {}, + "f:schedulerName": {}, + "f:securityContext": {}, + "f:serviceAccount": {}, + "f:serviceAccountName": {}, + "f:terminationGracePeriodSeconds": {}, + "f:volumes": { + ".": {}, + "k:{\"name\":\"scheduler-config\"}": { + ".": {}, + "f:configMap": { + ".": {}, + "f:defaultMode": {}, + "f:name": {} + }, + "f:name": {} + } + } + } + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:34+00:00" + }, + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:status": { + "f:conditions": { + "k:{\"type\":\"ContainersReady\"}": { + ".": {}, + "f:lastProbeTime": {}, + "f:lastTransitionTime": {}, + "f:status": {}, + "f:type": {} + }, + "k:{\"type\":\"Initialized\"}": { + ".": {}, + "f:lastProbeTime": {}, + "f:lastTransitionTime": {}, + "f:status": {}, + "f:type": {} + }, + "k:{\"type\":\"Ready\"}": { + ".": {}, + "f:lastProbeTime": {}, + "f:lastTransitionTime": {}, + "f:status": {}, + "f:type": {} + } + }, + "f:containerStatuses": {}, + "f:hostIP": {}, + "f:phase": {}, + "f:podIP": {}, + "f:podIPs": { + ".": {}, + "k:{\"ip\":\"10.244.3.3\"}": { + ".": {}, + "f:ip": {} + } + }, + "f:startTime": {} + } + }, + "manager": "kubelet", + "operation": "Update", + "subresource": "status", + "time": "2024-02-27T01:19:37+00:00" + } + ], + "name": "tidb-scheduler-77874455fc-dxfhz", + "namespace": "acto-namespace", + "owner_references": [ + { + "api_version": "apps/v1", + "block_owner_deletion": true, + "controller": true, + "kind": "ReplicaSet", + "name": "tidb-scheduler-77874455fc", + "uid": "c9b2667a-583a-46ba-9e81-967fa44bd897" + } + ], + "resource_version": "792", + "self_link": null, + "uid": "b5ef8809-da58-498b-8b27-4d7f2c32a074" + }, + "spec": { + "active_deadline_seconds": null, + "affinity": null, + "automount_service_account_token": null, + "containers": [ + { + "args": null, + "command": [ + "/usr/local/bin/tidb-scheduler", + "-v=2", + "-port=10262" + ], + "env": null, + "env_from": null, + "image": "pingcap/tidb-operator:v1.3.2", + "image_pull_policy": "IfNotPresent", + "lifecycle": null, + "liveness_probe": null, + "name": "tidb-scheduler", + "ports": null, + "readiness_probe": null, + "resources": { + "claims": null, + "limits": { + "cpu": "250m", + "memory": "150Mi" + }, + "requests": { + "cpu": "80m", + "memory": "50Mi" + } + }, + "security_context": null, + "startup_probe": null, + "stdin": null, + "stdin_once": null, + "termination_message_path": "/dev/termination-log", + "termination_message_policy": "File", + "tty": null, + "volume_devices": null, + "volume_mounts": [ + { + "mount_path": "/var/run/secrets/kubernetes.io/serviceaccount", + "mount_propagation": null, + "name": "kube-api-access-8nw56", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + } + ], + "working_dir": null + }, + { + "args": null, + "command": [ + "kube-scheduler", + "--v=2", + "--config=/etc/kubernetes/scheduler-config.yaml" + ], + "env": null, + "env_from": null, + "image": "k8s.gcr.io/kube-scheduler:v1.22.9", + "image_pull_policy": "IfNotPresent", + "lifecycle": null, + "liveness_probe": null, + "name": "kube-scheduler", + "ports": null, + "readiness_probe": null, + "resources": { + "claims": null, + "limits": { + "cpu": "250m", + "memory": "150Mi" + }, + "requests": { + "cpu": "80m", + "memory": "50Mi" + } + }, + "security_context": null, + "startup_probe": null, + "stdin": null, + "stdin_once": null, + "termination_message_path": "/dev/termination-log", + "termination_message_policy": "File", + "tty": null, + "volume_devices": null, + "volume_mounts": [ + { + "mount_path": "/etc/kubernetes", + "mount_propagation": null, + "name": "scheduler-config", + "read_only": null, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/var/run/secrets/kubernetes.io/serviceaccount", + "mount_propagation": null, + "name": "kube-api-access-8nw56", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + } + ], + "working_dir": null + } + ], + "dns_config": null, + "dns_policy": "ClusterFirst", + "enable_service_links": true, + "ephemeral_containers": null, + "host_aliases": null, + "host_ipc": null, + "host_network": null, + "host_pid": null, + "host_users": null, + "hostname": null, + "image_pull_secrets": null, + "init_containers": null, + "node_name": "acto-0-cluster-0-worker3", + "node_selector": null, + "os": null, + "overhead": null, + "preemption_policy": "PreemptLowerPriority", + "priority": 0, + "priority_class_name": null, + "readiness_gates": null, + "resource_claims": null, + "restart_policy": "Always", + "runtime_class_name": null, + "scheduler_name": "default-scheduler", + "scheduling_gates": null, + "security_context": { + "fs_group": null, + "fs_group_change_policy": null, + "run_as_group": null, + "run_as_non_root": null, + "run_as_user": null, + "se_linux_options": null, + "seccomp_profile": null, + "supplemental_groups": null, + "sysctls": null, + "windows_options": null + }, + "service_account": "tidb-scheduler", + "service_account_name": "tidb-scheduler", + "set_hostname_as_fqdn": null, + "share_process_namespace": null, + "subdomain": null, + "termination_grace_period_seconds": 30, + "tolerations": [ + { + "effect": "NoExecute", + "key": "node.kubernetes.io/not-ready", + "operator": "Exists", + "toleration_seconds": 300, + "value": null + }, + { + "effect": "NoExecute", + "key": "node.kubernetes.io/unreachable", + "operator": "Exists", + "toleration_seconds": 300, + "value": null + } + ], + "topology_spread_constraints": null, + "volumes": [ + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": { + "default_mode": 420, + "items": null, + "name": "tidb-scheduler-config", + "optional": null + }, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "scheduler-config", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "kube-api-access-8nw56", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": { + "default_mode": 420, + "sources": [ + { + "config_map": null, + "downward_api": null, + "secret": null, + "service_account_token": { + "audience": null, + "expiration_seconds": 3607, + "path": "token" + } + }, + { + "config_map": { + "items": [ + { + "key": "ca.crt", + "mode": null, + "path": "ca.crt" + } + ], + "name": "kube-root-ca.crt", + "optional": null + }, + "downward_api": null, + "secret": null, + "service_account_token": null + }, + { + "config_map": null, + "downward_api": { + "items": [ + { + "field_ref": { + "api_version": "v1", + "field_path": "metadata.namespace" + }, + "mode": null, + "path": "namespace", + "resource_field_ref": null + } + ] + }, + "secret": null, + "service_account_token": null + } + ] + }, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + } + ] + }, + "status": { + "conditions": [ + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T01:19:34+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "Initialized" + }, + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T01:19:37+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "Ready" + }, + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T01:19:37+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "ContainersReady" + }, + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T01:19:34+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "PodScheduled" + } + ], + "container_statuses": [ + { + "container_id": "containerd://f2223ddc3676158fe84acccc0915ced286e7cbdff99b443ff4b154774a88a874", + "image": "k8s.gcr.io/kube-scheduler:v1.22.9", + "image_id": "k8s.gcr.io/kube-scheduler@sha256:9748f115f11151a0e5ffda770f696bef46371b819a84b95e77bbfc7843b64404", + "last_state": { + "running": null, + "terminated": null, + "waiting": null + }, + "name": "kube-scheduler", + "ready": true, + "restart_count": 0, + "started": true, + "state": { + "running": { + "started_at": "2024-02-27T01:19:36+00:00" + }, + "terminated": null, + "waiting": null + } + }, + { + "container_id": "containerd://d8f8fb1a875d8c68c580f21b9aab9d182a3f31657b2bb3ef878c85ac42128d55", + "image": "docker.io/pingcap/tidb-operator:v1.3.2", + "image_id": "docker.io/library/import-2024-02-27@sha256:c76b0aaafb25be29b2618f334a63ffbc5be84d1ddc1660eb0c9e1aa43854b9bc", + "last_state": { + "running": null, + "terminated": null, + "waiting": null + }, + "name": "tidb-scheduler", + "ready": true, + "restart_count": 0, + "started": true, + "state": { + "running": { + "started_at": "2024-02-27T01:19:34+00:00" + }, + "terminated": null, + "waiting": null + } + } + ], + "ephemeral_container_statuses": null, + "host_ip": "172.18.0.3", + "init_container_statuses": null, + "message": null, + "nominated_node_name": null, + "phase": "Running", + "pod_ip": "10.244.3.3", + "pod_i_ps": [ + { + "ip": "10.244.3.3" + } + ], + "qos_class": "Burstable", + "reason": null, + "start_time": "2024-02-27T01:19:34+00:00" + } + } + ] + }, + "daemonset_pods": {}, + "stateful_set": { + "test-cluster-pd": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": { + "pingcap.com/last-applied-configuration": "{\"replicas\":3,\"selector\":{\"matchLabels\":{\"app.kubernetes.io/component\":\"pd\",\"app.kubernetes.io/instance\":\"test-cluster\",\"app.kubernetes.io/managed-by\":\"tidb-operator\",\"app.kubernetes.io/name\":\"tidb-cluster\"}},\"template\":{\"metadata\":{\"creationTimestamp\":null,\"labels\":{\"app.kubernetes.io/component\":\"pd\",\"app.kubernetes.io/instance\":\"test-cluster\",\"app.kubernetes.io/managed-by\":\"tidb-operator\",\"app.kubernetes.io/name\":\"tidb-cluster\"},\"annotations\":{\"prometheus.io/path\":\"/metrics\",\"prometheus.io/port\":\"2379\",\"prometheus.io/scrape\":\"true\"}},\"spec\":{\"volumes\":[{\"name\":\"annotations\",\"downwardAPI\":{\"items\":[{\"path\":\"annotations\",\"fieldRef\":{\"fieldPath\":\"metadata.annotations\"}}]}},{\"name\":\"config\",\"configMap\":{\"name\":\"test-cluster-pd-3731616\",\"items\":[{\"key\":\"config-file\",\"path\":\"pd.toml\"}]}},{\"name\":\"startup-script\",\"configMap\":{\"name\":\"test-cluster-pd-3731616\",\"items\":[{\"key\":\"startup-script\",\"path\":\"pd_start_script.sh\"}]}}],\"containers\":[{\"name\":\"pd\",\"image\":\"pingcap/pd:v5.4.0\",\"command\":[\"/bin/sh\",\"/usr/local/bin/pd_start_script.sh\"],\"ports\":[{\"name\":\"server\",\"containerPort\":2380,\"protocol\":\"TCP\"},{\"name\":\"client\",\"containerPort\":2379,\"protocol\":\"TCP\"}],\"env\":[{\"name\":\"NAMESPACE\",\"valueFrom\":{\"fieldRef\":{\"fieldPath\":\"metadata.namespace\"}}},{\"name\":\"PEER_SERVICE_NAME\",\"value\":\"test-cluster-pd-peer\"},{\"name\":\"SERVICE_NAME\",\"value\":\"test-cluster-pd\"},{\"name\":\"SET_NAME\",\"value\":\"test-cluster-pd\"},{\"name\":\"TZ\",\"value\":\"UTC\"}],\"resources\":{},\"volumeMounts\":[{\"name\":\"annotations\",\"readOnly\":true,\"mountPath\":\"/etc/podinfo\"},{\"name\":\"config\",\"readOnly\":true,\"mountPath\":\"/etc/pd\"},{\"name\":\"startup-script\",\"readOnly\":true,\"mountPath\":\"/usr/local/bin\"},{\"name\":\"pd\",\"mountPath\":\"/var/lib/pd\"}],\"imagePullPolicy\":\"IfNotPresent\"}],\"restartPolicy\":\"Always\",\"dnsPolicy\":\"ClusterFirst\"}},\"volumeClaimTemplates\":[{\"metadata\":{\"name\":\"pd\",\"creationTimestamp\":null},\"spec\":{\"accessModes\":[\"ReadWriteOnce\"],\"resources\":{\"requests\":{\"storage\":\"10Gi\"}}},\"status\":{}}],\"serviceName\":\"test-cluster-pd-peer\",\"podManagementPolicy\":\"Parallel\",\"updateStrategy\":{\"type\":\"RollingUpdate\",\"rollingUpdate\":{\"partition\":3}}}" + }, + "creation_timestamp": "2024-02-27T01:19:59+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": 1, + "labels": { + "app.kubernetes.io/component": "pd", + "app.kubernetes.io/instance": "test-cluster", + "app.kubernetes.io/managed-by": "tidb-operator", + "app.kubernetes.io/name": "tidb-cluster" + }, + "managed_fields": [ + { + "api_version": "apps/v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + ".": {}, + "f:pingcap.com/last-applied-configuration": {} + }, + "f:labels": { + ".": {}, + "f:app.kubernetes.io/component": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {} + }, + "f:ownerReferences": { + ".": {}, + "k:{\"uid\":\"eff6561e-bf0d-471c-99a1-71f35603bc87\"}": {} + } + }, + "f:spec": { + "f:persistentVolumeClaimRetentionPolicy": { + ".": {}, + "f:whenDeleted": {}, + "f:whenScaled": {} + }, + "f:podManagementPolicy": {}, + "f:replicas": {}, + "f:revisionHistoryLimit": {}, + "f:selector": {}, + "f:serviceName": {}, + "f:template": { + "f:metadata": { + "f:annotations": { + ".": {}, + "f:prometheus.io/path": {}, + "f:prometheus.io/port": {}, + "f:prometheus.io/scrape": {} + }, + "f:labels": { + ".": {}, + "f:app.kubernetes.io/component": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {} + } + }, + "f:spec": { + "f:containers": { + "k:{\"name\":\"pd\"}": { + ".": {}, + "f:command": {}, + "f:env": { + ".": {}, + "k:{\"name\":\"NAMESPACE\"}": { + ".": {}, + "f:name": {}, + "f:valueFrom": { + ".": {}, + "f:fieldRef": {} + } + }, + "k:{\"name\":\"PEER_SERVICE_NAME\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"SERVICE_NAME\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"SET_NAME\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"TZ\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + } + }, + "f:image": {}, + "f:imagePullPolicy": {}, + "f:name": {}, + "f:ports": { + ".": {}, + "k:{\"containerPort\":2379,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + }, + "k:{\"containerPort\":2380,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + } + }, + "f:resources": {}, + "f:terminationMessagePath": {}, + "f:terminationMessagePolicy": {}, + "f:volumeMounts": { + ".": {}, + "k:{\"mountPath\":\"/etc/pd\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {}, + "f:readOnly": {} + }, + "k:{\"mountPath\":\"/etc/podinfo\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {}, + "f:readOnly": {} + }, + "k:{\"mountPath\":\"/usr/local/bin\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {}, + "f:readOnly": {} + }, + "k:{\"mountPath\":\"/var/lib/pd\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {} + } + } + } + }, + "f:dnsPolicy": {}, + "f:restartPolicy": {}, + "f:schedulerName": {}, + "f:securityContext": {}, + "f:terminationGracePeriodSeconds": {}, + "f:volumes": { + ".": {}, + "k:{\"name\":\"annotations\"}": { + ".": {}, + "f:downwardAPI": { + ".": {}, + "f:defaultMode": {}, + "f:items": {} + }, + "f:name": {} + }, + "k:{\"name\":\"config\"}": { + ".": {}, + "f:configMap": { + ".": {}, + "f:defaultMode": {}, + "f:items": {}, + "f:name": {} + }, + "f:name": {} + }, + "k:{\"name\":\"startup-script\"}": { + ".": {}, + "f:configMap": { + ".": {}, + "f:defaultMode": {}, + "f:items": {}, + "f:name": {} + }, + "f:name": {} + } + } + } + }, + "f:updateStrategy": { + "f:rollingUpdate": { + ".": {}, + "f:partition": {} + }, + "f:type": {} + }, + "f:volumeClaimTemplates": {} + } + }, + "manager": "tidb-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:59+00:00" + }, + { + "api_version": "apps/v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:status": { + "f:availableReplicas": {}, + "f:collisionCount": {}, + "f:currentReplicas": {}, + "f:currentRevision": {}, + "f:observedGeneration": {}, + "f:readyReplicas": {}, + "f:replicas": {}, + "f:updateRevision": {}, + "f:updatedReplicas": {} + } + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": "status", + "time": "2024-02-27T01:20:26+00:00" + } + ], + "name": "test-cluster-pd", + "namespace": "acto-namespace", + "owner_references": [ + { + "api_version": "pingcap.com/v1alpha1", + "block_owner_deletion": true, + "controller": true, + "kind": "TidbCluster", + "name": "test-cluster", + "uid": "eff6561e-bf0d-471c-99a1-71f35603bc87" + } + ], + "resource_version": "1238", + "self_link": null, + "uid": "88522170-1faf-4a03-8d4e-f4f6a40c72a7" + }, + "spec": { + "min_ready_seconds": null, + "ordinals": null, + "persistent_volume_claim_retention_policy": { + "when_deleted": "Retain", + "when_scaled": "Retain" + }, + "pod_management_policy": "Parallel", + "replicas": 3, + "revision_history_limit": 10, + "selector": { + "match_expressions": null, + "match_labels": { + "app.kubernetes.io/component": "pd", + "app.kubernetes.io/instance": "test-cluster", + "app.kubernetes.io/managed-by": "tidb-operator", + "app.kubernetes.io/name": "tidb-cluster" + } + }, + "service_name": "test-cluster-pd-peer", + "template": { + "metadata": { + "annotations": { + "prometheus.io/path": "/metrics", + "prometheus.io/port": "2379", + "prometheus.io/scrape": "true" + }, + "creation_timestamp": null, + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": { + "app.kubernetes.io/component": "pd", + "app.kubernetes.io/instance": "test-cluster", + "app.kubernetes.io/managed-by": "tidb-operator", + "app.kubernetes.io/name": "tidb-cluster" + }, + "managed_fields": null, + "name": null, + "namespace": null, + "owner_references": null, + "resource_version": null, + "self_link": null, + "uid": null + }, + "spec": { + "active_deadline_seconds": null, + "affinity": null, + "automount_service_account_token": null, + "containers": [ + { + "args": null, + "command": [ + "/bin/sh", + "/usr/local/bin/pd_start_script.sh" + ], + "env": [ + { + "name": "NAMESPACE", + "value": null, + "value_from": { + "config_map_key_ref": null, + "field_ref": { + "api_version": "v1", + "field_path": "metadata.namespace" + }, + "resource_field_ref": null, + "secret_key_ref": null + } + }, + { + "name": "PEER_SERVICE_NAME", + "value": "test-cluster-pd-peer", + "value_from": null + }, + { + "name": "SERVICE_NAME", + "value": "test-cluster-pd", + "value_from": null + }, + { + "name": "SET_NAME", + "value": "test-cluster-pd", + "value_from": null + }, + { + "name": "TZ", + "value": "UTC", + "value_from": null + } + ], + "env_from": null, + "image": "pingcap/pd:v5.4.0", + "image_pull_policy": "IfNotPresent", + "lifecycle": null, + "liveness_probe": null, + "name": "pd", + "ports": [ + { + "container_port": 2380, + "host_ip": null, + "host_port": null, + "name": "server", + "protocol": "TCP" + }, + { + "container_port": 2379, + "host_ip": null, + "host_port": null, + "name": "client", + "protocol": "TCP" + } + ], + "readiness_probe": null, + "resources": { + "claims": null, + "limits": null, + "requests": null + }, + "security_context": null, + "startup_probe": null, + "stdin": null, + "stdin_once": null, + "termination_message_path": "/dev/termination-log", + "termination_message_policy": "File", + "tty": null, + "volume_devices": null, + "volume_mounts": [ + { + "mount_path": "/etc/podinfo", + "mount_propagation": null, + "name": "annotations", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/etc/pd", + "mount_propagation": null, + "name": "config", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/usr/local/bin", + "mount_propagation": null, + "name": "startup-script", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/var/lib/pd", + "mount_propagation": null, + "name": "pd", + "read_only": null, + "sub_path": null, + "sub_path_expr": null + } + ], + "working_dir": null + } + ], + "dns_config": null, + "dns_policy": "ClusterFirst", + "enable_service_links": null, + "ephemeral_containers": null, + "host_aliases": null, + "host_ipc": null, + "host_network": null, + "host_pid": null, + "host_users": null, + "hostname": null, + "image_pull_secrets": null, + "init_containers": null, + "node_name": null, + "node_selector": null, + "os": null, + "overhead": null, + "preemption_policy": null, + "priority": null, + "priority_class_name": null, + "readiness_gates": null, + "resource_claims": null, + "restart_policy": "Always", + "runtime_class_name": null, + "scheduler_name": "default-scheduler", + "scheduling_gates": null, + "security_context": { + "fs_group": null, + "fs_group_change_policy": null, + "run_as_group": null, + "run_as_non_root": null, + "run_as_user": null, + "se_linux_options": null, + "seccomp_profile": null, + "supplemental_groups": null, + "sysctls": null, + "windows_options": null + }, + "service_account": null, + "service_account_name": null, + "set_hostname_as_fqdn": null, + "share_process_namespace": null, + "subdomain": null, + "termination_grace_period_seconds": 30, + "tolerations": null, + "topology_spread_constraints": null, + "volumes": [ + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": { + "default_mode": 420, + "items": [ + { + "field_ref": { + "api_version": "v1", + "field_path": "metadata.annotations" + }, + "mode": null, + "path": "annotations", + "resource_field_ref": null + } + ] + }, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "annotations", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": { + "default_mode": 420, + "items": [ + { + "key": "config-file", + "mode": null, + "path": "pd.toml" + } + ], + "name": "test-cluster-pd-3731616", + "optional": null + }, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "config", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": { + "default_mode": 420, + "items": [ + { + "key": "startup-script", + "mode": null, + "path": "pd_start_script.sh" + } + ], + "name": "test-cluster-pd-3731616", + "optional": null + }, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "startup-script", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + } + ] + } + }, + "update_strategy": { + "rolling_update": { + "max_unavailable": null, + "partition": 3 + }, + "type": "RollingUpdate" + }, + "volume_claim_templates": [ + { + "api_version": "v1", + "kind": "PersistentVolumeClaim", + "metadata": { + "annotations": null, + "creation_timestamp": null, + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": null, + "name": "pd", + "namespace": null, + "owner_references": null, + "resource_version": null, + "self_link": null, + "uid": null + }, + "spec": { + "access_modes": [ + "ReadWriteOnce" + ], + "data_source": null, + "data_source_ref": null, + "resources": { + "claims": null, + "limits": null, + "requests": { + "storage": "10Gi" + } + }, + "selector": null, + "storage_class_name": null, + "volume_mode": "Filesystem", + "volume_name": null + }, + "status": { + "access_modes": null, + "allocated_resources": null, + "capacity": null, + "conditions": null, + "phase": "Pending", + "resize_status": null + } + } + ] + }, + "status": { + "available_replicas": 3, + "collision_count": 0, + "conditions": null, + "current_replicas": 3, + "current_revision": "test-cluster-pd-859db88ddf", + "observed_generation": 1, + "ready_replicas": 3, + "replicas": 3, + "update_revision": "test-cluster-pd-859db88ddf", + "updated_replicas": 3 + } + }, + "test-cluster-tidb": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": { + "pingcap.com/last-applied-configuration": "{\"replicas\":3,\"selector\":{\"matchLabels\":{\"app.kubernetes.io/component\":\"tidb\",\"app.kubernetes.io/instance\":\"test-cluster\",\"app.kubernetes.io/managed-by\":\"tidb-operator\",\"app.kubernetes.io/name\":\"tidb-cluster\"}},\"template\":{\"metadata\":{\"creationTimestamp\":null,\"labels\":{\"app.kubernetes.io/component\":\"tidb\",\"app.kubernetes.io/instance\":\"test-cluster\",\"app.kubernetes.io/managed-by\":\"tidb-operator\",\"app.kubernetes.io/name\":\"tidb-cluster\"},\"annotations\":{\"prometheus.io/path\":\"/metrics\",\"prometheus.io/port\":\"10080\",\"prometheus.io/scrape\":\"true\"}},\"spec\":{\"volumes\":[{\"name\":\"annotations\",\"downwardAPI\":{\"items\":[{\"path\":\"annotations\",\"fieldRef\":{\"fieldPath\":\"metadata.annotations\"}}]}},{\"name\":\"config\",\"configMap\":{\"name\":\"test-cluster-tidb-6662316\",\"items\":[{\"key\":\"config-file\",\"path\":\"tidb.toml\"}]}},{\"name\":\"startup-script\",\"configMap\":{\"name\":\"test-cluster-tidb-6662316\",\"items\":[{\"key\":\"startup-script\",\"path\":\"tidb_start_script.sh\"}]}},{\"name\":\"slowlog\",\"emptyDir\":{}}],\"containers\":[{\"name\":\"slowlog\",\"image\":\"busybox:1.34.1\",\"command\":[\"sh\",\"-c\",\"touch /var/log/tidb/slowlog; tail -n0 -F /var/log/tidb/slowlog;\"],\"resources\":{},\"volumeMounts\":[{\"name\":\"slowlog\",\"mountPath\":\"/var/log/tidb\"}],\"imagePullPolicy\":\"IfNotPresent\"},{\"name\":\"tidb\",\"image\":\"pingcap/tidb:v5.4.0\",\"command\":[\"/bin/sh\",\"/usr/local/bin/tidb_start_script.sh\"],\"ports\":[{\"name\":\"server\",\"containerPort\":4000,\"protocol\":\"TCP\"},{\"name\":\"status\",\"containerPort\":10080,\"protocol\":\"TCP\"}],\"env\":[{\"name\":\"CLUSTER_NAME\",\"value\":\"test-cluster\"},{\"name\":\"TZ\",\"value\":\"UTC\"},{\"name\":\"BINLOG_ENABLED\",\"value\":\"false\"},{\"name\":\"SLOW_LOG_FILE\",\"value\":\"/var/log/tidb/slowlog\"},{\"name\":\"POD_NAME\",\"valueFrom\":{\"fieldRef\":{\"fieldPath\":\"metadata.name\"}}},{\"name\":\"NAMESPACE\",\"valueFrom\":{\"fieldRef\":{\"fieldPath\":\"metadata.namespace\"}}},{\"name\":\"HEADLESS_SERVICE_NAME\",\"value\":\"test-cluster-tidb-peer\"}],\"resources\":{},\"volumeMounts\":[{\"name\":\"annotations\",\"readOnly\":true,\"mountPath\":\"/etc/podinfo\"},{\"name\":\"config\",\"readOnly\":true,\"mountPath\":\"/etc/tidb\"},{\"name\":\"startup-script\",\"readOnly\":true,\"mountPath\":\"/usr/local/bin\"},{\"name\":\"slowlog\",\"mountPath\":\"/var/log/tidb\"}],\"readinessProbe\":{\"tcpSocket\":{\"port\":4000},\"initialDelaySeconds\":10},\"imagePullPolicy\":\"IfNotPresent\"}],\"restartPolicy\":\"Always\",\"dnsPolicy\":\"ClusterFirst\"}},\"serviceName\":\"test-cluster-tidb-peer\",\"podManagementPolicy\":\"Parallel\",\"updateStrategy\":{\"type\":\"RollingUpdate\",\"rollingUpdate\":{\"partition\":3}},\"revisionHistoryLimit\":10}" + }, + "creation_timestamp": "2024-02-27T01:20:52+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": 4, + "labels": { + "app.kubernetes.io/component": "tidb", + "app.kubernetes.io/instance": "test-cluster", + "app.kubernetes.io/managed-by": "tidb-operator", + "app.kubernetes.io/name": "tidb-cluster" + }, + "managed_fields": [ + { + "api_version": "apps/v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:status": { + "f:availableReplicas": {}, + "f:currentReplicas": {}, + "f:readyReplicas": {}, + "f:replicas": {} + } + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:22:26+00:00" + }, + { + "api_version": "apps/v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:status": { + "f:observedGeneration": {}, + "f:updateRevision": {}, + "f:updatedReplicas": {} + } + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": "status", + "time": "2024-02-27T01:29:55+00:00" + }, + { + "api_version": "apps/v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + ".": {}, + "f:pingcap.com/last-applied-configuration": {} + }, + "f:labels": { + ".": {}, + "f:app.kubernetes.io/component": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {} + }, + "f:ownerReferences": { + ".": {}, + "k:{\"uid\":\"eff6561e-bf0d-471c-99a1-71f35603bc87\"}": {} + } + }, + "f:spec": { + "f:persistentVolumeClaimRetentionPolicy": { + ".": {}, + "f:whenDeleted": {}, + "f:whenScaled": {} + }, + "f:podManagementPolicy": {}, + "f:replicas": {}, + "f:revisionHistoryLimit": {}, + "f:selector": {}, + "f:serviceName": {}, + "f:template": { + "f:metadata": { + "f:annotations": { + ".": {}, + "f:prometheus.io/path": {}, + "f:prometheus.io/port": {}, + "f:prometheus.io/scrape": {} + }, + "f:labels": { + ".": {}, + "f:app.kubernetes.io/component": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {} + } + }, + "f:spec": { + "f:containers": { + "k:{\"name\":\"slowlog\"}": { + ".": {}, + "f:command": {}, + "f:image": {}, + "f:imagePullPolicy": {}, + "f:name": {}, + "f:resources": {}, + "f:terminationMessagePath": {}, + "f:terminationMessagePolicy": {}, + "f:volumeMounts": { + ".": {}, + "k:{\"mountPath\":\"/var/log/tidb\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {} + } + } + }, + "k:{\"name\":\"tidb\"}": { + ".": {}, + "f:command": {}, + "f:env": { + ".": {}, + "k:{\"name\":\"BINLOG_ENABLED\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"CLUSTER_NAME\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"HEADLESS_SERVICE_NAME\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"NAMESPACE\"}": { + ".": {}, + "f:name": {}, + "f:valueFrom": { + ".": {}, + "f:fieldRef": {} + } + }, + "k:{\"name\":\"POD_NAME\"}": { + ".": {}, + "f:name": {}, + "f:valueFrom": { + ".": {}, + "f:fieldRef": {} + } + }, + "k:{\"name\":\"SLOW_LOG_FILE\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"TZ\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + } + }, + "f:image": {}, + "f:imagePullPolicy": {}, + "f:name": {}, + "f:ports": { + ".": {}, + "k:{\"containerPort\":4000,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + }, + "k:{\"containerPort\":10080,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + } + }, + "f:readinessProbe": { + ".": {}, + "f:failureThreshold": {}, + "f:initialDelaySeconds": {}, + "f:periodSeconds": {}, + "f:successThreshold": {}, + "f:tcpSocket": { + ".": {}, + "f:port": {} + }, + "f:timeoutSeconds": {} + }, + "f:resources": {}, + "f:terminationMessagePath": {}, + "f:terminationMessagePolicy": {}, + "f:volumeMounts": { + ".": {}, + "k:{\"mountPath\":\"/etc/podinfo\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {}, + "f:readOnly": {} + }, + "k:{\"mountPath\":\"/etc/tidb\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {}, + "f:readOnly": {} + }, + "k:{\"mountPath\":\"/usr/local/bin\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {}, + "f:readOnly": {} + }, + "k:{\"mountPath\":\"/var/log/tidb\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {} + } + } + } + }, + "f:dnsPolicy": {}, + "f:restartPolicy": {}, + "f:schedulerName": {}, + "f:securityContext": {}, + "f:terminationGracePeriodSeconds": {}, + "f:volumes": { + ".": {}, + "k:{\"name\":\"annotations\"}": { + ".": {}, + "f:downwardAPI": { + ".": {}, + "f:defaultMode": {}, + "f:items": {} + }, + "f:name": {} + }, + "k:{\"name\":\"config\"}": { + ".": {}, + "f:configMap": { + ".": {}, + "f:defaultMode": {}, + "f:items": {}, + "f:name": {} + }, + "f:name": {} + }, + "k:{\"name\":\"slowlog\"}": { + ".": {}, + "f:emptyDir": {}, + "f:name": {} + }, + "k:{\"name\":\"startup-script\"}": { + ".": {}, + "f:configMap": { + ".": {}, + "f:defaultMode": {}, + "f:items": {}, + "f:name": {} + }, + "f:name": {} + } + } + } + }, + "f:updateStrategy": { + "f:rollingUpdate": { + ".": {}, + "f:partition": {} + }, + "f:type": {} + } + } + }, + "manager": "tidb-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:29:55+00:00" + } + ], + "name": "test-cluster-tidb", + "namespace": "acto-namespace", + "owner_references": [ + { + "api_version": "pingcap.com/v1alpha1", + "block_owner_deletion": true, + "controller": true, + "kind": "TidbCluster", + "name": "test-cluster", + "uid": "eff6561e-bf0d-471c-99a1-71f35603bc87" + } + ], + "resource_version": "2733", + "self_link": null, + "uid": "275a96f1-4db6-4070-a665-2df5d784b843" + }, + "spec": { + "min_ready_seconds": null, + "ordinals": null, + "persistent_volume_claim_retention_policy": { + "when_deleted": "Retain", + "when_scaled": "Retain" + }, + "pod_management_policy": "Parallel", + "replicas": 3, + "revision_history_limit": 10, + "selector": { + "match_expressions": null, + "match_labels": { + "app.kubernetes.io/component": "tidb", + "app.kubernetes.io/instance": "test-cluster", + "app.kubernetes.io/managed-by": "tidb-operator", + "app.kubernetes.io/name": "tidb-cluster" + } + }, + "service_name": "test-cluster-tidb-peer", + "template": { + "metadata": { + "annotations": { + "prometheus.io/path": "/metrics", + "prometheus.io/port": "10080", + "prometheus.io/scrape": "true" + }, + "creation_timestamp": null, + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": { + "app.kubernetes.io/component": "tidb", + "app.kubernetes.io/instance": "test-cluster", + "app.kubernetes.io/managed-by": "tidb-operator", + "app.kubernetes.io/name": "tidb-cluster" + }, + "managed_fields": null, + "name": null, + "namespace": null, + "owner_references": null, + "resource_version": null, + "self_link": null, + "uid": null + }, + "spec": { + "active_deadline_seconds": null, + "affinity": null, + "automount_service_account_token": null, + "containers": [ + { + "args": null, + "command": [ + "sh", + "-c", + "touch /var/log/tidb/slowlog; tail -n0 -F /var/log/tidb/slowlog;" + ], + "env": null, + "env_from": null, + "image": "busybox:1.34.1", + "image_pull_policy": "IfNotPresent", + "lifecycle": null, + "liveness_probe": null, + "name": "slowlog", + "ports": null, + "readiness_probe": null, + "resources": { + "claims": null, + "limits": null, + "requests": null + }, + "security_context": null, + "startup_probe": null, + "stdin": null, + "stdin_once": null, + "termination_message_path": "/dev/termination-log", + "termination_message_policy": "File", + "tty": null, + "volume_devices": null, + "volume_mounts": [ + { + "mount_path": "/var/log/tidb", + "mount_propagation": null, + "name": "slowlog", + "read_only": null, + "sub_path": null, + "sub_path_expr": null + } + ], + "working_dir": null + }, + { + "args": null, + "command": [ + "/bin/sh", + "/usr/local/bin/tidb_start_script.sh" + ], + "env": [ + { + "name": "CLUSTER_NAME", + "value": "test-cluster", + "value_from": null + }, + { + "name": "TZ", + "value": "UTC", + "value_from": null + }, + { + "name": "BINLOG_ENABLED", + "value": "false", + "value_from": null + }, + { + "name": "SLOW_LOG_FILE", + "value": "/var/log/tidb/slowlog", + "value_from": null + }, + { + "name": "POD_NAME", + "value": null, + "value_from": { + "config_map_key_ref": null, + "field_ref": { + "api_version": "v1", + "field_path": "metadata.name" + }, + "resource_field_ref": null, + "secret_key_ref": null + } + }, + { + "name": "NAMESPACE", + "value": null, + "value_from": { + "config_map_key_ref": null, + "field_ref": { + "api_version": "v1", + "field_path": "metadata.namespace" + }, + "resource_field_ref": null, + "secret_key_ref": null + } + }, + { + "name": "HEADLESS_SERVICE_NAME", + "value": "test-cluster-tidb-peer", + "value_from": null + } + ], + "env_from": null, + "image": "pingcap/tidb:v5.4.0", + "image_pull_policy": "IfNotPresent", + "lifecycle": null, + "liveness_probe": null, + "name": "tidb", + "ports": [ + { + "container_port": 4000, + "host_ip": null, + "host_port": null, + "name": "server", + "protocol": "TCP" + }, + { + "container_port": 10080, + "host_ip": null, + "host_port": null, + "name": "status", + "protocol": "TCP" + } + ], + "readiness_probe": { + "_exec": null, + "failure_threshold": 3, + "grpc": null, + "http_get": null, + "initial_delay_seconds": 10, + "period_seconds": 10, + "success_threshold": 1, + "tcp_socket": { + "host": null, + "port": 4000 + }, + "termination_grace_period_seconds": null, + "timeout_seconds": 1 + }, + "resources": { + "claims": null, + "limits": null, + "requests": null + }, + "security_context": null, + "startup_probe": null, + "stdin": null, + "stdin_once": null, + "termination_message_path": "/dev/termination-log", + "termination_message_policy": "File", + "tty": null, + "volume_devices": null, + "volume_mounts": [ + { + "mount_path": "/etc/podinfo", + "mount_propagation": null, + "name": "annotations", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/etc/tidb", + "mount_propagation": null, + "name": "config", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/usr/local/bin", + "mount_propagation": null, + "name": "startup-script", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/var/log/tidb", + "mount_propagation": null, + "name": "slowlog", + "read_only": null, + "sub_path": null, + "sub_path_expr": null + } + ], + "working_dir": null + } + ], + "dns_config": null, + "dns_policy": "ClusterFirst", + "enable_service_links": null, + "ephemeral_containers": null, + "host_aliases": null, + "host_ipc": null, + "host_network": null, + "host_pid": null, + "host_users": null, + "hostname": null, + "image_pull_secrets": null, + "init_containers": null, + "node_name": null, + "node_selector": null, + "os": null, + "overhead": null, + "preemption_policy": null, + "priority": null, + "priority_class_name": null, + "readiness_gates": null, + "resource_claims": null, + "restart_policy": "Always", + "runtime_class_name": null, + "scheduler_name": "default-scheduler", + "scheduling_gates": null, + "security_context": { + "fs_group": null, + "fs_group_change_policy": null, + "run_as_group": null, + "run_as_non_root": null, + "run_as_user": null, + "se_linux_options": null, + "seccomp_profile": null, + "supplemental_groups": null, + "sysctls": null, + "windows_options": null + }, + "service_account": null, + "service_account_name": null, + "set_hostname_as_fqdn": null, + "share_process_namespace": null, + "subdomain": null, + "termination_grace_period_seconds": 30, + "tolerations": null, + "topology_spread_constraints": null, + "volumes": [ + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": { + "default_mode": 420, + "items": [ + { + "field_ref": { + "api_version": "v1", + "field_path": "metadata.annotations" + }, + "mode": null, + "path": "annotations", + "resource_field_ref": null + } + ] + }, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "annotations", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": { + "default_mode": 420, + "items": [ + { + "key": "config-file", + "mode": null, + "path": "tidb.toml" + } + ], + "name": "test-cluster-tidb-6662316", + "optional": null + }, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "config", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": { + "default_mode": 420, + "items": [ + { + "key": "startup-script", + "mode": null, + "path": "tidb_start_script.sh" + } + ], + "name": "test-cluster-tidb-6662316", + "optional": null + }, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "startup-script", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": null, + "empty_dir": { + "medium": null, + "size_limit": null + }, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "slowlog", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + } + ] + } + }, + "update_strategy": { + "rolling_update": { + "max_unavailable": null, + "partition": 3 + }, + "type": "RollingUpdate" + }, + "volume_claim_templates": null + }, + "status": { + "available_replicas": 2, + "collision_count": 0, + "conditions": null, + "current_replicas": 2, + "current_revision": "test-cluster-tidb-788bdc6cfc", + "observed_generation": 4, + "ready_replicas": 2, + "replicas": 3, + "update_revision": "test-cluster-tidb-788bdc6cfc", + "updated_replicas": 2 + } + }, + "test-cluster-tikv": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": { + "pingcap.com/last-applied-configuration": "{\"replicas\":3,\"selector\":{\"matchLabels\":{\"app.kubernetes.io/component\":\"tikv\",\"app.kubernetes.io/instance\":\"test-cluster\",\"app.kubernetes.io/managed-by\":\"tidb-operator\",\"app.kubernetes.io/name\":\"tidb-cluster\"}},\"template\":{\"metadata\":{\"creationTimestamp\":null,\"labels\":{\"app.kubernetes.io/component\":\"tikv\",\"app.kubernetes.io/instance\":\"test-cluster\",\"app.kubernetes.io/managed-by\":\"tidb-operator\",\"app.kubernetes.io/name\":\"tidb-cluster\"},\"annotations\":{\"prometheus.io/path\":\"/metrics\",\"prometheus.io/port\":\"20180\",\"prometheus.io/scrape\":\"true\"}},\"spec\":{\"volumes\":[{\"name\":\"annotations\",\"downwardAPI\":{\"items\":[{\"path\":\"annotations\",\"fieldRef\":{\"fieldPath\":\"metadata.annotations\"}}]}},{\"name\":\"config\",\"configMap\":{\"name\":\"test-cluster-tikv-3831336\",\"items\":[{\"key\":\"config-file\",\"path\":\"tikv.toml\"}]}},{\"name\":\"startup-script\",\"configMap\":{\"name\":\"test-cluster-tikv-3831336\",\"items\":[{\"key\":\"startup-script\",\"path\":\"tikv_start_script.sh\"}]}}],\"containers\":[{\"name\":\"raftlog\",\"image\":\"busybox:1.34.1\",\"command\":[\"sh\",\"-c\",\"touch /var/lib/tikv/raftdb.info; tail -n0 -F /var/lib/tikv/raftdb.info;\"],\"resources\":{},\"volumeMounts\":[{\"name\":\"tikv\",\"mountPath\":\"/var/lib/tikv\"}],\"imagePullPolicy\":\"IfNotPresent\"},{\"name\":\"tikv\",\"image\":\"pingcap/tikv:v5.4.0\",\"command\":[\"/bin/sh\",\"/usr/local/bin/tikv_start_script.sh\"],\"ports\":[{\"name\":\"server\",\"containerPort\":20160,\"protocol\":\"TCP\"}],\"env\":[{\"name\":\"NAMESPACE\",\"valueFrom\":{\"fieldRef\":{\"fieldPath\":\"metadata.namespace\"}}},{\"name\":\"CLUSTER_NAME\",\"value\":\"test-cluster\"},{\"name\":\"HEADLESS_SERVICE_NAME\",\"value\":\"test-cluster-tikv-peer\"},{\"name\":\"CAPACITY\",\"value\":\"0\"},{\"name\":\"TZ\",\"value\":\"UTC\"}],\"resources\":{},\"volumeMounts\":[{\"name\":\"annotations\",\"readOnly\":true,\"mountPath\":\"/etc/podinfo\"},{\"name\":\"tikv\",\"mountPath\":\"/var/lib/tikv\"},{\"name\":\"config\",\"readOnly\":true,\"mountPath\":\"/etc/tikv\"},{\"name\":\"startup-script\",\"readOnly\":true,\"mountPath\":\"/usr/local/bin\"}],\"imagePullPolicy\":\"IfNotPresent\",\"securityContext\":{\"privileged\":false}}],\"restartPolicy\":\"Always\",\"dnsPolicy\":\"ClusterFirst\"}},\"volumeClaimTemplates\":[{\"metadata\":{\"name\":\"tikv\",\"creationTimestamp\":null},\"spec\":{\"accessModes\":[\"ReadWriteOnce\"],\"resources\":{\"requests\":{\"storage\":\"100Gi\"}}},\"status\":{}}],\"serviceName\":\"test-cluster-tikv-peer\",\"podManagementPolicy\":\"Parallel\",\"updateStrategy\":{\"type\":\"RollingUpdate\",\"rollingUpdate\":{\"partition\":3}}}" + }, + "creation_timestamp": "2024-02-27T01:20:22+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": 1, + "labels": { + "app.kubernetes.io/component": "tikv", + "app.kubernetes.io/instance": "test-cluster", + "app.kubernetes.io/managed-by": "tidb-operator", + "app.kubernetes.io/name": "tidb-cluster" + }, + "managed_fields": [ + { + "api_version": "apps/v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + ".": {}, + "f:pingcap.com/last-applied-configuration": {} + }, + "f:labels": { + ".": {}, + "f:app.kubernetes.io/component": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {} + }, + "f:ownerReferences": { + ".": {}, + "k:{\"uid\":\"eff6561e-bf0d-471c-99a1-71f35603bc87\"}": {} + } + }, + "f:spec": { + "f:persistentVolumeClaimRetentionPolicy": { + ".": {}, + "f:whenDeleted": {}, + "f:whenScaled": {} + }, + "f:podManagementPolicy": {}, + "f:replicas": {}, + "f:revisionHistoryLimit": {}, + "f:selector": {}, + "f:serviceName": {}, + "f:template": { + "f:metadata": { + "f:annotations": { + ".": {}, + "f:prometheus.io/path": {}, + "f:prometheus.io/port": {}, + "f:prometheus.io/scrape": {} + }, + "f:labels": { + ".": {}, + "f:app.kubernetes.io/component": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {} + } + }, + "f:spec": { + "f:containers": { + "k:{\"name\":\"raftlog\"}": { + ".": {}, + "f:command": {}, + "f:image": {}, + "f:imagePullPolicy": {}, + "f:name": {}, + "f:resources": {}, + "f:terminationMessagePath": {}, + "f:terminationMessagePolicy": {}, + "f:volumeMounts": { + ".": {}, + "k:{\"mountPath\":\"/var/lib/tikv\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {} + } + } + }, + "k:{\"name\":\"tikv\"}": { + ".": {}, + "f:command": {}, + "f:env": { + ".": {}, + "k:{\"name\":\"CAPACITY\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"CLUSTER_NAME\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"HEADLESS_SERVICE_NAME\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"NAMESPACE\"}": { + ".": {}, + "f:name": {}, + "f:valueFrom": { + ".": {}, + "f:fieldRef": {} + } + }, + "k:{\"name\":\"TZ\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + } + }, + "f:image": {}, + "f:imagePullPolicy": {}, + "f:name": {}, + "f:ports": { + ".": {}, + "k:{\"containerPort\":20160,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + } + }, + "f:resources": {}, + "f:securityContext": { + ".": {}, + "f:privileged": {} + }, + "f:terminationMessagePath": {}, + "f:terminationMessagePolicy": {}, + "f:volumeMounts": { + ".": {}, + "k:{\"mountPath\":\"/etc/podinfo\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {}, + "f:readOnly": {} + }, + "k:{\"mountPath\":\"/etc/tikv\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {}, + "f:readOnly": {} + }, + "k:{\"mountPath\":\"/usr/local/bin\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {}, + "f:readOnly": {} + }, + "k:{\"mountPath\":\"/var/lib/tikv\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {} + } + } + } + }, + "f:dnsPolicy": {}, + "f:restartPolicy": {}, + "f:schedulerName": {}, + "f:securityContext": {}, + "f:terminationGracePeriodSeconds": {}, + "f:volumes": { + ".": {}, + "k:{\"name\":\"annotations\"}": { + ".": {}, + "f:downwardAPI": { + ".": {}, + "f:defaultMode": {}, + "f:items": {} + }, + "f:name": {} + }, + "k:{\"name\":\"config\"}": { + ".": {}, + "f:configMap": { + ".": {}, + "f:defaultMode": {}, + "f:items": {}, + "f:name": {} + }, + "f:name": {} + }, + "k:{\"name\":\"startup-script\"}": { + ".": {}, + "f:configMap": { + ".": {}, + "f:defaultMode": {}, + "f:items": {}, + "f:name": {} + }, + "f:name": {} + } + } + } + }, + "f:updateStrategy": { + "f:rollingUpdate": { + ".": {}, + "f:partition": {} + }, + "f:type": {} + }, + "f:volumeClaimTemplates": {} + } + }, + "manager": "tidb-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:22+00:00" + }, + { + "api_version": "apps/v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:status": { + "f:availableReplicas": {}, + "f:collisionCount": {}, + "f:currentReplicas": {}, + "f:currentRevision": {}, + "f:observedGeneration": {}, + "f:readyReplicas": {}, + "f:replicas": {}, + "f:updateRevision": {}, + "f:updatedReplicas": {} + } + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": "status", + "time": "2024-02-27T01:20:27+00:00" + } + ], + "name": "test-cluster-tikv", + "namespace": "acto-namespace", + "owner_references": [ + { + "api_version": "pingcap.com/v1alpha1", + "block_owner_deletion": true, + "controller": true, + "kind": "TidbCluster", + "name": "test-cluster", + "uid": "eff6561e-bf0d-471c-99a1-71f35603bc87" + } + ], + "resource_version": "1257", + "self_link": null, + "uid": "0ef3c69e-a6cc-4a35-915f-a63fca1b67f8" + }, + "spec": { + "min_ready_seconds": null, + "ordinals": null, + "persistent_volume_claim_retention_policy": { + "when_deleted": "Retain", + "when_scaled": "Retain" + }, + "pod_management_policy": "Parallel", + "replicas": 3, + "revision_history_limit": 10, + "selector": { + "match_expressions": null, + "match_labels": { + "app.kubernetes.io/component": "tikv", + "app.kubernetes.io/instance": "test-cluster", + "app.kubernetes.io/managed-by": "tidb-operator", + "app.kubernetes.io/name": "tidb-cluster" + } + }, + "service_name": "test-cluster-tikv-peer", + "template": { + "metadata": { + "annotations": { + "prometheus.io/path": "/metrics", + "prometheus.io/port": "20180", + "prometheus.io/scrape": "true" + }, + "creation_timestamp": null, + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": { + "app.kubernetes.io/component": "tikv", + "app.kubernetes.io/instance": "test-cluster", + "app.kubernetes.io/managed-by": "tidb-operator", + "app.kubernetes.io/name": "tidb-cluster" + }, + "managed_fields": null, + "name": null, + "namespace": null, + "owner_references": null, + "resource_version": null, + "self_link": null, + "uid": null + }, + "spec": { + "active_deadline_seconds": null, + "affinity": null, + "automount_service_account_token": null, + "containers": [ + { + "args": null, + "command": [ + "sh", + "-c", + "touch /var/lib/tikv/raftdb.info; tail -n0 -F /var/lib/tikv/raftdb.info;" + ], + "env": null, + "env_from": null, + "image": "busybox:1.34.1", + "image_pull_policy": "IfNotPresent", + "lifecycle": null, + "liveness_probe": null, + "name": "raftlog", + "ports": null, + "readiness_probe": null, + "resources": { + "claims": null, + "limits": null, + "requests": null + }, + "security_context": null, + "startup_probe": null, + "stdin": null, + "stdin_once": null, + "termination_message_path": "/dev/termination-log", + "termination_message_policy": "File", + "tty": null, + "volume_devices": null, + "volume_mounts": [ + { + "mount_path": "/var/lib/tikv", + "mount_propagation": null, + "name": "tikv", + "read_only": null, + "sub_path": null, + "sub_path_expr": null + } + ], + "working_dir": null + }, + { + "args": null, + "command": [ + "/bin/sh", + "/usr/local/bin/tikv_start_script.sh" + ], + "env": [ + { + "name": "NAMESPACE", + "value": null, + "value_from": { + "config_map_key_ref": null, + "field_ref": { + "api_version": "v1", + "field_path": "metadata.namespace" + }, + "resource_field_ref": null, + "secret_key_ref": null + } + }, + { + "name": "CLUSTER_NAME", + "value": "test-cluster", + "value_from": null + }, + { + "name": "HEADLESS_SERVICE_NAME", + "value": "test-cluster-tikv-peer", + "value_from": null + }, + { + "name": "CAPACITY", + "value": "0", + "value_from": null + }, + { + "name": "TZ", + "value": "UTC", + "value_from": null + } + ], + "env_from": null, + "image": "pingcap/tikv:v5.4.0", + "image_pull_policy": "IfNotPresent", + "lifecycle": null, + "liveness_probe": null, + "name": "tikv", + "ports": [ + { + "container_port": 20160, + "host_ip": null, + "host_port": null, + "name": "server", + "protocol": "TCP" + } + ], + "readiness_probe": null, + "resources": { + "claims": null, + "limits": null, + "requests": null + }, + "security_context": { + "allow_privilege_escalation": null, + "capabilities": null, + "privileged": false, + "proc_mount": null, + "read_only_root_filesystem": null, + "run_as_group": null, + "run_as_non_root": null, + "run_as_user": null, + "se_linux_options": null, + "seccomp_profile": null, + "windows_options": null + }, + "startup_probe": null, + "stdin": null, + "stdin_once": null, + "termination_message_path": "/dev/termination-log", + "termination_message_policy": "File", + "tty": null, + "volume_devices": null, + "volume_mounts": [ + { + "mount_path": "/etc/podinfo", + "mount_propagation": null, + "name": "annotations", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/var/lib/tikv", + "mount_propagation": null, + "name": "tikv", + "read_only": null, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/etc/tikv", + "mount_propagation": null, + "name": "config", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/usr/local/bin", + "mount_propagation": null, + "name": "startup-script", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + } + ], + "working_dir": null + } + ], + "dns_config": null, + "dns_policy": "ClusterFirst", + "enable_service_links": null, + "ephemeral_containers": null, + "host_aliases": null, + "host_ipc": null, + "host_network": null, + "host_pid": null, + "host_users": null, + "hostname": null, + "image_pull_secrets": null, + "init_containers": null, + "node_name": null, + "node_selector": null, + "os": null, + "overhead": null, + "preemption_policy": null, + "priority": null, + "priority_class_name": null, + "readiness_gates": null, + "resource_claims": null, + "restart_policy": "Always", + "runtime_class_name": null, + "scheduler_name": "default-scheduler", + "scheduling_gates": null, + "security_context": { + "fs_group": null, + "fs_group_change_policy": null, + "run_as_group": null, + "run_as_non_root": null, + "run_as_user": null, + "se_linux_options": null, + "seccomp_profile": null, + "supplemental_groups": null, + "sysctls": null, + "windows_options": null + }, + "service_account": null, + "service_account_name": null, + "set_hostname_as_fqdn": null, + "share_process_namespace": null, + "subdomain": null, + "termination_grace_period_seconds": 30, + "tolerations": null, + "topology_spread_constraints": null, + "volumes": [ + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": { + "default_mode": 420, + "items": [ + { + "field_ref": { + "api_version": "v1", + "field_path": "metadata.annotations" + }, + "mode": null, + "path": "annotations", + "resource_field_ref": null + } + ] + }, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "annotations", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": { + "default_mode": 420, + "items": [ + { + "key": "config-file", + "mode": null, + "path": "tikv.toml" + } + ], + "name": "test-cluster-tikv-3831336", + "optional": null + }, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "config", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": { + "default_mode": 420, + "items": [ + { + "key": "startup-script", + "mode": null, + "path": "tikv_start_script.sh" + } + ], + "name": "test-cluster-tikv-3831336", + "optional": null + }, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "startup-script", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + } + ] + } + }, + "update_strategy": { + "rolling_update": { + "max_unavailable": null, + "partition": 3 + }, + "type": "RollingUpdate" + }, + "volume_claim_templates": [ + { + "api_version": "v1", + "kind": "PersistentVolumeClaim", + "metadata": { + "annotations": null, + "creation_timestamp": null, + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": null, + "name": "tikv", + "namespace": null, + "owner_references": null, + "resource_version": null, + "self_link": null, + "uid": null + }, + "spec": { + "access_modes": [ + "ReadWriteOnce" + ], + "data_source": null, + "data_source_ref": null, + "resources": { + "claims": null, + "limits": null, + "requests": { + "storage": "100Gi" + } + }, + "selector": null, + "storage_class_name": null, + "volume_mode": "Filesystem", + "volume_name": null + }, + "status": { + "access_modes": null, + "allocated_resources": null, + "capacity": null, + "conditions": null, + "phase": "Pending", + "resize_status": null + } + } + ] + }, + "status": { + "available_replicas": 3, + "collision_count": 0, + "conditions": null, + "current_replicas": 3, + "current_revision": "test-cluster-tikv-797dfd54bf", + "observed_generation": 1, + "ready_replicas": 3, + "replicas": 3, + "update_revision": "test-cluster-tikv-797dfd54bf", + "updated_replicas": 3 + } + } + }, + "deployment": { + "test-cluster-discovery": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": { + "deployment.kubernetes.io/revision": "1", + "pingcap.com/last-applied-configuration": "{\"containers\":[{\"name\":\"discovery\",\"image\":\"pingcap/tidb-operator:v1.3.2\",\"command\":[\"/usr/local/bin/tidb-discovery\"],\"ports\":[{\"name\":\"discovery\",\"containerPort\":10261,\"protocol\":\"TCP\"},{\"name\":\"proxy\",\"containerPort\":10262,\"protocol\":\"TCP\"}],\"env\":[{\"name\":\"MY_POD_NAMESPACE\",\"valueFrom\":{\"fieldRef\":{\"fieldPath\":\"metadata.namespace\"}}},{\"name\":\"TZ\",\"value\":\"UTC\"},{\"name\":\"TC_NAME\",\"value\":\"test-cluster\"}],\"resources\":{},\"imagePullPolicy\":\"IfNotPresent\"}],\"restartPolicy\":\"Always\",\"dnsPolicy\":\"ClusterFirst\",\"serviceAccountName\":\"test-cluster-discovery\"}", + "pingcap.com/last-applied-podtemplate": "{\"containers\":[{\"name\":\"discovery\",\"image\":\"pingcap/tidb-operator:v1.3.2\",\"command\":[\"/usr/local/bin/tidb-discovery\"],\"ports\":[{\"name\":\"discovery\",\"containerPort\":10261,\"protocol\":\"TCP\"},{\"name\":\"proxy\",\"containerPort\":10262,\"protocol\":\"TCP\"}],\"env\":[{\"name\":\"MY_POD_NAMESPACE\",\"valueFrom\":{\"fieldRef\":{\"fieldPath\":\"metadata.namespace\"}}},{\"name\":\"TZ\",\"value\":\"UTC\"},{\"name\":\"TC_NAME\",\"value\":\"test-cluster\"}],\"resources\":{},\"imagePullPolicy\":\"IfNotPresent\"}],\"restartPolicy\":\"Always\",\"dnsPolicy\":\"ClusterFirst\",\"serviceAccountName\":\"test-cluster-discovery\"}" + }, + "creation_timestamp": "2024-02-27T01:19:59+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": 2, + "labels": { + "app.kubernetes.io/component": "discovery", + "app.kubernetes.io/instance": "test-cluster", + "app.kubernetes.io/managed-by": "tidb-operator", + "app.kubernetes.io/name": "tidb-cluster" + }, + "managed_fields": [ + { + "api_version": "apps/v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + ".": {}, + "f:pingcap.com/last-applied-configuration": {}, + "f:pingcap.com/last-applied-podtemplate": {} + }, + "f:labels": { + ".": {}, + "f:app.kubernetes.io/component": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {} + }, + "f:ownerReferences": { + ".": {}, + "k:{\"uid\":\"eff6561e-bf0d-471c-99a1-71f35603bc87\"}": {} + } + }, + "f:spec": { + "f:progressDeadlineSeconds": {}, + "f:replicas": {}, + "f:revisionHistoryLimit": {}, + "f:selector": {}, + "f:strategy": { + "f:type": {} + }, + "f:template": { + "f:metadata": { + "f:labels": { + ".": {}, + "f:app.kubernetes.io/component": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {} + } + }, + "f:spec": { + "f:containers": { + "k:{\"name\":\"discovery\"}": { + ".": {}, + "f:command": {}, + "f:env": { + ".": {}, + "k:{\"name\":\"MY_POD_NAMESPACE\"}": { + ".": {}, + "f:name": {}, + "f:valueFrom": { + ".": {}, + "f:fieldRef": {} + } + }, + "k:{\"name\":\"TC_NAME\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"TZ\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + } + }, + "f:image": {}, + "f:imagePullPolicy": {}, + "f:name": {}, + "f:ports": { + ".": {}, + "k:{\"containerPort\":10261,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + }, + "k:{\"containerPort\":10262,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + } + }, + "f:resources": {}, + "f:terminationMessagePath": {}, + "f:terminationMessagePolicy": {} + } + }, + "f:dnsPolicy": {}, + "f:restartPolicy": {}, + "f:schedulerName": {}, + "f:securityContext": {}, + "f:serviceAccount": {}, + "f:serviceAccountName": {}, + "f:terminationGracePeriodSeconds": {} + } + } + } + }, + "manager": "tidb-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:59+00:00" + }, + { + "api_version": "apps/v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:status": { + "f:availableReplicas": {}, + "f:conditions": { + "k:{\"type\":\"Available\"}": { + "f:lastTransitionTime": {}, + "f:lastUpdateTime": {}, + "f:message": {}, + "f:reason": {}, + "f:status": {} + }, + "k:{\"type\":\"Progressing\"}": { + "f:lastUpdateTime": {}, + "f:message": {}, + "f:reason": {} + } + }, + "f:readyReplicas": {} + } + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:01+00:00" + } + ], + "name": "test-cluster-discovery", + "namespace": "acto-namespace", + "owner_references": [ + { + "api_version": "pingcap.com/v1alpha1", + "block_owner_deletion": true, + "controller": true, + "kind": "TidbCluster", + "name": "test-cluster", + "uid": "eff6561e-bf0d-471c-99a1-71f35603bc87" + } + ], + "resource_version": "1026", + "self_link": null, + "uid": "8fd66bd1-82d7-4fd7-95b8-c25c509219de" + }, + "spec": { + "min_ready_seconds": null, + "paused": null, + "progress_deadline_seconds": 600, + "replicas": 1, + "revision_history_limit": 10, + "selector": { + "match_expressions": null, + "match_labels": { + "app.kubernetes.io/component": "discovery", + "app.kubernetes.io/instance": "test-cluster", + "app.kubernetes.io/managed-by": "tidb-operator", + "app.kubernetes.io/name": "tidb-cluster" + } + }, + "strategy": { + "rolling_update": null, + "type": "Recreate" + }, + "template": { + "metadata": { + "annotations": null, + "creation_timestamp": null, + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": { + "app.kubernetes.io/component": "discovery", + "app.kubernetes.io/instance": "test-cluster", + "app.kubernetes.io/managed-by": "tidb-operator", + "app.kubernetes.io/name": "tidb-cluster" + }, + "managed_fields": null, + "name": null, + "namespace": null, + "owner_references": null, + "resource_version": null, + "self_link": null, + "uid": null + }, + "spec": { + "active_deadline_seconds": null, + "affinity": null, + "automount_service_account_token": null, + "containers": [ + { + "args": null, + "command": [ + "/usr/local/bin/tidb-discovery" + ], + "env": [ + { + "name": "MY_POD_NAMESPACE", + "value": null, + "value_from": { + "config_map_key_ref": null, + "field_ref": { + "api_version": "v1", + "field_path": "metadata.namespace" + }, + "resource_field_ref": null, + "secret_key_ref": null + } + }, + { + "name": "TZ", + "value": "UTC", + "value_from": null + }, + { + "name": "TC_NAME", + "value": "test-cluster", + "value_from": null + } + ], + "env_from": null, + "image": "pingcap/tidb-operator:v1.3.2", + "image_pull_policy": "IfNotPresent", + "lifecycle": null, + "liveness_probe": null, + "name": "discovery", + "ports": [ + { + "container_port": 10261, + "host_ip": null, + "host_port": null, + "name": "discovery", + "protocol": "TCP" + }, + { + "container_port": 10262, + "host_ip": null, + "host_port": null, + "name": "proxy", + "protocol": "TCP" + } + ], + "readiness_probe": null, + "resources": { + "claims": null, + "limits": null, + "requests": null + }, + "security_context": null, + "startup_probe": null, + "stdin": null, + "stdin_once": null, + "termination_message_path": "/dev/termination-log", + "termination_message_policy": "File", + "tty": null, + "volume_devices": null, + "volume_mounts": null, + "working_dir": null + } + ], + "dns_config": null, + "dns_policy": "ClusterFirst", + "enable_service_links": null, + "ephemeral_containers": null, + "host_aliases": null, + "host_ipc": null, + "host_network": null, + "host_pid": null, + "host_users": null, + "hostname": null, + "image_pull_secrets": null, + "init_containers": null, + "node_name": null, + "node_selector": null, + "os": null, + "overhead": null, + "preemption_policy": null, + "priority": null, + "priority_class_name": null, + "readiness_gates": null, + "resource_claims": null, + "restart_policy": "Always", + "runtime_class_name": null, + "scheduler_name": "default-scheduler", + "scheduling_gates": null, + "security_context": { + "fs_group": null, + "fs_group_change_policy": null, + "run_as_group": null, + "run_as_non_root": null, + "run_as_user": null, + "se_linux_options": null, + "seccomp_profile": null, + "supplemental_groups": null, + "sysctls": null, + "windows_options": null + }, + "service_account": "test-cluster-discovery", + "service_account_name": "test-cluster-discovery", + "set_hostname_as_fqdn": null, + "share_process_namespace": null, + "subdomain": null, + "termination_grace_period_seconds": 30, + "tolerations": null, + "topology_spread_constraints": null, + "volumes": null + } + } + }, + "status": { + "available_replicas": 1, + "collision_count": null, + "conditions": [ + { + "last_transition_time": "2024-02-27T01:20:01+00:00", + "last_update_time": "2024-02-27T01:20:01+00:00", + "message": "Deployment has minimum availability.", + "reason": "MinimumReplicasAvailable", + "status": "True", + "type": "Available" + }, + { + "last_transition_time": "2024-02-27T01:19:59+00:00", + "last_update_time": "2024-02-27T01:20:01+00:00", + "message": "ReplicaSet \"test-cluster-discovery-689d8466cb\" has successfully progressed.", + "reason": "NewReplicaSetAvailable", + "status": "True", + "type": "Progressing" + } + ], + "observed_generation": 2, + "ready_replicas": 1, + "replicas": 1, + "unavailable_replicas": null, + "updated_replicas": 1 + } + }, + "tidb-controller-manager": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": { + "deployment.kubernetes.io/revision": "2" + }, + "creation_timestamp": "2024-02-27T01:19:29+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": 2, + "labels": { + "acto/tag": "operator-deployment", + "app.kubernetes.io/component": "controller-manager", + "app.kubernetes.io/instance": "acto-test-operator", + "app.kubernetes.io/managed-by": "Helm", + "app.kubernetes.io/name": "tidb-operator", + "helm.sh/chart": "tidb-operator-v1-canary" + }, + "managed_fields": [ + { + "api_version": "apps/v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:labels": { + "f:app.kubernetes.io/component": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {}, + "f:helm.sh/chart": {} + } + }, + "f:spec": { + "f:replicas": {}, + "f:selector": {}, + "f:template": { + "f:metadata": { + "f:labels": { + "f:app.kubernetes.io/component": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/name": {} + } + }, + "f:spec": { + "f:containers": { + "k:{\"name\":\"tidb-operator\"}": { + ".": {}, + "f:command": {}, + "f:env": { + "k:{\"name\":\"NAMESPACE\"}": { + ".": {}, + "f:name": {}, + "f:valueFrom": { + "f:fieldRef": {} + } + }, + "k:{\"name\":\"TZ\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + } + }, + "f:image": {}, + "f:imagePullPolicy": {}, + "f:livenessProbe": { + "f:failureThreshold": {}, + "f:initialDelaySeconds": {}, + "f:periodSeconds": {}, + "f:tcpSocket": { + "f:port": {} + } + }, + "f:name": {}, + "f:resources": { + "f:requests": { + "f:cpu": {}, + "f:memory": {} + } + } + } + }, + "f:serviceAccount": {} + } + } + } + }, + "manager": "kubectl", + "operation": "Apply", + "subresource": null, + "time": "2024-02-27T01:19:29+00:00" + }, + { + "api_version": "apps/v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:labels": { + "f:acto/tag": {} + } + }, + "f:spec": { + "f:template": { + "f:metadata": { + "f:labels": { + "f:acto/tag": {} + } + } + } + } + }, + "manager": "OpenAPI-Generator", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:34+00:00" + }, + { + "api_version": "apps/v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + ".": {}, + "f:deployment.kubernetes.io/revision": {} + } + }, + "f:status": { + "f:availableReplicas": {}, + "f:conditions": { + ".": {}, + "k:{\"type\":\"Available\"}": { + ".": {}, + "f:lastTransitionTime": {}, + "f:lastUpdateTime": {}, + "f:message": {}, + "f:reason": {}, + "f:status": {}, + "f:type": {} + }, + "k:{\"type\":\"Progressing\"}": { + ".": {}, + "f:lastTransitionTime": {}, + "f:lastUpdateTime": {}, + "f:message": {}, + "f:reason": {}, + "f:status": {}, + "f:type": {} + } + }, + "f:observedGeneration": {}, + "f:readyReplicas": {}, + "f:replicas": {}, + "f:updatedReplicas": {} + } + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": "status", + "time": "2024-02-27T01:19:35+00:00" + } + ], + "name": "tidb-controller-manager", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "782", + "self_link": null, + "uid": "9c9a1175-4094-401b-b70a-d6cf986e73ea" + }, + "spec": { + "min_ready_seconds": null, + "paused": null, + "progress_deadline_seconds": 600, + "replicas": 1, + "revision_history_limit": 10, + "selector": { + "match_expressions": null, + "match_labels": { + "app.kubernetes.io/component": "controller-manager", + "app.kubernetes.io/instance": "acto-test-operator", + "app.kubernetes.io/name": "tidb-operator" + } + }, + "strategy": { + "rolling_update": { + "max_surge": "25%", + "max_unavailable": "25%" + }, + "type": "RollingUpdate" + }, + "template": { + "metadata": { + "annotations": null, + "creation_timestamp": null, + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": { + "acto/tag": "operator-pod", + "app.kubernetes.io/component": "controller-manager", + "app.kubernetes.io/instance": "acto-test-operator", + "app.kubernetes.io/name": "tidb-operator" + }, + "managed_fields": null, + "name": null, + "namespace": null, + "owner_references": null, + "resource_version": null, + "self_link": null, + "uid": null + }, + "spec": { + "active_deadline_seconds": null, + "affinity": null, + "automount_service_account_token": null, + "containers": [ + { + "args": null, + "command": [ + "/usr/local/bin/tidb-controller-manager", + "-tidb-backup-manager-image=pingcap/tidb-backup-manager:v1.3.2", + "-tidb-discovery-image=pingcap/tidb-operator:v1.3.2", + "-cluster-scoped=true", + "-cluster-permission-node=true", + "-cluster-permission-pv=true", + "-cluster-permission-sc=true", + "-auto-failover=true", + "-pd-failover-period=5m", + "-tikv-failover-period=5m", + "-tiflash-failover-period=5m", + "-tidb-failover-period=5m", + "-dm-master-failover-period=5m", + "-dm-worker-failover-period=5m", + "-v=2" + ], + "env": [ + { + "name": "NAMESPACE", + "value": null, + "value_from": { + "config_map_key_ref": null, + "field_ref": { + "api_version": "v1", + "field_path": "metadata.namespace" + }, + "resource_field_ref": null, + "secret_key_ref": null + } + }, + { + "name": "TZ", + "value": "UTC", + "value_from": null + } + ], + "env_from": null, + "image": "pingcap/tidb-operator:v1.3.2", + "image_pull_policy": "IfNotPresent", + "lifecycle": null, + "liveness_probe": { + "_exec": null, + "failure_threshold": 10, + "grpc": null, + "http_get": null, + "initial_delay_seconds": 30, + "period_seconds": 10, + "success_threshold": 1, + "tcp_socket": { + "host": null, + "port": 6060 + }, + "termination_grace_period_seconds": null, + "timeout_seconds": 1 + }, + "name": "tidb-operator", + "ports": null, + "readiness_probe": null, + "resources": { + "claims": null, + "limits": null, + "requests": { + "cpu": "80m", + "memory": "50Mi" + } + }, + "security_context": null, + "startup_probe": null, + "stdin": null, + "stdin_once": null, + "termination_message_path": "/dev/termination-log", + "termination_message_policy": "File", + "tty": null, + "volume_devices": null, + "volume_mounts": null, + "working_dir": null + } + ], + "dns_config": null, + "dns_policy": "ClusterFirst", + "enable_service_links": null, + "ephemeral_containers": null, + "host_aliases": null, + "host_ipc": null, + "host_network": null, + "host_pid": null, + "host_users": null, + "hostname": null, + "image_pull_secrets": null, + "init_containers": null, + "node_name": null, + "node_selector": null, + "os": null, + "overhead": null, + "preemption_policy": null, + "priority": null, + "priority_class_name": null, + "readiness_gates": null, + "resource_claims": null, + "restart_policy": "Always", + "runtime_class_name": null, + "scheduler_name": "default-scheduler", + "scheduling_gates": null, + "security_context": { + "fs_group": null, + "fs_group_change_policy": null, + "run_as_group": null, + "run_as_non_root": null, + "run_as_user": null, + "se_linux_options": null, + "seccomp_profile": null, + "supplemental_groups": null, + "sysctls": null, + "windows_options": null + }, + "service_account": "tidb-controller-manager", + "service_account_name": "tidb-controller-manager", + "set_hostname_as_fqdn": null, + "share_process_namespace": null, + "subdomain": null, + "termination_grace_period_seconds": 30, + "tolerations": null, + "topology_spread_constraints": null, + "volumes": null + } + } + }, + "status": { + "available_replicas": 1, + "collision_count": null, + "conditions": [ + { + "last_transition_time": "2024-02-27T01:19:30+00:00", + "last_update_time": "2024-02-27T01:19:30+00:00", + "message": "Deployment has minimum availability.", + "reason": "MinimumReplicasAvailable", + "status": "True", + "type": "Available" + }, + { + "last_transition_time": "2024-02-27T01:19:29+00:00", + "last_update_time": "2024-02-27T01:19:35+00:00", + "message": "ReplicaSet \"tidb-controller-manager-7b6bdb846c\" has successfully progressed.", + "reason": "NewReplicaSetAvailable", + "status": "True", + "type": "Progressing" + } + ], + "observed_generation": 2, + "ready_replicas": 1, + "replicas": 1, + "unavailable_replicas": null, + "updated_replicas": 1 + } + }, + "tidb-scheduler": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": { + "deployment.kubernetes.io/revision": "2" + }, + "creation_timestamp": "2024-02-27T01:19:29+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": 2, + "labels": { + "acto/tag": "operator-deployment", + "app.kubernetes.io/component": "scheduler", + "app.kubernetes.io/instance": "acto-test-operator", + "app.kubernetes.io/managed-by": "Helm", + "app.kubernetes.io/name": "tidb-operator", + "helm.sh/chart": "tidb-operator-v1-canary" + }, + "managed_fields": [ + { + "api_version": "apps/v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:labels": { + "f:app.kubernetes.io/component": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {}, + "f:helm.sh/chart": {} + } + }, + "f:spec": { + "f:replicas": {}, + "f:selector": {}, + "f:template": { + "f:metadata": { + "f:labels": { + "f:app.kubernetes.io/component": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/name": {} + } + }, + "f:spec": { + "f:containers": { + "k:{\"name\":\"kube-scheduler\"}": { + ".": {}, + "f:command": {}, + "f:image": {}, + "f:imagePullPolicy": {}, + "f:name": {}, + "f:resources": { + "f:limits": { + "f:cpu": {}, + "f:memory": {} + }, + "f:requests": { + "f:cpu": {}, + "f:memory": {} + } + }, + "f:volumeMounts": { + "k:{\"mountPath\":\"/etc/kubernetes\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {} + } + } + }, + "k:{\"name\":\"tidb-scheduler\"}": { + ".": {}, + "f:command": {}, + "f:image": {}, + "f:imagePullPolicy": {}, + "f:name": {}, + "f:resources": { + "f:limits": { + "f:cpu": {}, + "f:memory": {} + }, + "f:requests": { + "f:cpu": {}, + "f:memory": {} + } + } + } + }, + "f:serviceAccount": {}, + "f:volumes": { + "k:{\"name\":\"scheduler-config\"}": { + ".": {}, + "f:configMap": { + "f:name": {} + }, + "f:name": {} + } + } + } + } + } + }, + "manager": "kubectl", + "operation": "Apply", + "subresource": null, + "time": "2024-02-27T01:19:29+00:00" + }, + { + "api_version": "apps/v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:labels": { + "f:acto/tag": {} + } + }, + "f:spec": { + "f:template": { + "f:metadata": { + "f:labels": { + "f:acto/tag": {} + } + } + } + } + }, + "manager": "OpenAPI-Generator", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:34+00:00" + }, + { + "api_version": "apps/v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + ".": {}, + "f:deployment.kubernetes.io/revision": {} + } + }, + "f:status": { + "f:availableReplicas": {}, + "f:conditions": { + ".": {}, + "k:{\"type\":\"Available\"}": { + ".": {}, + "f:lastTransitionTime": {}, + "f:lastUpdateTime": {}, + "f:message": {}, + "f:reason": {}, + "f:status": {}, + "f:type": {} + }, + "k:{\"type\":\"Progressing\"}": { + ".": {}, + "f:lastTransitionTime": {}, + "f:lastUpdateTime": {}, + "f:message": {}, + "f:reason": {}, + "f:status": {}, + "f:type": {} + } + }, + "f:observedGeneration": {}, + "f:readyReplicas": {}, + "f:replicas": {}, + "f:updatedReplicas": {} + } + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": "status", + "time": "2024-02-27T01:19:37+00:00" + } + ], + "name": "tidb-scheduler", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "803", + "self_link": null, + "uid": "20ba2e7c-07eb-48ca-a4b7-a91c7be753f3" + }, + "spec": { + "min_ready_seconds": null, + "paused": null, + "progress_deadline_seconds": 600, + "replicas": 1, + "revision_history_limit": 10, + "selector": { + "match_expressions": null, + "match_labels": { + "app.kubernetes.io/component": "scheduler", + "app.kubernetes.io/instance": "acto-test-operator", + "app.kubernetes.io/name": "tidb-operator" + } + }, + "strategy": { + "rolling_update": { + "max_surge": "25%", + "max_unavailable": "25%" + }, + "type": "RollingUpdate" + }, + "template": { + "metadata": { + "annotations": null, + "creation_timestamp": null, + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": { + "acto/tag": "operator-pod", + "app.kubernetes.io/component": "scheduler", + "app.kubernetes.io/instance": "acto-test-operator", + "app.kubernetes.io/name": "tidb-operator" + }, + "managed_fields": null, + "name": null, + "namespace": null, + "owner_references": null, + "resource_version": null, + "self_link": null, + "uid": null + }, + "spec": { + "active_deadline_seconds": null, + "affinity": null, + "automount_service_account_token": null, + "containers": [ + { + "args": null, + "command": [ + "/usr/local/bin/tidb-scheduler", + "-v=2", + "-port=10262" + ], + "env": null, + "env_from": null, + "image": "pingcap/tidb-operator:v1.3.2", + "image_pull_policy": "IfNotPresent", + "lifecycle": null, + "liveness_probe": null, + "name": "tidb-scheduler", + "ports": null, + "readiness_probe": null, + "resources": { + "claims": null, + "limits": { + "cpu": "250m", + "memory": "150Mi" + }, + "requests": { + "cpu": "80m", + "memory": "50Mi" + } + }, + "security_context": null, + "startup_probe": null, + "stdin": null, + "stdin_once": null, + "termination_message_path": "/dev/termination-log", + "termination_message_policy": "File", + "tty": null, + "volume_devices": null, + "volume_mounts": null, + "working_dir": null + }, + { + "args": null, + "command": [ + "kube-scheduler", + "--v=2", + "--config=/etc/kubernetes/scheduler-config.yaml" + ], + "env": null, + "env_from": null, + "image": "k8s.gcr.io/kube-scheduler:v1.22.9", + "image_pull_policy": "IfNotPresent", + "lifecycle": null, + "liveness_probe": null, + "name": "kube-scheduler", + "ports": null, + "readiness_probe": null, + "resources": { + "claims": null, + "limits": { + "cpu": "250m", + "memory": "150Mi" + }, + "requests": { + "cpu": "80m", + "memory": "50Mi" + } + }, + "security_context": null, + "startup_probe": null, + "stdin": null, + "stdin_once": null, + "termination_message_path": "/dev/termination-log", + "termination_message_policy": "File", + "tty": null, + "volume_devices": null, + "volume_mounts": [ + { + "mount_path": "/etc/kubernetes", + "mount_propagation": null, + "name": "scheduler-config", + "read_only": null, + "sub_path": null, + "sub_path_expr": null + } + ], + "working_dir": null + } + ], + "dns_config": null, + "dns_policy": "ClusterFirst", + "enable_service_links": null, + "ephemeral_containers": null, + "host_aliases": null, + "host_ipc": null, + "host_network": null, + "host_pid": null, + "host_users": null, + "hostname": null, + "image_pull_secrets": null, + "init_containers": null, + "node_name": null, + "node_selector": null, + "os": null, + "overhead": null, + "preemption_policy": null, + "priority": null, + "priority_class_name": null, + "readiness_gates": null, + "resource_claims": null, + "restart_policy": "Always", + "runtime_class_name": null, + "scheduler_name": "default-scheduler", + "scheduling_gates": null, + "security_context": { + "fs_group": null, + "fs_group_change_policy": null, + "run_as_group": null, + "run_as_non_root": null, + "run_as_user": null, + "se_linux_options": null, + "seccomp_profile": null, + "supplemental_groups": null, + "sysctls": null, + "windows_options": null + }, + "service_account": "tidb-scheduler", + "service_account_name": "tidb-scheduler", + "set_hostname_as_fqdn": null, + "share_process_namespace": null, + "subdomain": null, + "termination_grace_period_seconds": 30, + "tolerations": null, + "topology_spread_constraints": null, + "volumes": [ + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": { + "default_mode": 420, + "items": null, + "name": "tidb-scheduler-config", + "optional": null + }, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "scheduler-config", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + } + ] + } + } + }, + "status": { + "available_replicas": 1, + "collision_count": null, + "conditions": [ + { + "last_transition_time": "2024-02-27T01:19:32+00:00", + "last_update_time": "2024-02-27T01:19:32+00:00", + "message": "Deployment has minimum availability.", + "reason": "MinimumReplicasAvailable", + "status": "True", + "type": "Available" + }, + { + "last_transition_time": "2024-02-27T01:19:29+00:00", + "last_update_time": "2024-02-27T01:19:37+00:00", + "message": "ReplicaSet \"tidb-scheduler-77874455fc\" has successfully progressed.", + "reason": "NewReplicaSetAvailable", + "status": "True", + "type": "Progressing" + } + ], + "observed_generation": 2, + "ready_replicas": 1, + "replicas": 1, + "unavailable_replicas": null, + "updated_replicas": 1 + } + } + }, + "daemon_set": {}, + "config_map": { + "kube-root-ca.crt": { + "api_version": null, + "binary_data": null, + "data": { + "ca.crt": "-----BEGIN CERTIFICATE-----\nMIIDBTCCAe2gAwIBAgIIZ5THVDJZXfowDQYJKoZIhvcNAQELBQAwFTETMBEGA1UE\nAxMKa3ViZXJuZXRlczAeFw0yNDAyMjcwMTEzMzJaFw0zNDAyMjQwMTE4MzJaMBUx\nEzARBgNVBAMTCmt1YmVybmV0ZXMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK\nAoIBAQC1Y4Rwx+jwrwtDWJJOZ5NwOv+A8BinI3IHkXxnDLtH/gQzmHBGaJzQA78w\nLenHuRBNkouaCJ3LzEcivIhb40aYsM8uwu2eTQBEHBENK3OxkJ9QTr5fmYDLwBvb\nj7cvsRExy9fQV9ObFYJPDIw5u6DgiyXRbT2PFDuet6rwVFShRlrrIJ+iL5WtWvKK\n0Kn2qO9/iSSdDUcIIXP07pzVPYDrg+tlND4YrdIgl8LYqBiF1wDloi+Zl09vOGmt\nLbDY5mvkQxlSpUcIviLLNHbQ7KMLTzIZz2gvzWEPyQ20mWWiwDWdTB4H2w9Qiu42\n99G9Q8CglQtExnt56cSkqdJhJvwfAgMBAAGjWTBXMA4GA1UdDwEB/wQEAwICpDAP\nBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBQk8EwlGFM1CP/e8qI04IrQOALf1jAV\nBgNVHREEDjAMggprdWJlcm5ldGVzMA0GCSqGSIb3DQEBCwUAA4IBAQBXUKZmiMjl\nMbH5fAemGhfEC019prVPcP7ABB5cIq+V8bsPzGjhEv/+ZTeqwzYM8gU4Dq+vFErz\n2Mx55UmHkqo/yamqnKm19LvuSRmdE0Bhww4/WanACPJjvRJRh85IsI/cKiFPziIl\n0JbqWiV2o7HEDpLDA0Ya7fGSfQGmbgz3wo7+yU80eU9blO7J3fclTKfrDgvCERQO\nqqztfNuP/tOD42f2+El7F4O+yReF/aXA3BvQDNa2zT8PRs+dNFmQNwW12VVnFbuZ\nm0cbmXKnQs7Zm5gE9kqk0zjQRvd7UDLQC0YTBUBK7L18piQN0PdwySvsJkvMZkhn\nI5yzUmqVRIMn\n-----END CERTIFICATE-----\n" + }, + "immutable": null, + "kind": null, + "metadata": { + "annotations": { + "kubernetes.io/description": "Contains a CA bundle that can be used to verify the kube-apiserver when using internal endpoints such as the internal service IP or kubernetes.default.svc. No other usage is guaranteed across distributions of Kubernetes clusters." + }, + "creation_timestamp": "2024-02-27T01:19:22+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:data": { + ".": {}, + "f:ca.crt": {} + }, + "f:metadata": { + "f:annotations": { + ".": {}, + "f:kubernetes.io/description": {} + } + } + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:22+00:00" + } + ], + "name": "kube-root-ca.crt", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "628", + "self_link": null, + "uid": "99d40a37-6559-48b4-b71a-a3dd53006a1f" + } + }, + "test-cluster-pd-3731616": { + "api_version": null, + "binary_data": null, + "data": { + "config-file": "[dashboard]\n internal-proxy = true\n", + "startup-script": "#!/bin/sh\n\n# This script is used to start pd containers in kubernetes cluster\n\n# Use DownwardAPIVolumeFiles to store informations of the cluster:\n# https://kubernetes.io/docs/tasks/inject-data-application/downward-api-volume-expose-pod-information/#the-downward-api\n#\n# runmode=\"normal/debug\"\n#\n\nset -uo pipefail\n\nANNOTATIONS=\"/etc/podinfo/annotations\"\n\nif [[ ! -f \"${ANNOTATIONS}\" ]]\nthen\n echo \"${ANNOTATIONS} does't exist, exiting.\"\n exit 1\nfi\nsource ${ANNOTATIONS} 2>/dev/null\n\nrunmode=${runmode:-normal}\nif [[ X${runmode} == Xdebug ]]\nthen\n echo \"entering debug mode.\"\n tail -f /dev/null\nfi\n\n# Use HOSTNAME if POD_NAME is unset for backward compatibility.\nPOD_NAME=${POD_NAME:-$HOSTNAME}\n# the general form of variable PEER_SERVICE_NAME is: \"-pd-peer\"\ncluster_name=`echo ${PEER_SERVICE_NAME} | sed 's/-pd-peer//'`\ndomain=\"${POD_NAME}.${PEER_SERVICE_NAME}.${NAMESPACE}.svc\"\ndiscovery_url=\"${cluster_name}-discovery.${NAMESPACE}.svc:10261\"\nencoded_domain_url=`echo ${domain}:2380 | base64 | tr \"\\n\" \" \" | sed \"s/ //g\"`\nelapseTime=0\nperiod=1\nthreshold=30\nwhile true; do\nsleep ${period}\nelapseTime=$(( elapseTime+period ))\n\nif [[ ${elapseTime} -ge ${threshold} ]]\nthen\necho \"waiting for pd cluster ready timeout\" >&2\nexit 1\nfi\n\nif nslookup ${domain} 2>/dev/null\nthen\necho \"nslookup domain ${domain}.svc success\"\nbreak\nelse\necho \"nslookup domain ${domain} failed\" >&2\nfi\ndone\n\nARGS=\"--data-dir=/var/lib/pd \\\n--name=${POD_NAME} \\\n--peer-urls=http://0.0.0.0:2380 \\\n--advertise-peer-urls=http://${domain}:2380 \\\n--client-urls=http://0.0.0.0:2379 \\\n--advertise-client-urls=http://${domain}:2379 \\\n--config=/etc/pd/pd.toml \\\n\"\n\nif [[ -f /var/lib/pd/join ]]\nthen\n# The content of the join file is:\n# demo-pd-0=http://demo-pd-0.demo-pd-peer.demo.svc:2380,demo-pd-1=http://demo-pd-1.demo-pd-peer.demo.svc:2380\n# The --join args must be:\n# --join=http://demo-pd-0.demo-pd-peer.demo.svc:2380,http://demo-pd-1.demo-pd-peer.demo.svc:2380\njoin=`cat /var/lib/pd/join | tr \",\" \"\\n\" | awk -F'=' '{print $2}' | tr \"\\n\" \",\"`\njoin=${join%,}\nARGS=\"${ARGS} --join=${join}\"\nelif [[ ! -d /var/lib/pd/member/wal ]]\nthen\nuntil result=$(wget -qO- -T 3 http://${discovery_url}/new/${encoded_domain_url} 2>/dev/null); do\necho \"waiting for discovery service to return start args ...\"\nsleep $((RANDOM % 5))\ndone\nARGS=\"${ARGS}${result}\"\nfi\n\necho \"starting pd-server ...\"\nsleep $((RANDOM % 10))\necho \"/pd-server ${ARGS}\"\nexec /pd-server ${ARGS}\n" + }, + "immutable": null, + "kind": null, + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:19:59+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": { + "app.kubernetes.io/component": "pd", + "app.kubernetes.io/instance": "test-cluster", + "app.kubernetes.io/managed-by": "tidb-operator", + "app.kubernetes.io/name": "tidb-cluster" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:data": { + ".": {}, + "f:config-file": {}, + "f:startup-script": {} + }, + "f:metadata": { + "f:labels": { + ".": {}, + "f:app.kubernetes.io/component": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {} + }, + "f:ownerReferences": { + ".": {}, + "k:{\"uid\":\"eff6561e-bf0d-471c-99a1-71f35603bc87\"}": {} + } + } + }, + "manager": "tidb-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:59+00:00" + } + ], + "name": "test-cluster-pd-3731616", + "namespace": "acto-namespace", + "owner_references": [ + { + "api_version": "pingcap.com/v1alpha1", + "block_owner_deletion": true, + "controller": true, + "kind": "TidbCluster", + "name": "test-cluster", + "uid": "eff6561e-bf0d-471c-99a1-71f35603bc87" + } + ], + "resource_version": "878", + "self_link": null, + "uid": "e8f0acba-3029-41d3-97f4-d296393f3014" + } + }, + "test-cluster-tidb-6662316": { + "api_version": null, + "binary_data": null, + "data": { + "config-file": "[log]\n [log.file]\n max-backups = 3\n\n[performance]\n tcp-keep-alive = true\n", + "startup-script": "#!/bin/sh\n\n# This script is used to start tidb containers in kubernetes cluster\n\n# Use DownwardAPIVolumeFiles to store informations of the cluster:\n# https://kubernetes.io/docs/tasks/inject-data-application/downward-api-volume-expose-pod-information/#the-downward-api\n#\n# runmode=\"normal/debug\"\n#\nset -uo pipefail\n\nANNOTATIONS=\"/etc/podinfo/annotations\"\n\nif [[ ! -f \"${ANNOTATIONS}\" ]]\nthen\n echo \"${ANNOTATIONS} does't exist, exiting.\"\n exit 1\nfi\nsource ${ANNOTATIONS} 2>/dev/null\nrunmode=${runmode:-normal}\nif [[ X${runmode} == Xdebug ]]\nthen\n echo \"entering debug mode.\"\n tail -f /dev/null\nfi\n\n# Use HOSTNAME if POD_NAME is unset for backward compatibility.\nPOD_NAME=${POD_NAME:-$HOSTNAME}\nARGS=\"--store=tikv \\\n--advertise-address=${POD_NAME}.${HEADLESS_SERVICE_NAME}.${NAMESPACE}.svc \\\n--host=0.0.0.0 \\\n--path=${CLUSTER_NAME}-pd:2379 \\\n--config=/etc/tidb/tidb.toml\n\"\n\nif [[ X${BINLOG_ENABLED:-} == Xtrue ]]\nthen\n ARGS=\"${ARGS} --enable-binlog=true\"\nfi\n\nSLOW_LOG_FILE=${SLOW_LOG_FILE:-\"\"}\nif [[ ! -z \"${SLOW_LOG_FILE}\" ]]\nthen\n ARGS=\"${ARGS} --log-slow-query=${SLOW_LOG_FILE:-}\"\nfi\n\necho \"start tidb-server ...\"\necho \"/tidb-server ${ARGS}\"\nexec /tidb-server ${ARGS}\n" + }, + "immutable": null, + "kind": null, + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:52+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": { + "app.kubernetes.io/component": "tidb", + "app.kubernetes.io/instance": "test-cluster", + "app.kubernetes.io/managed-by": "tidb-operator", + "app.kubernetes.io/name": "tidb-cluster" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:data": { + ".": {}, + "f:config-file": {}, + "f:startup-script": {} + }, + "f:metadata": { + "f:labels": { + ".": {}, + "f:app.kubernetes.io/component": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {} + }, + "f:ownerReferences": { + ".": {}, + "k:{\"uid\":\"eff6561e-bf0d-471c-99a1-71f35603bc87\"}": {} + } + } + }, + "manager": "tidb-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:52+00:00" + } + ], + "name": "test-cluster-tidb-6662316", + "namespace": "acto-namespace", + "owner_references": [ + { + "api_version": "pingcap.com/v1alpha1", + "block_owner_deletion": true, + "controller": true, + "kind": "TidbCluster", + "name": "test-cluster", + "uid": "eff6561e-bf0d-471c-99a1-71f35603bc87" + } + ], + "resource_version": "1334", + "self_link": null, + "uid": "5d469b64-8189-40ac-ac5d-66c114e75604" + } + }, + "test-cluster-tikv-3831336": { + "api_version": null, + "binary_data": null, + "data": { + "config-file": "log-level = \"info\"\n", + "startup-script": "#!/bin/sh\n\n# This script is used to start tikv containers in kubernetes cluster\n\n# Use DownwardAPIVolumeFiles to store informations of the cluster:\n# https://kubernetes.io/docs/tasks/inject-data-application/downward-api-volume-expose-pod-information/#the-downward-api\n#\n# runmode=\"normal/debug\"\n#\n\nset -uo pipefail\n\nANNOTATIONS=\"/etc/podinfo/annotations\"\n\nif [[ ! -f \"${ANNOTATIONS}\" ]]\nthen\n echo \"${ANNOTATIONS} does't exist, exiting.\"\n exit 1\nfi\nsource ${ANNOTATIONS} 2>/dev/null\n\nrunmode=${runmode:-normal}\nif [[ X${runmode} == Xdebug ]]\nthen\n\techo \"entering debug mode.\"\n\ttail -f /dev/null\nfi\n\n# Use HOSTNAME if POD_NAME is unset for backward compatibility.\nPOD_NAME=${POD_NAME:-$HOSTNAME}\nARGS=\"--pd=http://${CLUSTER_NAME}-pd:2379 \\\n--advertise-addr=${POD_NAME}.${HEADLESS_SERVICE_NAME}.${NAMESPACE}.svc:20160 \\\n--addr=0.0.0.0:20160 \\\n--status-addr=0.0.0.0:20180 \\\n--advertise-status-addr=${POD_NAME}.${HEADLESS_SERVICE_NAME}.${NAMESPACE}.svc:20180 \\\n--data-dir=/var/lib/tikv \\\n--capacity=${CAPACITY} \\\n--config=/etc/tikv/tikv.toml\n\"\n\nif [ ! -z \"${STORE_LABELS:-}\" ]; then\n LABELS=\" --labels ${STORE_LABELS} \"\n ARGS=\"${ARGS}${LABELS}\"\nfi\n\necho \"starting tikv-server ...\"\necho \"/tikv-server ${ARGS}\"\nexec /tikv-server ${ARGS}\n" + }, + "immutable": null, + "kind": null, + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:22+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": { + "app.kubernetes.io/component": "tikv", + "app.kubernetes.io/instance": "test-cluster", + "app.kubernetes.io/managed-by": "tidb-operator", + "app.kubernetes.io/name": "tidb-cluster" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:data": { + ".": {}, + "f:config-file": {}, + "f:startup-script": {} + }, + "f:metadata": { + "f:labels": { + ".": {}, + "f:app.kubernetes.io/component": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {} + }, + "f:ownerReferences": { + ".": {}, + "k:{\"uid\":\"eff6561e-bf0d-471c-99a1-71f35603bc87\"}": {} + } + } + }, + "manager": "tidb-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:22+00:00" + } + ], + "name": "test-cluster-tikv-3831336", + "namespace": "acto-namespace", + "owner_references": [ + { + "api_version": "pingcap.com/v1alpha1", + "block_owner_deletion": true, + "controller": true, + "kind": "TidbCluster", + "name": "test-cluster", + "uid": "eff6561e-bf0d-471c-99a1-71f35603bc87" + } + ], + "resource_version": "1084", + "self_link": null, + "uid": "b38eb8e1-5d60-4588-bc0e-63f9fcd141ed" + } + }, + "tidb-scheduler-config": { + "api_version": null, + "binary_data": null, + "data": { + "scheduler-config.yaml": "\napiVersion: kubescheduler.config.k8s.io/v1beta1\nkind: KubeSchedulerConfiguration\nleaderElection:\n leaderElect: true\n resourceNamespace: acto-namespace\n resourceName: tidb-scheduler\nhealthzBindAddress: 0.0.0.0:10261\nmetricsBindAddress: 0.0.0.0:10261\nprofiles:\n - schedulerName: tidb-scheduler\nextenders:\n - urlPrefix: http://127.0.0.1:10262/scheduler\n filterVerb: filter\n preemptVerb: preempt\n weight: 1\n enableHTTPS: false\n httpTimeout: 30s" + }, + "immutable": null, + "kind": null, + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:19:29+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": { + "app.kubernetes.io/component": "scheduler", + "app.kubernetes.io/instance": "acto-test-operator", + "app.kubernetes.io/managed-by": "Helm", + "app.kubernetes.io/name": "tidb-operator", + "helm.sh/chart": "tidb-operator-v1-canary" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:data": { + "f:scheduler-config.yaml": {} + }, + "f:metadata": { + "f:labels": { + "f:app.kubernetes.io/component": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {}, + "f:helm.sh/chart": {} + } + } + }, + "manager": "kubectl", + "operation": "Apply", + "subresource": null, + "time": "2024-02-27T01:19:29+00:00" + } + ], + "name": "tidb-scheduler-config", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "670", + "self_link": null, + "uid": "6638d1a4-a2e6-4b27-9cac-00d69352ad49" + } + } + }, + "service": { + "test-cluster-discovery": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": { + "pingcap.com/last-applied-configuration": "{\"ports\":[{\"name\":\"discovery\",\"protocol\":\"TCP\",\"port\":10261,\"targetPort\":10261},{\"name\":\"proxy\",\"protocol\":\"TCP\",\"port\":10262,\"targetPort\":10262}],\"selector\":{\"app.kubernetes.io/component\":\"discovery\",\"app.kubernetes.io/instance\":\"test-cluster\",\"app.kubernetes.io/managed-by\":\"tidb-operator\",\"app.kubernetes.io/name\":\"tidb-cluster\"},\"type\":\"ClusterIP\"}" + }, + "creation_timestamp": "2024-02-27T01:19:59+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": { + "app.kubernetes.io/component": "discovery", + "app.kubernetes.io/instance": "test-cluster", + "app.kubernetes.io/managed-by": "tidb-operator", + "app.kubernetes.io/name": "tidb-cluster" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + ".": {}, + "f:pingcap.com/last-applied-configuration": {} + }, + "f:labels": { + ".": {}, + "f:app.kubernetes.io/component": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {} + }, + "f:ownerReferences": { + ".": {}, + "k:{\"uid\":\"eff6561e-bf0d-471c-99a1-71f35603bc87\"}": {} + } + }, + "f:spec": { + "f:internalTrafficPolicy": {}, + "f:ports": { + ".": {}, + "k:{\"port\":10261,\"protocol\":\"TCP\"}": { + ".": {}, + "f:name": {}, + "f:port": {}, + "f:protocol": {}, + "f:targetPort": {} + }, + "k:{\"port\":10262,\"protocol\":\"TCP\"}": { + ".": {}, + "f:name": {}, + "f:port": {}, + "f:protocol": {}, + "f:targetPort": {} + } + }, + "f:selector": {}, + "f:sessionAffinity": {}, + "f:type": {} + } + }, + "manager": "tidb-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:00+00:00" + } + ], + "name": "test-cluster-discovery", + "namespace": "acto-namespace", + "owner_references": [ + { + "api_version": "pingcap.com/v1alpha1", + "block_owner_deletion": true, + "controller": true, + "kind": "TidbCluster", + "name": "test-cluster", + "uid": "eff6561e-bf0d-471c-99a1-71f35603bc87" + } + ], + "resource_version": "928", + "self_link": null, + "uid": "dacb197f-8ce0-4941-90a3-0afbc90920be" + }, + "spec": { + "allocate_load_balancer_node_ports": null, + "cluster_ip": "10.96.113.100", + "cluster_i_ps": [ + "10.96.113.100" + ], + "external_i_ps": null, + "external_name": null, + "external_traffic_policy": null, + "health_check_node_port": null, + "internal_traffic_policy": "Cluster", + "ip_families": [ + "IPv4" + ], + "ip_family_policy": "SingleStack", + "load_balancer_class": null, + "load_balancer_ip": null, + "load_balancer_source_ranges": null, + "ports": [ + { + "app_protocol": null, + "name": "discovery", + "node_port": null, + "port": 10261, + "protocol": "TCP", + "target_port": 10261 + }, + { + "app_protocol": null, + "name": "proxy", + "node_port": null, + "port": 10262, + "protocol": "TCP", + "target_port": 10262 + } + ], + "publish_not_ready_addresses": null, + "selector": { + "app.kubernetes.io/component": "discovery", + "app.kubernetes.io/instance": "test-cluster", + "app.kubernetes.io/managed-by": "tidb-operator", + "app.kubernetes.io/name": "tidb-cluster" + }, + "session_affinity": "None", + "session_affinity_config": null, + "type": "ClusterIP" + }, + "status": { + "conditions": null, + "load_balancer": { + "ingress": null + } + } + }, + "test-cluster-pd": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": { + "pingcap.com/last-applied-configuration": "{\"ports\":[{\"name\":\"client\",\"protocol\":\"TCP\",\"port\":2379,\"targetPort\":2379}],\"selector\":{\"app.kubernetes.io/component\":\"pd\",\"app.kubernetes.io/instance\":\"test-cluster\",\"app.kubernetes.io/managed-by\":\"tidb-operator\",\"app.kubernetes.io/name\":\"tidb-cluster\"},\"type\":\"ClusterIP\"}" + }, + "creation_timestamp": "2024-02-27T01:19:59+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": { + "app.kubernetes.io/component": "pd", + "app.kubernetes.io/instance": "test-cluster", + "app.kubernetes.io/managed-by": "tidb-operator", + "app.kubernetes.io/name": "tidb-cluster", + "app.kubernetes.io/used-by": "end-user" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + ".": {}, + "f:pingcap.com/last-applied-configuration": {} + }, + "f:labels": { + ".": {}, + "f:app.kubernetes.io/component": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {}, + "f:app.kubernetes.io/used-by": {} + }, + "f:ownerReferences": { + ".": {}, + "k:{\"uid\":\"eff6561e-bf0d-471c-99a1-71f35603bc87\"}": {} + } + }, + "f:spec": { + "f:internalTrafficPolicy": {}, + "f:ports": { + ".": {}, + "k:{\"port\":2379,\"protocol\":\"TCP\"}": { + ".": {}, + "f:name": {}, + "f:port": {}, + "f:protocol": {}, + "f:targetPort": {} + } + }, + "f:selector": {}, + "f:sessionAffinity": {}, + "f:type": {} + } + }, + "manager": "tidb-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:59+00:00" + } + ], + "name": "test-cluster-pd", + "namespace": "acto-namespace", + "owner_references": [ + { + "api_version": "pingcap.com/v1alpha1", + "block_owner_deletion": true, + "controller": true, + "kind": "TidbCluster", + "name": "test-cluster", + "uid": "eff6561e-bf0d-471c-99a1-71f35603bc87" + } + ], + "resource_version": "866", + "self_link": null, + "uid": "bfca2001-d6f7-43f8-a2a7-49cd50d33a5c" + }, + "spec": { + "allocate_load_balancer_node_ports": null, + "cluster_ip": "10.96.11.162", + "cluster_i_ps": [ + "10.96.11.162" + ], + "external_i_ps": null, + "external_name": null, + "external_traffic_policy": null, + "health_check_node_port": null, + "internal_traffic_policy": "Cluster", + "ip_families": [ + "IPv4" + ], + "ip_family_policy": "SingleStack", + "load_balancer_class": null, + "load_balancer_ip": null, + "load_balancer_source_ranges": null, + "ports": [ + { + "app_protocol": null, + "name": "client", + "node_port": null, + "port": 2379, + "protocol": "TCP", + "target_port": 2379 + } + ], + "publish_not_ready_addresses": null, + "selector": { + "app.kubernetes.io/component": "pd", + "app.kubernetes.io/instance": "test-cluster", + "app.kubernetes.io/managed-by": "tidb-operator", + "app.kubernetes.io/name": "tidb-cluster" + }, + "session_affinity": "None", + "session_affinity_config": null, + "type": "ClusterIP" + }, + "status": { + "conditions": null, + "load_balancer": { + "ingress": null + } + } + }, + "test-cluster-pd-peer": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": { + "pingcap.com/last-applied-configuration": "{\"ports\":[{\"name\":\"tcp-peer-2380\",\"protocol\":\"TCP\",\"port\":2380,\"targetPort\":2380},{\"name\":\"tcp-peer-2379\",\"protocol\":\"TCP\",\"port\":2379,\"targetPort\":2379}],\"selector\":{\"app.kubernetes.io/component\":\"pd\",\"app.kubernetes.io/instance\":\"test-cluster\",\"app.kubernetes.io/managed-by\":\"tidb-operator\",\"app.kubernetes.io/name\":\"tidb-cluster\"},\"clusterIP\":\"None\",\"publishNotReadyAddresses\":true}" + }, + "creation_timestamp": "2024-02-27T01:19:59+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": { + "app.kubernetes.io/component": "pd", + "app.kubernetes.io/instance": "test-cluster", + "app.kubernetes.io/managed-by": "tidb-operator", + "app.kubernetes.io/name": "tidb-cluster", + "app.kubernetes.io/used-by": "peer" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + ".": {}, + "f:pingcap.com/last-applied-configuration": {} + }, + "f:labels": { + ".": {}, + "f:app.kubernetes.io/component": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {}, + "f:app.kubernetes.io/used-by": {} + }, + "f:ownerReferences": { + ".": {}, + "k:{\"uid\":\"eff6561e-bf0d-471c-99a1-71f35603bc87\"}": {} + } + }, + "f:spec": { + "f:clusterIP": {}, + "f:internalTrafficPolicy": {}, + "f:ports": { + ".": {}, + "k:{\"port\":2379,\"protocol\":\"TCP\"}": { + ".": {}, + "f:name": {}, + "f:port": {}, + "f:protocol": {}, + "f:targetPort": {} + }, + "k:{\"port\":2380,\"protocol\":\"TCP\"}": { + ".": {}, + "f:name": {}, + "f:port": {}, + "f:protocol": {}, + "f:targetPort": {} + } + }, + "f:publishNotReadyAddresses": {}, + "f:selector": {}, + "f:sessionAffinity": {}, + "f:type": {} + } + }, + "manager": "tidb-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:59+00:00" + } + ], + "name": "test-cluster-pd-peer", + "namespace": "acto-namespace", + "owner_references": [ + { + "api_version": "pingcap.com/v1alpha1", + "block_owner_deletion": true, + "controller": true, + "kind": "TidbCluster", + "name": "test-cluster", + "uid": "eff6561e-bf0d-471c-99a1-71f35603bc87" + } + ], + "resource_version": "873", + "self_link": null, + "uid": "4be4a2f6-d8ec-4083-8b16-079122485476" + }, + "spec": { + "allocate_load_balancer_node_ports": null, + "cluster_ip": "None", + "cluster_i_ps": [ + "None" + ], + "external_i_ps": null, + "external_name": null, + "external_traffic_policy": null, + "health_check_node_port": null, + "internal_traffic_policy": "Cluster", + "ip_families": [ + "IPv4" + ], + "ip_family_policy": "SingleStack", + "load_balancer_class": null, + "load_balancer_ip": null, + "load_balancer_source_ranges": null, + "ports": [ + { + "app_protocol": null, + "name": "tcp-peer-2380", + "node_port": null, + "port": 2380, + "protocol": "TCP", + "target_port": 2380 + }, + { + "app_protocol": null, + "name": "tcp-peer-2379", + "node_port": null, + "port": 2379, + "protocol": "TCP", + "target_port": 2379 + } + ], + "publish_not_ready_addresses": true, + "selector": { + "app.kubernetes.io/component": "pd", + "app.kubernetes.io/instance": "test-cluster", + "app.kubernetes.io/managed-by": "tidb-operator", + "app.kubernetes.io/name": "tidb-cluster" + }, + "session_affinity": "None", + "session_affinity_config": null, + "type": "ClusterIP" + }, + "status": { + "conditions": null, + "load_balancer": { + "ingress": null + } + } + }, + "test-cluster-tidb": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": { + "pingcap.com/last-applied-configuration": "{\"ports\":[{\"name\":\"mysql-client\",\"protocol\":\"TCP\",\"port\":4000,\"targetPort\":4000,\"nodePort\":31115},{\"name\":\"status\",\"protocol\":\"TCP\",\"port\":10080,\"targetPort\":10080,\"nodePort\":32125}],\"selector\":{\"app.kubernetes.io/component\":\"tidb\",\"app.kubernetes.io/instance\":\"test-cluster\",\"app.kubernetes.io/managed-by\":\"tidb-operator\",\"app.kubernetes.io/name\":\"tidb-cluster\"},\"type\":\"NodePort\",\"externalTrafficPolicy\":\"Local\"}" + }, + "creation_timestamp": "2024-02-27T01:20:52+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": { + "app.kubernetes.io/component": "tidb", + "app.kubernetes.io/instance": "test-cluster", + "app.kubernetes.io/managed-by": "tidb-operator", + "app.kubernetes.io/name": "tidb-cluster", + "app.kubernetes.io/used-by": "end-user" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + ".": {}, + "f:pingcap.com/last-applied-configuration": {} + }, + "f:labels": { + ".": {}, + "f:app.kubernetes.io/component": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {}, + "f:app.kubernetes.io/used-by": {} + }, + "f:ownerReferences": { + ".": {}, + "k:{\"uid\":\"eff6561e-bf0d-471c-99a1-71f35603bc87\"}": {} + } + }, + "f:spec": { + "f:externalTrafficPolicy": {}, + "f:internalTrafficPolicy": {}, + "f:ports": { + ".": {}, + "k:{\"port\":4000,\"protocol\":\"TCP\"}": { + ".": {}, + "f:name": {}, + "f:port": {}, + "f:protocol": {}, + "f:targetPort": {} + }, + "k:{\"port\":10080,\"protocol\":\"TCP\"}": { + ".": {}, + "f:name": {}, + "f:port": {}, + "f:protocol": {}, + "f:targetPort": {} + } + }, + "f:selector": {}, + "f:sessionAffinity": {}, + "f:type": {} + } + }, + "manager": "tidb-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:56+00:00" + } + ], + "name": "test-cluster-tidb", + "namespace": "acto-namespace", + "owner_references": [ + { + "api_version": "pingcap.com/v1alpha1", + "block_owner_deletion": true, + "controller": true, + "kind": "TidbCluster", + "name": "test-cluster", + "uid": "eff6561e-bf0d-471c-99a1-71f35603bc87" + } + ], + "resource_version": "1420", + "self_link": null, + "uid": "cfb9a88d-a203-4da8-9845-679a2d34ddae" + }, + "spec": { + "allocate_load_balancer_node_ports": null, + "cluster_ip": "10.96.9.145", + "cluster_i_ps": [ + "10.96.9.145" + ], + "external_i_ps": null, + "external_name": null, + "external_traffic_policy": "Local", + "health_check_node_port": null, + "internal_traffic_policy": "Cluster", + "ip_families": [ + "IPv4" + ], + "ip_family_policy": "SingleStack", + "load_balancer_class": null, + "load_balancer_ip": null, + "load_balancer_source_ranges": null, + "ports": [ + { + "app_protocol": null, + "name": "mysql-client", + "node_port": 31115, + "port": 4000, + "protocol": "TCP", + "target_port": 4000 + }, + { + "app_protocol": null, + "name": "status", + "node_port": 32125, + "port": 10080, + "protocol": "TCP", + "target_port": 10080 + } + ], + "publish_not_ready_addresses": null, + "selector": { + "app.kubernetes.io/component": "tidb", + "app.kubernetes.io/instance": "test-cluster", + "app.kubernetes.io/managed-by": "tidb-operator", + "app.kubernetes.io/name": "tidb-cluster" + }, + "session_affinity": "None", + "session_affinity_config": null, + "type": "NodePort" + }, + "status": { + "conditions": null, + "load_balancer": { + "ingress": null + } + } + }, + "test-cluster-tidb-peer": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": { + "pingcap.com/last-applied-configuration": "{\"ports\":[{\"name\":\"status\",\"protocol\":\"TCP\",\"port\":10080,\"targetPort\":10080}],\"selector\":{\"app.kubernetes.io/component\":\"tidb\",\"app.kubernetes.io/instance\":\"test-cluster\",\"app.kubernetes.io/managed-by\":\"tidb-operator\",\"app.kubernetes.io/name\":\"tidb-cluster\"},\"clusterIP\":\"None\",\"publishNotReadyAddresses\":true}" + }, + "creation_timestamp": "2024-02-27T01:20:52+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": { + "app.kubernetes.io/component": "tidb", + "app.kubernetes.io/instance": "test-cluster", + "app.kubernetes.io/managed-by": "tidb-operator", + "app.kubernetes.io/name": "tidb-cluster", + "app.kubernetes.io/used-by": "peer" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + ".": {}, + "f:pingcap.com/last-applied-configuration": {} + }, + "f:labels": { + ".": {}, + "f:app.kubernetes.io/component": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {}, + "f:app.kubernetes.io/used-by": {} + }, + "f:ownerReferences": { + ".": {}, + "k:{\"uid\":\"eff6561e-bf0d-471c-99a1-71f35603bc87\"}": {} + } + }, + "f:spec": { + "f:clusterIP": {}, + "f:internalTrafficPolicy": {}, + "f:ports": { + ".": {}, + "k:{\"port\":10080,\"protocol\":\"TCP\"}": { + ".": {}, + "f:name": {}, + "f:port": {}, + "f:protocol": {}, + "f:targetPort": {} + } + }, + "f:publishNotReadyAddresses": {}, + "f:selector": {}, + "f:sessionAffinity": {}, + "f:type": {} + } + }, + "manager": "tidb-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:52+00:00" + } + ], + "name": "test-cluster-tidb-peer", + "namespace": "acto-namespace", + "owner_references": [ + { + "api_version": "pingcap.com/v1alpha1", + "block_owner_deletion": true, + "controller": true, + "kind": "TidbCluster", + "name": "test-cluster", + "uid": "eff6561e-bf0d-471c-99a1-71f35603bc87" + } + ], + "resource_version": "1324", + "self_link": null, + "uid": "abae9ada-e2f2-4dd5-b77d-f56c4bd4422f" + }, + "spec": { + "allocate_load_balancer_node_ports": null, + "cluster_ip": "None", + "cluster_i_ps": [ + "None" + ], + "external_i_ps": null, + "external_name": null, + "external_traffic_policy": null, + "health_check_node_port": null, + "internal_traffic_policy": "Cluster", + "ip_families": [ + "IPv4" + ], + "ip_family_policy": "SingleStack", + "load_balancer_class": null, + "load_balancer_ip": null, + "load_balancer_source_ranges": null, + "ports": [ + { + "app_protocol": null, + "name": "status", + "node_port": null, + "port": 10080, + "protocol": "TCP", + "target_port": 10080 + } + ], + "publish_not_ready_addresses": true, + "selector": { + "app.kubernetes.io/component": "tidb", + "app.kubernetes.io/instance": "test-cluster", + "app.kubernetes.io/managed-by": "tidb-operator", + "app.kubernetes.io/name": "tidb-cluster" + }, + "session_affinity": "None", + "session_affinity_config": null, + "type": "ClusterIP" + }, + "status": { + "conditions": null, + "load_balancer": { + "ingress": null + } + } + }, + "test-cluster-tikv-peer": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": { + "pingcap.com/last-applied-configuration": "{\"ports\":[{\"name\":\"peer\",\"protocol\":\"TCP\",\"port\":20160,\"targetPort\":20160}],\"selector\":{\"app.kubernetes.io/component\":\"tikv\",\"app.kubernetes.io/instance\":\"test-cluster\",\"app.kubernetes.io/managed-by\":\"tidb-operator\",\"app.kubernetes.io/name\":\"tidb-cluster\"},\"clusterIP\":\"None\",\"publishNotReadyAddresses\":true}" + }, + "creation_timestamp": "2024-02-27T01:20:22+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": { + "app.kubernetes.io/component": "tikv", + "app.kubernetes.io/instance": "test-cluster", + "app.kubernetes.io/managed-by": "tidb-operator", + "app.kubernetes.io/name": "tidb-cluster", + "app.kubernetes.io/used-by": "peer" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + ".": {}, + "f:pingcap.com/last-applied-configuration": {} + }, + "f:labels": { + ".": {}, + "f:app.kubernetes.io/component": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {}, + "f:app.kubernetes.io/used-by": {} + }, + "f:ownerReferences": { + ".": {}, + "k:{\"uid\":\"eff6561e-bf0d-471c-99a1-71f35603bc87\"}": {} + } + }, + "f:spec": { + "f:clusterIP": {}, + "f:internalTrafficPolicy": {}, + "f:ports": { + ".": {}, + "k:{\"port\":20160,\"protocol\":\"TCP\"}": { + ".": {}, + "f:name": {}, + "f:port": {}, + "f:protocol": {}, + "f:targetPort": {} + } + }, + "f:publishNotReadyAddresses": {}, + "f:selector": {}, + "f:sessionAffinity": {}, + "f:type": {} + } + }, + "manager": "tidb-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:22+00:00" + } + ], + "name": "test-cluster-tikv-peer", + "namespace": "acto-namespace", + "owner_references": [ + { + "api_version": "pingcap.com/v1alpha1", + "block_owner_deletion": true, + "controller": true, + "kind": "TidbCluster", + "name": "test-cluster", + "uid": "eff6561e-bf0d-471c-99a1-71f35603bc87" + } + ], + "resource_version": "1083", + "self_link": null, + "uid": "c2fcd9d2-d1cf-48b4-9d62-c8c5d2555f3b" + }, + "spec": { + "allocate_load_balancer_node_ports": null, + "cluster_ip": "None", + "cluster_i_ps": [ + "None" + ], + "external_i_ps": null, + "external_name": null, + "external_traffic_policy": null, + "health_check_node_port": null, + "internal_traffic_policy": "Cluster", + "ip_families": [ + "IPv4" + ], + "ip_family_policy": "SingleStack", + "load_balancer_class": null, + "load_balancer_ip": null, + "load_balancer_source_ranges": null, + "ports": [ + { + "app_protocol": null, + "name": "peer", + "node_port": null, + "port": 20160, + "protocol": "TCP", + "target_port": 20160 + } + ], + "publish_not_ready_addresses": true, + "selector": { + "app.kubernetes.io/component": "tikv", + "app.kubernetes.io/instance": "test-cluster", + "app.kubernetes.io/managed-by": "tidb-operator", + "app.kubernetes.io/name": "tidb-cluster" + }, + "session_affinity": "None", + "session_affinity_config": null, + "type": "ClusterIP" + }, + "status": { + "conditions": null, + "load_balancer": { + "ingress": null + } + } + } + }, + "pvc": { + "pd-test-cluster-pd-0": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": { + "pv.kubernetes.io/bind-completed": "yes", + "pv.kubernetes.io/bound-by-controller": "yes", + "tidb.pingcap.com/pod-name": "test-cluster-pd-0", + "volume.beta.kubernetes.io/storage-provisioner": "rancher.io/local-path", + "volume.kubernetes.io/selected-node": "acto-0-cluster-0-worker", + "volume.kubernetes.io/storage-provisioner": "rancher.io/local-path" + }, + "creation_timestamp": "2024-02-27T01:19:59+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": [ + "kubernetes.io/pvc-protection" + ], + "generate_name": null, + "generation": null, + "labels": { + "app.kubernetes.io/component": "pd", + "app.kubernetes.io/instance": "test-cluster", + "app.kubernetes.io/managed-by": "tidb-operator", + "app.kubernetes.io/name": "tidb-cluster", + "tidb.pingcap.com/cluster-id": "7340085439264123903", + "tidb.pingcap.com/member-id": "1141335897322686879", + "tidb.pingcap.com/pod-name": "test-cluster-pd-0" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + ".": {}, + "f:volume.kubernetes.io/selected-node": {} + } + } + }, + "manager": "kube-scheduler", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:59+00:00" + }, + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:status": { + "f:accessModes": {}, + "f:capacity": { + ".": {}, + "f:storage": {} + }, + "f:phase": {} + } + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:02+00:00" + }, + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + "f:tidb.pingcap.com/pod-name": {} + }, + "f:labels": { + "f:tidb.pingcap.com/cluster-id": {}, + "f:tidb.pingcap.com/member-id": {}, + "f:tidb.pingcap.com/pod-name": {} + } + } + }, + "manager": "tidb-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:55+00:00" + } + ], + "name": "pd-test-cluster-pd-0", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1415", + "self_link": null, + "uid": "6e74bcf6-9557-43e9-975d-c258e0774be5" + }, + "spec": { + "access_modes": [ + "ReadWriteOnce" + ], + "data_source": null, + "data_source_ref": null, + "resources": { + "claims": null, + "limits": null, + "requests": { + "storage": "10Gi" + } + }, + "selector": null, + "storage_class_name": "standard", + "volume_mode": "Filesystem", + "volume_name": "pvc-6e74bcf6-9557-43e9-975d-c258e0774be5" + }, + "status": { + "access_modes": [ + "ReadWriteOnce" + ], + "allocated_resources": null, + "capacity": { + "storage": "10Gi" + }, + "conditions": null, + "phase": "Bound", + "resize_status": null + } + }, + "pd-test-cluster-pd-1": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": { + "pv.kubernetes.io/bind-completed": "yes", + "pv.kubernetes.io/bound-by-controller": "yes", + "tidb.pingcap.com/pod-name": "test-cluster-pd-1", + "volume.beta.kubernetes.io/storage-provisioner": "rancher.io/local-path", + "volume.kubernetes.io/selected-node": "acto-0-cluster-0-worker2", + "volume.kubernetes.io/storage-provisioner": "rancher.io/local-path" + }, + "creation_timestamp": "2024-02-27T01:19:59+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": [ + "kubernetes.io/pvc-protection" + ], + "generate_name": null, + "generation": null, + "labels": { + "app.kubernetes.io/component": "pd", + "app.kubernetes.io/instance": "test-cluster", + "app.kubernetes.io/managed-by": "tidb-operator", + "app.kubernetes.io/name": "tidb-cluster", + "tidb.pingcap.com/cluster-id": "7340085439264123903", + "tidb.pingcap.com/member-id": "13142663148032253862", + "tidb.pingcap.com/pod-name": "test-cluster-pd-1" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + ".": {}, + "f:volume.kubernetes.io/selected-node": {} + } + } + }, + "manager": "kube-scheduler", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:59+00:00" + }, + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:status": { + "f:accessModes": {}, + "f:capacity": { + ".": {}, + "f:storage": {} + }, + "f:phase": {} + } + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:03+00:00" + }, + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + "f:tidb.pingcap.com/pod-name": {} + }, + "f:labels": { + "f:tidb.pingcap.com/cluster-id": {}, + "f:tidb.pingcap.com/member-id": {}, + "f:tidb.pingcap.com/pod-name": {} + } + } + }, + "manager": "tidb-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:52+00:00" + } + ], + "name": "pd-test-cluster-pd-1", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1342", + "self_link": null, + "uid": "4347573f-2369-4cd1-aa31-97a0edae4ab5" + }, + "spec": { + "access_modes": [ + "ReadWriteOnce" + ], + "data_source": null, + "data_source_ref": null, + "resources": { + "claims": null, + "limits": null, + "requests": { + "storage": "10Gi" + } + }, + "selector": null, + "storage_class_name": "standard", + "volume_mode": "Filesystem", + "volume_name": "pvc-4347573f-2369-4cd1-aa31-97a0edae4ab5" + }, + "status": { + "access_modes": [ + "ReadWriteOnce" + ], + "allocated_resources": null, + "capacity": { + "storage": "10Gi" + }, + "conditions": null, + "phase": "Bound", + "resize_status": null + } + }, + "pd-test-cluster-pd-2": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": { + "pv.kubernetes.io/bind-completed": "yes", + "pv.kubernetes.io/bound-by-controller": "yes", + "tidb.pingcap.com/pod-name": "test-cluster-pd-2", + "volume.beta.kubernetes.io/storage-provisioner": "rancher.io/local-path", + "volume.kubernetes.io/selected-node": "acto-0-cluster-0-worker3", + "volume.kubernetes.io/storage-provisioner": "rancher.io/local-path" + }, + "creation_timestamp": "2024-02-27T01:19:59+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": [ + "kubernetes.io/pvc-protection" + ], + "generate_name": null, + "generation": null, + "labels": { + "app.kubernetes.io/component": "pd", + "app.kubernetes.io/instance": "test-cluster", + "app.kubernetes.io/managed-by": "tidb-operator", + "app.kubernetes.io/name": "tidb-cluster", + "tidb.pingcap.com/cluster-id": "7340085439264123903", + "tidb.pingcap.com/member-id": "5110389971597451409", + "tidb.pingcap.com/pod-name": "test-cluster-pd-2" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + ".": {}, + "f:volume.kubernetes.io/selected-node": {} + } + } + }, + "manager": "kube-scheduler", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:59+00:00" + }, + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:status": { + "f:accessModes": {}, + "f:capacity": { + ".": {}, + "f:storage": {} + }, + "f:phase": {} + } + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:03+00:00" + }, + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + "f:tidb.pingcap.com/pod-name": {} + }, + "f:labels": { + "f:tidb.pingcap.com/cluster-id": {}, + "f:tidb.pingcap.com/member-id": {}, + "f:tidb.pingcap.com/pod-name": {} + } + } + }, + "manager": "tidb-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:52+00:00" + } + ], + "name": "pd-test-cluster-pd-2", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1361", + "self_link": null, + "uid": "4ca5c277-cce5-49c9-8693-75ec1a7ef074" + }, + "spec": { + "access_modes": [ + "ReadWriteOnce" + ], + "data_source": null, + "data_source_ref": null, + "resources": { + "claims": null, + "limits": null, + "requests": { + "storage": "10Gi" + } + }, + "selector": null, + "storage_class_name": "standard", + "volume_mode": "Filesystem", + "volume_name": "pvc-4ca5c277-cce5-49c9-8693-75ec1a7ef074" + }, + "status": { + "access_modes": [ + "ReadWriteOnce" + ], + "allocated_resources": null, + "capacity": { + "storage": "10Gi" + }, + "conditions": null, + "phase": "Bound", + "resize_status": null + } + }, + "tikv-test-cluster-tikv-0": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": { + "pv.kubernetes.io/bind-completed": "yes", + "pv.kubernetes.io/bound-by-controller": "yes", + "tidb.pingcap.com/pod-name": "test-cluster-tikv-0", + "volume.beta.kubernetes.io/storage-provisioner": "rancher.io/local-path", + "volume.kubernetes.io/selected-node": "acto-0-cluster-0-worker2", + "volume.kubernetes.io/storage-provisioner": "rancher.io/local-path" + }, + "creation_timestamp": "2024-02-27T01:20:22+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": [ + "kubernetes.io/pvc-protection" + ], + "generate_name": null, + "generation": null, + "labels": { + "app.kubernetes.io/component": "tikv", + "app.kubernetes.io/instance": "test-cluster", + "app.kubernetes.io/managed-by": "tidb-operator", + "app.kubernetes.io/name": "tidb-cluster", + "tidb.pingcap.com/cluster-id": "7340085439264123903", + "tidb.pingcap.com/pod-name": "test-cluster-tikv-0", + "tidb.pingcap.com/store-id": "5" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + ".": {}, + "f:volume.kubernetes.io/selected-node": {} + } + } + }, + "manager": "kube-scheduler", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:22+00:00" + }, + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:status": { + "f:accessModes": {}, + "f:capacity": { + ".": {}, + "f:storage": {} + }, + "f:phase": {} + } + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:25+00:00" + }, + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + "f:tidb.pingcap.com/pod-name": {} + }, + "f:labels": { + "f:tidb.pingcap.com/cluster-id": {}, + "f:tidb.pingcap.com/pod-name": {}, + "f:tidb.pingcap.com/store-id": {} + } + } + }, + "manager": "tidb-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:53+00:00" + } + ], + "name": "tikv-test-cluster-tikv-0", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1390", + "self_link": null, + "uid": "c3881bdf-3987-4437-afed-2cce93ffbdf3" + }, + "spec": { + "access_modes": [ + "ReadWriteOnce" + ], + "data_source": null, + "data_source_ref": null, + "resources": { + "claims": null, + "limits": null, + "requests": { + "storage": "100Gi" + } + }, + "selector": null, + "storage_class_name": "standard", + "volume_mode": "Filesystem", + "volume_name": "pvc-c3881bdf-3987-4437-afed-2cce93ffbdf3" + }, + "status": { + "access_modes": [ + "ReadWriteOnce" + ], + "allocated_resources": null, + "capacity": { + "storage": "100Gi" + }, + "conditions": null, + "phase": "Bound", + "resize_status": null + } + }, + "tikv-test-cluster-tikv-1": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": { + "pv.kubernetes.io/bind-completed": "yes", + "pv.kubernetes.io/bound-by-controller": "yes", + "tidb.pingcap.com/pod-name": "test-cluster-tikv-1", + "volume.beta.kubernetes.io/storage-provisioner": "rancher.io/local-path", + "volume.kubernetes.io/selected-node": "acto-0-cluster-0-worker", + "volume.kubernetes.io/storage-provisioner": "rancher.io/local-path" + }, + "creation_timestamp": "2024-02-27T01:20:22+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": [ + "kubernetes.io/pvc-protection" + ], + "generate_name": null, + "generation": null, + "labels": { + "app.kubernetes.io/component": "tikv", + "app.kubernetes.io/instance": "test-cluster", + "app.kubernetes.io/managed-by": "tidb-operator", + "app.kubernetes.io/name": "tidb-cluster", + "tidb.pingcap.com/cluster-id": "7340085439264123903", + "tidb.pingcap.com/pod-name": "test-cluster-tikv-1", + "tidb.pingcap.com/store-id": "1" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + ".": {}, + "f:volume.kubernetes.io/selected-node": {} + } + } + }, + "manager": "kube-scheduler", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:22+00:00" + }, + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:status": { + "f:accessModes": {}, + "f:capacity": { + ".": {}, + "f:storage": {} + }, + "f:phase": {} + } + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:24+00:00" + }, + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + "f:tidb.pingcap.com/pod-name": {} + }, + "f:labels": { + "f:tidb.pingcap.com/cluster-id": {}, + "f:tidb.pingcap.com/pod-name": {}, + "f:tidb.pingcap.com/store-id": {} + } + } + }, + "manager": "tidb-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:54+00:00" + } + ], + "name": "tikv-test-cluster-tikv-1", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1404", + "self_link": null, + "uid": "36ffe414-4968-4c09-977a-799a62b46134" + }, + "spec": { + "access_modes": [ + "ReadWriteOnce" + ], + "data_source": null, + "data_source_ref": null, + "resources": { + "claims": null, + "limits": null, + "requests": { + "storage": "100Gi" + } + }, + "selector": null, + "storage_class_name": "standard", + "volume_mode": "Filesystem", + "volume_name": "pvc-36ffe414-4968-4c09-977a-799a62b46134" + }, + "status": { + "access_modes": [ + "ReadWriteOnce" + ], + "allocated_resources": null, + "capacity": { + "storage": "100Gi" + }, + "conditions": null, + "phase": "Bound", + "resize_status": null + } + }, + "tikv-test-cluster-tikv-2": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": { + "pv.kubernetes.io/bind-completed": "yes", + "pv.kubernetes.io/bound-by-controller": "yes", + "tidb.pingcap.com/pod-name": "test-cluster-tikv-2", + "volume.beta.kubernetes.io/storage-provisioner": "rancher.io/local-path", + "volume.kubernetes.io/selected-node": "acto-0-cluster-0-worker3", + "volume.kubernetes.io/storage-provisioner": "rancher.io/local-path" + }, + "creation_timestamp": "2024-02-27T01:20:22+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": [ + "kubernetes.io/pvc-protection" + ], + "generate_name": null, + "generation": null, + "labels": { + "app.kubernetes.io/component": "tikv", + "app.kubernetes.io/instance": "test-cluster", + "app.kubernetes.io/managed-by": "tidb-operator", + "app.kubernetes.io/name": "tidb-cluster", + "tidb.pingcap.com/cluster-id": "7340085439264123903", + "tidb.pingcap.com/pod-name": "test-cluster-tikv-2", + "tidb.pingcap.com/store-id": "4" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + ".": {}, + "f:volume.kubernetes.io/selected-node": {} + } + } + }, + "manager": "kube-scheduler", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:22+00:00" + }, + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:status": { + "f:accessModes": {}, + "f:capacity": { + ".": {}, + "f:storage": {} + }, + "f:phase": {} + } + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:24+00:00" + }, + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + "f:tidb.pingcap.com/pod-name": {} + }, + "f:labels": { + "f:tidb.pingcap.com/cluster-id": {}, + "f:tidb.pingcap.com/pod-name": {}, + "f:tidb.pingcap.com/store-id": {} + } + } + }, + "manager": "tidb-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:54+00:00" + } + ], + "name": "tikv-test-cluster-tikv-2", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1407", + "self_link": null, + "uid": "4c76d8f3-3a67-412e-875b-dae964805d9f" + }, + "spec": { + "access_modes": [ + "ReadWriteOnce" + ], + "data_source": null, + "data_source_ref": null, + "resources": { + "claims": null, + "limits": null, + "requests": { + "storage": "100Gi" + } + }, + "selector": null, + "storage_class_name": "standard", + "volume_mode": "Filesystem", + "volume_name": "pvc-4c76d8f3-3a67-412e-875b-dae964805d9f" + }, + "status": { + "access_modes": [ + "ReadWriteOnce" + ], + "allocated_resources": null, + "capacity": { + "storage": "100Gi" + }, + "conditions": null, + "phase": "Bound", + "resize_status": null + } + } + }, + "cronjob": {}, + "ingress": {}, + "network_policy": {}, + "pod_disruption_budget": {}, + "secret": {}, + "endpoints": { + "test-cluster-discovery": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": { + "endpoints.kubernetes.io/last-change-trigger-time": "2024-02-27T01:20:01Z" + }, + "creation_timestamp": "2024-02-27T01:19:59+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": { + "app.kubernetes.io/component": "discovery", + "app.kubernetes.io/instance": "test-cluster", + "app.kubernetes.io/managed-by": "tidb-operator", + "app.kubernetes.io/name": "tidb-cluster" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + ".": {}, + "f:endpoints.kubernetes.io/last-change-trigger-time": {} + }, + "f:labels": { + ".": {}, + "f:app.kubernetes.io/component": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {} + } + }, + "f:subsets": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:01+00:00" + } + ], + "name": "test-cluster-discovery", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "956", + "self_link": null, + "uid": "531c0eca-2805-49f4-b843-7390f011d559" + }, + "subsets": [ + { + "addresses": [ + { + "hostname": null, + "ip": "10.244.2.3", + "node_name": "acto-0-cluster-0-worker2", + "target_ref": { + "api_version": null, + "field_path": null, + "kind": "Pod", + "name": "test-cluster-discovery-689d8466cb-rkhsw", + "namespace": "acto-namespace", + "resource_version": null, + "uid": "7d5c38de-d388-4f79-a1eb-dbfcb1333562" + } + } + ], + "not_ready_addresses": null, + "ports": [ + { + "app_protocol": null, + "name": "discovery", + "port": 10261, + "protocol": "TCP" + }, + { + "app_protocol": null, + "name": "proxy", + "port": 10262, + "protocol": "TCP" + } + ] + } + ] + }, + "test-cluster-pd": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": { + "endpoints.kubernetes.io/last-change-trigger-time": "2024-02-27T01:20:26Z" + }, + "creation_timestamp": "2024-02-27T01:19:59+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": { + "app.kubernetes.io/component": "pd", + "app.kubernetes.io/instance": "test-cluster", + "app.kubernetes.io/managed-by": "tidb-operator", + "app.kubernetes.io/name": "tidb-cluster", + "app.kubernetes.io/used-by": "end-user" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + ".": {}, + "f:endpoints.kubernetes.io/last-change-trigger-time": {} + }, + "f:labels": { + ".": {}, + "f:app.kubernetes.io/component": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {}, + "f:app.kubernetes.io/used-by": {} + } + }, + "f:subsets": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:26+00:00" + } + ], + "name": "test-cluster-pd", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1236", + "self_link": null, + "uid": "6458dd97-d77d-44d1-9d13-4e1bff4b941d" + }, + "subsets": [ + { + "addresses": [ + { + "hostname": null, + "ip": "10.244.1.4", + "node_name": "acto-0-cluster-0-worker", + "target_ref": { + "api_version": null, + "field_path": null, + "kind": "Pod", + "name": "test-cluster-pd-0", + "namespace": "acto-namespace", + "resource_version": null, + "uid": "801ba666-3b2f-49bf-aec4-e595107bc95d" + } + }, + { + "hostname": null, + "ip": "10.244.2.5", + "node_name": "acto-0-cluster-0-worker2", + "target_ref": { + "api_version": null, + "field_path": null, + "kind": "Pod", + "name": "test-cluster-pd-1", + "namespace": "acto-namespace", + "resource_version": null, + "uid": "fddcab1c-5c70-49b9-8a97-afe4d7dec60e" + } + }, + { + "hostname": null, + "ip": "10.244.3.5", + "node_name": "acto-0-cluster-0-worker3", + "target_ref": { + "api_version": null, + "field_path": null, + "kind": "Pod", + "name": "test-cluster-pd-2", + "namespace": "acto-namespace", + "resource_version": null, + "uid": "6c47980f-aa16-4023-b5b9-150257844cb0" + } + } + ], + "not_ready_addresses": null, + "ports": [ + { + "app_protocol": null, + "name": "client", + "port": 2379, + "protocol": "TCP" + } + ] + } + ] + }, + "test-cluster-pd-peer": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": { + "endpoints.kubernetes.io/last-change-trigger-time": "2024-02-27T01:20:05Z" + }, + "creation_timestamp": "2024-02-27T01:19:59+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": { + "app.kubernetes.io/component": "pd", + "app.kubernetes.io/instance": "test-cluster", + "app.kubernetes.io/managed-by": "tidb-operator", + "app.kubernetes.io/name": "tidb-cluster", + "app.kubernetes.io/used-by": "peer", + "service.kubernetes.io/headless": "" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + ".": {}, + "f:endpoints.kubernetes.io/last-change-trigger-time": {} + }, + "f:labels": { + ".": {}, + "f:app.kubernetes.io/component": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {}, + "f:app.kubernetes.io/used-by": {}, + "f:service.kubernetes.io/headless": {} + } + }, + "f:subsets": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:05+00:00" + } + ], + "name": "test-cluster-pd-peer", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1034", + "self_link": null, + "uid": "0c1a4e11-f222-4597-8c09-480fa11c8847" + }, + "subsets": [ + { + "addresses": [ + { + "hostname": "test-cluster-pd-0", + "ip": "10.244.1.4", + "node_name": "acto-0-cluster-0-worker", + "target_ref": { + "api_version": null, + "field_path": null, + "kind": "Pod", + "name": "test-cluster-pd-0", + "namespace": "acto-namespace", + "resource_version": null, + "uid": "801ba666-3b2f-49bf-aec4-e595107bc95d" + } + }, + { + "hostname": "test-cluster-pd-1", + "ip": "10.244.2.5", + "node_name": "acto-0-cluster-0-worker2", + "target_ref": { + "api_version": null, + "field_path": null, + "kind": "Pod", + "name": "test-cluster-pd-1", + "namespace": "acto-namespace", + "resource_version": null, + "uid": "fddcab1c-5c70-49b9-8a97-afe4d7dec60e" + } + }, + { + "hostname": "test-cluster-pd-2", + "ip": "10.244.3.5", + "node_name": "acto-0-cluster-0-worker3", + "target_ref": { + "api_version": null, + "field_path": null, + "kind": "Pod", + "name": "test-cluster-pd-2", + "namespace": "acto-namespace", + "resource_version": null, + "uid": "6c47980f-aa16-4023-b5b9-150257844cb0" + } + } + ], + "not_ready_addresses": null, + "ports": [ + { + "app_protocol": null, + "name": "tcp-peer-2379", + "port": 2379, + "protocol": "TCP" + }, + { + "app_protocol": null, + "name": "tcp-peer-2380", + "port": 2380, + "protocol": "TCP" + } + ] + } + ] + }, + "test-cluster-tidb": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:52+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": { + "app.kubernetes.io/component": "tidb", + "app.kubernetes.io/instance": "test-cluster", + "app.kubernetes.io/managed-by": "tidb-operator", + "app.kubernetes.io/name": "tidb-cluster", + "app.kubernetes.io/used-by": "end-user" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:labels": { + ".": {}, + "f:app.kubernetes.io/component": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {}, + "f:app.kubernetes.io/used-by": {} + } + }, + "f:subsets": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:21:54+00:00" + } + ], + "name": "test-cluster-tidb", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1594", + "self_link": null, + "uid": "92b151e9-478a-40fd-8af2-02348b397057" + }, + "subsets": [ + { + "addresses": [ + { + "hostname": null, + "ip": "10.244.1.7", + "node_name": "acto-0-cluster-0-worker", + "target_ref": { + "api_version": null, + "field_path": null, + "kind": "Pod", + "name": "test-cluster-tidb-0", + "namespace": "acto-namespace", + "resource_version": null, + "uid": "33b4a064-47e7-4ea8-a6eb-4638ba7c5753" + } + }, + { + "hostname": null, + "ip": "10.244.2.8", + "node_name": "acto-0-cluster-0-worker2", + "target_ref": { + "api_version": null, + "field_path": null, + "kind": "Pod", + "name": "test-cluster-tidb-1", + "namespace": "acto-namespace", + "resource_version": null, + "uid": "b39da1e7-81ed-4250-9545-8ebd713753dc" + } + } + ], + "not_ready_addresses": null, + "ports": [ + { + "app_protocol": null, + "name": "status", + "port": 10080, + "protocol": "TCP" + }, + { + "app_protocol": null, + "name": "mysql-client", + "port": 4000, + "protocol": "TCP" + } + ] + } + ] + }, + "test-cluster-tidb-peer": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:52+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": { + "app.kubernetes.io/component": "tidb", + "app.kubernetes.io/instance": "test-cluster", + "app.kubernetes.io/managed-by": "tidb-operator", + "app.kubernetes.io/name": "tidb-cluster", + "app.kubernetes.io/used-by": "peer", + "service.kubernetes.io/headless": "" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:labels": { + ".": {}, + "f:app.kubernetes.io/component": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {}, + "f:app.kubernetes.io/used-by": {}, + "f:service.kubernetes.io/headless": {} + } + }, + "f:subsets": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:22:26+00:00" + } + ], + "name": "test-cluster-tidb-peer", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1698", + "self_link": null, + "uid": "709cfbb2-a95b-4f52-8847-e56b0adbf616" + }, + "subsets": [ + { + "addresses": [ + { + "hostname": "test-cluster-tidb-0", + "ip": "10.244.1.7", + "node_name": "acto-0-cluster-0-worker", + "target_ref": { + "api_version": null, + "field_path": null, + "kind": "Pod", + "name": "test-cluster-tidb-0", + "namespace": "acto-namespace", + "resource_version": null, + "uid": "33b4a064-47e7-4ea8-a6eb-4638ba7c5753" + } + }, + { + "hostname": "test-cluster-tidb-1", + "ip": "10.244.2.8", + "node_name": "acto-0-cluster-0-worker2", + "target_ref": { + "api_version": null, + "field_path": null, + "kind": "Pod", + "name": "test-cluster-tidb-1", + "namespace": "acto-namespace", + "resource_version": null, + "uid": "b39da1e7-81ed-4250-9545-8ebd713753dc" + } + } + ], + "not_ready_addresses": null, + "ports": [ + { + "app_protocol": null, + "name": "status", + "port": 10080, + "protocol": "TCP" + } + ] + } + ] + }, + "test-cluster-tikv-peer": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": { + "endpoints.kubernetes.io/last-change-trigger-time": "2024-02-27T01:20:27Z" + }, + "creation_timestamp": "2024-02-27T01:20:22+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": { + "app.kubernetes.io/component": "tikv", + "app.kubernetes.io/instance": "test-cluster", + "app.kubernetes.io/managed-by": "tidb-operator", + "app.kubernetes.io/name": "tidb-cluster", + "app.kubernetes.io/used-by": "peer", + "service.kubernetes.io/headless": "" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + ".": {}, + "f:endpoints.kubernetes.io/last-change-trigger-time": {} + }, + "f:labels": { + ".": {}, + "f:app.kubernetes.io/component": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {}, + "f:app.kubernetes.io/used-by": {}, + "f:service.kubernetes.io/headless": {} + } + }, + "f:subsets": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:27+00:00" + } + ], + "name": "test-cluster-tikv-peer", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1255", + "self_link": null, + "uid": "51825553-b652-45c7-b9ed-a12f85fb7489" + }, + "subsets": [ + { + "addresses": [ + { + "hostname": "test-cluster-tikv-1", + "ip": "10.244.1.6", + "node_name": "acto-0-cluster-0-worker", + "target_ref": { + "api_version": null, + "field_path": null, + "kind": "Pod", + "name": "test-cluster-tikv-1", + "namespace": "acto-namespace", + "resource_version": null, + "uid": "fe7fca3f-2c5a-406e-856b-3b0bec9e4bfc" + } + }, + { + "hostname": "test-cluster-tikv-0", + "ip": "10.244.2.7", + "node_name": "acto-0-cluster-0-worker2", + "target_ref": { + "api_version": null, + "field_path": null, + "kind": "Pod", + "name": "test-cluster-tikv-0", + "namespace": "acto-namespace", + "resource_version": null, + "uid": "ebc480d7-eef9-48ca-8d1f-31c413ae8bab" + } + }, + { + "hostname": "test-cluster-tikv-2", + "ip": "10.244.3.7", + "node_name": "acto-0-cluster-0-worker3", + "target_ref": { + "api_version": null, + "field_path": null, + "kind": "Pod", + "name": "test-cluster-tikv-2", + "namespace": "acto-namespace", + "resource_version": null, + "uid": "15df53c3-220b-48c9-82e6-5bde9ad0ef90" + } + } + ], + "not_ready_addresses": null, + "ports": [ + { + "app_protocol": null, + "name": "peer", + "port": 20160, + "protocol": "TCP" + } + ] + } + ] + }, + "tidb-controller-manager": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": { + "control-plane.alpha.kubernetes.io/leader": "{\"holderIdentity\":\"tidb-controller-manager-7b6bdb846c-75s8q\",\"leaseDurationSeconds\":15,\"acquireTime\":\"2024-02-27T01:19:52Z\",\"renewTime\":\"2024-02-27T01:37:53Z\",\"leaderTransitions\":1}" + }, + "creation_timestamp": "2024-02-27T01:19:30+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + ".": {}, + "f:control-plane.alpha.kubernetes.io/leader": {} + } + } + }, + "manager": "tidb-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:37:53+00:00" + } + ], + "name": "tidb-controller-manager", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "3786", + "self_link": null, + "uid": "f34e8ea1-3cf4-4632-8f1c-639acd494b56" + }, + "subsets": null + } + }, + "service_account": { + "default": { + "api_version": null, + "automount_service_account_token": null, + "image_pull_secrets": null, + "kind": null, + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:19:22+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": null, + "name": "default", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "629", + "self_link": null, + "uid": "b35afad6-609f-438c-b513-54693f9f507b" + }, + "secrets": null + }, + "test-cluster-discovery": { + "api_version": null, + "automount_service_account_token": null, + "image_pull_secrets": null, + "kind": null, + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:19:59+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": { + "app.kubernetes.io/component": "discovery", + "app.kubernetes.io/instance": "test-cluster", + "app.kubernetes.io/managed-by": "tidb-operator", + "app.kubernetes.io/name": "tidb-cluster" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:labels": { + ".": {}, + "f:app.kubernetes.io/component": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {} + }, + "f:ownerReferences": { + ".": {}, + "k:{\"uid\":\"eff6561e-bf0d-471c-99a1-71f35603bc87\"}": {} + } + } + }, + "manager": "tidb-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:59+00:00" + } + ], + "name": "test-cluster-discovery", + "namespace": "acto-namespace", + "owner_references": [ + { + "api_version": "pingcap.com/v1alpha1", + "block_owner_deletion": true, + "controller": true, + "kind": "TidbCluster", + "name": "test-cluster", + "uid": "eff6561e-bf0d-471c-99a1-71f35603bc87" + } + ], + "resource_version": "849", + "self_link": null, + "uid": "0fd11616-b3a2-4bd2-adaa-fcfa072bd781" + }, + "secrets": null + }, + "tidb-controller-manager": { + "api_version": null, + "automount_service_account_token": null, + "image_pull_secrets": null, + "kind": null, + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:19:29+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": { + "app.kubernetes.io/component": "controller-manager", + "app.kubernetes.io/instance": "acto-test-operator", + "app.kubernetes.io/managed-by": "Helm", + "app.kubernetes.io/name": "tidb-operator", + "helm.sh/chart": "tidb-operator-v1-canary" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:labels": { + "f:app.kubernetes.io/component": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {}, + "f:helm.sh/chart": {} + } + } + }, + "manager": "kubectl", + "operation": "Apply", + "subresource": null, + "time": "2024-02-27T01:19:29+00:00" + } + ], + "name": "tidb-controller-manager", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "668", + "self_link": null, + "uid": "64ae3b2d-b193-4773-9789-6a843c16a808" + }, + "secrets": null + }, + "tidb-scheduler": { + "api_version": null, + "automount_service_account_token": null, + "image_pull_secrets": null, + "kind": null, + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:19:29+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": { + "app.kubernetes.io/component": "scheduler", + "app.kubernetes.io/instance": "acto-test-operator", + "app.kubernetes.io/managed-by": "Helm", + "app.kubernetes.io/name": "tidb-operator", + "helm.sh/chart": "tidb-operator-v1-canary" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:labels": { + "f:app.kubernetes.io/component": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {}, + "f:helm.sh/chart": {} + } + } + }, + "manager": "kubectl", + "operation": "Apply", + "subresource": null, + "time": "2024-02-27T01:19:29+00:00" + } + ], + "name": "tidb-scheduler", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "669", + "self_link": null, + "uid": "9c95f44c-e826-4847-a2ca-cb7af4ea3f60" + }, + "secrets": null + } + }, + "job": {}, + "role": { + "test-cluster-discovery": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:19:59+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": { + "app.kubernetes.io/component": "discovery", + "app.kubernetes.io/instance": "test-cluster", + "app.kubernetes.io/managed-by": "tidb-operator", + "app.kubernetes.io/name": "tidb-cluster" + }, + "managed_fields": [ + { + "api_version": "rbac.authorization.k8s.io/v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:labels": { + ".": {}, + "f:app.kubernetes.io/component": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {} + }, + "f:ownerReferences": { + ".": {}, + "k:{\"uid\":\"eff6561e-bf0d-471c-99a1-71f35603bc87\"}": {} + } + }, + "f:rules": {} + }, + "manager": "tidb-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:59+00:00" + } + ], + "name": "test-cluster-discovery", + "namespace": "acto-namespace", + "owner_references": [ + { + "api_version": "pingcap.com/v1alpha1", + "block_owner_deletion": true, + "controller": true, + "kind": "TidbCluster", + "name": "test-cluster", + "uid": "eff6561e-bf0d-471c-99a1-71f35603bc87" + } + ], + "resource_version": "848", + "self_link": null, + "uid": "0239b8e9-c3cf-4178-b83b-897dcc08e31e" + }, + "rules": [ + { + "api_groups": [ + "pingcap.com" + ], + "non_resource_ur_ls": null, + "resource_names": [ + "test-cluster" + ], + "resources": [ + "tidbclusters" + ], + "verbs": [ + "get" + ] + }, + { + "api_groups": [ + "" + ], + "non_resource_ur_ls": null, + "resource_names": null, + "resources": [ + "secrets" + ], + "verbs": [ + "get", + "list", + "watch" + ] + } + ] + } + }, + "role_binding": { + "test-cluster-discovery": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:19:59+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": { + "app.kubernetes.io/component": "discovery", + "app.kubernetes.io/instance": "test-cluster", + "app.kubernetes.io/managed-by": "tidb-operator", + "app.kubernetes.io/name": "tidb-cluster" + }, + "managed_fields": [ + { + "api_version": "rbac.authorization.k8s.io/v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:labels": { + ".": {}, + "f:app.kubernetes.io/component": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {} + }, + "f:ownerReferences": { + ".": {}, + "k:{\"uid\":\"eff6561e-bf0d-471c-99a1-71f35603bc87\"}": {} + } + }, + "f:roleRef": {}, + "f:subjects": {} + }, + "manager": "tidb-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:59+00:00" + } + ], + "name": "test-cluster-discovery", + "namespace": "acto-namespace", + "owner_references": [ + { + "api_version": "pingcap.com/v1alpha1", + "block_owner_deletion": true, + "controller": true, + "kind": "TidbCluster", + "name": "test-cluster", + "uid": "eff6561e-bf0d-471c-99a1-71f35603bc87" + } + ], + "resource_version": "852", + "self_link": null, + "uid": "80f61952-9b43-4d3d-8085-809784c1c77f" + }, + "role_ref": { + "api_group": "rbac.authorization.k8s.io", + "kind": "Role", + "name": "test-cluster-discovery" + }, + "subjects": [ + { + "api_group": null, + "kind": "ServiceAccount", + "name": "test-cluster-discovery", + "namespace": null + } + ] + } + }, + "custom_resource_spec": { + "configUpdateStrategy": "RollingUpdate", + "discovery": {}, + "enableDynamicConfiguration": true, + "enablePVReclaim": false, + "helper": { + "image": "busybox:1.34.1" + }, + "imagePullPolicy": "IfNotPresent", + "pd": { + "baseImage": "pingcap/pd", + "config": "[dashboard]\n internal-proxy = true\n", + "maxFailoverCount": 0, + "mountClusterClientSecret": true, + "replicas": 3, + "requests": { + "storage": "10Gi" + } + }, + "pvReclaimPolicy": "Retain", + "tidb": { + "baseImage": "pingcap/tidb", + "config": "[log]\n [log.file]\n max-backups = 3\n\n[performance]\n tcp-keep-alive = true\n", + "maxFailoverCount": 0, + "replicas": 3, + "service": { + "externalTrafficPolicy": "Local", + "type": "NodePort" + } + }, + "tikv": { + "baseImage": "pingcap/tikv", + "config": "log-level = \"info\"\n", + "maxFailoverCount": 0, + "mountClusterClientSecret": true, + "replicas": 3, + "requests": { + "storage": "100Gi" + }, + "separateRaftLog": true + }, + "timezone": "UTC", + "tlsCluster": {}, + "version": "v5.4.0" + }, + "custom_resource_status": { + "clusterID": "7340085439264123903", + "conditions": [ + { + "lastTransitionTime": "2024-02-27T01:21:54Z", + "lastUpdateTime": "2024-02-27T01:29:57Z", + "message": "TiDB(s) are not healthy", + "reason": "TiDBUnhealthy", + "status": "False", + "type": "Ready" + } + ], + "pd": { + "image": "pingcap/pd:v5.4.0", + "leader": { + "clientURL": "http://test-cluster-pd-2.test-cluster-pd-peer.acto-namespace.svc:2379", + "health": true, + "id": "5110389971597451409", + "lastTransitionTime": "2024-02-27T01:20:22Z", + "name": "test-cluster-pd-2" + }, + "members": { + "test-cluster-pd-0": { + "clientURL": "http://test-cluster-pd-0.test-cluster-pd-peer.acto-namespace.svc:2379", + "health": true, + "id": "1141335897322686879", + "lastTransitionTime": "2024-02-27T01:20:52Z", + "name": "test-cluster-pd-0" + }, + "test-cluster-pd-1": { + "clientURL": "http://test-cluster-pd-1.test-cluster-pd-peer.acto-namespace.svc:2379", + "health": true, + "id": "13142663148032253862", + "lastTransitionTime": "2024-02-27T01:20:22Z", + "name": "test-cluster-pd-1" + }, + "test-cluster-pd-2": { + "clientURL": "http://test-cluster-pd-2.test-cluster-pd-peer.acto-namespace.svc:2379", + "health": true, + "id": "5110389971597451409", + "lastTransitionTime": "2024-02-27T01:20:22Z", + "name": "test-cluster-pd-2" + } + }, + "phase": "Normal", + "statefulSet": { + "collisionCount": 0, + "currentReplicas": 3, + "currentRevision": "test-cluster-pd-859db88ddf", + "observedGeneration": 1, + "readyReplicas": 3, + "replicas": 3, + "updateRevision": "test-cluster-pd-859db88ddf", + "updatedReplicas": 3 + }, + "synced": true + }, + "pump": {}, + "ticdc": {}, + "tidb": { + "image": "pingcap/tidb:v5.4.0", + "members": { + "test-cluster-tidb-0": { + "health": true, + "lastTransitionTime": "2024-02-27T01:20:58Z", + "name": "test-cluster-tidb-0", + "node": "acto-0-cluster-0-worker" + }, + "test-cluster-tidb-1": { + "health": true, + "lastTransitionTime": "2024-02-27T01:20:58Z", + "name": "test-cluster-tidb-1", + "node": "acto-0-cluster-0-worker2" + }, + "test-cluster-tidb-2": { + "health": false, + "lastTransitionTime": "2024-02-27T01:22:28Z", + "name": "test-cluster-tidb-2" + } + }, + "phase": "Upgrade", + "statefulSet": { + "collisionCount": 0, + "currentReplicas": 2, + "currentRevision": "test-cluster-tidb-788bdc6cfc", + "observedGeneration": 4, + "readyReplicas": 2, + "replicas": 3, + "updateRevision": "test-cluster-tidb-788bdc6cfc", + "updatedReplicas": 2 + } + }, + "tiflash": {}, + "tikv": { + "bootStrapped": true, + "image": "pingcap/tikv:v5.4.0", + "phase": "Normal", + "statefulSet": { + "collisionCount": 0, + "currentReplicas": 3, + "currentRevision": "test-cluster-tikv-797dfd54bf", + "observedGeneration": 1, + "readyReplicas": 3, + "replicas": 3, + "updateRevision": "test-cluster-tikv-797dfd54bf", + "updatedReplicas": 3 + }, + "stores": { + "1": { + "id": "1", + "ip": "test-cluster-tikv-1.test-cluster-tikv-peer.acto-namespace.svc", + "lastTransitionTime": "2024-02-27T01:20:52Z", + "leaderCount": 16, + "podName": "test-cluster-tikv-1", + "state": "Up" + }, + "4": { + "id": "4", + "ip": "test-cluster-tikv-2.test-cluster-tikv-peer.acto-namespace.svc", + "lastTransitionTime": "2024-02-27T01:20:52Z", + "leaderCount": 7, + "podName": "test-cluster-tikv-2", + "state": "Up" + }, + "5": { + "id": "5", + "ip": "test-cluster-tikv-0.test-cluster-tikv-peer.acto-namespace.svc", + "lastTransitionTime": "2024-02-27T01:20:52Z", + "leaderCount": 6, + "podName": "test-cluster-tikv-0", + "state": "Up" + } + }, + "synced": true + } + } + } + }, + "custom": null + } +} diff --git a/docs/alarm_examples/misoperation/system-state--01.json b/docs/alarm_examples/misoperation/system-state--01.json new file mode 100644 index 0000000000..d17ec21da3 --- /dev/null +++ b/docs/alarm_examples/misoperation/system-state--01.json @@ -0,0 +1,15715 @@ +{ + "pod": { + "test-cluster-pd-0": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": { + "prometheus.io/path": "/metrics", + "prometheus.io/port": "2379", + "prometheus.io/scrape": "true" + }, + "creation_timestamp": "2024-02-27T01:19:59+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": "test-cluster-pd-", + "generation": null, + "labels": { + "app.kubernetes.io/component": "pd", + "app.kubernetes.io/instance": "test-cluster", + "app.kubernetes.io/managed-by": "tidb-operator", + "app.kubernetes.io/name": "tidb-cluster", + "apps.kubernetes.io/pod-index": "0", + "controller-revision-hash": "test-cluster-pd-859db88ddf", + "statefulset.kubernetes.io/pod-name": "test-cluster-pd-0", + "tidb.pingcap.com/cluster-id": "7340085439264123903", + "tidb.pingcap.com/member-id": "1141335897322686879" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + ".": {}, + "f:prometheus.io/path": {}, + "f:prometheus.io/port": {}, + "f:prometheus.io/scrape": {} + }, + "f:generateName": {}, + "f:labels": { + ".": {}, + "f:app.kubernetes.io/component": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {}, + "f:apps.kubernetes.io/pod-index": {}, + "f:controller-revision-hash": {}, + "f:statefulset.kubernetes.io/pod-name": {} + }, + "f:ownerReferences": { + ".": {}, + "k:{\"uid\":\"88522170-1faf-4a03-8d4e-f4f6a40c72a7\"}": {} + } + }, + "f:spec": { + "f:containers": { + "k:{\"name\":\"pd\"}": { + ".": {}, + "f:command": {}, + "f:env": { + ".": {}, + "k:{\"name\":\"NAMESPACE\"}": { + ".": {}, + "f:name": {}, + "f:valueFrom": { + ".": {}, + "f:fieldRef": {} + } + }, + "k:{\"name\":\"PEER_SERVICE_NAME\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"SERVICE_NAME\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"SET_NAME\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"TZ\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + } + }, + "f:image": {}, + "f:imagePullPolicy": {}, + "f:name": {}, + "f:ports": { + ".": {}, + "k:{\"containerPort\":2379,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + }, + "k:{\"containerPort\":2380,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + } + }, + "f:resources": {}, + "f:terminationMessagePath": {}, + "f:terminationMessagePolicy": {}, + "f:volumeMounts": { + ".": {}, + "k:{\"mountPath\":\"/etc/pd\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {}, + "f:readOnly": {} + }, + "k:{\"mountPath\":\"/etc/podinfo\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {}, + "f:readOnly": {} + }, + "k:{\"mountPath\":\"/usr/local/bin\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {}, + "f:readOnly": {} + }, + "k:{\"mountPath\":\"/var/lib/pd\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {} + } + } + } + }, + "f:dnsPolicy": {}, + "f:enableServiceLinks": {}, + "f:hostname": {}, + "f:restartPolicy": {}, + "f:schedulerName": {}, + "f:securityContext": {}, + "f:subdomain": {}, + "f:terminationGracePeriodSeconds": {}, + "f:volumes": { + ".": {}, + "k:{\"name\":\"annotations\"}": { + ".": {}, + "f:downwardAPI": { + ".": {}, + "f:defaultMode": {}, + "f:items": {} + }, + "f:name": {} + }, + "k:{\"name\":\"config\"}": { + ".": {}, + "f:configMap": { + ".": {}, + "f:defaultMode": {}, + "f:items": {}, + "f:name": {} + }, + "f:name": {} + }, + "k:{\"name\":\"pd\"}": { + ".": {}, + "f:name": {}, + "f:persistentVolumeClaim": { + ".": {}, + "f:claimName": {} + } + }, + "k:{\"name\":\"startup-script\"}": { + ".": {}, + "f:configMap": { + ".": {}, + "f:defaultMode": {}, + "f:items": {}, + "f:name": {} + }, + "f:name": {} + } + } + } + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:59+00:00" + }, + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:status": { + "f:conditions": { + "k:{\"type\":\"ContainersReady\"}": { + ".": {}, + "f:lastProbeTime": {}, + "f:lastTransitionTime": {}, + "f:status": {}, + "f:type": {} + }, + "k:{\"type\":\"Initialized\"}": { + ".": {}, + "f:lastProbeTime": {}, + "f:lastTransitionTime": {}, + "f:status": {}, + "f:type": {} + }, + "k:{\"type\":\"Ready\"}": { + ".": {}, + "f:lastProbeTime": {}, + "f:lastTransitionTime": {}, + "f:status": {}, + "f:type": {} + } + }, + "f:containerStatuses": {}, + "f:hostIP": {}, + "f:phase": {}, + "f:podIP": {}, + "f:podIPs": { + ".": {}, + "k:{\"ip\":\"10.244.1.4\"}": { + ".": {}, + "f:ip": {} + } + }, + "f:startTime": {} + } + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:26+00:00" + }, + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:labels": { + "f:tidb.pingcap.com/cluster-id": {}, + "f:tidb.pingcap.com/member-id": {} + } + } + }, + "manager": "tidb-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:55+00:00" + } + ], + "name": "test-cluster-pd-0", + "namespace": "acto-namespace", + "owner_references": [ + { + "api_version": "apps/v1", + "block_owner_deletion": true, + "controller": true, + "kind": "StatefulSet", + "name": "test-cluster-pd", + "uid": "88522170-1faf-4a03-8d4e-f4f6a40c72a7" + } + ], + "resource_version": "1412", + "self_link": null, + "uid": "801ba666-3b2f-49bf-aec4-e595107bc95d" + }, + "spec": { + "active_deadline_seconds": null, + "affinity": null, + "automount_service_account_token": null, + "containers": [ + { + "args": null, + "command": [ + "/bin/sh", + "/usr/local/bin/pd_start_script.sh" + ], + "env": [ + { + "name": "NAMESPACE", + "value": null, + "value_from": { + "config_map_key_ref": null, + "field_ref": { + "api_version": "v1", + "field_path": "metadata.namespace" + }, + "resource_field_ref": null, + "secret_key_ref": null + } + }, + { + "name": "PEER_SERVICE_NAME", + "value": "test-cluster-pd-peer", + "value_from": null + }, + { + "name": "SERVICE_NAME", + "value": "test-cluster-pd", + "value_from": null + }, + { + "name": "SET_NAME", + "value": "test-cluster-pd", + "value_from": null + }, + { + "name": "TZ", + "value": "UTC", + "value_from": null + } + ], + "env_from": null, + "image": "pingcap/pd:v5.4.0", + "image_pull_policy": "IfNotPresent", + "lifecycle": null, + "liveness_probe": null, + "name": "pd", + "ports": [ + { + "container_port": 2380, + "host_ip": null, + "host_port": null, + "name": "server", + "protocol": "TCP" + }, + { + "container_port": 2379, + "host_ip": null, + "host_port": null, + "name": "client", + "protocol": "TCP" + } + ], + "readiness_probe": null, + "resources": { + "claims": null, + "limits": null, + "requests": null + }, + "security_context": null, + "startup_probe": null, + "stdin": null, + "stdin_once": null, + "termination_message_path": "/dev/termination-log", + "termination_message_policy": "File", + "tty": null, + "volume_devices": null, + "volume_mounts": [ + { + "mount_path": "/etc/podinfo", + "mount_propagation": null, + "name": "annotations", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/etc/pd", + "mount_propagation": null, + "name": "config", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/usr/local/bin", + "mount_propagation": null, + "name": "startup-script", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/var/lib/pd", + "mount_propagation": null, + "name": "pd", + "read_only": null, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/var/run/secrets/kubernetes.io/serviceaccount", + "mount_propagation": null, + "name": "kube-api-access-jwwwg", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + } + ], + "working_dir": null + } + ], + "dns_config": null, + "dns_policy": "ClusterFirst", + "enable_service_links": true, + "ephemeral_containers": null, + "host_aliases": null, + "host_ipc": null, + "host_network": null, + "host_pid": null, + "host_users": null, + "hostname": "test-cluster-pd-0", + "image_pull_secrets": null, + "init_containers": null, + "node_name": "acto-0-cluster-0-worker", + "node_selector": null, + "os": null, + "overhead": null, + "preemption_policy": "PreemptLowerPriority", + "priority": 0, + "priority_class_name": null, + "readiness_gates": null, + "resource_claims": null, + "restart_policy": "Always", + "runtime_class_name": null, + "scheduler_name": "default-scheduler", + "scheduling_gates": null, + "security_context": { + "fs_group": null, + "fs_group_change_policy": null, + "run_as_group": null, + "run_as_non_root": null, + "run_as_user": null, + "se_linux_options": null, + "seccomp_profile": null, + "supplemental_groups": null, + "sysctls": null, + "windows_options": null + }, + "service_account": "default", + "service_account_name": "default", + "set_hostname_as_fqdn": null, + "share_process_namespace": null, + "subdomain": "test-cluster-pd-peer", + "termination_grace_period_seconds": 30, + "tolerations": [ + { + "effect": "NoExecute", + "key": "node.kubernetes.io/not-ready", + "operator": "Exists", + "toleration_seconds": 300, + "value": null + }, + { + "effect": "NoExecute", + "key": "node.kubernetes.io/unreachable", + "operator": "Exists", + "toleration_seconds": 300, + "value": null + } + ], + "topology_spread_constraints": null, + "volumes": [ + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "pd", + "nfs": null, + "persistent_volume_claim": { + "claim_name": "pd-test-cluster-pd-0", + "read_only": null + }, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": { + "default_mode": 420, + "items": [ + { + "field_ref": { + "api_version": "v1", + "field_path": "metadata.annotations" + }, + "mode": null, + "path": "annotations", + "resource_field_ref": null + } + ] + }, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "annotations", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": { + "default_mode": 420, + "items": [ + { + "key": "config-file", + "mode": null, + "path": "pd.toml" + } + ], + "name": "test-cluster-pd-3731616", + "optional": null + }, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "config", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": { + "default_mode": 420, + "items": [ + { + "key": "startup-script", + "mode": null, + "path": "pd_start_script.sh" + } + ], + "name": "test-cluster-pd-3731616", + "optional": null + }, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "startup-script", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "kube-api-access-jwwwg", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": { + "default_mode": 420, + "sources": [ + { + "config_map": null, + "downward_api": null, + "secret": null, + "service_account_token": { + "audience": null, + "expiration_seconds": 3607, + "path": "token" + } + }, + { + "config_map": { + "items": [ + { + "key": "ca.crt", + "mode": null, + "path": "ca.crt" + } + ], + "name": "kube-root-ca.crt", + "optional": null + }, + "downward_api": null, + "secret": null, + "service_account_token": null + }, + { + "config_map": null, + "downward_api": { + "items": [ + { + "field_ref": { + "api_version": "v1", + "field_path": "metadata.namespace" + }, + "mode": null, + "path": "namespace", + "resource_field_ref": null + } + ] + }, + "secret": null, + "service_account_token": null + } + ] + }, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + } + ] + }, + "status": { + "conditions": [ + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T01:20:03+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "Initialized" + }, + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T01:20:26+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "Ready" + }, + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T01:20:26+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "ContainersReady" + }, + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T01:20:03+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "PodScheduled" + } + ], + "container_statuses": [ + { + "container_id": "containerd://27a3d82f16f69a11bf9dde6813844be50e843e3d53d63a441944e1f441d505f1", + "image": "docker.io/pingcap/pd:v5.4.0", + "image_id": "docker.io/library/import-2024-02-27@sha256:e69d83ac856c43909b810402d2fcbeb543ca3580d5be3ecfc008c3f522d89285", + "last_state": { + "running": null, + "terminated": { + "container_id": "containerd://20f57c8c5b28a8a4e754d8f7119707034f67a46a84eaf63987e9d2de84921b4a", + "exit_code": 1, + "finished_at": "2024-02-27T01:20:24+00:00", + "message": null, + "reason": "Error", + "signal": null, + "started_at": "2024-02-27T01:20:04+00:00" + }, + "waiting": null + }, + "name": "pd", + "ready": true, + "restart_count": 1, + "started": true, + "state": { + "running": { + "started_at": "2024-02-27T01:20:25+00:00" + }, + "terminated": null, + "waiting": null + } + } + ], + "ephemeral_container_statuses": null, + "host_ip": "172.18.0.2", + "init_container_statuses": null, + "message": null, + "nominated_node_name": null, + "phase": "Running", + "pod_ip": "10.244.1.4", + "pod_i_ps": [ + { + "ip": "10.244.1.4" + } + ], + "qos_class": "BestEffort", + "reason": null, + "start_time": "2024-02-27T01:20:03+00:00" + } + }, + "test-cluster-pd-1": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": { + "prometheus.io/path": "/metrics", + "prometheus.io/port": "2379", + "prometheus.io/scrape": "true" + }, + "creation_timestamp": "2024-02-27T01:19:59+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": "test-cluster-pd-", + "generation": null, + "labels": { + "app.kubernetes.io/component": "pd", + "app.kubernetes.io/instance": "test-cluster", + "app.kubernetes.io/managed-by": "tidb-operator", + "app.kubernetes.io/name": "tidb-cluster", + "apps.kubernetes.io/pod-index": "1", + "controller-revision-hash": "test-cluster-pd-859db88ddf", + "statefulset.kubernetes.io/pod-name": "test-cluster-pd-1", + "tidb.pingcap.com/cluster-id": "7340085439264123903", + "tidb.pingcap.com/member-id": "13142663148032253862" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + ".": {}, + "f:prometheus.io/path": {}, + "f:prometheus.io/port": {}, + "f:prometheus.io/scrape": {} + }, + "f:generateName": {}, + "f:labels": { + ".": {}, + "f:app.kubernetes.io/component": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {}, + "f:apps.kubernetes.io/pod-index": {}, + "f:controller-revision-hash": {}, + "f:statefulset.kubernetes.io/pod-name": {} + }, + "f:ownerReferences": { + ".": {}, + "k:{\"uid\":\"88522170-1faf-4a03-8d4e-f4f6a40c72a7\"}": {} + } + }, + "f:spec": { + "f:containers": { + "k:{\"name\":\"pd\"}": { + ".": {}, + "f:command": {}, + "f:env": { + ".": {}, + "k:{\"name\":\"NAMESPACE\"}": { + ".": {}, + "f:name": {}, + "f:valueFrom": { + ".": {}, + "f:fieldRef": {} + } + }, + "k:{\"name\":\"PEER_SERVICE_NAME\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"SERVICE_NAME\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"SET_NAME\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"TZ\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + } + }, + "f:image": {}, + "f:imagePullPolicy": {}, + "f:name": {}, + "f:ports": { + ".": {}, + "k:{\"containerPort\":2379,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + }, + "k:{\"containerPort\":2380,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + } + }, + "f:resources": {}, + "f:terminationMessagePath": {}, + "f:terminationMessagePolicy": {}, + "f:volumeMounts": { + ".": {}, + "k:{\"mountPath\":\"/etc/pd\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {}, + "f:readOnly": {} + }, + "k:{\"mountPath\":\"/etc/podinfo\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {}, + "f:readOnly": {} + }, + "k:{\"mountPath\":\"/usr/local/bin\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {}, + "f:readOnly": {} + }, + "k:{\"mountPath\":\"/var/lib/pd\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {} + } + } + } + }, + "f:dnsPolicy": {}, + "f:enableServiceLinks": {}, + "f:hostname": {}, + "f:restartPolicy": {}, + "f:schedulerName": {}, + "f:securityContext": {}, + "f:subdomain": {}, + "f:terminationGracePeriodSeconds": {}, + "f:volumes": { + ".": {}, + "k:{\"name\":\"annotations\"}": { + ".": {}, + "f:downwardAPI": { + ".": {}, + "f:defaultMode": {}, + "f:items": {} + }, + "f:name": {} + }, + "k:{\"name\":\"config\"}": { + ".": {}, + "f:configMap": { + ".": {}, + "f:defaultMode": {}, + "f:items": {}, + "f:name": {} + }, + "f:name": {} + }, + "k:{\"name\":\"pd\"}": { + ".": {}, + "f:name": {}, + "f:persistentVolumeClaim": { + ".": {}, + "f:claimName": {} + } + }, + "k:{\"name\":\"startup-script\"}": { + ".": {}, + "f:configMap": { + ".": {}, + "f:defaultMode": {}, + "f:items": {}, + "f:name": {} + }, + "f:name": {} + } + } + } + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:59+00:00" + }, + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:status": { + "f:conditions": { + "k:{\"type\":\"ContainersReady\"}": { + ".": {}, + "f:lastProbeTime": {}, + "f:lastTransitionTime": {}, + "f:status": {}, + "f:type": {} + }, + "k:{\"type\":\"Initialized\"}": { + ".": {}, + "f:lastProbeTime": {}, + "f:lastTransitionTime": {}, + "f:status": {}, + "f:type": {} + }, + "k:{\"type\":\"Ready\"}": { + ".": {}, + "f:lastProbeTime": {}, + "f:lastTransitionTime": {}, + "f:status": {}, + "f:type": {} + } + }, + "f:containerStatuses": {}, + "f:hostIP": {}, + "f:phase": {}, + "f:podIP": {}, + "f:podIPs": { + ".": {}, + "k:{\"ip\":\"10.244.2.5\"}": { + ".": {}, + "f:ip": {} + } + }, + "f:startTime": {} + } + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:04+00:00" + }, + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:labels": { + "f:tidb.pingcap.com/cluster-id": {}, + "f:tidb.pingcap.com/member-id": {} + } + } + }, + "manager": "tidb-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:52+00:00" + } + ], + "name": "test-cluster-pd-1", + "namespace": "acto-namespace", + "owner_references": [ + { + "api_version": "apps/v1", + "block_owner_deletion": true, + "controller": true, + "kind": "StatefulSet", + "name": "test-cluster-pd", + "uid": "88522170-1faf-4a03-8d4e-f4f6a40c72a7" + } + ], + "resource_version": "1340", + "self_link": null, + "uid": "fddcab1c-5c70-49b9-8a97-afe4d7dec60e" + }, + "spec": { + "active_deadline_seconds": null, + "affinity": null, + "automount_service_account_token": null, + "containers": [ + { + "args": null, + "command": [ + "/bin/sh", + "/usr/local/bin/pd_start_script.sh" + ], + "env": [ + { + "name": "NAMESPACE", + "value": null, + "value_from": { + "config_map_key_ref": null, + "field_ref": { + "api_version": "v1", + "field_path": "metadata.namespace" + }, + "resource_field_ref": null, + "secret_key_ref": null + } + }, + { + "name": "PEER_SERVICE_NAME", + "value": "test-cluster-pd-peer", + "value_from": null + }, + { + "name": "SERVICE_NAME", + "value": "test-cluster-pd", + "value_from": null + }, + { + "name": "SET_NAME", + "value": "test-cluster-pd", + "value_from": null + }, + { + "name": "TZ", + "value": "UTC", + "value_from": null + } + ], + "env_from": null, + "image": "pingcap/pd:v5.4.0", + "image_pull_policy": "IfNotPresent", + "lifecycle": null, + "liveness_probe": null, + "name": "pd", + "ports": [ + { + "container_port": 2380, + "host_ip": null, + "host_port": null, + "name": "server", + "protocol": "TCP" + }, + { + "container_port": 2379, + "host_ip": null, + "host_port": null, + "name": "client", + "protocol": "TCP" + } + ], + "readiness_probe": null, + "resources": { + "claims": null, + "limits": null, + "requests": null + }, + "security_context": null, + "startup_probe": null, + "stdin": null, + "stdin_once": null, + "termination_message_path": "/dev/termination-log", + "termination_message_policy": "File", + "tty": null, + "volume_devices": null, + "volume_mounts": [ + { + "mount_path": "/etc/podinfo", + "mount_propagation": null, + "name": "annotations", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/etc/pd", + "mount_propagation": null, + "name": "config", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/usr/local/bin", + "mount_propagation": null, + "name": "startup-script", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/var/lib/pd", + "mount_propagation": null, + "name": "pd", + "read_only": null, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/var/run/secrets/kubernetes.io/serviceaccount", + "mount_propagation": null, + "name": "kube-api-access-bclcz", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + } + ], + "working_dir": null + } + ], + "dns_config": null, + "dns_policy": "ClusterFirst", + "enable_service_links": true, + "ephemeral_containers": null, + "host_aliases": null, + "host_ipc": null, + "host_network": null, + "host_pid": null, + "host_users": null, + "hostname": "test-cluster-pd-1", + "image_pull_secrets": null, + "init_containers": null, + "node_name": "acto-0-cluster-0-worker2", + "node_selector": null, + "os": null, + "overhead": null, + "preemption_policy": "PreemptLowerPriority", + "priority": 0, + "priority_class_name": null, + "readiness_gates": null, + "resource_claims": null, + "restart_policy": "Always", + "runtime_class_name": null, + "scheduler_name": "default-scheduler", + "scheduling_gates": null, + "security_context": { + "fs_group": null, + "fs_group_change_policy": null, + "run_as_group": null, + "run_as_non_root": null, + "run_as_user": null, + "se_linux_options": null, + "seccomp_profile": null, + "supplemental_groups": null, + "sysctls": null, + "windows_options": null + }, + "service_account": "default", + "service_account_name": "default", + "set_hostname_as_fqdn": null, + "share_process_namespace": null, + "subdomain": "test-cluster-pd-peer", + "termination_grace_period_seconds": 30, + "tolerations": [ + { + "effect": "NoExecute", + "key": "node.kubernetes.io/not-ready", + "operator": "Exists", + "toleration_seconds": 300, + "value": null + }, + { + "effect": "NoExecute", + "key": "node.kubernetes.io/unreachable", + "operator": "Exists", + "toleration_seconds": 300, + "value": null + } + ], + "topology_spread_constraints": null, + "volumes": [ + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "pd", + "nfs": null, + "persistent_volume_claim": { + "claim_name": "pd-test-cluster-pd-1", + "read_only": null + }, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": { + "default_mode": 420, + "items": [ + { + "field_ref": { + "api_version": "v1", + "field_path": "metadata.annotations" + }, + "mode": null, + "path": "annotations", + "resource_field_ref": null + } + ] + }, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "annotations", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": { + "default_mode": 420, + "items": [ + { + "key": "config-file", + "mode": null, + "path": "pd.toml" + } + ], + "name": "test-cluster-pd-3731616", + "optional": null + }, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "config", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": { + "default_mode": 420, + "items": [ + { + "key": "startup-script", + "mode": null, + "path": "pd_start_script.sh" + } + ], + "name": "test-cluster-pd-3731616", + "optional": null + }, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "startup-script", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "kube-api-access-bclcz", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": { + "default_mode": 420, + "sources": [ + { + "config_map": null, + "downward_api": null, + "secret": null, + "service_account_token": { + "audience": null, + "expiration_seconds": 3607, + "path": "token" + } + }, + { + "config_map": { + "items": [ + { + "key": "ca.crt", + "mode": null, + "path": "ca.crt" + } + ], + "name": "kube-root-ca.crt", + "optional": null + }, + "downward_api": null, + "secret": null, + "service_account_token": null + }, + { + "config_map": null, + "downward_api": { + "items": [ + { + "field_ref": { + "api_version": "v1", + "field_path": "metadata.namespace" + }, + "mode": null, + "path": "namespace", + "resource_field_ref": null + } + ] + }, + "secret": null, + "service_account_token": null + } + ] + }, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + } + ] + }, + "status": { + "conditions": [ + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T01:20:03+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "Initialized" + }, + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T01:20:04+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "Ready" + }, + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T01:20:04+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "ContainersReady" + }, + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T01:20:03+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "PodScheduled" + } + ], + "container_statuses": [ + { + "container_id": "containerd://0a7d143f5be0063988eb0aef7c4aa201ac0ecd29e34a77c5d3e3e0c4d420b13f", + "image": "docker.io/pingcap/pd:v5.4.0", + "image_id": "docker.io/library/import-2024-02-27@sha256:e69d83ac856c43909b810402d2fcbeb543ca3580d5be3ecfc008c3f522d89285", + "last_state": { + "running": null, + "terminated": null, + "waiting": null + }, + "name": "pd", + "ready": true, + "restart_count": 0, + "started": true, + "state": { + "running": { + "started_at": "2024-02-27T01:20:04+00:00" + }, + "terminated": null, + "waiting": null + } + } + ], + "ephemeral_container_statuses": null, + "host_ip": "172.18.0.5", + "init_container_statuses": null, + "message": null, + "nominated_node_name": null, + "phase": "Running", + "pod_ip": "10.244.2.5", + "pod_i_ps": [ + { + "ip": "10.244.2.5" + } + ], + "qos_class": "BestEffort", + "reason": null, + "start_time": "2024-02-27T01:20:03+00:00" + } + }, + "test-cluster-pd-2": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": { + "prometheus.io/path": "/metrics", + "prometheus.io/port": "2379", + "prometheus.io/scrape": "true" + }, + "creation_timestamp": "2024-02-27T01:19:59+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": "test-cluster-pd-", + "generation": null, + "labels": { + "app.kubernetes.io/component": "pd", + "app.kubernetes.io/instance": "test-cluster", + "app.kubernetes.io/managed-by": "tidb-operator", + "app.kubernetes.io/name": "tidb-cluster", + "apps.kubernetes.io/pod-index": "2", + "controller-revision-hash": "test-cluster-pd-859db88ddf", + "statefulset.kubernetes.io/pod-name": "test-cluster-pd-2", + "tidb.pingcap.com/cluster-id": "7340085439264123903", + "tidb.pingcap.com/member-id": "5110389971597451409" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + ".": {}, + "f:prometheus.io/path": {}, + "f:prometheus.io/port": {}, + "f:prometheus.io/scrape": {} + }, + "f:generateName": {}, + "f:labels": { + ".": {}, + "f:app.kubernetes.io/component": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {}, + "f:apps.kubernetes.io/pod-index": {}, + "f:controller-revision-hash": {}, + "f:statefulset.kubernetes.io/pod-name": {} + }, + "f:ownerReferences": { + ".": {}, + "k:{\"uid\":\"88522170-1faf-4a03-8d4e-f4f6a40c72a7\"}": {} + } + }, + "f:spec": { + "f:containers": { + "k:{\"name\":\"pd\"}": { + ".": {}, + "f:command": {}, + "f:env": { + ".": {}, + "k:{\"name\":\"NAMESPACE\"}": { + ".": {}, + "f:name": {}, + "f:valueFrom": { + ".": {}, + "f:fieldRef": {} + } + }, + "k:{\"name\":\"PEER_SERVICE_NAME\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"SERVICE_NAME\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"SET_NAME\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"TZ\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + } + }, + "f:image": {}, + "f:imagePullPolicy": {}, + "f:name": {}, + "f:ports": { + ".": {}, + "k:{\"containerPort\":2379,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + }, + "k:{\"containerPort\":2380,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + } + }, + "f:resources": {}, + "f:terminationMessagePath": {}, + "f:terminationMessagePolicy": {}, + "f:volumeMounts": { + ".": {}, + "k:{\"mountPath\":\"/etc/pd\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {}, + "f:readOnly": {} + }, + "k:{\"mountPath\":\"/etc/podinfo\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {}, + "f:readOnly": {} + }, + "k:{\"mountPath\":\"/usr/local/bin\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {}, + "f:readOnly": {} + }, + "k:{\"mountPath\":\"/var/lib/pd\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {} + } + } + } + }, + "f:dnsPolicy": {}, + "f:enableServiceLinks": {}, + "f:hostname": {}, + "f:restartPolicy": {}, + "f:schedulerName": {}, + "f:securityContext": {}, + "f:subdomain": {}, + "f:terminationGracePeriodSeconds": {}, + "f:volumes": { + ".": {}, + "k:{\"name\":\"annotations\"}": { + ".": {}, + "f:downwardAPI": { + ".": {}, + "f:defaultMode": {}, + "f:items": {} + }, + "f:name": {} + }, + "k:{\"name\":\"config\"}": { + ".": {}, + "f:configMap": { + ".": {}, + "f:defaultMode": {}, + "f:items": {}, + "f:name": {} + }, + "f:name": {} + }, + "k:{\"name\":\"pd\"}": { + ".": {}, + "f:name": {}, + "f:persistentVolumeClaim": { + ".": {}, + "f:claimName": {} + } + }, + "k:{\"name\":\"startup-script\"}": { + ".": {}, + "f:configMap": { + ".": {}, + "f:defaultMode": {}, + "f:items": {}, + "f:name": {} + }, + "f:name": {} + } + } + } + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:59+00:00" + }, + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:status": { + "f:conditions": { + "k:{\"type\":\"ContainersReady\"}": { + ".": {}, + "f:lastProbeTime": {}, + "f:lastTransitionTime": {}, + "f:status": {}, + "f:type": {} + }, + "k:{\"type\":\"Initialized\"}": { + ".": {}, + "f:lastProbeTime": {}, + "f:lastTransitionTime": {}, + "f:status": {}, + "f:type": {} + }, + "k:{\"type\":\"Ready\"}": { + ".": {}, + "f:lastProbeTime": {}, + "f:lastTransitionTime": {}, + "f:status": {}, + "f:type": {} + } + }, + "f:containerStatuses": {}, + "f:hostIP": {}, + "f:phase": {}, + "f:podIP": {}, + "f:podIPs": { + ".": {}, + "k:{\"ip\":\"10.244.3.5\"}": { + ".": {}, + "f:ip": {} + } + }, + "f:startTime": {} + } + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:05+00:00" + }, + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:labels": { + "f:tidb.pingcap.com/cluster-id": {}, + "f:tidb.pingcap.com/member-id": {} + } + } + }, + "manager": "tidb-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:52+00:00" + } + ], + "name": "test-cluster-pd-2", + "namespace": "acto-namespace", + "owner_references": [ + { + "api_version": "apps/v1", + "block_owner_deletion": true, + "controller": true, + "kind": "StatefulSet", + "name": "test-cluster-pd", + "uid": "88522170-1faf-4a03-8d4e-f4f6a40c72a7" + } + ], + "resource_version": "1354", + "self_link": null, + "uid": "6c47980f-aa16-4023-b5b9-150257844cb0" + }, + "spec": { + "active_deadline_seconds": null, + "affinity": null, + "automount_service_account_token": null, + "containers": [ + { + "args": null, + "command": [ + "/bin/sh", + "/usr/local/bin/pd_start_script.sh" + ], + "env": [ + { + "name": "NAMESPACE", + "value": null, + "value_from": { + "config_map_key_ref": null, + "field_ref": { + "api_version": "v1", + "field_path": "metadata.namespace" + }, + "resource_field_ref": null, + "secret_key_ref": null + } + }, + { + "name": "PEER_SERVICE_NAME", + "value": "test-cluster-pd-peer", + "value_from": null + }, + { + "name": "SERVICE_NAME", + "value": "test-cluster-pd", + "value_from": null + }, + { + "name": "SET_NAME", + "value": "test-cluster-pd", + "value_from": null + }, + { + "name": "TZ", + "value": "UTC", + "value_from": null + } + ], + "env_from": null, + "image": "pingcap/pd:v5.4.0", + "image_pull_policy": "IfNotPresent", + "lifecycle": null, + "liveness_probe": null, + "name": "pd", + "ports": [ + { + "container_port": 2380, + "host_ip": null, + "host_port": null, + "name": "server", + "protocol": "TCP" + }, + { + "container_port": 2379, + "host_ip": null, + "host_port": null, + "name": "client", + "protocol": "TCP" + } + ], + "readiness_probe": null, + "resources": { + "claims": null, + "limits": null, + "requests": null + }, + "security_context": null, + "startup_probe": null, + "stdin": null, + "stdin_once": null, + "termination_message_path": "/dev/termination-log", + "termination_message_policy": "File", + "tty": null, + "volume_devices": null, + "volume_mounts": [ + { + "mount_path": "/etc/podinfo", + "mount_propagation": null, + "name": "annotations", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/etc/pd", + "mount_propagation": null, + "name": "config", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/usr/local/bin", + "mount_propagation": null, + "name": "startup-script", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/var/lib/pd", + "mount_propagation": null, + "name": "pd", + "read_only": null, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/var/run/secrets/kubernetes.io/serviceaccount", + "mount_propagation": null, + "name": "kube-api-access-656c8", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + } + ], + "working_dir": null + } + ], + "dns_config": null, + "dns_policy": "ClusterFirst", + "enable_service_links": true, + "ephemeral_containers": null, + "host_aliases": null, + "host_ipc": null, + "host_network": null, + "host_pid": null, + "host_users": null, + "hostname": "test-cluster-pd-2", + "image_pull_secrets": null, + "init_containers": null, + "node_name": "acto-0-cluster-0-worker3", + "node_selector": null, + "os": null, + "overhead": null, + "preemption_policy": "PreemptLowerPriority", + "priority": 0, + "priority_class_name": null, + "readiness_gates": null, + "resource_claims": null, + "restart_policy": "Always", + "runtime_class_name": null, + "scheduler_name": "default-scheduler", + "scheduling_gates": null, + "security_context": { + "fs_group": null, + "fs_group_change_policy": null, + "run_as_group": null, + "run_as_non_root": null, + "run_as_user": null, + "se_linux_options": null, + "seccomp_profile": null, + "supplemental_groups": null, + "sysctls": null, + "windows_options": null + }, + "service_account": "default", + "service_account_name": "default", + "set_hostname_as_fqdn": null, + "share_process_namespace": null, + "subdomain": "test-cluster-pd-peer", + "termination_grace_period_seconds": 30, + "tolerations": [ + { + "effect": "NoExecute", + "key": "node.kubernetes.io/not-ready", + "operator": "Exists", + "toleration_seconds": 300, + "value": null + }, + { + "effect": "NoExecute", + "key": "node.kubernetes.io/unreachable", + "operator": "Exists", + "toleration_seconds": 300, + "value": null + } + ], + "topology_spread_constraints": null, + "volumes": [ + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "pd", + "nfs": null, + "persistent_volume_claim": { + "claim_name": "pd-test-cluster-pd-2", + "read_only": null + }, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": { + "default_mode": 420, + "items": [ + { + "field_ref": { + "api_version": "v1", + "field_path": "metadata.annotations" + }, + "mode": null, + "path": "annotations", + "resource_field_ref": null + } + ] + }, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "annotations", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": { + "default_mode": 420, + "items": [ + { + "key": "config-file", + "mode": null, + "path": "pd.toml" + } + ], + "name": "test-cluster-pd-3731616", + "optional": null + }, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "config", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": { + "default_mode": 420, + "items": [ + { + "key": "startup-script", + "mode": null, + "path": "pd_start_script.sh" + } + ], + "name": "test-cluster-pd-3731616", + "optional": null + }, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "startup-script", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "kube-api-access-656c8", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": { + "default_mode": 420, + "sources": [ + { + "config_map": null, + "downward_api": null, + "secret": null, + "service_account_token": { + "audience": null, + "expiration_seconds": 3607, + "path": "token" + } + }, + { + "config_map": { + "items": [ + { + "key": "ca.crt", + "mode": null, + "path": "ca.crt" + } + ], + "name": "kube-root-ca.crt", + "optional": null + }, + "downward_api": null, + "secret": null, + "service_account_token": null + }, + { + "config_map": null, + "downward_api": { + "items": [ + { + "field_ref": { + "api_version": "v1", + "field_path": "metadata.namespace" + }, + "mode": null, + "path": "namespace", + "resource_field_ref": null + } + ] + }, + "secret": null, + "service_account_token": null + } + ] + }, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + } + ] + }, + "status": { + "conditions": [ + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T01:20:03+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "Initialized" + }, + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T01:20:05+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "Ready" + }, + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T01:20:05+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "ContainersReady" + }, + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T01:20:03+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "PodScheduled" + } + ], + "container_statuses": [ + { + "container_id": "containerd://4cfe567e533bd251147cb392cc365315c020abcd2441c32cdfffc0a08ad62b43", + "image": "docker.io/pingcap/pd:v5.4.0", + "image_id": "docker.io/library/import-2024-02-27@sha256:e69d83ac856c43909b810402d2fcbeb543ca3580d5be3ecfc008c3f522d89285", + "last_state": { + "running": null, + "terminated": null, + "waiting": null + }, + "name": "pd", + "ready": true, + "restart_count": 0, + "started": true, + "state": { + "running": { + "started_at": "2024-02-27T01:20:04+00:00" + }, + "terminated": null, + "waiting": null + } + } + ], + "ephemeral_container_statuses": null, + "host_ip": "172.18.0.3", + "init_container_statuses": null, + "message": null, + "nominated_node_name": null, + "phase": "Running", + "pod_ip": "10.244.3.5", + "pod_i_ps": [ + { + "ip": "10.244.3.5" + } + ], + "qos_class": "BestEffort", + "reason": null, + "start_time": "2024-02-27T01:20:03+00:00" + } + }, + "test-cluster-tidb-0": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": { + "prometheus.io/path": "/metrics", + "prometheus.io/port": "10080", + "prometheus.io/scrape": "true" + }, + "creation_timestamp": "2024-02-27T01:20:52+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": "test-cluster-tidb-", + "generation": null, + "labels": { + "app.kubernetes.io/component": "tidb", + "app.kubernetes.io/instance": "test-cluster", + "app.kubernetes.io/managed-by": "tidb-operator", + "app.kubernetes.io/name": "tidb-cluster", + "apps.kubernetes.io/pod-index": "0", + "controller-revision-hash": "test-cluster-tidb-788bdc6cfc", + "statefulset.kubernetes.io/pod-name": "test-cluster-tidb-0", + "tidb.pingcap.com/cluster-id": "7340085439264123903" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + ".": {}, + "f:prometheus.io/path": {}, + "f:prometheus.io/port": {}, + "f:prometheus.io/scrape": {} + }, + "f:generateName": {}, + "f:labels": { + ".": {}, + "f:app.kubernetes.io/component": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {}, + "f:apps.kubernetes.io/pod-index": {}, + "f:controller-revision-hash": {}, + "f:statefulset.kubernetes.io/pod-name": {} + }, + "f:ownerReferences": { + ".": {}, + "k:{\"uid\":\"275a96f1-4db6-4070-a665-2df5d784b843\"}": {} + } + }, + "f:spec": { + "f:containers": { + "k:{\"name\":\"slowlog\"}": { + ".": {}, + "f:command": {}, + "f:image": {}, + "f:imagePullPolicy": {}, + "f:name": {}, + "f:resources": {}, + "f:terminationMessagePath": {}, + "f:terminationMessagePolicy": {}, + "f:volumeMounts": { + ".": {}, + "k:{\"mountPath\":\"/var/log/tidb\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {} + } + } + }, + "k:{\"name\":\"tidb\"}": { + ".": {}, + "f:command": {}, + "f:env": { + ".": {}, + "k:{\"name\":\"BINLOG_ENABLED\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"CLUSTER_NAME\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"HEADLESS_SERVICE_NAME\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"NAMESPACE\"}": { + ".": {}, + "f:name": {}, + "f:valueFrom": { + ".": {}, + "f:fieldRef": {} + } + }, + "k:{\"name\":\"POD_NAME\"}": { + ".": {}, + "f:name": {}, + "f:valueFrom": { + ".": {}, + "f:fieldRef": {} + } + }, + "k:{\"name\":\"SLOW_LOG_FILE\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"TZ\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + } + }, + "f:image": {}, + "f:imagePullPolicy": {}, + "f:name": {}, + "f:ports": { + ".": {}, + "k:{\"containerPort\":4000,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + }, + "k:{\"containerPort\":10080,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + } + }, + "f:readinessProbe": { + ".": {}, + "f:failureThreshold": {}, + "f:initialDelaySeconds": {}, + "f:periodSeconds": {}, + "f:successThreshold": {}, + "f:tcpSocket": { + ".": {}, + "f:port": {} + }, + "f:timeoutSeconds": {} + }, + "f:resources": {}, + "f:terminationMessagePath": {}, + "f:terminationMessagePolicy": {}, + "f:volumeMounts": { + ".": {}, + "k:{\"mountPath\":\"/etc/podinfo\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {}, + "f:readOnly": {} + }, + "k:{\"mountPath\":\"/etc/tidb\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {}, + "f:readOnly": {} + }, + "k:{\"mountPath\":\"/usr/local/bin\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {}, + "f:readOnly": {} + }, + "k:{\"mountPath\":\"/var/log/tidb\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {} + } + } + } + }, + "f:dnsPolicy": {}, + "f:enableServiceLinks": {}, + "f:hostname": {}, + "f:restartPolicy": {}, + "f:schedulerName": {}, + "f:securityContext": {}, + "f:subdomain": {}, + "f:terminationGracePeriodSeconds": {}, + "f:volumes": { + ".": {}, + "k:{\"name\":\"annotations\"}": { + ".": {}, + "f:downwardAPI": { + ".": {}, + "f:defaultMode": {}, + "f:items": {} + }, + "f:name": {} + }, + "k:{\"name\":\"config\"}": { + ".": {}, + "f:configMap": { + ".": {}, + "f:defaultMode": {}, + "f:items": {}, + "f:name": {} + }, + "f:name": {} + }, + "k:{\"name\":\"slowlog\"}": { + ".": {}, + "f:emptyDir": {}, + "f:name": {} + }, + "k:{\"name\":\"startup-script\"}": { + ".": {}, + "f:configMap": { + ".": {}, + "f:defaultMode": {}, + "f:items": {}, + "f:name": {} + }, + "f:name": {} + } + } + } + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:52+00:00" + }, + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:status": { + "f:conditions": { + "k:{\"type\":\"ContainersReady\"}": { + ".": {}, + "f:lastProbeTime": {}, + "f:type": {} + }, + "k:{\"type\":\"Initialized\"}": { + ".": {}, + "f:lastProbeTime": {}, + "f:lastTransitionTime": {}, + "f:status": {}, + "f:type": {} + }, + "k:{\"type\":\"Ready\"}": { + ".": {}, + "f:lastProbeTime": {}, + "f:type": {} + } + }, + "f:hostIP": {}, + "f:phase": {}, + "f:podIP": {}, + "f:podIPs": { + ".": {}, + "k:{\"ip\":\"10.244.1.7\"}": { + ".": {}, + "f:ip": {} + } + }, + "f:startTime": {} + } + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:53+00:00" + }, + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:labels": { + "f:tidb.pingcap.com/cluster-id": {} + } + } + }, + "manager": "tidb-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:56+00:00" + }, + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:status": { + "f:conditions": { + "k:{\"type\":\"ContainersReady\"}": { + "f:lastTransitionTime": {}, + "f:status": {} + }, + "k:{\"type\":\"Ready\"}": { + "f:lastTransitionTime": {}, + "f:status": {} + } + }, + "f:containerStatuses": {} + } + }, + "manager": "kubelet", + "operation": "Update", + "subresource": "status", + "time": "2024-02-27T01:21:12+00:00" + } + ], + "name": "test-cluster-tidb-0", + "namespace": "acto-namespace", + "owner_references": [ + { + "api_version": "apps/v1", + "block_owner_deletion": true, + "controller": true, + "kind": "StatefulSet", + "name": "test-cluster-tidb", + "uid": "275a96f1-4db6-4070-a665-2df5d784b843" + } + ], + "resource_version": "1476", + "self_link": null, + "uid": "33b4a064-47e7-4ea8-a6eb-4638ba7c5753" + }, + "spec": { + "active_deadline_seconds": null, + "affinity": null, + "automount_service_account_token": null, + "containers": [ + { + "args": null, + "command": [ + "sh", + "-c", + "touch /var/log/tidb/slowlog; tail -n0 -F /var/log/tidb/slowlog;" + ], + "env": null, + "env_from": null, + "image": "busybox:1.34.1", + "image_pull_policy": "IfNotPresent", + "lifecycle": null, + "liveness_probe": null, + "name": "slowlog", + "ports": null, + "readiness_probe": null, + "resources": { + "claims": null, + "limits": null, + "requests": null + }, + "security_context": null, + "startup_probe": null, + "stdin": null, + "stdin_once": null, + "termination_message_path": "/dev/termination-log", + "termination_message_policy": "File", + "tty": null, + "volume_devices": null, + "volume_mounts": [ + { + "mount_path": "/var/log/tidb", + "mount_propagation": null, + "name": "slowlog", + "read_only": null, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/var/run/secrets/kubernetes.io/serviceaccount", + "mount_propagation": null, + "name": "kube-api-access-bn9wq", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + } + ], + "working_dir": null + }, + { + "args": null, + "command": [ + "/bin/sh", + "/usr/local/bin/tidb_start_script.sh" + ], + "env": [ + { + "name": "CLUSTER_NAME", + "value": "test-cluster", + "value_from": null + }, + { + "name": "TZ", + "value": "UTC", + "value_from": null + }, + { + "name": "BINLOG_ENABLED", + "value": "false", + "value_from": null + }, + { + "name": "SLOW_LOG_FILE", + "value": "/var/log/tidb/slowlog", + "value_from": null + }, + { + "name": "POD_NAME", + "value": null, + "value_from": { + "config_map_key_ref": null, + "field_ref": { + "api_version": "v1", + "field_path": "metadata.name" + }, + "resource_field_ref": null, + "secret_key_ref": null + } + }, + { + "name": "NAMESPACE", + "value": null, + "value_from": { + "config_map_key_ref": null, + "field_ref": { + "api_version": "v1", + "field_path": "metadata.namespace" + }, + "resource_field_ref": null, + "secret_key_ref": null + } + }, + { + "name": "HEADLESS_SERVICE_NAME", + "value": "test-cluster-tidb-peer", + "value_from": null + } + ], + "env_from": null, + "image": "pingcap/tidb:v5.4.0", + "image_pull_policy": "IfNotPresent", + "lifecycle": null, + "liveness_probe": null, + "name": "tidb", + "ports": [ + { + "container_port": 4000, + "host_ip": null, + "host_port": null, + "name": "server", + "protocol": "TCP" + }, + { + "container_port": 10080, + "host_ip": null, + "host_port": null, + "name": "status", + "protocol": "TCP" + } + ], + "readiness_probe": { + "_exec": null, + "failure_threshold": 3, + "grpc": null, + "http_get": null, + "initial_delay_seconds": 10, + "period_seconds": 10, + "success_threshold": 1, + "tcp_socket": { + "host": null, + "port": 4000 + }, + "termination_grace_period_seconds": null, + "timeout_seconds": 1 + }, + "resources": { + "claims": null, + "limits": null, + "requests": null + }, + "security_context": null, + "startup_probe": null, + "stdin": null, + "stdin_once": null, + "termination_message_path": "/dev/termination-log", + "termination_message_policy": "File", + "tty": null, + "volume_devices": null, + "volume_mounts": [ + { + "mount_path": "/etc/podinfo", + "mount_propagation": null, + "name": "annotations", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/etc/tidb", + "mount_propagation": null, + "name": "config", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/usr/local/bin", + "mount_propagation": null, + "name": "startup-script", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/var/log/tidb", + "mount_propagation": null, + "name": "slowlog", + "read_only": null, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/var/run/secrets/kubernetes.io/serviceaccount", + "mount_propagation": null, + "name": "kube-api-access-bn9wq", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + } + ], + "working_dir": null + } + ], + "dns_config": null, + "dns_policy": "ClusterFirst", + "enable_service_links": true, + "ephemeral_containers": null, + "host_aliases": null, + "host_ipc": null, + "host_network": null, + "host_pid": null, + "host_users": null, + "hostname": "test-cluster-tidb-0", + "image_pull_secrets": null, + "init_containers": null, + "node_name": "acto-0-cluster-0-worker", + "node_selector": null, + "os": null, + "overhead": null, + "preemption_policy": "PreemptLowerPriority", + "priority": 0, + "priority_class_name": null, + "readiness_gates": null, + "resource_claims": null, + "restart_policy": "Always", + "runtime_class_name": null, + "scheduler_name": "default-scheduler", + "scheduling_gates": null, + "security_context": { + "fs_group": null, + "fs_group_change_policy": null, + "run_as_group": null, + "run_as_non_root": null, + "run_as_user": null, + "se_linux_options": null, + "seccomp_profile": null, + "supplemental_groups": null, + "sysctls": null, + "windows_options": null + }, + "service_account": "default", + "service_account_name": "default", + "set_hostname_as_fqdn": null, + "share_process_namespace": null, + "subdomain": "test-cluster-tidb-peer", + "termination_grace_period_seconds": 30, + "tolerations": [ + { + "effect": "NoExecute", + "key": "node.kubernetes.io/not-ready", + "operator": "Exists", + "toleration_seconds": 300, + "value": null + }, + { + "effect": "NoExecute", + "key": "node.kubernetes.io/unreachable", + "operator": "Exists", + "toleration_seconds": 300, + "value": null + } + ], + "topology_spread_constraints": null, + "volumes": [ + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": { + "default_mode": 420, + "items": [ + { + "field_ref": { + "api_version": "v1", + "field_path": "metadata.annotations" + }, + "mode": null, + "path": "annotations", + "resource_field_ref": null + } + ] + }, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "annotations", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": { + "default_mode": 420, + "items": [ + { + "key": "config-file", + "mode": null, + "path": "tidb.toml" + } + ], + "name": "test-cluster-tidb-6662316", + "optional": null + }, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "config", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": { + "default_mode": 420, + "items": [ + { + "key": "startup-script", + "mode": null, + "path": "tidb_start_script.sh" + } + ], + "name": "test-cluster-tidb-6662316", + "optional": null + }, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "startup-script", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": null, + "empty_dir": { + "medium": null, + "size_limit": null + }, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "slowlog", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "kube-api-access-bn9wq", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": { + "default_mode": 420, + "sources": [ + { + "config_map": null, + "downward_api": null, + "secret": null, + "service_account_token": { + "audience": null, + "expiration_seconds": 3607, + "path": "token" + } + }, + { + "config_map": { + "items": [ + { + "key": "ca.crt", + "mode": null, + "path": "ca.crt" + } + ], + "name": "kube-root-ca.crt", + "optional": null + }, + "downward_api": null, + "secret": null, + "service_account_token": null + }, + { + "config_map": null, + "downward_api": { + "items": [ + { + "field_ref": { + "api_version": "v1", + "field_path": "metadata.namespace" + }, + "mode": null, + "path": "namespace", + "resource_field_ref": null + } + ] + }, + "secret": null, + "service_account_token": null + } + ] + }, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + } + ] + }, + "status": { + "conditions": [ + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T01:20:52+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "Initialized" + }, + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T01:21:12+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "Ready" + }, + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T01:21:12+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "ContainersReady" + }, + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T01:20:52+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "PodScheduled" + } + ], + "container_statuses": [ + { + "container_id": "containerd://2ad24452cf6402683212a2d6d2849bc1145c5e44bddeb8e4baa6302f36f3a8c7", + "image": "docker.io/library/busybox:1.34.1", + "image_id": "docker.io/library/import-2024-02-27@sha256:c4d04d75f4fed737c946055f12e8eae66b6272e59afc5c9ed865428d7c215dad", + "last_state": { + "running": null, + "terminated": null, + "waiting": null + }, + "name": "slowlog", + "ready": true, + "restart_count": 0, + "started": true, + "state": { + "running": { + "started_at": "2024-02-27T01:20:52+00:00" + }, + "terminated": null, + "waiting": null + } + }, + { + "container_id": "containerd://f444e63c46317f049b2930f01b3386f18d2cbd204fef61c0c0959c564a310e03", + "image": "docker.io/pingcap/tidb:v5.4.0", + "image_id": "docker.io/library/import-2024-02-27@sha256:a79108254173688e4d6f8502e165ed9ef323e4af82c390a2afa40c6dfa4aa712", + "last_state": { + "running": null, + "terminated": null, + "waiting": null + }, + "name": "tidb", + "ready": true, + "restart_count": 0, + "started": true, + "state": { + "running": { + "started_at": "2024-02-27T01:20:53+00:00" + }, + "terminated": null, + "waiting": null + } + } + ], + "ephemeral_container_statuses": null, + "host_ip": "172.18.0.2", + "init_container_statuses": null, + "message": null, + "nominated_node_name": null, + "phase": "Running", + "pod_ip": "10.244.1.7", + "pod_i_ps": [ + { + "ip": "10.244.1.7" + } + ], + "qos_class": "BestEffort", + "reason": null, + "start_time": "2024-02-27T01:20:52+00:00" + } + }, + "test-cluster-tidb-1": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": { + "prometheus.io/path": "/metrics", + "prometheus.io/port": "10080", + "prometheus.io/scrape": "true" + }, + "creation_timestamp": "2024-02-27T01:20:52+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": "test-cluster-tidb-", + "generation": null, + "labels": { + "app.kubernetes.io/component": "tidb", + "app.kubernetes.io/instance": "test-cluster", + "app.kubernetes.io/managed-by": "tidb-operator", + "app.kubernetes.io/name": "tidb-cluster", + "apps.kubernetes.io/pod-index": "1", + "controller-revision-hash": "test-cluster-tidb-788bdc6cfc", + "statefulset.kubernetes.io/pod-name": "test-cluster-tidb-1", + "tidb.pingcap.com/cluster-id": "7340085439264123903" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + ".": {}, + "f:prometheus.io/path": {}, + "f:prometheus.io/port": {}, + "f:prometheus.io/scrape": {} + }, + "f:generateName": {}, + "f:labels": { + ".": {}, + "f:app.kubernetes.io/component": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {}, + "f:apps.kubernetes.io/pod-index": {}, + "f:controller-revision-hash": {}, + "f:statefulset.kubernetes.io/pod-name": {} + }, + "f:ownerReferences": { + ".": {}, + "k:{\"uid\":\"275a96f1-4db6-4070-a665-2df5d784b843\"}": {} + } + }, + "f:spec": { + "f:containers": { + "k:{\"name\":\"slowlog\"}": { + ".": {}, + "f:command": {}, + "f:image": {}, + "f:imagePullPolicy": {}, + "f:name": {}, + "f:resources": {}, + "f:terminationMessagePath": {}, + "f:terminationMessagePolicy": {}, + "f:volumeMounts": { + ".": {}, + "k:{\"mountPath\":\"/var/log/tidb\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {} + } + } + }, + "k:{\"name\":\"tidb\"}": { + ".": {}, + "f:command": {}, + "f:env": { + ".": {}, + "k:{\"name\":\"BINLOG_ENABLED\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"CLUSTER_NAME\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"HEADLESS_SERVICE_NAME\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"NAMESPACE\"}": { + ".": {}, + "f:name": {}, + "f:valueFrom": { + ".": {}, + "f:fieldRef": {} + } + }, + "k:{\"name\":\"POD_NAME\"}": { + ".": {}, + "f:name": {}, + "f:valueFrom": { + ".": {}, + "f:fieldRef": {} + } + }, + "k:{\"name\":\"SLOW_LOG_FILE\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"TZ\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + } + }, + "f:image": {}, + "f:imagePullPolicy": {}, + "f:name": {}, + "f:ports": { + ".": {}, + "k:{\"containerPort\":4000,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + }, + "k:{\"containerPort\":10080,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + } + }, + "f:readinessProbe": { + ".": {}, + "f:failureThreshold": {}, + "f:initialDelaySeconds": {}, + "f:periodSeconds": {}, + "f:successThreshold": {}, + "f:tcpSocket": { + ".": {}, + "f:port": {} + }, + "f:timeoutSeconds": {} + }, + "f:resources": {}, + "f:terminationMessagePath": {}, + "f:terminationMessagePolicy": {}, + "f:volumeMounts": { + ".": {}, + "k:{\"mountPath\":\"/etc/podinfo\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {}, + "f:readOnly": {} + }, + "k:{\"mountPath\":\"/etc/tidb\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {}, + "f:readOnly": {} + }, + "k:{\"mountPath\":\"/usr/local/bin\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {}, + "f:readOnly": {} + }, + "k:{\"mountPath\":\"/var/log/tidb\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {} + } + } + } + }, + "f:dnsPolicy": {}, + "f:enableServiceLinks": {}, + "f:hostname": {}, + "f:restartPolicy": {}, + "f:schedulerName": {}, + "f:securityContext": {}, + "f:subdomain": {}, + "f:terminationGracePeriodSeconds": {}, + "f:volumes": { + ".": {}, + "k:{\"name\":\"annotations\"}": { + ".": {}, + "f:downwardAPI": { + ".": {}, + "f:defaultMode": {}, + "f:items": {} + }, + "f:name": {} + }, + "k:{\"name\":\"config\"}": { + ".": {}, + "f:configMap": { + ".": {}, + "f:defaultMode": {}, + "f:items": {}, + "f:name": {} + }, + "f:name": {} + }, + "k:{\"name\":\"slowlog\"}": { + ".": {}, + "f:emptyDir": {}, + "f:name": {} + }, + "k:{\"name\":\"startup-script\"}": { + ".": {}, + "f:configMap": { + ".": {}, + "f:defaultMode": {}, + "f:items": {}, + "f:name": {} + }, + "f:name": {} + } + } + } + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:52+00:00" + }, + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:status": { + "f:conditions": { + "k:{\"type\":\"ContainersReady\"}": { + ".": {}, + "f:lastProbeTime": {}, + "f:type": {} + }, + "k:{\"type\":\"Initialized\"}": { + ".": {}, + "f:lastProbeTime": {}, + "f:lastTransitionTime": {}, + "f:status": {}, + "f:type": {} + }, + "k:{\"type\":\"Ready\"}": { + ".": {}, + "f:lastProbeTime": {}, + "f:type": {} + } + }, + "f:hostIP": {}, + "f:phase": {}, + "f:podIP": {}, + "f:podIPs": { + ".": {}, + "k:{\"ip\":\"10.244.2.8\"}": { + ".": {}, + "f:ip": {} + } + }, + "f:startTime": {} + } + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:53+00:00" + }, + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:labels": { + "f:tidb.pingcap.com/cluster-id": {} + } + } + }, + "manager": "tidb-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:56+00:00" + }, + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:status": { + "f:conditions": { + "k:{\"type\":\"ContainersReady\"}": { + "f:lastTransitionTime": {}, + "f:status": {} + }, + "k:{\"type\":\"Ready\"}": { + "f:lastTransitionTime": {}, + "f:status": {} + } + }, + "f:containerStatuses": {} + } + }, + "manager": "kubelet", + "operation": "Update", + "subresource": "status", + "time": "2024-02-27T01:21:12+00:00" + } + ], + "name": "test-cluster-tidb-1", + "namespace": "acto-namespace", + "owner_references": [ + { + "api_version": "apps/v1", + "block_owner_deletion": true, + "controller": true, + "kind": "StatefulSet", + "name": "test-cluster-tidb", + "uid": "275a96f1-4db6-4070-a665-2df5d784b843" + } + ], + "resource_version": "1471", + "self_link": null, + "uid": "b39da1e7-81ed-4250-9545-8ebd713753dc" + }, + "spec": { + "active_deadline_seconds": null, + "affinity": null, + "automount_service_account_token": null, + "containers": [ + { + "args": null, + "command": [ + "sh", + "-c", + "touch /var/log/tidb/slowlog; tail -n0 -F /var/log/tidb/slowlog;" + ], + "env": null, + "env_from": null, + "image": "busybox:1.34.1", + "image_pull_policy": "IfNotPresent", + "lifecycle": null, + "liveness_probe": null, + "name": "slowlog", + "ports": null, + "readiness_probe": null, + "resources": { + "claims": null, + "limits": null, + "requests": null + }, + "security_context": null, + "startup_probe": null, + "stdin": null, + "stdin_once": null, + "termination_message_path": "/dev/termination-log", + "termination_message_policy": "File", + "tty": null, + "volume_devices": null, + "volume_mounts": [ + { + "mount_path": "/var/log/tidb", + "mount_propagation": null, + "name": "slowlog", + "read_only": null, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/var/run/secrets/kubernetes.io/serviceaccount", + "mount_propagation": null, + "name": "kube-api-access-rw5pc", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + } + ], + "working_dir": null + }, + { + "args": null, + "command": [ + "/bin/sh", + "/usr/local/bin/tidb_start_script.sh" + ], + "env": [ + { + "name": "CLUSTER_NAME", + "value": "test-cluster", + "value_from": null + }, + { + "name": "TZ", + "value": "UTC", + "value_from": null + }, + { + "name": "BINLOG_ENABLED", + "value": "false", + "value_from": null + }, + { + "name": "SLOW_LOG_FILE", + "value": "/var/log/tidb/slowlog", + "value_from": null + }, + { + "name": "POD_NAME", + "value": null, + "value_from": { + "config_map_key_ref": null, + "field_ref": { + "api_version": "v1", + "field_path": "metadata.name" + }, + "resource_field_ref": null, + "secret_key_ref": null + } + }, + { + "name": "NAMESPACE", + "value": null, + "value_from": { + "config_map_key_ref": null, + "field_ref": { + "api_version": "v1", + "field_path": "metadata.namespace" + }, + "resource_field_ref": null, + "secret_key_ref": null + } + }, + { + "name": "HEADLESS_SERVICE_NAME", + "value": "test-cluster-tidb-peer", + "value_from": null + } + ], + "env_from": null, + "image": "pingcap/tidb:v5.4.0", + "image_pull_policy": "IfNotPresent", + "lifecycle": null, + "liveness_probe": null, + "name": "tidb", + "ports": [ + { + "container_port": 4000, + "host_ip": null, + "host_port": null, + "name": "server", + "protocol": "TCP" + }, + { + "container_port": 10080, + "host_ip": null, + "host_port": null, + "name": "status", + "protocol": "TCP" + } + ], + "readiness_probe": { + "_exec": null, + "failure_threshold": 3, + "grpc": null, + "http_get": null, + "initial_delay_seconds": 10, + "period_seconds": 10, + "success_threshold": 1, + "tcp_socket": { + "host": null, + "port": 4000 + }, + "termination_grace_period_seconds": null, + "timeout_seconds": 1 + }, + "resources": { + "claims": null, + "limits": null, + "requests": null + }, + "security_context": null, + "startup_probe": null, + "stdin": null, + "stdin_once": null, + "termination_message_path": "/dev/termination-log", + "termination_message_policy": "File", + "tty": null, + "volume_devices": null, + "volume_mounts": [ + { + "mount_path": "/etc/podinfo", + "mount_propagation": null, + "name": "annotations", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/etc/tidb", + "mount_propagation": null, + "name": "config", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/usr/local/bin", + "mount_propagation": null, + "name": "startup-script", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/var/log/tidb", + "mount_propagation": null, + "name": "slowlog", + "read_only": null, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/var/run/secrets/kubernetes.io/serviceaccount", + "mount_propagation": null, + "name": "kube-api-access-rw5pc", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + } + ], + "working_dir": null + } + ], + "dns_config": null, + "dns_policy": "ClusterFirst", + "enable_service_links": true, + "ephemeral_containers": null, + "host_aliases": null, + "host_ipc": null, + "host_network": null, + "host_pid": null, + "host_users": null, + "hostname": "test-cluster-tidb-1", + "image_pull_secrets": null, + "init_containers": null, + "node_name": "acto-0-cluster-0-worker2", + "node_selector": null, + "os": null, + "overhead": null, + "preemption_policy": "PreemptLowerPriority", + "priority": 0, + "priority_class_name": null, + "readiness_gates": null, + "resource_claims": null, + "restart_policy": "Always", + "runtime_class_name": null, + "scheduler_name": "default-scheduler", + "scheduling_gates": null, + "security_context": { + "fs_group": null, + "fs_group_change_policy": null, + "run_as_group": null, + "run_as_non_root": null, + "run_as_user": null, + "se_linux_options": null, + "seccomp_profile": null, + "supplemental_groups": null, + "sysctls": null, + "windows_options": null + }, + "service_account": "default", + "service_account_name": "default", + "set_hostname_as_fqdn": null, + "share_process_namespace": null, + "subdomain": "test-cluster-tidb-peer", + "termination_grace_period_seconds": 30, + "tolerations": [ + { + "effect": "NoExecute", + "key": "node.kubernetes.io/not-ready", + "operator": "Exists", + "toleration_seconds": 300, + "value": null + }, + { + "effect": "NoExecute", + "key": "node.kubernetes.io/unreachable", + "operator": "Exists", + "toleration_seconds": 300, + "value": null + } + ], + "topology_spread_constraints": null, + "volumes": [ + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": { + "default_mode": 420, + "items": [ + { + "field_ref": { + "api_version": "v1", + "field_path": "metadata.annotations" + }, + "mode": null, + "path": "annotations", + "resource_field_ref": null + } + ] + }, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "annotations", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": { + "default_mode": 420, + "items": [ + { + "key": "config-file", + "mode": null, + "path": "tidb.toml" + } + ], + "name": "test-cluster-tidb-6662316", + "optional": null + }, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "config", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": { + "default_mode": 420, + "items": [ + { + "key": "startup-script", + "mode": null, + "path": "tidb_start_script.sh" + } + ], + "name": "test-cluster-tidb-6662316", + "optional": null + }, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "startup-script", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": null, + "empty_dir": { + "medium": null, + "size_limit": null + }, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "slowlog", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "kube-api-access-rw5pc", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": { + "default_mode": 420, + "sources": [ + { + "config_map": null, + "downward_api": null, + "secret": null, + "service_account_token": { + "audience": null, + "expiration_seconds": 3607, + "path": "token" + } + }, + { + "config_map": { + "items": [ + { + "key": "ca.crt", + "mode": null, + "path": "ca.crt" + } + ], + "name": "kube-root-ca.crt", + "optional": null + }, + "downward_api": null, + "secret": null, + "service_account_token": null + }, + { + "config_map": null, + "downward_api": { + "items": [ + { + "field_ref": { + "api_version": "v1", + "field_path": "metadata.namespace" + }, + "mode": null, + "path": "namespace", + "resource_field_ref": null + } + ] + }, + "secret": null, + "service_account_token": null + } + ] + }, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + } + ] + }, + "status": { + "conditions": [ + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T01:20:52+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "Initialized" + }, + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T01:21:12+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "Ready" + }, + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T01:21:12+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "ContainersReady" + }, + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T01:20:52+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "PodScheduled" + } + ], + "container_statuses": [ + { + "container_id": "containerd://6fc7c7c9dcb235ad59187d63b85140c79966544c06ac3cb4aad3ed5bf5a5df6b", + "image": "docker.io/library/busybox:1.34.1", + "image_id": "docker.io/library/import-2024-02-27@sha256:c4d04d75f4fed737c946055f12e8eae66b6272e59afc5c9ed865428d7c215dad", + "last_state": { + "running": null, + "terminated": null, + "waiting": null + }, + "name": "slowlog", + "ready": true, + "restart_count": 0, + "started": true, + "state": { + "running": { + "started_at": "2024-02-27T01:20:53+00:00" + }, + "terminated": null, + "waiting": null + } + }, + { + "container_id": "containerd://f092dd22c8f76105fb6b06a6ecd05efa4e205b3362e4e6c8d9723658411a9931", + "image": "docker.io/pingcap/tidb:v5.4.0", + "image_id": "docker.io/library/import-2024-02-27@sha256:a79108254173688e4d6f8502e165ed9ef323e4af82c390a2afa40c6dfa4aa712", + "last_state": { + "running": null, + "terminated": null, + "waiting": null + }, + "name": "tidb", + "ready": true, + "restart_count": 0, + "started": true, + "state": { + "running": { + "started_at": "2024-02-27T01:20:53+00:00" + }, + "terminated": null, + "waiting": null + } + } + ], + "ephemeral_container_statuses": null, + "host_ip": "172.18.0.5", + "init_container_statuses": null, + "message": null, + "nominated_node_name": null, + "phase": "Running", + "pod_ip": "10.244.2.8", + "pod_i_ps": [ + { + "ip": "10.244.2.8" + } + ], + "qos_class": "BestEffort", + "reason": null, + "start_time": "2024-02-27T01:20:52+00:00" + } + }, + "test-cluster-tidb-2": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": { + "prometheus.io/path": "/metrics", + "prometheus.io/port": "10080", + "prometheus.io/scrape": "true" + }, + "creation_timestamp": "2024-02-27T01:22:26+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": "test-cluster-tidb-", + "generation": null, + "labels": { + "app.kubernetes.io/component": "tidb", + "app.kubernetes.io/instance": "test-cluster", + "app.kubernetes.io/managed-by": "tidb-operator", + "app.kubernetes.io/name": "tidb-cluster", + "apps.kubernetes.io/pod-index": "2", + "controller-revision-hash": "test-cluster-tidb-64f7fcc656", + "statefulset.kubernetes.io/pod-name": "test-cluster-tidb-2", + "tidb.pingcap.com/cluster-id": "7340085439264123903" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + ".": {}, + "f:prometheus.io/path": {}, + "f:prometheus.io/port": {}, + "f:prometheus.io/scrape": {} + }, + "f:generateName": {}, + "f:labels": { + ".": {}, + "f:app.kubernetes.io/component": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {}, + "f:apps.kubernetes.io/pod-index": {}, + "f:controller-revision-hash": {}, + "f:statefulset.kubernetes.io/pod-name": {} + }, + "f:ownerReferences": { + ".": {}, + "k:{\"uid\":\"275a96f1-4db6-4070-a665-2df5d784b843\"}": {} + } + }, + "f:spec": { + "f:affinity": { + ".": {}, + "f:nodeAffinity": { + ".": {}, + "f:requiredDuringSchedulingIgnoredDuringExecution": {} + } + }, + "f:containers": { + "k:{\"name\":\"slowlog\"}": { + ".": {}, + "f:command": {}, + "f:image": {}, + "f:imagePullPolicy": {}, + "f:name": {}, + "f:resources": {}, + "f:terminationMessagePath": {}, + "f:terminationMessagePolicy": {}, + "f:volumeMounts": { + ".": {}, + "k:{\"mountPath\":\"/var/log/tidb\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {} + } + } + }, + "k:{\"name\":\"tidb\"}": { + ".": {}, + "f:command": {}, + "f:env": { + ".": {}, + "k:{\"name\":\"BINLOG_ENABLED\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"CLUSTER_NAME\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"HEADLESS_SERVICE_NAME\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"NAMESPACE\"}": { + ".": {}, + "f:name": {}, + "f:valueFrom": { + ".": {}, + "f:fieldRef": {} + } + }, + "k:{\"name\":\"POD_NAME\"}": { + ".": {}, + "f:name": {}, + "f:valueFrom": { + ".": {}, + "f:fieldRef": {} + } + }, + "k:{\"name\":\"SLOW_LOG_FILE\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"TZ\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + } + }, + "f:image": {}, + "f:imagePullPolicy": {}, + "f:name": {}, + "f:ports": { + ".": {}, + "k:{\"containerPort\":4000,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + }, + "k:{\"containerPort\":10080,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + } + }, + "f:readinessProbe": { + ".": {}, + "f:failureThreshold": {}, + "f:initialDelaySeconds": {}, + "f:periodSeconds": {}, + "f:successThreshold": {}, + "f:tcpSocket": { + ".": {}, + "f:port": {} + }, + "f:timeoutSeconds": {} + }, + "f:resources": {}, + "f:terminationMessagePath": {}, + "f:terminationMessagePolicy": {}, + "f:volumeMounts": { + ".": {}, + "k:{\"mountPath\":\"/etc/podinfo\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {}, + "f:readOnly": {} + }, + "k:{\"mountPath\":\"/etc/tidb\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {}, + "f:readOnly": {} + }, + "k:{\"mountPath\":\"/usr/local/bin\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {}, + "f:readOnly": {} + }, + "k:{\"mountPath\":\"/var/log/tidb\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {} + } + } + } + }, + "f:dnsPolicy": {}, + "f:enableServiceLinks": {}, + "f:hostname": {}, + "f:restartPolicy": {}, + "f:schedulerName": {}, + "f:securityContext": {}, + "f:subdomain": {}, + "f:terminationGracePeriodSeconds": {}, + "f:volumes": { + ".": {}, + "k:{\"name\":\"annotations\"}": { + ".": {}, + "f:downwardAPI": { + ".": {}, + "f:defaultMode": {}, + "f:items": {} + }, + "f:name": {} + }, + "k:{\"name\":\"config\"}": { + ".": {}, + "f:configMap": { + ".": {}, + "f:defaultMode": {}, + "f:items": {}, + "f:name": {} + }, + "f:name": {} + }, + "k:{\"name\":\"slowlog\"}": { + ".": {}, + "f:emptyDir": {}, + "f:name": {} + }, + "k:{\"name\":\"startup-script\"}": { + ".": {}, + "f:configMap": { + ".": {}, + "f:defaultMode": {}, + "f:items": {}, + "f:name": {} + }, + "f:name": {} + } + } + } + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:22:26+00:00" + }, + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:status": { + "f:conditions": { + ".": {}, + "k:{\"type\":\"PodScheduled\"}": { + ".": {}, + "f:lastProbeTime": {}, + "f:lastTransitionTime": {}, + "f:message": {}, + "f:reason": {}, + "f:status": {}, + "f:type": {} + } + } + } + }, + "manager": "kube-scheduler", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:22:26+00:00" + }, + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:labels": { + "f:tidb.pingcap.com/cluster-id": {} + } + } + }, + "manager": "tidb-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:29:55+00:00" + } + ], + "name": "test-cluster-tidb-2", + "namespace": "acto-namespace", + "owner_references": [ + { + "api_version": "apps/v1", + "block_owner_deletion": true, + "controller": true, + "kind": "StatefulSet", + "name": "test-cluster-tidb", + "uid": "275a96f1-4db6-4070-a665-2df5d784b843" + } + ], + "resource_version": "2732", + "self_link": null, + "uid": "2e5d49fd-c5d9-4a8f-b18f-3a0d431c120c" + }, + "spec": { + "active_deadline_seconds": null, + "affinity": { + "node_affinity": { + "preferred_during_scheduling_ignored_during_execution": null, + "required_during_scheduling_ignored_during_execution": { + "node_selector_terms": [ + { + "match_expressions": [ + { + "key": "kubernetes.io/hostname", + "operator": "In", + "values": [ + "NONE" + ] + } + ], + "match_fields": null + } + ] + } + }, + "pod_affinity": null, + "pod_anti_affinity": null + }, + "automount_service_account_token": null, + "containers": [ + { + "args": null, + "command": [ + "sh", + "-c", + "touch /var/log/tidb/slowlog; tail -n0 -F /var/log/tidb/slowlog;" + ], + "env": null, + "env_from": null, + "image": "busybox:1.34.1", + "image_pull_policy": "IfNotPresent", + "lifecycle": null, + "liveness_probe": null, + "name": "slowlog", + "ports": null, + "readiness_probe": null, + "resources": { + "claims": null, + "limits": null, + "requests": null + }, + "security_context": null, + "startup_probe": null, + "stdin": null, + "stdin_once": null, + "termination_message_path": "/dev/termination-log", + "termination_message_policy": "File", + "tty": null, + "volume_devices": null, + "volume_mounts": [ + { + "mount_path": "/var/log/tidb", + "mount_propagation": null, + "name": "slowlog", + "read_only": null, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/var/run/secrets/kubernetes.io/serviceaccount", + "mount_propagation": null, + "name": "kube-api-access-mplv7", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + } + ], + "working_dir": null + }, + { + "args": null, + "command": [ + "/bin/sh", + "/usr/local/bin/tidb_start_script.sh" + ], + "env": [ + { + "name": "CLUSTER_NAME", + "value": "test-cluster", + "value_from": null + }, + { + "name": "TZ", + "value": "UTC", + "value_from": null + }, + { + "name": "BINLOG_ENABLED", + "value": "false", + "value_from": null + }, + { + "name": "SLOW_LOG_FILE", + "value": "/var/log/tidb/slowlog", + "value_from": null + }, + { + "name": "POD_NAME", + "value": null, + "value_from": { + "config_map_key_ref": null, + "field_ref": { + "api_version": "v1", + "field_path": "metadata.name" + }, + "resource_field_ref": null, + "secret_key_ref": null + } + }, + { + "name": "NAMESPACE", + "value": null, + "value_from": { + "config_map_key_ref": null, + "field_ref": { + "api_version": "v1", + "field_path": "metadata.namespace" + }, + "resource_field_ref": null, + "secret_key_ref": null + } + }, + { + "name": "HEADLESS_SERVICE_NAME", + "value": "test-cluster-tidb-peer", + "value_from": null + } + ], + "env_from": null, + "image": "pingcap/tidb:v5.4.0", + "image_pull_policy": "IfNotPresent", + "lifecycle": null, + "liveness_probe": null, + "name": "tidb", + "ports": [ + { + "container_port": 4000, + "host_ip": null, + "host_port": null, + "name": "server", + "protocol": "TCP" + }, + { + "container_port": 10080, + "host_ip": null, + "host_port": null, + "name": "status", + "protocol": "TCP" + } + ], + "readiness_probe": { + "_exec": null, + "failure_threshold": 3, + "grpc": null, + "http_get": null, + "initial_delay_seconds": 10, + "period_seconds": 10, + "success_threshold": 1, + "tcp_socket": { + "host": null, + "port": 4000 + }, + "termination_grace_period_seconds": null, + "timeout_seconds": 1 + }, + "resources": { + "claims": null, + "limits": null, + "requests": null + }, + "security_context": null, + "startup_probe": null, + "stdin": null, + "stdin_once": null, + "termination_message_path": "/dev/termination-log", + "termination_message_policy": "File", + "tty": null, + "volume_devices": null, + "volume_mounts": [ + { + "mount_path": "/etc/podinfo", + "mount_propagation": null, + "name": "annotations", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/etc/tidb", + "mount_propagation": null, + "name": "config", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/usr/local/bin", + "mount_propagation": null, + "name": "startup-script", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/var/log/tidb", + "mount_propagation": null, + "name": "slowlog", + "read_only": null, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/var/run/secrets/kubernetes.io/serviceaccount", + "mount_propagation": null, + "name": "kube-api-access-mplv7", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + } + ], + "working_dir": null + } + ], + "dns_config": null, + "dns_policy": "ClusterFirst", + "enable_service_links": true, + "ephemeral_containers": null, + "host_aliases": null, + "host_ipc": null, + "host_network": null, + "host_pid": null, + "host_users": null, + "hostname": "test-cluster-tidb-2", + "image_pull_secrets": null, + "init_containers": null, + "node_name": null, + "node_selector": null, + "os": null, + "overhead": null, + "preemption_policy": "PreemptLowerPriority", + "priority": 0, + "priority_class_name": null, + "readiness_gates": null, + "resource_claims": null, + "restart_policy": "Always", + "runtime_class_name": null, + "scheduler_name": "default-scheduler", + "scheduling_gates": null, + "security_context": { + "fs_group": null, + "fs_group_change_policy": null, + "run_as_group": null, + "run_as_non_root": null, + "run_as_user": null, + "se_linux_options": null, + "seccomp_profile": null, + "supplemental_groups": null, + "sysctls": null, + "windows_options": null + }, + "service_account": "default", + "service_account_name": "default", + "set_hostname_as_fqdn": null, + "share_process_namespace": null, + "subdomain": "test-cluster-tidb-peer", + "termination_grace_period_seconds": 30, + "tolerations": [ + { + "effect": "NoExecute", + "key": "node.kubernetes.io/not-ready", + "operator": "Exists", + "toleration_seconds": 300, + "value": null + }, + { + "effect": "NoExecute", + "key": "node.kubernetes.io/unreachable", + "operator": "Exists", + "toleration_seconds": 300, + "value": null + } + ], + "topology_spread_constraints": null, + "volumes": [ + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": { + "default_mode": 420, + "items": [ + { + "field_ref": { + "api_version": "v1", + "field_path": "metadata.annotations" + }, + "mode": null, + "path": "annotations", + "resource_field_ref": null + } + ] + }, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "annotations", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": { + "default_mode": 420, + "items": [ + { + "key": "config-file", + "mode": null, + "path": "tidb.toml" + } + ], + "name": "test-cluster-tidb-6662316", + "optional": null + }, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "config", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": { + "default_mode": 420, + "items": [ + { + "key": "startup-script", + "mode": null, + "path": "tidb_start_script.sh" + } + ], + "name": "test-cluster-tidb-6662316", + "optional": null + }, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "startup-script", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": null, + "empty_dir": { + "medium": null, + "size_limit": null + }, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "slowlog", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "kube-api-access-mplv7", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": { + "default_mode": 420, + "sources": [ + { + "config_map": null, + "downward_api": null, + "secret": null, + "service_account_token": { + "audience": null, + "expiration_seconds": 3607, + "path": "token" + } + }, + { + "config_map": { + "items": [ + { + "key": "ca.crt", + "mode": null, + "path": "ca.crt" + } + ], + "name": "kube-root-ca.crt", + "optional": null + }, + "downward_api": null, + "secret": null, + "service_account_token": null + }, + { + "config_map": null, + "downward_api": { + "items": [ + { + "field_ref": { + "api_version": "v1", + "field_path": "metadata.namespace" + }, + "mode": null, + "path": "namespace", + "resource_field_ref": null + } + ] + }, + "secret": null, + "service_account_token": null + } + ] + }, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + } + ] + }, + "status": { + "conditions": [ + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T01:22:26+00:00", + "message": "0/4 nodes are available: 1 node(s) had untolerated taint {node-role.kubernetes.io/control-plane: }, 3 node(s) didn't match Pod's node affinity/selector. preemption: 0/4 nodes are available: 4 Preemption is not helpful for scheduling..", + "reason": "Unschedulable", + "status": "False", + "type": "PodScheduled" + } + ], + "container_statuses": null, + "ephemeral_container_statuses": null, + "host_ip": null, + "init_container_statuses": null, + "message": null, + "nominated_node_name": null, + "phase": "Pending", + "pod_ip": null, + "pod_i_ps": null, + "qos_class": "BestEffort", + "reason": null, + "start_time": null + } + }, + "test-cluster-tikv-0": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": { + "prometheus.io/path": "/metrics", + "prometheus.io/port": "20180", + "prometheus.io/scrape": "true" + }, + "creation_timestamp": "2024-02-27T01:20:22+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": "test-cluster-tikv-", + "generation": null, + "labels": { + "app.kubernetes.io/component": "tikv", + "app.kubernetes.io/instance": "test-cluster", + "app.kubernetes.io/managed-by": "tidb-operator", + "app.kubernetes.io/name": "tidb-cluster", + "apps.kubernetes.io/pod-index": "0", + "controller-revision-hash": "test-cluster-tikv-797dfd54bf", + "statefulset.kubernetes.io/pod-name": "test-cluster-tikv-0", + "tidb.pingcap.com/cluster-id": "7340085439264123903", + "tidb.pingcap.com/store-id": "5" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + ".": {}, + "f:prometheus.io/path": {}, + "f:prometheus.io/port": {}, + "f:prometheus.io/scrape": {} + }, + "f:generateName": {}, + "f:labels": { + ".": {}, + "f:app.kubernetes.io/component": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {}, + "f:apps.kubernetes.io/pod-index": {}, + "f:controller-revision-hash": {}, + "f:statefulset.kubernetes.io/pod-name": {} + }, + "f:ownerReferences": { + ".": {}, + "k:{\"uid\":\"0ef3c69e-a6cc-4a35-915f-a63fca1b67f8\"}": {} + } + }, + "f:spec": { + "f:containers": { + "k:{\"name\":\"raftlog\"}": { + ".": {}, + "f:command": {}, + "f:image": {}, + "f:imagePullPolicy": {}, + "f:name": {}, + "f:resources": {}, + "f:terminationMessagePath": {}, + "f:terminationMessagePolicy": {}, + "f:volumeMounts": { + ".": {}, + "k:{\"mountPath\":\"/var/lib/tikv\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {} + } + } + }, + "k:{\"name\":\"tikv\"}": { + ".": {}, + "f:command": {}, + "f:env": { + ".": {}, + "k:{\"name\":\"CAPACITY\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"CLUSTER_NAME\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"HEADLESS_SERVICE_NAME\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"NAMESPACE\"}": { + ".": {}, + "f:name": {}, + "f:valueFrom": { + ".": {}, + "f:fieldRef": {} + } + }, + "k:{\"name\":\"TZ\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + } + }, + "f:image": {}, + "f:imagePullPolicy": {}, + "f:name": {}, + "f:ports": { + ".": {}, + "k:{\"containerPort\":20160,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + } + }, + "f:resources": {}, + "f:securityContext": { + ".": {}, + "f:privileged": {} + }, + "f:terminationMessagePath": {}, + "f:terminationMessagePolicy": {}, + "f:volumeMounts": { + ".": {}, + "k:{\"mountPath\":\"/etc/podinfo\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {}, + "f:readOnly": {} + }, + "k:{\"mountPath\":\"/etc/tikv\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {}, + "f:readOnly": {} + }, + "k:{\"mountPath\":\"/usr/local/bin\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {}, + "f:readOnly": {} + }, + "k:{\"mountPath\":\"/var/lib/tikv\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {} + } + } + } + }, + "f:dnsPolicy": {}, + "f:enableServiceLinks": {}, + "f:hostname": {}, + "f:restartPolicy": {}, + "f:schedulerName": {}, + "f:securityContext": {}, + "f:subdomain": {}, + "f:terminationGracePeriodSeconds": {}, + "f:volumes": { + ".": {}, + "k:{\"name\":\"annotations\"}": { + ".": {}, + "f:downwardAPI": { + ".": {}, + "f:defaultMode": {}, + "f:items": {} + }, + "f:name": {} + }, + "k:{\"name\":\"config\"}": { + ".": {}, + "f:configMap": { + ".": {}, + "f:defaultMode": {}, + "f:items": {}, + "f:name": {} + }, + "f:name": {} + }, + "k:{\"name\":\"startup-script\"}": { + ".": {}, + "f:configMap": { + ".": {}, + "f:defaultMode": {}, + "f:items": {}, + "f:name": {} + }, + "f:name": {} + }, + "k:{\"name\":\"tikv\"}": { + ".": {}, + "f:name": {}, + "f:persistentVolumeClaim": { + ".": {}, + "f:claimName": {} + } + } + } + } + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:22+00:00" + }, + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:status": { + "f:conditions": { + "k:{\"type\":\"ContainersReady\"}": { + ".": {}, + "f:lastProbeTime": {}, + "f:lastTransitionTime": {}, + "f:status": {}, + "f:type": {} + }, + "k:{\"type\":\"Initialized\"}": { + ".": {}, + "f:lastProbeTime": {}, + "f:lastTransitionTime": {}, + "f:status": {}, + "f:type": {} + }, + "k:{\"type\":\"Ready\"}": { + ".": {}, + "f:lastProbeTime": {}, + "f:lastTransitionTime": {}, + "f:status": {}, + "f:type": {} + } + }, + "f:containerStatuses": {}, + "f:hostIP": {}, + "f:phase": {}, + "f:podIP": {}, + "f:podIPs": { + ".": {}, + "k:{\"ip\":\"10.244.2.7\"}": { + ".": {}, + "f:ip": {} + } + }, + "f:startTime": {} + } + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:27+00:00" + }, + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:labels": { + "f:tidb.pingcap.com/cluster-id": {}, + "f:tidb.pingcap.com/store-id": {} + } + } + }, + "manager": "tidb-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:53+00:00" + } + ], + "name": "test-cluster-tikv-0", + "namespace": "acto-namespace", + "owner_references": [ + { + "api_version": "apps/v1", + "block_owner_deletion": true, + "controller": true, + "kind": "StatefulSet", + "name": "test-cluster-tikv", + "uid": "0ef3c69e-a6cc-4a35-915f-a63fca1b67f8" + } + ], + "resource_version": "1384", + "self_link": null, + "uid": "ebc480d7-eef9-48ca-8d1f-31c413ae8bab" + }, + "spec": { + "active_deadline_seconds": null, + "affinity": null, + "automount_service_account_token": null, + "containers": [ + { + "args": null, + "command": [ + "sh", + "-c", + "touch /var/lib/tikv/raftdb.info; tail -n0 -F /var/lib/tikv/raftdb.info;" + ], + "env": null, + "env_from": null, + "image": "busybox:1.34.1", + "image_pull_policy": "IfNotPresent", + "lifecycle": null, + "liveness_probe": null, + "name": "raftlog", + "ports": null, + "readiness_probe": null, + "resources": { + "claims": null, + "limits": null, + "requests": null + }, + "security_context": null, + "startup_probe": null, + "stdin": null, + "stdin_once": null, + "termination_message_path": "/dev/termination-log", + "termination_message_policy": "File", + "tty": null, + "volume_devices": null, + "volume_mounts": [ + { + "mount_path": "/var/lib/tikv", + "mount_propagation": null, + "name": "tikv", + "read_only": null, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/var/run/secrets/kubernetes.io/serviceaccount", + "mount_propagation": null, + "name": "kube-api-access-5khkx", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + } + ], + "working_dir": null + }, + { + "args": null, + "command": [ + "/bin/sh", + "/usr/local/bin/tikv_start_script.sh" + ], + "env": [ + { + "name": "NAMESPACE", + "value": null, + "value_from": { + "config_map_key_ref": null, + "field_ref": { + "api_version": "v1", + "field_path": "metadata.namespace" + }, + "resource_field_ref": null, + "secret_key_ref": null + } + }, + { + "name": "CLUSTER_NAME", + "value": "test-cluster", + "value_from": null + }, + { + "name": "HEADLESS_SERVICE_NAME", + "value": "test-cluster-tikv-peer", + "value_from": null + }, + { + "name": "CAPACITY", + "value": "0", + "value_from": null + }, + { + "name": "TZ", + "value": "UTC", + "value_from": null + } + ], + "env_from": null, + "image": "pingcap/tikv:v5.4.0", + "image_pull_policy": "IfNotPresent", + "lifecycle": null, + "liveness_probe": null, + "name": "tikv", + "ports": [ + { + "container_port": 20160, + "host_ip": null, + "host_port": null, + "name": "server", + "protocol": "TCP" + } + ], + "readiness_probe": null, + "resources": { + "claims": null, + "limits": null, + "requests": null + }, + "security_context": { + "allow_privilege_escalation": null, + "capabilities": null, + "privileged": false, + "proc_mount": null, + "read_only_root_filesystem": null, + "run_as_group": null, + "run_as_non_root": null, + "run_as_user": null, + "se_linux_options": null, + "seccomp_profile": null, + "windows_options": null + }, + "startup_probe": null, + "stdin": null, + "stdin_once": null, + "termination_message_path": "/dev/termination-log", + "termination_message_policy": "File", + "tty": null, + "volume_devices": null, + "volume_mounts": [ + { + "mount_path": "/etc/podinfo", + "mount_propagation": null, + "name": "annotations", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/var/lib/tikv", + "mount_propagation": null, + "name": "tikv", + "read_only": null, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/etc/tikv", + "mount_propagation": null, + "name": "config", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/usr/local/bin", + "mount_propagation": null, + "name": "startup-script", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/var/run/secrets/kubernetes.io/serviceaccount", + "mount_propagation": null, + "name": "kube-api-access-5khkx", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + } + ], + "working_dir": null + } + ], + "dns_config": null, + "dns_policy": "ClusterFirst", + "enable_service_links": true, + "ephemeral_containers": null, + "host_aliases": null, + "host_ipc": null, + "host_network": null, + "host_pid": null, + "host_users": null, + "hostname": "test-cluster-tikv-0", + "image_pull_secrets": null, + "init_containers": null, + "node_name": "acto-0-cluster-0-worker2", + "node_selector": null, + "os": null, + "overhead": null, + "preemption_policy": "PreemptLowerPriority", + "priority": 0, + "priority_class_name": null, + "readiness_gates": null, + "resource_claims": null, + "restart_policy": "Always", + "runtime_class_name": null, + "scheduler_name": "default-scheduler", + "scheduling_gates": null, + "security_context": { + "fs_group": null, + "fs_group_change_policy": null, + "run_as_group": null, + "run_as_non_root": null, + "run_as_user": null, + "se_linux_options": null, + "seccomp_profile": null, + "supplemental_groups": null, + "sysctls": null, + "windows_options": null + }, + "service_account": "default", + "service_account_name": "default", + "set_hostname_as_fqdn": null, + "share_process_namespace": null, + "subdomain": "test-cluster-tikv-peer", + "termination_grace_period_seconds": 30, + "tolerations": [ + { + "effect": "NoExecute", + "key": "node.kubernetes.io/not-ready", + "operator": "Exists", + "toleration_seconds": 300, + "value": null + }, + { + "effect": "NoExecute", + "key": "node.kubernetes.io/unreachable", + "operator": "Exists", + "toleration_seconds": 300, + "value": null + } + ], + "topology_spread_constraints": null, + "volumes": [ + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "tikv", + "nfs": null, + "persistent_volume_claim": { + "claim_name": "tikv-test-cluster-tikv-0", + "read_only": null + }, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": { + "default_mode": 420, + "items": [ + { + "field_ref": { + "api_version": "v1", + "field_path": "metadata.annotations" + }, + "mode": null, + "path": "annotations", + "resource_field_ref": null + } + ] + }, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "annotations", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": { + "default_mode": 420, + "items": [ + { + "key": "config-file", + "mode": null, + "path": "tikv.toml" + } + ], + "name": "test-cluster-tikv-3831336", + "optional": null + }, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "config", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": { + "default_mode": 420, + "items": [ + { + "key": "startup-script", + "mode": null, + "path": "tikv_start_script.sh" + } + ], + "name": "test-cluster-tikv-3831336", + "optional": null + }, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "startup-script", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "kube-api-access-5khkx", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": { + "default_mode": 420, + "sources": [ + { + "config_map": null, + "downward_api": null, + "secret": null, + "service_account_token": { + "audience": null, + "expiration_seconds": 3607, + "path": "token" + } + }, + { + "config_map": { + "items": [ + { + "key": "ca.crt", + "mode": null, + "path": "ca.crt" + } + ], + "name": "kube-root-ca.crt", + "optional": null + }, + "downward_api": null, + "secret": null, + "service_account_token": null + }, + { + "config_map": null, + "downward_api": { + "items": [ + { + "field_ref": { + "api_version": "v1", + "field_path": "metadata.namespace" + }, + "mode": null, + "path": "namespace", + "resource_field_ref": null + } + ] + }, + "secret": null, + "service_account_token": null + } + ] + }, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + } + ] + }, + "status": { + "conditions": [ + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T01:20:26+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "Initialized" + }, + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T01:20:27+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "Ready" + }, + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T01:20:27+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "ContainersReady" + }, + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T01:20:26+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "PodScheduled" + } + ], + "container_statuses": [ + { + "container_id": "containerd://df4daa47dd320abba4bc8728d6330bef46c1bf0636c96a7d259c383acfbdc5e1", + "image": "docker.io/library/busybox:1.34.1", + "image_id": "docker.io/library/import-2024-02-27@sha256:c4d04d75f4fed737c946055f12e8eae66b6272e59afc5c9ed865428d7c215dad", + "last_state": { + "running": null, + "terminated": null, + "waiting": null + }, + "name": "raftlog", + "ready": true, + "restart_count": 0, + "started": true, + "state": { + "running": { + "started_at": "2024-02-27T01:20:26+00:00" + }, + "terminated": null, + "waiting": null + } + }, + { + "container_id": "containerd://c7aed758922ca184352acd913f730d982841dedd2461ef6574289f6d6f11c22b", + "image": "docker.io/pingcap/tikv:v5.4.0", + "image_id": "docker.io/library/import-2024-02-27@sha256:6a5cc1deaa123c842cd3537ed4e322ce7e9ab42b8f45ee1d59dd0a7520ca6acc", + "last_state": { + "running": null, + "terminated": null, + "waiting": null + }, + "name": "tikv", + "ready": true, + "restart_count": 0, + "started": true, + "state": { + "running": { + "started_at": "2024-02-27T01:20:27+00:00" + }, + "terminated": null, + "waiting": null + } + } + ], + "ephemeral_container_statuses": null, + "host_ip": "172.18.0.5", + "init_container_statuses": null, + "message": null, + "nominated_node_name": null, + "phase": "Running", + "pod_ip": "10.244.2.7", + "pod_i_ps": [ + { + "ip": "10.244.2.7" + } + ], + "qos_class": "BestEffort", + "reason": null, + "start_time": "2024-02-27T01:20:26+00:00" + } + }, + "test-cluster-tikv-1": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": { + "prometheus.io/path": "/metrics", + "prometheus.io/port": "20180", + "prometheus.io/scrape": "true" + }, + "creation_timestamp": "2024-02-27T01:20:22+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": "test-cluster-tikv-", + "generation": null, + "labels": { + "app.kubernetes.io/component": "tikv", + "app.kubernetes.io/instance": "test-cluster", + "app.kubernetes.io/managed-by": "tidb-operator", + "app.kubernetes.io/name": "tidb-cluster", + "apps.kubernetes.io/pod-index": "1", + "controller-revision-hash": "test-cluster-tikv-797dfd54bf", + "statefulset.kubernetes.io/pod-name": "test-cluster-tikv-1", + "tidb.pingcap.com/cluster-id": "7340085439264123903", + "tidb.pingcap.com/store-id": "1" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + ".": {}, + "f:prometheus.io/path": {}, + "f:prometheus.io/port": {}, + "f:prometheus.io/scrape": {} + }, + "f:generateName": {}, + "f:labels": { + ".": {}, + "f:app.kubernetes.io/component": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {}, + "f:apps.kubernetes.io/pod-index": {}, + "f:controller-revision-hash": {}, + "f:statefulset.kubernetes.io/pod-name": {} + }, + "f:ownerReferences": { + ".": {}, + "k:{\"uid\":\"0ef3c69e-a6cc-4a35-915f-a63fca1b67f8\"}": {} + } + }, + "f:spec": { + "f:containers": { + "k:{\"name\":\"raftlog\"}": { + ".": {}, + "f:command": {}, + "f:image": {}, + "f:imagePullPolicy": {}, + "f:name": {}, + "f:resources": {}, + "f:terminationMessagePath": {}, + "f:terminationMessagePolicy": {}, + "f:volumeMounts": { + ".": {}, + "k:{\"mountPath\":\"/var/lib/tikv\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {} + } + } + }, + "k:{\"name\":\"tikv\"}": { + ".": {}, + "f:command": {}, + "f:env": { + ".": {}, + "k:{\"name\":\"CAPACITY\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"CLUSTER_NAME\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"HEADLESS_SERVICE_NAME\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"NAMESPACE\"}": { + ".": {}, + "f:name": {}, + "f:valueFrom": { + ".": {}, + "f:fieldRef": {} + } + }, + "k:{\"name\":\"TZ\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + } + }, + "f:image": {}, + "f:imagePullPolicy": {}, + "f:name": {}, + "f:ports": { + ".": {}, + "k:{\"containerPort\":20160,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + } + }, + "f:resources": {}, + "f:securityContext": { + ".": {}, + "f:privileged": {} + }, + "f:terminationMessagePath": {}, + "f:terminationMessagePolicy": {}, + "f:volumeMounts": { + ".": {}, + "k:{\"mountPath\":\"/etc/podinfo\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {}, + "f:readOnly": {} + }, + "k:{\"mountPath\":\"/etc/tikv\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {}, + "f:readOnly": {} + }, + "k:{\"mountPath\":\"/usr/local/bin\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {}, + "f:readOnly": {} + }, + "k:{\"mountPath\":\"/var/lib/tikv\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {} + } + } + } + }, + "f:dnsPolicy": {}, + "f:enableServiceLinks": {}, + "f:hostname": {}, + "f:restartPolicy": {}, + "f:schedulerName": {}, + "f:securityContext": {}, + "f:subdomain": {}, + "f:terminationGracePeriodSeconds": {}, + "f:volumes": { + ".": {}, + "k:{\"name\":\"annotations\"}": { + ".": {}, + "f:downwardAPI": { + ".": {}, + "f:defaultMode": {}, + "f:items": {} + }, + "f:name": {} + }, + "k:{\"name\":\"config\"}": { + ".": {}, + "f:configMap": { + ".": {}, + "f:defaultMode": {}, + "f:items": {}, + "f:name": {} + }, + "f:name": {} + }, + "k:{\"name\":\"startup-script\"}": { + ".": {}, + "f:configMap": { + ".": {}, + "f:defaultMode": {}, + "f:items": {}, + "f:name": {} + }, + "f:name": {} + }, + "k:{\"name\":\"tikv\"}": { + ".": {}, + "f:name": {}, + "f:persistentVolumeClaim": { + ".": {}, + "f:claimName": {} + } + } + } + } + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:22+00:00" + }, + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:status": { + "f:conditions": { + "k:{\"type\":\"ContainersReady\"}": { + ".": {}, + "f:lastProbeTime": {}, + "f:lastTransitionTime": {}, + "f:status": {}, + "f:type": {} + }, + "k:{\"type\":\"Initialized\"}": { + ".": {}, + "f:lastProbeTime": {}, + "f:lastTransitionTime": {}, + "f:status": {}, + "f:type": {} + }, + "k:{\"type\":\"Ready\"}": { + ".": {}, + "f:lastProbeTime": {}, + "f:lastTransitionTime": {}, + "f:status": {}, + "f:type": {} + } + }, + "f:containerStatuses": {}, + "f:hostIP": {}, + "f:phase": {}, + "f:podIP": {}, + "f:podIPs": { + ".": {}, + "k:{\"ip\":\"10.244.1.6\"}": { + ".": {}, + "f:ip": {} + } + }, + "f:startTime": {} + } + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:26+00:00" + }, + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:labels": { + "f:tidb.pingcap.com/cluster-id": {}, + "f:tidb.pingcap.com/store-id": {} + } + } + }, + "manager": "tidb-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:53+00:00" + } + ], + "name": "test-cluster-tikv-1", + "namespace": "acto-namespace", + "owner_references": [ + { + "api_version": "apps/v1", + "block_owner_deletion": true, + "controller": true, + "kind": "StatefulSet", + "name": "test-cluster-tikv", + "uid": "0ef3c69e-a6cc-4a35-915f-a63fca1b67f8" + } + ], + "resource_version": "1402", + "self_link": null, + "uid": "fe7fca3f-2c5a-406e-856b-3b0bec9e4bfc" + }, + "spec": { + "active_deadline_seconds": null, + "affinity": null, + "automount_service_account_token": null, + "containers": [ + { + "args": null, + "command": [ + "sh", + "-c", + "touch /var/lib/tikv/raftdb.info; tail -n0 -F /var/lib/tikv/raftdb.info;" + ], + "env": null, + "env_from": null, + "image": "busybox:1.34.1", + "image_pull_policy": "IfNotPresent", + "lifecycle": null, + "liveness_probe": null, + "name": "raftlog", + "ports": null, + "readiness_probe": null, + "resources": { + "claims": null, + "limits": null, + "requests": null + }, + "security_context": null, + "startup_probe": null, + "stdin": null, + "stdin_once": null, + "termination_message_path": "/dev/termination-log", + "termination_message_policy": "File", + "tty": null, + "volume_devices": null, + "volume_mounts": [ + { + "mount_path": "/var/lib/tikv", + "mount_propagation": null, + "name": "tikv", + "read_only": null, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/var/run/secrets/kubernetes.io/serviceaccount", + "mount_propagation": null, + "name": "kube-api-access-5s7tz", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + } + ], + "working_dir": null + }, + { + "args": null, + "command": [ + "/bin/sh", + "/usr/local/bin/tikv_start_script.sh" + ], + "env": [ + { + "name": "NAMESPACE", + "value": null, + "value_from": { + "config_map_key_ref": null, + "field_ref": { + "api_version": "v1", + "field_path": "metadata.namespace" + }, + "resource_field_ref": null, + "secret_key_ref": null + } + }, + { + "name": "CLUSTER_NAME", + "value": "test-cluster", + "value_from": null + }, + { + "name": "HEADLESS_SERVICE_NAME", + "value": "test-cluster-tikv-peer", + "value_from": null + }, + { + "name": "CAPACITY", + "value": "0", + "value_from": null + }, + { + "name": "TZ", + "value": "UTC", + "value_from": null + } + ], + "env_from": null, + "image": "pingcap/tikv:v5.4.0", + "image_pull_policy": "IfNotPresent", + "lifecycle": null, + "liveness_probe": null, + "name": "tikv", + "ports": [ + { + "container_port": 20160, + "host_ip": null, + "host_port": null, + "name": "server", + "protocol": "TCP" + } + ], + "readiness_probe": null, + "resources": { + "claims": null, + "limits": null, + "requests": null + }, + "security_context": { + "allow_privilege_escalation": null, + "capabilities": null, + "privileged": false, + "proc_mount": null, + "read_only_root_filesystem": null, + "run_as_group": null, + "run_as_non_root": null, + "run_as_user": null, + "se_linux_options": null, + "seccomp_profile": null, + "windows_options": null + }, + "startup_probe": null, + "stdin": null, + "stdin_once": null, + "termination_message_path": "/dev/termination-log", + "termination_message_policy": "File", + "tty": null, + "volume_devices": null, + "volume_mounts": [ + { + "mount_path": "/etc/podinfo", + "mount_propagation": null, + "name": "annotations", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/var/lib/tikv", + "mount_propagation": null, + "name": "tikv", + "read_only": null, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/etc/tikv", + "mount_propagation": null, + "name": "config", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/usr/local/bin", + "mount_propagation": null, + "name": "startup-script", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/var/run/secrets/kubernetes.io/serviceaccount", + "mount_propagation": null, + "name": "kube-api-access-5s7tz", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + } + ], + "working_dir": null + } + ], + "dns_config": null, + "dns_policy": "ClusterFirst", + "enable_service_links": true, + "ephemeral_containers": null, + "host_aliases": null, + "host_ipc": null, + "host_network": null, + "host_pid": null, + "host_users": null, + "hostname": "test-cluster-tikv-1", + "image_pull_secrets": null, + "init_containers": null, + "node_name": "acto-0-cluster-0-worker", + "node_selector": null, + "os": null, + "overhead": null, + "preemption_policy": "PreemptLowerPriority", + "priority": 0, + "priority_class_name": null, + "readiness_gates": null, + "resource_claims": null, + "restart_policy": "Always", + "runtime_class_name": null, + "scheduler_name": "default-scheduler", + "scheduling_gates": null, + "security_context": { + "fs_group": null, + "fs_group_change_policy": null, + "run_as_group": null, + "run_as_non_root": null, + "run_as_user": null, + "se_linux_options": null, + "seccomp_profile": null, + "supplemental_groups": null, + "sysctls": null, + "windows_options": null + }, + "service_account": "default", + "service_account_name": "default", + "set_hostname_as_fqdn": null, + "share_process_namespace": null, + "subdomain": "test-cluster-tikv-peer", + "termination_grace_period_seconds": 30, + "tolerations": [ + { + "effect": "NoExecute", + "key": "node.kubernetes.io/not-ready", + "operator": "Exists", + "toleration_seconds": 300, + "value": null + }, + { + "effect": "NoExecute", + "key": "node.kubernetes.io/unreachable", + "operator": "Exists", + "toleration_seconds": 300, + "value": null + } + ], + "topology_spread_constraints": null, + "volumes": [ + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "tikv", + "nfs": null, + "persistent_volume_claim": { + "claim_name": "tikv-test-cluster-tikv-1", + "read_only": null + }, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": { + "default_mode": 420, + "items": [ + { + "field_ref": { + "api_version": "v1", + "field_path": "metadata.annotations" + }, + "mode": null, + "path": "annotations", + "resource_field_ref": null + } + ] + }, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "annotations", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": { + "default_mode": 420, + "items": [ + { + "key": "config-file", + "mode": null, + "path": "tikv.toml" + } + ], + "name": "test-cluster-tikv-3831336", + "optional": null + }, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "config", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": { + "default_mode": 420, + "items": [ + { + "key": "startup-script", + "mode": null, + "path": "tikv_start_script.sh" + } + ], + "name": "test-cluster-tikv-3831336", + "optional": null + }, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "startup-script", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "kube-api-access-5s7tz", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": { + "default_mode": 420, + "sources": [ + { + "config_map": null, + "downward_api": null, + "secret": null, + "service_account_token": { + "audience": null, + "expiration_seconds": 3607, + "path": "token" + } + }, + { + "config_map": { + "items": [ + { + "key": "ca.crt", + "mode": null, + "path": "ca.crt" + } + ], + "name": "kube-root-ca.crt", + "optional": null + }, + "downward_api": null, + "secret": null, + "service_account_token": null + }, + { + "config_map": null, + "downward_api": { + "items": [ + { + "field_ref": { + "api_version": "v1", + "field_path": "metadata.namespace" + }, + "mode": null, + "path": "namespace", + "resource_field_ref": null + } + ] + }, + "secret": null, + "service_account_token": null + } + ] + }, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + } + ] + }, + "status": { + "conditions": [ + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T01:20:25+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "Initialized" + }, + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T01:20:26+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "Ready" + }, + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T01:20:26+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "ContainersReady" + }, + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T01:20:25+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "PodScheduled" + } + ], + "container_statuses": [ + { + "container_id": "containerd://2a903ff218205ca1847d4a658fd553f9f83105cae8e452a0ab49a45a9cb519aa", + "image": "docker.io/library/busybox:1.34.1", + "image_id": "docker.io/library/import-2024-02-27@sha256:c4d04d75f4fed737c946055f12e8eae66b6272e59afc5c9ed865428d7c215dad", + "last_state": { + "running": null, + "terminated": null, + "waiting": null + }, + "name": "raftlog", + "ready": true, + "restart_count": 0, + "started": true, + "state": { + "running": { + "started_at": "2024-02-27T01:20:25+00:00" + }, + "terminated": null, + "waiting": null + } + }, + { + "container_id": "containerd://e1f2bab2135a4fc029b9b2e4b8bb1277707a8d62f0459081cbf008887a9f1ae1", + "image": "docker.io/pingcap/tikv:v5.4.0", + "image_id": "docker.io/library/import-2024-02-27@sha256:6a5cc1deaa123c842cd3537ed4e322ce7e9ab42b8f45ee1d59dd0a7520ca6acc", + "last_state": { + "running": null, + "terminated": null, + "waiting": null + }, + "name": "tikv", + "ready": true, + "restart_count": 0, + "started": true, + "state": { + "running": { + "started_at": "2024-02-27T01:20:26+00:00" + }, + "terminated": null, + "waiting": null + } + } + ], + "ephemeral_container_statuses": null, + "host_ip": "172.18.0.2", + "init_container_statuses": null, + "message": null, + "nominated_node_name": null, + "phase": "Running", + "pod_ip": "10.244.1.6", + "pod_i_ps": [ + { + "ip": "10.244.1.6" + } + ], + "qos_class": "BestEffort", + "reason": null, + "start_time": "2024-02-27T01:20:25+00:00" + } + }, + "test-cluster-tikv-2": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": { + "prometheus.io/path": "/metrics", + "prometheus.io/port": "20180", + "prometheus.io/scrape": "true" + }, + "creation_timestamp": "2024-02-27T01:20:22+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": "test-cluster-tikv-", + "generation": null, + "labels": { + "app.kubernetes.io/component": "tikv", + "app.kubernetes.io/instance": "test-cluster", + "app.kubernetes.io/managed-by": "tidb-operator", + "app.kubernetes.io/name": "tidb-cluster", + "apps.kubernetes.io/pod-index": "2", + "controller-revision-hash": "test-cluster-tikv-797dfd54bf", + "statefulset.kubernetes.io/pod-name": "test-cluster-tikv-2", + "tidb.pingcap.com/cluster-id": "7340085439264123903", + "tidb.pingcap.com/store-id": "4" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + ".": {}, + "f:prometheus.io/path": {}, + "f:prometheus.io/port": {}, + "f:prometheus.io/scrape": {} + }, + "f:generateName": {}, + "f:labels": { + ".": {}, + "f:app.kubernetes.io/component": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {}, + "f:apps.kubernetes.io/pod-index": {}, + "f:controller-revision-hash": {}, + "f:statefulset.kubernetes.io/pod-name": {} + }, + "f:ownerReferences": { + ".": {}, + "k:{\"uid\":\"0ef3c69e-a6cc-4a35-915f-a63fca1b67f8\"}": {} + } + }, + "f:spec": { + "f:containers": { + "k:{\"name\":\"raftlog\"}": { + ".": {}, + "f:command": {}, + "f:image": {}, + "f:imagePullPolicy": {}, + "f:name": {}, + "f:resources": {}, + "f:terminationMessagePath": {}, + "f:terminationMessagePolicy": {}, + "f:volumeMounts": { + ".": {}, + "k:{\"mountPath\":\"/var/lib/tikv\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {} + } + } + }, + "k:{\"name\":\"tikv\"}": { + ".": {}, + "f:command": {}, + "f:env": { + ".": {}, + "k:{\"name\":\"CAPACITY\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"CLUSTER_NAME\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"HEADLESS_SERVICE_NAME\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"NAMESPACE\"}": { + ".": {}, + "f:name": {}, + "f:valueFrom": { + ".": {}, + "f:fieldRef": {} + } + }, + "k:{\"name\":\"TZ\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + } + }, + "f:image": {}, + "f:imagePullPolicy": {}, + "f:name": {}, + "f:ports": { + ".": {}, + "k:{\"containerPort\":20160,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + } + }, + "f:resources": {}, + "f:securityContext": { + ".": {}, + "f:privileged": {} + }, + "f:terminationMessagePath": {}, + "f:terminationMessagePolicy": {}, + "f:volumeMounts": { + ".": {}, + "k:{\"mountPath\":\"/etc/podinfo\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {}, + "f:readOnly": {} + }, + "k:{\"mountPath\":\"/etc/tikv\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {}, + "f:readOnly": {} + }, + "k:{\"mountPath\":\"/usr/local/bin\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {}, + "f:readOnly": {} + }, + "k:{\"mountPath\":\"/var/lib/tikv\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {} + } + } + } + }, + "f:dnsPolicy": {}, + "f:enableServiceLinks": {}, + "f:hostname": {}, + "f:restartPolicy": {}, + "f:schedulerName": {}, + "f:securityContext": {}, + "f:subdomain": {}, + "f:terminationGracePeriodSeconds": {}, + "f:volumes": { + ".": {}, + "k:{\"name\":\"annotations\"}": { + ".": {}, + "f:downwardAPI": { + ".": {}, + "f:defaultMode": {}, + "f:items": {} + }, + "f:name": {} + }, + "k:{\"name\":\"config\"}": { + ".": {}, + "f:configMap": { + ".": {}, + "f:defaultMode": {}, + "f:items": {}, + "f:name": {} + }, + "f:name": {} + }, + "k:{\"name\":\"startup-script\"}": { + ".": {}, + "f:configMap": { + ".": {}, + "f:defaultMode": {}, + "f:items": {}, + "f:name": {} + }, + "f:name": {} + }, + "k:{\"name\":\"tikv\"}": { + ".": {}, + "f:name": {}, + "f:persistentVolumeClaim": { + ".": {}, + "f:claimName": {} + } + } + } + } + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:22+00:00" + }, + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:status": { + "f:conditions": { + "k:{\"type\":\"ContainersReady\"}": { + ".": {}, + "f:lastProbeTime": {}, + "f:lastTransitionTime": {}, + "f:status": {}, + "f:type": {} + }, + "k:{\"type\":\"Initialized\"}": { + ".": {}, + "f:lastProbeTime": {}, + "f:lastTransitionTime": {}, + "f:status": {}, + "f:type": {} + }, + "k:{\"type\":\"Ready\"}": { + ".": {}, + "f:lastProbeTime": {}, + "f:lastTransitionTime": {}, + "f:status": {}, + "f:type": {} + } + }, + "f:containerStatuses": {}, + "f:hostIP": {}, + "f:phase": {}, + "f:podIP": {}, + "f:podIPs": { + ".": {}, + "k:{\"ip\":\"10.244.3.7\"}": { + ".": {}, + "f:ip": {} + } + }, + "f:startTime": {} + } + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:26+00:00" + }, + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:labels": { + "f:tidb.pingcap.com/cluster-id": {}, + "f:tidb.pingcap.com/store-id": {} + } + } + }, + "manager": "tidb-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:54+00:00" + } + ], + "name": "test-cluster-tikv-2", + "namespace": "acto-namespace", + "owner_references": [ + { + "api_version": "apps/v1", + "block_owner_deletion": true, + "controller": true, + "kind": "StatefulSet", + "name": "test-cluster-tikv", + "uid": "0ef3c69e-a6cc-4a35-915f-a63fca1b67f8" + } + ], + "resource_version": "1406", + "self_link": null, + "uid": "15df53c3-220b-48c9-82e6-5bde9ad0ef90" + }, + "spec": { + "active_deadline_seconds": null, + "affinity": null, + "automount_service_account_token": null, + "containers": [ + { + "args": null, + "command": [ + "sh", + "-c", + "touch /var/lib/tikv/raftdb.info; tail -n0 -F /var/lib/tikv/raftdb.info;" + ], + "env": null, + "env_from": null, + "image": "busybox:1.34.1", + "image_pull_policy": "IfNotPresent", + "lifecycle": null, + "liveness_probe": null, + "name": "raftlog", + "ports": null, + "readiness_probe": null, + "resources": { + "claims": null, + "limits": null, + "requests": null + }, + "security_context": null, + "startup_probe": null, + "stdin": null, + "stdin_once": null, + "termination_message_path": "/dev/termination-log", + "termination_message_policy": "File", + "tty": null, + "volume_devices": null, + "volume_mounts": [ + { + "mount_path": "/var/lib/tikv", + "mount_propagation": null, + "name": "tikv", + "read_only": null, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/var/run/secrets/kubernetes.io/serviceaccount", + "mount_propagation": null, + "name": "kube-api-access-b2gzd", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + } + ], + "working_dir": null + }, + { + "args": null, + "command": [ + "/bin/sh", + "/usr/local/bin/tikv_start_script.sh" + ], + "env": [ + { + "name": "NAMESPACE", + "value": null, + "value_from": { + "config_map_key_ref": null, + "field_ref": { + "api_version": "v1", + "field_path": "metadata.namespace" + }, + "resource_field_ref": null, + "secret_key_ref": null + } + }, + { + "name": "CLUSTER_NAME", + "value": "test-cluster", + "value_from": null + }, + { + "name": "HEADLESS_SERVICE_NAME", + "value": "test-cluster-tikv-peer", + "value_from": null + }, + { + "name": "CAPACITY", + "value": "0", + "value_from": null + }, + { + "name": "TZ", + "value": "UTC", + "value_from": null + } + ], + "env_from": null, + "image": "pingcap/tikv:v5.4.0", + "image_pull_policy": "IfNotPresent", + "lifecycle": null, + "liveness_probe": null, + "name": "tikv", + "ports": [ + { + "container_port": 20160, + "host_ip": null, + "host_port": null, + "name": "server", + "protocol": "TCP" + } + ], + "readiness_probe": null, + "resources": { + "claims": null, + "limits": null, + "requests": null + }, + "security_context": { + "allow_privilege_escalation": null, + "capabilities": null, + "privileged": false, + "proc_mount": null, + "read_only_root_filesystem": null, + "run_as_group": null, + "run_as_non_root": null, + "run_as_user": null, + "se_linux_options": null, + "seccomp_profile": null, + "windows_options": null + }, + "startup_probe": null, + "stdin": null, + "stdin_once": null, + "termination_message_path": "/dev/termination-log", + "termination_message_policy": "File", + "tty": null, + "volume_devices": null, + "volume_mounts": [ + { + "mount_path": "/etc/podinfo", + "mount_propagation": null, + "name": "annotations", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/var/lib/tikv", + "mount_propagation": null, + "name": "tikv", + "read_only": null, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/etc/tikv", + "mount_propagation": null, + "name": "config", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/usr/local/bin", + "mount_propagation": null, + "name": "startup-script", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/var/run/secrets/kubernetes.io/serviceaccount", + "mount_propagation": null, + "name": "kube-api-access-b2gzd", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + } + ], + "working_dir": null + } + ], + "dns_config": null, + "dns_policy": "ClusterFirst", + "enable_service_links": true, + "ephemeral_containers": null, + "host_aliases": null, + "host_ipc": null, + "host_network": null, + "host_pid": null, + "host_users": null, + "hostname": "test-cluster-tikv-2", + "image_pull_secrets": null, + "init_containers": null, + "node_name": "acto-0-cluster-0-worker3", + "node_selector": null, + "os": null, + "overhead": null, + "preemption_policy": "PreemptLowerPriority", + "priority": 0, + "priority_class_name": null, + "readiness_gates": null, + "resource_claims": null, + "restart_policy": "Always", + "runtime_class_name": null, + "scheduler_name": "default-scheduler", + "scheduling_gates": null, + "security_context": { + "fs_group": null, + "fs_group_change_policy": null, + "run_as_group": null, + "run_as_non_root": null, + "run_as_user": null, + "se_linux_options": null, + "seccomp_profile": null, + "supplemental_groups": null, + "sysctls": null, + "windows_options": null + }, + "service_account": "default", + "service_account_name": "default", + "set_hostname_as_fqdn": null, + "share_process_namespace": null, + "subdomain": "test-cluster-tikv-peer", + "termination_grace_period_seconds": 30, + "tolerations": [ + { + "effect": "NoExecute", + "key": "node.kubernetes.io/not-ready", + "operator": "Exists", + "toleration_seconds": 300, + "value": null + }, + { + "effect": "NoExecute", + "key": "node.kubernetes.io/unreachable", + "operator": "Exists", + "toleration_seconds": 300, + "value": null + } + ], + "topology_spread_constraints": null, + "volumes": [ + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "tikv", + "nfs": null, + "persistent_volume_claim": { + "claim_name": "tikv-test-cluster-tikv-2", + "read_only": null + }, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": { + "default_mode": 420, + "items": [ + { + "field_ref": { + "api_version": "v1", + "field_path": "metadata.annotations" + }, + "mode": null, + "path": "annotations", + "resource_field_ref": null + } + ] + }, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "annotations", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": { + "default_mode": 420, + "items": [ + { + "key": "config-file", + "mode": null, + "path": "tikv.toml" + } + ], + "name": "test-cluster-tikv-3831336", + "optional": null + }, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "config", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": { + "default_mode": 420, + "items": [ + { + "key": "startup-script", + "mode": null, + "path": "tikv_start_script.sh" + } + ], + "name": "test-cluster-tikv-3831336", + "optional": null + }, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "startup-script", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "kube-api-access-b2gzd", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": { + "default_mode": 420, + "sources": [ + { + "config_map": null, + "downward_api": null, + "secret": null, + "service_account_token": { + "audience": null, + "expiration_seconds": 3607, + "path": "token" + } + }, + { + "config_map": { + "items": [ + { + "key": "ca.crt", + "mode": null, + "path": "ca.crt" + } + ], + "name": "kube-root-ca.crt", + "optional": null + }, + "downward_api": null, + "secret": null, + "service_account_token": null + }, + { + "config_map": null, + "downward_api": { + "items": [ + { + "field_ref": { + "api_version": "v1", + "field_path": "metadata.namespace" + }, + "mode": null, + "path": "namespace", + "resource_field_ref": null + } + ] + }, + "secret": null, + "service_account_token": null + } + ] + }, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + } + ] + }, + "status": { + "conditions": [ + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T01:20:25+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "Initialized" + }, + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T01:20:26+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "Ready" + }, + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T01:20:26+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "ContainersReady" + }, + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T01:20:25+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "PodScheduled" + } + ], + "container_statuses": [ + { + "container_id": "containerd://2be24527e2ca73029ada8ae9cba4260d770721b6b115118d852522a43906260e", + "image": "docker.io/library/busybox:1.34.1", + "image_id": "docker.io/library/import-2024-02-27@sha256:c4d04d75f4fed737c946055f12e8eae66b6272e59afc5c9ed865428d7c215dad", + "last_state": { + "running": null, + "terminated": null, + "waiting": null + }, + "name": "raftlog", + "ready": true, + "restart_count": 0, + "started": true, + "state": { + "running": { + "started_at": "2024-02-27T01:20:25+00:00" + }, + "terminated": null, + "waiting": null + } + }, + { + "container_id": "containerd://56d376cf937d44d43a9352cdab2a3c102609b651357f357c5062676a99d63dcd", + "image": "docker.io/pingcap/tikv:v5.4.0", + "image_id": "docker.io/library/import-2024-02-27@sha256:6a5cc1deaa123c842cd3537ed4e322ce7e9ab42b8f45ee1d59dd0a7520ca6acc", + "last_state": { + "running": null, + "terminated": null, + "waiting": null + }, + "name": "tikv", + "ready": true, + "restart_count": 0, + "started": true, + "state": { + "running": { + "started_at": "2024-02-27T01:20:26+00:00" + }, + "terminated": null, + "waiting": null + } + } + ], + "ephemeral_container_statuses": null, + "host_ip": "172.18.0.3", + "init_container_statuses": null, + "message": null, + "nominated_node_name": null, + "phase": "Running", + "pod_ip": "10.244.3.7", + "pod_i_ps": [ + { + "ip": "10.244.3.7" + } + ], + "qos_class": "BestEffort", + "reason": null, + "start_time": "2024-02-27T01:20:25+00:00" + } + } + }, + "deployment_pods": { + "test-cluster-discovery": [ + { + "api_version": null, + "kind": null, + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:19:59+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": "test-cluster-discovery-689d8466cb-", + "generation": null, + "labels": { + "app.kubernetes.io/component": "discovery", + "app.kubernetes.io/instance": "test-cluster", + "app.kubernetes.io/managed-by": "tidb-operator", + "app.kubernetes.io/name": "tidb-cluster", + "pod-template-hash": "689d8466cb", + "tidb.pingcap.com/cluster-id": "7340085439264123903" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:generateName": {}, + "f:labels": { + ".": {}, + "f:app.kubernetes.io/component": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {}, + "f:pod-template-hash": {} + }, + "f:ownerReferences": { + ".": {}, + "k:{\"uid\":\"a6ae946c-e641-488e-8d11-8f8a0e04bed1\"}": {} + } + }, + "f:spec": { + "f:containers": { + "k:{\"name\":\"discovery\"}": { + ".": {}, + "f:command": {}, + "f:env": { + ".": {}, + "k:{\"name\":\"MY_POD_NAMESPACE\"}": { + ".": {}, + "f:name": {}, + "f:valueFrom": { + ".": {}, + "f:fieldRef": {} + } + }, + "k:{\"name\":\"TC_NAME\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"TZ\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + } + }, + "f:image": {}, + "f:imagePullPolicy": {}, + "f:name": {}, + "f:ports": { + ".": {}, + "k:{\"containerPort\":10261,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + }, + "k:{\"containerPort\":10262,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + } + }, + "f:resources": {}, + "f:terminationMessagePath": {}, + "f:terminationMessagePolicy": {} + } + }, + "f:dnsPolicy": {}, + "f:enableServiceLinks": {}, + "f:restartPolicy": {}, + "f:schedulerName": {}, + "f:securityContext": {}, + "f:serviceAccount": {}, + "f:serviceAccountName": {}, + "f:terminationGracePeriodSeconds": {} + } + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:59+00:00" + }, + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:status": { + "f:conditions": { + "k:{\"type\":\"ContainersReady\"}": { + ".": {}, + "f:lastProbeTime": {}, + "f:lastTransitionTime": {}, + "f:status": {}, + "f:type": {} + }, + "k:{\"type\":\"Initialized\"}": { + ".": {}, + "f:lastProbeTime": {}, + "f:lastTransitionTime": {}, + "f:status": {}, + "f:type": {} + }, + "k:{\"type\":\"Ready\"}": { + ".": {}, + "f:lastProbeTime": {}, + "f:lastTransitionTime": {}, + "f:status": {}, + "f:type": {} + } + }, + "f:containerStatuses": {}, + "f:hostIP": {}, + "f:phase": {}, + "f:podIP": {}, + "f:podIPs": { + ".": {}, + "k:{\"ip\":\"10.244.2.3\"}": { + ".": {}, + "f:ip": {} + } + }, + "f:startTime": {} + } + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:01+00:00" + }, + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:labels": { + "f:tidb.pingcap.com/cluster-id": {} + } + } + }, + "manager": "tidb-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:55+00:00" + } + ], + "name": "test-cluster-discovery-689d8466cb-rkhsw", + "namespace": "acto-namespace", + "owner_references": [ + { + "api_version": "apps/v1", + "block_owner_deletion": true, + "controller": true, + "kind": "ReplicaSet", + "name": "test-cluster-discovery-689d8466cb", + "uid": "a6ae946c-e641-488e-8d11-8f8a0e04bed1" + } + ], + "resource_version": "1411", + "self_link": null, + "uid": "7d5c38de-d388-4f79-a1eb-dbfcb1333562" + }, + "spec": { + "active_deadline_seconds": null, + "affinity": null, + "automount_service_account_token": null, + "containers": [ + { + "args": null, + "command": [ + "/usr/local/bin/tidb-discovery" + ], + "env": [ + { + "name": "MY_POD_NAMESPACE", + "value": null, + "value_from": { + "config_map_key_ref": null, + "field_ref": { + "api_version": "v1", + "field_path": "metadata.namespace" + }, + "resource_field_ref": null, + "secret_key_ref": null + } + }, + { + "name": "TZ", + "value": "UTC", + "value_from": null + }, + { + "name": "TC_NAME", + "value": "test-cluster", + "value_from": null + } + ], + "env_from": null, + "image": "pingcap/tidb-operator:v1.3.2", + "image_pull_policy": "IfNotPresent", + "lifecycle": null, + "liveness_probe": null, + "name": "discovery", + "ports": [ + { + "container_port": 10261, + "host_ip": null, + "host_port": null, + "name": "discovery", + "protocol": "TCP" + }, + { + "container_port": 10262, + "host_ip": null, + "host_port": null, + "name": "proxy", + "protocol": "TCP" + } + ], + "readiness_probe": null, + "resources": { + "claims": null, + "limits": null, + "requests": null + }, + "security_context": null, + "startup_probe": null, + "stdin": null, + "stdin_once": null, + "termination_message_path": "/dev/termination-log", + "termination_message_policy": "File", + "tty": null, + "volume_devices": null, + "volume_mounts": [ + { + "mount_path": "/var/run/secrets/kubernetes.io/serviceaccount", + "mount_propagation": null, + "name": "kube-api-access-kvn5p", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + } + ], + "working_dir": null + } + ], + "dns_config": null, + "dns_policy": "ClusterFirst", + "enable_service_links": true, + "ephemeral_containers": null, + "host_aliases": null, + "host_ipc": null, + "host_network": null, + "host_pid": null, + "host_users": null, + "hostname": null, + "image_pull_secrets": null, + "init_containers": null, + "node_name": "acto-0-cluster-0-worker2", + "node_selector": null, + "os": null, + "overhead": null, + "preemption_policy": "PreemptLowerPriority", + "priority": 0, + "priority_class_name": null, + "readiness_gates": null, + "resource_claims": null, + "restart_policy": "Always", + "runtime_class_name": null, + "scheduler_name": "default-scheduler", + "scheduling_gates": null, + "security_context": { + "fs_group": null, + "fs_group_change_policy": null, + "run_as_group": null, + "run_as_non_root": null, + "run_as_user": null, + "se_linux_options": null, + "seccomp_profile": null, + "supplemental_groups": null, + "sysctls": null, + "windows_options": null + }, + "service_account": "test-cluster-discovery", + "service_account_name": "test-cluster-discovery", + "set_hostname_as_fqdn": null, + "share_process_namespace": null, + "subdomain": null, + "termination_grace_period_seconds": 30, + "tolerations": [ + { + "effect": "NoExecute", + "key": "node.kubernetes.io/not-ready", + "operator": "Exists", + "toleration_seconds": 300, + "value": null + }, + { + "effect": "NoExecute", + "key": "node.kubernetes.io/unreachable", + "operator": "Exists", + "toleration_seconds": 300, + "value": null + } + ], + "topology_spread_constraints": null, + "volumes": [ + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "kube-api-access-kvn5p", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": { + "default_mode": 420, + "sources": [ + { + "config_map": null, + "downward_api": null, + "secret": null, + "service_account_token": { + "audience": null, + "expiration_seconds": 3607, + "path": "token" + } + }, + { + "config_map": { + "items": [ + { + "key": "ca.crt", + "mode": null, + "path": "ca.crt" + } + ], + "name": "kube-root-ca.crt", + "optional": null + }, + "downward_api": null, + "secret": null, + "service_account_token": null + }, + { + "config_map": null, + "downward_api": { + "items": [ + { + "field_ref": { + "api_version": "v1", + "field_path": "metadata.namespace" + }, + "mode": null, + "path": "namespace", + "resource_field_ref": null + } + ] + }, + "secret": null, + "service_account_token": null + } + ] + }, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + } + ] + }, + "status": { + "conditions": [ + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T01:19:59+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "Initialized" + }, + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T01:20:01+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "Ready" + }, + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T01:20:01+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "ContainersReady" + }, + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T01:19:59+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "PodScheduled" + } + ], + "container_statuses": [ + { + "container_id": "containerd://28e3a899abba97d805ee331d8c6d6c446d517b15a8803a799a37537f194899b1", + "image": "docker.io/pingcap/tidb-operator:v1.3.2", + "image_id": "docker.io/library/import-2024-02-27@sha256:c76b0aaafb25be29b2618f334a63ffbc5be84d1ddc1660eb0c9e1aa43854b9bc", + "last_state": { + "running": null, + "terminated": null, + "waiting": null + }, + "name": "discovery", + "ready": true, + "restart_count": 0, + "started": true, + "state": { + "running": { + "started_at": "2024-02-27T01:20:00+00:00" + }, + "terminated": null, + "waiting": null + } + } + ], + "ephemeral_container_statuses": null, + "host_ip": "172.18.0.5", + "init_container_statuses": null, + "message": null, + "nominated_node_name": null, + "phase": "Running", + "pod_ip": "10.244.2.3", + "pod_i_ps": [ + { + "ip": "10.244.2.3" + } + ], + "qos_class": "BestEffort", + "reason": null, + "start_time": "2024-02-27T01:19:59+00:00" + } + } + ], + "tidb-controller-manager": [ + { + "api_version": null, + "kind": null, + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:19:34+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": "tidb-controller-manager-7b6bdb846c-", + "generation": null, + "labels": { + "acto/tag": "operator-pod", + "app.kubernetes.io/component": "controller-manager", + "app.kubernetes.io/instance": "acto-test-operator", + "app.kubernetes.io/name": "tidb-operator", + "pod-template-hash": "7b6bdb846c" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:generateName": {}, + "f:labels": { + ".": {}, + "f:acto/tag": {}, + "f:app.kubernetes.io/component": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/name": {}, + "f:pod-template-hash": {} + }, + "f:ownerReferences": { + ".": {}, + "k:{\"uid\":\"bb205349-db16-4be3-a580-837c95106a43\"}": {} + } + }, + "f:spec": { + "f:containers": { + "k:{\"name\":\"tidb-operator\"}": { + ".": {}, + "f:command": {}, + "f:env": { + ".": {}, + "k:{\"name\":\"NAMESPACE\"}": { + ".": {}, + "f:name": {}, + "f:valueFrom": { + ".": {}, + "f:fieldRef": {} + } + }, + "k:{\"name\":\"TZ\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + } + }, + "f:image": {}, + "f:imagePullPolicy": {}, + "f:livenessProbe": { + ".": {}, + "f:failureThreshold": {}, + "f:initialDelaySeconds": {}, + "f:periodSeconds": {}, + "f:successThreshold": {}, + "f:tcpSocket": { + ".": {}, + "f:port": {} + }, + "f:timeoutSeconds": {} + }, + "f:name": {}, + "f:resources": { + ".": {}, + "f:requests": { + ".": {}, + "f:cpu": {}, + "f:memory": {} + } + }, + "f:terminationMessagePath": {}, + "f:terminationMessagePolicy": {} + } + }, + "f:dnsPolicy": {}, + "f:enableServiceLinks": {}, + "f:restartPolicy": {}, + "f:schedulerName": {}, + "f:securityContext": {}, + "f:serviceAccount": {}, + "f:serviceAccountName": {}, + "f:terminationGracePeriodSeconds": {} + } + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:34+00:00" + }, + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:status": { + "f:conditions": { + "k:{\"type\":\"ContainersReady\"}": { + ".": {}, + "f:lastProbeTime": {}, + "f:lastTransitionTime": {}, + "f:status": {}, + "f:type": {} + }, + "k:{\"type\":\"Initialized\"}": { + ".": {}, + "f:lastProbeTime": {}, + "f:lastTransitionTime": {}, + "f:status": {}, + "f:type": {} + }, + "k:{\"type\":\"Ready\"}": { + ".": {}, + "f:lastProbeTime": {}, + "f:lastTransitionTime": {}, + "f:status": {}, + "f:type": {} + } + }, + "f:containerStatuses": {}, + "f:hostIP": {}, + "f:phase": {}, + "f:podIP": {}, + "f:podIPs": { + ".": {}, + "k:{\"ip\":\"10.244.1.2\"}": { + ".": {}, + "f:ip": {} + } + }, + "f:startTime": {} + } + }, + "manager": "kubelet", + "operation": "Update", + "subresource": "status", + "time": "2024-02-27T01:19:35+00:00" + } + ], + "name": "tidb-controller-manager-7b6bdb846c-75s8q", + "namespace": "acto-namespace", + "owner_references": [ + { + "api_version": "apps/v1", + "block_owner_deletion": true, + "controller": true, + "kind": "ReplicaSet", + "name": "tidb-controller-manager-7b6bdb846c", + "uid": "bb205349-db16-4be3-a580-837c95106a43" + } + ], + "resource_version": "772", + "self_link": null, + "uid": "b93e5400-95b9-4849-81cd-5e05969d0494" + }, + "spec": { + "active_deadline_seconds": null, + "affinity": null, + "automount_service_account_token": null, + "containers": [ + { + "args": null, + "command": [ + "/usr/local/bin/tidb-controller-manager", + "-tidb-backup-manager-image=pingcap/tidb-backup-manager:v1.3.2", + "-tidb-discovery-image=pingcap/tidb-operator:v1.3.2", + "-cluster-scoped=true", + "-cluster-permission-node=true", + "-cluster-permission-pv=true", + "-cluster-permission-sc=true", + "-auto-failover=true", + "-pd-failover-period=5m", + "-tikv-failover-period=5m", + "-tiflash-failover-period=5m", + "-tidb-failover-period=5m", + "-dm-master-failover-period=5m", + "-dm-worker-failover-period=5m", + "-v=2" + ], + "env": [ + { + "name": "NAMESPACE", + "value": null, + "value_from": { + "config_map_key_ref": null, + "field_ref": { + "api_version": "v1", + "field_path": "metadata.namespace" + }, + "resource_field_ref": null, + "secret_key_ref": null + } + }, + { + "name": "TZ", + "value": "UTC", + "value_from": null + } + ], + "env_from": null, + "image": "pingcap/tidb-operator:v1.3.2", + "image_pull_policy": "IfNotPresent", + "lifecycle": null, + "liveness_probe": { + "_exec": null, + "failure_threshold": 10, + "grpc": null, + "http_get": null, + "initial_delay_seconds": 30, + "period_seconds": 10, + "success_threshold": 1, + "tcp_socket": { + "host": null, + "port": 6060 + }, + "termination_grace_period_seconds": null, + "timeout_seconds": 1 + }, + "name": "tidb-operator", + "ports": null, + "readiness_probe": null, + "resources": { + "claims": null, + "limits": null, + "requests": { + "cpu": "80m", + "memory": "50Mi" + } + }, + "security_context": null, + "startup_probe": null, + "stdin": null, + "stdin_once": null, + "termination_message_path": "/dev/termination-log", + "termination_message_policy": "File", + "tty": null, + "volume_devices": null, + "volume_mounts": [ + { + "mount_path": "/var/run/secrets/kubernetes.io/serviceaccount", + "mount_propagation": null, + "name": "kube-api-access-cwpt2", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + } + ], + "working_dir": null + } + ], + "dns_config": null, + "dns_policy": "ClusterFirst", + "enable_service_links": true, + "ephemeral_containers": null, + "host_aliases": null, + "host_ipc": null, + "host_network": null, + "host_pid": null, + "host_users": null, + "hostname": null, + "image_pull_secrets": null, + "init_containers": null, + "node_name": "acto-0-cluster-0-worker", + "node_selector": null, + "os": null, + "overhead": null, + "preemption_policy": "PreemptLowerPriority", + "priority": 0, + "priority_class_name": null, + "readiness_gates": null, + "resource_claims": null, + "restart_policy": "Always", + "runtime_class_name": null, + "scheduler_name": "default-scheduler", + "scheduling_gates": null, + "security_context": { + "fs_group": null, + "fs_group_change_policy": null, + "run_as_group": null, + "run_as_non_root": null, + "run_as_user": null, + "se_linux_options": null, + "seccomp_profile": null, + "supplemental_groups": null, + "sysctls": null, + "windows_options": null + }, + "service_account": "tidb-controller-manager", + "service_account_name": "tidb-controller-manager", + "set_hostname_as_fqdn": null, + "share_process_namespace": null, + "subdomain": null, + "termination_grace_period_seconds": 30, + "tolerations": [ + { + "effect": "NoExecute", + "key": "node.kubernetes.io/not-ready", + "operator": "Exists", + "toleration_seconds": 300, + "value": null + }, + { + "effect": "NoExecute", + "key": "node.kubernetes.io/unreachable", + "operator": "Exists", + "toleration_seconds": 300, + "value": null + } + ], + "topology_spread_constraints": null, + "volumes": [ + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "kube-api-access-cwpt2", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": { + "default_mode": 420, + "sources": [ + { + "config_map": null, + "downward_api": null, + "secret": null, + "service_account_token": { + "audience": null, + "expiration_seconds": 3607, + "path": "token" + } + }, + { + "config_map": { + "items": [ + { + "key": "ca.crt", + "mode": null, + "path": "ca.crt" + } + ], + "name": "kube-root-ca.crt", + "optional": null + }, + "downward_api": null, + "secret": null, + "service_account_token": null + }, + { + "config_map": null, + "downward_api": { + "items": [ + { + "field_ref": { + "api_version": "v1", + "field_path": "metadata.namespace" + }, + "mode": null, + "path": "namespace", + "resource_field_ref": null + } + ] + }, + "secret": null, + "service_account_token": null + } + ] + }, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + } + ] + }, + "status": { + "conditions": [ + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T01:19:34+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "Initialized" + }, + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T01:19:35+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "Ready" + }, + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T01:19:35+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "ContainersReady" + }, + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T01:19:34+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "PodScheduled" + } + ], + "container_statuses": [ + { + "container_id": "containerd://caea90884ede486bbd27d844516f0cc0e2902939d2af7a26eb8e979f7a95f801", + "image": "docker.io/pingcap/tidb-operator:v1.3.2", + "image_id": "docker.io/library/import-2024-02-27@sha256:c76b0aaafb25be29b2618f334a63ffbc5be84d1ddc1660eb0c9e1aa43854b9bc", + "last_state": { + "running": null, + "terminated": null, + "waiting": null + }, + "name": "tidb-operator", + "ready": true, + "restart_count": 0, + "started": true, + "state": { + "running": { + "started_at": "2024-02-27T01:19:34+00:00" + }, + "terminated": null, + "waiting": null + } + } + ], + "ephemeral_container_statuses": null, + "host_ip": "172.18.0.2", + "init_container_statuses": null, + "message": null, + "nominated_node_name": null, + "phase": "Running", + "pod_ip": "10.244.1.2", + "pod_i_ps": [ + { + "ip": "10.244.1.2" + } + ], + "qos_class": "Burstable", + "reason": null, + "start_time": "2024-02-27T01:19:34+00:00" + } + } + ], + "tidb-scheduler": [ + { + "api_version": null, + "kind": null, + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:19:34+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": "tidb-scheduler-77874455fc-", + "generation": null, + "labels": { + "acto/tag": "operator-pod", + "app.kubernetes.io/component": "scheduler", + "app.kubernetes.io/instance": "acto-test-operator", + "app.kubernetes.io/name": "tidb-operator", + "pod-template-hash": "77874455fc" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:generateName": {}, + "f:labels": { + ".": {}, + "f:acto/tag": {}, + "f:app.kubernetes.io/component": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/name": {}, + "f:pod-template-hash": {} + }, + "f:ownerReferences": { + ".": {}, + "k:{\"uid\":\"c9b2667a-583a-46ba-9e81-967fa44bd897\"}": {} + } + }, + "f:spec": { + "f:containers": { + "k:{\"name\":\"kube-scheduler\"}": { + ".": {}, + "f:command": {}, + "f:image": {}, + "f:imagePullPolicy": {}, + "f:name": {}, + "f:resources": { + ".": {}, + "f:limits": { + ".": {}, + "f:cpu": {}, + "f:memory": {} + }, + "f:requests": { + ".": {}, + "f:cpu": {}, + "f:memory": {} + } + }, + "f:terminationMessagePath": {}, + "f:terminationMessagePolicy": {}, + "f:volumeMounts": { + ".": {}, + "k:{\"mountPath\":\"/etc/kubernetes\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {} + } + } + }, + "k:{\"name\":\"tidb-scheduler\"}": { + ".": {}, + "f:command": {}, + "f:image": {}, + "f:imagePullPolicy": {}, + "f:name": {}, + "f:resources": { + ".": {}, + "f:limits": { + ".": {}, + "f:cpu": {}, + "f:memory": {} + }, + "f:requests": { + ".": {}, + "f:cpu": {}, + "f:memory": {} + } + }, + "f:terminationMessagePath": {}, + "f:terminationMessagePolicy": {} + } + }, + "f:dnsPolicy": {}, + "f:enableServiceLinks": {}, + "f:restartPolicy": {}, + "f:schedulerName": {}, + "f:securityContext": {}, + "f:serviceAccount": {}, + "f:serviceAccountName": {}, + "f:terminationGracePeriodSeconds": {}, + "f:volumes": { + ".": {}, + "k:{\"name\":\"scheduler-config\"}": { + ".": {}, + "f:configMap": { + ".": {}, + "f:defaultMode": {}, + "f:name": {} + }, + "f:name": {} + } + } + } + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:34+00:00" + }, + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:status": { + "f:conditions": { + "k:{\"type\":\"ContainersReady\"}": { + ".": {}, + "f:lastProbeTime": {}, + "f:lastTransitionTime": {}, + "f:status": {}, + "f:type": {} + }, + "k:{\"type\":\"Initialized\"}": { + ".": {}, + "f:lastProbeTime": {}, + "f:lastTransitionTime": {}, + "f:status": {}, + "f:type": {} + }, + "k:{\"type\":\"Ready\"}": { + ".": {}, + "f:lastProbeTime": {}, + "f:lastTransitionTime": {}, + "f:status": {}, + "f:type": {} + } + }, + "f:containerStatuses": {}, + "f:hostIP": {}, + "f:phase": {}, + "f:podIP": {}, + "f:podIPs": { + ".": {}, + "k:{\"ip\":\"10.244.3.3\"}": { + ".": {}, + "f:ip": {} + } + }, + "f:startTime": {} + } + }, + "manager": "kubelet", + "operation": "Update", + "subresource": "status", + "time": "2024-02-27T01:19:37+00:00" + } + ], + "name": "tidb-scheduler-77874455fc-dxfhz", + "namespace": "acto-namespace", + "owner_references": [ + { + "api_version": "apps/v1", + "block_owner_deletion": true, + "controller": true, + "kind": "ReplicaSet", + "name": "tidb-scheduler-77874455fc", + "uid": "c9b2667a-583a-46ba-9e81-967fa44bd897" + } + ], + "resource_version": "792", + "self_link": null, + "uid": "b5ef8809-da58-498b-8b27-4d7f2c32a074" + }, + "spec": { + "active_deadline_seconds": null, + "affinity": null, + "automount_service_account_token": null, + "containers": [ + { + "args": null, + "command": [ + "/usr/local/bin/tidb-scheduler", + "-v=2", + "-port=10262" + ], + "env": null, + "env_from": null, + "image": "pingcap/tidb-operator:v1.3.2", + "image_pull_policy": "IfNotPresent", + "lifecycle": null, + "liveness_probe": null, + "name": "tidb-scheduler", + "ports": null, + "readiness_probe": null, + "resources": { + "claims": null, + "limits": { + "cpu": "250m", + "memory": "150Mi" + }, + "requests": { + "cpu": "80m", + "memory": "50Mi" + } + }, + "security_context": null, + "startup_probe": null, + "stdin": null, + "stdin_once": null, + "termination_message_path": "/dev/termination-log", + "termination_message_policy": "File", + "tty": null, + "volume_devices": null, + "volume_mounts": [ + { + "mount_path": "/var/run/secrets/kubernetes.io/serviceaccount", + "mount_propagation": null, + "name": "kube-api-access-8nw56", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + } + ], + "working_dir": null + }, + { + "args": null, + "command": [ + "kube-scheduler", + "--v=2", + "--config=/etc/kubernetes/scheduler-config.yaml" + ], + "env": null, + "env_from": null, + "image": "k8s.gcr.io/kube-scheduler:v1.22.9", + "image_pull_policy": "IfNotPresent", + "lifecycle": null, + "liveness_probe": null, + "name": "kube-scheduler", + "ports": null, + "readiness_probe": null, + "resources": { + "claims": null, + "limits": { + "cpu": "250m", + "memory": "150Mi" + }, + "requests": { + "cpu": "80m", + "memory": "50Mi" + } + }, + "security_context": null, + "startup_probe": null, + "stdin": null, + "stdin_once": null, + "termination_message_path": "/dev/termination-log", + "termination_message_policy": "File", + "tty": null, + "volume_devices": null, + "volume_mounts": [ + { + "mount_path": "/etc/kubernetes", + "mount_propagation": null, + "name": "scheduler-config", + "read_only": null, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/var/run/secrets/kubernetes.io/serviceaccount", + "mount_propagation": null, + "name": "kube-api-access-8nw56", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + } + ], + "working_dir": null + } + ], + "dns_config": null, + "dns_policy": "ClusterFirst", + "enable_service_links": true, + "ephemeral_containers": null, + "host_aliases": null, + "host_ipc": null, + "host_network": null, + "host_pid": null, + "host_users": null, + "hostname": null, + "image_pull_secrets": null, + "init_containers": null, + "node_name": "acto-0-cluster-0-worker3", + "node_selector": null, + "os": null, + "overhead": null, + "preemption_policy": "PreemptLowerPriority", + "priority": 0, + "priority_class_name": null, + "readiness_gates": null, + "resource_claims": null, + "restart_policy": "Always", + "runtime_class_name": null, + "scheduler_name": "default-scheduler", + "scheduling_gates": null, + "security_context": { + "fs_group": null, + "fs_group_change_policy": null, + "run_as_group": null, + "run_as_non_root": null, + "run_as_user": null, + "se_linux_options": null, + "seccomp_profile": null, + "supplemental_groups": null, + "sysctls": null, + "windows_options": null + }, + "service_account": "tidb-scheduler", + "service_account_name": "tidb-scheduler", + "set_hostname_as_fqdn": null, + "share_process_namespace": null, + "subdomain": null, + "termination_grace_period_seconds": 30, + "tolerations": [ + { + "effect": "NoExecute", + "key": "node.kubernetes.io/not-ready", + "operator": "Exists", + "toleration_seconds": 300, + "value": null + }, + { + "effect": "NoExecute", + "key": "node.kubernetes.io/unreachable", + "operator": "Exists", + "toleration_seconds": 300, + "value": null + } + ], + "topology_spread_constraints": null, + "volumes": [ + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": { + "default_mode": 420, + "items": null, + "name": "tidb-scheduler-config", + "optional": null + }, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "scheduler-config", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "kube-api-access-8nw56", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": { + "default_mode": 420, + "sources": [ + { + "config_map": null, + "downward_api": null, + "secret": null, + "service_account_token": { + "audience": null, + "expiration_seconds": 3607, + "path": "token" + } + }, + { + "config_map": { + "items": [ + { + "key": "ca.crt", + "mode": null, + "path": "ca.crt" + } + ], + "name": "kube-root-ca.crt", + "optional": null + }, + "downward_api": null, + "secret": null, + "service_account_token": null + }, + { + "config_map": null, + "downward_api": { + "items": [ + { + "field_ref": { + "api_version": "v1", + "field_path": "metadata.namespace" + }, + "mode": null, + "path": "namespace", + "resource_field_ref": null + } + ] + }, + "secret": null, + "service_account_token": null + } + ] + }, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + } + ] + }, + "status": { + "conditions": [ + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T01:19:34+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "Initialized" + }, + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T01:19:37+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "Ready" + }, + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T01:19:37+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "ContainersReady" + }, + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T01:19:34+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "PodScheduled" + } + ], + "container_statuses": [ + { + "container_id": "containerd://f2223ddc3676158fe84acccc0915ced286e7cbdff99b443ff4b154774a88a874", + "image": "k8s.gcr.io/kube-scheduler:v1.22.9", + "image_id": "k8s.gcr.io/kube-scheduler@sha256:9748f115f11151a0e5ffda770f696bef46371b819a84b95e77bbfc7843b64404", + "last_state": { + "running": null, + "terminated": null, + "waiting": null + }, + "name": "kube-scheduler", + "ready": true, + "restart_count": 0, + "started": true, + "state": { + "running": { + "started_at": "2024-02-27T01:19:36+00:00" + }, + "terminated": null, + "waiting": null + } + }, + { + "container_id": "containerd://d8f8fb1a875d8c68c580f21b9aab9d182a3f31657b2bb3ef878c85ac42128d55", + "image": "docker.io/pingcap/tidb-operator:v1.3.2", + "image_id": "docker.io/library/import-2024-02-27@sha256:c76b0aaafb25be29b2618f334a63ffbc5be84d1ddc1660eb0c9e1aa43854b9bc", + "last_state": { + "running": null, + "terminated": null, + "waiting": null + }, + "name": "tidb-scheduler", + "ready": true, + "restart_count": 0, + "started": true, + "state": { + "running": { + "started_at": "2024-02-27T01:19:34+00:00" + }, + "terminated": null, + "waiting": null + } + } + ], + "ephemeral_container_statuses": null, + "host_ip": "172.18.0.3", + "init_container_statuses": null, + "message": null, + "nominated_node_name": null, + "phase": "Running", + "pod_ip": "10.244.3.3", + "pod_i_ps": [ + { + "ip": "10.244.3.3" + } + ], + "qos_class": "Burstable", + "reason": null, + "start_time": "2024-02-27T01:19:34+00:00" + } + } + ] + }, + "daemonset_pods": {}, + "stateful_set": { + "test-cluster-pd": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": { + "pingcap.com/last-applied-configuration": "{\"replicas\":3,\"selector\":{\"matchLabels\":{\"app.kubernetes.io/component\":\"pd\",\"app.kubernetes.io/instance\":\"test-cluster\",\"app.kubernetes.io/managed-by\":\"tidb-operator\",\"app.kubernetes.io/name\":\"tidb-cluster\"}},\"template\":{\"metadata\":{\"creationTimestamp\":null,\"labels\":{\"app.kubernetes.io/component\":\"pd\",\"app.kubernetes.io/instance\":\"test-cluster\",\"app.kubernetes.io/managed-by\":\"tidb-operator\",\"app.kubernetes.io/name\":\"tidb-cluster\"},\"annotations\":{\"prometheus.io/path\":\"/metrics\",\"prometheus.io/port\":\"2379\",\"prometheus.io/scrape\":\"true\"}},\"spec\":{\"volumes\":[{\"name\":\"annotations\",\"downwardAPI\":{\"items\":[{\"path\":\"annotations\",\"fieldRef\":{\"fieldPath\":\"metadata.annotations\"}}]}},{\"name\":\"config\",\"configMap\":{\"name\":\"test-cluster-pd-3731616\",\"items\":[{\"key\":\"config-file\",\"path\":\"pd.toml\"}]}},{\"name\":\"startup-script\",\"configMap\":{\"name\":\"test-cluster-pd-3731616\",\"items\":[{\"key\":\"startup-script\",\"path\":\"pd_start_script.sh\"}]}}],\"containers\":[{\"name\":\"pd\",\"image\":\"pingcap/pd:v5.4.0\",\"command\":[\"/bin/sh\",\"/usr/local/bin/pd_start_script.sh\"],\"ports\":[{\"name\":\"server\",\"containerPort\":2380,\"protocol\":\"TCP\"},{\"name\":\"client\",\"containerPort\":2379,\"protocol\":\"TCP\"}],\"env\":[{\"name\":\"NAMESPACE\",\"valueFrom\":{\"fieldRef\":{\"fieldPath\":\"metadata.namespace\"}}},{\"name\":\"PEER_SERVICE_NAME\",\"value\":\"test-cluster-pd-peer\"},{\"name\":\"SERVICE_NAME\",\"value\":\"test-cluster-pd\"},{\"name\":\"SET_NAME\",\"value\":\"test-cluster-pd\"},{\"name\":\"TZ\",\"value\":\"UTC\"}],\"resources\":{},\"volumeMounts\":[{\"name\":\"annotations\",\"readOnly\":true,\"mountPath\":\"/etc/podinfo\"},{\"name\":\"config\",\"readOnly\":true,\"mountPath\":\"/etc/pd\"},{\"name\":\"startup-script\",\"readOnly\":true,\"mountPath\":\"/usr/local/bin\"},{\"name\":\"pd\",\"mountPath\":\"/var/lib/pd\"}],\"imagePullPolicy\":\"IfNotPresent\"}],\"restartPolicy\":\"Always\",\"dnsPolicy\":\"ClusterFirst\"}},\"volumeClaimTemplates\":[{\"metadata\":{\"name\":\"pd\",\"creationTimestamp\":null},\"spec\":{\"accessModes\":[\"ReadWriteOnce\"],\"resources\":{\"requests\":{\"storage\":\"10Gi\"}}},\"status\":{}}],\"serviceName\":\"test-cluster-pd-peer\",\"podManagementPolicy\":\"Parallel\",\"updateStrategy\":{\"type\":\"RollingUpdate\",\"rollingUpdate\":{\"partition\":3}}}" + }, + "creation_timestamp": "2024-02-27T01:19:59+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": 1, + "labels": { + "app.kubernetes.io/component": "pd", + "app.kubernetes.io/instance": "test-cluster", + "app.kubernetes.io/managed-by": "tidb-operator", + "app.kubernetes.io/name": "tidb-cluster" + }, + "managed_fields": [ + { + "api_version": "apps/v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + ".": {}, + "f:pingcap.com/last-applied-configuration": {} + }, + "f:labels": { + ".": {}, + "f:app.kubernetes.io/component": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {} + }, + "f:ownerReferences": { + ".": {}, + "k:{\"uid\":\"eff6561e-bf0d-471c-99a1-71f35603bc87\"}": {} + } + }, + "f:spec": { + "f:persistentVolumeClaimRetentionPolicy": { + ".": {}, + "f:whenDeleted": {}, + "f:whenScaled": {} + }, + "f:podManagementPolicy": {}, + "f:replicas": {}, + "f:revisionHistoryLimit": {}, + "f:selector": {}, + "f:serviceName": {}, + "f:template": { + "f:metadata": { + "f:annotations": { + ".": {}, + "f:prometheus.io/path": {}, + "f:prometheus.io/port": {}, + "f:prometheus.io/scrape": {} + }, + "f:labels": { + ".": {}, + "f:app.kubernetes.io/component": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {} + } + }, + "f:spec": { + "f:containers": { + "k:{\"name\":\"pd\"}": { + ".": {}, + "f:command": {}, + "f:env": { + ".": {}, + "k:{\"name\":\"NAMESPACE\"}": { + ".": {}, + "f:name": {}, + "f:valueFrom": { + ".": {}, + "f:fieldRef": {} + } + }, + "k:{\"name\":\"PEER_SERVICE_NAME\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"SERVICE_NAME\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"SET_NAME\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"TZ\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + } + }, + "f:image": {}, + "f:imagePullPolicy": {}, + "f:name": {}, + "f:ports": { + ".": {}, + "k:{\"containerPort\":2379,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + }, + "k:{\"containerPort\":2380,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + } + }, + "f:resources": {}, + "f:terminationMessagePath": {}, + "f:terminationMessagePolicy": {}, + "f:volumeMounts": { + ".": {}, + "k:{\"mountPath\":\"/etc/pd\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {}, + "f:readOnly": {} + }, + "k:{\"mountPath\":\"/etc/podinfo\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {}, + "f:readOnly": {} + }, + "k:{\"mountPath\":\"/usr/local/bin\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {}, + "f:readOnly": {} + }, + "k:{\"mountPath\":\"/var/lib/pd\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {} + } + } + } + }, + "f:dnsPolicy": {}, + "f:restartPolicy": {}, + "f:schedulerName": {}, + "f:securityContext": {}, + "f:terminationGracePeriodSeconds": {}, + "f:volumes": { + ".": {}, + "k:{\"name\":\"annotations\"}": { + ".": {}, + "f:downwardAPI": { + ".": {}, + "f:defaultMode": {}, + "f:items": {} + }, + "f:name": {} + }, + "k:{\"name\":\"config\"}": { + ".": {}, + "f:configMap": { + ".": {}, + "f:defaultMode": {}, + "f:items": {}, + "f:name": {} + }, + "f:name": {} + }, + "k:{\"name\":\"startup-script\"}": { + ".": {}, + "f:configMap": { + ".": {}, + "f:defaultMode": {}, + "f:items": {}, + "f:name": {} + }, + "f:name": {} + } + } + } + }, + "f:updateStrategy": { + "f:rollingUpdate": { + ".": {}, + "f:partition": {} + }, + "f:type": {} + }, + "f:volumeClaimTemplates": {} + } + }, + "manager": "tidb-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:59+00:00" + }, + { + "api_version": "apps/v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:status": { + "f:availableReplicas": {}, + "f:collisionCount": {}, + "f:currentReplicas": {}, + "f:currentRevision": {}, + "f:observedGeneration": {}, + "f:readyReplicas": {}, + "f:replicas": {}, + "f:updateRevision": {}, + "f:updatedReplicas": {} + } + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": "status", + "time": "2024-02-27T01:20:26+00:00" + } + ], + "name": "test-cluster-pd", + "namespace": "acto-namespace", + "owner_references": [ + { + "api_version": "pingcap.com/v1alpha1", + "block_owner_deletion": true, + "controller": true, + "kind": "TidbCluster", + "name": "test-cluster", + "uid": "eff6561e-bf0d-471c-99a1-71f35603bc87" + } + ], + "resource_version": "1238", + "self_link": null, + "uid": "88522170-1faf-4a03-8d4e-f4f6a40c72a7" + }, + "spec": { + "min_ready_seconds": null, + "ordinals": null, + "persistent_volume_claim_retention_policy": { + "when_deleted": "Retain", + "when_scaled": "Retain" + }, + "pod_management_policy": "Parallel", + "replicas": 3, + "revision_history_limit": 10, + "selector": { + "match_expressions": null, + "match_labels": { + "app.kubernetes.io/component": "pd", + "app.kubernetes.io/instance": "test-cluster", + "app.kubernetes.io/managed-by": "tidb-operator", + "app.kubernetes.io/name": "tidb-cluster" + } + }, + "service_name": "test-cluster-pd-peer", + "template": { + "metadata": { + "annotations": { + "prometheus.io/path": "/metrics", + "prometheus.io/port": "2379", + "prometheus.io/scrape": "true" + }, + "creation_timestamp": null, + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": { + "app.kubernetes.io/component": "pd", + "app.kubernetes.io/instance": "test-cluster", + "app.kubernetes.io/managed-by": "tidb-operator", + "app.kubernetes.io/name": "tidb-cluster" + }, + "managed_fields": null, + "name": null, + "namespace": null, + "owner_references": null, + "resource_version": null, + "self_link": null, + "uid": null + }, + "spec": { + "active_deadline_seconds": null, + "affinity": null, + "automount_service_account_token": null, + "containers": [ + { + "args": null, + "command": [ + "/bin/sh", + "/usr/local/bin/pd_start_script.sh" + ], + "env": [ + { + "name": "NAMESPACE", + "value": null, + "value_from": { + "config_map_key_ref": null, + "field_ref": { + "api_version": "v1", + "field_path": "metadata.namespace" + }, + "resource_field_ref": null, + "secret_key_ref": null + } + }, + { + "name": "PEER_SERVICE_NAME", + "value": "test-cluster-pd-peer", + "value_from": null + }, + { + "name": "SERVICE_NAME", + "value": "test-cluster-pd", + "value_from": null + }, + { + "name": "SET_NAME", + "value": "test-cluster-pd", + "value_from": null + }, + { + "name": "TZ", + "value": "UTC", + "value_from": null + } + ], + "env_from": null, + "image": "pingcap/pd:v5.4.0", + "image_pull_policy": "IfNotPresent", + "lifecycle": null, + "liveness_probe": null, + "name": "pd", + "ports": [ + { + "container_port": 2380, + "host_ip": null, + "host_port": null, + "name": "server", + "protocol": "TCP" + }, + { + "container_port": 2379, + "host_ip": null, + "host_port": null, + "name": "client", + "protocol": "TCP" + } + ], + "readiness_probe": null, + "resources": { + "claims": null, + "limits": null, + "requests": null + }, + "security_context": null, + "startup_probe": null, + "stdin": null, + "stdin_once": null, + "termination_message_path": "/dev/termination-log", + "termination_message_policy": "File", + "tty": null, + "volume_devices": null, + "volume_mounts": [ + { + "mount_path": "/etc/podinfo", + "mount_propagation": null, + "name": "annotations", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/etc/pd", + "mount_propagation": null, + "name": "config", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/usr/local/bin", + "mount_propagation": null, + "name": "startup-script", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/var/lib/pd", + "mount_propagation": null, + "name": "pd", + "read_only": null, + "sub_path": null, + "sub_path_expr": null + } + ], + "working_dir": null + } + ], + "dns_config": null, + "dns_policy": "ClusterFirst", + "enable_service_links": null, + "ephemeral_containers": null, + "host_aliases": null, + "host_ipc": null, + "host_network": null, + "host_pid": null, + "host_users": null, + "hostname": null, + "image_pull_secrets": null, + "init_containers": null, + "node_name": null, + "node_selector": null, + "os": null, + "overhead": null, + "preemption_policy": null, + "priority": null, + "priority_class_name": null, + "readiness_gates": null, + "resource_claims": null, + "restart_policy": "Always", + "runtime_class_name": null, + "scheduler_name": "default-scheduler", + "scheduling_gates": null, + "security_context": { + "fs_group": null, + "fs_group_change_policy": null, + "run_as_group": null, + "run_as_non_root": null, + "run_as_user": null, + "se_linux_options": null, + "seccomp_profile": null, + "supplemental_groups": null, + "sysctls": null, + "windows_options": null + }, + "service_account": null, + "service_account_name": null, + "set_hostname_as_fqdn": null, + "share_process_namespace": null, + "subdomain": null, + "termination_grace_period_seconds": 30, + "tolerations": null, + "topology_spread_constraints": null, + "volumes": [ + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": { + "default_mode": 420, + "items": [ + { + "field_ref": { + "api_version": "v1", + "field_path": "metadata.annotations" + }, + "mode": null, + "path": "annotations", + "resource_field_ref": null + } + ] + }, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "annotations", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": { + "default_mode": 420, + "items": [ + { + "key": "config-file", + "mode": null, + "path": "pd.toml" + } + ], + "name": "test-cluster-pd-3731616", + "optional": null + }, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "config", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": { + "default_mode": 420, + "items": [ + { + "key": "startup-script", + "mode": null, + "path": "pd_start_script.sh" + } + ], + "name": "test-cluster-pd-3731616", + "optional": null + }, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "startup-script", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + } + ] + } + }, + "update_strategy": { + "rolling_update": { + "max_unavailable": null, + "partition": 3 + }, + "type": "RollingUpdate" + }, + "volume_claim_templates": [ + { + "api_version": "v1", + "kind": "PersistentVolumeClaim", + "metadata": { + "annotations": null, + "creation_timestamp": null, + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": null, + "name": "pd", + "namespace": null, + "owner_references": null, + "resource_version": null, + "self_link": null, + "uid": null + }, + "spec": { + "access_modes": [ + "ReadWriteOnce" + ], + "data_source": null, + "data_source_ref": null, + "resources": { + "claims": null, + "limits": null, + "requests": { + "storage": "10Gi" + } + }, + "selector": null, + "storage_class_name": null, + "volume_mode": "Filesystem", + "volume_name": null + }, + "status": { + "access_modes": null, + "allocated_resources": null, + "capacity": null, + "conditions": null, + "phase": "Pending", + "resize_status": null + } + } + ] + }, + "status": { + "available_replicas": 3, + "collision_count": 0, + "conditions": null, + "current_replicas": 3, + "current_revision": "test-cluster-pd-859db88ddf", + "observed_generation": 1, + "ready_replicas": 3, + "replicas": 3, + "update_revision": "test-cluster-pd-859db88ddf", + "updated_replicas": 3 + } + }, + "test-cluster-tidb": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": { + "pingcap.com/last-applied-configuration": "{\"replicas\":3,\"selector\":{\"matchLabels\":{\"app.kubernetes.io/component\":\"tidb\",\"app.kubernetes.io/instance\":\"test-cluster\",\"app.kubernetes.io/managed-by\":\"tidb-operator\",\"app.kubernetes.io/name\":\"tidb-cluster\"}},\"template\":{\"metadata\":{\"creationTimestamp\":null,\"labels\":{\"app.kubernetes.io/component\":\"tidb\",\"app.kubernetes.io/instance\":\"test-cluster\",\"app.kubernetes.io/managed-by\":\"tidb-operator\",\"app.kubernetes.io/name\":\"tidb-cluster\"},\"annotations\":{\"prometheus.io/path\":\"/metrics\",\"prometheus.io/port\":\"10080\",\"prometheus.io/scrape\":\"true\"}},\"spec\":{\"volumes\":[{\"name\":\"annotations\",\"downwardAPI\":{\"items\":[{\"path\":\"annotations\",\"fieldRef\":{\"fieldPath\":\"metadata.annotations\"}}]}},{\"name\":\"config\",\"configMap\":{\"name\":\"test-cluster-tidb-6662316\",\"items\":[{\"key\":\"config-file\",\"path\":\"tidb.toml\"}]}},{\"name\":\"startup-script\",\"configMap\":{\"name\":\"test-cluster-tidb-6662316\",\"items\":[{\"key\":\"startup-script\",\"path\":\"tidb_start_script.sh\"}]}},{\"name\":\"slowlog\",\"emptyDir\":{}}],\"containers\":[{\"name\":\"slowlog\",\"image\":\"busybox:1.34.1\",\"command\":[\"sh\",\"-c\",\"touch /var/log/tidb/slowlog; tail -n0 -F /var/log/tidb/slowlog;\"],\"resources\":{},\"volumeMounts\":[{\"name\":\"slowlog\",\"mountPath\":\"/var/log/tidb\"}],\"imagePullPolicy\":\"IfNotPresent\"},{\"name\":\"tidb\",\"image\":\"pingcap/tidb:v5.4.0\",\"command\":[\"/bin/sh\",\"/usr/local/bin/tidb_start_script.sh\"],\"ports\":[{\"name\":\"server\",\"containerPort\":4000,\"protocol\":\"TCP\"},{\"name\":\"status\",\"containerPort\":10080,\"protocol\":\"TCP\"}],\"env\":[{\"name\":\"CLUSTER_NAME\",\"value\":\"test-cluster\"},{\"name\":\"TZ\",\"value\":\"UTC\"},{\"name\":\"BINLOG_ENABLED\",\"value\":\"false\"},{\"name\":\"SLOW_LOG_FILE\",\"value\":\"/var/log/tidb/slowlog\"},{\"name\":\"POD_NAME\",\"valueFrom\":{\"fieldRef\":{\"fieldPath\":\"metadata.name\"}}},{\"name\":\"NAMESPACE\",\"valueFrom\":{\"fieldRef\":{\"fieldPath\":\"metadata.namespace\"}}},{\"name\":\"HEADLESS_SERVICE_NAME\",\"value\":\"test-cluster-tidb-peer\"}],\"resources\":{},\"volumeMounts\":[{\"name\":\"annotations\",\"readOnly\":true,\"mountPath\":\"/etc/podinfo\"},{\"name\":\"config\",\"readOnly\":true,\"mountPath\":\"/etc/tidb\"},{\"name\":\"startup-script\",\"readOnly\":true,\"mountPath\":\"/usr/local/bin\"},{\"name\":\"slowlog\",\"mountPath\":\"/var/log/tidb\"}],\"readinessProbe\":{\"tcpSocket\":{\"port\":4000},\"initialDelaySeconds\":10},\"imagePullPolicy\":\"IfNotPresent\"}],\"restartPolicy\":\"Always\",\"dnsPolicy\":\"ClusterFirst\"}},\"serviceName\":\"test-cluster-tidb-peer\",\"podManagementPolicy\":\"Parallel\",\"updateStrategy\":{\"type\":\"RollingUpdate\",\"rollingUpdate\":{\"partition\":3}},\"revisionHistoryLimit\":10}" + }, + "creation_timestamp": "2024-02-27T01:20:52+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": 4, + "labels": { + "app.kubernetes.io/component": "tidb", + "app.kubernetes.io/instance": "test-cluster", + "app.kubernetes.io/managed-by": "tidb-operator", + "app.kubernetes.io/name": "tidb-cluster" + }, + "managed_fields": [ + { + "api_version": "apps/v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:status": { + "f:availableReplicas": {}, + "f:currentReplicas": {}, + "f:readyReplicas": {}, + "f:replicas": {} + } + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:22:26+00:00" + }, + { + "api_version": "apps/v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:status": { + "f:observedGeneration": {}, + "f:updateRevision": {}, + "f:updatedReplicas": {} + } + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": "status", + "time": "2024-02-27T01:29:55+00:00" + }, + { + "api_version": "apps/v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + ".": {}, + "f:pingcap.com/last-applied-configuration": {} + }, + "f:labels": { + ".": {}, + "f:app.kubernetes.io/component": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {} + }, + "f:ownerReferences": { + ".": {}, + "k:{\"uid\":\"eff6561e-bf0d-471c-99a1-71f35603bc87\"}": {} + } + }, + "f:spec": { + "f:persistentVolumeClaimRetentionPolicy": { + ".": {}, + "f:whenDeleted": {}, + "f:whenScaled": {} + }, + "f:podManagementPolicy": {}, + "f:replicas": {}, + "f:revisionHistoryLimit": {}, + "f:selector": {}, + "f:serviceName": {}, + "f:template": { + "f:metadata": { + "f:annotations": { + ".": {}, + "f:prometheus.io/path": {}, + "f:prometheus.io/port": {}, + "f:prometheus.io/scrape": {} + }, + "f:labels": { + ".": {}, + "f:app.kubernetes.io/component": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {} + } + }, + "f:spec": { + "f:containers": { + "k:{\"name\":\"slowlog\"}": { + ".": {}, + "f:command": {}, + "f:image": {}, + "f:imagePullPolicy": {}, + "f:name": {}, + "f:resources": {}, + "f:terminationMessagePath": {}, + "f:terminationMessagePolicy": {}, + "f:volumeMounts": { + ".": {}, + "k:{\"mountPath\":\"/var/log/tidb\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {} + } + } + }, + "k:{\"name\":\"tidb\"}": { + ".": {}, + "f:command": {}, + "f:env": { + ".": {}, + "k:{\"name\":\"BINLOG_ENABLED\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"CLUSTER_NAME\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"HEADLESS_SERVICE_NAME\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"NAMESPACE\"}": { + ".": {}, + "f:name": {}, + "f:valueFrom": { + ".": {}, + "f:fieldRef": {} + } + }, + "k:{\"name\":\"POD_NAME\"}": { + ".": {}, + "f:name": {}, + "f:valueFrom": { + ".": {}, + "f:fieldRef": {} + } + }, + "k:{\"name\":\"SLOW_LOG_FILE\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"TZ\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + } + }, + "f:image": {}, + "f:imagePullPolicy": {}, + "f:name": {}, + "f:ports": { + ".": {}, + "k:{\"containerPort\":4000,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + }, + "k:{\"containerPort\":10080,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + } + }, + "f:readinessProbe": { + ".": {}, + "f:failureThreshold": {}, + "f:initialDelaySeconds": {}, + "f:periodSeconds": {}, + "f:successThreshold": {}, + "f:tcpSocket": { + ".": {}, + "f:port": {} + }, + "f:timeoutSeconds": {} + }, + "f:resources": {}, + "f:terminationMessagePath": {}, + "f:terminationMessagePolicy": {}, + "f:volumeMounts": { + ".": {}, + "k:{\"mountPath\":\"/etc/podinfo\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {}, + "f:readOnly": {} + }, + "k:{\"mountPath\":\"/etc/tidb\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {}, + "f:readOnly": {} + }, + "k:{\"mountPath\":\"/usr/local/bin\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {}, + "f:readOnly": {} + }, + "k:{\"mountPath\":\"/var/log/tidb\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {} + } + } + } + }, + "f:dnsPolicy": {}, + "f:restartPolicy": {}, + "f:schedulerName": {}, + "f:securityContext": {}, + "f:terminationGracePeriodSeconds": {}, + "f:volumes": { + ".": {}, + "k:{\"name\":\"annotations\"}": { + ".": {}, + "f:downwardAPI": { + ".": {}, + "f:defaultMode": {}, + "f:items": {} + }, + "f:name": {} + }, + "k:{\"name\":\"config\"}": { + ".": {}, + "f:configMap": { + ".": {}, + "f:defaultMode": {}, + "f:items": {}, + "f:name": {} + }, + "f:name": {} + }, + "k:{\"name\":\"slowlog\"}": { + ".": {}, + "f:emptyDir": {}, + "f:name": {} + }, + "k:{\"name\":\"startup-script\"}": { + ".": {}, + "f:configMap": { + ".": {}, + "f:defaultMode": {}, + "f:items": {}, + "f:name": {} + }, + "f:name": {} + } + } + } + }, + "f:updateStrategy": { + "f:rollingUpdate": { + ".": {}, + "f:partition": {} + }, + "f:type": {} + } + } + }, + "manager": "tidb-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:29:55+00:00" + } + ], + "name": "test-cluster-tidb", + "namespace": "acto-namespace", + "owner_references": [ + { + "api_version": "pingcap.com/v1alpha1", + "block_owner_deletion": true, + "controller": true, + "kind": "TidbCluster", + "name": "test-cluster", + "uid": "eff6561e-bf0d-471c-99a1-71f35603bc87" + } + ], + "resource_version": "2733", + "self_link": null, + "uid": "275a96f1-4db6-4070-a665-2df5d784b843" + }, + "spec": { + "min_ready_seconds": null, + "ordinals": null, + "persistent_volume_claim_retention_policy": { + "when_deleted": "Retain", + "when_scaled": "Retain" + }, + "pod_management_policy": "Parallel", + "replicas": 3, + "revision_history_limit": 10, + "selector": { + "match_expressions": null, + "match_labels": { + "app.kubernetes.io/component": "tidb", + "app.kubernetes.io/instance": "test-cluster", + "app.kubernetes.io/managed-by": "tidb-operator", + "app.kubernetes.io/name": "tidb-cluster" + } + }, + "service_name": "test-cluster-tidb-peer", + "template": { + "metadata": { + "annotations": { + "prometheus.io/path": "/metrics", + "prometheus.io/port": "10080", + "prometheus.io/scrape": "true" + }, + "creation_timestamp": null, + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": { + "app.kubernetes.io/component": "tidb", + "app.kubernetes.io/instance": "test-cluster", + "app.kubernetes.io/managed-by": "tidb-operator", + "app.kubernetes.io/name": "tidb-cluster" + }, + "managed_fields": null, + "name": null, + "namespace": null, + "owner_references": null, + "resource_version": null, + "self_link": null, + "uid": null + }, + "spec": { + "active_deadline_seconds": null, + "affinity": null, + "automount_service_account_token": null, + "containers": [ + { + "args": null, + "command": [ + "sh", + "-c", + "touch /var/log/tidb/slowlog; tail -n0 -F /var/log/tidb/slowlog;" + ], + "env": null, + "env_from": null, + "image": "busybox:1.34.1", + "image_pull_policy": "IfNotPresent", + "lifecycle": null, + "liveness_probe": null, + "name": "slowlog", + "ports": null, + "readiness_probe": null, + "resources": { + "claims": null, + "limits": null, + "requests": null + }, + "security_context": null, + "startup_probe": null, + "stdin": null, + "stdin_once": null, + "termination_message_path": "/dev/termination-log", + "termination_message_policy": "File", + "tty": null, + "volume_devices": null, + "volume_mounts": [ + { + "mount_path": "/var/log/tidb", + "mount_propagation": null, + "name": "slowlog", + "read_only": null, + "sub_path": null, + "sub_path_expr": null + } + ], + "working_dir": null + }, + { + "args": null, + "command": [ + "/bin/sh", + "/usr/local/bin/tidb_start_script.sh" + ], + "env": [ + { + "name": "CLUSTER_NAME", + "value": "test-cluster", + "value_from": null + }, + { + "name": "TZ", + "value": "UTC", + "value_from": null + }, + { + "name": "BINLOG_ENABLED", + "value": "false", + "value_from": null + }, + { + "name": "SLOW_LOG_FILE", + "value": "/var/log/tidb/slowlog", + "value_from": null + }, + { + "name": "POD_NAME", + "value": null, + "value_from": { + "config_map_key_ref": null, + "field_ref": { + "api_version": "v1", + "field_path": "metadata.name" + }, + "resource_field_ref": null, + "secret_key_ref": null + } + }, + { + "name": "NAMESPACE", + "value": null, + "value_from": { + "config_map_key_ref": null, + "field_ref": { + "api_version": "v1", + "field_path": "metadata.namespace" + }, + "resource_field_ref": null, + "secret_key_ref": null + } + }, + { + "name": "HEADLESS_SERVICE_NAME", + "value": "test-cluster-tidb-peer", + "value_from": null + } + ], + "env_from": null, + "image": "pingcap/tidb:v5.4.0", + "image_pull_policy": "IfNotPresent", + "lifecycle": null, + "liveness_probe": null, + "name": "tidb", + "ports": [ + { + "container_port": 4000, + "host_ip": null, + "host_port": null, + "name": "server", + "protocol": "TCP" + }, + { + "container_port": 10080, + "host_ip": null, + "host_port": null, + "name": "status", + "protocol": "TCP" + } + ], + "readiness_probe": { + "_exec": null, + "failure_threshold": 3, + "grpc": null, + "http_get": null, + "initial_delay_seconds": 10, + "period_seconds": 10, + "success_threshold": 1, + "tcp_socket": { + "host": null, + "port": 4000 + }, + "termination_grace_period_seconds": null, + "timeout_seconds": 1 + }, + "resources": { + "claims": null, + "limits": null, + "requests": null + }, + "security_context": null, + "startup_probe": null, + "stdin": null, + "stdin_once": null, + "termination_message_path": "/dev/termination-log", + "termination_message_policy": "File", + "tty": null, + "volume_devices": null, + "volume_mounts": [ + { + "mount_path": "/etc/podinfo", + "mount_propagation": null, + "name": "annotations", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/etc/tidb", + "mount_propagation": null, + "name": "config", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/usr/local/bin", + "mount_propagation": null, + "name": "startup-script", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/var/log/tidb", + "mount_propagation": null, + "name": "slowlog", + "read_only": null, + "sub_path": null, + "sub_path_expr": null + } + ], + "working_dir": null + } + ], + "dns_config": null, + "dns_policy": "ClusterFirst", + "enable_service_links": null, + "ephemeral_containers": null, + "host_aliases": null, + "host_ipc": null, + "host_network": null, + "host_pid": null, + "host_users": null, + "hostname": null, + "image_pull_secrets": null, + "init_containers": null, + "node_name": null, + "node_selector": null, + "os": null, + "overhead": null, + "preemption_policy": null, + "priority": null, + "priority_class_name": null, + "readiness_gates": null, + "resource_claims": null, + "restart_policy": "Always", + "runtime_class_name": null, + "scheduler_name": "default-scheduler", + "scheduling_gates": null, + "security_context": { + "fs_group": null, + "fs_group_change_policy": null, + "run_as_group": null, + "run_as_non_root": null, + "run_as_user": null, + "se_linux_options": null, + "seccomp_profile": null, + "supplemental_groups": null, + "sysctls": null, + "windows_options": null + }, + "service_account": null, + "service_account_name": null, + "set_hostname_as_fqdn": null, + "share_process_namespace": null, + "subdomain": null, + "termination_grace_period_seconds": 30, + "tolerations": null, + "topology_spread_constraints": null, + "volumes": [ + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": { + "default_mode": 420, + "items": [ + { + "field_ref": { + "api_version": "v1", + "field_path": "metadata.annotations" + }, + "mode": null, + "path": "annotations", + "resource_field_ref": null + } + ] + }, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "annotations", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": { + "default_mode": 420, + "items": [ + { + "key": "config-file", + "mode": null, + "path": "tidb.toml" + } + ], + "name": "test-cluster-tidb-6662316", + "optional": null + }, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "config", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": { + "default_mode": 420, + "items": [ + { + "key": "startup-script", + "mode": null, + "path": "tidb_start_script.sh" + } + ], + "name": "test-cluster-tidb-6662316", + "optional": null + }, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "startup-script", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": null, + "empty_dir": { + "medium": null, + "size_limit": null + }, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "slowlog", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + } + ] + } + }, + "update_strategy": { + "rolling_update": { + "max_unavailable": null, + "partition": 3 + }, + "type": "RollingUpdate" + }, + "volume_claim_templates": null + }, + "status": { + "available_replicas": 2, + "collision_count": 0, + "conditions": null, + "current_replicas": 2, + "current_revision": "test-cluster-tidb-788bdc6cfc", + "observed_generation": 4, + "ready_replicas": 2, + "replicas": 3, + "update_revision": "test-cluster-tidb-788bdc6cfc", + "updated_replicas": 2 + } + }, + "test-cluster-tikv": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": { + "pingcap.com/last-applied-configuration": "{\"replicas\":3,\"selector\":{\"matchLabels\":{\"app.kubernetes.io/component\":\"tikv\",\"app.kubernetes.io/instance\":\"test-cluster\",\"app.kubernetes.io/managed-by\":\"tidb-operator\",\"app.kubernetes.io/name\":\"tidb-cluster\"}},\"template\":{\"metadata\":{\"creationTimestamp\":null,\"labels\":{\"app.kubernetes.io/component\":\"tikv\",\"app.kubernetes.io/instance\":\"test-cluster\",\"app.kubernetes.io/managed-by\":\"tidb-operator\",\"app.kubernetes.io/name\":\"tidb-cluster\"},\"annotations\":{\"prometheus.io/path\":\"/metrics\",\"prometheus.io/port\":\"20180\",\"prometheus.io/scrape\":\"true\"}},\"spec\":{\"volumes\":[{\"name\":\"annotations\",\"downwardAPI\":{\"items\":[{\"path\":\"annotations\",\"fieldRef\":{\"fieldPath\":\"metadata.annotations\"}}]}},{\"name\":\"config\",\"configMap\":{\"name\":\"test-cluster-tikv-3831336\",\"items\":[{\"key\":\"config-file\",\"path\":\"tikv.toml\"}]}},{\"name\":\"startup-script\",\"configMap\":{\"name\":\"test-cluster-tikv-3831336\",\"items\":[{\"key\":\"startup-script\",\"path\":\"tikv_start_script.sh\"}]}}],\"containers\":[{\"name\":\"raftlog\",\"image\":\"busybox:1.34.1\",\"command\":[\"sh\",\"-c\",\"touch /var/lib/tikv/raftdb.info; tail -n0 -F /var/lib/tikv/raftdb.info;\"],\"resources\":{},\"volumeMounts\":[{\"name\":\"tikv\",\"mountPath\":\"/var/lib/tikv\"}],\"imagePullPolicy\":\"IfNotPresent\"},{\"name\":\"tikv\",\"image\":\"pingcap/tikv:v5.4.0\",\"command\":[\"/bin/sh\",\"/usr/local/bin/tikv_start_script.sh\"],\"ports\":[{\"name\":\"server\",\"containerPort\":20160,\"protocol\":\"TCP\"}],\"env\":[{\"name\":\"NAMESPACE\",\"valueFrom\":{\"fieldRef\":{\"fieldPath\":\"metadata.namespace\"}}},{\"name\":\"CLUSTER_NAME\",\"value\":\"test-cluster\"},{\"name\":\"HEADLESS_SERVICE_NAME\",\"value\":\"test-cluster-tikv-peer\"},{\"name\":\"CAPACITY\",\"value\":\"0\"},{\"name\":\"TZ\",\"value\":\"UTC\"}],\"resources\":{},\"volumeMounts\":[{\"name\":\"annotations\",\"readOnly\":true,\"mountPath\":\"/etc/podinfo\"},{\"name\":\"tikv\",\"mountPath\":\"/var/lib/tikv\"},{\"name\":\"config\",\"readOnly\":true,\"mountPath\":\"/etc/tikv\"},{\"name\":\"startup-script\",\"readOnly\":true,\"mountPath\":\"/usr/local/bin\"}],\"imagePullPolicy\":\"IfNotPresent\",\"securityContext\":{\"privileged\":false}}],\"restartPolicy\":\"Always\",\"dnsPolicy\":\"ClusterFirst\"}},\"volumeClaimTemplates\":[{\"metadata\":{\"name\":\"tikv\",\"creationTimestamp\":null},\"spec\":{\"accessModes\":[\"ReadWriteOnce\"],\"resources\":{\"requests\":{\"storage\":\"100Gi\"}}},\"status\":{}}],\"serviceName\":\"test-cluster-tikv-peer\",\"podManagementPolicy\":\"Parallel\",\"updateStrategy\":{\"type\":\"RollingUpdate\",\"rollingUpdate\":{\"partition\":3}}}" + }, + "creation_timestamp": "2024-02-27T01:20:22+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": 1, + "labels": { + "app.kubernetes.io/component": "tikv", + "app.kubernetes.io/instance": "test-cluster", + "app.kubernetes.io/managed-by": "tidb-operator", + "app.kubernetes.io/name": "tidb-cluster" + }, + "managed_fields": [ + { + "api_version": "apps/v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + ".": {}, + "f:pingcap.com/last-applied-configuration": {} + }, + "f:labels": { + ".": {}, + "f:app.kubernetes.io/component": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {} + }, + "f:ownerReferences": { + ".": {}, + "k:{\"uid\":\"eff6561e-bf0d-471c-99a1-71f35603bc87\"}": {} + } + }, + "f:spec": { + "f:persistentVolumeClaimRetentionPolicy": { + ".": {}, + "f:whenDeleted": {}, + "f:whenScaled": {} + }, + "f:podManagementPolicy": {}, + "f:replicas": {}, + "f:revisionHistoryLimit": {}, + "f:selector": {}, + "f:serviceName": {}, + "f:template": { + "f:metadata": { + "f:annotations": { + ".": {}, + "f:prometheus.io/path": {}, + "f:prometheus.io/port": {}, + "f:prometheus.io/scrape": {} + }, + "f:labels": { + ".": {}, + "f:app.kubernetes.io/component": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {} + } + }, + "f:spec": { + "f:containers": { + "k:{\"name\":\"raftlog\"}": { + ".": {}, + "f:command": {}, + "f:image": {}, + "f:imagePullPolicy": {}, + "f:name": {}, + "f:resources": {}, + "f:terminationMessagePath": {}, + "f:terminationMessagePolicy": {}, + "f:volumeMounts": { + ".": {}, + "k:{\"mountPath\":\"/var/lib/tikv\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {} + } + } + }, + "k:{\"name\":\"tikv\"}": { + ".": {}, + "f:command": {}, + "f:env": { + ".": {}, + "k:{\"name\":\"CAPACITY\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"CLUSTER_NAME\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"HEADLESS_SERVICE_NAME\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"NAMESPACE\"}": { + ".": {}, + "f:name": {}, + "f:valueFrom": { + ".": {}, + "f:fieldRef": {} + } + }, + "k:{\"name\":\"TZ\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + } + }, + "f:image": {}, + "f:imagePullPolicy": {}, + "f:name": {}, + "f:ports": { + ".": {}, + "k:{\"containerPort\":20160,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + } + }, + "f:resources": {}, + "f:securityContext": { + ".": {}, + "f:privileged": {} + }, + "f:terminationMessagePath": {}, + "f:terminationMessagePolicy": {}, + "f:volumeMounts": { + ".": {}, + "k:{\"mountPath\":\"/etc/podinfo\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {}, + "f:readOnly": {} + }, + "k:{\"mountPath\":\"/etc/tikv\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {}, + "f:readOnly": {} + }, + "k:{\"mountPath\":\"/usr/local/bin\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {}, + "f:readOnly": {} + }, + "k:{\"mountPath\":\"/var/lib/tikv\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {} + } + } + } + }, + "f:dnsPolicy": {}, + "f:restartPolicy": {}, + "f:schedulerName": {}, + "f:securityContext": {}, + "f:terminationGracePeriodSeconds": {}, + "f:volumes": { + ".": {}, + "k:{\"name\":\"annotations\"}": { + ".": {}, + "f:downwardAPI": { + ".": {}, + "f:defaultMode": {}, + "f:items": {} + }, + "f:name": {} + }, + "k:{\"name\":\"config\"}": { + ".": {}, + "f:configMap": { + ".": {}, + "f:defaultMode": {}, + "f:items": {}, + "f:name": {} + }, + "f:name": {} + }, + "k:{\"name\":\"startup-script\"}": { + ".": {}, + "f:configMap": { + ".": {}, + "f:defaultMode": {}, + "f:items": {}, + "f:name": {} + }, + "f:name": {} + } + } + } + }, + "f:updateStrategy": { + "f:rollingUpdate": { + ".": {}, + "f:partition": {} + }, + "f:type": {} + }, + "f:volumeClaimTemplates": {} + } + }, + "manager": "tidb-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:22+00:00" + }, + { + "api_version": "apps/v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:status": { + "f:availableReplicas": {}, + "f:collisionCount": {}, + "f:currentReplicas": {}, + "f:currentRevision": {}, + "f:observedGeneration": {}, + "f:readyReplicas": {}, + "f:replicas": {}, + "f:updateRevision": {}, + "f:updatedReplicas": {} + } + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": "status", + "time": "2024-02-27T01:20:27+00:00" + } + ], + "name": "test-cluster-tikv", + "namespace": "acto-namespace", + "owner_references": [ + { + "api_version": "pingcap.com/v1alpha1", + "block_owner_deletion": true, + "controller": true, + "kind": "TidbCluster", + "name": "test-cluster", + "uid": "eff6561e-bf0d-471c-99a1-71f35603bc87" + } + ], + "resource_version": "1257", + "self_link": null, + "uid": "0ef3c69e-a6cc-4a35-915f-a63fca1b67f8" + }, + "spec": { + "min_ready_seconds": null, + "ordinals": null, + "persistent_volume_claim_retention_policy": { + "when_deleted": "Retain", + "when_scaled": "Retain" + }, + "pod_management_policy": "Parallel", + "replicas": 3, + "revision_history_limit": 10, + "selector": { + "match_expressions": null, + "match_labels": { + "app.kubernetes.io/component": "tikv", + "app.kubernetes.io/instance": "test-cluster", + "app.kubernetes.io/managed-by": "tidb-operator", + "app.kubernetes.io/name": "tidb-cluster" + } + }, + "service_name": "test-cluster-tikv-peer", + "template": { + "metadata": { + "annotations": { + "prometheus.io/path": "/metrics", + "prometheus.io/port": "20180", + "prometheus.io/scrape": "true" + }, + "creation_timestamp": null, + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": { + "app.kubernetes.io/component": "tikv", + "app.kubernetes.io/instance": "test-cluster", + "app.kubernetes.io/managed-by": "tidb-operator", + "app.kubernetes.io/name": "tidb-cluster" + }, + "managed_fields": null, + "name": null, + "namespace": null, + "owner_references": null, + "resource_version": null, + "self_link": null, + "uid": null + }, + "spec": { + "active_deadline_seconds": null, + "affinity": null, + "automount_service_account_token": null, + "containers": [ + { + "args": null, + "command": [ + "sh", + "-c", + "touch /var/lib/tikv/raftdb.info; tail -n0 -F /var/lib/tikv/raftdb.info;" + ], + "env": null, + "env_from": null, + "image": "busybox:1.34.1", + "image_pull_policy": "IfNotPresent", + "lifecycle": null, + "liveness_probe": null, + "name": "raftlog", + "ports": null, + "readiness_probe": null, + "resources": { + "claims": null, + "limits": null, + "requests": null + }, + "security_context": null, + "startup_probe": null, + "stdin": null, + "stdin_once": null, + "termination_message_path": "/dev/termination-log", + "termination_message_policy": "File", + "tty": null, + "volume_devices": null, + "volume_mounts": [ + { + "mount_path": "/var/lib/tikv", + "mount_propagation": null, + "name": "tikv", + "read_only": null, + "sub_path": null, + "sub_path_expr": null + } + ], + "working_dir": null + }, + { + "args": null, + "command": [ + "/bin/sh", + "/usr/local/bin/tikv_start_script.sh" + ], + "env": [ + { + "name": "NAMESPACE", + "value": null, + "value_from": { + "config_map_key_ref": null, + "field_ref": { + "api_version": "v1", + "field_path": "metadata.namespace" + }, + "resource_field_ref": null, + "secret_key_ref": null + } + }, + { + "name": "CLUSTER_NAME", + "value": "test-cluster", + "value_from": null + }, + { + "name": "HEADLESS_SERVICE_NAME", + "value": "test-cluster-tikv-peer", + "value_from": null + }, + { + "name": "CAPACITY", + "value": "0", + "value_from": null + }, + { + "name": "TZ", + "value": "UTC", + "value_from": null + } + ], + "env_from": null, + "image": "pingcap/tikv:v5.4.0", + "image_pull_policy": "IfNotPresent", + "lifecycle": null, + "liveness_probe": null, + "name": "tikv", + "ports": [ + { + "container_port": 20160, + "host_ip": null, + "host_port": null, + "name": "server", + "protocol": "TCP" + } + ], + "readiness_probe": null, + "resources": { + "claims": null, + "limits": null, + "requests": null + }, + "security_context": { + "allow_privilege_escalation": null, + "capabilities": null, + "privileged": false, + "proc_mount": null, + "read_only_root_filesystem": null, + "run_as_group": null, + "run_as_non_root": null, + "run_as_user": null, + "se_linux_options": null, + "seccomp_profile": null, + "windows_options": null + }, + "startup_probe": null, + "stdin": null, + "stdin_once": null, + "termination_message_path": "/dev/termination-log", + "termination_message_policy": "File", + "tty": null, + "volume_devices": null, + "volume_mounts": [ + { + "mount_path": "/etc/podinfo", + "mount_propagation": null, + "name": "annotations", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/var/lib/tikv", + "mount_propagation": null, + "name": "tikv", + "read_only": null, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/etc/tikv", + "mount_propagation": null, + "name": "config", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/usr/local/bin", + "mount_propagation": null, + "name": "startup-script", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + } + ], + "working_dir": null + } + ], + "dns_config": null, + "dns_policy": "ClusterFirst", + "enable_service_links": null, + "ephemeral_containers": null, + "host_aliases": null, + "host_ipc": null, + "host_network": null, + "host_pid": null, + "host_users": null, + "hostname": null, + "image_pull_secrets": null, + "init_containers": null, + "node_name": null, + "node_selector": null, + "os": null, + "overhead": null, + "preemption_policy": null, + "priority": null, + "priority_class_name": null, + "readiness_gates": null, + "resource_claims": null, + "restart_policy": "Always", + "runtime_class_name": null, + "scheduler_name": "default-scheduler", + "scheduling_gates": null, + "security_context": { + "fs_group": null, + "fs_group_change_policy": null, + "run_as_group": null, + "run_as_non_root": null, + "run_as_user": null, + "se_linux_options": null, + "seccomp_profile": null, + "supplemental_groups": null, + "sysctls": null, + "windows_options": null + }, + "service_account": null, + "service_account_name": null, + "set_hostname_as_fqdn": null, + "share_process_namespace": null, + "subdomain": null, + "termination_grace_period_seconds": 30, + "tolerations": null, + "topology_spread_constraints": null, + "volumes": [ + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": { + "default_mode": 420, + "items": [ + { + "field_ref": { + "api_version": "v1", + "field_path": "metadata.annotations" + }, + "mode": null, + "path": "annotations", + "resource_field_ref": null + } + ] + }, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "annotations", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": { + "default_mode": 420, + "items": [ + { + "key": "config-file", + "mode": null, + "path": "tikv.toml" + } + ], + "name": "test-cluster-tikv-3831336", + "optional": null + }, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "config", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": { + "default_mode": 420, + "items": [ + { + "key": "startup-script", + "mode": null, + "path": "tikv_start_script.sh" + } + ], + "name": "test-cluster-tikv-3831336", + "optional": null + }, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "startup-script", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + } + ] + } + }, + "update_strategy": { + "rolling_update": { + "max_unavailable": null, + "partition": 3 + }, + "type": "RollingUpdate" + }, + "volume_claim_templates": [ + { + "api_version": "v1", + "kind": "PersistentVolumeClaim", + "metadata": { + "annotations": null, + "creation_timestamp": null, + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": null, + "name": "tikv", + "namespace": null, + "owner_references": null, + "resource_version": null, + "self_link": null, + "uid": null + }, + "spec": { + "access_modes": [ + "ReadWriteOnce" + ], + "data_source": null, + "data_source_ref": null, + "resources": { + "claims": null, + "limits": null, + "requests": { + "storage": "100Gi" + } + }, + "selector": null, + "storage_class_name": null, + "volume_mode": "Filesystem", + "volume_name": null + }, + "status": { + "access_modes": null, + "allocated_resources": null, + "capacity": null, + "conditions": null, + "phase": "Pending", + "resize_status": null + } + } + ] + }, + "status": { + "available_replicas": 3, + "collision_count": 0, + "conditions": null, + "current_replicas": 3, + "current_revision": "test-cluster-tikv-797dfd54bf", + "observed_generation": 1, + "ready_replicas": 3, + "replicas": 3, + "update_revision": "test-cluster-tikv-797dfd54bf", + "updated_replicas": 3 + } + } + }, + "deployment": { + "test-cluster-discovery": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": { + "deployment.kubernetes.io/revision": "1", + "pingcap.com/last-applied-configuration": "{\"containers\":[{\"name\":\"discovery\",\"image\":\"pingcap/tidb-operator:v1.3.2\",\"command\":[\"/usr/local/bin/tidb-discovery\"],\"ports\":[{\"name\":\"discovery\",\"containerPort\":10261,\"protocol\":\"TCP\"},{\"name\":\"proxy\",\"containerPort\":10262,\"protocol\":\"TCP\"}],\"env\":[{\"name\":\"MY_POD_NAMESPACE\",\"valueFrom\":{\"fieldRef\":{\"fieldPath\":\"metadata.namespace\"}}},{\"name\":\"TZ\",\"value\":\"UTC\"},{\"name\":\"TC_NAME\",\"value\":\"test-cluster\"}],\"resources\":{},\"imagePullPolicy\":\"IfNotPresent\"}],\"restartPolicy\":\"Always\",\"dnsPolicy\":\"ClusterFirst\",\"serviceAccountName\":\"test-cluster-discovery\"}", + "pingcap.com/last-applied-podtemplate": "{\"containers\":[{\"name\":\"discovery\",\"image\":\"pingcap/tidb-operator:v1.3.2\",\"command\":[\"/usr/local/bin/tidb-discovery\"],\"ports\":[{\"name\":\"discovery\",\"containerPort\":10261,\"protocol\":\"TCP\"},{\"name\":\"proxy\",\"containerPort\":10262,\"protocol\":\"TCP\"}],\"env\":[{\"name\":\"MY_POD_NAMESPACE\",\"valueFrom\":{\"fieldRef\":{\"fieldPath\":\"metadata.namespace\"}}},{\"name\":\"TZ\",\"value\":\"UTC\"},{\"name\":\"TC_NAME\",\"value\":\"test-cluster\"}],\"resources\":{},\"imagePullPolicy\":\"IfNotPresent\"}],\"restartPolicy\":\"Always\",\"dnsPolicy\":\"ClusterFirst\",\"serviceAccountName\":\"test-cluster-discovery\"}" + }, + "creation_timestamp": "2024-02-27T01:19:59+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": 2, + "labels": { + "app.kubernetes.io/component": "discovery", + "app.kubernetes.io/instance": "test-cluster", + "app.kubernetes.io/managed-by": "tidb-operator", + "app.kubernetes.io/name": "tidb-cluster" + }, + "managed_fields": [ + { + "api_version": "apps/v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + ".": {}, + "f:pingcap.com/last-applied-configuration": {}, + "f:pingcap.com/last-applied-podtemplate": {} + }, + "f:labels": { + ".": {}, + "f:app.kubernetes.io/component": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {} + }, + "f:ownerReferences": { + ".": {}, + "k:{\"uid\":\"eff6561e-bf0d-471c-99a1-71f35603bc87\"}": {} + } + }, + "f:spec": { + "f:progressDeadlineSeconds": {}, + "f:replicas": {}, + "f:revisionHistoryLimit": {}, + "f:selector": {}, + "f:strategy": { + "f:type": {} + }, + "f:template": { + "f:metadata": { + "f:labels": { + ".": {}, + "f:app.kubernetes.io/component": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {} + } + }, + "f:spec": { + "f:containers": { + "k:{\"name\":\"discovery\"}": { + ".": {}, + "f:command": {}, + "f:env": { + ".": {}, + "k:{\"name\":\"MY_POD_NAMESPACE\"}": { + ".": {}, + "f:name": {}, + "f:valueFrom": { + ".": {}, + "f:fieldRef": {} + } + }, + "k:{\"name\":\"TC_NAME\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"TZ\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + } + }, + "f:image": {}, + "f:imagePullPolicy": {}, + "f:name": {}, + "f:ports": { + ".": {}, + "k:{\"containerPort\":10261,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + }, + "k:{\"containerPort\":10262,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + } + }, + "f:resources": {}, + "f:terminationMessagePath": {}, + "f:terminationMessagePolicy": {} + } + }, + "f:dnsPolicy": {}, + "f:restartPolicy": {}, + "f:schedulerName": {}, + "f:securityContext": {}, + "f:serviceAccount": {}, + "f:serviceAccountName": {}, + "f:terminationGracePeriodSeconds": {} + } + } + } + }, + "manager": "tidb-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:59+00:00" + }, + { + "api_version": "apps/v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:status": { + "f:availableReplicas": {}, + "f:conditions": { + "k:{\"type\":\"Available\"}": { + "f:lastTransitionTime": {}, + "f:lastUpdateTime": {}, + "f:message": {}, + "f:reason": {}, + "f:status": {} + }, + "k:{\"type\":\"Progressing\"}": { + "f:lastUpdateTime": {}, + "f:message": {}, + "f:reason": {} + } + }, + "f:readyReplicas": {} + } + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:01+00:00" + } + ], + "name": "test-cluster-discovery", + "namespace": "acto-namespace", + "owner_references": [ + { + "api_version": "pingcap.com/v1alpha1", + "block_owner_deletion": true, + "controller": true, + "kind": "TidbCluster", + "name": "test-cluster", + "uid": "eff6561e-bf0d-471c-99a1-71f35603bc87" + } + ], + "resource_version": "1026", + "self_link": null, + "uid": "8fd66bd1-82d7-4fd7-95b8-c25c509219de" + }, + "spec": { + "min_ready_seconds": null, + "paused": null, + "progress_deadline_seconds": 600, + "replicas": 1, + "revision_history_limit": 10, + "selector": { + "match_expressions": null, + "match_labels": { + "app.kubernetes.io/component": "discovery", + "app.kubernetes.io/instance": "test-cluster", + "app.kubernetes.io/managed-by": "tidb-operator", + "app.kubernetes.io/name": "tidb-cluster" + } + }, + "strategy": { + "rolling_update": null, + "type": "Recreate" + }, + "template": { + "metadata": { + "annotations": null, + "creation_timestamp": null, + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": { + "app.kubernetes.io/component": "discovery", + "app.kubernetes.io/instance": "test-cluster", + "app.kubernetes.io/managed-by": "tidb-operator", + "app.kubernetes.io/name": "tidb-cluster" + }, + "managed_fields": null, + "name": null, + "namespace": null, + "owner_references": null, + "resource_version": null, + "self_link": null, + "uid": null + }, + "spec": { + "active_deadline_seconds": null, + "affinity": null, + "automount_service_account_token": null, + "containers": [ + { + "args": null, + "command": [ + "/usr/local/bin/tidb-discovery" + ], + "env": [ + { + "name": "MY_POD_NAMESPACE", + "value": null, + "value_from": { + "config_map_key_ref": null, + "field_ref": { + "api_version": "v1", + "field_path": "metadata.namespace" + }, + "resource_field_ref": null, + "secret_key_ref": null + } + }, + { + "name": "TZ", + "value": "UTC", + "value_from": null + }, + { + "name": "TC_NAME", + "value": "test-cluster", + "value_from": null + } + ], + "env_from": null, + "image": "pingcap/tidb-operator:v1.3.2", + "image_pull_policy": "IfNotPresent", + "lifecycle": null, + "liveness_probe": null, + "name": "discovery", + "ports": [ + { + "container_port": 10261, + "host_ip": null, + "host_port": null, + "name": "discovery", + "protocol": "TCP" + }, + { + "container_port": 10262, + "host_ip": null, + "host_port": null, + "name": "proxy", + "protocol": "TCP" + } + ], + "readiness_probe": null, + "resources": { + "claims": null, + "limits": null, + "requests": null + }, + "security_context": null, + "startup_probe": null, + "stdin": null, + "stdin_once": null, + "termination_message_path": "/dev/termination-log", + "termination_message_policy": "File", + "tty": null, + "volume_devices": null, + "volume_mounts": null, + "working_dir": null + } + ], + "dns_config": null, + "dns_policy": "ClusterFirst", + "enable_service_links": null, + "ephemeral_containers": null, + "host_aliases": null, + "host_ipc": null, + "host_network": null, + "host_pid": null, + "host_users": null, + "hostname": null, + "image_pull_secrets": null, + "init_containers": null, + "node_name": null, + "node_selector": null, + "os": null, + "overhead": null, + "preemption_policy": null, + "priority": null, + "priority_class_name": null, + "readiness_gates": null, + "resource_claims": null, + "restart_policy": "Always", + "runtime_class_name": null, + "scheduler_name": "default-scheduler", + "scheduling_gates": null, + "security_context": { + "fs_group": null, + "fs_group_change_policy": null, + "run_as_group": null, + "run_as_non_root": null, + "run_as_user": null, + "se_linux_options": null, + "seccomp_profile": null, + "supplemental_groups": null, + "sysctls": null, + "windows_options": null + }, + "service_account": "test-cluster-discovery", + "service_account_name": "test-cluster-discovery", + "set_hostname_as_fqdn": null, + "share_process_namespace": null, + "subdomain": null, + "termination_grace_period_seconds": 30, + "tolerations": null, + "topology_spread_constraints": null, + "volumes": null + } + } + }, + "status": { + "available_replicas": 1, + "collision_count": null, + "conditions": [ + { + "last_transition_time": "2024-02-27T01:20:01+00:00", + "last_update_time": "2024-02-27T01:20:01+00:00", + "message": "Deployment has minimum availability.", + "reason": "MinimumReplicasAvailable", + "status": "True", + "type": "Available" + }, + { + "last_transition_time": "2024-02-27T01:19:59+00:00", + "last_update_time": "2024-02-27T01:20:01+00:00", + "message": "ReplicaSet \"test-cluster-discovery-689d8466cb\" has successfully progressed.", + "reason": "NewReplicaSetAvailable", + "status": "True", + "type": "Progressing" + } + ], + "observed_generation": 2, + "ready_replicas": 1, + "replicas": 1, + "unavailable_replicas": null, + "updated_replicas": 1 + } + }, + "tidb-controller-manager": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": { + "deployment.kubernetes.io/revision": "2" + }, + "creation_timestamp": "2024-02-27T01:19:29+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": 2, + "labels": { + "acto/tag": "operator-deployment", + "app.kubernetes.io/component": "controller-manager", + "app.kubernetes.io/instance": "acto-test-operator", + "app.kubernetes.io/managed-by": "Helm", + "app.kubernetes.io/name": "tidb-operator", + "helm.sh/chart": "tidb-operator-v1-canary" + }, + "managed_fields": [ + { + "api_version": "apps/v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:labels": { + "f:app.kubernetes.io/component": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {}, + "f:helm.sh/chart": {} + } + }, + "f:spec": { + "f:replicas": {}, + "f:selector": {}, + "f:template": { + "f:metadata": { + "f:labels": { + "f:app.kubernetes.io/component": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/name": {} + } + }, + "f:spec": { + "f:containers": { + "k:{\"name\":\"tidb-operator\"}": { + ".": {}, + "f:command": {}, + "f:env": { + "k:{\"name\":\"NAMESPACE\"}": { + ".": {}, + "f:name": {}, + "f:valueFrom": { + "f:fieldRef": {} + } + }, + "k:{\"name\":\"TZ\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + } + }, + "f:image": {}, + "f:imagePullPolicy": {}, + "f:livenessProbe": { + "f:failureThreshold": {}, + "f:initialDelaySeconds": {}, + "f:periodSeconds": {}, + "f:tcpSocket": { + "f:port": {} + } + }, + "f:name": {}, + "f:resources": { + "f:requests": { + "f:cpu": {}, + "f:memory": {} + } + } + } + }, + "f:serviceAccount": {} + } + } + } + }, + "manager": "kubectl", + "operation": "Apply", + "subresource": null, + "time": "2024-02-27T01:19:29+00:00" + }, + { + "api_version": "apps/v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:labels": { + "f:acto/tag": {} + } + }, + "f:spec": { + "f:template": { + "f:metadata": { + "f:labels": { + "f:acto/tag": {} + } + } + } + } + }, + "manager": "OpenAPI-Generator", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:34+00:00" + }, + { + "api_version": "apps/v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + ".": {}, + "f:deployment.kubernetes.io/revision": {} + } + }, + "f:status": { + "f:availableReplicas": {}, + "f:conditions": { + ".": {}, + "k:{\"type\":\"Available\"}": { + ".": {}, + "f:lastTransitionTime": {}, + "f:lastUpdateTime": {}, + "f:message": {}, + "f:reason": {}, + "f:status": {}, + "f:type": {} + }, + "k:{\"type\":\"Progressing\"}": { + ".": {}, + "f:lastTransitionTime": {}, + "f:lastUpdateTime": {}, + "f:message": {}, + "f:reason": {}, + "f:status": {}, + "f:type": {} + } + }, + "f:observedGeneration": {}, + "f:readyReplicas": {}, + "f:replicas": {}, + "f:updatedReplicas": {} + } + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": "status", + "time": "2024-02-27T01:19:35+00:00" + } + ], + "name": "tidb-controller-manager", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "782", + "self_link": null, + "uid": "9c9a1175-4094-401b-b70a-d6cf986e73ea" + }, + "spec": { + "min_ready_seconds": null, + "paused": null, + "progress_deadline_seconds": 600, + "replicas": 1, + "revision_history_limit": 10, + "selector": { + "match_expressions": null, + "match_labels": { + "app.kubernetes.io/component": "controller-manager", + "app.kubernetes.io/instance": "acto-test-operator", + "app.kubernetes.io/name": "tidb-operator" + } + }, + "strategy": { + "rolling_update": { + "max_surge": "25%", + "max_unavailable": "25%" + }, + "type": "RollingUpdate" + }, + "template": { + "metadata": { + "annotations": null, + "creation_timestamp": null, + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": { + "acto/tag": "operator-pod", + "app.kubernetes.io/component": "controller-manager", + "app.kubernetes.io/instance": "acto-test-operator", + "app.kubernetes.io/name": "tidb-operator" + }, + "managed_fields": null, + "name": null, + "namespace": null, + "owner_references": null, + "resource_version": null, + "self_link": null, + "uid": null + }, + "spec": { + "active_deadline_seconds": null, + "affinity": null, + "automount_service_account_token": null, + "containers": [ + { + "args": null, + "command": [ + "/usr/local/bin/tidb-controller-manager", + "-tidb-backup-manager-image=pingcap/tidb-backup-manager:v1.3.2", + "-tidb-discovery-image=pingcap/tidb-operator:v1.3.2", + "-cluster-scoped=true", + "-cluster-permission-node=true", + "-cluster-permission-pv=true", + "-cluster-permission-sc=true", + "-auto-failover=true", + "-pd-failover-period=5m", + "-tikv-failover-period=5m", + "-tiflash-failover-period=5m", + "-tidb-failover-period=5m", + "-dm-master-failover-period=5m", + "-dm-worker-failover-period=5m", + "-v=2" + ], + "env": [ + { + "name": "NAMESPACE", + "value": null, + "value_from": { + "config_map_key_ref": null, + "field_ref": { + "api_version": "v1", + "field_path": "metadata.namespace" + }, + "resource_field_ref": null, + "secret_key_ref": null + } + }, + { + "name": "TZ", + "value": "UTC", + "value_from": null + } + ], + "env_from": null, + "image": "pingcap/tidb-operator:v1.3.2", + "image_pull_policy": "IfNotPresent", + "lifecycle": null, + "liveness_probe": { + "_exec": null, + "failure_threshold": 10, + "grpc": null, + "http_get": null, + "initial_delay_seconds": 30, + "period_seconds": 10, + "success_threshold": 1, + "tcp_socket": { + "host": null, + "port": 6060 + }, + "termination_grace_period_seconds": null, + "timeout_seconds": 1 + }, + "name": "tidb-operator", + "ports": null, + "readiness_probe": null, + "resources": { + "claims": null, + "limits": null, + "requests": { + "cpu": "80m", + "memory": "50Mi" + } + }, + "security_context": null, + "startup_probe": null, + "stdin": null, + "stdin_once": null, + "termination_message_path": "/dev/termination-log", + "termination_message_policy": "File", + "tty": null, + "volume_devices": null, + "volume_mounts": null, + "working_dir": null + } + ], + "dns_config": null, + "dns_policy": "ClusterFirst", + "enable_service_links": null, + "ephemeral_containers": null, + "host_aliases": null, + "host_ipc": null, + "host_network": null, + "host_pid": null, + "host_users": null, + "hostname": null, + "image_pull_secrets": null, + "init_containers": null, + "node_name": null, + "node_selector": null, + "os": null, + "overhead": null, + "preemption_policy": null, + "priority": null, + "priority_class_name": null, + "readiness_gates": null, + "resource_claims": null, + "restart_policy": "Always", + "runtime_class_name": null, + "scheduler_name": "default-scheduler", + "scheduling_gates": null, + "security_context": { + "fs_group": null, + "fs_group_change_policy": null, + "run_as_group": null, + "run_as_non_root": null, + "run_as_user": null, + "se_linux_options": null, + "seccomp_profile": null, + "supplemental_groups": null, + "sysctls": null, + "windows_options": null + }, + "service_account": "tidb-controller-manager", + "service_account_name": "tidb-controller-manager", + "set_hostname_as_fqdn": null, + "share_process_namespace": null, + "subdomain": null, + "termination_grace_period_seconds": 30, + "tolerations": null, + "topology_spread_constraints": null, + "volumes": null + } + } + }, + "status": { + "available_replicas": 1, + "collision_count": null, + "conditions": [ + { + "last_transition_time": "2024-02-27T01:19:30+00:00", + "last_update_time": "2024-02-27T01:19:30+00:00", + "message": "Deployment has minimum availability.", + "reason": "MinimumReplicasAvailable", + "status": "True", + "type": "Available" + }, + { + "last_transition_time": "2024-02-27T01:19:29+00:00", + "last_update_time": "2024-02-27T01:19:35+00:00", + "message": "ReplicaSet \"tidb-controller-manager-7b6bdb846c\" has successfully progressed.", + "reason": "NewReplicaSetAvailable", + "status": "True", + "type": "Progressing" + } + ], + "observed_generation": 2, + "ready_replicas": 1, + "replicas": 1, + "unavailable_replicas": null, + "updated_replicas": 1 + } + }, + "tidb-scheduler": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": { + "deployment.kubernetes.io/revision": "2" + }, + "creation_timestamp": "2024-02-27T01:19:29+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": 2, + "labels": { + "acto/tag": "operator-deployment", + "app.kubernetes.io/component": "scheduler", + "app.kubernetes.io/instance": "acto-test-operator", + "app.kubernetes.io/managed-by": "Helm", + "app.kubernetes.io/name": "tidb-operator", + "helm.sh/chart": "tidb-operator-v1-canary" + }, + "managed_fields": [ + { + "api_version": "apps/v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:labels": { + "f:app.kubernetes.io/component": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {}, + "f:helm.sh/chart": {} + } + }, + "f:spec": { + "f:replicas": {}, + "f:selector": {}, + "f:template": { + "f:metadata": { + "f:labels": { + "f:app.kubernetes.io/component": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/name": {} + } + }, + "f:spec": { + "f:containers": { + "k:{\"name\":\"kube-scheduler\"}": { + ".": {}, + "f:command": {}, + "f:image": {}, + "f:imagePullPolicy": {}, + "f:name": {}, + "f:resources": { + "f:limits": { + "f:cpu": {}, + "f:memory": {} + }, + "f:requests": { + "f:cpu": {}, + "f:memory": {} + } + }, + "f:volumeMounts": { + "k:{\"mountPath\":\"/etc/kubernetes\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {} + } + } + }, + "k:{\"name\":\"tidb-scheduler\"}": { + ".": {}, + "f:command": {}, + "f:image": {}, + "f:imagePullPolicy": {}, + "f:name": {}, + "f:resources": { + "f:limits": { + "f:cpu": {}, + "f:memory": {} + }, + "f:requests": { + "f:cpu": {}, + "f:memory": {} + } + } + } + }, + "f:serviceAccount": {}, + "f:volumes": { + "k:{\"name\":\"scheduler-config\"}": { + ".": {}, + "f:configMap": { + "f:name": {} + }, + "f:name": {} + } + } + } + } + } + }, + "manager": "kubectl", + "operation": "Apply", + "subresource": null, + "time": "2024-02-27T01:19:29+00:00" + }, + { + "api_version": "apps/v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:labels": { + "f:acto/tag": {} + } + }, + "f:spec": { + "f:template": { + "f:metadata": { + "f:labels": { + "f:acto/tag": {} + } + } + } + } + }, + "manager": "OpenAPI-Generator", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:34+00:00" + }, + { + "api_version": "apps/v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + ".": {}, + "f:deployment.kubernetes.io/revision": {} + } + }, + "f:status": { + "f:availableReplicas": {}, + "f:conditions": { + ".": {}, + "k:{\"type\":\"Available\"}": { + ".": {}, + "f:lastTransitionTime": {}, + "f:lastUpdateTime": {}, + "f:message": {}, + "f:reason": {}, + "f:status": {}, + "f:type": {} + }, + "k:{\"type\":\"Progressing\"}": { + ".": {}, + "f:lastTransitionTime": {}, + "f:lastUpdateTime": {}, + "f:message": {}, + "f:reason": {}, + "f:status": {}, + "f:type": {} + } + }, + "f:observedGeneration": {}, + "f:readyReplicas": {}, + "f:replicas": {}, + "f:updatedReplicas": {} + } + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": "status", + "time": "2024-02-27T01:19:37+00:00" + } + ], + "name": "tidb-scheduler", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "803", + "self_link": null, + "uid": "20ba2e7c-07eb-48ca-a4b7-a91c7be753f3" + }, + "spec": { + "min_ready_seconds": null, + "paused": null, + "progress_deadline_seconds": 600, + "replicas": 1, + "revision_history_limit": 10, + "selector": { + "match_expressions": null, + "match_labels": { + "app.kubernetes.io/component": "scheduler", + "app.kubernetes.io/instance": "acto-test-operator", + "app.kubernetes.io/name": "tidb-operator" + } + }, + "strategy": { + "rolling_update": { + "max_surge": "25%", + "max_unavailable": "25%" + }, + "type": "RollingUpdate" + }, + "template": { + "metadata": { + "annotations": null, + "creation_timestamp": null, + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": { + "acto/tag": "operator-pod", + "app.kubernetes.io/component": "scheduler", + "app.kubernetes.io/instance": "acto-test-operator", + "app.kubernetes.io/name": "tidb-operator" + }, + "managed_fields": null, + "name": null, + "namespace": null, + "owner_references": null, + "resource_version": null, + "self_link": null, + "uid": null + }, + "spec": { + "active_deadline_seconds": null, + "affinity": null, + "automount_service_account_token": null, + "containers": [ + { + "args": null, + "command": [ + "/usr/local/bin/tidb-scheduler", + "-v=2", + "-port=10262" + ], + "env": null, + "env_from": null, + "image": "pingcap/tidb-operator:v1.3.2", + "image_pull_policy": "IfNotPresent", + "lifecycle": null, + "liveness_probe": null, + "name": "tidb-scheduler", + "ports": null, + "readiness_probe": null, + "resources": { + "claims": null, + "limits": { + "cpu": "250m", + "memory": "150Mi" + }, + "requests": { + "cpu": "80m", + "memory": "50Mi" + } + }, + "security_context": null, + "startup_probe": null, + "stdin": null, + "stdin_once": null, + "termination_message_path": "/dev/termination-log", + "termination_message_policy": "File", + "tty": null, + "volume_devices": null, + "volume_mounts": null, + "working_dir": null + }, + { + "args": null, + "command": [ + "kube-scheduler", + "--v=2", + "--config=/etc/kubernetes/scheduler-config.yaml" + ], + "env": null, + "env_from": null, + "image": "k8s.gcr.io/kube-scheduler:v1.22.9", + "image_pull_policy": "IfNotPresent", + "lifecycle": null, + "liveness_probe": null, + "name": "kube-scheduler", + "ports": null, + "readiness_probe": null, + "resources": { + "claims": null, + "limits": { + "cpu": "250m", + "memory": "150Mi" + }, + "requests": { + "cpu": "80m", + "memory": "50Mi" + } + }, + "security_context": null, + "startup_probe": null, + "stdin": null, + "stdin_once": null, + "termination_message_path": "/dev/termination-log", + "termination_message_policy": "File", + "tty": null, + "volume_devices": null, + "volume_mounts": [ + { + "mount_path": "/etc/kubernetes", + "mount_propagation": null, + "name": "scheduler-config", + "read_only": null, + "sub_path": null, + "sub_path_expr": null + } + ], + "working_dir": null + } + ], + "dns_config": null, + "dns_policy": "ClusterFirst", + "enable_service_links": null, + "ephemeral_containers": null, + "host_aliases": null, + "host_ipc": null, + "host_network": null, + "host_pid": null, + "host_users": null, + "hostname": null, + "image_pull_secrets": null, + "init_containers": null, + "node_name": null, + "node_selector": null, + "os": null, + "overhead": null, + "preemption_policy": null, + "priority": null, + "priority_class_name": null, + "readiness_gates": null, + "resource_claims": null, + "restart_policy": "Always", + "runtime_class_name": null, + "scheduler_name": "default-scheduler", + "scheduling_gates": null, + "security_context": { + "fs_group": null, + "fs_group_change_policy": null, + "run_as_group": null, + "run_as_non_root": null, + "run_as_user": null, + "se_linux_options": null, + "seccomp_profile": null, + "supplemental_groups": null, + "sysctls": null, + "windows_options": null + }, + "service_account": "tidb-scheduler", + "service_account_name": "tidb-scheduler", + "set_hostname_as_fqdn": null, + "share_process_namespace": null, + "subdomain": null, + "termination_grace_period_seconds": 30, + "tolerations": null, + "topology_spread_constraints": null, + "volumes": [ + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": { + "default_mode": 420, + "items": null, + "name": "tidb-scheduler-config", + "optional": null + }, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "scheduler-config", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + } + ] + } + } + }, + "status": { + "available_replicas": 1, + "collision_count": null, + "conditions": [ + { + "last_transition_time": "2024-02-27T01:19:32+00:00", + "last_update_time": "2024-02-27T01:19:32+00:00", + "message": "Deployment has minimum availability.", + "reason": "MinimumReplicasAvailable", + "status": "True", + "type": "Available" + }, + { + "last_transition_time": "2024-02-27T01:19:29+00:00", + "last_update_time": "2024-02-27T01:19:37+00:00", + "message": "ReplicaSet \"tidb-scheduler-77874455fc\" has successfully progressed.", + "reason": "NewReplicaSetAvailable", + "status": "True", + "type": "Progressing" + } + ], + "observed_generation": 2, + "ready_replicas": 1, + "replicas": 1, + "unavailable_replicas": null, + "updated_replicas": 1 + } + } + }, + "daemon_set": {}, + "config_map": { + "kube-root-ca.crt": { + "api_version": null, + "binary_data": null, + "data": { + "ca.crt": "-----BEGIN CERTIFICATE-----\nMIIDBTCCAe2gAwIBAgIIZ5THVDJZXfowDQYJKoZIhvcNAQELBQAwFTETMBEGA1UE\nAxMKa3ViZXJuZXRlczAeFw0yNDAyMjcwMTEzMzJaFw0zNDAyMjQwMTE4MzJaMBUx\nEzARBgNVBAMTCmt1YmVybmV0ZXMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK\nAoIBAQC1Y4Rwx+jwrwtDWJJOZ5NwOv+A8BinI3IHkXxnDLtH/gQzmHBGaJzQA78w\nLenHuRBNkouaCJ3LzEcivIhb40aYsM8uwu2eTQBEHBENK3OxkJ9QTr5fmYDLwBvb\nj7cvsRExy9fQV9ObFYJPDIw5u6DgiyXRbT2PFDuet6rwVFShRlrrIJ+iL5WtWvKK\n0Kn2qO9/iSSdDUcIIXP07pzVPYDrg+tlND4YrdIgl8LYqBiF1wDloi+Zl09vOGmt\nLbDY5mvkQxlSpUcIviLLNHbQ7KMLTzIZz2gvzWEPyQ20mWWiwDWdTB4H2w9Qiu42\n99G9Q8CglQtExnt56cSkqdJhJvwfAgMBAAGjWTBXMA4GA1UdDwEB/wQEAwICpDAP\nBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBQk8EwlGFM1CP/e8qI04IrQOALf1jAV\nBgNVHREEDjAMggprdWJlcm5ldGVzMA0GCSqGSIb3DQEBCwUAA4IBAQBXUKZmiMjl\nMbH5fAemGhfEC019prVPcP7ABB5cIq+V8bsPzGjhEv/+ZTeqwzYM8gU4Dq+vFErz\n2Mx55UmHkqo/yamqnKm19LvuSRmdE0Bhww4/WanACPJjvRJRh85IsI/cKiFPziIl\n0JbqWiV2o7HEDpLDA0Ya7fGSfQGmbgz3wo7+yU80eU9blO7J3fclTKfrDgvCERQO\nqqztfNuP/tOD42f2+El7F4O+yReF/aXA3BvQDNa2zT8PRs+dNFmQNwW12VVnFbuZ\nm0cbmXKnQs7Zm5gE9kqk0zjQRvd7UDLQC0YTBUBK7L18piQN0PdwySvsJkvMZkhn\nI5yzUmqVRIMn\n-----END CERTIFICATE-----\n" + }, + "immutable": null, + "kind": null, + "metadata": { + "annotations": { + "kubernetes.io/description": "Contains a CA bundle that can be used to verify the kube-apiserver when using internal endpoints such as the internal service IP or kubernetes.default.svc. No other usage is guaranteed across distributions of Kubernetes clusters." + }, + "creation_timestamp": "2024-02-27T01:19:22+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:data": { + ".": {}, + "f:ca.crt": {} + }, + "f:metadata": { + "f:annotations": { + ".": {}, + "f:kubernetes.io/description": {} + } + } + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:22+00:00" + } + ], + "name": "kube-root-ca.crt", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "628", + "self_link": null, + "uid": "99d40a37-6559-48b4-b71a-a3dd53006a1f" + } + }, + "test-cluster-pd-3731616": { + "api_version": null, + "binary_data": null, + "data": { + "config-file": "[dashboard]\n internal-proxy = true\n", + "startup-script": "#!/bin/sh\n\n# This script is used to start pd containers in kubernetes cluster\n\n# Use DownwardAPIVolumeFiles to store informations of the cluster:\n# https://kubernetes.io/docs/tasks/inject-data-application/downward-api-volume-expose-pod-information/#the-downward-api\n#\n# runmode=\"normal/debug\"\n#\n\nset -uo pipefail\n\nANNOTATIONS=\"/etc/podinfo/annotations\"\n\nif [[ ! -f \"${ANNOTATIONS}\" ]]\nthen\n echo \"${ANNOTATIONS} does't exist, exiting.\"\n exit 1\nfi\nsource ${ANNOTATIONS} 2>/dev/null\n\nrunmode=${runmode:-normal}\nif [[ X${runmode} == Xdebug ]]\nthen\n echo \"entering debug mode.\"\n tail -f /dev/null\nfi\n\n# Use HOSTNAME if POD_NAME is unset for backward compatibility.\nPOD_NAME=${POD_NAME:-$HOSTNAME}\n# the general form of variable PEER_SERVICE_NAME is: \"-pd-peer\"\ncluster_name=`echo ${PEER_SERVICE_NAME} | sed 's/-pd-peer//'`\ndomain=\"${POD_NAME}.${PEER_SERVICE_NAME}.${NAMESPACE}.svc\"\ndiscovery_url=\"${cluster_name}-discovery.${NAMESPACE}.svc:10261\"\nencoded_domain_url=`echo ${domain}:2380 | base64 | tr \"\\n\" \" \" | sed \"s/ //g\"`\nelapseTime=0\nperiod=1\nthreshold=30\nwhile true; do\nsleep ${period}\nelapseTime=$(( elapseTime+period ))\n\nif [[ ${elapseTime} -ge ${threshold} ]]\nthen\necho \"waiting for pd cluster ready timeout\" >&2\nexit 1\nfi\n\nif nslookup ${domain} 2>/dev/null\nthen\necho \"nslookup domain ${domain}.svc success\"\nbreak\nelse\necho \"nslookup domain ${domain} failed\" >&2\nfi\ndone\n\nARGS=\"--data-dir=/var/lib/pd \\\n--name=${POD_NAME} \\\n--peer-urls=http://0.0.0.0:2380 \\\n--advertise-peer-urls=http://${domain}:2380 \\\n--client-urls=http://0.0.0.0:2379 \\\n--advertise-client-urls=http://${domain}:2379 \\\n--config=/etc/pd/pd.toml \\\n\"\n\nif [[ -f /var/lib/pd/join ]]\nthen\n# The content of the join file is:\n# demo-pd-0=http://demo-pd-0.demo-pd-peer.demo.svc:2380,demo-pd-1=http://demo-pd-1.demo-pd-peer.demo.svc:2380\n# The --join args must be:\n# --join=http://demo-pd-0.demo-pd-peer.demo.svc:2380,http://demo-pd-1.demo-pd-peer.demo.svc:2380\njoin=`cat /var/lib/pd/join | tr \",\" \"\\n\" | awk -F'=' '{print $2}' | tr \"\\n\" \",\"`\njoin=${join%,}\nARGS=\"${ARGS} --join=${join}\"\nelif [[ ! -d /var/lib/pd/member/wal ]]\nthen\nuntil result=$(wget -qO- -T 3 http://${discovery_url}/new/${encoded_domain_url} 2>/dev/null); do\necho \"waiting for discovery service to return start args ...\"\nsleep $((RANDOM % 5))\ndone\nARGS=\"${ARGS}${result}\"\nfi\n\necho \"starting pd-server ...\"\nsleep $((RANDOM % 10))\necho \"/pd-server ${ARGS}\"\nexec /pd-server ${ARGS}\n" + }, + "immutable": null, + "kind": null, + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:19:59+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": { + "app.kubernetes.io/component": "pd", + "app.kubernetes.io/instance": "test-cluster", + "app.kubernetes.io/managed-by": "tidb-operator", + "app.kubernetes.io/name": "tidb-cluster" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:data": { + ".": {}, + "f:config-file": {}, + "f:startup-script": {} + }, + "f:metadata": { + "f:labels": { + ".": {}, + "f:app.kubernetes.io/component": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {} + }, + "f:ownerReferences": { + ".": {}, + "k:{\"uid\":\"eff6561e-bf0d-471c-99a1-71f35603bc87\"}": {} + } + } + }, + "manager": "tidb-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:59+00:00" + } + ], + "name": "test-cluster-pd-3731616", + "namespace": "acto-namespace", + "owner_references": [ + { + "api_version": "pingcap.com/v1alpha1", + "block_owner_deletion": true, + "controller": true, + "kind": "TidbCluster", + "name": "test-cluster", + "uid": "eff6561e-bf0d-471c-99a1-71f35603bc87" + } + ], + "resource_version": "878", + "self_link": null, + "uid": "e8f0acba-3029-41d3-97f4-d296393f3014" + } + }, + "test-cluster-tidb-6662316": { + "api_version": null, + "binary_data": null, + "data": { + "config-file": "[log]\n [log.file]\n max-backups = 3\n\n[performance]\n tcp-keep-alive = true\n", + "startup-script": "#!/bin/sh\n\n# This script is used to start tidb containers in kubernetes cluster\n\n# Use DownwardAPIVolumeFiles to store informations of the cluster:\n# https://kubernetes.io/docs/tasks/inject-data-application/downward-api-volume-expose-pod-information/#the-downward-api\n#\n# runmode=\"normal/debug\"\n#\nset -uo pipefail\n\nANNOTATIONS=\"/etc/podinfo/annotations\"\n\nif [[ ! -f \"${ANNOTATIONS}\" ]]\nthen\n echo \"${ANNOTATIONS} does't exist, exiting.\"\n exit 1\nfi\nsource ${ANNOTATIONS} 2>/dev/null\nrunmode=${runmode:-normal}\nif [[ X${runmode} == Xdebug ]]\nthen\n echo \"entering debug mode.\"\n tail -f /dev/null\nfi\n\n# Use HOSTNAME if POD_NAME is unset for backward compatibility.\nPOD_NAME=${POD_NAME:-$HOSTNAME}\nARGS=\"--store=tikv \\\n--advertise-address=${POD_NAME}.${HEADLESS_SERVICE_NAME}.${NAMESPACE}.svc \\\n--host=0.0.0.0 \\\n--path=${CLUSTER_NAME}-pd:2379 \\\n--config=/etc/tidb/tidb.toml\n\"\n\nif [[ X${BINLOG_ENABLED:-} == Xtrue ]]\nthen\n ARGS=\"${ARGS} --enable-binlog=true\"\nfi\n\nSLOW_LOG_FILE=${SLOW_LOG_FILE:-\"\"}\nif [[ ! -z \"${SLOW_LOG_FILE}\" ]]\nthen\n ARGS=\"${ARGS} --log-slow-query=${SLOW_LOG_FILE:-}\"\nfi\n\necho \"start tidb-server ...\"\necho \"/tidb-server ${ARGS}\"\nexec /tidb-server ${ARGS}\n" + }, + "immutable": null, + "kind": null, + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:52+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": { + "app.kubernetes.io/component": "tidb", + "app.kubernetes.io/instance": "test-cluster", + "app.kubernetes.io/managed-by": "tidb-operator", + "app.kubernetes.io/name": "tidb-cluster" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:data": { + ".": {}, + "f:config-file": {}, + "f:startup-script": {} + }, + "f:metadata": { + "f:labels": { + ".": {}, + "f:app.kubernetes.io/component": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {} + }, + "f:ownerReferences": { + ".": {}, + "k:{\"uid\":\"eff6561e-bf0d-471c-99a1-71f35603bc87\"}": {} + } + } + }, + "manager": "tidb-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:52+00:00" + } + ], + "name": "test-cluster-tidb-6662316", + "namespace": "acto-namespace", + "owner_references": [ + { + "api_version": "pingcap.com/v1alpha1", + "block_owner_deletion": true, + "controller": true, + "kind": "TidbCluster", + "name": "test-cluster", + "uid": "eff6561e-bf0d-471c-99a1-71f35603bc87" + } + ], + "resource_version": "1334", + "self_link": null, + "uid": "5d469b64-8189-40ac-ac5d-66c114e75604" + } + }, + "test-cluster-tikv-3831336": { + "api_version": null, + "binary_data": null, + "data": { + "config-file": "log-level = \"info\"\n", + "startup-script": "#!/bin/sh\n\n# This script is used to start tikv containers in kubernetes cluster\n\n# Use DownwardAPIVolumeFiles to store informations of the cluster:\n# https://kubernetes.io/docs/tasks/inject-data-application/downward-api-volume-expose-pod-information/#the-downward-api\n#\n# runmode=\"normal/debug\"\n#\n\nset -uo pipefail\n\nANNOTATIONS=\"/etc/podinfo/annotations\"\n\nif [[ ! -f \"${ANNOTATIONS}\" ]]\nthen\n echo \"${ANNOTATIONS} does't exist, exiting.\"\n exit 1\nfi\nsource ${ANNOTATIONS} 2>/dev/null\n\nrunmode=${runmode:-normal}\nif [[ X${runmode} == Xdebug ]]\nthen\n\techo \"entering debug mode.\"\n\ttail -f /dev/null\nfi\n\n# Use HOSTNAME if POD_NAME is unset for backward compatibility.\nPOD_NAME=${POD_NAME:-$HOSTNAME}\nARGS=\"--pd=http://${CLUSTER_NAME}-pd:2379 \\\n--advertise-addr=${POD_NAME}.${HEADLESS_SERVICE_NAME}.${NAMESPACE}.svc:20160 \\\n--addr=0.0.0.0:20160 \\\n--status-addr=0.0.0.0:20180 \\\n--advertise-status-addr=${POD_NAME}.${HEADLESS_SERVICE_NAME}.${NAMESPACE}.svc:20180 \\\n--data-dir=/var/lib/tikv \\\n--capacity=${CAPACITY} \\\n--config=/etc/tikv/tikv.toml\n\"\n\nif [ ! -z \"${STORE_LABELS:-}\" ]; then\n LABELS=\" --labels ${STORE_LABELS} \"\n ARGS=\"${ARGS}${LABELS}\"\nfi\n\necho \"starting tikv-server ...\"\necho \"/tikv-server ${ARGS}\"\nexec /tikv-server ${ARGS}\n" + }, + "immutable": null, + "kind": null, + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:22+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": { + "app.kubernetes.io/component": "tikv", + "app.kubernetes.io/instance": "test-cluster", + "app.kubernetes.io/managed-by": "tidb-operator", + "app.kubernetes.io/name": "tidb-cluster" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:data": { + ".": {}, + "f:config-file": {}, + "f:startup-script": {} + }, + "f:metadata": { + "f:labels": { + ".": {}, + "f:app.kubernetes.io/component": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {} + }, + "f:ownerReferences": { + ".": {}, + "k:{\"uid\":\"eff6561e-bf0d-471c-99a1-71f35603bc87\"}": {} + } + } + }, + "manager": "tidb-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:22+00:00" + } + ], + "name": "test-cluster-tikv-3831336", + "namespace": "acto-namespace", + "owner_references": [ + { + "api_version": "pingcap.com/v1alpha1", + "block_owner_deletion": true, + "controller": true, + "kind": "TidbCluster", + "name": "test-cluster", + "uid": "eff6561e-bf0d-471c-99a1-71f35603bc87" + } + ], + "resource_version": "1084", + "self_link": null, + "uid": "b38eb8e1-5d60-4588-bc0e-63f9fcd141ed" + } + }, + "tidb-scheduler-config": { + "api_version": null, + "binary_data": null, + "data": { + "scheduler-config.yaml": "\napiVersion: kubescheduler.config.k8s.io/v1beta1\nkind: KubeSchedulerConfiguration\nleaderElection:\n leaderElect: true\n resourceNamespace: acto-namespace\n resourceName: tidb-scheduler\nhealthzBindAddress: 0.0.0.0:10261\nmetricsBindAddress: 0.0.0.0:10261\nprofiles:\n - schedulerName: tidb-scheduler\nextenders:\n - urlPrefix: http://127.0.0.1:10262/scheduler\n filterVerb: filter\n preemptVerb: preempt\n weight: 1\n enableHTTPS: false\n httpTimeout: 30s" + }, + "immutable": null, + "kind": null, + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:19:29+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": { + "app.kubernetes.io/component": "scheduler", + "app.kubernetes.io/instance": "acto-test-operator", + "app.kubernetes.io/managed-by": "Helm", + "app.kubernetes.io/name": "tidb-operator", + "helm.sh/chart": "tidb-operator-v1-canary" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:data": { + "f:scheduler-config.yaml": {} + }, + "f:metadata": { + "f:labels": { + "f:app.kubernetes.io/component": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {}, + "f:helm.sh/chart": {} + } + } + }, + "manager": "kubectl", + "operation": "Apply", + "subresource": null, + "time": "2024-02-27T01:19:29+00:00" + } + ], + "name": "tidb-scheduler-config", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "670", + "self_link": null, + "uid": "6638d1a4-a2e6-4b27-9cac-00d69352ad49" + } + } + }, + "service": { + "test-cluster-discovery": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": { + "pingcap.com/last-applied-configuration": "{\"ports\":[{\"name\":\"discovery\",\"protocol\":\"TCP\",\"port\":10261,\"targetPort\":10261},{\"name\":\"proxy\",\"protocol\":\"TCP\",\"port\":10262,\"targetPort\":10262}],\"selector\":{\"app.kubernetes.io/component\":\"discovery\",\"app.kubernetes.io/instance\":\"test-cluster\",\"app.kubernetes.io/managed-by\":\"tidb-operator\",\"app.kubernetes.io/name\":\"tidb-cluster\"},\"type\":\"ClusterIP\"}" + }, + "creation_timestamp": "2024-02-27T01:19:59+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": { + "app.kubernetes.io/component": "discovery", + "app.kubernetes.io/instance": "test-cluster", + "app.kubernetes.io/managed-by": "tidb-operator", + "app.kubernetes.io/name": "tidb-cluster" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + ".": {}, + "f:pingcap.com/last-applied-configuration": {} + }, + "f:labels": { + ".": {}, + "f:app.kubernetes.io/component": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {} + }, + "f:ownerReferences": { + ".": {}, + "k:{\"uid\":\"eff6561e-bf0d-471c-99a1-71f35603bc87\"}": {} + } + }, + "f:spec": { + "f:internalTrafficPolicy": {}, + "f:ports": { + ".": {}, + "k:{\"port\":10261,\"protocol\":\"TCP\"}": { + ".": {}, + "f:name": {}, + "f:port": {}, + "f:protocol": {}, + "f:targetPort": {} + }, + "k:{\"port\":10262,\"protocol\":\"TCP\"}": { + ".": {}, + "f:name": {}, + "f:port": {}, + "f:protocol": {}, + "f:targetPort": {} + } + }, + "f:selector": {}, + "f:sessionAffinity": {}, + "f:type": {} + } + }, + "manager": "tidb-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:00+00:00" + } + ], + "name": "test-cluster-discovery", + "namespace": "acto-namespace", + "owner_references": [ + { + "api_version": "pingcap.com/v1alpha1", + "block_owner_deletion": true, + "controller": true, + "kind": "TidbCluster", + "name": "test-cluster", + "uid": "eff6561e-bf0d-471c-99a1-71f35603bc87" + } + ], + "resource_version": "928", + "self_link": null, + "uid": "dacb197f-8ce0-4941-90a3-0afbc90920be" + }, + "spec": { + "allocate_load_balancer_node_ports": null, + "cluster_ip": "10.96.113.100", + "cluster_i_ps": [ + "10.96.113.100" + ], + "external_i_ps": null, + "external_name": null, + "external_traffic_policy": null, + "health_check_node_port": null, + "internal_traffic_policy": "Cluster", + "ip_families": [ + "IPv4" + ], + "ip_family_policy": "SingleStack", + "load_balancer_class": null, + "load_balancer_ip": null, + "load_balancer_source_ranges": null, + "ports": [ + { + "app_protocol": null, + "name": "discovery", + "node_port": null, + "port": 10261, + "protocol": "TCP", + "target_port": 10261 + }, + { + "app_protocol": null, + "name": "proxy", + "node_port": null, + "port": 10262, + "protocol": "TCP", + "target_port": 10262 + } + ], + "publish_not_ready_addresses": null, + "selector": { + "app.kubernetes.io/component": "discovery", + "app.kubernetes.io/instance": "test-cluster", + "app.kubernetes.io/managed-by": "tidb-operator", + "app.kubernetes.io/name": "tidb-cluster" + }, + "session_affinity": "None", + "session_affinity_config": null, + "type": "ClusterIP" + }, + "status": { + "conditions": null, + "load_balancer": { + "ingress": null + } + } + }, + "test-cluster-pd": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": { + "pingcap.com/last-applied-configuration": "{\"ports\":[{\"name\":\"client\",\"protocol\":\"TCP\",\"port\":2379,\"targetPort\":2379}],\"selector\":{\"app.kubernetes.io/component\":\"pd\",\"app.kubernetes.io/instance\":\"test-cluster\",\"app.kubernetes.io/managed-by\":\"tidb-operator\",\"app.kubernetes.io/name\":\"tidb-cluster\"},\"type\":\"ClusterIP\"}" + }, + "creation_timestamp": "2024-02-27T01:19:59+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": { + "app.kubernetes.io/component": "pd", + "app.kubernetes.io/instance": "test-cluster", + "app.kubernetes.io/managed-by": "tidb-operator", + "app.kubernetes.io/name": "tidb-cluster", + "app.kubernetes.io/used-by": "end-user" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + ".": {}, + "f:pingcap.com/last-applied-configuration": {} + }, + "f:labels": { + ".": {}, + "f:app.kubernetes.io/component": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {}, + "f:app.kubernetes.io/used-by": {} + }, + "f:ownerReferences": { + ".": {}, + "k:{\"uid\":\"eff6561e-bf0d-471c-99a1-71f35603bc87\"}": {} + } + }, + "f:spec": { + "f:internalTrafficPolicy": {}, + "f:ports": { + ".": {}, + "k:{\"port\":2379,\"protocol\":\"TCP\"}": { + ".": {}, + "f:name": {}, + "f:port": {}, + "f:protocol": {}, + "f:targetPort": {} + } + }, + "f:selector": {}, + "f:sessionAffinity": {}, + "f:type": {} + } + }, + "manager": "tidb-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:59+00:00" + } + ], + "name": "test-cluster-pd", + "namespace": "acto-namespace", + "owner_references": [ + { + "api_version": "pingcap.com/v1alpha1", + "block_owner_deletion": true, + "controller": true, + "kind": "TidbCluster", + "name": "test-cluster", + "uid": "eff6561e-bf0d-471c-99a1-71f35603bc87" + } + ], + "resource_version": "866", + "self_link": null, + "uid": "bfca2001-d6f7-43f8-a2a7-49cd50d33a5c" + }, + "spec": { + "allocate_load_balancer_node_ports": null, + "cluster_ip": "10.96.11.162", + "cluster_i_ps": [ + "10.96.11.162" + ], + "external_i_ps": null, + "external_name": null, + "external_traffic_policy": null, + "health_check_node_port": null, + "internal_traffic_policy": "Cluster", + "ip_families": [ + "IPv4" + ], + "ip_family_policy": "SingleStack", + "load_balancer_class": null, + "load_balancer_ip": null, + "load_balancer_source_ranges": null, + "ports": [ + { + "app_protocol": null, + "name": "client", + "node_port": null, + "port": 2379, + "protocol": "TCP", + "target_port": 2379 + } + ], + "publish_not_ready_addresses": null, + "selector": { + "app.kubernetes.io/component": "pd", + "app.kubernetes.io/instance": "test-cluster", + "app.kubernetes.io/managed-by": "tidb-operator", + "app.kubernetes.io/name": "tidb-cluster" + }, + "session_affinity": "None", + "session_affinity_config": null, + "type": "ClusterIP" + }, + "status": { + "conditions": null, + "load_balancer": { + "ingress": null + } + } + }, + "test-cluster-pd-peer": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": { + "pingcap.com/last-applied-configuration": "{\"ports\":[{\"name\":\"tcp-peer-2380\",\"protocol\":\"TCP\",\"port\":2380,\"targetPort\":2380},{\"name\":\"tcp-peer-2379\",\"protocol\":\"TCP\",\"port\":2379,\"targetPort\":2379}],\"selector\":{\"app.kubernetes.io/component\":\"pd\",\"app.kubernetes.io/instance\":\"test-cluster\",\"app.kubernetes.io/managed-by\":\"tidb-operator\",\"app.kubernetes.io/name\":\"tidb-cluster\"},\"clusterIP\":\"None\",\"publishNotReadyAddresses\":true}" + }, + "creation_timestamp": "2024-02-27T01:19:59+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": { + "app.kubernetes.io/component": "pd", + "app.kubernetes.io/instance": "test-cluster", + "app.kubernetes.io/managed-by": "tidb-operator", + "app.kubernetes.io/name": "tidb-cluster", + "app.kubernetes.io/used-by": "peer" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + ".": {}, + "f:pingcap.com/last-applied-configuration": {} + }, + "f:labels": { + ".": {}, + "f:app.kubernetes.io/component": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {}, + "f:app.kubernetes.io/used-by": {} + }, + "f:ownerReferences": { + ".": {}, + "k:{\"uid\":\"eff6561e-bf0d-471c-99a1-71f35603bc87\"}": {} + } + }, + "f:spec": { + "f:clusterIP": {}, + "f:internalTrafficPolicy": {}, + "f:ports": { + ".": {}, + "k:{\"port\":2379,\"protocol\":\"TCP\"}": { + ".": {}, + "f:name": {}, + "f:port": {}, + "f:protocol": {}, + "f:targetPort": {} + }, + "k:{\"port\":2380,\"protocol\":\"TCP\"}": { + ".": {}, + "f:name": {}, + "f:port": {}, + "f:protocol": {}, + "f:targetPort": {} + } + }, + "f:publishNotReadyAddresses": {}, + "f:selector": {}, + "f:sessionAffinity": {}, + "f:type": {} + } + }, + "manager": "tidb-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:59+00:00" + } + ], + "name": "test-cluster-pd-peer", + "namespace": "acto-namespace", + "owner_references": [ + { + "api_version": "pingcap.com/v1alpha1", + "block_owner_deletion": true, + "controller": true, + "kind": "TidbCluster", + "name": "test-cluster", + "uid": "eff6561e-bf0d-471c-99a1-71f35603bc87" + } + ], + "resource_version": "873", + "self_link": null, + "uid": "4be4a2f6-d8ec-4083-8b16-079122485476" + }, + "spec": { + "allocate_load_balancer_node_ports": null, + "cluster_ip": "None", + "cluster_i_ps": [ + "None" + ], + "external_i_ps": null, + "external_name": null, + "external_traffic_policy": null, + "health_check_node_port": null, + "internal_traffic_policy": "Cluster", + "ip_families": [ + "IPv4" + ], + "ip_family_policy": "SingleStack", + "load_balancer_class": null, + "load_balancer_ip": null, + "load_balancer_source_ranges": null, + "ports": [ + { + "app_protocol": null, + "name": "tcp-peer-2380", + "node_port": null, + "port": 2380, + "protocol": "TCP", + "target_port": 2380 + }, + { + "app_protocol": null, + "name": "tcp-peer-2379", + "node_port": null, + "port": 2379, + "protocol": "TCP", + "target_port": 2379 + } + ], + "publish_not_ready_addresses": true, + "selector": { + "app.kubernetes.io/component": "pd", + "app.kubernetes.io/instance": "test-cluster", + "app.kubernetes.io/managed-by": "tidb-operator", + "app.kubernetes.io/name": "tidb-cluster" + }, + "session_affinity": "None", + "session_affinity_config": null, + "type": "ClusterIP" + }, + "status": { + "conditions": null, + "load_balancer": { + "ingress": null + } + } + }, + "test-cluster-tidb": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": { + "pingcap.com/last-applied-configuration": "{\"ports\":[{\"name\":\"mysql-client\",\"protocol\":\"TCP\",\"port\":4000,\"targetPort\":4000,\"nodePort\":31115},{\"name\":\"status\",\"protocol\":\"TCP\",\"port\":10080,\"targetPort\":10080,\"nodePort\":32125}],\"selector\":{\"app.kubernetes.io/component\":\"tidb\",\"app.kubernetes.io/instance\":\"test-cluster\",\"app.kubernetes.io/managed-by\":\"tidb-operator\",\"app.kubernetes.io/name\":\"tidb-cluster\"},\"type\":\"NodePort\",\"externalTrafficPolicy\":\"Local\"}" + }, + "creation_timestamp": "2024-02-27T01:20:52+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": { + "app.kubernetes.io/component": "tidb", + "app.kubernetes.io/instance": "test-cluster", + "app.kubernetes.io/managed-by": "tidb-operator", + "app.kubernetes.io/name": "tidb-cluster", + "app.kubernetes.io/used-by": "end-user" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + ".": {}, + "f:pingcap.com/last-applied-configuration": {} + }, + "f:labels": { + ".": {}, + "f:app.kubernetes.io/component": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {}, + "f:app.kubernetes.io/used-by": {} + }, + "f:ownerReferences": { + ".": {}, + "k:{\"uid\":\"eff6561e-bf0d-471c-99a1-71f35603bc87\"}": {} + } + }, + "f:spec": { + "f:externalTrafficPolicy": {}, + "f:internalTrafficPolicy": {}, + "f:ports": { + ".": {}, + "k:{\"port\":4000,\"protocol\":\"TCP\"}": { + ".": {}, + "f:name": {}, + "f:port": {}, + "f:protocol": {}, + "f:targetPort": {} + }, + "k:{\"port\":10080,\"protocol\":\"TCP\"}": { + ".": {}, + "f:name": {}, + "f:port": {}, + "f:protocol": {}, + "f:targetPort": {} + } + }, + "f:selector": {}, + "f:sessionAffinity": {}, + "f:type": {} + } + }, + "manager": "tidb-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:56+00:00" + } + ], + "name": "test-cluster-tidb", + "namespace": "acto-namespace", + "owner_references": [ + { + "api_version": "pingcap.com/v1alpha1", + "block_owner_deletion": true, + "controller": true, + "kind": "TidbCluster", + "name": "test-cluster", + "uid": "eff6561e-bf0d-471c-99a1-71f35603bc87" + } + ], + "resource_version": "1420", + "self_link": null, + "uid": "cfb9a88d-a203-4da8-9845-679a2d34ddae" + }, + "spec": { + "allocate_load_balancer_node_ports": null, + "cluster_ip": "10.96.9.145", + "cluster_i_ps": [ + "10.96.9.145" + ], + "external_i_ps": null, + "external_name": null, + "external_traffic_policy": "Local", + "health_check_node_port": null, + "internal_traffic_policy": "Cluster", + "ip_families": [ + "IPv4" + ], + "ip_family_policy": "SingleStack", + "load_balancer_class": null, + "load_balancer_ip": null, + "load_balancer_source_ranges": null, + "ports": [ + { + "app_protocol": null, + "name": "mysql-client", + "node_port": 31115, + "port": 4000, + "protocol": "TCP", + "target_port": 4000 + }, + { + "app_protocol": null, + "name": "status", + "node_port": 32125, + "port": 10080, + "protocol": "TCP", + "target_port": 10080 + } + ], + "publish_not_ready_addresses": null, + "selector": { + "app.kubernetes.io/component": "tidb", + "app.kubernetes.io/instance": "test-cluster", + "app.kubernetes.io/managed-by": "tidb-operator", + "app.kubernetes.io/name": "tidb-cluster" + }, + "session_affinity": "None", + "session_affinity_config": null, + "type": "NodePort" + }, + "status": { + "conditions": null, + "load_balancer": { + "ingress": null + } + } + }, + "test-cluster-tidb-peer": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": { + "pingcap.com/last-applied-configuration": "{\"ports\":[{\"name\":\"status\",\"protocol\":\"TCP\",\"port\":10080,\"targetPort\":10080}],\"selector\":{\"app.kubernetes.io/component\":\"tidb\",\"app.kubernetes.io/instance\":\"test-cluster\",\"app.kubernetes.io/managed-by\":\"tidb-operator\",\"app.kubernetes.io/name\":\"tidb-cluster\"},\"clusterIP\":\"None\",\"publishNotReadyAddresses\":true}" + }, + "creation_timestamp": "2024-02-27T01:20:52+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": { + "app.kubernetes.io/component": "tidb", + "app.kubernetes.io/instance": "test-cluster", + "app.kubernetes.io/managed-by": "tidb-operator", + "app.kubernetes.io/name": "tidb-cluster", + "app.kubernetes.io/used-by": "peer" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + ".": {}, + "f:pingcap.com/last-applied-configuration": {} + }, + "f:labels": { + ".": {}, + "f:app.kubernetes.io/component": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {}, + "f:app.kubernetes.io/used-by": {} + }, + "f:ownerReferences": { + ".": {}, + "k:{\"uid\":\"eff6561e-bf0d-471c-99a1-71f35603bc87\"}": {} + } + }, + "f:spec": { + "f:clusterIP": {}, + "f:internalTrafficPolicy": {}, + "f:ports": { + ".": {}, + "k:{\"port\":10080,\"protocol\":\"TCP\"}": { + ".": {}, + "f:name": {}, + "f:port": {}, + "f:protocol": {}, + "f:targetPort": {} + } + }, + "f:publishNotReadyAddresses": {}, + "f:selector": {}, + "f:sessionAffinity": {}, + "f:type": {} + } + }, + "manager": "tidb-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:52+00:00" + } + ], + "name": "test-cluster-tidb-peer", + "namespace": "acto-namespace", + "owner_references": [ + { + "api_version": "pingcap.com/v1alpha1", + "block_owner_deletion": true, + "controller": true, + "kind": "TidbCluster", + "name": "test-cluster", + "uid": "eff6561e-bf0d-471c-99a1-71f35603bc87" + } + ], + "resource_version": "1324", + "self_link": null, + "uid": "abae9ada-e2f2-4dd5-b77d-f56c4bd4422f" + }, + "spec": { + "allocate_load_balancer_node_ports": null, + "cluster_ip": "None", + "cluster_i_ps": [ + "None" + ], + "external_i_ps": null, + "external_name": null, + "external_traffic_policy": null, + "health_check_node_port": null, + "internal_traffic_policy": "Cluster", + "ip_families": [ + "IPv4" + ], + "ip_family_policy": "SingleStack", + "load_balancer_class": null, + "load_balancer_ip": null, + "load_balancer_source_ranges": null, + "ports": [ + { + "app_protocol": null, + "name": "status", + "node_port": null, + "port": 10080, + "protocol": "TCP", + "target_port": 10080 + } + ], + "publish_not_ready_addresses": true, + "selector": { + "app.kubernetes.io/component": "tidb", + "app.kubernetes.io/instance": "test-cluster", + "app.kubernetes.io/managed-by": "tidb-operator", + "app.kubernetes.io/name": "tidb-cluster" + }, + "session_affinity": "None", + "session_affinity_config": null, + "type": "ClusterIP" + }, + "status": { + "conditions": null, + "load_balancer": { + "ingress": null + } + } + }, + "test-cluster-tikv-peer": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": { + "pingcap.com/last-applied-configuration": "{\"ports\":[{\"name\":\"peer\",\"protocol\":\"TCP\",\"port\":20160,\"targetPort\":20160}],\"selector\":{\"app.kubernetes.io/component\":\"tikv\",\"app.kubernetes.io/instance\":\"test-cluster\",\"app.kubernetes.io/managed-by\":\"tidb-operator\",\"app.kubernetes.io/name\":\"tidb-cluster\"},\"clusterIP\":\"None\",\"publishNotReadyAddresses\":true}" + }, + "creation_timestamp": "2024-02-27T01:20:22+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": { + "app.kubernetes.io/component": "tikv", + "app.kubernetes.io/instance": "test-cluster", + "app.kubernetes.io/managed-by": "tidb-operator", + "app.kubernetes.io/name": "tidb-cluster", + "app.kubernetes.io/used-by": "peer" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + ".": {}, + "f:pingcap.com/last-applied-configuration": {} + }, + "f:labels": { + ".": {}, + "f:app.kubernetes.io/component": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {}, + "f:app.kubernetes.io/used-by": {} + }, + "f:ownerReferences": { + ".": {}, + "k:{\"uid\":\"eff6561e-bf0d-471c-99a1-71f35603bc87\"}": {} + } + }, + "f:spec": { + "f:clusterIP": {}, + "f:internalTrafficPolicy": {}, + "f:ports": { + ".": {}, + "k:{\"port\":20160,\"protocol\":\"TCP\"}": { + ".": {}, + "f:name": {}, + "f:port": {}, + "f:protocol": {}, + "f:targetPort": {} + } + }, + "f:publishNotReadyAddresses": {}, + "f:selector": {}, + "f:sessionAffinity": {}, + "f:type": {} + } + }, + "manager": "tidb-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:22+00:00" + } + ], + "name": "test-cluster-tikv-peer", + "namespace": "acto-namespace", + "owner_references": [ + { + "api_version": "pingcap.com/v1alpha1", + "block_owner_deletion": true, + "controller": true, + "kind": "TidbCluster", + "name": "test-cluster", + "uid": "eff6561e-bf0d-471c-99a1-71f35603bc87" + } + ], + "resource_version": "1083", + "self_link": null, + "uid": "c2fcd9d2-d1cf-48b4-9d62-c8c5d2555f3b" + }, + "spec": { + "allocate_load_balancer_node_ports": null, + "cluster_ip": "None", + "cluster_i_ps": [ + "None" + ], + "external_i_ps": null, + "external_name": null, + "external_traffic_policy": null, + "health_check_node_port": null, + "internal_traffic_policy": "Cluster", + "ip_families": [ + "IPv4" + ], + "ip_family_policy": "SingleStack", + "load_balancer_class": null, + "load_balancer_ip": null, + "load_balancer_source_ranges": null, + "ports": [ + { + "app_protocol": null, + "name": "peer", + "node_port": null, + "port": 20160, + "protocol": "TCP", + "target_port": 20160 + } + ], + "publish_not_ready_addresses": true, + "selector": { + "app.kubernetes.io/component": "tikv", + "app.kubernetes.io/instance": "test-cluster", + "app.kubernetes.io/managed-by": "tidb-operator", + "app.kubernetes.io/name": "tidb-cluster" + }, + "session_affinity": "None", + "session_affinity_config": null, + "type": "ClusterIP" + }, + "status": { + "conditions": null, + "load_balancer": { + "ingress": null + } + } + } + }, + "pvc": { + "pd-test-cluster-pd-0": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": { + "pv.kubernetes.io/bind-completed": "yes", + "pv.kubernetes.io/bound-by-controller": "yes", + "tidb.pingcap.com/pod-name": "test-cluster-pd-0", + "volume.beta.kubernetes.io/storage-provisioner": "rancher.io/local-path", + "volume.kubernetes.io/selected-node": "acto-0-cluster-0-worker", + "volume.kubernetes.io/storage-provisioner": "rancher.io/local-path" + }, + "creation_timestamp": "2024-02-27T01:19:59+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": [ + "kubernetes.io/pvc-protection" + ], + "generate_name": null, + "generation": null, + "labels": { + "app.kubernetes.io/component": "pd", + "app.kubernetes.io/instance": "test-cluster", + "app.kubernetes.io/managed-by": "tidb-operator", + "app.kubernetes.io/name": "tidb-cluster", + "tidb.pingcap.com/cluster-id": "7340085439264123903", + "tidb.pingcap.com/member-id": "1141335897322686879", + "tidb.pingcap.com/pod-name": "test-cluster-pd-0" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + ".": {}, + "f:volume.kubernetes.io/selected-node": {} + } + } + }, + "manager": "kube-scheduler", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:59+00:00" + }, + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:status": { + "f:accessModes": {}, + "f:capacity": { + ".": {}, + "f:storage": {} + }, + "f:phase": {} + } + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:02+00:00" + }, + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + "f:tidb.pingcap.com/pod-name": {} + }, + "f:labels": { + "f:tidb.pingcap.com/cluster-id": {}, + "f:tidb.pingcap.com/member-id": {}, + "f:tidb.pingcap.com/pod-name": {} + } + } + }, + "manager": "tidb-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:55+00:00" + } + ], + "name": "pd-test-cluster-pd-0", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1415", + "self_link": null, + "uid": "6e74bcf6-9557-43e9-975d-c258e0774be5" + }, + "spec": { + "access_modes": [ + "ReadWriteOnce" + ], + "data_source": null, + "data_source_ref": null, + "resources": { + "claims": null, + "limits": null, + "requests": { + "storage": "10Gi" + } + }, + "selector": null, + "storage_class_name": "standard", + "volume_mode": "Filesystem", + "volume_name": "pvc-6e74bcf6-9557-43e9-975d-c258e0774be5" + }, + "status": { + "access_modes": [ + "ReadWriteOnce" + ], + "allocated_resources": null, + "capacity": { + "storage": "10Gi" + }, + "conditions": null, + "phase": "Bound", + "resize_status": null + } + }, + "pd-test-cluster-pd-1": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": { + "pv.kubernetes.io/bind-completed": "yes", + "pv.kubernetes.io/bound-by-controller": "yes", + "tidb.pingcap.com/pod-name": "test-cluster-pd-1", + "volume.beta.kubernetes.io/storage-provisioner": "rancher.io/local-path", + "volume.kubernetes.io/selected-node": "acto-0-cluster-0-worker2", + "volume.kubernetes.io/storage-provisioner": "rancher.io/local-path" + }, + "creation_timestamp": "2024-02-27T01:19:59+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": [ + "kubernetes.io/pvc-protection" + ], + "generate_name": null, + "generation": null, + "labels": { + "app.kubernetes.io/component": "pd", + "app.kubernetes.io/instance": "test-cluster", + "app.kubernetes.io/managed-by": "tidb-operator", + "app.kubernetes.io/name": "tidb-cluster", + "tidb.pingcap.com/cluster-id": "7340085439264123903", + "tidb.pingcap.com/member-id": "13142663148032253862", + "tidb.pingcap.com/pod-name": "test-cluster-pd-1" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + ".": {}, + "f:volume.kubernetes.io/selected-node": {} + } + } + }, + "manager": "kube-scheduler", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:59+00:00" + }, + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:status": { + "f:accessModes": {}, + "f:capacity": { + ".": {}, + "f:storage": {} + }, + "f:phase": {} + } + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:03+00:00" + }, + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + "f:tidb.pingcap.com/pod-name": {} + }, + "f:labels": { + "f:tidb.pingcap.com/cluster-id": {}, + "f:tidb.pingcap.com/member-id": {}, + "f:tidb.pingcap.com/pod-name": {} + } + } + }, + "manager": "tidb-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:52+00:00" + } + ], + "name": "pd-test-cluster-pd-1", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1342", + "self_link": null, + "uid": "4347573f-2369-4cd1-aa31-97a0edae4ab5" + }, + "spec": { + "access_modes": [ + "ReadWriteOnce" + ], + "data_source": null, + "data_source_ref": null, + "resources": { + "claims": null, + "limits": null, + "requests": { + "storage": "10Gi" + } + }, + "selector": null, + "storage_class_name": "standard", + "volume_mode": "Filesystem", + "volume_name": "pvc-4347573f-2369-4cd1-aa31-97a0edae4ab5" + }, + "status": { + "access_modes": [ + "ReadWriteOnce" + ], + "allocated_resources": null, + "capacity": { + "storage": "10Gi" + }, + "conditions": null, + "phase": "Bound", + "resize_status": null + } + }, + "pd-test-cluster-pd-2": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": { + "pv.kubernetes.io/bind-completed": "yes", + "pv.kubernetes.io/bound-by-controller": "yes", + "tidb.pingcap.com/pod-name": "test-cluster-pd-2", + "volume.beta.kubernetes.io/storage-provisioner": "rancher.io/local-path", + "volume.kubernetes.io/selected-node": "acto-0-cluster-0-worker3", + "volume.kubernetes.io/storage-provisioner": "rancher.io/local-path" + }, + "creation_timestamp": "2024-02-27T01:19:59+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": [ + "kubernetes.io/pvc-protection" + ], + "generate_name": null, + "generation": null, + "labels": { + "app.kubernetes.io/component": "pd", + "app.kubernetes.io/instance": "test-cluster", + "app.kubernetes.io/managed-by": "tidb-operator", + "app.kubernetes.io/name": "tidb-cluster", + "tidb.pingcap.com/cluster-id": "7340085439264123903", + "tidb.pingcap.com/member-id": "5110389971597451409", + "tidb.pingcap.com/pod-name": "test-cluster-pd-2" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + ".": {}, + "f:volume.kubernetes.io/selected-node": {} + } + } + }, + "manager": "kube-scheduler", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:59+00:00" + }, + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:status": { + "f:accessModes": {}, + "f:capacity": { + ".": {}, + "f:storage": {} + }, + "f:phase": {} + } + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:03+00:00" + }, + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + "f:tidb.pingcap.com/pod-name": {} + }, + "f:labels": { + "f:tidb.pingcap.com/cluster-id": {}, + "f:tidb.pingcap.com/member-id": {}, + "f:tidb.pingcap.com/pod-name": {} + } + } + }, + "manager": "tidb-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:52+00:00" + } + ], + "name": "pd-test-cluster-pd-2", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1361", + "self_link": null, + "uid": "4ca5c277-cce5-49c9-8693-75ec1a7ef074" + }, + "spec": { + "access_modes": [ + "ReadWriteOnce" + ], + "data_source": null, + "data_source_ref": null, + "resources": { + "claims": null, + "limits": null, + "requests": { + "storage": "10Gi" + } + }, + "selector": null, + "storage_class_name": "standard", + "volume_mode": "Filesystem", + "volume_name": "pvc-4ca5c277-cce5-49c9-8693-75ec1a7ef074" + }, + "status": { + "access_modes": [ + "ReadWriteOnce" + ], + "allocated_resources": null, + "capacity": { + "storage": "10Gi" + }, + "conditions": null, + "phase": "Bound", + "resize_status": null + } + }, + "tikv-test-cluster-tikv-0": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": { + "pv.kubernetes.io/bind-completed": "yes", + "pv.kubernetes.io/bound-by-controller": "yes", + "tidb.pingcap.com/pod-name": "test-cluster-tikv-0", + "volume.beta.kubernetes.io/storage-provisioner": "rancher.io/local-path", + "volume.kubernetes.io/selected-node": "acto-0-cluster-0-worker2", + "volume.kubernetes.io/storage-provisioner": "rancher.io/local-path" + }, + "creation_timestamp": "2024-02-27T01:20:22+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": [ + "kubernetes.io/pvc-protection" + ], + "generate_name": null, + "generation": null, + "labels": { + "app.kubernetes.io/component": "tikv", + "app.kubernetes.io/instance": "test-cluster", + "app.kubernetes.io/managed-by": "tidb-operator", + "app.kubernetes.io/name": "tidb-cluster", + "tidb.pingcap.com/cluster-id": "7340085439264123903", + "tidb.pingcap.com/pod-name": "test-cluster-tikv-0", + "tidb.pingcap.com/store-id": "5" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + ".": {}, + "f:volume.kubernetes.io/selected-node": {} + } + } + }, + "manager": "kube-scheduler", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:22+00:00" + }, + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:status": { + "f:accessModes": {}, + "f:capacity": { + ".": {}, + "f:storage": {} + }, + "f:phase": {} + } + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:25+00:00" + }, + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + "f:tidb.pingcap.com/pod-name": {} + }, + "f:labels": { + "f:tidb.pingcap.com/cluster-id": {}, + "f:tidb.pingcap.com/pod-name": {}, + "f:tidb.pingcap.com/store-id": {} + } + } + }, + "manager": "tidb-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:53+00:00" + } + ], + "name": "tikv-test-cluster-tikv-0", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1390", + "self_link": null, + "uid": "c3881bdf-3987-4437-afed-2cce93ffbdf3" + }, + "spec": { + "access_modes": [ + "ReadWriteOnce" + ], + "data_source": null, + "data_source_ref": null, + "resources": { + "claims": null, + "limits": null, + "requests": { + "storage": "100Gi" + } + }, + "selector": null, + "storage_class_name": "standard", + "volume_mode": "Filesystem", + "volume_name": "pvc-c3881bdf-3987-4437-afed-2cce93ffbdf3" + }, + "status": { + "access_modes": [ + "ReadWriteOnce" + ], + "allocated_resources": null, + "capacity": { + "storage": "100Gi" + }, + "conditions": null, + "phase": "Bound", + "resize_status": null + } + }, + "tikv-test-cluster-tikv-1": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": { + "pv.kubernetes.io/bind-completed": "yes", + "pv.kubernetes.io/bound-by-controller": "yes", + "tidb.pingcap.com/pod-name": "test-cluster-tikv-1", + "volume.beta.kubernetes.io/storage-provisioner": "rancher.io/local-path", + "volume.kubernetes.io/selected-node": "acto-0-cluster-0-worker", + "volume.kubernetes.io/storage-provisioner": "rancher.io/local-path" + }, + "creation_timestamp": "2024-02-27T01:20:22+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": [ + "kubernetes.io/pvc-protection" + ], + "generate_name": null, + "generation": null, + "labels": { + "app.kubernetes.io/component": "tikv", + "app.kubernetes.io/instance": "test-cluster", + "app.kubernetes.io/managed-by": "tidb-operator", + "app.kubernetes.io/name": "tidb-cluster", + "tidb.pingcap.com/cluster-id": "7340085439264123903", + "tidb.pingcap.com/pod-name": "test-cluster-tikv-1", + "tidb.pingcap.com/store-id": "1" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + ".": {}, + "f:volume.kubernetes.io/selected-node": {} + } + } + }, + "manager": "kube-scheduler", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:22+00:00" + }, + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:status": { + "f:accessModes": {}, + "f:capacity": { + ".": {}, + "f:storage": {} + }, + "f:phase": {} + } + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:24+00:00" + }, + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + "f:tidb.pingcap.com/pod-name": {} + }, + "f:labels": { + "f:tidb.pingcap.com/cluster-id": {}, + "f:tidb.pingcap.com/pod-name": {}, + "f:tidb.pingcap.com/store-id": {} + } + } + }, + "manager": "tidb-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:54+00:00" + } + ], + "name": "tikv-test-cluster-tikv-1", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1404", + "self_link": null, + "uid": "36ffe414-4968-4c09-977a-799a62b46134" + }, + "spec": { + "access_modes": [ + "ReadWriteOnce" + ], + "data_source": null, + "data_source_ref": null, + "resources": { + "claims": null, + "limits": null, + "requests": { + "storage": "100Gi" + } + }, + "selector": null, + "storage_class_name": "standard", + "volume_mode": "Filesystem", + "volume_name": "pvc-36ffe414-4968-4c09-977a-799a62b46134" + }, + "status": { + "access_modes": [ + "ReadWriteOnce" + ], + "allocated_resources": null, + "capacity": { + "storage": "100Gi" + }, + "conditions": null, + "phase": "Bound", + "resize_status": null + } + }, + "tikv-test-cluster-tikv-2": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": { + "pv.kubernetes.io/bind-completed": "yes", + "pv.kubernetes.io/bound-by-controller": "yes", + "tidb.pingcap.com/pod-name": "test-cluster-tikv-2", + "volume.beta.kubernetes.io/storage-provisioner": "rancher.io/local-path", + "volume.kubernetes.io/selected-node": "acto-0-cluster-0-worker3", + "volume.kubernetes.io/storage-provisioner": "rancher.io/local-path" + }, + "creation_timestamp": "2024-02-27T01:20:22+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": [ + "kubernetes.io/pvc-protection" + ], + "generate_name": null, + "generation": null, + "labels": { + "app.kubernetes.io/component": "tikv", + "app.kubernetes.io/instance": "test-cluster", + "app.kubernetes.io/managed-by": "tidb-operator", + "app.kubernetes.io/name": "tidb-cluster", + "tidb.pingcap.com/cluster-id": "7340085439264123903", + "tidb.pingcap.com/pod-name": "test-cluster-tikv-2", + "tidb.pingcap.com/store-id": "4" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + ".": {}, + "f:volume.kubernetes.io/selected-node": {} + } + } + }, + "manager": "kube-scheduler", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:22+00:00" + }, + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:status": { + "f:accessModes": {}, + "f:capacity": { + ".": {}, + "f:storage": {} + }, + "f:phase": {} + } + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:24+00:00" + }, + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + "f:tidb.pingcap.com/pod-name": {} + }, + "f:labels": { + "f:tidb.pingcap.com/cluster-id": {}, + "f:tidb.pingcap.com/pod-name": {}, + "f:tidb.pingcap.com/store-id": {} + } + } + }, + "manager": "tidb-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:54+00:00" + } + ], + "name": "tikv-test-cluster-tikv-2", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1407", + "self_link": null, + "uid": "4c76d8f3-3a67-412e-875b-dae964805d9f" + }, + "spec": { + "access_modes": [ + "ReadWriteOnce" + ], + "data_source": null, + "data_source_ref": null, + "resources": { + "claims": null, + "limits": null, + "requests": { + "storage": "100Gi" + } + }, + "selector": null, + "storage_class_name": "standard", + "volume_mode": "Filesystem", + "volume_name": "pvc-4c76d8f3-3a67-412e-875b-dae964805d9f" + }, + "status": { + "access_modes": [ + "ReadWriteOnce" + ], + "allocated_resources": null, + "capacity": { + "storage": "100Gi" + }, + "conditions": null, + "phase": "Bound", + "resize_status": null + } + } + }, + "cronjob": {}, + "ingress": {}, + "network_policy": {}, + "pod_disruption_budget": {}, + "secret": {}, + "endpoints": { + "test-cluster-discovery": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": { + "endpoints.kubernetes.io/last-change-trigger-time": "2024-02-27T01:20:01Z" + }, + "creation_timestamp": "2024-02-27T01:19:59+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": { + "app.kubernetes.io/component": "discovery", + "app.kubernetes.io/instance": "test-cluster", + "app.kubernetes.io/managed-by": "tidb-operator", + "app.kubernetes.io/name": "tidb-cluster" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + ".": {}, + "f:endpoints.kubernetes.io/last-change-trigger-time": {} + }, + "f:labels": { + ".": {}, + "f:app.kubernetes.io/component": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {} + } + }, + "f:subsets": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:01+00:00" + } + ], + "name": "test-cluster-discovery", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "956", + "self_link": null, + "uid": "531c0eca-2805-49f4-b843-7390f011d559" + }, + "subsets": [ + { + "addresses": [ + { + "hostname": null, + "ip": "10.244.2.3", + "node_name": "acto-0-cluster-0-worker2", + "target_ref": { + "api_version": null, + "field_path": null, + "kind": "Pod", + "name": "test-cluster-discovery-689d8466cb-rkhsw", + "namespace": "acto-namespace", + "resource_version": null, + "uid": "7d5c38de-d388-4f79-a1eb-dbfcb1333562" + } + } + ], + "not_ready_addresses": null, + "ports": [ + { + "app_protocol": null, + "name": "discovery", + "port": 10261, + "protocol": "TCP" + }, + { + "app_protocol": null, + "name": "proxy", + "port": 10262, + "protocol": "TCP" + } + ] + } + ] + }, + "test-cluster-pd": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": { + "endpoints.kubernetes.io/last-change-trigger-time": "2024-02-27T01:20:26Z" + }, + "creation_timestamp": "2024-02-27T01:19:59+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": { + "app.kubernetes.io/component": "pd", + "app.kubernetes.io/instance": "test-cluster", + "app.kubernetes.io/managed-by": "tidb-operator", + "app.kubernetes.io/name": "tidb-cluster", + "app.kubernetes.io/used-by": "end-user" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + ".": {}, + "f:endpoints.kubernetes.io/last-change-trigger-time": {} + }, + "f:labels": { + ".": {}, + "f:app.kubernetes.io/component": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {}, + "f:app.kubernetes.io/used-by": {} + } + }, + "f:subsets": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:26+00:00" + } + ], + "name": "test-cluster-pd", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1236", + "self_link": null, + "uid": "6458dd97-d77d-44d1-9d13-4e1bff4b941d" + }, + "subsets": [ + { + "addresses": [ + { + "hostname": null, + "ip": "10.244.1.4", + "node_name": "acto-0-cluster-0-worker", + "target_ref": { + "api_version": null, + "field_path": null, + "kind": "Pod", + "name": "test-cluster-pd-0", + "namespace": "acto-namespace", + "resource_version": null, + "uid": "801ba666-3b2f-49bf-aec4-e595107bc95d" + } + }, + { + "hostname": null, + "ip": "10.244.2.5", + "node_name": "acto-0-cluster-0-worker2", + "target_ref": { + "api_version": null, + "field_path": null, + "kind": "Pod", + "name": "test-cluster-pd-1", + "namespace": "acto-namespace", + "resource_version": null, + "uid": "fddcab1c-5c70-49b9-8a97-afe4d7dec60e" + } + }, + { + "hostname": null, + "ip": "10.244.3.5", + "node_name": "acto-0-cluster-0-worker3", + "target_ref": { + "api_version": null, + "field_path": null, + "kind": "Pod", + "name": "test-cluster-pd-2", + "namespace": "acto-namespace", + "resource_version": null, + "uid": "6c47980f-aa16-4023-b5b9-150257844cb0" + } + } + ], + "not_ready_addresses": null, + "ports": [ + { + "app_protocol": null, + "name": "client", + "port": 2379, + "protocol": "TCP" + } + ] + } + ] + }, + "test-cluster-pd-peer": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": { + "endpoints.kubernetes.io/last-change-trigger-time": "2024-02-27T01:20:05Z" + }, + "creation_timestamp": "2024-02-27T01:19:59+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": { + "app.kubernetes.io/component": "pd", + "app.kubernetes.io/instance": "test-cluster", + "app.kubernetes.io/managed-by": "tidb-operator", + "app.kubernetes.io/name": "tidb-cluster", + "app.kubernetes.io/used-by": "peer", + "service.kubernetes.io/headless": "" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + ".": {}, + "f:endpoints.kubernetes.io/last-change-trigger-time": {} + }, + "f:labels": { + ".": {}, + "f:app.kubernetes.io/component": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {}, + "f:app.kubernetes.io/used-by": {}, + "f:service.kubernetes.io/headless": {} + } + }, + "f:subsets": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:05+00:00" + } + ], + "name": "test-cluster-pd-peer", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1034", + "self_link": null, + "uid": "0c1a4e11-f222-4597-8c09-480fa11c8847" + }, + "subsets": [ + { + "addresses": [ + { + "hostname": "test-cluster-pd-0", + "ip": "10.244.1.4", + "node_name": "acto-0-cluster-0-worker", + "target_ref": { + "api_version": null, + "field_path": null, + "kind": "Pod", + "name": "test-cluster-pd-0", + "namespace": "acto-namespace", + "resource_version": null, + "uid": "801ba666-3b2f-49bf-aec4-e595107bc95d" + } + }, + { + "hostname": "test-cluster-pd-1", + "ip": "10.244.2.5", + "node_name": "acto-0-cluster-0-worker2", + "target_ref": { + "api_version": null, + "field_path": null, + "kind": "Pod", + "name": "test-cluster-pd-1", + "namespace": "acto-namespace", + "resource_version": null, + "uid": "fddcab1c-5c70-49b9-8a97-afe4d7dec60e" + } + }, + { + "hostname": "test-cluster-pd-2", + "ip": "10.244.3.5", + "node_name": "acto-0-cluster-0-worker3", + "target_ref": { + "api_version": null, + "field_path": null, + "kind": "Pod", + "name": "test-cluster-pd-2", + "namespace": "acto-namespace", + "resource_version": null, + "uid": "6c47980f-aa16-4023-b5b9-150257844cb0" + } + } + ], + "not_ready_addresses": null, + "ports": [ + { + "app_protocol": null, + "name": "tcp-peer-2379", + "port": 2379, + "protocol": "TCP" + }, + { + "app_protocol": null, + "name": "tcp-peer-2380", + "port": 2380, + "protocol": "TCP" + } + ] + } + ] + }, + "test-cluster-tidb": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:52+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": { + "app.kubernetes.io/component": "tidb", + "app.kubernetes.io/instance": "test-cluster", + "app.kubernetes.io/managed-by": "tidb-operator", + "app.kubernetes.io/name": "tidb-cluster", + "app.kubernetes.io/used-by": "end-user" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:labels": { + ".": {}, + "f:app.kubernetes.io/component": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {}, + "f:app.kubernetes.io/used-by": {} + } + }, + "f:subsets": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:21:54+00:00" + } + ], + "name": "test-cluster-tidb", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1594", + "self_link": null, + "uid": "92b151e9-478a-40fd-8af2-02348b397057" + }, + "subsets": [ + { + "addresses": [ + { + "hostname": null, + "ip": "10.244.1.7", + "node_name": "acto-0-cluster-0-worker", + "target_ref": { + "api_version": null, + "field_path": null, + "kind": "Pod", + "name": "test-cluster-tidb-0", + "namespace": "acto-namespace", + "resource_version": null, + "uid": "33b4a064-47e7-4ea8-a6eb-4638ba7c5753" + } + }, + { + "hostname": null, + "ip": "10.244.2.8", + "node_name": "acto-0-cluster-0-worker2", + "target_ref": { + "api_version": null, + "field_path": null, + "kind": "Pod", + "name": "test-cluster-tidb-1", + "namespace": "acto-namespace", + "resource_version": null, + "uid": "b39da1e7-81ed-4250-9545-8ebd713753dc" + } + } + ], + "not_ready_addresses": null, + "ports": [ + { + "app_protocol": null, + "name": "status", + "port": 10080, + "protocol": "TCP" + }, + { + "app_protocol": null, + "name": "mysql-client", + "port": 4000, + "protocol": "TCP" + } + ] + } + ] + }, + "test-cluster-tidb-peer": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:52+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": { + "app.kubernetes.io/component": "tidb", + "app.kubernetes.io/instance": "test-cluster", + "app.kubernetes.io/managed-by": "tidb-operator", + "app.kubernetes.io/name": "tidb-cluster", + "app.kubernetes.io/used-by": "peer", + "service.kubernetes.io/headless": "" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:labels": { + ".": {}, + "f:app.kubernetes.io/component": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {}, + "f:app.kubernetes.io/used-by": {}, + "f:service.kubernetes.io/headless": {} + } + }, + "f:subsets": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:22:26+00:00" + } + ], + "name": "test-cluster-tidb-peer", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1698", + "self_link": null, + "uid": "709cfbb2-a95b-4f52-8847-e56b0adbf616" + }, + "subsets": [ + { + "addresses": [ + { + "hostname": "test-cluster-tidb-0", + "ip": "10.244.1.7", + "node_name": "acto-0-cluster-0-worker", + "target_ref": { + "api_version": null, + "field_path": null, + "kind": "Pod", + "name": "test-cluster-tidb-0", + "namespace": "acto-namespace", + "resource_version": null, + "uid": "33b4a064-47e7-4ea8-a6eb-4638ba7c5753" + } + }, + { + "hostname": "test-cluster-tidb-1", + "ip": "10.244.2.8", + "node_name": "acto-0-cluster-0-worker2", + "target_ref": { + "api_version": null, + "field_path": null, + "kind": "Pod", + "name": "test-cluster-tidb-1", + "namespace": "acto-namespace", + "resource_version": null, + "uid": "b39da1e7-81ed-4250-9545-8ebd713753dc" + } + } + ], + "not_ready_addresses": null, + "ports": [ + { + "app_protocol": null, + "name": "status", + "port": 10080, + "protocol": "TCP" + } + ] + } + ] + }, + "test-cluster-tikv-peer": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": { + "endpoints.kubernetes.io/last-change-trigger-time": "2024-02-27T01:20:27Z" + }, + "creation_timestamp": "2024-02-27T01:20:22+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": { + "app.kubernetes.io/component": "tikv", + "app.kubernetes.io/instance": "test-cluster", + "app.kubernetes.io/managed-by": "tidb-operator", + "app.kubernetes.io/name": "tidb-cluster", + "app.kubernetes.io/used-by": "peer", + "service.kubernetes.io/headless": "" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + ".": {}, + "f:endpoints.kubernetes.io/last-change-trigger-time": {} + }, + "f:labels": { + ".": {}, + "f:app.kubernetes.io/component": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {}, + "f:app.kubernetes.io/used-by": {}, + "f:service.kubernetes.io/headless": {} + } + }, + "f:subsets": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:27+00:00" + } + ], + "name": "test-cluster-tikv-peer", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1255", + "self_link": null, + "uid": "51825553-b652-45c7-b9ed-a12f85fb7489" + }, + "subsets": [ + { + "addresses": [ + { + "hostname": "test-cluster-tikv-1", + "ip": "10.244.1.6", + "node_name": "acto-0-cluster-0-worker", + "target_ref": { + "api_version": null, + "field_path": null, + "kind": "Pod", + "name": "test-cluster-tikv-1", + "namespace": "acto-namespace", + "resource_version": null, + "uid": "fe7fca3f-2c5a-406e-856b-3b0bec9e4bfc" + } + }, + { + "hostname": "test-cluster-tikv-0", + "ip": "10.244.2.7", + "node_name": "acto-0-cluster-0-worker2", + "target_ref": { + "api_version": null, + "field_path": null, + "kind": "Pod", + "name": "test-cluster-tikv-0", + "namespace": "acto-namespace", + "resource_version": null, + "uid": "ebc480d7-eef9-48ca-8d1f-31c413ae8bab" + } + }, + { + "hostname": "test-cluster-tikv-2", + "ip": "10.244.3.7", + "node_name": "acto-0-cluster-0-worker3", + "target_ref": { + "api_version": null, + "field_path": null, + "kind": "Pod", + "name": "test-cluster-tikv-2", + "namespace": "acto-namespace", + "resource_version": null, + "uid": "15df53c3-220b-48c9-82e6-5bde9ad0ef90" + } + } + ], + "not_ready_addresses": null, + "ports": [ + { + "app_protocol": null, + "name": "peer", + "port": 20160, + "protocol": "TCP" + } + ] + } + ] + }, + "tidb-controller-manager": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": { + "control-plane.alpha.kubernetes.io/leader": "{\"holderIdentity\":\"tidb-controller-manager-7b6bdb846c-75s8q\",\"leaseDurationSeconds\":15,\"acquireTime\":\"2024-02-27T01:19:52Z\",\"renewTime\":\"2024-02-27T01:37:53Z\",\"leaderTransitions\":1}" + }, + "creation_timestamp": "2024-02-27T01:19:30+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + ".": {}, + "f:control-plane.alpha.kubernetes.io/leader": {} + } + } + }, + "manager": "tidb-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:37:53+00:00" + } + ], + "name": "tidb-controller-manager", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "3786", + "self_link": null, + "uid": "f34e8ea1-3cf4-4632-8f1c-639acd494b56" + }, + "subsets": null + } + }, + "service_account": { + "default": { + "api_version": null, + "automount_service_account_token": null, + "image_pull_secrets": null, + "kind": null, + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:19:22+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": null, + "name": "default", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "629", + "self_link": null, + "uid": "b35afad6-609f-438c-b513-54693f9f507b" + }, + "secrets": null + }, + "test-cluster-discovery": { + "api_version": null, + "automount_service_account_token": null, + "image_pull_secrets": null, + "kind": null, + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:19:59+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": { + "app.kubernetes.io/component": "discovery", + "app.kubernetes.io/instance": "test-cluster", + "app.kubernetes.io/managed-by": "tidb-operator", + "app.kubernetes.io/name": "tidb-cluster" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:labels": { + ".": {}, + "f:app.kubernetes.io/component": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {} + }, + "f:ownerReferences": { + ".": {}, + "k:{\"uid\":\"eff6561e-bf0d-471c-99a1-71f35603bc87\"}": {} + } + } + }, + "manager": "tidb-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:59+00:00" + } + ], + "name": "test-cluster-discovery", + "namespace": "acto-namespace", + "owner_references": [ + { + "api_version": "pingcap.com/v1alpha1", + "block_owner_deletion": true, + "controller": true, + "kind": "TidbCluster", + "name": "test-cluster", + "uid": "eff6561e-bf0d-471c-99a1-71f35603bc87" + } + ], + "resource_version": "849", + "self_link": null, + "uid": "0fd11616-b3a2-4bd2-adaa-fcfa072bd781" + }, + "secrets": null + }, + "tidb-controller-manager": { + "api_version": null, + "automount_service_account_token": null, + "image_pull_secrets": null, + "kind": null, + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:19:29+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": { + "app.kubernetes.io/component": "controller-manager", + "app.kubernetes.io/instance": "acto-test-operator", + "app.kubernetes.io/managed-by": "Helm", + "app.kubernetes.io/name": "tidb-operator", + "helm.sh/chart": "tidb-operator-v1-canary" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:labels": { + "f:app.kubernetes.io/component": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {}, + "f:helm.sh/chart": {} + } + } + }, + "manager": "kubectl", + "operation": "Apply", + "subresource": null, + "time": "2024-02-27T01:19:29+00:00" + } + ], + "name": "tidb-controller-manager", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "668", + "self_link": null, + "uid": "64ae3b2d-b193-4773-9789-6a843c16a808" + }, + "secrets": null + }, + "tidb-scheduler": { + "api_version": null, + "automount_service_account_token": null, + "image_pull_secrets": null, + "kind": null, + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:19:29+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": { + "app.kubernetes.io/component": "scheduler", + "app.kubernetes.io/instance": "acto-test-operator", + "app.kubernetes.io/managed-by": "Helm", + "app.kubernetes.io/name": "tidb-operator", + "helm.sh/chart": "tidb-operator-v1-canary" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:labels": { + "f:app.kubernetes.io/component": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {}, + "f:helm.sh/chart": {} + } + } + }, + "manager": "kubectl", + "operation": "Apply", + "subresource": null, + "time": "2024-02-27T01:19:29+00:00" + } + ], + "name": "tidb-scheduler", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "669", + "self_link": null, + "uid": "9c95f44c-e826-4847-a2ca-cb7af4ea3f60" + }, + "secrets": null + } + }, + "job": {}, + "role": { + "test-cluster-discovery": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:19:59+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": { + "app.kubernetes.io/component": "discovery", + "app.kubernetes.io/instance": "test-cluster", + "app.kubernetes.io/managed-by": "tidb-operator", + "app.kubernetes.io/name": "tidb-cluster" + }, + "managed_fields": [ + { + "api_version": "rbac.authorization.k8s.io/v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:labels": { + ".": {}, + "f:app.kubernetes.io/component": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {} + }, + "f:ownerReferences": { + ".": {}, + "k:{\"uid\":\"eff6561e-bf0d-471c-99a1-71f35603bc87\"}": {} + } + }, + "f:rules": {} + }, + "manager": "tidb-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:59+00:00" + } + ], + "name": "test-cluster-discovery", + "namespace": "acto-namespace", + "owner_references": [ + { + "api_version": "pingcap.com/v1alpha1", + "block_owner_deletion": true, + "controller": true, + "kind": "TidbCluster", + "name": "test-cluster", + "uid": "eff6561e-bf0d-471c-99a1-71f35603bc87" + } + ], + "resource_version": "848", + "self_link": null, + "uid": "0239b8e9-c3cf-4178-b83b-897dcc08e31e" + }, + "rules": [ + { + "api_groups": [ + "pingcap.com" + ], + "non_resource_ur_ls": null, + "resource_names": [ + "test-cluster" + ], + "resources": [ + "tidbclusters" + ], + "verbs": [ + "get" + ] + }, + { + "api_groups": [ + "" + ], + "non_resource_ur_ls": null, + "resource_names": null, + "resources": [ + "secrets" + ], + "verbs": [ + "get", + "list", + "watch" + ] + } + ] + } + }, + "role_binding": { + "test-cluster-discovery": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:19:59+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": { + "app.kubernetes.io/component": "discovery", + "app.kubernetes.io/instance": "test-cluster", + "app.kubernetes.io/managed-by": "tidb-operator", + "app.kubernetes.io/name": "tidb-cluster" + }, + "managed_fields": [ + { + "api_version": "rbac.authorization.k8s.io/v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:labels": { + ".": {}, + "f:app.kubernetes.io/component": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {} + }, + "f:ownerReferences": { + ".": {}, + "k:{\"uid\":\"eff6561e-bf0d-471c-99a1-71f35603bc87\"}": {} + } + }, + "f:roleRef": {}, + "f:subjects": {} + }, + "manager": "tidb-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:59+00:00" + } + ], + "name": "test-cluster-discovery", + "namespace": "acto-namespace", + "owner_references": [ + { + "api_version": "pingcap.com/v1alpha1", + "block_owner_deletion": true, + "controller": true, + "kind": "TidbCluster", + "name": "test-cluster", + "uid": "eff6561e-bf0d-471c-99a1-71f35603bc87" + } + ], + "resource_version": "852", + "self_link": null, + "uid": "80f61952-9b43-4d3d-8085-809784c1c77f" + }, + "role_ref": { + "api_group": "rbac.authorization.k8s.io", + "kind": "Role", + "name": "test-cluster-discovery" + }, + "subjects": [ + { + "api_group": null, + "kind": "ServiceAccount", + "name": "test-cluster-discovery", + "namespace": null + } + ] + } + }, + "custom_resource_spec": { + "configUpdateStrategy": "RollingUpdate", + "discovery": {}, + "enableDynamicConfiguration": true, + "enablePVReclaim": false, + "helper": { + "image": "busybox:1.34.1" + }, + "imagePullPolicy": "IfNotPresent", + "pd": { + "baseImage": "pingcap/pd", + "config": "[dashboard]\n internal-proxy = true\n", + "maxFailoverCount": 0, + "mountClusterClientSecret": true, + "replicas": 3, + "requests": { + "storage": "10Gi" + } + }, + "pvReclaimPolicy": "Retain", + "tidb": { + "baseImage": "pingcap/tidb", + "config": "[log]\n [log.file]\n max-backups = 3\n\n[performance]\n tcp-keep-alive = true\n", + "maxFailoverCount": 0, + "replicas": 3, + "service": { + "externalTrafficPolicy": "Local", + "type": "NodePort" + } + }, + "tikv": { + "baseImage": "pingcap/tikv", + "config": "log-level = \"info\"\n", + "maxFailoverCount": 0, + "mountClusterClientSecret": true, + "replicas": 3, + "requests": { + "storage": "100Gi" + }, + "separateRaftLog": true + }, + "timezone": "UTC", + "tlsCluster": {}, + "version": "v5.4.0" + }, + "custom_resource_status": { + "clusterID": "7340085439264123903", + "conditions": [ + { + "lastTransitionTime": "2024-02-27T01:21:54Z", + "lastUpdateTime": "2024-02-27T01:29:57Z", + "message": "TiDB(s) are not healthy", + "reason": "TiDBUnhealthy", + "status": "False", + "type": "Ready" + } + ], + "pd": { + "image": "pingcap/pd:v5.4.0", + "leader": { + "clientURL": "http://test-cluster-pd-2.test-cluster-pd-peer.acto-namespace.svc:2379", + "health": true, + "id": "5110389971597451409", + "lastTransitionTime": "2024-02-27T01:20:22Z", + "name": "test-cluster-pd-2" + }, + "members": { + "test-cluster-pd-0": { + "clientURL": "http://test-cluster-pd-0.test-cluster-pd-peer.acto-namespace.svc:2379", + "health": true, + "id": "1141335897322686879", + "lastTransitionTime": "2024-02-27T01:20:52Z", + "name": "test-cluster-pd-0" + }, + "test-cluster-pd-1": { + "clientURL": "http://test-cluster-pd-1.test-cluster-pd-peer.acto-namespace.svc:2379", + "health": true, + "id": "13142663148032253862", + "lastTransitionTime": "2024-02-27T01:20:22Z", + "name": "test-cluster-pd-1" + }, + "test-cluster-pd-2": { + "clientURL": "http://test-cluster-pd-2.test-cluster-pd-peer.acto-namespace.svc:2379", + "health": true, + "id": "5110389971597451409", + "lastTransitionTime": "2024-02-27T01:20:22Z", + "name": "test-cluster-pd-2" + } + }, + "phase": "Normal", + "statefulSet": { + "collisionCount": 0, + "currentReplicas": 3, + "currentRevision": "test-cluster-pd-859db88ddf", + "observedGeneration": 1, + "readyReplicas": 3, + "replicas": 3, + "updateRevision": "test-cluster-pd-859db88ddf", + "updatedReplicas": 3 + }, + "synced": true + }, + "pump": {}, + "ticdc": {}, + "tidb": { + "image": "pingcap/tidb:v5.4.0", + "members": { + "test-cluster-tidb-0": { + "health": true, + "lastTransitionTime": "2024-02-27T01:20:58Z", + "name": "test-cluster-tidb-0", + "node": "acto-0-cluster-0-worker" + }, + "test-cluster-tidb-1": { + "health": true, + "lastTransitionTime": "2024-02-27T01:20:58Z", + "name": "test-cluster-tidb-1", + "node": "acto-0-cluster-0-worker2" + }, + "test-cluster-tidb-2": { + "health": false, + "lastTransitionTime": "2024-02-27T01:22:28Z", + "name": "test-cluster-tidb-2" + } + }, + "phase": "Upgrade", + "statefulSet": { + "collisionCount": 0, + "currentReplicas": 2, + "currentRevision": "test-cluster-tidb-788bdc6cfc", + "observedGeneration": 4, + "readyReplicas": 2, + "replicas": 3, + "updateRevision": "test-cluster-tidb-788bdc6cfc", + "updatedReplicas": 2 + } + }, + "tiflash": {}, + "tikv": { + "bootStrapped": true, + "image": "pingcap/tikv:v5.4.0", + "phase": "Normal", + "statefulSet": { + "collisionCount": 0, + "currentReplicas": 3, + "currentRevision": "test-cluster-tikv-797dfd54bf", + "observedGeneration": 1, + "readyReplicas": 3, + "replicas": 3, + "updateRevision": "test-cluster-tikv-797dfd54bf", + "updatedReplicas": 3 + }, + "stores": { + "1": { + "id": "1", + "ip": "test-cluster-tikv-1.test-cluster-tikv-peer.acto-namespace.svc", + "lastTransitionTime": "2024-02-27T01:20:52Z", + "leaderCount": 16, + "podName": "test-cluster-tikv-1", + "state": "Up" + }, + "4": { + "id": "4", + "ip": "test-cluster-tikv-2.test-cluster-tikv-peer.acto-namespace.svc", + "lastTransitionTime": "2024-02-27T01:20:52Z", + "leaderCount": 7, + "podName": "test-cluster-tikv-2", + "state": "Up" + }, + "5": { + "id": "5", + "ip": "test-cluster-tikv-0.test-cluster-tikv-peer.acto-namespace.svc", + "lastTransitionTime": "2024-02-27T01:20:52Z", + "leaderCount": 6, + "podName": "test-cluster-tikv-0", + "state": "Up" + } + }, + "synced": true + } + } +} diff --git a/docs/alarm_examples/misoperation/system-state-000.json b/docs/alarm_examples/misoperation/system-state-000.json new file mode 100644 index 0000000000..6bb25a7913 --- /dev/null +++ b/docs/alarm_examples/misoperation/system-state-000.json @@ -0,0 +1,15823 @@ +{ + "pod": { + "test-cluster-pd-0": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": { + "prometheus.io/path": "/metrics", + "prometheus.io/port": "2379", + "prometheus.io/scrape": "true" + }, + "creation_timestamp": "2024-02-27T01:19:59+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": "test-cluster-pd-", + "generation": null, + "labels": { + "app.kubernetes.io/component": "pd", + "app.kubernetes.io/instance": "test-cluster", + "app.kubernetes.io/managed-by": "tidb-operator", + "app.kubernetes.io/name": "tidb-cluster", + "apps.kubernetes.io/pod-index": "0", + "controller-revision-hash": "test-cluster-pd-859db88ddf", + "statefulset.kubernetes.io/pod-name": "test-cluster-pd-0", + "tidb.pingcap.com/cluster-id": "7340085439264123903", + "tidb.pingcap.com/member-id": "1141335897322686879" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + ".": {}, + "f:prometheus.io/path": {}, + "f:prometheus.io/port": {}, + "f:prometheus.io/scrape": {} + }, + "f:generateName": {}, + "f:labels": { + ".": {}, + "f:app.kubernetes.io/component": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {}, + "f:apps.kubernetes.io/pod-index": {}, + "f:controller-revision-hash": {}, + "f:statefulset.kubernetes.io/pod-name": {} + }, + "f:ownerReferences": { + ".": {}, + "k:{\"uid\":\"88522170-1faf-4a03-8d4e-f4f6a40c72a7\"}": {} + } + }, + "f:spec": { + "f:containers": { + "k:{\"name\":\"pd\"}": { + ".": {}, + "f:command": {}, + "f:env": { + ".": {}, + "k:{\"name\":\"NAMESPACE\"}": { + ".": {}, + "f:name": {}, + "f:valueFrom": { + ".": {}, + "f:fieldRef": {} + } + }, + "k:{\"name\":\"PEER_SERVICE_NAME\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"SERVICE_NAME\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"SET_NAME\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"TZ\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + } + }, + "f:image": {}, + "f:imagePullPolicy": {}, + "f:name": {}, + "f:ports": { + ".": {}, + "k:{\"containerPort\":2379,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + }, + "k:{\"containerPort\":2380,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + } + }, + "f:resources": {}, + "f:terminationMessagePath": {}, + "f:terminationMessagePolicy": {}, + "f:volumeMounts": { + ".": {}, + "k:{\"mountPath\":\"/etc/pd\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {}, + "f:readOnly": {} + }, + "k:{\"mountPath\":\"/etc/podinfo\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {}, + "f:readOnly": {} + }, + "k:{\"mountPath\":\"/usr/local/bin\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {}, + "f:readOnly": {} + }, + "k:{\"mountPath\":\"/var/lib/pd\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {} + } + } + } + }, + "f:dnsPolicy": {}, + "f:enableServiceLinks": {}, + "f:hostname": {}, + "f:restartPolicy": {}, + "f:schedulerName": {}, + "f:securityContext": {}, + "f:subdomain": {}, + "f:terminationGracePeriodSeconds": {}, + "f:volumes": { + ".": {}, + "k:{\"name\":\"annotations\"}": { + ".": {}, + "f:downwardAPI": { + ".": {}, + "f:defaultMode": {}, + "f:items": {} + }, + "f:name": {} + }, + "k:{\"name\":\"config\"}": { + ".": {}, + "f:configMap": { + ".": {}, + "f:defaultMode": {}, + "f:items": {}, + "f:name": {} + }, + "f:name": {} + }, + "k:{\"name\":\"pd\"}": { + ".": {}, + "f:name": {}, + "f:persistentVolumeClaim": { + ".": {}, + "f:claimName": {} + } + }, + "k:{\"name\":\"startup-script\"}": { + ".": {}, + "f:configMap": { + ".": {}, + "f:defaultMode": {}, + "f:items": {}, + "f:name": {} + }, + "f:name": {} + } + } + } + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:59+00:00" + }, + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:status": { + "f:conditions": { + "k:{\"type\":\"ContainersReady\"}": { + ".": {}, + "f:lastProbeTime": {}, + "f:lastTransitionTime": {}, + "f:status": {}, + "f:type": {} + }, + "k:{\"type\":\"Initialized\"}": { + ".": {}, + "f:lastProbeTime": {}, + "f:lastTransitionTime": {}, + "f:status": {}, + "f:type": {} + }, + "k:{\"type\":\"Ready\"}": { + ".": {}, + "f:lastProbeTime": {}, + "f:lastTransitionTime": {}, + "f:status": {}, + "f:type": {} + } + }, + "f:containerStatuses": {}, + "f:hostIP": {}, + "f:phase": {}, + "f:podIP": {}, + "f:podIPs": { + ".": {}, + "k:{\"ip\":\"10.244.1.4\"}": { + ".": {}, + "f:ip": {} + } + }, + "f:startTime": {} + } + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:26+00:00" + }, + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:labels": { + "f:tidb.pingcap.com/cluster-id": {}, + "f:tidb.pingcap.com/member-id": {} + } + } + }, + "manager": "tidb-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:55+00:00" + } + ], + "name": "test-cluster-pd-0", + "namespace": "acto-namespace", + "owner_references": [ + { + "api_version": "apps/v1", + "block_owner_deletion": true, + "controller": true, + "kind": "StatefulSet", + "name": "test-cluster-pd", + "uid": "88522170-1faf-4a03-8d4e-f4f6a40c72a7" + } + ], + "resource_version": "1412", + "self_link": null, + "uid": "801ba666-3b2f-49bf-aec4-e595107bc95d" + }, + "spec": { + "active_deadline_seconds": null, + "affinity": null, + "automount_service_account_token": null, + "containers": [ + { + "args": null, + "command": [ + "/bin/sh", + "/usr/local/bin/pd_start_script.sh" + ], + "env": [ + { + "name": "NAMESPACE", + "value": null, + "value_from": { + "config_map_key_ref": null, + "field_ref": { + "api_version": "v1", + "field_path": "metadata.namespace" + }, + "resource_field_ref": null, + "secret_key_ref": null + } + }, + { + "name": "PEER_SERVICE_NAME", + "value": "test-cluster-pd-peer", + "value_from": null + }, + { + "name": "SERVICE_NAME", + "value": "test-cluster-pd", + "value_from": null + }, + { + "name": "SET_NAME", + "value": "test-cluster-pd", + "value_from": null + }, + { + "name": "TZ", + "value": "UTC", + "value_from": null + } + ], + "env_from": null, + "image": "pingcap/pd:v5.4.0", + "image_pull_policy": "IfNotPresent", + "lifecycle": null, + "liveness_probe": null, + "name": "pd", + "ports": [ + { + "container_port": 2380, + "host_ip": null, + "host_port": null, + "name": "server", + "protocol": "TCP" + }, + { + "container_port": 2379, + "host_ip": null, + "host_port": null, + "name": "client", + "protocol": "TCP" + } + ], + "readiness_probe": null, + "resources": { + "claims": null, + "limits": null, + "requests": null + }, + "security_context": null, + "startup_probe": null, + "stdin": null, + "stdin_once": null, + "termination_message_path": "/dev/termination-log", + "termination_message_policy": "File", + "tty": null, + "volume_devices": null, + "volume_mounts": [ + { + "mount_path": "/etc/podinfo", + "mount_propagation": null, + "name": "annotations", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/etc/pd", + "mount_propagation": null, + "name": "config", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/usr/local/bin", + "mount_propagation": null, + "name": "startup-script", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/var/lib/pd", + "mount_propagation": null, + "name": "pd", + "read_only": null, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/var/run/secrets/kubernetes.io/serviceaccount", + "mount_propagation": null, + "name": "kube-api-access-jwwwg", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + } + ], + "working_dir": null + } + ], + "dns_config": null, + "dns_policy": "ClusterFirst", + "enable_service_links": true, + "ephemeral_containers": null, + "host_aliases": null, + "host_ipc": null, + "host_network": null, + "host_pid": null, + "host_users": null, + "hostname": "test-cluster-pd-0", + "image_pull_secrets": null, + "init_containers": null, + "node_name": "acto-0-cluster-0-worker", + "node_selector": null, + "os": null, + "overhead": null, + "preemption_policy": "PreemptLowerPriority", + "priority": 0, + "priority_class_name": null, + "readiness_gates": null, + "resource_claims": null, + "restart_policy": "Always", + "runtime_class_name": null, + "scheduler_name": "default-scheduler", + "scheduling_gates": null, + "security_context": { + "fs_group": null, + "fs_group_change_policy": null, + "run_as_group": null, + "run_as_non_root": null, + "run_as_user": null, + "se_linux_options": null, + "seccomp_profile": null, + "supplemental_groups": null, + "sysctls": null, + "windows_options": null + }, + "service_account": "default", + "service_account_name": "default", + "set_hostname_as_fqdn": null, + "share_process_namespace": null, + "subdomain": "test-cluster-pd-peer", + "termination_grace_period_seconds": 30, + "tolerations": [ + { + "effect": "NoExecute", + "key": "node.kubernetes.io/not-ready", + "operator": "Exists", + "toleration_seconds": 300, + "value": null + }, + { + "effect": "NoExecute", + "key": "node.kubernetes.io/unreachable", + "operator": "Exists", + "toleration_seconds": 300, + "value": null + } + ], + "topology_spread_constraints": null, + "volumes": [ + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "pd", + "nfs": null, + "persistent_volume_claim": { + "claim_name": "pd-test-cluster-pd-0", + "read_only": null + }, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": { + "default_mode": 420, + "items": [ + { + "field_ref": { + "api_version": "v1", + "field_path": "metadata.annotations" + }, + "mode": null, + "path": "annotations", + "resource_field_ref": null + } + ] + }, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "annotations", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": { + "default_mode": 420, + "items": [ + { + "key": "config-file", + "mode": null, + "path": "pd.toml" + } + ], + "name": "test-cluster-pd-3731616", + "optional": null + }, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "config", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": { + "default_mode": 420, + "items": [ + { + "key": "startup-script", + "mode": null, + "path": "pd_start_script.sh" + } + ], + "name": "test-cluster-pd-3731616", + "optional": null + }, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "startup-script", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "kube-api-access-jwwwg", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": { + "default_mode": 420, + "sources": [ + { + "config_map": null, + "downward_api": null, + "secret": null, + "service_account_token": { + "audience": null, + "expiration_seconds": 3607, + "path": "token" + } + }, + { + "config_map": { + "items": [ + { + "key": "ca.crt", + "mode": null, + "path": "ca.crt" + } + ], + "name": "kube-root-ca.crt", + "optional": null + }, + "downward_api": null, + "secret": null, + "service_account_token": null + }, + { + "config_map": null, + "downward_api": { + "items": [ + { + "field_ref": { + "api_version": "v1", + "field_path": "metadata.namespace" + }, + "mode": null, + "path": "namespace", + "resource_field_ref": null + } + ] + }, + "secret": null, + "service_account_token": null + } + ] + }, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + } + ] + }, + "status": { + "conditions": [ + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T01:20:03+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "Initialized" + }, + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T01:20:26+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "Ready" + }, + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T01:20:26+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "ContainersReady" + }, + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T01:20:03+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "PodScheduled" + } + ], + "container_statuses": [ + { + "container_id": "containerd://27a3d82f16f69a11bf9dde6813844be50e843e3d53d63a441944e1f441d505f1", + "image": "docker.io/pingcap/pd:v5.4.0", + "image_id": "docker.io/library/import-2024-02-27@sha256:e69d83ac856c43909b810402d2fcbeb543ca3580d5be3ecfc008c3f522d89285", + "last_state": { + "running": null, + "terminated": { + "container_id": "containerd://20f57c8c5b28a8a4e754d8f7119707034f67a46a84eaf63987e9d2de84921b4a", + "exit_code": 1, + "finished_at": "2024-02-27T01:20:24+00:00", + "message": null, + "reason": "Error", + "signal": null, + "started_at": "2024-02-27T01:20:04+00:00" + }, + "waiting": null + }, + "name": "pd", + "ready": true, + "restart_count": 1, + "started": true, + "state": { + "running": { + "started_at": "2024-02-27T01:20:25+00:00" + }, + "terminated": null, + "waiting": null + } + } + ], + "ephemeral_container_statuses": null, + "host_ip": "172.18.0.2", + "init_container_statuses": null, + "message": null, + "nominated_node_name": null, + "phase": "Running", + "pod_ip": "10.244.1.4", + "pod_i_ps": [ + { + "ip": "10.244.1.4" + } + ], + "qos_class": "BestEffort", + "reason": null, + "start_time": "2024-02-27T01:20:03+00:00" + } + }, + "test-cluster-pd-1": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": { + "prometheus.io/path": "/metrics", + "prometheus.io/port": "2379", + "prometheus.io/scrape": "true" + }, + "creation_timestamp": "2024-02-27T01:19:59+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": "test-cluster-pd-", + "generation": null, + "labels": { + "app.kubernetes.io/component": "pd", + "app.kubernetes.io/instance": "test-cluster", + "app.kubernetes.io/managed-by": "tidb-operator", + "app.kubernetes.io/name": "tidb-cluster", + "apps.kubernetes.io/pod-index": "1", + "controller-revision-hash": "test-cluster-pd-859db88ddf", + "statefulset.kubernetes.io/pod-name": "test-cluster-pd-1", + "tidb.pingcap.com/cluster-id": "7340085439264123903", + "tidb.pingcap.com/member-id": "13142663148032253862" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + ".": {}, + "f:prometheus.io/path": {}, + "f:prometheus.io/port": {}, + "f:prometheus.io/scrape": {} + }, + "f:generateName": {}, + "f:labels": { + ".": {}, + "f:app.kubernetes.io/component": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {}, + "f:apps.kubernetes.io/pod-index": {}, + "f:controller-revision-hash": {}, + "f:statefulset.kubernetes.io/pod-name": {} + }, + "f:ownerReferences": { + ".": {}, + "k:{\"uid\":\"88522170-1faf-4a03-8d4e-f4f6a40c72a7\"}": {} + } + }, + "f:spec": { + "f:containers": { + "k:{\"name\":\"pd\"}": { + ".": {}, + "f:command": {}, + "f:env": { + ".": {}, + "k:{\"name\":\"NAMESPACE\"}": { + ".": {}, + "f:name": {}, + "f:valueFrom": { + ".": {}, + "f:fieldRef": {} + } + }, + "k:{\"name\":\"PEER_SERVICE_NAME\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"SERVICE_NAME\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"SET_NAME\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"TZ\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + } + }, + "f:image": {}, + "f:imagePullPolicy": {}, + "f:name": {}, + "f:ports": { + ".": {}, + "k:{\"containerPort\":2379,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + }, + "k:{\"containerPort\":2380,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + } + }, + "f:resources": {}, + "f:terminationMessagePath": {}, + "f:terminationMessagePolicy": {}, + "f:volumeMounts": { + ".": {}, + "k:{\"mountPath\":\"/etc/pd\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {}, + "f:readOnly": {} + }, + "k:{\"mountPath\":\"/etc/podinfo\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {}, + "f:readOnly": {} + }, + "k:{\"mountPath\":\"/usr/local/bin\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {}, + "f:readOnly": {} + }, + "k:{\"mountPath\":\"/var/lib/pd\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {} + } + } + } + }, + "f:dnsPolicy": {}, + "f:enableServiceLinks": {}, + "f:hostname": {}, + "f:restartPolicy": {}, + "f:schedulerName": {}, + "f:securityContext": {}, + "f:subdomain": {}, + "f:terminationGracePeriodSeconds": {}, + "f:volumes": { + ".": {}, + "k:{\"name\":\"annotations\"}": { + ".": {}, + "f:downwardAPI": { + ".": {}, + "f:defaultMode": {}, + "f:items": {} + }, + "f:name": {} + }, + "k:{\"name\":\"config\"}": { + ".": {}, + "f:configMap": { + ".": {}, + "f:defaultMode": {}, + "f:items": {}, + "f:name": {} + }, + "f:name": {} + }, + "k:{\"name\":\"pd\"}": { + ".": {}, + "f:name": {}, + "f:persistentVolumeClaim": { + ".": {}, + "f:claimName": {} + } + }, + "k:{\"name\":\"startup-script\"}": { + ".": {}, + "f:configMap": { + ".": {}, + "f:defaultMode": {}, + "f:items": {}, + "f:name": {} + }, + "f:name": {} + } + } + } + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:59+00:00" + }, + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:status": { + "f:conditions": { + "k:{\"type\":\"ContainersReady\"}": { + ".": {}, + "f:lastProbeTime": {}, + "f:lastTransitionTime": {}, + "f:status": {}, + "f:type": {} + }, + "k:{\"type\":\"Initialized\"}": { + ".": {}, + "f:lastProbeTime": {}, + "f:lastTransitionTime": {}, + "f:status": {}, + "f:type": {} + }, + "k:{\"type\":\"Ready\"}": { + ".": {}, + "f:lastProbeTime": {}, + "f:lastTransitionTime": {}, + "f:status": {}, + "f:type": {} + } + }, + "f:containerStatuses": {}, + "f:hostIP": {}, + "f:phase": {}, + "f:podIP": {}, + "f:podIPs": { + ".": {}, + "k:{\"ip\":\"10.244.2.5\"}": { + ".": {}, + "f:ip": {} + } + }, + "f:startTime": {} + } + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:04+00:00" + }, + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:labels": { + "f:tidb.pingcap.com/cluster-id": {}, + "f:tidb.pingcap.com/member-id": {} + } + } + }, + "manager": "tidb-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:52+00:00" + } + ], + "name": "test-cluster-pd-1", + "namespace": "acto-namespace", + "owner_references": [ + { + "api_version": "apps/v1", + "block_owner_deletion": true, + "controller": true, + "kind": "StatefulSet", + "name": "test-cluster-pd", + "uid": "88522170-1faf-4a03-8d4e-f4f6a40c72a7" + } + ], + "resource_version": "1340", + "self_link": null, + "uid": "fddcab1c-5c70-49b9-8a97-afe4d7dec60e" + }, + "spec": { + "active_deadline_seconds": null, + "affinity": null, + "automount_service_account_token": null, + "containers": [ + { + "args": null, + "command": [ + "/bin/sh", + "/usr/local/bin/pd_start_script.sh" + ], + "env": [ + { + "name": "NAMESPACE", + "value": null, + "value_from": { + "config_map_key_ref": null, + "field_ref": { + "api_version": "v1", + "field_path": "metadata.namespace" + }, + "resource_field_ref": null, + "secret_key_ref": null + } + }, + { + "name": "PEER_SERVICE_NAME", + "value": "test-cluster-pd-peer", + "value_from": null + }, + { + "name": "SERVICE_NAME", + "value": "test-cluster-pd", + "value_from": null + }, + { + "name": "SET_NAME", + "value": "test-cluster-pd", + "value_from": null + }, + { + "name": "TZ", + "value": "UTC", + "value_from": null + } + ], + "env_from": null, + "image": "pingcap/pd:v5.4.0", + "image_pull_policy": "IfNotPresent", + "lifecycle": null, + "liveness_probe": null, + "name": "pd", + "ports": [ + { + "container_port": 2380, + "host_ip": null, + "host_port": null, + "name": "server", + "protocol": "TCP" + }, + { + "container_port": 2379, + "host_ip": null, + "host_port": null, + "name": "client", + "protocol": "TCP" + } + ], + "readiness_probe": null, + "resources": { + "claims": null, + "limits": null, + "requests": null + }, + "security_context": null, + "startup_probe": null, + "stdin": null, + "stdin_once": null, + "termination_message_path": "/dev/termination-log", + "termination_message_policy": "File", + "tty": null, + "volume_devices": null, + "volume_mounts": [ + { + "mount_path": "/etc/podinfo", + "mount_propagation": null, + "name": "annotations", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/etc/pd", + "mount_propagation": null, + "name": "config", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/usr/local/bin", + "mount_propagation": null, + "name": "startup-script", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/var/lib/pd", + "mount_propagation": null, + "name": "pd", + "read_only": null, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/var/run/secrets/kubernetes.io/serviceaccount", + "mount_propagation": null, + "name": "kube-api-access-bclcz", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + } + ], + "working_dir": null + } + ], + "dns_config": null, + "dns_policy": "ClusterFirst", + "enable_service_links": true, + "ephemeral_containers": null, + "host_aliases": null, + "host_ipc": null, + "host_network": null, + "host_pid": null, + "host_users": null, + "hostname": "test-cluster-pd-1", + "image_pull_secrets": null, + "init_containers": null, + "node_name": "acto-0-cluster-0-worker2", + "node_selector": null, + "os": null, + "overhead": null, + "preemption_policy": "PreemptLowerPriority", + "priority": 0, + "priority_class_name": null, + "readiness_gates": null, + "resource_claims": null, + "restart_policy": "Always", + "runtime_class_name": null, + "scheduler_name": "default-scheduler", + "scheduling_gates": null, + "security_context": { + "fs_group": null, + "fs_group_change_policy": null, + "run_as_group": null, + "run_as_non_root": null, + "run_as_user": null, + "se_linux_options": null, + "seccomp_profile": null, + "supplemental_groups": null, + "sysctls": null, + "windows_options": null + }, + "service_account": "default", + "service_account_name": "default", + "set_hostname_as_fqdn": null, + "share_process_namespace": null, + "subdomain": "test-cluster-pd-peer", + "termination_grace_period_seconds": 30, + "tolerations": [ + { + "effect": "NoExecute", + "key": "node.kubernetes.io/not-ready", + "operator": "Exists", + "toleration_seconds": 300, + "value": null + }, + { + "effect": "NoExecute", + "key": "node.kubernetes.io/unreachable", + "operator": "Exists", + "toleration_seconds": 300, + "value": null + } + ], + "topology_spread_constraints": null, + "volumes": [ + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "pd", + "nfs": null, + "persistent_volume_claim": { + "claim_name": "pd-test-cluster-pd-1", + "read_only": null + }, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": { + "default_mode": 420, + "items": [ + { + "field_ref": { + "api_version": "v1", + "field_path": "metadata.annotations" + }, + "mode": null, + "path": "annotations", + "resource_field_ref": null + } + ] + }, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "annotations", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": { + "default_mode": 420, + "items": [ + { + "key": "config-file", + "mode": null, + "path": "pd.toml" + } + ], + "name": "test-cluster-pd-3731616", + "optional": null + }, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "config", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": { + "default_mode": 420, + "items": [ + { + "key": "startup-script", + "mode": null, + "path": "pd_start_script.sh" + } + ], + "name": "test-cluster-pd-3731616", + "optional": null + }, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "startup-script", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "kube-api-access-bclcz", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": { + "default_mode": 420, + "sources": [ + { + "config_map": null, + "downward_api": null, + "secret": null, + "service_account_token": { + "audience": null, + "expiration_seconds": 3607, + "path": "token" + } + }, + { + "config_map": { + "items": [ + { + "key": "ca.crt", + "mode": null, + "path": "ca.crt" + } + ], + "name": "kube-root-ca.crt", + "optional": null + }, + "downward_api": null, + "secret": null, + "service_account_token": null + }, + { + "config_map": null, + "downward_api": { + "items": [ + { + "field_ref": { + "api_version": "v1", + "field_path": "metadata.namespace" + }, + "mode": null, + "path": "namespace", + "resource_field_ref": null + } + ] + }, + "secret": null, + "service_account_token": null + } + ] + }, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + } + ] + }, + "status": { + "conditions": [ + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T01:20:03+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "Initialized" + }, + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T01:20:04+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "Ready" + }, + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T01:20:04+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "ContainersReady" + }, + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T01:20:03+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "PodScheduled" + } + ], + "container_statuses": [ + { + "container_id": "containerd://0a7d143f5be0063988eb0aef7c4aa201ac0ecd29e34a77c5d3e3e0c4d420b13f", + "image": "docker.io/pingcap/pd:v5.4.0", + "image_id": "docker.io/library/import-2024-02-27@sha256:e69d83ac856c43909b810402d2fcbeb543ca3580d5be3ecfc008c3f522d89285", + "last_state": { + "running": null, + "terminated": null, + "waiting": null + }, + "name": "pd", + "ready": true, + "restart_count": 0, + "started": true, + "state": { + "running": { + "started_at": "2024-02-27T01:20:04+00:00" + }, + "terminated": null, + "waiting": null + } + } + ], + "ephemeral_container_statuses": null, + "host_ip": "172.18.0.5", + "init_container_statuses": null, + "message": null, + "nominated_node_name": null, + "phase": "Running", + "pod_ip": "10.244.2.5", + "pod_i_ps": [ + { + "ip": "10.244.2.5" + } + ], + "qos_class": "BestEffort", + "reason": null, + "start_time": "2024-02-27T01:20:03+00:00" + } + }, + "test-cluster-pd-2": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": { + "prometheus.io/path": "/metrics", + "prometheus.io/port": "2379", + "prometheus.io/scrape": "true" + }, + "creation_timestamp": "2024-02-27T01:19:59+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": "test-cluster-pd-", + "generation": null, + "labels": { + "app.kubernetes.io/component": "pd", + "app.kubernetes.io/instance": "test-cluster", + "app.kubernetes.io/managed-by": "tidb-operator", + "app.kubernetes.io/name": "tidb-cluster", + "apps.kubernetes.io/pod-index": "2", + "controller-revision-hash": "test-cluster-pd-859db88ddf", + "statefulset.kubernetes.io/pod-name": "test-cluster-pd-2", + "tidb.pingcap.com/cluster-id": "7340085439264123903", + "tidb.pingcap.com/member-id": "5110389971597451409" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + ".": {}, + "f:prometheus.io/path": {}, + "f:prometheus.io/port": {}, + "f:prometheus.io/scrape": {} + }, + "f:generateName": {}, + "f:labels": { + ".": {}, + "f:app.kubernetes.io/component": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {}, + "f:apps.kubernetes.io/pod-index": {}, + "f:controller-revision-hash": {}, + "f:statefulset.kubernetes.io/pod-name": {} + }, + "f:ownerReferences": { + ".": {}, + "k:{\"uid\":\"88522170-1faf-4a03-8d4e-f4f6a40c72a7\"}": {} + } + }, + "f:spec": { + "f:containers": { + "k:{\"name\":\"pd\"}": { + ".": {}, + "f:command": {}, + "f:env": { + ".": {}, + "k:{\"name\":\"NAMESPACE\"}": { + ".": {}, + "f:name": {}, + "f:valueFrom": { + ".": {}, + "f:fieldRef": {} + } + }, + "k:{\"name\":\"PEER_SERVICE_NAME\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"SERVICE_NAME\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"SET_NAME\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"TZ\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + } + }, + "f:image": {}, + "f:imagePullPolicy": {}, + "f:name": {}, + "f:ports": { + ".": {}, + "k:{\"containerPort\":2379,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + }, + "k:{\"containerPort\":2380,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + } + }, + "f:resources": {}, + "f:terminationMessagePath": {}, + "f:terminationMessagePolicy": {}, + "f:volumeMounts": { + ".": {}, + "k:{\"mountPath\":\"/etc/pd\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {}, + "f:readOnly": {} + }, + "k:{\"mountPath\":\"/etc/podinfo\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {}, + "f:readOnly": {} + }, + "k:{\"mountPath\":\"/usr/local/bin\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {}, + "f:readOnly": {} + }, + "k:{\"mountPath\":\"/var/lib/pd\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {} + } + } + } + }, + "f:dnsPolicy": {}, + "f:enableServiceLinks": {}, + "f:hostname": {}, + "f:restartPolicy": {}, + "f:schedulerName": {}, + "f:securityContext": {}, + "f:subdomain": {}, + "f:terminationGracePeriodSeconds": {}, + "f:volumes": { + ".": {}, + "k:{\"name\":\"annotations\"}": { + ".": {}, + "f:downwardAPI": { + ".": {}, + "f:defaultMode": {}, + "f:items": {} + }, + "f:name": {} + }, + "k:{\"name\":\"config\"}": { + ".": {}, + "f:configMap": { + ".": {}, + "f:defaultMode": {}, + "f:items": {}, + "f:name": {} + }, + "f:name": {} + }, + "k:{\"name\":\"pd\"}": { + ".": {}, + "f:name": {}, + "f:persistentVolumeClaim": { + ".": {}, + "f:claimName": {} + } + }, + "k:{\"name\":\"startup-script\"}": { + ".": {}, + "f:configMap": { + ".": {}, + "f:defaultMode": {}, + "f:items": {}, + "f:name": {} + }, + "f:name": {} + } + } + } + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:59+00:00" + }, + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:status": { + "f:conditions": { + "k:{\"type\":\"ContainersReady\"}": { + ".": {}, + "f:lastProbeTime": {}, + "f:lastTransitionTime": {}, + "f:status": {}, + "f:type": {} + }, + "k:{\"type\":\"Initialized\"}": { + ".": {}, + "f:lastProbeTime": {}, + "f:lastTransitionTime": {}, + "f:status": {}, + "f:type": {} + }, + "k:{\"type\":\"Ready\"}": { + ".": {}, + "f:lastProbeTime": {}, + "f:lastTransitionTime": {}, + "f:status": {}, + "f:type": {} + } + }, + "f:containerStatuses": {}, + "f:hostIP": {}, + "f:phase": {}, + "f:podIP": {}, + "f:podIPs": { + ".": {}, + "k:{\"ip\":\"10.244.3.5\"}": { + ".": {}, + "f:ip": {} + } + }, + "f:startTime": {} + } + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:05+00:00" + }, + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:labels": { + "f:tidb.pingcap.com/cluster-id": {}, + "f:tidb.pingcap.com/member-id": {} + } + } + }, + "manager": "tidb-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:52+00:00" + } + ], + "name": "test-cluster-pd-2", + "namespace": "acto-namespace", + "owner_references": [ + { + "api_version": "apps/v1", + "block_owner_deletion": true, + "controller": true, + "kind": "StatefulSet", + "name": "test-cluster-pd", + "uid": "88522170-1faf-4a03-8d4e-f4f6a40c72a7" + } + ], + "resource_version": "1354", + "self_link": null, + "uid": "6c47980f-aa16-4023-b5b9-150257844cb0" + }, + "spec": { + "active_deadline_seconds": null, + "affinity": null, + "automount_service_account_token": null, + "containers": [ + { + "args": null, + "command": [ + "/bin/sh", + "/usr/local/bin/pd_start_script.sh" + ], + "env": [ + { + "name": "NAMESPACE", + "value": null, + "value_from": { + "config_map_key_ref": null, + "field_ref": { + "api_version": "v1", + "field_path": "metadata.namespace" + }, + "resource_field_ref": null, + "secret_key_ref": null + } + }, + { + "name": "PEER_SERVICE_NAME", + "value": "test-cluster-pd-peer", + "value_from": null + }, + { + "name": "SERVICE_NAME", + "value": "test-cluster-pd", + "value_from": null + }, + { + "name": "SET_NAME", + "value": "test-cluster-pd", + "value_from": null + }, + { + "name": "TZ", + "value": "UTC", + "value_from": null + } + ], + "env_from": null, + "image": "pingcap/pd:v5.4.0", + "image_pull_policy": "IfNotPresent", + "lifecycle": null, + "liveness_probe": null, + "name": "pd", + "ports": [ + { + "container_port": 2380, + "host_ip": null, + "host_port": null, + "name": "server", + "protocol": "TCP" + }, + { + "container_port": 2379, + "host_ip": null, + "host_port": null, + "name": "client", + "protocol": "TCP" + } + ], + "readiness_probe": null, + "resources": { + "claims": null, + "limits": null, + "requests": null + }, + "security_context": null, + "startup_probe": null, + "stdin": null, + "stdin_once": null, + "termination_message_path": "/dev/termination-log", + "termination_message_policy": "File", + "tty": null, + "volume_devices": null, + "volume_mounts": [ + { + "mount_path": "/etc/podinfo", + "mount_propagation": null, + "name": "annotations", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/etc/pd", + "mount_propagation": null, + "name": "config", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/usr/local/bin", + "mount_propagation": null, + "name": "startup-script", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/var/lib/pd", + "mount_propagation": null, + "name": "pd", + "read_only": null, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/var/run/secrets/kubernetes.io/serviceaccount", + "mount_propagation": null, + "name": "kube-api-access-656c8", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + } + ], + "working_dir": null + } + ], + "dns_config": null, + "dns_policy": "ClusterFirst", + "enable_service_links": true, + "ephemeral_containers": null, + "host_aliases": null, + "host_ipc": null, + "host_network": null, + "host_pid": null, + "host_users": null, + "hostname": "test-cluster-pd-2", + "image_pull_secrets": null, + "init_containers": null, + "node_name": "acto-0-cluster-0-worker3", + "node_selector": null, + "os": null, + "overhead": null, + "preemption_policy": "PreemptLowerPriority", + "priority": 0, + "priority_class_name": null, + "readiness_gates": null, + "resource_claims": null, + "restart_policy": "Always", + "runtime_class_name": null, + "scheduler_name": "default-scheduler", + "scheduling_gates": null, + "security_context": { + "fs_group": null, + "fs_group_change_policy": null, + "run_as_group": null, + "run_as_non_root": null, + "run_as_user": null, + "se_linux_options": null, + "seccomp_profile": null, + "supplemental_groups": null, + "sysctls": null, + "windows_options": null + }, + "service_account": "default", + "service_account_name": "default", + "set_hostname_as_fqdn": null, + "share_process_namespace": null, + "subdomain": "test-cluster-pd-peer", + "termination_grace_period_seconds": 30, + "tolerations": [ + { + "effect": "NoExecute", + "key": "node.kubernetes.io/not-ready", + "operator": "Exists", + "toleration_seconds": 300, + "value": null + }, + { + "effect": "NoExecute", + "key": "node.kubernetes.io/unreachable", + "operator": "Exists", + "toleration_seconds": 300, + "value": null + } + ], + "topology_spread_constraints": null, + "volumes": [ + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "pd", + "nfs": null, + "persistent_volume_claim": { + "claim_name": "pd-test-cluster-pd-2", + "read_only": null + }, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": { + "default_mode": 420, + "items": [ + { + "field_ref": { + "api_version": "v1", + "field_path": "metadata.annotations" + }, + "mode": null, + "path": "annotations", + "resource_field_ref": null + } + ] + }, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "annotations", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": { + "default_mode": 420, + "items": [ + { + "key": "config-file", + "mode": null, + "path": "pd.toml" + } + ], + "name": "test-cluster-pd-3731616", + "optional": null + }, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "config", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": { + "default_mode": 420, + "items": [ + { + "key": "startup-script", + "mode": null, + "path": "pd_start_script.sh" + } + ], + "name": "test-cluster-pd-3731616", + "optional": null + }, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "startup-script", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "kube-api-access-656c8", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": { + "default_mode": 420, + "sources": [ + { + "config_map": null, + "downward_api": null, + "secret": null, + "service_account_token": { + "audience": null, + "expiration_seconds": 3607, + "path": "token" + } + }, + { + "config_map": { + "items": [ + { + "key": "ca.crt", + "mode": null, + "path": "ca.crt" + } + ], + "name": "kube-root-ca.crt", + "optional": null + }, + "downward_api": null, + "secret": null, + "service_account_token": null + }, + { + "config_map": null, + "downward_api": { + "items": [ + { + "field_ref": { + "api_version": "v1", + "field_path": "metadata.namespace" + }, + "mode": null, + "path": "namespace", + "resource_field_ref": null + } + ] + }, + "secret": null, + "service_account_token": null + } + ] + }, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + } + ] + }, + "status": { + "conditions": [ + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T01:20:03+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "Initialized" + }, + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T01:20:05+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "Ready" + }, + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T01:20:05+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "ContainersReady" + }, + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T01:20:03+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "PodScheduled" + } + ], + "container_statuses": [ + { + "container_id": "containerd://4cfe567e533bd251147cb392cc365315c020abcd2441c32cdfffc0a08ad62b43", + "image": "docker.io/pingcap/pd:v5.4.0", + "image_id": "docker.io/library/import-2024-02-27@sha256:e69d83ac856c43909b810402d2fcbeb543ca3580d5be3ecfc008c3f522d89285", + "last_state": { + "running": null, + "terminated": null, + "waiting": null + }, + "name": "pd", + "ready": true, + "restart_count": 0, + "started": true, + "state": { + "running": { + "started_at": "2024-02-27T01:20:04+00:00" + }, + "terminated": null, + "waiting": null + } + } + ], + "ephemeral_container_statuses": null, + "host_ip": "172.18.0.3", + "init_container_statuses": null, + "message": null, + "nominated_node_name": null, + "phase": "Running", + "pod_ip": "10.244.3.5", + "pod_i_ps": [ + { + "ip": "10.244.3.5" + } + ], + "qos_class": "BestEffort", + "reason": null, + "start_time": "2024-02-27T01:20:03+00:00" + } + }, + "test-cluster-tidb-0": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": { + "prometheus.io/path": "/metrics", + "prometheus.io/port": "10080", + "prometheus.io/scrape": "true" + }, + "creation_timestamp": "2024-02-27T01:20:52+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": "test-cluster-tidb-", + "generation": null, + "labels": { + "app.kubernetes.io/component": "tidb", + "app.kubernetes.io/instance": "test-cluster", + "app.kubernetes.io/managed-by": "tidb-operator", + "app.kubernetes.io/name": "tidb-cluster", + "apps.kubernetes.io/pod-index": "0", + "controller-revision-hash": "test-cluster-tidb-788bdc6cfc", + "statefulset.kubernetes.io/pod-name": "test-cluster-tidb-0", + "tidb.pingcap.com/cluster-id": "7340085439264123903" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + ".": {}, + "f:prometheus.io/path": {}, + "f:prometheus.io/port": {}, + "f:prometheus.io/scrape": {} + }, + "f:generateName": {}, + "f:labels": { + ".": {}, + "f:app.kubernetes.io/component": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {}, + "f:apps.kubernetes.io/pod-index": {}, + "f:controller-revision-hash": {}, + "f:statefulset.kubernetes.io/pod-name": {} + }, + "f:ownerReferences": { + ".": {}, + "k:{\"uid\":\"275a96f1-4db6-4070-a665-2df5d784b843\"}": {} + } + }, + "f:spec": { + "f:containers": { + "k:{\"name\":\"slowlog\"}": { + ".": {}, + "f:command": {}, + "f:image": {}, + "f:imagePullPolicy": {}, + "f:name": {}, + "f:resources": {}, + "f:terminationMessagePath": {}, + "f:terminationMessagePolicy": {}, + "f:volumeMounts": { + ".": {}, + "k:{\"mountPath\":\"/var/log/tidb\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {} + } + } + }, + "k:{\"name\":\"tidb\"}": { + ".": {}, + "f:command": {}, + "f:env": { + ".": {}, + "k:{\"name\":\"BINLOG_ENABLED\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"CLUSTER_NAME\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"HEADLESS_SERVICE_NAME\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"NAMESPACE\"}": { + ".": {}, + "f:name": {}, + "f:valueFrom": { + ".": {}, + "f:fieldRef": {} + } + }, + "k:{\"name\":\"POD_NAME\"}": { + ".": {}, + "f:name": {}, + "f:valueFrom": { + ".": {}, + "f:fieldRef": {} + } + }, + "k:{\"name\":\"SLOW_LOG_FILE\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"TZ\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + } + }, + "f:image": {}, + "f:imagePullPolicy": {}, + "f:name": {}, + "f:ports": { + ".": {}, + "k:{\"containerPort\":4000,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + }, + "k:{\"containerPort\":10080,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + } + }, + "f:readinessProbe": { + ".": {}, + "f:failureThreshold": {}, + "f:initialDelaySeconds": {}, + "f:periodSeconds": {}, + "f:successThreshold": {}, + "f:tcpSocket": { + ".": {}, + "f:port": {} + }, + "f:timeoutSeconds": {} + }, + "f:resources": {}, + "f:terminationMessagePath": {}, + "f:terminationMessagePolicy": {}, + "f:volumeMounts": { + ".": {}, + "k:{\"mountPath\":\"/etc/podinfo\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {}, + "f:readOnly": {} + }, + "k:{\"mountPath\":\"/etc/tidb\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {}, + "f:readOnly": {} + }, + "k:{\"mountPath\":\"/usr/local/bin\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {}, + "f:readOnly": {} + }, + "k:{\"mountPath\":\"/var/log/tidb\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {} + } + } + } + }, + "f:dnsPolicy": {}, + "f:enableServiceLinks": {}, + "f:hostname": {}, + "f:restartPolicy": {}, + "f:schedulerName": {}, + "f:securityContext": {}, + "f:subdomain": {}, + "f:terminationGracePeriodSeconds": {}, + "f:volumes": { + ".": {}, + "k:{\"name\":\"annotations\"}": { + ".": {}, + "f:downwardAPI": { + ".": {}, + "f:defaultMode": {}, + "f:items": {} + }, + "f:name": {} + }, + "k:{\"name\":\"config\"}": { + ".": {}, + "f:configMap": { + ".": {}, + "f:defaultMode": {}, + "f:items": {}, + "f:name": {} + }, + "f:name": {} + }, + "k:{\"name\":\"slowlog\"}": { + ".": {}, + "f:emptyDir": {}, + "f:name": {} + }, + "k:{\"name\":\"startup-script\"}": { + ".": {}, + "f:configMap": { + ".": {}, + "f:defaultMode": {}, + "f:items": {}, + "f:name": {} + }, + "f:name": {} + } + } + } + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:52+00:00" + }, + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:status": { + "f:conditions": { + "k:{\"type\":\"ContainersReady\"}": { + ".": {}, + "f:lastProbeTime": {}, + "f:type": {} + }, + "k:{\"type\":\"Initialized\"}": { + ".": {}, + "f:lastProbeTime": {}, + "f:lastTransitionTime": {}, + "f:status": {}, + "f:type": {} + }, + "k:{\"type\":\"Ready\"}": { + ".": {}, + "f:lastProbeTime": {}, + "f:type": {} + } + }, + "f:hostIP": {}, + "f:phase": {}, + "f:podIP": {}, + "f:podIPs": { + ".": {}, + "k:{\"ip\":\"10.244.1.7\"}": { + ".": {}, + "f:ip": {} + } + }, + "f:startTime": {} + } + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:53+00:00" + }, + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:labels": { + "f:tidb.pingcap.com/cluster-id": {} + } + } + }, + "manager": "tidb-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:56+00:00" + }, + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:status": { + "f:conditions": { + "k:{\"type\":\"ContainersReady\"}": { + "f:lastTransitionTime": {}, + "f:status": {} + }, + "k:{\"type\":\"Ready\"}": { + "f:lastTransitionTime": {}, + "f:status": {} + } + }, + "f:containerStatuses": {} + } + }, + "manager": "kubelet", + "operation": "Update", + "subresource": "status", + "time": "2024-02-27T01:21:12+00:00" + } + ], + "name": "test-cluster-tidb-0", + "namespace": "acto-namespace", + "owner_references": [ + { + "api_version": "apps/v1", + "block_owner_deletion": true, + "controller": true, + "kind": "StatefulSet", + "name": "test-cluster-tidb", + "uid": "275a96f1-4db6-4070-a665-2df5d784b843" + } + ], + "resource_version": "1476", + "self_link": null, + "uid": "33b4a064-47e7-4ea8-a6eb-4638ba7c5753" + }, + "spec": { + "active_deadline_seconds": null, + "affinity": null, + "automount_service_account_token": null, + "containers": [ + { + "args": null, + "command": [ + "sh", + "-c", + "touch /var/log/tidb/slowlog; tail -n0 -F /var/log/tidb/slowlog;" + ], + "env": null, + "env_from": null, + "image": "busybox:1.34.1", + "image_pull_policy": "IfNotPresent", + "lifecycle": null, + "liveness_probe": null, + "name": "slowlog", + "ports": null, + "readiness_probe": null, + "resources": { + "claims": null, + "limits": null, + "requests": null + }, + "security_context": null, + "startup_probe": null, + "stdin": null, + "stdin_once": null, + "termination_message_path": "/dev/termination-log", + "termination_message_policy": "File", + "tty": null, + "volume_devices": null, + "volume_mounts": [ + { + "mount_path": "/var/log/tidb", + "mount_propagation": null, + "name": "slowlog", + "read_only": null, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/var/run/secrets/kubernetes.io/serviceaccount", + "mount_propagation": null, + "name": "kube-api-access-bn9wq", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + } + ], + "working_dir": null + }, + { + "args": null, + "command": [ + "/bin/sh", + "/usr/local/bin/tidb_start_script.sh" + ], + "env": [ + { + "name": "CLUSTER_NAME", + "value": "test-cluster", + "value_from": null + }, + { + "name": "TZ", + "value": "UTC", + "value_from": null + }, + { + "name": "BINLOG_ENABLED", + "value": "false", + "value_from": null + }, + { + "name": "SLOW_LOG_FILE", + "value": "/var/log/tidb/slowlog", + "value_from": null + }, + { + "name": "POD_NAME", + "value": null, + "value_from": { + "config_map_key_ref": null, + "field_ref": { + "api_version": "v1", + "field_path": "metadata.name" + }, + "resource_field_ref": null, + "secret_key_ref": null + } + }, + { + "name": "NAMESPACE", + "value": null, + "value_from": { + "config_map_key_ref": null, + "field_ref": { + "api_version": "v1", + "field_path": "metadata.namespace" + }, + "resource_field_ref": null, + "secret_key_ref": null + } + }, + { + "name": "HEADLESS_SERVICE_NAME", + "value": "test-cluster-tidb-peer", + "value_from": null + } + ], + "env_from": null, + "image": "pingcap/tidb:v5.4.0", + "image_pull_policy": "IfNotPresent", + "lifecycle": null, + "liveness_probe": null, + "name": "tidb", + "ports": [ + { + "container_port": 4000, + "host_ip": null, + "host_port": null, + "name": "server", + "protocol": "TCP" + }, + { + "container_port": 10080, + "host_ip": null, + "host_port": null, + "name": "status", + "protocol": "TCP" + } + ], + "readiness_probe": { + "_exec": null, + "failure_threshold": 3, + "grpc": null, + "http_get": null, + "initial_delay_seconds": 10, + "period_seconds": 10, + "success_threshold": 1, + "tcp_socket": { + "host": null, + "port": 4000 + }, + "termination_grace_period_seconds": null, + "timeout_seconds": 1 + }, + "resources": { + "claims": null, + "limits": null, + "requests": null + }, + "security_context": null, + "startup_probe": null, + "stdin": null, + "stdin_once": null, + "termination_message_path": "/dev/termination-log", + "termination_message_policy": "File", + "tty": null, + "volume_devices": null, + "volume_mounts": [ + { + "mount_path": "/etc/podinfo", + "mount_propagation": null, + "name": "annotations", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/etc/tidb", + "mount_propagation": null, + "name": "config", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/usr/local/bin", + "mount_propagation": null, + "name": "startup-script", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/var/log/tidb", + "mount_propagation": null, + "name": "slowlog", + "read_only": null, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/var/run/secrets/kubernetes.io/serviceaccount", + "mount_propagation": null, + "name": "kube-api-access-bn9wq", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + } + ], + "working_dir": null + } + ], + "dns_config": null, + "dns_policy": "ClusterFirst", + "enable_service_links": true, + "ephemeral_containers": null, + "host_aliases": null, + "host_ipc": null, + "host_network": null, + "host_pid": null, + "host_users": null, + "hostname": "test-cluster-tidb-0", + "image_pull_secrets": null, + "init_containers": null, + "node_name": "acto-0-cluster-0-worker", + "node_selector": null, + "os": null, + "overhead": null, + "preemption_policy": "PreemptLowerPriority", + "priority": 0, + "priority_class_name": null, + "readiness_gates": null, + "resource_claims": null, + "restart_policy": "Always", + "runtime_class_name": null, + "scheduler_name": "default-scheduler", + "scheduling_gates": null, + "security_context": { + "fs_group": null, + "fs_group_change_policy": null, + "run_as_group": null, + "run_as_non_root": null, + "run_as_user": null, + "se_linux_options": null, + "seccomp_profile": null, + "supplemental_groups": null, + "sysctls": null, + "windows_options": null + }, + "service_account": "default", + "service_account_name": "default", + "set_hostname_as_fqdn": null, + "share_process_namespace": null, + "subdomain": "test-cluster-tidb-peer", + "termination_grace_period_seconds": 30, + "tolerations": [ + { + "effect": "NoExecute", + "key": "node.kubernetes.io/not-ready", + "operator": "Exists", + "toleration_seconds": 300, + "value": null + }, + { + "effect": "NoExecute", + "key": "node.kubernetes.io/unreachable", + "operator": "Exists", + "toleration_seconds": 300, + "value": null + } + ], + "topology_spread_constraints": null, + "volumes": [ + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": { + "default_mode": 420, + "items": [ + { + "field_ref": { + "api_version": "v1", + "field_path": "metadata.annotations" + }, + "mode": null, + "path": "annotations", + "resource_field_ref": null + } + ] + }, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "annotations", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": { + "default_mode": 420, + "items": [ + { + "key": "config-file", + "mode": null, + "path": "tidb.toml" + } + ], + "name": "test-cluster-tidb-6662316", + "optional": null + }, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "config", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": { + "default_mode": 420, + "items": [ + { + "key": "startup-script", + "mode": null, + "path": "tidb_start_script.sh" + } + ], + "name": "test-cluster-tidb-6662316", + "optional": null + }, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "startup-script", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": null, + "empty_dir": { + "medium": null, + "size_limit": null + }, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "slowlog", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "kube-api-access-bn9wq", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": { + "default_mode": 420, + "sources": [ + { + "config_map": null, + "downward_api": null, + "secret": null, + "service_account_token": { + "audience": null, + "expiration_seconds": 3607, + "path": "token" + } + }, + { + "config_map": { + "items": [ + { + "key": "ca.crt", + "mode": null, + "path": "ca.crt" + } + ], + "name": "kube-root-ca.crt", + "optional": null + }, + "downward_api": null, + "secret": null, + "service_account_token": null + }, + { + "config_map": null, + "downward_api": { + "items": [ + { + "field_ref": { + "api_version": "v1", + "field_path": "metadata.namespace" + }, + "mode": null, + "path": "namespace", + "resource_field_ref": null + } + ] + }, + "secret": null, + "service_account_token": null + } + ] + }, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + } + ] + }, + "status": { + "conditions": [ + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T01:20:52+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "Initialized" + }, + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T01:21:12+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "Ready" + }, + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T01:21:12+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "ContainersReady" + }, + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T01:20:52+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "PodScheduled" + } + ], + "container_statuses": [ + { + "container_id": "containerd://2ad24452cf6402683212a2d6d2849bc1145c5e44bddeb8e4baa6302f36f3a8c7", + "image": "docker.io/library/busybox:1.34.1", + "image_id": "docker.io/library/import-2024-02-27@sha256:c4d04d75f4fed737c946055f12e8eae66b6272e59afc5c9ed865428d7c215dad", + "last_state": { + "running": null, + "terminated": null, + "waiting": null + }, + "name": "slowlog", + "ready": true, + "restart_count": 0, + "started": true, + "state": { + "running": { + "started_at": "2024-02-27T01:20:52+00:00" + }, + "terminated": null, + "waiting": null + } + }, + { + "container_id": "containerd://f444e63c46317f049b2930f01b3386f18d2cbd204fef61c0c0959c564a310e03", + "image": "docker.io/pingcap/tidb:v5.4.0", + "image_id": "docker.io/library/import-2024-02-27@sha256:a79108254173688e4d6f8502e165ed9ef323e4af82c390a2afa40c6dfa4aa712", + "last_state": { + "running": null, + "terminated": null, + "waiting": null + }, + "name": "tidb", + "ready": true, + "restart_count": 0, + "started": true, + "state": { + "running": { + "started_at": "2024-02-27T01:20:53+00:00" + }, + "terminated": null, + "waiting": null + } + } + ], + "ephemeral_container_statuses": null, + "host_ip": "172.18.0.2", + "init_container_statuses": null, + "message": null, + "nominated_node_name": null, + "phase": "Running", + "pod_ip": "10.244.1.7", + "pod_i_ps": [ + { + "ip": "10.244.1.7" + } + ], + "qos_class": "BestEffort", + "reason": null, + "start_time": "2024-02-27T01:20:52+00:00" + } + }, + "test-cluster-tidb-1": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": { + "prometheus.io/path": "/metrics", + "prometheus.io/port": "10080", + "prometheus.io/scrape": "true" + }, + "creation_timestamp": "2024-02-27T01:20:52+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": "test-cluster-tidb-", + "generation": null, + "labels": { + "app.kubernetes.io/component": "tidb", + "app.kubernetes.io/instance": "test-cluster", + "app.kubernetes.io/managed-by": "tidb-operator", + "app.kubernetes.io/name": "tidb-cluster", + "apps.kubernetes.io/pod-index": "1", + "controller-revision-hash": "test-cluster-tidb-788bdc6cfc", + "statefulset.kubernetes.io/pod-name": "test-cluster-tidb-1", + "tidb.pingcap.com/cluster-id": "7340085439264123903" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + ".": {}, + "f:prometheus.io/path": {}, + "f:prometheus.io/port": {}, + "f:prometheus.io/scrape": {} + }, + "f:generateName": {}, + "f:labels": { + ".": {}, + "f:app.kubernetes.io/component": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {}, + "f:apps.kubernetes.io/pod-index": {}, + "f:controller-revision-hash": {}, + "f:statefulset.kubernetes.io/pod-name": {} + }, + "f:ownerReferences": { + ".": {}, + "k:{\"uid\":\"275a96f1-4db6-4070-a665-2df5d784b843\"}": {} + } + }, + "f:spec": { + "f:containers": { + "k:{\"name\":\"slowlog\"}": { + ".": {}, + "f:command": {}, + "f:image": {}, + "f:imagePullPolicy": {}, + "f:name": {}, + "f:resources": {}, + "f:terminationMessagePath": {}, + "f:terminationMessagePolicy": {}, + "f:volumeMounts": { + ".": {}, + "k:{\"mountPath\":\"/var/log/tidb\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {} + } + } + }, + "k:{\"name\":\"tidb\"}": { + ".": {}, + "f:command": {}, + "f:env": { + ".": {}, + "k:{\"name\":\"BINLOG_ENABLED\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"CLUSTER_NAME\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"HEADLESS_SERVICE_NAME\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"NAMESPACE\"}": { + ".": {}, + "f:name": {}, + "f:valueFrom": { + ".": {}, + "f:fieldRef": {} + } + }, + "k:{\"name\":\"POD_NAME\"}": { + ".": {}, + "f:name": {}, + "f:valueFrom": { + ".": {}, + "f:fieldRef": {} + } + }, + "k:{\"name\":\"SLOW_LOG_FILE\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"TZ\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + } + }, + "f:image": {}, + "f:imagePullPolicy": {}, + "f:name": {}, + "f:ports": { + ".": {}, + "k:{\"containerPort\":4000,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + }, + "k:{\"containerPort\":10080,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + } + }, + "f:readinessProbe": { + ".": {}, + "f:failureThreshold": {}, + "f:initialDelaySeconds": {}, + "f:periodSeconds": {}, + "f:successThreshold": {}, + "f:tcpSocket": { + ".": {}, + "f:port": {} + }, + "f:timeoutSeconds": {} + }, + "f:resources": {}, + "f:terminationMessagePath": {}, + "f:terminationMessagePolicy": {}, + "f:volumeMounts": { + ".": {}, + "k:{\"mountPath\":\"/etc/podinfo\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {}, + "f:readOnly": {} + }, + "k:{\"mountPath\":\"/etc/tidb\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {}, + "f:readOnly": {} + }, + "k:{\"mountPath\":\"/usr/local/bin\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {}, + "f:readOnly": {} + }, + "k:{\"mountPath\":\"/var/log/tidb\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {} + } + } + } + }, + "f:dnsPolicy": {}, + "f:enableServiceLinks": {}, + "f:hostname": {}, + "f:restartPolicy": {}, + "f:schedulerName": {}, + "f:securityContext": {}, + "f:subdomain": {}, + "f:terminationGracePeriodSeconds": {}, + "f:volumes": { + ".": {}, + "k:{\"name\":\"annotations\"}": { + ".": {}, + "f:downwardAPI": { + ".": {}, + "f:defaultMode": {}, + "f:items": {} + }, + "f:name": {} + }, + "k:{\"name\":\"config\"}": { + ".": {}, + "f:configMap": { + ".": {}, + "f:defaultMode": {}, + "f:items": {}, + "f:name": {} + }, + "f:name": {} + }, + "k:{\"name\":\"slowlog\"}": { + ".": {}, + "f:emptyDir": {}, + "f:name": {} + }, + "k:{\"name\":\"startup-script\"}": { + ".": {}, + "f:configMap": { + ".": {}, + "f:defaultMode": {}, + "f:items": {}, + "f:name": {} + }, + "f:name": {} + } + } + } + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:52+00:00" + }, + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:status": { + "f:conditions": { + "k:{\"type\":\"ContainersReady\"}": { + ".": {}, + "f:lastProbeTime": {}, + "f:type": {} + }, + "k:{\"type\":\"Initialized\"}": { + ".": {}, + "f:lastProbeTime": {}, + "f:lastTransitionTime": {}, + "f:status": {}, + "f:type": {} + }, + "k:{\"type\":\"Ready\"}": { + ".": {}, + "f:lastProbeTime": {}, + "f:type": {} + } + }, + "f:hostIP": {}, + "f:phase": {}, + "f:podIP": {}, + "f:podIPs": { + ".": {}, + "k:{\"ip\":\"10.244.2.8\"}": { + ".": {}, + "f:ip": {} + } + }, + "f:startTime": {} + } + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:53+00:00" + }, + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:labels": { + "f:tidb.pingcap.com/cluster-id": {} + } + } + }, + "manager": "tidb-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:56+00:00" + }, + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:status": { + "f:conditions": { + "k:{\"type\":\"ContainersReady\"}": { + "f:lastTransitionTime": {}, + "f:status": {} + }, + "k:{\"type\":\"Ready\"}": { + "f:lastTransitionTime": {}, + "f:status": {} + } + }, + "f:containerStatuses": {} + } + }, + "manager": "kubelet", + "operation": "Update", + "subresource": "status", + "time": "2024-02-27T01:21:12+00:00" + } + ], + "name": "test-cluster-tidb-1", + "namespace": "acto-namespace", + "owner_references": [ + { + "api_version": "apps/v1", + "block_owner_deletion": true, + "controller": true, + "kind": "StatefulSet", + "name": "test-cluster-tidb", + "uid": "275a96f1-4db6-4070-a665-2df5d784b843" + } + ], + "resource_version": "1471", + "self_link": null, + "uid": "b39da1e7-81ed-4250-9545-8ebd713753dc" + }, + "spec": { + "active_deadline_seconds": null, + "affinity": null, + "automount_service_account_token": null, + "containers": [ + { + "args": null, + "command": [ + "sh", + "-c", + "touch /var/log/tidb/slowlog; tail -n0 -F /var/log/tidb/slowlog;" + ], + "env": null, + "env_from": null, + "image": "busybox:1.34.1", + "image_pull_policy": "IfNotPresent", + "lifecycle": null, + "liveness_probe": null, + "name": "slowlog", + "ports": null, + "readiness_probe": null, + "resources": { + "claims": null, + "limits": null, + "requests": null + }, + "security_context": null, + "startup_probe": null, + "stdin": null, + "stdin_once": null, + "termination_message_path": "/dev/termination-log", + "termination_message_policy": "File", + "tty": null, + "volume_devices": null, + "volume_mounts": [ + { + "mount_path": "/var/log/tidb", + "mount_propagation": null, + "name": "slowlog", + "read_only": null, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/var/run/secrets/kubernetes.io/serviceaccount", + "mount_propagation": null, + "name": "kube-api-access-rw5pc", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + } + ], + "working_dir": null + }, + { + "args": null, + "command": [ + "/bin/sh", + "/usr/local/bin/tidb_start_script.sh" + ], + "env": [ + { + "name": "CLUSTER_NAME", + "value": "test-cluster", + "value_from": null + }, + { + "name": "TZ", + "value": "UTC", + "value_from": null + }, + { + "name": "BINLOG_ENABLED", + "value": "false", + "value_from": null + }, + { + "name": "SLOW_LOG_FILE", + "value": "/var/log/tidb/slowlog", + "value_from": null + }, + { + "name": "POD_NAME", + "value": null, + "value_from": { + "config_map_key_ref": null, + "field_ref": { + "api_version": "v1", + "field_path": "metadata.name" + }, + "resource_field_ref": null, + "secret_key_ref": null + } + }, + { + "name": "NAMESPACE", + "value": null, + "value_from": { + "config_map_key_ref": null, + "field_ref": { + "api_version": "v1", + "field_path": "metadata.namespace" + }, + "resource_field_ref": null, + "secret_key_ref": null + } + }, + { + "name": "HEADLESS_SERVICE_NAME", + "value": "test-cluster-tidb-peer", + "value_from": null + } + ], + "env_from": null, + "image": "pingcap/tidb:v5.4.0", + "image_pull_policy": "IfNotPresent", + "lifecycle": null, + "liveness_probe": null, + "name": "tidb", + "ports": [ + { + "container_port": 4000, + "host_ip": null, + "host_port": null, + "name": "server", + "protocol": "TCP" + }, + { + "container_port": 10080, + "host_ip": null, + "host_port": null, + "name": "status", + "protocol": "TCP" + } + ], + "readiness_probe": { + "_exec": null, + "failure_threshold": 3, + "grpc": null, + "http_get": null, + "initial_delay_seconds": 10, + "period_seconds": 10, + "success_threshold": 1, + "tcp_socket": { + "host": null, + "port": 4000 + }, + "termination_grace_period_seconds": null, + "timeout_seconds": 1 + }, + "resources": { + "claims": null, + "limits": null, + "requests": null + }, + "security_context": null, + "startup_probe": null, + "stdin": null, + "stdin_once": null, + "termination_message_path": "/dev/termination-log", + "termination_message_policy": "File", + "tty": null, + "volume_devices": null, + "volume_mounts": [ + { + "mount_path": "/etc/podinfo", + "mount_propagation": null, + "name": "annotations", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/etc/tidb", + "mount_propagation": null, + "name": "config", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/usr/local/bin", + "mount_propagation": null, + "name": "startup-script", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/var/log/tidb", + "mount_propagation": null, + "name": "slowlog", + "read_only": null, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/var/run/secrets/kubernetes.io/serviceaccount", + "mount_propagation": null, + "name": "kube-api-access-rw5pc", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + } + ], + "working_dir": null + } + ], + "dns_config": null, + "dns_policy": "ClusterFirst", + "enable_service_links": true, + "ephemeral_containers": null, + "host_aliases": null, + "host_ipc": null, + "host_network": null, + "host_pid": null, + "host_users": null, + "hostname": "test-cluster-tidb-1", + "image_pull_secrets": null, + "init_containers": null, + "node_name": "acto-0-cluster-0-worker2", + "node_selector": null, + "os": null, + "overhead": null, + "preemption_policy": "PreemptLowerPriority", + "priority": 0, + "priority_class_name": null, + "readiness_gates": null, + "resource_claims": null, + "restart_policy": "Always", + "runtime_class_name": null, + "scheduler_name": "default-scheduler", + "scheduling_gates": null, + "security_context": { + "fs_group": null, + "fs_group_change_policy": null, + "run_as_group": null, + "run_as_non_root": null, + "run_as_user": null, + "se_linux_options": null, + "seccomp_profile": null, + "supplemental_groups": null, + "sysctls": null, + "windows_options": null + }, + "service_account": "default", + "service_account_name": "default", + "set_hostname_as_fqdn": null, + "share_process_namespace": null, + "subdomain": "test-cluster-tidb-peer", + "termination_grace_period_seconds": 30, + "tolerations": [ + { + "effect": "NoExecute", + "key": "node.kubernetes.io/not-ready", + "operator": "Exists", + "toleration_seconds": 300, + "value": null + }, + { + "effect": "NoExecute", + "key": "node.kubernetes.io/unreachable", + "operator": "Exists", + "toleration_seconds": 300, + "value": null + } + ], + "topology_spread_constraints": null, + "volumes": [ + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": { + "default_mode": 420, + "items": [ + { + "field_ref": { + "api_version": "v1", + "field_path": "metadata.annotations" + }, + "mode": null, + "path": "annotations", + "resource_field_ref": null + } + ] + }, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "annotations", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": { + "default_mode": 420, + "items": [ + { + "key": "config-file", + "mode": null, + "path": "tidb.toml" + } + ], + "name": "test-cluster-tidb-6662316", + "optional": null + }, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "config", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": { + "default_mode": 420, + "items": [ + { + "key": "startup-script", + "mode": null, + "path": "tidb_start_script.sh" + } + ], + "name": "test-cluster-tidb-6662316", + "optional": null + }, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "startup-script", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": null, + "empty_dir": { + "medium": null, + "size_limit": null + }, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "slowlog", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "kube-api-access-rw5pc", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": { + "default_mode": 420, + "sources": [ + { + "config_map": null, + "downward_api": null, + "secret": null, + "service_account_token": { + "audience": null, + "expiration_seconds": 3607, + "path": "token" + } + }, + { + "config_map": { + "items": [ + { + "key": "ca.crt", + "mode": null, + "path": "ca.crt" + } + ], + "name": "kube-root-ca.crt", + "optional": null + }, + "downward_api": null, + "secret": null, + "service_account_token": null + }, + { + "config_map": null, + "downward_api": { + "items": [ + { + "field_ref": { + "api_version": "v1", + "field_path": "metadata.namespace" + }, + "mode": null, + "path": "namespace", + "resource_field_ref": null + } + ] + }, + "secret": null, + "service_account_token": null + } + ] + }, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + } + ] + }, + "status": { + "conditions": [ + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T01:20:52+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "Initialized" + }, + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T01:21:12+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "Ready" + }, + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T01:21:12+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "ContainersReady" + }, + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T01:20:52+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "PodScheduled" + } + ], + "container_statuses": [ + { + "container_id": "containerd://6fc7c7c9dcb235ad59187d63b85140c79966544c06ac3cb4aad3ed5bf5a5df6b", + "image": "docker.io/library/busybox:1.34.1", + "image_id": "docker.io/library/import-2024-02-27@sha256:c4d04d75f4fed737c946055f12e8eae66b6272e59afc5c9ed865428d7c215dad", + "last_state": { + "running": null, + "terminated": null, + "waiting": null + }, + "name": "slowlog", + "ready": true, + "restart_count": 0, + "started": true, + "state": { + "running": { + "started_at": "2024-02-27T01:20:53+00:00" + }, + "terminated": null, + "waiting": null + } + }, + { + "container_id": "containerd://f092dd22c8f76105fb6b06a6ecd05efa4e205b3362e4e6c8d9723658411a9931", + "image": "docker.io/pingcap/tidb:v5.4.0", + "image_id": "docker.io/library/import-2024-02-27@sha256:a79108254173688e4d6f8502e165ed9ef323e4af82c390a2afa40c6dfa4aa712", + "last_state": { + "running": null, + "terminated": null, + "waiting": null + }, + "name": "tidb", + "ready": true, + "restart_count": 0, + "started": true, + "state": { + "running": { + "started_at": "2024-02-27T01:20:53+00:00" + }, + "terminated": null, + "waiting": null + } + } + ], + "ephemeral_container_statuses": null, + "host_ip": "172.18.0.5", + "init_container_statuses": null, + "message": null, + "nominated_node_name": null, + "phase": "Running", + "pod_ip": "10.244.2.8", + "pod_i_ps": [ + { + "ip": "10.244.2.8" + } + ], + "qos_class": "BestEffort", + "reason": null, + "start_time": "2024-02-27T01:20:52+00:00" + } + }, + "test-cluster-tidb-2": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": { + "prometheus.io/path": "/metrics", + "prometheus.io/port": "10080", + "prometheus.io/scrape": "true" + }, + "creation_timestamp": "2024-02-27T01:20:52+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": "test-cluster-tidb-", + "generation": null, + "labels": { + "app.kubernetes.io/component": "tidb", + "app.kubernetes.io/instance": "test-cluster", + "app.kubernetes.io/managed-by": "tidb-operator", + "app.kubernetes.io/name": "tidb-cluster", + "apps.kubernetes.io/pod-index": "2", + "controller-revision-hash": "test-cluster-tidb-788bdc6cfc", + "statefulset.kubernetes.io/pod-name": "test-cluster-tidb-2", + "tidb.pingcap.com/cluster-id": "7340085439264123903" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + ".": {}, + "f:prometheus.io/path": {}, + "f:prometheus.io/port": {}, + "f:prometheus.io/scrape": {} + }, + "f:generateName": {}, + "f:labels": { + ".": {}, + "f:app.kubernetes.io/component": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {}, + "f:apps.kubernetes.io/pod-index": {}, + "f:controller-revision-hash": {}, + "f:statefulset.kubernetes.io/pod-name": {} + }, + "f:ownerReferences": { + ".": {}, + "k:{\"uid\":\"275a96f1-4db6-4070-a665-2df5d784b843\"}": {} + } + }, + "f:spec": { + "f:containers": { + "k:{\"name\":\"slowlog\"}": { + ".": {}, + "f:command": {}, + "f:image": {}, + "f:imagePullPolicy": {}, + "f:name": {}, + "f:resources": {}, + "f:terminationMessagePath": {}, + "f:terminationMessagePolicy": {}, + "f:volumeMounts": { + ".": {}, + "k:{\"mountPath\":\"/var/log/tidb\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {} + } + } + }, + "k:{\"name\":\"tidb\"}": { + ".": {}, + "f:command": {}, + "f:env": { + ".": {}, + "k:{\"name\":\"BINLOG_ENABLED\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"CLUSTER_NAME\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"HEADLESS_SERVICE_NAME\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"NAMESPACE\"}": { + ".": {}, + "f:name": {}, + "f:valueFrom": { + ".": {}, + "f:fieldRef": {} + } + }, + "k:{\"name\":\"POD_NAME\"}": { + ".": {}, + "f:name": {}, + "f:valueFrom": { + ".": {}, + "f:fieldRef": {} + } + }, + "k:{\"name\":\"SLOW_LOG_FILE\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"TZ\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + } + }, + "f:image": {}, + "f:imagePullPolicy": {}, + "f:name": {}, + "f:ports": { + ".": {}, + "k:{\"containerPort\":4000,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + }, + "k:{\"containerPort\":10080,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + } + }, + "f:readinessProbe": { + ".": {}, + "f:failureThreshold": {}, + "f:initialDelaySeconds": {}, + "f:periodSeconds": {}, + "f:successThreshold": {}, + "f:tcpSocket": { + ".": {}, + "f:port": {} + }, + "f:timeoutSeconds": {} + }, + "f:resources": {}, + "f:terminationMessagePath": {}, + "f:terminationMessagePolicy": {}, + "f:volumeMounts": { + ".": {}, + "k:{\"mountPath\":\"/etc/podinfo\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {}, + "f:readOnly": {} + }, + "k:{\"mountPath\":\"/etc/tidb\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {}, + "f:readOnly": {} + }, + "k:{\"mountPath\":\"/usr/local/bin\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {}, + "f:readOnly": {} + }, + "k:{\"mountPath\":\"/var/log/tidb\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {} + } + } + } + }, + "f:dnsPolicy": {}, + "f:enableServiceLinks": {}, + "f:hostname": {}, + "f:restartPolicy": {}, + "f:schedulerName": {}, + "f:securityContext": {}, + "f:subdomain": {}, + "f:terminationGracePeriodSeconds": {}, + "f:volumes": { + ".": {}, + "k:{\"name\":\"annotations\"}": { + ".": {}, + "f:downwardAPI": { + ".": {}, + "f:defaultMode": {}, + "f:items": {} + }, + "f:name": {} + }, + "k:{\"name\":\"config\"}": { + ".": {}, + "f:configMap": { + ".": {}, + "f:defaultMode": {}, + "f:items": {}, + "f:name": {} + }, + "f:name": {} + }, + "k:{\"name\":\"slowlog\"}": { + ".": {}, + "f:emptyDir": {}, + "f:name": {} + }, + "k:{\"name\":\"startup-script\"}": { + ".": {}, + "f:configMap": { + ".": {}, + "f:defaultMode": {}, + "f:items": {}, + "f:name": {} + }, + "f:name": {} + } + } + } + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:52+00:00" + }, + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:status": { + "f:conditions": { + "k:{\"type\":\"ContainersReady\"}": { + ".": {}, + "f:lastProbeTime": {}, + "f:type": {} + }, + "k:{\"type\":\"Initialized\"}": { + ".": {}, + "f:lastProbeTime": {}, + "f:lastTransitionTime": {}, + "f:status": {}, + "f:type": {} + }, + "k:{\"type\":\"Ready\"}": { + ".": {}, + "f:lastProbeTime": {}, + "f:type": {} + } + }, + "f:hostIP": {}, + "f:phase": {}, + "f:podIP": {}, + "f:podIPs": { + ".": {}, + "k:{\"ip\":\"10.244.3.8\"}": { + ".": {}, + "f:ip": {} + } + }, + "f:startTime": {} + } + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:53+00:00" + }, + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:labels": { + "f:tidb.pingcap.com/cluster-id": {} + } + } + }, + "manager": "tidb-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:56+00:00" + }, + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:status": { + "f:conditions": { + "k:{\"type\":\"ContainersReady\"}": { + "f:lastTransitionTime": {}, + "f:status": {} + }, + "k:{\"type\":\"Ready\"}": { + "f:lastTransitionTime": {}, + "f:status": {} + } + }, + "f:containerStatuses": {} + } + }, + "manager": "kubelet", + "operation": "Update", + "subresource": "status", + "time": "2024-02-27T01:21:12+00:00" + } + ], + "name": "test-cluster-tidb-2", + "namespace": "acto-namespace", + "owner_references": [ + { + "api_version": "apps/v1", + "block_owner_deletion": true, + "controller": true, + "kind": "StatefulSet", + "name": "test-cluster-tidb", + "uid": "275a96f1-4db6-4070-a665-2df5d784b843" + } + ], + "resource_version": "1470", + "self_link": null, + "uid": "77704408-f6a8-425e-a89c-3877fadbf8b6" + }, + "spec": { + "active_deadline_seconds": null, + "affinity": null, + "automount_service_account_token": null, + "containers": [ + { + "args": null, + "command": [ + "sh", + "-c", + "touch /var/log/tidb/slowlog; tail -n0 -F /var/log/tidb/slowlog;" + ], + "env": null, + "env_from": null, + "image": "busybox:1.34.1", + "image_pull_policy": "IfNotPresent", + "lifecycle": null, + "liveness_probe": null, + "name": "slowlog", + "ports": null, + "readiness_probe": null, + "resources": { + "claims": null, + "limits": null, + "requests": null + }, + "security_context": null, + "startup_probe": null, + "stdin": null, + "stdin_once": null, + "termination_message_path": "/dev/termination-log", + "termination_message_policy": "File", + "tty": null, + "volume_devices": null, + "volume_mounts": [ + { + "mount_path": "/var/log/tidb", + "mount_propagation": null, + "name": "slowlog", + "read_only": null, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/var/run/secrets/kubernetes.io/serviceaccount", + "mount_propagation": null, + "name": "kube-api-access-ttnk7", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + } + ], + "working_dir": null + }, + { + "args": null, + "command": [ + "/bin/sh", + "/usr/local/bin/tidb_start_script.sh" + ], + "env": [ + { + "name": "CLUSTER_NAME", + "value": "test-cluster", + "value_from": null + }, + { + "name": "TZ", + "value": "UTC", + "value_from": null + }, + { + "name": "BINLOG_ENABLED", + "value": "false", + "value_from": null + }, + { + "name": "SLOW_LOG_FILE", + "value": "/var/log/tidb/slowlog", + "value_from": null + }, + { + "name": "POD_NAME", + "value": null, + "value_from": { + "config_map_key_ref": null, + "field_ref": { + "api_version": "v1", + "field_path": "metadata.name" + }, + "resource_field_ref": null, + "secret_key_ref": null + } + }, + { + "name": "NAMESPACE", + "value": null, + "value_from": { + "config_map_key_ref": null, + "field_ref": { + "api_version": "v1", + "field_path": "metadata.namespace" + }, + "resource_field_ref": null, + "secret_key_ref": null + } + }, + { + "name": "HEADLESS_SERVICE_NAME", + "value": "test-cluster-tidb-peer", + "value_from": null + } + ], + "env_from": null, + "image": "pingcap/tidb:v5.4.0", + "image_pull_policy": "IfNotPresent", + "lifecycle": null, + "liveness_probe": null, + "name": "tidb", + "ports": [ + { + "container_port": 4000, + "host_ip": null, + "host_port": null, + "name": "server", + "protocol": "TCP" + }, + { + "container_port": 10080, + "host_ip": null, + "host_port": null, + "name": "status", + "protocol": "TCP" + } + ], + "readiness_probe": { + "_exec": null, + "failure_threshold": 3, + "grpc": null, + "http_get": null, + "initial_delay_seconds": 10, + "period_seconds": 10, + "success_threshold": 1, + "tcp_socket": { + "host": null, + "port": 4000 + }, + "termination_grace_period_seconds": null, + "timeout_seconds": 1 + }, + "resources": { + "claims": null, + "limits": null, + "requests": null + }, + "security_context": null, + "startup_probe": null, + "stdin": null, + "stdin_once": null, + "termination_message_path": "/dev/termination-log", + "termination_message_policy": "File", + "tty": null, + "volume_devices": null, + "volume_mounts": [ + { + "mount_path": "/etc/podinfo", + "mount_propagation": null, + "name": "annotations", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/etc/tidb", + "mount_propagation": null, + "name": "config", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/usr/local/bin", + "mount_propagation": null, + "name": "startup-script", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/var/log/tidb", + "mount_propagation": null, + "name": "slowlog", + "read_only": null, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/var/run/secrets/kubernetes.io/serviceaccount", + "mount_propagation": null, + "name": "kube-api-access-ttnk7", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + } + ], + "working_dir": null + } + ], + "dns_config": null, + "dns_policy": "ClusterFirst", + "enable_service_links": true, + "ephemeral_containers": null, + "host_aliases": null, + "host_ipc": null, + "host_network": null, + "host_pid": null, + "host_users": null, + "hostname": "test-cluster-tidb-2", + "image_pull_secrets": null, + "init_containers": null, + "node_name": "acto-0-cluster-0-worker3", + "node_selector": null, + "os": null, + "overhead": null, + "preemption_policy": "PreemptLowerPriority", + "priority": 0, + "priority_class_name": null, + "readiness_gates": null, + "resource_claims": null, + "restart_policy": "Always", + "runtime_class_name": null, + "scheduler_name": "default-scheduler", + "scheduling_gates": null, + "security_context": { + "fs_group": null, + "fs_group_change_policy": null, + "run_as_group": null, + "run_as_non_root": null, + "run_as_user": null, + "se_linux_options": null, + "seccomp_profile": null, + "supplemental_groups": null, + "sysctls": null, + "windows_options": null + }, + "service_account": "default", + "service_account_name": "default", + "set_hostname_as_fqdn": null, + "share_process_namespace": null, + "subdomain": "test-cluster-tidb-peer", + "termination_grace_period_seconds": 30, + "tolerations": [ + { + "effect": "NoExecute", + "key": "node.kubernetes.io/not-ready", + "operator": "Exists", + "toleration_seconds": 300, + "value": null + }, + { + "effect": "NoExecute", + "key": "node.kubernetes.io/unreachable", + "operator": "Exists", + "toleration_seconds": 300, + "value": null + } + ], + "topology_spread_constraints": null, + "volumes": [ + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": { + "default_mode": 420, + "items": [ + { + "field_ref": { + "api_version": "v1", + "field_path": "metadata.annotations" + }, + "mode": null, + "path": "annotations", + "resource_field_ref": null + } + ] + }, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "annotations", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": { + "default_mode": 420, + "items": [ + { + "key": "config-file", + "mode": null, + "path": "tidb.toml" + } + ], + "name": "test-cluster-tidb-6662316", + "optional": null + }, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "config", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": { + "default_mode": 420, + "items": [ + { + "key": "startup-script", + "mode": null, + "path": "tidb_start_script.sh" + } + ], + "name": "test-cluster-tidb-6662316", + "optional": null + }, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "startup-script", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": null, + "empty_dir": { + "medium": null, + "size_limit": null + }, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "slowlog", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "kube-api-access-ttnk7", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": { + "default_mode": 420, + "sources": [ + { + "config_map": null, + "downward_api": null, + "secret": null, + "service_account_token": { + "audience": null, + "expiration_seconds": 3607, + "path": "token" + } + }, + { + "config_map": { + "items": [ + { + "key": "ca.crt", + "mode": null, + "path": "ca.crt" + } + ], + "name": "kube-root-ca.crt", + "optional": null + }, + "downward_api": null, + "secret": null, + "service_account_token": null + }, + { + "config_map": null, + "downward_api": { + "items": [ + { + "field_ref": { + "api_version": "v1", + "field_path": "metadata.namespace" + }, + "mode": null, + "path": "namespace", + "resource_field_ref": null + } + ] + }, + "secret": null, + "service_account_token": null + } + ] + }, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + } + ] + }, + "status": { + "conditions": [ + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T01:20:52+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "Initialized" + }, + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T01:21:12+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "Ready" + }, + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T01:21:12+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "ContainersReady" + }, + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T01:20:52+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "PodScheduled" + } + ], + "container_statuses": [ + { + "container_id": "containerd://4993593e5b0431a79020843de23e9df055527d1f4d468ce54c816327bac5e8a5", + "image": "docker.io/library/busybox:1.34.1", + "image_id": "docker.io/library/import-2024-02-27@sha256:c4d04d75f4fed737c946055f12e8eae66b6272e59afc5c9ed865428d7c215dad", + "last_state": { + "running": null, + "terminated": null, + "waiting": null + }, + "name": "slowlog", + "ready": true, + "restart_count": 0, + "started": true, + "state": { + "running": { + "started_at": "2024-02-27T01:20:52+00:00" + }, + "terminated": null, + "waiting": null + } + }, + { + "container_id": "containerd://2f71403193259cc83a9ba1542f4c1990c6b5989e88408ade946622d5de34361e", + "image": "docker.io/pingcap/tidb:v5.4.0", + "image_id": "docker.io/library/import-2024-02-27@sha256:a79108254173688e4d6f8502e165ed9ef323e4af82c390a2afa40c6dfa4aa712", + "last_state": { + "running": null, + "terminated": null, + "waiting": null + }, + "name": "tidb", + "ready": true, + "restart_count": 0, + "started": true, + "state": { + "running": { + "started_at": "2024-02-27T01:20:53+00:00" + }, + "terminated": null, + "waiting": null + } + } + ], + "ephemeral_container_statuses": null, + "host_ip": "172.18.0.3", + "init_container_statuses": null, + "message": null, + "nominated_node_name": null, + "phase": "Running", + "pod_ip": "10.244.3.8", + "pod_i_ps": [ + { + "ip": "10.244.3.8" + } + ], + "qos_class": "BestEffort", + "reason": null, + "start_time": "2024-02-27T01:20:52+00:00" + } + }, + "test-cluster-tikv-0": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": { + "prometheus.io/path": "/metrics", + "prometheus.io/port": "20180", + "prometheus.io/scrape": "true" + }, + "creation_timestamp": "2024-02-27T01:20:22+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": "test-cluster-tikv-", + "generation": null, + "labels": { + "app.kubernetes.io/component": "tikv", + "app.kubernetes.io/instance": "test-cluster", + "app.kubernetes.io/managed-by": "tidb-operator", + "app.kubernetes.io/name": "tidb-cluster", + "apps.kubernetes.io/pod-index": "0", + "controller-revision-hash": "test-cluster-tikv-797dfd54bf", + "statefulset.kubernetes.io/pod-name": "test-cluster-tikv-0", + "tidb.pingcap.com/cluster-id": "7340085439264123903", + "tidb.pingcap.com/store-id": "5" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + ".": {}, + "f:prometheus.io/path": {}, + "f:prometheus.io/port": {}, + "f:prometheus.io/scrape": {} + }, + "f:generateName": {}, + "f:labels": { + ".": {}, + "f:app.kubernetes.io/component": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {}, + "f:apps.kubernetes.io/pod-index": {}, + "f:controller-revision-hash": {}, + "f:statefulset.kubernetes.io/pod-name": {} + }, + "f:ownerReferences": { + ".": {}, + "k:{\"uid\":\"0ef3c69e-a6cc-4a35-915f-a63fca1b67f8\"}": {} + } + }, + "f:spec": { + "f:containers": { + "k:{\"name\":\"raftlog\"}": { + ".": {}, + "f:command": {}, + "f:image": {}, + "f:imagePullPolicy": {}, + "f:name": {}, + "f:resources": {}, + "f:terminationMessagePath": {}, + "f:terminationMessagePolicy": {}, + "f:volumeMounts": { + ".": {}, + "k:{\"mountPath\":\"/var/lib/tikv\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {} + } + } + }, + "k:{\"name\":\"tikv\"}": { + ".": {}, + "f:command": {}, + "f:env": { + ".": {}, + "k:{\"name\":\"CAPACITY\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"CLUSTER_NAME\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"HEADLESS_SERVICE_NAME\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"NAMESPACE\"}": { + ".": {}, + "f:name": {}, + "f:valueFrom": { + ".": {}, + "f:fieldRef": {} + } + }, + "k:{\"name\":\"TZ\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + } + }, + "f:image": {}, + "f:imagePullPolicy": {}, + "f:name": {}, + "f:ports": { + ".": {}, + "k:{\"containerPort\":20160,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + } + }, + "f:resources": {}, + "f:securityContext": { + ".": {}, + "f:privileged": {} + }, + "f:terminationMessagePath": {}, + "f:terminationMessagePolicy": {}, + "f:volumeMounts": { + ".": {}, + "k:{\"mountPath\":\"/etc/podinfo\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {}, + "f:readOnly": {} + }, + "k:{\"mountPath\":\"/etc/tikv\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {}, + "f:readOnly": {} + }, + "k:{\"mountPath\":\"/usr/local/bin\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {}, + "f:readOnly": {} + }, + "k:{\"mountPath\":\"/var/lib/tikv\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {} + } + } + } + }, + "f:dnsPolicy": {}, + "f:enableServiceLinks": {}, + "f:hostname": {}, + "f:restartPolicy": {}, + "f:schedulerName": {}, + "f:securityContext": {}, + "f:subdomain": {}, + "f:terminationGracePeriodSeconds": {}, + "f:volumes": { + ".": {}, + "k:{\"name\":\"annotations\"}": { + ".": {}, + "f:downwardAPI": { + ".": {}, + "f:defaultMode": {}, + "f:items": {} + }, + "f:name": {} + }, + "k:{\"name\":\"config\"}": { + ".": {}, + "f:configMap": { + ".": {}, + "f:defaultMode": {}, + "f:items": {}, + "f:name": {} + }, + "f:name": {} + }, + "k:{\"name\":\"startup-script\"}": { + ".": {}, + "f:configMap": { + ".": {}, + "f:defaultMode": {}, + "f:items": {}, + "f:name": {} + }, + "f:name": {} + }, + "k:{\"name\":\"tikv\"}": { + ".": {}, + "f:name": {}, + "f:persistentVolumeClaim": { + ".": {}, + "f:claimName": {} + } + } + } + } + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:22+00:00" + }, + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:status": { + "f:conditions": { + "k:{\"type\":\"ContainersReady\"}": { + ".": {}, + "f:lastProbeTime": {}, + "f:lastTransitionTime": {}, + "f:status": {}, + "f:type": {} + }, + "k:{\"type\":\"Initialized\"}": { + ".": {}, + "f:lastProbeTime": {}, + "f:lastTransitionTime": {}, + "f:status": {}, + "f:type": {} + }, + "k:{\"type\":\"Ready\"}": { + ".": {}, + "f:lastProbeTime": {}, + "f:lastTransitionTime": {}, + "f:status": {}, + "f:type": {} + } + }, + "f:containerStatuses": {}, + "f:hostIP": {}, + "f:phase": {}, + "f:podIP": {}, + "f:podIPs": { + ".": {}, + "k:{\"ip\":\"10.244.2.7\"}": { + ".": {}, + "f:ip": {} + } + }, + "f:startTime": {} + } + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:27+00:00" + }, + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:labels": { + "f:tidb.pingcap.com/cluster-id": {}, + "f:tidb.pingcap.com/store-id": {} + } + } + }, + "manager": "tidb-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:53+00:00" + } + ], + "name": "test-cluster-tikv-0", + "namespace": "acto-namespace", + "owner_references": [ + { + "api_version": "apps/v1", + "block_owner_deletion": true, + "controller": true, + "kind": "StatefulSet", + "name": "test-cluster-tikv", + "uid": "0ef3c69e-a6cc-4a35-915f-a63fca1b67f8" + } + ], + "resource_version": "1384", + "self_link": null, + "uid": "ebc480d7-eef9-48ca-8d1f-31c413ae8bab" + }, + "spec": { + "active_deadline_seconds": null, + "affinity": null, + "automount_service_account_token": null, + "containers": [ + { + "args": null, + "command": [ + "sh", + "-c", + "touch /var/lib/tikv/raftdb.info; tail -n0 -F /var/lib/tikv/raftdb.info;" + ], + "env": null, + "env_from": null, + "image": "busybox:1.34.1", + "image_pull_policy": "IfNotPresent", + "lifecycle": null, + "liveness_probe": null, + "name": "raftlog", + "ports": null, + "readiness_probe": null, + "resources": { + "claims": null, + "limits": null, + "requests": null + }, + "security_context": null, + "startup_probe": null, + "stdin": null, + "stdin_once": null, + "termination_message_path": "/dev/termination-log", + "termination_message_policy": "File", + "tty": null, + "volume_devices": null, + "volume_mounts": [ + { + "mount_path": "/var/lib/tikv", + "mount_propagation": null, + "name": "tikv", + "read_only": null, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/var/run/secrets/kubernetes.io/serviceaccount", + "mount_propagation": null, + "name": "kube-api-access-5khkx", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + } + ], + "working_dir": null + }, + { + "args": null, + "command": [ + "/bin/sh", + "/usr/local/bin/tikv_start_script.sh" + ], + "env": [ + { + "name": "NAMESPACE", + "value": null, + "value_from": { + "config_map_key_ref": null, + "field_ref": { + "api_version": "v1", + "field_path": "metadata.namespace" + }, + "resource_field_ref": null, + "secret_key_ref": null + } + }, + { + "name": "CLUSTER_NAME", + "value": "test-cluster", + "value_from": null + }, + { + "name": "HEADLESS_SERVICE_NAME", + "value": "test-cluster-tikv-peer", + "value_from": null + }, + { + "name": "CAPACITY", + "value": "0", + "value_from": null + }, + { + "name": "TZ", + "value": "UTC", + "value_from": null + } + ], + "env_from": null, + "image": "pingcap/tikv:v5.4.0", + "image_pull_policy": "IfNotPresent", + "lifecycle": null, + "liveness_probe": null, + "name": "tikv", + "ports": [ + { + "container_port": 20160, + "host_ip": null, + "host_port": null, + "name": "server", + "protocol": "TCP" + } + ], + "readiness_probe": null, + "resources": { + "claims": null, + "limits": null, + "requests": null + }, + "security_context": { + "allow_privilege_escalation": null, + "capabilities": null, + "privileged": false, + "proc_mount": null, + "read_only_root_filesystem": null, + "run_as_group": null, + "run_as_non_root": null, + "run_as_user": null, + "se_linux_options": null, + "seccomp_profile": null, + "windows_options": null + }, + "startup_probe": null, + "stdin": null, + "stdin_once": null, + "termination_message_path": "/dev/termination-log", + "termination_message_policy": "File", + "tty": null, + "volume_devices": null, + "volume_mounts": [ + { + "mount_path": "/etc/podinfo", + "mount_propagation": null, + "name": "annotations", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/var/lib/tikv", + "mount_propagation": null, + "name": "tikv", + "read_only": null, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/etc/tikv", + "mount_propagation": null, + "name": "config", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/usr/local/bin", + "mount_propagation": null, + "name": "startup-script", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/var/run/secrets/kubernetes.io/serviceaccount", + "mount_propagation": null, + "name": "kube-api-access-5khkx", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + } + ], + "working_dir": null + } + ], + "dns_config": null, + "dns_policy": "ClusterFirst", + "enable_service_links": true, + "ephemeral_containers": null, + "host_aliases": null, + "host_ipc": null, + "host_network": null, + "host_pid": null, + "host_users": null, + "hostname": "test-cluster-tikv-0", + "image_pull_secrets": null, + "init_containers": null, + "node_name": "acto-0-cluster-0-worker2", + "node_selector": null, + "os": null, + "overhead": null, + "preemption_policy": "PreemptLowerPriority", + "priority": 0, + "priority_class_name": null, + "readiness_gates": null, + "resource_claims": null, + "restart_policy": "Always", + "runtime_class_name": null, + "scheduler_name": "default-scheduler", + "scheduling_gates": null, + "security_context": { + "fs_group": null, + "fs_group_change_policy": null, + "run_as_group": null, + "run_as_non_root": null, + "run_as_user": null, + "se_linux_options": null, + "seccomp_profile": null, + "supplemental_groups": null, + "sysctls": null, + "windows_options": null + }, + "service_account": "default", + "service_account_name": "default", + "set_hostname_as_fqdn": null, + "share_process_namespace": null, + "subdomain": "test-cluster-tikv-peer", + "termination_grace_period_seconds": 30, + "tolerations": [ + { + "effect": "NoExecute", + "key": "node.kubernetes.io/not-ready", + "operator": "Exists", + "toleration_seconds": 300, + "value": null + }, + { + "effect": "NoExecute", + "key": "node.kubernetes.io/unreachable", + "operator": "Exists", + "toleration_seconds": 300, + "value": null + } + ], + "topology_spread_constraints": null, + "volumes": [ + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "tikv", + "nfs": null, + "persistent_volume_claim": { + "claim_name": "tikv-test-cluster-tikv-0", + "read_only": null + }, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": { + "default_mode": 420, + "items": [ + { + "field_ref": { + "api_version": "v1", + "field_path": "metadata.annotations" + }, + "mode": null, + "path": "annotations", + "resource_field_ref": null + } + ] + }, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "annotations", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": { + "default_mode": 420, + "items": [ + { + "key": "config-file", + "mode": null, + "path": "tikv.toml" + } + ], + "name": "test-cluster-tikv-3831336", + "optional": null + }, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "config", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": { + "default_mode": 420, + "items": [ + { + "key": "startup-script", + "mode": null, + "path": "tikv_start_script.sh" + } + ], + "name": "test-cluster-tikv-3831336", + "optional": null + }, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "startup-script", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "kube-api-access-5khkx", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": { + "default_mode": 420, + "sources": [ + { + "config_map": null, + "downward_api": null, + "secret": null, + "service_account_token": { + "audience": null, + "expiration_seconds": 3607, + "path": "token" + } + }, + { + "config_map": { + "items": [ + { + "key": "ca.crt", + "mode": null, + "path": "ca.crt" + } + ], + "name": "kube-root-ca.crt", + "optional": null + }, + "downward_api": null, + "secret": null, + "service_account_token": null + }, + { + "config_map": null, + "downward_api": { + "items": [ + { + "field_ref": { + "api_version": "v1", + "field_path": "metadata.namespace" + }, + "mode": null, + "path": "namespace", + "resource_field_ref": null + } + ] + }, + "secret": null, + "service_account_token": null + } + ] + }, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + } + ] + }, + "status": { + "conditions": [ + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T01:20:26+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "Initialized" + }, + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T01:20:27+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "Ready" + }, + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T01:20:27+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "ContainersReady" + }, + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T01:20:26+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "PodScheduled" + } + ], + "container_statuses": [ + { + "container_id": "containerd://df4daa47dd320abba4bc8728d6330bef46c1bf0636c96a7d259c383acfbdc5e1", + "image": "docker.io/library/busybox:1.34.1", + "image_id": "docker.io/library/import-2024-02-27@sha256:c4d04d75f4fed737c946055f12e8eae66b6272e59afc5c9ed865428d7c215dad", + "last_state": { + "running": null, + "terminated": null, + "waiting": null + }, + "name": "raftlog", + "ready": true, + "restart_count": 0, + "started": true, + "state": { + "running": { + "started_at": "2024-02-27T01:20:26+00:00" + }, + "terminated": null, + "waiting": null + } + }, + { + "container_id": "containerd://c7aed758922ca184352acd913f730d982841dedd2461ef6574289f6d6f11c22b", + "image": "docker.io/pingcap/tikv:v5.4.0", + "image_id": "docker.io/library/import-2024-02-27@sha256:6a5cc1deaa123c842cd3537ed4e322ce7e9ab42b8f45ee1d59dd0a7520ca6acc", + "last_state": { + "running": null, + "terminated": null, + "waiting": null + }, + "name": "tikv", + "ready": true, + "restart_count": 0, + "started": true, + "state": { + "running": { + "started_at": "2024-02-27T01:20:27+00:00" + }, + "terminated": null, + "waiting": null + } + } + ], + "ephemeral_container_statuses": null, + "host_ip": "172.18.0.5", + "init_container_statuses": null, + "message": null, + "nominated_node_name": null, + "phase": "Running", + "pod_ip": "10.244.2.7", + "pod_i_ps": [ + { + "ip": "10.244.2.7" + } + ], + "qos_class": "BestEffort", + "reason": null, + "start_time": "2024-02-27T01:20:26+00:00" + } + }, + "test-cluster-tikv-1": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": { + "prometheus.io/path": "/metrics", + "prometheus.io/port": "20180", + "prometheus.io/scrape": "true" + }, + "creation_timestamp": "2024-02-27T01:20:22+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": "test-cluster-tikv-", + "generation": null, + "labels": { + "app.kubernetes.io/component": "tikv", + "app.kubernetes.io/instance": "test-cluster", + "app.kubernetes.io/managed-by": "tidb-operator", + "app.kubernetes.io/name": "tidb-cluster", + "apps.kubernetes.io/pod-index": "1", + "controller-revision-hash": "test-cluster-tikv-797dfd54bf", + "statefulset.kubernetes.io/pod-name": "test-cluster-tikv-1", + "tidb.pingcap.com/cluster-id": "7340085439264123903", + "tidb.pingcap.com/store-id": "1" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + ".": {}, + "f:prometheus.io/path": {}, + "f:prometheus.io/port": {}, + "f:prometheus.io/scrape": {} + }, + "f:generateName": {}, + "f:labels": { + ".": {}, + "f:app.kubernetes.io/component": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {}, + "f:apps.kubernetes.io/pod-index": {}, + "f:controller-revision-hash": {}, + "f:statefulset.kubernetes.io/pod-name": {} + }, + "f:ownerReferences": { + ".": {}, + "k:{\"uid\":\"0ef3c69e-a6cc-4a35-915f-a63fca1b67f8\"}": {} + } + }, + "f:spec": { + "f:containers": { + "k:{\"name\":\"raftlog\"}": { + ".": {}, + "f:command": {}, + "f:image": {}, + "f:imagePullPolicy": {}, + "f:name": {}, + "f:resources": {}, + "f:terminationMessagePath": {}, + "f:terminationMessagePolicy": {}, + "f:volumeMounts": { + ".": {}, + "k:{\"mountPath\":\"/var/lib/tikv\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {} + } + } + }, + "k:{\"name\":\"tikv\"}": { + ".": {}, + "f:command": {}, + "f:env": { + ".": {}, + "k:{\"name\":\"CAPACITY\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"CLUSTER_NAME\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"HEADLESS_SERVICE_NAME\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"NAMESPACE\"}": { + ".": {}, + "f:name": {}, + "f:valueFrom": { + ".": {}, + "f:fieldRef": {} + } + }, + "k:{\"name\":\"TZ\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + } + }, + "f:image": {}, + "f:imagePullPolicy": {}, + "f:name": {}, + "f:ports": { + ".": {}, + "k:{\"containerPort\":20160,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + } + }, + "f:resources": {}, + "f:securityContext": { + ".": {}, + "f:privileged": {} + }, + "f:terminationMessagePath": {}, + "f:terminationMessagePolicy": {}, + "f:volumeMounts": { + ".": {}, + "k:{\"mountPath\":\"/etc/podinfo\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {}, + "f:readOnly": {} + }, + "k:{\"mountPath\":\"/etc/tikv\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {}, + "f:readOnly": {} + }, + "k:{\"mountPath\":\"/usr/local/bin\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {}, + "f:readOnly": {} + }, + "k:{\"mountPath\":\"/var/lib/tikv\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {} + } + } + } + }, + "f:dnsPolicy": {}, + "f:enableServiceLinks": {}, + "f:hostname": {}, + "f:restartPolicy": {}, + "f:schedulerName": {}, + "f:securityContext": {}, + "f:subdomain": {}, + "f:terminationGracePeriodSeconds": {}, + "f:volumes": { + ".": {}, + "k:{\"name\":\"annotations\"}": { + ".": {}, + "f:downwardAPI": { + ".": {}, + "f:defaultMode": {}, + "f:items": {} + }, + "f:name": {} + }, + "k:{\"name\":\"config\"}": { + ".": {}, + "f:configMap": { + ".": {}, + "f:defaultMode": {}, + "f:items": {}, + "f:name": {} + }, + "f:name": {} + }, + "k:{\"name\":\"startup-script\"}": { + ".": {}, + "f:configMap": { + ".": {}, + "f:defaultMode": {}, + "f:items": {}, + "f:name": {} + }, + "f:name": {} + }, + "k:{\"name\":\"tikv\"}": { + ".": {}, + "f:name": {}, + "f:persistentVolumeClaim": { + ".": {}, + "f:claimName": {} + } + } + } + } + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:22+00:00" + }, + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:status": { + "f:conditions": { + "k:{\"type\":\"ContainersReady\"}": { + ".": {}, + "f:lastProbeTime": {}, + "f:lastTransitionTime": {}, + "f:status": {}, + "f:type": {} + }, + "k:{\"type\":\"Initialized\"}": { + ".": {}, + "f:lastProbeTime": {}, + "f:lastTransitionTime": {}, + "f:status": {}, + "f:type": {} + }, + "k:{\"type\":\"Ready\"}": { + ".": {}, + "f:lastProbeTime": {}, + "f:lastTransitionTime": {}, + "f:status": {}, + "f:type": {} + } + }, + "f:containerStatuses": {}, + "f:hostIP": {}, + "f:phase": {}, + "f:podIP": {}, + "f:podIPs": { + ".": {}, + "k:{\"ip\":\"10.244.1.6\"}": { + ".": {}, + "f:ip": {} + } + }, + "f:startTime": {} + } + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:26+00:00" + }, + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:labels": { + "f:tidb.pingcap.com/cluster-id": {}, + "f:tidb.pingcap.com/store-id": {} + } + } + }, + "manager": "tidb-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:53+00:00" + } + ], + "name": "test-cluster-tikv-1", + "namespace": "acto-namespace", + "owner_references": [ + { + "api_version": "apps/v1", + "block_owner_deletion": true, + "controller": true, + "kind": "StatefulSet", + "name": "test-cluster-tikv", + "uid": "0ef3c69e-a6cc-4a35-915f-a63fca1b67f8" + } + ], + "resource_version": "1402", + "self_link": null, + "uid": "fe7fca3f-2c5a-406e-856b-3b0bec9e4bfc" + }, + "spec": { + "active_deadline_seconds": null, + "affinity": null, + "automount_service_account_token": null, + "containers": [ + { + "args": null, + "command": [ + "sh", + "-c", + "touch /var/lib/tikv/raftdb.info; tail -n0 -F /var/lib/tikv/raftdb.info;" + ], + "env": null, + "env_from": null, + "image": "busybox:1.34.1", + "image_pull_policy": "IfNotPresent", + "lifecycle": null, + "liveness_probe": null, + "name": "raftlog", + "ports": null, + "readiness_probe": null, + "resources": { + "claims": null, + "limits": null, + "requests": null + }, + "security_context": null, + "startup_probe": null, + "stdin": null, + "stdin_once": null, + "termination_message_path": "/dev/termination-log", + "termination_message_policy": "File", + "tty": null, + "volume_devices": null, + "volume_mounts": [ + { + "mount_path": "/var/lib/tikv", + "mount_propagation": null, + "name": "tikv", + "read_only": null, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/var/run/secrets/kubernetes.io/serviceaccount", + "mount_propagation": null, + "name": "kube-api-access-5s7tz", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + } + ], + "working_dir": null + }, + { + "args": null, + "command": [ + "/bin/sh", + "/usr/local/bin/tikv_start_script.sh" + ], + "env": [ + { + "name": "NAMESPACE", + "value": null, + "value_from": { + "config_map_key_ref": null, + "field_ref": { + "api_version": "v1", + "field_path": "metadata.namespace" + }, + "resource_field_ref": null, + "secret_key_ref": null + } + }, + { + "name": "CLUSTER_NAME", + "value": "test-cluster", + "value_from": null + }, + { + "name": "HEADLESS_SERVICE_NAME", + "value": "test-cluster-tikv-peer", + "value_from": null + }, + { + "name": "CAPACITY", + "value": "0", + "value_from": null + }, + { + "name": "TZ", + "value": "UTC", + "value_from": null + } + ], + "env_from": null, + "image": "pingcap/tikv:v5.4.0", + "image_pull_policy": "IfNotPresent", + "lifecycle": null, + "liveness_probe": null, + "name": "tikv", + "ports": [ + { + "container_port": 20160, + "host_ip": null, + "host_port": null, + "name": "server", + "protocol": "TCP" + } + ], + "readiness_probe": null, + "resources": { + "claims": null, + "limits": null, + "requests": null + }, + "security_context": { + "allow_privilege_escalation": null, + "capabilities": null, + "privileged": false, + "proc_mount": null, + "read_only_root_filesystem": null, + "run_as_group": null, + "run_as_non_root": null, + "run_as_user": null, + "se_linux_options": null, + "seccomp_profile": null, + "windows_options": null + }, + "startup_probe": null, + "stdin": null, + "stdin_once": null, + "termination_message_path": "/dev/termination-log", + "termination_message_policy": "File", + "tty": null, + "volume_devices": null, + "volume_mounts": [ + { + "mount_path": "/etc/podinfo", + "mount_propagation": null, + "name": "annotations", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/var/lib/tikv", + "mount_propagation": null, + "name": "tikv", + "read_only": null, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/etc/tikv", + "mount_propagation": null, + "name": "config", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/usr/local/bin", + "mount_propagation": null, + "name": "startup-script", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/var/run/secrets/kubernetes.io/serviceaccount", + "mount_propagation": null, + "name": "kube-api-access-5s7tz", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + } + ], + "working_dir": null + } + ], + "dns_config": null, + "dns_policy": "ClusterFirst", + "enable_service_links": true, + "ephemeral_containers": null, + "host_aliases": null, + "host_ipc": null, + "host_network": null, + "host_pid": null, + "host_users": null, + "hostname": "test-cluster-tikv-1", + "image_pull_secrets": null, + "init_containers": null, + "node_name": "acto-0-cluster-0-worker", + "node_selector": null, + "os": null, + "overhead": null, + "preemption_policy": "PreemptLowerPriority", + "priority": 0, + "priority_class_name": null, + "readiness_gates": null, + "resource_claims": null, + "restart_policy": "Always", + "runtime_class_name": null, + "scheduler_name": "default-scheduler", + "scheduling_gates": null, + "security_context": { + "fs_group": null, + "fs_group_change_policy": null, + "run_as_group": null, + "run_as_non_root": null, + "run_as_user": null, + "se_linux_options": null, + "seccomp_profile": null, + "supplemental_groups": null, + "sysctls": null, + "windows_options": null + }, + "service_account": "default", + "service_account_name": "default", + "set_hostname_as_fqdn": null, + "share_process_namespace": null, + "subdomain": "test-cluster-tikv-peer", + "termination_grace_period_seconds": 30, + "tolerations": [ + { + "effect": "NoExecute", + "key": "node.kubernetes.io/not-ready", + "operator": "Exists", + "toleration_seconds": 300, + "value": null + }, + { + "effect": "NoExecute", + "key": "node.kubernetes.io/unreachable", + "operator": "Exists", + "toleration_seconds": 300, + "value": null + } + ], + "topology_spread_constraints": null, + "volumes": [ + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "tikv", + "nfs": null, + "persistent_volume_claim": { + "claim_name": "tikv-test-cluster-tikv-1", + "read_only": null + }, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": { + "default_mode": 420, + "items": [ + { + "field_ref": { + "api_version": "v1", + "field_path": "metadata.annotations" + }, + "mode": null, + "path": "annotations", + "resource_field_ref": null + } + ] + }, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "annotations", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": { + "default_mode": 420, + "items": [ + { + "key": "config-file", + "mode": null, + "path": "tikv.toml" + } + ], + "name": "test-cluster-tikv-3831336", + "optional": null + }, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "config", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": { + "default_mode": 420, + "items": [ + { + "key": "startup-script", + "mode": null, + "path": "tikv_start_script.sh" + } + ], + "name": "test-cluster-tikv-3831336", + "optional": null + }, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "startup-script", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "kube-api-access-5s7tz", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": { + "default_mode": 420, + "sources": [ + { + "config_map": null, + "downward_api": null, + "secret": null, + "service_account_token": { + "audience": null, + "expiration_seconds": 3607, + "path": "token" + } + }, + { + "config_map": { + "items": [ + { + "key": "ca.crt", + "mode": null, + "path": "ca.crt" + } + ], + "name": "kube-root-ca.crt", + "optional": null + }, + "downward_api": null, + "secret": null, + "service_account_token": null + }, + { + "config_map": null, + "downward_api": { + "items": [ + { + "field_ref": { + "api_version": "v1", + "field_path": "metadata.namespace" + }, + "mode": null, + "path": "namespace", + "resource_field_ref": null + } + ] + }, + "secret": null, + "service_account_token": null + } + ] + }, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + } + ] + }, + "status": { + "conditions": [ + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T01:20:25+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "Initialized" + }, + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T01:20:26+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "Ready" + }, + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T01:20:26+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "ContainersReady" + }, + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T01:20:25+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "PodScheduled" + } + ], + "container_statuses": [ + { + "container_id": "containerd://2a903ff218205ca1847d4a658fd553f9f83105cae8e452a0ab49a45a9cb519aa", + "image": "docker.io/library/busybox:1.34.1", + "image_id": "docker.io/library/import-2024-02-27@sha256:c4d04d75f4fed737c946055f12e8eae66b6272e59afc5c9ed865428d7c215dad", + "last_state": { + "running": null, + "terminated": null, + "waiting": null + }, + "name": "raftlog", + "ready": true, + "restart_count": 0, + "started": true, + "state": { + "running": { + "started_at": "2024-02-27T01:20:25+00:00" + }, + "terminated": null, + "waiting": null + } + }, + { + "container_id": "containerd://e1f2bab2135a4fc029b9b2e4b8bb1277707a8d62f0459081cbf008887a9f1ae1", + "image": "docker.io/pingcap/tikv:v5.4.0", + "image_id": "docker.io/library/import-2024-02-27@sha256:6a5cc1deaa123c842cd3537ed4e322ce7e9ab42b8f45ee1d59dd0a7520ca6acc", + "last_state": { + "running": null, + "terminated": null, + "waiting": null + }, + "name": "tikv", + "ready": true, + "restart_count": 0, + "started": true, + "state": { + "running": { + "started_at": "2024-02-27T01:20:26+00:00" + }, + "terminated": null, + "waiting": null + } + } + ], + "ephemeral_container_statuses": null, + "host_ip": "172.18.0.2", + "init_container_statuses": null, + "message": null, + "nominated_node_name": null, + "phase": "Running", + "pod_ip": "10.244.1.6", + "pod_i_ps": [ + { + "ip": "10.244.1.6" + } + ], + "qos_class": "BestEffort", + "reason": null, + "start_time": "2024-02-27T01:20:25+00:00" + } + }, + "test-cluster-tikv-2": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": { + "prometheus.io/path": "/metrics", + "prometheus.io/port": "20180", + "prometheus.io/scrape": "true" + }, + "creation_timestamp": "2024-02-27T01:20:22+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": "test-cluster-tikv-", + "generation": null, + "labels": { + "app.kubernetes.io/component": "tikv", + "app.kubernetes.io/instance": "test-cluster", + "app.kubernetes.io/managed-by": "tidb-operator", + "app.kubernetes.io/name": "tidb-cluster", + "apps.kubernetes.io/pod-index": "2", + "controller-revision-hash": "test-cluster-tikv-797dfd54bf", + "statefulset.kubernetes.io/pod-name": "test-cluster-tikv-2", + "tidb.pingcap.com/cluster-id": "7340085439264123903", + "tidb.pingcap.com/store-id": "4" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + ".": {}, + "f:prometheus.io/path": {}, + "f:prometheus.io/port": {}, + "f:prometheus.io/scrape": {} + }, + "f:generateName": {}, + "f:labels": { + ".": {}, + "f:app.kubernetes.io/component": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {}, + "f:apps.kubernetes.io/pod-index": {}, + "f:controller-revision-hash": {}, + "f:statefulset.kubernetes.io/pod-name": {} + }, + "f:ownerReferences": { + ".": {}, + "k:{\"uid\":\"0ef3c69e-a6cc-4a35-915f-a63fca1b67f8\"}": {} + } + }, + "f:spec": { + "f:containers": { + "k:{\"name\":\"raftlog\"}": { + ".": {}, + "f:command": {}, + "f:image": {}, + "f:imagePullPolicy": {}, + "f:name": {}, + "f:resources": {}, + "f:terminationMessagePath": {}, + "f:terminationMessagePolicy": {}, + "f:volumeMounts": { + ".": {}, + "k:{\"mountPath\":\"/var/lib/tikv\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {} + } + } + }, + "k:{\"name\":\"tikv\"}": { + ".": {}, + "f:command": {}, + "f:env": { + ".": {}, + "k:{\"name\":\"CAPACITY\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"CLUSTER_NAME\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"HEADLESS_SERVICE_NAME\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"NAMESPACE\"}": { + ".": {}, + "f:name": {}, + "f:valueFrom": { + ".": {}, + "f:fieldRef": {} + } + }, + "k:{\"name\":\"TZ\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + } + }, + "f:image": {}, + "f:imagePullPolicy": {}, + "f:name": {}, + "f:ports": { + ".": {}, + "k:{\"containerPort\":20160,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + } + }, + "f:resources": {}, + "f:securityContext": { + ".": {}, + "f:privileged": {} + }, + "f:terminationMessagePath": {}, + "f:terminationMessagePolicy": {}, + "f:volumeMounts": { + ".": {}, + "k:{\"mountPath\":\"/etc/podinfo\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {}, + "f:readOnly": {} + }, + "k:{\"mountPath\":\"/etc/tikv\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {}, + "f:readOnly": {} + }, + "k:{\"mountPath\":\"/usr/local/bin\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {}, + "f:readOnly": {} + }, + "k:{\"mountPath\":\"/var/lib/tikv\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {} + } + } + } + }, + "f:dnsPolicy": {}, + "f:enableServiceLinks": {}, + "f:hostname": {}, + "f:restartPolicy": {}, + "f:schedulerName": {}, + "f:securityContext": {}, + "f:subdomain": {}, + "f:terminationGracePeriodSeconds": {}, + "f:volumes": { + ".": {}, + "k:{\"name\":\"annotations\"}": { + ".": {}, + "f:downwardAPI": { + ".": {}, + "f:defaultMode": {}, + "f:items": {} + }, + "f:name": {} + }, + "k:{\"name\":\"config\"}": { + ".": {}, + "f:configMap": { + ".": {}, + "f:defaultMode": {}, + "f:items": {}, + "f:name": {} + }, + "f:name": {} + }, + "k:{\"name\":\"startup-script\"}": { + ".": {}, + "f:configMap": { + ".": {}, + "f:defaultMode": {}, + "f:items": {}, + "f:name": {} + }, + "f:name": {} + }, + "k:{\"name\":\"tikv\"}": { + ".": {}, + "f:name": {}, + "f:persistentVolumeClaim": { + ".": {}, + "f:claimName": {} + } + } + } + } + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:22+00:00" + }, + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:status": { + "f:conditions": { + "k:{\"type\":\"ContainersReady\"}": { + ".": {}, + "f:lastProbeTime": {}, + "f:lastTransitionTime": {}, + "f:status": {}, + "f:type": {} + }, + "k:{\"type\":\"Initialized\"}": { + ".": {}, + "f:lastProbeTime": {}, + "f:lastTransitionTime": {}, + "f:status": {}, + "f:type": {} + }, + "k:{\"type\":\"Ready\"}": { + ".": {}, + "f:lastProbeTime": {}, + "f:lastTransitionTime": {}, + "f:status": {}, + "f:type": {} + } + }, + "f:containerStatuses": {}, + "f:hostIP": {}, + "f:phase": {}, + "f:podIP": {}, + "f:podIPs": { + ".": {}, + "k:{\"ip\":\"10.244.3.7\"}": { + ".": {}, + "f:ip": {} + } + }, + "f:startTime": {} + } + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:26+00:00" + }, + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:labels": { + "f:tidb.pingcap.com/cluster-id": {}, + "f:tidb.pingcap.com/store-id": {} + } + } + }, + "manager": "tidb-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:54+00:00" + } + ], + "name": "test-cluster-tikv-2", + "namespace": "acto-namespace", + "owner_references": [ + { + "api_version": "apps/v1", + "block_owner_deletion": true, + "controller": true, + "kind": "StatefulSet", + "name": "test-cluster-tikv", + "uid": "0ef3c69e-a6cc-4a35-915f-a63fca1b67f8" + } + ], + "resource_version": "1406", + "self_link": null, + "uid": "15df53c3-220b-48c9-82e6-5bde9ad0ef90" + }, + "spec": { + "active_deadline_seconds": null, + "affinity": null, + "automount_service_account_token": null, + "containers": [ + { + "args": null, + "command": [ + "sh", + "-c", + "touch /var/lib/tikv/raftdb.info; tail -n0 -F /var/lib/tikv/raftdb.info;" + ], + "env": null, + "env_from": null, + "image": "busybox:1.34.1", + "image_pull_policy": "IfNotPresent", + "lifecycle": null, + "liveness_probe": null, + "name": "raftlog", + "ports": null, + "readiness_probe": null, + "resources": { + "claims": null, + "limits": null, + "requests": null + }, + "security_context": null, + "startup_probe": null, + "stdin": null, + "stdin_once": null, + "termination_message_path": "/dev/termination-log", + "termination_message_policy": "File", + "tty": null, + "volume_devices": null, + "volume_mounts": [ + { + "mount_path": "/var/lib/tikv", + "mount_propagation": null, + "name": "tikv", + "read_only": null, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/var/run/secrets/kubernetes.io/serviceaccount", + "mount_propagation": null, + "name": "kube-api-access-b2gzd", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + } + ], + "working_dir": null + }, + { + "args": null, + "command": [ + "/bin/sh", + "/usr/local/bin/tikv_start_script.sh" + ], + "env": [ + { + "name": "NAMESPACE", + "value": null, + "value_from": { + "config_map_key_ref": null, + "field_ref": { + "api_version": "v1", + "field_path": "metadata.namespace" + }, + "resource_field_ref": null, + "secret_key_ref": null + } + }, + { + "name": "CLUSTER_NAME", + "value": "test-cluster", + "value_from": null + }, + { + "name": "HEADLESS_SERVICE_NAME", + "value": "test-cluster-tikv-peer", + "value_from": null + }, + { + "name": "CAPACITY", + "value": "0", + "value_from": null + }, + { + "name": "TZ", + "value": "UTC", + "value_from": null + } + ], + "env_from": null, + "image": "pingcap/tikv:v5.4.0", + "image_pull_policy": "IfNotPresent", + "lifecycle": null, + "liveness_probe": null, + "name": "tikv", + "ports": [ + { + "container_port": 20160, + "host_ip": null, + "host_port": null, + "name": "server", + "protocol": "TCP" + } + ], + "readiness_probe": null, + "resources": { + "claims": null, + "limits": null, + "requests": null + }, + "security_context": { + "allow_privilege_escalation": null, + "capabilities": null, + "privileged": false, + "proc_mount": null, + "read_only_root_filesystem": null, + "run_as_group": null, + "run_as_non_root": null, + "run_as_user": null, + "se_linux_options": null, + "seccomp_profile": null, + "windows_options": null + }, + "startup_probe": null, + "stdin": null, + "stdin_once": null, + "termination_message_path": "/dev/termination-log", + "termination_message_policy": "File", + "tty": null, + "volume_devices": null, + "volume_mounts": [ + { + "mount_path": "/etc/podinfo", + "mount_propagation": null, + "name": "annotations", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/var/lib/tikv", + "mount_propagation": null, + "name": "tikv", + "read_only": null, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/etc/tikv", + "mount_propagation": null, + "name": "config", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/usr/local/bin", + "mount_propagation": null, + "name": "startup-script", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/var/run/secrets/kubernetes.io/serviceaccount", + "mount_propagation": null, + "name": "kube-api-access-b2gzd", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + } + ], + "working_dir": null + } + ], + "dns_config": null, + "dns_policy": "ClusterFirst", + "enable_service_links": true, + "ephemeral_containers": null, + "host_aliases": null, + "host_ipc": null, + "host_network": null, + "host_pid": null, + "host_users": null, + "hostname": "test-cluster-tikv-2", + "image_pull_secrets": null, + "init_containers": null, + "node_name": "acto-0-cluster-0-worker3", + "node_selector": null, + "os": null, + "overhead": null, + "preemption_policy": "PreemptLowerPriority", + "priority": 0, + "priority_class_name": null, + "readiness_gates": null, + "resource_claims": null, + "restart_policy": "Always", + "runtime_class_name": null, + "scheduler_name": "default-scheduler", + "scheduling_gates": null, + "security_context": { + "fs_group": null, + "fs_group_change_policy": null, + "run_as_group": null, + "run_as_non_root": null, + "run_as_user": null, + "se_linux_options": null, + "seccomp_profile": null, + "supplemental_groups": null, + "sysctls": null, + "windows_options": null + }, + "service_account": "default", + "service_account_name": "default", + "set_hostname_as_fqdn": null, + "share_process_namespace": null, + "subdomain": "test-cluster-tikv-peer", + "termination_grace_period_seconds": 30, + "tolerations": [ + { + "effect": "NoExecute", + "key": "node.kubernetes.io/not-ready", + "operator": "Exists", + "toleration_seconds": 300, + "value": null + }, + { + "effect": "NoExecute", + "key": "node.kubernetes.io/unreachable", + "operator": "Exists", + "toleration_seconds": 300, + "value": null + } + ], + "topology_spread_constraints": null, + "volumes": [ + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "tikv", + "nfs": null, + "persistent_volume_claim": { + "claim_name": "tikv-test-cluster-tikv-2", + "read_only": null + }, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": { + "default_mode": 420, + "items": [ + { + "field_ref": { + "api_version": "v1", + "field_path": "metadata.annotations" + }, + "mode": null, + "path": "annotations", + "resource_field_ref": null + } + ] + }, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "annotations", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": { + "default_mode": 420, + "items": [ + { + "key": "config-file", + "mode": null, + "path": "tikv.toml" + } + ], + "name": "test-cluster-tikv-3831336", + "optional": null + }, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "config", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": { + "default_mode": 420, + "items": [ + { + "key": "startup-script", + "mode": null, + "path": "tikv_start_script.sh" + } + ], + "name": "test-cluster-tikv-3831336", + "optional": null + }, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "startup-script", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "kube-api-access-b2gzd", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": { + "default_mode": 420, + "sources": [ + { + "config_map": null, + "downward_api": null, + "secret": null, + "service_account_token": { + "audience": null, + "expiration_seconds": 3607, + "path": "token" + } + }, + { + "config_map": { + "items": [ + { + "key": "ca.crt", + "mode": null, + "path": "ca.crt" + } + ], + "name": "kube-root-ca.crt", + "optional": null + }, + "downward_api": null, + "secret": null, + "service_account_token": null + }, + { + "config_map": null, + "downward_api": { + "items": [ + { + "field_ref": { + "api_version": "v1", + "field_path": "metadata.namespace" + }, + "mode": null, + "path": "namespace", + "resource_field_ref": null + } + ] + }, + "secret": null, + "service_account_token": null + } + ] + }, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + } + ] + }, + "status": { + "conditions": [ + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T01:20:25+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "Initialized" + }, + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T01:20:26+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "Ready" + }, + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T01:20:26+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "ContainersReady" + }, + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T01:20:25+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "PodScheduled" + } + ], + "container_statuses": [ + { + "container_id": "containerd://2be24527e2ca73029ada8ae9cba4260d770721b6b115118d852522a43906260e", + "image": "docker.io/library/busybox:1.34.1", + "image_id": "docker.io/library/import-2024-02-27@sha256:c4d04d75f4fed737c946055f12e8eae66b6272e59afc5c9ed865428d7c215dad", + "last_state": { + "running": null, + "terminated": null, + "waiting": null + }, + "name": "raftlog", + "ready": true, + "restart_count": 0, + "started": true, + "state": { + "running": { + "started_at": "2024-02-27T01:20:25+00:00" + }, + "terminated": null, + "waiting": null + } + }, + { + "container_id": "containerd://56d376cf937d44d43a9352cdab2a3c102609b651357f357c5062676a99d63dcd", + "image": "docker.io/pingcap/tikv:v5.4.0", + "image_id": "docker.io/library/import-2024-02-27@sha256:6a5cc1deaa123c842cd3537ed4e322ce7e9ab42b8f45ee1d59dd0a7520ca6acc", + "last_state": { + "running": null, + "terminated": null, + "waiting": null + }, + "name": "tikv", + "ready": true, + "restart_count": 0, + "started": true, + "state": { + "running": { + "started_at": "2024-02-27T01:20:26+00:00" + }, + "terminated": null, + "waiting": null + } + } + ], + "ephemeral_container_statuses": null, + "host_ip": "172.18.0.3", + "init_container_statuses": null, + "message": null, + "nominated_node_name": null, + "phase": "Running", + "pod_ip": "10.244.3.7", + "pod_i_ps": [ + { + "ip": "10.244.3.7" + } + ], + "qos_class": "BestEffort", + "reason": null, + "start_time": "2024-02-27T01:20:25+00:00" + } + } + }, + "deployment_pods": { + "test-cluster-discovery": [ + { + "api_version": null, + "kind": null, + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:19:59+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": "test-cluster-discovery-689d8466cb-", + "generation": null, + "labels": { + "app.kubernetes.io/component": "discovery", + "app.kubernetes.io/instance": "test-cluster", + "app.kubernetes.io/managed-by": "tidb-operator", + "app.kubernetes.io/name": "tidb-cluster", + "pod-template-hash": "689d8466cb", + "tidb.pingcap.com/cluster-id": "7340085439264123903" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:generateName": {}, + "f:labels": { + ".": {}, + "f:app.kubernetes.io/component": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {}, + "f:pod-template-hash": {} + }, + "f:ownerReferences": { + ".": {}, + "k:{\"uid\":\"a6ae946c-e641-488e-8d11-8f8a0e04bed1\"}": {} + } + }, + "f:spec": { + "f:containers": { + "k:{\"name\":\"discovery\"}": { + ".": {}, + "f:command": {}, + "f:env": { + ".": {}, + "k:{\"name\":\"MY_POD_NAMESPACE\"}": { + ".": {}, + "f:name": {}, + "f:valueFrom": { + ".": {}, + "f:fieldRef": {} + } + }, + "k:{\"name\":\"TC_NAME\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"TZ\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + } + }, + "f:image": {}, + "f:imagePullPolicy": {}, + "f:name": {}, + "f:ports": { + ".": {}, + "k:{\"containerPort\":10261,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + }, + "k:{\"containerPort\":10262,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + } + }, + "f:resources": {}, + "f:terminationMessagePath": {}, + "f:terminationMessagePolicy": {} + } + }, + "f:dnsPolicy": {}, + "f:enableServiceLinks": {}, + "f:restartPolicy": {}, + "f:schedulerName": {}, + "f:securityContext": {}, + "f:serviceAccount": {}, + "f:serviceAccountName": {}, + "f:terminationGracePeriodSeconds": {} + } + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:59+00:00" + }, + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:status": { + "f:conditions": { + "k:{\"type\":\"ContainersReady\"}": { + ".": {}, + "f:lastProbeTime": {}, + "f:lastTransitionTime": {}, + "f:status": {}, + "f:type": {} + }, + "k:{\"type\":\"Initialized\"}": { + ".": {}, + "f:lastProbeTime": {}, + "f:lastTransitionTime": {}, + "f:status": {}, + "f:type": {} + }, + "k:{\"type\":\"Ready\"}": { + ".": {}, + "f:lastProbeTime": {}, + "f:lastTransitionTime": {}, + "f:status": {}, + "f:type": {} + } + }, + "f:containerStatuses": {}, + "f:hostIP": {}, + "f:phase": {}, + "f:podIP": {}, + "f:podIPs": { + ".": {}, + "k:{\"ip\":\"10.244.2.3\"}": { + ".": {}, + "f:ip": {} + } + }, + "f:startTime": {} + } + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:01+00:00" + }, + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:labels": { + "f:tidb.pingcap.com/cluster-id": {} + } + } + }, + "manager": "tidb-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:55+00:00" + } + ], + "name": "test-cluster-discovery-689d8466cb-rkhsw", + "namespace": "acto-namespace", + "owner_references": [ + { + "api_version": "apps/v1", + "block_owner_deletion": true, + "controller": true, + "kind": "ReplicaSet", + "name": "test-cluster-discovery-689d8466cb", + "uid": "a6ae946c-e641-488e-8d11-8f8a0e04bed1" + } + ], + "resource_version": "1411", + "self_link": null, + "uid": "7d5c38de-d388-4f79-a1eb-dbfcb1333562" + }, + "spec": { + "active_deadline_seconds": null, + "affinity": null, + "automount_service_account_token": null, + "containers": [ + { + "args": null, + "command": [ + "/usr/local/bin/tidb-discovery" + ], + "env": [ + { + "name": "MY_POD_NAMESPACE", + "value": null, + "value_from": { + "config_map_key_ref": null, + "field_ref": { + "api_version": "v1", + "field_path": "metadata.namespace" + }, + "resource_field_ref": null, + "secret_key_ref": null + } + }, + { + "name": "TZ", + "value": "UTC", + "value_from": null + }, + { + "name": "TC_NAME", + "value": "test-cluster", + "value_from": null + } + ], + "env_from": null, + "image": "pingcap/tidb-operator:v1.3.2", + "image_pull_policy": "IfNotPresent", + "lifecycle": null, + "liveness_probe": null, + "name": "discovery", + "ports": [ + { + "container_port": 10261, + "host_ip": null, + "host_port": null, + "name": "discovery", + "protocol": "TCP" + }, + { + "container_port": 10262, + "host_ip": null, + "host_port": null, + "name": "proxy", + "protocol": "TCP" + } + ], + "readiness_probe": null, + "resources": { + "claims": null, + "limits": null, + "requests": null + }, + "security_context": null, + "startup_probe": null, + "stdin": null, + "stdin_once": null, + "termination_message_path": "/dev/termination-log", + "termination_message_policy": "File", + "tty": null, + "volume_devices": null, + "volume_mounts": [ + { + "mount_path": "/var/run/secrets/kubernetes.io/serviceaccount", + "mount_propagation": null, + "name": "kube-api-access-kvn5p", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + } + ], + "working_dir": null + } + ], + "dns_config": null, + "dns_policy": "ClusterFirst", + "enable_service_links": true, + "ephemeral_containers": null, + "host_aliases": null, + "host_ipc": null, + "host_network": null, + "host_pid": null, + "host_users": null, + "hostname": null, + "image_pull_secrets": null, + "init_containers": null, + "node_name": "acto-0-cluster-0-worker2", + "node_selector": null, + "os": null, + "overhead": null, + "preemption_policy": "PreemptLowerPriority", + "priority": 0, + "priority_class_name": null, + "readiness_gates": null, + "resource_claims": null, + "restart_policy": "Always", + "runtime_class_name": null, + "scheduler_name": "default-scheduler", + "scheduling_gates": null, + "security_context": { + "fs_group": null, + "fs_group_change_policy": null, + "run_as_group": null, + "run_as_non_root": null, + "run_as_user": null, + "se_linux_options": null, + "seccomp_profile": null, + "supplemental_groups": null, + "sysctls": null, + "windows_options": null + }, + "service_account": "test-cluster-discovery", + "service_account_name": "test-cluster-discovery", + "set_hostname_as_fqdn": null, + "share_process_namespace": null, + "subdomain": null, + "termination_grace_period_seconds": 30, + "tolerations": [ + { + "effect": "NoExecute", + "key": "node.kubernetes.io/not-ready", + "operator": "Exists", + "toleration_seconds": 300, + "value": null + }, + { + "effect": "NoExecute", + "key": "node.kubernetes.io/unreachable", + "operator": "Exists", + "toleration_seconds": 300, + "value": null + } + ], + "topology_spread_constraints": null, + "volumes": [ + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "kube-api-access-kvn5p", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": { + "default_mode": 420, + "sources": [ + { + "config_map": null, + "downward_api": null, + "secret": null, + "service_account_token": { + "audience": null, + "expiration_seconds": 3607, + "path": "token" + } + }, + { + "config_map": { + "items": [ + { + "key": "ca.crt", + "mode": null, + "path": "ca.crt" + } + ], + "name": "kube-root-ca.crt", + "optional": null + }, + "downward_api": null, + "secret": null, + "service_account_token": null + }, + { + "config_map": null, + "downward_api": { + "items": [ + { + "field_ref": { + "api_version": "v1", + "field_path": "metadata.namespace" + }, + "mode": null, + "path": "namespace", + "resource_field_ref": null + } + ] + }, + "secret": null, + "service_account_token": null + } + ] + }, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + } + ] + }, + "status": { + "conditions": [ + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T01:19:59+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "Initialized" + }, + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T01:20:01+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "Ready" + }, + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T01:20:01+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "ContainersReady" + }, + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T01:19:59+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "PodScheduled" + } + ], + "container_statuses": [ + { + "container_id": "containerd://28e3a899abba97d805ee331d8c6d6c446d517b15a8803a799a37537f194899b1", + "image": "docker.io/pingcap/tidb-operator:v1.3.2", + "image_id": "docker.io/library/import-2024-02-27@sha256:c76b0aaafb25be29b2618f334a63ffbc5be84d1ddc1660eb0c9e1aa43854b9bc", + "last_state": { + "running": null, + "terminated": null, + "waiting": null + }, + "name": "discovery", + "ready": true, + "restart_count": 0, + "started": true, + "state": { + "running": { + "started_at": "2024-02-27T01:20:00+00:00" + }, + "terminated": null, + "waiting": null + } + } + ], + "ephemeral_container_statuses": null, + "host_ip": "172.18.0.5", + "init_container_statuses": null, + "message": null, + "nominated_node_name": null, + "phase": "Running", + "pod_ip": "10.244.2.3", + "pod_i_ps": [ + { + "ip": "10.244.2.3" + } + ], + "qos_class": "BestEffort", + "reason": null, + "start_time": "2024-02-27T01:19:59+00:00" + } + } + ], + "tidb-controller-manager": [ + { + "api_version": null, + "kind": null, + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:19:34+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": "tidb-controller-manager-7b6bdb846c-", + "generation": null, + "labels": { + "acto/tag": "operator-pod", + "app.kubernetes.io/component": "controller-manager", + "app.kubernetes.io/instance": "acto-test-operator", + "app.kubernetes.io/name": "tidb-operator", + "pod-template-hash": "7b6bdb846c" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:generateName": {}, + "f:labels": { + ".": {}, + "f:acto/tag": {}, + "f:app.kubernetes.io/component": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/name": {}, + "f:pod-template-hash": {} + }, + "f:ownerReferences": { + ".": {}, + "k:{\"uid\":\"bb205349-db16-4be3-a580-837c95106a43\"}": {} + } + }, + "f:spec": { + "f:containers": { + "k:{\"name\":\"tidb-operator\"}": { + ".": {}, + "f:command": {}, + "f:env": { + ".": {}, + "k:{\"name\":\"NAMESPACE\"}": { + ".": {}, + "f:name": {}, + "f:valueFrom": { + ".": {}, + "f:fieldRef": {} + } + }, + "k:{\"name\":\"TZ\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + } + }, + "f:image": {}, + "f:imagePullPolicy": {}, + "f:livenessProbe": { + ".": {}, + "f:failureThreshold": {}, + "f:initialDelaySeconds": {}, + "f:periodSeconds": {}, + "f:successThreshold": {}, + "f:tcpSocket": { + ".": {}, + "f:port": {} + }, + "f:timeoutSeconds": {} + }, + "f:name": {}, + "f:resources": { + ".": {}, + "f:requests": { + ".": {}, + "f:cpu": {}, + "f:memory": {} + } + }, + "f:terminationMessagePath": {}, + "f:terminationMessagePolicy": {} + } + }, + "f:dnsPolicy": {}, + "f:enableServiceLinks": {}, + "f:restartPolicy": {}, + "f:schedulerName": {}, + "f:securityContext": {}, + "f:serviceAccount": {}, + "f:serviceAccountName": {}, + "f:terminationGracePeriodSeconds": {} + } + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:34+00:00" + }, + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:status": { + "f:conditions": { + "k:{\"type\":\"ContainersReady\"}": { + ".": {}, + "f:lastProbeTime": {}, + "f:lastTransitionTime": {}, + "f:status": {}, + "f:type": {} + }, + "k:{\"type\":\"Initialized\"}": { + ".": {}, + "f:lastProbeTime": {}, + "f:lastTransitionTime": {}, + "f:status": {}, + "f:type": {} + }, + "k:{\"type\":\"Ready\"}": { + ".": {}, + "f:lastProbeTime": {}, + "f:lastTransitionTime": {}, + "f:status": {}, + "f:type": {} + } + }, + "f:containerStatuses": {}, + "f:hostIP": {}, + "f:phase": {}, + "f:podIP": {}, + "f:podIPs": { + ".": {}, + "k:{\"ip\":\"10.244.1.2\"}": { + ".": {}, + "f:ip": {} + } + }, + "f:startTime": {} + } + }, + "manager": "kubelet", + "operation": "Update", + "subresource": "status", + "time": "2024-02-27T01:19:35+00:00" + } + ], + "name": "tidb-controller-manager-7b6bdb846c-75s8q", + "namespace": "acto-namespace", + "owner_references": [ + { + "api_version": "apps/v1", + "block_owner_deletion": true, + "controller": true, + "kind": "ReplicaSet", + "name": "tidb-controller-manager-7b6bdb846c", + "uid": "bb205349-db16-4be3-a580-837c95106a43" + } + ], + "resource_version": "772", + "self_link": null, + "uid": "b93e5400-95b9-4849-81cd-5e05969d0494" + }, + "spec": { + "active_deadline_seconds": null, + "affinity": null, + "automount_service_account_token": null, + "containers": [ + { + "args": null, + "command": [ + "/usr/local/bin/tidb-controller-manager", + "-tidb-backup-manager-image=pingcap/tidb-backup-manager:v1.3.2", + "-tidb-discovery-image=pingcap/tidb-operator:v1.3.2", + "-cluster-scoped=true", + "-cluster-permission-node=true", + "-cluster-permission-pv=true", + "-cluster-permission-sc=true", + "-auto-failover=true", + "-pd-failover-period=5m", + "-tikv-failover-period=5m", + "-tiflash-failover-period=5m", + "-tidb-failover-period=5m", + "-dm-master-failover-period=5m", + "-dm-worker-failover-period=5m", + "-v=2" + ], + "env": [ + { + "name": "NAMESPACE", + "value": null, + "value_from": { + "config_map_key_ref": null, + "field_ref": { + "api_version": "v1", + "field_path": "metadata.namespace" + }, + "resource_field_ref": null, + "secret_key_ref": null + } + }, + { + "name": "TZ", + "value": "UTC", + "value_from": null + } + ], + "env_from": null, + "image": "pingcap/tidb-operator:v1.3.2", + "image_pull_policy": "IfNotPresent", + "lifecycle": null, + "liveness_probe": { + "_exec": null, + "failure_threshold": 10, + "grpc": null, + "http_get": null, + "initial_delay_seconds": 30, + "period_seconds": 10, + "success_threshold": 1, + "tcp_socket": { + "host": null, + "port": 6060 + }, + "termination_grace_period_seconds": null, + "timeout_seconds": 1 + }, + "name": "tidb-operator", + "ports": null, + "readiness_probe": null, + "resources": { + "claims": null, + "limits": null, + "requests": { + "cpu": "80m", + "memory": "50Mi" + } + }, + "security_context": null, + "startup_probe": null, + "stdin": null, + "stdin_once": null, + "termination_message_path": "/dev/termination-log", + "termination_message_policy": "File", + "tty": null, + "volume_devices": null, + "volume_mounts": [ + { + "mount_path": "/var/run/secrets/kubernetes.io/serviceaccount", + "mount_propagation": null, + "name": "kube-api-access-cwpt2", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + } + ], + "working_dir": null + } + ], + "dns_config": null, + "dns_policy": "ClusterFirst", + "enable_service_links": true, + "ephemeral_containers": null, + "host_aliases": null, + "host_ipc": null, + "host_network": null, + "host_pid": null, + "host_users": null, + "hostname": null, + "image_pull_secrets": null, + "init_containers": null, + "node_name": "acto-0-cluster-0-worker", + "node_selector": null, + "os": null, + "overhead": null, + "preemption_policy": "PreemptLowerPriority", + "priority": 0, + "priority_class_name": null, + "readiness_gates": null, + "resource_claims": null, + "restart_policy": "Always", + "runtime_class_name": null, + "scheduler_name": "default-scheduler", + "scheduling_gates": null, + "security_context": { + "fs_group": null, + "fs_group_change_policy": null, + "run_as_group": null, + "run_as_non_root": null, + "run_as_user": null, + "se_linux_options": null, + "seccomp_profile": null, + "supplemental_groups": null, + "sysctls": null, + "windows_options": null + }, + "service_account": "tidb-controller-manager", + "service_account_name": "tidb-controller-manager", + "set_hostname_as_fqdn": null, + "share_process_namespace": null, + "subdomain": null, + "termination_grace_period_seconds": 30, + "tolerations": [ + { + "effect": "NoExecute", + "key": "node.kubernetes.io/not-ready", + "operator": "Exists", + "toleration_seconds": 300, + "value": null + }, + { + "effect": "NoExecute", + "key": "node.kubernetes.io/unreachable", + "operator": "Exists", + "toleration_seconds": 300, + "value": null + } + ], + "topology_spread_constraints": null, + "volumes": [ + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "kube-api-access-cwpt2", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": { + "default_mode": 420, + "sources": [ + { + "config_map": null, + "downward_api": null, + "secret": null, + "service_account_token": { + "audience": null, + "expiration_seconds": 3607, + "path": "token" + } + }, + { + "config_map": { + "items": [ + { + "key": "ca.crt", + "mode": null, + "path": "ca.crt" + } + ], + "name": "kube-root-ca.crt", + "optional": null + }, + "downward_api": null, + "secret": null, + "service_account_token": null + }, + { + "config_map": null, + "downward_api": { + "items": [ + { + "field_ref": { + "api_version": "v1", + "field_path": "metadata.namespace" + }, + "mode": null, + "path": "namespace", + "resource_field_ref": null + } + ] + }, + "secret": null, + "service_account_token": null + } + ] + }, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + } + ] + }, + "status": { + "conditions": [ + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T01:19:34+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "Initialized" + }, + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T01:19:35+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "Ready" + }, + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T01:19:35+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "ContainersReady" + }, + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T01:19:34+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "PodScheduled" + } + ], + "container_statuses": [ + { + "container_id": "containerd://caea90884ede486bbd27d844516f0cc0e2902939d2af7a26eb8e979f7a95f801", + "image": "docker.io/pingcap/tidb-operator:v1.3.2", + "image_id": "docker.io/library/import-2024-02-27@sha256:c76b0aaafb25be29b2618f334a63ffbc5be84d1ddc1660eb0c9e1aa43854b9bc", + "last_state": { + "running": null, + "terminated": null, + "waiting": null + }, + "name": "tidb-operator", + "ready": true, + "restart_count": 0, + "started": true, + "state": { + "running": { + "started_at": "2024-02-27T01:19:34+00:00" + }, + "terminated": null, + "waiting": null + } + } + ], + "ephemeral_container_statuses": null, + "host_ip": "172.18.0.2", + "init_container_statuses": null, + "message": null, + "nominated_node_name": null, + "phase": "Running", + "pod_ip": "10.244.1.2", + "pod_i_ps": [ + { + "ip": "10.244.1.2" + } + ], + "qos_class": "Burstable", + "reason": null, + "start_time": "2024-02-27T01:19:34+00:00" + } + } + ], + "tidb-scheduler": [ + { + "api_version": null, + "kind": null, + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:19:34+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": "tidb-scheduler-77874455fc-", + "generation": null, + "labels": { + "acto/tag": "operator-pod", + "app.kubernetes.io/component": "scheduler", + "app.kubernetes.io/instance": "acto-test-operator", + "app.kubernetes.io/name": "tidb-operator", + "pod-template-hash": "77874455fc" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:generateName": {}, + "f:labels": { + ".": {}, + "f:acto/tag": {}, + "f:app.kubernetes.io/component": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/name": {}, + "f:pod-template-hash": {} + }, + "f:ownerReferences": { + ".": {}, + "k:{\"uid\":\"c9b2667a-583a-46ba-9e81-967fa44bd897\"}": {} + } + }, + "f:spec": { + "f:containers": { + "k:{\"name\":\"kube-scheduler\"}": { + ".": {}, + "f:command": {}, + "f:image": {}, + "f:imagePullPolicy": {}, + "f:name": {}, + "f:resources": { + ".": {}, + "f:limits": { + ".": {}, + "f:cpu": {}, + "f:memory": {} + }, + "f:requests": { + ".": {}, + "f:cpu": {}, + "f:memory": {} + } + }, + "f:terminationMessagePath": {}, + "f:terminationMessagePolicy": {}, + "f:volumeMounts": { + ".": {}, + "k:{\"mountPath\":\"/etc/kubernetes\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {} + } + } + }, + "k:{\"name\":\"tidb-scheduler\"}": { + ".": {}, + "f:command": {}, + "f:image": {}, + "f:imagePullPolicy": {}, + "f:name": {}, + "f:resources": { + ".": {}, + "f:limits": { + ".": {}, + "f:cpu": {}, + "f:memory": {} + }, + "f:requests": { + ".": {}, + "f:cpu": {}, + "f:memory": {} + } + }, + "f:terminationMessagePath": {}, + "f:terminationMessagePolicy": {} + } + }, + "f:dnsPolicy": {}, + "f:enableServiceLinks": {}, + "f:restartPolicy": {}, + "f:schedulerName": {}, + "f:securityContext": {}, + "f:serviceAccount": {}, + "f:serviceAccountName": {}, + "f:terminationGracePeriodSeconds": {}, + "f:volumes": { + ".": {}, + "k:{\"name\":\"scheduler-config\"}": { + ".": {}, + "f:configMap": { + ".": {}, + "f:defaultMode": {}, + "f:name": {} + }, + "f:name": {} + } + } + } + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:34+00:00" + }, + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:status": { + "f:conditions": { + "k:{\"type\":\"ContainersReady\"}": { + ".": {}, + "f:lastProbeTime": {}, + "f:lastTransitionTime": {}, + "f:status": {}, + "f:type": {} + }, + "k:{\"type\":\"Initialized\"}": { + ".": {}, + "f:lastProbeTime": {}, + "f:lastTransitionTime": {}, + "f:status": {}, + "f:type": {} + }, + "k:{\"type\":\"Ready\"}": { + ".": {}, + "f:lastProbeTime": {}, + "f:lastTransitionTime": {}, + "f:status": {}, + "f:type": {} + } + }, + "f:containerStatuses": {}, + "f:hostIP": {}, + "f:phase": {}, + "f:podIP": {}, + "f:podIPs": { + ".": {}, + "k:{\"ip\":\"10.244.3.3\"}": { + ".": {}, + "f:ip": {} + } + }, + "f:startTime": {} + } + }, + "manager": "kubelet", + "operation": "Update", + "subresource": "status", + "time": "2024-02-27T01:19:37+00:00" + } + ], + "name": "tidb-scheduler-77874455fc-dxfhz", + "namespace": "acto-namespace", + "owner_references": [ + { + "api_version": "apps/v1", + "block_owner_deletion": true, + "controller": true, + "kind": "ReplicaSet", + "name": "tidb-scheduler-77874455fc", + "uid": "c9b2667a-583a-46ba-9e81-967fa44bd897" + } + ], + "resource_version": "792", + "self_link": null, + "uid": "b5ef8809-da58-498b-8b27-4d7f2c32a074" + }, + "spec": { + "active_deadline_seconds": null, + "affinity": null, + "automount_service_account_token": null, + "containers": [ + { + "args": null, + "command": [ + "/usr/local/bin/tidb-scheduler", + "-v=2", + "-port=10262" + ], + "env": null, + "env_from": null, + "image": "pingcap/tidb-operator:v1.3.2", + "image_pull_policy": "IfNotPresent", + "lifecycle": null, + "liveness_probe": null, + "name": "tidb-scheduler", + "ports": null, + "readiness_probe": null, + "resources": { + "claims": null, + "limits": { + "cpu": "250m", + "memory": "150Mi" + }, + "requests": { + "cpu": "80m", + "memory": "50Mi" + } + }, + "security_context": null, + "startup_probe": null, + "stdin": null, + "stdin_once": null, + "termination_message_path": "/dev/termination-log", + "termination_message_policy": "File", + "tty": null, + "volume_devices": null, + "volume_mounts": [ + { + "mount_path": "/var/run/secrets/kubernetes.io/serviceaccount", + "mount_propagation": null, + "name": "kube-api-access-8nw56", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + } + ], + "working_dir": null + }, + { + "args": null, + "command": [ + "kube-scheduler", + "--v=2", + "--config=/etc/kubernetes/scheduler-config.yaml" + ], + "env": null, + "env_from": null, + "image": "k8s.gcr.io/kube-scheduler:v1.22.9", + "image_pull_policy": "IfNotPresent", + "lifecycle": null, + "liveness_probe": null, + "name": "kube-scheduler", + "ports": null, + "readiness_probe": null, + "resources": { + "claims": null, + "limits": { + "cpu": "250m", + "memory": "150Mi" + }, + "requests": { + "cpu": "80m", + "memory": "50Mi" + } + }, + "security_context": null, + "startup_probe": null, + "stdin": null, + "stdin_once": null, + "termination_message_path": "/dev/termination-log", + "termination_message_policy": "File", + "tty": null, + "volume_devices": null, + "volume_mounts": [ + { + "mount_path": "/etc/kubernetes", + "mount_propagation": null, + "name": "scheduler-config", + "read_only": null, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/var/run/secrets/kubernetes.io/serviceaccount", + "mount_propagation": null, + "name": "kube-api-access-8nw56", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + } + ], + "working_dir": null + } + ], + "dns_config": null, + "dns_policy": "ClusterFirst", + "enable_service_links": true, + "ephemeral_containers": null, + "host_aliases": null, + "host_ipc": null, + "host_network": null, + "host_pid": null, + "host_users": null, + "hostname": null, + "image_pull_secrets": null, + "init_containers": null, + "node_name": "acto-0-cluster-0-worker3", + "node_selector": null, + "os": null, + "overhead": null, + "preemption_policy": "PreemptLowerPriority", + "priority": 0, + "priority_class_name": null, + "readiness_gates": null, + "resource_claims": null, + "restart_policy": "Always", + "runtime_class_name": null, + "scheduler_name": "default-scheduler", + "scheduling_gates": null, + "security_context": { + "fs_group": null, + "fs_group_change_policy": null, + "run_as_group": null, + "run_as_non_root": null, + "run_as_user": null, + "se_linux_options": null, + "seccomp_profile": null, + "supplemental_groups": null, + "sysctls": null, + "windows_options": null + }, + "service_account": "tidb-scheduler", + "service_account_name": "tidb-scheduler", + "set_hostname_as_fqdn": null, + "share_process_namespace": null, + "subdomain": null, + "termination_grace_period_seconds": 30, + "tolerations": [ + { + "effect": "NoExecute", + "key": "node.kubernetes.io/not-ready", + "operator": "Exists", + "toleration_seconds": 300, + "value": null + }, + { + "effect": "NoExecute", + "key": "node.kubernetes.io/unreachable", + "operator": "Exists", + "toleration_seconds": 300, + "value": null + } + ], + "topology_spread_constraints": null, + "volumes": [ + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": { + "default_mode": 420, + "items": null, + "name": "tidb-scheduler-config", + "optional": null + }, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "scheduler-config", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "kube-api-access-8nw56", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": { + "default_mode": 420, + "sources": [ + { + "config_map": null, + "downward_api": null, + "secret": null, + "service_account_token": { + "audience": null, + "expiration_seconds": 3607, + "path": "token" + } + }, + { + "config_map": { + "items": [ + { + "key": "ca.crt", + "mode": null, + "path": "ca.crt" + } + ], + "name": "kube-root-ca.crt", + "optional": null + }, + "downward_api": null, + "secret": null, + "service_account_token": null + }, + { + "config_map": null, + "downward_api": { + "items": [ + { + "field_ref": { + "api_version": "v1", + "field_path": "metadata.namespace" + }, + "mode": null, + "path": "namespace", + "resource_field_ref": null + } + ] + }, + "secret": null, + "service_account_token": null + } + ] + }, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + } + ] + }, + "status": { + "conditions": [ + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T01:19:34+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "Initialized" + }, + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T01:19:37+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "Ready" + }, + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T01:19:37+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "ContainersReady" + }, + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T01:19:34+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "PodScheduled" + } + ], + "container_statuses": [ + { + "container_id": "containerd://f2223ddc3676158fe84acccc0915ced286e7cbdff99b443ff4b154774a88a874", + "image": "k8s.gcr.io/kube-scheduler:v1.22.9", + "image_id": "k8s.gcr.io/kube-scheduler@sha256:9748f115f11151a0e5ffda770f696bef46371b819a84b95e77bbfc7843b64404", + "last_state": { + "running": null, + "terminated": null, + "waiting": null + }, + "name": "kube-scheduler", + "ready": true, + "restart_count": 0, + "started": true, + "state": { + "running": { + "started_at": "2024-02-27T01:19:36+00:00" + }, + "terminated": null, + "waiting": null + } + }, + { + "container_id": "containerd://d8f8fb1a875d8c68c580f21b9aab9d182a3f31657b2bb3ef878c85ac42128d55", + "image": "docker.io/pingcap/tidb-operator:v1.3.2", + "image_id": "docker.io/library/import-2024-02-27@sha256:c76b0aaafb25be29b2618f334a63ffbc5be84d1ddc1660eb0c9e1aa43854b9bc", + "last_state": { + "running": null, + "terminated": null, + "waiting": null + }, + "name": "tidb-scheduler", + "ready": true, + "restart_count": 0, + "started": true, + "state": { + "running": { + "started_at": "2024-02-27T01:19:34+00:00" + }, + "terminated": null, + "waiting": null + } + } + ], + "ephemeral_container_statuses": null, + "host_ip": "172.18.0.3", + "init_container_statuses": null, + "message": null, + "nominated_node_name": null, + "phase": "Running", + "pod_ip": "10.244.3.3", + "pod_i_ps": [ + { + "ip": "10.244.3.3" + } + ], + "qos_class": "Burstable", + "reason": null, + "start_time": "2024-02-27T01:19:34+00:00" + } + } + ] + }, + "daemonset_pods": {}, + "stateful_set": { + "test-cluster-pd": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": { + "pingcap.com/last-applied-configuration": "{\"replicas\":3,\"selector\":{\"matchLabels\":{\"app.kubernetes.io/component\":\"pd\",\"app.kubernetes.io/instance\":\"test-cluster\",\"app.kubernetes.io/managed-by\":\"tidb-operator\",\"app.kubernetes.io/name\":\"tidb-cluster\"}},\"template\":{\"metadata\":{\"creationTimestamp\":null,\"labels\":{\"app.kubernetes.io/component\":\"pd\",\"app.kubernetes.io/instance\":\"test-cluster\",\"app.kubernetes.io/managed-by\":\"tidb-operator\",\"app.kubernetes.io/name\":\"tidb-cluster\"},\"annotations\":{\"prometheus.io/path\":\"/metrics\",\"prometheus.io/port\":\"2379\",\"prometheus.io/scrape\":\"true\"}},\"spec\":{\"volumes\":[{\"name\":\"annotations\",\"downwardAPI\":{\"items\":[{\"path\":\"annotations\",\"fieldRef\":{\"fieldPath\":\"metadata.annotations\"}}]}},{\"name\":\"config\",\"configMap\":{\"name\":\"test-cluster-pd-3731616\",\"items\":[{\"key\":\"config-file\",\"path\":\"pd.toml\"}]}},{\"name\":\"startup-script\",\"configMap\":{\"name\":\"test-cluster-pd-3731616\",\"items\":[{\"key\":\"startup-script\",\"path\":\"pd_start_script.sh\"}]}}],\"containers\":[{\"name\":\"pd\",\"image\":\"pingcap/pd:v5.4.0\",\"command\":[\"/bin/sh\",\"/usr/local/bin/pd_start_script.sh\"],\"ports\":[{\"name\":\"server\",\"containerPort\":2380,\"protocol\":\"TCP\"},{\"name\":\"client\",\"containerPort\":2379,\"protocol\":\"TCP\"}],\"env\":[{\"name\":\"NAMESPACE\",\"valueFrom\":{\"fieldRef\":{\"fieldPath\":\"metadata.namespace\"}}},{\"name\":\"PEER_SERVICE_NAME\",\"value\":\"test-cluster-pd-peer\"},{\"name\":\"SERVICE_NAME\",\"value\":\"test-cluster-pd\"},{\"name\":\"SET_NAME\",\"value\":\"test-cluster-pd\"},{\"name\":\"TZ\",\"value\":\"UTC\"}],\"resources\":{},\"volumeMounts\":[{\"name\":\"annotations\",\"readOnly\":true,\"mountPath\":\"/etc/podinfo\"},{\"name\":\"config\",\"readOnly\":true,\"mountPath\":\"/etc/pd\"},{\"name\":\"startup-script\",\"readOnly\":true,\"mountPath\":\"/usr/local/bin\"},{\"name\":\"pd\",\"mountPath\":\"/var/lib/pd\"}],\"imagePullPolicy\":\"IfNotPresent\"}],\"restartPolicy\":\"Always\",\"dnsPolicy\":\"ClusterFirst\"}},\"volumeClaimTemplates\":[{\"metadata\":{\"name\":\"pd\",\"creationTimestamp\":null},\"spec\":{\"accessModes\":[\"ReadWriteOnce\"],\"resources\":{\"requests\":{\"storage\":\"10Gi\"}}},\"status\":{}}],\"serviceName\":\"test-cluster-pd-peer\",\"podManagementPolicy\":\"Parallel\",\"updateStrategy\":{\"type\":\"RollingUpdate\",\"rollingUpdate\":{\"partition\":3}}}" + }, + "creation_timestamp": "2024-02-27T01:19:59+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": 1, + "labels": { + "app.kubernetes.io/component": "pd", + "app.kubernetes.io/instance": "test-cluster", + "app.kubernetes.io/managed-by": "tidb-operator", + "app.kubernetes.io/name": "tidb-cluster" + }, + "managed_fields": [ + { + "api_version": "apps/v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + ".": {}, + "f:pingcap.com/last-applied-configuration": {} + }, + "f:labels": { + ".": {}, + "f:app.kubernetes.io/component": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {} + }, + "f:ownerReferences": { + ".": {}, + "k:{\"uid\":\"eff6561e-bf0d-471c-99a1-71f35603bc87\"}": {} + } + }, + "f:spec": { + "f:persistentVolumeClaimRetentionPolicy": { + ".": {}, + "f:whenDeleted": {}, + "f:whenScaled": {} + }, + "f:podManagementPolicy": {}, + "f:replicas": {}, + "f:revisionHistoryLimit": {}, + "f:selector": {}, + "f:serviceName": {}, + "f:template": { + "f:metadata": { + "f:annotations": { + ".": {}, + "f:prometheus.io/path": {}, + "f:prometheus.io/port": {}, + "f:prometheus.io/scrape": {} + }, + "f:labels": { + ".": {}, + "f:app.kubernetes.io/component": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {} + } + }, + "f:spec": { + "f:containers": { + "k:{\"name\":\"pd\"}": { + ".": {}, + "f:command": {}, + "f:env": { + ".": {}, + "k:{\"name\":\"NAMESPACE\"}": { + ".": {}, + "f:name": {}, + "f:valueFrom": { + ".": {}, + "f:fieldRef": {} + } + }, + "k:{\"name\":\"PEER_SERVICE_NAME\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"SERVICE_NAME\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"SET_NAME\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"TZ\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + } + }, + "f:image": {}, + "f:imagePullPolicy": {}, + "f:name": {}, + "f:ports": { + ".": {}, + "k:{\"containerPort\":2379,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + }, + "k:{\"containerPort\":2380,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + } + }, + "f:resources": {}, + "f:terminationMessagePath": {}, + "f:terminationMessagePolicy": {}, + "f:volumeMounts": { + ".": {}, + "k:{\"mountPath\":\"/etc/pd\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {}, + "f:readOnly": {} + }, + "k:{\"mountPath\":\"/etc/podinfo\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {}, + "f:readOnly": {} + }, + "k:{\"mountPath\":\"/usr/local/bin\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {}, + "f:readOnly": {} + }, + "k:{\"mountPath\":\"/var/lib/pd\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {} + } + } + } + }, + "f:dnsPolicy": {}, + "f:restartPolicy": {}, + "f:schedulerName": {}, + "f:securityContext": {}, + "f:terminationGracePeriodSeconds": {}, + "f:volumes": { + ".": {}, + "k:{\"name\":\"annotations\"}": { + ".": {}, + "f:downwardAPI": { + ".": {}, + "f:defaultMode": {}, + "f:items": {} + }, + "f:name": {} + }, + "k:{\"name\":\"config\"}": { + ".": {}, + "f:configMap": { + ".": {}, + "f:defaultMode": {}, + "f:items": {}, + "f:name": {} + }, + "f:name": {} + }, + "k:{\"name\":\"startup-script\"}": { + ".": {}, + "f:configMap": { + ".": {}, + "f:defaultMode": {}, + "f:items": {}, + "f:name": {} + }, + "f:name": {} + } + } + } + }, + "f:updateStrategy": { + "f:rollingUpdate": { + ".": {}, + "f:partition": {} + }, + "f:type": {} + }, + "f:volumeClaimTemplates": {} + } + }, + "manager": "tidb-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:59+00:00" + }, + { + "api_version": "apps/v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:status": { + "f:availableReplicas": {}, + "f:collisionCount": {}, + "f:currentReplicas": {}, + "f:currentRevision": {}, + "f:observedGeneration": {}, + "f:readyReplicas": {}, + "f:replicas": {}, + "f:updateRevision": {}, + "f:updatedReplicas": {} + } + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": "status", + "time": "2024-02-27T01:20:26+00:00" + } + ], + "name": "test-cluster-pd", + "namespace": "acto-namespace", + "owner_references": [ + { + "api_version": "pingcap.com/v1alpha1", + "block_owner_deletion": true, + "controller": true, + "kind": "TidbCluster", + "name": "test-cluster", + "uid": "eff6561e-bf0d-471c-99a1-71f35603bc87" + } + ], + "resource_version": "1238", + "self_link": null, + "uid": "88522170-1faf-4a03-8d4e-f4f6a40c72a7" + }, + "spec": { + "min_ready_seconds": null, + "ordinals": null, + "persistent_volume_claim_retention_policy": { + "when_deleted": "Retain", + "when_scaled": "Retain" + }, + "pod_management_policy": "Parallel", + "replicas": 3, + "revision_history_limit": 10, + "selector": { + "match_expressions": null, + "match_labels": { + "app.kubernetes.io/component": "pd", + "app.kubernetes.io/instance": "test-cluster", + "app.kubernetes.io/managed-by": "tidb-operator", + "app.kubernetes.io/name": "tidb-cluster" + } + }, + "service_name": "test-cluster-pd-peer", + "template": { + "metadata": { + "annotations": { + "prometheus.io/path": "/metrics", + "prometheus.io/port": "2379", + "prometheus.io/scrape": "true" + }, + "creation_timestamp": null, + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": { + "app.kubernetes.io/component": "pd", + "app.kubernetes.io/instance": "test-cluster", + "app.kubernetes.io/managed-by": "tidb-operator", + "app.kubernetes.io/name": "tidb-cluster" + }, + "managed_fields": null, + "name": null, + "namespace": null, + "owner_references": null, + "resource_version": null, + "self_link": null, + "uid": null + }, + "spec": { + "active_deadline_seconds": null, + "affinity": null, + "automount_service_account_token": null, + "containers": [ + { + "args": null, + "command": [ + "/bin/sh", + "/usr/local/bin/pd_start_script.sh" + ], + "env": [ + { + "name": "NAMESPACE", + "value": null, + "value_from": { + "config_map_key_ref": null, + "field_ref": { + "api_version": "v1", + "field_path": "metadata.namespace" + }, + "resource_field_ref": null, + "secret_key_ref": null + } + }, + { + "name": "PEER_SERVICE_NAME", + "value": "test-cluster-pd-peer", + "value_from": null + }, + { + "name": "SERVICE_NAME", + "value": "test-cluster-pd", + "value_from": null + }, + { + "name": "SET_NAME", + "value": "test-cluster-pd", + "value_from": null + }, + { + "name": "TZ", + "value": "UTC", + "value_from": null + } + ], + "env_from": null, + "image": "pingcap/pd:v5.4.0", + "image_pull_policy": "IfNotPresent", + "lifecycle": null, + "liveness_probe": null, + "name": "pd", + "ports": [ + { + "container_port": 2380, + "host_ip": null, + "host_port": null, + "name": "server", + "protocol": "TCP" + }, + { + "container_port": 2379, + "host_ip": null, + "host_port": null, + "name": "client", + "protocol": "TCP" + } + ], + "readiness_probe": null, + "resources": { + "claims": null, + "limits": null, + "requests": null + }, + "security_context": null, + "startup_probe": null, + "stdin": null, + "stdin_once": null, + "termination_message_path": "/dev/termination-log", + "termination_message_policy": "File", + "tty": null, + "volume_devices": null, + "volume_mounts": [ + { + "mount_path": "/etc/podinfo", + "mount_propagation": null, + "name": "annotations", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/etc/pd", + "mount_propagation": null, + "name": "config", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/usr/local/bin", + "mount_propagation": null, + "name": "startup-script", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/var/lib/pd", + "mount_propagation": null, + "name": "pd", + "read_only": null, + "sub_path": null, + "sub_path_expr": null + } + ], + "working_dir": null + } + ], + "dns_config": null, + "dns_policy": "ClusterFirst", + "enable_service_links": null, + "ephemeral_containers": null, + "host_aliases": null, + "host_ipc": null, + "host_network": null, + "host_pid": null, + "host_users": null, + "hostname": null, + "image_pull_secrets": null, + "init_containers": null, + "node_name": null, + "node_selector": null, + "os": null, + "overhead": null, + "preemption_policy": null, + "priority": null, + "priority_class_name": null, + "readiness_gates": null, + "resource_claims": null, + "restart_policy": "Always", + "runtime_class_name": null, + "scheduler_name": "default-scheduler", + "scheduling_gates": null, + "security_context": { + "fs_group": null, + "fs_group_change_policy": null, + "run_as_group": null, + "run_as_non_root": null, + "run_as_user": null, + "se_linux_options": null, + "seccomp_profile": null, + "supplemental_groups": null, + "sysctls": null, + "windows_options": null + }, + "service_account": null, + "service_account_name": null, + "set_hostname_as_fqdn": null, + "share_process_namespace": null, + "subdomain": null, + "termination_grace_period_seconds": 30, + "tolerations": null, + "topology_spread_constraints": null, + "volumes": [ + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": { + "default_mode": 420, + "items": [ + { + "field_ref": { + "api_version": "v1", + "field_path": "metadata.annotations" + }, + "mode": null, + "path": "annotations", + "resource_field_ref": null + } + ] + }, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "annotations", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": { + "default_mode": 420, + "items": [ + { + "key": "config-file", + "mode": null, + "path": "pd.toml" + } + ], + "name": "test-cluster-pd-3731616", + "optional": null + }, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "config", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": { + "default_mode": 420, + "items": [ + { + "key": "startup-script", + "mode": null, + "path": "pd_start_script.sh" + } + ], + "name": "test-cluster-pd-3731616", + "optional": null + }, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "startup-script", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + } + ] + } + }, + "update_strategy": { + "rolling_update": { + "max_unavailable": null, + "partition": 3 + }, + "type": "RollingUpdate" + }, + "volume_claim_templates": [ + { + "api_version": "v1", + "kind": "PersistentVolumeClaim", + "metadata": { + "annotations": null, + "creation_timestamp": null, + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": null, + "name": "pd", + "namespace": null, + "owner_references": null, + "resource_version": null, + "self_link": null, + "uid": null + }, + "spec": { + "access_modes": [ + "ReadWriteOnce" + ], + "data_source": null, + "data_source_ref": null, + "resources": { + "claims": null, + "limits": null, + "requests": { + "storage": "10Gi" + } + }, + "selector": null, + "storage_class_name": null, + "volume_mode": "Filesystem", + "volume_name": null + }, + "status": { + "access_modes": null, + "allocated_resources": null, + "capacity": null, + "conditions": null, + "phase": "Pending", + "resize_status": null + } + } + ] + }, + "status": { + "available_replicas": 3, + "collision_count": 0, + "conditions": null, + "current_replicas": 3, + "current_revision": "test-cluster-pd-859db88ddf", + "observed_generation": 1, + "ready_replicas": 3, + "replicas": 3, + "update_revision": "test-cluster-pd-859db88ddf", + "updated_replicas": 3 + } + }, + "test-cluster-tidb": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": { + "pingcap.com/last-applied-configuration": "{\"replicas\":3,\"selector\":{\"matchLabels\":{\"app.kubernetes.io/component\":\"tidb\",\"app.kubernetes.io/instance\":\"test-cluster\",\"app.kubernetes.io/managed-by\":\"tidb-operator\",\"app.kubernetes.io/name\":\"tidb-cluster\"}},\"template\":{\"metadata\":{\"creationTimestamp\":null,\"labels\":{\"app.kubernetes.io/component\":\"tidb\",\"app.kubernetes.io/instance\":\"test-cluster\",\"app.kubernetes.io/managed-by\":\"tidb-operator\",\"app.kubernetes.io/name\":\"tidb-cluster\"},\"annotations\":{\"prometheus.io/path\":\"/metrics\",\"prometheus.io/port\":\"10080\",\"prometheus.io/scrape\":\"true\"}},\"spec\":{\"volumes\":[{\"name\":\"annotations\",\"downwardAPI\":{\"items\":[{\"path\":\"annotations\",\"fieldRef\":{\"fieldPath\":\"metadata.annotations\"}}]}},{\"name\":\"config\",\"configMap\":{\"name\":\"test-cluster-tidb-6662316\",\"items\":[{\"key\":\"config-file\",\"path\":\"tidb.toml\"}]}},{\"name\":\"startup-script\",\"configMap\":{\"name\":\"test-cluster-tidb-6662316\",\"items\":[{\"key\":\"startup-script\",\"path\":\"tidb_start_script.sh\"}]}},{\"name\":\"slowlog\",\"emptyDir\":{}}],\"containers\":[{\"name\":\"slowlog\",\"image\":\"busybox:1.34.1\",\"command\":[\"sh\",\"-c\",\"touch /var/log/tidb/slowlog; tail -n0 -F /var/log/tidb/slowlog;\"],\"resources\":{},\"volumeMounts\":[{\"name\":\"slowlog\",\"mountPath\":\"/var/log/tidb\"}],\"imagePullPolicy\":\"IfNotPresent\"},{\"name\":\"tidb\",\"image\":\"pingcap/tidb:v5.4.0\",\"command\":[\"/bin/sh\",\"/usr/local/bin/tidb_start_script.sh\"],\"ports\":[{\"name\":\"server\",\"containerPort\":4000,\"protocol\":\"TCP\"},{\"name\":\"status\",\"containerPort\":10080,\"protocol\":\"TCP\"}],\"env\":[{\"name\":\"CLUSTER_NAME\",\"value\":\"test-cluster\"},{\"name\":\"TZ\",\"value\":\"UTC\"},{\"name\":\"BINLOG_ENABLED\",\"value\":\"false\"},{\"name\":\"SLOW_LOG_FILE\",\"value\":\"/var/log/tidb/slowlog\"},{\"name\":\"POD_NAME\",\"valueFrom\":{\"fieldRef\":{\"fieldPath\":\"metadata.name\"}}},{\"name\":\"NAMESPACE\",\"valueFrom\":{\"fieldRef\":{\"fieldPath\":\"metadata.namespace\"}}},{\"name\":\"HEADLESS_SERVICE_NAME\",\"value\":\"test-cluster-tidb-peer\"}],\"resources\":{},\"volumeMounts\":[{\"name\":\"annotations\",\"readOnly\":true,\"mountPath\":\"/etc/podinfo\"},{\"name\":\"config\",\"readOnly\":true,\"mountPath\":\"/etc/tidb\"},{\"name\":\"startup-script\",\"readOnly\":true,\"mountPath\":\"/usr/local/bin\"},{\"name\":\"slowlog\",\"mountPath\":\"/var/log/tidb\"}],\"readinessProbe\":{\"tcpSocket\":{\"port\":4000},\"initialDelaySeconds\":10},\"imagePullPolicy\":\"IfNotPresent\"}],\"restartPolicy\":\"Always\",\"dnsPolicy\":\"ClusterFirst\"}},\"serviceName\":\"test-cluster-tidb-peer\",\"podManagementPolicy\":\"Parallel\",\"updateStrategy\":{\"type\":\"RollingUpdate\",\"rollingUpdate\":{\"partition\":3}}}" + }, + "creation_timestamp": "2024-02-27T01:20:52+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": 1, + "labels": { + "app.kubernetes.io/component": "tidb", + "app.kubernetes.io/instance": "test-cluster", + "app.kubernetes.io/managed-by": "tidb-operator", + "app.kubernetes.io/name": "tidb-cluster" + }, + "managed_fields": [ + { + "api_version": "apps/v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + ".": {}, + "f:pingcap.com/last-applied-configuration": {} + }, + "f:labels": { + ".": {}, + "f:app.kubernetes.io/component": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {} + }, + "f:ownerReferences": { + ".": {}, + "k:{\"uid\":\"eff6561e-bf0d-471c-99a1-71f35603bc87\"}": {} + } + }, + "f:spec": { + "f:persistentVolumeClaimRetentionPolicy": { + ".": {}, + "f:whenDeleted": {}, + "f:whenScaled": {} + }, + "f:podManagementPolicy": {}, + "f:replicas": {}, + "f:revisionHistoryLimit": {}, + "f:selector": {}, + "f:serviceName": {}, + "f:template": { + "f:metadata": { + "f:annotations": { + ".": {}, + "f:prometheus.io/path": {}, + "f:prometheus.io/port": {}, + "f:prometheus.io/scrape": {} + }, + "f:labels": { + ".": {}, + "f:app.kubernetes.io/component": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {} + } + }, + "f:spec": { + "f:containers": { + "k:{\"name\":\"slowlog\"}": { + ".": {}, + "f:command": {}, + "f:image": {}, + "f:imagePullPolicy": {}, + "f:name": {}, + "f:resources": {}, + "f:terminationMessagePath": {}, + "f:terminationMessagePolicy": {}, + "f:volumeMounts": { + ".": {}, + "k:{\"mountPath\":\"/var/log/tidb\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {} + } + } + }, + "k:{\"name\":\"tidb\"}": { + ".": {}, + "f:command": {}, + "f:env": { + ".": {}, + "k:{\"name\":\"BINLOG_ENABLED\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"CLUSTER_NAME\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"HEADLESS_SERVICE_NAME\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"NAMESPACE\"}": { + ".": {}, + "f:name": {}, + "f:valueFrom": { + ".": {}, + "f:fieldRef": {} + } + }, + "k:{\"name\":\"POD_NAME\"}": { + ".": {}, + "f:name": {}, + "f:valueFrom": { + ".": {}, + "f:fieldRef": {} + } + }, + "k:{\"name\":\"SLOW_LOG_FILE\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"TZ\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + } + }, + "f:image": {}, + "f:imagePullPolicy": {}, + "f:name": {}, + "f:ports": { + ".": {}, + "k:{\"containerPort\":4000,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + }, + "k:{\"containerPort\":10080,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + } + }, + "f:readinessProbe": { + ".": {}, + "f:failureThreshold": {}, + "f:initialDelaySeconds": {}, + "f:periodSeconds": {}, + "f:successThreshold": {}, + "f:tcpSocket": { + ".": {}, + "f:port": {} + }, + "f:timeoutSeconds": {} + }, + "f:resources": {}, + "f:terminationMessagePath": {}, + "f:terminationMessagePolicy": {}, + "f:volumeMounts": { + ".": {}, + "k:{\"mountPath\":\"/etc/podinfo\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {}, + "f:readOnly": {} + }, + "k:{\"mountPath\":\"/etc/tidb\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {}, + "f:readOnly": {} + }, + "k:{\"mountPath\":\"/usr/local/bin\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {}, + "f:readOnly": {} + }, + "k:{\"mountPath\":\"/var/log/tidb\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {} + } + } + } + }, + "f:dnsPolicy": {}, + "f:restartPolicy": {}, + "f:schedulerName": {}, + "f:securityContext": {}, + "f:terminationGracePeriodSeconds": {}, + "f:volumes": { + ".": {}, + "k:{\"name\":\"annotations\"}": { + ".": {}, + "f:downwardAPI": { + ".": {}, + "f:defaultMode": {}, + "f:items": {} + }, + "f:name": {} + }, + "k:{\"name\":\"config\"}": { + ".": {}, + "f:configMap": { + ".": {}, + "f:defaultMode": {}, + "f:items": {}, + "f:name": {} + }, + "f:name": {} + }, + "k:{\"name\":\"slowlog\"}": { + ".": {}, + "f:emptyDir": {}, + "f:name": {} + }, + "k:{\"name\":\"startup-script\"}": { + ".": {}, + "f:configMap": { + ".": {}, + "f:defaultMode": {}, + "f:items": {}, + "f:name": {} + }, + "f:name": {} + } + } + } + }, + "f:updateStrategy": { + "f:rollingUpdate": { + ".": {}, + "f:partition": {} + }, + "f:type": {} + } + } + }, + "manager": "tidb-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:52+00:00" + }, + { + "api_version": "apps/v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:status": { + "f:availableReplicas": {}, + "f:collisionCount": {}, + "f:currentReplicas": {}, + "f:currentRevision": {}, + "f:observedGeneration": {}, + "f:readyReplicas": {}, + "f:replicas": {}, + "f:updateRevision": {}, + "f:updatedReplicas": {} + } + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": "status", + "time": "2024-02-27T01:21:12+00:00" + } + ], + "name": "test-cluster-tidb", + "namespace": "acto-namespace", + "owner_references": [ + { + "api_version": "pingcap.com/v1alpha1", + "block_owner_deletion": true, + "controller": true, + "kind": "TidbCluster", + "name": "test-cluster", + "uid": "eff6561e-bf0d-471c-99a1-71f35603bc87" + } + ], + "resource_version": "1484", + "self_link": null, + "uid": "275a96f1-4db6-4070-a665-2df5d784b843" + }, + "spec": { + "min_ready_seconds": null, + "ordinals": null, + "persistent_volume_claim_retention_policy": { + "when_deleted": "Retain", + "when_scaled": "Retain" + }, + "pod_management_policy": "Parallel", + "replicas": 3, + "revision_history_limit": 10, + "selector": { + "match_expressions": null, + "match_labels": { + "app.kubernetes.io/component": "tidb", + "app.kubernetes.io/instance": "test-cluster", + "app.kubernetes.io/managed-by": "tidb-operator", + "app.kubernetes.io/name": "tidb-cluster" + } + }, + "service_name": "test-cluster-tidb-peer", + "template": { + "metadata": { + "annotations": { + "prometheus.io/path": "/metrics", + "prometheus.io/port": "10080", + "prometheus.io/scrape": "true" + }, + "creation_timestamp": null, + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": { + "app.kubernetes.io/component": "tidb", + "app.kubernetes.io/instance": "test-cluster", + "app.kubernetes.io/managed-by": "tidb-operator", + "app.kubernetes.io/name": "tidb-cluster" + }, + "managed_fields": null, + "name": null, + "namespace": null, + "owner_references": null, + "resource_version": null, + "self_link": null, + "uid": null + }, + "spec": { + "active_deadline_seconds": null, + "affinity": null, + "automount_service_account_token": null, + "containers": [ + { + "args": null, + "command": [ + "sh", + "-c", + "touch /var/log/tidb/slowlog; tail -n0 -F /var/log/tidb/slowlog;" + ], + "env": null, + "env_from": null, + "image": "busybox:1.34.1", + "image_pull_policy": "IfNotPresent", + "lifecycle": null, + "liveness_probe": null, + "name": "slowlog", + "ports": null, + "readiness_probe": null, + "resources": { + "claims": null, + "limits": null, + "requests": null + }, + "security_context": null, + "startup_probe": null, + "stdin": null, + "stdin_once": null, + "termination_message_path": "/dev/termination-log", + "termination_message_policy": "File", + "tty": null, + "volume_devices": null, + "volume_mounts": [ + { + "mount_path": "/var/log/tidb", + "mount_propagation": null, + "name": "slowlog", + "read_only": null, + "sub_path": null, + "sub_path_expr": null + } + ], + "working_dir": null + }, + { + "args": null, + "command": [ + "/bin/sh", + "/usr/local/bin/tidb_start_script.sh" + ], + "env": [ + { + "name": "CLUSTER_NAME", + "value": "test-cluster", + "value_from": null + }, + { + "name": "TZ", + "value": "UTC", + "value_from": null + }, + { + "name": "BINLOG_ENABLED", + "value": "false", + "value_from": null + }, + { + "name": "SLOW_LOG_FILE", + "value": "/var/log/tidb/slowlog", + "value_from": null + }, + { + "name": "POD_NAME", + "value": null, + "value_from": { + "config_map_key_ref": null, + "field_ref": { + "api_version": "v1", + "field_path": "metadata.name" + }, + "resource_field_ref": null, + "secret_key_ref": null + } + }, + { + "name": "NAMESPACE", + "value": null, + "value_from": { + "config_map_key_ref": null, + "field_ref": { + "api_version": "v1", + "field_path": "metadata.namespace" + }, + "resource_field_ref": null, + "secret_key_ref": null + } + }, + { + "name": "HEADLESS_SERVICE_NAME", + "value": "test-cluster-tidb-peer", + "value_from": null + } + ], + "env_from": null, + "image": "pingcap/tidb:v5.4.0", + "image_pull_policy": "IfNotPresent", + "lifecycle": null, + "liveness_probe": null, + "name": "tidb", + "ports": [ + { + "container_port": 4000, + "host_ip": null, + "host_port": null, + "name": "server", + "protocol": "TCP" + }, + { + "container_port": 10080, + "host_ip": null, + "host_port": null, + "name": "status", + "protocol": "TCP" + } + ], + "readiness_probe": { + "_exec": null, + "failure_threshold": 3, + "grpc": null, + "http_get": null, + "initial_delay_seconds": 10, + "period_seconds": 10, + "success_threshold": 1, + "tcp_socket": { + "host": null, + "port": 4000 + }, + "termination_grace_period_seconds": null, + "timeout_seconds": 1 + }, + "resources": { + "claims": null, + "limits": null, + "requests": null + }, + "security_context": null, + "startup_probe": null, + "stdin": null, + "stdin_once": null, + "termination_message_path": "/dev/termination-log", + "termination_message_policy": "File", + "tty": null, + "volume_devices": null, + "volume_mounts": [ + { + "mount_path": "/etc/podinfo", + "mount_propagation": null, + "name": "annotations", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/etc/tidb", + "mount_propagation": null, + "name": "config", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/usr/local/bin", + "mount_propagation": null, + "name": "startup-script", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/var/log/tidb", + "mount_propagation": null, + "name": "slowlog", + "read_only": null, + "sub_path": null, + "sub_path_expr": null + } + ], + "working_dir": null + } + ], + "dns_config": null, + "dns_policy": "ClusterFirst", + "enable_service_links": null, + "ephemeral_containers": null, + "host_aliases": null, + "host_ipc": null, + "host_network": null, + "host_pid": null, + "host_users": null, + "hostname": null, + "image_pull_secrets": null, + "init_containers": null, + "node_name": null, + "node_selector": null, + "os": null, + "overhead": null, + "preemption_policy": null, + "priority": null, + "priority_class_name": null, + "readiness_gates": null, + "resource_claims": null, + "restart_policy": "Always", + "runtime_class_name": null, + "scheduler_name": "default-scheduler", + "scheduling_gates": null, + "security_context": { + "fs_group": null, + "fs_group_change_policy": null, + "run_as_group": null, + "run_as_non_root": null, + "run_as_user": null, + "se_linux_options": null, + "seccomp_profile": null, + "supplemental_groups": null, + "sysctls": null, + "windows_options": null + }, + "service_account": null, + "service_account_name": null, + "set_hostname_as_fqdn": null, + "share_process_namespace": null, + "subdomain": null, + "termination_grace_period_seconds": 30, + "tolerations": null, + "topology_spread_constraints": null, + "volumes": [ + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": { + "default_mode": 420, + "items": [ + { + "field_ref": { + "api_version": "v1", + "field_path": "metadata.annotations" + }, + "mode": null, + "path": "annotations", + "resource_field_ref": null + } + ] + }, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "annotations", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": { + "default_mode": 420, + "items": [ + { + "key": "config-file", + "mode": null, + "path": "tidb.toml" + } + ], + "name": "test-cluster-tidb-6662316", + "optional": null + }, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "config", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": { + "default_mode": 420, + "items": [ + { + "key": "startup-script", + "mode": null, + "path": "tidb_start_script.sh" + } + ], + "name": "test-cluster-tidb-6662316", + "optional": null + }, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "startup-script", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": null, + "empty_dir": { + "medium": null, + "size_limit": null + }, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "slowlog", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + } + ] + } + }, + "update_strategy": { + "rolling_update": { + "max_unavailable": null, + "partition": 3 + }, + "type": "RollingUpdate" + }, + "volume_claim_templates": null + }, + "status": { + "available_replicas": 3, + "collision_count": 0, + "conditions": null, + "current_replicas": 3, + "current_revision": "test-cluster-tidb-788bdc6cfc", + "observed_generation": 1, + "ready_replicas": 3, + "replicas": 3, + "update_revision": "test-cluster-tidb-788bdc6cfc", + "updated_replicas": 3 + } + }, + "test-cluster-tikv": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": { + "pingcap.com/last-applied-configuration": "{\"replicas\":3,\"selector\":{\"matchLabels\":{\"app.kubernetes.io/component\":\"tikv\",\"app.kubernetes.io/instance\":\"test-cluster\",\"app.kubernetes.io/managed-by\":\"tidb-operator\",\"app.kubernetes.io/name\":\"tidb-cluster\"}},\"template\":{\"metadata\":{\"creationTimestamp\":null,\"labels\":{\"app.kubernetes.io/component\":\"tikv\",\"app.kubernetes.io/instance\":\"test-cluster\",\"app.kubernetes.io/managed-by\":\"tidb-operator\",\"app.kubernetes.io/name\":\"tidb-cluster\"},\"annotations\":{\"prometheus.io/path\":\"/metrics\",\"prometheus.io/port\":\"20180\",\"prometheus.io/scrape\":\"true\"}},\"spec\":{\"volumes\":[{\"name\":\"annotations\",\"downwardAPI\":{\"items\":[{\"path\":\"annotations\",\"fieldRef\":{\"fieldPath\":\"metadata.annotations\"}}]}},{\"name\":\"config\",\"configMap\":{\"name\":\"test-cluster-tikv-3831336\",\"items\":[{\"key\":\"config-file\",\"path\":\"tikv.toml\"}]}},{\"name\":\"startup-script\",\"configMap\":{\"name\":\"test-cluster-tikv-3831336\",\"items\":[{\"key\":\"startup-script\",\"path\":\"tikv_start_script.sh\"}]}}],\"containers\":[{\"name\":\"raftlog\",\"image\":\"busybox:1.34.1\",\"command\":[\"sh\",\"-c\",\"touch /var/lib/tikv/raftdb.info; tail -n0 -F /var/lib/tikv/raftdb.info;\"],\"resources\":{},\"volumeMounts\":[{\"name\":\"tikv\",\"mountPath\":\"/var/lib/tikv\"}],\"imagePullPolicy\":\"IfNotPresent\"},{\"name\":\"tikv\",\"image\":\"pingcap/tikv:v5.4.0\",\"command\":[\"/bin/sh\",\"/usr/local/bin/tikv_start_script.sh\"],\"ports\":[{\"name\":\"server\",\"containerPort\":20160,\"protocol\":\"TCP\"}],\"env\":[{\"name\":\"NAMESPACE\",\"valueFrom\":{\"fieldRef\":{\"fieldPath\":\"metadata.namespace\"}}},{\"name\":\"CLUSTER_NAME\",\"value\":\"test-cluster\"},{\"name\":\"HEADLESS_SERVICE_NAME\",\"value\":\"test-cluster-tikv-peer\"},{\"name\":\"CAPACITY\",\"value\":\"0\"},{\"name\":\"TZ\",\"value\":\"UTC\"}],\"resources\":{},\"volumeMounts\":[{\"name\":\"annotations\",\"readOnly\":true,\"mountPath\":\"/etc/podinfo\"},{\"name\":\"tikv\",\"mountPath\":\"/var/lib/tikv\"},{\"name\":\"config\",\"readOnly\":true,\"mountPath\":\"/etc/tikv\"},{\"name\":\"startup-script\",\"readOnly\":true,\"mountPath\":\"/usr/local/bin\"}],\"imagePullPolicy\":\"IfNotPresent\",\"securityContext\":{\"privileged\":false}}],\"restartPolicy\":\"Always\",\"dnsPolicy\":\"ClusterFirst\"}},\"volumeClaimTemplates\":[{\"metadata\":{\"name\":\"tikv\",\"creationTimestamp\":null},\"spec\":{\"accessModes\":[\"ReadWriteOnce\"],\"resources\":{\"requests\":{\"storage\":\"100Gi\"}}},\"status\":{}}],\"serviceName\":\"test-cluster-tikv-peer\",\"podManagementPolicy\":\"Parallel\",\"updateStrategy\":{\"type\":\"RollingUpdate\",\"rollingUpdate\":{\"partition\":3}}}" + }, + "creation_timestamp": "2024-02-27T01:20:22+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": 1, + "labels": { + "app.kubernetes.io/component": "tikv", + "app.kubernetes.io/instance": "test-cluster", + "app.kubernetes.io/managed-by": "tidb-operator", + "app.kubernetes.io/name": "tidb-cluster" + }, + "managed_fields": [ + { + "api_version": "apps/v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + ".": {}, + "f:pingcap.com/last-applied-configuration": {} + }, + "f:labels": { + ".": {}, + "f:app.kubernetes.io/component": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {} + }, + "f:ownerReferences": { + ".": {}, + "k:{\"uid\":\"eff6561e-bf0d-471c-99a1-71f35603bc87\"}": {} + } + }, + "f:spec": { + "f:persistentVolumeClaimRetentionPolicy": { + ".": {}, + "f:whenDeleted": {}, + "f:whenScaled": {} + }, + "f:podManagementPolicy": {}, + "f:replicas": {}, + "f:revisionHistoryLimit": {}, + "f:selector": {}, + "f:serviceName": {}, + "f:template": { + "f:metadata": { + "f:annotations": { + ".": {}, + "f:prometheus.io/path": {}, + "f:prometheus.io/port": {}, + "f:prometheus.io/scrape": {} + }, + "f:labels": { + ".": {}, + "f:app.kubernetes.io/component": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {} + } + }, + "f:spec": { + "f:containers": { + "k:{\"name\":\"raftlog\"}": { + ".": {}, + "f:command": {}, + "f:image": {}, + "f:imagePullPolicy": {}, + "f:name": {}, + "f:resources": {}, + "f:terminationMessagePath": {}, + "f:terminationMessagePolicy": {}, + "f:volumeMounts": { + ".": {}, + "k:{\"mountPath\":\"/var/lib/tikv\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {} + } + } + }, + "k:{\"name\":\"tikv\"}": { + ".": {}, + "f:command": {}, + "f:env": { + ".": {}, + "k:{\"name\":\"CAPACITY\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"CLUSTER_NAME\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"HEADLESS_SERVICE_NAME\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"NAMESPACE\"}": { + ".": {}, + "f:name": {}, + "f:valueFrom": { + ".": {}, + "f:fieldRef": {} + } + }, + "k:{\"name\":\"TZ\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + } + }, + "f:image": {}, + "f:imagePullPolicy": {}, + "f:name": {}, + "f:ports": { + ".": {}, + "k:{\"containerPort\":20160,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + } + }, + "f:resources": {}, + "f:securityContext": { + ".": {}, + "f:privileged": {} + }, + "f:terminationMessagePath": {}, + "f:terminationMessagePolicy": {}, + "f:volumeMounts": { + ".": {}, + "k:{\"mountPath\":\"/etc/podinfo\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {}, + "f:readOnly": {} + }, + "k:{\"mountPath\":\"/etc/tikv\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {}, + "f:readOnly": {} + }, + "k:{\"mountPath\":\"/usr/local/bin\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {}, + "f:readOnly": {} + }, + "k:{\"mountPath\":\"/var/lib/tikv\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {} + } + } + } + }, + "f:dnsPolicy": {}, + "f:restartPolicy": {}, + "f:schedulerName": {}, + "f:securityContext": {}, + "f:terminationGracePeriodSeconds": {}, + "f:volumes": { + ".": {}, + "k:{\"name\":\"annotations\"}": { + ".": {}, + "f:downwardAPI": { + ".": {}, + "f:defaultMode": {}, + "f:items": {} + }, + "f:name": {} + }, + "k:{\"name\":\"config\"}": { + ".": {}, + "f:configMap": { + ".": {}, + "f:defaultMode": {}, + "f:items": {}, + "f:name": {} + }, + "f:name": {} + }, + "k:{\"name\":\"startup-script\"}": { + ".": {}, + "f:configMap": { + ".": {}, + "f:defaultMode": {}, + "f:items": {}, + "f:name": {} + }, + "f:name": {} + } + } + } + }, + "f:updateStrategy": { + "f:rollingUpdate": { + ".": {}, + "f:partition": {} + }, + "f:type": {} + }, + "f:volumeClaimTemplates": {} + } + }, + "manager": "tidb-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:22+00:00" + }, + { + "api_version": "apps/v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:status": { + "f:availableReplicas": {}, + "f:collisionCount": {}, + "f:currentReplicas": {}, + "f:currentRevision": {}, + "f:observedGeneration": {}, + "f:readyReplicas": {}, + "f:replicas": {}, + "f:updateRevision": {}, + "f:updatedReplicas": {} + } + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": "status", + "time": "2024-02-27T01:20:27+00:00" + } + ], + "name": "test-cluster-tikv", + "namespace": "acto-namespace", + "owner_references": [ + { + "api_version": "pingcap.com/v1alpha1", + "block_owner_deletion": true, + "controller": true, + "kind": "TidbCluster", + "name": "test-cluster", + "uid": "eff6561e-bf0d-471c-99a1-71f35603bc87" + } + ], + "resource_version": "1257", + "self_link": null, + "uid": "0ef3c69e-a6cc-4a35-915f-a63fca1b67f8" + }, + "spec": { + "min_ready_seconds": null, + "ordinals": null, + "persistent_volume_claim_retention_policy": { + "when_deleted": "Retain", + "when_scaled": "Retain" + }, + "pod_management_policy": "Parallel", + "replicas": 3, + "revision_history_limit": 10, + "selector": { + "match_expressions": null, + "match_labels": { + "app.kubernetes.io/component": "tikv", + "app.kubernetes.io/instance": "test-cluster", + "app.kubernetes.io/managed-by": "tidb-operator", + "app.kubernetes.io/name": "tidb-cluster" + } + }, + "service_name": "test-cluster-tikv-peer", + "template": { + "metadata": { + "annotations": { + "prometheus.io/path": "/metrics", + "prometheus.io/port": "20180", + "prometheus.io/scrape": "true" + }, + "creation_timestamp": null, + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": { + "app.kubernetes.io/component": "tikv", + "app.kubernetes.io/instance": "test-cluster", + "app.kubernetes.io/managed-by": "tidb-operator", + "app.kubernetes.io/name": "tidb-cluster" + }, + "managed_fields": null, + "name": null, + "namespace": null, + "owner_references": null, + "resource_version": null, + "self_link": null, + "uid": null + }, + "spec": { + "active_deadline_seconds": null, + "affinity": null, + "automount_service_account_token": null, + "containers": [ + { + "args": null, + "command": [ + "sh", + "-c", + "touch /var/lib/tikv/raftdb.info; tail -n0 -F /var/lib/tikv/raftdb.info;" + ], + "env": null, + "env_from": null, + "image": "busybox:1.34.1", + "image_pull_policy": "IfNotPresent", + "lifecycle": null, + "liveness_probe": null, + "name": "raftlog", + "ports": null, + "readiness_probe": null, + "resources": { + "claims": null, + "limits": null, + "requests": null + }, + "security_context": null, + "startup_probe": null, + "stdin": null, + "stdin_once": null, + "termination_message_path": "/dev/termination-log", + "termination_message_policy": "File", + "tty": null, + "volume_devices": null, + "volume_mounts": [ + { + "mount_path": "/var/lib/tikv", + "mount_propagation": null, + "name": "tikv", + "read_only": null, + "sub_path": null, + "sub_path_expr": null + } + ], + "working_dir": null + }, + { + "args": null, + "command": [ + "/bin/sh", + "/usr/local/bin/tikv_start_script.sh" + ], + "env": [ + { + "name": "NAMESPACE", + "value": null, + "value_from": { + "config_map_key_ref": null, + "field_ref": { + "api_version": "v1", + "field_path": "metadata.namespace" + }, + "resource_field_ref": null, + "secret_key_ref": null + } + }, + { + "name": "CLUSTER_NAME", + "value": "test-cluster", + "value_from": null + }, + { + "name": "HEADLESS_SERVICE_NAME", + "value": "test-cluster-tikv-peer", + "value_from": null + }, + { + "name": "CAPACITY", + "value": "0", + "value_from": null + }, + { + "name": "TZ", + "value": "UTC", + "value_from": null + } + ], + "env_from": null, + "image": "pingcap/tikv:v5.4.0", + "image_pull_policy": "IfNotPresent", + "lifecycle": null, + "liveness_probe": null, + "name": "tikv", + "ports": [ + { + "container_port": 20160, + "host_ip": null, + "host_port": null, + "name": "server", + "protocol": "TCP" + } + ], + "readiness_probe": null, + "resources": { + "claims": null, + "limits": null, + "requests": null + }, + "security_context": { + "allow_privilege_escalation": null, + "capabilities": null, + "privileged": false, + "proc_mount": null, + "read_only_root_filesystem": null, + "run_as_group": null, + "run_as_non_root": null, + "run_as_user": null, + "se_linux_options": null, + "seccomp_profile": null, + "windows_options": null + }, + "startup_probe": null, + "stdin": null, + "stdin_once": null, + "termination_message_path": "/dev/termination-log", + "termination_message_policy": "File", + "tty": null, + "volume_devices": null, + "volume_mounts": [ + { + "mount_path": "/etc/podinfo", + "mount_propagation": null, + "name": "annotations", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/var/lib/tikv", + "mount_propagation": null, + "name": "tikv", + "read_only": null, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/etc/tikv", + "mount_propagation": null, + "name": "config", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/usr/local/bin", + "mount_propagation": null, + "name": "startup-script", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + } + ], + "working_dir": null + } + ], + "dns_config": null, + "dns_policy": "ClusterFirst", + "enable_service_links": null, + "ephemeral_containers": null, + "host_aliases": null, + "host_ipc": null, + "host_network": null, + "host_pid": null, + "host_users": null, + "hostname": null, + "image_pull_secrets": null, + "init_containers": null, + "node_name": null, + "node_selector": null, + "os": null, + "overhead": null, + "preemption_policy": null, + "priority": null, + "priority_class_name": null, + "readiness_gates": null, + "resource_claims": null, + "restart_policy": "Always", + "runtime_class_name": null, + "scheduler_name": "default-scheduler", + "scheduling_gates": null, + "security_context": { + "fs_group": null, + "fs_group_change_policy": null, + "run_as_group": null, + "run_as_non_root": null, + "run_as_user": null, + "se_linux_options": null, + "seccomp_profile": null, + "supplemental_groups": null, + "sysctls": null, + "windows_options": null + }, + "service_account": null, + "service_account_name": null, + "set_hostname_as_fqdn": null, + "share_process_namespace": null, + "subdomain": null, + "termination_grace_period_seconds": 30, + "tolerations": null, + "topology_spread_constraints": null, + "volumes": [ + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": { + "default_mode": 420, + "items": [ + { + "field_ref": { + "api_version": "v1", + "field_path": "metadata.annotations" + }, + "mode": null, + "path": "annotations", + "resource_field_ref": null + } + ] + }, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "annotations", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": { + "default_mode": 420, + "items": [ + { + "key": "config-file", + "mode": null, + "path": "tikv.toml" + } + ], + "name": "test-cluster-tikv-3831336", + "optional": null + }, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "config", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": { + "default_mode": 420, + "items": [ + { + "key": "startup-script", + "mode": null, + "path": "tikv_start_script.sh" + } + ], + "name": "test-cluster-tikv-3831336", + "optional": null + }, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "startup-script", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + } + ] + } + }, + "update_strategy": { + "rolling_update": { + "max_unavailable": null, + "partition": 3 + }, + "type": "RollingUpdate" + }, + "volume_claim_templates": [ + { + "api_version": "v1", + "kind": "PersistentVolumeClaim", + "metadata": { + "annotations": null, + "creation_timestamp": null, + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": null, + "name": "tikv", + "namespace": null, + "owner_references": null, + "resource_version": null, + "self_link": null, + "uid": null + }, + "spec": { + "access_modes": [ + "ReadWriteOnce" + ], + "data_source": null, + "data_source_ref": null, + "resources": { + "claims": null, + "limits": null, + "requests": { + "storage": "100Gi" + } + }, + "selector": null, + "storage_class_name": null, + "volume_mode": "Filesystem", + "volume_name": null + }, + "status": { + "access_modes": null, + "allocated_resources": null, + "capacity": null, + "conditions": null, + "phase": "Pending", + "resize_status": null + } + } + ] + }, + "status": { + "available_replicas": 3, + "collision_count": 0, + "conditions": null, + "current_replicas": 3, + "current_revision": "test-cluster-tikv-797dfd54bf", + "observed_generation": 1, + "ready_replicas": 3, + "replicas": 3, + "update_revision": "test-cluster-tikv-797dfd54bf", + "updated_replicas": 3 + } + } + }, + "deployment": { + "test-cluster-discovery": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": { + "deployment.kubernetes.io/revision": "1", + "pingcap.com/last-applied-configuration": "{\"containers\":[{\"name\":\"discovery\",\"image\":\"pingcap/tidb-operator:v1.3.2\",\"command\":[\"/usr/local/bin/tidb-discovery\"],\"ports\":[{\"name\":\"discovery\",\"containerPort\":10261,\"protocol\":\"TCP\"},{\"name\":\"proxy\",\"containerPort\":10262,\"protocol\":\"TCP\"}],\"env\":[{\"name\":\"MY_POD_NAMESPACE\",\"valueFrom\":{\"fieldRef\":{\"fieldPath\":\"metadata.namespace\"}}},{\"name\":\"TZ\",\"value\":\"UTC\"},{\"name\":\"TC_NAME\",\"value\":\"test-cluster\"}],\"resources\":{},\"imagePullPolicy\":\"IfNotPresent\"}],\"restartPolicy\":\"Always\",\"dnsPolicy\":\"ClusterFirst\",\"serviceAccountName\":\"test-cluster-discovery\"}", + "pingcap.com/last-applied-podtemplate": "{\"containers\":[{\"name\":\"discovery\",\"image\":\"pingcap/tidb-operator:v1.3.2\",\"command\":[\"/usr/local/bin/tidb-discovery\"],\"ports\":[{\"name\":\"discovery\",\"containerPort\":10261,\"protocol\":\"TCP\"},{\"name\":\"proxy\",\"containerPort\":10262,\"protocol\":\"TCP\"}],\"env\":[{\"name\":\"MY_POD_NAMESPACE\",\"valueFrom\":{\"fieldRef\":{\"fieldPath\":\"metadata.namespace\"}}},{\"name\":\"TZ\",\"value\":\"UTC\"},{\"name\":\"TC_NAME\",\"value\":\"test-cluster\"}],\"resources\":{},\"imagePullPolicy\":\"IfNotPresent\"}],\"restartPolicy\":\"Always\",\"dnsPolicy\":\"ClusterFirst\",\"serviceAccountName\":\"test-cluster-discovery\"}" + }, + "creation_timestamp": "2024-02-27T01:19:59+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": 2, + "labels": { + "app.kubernetes.io/component": "discovery", + "app.kubernetes.io/instance": "test-cluster", + "app.kubernetes.io/managed-by": "tidb-operator", + "app.kubernetes.io/name": "tidb-cluster" + }, + "managed_fields": [ + { + "api_version": "apps/v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + ".": {}, + "f:pingcap.com/last-applied-configuration": {}, + "f:pingcap.com/last-applied-podtemplate": {} + }, + "f:labels": { + ".": {}, + "f:app.kubernetes.io/component": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {} + }, + "f:ownerReferences": { + ".": {}, + "k:{\"uid\":\"eff6561e-bf0d-471c-99a1-71f35603bc87\"}": {} + } + }, + "f:spec": { + "f:progressDeadlineSeconds": {}, + "f:replicas": {}, + "f:revisionHistoryLimit": {}, + "f:selector": {}, + "f:strategy": { + "f:type": {} + }, + "f:template": { + "f:metadata": { + "f:labels": { + ".": {}, + "f:app.kubernetes.io/component": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {} + } + }, + "f:spec": { + "f:containers": { + "k:{\"name\":\"discovery\"}": { + ".": {}, + "f:command": {}, + "f:env": { + ".": {}, + "k:{\"name\":\"MY_POD_NAMESPACE\"}": { + ".": {}, + "f:name": {}, + "f:valueFrom": { + ".": {}, + "f:fieldRef": {} + } + }, + "k:{\"name\":\"TC_NAME\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"TZ\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + } + }, + "f:image": {}, + "f:imagePullPolicy": {}, + "f:name": {}, + "f:ports": { + ".": {}, + "k:{\"containerPort\":10261,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + }, + "k:{\"containerPort\":10262,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + } + }, + "f:resources": {}, + "f:terminationMessagePath": {}, + "f:terminationMessagePolicy": {} + } + }, + "f:dnsPolicy": {}, + "f:restartPolicy": {}, + "f:schedulerName": {}, + "f:securityContext": {}, + "f:serviceAccount": {}, + "f:serviceAccountName": {}, + "f:terminationGracePeriodSeconds": {} + } + } + } + }, + "manager": "tidb-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:59+00:00" + }, + { + "api_version": "apps/v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:status": { + "f:availableReplicas": {}, + "f:conditions": { + "k:{\"type\":\"Available\"}": { + "f:lastTransitionTime": {}, + "f:lastUpdateTime": {}, + "f:message": {}, + "f:reason": {}, + "f:status": {} + }, + "k:{\"type\":\"Progressing\"}": { + "f:lastUpdateTime": {}, + "f:message": {}, + "f:reason": {} + } + }, + "f:readyReplicas": {} + } + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:01+00:00" + } + ], + "name": "test-cluster-discovery", + "namespace": "acto-namespace", + "owner_references": [ + { + "api_version": "pingcap.com/v1alpha1", + "block_owner_deletion": true, + "controller": true, + "kind": "TidbCluster", + "name": "test-cluster", + "uid": "eff6561e-bf0d-471c-99a1-71f35603bc87" + } + ], + "resource_version": "1026", + "self_link": null, + "uid": "8fd66bd1-82d7-4fd7-95b8-c25c509219de" + }, + "spec": { + "min_ready_seconds": null, + "paused": null, + "progress_deadline_seconds": 600, + "replicas": 1, + "revision_history_limit": 10, + "selector": { + "match_expressions": null, + "match_labels": { + "app.kubernetes.io/component": "discovery", + "app.kubernetes.io/instance": "test-cluster", + "app.kubernetes.io/managed-by": "tidb-operator", + "app.kubernetes.io/name": "tidb-cluster" + } + }, + "strategy": { + "rolling_update": null, + "type": "Recreate" + }, + "template": { + "metadata": { + "annotations": null, + "creation_timestamp": null, + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": { + "app.kubernetes.io/component": "discovery", + "app.kubernetes.io/instance": "test-cluster", + "app.kubernetes.io/managed-by": "tidb-operator", + "app.kubernetes.io/name": "tidb-cluster" + }, + "managed_fields": null, + "name": null, + "namespace": null, + "owner_references": null, + "resource_version": null, + "self_link": null, + "uid": null + }, + "spec": { + "active_deadline_seconds": null, + "affinity": null, + "automount_service_account_token": null, + "containers": [ + { + "args": null, + "command": [ + "/usr/local/bin/tidb-discovery" + ], + "env": [ + { + "name": "MY_POD_NAMESPACE", + "value": null, + "value_from": { + "config_map_key_ref": null, + "field_ref": { + "api_version": "v1", + "field_path": "metadata.namespace" + }, + "resource_field_ref": null, + "secret_key_ref": null + } + }, + { + "name": "TZ", + "value": "UTC", + "value_from": null + }, + { + "name": "TC_NAME", + "value": "test-cluster", + "value_from": null + } + ], + "env_from": null, + "image": "pingcap/tidb-operator:v1.3.2", + "image_pull_policy": "IfNotPresent", + "lifecycle": null, + "liveness_probe": null, + "name": "discovery", + "ports": [ + { + "container_port": 10261, + "host_ip": null, + "host_port": null, + "name": "discovery", + "protocol": "TCP" + }, + { + "container_port": 10262, + "host_ip": null, + "host_port": null, + "name": "proxy", + "protocol": "TCP" + } + ], + "readiness_probe": null, + "resources": { + "claims": null, + "limits": null, + "requests": null + }, + "security_context": null, + "startup_probe": null, + "stdin": null, + "stdin_once": null, + "termination_message_path": "/dev/termination-log", + "termination_message_policy": "File", + "tty": null, + "volume_devices": null, + "volume_mounts": null, + "working_dir": null + } + ], + "dns_config": null, + "dns_policy": "ClusterFirst", + "enable_service_links": null, + "ephemeral_containers": null, + "host_aliases": null, + "host_ipc": null, + "host_network": null, + "host_pid": null, + "host_users": null, + "hostname": null, + "image_pull_secrets": null, + "init_containers": null, + "node_name": null, + "node_selector": null, + "os": null, + "overhead": null, + "preemption_policy": null, + "priority": null, + "priority_class_name": null, + "readiness_gates": null, + "resource_claims": null, + "restart_policy": "Always", + "runtime_class_name": null, + "scheduler_name": "default-scheduler", + "scheduling_gates": null, + "security_context": { + "fs_group": null, + "fs_group_change_policy": null, + "run_as_group": null, + "run_as_non_root": null, + "run_as_user": null, + "se_linux_options": null, + "seccomp_profile": null, + "supplemental_groups": null, + "sysctls": null, + "windows_options": null + }, + "service_account": "test-cluster-discovery", + "service_account_name": "test-cluster-discovery", + "set_hostname_as_fqdn": null, + "share_process_namespace": null, + "subdomain": null, + "termination_grace_period_seconds": 30, + "tolerations": null, + "topology_spread_constraints": null, + "volumes": null + } + } + }, + "status": { + "available_replicas": 1, + "collision_count": null, + "conditions": [ + { + "last_transition_time": "2024-02-27T01:20:01+00:00", + "last_update_time": "2024-02-27T01:20:01+00:00", + "message": "Deployment has minimum availability.", + "reason": "MinimumReplicasAvailable", + "status": "True", + "type": "Available" + }, + { + "last_transition_time": "2024-02-27T01:19:59+00:00", + "last_update_time": "2024-02-27T01:20:01+00:00", + "message": "ReplicaSet \"test-cluster-discovery-689d8466cb\" has successfully progressed.", + "reason": "NewReplicaSetAvailable", + "status": "True", + "type": "Progressing" + } + ], + "observed_generation": 2, + "ready_replicas": 1, + "replicas": 1, + "unavailable_replicas": null, + "updated_replicas": 1 + } + }, + "tidb-controller-manager": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": { + "deployment.kubernetes.io/revision": "2" + }, + "creation_timestamp": "2024-02-27T01:19:29+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": 2, + "labels": { + "acto/tag": "operator-deployment", + "app.kubernetes.io/component": "controller-manager", + "app.kubernetes.io/instance": "acto-test-operator", + "app.kubernetes.io/managed-by": "Helm", + "app.kubernetes.io/name": "tidb-operator", + "helm.sh/chart": "tidb-operator-v1-canary" + }, + "managed_fields": [ + { + "api_version": "apps/v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:labels": { + "f:app.kubernetes.io/component": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {}, + "f:helm.sh/chart": {} + } + }, + "f:spec": { + "f:replicas": {}, + "f:selector": {}, + "f:template": { + "f:metadata": { + "f:labels": { + "f:app.kubernetes.io/component": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/name": {} + } + }, + "f:spec": { + "f:containers": { + "k:{\"name\":\"tidb-operator\"}": { + ".": {}, + "f:command": {}, + "f:env": { + "k:{\"name\":\"NAMESPACE\"}": { + ".": {}, + "f:name": {}, + "f:valueFrom": { + "f:fieldRef": {} + } + }, + "k:{\"name\":\"TZ\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + } + }, + "f:image": {}, + "f:imagePullPolicy": {}, + "f:livenessProbe": { + "f:failureThreshold": {}, + "f:initialDelaySeconds": {}, + "f:periodSeconds": {}, + "f:tcpSocket": { + "f:port": {} + } + }, + "f:name": {}, + "f:resources": { + "f:requests": { + "f:cpu": {}, + "f:memory": {} + } + } + } + }, + "f:serviceAccount": {} + } + } + } + }, + "manager": "kubectl", + "operation": "Apply", + "subresource": null, + "time": "2024-02-27T01:19:29+00:00" + }, + { + "api_version": "apps/v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:labels": { + "f:acto/tag": {} + } + }, + "f:spec": { + "f:template": { + "f:metadata": { + "f:labels": { + "f:acto/tag": {} + } + } + } + } + }, + "manager": "OpenAPI-Generator", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:34+00:00" + }, + { + "api_version": "apps/v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + ".": {}, + "f:deployment.kubernetes.io/revision": {} + } + }, + "f:status": { + "f:availableReplicas": {}, + "f:conditions": { + ".": {}, + "k:{\"type\":\"Available\"}": { + ".": {}, + "f:lastTransitionTime": {}, + "f:lastUpdateTime": {}, + "f:message": {}, + "f:reason": {}, + "f:status": {}, + "f:type": {} + }, + "k:{\"type\":\"Progressing\"}": { + ".": {}, + "f:lastTransitionTime": {}, + "f:lastUpdateTime": {}, + "f:message": {}, + "f:reason": {}, + "f:status": {}, + "f:type": {} + } + }, + "f:observedGeneration": {}, + "f:readyReplicas": {}, + "f:replicas": {}, + "f:updatedReplicas": {} + } + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": "status", + "time": "2024-02-27T01:19:35+00:00" + } + ], + "name": "tidb-controller-manager", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "782", + "self_link": null, + "uid": "9c9a1175-4094-401b-b70a-d6cf986e73ea" + }, + "spec": { + "min_ready_seconds": null, + "paused": null, + "progress_deadline_seconds": 600, + "replicas": 1, + "revision_history_limit": 10, + "selector": { + "match_expressions": null, + "match_labels": { + "app.kubernetes.io/component": "controller-manager", + "app.kubernetes.io/instance": "acto-test-operator", + "app.kubernetes.io/name": "tidb-operator" + } + }, + "strategy": { + "rolling_update": { + "max_surge": "25%", + "max_unavailable": "25%" + }, + "type": "RollingUpdate" + }, + "template": { + "metadata": { + "annotations": null, + "creation_timestamp": null, + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": { + "acto/tag": "operator-pod", + "app.kubernetes.io/component": "controller-manager", + "app.kubernetes.io/instance": "acto-test-operator", + "app.kubernetes.io/name": "tidb-operator" + }, + "managed_fields": null, + "name": null, + "namespace": null, + "owner_references": null, + "resource_version": null, + "self_link": null, + "uid": null + }, + "spec": { + "active_deadline_seconds": null, + "affinity": null, + "automount_service_account_token": null, + "containers": [ + { + "args": null, + "command": [ + "/usr/local/bin/tidb-controller-manager", + "-tidb-backup-manager-image=pingcap/tidb-backup-manager:v1.3.2", + "-tidb-discovery-image=pingcap/tidb-operator:v1.3.2", + "-cluster-scoped=true", + "-cluster-permission-node=true", + "-cluster-permission-pv=true", + "-cluster-permission-sc=true", + "-auto-failover=true", + "-pd-failover-period=5m", + "-tikv-failover-period=5m", + "-tiflash-failover-period=5m", + "-tidb-failover-period=5m", + "-dm-master-failover-period=5m", + "-dm-worker-failover-period=5m", + "-v=2" + ], + "env": [ + { + "name": "NAMESPACE", + "value": null, + "value_from": { + "config_map_key_ref": null, + "field_ref": { + "api_version": "v1", + "field_path": "metadata.namespace" + }, + "resource_field_ref": null, + "secret_key_ref": null + } + }, + { + "name": "TZ", + "value": "UTC", + "value_from": null + } + ], + "env_from": null, + "image": "pingcap/tidb-operator:v1.3.2", + "image_pull_policy": "IfNotPresent", + "lifecycle": null, + "liveness_probe": { + "_exec": null, + "failure_threshold": 10, + "grpc": null, + "http_get": null, + "initial_delay_seconds": 30, + "period_seconds": 10, + "success_threshold": 1, + "tcp_socket": { + "host": null, + "port": 6060 + }, + "termination_grace_period_seconds": null, + "timeout_seconds": 1 + }, + "name": "tidb-operator", + "ports": null, + "readiness_probe": null, + "resources": { + "claims": null, + "limits": null, + "requests": { + "cpu": "80m", + "memory": "50Mi" + } + }, + "security_context": null, + "startup_probe": null, + "stdin": null, + "stdin_once": null, + "termination_message_path": "/dev/termination-log", + "termination_message_policy": "File", + "tty": null, + "volume_devices": null, + "volume_mounts": null, + "working_dir": null + } + ], + "dns_config": null, + "dns_policy": "ClusterFirst", + "enable_service_links": null, + "ephemeral_containers": null, + "host_aliases": null, + "host_ipc": null, + "host_network": null, + "host_pid": null, + "host_users": null, + "hostname": null, + "image_pull_secrets": null, + "init_containers": null, + "node_name": null, + "node_selector": null, + "os": null, + "overhead": null, + "preemption_policy": null, + "priority": null, + "priority_class_name": null, + "readiness_gates": null, + "resource_claims": null, + "restart_policy": "Always", + "runtime_class_name": null, + "scheduler_name": "default-scheduler", + "scheduling_gates": null, + "security_context": { + "fs_group": null, + "fs_group_change_policy": null, + "run_as_group": null, + "run_as_non_root": null, + "run_as_user": null, + "se_linux_options": null, + "seccomp_profile": null, + "supplemental_groups": null, + "sysctls": null, + "windows_options": null + }, + "service_account": "tidb-controller-manager", + "service_account_name": "tidb-controller-manager", + "set_hostname_as_fqdn": null, + "share_process_namespace": null, + "subdomain": null, + "termination_grace_period_seconds": 30, + "tolerations": null, + "topology_spread_constraints": null, + "volumes": null + } + } + }, + "status": { + "available_replicas": 1, + "collision_count": null, + "conditions": [ + { + "last_transition_time": "2024-02-27T01:19:30+00:00", + "last_update_time": "2024-02-27T01:19:30+00:00", + "message": "Deployment has minimum availability.", + "reason": "MinimumReplicasAvailable", + "status": "True", + "type": "Available" + }, + { + "last_transition_time": "2024-02-27T01:19:29+00:00", + "last_update_time": "2024-02-27T01:19:35+00:00", + "message": "ReplicaSet \"tidb-controller-manager-7b6bdb846c\" has successfully progressed.", + "reason": "NewReplicaSetAvailable", + "status": "True", + "type": "Progressing" + } + ], + "observed_generation": 2, + "ready_replicas": 1, + "replicas": 1, + "unavailable_replicas": null, + "updated_replicas": 1 + } + }, + "tidb-scheduler": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": { + "deployment.kubernetes.io/revision": "2" + }, + "creation_timestamp": "2024-02-27T01:19:29+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": 2, + "labels": { + "acto/tag": "operator-deployment", + "app.kubernetes.io/component": "scheduler", + "app.kubernetes.io/instance": "acto-test-operator", + "app.kubernetes.io/managed-by": "Helm", + "app.kubernetes.io/name": "tidb-operator", + "helm.sh/chart": "tidb-operator-v1-canary" + }, + "managed_fields": [ + { + "api_version": "apps/v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:labels": { + "f:app.kubernetes.io/component": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {}, + "f:helm.sh/chart": {} + } + }, + "f:spec": { + "f:replicas": {}, + "f:selector": {}, + "f:template": { + "f:metadata": { + "f:labels": { + "f:app.kubernetes.io/component": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/name": {} + } + }, + "f:spec": { + "f:containers": { + "k:{\"name\":\"kube-scheduler\"}": { + ".": {}, + "f:command": {}, + "f:image": {}, + "f:imagePullPolicy": {}, + "f:name": {}, + "f:resources": { + "f:limits": { + "f:cpu": {}, + "f:memory": {} + }, + "f:requests": { + "f:cpu": {}, + "f:memory": {} + } + }, + "f:volumeMounts": { + "k:{\"mountPath\":\"/etc/kubernetes\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {} + } + } + }, + "k:{\"name\":\"tidb-scheduler\"}": { + ".": {}, + "f:command": {}, + "f:image": {}, + "f:imagePullPolicy": {}, + "f:name": {}, + "f:resources": { + "f:limits": { + "f:cpu": {}, + "f:memory": {} + }, + "f:requests": { + "f:cpu": {}, + "f:memory": {} + } + } + } + }, + "f:serviceAccount": {}, + "f:volumes": { + "k:{\"name\":\"scheduler-config\"}": { + ".": {}, + "f:configMap": { + "f:name": {} + }, + "f:name": {} + } + } + } + } + } + }, + "manager": "kubectl", + "operation": "Apply", + "subresource": null, + "time": "2024-02-27T01:19:29+00:00" + }, + { + "api_version": "apps/v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:labels": { + "f:acto/tag": {} + } + }, + "f:spec": { + "f:template": { + "f:metadata": { + "f:labels": { + "f:acto/tag": {} + } + } + } + } + }, + "manager": "OpenAPI-Generator", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:34+00:00" + }, + { + "api_version": "apps/v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + ".": {}, + "f:deployment.kubernetes.io/revision": {} + } + }, + "f:status": { + "f:availableReplicas": {}, + "f:conditions": { + ".": {}, + "k:{\"type\":\"Available\"}": { + ".": {}, + "f:lastTransitionTime": {}, + "f:lastUpdateTime": {}, + "f:message": {}, + "f:reason": {}, + "f:status": {}, + "f:type": {} + }, + "k:{\"type\":\"Progressing\"}": { + ".": {}, + "f:lastTransitionTime": {}, + "f:lastUpdateTime": {}, + "f:message": {}, + "f:reason": {}, + "f:status": {}, + "f:type": {} + } + }, + "f:observedGeneration": {}, + "f:readyReplicas": {}, + "f:replicas": {}, + "f:updatedReplicas": {} + } + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": "status", + "time": "2024-02-27T01:19:37+00:00" + } + ], + "name": "tidb-scheduler", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "803", + "self_link": null, + "uid": "20ba2e7c-07eb-48ca-a4b7-a91c7be753f3" + }, + "spec": { + "min_ready_seconds": null, + "paused": null, + "progress_deadline_seconds": 600, + "replicas": 1, + "revision_history_limit": 10, + "selector": { + "match_expressions": null, + "match_labels": { + "app.kubernetes.io/component": "scheduler", + "app.kubernetes.io/instance": "acto-test-operator", + "app.kubernetes.io/name": "tidb-operator" + } + }, + "strategy": { + "rolling_update": { + "max_surge": "25%", + "max_unavailable": "25%" + }, + "type": "RollingUpdate" + }, + "template": { + "metadata": { + "annotations": null, + "creation_timestamp": null, + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": { + "acto/tag": "operator-pod", + "app.kubernetes.io/component": "scheduler", + "app.kubernetes.io/instance": "acto-test-operator", + "app.kubernetes.io/name": "tidb-operator" + }, + "managed_fields": null, + "name": null, + "namespace": null, + "owner_references": null, + "resource_version": null, + "self_link": null, + "uid": null + }, + "spec": { + "active_deadline_seconds": null, + "affinity": null, + "automount_service_account_token": null, + "containers": [ + { + "args": null, + "command": [ + "/usr/local/bin/tidb-scheduler", + "-v=2", + "-port=10262" + ], + "env": null, + "env_from": null, + "image": "pingcap/tidb-operator:v1.3.2", + "image_pull_policy": "IfNotPresent", + "lifecycle": null, + "liveness_probe": null, + "name": "tidb-scheduler", + "ports": null, + "readiness_probe": null, + "resources": { + "claims": null, + "limits": { + "cpu": "250m", + "memory": "150Mi" + }, + "requests": { + "cpu": "80m", + "memory": "50Mi" + } + }, + "security_context": null, + "startup_probe": null, + "stdin": null, + "stdin_once": null, + "termination_message_path": "/dev/termination-log", + "termination_message_policy": "File", + "tty": null, + "volume_devices": null, + "volume_mounts": null, + "working_dir": null + }, + { + "args": null, + "command": [ + "kube-scheduler", + "--v=2", + "--config=/etc/kubernetes/scheduler-config.yaml" + ], + "env": null, + "env_from": null, + "image": "k8s.gcr.io/kube-scheduler:v1.22.9", + "image_pull_policy": "IfNotPresent", + "lifecycle": null, + "liveness_probe": null, + "name": "kube-scheduler", + "ports": null, + "readiness_probe": null, + "resources": { + "claims": null, + "limits": { + "cpu": "250m", + "memory": "150Mi" + }, + "requests": { + "cpu": "80m", + "memory": "50Mi" + } + }, + "security_context": null, + "startup_probe": null, + "stdin": null, + "stdin_once": null, + "termination_message_path": "/dev/termination-log", + "termination_message_policy": "File", + "tty": null, + "volume_devices": null, + "volume_mounts": [ + { + "mount_path": "/etc/kubernetes", + "mount_propagation": null, + "name": "scheduler-config", + "read_only": null, + "sub_path": null, + "sub_path_expr": null + } + ], + "working_dir": null + } + ], + "dns_config": null, + "dns_policy": "ClusterFirst", + "enable_service_links": null, + "ephemeral_containers": null, + "host_aliases": null, + "host_ipc": null, + "host_network": null, + "host_pid": null, + "host_users": null, + "hostname": null, + "image_pull_secrets": null, + "init_containers": null, + "node_name": null, + "node_selector": null, + "os": null, + "overhead": null, + "preemption_policy": null, + "priority": null, + "priority_class_name": null, + "readiness_gates": null, + "resource_claims": null, + "restart_policy": "Always", + "runtime_class_name": null, + "scheduler_name": "default-scheduler", + "scheduling_gates": null, + "security_context": { + "fs_group": null, + "fs_group_change_policy": null, + "run_as_group": null, + "run_as_non_root": null, + "run_as_user": null, + "se_linux_options": null, + "seccomp_profile": null, + "supplemental_groups": null, + "sysctls": null, + "windows_options": null + }, + "service_account": "tidb-scheduler", + "service_account_name": "tidb-scheduler", + "set_hostname_as_fqdn": null, + "share_process_namespace": null, + "subdomain": null, + "termination_grace_period_seconds": 30, + "tolerations": null, + "topology_spread_constraints": null, + "volumes": [ + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": { + "default_mode": 420, + "items": null, + "name": "tidb-scheduler-config", + "optional": null + }, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "scheduler-config", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + } + ] + } + } + }, + "status": { + "available_replicas": 1, + "collision_count": null, + "conditions": [ + { + "last_transition_time": "2024-02-27T01:19:32+00:00", + "last_update_time": "2024-02-27T01:19:32+00:00", + "message": "Deployment has minimum availability.", + "reason": "MinimumReplicasAvailable", + "status": "True", + "type": "Available" + }, + { + "last_transition_time": "2024-02-27T01:19:29+00:00", + "last_update_time": "2024-02-27T01:19:37+00:00", + "message": "ReplicaSet \"tidb-scheduler-77874455fc\" has successfully progressed.", + "reason": "NewReplicaSetAvailable", + "status": "True", + "type": "Progressing" + } + ], + "observed_generation": 2, + "ready_replicas": 1, + "replicas": 1, + "unavailable_replicas": null, + "updated_replicas": 1 + } + } + }, + "daemon_set": {}, + "config_map": { + "kube-root-ca.crt": { + "api_version": null, + "binary_data": null, + "data": { + "ca.crt": "-----BEGIN CERTIFICATE-----\nMIIDBTCCAe2gAwIBAgIIZ5THVDJZXfowDQYJKoZIhvcNAQELBQAwFTETMBEGA1UE\nAxMKa3ViZXJuZXRlczAeFw0yNDAyMjcwMTEzMzJaFw0zNDAyMjQwMTE4MzJaMBUx\nEzARBgNVBAMTCmt1YmVybmV0ZXMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK\nAoIBAQC1Y4Rwx+jwrwtDWJJOZ5NwOv+A8BinI3IHkXxnDLtH/gQzmHBGaJzQA78w\nLenHuRBNkouaCJ3LzEcivIhb40aYsM8uwu2eTQBEHBENK3OxkJ9QTr5fmYDLwBvb\nj7cvsRExy9fQV9ObFYJPDIw5u6DgiyXRbT2PFDuet6rwVFShRlrrIJ+iL5WtWvKK\n0Kn2qO9/iSSdDUcIIXP07pzVPYDrg+tlND4YrdIgl8LYqBiF1wDloi+Zl09vOGmt\nLbDY5mvkQxlSpUcIviLLNHbQ7KMLTzIZz2gvzWEPyQ20mWWiwDWdTB4H2w9Qiu42\n99G9Q8CglQtExnt56cSkqdJhJvwfAgMBAAGjWTBXMA4GA1UdDwEB/wQEAwICpDAP\nBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBQk8EwlGFM1CP/e8qI04IrQOALf1jAV\nBgNVHREEDjAMggprdWJlcm5ldGVzMA0GCSqGSIb3DQEBCwUAA4IBAQBXUKZmiMjl\nMbH5fAemGhfEC019prVPcP7ABB5cIq+V8bsPzGjhEv/+ZTeqwzYM8gU4Dq+vFErz\n2Mx55UmHkqo/yamqnKm19LvuSRmdE0Bhww4/WanACPJjvRJRh85IsI/cKiFPziIl\n0JbqWiV2o7HEDpLDA0Ya7fGSfQGmbgz3wo7+yU80eU9blO7J3fclTKfrDgvCERQO\nqqztfNuP/tOD42f2+El7F4O+yReF/aXA3BvQDNa2zT8PRs+dNFmQNwW12VVnFbuZ\nm0cbmXKnQs7Zm5gE9kqk0zjQRvd7UDLQC0YTBUBK7L18piQN0PdwySvsJkvMZkhn\nI5yzUmqVRIMn\n-----END CERTIFICATE-----\n" + }, + "immutable": null, + "kind": null, + "metadata": { + "annotations": { + "kubernetes.io/description": "Contains a CA bundle that can be used to verify the kube-apiserver when using internal endpoints such as the internal service IP or kubernetes.default.svc. No other usage is guaranteed across distributions of Kubernetes clusters." + }, + "creation_timestamp": "2024-02-27T01:19:22+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:data": { + ".": {}, + "f:ca.crt": {} + }, + "f:metadata": { + "f:annotations": { + ".": {}, + "f:kubernetes.io/description": {} + } + } + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:22+00:00" + } + ], + "name": "kube-root-ca.crt", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "628", + "self_link": null, + "uid": "99d40a37-6559-48b4-b71a-a3dd53006a1f" + } + }, + "test-cluster-pd-3731616": { + "api_version": null, + "binary_data": null, + "data": { + "config-file": "[dashboard]\n internal-proxy = true\n", + "startup-script": "#!/bin/sh\n\n# This script is used to start pd containers in kubernetes cluster\n\n# Use DownwardAPIVolumeFiles to store informations of the cluster:\n# https://kubernetes.io/docs/tasks/inject-data-application/downward-api-volume-expose-pod-information/#the-downward-api\n#\n# runmode=\"normal/debug\"\n#\n\nset -uo pipefail\n\nANNOTATIONS=\"/etc/podinfo/annotations\"\n\nif [[ ! -f \"${ANNOTATIONS}\" ]]\nthen\n echo \"${ANNOTATIONS} does't exist, exiting.\"\n exit 1\nfi\nsource ${ANNOTATIONS} 2>/dev/null\n\nrunmode=${runmode:-normal}\nif [[ X${runmode} == Xdebug ]]\nthen\n echo \"entering debug mode.\"\n tail -f /dev/null\nfi\n\n# Use HOSTNAME if POD_NAME is unset for backward compatibility.\nPOD_NAME=${POD_NAME:-$HOSTNAME}\n# the general form of variable PEER_SERVICE_NAME is: \"-pd-peer\"\ncluster_name=`echo ${PEER_SERVICE_NAME} | sed 's/-pd-peer//'`\ndomain=\"${POD_NAME}.${PEER_SERVICE_NAME}.${NAMESPACE}.svc\"\ndiscovery_url=\"${cluster_name}-discovery.${NAMESPACE}.svc:10261\"\nencoded_domain_url=`echo ${domain}:2380 | base64 | tr \"\\n\" \" \" | sed \"s/ //g\"`\nelapseTime=0\nperiod=1\nthreshold=30\nwhile true; do\nsleep ${period}\nelapseTime=$(( elapseTime+period ))\n\nif [[ ${elapseTime} -ge ${threshold} ]]\nthen\necho \"waiting for pd cluster ready timeout\" >&2\nexit 1\nfi\n\nif nslookup ${domain} 2>/dev/null\nthen\necho \"nslookup domain ${domain}.svc success\"\nbreak\nelse\necho \"nslookup domain ${domain} failed\" >&2\nfi\ndone\n\nARGS=\"--data-dir=/var/lib/pd \\\n--name=${POD_NAME} \\\n--peer-urls=http://0.0.0.0:2380 \\\n--advertise-peer-urls=http://${domain}:2380 \\\n--client-urls=http://0.0.0.0:2379 \\\n--advertise-client-urls=http://${domain}:2379 \\\n--config=/etc/pd/pd.toml \\\n\"\n\nif [[ -f /var/lib/pd/join ]]\nthen\n# The content of the join file is:\n# demo-pd-0=http://demo-pd-0.demo-pd-peer.demo.svc:2380,demo-pd-1=http://demo-pd-1.demo-pd-peer.demo.svc:2380\n# The --join args must be:\n# --join=http://demo-pd-0.demo-pd-peer.demo.svc:2380,http://demo-pd-1.demo-pd-peer.demo.svc:2380\njoin=`cat /var/lib/pd/join | tr \",\" \"\\n\" | awk -F'=' '{print $2}' | tr \"\\n\" \",\"`\njoin=${join%,}\nARGS=\"${ARGS} --join=${join}\"\nelif [[ ! -d /var/lib/pd/member/wal ]]\nthen\nuntil result=$(wget -qO- -T 3 http://${discovery_url}/new/${encoded_domain_url} 2>/dev/null); do\necho \"waiting for discovery service to return start args ...\"\nsleep $((RANDOM % 5))\ndone\nARGS=\"${ARGS}${result}\"\nfi\n\necho \"starting pd-server ...\"\nsleep $((RANDOM % 10))\necho \"/pd-server ${ARGS}\"\nexec /pd-server ${ARGS}\n" + }, + "immutable": null, + "kind": null, + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:19:59+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": { + "app.kubernetes.io/component": "pd", + "app.kubernetes.io/instance": "test-cluster", + "app.kubernetes.io/managed-by": "tidb-operator", + "app.kubernetes.io/name": "tidb-cluster" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:data": { + ".": {}, + "f:config-file": {}, + "f:startup-script": {} + }, + "f:metadata": { + "f:labels": { + ".": {}, + "f:app.kubernetes.io/component": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {} + }, + "f:ownerReferences": { + ".": {}, + "k:{\"uid\":\"eff6561e-bf0d-471c-99a1-71f35603bc87\"}": {} + } + } + }, + "manager": "tidb-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:59+00:00" + } + ], + "name": "test-cluster-pd-3731616", + "namespace": "acto-namespace", + "owner_references": [ + { + "api_version": "pingcap.com/v1alpha1", + "block_owner_deletion": true, + "controller": true, + "kind": "TidbCluster", + "name": "test-cluster", + "uid": "eff6561e-bf0d-471c-99a1-71f35603bc87" + } + ], + "resource_version": "878", + "self_link": null, + "uid": "e8f0acba-3029-41d3-97f4-d296393f3014" + } + }, + "test-cluster-tidb-6662316": { + "api_version": null, + "binary_data": null, + "data": { + "config-file": "[log]\n [log.file]\n max-backups = 3\n\n[performance]\n tcp-keep-alive = true\n", + "startup-script": "#!/bin/sh\n\n# This script is used to start tidb containers in kubernetes cluster\n\n# Use DownwardAPIVolumeFiles to store informations of the cluster:\n# https://kubernetes.io/docs/tasks/inject-data-application/downward-api-volume-expose-pod-information/#the-downward-api\n#\n# runmode=\"normal/debug\"\n#\nset -uo pipefail\n\nANNOTATIONS=\"/etc/podinfo/annotations\"\n\nif [[ ! -f \"${ANNOTATIONS}\" ]]\nthen\n echo \"${ANNOTATIONS} does't exist, exiting.\"\n exit 1\nfi\nsource ${ANNOTATIONS} 2>/dev/null\nrunmode=${runmode:-normal}\nif [[ X${runmode} == Xdebug ]]\nthen\n echo \"entering debug mode.\"\n tail -f /dev/null\nfi\n\n# Use HOSTNAME if POD_NAME is unset for backward compatibility.\nPOD_NAME=${POD_NAME:-$HOSTNAME}\nARGS=\"--store=tikv \\\n--advertise-address=${POD_NAME}.${HEADLESS_SERVICE_NAME}.${NAMESPACE}.svc \\\n--host=0.0.0.0 \\\n--path=${CLUSTER_NAME}-pd:2379 \\\n--config=/etc/tidb/tidb.toml\n\"\n\nif [[ X${BINLOG_ENABLED:-} == Xtrue ]]\nthen\n ARGS=\"${ARGS} --enable-binlog=true\"\nfi\n\nSLOW_LOG_FILE=${SLOW_LOG_FILE:-\"\"}\nif [[ ! -z \"${SLOW_LOG_FILE}\" ]]\nthen\n ARGS=\"${ARGS} --log-slow-query=${SLOW_LOG_FILE:-}\"\nfi\n\necho \"start tidb-server ...\"\necho \"/tidb-server ${ARGS}\"\nexec /tidb-server ${ARGS}\n" + }, + "immutable": null, + "kind": null, + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:52+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": { + "app.kubernetes.io/component": "tidb", + "app.kubernetes.io/instance": "test-cluster", + "app.kubernetes.io/managed-by": "tidb-operator", + "app.kubernetes.io/name": "tidb-cluster" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:data": { + ".": {}, + "f:config-file": {}, + "f:startup-script": {} + }, + "f:metadata": { + "f:labels": { + ".": {}, + "f:app.kubernetes.io/component": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {} + }, + "f:ownerReferences": { + ".": {}, + "k:{\"uid\":\"eff6561e-bf0d-471c-99a1-71f35603bc87\"}": {} + } + } + }, + "manager": "tidb-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:52+00:00" + } + ], + "name": "test-cluster-tidb-6662316", + "namespace": "acto-namespace", + "owner_references": [ + { + "api_version": "pingcap.com/v1alpha1", + "block_owner_deletion": true, + "controller": true, + "kind": "TidbCluster", + "name": "test-cluster", + "uid": "eff6561e-bf0d-471c-99a1-71f35603bc87" + } + ], + "resource_version": "1334", + "self_link": null, + "uid": "5d469b64-8189-40ac-ac5d-66c114e75604" + } + }, + "test-cluster-tikv-3831336": { + "api_version": null, + "binary_data": null, + "data": { + "config-file": "log-level = \"info\"\n", + "startup-script": "#!/bin/sh\n\n# This script is used to start tikv containers in kubernetes cluster\n\n# Use DownwardAPIVolumeFiles to store informations of the cluster:\n# https://kubernetes.io/docs/tasks/inject-data-application/downward-api-volume-expose-pod-information/#the-downward-api\n#\n# runmode=\"normal/debug\"\n#\n\nset -uo pipefail\n\nANNOTATIONS=\"/etc/podinfo/annotations\"\n\nif [[ ! -f \"${ANNOTATIONS}\" ]]\nthen\n echo \"${ANNOTATIONS} does't exist, exiting.\"\n exit 1\nfi\nsource ${ANNOTATIONS} 2>/dev/null\n\nrunmode=${runmode:-normal}\nif [[ X${runmode} == Xdebug ]]\nthen\n\techo \"entering debug mode.\"\n\ttail -f /dev/null\nfi\n\n# Use HOSTNAME if POD_NAME is unset for backward compatibility.\nPOD_NAME=${POD_NAME:-$HOSTNAME}\nARGS=\"--pd=http://${CLUSTER_NAME}-pd:2379 \\\n--advertise-addr=${POD_NAME}.${HEADLESS_SERVICE_NAME}.${NAMESPACE}.svc:20160 \\\n--addr=0.0.0.0:20160 \\\n--status-addr=0.0.0.0:20180 \\\n--advertise-status-addr=${POD_NAME}.${HEADLESS_SERVICE_NAME}.${NAMESPACE}.svc:20180 \\\n--data-dir=/var/lib/tikv \\\n--capacity=${CAPACITY} \\\n--config=/etc/tikv/tikv.toml\n\"\n\nif [ ! -z \"${STORE_LABELS:-}\" ]; then\n LABELS=\" --labels ${STORE_LABELS} \"\n ARGS=\"${ARGS}${LABELS}\"\nfi\n\necho \"starting tikv-server ...\"\necho \"/tikv-server ${ARGS}\"\nexec /tikv-server ${ARGS}\n" + }, + "immutable": null, + "kind": null, + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:22+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": { + "app.kubernetes.io/component": "tikv", + "app.kubernetes.io/instance": "test-cluster", + "app.kubernetes.io/managed-by": "tidb-operator", + "app.kubernetes.io/name": "tidb-cluster" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:data": { + ".": {}, + "f:config-file": {}, + "f:startup-script": {} + }, + "f:metadata": { + "f:labels": { + ".": {}, + "f:app.kubernetes.io/component": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {} + }, + "f:ownerReferences": { + ".": {}, + "k:{\"uid\":\"eff6561e-bf0d-471c-99a1-71f35603bc87\"}": {} + } + } + }, + "manager": "tidb-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:22+00:00" + } + ], + "name": "test-cluster-tikv-3831336", + "namespace": "acto-namespace", + "owner_references": [ + { + "api_version": "pingcap.com/v1alpha1", + "block_owner_deletion": true, + "controller": true, + "kind": "TidbCluster", + "name": "test-cluster", + "uid": "eff6561e-bf0d-471c-99a1-71f35603bc87" + } + ], + "resource_version": "1084", + "self_link": null, + "uid": "b38eb8e1-5d60-4588-bc0e-63f9fcd141ed" + } + }, + "tidb-scheduler-config": { + "api_version": null, + "binary_data": null, + "data": { + "scheduler-config.yaml": "\napiVersion: kubescheduler.config.k8s.io/v1beta1\nkind: KubeSchedulerConfiguration\nleaderElection:\n leaderElect: true\n resourceNamespace: acto-namespace\n resourceName: tidb-scheduler\nhealthzBindAddress: 0.0.0.0:10261\nmetricsBindAddress: 0.0.0.0:10261\nprofiles:\n - schedulerName: tidb-scheduler\nextenders:\n - urlPrefix: http://127.0.0.1:10262/scheduler\n filterVerb: filter\n preemptVerb: preempt\n weight: 1\n enableHTTPS: false\n httpTimeout: 30s" + }, + "immutable": null, + "kind": null, + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:19:29+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": { + "app.kubernetes.io/component": "scheduler", + "app.kubernetes.io/instance": "acto-test-operator", + "app.kubernetes.io/managed-by": "Helm", + "app.kubernetes.io/name": "tidb-operator", + "helm.sh/chart": "tidb-operator-v1-canary" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:data": { + "f:scheduler-config.yaml": {} + }, + "f:metadata": { + "f:labels": { + "f:app.kubernetes.io/component": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {}, + "f:helm.sh/chart": {} + } + } + }, + "manager": "kubectl", + "operation": "Apply", + "subresource": null, + "time": "2024-02-27T01:19:29+00:00" + } + ], + "name": "tidb-scheduler-config", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "670", + "self_link": null, + "uid": "6638d1a4-a2e6-4b27-9cac-00d69352ad49" + } + } + }, + "service": { + "test-cluster-discovery": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": { + "pingcap.com/last-applied-configuration": "{\"ports\":[{\"name\":\"discovery\",\"protocol\":\"TCP\",\"port\":10261,\"targetPort\":10261},{\"name\":\"proxy\",\"protocol\":\"TCP\",\"port\":10262,\"targetPort\":10262}],\"selector\":{\"app.kubernetes.io/component\":\"discovery\",\"app.kubernetes.io/instance\":\"test-cluster\",\"app.kubernetes.io/managed-by\":\"tidb-operator\",\"app.kubernetes.io/name\":\"tidb-cluster\"},\"type\":\"ClusterIP\"}" + }, + "creation_timestamp": "2024-02-27T01:19:59+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": { + "app.kubernetes.io/component": "discovery", + "app.kubernetes.io/instance": "test-cluster", + "app.kubernetes.io/managed-by": "tidb-operator", + "app.kubernetes.io/name": "tidb-cluster" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + ".": {}, + "f:pingcap.com/last-applied-configuration": {} + }, + "f:labels": { + ".": {}, + "f:app.kubernetes.io/component": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {} + }, + "f:ownerReferences": { + ".": {}, + "k:{\"uid\":\"eff6561e-bf0d-471c-99a1-71f35603bc87\"}": {} + } + }, + "f:spec": { + "f:internalTrafficPolicy": {}, + "f:ports": { + ".": {}, + "k:{\"port\":10261,\"protocol\":\"TCP\"}": { + ".": {}, + "f:name": {}, + "f:port": {}, + "f:protocol": {}, + "f:targetPort": {} + }, + "k:{\"port\":10262,\"protocol\":\"TCP\"}": { + ".": {}, + "f:name": {}, + "f:port": {}, + "f:protocol": {}, + "f:targetPort": {} + } + }, + "f:selector": {}, + "f:sessionAffinity": {}, + "f:type": {} + } + }, + "manager": "tidb-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:00+00:00" + } + ], + "name": "test-cluster-discovery", + "namespace": "acto-namespace", + "owner_references": [ + { + "api_version": "pingcap.com/v1alpha1", + "block_owner_deletion": true, + "controller": true, + "kind": "TidbCluster", + "name": "test-cluster", + "uid": "eff6561e-bf0d-471c-99a1-71f35603bc87" + } + ], + "resource_version": "928", + "self_link": null, + "uid": "dacb197f-8ce0-4941-90a3-0afbc90920be" + }, + "spec": { + "allocate_load_balancer_node_ports": null, + "cluster_ip": "10.96.113.100", + "cluster_i_ps": [ + "10.96.113.100" + ], + "external_i_ps": null, + "external_name": null, + "external_traffic_policy": null, + "health_check_node_port": null, + "internal_traffic_policy": "Cluster", + "ip_families": [ + "IPv4" + ], + "ip_family_policy": "SingleStack", + "load_balancer_class": null, + "load_balancer_ip": null, + "load_balancer_source_ranges": null, + "ports": [ + { + "app_protocol": null, + "name": "discovery", + "node_port": null, + "port": 10261, + "protocol": "TCP", + "target_port": 10261 + }, + { + "app_protocol": null, + "name": "proxy", + "node_port": null, + "port": 10262, + "protocol": "TCP", + "target_port": 10262 + } + ], + "publish_not_ready_addresses": null, + "selector": { + "app.kubernetes.io/component": "discovery", + "app.kubernetes.io/instance": "test-cluster", + "app.kubernetes.io/managed-by": "tidb-operator", + "app.kubernetes.io/name": "tidb-cluster" + }, + "session_affinity": "None", + "session_affinity_config": null, + "type": "ClusterIP" + }, + "status": { + "conditions": null, + "load_balancer": { + "ingress": null + } + } + }, + "test-cluster-pd": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": { + "pingcap.com/last-applied-configuration": "{\"ports\":[{\"name\":\"client\",\"protocol\":\"TCP\",\"port\":2379,\"targetPort\":2379}],\"selector\":{\"app.kubernetes.io/component\":\"pd\",\"app.kubernetes.io/instance\":\"test-cluster\",\"app.kubernetes.io/managed-by\":\"tidb-operator\",\"app.kubernetes.io/name\":\"tidb-cluster\"},\"type\":\"ClusterIP\"}" + }, + "creation_timestamp": "2024-02-27T01:19:59+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": { + "app.kubernetes.io/component": "pd", + "app.kubernetes.io/instance": "test-cluster", + "app.kubernetes.io/managed-by": "tidb-operator", + "app.kubernetes.io/name": "tidb-cluster", + "app.kubernetes.io/used-by": "end-user" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + ".": {}, + "f:pingcap.com/last-applied-configuration": {} + }, + "f:labels": { + ".": {}, + "f:app.kubernetes.io/component": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {}, + "f:app.kubernetes.io/used-by": {} + }, + "f:ownerReferences": { + ".": {}, + "k:{\"uid\":\"eff6561e-bf0d-471c-99a1-71f35603bc87\"}": {} + } + }, + "f:spec": { + "f:internalTrafficPolicy": {}, + "f:ports": { + ".": {}, + "k:{\"port\":2379,\"protocol\":\"TCP\"}": { + ".": {}, + "f:name": {}, + "f:port": {}, + "f:protocol": {}, + "f:targetPort": {} + } + }, + "f:selector": {}, + "f:sessionAffinity": {}, + "f:type": {} + } + }, + "manager": "tidb-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:59+00:00" + } + ], + "name": "test-cluster-pd", + "namespace": "acto-namespace", + "owner_references": [ + { + "api_version": "pingcap.com/v1alpha1", + "block_owner_deletion": true, + "controller": true, + "kind": "TidbCluster", + "name": "test-cluster", + "uid": "eff6561e-bf0d-471c-99a1-71f35603bc87" + } + ], + "resource_version": "866", + "self_link": null, + "uid": "bfca2001-d6f7-43f8-a2a7-49cd50d33a5c" + }, + "spec": { + "allocate_load_balancer_node_ports": null, + "cluster_ip": "10.96.11.162", + "cluster_i_ps": [ + "10.96.11.162" + ], + "external_i_ps": null, + "external_name": null, + "external_traffic_policy": null, + "health_check_node_port": null, + "internal_traffic_policy": "Cluster", + "ip_families": [ + "IPv4" + ], + "ip_family_policy": "SingleStack", + "load_balancer_class": null, + "load_balancer_ip": null, + "load_balancer_source_ranges": null, + "ports": [ + { + "app_protocol": null, + "name": "client", + "node_port": null, + "port": 2379, + "protocol": "TCP", + "target_port": 2379 + } + ], + "publish_not_ready_addresses": null, + "selector": { + "app.kubernetes.io/component": "pd", + "app.kubernetes.io/instance": "test-cluster", + "app.kubernetes.io/managed-by": "tidb-operator", + "app.kubernetes.io/name": "tidb-cluster" + }, + "session_affinity": "None", + "session_affinity_config": null, + "type": "ClusterIP" + }, + "status": { + "conditions": null, + "load_balancer": { + "ingress": null + } + } + }, + "test-cluster-pd-peer": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": { + "pingcap.com/last-applied-configuration": "{\"ports\":[{\"name\":\"tcp-peer-2380\",\"protocol\":\"TCP\",\"port\":2380,\"targetPort\":2380},{\"name\":\"tcp-peer-2379\",\"protocol\":\"TCP\",\"port\":2379,\"targetPort\":2379}],\"selector\":{\"app.kubernetes.io/component\":\"pd\",\"app.kubernetes.io/instance\":\"test-cluster\",\"app.kubernetes.io/managed-by\":\"tidb-operator\",\"app.kubernetes.io/name\":\"tidb-cluster\"},\"clusterIP\":\"None\",\"publishNotReadyAddresses\":true}" + }, + "creation_timestamp": "2024-02-27T01:19:59+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": { + "app.kubernetes.io/component": "pd", + "app.kubernetes.io/instance": "test-cluster", + "app.kubernetes.io/managed-by": "tidb-operator", + "app.kubernetes.io/name": "tidb-cluster", + "app.kubernetes.io/used-by": "peer" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + ".": {}, + "f:pingcap.com/last-applied-configuration": {} + }, + "f:labels": { + ".": {}, + "f:app.kubernetes.io/component": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {}, + "f:app.kubernetes.io/used-by": {} + }, + "f:ownerReferences": { + ".": {}, + "k:{\"uid\":\"eff6561e-bf0d-471c-99a1-71f35603bc87\"}": {} + } + }, + "f:spec": { + "f:clusterIP": {}, + "f:internalTrafficPolicy": {}, + "f:ports": { + ".": {}, + "k:{\"port\":2379,\"protocol\":\"TCP\"}": { + ".": {}, + "f:name": {}, + "f:port": {}, + "f:protocol": {}, + "f:targetPort": {} + }, + "k:{\"port\":2380,\"protocol\":\"TCP\"}": { + ".": {}, + "f:name": {}, + "f:port": {}, + "f:protocol": {}, + "f:targetPort": {} + } + }, + "f:publishNotReadyAddresses": {}, + "f:selector": {}, + "f:sessionAffinity": {}, + "f:type": {} + } + }, + "manager": "tidb-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:59+00:00" + } + ], + "name": "test-cluster-pd-peer", + "namespace": "acto-namespace", + "owner_references": [ + { + "api_version": "pingcap.com/v1alpha1", + "block_owner_deletion": true, + "controller": true, + "kind": "TidbCluster", + "name": "test-cluster", + "uid": "eff6561e-bf0d-471c-99a1-71f35603bc87" + } + ], + "resource_version": "873", + "self_link": null, + "uid": "4be4a2f6-d8ec-4083-8b16-079122485476" + }, + "spec": { + "allocate_load_balancer_node_ports": null, + "cluster_ip": "None", + "cluster_i_ps": [ + "None" + ], + "external_i_ps": null, + "external_name": null, + "external_traffic_policy": null, + "health_check_node_port": null, + "internal_traffic_policy": "Cluster", + "ip_families": [ + "IPv4" + ], + "ip_family_policy": "SingleStack", + "load_balancer_class": null, + "load_balancer_ip": null, + "load_balancer_source_ranges": null, + "ports": [ + { + "app_protocol": null, + "name": "tcp-peer-2380", + "node_port": null, + "port": 2380, + "protocol": "TCP", + "target_port": 2380 + }, + { + "app_protocol": null, + "name": "tcp-peer-2379", + "node_port": null, + "port": 2379, + "protocol": "TCP", + "target_port": 2379 + } + ], + "publish_not_ready_addresses": true, + "selector": { + "app.kubernetes.io/component": "pd", + "app.kubernetes.io/instance": "test-cluster", + "app.kubernetes.io/managed-by": "tidb-operator", + "app.kubernetes.io/name": "tidb-cluster" + }, + "session_affinity": "None", + "session_affinity_config": null, + "type": "ClusterIP" + }, + "status": { + "conditions": null, + "load_balancer": { + "ingress": null + } + } + }, + "test-cluster-tidb": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": { + "pingcap.com/last-applied-configuration": "{\"ports\":[{\"name\":\"mysql-client\",\"protocol\":\"TCP\",\"port\":4000,\"targetPort\":4000,\"nodePort\":31115},{\"name\":\"status\",\"protocol\":\"TCP\",\"port\":10080,\"targetPort\":10080,\"nodePort\":32125}],\"selector\":{\"app.kubernetes.io/component\":\"tidb\",\"app.kubernetes.io/instance\":\"test-cluster\",\"app.kubernetes.io/managed-by\":\"tidb-operator\",\"app.kubernetes.io/name\":\"tidb-cluster\"},\"type\":\"NodePort\",\"externalTrafficPolicy\":\"Local\"}" + }, + "creation_timestamp": "2024-02-27T01:20:52+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": { + "app.kubernetes.io/component": "tidb", + "app.kubernetes.io/instance": "test-cluster", + "app.kubernetes.io/managed-by": "tidb-operator", + "app.kubernetes.io/name": "tidb-cluster", + "app.kubernetes.io/used-by": "end-user" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + ".": {}, + "f:pingcap.com/last-applied-configuration": {} + }, + "f:labels": { + ".": {}, + "f:app.kubernetes.io/component": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {}, + "f:app.kubernetes.io/used-by": {} + }, + "f:ownerReferences": { + ".": {}, + "k:{\"uid\":\"eff6561e-bf0d-471c-99a1-71f35603bc87\"}": {} + } + }, + "f:spec": { + "f:externalTrafficPolicy": {}, + "f:internalTrafficPolicy": {}, + "f:ports": { + ".": {}, + "k:{\"port\":4000,\"protocol\":\"TCP\"}": { + ".": {}, + "f:name": {}, + "f:port": {}, + "f:protocol": {}, + "f:targetPort": {} + }, + "k:{\"port\":10080,\"protocol\":\"TCP\"}": { + ".": {}, + "f:name": {}, + "f:port": {}, + "f:protocol": {}, + "f:targetPort": {} + } + }, + "f:selector": {}, + "f:sessionAffinity": {}, + "f:type": {} + } + }, + "manager": "tidb-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:56+00:00" + } + ], + "name": "test-cluster-tidb", + "namespace": "acto-namespace", + "owner_references": [ + { + "api_version": "pingcap.com/v1alpha1", + "block_owner_deletion": true, + "controller": true, + "kind": "TidbCluster", + "name": "test-cluster", + "uid": "eff6561e-bf0d-471c-99a1-71f35603bc87" + } + ], + "resource_version": "1420", + "self_link": null, + "uid": "cfb9a88d-a203-4da8-9845-679a2d34ddae" + }, + "spec": { + "allocate_load_balancer_node_ports": null, + "cluster_ip": "10.96.9.145", + "cluster_i_ps": [ + "10.96.9.145" + ], + "external_i_ps": null, + "external_name": null, + "external_traffic_policy": "Local", + "health_check_node_port": null, + "internal_traffic_policy": "Cluster", + "ip_families": [ + "IPv4" + ], + "ip_family_policy": "SingleStack", + "load_balancer_class": null, + "load_balancer_ip": null, + "load_balancer_source_ranges": null, + "ports": [ + { + "app_protocol": null, + "name": "mysql-client", + "node_port": 31115, + "port": 4000, + "protocol": "TCP", + "target_port": 4000 + }, + { + "app_protocol": null, + "name": "status", + "node_port": 32125, + "port": 10080, + "protocol": "TCP", + "target_port": 10080 + } + ], + "publish_not_ready_addresses": null, + "selector": { + "app.kubernetes.io/component": "tidb", + "app.kubernetes.io/instance": "test-cluster", + "app.kubernetes.io/managed-by": "tidb-operator", + "app.kubernetes.io/name": "tidb-cluster" + }, + "session_affinity": "None", + "session_affinity_config": null, + "type": "NodePort" + }, + "status": { + "conditions": null, + "load_balancer": { + "ingress": null + } + } + }, + "test-cluster-tidb-peer": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": { + "pingcap.com/last-applied-configuration": "{\"ports\":[{\"name\":\"status\",\"protocol\":\"TCP\",\"port\":10080,\"targetPort\":10080}],\"selector\":{\"app.kubernetes.io/component\":\"tidb\",\"app.kubernetes.io/instance\":\"test-cluster\",\"app.kubernetes.io/managed-by\":\"tidb-operator\",\"app.kubernetes.io/name\":\"tidb-cluster\"},\"clusterIP\":\"None\",\"publishNotReadyAddresses\":true}" + }, + "creation_timestamp": "2024-02-27T01:20:52+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": { + "app.kubernetes.io/component": "tidb", + "app.kubernetes.io/instance": "test-cluster", + "app.kubernetes.io/managed-by": "tidb-operator", + "app.kubernetes.io/name": "tidb-cluster", + "app.kubernetes.io/used-by": "peer" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + ".": {}, + "f:pingcap.com/last-applied-configuration": {} + }, + "f:labels": { + ".": {}, + "f:app.kubernetes.io/component": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {}, + "f:app.kubernetes.io/used-by": {} + }, + "f:ownerReferences": { + ".": {}, + "k:{\"uid\":\"eff6561e-bf0d-471c-99a1-71f35603bc87\"}": {} + } + }, + "f:spec": { + "f:clusterIP": {}, + "f:internalTrafficPolicy": {}, + "f:ports": { + ".": {}, + "k:{\"port\":10080,\"protocol\":\"TCP\"}": { + ".": {}, + "f:name": {}, + "f:port": {}, + "f:protocol": {}, + "f:targetPort": {} + } + }, + "f:publishNotReadyAddresses": {}, + "f:selector": {}, + "f:sessionAffinity": {}, + "f:type": {} + } + }, + "manager": "tidb-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:52+00:00" + } + ], + "name": "test-cluster-tidb-peer", + "namespace": "acto-namespace", + "owner_references": [ + { + "api_version": "pingcap.com/v1alpha1", + "block_owner_deletion": true, + "controller": true, + "kind": "TidbCluster", + "name": "test-cluster", + "uid": "eff6561e-bf0d-471c-99a1-71f35603bc87" + } + ], + "resource_version": "1324", + "self_link": null, + "uid": "abae9ada-e2f2-4dd5-b77d-f56c4bd4422f" + }, + "spec": { + "allocate_load_balancer_node_ports": null, + "cluster_ip": "None", + "cluster_i_ps": [ + "None" + ], + "external_i_ps": null, + "external_name": null, + "external_traffic_policy": null, + "health_check_node_port": null, + "internal_traffic_policy": "Cluster", + "ip_families": [ + "IPv4" + ], + "ip_family_policy": "SingleStack", + "load_balancer_class": null, + "load_balancer_ip": null, + "load_balancer_source_ranges": null, + "ports": [ + { + "app_protocol": null, + "name": "status", + "node_port": null, + "port": 10080, + "protocol": "TCP", + "target_port": 10080 + } + ], + "publish_not_ready_addresses": true, + "selector": { + "app.kubernetes.io/component": "tidb", + "app.kubernetes.io/instance": "test-cluster", + "app.kubernetes.io/managed-by": "tidb-operator", + "app.kubernetes.io/name": "tidb-cluster" + }, + "session_affinity": "None", + "session_affinity_config": null, + "type": "ClusterIP" + }, + "status": { + "conditions": null, + "load_balancer": { + "ingress": null + } + } + }, + "test-cluster-tikv-peer": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": { + "pingcap.com/last-applied-configuration": "{\"ports\":[{\"name\":\"peer\",\"protocol\":\"TCP\",\"port\":20160,\"targetPort\":20160}],\"selector\":{\"app.kubernetes.io/component\":\"tikv\",\"app.kubernetes.io/instance\":\"test-cluster\",\"app.kubernetes.io/managed-by\":\"tidb-operator\",\"app.kubernetes.io/name\":\"tidb-cluster\"},\"clusterIP\":\"None\",\"publishNotReadyAddresses\":true}" + }, + "creation_timestamp": "2024-02-27T01:20:22+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": { + "app.kubernetes.io/component": "tikv", + "app.kubernetes.io/instance": "test-cluster", + "app.kubernetes.io/managed-by": "tidb-operator", + "app.kubernetes.io/name": "tidb-cluster", + "app.kubernetes.io/used-by": "peer" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + ".": {}, + "f:pingcap.com/last-applied-configuration": {} + }, + "f:labels": { + ".": {}, + "f:app.kubernetes.io/component": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {}, + "f:app.kubernetes.io/used-by": {} + }, + "f:ownerReferences": { + ".": {}, + "k:{\"uid\":\"eff6561e-bf0d-471c-99a1-71f35603bc87\"}": {} + } + }, + "f:spec": { + "f:clusterIP": {}, + "f:internalTrafficPolicy": {}, + "f:ports": { + ".": {}, + "k:{\"port\":20160,\"protocol\":\"TCP\"}": { + ".": {}, + "f:name": {}, + "f:port": {}, + "f:protocol": {}, + "f:targetPort": {} + } + }, + "f:publishNotReadyAddresses": {}, + "f:selector": {}, + "f:sessionAffinity": {}, + "f:type": {} + } + }, + "manager": "tidb-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:22+00:00" + } + ], + "name": "test-cluster-tikv-peer", + "namespace": "acto-namespace", + "owner_references": [ + { + "api_version": "pingcap.com/v1alpha1", + "block_owner_deletion": true, + "controller": true, + "kind": "TidbCluster", + "name": "test-cluster", + "uid": "eff6561e-bf0d-471c-99a1-71f35603bc87" + } + ], + "resource_version": "1083", + "self_link": null, + "uid": "c2fcd9d2-d1cf-48b4-9d62-c8c5d2555f3b" + }, + "spec": { + "allocate_load_balancer_node_ports": null, + "cluster_ip": "None", + "cluster_i_ps": [ + "None" + ], + "external_i_ps": null, + "external_name": null, + "external_traffic_policy": null, + "health_check_node_port": null, + "internal_traffic_policy": "Cluster", + "ip_families": [ + "IPv4" + ], + "ip_family_policy": "SingleStack", + "load_balancer_class": null, + "load_balancer_ip": null, + "load_balancer_source_ranges": null, + "ports": [ + { + "app_protocol": null, + "name": "peer", + "node_port": null, + "port": 20160, + "protocol": "TCP", + "target_port": 20160 + } + ], + "publish_not_ready_addresses": true, + "selector": { + "app.kubernetes.io/component": "tikv", + "app.kubernetes.io/instance": "test-cluster", + "app.kubernetes.io/managed-by": "tidb-operator", + "app.kubernetes.io/name": "tidb-cluster" + }, + "session_affinity": "None", + "session_affinity_config": null, + "type": "ClusterIP" + }, + "status": { + "conditions": null, + "load_balancer": { + "ingress": null + } + } + } + }, + "pvc": { + "pd-test-cluster-pd-0": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": { + "pv.kubernetes.io/bind-completed": "yes", + "pv.kubernetes.io/bound-by-controller": "yes", + "tidb.pingcap.com/pod-name": "test-cluster-pd-0", + "volume.beta.kubernetes.io/storage-provisioner": "rancher.io/local-path", + "volume.kubernetes.io/selected-node": "acto-0-cluster-0-worker", + "volume.kubernetes.io/storage-provisioner": "rancher.io/local-path" + }, + "creation_timestamp": "2024-02-27T01:19:59+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": [ + "kubernetes.io/pvc-protection" + ], + "generate_name": null, + "generation": null, + "labels": { + "app.kubernetes.io/component": "pd", + "app.kubernetes.io/instance": "test-cluster", + "app.kubernetes.io/managed-by": "tidb-operator", + "app.kubernetes.io/name": "tidb-cluster", + "tidb.pingcap.com/cluster-id": "7340085439264123903", + "tidb.pingcap.com/member-id": "1141335897322686879", + "tidb.pingcap.com/pod-name": "test-cluster-pd-0" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + ".": {}, + "f:volume.kubernetes.io/selected-node": {} + } + } + }, + "manager": "kube-scheduler", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:59+00:00" + }, + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:status": { + "f:accessModes": {}, + "f:capacity": { + ".": {}, + "f:storage": {} + }, + "f:phase": {} + } + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:02+00:00" + }, + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + "f:tidb.pingcap.com/pod-name": {} + }, + "f:labels": { + "f:tidb.pingcap.com/cluster-id": {}, + "f:tidb.pingcap.com/member-id": {}, + "f:tidb.pingcap.com/pod-name": {} + } + } + }, + "manager": "tidb-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:55+00:00" + } + ], + "name": "pd-test-cluster-pd-0", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1415", + "self_link": null, + "uid": "6e74bcf6-9557-43e9-975d-c258e0774be5" + }, + "spec": { + "access_modes": [ + "ReadWriteOnce" + ], + "data_source": null, + "data_source_ref": null, + "resources": { + "claims": null, + "limits": null, + "requests": { + "storage": "10Gi" + } + }, + "selector": null, + "storage_class_name": "standard", + "volume_mode": "Filesystem", + "volume_name": "pvc-6e74bcf6-9557-43e9-975d-c258e0774be5" + }, + "status": { + "access_modes": [ + "ReadWriteOnce" + ], + "allocated_resources": null, + "capacity": { + "storage": "10Gi" + }, + "conditions": null, + "phase": "Bound", + "resize_status": null + } + }, + "pd-test-cluster-pd-1": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": { + "pv.kubernetes.io/bind-completed": "yes", + "pv.kubernetes.io/bound-by-controller": "yes", + "tidb.pingcap.com/pod-name": "test-cluster-pd-1", + "volume.beta.kubernetes.io/storage-provisioner": "rancher.io/local-path", + "volume.kubernetes.io/selected-node": "acto-0-cluster-0-worker2", + "volume.kubernetes.io/storage-provisioner": "rancher.io/local-path" + }, + "creation_timestamp": "2024-02-27T01:19:59+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": [ + "kubernetes.io/pvc-protection" + ], + "generate_name": null, + "generation": null, + "labels": { + "app.kubernetes.io/component": "pd", + "app.kubernetes.io/instance": "test-cluster", + "app.kubernetes.io/managed-by": "tidb-operator", + "app.kubernetes.io/name": "tidb-cluster", + "tidb.pingcap.com/cluster-id": "7340085439264123903", + "tidb.pingcap.com/member-id": "13142663148032253862", + "tidb.pingcap.com/pod-name": "test-cluster-pd-1" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + ".": {}, + "f:volume.kubernetes.io/selected-node": {} + } + } + }, + "manager": "kube-scheduler", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:59+00:00" + }, + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:status": { + "f:accessModes": {}, + "f:capacity": { + ".": {}, + "f:storage": {} + }, + "f:phase": {} + } + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:03+00:00" + }, + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + "f:tidb.pingcap.com/pod-name": {} + }, + "f:labels": { + "f:tidb.pingcap.com/cluster-id": {}, + "f:tidb.pingcap.com/member-id": {}, + "f:tidb.pingcap.com/pod-name": {} + } + } + }, + "manager": "tidb-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:52+00:00" + } + ], + "name": "pd-test-cluster-pd-1", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1342", + "self_link": null, + "uid": "4347573f-2369-4cd1-aa31-97a0edae4ab5" + }, + "spec": { + "access_modes": [ + "ReadWriteOnce" + ], + "data_source": null, + "data_source_ref": null, + "resources": { + "claims": null, + "limits": null, + "requests": { + "storage": "10Gi" + } + }, + "selector": null, + "storage_class_name": "standard", + "volume_mode": "Filesystem", + "volume_name": "pvc-4347573f-2369-4cd1-aa31-97a0edae4ab5" + }, + "status": { + "access_modes": [ + "ReadWriteOnce" + ], + "allocated_resources": null, + "capacity": { + "storage": "10Gi" + }, + "conditions": null, + "phase": "Bound", + "resize_status": null + } + }, + "pd-test-cluster-pd-2": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": { + "pv.kubernetes.io/bind-completed": "yes", + "pv.kubernetes.io/bound-by-controller": "yes", + "tidb.pingcap.com/pod-name": "test-cluster-pd-2", + "volume.beta.kubernetes.io/storage-provisioner": "rancher.io/local-path", + "volume.kubernetes.io/selected-node": "acto-0-cluster-0-worker3", + "volume.kubernetes.io/storage-provisioner": "rancher.io/local-path" + }, + "creation_timestamp": "2024-02-27T01:19:59+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": [ + "kubernetes.io/pvc-protection" + ], + "generate_name": null, + "generation": null, + "labels": { + "app.kubernetes.io/component": "pd", + "app.kubernetes.io/instance": "test-cluster", + "app.kubernetes.io/managed-by": "tidb-operator", + "app.kubernetes.io/name": "tidb-cluster", + "tidb.pingcap.com/cluster-id": "7340085439264123903", + "tidb.pingcap.com/member-id": "5110389971597451409", + "tidb.pingcap.com/pod-name": "test-cluster-pd-2" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + ".": {}, + "f:volume.kubernetes.io/selected-node": {} + } + } + }, + "manager": "kube-scheduler", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:59+00:00" + }, + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:status": { + "f:accessModes": {}, + "f:capacity": { + ".": {}, + "f:storage": {} + }, + "f:phase": {} + } + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:03+00:00" + }, + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + "f:tidb.pingcap.com/pod-name": {} + }, + "f:labels": { + "f:tidb.pingcap.com/cluster-id": {}, + "f:tidb.pingcap.com/member-id": {}, + "f:tidb.pingcap.com/pod-name": {} + } + } + }, + "manager": "tidb-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:52+00:00" + } + ], + "name": "pd-test-cluster-pd-2", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1361", + "self_link": null, + "uid": "4ca5c277-cce5-49c9-8693-75ec1a7ef074" + }, + "spec": { + "access_modes": [ + "ReadWriteOnce" + ], + "data_source": null, + "data_source_ref": null, + "resources": { + "claims": null, + "limits": null, + "requests": { + "storage": "10Gi" + } + }, + "selector": null, + "storage_class_name": "standard", + "volume_mode": "Filesystem", + "volume_name": "pvc-4ca5c277-cce5-49c9-8693-75ec1a7ef074" + }, + "status": { + "access_modes": [ + "ReadWriteOnce" + ], + "allocated_resources": null, + "capacity": { + "storage": "10Gi" + }, + "conditions": null, + "phase": "Bound", + "resize_status": null + } + }, + "tikv-test-cluster-tikv-0": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": { + "pv.kubernetes.io/bind-completed": "yes", + "pv.kubernetes.io/bound-by-controller": "yes", + "tidb.pingcap.com/pod-name": "test-cluster-tikv-0", + "volume.beta.kubernetes.io/storage-provisioner": "rancher.io/local-path", + "volume.kubernetes.io/selected-node": "acto-0-cluster-0-worker2", + "volume.kubernetes.io/storage-provisioner": "rancher.io/local-path" + }, + "creation_timestamp": "2024-02-27T01:20:22+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": [ + "kubernetes.io/pvc-protection" + ], + "generate_name": null, + "generation": null, + "labels": { + "app.kubernetes.io/component": "tikv", + "app.kubernetes.io/instance": "test-cluster", + "app.kubernetes.io/managed-by": "tidb-operator", + "app.kubernetes.io/name": "tidb-cluster", + "tidb.pingcap.com/cluster-id": "7340085439264123903", + "tidb.pingcap.com/pod-name": "test-cluster-tikv-0", + "tidb.pingcap.com/store-id": "5" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + ".": {}, + "f:volume.kubernetes.io/selected-node": {} + } + } + }, + "manager": "kube-scheduler", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:22+00:00" + }, + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:status": { + "f:accessModes": {}, + "f:capacity": { + ".": {}, + "f:storage": {} + }, + "f:phase": {} + } + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:25+00:00" + }, + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + "f:tidb.pingcap.com/pod-name": {} + }, + "f:labels": { + "f:tidb.pingcap.com/cluster-id": {}, + "f:tidb.pingcap.com/pod-name": {}, + "f:tidb.pingcap.com/store-id": {} + } + } + }, + "manager": "tidb-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:53+00:00" + } + ], + "name": "tikv-test-cluster-tikv-0", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1390", + "self_link": null, + "uid": "c3881bdf-3987-4437-afed-2cce93ffbdf3" + }, + "spec": { + "access_modes": [ + "ReadWriteOnce" + ], + "data_source": null, + "data_source_ref": null, + "resources": { + "claims": null, + "limits": null, + "requests": { + "storage": "100Gi" + } + }, + "selector": null, + "storage_class_name": "standard", + "volume_mode": "Filesystem", + "volume_name": "pvc-c3881bdf-3987-4437-afed-2cce93ffbdf3" + }, + "status": { + "access_modes": [ + "ReadWriteOnce" + ], + "allocated_resources": null, + "capacity": { + "storage": "100Gi" + }, + "conditions": null, + "phase": "Bound", + "resize_status": null + } + }, + "tikv-test-cluster-tikv-1": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": { + "pv.kubernetes.io/bind-completed": "yes", + "pv.kubernetes.io/bound-by-controller": "yes", + "tidb.pingcap.com/pod-name": "test-cluster-tikv-1", + "volume.beta.kubernetes.io/storage-provisioner": "rancher.io/local-path", + "volume.kubernetes.io/selected-node": "acto-0-cluster-0-worker", + "volume.kubernetes.io/storage-provisioner": "rancher.io/local-path" + }, + "creation_timestamp": "2024-02-27T01:20:22+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": [ + "kubernetes.io/pvc-protection" + ], + "generate_name": null, + "generation": null, + "labels": { + "app.kubernetes.io/component": "tikv", + "app.kubernetes.io/instance": "test-cluster", + "app.kubernetes.io/managed-by": "tidb-operator", + "app.kubernetes.io/name": "tidb-cluster", + "tidb.pingcap.com/cluster-id": "7340085439264123903", + "tidb.pingcap.com/pod-name": "test-cluster-tikv-1", + "tidb.pingcap.com/store-id": "1" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + ".": {}, + "f:volume.kubernetes.io/selected-node": {} + } + } + }, + "manager": "kube-scheduler", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:22+00:00" + }, + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:status": { + "f:accessModes": {}, + "f:capacity": { + ".": {}, + "f:storage": {} + }, + "f:phase": {} + } + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:24+00:00" + }, + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + "f:tidb.pingcap.com/pod-name": {} + }, + "f:labels": { + "f:tidb.pingcap.com/cluster-id": {}, + "f:tidb.pingcap.com/pod-name": {}, + "f:tidb.pingcap.com/store-id": {} + } + } + }, + "manager": "tidb-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:54+00:00" + } + ], + "name": "tikv-test-cluster-tikv-1", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1404", + "self_link": null, + "uid": "36ffe414-4968-4c09-977a-799a62b46134" + }, + "spec": { + "access_modes": [ + "ReadWriteOnce" + ], + "data_source": null, + "data_source_ref": null, + "resources": { + "claims": null, + "limits": null, + "requests": { + "storage": "100Gi" + } + }, + "selector": null, + "storage_class_name": "standard", + "volume_mode": "Filesystem", + "volume_name": "pvc-36ffe414-4968-4c09-977a-799a62b46134" + }, + "status": { + "access_modes": [ + "ReadWriteOnce" + ], + "allocated_resources": null, + "capacity": { + "storage": "100Gi" + }, + "conditions": null, + "phase": "Bound", + "resize_status": null + } + }, + "tikv-test-cluster-tikv-2": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": { + "pv.kubernetes.io/bind-completed": "yes", + "pv.kubernetes.io/bound-by-controller": "yes", + "tidb.pingcap.com/pod-name": "test-cluster-tikv-2", + "volume.beta.kubernetes.io/storage-provisioner": "rancher.io/local-path", + "volume.kubernetes.io/selected-node": "acto-0-cluster-0-worker3", + "volume.kubernetes.io/storage-provisioner": "rancher.io/local-path" + }, + "creation_timestamp": "2024-02-27T01:20:22+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": [ + "kubernetes.io/pvc-protection" + ], + "generate_name": null, + "generation": null, + "labels": { + "app.kubernetes.io/component": "tikv", + "app.kubernetes.io/instance": "test-cluster", + "app.kubernetes.io/managed-by": "tidb-operator", + "app.kubernetes.io/name": "tidb-cluster", + "tidb.pingcap.com/cluster-id": "7340085439264123903", + "tidb.pingcap.com/pod-name": "test-cluster-tikv-2", + "tidb.pingcap.com/store-id": "4" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + ".": {}, + "f:volume.kubernetes.io/selected-node": {} + } + } + }, + "manager": "kube-scheduler", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:22+00:00" + }, + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:status": { + "f:accessModes": {}, + "f:capacity": { + ".": {}, + "f:storage": {} + }, + "f:phase": {} + } + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:24+00:00" + }, + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + "f:tidb.pingcap.com/pod-name": {} + }, + "f:labels": { + "f:tidb.pingcap.com/cluster-id": {}, + "f:tidb.pingcap.com/pod-name": {}, + "f:tidb.pingcap.com/store-id": {} + } + } + }, + "manager": "tidb-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:54+00:00" + } + ], + "name": "tikv-test-cluster-tikv-2", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1407", + "self_link": null, + "uid": "4c76d8f3-3a67-412e-875b-dae964805d9f" + }, + "spec": { + "access_modes": [ + "ReadWriteOnce" + ], + "data_source": null, + "data_source_ref": null, + "resources": { + "claims": null, + "limits": null, + "requests": { + "storage": "100Gi" + } + }, + "selector": null, + "storage_class_name": "standard", + "volume_mode": "Filesystem", + "volume_name": "pvc-4c76d8f3-3a67-412e-875b-dae964805d9f" + }, + "status": { + "access_modes": [ + "ReadWriteOnce" + ], + "allocated_resources": null, + "capacity": { + "storage": "100Gi" + }, + "conditions": null, + "phase": "Bound", + "resize_status": null + } + } + }, + "cronjob": {}, + "ingress": {}, + "network_policy": {}, + "pod_disruption_budget": {}, + "secret": {}, + "endpoints": { + "test-cluster-discovery": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": { + "endpoints.kubernetes.io/last-change-trigger-time": "2024-02-27T01:20:01Z" + }, + "creation_timestamp": "2024-02-27T01:19:59+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": { + "app.kubernetes.io/component": "discovery", + "app.kubernetes.io/instance": "test-cluster", + "app.kubernetes.io/managed-by": "tidb-operator", + "app.kubernetes.io/name": "tidb-cluster" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + ".": {}, + "f:endpoints.kubernetes.io/last-change-trigger-time": {} + }, + "f:labels": { + ".": {}, + "f:app.kubernetes.io/component": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {} + } + }, + "f:subsets": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:01+00:00" + } + ], + "name": "test-cluster-discovery", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "956", + "self_link": null, + "uid": "531c0eca-2805-49f4-b843-7390f011d559" + }, + "subsets": [ + { + "addresses": [ + { + "hostname": null, + "ip": "10.244.2.3", + "node_name": "acto-0-cluster-0-worker2", + "target_ref": { + "api_version": null, + "field_path": null, + "kind": "Pod", + "name": "test-cluster-discovery-689d8466cb-rkhsw", + "namespace": "acto-namespace", + "resource_version": null, + "uid": "7d5c38de-d388-4f79-a1eb-dbfcb1333562" + } + } + ], + "not_ready_addresses": null, + "ports": [ + { + "app_protocol": null, + "name": "discovery", + "port": 10261, + "protocol": "TCP" + }, + { + "app_protocol": null, + "name": "proxy", + "port": 10262, + "protocol": "TCP" + } + ] + } + ] + }, + "test-cluster-pd": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": { + "endpoints.kubernetes.io/last-change-trigger-time": "2024-02-27T01:20:26Z" + }, + "creation_timestamp": "2024-02-27T01:19:59+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": { + "app.kubernetes.io/component": "pd", + "app.kubernetes.io/instance": "test-cluster", + "app.kubernetes.io/managed-by": "tidb-operator", + "app.kubernetes.io/name": "tidb-cluster", + "app.kubernetes.io/used-by": "end-user" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + ".": {}, + "f:endpoints.kubernetes.io/last-change-trigger-time": {} + }, + "f:labels": { + ".": {}, + "f:app.kubernetes.io/component": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {}, + "f:app.kubernetes.io/used-by": {} + } + }, + "f:subsets": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:26+00:00" + } + ], + "name": "test-cluster-pd", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1236", + "self_link": null, + "uid": "6458dd97-d77d-44d1-9d13-4e1bff4b941d" + }, + "subsets": [ + { + "addresses": [ + { + "hostname": null, + "ip": "10.244.1.4", + "node_name": "acto-0-cluster-0-worker", + "target_ref": { + "api_version": null, + "field_path": null, + "kind": "Pod", + "name": "test-cluster-pd-0", + "namespace": "acto-namespace", + "resource_version": null, + "uid": "801ba666-3b2f-49bf-aec4-e595107bc95d" + } + }, + { + "hostname": null, + "ip": "10.244.2.5", + "node_name": "acto-0-cluster-0-worker2", + "target_ref": { + "api_version": null, + "field_path": null, + "kind": "Pod", + "name": "test-cluster-pd-1", + "namespace": "acto-namespace", + "resource_version": null, + "uid": "fddcab1c-5c70-49b9-8a97-afe4d7dec60e" + } + }, + { + "hostname": null, + "ip": "10.244.3.5", + "node_name": "acto-0-cluster-0-worker3", + "target_ref": { + "api_version": null, + "field_path": null, + "kind": "Pod", + "name": "test-cluster-pd-2", + "namespace": "acto-namespace", + "resource_version": null, + "uid": "6c47980f-aa16-4023-b5b9-150257844cb0" + } + } + ], + "not_ready_addresses": null, + "ports": [ + { + "app_protocol": null, + "name": "client", + "port": 2379, + "protocol": "TCP" + } + ] + } + ] + }, + "test-cluster-pd-peer": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": { + "endpoints.kubernetes.io/last-change-trigger-time": "2024-02-27T01:20:05Z" + }, + "creation_timestamp": "2024-02-27T01:19:59+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": { + "app.kubernetes.io/component": "pd", + "app.kubernetes.io/instance": "test-cluster", + "app.kubernetes.io/managed-by": "tidb-operator", + "app.kubernetes.io/name": "tidb-cluster", + "app.kubernetes.io/used-by": "peer", + "service.kubernetes.io/headless": "" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + ".": {}, + "f:endpoints.kubernetes.io/last-change-trigger-time": {} + }, + "f:labels": { + ".": {}, + "f:app.kubernetes.io/component": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {}, + "f:app.kubernetes.io/used-by": {}, + "f:service.kubernetes.io/headless": {} + } + }, + "f:subsets": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:05+00:00" + } + ], + "name": "test-cluster-pd-peer", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1034", + "self_link": null, + "uid": "0c1a4e11-f222-4597-8c09-480fa11c8847" + }, + "subsets": [ + { + "addresses": [ + { + "hostname": "test-cluster-pd-0", + "ip": "10.244.1.4", + "node_name": "acto-0-cluster-0-worker", + "target_ref": { + "api_version": null, + "field_path": null, + "kind": "Pod", + "name": "test-cluster-pd-0", + "namespace": "acto-namespace", + "resource_version": null, + "uid": "801ba666-3b2f-49bf-aec4-e595107bc95d" + } + }, + { + "hostname": "test-cluster-pd-1", + "ip": "10.244.2.5", + "node_name": "acto-0-cluster-0-worker2", + "target_ref": { + "api_version": null, + "field_path": null, + "kind": "Pod", + "name": "test-cluster-pd-1", + "namespace": "acto-namespace", + "resource_version": null, + "uid": "fddcab1c-5c70-49b9-8a97-afe4d7dec60e" + } + }, + { + "hostname": "test-cluster-pd-2", + "ip": "10.244.3.5", + "node_name": "acto-0-cluster-0-worker3", + "target_ref": { + "api_version": null, + "field_path": null, + "kind": "Pod", + "name": "test-cluster-pd-2", + "namespace": "acto-namespace", + "resource_version": null, + "uid": "6c47980f-aa16-4023-b5b9-150257844cb0" + } + } + ], + "not_ready_addresses": null, + "ports": [ + { + "app_protocol": null, + "name": "tcp-peer-2379", + "port": 2379, + "protocol": "TCP" + }, + { + "app_protocol": null, + "name": "tcp-peer-2380", + "port": 2380, + "protocol": "TCP" + } + ] + } + ] + }, + "test-cluster-tidb": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": { + "endpoints.kubernetes.io/last-change-trigger-time": "2024-02-27T01:21:12Z" + }, + "creation_timestamp": "2024-02-27T01:20:52+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": { + "app.kubernetes.io/component": "tidb", + "app.kubernetes.io/instance": "test-cluster", + "app.kubernetes.io/managed-by": "tidb-operator", + "app.kubernetes.io/name": "tidb-cluster", + "app.kubernetes.io/used-by": "end-user" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + ".": {}, + "f:endpoints.kubernetes.io/last-change-trigger-time": {} + }, + "f:labels": { + ".": {}, + "f:app.kubernetes.io/component": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {}, + "f:app.kubernetes.io/used-by": {} + } + }, + "f:subsets": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:21:12+00:00" + } + ], + "name": "test-cluster-tidb", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1481", + "self_link": null, + "uid": "92b151e9-478a-40fd-8af2-02348b397057" + }, + "subsets": [ + { + "addresses": [ + { + "hostname": null, + "ip": "10.244.1.7", + "node_name": "acto-0-cluster-0-worker", + "target_ref": { + "api_version": null, + "field_path": null, + "kind": "Pod", + "name": "test-cluster-tidb-0", + "namespace": "acto-namespace", + "resource_version": null, + "uid": "33b4a064-47e7-4ea8-a6eb-4638ba7c5753" + } + }, + { + "hostname": null, + "ip": "10.244.2.8", + "node_name": "acto-0-cluster-0-worker2", + "target_ref": { + "api_version": null, + "field_path": null, + "kind": "Pod", + "name": "test-cluster-tidb-1", + "namespace": "acto-namespace", + "resource_version": null, + "uid": "b39da1e7-81ed-4250-9545-8ebd713753dc" + } + }, + { + "hostname": null, + "ip": "10.244.3.8", + "node_name": "acto-0-cluster-0-worker3", + "target_ref": { + "api_version": null, + "field_path": null, + "kind": "Pod", + "name": "test-cluster-tidb-2", + "namespace": "acto-namespace", + "resource_version": null, + "uid": "77704408-f6a8-425e-a89c-3877fadbf8b6" + } + } + ], + "not_ready_addresses": null, + "ports": [ + { + "app_protocol": null, + "name": "status", + "port": 10080, + "protocol": "TCP" + }, + { + "app_protocol": null, + "name": "mysql-client", + "port": 4000, + "protocol": "TCP" + } + ] + } + ] + }, + "test-cluster-tidb-peer": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:52+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": { + "app.kubernetes.io/component": "tidb", + "app.kubernetes.io/instance": "test-cluster", + "app.kubernetes.io/managed-by": "tidb-operator", + "app.kubernetes.io/name": "tidb-cluster", + "app.kubernetes.io/used-by": "peer", + "service.kubernetes.io/headless": "" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:labels": { + ".": {}, + "f:app.kubernetes.io/component": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {}, + "f:app.kubernetes.io/used-by": {}, + "f:service.kubernetes.io/headless": {} + } + }, + "f:subsets": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:53+00:00" + } + ], + "name": "test-cluster-tidb-peer", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1398", + "self_link": null, + "uid": "709cfbb2-a95b-4f52-8847-e56b0adbf616" + }, + "subsets": [ + { + "addresses": [ + { + "hostname": "test-cluster-tidb-0", + "ip": "10.244.1.7", + "node_name": "acto-0-cluster-0-worker", + "target_ref": { + "api_version": null, + "field_path": null, + "kind": "Pod", + "name": "test-cluster-tidb-0", + "namespace": "acto-namespace", + "resource_version": null, + "uid": "33b4a064-47e7-4ea8-a6eb-4638ba7c5753" + } + }, + { + "hostname": "test-cluster-tidb-1", + "ip": "10.244.2.8", + "node_name": "acto-0-cluster-0-worker2", + "target_ref": { + "api_version": null, + "field_path": null, + "kind": "Pod", + "name": "test-cluster-tidb-1", + "namespace": "acto-namespace", + "resource_version": null, + "uid": "b39da1e7-81ed-4250-9545-8ebd713753dc" + } + }, + { + "hostname": "test-cluster-tidb-2", + "ip": "10.244.3.8", + "node_name": "acto-0-cluster-0-worker3", + "target_ref": { + "api_version": null, + "field_path": null, + "kind": "Pod", + "name": "test-cluster-tidb-2", + "namespace": "acto-namespace", + "resource_version": null, + "uid": "77704408-f6a8-425e-a89c-3877fadbf8b6" + } + } + ], + "not_ready_addresses": null, + "ports": [ + { + "app_protocol": null, + "name": "status", + "port": 10080, + "protocol": "TCP" + } + ] + } + ] + }, + "test-cluster-tikv-peer": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": { + "endpoints.kubernetes.io/last-change-trigger-time": "2024-02-27T01:20:27Z" + }, + "creation_timestamp": "2024-02-27T01:20:22+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": { + "app.kubernetes.io/component": "tikv", + "app.kubernetes.io/instance": "test-cluster", + "app.kubernetes.io/managed-by": "tidb-operator", + "app.kubernetes.io/name": "tidb-cluster", + "app.kubernetes.io/used-by": "peer", + "service.kubernetes.io/headless": "" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + ".": {}, + "f:endpoints.kubernetes.io/last-change-trigger-time": {} + }, + "f:labels": { + ".": {}, + "f:app.kubernetes.io/component": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {}, + "f:app.kubernetes.io/used-by": {}, + "f:service.kubernetes.io/headless": {} + } + }, + "f:subsets": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:27+00:00" + } + ], + "name": "test-cluster-tikv-peer", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1255", + "self_link": null, + "uid": "51825553-b652-45c7-b9ed-a12f85fb7489" + }, + "subsets": [ + { + "addresses": [ + { + "hostname": "test-cluster-tikv-1", + "ip": "10.244.1.6", + "node_name": "acto-0-cluster-0-worker", + "target_ref": { + "api_version": null, + "field_path": null, + "kind": "Pod", + "name": "test-cluster-tikv-1", + "namespace": "acto-namespace", + "resource_version": null, + "uid": "fe7fca3f-2c5a-406e-856b-3b0bec9e4bfc" + } + }, + { + "hostname": "test-cluster-tikv-0", + "ip": "10.244.2.7", + "node_name": "acto-0-cluster-0-worker2", + "target_ref": { + "api_version": null, + "field_path": null, + "kind": "Pod", + "name": "test-cluster-tikv-0", + "namespace": "acto-namespace", + "resource_version": null, + "uid": "ebc480d7-eef9-48ca-8d1f-31c413ae8bab" + } + }, + { + "hostname": "test-cluster-tikv-2", + "ip": "10.244.3.7", + "node_name": "acto-0-cluster-0-worker3", + "target_ref": { + "api_version": null, + "field_path": null, + "kind": "Pod", + "name": "test-cluster-tikv-2", + "namespace": "acto-namespace", + "resource_version": null, + "uid": "15df53c3-220b-48c9-82e6-5bde9ad0ef90" + } + } + ], + "not_ready_addresses": null, + "ports": [ + { + "app_protocol": null, + "name": "peer", + "port": 20160, + "protocol": "TCP" + } + ] + } + ] + }, + "tidb-controller-manager": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": { + "control-plane.alpha.kubernetes.io/leader": "{\"holderIdentity\":\"tidb-controller-manager-7b6bdb846c-75s8q\",\"leaseDurationSeconds\":15,\"acquireTime\":\"2024-02-27T01:19:52Z\",\"renewTime\":\"2024-02-27T01:21:51Z\",\"leaderTransitions\":1}" + }, + "creation_timestamp": "2024-02-27T01:19:30+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + ".": {}, + "f:control-plane.alpha.kubernetes.io/leader": {} + } + } + }, + "manager": "tidb-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:21:51+00:00" + } + ], + "name": "tidb-controller-manager", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1577", + "self_link": null, + "uid": "f34e8ea1-3cf4-4632-8f1c-639acd494b56" + }, + "subsets": null + } + }, + "service_account": { + "default": { + "api_version": null, + "automount_service_account_token": null, + "image_pull_secrets": null, + "kind": null, + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:19:22+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": null, + "name": "default", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "629", + "self_link": null, + "uid": "b35afad6-609f-438c-b513-54693f9f507b" + }, + "secrets": null + }, + "test-cluster-discovery": { + "api_version": null, + "automount_service_account_token": null, + "image_pull_secrets": null, + "kind": null, + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:19:59+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": { + "app.kubernetes.io/component": "discovery", + "app.kubernetes.io/instance": "test-cluster", + "app.kubernetes.io/managed-by": "tidb-operator", + "app.kubernetes.io/name": "tidb-cluster" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:labels": { + ".": {}, + "f:app.kubernetes.io/component": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {} + }, + "f:ownerReferences": { + ".": {}, + "k:{\"uid\":\"eff6561e-bf0d-471c-99a1-71f35603bc87\"}": {} + } + } + }, + "manager": "tidb-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:59+00:00" + } + ], + "name": "test-cluster-discovery", + "namespace": "acto-namespace", + "owner_references": [ + { + "api_version": "pingcap.com/v1alpha1", + "block_owner_deletion": true, + "controller": true, + "kind": "TidbCluster", + "name": "test-cluster", + "uid": "eff6561e-bf0d-471c-99a1-71f35603bc87" + } + ], + "resource_version": "849", + "self_link": null, + "uid": "0fd11616-b3a2-4bd2-adaa-fcfa072bd781" + }, + "secrets": null + }, + "tidb-controller-manager": { + "api_version": null, + "automount_service_account_token": null, + "image_pull_secrets": null, + "kind": null, + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:19:29+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": { + "app.kubernetes.io/component": "controller-manager", + "app.kubernetes.io/instance": "acto-test-operator", + "app.kubernetes.io/managed-by": "Helm", + "app.kubernetes.io/name": "tidb-operator", + "helm.sh/chart": "tidb-operator-v1-canary" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:labels": { + "f:app.kubernetes.io/component": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {}, + "f:helm.sh/chart": {} + } + } + }, + "manager": "kubectl", + "operation": "Apply", + "subresource": null, + "time": "2024-02-27T01:19:29+00:00" + } + ], + "name": "tidb-controller-manager", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "668", + "self_link": null, + "uid": "64ae3b2d-b193-4773-9789-6a843c16a808" + }, + "secrets": null + }, + "tidb-scheduler": { + "api_version": null, + "automount_service_account_token": null, + "image_pull_secrets": null, + "kind": null, + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:19:29+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": { + "app.kubernetes.io/component": "scheduler", + "app.kubernetes.io/instance": "acto-test-operator", + "app.kubernetes.io/managed-by": "Helm", + "app.kubernetes.io/name": "tidb-operator", + "helm.sh/chart": "tidb-operator-v1-canary" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:labels": { + "f:app.kubernetes.io/component": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {}, + "f:helm.sh/chart": {} + } + } + }, + "manager": "kubectl", + "operation": "Apply", + "subresource": null, + "time": "2024-02-27T01:19:29+00:00" + } + ], + "name": "tidb-scheduler", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "669", + "self_link": null, + "uid": "9c95f44c-e826-4847-a2ca-cb7af4ea3f60" + }, + "secrets": null + } + }, + "job": {}, + "role": { + "test-cluster-discovery": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:19:59+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": { + "app.kubernetes.io/component": "discovery", + "app.kubernetes.io/instance": "test-cluster", + "app.kubernetes.io/managed-by": "tidb-operator", + "app.kubernetes.io/name": "tidb-cluster" + }, + "managed_fields": [ + { + "api_version": "rbac.authorization.k8s.io/v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:labels": { + ".": {}, + "f:app.kubernetes.io/component": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {} + }, + "f:ownerReferences": { + ".": {}, + "k:{\"uid\":\"eff6561e-bf0d-471c-99a1-71f35603bc87\"}": {} + } + }, + "f:rules": {} + }, + "manager": "tidb-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:59+00:00" + } + ], + "name": "test-cluster-discovery", + "namespace": "acto-namespace", + "owner_references": [ + { + "api_version": "pingcap.com/v1alpha1", + "block_owner_deletion": true, + "controller": true, + "kind": "TidbCluster", + "name": "test-cluster", + "uid": "eff6561e-bf0d-471c-99a1-71f35603bc87" + } + ], + "resource_version": "848", + "self_link": null, + "uid": "0239b8e9-c3cf-4178-b83b-897dcc08e31e" + }, + "rules": [ + { + "api_groups": [ + "pingcap.com" + ], + "non_resource_ur_ls": null, + "resource_names": [ + "test-cluster" + ], + "resources": [ + "tidbclusters" + ], + "verbs": [ + "get" + ] + }, + { + "api_groups": [ + "" + ], + "non_resource_ur_ls": null, + "resource_names": null, + "resources": [ + "secrets" + ], + "verbs": [ + "get", + "list", + "watch" + ] + } + ] + } + }, + "role_binding": { + "test-cluster-discovery": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:19:59+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": { + "app.kubernetes.io/component": "discovery", + "app.kubernetes.io/instance": "test-cluster", + "app.kubernetes.io/managed-by": "tidb-operator", + "app.kubernetes.io/name": "tidb-cluster" + }, + "managed_fields": [ + { + "api_version": "rbac.authorization.k8s.io/v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:labels": { + ".": {}, + "f:app.kubernetes.io/component": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {} + }, + "f:ownerReferences": { + ".": {}, + "k:{\"uid\":\"eff6561e-bf0d-471c-99a1-71f35603bc87\"}": {} + } + }, + "f:roleRef": {}, + "f:subjects": {} + }, + "manager": "tidb-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:59+00:00" + } + ], + "name": "test-cluster-discovery", + "namespace": "acto-namespace", + "owner_references": [ + { + "api_version": "pingcap.com/v1alpha1", + "block_owner_deletion": true, + "controller": true, + "kind": "TidbCluster", + "name": "test-cluster", + "uid": "eff6561e-bf0d-471c-99a1-71f35603bc87" + } + ], + "resource_version": "852", + "self_link": null, + "uid": "80f61952-9b43-4d3d-8085-809784c1c77f" + }, + "role_ref": { + "api_group": "rbac.authorization.k8s.io", + "kind": "Role", + "name": "test-cluster-discovery" + }, + "subjects": [ + { + "api_group": null, + "kind": "ServiceAccount", + "name": "test-cluster-discovery", + "namespace": null + } + ] + } + }, + "custom_resource_spec": { + "configUpdateStrategy": "RollingUpdate", + "discovery": {}, + "enableDynamicConfiguration": true, + "enablePVReclaim": false, + "helper": { + "image": "busybox:1.34.1" + }, + "imagePullPolicy": "IfNotPresent", + "pd": { + "baseImage": "pingcap/pd", + "config": "[dashboard]\n internal-proxy = true\n", + "maxFailoverCount": 0, + "mountClusterClientSecret": true, + "replicas": 3, + "requests": { + "storage": "10Gi" + } + }, + "pvReclaimPolicy": "Retain", + "tidb": { + "baseImage": "pingcap/tidb", + "config": "[log]\n [log.file]\n max-backups = 3\n\n[performance]\n tcp-keep-alive = true\n", + "maxFailoverCount": 0, + "replicas": 3, + "service": { + "externalTrafficPolicy": "Local", + "type": "NodePort" + } + }, + "tikv": { + "baseImage": "pingcap/tikv", + "config": "log-level = \"info\"\n", + "maxFailoverCount": 0, + "mountClusterClientSecret": true, + "replicas": 3, + "requests": { + "storage": "100Gi" + }, + "separateRaftLog": true + }, + "timezone": "UTC", + "tlsCluster": {}, + "version": "v5.4.0" + }, + "custom_resource_status": { + "clusterID": "7340085439264123903", + "conditions": [ + { + "lastTransitionTime": "2024-02-27T01:20:58Z", + "lastUpdateTime": "2024-02-27T01:20:58Z", + "message": "TiDB cluster is fully up and running", + "reason": "Ready", + "status": "True", + "type": "Ready" + } + ], + "pd": { + "image": "pingcap/pd:v5.4.0", + "leader": { + "clientURL": "http://test-cluster-pd-2.test-cluster-pd-peer.acto-namespace.svc:2379", + "health": true, + "id": "5110389971597451409", + "lastTransitionTime": "2024-02-27T01:20:22Z", + "name": "test-cluster-pd-2" + }, + "members": { + "test-cluster-pd-0": { + "clientURL": "http://test-cluster-pd-0.test-cluster-pd-peer.acto-namespace.svc:2379", + "health": true, + "id": "1141335897322686879", + "lastTransitionTime": "2024-02-27T01:20:52Z", + "name": "test-cluster-pd-0" + }, + "test-cluster-pd-1": { + "clientURL": "http://test-cluster-pd-1.test-cluster-pd-peer.acto-namespace.svc:2379", + "health": true, + "id": "13142663148032253862", + "lastTransitionTime": "2024-02-27T01:20:22Z", + "name": "test-cluster-pd-1" + }, + "test-cluster-pd-2": { + "clientURL": "http://test-cluster-pd-2.test-cluster-pd-peer.acto-namespace.svc:2379", + "health": true, + "id": "5110389971597451409", + "lastTransitionTime": "2024-02-27T01:20:22Z", + "name": "test-cluster-pd-2" + } + }, + "phase": "Normal", + "statefulSet": { + "collisionCount": 0, + "currentReplicas": 3, + "currentRevision": "test-cluster-pd-859db88ddf", + "observedGeneration": 1, + "readyReplicas": 3, + "replicas": 3, + "updateRevision": "test-cluster-pd-859db88ddf", + "updatedReplicas": 3 + }, + "synced": true + }, + "pump": {}, + "ticdc": {}, + "tidb": { + "image": "pingcap/tidb:v5.4.0", + "members": { + "test-cluster-tidb-0": { + "health": true, + "lastTransitionTime": "2024-02-27T01:20:58Z", + "name": "test-cluster-tidb-0", + "node": "acto-0-cluster-0-worker" + }, + "test-cluster-tidb-1": { + "health": true, + "lastTransitionTime": "2024-02-27T01:20:58Z", + "name": "test-cluster-tidb-1", + "node": "acto-0-cluster-0-worker2" + }, + "test-cluster-tidb-2": { + "health": true, + "lastTransitionTime": "2024-02-27T01:20:58Z", + "name": "test-cluster-tidb-2", + "node": "acto-0-cluster-0-worker3" + } + }, + "phase": "Normal", + "statefulSet": { + "collisionCount": 0, + "currentReplicas": 3, + "currentRevision": "test-cluster-tidb-788bdc6cfc", + "observedGeneration": 1, + "readyReplicas": 3, + "replicas": 3, + "updateRevision": "test-cluster-tidb-788bdc6cfc", + "updatedReplicas": 3 + } + }, + "tiflash": {}, + "tikv": { + "bootStrapped": true, + "image": "pingcap/tikv:v5.4.0", + "phase": "Normal", + "statefulSet": { + "collisionCount": 0, + "currentReplicas": 3, + "currentRevision": "test-cluster-tikv-797dfd54bf", + "observedGeneration": 1, + "readyReplicas": 3, + "replicas": 3, + "updateRevision": "test-cluster-tikv-797dfd54bf", + "updatedReplicas": 3 + }, + "stores": { + "1": { + "id": "1", + "ip": "test-cluster-tikv-1.test-cluster-tikv-peer.acto-namespace.svc", + "lastTransitionTime": "2024-02-27T01:20:52Z", + "leaderCount": 16, + "podName": "test-cluster-tikv-1", + "state": "Up" + }, + "4": { + "id": "4", + "ip": "test-cluster-tikv-2.test-cluster-tikv-peer.acto-namespace.svc", + "lastTransitionTime": "2024-02-27T01:20:52Z", + "leaderCount": 7, + "podName": "test-cluster-tikv-2", + "state": "Up" + }, + "5": { + "id": "5", + "ip": "test-cluster-tikv-0.test-cluster-tikv-peer.acto-namespace.svc", + "lastTransitionTime": "2024-02-27T01:20:52Z", + "leaderCount": 6, + "podName": "test-cluster-tikv-0", + "state": "Up" + } + }, + "synced": true + } + } +} diff --git a/docs/alarm_examples/misoperation/system-state-001.json b/docs/alarm_examples/misoperation/system-state-001.json new file mode 100644 index 0000000000..a9def7eea5 --- /dev/null +++ b/docs/alarm_examples/misoperation/system-state-001.json @@ -0,0 +1,15747 @@ +{ + "pod": { + "test-cluster-pd-0": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": { + "prometheus.io/path": "/metrics", + "prometheus.io/port": "2379", + "prometheus.io/scrape": "true" + }, + "creation_timestamp": "2024-02-27T01:19:59+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": "test-cluster-pd-", + "generation": null, + "labels": { + "app.kubernetes.io/component": "pd", + "app.kubernetes.io/instance": "test-cluster", + "app.kubernetes.io/managed-by": "tidb-operator", + "app.kubernetes.io/name": "tidb-cluster", + "apps.kubernetes.io/pod-index": "0", + "controller-revision-hash": "test-cluster-pd-859db88ddf", + "statefulset.kubernetes.io/pod-name": "test-cluster-pd-0", + "tidb.pingcap.com/cluster-id": "7340085439264123903", + "tidb.pingcap.com/member-id": "1141335897322686879" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + ".": {}, + "f:prometheus.io/path": {}, + "f:prometheus.io/port": {}, + "f:prometheus.io/scrape": {} + }, + "f:generateName": {}, + "f:labels": { + ".": {}, + "f:app.kubernetes.io/component": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {}, + "f:apps.kubernetes.io/pod-index": {}, + "f:controller-revision-hash": {}, + "f:statefulset.kubernetes.io/pod-name": {} + }, + "f:ownerReferences": { + ".": {}, + "k:{\"uid\":\"88522170-1faf-4a03-8d4e-f4f6a40c72a7\"}": {} + } + }, + "f:spec": { + "f:containers": { + "k:{\"name\":\"pd\"}": { + ".": {}, + "f:command": {}, + "f:env": { + ".": {}, + "k:{\"name\":\"NAMESPACE\"}": { + ".": {}, + "f:name": {}, + "f:valueFrom": { + ".": {}, + "f:fieldRef": {} + } + }, + "k:{\"name\":\"PEER_SERVICE_NAME\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"SERVICE_NAME\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"SET_NAME\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"TZ\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + } + }, + "f:image": {}, + "f:imagePullPolicy": {}, + "f:name": {}, + "f:ports": { + ".": {}, + "k:{\"containerPort\":2379,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + }, + "k:{\"containerPort\":2380,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + } + }, + "f:resources": {}, + "f:terminationMessagePath": {}, + "f:terminationMessagePolicy": {}, + "f:volumeMounts": { + ".": {}, + "k:{\"mountPath\":\"/etc/pd\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {}, + "f:readOnly": {} + }, + "k:{\"mountPath\":\"/etc/podinfo\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {}, + "f:readOnly": {} + }, + "k:{\"mountPath\":\"/usr/local/bin\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {}, + "f:readOnly": {} + }, + "k:{\"mountPath\":\"/var/lib/pd\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {} + } + } + } + }, + "f:dnsPolicy": {}, + "f:enableServiceLinks": {}, + "f:hostname": {}, + "f:restartPolicy": {}, + "f:schedulerName": {}, + "f:securityContext": {}, + "f:subdomain": {}, + "f:terminationGracePeriodSeconds": {}, + "f:volumes": { + ".": {}, + "k:{\"name\":\"annotations\"}": { + ".": {}, + "f:downwardAPI": { + ".": {}, + "f:defaultMode": {}, + "f:items": {} + }, + "f:name": {} + }, + "k:{\"name\":\"config\"}": { + ".": {}, + "f:configMap": { + ".": {}, + "f:defaultMode": {}, + "f:items": {}, + "f:name": {} + }, + "f:name": {} + }, + "k:{\"name\":\"pd\"}": { + ".": {}, + "f:name": {}, + "f:persistentVolumeClaim": { + ".": {}, + "f:claimName": {} + } + }, + "k:{\"name\":\"startup-script\"}": { + ".": {}, + "f:configMap": { + ".": {}, + "f:defaultMode": {}, + "f:items": {}, + "f:name": {} + }, + "f:name": {} + } + } + } + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:59+00:00" + }, + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:status": { + "f:conditions": { + "k:{\"type\":\"ContainersReady\"}": { + ".": {}, + "f:lastProbeTime": {}, + "f:lastTransitionTime": {}, + "f:status": {}, + "f:type": {} + }, + "k:{\"type\":\"Initialized\"}": { + ".": {}, + "f:lastProbeTime": {}, + "f:lastTransitionTime": {}, + "f:status": {}, + "f:type": {} + }, + "k:{\"type\":\"Ready\"}": { + ".": {}, + "f:lastProbeTime": {}, + "f:lastTransitionTime": {}, + "f:status": {}, + "f:type": {} + } + }, + "f:containerStatuses": {}, + "f:hostIP": {}, + "f:phase": {}, + "f:podIP": {}, + "f:podIPs": { + ".": {}, + "k:{\"ip\":\"10.244.1.4\"}": { + ".": {}, + "f:ip": {} + } + }, + "f:startTime": {} + } + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:26+00:00" + }, + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:labels": { + "f:tidb.pingcap.com/cluster-id": {}, + "f:tidb.pingcap.com/member-id": {} + } + } + }, + "manager": "tidb-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:55+00:00" + } + ], + "name": "test-cluster-pd-0", + "namespace": "acto-namespace", + "owner_references": [ + { + "api_version": "apps/v1", + "block_owner_deletion": true, + "controller": true, + "kind": "StatefulSet", + "name": "test-cluster-pd", + "uid": "88522170-1faf-4a03-8d4e-f4f6a40c72a7" + } + ], + "resource_version": "1412", + "self_link": null, + "uid": "801ba666-3b2f-49bf-aec4-e595107bc95d" + }, + "spec": { + "active_deadline_seconds": null, + "affinity": null, + "automount_service_account_token": null, + "containers": [ + { + "args": null, + "command": [ + "/bin/sh", + "/usr/local/bin/pd_start_script.sh" + ], + "env": [ + { + "name": "NAMESPACE", + "value": null, + "value_from": { + "config_map_key_ref": null, + "field_ref": { + "api_version": "v1", + "field_path": "metadata.namespace" + }, + "resource_field_ref": null, + "secret_key_ref": null + } + }, + { + "name": "PEER_SERVICE_NAME", + "value": "test-cluster-pd-peer", + "value_from": null + }, + { + "name": "SERVICE_NAME", + "value": "test-cluster-pd", + "value_from": null + }, + { + "name": "SET_NAME", + "value": "test-cluster-pd", + "value_from": null + }, + { + "name": "TZ", + "value": "UTC", + "value_from": null + } + ], + "env_from": null, + "image": "pingcap/pd:v5.4.0", + "image_pull_policy": "IfNotPresent", + "lifecycle": null, + "liveness_probe": null, + "name": "pd", + "ports": [ + { + "container_port": 2380, + "host_ip": null, + "host_port": null, + "name": "server", + "protocol": "TCP" + }, + { + "container_port": 2379, + "host_ip": null, + "host_port": null, + "name": "client", + "protocol": "TCP" + } + ], + "readiness_probe": null, + "resources": { + "claims": null, + "limits": null, + "requests": null + }, + "security_context": null, + "startup_probe": null, + "stdin": null, + "stdin_once": null, + "termination_message_path": "/dev/termination-log", + "termination_message_policy": "File", + "tty": null, + "volume_devices": null, + "volume_mounts": [ + { + "mount_path": "/etc/podinfo", + "mount_propagation": null, + "name": "annotations", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/etc/pd", + "mount_propagation": null, + "name": "config", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/usr/local/bin", + "mount_propagation": null, + "name": "startup-script", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/var/lib/pd", + "mount_propagation": null, + "name": "pd", + "read_only": null, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/var/run/secrets/kubernetes.io/serviceaccount", + "mount_propagation": null, + "name": "kube-api-access-jwwwg", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + } + ], + "working_dir": null + } + ], + "dns_config": null, + "dns_policy": "ClusterFirst", + "enable_service_links": true, + "ephemeral_containers": null, + "host_aliases": null, + "host_ipc": null, + "host_network": null, + "host_pid": null, + "host_users": null, + "hostname": "test-cluster-pd-0", + "image_pull_secrets": null, + "init_containers": null, + "node_name": "acto-0-cluster-0-worker", + "node_selector": null, + "os": null, + "overhead": null, + "preemption_policy": "PreemptLowerPriority", + "priority": 0, + "priority_class_name": null, + "readiness_gates": null, + "resource_claims": null, + "restart_policy": "Always", + "runtime_class_name": null, + "scheduler_name": "default-scheduler", + "scheduling_gates": null, + "security_context": { + "fs_group": null, + "fs_group_change_policy": null, + "run_as_group": null, + "run_as_non_root": null, + "run_as_user": null, + "se_linux_options": null, + "seccomp_profile": null, + "supplemental_groups": null, + "sysctls": null, + "windows_options": null + }, + "service_account": "default", + "service_account_name": "default", + "set_hostname_as_fqdn": null, + "share_process_namespace": null, + "subdomain": "test-cluster-pd-peer", + "termination_grace_period_seconds": 30, + "tolerations": [ + { + "effect": "NoExecute", + "key": "node.kubernetes.io/not-ready", + "operator": "Exists", + "toleration_seconds": 300, + "value": null + }, + { + "effect": "NoExecute", + "key": "node.kubernetes.io/unreachable", + "operator": "Exists", + "toleration_seconds": 300, + "value": null + } + ], + "topology_spread_constraints": null, + "volumes": [ + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "pd", + "nfs": null, + "persistent_volume_claim": { + "claim_name": "pd-test-cluster-pd-0", + "read_only": null + }, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": { + "default_mode": 420, + "items": [ + { + "field_ref": { + "api_version": "v1", + "field_path": "metadata.annotations" + }, + "mode": null, + "path": "annotations", + "resource_field_ref": null + } + ] + }, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "annotations", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": { + "default_mode": 420, + "items": [ + { + "key": "config-file", + "mode": null, + "path": "pd.toml" + } + ], + "name": "test-cluster-pd-3731616", + "optional": null + }, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "config", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": { + "default_mode": 420, + "items": [ + { + "key": "startup-script", + "mode": null, + "path": "pd_start_script.sh" + } + ], + "name": "test-cluster-pd-3731616", + "optional": null + }, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "startup-script", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "kube-api-access-jwwwg", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": { + "default_mode": 420, + "sources": [ + { + "config_map": null, + "downward_api": null, + "secret": null, + "service_account_token": { + "audience": null, + "expiration_seconds": 3607, + "path": "token" + } + }, + { + "config_map": { + "items": [ + { + "key": "ca.crt", + "mode": null, + "path": "ca.crt" + } + ], + "name": "kube-root-ca.crt", + "optional": null + }, + "downward_api": null, + "secret": null, + "service_account_token": null + }, + { + "config_map": null, + "downward_api": { + "items": [ + { + "field_ref": { + "api_version": "v1", + "field_path": "metadata.namespace" + }, + "mode": null, + "path": "namespace", + "resource_field_ref": null + } + ] + }, + "secret": null, + "service_account_token": null + } + ] + }, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + } + ] + }, + "status": { + "conditions": [ + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T01:20:03+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "Initialized" + }, + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T01:20:26+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "Ready" + }, + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T01:20:26+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "ContainersReady" + }, + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T01:20:03+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "PodScheduled" + } + ], + "container_statuses": [ + { + "container_id": "containerd://27a3d82f16f69a11bf9dde6813844be50e843e3d53d63a441944e1f441d505f1", + "image": "docker.io/pingcap/pd:v5.4.0", + "image_id": "docker.io/library/import-2024-02-27@sha256:e69d83ac856c43909b810402d2fcbeb543ca3580d5be3ecfc008c3f522d89285", + "last_state": { + "running": null, + "terminated": { + "container_id": "containerd://20f57c8c5b28a8a4e754d8f7119707034f67a46a84eaf63987e9d2de84921b4a", + "exit_code": 1, + "finished_at": "2024-02-27T01:20:24+00:00", + "message": null, + "reason": "Error", + "signal": null, + "started_at": "2024-02-27T01:20:04+00:00" + }, + "waiting": null + }, + "name": "pd", + "ready": true, + "restart_count": 1, + "started": true, + "state": { + "running": { + "started_at": "2024-02-27T01:20:25+00:00" + }, + "terminated": null, + "waiting": null + } + } + ], + "ephemeral_container_statuses": null, + "host_ip": "172.18.0.2", + "init_container_statuses": null, + "message": null, + "nominated_node_name": null, + "phase": "Running", + "pod_ip": "10.244.1.4", + "pod_i_ps": [ + { + "ip": "10.244.1.4" + } + ], + "qos_class": "BestEffort", + "reason": null, + "start_time": "2024-02-27T01:20:03+00:00" + } + }, + "test-cluster-pd-1": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": { + "prometheus.io/path": "/metrics", + "prometheus.io/port": "2379", + "prometheus.io/scrape": "true" + }, + "creation_timestamp": "2024-02-27T01:19:59+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": "test-cluster-pd-", + "generation": null, + "labels": { + "app.kubernetes.io/component": "pd", + "app.kubernetes.io/instance": "test-cluster", + "app.kubernetes.io/managed-by": "tidb-operator", + "app.kubernetes.io/name": "tidb-cluster", + "apps.kubernetes.io/pod-index": "1", + "controller-revision-hash": "test-cluster-pd-859db88ddf", + "statefulset.kubernetes.io/pod-name": "test-cluster-pd-1", + "tidb.pingcap.com/cluster-id": "7340085439264123903", + "tidb.pingcap.com/member-id": "13142663148032253862" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + ".": {}, + "f:prometheus.io/path": {}, + "f:prometheus.io/port": {}, + "f:prometheus.io/scrape": {} + }, + "f:generateName": {}, + "f:labels": { + ".": {}, + "f:app.kubernetes.io/component": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {}, + "f:apps.kubernetes.io/pod-index": {}, + "f:controller-revision-hash": {}, + "f:statefulset.kubernetes.io/pod-name": {} + }, + "f:ownerReferences": { + ".": {}, + "k:{\"uid\":\"88522170-1faf-4a03-8d4e-f4f6a40c72a7\"}": {} + } + }, + "f:spec": { + "f:containers": { + "k:{\"name\":\"pd\"}": { + ".": {}, + "f:command": {}, + "f:env": { + ".": {}, + "k:{\"name\":\"NAMESPACE\"}": { + ".": {}, + "f:name": {}, + "f:valueFrom": { + ".": {}, + "f:fieldRef": {} + } + }, + "k:{\"name\":\"PEER_SERVICE_NAME\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"SERVICE_NAME\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"SET_NAME\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"TZ\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + } + }, + "f:image": {}, + "f:imagePullPolicy": {}, + "f:name": {}, + "f:ports": { + ".": {}, + "k:{\"containerPort\":2379,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + }, + "k:{\"containerPort\":2380,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + } + }, + "f:resources": {}, + "f:terminationMessagePath": {}, + "f:terminationMessagePolicy": {}, + "f:volumeMounts": { + ".": {}, + "k:{\"mountPath\":\"/etc/pd\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {}, + "f:readOnly": {} + }, + "k:{\"mountPath\":\"/etc/podinfo\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {}, + "f:readOnly": {} + }, + "k:{\"mountPath\":\"/usr/local/bin\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {}, + "f:readOnly": {} + }, + "k:{\"mountPath\":\"/var/lib/pd\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {} + } + } + } + }, + "f:dnsPolicy": {}, + "f:enableServiceLinks": {}, + "f:hostname": {}, + "f:restartPolicy": {}, + "f:schedulerName": {}, + "f:securityContext": {}, + "f:subdomain": {}, + "f:terminationGracePeriodSeconds": {}, + "f:volumes": { + ".": {}, + "k:{\"name\":\"annotations\"}": { + ".": {}, + "f:downwardAPI": { + ".": {}, + "f:defaultMode": {}, + "f:items": {} + }, + "f:name": {} + }, + "k:{\"name\":\"config\"}": { + ".": {}, + "f:configMap": { + ".": {}, + "f:defaultMode": {}, + "f:items": {}, + "f:name": {} + }, + "f:name": {} + }, + "k:{\"name\":\"pd\"}": { + ".": {}, + "f:name": {}, + "f:persistentVolumeClaim": { + ".": {}, + "f:claimName": {} + } + }, + "k:{\"name\":\"startup-script\"}": { + ".": {}, + "f:configMap": { + ".": {}, + "f:defaultMode": {}, + "f:items": {}, + "f:name": {} + }, + "f:name": {} + } + } + } + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:59+00:00" + }, + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:status": { + "f:conditions": { + "k:{\"type\":\"ContainersReady\"}": { + ".": {}, + "f:lastProbeTime": {}, + "f:lastTransitionTime": {}, + "f:status": {}, + "f:type": {} + }, + "k:{\"type\":\"Initialized\"}": { + ".": {}, + "f:lastProbeTime": {}, + "f:lastTransitionTime": {}, + "f:status": {}, + "f:type": {} + }, + "k:{\"type\":\"Ready\"}": { + ".": {}, + "f:lastProbeTime": {}, + "f:lastTransitionTime": {}, + "f:status": {}, + "f:type": {} + } + }, + "f:containerStatuses": {}, + "f:hostIP": {}, + "f:phase": {}, + "f:podIP": {}, + "f:podIPs": { + ".": {}, + "k:{\"ip\":\"10.244.2.5\"}": { + ".": {}, + "f:ip": {} + } + }, + "f:startTime": {} + } + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:04+00:00" + }, + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:labels": { + "f:tidb.pingcap.com/cluster-id": {}, + "f:tidb.pingcap.com/member-id": {} + } + } + }, + "manager": "tidb-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:52+00:00" + } + ], + "name": "test-cluster-pd-1", + "namespace": "acto-namespace", + "owner_references": [ + { + "api_version": "apps/v1", + "block_owner_deletion": true, + "controller": true, + "kind": "StatefulSet", + "name": "test-cluster-pd", + "uid": "88522170-1faf-4a03-8d4e-f4f6a40c72a7" + } + ], + "resource_version": "1340", + "self_link": null, + "uid": "fddcab1c-5c70-49b9-8a97-afe4d7dec60e" + }, + "spec": { + "active_deadline_seconds": null, + "affinity": null, + "automount_service_account_token": null, + "containers": [ + { + "args": null, + "command": [ + "/bin/sh", + "/usr/local/bin/pd_start_script.sh" + ], + "env": [ + { + "name": "NAMESPACE", + "value": null, + "value_from": { + "config_map_key_ref": null, + "field_ref": { + "api_version": "v1", + "field_path": "metadata.namespace" + }, + "resource_field_ref": null, + "secret_key_ref": null + } + }, + { + "name": "PEER_SERVICE_NAME", + "value": "test-cluster-pd-peer", + "value_from": null + }, + { + "name": "SERVICE_NAME", + "value": "test-cluster-pd", + "value_from": null + }, + { + "name": "SET_NAME", + "value": "test-cluster-pd", + "value_from": null + }, + { + "name": "TZ", + "value": "UTC", + "value_from": null + } + ], + "env_from": null, + "image": "pingcap/pd:v5.4.0", + "image_pull_policy": "IfNotPresent", + "lifecycle": null, + "liveness_probe": null, + "name": "pd", + "ports": [ + { + "container_port": 2380, + "host_ip": null, + "host_port": null, + "name": "server", + "protocol": "TCP" + }, + { + "container_port": 2379, + "host_ip": null, + "host_port": null, + "name": "client", + "protocol": "TCP" + } + ], + "readiness_probe": null, + "resources": { + "claims": null, + "limits": null, + "requests": null + }, + "security_context": null, + "startup_probe": null, + "stdin": null, + "stdin_once": null, + "termination_message_path": "/dev/termination-log", + "termination_message_policy": "File", + "tty": null, + "volume_devices": null, + "volume_mounts": [ + { + "mount_path": "/etc/podinfo", + "mount_propagation": null, + "name": "annotations", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/etc/pd", + "mount_propagation": null, + "name": "config", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/usr/local/bin", + "mount_propagation": null, + "name": "startup-script", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/var/lib/pd", + "mount_propagation": null, + "name": "pd", + "read_only": null, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/var/run/secrets/kubernetes.io/serviceaccount", + "mount_propagation": null, + "name": "kube-api-access-bclcz", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + } + ], + "working_dir": null + } + ], + "dns_config": null, + "dns_policy": "ClusterFirst", + "enable_service_links": true, + "ephemeral_containers": null, + "host_aliases": null, + "host_ipc": null, + "host_network": null, + "host_pid": null, + "host_users": null, + "hostname": "test-cluster-pd-1", + "image_pull_secrets": null, + "init_containers": null, + "node_name": "acto-0-cluster-0-worker2", + "node_selector": null, + "os": null, + "overhead": null, + "preemption_policy": "PreemptLowerPriority", + "priority": 0, + "priority_class_name": null, + "readiness_gates": null, + "resource_claims": null, + "restart_policy": "Always", + "runtime_class_name": null, + "scheduler_name": "default-scheduler", + "scheduling_gates": null, + "security_context": { + "fs_group": null, + "fs_group_change_policy": null, + "run_as_group": null, + "run_as_non_root": null, + "run_as_user": null, + "se_linux_options": null, + "seccomp_profile": null, + "supplemental_groups": null, + "sysctls": null, + "windows_options": null + }, + "service_account": "default", + "service_account_name": "default", + "set_hostname_as_fqdn": null, + "share_process_namespace": null, + "subdomain": "test-cluster-pd-peer", + "termination_grace_period_seconds": 30, + "tolerations": [ + { + "effect": "NoExecute", + "key": "node.kubernetes.io/not-ready", + "operator": "Exists", + "toleration_seconds": 300, + "value": null + }, + { + "effect": "NoExecute", + "key": "node.kubernetes.io/unreachable", + "operator": "Exists", + "toleration_seconds": 300, + "value": null + } + ], + "topology_spread_constraints": null, + "volumes": [ + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "pd", + "nfs": null, + "persistent_volume_claim": { + "claim_name": "pd-test-cluster-pd-1", + "read_only": null + }, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": { + "default_mode": 420, + "items": [ + { + "field_ref": { + "api_version": "v1", + "field_path": "metadata.annotations" + }, + "mode": null, + "path": "annotations", + "resource_field_ref": null + } + ] + }, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "annotations", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": { + "default_mode": 420, + "items": [ + { + "key": "config-file", + "mode": null, + "path": "pd.toml" + } + ], + "name": "test-cluster-pd-3731616", + "optional": null + }, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "config", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": { + "default_mode": 420, + "items": [ + { + "key": "startup-script", + "mode": null, + "path": "pd_start_script.sh" + } + ], + "name": "test-cluster-pd-3731616", + "optional": null + }, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "startup-script", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "kube-api-access-bclcz", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": { + "default_mode": 420, + "sources": [ + { + "config_map": null, + "downward_api": null, + "secret": null, + "service_account_token": { + "audience": null, + "expiration_seconds": 3607, + "path": "token" + } + }, + { + "config_map": { + "items": [ + { + "key": "ca.crt", + "mode": null, + "path": "ca.crt" + } + ], + "name": "kube-root-ca.crt", + "optional": null + }, + "downward_api": null, + "secret": null, + "service_account_token": null + }, + { + "config_map": null, + "downward_api": { + "items": [ + { + "field_ref": { + "api_version": "v1", + "field_path": "metadata.namespace" + }, + "mode": null, + "path": "namespace", + "resource_field_ref": null + } + ] + }, + "secret": null, + "service_account_token": null + } + ] + }, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + } + ] + }, + "status": { + "conditions": [ + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T01:20:03+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "Initialized" + }, + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T01:20:04+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "Ready" + }, + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T01:20:04+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "ContainersReady" + }, + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T01:20:03+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "PodScheduled" + } + ], + "container_statuses": [ + { + "container_id": "containerd://0a7d143f5be0063988eb0aef7c4aa201ac0ecd29e34a77c5d3e3e0c4d420b13f", + "image": "docker.io/pingcap/pd:v5.4.0", + "image_id": "docker.io/library/import-2024-02-27@sha256:e69d83ac856c43909b810402d2fcbeb543ca3580d5be3ecfc008c3f522d89285", + "last_state": { + "running": null, + "terminated": null, + "waiting": null + }, + "name": "pd", + "ready": true, + "restart_count": 0, + "started": true, + "state": { + "running": { + "started_at": "2024-02-27T01:20:04+00:00" + }, + "terminated": null, + "waiting": null + } + } + ], + "ephemeral_container_statuses": null, + "host_ip": "172.18.0.5", + "init_container_statuses": null, + "message": null, + "nominated_node_name": null, + "phase": "Running", + "pod_ip": "10.244.2.5", + "pod_i_ps": [ + { + "ip": "10.244.2.5" + } + ], + "qos_class": "BestEffort", + "reason": null, + "start_time": "2024-02-27T01:20:03+00:00" + } + }, + "test-cluster-pd-2": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": { + "prometheus.io/path": "/metrics", + "prometheus.io/port": "2379", + "prometheus.io/scrape": "true" + }, + "creation_timestamp": "2024-02-27T01:19:59+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": "test-cluster-pd-", + "generation": null, + "labels": { + "app.kubernetes.io/component": "pd", + "app.kubernetes.io/instance": "test-cluster", + "app.kubernetes.io/managed-by": "tidb-operator", + "app.kubernetes.io/name": "tidb-cluster", + "apps.kubernetes.io/pod-index": "2", + "controller-revision-hash": "test-cluster-pd-859db88ddf", + "statefulset.kubernetes.io/pod-name": "test-cluster-pd-2", + "tidb.pingcap.com/cluster-id": "7340085439264123903", + "tidb.pingcap.com/member-id": "5110389971597451409" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + ".": {}, + "f:prometheus.io/path": {}, + "f:prometheus.io/port": {}, + "f:prometheus.io/scrape": {} + }, + "f:generateName": {}, + "f:labels": { + ".": {}, + "f:app.kubernetes.io/component": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {}, + "f:apps.kubernetes.io/pod-index": {}, + "f:controller-revision-hash": {}, + "f:statefulset.kubernetes.io/pod-name": {} + }, + "f:ownerReferences": { + ".": {}, + "k:{\"uid\":\"88522170-1faf-4a03-8d4e-f4f6a40c72a7\"}": {} + } + }, + "f:spec": { + "f:containers": { + "k:{\"name\":\"pd\"}": { + ".": {}, + "f:command": {}, + "f:env": { + ".": {}, + "k:{\"name\":\"NAMESPACE\"}": { + ".": {}, + "f:name": {}, + "f:valueFrom": { + ".": {}, + "f:fieldRef": {} + } + }, + "k:{\"name\":\"PEER_SERVICE_NAME\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"SERVICE_NAME\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"SET_NAME\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"TZ\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + } + }, + "f:image": {}, + "f:imagePullPolicy": {}, + "f:name": {}, + "f:ports": { + ".": {}, + "k:{\"containerPort\":2379,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + }, + "k:{\"containerPort\":2380,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + } + }, + "f:resources": {}, + "f:terminationMessagePath": {}, + "f:terminationMessagePolicy": {}, + "f:volumeMounts": { + ".": {}, + "k:{\"mountPath\":\"/etc/pd\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {}, + "f:readOnly": {} + }, + "k:{\"mountPath\":\"/etc/podinfo\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {}, + "f:readOnly": {} + }, + "k:{\"mountPath\":\"/usr/local/bin\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {}, + "f:readOnly": {} + }, + "k:{\"mountPath\":\"/var/lib/pd\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {} + } + } + } + }, + "f:dnsPolicy": {}, + "f:enableServiceLinks": {}, + "f:hostname": {}, + "f:restartPolicy": {}, + "f:schedulerName": {}, + "f:securityContext": {}, + "f:subdomain": {}, + "f:terminationGracePeriodSeconds": {}, + "f:volumes": { + ".": {}, + "k:{\"name\":\"annotations\"}": { + ".": {}, + "f:downwardAPI": { + ".": {}, + "f:defaultMode": {}, + "f:items": {} + }, + "f:name": {} + }, + "k:{\"name\":\"config\"}": { + ".": {}, + "f:configMap": { + ".": {}, + "f:defaultMode": {}, + "f:items": {}, + "f:name": {} + }, + "f:name": {} + }, + "k:{\"name\":\"pd\"}": { + ".": {}, + "f:name": {}, + "f:persistentVolumeClaim": { + ".": {}, + "f:claimName": {} + } + }, + "k:{\"name\":\"startup-script\"}": { + ".": {}, + "f:configMap": { + ".": {}, + "f:defaultMode": {}, + "f:items": {}, + "f:name": {} + }, + "f:name": {} + } + } + } + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:59+00:00" + }, + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:status": { + "f:conditions": { + "k:{\"type\":\"ContainersReady\"}": { + ".": {}, + "f:lastProbeTime": {}, + "f:lastTransitionTime": {}, + "f:status": {}, + "f:type": {} + }, + "k:{\"type\":\"Initialized\"}": { + ".": {}, + "f:lastProbeTime": {}, + "f:lastTransitionTime": {}, + "f:status": {}, + "f:type": {} + }, + "k:{\"type\":\"Ready\"}": { + ".": {}, + "f:lastProbeTime": {}, + "f:lastTransitionTime": {}, + "f:status": {}, + "f:type": {} + } + }, + "f:containerStatuses": {}, + "f:hostIP": {}, + "f:phase": {}, + "f:podIP": {}, + "f:podIPs": { + ".": {}, + "k:{\"ip\":\"10.244.3.5\"}": { + ".": {}, + "f:ip": {} + } + }, + "f:startTime": {} + } + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:05+00:00" + }, + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:labels": { + "f:tidb.pingcap.com/cluster-id": {}, + "f:tidb.pingcap.com/member-id": {} + } + } + }, + "manager": "tidb-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:52+00:00" + } + ], + "name": "test-cluster-pd-2", + "namespace": "acto-namespace", + "owner_references": [ + { + "api_version": "apps/v1", + "block_owner_deletion": true, + "controller": true, + "kind": "StatefulSet", + "name": "test-cluster-pd", + "uid": "88522170-1faf-4a03-8d4e-f4f6a40c72a7" + } + ], + "resource_version": "1354", + "self_link": null, + "uid": "6c47980f-aa16-4023-b5b9-150257844cb0" + }, + "spec": { + "active_deadline_seconds": null, + "affinity": null, + "automount_service_account_token": null, + "containers": [ + { + "args": null, + "command": [ + "/bin/sh", + "/usr/local/bin/pd_start_script.sh" + ], + "env": [ + { + "name": "NAMESPACE", + "value": null, + "value_from": { + "config_map_key_ref": null, + "field_ref": { + "api_version": "v1", + "field_path": "metadata.namespace" + }, + "resource_field_ref": null, + "secret_key_ref": null + } + }, + { + "name": "PEER_SERVICE_NAME", + "value": "test-cluster-pd-peer", + "value_from": null + }, + { + "name": "SERVICE_NAME", + "value": "test-cluster-pd", + "value_from": null + }, + { + "name": "SET_NAME", + "value": "test-cluster-pd", + "value_from": null + }, + { + "name": "TZ", + "value": "UTC", + "value_from": null + } + ], + "env_from": null, + "image": "pingcap/pd:v5.4.0", + "image_pull_policy": "IfNotPresent", + "lifecycle": null, + "liveness_probe": null, + "name": "pd", + "ports": [ + { + "container_port": 2380, + "host_ip": null, + "host_port": null, + "name": "server", + "protocol": "TCP" + }, + { + "container_port": 2379, + "host_ip": null, + "host_port": null, + "name": "client", + "protocol": "TCP" + } + ], + "readiness_probe": null, + "resources": { + "claims": null, + "limits": null, + "requests": null + }, + "security_context": null, + "startup_probe": null, + "stdin": null, + "stdin_once": null, + "termination_message_path": "/dev/termination-log", + "termination_message_policy": "File", + "tty": null, + "volume_devices": null, + "volume_mounts": [ + { + "mount_path": "/etc/podinfo", + "mount_propagation": null, + "name": "annotations", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/etc/pd", + "mount_propagation": null, + "name": "config", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/usr/local/bin", + "mount_propagation": null, + "name": "startup-script", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/var/lib/pd", + "mount_propagation": null, + "name": "pd", + "read_only": null, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/var/run/secrets/kubernetes.io/serviceaccount", + "mount_propagation": null, + "name": "kube-api-access-656c8", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + } + ], + "working_dir": null + } + ], + "dns_config": null, + "dns_policy": "ClusterFirst", + "enable_service_links": true, + "ephemeral_containers": null, + "host_aliases": null, + "host_ipc": null, + "host_network": null, + "host_pid": null, + "host_users": null, + "hostname": "test-cluster-pd-2", + "image_pull_secrets": null, + "init_containers": null, + "node_name": "acto-0-cluster-0-worker3", + "node_selector": null, + "os": null, + "overhead": null, + "preemption_policy": "PreemptLowerPriority", + "priority": 0, + "priority_class_name": null, + "readiness_gates": null, + "resource_claims": null, + "restart_policy": "Always", + "runtime_class_name": null, + "scheduler_name": "default-scheduler", + "scheduling_gates": null, + "security_context": { + "fs_group": null, + "fs_group_change_policy": null, + "run_as_group": null, + "run_as_non_root": null, + "run_as_user": null, + "se_linux_options": null, + "seccomp_profile": null, + "supplemental_groups": null, + "sysctls": null, + "windows_options": null + }, + "service_account": "default", + "service_account_name": "default", + "set_hostname_as_fqdn": null, + "share_process_namespace": null, + "subdomain": "test-cluster-pd-peer", + "termination_grace_period_seconds": 30, + "tolerations": [ + { + "effect": "NoExecute", + "key": "node.kubernetes.io/not-ready", + "operator": "Exists", + "toleration_seconds": 300, + "value": null + }, + { + "effect": "NoExecute", + "key": "node.kubernetes.io/unreachable", + "operator": "Exists", + "toleration_seconds": 300, + "value": null + } + ], + "topology_spread_constraints": null, + "volumes": [ + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "pd", + "nfs": null, + "persistent_volume_claim": { + "claim_name": "pd-test-cluster-pd-2", + "read_only": null + }, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": { + "default_mode": 420, + "items": [ + { + "field_ref": { + "api_version": "v1", + "field_path": "metadata.annotations" + }, + "mode": null, + "path": "annotations", + "resource_field_ref": null + } + ] + }, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "annotations", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": { + "default_mode": 420, + "items": [ + { + "key": "config-file", + "mode": null, + "path": "pd.toml" + } + ], + "name": "test-cluster-pd-3731616", + "optional": null + }, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "config", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": { + "default_mode": 420, + "items": [ + { + "key": "startup-script", + "mode": null, + "path": "pd_start_script.sh" + } + ], + "name": "test-cluster-pd-3731616", + "optional": null + }, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "startup-script", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "kube-api-access-656c8", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": { + "default_mode": 420, + "sources": [ + { + "config_map": null, + "downward_api": null, + "secret": null, + "service_account_token": { + "audience": null, + "expiration_seconds": 3607, + "path": "token" + } + }, + { + "config_map": { + "items": [ + { + "key": "ca.crt", + "mode": null, + "path": "ca.crt" + } + ], + "name": "kube-root-ca.crt", + "optional": null + }, + "downward_api": null, + "secret": null, + "service_account_token": null + }, + { + "config_map": null, + "downward_api": { + "items": [ + { + "field_ref": { + "api_version": "v1", + "field_path": "metadata.namespace" + }, + "mode": null, + "path": "namespace", + "resource_field_ref": null + } + ] + }, + "secret": null, + "service_account_token": null + } + ] + }, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + } + ] + }, + "status": { + "conditions": [ + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T01:20:03+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "Initialized" + }, + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T01:20:05+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "Ready" + }, + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T01:20:05+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "ContainersReady" + }, + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T01:20:03+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "PodScheduled" + } + ], + "container_statuses": [ + { + "container_id": "containerd://4cfe567e533bd251147cb392cc365315c020abcd2441c32cdfffc0a08ad62b43", + "image": "docker.io/pingcap/pd:v5.4.0", + "image_id": "docker.io/library/import-2024-02-27@sha256:e69d83ac856c43909b810402d2fcbeb543ca3580d5be3ecfc008c3f522d89285", + "last_state": { + "running": null, + "terminated": null, + "waiting": null + }, + "name": "pd", + "ready": true, + "restart_count": 0, + "started": true, + "state": { + "running": { + "started_at": "2024-02-27T01:20:04+00:00" + }, + "terminated": null, + "waiting": null + } + } + ], + "ephemeral_container_statuses": null, + "host_ip": "172.18.0.3", + "init_container_statuses": null, + "message": null, + "nominated_node_name": null, + "phase": "Running", + "pod_ip": "10.244.3.5", + "pod_i_ps": [ + { + "ip": "10.244.3.5" + } + ], + "qos_class": "BestEffort", + "reason": null, + "start_time": "2024-02-27T01:20:03+00:00" + } + }, + "test-cluster-tidb-0": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": { + "prometheus.io/path": "/metrics", + "prometheus.io/port": "10080", + "prometheus.io/scrape": "true" + }, + "creation_timestamp": "2024-02-27T01:20:52+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": "test-cluster-tidb-", + "generation": null, + "labels": { + "app.kubernetes.io/component": "tidb", + "app.kubernetes.io/instance": "test-cluster", + "app.kubernetes.io/managed-by": "tidb-operator", + "app.kubernetes.io/name": "tidb-cluster", + "apps.kubernetes.io/pod-index": "0", + "controller-revision-hash": "test-cluster-tidb-788bdc6cfc", + "statefulset.kubernetes.io/pod-name": "test-cluster-tidb-0", + "tidb.pingcap.com/cluster-id": "7340085439264123903" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + ".": {}, + "f:prometheus.io/path": {}, + "f:prometheus.io/port": {}, + "f:prometheus.io/scrape": {} + }, + "f:generateName": {}, + "f:labels": { + ".": {}, + "f:app.kubernetes.io/component": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {}, + "f:apps.kubernetes.io/pod-index": {}, + "f:controller-revision-hash": {}, + "f:statefulset.kubernetes.io/pod-name": {} + }, + "f:ownerReferences": { + ".": {}, + "k:{\"uid\":\"275a96f1-4db6-4070-a665-2df5d784b843\"}": {} + } + }, + "f:spec": { + "f:containers": { + "k:{\"name\":\"slowlog\"}": { + ".": {}, + "f:command": {}, + "f:image": {}, + "f:imagePullPolicy": {}, + "f:name": {}, + "f:resources": {}, + "f:terminationMessagePath": {}, + "f:terminationMessagePolicy": {}, + "f:volumeMounts": { + ".": {}, + "k:{\"mountPath\":\"/var/log/tidb\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {} + } + } + }, + "k:{\"name\":\"tidb\"}": { + ".": {}, + "f:command": {}, + "f:env": { + ".": {}, + "k:{\"name\":\"BINLOG_ENABLED\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"CLUSTER_NAME\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"HEADLESS_SERVICE_NAME\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"NAMESPACE\"}": { + ".": {}, + "f:name": {}, + "f:valueFrom": { + ".": {}, + "f:fieldRef": {} + } + }, + "k:{\"name\":\"POD_NAME\"}": { + ".": {}, + "f:name": {}, + "f:valueFrom": { + ".": {}, + "f:fieldRef": {} + } + }, + "k:{\"name\":\"SLOW_LOG_FILE\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"TZ\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + } + }, + "f:image": {}, + "f:imagePullPolicy": {}, + "f:name": {}, + "f:ports": { + ".": {}, + "k:{\"containerPort\":4000,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + }, + "k:{\"containerPort\":10080,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + } + }, + "f:readinessProbe": { + ".": {}, + "f:failureThreshold": {}, + "f:initialDelaySeconds": {}, + "f:periodSeconds": {}, + "f:successThreshold": {}, + "f:tcpSocket": { + ".": {}, + "f:port": {} + }, + "f:timeoutSeconds": {} + }, + "f:resources": {}, + "f:terminationMessagePath": {}, + "f:terminationMessagePolicy": {}, + "f:volumeMounts": { + ".": {}, + "k:{\"mountPath\":\"/etc/podinfo\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {}, + "f:readOnly": {} + }, + "k:{\"mountPath\":\"/etc/tidb\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {}, + "f:readOnly": {} + }, + "k:{\"mountPath\":\"/usr/local/bin\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {}, + "f:readOnly": {} + }, + "k:{\"mountPath\":\"/var/log/tidb\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {} + } + } + } + }, + "f:dnsPolicy": {}, + "f:enableServiceLinks": {}, + "f:hostname": {}, + "f:restartPolicy": {}, + "f:schedulerName": {}, + "f:securityContext": {}, + "f:subdomain": {}, + "f:terminationGracePeriodSeconds": {}, + "f:volumes": { + ".": {}, + "k:{\"name\":\"annotations\"}": { + ".": {}, + "f:downwardAPI": { + ".": {}, + "f:defaultMode": {}, + "f:items": {} + }, + "f:name": {} + }, + "k:{\"name\":\"config\"}": { + ".": {}, + "f:configMap": { + ".": {}, + "f:defaultMode": {}, + "f:items": {}, + "f:name": {} + }, + "f:name": {} + }, + "k:{\"name\":\"slowlog\"}": { + ".": {}, + "f:emptyDir": {}, + "f:name": {} + }, + "k:{\"name\":\"startup-script\"}": { + ".": {}, + "f:configMap": { + ".": {}, + "f:defaultMode": {}, + "f:items": {}, + "f:name": {} + }, + "f:name": {} + } + } + } + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:52+00:00" + }, + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:status": { + "f:conditions": { + "k:{\"type\":\"ContainersReady\"}": { + ".": {}, + "f:lastProbeTime": {}, + "f:type": {} + }, + "k:{\"type\":\"Initialized\"}": { + ".": {}, + "f:lastProbeTime": {}, + "f:lastTransitionTime": {}, + "f:status": {}, + "f:type": {} + }, + "k:{\"type\":\"Ready\"}": { + ".": {}, + "f:lastProbeTime": {}, + "f:type": {} + } + }, + "f:hostIP": {}, + "f:phase": {}, + "f:podIP": {}, + "f:podIPs": { + ".": {}, + "k:{\"ip\":\"10.244.1.7\"}": { + ".": {}, + "f:ip": {} + } + }, + "f:startTime": {} + } + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:53+00:00" + }, + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:labels": { + "f:tidb.pingcap.com/cluster-id": {} + } + } + }, + "manager": "tidb-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:56+00:00" + }, + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:status": { + "f:conditions": { + "k:{\"type\":\"ContainersReady\"}": { + "f:lastTransitionTime": {}, + "f:status": {} + }, + "k:{\"type\":\"Ready\"}": { + "f:lastTransitionTime": {}, + "f:status": {} + } + }, + "f:containerStatuses": {} + } + }, + "manager": "kubelet", + "operation": "Update", + "subresource": "status", + "time": "2024-02-27T01:21:12+00:00" + } + ], + "name": "test-cluster-tidb-0", + "namespace": "acto-namespace", + "owner_references": [ + { + "api_version": "apps/v1", + "block_owner_deletion": true, + "controller": true, + "kind": "StatefulSet", + "name": "test-cluster-tidb", + "uid": "275a96f1-4db6-4070-a665-2df5d784b843" + } + ], + "resource_version": "1476", + "self_link": null, + "uid": "33b4a064-47e7-4ea8-a6eb-4638ba7c5753" + }, + "spec": { + "active_deadline_seconds": null, + "affinity": null, + "automount_service_account_token": null, + "containers": [ + { + "args": null, + "command": [ + "sh", + "-c", + "touch /var/log/tidb/slowlog; tail -n0 -F /var/log/tidb/slowlog;" + ], + "env": null, + "env_from": null, + "image": "busybox:1.34.1", + "image_pull_policy": "IfNotPresent", + "lifecycle": null, + "liveness_probe": null, + "name": "slowlog", + "ports": null, + "readiness_probe": null, + "resources": { + "claims": null, + "limits": null, + "requests": null + }, + "security_context": null, + "startup_probe": null, + "stdin": null, + "stdin_once": null, + "termination_message_path": "/dev/termination-log", + "termination_message_policy": "File", + "tty": null, + "volume_devices": null, + "volume_mounts": [ + { + "mount_path": "/var/log/tidb", + "mount_propagation": null, + "name": "slowlog", + "read_only": null, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/var/run/secrets/kubernetes.io/serviceaccount", + "mount_propagation": null, + "name": "kube-api-access-bn9wq", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + } + ], + "working_dir": null + }, + { + "args": null, + "command": [ + "/bin/sh", + "/usr/local/bin/tidb_start_script.sh" + ], + "env": [ + { + "name": "CLUSTER_NAME", + "value": "test-cluster", + "value_from": null + }, + { + "name": "TZ", + "value": "UTC", + "value_from": null + }, + { + "name": "BINLOG_ENABLED", + "value": "false", + "value_from": null + }, + { + "name": "SLOW_LOG_FILE", + "value": "/var/log/tidb/slowlog", + "value_from": null + }, + { + "name": "POD_NAME", + "value": null, + "value_from": { + "config_map_key_ref": null, + "field_ref": { + "api_version": "v1", + "field_path": "metadata.name" + }, + "resource_field_ref": null, + "secret_key_ref": null + } + }, + { + "name": "NAMESPACE", + "value": null, + "value_from": { + "config_map_key_ref": null, + "field_ref": { + "api_version": "v1", + "field_path": "metadata.namespace" + }, + "resource_field_ref": null, + "secret_key_ref": null + } + }, + { + "name": "HEADLESS_SERVICE_NAME", + "value": "test-cluster-tidb-peer", + "value_from": null + } + ], + "env_from": null, + "image": "pingcap/tidb:v5.4.0", + "image_pull_policy": "IfNotPresent", + "lifecycle": null, + "liveness_probe": null, + "name": "tidb", + "ports": [ + { + "container_port": 4000, + "host_ip": null, + "host_port": null, + "name": "server", + "protocol": "TCP" + }, + { + "container_port": 10080, + "host_ip": null, + "host_port": null, + "name": "status", + "protocol": "TCP" + } + ], + "readiness_probe": { + "_exec": null, + "failure_threshold": 3, + "grpc": null, + "http_get": null, + "initial_delay_seconds": 10, + "period_seconds": 10, + "success_threshold": 1, + "tcp_socket": { + "host": null, + "port": 4000 + }, + "termination_grace_period_seconds": null, + "timeout_seconds": 1 + }, + "resources": { + "claims": null, + "limits": null, + "requests": null + }, + "security_context": null, + "startup_probe": null, + "stdin": null, + "stdin_once": null, + "termination_message_path": "/dev/termination-log", + "termination_message_policy": "File", + "tty": null, + "volume_devices": null, + "volume_mounts": [ + { + "mount_path": "/etc/podinfo", + "mount_propagation": null, + "name": "annotations", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/etc/tidb", + "mount_propagation": null, + "name": "config", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/usr/local/bin", + "mount_propagation": null, + "name": "startup-script", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/var/log/tidb", + "mount_propagation": null, + "name": "slowlog", + "read_only": null, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/var/run/secrets/kubernetes.io/serviceaccount", + "mount_propagation": null, + "name": "kube-api-access-bn9wq", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + } + ], + "working_dir": null + } + ], + "dns_config": null, + "dns_policy": "ClusterFirst", + "enable_service_links": true, + "ephemeral_containers": null, + "host_aliases": null, + "host_ipc": null, + "host_network": null, + "host_pid": null, + "host_users": null, + "hostname": "test-cluster-tidb-0", + "image_pull_secrets": null, + "init_containers": null, + "node_name": "acto-0-cluster-0-worker", + "node_selector": null, + "os": null, + "overhead": null, + "preemption_policy": "PreemptLowerPriority", + "priority": 0, + "priority_class_name": null, + "readiness_gates": null, + "resource_claims": null, + "restart_policy": "Always", + "runtime_class_name": null, + "scheduler_name": "default-scheduler", + "scheduling_gates": null, + "security_context": { + "fs_group": null, + "fs_group_change_policy": null, + "run_as_group": null, + "run_as_non_root": null, + "run_as_user": null, + "se_linux_options": null, + "seccomp_profile": null, + "supplemental_groups": null, + "sysctls": null, + "windows_options": null + }, + "service_account": "default", + "service_account_name": "default", + "set_hostname_as_fqdn": null, + "share_process_namespace": null, + "subdomain": "test-cluster-tidb-peer", + "termination_grace_period_seconds": 30, + "tolerations": [ + { + "effect": "NoExecute", + "key": "node.kubernetes.io/not-ready", + "operator": "Exists", + "toleration_seconds": 300, + "value": null + }, + { + "effect": "NoExecute", + "key": "node.kubernetes.io/unreachable", + "operator": "Exists", + "toleration_seconds": 300, + "value": null + } + ], + "topology_spread_constraints": null, + "volumes": [ + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": { + "default_mode": 420, + "items": [ + { + "field_ref": { + "api_version": "v1", + "field_path": "metadata.annotations" + }, + "mode": null, + "path": "annotations", + "resource_field_ref": null + } + ] + }, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "annotations", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": { + "default_mode": 420, + "items": [ + { + "key": "config-file", + "mode": null, + "path": "tidb.toml" + } + ], + "name": "test-cluster-tidb-6662316", + "optional": null + }, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "config", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": { + "default_mode": 420, + "items": [ + { + "key": "startup-script", + "mode": null, + "path": "tidb_start_script.sh" + } + ], + "name": "test-cluster-tidb-6662316", + "optional": null + }, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "startup-script", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": null, + "empty_dir": { + "medium": null, + "size_limit": null + }, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "slowlog", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "kube-api-access-bn9wq", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": { + "default_mode": 420, + "sources": [ + { + "config_map": null, + "downward_api": null, + "secret": null, + "service_account_token": { + "audience": null, + "expiration_seconds": 3607, + "path": "token" + } + }, + { + "config_map": { + "items": [ + { + "key": "ca.crt", + "mode": null, + "path": "ca.crt" + } + ], + "name": "kube-root-ca.crt", + "optional": null + }, + "downward_api": null, + "secret": null, + "service_account_token": null + }, + { + "config_map": null, + "downward_api": { + "items": [ + { + "field_ref": { + "api_version": "v1", + "field_path": "metadata.namespace" + }, + "mode": null, + "path": "namespace", + "resource_field_ref": null + } + ] + }, + "secret": null, + "service_account_token": null + } + ] + }, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + } + ] + }, + "status": { + "conditions": [ + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T01:20:52+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "Initialized" + }, + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T01:21:12+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "Ready" + }, + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T01:21:12+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "ContainersReady" + }, + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T01:20:52+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "PodScheduled" + } + ], + "container_statuses": [ + { + "container_id": "containerd://2ad24452cf6402683212a2d6d2849bc1145c5e44bddeb8e4baa6302f36f3a8c7", + "image": "docker.io/library/busybox:1.34.1", + "image_id": "docker.io/library/import-2024-02-27@sha256:c4d04d75f4fed737c946055f12e8eae66b6272e59afc5c9ed865428d7c215dad", + "last_state": { + "running": null, + "terminated": null, + "waiting": null + }, + "name": "slowlog", + "ready": true, + "restart_count": 0, + "started": true, + "state": { + "running": { + "started_at": "2024-02-27T01:20:52+00:00" + }, + "terminated": null, + "waiting": null + } + }, + { + "container_id": "containerd://f444e63c46317f049b2930f01b3386f18d2cbd204fef61c0c0959c564a310e03", + "image": "docker.io/pingcap/tidb:v5.4.0", + "image_id": "docker.io/library/import-2024-02-27@sha256:a79108254173688e4d6f8502e165ed9ef323e4af82c390a2afa40c6dfa4aa712", + "last_state": { + "running": null, + "terminated": null, + "waiting": null + }, + "name": "tidb", + "ready": true, + "restart_count": 0, + "started": true, + "state": { + "running": { + "started_at": "2024-02-27T01:20:53+00:00" + }, + "terminated": null, + "waiting": null + } + } + ], + "ephemeral_container_statuses": null, + "host_ip": "172.18.0.2", + "init_container_statuses": null, + "message": null, + "nominated_node_name": null, + "phase": "Running", + "pod_ip": "10.244.1.7", + "pod_i_ps": [ + { + "ip": "10.244.1.7" + } + ], + "qos_class": "BestEffort", + "reason": null, + "start_time": "2024-02-27T01:20:52+00:00" + } + }, + "test-cluster-tidb-1": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": { + "prometheus.io/path": "/metrics", + "prometheus.io/port": "10080", + "prometheus.io/scrape": "true" + }, + "creation_timestamp": "2024-02-27T01:20:52+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": "test-cluster-tidb-", + "generation": null, + "labels": { + "app.kubernetes.io/component": "tidb", + "app.kubernetes.io/instance": "test-cluster", + "app.kubernetes.io/managed-by": "tidb-operator", + "app.kubernetes.io/name": "tidb-cluster", + "apps.kubernetes.io/pod-index": "1", + "controller-revision-hash": "test-cluster-tidb-788bdc6cfc", + "statefulset.kubernetes.io/pod-name": "test-cluster-tidb-1", + "tidb.pingcap.com/cluster-id": "7340085439264123903" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + ".": {}, + "f:prometheus.io/path": {}, + "f:prometheus.io/port": {}, + "f:prometheus.io/scrape": {} + }, + "f:generateName": {}, + "f:labels": { + ".": {}, + "f:app.kubernetes.io/component": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {}, + "f:apps.kubernetes.io/pod-index": {}, + "f:controller-revision-hash": {}, + "f:statefulset.kubernetes.io/pod-name": {} + }, + "f:ownerReferences": { + ".": {}, + "k:{\"uid\":\"275a96f1-4db6-4070-a665-2df5d784b843\"}": {} + } + }, + "f:spec": { + "f:containers": { + "k:{\"name\":\"slowlog\"}": { + ".": {}, + "f:command": {}, + "f:image": {}, + "f:imagePullPolicy": {}, + "f:name": {}, + "f:resources": {}, + "f:terminationMessagePath": {}, + "f:terminationMessagePolicy": {}, + "f:volumeMounts": { + ".": {}, + "k:{\"mountPath\":\"/var/log/tidb\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {} + } + } + }, + "k:{\"name\":\"tidb\"}": { + ".": {}, + "f:command": {}, + "f:env": { + ".": {}, + "k:{\"name\":\"BINLOG_ENABLED\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"CLUSTER_NAME\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"HEADLESS_SERVICE_NAME\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"NAMESPACE\"}": { + ".": {}, + "f:name": {}, + "f:valueFrom": { + ".": {}, + "f:fieldRef": {} + } + }, + "k:{\"name\":\"POD_NAME\"}": { + ".": {}, + "f:name": {}, + "f:valueFrom": { + ".": {}, + "f:fieldRef": {} + } + }, + "k:{\"name\":\"SLOW_LOG_FILE\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"TZ\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + } + }, + "f:image": {}, + "f:imagePullPolicy": {}, + "f:name": {}, + "f:ports": { + ".": {}, + "k:{\"containerPort\":4000,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + }, + "k:{\"containerPort\":10080,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + } + }, + "f:readinessProbe": { + ".": {}, + "f:failureThreshold": {}, + "f:initialDelaySeconds": {}, + "f:periodSeconds": {}, + "f:successThreshold": {}, + "f:tcpSocket": { + ".": {}, + "f:port": {} + }, + "f:timeoutSeconds": {} + }, + "f:resources": {}, + "f:terminationMessagePath": {}, + "f:terminationMessagePolicy": {}, + "f:volumeMounts": { + ".": {}, + "k:{\"mountPath\":\"/etc/podinfo\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {}, + "f:readOnly": {} + }, + "k:{\"mountPath\":\"/etc/tidb\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {}, + "f:readOnly": {} + }, + "k:{\"mountPath\":\"/usr/local/bin\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {}, + "f:readOnly": {} + }, + "k:{\"mountPath\":\"/var/log/tidb\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {} + } + } + } + }, + "f:dnsPolicy": {}, + "f:enableServiceLinks": {}, + "f:hostname": {}, + "f:restartPolicy": {}, + "f:schedulerName": {}, + "f:securityContext": {}, + "f:subdomain": {}, + "f:terminationGracePeriodSeconds": {}, + "f:volumes": { + ".": {}, + "k:{\"name\":\"annotations\"}": { + ".": {}, + "f:downwardAPI": { + ".": {}, + "f:defaultMode": {}, + "f:items": {} + }, + "f:name": {} + }, + "k:{\"name\":\"config\"}": { + ".": {}, + "f:configMap": { + ".": {}, + "f:defaultMode": {}, + "f:items": {}, + "f:name": {} + }, + "f:name": {} + }, + "k:{\"name\":\"slowlog\"}": { + ".": {}, + "f:emptyDir": {}, + "f:name": {} + }, + "k:{\"name\":\"startup-script\"}": { + ".": {}, + "f:configMap": { + ".": {}, + "f:defaultMode": {}, + "f:items": {}, + "f:name": {} + }, + "f:name": {} + } + } + } + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:52+00:00" + }, + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:status": { + "f:conditions": { + "k:{\"type\":\"ContainersReady\"}": { + ".": {}, + "f:lastProbeTime": {}, + "f:type": {} + }, + "k:{\"type\":\"Initialized\"}": { + ".": {}, + "f:lastProbeTime": {}, + "f:lastTransitionTime": {}, + "f:status": {}, + "f:type": {} + }, + "k:{\"type\":\"Ready\"}": { + ".": {}, + "f:lastProbeTime": {}, + "f:type": {} + } + }, + "f:hostIP": {}, + "f:phase": {}, + "f:podIP": {}, + "f:podIPs": { + ".": {}, + "k:{\"ip\":\"10.244.2.8\"}": { + ".": {}, + "f:ip": {} + } + }, + "f:startTime": {} + } + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:53+00:00" + }, + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:labels": { + "f:tidb.pingcap.com/cluster-id": {} + } + } + }, + "manager": "tidb-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:56+00:00" + }, + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:status": { + "f:conditions": { + "k:{\"type\":\"ContainersReady\"}": { + "f:lastTransitionTime": {}, + "f:status": {} + }, + "k:{\"type\":\"Ready\"}": { + "f:lastTransitionTime": {}, + "f:status": {} + } + }, + "f:containerStatuses": {} + } + }, + "manager": "kubelet", + "operation": "Update", + "subresource": "status", + "time": "2024-02-27T01:21:12+00:00" + } + ], + "name": "test-cluster-tidb-1", + "namespace": "acto-namespace", + "owner_references": [ + { + "api_version": "apps/v1", + "block_owner_deletion": true, + "controller": true, + "kind": "StatefulSet", + "name": "test-cluster-tidb", + "uid": "275a96f1-4db6-4070-a665-2df5d784b843" + } + ], + "resource_version": "1471", + "self_link": null, + "uid": "b39da1e7-81ed-4250-9545-8ebd713753dc" + }, + "spec": { + "active_deadline_seconds": null, + "affinity": null, + "automount_service_account_token": null, + "containers": [ + { + "args": null, + "command": [ + "sh", + "-c", + "touch /var/log/tidb/slowlog; tail -n0 -F /var/log/tidb/slowlog;" + ], + "env": null, + "env_from": null, + "image": "busybox:1.34.1", + "image_pull_policy": "IfNotPresent", + "lifecycle": null, + "liveness_probe": null, + "name": "slowlog", + "ports": null, + "readiness_probe": null, + "resources": { + "claims": null, + "limits": null, + "requests": null + }, + "security_context": null, + "startup_probe": null, + "stdin": null, + "stdin_once": null, + "termination_message_path": "/dev/termination-log", + "termination_message_policy": "File", + "tty": null, + "volume_devices": null, + "volume_mounts": [ + { + "mount_path": "/var/log/tidb", + "mount_propagation": null, + "name": "slowlog", + "read_only": null, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/var/run/secrets/kubernetes.io/serviceaccount", + "mount_propagation": null, + "name": "kube-api-access-rw5pc", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + } + ], + "working_dir": null + }, + { + "args": null, + "command": [ + "/bin/sh", + "/usr/local/bin/tidb_start_script.sh" + ], + "env": [ + { + "name": "CLUSTER_NAME", + "value": "test-cluster", + "value_from": null + }, + { + "name": "TZ", + "value": "UTC", + "value_from": null + }, + { + "name": "BINLOG_ENABLED", + "value": "false", + "value_from": null + }, + { + "name": "SLOW_LOG_FILE", + "value": "/var/log/tidb/slowlog", + "value_from": null + }, + { + "name": "POD_NAME", + "value": null, + "value_from": { + "config_map_key_ref": null, + "field_ref": { + "api_version": "v1", + "field_path": "metadata.name" + }, + "resource_field_ref": null, + "secret_key_ref": null + } + }, + { + "name": "NAMESPACE", + "value": null, + "value_from": { + "config_map_key_ref": null, + "field_ref": { + "api_version": "v1", + "field_path": "metadata.namespace" + }, + "resource_field_ref": null, + "secret_key_ref": null + } + }, + { + "name": "HEADLESS_SERVICE_NAME", + "value": "test-cluster-tidb-peer", + "value_from": null + } + ], + "env_from": null, + "image": "pingcap/tidb:v5.4.0", + "image_pull_policy": "IfNotPresent", + "lifecycle": null, + "liveness_probe": null, + "name": "tidb", + "ports": [ + { + "container_port": 4000, + "host_ip": null, + "host_port": null, + "name": "server", + "protocol": "TCP" + }, + { + "container_port": 10080, + "host_ip": null, + "host_port": null, + "name": "status", + "protocol": "TCP" + } + ], + "readiness_probe": { + "_exec": null, + "failure_threshold": 3, + "grpc": null, + "http_get": null, + "initial_delay_seconds": 10, + "period_seconds": 10, + "success_threshold": 1, + "tcp_socket": { + "host": null, + "port": 4000 + }, + "termination_grace_period_seconds": null, + "timeout_seconds": 1 + }, + "resources": { + "claims": null, + "limits": null, + "requests": null + }, + "security_context": null, + "startup_probe": null, + "stdin": null, + "stdin_once": null, + "termination_message_path": "/dev/termination-log", + "termination_message_policy": "File", + "tty": null, + "volume_devices": null, + "volume_mounts": [ + { + "mount_path": "/etc/podinfo", + "mount_propagation": null, + "name": "annotations", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/etc/tidb", + "mount_propagation": null, + "name": "config", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/usr/local/bin", + "mount_propagation": null, + "name": "startup-script", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/var/log/tidb", + "mount_propagation": null, + "name": "slowlog", + "read_only": null, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/var/run/secrets/kubernetes.io/serviceaccount", + "mount_propagation": null, + "name": "kube-api-access-rw5pc", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + } + ], + "working_dir": null + } + ], + "dns_config": null, + "dns_policy": "ClusterFirst", + "enable_service_links": true, + "ephemeral_containers": null, + "host_aliases": null, + "host_ipc": null, + "host_network": null, + "host_pid": null, + "host_users": null, + "hostname": "test-cluster-tidb-1", + "image_pull_secrets": null, + "init_containers": null, + "node_name": "acto-0-cluster-0-worker2", + "node_selector": null, + "os": null, + "overhead": null, + "preemption_policy": "PreemptLowerPriority", + "priority": 0, + "priority_class_name": null, + "readiness_gates": null, + "resource_claims": null, + "restart_policy": "Always", + "runtime_class_name": null, + "scheduler_name": "default-scheduler", + "scheduling_gates": null, + "security_context": { + "fs_group": null, + "fs_group_change_policy": null, + "run_as_group": null, + "run_as_non_root": null, + "run_as_user": null, + "se_linux_options": null, + "seccomp_profile": null, + "supplemental_groups": null, + "sysctls": null, + "windows_options": null + }, + "service_account": "default", + "service_account_name": "default", + "set_hostname_as_fqdn": null, + "share_process_namespace": null, + "subdomain": "test-cluster-tidb-peer", + "termination_grace_period_seconds": 30, + "tolerations": [ + { + "effect": "NoExecute", + "key": "node.kubernetes.io/not-ready", + "operator": "Exists", + "toleration_seconds": 300, + "value": null + }, + { + "effect": "NoExecute", + "key": "node.kubernetes.io/unreachable", + "operator": "Exists", + "toleration_seconds": 300, + "value": null + } + ], + "topology_spread_constraints": null, + "volumes": [ + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": { + "default_mode": 420, + "items": [ + { + "field_ref": { + "api_version": "v1", + "field_path": "metadata.annotations" + }, + "mode": null, + "path": "annotations", + "resource_field_ref": null + } + ] + }, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "annotations", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": { + "default_mode": 420, + "items": [ + { + "key": "config-file", + "mode": null, + "path": "tidb.toml" + } + ], + "name": "test-cluster-tidb-6662316", + "optional": null + }, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "config", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": { + "default_mode": 420, + "items": [ + { + "key": "startup-script", + "mode": null, + "path": "tidb_start_script.sh" + } + ], + "name": "test-cluster-tidb-6662316", + "optional": null + }, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "startup-script", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": null, + "empty_dir": { + "medium": null, + "size_limit": null + }, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "slowlog", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "kube-api-access-rw5pc", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": { + "default_mode": 420, + "sources": [ + { + "config_map": null, + "downward_api": null, + "secret": null, + "service_account_token": { + "audience": null, + "expiration_seconds": 3607, + "path": "token" + } + }, + { + "config_map": { + "items": [ + { + "key": "ca.crt", + "mode": null, + "path": "ca.crt" + } + ], + "name": "kube-root-ca.crt", + "optional": null + }, + "downward_api": null, + "secret": null, + "service_account_token": null + }, + { + "config_map": null, + "downward_api": { + "items": [ + { + "field_ref": { + "api_version": "v1", + "field_path": "metadata.namespace" + }, + "mode": null, + "path": "namespace", + "resource_field_ref": null + } + ] + }, + "secret": null, + "service_account_token": null + } + ] + }, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + } + ] + }, + "status": { + "conditions": [ + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T01:20:52+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "Initialized" + }, + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T01:21:12+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "Ready" + }, + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T01:21:12+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "ContainersReady" + }, + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T01:20:52+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "PodScheduled" + } + ], + "container_statuses": [ + { + "container_id": "containerd://6fc7c7c9dcb235ad59187d63b85140c79966544c06ac3cb4aad3ed5bf5a5df6b", + "image": "docker.io/library/busybox:1.34.1", + "image_id": "docker.io/library/import-2024-02-27@sha256:c4d04d75f4fed737c946055f12e8eae66b6272e59afc5c9ed865428d7c215dad", + "last_state": { + "running": null, + "terminated": null, + "waiting": null + }, + "name": "slowlog", + "ready": true, + "restart_count": 0, + "started": true, + "state": { + "running": { + "started_at": "2024-02-27T01:20:53+00:00" + }, + "terminated": null, + "waiting": null + } + }, + { + "container_id": "containerd://f092dd22c8f76105fb6b06a6ecd05efa4e205b3362e4e6c8d9723658411a9931", + "image": "docker.io/pingcap/tidb:v5.4.0", + "image_id": "docker.io/library/import-2024-02-27@sha256:a79108254173688e4d6f8502e165ed9ef323e4af82c390a2afa40c6dfa4aa712", + "last_state": { + "running": null, + "terminated": null, + "waiting": null + }, + "name": "tidb", + "ready": true, + "restart_count": 0, + "started": true, + "state": { + "running": { + "started_at": "2024-02-27T01:20:53+00:00" + }, + "terminated": null, + "waiting": null + } + } + ], + "ephemeral_container_statuses": null, + "host_ip": "172.18.0.5", + "init_container_statuses": null, + "message": null, + "nominated_node_name": null, + "phase": "Running", + "pod_ip": "10.244.2.8", + "pod_i_ps": [ + { + "ip": "10.244.2.8" + } + ], + "qos_class": "BestEffort", + "reason": null, + "start_time": "2024-02-27T01:20:52+00:00" + } + }, + "test-cluster-tidb-2": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": { + "prometheus.io/path": "/metrics", + "prometheus.io/port": "10080", + "prometheus.io/scrape": "true" + }, + "creation_timestamp": "2024-02-27T01:22:26+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": "test-cluster-tidb-", + "generation": null, + "labels": { + "app.kubernetes.io/component": "tidb", + "app.kubernetes.io/instance": "test-cluster", + "app.kubernetes.io/managed-by": "tidb-operator", + "app.kubernetes.io/name": "tidb-cluster", + "apps.kubernetes.io/pod-index": "2", + "controller-revision-hash": "test-cluster-tidb-64f7fcc656", + "statefulset.kubernetes.io/pod-name": "test-cluster-tidb-2" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + ".": {}, + "f:prometheus.io/path": {}, + "f:prometheus.io/port": {}, + "f:prometheus.io/scrape": {} + }, + "f:generateName": {}, + "f:labels": { + ".": {}, + "f:app.kubernetes.io/component": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {}, + "f:apps.kubernetes.io/pod-index": {}, + "f:controller-revision-hash": {}, + "f:statefulset.kubernetes.io/pod-name": {} + }, + "f:ownerReferences": { + ".": {}, + "k:{\"uid\":\"275a96f1-4db6-4070-a665-2df5d784b843\"}": {} + } + }, + "f:spec": { + "f:affinity": { + ".": {}, + "f:nodeAffinity": { + ".": {}, + "f:requiredDuringSchedulingIgnoredDuringExecution": {} + } + }, + "f:containers": { + "k:{\"name\":\"slowlog\"}": { + ".": {}, + "f:command": {}, + "f:image": {}, + "f:imagePullPolicy": {}, + "f:name": {}, + "f:resources": {}, + "f:terminationMessagePath": {}, + "f:terminationMessagePolicy": {}, + "f:volumeMounts": { + ".": {}, + "k:{\"mountPath\":\"/var/log/tidb\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {} + } + } + }, + "k:{\"name\":\"tidb\"}": { + ".": {}, + "f:command": {}, + "f:env": { + ".": {}, + "k:{\"name\":\"BINLOG_ENABLED\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"CLUSTER_NAME\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"HEADLESS_SERVICE_NAME\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"NAMESPACE\"}": { + ".": {}, + "f:name": {}, + "f:valueFrom": { + ".": {}, + "f:fieldRef": {} + } + }, + "k:{\"name\":\"POD_NAME\"}": { + ".": {}, + "f:name": {}, + "f:valueFrom": { + ".": {}, + "f:fieldRef": {} + } + }, + "k:{\"name\":\"SLOW_LOG_FILE\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"TZ\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + } + }, + "f:image": {}, + "f:imagePullPolicy": {}, + "f:name": {}, + "f:ports": { + ".": {}, + "k:{\"containerPort\":4000,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + }, + "k:{\"containerPort\":10080,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + } + }, + "f:readinessProbe": { + ".": {}, + "f:failureThreshold": {}, + "f:initialDelaySeconds": {}, + "f:periodSeconds": {}, + "f:successThreshold": {}, + "f:tcpSocket": { + ".": {}, + "f:port": {} + }, + "f:timeoutSeconds": {} + }, + "f:resources": {}, + "f:terminationMessagePath": {}, + "f:terminationMessagePolicy": {}, + "f:volumeMounts": { + ".": {}, + "k:{\"mountPath\":\"/etc/podinfo\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {}, + "f:readOnly": {} + }, + "k:{\"mountPath\":\"/etc/tidb\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {}, + "f:readOnly": {} + }, + "k:{\"mountPath\":\"/usr/local/bin\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {}, + "f:readOnly": {} + }, + "k:{\"mountPath\":\"/var/log/tidb\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {} + } + } + } + }, + "f:dnsPolicy": {}, + "f:enableServiceLinks": {}, + "f:hostname": {}, + "f:restartPolicy": {}, + "f:schedulerName": {}, + "f:securityContext": {}, + "f:subdomain": {}, + "f:terminationGracePeriodSeconds": {}, + "f:volumes": { + ".": {}, + "k:{\"name\":\"annotations\"}": { + ".": {}, + "f:downwardAPI": { + ".": {}, + "f:defaultMode": {}, + "f:items": {} + }, + "f:name": {} + }, + "k:{\"name\":\"config\"}": { + ".": {}, + "f:configMap": { + ".": {}, + "f:defaultMode": {}, + "f:items": {}, + "f:name": {} + }, + "f:name": {} + }, + "k:{\"name\":\"slowlog\"}": { + ".": {}, + "f:emptyDir": {}, + "f:name": {} + }, + "k:{\"name\":\"startup-script\"}": { + ".": {}, + "f:configMap": { + ".": {}, + "f:defaultMode": {}, + "f:items": {}, + "f:name": {} + }, + "f:name": {} + } + } + } + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:22:26+00:00" + }, + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:status": { + "f:conditions": { + ".": {}, + "k:{\"type\":\"PodScheduled\"}": { + ".": {}, + "f:lastProbeTime": {}, + "f:lastTransitionTime": {}, + "f:message": {}, + "f:reason": {}, + "f:status": {}, + "f:type": {} + } + } + } + }, + "manager": "kube-scheduler", + "operation": "Update", + "subresource": "status", + "time": "2024-02-27T01:22:26+00:00" + } + ], + "name": "test-cluster-tidb-2", + "namespace": "acto-namespace", + "owner_references": [ + { + "api_version": "apps/v1", + "block_owner_deletion": true, + "controller": true, + "kind": "StatefulSet", + "name": "test-cluster-tidb", + "uid": "275a96f1-4db6-4070-a665-2df5d784b843" + } + ], + "resource_version": "1728", + "self_link": null, + "uid": "2e5d49fd-c5d9-4a8f-b18f-3a0d431c120c" + }, + "spec": { + "active_deadline_seconds": null, + "affinity": { + "node_affinity": { + "preferred_during_scheduling_ignored_during_execution": null, + "required_during_scheduling_ignored_during_execution": { + "node_selector_terms": [ + { + "match_expressions": [ + { + "key": "kubernetes.io/hostname", + "operator": "In", + "values": [ + "NONE" + ] + } + ], + "match_fields": null + } + ] + } + }, + "pod_affinity": null, + "pod_anti_affinity": null + }, + "automount_service_account_token": null, + "containers": [ + { + "args": null, + "command": [ + "sh", + "-c", + "touch /var/log/tidb/slowlog; tail -n0 -F /var/log/tidb/slowlog;" + ], + "env": null, + "env_from": null, + "image": "busybox:1.34.1", + "image_pull_policy": "IfNotPresent", + "lifecycle": null, + "liveness_probe": null, + "name": "slowlog", + "ports": null, + "readiness_probe": null, + "resources": { + "claims": null, + "limits": null, + "requests": null + }, + "security_context": null, + "startup_probe": null, + "stdin": null, + "stdin_once": null, + "termination_message_path": "/dev/termination-log", + "termination_message_policy": "File", + "tty": null, + "volume_devices": null, + "volume_mounts": [ + { + "mount_path": "/var/log/tidb", + "mount_propagation": null, + "name": "slowlog", + "read_only": null, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/var/run/secrets/kubernetes.io/serviceaccount", + "mount_propagation": null, + "name": "kube-api-access-mplv7", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + } + ], + "working_dir": null + }, + { + "args": null, + "command": [ + "/bin/sh", + "/usr/local/bin/tidb_start_script.sh" + ], + "env": [ + { + "name": "CLUSTER_NAME", + "value": "test-cluster", + "value_from": null + }, + { + "name": "TZ", + "value": "UTC", + "value_from": null + }, + { + "name": "BINLOG_ENABLED", + "value": "false", + "value_from": null + }, + { + "name": "SLOW_LOG_FILE", + "value": "/var/log/tidb/slowlog", + "value_from": null + }, + { + "name": "POD_NAME", + "value": null, + "value_from": { + "config_map_key_ref": null, + "field_ref": { + "api_version": "v1", + "field_path": "metadata.name" + }, + "resource_field_ref": null, + "secret_key_ref": null + } + }, + { + "name": "NAMESPACE", + "value": null, + "value_from": { + "config_map_key_ref": null, + "field_ref": { + "api_version": "v1", + "field_path": "metadata.namespace" + }, + "resource_field_ref": null, + "secret_key_ref": null + } + }, + { + "name": "HEADLESS_SERVICE_NAME", + "value": "test-cluster-tidb-peer", + "value_from": null + } + ], + "env_from": null, + "image": "pingcap/tidb:v5.4.0", + "image_pull_policy": "IfNotPresent", + "lifecycle": null, + "liveness_probe": null, + "name": "tidb", + "ports": [ + { + "container_port": 4000, + "host_ip": null, + "host_port": null, + "name": "server", + "protocol": "TCP" + }, + { + "container_port": 10080, + "host_ip": null, + "host_port": null, + "name": "status", + "protocol": "TCP" + } + ], + "readiness_probe": { + "_exec": null, + "failure_threshold": 3, + "grpc": null, + "http_get": null, + "initial_delay_seconds": 10, + "period_seconds": 10, + "success_threshold": 1, + "tcp_socket": { + "host": null, + "port": 4000 + }, + "termination_grace_period_seconds": null, + "timeout_seconds": 1 + }, + "resources": { + "claims": null, + "limits": null, + "requests": null + }, + "security_context": null, + "startup_probe": null, + "stdin": null, + "stdin_once": null, + "termination_message_path": "/dev/termination-log", + "termination_message_policy": "File", + "tty": null, + "volume_devices": null, + "volume_mounts": [ + { + "mount_path": "/etc/podinfo", + "mount_propagation": null, + "name": "annotations", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/etc/tidb", + "mount_propagation": null, + "name": "config", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/usr/local/bin", + "mount_propagation": null, + "name": "startup-script", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/var/log/tidb", + "mount_propagation": null, + "name": "slowlog", + "read_only": null, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/var/run/secrets/kubernetes.io/serviceaccount", + "mount_propagation": null, + "name": "kube-api-access-mplv7", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + } + ], + "working_dir": null + } + ], + "dns_config": null, + "dns_policy": "ClusterFirst", + "enable_service_links": true, + "ephemeral_containers": null, + "host_aliases": null, + "host_ipc": null, + "host_network": null, + "host_pid": null, + "host_users": null, + "hostname": "test-cluster-tidb-2", + "image_pull_secrets": null, + "init_containers": null, + "node_name": null, + "node_selector": null, + "os": null, + "overhead": null, + "preemption_policy": "PreemptLowerPriority", + "priority": 0, + "priority_class_name": null, + "readiness_gates": null, + "resource_claims": null, + "restart_policy": "Always", + "runtime_class_name": null, + "scheduler_name": "default-scheduler", + "scheduling_gates": null, + "security_context": { + "fs_group": null, + "fs_group_change_policy": null, + "run_as_group": null, + "run_as_non_root": null, + "run_as_user": null, + "se_linux_options": null, + "seccomp_profile": null, + "supplemental_groups": null, + "sysctls": null, + "windows_options": null + }, + "service_account": "default", + "service_account_name": "default", + "set_hostname_as_fqdn": null, + "share_process_namespace": null, + "subdomain": "test-cluster-tidb-peer", + "termination_grace_period_seconds": 30, + "tolerations": [ + { + "effect": "NoExecute", + "key": "node.kubernetes.io/not-ready", + "operator": "Exists", + "toleration_seconds": 300, + "value": null + }, + { + "effect": "NoExecute", + "key": "node.kubernetes.io/unreachable", + "operator": "Exists", + "toleration_seconds": 300, + "value": null + } + ], + "topology_spread_constraints": null, + "volumes": [ + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": { + "default_mode": 420, + "items": [ + { + "field_ref": { + "api_version": "v1", + "field_path": "metadata.annotations" + }, + "mode": null, + "path": "annotations", + "resource_field_ref": null + } + ] + }, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "annotations", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": { + "default_mode": 420, + "items": [ + { + "key": "config-file", + "mode": null, + "path": "tidb.toml" + } + ], + "name": "test-cluster-tidb-6662316", + "optional": null + }, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "config", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": { + "default_mode": 420, + "items": [ + { + "key": "startup-script", + "mode": null, + "path": "tidb_start_script.sh" + } + ], + "name": "test-cluster-tidb-6662316", + "optional": null + }, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "startup-script", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": null, + "empty_dir": { + "medium": null, + "size_limit": null + }, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "slowlog", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "kube-api-access-mplv7", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": { + "default_mode": 420, + "sources": [ + { + "config_map": null, + "downward_api": null, + "secret": null, + "service_account_token": { + "audience": null, + "expiration_seconds": 3607, + "path": "token" + } + }, + { + "config_map": { + "items": [ + { + "key": "ca.crt", + "mode": null, + "path": "ca.crt" + } + ], + "name": "kube-root-ca.crt", + "optional": null + }, + "downward_api": null, + "secret": null, + "service_account_token": null + }, + { + "config_map": null, + "downward_api": { + "items": [ + { + "field_ref": { + "api_version": "v1", + "field_path": "metadata.namespace" + }, + "mode": null, + "path": "namespace", + "resource_field_ref": null + } + ] + }, + "secret": null, + "service_account_token": null + } + ] + }, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + } + ] + }, + "status": { + "conditions": [ + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T01:22:26+00:00", + "message": "0/4 nodes are available: 1 node(s) had untolerated taint {node-role.kubernetes.io/control-plane: }, 3 node(s) didn't match Pod's node affinity/selector. preemption: 0/4 nodes are available: 4 Preemption is not helpful for scheduling..", + "reason": "Unschedulable", + "status": "False", + "type": "PodScheduled" + } + ], + "container_statuses": null, + "ephemeral_container_statuses": null, + "host_ip": null, + "init_container_statuses": null, + "message": null, + "nominated_node_name": null, + "phase": "Pending", + "pod_ip": null, + "pod_i_ps": null, + "qos_class": "BestEffort", + "reason": null, + "start_time": null + } + }, + "test-cluster-tikv-0": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": { + "prometheus.io/path": "/metrics", + "prometheus.io/port": "20180", + "prometheus.io/scrape": "true" + }, + "creation_timestamp": "2024-02-27T01:20:22+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": "test-cluster-tikv-", + "generation": null, + "labels": { + "app.kubernetes.io/component": "tikv", + "app.kubernetes.io/instance": "test-cluster", + "app.kubernetes.io/managed-by": "tidb-operator", + "app.kubernetes.io/name": "tidb-cluster", + "apps.kubernetes.io/pod-index": "0", + "controller-revision-hash": "test-cluster-tikv-797dfd54bf", + "statefulset.kubernetes.io/pod-name": "test-cluster-tikv-0", + "tidb.pingcap.com/cluster-id": "7340085439264123903", + "tidb.pingcap.com/store-id": "5" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + ".": {}, + "f:prometheus.io/path": {}, + "f:prometheus.io/port": {}, + "f:prometheus.io/scrape": {} + }, + "f:generateName": {}, + "f:labels": { + ".": {}, + "f:app.kubernetes.io/component": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {}, + "f:apps.kubernetes.io/pod-index": {}, + "f:controller-revision-hash": {}, + "f:statefulset.kubernetes.io/pod-name": {} + }, + "f:ownerReferences": { + ".": {}, + "k:{\"uid\":\"0ef3c69e-a6cc-4a35-915f-a63fca1b67f8\"}": {} + } + }, + "f:spec": { + "f:containers": { + "k:{\"name\":\"raftlog\"}": { + ".": {}, + "f:command": {}, + "f:image": {}, + "f:imagePullPolicy": {}, + "f:name": {}, + "f:resources": {}, + "f:terminationMessagePath": {}, + "f:terminationMessagePolicy": {}, + "f:volumeMounts": { + ".": {}, + "k:{\"mountPath\":\"/var/lib/tikv\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {} + } + } + }, + "k:{\"name\":\"tikv\"}": { + ".": {}, + "f:command": {}, + "f:env": { + ".": {}, + "k:{\"name\":\"CAPACITY\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"CLUSTER_NAME\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"HEADLESS_SERVICE_NAME\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"NAMESPACE\"}": { + ".": {}, + "f:name": {}, + "f:valueFrom": { + ".": {}, + "f:fieldRef": {} + } + }, + "k:{\"name\":\"TZ\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + } + }, + "f:image": {}, + "f:imagePullPolicy": {}, + "f:name": {}, + "f:ports": { + ".": {}, + "k:{\"containerPort\":20160,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + } + }, + "f:resources": {}, + "f:securityContext": { + ".": {}, + "f:privileged": {} + }, + "f:terminationMessagePath": {}, + "f:terminationMessagePolicy": {}, + "f:volumeMounts": { + ".": {}, + "k:{\"mountPath\":\"/etc/podinfo\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {}, + "f:readOnly": {} + }, + "k:{\"mountPath\":\"/etc/tikv\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {}, + "f:readOnly": {} + }, + "k:{\"mountPath\":\"/usr/local/bin\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {}, + "f:readOnly": {} + }, + "k:{\"mountPath\":\"/var/lib/tikv\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {} + } + } + } + }, + "f:dnsPolicy": {}, + "f:enableServiceLinks": {}, + "f:hostname": {}, + "f:restartPolicy": {}, + "f:schedulerName": {}, + "f:securityContext": {}, + "f:subdomain": {}, + "f:terminationGracePeriodSeconds": {}, + "f:volumes": { + ".": {}, + "k:{\"name\":\"annotations\"}": { + ".": {}, + "f:downwardAPI": { + ".": {}, + "f:defaultMode": {}, + "f:items": {} + }, + "f:name": {} + }, + "k:{\"name\":\"config\"}": { + ".": {}, + "f:configMap": { + ".": {}, + "f:defaultMode": {}, + "f:items": {}, + "f:name": {} + }, + "f:name": {} + }, + "k:{\"name\":\"startup-script\"}": { + ".": {}, + "f:configMap": { + ".": {}, + "f:defaultMode": {}, + "f:items": {}, + "f:name": {} + }, + "f:name": {} + }, + "k:{\"name\":\"tikv\"}": { + ".": {}, + "f:name": {}, + "f:persistentVolumeClaim": { + ".": {}, + "f:claimName": {} + } + } + } + } + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:22+00:00" + }, + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:status": { + "f:conditions": { + "k:{\"type\":\"ContainersReady\"}": { + ".": {}, + "f:lastProbeTime": {}, + "f:lastTransitionTime": {}, + "f:status": {}, + "f:type": {} + }, + "k:{\"type\":\"Initialized\"}": { + ".": {}, + "f:lastProbeTime": {}, + "f:lastTransitionTime": {}, + "f:status": {}, + "f:type": {} + }, + "k:{\"type\":\"Ready\"}": { + ".": {}, + "f:lastProbeTime": {}, + "f:lastTransitionTime": {}, + "f:status": {}, + "f:type": {} + } + }, + "f:containerStatuses": {}, + "f:hostIP": {}, + "f:phase": {}, + "f:podIP": {}, + "f:podIPs": { + ".": {}, + "k:{\"ip\":\"10.244.2.7\"}": { + ".": {}, + "f:ip": {} + } + }, + "f:startTime": {} + } + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:27+00:00" + }, + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:labels": { + "f:tidb.pingcap.com/cluster-id": {}, + "f:tidb.pingcap.com/store-id": {} + } + } + }, + "manager": "tidb-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:53+00:00" + } + ], + "name": "test-cluster-tikv-0", + "namespace": "acto-namespace", + "owner_references": [ + { + "api_version": "apps/v1", + "block_owner_deletion": true, + "controller": true, + "kind": "StatefulSet", + "name": "test-cluster-tikv", + "uid": "0ef3c69e-a6cc-4a35-915f-a63fca1b67f8" + } + ], + "resource_version": "1384", + "self_link": null, + "uid": "ebc480d7-eef9-48ca-8d1f-31c413ae8bab" + }, + "spec": { + "active_deadline_seconds": null, + "affinity": null, + "automount_service_account_token": null, + "containers": [ + { + "args": null, + "command": [ + "sh", + "-c", + "touch /var/lib/tikv/raftdb.info; tail -n0 -F /var/lib/tikv/raftdb.info;" + ], + "env": null, + "env_from": null, + "image": "busybox:1.34.1", + "image_pull_policy": "IfNotPresent", + "lifecycle": null, + "liveness_probe": null, + "name": "raftlog", + "ports": null, + "readiness_probe": null, + "resources": { + "claims": null, + "limits": null, + "requests": null + }, + "security_context": null, + "startup_probe": null, + "stdin": null, + "stdin_once": null, + "termination_message_path": "/dev/termination-log", + "termination_message_policy": "File", + "tty": null, + "volume_devices": null, + "volume_mounts": [ + { + "mount_path": "/var/lib/tikv", + "mount_propagation": null, + "name": "tikv", + "read_only": null, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/var/run/secrets/kubernetes.io/serviceaccount", + "mount_propagation": null, + "name": "kube-api-access-5khkx", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + } + ], + "working_dir": null + }, + { + "args": null, + "command": [ + "/bin/sh", + "/usr/local/bin/tikv_start_script.sh" + ], + "env": [ + { + "name": "NAMESPACE", + "value": null, + "value_from": { + "config_map_key_ref": null, + "field_ref": { + "api_version": "v1", + "field_path": "metadata.namespace" + }, + "resource_field_ref": null, + "secret_key_ref": null + } + }, + { + "name": "CLUSTER_NAME", + "value": "test-cluster", + "value_from": null + }, + { + "name": "HEADLESS_SERVICE_NAME", + "value": "test-cluster-tikv-peer", + "value_from": null + }, + { + "name": "CAPACITY", + "value": "0", + "value_from": null + }, + { + "name": "TZ", + "value": "UTC", + "value_from": null + } + ], + "env_from": null, + "image": "pingcap/tikv:v5.4.0", + "image_pull_policy": "IfNotPresent", + "lifecycle": null, + "liveness_probe": null, + "name": "tikv", + "ports": [ + { + "container_port": 20160, + "host_ip": null, + "host_port": null, + "name": "server", + "protocol": "TCP" + } + ], + "readiness_probe": null, + "resources": { + "claims": null, + "limits": null, + "requests": null + }, + "security_context": { + "allow_privilege_escalation": null, + "capabilities": null, + "privileged": false, + "proc_mount": null, + "read_only_root_filesystem": null, + "run_as_group": null, + "run_as_non_root": null, + "run_as_user": null, + "se_linux_options": null, + "seccomp_profile": null, + "windows_options": null + }, + "startup_probe": null, + "stdin": null, + "stdin_once": null, + "termination_message_path": "/dev/termination-log", + "termination_message_policy": "File", + "tty": null, + "volume_devices": null, + "volume_mounts": [ + { + "mount_path": "/etc/podinfo", + "mount_propagation": null, + "name": "annotations", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/var/lib/tikv", + "mount_propagation": null, + "name": "tikv", + "read_only": null, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/etc/tikv", + "mount_propagation": null, + "name": "config", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/usr/local/bin", + "mount_propagation": null, + "name": "startup-script", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/var/run/secrets/kubernetes.io/serviceaccount", + "mount_propagation": null, + "name": "kube-api-access-5khkx", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + } + ], + "working_dir": null + } + ], + "dns_config": null, + "dns_policy": "ClusterFirst", + "enable_service_links": true, + "ephemeral_containers": null, + "host_aliases": null, + "host_ipc": null, + "host_network": null, + "host_pid": null, + "host_users": null, + "hostname": "test-cluster-tikv-0", + "image_pull_secrets": null, + "init_containers": null, + "node_name": "acto-0-cluster-0-worker2", + "node_selector": null, + "os": null, + "overhead": null, + "preemption_policy": "PreemptLowerPriority", + "priority": 0, + "priority_class_name": null, + "readiness_gates": null, + "resource_claims": null, + "restart_policy": "Always", + "runtime_class_name": null, + "scheduler_name": "default-scheduler", + "scheduling_gates": null, + "security_context": { + "fs_group": null, + "fs_group_change_policy": null, + "run_as_group": null, + "run_as_non_root": null, + "run_as_user": null, + "se_linux_options": null, + "seccomp_profile": null, + "supplemental_groups": null, + "sysctls": null, + "windows_options": null + }, + "service_account": "default", + "service_account_name": "default", + "set_hostname_as_fqdn": null, + "share_process_namespace": null, + "subdomain": "test-cluster-tikv-peer", + "termination_grace_period_seconds": 30, + "tolerations": [ + { + "effect": "NoExecute", + "key": "node.kubernetes.io/not-ready", + "operator": "Exists", + "toleration_seconds": 300, + "value": null + }, + { + "effect": "NoExecute", + "key": "node.kubernetes.io/unreachable", + "operator": "Exists", + "toleration_seconds": 300, + "value": null + } + ], + "topology_spread_constraints": null, + "volumes": [ + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "tikv", + "nfs": null, + "persistent_volume_claim": { + "claim_name": "tikv-test-cluster-tikv-0", + "read_only": null + }, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": { + "default_mode": 420, + "items": [ + { + "field_ref": { + "api_version": "v1", + "field_path": "metadata.annotations" + }, + "mode": null, + "path": "annotations", + "resource_field_ref": null + } + ] + }, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "annotations", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": { + "default_mode": 420, + "items": [ + { + "key": "config-file", + "mode": null, + "path": "tikv.toml" + } + ], + "name": "test-cluster-tikv-3831336", + "optional": null + }, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "config", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": { + "default_mode": 420, + "items": [ + { + "key": "startup-script", + "mode": null, + "path": "tikv_start_script.sh" + } + ], + "name": "test-cluster-tikv-3831336", + "optional": null + }, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "startup-script", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "kube-api-access-5khkx", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": { + "default_mode": 420, + "sources": [ + { + "config_map": null, + "downward_api": null, + "secret": null, + "service_account_token": { + "audience": null, + "expiration_seconds": 3607, + "path": "token" + } + }, + { + "config_map": { + "items": [ + { + "key": "ca.crt", + "mode": null, + "path": "ca.crt" + } + ], + "name": "kube-root-ca.crt", + "optional": null + }, + "downward_api": null, + "secret": null, + "service_account_token": null + }, + { + "config_map": null, + "downward_api": { + "items": [ + { + "field_ref": { + "api_version": "v1", + "field_path": "metadata.namespace" + }, + "mode": null, + "path": "namespace", + "resource_field_ref": null + } + ] + }, + "secret": null, + "service_account_token": null + } + ] + }, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + } + ] + }, + "status": { + "conditions": [ + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T01:20:26+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "Initialized" + }, + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T01:20:27+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "Ready" + }, + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T01:20:27+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "ContainersReady" + }, + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T01:20:26+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "PodScheduled" + } + ], + "container_statuses": [ + { + "container_id": "containerd://df4daa47dd320abba4bc8728d6330bef46c1bf0636c96a7d259c383acfbdc5e1", + "image": "docker.io/library/busybox:1.34.1", + "image_id": "docker.io/library/import-2024-02-27@sha256:c4d04d75f4fed737c946055f12e8eae66b6272e59afc5c9ed865428d7c215dad", + "last_state": { + "running": null, + "terminated": null, + "waiting": null + }, + "name": "raftlog", + "ready": true, + "restart_count": 0, + "started": true, + "state": { + "running": { + "started_at": "2024-02-27T01:20:26+00:00" + }, + "terminated": null, + "waiting": null + } + }, + { + "container_id": "containerd://c7aed758922ca184352acd913f730d982841dedd2461ef6574289f6d6f11c22b", + "image": "docker.io/pingcap/tikv:v5.4.0", + "image_id": "docker.io/library/import-2024-02-27@sha256:6a5cc1deaa123c842cd3537ed4e322ce7e9ab42b8f45ee1d59dd0a7520ca6acc", + "last_state": { + "running": null, + "terminated": null, + "waiting": null + }, + "name": "tikv", + "ready": true, + "restart_count": 0, + "started": true, + "state": { + "running": { + "started_at": "2024-02-27T01:20:27+00:00" + }, + "terminated": null, + "waiting": null + } + } + ], + "ephemeral_container_statuses": null, + "host_ip": "172.18.0.5", + "init_container_statuses": null, + "message": null, + "nominated_node_name": null, + "phase": "Running", + "pod_ip": "10.244.2.7", + "pod_i_ps": [ + { + "ip": "10.244.2.7" + } + ], + "qos_class": "BestEffort", + "reason": null, + "start_time": "2024-02-27T01:20:26+00:00" + } + }, + "test-cluster-tikv-1": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": { + "prometheus.io/path": "/metrics", + "prometheus.io/port": "20180", + "prometheus.io/scrape": "true" + }, + "creation_timestamp": "2024-02-27T01:20:22+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": "test-cluster-tikv-", + "generation": null, + "labels": { + "app.kubernetes.io/component": "tikv", + "app.kubernetes.io/instance": "test-cluster", + "app.kubernetes.io/managed-by": "tidb-operator", + "app.kubernetes.io/name": "tidb-cluster", + "apps.kubernetes.io/pod-index": "1", + "controller-revision-hash": "test-cluster-tikv-797dfd54bf", + "statefulset.kubernetes.io/pod-name": "test-cluster-tikv-1", + "tidb.pingcap.com/cluster-id": "7340085439264123903", + "tidb.pingcap.com/store-id": "1" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + ".": {}, + "f:prometheus.io/path": {}, + "f:prometheus.io/port": {}, + "f:prometheus.io/scrape": {} + }, + "f:generateName": {}, + "f:labels": { + ".": {}, + "f:app.kubernetes.io/component": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {}, + "f:apps.kubernetes.io/pod-index": {}, + "f:controller-revision-hash": {}, + "f:statefulset.kubernetes.io/pod-name": {} + }, + "f:ownerReferences": { + ".": {}, + "k:{\"uid\":\"0ef3c69e-a6cc-4a35-915f-a63fca1b67f8\"}": {} + } + }, + "f:spec": { + "f:containers": { + "k:{\"name\":\"raftlog\"}": { + ".": {}, + "f:command": {}, + "f:image": {}, + "f:imagePullPolicy": {}, + "f:name": {}, + "f:resources": {}, + "f:terminationMessagePath": {}, + "f:terminationMessagePolicy": {}, + "f:volumeMounts": { + ".": {}, + "k:{\"mountPath\":\"/var/lib/tikv\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {} + } + } + }, + "k:{\"name\":\"tikv\"}": { + ".": {}, + "f:command": {}, + "f:env": { + ".": {}, + "k:{\"name\":\"CAPACITY\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"CLUSTER_NAME\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"HEADLESS_SERVICE_NAME\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"NAMESPACE\"}": { + ".": {}, + "f:name": {}, + "f:valueFrom": { + ".": {}, + "f:fieldRef": {} + } + }, + "k:{\"name\":\"TZ\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + } + }, + "f:image": {}, + "f:imagePullPolicy": {}, + "f:name": {}, + "f:ports": { + ".": {}, + "k:{\"containerPort\":20160,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + } + }, + "f:resources": {}, + "f:securityContext": { + ".": {}, + "f:privileged": {} + }, + "f:terminationMessagePath": {}, + "f:terminationMessagePolicy": {}, + "f:volumeMounts": { + ".": {}, + "k:{\"mountPath\":\"/etc/podinfo\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {}, + "f:readOnly": {} + }, + "k:{\"mountPath\":\"/etc/tikv\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {}, + "f:readOnly": {} + }, + "k:{\"mountPath\":\"/usr/local/bin\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {}, + "f:readOnly": {} + }, + "k:{\"mountPath\":\"/var/lib/tikv\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {} + } + } + } + }, + "f:dnsPolicy": {}, + "f:enableServiceLinks": {}, + "f:hostname": {}, + "f:restartPolicy": {}, + "f:schedulerName": {}, + "f:securityContext": {}, + "f:subdomain": {}, + "f:terminationGracePeriodSeconds": {}, + "f:volumes": { + ".": {}, + "k:{\"name\":\"annotations\"}": { + ".": {}, + "f:downwardAPI": { + ".": {}, + "f:defaultMode": {}, + "f:items": {} + }, + "f:name": {} + }, + "k:{\"name\":\"config\"}": { + ".": {}, + "f:configMap": { + ".": {}, + "f:defaultMode": {}, + "f:items": {}, + "f:name": {} + }, + "f:name": {} + }, + "k:{\"name\":\"startup-script\"}": { + ".": {}, + "f:configMap": { + ".": {}, + "f:defaultMode": {}, + "f:items": {}, + "f:name": {} + }, + "f:name": {} + }, + "k:{\"name\":\"tikv\"}": { + ".": {}, + "f:name": {}, + "f:persistentVolumeClaim": { + ".": {}, + "f:claimName": {} + } + } + } + } + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:22+00:00" + }, + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:status": { + "f:conditions": { + "k:{\"type\":\"ContainersReady\"}": { + ".": {}, + "f:lastProbeTime": {}, + "f:lastTransitionTime": {}, + "f:status": {}, + "f:type": {} + }, + "k:{\"type\":\"Initialized\"}": { + ".": {}, + "f:lastProbeTime": {}, + "f:lastTransitionTime": {}, + "f:status": {}, + "f:type": {} + }, + "k:{\"type\":\"Ready\"}": { + ".": {}, + "f:lastProbeTime": {}, + "f:lastTransitionTime": {}, + "f:status": {}, + "f:type": {} + } + }, + "f:containerStatuses": {}, + "f:hostIP": {}, + "f:phase": {}, + "f:podIP": {}, + "f:podIPs": { + ".": {}, + "k:{\"ip\":\"10.244.1.6\"}": { + ".": {}, + "f:ip": {} + } + }, + "f:startTime": {} + } + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:26+00:00" + }, + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:labels": { + "f:tidb.pingcap.com/cluster-id": {}, + "f:tidb.pingcap.com/store-id": {} + } + } + }, + "manager": "tidb-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:53+00:00" + } + ], + "name": "test-cluster-tikv-1", + "namespace": "acto-namespace", + "owner_references": [ + { + "api_version": "apps/v1", + "block_owner_deletion": true, + "controller": true, + "kind": "StatefulSet", + "name": "test-cluster-tikv", + "uid": "0ef3c69e-a6cc-4a35-915f-a63fca1b67f8" + } + ], + "resource_version": "1402", + "self_link": null, + "uid": "fe7fca3f-2c5a-406e-856b-3b0bec9e4bfc" + }, + "spec": { + "active_deadline_seconds": null, + "affinity": null, + "automount_service_account_token": null, + "containers": [ + { + "args": null, + "command": [ + "sh", + "-c", + "touch /var/lib/tikv/raftdb.info; tail -n0 -F /var/lib/tikv/raftdb.info;" + ], + "env": null, + "env_from": null, + "image": "busybox:1.34.1", + "image_pull_policy": "IfNotPresent", + "lifecycle": null, + "liveness_probe": null, + "name": "raftlog", + "ports": null, + "readiness_probe": null, + "resources": { + "claims": null, + "limits": null, + "requests": null + }, + "security_context": null, + "startup_probe": null, + "stdin": null, + "stdin_once": null, + "termination_message_path": "/dev/termination-log", + "termination_message_policy": "File", + "tty": null, + "volume_devices": null, + "volume_mounts": [ + { + "mount_path": "/var/lib/tikv", + "mount_propagation": null, + "name": "tikv", + "read_only": null, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/var/run/secrets/kubernetes.io/serviceaccount", + "mount_propagation": null, + "name": "kube-api-access-5s7tz", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + } + ], + "working_dir": null + }, + { + "args": null, + "command": [ + "/bin/sh", + "/usr/local/bin/tikv_start_script.sh" + ], + "env": [ + { + "name": "NAMESPACE", + "value": null, + "value_from": { + "config_map_key_ref": null, + "field_ref": { + "api_version": "v1", + "field_path": "metadata.namespace" + }, + "resource_field_ref": null, + "secret_key_ref": null + } + }, + { + "name": "CLUSTER_NAME", + "value": "test-cluster", + "value_from": null + }, + { + "name": "HEADLESS_SERVICE_NAME", + "value": "test-cluster-tikv-peer", + "value_from": null + }, + { + "name": "CAPACITY", + "value": "0", + "value_from": null + }, + { + "name": "TZ", + "value": "UTC", + "value_from": null + } + ], + "env_from": null, + "image": "pingcap/tikv:v5.4.0", + "image_pull_policy": "IfNotPresent", + "lifecycle": null, + "liveness_probe": null, + "name": "tikv", + "ports": [ + { + "container_port": 20160, + "host_ip": null, + "host_port": null, + "name": "server", + "protocol": "TCP" + } + ], + "readiness_probe": null, + "resources": { + "claims": null, + "limits": null, + "requests": null + }, + "security_context": { + "allow_privilege_escalation": null, + "capabilities": null, + "privileged": false, + "proc_mount": null, + "read_only_root_filesystem": null, + "run_as_group": null, + "run_as_non_root": null, + "run_as_user": null, + "se_linux_options": null, + "seccomp_profile": null, + "windows_options": null + }, + "startup_probe": null, + "stdin": null, + "stdin_once": null, + "termination_message_path": "/dev/termination-log", + "termination_message_policy": "File", + "tty": null, + "volume_devices": null, + "volume_mounts": [ + { + "mount_path": "/etc/podinfo", + "mount_propagation": null, + "name": "annotations", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/var/lib/tikv", + "mount_propagation": null, + "name": "tikv", + "read_only": null, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/etc/tikv", + "mount_propagation": null, + "name": "config", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/usr/local/bin", + "mount_propagation": null, + "name": "startup-script", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/var/run/secrets/kubernetes.io/serviceaccount", + "mount_propagation": null, + "name": "kube-api-access-5s7tz", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + } + ], + "working_dir": null + } + ], + "dns_config": null, + "dns_policy": "ClusterFirst", + "enable_service_links": true, + "ephemeral_containers": null, + "host_aliases": null, + "host_ipc": null, + "host_network": null, + "host_pid": null, + "host_users": null, + "hostname": "test-cluster-tikv-1", + "image_pull_secrets": null, + "init_containers": null, + "node_name": "acto-0-cluster-0-worker", + "node_selector": null, + "os": null, + "overhead": null, + "preemption_policy": "PreemptLowerPriority", + "priority": 0, + "priority_class_name": null, + "readiness_gates": null, + "resource_claims": null, + "restart_policy": "Always", + "runtime_class_name": null, + "scheduler_name": "default-scheduler", + "scheduling_gates": null, + "security_context": { + "fs_group": null, + "fs_group_change_policy": null, + "run_as_group": null, + "run_as_non_root": null, + "run_as_user": null, + "se_linux_options": null, + "seccomp_profile": null, + "supplemental_groups": null, + "sysctls": null, + "windows_options": null + }, + "service_account": "default", + "service_account_name": "default", + "set_hostname_as_fqdn": null, + "share_process_namespace": null, + "subdomain": "test-cluster-tikv-peer", + "termination_grace_period_seconds": 30, + "tolerations": [ + { + "effect": "NoExecute", + "key": "node.kubernetes.io/not-ready", + "operator": "Exists", + "toleration_seconds": 300, + "value": null + }, + { + "effect": "NoExecute", + "key": "node.kubernetes.io/unreachable", + "operator": "Exists", + "toleration_seconds": 300, + "value": null + } + ], + "topology_spread_constraints": null, + "volumes": [ + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "tikv", + "nfs": null, + "persistent_volume_claim": { + "claim_name": "tikv-test-cluster-tikv-1", + "read_only": null + }, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": { + "default_mode": 420, + "items": [ + { + "field_ref": { + "api_version": "v1", + "field_path": "metadata.annotations" + }, + "mode": null, + "path": "annotations", + "resource_field_ref": null + } + ] + }, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "annotations", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": { + "default_mode": 420, + "items": [ + { + "key": "config-file", + "mode": null, + "path": "tikv.toml" + } + ], + "name": "test-cluster-tikv-3831336", + "optional": null + }, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "config", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": { + "default_mode": 420, + "items": [ + { + "key": "startup-script", + "mode": null, + "path": "tikv_start_script.sh" + } + ], + "name": "test-cluster-tikv-3831336", + "optional": null + }, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "startup-script", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "kube-api-access-5s7tz", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": { + "default_mode": 420, + "sources": [ + { + "config_map": null, + "downward_api": null, + "secret": null, + "service_account_token": { + "audience": null, + "expiration_seconds": 3607, + "path": "token" + } + }, + { + "config_map": { + "items": [ + { + "key": "ca.crt", + "mode": null, + "path": "ca.crt" + } + ], + "name": "kube-root-ca.crt", + "optional": null + }, + "downward_api": null, + "secret": null, + "service_account_token": null + }, + { + "config_map": null, + "downward_api": { + "items": [ + { + "field_ref": { + "api_version": "v1", + "field_path": "metadata.namespace" + }, + "mode": null, + "path": "namespace", + "resource_field_ref": null + } + ] + }, + "secret": null, + "service_account_token": null + } + ] + }, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + } + ] + }, + "status": { + "conditions": [ + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T01:20:25+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "Initialized" + }, + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T01:20:26+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "Ready" + }, + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T01:20:26+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "ContainersReady" + }, + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T01:20:25+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "PodScheduled" + } + ], + "container_statuses": [ + { + "container_id": "containerd://2a903ff218205ca1847d4a658fd553f9f83105cae8e452a0ab49a45a9cb519aa", + "image": "docker.io/library/busybox:1.34.1", + "image_id": "docker.io/library/import-2024-02-27@sha256:c4d04d75f4fed737c946055f12e8eae66b6272e59afc5c9ed865428d7c215dad", + "last_state": { + "running": null, + "terminated": null, + "waiting": null + }, + "name": "raftlog", + "ready": true, + "restart_count": 0, + "started": true, + "state": { + "running": { + "started_at": "2024-02-27T01:20:25+00:00" + }, + "terminated": null, + "waiting": null + } + }, + { + "container_id": "containerd://e1f2bab2135a4fc029b9b2e4b8bb1277707a8d62f0459081cbf008887a9f1ae1", + "image": "docker.io/pingcap/tikv:v5.4.0", + "image_id": "docker.io/library/import-2024-02-27@sha256:6a5cc1deaa123c842cd3537ed4e322ce7e9ab42b8f45ee1d59dd0a7520ca6acc", + "last_state": { + "running": null, + "terminated": null, + "waiting": null + }, + "name": "tikv", + "ready": true, + "restart_count": 0, + "started": true, + "state": { + "running": { + "started_at": "2024-02-27T01:20:26+00:00" + }, + "terminated": null, + "waiting": null + } + } + ], + "ephemeral_container_statuses": null, + "host_ip": "172.18.0.2", + "init_container_statuses": null, + "message": null, + "nominated_node_name": null, + "phase": "Running", + "pod_ip": "10.244.1.6", + "pod_i_ps": [ + { + "ip": "10.244.1.6" + } + ], + "qos_class": "BestEffort", + "reason": null, + "start_time": "2024-02-27T01:20:25+00:00" + } + }, + "test-cluster-tikv-2": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": { + "prometheus.io/path": "/metrics", + "prometheus.io/port": "20180", + "prometheus.io/scrape": "true" + }, + "creation_timestamp": "2024-02-27T01:20:22+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": "test-cluster-tikv-", + "generation": null, + "labels": { + "app.kubernetes.io/component": "tikv", + "app.kubernetes.io/instance": "test-cluster", + "app.kubernetes.io/managed-by": "tidb-operator", + "app.kubernetes.io/name": "tidb-cluster", + "apps.kubernetes.io/pod-index": "2", + "controller-revision-hash": "test-cluster-tikv-797dfd54bf", + "statefulset.kubernetes.io/pod-name": "test-cluster-tikv-2", + "tidb.pingcap.com/cluster-id": "7340085439264123903", + "tidb.pingcap.com/store-id": "4" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + ".": {}, + "f:prometheus.io/path": {}, + "f:prometheus.io/port": {}, + "f:prometheus.io/scrape": {} + }, + "f:generateName": {}, + "f:labels": { + ".": {}, + "f:app.kubernetes.io/component": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {}, + "f:apps.kubernetes.io/pod-index": {}, + "f:controller-revision-hash": {}, + "f:statefulset.kubernetes.io/pod-name": {} + }, + "f:ownerReferences": { + ".": {}, + "k:{\"uid\":\"0ef3c69e-a6cc-4a35-915f-a63fca1b67f8\"}": {} + } + }, + "f:spec": { + "f:containers": { + "k:{\"name\":\"raftlog\"}": { + ".": {}, + "f:command": {}, + "f:image": {}, + "f:imagePullPolicy": {}, + "f:name": {}, + "f:resources": {}, + "f:terminationMessagePath": {}, + "f:terminationMessagePolicy": {}, + "f:volumeMounts": { + ".": {}, + "k:{\"mountPath\":\"/var/lib/tikv\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {} + } + } + }, + "k:{\"name\":\"tikv\"}": { + ".": {}, + "f:command": {}, + "f:env": { + ".": {}, + "k:{\"name\":\"CAPACITY\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"CLUSTER_NAME\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"HEADLESS_SERVICE_NAME\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"NAMESPACE\"}": { + ".": {}, + "f:name": {}, + "f:valueFrom": { + ".": {}, + "f:fieldRef": {} + } + }, + "k:{\"name\":\"TZ\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + } + }, + "f:image": {}, + "f:imagePullPolicy": {}, + "f:name": {}, + "f:ports": { + ".": {}, + "k:{\"containerPort\":20160,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + } + }, + "f:resources": {}, + "f:securityContext": { + ".": {}, + "f:privileged": {} + }, + "f:terminationMessagePath": {}, + "f:terminationMessagePolicy": {}, + "f:volumeMounts": { + ".": {}, + "k:{\"mountPath\":\"/etc/podinfo\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {}, + "f:readOnly": {} + }, + "k:{\"mountPath\":\"/etc/tikv\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {}, + "f:readOnly": {} + }, + "k:{\"mountPath\":\"/usr/local/bin\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {}, + "f:readOnly": {} + }, + "k:{\"mountPath\":\"/var/lib/tikv\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {} + } + } + } + }, + "f:dnsPolicy": {}, + "f:enableServiceLinks": {}, + "f:hostname": {}, + "f:restartPolicy": {}, + "f:schedulerName": {}, + "f:securityContext": {}, + "f:subdomain": {}, + "f:terminationGracePeriodSeconds": {}, + "f:volumes": { + ".": {}, + "k:{\"name\":\"annotations\"}": { + ".": {}, + "f:downwardAPI": { + ".": {}, + "f:defaultMode": {}, + "f:items": {} + }, + "f:name": {} + }, + "k:{\"name\":\"config\"}": { + ".": {}, + "f:configMap": { + ".": {}, + "f:defaultMode": {}, + "f:items": {}, + "f:name": {} + }, + "f:name": {} + }, + "k:{\"name\":\"startup-script\"}": { + ".": {}, + "f:configMap": { + ".": {}, + "f:defaultMode": {}, + "f:items": {}, + "f:name": {} + }, + "f:name": {} + }, + "k:{\"name\":\"tikv\"}": { + ".": {}, + "f:name": {}, + "f:persistentVolumeClaim": { + ".": {}, + "f:claimName": {} + } + } + } + } + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:22+00:00" + }, + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:status": { + "f:conditions": { + "k:{\"type\":\"ContainersReady\"}": { + ".": {}, + "f:lastProbeTime": {}, + "f:lastTransitionTime": {}, + "f:status": {}, + "f:type": {} + }, + "k:{\"type\":\"Initialized\"}": { + ".": {}, + "f:lastProbeTime": {}, + "f:lastTransitionTime": {}, + "f:status": {}, + "f:type": {} + }, + "k:{\"type\":\"Ready\"}": { + ".": {}, + "f:lastProbeTime": {}, + "f:lastTransitionTime": {}, + "f:status": {}, + "f:type": {} + } + }, + "f:containerStatuses": {}, + "f:hostIP": {}, + "f:phase": {}, + "f:podIP": {}, + "f:podIPs": { + ".": {}, + "k:{\"ip\":\"10.244.3.7\"}": { + ".": {}, + "f:ip": {} + } + }, + "f:startTime": {} + } + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:26+00:00" + }, + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:labels": { + "f:tidb.pingcap.com/cluster-id": {}, + "f:tidb.pingcap.com/store-id": {} + } + } + }, + "manager": "tidb-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:54+00:00" + } + ], + "name": "test-cluster-tikv-2", + "namespace": "acto-namespace", + "owner_references": [ + { + "api_version": "apps/v1", + "block_owner_deletion": true, + "controller": true, + "kind": "StatefulSet", + "name": "test-cluster-tikv", + "uid": "0ef3c69e-a6cc-4a35-915f-a63fca1b67f8" + } + ], + "resource_version": "1406", + "self_link": null, + "uid": "15df53c3-220b-48c9-82e6-5bde9ad0ef90" + }, + "spec": { + "active_deadline_seconds": null, + "affinity": null, + "automount_service_account_token": null, + "containers": [ + { + "args": null, + "command": [ + "sh", + "-c", + "touch /var/lib/tikv/raftdb.info; tail -n0 -F /var/lib/tikv/raftdb.info;" + ], + "env": null, + "env_from": null, + "image": "busybox:1.34.1", + "image_pull_policy": "IfNotPresent", + "lifecycle": null, + "liveness_probe": null, + "name": "raftlog", + "ports": null, + "readiness_probe": null, + "resources": { + "claims": null, + "limits": null, + "requests": null + }, + "security_context": null, + "startup_probe": null, + "stdin": null, + "stdin_once": null, + "termination_message_path": "/dev/termination-log", + "termination_message_policy": "File", + "tty": null, + "volume_devices": null, + "volume_mounts": [ + { + "mount_path": "/var/lib/tikv", + "mount_propagation": null, + "name": "tikv", + "read_only": null, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/var/run/secrets/kubernetes.io/serviceaccount", + "mount_propagation": null, + "name": "kube-api-access-b2gzd", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + } + ], + "working_dir": null + }, + { + "args": null, + "command": [ + "/bin/sh", + "/usr/local/bin/tikv_start_script.sh" + ], + "env": [ + { + "name": "NAMESPACE", + "value": null, + "value_from": { + "config_map_key_ref": null, + "field_ref": { + "api_version": "v1", + "field_path": "metadata.namespace" + }, + "resource_field_ref": null, + "secret_key_ref": null + } + }, + { + "name": "CLUSTER_NAME", + "value": "test-cluster", + "value_from": null + }, + { + "name": "HEADLESS_SERVICE_NAME", + "value": "test-cluster-tikv-peer", + "value_from": null + }, + { + "name": "CAPACITY", + "value": "0", + "value_from": null + }, + { + "name": "TZ", + "value": "UTC", + "value_from": null + } + ], + "env_from": null, + "image": "pingcap/tikv:v5.4.0", + "image_pull_policy": "IfNotPresent", + "lifecycle": null, + "liveness_probe": null, + "name": "tikv", + "ports": [ + { + "container_port": 20160, + "host_ip": null, + "host_port": null, + "name": "server", + "protocol": "TCP" + } + ], + "readiness_probe": null, + "resources": { + "claims": null, + "limits": null, + "requests": null + }, + "security_context": { + "allow_privilege_escalation": null, + "capabilities": null, + "privileged": false, + "proc_mount": null, + "read_only_root_filesystem": null, + "run_as_group": null, + "run_as_non_root": null, + "run_as_user": null, + "se_linux_options": null, + "seccomp_profile": null, + "windows_options": null + }, + "startup_probe": null, + "stdin": null, + "stdin_once": null, + "termination_message_path": "/dev/termination-log", + "termination_message_policy": "File", + "tty": null, + "volume_devices": null, + "volume_mounts": [ + { + "mount_path": "/etc/podinfo", + "mount_propagation": null, + "name": "annotations", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/var/lib/tikv", + "mount_propagation": null, + "name": "tikv", + "read_only": null, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/etc/tikv", + "mount_propagation": null, + "name": "config", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/usr/local/bin", + "mount_propagation": null, + "name": "startup-script", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/var/run/secrets/kubernetes.io/serviceaccount", + "mount_propagation": null, + "name": "kube-api-access-b2gzd", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + } + ], + "working_dir": null + } + ], + "dns_config": null, + "dns_policy": "ClusterFirst", + "enable_service_links": true, + "ephemeral_containers": null, + "host_aliases": null, + "host_ipc": null, + "host_network": null, + "host_pid": null, + "host_users": null, + "hostname": "test-cluster-tikv-2", + "image_pull_secrets": null, + "init_containers": null, + "node_name": "acto-0-cluster-0-worker3", + "node_selector": null, + "os": null, + "overhead": null, + "preemption_policy": "PreemptLowerPriority", + "priority": 0, + "priority_class_name": null, + "readiness_gates": null, + "resource_claims": null, + "restart_policy": "Always", + "runtime_class_name": null, + "scheduler_name": "default-scheduler", + "scheduling_gates": null, + "security_context": { + "fs_group": null, + "fs_group_change_policy": null, + "run_as_group": null, + "run_as_non_root": null, + "run_as_user": null, + "se_linux_options": null, + "seccomp_profile": null, + "supplemental_groups": null, + "sysctls": null, + "windows_options": null + }, + "service_account": "default", + "service_account_name": "default", + "set_hostname_as_fqdn": null, + "share_process_namespace": null, + "subdomain": "test-cluster-tikv-peer", + "termination_grace_period_seconds": 30, + "tolerations": [ + { + "effect": "NoExecute", + "key": "node.kubernetes.io/not-ready", + "operator": "Exists", + "toleration_seconds": 300, + "value": null + }, + { + "effect": "NoExecute", + "key": "node.kubernetes.io/unreachable", + "operator": "Exists", + "toleration_seconds": 300, + "value": null + } + ], + "topology_spread_constraints": null, + "volumes": [ + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "tikv", + "nfs": null, + "persistent_volume_claim": { + "claim_name": "tikv-test-cluster-tikv-2", + "read_only": null + }, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": { + "default_mode": 420, + "items": [ + { + "field_ref": { + "api_version": "v1", + "field_path": "metadata.annotations" + }, + "mode": null, + "path": "annotations", + "resource_field_ref": null + } + ] + }, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "annotations", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": { + "default_mode": 420, + "items": [ + { + "key": "config-file", + "mode": null, + "path": "tikv.toml" + } + ], + "name": "test-cluster-tikv-3831336", + "optional": null + }, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "config", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": { + "default_mode": 420, + "items": [ + { + "key": "startup-script", + "mode": null, + "path": "tikv_start_script.sh" + } + ], + "name": "test-cluster-tikv-3831336", + "optional": null + }, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "startup-script", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "kube-api-access-b2gzd", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": { + "default_mode": 420, + "sources": [ + { + "config_map": null, + "downward_api": null, + "secret": null, + "service_account_token": { + "audience": null, + "expiration_seconds": 3607, + "path": "token" + } + }, + { + "config_map": { + "items": [ + { + "key": "ca.crt", + "mode": null, + "path": "ca.crt" + } + ], + "name": "kube-root-ca.crt", + "optional": null + }, + "downward_api": null, + "secret": null, + "service_account_token": null + }, + { + "config_map": null, + "downward_api": { + "items": [ + { + "field_ref": { + "api_version": "v1", + "field_path": "metadata.namespace" + }, + "mode": null, + "path": "namespace", + "resource_field_ref": null + } + ] + }, + "secret": null, + "service_account_token": null + } + ] + }, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + } + ] + }, + "status": { + "conditions": [ + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T01:20:25+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "Initialized" + }, + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T01:20:26+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "Ready" + }, + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T01:20:26+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "ContainersReady" + }, + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T01:20:25+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "PodScheduled" + } + ], + "container_statuses": [ + { + "container_id": "containerd://2be24527e2ca73029ada8ae9cba4260d770721b6b115118d852522a43906260e", + "image": "docker.io/library/busybox:1.34.1", + "image_id": "docker.io/library/import-2024-02-27@sha256:c4d04d75f4fed737c946055f12e8eae66b6272e59afc5c9ed865428d7c215dad", + "last_state": { + "running": null, + "terminated": null, + "waiting": null + }, + "name": "raftlog", + "ready": true, + "restart_count": 0, + "started": true, + "state": { + "running": { + "started_at": "2024-02-27T01:20:25+00:00" + }, + "terminated": null, + "waiting": null + } + }, + { + "container_id": "containerd://56d376cf937d44d43a9352cdab2a3c102609b651357f357c5062676a99d63dcd", + "image": "docker.io/pingcap/tikv:v5.4.0", + "image_id": "docker.io/library/import-2024-02-27@sha256:6a5cc1deaa123c842cd3537ed4e322ce7e9ab42b8f45ee1d59dd0a7520ca6acc", + "last_state": { + "running": null, + "terminated": null, + "waiting": null + }, + "name": "tikv", + "ready": true, + "restart_count": 0, + "started": true, + "state": { + "running": { + "started_at": "2024-02-27T01:20:26+00:00" + }, + "terminated": null, + "waiting": null + } + } + ], + "ephemeral_container_statuses": null, + "host_ip": "172.18.0.3", + "init_container_statuses": null, + "message": null, + "nominated_node_name": null, + "phase": "Running", + "pod_ip": "10.244.3.7", + "pod_i_ps": [ + { + "ip": "10.244.3.7" + } + ], + "qos_class": "BestEffort", + "reason": null, + "start_time": "2024-02-27T01:20:25+00:00" + } + } + }, + "deployment_pods": { + "test-cluster-discovery": [ + { + "api_version": null, + "kind": null, + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:19:59+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": "test-cluster-discovery-689d8466cb-", + "generation": null, + "labels": { + "app.kubernetes.io/component": "discovery", + "app.kubernetes.io/instance": "test-cluster", + "app.kubernetes.io/managed-by": "tidb-operator", + "app.kubernetes.io/name": "tidb-cluster", + "pod-template-hash": "689d8466cb", + "tidb.pingcap.com/cluster-id": "7340085439264123903" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:generateName": {}, + "f:labels": { + ".": {}, + "f:app.kubernetes.io/component": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {}, + "f:pod-template-hash": {} + }, + "f:ownerReferences": { + ".": {}, + "k:{\"uid\":\"a6ae946c-e641-488e-8d11-8f8a0e04bed1\"}": {} + } + }, + "f:spec": { + "f:containers": { + "k:{\"name\":\"discovery\"}": { + ".": {}, + "f:command": {}, + "f:env": { + ".": {}, + "k:{\"name\":\"MY_POD_NAMESPACE\"}": { + ".": {}, + "f:name": {}, + "f:valueFrom": { + ".": {}, + "f:fieldRef": {} + } + }, + "k:{\"name\":\"TC_NAME\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"TZ\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + } + }, + "f:image": {}, + "f:imagePullPolicy": {}, + "f:name": {}, + "f:ports": { + ".": {}, + "k:{\"containerPort\":10261,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + }, + "k:{\"containerPort\":10262,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + } + }, + "f:resources": {}, + "f:terminationMessagePath": {}, + "f:terminationMessagePolicy": {} + } + }, + "f:dnsPolicy": {}, + "f:enableServiceLinks": {}, + "f:restartPolicy": {}, + "f:schedulerName": {}, + "f:securityContext": {}, + "f:serviceAccount": {}, + "f:serviceAccountName": {}, + "f:terminationGracePeriodSeconds": {} + } + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:59+00:00" + }, + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:status": { + "f:conditions": { + "k:{\"type\":\"ContainersReady\"}": { + ".": {}, + "f:lastProbeTime": {}, + "f:lastTransitionTime": {}, + "f:status": {}, + "f:type": {} + }, + "k:{\"type\":\"Initialized\"}": { + ".": {}, + "f:lastProbeTime": {}, + "f:lastTransitionTime": {}, + "f:status": {}, + "f:type": {} + }, + "k:{\"type\":\"Ready\"}": { + ".": {}, + "f:lastProbeTime": {}, + "f:lastTransitionTime": {}, + "f:status": {}, + "f:type": {} + } + }, + "f:containerStatuses": {}, + "f:hostIP": {}, + "f:phase": {}, + "f:podIP": {}, + "f:podIPs": { + ".": {}, + "k:{\"ip\":\"10.244.2.3\"}": { + ".": {}, + "f:ip": {} + } + }, + "f:startTime": {} + } + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:01+00:00" + }, + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:labels": { + "f:tidb.pingcap.com/cluster-id": {} + } + } + }, + "manager": "tidb-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:55+00:00" + } + ], + "name": "test-cluster-discovery-689d8466cb-rkhsw", + "namespace": "acto-namespace", + "owner_references": [ + { + "api_version": "apps/v1", + "block_owner_deletion": true, + "controller": true, + "kind": "ReplicaSet", + "name": "test-cluster-discovery-689d8466cb", + "uid": "a6ae946c-e641-488e-8d11-8f8a0e04bed1" + } + ], + "resource_version": "1411", + "self_link": null, + "uid": "7d5c38de-d388-4f79-a1eb-dbfcb1333562" + }, + "spec": { + "active_deadline_seconds": null, + "affinity": null, + "automount_service_account_token": null, + "containers": [ + { + "args": null, + "command": [ + "/usr/local/bin/tidb-discovery" + ], + "env": [ + { + "name": "MY_POD_NAMESPACE", + "value": null, + "value_from": { + "config_map_key_ref": null, + "field_ref": { + "api_version": "v1", + "field_path": "metadata.namespace" + }, + "resource_field_ref": null, + "secret_key_ref": null + } + }, + { + "name": "TZ", + "value": "UTC", + "value_from": null + }, + { + "name": "TC_NAME", + "value": "test-cluster", + "value_from": null + } + ], + "env_from": null, + "image": "pingcap/tidb-operator:v1.3.2", + "image_pull_policy": "IfNotPresent", + "lifecycle": null, + "liveness_probe": null, + "name": "discovery", + "ports": [ + { + "container_port": 10261, + "host_ip": null, + "host_port": null, + "name": "discovery", + "protocol": "TCP" + }, + { + "container_port": 10262, + "host_ip": null, + "host_port": null, + "name": "proxy", + "protocol": "TCP" + } + ], + "readiness_probe": null, + "resources": { + "claims": null, + "limits": null, + "requests": null + }, + "security_context": null, + "startup_probe": null, + "stdin": null, + "stdin_once": null, + "termination_message_path": "/dev/termination-log", + "termination_message_policy": "File", + "tty": null, + "volume_devices": null, + "volume_mounts": [ + { + "mount_path": "/var/run/secrets/kubernetes.io/serviceaccount", + "mount_propagation": null, + "name": "kube-api-access-kvn5p", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + } + ], + "working_dir": null + } + ], + "dns_config": null, + "dns_policy": "ClusterFirst", + "enable_service_links": true, + "ephemeral_containers": null, + "host_aliases": null, + "host_ipc": null, + "host_network": null, + "host_pid": null, + "host_users": null, + "hostname": null, + "image_pull_secrets": null, + "init_containers": null, + "node_name": "acto-0-cluster-0-worker2", + "node_selector": null, + "os": null, + "overhead": null, + "preemption_policy": "PreemptLowerPriority", + "priority": 0, + "priority_class_name": null, + "readiness_gates": null, + "resource_claims": null, + "restart_policy": "Always", + "runtime_class_name": null, + "scheduler_name": "default-scheduler", + "scheduling_gates": null, + "security_context": { + "fs_group": null, + "fs_group_change_policy": null, + "run_as_group": null, + "run_as_non_root": null, + "run_as_user": null, + "se_linux_options": null, + "seccomp_profile": null, + "supplemental_groups": null, + "sysctls": null, + "windows_options": null + }, + "service_account": "test-cluster-discovery", + "service_account_name": "test-cluster-discovery", + "set_hostname_as_fqdn": null, + "share_process_namespace": null, + "subdomain": null, + "termination_grace_period_seconds": 30, + "tolerations": [ + { + "effect": "NoExecute", + "key": "node.kubernetes.io/not-ready", + "operator": "Exists", + "toleration_seconds": 300, + "value": null + }, + { + "effect": "NoExecute", + "key": "node.kubernetes.io/unreachable", + "operator": "Exists", + "toleration_seconds": 300, + "value": null + } + ], + "topology_spread_constraints": null, + "volumes": [ + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "kube-api-access-kvn5p", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": { + "default_mode": 420, + "sources": [ + { + "config_map": null, + "downward_api": null, + "secret": null, + "service_account_token": { + "audience": null, + "expiration_seconds": 3607, + "path": "token" + } + }, + { + "config_map": { + "items": [ + { + "key": "ca.crt", + "mode": null, + "path": "ca.crt" + } + ], + "name": "kube-root-ca.crt", + "optional": null + }, + "downward_api": null, + "secret": null, + "service_account_token": null + }, + { + "config_map": null, + "downward_api": { + "items": [ + { + "field_ref": { + "api_version": "v1", + "field_path": "metadata.namespace" + }, + "mode": null, + "path": "namespace", + "resource_field_ref": null + } + ] + }, + "secret": null, + "service_account_token": null + } + ] + }, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + } + ] + }, + "status": { + "conditions": [ + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T01:19:59+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "Initialized" + }, + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T01:20:01+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "Ready" + }, + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T01:20:01+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "ContainersReady" + }, + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T01:19:59+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "PodScheduled" + } + ], + "container_statuses": [ + { + "container_id": "containerd://28e3a899abba97d805ee331d8c6d6c446d517b15a8803a799a37537f194899b1", + "image": "docker.io/pingcap/tidb-operator:v1.3.2", + "image_id": "docker.io/library/import-2024-02-27@sha256:c76b0aaafb25be29b2618f334a63ffbc5be84d1ddc1660eb0c9e1aa43854b9bc", + "last_state": { + "running": null, + "terminated": null, + "waiting": null + }, + "name": "discovery", + "ready": true, + "restart_count": 0, + "started": true, + "state": { + "running": { + "started_at": "2024-02-27T01:20:00+00:00" + }, + "terminated": null, + "waiting": null + } + } + ], + "ephemeral_container_statuses": null, + "host_ip": "172.18.0.5", + "init_container_statuses": null, + "message": null, + "nominated_node_name": null, + "phase": "Running", + "pod_ip": "10.244.2.3", + "pod_i_ps": [ + { + "ip": "10.244.2.3" + } + ], + "qos_class": "BestEffort", + "reason": null, + "start_time": "2024-02-27T01:19:59+00:00" + } + } + ], + "tidb-controller-manager": [ + { + "api_version": null, + "kind": null, + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:19:34+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": "tidb-controller-manager-7b6bdb846c-", + "generation": null, + "labels": { + "acto/tag": "operator-pod", + "app.kubernetes.io/component": "controller-manager", + "app.kubernetes.io/instance": "acto-test-operator", + "app.kubernetes.io/name": "tidb-operator", + "pod-template-hash": "7b6bdb846c" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:generateName": {}, + "f:labels": { + ".": {}, + "f:acto/tag": {}, + "f:app.kubernetes.io/component": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/name": {}, + "f:pod-template-hash": {} + }, + "f:ownerReferences": { + ".": {}, + "k:{\"uid\":\"bb205349-db16-4be3-a580-837c95106a43\"}": {} + } + }, + "f:spec": { + "f:containers": { + "k:{\"name\":\"tidb-operator\"}": { + ".": {}, + "f:command": {}, + "f:env": { + ".": {}, + "k:{\"name\":\"NAMESPACE\"}": { + ".": {}, + "f:name": {}, + "f:valueFrom": { + ".": {}, + "f:fieldRef": {} + } + }, + "k:{\"name\":\"TZ\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + } + }, + "f:image": {}, + "f:imagePullPolicy": {}, + "f:livenessProbe": { + ".": {}, + "f:failureThreshold": {}, + "f:initialDelaySeconds": {}, + "f:periodSeconds": {}, + "f:successThreshold": {}, + "f:tcpSocket": { + ".": {}, + "f:port": {} + }, + "f:timeoutSeconds": {} + }, + "f:name": {}, + "f:resources": { + ".": {}, + "f:requests": { + ".": {}, + "f:cpu": {}, + "f:memory": {} + } + }, + "f:terminationMessagePath": {}, + "f:terminationMessagePolicy": {} + } + }, + "f:dnsPolicy": {}, + "f:enableServiceLinks": {}, + "f:restartPolicy": {}, + "f:schedulerName": {}, + "f:securityContext": {}, + "f:serviceAccount": {}, + "f:serviceAccountName": {}, + "f:terminationGracePeriodSeconds": {} + } + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:34+00:00" + }, + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:status": { + "f:conditions": { + "k:{\"type\":\"ContainersReady\"}": { + ".": {}, + "f:lastProbeTime": {}, + "f:lastTransitionTime": {}, + "f:status": {}, + "f:type": {} + }, + "k:{\"type\":\"Initialized\"}": { + ".": {}, + "f:lastProbeTime": {}, + "f:lastTransitionTime": {}, + "f:status": {}, + "f:type": {} + }, + "k:{\"type\":\"Ready\"}": { + ".": {}, + "f:lastProbeTime": {}, + "f:lastTransitionTime": {}, + "f:status": {}, + "f:type": {} + } + }, + "f:containerStatuses": {}, + "f:hostIP": {}, + "f:phase": {}, + "f:podIP": {}, + "f:podIPs": { + ".": {}, + "k:{\"ip\":\"10.244.1.2\"}": { + ".": {}, + "f:ip": {} + } + }, + "f:startTime": {} + } + }, + "manager": "kubelet", + "operation": "Update", + "subresource": "status", + "time": "2024-02-27T01:19:35+00:00" + } + ], + "name": "tidb-controller-manager-7b6bdb846c-75s8q", + "namespace": "acto-namespace", + "owner_references": [ + { + "api_version": "apps/v1", + "block_owner_deletion": true, + "controller": true, + "kind": "ReplicaSet", + "name": "tidb-controller-manager-7b6bdb846c", + "uid": "bb205349-db16-4be3-a580-837c95106a43" + } + ], + "resource_version": "772", + "self_link": null, + "uid": "b93e5400-95b9-4849-81cd-5e05969d0494" + }, + "spec": { + "active_deadline_seconds": null, + "affinity": null, + "automount_service_account_token": null, + "containers": [ + { + "args": null, + "command": [ + "/usr/local/bin/tidb-controller-manager", + "-tidb-backup-manager-image=pingcap/tidb-backup-manager:v1.3.2", + "-tidb-discovery-image=pingcap/tidb-operator:v1.3.2", + "-cluster-scoped=true", + "-cluster-permission-node=true", + "-cluster-permission-pv=true", + "-cluster-permission-sc=true", + "-auto-failover=true", + "-pd-failover-period=5m", + "-tikv-failover-period=5m", + "-tiflash-failover-period=5m", + "-tidb-failover-period=5m", + "-dm-master-failover-period=5m", + "-dm-worker-failover-period=5m", + "-v=2" + ], + "env": [ + { + "name": "NAMESPACE", + "value": null, + "value_from": { + "config_map_key_ref": null, + "field_ref": { + "api_version": "v1", + "field_path": "metadata.namespace" + }, + "resource_field_ref": null, + "secret_key_ref": null + } + }, + { + "name": "TZ", + "value": "UTC", + "value_from": null + } + ], + "env_from": null, + "image": "pingcap/tidb-operator:v1.3.2", + "image_pull_policy": "IfNotPresent", + "lifecycle": null, + "liveness_probe": { + "_exec": null, + "failure_threshold": 10, + "grpc": null, + "http_get": null, + "initial_delay_seconds": 30, + "period_seconds": 10, + "success_threshold": 1, + "tcp_socket": { + "host": null, + "port": 6060 + }, + "termination_grace_period_seconds": null, + "timeout_seconds": 1 + }, + "name": "tidb-operator", + "ports": null, + "readiness_probe": null, + "resources": { + "claims": null, + "limits": null, + "requests": { + "cpu": "80m", + "memory": "50Mi" + } + }, + "security_context": null, + "startup_probe": null, + "stdin": null, + "stdin_once": null, + "termination_message_path": "/dev/termination-log", + "termination_message_policy": "File", + "tty": null, + "volume_devices": null, + "volume_mounts": [ + { + "mount_path": "/var/run/secrets/kubernetes.io/serviceaccount", + "mount_propagation": null, + "name": "kube-api-access-cwpt2", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + } + ], + "working_dir": null + } + ], + "dns_config": null, + "dns_policy": "ClusterFirst", + "enable_service_links": true, + "ephemeral_containers": null, + "host_aliases": null, + "host_ipc": null, + "host_network": null, + "host_pid": null, + "host_users": null, + "hostname": null, + "image_pull_secrets": null, + "init_containers": null, + "node_name": "acto-0-cluster-0-worker", + "node_selector": null, + "os": null, + "overhead": null, + "preemption_policy": "PreemptLowerPriority", + "priority": 0, + "priority_class_name": null, + "readiness_gates": null, + "resource_claims": null, + "restart_policy": "Always", + "runtime_class_name": null, + "scheduler_name": "default-scheduler", + "scheduling_gates": null, + "security_context": { + "fs_group": null, + "fs_group_change_policy": null, + "run_as_group": null, + "run_as_non_root": null, + "run_as_user": null, + "se_linux_options": null, + "seccomp_profile": null, + "supplemental_groups": null, + "sysctls": null, + "windows_options": null + }, + "service_account": "tidb-controller-manager", + "service_account_name": "tidb-controller-manager", + "set_hostname_as_fqdn": null, + "share_process_namespace": null, + "subdomain": null, + "termination_grace_period_seconds": 30, + "tolerations": [ + { + "effect": "NoExecute", + "key": "node.kubernetes.io/not-ready", + "operator": "Exists", + "toleration_seconds": 300, + "value": null + }, + { + "effect": "NoExecute", + "key": "node.kubernetes.io/unreachable", + "operator": "Exists", + "toleration_seconds": 300, + "value": null + } + ], + "topology_spread_constraints": null, + "volumes": [ + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "kube-api-access-cwpt2", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": { + "default_mode": 420, + "sources": [ + { + "config_map": null, + "downward_api": null, + "secret": null, + "service_account_token": { + "audience": null, + "expiration_seconds": 3607, + "path": "token" + } + }, + { + "config_map": { + "items": [ + { + "key": "ca.crt", + "mode": null, + "path": "ca.crt" + } + ], + "name": "kube-root-ca.crt", + "optional": null + }, + "downward_api": null, + "secret": null, + "service_account_token": null + }, + { + "config_map": null, + "downward_api": { + "items": [ + { + "field_ref": { + "api_version": "v1", + "field_path": "metadata.namespace" + }, + "mode": null, + "path": "namespace", + "resource_field_ref": null + } + ] + }, + "secret": null, + "service_account_token": null + } + ] + }, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + } + ] + }, + "status": { + "conditions": [ + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T01:19:34+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "Initialized" + }, + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T01:19:35+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "Ready" + }, + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T01:19:35+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "ContainersReady" + }, + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T01:19:34+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "PodScheduled" + } + ], + "container_statuses": [ + { + "container_id": "containerd://caea90884ede486bbd27d844516f0cc0e2902939d2af7a26eb8e979f7a95f801", + "image": "docker.io/pingcap/tidb-operator:v1.3.2", + "image_id": "docker.io/library/import-2024-02-27@sha256:c76b0aaafb25be29b2618f334a63ffbc5be84d1ddc1660eb0c9e1aa43854b9bc", + "last_state": { + "running": null, + "terminated": null, + "waiting": null + }, + "name": "tidb-operator", + "ready": true, + "restart_count": 0, + "started": true, + "state": { + "running": { + "started_at": "2024-02-27T01:19:34+00:00" + }, + "terminated": null, + "waiting": null + } + } + ], + "ephemeral_container_statuses": null, + "host_ip": "172.18.0.2", + "init_container_statuses": null, + "message": null, + "nominated_node_name": null, + "phase": "Running", + "pod_ip": "10.244.1.2", + "pod_i_ps": [ + { + "ip": "10.244.1.2" + } + ], + "qos_class": "Burstable", + "reason": null, + "start_time": "2024-02-27T01:19:34+00:00" + } + } + ], + "tidb-scheduler": [ + { + "api_version": null, + "kind": null, + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:19:34+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": "tidb-scheduler-77874455fc-", + "generation": null, + "labels": { + "acto/tag": "operator-pod", + "app.kubernetes.io/component": "scheduler", + "app.kubernetes.io/instance": "acto-test-operator", + "app.kubernetes.io/name": "tidb-operator", + "pod-template-hash": "77874455fc" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:generateName": {}, + "f:labels": { + ".": {}, + "f:acto/tag": {}, + "f:app.kubernetes.io/component": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/name": {}, + "f:pod-template-hash": {} + }, + "f:ownerReferences": { + ".": {}, + "k:{\"uid\":\"c9b2667a-583a-46ba-9e81-967fa44bd897\"}": {} + } + }, + "f:spec": { + "f:containers": { + "k:{\"name\":\"kube-scheduler\"}": { + ".": {}, + "f:command": {}, + "f:image": {}, + "f:imagePullPolicy": {}, + "f:name": {}, + "f:resources": { + ".": {}, + "f:limits": { + ".": {}, + "f:cpu": {}, + "f:memory": {} + }, + "f:requests": { + ".": {}, + "f:cpu": {}, + "f:memory": {} + } + }, + "f:terminationMessagePath": {}, + "f:terminationMessagePolicy": {}, + "f:volumeMounts": { + ".": {}, + "k:{\"mountPath\":\"/etc/kubernetes\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {} + } + } + }, + "k:{\"name\":\"tidb-scheduler\"}": { + ".": {}, + "f:command": {}, + "f:image": {}, + "f:imagePullPolicy": {}, + "f:name": {}, + "f:resources": { + ".": {}, + "f:limits": { + ".": {}, + "f:cpu": {}, + "f:memory": {} + }, + "f:requests": { + ".": {}, + "f:cpu": {}, + "f:memory": {} + } + }, + "f:terminationMessagePath": {}, + "f:terminationMessagePolicy": {} + } + }, + "f:dnsPolicy": {}, + "f:enableServiceLinks": {}, + "f:restartPolicy": {}, + "f:schedulerName": {}, + "f:securityContext": {}, + "f:serviceAccount": {}, + "f:serviceAccountName": {}, + "f:terminationGracePeriodSeconds": {}, + "f:volumes": { + ".": {}, + "k:{\"name\":\"scheduler-config\"}": { + ".": {}, + "f:configMap": { + ".": {}, + "f:defaultMode": {}, + "f:name": {} + }, + "f:name": {} + } + } + } + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:34+00:00" + }, + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:status": { + "f:conditions": { + "k:{\"type\":\"ContainersReady\"}": { + ".": {}, + "f:lastProbeTime": {}, + "f:lastTransitionTime": {}, + "f:status": {}, + "f:type": {} + }, + "k:{\"type\":\"Initialized\"}": { + ".": {}, + "f:lastProbeTime": {}, + "f:lastTransitionTime": {}, + "f:status": {}, + "f:type": {} + }, + "k:{\"type\":\"Ready\"}": { + ".": {}, + "f:lastProbeTime": {}, + "f:lastTransitionTime": {}, + "f:status": {}, + "f:type": {} + } + }, + "f:containerStatuses": {}, + "f:hostIP": {}, + "f:phase": {}, + "f:podIP": {}, + "f:podIPs": { + ".": {}, + "k:{\"ip\":\"10.244.3.3\"}": { + ".": {}, + "f:ip": {} + } + }, + "f:startTime": {} + } + }, + "manager": "kubelet", + "operation": "Update", + "subresource": "status", + "time": "2024-02-27T01:19:37+00:00" + } + ], + "name": "tidb-scheduler-77874455fc-dxfhz", + "namespace": "acto-namespace", + "owner_references": [ + { + "api_version": "apps/v1", + "block_owner_deletion": true, + "controller": true, + "kind": "ReplicaSet", + "name": "tidb-scheduler-77874455fc", + "uid": "c9b2667a-583a-46ba-9e81-967fa44bd897" + } + ], + "resource_version": "792", + "self_link": null, + "uid": "b5ef8809-da58-498b-8b27-4d7f2c32a074" + }, + "spec": { + "active_deadline_seconds": null, + "affinity": null, + "automount_service_account_token": null, + "containers": [ + { + "args": null, + "command": [ + "/usr/local/bin/tidb-scheduler", + "-v=2", + "-port=10262" + ], + "env": null, + "env_from": null, + "image": "pingcap/tidb-operator:v1.3.2", + "image_pull_policy": "IfNotPresent", + "lifecycle": null, + "liveness_probe": null, + "name": "tidb-scheduler", + "ports": null, + "readiness_probe": null, + "resources": { + "claims": null, + "limits": { + "cpu": "250m", + "memory": "150Mi" + }, + "requests": { + "cpu": "80m", + "memory": "50Mi" + } + }, + "security_context": null, + "startup_probe": null, + "stdin": null, + "stdin_once": null, + "termination_message_path": "/dev/termination-log", + "termination_message_policy": "File", + "tty": null, + "volume_devices": null, + "volume_mounts": [ + { + "mount_path": "/var/run/secrets/kubernetes.io/serviceaccount", + "mount_propagation": null, + "name": "kube-api-access-8nw56", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + } + ], + "working_dir": null + }, + { + "args": null, + "command": [ + "kube-scheduler", + "--v=2", + "--config=/etc/kubernetes/scheduler-config.yaml" + ], + "env": null, + "env_from": null, + "image": "k8s.gcr.io/kube-scheduler:v1.22.9", + "image_pull_policy": "IfNotPresent", + "lifecycle": null, + "liveness_probe": null, + "name": "kube-scheduler", + "ports": null, + "readiness_probe": null, + "resources": { + "claims": null, + "limits": { + "cpu": "250m", + "memory": "150Mi" + }, + "requests": { + "cpu": "80m", + "memory": "50Mi" + } + }, + "security_context": null, + "startup_probe": null, + "stdin": null, + "stdin_once": null, + "termination_message_path": "/dev/termination-log", + "termination_message_policy": "File", + "tty": null, + "volume_devices": null, + "volume_mounts": [ + { + "mount_path": "/etc/kubernetes", + "mount_propagation": null, + "name": "scheduler-config", + "read_only": null, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/var/run/secrets/kubernetes.io/serviceaccount", + "mount_propagation": null, + "name": "kube-api-access-8nw56", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + } + ], + "working_dir": null + } + ], + "dns_config": null, + "dns_policy": "ClusterFirst", + "enable_service_links": true, + "ephemeral_containers": null, + "host_aliases": null, + "host_ipc": null, + "host_network": null, + "host_pid": null, + "host_users": null, + "hostname": null, + "image_pull_secrets": null, + "init_containers": null, + "node_name": "acto-0-cluster-0-worker3", + "node_selector": null, + "os": null, + "overhead": null, + "preemption_policy": "PreemptLowerPriority", + "priority": 0, + "priority_class_name": null, + "readiness_gates": null, + "resource_claims": null, + "restart_policy": "Always", + "runtime_class_name": null, + "scheduler_name": "default-scheduler", + "scheduling_gates": null, + "security_context": { + "fs_group": null, + "fs_group_change_policy": null, + "run_as_group": null, + "run_as_non_root": null, + "run_as_user": null, + "se_linux_options": null, + "seccomp_profile": null, + "supplemental_groups": null, + "sysctls": null, + "windows_options": null + }, + "service_account": "tidb-scheduler", + "service_account_name": "tidb-scheduler", + "set_hostname_as_fqdn": null, + "share_process_namespace": null, + "subdomain": null, + "termination_grace_period_seconds": 30, + "tolerations": [ + { + "effect": "NoExecute", + "key": "node.kubernetes.io/not-ready", + "operator": "Exists", + "toleration_seconds": 300, + "value": null + }, + { + "effect": "NoExecute", + "key": "node.kubernetes.io/unreachable", + "operator": "Exists", + "toleration_seconds": 300, + "value": null + } + ], + "topology_spread_constraints": null, + "volumes": [ + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": { + "default_mode": 420, + "items": null, + "name": "tidb-scheduler-config", + "optional": null + }, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "scheduler-config", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "kube-api-access-8nw56", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": { + "default_mode": 420, + "sources": [ + { + "config_map": null, + "downward_api": null, + "secret": null, + "service_account_token": { + "audience": null, + "expiration_seconds": 3607, + "path": "token" + } + }, + { + "config_map": { + "items": [ + { + "key": "ca.crt", + "mode": null, + "path": "ca.crt" + } + ], + "name": "kube-root-ca.crt", + "optional": null + }, + "downward_api": null, + "secret": null, + "service_account_token": null + }, + { + "config_map": null, + "downward_api": { + "items": [ + { + "field_ref": { + "api_version": "v1", + "field_path": "metadata.namespace" + }, + "mode": null, + "path": "namespace", + "resource_field_ref": null + } + ] + }, + "secret": null, + "service_account_token": null + } + ] + }, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + } + ] + }, + "status": { + "conditions": [ + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T01:19:34+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "Initialized" + }, + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T01:19:37+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "Ready" + }, + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T01:19:37+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "ContainersReady" + }, + { + "last_probe_time": null, + "last_transition_time": "2024-02-27T01:19:34+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "PodScheduled" + } + ], + "container_statuses": [ + { + "container_id": "containerd://f2223ddc3676158fe84acccc0915ced286e7cbdff99b443ff4b154774a88a874", + "image": "k8s.gcr.io/kube-scheduler:v1.22.9", + "image_id": "k8s.gcr.io/kube-scheduler@sha256:9748f115f11151a0e5ffda770f696bef46371b819a84b95e77bbfc7843b64404", + "last_state": { + "running": null, + "terminated": null, + "waiting": null + }, + "name": "kube-scheduler", + "ready": true, + "restart_count": 0, + "started": true, + "state": { + "running": { + "started_at": "2024-02-27T01:19:36+00:00" + }, + "terminated": null, + "waiting": null + } + }, + { + "container_id": "containerd://d8f8fb1a875d8c68c580f21b9aab9d182a3f31657b2bb3ef878c85ac42128d55", + "image": "docker.io/pingcap/tidb-operator:v1.3.2", + "image_id": "docker.io/library/import-2024-02-27@sha256:c76b0aaafb25be29b2618f334a63ffbc5be84d1ddc1660eb0c9e1aa43854b9bc", + "last_state": { + "running": null, + "terminated": null, + "waiting": null + }, + "name": "tidb-scheduler", + "ready": true, + "restart_count": 0, + "started": true, + "state": { + "running": { + "started_at": "2024-02-27T01:19:34+00:00" + }, + "terminated": null, + "waiting": null + } + } + ], + "ephemeral_container_statuses": null, + "host_ip": "172.18.0.3", + "init_container_statuses": null, + "message": null, + "nominated_node_name": null, + "phase": "Running", + "pod_ip": "10.244.3.3", + "pod_i_ps": [ + { + "ip": "10.244.3.3" + } + ], + "qos_class": "Burstable", + "reason": null, + "start_time": "2024-02-27T01:19:34+00:00" + } + } + ] + }, + "daemonset_pods": {}, + "stateful_set": { + "test-cluster-pd": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": { + "pingcap.com/last-applied-configuration": "{\"replicas\":3,\"selector\":{\"matchLabels\":{\"app.kubernetes.io/component\":\"pd\",\"app.kubernetes.io/instance\":\"test-cluster\",\"app.kubernetes.io/managed-by\":\"tidb-operator\",\"app.kubernetes.io/name\":\"tidb-cluster\"}},\"template\":{\"metadata\":{\"creationTimestamp\":null,\"labels\":{\"app.kubernetes.io/component\":\"pd\",\"app.kubernetes.io/instance\":\"test-cluster\",\"app.kubernetes.io/managed-by\":\"tidb-operator\",\"app.kubernetes.io/name\":\"tidb-cluster\"},\"annotations\":{\"prometheus.io/path\":\"/metrics\",\"prometheus.io/port\":\"2379\",\"prometheus.io/scrape\":\"true\"}},\"spec\":{\"volumes\":[{\"name\":\"annotations\",\"downwardAPI\":{\"items\":[{\"path\":\"annotations\",\"fieldRef\":{\"fieldPath\":\"metadata.annotations\"}}]}},{\"name\":\"config\",\"configMap\":{\"name\":\"test-cluster-pd-3731616\",\"items\":[{\"key\":\"config-file\",\"path\":\"pd.toml\"}]}},{\"name\":\"startup-script\",\"configMap\":{\"name\":\"test-cluster-pd-3731616\",\"items\":[{\"key\":\"startup-script\",\"path\":\"pd_start_script.sh\"}]}}],\"containers\":[{\"name\":\"pd\",\"image\":\"pingcap/pd:v5.4.0\",\"command\":[\"/bin/sh\",\"/usr/local/bin/pd_start_script.sh\"],\"ports\":[{\"name\":\"server\",\"containerPort\":2380,\"protocol\":\"TCP\"},{\"name\":\"client\",\"containerPort\":2379,\"protocol\":\"TCP\"}],\"env\":[{\"name\":\"NAMESPACE\",\"valueFrom\":{\"fieldRef\":{\"fieldPath\":\"metadata.namespace\"}}},{\"name\":\"PEER_SERVICE_NAME\",\"value\":\"test-cluster-pd-peer\"},{\"name\":\"SERVICE_NAME\",\"value\":\"test-cluster-pd\"},{\"name\":\"SET_NAME\",\"value\":\"test-cluster-pd\"},{\"name\":\"TZ\",\"value\":\"UTC\"}],\"resources\":{},\"volumeMounts\":[{\"name\":\"annotations\",\"readOnly\":true,\"mountPath\":\"/etc/podinfo\"},{\"name\":\"config\",\"readOnly\":true,\"mountPath\":\"/etc/pd\"},{\"name\":\"startup-script\",\"readOnly\":true,\"mountPath\":\"/usr/local/bin\"},{\"name\":\"pd\",\"mountPath\":\"/var/lib/pd\"}],\"imagePullPolicy\":\"IfNotPresent\"}],\"restartPolicy\":\"Always\",\"dnsPolicy\":\"ClusterFirst\"}},\"volumeClaimTemplates\":[{\"metadata\":{\"name\":\"pd\",\"creationTimestamp\":null},\"spec\":{\"accessModes\":[\"ReadWriteOnce\"],\"resources\":{\"requests\":{\"storage\":\"10Gi\"}}},\"status\":{}}],\"serviceName\":\"test-cluster-pd-peer\",\"podManagementPolicy\":\"Parallel\",\"updateStrategy\":{\"type\":\"RollingUpdate\",\"rollingUpdate\":{\"partition\":3}}}" + }, + "creation_timestamp": "2024-02-27T01:19:59+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": 1, + "labels": { + "app.kubernetes.io/component": "pd", + "app.kubernetes.io/instance": "test-cluster", + "app.kubernetes.io/managed-by": "tidb-operator", + "app.kubernetes.io/name": "tidb-cluster" + }, + "managed_fields": [ + { + "api_version": "apps/v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + ".": {}, + "f:pingcap.com/last-applied-configuration": {} + }, + "f:labels": { + ".": {}, + "f:app.kubernetes.io/component": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {} + }, + "f:ownerReferences": { + ".": {}, + "k:{\"uid\":\"eff6561e-bf0d-471c-99a1-71f35603bc87\"}": {} + } + }, + "f:spec": { + "f:persistentVolumeClaimRetentionPolicy": { + ".": {}, + "f:whenDeleted": {}, + "f:whenScaled": {} + }, + "f:podManagementPolicy": {}, + "f:replicas": {}, + "f:revisionHistoryLimit": {}, + "f:selector": {}, + "f:serviceName": {}, + "f:template": { + "f:metadata": { + "f:annotations": { + ".": {}, + "f:prometheus.io/path": {}, + "f:prometheus.io/port": {}, + "f:prometheus.io/scrape": {} + }, + "f:labels": { + ".": {}, + "f:app.kubernetes.io/component": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {} + } + }, + "f:spec": { + "f:containers": { + "k:{\"name\":\"pd\"}": { + ".": {}, + "f:command": {}, + "f:env": { + ".": {}, + "k:{\"name\":\"NAMESPACE\"}": { + ".": {}, + "f:name": {}, + "f:valueFrom": { + ".": {}, + "f:fieldRef": {} + } + }, + "k:{\"name\":\"PEER_SERVICE_NAME\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"SERVICE_NAME\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"SET_NAME\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"TZ\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + } + }, + "f:image": {}, + "f:imagePullPolicy": {}, + "f:name": {}, + "f:ports": { + ".": {}, + "k:{\"containerPort\":2379,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + }, + "k:{\"containerPort\":2380,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + } + }, + "f:resources": {}, + "f:terminationMessagePath": {}, + "f:terminationMessagePolicy": {}, + "f:volumeMounts": { + ".": {}, + "k:{\"mountPath\":\"/etc/pd\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {}, + "f:readOnly": {} + }, + "k:{\"mountPath\":\"/etc/podinfo\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {}, + "f:readOnly": {} + }, + "k:{\"mountPath\":\"/usr/local/bin\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {}, + "f:readOnly": {} + }, + "k:{\"mountPath\":\"/var/lib/pd\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {} + } + } + } + }, + "f:dnsPolicy": {}, + "f:restartPolicy": {}, + "f:schedulerName": {}, + "f:securityContext": {}, + "f:terminationGracePeriodSeconds": {}, + "f:volumes": { + ".": {}, + "k:{\"name\":\"annotations\"}": { + ".": {}, + "f:downwardAPI": { + ".": {}, + "f:defaultMode": {}, + "f:items": {} + }, + "f:name": {} + }, + "k:{\"name\":\"config\"}": { + ".": {}, + "f:configMap": { + ".": {}, + "f:defaultMode": {}, + "f:items": {}, + "f:name": {} + }, + "f:name": {} + }, + "k:{\"name\":\"startup-script\"}": { + ".": {}, + "f:configMap": { + ".": {}, + "f:defaultMode": {}, + "f:items": {}, + "f:name": {} + }, + "f:name": {} + } + } + } + }, + "f:updateStrategy": { + "f:rollingUpdate": { + ".": {}, + "f:partition": {} + }, + "f:type": {} + }, + "f:volumeClaimTemplates": {} + } + }, + "manager": "tidb-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:59+00:00" + }, + { + "api_version": "apps/v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:status": { + "f:availableReplicas": {}, + "f:collisionCount": {}, + "f:currentReplicas": {}, + "f:currentRevision": {}, + "f:observedGeneration": {}, + "f:readyReplicas": {}, + "f:replicas": {}, + "f:updateRevision": {}, + "f:updatedReplicas": {} + } + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": "status", + "time": "2024-02-27T01:20:26+00:00" + } + ], + "name": "test-cluster-pd", + "namespace": "acto-namespace", + "owner_references": [ + { + "api_version": "pingcap.com/v1alpha1", + "block_owner_deletion": true, + "controller": true, + "kind": "TidbCluster", + "name": "test-cluster", + "uid": "eff6561e-bf0d-471c-99a1-71f35603bc87" + } + ], + "resource_version": "1238", + "self_link": null, + "uid": "88522170-1faf-4a03-8d4e-f4f6a40c72a7" + }, + "spec": { + "min_ready_seconds": null, + "ordinals": null, + "persistent_volume_claim_retention_policy": { + "when_deleted": "Retain", + "when_scaled": "Retain" + }, + "pod_management_policy": "Parallel", + "replicas": 3, + "revision_history_limit": 10, + "selector": { + "match_expressions": null, + "match_labels": { + "app.kubernetes.io/component": "pd", + "app.kubernetes.io/instance": "test-cluster", + "app.kubernetes.io/managed-by": "tidb-operator", + "app.kubernetes.io/name": "tidb-cluster" + } + }, + "service_name": "test-cluster-pd-peer", + "template": { + "metadata": { + "annotations": { + "prometheus.io/path": "/metrics", + "prometheus.io/port": "2379", + "prometheus.io/scrape": "true" + }, + "creation_timestamp": null, + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": { + "app.kubernetes.io/component": "pd", + "app.kubernetes.io/instance": "test-cluster", + "app.kubernetes.io/managed-by": "tidb-operator", + "app.kubernetes.io/name": "tidb-cluster" + }, + "managed_fields": null, + "name": null, + "namespace": null, + "owner_references": null, + "resource_version": null, + "self_link": null, + "uid": null + }, + "spec": { + "active_deadline_seconds": null, + "affinity": null, + "automount_service_account_token": null, + "containers": [ + { + "args": null, + "command": [ + "/bin/sh", + "/usr/local/bin/pd_start_script.sh" + ], + "env": [ + { + "name": "NAMESPACE", + "value": null, + "value_from": { + "config_map_key_ref": null, + "field_ref": { + "api_version": "v1", + "field_path": "metadata.namespace" + }, + "resource_field_ref": null, + "secret_key_ref": null + } + }, + { + "name": "PEER_SERVICE_NAME", + "value": "test-cluster-pd-peer", + "value_from": null + }, + { + "name": "SERVICE_NAME", + "value": "test-cluster-pd", + "value_from": null + }, + { + "name": "SET_NAME", + "value": "test-cluster-pd", + "value_from": null + }, + { + "name": "TZ", + "value": "UTC", + "value_from": null + } + ], + "env_from": null, + "image": "pingcap/pd:v5.4.0", + "image_pull_policy": "IfNotPresent", + "lifecycle": null, + "liveness_probe": null, + "name": "pd", + "ports": [ + { + "container_port": 2380, + "host_ip": null, + "host_port": null, + "name": "server", + "protocol": "TCP" + }, + { + "container_port": 2379, + "host_ip": null, + "host_port": null, + "name": "client", + "protocol": "TCP" + } + ], + "readiness_probe": null, + "resources": { + "claims": null, + "limits": null, + "requests": null + }, + "security_context": null, + "startup_probe": null, + "stdin": null, + "stdin_once": null, + "termination_message_path": "/dev/termination-log", + "termination_message_policy": "File", + "tty": null, + "volume_devices": null, + "volume_mounts": [ + { + "mount_path": "/etc/podinfo", + "mount_propagation": null, + "name": "annotations", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/etc/pd", + "mount_propagation": null, + "name": "config", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/usr/local/bin", + "mount_propagation": null, + "name": "startup-script", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/var/lib/pd", + "mount_propagation": null, + "name": "pd", + "read_only": null, + "sub_path": null, + "sub_path_expr": null + } + ], + "working_dir": null + } + ], + "dns_config": null, + "dns_policy": "ClusterFirst", + "enable_service_links": null, + "ephemeral_containers": null, + "host_aliases": null, + "host_ipc": null, + "host_network": null, + "host_pid": null, + "host_users": null, + "hostname": null, + "image_pull_secrets": null, + "init_containers": null, + "node_name": null, + "node_selector": null, + "os": null, + "overhead": null, + "preemption_policy": null, + "priority": null, + "priority_class_name": null, + "readiness_gates": null, + "resource_claims": null, + "restart_policy": "Always", + "runtime_class_name": null, + "scheduler_name": "default-scheduler", + "scheduling_gates": null, + "security_context": { + "fs_group": null, + "fs_group_change_policy": null, + "run_as_group": null, + "run_as_non_root": null, + "run_as_user": null, + "se_linux_options": null, + "seccomp_profile": null, + "supplemental_groups": null, + "sysctls": null, + "windows_options": null + }, + "service_account": null, + "service_account_name": null, + "set_hostname_as_fqdn": null, + "share_process_namespace": null, + "subdomain": null, + "termination_grace_period_seconds": 30, + "tolerations": null, + "topology_spread_constraints": null, + "volumes": [ + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": { + "default_mode": 420, + "items": [ + { + "field_ref": { + "api_version": "v1", + "field_path": "metadata.annotations" + }, + "mode": null, + "path": "annotations", + "resource_field_ref": null + } + ] + }, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "annotations", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": { + "default_mode": 420, + "items": [ + { + "key": "config-file", + "mode": null, + "path": "pd.toml" + } + ], + "name": "test-cluster-pd-3731616", + "optional": null + }, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "config", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": { + "default_mode": 420, + "items": [ + { + "key": "startup-script", + "mode": null, + "path": "pd_start_script.sh" + } + ], + "name": "test-cluster-pd-3731616", + "optional": null + }, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "startup-script", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + } + ] + } + }, + "update_strategy": { + "rolling_update": { + "max_unavailable": null, + "partition": 3 + }, + "type": "RollingUpdate" + }, + "volume_claim_templates": [ + { + "api_version": "v1", + "kind": "PersistentVolumeClaim", + "metadata": { + "annotations": null, + "creation_timestamp": null, + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": null, + "name": "pd", + "namespace": null, + "owner_references": null, + "resource_version": null, + "self_link": null, + "uid": null + }, + "spec": { + "access_modes": [ + "ReadWriteOnce" + ], + "data_source": null, + "data_source_ref": null, + "resources": { + "claims": null, + "limits": null, + "requests": { + "storage": "10Gi" + } + }, + "selector": null, + "storage_class_name": null, + "volume_mode": "Filesystem", + "volume_name": null + }, + "status": { + "access_modes": null, + "allocated_resources": null, + "capacity": null, + "conditions": null, + "phase": "Pending", + "resize_status": null + } + } + ] + }, + "status": { + "available_replicas": 3, + "collision_count": 0, + "conditions": null, + "current_replicas": 3, + "current_revision": "test-cluster-pd-859db88ddf", + "observed_generation": 1, + "ready_replicas": 3, + "replicas": 3, + "update_revision": "test-cluster-pd-859db88ddf", + "updated_replicas": 3 + } + }, + "test-cluster-tidb": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": { + "pingcap.com/last-applied-configuration": "{\"replicas\":3,\"selector\":{\"matchLabels\":{\"app.kubernetes.io/component\":\"tidb\",\"app.kubernetes.io/instance\":\"test-cluster\",\"app.kubernetes.io/managed-by\":\"tidb-operator\",\"app.kubernetes.io/name\":\"tidb-cluster\"}},\"template\":{\"metadata\":{\"creationTimestamp\":null,\"labels\":{\"app.kubernetes.io/component\":\"tidb\",\"app.kubernetes.io/instance\":\"test-cluster\",\"app.kubernetes.io/managed-by\":\"tidb-operator\",\"app.kubernetes.io/name\":\"tidb-cluster\"},\"annotations\":{\"prometheus.io/path\":\"/metrics\",\"prometheus.io/port\":\"10080\",\"prometheus.io/scrape\":\"true\"}},\"spec\":{\"volumes\":[{\"name\":\"annotations\",\"downwardAPI\":{\"items\":[{\"path\":\"annotations\",\"fieldRef\":{\"fieldPath\":\"metadata.annotations\"}}]}},{\"name\":\"config\",\"configMap\":{\"name\":\"test-cluster-tidb-6662316\",\"items\":[{\"key\":\"config-file\",\"path\":\"tidb.toml\"}]}},{\"name\":\"startup-script\",\"configMap\":{\"name\":\"test-cluster-tidb-6662316\",\"items\":[{\"key\":\"startup-script\",\"path\":\"tidb_start_script.sh\"}]}},{\"name\":\"slowlog\",\"emptyDir\":{}}],\"containers\":[{\"name\":\"slowlog\",\"image\":\"busybox:1.34.1\",\"command\":[\"sh\",\"-c\",\"touch /var/log/tidb/slowlog; tail -n0 -F /var/log/tidb/slowlog;\"],\"resources\":{},\"volumeMounts\":[{\"name\":\"slowlog\",\"mountPath\":\"/var/log/tidb\"}],\"imagePullPolicy\":\"IfNotPresent\"},{\"name\":\"tidb\",\"image\":\"pingcap/tidb:v5.4.0\",\"command\":[\"/bin/sh\",\"/usr/local/bin/tidb_start_script.sh\"],\"ports\":[{\"name\":\"server\",\"containerPort\":4000,\"protocol\":\"TCP\"},{\"name\":\"status\",\"containerPort\":10080,\"protocol\":\"TCP\"}],\"env\":[{\"name\":\"CLUSTER_NAME\",\"value\":\"test-cluster\"},{\"name\":\"TZ\",\"value\":\"UTC\"},{\"name\":\"BINLOG_ENABLED\",\"value\":\"false\"},{\"name\":\"SLOW_LOG_FILE\",\"value\":\"/var/log/tidb/slowlog\"},{\"name\":\"POD_NAME\",\"valueFrom\":{\"fieldRef\":{\"fieldPath\":\"metadata.name\"}}},{\"name\":\"NAMESPACE\",\"valueFrom\":{\"fieldRef\":{\"fieldPath\":\"metadata.namespace\"}}},{\"name\":\"HEADLESS_SERVICE_NAME\",\"value\":\"test-cluster-tidb-peer\"}],\"resources\":{},\"volumeMounts\":[{\"name\":\"annotations\",\"readOnly\":true,\"mountPath\":\"/etc/podinfo\"},{\"name\":\"config\",\"readOnly\":true,\"mountPath\":\"/etc/tidb\"},{\"name\":\"startup-script\",\"readOnly\":true,\"mountPath\":\"/usr/local/bin\"},{\"name\":\"slowlog\",\"mountPath\":\"/var/log/tidb\"}],\"readinessProbe\":{\"tcpSocket\":{\"port\":4000},\"initialDelaySeconds\":10},\"imagePullPolicy\":\"IfNotPresent\"}],\"restartPolicy\":\"Always\",\"dnsPolicy\":\"ClusterFirst\",\"affinity\":{\"nodeAffinity\":{\"requiredDuringSchedulingIgnoredDuringExecution\":{\"nodeSelectorTerms\":[{\"matchExpressions\":[{\"key\":\"kubernetes.io/hostname\",\"operator\":\"In\",\"values\":[\"NONE\"]}]}]}}}}},\"serviceName\":\"test-cluster-tidb-peer\",\"podManagementPolicy\":\"Parallel\",\"updateStrategy\":{\"type\":\"RollingUpdate\",\"rollingUpdate\":{\"partition\":2}},\"revisionHistoryLimit\":10}" + }, + "creation_timestamp": "2024-02-27T01:20:52+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": 3, + "labels": { + "app.kubernetes.io/component": "tidb", + "app.kubernetes.io/instance": "test-cluster", + "app.kubernetes.io/managed-by": "tidb-operator", + "app.kubernetes.io/name": "tidb-cluster" + }, + "managed_fields": [ + { + "api_version": "apps/v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:status": { + "f:updateRevision": {} + } + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:21:54+00:00" + }, + { + "api_version": "apps/v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + ".": {}, + "f:pingcap.com/last-applied-configuration": {} + }, + "f:labels": { + ".": {}, + "f:app.kubernetes.io/component": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {} + }, + "f:ownerReferences": { + ".": {}, + "k:{\"uid\":\"eff6561e-bf0d-471c-99a1-71f35603bc87\"}": {} + } + }, + "f:spec": { + "f:persistentVolumeClaimRetentionPolicy": { + ".": {}, + "f:whenDeleted": {}, + "f:whenScaled": {} + }, + "f:podManagementPolicy": {}, + "f:replicas": {}, + "f:revisionHistoryLimit": {}, + "f:selector": {}, + "f:serviceName": {}, + "f:template": { + "f:metadata": { + "f:annotations": { + ".": {}, + "f:prometheus.io/path": {}, + "f:prometheus.io/port": {}, + "f:prometheus.io/scrape": {} + }, + "f:labels": { + ".": {}, + "f:app.kubernetes.io/component": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {} + } + }, + "f:spec": { + "f:affinity": { + ".": {}, + "f:nodeAffinity": { + ".": {}, + "f:requiredDuringSchedulingIgnoredDuringExecution": {} + } + }, + "f:containers": { + "k:{\"name\":\"slowlog\"}": { + ".": {}, + "f:command": {}, + "f:image": {}, + "f:imagePullPolicy": {}, + "f:name": {}, + "f:resources": {}, + "f:terminationMessagePath": {}, + "f:terminationMessagePolicy": {}, + "f:volumeMounts": { + ".": {}, + "k:{\"mountPath\":\"/var/log/tidb\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {} + } + } + }, + "k:{\"name\":\"tidb\"}": { + ".": {}, + "f:command": {}, + "f:env": { + ".": {}, + "k:{\"name\":\"BINLOG_ENABLED\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"CLUSTER_NAME\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"HEADLESS_SERVICE_NAME\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"NAMESPACE\"}": { + ".": {}, + "f:name": {}, + "f:valueFrom": { + ".": {}, + "f:fieldRef": {} + } + }, + "k:{\"name\":\"POD_NAME\"}": { + ".": {}, + "f:name": {}, + "f:valueFrom": { + ".": {}, + "f:fieldRef": {} + } + }, + "k:{\"name\":\"SLOW_LOG_FILE\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"TZ\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + } + }, + "f:image": {}, + "f:imagePullPolicy": {}, + "f:name": {}, + "f:ports": { + ".": {}, + "k:{\"containerPort\":4000,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + }, + "k:{\"containerPort\":10080,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + } + }, + "f:readinessProbe": { + ".": {}, + "f:failureThreshold": {}, + "f:initialDelaySeconds": {}, + "f:periodSeconds": {}, + "f:successThreshold": {}, + "f:tcpSocket": { + ".": {}, + "f:port": {} + }, + "f:timeoutSeconds": {} + }, + "f:resources": {}, + "f:terminationMessagePath": {}, + "f:terminationMessagePolicy": {}, + "f:volumeMounts": { + ".": {}, + "k:{\"mountPath\":\"/etc/podinfo\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {}, + "f:readOnly": {} + }, + "k:{\"mountPath\":\"/etc/tidb\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {}, + "f:readOnly": {} + }, + "k:{\"mountPath\":\"/usr/local/bin\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {}, + "f:readOnly": {} + }, + "k:{\"mountPath\":\"/var/log/tidb\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {} + } + } + } + }, + "f:dnsPolicy": {}, + "f:restartPolicy": {}, + "f:schedulerName": {}, + "f:securityContext": {}, + "f:terminationGracePeriodSeconds": {}, + "f:volumes": { + ".": {}, + "k:{\"name\":\"annotations\"}": { + ".": {}, + "f:downwardAPI": { + ".": {}, + "f:defaultMode": {}, + "f:items": {} + }, + "f:name": {} + }, + "k:{\"name\":\"config\"}": { + ".": {}, + "f:configMap": { + ".": {}, + "f:defaultMode": {}, + "f:items": {}, + "f:name": {} + }, + "f:name": {} + }, + "k:{\"name\":\"slowlog\"}": { + ".": {}, + "f:emptyDir": {}, + "f:name": {} + }, + "k:{\"name\":\"startup-script\"}": { + ".": {}, + "f:configMap": { + ".": {}, + "f:defaultMode": {}, + "f:items": {}, + "f:name": {} + }, + "f:name": {} + } + } + } + }, + "f:updateStrategy": { + "f:rollingUpdate": { + ".": {}, + "f:partition": {} + }, + "f:type": {} + } + } + }, + "manager": "tidb-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:21:54+00:00" + }, + { + "api_version": "apps/v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:status": { + "f:availableReplicas": {}, + "f:currentReplicas": {}, + "f:observedGeneration": {}, + "f:readyReplicas": {}, + "f:replicas": {}, + "f:updatedReplicas": {} + } + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": "status", + "time": "2024-02-27T01:22:26+00:00" + } + ], + "name": "test-cluster-tidb", + "namespace": "acto-namespace", + "owner_references": [ + { + "api_version": "pingcap.com/v1alpha1", + "block_owner_deletion": true, + "controller": true, + "kind": "TidbCluster", + "name": "test-cluster", + "uid": "eff6561e-bf0d-471c-99a1-71f35603bc87" + } + ], + "resource_version": "1729", + "self_link": null, + "uid": "275a96f1-4db6-4070-a665-2df5d784b843" + }, + "spec": { + "min_ready_seconds": null, + "ordinals": null, + "persistent_volume_claim_retention_policy": { + "when_deleted": "Retain", + "when_scaled": "Retain" + }, + "pod_management_policy": "Parallel", + "replicas": 3, + "revision_history_limit": 10, + "selector": { + "match_expressions": null, + "match_labels": { + "app.kubernetes.io/component": "tidb", + "app.kubernetes.io/instance": "test-cluster", + "app.kubernetes.io/managed-by": "tidb-operator", + "app.kubernetes.io/name": "tidb-cluster" + } + }, + "service_name": "test-cluster-tidb-peer", + "template": { + "metadata": { + "annotations": { + "prometheus.io/path": "/metrics", + "prometheus.io/port": "10080", + "prometheus.io/scrape": "true" + }, + "creation_timestamp": null, + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": { + "app.kubernetes.io/component": "tidb", + "app.kubernetes.io/instance": "test-cluster", + "app.kubernetes.io/managed-by": "tidb-operator", + "app.kubernetes.io/name": "tidb-cluster" + }, + "managed_fields": null, + "name": null, + "namespace": null, + "owner_references": null, + "resource_version": null, + "self_link": null, + "uid": null + }, + "spec": { + "active_deadline_seconds": null, + "affinity": { + "node_affinity": { + "preferred_during_scheduling_ignored_during_execution": null, + "required_during_scheduling_ignored_during_execution": { + "node_selector_terms": [ + { + "match_expressions": [ + { + "key": "kubernetes.io/hostname", + "operator": "In", + "values": [ + "NONE" + ] + } + ], + "match_fields": null + } + ] + } + }, + "pod_affinity": null, + "pod_anti_affinity": null + }, + "automount_service_account_token": null, + "containers": [ + { + "args": null, + "command": [ + "sh", + "-c", + "touch /var/log/tidb/slowlog; tail -n0 -F /var/log/tidb/slowlog;" + ], + "env": null, + "env_from": null, + "image": "busybox:1.34.1", + "image_pull_policy": "IfNotPresent", + "lifecycle": null, + "liveness_probe": null, + "name": "slowlog", + "ports": null, + "readiness_probe": null, + "resources": { + "claims": null, + "limits": null, + "requests": null + }, + "security_context": null, + "startup_probe": null, + "stdin": null, + "stdin_once": null, + "termination_message_path": "/dev/termination-log", + "termination_message_policy": "File", + "tty": null, + "volume_devices": null, + "volume_mounts": [ + { + "mount_path": "/var/log/tidb", + "mount_propagation": null, + "name": "slowlog", + "read_only": null, + "sub_path": null, + "sub_path_expr": null + } + ], + "working_dir": null + }, + { + "args": null, + "command": [ + "/bin/sh", + "/usr/local/bin/tidb_start_script.sh" + ], + "env": [ + { + "name": "CLUSTER_NAME", + "value": "test-cluster", + "value_from": null + }, + { + "name": "TZ", + "value": "UTC", + "value_from": null + }, + { + "name": "BINLOG_ENABLED", + "value": "false", + "value_from": null + }, + { + "name": "SLOW_LOG_FILE", + "value": "/var/log/tidb/slowlog", + "value_from": null + }, + { + "name": "POD_NAME", + "value": null, + "value_from": { + "config_map_key_ref": null, + "field_ref": { + "api_version": "v1", + "field_path": "metadata.name" + }, + "resource_field_ref": null, + "secret_key_ref": null + } + }, + { + "name": "NAMESPACE", + "value": null, + "value_from": { + "config_map_key_ref": null, + "field_ref": { + "api_version": "v1", + "field_path": "metadata.namespace" + }, + "resource_field_ref": null, + "secret_key_ref": null + } + }, + { + "name": "HEADLESS_SERVICE_NAME", + "value": "test-cluster-tidb-peer", + "value_from": null + } + ], + "env_from": null, + "image": "pingcap/tidb:v5.4.0", + "image_pull_policy": "IfNotPresent", + "lifecycle": null, + "liveness_probe": null, + "name": "tidb", + "ports": [ + { + "container_port": 4000, + "host_ip": null, + "host_port": null, + "name": "server", + "protocol": "TCP" + }, + { + "container_port": 10080, + "host_ip": null, + "host_port": null, + "name": "status", + "protocol": "TCP" + } + ], + "readiness_probe": { + "_exec": null, + "failure_threshold": 3, + "grpc": null, + "http_get": null, + "initial_delay_seconds": 10, + "period_seconds": 10, + "success_threshold": 1, + "tcp_socket": { + "host": null, + "port": 4000 + }, + "termination_grace_period_seconds": null, + "timeout_seconds": 1 + }, + "resources": { + "claims": null, + "limits": null, + "requests": null + }, + "security_context": null, + "startup_probe": null, + "stdin": null, + "stdin_once": null, + "termination_message_path": "/dev/termination-log", + "termination_message_policy": "File", + "tty": null, + "volume_devices": null, + "volume_mounts": [ + { + "mount_path": "/etc/podinfo", + "mount_propagation": null, + "name": "annotations", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/etc/tidb", + "mount_propagation": null, + "name": "config", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/usr/local/bin", + "mount_propagation": null, + "name": "startup-script", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/var/log/tidb", + "mount_propagation": null, + "name": "slowlog", + "read_only": null, + "sub_path": null, + "sub_path_expr": null + } + ], + "working_dir": null + } + ], + "dns_config": null, + "dns_policy": "ClusterFirst", + "enable_service_links": null, + "ephemeral_containers": null, + "host_aliases": null, + "host_ipc": null, + "host_network": null, + "host_pid": null, + "host_users": null, + "hostname": null, + "image_pull_secrets": null, + "init_containers": null, + "node_name": null, + "node_selector": null, + "os": null, + "overhead": null, + "preemption_policy": null, + "priority": null, + "priority_class_name": null, + "readiness_gates": null, + "resource_claims": null, + "restart_policy": "Always", + "runtime_class_name": null, + "scheduler_name": "default-scheduler", + "scheduling_gates": null, + "security_context": { + "fs_group": null, + "fs_group_change_policy": null, + "run_as_group": null, + "run_as_non_root": null, + "run_as_user": null, + "se_linux_options": null, + "seccomp_profile": null, + "supplemental_groups": null, + "sysctls": null, + "windows_options": null + }, + "service_account": null, + "service_account_name": null, + "set_hostname_as_fqdn": null, + "share_process_namespace": null, + "subdomain": null, + "termination_grace_period_seconds": 30, + "tolerations": null, + "topology_spread_constraints": null, + "volumes": [ + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": { + "default_mode": 420, + "items": [ + { + "field_ref": { + "api_version": "v1", + "field_path": "metadata.annotations" + }, + "mode": null, + "path": "annotations", + "resource_field_ref": null + } + ] + }, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "annotations", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": { + "default_mode": 420, + "items": [ + { + "key": "config-file", + "mode": null, + "path": "tidb.toml" + } + ], + "name": "test-cluster-tidb-6662316", + "optional": null + }, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "config", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": { + "default_mode": 420, + "items": [ + { + "key": "startup-script", + "mode": null, + "path": "tidb_start_script.sh" + } + ], + "name": "test-cluster-tidb-6662316", + "optional": null + }, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "startup-script", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": null, + "empty_dir": { + "medium": null, + "size_limit": null + }, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "slowlog", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + } + ] + } + }, + "update_strategy": { + "rolling_update": { + "max_unavailable": null, + "partition": 2 + }, + "type": "RollingUpdate" + }, + "volume_claim_templates": null + }, + "status": { + "available_replicas": 2, + "collision_count": 0, + "conditions": null, + "current_replicas": 2, + "current_revision": "test-cluster-tidb-788bdc6cfc", + "observed_generation": 3, + "ready_replicas": 2, + "replicas": 3, + "update_revision": "test-cluster-tidb-64f7fcc656", + "updated_replicas": 1 + } + }, + "test-cluster-tikv": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": { + "pingcap.com/last-applied-configuration": "{\"replicas\":3,\"selector\":{\"matchLabels\":{\"app.kubernetes.io/component\":\"tikv\",\"app.kubernetes.io/instance\":\"test-cluster\",\"app.kubernetes.io/managed-by\":\"tidb-operator\",\"app.kubernetes.io/name\":\"tidb-cluster\"}},\"template\":{\"metadata\":{\"creationTimestamp\":null,\"labels\":{\"app.kubernetes.io/component\":\"tikv\",\"app.kubernetes.io/instance\":\"test-cluster\",\"app.kubernetes.io/managed-by\":\"tidb-operator\",\"app.kubernetes.io/name\":\"tidb-cluster\"},\"annotations\":{\"prometheus.io/path\":\"/metrics\",\"prometheus.io/port\":\"20180\",\"prometheus.io/scrape\":\"true\"}},\"spec\":{\"volumes\":[{\"name\":\"annotations\",\"downwardAPI\":{\"items\":[{\"path\":\"annotations\",\"fieldRef\":{\"fieldPath\":\"metadata.annotations\"}}]}},{\"name\":\"config\",\"configMap\":{\"name\":\"test-cluster-tikv-3831336\",\"items\":[{\"key\":\"config-file\",\"path\":\"tikv.toml\"}]}},{\"name\":\"startup-script\",\"configMap\":{\"name\":\"test-cluster-tikv-3831336\",\"items\":[{\"key\":\"startup-script\",\"path\":\"tikv_start_script.sh\"}]}}],\"containers\":[{\"name\":\"raftlog\",\"image\":\"busybox:1.34.1\",\"command\":[\"sh\",\"-c\",\"touch /var/lib/tikv/raftdb.info; tail -n0 -F /var/lib/tikv/raftdb.info;\"],\"resources\":{},\"volumeMounts\":[{\"name\":\"tikv\",\"mountPath\":\"/var/lib/tikv\"}],\"imagePullPolicy\":\"IfNotPresent\"},{\"name\":\"tikv\",\"image\":\"pingcap/tikv:v5.4.0\",\"command\":[\"/bin/sh\",\"/usr/local/bin/tikv_start_script.sh\"],\"ports\":[{\"name\":\"server\",\"containerPort\":20160,\"protocol\":\"TCP\"}],\"env\":[{\"name\":\"NAMESPACE\",\"valueFrom\":{\"fieldRef\":{\"fieldPath\":\"metadata.namespace\"}}},{\"name\":\"CLUSTER_NAME\",\"value\":\"test-cluster\"},{\"name\":\"HEADLESS_SERVICE_NAME\",\"value\":\"test-cluster-tikv-peer\"},{\"name\":\"CAPACITY\",\"value\":\"0\"},{\"name\":\"TZ\",\"value\":\"UTC\"}],\"resources\":{},\"volumeMounts\":[{\"name\":\"annotations\",\"readOnly\":true,\"mountPath\":\"/etc/podinfo\"},{\"name\":\"tikv\",\"mountPath\":\"/var/lib/tikv\"},{\"name\":\"config\",\"readOnly\":true,\"mountPath\":\"/etc/tikv\"},{\"name\":\"startup-script\",\"readOnly\":true,\"mountPath\":\"/usr/local/bin\"}],\"imagePullPolicy\":\"IfNotPresent\",\"securityContext\":{\"privileged\":false}}],\"restartPolicy\":\"Always\",\"dnsPolicy\":\"ClusterFirst\"}},\"volumeClaimTemplates\":[{\"metadata\":{\"name\":\"tikv\",\"creationTimestamp\":null},\"spec\":{\"accessModes\":[\"ReadWriteOnce\"],\"resources\":{\"requests\":{\"storage\":\"100Gi\"}}},\"status\":{}}],\"serviceName\":\"test-cluster-tikv-peer\",\"podManagementPolicy\":\"Parallel\",\"updateStrategy\":{\"type\":\"RollingUpdate\",\"rollingUpdate\":{\"partition\":3}}}" + }, + "creation_timestamp": "2024-02-27T01:20:22+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": 1, + "labels": { + "app.kubernetes.io/component": "tikv", + "app.kubernetes.io/instance": "test-cluster", + "app.kubernetes.io/managed-by": "tidb-operator", + "app.kubernetes.io/name": "tidb-cluster" + }, + "managed_fields": [ + { + "api_version": "apps/v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + ".": {}, + "f:pingcap.com/last-applied-configuration": {} + }, + "f:labels": { + ".": {}, + "f:app.kubernetes.io/component": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {} + }, + "f:ownerReferences": { + ".": {}, + "k:{\"uid\":\"eff6561e-bf0d-471c-99a1-71f35603bc87\"}": {} + } + }, + "f:spec": { + "f:persistentVolumeClaimRetentionPolicy": { + ".": {}, + "f:whenDeleted": {}, + "f:whenScaled": {} + }, + "f:podManagementPolicy": {}, + "f:replicas": {}, + "f:revisionHistoryLimit": {}, + "f:selector": {}, + "f:serviceName": {}, + "f:template": { + "f:metadata": { + "f:annotations": { + ".": {}, + "f:prometheus.io/path": {}, + "f:prometheus.io/port": {}, + "f:prometheus.io/scrape": {} + }, + "f:labels": { + ".": {}, + "f:app.kubernetes.io/component": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {} + } + }, + "f:spec": { + "f:containers": { + "k:{\"name\":\"raftlog\"}": { + ".": {}, + "f:command": {}, + "f:image": {}, + "f:imagePullPolicy": {}, + "f:name": {}, + "f:resources": {}, + "f:terminationMessagePath": {}, + "f:terminationMessagePolicy": {}, + "f:volumeMounts": { + ".": {}, + "k:{\"mountPath\":\"/var/lib/tikv\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {} + } + } + }, + "k:{\"name\":\"tikv\"}": { + ".": {}, + "f:command": {}, + "f:env": { + ".": {}, + "k:{\"name\":\"CAPACITY\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"CLUSTER_NAME\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"HEADLESS_SERVICE_NAME\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"NAMESPACE\"}": { + ".": {}, + "f:name": {}, + "f:valueFrom": { + ".": {}, + "f:fieldRef": {} + } + }, + "k:{\"name\":\"TZ\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + } + }, + "f:image": {}, + "f:imagePullPolicy": {}, + "f:name": {}, + "f:ports": { + ".": {}, + "k:{\"containerPort\":20160,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + } + }, + "f:resources": {}, + "f:securityContext": { + ".": {}, + "f:privileged": {} + }, + "f:terminationMessagePath": {}, + "f:terminationMessagePolicy": {}, + "f:volumeMounts": { + ".": {}, + "k:{\"mountPath\":\"/etc/podinfo\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {}, + "f:readOnly": {} + }, + "k:{\"mountPath\":\"/etc/tikv\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {}, + "f:readOnly": {} + }, + "k:{\"mountPath\":\"/usr/local/bin\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {}, + "f:readOnly": {} + }, + "k:{\"mountPath\":\"/var/lib/tikv\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {} + } + } + } + }, + "f:dnsPolicy": {}, + "f:restartPolicy": {}, + "f:schedulerName": {}, + "f:securityContext": {}, + "f:terminationGracePeriodSeconds": {}, + "f:volumes": { + ".": {}, + "k:{\"name\":\"annotations\"}": { + ".": {}, + "f:downwardAPI": { + ".": {}, + "f:defaultMode": {}, + "f:items": {} + }, + "f:name": {} + }, + "k:{\"name\":\"config\"}": { + ".": {}, + "f:configMap": { + ".": {}, + "f:defaultMode": {}, + "f:items": {}, + "f:name": {} + }, + "f:name": {} + }, + "k:{\"name\":\"startup-script\"}": { + ".": {}, + "f:configMap": { + ".": {}, + "f:defaultMode": {}, + "f:items": {}, + "f:name": {} + }, + "f:name": {} + } + } + } + }, + "f:updateStrategy": { + "f:rollingUpdate": { + ".": {}, + "f:partition": {} + }, + "f:type": {} + }, + "f:volumeClaimTemplates": {} + } + }, + "manager": "tidb-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:22+00:00" + }, + { + "api_version": "apps/v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:status": { + "f:availableReplicas": {}, + "f:collisionCount": {}, + "f:currentReplicas": {}, + "f:currentRevision": {}, + "f:observedGeneration": {}, + "f:readyReplicas": {}, + "f:replicas": {}, + "f:updateRevision": {}, + "f:updatedReplicas": {} + } + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": "status", + "time": "2024-02-27T01:20:27+00:00" + } + ], + "name": "test-cluster-tikv", + "namespace": "acto-namespace", + "owner_references": [ + { + "api_version": "pingcap.com/v1alpha1", + "block_owner_deletion": true, + "controller": true, + "kind": "TidbCluster", + "name": "test-cluster", + "uid": "eff6561e-bf0d-471c-99a1-71f35603bc87" + } + ], + "resource_version": "1257", + "self_link": null, + "uid": "0ef3c69e-a6cc-4a35-915f-a63fca1b67f8" + }, + "spec": { + "min_ready_seconds": null, + "ordinals": null, + "persistent_volume_claim_retention_policy": { + "when_deleted": "Retain", + "when_scaled": "Retain" + }, + "pod_management_policy": "Parallel", + "replicas": 3, + "revision_history_limit": 10, + "selector": { + "match_expressions": null, + "match_labels": { + "app.kubernetes.io/component": "tikv", + "app.kubernetes.io/instance": "test-cluster", + "app.kubernetes.io/managed-by": "tidb-operator", + "app.kubernetes.io/name": "tidb-cluster" + } + }, + "service_name": "test-cluster-tikv-peer", + "template": { + "metadata": { + "annotations": { + "prometheus.io/path": "/metrics", + "prometheus.io/port": "20180", + "prometheus.io/scrape": "true" + }, + "creation_timestamp": null, + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": { + "app.kubernetes.io/component": "tikv", + "app.kubernetes.io/instance": "test-cluster", + "app.kubernetes.io/managed-by": "tidb-operator", + "app.kubernetes.io/name": "tidb-cluster" + }, + "managed_fields": null, + "name": null, + "namespace": null, + "owner_references": null, + "resource_version": null, + "self_link": null, + "uid": null + }, + "spec": { + "active_deadline_seconds": null, + "affinity": null, + "automount_service_account_token": null, + "containers": [ + { + "args": null, + "command": [ + "sh", + "-c", + "touch /var/lib/tikv/raftdb.info; tail -n0 -F /var/lib/tikv/raftdb.info;" + ], + "env": null, + "env_from": null, + "image": "busybox:1.34.1", + "image_pull_policy": "IfNotPresent", + "lifecycle": null, + "liveness_probe": null, + "name": "raftlog", + "ports": null, + "readiness_probe": null, + "resources": { + "claims": null, + "limits": null, + "requests": null + }, + "security_context": null, + "startup_probe": null, + "stdin": null, + "stdin_once": null, + "termination_message_path": "/dev/termination-log", + "termination_message_policy": "File", + "tty": null, + "volume_devices": null, + "volume_mounts": [ + { + "mount_path": "/var/lib/tikv", + "mount_propagation": null, + "name": "tikv", + "read_only": null, + "sub_path": null, + "sub_path_expr": null + } + ], + "working_dir": null + }, + { + "args": null, + "command": [ + "/bin/sh", + "/usr/local/bin/tikv_start_script.sh" + ], + "env": [ + { + "name": "NAMESPACE", + "value": null, + "value_from": { + "config_map_key_ref": null, + "field_ref": { + "api_version": "v1", + "field_path": "metadata.namespace" + }, + "resource_field_ref": null, + "secret_key_ref": null + } + }, + { + "name": "CLUSTER_NAME", + "value": "test-cluster", + "value_from": null + }, + { + "name": "HEADLESS_SERVICE_NAME", + "value": "test-cluster-tikv-peer", + "value_from": null + }, + { + "name": "CAPACITY", + "value": "0", + "value_from": null + }, + { + "name": "TZ", + "value": "UTC", + "value_from": null + } + ], + "env_from": null, + "image": "pingcap/tikv:v5.4.0", + "image_pull_policy": "IfNotPresent", + "lifecycle": null, + "liveness_probe": null, + "name": "tikv", + "ports": [ + { + "container_port": 20160, + "host_ip": null, + "host_port": null, + "name": "server", + "protocol": "TCP" + } + ], + "readiness_probe": null, + "resources": { + "claims": null, + "limits": null, + "requests": null + }, + "security_context": { + "allow_privilege_escalation": null, + "capabilities": null, + "privileged": false, + "proc_mount": null, + "read_only_root_filesystem": null, + "run_as_group": null, + "run_as_non_root": null, + "run_as_user": null, + "se_linux_options": null, + "seccomp_profile": null, + "windows_options": null + }, + "startup_probe": null, + "stdin": null, + "stdin_once": null, + "termination_message_path": "/dev/termination-log", + "termination_message_policy": "File", + "tty": null, + "volume_devices": null, + "volume_mounts": [ + { + "mount_path": "/etc/podinfo", + "mount_propagation": null, + "name": "annotations", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/var/lib/tikv", + "mount_propagation": null, + "name": "tikv", + "read_only": null, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/etc/tikv", + "mount_propagation": null, + "name": "config", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/usr/local/bin", + "mount_propagation": null, + "name": "startup-script", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + } + ], + "working_dir": null + } + ], + "dns_config": null, + "dns_policy": "ClusterFirst", + "enable_service_links": null, + "ephemeral_containers": null, + "host_aliases": null, + "host_ipc": null, + "host_network": null, + "host_pid": null, + "host_users": null, + "hostname": null, + "image_pull_secrets": null, + "init_containers": null, + "node_name": null, + "node_selector": null, + "os": null, + "overhead": null, + "preemption_policy": null, + "priority": null, + "priority_class_name": null, + "readiness_gates": null, + "resource_claims": null, + "restart_policy": "Always", + "runtime_class_name": null, + "scheduler_name": "default-scheduler", + "scheduling_gates": null, + "security_context": { + "fs_group": null, + "fs_group_change_policy": null, + "run_as_group": null, + "run_as_non_root": null, + "run_as_user": null, + "se_linux_options": null, + "seccomp_profile": null, + "supplemental_groups": null, + "sysctls": null, + "windows_options": null + }, + "service_account": null, + "service_account_name": null, + "set_hostname_as_fqdn": null, + "share_process_namespace": null, + "subdomain": null, + "termination_grace_period_seconds": 30, + "tolerations": null, + "topology_spread_constraints": null, + "volumes": [ + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": { + "default_mode": 420, + "items": [ + { + "field_ref": { + "api_version": "v1", + "field_path": "metadata.annotations" + }, + "mode": null, + "path": "annotations", + "resource_field_ref": null + } + ] + }, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "annotations", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": { + "default_mode": 420, + "items": [ + { + "key": "config-file", + "mode": null, + "path": "tikv.toml" + } + ], + "name": "test-cluster-tikv-3831336", + "optional": null + }, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "config", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": { + "default_mode": 420, + "items": [ + { + "key": "startup-script", + "mode": null, + "path": "tikv_start_script.sh" + } + ], + "name": "test-cluster-tikv-3831336", + "optional": null + }, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "startup-script", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + } + ] + } + }, + "update_strategy": { + "rolling_update": { + "max_unavailable": null, + "partition": 3 + }, + "type": "RollingUpdate" + }, + "volume_claim_templates": [ + { + "api_version": "v1", + "kind": "PersistentVolumeClaim", + "metadata": { + "annotations": null, + "creation_timestamp": null, + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": null, + "name": "tikv", + "namespace": null, + "owner_references": null, + "resource_version": null, + "self_link": null, + "uid": null + }, + "spec": { + "access_modes": [ + "ReadWriteOnce" + ], + "data_source": null, + "data_source_ref": null, + "resources": { + "claims": null, + "limits": null, + "requests": { + "storage": "100Gi" + } + }, + "selector": null, + "storage_class_name": null, + "volume_mode": "Filesystem", + "volume_name": null + }, + "status": { + "access_modes": null, + "allocated_resources": null, + "capacity": null, + "conditions": null, + "phase": "Pending", + "resize_status": null + } + } + ] + }, + "status": { + "available_replicas": 3, + "collision_count": 0, + "conditions": null, + "current_replicas": 3, + "current_revision": "test-cluster-tikv-797dfd54bf", + "observed_generation": 1, + "ready_replicas": 3, + "replicas": 3, + "update_revision": "test-cluster-tikv-797dfd54bf", + "updated_replicas": 3 + } + } + }, + "deployment": { + "test-cluster-discovery": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": { + "deployment.kubernetes.io/revision": "1", + "pingcap.com/last-applied-configuration": "{\"containers\":[{\"name\":\"discovery\",\"image\":\"pingcap/tidb-operator:v1.3.2\",\"command\":[\"/usr/local/bin/tidb-discovery\"],\"ports\":[{\"name\":\"discovery\",\"containerPort\":10261,\"protocol\":\"TCP\"},{\"name\":\"proxy\",\"containerPort\":10262,\"protocol\":\"TCP\"}],\"env\":[{\"name\":\"MY_POD_NAMESPACE\",\"valueFrom\":{\"fieldRef\":{\"fieldPath\":\"metadata.namespace\"}}},{\"name\":\"TZ\",\"value\":\"UTC\"},{\"name\":\"TC_NAME\",\"value\":\"test-cluster\"}],\"resources\":{},\"imagePullPolicy\":\"IfNotPresent\"}],\"restartPolicy\":\"Always\",\"dnsPolicy\":\"ClusterFirst\",\"serviceAccountName\":\"test-cluster-discovery\"}", + "pingcap.com/last-applied-podtemplate": "{\"containers\":[{\"name\":\"discovery\",\"image\":\"pingcap/tidb-operator:v1.3.2\",\"command\":[\"/usr/local/bin/tidb-discovery\"],\"ports\":[{\"name\":\"discovery\",\"containerPort\":10261,\"protocol\":\"TCP\"},{\"name\":\"proxy\",\"containerPort\":10262,\"protocol\":\"TCP\"}],\"env\":[{\"name\":\"MY_POD_NAMESPACE\",\"valueFrom\":{\"fieldRef\":{\"fieldPath\":\"metadata.namespace\"}}},{\"name\":\"TZ\",\"value\":\"UTC\"},{\"name\":\"TC_NAME\",\"value\":\"test-cluster\"}],\"resources\":{},\"imagePullPolicy\":\"IfNotPresent\"}],\"restartPolicy\":\"Always\",\"dnsPolicy\":\"ClusterFirst\",\"serviceAccountName\":\"test-cluster-discovery\"}" + }, + "creation_timestamp": "2024-02-27T01:19:59+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": 2, + "labels": { + "app.kubernetes.io/component": "discovery", + "app.kubernetes.io/instance": "test-cluster", + "app.kubernetes.io/managed-by": "tidb-operator", + "app.kubernetes.io/name": "tidb-cluster" + }, + "managed_fields": [ + { + "api_version": "apps/v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + ".": {}, + "f:pingcap.com/last-applied-configuration": {}, + "f:pingcap.com/last-applied-podtemplate": {} + }, + "f:labels": { + ".": {}, + "f:app.kubernetes.io/component": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {} + }, + "f:ownerReferences": { + ".": {}, + "k:{\"uid\":\"eff6561e-bf0d-471c-99a1-71f35603bc87\"}": {} + } + }, + "f:spec": { + "f:progressDeadlineSeconds": {}, + "f:replicas": {}, + "f:revisionHistoryLimit": {}, + "f:selector": {}, + "f:strategy": { + "f:type": {} + }, + "f:template": { + "f:metadata": { + "f:labels": { + ".": {}, + "f:app.kubernetes.io/component": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {} + } + }, + "f:spec": { + "f:containers": { + "k:{\"name\":\"discovery\"}": { + ".": {}, + "f:command": {}, + "f:env": { + ".": {}, + "k:{\"name\":\"MY_POD_NAMESPACE\"}": { + ".": {}, + "f:name": {}, + "f:valueFrom": { + ".": {}, + "f:fieldRef": {} + } + }, + "k:{\"name\":\"TC_NAME\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"TZ\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + } + }, + "f:image": {}, + "f:imagePullPolicy": {}, + "f:name": {}, + "f:ports": { + ".": {}, + "k:{\"containerPort\":10261,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + }, + "k:{\"containerPort\":10262,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + } + }, + "f:resources": {}, + "f:terminationMessagePath": {}, + "f:terminationMessagePolicy": {} + } + }, + "f:dnsPolicy": {}, + "f:restartPolicy": {}, + "f:schedulerName": {}, + "f:securityContext": {}, + "f:serviceAccount": {}, + "f:serviceAccountName": {}, + "f:terminationGracePeriodSeconds": {} + } + } + } + }, + "manager": "tidb-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:59+00:00" + }, + { + "api_version": "apps/v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:status": { + "f:availableReplicas": {}, + "f:conditions": { + "k:{\"type\":\"Available\"}": { + "f:lastTransitionTime": {}, + "f:lastUpdateTime": {}, + "f:message": {}, + "f:reason": {}, + "f:status": {} + }, + "k:{\"type\":\"Progressing\"}": { + "f:lastUpdateTime": {}, + "f:message": {}, + "f:reason": {} + } + }, + "f:readyReplicas": {} + } + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:01+00:00" + } + ], + "name": "test-cluster-discovery", + "namespace": "acto-namespace", + "owner_references": [ + { + "api_version": "pingcap.com/v1alpha1", + "block_owner_deletion": true, + "controller": true, + "kind": "TidbCluster", + "name": "test-cluster", + "uid": "eff6561e-bf0d-471c-99a1-71f35603bc87" + } + ], + "resource_version": "1026", + "self_link": null, + "uid": "8fd66bd1-82d7-4fd7-95b8-c25c509219de" + }, + "spec": { + "min_ready_seconds": null, + "paused": null, + "progress_deadline_seconds": 600, + "replicas": 1, + "revision_history_limit": 10, + "selector": { + "match_expressions": null, + "match_labels": { + "app.kubernetes.io/component": "discovery", + "app.kubernetes.io/instance": "test-cluster", + "app.kubernetes.io/managed-by": "tidb-operator", + "app.kubernetes.io/name": "tidb-cluster" + } + }, + "strategy": { + "rolling_update": null, + "type": "Recreate" + }, + "template": { + "metadata": { + "annotations": null, + "creation_timestamp": null, + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": { + "app.kubernetes.io/component": "discovery", + "app.kubernetes.io/instance": "test-cluster", + "app.kubernetes.io/managed-by": "tidb-operator", + "app.kubernetes.io/name": "tidb-cluster" + }, + "managed_fields": null, + "name": null, + "namespace": null, + "owner_references": null, + "resource_version": null, + "self_link": null, + "uid": null + }, + "spec": { + "active_deadline_seconds": null, + "affinity": null, + "automount_service_account_token": null, + "containers": [ + { + "args": null, + "command": [ + "/usr/local/bin/tidb-discovery" + ], + "env": [ + { + "name": "MY_POD_NAMESPACE", + "value": null, + "value_from": { + "config_map_key_ref": null, + "field_ref": { + "api_version": "v1", + "field_path": "metadata.namespace" + }, + "resource_field_ref": null, + "secret_key_ref": null + } + }, + { + "name": "TZ", + "value": "UTC", + "value_from": null + }, + { + "name": "TC_NAME", + "value": "test-cluster", + "value_from": null + } + ], + "env_from": null, + "image": "pingcap/tidb-operator:v1.3.2", + "image_pull_policy": "IfNotPresent", + "lifecycle": null, + "liveness_probe": null, + "name": "discovery", + "ports": [ + { + "container_port": 10261, + "host_ip": null, + "host_port": null, + "name": "discovery", + "protocol": "TCP" + }, + { + "container_port": 10262, + "host_ip": null, + "host_port": null, + "name": "proxy", + "protocol": "TCP" + } + ], + "readiness_probe": null, + "resources": { + "claims": null, + "limits": null, + "requests": null + }, + "security_context": null, + "startup_probe": null, + "stdin": null, + "stdin_once": null, + "termination_message_path": "/dev/termination-log", + "termination_message_policy": "File", + "tty": null, + "volume_devices": null, + "volume_mounts": null, + "working_dir": null + } + ], + "dns_config": null, + "dns_policy": "ClusterFirst", + "enable_service_links": null, + "ephemeral_containers": null, + "host_aliases": null, + "host_ipc": null, + "host_network": null, + "host_pid": null, + "host_users": null, + "hostname": null, + "image_pull_secrets": null, + "init_containers": null, + "node_name": null, + "node_selector": null, + "os": null, + "overhead": null, + "preemption_policy": null, + "priority": null, + "priority_class_name": null, + "readiness_gates": null, + "resource_claims": null, + "restart_policy": "Always", + "runtime_class_name": null, + "scheduler_name": "default-scheduler", + "scheduling_gates": null, + "security_context": { + "fs_group": null, + "fs_group_change_policy": null, + "run_as_group": null, + "run_as_non_root": null, + "run_as_user": null, + "se_linux_options": null, + "seccomp_profile": null, + "supplemental_groups": null, + "sysctls": null, + "windows_options": null + }, + "service_account": "test-cluster-discovery", + "service_account_name": "test-cluster-discovery", + "set_hostname_as_fqdn": null, + "share_process_namespace": null, + "subdomain": null, + "termination_grace_period_seconds": 30, + "tolerations": null, + "topology_spread_constraints": null, + "volumes": null + } + } + }, + "status": { + "available_replicas": 1, + "collision_count": null, + "conditions": [ + { + "last_transition_time": "2024-02-27T01:20:01+00:00", + "last_update_time": "2024-02-27T01:20:01+00:00", + "message": "Deployment has minimum availability.", + "reason": "MinimumReplicasAvailable", + "status": "True", + "type": "Available" + }, + { + "last_transition_time": "2024-02-27T01:19:59+00:00", + "last_update_time": "2024-02-27T01:20:01+00:00", + "message": "ReplicaSet \"test-cluster-discovery-689d8466cb\" has successfully progressed.", + "reason": "NewReplicaSetAvailable", + "status": "True", + "type": "Progressing" + } + ], + "observed_generation": 2, + "ready_replicas": 1, + "replicas": 1, + "unavailable_replicas": null, + "updated_replicas": 1 + } + }, + "tidb-controller-manager": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": { + "deployment.kubernetes.io/revision": "2" + }, + "creation_timestamp": "2024-02-27T01:19:29+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": 2, + "labels": { + "acto/tag": "operator-deployment", + "app.kubernetes.io/component": "controller-manager", + "app.kubernetes.io/instance": "acto-test-operator", + "app.kubernetes.io/managed-by": "Helm", + "app.kubernetes.io/name": "tidb-operator", + "helm.sh/chart": "tidb-operator-v1-canary" + }, + "managed_fields": [ + { + "api_version": "apps/v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:labels": { + "f:app.kubernetes.io/component": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {}, + "f:helm.sh/chart": {} + } + }, + "f:spec": { + "f:replicas": {}, + "f:selector": {}, + "f:template": { + "f:metadata": { + "f:labels": { + "f:app.kubernetes.io/component": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/name": {} + } + }, + "f:spec": { + "f:containers": { + "k:{\"name\":\"tidb-operator\"}": { + ".": {}, + "f:command": {}, + "f:env": { + "k:{\"name\":\"NAMESPACE\"}": { + ".": {}, + "f:name": {}, + "f:valueFrom": { + "f:fieldRef": {} + } + }, + "k:{\"name\":\"TZ\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + } + }, + "f:image": {}, + "f:imagePullPolicy": {}, + "f:livenessProbe": { + "f:failureThreshold": {}, + "f:initialDelaySeconds": {}, + "f:periodSeconds": {}, + "f:tcpSocket": { + "f:port": {} + } + }, + "f:name": {}, + "f:resources": { + "f:requests": { + "f:cpu": {}, + "f:memory": {} + } + } + } + }, + "f:serviceAccount": {} + } + } + } + }, + "manager": "kubectl", + "operation": "Apply", + "subresource": null, + "time": "2024-02-27T01:19:29+00:00" + }, + { + "api_version": "apps/v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:labels": { + "f:acto/tag": {} + } + }, + "f:spec": { + "f:template": { + "f:metadata": { + "f:labels": { + "f:acto/tag": {} + } + } + } + } + }, + "manager": "OpenAPI-Generator", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:34+00:00" + }, + { + "api_version": "apps/v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + ".": {}, + "f:deployment.kubernetes.io/revision": {} + } + }, + "f:status": { + "f:availableReplicas": {}, + "f:conditions": { + ".": {}, + "k:{\"type\":\"Available\"}": { + ".": {}, + "f:lastTransitionTime": {}, + "f:lastUpdateTime": {}, + "f:message": {}, + "f:reason": {}, + "f:status": {}, + "f:type": {} + }, + "k:{\"type\":\"Progressing\"}": { + ".": {}, + "f:lastTransitionTime": {}, + "f:lastUpdateTime": {}, + "f:message": {}, + "f:reason": {}, + "f:status": {}, + "f:type": {} + } + }, + "f:observedGeneration": {}, + "f:readyReplicas": {}, + "f:replicas": {}, + "f:updatedReplicas": {} + } + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": "status", + "time": "2024-02-27T01:19:35+00:00" + } + ], + "name": "tidb-controller-manager", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "782", + "self_link": null, + "uid": "9c9a1175-4094-401b-b70a-d6cf986e73ea" + }, + "spec": { + "min_ready_seconds": null, + "paused": null, + "progress_deadline_seconds": 600, + "replicas": 1, + "revision_history_limit": 10, + "selector": { + "match_expressions": null, + "match_labels": { + "app.kubernetes.io/component": "controller-manager", + "app.kubernetes.io/instance": "acto-test-operator", + "app.kubernetes.io/name": "tidb-operator" + } + }, + "strategy": { + "rolling_update": { + "max_surge": "25%", + "max_unavailable": "25%" + }, + "type": "RollingUpdate" + }, + "template": { + "metadata": { + "annotations": null, + "creation_timestamp": null, + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": { + "acto/tag": "operator-pod", + "app.kubernetes.io/component": "controller-manager", + "app.kubernetes.io/instance": "acto-test-operator", + "app.kubernetes.io/name": "tidb-operator" + }, + "managed_fields": null, + "name": null, + "namespace": null, + "owner_references": null, + "resource_version": null, + "self_link": null, + "uid": null + }, + "spec": { + "active_deadline_seconds": null, + "affinity": null, + "automount_service_account_token": null, + "containers": [ + { + "args": null, + "command": [ + "/usr/local/bin/tidb-controller-manager", + "-tidb-backup-manager-image=pingcap/tidb-backup-manager:v1.3.2", + "-tidb-discovery-image=pingcap/tidb-operator:v1.3.2", + "-cluster-scoped=true", + "-cluster-permission-node=true", + "-cluster-permission-pv=true", + "-cluster-permission-sc=true", + "-auto-failover=true", + "-pd-failover-period=5m", + "-tikv-failover-period=5m", + "-tiflash-failover-period=5m", + "-tidb-failover-period=5m", + "-dm-master-failover-period=5m", + "-dm-worker-failover-period=5m", + "-v=2" + ], + "env": [ + { + "name": "NAMESPACE", + "value": null, + "value_from": { + "config_map_key_ref": null, + "field_ref": { + "api_version": "v1", + "field_path": "metadata.namespace" + }, + "resource_field_ref": null, + "secret_key_ref": null + } + }, + { + "name": "TZ", + "value": "UTC", + "value_from": null + } + ], + "env_from": null, + "image": "pingcap/tidb-operator:v1.3.2", + "image_pull_policy": "IfNotPresent", + "lifecycle": null, + "liveness_probe": { + "_exec": null, + "failure_threshold": 10, + "grpc": null, + "http_get": null, + "initial_delay_seconds": 30, + "period_seconds": 10, + "success_threshold": 1, + "tcp_socket": { + "host": null, + "port": 6060 + }, + "termination_grace_period_seconds": null, + "timeout_seconds": 1 + }, + "name": "tidb-operator", + "ports": null, + "readiness_probe": null, + "resources": { + "claims": null, + "limits": null, + "requests": { + "cpu": "80m", + "memory": "50Mi" + } + }, + "security_context": null, + "startup_probe": null, + "stdin": null, + "stdin_once": null, + "termination_message_path": "/dev/termination-log", + "termination_message_policy": "File", + "tty": null, + "volume_devices": null, + "volume_mounts": null, + "working_dir": null + } + ], + "dns_config": null, + "dns_policy": "ClusterFirst", + "enable_service_links": null, + "ephemeral_containers": null, + "host_aliases": null, + "host_ipc": null, + "host_network": null, + "host_pid": null, + "host_users": null, + "hostname": null, + "image_pull_secrets": null, + "init_containers": null, + "node_name": null, + "node_selector": null, + "os": null, + "overhead": null, + "preemption_policy": null, + "priority": null, + "priority_class_name": null, + "readiness_gates": null, + "resource_claims": null, + "restart_policy": "Always", + "runtime_class_name": null, + "scheduler_name": "default-scheduler", + "scheduling_gates": null, + "security_context": { + "fs_group": null, + "fs_group_change_policy": null, + "run_as_group": null, + "run_as_non_root": null, + "run_as_user": null, + "se_linux_options": null, + "seccomp_profile": null, + "supplemental_groups": null, + "sysctls": null, + "windows_options": null + }, + "service_account": "tidb-controller-manager", + "service_account_name": "tidb-controller-manager", + "set_hostname_as_fqdn": null, + "share_process_namespace": null, + "subdomain": null, + "termination_grace_period_seconds": 30, + "tolerations": null, + "topology_spread_constraints": null, + "volumes": null + } + } + }, + "status": { + "available_replicas": 1, + "collision_count": null, + "conditions": [ + { + "last_transition_time": "2024-02-27T01:19:30+00:00", + "last_update_time": "2024-02-27T01:19:30+00:00", + "message": "Deployment has minimum availability.", + "reason": "MinimumReplicasAvailable", + "status": "True", + "type": "Available" + }, + { + "last_transition_time": "2024-02-27T01:19:29+00:00", + "last_update_time": "2024-02-27T01:19:35+00:00", + "message": "ReplicaSet \"tidb-controller-manager-7b6bdb846c\" has successfully progressed.", + "reason": "NewReplicaSetAvailable", + "status": "True", + "type": "Progressing" + } + ], + "observed_generation": 2, + "ready_replicas": 1, + "replicas": 1, + "unavailable_replicas": null, + "updated_replicas": 1 + } + }, + "tidb-scheduler": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": { + "deployment.kubernetes.io/revision": "2" + }, + "creation_timestamp": "2024-02-27T01:19:29+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": 2, + "labels": { + "acto/tag": "operator-deployment", + "app.kubernetes.io/component": "scheduler", + "app.kubernetes.io/instance": "acto-test-operator", + "app.kubernetes.io/managed-by": "Helm", + "app.kubernetes.io/name": "tidb-operator", + "helm.sh/chart": "tidb-operator-v1-canary" + }, + "managed_fields": [ + { + "api_version": "apps/v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:labels": { + "f:app.kubernetes.io/component": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {}, + "f:helm.sh/chart": {} + } + }, + "f:spec": { + "f:replicas": {}, + "f:selector": {}, + "f:template": { + "f:metadata": { + "f:labels": { + "f:app.kubernetes.io/component": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/name": {} + } + }, + "f:spec": { + "f:containers": { + "k:{\"name\":\"kube-scheduler\"}": { + ".": {}, + "f:command": {}, + "f:image": {}, + "f:imagePullPolicy": {}, + "f:name": {}, + "f:resources": { + "f:limits": { + "f:cpu": {}, + "f:memory": {} + }, + "f:requests": { + "f:cpu": {}, + "f:memory": {} + } + }, + "f:volumeMounts": { + "k:{\"mountPath\":\"/etc/kubernetes\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {} + } + } + }, + "k:{\"name\":\"tidb-scheduler\"}": { + ".": {}, + "f:command": {}, + "f:image": {}, + "f:imagePullPolicy": {}, + "f:name": {}, + "f:resources": { + "f:limits": { + "f:cpu": {}, + "f:memory": {} + }, + "f:requests": { + "f:cpu": {}, + "f:memory": {} + } + } + } + }, + "f:serviceAccount": {}, + "f:volumes": { + "k:{\"name\":\"scheduler-config\"}": { + ".": {}, + "f:configMap": { + "f:name": {} + }, + "f:name": {} + } + } + } + } + } + }, + "manager": "kubectl", + "operation": "Apply", + "subresource": null, + "time": "2024-02-27T01:19:29+00:00" + }, + { + "api_version": "apps/v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:labels": { + "f:acto/tag": {} + } + }, + "f:spec": { + "f:template": { + "f:metadata": { + "f:labels": { + "f:acto/tag": {} + } + } + } + } + }, + "manager": "OpenAPI-Generator", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:34+00:00" + }, + { + "api_version": "apps/v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + ".": {}, + "f:deployment.kubernetes.io/revision": {} + } + }, + "f:status": { + "f:availableReplicas": {}, + "f:conditions": { + ".": {}, + "k:{\"type\":\"Available\"}": { + ".": {}, + "f:lastTransitionTime": {}, + "f:lastUpdateTime": {}, + "f:message": {}, + "f:reason": {}, + "f:status": {}, + "f:type": {} + }, + "k:{\"type\":\"Progressing\"}": { + ".": {}, + "f:lastTransitionTime": {}, + "f:lastUpdateTime": {}, + "f:message": {}, + "f:reason": {}, + "f:status": {}, + "f:type": {} + } + }, + "f:observedGeneration": {}, + "f:readyReplicas": {}, + "f:replicas": {}, + "f:updatedReplicas": {} + } + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": "status", + "time": "2024-02-27T01:19:37+00:00" + } + ], + "name": "tidb-scheduler", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "803", + "self_link": null, + "uid": "20ba2e7c-07eb-48ca-a4b7-a91c7be753f3" + }, + "spec": { + "min_ready_seconds": null, + "paused": null, + "progress_deadline_seconds": 600, + "replicas": 1, + "revision_history_limit": 10, + "selector": { + "match_expressions": null, + "match_labels": { + "app.kubernetes.io/component": "scheduler", + "app.kubernetes.io/instance": "acto-test-operator", + "app.kubernetes.io/name": "tidb-operator" + } + }, + "strategy": { + "rolling_update": { + "max_surge": "25%", + "max_unavailable": "25%" + }, + "type": "RollingUpdate" + }, + "template": { + "metadata": { + "annotations": null, + "creation_timestamp": null, + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": { + "acto/tag": "operator-pod", + "app.kubernetes.io/component": "scheduler", + "app.kubernetes.io/instance": "acto-test-operator", + "app.kubernetes.io/name": "tidb-operator" + }, + "managed_fields": null, + "name": null, + "namespace": null, + "owner_references": null, + "resource_version": null, + "self_link": null, + "uid": null + }, + "spec": { + "active_deadline_seconds": null, + "affinity": null, + "automount_service_account_token": null, + "containers": [ + { + "args": null, + "command": [ + "/usr/local/bin/tidb-scheduler", + "-v=2", + "-port=10262" + ], + "env": null, + "env_from": null, + "image": "pingcap/tidb-operator:v1.3.2", + "image_pull_policy": "IfNotPresent", + "lifecycle": null, + "liveness_probe": null, + "name": "tidb-scheduler", + "ports": null, + "readiness_probe": null, + "resources": { + "claims": null, + "limits": { + "cpu": "250m", + "memory": "150Mi" + }, + "requests": { + "cpu": "80m", + "memory": "50Mi" + } + }, + "security_context": null, + "startup_probe": null, + "stdin": null, + "stdin_once": null, + "termination_message_path": "/dev/termination-log", + "termination_message_policy": "File", + "tty": null, + "volume_devices": null, + "volume_mounts": null, + "working_dir": null + }, + { + "args": null, + "command": [ + "kube-scheduler", + "--v=2", + "--config=/etc/kubernetes/scheduler-config.yaml" + ], + "env": null, + "env_from": null, + "image": "k8s.gcr.io/kube-scheduler:v1.22.9", + "image_pull_policy": "IfNotPresent", + "lifecycle": null, + "liveness_probe": null, + "name": "kube-scheduler", + "ports": null, + "readiness_probe": null, + "resources": { + "claims": null, + "limits": { + "cpu": "250m", + "memory": "150Mi" + }, + "requests": { + "cpu": "80m", + "memory": "50Mi" + } + }, + "security_context": null, + "startup_probe": null, + "stdin": null, + "stdin_once": null, + "termination_message_path": "/dev/termination-log", + "termination_message_policy": "File", + "tty": null, + "volume_devices": null, + "volume_mounts": [ + { + "mount_path": "/etc/kubernetes", + "mount_propagation": null, + "name": "scheduler-config", + "read_only": null, + "sub_path": null, + "sub_path_expr": null + } + ], + "working_dir": null + } + ], + "dns_config": null, + "dns_policy": "ClusterFirst", + "enable_service_links": null, + "ephemeral_containers": null, + "host_aliases": null, + "host_ipc": null, + "host_network": null, + "host_pid": null, + "host_users": null, + "hostname": null, + "image_pull_secrets": null, + "init_containers": null, + "node_name": null, + "node_selector": null, + "os": null, + "overhead": null, + "preemption_policy": null, + "priority": null, + "priority_class_name": null, + "readiness_gates": null, + "resource_claims": null, + "restart_policy": "Always", + "runtime_class_name": null, + "scheduler_name": "default-scheduler", + "scheduling_gates": null, + "security_context": { + "fs_group": null, + "fs_group_change_policy": null, + "run_as_group": null, + "run_as_non_root": null, + "run_as_user": null, + "se_linux_options": null, + "seccomp_profile": null, + "supplemental_groups": null, + "sysctls": null, + "windows_options": null + }, + "service_account": "tidb-scheduler", + "service_account_name": "tidb-scheduler", + "set_hostname_as_fqdn": null, + "share_process_namespace": null, + "subdomain": null, + "termination_grace_period_seconds": 30, + "tolerations": null, + "topology_spread_constraints": null, + "volumes": [ + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": { + "default_mode": 420, + "items": null, + "name": "tidb-scheduler-config", + "optional": null + }, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "scheduler-config", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + } + ] + } + } + }, + "status": { + "available_replicas": 1, + "collision_count": null, + "conditions": [ + { + "last_transition_time": "2024-02-27T01:19:32+00:00", + "last_update_time": "2024-02-27T01:19:32+00:00", + "message": "Deployment has minimum availability.", + "reason": "MinimumReplicasAvailable", + "status": "True", + "type": "Available" + }, + { + "last_transition_time": "2024-02-27T01:19:29+00:00", + "last_update_time": "2024-02-27T01:19:37+00:00", + "message": "ReplicaSet \"tidb-scheduler-77874455fc\" has successfully progressed.", + "reason": "NewReplicaSetAvailable", + "status": "True", + "type": "Progressing" + } + ], + "observed_generation": 2, + "ready_replicas": 1, + "replicas": 1, + "unavailable_replicas": null, + "updated_replicas": 1 + } + } + }, + "daemon_set": {}, + "config_map": { + "kube-root-ca.crt": { + "api_version": null, + "binary_data": null, + "data": { + "ca.crt": "-----BEGIN CERTIFICATE-----\nMIIDBTCCAe2gAwIBAgIIZ5THVDJZXfowDQYJKoZIhvcNAQELBQAwFTETMBEGA1UE\nAxMKa3ViZXJuZXRlczAeFw0yNDAyMjcwMTEzMzJaFw0zNDAyMjQwMTE4MzJaMBUx\nEzARBgNVBAMTCmt1YmVybmV0ZXMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK\nAoIBAQC1Y4Rwx+jwrwtDWJJOZ5NwOv+A8BinI3IHkXxnDLtH/gQzmHBGaJzQA78w\nLenHuRBNkouaCJ3LzEcivIhb40aYsM8uwu2eTQBEHBENK3OxkJ9QTr5fmYDLwBvb\nj7cvsRExy9fQV9ObFYJPDIw5u6DgiyXRbT2PFDuet6rwVFShRlrrIJ+iL5WtWvKK\n0Kn2qO9/iSSdDUcIIXP07pzVPYDrg+tlND4YrdIgl8LYqBiF1wDloi+Zl09vOGmt\nLbDY5mvkQxlSpUcIviLLNHbQ7KMLTzIZz2gvzWEPyQ20mWWiwDWdTB4H2w9Qiu42\n99G9Q8CglQtExnt56cSkqdJhJvwfAgMBAAGjWTBXMA4GA1UdDwEB/wQEAwICpDAP\nBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBQk8EwlGFM1CP/e8qI04IrQOALf1jAV\nBgNVHREEDjAMggprdWJlcm5ldGVzMA0GCSqGSIb3DQEBCwUAA4IBAQBXUKZmiMjl\nMbH5fAemGhfEC019prVPcP7ABB5cIq+V8bsPzGjhEv/+ZTeqwzYM8gU4Dq+vFErz\n2Mx55UmHkqo/yamqnKm19LvuSRmdE0Bhww4/WanACPJjvRJRh85IsI/cKiFPziIl\n0JbqWiV2o7HEDpLDA0Ya7fGSfQGmbgz3wo7+yU80eU9blO7J3fclTKfrDgvCERQO\nqqztfNuP/tOD42f2+El7F4O+yReF/aXA3BvQDNa2zT8PRs+dNFmQNwW12VVnFbuZ\nm0cbmXKnQs7Zm5gE9kqk0zjQRvd7UDLQC0YTBUBK7L18piQN0PdwySvsJkvMZkhn\nI5yzUmqVRIMn\n-----END CERTIFICATE-----\n" + }, + "immutable": null, + "kind": null, + "metadata": { + "annotations": { + "kubernetes.io/description": "Contains a CA bundle that can be used to verify the kube-apiserver when using internal endpoints such as the internal service IP or kubernetes.default.svc. No other usage is guaranteed across distributions of Kubernetes clusters." + }, + "creation_timestamp": "2024-02-27T01:19:22+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:data": { + ".": {}, + "f:ca.crt": {} + }, + "f:metadata": { + "f:annotations": { + ".": {}, + "f:kubernetes.io/description": {} + } + } + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:22+00:00" + } + ], + "name": "kube-root-ca.crt", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "628", + "self_link": null, + "uid": "99d40a37-6559-48b4-b71a-a3dd53006a1f" + } + }, + "test-cluster-pd-3731616": { + "api_version": null, + "binary_data": null, + "data": { + "config-file": "[dashboard]\n internal-proxy = true\n", + "startup-script": "#!/bin/sh\n\n# This script is used to start pd containers in kubernetes cluster\n\n# Use DownwardAPIVolumeFiles to store informations of the cluster:\n# https://kubernetes.io/docs/tasks/inject-data-application/downward-api-volume-expose-pod-information/#the-downward-api\n#\n# runmode=\"normal/debug\"\n#\n\nset -uo pipefail\n\nANNOTATIONS=\"/etc/podinfo/annotations\"\n\nif [[ ! -f \"${ANNOTATIONS}\" ]]\nthen\n echo \"${ANNOTATIONS} does't exist, exiting.\"\n exit 1\nfi\nsource ${ANNOTATIONS} 2>/dev/null\n\nrunmode=${runmode:-normal}\nif [[ X${runmode} == Xdebug ]]\nthen\n echo \"entering debug mode.\"\n tail -f /dev/null\nfi\n\n# Use HOSTNAME if POD_NAME is unset for backward compatibility.\nPOD_NAME=${POD_NAME:-$HOSTNAME}\n# the general form of variable PEER_SERVICE_NAME is: \"-pd-peer\"\ncluster_name=`echo ${PEER_SERVICE_NAME} | sed 's/-pd-peer//'`\ndomain=\"${POD_NAME}.${PEER_SERVICE_NAME}.${NAMESPACE}.svc\"\ndiscovery_url=\"${cluster_name}-discovery.${NAMESPACE}.svc:10261\"\nencoded_domain_url=`echo ${domain}:2380 | base64 | tr \"\\n\" \" \" | sed \"s/ //g\"`\nelapseTime=0\nperiod=1\nthreshold=30\nwhile true; do\nsleep ${period}\nelapseTime=$(( elapseTime+period ))\n\nif [[ ${elapseTime} -ge ${threshold} ]]\nthen\necho \"waiting for pd cluster ready timeout\" >&2\nexit 1\nfi\n\nif nslookup ${domain} 2>/dev/null\nthen\necho \"nslookup domain ${domain}.svc success\"\nbreak\nelse\necho \"nslookup domain ${domain} failed\" >&2\nfi\ndone\n\nARGS=\"--data-dir=/var/lib/pd \\\n--name=${POD_NAME} \\\n--peer-urls=http://0.0.0.0:2380 \\\n--advertise-peer-urls=http://${domain}:2380 \\\n--client-urls=http://0.0.0.0:2379 \\\n--advertise-client-urls=http://${domain}:2379 \\\n--config=/etc/pd/pd.toml \\\n\"\n\nif [[ -f /var/lib/pd/join ]]\nthen\n# The content of the join file is:\n# demo-pd-0=http://demo-pd-0.demo-pd-peer.demo.svc:2380,demo-pd-1=http://demo-pd-1.demo-pd-peer.demo.svc:2380\n# The --join args must be:\n# --join=http://demo-pd-0.demo-pd-peer.demo.svc:2380,http://demo-pd-1.demo-pd-peer.demo.svc:2380\njoin=`cat /var/lib/pd/join | tr \",\" \"\\n\" | awk -F'=' '{print $2}' | tr \"\\n\" \",\"`\njoin=${join%,}\nARGS=\"${ARGS} --join=${join}\"\nelif [[ ! -d /var/lib/pd/member/wal ]]\nthen\nuntil result=$(wget -qO- -T 3 http://${discovery_url}/new/${encoded_domain_url} 2>/dev/null); do\necho \"waiting for discovery service to return start args ...\"\nsleep $((RANDOM % 5))\ndone\nARGS=\"${ARGS}${result}\"\nfi\n\necho \"starting pd-server ...\"\nsleep $((RANDOM % 10))\necho \"/pd-server ${ARGS}\"\nexec /pd-server ${ARGS}\n" + }, + "immutable": null, + "kind": null, + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:19:59+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": { + "app.kubernetes.io/component": "pd", + "app.kubernetes.io/instance": "test-cluster", + "app.kubernetes.io/managed-by": "tidb-operator", + "app.kubernetes.io/name": "tidb-cluster" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:data": { + ".": {}, + "f:config-file": {}, + "f:startup-script": {} + }, + "f:metadata": { + "f:labels": { + ".": {}, + "f:app.kubernetes.io/component": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {} + }, + "f:ownerReferences": { + ".": {}, + "k:{\"uid\":\"eff6561e-bf0d-471c-99a1-71f35603bc87\"}": {} + } + } + }, + "manager": "tidb-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:59+00:00" + } + ], + "name": "test-cluster-pd-3731616", + "namespace": "acto-namespace", + "owner_references": [ + { + "api_version": "pingcap.com/v1alpha1", + "block_owner_deletion": true, + "controller": true, + "kind": "TidbCluster", + "name": "test-cluster", + "uid": "eff6561e-bf0d-471c-99a1-71f35603bc87" + } + ], + "resource_version": "878", + "self_link": null, + "uid": "e8f0acba-3029-41d3-97f4-d296393f3014" + } + }, + "test-cluster-tidb-6662316": { + "api_version": null, + "binary_data": null, + "data": { + "config-file": "[log]\n [log.file]\n max-backups = 3\n\n[performance]\n tcp-keep-alive = true\n", + "startup-script": "#!/bin/sh\n\n# This script is used to start tidb containers in kubernetes cluster\n\n# Use DownwardAPIVolumeFiles to store informations of the cluster:\n# https://kubernetes.io/docs/tasks/inject-data-application/downward-api-volume-expose-pod-information/#the-downward-api\n#\n# runmode=\"normal/debug\"\n#\nset -uo pipefail\n\nANNOTATIONS=\"/etc/podinfo/annotations\"\n\nif [[ ! -f \"${ANNOTATIONS}\" ]]\nthen\n echo \"${ANNOTATIONS} does't exist, exiting.\"\n exit 1\nfi\nsource ${ANNOTATIONS} 2>/dev/null\nrunmode=${runmode:-normal}\nif [[ X${runmode} == Xdebug ]]\nthen\n echo \"entering debug mode.\"\n tail -f /dev/null\nfi\n\n# Use HOSTNAME if POD_NAME is unset for backward compatibility.\nPOD_NAME=${POD_NAME:-$HOSTNAME}\nARGS=\"--store=tikv \\\n--advertise-address=${POD_NAME}.${HEADLESS_SERVICE_NAME}.${NAMESPACE}.svc \\\n--host=0.0.0.0 \\\n--path=${CLUSTER_NAME}-pd:2379 \\\n--config=/etc/tidb/tidb.toml\n\"\n\nif [[ X${BINLOG_ENABLED:-} == Xtrue ]]\nthen\n ARGS=\"${ARGS} --enable-binlog=true\"\nfi\n\nSLOW_LOG_FILE=${SLOW_LOG_FILE:-\"\"}\nif [[ ! -z \"${SLOW_LOG_FILE}\" ]]\nthen\n ARGS=\"${ARGS} --log-slow-query=${SLOW_LOG_FILE:-}\"\nfi\n\necho \"start tidb-server ...\"\necho \"/tidb-server ${ARGS}\"\nexec /tidb-server ${ARGS}\n" + }, + "immutable": null, + "kind": null, + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:52+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": { + "app.kubernetes.io/component": "tidb", + "app.kubernetes.io/instance": "test-cluster", + "app.kubernetes.io/managed-by": "tidb-operator", + "app.kubernetes.io/name": "tidb-cluster" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:data": { + ".": {}, + "f:config-file": {}, + "f:startup-script": {} + }, + "f:metadata": { + "f:labels": { + ".": {}, + "f:app.kubernetes.io/component": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {} + }, + "f:ownerReferences": { + ".": {}, + "k:{\"uid\":\"eff6561e-bf0d-471c-99a1-71f35603bc87\"}": {} + } + } + }, + "manager": "tidb-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:52+00:00" + } + ], + "name": "test-cluster-tidb-6662316", + "namespace": "acto-namespace", + "owner_references": [ + { + "api_version": "pingcap.com/v1alpha1", + "block_owner_deletion": true, + "controller": true, + "kind": "TidbCluster", + "name": "test-cluster", + "uid": "eff6561e-bf0d-471c-99a1-71f35603bc87" + } + ], + "resource_version": "1334", + "self_link": null, + "uid": "5d469b64-8189-40ac-ac5d-66c114e75604" + } + }, + "test-cluster-tikv-3831336": { + "api_version": null, + "binary_data": null, + "data": { + "config-file": "log-level = \"info\"\n", + "startup-script": "#!/bin/sh\n\n# This script is used to start tikv containers in kubernetes cluster\n\n# Use DownwardAPIVolumeFiles to store informations of the cluster:\n# https://kubernetes.io/docs/tasks/inject-data-application/downward-api-volume-expose-pod-information/#the-downward-api\n#\n# runmode=\"normal/debug\"\n#\n\nset -uo pipefail\n\nANNOTATIONS=\"/etc/podinfo/annotations\"\n\nif [[ ! -f \"${ANNOTATIONS}\" ]]\nthen\n echo \"${ANNOTATIONS} does't exist, exiting.\"\n exit 1\nfi\nsource ${ANNOTATIONS} 2>/dev/null\n\nrunmode=${runmode:-normal}\nif [[ X${runmode} == Xdebug ]]\nthen\n\techo \"entering debug mode.\"\n\ttail -f /dev/null\nfi\n\n# Use HOSTNAME if POD_NAME is unset for backward compatibility.\nPOD_NAME=${POD_NAME:-$HOSTNAME}\nARGS=\"--pd=http://${CLUSTER_NAME}-pd:2379 \\\n--advertise-addr=${POD_NAME}.${HEADLESS_SERVICE_NAME}.${NAMESPACE}.svc:20160 \\\n--addr=0.0.0.0:20160 \\\n--status-addr=0.0.0.0:20180 \\\n--advertise-status-addr=${POD_NAME}.${HEADLESS_SERVICE_NAME}.${NAMESPACE}.svc:20180 \\\n--data-dir=/var/lib/tikv \\\n--capacity=${CAPACITY} \\\n--config=/etc/tikv/tikv.toml\n\"\n\nif [ ! -z \"${STORE_LABELS:-}\" ]; then\n LABELS=\" --labels ${STORE_LABELS} \"\n ARGS=\"${ARGS}${LABELS}\"\nfi\n\necho \"starting tikv-server ...\"\necho \"/tikv-server ${ARGS}\"\nexec /tikv-server ${ARGS}\n" + }, + "immutable": null, + "kind": null, + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:22+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": { + "app.kubernetes.io/component": "tikv", + "app.kubernetes.io/instance": "test-cluster", + "app.kubernetes.io/managed-by": "tidb-operator", + "app.kubernetes.io/name": "tidb-cluster" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:data": { + ".": {}, + "f:config-file": {}, + "f:startup-script": {} + }, + "f:metadata": { + "f:labels": { + ".": {}, + "f:app.kubernetes.io/component": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {} + }, + "f:ownerReferences": { + ".": {}, + "k:{\"uid\":\"eff6561e-bf0d-471c-99a1-71f35603bc87\"}": {} + } + } + }, + "manager": "tidb-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:22+00:00" + } + ], + "name": "test-cluster-tikv-3831336", + "namespace": "acto-namespace", + "owner_references": [ + { + "api_version": "pingcap.com/v1alpha1", + "block_owner_deletion": true, + "controller": true, + "kind": "TidbCluster", + "name": "test-cluster", + "uid": "eff6561e-bf0d-471c-99a1-71f35603bc87" + } + ], + "resource_version": "1084", + "self_link": null, + "uid": "b38eb8e1-5d60-4588-bc0e-63f9fcd141ed" + } + }, + "tidb-scheduler-config": { + "api_version": null, + "binary_data": null, + "data": { + "scheduler-config.yaml": "\napiVersion: kubescheduler.config.k8s.io/v1beta1\nkind: KubeSchedulerConfiguration\nleaderElection:\n leaderElect: true\n resourceNamespace: acto-namespace\n resourceName: tidb-scheduler\nhealthzBindAddress: 0.0.0.0:10261\nmetricsBindAddress: 0.0.0.0:10261\nprofiles:\n - schedulerName: tidb-scheduler\nextenders:\n - urlPrefix: http://127.0.0.1:10262/scheduler\n filterVerb: filter\n preemptVerb: preempt\n weight: 1\n enableHTTPS: false\n httpTimeout: 30s" + }, + "immutable": null, + "kind": null, + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:19:29+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": { + "app.kubernetes.io/component": "scheduler", + "app.kubernetes.io/instance": "acto-test-operator", + "app.kubernetes.io/managed-by": "Helm", + "app.kubernetes.io/name": "tidb-operator", + "helm.sh/chart": "tidb-operator-v1-canary" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:data": { + "f:scheduler-config.yaml": {} + }, + "f:metadata": { + "f:labels": { + "f:app.kubernetes.io/component": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {}, + "f:helm.sh/chart": {} + } + } + }, + "manager": "kubectl", + "operation": "Apply", + "subresource": null, + "time": "2024-02-27T01:19:29+00:00" + } + ], + "name": "tidb-scheduler-config", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "670", + "self_link": null, + "uid": "6638d1a4-a2e6-4b27-9cac-00d69352ad49" + } + } + }, + "service": { + "test-cluster-discovery": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": { + "pingcap.com/last-applied-configuration": "{\"ports\":[{\"name\":\"discovery\",\"protocol\":\"TCP\",\"port\":10261,\"targetPort\":10261},{\"name\":\"proxy\",\"protocol\":\"TCP\",\"port\":10262,\"targetPort\":10262}],\"selector\":{\"app.kubernetes.io/component\":\"discovery\",\"app.kubernetes.io/instance\":\"test-cluster\",\"app.kubernetes.io/managed-by\":\"tidb-operator\",\"app.kubernetes.io/name\":\"tidb-cluster\"},\"type\":\"ClusterIP\"}" + }, + "creation_timestamp": "2024-02-27T01:19:59+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": { + "app.kubernetes.io/component": "discovery", + "app.kubernetes.io/instance": "test-cluster", + "app.kubernetes.io/managed-by": "tidb-operator", + "app.kubernetes.io/name": "tidb-cluster" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + ".": {}, + "f:pingcap.com/last-applied-configuration": {} + }, + "f:labels": { + ".": {}, + "f:app.kubernetes.io/component": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {} + }, + "f:ownerReferences": { + ".": {}, + "k:{\"uid\":\"eff6561e-bf0d-471c-99a1-71f35603bc87\"}": {} + } + }, + "f:spec": { + "f:internalTrafficPolicy": {}, + "f:ports": { + ".": {}, + "k:{\"port\":10261,\"protocol\":\"TCP\"}": { + ".": {}, + "f:name": {}, + "f:port": {}, + "f:protocol": {}, + "f:targetPort": {} + }, + "k:{\"port\":10262,\"protocol\":\"TCP\"}": { + ".": {}, + "f:name": {}, + "f:port": {}, + "f:protocol": {}, + "f:targetPort": {} + } + }, + "f:selector": {}, + "f:sessionAffinity": {}, + "f:type": {} + } + }, + "manager": "tidb-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:00+00:00" + } + ], + "name": "test-cluster-discovery", + "namespace": "acto-namespace", + "owner_references": [ + { + "api_version": "pingcap.com/v1alpha1", + "block_owner_deletion": true, + "controller": true, + "kind": "TidbCluster", + "name": "test-cluster", + "uid": "eff6561e-bf0d-471c-99a1-71f35603bc87" + } + ], + "resource_version": "928", + "self_link": null, + "uid": "dacb197f-8ce0-4941-90a3-0afbc90920be" + }, + "spec": { + "allocate_load_balancer_node_ports": null, + "cluster_ip": "10.96.113.100", + "cluster_i_ps": [ + "10.96.113.100" + ], + "external_i_ps": null, + "external_name": null, + "external_traffic_policy": null, + "health_check_node_port": null, + "internal_traffic_policy": "Cluster", + "ip_families": [ + "IPv4" + ], + "ip_family_policy": "SingleStack", + "load_balancer_class": null, + "load_balancer_ip": null, + "load_balancer_source_ranges": null, + "ports": [ + { + "app_protocol": null, + "name": "discovery", + "node_port": null, + "port": 10261, + "protocol": "TCP", + "target_port": 10261 + }, + { + "app_protocol": null, + "name": "proxy", + "node_port": null, + "port": 10262, + "protocol": "TCP", + "target_port": 10262 + } + ], + "publish_not_ready_addresses": null, + "selector": { + "app.kubernetes.io/component": "discovery", + "app.kubernetes.io/instance": "test-cluster", + "app.kubernetes.io/managed-by": "tidb-operator", + "app.kubernetes.io/name": "tidb-cluster" + }, + "session_affinity": "None", + "session_affinity_config": null, + "type": "ClusterIP" + }, + "status": { + "conditions": null, + "load_balancer": { + "ingress": null + } + } + }, + "test-cluster-pd": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": { + "pingcap.com/last-applied-configuration": "{\"ports\":[{\"name\":\"client\",\"protocol\":\"TCP\",\"port\":2379,\"targetPort\":2379}],\"selector\":{\"app.kubernetes.io/component\":\"pd\",\"app.kubernetes.io/instance\":\"test-cluster\",\"app.kubernetes.io/managed-by\":\"tidb-operator\",\"app.kubernetes.io/name\":\"tidb-cluster\"},\"type\":\"ClusterIP\"}" + }, + "creation_timestamp": "2024-02-27T01:19:59+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": { + "app.kubernetes.io/component": "pd", + "app.kubernetes.io/instance": "test-cluster", + "app.kubernetes.io/managed-by": "tidb-operator", + "app.kubernetes.io/name": "tidb-cluster", + "app.kubernetes.io/used-by": "end-user" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + ".": {}, + "f:pingcap.com/last-applied-configuration": {} + }, + "f:labels": { + ".": {}, + "f:app.kubernetes.io/component": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {}, + "f:app.kubernetes.io/used-by": {} + }, + "f:ownerReferences": { + ".": {}, + "k:{\"uid\":\"eff6561e-bf0d-471c-99a1-71f35603bc87\"}": {} + } + }, + "f:spec": { + "f:internalTrafficPolicy": {}, + "f:ports": { + ".": {}, + "k:{\"port\":2379,\"protocol\":\"TCP\"}": { + ".": {}, + "f:name": {}, + "f:port": {}, + "f:protocol": {}, + "f:targetPort": {} + } + }, + "f:selector": {}, + "f:sessionAffinity": {}, + "f:type": {} + } + }, + "manager": "tidb-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:59+00:00" + } + ], + "name": "test-cluster-pd", + "namespace": "acto-namespace", + "owner_references": [ + { + "api_version": "pingcap.com/v1alpha1", + "block_owner_deletion": true, + "controller": true, + "kind": "TidbCluster", + "name": "test-cluster", + "uid": "eff6561e-bf0d-471c-99a1-71f35603bc87" + } + ], + "resource_version": "866", + "self_link": null, + "uid": "bfca2001-d6f7-43f8-a2a7-49cd50d33a5c" + }, + "spec": { + "allocate_load_balancer_node_ports": null, + "cluster_ip": "10.96.11.162", + "cluster_i_ps": [ + "10.96.11.162" + ], + "external_i_ps": null, + "external_name": null, + "external_traffic_policy": null, + "health_check_node_port": null, + "internal_traffic_policy": "Cluster", + "ip_families": [ + "IPv4" + ], + "ip_family_policy": "SingleStack", + "load_balancer_class": null, + "load_balancer_ip": null, + "load_balancer_source_ranges": null, + "ports": [ + { + "app_protocol": null, + "name": "client", + "node_port": null, + "port": 2379, + "protocol": "TCP", + "target_port": 2379 + } + ], + "publish_not_ready_addresses": null, + "selector": { + "app.kubernetes.io/component": "pd", + "app.kubernetes.io/instance": "test-cluster", + "app.kubernetes.io/managed-by": "tidb-operator", + "app.kubernetes.io/name": "tidb-cluster" + }, + "session_affinity": "None", + "session_affinity_config": null, + "type": "ClusterIP" + }, + "status": { + "conditions": null, + "load_balancer": { + "ingress": null + } + } + }, + "test-cluster-pd-peer": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": { + "pingcap.com/last-applied-configuration": "{\"ports\":[{\"name\":\"tcp-peer-2380\",\"protocol\":\"TCP\",\"port\":2380,\"targetPort\":2380},{\"name\":\"tcp-peer-2379\",\"protocol\":\"TCP\",\"port\":2379,\"targetPort\":2379}],\"selector\":{\"app.kubernetes.io/component\":\"pd\",\"app.kubernetes.io/instance\":\"test-cluster\",\"app.kubernetes.io/managed-by\":\"tidb-operator\",\"app.kubernetes.io/name\":\"tidb-cluster\"},\"clusterIP\":\"None\",\"publishNotReadyAddresses\":true}" + }, + "creation_timestamp": "2024-02-27T01:19:59+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": { + "app.kubernetes.io/component": "pd", + "app.kubernetes.io/instance": "test-cluster", + "app.kubernetes.io/managed-by": "tidb-operator", + "app.kubernetes.io/name": "tidb-cluster", + "app.kubernetes.io/used-by": "peer" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + ".": {}, + "f:pingcap.com/last-applied-configuration": {} + }, + "f:labels": { + ".": {}, + "f:app.kubernetes.io/component": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {}, + "f:app.kubernetes.io/used-by": {} + }, + "f:ownerReferences": { + ".": {}, + "k:{\"uid\":\"eff6561e-bf0d-471c-99a1-71f35603bc87\"}": {} + } + }, + "f:spec": { + "f:clusterIP": {}, + "f:internalTrafficPolicy": {}, + "f:ports": { + ".": {}, + "k:{\"port\":2379,\"protocol\":\"TCP\"}": { + ".": {}, + "f:name": {}, + "f:port": {}, + "f:protocol": {}, + "f:targetPort": {} + }, + "k:{\"port\":2380,\"protocol\":\"TCP\"}": { + ".": {}, + "f:name": {}, + "f:port": {}, + "f:protocol": {}, + "f:targetPort": {} + } + }, + "f:publishNotReadyAddresses": {}, + "f:selector": {}, + "f:sessionAffinity": {}, + "f:type": {} + } + }, + "manager": "tidb-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:59+00:00" + } + ], + "name": "test-cluster-pd-peer", + "namespace": "acto-namespace", + "owner_references": [ + { + "api_version": "pingcap.com/v1alpha1", + "block_owner_deletion": true, + "controller": true, + "kind": "TidbCluster", + "name": "test-cluster", + "uid": "eff6561e-bf0d-471c-99a1-71f35603bc87" + } + ], + "resource_version": "873", + "self_link": null, + "uid": "4be4a2f6-d8ec-4083-8b16-079122485476" + }, + "spec": { + "allocate_load_balancer_node_ports": null, + "cluster_ip": "None", + "cluster_i_ps": [ + "None" + ], + "external_i_ps": null, + "external_name": null, + "external_traffic_policy": null, + "health_check_node_port": null, + "internal_traffic_policy": "Cluster", + "ip_families": [ + "IPv4" + ], + "ip_family_policy": "SingleStack", + "load_balancer_class": null, + "load_balancer_ip": null, + "load_balancer_source_ranges": null, + "ports": [ + { + "app_protocol": null, + "name": "tcp-peer-2380", + "node_port": null, + "port": 2380, + "protocol": "TCP", + "target_port": 2380 + }, + { + "app_protocol": null, + "name": "tcp-peer-2379", + "node_port": null, + "port": 2379, + "protocol": "TCP", + "target_port": 2379 + } + ], + "publish_not_ready_addresses": true, + "selector": { + "app.kubernetes.io/component": "pd", + "app.kubernetes.io/instance": "test-cluster", + "app.kubernetes.io/managed-by": "tidb-operator", + "app.kubernetes.io/name": "tidb-cluster" + }, + "session_affinity": "None", + "session_affinity_config": null, + "type": "ClusterIP" + }, + "status": { + "conditions": null, + "load_balancer": { + "ingress": null + } + } + }, + "test-cluster-tidb": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": { + "pingcap.com/last-applied-configuration": "{\"ports\":[{\"name\":\"mysql-client\",\"protocol\":\"TCP\",\"port\":4000,\"targetPort\":4000,\"nodePort\":31115},{\"name\":\"status\",\"protocol\":\"TCP\",\"port\":10080,\"targetPort\":10080,\"nodePort\":32125}],\"selector\":{\"app.kubernetes.io/component\":\"tidb\",\"app.kubernetes.io/instance\":\"test-cluster\",\"app.kubernetes.io/managed-by\":\"tidb-operator\",\"app.kubernetes.io/name\":\"tidb-cluster\"},\"type\":\"NodePort\",\"externalTrafficPolicy\":\"Local\"}" + }, + "creation_timestamp": "2024-02-27T01:20:52+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": { + "app.kubernetes.io/component": "tidb", + "app.kubernetes.io/instance": "test-cluster", + "app.kubernetes.io/managed-by": "tidb-operator", + "app.kubernetes.io/name": "tidb-cluster", + "app.kubernetes.io/used-by": "end-user" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + ".": {}, + "f:pingcap.com/last-applied-configuration": {} + }, + "f:labels": { + ".": {}, + "f:app.kubernetes.io/component": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {}, + "f:app.kubernetes.io/used-by": {} + }, + "f:ownerReferences": { + ".": {}, + "k:{\"uid\":\"eff6561e-bf0d-471c-99a1-71f35603bc87\"}": {} + } + }, + "f:spec": { + "f:externalTrafficPolicy": {}, + "f:internalTrafficPolicy": {}, + "f:ports": { + ".": {}, + "k:{\"port\":4000,\"protocol\":\"TCP\"}": { + ".": {}, + "f:name": {}, + "f:port": {}, + "f:protocol": {}, + "f:targetPort": {} + }, + "k:{\"port\":10080,\"protocol\":\"TCP\"}": { + ".": {}, + "f:name": {}, + "f:port": {}, + "f:protocol": {}, + "f:targetPort": {} + } + }, + "f:selector": {}, + "f:sessionAffinity": {}, + "f:type": {} + } + }, + "manager": "tidb-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:56+00:00" + } + ], + "name": "test-cluster-tidb", + "namespace": "acto-namespace", + "owner_references": [ + { + "api_version": "pingcap.com/v1alpha1", + "block_owner_deletion": true, + "controller": true, + "kind": "TidbCluster", + "name": "test-cluster", + "uid": "eff6561e-bf0d-471c-99a1-71f35603bc87" + } + ], + "resource_version": "1420", + "self_link": null, + "uid": "cfb9a88d-a203-4da8-9845-679a2d34ddae" + }, + "spec": { + "allocate_load_balancer_node_ports": null, + "cluster_ip": "10.96.9.145", + "cluster_i_ps": [ + "10.96.9.145" + ], + "external_i_ps": null, + "external_name": null, + "external_traffic_policy": "Local", + "health_check_node_port": null, + "internal_traffic_policy": "Cluster", + "ip_families": [ + "IPv4" + ], + "ip_family_policy": "SingleStack", + "load_balancer_class": null, + "load_balancer_ip": null, + "load_balancer_source_ranges": null, + "ports": [ + { + "app_protocol": null, + "name": "mysql-client", + "node_port": 31115, + "port": 4000, + "protocol": "TCP", + "target_port": 4000 + }, + { + "app_protocol": null, + "name": "status", + "node_port": 32125, + "port": 10080, + "protocol": "TCP", + "target_port": 10080 + } + ], + "publish_not_ready_addresses": null, + "selector": { + "app.kubernetes.io/component": "tidb", + "app.kubernetes.io/instance": "test-cluster", + "app.kubernetes.io/managed-by": "tidb-operator", + "app.kubernetes.io/name": "tidb-cluster" + }, + "session_affinity": "None", + "session_affinity_config": null, + "type": "NodePort" + }, + "status": { + "conditions": null, + "load_balancer": { + "ingress": null + } + } + }, + "test-cluster-tidb-peer": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": { + "pingcap.com/last-applied-configuration": "{\"ports\":[{\"name\":\"status\",\"protocol\":\"TCP\",\"port\":10080,\"targetPort\":10080}],\"selector\":{\"app.kubernetes.io/component\":\"tidb\",\"app.kubernetes.io/instance\":\"test-cluster\",\"app.kubernetes.io/managed-by\":\"tidb-operator\",\"app.kubernetes.io/name\":\"tidb-cluster\"},\"clusterIP\":\"None\",\"publishNotReadyAddresses\":true}" + }, + "creation_timestamp": "2024-02-27T01:20:52+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": { + "app.kubernetes.io/component": "tidb", + "app.kubernetes.io/instance": "test-cluster", + "app.kubernetes.io/managed-by": "tidb-operator", + "app.kubernetes.io/name": "tidb-cluster", + "app.kubernetes.io/used-by": "peer" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + ".": {}, + "f:pingcap.com/last-applied-configuration": {} + }, + "f:labels": { + ".": {}, + "f:app.kubernetes.io/component": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {}, + "f:app.kubernetes.io/used-by": {} + }, + "f:ownerReferences": { + ".": {}, + "k:{\"uid\":\"eff6561e-bf0d-471c-99a1-71f35603bc87\"}": {} + } + }, + "f:spec": { + "f:clusterIP": {}, + "f:internalTrafficPolicy": {}, + "f:ports": { + ".": {}, + "k:{\"port\":10080,\"protocol\":\"TCP\"}": { + ".": {}, + "f:name": {}, + "f:port": {}, + "f:protocol": {}, + "f:targetPort": {} + } + }, + "f:publishNotReadyAddresses": {}, + "f:selector": {}, + "f:sessionAffinity": {}, + "f:type": {} + } + }, + "manager": "tidb-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:52+00:00" + } + ], + "name": "test-cluster-tidb-peer", + "namespace": "acto-namespace", + "owner_references": [ + { + "api_version": "pingcap.com/v1alpha1", + "block_owner_deletion": true, + "controller": true, + "kind": "TidbCluster", + "name": "test-cluster", + "uid": "eff6561e-bf0d-471c-99a1-71f35603bc87" + } + ], + "resource_version": "1324", + "self_link": null, + "uid": "abae9ada-e2f2-4dd5-b77d-f56c4bd4422f" + }, + "spec": { + "allocate_load_balancer_node_ports": null, + "cluster_ip": "None", + "cluster_i_ps": [ + "None" + ], + "external_i_ps": null, + "external_name": null, + "external_traffic_policy": null, + "health_check_node_port": null, + "internal_traffic_policy": "Cluster", + "ip_families": [ + "IPv4" + ], + "ip_family_policy": "SingleStack", + "load_balancer_class": null, + "load_balancer_ip": null, + "load_balancer_source_ranges": null, + "ports": [ + { + "app_protocol": null, + "name": "status", + "node_port": null, + "port": 10080, + "protocol": "TCP", + "target_port": 10080 + } + ], + "publish_not_ready_addresses": true, + "selector": { + "app.kubernetes.io/component": "tidb", + "app.kubernetes.io/instance": "test-cluster", + "app.kubernetes.io/managed-by": "tidb-operator", + "app.kubernetes.io/name": "tidb-cluster" + }, + "session_affinity": "None", + "session_affinity_config": null, + "type": "ClusterIP" + }, + "status": { + "conditions": null, + "load_balancer": { + "ingress": null + } + } + }, + "test-cluster-tikv-peer": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": { + "pingcap.com/last-applied-configuration": "{\"ports\":[{\"name\":\"peer\",\"protocol\":\"TCP\",\"port\":20160,\"targetPort\":20160}],\"selector\":{\"app.kubernetes.io/component\":\"tikv\",\"app.kubernetes.io/instance\":\"test-cluster\",\"app.kubernetes.io/managed-by\":\"tidb-operator\",\"app.kubernetes.io/name\":\"tidb-cluster\"},\"clusterIP\":\"None\",\"publishNotReadyAddresses\":true}" + }, + "creation_timestamp": "2024-02-27T01:20:22+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": { + "app.kubernetes.io/component": "tikv", + "app.kubernetes.io/instance": "test-cluster", + "app.kubernetes.io/managed-by": "tidb-operator", + "app.kubernetes.io/name": "tidb-cluster", + "app.kubernetes.io/used-by": "peer" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + ".": {}, + "f:pingcap.com/last-applied-configuration": {} + }, + "f:labels": { + ".": {}, + "f:app.kubernetes.io/component": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {}, + "f:app.kubernetes.io/used-by": {} + }, + "f:ownerReferences": { + ".": {}, + "k:{\"uid\":\"eff6561e-bf0d-471c-99a1-71f35603bc87\"}": {} + } + }, + "f:spec": { + "f:clusterIP": {}, + "f:internalTrafficPolicy": {}, + "f:ports": { + ".": {}, + "k:{\"port\":20160,\"protocol\":\"TCP\"}": { + ".": {}, + "f:name": {}, + "f:port": {}, + "f:protocol": {}, + "f:targetPort": {} + } + }, + "f:publishNotReadyAddresses": {}, + "f:selector": {}, + "f:sessionAffinity": {}, + "f:type": {} + } + }, + "manager": "tidb-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:22+00:00" + } + ], + "name": "test-cluster-tikv-peer", + "namespace": "acto-namespace", + "owner_references": [ + { + "api_version": "pingcap.com/v1alpha1", + "block_owner_deletion": true, + "controller": true, + "kind": "TidbCluster", + "name": "test-cluster", + "uid": "eff6561e-bf0d-471c-99a1-71f35603bc87" + } + ], + "resource_version": "1083", + "self_link": null, + "uid": "c2fcd9d2-d1cf-48b4-9d62-c8c5d2555f3b" + }, + "spec": { + "allocate_load_balancer_node_ports": null, + "cluster_ip": "None", + "cluster_i_ps": [ + "None" + ], + "external_i_ps": null, + "external_name": null, + "external_traffic_policy": null, + "health_check_node_port": null, + "internal_traffic_policy": "Cluster", + "ip_families": [ + "IPv4" + ], + "ip_family_policy": "SingleStack", + "load_balancer_class": null, + "load_balancer_ip": null, + "load_balancer_source_ranges": null, + "ports": [ + { + "app_protocol": null, + "name": "peer", + "node_port": null, + "port": 20160, + "protocol": "TCP", + "target_port": 20160 + } + ], + "publish_not_ready_addresses": true, + "selector": { + "app.kubernetes.io/component": "tikv", + "app.kubernetes.io/instance": "test-cluster", + "app.kubernetes.io/managed-by": "tidb-operator", + "app.kubernetes.io/name": "tidb-cluster" + }, + "session_affinity": "None", + "session_affinity_config": null, + "type": "ClusterIP" + }, + "status": { + "conditions": null, + "load_balancer": { + "ingress": null + } + } + } + }, + "pvc": { + "pd-test-cluster-pd-0": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": { + "pv.kubernetes.io/bind-completed": "yes", + "pv.kubernetes.io/bound-by-controller": "yes", + "tidb.pingcap.com/pod-name": "test-cluster-pd-0", + "volume.beta.kubernetes.io/storage-provisioner": "rancher.io/local-path", + "volume.kubernetes.io/selected-node": "acto-0-cluster-0-worker", + "volume.kubernetes.io/storage-provisioner": "rancher.io/local-path" + }, + "creation_timestamp": "2024-02-27T01:19:59+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": [ + "kubernetes.io/pvc-protection" + ], + "generate_name": null, + "generation": null, + "labels": { + "app.kubernetes.io/component": "pd", + "app.kubernetes.io/instance": "test-cluster", + "app.kubernetes.io/managed-by": "tidb-operator", + "app.kubernetes.io/name": "tidb-cluster", + "tidb.pingcap.com/cluster-id": "7340085439264123903", + "tidb.pingcap.com/member-id": "1141335897322686879", + "tidb.pingcap.com/pod-name": "test-cluster-pd-0" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + ".": {}, + "f:volume.kubernetes.io/selected-node": {} + } + } + }, + "manager": "kube-scheduler", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:59+00:00" + }, + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:status": { + "f:accessModes": {}, + "f:capacity": { + ".": {}, + "f:storage": {} + }, + "f:phase": {} + } + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:02+00:00" + }, + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + "f:tidb.pingcap.com/pod-name": {} + }, + "f:labels": { + "f:tidb.pingcap.com/cluster-id": {}, + "f:tidb.pingcap.com/member-id": {}, + "f:tidb.pingcap.com/pod-name": {} + } + } + }, + "manager": "tidb-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:55+00:00" + } + ], + "name": "pd-test-cluster-pd-0", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1415", + "self_link": null, + "uid": "6e74bcf6-9557-43e9-975d-c258e0774be5" + }, + "spec": { + "access_modes": [ + "ReadWriteOnce" + ], + "data_source": null, + "data_source_ref": null, + "resources": { + "claims": null, + "limits": null, + "requests": { + "storage": "10Gi" + } + }, + "selector": null, + "storage_class_name": "standard", + "volume_mode": "Filesystem", + "volume_name": "pvc-6e74bcf6-9557-43e9-975d-c258e0774be5" + }, + "status": { + "access_modes": [ + "ReadWriteOnce" + ], + "allocated_resources": null, + "capacity": { + "storage": "10Gi" + }, + "conditions": null, + "phase": "Bound", + "resize_status": null + } + }, + "pd-test-cluster-pd-1": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": { + "pv.kubernetes.io/bind-completed": "yes", + "pv.kubernetes.io/bound-by-controller": "yes", + "tidb.pingcap.com/pod-name": "test-cluster-pd-1", + "volume.beta.kubernetes.io/storage-provisioner": "rancher.io/local-path", + "volume.kubernetes.io/selected-node": "acto-0-cluster-0-worker2", + "volume.kubernetes.io/storage-provisioner": "rancher.io/local-path" + }, + "creation_timestamp": "2024-02-27T01:19:59+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": [ + "kubernetes.io/pvc-protection" + ], + "generate_name": null, + "generation": null, + "labels": { + "app.kubernetes.io/component": "pd", + "app.kubernetes.io/instance": "test-cluster", + "app.kubernetes.io/managed-by": "tidb-operator", + "app.kubernetes.io/name": "tidb-cluster", + "tidb.pingcap.com/cluster-id": "7340085439264123903", + "tidb.pingcap.com/member-id": "13142663148032253862", + "tidb.pingcap.com/pod-name": "test-cluster-pd-1" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + ".": {}, + "f:volume.kubernetes.io/selected-node": {} + } + } + }, + "manager": "kube-scheduler", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:59+00:00" + }, + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:status": { + "f:accessModes": {}, + "f:capacity": { + ".": {}, + "f:storage": {} + }, + "f:phase": {} + } + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:03+00:00" + }, + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + "f:tidb.pingcap.com/pod-name": {} + }, + "f:labels": { + "f:tidb.pingcap.com/cluster-id": {}, + "f:tidb.pingcap.com/member-id": {}, + "f:tidb.pingcap.com/pod-name": {} + } + } + }, + "manager": "tidb-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:52+00:00" + } + ], + "name": "pd-test-cluster-pd-1", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1342", + "self_link": null, + "uid": "4347573f-2369-4cd1-aa31-97a0edae4ab5" + }, + "spec": { + "access_modes": [ + "ReadWriteOnce" + ], + "data_source": null, + "data_source_ref": null, + "resources": { + "claims": null, + "limits": null, + "requests": { + "storage": "10Gi" + } + }, + "selector": null, + "storage_class_name": "standard", + "volume_mode": "Filesystem", + "volume_name": "pvc-4347573f-2369-4cd1-aa31-97a0edae4ab5" + }, + "status": { + "access_modes": [ + "ReadWriteOnce" + ], + "allocated_resources": null, + "capacity": { + "storage": "10Gi" + }, + "conditions": null, + "phase": "Bound", + "resize_status": null + } + }, + "pd-test-cluster-pd-2": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": { + "pv.kubernetes.io/bind-completed": "yes", + "pv.kubernetes.io/bound-by-controller": "yes", + "tidb.pingcap.com/pod-name": "test-cluster-pd-2", + "volume.beta.kubernetes.io/storage-provisioner": "rancher.io/local-path", + "volume.kubernetes.io/selected-node": "acto-0-cluster-0-worker3", + "volume.kubernetes.io/storage-provisioner": "rancher.io/local-path" + }, + "creation_timestamp": "2024-02-27T01:19:59+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": [ + "kubernetes.io/pvc-protection" + ], + "generate_name": null, + "generation": null, + "labels": { + "app.kubernetes.io/component": "pd", + "app.kubernetes.io/instance": "test-cluster", + "app.kubernetes.io/managed-by": "tidb-operator", + "app.kubernetes.io/name": "tidb-cluster", + "tidb.pingcap.com/cluster-id": "7340085439264123903", + "tidb.pingcap.com/member-id": "5110389971597451409", + "tidb.pingcap.com/pod-name": "test-cluster-pd-2" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + ".": {}, + "f:volume.kubernetes.io/selected-node": {} + } + } + }, + "manager": "kube-scheduler", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:59+00:00" + }, + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:status": { + "f:accessModes": {}, + "f:capacity": { + ".": {}, + "f:storage": {} + }, + "f:phase": {} + } + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:03+00:00" + }, + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + "f:tidb.pingcap.com/pod-name": {} + }, + "f:labels": { + "f:tidb.pingcap.com/cluster-id": {}, + "f:tidb.pingcap.com/member-id": {}, + "f:tidb.pingcap.com/pod-name": {} + } + } + }, + "manager": "tidb-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:52+00:00" + } + ], + "name": "pd-test-cluster-pd-2", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1361", + "self_link": null, + "uid": "4ca5c277-cce5-49c9-8693-75ec1a7ef074" + }, + "spec": { + "access_modes": [ + "ReadWriteOnce" + ], + "data_source": null, + "data_source_ref": null, + "resources": { + "claims": null, + "limits": null, + "requests": { + "storage": "10Gi" + } + }, + "selector": null, + "storage_class_name": "standard", + "volume_mode": "Filesystem", + "volume_name": "pvc-4ca5c277-cce5-49c9-8693-75ec1a7ef074" + }, + "status": { + "access_modes": [ + "ReadWriteOnce" + ], + "allocated_resources": null, + "capacity": { + "storage": "10Gi" + }, + "conditions": null, + "phase": "Bound", + "resize_status": null + } + }, + "tikv-test-cluster-tikv-0": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": { + "pv.kubernetes.io/bind-completed": "yes", + "pv.kubernetes.io/bound-by-controller": "yes", + "tidb.pingcap.com/pod-name": "test-cluster-tikv-0", + "volume.beta.kubernetes.io/storage-provisioner": "rancher.io/local-path", + "volume.kubernetes.io/selected-node": "acto-0-cluster-0-worker2", + "volume.kubernetes.io/storage-provisioner": "rancher.io/local-path" + }, + "creation_timestamp": "2024-02-27T01:20:22+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": [ + "kubernetes.io/pvc-protection" + ], + "generate_name": null, + "generation": null, + "labels": { + "app.kubernetes.io/component": "tikv", + "app.kubernetes.io/instance": "test-cluster", + "app.kubernetes.io/managed-by": "tidb-operator", + "app.kubernetes.io/name": "tidb-cluster", + "tidb.pingcap.com/cluster-id": "7340085439264123903", + "tidb.pingcap.com/pod-name": "test-cluster-tikv-0", + "tidb.pingcap.com/store-id": "5" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + ".": {}, + "f:volume.kubernetes.io/selected-node": {} + } + } + }, + "manager": "kube-scheduler", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:22+00:00" + }, + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:status": { + "f:accessModes": {}, + "f:capacity": { + ".": {}, + "f:storage": {} + }, + "f:phase": {} + } + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:25+00:00" + }, + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + "f:tidb.pingcap.com/pod-name": {} + }, + "f:labels": { + "f:tidb.pingcap.com/cluster-id": {}, + "f:tidb.pingcap.com/pod-name": {}, + "f:tidb.pingcap.com/store-id": {} + } + } + }, + "manager": "tidb-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:53+00:00" + } + ], + "name": "tikv-test-cluster-tikv-0", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1390", + "self_link": null, + "uid": "c3881bdf-3987-4437-afed-2cce93ffbdf3" + }, + "spec": { + "access_modes": [ + "ReadWriteOnce" + ], + "data_source": null, + "data_source_ref": null, + "resources": { + "claims": null, + "limits": null, + "requests": { + "storage": "100Gi" + } + }, + "selector": null, + "storage_class_name": "standard", + "volume_mode": "Filesystem", + "volume_name": "pvc-c3881bdf-3987-4437-afed-2cce93ffbdf3" + }, + "status": { + "access_modes": [ + "ReadWriteOnce" + ], + "allocated_resources": null, + "capacity": { + "storage": "100Gi" + }, + "conditions": null, + "phase": "Bound", + "resize_status": null + } + }, + "tikv-test-cluster-tikv-1": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": { + "pv.kubernetes.io/bind-completed": "yes", + "pv.kubernetes.io/bound-by-controller": "yes", + "tidb.pingcap.com/pod-name": "test-cluster-tikv-1", + "volume.beta.kubernetes.io/storage-provisioner": "rancher.io/local-path", + "volume.kubernetes.io/selected-node": "acto-0-cluster-0-worker", + "volume.kubernetes.io/storage-provisioner": "rancher.io/local-path" + }, + "creation_timestamp": "2024-02-27T01:20:22+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": [ + "kubernetes.io/pvc-protection" + ], + "generate_name": null, + "generation": null, + "labels": { + "app.kubernetes.io/component": "tikv", + "app.kubernetes.io/instance": "test-cluster", + "app.kubernetes.io/managed-by": "tidb-operator", + "app.kubernetes.io/name": "tidb-cluster", + "tidb.pingcap.com/cluster-id": "7340085439264123903", + "tidb.pingcap.com/pod-name": "test-cluster-tikv-1", + "tidb.pingcap.com/store-id": "1" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + ".": {}, + "f:volume.kubernetes.io/selected-node": {} + } + } + }, + "manager": "kube-scheduler", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:22+00:00" + }, + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:status": { + "f:accessModes": {}, + "f:capacity": { + ".": {}, + "f:storage": {} + }, + "f:phase": {} + } + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:24+00:00" + }, + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + "f:tidb.pingcap.com/pod-name": {} + }, + "f:labels": { + "f:tidb.pingcap.com/cluster-id": {}, + "f:tidb.pingcap.com/pod-name": {}, + "f:tidb.pingcap.com/store-id": {} + } + } + }, + "manager": "tidb-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:54+00:00" + } + ], + "name": "tikv-test-cluster-tikv-1", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1404", + "self_link": null, + "uid": "36ffe414-4968-4c09-977a-799a62b46134" + }, + "spec": { + "access_modes": [ + "ReadWriteOnce" + ], + "data_source": null, + "data_source_ref": null, + "resources": { + "claims": null, + "limits": null, + "requests": { + "storage": "100Gi" + } + }, + "selector": null, + "storage_class_name": "standard", + "volume_mode": "Filesystem", + "volume_name": "pvc-36ffe414-4968-4c09-977a-799a62b46134" + }, + "status": { + "access_modes": [ + "ReadWriteOnce" + ], + "allocated_resources": null, + "capacity": { + "storage": "100Gi" + }, + "conditions": null, + "phase": "Bound", + "resize_status": null + } + }, + "tikv-test-cluster-tikv-2": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": { + "pv.kubernetes.io/bind-completed": "yes", + "pv.kubernetes.io/bound-by-controller": "yes", + "tidb.pingcap.com/pod-name": "test-cluster-tikv-2", + "volume.beta.kubernetes.io/storage-provisioner": "rancher.io/local-path", + "volume.kubernetes.io/selected-node": "acto-0-cluster-0-worker3", + "volume.kubernetes.io/storage-provisioner": "rancher.io/local-path" + }, + "creation_timestamp": "2024-02-27T01:20:22+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": [ + "kubernetes.io/pvc-protection" + ], + "generate_name": null, + "generation": null, + "labels": { + "app.kubernetes.io/component": "tikv", + "app.kubernetes.io/instance": "test-cluster", + "app.kubernetes.io/managed-by": "tidb-operator", + "app.kubernetes.io/name": "tidb-cluster", + "tidb.pingcap.com/cluster-id": "7340085439264123903", + "tidb.pingcap.com/pod-name": "test-cluster-tikv-2", + "tidb.pingcap.com/store-id": "4" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + ".": {}, + "f:volume.kubernetes.io/selected-node": {} + } + } + }, + "manager": "kube-scheduler", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:22+00:00" + }, + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:status": { + "f:accessModes": {}, + "f:capacity": { + ".": {}, + "f:storage": {} + }, + "f:phase": {} + } + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:24+00:00" + }, + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + "f:tidb.pingcap.com/pod-name": {} + }, + "f:labels": { + "f:tidb.pingcap.com/cluster-id": {}, + "f:tidb.pingcap.com/pod-name": {}, + "f:tidb.pingcap.com/store-id": {} + } + } + }, + "manager": "tidb-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:54+00:00" + } + ], + "name": "tikv-test-cluster-tikv-2", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1407", + "self_link": null, + "uid": "4c76d8f3-3a67-412e-875b-dae964805d9f" + }, + "spec": { + "access_modes": [ + "ReadWriteOnce" + ], + "data_source": null, + "data_source_ref": null, + "resources": { + "claims": null, + "limits": null, + "requests": { + "storage": "100Gi" + } + }, + "selector": null, + "storage_class_name": "standard", + "volume_mode": "Filesystem", + "volume_name": "pvc-4c76d8f3-3a67-412e-875b-dae964805d9f" + }, + "status": { + "access_modes": [ + "ReadWriteOnce" + ], + "allocated_resources": null, + "capacity": { + "storage": "100Gi" + }, + "conditions": null, + "phase": "Bound", + "resize_status": null + } + } + }, + "cronjob": {}, + "ingress": {}, + "network_policy": {}, + "pod_disruption_budget": {}, + "secret": {}, + "endpoints": { + "test-cluster-discovery": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": { + "endpoints.kubernetes.io/last-change-trigger-time": "2024-02-27T01:20:01Z" + }, + "creation_timestamp": "2024-02-27T01:19:59+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": { + "app.kubernetes.io/component": "discovery", + "app.kubernetes.io/instance": "test-cluster", + "app.kubernetes.io/managed-by": "tidb-operator", + "app.kubernetes.io/name": "tidb-cluster" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + ".": {}, + "f:endpoints.kubernetes.io/last-change-trigger-time": {} + }, + "f:labels": { + ".": {}, + "f:app.kubernetes.io/component": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {} + } + }, + "f:subsets": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:01+00:00" + } + ], + "name": "test-cluster-discovery", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "956", + "self_link": null, + "uid": "531c0eca-2805-49f4-b843-7390f011d559" + }, + "subsets": [ + { + "addresses": [ + { + "hostname": null, + "ip": "10.244.2.3", + "node_name": "acto-0-cluster-0-worker2", + "target_ref": { + "api_version": null, + "field_path": null, + "kind": "Pod", + "name": "test-cluster-discovery-689d8466cb-rkhsw", + "namespace": "acto-namespace", + "resource_version": null, + "uid": "7d5c38de-d388-4f79-a1eb-dbfcb1333562" + } + } + ], + "not_ready_addresses": null, + "ports": [ + { + "app_protocol": null, + "name": "discovery", + "port": 10261, + "protocol": "TCP" + }, + { + "app_protocol": null, + "name": "proxy", + "port": 10262, + "protocol": "TCP" + } + ] + } + ] + }, + "test-cluster-pd": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": { + "endpoints.kubernetes.io/last-change-trigger-time": "2024-02-27T01:20:26Z" + }, + "creation_timestamp": "2024-02-27T01:19:59+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": { + "app.kubernetes.io/component": "pd", + "app.kubernetes.io/instance": "test-cluster", + "app.kubernetes.io/managed-by": "tidb-operator", + "app.kubernetes.io/name": "tidb-cluster", + "app.kubernetes.io/used-by": "end-user" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + ".": {}, + "f:endpoints.kubernetes.io/last-change-trigger-time": {} + }, + "f:labels": { + ".": {}, + "f:app.kubernetes.io/component": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {}, + "f:app.kubernetes.io/used-by": {} + } + }, + "f:subsets": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:26+00:00" + } + ], + "name": "test-cluster-pd", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1236", + "self_link": null, + "uid": "6458dd97-d77d-44d1-9d13-4e1bff4b941d" + }, + "subsets": [ + { + "addresses": [ + { + "hostname": null, + "ip": "10.244.1.4", + "node_name": "acto-0-cluster-0-worker", + "target_ref": { + "api_version": null, + "field_path": null, + "kind": "Pod", + "name": "test-cluster-pd-0", + "namespace": "acto-namespace", + "resource_version": null, + "uid": "801ba666-3b2f-49bf-aec4-e595107bc95d" + } + }, + { + "hostname": null, + "ip": "10.244.2.5", + "node_name": "acto-0-cluster-0-worker2", + "target_ref": { + "api_version": null, + "field_path": null, + "kind": "Pod", + "name": "test-cluster-pd-1", + "namespace": "acto-namespace", + "resource_version": null, + "uid": "fddcab1c-5c70-49b9-8a97-afe4d7dec60e" + } + }, + { + "hostname": null, + "ip": "10.244.3.5", + "node_name": "acto-0-cluster-0-worker3", + "target_ref": { + "api_version": null, + "field_path": null, + "kind": "Pod", + "name": "test-cluster-pd-2", + "namespace": "acto-namespace", + "resource_version": null, + "uid": "6c47980f-aa16-4023-b5b9-150257844cb0" + } + } + ], + "not_ready_addresses": null, + "ports": [ + { + "app_protocol": null, + "name": "client", + "port": 2379, + "protocol": "TCP" + } + ] + } + ] + }, + "test-cluster-pd-peer": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": { + "endpoints.kubernetes.io/last-change-trigger-time": "2024-02-27T01:20:05Z" + }, + "creation_timestamp": "2024-02-27T01:19:59+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": { + "app.kubernetes.io/component": "pd", + "app.kubernetes.io/instance": "test-cluster", + "app.kubernetes.io/managed-by": "tidb-operator", + "app.kubernetes.io/name": "tidb-cluster", + "app.kubernetes.io/used-by": "peer", + "service.kubernetes.io/headless": "" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + ".": {}, + "f:endpoints.kubernetes.io/last-change-trigger-time": {} + }, + "f:labels": { + ".": {}, + "f:app.kubernetes.io/component": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {}, + "f:app.kubernetes.io/used-by": {}, + "f:service.kubernetes.io/headless": {} + } + }, + "f:subsets": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:05+00:00" + } + ], + "name": "test-cluster-pd-peer", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1034", + "self_link": null, + "uid": "0c1a4e11-f222-4597-8c09-480fa11c8847" + }, + "subsets": [ + { + "addresses": [ + { + "hostname": "test-cluster-pd-0", + "ip": "10.244.1.4", + "node_name": "acto-0-cluster-0-worker", + "target_ref": { + "api_version": null, + "field_path": null, + "kind": "Pod", + "name": "test-cluster-pd-0", + "namespace": "acto-namespace", + "resource_version": null, + "uid": "801ba666-3b2f-49bf-aec4-e595107bc95d" + } + }, + { + "hostname": "test-cluster-pd-1", + "ip": "10.244.2.5", + "node_name": "acto-0-cluster-0-worker2", + "target_ref": { + "api_version": null, + "field_path": null, + "kind": "Pod", + "name": "test-cluster-pd-1", + "namespace": "acto-namespace", + "resource_version": null, + "uid": "fddcab1c-5c70-49b9-8a97-afe4d7dec60e" + } + }, + { + "hostname": "test-cluster-pd-2", + "ip": "10.244.3.5", + "node_name": "acto-0-cluster-0-worker3", + "target_ref": { + "api_version": null, + "field_path": null, + "kind": "Pod", + "name": "test-cluster-pd-2", + "namespace": "acto-namespace", + "resource_version": null, + "uid": "6c47980f-aa16-4023-b5b9-150257844cb0" + } + } + ], + "not_ready_addresses": null, + "ports": [ + { + "app_protocol": null, + "name": "tcp-peer-2379", + "port": 2379, + "protocol": "TCP" + }, + { + "app_protocol": null, + "name": "tcp-peer-2380", + "port": 2380, + "protocol": "TCP" + } + ] + } + ] + }, + "test-cluster-tidb": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:52+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": { + "app.kubernetes.io/component": "tidb", + "app.kubernetes.io/instance": "test-cluster", + "app.kubernetes.io/managed-by": "tidb-operator", + "app.kubernetes.io/name": "tidb-cluster", + "app.kubernetes.io/used-by": "end-user" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:labels": { + ".": {}, + "f:app.kubernetes.io/component": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {}, + "f:app.kubernetes.io/used-by": {} + } + }, + "f:subsets": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:21:54+00:00" + } + ], + "name": "test-cluster-tidb", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1594", + "self_link": null, + "uid": "92b151e9-478a-40fd-8af2-02348b397057" + }, + "subsets": [ + { + "addresses": [ + { + "hostname": null, + "ip": "10.244.1.7", + "node_name": "acto-0-cluster-0-worker", + "target_ref": { + "api_version": null, + "field_path": null, + "kind": "Pod", + "name": "test-cluster-tidb-0", + "namespace": "acto-namespace", + "resource_version": null, + "uid": "33b4a064-47e7-4ea8-a6eb-4638ba7c5753" + } + }, + { + "hostname": null, + "ip": "10.244.2.8", + "node_name": "acto-0-cluster-0-worker2", + "target_ref": { + "api_version": null, + "field_path": null, + "kind": "Pod", + "name": "test-cluster-tidb-1", + "namespace": "acto-namespace", + "resource_version": null, + "uid": "b39da1e7-81ed-4250-9545-8ebd713753dc" + } + } + ], + "not_ready_addresses": null, + "ports": [ + { + "app_protocol": null, + "name": "status", + "port": 10080, + "protocol": "TCP" + }, + { + "app_protocol": null, + "name": "mysql-client", + "port": 4000, + "protocol": "TCP" + } + ] + } + ] + }, + "test-cluster-tidb-peer": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:20:52+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": { + "app.kubernetes.io/component": "tidb", + "app.kubernetes.io/instance": "test-cluster", + "app.kubernetes.io/managed-by": "tidb-operator", + "app.kubernetes.io/name": "tidb-cluster", + "app.kubernetes.io/used-by": "peer", + "service.kubernetes.io/headless": "" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:labels": { + ".": {}, + "f:app.kubernetes.io/component": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {}, + "f:app.kubernetes.io/used-by": {}, + "f:service.kubernetes.io/headless": {} + } + }, + "f:subsets": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:22:26+00:00" + } + ], + "name": "test-cluster-tidb-peer", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1698", + "self_link": null, + "uid": "709cfbb2-a95b-4f52-8847-e56b0adbf616" + }, + "subsets": [ + { + "addresses": [ + { + "hostname": "test-cluster-tidb-0", + "ip": "10.244.1.7", + "node_name": "acto-0-cluster-0-worker", + "target_ref": { + "api_version": null, + "field_path": null, + "kind": "Pod", + "name": "test-cluster-tidb-0", + "namespace": "acto-namespace", + "resource_version": null, + "uid": "33b4a064-47e7-4ea8-a6eb-4638ba7c5753" + } + }, + { + "hostname": "test-cluster-tidb-1", + "ip": "10.244.2.8", + "node_name": "acto-0-cluster-0-worker2", + "target_ref": { + "api_version": null, + "field_path": null, + "kind": "Pod", + "name": "test-cluster-tidb-1", + "namespace": "acto-namespace", + "resource_version": null, + "uid": "b39da1e7-81ed-4250-9545-8ebd713753dc" + } + } + ], + "not_ready_addresses": null, + "ports": [ + { + "app_protocol": null, + "name": "status", + "port": 10080, + "protocol": "TCP" + } + ] + } + ] + }, + "test-cluster-tikv-peer": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": { + "endpoints.kubernetes.io/last-change-trigger-time": "2024-02-27T01:20:27Z" + }, + "creation_timestamp": "2024-02-27T01:20:22+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": { + "app.kubernetes.io/component": "tikv", + "app.kubernetes.io/instance": "test-cluster", + "app.kubernetes.io/managed-by": "tidb-operator", + "app.kubernetes.io/name": "tidb-cluster", + "app.kubernetes.io/used-by": "peer", + "service.kubernetes.io/headless": "" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + ".": {}, + "f:endpoints.kubernetes.io/last-change-trigger-time": {} + }, + "f:labels": { + ".": {}, + "f:app.kubernetes.io/component": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {}, + "f:app.kubernetes.io/used-by": {}, + "f:service.kubernetes.io/headless": {} + } + }, + "f:subsets": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:20:27+00:00" + } + ], + "name": "test-cluster-tikv-peer", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "1255", + "self_link": null, + "uid": "51825553-b652-45c7-b9ed-a12f85fb7489" + }, + "subsets": [ + { + "addresses": [ + { + "hostname": "test-cluster-tikv-1", + "ip": "10.244.1.6", + "node_name": "acto-0-cluster-0-worker", + "target_ref": { + "api_version": null, + "field_path": null, + "kind": "Pod", + "name": "test-cluster-tikv-1", + "namespace": "acto-namespace", + "resource_version": null, + "uid": "fe7fca3f-2c5a-406e-856b-3b0bec9e4bfc" + } + }, + { + "hostname": "test-cluster-tikv-0", + "ip": "10.244.2.7", + "node_name": "acto-0-cluster-0-worker2", + "target_ref": { + "api_version": null, + "field_path": null, + "kind": "Pod", + "name": "test-cluster-tikv-0", + "namespace": "acto-namespace", + "resource_version": null, + "uid": "ebc480d7-eef9-48ca-8d1f-31c413ae8bab" + } + }, + { + "hostname": "test-cluster-tikv-2", + "ip": "10.244.3.7", + "node_name": "acto-0-cluster-0-worker3", + "target_ref": { + "api_version": null, + "field_path": null, + "kind": "Pod", + "name": "test-cluster-tikv-2", + "namespace": "acto-namespace", + "resource_version": null, + "uid": "15df53c3-220b-48c9-82e6-5bde9ad0ef90" + } + } + ], + "not_ready_addresses": null, + "ports": [ + { + "app_protocol": null, + "name": "peer", + "port": 20160, + "protocol": "TCP" + } + ] + } + ] + }, + "tidb-controller-manager": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": { + "control-plane.alpha.kubernetes.io/leader": "{\"holderIdentity\":\"tidb-controller-manager-7b6bdb846c-75s8q\",\"leaseDurationSeconds\":15,\"acquireTime\":\"2024-02-27T01:19:52Z\",\"renewTime\":\"2024-02-27T01:29:52Z\",\"leaderTransitions\":1}" + }, + "creation_timestamp": "2024-02-27T01:19:30+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + ".": {}, + "f:control-plane.alpha.kubernetes.io/leader": {} + } + } + }, + "manager": "tidb-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:29:52+00:00" + } + ], + "name": "tidb-controller-manager", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "2723", + "self_link": null, + "uid": "f34e8ea1-3cf4-4632-8f1c-639acd494b56" + }, + "subsets": null + } + }, + "service_account": { + "default": { + "api_version": null, + "automount_service_account_token": null, + "image_pull_secrets": null, + "kind": null, + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:19:22+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": null, + "name": "default", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "629", + "self_link": null, + "uid": "b35afad6-609f-438c-b513-54693f9f507b" + }, + "secrets": null + }, + "test-cluster-discovery": { + "api_version": null, + "automount_service_account_token": null, + "image_pull_secrets": null, + "kind": null, + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:19:59+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": { + "app.kubernetes.io/component": "discovery", + "app.kubernetes.io/instance": "test-cluster", + "app.kubernetes.io/managed-by": "tidb-operator", + "app.kubernetes.io/name": "tidb-cluster" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:labels": { + ".": {}, + "f:app.kubernetes.io/component": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {} + }, + "f:ownerReferences": { + ".": {}, + "k:{\"uid\":\"eff6561e-bf0d-471c-99a1-71f35603bc87\"}": {} + } + } + }, + "manager": "tidb-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:59+00:00" + } + ], + "name": "test-cluster-discovery", + "namespace": "acto-namespace", + "owner_references": [ + { + "api_version": "pingcap.com/v1alpha1", + "block_owner_deletion": true, + "controller": true, + "kind": "TidbCluster", + "name": "test-cluster", + "uid": "eff6561e-bf0d-471c-99a1-71f35603bc87" + } + ], + "resource_version": "849", + "self_link": null, + "uid": "0fd11616-b3a2-4bd2-adaa-fcfa072bd781" + }, + "secrets": null + }, + "tidb-controller-manager": { + "api_version": null, + "automount_service_account_token": null, + "image_pull_secrets": null, + "kind": null, + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:19:29+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": { + "app.kubernetes.io/component": "controller-manager", + "app.kubernetes.io/instance": "acto-test-operator", + "app.kubernetes.io/managed-by": "Helm", + "app.kubernetes.io/name": "tidb-operator", + "helm.sh/chart": "tidb-operator-v1-canary" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:labels": { + "f:app.kubernetes.io/component": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {}, + "f:helm.sh/chart": {} + } + } + }, + "manager": "kubectl", + "operation": "Apply", + "subresource": null, + "time": "2024-02-27T01:19:29+00:00" + } + ], + "name": "tidb-controller-manager", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "668", + "self_link": null, + "uid": "64ae3b2d-b193-4773-9789-6a843c16a808" + }, + "secrets": null + }, + "tidb-scheduler": { + "api_version": null, + "automount_service_account_token": null, + "image_pull_secrets": null, + "kind": null, + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:19:29+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": { + "app.kubernetes.io/component": "scheduler", + "app.kubernetes.io/instance": "acto-test-operator", + "app.kubernetes.io/managed-by": "Helm", + "app.kubernetes.io/name": "tidb-operator", + "helm.sh/chart": "tidb-operator-v1-canary" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:labels": { + "f:app.kubernetes.io/component": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {}, + "f:helm.sh/chart": {} + } + } + }, + "manager": "kubectl", + "operation": "Apply", + "subresource": null, + "time": "2024-02-27T01:19:29+00:00" + } + ], + "name": "tidb-scheduler", + "namespace": "acto-namespace", + "owner_references": null, + "resource_version": "669", + "self_link": null, + "uid": "9c95f44c-e826-4847-a2ca-cb7af4ea3f60" + }, + "secrets": null + } + }, + "job": {}, + "role": { + "test-cluster-discovery": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:19:59+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": { + "app.kubernetes.io/component": "discovery", + "app.kubernetes.io/instance": "test-cluster", + "app.kubernetes.io/managed-by": "tidb-operator", + "app.kubernetes.io/name": "tidb-cluster" + }, + "managed_fields": [ + { + "api_version": "rbac.authorization.k8s.io/v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:labels": { + ".": {}, + "f:app.kubernetes.io/component": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {} + }, + "f:ownerReferences": { + ".": {}, + "k:{\"uid\":\"eff6561e-bf0d-471c-99a1-71f35603bc87\"}": {} + } + }, + "f:rules": {} + }, + "manager": "tidb-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:59+00:00" + } + ], + "name": "test-cluster-discovery", + "namespace": "acto-namespace", + "owner_references": [ + { + "api_version": "pingcap.com/v1alpha1", + "block_owner_deletion": true, + "controller": true, + "kind": "TidbCluster", + "name": "test-cluster", + "uid": "eff6561e-bf0d-471c-99a1-71f35603bc87" + } + ], + "resource_version": "848", + "self_link": null, + "uid": "0239b8e9-c3cf-4178-b83b-897dcc08e31e" + }, + "rules": [ + { + "api_groups": [ + "pingcap.com" + ], + "non_resource_ur_ls": null, + "resource_names": [ + "test-cluster" + ], + "resources": [ + "tidbclusters" + ], + "verbs": [ + "get" + ] + }, + { + "api_groups": [ + "" + ], + "non_resource_ur_ls": null, + "resource_names": null, + "resources": [ + "secrets" + ], + "verbs": [ + "get", + "list", + "watch" + ] + } + ] + } + }, + "role_binding": { + "test-cluster-discovery": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-27T01:19:59+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": { + "app.kubernetes.io/component": "discovery", + "app.kubernetes.io/instance": "test-cluster", + "app.kubernetes.io/managed-by": "tidb-operator", + "app.kubernetes.io/name": "tidb-cluster" + }, + "managed_fields": [ + { + "api_version": "rbac.authorization.k8s.io/v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:labels": { + ".": {}, + "f:app.kubernetes.io/component": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {} + }, + "f:ownerReferences": { + ".": {}, + "k:{\"uid\":\"eff6561e-bf0d-471c-99a1-71f35603bc87\"}": {} + } + }, + "f:roleRef": {}, + "f:subjects": {} + }, + "manager": "tidb-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-27T01:19:59+00:00" + } + ], + "name": "test-cluster-discovery", + "namespace": "acto-namespace", + "owner_references": [ + { + "api_version": "pingcap.com/v1alpha1", + "block_owner_deletion": true, + "controller": true, + "kind": "TidbCluster", + "name": "test-cluster", + "uid": "eff6561e-bf0d-471c-99a1-71f35603bc87" + } + ], + "resource_version": "852", + "self_link": null, + "uid": "80f61952-9b43-4d3d-8085-809784c1c77f" + }, + "role_ref": { + "api_group": "rbac.authorization.k8s.io", + "kind": "Role", + "name": "test-cluster-discovery" + }, + "subjects": [ + { + "api_group": null, + "kind": "ServiceAccount", + "name": "test-cluster-discovery", + "namespace": null + } + ] + } + }, + "custom_resource_spec": { + "configUpdateStrategy": "RollingUpdate", + "discovery": {}, + "enableDynamicConfiguration": true, + "enablePVReclaim": false, + "helper": { + "image": "busybox:1.34.1" + }, + "imagePullPolicy": "IfNotPresent", + "pd": { + "baseImage": "pingcap/pd", + "config": "[dashboard]\n internal-proxy = true\n", + "maxFailoverCount": 0, + "mountClusterClientSecret": true, + "replicas": 3, + "requests": { + "storage": "10Gi" + } + }, + "pvReclaimPolicy": "Retain", + "tidb": { + "affinity": { + "nodeAffinity": { + "requiredDuringSchedulingIgnoredDuringExecution": { + "nodeSelectorTerms": [ + { + "matchExpressions": [ + { + "key": "kubernetes.io/hostname", + "operator": "In", + "values": [ + "NONE" + ] + } + ] + } + ] + } + } + }, + "baseImage": "pingcap/tidb", + "config": "[log]\n [log.file]\n max-backups = 3\n\n[performance]\n tcp-keep-alive = true\n", + "maxFailoverCount": 0, + "replicas": 3, + "service": { + "externalTrafficPolicy": "Local", + "type": "NodePort" + } + }, + "tikv": { + "baseImage": "pingcap/tikv", + "config": "log-level = \"info\"\n", + "maxFailoverCount": 0, + "mountClusterClientSecret": true, + "replicas": 3, + "requests": { + "storage": "100Gi" + }, + "separateRaftLog": true + }, + "timezone": "UTC", + "tlsCluster": {}, + "version": "v5.4.0" + }, + "custom_resource_status": { + "clusterID": "7340085439264123903", + "conditions": [ + { + "lastTransitionTime": "2024-02-27T01:21:54Z", + "lastUpdateTime": "2024-02-27T01:21:54Z", + "message": "Statefulset(s) are in progress", + "reason": "StatefulSetNotUpToDate", + "status": "False", + "type": "Ready" + } + ], + "pd": { + "image": "pingcap/pd:v5.4.0", + "leader": { + "clientURL": "http://test-cluster-pd-2.test-cluster-pd-peer.acto-namespace.svc:2379", + "health": true, + "id": "5110389971597451409", + "lastTransitionTime": "2024-02-27T01:20:22Z", + "name": "test-cluster-pd-2" + }, + "members": { + "test-cluster-pd-0": { + "clientURL": "http://test-cluster-pd-0.test-cluster-pd-peer.acto-namespace.svc:2379", + "health": true, + "id": "1141335897322686879", + "lastTransitionTime": "2024-02-27T01:20:52Z", + "name": "test-cluster-pd-0" + }, + "test-cluster-pd-1": { + "clientURL": "http://test-cluster-pd-1.test-cluster-pd-peer.acto-namespace.svc:2379", + "health": true, + "id": "13142663148032253862", + "lastTransitionTime": "2024-02-27T01:20:22Z", + "name": "test-cluster-pd-1" + }, + "test-cluster-pd-2": { + "clientURL": "http://test-cluster-pd-2.test-cluster-pd-peer.acto-namespace.svc:2379", + "health": true, + "id": "5110389971597451409", + "lastTransitionTime": "2024-02-27T01:20:22Z", + "name": "test-cluster-pd-2" + } + }, + "phase": "Normal", + "statefulSet": { + "collisionCount": 0, + "currentReplicas": 3, + "currentRevision": "test-cluster-pd-859db88ddf", + "observedGeneration": 1, + "readyReplicas": 3, + "replicas": 3, + "updateRevision": "test-cluster-pd-859db88ddf", + "updatedReplicas": 3 + }, + "synced": true + }, + "pump": {}, + "ticdc": {}, + "tidb": { + "image": "pingcap/tidb:v5.4.0", + "members": { + "test-cluster-tidb-0": { + "health": true, + "lastTransitionTime": "2024-02-27T01:20:58Z", + "name": "test-cluster-tidb-0", + "node": "acto-0-cluster-0-worker" + }, + "test-cluster-tidb-1": { + "health": true, + "lastTransitionTime": "2024-02-27T01:20:58Z", + "name": "test-cluster-tidb-1", + "node": "acto-0-cluster-0-worker2" + }, + "test-cluster-tidb-2": { + "health": false, + "lastTransitionTime": "2024-02-27T01:22:28Z", + "name": "test-cluster-tidb-2" + } + }, + "phase": "Upgrade", + "statefulSet": { + "collisionCount": 0, + "currentReplicas": 2, + "currentRevision": "test-cluster-tidb-788bdc6cfc", + "observedGeneration": 3, + "readyReplicas": 2, + "replicas": 3, + "updateRevision": "test-cluster-tidb-64f7fcc656", + "updatedReplicas": 1 + } + }, + "tiflash": {}, + "tikv": { + "bootStrapped": true, + "image": "pingcap/tikv:v5.4.0", + "phase": "Normal", + "statefulSet": { + "collisionCount": 0, + "currentReplicas": 3, + "currentRevision": "test-cluster-tikv-797dfd54bf", + "observedGeneration": 1, + "readyReplicas": 3, + "replicas": 3, + "updateRevision": "test-cluster-tikv-797dfd54bf", + "updatedReplicas": 3 + }, + "stores": { + "1": { + "id": "1", + "ip": "test-cluster-tikv-1.test-cluster-tikv-peer.acto-namespace.svc", + "lastTransitionTime": "2024-02-27T01:20:52Z", + "leaderCount": 16, + "podName": "test-cluster-tikv-1", + "state": "Up" + }, + "4": { + "id": "4", + "ip": "test-cluster-tikv-2.test-cluster-tikv-peer.acto-namespace.svc", + "lastTransitionTime": "2024-02-27T01:20:52Z", + "leaderCount": 7, + "podName": "test-cluster-tikv-2", + "state": "Up" + }, + "5": { + "id": "5", + "ip": "test-cluster-tikv-0.test-cluster-tikv-peer.acto-namespace.svc", + "lastTransitionTime": "2024-02-27T01:20:52Z", + "leaderCount": 6, + "podName": "test-cluster-tikv-0", + "state": "Up" + } + }, + "synced": true + } + } +} diff --git a/docs/alarm_examples/true_alarm/events--01.json b/docs/alarm_examples/true_alarm/events--01.json new file mode 100644 index 0000000000..2268a90785 --- /dev/null +++ b/docs/alarm_examples/true_alarm/events--01.json @@ -0,0 +1,6753 @@ +{ + "api_version": "v1", + "items": [ + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:32:50+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "ConfigMap", + "name": "b569adb7.cassandra.datastax.com", + "namespace": "cass-operator", + "resource_version": "1013", + "uid": "addfb43f-462e-43d9-8c36-adfb859f3c69" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:32:50+00:00", + "message": "cass-operator-controller-manager-7d7f55d9cb-bmhtv_7c812c80-59b2-4c52-8c15-f2a5793780b0 became leader", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:32:50+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:32:50+00:00" + } + ], + "name": "b569adb7.cassandra.datastax.com.17b78097228fa12d", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1015", + "self_link": null, + "uid": "b8dad311-fdd0-4191-9d22-407f76d95127" + }, + "reason": "LeaderElection", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "cass-operator-controller-manager-7d7f55d9cb-bmhtv_7c812c80-59b2-4c52-8c15-f2a5793780b0", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:32:50+00:00", + "involved_object": { + "api_version": "coordination.k8s.io/v1", + "field_path": null, + "kind": "Lease", + "name": "b569adb7.cassandra.datastax.com", + "namespace": "cass-operator", + "resource_version": "1014", + "uid": "2c322f6d-370b-40cf-8edb-07813ca2f90f" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:32:50+00:00", + "message": "cass-operator-controller-manager-7d7f55d9cb-bmhtv_7c812c80-59b2-4c52-8c15-f2a5793780b0 became leader", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:32:50+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:32:50+00:00" + } + ], + "name": "b569adb7.cassandra.datastax.com.17b78097228fb73e", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1016", + "self_link": null, + "uid": "8dfbd7f0-567d-401f-94ac-38fa4938f6c3" + }, + "reason": "LeaderElection", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "cass-operator-controller-manager-7d7f55d9cb-bmhtv_7c812c80-59b2-4c52-8c15-f2a5793780b0", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:33:24+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "ConfigMap", + "name": "b569adb7.cassandra.datastax.com", + "namespace": "cass-operator", + "resource_version": "1168", + "uid": "addfb43f-462e-43d9-8c36-adfb859f3c69" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:33:24+00:00", + "message": "cass-operator-controller-manager-7f9b66678b-z6j64_6c9b4450-3b5f-46e2-b713-650dfa0b8f7f became leader", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:24+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:24+00:00" + } + ], + "name": "b569adb7.cassandra.datastax.com.17b7809f22396f65", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1170", + "self_link": null, + "uid": "e8671371-f71c-4106-afa0-d97fa580b917" + }, + "reason": "LeaderElection", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "cass-operator-controller-manager-7f9b66678b-z6j64_6c9b4450-3b5f-46e2-b713-650dfa0b8f7f", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:33:24+00:00", + "involved_object": { + "api_version": "coordination.k8s.io/v1", + "field_path": null, + "kind": "Lease", + "name": "b569adb7.cassandra.datastax.com", + "namespace": "cass-operator", + "resource_version": "1169", + "uid": "2c322f6d-370b-40cf-8edb-07813ca2f90f" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:33:24+00:00", + "message": "cass-operator-controller-manager-7f9b66678b-z6j64_6c9b4450-3b5f-46e2-b713-650dfa0b8f7f became leader", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:24+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:24+00:00" + } + ], + "name": "b569adb7.cassandra.datastax.com.17b7809f223985ee", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1171", + "self_link": null, + "uid": "b2ee970c-9b43-4094-9ab2-3af5e3f158e0" + }, + "reason": "LeaderElection", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "cass-operator-controller-manager-7f9b66678b-z6j64_6c9b4450-3b5f-46e2-b713-650dfa0b8f7f", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:32:48+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "Pod", + "name": "cass-operator-controller-manager-7d7f55d9cb-bmhtv", + "namespace": "cass-operator", + "resource_version": "970", + "uid": "6f9e04c8-3c2b-4e7e-a554-91a903b003b3" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:32:48+00:00", + "message": "Successfully assigned cass-operator/cass-operator-controller-manager-7d7f55d9cb-bmhtv to acto-0-cluster-0-worker3", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:32:48+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-scheduler", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:32:48+00:00" + } + ], + "name": "cass-operator-controller-manager-7d7f55d9cb-bmhtv.17b78096d8cd91c5", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "978", + "self_link": null, + "uid": "2035ec1e-9bc3-4a85-aec9-6d6c86710bbc" + }, + "reason": "Scheduled", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "default-scheduler", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:32:49+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{manager}", + "kind": "Pod", + "name": "cass-operator-controller-manager-7d7f55d9cb-bmhtv", + "namespace": "cass-operator", + "resource_version": "975", + "uid": "6f9e04c8-3c2b-4e7e-a554-91a903b003b3" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:32:49+00:00", + "message": "Container image \"k8ssandra/cass-operator:v1.10.3\" already present on machine", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:32:49+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:32:49+00:00" + } + ], + "name": "cass-operator-controller-manager-7d7f55d9cb-bmhtv.17b78096f96dd470", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1009", + "self_link": null, + "uid": "853bdd4c-0e95-44ff-9703-575ea7517897" + }, + "reason": "Pulled", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker3" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:32:49+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{manager}", + "kind": "Pod", + "name": "cass-operator-controller-manager-7d7f55d9cb-bmhtv", + "namespace": "cass-operator", + "resource_version": "975", + "uid": "6f9e04c8-3c2b-4e7e-a554-91a903b003b3" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:32:49+00:00", + "message": "Created container manager", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:32:49+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:32:49+00:00" + } + ], + "name": "cass-operator-controller-manager-7d7f55d9cb-bmhtv.17b78096faeddc79", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1010", + "self_link": null, + "uid": "f2856902-e7c0-4ce3-983b-51cb0b84a506" + }, + "reason": "Created", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker3" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:32:49+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{manager}", + "kind": "Pod", + "name": "cass-operator-controller-manager-7d7f55d9cb-bmhtv", + "namespace": "cass-operator", + "resource_version": "975", + "uid": "6f9e04c8-3c2b-4e7e-a554-91a903b003b3" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:32:49+00:00", + "message": "Started container manager", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:32:49+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:32:49+00:00" + } + ], + "name": "cass-operator-controller-manager-7d7f55d9cb-bmhtv.17b7809705fa09e5", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1011", + "self_link": null, + "uid": "1cebfee3-0e13-40c5-8fb5-022bfb09a861" + }, + "reason": "Started", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker3" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 2, + "event_time": null, + "first_timestamp": "2024-02-26T19:33:09+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{manager}", + "kind": "Pod", + "name": "cass-operator-controller-manager-7d7f55d9cb-bmhtv", + "namespace": "cass-operator", + "resource_version": "975", + "uid": "6f9e04c8-3c2b-4e7e-a554-91a903b003b3" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:33:10+00:00", + "message": "Stopping container manager", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:09+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:09+00:00" + } + ], + "name": "cass-operator-controller-manager-7d7f55d9cb-bmhtv.17b7809b8db02ac9", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1132", + "self_link": null, + "uid": "c996222b-b180-43eb-8fbc-dc23b4d5c1fc" + }, + "reason": "Killing", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker3" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:33:10+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "Pod", + "name": "cass-operator-controller-manager-7d7f55d9cb-bmhtv", + "namespace": "cass-operator", + "resource_version": null, + "uid": "6f9e04c8-3c2b-4e7e-a554-91a903b003b3" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:33:10+00:00", + "message": "error killing pod: failed to \"KillContainer\" for \"manager\" with KillContainerError: \"rpc error: code = NotFound desc = an error occurred when try to find container \\\"5049ea9c3b39c3c6b2d233d60ea6844ac7c639d74b059bb19b3184a81826054a\\\": not found\"", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:10+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:10+00:00" + } + ], + "name": "cass-operator-controller-manager-7d7f55d9cb-bmhtv.17b7809bd13088c2", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1133", + "self_link": null, + "uid": "d056050b-2504-40ed-b685-29b5c5bda261" + }, + "reason": "FailedKillPod", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker3" + }, + "type": "Warning" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:32:48+00:00", + "involved_object": { + "api_version": "apps/v1", + "field_path": null, + "kind": "ReplicaSet", + "name": "cass-operator-controller-manager-7d7f55d9cb", + "namespace": "cass-operator", + "resource_version": "968", + "uid": "ee16aea5-90e7-406a-9292-16f719430a3b" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:32:48+00:00", + "message": "Created pod: cass-operator-controller-manager-7d7f55d9cb-bmhtv", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:32:48+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:32:48+00:00" + } + ], + "name": "cass-operator-controller-manager-7d7f55d9cb.17b78096d83edc14", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "976", + "self_link": null, + "uid": "357898ad-75c6-4582-bd5f-5ee4bbd508e2" + }, + "reason": "SuccessfulCreate", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "replicaset-controller", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:33:09+00:00", + "involved_object": { + "api_version": "apps/v1", + "field_path": null, + "kind": "ReplicaSet", + "name": "cass-operator-controller-manager-7d7f55d9cb", + "namespace": "cass-operator", + "resource_version": "1114", + "uid": "ee16aea5-90e7-406a-9292-16f719430a3b" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:33:09+00:00", + "message": "Deleted pod: cass-operator-controller-manager-7d7f55d9cb-bmhtv", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:09+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:09+00:00" + } + ], + "name": "cass-operator-controller-manager-7d7f55d9cb.17b7809b8db4ebf2", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1120", + "self_link": null, + "uid": "a260413d-6424-4677-b2e3-c33b4bcffc4c" + }, + "reason": "SuccessfulDelete", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "replicaset-controller", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:32:59+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "Pod", + "name": "cass-operator-controller-manager-7f9b66678b-z6j64", + "namespace": "cass-operator", + "resource_version": "1060", + "uid": "cb769fc5-2138-4ed6-a67a-6809b9982242" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:32:59+00:00", + "message": "Successfully assigned cass-operator/cass-operator-controller-manager-7f9b66678b-z6j64 to acto-0-cluster-0-worker3", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:32:59+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-scheduler", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:32:59+00:00" + } + ], + "name": "cass-operator-controller-manager-7f9b66678b-z6j64.17b7809937c3ec2e", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1065", + "self_link": null, + "uid": "64d08747-8d0c-4a1a-b4f9-098865badd25" + }, + "reason": "Scheduled", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "default-scheduler", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:32:59+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{manager}", + "kind": "Pod", + "name": "cass-operator-controller-manager-7f9b66678b-z6j64", + "namespace": "cass-operator", + "resource_version": "1062", + "uid": "cb769fc5-2138-4ed6-a67a-6809b9982242" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:32:59+00:00", + "message": "Container image \"k8ssandra/cass-operator:v1.10.3\" already present on machine", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:32:59+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:32:59+00:00" + } + ], + "name": "cass-operator-controller-manager-7f9b66678b-z6j64.17b78099548fba25", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1071", + "self_link": null, + "uid": "581e9943-0d55-45f3-9dd2-c3e0c9c43133" + }, + "reason": "Pulled", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker3" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:32:59+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{manager}", + "kind": "Pod", + "name": "cass-operator-controller-manager-7f9b66678b-z6j64", + "namespace": "cass-operator", + "resource_version": "1062", + "uid": "cb769fc5-2138-4ed6-a67a-6809b9982242" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:32:59+00:00", + "message": "Created container manager", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:32:59+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:32:59+00:00" + } + ], + "name": "cass-operator-controller-manager-7f9b66678b-z6j64.17b7809955c82176", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1072", + "self_link": null, + "uid": "ce832a39-64ed-474e-bf45-858b7ced15db" + }, + "reason": "Created", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker3" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:32:59+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{manager}", + "kind": "Pod", + "name": "cass-operator-controller-manager-7f9b66678b-z6j64", + "namespace": "cass-operator", + "resource_version": "1062", + "uid": "cb769fc5-2138-4ed6-a67a-6809b9982242" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:32:59+00:00", + "message": "Started container manager", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:32:59+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:32:59+00:00" + } + ], + "name": "cass-operator-controller-manager-7f9b66678b-z6j64.17b780995fef39a1", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1073", + "self_link": null, + "uid": "dcaadf9d-28c2-48e4-bd8f-316f2444be9e" + }, + "reason": "Started", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker3" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:32:59+00:00", + "involved_object": { + "api_version": "apps/v1", + "field_path": null, + "kind": "ReplicaSet", + "name": "cass-operator-controller-manager-7f9b66678b", + "namespace": "cass-operator", + "resource_version": "1058", + "uid": "e38b5d98-937b-4f7a-9830-ede14d9e8f42" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:32:59+00:00", + "message": "Created pod: cass-operator-controller-manager-7f9b66678b-z6j64", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:32:59+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:32:59+00:00" + } + ], + "name": "cass-operator-controller-manager-7f9b66678b.17b7809937a72248", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1063", + "self_link": null, + "uid": "499b9514-27e7-4ab6-8952-90d850823ec4" + }, + "reason": "SuccessfulCreate", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "replicaset-controller", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:32:48+00:00", + "involved_object": { + "api_version": "apps/v1", + "field_path": null, + "kind": "Deployment", + "name": "cass-operator-controller-manager", + "namespace": "cass-operator", + "resource_version": "966", + "uid": "df3d20c7-d213-4071-8f88-541e84b55bd6" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:32:48+00:00", + "message": "Scaled up replica set cass-operator-controller-manager-7d7f55d9cb to 1", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:32:48+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:32:48+00:00" + } + ], + "name": "cass-operator-controller-manager.17b78096d75838b9", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "969", + "self_link": null, + "uid": "4c66bc33-d876-44f8-93a8-52aa010af91f" + }, + "reason": "ScalingReplicaSet", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "deployment-controller", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:32:59+00:00", + "involved_object": { + "api_version": "apps/v1", + "field_path": null, + "kind": "Deployment", + "name": "cass-operator-controller-manager", + "namespace": "cass-operator", + "resource_version": "1057", + "uid": "df3d20c7-d213-4071-8f88-541e84b55bd6" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:32:59+00:00", + "message": "Scaled up replica set cass-operator-controller-manager-7f9b66678b to 1", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:32:59+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:32:59+00:00" + } + ], + "name": "cass-operator-controller-manager.17b78099375f2223", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1059", + "self_link": null, + "uid": "f6b0b036-5f1e-4b70-9914-253f13899266" + }, + "reason": "ScalingReplicaSet", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "deployment-controller", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:33:09+00:00", + "involved_object": { + "api_version": "apps/v1", + "field_path": null, + "kind": "Deployment", + "name": "cass-operator-controller-manager", + "namespace": "cass-operator", + "resource_version": "1069", + "uid": "df3d20c7-d213-4071-8f88-541e84b55bd6" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:33:09+00:00", + "message": "Scaled down replica set cass-operator-controller-manager-7d7f55d9cb to 0", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:09+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:09+00:00" + } + ], + "name": "cass-operator-controller-manager.17b7809b8d519b99", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1115", + "self_link": null, + "uid": "835ae817-dc2c-42f4-a5c9-dc0786df9a77" + }, + "reason": "ScalingReplicaSet", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "deployment-controller", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:32:49+00:00", + "involved_object": { + "api_version": "cert-manager.io/v1", + "field_path": null, + "kind": "CertificateRequest", + "name": "cass-operator-serving-cert-xshw4", + "namespace": "cass-operator", + "resource_version": "994", + "uid": "2014f6c2-d7c5-421e-9386-f820843fec26" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:32:49+00:00", + "message": "Certificate request has been approved by cert-manager.io", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:32:49+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "controller", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:32:49+00:00" + } + ], + "name": "cass-operator-serving-cert-xshw4.17b78096e27725b4", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "997", + "self_link": null, + "uid": "7aa06295-d8f8-445c-84f8-eff388ecea35" + }, + "reason": "cert-manager.io", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "cert-manager", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:32:49+00:00", + "involved_object": { + "api_version": "cert-manager.io/v1", + "field_path": null, + "kind": "CertificateRequest", + "name": "cass-operator-serving-cert-xshw4", + "namespace": "cass-operator", + "resource_version": "996", + "uid": "2014f6c2-d7c5-421e-9386-f820843fec26" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:32:49+00:00", + "message": "Certificate will be issued with an empty Issuer DN, which contravenes RFC 5280 and could break some strict clients", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:32:49+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "controller", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:32:49+00:00" + } + ], + "name": "cass-operator-serving-cert-xshw4.17b78096e27b315f", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "998", + "self_link": null, + "uid": "cceab21c-4bef-43e3-8997-18e1daa29426" + }, + "reason": "BadConfig", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "cert-manager", + "host": null + }, + "type": "Warning" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:32:49+00:00", + "involved_object": { + "api_version": "cert-manager.io/v1", + "field_path": null, + "kind": "CertificateRequest", + "name": "cass-operator-serving-cert-xshw4", + "namespace": "cass-operator", + "resource_version": "996", + "uid": "2014f6c2-d7c5-421e-9386-f820843fec26" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:32:49+00:00", + "message": "Certificate fetched from issuer successfully", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:32:49+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "controller", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:32:49+00:00" + } + ], + "name": "cass-operator-serving-cert-xshw4.17b78096e28f0e34", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "999", + "self_link": null, + "uid": "b78eef05-a23f-45d9-a13a-691a31de1b7f" + }, + "reason": "CertificateIssued", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "cert-manager", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:32:49+00:00", + "involved_object": { + "api_version": "cert-manager.io/v1", + "field_path": null, + "kind": "Certificate", + "name": "cass-operator-serving-cert", + "namespace": "cass-operator", + "resource_version": "984", + "uid": "59224551-272c-4f41-9753-d5b3722066de" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:32:49+00:00", + "message": "Issuing certificate as Secret does not exist", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:32:49+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "controller", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:32:49+00:00" + } + ], + "name": "cass-operator-serving-cert.17b78096dc45aa9b", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "989", + "self_link": null, + "uid": "828b4ca4-8651-43cb-9fbc-51285caf3ee5" + }, + "reason": "Issuing", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "cert-manager", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:32:49+00:00", + "involved_object": { + "api_version": "cert-manager.io/v1", + "field_path": null, + "kind": "Certificate", + "name": "cass-operator-serving-cert", + "namespace": "cass-operator", + "resource_version": "988", + "uid": "59224551-272c-4f41-9753-d5b3722066de" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:32:49+00:00", + "message": "Stored new private key in temporary Secret resource \"cass-operator-serving-cert-jcd45\"", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:32:49+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "controller", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:32:49+00:00" + } + ], + "name": "cass-operator-serving-cert.17b78096e16effc6", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "992", + "self_link": null, + "uid": "2df0ab27-2dd8-4608-8264-b14c734258d3" + }, + "reason": "Generated", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "cert-manager", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:32:49+00:00", + "involved_object": { + "api_version": "cert-manager.io/v1", + "field_path": null, + "kind": "Certificate", + "name": "cass-operator-serving-cert", + "namespace": "cass-operator", + "resource_version": "993", + "uid": "59224551-272c-4f41-9753-d5b3722066de" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:32:49+00:00", + "message": "Created new CertificateRequest resource \"cass-operator-serving-cert-xshw4\"", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:32:49+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "controller", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:32:49+00:00" + } + ], + "name": "cass-operator-serving-cert.17b78096e1f36629", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "995", + "self_link": null, + "uid": "b4d96ad9-1103-43c3-ad7c-8b1e9fdb9e6c" + }, + "reason": "Requested", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "cert-manager", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:32:49+00:00", + "involved_object": { + "api_version": "cert-manager.io/v1", + "field_path": null, + "kind": "Certificate", + "name": "cass-operator-serving-cert", + "namespace": "cass-operator", + "resource_version": "993", + "uid": "59224551-272c-4f41-9753-d5b3722066de" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:32:49+00:00", + "message": "The certificate has been successfully issued", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:32:49+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "controller", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:32:49+00:00" + } + ], + "name": "cass-operator-serving-cert.17b78096e34dbc53", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1004", + "self_link": null, + "uid": "f8ec773f-14dd-4e41-9478-b61eb19ce215" + }, + "reason": "Issuing", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "cert-manager", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:33:50+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "Endpoints", + "name": "cluster1-test-cluster-all-pods-service", + "namespace": "cass-operator", + "resource_version": "1388", + "uid": "187bdfe8-5ecd-47db-a200-44d84b6ba723" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:33:50+00:00", + "message": "Failed to update endpoint cass-operator/cluster1-test-cluster-all-pods-service: Operation cannot be fulfilled on endpoints \"cluster1-test-cluster-all-pods-service\": the object has been modified; please apply your changes to the latest version and try again", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:50+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:50+00:00" + } + ], + "name": "cluster1-test-cluster-all-pods-service.17b780a52bc73612", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1408", + "self_link": null, + "uid": "ea53a2e3-6487-4544-84a9-5e9091ec7ccb" + }, + "reason": "FailedToUpdateEndpoint", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "endpoint-controller", + "host": null + }, + "type": "Warning" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:33:33+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "Pod", + "name": "cluster1-test-cluster-default-sts-0", + "namespace": "cass-operator", + "resource_version": "1213", + "uid": "e5322c75-6c05-4e97-90b8-c11bb1c04973" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:33:33+00:00", + "message": "Successfully assigned cass-operator/cluster1-test-cluster-default-sts-0 to acto-0-cluster-0-worker2", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:33+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-scheduler", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:33+00:00" + } + ], + "name": "cluster1-test-cluster-default-sts-0.17b780a121a80034", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1296", + "self_link": null, + "uid": "9b7e58ba-a058-4cb9-b124-f38d07c2690f" + }, + "reason": "Scheduled", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "default-scheduler", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 5, + "event_time": null, + "first_timestamp": "2024-02-26T19:33:33+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "Pod", + "name": "cluster1-test-cluster-default-sts-0", + "namespace": "cass-operator", + "resource_version": "1295", + "uid": "e5322c75-6c05-4e97-90b8-c11bb1c04973" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:33:40+00:00", + "message": "MountVolume.SetUp failed for volume \"encryption-cred-storage\" : secret \"test-cluster-keystore\" not found", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:33+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:33+00:00" + } + ], + "name": "cluster1-test-cluster-default-sts-0.17b780a12cd1bcf0", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1347", + "self_link": null, + "uid": "c85f315b-a93e-4bec-aa43-797d36dafd6e" + }, + "reason": "FailedMount", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker2" + }, + "type": "Warning" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:33:49+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.initContainers{server-config-init}", + "kind": "Pod", + "name": "cluster1-test-cluster-default-sts-0", + "namespace": "cass-operator", + "resource_version": "1295", + "uid": "e5322c75-6c05-4e97-90b8-c11bb1c04973" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:33:49+00:00", + "message": "Container image \"datastax/cass-config-builder:1.0.4-ubi7\" already present on machine", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:49+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:49+00:00" + } + ], + "name": "cluster1-test-cluster-default-sts-0.17b780a4e0bb895a", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1384", + "self_link": null, + "uid": "0d1e118c-22f4-474d-a500-d8da48f476f1" + }, + "reason": "Pulled", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker2" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:33:49+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.initContainers{server-config-init}", + "kind": "Pod", + "name": "cluster1-test-cluster-default-sts-0", + "namespace": "cass-operator", + "resource_version": "1295", + "uid": "e5322c75-6c05-4e97-90b8-c11bb1c04973" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:33:49+00:00", + "message": "Created container server-config-init", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:49+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:49+00:00" + } + ], + "name": "cluster1-test-cluster-default-sts-0.17b780a4e2652bf5", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1385", + "self_link": null, + "uid": "7c4c400b-ddfe-4686-abd8-1db9796c62bc" + }, + "reason": "Created", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker2" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:33:49+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.initContainers{server-config-init}", + "kind": "Pod", + "name": "cluster1-test-cluster-default-sts-0", + "namespace": "cass-operator", + "resource_version": "1295", + "uid": "e5322c75-6c05-4e97-90b8-c11bb1c04973" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:33:49+00:00", + "message": "Started container server-config-init", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:49+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:49+00:00" + } + ], + "name": "cluster1-test-cluster-default-sts-0.17b780a4e920f019", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1386", + "self_link": null, + "uid": "717ae1ae-6871-44da-acbf-5a1d565bd231" + }, + "reason": "Started", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker2" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:33:52+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{cassandra}", + "kind": "Pod", + "name": "cluster1-test-cluster-default-sts-0", + "namespace": "cass-operator", + "resource_version": "1295", + "uid": "e5322c75-6c05-4e97-90b8-c11bb1c04973" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:33:52+00:00", + "message": "Container image \"k8ssandra/cass-management-api:3.11.7\" already present on machine", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:52+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:52+00:00" + } + ], + "name": "cluster1-test-cluster-default-sts-0.17b780a59fea383e", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1418", + "self_link": null, + "uid": "81cb153b-606c-4c1a-afe7-3c6ff655c2da" + }, + "reason": "Pulled", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker2" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:33:52+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{cassandra}", + "kind": "Pod", + "name": "cluster1-test-cluster-default-sts-0", + "namespace": "cass-operator", + "resource_version": "1295", + "uid": "e5322c75-6c05-4e97-90b8-c11bb1c04973" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:33:52+00:00", + "message": "Created container cassandra", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:52+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:52+00:00" + } + ], + "name": "cluster1-test-cluster-default-sts-0.17b780a5a0ee7f1b", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1420", + "self_link": null, + "uid": "f55a979c-686b-4171-bc40-7601d902f616" + }, + "reason": "Created", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker2" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:33:52+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{cassandra}", + "kind": "Pod", + "name": "cluster1-test-cluster-default-sts-0", + "namespace": "cass-operator", + "resource_version": "1295", + "uid": "e5322c75-6c05-4e97-90b8-c11bb1c04973" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:33:52+00:00", + "message": "Started container cassandra", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:52+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:52+00:00" + } + ], + "name": "cluster1-test-cluster-default-sts-0.17b780a5a87f086e", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1421", + "self_link": null, + "uid": "e0db1819-cee3-42ef-aa5f-4fd73f7e1873" + }, + "reason": "Started", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker2" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:33:52+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{server-system-logger}", + "kind": "Pod", + "name": "cluster1-test-cluster-default-sts-0", + "namespace": "cass-operator", + "resource_version": "1295", + "uid": "e5322c75-6c05-4e97-90b8-c11bb1c04973" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:33:52+00:00", + "message": "Container image \"k8ssandra/system-logger:v1.10.3\" already present on machine", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:52+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:52+00:00" + } + ], + "name": "cluster1-test-cluster-default-sts-0.17b780a5a882cfa3", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1422", + "self_link": null, + "uid": "cc7a38cf-9598-4e44-b167-124a07ad13d0" + }, + "reason": "Pulled", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker2" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:33:52+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{server-system-logger}", + "kind": "Pod", + "name": "cluster1-test-cluster-default-sts-0", + "namespace": "cass-operator", + "resource_version": "1295", + "uid": "e5322c75-6c05-4e97-90b8-c11bb1c04973" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:33:52+00:00", + "message": "Created container server-system-logger", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:52+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:52+00:00" + } + ], + "name": "cluster1-test-cluster-default-sts-0.17b780a5aaf45d55", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1423", + "self_link": null, + "uid": "57a5a3ce-70e7-4582-9783-f0bf45359f8b" + }, + "reason": "Created", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker2" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:33:52+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{server-system-logger}", + "kind": "Pod", + "name": "cluster1-test-cluster-default-sts-0", + "namespace": "cass-operator", + "resource_version": "1295", + "uid": "e5322c75-6c05-4e97-90b8-c11bb1c04973" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:33:52+00:00", + "message": "Started container server-system-logger", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:52+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:52+00:00" + } + ], + "name": "cluster1-test-cluster-default-sts-0.17b780a5bd908110", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1428", + "self_link": null, + "uid": "6d881074-eac8-4bd5-b1f3-d39d8df00fc1" + }, + "reason": "Started", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker2" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:34:13+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{cassandra}", + "kind": "Pod", + "name": "cluster1-test-cluster-default-sts-0", + "namespace": "cass-operator", + "resource_version": "1295", + "uid": "e5322c75-6c05-4e97-90b8-c11bb1c04973" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:34:13+00:00", + "message": "Readiness probe failed: HTTP probe failed with statuscode: 500", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:34:13+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:34:13+00:00" + } + ], + "name": "cluster1-test-cluster-default-sts-0.17b780aa72320a75", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1519", + "self_link": null, + "uid": "1b4078ca-949a-49f8-a598-93961ca1abc2" + }, + "reason": "Unhealthy", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker2" + }, + "type": "Warning" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:33:34+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "Pod", + "name": "cluster1-test-cluster-default-sts-1", + "namespace": "cass-operator", + "resource_version": "1220", + "uid": "142b87e9-242a-4cad-aa89-7164a010c1b0" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:33:34+00:00", + "message": "Successfully assigned cass-operator/cluster1-test-cluster-default-sts-1 to acto-0-cluster-0-worker", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:34+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-scheduler", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:34+00:00" + } + ], + "name": "cluster1-test-cluster-default-sts-1.17b780a15d79f179", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1313", + "self_link": null, + "uid": "58ff2be0-d2d6-4ae1-ac1c-b03983bcbd76" + }, + "reason": "Scheduled", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "default-scheduler", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 5, + "event_time": null, + "first_timestamp": "2024-02-26T19:33:34+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "Pod", + "name": "cluster1-test-cluster-default-sts-1", + "namespace": "cass-operator", + "resource_version": "1311", + "uid": "142b87e9-242a-4cad-aa89-7164a010c1b0" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:33:41+00:00", + "message": "MountVolume.SetUp failed for volume \"encryption-cred-storage\" : secret \"test-cluster-keystore\" not found", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:34+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:34+00:00" + } + ], + "name": "cluster1-test-cluster-default-sts-1.17b780a1694de523", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1351", + "self_link": null, + "uid": "b0568206-c861-4e7f-a870-dbcec5488e75" + }, + "reason": "FailedMount", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker" + }, + "type": "Warning" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:33:50+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.initContainers{server-config-init}", + "kind": "Pod", + "name": "cluster1-test-cluster-default-sts-1", + "namespace": "cass-operator", + "resource_version": "1311", + "uid": "142b87e9-242a-4cad-aa89-7164a010c1b0" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:33:50+00:00", + "message": "Container image \"datastax/cass-config-builder:1.0.4-ubi7\" already present on machine", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:50+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:50+00:00" + } + ], + "name": "cluster1-test-cluster-default-sts-1.17b780a51bc1c2fa", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1392", + "self_link": null, + "uid": "6732c1f4-acb5-446a-a43a-786f37868b63" + }, + "reason": "Pulled", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:33:50+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.initContainers{server-config-init}", + "kind": "Pod", + "name": "cluster1-test-cluster-default-sts-1", + "namespace": "cass-operator", + "resource_version": "1311", + "uid": "142b87e9-242a-4cad-aa89-7164a010c1b0" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:33:50+00:00", + "message": "Created container server-config-init", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:50+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:50+00:00" + } + ], + "name": "cluster1-test-cluster-default-sts-1.17b780a51d3a910d", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1394", + "self_link": null, + "uid": "a869481c-4ff1-4b18-9740-314adf3e1fd0" + }, + "reason": "Created", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:33:50+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.initContainers{server-config-init}", + "kind": "Pod", + "name": "cluster1-test-cluster-default-sts-1", + "namespace": "cass-operator", + "resource_version": "1311", + "uid": "142b87e9-242a-4cad-aa89-7164a010c1b0" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:33:50+00:00", + "message": "Started container server-config-init", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:50+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:50+00:00" + } + ], + "name": "cluster1-test-cluster-default-sts-1.17b780a52402b159", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1396", + "self_link": null, + "uid": "6d8acc9d-a6bc-4e49-98a8-ec5452e66487" + }, + "reason": "Started", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:33:53+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{cassandra}", + "kind": "Pod", + "name": "cluster1-test-cluster-default-sts-1", + "namespace": "cass-operator", + "resource_version": "1311", + "uid": "142b87e9-242a-4cad-aa89-7164a010c1b0" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:33:53+00:00", + "message": "Container image \"k8ssandra/cass-management-api:3.11.7\" already present on machine", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:53+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:53+00:00" + } + ], + "name": "cluster1-test-cluster-default-sts-1.17b780a5dd7a330d", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1432", + "self_link": null, + "uid": "c8f7b2ea-c833-470c-bd3d-bd9850cd9ccd" + }, + "reason": "Pulled", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:33:53+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{cassandra}", + "kind": "Pod", + "name": "cluster1-test-cluster-default-sts-1", + "namespace": "cass-operator", + "resource_version": "1311", + "uid": "142b87e9-242a-4cad-aa89-7164a010c1b0" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:33:53+00:00", + "message": "Created container cassandra", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:53+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:53+00:00" + } + ], + "name": "cluster1-test-cluster-default-sts-1.17b780a5df942cae", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1436", + "self_link": null, + "uid": "3df7f462-85c1-421f-a8b3-2d5baa76d072" + }, + "reason": "Created", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:33:53+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{cassandra}", + "kind": "Pod", + "name": "cluster1-test-cluster-default-sts-1", + "namespace": "cass-operator", + "resource_version": "1311", + "uid": "142b87e9-242a-4cad-aa89-7164a010c1b0" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:33:53+00:00", + "message": "Started container cassandra", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:53+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:53+00:00" + } + ], + "name": "cluster1-test-cluster-default-sts-1.17b780a5e682c17a", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1440", + "self_link": null, + "uid": "2ecce790-a935-4a75-b181-23041b2bbb62" + }, + "reason": "Started", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:33:53+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{server-system-logger}", + "kind": "Pod", + "name": "cluster1-test-cluster-default-sts-1", + "namespace": "cass-operator", + "resource_version": "1311", + "uid": "142b87e9-242a-4cad-aa89-7164a010c1b0" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:33:53+00:00", + "message": "Container image \"k8ssandra/system-logger:v1.10.3\" already present on machine", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:53+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:53+00:00" + } + ], + "name": "cluster1-test-cluster-default-sts-1.17b780a5e6874381", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1441", + "self_link": null, + "uid": "1b6c4a6a-e87b-46cf-951c-d1b597c80de4" + }, + "reason": "Pulled", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:33:53+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{server-system-logger}", + "kind": "Pod", + "name": "cluster1-test-cluster-default-sts-1", + "namespace": "cass-operator", + "resource_version": "1311", + "uid": "142b87e9-242a-4cad-aa89-7164a010c1b0" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:33:53+00:00", + "message": "Created container server-system-logger", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:53+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:53+00:00" + } + ], + "name": "cluster1-test-cluster-default-sts-1.17b780a5ea6ba1b4", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1443", + "self_link": null, + "uid": "bfe6d9ae-6c8f-42c6-9386-d8b292ae3096" + }, + "reason": "Created", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:33:54+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{server-system-logger}", + "kind": "Pod", + "name": "cluster1-test-cluster-default-sts-1", + "namespace": "cass-operator", + "resource_version": "1311", + "uid": "142b87e9-242a-4cad-aa89-7164a010c1b0" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:33:54+00:00", + "message": "Started container server-system-logger", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:54+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:54+00:00" + } + ], + "name": "cluster1-test-cluster-default-sts-1.17b780a5fe65cf80", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1444", + "self_link": null, + "uid": "f22ff48a-c020-4fab-956a-fa7f4a086401" + }, + "reason": "Started", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 11, + "event_time": null, + "first_timestamp": "2024-02-26T19:34:14+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{cassandra}", + "kind": "Pod", + "name": "cluster1-test-cluster-default-sts-1", + "namespace": "cass-operator", + "resource_version": "1311", + "uid": "142b87e9-242a-4cad-aa89-7164a010c1b0" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:35:34+00:00", + "message": "Readiness probe failed: HTTP probe failed with statuscode: 500", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:34:14+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:34:14+00:00" + } + ], + "name": "cluster1-test-cluster-default-sts-1.17b780aaadf5a195", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1835", + "self_link": null, + "uid": "cb748768-3ef5-45ab-9f03-98f55316f4ad" + }, + "reason": "Unhealthy", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker" + }, + "type": "Warning" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:33:34+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "Pod", + "name": "cluster1-test-cluster-default-sts-2", + "namespace": "cass-operator", + "resource_version": "1230", + "uid": "939bdbbf-0ce4-4888-b71e-12983ba5c9aa" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:33:34+00:00", + "message": "Successfully assigned cass-operator/cluster1-test-cluster-default-sts-2 to acto-0-cluster-0-worker3", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:34+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-scheduler", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:34+00:00" + } + ], + "name": "cluster1-test-cluster-default-sts-2.17b780a15dcbbf74", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1316", + "self_link": null, + "uid": "9d12a848-2f02-4b9e-8f09-e6ddf32d037f" + }, + "reason": "Scheduled", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "default-scheduler", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 5, + "event_time": null, + "first_timestamp": "2024-02-26T19:33:34+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "Pod", + "name": "cluster1-test-cluster-default-sts-2", + "namespace": "cass-operator", + "resource_version": "1314", + "uid": "939bdbbf-0ce4-4888-b71e-12983ba5c9aa" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:33:41+00:00", + "message": "MountVolume.SetUp failed for volume \"encryption-cred-storage\" : secret \"test-cluster-keystore\" not found", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:34+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:34+00:00" + } + ], + "name": "cluster1-test-cluster-default-sts-2.17b780a16d4e9ef7", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1352", + "self_link": null, + "uid": "ecc7ef34-c65d-44a9-9888-3fc2d0972d9f" + }, + "reason": "FailedMount", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker3" + }, + "type": "Warning" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:33:50+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.initContainers{server-config-init}", + "kind": "Pod", + "name": "cluster1-test-cluster-default-sts-2", + "namespace": "cass-operator", + "resource_version": "1314", + "uid": "939bdbbf-0ce4-4888-b71e-12983ba5c9aa" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:33:50+00:00", + "message": "Container image \"datastax/cass-config-builder:1.0.4-ubi7\" already present on machine", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:50+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:50+00:00" + } + ], + "name": "cluster1-test-cluster-default-sts-2.17b780a51bf2e7c3", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1393", + "self_link": null, + "uid": "053e8fd0-2659-4df5-9f59-7e1037d51b20" + }, + "reason": "Pulled", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker3" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:33:50+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.initContainers{server-config-init}", + "kind": "Pod", + "name": "cluster1-test-cluster-default-sts-2", + "namespace": "cass-operator", + "resource_version": "1314", + "uid": "939bdbbf-0ce4-4888-b71e-12983ba5c9aa" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:33:50+00:00", + "message": "Created container server-config-init", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:50+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:50+00:00" + } + ], + "name": "cluster1-test-cluster-default-sts-2.17b780a51d3a91ac", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1395", + "self_link": null, + "uid": "bc68a90a-6904-46d9-999f-3041872fe4af" + }, + "reason": "Created", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker3" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:33:50+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.initContainers{server-config-init}", + "kind": "Pod", + "name": "cluster1-test-cluster-default-sts-2", + "namespace": "cass-operator", + "resource_version": "1314", + "uid": "939bdbbf-0ce4-4888-b71e-12983ba5c9aa" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:33:50+00:00", + "message": "Started container server-config-init", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:50+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:50+00:00" + } + ], + "name": "cluster1-test-cluster-default-sts-2.17b780a5245deddd", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1397", + "self_link": null, + "uid": "89ca76c4-ce99-4180-b1d1-fc9539a5375b" + }, + "reason": "Started", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker3" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:33:53+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{cassandra}", + "kind": "Pod", + "name": "cluster1-test-cluster-default-sts-2", + "namespace": "cass-operator", + "resource_version": "1314", + "uid": "939bdbbf-0ce4-4888-b71e-12983ba5c9aa" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:33:53+00:00", + "message": "Container image \"k8ssandra/cass-management-api:3.11.7\" already present on machine", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:53+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:53+00:00" + } + ], + "name": "cluster1-test-cluster-default-sts-2.17b780a5dd80122e", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1433", + "self_link": null, + "uid": "7be2ab75-3235-4017-8980-faf4753238b1" + }, + "reason": "Pulled", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker3" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:33:53+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{cassandra}", + "kind": "Pod", + "name": "cluster1-test-cluster-default-sts-2", + "namespace": "cass-operator", + "resource_version": "1314", + "uid": "939bdbbf-0ce4-4888-b71e-12983ba5c9aa" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:33:53+00:00", + "message": "Created container cassandra", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:53+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:53+00:00" + } + ], + "name": "cluster1-test-cluster-default-sts-2.17b780a5dfa0cbf7", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1437", + "self_link": null, + "uid": "c5501d58-6d39-4a80-ba86-26c5c830b19b" + }, + "reason": "Created", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker3" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:33:53+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{cassandra}", + "kind": "Pod", + "name": "cluster1-test-cluster-default-sts-2", + "namespace": "cass-operator", + "resource_version": "1314", + "uid": "939bdbbf-0ce4-4888-b71e-12983ba5c9aa" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:33:53+00:00", + "message": "Started container cassandra", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:53+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:53+00:00" + } + ], + "name": "cluster1-test-cluster-default-sts-2.17b780a5e63e8be3", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1438", + "self_link": null, + "uid": "74846a78-8eaa-44eb-bbee-68d37ce60f26" + }, + "reason": "Started", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker3" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:33:53+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{server-system-logger}", + "kind": "Pod", + "name": "cluster1-test-cluster-default-sts-2", + "namespace": "cass-operator", + "resource_version": "1314", + "uid": "939bdbbf-0ce4-4888-b71e-12983ba5c9aa" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:33:53+00:00", + "message": "Container image \"k8ssandra/system-logger:v1.10.3\" already present on machine", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:53+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:53+00:00" + } + ], + "name": "cluster1-test-cluster-default-sts-2.17b780a5e64598fc", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1439", + "self_link": null, + "uid": "3b2a59cd-4e85-41c2-8b84-457076a79598" + }, + "reason": "Pulled", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker3" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:33:53+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{server-system-logger}", + "kind": "Pod", + "name": "cluster1-test-cluster-default-sts-2", + "namespace": "cass-operator", + "resource_version": "1314", + "uid": "939bdbbf-0ce4-4888-b71e-12983ba5c9aa" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:33:53+00:00", + "message": "Created container server-system-logger", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:53+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:53+00:00" + } + ], + "name": "cluster1-test-cluster-default-sts-2.17b780a5e83daedd", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1442", + "self_link": null, + "uid": "a3a2aa2c-c7a0-4de3-9786-43b3b15fc5b1" + }, + "reason": "Created", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker3" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:33:54+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{server-system-logger}", + "kind": "Pod", + "name": "cluster1-test-cluster-default-sts-2", + "namespace": "cass-operator", + "resource_version": "1314", + "uid": "939bdbbf-0ce4-4888-b71e-12983ba5c9aa" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:33:54+00:00", + "message": "Started container server-system-logger", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:54+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:54+00:00" + } + ], + "name": "cluster1-test-cluster-default-sts-2.17b780a5ff7a1be4", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1445", + "self_link": null, + "uid": "d414e2c7-9462-4708-9068-a63c94a86a41" + }, + "reason": "Started", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker3" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 8, + "event_time": null, + "first_timestamp": "2024-02-26T19:34:14+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{cassandra}", + "kind": "Pod", + "name": "cluster1-test-cluster-default-sts-2", + "namespace": "cass-operator", + "resource_version": "1314", + "uid": "939bdbbf-0ce4-4888-b71e-12983ba5c9aa" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:35:14+00:00", + "message": "Readiness probe failed: HTTP probe failed with statuscode: 500", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:34:14+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:34:14+00:00" + } + ], + "name": "cluster1-test-cluster-default-sts-2.17b780aaae4106dc", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1744", + "self_link": null, + "uid": "4bebab18-f4dd-46f1-a843-794853e9e501" + }, + "reason": "Unhealthy", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker3" + }, + "type": "Warning" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:33:30+00:00", + "involved_object": { + "api_version": "apps/v1", + "field_path": null, + "kind": "StatefulSet", + "name": "cluster1-test-cluster-default-sts", + "namespace": "cass-operator", + "resource_version": "1207", + "uid": "f34321ea-cb8c-422e-8e25-043ede05be43" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:33:30+00:00", + "message": "create Claim server-data-cluster1-test-cluster-default-sts-0 Pod cluster1-test-cluster-default-sts-0 in StatefulSet cluster1-test-cluster-default-sts success", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:30+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:30+00:00" + } + ], + "name": "cluster1-test-cluster-default-sts.17b780a06e26817f", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1212", + "self_link": null, + "uid": "f7dfe283-c496-4c38-8911-38e31f24931e" + }, + "reason": "SuccessfulCreate", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "statefulset-controller", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:33:30+00:00", + "involved_object": { + "api_version": "apps/v1", + "field_path": null, + "kind": "StatefulSet", + "name": "cluster1-test-cluster-default-sts", + "namespace": "cass-operator", + "resource_version": "1207", + "uid": "f34321ea-cb8c-422e-8e25-043ede05be43" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:33:30+00:00", + "message": "create Pod cluster1-test-cluster-default-sts-0 in StatefulSet cluster1-test-cluster-default-sts successful", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:30+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:30+00:00" + } + ], + "name": "cluster1-test-cluster-default-sts.17b780a06e551a4b", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1214", + "self_link": null, + "uid": "90201f19-d3fc-4299-a4a2-aca332291e92" + }, + "reason": "SuccessfulCreate", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "statefulset-controller", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:33:30+00:00", + "involved_object": { + "api_version": "apps/v1", + "field_path": null, + "kind": "StatefulSet", + "name": "cluster1-test-cluster-default-sts", + "namespace": "cass-operator", + "resource_version": "1207", + "uid": "f34321ea-cb8c-422e-8e25-043ede05be43" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:33:30+00:00", + "message": "create Claim server-data-cluster1-test-cluster-default-sts-1 Pod cluster1-test-cluster-default-sts-1 in StatefulSet cluster1-test-cluster-default-sts success", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:30+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:30+00:00" + } + ], + "name": "cluster1-test-cluster-default-sts.17b780a06e79efbf", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1218", + "self_link": null, + "uid": "683cd0f0-9dfc-44ac-b46e-c78148e19f9b" + }, + "reason": "SuccessfulCreate", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "statefulset-controller", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:33:30+00:00", + "involved_object": { + "api_version": "apps/v1", + "field_path": null, + "kind": "StatefulSet", + "name": "cluster1-test-cluster-default-sts", + "namespace": "cass-operator", + "resource_version": "1207", + "uid": "f34321ea-cb8c-422e-8e25-043ede05be43" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:33:30+00:00", + "message": "create Pod cluster1-test-cluster-default-sts-1 in StatefulSet cluster1-test-cluster-default-sts successful", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:30+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:30+00:00" + } + ], + "name": "cluster1-test-cluster-default-sts.17b780a06eaf9248", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1222", + "self_link": null, + "uid": "145cfbe8-7ef9-4856-b4cf-f0001e0f694b" + }, + "reason": "SuccessfulCreate", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "statefulset-controller", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:33:30+00:00", + "involved_object": { + "api_version": "apps/v1", + "field_path": null, + "kind": "StatefulSet", + "name": "cluster1-test-cluster-default-sts", + "namespace": "cass-operator", + "resource_version": "1207", + "uid": "f34321ea-cb8c-422e-8e25-043ede05be43" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:33:30+00:00", + "message": "create Claim server-data-cluster1-test-cluster-default-sts-2 Pod cluster1-test-cluster-default-sts-2 in StatefulSet cluster1-test-cluster-default-sts success", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:30+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:30+00:00" + } + ], + "name": "cluster1-test-cluster-default-sts.17b780a06ee3bf95", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1227", + "self_link": null, + "uid": "e59f51f5-d0eb-4229-b726-98d1db91fa1e" + }, + "reason": "SuccessfulCreate", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "statefulset-controller", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:33:30+00:00", + "involved_object": { + "api_version": "apps/v1", + "field_path": null, + "kind": "StatefulSet", + "name": "cluster1-test-cluster-default-sts", + "namespace": "cass-operator", + "resource_version": "1207", + "uid": "f34321ea-cb8c-422e-8e25-043ede05be43" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:33:30+00:00", + "message": "create Pod cluster1-test-cluster-default-sts-2 in StatefulSet cluster1-test-cluster-default-sts successful", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:30+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:30+00:00" + } + ], + "name": "cluster1-test-cluster-default-sts.17b780a06f198f10", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1234", + "self_link": null, + "uid": "3fb7b81a-b237-404a-927c-52cf6a16a725" + }, + "reason": "SuccessfulCreate", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "statefulset-controller", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:33:50+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "Endpoints", + "name": "cluster1-test-cluster-service", + "namespace": "cass-operator", + "resource_version": "1389", + "uid": "279f15dd-d046-4501-a5a5-365b12a8c9a8" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:33:50+00:00", + "message": "Failed to update endpoint cass-operator/cluster1-test-cluster-service: Operation cannot be fulfilled on endpoints \"cluster1-test-cluster-service\": the object has been modified; please apply your changes to the latest version and try again", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:50+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:50+00:00" + } + ], + "name": "cluster1-test-cluster-service.17b780a52bc733ad", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1407", + "self_link": null, + "uid": "292392ad-89ce-4211-a0eb-a7a2629fc28e" + }, + "reason": "FailedToUpdateEndpoint", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "endpoint-controller", + "host": null + }, + "type": "Warning" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:33:30+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "PersistentVolumeClaim", + "name": "server-data-cluster1-test-cluster-default-sts-0", + "namespace": "cass-operator", + "resource_version": "1211", + "uid": "b78a30f1-4bf6-43d3-9df5-d10275907d6f" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:33:30+00:00", + "message": "waiting for first consumer to be created before binding", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:30+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:30+00:00" + } + ], + "name": "server-data-cluster1-test-cluster-default-sts-0.17b780a06e489826", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1221", + "self_link": null, + "uid": "7ba031c3-0084-4533-b025-c2842ead249d" + }, + "reason": "WaitForFirstConsumer", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "persistentvolume-controller", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 2, + "event_time": null, + "first_timestamp": "2024-02-26T19:33:30+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "PersistentVolumeClaim", + "name": "server-data-cluster1-test-cluster-default-sts-0", + "namespace": "cass-operator", + "resource_version": "1226", + "uid": "b78a30f1-4bf6-43d3-9df5-d10275907d6f" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:33:30+00:00", + "message": "waiting for a volume to be created, either by external provisioner \"rancher.io/local-path\" or manually created by system administrator", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:30+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:30+00:00" + } + ], + "name": "server-data-cluster1-test-cluster-default-sts-0.17b780a06ef29aec", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1249", + "self_link": null, + "uid": "dde21c64-ab1c-4319-9122-07b17eeb84f8" + }, + "reason": "ExternalProvisioning", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "persistentvolume-controller", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:33:30+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "PersistentVolumeClaim", + "name": "server-data-cluster1-test-cluster-default-sts-0", + "namespace": "cass-operator", + "resource_version": "1226", + "uid": "b78a30f1-4bf6-43d3-9df5-d10275907d6f" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:33:30+00:00", + "message": "External provisioner is provisioning volume for claim \"cass-operator/server-data-cluster1-test-cluster-default-sts-0\"", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:30+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "local-path-provisioner", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:30+00:00" + } + ], + "name": "server-data-cluster1-test-cluster-default-sts-0.17b780a06f34d42c", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1236", + "self_link": null, + "uid": "ce9ebbd7-70ec-4490-b651-1b12349187ca" + }, + "reason": "Provisioning", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "rancher.io/local-path_local-path-provisioner-5bb5788f44-7cpkm_5decbb85-8e4d-4409-9f33-7841251db022", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:33:32+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "PersistentVolumeClaim", + "name": "server-data-cluster1-test-cluster-default-sts-0", + "namespace": "cass-operator", + "resource_version": "1226", + "uid": "b78a30f1-4bf6-43d3-9df5-d10275907d6f" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:33:32+00:00", + "message": "Successfully provisioned volume pvc-b78a30f1-4bf6-43d3-9df5-d10275907d6f", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:32+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "local-path-provisioner", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:32+00:00" + } + ], + "name": "server-data-cluster1-test-cluster-default-sts-0.17b780a0f24a67bc", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1289", + "self_link": null, + "uid": "61c16445-7b15-48eb-8e23-755717e21bd7" + }, + "reason": "ProvisioningSucceeded", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "rancher.io/local-path_local-path-provisioner-5bb5788f44-7cpkm_5decbb85-8e4d-4409-9f33-7841251db022", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:33:30+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "PersistentVolumeClaim", + "name": "server-data-cluster1-test-cluster-default-sts-1", + "namespace": "cass-operator", + "resource_version": "1216", + "uid": "5921cc87-b65e-4389-9c27-bfd4674f40dc" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:33:30+00:00", + "message": "waiting for first consumer to be created before binding", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:30+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:30+00:00" + } + ], + "name": "server-data-cluster1-test-cluster-default-sts-1.17b780a06e7b2649", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1224", + "self_link": null, + "uid": "68004291-8d01-4969-95e9-fd2b609442e1" + }, + "reason": "WaitForFirstConsumer", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "persistentvolume-controller", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 2, + "event_time": null, + "first_timestamp": "2024-02-26T19:33:30+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "PersistentVolumeClaim", + "name": "server-data-cluster1-test-cluster-default-sts-1", + "namespace": "cass-operator", + "resource_version": "1229", + "uid": "5921cc87-b65e-4389-9c27-bfd4674f40dc" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:33:30+00:00", + "message": "waiting for a volume to be created, either by external provisioner \"rancher.io/local-path\" or manually created by system administrator", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:30+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:30+00:00" + } + ], + "name": "server-data-cluster1-test-cluster-default-sts-1.17b780a06efe266e", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1250", + "self_link": null, + "uid": "6d176d05-4720-46d8-94d5-bda0666c1dd5" + }, + "reason": "ExternalProvisioning", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "persistentvolume-controller", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:33:30+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "PersistentVolumeClaim", + "name": "server-data-cluster1-test-cluster-default-sts-1", + "namespace": "cass-operator", + "resource_version": "1229", + "uid": "5921cc87-b65e-4389-9c27-bfd4674f40dc" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:33:30+00:00", + "message": "External provisioner is provisioning volume for claim \"cass-operator/server-data-cluster1-test-cluster-default-sts-1\"", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:30+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "local-path-provisioner", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:30+00:00" + } + ], + "name": "server-data-cluster1-test-cluster-default-sts-1.17b780a06f4457c0", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1238", + "self_link": null, + "uid": "06c43b28-8afa-4ddb-ad9b-32ae9f664d9d" + }, + "reason": "Provisioning", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "rancher.io/local-path_local-path-provisioner-5bb5788f44-7cpkm_5decbb85-8e4d-4409-9f33-7841251db022", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:33:33+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "PersistentVolumeClaim", + "name": "server-data-cluster1-test-cluster-default-sts-1", + "namespace": "cass-operator", + "resource_version": "1229", + "uid": "5921cc87-b65e-4389-9c27-bfd4674f40dc" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:33:33+00:00", + "message": "Successfully provisioned volume pvc-5921cc87-b65e-4389-9c27-bfd4674f40dc", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:33+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "local-path-provisioner", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:33+00:00" + } + ], + "name": "server-data-cluster1-test-cluster-default-sts-1.17b780a121e126d8", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1305", + "self_link": null, + "uid": "4ae95be4-0eae-4956-92c9-f05dc064bcb6" + }, + "reason": "ProvisioningSucceeded", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "rancher.io/local-path_local-path-provisioner-5bb5788f44-7cpkm_5decbb85-8e4d-4409-9f33-7841251db022", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:33:30+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "PersistentVolumeClaim", + "name": "server-data-cluster1-test-cluster-default-sts-2", + "namespace": "cass-operator", + "resource_version": "1223", + "uid": "46c1b026-ace4-4bb1-83b7-39b6f5a2cb7f" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:33:30+00:00", + "message": "waiting for first consumer to be created before binding", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:30+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:30+00:00" + } + ], + "name": "server-data-cluster1-test-cluster-default-sts-2.17b780a06ee0bbbc", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1228", + "self_link": null, + "uid": "b5416c3f-7ce0-4d5f-affa-fe11ff08ebd3" + }, + "reason": "WaitForFirstConsumer", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "persistentvolume-controller", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 2, + "event_time": null, + "first_timestamp": "2024-02-26T19:33:30+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "PersistentVolumeClaim", + "name": "server-data-cluster1-test-cluster-default-sts-2", + "namespace": "cass-operator", + "resource_version": "1237", + "uid": "46c1b026-ace4-4bb1-83b7-39b6f5a2cb7f" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:33:30+00:00", + "message": "waiting for a volume to be created, either by external provisioner \"rancher.io/local-path\" or manually created by system administrator", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:30+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:30+00:00" + } + ], + "name": "server-data-cluster1-test-cluster-default-sts-2.17b780a06f841708", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1251", + "self_link": null, + "uid": "4c51198a-d64d-49ca-af5c-6d71d18fea84" + }, + "reason": "ExternalProvisioning", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "persistentvolume-controller", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:33:30+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "PersistentVolumeClaim", + "name": "server-data-cluster1-test-cluster-default-sts-2", + "namespace": "cass-operator", + "resource_version": "1237", + "uid": "46c1b026-ace4-4bb1-83b7-39b6f5a2cb7f" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:33:30+00:00", + "message": "External provisioner is provisioning volume for claim \"cass-operator/server-data-cluster1-test-cluster-default-sts-2\"", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:30+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "local-path-provisioner", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:30+00:00" + } + ], + "name": "server-data-cluster1-test-cluster-default-sts-2.17b780a06fa73a23", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1248", + "self_link": null, + "uid": "5045f6be-2f45-4ca6-bdbb-a4f421d125e2" + }, + "reason": "Provisioning", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "rancher.io/local-path_local-path-provisioner-5bb5788f44-7cpkm_5decbb85-8e4d-4409-9f33-7841251db022", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:33:33+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "PersistentVolumeClaim", + "name": "server-data-cluster1-test-cluster-default-sts-2", + "namespace": "cass-operator", + "resource_version": "1237", + "uid": "46c1b026-ace4-4bb1-83b7-39b6f5a2cb7f" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:33:33+00:00", + "message": "Successfully provisioned volume pvc-46c1b026-ace4-4bb1-83b7-39b6f5a2cb7f", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:34+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "local-path-provisioner", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:34+00:00" + } + ], + "name": "server-data-cluster1-test-cluster-default-sts-2.17b780a145a9b68a", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1312", + "self_link": null, + "uid": "196abf14-5639-4ec5-b109-87a85b82cd74" + }, + "reason": "ProvisioningSucceeded", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "rancher.io/local-path_local-path-provisioner-5bb5788f44-7cpkm_5decbb85-8e4d-4409-9f33-7841251db022", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:33:30+00:00", + "involved_object": { + "api_version": "cassandra.datastax.com/v1beta1", + "field_path": null, + "kind": "CassandraDatacenter", + "name": "test-cluster", + "namespace": "cass-operator", + "resource_version": "1189", + "uid": "9b81ee5e-f473-4cc4-8eba-88b9581a973d" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:33:30+00:00", + "message": "Created service cluster1-test-cluster-service", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:30+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:30+00:00" + } + ], + "name": "test-cluster.17b780a066874845", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1192", + "self_link": null, + "uid": "97a5d22a-895f-4434-9101-43fcc4823e86" + }, + "reason": "CreatedResource", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "cass-operator", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:33:30+00:00", + "involved_object": { + "api_version": "cassandra.datastax.com/v1beta1", + "field_path": null, + "kind": "CassandraDatacenter", + "name": "test-cluster", + "namespace": "cass-operator", + "resource_version": "1189", + "uid": "9b81ee5e-f473-4cc4-8eba-88b9581a973d" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:33:30+00:00", + "message": "Created service cluster1-seed-service", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:30+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:30+00:00" + } + ], + "name": "test-cluster.17b780a0669f50af", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1194", + "self_link": null, + "uid": "0cca2b0f-8083-4312-93c9-c42725b01abd" + }, + "reason": "CreatedResource", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "cass-operator", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:33:30+00:00", + "involved_object": { + "api_version": "cassandra.datastax.com/v1beta1", + "field_path": null, + "kind": "CassandraDatacenter", + "name": "test-cluster", + "namespace": "cass-operator", + "resource_version": "1189", + "uid": "9b81ee5e-f473-4cc4-8eba-88b9581a973d" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:33:30+00:00", + "message": "Created service cluster1-test-cluster-all-pods-service", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:30+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:30+00:00" + } + ], + "name": "test-cluster.17b780a066c4b8d1", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1199", + "self_link": null, + "uid": "ca6a40d2-bade-4084-a30c-7d0b0880f212" + }, + "reason": "CreatedResource", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "cass-operator", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:33:30+00:00", + "involved_object": { + "api_version": "cassandra.datastax.com/v1beta1", + "field_path": null, + "kind": "CassandraDatacenter", + "name": "test-cluster", + "namespace": "cass-operator", + "resource_version": "1189", + "uid": "9b81ee5e-f473-4cc4-8eba-88b9581a973d" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:33:30+00:00", + "message": "Created service cluster1-test-cluster-additional-seed-service", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:30+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:30+00:00" + } + ], + "name": "test-cluster.17b780a066ea4c1e", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1203", + "self_link": null, + "uid": "88ed55d6-8b36-4988-bcc3-0e659fe0fcc2" + }, + "reason": "CreatedResource", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "cass-operator", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:33:30+00:00", + "involved_object": { + "api_version": "cassandra.datastax.com/v1beta1", + "field_path": null, + "kind": "CassandraDatacenter", + "name": "test-cluster", + "namespace": "cass-operator", + "resource_version": "1206", + "uid": "9b81ee5e-f473-4cc4-8eba-88b9581a973d" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:33:30+00:00", + "message": "Created statefulset cluster1-test-cluster-default-sts", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:30+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:30+00:00" + } + ], + "name": "test-cluster.17b780a06d762f64", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1208", + "self_link": null, + "uid": "c5bca11a-22ea-43bb-a070-e6fe76df5b04" + }, + "reason": "CreatedResource", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "cass-operator", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:34:03+00:00", + "involved_object": { + "api_version": "cassandra.datastax.com/v1beta1", + "field_path": null, + "kind": "CassandraDatacenter", + "name": "test-cluster", + "namespace": "cass-operator", + "resource_version": "1369", + "uid": "9b81ee5e-f473-4cc4-8eba-88b9581a973d" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:34:03+00:00", + "message": "Labeled pod a seed node cluster1-test-cluster-default-sts-0", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:34:03+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:34:03+00:00" + } + ], + "name": "test-cluster.17b780a81c8d4c8f", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1484", + "self_link": null, + "uid": "998a1bed-463d-45f2-b01d-48efe5d0a190" + }, + "reason": "LabeledPodAsSeed", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "cass-operator", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:34:08+00:00", + "involved_object": { + "api_version": "cassandra.datastax.com/v1beta1", + "field_path": null, + "kind": "CassandraDatacenter", + "name": "test-cluster", + "namespace": "cass-operator", + "resource_version": "1369", + "uid": "9b81ee5e-f473-4cc4-8eba-88b9581a973d" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:34:08+00:00", + "message": "Starting Cassandra for pod cluster1-test-cluster-default-sts-0", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:34:08+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:34:08+00:00" + } + ], + "name": "test-cluster.17b780a9469c0a3e", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1498", + "self_link": null, + "uid": "7fe54c6f-790e-4b33-8af1-8cb0489c44d4" + }, + "reason": "StartingCassandra", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "cass-operator", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:34:28+00:00", + "involved_object": { + "api_version": "cassandra.datastax.com/v1beta1", + "field_path": null, + "kind": "CassandraDatacenter", + "name": "test-cluster", + "namespace": "cass-operator", + "resource_version": "1579", + "uid": "9b81ee5e-f473-4cc4-8eba-88b9581a973d" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:34:28+00:00", + "message": "Started Cassandra for pod cluster1-test-cluster-default-sts-0", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:34:28+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:34:28+00:00" + } + ], + "name": "test-cluster.17b780adfc8b0101", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1580", + "self_link": null, + "uid": "3bd20f2d-8c01-46c0-ba2d-1750a96f8bc4" + }, + "reason": "StartedCassandra", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "cass-operator", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:34:28+00:00", + "involved_object": { + "api_version": "cassandra.datastax.com/v1beta1", + "field_path": null, + "kind": "CassandraDatacenter", + "name": "test-cluster", + "namespace": "cass-operator", + "resource_version": "1579", + "uid": "9b81ee5e-f473-4cc4-8eba-88b9581a973d" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:34:28+00:00", + "message": "Starting Cassandra for pod cluster1-test-cluster-default-sts-2", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:34:28+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:34:28+00:00" + } + ], + "name": "test-cluster.17b780adfd764234", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1582", + "self_link": null, + "uid": "ab2a8a84-00d7-4192-a06e-436cfe07dd07" + }, + "reason": "StartingCassandra", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "cass-operator", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:35:24+00:00", + "involved_object": { + "api_version": "cassandra.datastax.com/v1beta1", + "field_path": null, + "kind": "CassandraDatacenter", + "name": "test-cluster", + "namespace": "cass-operator", + "resource_version": "1754", + "uid": "9b81ee5e-f473-4cc4-8eba-88b9581a973d" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:35:24+00:00", + "message": "Labeled as seed node pod cluster1-test-cluster-default-sts-2", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:35:24+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:35:24+00:00" + } + ], + "name": "test-cluster.17b780bafbb78bd5", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1788", + "self_link": null, + "uid": "2bec650e-773b-4163-8af3-7c83189c4f16" + }, + "reason": "LabeledPodAsSeed", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "cass-operator", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:35:24+00:00", + "involved_object": { + "api_version": "cassandra.datastax.com/v1beta1", + "field_path": null, + "kind": "CassandraDatacenter", + "name": "test-cluster", + "namespace": "cass-operator", + "resource_version": "1754", + "uid": "9b81ee5e-f473-4cc4-8eba-88b9581a973d" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:35:24+00:00", + "message": "Started Cassandra for pod cluster1-test-cluster-default-sts-2", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:35:24+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:35:24+00:00" + } + ], + "name": "test-cluster.17b780bafc714add", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1792", + "self_link": null, + "uid": "f8695ae9-6665-435c-b47f-5a59274a477a" + }, + "reason": "StartedCassandra", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "cass-operator", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:35:24+00:00", + "involved_object": { + "api_version": "cassandra.datastax.com/v1beta1", + "field_path": null, + "kind": "CassandraDatacenter", + "name": "test-cluster", + "namespace": "cass-operator", + "resource_version": "1754", + "uid": "9b81ee5e-f473-4cc4-8eba-88b9581a973d" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:35:24+00:00", + "message": "Starting Cassandra for pod cluster1-test-cluster-default-sts-1", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:35:24+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:35:24+00:00" + } + ], + "name": "test-cluster.17b780bafddb8a91", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1794", + "self_link": null, + "uid": "a9935a16-b449-4a4e-9595-0faa7fbdd5fb" + }, + "reason": "StartingCassandra", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "cass-operator", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:36:14+00:00", + "involved_object": { + "api_version": "cassandra.datastax.com/v1beta1", + "field_path": null, + "kind": "CassandraDatacenter", + "name": "test-cluster", + "namespace": "cass-operator", + "resource_version": "1960", + "uid": "9b81ee5e-f473-4cc4-8eba-88b9581a973d" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:36:14+00:00", + "message": "Labeled as seed node pod cluster1-test-cluster-default-sts-1", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:36:14+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:36:14+00:00" + } + ], + "name": "test-cluster.17b780c6a00d148f", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1971", + "self_link": null, + "uid": "fa01b29e-301f-49d8-85eb-409b94f5e8b5" + }, + "reason": "LabeledPodAsSeed", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "cass-operator", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:36:14+00:00", + "involved_object": { + "api_version": "cassandra.datastax.com/v1beta1", + "field_path": null, + "kind": "CassandraDatacenter", + "name": "test-cluster", + "namespace": "cass-operator", + "resource_version": "1960", + "uid": "9b81ee5e-f473-4cc4-8eba-88b9581a973d" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:36:14+00:00", + "message": "Started Cassandra for pod cluster1-test-cluster-default-sts-1", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:36:14+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:36:14+00:00" + } + ], + "name": "test-cluster.17b780c6a0e8a98c", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1975", + "self_link": null, + "uid": "8a7cdd6c-9e2c-4950-b4c0-c9d5ae5eb2ab" + }, + "reason": "StartedCassandra", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "cass-operator", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:36:14+00:00", + "involved_object": { + "api_version": "cassandra.datastax.com/v1beta1", + "field_path": null, + "kind": "CassandraDatacenter", + "name": "test-cluster", + "namespace": "cass-operator", + "resource_version": "1960", + "uid": "9b81ee5e-f473-4cc4-8eba-88b9581a973d" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:36:14+00:00", + "message": "Created PodDisruptionBudget test-cluster-pdb", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:36:14+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:36:14+00:00" + } + ], + "name": "test-cluster.17b780c6a2662eec", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1978", + "self_link": null, + "uid": "da2043b8-26d5-4cdf-a5bf-9b0e4bd6a3d5" + }, + "reason": "CreatedResource", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "cass-operator", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 8, + "event_time": null, + "first_timestamp": "2024-02-26T19:36:14+00:00", + "involved_object": { + "api_version": "cassandra.datastax.com/v1beta1", + "field_path": null, + "kind": "CassandraDatacenter", + "name": "test-cluster", + "namespace": "cass-operator", + "resource_version": "1960", + "uid": "9b81ee5e-f473-4cc4-8eba-88b9581a973d" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:39:17+00:00", + "message": "Created users", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:36:14+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:36:14+00:00" + } + ], + "name": "test-cluster.17b780c6a7392ced", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "2621", + "self_link": null, + "uid": "ef0d5f06-0ac9-46ad-88ee-6e0a27702fd1" + }, + "reason": "CreatedUsers", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "cass-operator", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 5, + "event_time": null, + "first_timestamp": "2024-02-26T19:36:14+00:00", + "involved_object": { + "api_version": "cassandra.datastax.com/v1beta1", + "field_path": null, + "kind": "CassandraDatacenter", + "name": "test-cluster", + "namespace": "cass-operator", + "resource_version": "1960", + "uid": "9b81ee5e-f473-4cc4-8eba-88b9581a973d" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:37:15+00:00", + "message": "Created superuser", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:36:14+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:36:14+00:00" + } + ], + "name": "test-cluster.17b780c6a739537f", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "2212", + "self_link": null, + "uid": "99eff182-881b-4e69-8647-7cd0d1345d44" + }, + "reason": "CreatedSuperuser", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "cass-operator", + "host": null + }, + "type": "Normal" + } + ], + "kind": "EventList", + "metadata": { + "_continue": null, + "remaining_item_count": null, + "resource_version": "2820", + "self_link": null + } +} diff --git a/docs/alarm_examples/true_alarm/events-000.json b/docs/alarm_examples/true_alarm/events-000.json new file mode 100644 index 0000000000..29eeb87a26 --- /dev/null +++ b/docs/alarm_examples/true_alarm/events-000.json @@ -0,0 +1,6753 @@ +{ + "api_version": "v1", + "items": [ + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:32:50+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "ConfigMap", + "name": "b569adb7.cassandra.datastax.com", + "namespace": "cass-operator", + "resource_version": "1013", + "uid": "addfb43f-462e-43d9-8c36-adfb859f3c69" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:32:50+00:00", + "message": "cass-operator-controller-manager-7d7f55d9cb-bmhtv_7c812c80-59b2-4c52-8c15-f2a5793780b0 became leader", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:32:50+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:32:50+00:00" + } + ], + "name": "b569adb7.cassandra.datastax.com.17b78097228fa12d", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1015", + "self_link": null, + "uid": "b8dad311-fdd0-4191-9d22-407f76d95127" + }, + "reason": "LeaderElection", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "cass-operator-controller-manager-7d7f55d9cb-bmhtv_7c812c80-59b2-4c52-8c15-f2a5793780b0", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:32:50+00:00", + "involved_object": { + "api_version": "coordination.k8s.io/v1", + "field_path": null, + "kind": "Lease", + "name": "b569adb7.cassandra.datastax.com", + "namespace": "cass-operator", + "resource_version": "1014", + "uid": "2c322f6d-370b-40cf-8edb-07813ca2f90f" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:32:50+00:00", + "message": "cass-operator-controller-manager-7d7f55d9cb-bmhtv_7c812c80-59b2-4c52-8c15-f2a5793780b0 became leader", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:32:50+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:32:50+00:00" + } + ], + "name": "b569adb7.cassandra.datastax.com.17b78097228fb73e", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1016", + "self_link": null, + "uid": "8dfbd7f0-567d-401f-94ac-38fa4938f6c3" + }, + "reason": "LeaderElection", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "cass-operator-controller-manager-7d7f55d9cb-bmhtv_7c812c80-59b2-4c52-8c15-f2a5793780b0", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:33:24+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "ConfigMap", + "name": "b569adb7.cassandra.datastax.com", + "namespace": "cass-operator", + "resource_version": "1168", + "uid": "addfb43f-462e-43d9-8c36-adfb859f3c69" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:33:24+00:00", + "message": "cass-operator-controller-manager-7f9b66678b-z6j64_6c9b4450-3b5f-46e2-b713-650dfa0b8f7f became leader", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:24+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:24+00:00" + } + ], + "name": "b569adb7.cassandra.datastax.com.17b7809f22396f65", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1170", + "self_link": null, + "uid": "e8671371-f71c-4106-afa0-d97fa580b917" + }, + "reason": "LeaderElection", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "cass-operator-controller-manager-7f9b66678b-z6j64_6c9b4450-3b5f-46e2-b713-650dfa0b8f7f", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:33:24+00:00", + "involved_object": { + "api_version": "coordination.k8s.io/v1", + "field_path": null, + "kind": "Lease", + "name": "b569adb7.cassandra.datastax.com", + "namespace": "cass-operator", + "resource_version": "1169", + "uid": "2c322f6d-370b-40cf-8edb-07813ca2f90f" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:33:24+00:00", + "message": "cass-operator-controller-manager-7f9b66678b-z6j64_6c9b4450-3b5f-46e2-b713-650dfa0b8f7f became leader", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:24+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:24+00:00" + } + ], + "name": "b569adb7.cassandra.datastax.com.17b7809f223985ee", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1171", + "self_link": null, + "uid": "b2ee970c-9b43-4094-9ab2-3af5e3f158e0" + }, + "reason": "LeaderElection", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "cass-operator-controller-manager-7f9b66678b-z6j64_6c9b4450-3b5f-46e2-b713-650dfa0b8f7f", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:32:48+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "Pod", + "name": "cass-operator-controller-manager-7d7f55d9cb-bmhtv", + "namespace": "cass-operator", + "resource_version": "970", + "uid": "6f9e04c8-3c2b-4e7e-a554-91a903b003b3" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:32:48+00:00", + "message": "Successfully assigned cass-operator/cass-operator-controller-manager-7d7f55d9cb-bmhtv to acto-0-cluster-0-worker3", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:32:48+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-scheduler", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:32:48+00:00" + } + ], + "name": "cass-operator-controller-manager-7d7f55d9cb-bmhtv.17b78096d8cd91c5", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "978", + "self_link": null, + "uid": "2035ec1e-9bc3-4a85-aec9-6d6c86710bbc" + }, + "reason": "Scheduled", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "default-scheduler", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:32:49+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{manager}", + "kind": "Pod", + "name": "cass-operator-controller-manager-7d7f55d9cb-bmhtv", + "namespace": "cass-operator", + "resource_version": "975", + "uid": "6f9e04c8-3c2b-4e7e-a554-91a903b003b3" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:32:49+00:00", + "message": "Container image \"k8ssandra/cass-operator:v1.10.3\" already present on machine", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:32:49+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:32:49+00:00" + } + ], + "name": "cass-operator-controller-manager-7d7f55d9cb-bmhtv.17b78096f96dd470", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1009", + "self_link": null, + "uid": "853bdd4c-0e95-44ff-9703-575ea7517897" + }, + "reason": "Pulled", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker3" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:32:49+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{manager}", + "kind": "Pod", + "name": "cass-operator-controller-manager-7d7f55d9cb-bmhtv", + "namespace": "cass-operator", + "resource_version": "975", + "uid": "6f9e04c8-3c2b-4e7e-a554-91a903b003b3" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:32:49+00:00", + "message": "Created container manager", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:32:49+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:32:49+00:00" + } + ], + "name": "cass-operator-controller-manager-7d7f55d9cb-bmhtv.17b78096faeddc79", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1010", + "self_link": null, + "uid": "f2856902-e7c0-4ce3-983b-51cb0b84a506" + }, + "reason": "Created", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker3" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:32:49+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{manager}", + "kind": "Pod", + "name": "cass-operator-controller-manager-7d7f55d9cb-bmhtv", + "namespace": "cass-operator", + "resource_version": "975", + "uid": "6f9e04c8-3c2b-4e7e-a554-91a903b003b3" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:32:49+00:00", + "message": "Started container manager", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:32:49+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:32:49+00:00" + } + ], + "name": "cass-operator-controller-manager-7d7f55d9cb-bmhtv.17b7809705fa09e5", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1011", + "self_link": null, + "uid": "1cebfee3-0e13-40c5-8fb5-022bfb09a861" + }, + "reason": "Started", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker3" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 2, + "event_time": null, + "first_timestamp": "2024-02-26T19:33:09+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{manager}", + "kind": "Pod", + "name": "cass-operator-controller-manager-7d7f55d9cb-bmhtv", + "namespace": "cass-operator", + "resource_version": "975", + "uid": "6f9e04c8-3c2b-4e7e-a554-91a903b003b3" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:33:10+00:00", + "message": "Stopping container manager", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:09+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:09+00:00" + } + ], + "name": "cass-operator-controller-manager-7d7f55d9cb-bmhtv.17b7809b8db02ac9", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1132", + "self_link": null, + "uid": "c996222b-b180-43eb-8fbc-dc23b4d5c1fc" + }, + "reason": "Killing", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker3" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:33:10+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "Pod", + "name": "cass-operator-controller-manager-7d7f55d9cb-bmhtv", + "namespace": "cass-operator", + "resource_version": null, + "uid": "6f9e04c8-3c2b-4e7e-a554-91a903b003b3" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:33:10+00:00", + "message": "error killing pod: failed to \"KillContainer\" for \"manager\" with KillContainerError: \"rpc error: code = NotFound desc = an error occurred when try to find container \\\"5049ea9c3b39c3c6b2d233d60ea6844ac7c639d74b059bb19b3184a81826054a\\\": not found\"", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:10+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:10+00:00" + } + ], + "name": "cass-operator-controller-manager-7d7f55d9cb-bmhtv.17b7809bd13088c2", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1133", + "self_link": null, + "uid": "d056050b-2504-40ed-b685-29b5c5bda261" + }, + "reason": "FailedKillPod", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker3" + }, + "type": "Warning" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:32:48+00:00", + "involved_object": { + "api_version": "apps/v1", + "field_path": null, + "kind": "ReplicaSet", + "name": "cass-operator-controller-manager-7d7f55d9cb", + "namespace": "cass-operator", + "resource_version": "968", + "uid": "ee16aea5-90e7-406a-9292-16f719430a3b" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:32:48+00:00", + "message": "Created pod: cass-operator-controller-manager-7d7f55d9cb-bmhtv", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:32:48+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:32:48+00:00" + } + ], + "name": "cass-operator-controller-manager-7d7f55d9cb.17b78096d83edc14", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "976", + "self_link": null, + "uid": "357898ad-75c6-4582-bd5f-5ee4bbd508e2" + }, + "reason": "SuccessfulCreate", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "replicaset-controller", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:33:09+00:00", + "involved_object": { + "api_version": "apps/v1", + "field_path": null, + "kind": "ReplicaSet", + "name": "cass-operator-controller-manager-7d7f55d9cb", + "namespace": "cass-operator", + "resource_version": "1114", + "uid": "ee16aea5-90e7-406a-9292-16f719430a3b" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:33:09+00:00", + "message": "Deleted pod: cass-operator-controller-manager-7d7f55d9cb-bmhtv", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:09+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:09+00:00" + } + ], + "name": "cass-operator-controller-manager-7d7f55d9cb.17b7809b8db4ebf2", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1120", + "self_link": null, + "uid": "a260413d-6424-4677-b2e3-c33b4bcffc4c" + }, + "reason": "SuccessfulDelete", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "replicaset-controller", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:32:59+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "Pod", + "name": "cass-operator-controller-manager-7f9b66678b-z6j64", + "namespace": "cass-operator", + "resource_version": "1060", + "uid": "cb769fc5-2138-4ed6-a67a-6809b9982242" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:32:59+00:00", + "message": "Successfully assigned cass-operator/cass-operator-controller-manager-7f9b66678b-z6j64 to acto-0-cluster-0-worker3", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:32:59+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-scheduler", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:32:59+00:00" + } + ], + "name": "cass-operator-controller-manager-7f9b66678b-z6j64.17b7809937c3ec2e", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1065", + "self_link": null, + "uid": "64d08747-8d0c-4a1a-b4f9-098865badd25" + }, + "reason": "Scheduled", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "default-scheduler", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:32:59+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{manager}", + "kind": "Pod", + "name": "cass-operator-controller-manager-7f9b66678b-z6j64", + "namespace": "cass-operator", + "resource_version": "1062", + "uid": "cb769fc5-2138-4ed6-a67a-6809b9982242" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:32:59+00:00", + "message": "Container image \"k8ssandra/cass-operator:v1.10.3\" already present on machine", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:32:59+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:32:59+00:00" + } + ], + "name": "cass-operator-controller-manager-7f9b66678b-z6j64.17b78099548fba25", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1071", + "self_link": null, + "uid": "581e9943-0d55-45f3-9dd2-c3e0c9c43133" + }, + "reason": "Pulled", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker3" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:32:59+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{manager}", + "kind": "Pod", + "name": "cass-operator-controller-manager-7f9b66678b-z6j64", + "namespace": "cass-operator", + "resource_version": "1062", + "uid": "cb769fc5-2138-4ed6-a67a-6809b9982242" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:32:59+00:00", + "message": "Created container manager", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:32:59+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:32:59+00:00" + } + ], + "name": "cass-operator-controller-manager-7f9b66678b-z6j64.17b7809955c82176", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1072", + "self_link": null, + "uid": "ce832a39-64ed-474e-bf45-858b7ced15db" + }, + "reason": "Created", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker3" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:32:59+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{manager}", + "kind": "Pod", + "name": "cass-operator-controller-manager-7f9b66678b-z6j64", + "namespace": "cass-operator", + "resource_version": "1062", + "uid": "cb769fc5-2138-4ed6-a67a-6809b9982242" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:32:59+00:00", + "message": "Started container manager", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:32:59+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:32:59+00:00" + } + ], + "name": "cass-operator-controller-manager-7f9b66678b-z6j64.17b780995fef39a1", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1073", + "self_link": null, + "uid": "dcaadf9d-28c2-48e4-bd8f-316f2444be9e" + }, + "reason": "Started", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker3" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:32:59+00:00", + "involved_object": { + "api_version": "apps/v1", + "field_path": null, + "kind": "ReplicaSet", + "name": "cass-operator-controller-manager-7f9b66678b", + "namespace": "cass-operator", + "resource_version": "1058", + "uid": "e38b5d98-937b-4f7a-9830-ede14d9e8f42" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:32:59+00:00", + "message": "Created pod: cass-operator-controller-manager-7f9b66678b-z6j64", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:32:59+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:32:59+00:00" + } + ], + "name": "cass-operator-controller-manager-7f9b66678b.17b7809937a72248", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1063", + "self_link": null, + "uid": "499b9514-27e7-4ab6-8952-90d850823ec4" + }, + "reason": "SuccessfulCreate", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "replicaset-controller", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:32:48+00:00", + "involved_object": { + "api_version": "apps/v1", + "field_path": null, + "kind": "Deployment", + "name": "cass-operator-controller-manager", + "namespace": "cass-operator", + "resource_version": "966", + "uid": "df3d20c7-d213-4071-8f88-541e84b55bd6" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:32:48+00:00", + "message": "Scaled up replica set cass-operator-controller-manager-7d7f55d9cb to 1", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:32:48+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:32:48+00:00" + } + ], + "name": "cass-operator-controller-manager.17b78096d75838b9", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "969", + "self_link": null, + "uid": "4c66bc33-d876-44f8-93a8-52aa010af91f" + }, + "reason": "ScalingReplicaSet", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "deployment-controller", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:32:59+00:00", + "involved_object": { + "api_version": "apps/v1", + "field_path": null, + "kind": "Deployment", + "name": "cass-operator-controller-manager", + "namespace": "cass-operator", + "resource_version": "1057", + "uid": "df3d20c7-d213-4071-8f88-541e84b55bd6" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:32:59+00:00", + "message": "Scaled up replica set cass-operator-controller-manager-7f9b66678b to 1", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:32:59+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:32:59+00:00" + } + ], + "name": "cass-operator-controller-manager.17b78099375f2223", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1059", + "self_link": null, + "uid": "f6b0b036-5f1e-4b70-9914-253f13899266" + }, + "reason": "ScalingReplicaSet", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "deployment-controller", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:33:09+00:00", + "involved_object": { + "api_version": "apps/v1", + "field_path": null, + "kind": "Deployment", + "name": "cass-operator-controller-manager", + "namespace": "cass-operator", + "resource_version": "1069", + "uid": "df3d20c7-d213-4071-8f88-541e84b55bd6" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:33:09+00:00", + "message": "Scaled down replica set cass-operator-controller-manager-7d7f55d9cb to 0", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:09+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:09+00:00" + } + ], + "name": "cass-operator-controller-manager.17b7809b8d519b99", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1115", + "self_link": null, + "uid": "835ae817-dc2c-42f4-a5c9-dc0786df9a77" + }, + "reason": "ScalingReplicaSet", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "deployment-controller", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:32:49+00:00", + "involved_object": { + "api_version": "cert-manager.io/v1", + "field_path": null, + "kind": "CertificateRequest", + "name": "cass-operator-serving-cert-xshw4", + "namespace": "cass-operator", + "resource_version": "994", + "uid": "2014f6c2-d7c5-421e-9386-f820843fec26" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:32:49+00:00", + "message": "Certificate request has been approved by cert-manager.io", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:32:49+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "controller", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:32:49+00:00" + } + ], + "name": "cass-operator-serving-cert-xshw4.17b78096e27725b4", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "997", + "self_link": null, + "uid": "7aa06295-d8f8-445c-84f8-eff388ecea35" + }, + "reason": "cert-manager.io", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "cert-manager", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:32:49+00:00", + "involved_object": { + "api_version": "cert-manager.io/v1", + "field_path": null, + "kind": "CertificateRequest", + "name": "cass-operator-serving-cert-xshw4", + "namespace": "cass-operator", + "resource_version": "996", + "uid": "2014f6c2-d7c5-421e-9386-f820843fec26" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:32:49+00:00", + "message": "Certificate will be issued with an empty Issuer DN, which contravenes RFC 5280 and could break some strict clients", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:32:49+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "controller", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:32:49+00:00" + } + ], + "name": "cass-operator-serving-cert-xshw4.17b78096e27b315f", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "998", + "self_link": null, + "uid": "cceab21c-4bef-43e3-8997-18e1daa29426" + }, + "reason": "BadConfig", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "cert-manager", + "host": null + }, + "type": "Warning" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:32:49+00:00", + "involved_object": { + "api_version": "cert-manager.io/v1", + "field_path": null, + "kind": "CertificateRequest", + "name": "cass-operator-serving-cert-xshw4", + "namespace": "cass-operator", + "resource_version": "996", + "uid": "2014f6c2-d7c5-421e-9386-f820843fec26" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:32:49+00:00", + "message": "Certificate fetched from issuer successfully", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:32:49+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "controller", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:32:49+00:00" + } + ], + "name": "cass-operator-serving-cert-xshw4.17b78096e28f0e34", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "999", + "self_link": null, + "uid": "b78eef05-a23f-45d9-a13a-691a31de1b7f" + }, + "reason": "CertificateIssued", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "cert-manager", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:32:49+00:00", + "involved_object": { + "api_version": "cert-manager.io/v1", + "field_path": null, + "kind": "Certificate", + "name": "cass-operator-serving-cert", + "namespace": "cass-operator", + "resource_version": "984", + "uid": "59224551-272c-4f41-9753-d5b3722066de" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:32:49+00:00", + "message": "Issuing certificate as Secret does not exist", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:32:49+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "controller", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:32:49+00:00" + } + ], + "name": "cass-operator-serving-cert.17b78096dc45aa9b", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "989", + "self_link": null, + "uid": "828b4ca4-8651-43cb-9fbc-51285caf3ee5" + }, + "reason": "Issuing", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "cert-manager", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:32:49+00:00", + "involved_object": { + "api_version": "cert-manager.io/v1", + "field_path": null, + "kind": "Certificate", + "name": "cass-operator-serving-cert", + "namespace": "cass-operator", + "resource_version": "988", + "uid": "59224551-272c-4f41-9753-d5b3722066de" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:32:49+00:00", + "message": "Stored new private key in temporary Secret resource \"cass-operator-serving-cert-jcd45\"", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:32:49+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "controller", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:32:49+00:00" + } + ], + "name": "cass-operator-serving-cert.17b78096e16effc6", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "992", + "self_link": null, + "uid": "2df0ab27-2dd8-4608-8264-b14c734258d3" + }, + "reason": "Generated", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "cert-manager", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:32:49+00:00", + "involved_object": { + "api_version": "cert-manager.io/v1", + "field_path": null, + "kind": "Certificate", + "name": "cass-operator-serving-cert", + "namespace": "cass-operator", + "resource_version": "993", + "uid": "59224551-272c-4f41-9753-d5b3722066de" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:32:49+00:00", + "message": "Created new CertificateRequest resource \"cass-operator-serving-cert-xshw4\"", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:32:49+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "controller", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:32:49+00:00" + } + ], + "name": "cass-operator-serving-cert.17b78096e1f36629", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "995", + "self_link": null, + "uid": "b4d96ad9-1103-43c3-ad7c-8b1e9fdb9e6c" + }, + "reason": "Requested", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "cert-manager", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:32:49+00:00", + "involved_object": { + "api_version": "cert-manager.io/v1", + "field_path": null, + "kind": "Certificate", + "name": "cass-operator-serving-cert", + "namespace": "cass-operator", + "resource_version": "993", + "uid": "59224551-272c-4f41-9753-d5b3722066de" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:32:49+00:00", + "message": "The certificate has been successfully issued", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:32:49+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "controller", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:32:49+00:00" + } + ], + "name": "cass-operator-serving-cert.17b78096e34dbc53", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1004", + "self_link": null, + "uid": "f8ec773f-14dd-4e41-9478-b61eb19ce215" + }, + "reason": "Issuing", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "cert-manager", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:33:50+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "Endpoints", + "name": "cluster1-test-cluster-all-pods-service", + "namespace": "cass-operator", + "resource_version": "1388", + "uid": "187bdfe8-5ecd-47db-a200-44d84b6ba723" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:33:50+00:00", + "message": "Failed to update endpoint cass-operator/cluster1-test-cluster-all-pods-service: Operation cannot be fulfilled on endpoints \"cluster1-test-cluster-all-pods-service\": the object has been modified; please apply your changes to the latest version and try again", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:50+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:50+00:00" + } + ], + "name": "cluster1-test-cluster-all-pods-service.17b780a52bc73612", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1408", + "self_link": null, + "uid": "ea53a2e3-6487-4544-84a9-5e9091ec7ccb" + }, + "reason": "FailedToUpdateEndpoint", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "endpoint-controller", + "host": null + }, + "type": "Warning" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:33:33+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "Pod", + "name": "cluster1-test-cluster-default-sts-0", + "namespace": "cass-operator", + "resource_version": "1213", + "uid": "e5322c75-6c05-4e97-90b8-c11bb1c04973" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:33:33+00:00", + "message": "Successfully assigned cass-operator/cluster1-test-cluster-default-sts-0 to acto-0-cluster-0-worker2", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:33+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-scheduler", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:33+00:00" + } + ], + "name": "cluster1-test-cluster-default-sts-0.17b780a121a80034", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1296", + "self_link": null, + "uid": "9b7e58ba-a058-4cb9-b124-f38d07c2690f" + }, + "reason": "Scheduled", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "default-scheduler", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 5, + "event_time": null, + "first_timestamp": "2024-02-26T19:33:33+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "Pod", + "name": "cluster1-test-cluster-default-sts-0", + "namespace": "cass-operator", + "resource_version": "1295", + "uid": "e5322c75-6c05-4e97-90b8-c11bb1c04973" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:33:40+00:00", + "message": "MountVolume.SetUp failed for volume \"encryption-cred-storage\" : secret \"test-cluster-keystore\" not found", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:33+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:33+00:00" + } + ], + "name": "cluster1-test-cluster-default-sts-0.17b780a12cd1bcf0", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1347", + "self_link": null, + "uid": "c85f315b-a93e-4bec-aa43-797d36dafd6e" + }, + "reason": "FailedMount", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker2" + }, + "type": "Warning" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:33:49+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.initContainers{server-config-init}", + "kind": "Pod", + "name": "cluster1-test-cluster-default-sts-0", + "namespace": "cass-operator", + "resource_version": "1295", + "uid": "e5322c75-6c05-4e97-90b8-c11bb1c04973" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:33:49+00:00", + "message": "Container image \"datastax/cass-config-builder:1.0.4-ubi7\" already present on machine", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:49+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:49+00:00" + } + ], + "name": "cluster1-test-cluster-default-sts-0.17b780a4e0bb895a", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1384", + "self_link": null, + "uid": "0d1e118c-22f4-474d-a500-d8da48f476f1" + }, + "reason": "Pulled", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker2" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:33:49+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.initContainers{server-config-init}", + "kind": "Pod", + "name": "cluster1-test-cluster-default-sts-0", + "namespace": "cass-operator", + "resource_version": "1295", + "uid": "e5322c75-6c05-4e97-90b8-c11bb1c04973" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:33:49+00:00", + "message": "Created container server-config-init", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:49+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:49+00:00" + } + ], + "name": "cluster1-test-cluster-default-sts-0.17b780a4e2652bf5", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1385", + "self_link": null, + "uid": "7c4c400b-ddfe-4686-abd8-1db9796c62bc" + }, + "reason": "Created", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker2" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:33:49+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.initContainers{server-config-init}", + "kind": "Pod", + "name": "cluster1-test-cluster-default-sts-0", + "namespace": "cass-operator", + "resource_version": "1295", + "uid": "e5322c75-6c05-4e97-90b8-c11bb1c04973" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:33:49+00:00", + "message": "Started container server-config-init", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:49+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:49+00:00" + } + ], + "name": "cluster1-test-cluster-default-sts-0.17b780a4e920f019", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1386", + "self_link": null, + "uid": "717ae1ae-6871-44da-acbf-5a1d565bd231" + }, + "reason": "Started", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker2" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:33:52+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{cassandra}", + "kind": "Pod", + "name": "cluster1-test-cluster-default-sts-0", + "namespace": "cass-operator", + "resource_version": "1295", + "uid": "e5322c75-6c05-4e97-90b8-c11bb1c04973" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:33:52+00:00", + "message": "Container image \"k8ssandra/cass-management-api:3.11.7\" already present on machine", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:52+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:52+00:00" + } + ], + "name": "cluster1-test-cluster-default-sts-0.17b780a59fea383e", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1418", + "self_link": null, + "uid": "81cb153b-606c-4c1a-afe7-3c6ff655c2da" + }, + "reason": "Pulled", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker2" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:33:52+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{cassandra}", + "kind": "Pod", + "name": "cluster1-test-cluster-default-sts-0", + "namespace": "cass-operator", + "resource_version": "1295", + "uid": "e5322c75-6c05-4e97-90b8-c11bb1c04973" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:33:52+00:00", + "message": "Created container cassandra", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:52+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:52+00:00" + } + ], + "name": "cluster1-test-cluster-default-sts-0.17b780a5a0ee7f1b", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1420", + "self_link": null, + "uid": "f55a979c-686b-4171-bc40-7601d902f616" + }, + "reason": "Created", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker2" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:33:52+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{cassandra}", + "kind": "Pod", + "name": "cluster1-test-cluster-default-sts-0", + "namespace": "cass-operator", + "resource_version": "1295", + "uid": "e5322c75-6c05-4e97-90b8-c11bb1c04973" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:33:52+00:00", + "message": "Started container cassandra", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:52+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:52+00:00" + } + ], + "name": "cluster1-test-cluster-default-sts-0.17b780a5a87f086e", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1421", + "self_link": null, + "uid": "e0db1819-cee3-42ef-aa5f-4fd73f7e1873" + }, + "reason": "Started", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker2" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:33:52+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{server-system-logger}", + "kind": "Pod", + "name": "cluster1-test-cluster-default-sts-0", + "namespace": "cass-operator", + "resource_version": "1295", + "uid": "e5322c75-6c05-4e97-90b8-c11bb1c04973" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:33:52+00:00", + "message": "Container image \"k8ssandra/system-logger:v1.10.3\" already present on machine", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:52+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:52+00:00" + } + ], + "name": "cluster1-test-cluster-default-sts-0.17b780a5a882cfa3", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1422", + "self_link": null, + "uid": "cc7a38cf-9598-4e44-b167-124a07ad13d0" + }, + "reason": "Pulled", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker2" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:33:52+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{server-system-logger}", + "kind": "Pod", + "name": "cluster1-test-cluster-default-sts-0", + "namespace": "cass-operator", + "resource_version": "1295", + "uid": "e5322c75-6c05-4e97-90b8-c11bb1c04973" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:33:52+00:00", + "message": "Created container server-system-logger", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:52+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:52+00:00" + } + ], + "name": "cluster1-test-cluster-default-sts-0.17b780a5aaf45d55", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1423", + "self_link": null, + "uid": "57a5a3ce-70e7-4582-9783-f0bf45359f8b" + }, + "reason": "Created", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker2" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:33:52+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{server-system-logger}", + "kind": "Pod", + "name": "cluster1-test-cluster-default-sts-0", + "namespace": "cass-operator", + "resource_version": "1295", + "uid": "e5322c75-6c05-4e97-90b8-c11bb1c04973" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:33:52+00:00", + "message": "Started container server-system-logger", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:52+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:52+00:00" + } + ], + "name": "cluster1-test-cluster-default-sts-0.17b780a5bd908110", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1428", + "self_link": null, + "uid": "6d881074-eac8-4bd5-b1f3-d39d8df00fc1" + }, + "reason": "Started", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker2" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:34:13+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{cassandra}", + "kind": "Pod", + "name": "cluster1-test-cluster-default-sts-0", + "namespace": "cass-operator", + "resource_version": "1295", + "uid": "e5322c75-6c05-4e97-90b8-c11bb1c04973" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:34:13+00:00", + "message": "Readiness probe failed: HTTP probe failed with statuscode: 500", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:34:13+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:34:13+00:00" + } + ], + "name": "cluster1-test-cluster-default-sts-0.17b780aa72320a75", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1519", + "self_link": null, + "uid": "1b4078ca-949a-49f8-a598-93961ca1abc2" + }, + "reason": "Unhealthy", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker2" + }, + "type": "Warning" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:33:34+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "Pod", + "name": "cluster1-test-cluster-default-sts-1", + "namespace": "cass-operator", + "resource_version": "1220", + "uid": "142b87e9-242a-4cad-aa89-7164a010c1b0" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:33:34+00:00", + "message": "Successfully assigned cass-operator/cluster1-test-cluster-default-sts-1 to acto-0-cluster-0-worker", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:34+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-scheduler", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:34+00:00" + } + ], + "name": "cluster1-test-cluster-default-sts-1.17b780a15d79f179", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1313", + "self_link": null, + "uid": "58ff2be0-d2d6-4ae1-ac1c-b03983bcbd76" + }, + "reason": "Scheduled", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "default-scheduler", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 5, + "event_time": null, + "first_timestamp": "2024-02-26T19:33:34+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "Pod", + "name": "cluster1-test-cluster-default-sts-1", + "namespace": "cass-operator", + "resource_version": "1311", + "uid": "142b87e9-242a-4cad-aa89-7164a010c1b0" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:33:41+00:00", + "message": "MountVolume.SetUp failed for volume \"encryption-cred-storage\" : secret \"test-cluster-keystore\" not found", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:34+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:34+00:00" + } + ], + "name": "cluster1-test-cluster-default-sts-1.17b780a1694de523", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1351", + "self_link": null, + "uid": "b0568206-c861-4e7f-a870-dbcec5488e75" + }, + "reason": "FailedMount", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker" + }, + "type": "Warning" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:33:50+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.initContainers{server-config-init}", + "kind": "Pod", + "name": "cluster1-test-cluster-default-sts-1", + "namespace": "cass-operator", + "resource_version": "1311", + "uid": "142b87e9-242a-4cad-aa89-7164a010c1b0" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:33:50+00:00", + "message": "Container image \"datastax/cass-config-builder:1.0.4-ubi7\" already present on machine", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:50+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:50+00:00" + } + ], + "name": "cluster1-test-cluster-default-sts-1.17b780a51bc1c2fa", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1392", + "self_link": null, + "uid": "6732c1f4-acb5-446a-a43a-786f37868b63" + }, + "reason": "Pulled", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:33:50+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.initContainers{server-config-init}", + "kind": "Pod", + "name": "cluster1-test-cluster-default-sts-1", + "namespace": "cass-operator", + "resource_version": "1311", + "uid": "142b87e9-242a-4cad-aa89-7164a010c1b0" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:33:50+00:00", + "message": "Created container server-config-init", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:50+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:50+00:00" + } + ], + "name": "cluster1-test-cluster-default-sts-1.17b780a51d3a910d", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1394", + "self_link": null, + "uid": "a869481c-4ff1-4b18-9740-314adf3e1fd0" + }, + "reason": "Created", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:33:50+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.initContainers{server-config-init}", + "kind": "Pod", + "name": "cluster1-test-cluster-default-sts-1", + "namespace": "cass-operator", + "resource_version": "1311", + "uid": "142b87e9-242a-4cad-aa89-7164a010c1b0" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:33:50+00:00", + "message": "Started container server-config-init", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:50+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:50+00:00" + } + ], + "name": "cluster1-test-cluster-default-sts-1.17b780a52402b159", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1396", + "self_link": null, + "uid": "6d8acc9d-a6bc-4e49-98a8-ec5452e66487" + }, + "reason": "Started", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:33:53+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{cassandra}", + "kind": "Pod", + "name": "cluster1-test-cluster-default-sts-1", + "namespace": "cass-operator", + "resource_version": "1311", + "uid": "142b87e9-242a-4cad-aa89-7164a010c1b0" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:33:53+00:00", + "message": "Container image \"k8ssandra/cass-management-api:3.11.7\" already present on machine", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:53+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:53+00:00" + } + ], + "name": "cluster1-test-cluster-default-sts-1.17b780a5dd7a330d", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1432", + "self_link": null, + "uid": "c8f7b2ea-c833-470c-bd3d-bd9850cd9ccd" + }, + "reason": "Pulled", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:33:53+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{cassandra}", + "kind": "Pod", + "name": "cluster1-test-cluster-default-sts-1", + "namespace": "cass-operator", + "resource_version": "1311", + "uid": "142b87e9-242a-4cad-aa89-7164a010c1b0" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:33:53+00:00", + "message": "Created container cassandra", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:53+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:53+00:00" + } + ], + "name": "cluster1-test-cluster-default-sts-1.17b780a5df942cae", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1436", + "self_link": null, + "uid": "3df7f462-85c1-421f-a8b3-2d5baa76d072" + }, + "reason": "Created", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:33:53+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{cassandra}", + "kind": "Pod", + "name": "cluster1-test-cluster-default-sts-1", + "namespace": "cass-operator", + "resource_version": "1311", + "uid": "142b87e9-242a-4cad-aa89-7164a010c1b0" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:33:53+00:00", + "message": "Started container cassandra", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:53+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:53+00:00" + } + ], + "name": "cluster1-test-cluster-default-sts-1.17b780a5e682c17a", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1440", + "self_link": null, + "uid": "2ecce790-a935-4a75-b181-23041b2bbb62" + }, + "reason": "Started", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:33:53+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{server-system-logger}", + "kind": "Pod", + "name": "cluster1-test-cluster-default-sts-1", + "namespace": "cass-operator", + "resource_version": "1311", + "uid": "142b87e9-242a-4cad-aa89-7164a010c1b0" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:33:53+00:00", + "message": "Container image \"k8ssandra/system-logger:v1.10.3\" already present on machine", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:53+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:53+00:00" + } + ], + "name": "cluster1-test-cluster-default-sts-1.17b780a5e6874381", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1441", + "self_link": null, + "uid": "1b6c4a6a-e87b-46cf-951c-d1b597c80de4" + }, + "reason": "Pulled", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:33:53+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{server-system-logger}", + "kind": "Pod", + "name": "cluster1-test-cluster-default-sts-1", + "namespace": "cass-operator", + "resource_version": "1311", + "uid": "142b87e9-242a-4cad-aa89-7164a010c1b0" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:33:53+00:00", + "message": "Created container server-system-logger", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:53+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:53+00:00" + } + ], + "name": "cluster1-test-cluster-default-sts-1.17b780a5ea6ba1b4", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1443", + "self_link": null, + "uid": "bfe6d9ae-6c8f-42c6-9386-d8b292ae3096" + }, + "reason": "Created", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:33:54+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{server-system-logger}", + "kind": "Pod", + "name": "cluster1-test-cluster-default-sts-1", + "namespace": "cass-operator", + "resource_version": "1311", + "uid": "142b87e9-242a-4cad-aa89-7164a010c1b0" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:33:54+00:00", + "message": "Started container server-system-logger", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:54+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:54+00:00" + } + ], + "name": "cluster1-test-cluster-default-sts-1.17b780a5fe65cf80", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1444", + "self_link": null, + "uid": "f22ff48a-c020-4fab-956a-fa7f4a086401" + }, + "reason": "Started", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 11, + "event_time": null, + "first_timestamp": "2024-02-26T19:34:14+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{cassandra}", + "kind": "Pod", + "name": "cluster1-test-cluster-default-sts-1", + "namespace": "cass-operator", + "resource_version": "1311", + "uid": "142b87e9-242a-4cad-aa89-7164a010c1b0" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:35:34+00:00", + "message": "Readiness probe failed: HTTP probe failed with statuscode: 500", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:34:14+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:34:14+00:00" + } + ], + "name": "cluster1-test-cluster-default-sts-1.17b780aaadf5a195", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1835", + "self_link": null, + "uid": "cb748768-3ef5-45ab-9f03-98f55316f4ad" + }, + "reason": "Unhealthy", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker" + }, + "type": "Warning" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:33:34+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "Pod", + "name": "cluster1-test-cluster-default-sts-2", + "namespace": "cass-operator", + "resource_version": "1230", + "uid": "939bdbbf-0ce4-4888-b71e-12983ba5c9aa" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:33:34+00:00", + "message": "Successfully assigned cass-operator/cluster1-test-cluster-default-sts-2 to acto-0-cluster-0-worker3", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:34+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-scheduler", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:34+00:00" + } + ], + "name": "cluster1-test-cluster-default-sts-2.17b780a15dcbbf74", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1316", + "self_link": null, + "uid": "9d12a848-2f02-4b9e-8f09-e6ddf32d037f" + }, + "reason": "Scheduled", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "default-scheduler", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 5, + "event_time": null, + "first_timestamp": "2024-02-26T19:33:34+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "Pod", + "name": "cluster1-test-cluster-default-sts-2", + "namespace": "cass-operator", + "resource_version": "1314", + "uid": "939bdbbf-0ce4-4888-b71e-12983ba5c9aa" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:33:41+00:00", + "message": "MountVolume.SetUp failed for volume \"encryption-cred-storage\" : secret \"test-cluster-keystore\" not found", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:34+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:34+00:00" + } + ], + "name": "cluster1-test-cluster-default-sts-2.17b780a16d4e9ef7", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1352", + "self_link": null, + "uid": "ecc7ef34-c65d-44a9-9888-3fc2d0972d9f" + }, + "reason": "FailedMount", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker3" + }, + "type": "Warning" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:33:50+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.initContainers{server-config-init}", + "kind": "Pod", + "name": "cluster1-test-cluster-default-sts-2", + "namespace": "cass-operator", + "resource_version": "1314", + "uid": "939bdbbf-0ce4-4888-b71e-12983ba5c9aa" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:33:50+00:00", + "message": "Container image \"datastax/cass-config-builder:1.0.4-ubi7\" already present on machine", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:50+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:50+00:00" + } + ], + "name": "cluster1-test-cluster-default-sts-2.17b780a51bf2e7c3", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1393", + "self_link": null, + "uid": "053e8fd0-2659-4df5-9f59-7e1037d51b20" + }, + "reason": "Pulled", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker3" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:33:50+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.initContainers{server-config-init}", + "kind": "Pod", + "name": "cluster1-test-cluster-default-sts-2", + "namespace": "cass-operator", + "resource_version": "1314", + "uid": "939bdbbf-0ce4-4888-b71e-12983ba5c9aa" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:33:50+00:00", + "message": "Created container server-config-init", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:50+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:50+00:00" + } + ], + "name": "cluster1-test-cluster-default-sts-2.17b780a51d3a91ac", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1395", + "self_link": null, + "uid": "bc68a90a-6904-46d9-999f-3041872fe4af" + }, + "reason": "Created", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker3" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:33:50+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.initContainers{server-config-init}", + "kind": "Pod", + "name": "cluster1-test-cluster-default-sts-2", + "namespace": "cass-operator", + "resource_version": "1314", + "uid": "939bdbbf-0ce4-4888-b71e-12983ba5c9aa" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:33:50+00:00", + "message": "Started container server-config-init", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:50+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:50+00:00" + } + ], + "name": "cluster1-test-cluster-default-sts-2.17b780a5245deddd", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1397", + "self_link": null, + "uid": "89ca76c4-ce99-4180-b1d1-fc9539a5375b" + }, + "reason": "Started", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker3" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:33:53+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{cassandra}", + "kind": "Pod", + "name": "cluster1-test-cluster-default-sts-2", + "namespace": "cass-operator", + "resource_version": "1314", + "uid": "939bdbbf-0ce4-4888-b71e-12983ba5c9aa" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:33:53+00:00", + "message": "Container image \"k8ssandra/cass-management-api:3.11.7\" already present on machine", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:53+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:53+00:00" + } + ], + "name": "cluster1-test-cluster-default-sts-2.17b780a5dd80122e", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1433", + "self_link": null, + "uid": "7be2ab75-3235-4017-8980-faf4753238b1" + }, + "reason": "Pulled", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker3" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:33:53+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{cassandra}", + "kind": "Pod", + "name": "cluster1-test-cluster-default-sts-2", + "namespace": "cass-operator", + "resource_version": "1314", + "uid": "939bdbbf-0ce4-4888-b71e-12983ba5c9aa" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:33:53+00:00", + "message": "Created container cassandra", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:53+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:53+00:00" + } + ], + "name": "cluster1-test-cluster-default-sts-2.17b780a5dfa0cbf7", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1437", + "self_link": null, + "uid": "c5501d58-6d39-4a80-ba86-26c5c830b19b" + }, + "reason": "Created", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker3" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:33:53+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{cassandra}", + "kind": "Pod", + "name": "cluster1-test-cluster-default-sts-2", + "namespace": "cass-operator", + "resource_version": "1314", + "uid": "939bdbbf-0ce4-4888-b71e-12983ba5c9aa" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:33:53+00:00", + "message": "Started container cassandra", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:53+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:53+00:00" + } + ], + "name": "cluster1-test-cluster-default-sts-2.17b780a5e63e8be3", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1438", + "self_link": null, + "uid": "74846a78-8eaa-44eb-bbee-68d37ce60f26" + }, + "reason": "Started", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker3" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:33:53+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{server-system-logger}", + "kind": "Pod", + "name": "cluster1-test-cluster-default-sts-2", + "namespace": "cass-operator", + "resource_version": "1314", + "uid": "939bdbbf-0ce4-4888-b71e-12983ba5c9aa" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:33:53+00:00", + "message": "Container image \"k8ssandra/system-logger:v1.10.3\" already present on machine", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:53+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:53+00:00" + } + ], + "name": "cluster1-test-cluster-default-sts-2.17b780a5e64598fc", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1439", + "self_link": null, + "uid": "3b2a59cd-4e85-41c2-8b84-457076a79598" + }, + "reason": "Pulled", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker3" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:33:53+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{server-system-logger}", + "kind": "Pod", + "name": "cluster1-test-cluster-default-sts-2", + "namespace": "cass-operator", + "resource_version": "1314", + "uid": "939bdbbf-0ce4-4888-b71e-12983ba5c9aa" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:33:53+00:00", + "message": "Created container server-system-logger", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:53+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:53+00:00" + } + ], + "name": "cluster1-test-cluster-default-sts-2.17b780a5e83daedd", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1442", + "self_link": null, + "uid": "a3a2aa2c-c7a0-4de3-9786-43b3b15fc5b1" + }, + "reason": "Created", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker3" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:33:54+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{server-system-logger}", + "kind": "Pod", + "name": "cluster1-test-cluster-default-sts-2", + "namespace": "cass-operator", + "resource_version": "1314", + "uid": "939bdbbf-0ce4-4888-b71e-12983ba5c9aa" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:33:54+00:00", + "message": "Started container server-system-logger", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:54+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:54+00:00" + } + ], + "name": "cluster1-test-cluster-default-sts-2.17b780a5ff7a1be4", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1445", + "self_link": null, + "uid": "d414e2c7-9462-4708-9068-a63c94a86a41" + }, + "reason": "Started", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker3" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 8, + "event_time": null, + "first_timestamp": "2024-02-26T19:34:14+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{cassandra}", + "kind": "Pod", + "name": "cluster1-test-cluster-default-sts-2", + "namespace": "cass-operator", + "resource_version": "1314", + "uid": "939bdbbf-0ce4-4888-b71e-12983ba5c9aa" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:35:14+00:00", + "message": "Readiness probe failed: HTTP probe failed with statuscode: 500", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:34:14+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:34:14+00:00" + } + ], + "name": "cluster1-test-cluster-default-sts-2.17b780aaae4106dc", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1744", + "self_link": null, + "uid": "4bebab18-f4dd-46f1-a843-794853e9e501" + }, + "reason": "Unhealthy", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker3" + }, + "type": "Warning" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:33:30+00:00", + "involved_object": { + "api_version": "apps/v1", + "field_path": null, + "kind": "StatefulSet", + "name": "cluster1-test-cluster-default-sts", + "namespace": "cass-operator", + "resource_version": "1207", + "uid": "f34321ea-cb8c-422e-8e25-043ede05be43" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:33:30+00:00", + "message": "create Claim server-data-cluster1-test-cluster-default-sts-0 Pod cluster1-test-cluster-default-sts-0 in StatefulSet cluster1-test-cluster-default-sts success", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:30+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:30+00:00" + } + ], + "name": "cluster1-test-cluster-default-sts.17b780a06e26817f", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1212", + "self_link": null, + "uid": "f7dfe283-c496-4c38-8911-38e31f24931e" + }, + "reason": "SuccessfulCreate", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "statefulset-controller", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:33:30+00:00", + "involved_object": { + "api_version": "apps/v1", + "field_path": null, + "kind": "StatefulSet", + "name": "cluster1-test-cluster-default-sts", + "namespace": "cass-operator", + "resource_version": "1207", + "uid": "f34321ea-cb8c-422e-8e25-043ede05be43" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:33:30+00:00", + "message": "create Pod cluster1-test-cluster-default-sts-0 in StatefulSet cluster1-test-cluster-default-sts successful", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:30+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:30+00:00" + } + ], + "name": "cluster1-test-cluster-default-sts.17b780a06e551a4b", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1214", + "self_link": null, + "uid": "90201f19-d3fc-4299-a4a2-aca332291e92" + }, + "reason": "SuccessfulCreate", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "statefulset-controller", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:33:30+00:00", + "involved_object": { + "api_version": "apps/v1", + "field_path": null, + "kind": "StatefulSet", + "name": "cluster1-test-cluster-default-sts", + "namespace": "cass-operator", + "resource_version": "1207", + "uid": "f34321ea-cb8c-422e-8e25-043ede05be43" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:33:30+00:00", + "message": "create Claim server-data-cluster1-test-cluster-default-sts-1 Pod cluster1-test-cluster-default-sts-1 in StatefulSet cluster1-test-cluster-default-sts success", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:30+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:30+00:00" + } + ], + "name": "cluster1-test-cluster-default-sts.17b780a06e79efbf", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1218", + "self_link": null, + "uid": "683cd0f0-9dfc-44ac-b46e-c78148e19f9b" + }, + "reason": "SuccessfulCreate", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "statefulset-controller", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:33:30+00:00", + "involved_object": { + "api_version": "apps/v1", + "field_path": null, + "kind": "StatefulSet", + "name": "cluster1-test-cluster-default-sts", + "namespace": "cass-operator", + "resource_version": "1207", + "uid": "f34321ea-cb8c-422e-8e25-043ede05be43" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:33:30+00:00", + "message": "create Pod cluster1-test-cluster-default-sts-1 in StatefulSet cluster1-test-cluster-default-sts successful", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:30+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:30+00:00" + } + ], + "name": "cluster1-test-cluster-default-sts.17b780a06eaf9248", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1222", + "self_link": null, + "uid": "145cfbe8-7ef9-4856-b4cf-f0001e0f694b" + }, + "reason": "SuccessfulCreate", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "statefulset-controller", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:33:30+00:00", + "involved_object": { + "api_version": "apps/v1", + "field_path": null, + "kind": "StatefulSet", + "name": "cluster1-test-cluster-default-sts", + "namespace": "cass-operator", + "resource_version": "1207", + "uid": "f34321ea-cb8c-422e-8e25-043ede05be43" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:33:30+00:00", + "message": "create Claim server-data-cluster1-test-cluster-default-sts-2 Pod cluster1-test-cluster-default-sts-2 in StatefulSet cluster1-test-cluster-default-sts success", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:30+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:30+00:00" + } + ], + "name": "cluster1-test-cluster-default-sts.17b780a06ee3bf95", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1227", + "self_link": null, + "uid": "e59f51f5-d0eb-4229-b726-98d1db91fa1e" + }, + "reason": "SuccessfulCreate", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "statefulset-controller", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:33:30+00:00", + "involved_object": { + "api_version": "apps/v1", + "field_path": null, + "kind": "StatefulSet", + "name": "cluster1-test-cluster-default-sts", + "namespace": "cass-operator", + "resource_version": "1207", + "uid": "f34321ea-cb8c-422e-8e25-043ede05be43" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:33:30+00:00", + "message": "create Pod cluster1-test-cluster-default-sts-2 in StatefulSet cluster1-test-cluster-default-sts successful", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:30+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:30+00:00" + } + ], + "name": "cluster1-test-cluster-default-sts.17b780a06f198f10", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1234", + "self_link": null, + "uid": "3fb7b81a-b237-404a-927c-52cf6a16a725" + }, + "reason": "SuccessfulCreate", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "statefulset-controller", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:33:50+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "Endpoints", + "name": "cluster1-test-cluster-service", + "namespace": "cass-operator", + "resource_version": "1389", + "uid": "279f15dd-d046-4501-a5a5-365b12a8c9a8" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:33:50+00:00", + "message": "Failed to update endpoint cass-operator/cluster1-test-cluster-service: Operation cannot be fulfilled on endpoints \"cluster1-test-cluster-service\": the object has been modified; please apply your changes to the latest version and try again", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:50+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:50+00:00" + } + ], + "name": "cluster1-test-cluster-service.17b780a52bc733ad", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1407", + "self_link": null, + "uid": "292392ad-89ce-4211-a0eb-a7a2629fc28e" + }, + "reason": "FailedToUpdateEndpoint", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "endpoint-controller", + "host": null + }, + "type": "Warning" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:33:30+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "PersistentVolumeClaim", + "name": "server-data-cluster1-test-cluster-default-sts-0", + "namespace": "cass-operator", + "resource_version": "1211", + "uid": "b78a30f1-4bf6-43d3-9df5-d10275907d6f" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:33:30+00:00", + "message": "waiting for first consumer to be created before binding", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:30+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:30+00:00" + } + ], + "name": "server-data-cluster1-test-cluster-default-sts-0.17b780a06e489826", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1221", + "self_link": null, + "uid": "7ba031c3-0084-4533-b025-c2842ead249d" + }, + "reason": "WaitForFirstConsumer", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "persistentvolume-controller", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 2, + "event_time": null, + "first_timestamp": "2024-02-26T19:33:30+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "PersistentVolumeClaim", + "name": "server-data-cluster1-test-cluster-default-sts-0", + "namespace": "cass-operator", + "resource_version": "1226", + "uid": "b78a30f1-4bf6-43d3-9df5-d10275907d6f" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:33:30+00:00", + "message": "waiting for a volume to be created, either by external provisioner \"rancher.io/local-path\" or manually created by system administrator", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:30+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:30+00:00" + } + ], + "name": "server-data-cluster1-test-cluster-default-sts-0.17b780a06ef29aec", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1249", + "self_link": null, + "uid": "dde21c64-ab1c-4319-9122-07b17eeb84f8" + }, + "reason": "ExternalProvisioning", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "persistentvolume-controller", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:33:30+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "PersistentVolumeClaim", + "name": "server-data-cluster1-test-cluster-default-sts-0", + "namespace": "cass-operator", + "resource_version": "1226", + "uid": "b78a30f1-4bf6-43d3-9df5-d10275907d6f" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:33:30+00:00", + "message": "External provisioner is provisioning volume for claim \"cass-operator/server-data-cluster1-test-cluster-default-sts-0\"", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:30+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "local-path-provisioner", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:30+00:00" + } + ], + "name": "server-data-cluster1-test-cluster-default-sts-0.17b780a06f34d42c", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1236", + "self_link": null, + "uid": "ce9ebbd7-70ec-4490-b651-1b12349187ca" + }, + "reason": "Provisioning", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "rancher.io/local-path_local-path-provisioner-5bb5788f44-7cpkm_5decbb85-8e4d-4409-9f33-7841251db022", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:33:32+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "PersistentVolumeClaim", + "name": "server-data-cluster1-test-cluster-default-sts-0", + "namespace": "cass-operator", + "resource_version": "1226", + "uid": "b78a30f1-4bf6-43d3-9df5-d10275907d6f" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:33:32+00:00", + "message": "Successfully provisioned volume pvc-b78a30f1-4bf6-43d3-9df5-d10275907d6f", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:32+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "local-path-provisioner", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:32+00:00" + } + ], + "name": "server-data-cluster1-test-cluster-default-sts-0.17b780a0f24a67bc", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1289", + "self_link": null, + "uid": "61c16445-7b15-48eb-8e23-755717e21bd7" + }, + "reason": "ProvisioningSucceeded", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "rancher.io/local-path_local-path-provisioner-5bb5788f44-7cpkm_5decbb85-8e4d-4409-9f33-7841251db022", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:33:30+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "PersistentVolumeClaim", + "name": "server-data-cluster1-test-cluster-default-sts-1", + "namespace": "cass-operator", + "resource_version": "1216", + "uid": "5921cc87-b65e-4389-9c27-bfd4674f40dc" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:33:30+00:00", + "message": "waiting for first consumer to be created before binding", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:30+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:30+00:00" + } + ], + "name": "server-data-cluster1-test-cluster-default-sts-1.17b780a06e7b2649", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1224", + "self_link": null, + "uid": "68004291-8d01-4969-95e9-fd2b609442e1" + }, + "reason": "WaitForFirstConsumer", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "persistentvolume-controller", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 2, + "event_time": null, + "first_timestamp": "2024-02-26T19:33:30+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "PersistentVolumeClaim", + "name": "server-data-cluster1-test-cluster-default-sts-1", + "namespace": "cass-operator", + "resource_version": "1229", + "uid": "5921cc87-b65e-4389-9c27-bfd4674f40dc" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:33:30+00:00", + "message": "waiting for a volume to be created, either by external provisioner \"rancher.io/local-path\" or manually created by system administrator", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:30+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:30+00:00" + } + ], + "name": "server-data-cluster1-test-cluster-default-sts-1.17b780a06efe266e", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1250", + "self_link": null, + "uid": "6d176d05-4720-46d8-94d5-bda0666c1dd5" + }, + "reason": "ExternalProvisioning", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "persistentvolume-controller", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:33:30+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "PersistentVolumeClaim", + "name": "server-data-cluster1-test-cluster-default-sts-1", + "namespace": "cass-operator", + "resource_version": "1229", + "uid": "5921cc87-b65e-4389-9c27-bfd4674f40dc" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:33:30+00:00", + "message": "External provisioner is provisioning volume for claim \"cass-operator/server-data-cluster1-test-cluster-default-sts-1\"", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:30+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "local-path-provisioner", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:30+00:00" + } + ], + "name": "server-data-cluster1-test-cluster-default-sts-1.17b780a06f4457c0", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1238", + "self_link": null, + "uid": "06c43b28-8afa-4ddb-ad9b-32ae9f664d9d" + }, + "reason": "Provisioning", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "rancher.io/local-path_local-path-provisioner-5bb5788f44-7cpkm_5decbb85-8e4d-4409-9f33-7841251db022", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:33:33+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "PersistentVolumeClaim", + "name": "server-data-cluster1-test-cluster-default-sts-1", + "namespace": "cass-operator", + "resource_version": "1229", + "uid": "5921cc87-b65e-4389-9c27-bfd4674f40dc" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:33:33+00:00", + "message": "Successfully provisioned volume pvc-5921cc87-b65e-4389-9c27-bfd4674f40dc", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:33+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "local-path-provisioner", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:33+00:00" + } + ], + "name": "server-data-cluster1-test-cluster-default-sts-1.17b780a121e126d8", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1305", + "self_link": null, + "uid": "4ae95be4-0eae-4956-92c9-f05dc064bcb6" + }, + "reason": "ProvisioningSucceeded", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "rancher.io/local-path_local-path-provisioner-5bb5788f44-7cpkm_5decbb85-8e4d-4409-9f33-7841251db022", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:33:30+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "PersistentVolumeClaim", + "name": "server-data-cluster1-test-cluster-default-sts-2", + "namespace": "cass-operator", + "resource_version": "1223", + "uid": "46c1b026-ace4-4bb1-83b7-39b6f5a2cb7f" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:33:30+00:00", + "message": "waiting for first consumer to be created before binding", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:30+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:30+00:00" + } + ], + "name": "server-data-cluster1-test-cluster-default-sts-2.17b780a06ee0bbbc", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1228", + "self_link": null, + "uid": "b5416c3f-7ce0-4d5f-affa-fe11ff08ebd3" + }, + "reason": "WaitForFirstConsumer", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "persistentvolume-controller", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 2, + "event_time": null, + "first_timestamp": "2024-02-26T19:33:30+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "PersistentVolumeClaim", + "name": "server-data-cluster1-test-cluster-default-sts-2", + "namespace": "cass-operator", + "resource_version": "1237", + "uid": "46c1b026-ace4-4bb1-83b7-39b6f5a2cb7f" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:33:30+00:00", + "message": "waiting for a volume to be created, either by external provisioner \"rancher.io/local-path\" or manually created by system administrator", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:30+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:30+00:00" + } + ], + "name": "server-data-cluster1-test-cluster-default-sts-2.17b780a06f841708", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1251", + "self_link": null, + "uid": "4c51198a-d64d-49ca-af5c-6d71d18fea84" + }, + "reason": "ExternalProvisioning", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "persistentvolume-controller", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:33:30+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "PersistentVolumeClaim", + "name": "server-data-cluster1-test-cluster-default-sts-2", + "namespace": "cass-operator", + "resource_version": "1237", + "uid": "46c1b026-ace4-4bb1-83b7-39b6f5a2cb7f" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:33:30+00:00", + "message": "External provisioner is provisioning volume for claim \"cass-operator/server-data-cluster1-test-cluster-default-sts-2\"", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:30+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "local-path-provisioner", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:30+00:00" + } + ], + "name": "server-data-cluster1-test-cluster-default-sts-2.17b780a06fa73a23", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1248", + "self_link": null, + "uid": "5045f6be-2f45-4ca6-bdbb-a4f421d125e2" + }, + "reason": "Provisioning", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "rancher.io/local-path_local-path-provisioner-5bb5788f44-7cpkm_5decbb85-8e4d-4409-9f33-7841251db022", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:33:33+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "PersistentVolumeClaim", + "name": "server-data-cluster1-test-cluster-default-sts-2", + "namespace": "cass-operator", + "resource_version": "1237", + "uid": "46c1b026-ace4-4bb1-83b7-39b6f5a2cb7f" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:33:33+00:00", + "message": "Successfully provisioned volume pvc-46c1b026-ace4-4bb1-83b7-39b6f5a2cb7f", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:34+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "local-path-provisioner", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:34+00:00" + } + ], + "name": "server-data-cluster1-test-cluster-default-sts-2.17b780a145a9b68a", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1312", + "self_link": null, + "uid": "196abf14-5639-4ec5-b109-87a85b82cd74" + }, + "reason": "ProvisioningSucceeded", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "rancher.io/local-path_local-path-provisioner-5bb5788f44-7cpkm_5decbb85-8e4d-4409-9f33-7841251db022", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:33:30+00:00", + "involved_object": { + "api_version": "cassandra.datastax.com/v1beta1", + "field_path": null, + "kind": "CassandraDatacenter", + "name": "test-cluster", + "namespace": "cass-operator", + "resource_version": "1189", + "uid": "9b81ee5e-f473-4cc4-8eba-88b9581a973d" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:33:30+00:00", + "message": "Created service cluster1-test-cluster-service", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:30+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:30+00:00" + } + ], + "name": "test-cluster.17b780a066874845", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1192", + "self_link": null, + "uid": "97a5d22a-895f-4434-9101-43fcc4823e86" + }, + "reason": "CreatedResource", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "cass-operator", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:33:30+00:00", + "involved_object": { + "api_version": "cassandra.datastax.com/v1beta1", + "field_path": null, + "kind": "CassandraDatacenter", + "name": "test-cluster", + "namespace": "cass-operator", + "resource_version": "1189", + "uid": "9b81ee5e-f473-4cc4-8eba-88b9581a973d" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:33:30+00:00", + "message": "Created service cluster1-seed-service", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:30+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:30+00:00" + } + ], + "name": "test-cluster.17b780a0669f50af", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1194", + "self_link": null, + "uid": "0cca2b0f-8083-4312-93c9-c42725b01abd" + }, + "reason": "CreatedResource", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "cass-operator", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:33:30+00:00", + "involved_object": { + "api_version": "cassandra.datastax.com/v1beta1", + "field_path": null, + "kind": "CassandraDatacenter", + "name": "test-cluster", + "namespace": "cass-operator", + "resource_version": "1189", + "uid": "9b81ee5e-f473-4cc4-8eba-88b9581a973d" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:33:30+00:00", + "message": "Created service cluster1-test-cluster-all-pods-service", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:30+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:30+00:00" + } + ], + "name": "test-cluster.17b780a066c4b8d1", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1199", + "self_link": null, + "uid": "ca6a40d2-bade-4084-a30c-7d0b0880f212" + }, + "reason": "CreatedResource", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "cass-operator", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:33:30+00:00", + "involved_object": { + "api_version": "cassandra.datastax.com/v1beta1", + "field_path": null, + "kind": "CassandraDatacenter", + "name": "test-cluster", + "namespace": "cass-operator", + "resource_version": "1189", + "uid": "9b81ee5e-f473-4cc4-8eba-88b9581a973d" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:33:30+00:00", + "message": "Created service cluster1-test-cluster-additional-seed-service", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:30+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:30+00:00" + } + ], + "name": "test-cluster.17b780a066ea4c1e", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1203", + "self_link": null, + "uid": "88ed55d6-8b36-4988-bcc3-0e659fe0fcc2" + }, + "reason": "CreatedResource", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "cass-operator", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:33:30+00:00", + "involved_object": { + "api_version": "cassandra.datastax.com/v1beta1", + "field_path": null, + "kind": "CassandraDatacenter", + "name": "test-cluster", + "namespace": "cass-operator", + "resource_version": "1206", + "uid": "9b81ee5e-f473-4cc4-8eba-88b9581a973d" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:33:30+00:00", + "message": "Created statefulset cluster1-test-cluster-default-sts", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:30+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:30+00:00" + } + ], + "name": "test-cluster.17b780a06d762f64", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1208", + "self_link": null, + "uid": "c5bca11a-22ea-43bb-a070-e6fe76df5b04" + }, + "reason": "CreatedResource", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "cass-operator", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:34:03+00:00", + "involved_object": { + "api_version": "cassandra.datastax.com/v1beta1", + "field_path": null, + "kind": "CassandraDatacenter", + "name": "test-cluster", + "namespace": "cass-operator", + "resource_version": "1369", + "uid": "9b81ee5e-f473-4cc4-8eba-88b9581a973d" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:34:03+00:00", + "message": "Labeled pod a seed node cluster1-test-cluster-default-sts-0", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:34:03+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:34:03+00:00" + } + ], + "name": "test-cluster.17b780a81c8d4c8f", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1484", + "self_link": null, + "uid": "998a1bed-463d-45f2-b01d-48efe5d0a190" + }, + "reason": "LabeledPodAsSeed", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "cass-operator", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:34:08+00:00", + "involved_object": { + "api_version": "cassandra.datastax.com/v1beta1", + "field_path": null, + "kind": "CassandraDatacenter", + "name": "test-cluster", + "namespace": "cass-operator", + "resource_version": "1369", + "uid": "9b81ee5e-f473-4cc4-8eba-88b9581a973d" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:34:08+00:00", + "message": "Starting Cassandra for pod cluster1-test-cluster-default-sts-0", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:34:08+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:34:08+00:00" + } + ], + "name": "test-cluster.17b780a9469c0a3e", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1498", + "self_link": null, + "uid": "7fe54c6f-790e-4b33-8af1-8cb0489c44d4" + }, + "reason": "StartingCassandra", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "cass-operator", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:34:28+00:00", + "involved_object": { + "api_version": "cassandra.datastax.com/v1beta1", + "field_path": null, + "kind": "CassandraDatacenter", + "name": "test-cluster", + "namespace": "cass-operator", + "resource_version": "1579", + "uid": "9b81ee5e-f473-4cc4-8eba-88b9581a973d" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:34:28+00:00", + "message": "Started Cassandra for pod cluster1-test-cluster-default-sts-0", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:34:28+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:34:28+00:00" + } + ], + "name": "test-cluster.17b780adfc8b0101", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1580", + "self_link": null, + "uid": "3bd20f2d-8c01-46c0-ba2d-1750a96f8bc4" + }, + "reason": "StartedCassandra", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "cass-operator", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:34:28+00:00", + "involved_object": { + "api_version": "cassandra.datastax.com/v1beta1", + "field_path": null, + "kind": "CassandraDatacenter", + "name": "test-cluster", + "namespace": "cass-operator", + "resource_version": "1579", + "uid": "9b81ee5e-f473-4cc4-8eba-88b9581a973d" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:34:28+00:00", + "message": "Starting Cassandra for pod cluster1-test-cluster-default-sts-2", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:34:28+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:34:28+00:00" + } + ], + "name": "test-cluster.17b780adfd764234", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1582", + "self_link": null, + "uid": "ab2a8a84-00d7-4192-a06e-436cfe07dd07" + }, + "reason": "StartingCassandra", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "cass-operator", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:35:24+00:00", + "involved_object": { + "api_version": "cassandra.datastax.com/v1beta1", + "field_path": null, + "kind": "CassandraDatacenter", + "name": "test-cluster", + "namespace": "cass-operator", + "resource_version": "1754", + "uid": "9b81ee5e-f473-4cc4-8eba-88b9581a973d" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:35:24+00:00", + "message": "Labeled as seed node pod cluster1-test-cluster-default-sts-2", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:35:24+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:35:24+00:00" + } + ], + "name": "test-cluster.17b780bafbb78bd5", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1788", + "self_link": null, + "uid": "2bec650e-773b-4163-8af3-7c83189c4f16" + }, + "reason": "LabeledPodAsSeed", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "cass-operator", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:35:24+00:00", + "involved_object": { + "api_version": "cassandra.datastax.com/v1beta1", + "field_path": null, + "kind": "CassandraDatacenter", + "name": "test-cluster", + "namespace": "cass-operator", + "resource_version": "1754", + "uid": "9b81ee5e-f473-4cc4-8eba-88b9581a973d" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:35:24+00:00", + "message": "Started Cassandra for pod cluster1-test-cluster-default-sts-2", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:35:24+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:35:24+00:00" + } + ], + "name": "test-cluster.17b780bafc714add", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1792", + "self_link": null, + "uid": "f8695ae9-6665-435c-b47f-5a59274a477a" + }, + "reason": "StartedCassandra", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "cass-operator", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:35:24+00:00", + "involved_object": { + "api_version": "cassandra.datastax.com/v1beta1", + "field_path": null, + "kind": "CassandraDatacenter", + "name": "test-cluster", + "namespace": "cass-operator", + "resource_version": "1754", + "uid": "9b81ee5e-f473-4cc4-8eba-88b9581a973d" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:35:24+00:00", + "message": "Starting Cassandra for pod cluster1-test-cluster-default-sts-1", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:35:24+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:35:24+00:00" + } + ], + "name": "test-cluster.17b780bafddb8a91", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1794", + "self_link": null, + "uid": "a9935a16-b449-4a4e-9595-0faa7fbdd5fb" + }, + "reason": "StartingCassandra", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "cass-operator", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:36:14+00:00", + "involved_object": { + "api_version": "cassandra.datastax.com/v1beta1", + "field_path": null, + "kind": "CassandraDatacenter", + "name": "test-cluster", + "namespace": "cass-operator", + "resource_version": "1960", + "uid": "9b81ee5e-f473-4cc4-8eba-88b9581a973d" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:36:14+00:00", + "message": "Labeled as seed node pod cluster1-test-cluster-default-sts-1", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:36:14+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:36:14+00:00" + } + ], + "name": "test-cluster.17b780c6a00d148f", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1971", + "self_link": null, + "uid": "fa01b29e-301f-49d8-85eb-409b94f5e8b5" + }, + "reason": "LabeledPodAsSeed", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "cass-operator", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:36:14+00:00", + "involved_object": { + "api_version": "cassandra.datastax.com/v1beta1", + "field_path": null, + "kind": "CassandraDatacenter", + "name": "test-cluster", + "namespace": "cass-operator", + "resource_version": "1960", + "uid": "9b81ee5e-f473-4cc4-8eba-88b9581a973d" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:36:14+00:00", + "message": "Started Cassandra for pod cluster1-test-cluster-default-sts-1", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:36:14+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:36:14+00:00" + } + ], + "name": "test-cluster.17b780c6a0e8a98c", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1975", + "self_link": null, + "uid": "8a7cdd6c-9e2c-4950-b4c0-c9d5ae5eb2ab" + }, + "reason": "StartedCassandra", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "cass-operator", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:36:14+00:00", + "involved_object": { + "api_version": "cassandra.datastax.com/v1beta1", + "field_path": null, + "kind": "CassandraDatacenter", + "name": "test-cluster", + "namespace": "cass-operator", + "resource_version": "1960", + "uid": "9b81ee5e-f473-4cc4-8eba-88b9581a973d" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:36:14+00:00", + "message": "Created PodDisruptionBudget test-cluster-pdb", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:36:14+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:36:14+00:00" + } + ], + "name": "test-cluster.17b780c6a2662eec", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1978", + "self_link": null, + "uid": "da2043b8-26d5-4cdf-a5bf-9b0e4bd6a3d5" + }, + "reason": "CreatedResource", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "cass-operator", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 3, + "event_time": null, + "first_timestamp": "2024-02-26T19:36:14+00:00", + "involved_object": { + "api_version": "cassandra.datastax.com/v1beta1", + "field_path": null, + "kind": "CassandraDatacenter", + "name": "test-cluster", + "namespace": "cass-operator", + "resource_version": "1960", + "uid": "9b81ee5e-f473-4cc4-8eba-88b9581a973d" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:36:14+00:00", + "message": "Created users", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:36:14+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:36:14+00:00" + } + ], + "name": "test-cluster.17b780c6a7392ced", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1989", + "self_link": null, + "uid": "ef0d5f06-0ac9-46ad-88ee-6e0a27702fd1" + }, + "reason": "CreatedUsers", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "cass-operator", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 3, + "event_time": null, + "first_timestamp": "2024-02-26T19:36:14+00:00", + "involved_object": { + "api_version": "cassandra.datastax.com/v1beta1", + "field_path": null, + "kind": "CassandraDatacenter", + "name": "test-cluster", + "namespace": "cass-operator", + "resource_version": "1960", + "uid": "9b81ee5e-f473-4cc4-8eba-88b9581a973d" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:36:14+00:00", + "message": "Created superuser", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:36:14+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:36:14+00:00" + } + ], + "name": "test-cluster.17b780c6a739537f", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1990", + "self_link": null, + "uid": "99eff182-881b-4e69-8647-7cd0d1345d44" + }, + "reason": "CreatedSuperuser", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "cass-operator", + "host": null + }, + "type": "Normal" + } + ], + "kind": "EventList", + "metadata": { + "_continue": null, + "remaining_item_count": null, + "resource_version": "2194", + "self_link": null + } +} diff --git a/docs/alarm_examples/true_alarm/events-001.json b/docs/alarm_examples/true_alarm/events-001.json new file mode 100644 index 0000000000..bd0b49c714 --- /dev/null +++ b/docs/alarm_examples/true_alarm/events-001.json @@ -0,0 +1,6753 @@ +{ + "api_version": "v1", + "items": [ + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:32:50+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "ConfigMap", + "name": "b569adb7.cassandra.datastax.com", + "namespace": "cass-operator", + "resource_version": "1013", + "uid": "addfb43f-462e-43d9-8c36-adfb859f3c69" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:32:50+00:00", + "message": "cass-operator-controller-manager-7d7f55d9cb-bmhtv_7c812c80-59b2-4c52-8c15-f2a5793780b0 became leader", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:32:50+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:32:50+00:00" + } + ], + "name": "b569adb7.cassandra.datastax.com.17b78097228fa12d", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1015", + "self_link": null, + "uid": "b8dad311-fdd0-4191-9d22-407f76d95127" + }, + "reason": "LeaderElection", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "cass-operator-controller-manager-7d7f55d9cb-bmhtv_7c812c80-59b2-4c52-8c15-f2a5793780b0", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:32:50+00:00", + "involved_object": { + "api_version": "coordination.k8s.io/v1", + "field_path": null, + "kind": "Lease", + "name": "b569adb7.cassandra.datastax.com", + "namespace": "cass-operator", + "resource_version": "1014", + "uid": "2c322f6d-370b-40cf-8edb-07813ca2f90f" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:32:50+00:00", + "message": "cass-operator-controller-manager-7d7f55d9cb-bmhtv_7c812c80-59b2-4c52-8c15-f2a5793780b0 became leader", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:32:50+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:32:50+00:00" + } + ], + "name": "b569adb7.cassandra.datastax.com.17b78097228fb73e", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1016", + "self_link": null, + "uid": "8dfbd7f0-567d-401f-94ac-38fa4938f6c3" + }, + "reason": "LeaderElection", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "cass-operator-controller-manager-7d7f55d9cb-bmhtv_7c812c80-59b2-4c52-8c15-f2a5793780b0", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:33:24+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "ConfigMap", + "name": "b569adb7.cassandra.datastax.com", + "namespace": "cass-operator", + "resource_version": "1168", + "uid": "addfb43f-462e-43d9-8c36-adfb859f3c69" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:33:24+00:00", + "message": "cass-operator-controller-manager-7f9b66678b-z6j64_6c9b4450-3b5f-46e2-b713-650dfa0b8f7f became leader", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:24+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:24+00:00" + } + ], + "name": "b569adb7.cassandra.datastax.com.17b7809f22396f65", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1170", + "self_link": null, + "uid": "e8671371-f71c-4106-afa0-d97fa580b917" + }, + "reason": "LeaderElection", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "cass-operator-controller-manager-7f9b66678b-z6j64_6c9b4450-3b5f-46e2-b713-650dfa0b8f7f", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:33:24+00:00", + "involved_object": { + "api_version": "coordination.k8s.io/v1", + "field_path": null, + "kind": "Lease", + "name": "b569adb7.cassandra.datastax.com", + "namespace": "cass-operator", + "resource_version": "1169", + "uid": "2c322f6d-370b-40cf-8edb-07813ca2f90f" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:33:24+00:00", + "message": "cass-operator-controller-manager-7f9b66678b-z6j64_6c9b4450-3b5f-46e2-b713-650dfa0b8f7f became leader", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:24+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:24+00:00" + } + ], + "name": "b569adb7.cassandra.datastax.com.17b7809f223985ee", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1171", + "self_link": null, + "uid": "b2ee970c-9b43-4094-9ab2-3af5e3f158e0" + }, + "reason": "LeaderElection", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "cass-operator-controller-manager-7f9b66678b-z6j64_6c9b4450-3b5f-46e2-b713-650dfa0b8f7f", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:32:48+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "Pod", + "name": "cass-operator-controller-manager-7d7f55d9cb-bmhtv", + "namespace": "cass-operator", + "resource_version": "970", + "uid": "6f9e04c8-3c2b-4e7e-a554-91a903b003b3" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:32:48+00:00", + "message": "Successfully assigned cass-operator/cass-operator-controller-manager-7d7f55d9cb-bmhtv to acto-0-cluster-0-worker3", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:32:48+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-scheduler", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:32:48+00:00" + } + ], + "name": "cass-operator-controller-manager-7d7f55d9cb-bmhtv.17b78096d8cd91c5", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "978", + "self_link": null, + "uid": "2035ec1e-9bc3-4a85-aec9-6d6c86710bbc" + }, + "reason": "Scheduled", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "default-scheduler", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:32:49+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{manager}", + "kind": "Pod", + "name": "cass-operator-controller-manager-7d7f55d9cb-bmhtv", + "namespace": "cass-operator", + "resource_version": "975", + "uid": "6f9e04c8-3c2b-4e7e-a554-91a903b003b3" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:32:49+00:00", + "message": "Container image \"k8ssandra/cass-operator:v1.10.3\" already present on machine", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:32:49+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:32:49+00:00" + } + ], + "name": "cass-operator-controller-manager-7d7f55d9cb-bmhtv.17b78096f96dd470", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1009", + "self_link": null, + "uid": "853bdd4c-0e95-44ff-9703-575ea7517897" + }, + "reason": "Pulled", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker3" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:32:49+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{manager}", + "kind": "Pod", + "name": "cass-operator-controller-manager-7d7f55d9cb-bmhtv", + "namespace": "cass-operator", + "resource_version": "975", + "uid": "6f9e04c8-3c2b-4e7e-a554-91a903b003b3" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:32:49+00:00", + "message": "Created container manager", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:32:49+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:32:49+00:00" + } + ], + "name": "cass-operator-controller-manager-7d7f55d9cb-bmhtv.17b78096faeddc79", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1010", + "self_link": null, + "uid": "f2856902-e7c0-4ce3-983b-51cb0b84a506" + }, + "reason": "Created", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker3" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:32:49+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{manager}", + "kind": "Pod", + "name": "cass-operator-controller-manager-7d7f55d9cb-bmhtv", + "namespace": "cass-operator", + "resource_version": "975", + "uid": "6f9e04c8-3c2b-4e7e-a554-91a903b003b3" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:32:49+00:00", + "message": "Started container manager", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:32:49+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:32:49+00:00" + } + ], + "name": "cass-operator-controller-manager-7d7f55d9cb-bmhtv.17b7809705fa09e5", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1011", + "self_link": null, + "uid": "1cebfee3-0e13-40c5-8fb5-022bfb09a861" + }, + "reason": "Started", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker3" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 2, + "event_time": null, + "first_timestamp": "2024-02-26T19:33:09+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{manager}", + "kind": "Pod", + "name": "cass-operator-controller-manager-7d7f55d9cb-bmhtv", + "namespace": "cass-operator", + "resource_version": "975", + "uid": "6f9e04c8-3c2b-4e7e-a554-91a903b003b3" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:33:10+00:00", + "message": "Stopping container manager", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:09+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:09+00:00" + } + ], + "name": "cass-operator-controller-manager-7d7f55d9cb-bmhtv.17b7809b8db02ac9", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1132", + "self_link": null, + "uid": "c996222b-b180-43eb-8fbc-dc23b4d5c1fc" + }, + "reason": "Killing", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker3" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:33:10+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "Pod", + "name": "cass-operator-controller-manager-7d7f55d9cb-bmhtv", + "namespace": "cass-operator", + "resource_version": null, + "uid": "6f9e04c8-3c2b-4e7e-a554-91a903b003b3" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:33:10+00:00", + "message": "error killing pod: failed to \"KillContainer\" for \"manager\" with KillContainerError: \"rpc error: code = NotFound desc = an error occurred when try to find container \\\"5049ea9c3b39c3c6b2d233d60ea6844ac7c639d74b059bb19b3184a81826054a\\\": not found\"", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:10+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:10+00:00" + } + ], + "name": "cass-operator-controller-manager-7d7f55d9cb-bmhtv.17b7809bd13088c2", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1133", + "self_link": null, + "uid": "d056050b-2504-40ed-b685-29b5c5bda261" + }, + "reason": "FailedKillPod", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker3" + }, + "type": "Warning" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:32:48+00:00", + "involved_object": { + "api_version": "apps/v1", + "field_path": null, + "kind": "ReplicaSet", + "name": "cass-operator-controller-manager-7d7f55d9cb", + "namespace": "cass-operator", + "resource_version": "968", + "uid": "ee16aea5-90e7-406a-9292-16f719430a3b" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:32:48+00:00", + "message": "Created pod: cass-operator-controller-manager-7d7f55d9cb-bmhtv", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:32:48+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:32:48+00:00" + } + ], + "name": "cass-operator-controller-manager-7d7f55d9cb.17b78096d83edc14", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "976", + "self_link": null, + "uid": "357898ad-75c6-4582-bd5f-5ee4bbd508e2" + }, + "reason": "SuccessfulCreate", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "replicaset-controller", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:33:09+00:00", + "involved_object": { + "api_version": "apps/v1", + "field_path": null, + "kind": "ReplicaSet", + "name": "cass-operator-controller-manager-7d7f55d9cb", + "namespace": "cass-operator", + "resource_version": "1114", + "uid": "ee16aea5-90e7-406a-9292-16f719430a3b" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:33:09+00:00", + "message": "Deleted pod: cass-operator-controller-manager-7d7f55d9cb-bmhtv", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:09+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:09+00:00" + } + ], + "name": "cass-operator-controller-manager-7d7f55d9cb.17b7809b8db4ebf2", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1120", + "self_link": null, + "uid": "a260413d-6424-4677-b2e3-c33b4bcffc4c" + }, + "reason": "SuccessfulDelete", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "replicaset-controller", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:32:59+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "Pod", + "name": "cass-operator-controller-manager-7f9b66678b-z6j64", + "namespace": "cass-operator", + "resource_version": "1060", + "uid": "cb769fc5-2138-4ed6-a67a-6809b9982242" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:32:59+00:00", + "message": "Successfully assigned cass-operator/cass-operator-controller-manager-7f9b66678b-z6j64 to acto-0-cluster-0-worker3", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:32:59+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-scheduler", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:32:59+00:00" + } + ], + "name": "cass-operator-controller-manager-7f9b66678b-z6j64.17b7809937c3ec2e", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1065", + "self_link": null, + "uid": "64d08747-8d0c-4a1a-b4f9-098865badd25" + }, + "reason": "Scheduled", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "default-scheduler", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:32:59+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{manager}", + "kind": "Pod", + "name": "cass-operator-controller-manager-7f9b66678b-z6j64", + "namespace": "cass-operator", + "resource_version": "1062", + "uid": "cb769fc5-2138-4ed6-a67a-6809b9982242" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:32:59+00:00", + "message": "Container image \"k8ssandra/cass-operator:v1.10.3\" already present on machine", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:32:59+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:32:59+00:00" + } + ], + "name": "cass-operator-controller-manager-7f9b66678b-z6j64.17b78099548fba25", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1071", + "self_link": null, + "uid": "581e9943-0d55-45f3-9dd2-c3e0c9c43133" + }, + "reason": "Pulled", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker3" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:32:59+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{manager}", + "kind": "Pod", + "name": "cass-operator-controller-manager-7f9b66678b-z6j64", + "namespace": "cass-operator", + "resource_version": "1062", + "uid": "cb769fc5-2138-4ed6-a67a-6809b9982242" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:32:59+00:00", + "message": "Created container manager", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:32:59+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:32:59+00:00" + } + ], + "name": "cass-operator-controller-manager-7f9b66678b-z6j64.17b7809955c82176", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1072", + "self_link": null, + "uid": "ce832a39-64ed-474e-bf45-858b7ced15db" + }, + "reason": "Created", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker3" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:32:59+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{manager}", + "kind": "Pod", + "name": "cass-operator-controller-manager-7f9b66678b-z6j64", + "namespace": "cass-operator", + "resource_version": "1062", + "uid": "cb769fc5-2138-4ed6-a67a-6809b9982242" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:32:59+00:00", + "message": "Started container manager", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:32:59+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:32:59+00:00" + } + ], + "name": "cass-operator-controller-manager-7f9b66678b-z6j64.17b780995fef39a1", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1073", + "self_link": null, + "uid": "dcaadf9d-28c2-48e4-bd8f-316f2444be9e" + }, + "reason": "Started", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker3" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:32:59+00:00", + "involved_object": { + "api_version": "apps/v1", + "field_path": null, + "kind": "ReplicaSet", + "name": "cass-operator-controller-manager-7f9b66678b", + "namespace": "cass-operator", + "resource_version": "1058", + "uid": "e38b5d98-937b-4f7a-9830-ede14d9e8f42" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:32:59+00:00", + "message": "Created pod: cass-operator-controller-manager-7f9b66678b-z6j64", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:32:59+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:32:59+00:00" + } + ], + "name": "cass-operator-controller-manager-7f9b66678b.17b7809937a72248", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1063", + "self_link": null, + "uid": "499b9514-27e7-4ab6-8952-90d850823ec4" + }, + "reason": "SuccessfulCreate", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "replicaset-controller", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:32:48+00:00", + "involved_object": { + "api_version": "apps/v1", + "field_path": null, + "kind": "Deployment", + "name": "cass-operator-controller-manager", + "namespace": "cass-operator", + "resource_version": "966", + "uid": "df3d20c7-d213-4071-8f88-541e84b55bd6" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:32:48+00:00", + "message": "Scaled up replica set cass-operator-controller-manager-7d7f55d9cb to 1", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:32:48+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:32:48+00:00" + } + ], + "name": "cass-operator-controller-manager.17b78096d75838b9", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "969", + "self_link": null, + "uid": "4c66bc33-d876-44f8-93a8-52aa010af91f" + }, + "reason": "ScalingReplicaSet", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "deployment-controller", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:32:59+00:00", + "involved_object": { + "api_version": "apps/v1", + "field_path": null, + "kind": "Deployment", + "name": "cass-operator-controller-manager", + "namespace": "cass-operator", + "resource_version": "1057", + "uid": "df3d20c7-d213-4071-8f88-541e84b55bd6" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:32:59+00:00", + "message": "Scaled up replica set cass-operator-controller-manager-7f9b66678b to 1", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:32:59+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:32:59+00:00" + } + ], + "name": "cass-operator-controller-manager.17b78099375f2223", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1059", + "self_link": null, + "uid": "f6b0b036-5f1e-4b70-9914-253f13899266" + }, + "reason": "ScalingReplicaSet", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "deployment-controller", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:33:09+00:00", + "involved_object": { + "api_version": "apps/v1", + "field_path": null, + "kind": "Deployment", + "name": "cass-operator-controller-manager", + "namespace": "cass-operator", + "resource_version": "1069", + "uid": "df3d20c7-d213-4071-8f88-541e84b55bd6" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:33:09+00:00", + "message": "Scaled down replica set cass-operator-controller-manager-7d7f55d9cb to 0", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:09+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:09+00:00" + } + ], + "name": "cass-operator-controller-manager.17b7809b8d519b99", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1115", + "self_link": null, + "uid": "835ae817-dc2c-42f4-a5c9-dc0786df9a77" + }, + "reason": "ScalingReplicaSet", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "deployment-controller", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:32:49+00:00", + "involved_object": { + "api_version": "cert-manager.io/v1", + "field_path": null, + "kind": "CertificateRequest", + "name": "cass-operator-serving-cert-xshw4", + "namespace": "cass-operator", + "resource_version": "994", + "uid": "2014f6c2-d7c5-421e-9386-f820843fec26" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:32:49+00:00", + "message": "Certificate request has been approved by cert-manager.io", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:32:49+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "controller", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:32:49+00:00" + } + ], + "name": "cass-operator-serving-cert-xshw4.17b78096e27725b4", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "997", + "self_link": null, + "uid": "7aa06295-d8f8-445c-84f8-eff388ecea35" + }, + "reason": "cert-manager.io", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "cert-manager", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:32:49+00:00", + "involved_object": { + "api_version": "cert-manager.io/v1", + "field_path": null, + "kind": "CertificateRequest", + "name": "cass-operator-serving-cert-xshw4", + "namespace": "cass-operator", + "resource_version": "996", + "uid": "2014f6c2-d7c5-421e-9386-f820843fec26" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:32:49+00:00", + "message": "Certificate will be issued with an empty Issuer DN, which contravenes RFC 5280 and could break some strict clients", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:32:49+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "controller", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:32:49+00:00" + } + ], + "name": "cass-operator-serving-cert-xshw4.17b78096e27b315f", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "998", + "self_link": null, + "uid": "cceab21c-4bef-43e3-8997-18e1daa29426" + }, + "reason": "BadConfig", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "cert-manager", + "host": null + }, + "type": "Warning" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:32:49+00:00", + "involved_object": { + "api_version": "cert-manager.io/v1", + "field_path": null, + "kind": "CertificateRequest", + "name": "cass-operator-serving-cert-xshw4", + "namespace": "cass-operator", + "resource_version": "996", + "uid": "2014f6c2-d7c5-421e-9386-f820843fec26" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:32:49+00:00", + "message": "Certificate fetched from issuer successfully", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:32:49+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "controller", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:32:49+00:00" + } + ], + "name": "cass-operator-serving-cert-xshw4.17b78096e28f0e34", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "999", + "self_link": null, + "uid": "b78eef05-a23f-45d9-a13a-691a31de1b7f" + }, + "reason": "CertificateIssued", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "cert-manager", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:32:49+00:00", + "involved_object": { + "api_version": "cert-manager.io/v1", + "field_path": null, + "kind": "Certificate", + "name": "cass-operator-serving-cert", + "namespace": "cass-operator", + "resource_version": "984", + "uid": "59224551-272c-4f41-9753-d5b3722066de" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:32:49+00:00", + "message": "Issuing certificate as Secret does not exist", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:32:49+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "controller", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:32:49+00:00" + } + ], + "name": "cass-operator-serving-cert.17b78096dc45aa9b", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "989", + "self_link": null, + "uid": "828b4ca4-8651-43cb-9fbc-51285caf3ee5" + }, + "reason": "Issuing", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "cert-manager", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:32:49+00:00", + "involved_object": { + "api_version": "cert-manager.io/v1", + "field_path": null, + "kind": "Certificate", + "name": "cass-operator-serving-cert", + "namespace": "cass-operator", + "resource_version": "988", + "uid": "59224551-272c-4f41-9753-d5b3722066de" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:32:49+00:00", + "message": "Stored new private key in temporary Secret resource \"cass-operator-serving-cert-jcd45\"", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:32:49+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "controller", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:32:49+00:00" + } + ], + "name": "cass-operator-serving-cert.17b78096e16effc6", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "992", + "self_link": null, + "uid": "2df0ab27-2dd8-4608-8264-b14c734258d3" + }, + "reason": "Generated", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "cert-manager", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:32:49+00:00", + "involved_object": { + "api_version": "cert-manager.io/v1", + "field_path": null, + "kind": "Certificate", + "name": "cass-operator-serving-cert", + "namespace": "cass-operator", + "resource_version": "993", + "uid": "59224551-272c-4f41-9753-d5b3722066de" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:32:49+00:00", + "message": "Created new CertificateRequest resource \"cass-operator-serving-cert-xshw4\"", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:32:49+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "controller", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:32:49+00:00" + } + ], + "name": "cass-operator-serving-cert.17b78096e1f36629", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "995", + "self_link": null, + "uid": "b4d96ad9-1103-43c3-ad7c-8b1e9fdb9e6c" + }, + "reason": "Requested", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "cert-manager", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:32:49+00:00", + "involved_object": { + "api_version": "cert-manager.io/v1", + "field_path": null, + "kind": "Certificate", + "name": "cass-operator-serving-cert", + "namespace": "cass-operator", + "resource_version": "993", + "uid": "59224551-272c-4f41-9753-d5b3722066de" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:32:49+00:00", + "message": "The certificate has been successfully issued", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:32:49+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "controller", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:32:49+00:00" + } + ], + "name": "cass-operator-serving-cert.17b78096e34dbc53", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1004", + "self_link": null, + "uid": "f8ec773f-14dd-4e41-9478-b61eb19ce215" + }, + "reason": "Issuing", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "cert-manager", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:33:50+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "Endpoints", + "name": "cluster1-test-cluster-all-pods-service", + "namespace": "cass-operator", + "resource_version": "1388", + "uid": "187bdfe8-5ecd-47db-a200-44d84b6ba723" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:33:50+00:00", + "message": "Failed to update endpoint cass-operator/cluster1-test-cluster-all-pods-service: Operation cannot be fulfilled on endpoints \"cluster1-test-cluster-all-pods-service\": the object has been modified; please apply your changes to the latest version and try again", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:50+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:50+00:00" + } + ], + "name": "cluster1-test-cluster-all-pods-service.17b780a52bc73612", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1408", + "self_link": null, + "uid": "ea53a2e3-6487-4544-84a9-5e9091ec7ccb" + }, + "reason": "FailedToUpdateEndpoint", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "endpoint-controller", + "host": null + }, + "type": "Warning" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:33:33+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "Pod", + "name": "cluster1-test-cluster-default-sts-0", + "namespace": "cass-operator", + "resource_version": "1213", + "uid": "e5322c75-6c05-4e97-90b8-c11bb1c04973" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:33:33+00:00", + "message": "Successfully assigned cass-operator/cluster1-test-cluster-default-sts-0 to acto-0-cluster-0-worker2", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:33+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-scheduler", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:33+00:00" + } + ], + "name": "cluster1-test-cluster-default-sts-0.17b780a121a80034", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1296", + "self_link": null, + "uid": "9b7e58ba-a058-4cb9-b124-f38d07c2690f" + }, + "reason": "Scheduled", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "default-scheduler", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 5, + "event_time": null, + "first_timestamp": "2024-02-26T19:33:33+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "Pod", + "name": "cluster1-test-cluster-default-sts-0", + "namespace": "cass-operator", + "resource_version": "1295", + "uid": "e5322c75-6c05-4e97-90b8-c11bb1c04973" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:33:40+00:00", + "message": "MountVolume.SetUp failed for volume \"encryption-cred-storage\" : secret \"test-cluster-keystore\" not found", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:33+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:33+00:00" + } + ], + "name": "cluster1-test-cluster-default-sts-0.17b780a12cd1bcf0", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1347", + "self_link": null, + "uid": "c85f315b-a93e-4bec-aa43-797d36dafd6e" + }, + "reason": "FailedMount", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker2" + }, + "type": "Warning" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:33:49+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.initContainers{server-config-init}", + "kind": "Pod", + "name": "cluster1-test-cluster-default-sts-0", + "namespace": "cass-operator", + "resource_version": "1295", + "uid": "e5322c75-6c05-4e97-90b8-c11bb1c04973" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:33:49+00:00", + "message": "Container image \"datastax/cass-config-builder:1.0.4-ubi7\" already present on machine", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:49+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:49+00:00" + } + ], + "name": "cluster1-test-cluster-default-sts-0.17b780a4e0bb895a", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1384", + "self_link": null, + "uid": "0d1e118c-22f4-474d-a500-d8da48f476f1" + }, + "reason": "Pulled", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker2" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:33:49+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.initContainers{server-config-init}", + "kind": "Pod", + "name": "cluster1-test-cluster-default-sts-0", + "namespace": "cass-operator", + "resource_version": "1295", + "uid": "e5322c75-6c05-4e97-90b8-c11bb1c04973" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:33:49+00:00", + "message": "Created container server-config-init", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:49+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:49+00:00" + } + ], + "name": "cluster1-test-cluster-default-sts-0.17b780a4e2652bf5", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1385", + "self_link": null, + "uid": "7c4c400b-ddfe-4686-abd8-1db9796c62bc" + }, + "reason": "Created", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker2" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:33:49+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.initContainers{server-config-init}", + "kind": "Pod", + "name": "cluster1-test-cluster-default-sts-0", + "namespace": "cass-operator", + "resource_version": "1295", + "uid": "e5322c75-6c05-4e97-90b8-c11bb1c04973" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:33:49+00:00", + "message": "Started container server-config-init", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:49+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:49+00:00" + } + ], + "name": "cluster1-test-cluster-default-sts-0.17b780a4e920f019", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1386", + "self_link": null, + "uid": "717ae1ae-6871-44da-acbf-5a1d565bd231" + }, + "reason": "Started", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker2" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:33:52+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{cassandra}", + "kind": "Pod", + "name": "cluster1-test-cluster-default-sts-0", + "namespace": "cass-operator", + "resource_version": "1295", + "uid": "e5322c75-6c05-4e97-90b8-c11bb1c04973" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:33:52+00:00", + "message": "Container image \"k8ssandra/cass-management-api:3.11.7\" already present on machine", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:52+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:52+00:00" + } + ], + "name": "cluster1-test-cluster-default-sts-0.17b780a59fea383e", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1418", + "self_link": null, + "uid": "81cb153b-606c-4c1a-afe7-3c6ff655c2da" + }, + "reason": "Pulled", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker2" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:33:52+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{cassandra}", + "kind": "Pod", + "name": "cluster1-test-cluster-default-sts-0", + "namespace": "cass-operator", + "resource_version": "1295", + "uid": "e5322c75-6c05-4e97-90b8-c11bb1c04973" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:33:52+00:00", + "message": "Created container cassandra", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:52+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:52+00:00" + } + ], + "name": "cluster1-test-cluster-default-sts-0.17b780a5a0ee7f1b", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1420", + "self_link": null, + "uid": "f55a979c-686b-4171-bc40-7601d902f616" + }, + "reason": "Created", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker2" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:33:52+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{cassandra}", + "kind": "Pod", + "name": "cluster1-test-cluster-default-sts-0", + "namespace": "cass-operator", + "resource_version": "1295", + "uid": "e5322c75-6c05-4e97-90b8-c11bb1c04973" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:33:52+00:00", + "message": "Started container cassandra", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:52+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:52+00:00" + } + ], + "name": "cluster1-test-cluster-default-sts-0.17b780a5a87f086e", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1421", + "self_link": null, + "uid": "e0db1819-cee3-42ef-aa5f-4fd73f7e1873" + }, + "reason": "Started", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker2" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:33:52+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{server-system-logger}", + "kind": "Pod", + "name": "cluster1-test-cluster-default-sts-0", + "namespace": "cass-operator", + "resource_version": "1295", + "uid": "e5322c75-6c05-4e97-90b8-c11bb1c04973" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:33:52+00:00", + "message": "Container image \"k8ssandra/system-logger:v1.10.3\" already present on machine", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:52+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:52+00:00" + } + ], + "name": "cluster1-test-cluster-default-sts-0.17b780a5a882cfa3", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1422", + "self_link": null, + "uid": "cc7a38cf-9598-4e44-b167-124a07ad13d0" + }, + "reason": "Pulled", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker2" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:33:52+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{server-system-logger}", + "kind": "Pod", + "name": "cluster1-test-cluster-default-sts-0", + "namespace": "cass-operator", + "resource_version": "1295", + "uid": "e5322c75-6c05-4e97-90b8-c11bb1c04973" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:33:52+00:00", + "message": "Created container server-system-logger", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:52+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:52+00:00" + } + ], + "name": "cluster1-test-cluster-default-sts-0.17b780a5aaf45d55", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1423", + "self_link": null, + "uid": "57a5a3ce-70e7-4582-9783-f0bf45359f8b" + }, + "reason": "Created", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker2" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:33:52+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{server-system-logger}", + "kind": "Pod", + "name": "cluster1-test-cluster-default-sts-0", + "namespace": "cass-operator", + "resource_version": "1295", + "uid": "e5322c75-6c05-4e97-90b8-c11bb1c04973" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:33:52+00:00", + "message": "Started container server-system-logger", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:52+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:52+00:00" + } + ], + "name": "cluster1-test-cluster-default-sts-0.17b780a5bd908110", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1428", + "self_link": null, + "uid": "6d881074-eac8-4bd5-b1f3-d39d8df00fc1" + }, + "reason": "Started", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker2" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:34:13+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{cassandra}", + "kind": "Pod", + "name": "cluster1-test-cluster-default-sts-0", + "namespace": "cass-operator", + "resource_version": "1295", + "uid": "e5322c75-6c05-4e97-90b8-c11bb1c04973" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:34:13+00:00", + "message": "Readiness probe failed: HTTP probe failed with statuscode: 500", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:34:13+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:34:13+00:00" + } + ], + "name": "cluster1-test-cluster-default-sts-0.17b780aa72320a75", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1519", + "self_link": null, + "uid": "1b4078ca-949a-49f8-a598-93961ca1abc2" + }, + "reason": "Unhealthy", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker2" + }, + "type": "Warning" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:33:34+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "Pod", + "name": "cluster1-test-cluster-default-sts-1", + "namespace": "cass-operator", + "resource_version": "1220", + "uid": "142b87e9-242a-4cad-aa89-7164a010c1b0" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:33:34+00:00", + "message": "Successfully assigned cass-operator/cluster1-test-cluster-default-sts-1 to acto-0-cluster-0-worker", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:34+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-scheduler", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:34+00:00" + } + ], + "name": "cluster1-test-cluster-default-sts-1.17b780a15d79f179", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1313", + "self_link": null, + "uid": "58ff2be0-d2d6-4ae1-ac1c-b03983bcbd76" + }, + "reason": "Scheduled", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "default-scheduler", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 5, + "event_time": null, + "first_timestamp": "2024-02-26T19:33:34+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "Pod", + "name": "cluster1-test-cluster-default-sts-1", + "namespace": "cass-operator", + "resource_version": "1311", + "uid": "142b87e9-242a-4cad-aa89-7164a010c1b0" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:33:41+00:00", + "message": "MountVolume.SetUp failed for volume \"encryption-cred-storage\" : secret \"test-cluster-keystore\" not found", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:34+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:34+00:00" + } + ], + "name": "cluster1-test-cluster-default-sts-1.17b780a1694de523", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1351", + "self_link": null, + "uid": "b0568206-c861-4e7f-a870-dbcec5488e75" + }, + "reason": "FailedMount", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker" + }, + "type": "Warning" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:33:50+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.initContainers{server-config-init}", + "kind": "Pod", + "name": "cluster1-test-cluster-default-sts-1", + "namespace": "cass-operator", + "resource_version": "1311", + "uid": "142b87e9-242a-4cad-aa89-7164a010c1b0" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:33:50+00:00", + "message": "Container image \"datastax/cass-config-builder:1.0.4-ubi7\" already present on machine", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:50+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:50+00:00" + } + ], + "name": "cluster1-test-cluster-default-sts-1.17b780a51bc1c2fa", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1392", + "self_link": null, + "uid": "6732c1f4-acb5-446a-a43a-786f37868b63" + }, + "reason": "Pulled", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:33:50+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.initContainers{server-config-init}", + "kind": "Pod", + "name": "cluster1-test-cluster-default-sts-1", + "namespace": "cass-operator", + "resource_version": "1311", + "uid": "142b87e9-242a-4cad-aa89-7164a010c1b0" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:33:50+00:00", + "message": "Created container server-config-init", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:50+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:50+00:00" + } + ], + "name": "cluster1-test-cluster-default-sts-1.17b780a51d3a910d", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1394", + "self_link": null, + "uid": "a869481c-4ff1-4b18-9740-314adf3e1fd0" + }, + "reason": "Created", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:33:50+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.initContainers{server-config-init}", + "kind": "Pod", + "name": "cluster1-test-cluster-default-sts-1", + "namespace": "cass-operator", + "resource_version": "1311", + "uid": "142b87e9-242a-4cad-aa89-7164a010c1b0" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:33:50+00:00", + "message": "Started container server-config-init", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:50+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:50+00:00" + } + ], + "name": "cluster1-test-cluster-default-sts-1.17b780a52402b159", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1396", + "self_link": null, + "uid": "6d8acc9d-a6bc-4e49-98a8-ec5452e66487" + }, + "reason": "Started", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:33:53+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{cassandra}", + "kind": "Pod", + "name": "cluster1-test-cluster-default-sts-1", + "namespace": "cass-operator", + "resource_version": "1311", + "uid": "142b87e9-242a-4cad-aa89-7164a010c1b0" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:33:53+00:00", + "message": "Container image \"k8ssandra/cass-management-api:3.11.7\" already present on machine", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:53+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:53+00:00" + } + ], + "name": "cluster1-test-cluster-default-sts-1.17b780a5dd7a330d", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1432", + "self_link": null, + "uid": "c8f7b2ea-c833-470c-bd3d-bd9850cd9ccd" + }, + "reason": "Pulled", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:33:53+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{cassandra}", + "kind": "Pod", + "name": "cluster1-test-cluster-default-sts-1", + "namespace": "cass-operator", + "resource_version": "1311", + "uid": "142b87e9-242a-4cad-aa89-7164a010c1b0" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:33:53+00:00", + "message": "Created container cassandra", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:53+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:53+00:00" + } + ], + "name": "cluster1-test-cluster-default-sts-1.17b780a5df942cae", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1436", + "self_link": null, + "uid": "3df7f462-85c1-421f-a8b3-2d5baa76d072" + }, + "reason": "Created", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:33:53+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{cassandra}", + "kind": "Pod", + "name": "cluster1-test-cluster-default-sts-1", + "namespace": "cass-operator", + "resource_version": "1311", + "uid": "142b87e9-242a-4cad-aa89-7164a010c1b0" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:33:53+00:00", + "message": "Started container cassandra", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:53+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:53+00:00" + } + ], + "name": "cluster1-test-cluster-default-sts-1.17b780a5e682c17a", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1440", + "self_link": null, + "uid": "2ecce790-a935-4a75-b181-23041b2bbb62" + }, + "reason": "Started", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:33:53+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{server-system-logger}", + "kind": "Pod", + "name": "cluster1-test-cluster-default-sts-1", + "namespace": "cass-operator", + "resource_version": "1311", + "uid": "142b87e9-242a-4cad-aa89-7164a010c1b0" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:33:53+00:00", + "message": "Container image \"k8ssandra/system-logger:v1.10.3\" already present on machine", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:53+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:53+00:00" + } + ], + "name": "cluster1-test-cluster-default-sts-1.17b780a5e6874381", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1441", + "self_link": null, + "uid": "1b6c4a6a-e87b-46cf-951c-d1b597c80de4" + }, + "reason": "Pulled", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:33:53+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{server-system-logger}", + "kind": "Pod", + "name": "cluster1-test-cluster-default-sts-1", + "namespace": "cass-operator", + "resource_version": "1311", + "uid": "142b87e9-242a-4cad-aa89-7164a010c1b0" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:33:53+00:00", + "message": "Created container server-system-logger", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:53+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:53+00:00" + } + ], + "name": "cluster1-test-cluster-default-sts-1.17b780a5ea6ba1b4", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1443", + "self_link": null, + "uid": "bfe6d9ae-6c8f-42c6-9386-d8b292ae3096" + }, + "reason": "Created", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:33:54+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{server-system-logger}", + "kind": "Pod", + "name": "cluster1-test-cluster-default-sts-1", + "namespace": "cass-operator", + "resource_version": "1311", + "uid": "142b87e9-242a-4cad-aa89-7164a010c1b0" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:33:54+00:00", + "message": "Started container server-system-logger", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:54+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:54+00:00" + } + ], + "name": "cluster1-test-cluster-default-sts-1.17b780a5fe65cf80", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1444", + "self_link": null, + "uid": "f22ff48a-c020-4fab-956a-fa7f4a086401" + }, + "reason": "Started", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 11, + "event_time": null, + "first_timestamp": "2024-02-26T19:34:14+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{cassandra}", + "kind": "Pod", + "name": "cluster1-test-cluster-default-sts-1", + "namespace": "cass-operator", + "resource_version": "1311", + "uid": "142b87e9-242a-4cad-aa89-7164a010c1b0" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:35:34+00:00", + "message": "Readiness probe failed: HTTP probe failed with statuscode: 500", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:34:14+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:34:14+00:00" + } + ], + "name": "cluster1-test-cluster-default-sts-1.17b780aaadf5a195", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1835", + "self_link": null, + "uid": "cb748768-3ef5-45ab-9f03-98f55316f4ad" + }, + "reason": "Unhealthy", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker" + }, + "type": "Warning" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:33:34+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "Pod", + "name": "cluster1-test-cluster-default-sts-2", + "namespace": "cass-operator", + "resource_version": "1230", + "uid": "939bdbbf-0ce4-4888-b71e-12983ba5c9aa" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:33:34+00:00", + "message": "Successfully assigned cass-operator/cluster1-test-cluster-default-sts-2 to acto-0-cluster-0-worker3", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:34+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-scheduler", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:34+00:00" + } + ], + "name": "cluster1-test-cluster-default-sts-2.17b780a15dcbbf74", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1316", + "self_link": null, + "uid": "9d12a848-2f02-4b9e-8f09-e6ddf32d037f" + }, + "reason": "Scheduled", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "default-scheduler", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 5, + "event_time": null, + "first_timestamp": "2024-02-26T19:33:34+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "Pod", + "name": "cluster1-test-cluster-default-sts-2", + "namespace": "cass-operator", + "resource_version": "1314", + "uid": "939bdbbf-0ce4-4888-b71e-12983ba5c9aa" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:33:41+00:00", + "message": "MountVolume.SetUp failed for volume \"encryption-cred-storage\" : secret \"test-cluster-keystore\" not found", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:34+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:34+00:00" + } + ], + "name": "cluster1-test-cluster-default-sts-2.17b780a16d4e9ef7", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1352", + "self_link": null, + "uid": "ecc7ef34-c65d-44a9-9888-3fc2d0972d9f" + }, + "reason": "FailedMount", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker3" + }, + "type": "Warning" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:33:50+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.initContainers{server-config-init}", + "kind": "Pod", + "name": "cluster1-test-cluster-default-sts-2", + "namespace": "cass-operator", + "resource_version": "1314", + "uid": "939bdbbf-0ce4-4888-b71e-12983ba5c9aa" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:33:50+00:00", + "message": "Container image \"datastax/cass-config-builder:1.0.4-ubi7\" already present on machine", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:50+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:50+00:00" + } + ], + "name": "cluster1-test-cluster-default-sts-2.17b780a51bf2e7c3", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1393", + "self_link": null, + "uid": "053e8fd0-2659-4df5-9f59-7e1037d51b20" + }, + "reason": "Pulled", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker3" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:33:50+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.initContainers{server-config-init}", + "kind": "Pod", + "name": "cluster1-test-cluster-default-sts-2", + "namespace": "cass-operator", + "resource_version": "1314", + "uid": "939bdbbf-0ce4-4888-b71e-12983ba5c9aa" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:33:50+00:00", + "message": "Created container server-config-init", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:50+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:50+00:00" + } + ], + "name": "cluster1-test-cluster-default-sts-2.17b780a51d3a91ac", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1395", + "self_link": null, + "uid": "bc68a90a-6904-46d9-999f-3041872fe4af" + }, + "reason": "Created", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker3" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:33:50+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.initContainers{server-config-init}", + "kind": "Pod", + "name": "cluster1-test-cluster-default-sts-2", + "namespace": "cass-operator", + "resource_version": "1314", + "uid": "939bdbbf-0ce4-4888-b71e-12983ba5c9aa" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:33:50+00:00", + "message": "Started container server-config-init", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:50+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:50+00:00" + } + ], + "name": "cluster1-test-cluster-default-sts-2.17b780a5245deddd", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1397", + "self_link": null, + "uid": "89ca76c4-ce99-4180-b1d1-fc9539a5375b" + }, + "reason": "Started", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker3" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:33:53+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{cassandra}", + "kind": "Pod", + "name": "cluster1-test-cluster-default-sts-2", + "namespace": "cass-operator", + "resource_version": "1314", + "uid": "939bdbbf-0ce4-4888-b71e-12983ba5c9aa" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:33:53+00:00", + "message": "Container image \"k8ssandra/cass-management-api:3.11.7\" already present on machine", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:53+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:53+00:00" + } + ], + "name": "cluster1-test-cluster-default-sts-2.17b780a5dd80122e", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1433", + "self_link": null, + "uid": "7be2ab75-3235-4017-8980-faf4753238b1" + }, + "reason": "Pulled", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker3" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:33:53+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{cassandra}", + "kind": "Pod", + "name": "cluster1-test-cluster-default-sts-2", + "namespace": "cass-operator", + "resource_version": "1314", + "uid": "939bdbbf-0ce4-4888-b71e-12983ba5c9aa" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:33:53+00:00", + "message": "Created container cassandra", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:53+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:53+00:00" + } + ], + "name": "cluster1-test-cluster-default-sts-2.17b780a5dfa0cbf7", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1437", + "self_link": null, + "uid": "c5501d58-6d39-4a80-ba86-26c5c830b19b" + }, + "reason": "Created", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker3" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:33:53+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{cassandra}", + "kind": "Pod", + "name": "cluster1-test-cluster-default-sts-2", + "namespace": "cass-operator", + "resource_version": "1314", + "uid": "939bdbbf-0ce4-4888-b71e-12983ba5c9aa" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:33:53+00:00", + "message": "Started container cassandra", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:53+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:53+00:00" + } + ], + "name": "cluster1-test-cluster-default-sts-2.17b780a5e63e8be3", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1438", + "self_link": null, + "uid": "74846a78-8eaa-44eb-bbee-68d37ce60f26" + }, + "reason": "Started", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker3" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:33:53+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{server-system-logger}", + "kind": "Pod", + "name": "cluster1-test-cluster-default-sts-2", + "namespace": "cass-operator", + "resource_version": "1314", + "uid": "939bdbbf-0ce4-4888-b71e-12983ba5c9aa" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:33:53+00:00", + "message": "Container image \"k8ssandra/system-logger:v1.10.3\" already present on machine", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:53+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:53+00:00" + } + ], + "name": "cluster1-test-cluster-default-sts-2.17b780a5e64598fc", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1439", + "self_link": null, + "uid": "3b2a59cd-4e85-41c2-8b84-457076a79598" + }, + "reason": "Pulled", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker3" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:33:53+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{server-system-logger}", + "kind": "Pod", + "name": "cluster1-test-cluster-default-sts-2", + "namespace": "cass-operator", + "resource_version": "1314", + "uid": "939bdbbf-0ce4-4888-b71e-12983ba5c9aa" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:33:53+00:00", + "message": "Created container server-system-logger", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:53+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:53+00:00" + } + ], + "name": "cluster1-test-cluster-default-sts-2.17b780a5e83daedd", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1442", + "self_link": null, + "uid": "a3a2aa2c-c7a0-4de3-9786-43b3b15fc5b1" + }, + "reason": "Created", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker3" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:33:54+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{server-system-logger}", + "kind": "Pod", + "name": "cluster1-test-cluster-default-sts-2", + "namespace": "cass-operator", + "resource_version": "1314", + "uid": "939bdbbf-0ce4-4888-b71e-12983ba5c9aa" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:33:54+00:00", + "message": "Started container server-system-logger", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:54+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:54+00:00" + } + ], + "name": "cluster1-test-cluster-default-sts-2.17b780a5ff7a1be4", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1445", + "self_link": null, + "uid": "d414e2c7-9462-4708-9068-a63c94a86a41" + }, + "reason": "Started", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker3" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 8, + "event_time": null, + "first_timestamp": "2024-02-26T19:34:14+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{cassandra}", + "kind": "Pod", + "name": "cluster1-test-cluster-default-sts-2", + "namespace": "cass-operator", + "resource_version": "1314", + "uid": "939bdbbf-0ce4-4888-b71e-12983ba5c9aa" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:35:14+00:00", + "message": "Readiness probe failed: HTTP probe failed with statuscode: 500", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:34:14+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:34:14+00:00" + } + ], + "name": "cluster1-test-cluster-default-sts-2.17b780aaae4106dc", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1744", + "self_link": null, + "uid": "4bebab18-f4dd-46f1-a843-794853e9e501" + }, + "reason": "Unhealthy", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker3" + }, + "type": "Warning" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:33:30+00:00", + "involved_object": { + "api_version": "apps/v1", + "field_path": null, + "kind": "StatefulSet", + "name": "cluster1-test-cluster-default-sts", + "namespace": "cass-operator", + "resource_version": "1207", + "uid": "f34321ea-cb8c-422e-8e25-043ede05be43" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:33:30+00:00", + "message": "create Claim server-data-cluster1-test-cluster-default-sts-0 Pod cluster1-test-cluster-default-sts-0 in StatefulSet cluster1-test-cluster-default-sts success", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:30+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:30+00:00" + } + ], + "name": "cluster1-test-cluster-default-sts.17b780a06e26817f", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1212", + "self_link": null, + "uid": "f7dfe283-c496-4c38-8911-38e31f24931e" + }, + "reason": "SuccessfulCreate", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "statefulset-controller", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:33:30+00:00", + "involved_object": { + "api_version": "apps/v1", + "field_path": null, + "kind": "StatefulSet", + "name": "cluster1-test-cluster-default-sts", + "namespace": "cass-operator", + "resource_version": "1207", + "uid": "f34321ea-cb8c-422e-8e25-043ede05be43" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:33:30+00:00", + "message": "create Pod cluster1-test-cluster-default-sts-0 in StatefulSet cluster1-test-cluster-default-sts successful", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:30+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:30+00:00" + } + ], + "name": "cluster1-test-cluster-default-sts.17b780a06e551a4b", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1214", + "self_link": null, + "uid": "90201f19-d3fc-4299-a4a2-aca332291e92" + }, + "reason": "SuccessfulCreate", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "statefulset-controller", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:33:30+00:00", + "involved_object": { + "api_version": "apps/v1", + "field_path": null, + "kind": "StatefulSet", + "name": "cluster1-test-cluster-default-sts", + "namespace": "cass-operator", + "resource_version": "1207", + "uid": "f34321ea-cb8c-422e-8e25-043ede05be43" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:33:30+00:00", + "message": "create Claim server-data-cluster1-test-cluster-default-sts-1 Pod cluster1-test-cluster-default-sts-1 in StatefulSet cluster1-test-cluster-default-sts success", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:30+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:30+00:00" + } + ], + "name": "cluster1-test-cluster-default-sts.17b780a06e79efbf", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1218", + "self_link": null, + "uid": "683cd0f0-9dfc-44ac-b46e-c78148e19f9b" + }, + "reason": "SuccessfulCreate", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "statefulset-controller", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:33:30+00:00", + "involved_object": { + "api_version": "apps/v1", + "field_path": null, + "kind": "StatefulSet", + "name": "cluster1-test-cluster-default-sts", + "namespace": "cass-operator", + "resource_version": "1207", + "uid": "f34321ea-cb8c-422e-8e25-043ede05be43" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:33:30+00:00", + "message": "create Pod cluster1-test-cluster-default-sts-1 in StatefulSet cluster1-test-cluster-default-sts successful", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:30+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:30+00:00" + } + ], + "name": "cluster1-test-cluster-default-sts.17b780a06eaf9248", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1222", + "self_link": null, + "uid": "145cfbe8-7ef9-4856-b4cf-f0001e0f694b" + }, + "reason": "SuccessfulCreate", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "statefulset-controller", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:33:30+00:00", + "involved_object": { + "api_version": "apps/v1", + "field_path": null, + "kind": "StatefulSet", + "name": "cluster1-test-cluster-default-sts", + "namespace": "cass-operator", + "resource_version": "1207", + "uid": "f34321ea-cb8c-422e-8e25-043ede05be43" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:33:30+00:00", + "message": "create Claim server-data-cluster1-test-cluster-default-sts-2 Pod cluster1-test-cluster-default-sts-2 in StatefulSet cluster1-test-cluster-default-sts success", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:30+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:30+00:00" + } + ], + "name": "cluster1-test-cluster-default-sts.17b780a06ee3bf95", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1227", + "self_link": null, + "uid": "e59f51f5-d0eb-4229-b726-98d1db91fa1e" + }, + "reason": "SuccessfulCreate", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "statefulset-controller", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:33:30+00:00", + "involved_object": { + "api_version": "apps/v1", + "field_path": null, + "kind": "StatefulSet", + "name": "cluster1-test-cluster-default-sts", + "namespace": "cass-operator", + "resource_version": "1207", + "uid": "f34321ea-cb8c-422e-8e25-043ede05be43" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:33:30+00:00", + "message": "create Pod cluster1-test-cluster-default-sts-2 in StatefulSet cluster1-test-cluster-default-sts successful", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:30+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:30+00:00" + } + ], + "name": "cluster1-test-cluster-default-sts.17b780a06f198f10", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1234", + "self_link": null, + "uid": "3fb7b81a-b237-404a-927c-52cf6a16a725" + }, + "reason": "SuccessfulCreate", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "statefulset-controller", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:33:50+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "Endpoints", + "name": "cluster1-test-cluster-service", + "namespace": "cass-operator", + "resource_version": "1389", + "uid": "279f15dd-d046-4501-a5a5-365b12a8c9a8" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:33:50+00:00", + "message": "Failed to update endpoint cass-operator/cluster1-test-cluster-service: Operation cannot be fulfilled on endpoints \"cluster1-test-cluster-service\": the object has been modified; please apply your changes to the latest version and try again", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:50+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:50+00:00" + } + ], + "name": "cluster1-test-cluster-service.17b780a52bc733ad", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1407", + "self_link": null, + "uid": "292392ad-89ce-4211-a0eb-a7a2629fc28e" + }, + "reason": "FailedToUpdateEndpoint", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "endpoint-controller", + "host": null + }, + "type": "Warning" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:33:30+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "PersistentVolumeClaim", + "name": "server-data-cluster1-test-cluster-default-sts-0", + "namespace": "cass-operator", + "resource_version": "1211", + "uid": "b78a30f1-4bf6-43d3-9df5-d10275907d6f" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:33:30+00:00", + "message": "waiting for first consumer to be created before binding", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:30+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:30+00:00" + } + ], + "name": "server-data-cluster1-test-cluster-default-sts-0.17b780a06e489826", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1221", + "self_link": null, + "uid": "7ba031c3-0084-4533-b025-c2842ead249d" + }, + "reason": "WaitForFirstConsumer", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "persistentvolume-controller", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 2, + "event_time": null, + "first_timestamp": "2024-02-26T19:33:30+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "PersistentVolumeClaim", + "name": "server-data-cluster1-test-cluster-default-sts-0", + "namespace": "cass-operator", + "resource_version": "1226", + "uid": "b78a30f1-4bf6-43d3-9df5-d10275907d6f" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:33:30+00:00", + "message": "waiting for a volume to be created, either by external provisioner \"rancher.io/local-path\" or manually created by system administrator", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:30+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:30+00:00" + } + ], + "name": "server-data-cluster1-test-cluster-default-sts-0.17b780a06ef29aec", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1249", + "self_link": null, + "uid": "dde21c64-ab1c-4319-9122-07b17eeb84f8" + }, + "reason": "ExternalProvisioning", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "persistentvolume-controller", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:33:30+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "PersistentVolumeClaim", + "name": "server-data-cluster1-test-cluster-default-sts-0", + "namespace": "cass-operator", + "resource_version": "1226", + "uid": "b78a30f1-4bf6-43d3-9df5-d10275907d6f" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:33:30+00:00", + "message": "External provisioner is provisioning volume for claim \"cass-operator/server-data-cluster1-test-cluster-default-sts-0\"", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:30+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "local-path-provisioner", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:30+00:00" + } + ], + "name": "server-data-cluster1-test-cluster-default-sts-0.17b780a06f34d42c", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1236", + "self_link": null, + "uid": "ce9ebbd7-70ec-4490-b651-1b12349187ca" + }, + "reason": "Provisioning", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "rancher.io/local-path_local-path-provisioner-5bb5788f44-7cpkm_5decbb85-8e4d-4409-9f33-7841251db022", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:33:32+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "PersistentVolumeClaim", + "name": "server-data-cluster1-test-cluster-default-sts-0", + "namespace": "cass-operator", + "resource_version": "1226", + "uid": "b78a30f1-4bf6-43d3-9df5-d10275907d6f" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:33:32+00:00", + "message": "Successfully provisioned volume pvc-b78a30f1-4bf6-43d3-9df5-d10275907d6f", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:32+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "local-path-provisioner", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:32+00:00" + } + ], + "name": "server-data-cluster1-test-cluster-default-sts-0.17b780a0f24a67bc", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1289", + "self_link": null, + "uid": "61c16445-7b15-48eb-8e23-755717e21bd7" + }, + "reason": "ProvisioningSucceeded", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "rancher.io/local-path_local-path-provisioner-5bb5788f44-7cpkm_5decbb85-8e4d-4409-9f33-7841251db022", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:33:30+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "PersistentVolumeClaim", + "name": "server-data-cluster1-test-cluster-default-sts-1", + "namespace": "cass-operator", + "resource_version": "1216", + "uid": "5921cc87-b65e-4389-9c27-bfd4674f40dc" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:33:30+00:00", + "message": "waiting for first consumer to be created before binding", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:30+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:30+00:00" + } + ], + "name": "server-data-cluster1-test-cluster-default-sts-1.17b780a06e7b2649", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1224", + "self_link": null, + "uid": "68004291-8d01-4969-95e9-fd2b609442e1" + }, + "reason": "WaitForFirstConsumer", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "persistentvolume-controller", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 2, + "event_time": null, + "first_timestamp": "2024-02-26T19:33:30+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "PersistentVolumeClaim", + "name": "server-data-cluster1-test-cluster-default-sts-1", + "namespace": "cass-operator", + "resource_version": "1229", + "uid": "5921cc87-b65e-4389-9c27-bfd4674f40dc" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:33:30+00:00", + "message": "waiting for a volume to be created, either by external provisioner \"rancher.io/local-path\" or manually created by system administrator", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:30+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:30+00:00" + } + ], + "name": "server-data-cluster1-test-cluster-default-sts-1.17b780a06efe266e", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1250", + "self_link": null, + "uid": "6d176d05-4720-46d8-94d5-bda0666c1dd5" + }, + "reason": "ExternalProvisioning", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "persistentvolume-controller", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:33:30+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "PersistentVolumeClaim", + "name": "server-data-cluster1-test-cluster-default-sts-1", + "namespace": "cass-operator", + "resource_version": "1229", + "uid": "5921cc87-b65e-4389-9c27-bfd4674f40dc" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:33:30+00:00", + "message": "External provisioner is provisioning volume for claim \"cass-operator/server-data-cluster1-test-cluster-default-sts-1\"", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:30+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "local-path-provisioner", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:30+00:00" + } + ], + "name": "server-data-cluster1-test-cluster-default-sts-1.17b780a06f4457c0", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1238", + "self_link": null, + "uid": "06c43b28-8afa-4ddb-ad9b-32ae9f664d9d" + }, + "reason": "Provisioning", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "rancher.io/local-path_local-path-provisioner-5bb5788f44-7cpkm_5decbb85-8e4d-4409-9f33-7841251db022", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:33:33+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "PersistentVolumeClaim", + "name": "server-data-cluster1-test-cluster-default-sts-1", + "namespace": "cass-operator", + "resource_version": "1229", + "uid": "5921cc87-b65e-4389-9c27-bfd4674f40dc" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:33:33+00:00", + "message": "Successfully provisioned volume pvc-5921cc87-b65e-4389-9c27-bfd4674f40dc", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:33+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "local-path-provisioner", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:33+00:00" + } + ], + "name": "server-data-cluster1-test-cluster-default-sts-1.17b780a121e126d8", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1305", + "self_link": null, + "uid": "4ae95be4-0eae-4956-92c9-f05dc064bcb6" + }, + "reason": "ProvisioningSucceeded", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "rancher.io/local-path_local-path-provisioner-5bb5788f44-7cpkm_5decbb85-8e4d-4409-9f33-7841251db022", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:33:30+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "PersistentVolumeClaim", + "name": "server-data-cluster1-test-cluster-default-sts-2", + "namespace": "cass-operator", + "resource_version": "1223", + "uid": "46c1b026-ace4-4bb1-83b7-39b6f5a2cb7f" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:33:30+00:00", + "message": "waiting for first consumer to be created before binding", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:30+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:30+00:00" + } + ], + "name": "server-data-cluster1-test-cluster-default-sts-2.17b780a06ee0bbbc", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1228", + "self_link": null, + "uid": "b5416c3f-7ce0-4d5f-affa-fe11ff08ebd3" + }, + "reason": "WaitForFirstConsumer", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "persistentvolume-controller", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 2, + "event_time": null, + "first_timestamp": "2024-02-26T19:33:30+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "PersistentVolumeClaim", + "name": "server-data-cluster1-test-cluster-default-sts-2", + "namespace": "cass-operator", + "resource_version": "1237", + "uid": "46c1b026-ace4-4bb1-83b7-39b6f5a2cb7f" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:33:30+00:00", + "message": "waiting for a volume to be created, either by external provisioner \"rancher.io/local-path\" or manually created by system administrator", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:30+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:30+00:00" + } + ], + "name": "server-data-cluster1-test-cluster-default-sts-2.17b780a06f841708", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1251", + "self_link": null, + "uid": "4c51198a-d64d-49ca-af5c-6d71d18fea84" + }, + "reason": "ExternalProvisioning", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "persistentvolume-controller", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:33:30+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "PersistentVolumeClaim", + "name": "server-data-cluster1-test-cluster-default-sts-2", + "namespace": "cass-operator", + "resource_version": "1237", + "uid": "46c1b026-ace4-4bb1-83b7-39b6f5a2cb7f" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:33:30+00:00", + "message": "External provisioner is provisioning volume for claim \"cass-operator/server-data-cluster1-test-cluster-default-sts-2\"", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:30+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "local-path-provisioner", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:30+00:00" + } + ], + "name": "server-data-cluster1-test-cluster-default-sts-2.17b780a06fa73a23", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1248", + "self_link": null, + "uid": "5045f6be-2f45-4ca6-bdbb-a4f421d125e2" + }, + "reason": "Provisioning", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "rancher.io/local-path_local-path-provisioner-5bb5788f44-7cpkm_5decbb85-8e4d-4409-9f33-7841251db022", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:33:33+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "PersistentVolumeClaim", + "name": "server-data-cluster1-test-cluster-default-sts-2", + "namespace": "cass-operator", + "resource_version": "1237", + "uid": "46c1b026-ace4-4bb1-83b7-39b6f5a2cb7f" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:33:33+00:00", + "message": "Successfully provisioned volume pvc-46c1b026-ace4-4bb1-83b7-39b6f5a2cb7f", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:34+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "local-path-provisioner", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:34+00:00" + } + ], + "name": "server-data-cluster1-test-cluster-default-sts-2.17b780a145a9b68a", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1312", + "self_link": null, + "uid": "196abf14-5639-4ec5-b109-87a85b82cd74" + }, + "reason": "ProvisioningSucceeded", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "rancher.io/local-path_local-path-provisioner-5bb5788f44-7cpkm_5decbb85-8e4d-4409-9f33-7841251db022", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:33:30+00:00", + "involved_object": { + "api_version": "cassandra.datastax.com/v1beta1", + "field_path": null, + "kind": "CassandraDatacenter", + "name": "test-cluster", + "namespace": "cass-operator", + "resource_version": "1189", + "uid": "9b81ee5e-f473-4cc4-8eba-88b9581a973d" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:33:30+00:00", + "message": "Created service cluster1-test-cluster-service", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:30+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:30+00:00" + } + ], + "name": "test-cluster.17b780a066874845", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1192", + "self_link": null, + "uid": "97a5d22a-895f-4434-9101-43fcc4823e86" + }, + "reason": "CreatedResource", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "cass-operator", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:33:30+00:00", + "involved_object": { + "api_version": "cassandra.datastax.com/v1beta1", + "field_path": null, + "kind": "CassandraDatacenter", + "name": "test-cluster", + "namespace": "cass-operator", + "resource_version": "1189", + "uid": "9b81ee5e-f473-4cc4-8eba-88b9581a973d" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:33:30+00:00", + "message": "Created service cluster1-seed-service", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:30+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:30+00:00" + } + ], + "name": "test-cluster.17b780a0669f50af", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1194", + "self_link": null, + "uid": "0cca2b0f-8083-4312-93c9-c42725b01abd" + }, + "reason": "CreatedResource", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "cass-operator", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:33:30+00:00", + "involved_object": { + "api_version": "cassandra.datastax.com/v1beta1", + "field_path": null, + "kind": "CassandraDatacenter", + "name": "test-cluster", + "namespace": "cass-operator", + "resource_version": "1189", + "uid": "9b81ee5e-f473-4cc4-8eba-88b9581a973d" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:33:30+00:00", + "message": "Created service cluster1-test-cluster-all-pods-service", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:30+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:30+00:00" + } + ], + "name": "test-cluster.17b780a066c4b8d1", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1199", + "self_link": null, + "uid": "ca6a40d2-bade-4084-a30c-7d0b0880f212" + }, + "reason": "CreatedResource", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "cass-operator", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:33:30+00:00", + "involved_object": { + "api_version": "cassandra.datastax.com/v1beta1", + "field_path": null, + "kind": "CassandraDatacenter", + "name": "test-cluster", + "namespace": "cass-operator", + "resource_version": "1189", + "uid": "9b81ee5e-f473-4cc4-8eba-88b9581a973d" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:33:30+00:00", + "message": "Created service cluster1-test-cluster-additional-seed-service", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:30+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:30+00:00" + } + ], + "name": "test-cluster.17b780a066ea4c1e", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1203", + "self_link": null, + "uid": "88ed55d6-8b36-4988-bcc3-0e659fe0fcc2" + }, + "reason": "CreatedResource", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "cass-operator", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:33:30+00:00", + "involved_object": { + "api_version": "cassandra.datastax.com/v1beta1", + "field_path": null, + "kind": "CassandraDatacenter", + "name": "test-cluster", + "namespace": "cass-operator", + "resource_version": "1206", + "uid": "9b81ee5e-f473-4cc4-8eba-88b9581a973d" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:33:30+00:00", + "message": "Created statefulset cluster1-test-cluster-default-sts", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:30+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:30+00:00" + } + ], + "name": "test-cluster.17b780a06d762f64", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1208", + "self_link": null, + "uid": "c5bca11a-22ea-43bb-a070-e6fe76df5b04" + }, + "reason": "CreatedResource", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "cass-operator", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:34:03+00:00", + "involved_object": { + "api_version": "cassandra.datastax.com/v1beta1", + "field_path": null, + "kind": "CassandraDatacenter", + "name": "test-cluster", + "namespace": "cass-operator", + "resource_version": "1369", + "uid": "9b81ee5e-f473-4cc4-8eba-88b9581a973d" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:34:03+00:00", + "message": "Labeled pod a seed node cluster1-test-cluster-default-sts-0", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:34:03+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:34:03+00:00" + } + ], + "name": "test-cluster.17b780a81c8d4c8f", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1484", + "self_link": null, + "uid": "998a1bed-463d-45f2-b01d-48efe5d0a190" + }, + "reason": "LabeledPodAsSeed", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "cass-operator", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:34:08+00:00", + "involved_object": { + "api_version": "cassandra.datastax.com/v1beta1", + "field_path": null, + "kind": "CassandraDatacenter", + "name": "test-cluster", + "namespace": "cass-operator", + "resource_version": "1369", + "uid": "9b81ee5e-f473-4cc4-8eba-88b9581a973d" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:34:08+00:00", + "message": "Starting Cassandra for pod cluster1-test-cluster-default-sts-0", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:34:08+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:34:08+00:00" + } + ], + "name": "test-cluster.17b780a9469c0a3e", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1498", + "self_link": null, + "uid": "7fe54c6f-790e-4b33-8af1-8cb0489c44d4" + }, + "reason": "StartingCassandra", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "cass-operator", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:34:28+00:00", + "involved_object": { + "api_version": "cassandra.datastax.com/v1beta1", + "field_path": null, + "kind": "CassandraDatacenter", + "name": "test-cluster", + "namespace": "cass-operator", + "resource_version": "1579", + "uid": "9b81ee5e-f473-4cc4-8eba-88b9581a973d" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:34:28+00:00", + "message": "Started Cassandra for pod cluster1-test-cluster-default-sts-0", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:34:28+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:34:28+00:00" + } + ], + "name": "test-cluster.17b780adfc8b0101", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1580", + "self_link": null, + "uid": "3bd20f2d-8c01-46c0-ba2d-1750a96f8bc4" + }, + "reason": "StartedCassandra", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "cass-operator", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:34:28+00:00", + "involved_object": { + "api_version": "cassandra.datastax.com/v1beta1", + "field_path": null, + "kind": "CassandraDatacenter", + "name": "test-cluster", + "namespace": "cass-operator", + "resource_version": "1579", + "uid": "9b81ee5e-f473-4cc4-8eba-88b9581a973d" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:34:28+00:00", + "message": "Starting Cassandra for pod cluster1-test-cluster-default-sts-2", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:34:28+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:34:28+00:00" + } + ], + "name": "test-cluster.17b780adfd764234", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1582", + "self_link": null, + "uid": "ab2a8a84-00d7-4192-a06e-436cfe07dd07" + }, + "reason": "StartingCassandra", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "cass-operator", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:35:24+00:00", + "involved_object": { + "api_version": "cassandra.datastax.com/v1beta1", + "field_path": null, + "kind": "CassandraDatacenter", + "name": "test-cluster", + "namespace": "cass-operator", + "resource_version": "1754", + "uid": "9b81ee5e-f473-4cc4-8eba-88b9581a973d" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:35:24+00:00", + "message": "Labeled as seed node pod cluster1-test-cluster-default-sts-2", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:35:24+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:35:24+00:00" + } + ], + "name": "test-cluster.17b780bafbb78bd5", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1788", + "self_link": null, + "uid": "2bec650e-773b-4163-8af3-7c83189c4f16" + }, + "reason": "LabeledPodAsSeed", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "cass-operator", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:35:24+00:00", + "involved_object": { + "api_version": "cassandra.datastax.com/v1beta1", + "field_path": null, + "kind": "CassandraDatacenter", + "name": "test-cluster", + "namespace": "cass-operator", + "resource_version": "1754", + "uid": "9b81ee5e-f473-4cc4-8eba-88b9581a973d" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:35:24+00:00", + "message": "Started Cassandra for pod cluster1-test-cluster-default-sts-2", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:35:24+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:35:24+00:00" + } + ], + "name": "test-cluster.17b780bafc714add", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1792", + "self_link": null, + "uid": "f8695ae9-6665-435c-b47f-5a59274a477a" + }, + "reason": "StartedCassandra", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "cass-operator", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:35:24+00:00", + "involved_object": { + "api_version": "cassandra.datastax.com/v1beta1", + "field_path": null, + "kind": "CassandraDatacenter", + "name": "test-cluster", + "namespace": "cass-operator", + "resource_version": "1754", + "uid": "9b81ee5e-f473-4cc4-8eba-88b9581a973d" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:35:24+00:00", + "message": "Starting Cassandra for pod cluster1-test-cluster-default-sts-1", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:35:24+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:35:24+00:00" + } + ], + "name": "test-cluster.17b780bafddb8a91", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1794", + "self_link": null, + "uid": "a9935a16-b449-4a4e-9595-0faa7fbdd5fb" + }, + "reason": "StartingCassandra", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "cass-operator", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:36:14+00:00", + "involved_object": { + "api_version": "cassandra.datastax.com/v1beta1", + "field_path": null, + "kind": "CassandraDatacenter", + "name": "test-cluster", + "namespace": "cass-operator", + "resource_version": "1960", + "uid": "9b81ee5e-f473-4cc4-8eba-88b9581a973d" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:36:14+00:00", + "message": "Labeled as seed node pod cluster1-test-cluster-default-sts-1", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:36:14+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:36:14+00:00" + } + ], + "name": "test-cluster.17b780c6a00d148f", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1971", + "self_link": null, + "uid": "fa01b29e-301f-49d8-85eb-409b94f5e8b5" + }, + "reason": "LabeledPodAsSeed", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "cass-operator", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:36:14+00:00", + "involved_object": { + "api_version": "cassandra.datastax.com/v1beta1", + "field_path": null, + "kind": "CassandraDatacenter", + "name": "test-cluster", + "namespace": "cass-operator", + "resource_version": "1960", + "uid": "9b81ee5e-f473-4cc4-8eba-88b9581a973d" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:36:14+00:00", + "message": "Started Cassandra for pod cluster1-test-cluster-default-sts-1", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:36:14+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:36:14+00:00" + } + ], + "name": "test-cluster.17b780c6a0e8a98c", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1975", + "self_link": null, + "uid": "8a7cdd6c-9e2c-4950-b4c0-c9d5ae5eb2ab" + }, + "reason": "StartedCassandra", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "cass-operator", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:36:14+00:00", + "involved_object": { + "api_version": "cassandra.datastax.com/v1beta1", + "field_path": null, + "kind": "CassandraDatacenter", + "name": "test-cluster", + "namespace": "cass-operator", + "resource_version": "1960", + "uid": "9b81ee5e-f473-4cc4-8eba-88b9581a973d" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:36:14+00:00", + "message": "Created PodDisruptionBudget test-cluster-pdb", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:36:14+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:36:14+00:00" + } + ], + "name": "test-cluster.17b780c6a2662eec", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1978", + "self_link": null, + "uid": "da2043b8-26d5-4cdf-a5bf-9b0e4bd6a3d5" + }, + "reason": "CreatedResource", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "cass-operator", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 5, + "event_time": null, + "first_timestamp": "2024-02-26T19:36:14+00:00", + "involved_object": { + "api_version": "cassandra.datastax.com/v1beta1", + "field_path": null, + "kind": "CassandraDatacenter", + "name": "test-cluster", + "namespace": "cass-operator", + "resource_version": "1960", + "uid": "9b81ee5e-f473-4cc4-8eba-88b9581a973d" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:37:15+00:00", + "message": "Created users", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:36:14+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:36:14+00:00" + } + ], + "name": "test-cluster.17b780c6a7392ced", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "2211", + "self_link": null, + "uid": "ef0d5f06-0ac9-46ad-88ee-6e0a27702fd1" + }, + "reason": "CreatedUsers", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "cass-operator", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 5, + "event_time": null, + "first_timestamp": "2024-02-26T19:36:14+00:00", + "involved_object": { + "api_version": "cassandra.datastax.com/v1beta1", + "field_path": null, + "kind": "CassandraDatacenter", + "name": "test-cluster", + "namespace": "cass-operator", + "resource_version": "1960", + "uid": "9b81ee5e-f473-4cc4-8eba-88b9581a973d" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:37:15+00:00", + "message": "Created superuser", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:36:14+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:36:14+00:00" + } + ], + "name": "test-cluster.17b780c6a739537f", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "2212", + "self_link": null, + "uid": "99eff182-881b-4e69-8647-7cd0d1345d44" + }, + "reason": "CreatedSuperuser", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "cass-operator", + "host": null + }, + "type": "Normal" + } + ], + "kind": "EventList", + "metadata": { + "_continue": null, + "remaining_item_count": null, + "resource_version": "2413", + "self_link": null + } +} diff --git a/docs/alarm_examples/true_alarm/events-002.json b/docs/alarm_examples/true_alarm/events-002.json new file mode 100644 index 0000000000..e63ccb5a9c --- /dev/null +++ b/docs/alarm_examples/true_alarm/events-002.json @@ -0,0 +1,6753 @@ +{ + "api_version": "v1", + "items": [ + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:32:50+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "ConfigMap", + "name": "b569adb7.cassandra.datastax.com", + "namespace": "cass-operator", + "resource_version": "1013", + "uid": "addfb43f-462e-43d9-8c36-adfb859f3c69" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:32:50+00:00", + "message": "cass-operator-controller-manager-7d7f55d9cb-bmhtv_7c812c80-59b2-4c52-8c15-f2a5793780b0 became leader", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:32:50+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:32:50+00:00" + } + ], + "name": "b569adb7.cassandra.datastax.com.17b78097228fa12d", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1015", + "self_link": null, + "uid": "b8dad311-fdd0-4191-9d22-407f76d95127" + }, + "reason": "LeaderElection", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "cass-operator-controller-manager-7d7f55d9cb-bmhtv_7c812c80-59b2-4c52-8c15-f2a5793780b0", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:32:50+00:00", + "involved_object": { + "api_version": "coordination.k8s.io/v1", + "field_path": null, + "kind": "Lease", + "name": "b569adb7.cassandra.datastax.com", + "namespace": "cass-operator", + "resource_version": "1014", + "uid": "2c322f6d-370b-40cf-8edb-07813ca2f90f" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:32:50+00:00", + "message": "cass-operator-controller-manager-7d7f55d9cb-bmhtv_7c812c80-59b2-4c52-8c15-f2a5793780b0 became leader", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:32:50+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:32:50+00:00" + } + ], + "name": "b569adb7.cassandra.datastax.com.17b78097228fb73e", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1016", + "self_link": null, + "uid": "8dfbd7f0-567d-401f-94ac-38fa4938f6c3" + }, + "reason": "LeaderElection", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "cass-operator-controller-manager-7d7f55d9cb-bmhtv_7c812c80-59b2-4c52-8c15-f2a5793780b0", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:33:24+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "ConfigMap", + "name": "b569adb7.cassandra.datastax.com", + "namespace": "cass-operator", + "resource_version": "1168", + "uid": "addfb43f-462e-43d9-8c36-adfb859f3c69" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:33:24+00:00", + "message": "cass-operator-controller-manager-7f9b66678b-z6j64_6c9b4450-3b5f-46e2-b713-650dfa0b8f7f became leader", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:24+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:24+00:00" + } + ], + "name": "b569adb7.cassandra.datastax.com.17b7809f22396f65", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1170", + "self_link": null, + "uid": "e8671371-f71c-4106-afa0-d97fa580b917" + }, + "reason": "LeaderElection", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "cass-operator-controller-manager-7f9b66678b-z6j64_6c9b4450-3b5f-46e2-b713-650dfa0b8f7f", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:33:24+00:00", + "involved_object": { + "api_version": "coordination.k8s.io/v1", + "field_path": null, + "kind": "Lease", + "name": "b569adb7.cassandra.datastax.com", + "namespace": "cass-operator", + "resource_version": "1169", + "uid": "2c322f6d-370b-40cf-8edb-07813ca2f90f" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:33:24+00:00", + "message": "cass-operator-controller-manager-7f9b66678b-z6j64_6c9b4450-3b5f-46e2-b713-650dfa0b8f7f became leader", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:24+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:24+00:00" + } + ], + "name": "b569adb7.cassandra.datastax.com.17b7809f223985ee", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1171", + "self_link": null, + "uid": "b2ee970c-9b43-4094-9ab2-3af5e3f158e0" + }, + "reason": "LeaderElection", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "cass-operator-controller-manager-7f9b66678b-z6j64_6c9b4450-3b5f-46e2-b713-650dfa0b8f7f", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:32:48+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "Pod", + "name": "cass-operator-controller-manager-7d7f55d9cb-bmhtv", + "namespace": "cass-operator", + "resource_version": "970", + "uid": "6f9e04c8-3c2b-4e7e-a554-91a903b003b3" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:32:48+00:00", + "message": "Successfully assigned cass-operator/cass-operator-controller-manager-7d7f55d9cb-bmhtv to acto-0-cluster-0-worker3", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:32:48+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-scheduler", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:32:48+00:00" + } + ], + "name": "cass-operator-controller-manager-7d7f55d9cb-bmhtv.17b78096d8cd91c5", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "978", + "self_link": null, + "uid": "2035ec1e-9bc3-4a85-aec9-6d6c86710bbc" + }, + "reason": "Scheduled", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "default-scheduler", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:32:49+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{manager}", + "kind": "Pod", + "name": "cass-operator-controller-manager-7d7f55d9cb-bmhtv", + "namespace": "cass-operator", + "resource_version": "975", + "uid": "6f9e04c8-3c2b-4e7e-a554-91a903b003b3" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:32:49+00:00", + "message": "Container image \"k8ssandra/cass-operator:v1.10.3\" already present on machine", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:32:49+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:32:49+00:00" + } + ], + "name": "cass-operator-controller-manager-7d7f55d9cb-bmhtv.17b78096f96dd470", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1009", + "self_link": null, + "uid": "853bdd4c-0e95-44ff-9703-575ea7517897" + }, + "reason": "Pulled", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker3" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:32:49+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{manager}", + "kind": "Pod", + "name": "cass-operator-controller-manager-7d7f55d9cb-bmhtv", + "namespace": "cass-operator", + "resource_version": "975", + "uid": "6f9e04c8-3c2b-4e7e-a554-91a903b003b3" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:32:49+00:00", + "message": "Created container manager", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:32:49+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:32:49+00:00" + } + ], + "name": "cass-operator-controller-manager-7d7f55d9cb-bmhtv.17b78096faeddc79", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1010", + "self_link": null, + "uid": "f2856902-e7c0-4ce3-983b-51cb0b84a506" + }, + "reason": "Created", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker3" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:32:49+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{manager}", + "kind": "Pod", + "name": "cass-operator-controller-manager-7d7f55d9cb-bmhtv", + "namespace": "cass-operator", + "resource_version": "975", + "uid": "6f9e04c8-3c2b-4e7e-a554-91a903b003b3" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:32:49+00:00", + "message": "Started container manager", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:32:49+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:32:49+00:00" + } + ], + "name": "cass-operator-controller-manager-7d7f55d9cb-bmhtv.17b7809705fa09e5", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1011", + "self_link": null, + "uid": "1cebfee3-0e13-40c5-8fb5-022bfb09a861" + }, + "reason": "Started", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker3" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 2, + "event_time": null, + "first_timestamp": "2024-02-26T19:33:09+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{manager}", + "kind": "Pod", + "name": "cass-operator-controller-manager-7d7f55d9cb-bmhtv", + "namespace": "cass-operator", + "resource_version": "975", + "uid": "6f9e04c8-3c2b-4e7e-a554-91a903b003b3" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:33:10+00:00", + "message": "Stopping container manager", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:09+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:09+00:00" + } + ], + "name": "cass-operator-controller-manager-7d7f55d9cb-bmhtv.17b7809b8db02ac9", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1132", + "self_link": null, + "uid": "c996222b-b180-43eb-8fbc-dc23b4d5c1fc" + }, + "reason": "Killing", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker3" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:33:10+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "Pod", + "name": "cass-operator-controller-manager-7d7f55d9cb-bmhtv", + "namespace": "cass-operator", + "resource_version": null, + "uid": "6f9e04c8-3c2b-4e7e-a554-91a903b003b3" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:33:10+00:00", + "message": "error killing pod: failed to \"KillContainer\" for \"manager\" with KillContainerError: \"rpc error: code = NotFound desc = an error occurred when try to find container \\\"5049ea9c3b39c3c6b2d233d60ea6844ac7c639d74b059bb19b3184a81826054a\\\": not found\"", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:10+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:10+00:00" + } + ], + "name": "cass-operator-controller-manager-7d7f55d9cb-bmhtv.17b7809bd13088c2", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1133", + "self_link": null, + "uid": "d056050b-2504-40ed-b685-29b5c5bda261" + }, + "reason": "FailedKillPod", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker3" + }, + "type": "Warning" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:32:48+00:00", + "involved_object": { + "api_version": "apps/v1", + "field_path": null, + "kind": "ReplicaSet", + "name": "cass-operator-controller-manager-7d7f55d9cb", + "namespace": "cass-operator", + "resource_version": "968", + "uid": "ee16aea5-90e7-406a-9292-16f719430a3b" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:32:48+00:00", + "message": "Created pod: cass-operator-controller-manager-7d7f55d9cb-bmhtv", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:32:48+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:32:48+00:00" + } + ], + "name": "cass-operator-controller-manager-7d7f55d9cb.17b78096d83edc14", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "976", + "self_link": null, + "uid": "357898ad-75c6-4582-bd5f-5ee4bbd508e2" + }, + "reason": "SuccessfulCreate", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "replicaset-controller", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:33:09+00:00", + "involved_object": { + "api_version": "apps/v1", + "field_path": null, + "kind": "ReplicaSet", + "name": "cass-operator-controller-manager-7d7f55d9cb", + "namespace": "cass-operator", + "resource_version": "1114", + "uid": "ee16aea5-90e7-406a-9292-16f719430a3b" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:33:09+00:00", + "message": "Deleted pod: cass-operator-controller-manager-7d7f55d9cb-bmhtv", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:09+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:09+00:00" + } + ], + "name": "cass-operator-controller-manager-7d7f55d9cb.17b7809b8db4ebf2", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1120", + "self_link": null, + "uid": "a260413d-6424-4677-b2e3-c33b4bcffc4c" + }, + "reason": "SuccessfulDelete", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "replicaset-controller", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:32:59+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "Pod", + "name": "cass-operator-controller-manager-7f9b66678b-z6j64", + "namespace": "cass-operator", + "resource_version": "1060", + "uid": "cb769fc5-2138-4ed6-a67a-6809b9982242" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:32:59+00:00", + "message": "Successfully assigned cass-operator/cass-operator-controller-manager-7f9b66678b-z6j64 to acto-0-cluster-0-worker3", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:32:59+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-scheduler", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:32:59+00:00" + } + ], + "name": "cass-operator-controller-manager-7f9b66678b-z6j64.17b7809937c3ec2e", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1065", + "self_link": null, + "uid": "64d08747-8d0c-4a1a-b4f9-098865badd25" + }, + "reason": "Scheduled", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "default-scheduler", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:32:59+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{manager}", + "kind": "Pod", + "name": "cass-operator-controller-manager-7f9b66678b-z6j64", + "namespace": "cass-operator", + "resource_version": "1062", + "uid": "cb769fc5-2138-4ed6-a67a-6809b9982242" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:32:59+00:00", + "message": "Container image \"k8ssandra/cass-operator:v1.10.3\" already present on machine", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:32:59+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:32:59+00:00" + } + ], + "name": "cass-operator-controller-manager-7f9b66678b-z6j64.17b78099548fba25", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1071", + "self_link": null, + "uid": "581e9943-0d55-45f3-9dd2-c3e0c9c43133" + }, + "reason": "Pulled", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker3" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:32:59+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{manager}", + "kind": "Pod", + "name": "cass-operator-controller-manager-7f9b66678b-z6j64", + "namespace": "cass-operator", + "resource_version": "1062", + "uid": "cb769fc5-2138-4ed6-a67a-6809b9982242" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:32:59+00:00", + "message": "Created container manager", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:32:59+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:32:59+00:00" + } + ], + "name": "cass-operator-controller-manager-7f9b66678b-z6j64.17b7809955c82176", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1072", + "self_link": null, + "uid": "ce832a39-64ed-474e-bf45-858b7ced15db" + }, + "reason": "Created", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker3" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:32:59+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{manager}", + "kind": "Pod", + "name": "cass-operator-controller-manager-7f9b66678b-z6j64", + "namespace": "cass-operator", + "resource_version": "1062", + "uid": "cb769fc5-2138-4ed6-a67a-6809b9982242" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:32:59+00:00", + "message": "Started container manager", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:32:59+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:32:59+00:00" + } + ], + "name": "cass-operator-controller-manager-7f9b66678b-z6j64.17b780995fef39a1", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1073", + "self_link": null, + "uid": "dcaadf9d-28c2-48e4-bd8f-316f2444be9e" + }, + "reason": "Started", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker3" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:32:59+00:00", + "involved_object": { + "api_version": "apps/v1", + "field_path": null, + "kind": "ReplicaSet", + "name": "cass-operator-controller-manager-7f9b66678b", + "namespace": "cass-operator", + "resource_version": "1058", + "uid": "e38b5d98-937b-4f7a-9830-ede14d9e8f42" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:32:59+00:00", + "message": "Created pod: cass-operator-controller-manager-7f9b66678b-z6j64", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:32:59+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:32:59+00:00" + } + ], + "name": "cass-operator-controller-manager-7f9b66678b.17b7809937a72248", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1063", + "self_link": null, + "uid": "499b9514-27e7-4ab6-8952-90d850823ec4" + }, + "reason": "SuccessfulCreate", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "replicaset-controller", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:32:48+00:00", + "involved_object": { + "api_version": "apps/v1", + "field_path": null, + "kind": "Deployment", + "name": "cass-operator-controller-manager", + "namespace": "cass-operator", + "resource_version": "966", + "uid": "df3d20c7-d213-4071-8f88-541e84b55bd6" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:32:48+00:00", + "message": "Scaled up replica set cass-operator-controller-manager-7d7f55d9cb to 1", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:32:48+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:32:48+00:00" + } + ], + "name": "cass-operator-controller-manager.17b78096d75838b9", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "969", + "self_link": null, + "uid": "4c66bc33-d876-44f8-93a8-52aa010af91f" + }, + "reason": "ScalingReplicaSet", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "deployment-controller", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:32:59+00:00", + "involved_object": { + "api_version": "apps/v1", + "field_path": null, + "kind": "Deployment", + "name": "cass-operator-controller-manager", + "namespace": "cass-operator", + "resource_version": "1057", + "uid": "df3d20c7-d213-4071-8f88-541e84b55bd6" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:32:59+00:00", + "message": "Scaled up replica set cass-operator-controller-manager-7f9b66678b to 1", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:32:59+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:32:59+00:00" + } + ], + "name": "cass-operator-controller-manager.17b78099375f2223", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1059", + "self_link": null, + "uid": "f6b0b036-5f1e-4b70-9914-253f13899266" + }, + "reason": "ScalingReplicaSet", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "deployment-controller", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:33:09+00:00", + "involved_object": { + "api_version": "apps/v1", + "field_path": null, + "kind": "Deployment", + "name": "cass-operator-controller-manager", + "namespace": "cass-operator", + "resource_version": "1069", + "uid": "df3d20c7-d213-4071-8f88-541e84b55bd6" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:33:09+00:00", + "message": "Scaled down replica set cass-operator-controller-manager-7d7f55d9cb to 0", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:09+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:09+00:00" + } + ], + "name": "cass-operator-controller-manager.17b7809b8d519b99", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1115", + "self_link": null, + "uid": "835ae817-dc2c-42f4-a5c9-dc0786df9a77" + }, + "reason": "ScalingReplicaSet", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "deployment-controller", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:32:49+00:00", + "involved_object": { + "api_version": "cert-manager.io/v1", + "field_path": null, + "kind": "CertificateRequest", + "name": "cass-operator-serving-cert-xshw4", + "namespace": "cass-operator", + "resource_version": "994", + "uid": "2014f6c2-d7c5-421e-9386-f820843fec26" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:32:49+00:00", + "message": "Certificate request has been approved by cert-manager.io", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:32:49+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "controller", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:32:49+00:00" + } + ], + "name": "cass-operator-serving-cert-xshw4.17b78096e27725b4", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "997", + "self_link": null, + "uid": "7aa06295-d8f8-445c-84f8-eff388ecea35" + }, + "reason": "cert-manager.io", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "cert-manager", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:32:49+00:00", + "involved_object": { + "api_version": "cert-manager.io/v1", + "field_path": null, + "kind": "CertificateRequest", + "name": "cass-operator-serving-cert-xshw4", + "namespace": "cass-operator", + "resource_version": "996", + "uid": "2014f6c2-d7c5-421e-9386-f820843fec26" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:32:49+00:00", + "message": "Certificate will be issued with an empty Issuer DN, which contravenes RFC 5280 and could break some strict clients", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:32:49+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "controller", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:32:49+00:00" + } + ], + "name": "cass-operator-serving-cert-xshw4.17b78096e27b315f", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "998", + "self_link": null, + "uid": "cceab21c-4bef-43e3-8997-18e1daa29426" + }, + "reason": "BadConfig", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "cert-manager", + "host": null + }, + "type": "Warning" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:32:49+00:00", + "involved_object": { + "api_version": "cert-manager.io/v1", + "field_path": null, + "kind": "CertificateRequest", + "name": "cass-operator-serving-cert-xshw4", + "namespace": "cass-operator", + "resource_version": "996", + "uid": "2014f6c2-d7c5-421e-9386-f820843fec26" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:32:49+00:00", + "message": "Certificate fetched from issuer successfully", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:32:49+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "controller", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:32:49+00:00" + } + ], + "name": "cass-operator-serving-cert-xshw4.17b78096e28f0e34", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "999", + "self_link": null, + "uid": "b78eef05-a23f-45d9-a13a-691a31de1b7f" + }, + "reason": "CertificateIssued", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "cert-manager", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:32:49+00:00", + "involved_object": { + "api_version": "cert-manager.io/v1", + "field_path": null, + "kind": "Certificate", + "name": "cass-operator-serving-cert", + "namespace": "cass-operator", + "resource_version": "984", + "uid": "59224551-272c-4f41-9753-d5b3722066de" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:32:49+00:00", + "message": "Issuing certificate as Secret does not exist", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:32:49+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "controller", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:32:49+00:00" + } + ], + "name": "cass-operator-serving-cert.17b78096dc45aa9b", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "989", + "self_link": null, + "uid": "828b4ca4-8651-43cb-9fbc-51285caf3ee5" + }, + "reason": "Issuing", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "cert-manager", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:32:49+00:00", + "involved_object": { + "api_version": "cert-manager.io/v1", + "field_path": null, + "kind": "Certificate", + "name": "cass-operator-serving-cert", + "namespace": "cass-operator", + "resource_version": "988", + "uid": "59224551-272c-4f41-9753-d5b3722066de" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:32:49+00:00", + "message": "Stored new private key in temporary Secret resource \"cass-operator-serving-cert-jcd45\"", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:32:49+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "controller", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:32:49+00:00" + } + ], + "name": "cass-operator-serving-cert.17b78096e16effc6", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "992", + "self_link": null, + "uid": "2df0ab27-2dd8-4608-8264-b14c734258d3" + }, + "reason": "Generated", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "cert-manager", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:32:49+00:00", + "involved_object": { + "api_version": "cert-manager.io/v1", + "field_path": null, + "kind": "Certificate", + "name": "cass-operator-serving-cert", + "namespace": "cass-operator", + "resource_version": "993", + "uid": "59224551-272c-4f41-9753-d5b3722066de" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:32:49+00:00", + "message": "Created new CertificateRequest resource \"cass-operator-serving-cert-xshw4\"", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:32:49+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "controller", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:32:49+00:00" + } + ], + "name": "cass-operator-serving-cert.17b78096e1f36629", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "995", + "self_link": null, + "uid": "b4d96ad9-1103-43c3-ad7c-8b1e9fdb9e6c" + }, + "reason": "Requested", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "cert-manager", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:32:49+00:00", + "involved_object": { + "api_version": "cert-manager.io/v1", + "field_path": null, + "kind": "Certificate", + "name": "cass-operator-serving-cert", + "namespace": "cass-operator", + "resource_version": "993", + "uid": "59224551-272c-4f41-9753-d5b3722066de" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:32:49+00:00", + "message": "The certificate has been successfully issued", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:32:49+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "controller", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:32:49+00:00" + } + ], + "name": "cass-operator-serving-cert.17b78096e34dbc53", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1004", + "self_link": null, + "uid": "f8ec773f-14dd-4e41-9478-b61eb19ce215" + }, + "reason": "Issuing", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "cert-manager", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:33:50+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "Endpoints", + "name": "cluster1-test-cluster-all-pods-service", + "namespace": "cass-operator", + "resource_version": "1388", + "uid": "187bdfe8-5ecd-47db-a200-44d84b6ba723" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:33:50+00:00", + "message": "Failed to update endpoint cass-operator/cluster1-test-cluster-all-pods-service: Operation cannot be fulfilled on endpoints \"cluster1-test-cluster-all-pods-service\": the object has been modified; please apply your changes to the latest version and try again", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:50+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:50+00:00" + } + ], + "name": "cluster1-test-cluster-all-pods-service.17b780a52bc73612", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1408", + "self_link": null, + "uid": "ea53a2e3-6487-4544-84a9-5e9091ec7ccb" + }, + "reason": "FailedToUpdateEndpoint", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "endpoint-controller", + "host": null + }, + "type": "Warning" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:33:33+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "Pod", + "name": "cluster1-test-cluster-default-sts-0", + "namespace": "cass-operator", + "resource_version": "1213", + "uid": "e5322c75-6c05-4e97-90b8-c11bb1c04973" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:33:33+00:00", + "message": "Successfully assigned cass-operator/cluster1-test-cluster-default-sts-0 to acto-0-cluster-0-worker2", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:33+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-scheduler", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:33+00:00" + } + ], + "name": "cluster1-test-cluster-default-sts-0.17b780a121a80034", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1296", + "self_link": null, + "uid": "9b7e58ba-a058-4cb9-b124-f38d07c2690f" + }, + "reason": "Scheduled", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "default-scheduler", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 5, + "event_time": null, + "first_timestamp": "2024-02-26T19:33:33+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "Pod", + "name": "cluster1-test-cluster-default-sts-0", + "namespace": "cass-operator", + "resource_version": "1295", + "uid": "e5322c75-6c05-4e97-90b8-c11bb1c04973" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:33:40+00:00", + "message": "MountVolume.SetUp failed for volume \"encryption-cred-storage\" : secret \"test-cluster-keystore\" not found", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:33+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:33+00:00" + } + ], + "name": "cluster1-test-cluster-default-sts-0.17b780a12cd1bcf0", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1347", + "self_link": null, + "uid": "c85f315b-a93e-4bec-aa43-797d36dafd6e" + }, + "reason": "FailedMount", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker2" + }, + "type": "Warning" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:33:49+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.initContainers{server-config-init}", + "kind": "Pod", + "name": "cluster1-test-cluster-default-sts-0", + "namespace": "cass-operator", + "resource_version": "1295", + "uid": "e5322c75-6c05-4e97-90b8-c11bb1c04973" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:33:49+00:00", + "message": "Container image \"datastax/cass-config-builder:1.0.4-ubi7\" already present on machine", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:49+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:49+00:00" + } + ], + "name": "cluster1-test-cluster-default-sts-0.17b780a4e0bb895a", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1384", + "self_link": null, + "uid": "0d1e118c-22f4-474d-a500-d8da48f476f1" + }, + "reason": "Pulled", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker2" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:33:49+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.initContainers{server-config-init}", + "kind": "Pod", + "name": "cluster1-test-cluster-default-sts-0", + "namespace": "cass-operator", + "resource_version": "1295", + "uid": "e5322c75-6c05-4e97-90b8-c11bb1c04973" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:33:49+00:00", + "message": "Created container server-config-init", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:49+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:49+00:00" + } + ], + "name": "cluster1-test-cluster-default-sts-0.17b780a4e2652bf5", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1385", + "self_link": null, + "uid": "7c4c400b-ddfe-4686-abd8-1db9796c62bc" + }, + "reason": "Created", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker2" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:33:49+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.initContainers{server-config-init}", + "kind": "Pod", + "name": "cluster1-test-cluster-default-sts-0", + "namespace": "cass-operator", + "resource_version": "1295", + "uid": "e5322c75-6c05-4e97-90b8-c11bb1c04973" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:33:49+00:00", + "message": "Started container server-config-init", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:49+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:49+00:00" + } + ], + "name": "cluster1-test-cluster-default-sts-0.17b780a4e920f019", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1386", + "self_link": null, + "uid": "717ae1ae-6871-44da-acbf-5a1d565bd231" + }, + "reason": "Started", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker2" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:33:52+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{cassandra}", + "kind": "Pod", + "name": "cluster1-test-cluster-default-sts-0", + "namespace": "cass-operator", + "resource_version": "1295", + "uid": "e5322c75-6c05-4e97-90b8-c11bb1c04973" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:33:52+00:00", + "message": "Container image \"k8ssandra/cass-management-api:3.11.7\" already present on machine", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:52+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:52+00:00" + } + ], + "name": "cluster1-test-cluster-default-sts-0.17b780a59fea383e", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1418", + "self_link": null, + "uid": "81cb153b-606c-4c1a-afe7-3c6ff655c2da" + }, + "reason": "Pulled", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker2" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:33:52+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{cassandra}", + "kind": "Pod", + "name": "cluster1-test-cluster-default-sts-0", + "namespace": "cass-operator", + "resource_version": "1295", + "uid": "e5322c75-6c05-4e97-90b8-c11bb1c04973" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:33:52+00:00", + "message": "Created container cassandra", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:52+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:52+00:00" + } + ], + "name": "cluster1-test-cluster-default-sts-0.17b780a5a0ee7f1b", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1420", + "self_link": null, + "uid": "f55a979c-686b-4171-bc40-7601d902f616" + }, + "reason": "Created", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker2" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:33:52+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{cassandra}", + "kind": "Pod", + "name": "cluster1-test-cluster-default-sts-0", + "namespace": "cass-operator", + "resource_version": "1295", + "uid": "e5322c75-6c05-4e97-90b8-c11bb1c04973" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:33:52+00:00", + "message": "Started container cassandra", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:52+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:52+00:00" + } + ], + "name": "cluster1-test-cluster-default-sts-0.17b780a5a87f086e", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1421", + "self_link": null, + "uid": "e0db1819-cee3-42ef-aa5f-4fd73f7e1873" + }, + "reason": "Started", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker2" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:33:52+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{server-system-logger}", + "kind": "Pod", + "name": "cluster1-test-cluster-default-sts-0", + "namespace": "cass-operator", + "resource_version": "1295", + "uid": "e5322c75-6c05-4e97-90b8-c11bb1c04973" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:33:52+00:00", + "message": "Container image \"k8ssandra/system-logger:v1.10.3\" already present on machine", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:52+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:52+00:00" + } + ], + "name": "cluster1-test-cluster-default-sts-0.17b780a5a882cfa3", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1422", + "self_link": null, + "uid": "cc7a38cf-9598-4e44-b167-124a07ad13d0" + }, + "reason": "Pulled", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker2" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:33:52+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{server-system-logger}", + "kind": "Pod", + "name": "cluster1-test-cluster-default-sts-0", + "namespace": "cass-operator", + "resource_version": "1295", + "uid": "e5322c75-6c05-4e97-90b8-c11bb1c04973" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:33:52+00:00", + "message": "Created container server-system-logger", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:52+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:52+00:00" + } + ], + "name": "cluster1-test-cluster-default-sts-0.17b780a5aaf45d55", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1423", + "self_link": null, + "uid": "57a5a3ce-70e7-4582-9783-f0bf45359f8b" + }, + "reason": "Created", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker2" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:33:52+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{server-system-logger}", + "kind": "Pod", + "name": "cluster1-test-cluster-default-sts-0", + "namespace": "cass-operator", + "resource_version": "1295", + "uid": "e5322c75-6c05-4e97-90b8-c11bb1c04973" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:33:52+00:00", + "message": "Started container server-system-logger", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:52+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:52+00:00" + } + ], + "name": "cluster1-test-cluster-default-sts-0.17b780a5bd908110", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1428", + "self_link": null, + "uid": "6d881074-eac8-4bd5-b1f3-d39d8df00fc1" + }, + "reason": "Started", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker2" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:34:13+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{cassandra}", + "kind": "Pod", + "name": "cluster1-test-cluster-default-sts-0", + "namespace": "cass-operator", + "resource_version": "1295", + "uid": "e5322c75-6c05-4e97-90b8-c11bb1c04973" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:34:13+00:00", + "message": "Readiness probe failed: HTTP probe failed with statuscode: 500", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:34:13+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:34:13+00:00" + } + ], + "name": "cluster1-test-cluster-default-sts-0.17b780aa72320a75", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1519", + "self_link": null, + "uid": "1b4078ca-949a-49f8-a598-93961ca1abc2" + }, + "reason": "Unhealthy", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker2" + }, + "type": "Warning" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:33:34+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "Pod", + "name": "cluster1-test-cluster-default-sts-1", + "namespace": "cass-operator", + "resource_version": "1220", + "uid": "142b87e9-242a-4cad-aa89-7164a010c1b0" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:33:34+00:00", + "message": "Successfully assigned cass-operator/cluster1-test-cluster-default-sts-1 to acto-0-cluster-0-worker", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:34+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-scheduler", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:34+00:00" + } + ], + "name": "cluster1-test-cluster-default-sts-1.17b780a15d79f179", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1313", + "self_link": null, + "uid": "58ff2be0-d2d6-4ae1-ac1c-b03983bcbd76" + }, + "reason": "Scheduled", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "default-scheduler", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 5, + "event_time": null, + "first_timestamp": "2024-02-26T19:33:34+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "Pod", + "name": "cluster1-test-cluster-default-sts-1", + "namespace": "cass-operator", + "resource_version": "1311", + "uid": "142b87e9-242a-4cad-aa89-7164a010c1b0" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:33:41+00:00", + "message": "MountVolume.SetUp failed for volume \"encryption-cred-storage\" : secret \"test-cluster-keystore\" not found", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:34+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:34+00:00" + } + ], + "name": "cluster1-test-cluster-default-sts-1.17b780a1694de523", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1351", + "self_link": null, + "uid": "b0568206-c861-4e7f-a870-dbcec5488e75" + }, + "reason": "FailedMount", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker" + }, + "type": "Warning" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:33:50+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.initContainers{server-config-init}", + "kind": "Pod", + "name": "cluster1-test-cluster-default-sts-1", + "namespace": "cass-operator", + "resource_version": "1311", + "uid": "142b87e9-242a-4cad-aa89-7164a010c1b0" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:33:50+00:00", + "message": "Container image \"datastax/cass-config-builder:1.0.4-ubi7\" already present on machine", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:50+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:50+00:00" + } + ], + "name": "cluster1-test-cluster-default-sts-1.17b780a51bc1c2fa", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1392", + "self_link": null, + "uid": "6732c1f4-acb5-446a-a43a-786f37868b63" + }, + "reason": "Pulled", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:33:50+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.initContainers{server-config-init}", + "kind": "Pod", + "name": "cluster1-test-cluster-default-sts-1", + "namespace": "cass-operator", + "resource_version": "1311", + "uid": "142b87e9-242a-4cad-aa89-7164a010c1b0" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:33:50+00:00", + "message": "Created container server-config-init", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:50+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:50+00:00" + } + ], + "name": "cluster1-test-cluster-default-sts-1.17b780a51d3a910d", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1394", + "self_link": null, + "uid": "a869481c-4ff1-4b18-9740-314adf3e1fd0" + }, + "reason": "Created", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:33:50+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.initContainers{server-config-init}", + "kind": "Pod", + "name": "cluster1-test-cluster-default-sts-1", + "namespace": "cass-operator", + "resource_version": "1311", + "uid": "142b87e9-242a-4cad-aa89-7164a010c1b0" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:33:50+00:00", + "message": "Started container server-config-init", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:50+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:50+00:00" + } + ], + "name": "cluster1-test-cluster-default-sts-1.17b780a52402b159", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1396", + "self_link": null, + "uid": "6d8acc9d-a6bc-4e49-98a8-ec5452e66487" + }, + "reason": "Started", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:33:53+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{cassandra}", + "kind": "Pod", + "name": "cluster1-test-cluster-default-sts-1", + "namespace": "cass-operator", + "resource_version": "1311", + "uid": "142b87e9-242a-4cad-aa89-7164a010c1b0" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:33:53+00:00", + "message": "Container image \"k8ssandra/cass-management-api:3.11.7\" already present on machine", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:53+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:53+00:00" + } + ], + "name": "cluster1-test-cluster-default-sts-1.17b780a5dd7a330d", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1432", + "self_link": null, + "uid": "c8f7b2ea-c833-470c-bd3d-bd9850cd9ccd" + }, + "reason": "Pulled", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:33:53+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{cassandra}", + "kind": "Pod", + "name": "cluster1-test-cluster-default-sts-1", + "namespace": "cass-operator", + "resource_version": "1311", + "uid": "142b87e9-242a-4cad-aa89-7164a010c1b0" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:33:53+00:00", + "message": "Created container cassandra", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:53+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:53+00:00" + } + ], + "name": "cluster1-test-cluster-default-sts-1.17b780a5df942cae", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1436", + "self_link": null, + "uid": "3df7f462-85c1-421f-a8b3-2d5baa76d072" + }, + "reason": "Created", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:33:53+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{cassandra}", + "kind": "Pod", + "name": "cluster1-test-cluster-default-sts-1", + "namespace": "cass-operator", + "resource_version": "1311", + "uid": "142b87e9-242a-4cad-aa89-7164a010c1b0" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:33:53+00:00", + "message": "Started container cassandra", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:53+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:53+00:00" + } + ], + "name": "cluster1-test-cluster-default-sts-1.17b780a5e682c17a", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1440", + "self_link": null, + "uid": "2ecce790-a935-4a75-b181-23041b2bbb62" + }, + "reason": "Started", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:33:53+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{server-system-logger}", + "kind": "Pod", + "name": "cluster1-test-cluster-default-sts-1", + "namespace": "cass-operator", + "resource_version": "1311", + "uid": "142b87e9-242a-4cad-aa89-7164a010c1b0" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:33:53+00:00", + "message": "Container image \"k8ssandra/system-logger:v1.10.3\" already present on machine", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:53+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:53+00:00" + } + ], + "name": "cluster1-test-cluster-default-sts-1.17b780a5e6874381", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1441", + "self_link": null, + "uid": "1b6c4a6a-e87b-46cf-951c-d1b597c80de4" + }, + "reason": "Pulled", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:33:53+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{server-system-logger}", + "kind": "Pod", + "name": "cluster1-test-cluster-default-sts-1", + "namespace": "cass-operator", + "resource_version": "1311", + "uid": "142b87e9-242a-4cad-aa89-7164a010c1b0" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:33:53+00:00", + "message": "Created container server-system-logger", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:53+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:53+00:00" + } + ], + "name": "cluster1-test-cluster-default-sts-1.17b780a5ea6ba1b4", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1443", + "self_link": null, + "uid": "bfe6d9ae-6c8f-42c6-9386-d8b292ae3096" + }, + "reason": "Created", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:33:54+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{server-system-logger}", + "kind": "Pod", + "name": "cluster1-test-cluster-default-sts-1", + "namespace": "cass-operator", + "resource_version": "1311", + "uid": "142b87e9-242a-4cad-aa89-7164a010c1b0" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:33:54+00:00", + "message": "Started container server-system-logger", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:54+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:54+00:00" + } + ], + "name": "cluster1-test-cluster-default-sts-1.17b780a5fe65cf80", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1444", + "self_link": null, + "uid": "f22ff48a-c020-4fab-956a-fa7f4a086401" + }, + "reason": "Started", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 11, + "event_time": null, + "first_timestamp": "2024-02-26T19:34:14+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{cassandra}", + "kind": "Pod", + "name": "cluster1-test-cluster-default-sts-1", + "namespace": "cass-operator", + "resource_version": "1311", + "uid": "142b87e9-242a-4cad-aa89-7164a010c1b0" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:35:34+00:00", + "message": "Readiness probe failed: HTTP probe failed with statuscode: 500", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:34:14+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:34:14+00:00" + } + ], + "name": "cluster1-test-cluster-default-sts-1.17b780aaadf5a195", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1835", + "self_link": null, + "uid": "cb748768-3ef5-45ab-9f03-98f55316f4ad" + }, + "reason": "Unhealthy", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker" + }, + "type": "Warning" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:33:34+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "Pod", + "name": "cluster1-test-cluster-default-sts-2", + "namespace": "cass-operator", + "resource_version": "1230", + "uid": "939bdbbf-0ce4-4888-b71e-12983ba5c9aa" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:33:34+00:00", + "message": "Successfully assigned cass-operator/cluster1-test-cluster-default-sts-2 to acto-0-cluster-0-worker3", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:34+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-scheduler", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:34+00:00" + } + ], + "name": "cluster1-test-cluster-default-sts-2.17b780a15dcbbf74", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1316", + "self_link": null, + "uid": "9d12a848-2f02-4b9e-8f09-e6ddf32d037f" + }, + "reason": "Scheduled", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "default-scheduler", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 5, + "event_time": null, + "first_timestamp": "2024-02-26T19:33:34+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "Pod", + "name": "cluster1-test-cluster-default-sts-2", + "namespace": "cass-operator", + "resource_version": "1314", + "uid": "939bdbbf-0ce4-4888-b71e-12983ba5c9aa" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:33:41+00:00", + "message": "MountVolume.SetUp failed for volume \"encryption-cred-storage\" : secret \"test-cluster-keystore\" not found", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:34+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:34+00:00" + } + ], + "name": "cluster1-test-cluster-default-sts-2.17b780a16d4e9ef7", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1352", + "self_link": null, + "uid": "ecc7ef34-c65d-44a9-9888-3fc2d0972d9f" + }, + "reason": "FailedMount", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker3" + }, + "type": "Warning" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:33:50+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.initContainers{server-config-init}", + "kind": "Pod", + "name": "cluster1-test-cluster-default-sts-2", + "namespace": "cass-operator", + "resource_version": "1314", + "uid": "939bdbbf-0ce4-4888-b71e-12983ba5c9aa" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:33:50+00:00", + "message": "Container image \"datastax/cass-config-builder:1.0.4-ubi7\" already present on machine", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:50+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:50+00:00" + } + ], + "name": "cluster1-test-cluster-default-sts-2.17b780a51bf2e7c3", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1393", + "self_link": null, + "uid": "053e8fd0-2659-4df5-9f59-7e1037d51b20" + }, + "reason": "Pulled", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker3" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:33:50+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.initContainers{server-config-init}", + "kind": "Pod", + "name": "cluster1-test-cluster-default-sts-2", + "namespace": "cass-operator", + "resource_version": "1314", + "uid": "939bdbbf-0ce4-4888-b71e-12983ba5c9aa" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:33:50+00:00", + "message": "Created container server-config-init", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:50+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:50+00:00" + } + ], + "name": "cluster1-test-cluster-default-sts-2.17b780a51d3a91ac", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1395", + "self_link": null, + "uid": "bc68a90a-6904-46d9-999f-3041872fe4af" + }, + "reason": "Created", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker3" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:33:50+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.initContainers{server-config-init}", + "kind": "Pod", + "name": "cluster1-test-cluster-default-sts-2", + "namespace": "cass-operator", + "resource_version": "1314", + "uid": "939bdbbf-0ce4-4888-b71e-12983ba5c9aa" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:33:50+00:00", + "message": "Started container server-config-init", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:50+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:50+00:00" + } + ], + "name": "cluster1-test-cluster-default-sts-2.17b780a5245deddd", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1397", + "self_link": null, + "uid": "89ca76c4-ce99-4180-b1d1-fc9539a5375b" + }, + "reason": "Started", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker3" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:33:53+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{cassandra}", + "kind": "Pod", + "name": "cluster1-test-cluster-default-sts-2", + "namespace": "cass-operator", + "resource_version": "1314", + "uid": "939bdbbf-0ce4-4888-b71e-12983ba5c9aa" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:33:53+00:00", + "message": "Container image \"k8ssandra/cass-management-api:3.11.7\" already present on machine", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:53+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:53+00:00" + } + ], + "name": "cluster1-test-cluster-default-sts-2.17b780a5dd80122e", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1433", + "self_link": null, + "uid": "7be2ab75-3235-4017-8980-faf4753238b1" + }, + "reason": "Pulled", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker3" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:33:53+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{cassandra}", + "kind": "Pod", + "name": "cluster1-test-cluster-default-sts-2", + "namespace": "cass-operator", + "resource_version": "1314", + "uid": "939bdbbf-0ce4-4888-b71e-12983ba5c9aa" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:33:53+00:00", + "message": "Created container cassandra", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:53+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:53+00:00" + } + ], + "name": "cluster1-test-cluster-default-sts-2.17b780a5dfa0cbf7", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1437", + "self_link": null, + "uid": "c5501d58-6d39-4a80-ba86-26c5c830b19b" + }, + "reason": "Created", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker3" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:33:53+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{cassandra}", + "kind": "Pod", + "name": "cluster1-test-cluster-default-sts-2", + "namespace": "cass-operator", + "resource_version": "1314", + "uid": "939bdbbf-0ce4-4888-b71e-12983ba5c9aa" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:33:53+00:00", + "message": "Started container cassandra", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:53+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:53+00:00" + } + ], + "name": "cluster1-test-cluster-default-sts-2.17b780a5e63e8be3", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1438", + "self_link": null, + "uid": "74846a78-8eaa-44eb-bbee-68d37ce60f26" + }, + "reason": "Started", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker3" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:33:53+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{server-system-logger}", + "kind": "Pod", + "name": "cluster1-test-cluster-default-sts-2", + "namespace": "cass-operator", + "resource_version": "1314", + "uid": "939bdbbf-0ce4-4888-b71e-12983ba5c9aa" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:33:53+00:00", + "message": "Container image \"k8ssandra/system-logger:v1.10.3\" already present on machine", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:53+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:53+00:00" + } + ], + "name": "cluster1-test-cluster-default-sts-2.17b780a5e64598fc", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1439", + "self_link": null, + "uid": "3b2a59cd-4e85-41c2-8b84-457076a79598" + }, + "reason": "Pulled", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker3" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:33:53+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{server-system-logger}", + "kind": "Pod", + "name": "cluster1-test-cluster-default-sts-2", + "namespace": "cass-operator", + "resource_version": "1314", + "uid": "939bdbbf-0ce4-4888-b71e-12983ba5c9aa" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:33:53+00:00", + "message": "Created container server-system-logger", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:53+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:53+00:00" + } + ], + "name": "cluster1-test-cluster-default-sts-2.17b780a5e83daedd", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1442", + "self_link": null, + "uid": "a3a2aa2c-c7a0-4de3-9786-43b3b15fc5b1" + }, + "reason": "Created", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker3" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:33:54+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{server-system-logger}", + "kind": "Pod", + "name": "cluster1-test-cluster-default-sts-2", + "namespace": "cass-operator", + "resource_version": "1314", + "uid": "939bdbbf-0ce4-4888-b71e-12983ba5c9aa" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:33:54+00:00", + "message": "Started container server-system-logger", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:54+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:54+00:00" + } + ], + "name": "cluster1-test-cluster-default-sts-2.17b780a5ff7a1be4", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1445", + "self_link": null, + "uid": "d414e2c7-9462-4708-9068-a63c94a86a41" + }, + "reason": "Started", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker3" + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 8, + "event_time": null, + "first_timestamp": "2024-02-26T19:34:14+00:00", + "involved_object": { + "api_version": "v1", + "field_path": "spec.containers{cassandra}", + "kind": "Pod", + "name": "cluster1-test-cluster-default-sts-2", + "namespace": "cass-operator", + "resource_version": "1314", + "uid": "939bdbbf-0ce4-4888-b71e-12983ba5c9aa" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:35:14+00:00", + "message": "Readiness probe failed: HTTP probe failed with statuscode: 500", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:34:14+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {}, + "f:host": {} + }, + "f:type": {} + }, + "manager": "kubelet", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:34:14+00:00" + } + ], + "name": "cluster1-test-cluster-default-sts-2.17b780aaae4106dc", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1744", + "self_link": null, + "uid": "4bebab18-f4dd-46f1-a843-794853e9e501" + }, + "reason": "Unhealthy", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "kubelet", + "host": "acto-0-cluster-0-worker3" + }, + "type": "Warning" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:33:30+00:00", + "involved_object": { + "api_version": "apps/v1", + "field_path": null, + "kind": "StatefulSet", + "name": "cluster1-test-cluster-default-sts", + "namespace": "cass-operator", + "resource_version": "1207", + "uid": "f34321ea-cb8c-422e-8e25-043ede05be43" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:33:30+00:00", + "message": "create Claim server-data-cluster1-test-cluster-default-sts-0 Pod cluster1-test-cluster-default-sts-0 in StatefulSet cluster1-test-cluster-default-sts success", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:30+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:30+00:00" + } + ], + "name": "cluster1-test-cluster-default-sts.17b780a06e26817f", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1212", + "self_link": null, + "uid": "f7dfe283-c496-4c38-8911-38e31f24931e" + }, + "reason": "SuccessfulCreate", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "statefulset-controller", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:33:30+00:00", + "involved_object": { + "api_version": "apps/v1", + "field_path": null, + "kind": "StatefulSet", + "name": "cluster1-test-cluster-default-sts", + "namespace": "cass-operator", + "resource_version": "1207", + "uid": "f34321ea-cb8c-422e-8e25-043ede05be43" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:33:30+00:00", + "message": "create Pod cluster1-test-cluster-default-sts-0 in StatefulSet cluster1-test-cluster-default-sts successful", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:30+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:30+00:00" + } + ], + "name": "cluster1-test-cluster-default-sts.17b780a06e551a4b", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1214", + "self_link": null, + "uid": "90201f19-d3fc-4299-a4a2-aca332291e92" + }, + "reason": "SuccessfulCreate", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "statefulset-controller", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:33:30+00:00", + "involved_object": { + "api_version": "apps/v1", + "field_path": null, + "kind": "StatefulSet", + "name": "cluster1-test-cluster-default-sts", + "namespace": "cass-operator", + "resource_version": "1207", + "uid": "f34321ea-cb8c-422e-8e25-043ede05be43" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:33:30+00:00", + "message": "create Claim server-data-cluster1-test-cluster-default-sts-1 Pod cluster1-test-cluster-default-sts-1 in StatefulSet cluster1-test-cluster-default-sts success", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:30+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:30+00:00" + } + ], + "name": "cluster1-test-cluster-default-sts.17b780a06e79efbf", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1218", + "self_link": null, + "uid": "683cd0f0-9dfc-44ac-b46e-c78148e19f9b" + }, + "reason": "SuccessfulCreate", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "statefulset-controller", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:33:30+00:00", + "involved_object": { + "api_version": "apps/v1", + "field_path": null, + "kind": "StatefulSet", + "name": "cluster1-test-cluster-default-sts", + "namespace": "cass-operator", + "resource_version": "1207", + "uid": "f34321ea-cb8c-422e-8e25-043ede05be43" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:33:30+00:00", + "message": "create Pod cluster1-test-cluster-default-sts-1 in StatefulSet cluster1-test-cluster-default-sts successful", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:30+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:30+00:00" + } + ], + "name": "cluster1-test-cluster-default-sts.17b780a06eaf9248", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1222", + "self_link": null, + "uid": "145cfbe8-7ef9-4856-b4cf-f0001e0f694b" + }, + "reason": "SuccessfulCreate", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "statefulset-controller", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:33:30+00:00", + "involved_object": { + "api_version": "apps/v1", + "field_path": null, + "kind": "StatefulSet", + "name": "cluster1-test-cluster-default-sts", + "namespace": "cass-operator", + "resource_version": "1207", + "uid": "f34321ea-cb8c-422e-8e25-043ede05be43" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:33:30+00:00", + "message": "create Claim server-data-cluster1-test-cluster-default-sts-2 Pod cluster1-test-cluster-default-sts-2 in StatefulSet cluster1-test-cluster-default-sts success", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:30+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:30+00:00" + } + ], + "name": "cluster1-test-cluster-default-sts.17b780a06ee3bf95", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1227", + "self_link": null, + "uid": "e59f51f5-d0eb-4229-b726-98d1db91fa1e" + }, + "reason": "SuccessfulCreate", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "statefulset-controller", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:33:30+00:00", + "involved_object": { + "api_version": "apps/v1", + "field_path": null, + "kind": "StatefulSet", + "name": "cluster1-test-cluster-default-sts", + "namespace": "cass-operator", + "resource_version": "1207", + "uid": "f34321ea-cb8c-422e-8e25-043ede05be43" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:33:30+00:00", + "message": "create Pod cluster1-test-cluster-default-sts-2 in StatefulSet cluster1-test-cluster-default-sts successful", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:30+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:30+00:00" + } + ], + "name": "cluster1-test-cluster-default-sts.17b780a06f198f10", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1234", + "self_link": null, + "uid": "3fb7b81a-b237-404a-927c-52cf6a16a725" + }, + "reason": "SuccessfulCreate", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "statefulset-controller", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:33:50+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "Endpoints", + "name": "cluster1-test-cluster-service", + "namespace": "cass-operator", + "resource_version": "1389", + "uid": "279f15dd-d046-4501-a5a5-365b12a8c9a8" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:33:50+00:00", + "message": "Failed to update endpoint cass-operator/cluster1-test-cluster-service: Operation cannot be fulfilled on endpoints \"cluster1-test-cluster-service\": the object has been modified; please apply your changes to the latest version and try again", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:50+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:50+00:00" + } + ], + "name": "cluster1-test-cluster-service.17b780a52bc733ad", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1407", + "self_link": null, + "uid": "292392ad-89ce-4211-a0eb-a7a2629fc28e" + }, + "reason": "FailedToUpdateEndpoint", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "endpoint-controller", + "host": null + }, + "type": "Warning" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:33:30+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "PersistentVolumeClaim", + "name": "server-data-cluster1-test-cluster-default-sts-0", + "namespace": "cass-operator", + "resource_version": "1211", + "uid": "b78a30f1-4bf6-43d3-9df5-d10275907d6f" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:33:30+00:00", + "message": "waiting for first consumer to be created before binding", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:30+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:30+00:00" + } + ], + "name": "server-data-cluster1-test-cluster-default-sts-0.17b780a06e489826", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1221", + "self_link": null, + "uid": "7ba031c3-0084-4533-b025-c2842ead249d" + }, + "reason": "WaitForFirstConsumer", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "persistentvolume-controller", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 2, + "event_time": null, + "first_timestamp": "2024-02-26T19:33:30+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "PersistentVolumeClaim", + "name": "server-data-cluster1-test-cluster-default-sts-0", + "namespace": "cass-operator", + "resource_version": "1226", + "uid": "b78a30f1-4bf6-43d3-9df5-d10275907d6f" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:33:30+00:00", + "message": "waiting for a volume to be created, either by external provisioner \"rancher.io/local-path\" or manually created by system administrator", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:30+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:30+00:00" + } + ], + "name": "server-data-cluster1-test-cluster-default-sts-0.17b780a06ef29aec", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1249", + "self_link": null, + "uid": "dde21c64-ab1c-4319-9122-07b17eeb84f8" + }, + "reason": "ExternalProvisioning", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "persistentvolume-controller", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:33:30+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "PersistentVolumeClaim", + "name": "server-data-cluster1-test-cluster-default-sts-0", + "namespace": "cass-operator", + "resource_version": "1226", + "uid": "b78a30f1-4bf6-43d3-9df5-d10275907d6f" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:33:30+00:00", + "message": "External provisioner is provisioning volume for claim \"cass-operator/server-data-cluster1-test-cluster-default-sts-0\"", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:30+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "local-path-provisioner", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:30+00:00" + } + ], + "name": "server-data-cluster1-test-cluster-default-sts-0.17b780a06f34d42c", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1236", + "self_link": null, + "uid": "ce9ebbd7-70ec-4490-b651-1b12349187ca" + }, + "reason": "Provisioning", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "rancher.io/local-path_local-path-provisioner-5bb5788f44-7cpkm_5decbb85-8e4d-4409-9f33-7841251db022", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:33:32+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "PersistentVolumeClaim", + "name": "server-data-cluster1-test-cluster-default-sts-0", + "namespace": "cass-operator", + "resource_version": "1226", + "uid": "b78a30f1-4bf6-43d3-9df5-d10275907d6f" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:33:32+00:00", + "message": "Successfully provisioned volume pvc-b78a30f1-4bf6-43d3-9df5-d10275907d6f", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:32+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "local-path-provisioner", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:32+00:00" + } + ], + "name": "server-data-cluster1-test-cluster-default-sts-0.17b780a0f24a67bc", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1289", + "self_link": null, + "uid": "61c16445-7b15-48eb-8e23-755717e21bd7" + }, + "reason": "ProvisioningSucceeded", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "rancher.io/local-path_local-path-provisioner-5bb5788f44-7cpkm_5decbb85-8e4d-4409-9f33-7841251db022", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:33:30+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "PersistentVolumeClaim", + "name": "server-data-cluster1-test-cluster-default-sts-1", + "namespace": "cass-operator", + "resource_version": "1216", + "uid": "5921cc87-b65e-4389-9c27-bfd4674f40dc" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:33:30+00:00", + "message": "waiting for first consumer to be created before binding", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:30+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:30+00:00" + } + ], + "name": "server-data-cluster1-test-cluster-default-sts-1.17b780a06e7b2649", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1224", + "self_link": null, + "uid": "68004291-8d01-4969-95e9-fd2b609442e1" + }, + "reason": "WaitForFirstConsumer", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "persistentvolume-controller", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 2, + "event_time": null, + "first_timestamp": "2024-02-26T19:33:30+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "PersistentVolumeClaim", + "name": "server-data-cluster1-test-cluster-default-sts-1", + "namespace": "cass-operator", + "resource_version": "1229", + "uid": "5921cc87-b65e-4389-9c27-bfd4674f40dc" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:33:30+00:00", + "message": "waiting for a volume to be created, either by external provisioner \"rancher.io/local-path\" or manually created by system administrator", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:30+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:30+00:00" + } + ], + "name": "server-data-cluster1-test-cluster-default-sts-1.17b780a06efe266e", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1250", + "self_link": null, + "uid": "6d176d05-4720-46d8-94d5-bda0666c1dd5" + }, + "reason": "ExternalProvisioning", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "persistentvolume-controller", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:33:30+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "PersistentVolumeClaim", + "name": "server-data-cluster1-test-cluster-default-sts-1", + "namespace": "cass-operator", + "resource_version": "1229", + "uid": "5921cc87-b65e-4389-9c27-bfd4674f40dc" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:33:30+00:00", + "message": "External provisioner is provisioning volume for claim \"cass-operator/server-data-cluster1-test-cluster-default-sts-1\"", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:30+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "local-path-provisioner", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:30+00:00" + } + ], + "name": "server-data-cluster1-test-cluster-default-sts-1.17b780a06f4457c0", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1238", + "self_link": null, + "uid": "06c43b28-8afa-4ddb-ad9b-32ae9f664d9d" + }, + "reason": "Provisioning", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "rancher.io/local-path_local-path-provisioner-5bb5788f44-7cpkm_5decbb85-8e4d-4409-9f33-7841251db022", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:33:33+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "PersistentVolumeClaim", + "name": "server-data-cluster1-test-cluster-default-sts-1", + "namespace": "cass-operator", + "resource_version": "1229", + "uid": "5921cc87-b65e-4389-9c27-bfd4674f40dc" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:33:33+00:00", + "message": "Successfully provisioned volume pvc-5921cc87-b65e-4389-9c27-bfd4674f40dc", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:33+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "local-path-provisioner", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:33+00:00" + } + ], + "name": "server-data-cluster1-test-cluster-default-sts-1.17b780a121e126d8", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1305", + "self_link": null, + "uid": "4ae95be4-0eae-4956-92c9-f05dc064bcb6" + }, + "reason": "ProvisioningSucceeded", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "rancher.io/local-path_local-path-provisioner-5bb5788f44-7cpkm_5decbb85-8e4d-4409-9f33-7841251db022", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:33:30+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "PersistentVolumeClaim", + "name": "server-data-cluster1-test-cluster-default-sts-2", + "namespace": "cass-operator", + "resource_version": "1223", + "uid": "46c1b026-ace4-4bb1-83b7-39b6f5a2cb7f" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:33:30+00:00", + "message": "waiting for first consumer to be created before binding", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:30+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:30+00:00" + } + ], + "name": "server-data-cluster1-test-cluster-default-sts-2.17b780a06ee0bbbc", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1228", + "self_link": null, + "uid": "b5416c3f-7ce0-4d5f-affa-fe11ff08ebd3" + }, + "reason": "WaitForFirstConsumer", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "persistentvolume-controller", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 2, + "event_time": null, + "first_timestamp": "2024-02-26T19:33:30+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "PersistentVolumeClaim", + "name": "server-data-cluster1-test-cluster-default-sts-2", + "namespace": "cass-operator", + "resource_version": "1237", + "uid": "46c1b026-ace4-4bb1-83b7-39b6f5a2cb7f" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:33:30+00:00", + "message": "waiting for a volume to be created, either by external provisioner \"rancher.io/local-path\" or manually created by system administrator", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:30+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:30+00:00" + } + ], + "name": "server-data-cluster1-test-cluster-default-sts-2.17b780a06f841708", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1251", + "self_link": null, + "uid": "4c51198a-d64d-49ca-af5c-6d71d18fea84" + }, + "reason": "ExternalProvisioning", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "persistentvolume-controller", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:33:30+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "PersistentVolumeClaim", + "name": "server-data-cluster1-test-cluster-default-sts-2", + "namespace": "cass-operator", + "resource_version": "1237", + "uid": "46c1b026-ace4-4bb1-83b7-39b6f5a2cb7f" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:33:30+00:00", + "message": "External provisioner is provisioning volume for claim \"cass-operator/server-data-cluster1-test-cluster-default-sts-2\"", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:30+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "local-path-provisioner", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:30+00:00" + } + ], + "name": "server-data-cluster1-test-cluster-default-sts-2.17b780a06fa73a23", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1248", + "self_link": null, + "uid": "5045f6be-2f45-4ca6-bdbb-a4f421d125e2" + }, + "reason": "Provisioning", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "rancher.io/local-path_local-path-provisioner-5bb5788f44-7cpkm_5decbb85-8e4d-4409-9f33-7841251db022", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:33:33+00:00", + "involved_object": { + "api_version": "v1", + "field_path": null, + "kind": "PersistentVolumeClaim", + "name": "server-data-cluster1-test-cluster-default-sts-2", + "namespace": "cass-operator", + "resource_version": "1237", + "uid": "46c1b026-ace4-4bb1-83b7-39b6f5a2cb7f" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:33:33+00:00", + "message": "Successfully provisioned volume pvc-46c1b026-ace4-4bb1-83b7-39b6f5a2cb7f", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:34+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "local-path-provisioner", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:34+00:00" + } + ], + "name": "server-data-cluster1-test-cluster-default-sts-2.17b780a145a9b68a", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1312", + "self_link": null, + "uid": "196abf14-5639-4ec5-b109-87a85b82cd74" + }, + "reason": "ProvisioningSucceeded", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "rancher.io/local-path_local-path-provisioner-5bb5788f44-7cpkm_5decbb85-8e4d-4409-9f33-7841251db022", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:33:30+00:00", + "involved_object": { + "api_version": "cassandra.datastax.com/v1beta1", + "field_path": null, + "kind": "CassandraDatacenter", + "name": "test-cluster", + "namespace": "cass-operator", + "resource_version": "1189", + "uid": "9b81ee5e-f473-4cc4-8eba-88b9581a973d" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:33:30+00:00", + "message": "Created service cluster1-test-cluster-service", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:30+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:30+00:00" + } + ], + "name": "test-cluster.17b780a066874845", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1192", + "self_link": null, + "uid": "97a5d22a-895f-4434-9101-43fcc4823e86" + }, + "reason": "CreatedResource", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "cass-operator", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:33:30+00:00", + "involved_object": { + "api_version": "cassandra.datastax.com/v1beta1", + "field_path": null, + "kind": "CassandraDatacenter", + "name": "test-cluster", + "namespace": "cass-operator", + "resource_version": "1189", + "uid": "9b81ee5e-f473-4cc4-8eba-88b9581a973d" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:33:30+00:00", + "message": "Created service cluster1-seed-service", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:30+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:30+00:00" + } + ], + "name": "test-cluster.17b780a0669f50af", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1194", + "self_link": null, + "uid": "0cca2b0f-8083-4312-93c9-c42725b01abd" + }, + "reason": "CreatedResource", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "cass-operator", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:33:30+00:00", + "involved_object": { + "api_version": "cassandra.datastax.com/v1beta1", + "field_path": null, + "kind": "CassandraDatacenter", + "name": "test-cluster", + "namespace": "cass-operator", + "resource_version": "1189", + "uid": "9b81ee5e-f473-4cc4-8eba-88b9581a973d" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:33:30+00:00", + "message": "Created service cluster1-test-cluster-all-pods-service", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:30+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:30+00:00" + } + ], + "name": "test-cluster.17b780a066c4b8d1", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1199", + "self_link": null, + "uid": "ca6a40d2-bade-4084-a30c-7d0b0880f212" + }, + "reason": "CreatedResource", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "cass-operator", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:33:30+00:00", + "involved_object": { + "api_version": "cassandra.datastax.com/v1beta1", + "field_path": null, + "kind": "CassandraDatacenter", + "name": "test-cluster", + "namespace": "cass-operator", + "resource_version": "1189", + "uid": "9b81ee5e-f473-4cc4-8eba-88b9581a973d" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:33:30+00:00", + "message": "Created service cluster1-test-cluster-additional-seed-service", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:30+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:30+00:00" + } + ], + "name": "test-cluster.17b780a066ea4c1e", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1203", + "self_link": null, + "uid": "88ed55d6-8b36-4988-bcc3-0e659fe0fcc2" + }, + "reason": "CreatedResource", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "cass-operator", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:33:30+00:00", + "involved_object": { + "api_version": "cassandra.datastax.com/v1beta1", + "field_path": null, + "kind": "CassandraDatacenter", + "name": "test-cluster", + "namespace": "cass-operator", + "resource_version": "1206", + "uid": "9b81ee5e-f473-4cc4-8eba-88b9581a973d" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:33:30+00:00", + "message": "Created statefulset cluster1-test-cluster-default-sts", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:30+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:30+00:00" + } + ], + "name": "test-cluster.17b780a06d762f64", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1208", + "self_link": null, + "uid": "c5bca11a-22ea-43bb-a070-e6fe76df5b04" + }, + "reason": "CreatedResource", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "cass-operator", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:34:03+00:00", + "involved_object": { + "api_version": "cassandra.datastax.com/v1beta1", + "field_path": null, + "kind": "CassandraDatacenter", + "name": "test-cluster", + "namespace": "cass-operator", + "resource_version": "1369", + "uid": "9b81ee5e-f473-4cc4-8eba-88b9581a973d" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:34:03+00:00", + "message": "Labeled pod a seed node cluster1-test-cluster-default-sts-0", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:34:03+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:34:03+00:00" + } + ], + "name": "test-cluster.17b780a81c8d4c8f", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1484", + "self_link": null, + "uid": "998a1bed-463d-45f2-b01d-48efe5d0a190" + }, + "reason": "LabeledPodAsSeed", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "cass-operator", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:34:08+00:00", + "involved_object": { + "api_version": "cassandra.datastax.com/v1beta1", + "field_path": null, + "kind": "CassandraDatacenter", + "name": "test-cluster", + "namespace": "cass-operator", + "resource_version": "1369", + "uid": "9b81ee5e-f473-4cc4-8eba-88b9581a973d" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:34:08+00:00", + "message": "Starting Cassandra for pod cluster1-test-cluster-default-sts-0", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:34:08+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:34:08+00:00" + } + ], + "name": "test-cluster.17b780a9469c0a3e", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1498", + "self_link": null, + "uid": "7fe54c6f-790e-4b33-8af1-8cb0489c44d4" + }, + "reason": "StartingCassandra", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "cass-operator", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:34:28+00:00", + "involved_object": { + "api_version": "cassandra.datastax.com/v1beta1", + "field_path": null, + "kind": "CassandraDatacenter", + "name": "test-cluster", + "namespace": "cass-operator", + "resource_version": "1579", + "uid": "9b81ee5e-f473-4cc4-8eba-88b9581a973d" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:34:28+00:00", + "message": "Started Cassandra for pod cluster1-test-cluster-default-sts-0", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:34:28+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:34:28+00:00" + } + ], + "name": "test-cluster.17b780adfc8b0101", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1580", + "self_link": null, + "uid": "3bd20f2d-8c01-46c0-ba2d-1750a96f8bc4" + }, + "reason": "StartedCassandra", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "cass-operator", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:34:28+00:00", + "involved_object": { + "api_version": "cassandra.datastax.com/v1beta1", + "field_path": null, + "kind": "CassandraDatacenter", + "name": "test-cluster", + "namespace": "cass-operator", + "resource_version": "1579", + "uid": "9b81ee5e-f473-4cc4-8eba-88b9581a973d" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:34:28+00:00", + "message": "Starting Cassandra for pod cluster1-test-cluster-default-sts-2", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:34:28+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:34:28+00:00" + } + ], + "name": "test-cluster.17b780adfd764234", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1582", + "self_link": null, + "uid": "ab2a8a84-00d7-4192-a06e-436cfe07dd07" + }, + "reason": "StartingCassandra", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "cass-operator", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:35:24+00:00", + "involved_object": { + "api_version": "cassandra.datastax.com/v1beta1", + "field_path": null, + "kind": "CassandraDatacenter", + "name": "test-cluster", + "namespace": "cass-operator", + "resource_version": "1754", + "uid": "9b81ee5e-f473-4cc4-8eba-88b9581a973d" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:35:24+00:00", + "message": "Labeled as seed node pod cluster1-test-cluster-default-sts-2", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:35:24+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:35:24+00:00" + } + ], + "name": "test-cluster.17b780bafbb78bd5", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1788", + "self_link": null, + "uid": "2bec650e-773b-4163-8af3-7c83189c4f16" + }, + "reason": "LabeledPodAsSeed", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "cass-operator", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:35:24+00:00", + "involved_object": { + "api_version": "cassandra.datastax.com/v1beta1", + "field_path": null, + "kind": "CassandraDatacenter", + "name": "test-cluster", + "namespace": "cass-operator", + "resource_version": "1754", + "uid": "9b81ee5e-f473-4cc4-8eba-88b9581a973d" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:35:24+00:00", + "message": "Started Cassandra for pod cluster1-test-cluster-default-sts-2", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:35:24+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:35:24+00:00" + } + ], + "name": "test-cluster.17b780bafc714add", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1792", + "self_link": null, + "uid": "f8695ae9-6665-435c-b47f-5a59274a477a" + }, + "reason": "StartedCassandra", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "cass-operator", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:35:24+00:00", + "involved_object": { + "api_version": "cassandra.datastax.com/v1beta1", + "field_path": null, + "kind": "CassandraDatacenter", + "name": "test-cluster", + "namespace": "cass-operator", + "resource_version": "1754", + "uid": "9b81ee5e-f473-4cc4-8eba-88b9581a973d" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:35:24+00:00", + "message": "Starting Cassandra for pod cluster1-test-cluster-default-sts-1", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:35:24+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:35:24+00:00" + } + ], + "name": "test-cluster.17b780bafddb8a91", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1794", + "self_link": null, + "uid": "a9935a16-b449-4a4e-9595-0faa7fbdd5fb" + }, + "reason": "StartingCassandra", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "cass-operator", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:36:14+00:00", + "involved_object": { + "api_version": "cassandra.datastax.com/v1beta1", + "field_path": null, + "kind": "CassandraDatacenter", + "name": "test-cluster", + "namespace": "cass-operator", + "resource_version": "1960", + "uid": "9b81ee5e-f473-4cc4-8eba-88b9581a973d" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:36:14+00:00", + "message": "Labeled as seed node pod cluster1-test-cluster-default-sts-1", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:36:14+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:36:14+00:00" + } + ], + "name": "test-cluster.17b780c6a00d148f", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1971", + "self_link": null, + "uid": "fa01b29e-301f-49d8-85eb-409b94f5e8b5" + }, + "reason": "LabeledPodAsSeed", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "cass-operator", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:36:14+00:00", + "involved_object": { + "api_version": "cassandra.datastax.com/v1beta1", + "field_path": null, + "kind": "CassandraDatacenter", + "name": "test-cluster", + "namespace": "cass-operator", + "resource_version": "1960", + "uid": "9b81ee5e-f473-4cc4-8eba-88b9581a973d" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:36:14+00:00", + "message": "Started Cassandra for pod cluster1-test-cluster-default-sts-1", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:36:14+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:36:14+00:00" + } + ], + "name": "test-cluster.17b780c6a0e8a98c", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1975", + "self_link": null, + "uid": "8a7cdd6c-9e2c-4950-b4c0-c9d5ae5eb2ab" + }, + "reason": "StartedCassandra", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "cass-operator", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 1, + "event_time": null, + "first_timestamp": "2024-02-26T19:36:14+00:00", + "involved_object": { + "api_version": "cassandra.datastax.com/v1beta1", + "field_path": null, + "kind": "CassandraDatacenter", + "name": "test-cluster", + "namespace": "cass-operator", + "resource_version": "1960", + "uid": "9b81ee5e-f473-4cc4-8eba-88b9581a973d" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:36:14+00:00", + "message": "Created PodDisruptionBudget test-cluster-pdb", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:36:14+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:36:14+00:00" + } + ], + "name": "test-cluster.17b780c6a2662eec", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1978", + "self_link": null, + "uid": "da2043b8-26d5-4cdf-a5bf-9b0e4bd6a3d5" + }, + "reason": "CreatedResource", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "cass-operator", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 5, + "event_time": null, + "first_timestamp": "2024-02-26T19:36:14+00:00", + "involved_object": { + "api_version": "cassandra.datastax.com/v1beta1", + "field_path": null, + "kind": "CassandraDatacenter", + "name": "test-cluster", + "namespace": "cass-operator", + "resource_version": "1960", + "uid": "9b81ee5e-f473-4cc4-8eba-88b9581a973d" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:37:15+00:00", + "message": "Created users", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:36:14+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:36:14+00:00" + } + ], + "name": "test-cluster.17b780c6a7392ced", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "2211", + "self_link": null, + "uid": "ef0d5f06-0ac9-46ad-88ee-6e0a27702fd1" + }, + "reason": "CreatedUsers", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "cass-operator", + "host": null + }, + "type": "Normal" + }, + { + "action": null, + "api_version": null, + "count": 5, + "event_time": null, + "first_timestamp": "2024-02-26T19:36:14+00:00", + "involved_object": { + "api_version": "cassandra.datastax.com/v1beta1", + "field_path": null, + "kind": "CassandraDatacenter", + "name": "test-cluster", + "namespace": "cass-operator", + "resource_version": "1960", + "uid": "9b81ee5e-f473-4cc4-8eba-88b9581a973d" + }, + "kind": null, + "last_timestamp": "2024-02-26T19:37:15+00:00", + "message": "Created superuser", + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:36:14+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:count": {}, + "f:firstTimestamp": {}, + "f:involvedObject": {}, + "f:lastTimestamp": {}, + "f:message": {}, + "f:reason": {}, + "f:source": { + "f:component": {} + }, + "f:type": {} + }, + "manager": "manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:36:14+00:00" + } + ], + "name": "test-cluster.17b780c6a739537f", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "2212", + "self_link": null, + "uid": "99eff182-881b-4e69-8647-7cd0d1345d44" + }, + "reason": "CreatedSuperuser", + "related": null, + "reporting_component": "", + "reporting_instance": "", + "series": null, + "source": { + "component": "cass-operator", + "host": null + }, + "type": "Normal" + } + ], + "kind": "EventList", + "metadata": { + "_continue": null, + "remaining_item_count": null, + "resource_version": "2613", + "self_link": null + } +} diff --git a/docs/alarm_examples/true_alarm/generation-000-runtime.json b/docs/alarm_examples/true_alarm/generation-000-runtime.json new file mode 100644 index 0000000000..a561155429 --- /dev/null +++ b/docs/alarm_examples/true_alarm/generation-000-runtime.json @@ -0,0 +1,17 @@ +{ + "testcase": {}, + "step_id": { + "trial": "testrun-2024-02-26-13-30/trial-00-0000", + "generation": 0 + }, + "oracle_result": { + "crash": null, + "health": null, + "operator_log": null, + "consistency": null, + "differential": null, + "custom": null + }, + "cli_status": "Pass", + "is_revert": false +} diff --git a/docs/alarm_examples/true_alarm/generation-001-runtime.json b/docs/alarm_examples/true_alarm/generation-001-runtime.json new file mode 100644 index 0000000000..100eb0a663 --- /dev/null +++ b/docs/alarm_examples/true_alarm/generation-001-runtime.json @@ -0,0 +1,20 @@ +{ + "testcase": { + "field": "[\"spec\"]", + "testcase": "step-1" + }, + "step_id": { + "trial": "testrun-2024-02-26-13-30/trial-00-0000", + "generation": 1 + }, + "oracle_result": { + "crash": null, + "health": null, + "operator_log": null, + "consistency": null, + "differential": null, + "custom": null + }, + "cli_status": "Pass", + "is_revert": false +} diff --git a/docs/alarm_examples/true_alarm/generation-002-runtime.json b/docs/alarm_examples/true_alarm/generation-002-runtime.json new file mode 100644 index 0000000000..972a9166cc --- /dev/null +++ b/docs/alarm_examples/true_alarm/generation-002-runtime.json @@ -0,0 +1,36 @@ +{ + "testcase": { + "field": "[\"spec\"]", + "testcase": "step-2" + }, + "step_id": { + "trial": "testrun-2024-02-26-13-30/trial-00-0000", + "generation": 2 + }, + "oracle_result": { + "crash": null, + "health": null, + "operator_log": null, + "consistency": { + "message": "Found no matching fields for input", + "input_diff": { + "prev": "ACTOKEY", + "curr": "NotPresent", + "path": { + "path": [ + "spec", + "additionalServiceConfig", + "seedService", + "additionalLabels", + "ACTOKEY" + ] + } + }, + "system_state_diff": null + }, + "differential": null, + "custom": null + }, + "cli_status": "Pass", + "is_revert": false +} diff --git a/docs/alarm_examples/true_alarm/mutated--01.yaml b/docs/alarm_examples/true_alarm/mutated--01.yaml new file mode 100644 index 0000000000..668099ee44 --- /dev/null +++ b/docs/alarm_examples/true_alarm/mutated--01.yaml @@ -0,0 +1,31 @@ +apiVersion: cassandra.datastax.com/v1beta1 +kind: CassandraDatacenter +metadata: + name: test-cluster +spec: + additionalServiceConfig: + seedService: + additionalLabels: + ACTOKEY: ACTOKEY + clusterName: cluster1 + config: + cassandra-yaml: + authenticator: org.apache.cassandra.auth.PasswordAuthenticator + authorizer: org.apache.cassandra.auth.CassandraAuthorizer + role_manager: org.apache.cassandra.auth.CassandraRoleManager + jvm-options: + initial_heap_size: 800M + max_heap_size: 800M + managementApiAuth: + insecure: {} + serverType: cassandra + serverVersion: 3.11.7 + size: 3 + storageConfig: + cassandraDataVolumeClaimSpec: + accessModes: + - ReadWriteOnce + resources: + requests: + storage: 3Gi + storageClassName: server-storage diff --git a/docs/alarm_examples/true_alarm/mutated-000.yaml b/docs/alarm_examples/true_alarm/mutated-000.yaml new file mode 100644 index 0000000000..e24479c1c4 --- /dev/null +++ b/docs/alarm_examples/true_alarm/mutated-000.yaml @@ -0,0 +1,27 @@ +apiVersion: cassandra.datastax.com/v1beta1 +kind: CassandraDatacenter +metadata: + name: test-cluster +spec: + clusterName: cluster1 + config: + cassandra-yaml: + authenticator: org.apache.cassandra.auth.PasswordAuthenticator + authorizer: org.apache.cassandra.auth.CassandraAuthorizer + role_manager: org.apache.cassandra.auth.CassandraRoleManager + jvm-options: + initial_heap_size: 800M + max_heap_size: 800M + managementApiAuth: + insecure: {} + serverType: cassandra + serverVersion: 3.11.7 + size: 3 + storageConfig: + cassandraDataVolumeClaimSpec: + accessModes: + - ReadWriteOnce + resources: + requests: + storage: 3Gi + storageClassName: server-storage diff --git a/docs/alarm_examples/true_alarm/mutated-001.yaml b/docs/alarm_examples/true_alarm/mutated-001.yaml new file mode 100644 index 0000000000..668099ee44 --- /dev/null +++ b/docs/alarm_examples/true_alarm/mutated-001.yaml @@ -0,0 +1,31 @@ +apiVersion: cassandra.datastax.com/v1beta1 +kind: CassandraDatacenter +metadata: + name: test-cluster +spec: + additionalServiceConfig: + seedService: + additionalLabels: + ACTOKEY: ACTOKEY + clusterName: cluster1 + config: + cassandra-yaml: + authenticator: org.apache.cassandra.auth.PasswordAuthenticator + authorizer: org.apache.cassandra.auth.CassandraAuthorizer + role_manager: org.apache.cassandra.auth.CassandraRoleManager + jvm-options: + initial_heap_size: 800M + max_heap_size: 800M + managementApiAuth: + insecure: {} + serverType: cassandra + serverVersion: 3.11.7 + size: 3 + storageConfig: + cassandraDataVolumeClaimSpec: + accessModes: + - ReadWriteOnce + resources: + requests: + storage: 3Gi + storageClassName: server-storage diff --git a/docs/alarm_examples/true_alarm/mutated-002.yaml b/docs/alarm_examples/true_alarm/mutated-002.yaml new file mode 100644 index 0000000000..c90b77d78d --- /dev/null +++ b/docs/alarm_examples/true_alarm/mutated-002.yaml @@ -0,0 +1,30 @@ +apiVersion: cassandra.datastax.com/v1beta1 +kind: CassandraDatacenter +metadata: + name: test-cluster +spec: + additionalServiceConfig: + seedService: + additionalLabels: {} + clusterName: cluster1 + config: + cassandra-yaml: + authenticator: org.apache.cassandra.auth.PasswordAuthenticator + authorizer: org.apache.cassandra.auth.CassandraAuthorizer + role_manager: org.apache.cassandra.auth.CassandraRoleManager + jvm-options: + initial_heap_size: 800M + max_heap_size: 800M + managementApiAuth: + insecure: {} + serverType: cassandra + serverVersion: 3.11.7 + size: 3 + storageConfig: + cassandraDataVolumeClaimSpec: + accessModes: + - ReadWriteOnce + resources: + requests: + storage: 3Gi + storageClassName: server-storage diff --git a/docs/alarm_examples/true_alarm/result.json b/docs/alarm_examples/true_alarm/result.json new file mode 100644 index 0000000000..1709cbc27a --- /dev/null +++ b/docs/alarm_examples/true_alarm/result.json @@ -0,0 +1,28 @@ +{ + "trial_id": "trial-00-0000", + "duration": 409.6512837409973, + "error": { + "crash": null, + "health": null, + "operator_log": null, + "consistency": { + "message": "Found no matching fields for input", + "input_diff": { + "prev": "ACTOKEY", + "curr": "NotPresent", + "path": { + "path": [ + "spec", + "additionalServiceConfig", + "seedService", + "additionalLabels", + "ACTOKEY" + ] + } + }, + "system_state_diff": null + }, + "differential": null, + "custom": null + } +} diff --git a/docs/alarm_examples/true_alarm/system-state--01.json b/docs/alarm_examples/true_alarm/system-state--01.json new file mode 100644 index 0000000000..d038b1b286 --- /dev/null +++ b/docs/alarm_examples/true_alarm/system-state--01.json @@ -0,0 +1,8503 @@ +{ + "pod": { + "cluster1-test-cluster-default-sts-0": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:30+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": "cluster1-test-cluster-default-sts-", + "generation": null, + "labels": { + "app.kubernetes.io/instance": "cassandra-cluster1", + "app.kubernetes.io/managed-by": "cass-operator", + "app.kubernetes.io/name": "cassandra", + "app.kubernetes.io/version": "3.11.7", + "cassandra.datastax.com/cluster": "cluster1", + "cassandra.datastax.com/datacenter": "test-cluster", + "cassandra.datastax.com/node-state": "Started", + "cassandra.datastax.com/rack": "default", + "cassandra.datastax.com/seed-node": "true", + "controller-revision-hash": "cluster1-test-cluster-default-sts-5d8d5c84f4", + "statefulset.kubernetes.io/pod-name": "cluster1-test-cluster-default-sts-0" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:generateName": {}, + "f:labels": { + ".": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {}, + "f:app.kubernetes.io/version": {}, + "f:cassandra.datastax.com/cluster": {}, + "f:cassandra.datastax.com/datacenter": {}, + "f:cassandra.datastax.com/rack": {}, + "f:controller-revision-hash": {}, + "f:statefulset.kubernetes.io/pod-name": {} + }, + "f:ownerReferences": { + ".": {}, + "k:{\"uid\":\"f34321ea-cb8c-422e-8e25-043ede05be43\"}": {} + } + }, + "f:spec": { + "f:affinity": { + ".": {}, + "f:podAntiAffinity": { + ".": {}, + "f:requiredDuringSchedulingIgnoredDuringExecution": {} + } + }, + "f:containers": { + "k:{\"name\":\"cassandra\"}": { + ".": {}, + "f:env": { + ".": {}, + "k:{\"name\":\"DSE_AUTO_CONF_OFF\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"DSE_MGMT_EXPLICIT_START\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"DS_LICENSE\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"MGMT_API_EXPLICIT_START\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"USE_MGMT_API\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + } + }, + "f:image": {}, + "f:imagePullPolicy": {}, + "f:lifecycle": { + ".": {}, + "f:preStop": { + ".": {}, + "f:exec": { + ".": {}, + "f:command": {} + } + } + }, + "f:livenessProbe": { + ".": {}, + "f:failureThreshold": {}, + "f:httpGet": { + ".": {}, + "f:path": {}, + "f:port": {}, + "f:scheme": {} + }, + "f:initialDelaySeconds": {}, + "f:periodSeconds": {}, + "f:successThreshold": {}, + "f:timeoutSeconds": {} + }, + "f:name": {}, + "f:ports": { + ".": {}, + "k:{\"containerPort\":7000,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + }, + "k:{\"containerPort\":7001,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + }, + "k:{\"containerPort\":7199,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + }, + "k:{\"containerPort\":8080,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + }, + "k:{\"containerPort\":9042,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + }, + "k:{\"containerPort\":9103,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + }, + "k:{\"containerPort\":9142,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + }, + "k:{\"containerPort\":9160,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + } + }, + "f:readinessProbe": { + ".": {}, + "f:failureThreshold": {}, + "f:httpGet": { + ".": {}, + "f:path": {}, + "f:port": {}, + "f:scheme": {} + }, + "f:initialDelaySeconds": {}, + "f:periodSeconds": {}, + "f:successThreshold": {}, + "f:timeoutSeconds": {} + }, + "f:resources": {}, + "f:terminationMessagePath": {}, + "f:terminationMessagePolicy": {}, + "f:volumeMounts": { + ".": {}, + "k:{\"mountPath\":\"/config\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {} + }, + "k:{\"mountPath\":\"/etc/encryption/\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {} + }, + "k:{\"mountPath\":\"/var/lib/cassandra\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {} + }, + "k:{\"mountPath\":\"/var/log/cassandra\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {} + } + } + }, + "k:{\"name\":\"server-system-logger\"}": { + ".": {}, + "f:image": {}, + "f:imagePullPolicy": {}, + "f:name": {}, + "f:resources": { + ".": {}, + "f:limits": { + ".": {}, + "f:cpu": {}, + "f:memory": {} + }, + "f:requests": { + ".": {}, + "f:cpu": {}, + "f:memory": {} + } + }, + "f:terminationMessagePath": {}, + "f:terminationMessagePolicy": {}, + "f:volumeMounts": { + ".": {}, + "k:{\"mountPath\":\"/var/log/cassandra\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {} + } + } + } + }, + "f:dnsPolicy": {}, + "f:enableServiceLinks": {}, + "f:hostname": {}, + "f:initContainers": { + ".": {}, + "k:{\"name\":\"server-config-init\"}": { + ".": {}, + "f:env": { + ".": {}, + "k:{\"name\":\"CONFIG_FILE_DATA\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"DSE_VERSION\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"HOST_IP\"}": { + ".": {}, + "f:name": {}, + "f:valueFrom": { + ".": {}, + "f:fieldRef": {} + } + }, + "k:{\"name\":\"POD_IP\"}": { + ".": {}, + "f:name": {}, + "f:valueFrom": { + ".": {}, + "f:fieldRef": {} + } + }, + "k:{\"name\":\"PRODUCT_NAME\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"PRODUCT_VERSION\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"RACK_NAME\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"USE_HOST_IP_FOR_BROADCAST\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + } + }, + "f:image": {}, + "f:imagePullPolicy": {}, + "f:name": {}, + "f:resources": { + ".": {}, + "f:limits": { + ".": {}, + "f:cpu": {}, + "f:memory": {} + }, + "f:requests": { + ".": {}, + "f:cpu": {}, + "f:memory": {} + } + }, + "f:terminationMessagePath": {}, + "f:terminationMessagePolicy": {}, + "f:volumeMounts": { + ".": {}, + "k:{\"mountPath\":\"/config\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {} + } + } + } + }, + "f:restartPolicy": {}, + "f:schedulerName": {}, + "f:securityContext": { + ".": {}, + "f:fsGroup": {}, + "f:runAsGroup": {}, + "f:runAsUser": {} + }, + "f:serviceAccount": {}, + "f:serviceAccountName": {}, + "f:subdomain": {}, + "f:terminationGracePeriodSeconds": {}, + "f:volumes": { + ".": {}, + "k:{\"name\":\"encryption-cred-storage\"}": { + ".": {}, + "f:name": {}, + "f:secret": { + ".": {}, + "f:defaultMode": {}, + "f:secretName": {} + } + }, + "k:{\"name\":\"server-config\"}": { + ".": {}, + "f:emptyDir": {}, + "f:name": {} + }, + "k:{\"name\":\"server-data\"}": { + ".": {}, + "f:name": {}, + "f:persistentVolumeClaim": { + ".": {}, + "f:claimName": {} + } + }, + "k:{\"name\":\"server-logs\"}": { + ".": {}, + "f:emptyDir": {}, + "f:name": {} + } + } + } + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:30+00:00" + }, + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:labels": { + "f:cassandra.datastax.com/node-state": {}, + "f:cassandra.datastax.com/seed-node": {} + } + } + }, + "manager": "manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:34:08+00:00" + }, + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:status": { + "f:conditions": { + "k:{\"type\":\"ContainersReady\"}": { + ".": {}, + "f:lastProbeTime": {}, + "f:lastTransitionTime": {}, + "f:status": {}, + "f:type": {} + }, + "k:{\"type\":\"Initialized\"}": { + ".": {}, + "f:lastProbeTime": {}, + "f:lastTransitionTime": {}, + "f:status": {}, + "f:type": {} + }, + "k:{\"type\":\"Ready\"}": { + ".": {}, + "f:lastProbeTime": {}, + "f:lastTransitionTime": {}, + "f:status": {}, + "f:type": {} + } + }, + "f:containerStatuses": {}, + "f:hostIP": {}, + "f:initContainerStatuses": {}, + "f:phase": {}, + "f:podIP": {}, + "f:podIPs": { + ".": {}, + "k:{\"ip\":\"10.244.1.4\"}": { + ".": {}, + "f:ip": {} + } + }, + "f:startTime": {} + } + }, + "manager": "Go-http-client", + "operation": "Update", + "subresource": "status", + "time": "2024-02-26T19:34:23+00:00" + } + ], + "name": "cluster1-test-cluster-default-sts-0", + "namespace": "cass-operator", + "owner_references": [ + { + "api_version": "apps/v1", + "block_owner_deletion": true, + "controller": true, + "kind": "StatefulSet", + "name": "cluster1-test-cluster-default-sts", + "uid": "f34321ea-cb8c-422e-8e25-043ede05be43" + } + ], + "resource_version": "1581", + "self_link": null, + "uid": "e5322c75-6c05-4e97-90b8-c11bb1c04973" + }, + "spec": { + "active_deadline_seconds": null, + "affinity": { + "node_affinity": null, + "pod_affinity": null, + "pod_anti_affinity": { + "preferred_during_scheduling_ignored_during_execution": null, + "required_during_scheduling_ignored_during_execution": [ + { + "label_selector": { + "match_expressions": [ + { + "key": "cassandra.datastax.com/cluster", + "operator": "Exists", + "values": null + }, + { + "key": "cassandra.datastax.com/datacenter", + "operator": "Exists", + "values": null + }, + { + "key": "cassandra.datastax.com/rack", + "operator": "Exists", + "values": null + } + ], + "match_labels": null + }, + "namespace_selector": null, + "namespaces": null, + "topology_key": "kubernetes.io/hostname" + } + ] + } + }, + "automount_service_account_token": null, + "containers": [ + { + "args": null, + "command": null, + "env": [ + { + "name": "DS_LICENSE", + "value": "accept", + "value_from": null + }, + { + "name": "DSE_AUTO_CONF_OFF", + "value": "all", + "value_from": null + }, + { + "name": "USE_MGMT_API", + "value": "true", + "value_from": null + }, + { + "name": "MGMT_API_EXPLICIT_START", + "value": "true", + "value_from": null + }, + { + "name": "DSE_MGMT_EXPLICIT_START", + "value": "true", + "value_from": null + } + ], + "env_from": null, + "image": "k8ssandra/cass-management-api:3.11.7", + "image_pull_policy": "IfNotPresent", + "lifecycle": { + "post_start": null, + "pre_stop": { + "_exec": { + "command": [ + "wget", + "--output-document", + "/dev/null", + "--no-check-certificate", + "--post-data=''", + "http://localhost:8080/api/v0/ops/node/drain" + ] + }, + "http_get": null, + "tcp_socket": null + } + }, + "liveness_probe": { + "_exec": null, + "failure_threshold": 3, + "grpc": null, + "http_get": { + "host": null, + "http_headers": null, + "path": "/api/v0/probes/liveness", + "port": 8080, + "scheme": "HTTP" + }, + "initial_delay_seconds": 15, + "period_seconds": 15, + "success_threshold": 1, + "tcp_socket": null, + "termination_grace_period_seconds": null, + "timeout_seconds": 1 + }, + "name": "cassandra", + "ports": [ + { + "container_port": 9042, + "host_ip": null, + "host_port": null, + "name": "native", + "protocol": "TCP" + }, + { + "container_port": 9142, + "host_ip": null, + "host_port": null, + "name": "tls-native", + "protocol": "TCP" + }, + { + "container_port": 7000, + "host_ip": null, + "host_port": null, + "name": "internode", + "protocol": "TCP" + }, + { + "container_port": 7001, + "host_ip": null, + "host_port": null, + "name": "tls-internode", + "protocol": "TCP" + }, + { + "container_port": 7199, + "host_ip": null, + "host_port": null, + "name": "jmx", + "protocol": "TCP" + }, + { + "container_port": 8080, + "host_ip": null, + "host_port": null, + "name": "mgmt-api-http", + "protocol": "TCP" + }, + { + "container_port": 9103, + "host_ip": null, + "host_port": null, + "name": "prometheus", + "protocol": "TCP" + }, + { + "container_port": 9160, + "host_ip": null, + "host_port": null, + "name": "thrift", + "protocol": "TCP" + } + ], + "readiness_probe": { + "_exec": null, + "failure_threshold": 3, + "grpc": null, + "http_get": { + "host": null, + "http_headers": null, + "path": "/api/v0/probes/readiness", + "port": 8080, + "scheme": "HTTP" + }, + "initial_delay_seconds": 20, + "period_seconds": 10, + "success_threshold": 1, + "tcp_socket": null, + "termination_grace_period_seconds": null, + "timeout_seconds": 1 + }, + "resources": { + "claims": null, + "limits": null, + "requests": null + }, + "security_context": null, + "startup_probe": null, + "stdin": null, + "stdin_once": null, + "termination_message_path": "/dev/termination-log", + "termination_message_policy": "File", + "tty": null, + "volume_devices": null, + "volume_mounts": [ + { + "mount_path": "/var/log/cassandra", + "mount_propagation": null, + "name": "server-logs", + "read_only": null, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/var/lib/cassandra", + "mount_propagation": null, + "name": "server-data", + "read_only": null, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/etc/encryption/", + "mount_propagation": null, + "name": "encryption-cred-storage", + "read_only": null, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/config", + "mount_propagation": null, + "name": "server-config", + "read_only": null, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/var/run/secrets/kubernetes.io/serviceaccount", + "mount_propagation": null, + "name": "kube-api-access-bv8fr", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + } + ], + "working_dir": null + }, + { + "args": null, + "command": null, + "env": null, + "env_from": null, + "image": "k8ssandra/system-logger:v1.10.3", + "image_pull_policy": "IfNotPresent", + "lifecycle": null, + "liveness_probe": null, + "name": "server-system-logger", + "ports": null, + "readiness_probe": null, + "resources": { + "claims": null, + "limits": { + "cpu": "100m", + "memory": "64M" + }, + "requests": { + "cpu": "100m", + "memory": "64M" + } + }, + "security_context": null, + "startup_probe": null, + "stdin": null, + "stdin_once": null, + "termination_message_path": "/dev/termination-log", + "termination_message_policy": "File", + "tty": null, + "volume_devices": null, + "volume_mounts": [ + { + "mount_path": "/var/log/cassandra", + "mount_propagation": null, + "name": "server-logs", + "read_only": null, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/var/run/secrets/kubernetes.io/serviceaccount", + "mount_propagation": null, + "name": "kube-api-access-bv8fr", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + } + ], + "working_dir": null + } + ], + "dns_config": null, + "dns_policy": "ClusterFirst", + "enable_service_links": true, + "ephemeral_containers": null, + "host_aliases": null, + "host_ipc": null, + "host_network": null, + "host_pid": null, + "host_users": null, + "hostname": "cluster1-test-cluster-default-sts-0", + "image_pull_secrets": null, + "init_containers": [ + { + "args": null, + "command": null, + "env": [ + { + "name": "POD_IP", + "value": null, + "value_from": { + "config_map_key_ref": null, + "field_ref": { + "api_version": "v1", + "field_path": "status.podIP" + }, + "resource_field_ref": null, + "secret_key_ref": null + } + }, + { + "name": "HOST_IP", + "value": null, + "value_from": { + "config_map_key_ref": null, + "field_ref": { + "api_version": "v1", + "field_path": "status.hostIP" + }, + "resource_field_ref": null, + "secret_key_ref": null + } + }, + { + "name": "USE_HOST_IP_FOR_BROADCAST", + "value": "false", + "value_from": null + }, + { + "name": "RACK_NAME", + "value": "default", + "value_from": null + }, + { + "name": "PRODUCT_VERSION", + "value": "3.11.7", + "value_from": null + }, + { + "name": "PRODUCT_NAME", + "value": "cassandra", + "value_from": null + }, + { + "name": "DSE_VERSION", + "value": "3.11.7", + "value_from": null + }, + { + "name": "CONFIG_FILE_DATA", + "value": "{\"cassandra-yaml\":{\"authenticator\":\"org.apache.cassandra.auth.PasswordAuthenticator\",\"authorizer\":\"org.apache.cassandra.auth.CassandraAuthorizer\",\"role_manager\":\"org.apache.cassandra.auth.CassandraRoleManager\"},\"cluster-info\":{\"name\":\"cluster1\",\"seeds\":\"cluster1-seed-service,cluster1-test-cluster-additional-seed-service\"},\"datacenter-info\":{\"graph-enabled\":0,\"name\":\"test-cluster\",\"solr-enabled\":0,\"spark-enabled\":0},\"jvm-options\":{\"initial_heap_size\":\"800M\",\"max_heap_size\":\"800M\"}}", + "value_from": null + } + ], + "env_from": null, + "image": "datastax/cass-config-builder:1.0.4-ubi7", + "image_pull_policy": "IfNotPresent", + "lifecycle": null, + "liveness_probe": null, + "name": "server-config-init", + "ports": null, + "readiness_probe": null, + "resources": { + "claims": null, + "limits": { + "cpu": "1", + "memory": "256M" + }, + "requests": { + "cpu": "1", + "memory": "256M" + } + }, + "security_context": null, + "startup_probe": null, + "stdin": null, + "stdin_once": null, + "termination_message_path": "/dev/termination-log", + "termination_message_policy": "File", + "tty": null, + "volume_devices": null, + "volume_mounts": [ + { + "mount_path": "/config", + "mount_propagation": null, + "name": "server-config", + "read_only": null, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/var/run/secrets/kubernetes.io/serviceaccount", + "mount_propagation": null, + "name": "kube-api-access-bv8fr", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + } + ], + "working_dir": null + } + ], + "node_name": "acto-0-cluster-0-worker2", + "node_selector": null, + "os": null, + "overhead": null, + "preemption_policy": "PreemptLowerPriority", + "priority": 0, + "priority_class_name": null, + "readiness_gates": null, + "resource_claims": null, + "restart_policy": "Always", + "runtime_class_name": null, + "scheduler_name": "default-scheduler", + "scheduling_gates": null, + "security_context": { + "fs_group": 999, + "fs_group_change_policy": null, + "run_as_group": 999, + "run_as_non_root": null, + "run_as_user": 999, + "se_linux_options": null, + "seccomp_profile": null, + "supplemental_groups": null, + "sysctls": null, + "windows_options": null + }, + "service_account": "default", + "service_account_name": "default", + "set_hostname_as_fqdn": null, + "share_process_namespace": null, + "subdomain": "cluster1-test-cluster-all-pods-service", + "termination_grace_period_seconds": 120, + "tolerations": [ + { + "effect": "NoExecute", + "key": "node.kubernetes.io/not-ready", + "operator": "Exists", + "toleration_seconds": 300, + "value": null + }, + { + "effect": "NoExecute", + "key": "node.kubernetes.io/unreachable", + "operator": "Exists", + "toleration_seconds": 300, + "value": null + } + ], + "topology_spread_constraints": null, + "volumes": [ + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "server-data", + "nfs": null, + "persistent_volume_claim": { + "claim_name": "server-data-cluster1-test-cluster-default-sts-0", + "read_only": null + }, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": null, + "empty_dir": { + "medium": null, + "size_limit": null + }, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "server-config", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": null, + "empty_dir": { + "medium": null, + "size_limit": null + }, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "server-logs", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "encryption-cred-storage", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": { + "default_mode": 420, + "items": null, + "optional": null, + "secret_name": "test-cluster-keystore" + }, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "kube-api-access-bv8fr", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": { + "default_mode": 420, + "sources": [ + { + "config_map": null, + "downward_api": null, + "secret": null, + "service_account_token": { + "audience": null, + "expiration_seconds": 3607, + "path": "token" + } + }, + { + "config_map": { + "items": [ + { + "key": "ca.crt", + "mode": null, + "path": "ca.crt" + } + ], + "name": "kube-root-ca.crt", + "optional": null + }, + "downward_api": null, + "secret": null, + "service_account_token": null + }, + { + "config_map": null, + "downward_api": { + "items": [ + { + "field_ref": { + "api_version": "v1", + "field_path": "metadata.namespace" + }, + "mode": null, + "path": "namespace", + "resource_field_ref": null + } + ] + }, + "secret": null, + "service_account_token": null + } + ] + }, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + } + ] + }, + "status": { + "conditions": [ + { + "last_probe_time": null, + "last_transition_time": "2024-02-26T19:33:52+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "Initialized" + }, + { + "last_probe_time": null, + "last_transition_time": "2024-02-26T19:34:23+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "Ready" + }, + { + "last_probe_time": null, + "last_transition_time": "2024-02-26T19:34:23+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "ContainersReady" + }, + { + "last_probe_time": null, + "last_transition_time": "2024-02-26T19:33:33+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "PodScheduled" + } + ], + "container_statuses": [ + { + "container_id": "containerd://6781899841b23cd996e6d3e8f3eb7e420b19c55a85ee722533b37956f1569510", + "image": "docker.io/k8ssandra/cass-management-api:3.11.7", + "image_id": "docker.io/library/import-2024-02-26@sha256:3c740a7979c8fdbade5e4a289fd9bd2518bddafb76c7135fff09fb049b91ec77", + "last_state": { + "running": null, + "terminated": null, + "waiting": null + }, + "name": "cassandra", + "ready": true, + "restart_count": 0, + "started": true, + "state": { + "running": { + "started_at": "2024-02-26T19:33:52+00:00" + }, + "terminated": null, + "waiting": null + } + }, + { + "container_id": "containerd://b440f9849e6af66780de051ba270a0aad909c4cd5c45cc27b8ff658c4729a85b", + "image": "docker.io/k8ssandra/system-logger:v1.10.3", + "image_id": "docker.io/library/import-2024-02-26@sha256:d7125862ace61780e73a267eb69aafd40aefe5f9aa4fa37c82728488d36afe34", + "last_state": { + "running": null, + "terminated": null, + "waiting": null + }, + "name": "server-system-logger", + "ready": true, + "restart_count": 0, + "started": true, + "state": { + "running": { + "started_at": "2024-02-26T19:33:52+00:00" + }, + "terminated": null, + "waiting": null + } + } + ], + "ephemeral_container_statuses": null, + "host_ip": "172.18.0.3", + "init_container_statuses": [ + { + "container_id": "containerd://8783e2ce5d431ff462c90cbe98e5c045aa3c63bb42625771dc5b4e7545fdef16", + "image": "docker.io/datastax/cass-config-builder:1.0.4-ubi7", + "image_id": "docker.io/library/import-2024-02-26@sha256:a2fd99198174a7e97d77e9146e5bc9aa096444b5f3ca71aba30c410661f4fec1", + "last_state": { + "running": null, + "terminated": null, + "waiting": null + }, + "name": "server-config-init", + "ready": true, + "restart_count": 0, + "started": null, + "state": { + "running": null, + "terminated": { + "container_id": "containerd://8783e2ce5d431ff462c90cbe98e5c045aa3c63bb42625771dc5b4e7545fdef16", + "exit_code": 0, + "finished_at": "2024-02-26T19:33:52+00:00", + "message": null, + "reason": "Completed", + "signal": null, + "started_at": "2024-02-26T19:33:49+00:00" + }, + "waiting": null + } + } + ], + "message": null, + "nominated_node_name": null, + "phase": "Running", + "pod_ip": "10.244.1.4", + "pod_i_ps": [ + { + "ip": "10.244.1.4" + } + ], + "qos_class": "Burstable", + "reason": null, + "start_time": "2024-02-26T19:33:33+00:00" + } + }, + "cluster1-test-cluster-default-sts-1": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:30+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": "cluster1-test-cluster-default-sts-", + "generation": null, + "labels": { + "app.kubernetes.io/instance": "cassandra-cluster1", + "app.kubernetes.io/managed-by": "cass-operator", + "app.kubernetes.io/name": "cassandra", + "app.kubernetes.io/version": "3.11.7", + "cassandra.datastax.com/cluster": "cluster1", + "cassandra.datastax.com/datacenter": "test-cluster", + "cassandra.datastax.com/node-state": "Started", + "cassandra.datastax.com/rack": "default", + "cassandra.datastax.com/seed-node": "true", + "controller-revision-hash": "cluster1-test-cluster-default-sts-5d8d5c84f4", + "statefulset.kubernetes.io/pod-name": "cluster1-test-cluster-default-sts-1" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:generateName": {}, + "f:labels": { + ".": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {}, + "f:app.kubernetes.io/version": {}, + "f:cassandra.datastax.com/cluster": {}, + "f:cassandra.datastax.com/datacenter": {}, + "f:cassandra.datastax.com/rack": {}, + "f:controller-revision-hash": {}, + "f:statefulset.kubernetes.io/pod-name": {} + }, + "f:ownerReferences": { + ".": {}, + "k:{\"uid\":\"f34321ea-cb8c-422e-8e25-043ede05be43\"}": {} + } + }, + "f:spec": { + "f:affinity": { + ".": {}, + "f:podAntiAffinity": { + ".": {}, + "f:requiredDuringSchedulingIgnoredDuringExecution": {} + } + }, + "f:containers": { + "k:{\"name\":\"cassandra\"}": { + ".": {}, + "f:env": { + ".": {}, + "k:{\"name\":\"DSE_AUTO_CONF_OFF\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"DSE_MGMT_EXPLICIT_START\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"DS_LICENSE\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"MGMT_API_EXPLICIT_START\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"USE_MGMT_API\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + } + }, + "f:image": {}, + "f:imagePullPolicy": {}, + "f:lifecycle": { + ".": {}, + "f:preStop": { + ".": {}, + "f:exec": { + ".": {}, + "f:command": {} + } + } + }, + "f:livenessProbe": { + ".": {}, + "f:failureThreshold": {}, + "f:httpGet": { + ".": {}, + "f:path": {}, + "f:port": {}, + "f:scheme": {} + }, + "f:initialDelaySeconds": {}, + "f:periodSeconds": {}, + "f:successThreshold": {}, + "f:timeoutSeconds": {} + }, + "f:name": {}, + "f:ports": { + ".": {}, + "k:{\"containerPort\":7000,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + }, + "k:{\"containerPort\":7001,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + }, + "k:{\"containerPort\":7199,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + }, + "k:{\"containerPort\":8080,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + }, + "k:{\"containerPort\":9042,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + }, + "k:{\"containerPort\":9103,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + }, + "k:{\"containerPort\":9142,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + }, + "k:{\"containerPort\":9160,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + } + }, + "f:readinessProbe": { + ".": {}, + "f:failureThreshold": {}, + "f:httpGet": { + ".": {}, + "f:path": {}, + "f:port": {}, + "f:scheme": {} + }, + "f:initialDelaySeconds": {}, + "f:periodSeconds": {}, + "f:successThreshold": {}, + "f:timeoutSeconds": {} + }, + "f:resources": {}, + "f:terminationMessagePath": {}, + "f:terminationMessagePolicy": {}, + "f:volumeMounts": { + ".": {}, + "k:{\"mountPath\":\"/config\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {} + }, + "k:{\"mountPath\":\"/etc/encryption/\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {} + }, + "k:{\"mountPath\":\"/var/lib/cassandra\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {} + }, + "k:{\"mountPath\":\"/var/log/cassandra\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {} + } + } + }, + "k:{\"name\":\"server-system-logger\"}": { + ".": {}, + "f:image": {}, + "f:imagePullPolicy": {}, + "f:name": {}, + "f:resources": { + ".": {}, + "f:limits": { + ".": {}, + "f:cpu": {}, + "f:memory": {} + }, + "f:requests": { + ".": {}, + "f:cpu": {}, + "f:memory": {} + } + }, + "f:terminationMessagePath": {}, + "f:terminationMessagePolicy": {}, + "f:volumeMounts": { + ".": {}, + "k:{\"mountPath\":\"/var/log/cassandra\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {} + } + } + } + }, + "f:dnsPolicy": {}, + "f:enableServiceLinks": {}, + "f:hostname": {}, + "f:initContainers": { + ".": {}, + "k:{\"name\":\"server-config-init\"}": { + ".": {}, + "f:env": { + ".": {}, + "k:{\"name\":\"CONFIG_FILE_DATA\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"DSE_VERSION\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"HOST_IP\"}": { + ".": {}, + "f:name": {}, + "f:valueFrom": { + ".": {}, + "f:fieldRef": {} + } + }, + "k:{\"name\":\"POD_IP\"}": { + ".": {}, + "f:name": {}, + "f:valueFrom": { + ".": {}, + "f:fieldRef": {} + } + }, + "k:{\"name\":\"PRODUCT_NAME\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"PRODUCT_VERSION\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"RACK_NAME\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"USE_HOST_IP_FOR_BROADCAST\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + } + }, + "f:image": {}, + "f:imagePullPolicy": {}, + "f:name": {}, + "f:resources": { + ".": {}, + "f:limits": { + ".": {}, + "f:cpu": {}, + "f:memory": {} + }, + "f:requests": { + ".": {}, + "f:cpu": {}, + "f:memory": {} + } + }, + "f:terminationMessagePath": {}, + "f:terminationMessagePolicy": {}, + "f:volumeMounts": { + ".": {}, + "k:{\"mountPath\":\"/config\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {} + } + } + } + }, + "f:restartPolicy": {}, + "f:schedulerName": {}, + "f:securityContext": { + ".": {}, + "f:fsGroup": {}, + "f:runAsGroup": {}, + "f:runAsUser": {} + }, + "f:serviceAccount": {}, + "f:serviceAccountName": {}, + "f:subdomain": {}, + "f:terminationGracePeriodSeconds": {}, + "f:volumes": { + ".": {}, + "k:{\"name\":\"encryption-cred-storage\"}": { + ".": {}, + "f:name": {}, + "f:secret": { + ".": {}, + "f:defaultMode": {}, + "f:secretName": {} + } + }, + "k:{\"name\":\"server-config\"}": { + ".": {}, + "f:emptyDir": {}, + "f:name": {} + }, + "k:{\"name\":\"server-data\"}": { + ".": {}, + "f:name": {}, + "f:persistentVolumeClaim": { + ".": {}, + "f:claimName": {} + } + }, + "k:{\"name\":\"server-logs\"}": { + ".": {}, + "f:emptyDir": {}, + "f:name": {} + } + } + } + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:30+00:00" + }, + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:status": { + "f:conditions": { + "k:{\"type\":\"ContainersReady\"}": { + ".": {}, + "f:lastProbeTime": {}, + "f:lastTransitionTime": {}, + "f:status": {}, + "f:type": {} + }, + "k:{\"type\":\"Initialized\"}": { + ".": {}, + "f:lastProbeTime": {}, + "f:lastTransitionTime": {}, + "f:status": {}, + "f:type": {} + }, + "k:{\"type\":\"Ready\"}": { + ".": {}, + "f:lastProbeTime": {}, + "f:lastTransitionTime": {}, + "f:status": {}, + "f:type": {} + } + }, + "f:containerStatuses": {}, + "f:hostIP": {}, + "f:initContainerStatuses": {}, + "f:phase": {}, + "f:podIP": {}, + "f:podIPs": { + ".": {}, + "k:{\"ip\":\"10.244.2.5\"}": { + ".": {}, + "f:ip": {} + } + }, + "f:startTime": {} + } + }, + "manager": "Go-http-client", + "operation": "Update", + "subresource": "status", + "time": "2024-02-26T19:36:14+00:00" + }, + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:labels": { + "f:cassandra.datastax.com/node-state": {}, + "f:cassandra.datastax.com/seed-node": {} + } + } + }, + "manager": "manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:36:14+00:00" + } + ], + "name": "cluster1-test-cluster-default-sts-1", + "namespace": "cass-operator", + "owner_references": [ + { + "api_version": "apps/v1", + "block_owner_deletion": true, + "controller": true, + "kind": "StatefulSet", + "name": "cluster1-test-cluster-default-sts", + "uid": "f34321ea-cb8c-422e-8e25-043ede05be43" + } + ], + "resource_version": "1976", + "self_link": null, + "uid": "142b87e9-242a-4cad-aa89-7164a010c1b0" + }, + "spec": { + "active_deadline_seconds": null, + "affinity": { + "node_affinity": null, + "pod_affinity": null, + "pod_anti_affinity": { + "preferred_during_scheduling_ignored_during_execution": null, + "required_during_scheduling_ignored_during_execution": [ + { + "label_selector": { + "match_expressions": [ + { + "key": "cassandra.datastax.com/cluster", + "operator": "Exists", + "values": null + }, + { + "key": "cassandra.datastax.com/datacenter", + "operator": "Exists", + "values": null + }, + { + "key": "cassandra.datastax.com/rack", + "operator": "Exists", + "values": null + } + ], + "match_labels": null + }, + "namespace_selector": null, + "namespaces": null, + "topology_key": "kubernetes.io/hostname" + } + ] + } + }, + "automount_service_account_token": null, + "containers": [ + { + "args": null, + "command": null, + "env": [ + { + "name": "DS_LICENSE", + "value": "accept", + "value_from": null + }, + { + "name": "DSE_AUTO_CONF_OFF", + "value": "all", + "value_from": null + }, + { + "name": "USE_MGMT_API", + "value": "true", + "value_from": null + }, + { + "name": "MGMT_API_EXPLICIT_START", + "value": "true", + "value_from": null + }, + { + "name": "DSE_MGMT_EXPLICIT_START", + "value": "true", + "value_from": null + } + ], + "env_from": null, + "image": "k8ssandra/cass-management-api:3.11.7", + "image_pull_policy": "IfNotPresent", + "lifecycle": { + "post_start": null, + "pre_stop": { + "_exec": { + "command": [ + "wget", + "--output-document", + "/dev/null", + "--no-check-certificate", + "--post-data=''", + "http://localhost:8080/api/v0/ops/node/drain" + ] + }, + "http_get": null, + "tcp_socket": null + } + }, + "liveness_probe": { + "_exec": null, + "failure_threshold": 3, + "grpc": null, + "http_get": { + "host": null, + "http_headers": null, + "path": "/api/v0/probes/liveness", + "port": 8080, + "scheme": "HTTP" + }, + "initial_delay_seconds": 15, + "period_seconds": 15, + "success_threshold": 1, + "tcp_socket": null, + "termination_grace_period_seconds": null, + "timeout_seconds": 1 + }, + "name": "cassandra", + "ports": [ + { + "container_port": 9042, + "host_ip": null, + "host_port": null, + "name": "native", + "protocol": "TCP" + }, + { + "container_port": 9142, + "host_ip": null, + "host_port": null, + "name": "tls-native", + "protocol": "TCP" + }, + { + "container_port": 7000, + "host_ip": null, + "host_port": null, + "name": "internode", + "protocol": "TCP" + }, + { + "container_port": 7001, + "host_ip": null, + "host_port": null, + "name": "tls-internode", + "protocol": "TCP" + }, + { + "container_port": 7199, + "host_ip": null, + "host_port": null, + "name": "jmx", + "protocol": "TCP" + }, + { + "container_port": 8080, + "host_ip": null, + "host_port": null, + "name": "mgmt-api-http", + "protocol": "TCP" + }, + { + "container_port": 9103, + "host_ip": null, + "host_port": null, + "name": "prometheus", + "protocol": "TCP" + }, + { + "container_port": 9160, + "host_ip": null, + "host_port": null, + "name": "thrift", + "protocol": "TCP" + } + ], + "readiness_probe": { + "_exec": null, + "failure_threshold": 3, + "grpc": null, + "http_get": { + "host": null, + "http_headers": null, + "path": "/api/v0/probes/readiness", + "port": 8080, + "scheme": "HTTP" + }, + "initial_delay_seconds": 20, + "period_seconds": 10, + "success_threshold": 1, + "tcp_socket": null, + "termination_grace_period_seconds": null, + "timeout_seconds": 1 + }, + "resources": { + "claims": null, + "limits": null, + "requests": null + }, + "security_context": null, + "startup_probe": null, + "stdin": null, + "stdin_once": null, + "termination_message_path": "/dev/termination-log", + "termination_message_policy": "File", + "tty": null, + "volume_devices": null, + "volume_mounts": [ + { + "mount_path": "/var/log/cassandra", + "mount_propagation": null, + "name": "server-logs", + "read_only": null, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/var/lib/cassandra", + "mount_propagation": null, + "name": "server-data", + "read_only": null, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/etc/encryption/", + "mount_propagation": null, + "name": "encryption-cred-storage", + "read_only": null, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/config", + "mount_propagation": null, + "name": "server-config", + "read_only": null, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/var/run/secrets/kubernetes.io/serviceaccount", + "mount_propagation": null, + "name": "kube-api-access-5qwsl", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + } + ], + "working_dir": null + }, + { + "args": null, + "command": null, + "env": null, + "env_from": null, + "image": "k8ssandra/system-logger:v1.10.3", + "image_pull_policy": "IfNotPresent", + "lifecycle": null, + "liveness_probe": null, + "name": "server-system-logger", + "ports": null, + "readiness_probe": null, + "resources": { + "claims": null, + "limits": { + "cpu": "100m", + "memory": "64M" + }, + "requests": { + "cpu": "100m", + "memory": "64M" + } + }, + "security_context": null, + "startup_probe": null, + "stdin": null, + "stdin_once": null, + "termination_message_path": "/dev/termination-log", + "termination_message_policy": "File", + "tty": null, + "volume_devices": null, + "volume_mounts": [ + { + "mount_path": "/var/log/cassandra", + "mount_propagation": null, + "name": "server-logs", + "read_only": null, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/var/run/secrets/kubernetes.io/serviceaccount", + "mount_propagation": null, + "name": "kube-api-access-5qwsl", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + } + ], + "working_dir": null + } + ], + "dns_config": null, + "dns_policy": "ClusterFirst", + "enable_service_links": true, + "ephemeral_containers": null, + "host_aliases": null, + "host_ipc": null, + "host_network": null, + "host_pid": null, + "host_users": null, + "hostname": "cluster1-test-cluster-default-sts-1", + "image_pull_secrets": null, + "init_containers": [ + { + "args": null, + "command": null, + "env": [ + { + "name": "POD_IP", + "value": null, + "value_from": { + "config_map_key_ref": null, + "field_ref": { + "api_version": "v1", + "field_path": "status.podIP" + }, + "resource_field_ref": null, + "secret_key_ref": null + } + }, + { + "name": "HOST_IP", + "value": null, + "value_from": { + "config_map_key_ref": null, + "field_ref": { + "api_version": "v1", + "field_path": "status.hostIP" + }, + "resource_field_ref": null, + "secret_key_ref": null + } + }, + { + "name": "USE_HOST_IP_FOR_BROADCAST", + "value": "false", + "value_from": null + }, + { + "name": "RACK_NAME", + "value": "default", + "value_from": null + }, + { + "name": "PRODUCT_VERSION", + "value": "3.11.7", + "value_from": null + }, + { + "name": "PRODUCT_NAME", + "value": "cassandra", + "value_from": null + }, + { + "name": "DSE_VERSION", + "value": "3.11.7", + "value_from": null + }, + { + "name": "CONFIG_FILE_DATA", + "value": "{\"cassandra-yaml\":{\"authenticator\":\"org.apache.cassandra.auth.PasswordAuthenticator\",\"authorizer\":\"org.apache.cassandra.auth.CassandraAuthorizer\",\"role_manager\":\"org.apache.cassandra.auth.CassandraRoleManager\"},\"cluster-info\":{\"name\":\"cluster1\",\"seeds\":\"cluster1-seed-service,cluster1-test-cluster-additional-seed-service\"},\"datacenter-info\":{\"graph-enabled\":0,\"name\":\"test-cluster\",\"solr-enabled\":0,\"spark-enabled\":0},\"jvm-options\":{\"initial_heap_size\":\"800M\",\"max_heap_size\":\"800M\"}}", + "value_from": null + } + ], + "env_from": null, + "image": "datastax/cass-config-builder:1.0.4-ubi7", + "image_pull_policy": "IfNotPresent", + "lifecycle": null, + "liveness_probe": null, + "name": "server-config-init", + "ports": null, + "readiness_probe": null, + "resources": { + "claims": null, + "limits": { + "cpu": "1", + "memory": "256M" + }, + "requests": { + "cpu": "1", + "memory": "256M" + } + }, + "security_context": null, + "startup_probe": null, + "stdin": null, + "stdin_once": null, + "termination_message_path": "/dev/termination-log", + "termination_message_policy": "File", + "tty": null, + "volume_devices": null, + "volume_mounts": [ + { + "mount_path": "/config", + "mount_propagation": null, + "name": "server-config", + "read_only": null, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/var/run/secrets/kubernetes.io/serviceaccount", + "mount_propagation": null, + "name": "kube-api-access-5qwsl", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + } + ], + "working_dir": null + } + ], + "node_name": "acto-0-cluster-0-worker", + "node_selector": null, + "os": null, + "overhead": null, + "preemption_policy": "PreemptLowerPriority", + "priority": 0, + "priority_class_name": null, + "readiness_gates": null, + "resource_claims": null, + "restart_policy": "Always", + "runtime_class_name": null, + "scheduler_name": "default-scheduler", + "scheduling_gates": null, + "security_context": { + "fs_group": 999, + "fs_group_change_policy": null, + "run_as_group": 999, + "run_as_non_root": null, + "run_as_user": 999, + "se_linux_options": null, + "seccomp_profile": null, + "supplemental_groups": null, + "sysctls": null, + "windows_options": null + }, + "service_account": "default", + "service_account_name": "default", + "set_hostname_as_fqdn": null, + "share_process_namespace": null, + "subdomain": "cluster1-test-cluster-all-pods-service", + "termination_grace_period_seconds": 120, + "tolerations": [ + { + "effect": "NoExecute", + "key": "node.kubernetes.io/not-ready", + "operator": "Exists", + "toleration_seconds": 300, + "value": null + }, + { + "effect": "NoExecute", + "key": "node.kubernetes.io/unreachable", + "operator": "Exists", + "toleration_seconds": 300, + "value": null + } + ], + "topology_spread_constraints": null, + "volumes": [ + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "server-data", + "nfs": null, + "persistent_volume_claim": { + "claim_name": "server-data-cluster1-test-cluster-default-sts-1", + "read_only": null + }, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": null, + "empty_dir": { + "medium": null, + "size_limit": null + }, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "server-config", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": null, + "empty_dir": { + "medium": null, + "size_limit": null + }, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "server-logs", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "encryption-cred-storage", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": { + "default_mode": 420, + "items": null, + "optional": null, + "secret_name": "test-cluster-keystore" + }, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "kube-api-access-5qwsl", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": { + "default_mode": 420, + "sources": [ + { + "config_map": null, + "downward_api": null, + "secret": null, + "service_account_token": { + "audience": null, + "expiration_seconds": 3607, + "path": "token" + } + }, + { + "config_map": { + "items": [ + { + "key": "ca.crt", + "mode": null, + "path": "ca.crt" + } + ], + "name": "kube-root-ca.crt", + "optional": null + }, + "downward_api": null, + "secret": null, + "service_account_token": null + }, + { + "config_map": null, + "downward_api": { + "items": [ + { + "field_ref": { + "api_version": "v1", + "field_path": "metadata.namespace" + }, + "mode": null, + "path": "namespace", + "resource_field_ref": null + } + ] + }, + "secret": null, + "service_account_token": null + } + ] + }, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + } + ] + }, + "status": { + "conditions": [ + { + "last_probe_time": null, + "last_transition_time": "2024-02-26T19:33:53+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "Initialized" + }, + { + "last_probe_time": null, + "last_transition_time": "2024-02-26T19:36:14+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "Ready" + }, + { + "last_probe_time": null, + "last_transition_time": "2024-02-26T19:36:14+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "ContainersReady" + }, + { + "last_probe_time": null, + "last_transition_time": "2024-02-26T19:33:34+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "PodScheduled" + } + ], + "container_statuses": [ + { + "container_id": "containerd://e27a1c201fa1ecb46b015512bae5ba8f2be69fe6b44c7fd88f737e19adc75e21", + "image": "docker.io/k8ssandra/cass-management-api:3.11.7", + "image_id": "docker.io/library/import-2024-02-26@sha256:3c740a7979c8fdbade5e4a289fd9bd2518bddafb76c7135fff09fb049b91ec77", + "last_state": { + "running": null, + "terminated": null, + "waiting": null + }, + "name": "cassandra", + "ready": true, + "restart_count": 0, + "started": true, + "state": { + "running": { + "started_at": "2024-02-26T19:33:53+00:00" + }, + "terminated": null, + "waiting": null + } + }, + { + "container_id": "containerd://d2138e6ad02d0ba6a187f65720347f0c8bc4cb0642a0e91d5ac1ea571ecbf725", + "image": "docker.io/k8ssandra/system-logger:v1.10.3", + "image_id": "docker.io/library/import-2024-02-26@sha256:d7125862ace61780e73a267eb69aafd40aefe5f9aa4fa37c82728488d36afe34", + "last_state": { + "running": null, + "terminated": null, + "waiting": null + }, + "name": "server-system-logger", + "ready": true, + "restart_count": 0, + "started": true, + "state": { + "running": { + "started_at": "2024-02-26T19:33:54+00:00" + }, + "terminated": null, + "waiting": null + } + } + ], + "ephemeral_container_statuses": null, + "host_ip": "172.18.0.5", + "init_container_statuses": [ + { + "container_id": "containerd://fbc9b2c3d327d1ca5c482158e10098ace29b54eb27a353bd3cb9098170956407", + "image": "docker.io/datastax/cass-config-builder:1.0.4-ubi7", + "image_id": "docker.io/library/import-2024-02-26@sha256:a2fd99198174a7e97d77e9146e5bc9aa096444b5f3ca71aba30c410661f4fec1", + "last_state": { + "running": null, + "terminated": null, + "waiting": null + }, + "name": "server-config-init", + "ready": true, + "restart_count": 0, + "started": null, + "state": { + "running": null, + "terminated": { + "container_id": "containerd://fbc9b2c3d327d1ca5c482158e10098ace29b54eb27a353bd3cb9098170956407", + "exit_code": 0, + "finished_at": "2024-02-26T19:33:52+00:00", + "message": null, + "reason": "Completed", + "signal": null, + "started_at": "2024-02-26T19:33:50+00:00" + }, + "waiting": null + } + } + ], + "message": null, + "nominated_node_name": null, + "phase": "Running", + "pod_ip": "10.244.2.5", + "pod_i_ps": [ + { + "ip": "10.244.2.5" + } + ], + "qos_class": "Burstable", + "reason": null, + "start_time": "2024-02-26T19:33:34+00:00" + } + }, + "cluster1-test-cluster-default-sts-2": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:30+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": "cluster1-test-cluster-default-sts-", + "generation": null, + "labels": { + "app.kubernetes.io/instance": "cassandra-cluster1", + "app.kubernetes.io/managed-by": "cass-operator", + "app.kubernetes.io/name": "cassandra", + "app.kubernetes.io/version": "3.11.7", + "cassandra.datastax.com/cluster": "cluster1", + "cassandra.datastax.com/datacenter": "test-cluster", + "cassandra.datastax.com/node-state": "Started", + "cassandra.datastax.com/rack": "default", + "cassandra.datastax.com/seed-node": "true", + "controller-revision-hash": "cluster1-test-cluster-default-sts-5d8d5c84f4", + "statefulset.kubernetes.io/pod-name": "cluster1-test-cluster-default-sts-2" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:generateName": {}, + "f:labels": { + ".": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {}, + "f:app.kubernetes.io/version": {}, + "f:cassandra.datastax.com/cluster": {}, + "f:cassandra.datastax.com/datacenter": {}, + "f:cassandra.datastax.com/rack": {}, + "f:controller-revision-hash": {}, + "f:statefulset.kubernetes.io/pod-name": {} + }, + "f:ownerReferences": { + ".": {}, + "k:{\"uid\":\"f34321ea-cb8c-422e-8e25-043ede05be43\"}": {} + } + }, + "f:spec": { + "f:affinity": { + ".": {}, + "f:podAntiAffinity": { + ".": {}, + "f:requiredDuringSchedulingIgnoredDuringExecution": {} + } + }, + "f:containers": { + "k:{\"name\":\"cassandra\"}": { + ".": {}, + "f:env": { + ".": {}, + "k:{\"name\":\"DSE_AUTO_CONF_OFF\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"DSE_MGMT_EXPLICIT_START\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"DS_LICENSE\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"MGMT_API_EXPLICIT_START\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"USE_MGMT_API\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + } + }, + "f:image": {}, + "f:imagePullPolicy": {}, + "f:lifecycle": { + ".": {}, + "f:preStop": { + ".": {}, + "f:exec": { + ".": {}, + "f:command": {} + } + } + }, + "f:livenessProbe": { + ".": {}, + "f:failureThreshold": {}, + "f:httpGet": { + ".": {}, + "f:path": {}, + "f:port": {}, + "f:scheme": {} + }, + "f:initialDelaySeconds": {}, + "f:periodSeconds": {}, + "f:successThreshold": {}, + "f:timeoutSeconds": {} + }, + "f:name": {}, + "f:ports": { + ".": {}, + "k:{\"containerPort\":7000,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + }, + "k:{\"containerPort\":7001,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + }, + "k:{\"containerPort\":7199,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + }, + "k:{\"containerPort\":8080,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + }, + "k:{\"containerPort\":9042,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + }, + "k:{\"containerPort\":9103,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + }, + "k:{\"containerPort\":9142,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + }, + "k:{\"containerPort\":9160,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + } + }, + "f:readinessProbe": { + ".": {}, + "f:failureThreshold": {}, + "f:httpGet": { + ".": {}, + "f:path": {}, + "f:port": {}, + "f:scheme": {} + }, + "f:initialDelaySeconds": {}, + "f:periodSeconds": {}, + "f:successThreshold": {}, + "f:timeoutSeconds": {} + }, + "f:resources": {}, + "f:terminationMessagePath": {}, + "f:terminationMessagePolicy": {}, + "f:volumeMounts": { + ".": {}, + "k:{\"mountPath\":\"/config\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {} + }, + "k:{\"mountPath\":\"/etc/encryption/\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {} + }, + "k:{\"mountPath\":\"/var/lib/cassandra\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {} + }, + "k:{\"mountPath\":\"/var/log/cassandra\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {} + } + } + }, + "k:{\"name\":\"server-system-logger\"}": { + ".": {}, + "f:image": {}, + "f:imagePullPolicy": {}, + "f:name": {}, + "f:resources": { + ".": {}, + "f:limits": { + ".": {}, + "f:cpu": {}, + "f:memory": {} + }, + "f:requests": { + ".": {}, + "f:cpu": {}, + "f:memory": {} + } + }, + "f:terminationMessagePath": {}, + "f:terminationMessagePolicy": {}, + "f:volumeMounts": { + ".": {}, + "k:{\"mountPath\":\"/var/log/cassandra\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {} + } + } + } + }, + "f:dnsPolicy": {}, + "f:enableServiceLinks": {}, + "f:hostname": {}, + "f:initContainers": { + ".": {}, + "k:{\"name\":\"server-config-init\"}": { + ".": {}, + "f:env": { + ".": {}, + "k:{\"name\":\"CONFIG_FILE_DATA\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"DSE_VERSION\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"HOST_IP\"}": { + ".": {}, + "f:name": {}, + "f:valueFrom": { + ".": {}, + "f:fieldRef": {} + } + }, + "k:{\"name\":\"POD_IP\"}": { + ".": {}, + "f:name": {}, + "f:valueFrom": { + ".": {}, + "f:fieldRef": {} + } + }, + "k:{\"name\":\"PRODUCT_NAME\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"PRODUCT_VERSION\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"RACK_NAME\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"USE_HOST_IP_FOR_BROADCAST\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + } + }, + "f:image": {}, + "f:imagePullPolicy": {}, + "f:name": {}, + "f:resources": { + ".": {}, + "f:limits": { + ".": {}, + "f:cpu": {}, + "f:memory": {} + }, + "f:requests": { + ".": {}, + "f:cpu": {}, + "f:memory": {} + } + }, + "f:terminationMessagePath": {}, + "f:terminationMessagePolicy": {}, + "f:volumeMounts": { + ".": {}, + "k:{\"mountPath\":\"/config\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {} + } + } + } + }, + "f:restartPolicy": {}, + "f:schedulerName": {}, + "f:securityContext": { + ".": {}, + "f:fsGroup": {}, + "f:runAsGroup": {}, + "f:runAsUser": {} + }, + "f:serviceAccount": {}, + "f:serviceAccountName": {}, + "f:subdomain": {}, + "f:terminationGracePeriodSeconds": {}, + "f:volumes": { + ".": {}, + "k:{\"name\":\"encryption-cred-storage\"}": { + ".": {}, + "f:name": {}, + "f:secret": { + ".": {}, + "f:defaultMode": {}, + "f:secretName": {} + } + }, + "k:{\"name\":\"server-config\"}": { + ".": {}, + "f:emptyDir": {}, + "f:name": {} + }, + "k:{\"name\":\"server-data\"}": { + ".": {}, + "f:name": {}, + "f:persistentVolumeClaim": { + ".": {}, + "f:claimName": {} + } + }, + "k:{\"name\":\"server-logs\"}": { + ".": {}, + "f:emptyDir": {}, + "f:name": {} + } + } + } + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:30+00:00" + }, + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:status": { + "f:conditions": { + "k:{\"type\":\"ContainersReady\"}": { + ".": {}, + "f:lastProbeTime": {}, + "f:lastTransitionTime": {}, + "f:status": {}, + "f:type": {} + }, + "k:{\"type\":\"Initialized\"}": { + ".": {}, + "f:lastProbeTime": {}, + "f:lastTransitionTime": {}, + "f:status": {}, + "f:type": {} + }, + "k:{\"type\":\"Ready\"}": { + ".": {}, + "f:lastProbeTime": {}, + "f:lastTransitionTime": {}, + "f:status": {}, + "f:type": {} + } + }, + "f:containerStatuses": {}, + "f:hostIP": {}, + "f:initContainerStatuses": {}, + "f:phase": {}, + "f:podIP": {}, + "f:podIPs": { + ".": {}, + "k:{\"ip\":\"10.244.3.5\"}": { + ".": {}, + "f:ip": {} + } + }, + "f:startTime": {} + } + }, + "manager": "Go-http-client", + "operation": "Update", + "subresource": "status", + "time": "2024-02-26T19:35:24+00:00" + }, + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:labels": { + "f:cassandra.datastax.com/node-state": {}, + "f:cassandra.datastax.com/seed-node": {} + } + } + }, + "manager": "manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:35:24+00:00" + } + ], + "name": "cluster1-test-cluster-default-sts-2", + "namespace": "cass-operator", + "owner_references": [ + { + "api_version": "apps/v1", + "block_owner_deletion": true, + "controller": true, + "kind": "StatefulSet", + "name": "cluster1-test-cluster-default-sts", + "uid": "f34321ea-cb8c-422e-8e25-043ede05be43" + } + ], + "resource_version": "1793", + "self_link": null, + "uid": "939bdbbf-0ce4-4888-b71e-12983ba5c9aa" + }, + "spec": { + "active_deadline_seconds": null, + "affinity": { + "node_affinity": null, + "pod_affinity": null, + "pod_anti_affinity": { + "preferred_during_scheduling_ignored_during_execution": null, + "required_during_scheduling_ignored_during_execution": [ + { + "label_selector": { + "match_expressions": [ + { + "key": "cassandra.datastax.com/cluster", + "operator": "Exists", + "values": null + }, + { + "key": "cassandra.datastax.com/datacenter", + "operator": "Exists", + "values": null + }, + { + "key": "cassandra.datastax.com/rack", + "operator": "Exists", + "values": null + } + ], + "match_labels": null + }, + "namespace_selector": null, + "namespaces": null, + "topology_key": "kubernetes.io/hostname" + } + ] + } + }, + "automount_service_account_token": null, + "containers": [ + { + "args": null, + "command": null, + "env": [ + { + "name": "DS_LICENSE", + "value": "accept", + "value_from": null + }, + { + "name": "DSE_AUTO_CONF_OFF", + "value": "all", + "value_from": null + }, + { + "name": "USE_MGMT_API", + "value": "true", + "value_from": null + }, + { + "name": "MGMT_API_EXPLICIT_START", + "value": "true", + "value_from": null + }, + { + "name": "DSE_MGMT_EXPLICIT_START", + "value": "true", + "value_from": null + } + ], + "env_from": null, + "image": "k8ssandra/cass-management-api:3.11.7", + "image_pull_policy": "IfNotPresent", + "lifecycle": { + "post_start": null, + "pre_stop": { + "_exec": { + "command": [ + "wget", + "--output-document", + "/dev/null", + "--no-check-certificate", + "--post-data=''", + "http://localhost:8080/api/v0/ops/node/drain" + ] + }, + "http_get": null, + "tcp_socket": null + } + }, + "liveness_probe": { + "_exec": null, + "failure_threshold": 3, + "grpc": null, + "http_get": { + "host": null, + "http_headers": null, + "path": "/api/v0/probes/liveness", + "port": 8080, + "scheme": "HTTP" + }, + "initial_delay_seconds": 15, + "period_seconds": 15, + "success_threshold": 1, + "tcp_socket": null, + "termination_grace_period_seconds": null, + "timeout_seconds": 1 + }, + "name": "cassandra", + "ports": [ + { + "container_port": 9042, + "host_ip": null, + "host_port": null, + "name": "native", + "protocol": "TCP" + }, + { + "container_port": 9142, + "host_ip": null, + "host_port": null, + "name": "tls-native", + "protocol": "TCP" + }, + { + "container_port": 7000, + "host_ip": null, + "host_port": null, + "name": "internode", + "protocol": "TCP" + }, + { + "container_port": 7001, + "host_ip": null, + "host_port": null, + "name": "tls-internode", + "protocol": "TCP" + }, + { + "container_port": 7199, + "host_ip": null, + "host_port": null, + "name": "jmx", + "protocol": "TCP" + }, + { + "container_port": 8080, + "host_ip": null, + "host_port": null, + "name": "mgmt-api-http", + "protocol": "TCP" + }, + { + "container_port": 9103, + "host_ip": null, + "host_port": null, + "name": "prometheus", + "protocol": "TCP" + }, + { + "container_port": 9160, + "host_ip": null, + "host_port": null, + "name": "thrift", + "protocol": "TCP" + } + ], + "readiness_probe": { + "_exec": null, + "failure_threshold": 3, + "grpc": null, + "http_get": { + "host": null, + "http_headers": null, + "path": "/api/v0/probes/readiness", + "port": 8080, + "scheme": "HTTP" + }, + "initial_delay_seconds": 20, + "period_seconds": 10, + "success_threshold": 1, + "tcp_socket": null, + "termination_grace_period_seconds": null, + "timeout_seconds": 1 + }, + "resources": { + "claims": null, + "limits": null, + "requests": null + }, + "security_context": null, + "startup_probe": null, + "stdin": null, + "stdin_once": null, + "termination_message_path": "/dev/termination-log", + "termination_message_policy": "File", + "tty": null, + "volume_devices": null, + "volume_mounts": [ + { + "mount_path": "/var/log/cassandra", + "mount_propagation": null, + "name": "server-logs", + "read_only": null, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/var/lib/cassandra", + "mount_propagation": null, + "name": "server-data", + "read_only": null, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/etc/encryption/", + "mount_propagation": null, + "name": "encryption-cred-storage", + "read_only": null, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/config", + "mount_propagation": null, + "name": "server-config", + "read_only": null, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/var/run/secrets/kubernetes.io/serviceaccount", + "mount_propagation": null, + "name": "kube-api-access-7nwkq", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + } + ], + "working_dir": null + }, + { + "args": null, + "command": null, + "env": null, + "env_from": null, + "image": "k8ssandra/system-logger:v1.10.3", + "image_pull_policy": "IfNotPresent", + "lifecycle": null, + "liveness_probe": null, + "name": "server-system-logger", + "ports": null, + "readiness_probe": null, + "resources": { + "claims": null, + "limits": { + "cpu": "100m", + "memory": "64M" + }, + "requests": { + "cpu": "100m", + "memory": "64M" + } + }, + "security_context": null, + "startup_probe": null, + "stdin": null, + "stdin_once": null, + "termination_message_path": "/dev/termination-log", + "termination_message_policy": "File", + "tty": null, + "volume_devices": null, + "volume_mounts": [ + { + "mount_path": "/var/log/cassandra", + "mount_propagation": null, + "name": "server-logs", + "read_only": null, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/var/run/secrets/kubernetes.io/serviceaccount", + "mount_propagation": null, + "name": "kube-api-access-7nwkq", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + } + ], + "working_dir": null + } + ], + "dns_config": null, + "dns_policy": "ClusterFirst", + "enable_service_links": true, + "ephemeral_containers": null, + "host_aliases": null, + "host_ipc": null, + "host_network": null, + "host_pid": null, + "host_users": null, + "hostname": "cluster1-test-cluster-default-sts-2", + "image_pull_secrets": null, + "init_containers": [ + { + "args": null, + "command": null, + "env": [ + { + "name": "POD_IP", + "value": null, + "value_from": { + "config_map_key_ref": null, + "field_ref": { + "api_version": "v1", + "field_path": "status.podIP" + }, + "resource_field_ref": null, + "secret_key_ref": null + } + }, + { + "name": "HOST_IP", + "value": null, + "value_from": { + "config_map_key_ref": null, + "field_ref": { + "api_version": "v1", + "field_path": "status.hostIP" + }, + "resource_field_ref": null, + "secret_key_ref": null + } + }, + { + "name": "USE_HOST_IP_FOR_BROADCAST", + "value": "false", + "value_from": null + }, + { + "name": "RACK_NAME", + "value": "default", + "value_from": null + }, + { + "name": "PRODUCT_VERSION", + "value": "3.11.7", + "value_from": null + }, + { + "name": "PRODUCT_NAME", + "value": "cassandra", + "value_from": null + }, + { + "name": "DSE_VERSION", + "value": "3.11.7", + "value_from": null + }, + { + "name": "CONFIG_FILE_DATA", + "value": "{\"cassandra-yaml\":{\"authenticator\":\"org.apache.cassandra.auth.PasswordAuthenticator\",\"authorizer\":\"org.apache.cassandra.auth.CassandraAuthorizer\",\"role_manager\":\"org.apache.cassandra.auth.CassandraRoleManager\"},\"cluster-info\":{\"name\":\"cluster1\",\"seeds\":\"cluster1-seed-service,cluster1-test-cluster-additional-seed-service\"},\"datacenter-info\":{\"graph-enabled\":0,\"name\":\"test-cluster\",\"solr-enabled\":0,\"spark-enabled\":0},\"jvm-options\":{\"initial_heap_size\":\"800M\",\"max_heap_size\":\"800M\"}}", + "value_from": null + } + ], + "env_from": null, + "image": "datastax/cass-config-builder:1.0.4-ubi7", + "image_pull_policy": "IfNotPresent", + "lifecycle": null, + "liveness_probe": null, + "name": "server-config-init", + "ports": null, + "readiness_probe": null, + "resources": { + "claims": null, + "limits": { + "cpu": "1", + "memory": "256M" + }, + "requests": { + "cpu": "1", + "memory": "256M" + } + }, + "security_context": null, + "startup_probe": null, + "stdin": null, + "stdin_once": null, + "termination_message_path": "/dev/termination-log", + "termination_message_policy": "File", + "tty": null, + "volume_devices": null, + "volume_mounts": [ + { + "mount_path": "/config", + "mount_propagation": null, + "name": "server-config", + "read_only": null, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/var/run/secrets/kubernetes.io/serviceaccount", + "mount_propagation": null, + "name": "kube-api-access-7nwkq", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + } + ], + "working_dir": null + } + ], + "node_name": "acto-0-cluster-0-worker3", + "node_selector": null, + "os": null, + "overhead": null, + "preemption_policy": "PreemptLowerPriority", + "priority": 0, + "priority_class_name": null, + "readiness_gates": null, + "resource_claims": null, + "restart_policy": "Always", + "runtime_class_name": null, + "scheduler_name": "default-scheduler", + "scheduling_gates": null, + "security_context": { + "fs_group": 999, + "fs_group_change_policy": null, + "run_as_group": 999, + "run_as_non_root": null, + "run_as_user": 999, + "se_linux_options": null, + "seccomp_profile": null, + "supplemental_groups": null, + "sysctls": null, + "windows_options": null + }, + "service_account": "default", + "service_account_name": "default", + "set_hostname_as_fqdn": null, + "share_process_namespace": null, + "subdomain": "cluster1-test-cluster-all-pods-service", + "termination_grace_period_seconds": 120, + "tolerations": [ + { + "effect": "NoExecute", + "key": "node.kubernetes.io/not-ready", + "operator": "Exists", + "toleration_seconds": 300, + "value": null + }, + { + "effect": "NoExecute", + "key": "node.kubernetes.io/unreachable", + "operator": "Exists", + "toleration_seconds": 300, + "value": null + } + ], + "topology_spread_constraints": null, + "volumes": [ + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "server-data", + "nfs": null, + "persistent_volume_claim": { + "claim_name": "server-data-cluster1-test-cluster-default-sts-2", + "read_only": null + }, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": null, + "empty_dir": { + "medium": null, + "size_limit": null + }, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "server-config", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": null, + "empty_dir": { + "medium": null, + "size_limit": null + }, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "server-logs", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "encryption-cred-storage", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": { + "default_mode": 420, + "items": null, + "optional": null, + "secret_name": "test-cluster-keystore" + }, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "kube-api-access-7nwkq", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": { + "default_mode": 420, + "sources": [ + { + "config_map": null, + "downward_api": null, + "secret": null, + "service_account_token": { + "audience": null, + "expiration_seconds": 3607, + "path": "token" + } + }, + { + "config_map": { + "items": [ + { + "key": "ca.crt", + "mode": null, + "path": "ca.crt" + } + ], + "name": "kube-root-ca.crt", + "optional": null + }, + "downward_api": null, + "secret": null, + "service_account_token": null + }, + { + "config_map": null, + "downward_api": { + "items": [ + { + "field_ref": { + "api_version": "v1", + "field_path": "metadata.namespace" + }, + "mode": null, + "path": "namespace", + "resource_field_ref": null + } + ] + }, + "secret": null, + "service_account_token": null + } + ] + }, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + } + ] + }, + "status": { + "conditions": [ + { + "last_probe_time": null, + "last_transition_time": "2024-02-26T19:33:53+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "Initialized" + }, + { + "last_probe_time": null, + "last_transition_time": "2024-02-26T19:35:24+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "Ready" + }, + { + "last_probe_time": null, + "last_transition_time": "2024-02-26T19:35:24+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "ContainersReady" + }, + { + "last_probe_time": null, + "last_transition_time": "2024-02-26T19:33:34+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "PodScheduled" + } + ], + "container_statuses": [ + { + "container_id": "containerd://e7179b2542c9da5c579c4e790603e3c5e03996376593edaf03a3c352c35f8f43", + "image": "docker.io/k8ssandra/cass-management-api:3.11.7", + "image_id": "docker.io/library/import-2024-02-26@sha256:3c740a7979c8fdbade5e4a289fd9bd2518bddafb76c7135fff09fb049b91ec77", + "last_state": { + "running": null, + "terminated": null, + "waiting": null + }, + "name": "cassandra", + "ready": true, + "restart_count": 0, + "started": true, + "state": { + "running": { + "started_at": "2024-02-26T19:33:53+00:00" + }, + "terminated": null, + "waiting": null + } + }, + { + "container_id": "containerd://bd3f0cf4edfd75dd626a28f884a35e447f2e5d07442d11eda98bc78348f602b1", + "image": "docker.io/k8ssandra/system-logger:v1.10.3", + "image_id": "docker.io/library/import-2024-02-26@sha256:d7125862ace61780e73a267eb69aafd40aefe5f9aa4fa37c82728488d36afe34", + "last_state": { + "running": null, + "terminated": null, + "waiting": null + }, + "name": "server-system-logger", + "ready": true, + "restart_count": 0, + "started": true, + "state": { + "running": { + "started_at": "2024-02-26T19:33:54+00:00" + }, + "terminated": null, + "waiting": null + } + } + ], + "ephemeral_container_statuses": null, + "host_ip": "172.18.0.2", + "init_container_statuses": [ + { + "container_id": "containerd://edeb7ccb8c3a582f61982cbcd7f3df8496980a8744ba802cd51cf709e5e44290", + "image": "docker.io/datastax/cass-config-builder:1.0.4-ubi7", + "image_id": "docker.io/library/import-2024-02-26@sha256:a2fd99198174a7e97d77e9146e5bc9aa096444b5f3ca71aba30c410661f4fec1", + "last_state": { + "running": null, + "terminated": null, + "waiting": null + }, + "name": "server-config-init", + "ready": true, + "restart_count": 0, + "started": null, + "state": { + "running": null, + "terminated": { + "container_id": "containerd://edeb7ccb8c3a582f61982cbcd7f3df8496980a8744ba802cd51cf709e5e44290", + "exit_code": 0, + "finished_at": "2024-02-26T19:33:53+00:00", + "message": null, + "reason": "Completed", + "signal": null, + "started_at": "2024-02-26T19:33:50+00:00" + }, + "waiting": null + } + } + ], + "message": null, + "nominated_node_name": null, + "phase": "Running", + "pod_ip": "10.244.3.5", + "pod_i_ps": [ + { + "ip": "10.244.3.5" + } + ], + "qos_class": "Burstable", + "reason": null, + "start_time": "2024-02-26T19:33:34+00:00" + } + } + }, + "deployment_pods": { + "cass-operator-controller-manager": [ + { + "api_version": null, + "kind": null, + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:32:59+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": "cass-operator-controller-manager-7f9b66678b-", + "generation": null, + "labels": { + "acto/tag": "operator-pod", + "control-plane": "controller-manager", + "name": "cass-operator", + "pod-template-hash": "7f9b66678b" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:generateName": {}, + "f:labels": { + ".": {}, + "f:acto/tag": {}, + "f:control-plane": {}, + "f:name": {}, + "f:pod-template-hash": {} + }, + "f:ownerReferences": { + ".": {}, + "k:{\"uid\":\"e38b5d98-937b-4f7a-9830-ede14d9e8f42\"}": {} + } + }, + "f:spec": { + "f:containers": { + "k:{\"name\":\"manager\"}": { + ".": {}, + "f:args": {}, + "f:command": {}, + "f:env": { + ".": {}, + "k:{\"name\":\"WATCH_NAMESPACE\"}": { + ".": {}, + "f:name": {} + } + }, + "f:image": {}, + "f:imagePullPolicy": {}, + "f:livenessProbe": { + ".": {}, + "f:failureThreshold": {}, + "f:httpGet": { + ".": {}, + "f:path": {}, + "f:port": {}, + "f:scheme": {} + }, + "f:initialDelaySeconds": {}, + "f:periodSeconds": {}, + "f:successThreshold": {}, + "f:timeoutSeconds": {} + }, + "f:name": {}, + "f:ports": { + ".": {}, + "k:{\"containerPort\":9443,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + } + }, + "f:readinessProbe": { + ".": {}, + "f:failureThreshold": {}, + "f:httpGet": { + ".": {}, + "f:path": {}, + "f:port": {}, + "f:scheme": {} + }, + "f:initialDelaySeconds": {}, + "f:periodSeconds": {}, + "f:successThreshold": {}, + "f:timeoutSeconds": {} + }, + "f:resources": { + ".": {}, + "f:limits": { + ".": {}, + "f:cpu": {}, + "f:memory": {} + }, + "f:requests": { + ".": {}, + "f:cpu": {}, + "f:memory": {} + } + }, + "f:securityContext": { + ".": {}, + "f:allowPrivilegeEscalation": {} + }, + "f:terminationMessagePath": {}, + "f:terminationMessagePolicy": {}, + "f:volumeMounts": { + ".": {}, + "k:{\"mountPath\":\"/configs\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {} + }, + "k:{\"mountPath\":\"/tmp/k8s-webhook-server/serving-certs\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {}, + "f:readOnly": {} + } + } + } + }, + "f:dnsPolicy": {}, + "f:enableServiceLinks": {}, + "f:restartPolicy": {}, + "f:schedulerName": {}, + "f:securityContext": { + ".": {}, + "f:runAsNonRoot": {} + }, + "f:serviceAccount": {}, + "f:serviceAccountName": {}, + "f:terminationGracePeriodSeconds": {}, + "f:volumes": { + ".": {}, + "k:{\"name\":\"cert\"}": { + ".": {}, + "f:name": {}, + "f:secret": { + ".": {}, + "f:defaultMode": {}, + "f:secretName": {} + } + }, + "k:{\"name\":\"manager-config\"}": { + ".": {}, + "f:configMap": { + ".": {}, + "f:defaultMode": {}, + "f:name": {} + }, + "f:name": {} + } + } + } + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:32:59+00:00" + }, + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:status": { + "f:conditions": { + "k:{\"type\":\"ContainersReady\"}": { + ".": {}, + "f:lastProbeTime": {}, + "f:lastTransitionTime": {}, + "f:status": {}, + "f:type": {} + }, + "k:{\"type\":\"Initialized\"}": { + ".": {}, + "f:lastProbeTime": {}, + "f:lastTransitionTime": {}, + "f:status": {}, + "f:type": {} + }, + "k:{\"type\":\"Ready\"}": { + ".": {}, + "f:lastProbeTime": {}, + "f:lastTransitionTime": {}, + "f:status": {}, + "f:type": {} + } + }, + "f:containerStatuses": {}, + "f:hostIP": {}, + "f:phase": {}, + "f:podIP": {}, + "f:podIPs": { + ".": {}, + "k:{\"ip\":\"10.244.3.3\"}": { + ".": {}, + "f:ip": {} + } + }, + "f:startTime": {} + } + }, + "manager": "Go-http-client", + "operation": "Update", + "subresource": "status", + "time": "2024-02-26T19:33:09+00:00" + } + ], + "name": "cass-operator-controller-manager-7f9b66678b-z6j64", + "namespace": "cass-operator", + "owner_references": [ + { + "api_version": "apps/v1", + "block_owner_deletion": true, + "controller": true, + "kind": "ReplicaSet", + "name": "cass-operator-controller-manager-7f9b66678b", + "uid": "e38b5d98-937b-4f7a-9830-ede14d9e8f42" + } + ], + "resource_version": "1110", + "self_link": null, + "uid": "cb769fc5-2138-4ed6-a67a-6809b9982242" + }, + "spec": { + "active_deadline_seconds": null, + "affinity": null, + "automount_service_account_token": null, + "containers": [ + { + "args": [ + "--config=/configs/controller_manager_config.yaml" + ], + "command": [ + "/manager" + ], + "env": [ + { + "name": "WATCH_NAMESPACE", + "value": null, + "value_from": null + } + ], + "env_from": null, + "image": "k8ssandra/cass-operator:v1.10.3", + "image_pull_policy": "IfNotPresent", + "lifecycle": null, + "liveness_probe": { + "_exec": null, + "failure_threshold": 3, + "grpc": null, + "http_get": { + "host": null, + "http_headers": null, + "path": "/healthz", + "port": 8081, + "scheme": "HTTP" + }, + "initial_delay_seconds": 15, + "period_seconds": 20, + "success_threshold": 1, + "tcp_socket": null, + "termination_grace_period_seconds": null, + "timeout_seconds": 1 + }, + "name": "manager", + "ports": [ + { + "container_port": 9443, + "host_ip": null, + "host_port": null, + "name": "webhook-server", + "protocol": "TCP" + } + ], + "readiness_probe": { + "_exec": null, + "failure_threshold": 3, + "grpc": null, + "http_get": { + "host": null, + "http_headers": null, + "path": "/readyz", + "port": 8081, + "scheme": "HTTP" + }, + "initial_delay_seconds": 5, + "period_seconds": 10, + "success_threshold": 1, + "tcp_socket": null, + "termination_grace_period_seconds": null, + "timeout_seconds": 1 + }, + "resources": { + "claims": null, + "limits": { + "cpu": "200m", + "memory": "100Mi" + }, + "requests": { + "cpu": "100m", + "memory": "20Mi" + } + }, + "security_context": { + "allow_privilege_escalation": false, + "capabilities": null, + "privileged": null, + "proc_mount": null, + "read_only_root_filesystem": null, + "run_as_group": null, + "run_as_non_root": null, + "run_as_user": null, + "se_linux_options": null, + "seccomp_profile": null, + "windows_options": null + }, + "startup_probe": null, + "stdin": null, + "stdin_once": null, + "termination_message_path": "/dev/termination-log", + "termination_message_policy": "File", + "tty": null, + "volume_devices": null, + "volume_mounts": [ + { + "mount_path": "/tmp/k8s-webhook-server/serving-certs", + "mount_propagation": null, + "name": "cert", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/configs", + "mount_propagation": null, + "name": "manager-config", + "read_only": null, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/var/run/secrets/kubernetes.io/serviceaccount", + "mount_propagation": null, + "name": "kube-api-access-9c9ht", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + } + ], + "working_dir": null + } + ], + "dns_config": null, + "dns_policy": "ClusterFirst", + "enable_service_links": true, + "ephemeral_containers": null, + "host_aliases": null, + "host_ipc": null, + "host_network": null, + "host_pid": null, + "host_users": null, + "hostname": null, + "image_pull_secrets": null, + "init_containers": null, + "node_name": "acto-0-cluster-0-worker3", + "node_selector": null, + "os": null, + "overhead": null, + "preemption_policy": "PreemptLowerPriority", + "priority": 0, + "priority_class_name": null, + "readiness_gates": null, + "resource_claims": null, + "restart_policy": "Always", + "runtime_class_name": null, + "scheduler_name": "default-scheduler", + "scheduling_gates": null, + "security_context": { + "fs_group": null, + "fs_group_change_policy": null, + "run_as_group": null, + "run_as_non_root": true, + "run_as_user": null, + "se_linux_options": null, + "seccomp_profile": null, + "supplemental_groups": null, + "sysctls": null, + "windows_options": null + }, + "service_account": "cass-operator-controller-manager", + "service_account_name": "cass-operator-controller-manager", + "set_hostname_as_fqdn": null, + "share_process_namespace": null, + "subdomain": null, + "termination_grace_period_seconds": 10, + "tolerations": [ + { + "effect": "NoExecute", + "key": "node.kubernetes.io/not-ready", + "operator": "Exists", + "toleration_seconds": 300, + "value": null + }, + { + "effect": "NoExecute", + "key": "node.kubernetes.io/unreachable", + "operator": "Exists", + "toleration_seconds": 300, + "value": null + } + ], + "topology_spread_constraints": null, + "volumes": [ + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "cert", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": { + "default_mode": 420, + "items": null, + "optional": null, + "secret_name": "webhook-server-cert" + }, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": { + "default_mode": 420, + "items": null, + "name": "cass-operator-manager-config", + "optional": null + }, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "manager-config", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "kube-api-access-9c9ht", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": { + "default_mode": 420, + "sources": [ + { + "config_map": null, + "downward_api": null, + "secret": null, + "service_account_token": { + "audience": null, + "expiration_seconds": 3607, + "path": "token" + } + }, + { + "config_map": { + "items": [ + { + "key": "ca.crt", + "mode": null, + "path": "ca.crt" + } + ], + "name": "kube-root-ca.crt", + "optional": null + }, + "downward_api": null, + "secret": null, + "service_account_token": null + }, + { + "config_map": null, + "downward_api": { + "items": [ + { + "field_ref": { + "api_version": "v1", + "field_path": "metadata.namespace" + }, + "mode": null, + "path": "namespace", + "resource_field_ref": null + } + ] + }, + "secret": null, + "service_account_token": null + } + ] + }, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + } + ] + }, + "status": { + "conditions": [ + { + "last_probe_time": null, + "last_transition_time": "2024-02-26T19:32:59+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "Initialized" + }, + { + "last_probe_time": null, + "last_transition_time": "2024-02-26T19:33:09+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "Ready" + }, + { + "last_probe_time": null, + "last_transition_time": "2024-02-26T19:33:09+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "ContainersReady" + }, + { + "last_probe_time": null, + "last_transition_time": "2024-02-26T19:32:59+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "PodScheduled" + } + ], + "container_statuses": [ + { + "container_id": "containerd://22e35e1d8763c8d751ade2fb980f5ea7bbd5bf2d62396406e3dc2e5823f6a795", + "image": "docker.io/k8ssandra/cass-operator:v1.10.3", + "image_id": "docker.io/library/import-2024-02-26@sha256:f49a4c207c57d255a49829936c0742362c29e184f8ba7f103f33552cfbf52376", + "last_state": { + "running": null, + "terminated": null, + "waiting": null + }, + "name": "manager", + "ready": true, + "restart_count": 0, + "started": true, + "state": { + "running": { + "started_at": "2024-02-26T19:32:59+00:00" + }, + "terminated": null, + "waiting": null + } + } + ], + "ephemeral_container_statuses": null, + "host_ip": "172.18.0.2", + "init_container_statuses": null, + "message": null, + "nominated_node_name": null, + "phase": "Running", + "pod_ip": "10.244.3.3", + "pod_i_ps": [ + { + "ip": "10.244.3.3" + } + ], + "qos_class": "Burstable", + "reason": null, + "start_time": "2024-02-26T19:32:59+00:00" + } + } + ] + }, + "daemonset_pods": {}, + "stateful_set": { + "cluster1-test-cluster-default-sts": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": { + "cassandra.datastax.com/resource-hash": "lAD4DISuzU5/CLRvW5A/cZHk0E5jbMdJJWVB9+Ul1rE=" + }, + "creation_timestamp": "2024-02-26T19:33:30+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": 1, + "labels": { + "app.kubernetes.io/instance": "cassandra-cluster1", + "app.kubernetes.io/managed-by": "cass-operator", + "app.kubernetes.io/name": "cassandra", + "app.kubernetes.io/version": "3.11.7", + "cassandra.datastax.com/cluster": "cluster1", + "cassandra.datastax.com/datacenter": "test-cluster", + "cassandra.datastax.com/rack": "default" + }, + "managed_fields": [ + { + "api_version": "apps/v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + ".": {}, + "f:cassandra.datastax.com/resource-hash": {} + }, + "f:labels": { + ".": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {}, + "f:app.kubernetes.io/version": {}, + "f:cassandra.datastax.com/cluster": {}, + "f:cassandra.datastax.com/datacenter": {}, + "f:cassandra.datastax.com/rack": {} + }, + "f:ownerReferences": { + ".": {}, + "k:{\"uid\":\"9b81ee5e-f473-4cc4-8eba-88b9581a973d\"}": {} + } + }, + "f:spec": { + "f:podManagementPolicy": {}, + "f:replicas": {}, + "f:revisionHistoryLimit": {}, + "f:selector": {}, + "f:serviceName": {}, + "f:template": { + "f:metadata": { + "f:labels": { + ".": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {}, + "f:app.kubernetes.io/version": {}, + "f:cassandra.datastax.com/cluster": {}, + "f:cassandra.datastax.com/datacenter": {}, + "f:cassandra.datastax.com/node-state": {}, + "f:cassandra.datastax.com/rack": {} + } + }, + "f:spec": { + "f:affinity": { + ".": {}, + "f:podAntiAffinity": { + ".": {}, + "f:requiredDuringSchedulingIgnoredDuringExecution": {} + } + }, + "f:containers": { + "k:{\"name\":\"cassandra\"}": { + ".": {}, + "f:env": { + ".": {}, + "k:{\"name\":\"DSE_AUTO_CONF_OFF\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"DSE_MGMT_EXPLICIT_START\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"DS_LICENSE\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"MGMT_API_EXPLICIT_START\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"USE_MGMT_API\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + } + }, + "f:image": {}, + "f:imagePullPolicy": {}, + "f:lifecycle": { + ".": {}, + "f:preStop": { + ".": {}, + "f:exec": { + ".": {}, + "f:command": {} + } + } + }, + "f:livenessProbe": { + ".": {}, + "f:failureThreshold": {}, + "f:httpGet": { + ".": {}, + "f:path": {}, + "f:port": {}, + "f:scheme": {} + }, + "f:initialDelaySeconds": {}, + "f:periodSeconds": {}, + "f:successThreshold": {}, + "f:timeoutSeconds": {} + }, + "f:name": {}, + "f:ports": { + ".": {}, + "k:{\"containerPort\":7000,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + }, + "k:{\"containerPort\":7001,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + }, + "k:{\"containerPort\":7199,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + }, + "k:{\"containerPort\":8080,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + }, + "k:{\"containerPort\":9042,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + }, + "k:{\"containerPort\":9103,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + }, + "k:{\"containerPort\":9142,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + }, + "k:{\"containerPort\":9160,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + } + }, + "f:readinessProbe": { + ".": {}, + "f:failureThreshold": {}, + "f:httpGet": { + ".": {}, + "f:path": {}, + "f:port": {}, + "f:scheme": {} + }, + "f:initialDelaySeconds": {}, + "f:periodSeconds": {}, + "f:successThreshold": {}, + "f:timeoutSeconds": {} + }, + "f:resources": {}, + "f:terminationMessagePath": {}, + "f:terminationMessagePolicy": {}, + "f:volumeMounts": { + ".": {}, + "k:{\"mountPath\":\"/config\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {} + }, + "k:{\"mountPath\":\"/etc/encryption/\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {} + }, + "k:{\"mountPath\":\"/var/lib/cassandra\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {} + }, + "k:{\"mountPath\":\"/var/log/cassandra\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {} + } + } + }, + "k:{\"name\":\"server-system-logger\"}": { + ".": {}, + "f:image": {}, + "f:imagePullPolicy": {}, + "f:name": {}, + "f:resources": { + ".": {}, + "f:limits": { + ".": {}, + "f:cpu": {}, + "f:memory": {} + }, + "f:requests": { + ".": {}, + "f:cpu": {}, + "f:memory": {} + } + }, + "f:terminationMessagePath": {}, + "f:terminationMessagePolicy": {}, + "f:volumeMounts": { + ".": {}, + "k:{\"mountPath\":\"/var/log/cassandra\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {} + } + } + } + }, + "f:dnsPolicy": {}, + "f:initContainers": { + ".": {}, + "k:{\"name\":\"server-config-init\"}": { + ".": {}, + "f:env": { + ".": {}, + "k:{\"name\":\"CONFIG_FILE_DATA\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"DSE_VERSION\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"HOST_IP\"}": { + ".": {}, + "f:name": {}, + "f:valueFrom": { + ".": {}, + "f:fieldRef": {} + } + }, + "k:{\"name\":\"POD_IP\"}": { + ".": {}, + "f:name": {}, + "f:valueFrom": { + ".": {}, + "f:fieldRef": {} + } + }, + "k:{\"name\":\"PRODUCT_NAME\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"PRODUCT_VERSION\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"RACK_NAME\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"USE_HOST_IP_FOR_BROADCAST\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + } + }, + "f:image": {}, + "f:imagePullPolicy": {}, + "f:name": {}, + "f:resources": { + ".": {}, + "f:limits": { + ".": {}, + "f:cpu": {}, + "f:memory": {} + }, + "f:requests": { + ".": {}, + "f:cpu": {}, + "f:memory": {} + } + }, + "f:terminationMessagePath": {}, + "f:terminationMessagePolicy": {}, + "f:volumeMounts": { + ".": {}, + "k:{\"mountPath\":\"/config\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {} + } + } + } + }, + "f:restartPolicy": {}, + "f:schedulerName": {}, + "f:securityContext": { + ".": {}, + "f:fsGroup": {}, + "f:runAsGroup": {}, + "f:runAsUser": {} + }, + "f:serviceAccount": {}, + "f:serviceAccountName": {}, + "f:terminationGracePeriodSeconds": {}, + "f:volumes": { + ".": {}, + "k:{\"name\":\"encryption-cred-storage\"}": { + ".": {}, + "f:name": {}, + "f:secret": { + ".": {}, + "f:defaultMode": {}, + "f:secretName": {} + } + }, + "k:{\"name\":\"server-config\"}": { + ".": {}, + "f:emptyDir": {}, + "f:name": {} + }, + "k:{\"name\":\"server-logs\"}": { + ".": {}, + "f:emptyDir": {}, + "f:name": {} + } + } + } + }, + "f:updateStrategy": { + "f:rollingUpdate": { + ".": {}, + "f:partition": {} + }, + "f:type": {} + }, + "f:volumeClaimTemplates": {} + } + }, + "manager": "manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:30+00:00" + }, + { + "api_version": "apps/v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:status": { + "f:availableReplicas": {}, + "f:collisionCount": {}, + "f:currentReplicas": {}, + "f:currentRevision": {}, + "f:observedGeneration": {}, + "f:readyReplicas": {}, + "f:replicas": {}, + "f:updateRevision": {}, + "f:updatedReplicas": {} + } + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": "status", + "time": "2024-02-26T19:34:23+00:00" + } + ], + "name": "cluster1-test-cluster-default-sts", + "namespace": "cass-operator", + "owner_references": [ + { + "api_version": "cassandra.datastax.com/v1beta1", + "block_owner_deletion": true, + "controller": true, + "kind": "CassandraDatacenter", + "name": "test-cluster", + "uid": "9b81ee5e-f473-4cc4-8eba-88b9581a973d" + } + ], + "resource_version": "1970", + "self_link": null, + "uid": "f34321ea-cb8c-422e-8e25-043ede05be43" + }, + "spec": { + "min_ready_seconds": null, + "ordinals": null, + "persistent_volume_claim_retention_policy": null, + "pod_management_policy": "Parallel", + "replicas": 3, + "revision_history_limit": 10, + "selector": { + "match_expressions": null, + "match_labels": { + "cassandra.datastax.com/cluster": "cluster1", + "cassandra.datastax.com/datacenter": "test-cluster", + "cassandra.datastax.com/rack": "default" + } + }, + "service_name": "cluster1-test-cluster-all-pods-service", + "template": { + "metadata": { + "annotations": null, + "creation_timestamp": null, + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": { + "app.kubernetes.io/instance": "cassandra-cluster1", + "app.kubernetes.io/managed-by": "cass-operator", + "app.kubernetes.io/name": "cassandra", + "app.kubernetes.io/version": "3.11.7", + "cassandra.datastax.com/cluster": "cluster1", + "cassandra.datastax.com/datacenter": "test-cluster", + "cassandra.datastax.com/node-state": "Ready-to-Start", + "cassandra.datastax.com/rack": "default" + }, + "managed_fields": null, + "name": null, + "namespace": null, + "owner_references": null, + "resource_version": null, + "self_link": null, + "uid": null + }, + "spec": { + "active_deadline_seconds": null, + "affinity": { + "node_affinity": null, + "pod_affinity": null, + "pod_anti_affinity": { + "preferred_during_scheduling_ignored_during_execution": null, + "required_during_scheduling_ignored_during_execution": [ + { + "label_selector": { + "match_expressions": [ + { + "key": "cassandra.datastax.com/cluster", + "operator": "Exists", + "values": null + }, + { + "key": "cassandra.datastax.com/datacenter", + "operator": "Exists", + "values": null + }, + { + "key": "cassandra.datastax.com/rack", + "operator": "Exists", + "values": null + } + ], + "match_labels": null + }, + "namespace_selector": null, + "namespaces": null, + "topology_key": "kubernetes.io/hostname" + } + ] + } + }, + "automount_service_account_token": null, + "containers": [ + { + "args": null, + "command": null, + "env": [ + { + "name": "DS_LICENSE", + "value": "accept", + "value_from": null + }, + { + "name": "DSE_AUTO_CONF_OFF", + "value": "all", + "value_from": null + }, + { + "name": "USE_MGMT_API", + "value": "true", + "value_from": null + }, + { + "name": "MGMT_API_EXPLICIT_START", + "value": "true", + "value_from": null + }, + { + "name": "DSE_MGMT_EXPLICIT_START", + "value": "true", + "value_from": null + } + ], + "env_from": null, + "image": "k8ssandra/cass-management-api:3.11.7", + "image_pull_policy": "IfNotPresent", + "lifecycle": { + "post_start": null, + "pre_stop": { + "_exec": { + "command": [ + "wget", + "--output-document", + "/dev/null", + "--no-check-certificate", + "--post-data=''", + "http://localhost:8080/api/v0/ops/node/drain" + ] + }, + "http_get": null, + "tcp_socket": null + } + }, + "liveness_probe": { + "_exec": null, + "failure_threshold": 3, + "grpc": null, + "http_get": { + "host": null, + "http_headers": null, + "path": "/api/v0/probes/liveness", + "port": 8080, + "scheme": "HTTP" + }, + "initial_delay_seconds": 15, + "period_seconds": 15, + "success_threshold": 1, + "tcp_socket": null, + "termination_grace_period_seconds": null, + "timeout_seconds": 1 + }, + "name": "cassandra", + "ports": [ + { + "container_port": 9042, + "host_ip": null, + "host_port": null, + "name": "native", + "protocol": "TCP" + }, + { + "container_port": 9142, + "host_ip": null, + "host_port": null, + "name": "tls-native", + "protocol": "TCP" + }, + { + "container_port": 7000, + "host_ip": null, + "host_port": null, + "name": "internode", + "protocol": "TCP" + }, + { + "container_port": 7001, + "host_ip": null, + "host_port": null, + "name": "tls-internode", + "protocol": "TCP" + }, + { + "container_port": 7199, + "host_ip": null, + "host_port": null, + "name": "jmx", + "protocol": "TCP" + }, + { + "container_port": 8080, + "host_ip": null, + "host_port": null, + "name": "mgmt-api-http", + "protocol": "TCP" + }, + { + "container_port": 9103, + "host_ip": null, + "host_port": null, + "name": "prometheus", + "protocol": "TCP" + }, + { + "container_port": 9160, + "host_ip": null, + "host_port": null, + "name": "thrift", + "protocol": "TCP" + } + ], + "readiness_probe": { + "_exec": null, + "failure_threshold": 3, + "grpc": null, + "http_get": { + "host": null, + "http_headers": null, + "path": "/api/v0/probes/readiness", + "port": 8080, + "scheme": "HTTP" + }, + "initial_delay_seconds": 20, + "period_seconds": 10, + "success_threshold": 1, + "tcp_socket": null, + "termination_grace_period_seconds": null, + "timeout_seconds": 1 + }, + "resources": { + "claims": null, + "limits": null, + "requests": null + }, + "security_context": null, + "startup_probe": null, + "stdin": null, + "stdin_once": null, + "termination_message_path": "/dev/termination-log", + "termination_message_policy": "File", + "tty": null, + "volume_devices": null, + "volume_mounts": [ + { + "mount_path": "/var/log/cassandra", + "mount_propagation": null, + "name": "server-logs", + "read_only": null, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/var/lib/cassandra", + "mount_propagation": null, + "name": "server-data", + "read_only": null, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/etc/encryption/", + "mount_propagation": null, + "name": "encryption-cred-storage", + "read_only": null, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/config", + "mount_propagation": null, + "name": "server-config", + "read_only": null, + "sub_path": null, + "sub_path_expr": null + } + ], + "working_dir": null + }, + { + "args": null, + "command": null, + "env": null, + "env_from": null, + "image": "k8ssandra/system-logger:v1.10.3", + "image_pull_policy": "IfNotPresent", + "lifecycle": null, + "liveness_probe": null, + "name": "server-system-logger", + "ports": null, + "readiness_probe": null, + "resources": { + "claims": null, + "limits": { + "cpu": "100m", + "memory": "64M" + }, + "requests": { + "cpu": "100m", + "memory": "64M" + } + }, + "security_context": null, + "startup_probe": null, + "stdin": null, + "stdin_once": null, + "termination_message_path": "/dev/termination-log", + "termination_message_policy": "File", + "tty": null, + "volume_devices": null, + "volume_mounts": [ + { + "mount_path": "/var/log/cassandra", + "mount_propagation": null, + "name": "server-logs", + "read_only": null, + "sub_path": null, + "sub_path_expr": null + } + ], + "working_dir": null + } + ], + "dns_config": null, + "dns_policy": "ClusterFirst", + "enable_service_links": null, + "ephemeral_containers": null, + "host_aliases": null, + "host_ipc": null, + "host_network": null, + "host_pid": null, + "host_users": null, + "hostname": null, + "image_pull_secrets": null, + "init_containers": [ + { + "args": null, + "command": null, + "env": [ + { + "name": "POD_IP", + "value": null, + "value_from": { + "config_map_key_ref": null, + "field_ref": { + "api_version": "v1", + "field_path": "status.podIP" + }, + "resource_field_ref": null, + "secret_key_ref": null + } + }, + { + "name": "HOST_IP", + "value": null, + "value_from": { + "config_map_key_ref": null, + "field_ref": { + "api_version": "v1", + "field_path": "status.hostIP" + }, + "resource_field_ref": null, + "secret_key_ref": null + } + }, + { + "name": "USE_HOST_IP_FOR_BROADCAST", + "value": "false", + "value_from": null + }, + { + "name": "RACK_NAME", + "value": "default", + "value_from": null + }, + { + "name": "PRODUCT_VERSION", + "value": "3.11.7", + "value_from": null + }, + { + "name": "PRODUCT_NAME", + "value": "cassandra", + "value_from": null + }, + { + "name": "DSE_VERSION", + "value": "3.11.7", + "value_from": null + }, + { + "name": "CONFIG_FILE_DATA", + "value": "{\"cassandra-yaml\":{\"authenticator\":\"org.apache.cassandra.auth.PasswordAuthenticator\",\"authorizer\":\"org.apache.cassandra.auth.CassandraAuthorizer\",\"role_manager\":\"org.apache.cassandra.auth.CassandraRoleManager\"},\"cluster-info\":{\"name\":\"cluster1\",\"seeds\":\"cluster1-seed-service,cluster1-test-cluster-additional-seed-service\"},\"datacenter-info\":{\"graph-enabled\":0,\"name\":\"test-cluster\",\"solr-enabled\":0,\"spark-enabled\":0},\"jvm-options\":{\"initial_heap_size\":\"800M\",\"max_heap_size\":\"800M\"}}", + "value_from": null + } + ], + "env_from": null, + "image": "datastax/cass-config-builder:1.0.4-ubi7", + "image_pull_policy": "IfNotPresent", + "lifecycle": null, + "liveness_probe": null, + "name": "server-config-init", + "ports": null, + "readiness_probe": null, + "resources": { + "claims": null, + "limits": { + "cpu": "1", + "memory": "256M" + }, + "requests": { + "cpu": "1", + "memory": "256M" + } + }, + "security_context": null, + "startup_probe": null, + "stdin": null, + "stdin_once": null, + "termination_message_path": "/dev/termination-log", + "termination_message_policy": "File", + "tty": null, + "volume_devices": null, + "volume_mounts": [ + { + "mount_path": "/config", + "mount_propagation": null, + "name": "server-config", + "read_only": null, + "sub_path": null, + "sub_path_expr": null + } + ], + "working_dir": null + } + ], + "node_name": null, + "node_selector": null, + "os": null, + "overhead": null, + "preemption_policy": null, + "priority": null, + "priority_class_name": null, + "readiness_gates": null, + "resource_claims": null, + "restart_policy": "Always", + "runtime_class_name": null, + "scheduler_name": "default-scheduler", + "scheduling_gates": null, + "security_context": { + "fs_group": 999, + "fs_group_change_policy": null, + "run_as_group": 999, + "run_as_non_root": null, + "run_as_user": 999, + "se_linux_options": null, + "seccomp_profile": null, + "supplemental_groups": null, + "sysctls": null, + "windows_options": null + }, + "service_account": "default", + "service_account_name": "default", + "set_hostname_as_fqdn": null, + "share_process_namespace": null, + "subdomain": null, + "termination_grace_period_seconds": 120, + "tolerations": null, + "topology_spread_constraints": null, + "volumes": [ + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": null, + "empty_dir": { + "medium": null, + "size_limit": null + }, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "server-config", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": null, + "empty_dir": { + "medium": null, + "size_limit": null + }, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "server-logs", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "encryption-cred-storage", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": { + "default_mode": 420, + "items": null, + "optional": null, + "secret_name": "test-cluster-keystore" + }, + "storageos": null, + "vsphere_volume": null + } + ] + } + }, + "update_strategy": { + "rolling_update": { + "max_unavailable": null, + "partition": 0 + }, + "type": "RollingUpdate" + }, + "volume_claim_templates": [ + { + "api_version": "v1", + "kind": "PersistentVolumeClaim", + "metadata": { + "annotations": null, + "creation_timestamp": null, + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": { + "app.kubernetes.io/instance": "cassandra-cluster1", + "app.kubernetes.io/managed-by": "cass-operator", + "app.kubernetes.io/name": "cassandra", + "app.kubernetes.io/version": "3.11.7", + "cassandra.datastax.com/cluster": "cluster1", + "cassandra.datastax.com/datacenter": "test-cluster", + "cassandra.datastax.com/rack": "default" + }, + "managed_fields": null, + "name": "server-data", + "namespace": null, + "owner_references": null, + "resource_version": null, + "self_link": null, + "uid": null + }, + "spec": { + "access_modes": [ + "ReadWriteOnce" + ], + "data_source": null, + "data_source_ref": null, + "resources": { + "claims": null, + "limits": null, + "requests": { + "storage": "3Gi" + } + }, + "selector": null, + "storage_class_name": "server-storage", + "volume_mode": "Filesystem", + "volume_name": null + }, + "status": { + "access_modes": null, + "allocated_resources": null, + "capacity": null, + "conditions": null, + "phase": "Pending", + "resize_status": null + } + } + ] + }, + "status": { + "available_replicas": 3, + "collision_count": 0, + "conditions": null, + "current_replicas": 3, + "current_revision": "cluster1-test-cluster-default-sts-5d8d5c84f4", + "observed_generation": 1, + "ready_replicas": 3, + "replicas": 3, + "update_revision": "cluster1-test-cluster-default-sts-5d8d5c84f4", + "updated_replicas": 3 + } + } + }, + "deployment": { + "cass-operator-controller-manager": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": { + "deployment.kubernetes.io/revision": "2" + }, + "creation_timestamp": "2024-02-26T19:32:48+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": 2, + "labels": { + "acto/tag": "operator-deployment", + "control-plane": "controller-manager" + }, + "managed_fields": [ + { + "api_version": "apps/v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:labels": { + "f:control-plane": {} + } + }, + "f:spec": { + "f:replicas": {}, + "f:selector": {}, + "f:template": { + "f:metadata": { + "f:labels": { + "f:control-plane": {}, + "f:name": {} + } + }, + "f:spec": { + "f:containers": { + "k:{\"name\":\"manager\"}": { + ".": {}, + "f:args": {}, + "f:command": {}, + "f:env": { + "k:{\"name\":\"WATCH_NAMESPACE\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + } + }, + "f:image": {}, + "f:imagePullPolicy": {}, + "f:livenessProbe": { + "f:httpGet": { + "f:path": {}, + "f:port": {} + }, + "f:initialDelaySeconds": {}, + "f:periodSeconds": {} + }, + "f:name": {}, + "f:ports": { + "k:{\"containerPort\":9443,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + } + }, + "f:readinessProbe": { + "f:httpGet": { + "f:path": {}, + "f:port": {} + }, + "f:initialDelaySeconds": {}, + "f:periodSeconds": {} + }, + "f:resources": { + "f:limits": { + "f:cpu": {}, + "f:memory": {} + }, + "f:requests": { + "f:cpu": {}, + "f:memory": {} + } + }, + "f:securityContext": { + "f:allowPrivilegeEscalation": {} + }, + "f:volumeMounts": { + "k:{\"mountPath\":\"/configs\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {} + }, + "k:{\"mountPath\":\"/tmp/k8s-webhook-server/serving-certs\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {}, + "f:readOnly": {} + } + } + } + }, + "f:securityContext": { + "f:runAsNonRoot": {} + }, + "f:serviceAccountName": {}, + "f:terminationGracePeriodSeconds": {}, + "f:volumes": { + "k:{\"name\":\"cert\"}": { + ".": {}, + "f:name": {}, + "f:secret": { + "f:defaultMode": {}, + "f:secretName": {} + } + }, + "k:{\"name\":\"manager-config\"}": { + ".": {}, + "f:configMap": { + "f:name": {} + }, + "f:name": {} + } + } + } + } + } + }, + "manager": "kubectl", + "operation": "Apply", + "subresource": null, + "time": "2024-02-26T19:32:48+00:00" + }, + { + "api_version": "apps/v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:labels": { + "f:acto/tag": {} + } + }, + "f:spec": { + "f:template": { + "f:metadata": { + "f:labels": { + "f:acto/tag": {} + } + } + } + } + }, + "manager": "OpenAPI-Generator", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:32:59+00:00" + }, + { + "api_version": "apps/v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + ".": {}, + "f:deployment.kubernetes.io/revision": {} + } + }, + "f:status": { + "f:availableReplicas": {}, + "f:conditions": { + ".": {}, + "k:{\"type\":\"Available\"}": { + ".": {}, + "f:lastTransitionTime": {}, + "f:lastUpdateTime": {}, + "f:message": {}, + "f:reason": {}, + "f:status": {}, + "f:type": {} + }, + "k:{\"type\":\"Progressing\"}": { + ".": {}, + "f:lastTransitionTime": {}, + "f:lastUpdateTime": {}, + "f:message": {}, + "f:reason": {}, + "f:status": {}, + "f:type": {} + } + }, + "f:observedGeneration": {}, + "f:readyReplicas": {}, + "f:replicas": {}, + "f:updatedReplicas": {} + } + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": "status", + "time": "2024-02-26T19:33:09+00:00" + } + ], + "name": "cass-operator-controller-manager", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1124", + "self_link": null, + "uid": "df3d20c7-d213-4071-8f88-541e84b55bd6" + }, + "spec": { + "min_ready_seconds": null, + "paused": null, + "progress_deadline_seconds": 600, + "replicas": 1, + "revision_history_limit": 10, + "selector": { + "match_expressions": null, + "match_labels": { + "control-plane": "controller-manager", + "name": "cass-operator" + } + }, + "strategy": { + "rolling_update": { + "max_surge": "25%", + "max_unavailable": "25%" + }, + "type": "RollingUpdate" + }, + "template": { + "metadata": { + "annotations": null, + "creation_timestamp": null, + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": { + "acto/tag": "operator-pod", + "control-plane": "controller-manager", + "name": "cass-operator" + }, + "managed_fields": null, + "name": null, + "namespace": null, + "owner_references": null, + "resource_version": null, + "self_link": null, + "uid": null + }, + "spec": { + "active_deadline_seconds": null, + "affinity": null, + "automount_service_account_token": null, + "containers": [ + { + "args": [ + "--config=/configs/controller_manager_config.yaml" + ], + "command": [ + "/manager" + ], + "env": [ + { + "name": "WATCH_NAMESPACE", + "value": null, + "value_from": null + } + ], + "env_from": null, + "image": "k8ssandra/cass-operator:v1.10.3", + "image_pull_policy": "IfNotPresent", + "lifecycle": null, + "liveness_probe": { + "_exec": null, + "failure_threshold": 3, + "grpc": null, + "http_get": { + "host": null, + "http_headers": null, + "path": "/healthz", + "port": 8081, + "scheme": "HTTP" + }, + "initial_delay_seconds": 15, + "period_seconds": 20, + "success_threshold": 1, + "tcp_socket": null, + "termination_grace_period_seconds": null, + "timeout_seconds": 1 + }, + "name": "manager", + "ports": [ + { + "container_port": 9443, + "host_ip": null, + "host_port": null, + "name": "webhook-server", + "protocol": "TCP" + } + ], + "readiness_probe": { + "_exec": null, + "failure_threshold": 3, + "grpc": null, + "http_get": { + "host": null, + "http_headers": null, + "path": "/readyz", + "port": 8081, + "scheme": "HTTP" + }, + "initial_delay_seconds": 5, + "period_seconds": 10, + "success_threshold": 1, + "tcp_socket": null, + "termination_grace_period_seconds": null, + "timeout_seconds": 1 + }, + "resources": { + "claims": null, + "limits": { + "cpu": "200m", + "memory": "100Mi" + }, + "requests": { + "cpu": "100m", + "memory": "20Mi" + } + }, + "security_context": { + "allow_privilege_escalation": false, + "capabilities": null, + "privileged": null, + "proc_mount": null, + "read_only_root_filesystem": null, + "run_as_group": null, + "run_as_non_root": null, + "run_as_user": null, + "se_linux_options": null, + "seccomp_profile": null, + "windows_options": null + }, + "startup_probe": null, + "stdin": null, + "stdin_once": null, + "termination_message_path": "/dev/termination-log", + "termination_message_policy": "File", + "tty": null, + "volume_devices": null, + "volume_mounts": [ + { + "mount_path": "/tmp/k8s-webhook-server/serving-certs", + "mount_propagation": null, + "name": "cert", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/configs", + "mount_propagation": null, + "name": "manager-config", + "read_only": null, + "sub_path": null, + "sub_path_expr": null + } + ], + "working_dir": null + } + ], + "dns_config": null, + "dns_policy": "ClusterFirst", + "enable_service_links": null, + "ephemeral_containers": null, + "host_aliases": null, + "host_ipc": null, + "host_network": null, + "host_pid": null, + "host_users": null, + "hostname": null, + "image_pull_secrets": null, + "init_containers": null, + "node_name": null, + "node_selector": null, + "os": null, + "overhead": null, + "preemption_policy": null, + "priority": null, + "priority_class_name": null, + "readiness_gates": null, + "resource_claims": null, + "restart_policy": "Always", + "runtime_class_name": null, + "scheduler_name": "default-scheduler", + "scheduling_gates": null, + "security_context": { + "fs_group": null, + "fs_group_change_policy": null, + "run_as_group": null, + "run_as_non_root": true, + "run_as_user": null, + "se_linux_options": null, + "seccomp_profile": null, + "supplemental_groups": null, + "sysctls": null, + "windows_options": null + }, + "service_account": "cass-operator-controller-manager", + "service_account_name": "cass-operator-controller-manager", + "set_hostname_as_fqdn": null, + "share_process_namespace": null, + "subdomain": null, + "termination_grace_period_seconds": 10, + "tolerations": null, + "topology_spread_constraints": null, + "volumes": [ + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "cert", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": { + "default_mode": 420, + "items": null, + "optional": null, + "secret_name": "webhook-server-cert" + }, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": { + "default_mode": 420, + "items": null, + "name": "cass-operator-manager-config", + "optional": null + }, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "manager-config", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + } + ] + } + } + }, + "status": { + "available_replicas": 1, + "collision_count": null, + "conditions": [ + { + "last_transition_time": "2024-02-26T19:32:59+00:00", + "last_update_time": "2024-02-26T19:32:59+00:00", + "message": "Deployment has minimum availability.", + "reason": "MinimumReplicasAvailable", + "status": "True", + "type": "Available" + }, + { + "last_transition_time": "2024-02-26T19:32:48+00:00", + "last_update_time": "2024-02-26T19:33:09+00:00", + "message": "ReplicaSet \"cass-operator-controller-manager-7f9b66678b\" has successfully progressed.", + "reason": "NewReplicaSetAvailable", + "status": "True", + "type": "Progressing" + } + ], + "observed_generation": 2, + "ready_replicas": 1, + "replicas": 1, + "unavailable_replicas": null, + "updated_replicas": 1 + } + } + }, + "daemon_set": {}, + "config_map": { + "b569adb7.cassandra.datastax.com": { + "api_version": null, + "binary_data": null, + "data": null, + "immutable": null, + "kind": null, + "metadata": { + "annotations": { + "control-plane.alpha.kubernetes.io/leader": "{\"holderIdentity\":\"cass-operator-controller-manager-7f9b66678b-z6j64_6c9b4450-3b5f-46e2-b713-650dfa0b8f7f\",\"leaseDurationSeconds\":15,\"acquireTime\":\"2024-02-26T19:33:24Z\",\"renewTime\":\"2024-02-26T19:40:16Z\",\"leaderTransitions\":1}" + }, + "creation_timestamp": "2024-02-26T19:32:50+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + ".": {}, + "f:control-plane.alpha.kubernetes.io/leader": {} + } + } + }, + "manager": "manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:32:50+00:00" + } + ], + "name": "b569adb7.cassandra.datastax.com", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "2816", + "self_link": null, + "uid": "addfb43f-462e-43d9-8c36-adfb859f3c69" + } + }, + "cass-operator-manager-config": { + "api_version": null, + "binary_data": null, + "data": { + "controller_manager_config.yaml": "apiVersion: config.k8ssandra.io/v1beta1\nkind: OperatorConfig\nmetadata:\n name: operator-config\nhealth:\n healthProbeBindAddress: :8081\nmetrics:\n bindAddress: 127.0.0.1:8080\nwebhook:\n port: 9443\nleaderElection:\n leaderElect: true\n resourceName: b569adb7.cassandra.datastax.com\ndisableWebhooks: false\nimageConfigFile: /configs/image_config.yaml\n", + "image_config.yaml": "apiVersion: config.k8ssandra.io/v1beta1\nkind: ImageConfig\nmetadata:\n name: image-config\nimages:\n system-logger: \"k8ssandra/system-logger:v1.10.3\"\n config-builder: \"datastax/cass-config-builder:1.0.4-ubi7\"\n # cassandra:\n # \"4.0.0\": \"k8ssandra/cassandra-ubi:latest\"\n # dse:\n # \"6.8.999\": \"datastax/dse-server-prototype:latest\"\n# imageRegistry: \"localhost:5000\"\n# imagePullPolicy: IfNotPresent\n# imagePullSecret:\n# name: my-secret-pull-registry\ndefaults:\n # Note, postfix is ignored if repository is not set\n cassandra:\n repository: \"k8ssandra/cass-management-api\"\n dse:\n repository: \"datastax/dse-server\"\n suffix: \"-ubi7\"\n" + }, + "immutable": null, + "kind": null, + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:32:48+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:data": { + "f:controller_manager_config.yaml": {}, + "f:image_config.yaml": {} + } + }, + "manager": "kubectl", + "operation": "Apply", + "subresource": null, + "time": "2024-02-26T19:32:48+00:00" + } + ], + "name": "cass-operator-manager-config", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "961", + "self_link": null, + "uid": "73e2ba7c-3170-4578-a873-ada31f5f89bd" + } + }, + "kube-root-ca.crt": { + "api_version": null, + "binary_data": null, + "data": { + "ca.crt": "-----BEGIN CERTIFICATE-----\nMIIC/jCCAeagAwIBAgIBADANBgkqhkiG9w0BAQsFADAVMRMwEQYDVQQDEwprdWJl\ncm5ldGVzMB4XDTI0MDIyNjE5MzEyNVoXDTM0MDIyMzE5MzEyNVowFTETMBEGA1UE\nAxMKa3ViZXJuZXRlczCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMmH\nFaWb2Wjn7HoSYrErkc76xYf8Iz5XjB4005cdOSVc8bovTzFpQwmV7B09zUpq6nOq\nTNk86Zfrth8KyS1crMrlNhOkOZYeGPT2L8NMO9V/XrgaRv8cEWZjeMRpWlNdwVtJ\nrK+CQF/e4vMbv17zjT5DeSXJtYpY87TWY69RH4cJFnD93Y1BUSfPbSbtaAXLdH03\nPVTtFWm6H8NFzf+bw1hN1W+62DOWjZ7YbR3aJqyyle26Qz35VocYnRo705lZKPwO\nt5XnwmnIE6sMwngJutGipU8/v/OG8SsvoOgfLU8sSeuatXV6q/UzvAv0x0X7b6BH\nvEPkLge3JISAylxOu+0CAwEAAaNZMFcwDgYDVR0PAQH/BAQDAgKkMA8GA1UdEwEB\n/wQFMAMBAf8wHQYDVR0OBBYEFBn5yq8hFn3wVwtApoqJ9eQF1zPpMBUGA1UdEQQO\nMAyCCmt1YmVybmV0ZXMwDQYJKoZIhvcNAQELBQADggEBABrIGLIeWKkQrHtRF/lJ\nUqLBDKSkOOdHlAXfYJNM3LgYEoNBV1hvt5Pte95QKpflyLBEqiaIeq1Qpw4OfH3x\nj1xsNULGk6Xjce8/UpG4xSfsJ7xntFzg22pEZKuAF1FGOOfZh5orla6UHk8Bg5+b\nXZeJzUGJSKfjVhlxf72udWFzvJdcG/sEUkvyX5Mlrph8tUyOpY/6LRAmDBrfokBk\nEA8DQjsL0IaIOoHP2eMVqIws8Biyptn6q047jjayTjn2ITN3Cd2yj9qGwlBaO6rE\nrtqStZSE+M7MNHsY4ha/Jgarg3VzafqRXCA2QVuc8iqke0v1ntnOzZz2RUmLY5UA\nGyM=\n-----END CERTIFICATE-----\n" + }, + "immutable": null, + "kind": null, + "metadata": { + "annotations": { + "kubernetes.io/description": "Contains a CA bundle that can be used to verify the kube-apiserver when using internal endpoints such as the internal service IP or kubernetes.default.svc. No other usage is guaranteed across distributions of Kubernetes clusters." + }, + "creation_timestamp": "2024-02-26T19:32:27+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:data": { + ".": {}, + "f:ca.crt": {} + }, + "f:metadata": { + "f:annotations": { + ".": {}, + "f:kubernetes.io/description": {} + } + } + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:32:27+00:00" + } + ], + "name": "kube-root-ca.crt", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "736", + "self_link": null, + "uid": "1d6934a6-c272-4b0d-971b-7b0d46c820f2" + } + } + }, + "service": { + "cass-operator-webhook-service": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:32:48+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:spec": { + "f:ports": { + "k:{\"port\":443,\"protocol\":\"TCP\"}": { + ".": {}, + "f:port": {}, + "f:targetPort": {} + } + }, + "f:selector": {} + } + }, + "manager": "kubectl", + "operation": "Apply", + "subresource": null, + "time": "2024-02-26T19:32:48+00:00" + } + ], + "name": "cass-operator-webhook-service", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "963", + "self_link": null, + "uid": "beeeef70-d867-461d-a10a-75213fde5788" + }, + "spec": { + "allocate_load_balancer_node_ports": null, + "cluster_ip": "10.96.2.224", + "cluster_i_ps": [ + "10.96.2.224" + ], + "external_i_ps": null, + "external_name": null, + "external_traffic_policy": null, + "health_check_node_port": null, + "internal_traffic_policy": "Cluster", + "ip_families": [ + "IPv4" + ], + "ip_family_policy": "SingleStack", + "load_balancer_class": null, + "load_balancer_ip": null, + "load_balancer_source_ranges": null, + "ports": [ + { + "app_protocol": null, + "name": null, + "node_port": null, + "port": 443, + "protocol": "TCP", + "target_port": 9443 + } + ], + "publish_not_ready_addresses": null, + "selector": { + "control-plane": "controller-manager" + }, + "session_affinity": "None", + "session_affinity_config": null, + "type": "ClusterIP" + }, + "status": { + "conditions": null, + "load_balancer": { + "ingress": null + } + } + }, + "cluster1-seed-service": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": { + "cassandra.datastax.com/resource-hash": "2w8oZMRjOchCUBFmmFQdqzZA+EtwqcC76HPC6uTI84I=" + }, + "creation_timestamp": "2024-02-26T19:33:30+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": { + "ACTOKEY": "ACTOKEY", + "app.kubernetes.io/instance": "cassandra-cluster1", + "app.kubernetes.io/managed-by": "cass-operator", + "app.kubernetes.io/name": "cassandra", + "app.kubernetes.io/version": "3.11.7", + "cassandra.datastax.com/cluster": "cluster1" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + ".": {}, + "f:cassandra.datastax.com/resource-hash": {} + }, + "f:labels": { + ".": {}, + "f:ACTOKEY": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {}, + "f:app.kubernetes.io/version": {}, + "f:cassandra.datastax.com/cluster": {} + }, + "f:ownerReferences": { + ".": {}, + "k:{\"uid\":\"9b81ee5e-f473-4cc4-8eba-88b9581a973d\"}": {} + } + }, + "f:spec": { + "f:clusterIP": {}, + "f:internalTrafficPolicy": {}, + "f:publishNotReadyAddresses": {}, + "f:selector": {}, + "f:sessionAffinity": {}, + "f:type": {} + } + }, + "manager": "manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:37:15+00:00" + } + ], + "name": "cluster1-seed-service", + "namespace": "cass-operator", + "owner_references": [ + { + "api_version": "cassandra.datastax.com/v1beta1", + "block_owner_deletion": true, + "controller": true, + "kind": "CassandraDatacenter", + "name": "test-cluster", + "uid": "9b81ee5e-f473-4cc4-8eba-88b9581a973d" + } + ], + "resource_version": "2616", + "self_link": null, + "uid": "00b0d2fa-310d-439b-b427-39b249a2177b" + }, + "spec": { + "allocate_load_balancer_node_ports": null, + "cluster_ip": "None", + "cluster_i_ps": [ + "None" + ], + "external_i_ps": null, + "external_name": null, + "external_traffic_policy": null, + "health_check_node_port": null, + "internal_traffic_policy": "Cluster", + "ip_families": [ + "IPv4" + ], + "ip_family_policy": "SingleStack", + "load_balancer_class": null, + "load_balancer_ip": null, + "load_balancer_source_ranges": null, + "ports": null, + "publish_not_ready_addresses": true, + "selector": { + "cassandra.datastax.com/cluster": "cluster1", + "cassandra.datastax.com/seed-node": "true" + }, + "session_affinity": "None", + "session_affinity_config": null, + "type": "ClusterIP" + }, + "status": { + "conditions": null, + "load_balancer": { + "ingress": null + } + } + }, + "cluster1-test-cluster-additional-seed-service": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": { + "cassandra.datastax.com/resource-hash": "08fmY5i8j4N9Ih3XJefcPdJzIhMSZRLxdHMt09popds=" + }, + "creation_timestamp": "2024-02-26T19:33:30+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": { + "app.kubernetes.io/instance": "cassandra-cluster1", + "app.kubernetes.io/managed-by": "cass-operator", + "app.kubernetes.io/name": "cassandra", + "app.kubernetes.io/version": "3.11.7", + "cassandra.datastax.com/cluster": "cluster1", + "cassandra.datastax.com/datacenter": "test-cluster" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + ".": {}, + "f:cassandra.datastax.com/resource-hash": {} + }, + "f:labels": { + ".": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {}, + "f:app.kubernetes.io/version": {}, + "f:cassandra.datastax.com/cluster": {}, + "f:cassandra.datastax.com/datacenter": {} + }, + "f:ownerReferences": { + ".": {}, + "k:{\"uid\":\"9b81ee5e-f473-4cc4-8eba-88b9581a973d\"}": {} + } + }, + "f:spec": { + "f:clusterIP": {}, + "f:internalTrafficPolicy": {}, + "f:publishNotReadyAddresses": {}, + "f:sessionAffinity": {}, + "f:type": {} + } + }, + "manager": "manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:30+00:00" + } + ], + "name": "cluster1-test-cluster-additional-seed-service", + "namespace": "cass-operator", + "owner_references": [ + { + "api_version": "cassandra.datastax.com/v1beta1", + "block_owner_deletion": true, + "controller": true, + "kind": "CassandraDatacenter", + "name": "test-cluster", + "uid": "9b81ee5e-f473-4cc4-8eba-88b9581a973d" + } + ], + "resource_version": "1197", + "self_link": null, + "uid": "13e486e8-b4af-4e5d-8069-8627f88868ea" + }, + "spec": { + "allocate_load_balancer_node_ports": null, + "cluster_ip": "None", + "cluster_i_ps": [ + "None" + ], + "external_i_ps": null, + "external_name": null, + "external_traffic_policy": null, + "health_check_node_port": null, + "internal_traffic_policy": "Cluster", + "ip_families": [ + "IPv4", + "IPv6" + ], + "ip_family_policy": "RequireDualStack", + "load_balancer_class": null, + "load_balancer_ip": null, + "load_balancer_source_ranges": null, + "ports": null, + "publish_not_ready_addresses": true, + "selector": null, + "session_affinity": "None", + "session_affinity_config": null, + "type": "ClusterIP" + }, + "status": { + "conditions": null, + "load_balancer": { + "ingress": null + } + } + }, + "cluster1-test-cluster-all-pods-service": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": { + "cassandra.datastax.com/resource-hash": "KfxzJFWkJsi0aVju584rMKEgw1NQw25q/4PPXeWb4mw=" + }, + "creation_timestamp": "2024-02-26T19:33:30+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": { + "app.kubernetes.io/instance": "cassandra-cluster1", + "app.kubernetes.io/managed-by": "cass-operator", + "app.kubernetes.io/name": "cassandra", + "app.kubernetes.io/version": "3.11.7", + "cassandra.datastax.com/cluster": "cluster1", + "cassandra.datastax.com/datacenter": "test-cluster", + "cassandra.datastax.com/prom-metrics": "true" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + ".": {}, + "f:cassandra.datastax.com/resource-hash": {} + }, + "f:labels": { + ".": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {}, + "f:app.kubernetes.io/version": {}, + "f:cassandra.datastax.com/cluster": {}, + "f:cassandra.datastax.com/datacenter": {}, + "f:cassandra.datastax.com/prom-metrics": {} + }, + "f:ownerReferences": { + ".": {}, + "k:{\"uid\":\"9b81ee5e-f473-4cc4-8eba-88b9581a973d\"}": {} + } + }, + "f:spec": { + "f:clusterIP": {}, + "f:internalTrafficPolicy": {}, + "f:ports": { + ".": {}, + "k:{\"port\":8080,\"protocol\":\"TCP\"}": { + ".": {}, + "f:name": {}, + "f:port": {}, + "f:protocol": {}, + "f:targetPort": {} + }, + "k:{\"port\":9042,\"protocol\":\"TCP\"}": { + ".": {}, + "f:name": {}, + "f:port": {}, + "f:protocol": {}, + "f:targetPort": {} + }, + "k:{\"port\":9103,\"protocol\":\"TCP\"}": { + ".": {}, + "f:name": {}, + "f:port": {}, + "f:protocol": {}, + "f:targetPort": {} + } + }, + "f:publishNotReadyAddresses": {}, + "f:selector": {}, + "f:sessionAffinity": {}, + "f:type": {} + } + }, + "manager": "manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:30+00:00" + } + ], + "name": "cluster1-test-cluster-all-pods-service", + "namespace": "cass-operator", + "owner_references": [ + { + "api_version": "cassandra.datastax.com/v1beta1", + "block_owner_deletion": true, + "controller": true, + "kind": "CassandraDatacenter", + "name": "test-cluster", + "uid": "9b81ee5e-f473-4cc4-8eba-88b9581a973d" + } + ], + "resource_version": "1193", + "self_link": null, + "uid": "358ff370-5a9c-409a-8ad4-6cb19ee410a9" + }, + "spec": { + "allocate_load_balancer_node_ports": null, + "cluster_ip": "None", + "cluster_i_ps": [ + "None" + ], + "external_i_ps": null, + "external_name": null, + "external_traffic_policy": null, + "health_check_node_port": null, + "internal_traffic_policy": "Cluster", + "ip_families": [ + "IPv4" + ], + "ip_family_policy": "SingleStack", + "load_balancer_class": null, + "load_balancer_ip": null, + "load_balancer_source_ranges": null, + "ports": [ + { + "app_protocol": null, + "name": "native", + "node_port": null, + "port": 9042, + "protocol": "TCP", + "target_port": 9042 + }, + { + "app_protocol": null, + "name": "mgmt-api", + "node_port": null, + "port": 8080, + "protocol": "TCP", + "target_port": 8080 + }, + { + "app_protocol": null, + "name": "prometheus", + "node_port": null, + "port": 9103, + "protocol": "TCP", + "target_port": 9103 + } + ], + "publish_not_ready_addresses": true, + "selector": { + "cassandra.datastax.com/cluster": "cluster1", + "cassandra.datastax.com/datacenter": "test-cluster" + }, + "session_affinity": "None", + "session_affinity_config": null, + "type": "ClusterIP" + }, + "status": { + "conditions": null, + "load_balancer": { + "ingress": null + } + } + }, + "cluster1-test-cluster-service": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": { + "cassandra.datastax.com/resource-hash": "veMcfmIxEezVk0s29xOumZv+nuuRE+2udQuOxKrwNAs=" + }, + "creation_timestamp": "2024-02-26T19:33:30+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": { + "app.kubernetes.io/instance": "cassandra-cluster1", + "app.kubernetes.io/managed-by": "cass-operator", + "app.kubernetes.io/name": "cassandra", + "app.kubernetes.io/version": "3.11.7", + "cassandra.datastax.com/cluster": "cluster1", + "cassandra.datastax.com/datacenter": "test-cluster" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + ".": {}, + "f:cassandra.datastax.com/resource-hash": {} + }, + "f:labels": { + ".": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {}, + "f:app.kubernetes.io/version": {}, + "f:cassandra.datastax.com/cluster": {}, + "f:cassandra.datastax.com/datacenter": {} + }, + "f:ownerReferences": { + ".": {}, + "k:{\"uid\":\"9b81ee5e-f473-4cc4-8eba-88b9581a973d\"}": {} + } + }, + "f:spec": { + "f:clusterIP": {}, + "f:internalTrafficPolicy": {}, + "f:ports": { + ".": {}, + "k:{\"port\":8080,\"protocol\":\"TCP\"}": { + ".": {}, + "f:name": {}, + "f:port": {}, + "f:protocol": {}, + "f:targetPort": {} + }, + "k:{\"port\":9042,\"protocol\":\"TCP\"}": { + ".": {}, + "f:name": {}, + "f:port": {}, + "f:protocol": {}, + "f:targetPort": {} + }, + "k:{\"port\":9103,\"protocol\":\"TCP\"}": { + ".": {}, + "f:name": {}, + "f:port": {}, + "f:protocol": {}, + "f:targetPort": {} + }, + "k:{\"port\":9142,\"protocol\":\"TCP\"}": { + ".": {}, + "f:name": {}, + "f:port": {}, + "f:protocol": {}, + "f:targetPort": {} + }, + "k:{\"port\":9160,\"protocol\":\"TCP\"}": { + ".": {}, + "f:name": {}, + "f:port": {}, + "f:protocol": {}, + "f:targetPort": {} + } + }, + "f:selector": {}, + "f:sessionAffinity": {}, + "f:type": {} + } + }, + "manager": "manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:30+00:00" + } + ], + "name": "cluster1-test-cluster-service", + "namespace": "cass-operator", + "owner_references": [ + { + "api_version": "cassandra.datastax.com/v1beta1", + "block_owner_deletion": true, + "controller": true, + "kind": "CassandraDatacenter", + "name": "test-cluster", + "uid": "9b81ee5e-f473-4cc4-8eba-88b9581a973d" + } + ], + "resource_version": "1190", + "self_link": null, + "uid": "f7afd0c2-64c1-442a-88c2-f903a0e22824" + }, + "spec": { + "allocate_load_balancer_node_ports": null, + "cluster_ip": "None", + "cluster_i_ps": [ + "None" + ], + "external_i_ps": null, + "external_name": null, + "external_traffic_policy": null, + "health_check_node_port": null, + "internal_traffic_policy": "Cluster", + "ip_families": [ + "IPv4" + ], + "ip_family_policy": "SingleStack", + "load_balancer_class": null, + "load_balancer_ip": null, + "load_balancer_source_ranges": null, + "ports": [ + { + "app_protocol": null, + "name": "native", + "node_port": null, + "port": 9042, + "protocol": "TCP", + "target_port": 9042 + }, + { + "app_protocol": null, + "name": "tls-native", + "node_port": null, + "port": 9142, + "protocol": "TCP", + "target_port": 9142 + }, + { + "app_protocol": null, + "name": "mgmt-api", + "node_port": null, + "port": 8080, + "protocol": "TCP", + "target_port": 8080 + }, + { + "app_protocol": null, + "name": "prometheus", + "node_port": null, + "port": 9103, + "protocol": "TCP", + "target_port": 9103 + }, + { + "app_protocol": null, + "name": "thrift", + "node_port": null, + "port": 9160, + "protocol": "TCP", + "target_port": 9160 + } + ], + "publish_not_ready_addresses": null, + "selector": { + "cassandra.datastax.com/cluster": "cluster1", + "cassandra.datastax.com/datacenter": "test-cluster" + }, + "session_affinity": "None", + "session_affinity_config": null, + "type": "ClusterIP" + }, + "status": { + "conditions": null, + "load_balancer": { + "ingress": null + } + } + } + }, + "pvc": { + "server-data-cluster1-test-cluster-default-sts-0": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": { + "pv.kubernetes.io/bind-completed": "yes", + "pv.kubernetes.io/bound-by-controller": "yes", + "volume.beta.kubernetes.io/storage-provisioner": "rancher.io/local-path", + "volume.kubernetes.io/selected-node": "acto-0-cluster-0-worker2", + "volume.kubernetes.io/storage-provisioner": "rancher.io/local-path" + }, + "creation_timestamp": "2024-02-26T19:33:30+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": [ + "kubernetes.io/pvc-protection" + ], + "generate_name": null, + "generation": null, + "labels": { + "app.kubernetes.io/instance": "cassandra-cluster1", + "app.kubernetes.io/managed-by": "cass-operator", + "app.kubernetes.io/name": "cassandra", + "app.kubernetes.io/version": "3.11.7", + "cassandra.datastax.com/cluster": "cluster1", + "cassandra.datastax.com/datacenter": "test-cluster", + "cassandra.datastax.com/rack": "default" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + ".": {}, + "f:volume.kubernetes.io/selected-node": {} + } + } + }, + "manager": "kube-scheduler", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:30+00:00" + }, + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + "f:pv.kubernetes.io/bind-completed": {}, + "f:pv.kubernetes.io/bound-by-controller": {}, + "f:volume.beta.kubernetes.io/storage-provisioner": {}, + "f:volume.kubernetes.io/storage-provisioner": {} + }, + "f:labels": { + ".": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {}, + "f:app.kubernetes.io/version": {}, + "f:cassandra.datastax.com/cluster": {}, + "f:cassandra.datastax.com/datacenter": {}, + "f:cassandra.datastax.com/rack": {} + } + }, + "f:spec": { + "f:accessModes": {}, + "f:resources": { + "f:requests": { + ".": {}, + "f:storage": {} + } + }, + "f:storageClassName": {}, + "f:volumeMode": {}, + "f:volumeName": {} + } + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:32+00:00" + }, + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:status": { + "f:accessModes": {}, + "f:capacity": { + ".": {}, + "f:storage": {} + }, + "f:phase": {} + } + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": "status", + "time": "2024-02-26T19:33:32+00:00" + } + ], + "name": "server-data-cluster1-test-cluster-default-sts-0", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1283", + "self_link": null, + "uid": "b78a30f1-4bf6-43d3-9df5-d10275907d6f" + }, + "spec": { + "access_modes": [ + "ReadWriteOnce" + ], + "data_source": null, + "data_source_ref": null, + "resources": { + "claims": null, + "limits": null, + "requests": { + "storage": "3Gi" + } + }, + "selector": null, + "storage_class_name": "server-storage", + "volume_mode": "Filesystem", + "volume_name": "pvc-b78a30f1-4bf6-43d3-9df5-d10275907d6f" + }, + "status": { + "access_modes": [ + "ReadWriteOnce" + ], + "allocated_resources": null, + "capacity": { + "storage": "3Gi" + }, + "conditions": null, + "phase": "Bound", + "resize_status": null + } + }, + "server-data-cluster1-test-cluster-default-sts-1": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": { + "pv.kubernetes.io/bind-completed": "yes", + "pv.kubernetes.io/bound-by-controller": "yes", + "volume.beta.kubernetes.io/storage-provisioner": "rancher.io/local-path", + "volume.kubernetes.io/selected-node": "acto-0-cluster-0-worker", + "volume.kubernetes.io/storage-provisioner": "rancher.io/local-path" + }, + "creation_timestamp": "2024-02-26T19:33:30+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": [ + "kubernetes.io/pvc-protection" + ], + "generate_name": null, + "generation": null, + "labels": { + "app.kubernetes.io/instance": "cassandra-cluster1", + "app.kubernetes.io/managed-by": "cass-operator", + "app.kubernetes.io/name": "cassandra", + "app.kubernetes.io/version": "3.11.7", + "cassandra.datastax.com/cluster": "cluster1", + "cassandra.datastax.com/datacenter": "test-cluster", + "cassandra.datastax.com/rack": "default" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + ".": {}, + "f:volume.kubernetes.io/selected-node": {} + } + } + }, + "manager": "kube-scheduler", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:30+00:00" + }, + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + "f:pv.kubernetes.io/bind-completed": {}, + "f:pv.kubernetes.io/bound-by-controller": {}, + "f:volume.beta.kubernetes.io/storage-provisioner": {}, + "f:volume.kubernetes.io/storage-provisioner": {} + }, + "f:labels": { + ".": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {}, + "f:app.kubernetes.io/version": {}, + "f:cassandra.datastax.com/cluster": {}, + "f:cassandra.datastax.com/datacenter": {}, + "f:cassandra.datastax.com/rack": {} + } + }, + "f:spec": { + "f:accessModes": {}, + "f:resources": { + "f:requests": { + ".": {}, + "f:storage": {} + } + }, + "f:storageClassName": {}, + "f:volumeMode": {}, + "f:volumeName": {} + } + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:33+00:00" + }, + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:status": { + "f:accessModes": {}, + "f:capacity": { + ".": {}, + "f:storage": {} + }, + "f:phase": {} + } + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": "status", + "time": "2024-02-26T19:33:33+00:00" + } + ], + "name": "server-data-cluster1-test-cluster-default-sts-1", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1301", + "self_link": null, + "uid": "5921cc87-b65e-4389-9c27-bfd4674f40dc" + }, + "spec": { + "access_modes": [ + "ReadWriteOnce" + ], + "data_source": null, + "data_source_ref": null, + "resources": { + "claims": null, + "limits": null, + "requests": { + "storage": "3Gi" + } + }, + "selector": null, + "storage_class_name": "server-storage", + "volume_mode": "Filesystem", + "volume_name": "pvc-5921cc87-b65e-4389-9c27-bfd4674f40dc" + }, + "status": { + "access_modes": [ + "ReadWriteOnce" + ], + "allocated_resources": null, + "capacity": { + "storage": "3Gi" + }, + "conditions": null, + "phase": "Bound", + "resize_status": null + } + }, + "server-data-cluster1-test-cluster-default-sts-2": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": { + "pv.kubernetes.io/bind-completed": "yes", + "pv.kubernetes.io/bound-by-controller": "yes", + "volume.beta.kubernetes.io/storage-provisioner": "rancher.io/local-path", + "volume.kubernetes.io/selected-node": "acto-0-cluster-0-worker3", + "volume.kubernetes.io/storage-provisioner": "rancher.io/local-path" + }, + "creation_timestamp": "2024-02-26T19:33:30+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": [ + "kubernetes.io/pvc-protection" + ], + "generate_name": null, + "generation": null, + "labels": { + "app.kubernetes.io/instance": "cassandra-cluster1", + "app.kubernetes.io/managed-by": "cass-operator", + "app.kubernetes.io/name": "cassandra", + "app.kubernetes.io/version": "3.11.7", + "cassandra.datastax.com/cluster": "cluster1", + "cassandra.datastax.com/datacenter": "test-cluster", + "cassandra.datastax.com/rack": "default" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + ".": {}, + "f:volume.kubernetes.io/selected-node": {} + } + } + }, + "manager": "kube-scheduler", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:30+00:00" + }, + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + "f:pv.kubernetes.io/bind-completed": {}, + "f:pv.kubernetes.io/bound-by-controller": {}, + "f:volume.beta.kubernetes.io/storage-provisioner": {}, + "f:volume.kubernetes.io/storage-provisioner": {} + }, + "f:labels": { + ".": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {}, + "f:app.kubernetes.io/version": {}, + "f:cassandra.datastax.com/cluster": {}, + "f:cassandra.datastax.com/datacenter": {}, + "f:cassandra.datastax.com/rack": {} + } + }, + "f:spec": { + "f:accessModes": {}, + "f:resources": { + "f:requests": { + ".": {}, + "f:storage": {} + } + }, + "f:storageClassName": {}, + "f:volumeMode": {}, + "f:volumeName": {} + } + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:33+00:00" + }, + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:status": { + "f:accessModes": {}, + "f:capacity": { + ".": {}, + "f:storage": {} + }, + "f:phase": {} + } + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": "status", + "time": "2024-02-26T19:33:33+00:00" + } + ], + "name": "server-data-cluster1-test-cluster-default-sts-2", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1309", + "self_link": null, + "uid": "46c1b026-ace4-4bb1-83b7-39b6f5a2cb7f" + }, + "spec": { + "access_modes": [ + "ReadWriteOnce" + ], + "data_source": null, + "data_source_ref": null, + "resources": { + "claims": null, + "limits": null, + "requests": { + "storage": "3Gi" + } + }, + "selector": null, + "storage_class_name": "server-storage", + "volume_mode": "Filesystem", + "volume_name": "pvc-46c1b026-ace4-4bb1-83b7-39b6f5a2cb7f" + }, + "status": { + "access_modes": [ + "ReadWriteOnce" + ], + "allocated_resources": null, + "capacity": { + "storage": "3Gi" + }, + "conditions": null, + "phase": "Bound", + "resize_status": null + } + } + }, + "cronjob": {}, + "ingress": {}, + "network_policy": {}, + "pod_disruption_budget": { + "test-cluster-pdb": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": { + "cassandra.datastax.com/resource-hash": "N5O7i+zXqVMtvfYRMnksAOtwD64XnXhWx4ZtrExoAfU=" + }, + "creation_timestamp": "2024-02-26T19:36:14+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": 1, + "labels": { + "app.kubernetes.io/instance": "cassandra-cluster1", + "app.kubernetes.io/managed-by": "cass-operator", + "app.kubernetes.io/name": "cassandra", + "app.kubernetes.io/version": "3.11.7", + "cassandra.datastax.com/cluster": "cluster1", + "cassandra.datastax.com/datacenter": "test-cluster" + }, + "managed_fields": [ + { + "api_version": "policy/v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:status": { + "f:conditions": { + ".": {}, + "k:{\"type\":\"DisruptionAllowed\"}": { + ".": {}, + "f:lastTransitionTime": {}, + "f:message": {}, + "f:observedGeneration": {}, + "f:reason": {}, + "f:status": {}, + "f:type": {} + } + }, + "f:currentHealthy": {}, + "f:desiredHealthy": {}, + "f:disruptionsAllowed": {}, + "f:expectedPods": {}, + "f:observedGeneration": {} + } + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": "status", + "time": "2024-02-26T19:36:14+00:00" + }, + { + "api_version": "policy/v1beta1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + ".": {}, + "f:cassandra.datastax.com/resource-hash": {} + }, + "f:labels": { + ".": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {}, + "f:app.kubernetes.io/version": {}, + "f:cassandra.datastax.com/cluster": {}, + "f:cassandra.datastax.com/datacenter": {} + }, + "f:ownerReferences": { + ".": {}, + "k:{\"uid\":\"9b81ee5e-f473-4cc4-8eba-88b9581a973d\"}": {} + } + }, + "f:spec": { + "f:minAvailable": {}, + "f:selector": {} + } + }, + "manager": "manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:36:14+00:00" + } + ], + "name": "test-cluster-pdb", + "namespace": "cass-operator", + "owner_references": [ + { + "api_version": "cassandra.datastax.com/v1beta1", + "block_owner_deletion": true, + "controller": true, + "kind": "CassandraDatacenter", + "name": "test-cluster", + "uid": "9b81ee5e-f473-4cc4-8eba-88b9581a973d" + } + ], + "resource_version": "1980", + "self_link": null, + "uid": "d836002c-7c09-488a-b295-d5a972973ee4" + }, + "spec": { + "max_unavailable": null, + "min_available": 2, + "selector": { + "match_expressions": null, + "match_labels": { + "cassandra.datastax.com/cluster": "cluster1", + "cassandra.datastax.com/datacenter": "test-cluster" + } + }, + "unhealthy_pod_eviction_policy": null + }, + "status": { + "conditions": [ + { + "last_transition_time": "2024-02-26T19:36:14+00:00", + "message": "", + "observed_generation": 1, + "reason": "SufficientPods", + "status": "True", + "type": "DisruptionAllowed" + } + ], + "current_healthy": 3, + "desired_healthy": 2, + "disrupted_pods": null, + "disruptions_allowed": 1, + "expected_pods": 3, + "observed_generation": 1 + } + } + }, + "secret": { + "cass-operator-controller-manager-token-78j4l": { + "api_version": null, + "data": { + "ca.crt": "-----BEGIN CERTIFICATE-----\nMIIC/jCCAeagAwIBAgIBADANBgkqhkiG9w0BAQsFADAVMRMwEQYDVQQDEwprdWJl\ncm5ldGVzMB4XDTI0MDIyNjE5MzEyNVoXDTM0MDIyMzE5MzEyNVowFTETMBEGA1UE\nAxMKa3ViZXJuZXRlczCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMmH\nFaWb2Wjn7HoSYrErkc76xYf8Iz5XjB4005cdOSVc8bovTzFpQwmV7B09zUpq6nOq\nTNk86Zfrth8KyS1crMrlNhOkOZYeGPT2L8NMO9V/XrgaRv8cEWZjeMRpWlNdwVtJ\nrK+CQF/e4vMbv17zjT5DeSXJtYpY87TWY69RH4cJFnD93Y1BUSfPbSbtaAXLdH03\nPVTtFWm6H8NFzf+bw1hN1W+62DOWjZ7YbR3aJqyyle26Qz35VocYnRo705lZKPwO\nt5XnwmnIE6sMwngJutGipU8/v/OG8SsvoOgfLU8sSeuatXV6q/UzvAv0x0X7b6BH\nvEPkLge3JISAylxOu+0CAwEAAaNZMFcwDgYDVR0PAQH/BAQDAgKkMA8GA1UdEwEB\n/wQFMAMBAf8wHQYDVR0OBBYEFBn5yq8hFn3wVwtApoqJ9eQF1zPpMBUGA1UdEQQO\nMAyCCmt1YmVybmV0ZXMwDQYJKoZIhvcNAQELBQADggEBABrIGLIeWKkQrHtRF/lJ\nUqLBDKSkOOdHlAXfYJNM3LgYEoNBV1hvt5Pte95QKpflyLBEqiaIeq1Qpw4OfH3x\nj1xsNULGk6Xjce8/UpG4xSfsJ7xntFzg22pEZKuAF1FGOOfZh5orla6UHk8Bg5+b\nXZeJzUGJSKfjVhlxf72udWFzvJdcG/sEUkvyX5Mlrph8tUyOpY/6LRAmDBrfokBk\nEA8DQjsL0IaIOoHP2eMVqIws8Biyptn6q047jjayTjn2ITN3Cd2yj9qGwlBaO6rE\nrtqStZSE+M7MNHsY4ha/Jgarg3VzafqRXCA2QVuc8iqke0v1ntnOzZz2RUmLY5UA\nGyM=\n-----END CERTIFICATE-----\n", + "namespace": "cass-operator", + "token": "eyJhbGciOiJSUzI1NiIsImtpZCI6Inh4RE1zTEVXZVFPYU9hV2FoYi05em80SnZ0WExGeHJ2blN4NHlEa2V4NTgifQ.eyJpc3MiOiJrdWJlcm5ldGVzL3NlcnZpY2VhY2NvdW50Iiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9uYW1lc3BhY2UiOiJjYXNzLW9wZXJhdG9yIiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9zZWNyZXQubmFtZSI6ImNhc3Mtb3BlcmF0b3ItY29udHJvbGxlci1tYW5hZ2VyLXRva2VuLTc4ajRsIiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9zZXJ2aWNlLWFjY291bnQubmFtZSI6ImNhc3Mtb3BlcmF0b3ItY29udHJvbGxlci1tYW5hZ2VyIiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9zZXJ2aWNlLWFjY291bnQudWlkIjoiNTYyOGVjNjUtMjM1Zi00ZGI4LTk4MjgtYWI4MDQ5ZTBhZjkyIiwic3ViIjoic3lzdGVtOnNlcnZpY2VhY2NvdW50OmNhc3Mtb3BlcmF0b3I6Y2Fzcy1vcGVyYXRvci1jb250cm9sbGVyLW1hbmFnZXIifQ.MXOf_QvpwuQk88mZTM2c8BVZ3x-KieQiLN2Rx9Rss1cj6jYjH320QPtBRe1qZ5S4Dkkz4eUg3lHrX-rj4q_0UHz-SH8vKeXMyX8dxkwZHcS00PAEtCIlgKC-WzAPqnaKdY4duHZUnA2mK2Bd-ewwiOdFLO8hf7bR11JXdpj0t9T3SZrw8WnHCMPmAdgaF8dM_QDhU2n9vKlyh5-6J8-g6mM-ebtGOP26j4x76P6hECgtxD3xOzVIzV_rWRaxHT2Bl3IPTZ_rK8RtU9Vovz0YVWbr65EHDXSBs5oxeId4iVZywCN_4BMJ1zL36S-Gc6Bm5mMtWyiyXrK7fXN8sMTCiw" + }, + "immutable": null, + "kind": null, + "metadata": { + "annotations": { + "kubernetes.io/service-account.name": "cass-operator-controller-manager", + "kubernetes.io/service-account.uid": "5628ec65-235f-4db8-9828-ab8049e0af92" + }, + "creation_timestamp": "2024-02-26T19:32:48+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:data": { + ".": {}, + "f:ca.crt": {}, + "f:namespace": {}, + "f:token": {} + }, + "f:metadata": { + "f:annotations": { + ".": {}, + "f:kubernetes.io/service-account.name": {}, + "f:kubernetes.io/service-account.uid": {} + } + }, + "f:type": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:32:48+00:00" + } + ], + "name": "cass-operator-controller-manager-token-78j4l", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "954", + "self_link": null, + "uid": "fc2c5c76-6bf8-4dd5-858e-15718ab80648" + }, + "string_data": null, + "type": "kubernetes.io/service-account-token" + }, + "cluster1-superuser": { + "api_version": null, + "data": { + "password": "lgA50wzRdKTOoZjU2DbbqiTljvOlrKE2CUxGcTMi4CsjCQ5KfcM0Dg", + "username": "cluster1-superuser" + }, + "immutable": null, + "kind": null, + "metadata": { + "annotations": { + "cassandra.datastax.com/watched-by": "[\"cass-operator/test-cluster\"]" + }, + "creation_timestamp": "2024-02-26T19:33:30+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": { + "app.kubernetes.io/instance": "cassandra-cluster1", + "app.kubernetes.io/managed-by": "cass-operator", + "app.kubernetes.io/name": "cassandra", + "app.kubernetes.io/version": "3.11.7", + "cassandra.datastax.com/watched": "true" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:data": { + ".": {}, + "f:password": {}, + "f:username": {} + }, + "f:metadata": { + "f:annotations": { + ".": {}, + "f:cassandra.datastax.com/watched-by": {} + }, + "f:labels": { + ".": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {}, + "f:app.kubernetes.io/version": {}, + "f:cassandra.datastax.com/watched": {} + } + }, + "f:type": {} + }, + "manager": "manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:36:14+00:00" + } + ], + "name": "cluster1-superuser", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1979", + "self_link": null, + "uid": "d70fb378-1971-4597-836f-222a7c423688" + }, + "string_data": null, + "type": "Opaque" + }, + "default-token-85zgl": { + "api_version": null, + "data": { + "ca.crt": "-----BEGIN CERTIFICATE-----\nMIIC/jCCAeagAwIBAgIBADANBgkqhkiG9w0BAQsFADAVMRMwEQYDVQQDEwprdWJl\ncm5ldGVzMB4XDTI0MDIyNjE5MzEyNVoXDTM0MDIyMzE5MzEyNVowFTETMBEGA1UE\nAxMKa3ViZXJuZXRlczCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMmH\nFaWb2Wjn7HoSYrErkc76xYf8Iz5XjB4005cdOSVc8bovTzFpQwmV7B09zUpq6nOq\nTNk86Zfrth8KyS1crMrlNhOkOZYeGPT2L8NMO9V/XrgaRv8cEWZjeMRpWlNdwVtJ\nrK+CQF/e4vMbv17zjT5DeSXJtYpY87TWY69RH4cJFnD93Y1BUSfPbSbtaAXLdH03\nPVTtFWm6H8NFzf+bw1hN1W+62DOWjZ7YbR3aJqyyle26Qz35VocYnRo705lZKPwO\nt5XnwmnIE6sMwngJutGipU8/v/OG8SsvoOgfLU8sSeuatXV6q/UzvAv0x0X7b6BH\nvEPkLge3JISAylxOu+0CAwEAAaNZMFcwDgYDVR0PAQH/BAQDAgKkMA8GA1UdEwEB\n/wQFMAMBAf8wHQYDVR0OBBYEFBn5yq8hFn3wVwtApoqJ9eQF1zPpMBUGA1UdEQQO\nMAyCCmt1YmVybmV0ZXMwDQYJKoZIhvcNAQELBQADggEBABrIGLIeWKkQrHtRF/lJ\nUqLBDKSkOOdHlAXfYJNM3LgYEoNBV1hvt5Pte95QKpflyLBEqiaIeq1Qpw4OfH3x\nj1xsNULGk6Xjce8/UpG4xSfsJ7xntFzg22pEZKuAF1FGOOfZh5orla6UHk8Bg5+b\nXZeJzUGJSKfjVhlxf72udWFzvJdcG/sEUkvyX5Mlrph8tUyOpY/6LRAmDBrfokBk\nEA8DQjsL0IaIOoHP2eMVqIws8Biyptn6q047jjayTjn2ITN3Cd2yj9qGwlBaO6rE\nrtqStZSE+M7MNHsY4ha/Jgarg3VzafqRXCA2QVuc8iqke0v1ntnOzZz2RUmLY5UA\nGyM=\n-----END CERTIFICATE-----\n", + "namespace": "cass-operator", + "token": "eyJhbGciOiJSUzI1NiIsImtpZCI6Inh4RE1zTEVXZVFPYU9hV2FoYi05em80SnZ0WExGeHJ2blN4NHlEa2V4NTgifQ.eyJpc3MiOiJrdWJlcm5ldGVzL3NlcnZpY2VhY2NvdW50Iiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9uYW1lc3BhY2UiOiJjYXNzLW9wZXJhdG9yIiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9zZWNyZXQubmFtZSI6ImRlZmF1bHQtdG9rZW4tODV6Z2wiLCJrdWJlcm5ldGVzLmlvL3NlcnZpY2VhY2NvdW50L3NlcnZpY2UtYWNjb3VudC5uYW1lIjoiZGVmYXVsdCIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VydmljZS1hY2NvdW50LnVpZCI6ImIzZmRlMDk1LTc4NDctNDI3Ny05ZDY4LTFiNmMyOGZhM2Q3MSIsInN1YiI6InN5c3RlbTpzZXJ2aWNlYWNjb3VudDpjYXNzLW9wZXJhdG9yOmRlZmF1bHQifQ.oDBiilLn6TaBtuduVklCDCNa0UIM_qwI-y5GEvoM_kgUDugNiJj8x5elLWbS1BklUEiLIYPGdDZyQWnEtuJO9kNAEqKQrtIlYxKy3T1uaG_JZ0tFkUa3yXAisNYZnnX4ZYjFDCycUtVP8TiF2ZV0iR900tLL2TWM7jEnacKkIOviL2zqiBTD5v3d33aj9KXQwGMT1IMGDKX4x1VIySiDRHUS03ogGaPijilw45v0lWN18BI3vRtMSwuQIsaE8knoVKavm4AurK80rVP6Tm-CHNqWTiOnZ56lM11lnDVDsT2agXjO52MYV0TQkYVKgdq0YgUYf2rbBxpvQ4tTNqTS_A" + }, + "immutable": null, + "kind": null, + "metadata": { + "annotations": { + "kubernetes.io/service-account.name": "default", + "kubernetes.io/service-account.uid": "b3fde095-7847-4277-9d68-1b6c28fa3d71" + }, + "creation_timestamp": "2024-02-26T19:32:27+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:data": { + ".": {}, + "f:ca.crt": {}, + "f:namespace": {}, + "f:token": {} + }, + "f:metadata": { + "f:annotations": { + ".": {}, + "f:kubernetes.io/service-account.name": {}, + "f:kubernetes.io/service-account.uid": {} + } + }, + "f:type": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:32:27+00:00" + } + ], + "name": "default-token-85zgl", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "737", + "self_link": null, + "uid": "4f46c8c1-ec8e-454c-b261-48c03c463f85" + }, + "string_data": null, + "type": "kubernetes.io/service-account-token" + }, + "test-cluster-ca-keystore": { + "api_version": null, + "data": { + "cert": "-----BEGIN CERTIFICATE-----\nMIIF9zCCA9+gAwIBAgIQX1+/mcEfMJBDyRV8seUWAjANBgkqhkiG9w0BAQsFADBp\nMTIwMAYDVQQKEylDYXNzYW5kcmEgS3ViZXJuZXRlcyBPcGVyYXRvciBCeSBEYXRh\nc3RheDEzMDEGA1UEAxMqdGVzdC1jbHVzdGVyLWNhLWtleXN0b3JlLmNhc3Mtb3Bl\ncmF0b3Iuc3ZjMB4XDTI0MDIyNjE5MzMzMFoXDTI1MDIyNTE5MzMzMFowaTEyMDAG\nA1UEChMpQ2Fzc2FuZHJhIEt1YmVybmV0ZXMgT3BlcmF0b3IgQnkgRGF0YXN0YXgx\nMzAxBgNVBAMTKnRlc3QtY2x1c3Rlci1jYS1rZXlzdG9yZS5jYXNzLW9wZXJhdG9y\nLnN2YzCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAPjypL+aX9rQ6gjq\nWkdsYubR8oVk3VcL4rb4zO0BttU0yia0mB+iBYx0Sjc2YBeTpP6j2J3THbmtU8+F\nh6Q9Gmp0egJiElSNyzVZcLaReCi+2P9rYrWgqz9L8QzLB2hOBhQ3Tn/iL4fkiU0l\nP+veI/HutmzYXQhe0gWdMtip5rVmOxwupN53dhupOAW4cOB05cBEim23mmG2g5KI\nPZ1Qog2FytOWLgcVLX5QyRUwkSWmPDzaFA/c4BHzpF0y4B9Gf/pjkUvAYF2uD64C\nZL/dxk5++9DlH7lD8Df5If3lne6scxlKLes4b1aevgD2yJNSEQnFBdzPGh6jXmHk\npaWQbMY8Wzbc+3HWUIfYvq9YMQXTZkn9A+lF8fTnOeY5gbpmYy/0Za9e1T+YdP5Z\n2dI9nPi6kWciiIkT9bOL4/cvFYFZqMoqbmoiXW0X5ns7dajeto63RT/SDos0FNqp\nwVylcsEesQM3nPAWgP2H4L5cOYt0ODAY/HTQ4gX942SzeS9+0ptGCdx7pyzn4N65\nXtZbTf/Nqn0ZWwy5aAe2j2PA1/XUUJ7VI5X9VbH71bkStmMwBwSkijkeLeIws4He\n36Mwm5ZQSPond4GMQi7Rvhw1Viu0jrW+R+3VzvYZqW/ucUhY8K/vQh4jWjtIDE8r\nyxOxe1UeqThK2hVQC/7V7quKBXXlAgMBAAGjgZowgZcwDgYDVR0PAQH/BAQDAgKk\nMBMGA1UdJQQMMAoGCCsGAQUFBwMBMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYE\nFKihpplWTjvB13YVR/+rJIXDDySlMEAGA1UdEQQ5MDeCNWNhc3NhbmRyYWRhdGFj\nZW50ZXItd2ViaG9vay1zZXJ2aWNlLmNhc3Mtb3BlcmF0b3Iuc3ZjMA0GCSqGSIb3\nDQEBCwUAA4ICAQB5mrJBCJW1YzHSfe7h4OHvbqJViIcEDfhdz43+4tRheS1+t6Lp\n78LAT7ExsVzbe7de+qJgQVaG8RwXTS0mGmowrqb1xRvIM6nYvNP5NurL7O988gwQ\npZFrJwzGftnqQurTARGPTFtIkm6gSJNXH2Fr+amO8CPTTvkvH2Rt1VMHbsnI8/N0\nTDsKs4ohYYQfUPp+F/hT6EPpSURMOGa0zsaYV5oZnvVnxSPn80HBhXBNBOA0Dh7Z\nwqXCiAm1L65zB8HIe9fHxTRMFc7cnVOqnCDDSrfu3yRvj6HcGqjX899e9SDklW6R\npupvRhJeZW3a9XoH5oMzYcfdQKFmTwhGr39TMCfdTbNEyGQmEtJiqLegddBYGuDm\n1KOys4cTuamhoXo8NoQN/p9oVzCBqVasv1fER01fX+DoN3lWUVL9Xalqzv1KZd8w\ncJB9VJL2cfWg7/DI8ZcSk/IlzEenglB578Kg5vTCgcCMpYbjzkJGXbWD49Z/jZ2p\nxp0RtKLOIW0cdzETxwIpiL0vfeyJ3Ri8KKisZskBmvmog/+GSyaCeNsFMU9gziRx\nXfvdzd9P0dC9FfSigm/uQ2FHSWaVASwZ4MKg7zozsDHrAHZPdwfelmyB4cntOaYU\nIQ7YMDs41bCU+CBwPLNc54Y9gC+HbfBehM3Zt8Xf4CiQ7/1yK0pttiLaQQ==\n-----END CERTIFICATE-----\n", + "key": "-----BEGIN PRIVATE KEY-----\nMIIJQwIBADANBgkqhkiG9w0BAQEFAASCCS0wggkpAgEAAoICAQD48qS/ml/a0OoI\n6lpHbGLm0fKFZN1XC+K2+MztAbbVNMomtJgfogWMdEo3NmAXk6T+o9id0x25rVPP\nhYekPRpqdHoCYhJUjcs1WXC2kXgovtj/a2K1oKs/S/EMywdoTgYUN05/4i+H5IlN\nJT/r3iPx7rZs2F0IXtIFnTLYqea1ZjscLqTed3YbqTgFuHDgdOXARIptt5phtoOS\niD2dUKINhcrTli4HFS1+UMkVMJElpjw82hQP3OAR86RdMuAfRn/6Y5FLwGBdrg+u\nAmS/3cZOfvvQ5R+5Q/A3+SH95Z3urHMZSi3rOG9Wnr4A9siTUhEJxQXczxoeo15h\n5KWlkGzGPFs23Ptx1lCH2L6vWDEF02ZJ/QPpRfH05znmOYG6ZmMv9GWvXtU/mHT+\nWdnSPZz4upFnIoiJE/Wzi+P3LxWBWajKKm5qIl1tF+Z7O3Wo3raOt0U/0g6LNBTa\nqcFcpXLBHrEDN5zwFoD9h+C+XDmLdDgwGPx00OIF/eNks3kvftKbRgnce6cs5+De\nuV7WW03/zap9GVsMuWgHto9jwNf11FCe1SOV/VWx+9W5ErZjMAcEpIo5Hi3iMLOB\n3t+jMJuWUEj6J3eBjEIu0b4cNVYrtI61vkft1c72Galv7nFIWPCv70IeI1o7SAxP\nK8sTsXtVHqk4StoVUAv+1e6rigV15QIDAQABAoICAQCEecL3/zOBIulXwzY1idT7\nlb+kAq/SkY2c5rtOaDoeLRBiFnpZYwPm4T9ZMENkaHpF03UDT4Qi+bx+00UCPk3f\nVopS2FN+0VHQ2v6i+LhjnmOlUETf+FcIwOXOdABGHjcX7PKGFRxMCW6TMf5ZCwY/\nyVMkiuK/AI5s1GFpcMhHwdY0whGUHSgpwhwA10yh9TMJ5K9xgWHTG6fag0ueenky\nDv+HJwTpWfiynlTTRNwIl/S4QSip5FUM2IWf3uHrYr3ZxcBc+kuNroHDjJyGiYLs\n5KAmYrdGBIRBlP7kuJsZloVNcO8MnCSLiL/9jVXhJ6vPchwTi9YPdcpU97K6byei\nLWlrtwRd1tLzgH3bBkJ+BhAzKiCwd8jYaBuAK3jFK7r9mjy1niBAbLhsbc6KZrK9\nRQUegurjmpyoi5k2WyApgWs3cMCXje/0vuDPvMwv3+vWXsrlL8dGwsTsMaLrwbxX\nE6KXYz9uO1wL+Jy4cOp2WOGle1cCHrewEYB/VGs0TBTNSz8O6ebR9g4ucFwnFq/7\nd9mRRDef5+hF7vwaeG3FGDgXJcqf99TFpj1rXukIrVxhjVX+hNvegn4UhZ/FJWum\nEtP5MOs+hzq3+bgAlSyeaNqqPmM6r+R7Zl/OrB3PXmdrYStTP3NRTq3hrBIGDeVz\nqaRH8eBwAFPud0A6hPv0AQKCAQEA/9yTXvaugYTk0uvVckwBQoFgzaRIJXV5tpui\nKsY1Pxn6OfsKqTVvfW73yYErwglDK3rGrLY5jDk69BSywdhW9vQl/q290xMJyGeb\n3EsYEdlSvP//npgM7UJVVyfV6bhUY3CiMt1pjyFkdriiKh5kEXB+wT96oyxHRzLP\ng224DS2NGOfkW9VMLzTtJ/W8bfO2QG9FULnEgaSbWRzLgKaz3CH1DQOXKiJdBCBm\nVbprVt7hz7K3a4B8xuANddt4YnUfiYod0LabMClt/7yE/dGw/fX7UyHKzrxPAVt5\nBE9PaW7a8UUtp+i/oi6aqibw2JBMxeGgNse+owFVCMDYTKc65QKCAQEA+RUcVBEp\nhFdnqCf9Zzc8mWwVpOGh9dIqXS7fJ7wUpFSKieaiBEdZNi8771jn3OGzyMgpB66D\nuY/GCm7wL0RAeek3CjaxAPazgbj5tlt4b7NeiDY7diIcOM3nZR5z2yb2eAPR1f2Q\nW/luLdD2m5FZQxV0kiDXZrmbjv7bE8Pn9uGn4tRdQTL0+2kTSywbEs2r6IZefePL\nIbuzx2SQTe6cA/Zhgg3hfS+5ZJbmUQvqLWc+NMr4WdUXQ4TYXjV7fZyc8YaQ9cZj\nIzD5sPtA7Y96fVUx4oRJGhdCqcqxqFJSGz5QzrIDBqT4lzLFh4Xr9KWUe88XfICM\nvY7rKtTUogKfAQKCAQAfKpAs/iFtl3GEG8QJQybYIghXpE5BedjUnIqZaUFtKU3o\nqCK5T8//2HeIbRqWbShocHEo8p157jK3LppDsIWPWVgTeLhpsKT9a1l58Q/ChNVm\nPky11dGlSPI6Rpjw+koVPtATIBNOowOozn66YK9RzIE0KvZWT/tyuca7PK8xs72/\nLegMI6Q/D9RfjLhiMFCf8q3f0nEUVaeyqCZFyoiYJO7Dog9Uy5DHAudUQ/v1PfsF\noMBk8ObCFuKs24oDfD7WMyPEm6m1qSZEA4Ozo0pK9R6jFresjRWWlbzdAIgs0JsM\nzp9sF5bYO5MNbObjilg/tmccpSIcmvnvsgXm+GvdAoIBAQCEPz0nNWWBqpaSpYjZ\ngG5gVw622EWRquBrUTOSeT3MckaMKTPkaa1oI3QDBIU2tW8rL3r5ZSLzJu7TI0vL\nDMXe9IAQoDEifdmZCokq1S4AwI90arbvZfTuBATTn3OL7Af4eK60m0hGTQy+rrAA\nsQ9fmsilvWIgXHPHXHEc8Wr7nZvxxycsMs33njZsNyK4vRKFBrKszIFRi8NMHoyv\nk/yp7eqfjpcmTGx2h9gJN/ZB3QseJJXvvD/5zVLD0kmay8hYREY69/Yy/RHVcdFr\nUD6MxOsThYD6pVbzp3bkE7EcXd2xoLoSkQyb2o0eA3DgF/naMn4Z0HbpPjSGLTIo\nQpQBAoIBAF8VekmSHpdQ83n5e+qh11niQqAMgUGTx+ysZLJpBOd7mCXF2x1CTj5X\n1G1QKK35H5Pfk12n7qQ+Kokqxs4l1oD31EIkpWbKVW4KUkWIaA5QAWSwjfKb+WyP\npHyCA0O+67JBqSeJa5+VIVaxtpXCDKc6L3Vp+dkx0zzcb0jFTcyIQWGea3JtB29Z\nvsOs4wVJtWTr0yiwhOS0rq/jnhjEcdfUWqvkt6nZ5djGIi7WP6biT3DTriV+1TSP\nlD5H04K2KGKYeYJeQoeGicOKBU77fmth/IlceEv3HiIrNaP1/xHZSGjdCbhPi8q8\nK/noZDwAYuMSlWygyJgv+nGkI4P1BV4=\n-----END PRIVATE KEY-----\n" + }, + "immutable": null, + "kind": null, + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:42+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:data": { + ".": {}, + "f:cert": {}, + "f:key": {} + }, + "f:type": {} + }, + "manager": "manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:42+00:00" + } + ], + "name": "test-cluster-ca-keystore", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1356", + "self_link": null, + "uid": "092210cd-012b-4880-8be0-31892909c652" + }, + "string_data": null, + "type": "Opaque" + }, + "test-cluster-keystore": { + "api_version": null, + "data": { + "node-keystore.jks": "/u3+7QAAAAIAAAACAAAAAQAhdGVzdC1jbHVzdGVyLmNhc3Mtb3BlcmF0b3IuY2Fzc2RjAAABjeborQAAAAmHMIIJgzAOBgorBgEEASoCEQEBBQAEgglv9f5XKDWJsPMHaGZN9azx/zCVpVkEHO1IR+xJaay0NjuPlDn3Ffjy7zqOyTV/s+xIFNJJKokZPeJl4QGfxG1Odb8CCgVFnO9Msugy3DbrIDaIAmH0d4Sl9MyTxuGJxLX0ZhCqlBwwYjHIG3W1r+sQ1nz1nyjErTwmmbkF5Mgnqqt4YE9Zvyn2eTakG1FNXX+8M3c8wZyzrgKModYK+n5DPu70UkM9OSzWCA6tFige34NGkbCKm04Adjix6OP6xkAzG+KOrF7Pd7dVRUsdaRbEXsgq1sjzI0DCqo2RnTQc0O3FuzoP1rxywO2wSS8UYs/bX7CZXivnaoIVmPDuzzboiGUgpIiTMjOyzGDWkecIc7XU+aDJWEsKh2Ws98qflPMkU5DxQmtG1SQAjmNsz2irBJSnjOQf/4iEu/QA0GjL/4CAKukX2U8GbbAxYjVW0n/aH6fLHLWkmViqVFjkOX7wBV3bU7CU1cSBGz8Vqo27lgBQpHgKURnvxV9wIYHdLOD6ZOPAIfEErQpqkHApQSt1RhtQV/eI4BXig+z2B+XAY/re41wrwEkgAxklFg/5pK2T9ZnIxxB9py9kaBbg+WSc7acVuFAhI7IdTXNb4kVxNdEV0rxwCP1zZOZn3dClq1MtwiZB9/t+oAGfT5K2kxpRPTAck8NRKxQvsNgFrIqjLe6zJgTWKGUWe9Y1PWvBz5P6+gCv76SGUg7cm85HmhLJBIpElORGIK5O7GcrCqseZDqi/SsoW/e2m3+VWQRjPPexslcVnRVkIN+djPp22UVyAh1ebd1YlgioIVMkvCyuYKgQlV48VvfkPhY/iNtfy8+dH0mwVT1eHw6C6Dt89Cp5XOYNesBcAqOdIZmPNfWZyQa2BwnT8TjQeV6ojxx5WB2fMMruXDLTB0a9vTH5Wd041dJNm64KbtJCGsa9zsm6zePvvU0/K6FxBYAqTGAlzzju5M3oUh0MPgcAKptRbAlPl3C2b3yS5ydnfFX6UKu78ph46XP9MiGw6Rti+YOK5QQOTPzcPvaLsu27LMdYR9nO9epZDHoD1HfLNci3TVBQY/1AbyCArpAz6lgvCPZ9o+JuI890X/mH4LDRO2+1DwTaPb/QcaV9bng9Lw0pcdnbUezIR/xFIW+58tmg+gqe8EaplRa7yaGVitDhTQF2Kq2wl9dqTVzgDGqNcuBCpT6BAAQKv9jeMb3KCqXFwzGPJLCzsN26vz/R5GnSIADSsnxWf1egqr1wKdSG9BnFkoIuC55PvEMVrUKKpVbT0Jmk8/8F3umhSUGh/MNtUN4eqClm8VhZovXpj+bRvY4RQ+NtVStA7HhdO7Tj7lDY9pVlKKnRkEok2h/2r1WE0H/aSFxzU2v4xyy3hEDGMXga9CTIxTGHDEUwDC3SEHzCIYIyL3zur5dFM5W2RYAggNwWyXIn7z6ux0M72tpkdCLNCBH86qE1fnAoqRaj/ZWl54WU9qQqEcKeZjy8yF4CSdtSuVOdvYI/AU8py2lRYUDUl+hSemPUTpv2SYRhqGxCw39Db8mUoLZjKs2/wANf/uV5JWj7hif9T8w1AwxHUXTgu+IurmmWCuqBkEXiuekpNpNi/SMxhmyE/0OOXAGGViKa8ionEPek1GFXGSTnEg28IMakDxn1sw0b7pbMBazq2MGI3z8GbUvTmKA+qAK7dSjCIN/UyEBVt88FJOGZFngAEHJtf/YgYgN2OiMqwvrEpR6vjOAAwrdpgSl2rR2UOSG6XA7204qr8lM6oabNUC1Dj9OtrCjHtE4RFwlb+aOK8XHkxDKievVBI453h8tjcAiEQpm4qVFP9WyiHvpJ+Z4QTp9GfQP6etYC2b0u/UtUgrhTWgceAk9SrfYdNaOxLdHCKKXernC42MZar6fLNa2Dicm9x4ElI1p44x/pgrgQsvz0IbtpHgradj/D+e+3awJnYVRYnayH5JkWlow9gi3/hUEq5Eat577z5PlFrEEwq2CMPNNzzV2bsfJjBs/7oHsv7VEZYF+OJ97mEMDftgfGts1gkeG4HyA4dAmA8sxIsfT2ukLtGLvqUtafQSRqHwOWPfVznU7ddi9ApbIty9VjJ/NUKicr01M7E5Ba8CXcKixrwRDjR+cvn3fzcFtAewIjK1z60LLD47q+2gBNtz78O2gi/oqKJOtw3mGWSsFLAOmGgzDf9EO32atVQZw1uNceC2+beP9CsI/26bxH0/U3zxXLuYrdDGxEwSgRY+CWRAMyz7czva2QVMUXfVq1gTEz0ZauZfdaGEizDexoFM+sXH52ZGjXeI+jhQGIjPtdJ5cTCgzcOpwjoHDFXxHzVH5QBk3TJOnB6B1X7PtcrmgexOq0IL7g7qQ5zZlgpwc9Dm6Rbe0Iqo+N6XN8QR78qdrht5/PJs94RzwjuHyHYBbzFASBogR52Cemg+/NkHfb3Ct63roTJyzjdzT+Tk6jQXXSdvvffVcAnOTDkTC1v/TaHTrbT10P5frX0n9UZ9XFbdfQG6ad64px8DbLKs9b4utbvyB3CrE5UGrEyFIWc2FnN+OqAMj2f5RkxEoelwRlIKZZDDFIUbLnz4RZ6feZ5VW9Of/YddGOH4KkMiELY4Ufw5xl//7v53MoKB4NU/LVCxF+m7CdKCsNEYZ3hGzrlpeh54EB1VkiG2Y5t6gy2UCcGCWJSbdi9/sHsWkANt3yPpz0J4FIUtnF17xFWMYSt528Xn6bIpQaIEmLZzM+6c7QaOzISMWKmtosuUdH0xK5F3T/4EoHVZnDEOnsHc0qvY0gfyxkxPq0TWFM2dGDzbk6EZwXLV0wiYa+sZO4JYvRPpzrjER7W4xgPgrGbJHXml9EsbXTXILV8A2ywtoOFDt9Fws8deZrQWuNwhMcp70/Uh1RMhZIyIuJ9WJZV80YSzdr2K8C7pVDPfimhTZ9fMgstMe/vQanfMIDgFA332j4X3XUuCRq/hAJ9+mzyt+RqVt+BKlhsbUmKkc34FZNGy8nAN7dLawLdJ/yFPavH6NKWuAO9GajgavBlFyRIlICDwf5zhKOKqDXLjzS+1lDRktwWQHWLQ3P5NuO9U4uLTvFu9z4PvKwqmoXc95BGHc5c8NgkQsb4EMv7T9Ln+fd2ztI6s+/VAlGbvlk9i9KQjjKJtDCMX90AFOQ9f3HlltDj6ATn3wKipwTu2APB77oZYG7SuZtEkhpTBT+ORJXktkrnZrIUMptVWsI7z+ipZa7ko4ASoRNAAAAAgAEWDUwOQAABd0wggXZMIIDwaADAgECAhAMLNdBce6CO4Xx9KDqtCYPMA0GCSqGSIb3DQEBCwUAMGkxMjAwBgNVBAoTKUNhc3NhbmRyYSBLdWJlcm5ldGVzIE9wZXJhdG9yIEJ5IERhdGFzdGF4MTMwMQYDVQQDEyp0ZXN0LWNsdXN0ZXItY2Eta2V5c3RvcmUuY2Fzcy1vcGVyYXRvci5zdmMwHhcNMjQwMjI2MTkzMzQyWhcNMjUwMjI1MTkzMzQyWjBgMTIwMAYDVQQKEylDYXNzYW5kcmEgS3ViZXJuZXRlcyBPcGVyYXRvciBCeSBEYXRhc3RheDEqMCgGA1UEAxMhdGVzdC1jbHVzdGVyLmNhc3Mtb3BlcmF0b3IuY2Fzc2RjMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAtmr114IYH9WN6qSrBjSIuP3XP2m4vxpLw4Sl7u8bV19BeidSTiWYGa73fqAQ4uYSKfHWHrOdmy0s3C3A8FM1C7O3Z22yHIVlBVeBA2zN0Gl/E7m9+/qsviT5PwolT53MoqfOIQPV7BWsSdBe2QBJQmHsCj6dfPoWWqUab16dkq9mYLzBeANvu01R3YyJrKPk/Sg4s3kPryOcrH2B6si384ZnVCkupDp+S98rOotw5pW9wzpFGX4/Z1X8uq6o0FTVdL+K9y1i+ZroUaYbRDpwTc6lTVUN5CHCjFXuyavBYy1Rb9ugSehhBOCVtZkXNzln6RGVrG9Ae77vfaZlaK2vM4rDSC9oOQ67IYAQBvjuwea5zpR4NloJ29hgStjClHrXqzt6YjKEiC/JJB7E+S+ebqVw+1yEF5XhQ0mPo4prPA5eC7XWmarNTABvDYdid/95CwN263bLSQwjAWe9IM0M7sKg/9M6ibkBR6prc7CkaFSyiKdBKUSivwpCdnmpCdaQNjpgTEKMx28iJKQuK0jZZtfN/FiaVIuCIVU/1sgQpgX5RcG6V/Op0zeduoR+AryXYnAGCVQPYlZJ4hVKGiSvf6kXGtOLOOtsWebGVgjOANpdZqu97Jb8tW9xT5Ao7SiuXoY6oa4nneB9zQoG/YcgGfuuxz+jX6uMjRP1JAifF3sCAwEAAaOBhTCBgjAOBgNVHQ8BAf8EBAMCBaAwEwYDVR0lBAwwCgYIKwYBBQUHAwEwDAYDVR0TAQH/BAIwADAfBgNVHSMEGDAWgBSooaaZVk47wdd2FUf/qySFww8kpTAsBgNVHREEJTAjgiF0ZXN0LWNsdXN0ZXIuY2Fzcy1vcGVyYXRvci5jYXNzZGMwDQYJKoZIhvcNAQELBQADggIBAF5sL8ARkf7L5VIZY0J4LInw3Ete126ljRPIF7MfuRJfzWyqrzeCNIdMKkW58OzVjJ8dhOFhf8wCZTJbrNmIvnOYo0CJgPq6Ko5Ie9o6BthSx9S8BgoFFO6F89FPOPjAMf9rUMHJef/E5uPC4WaxfTlkxzbbxuyZe2do2RtXkY5MmkQka4hqpptb4uc13ZtDqc9lP9fehB5dSplIyVbTc8JH/CSZnj9E6gSYKQSUgZAWtLPHduB+SDxLJ1Rz6iQiJrrjiy7RXgkRYzyDZGejh9lUh7F+kE9+9k9r8/8tBjbIFo91kZTcm5wxdZhhXQmIiGWaOFacaqJ+TVhR+vwWc/VRVghmzMe0Xp1tmXOqsZE6H7P8sAdpkWou82/nhlPf/nq4VPy2JtR63cmFHM03RlUDviSsdJhN/yINdxXNV8iqfvsVzzuXZ8OHF/1lV61+iMZkz6HAeh07Ojk4zLpOJzOn756BfOjilUVkWx2pDMHsObW/YhW1wckbjyIuBtqqAnSHl68AUjojyhwJoQr2erZtSKSL96T6naDJFJaSjYvxDg748hyLXx2sc1dwU3hXzoqiQyrBedviY6kqZuv4eKxFas0nBvctmiDO/fTV0sB8PXOMryHDdYQgQKnKmECOj/clALF+r48a3i89vLN6VcsC2QHgrPQZauZqi87ArHVkAARYNTA5AAAF+zCCBfcwggPfoAMCAQICEF9fv5nBHzCQQ8kVfLHlFgIwDQYJKoZIhvcNAQELBQAwaTEyMDAGA1UEChMpQ2Fzc2FuZHJhIEt1YmVybmV0ZXMgT3BlcmF0b3IgQnkgRGF0YXN0YXgxMzAxBgNVBAMTKnRlc3QtY2x1c3Rlci1jYS1rZXlzdG9yZS5jYXNzLW9wZXJhdG9yLnN2YzAeFw0yNDAyMjYxOTMzMzBaFw0yNTAyMjUxOTMzMzBaMGkxMjAwBgNVBAoTKUNhc3NhbmRyYSBLdWJlcm5ldGVzIE9wZXJhdG9yIEJ5IERhdGFzdGF4MTMwMQYDVQQDEyp0ZXN0LWNsdXN0ZXItY2Eta2V5c3RvcmUuY2Fzcy1vcGVyYXRvci5zdmMwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQD48qS/ml/a0OoI6lpHbGLm0fKFZN1XC+K2+MztAbbVNMomtJgfogWMdEo3NmAXk6T+o9id0x25rVPPhYekPRpqdHoCYhJUjcs1WXC2kXgovtj/a2K1oKs/S/EMywdoTgYUN05/4i+H5IlNJT/r3iPx7rZs2F0IXtIFnTLYqea1ZjscLqTed3YbqTgFuHDgdOXARIptt5phtoOSiD2dUKINhcrTli4HFS1+UMkVMJElpjw82hQP3OAR86RdMuAfRn/6Y5FLwGBdrg+uAmS/3cZOfvvQ5R+5Q/A3+SH95Z3urHMZSi3rOG9Wnr4A9siTUhEJxQXczxoeo15h5KWlkGzGPFs23Ptx1lCH2L6vWDEF02ZJ/QPpRfH05znmOYG6ZmMv9GWvXtU/mHT+WdnSPZz4upFnIoiJE/Wzi+P3LxWBWajKKm5qIl1tF+Z7O3Wo3raOt0U/0g6LNBTaqcFcpXLBHrEDN5zwFoD9h+C+XDmLdDgwGPx00OIF/eNks3kvftKbRgnce6cs5+DeuV7WW03/zap9GVsMuWgHto9jwNf11FCe1SOV/VWx+9W5ErZjMAcEpIo5Hi3iMLOB3t+jMJuWUEj6J3eBjEIu0b4cNVYrtI61vkft1c72Galv7nFIWPCv70IeI1o7SAxPK8sTsXtVHqk4StoVUAv+1e6rigV15QIDAQABo4GaMIGXMA4GA1UdDwEB/wQEAwICpDATBgNVHSUEDDAKBggrBgEFBQcDATAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBSooaaZVk47wdd2FUf/qySFww8kpTBABgNVHREEOTA3gjVjYXNzYW5kcmFkYXRhY2VudGVyLXdlYmhvb2stc2VydmljZS5jYXNzLW9wZXJhdG9yLnN2YzANBgkqhkiG9w0BAQsFAAOCAgEAeZqyQQiVtWMx0n3u4eDh726iVYiHBA34Xc+N/uLUYXktfrei6e/CwE+xMbFc23u3XvqiYEFWhvEcF00tJhpqMK6m9cUbyDOp2LzT+Tbqy+zvfPIMEKWRaycMxn7Z6kLq0wERj0xbSJJuoEiTVx9ha/mpjvAj0075Lx9kbdVTB27JyPPzdEw7CrOKIWGEH1D6fhf4U+hD6UlETDhmtM7GmFeaGZ71Z8Uj5/NBwYVwTQTgNA4e2cKlwogJtS+ucwfByHvXx8U0TBXO3J1Tqpwgw0q37t8kb4+h3Bqo1/PfXvUg5JVukabqb0YSXmVt2vV6B+aDM2HH3UChZk8IRq9/UzAn3U2zRMhkJhLSYqi3oHXQWBrg5tSjsrOHE7mpoaF6PDaEDf6faFcwgalWrL9XxEdNX1/g6Dd5VlFS/V2pas79SmXfMHCQfVSS9nH1oO/wyPGXEpPyJcxHp4JQee/CoOb0woHAjKWG485CRl21g+PWf42dqcadEbSiziFtHHcxE8cCKYi9L33sid0YvCiorGbJAZr5qIP/hksmgnjbBTFPYM4kcV373c3fT9HQvRX0ooJv7kNhR0lmlQEsGeDCoO86M7Ax6wB2T3cH3pZsgeHJ7TmmFCEO2DA7ONWwlPggcDyzXOeGPYAvh23wXoTN2bfF3+AokO/9citKbbYi2kEAAAACAAJjYQAAAY3m6K0AAARYNTA5AAAF+zCCBfcwggPfoAMCAQICEF9fv5nBHzCQQ8kVfLHlFgIwDQYJKoZIhvcNAQELBQAwaTEyMDAGA1UEChMpQ2Fzc2FuZHJhIEt1YmVybmV0ZXMgT3BlcmF0b3IgQnkgRGF0YXN0YXgxMzAxBgNVBAMTKnRlc3QtY2x1c3Rlci1jYS1rZXlzdG9yZS5jYXNzLW9wZXJhdG9yLnN2YzAeFw0yNDAyMjYxOTMzMzBaFw0yNTAyMjUxOTMzMzBaMGkxMjAwBgNVBAoTKUNhc3NhbmRyYSBLdWJlcm5ldGVzIE9wZXJhdG9yIEJ5IERhdGFzdGF4MTMwMQYDVQQDEyp0ZXN0LWNsdXN0ZXItY2Eta2V5c3RvcmUuY2Fzcy1vcGVyYXRvci5zdmMwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQD48qS/ml/a0OoI6lpHbGLm0fKFZN1XC+K2+MztAbbVNMomtJgfogWMdEo3NmAXk6T+o9id0x25rVPPhYekPRpqdHoCYhJUjcs1WXC2kXgovtj/a2K1oKs/S/EMywdoTgYUN05/4i+H5IlNJT/r3iPx7rZs2F0IXtIFnTLYqea1ZjscLqTed3YbqTgFuHDgdOXARIptt5phtoOSiD2dUKINhcrTli4HFS1+UMkVMJElpjw82hQP3OAR86RdMuAfRn/6Y5FLwGBdrg+uAmS/3cZOfvvQ5R+5Q/A3+SH95Z3urHMZSi3rOG9Wnr4A9siTUhEJxQXczxoeo15h5KWlkGzGPFs23Ptx1lCH2L6vWDEF02ZJ/QPpRfH05znmOYG6ZmMv9GWvXtU/mHT+WdnSPZz4upFnIoiJE/Wzi+P3LxWBWajKKm5qIl1tF+Z7O3Wo3raOt0U/0g6LNBTaqcFcpXLBHrEDN5zwFoD9h+C+XDmLdDgwGPx00OIF/eNks3kvftKbRgnce6cs5+DeuV7WW03/zap9GVsMuWgHto9jwNf11FCe1SOV/VWx+9W5ErZjMAcEpIo5Hi3iMLOB3t+jMJuWUEj6J3eBjEIu0b4cNVYrtI61vkft1c72Galv7nFIWPCv70IeI1o7SAxPK8sTsXtVHqk4StoVUAv+1e6rigV15QIDAQABo4GaMIGXMA4GA1UdDwEB/wQEAwICpDATBgNVHSUEDDAKBggrBgEFBQcDATAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBSooaaZVk47wdd2FUf/qySFww8kpTBABgNVHREEOTA3gjVjYXNzYW5kcmFkYXRhY2VudGVyLXdlYmhvb2stc2VydmljZS5jYXNzLW9wZXJhdG9yLnN2YzANBgkqhkiG9w0BAQsFAAOCAgEAeZqyQQiVtWMx0n3u4eDh726iVYiHBA34Xc+N/uLUYXktfrei6e/CwE+xMbFc23u3XvqiYEFWhvEcF00tJhpqMK6m9cUbyDOp2LzT+Tbqy+zvfPIMEKWRaycMxn7Z6kLq0wERj0xbSJJuoEiTVx9ha/mpjvAj0075Lx9kbdVTB27JyPPzdEw7CrOKIWGEH1D6fhf4U+hD6UlETDhmtM7GmFeaGZ71Z8Uj5/NBwYVwTQTgNA4e2cKlwogJtS+ucwfByHvXx8U0TBXO3J1Tqpwgw0q37t8kb4+h3Bqo1/PfXvUg5JVukabqb0YSXmVt2vV6B+aDM2HH3UChZk8IRq9/UzAn3U2zRMhkJhLSYqi3oHXQWBrg5tSjsrOHE7mpoaF6PDaEDf6faFcwgalWrL9XxEdNX1/g6Dd5VlFS/V2pas79SmXfMHCQfVSS9nH1oO/wyPGXEpPyJcxHp4JQee/CoOb0woHAjKWG485CRl21g+PWf42dqcadEbSiziFtHHcxE8cCKYi9L33sid0YvCiorGbJAZr5qIP/hksmgnjbBTFPYM4kcV373c3fT9HQvRX0ooJv7kNhR0lmlQEsGeDCoO86M7Ax6wB2T3cH3pZsgeHJ7TmmFCEO2DA7ONWwlPggcDyzXOeGPYAvh23wXoTN2bfF3+AokO/9citKbbYi2kERsiTgKA05ZI/7bOerd7z0t94fLg==" + }, + "immutable": null, + "kind": null, + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:44+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:data": { + ".": {}, + "f:node-keystore.jks": {} + }, + "f:type": {} + }, + "manager": "manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:44+00:00" + } + ], + "name": "test-cluster-keystore", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1365", + "self_link": null, + "uid": "709ecc89-6979-4106-9453-c2705d2de5f3" + }, + "string_data": null, + "type": "Opaque" + }, + "webhook-server-cert": { + "api_version": null, + "data": { + "ca.crt": "-----BEGIN CERTIFICATE-----\nMIIDKzCCAhOgAwIBAgIRAOO104KqbTj3LO7fzPyTnd4wDQYJKoZIhvcNAQELBQAw\nADAeFw0yNDAyMjYxOTMyNDlaFw0yNDA1MjYxOTMyNDlaMAAwggEiMA0GCSqGSIb3\nDQEBAQUAA4IBDwAwggEKAoIBAQDU6NBYegOBz49CnCtwkfFrsg/xqOLtVvpKgiLT\np7coBseJydpxoepKDaNKqjcl9dzq9ckpRrNFjwqYbOo5qB/z84npvoqEZzdEFRCy\n17+liPLqzW7S6Hpy7Gciq6ytkl/UwZ2MN244alGyN4Jv/2yJ+9X5N7R2f2V2Iyg2\nz9XIjmQxJOoc28KbC9y4TXHNz1Yxpg+d1W+RhIvtSbWm6Fj9brpF854kPjSIsLI5\n11DmLO6aLXcmiiKd+wbuvv2fubus333sqQbKaIeHNPZpCoPfp54lgOcG8eN+sNpf\n9rcgJzND8ZJ0Q75EFSkdLZ71wZLchYxGiRhIEThKaAkJHs8DAgMBAAGjgZ8wgZww\nDgYDVR0PAQH/BAQDAgWgMAwGA1UdEwEB/wQCMAAwfAYDVR0RAQH/BHIwcIIvY2Fz\ncy1vcGVyYXRvci13ZWJob29rLXNlcnZpY2UuY2Fzcy1vcGVyYXRvci5zdmOCPWNh\nc3Mtb3BlcmF0b3Itd2ViaG9vay1zZXJ2aWNlLmNhc3Mtb3BlcmF0b3Iuc3ZjLmNs\ndXN0ZXIubG9jYWwwDQYJKoZIhvcNAQELBQADggEBAHfVgQEXhr9+w2lxRydmNqBu\nbOEhAB87lzlO3blIUUpQW6htBUV/Iu/eCysoSF/hTV5iI4hIvCWCwClPZ0FMEi9b\n+u1qqo589DqS0EjJZ617ODY9lidjUXUjTt/mXd9R+IvwkjKEcvQkolPARNzy/EtM\n7gdTZTXghmu58q3kWeebV86lfSivhpqY6RzqZbe/w1S100Uv68tdeEeb31YXf2fU\nUBZ3ddIiKcl7YGMIN/712ujhiKuCh0K7WnSH3Z9yVYW8ce8RLRuMqAywvzY2GYy6\ndTzvQwrosLw3jrObz1Y8E+5FkRGyRwvY3N52Vlr7H8QVrRsAMLcD4H4U0P/kvmQ=\n-----END CERTIFICATE-----\n", + "tls.crt": "-----BEGIN CERTIFICATE-----\nMIIDKzCCAhOgAwIBAgIRAOO104KqbTj3LO7fzPyTnd4wDQYJKoZIhvcNAQELBQAw\nADAeFw0yNDAyMjYxOTMyNDlaFw0yNDA1MjYxOTMyNDlaMAAwggEiMA0GCSqGSIb3\nDQEBAQUAA4IBDwAwggEKAoIBAQDU6NBYegOBz49CnCtwkfFrsg/xqOLtVvpKgiLT\np7coBseJydpxoepKDaNKqjcl9dzq9ckpRrNFjwqYbOo5qB/z84npvoqEZzdEFRCy\n17+liPLqzW7S6Hpy7Gciq6ytkl/UwZ2MN244alGyN4Jv/2yJ+9X5N7R2f2V2Iyg2\nz9XIjmQxJOoc28KbC9y4TXHNz1Yxpg+d1W+RhIvtSbWm6Fj9brpF854kPjSIsLI5\n11DmLO6aLXcmiiKd+wbuvv2fubus333sqQbKaIeHNPZpCoPfp54lgOcG8eN+sNpf\n9rcgJzND8ZJ0Q75EFSkdLZ71wZLchYxGiRhIEThKaAkJHs8DAgMBAAGjgZ8wgZww\nDgYDVR0PAQH/BAQDAgWgMAwGA1UdEwEB/wQCMAAwfAYDVR0RAQH/BHIwcIIvY2Fz\ncy1vcGVyYXRvci13ZWJob29rLXNlcnZpY2UuY2Fzcy1vcGVyYXRvci5zdmOCPWNh\nc3Mtb3BlcmF0b3Itd2ViaG9vay1zZXJ2aWNlLmNhc3Mtb3BlcmF0b3Iuc3ZjLmNs\ndXN0ZXIubG9jYWwwDQYJKoZIhvcNAQELBQADggEBAHfVgQEXhr9+w2lxRydmNqBu\nbOEhAB87lzlO3blIUUpQW6htBUV/Iu/eCysoSF/hTV5iI4hIvCWCwClPZ0FMEi9b\n+u1qqo589DqS0EjJZ617ODY9lidjUXUjTt/mXd9R+IvwkjKEcvQkolPARNzy/EtM\n7gdTZTXghmu58q3kWeebV86lfSivhpqY6RzqZbe/w1S100Uv68tdeEeb31YXf2fU\nUBZ3ddIiKcl7YGMIN/712ujhiKuCh0K7WnSH3Z9yVYW8ce8RLRuMqAywvzY2GYy6\ndTzvQwrosLw3jrObz1Y8E+5FkRGyRwvY3N52Vlr7H8QVrRsAMLcD4H4U0P/kvmQ=\n-----END CERTIFICATE-----\n", + "tls.key": "-----BEGIN RSA PRIVATE KEY-----\nMIIEowIBAAKCAQEA1OjQWHoDgc+PQpwrcJHxa7IP8aji7Vb6SoIi06e3KAbHicna\ncaHqSg2jSqo3JfXc6vXJKUazRY8KmGzqOagf8/OJ6b6KhGc3RBUQste/pYjy6s1u\n0uh6cuxnIqusrZJf1MGdjDduOGpRsjeCb/9sifvV+Te0dn9ldiMoNs/VyI5kMSTq\nHNvCmwvcuE1xzc9WMaYPndVvkYSL7Um1puhY/W66RfOeJD40iLCyOddQ5izumi13\nJooinfsG7r79n7m7rN997KkGymiHhzT2aQqD36eeJYDnBvHjfrDaX/a3ICczQ/GS\ndEO+RBUpHS2e9cGS3IWMRokYSBE4SmgJCR7PAwIDAQABAoIBAEW0MwHEcIF/Qpe8\nKTyhiziHA1FKyYCKiUb7dAt3TS99iLZDr5CkQeActukq8QMsizchYMpyqx6Kxh1B\nCy31LQDhKrWr/A18/Ur82oqyt7uqKl1VBINoOS6G1v0y10W8NkOhX8MYIq21oSmH\notyn8xD5sgP1iM+CxeT3faL0SDlwS8ZhgyDeU0YzW8BsXwID8HQHjL/O2U+kst2d\nhdieDLl/6wuoqrq6rw33aSrfE2VWNWculaZ7MMq0DAOkoih4SAhSXjUc0bDXxXS8\nDZC0pGHJXeb62yr420qoq0XJbzLDFA2VOMLd9AEh977MxHSaCTRZA65vY6EicZQA\napYc0wECgYEA4VlZ8AJvA8V6tnz9RpnGzIj/scEDUu0JspM8w614dKvd1bH3ySsA\nbvWVKFfMFZhJ98FvniX2oVLuohYguJYjeO6w3CG8qEmka6PxUBwWVUQXrFcqGvM2\n/MnY8n0Cx6O3MwAtvxLq4hQrtoawmhbPHjc4q8TfiwkLeYBjV/yRftkCgYEA8d5Q\n4H5wtHi1lqDGudOXr1zEI1vSxEXQ6oFfLsyHTyJDJDOIpEDD2/92g45Ujw7GM2TQ\n+cbp5aMwAzQNfxs3YFNX+trT2jxPZHjp5ejlCkJwEUz+Yj9mENqYQ7qdx3ElqKH1\nxDPVDjbnbsK5Tik54Rj1665L/Cd4EDo+viS1SzsCgYAkFWifU+Ru2CpEGlN8AJei\nnLVEw0FDAA2zeHwcYSSOmg6Vbz/cCHSzT8OoiBZ3xsDhWSoEStPpFRx8+8oVhIT9\nkkrjlMterxwS2FeFmlnBIXwg7nwhgJxncfK5MWdGjGKDWh35IJBXzx8IxRx2L/zO\nO81pQ8b/vl0GAZbmudyaUQKBgQCinveB+YGN1htBy5fSGZJDNfwqSfLMRKTTB2kX\n7iyL6F18WanlxiXqJTlp+qigBy78Hyziw/s/ixkdDkKE06fH/EGLSNZoRWScCTA6\nhPx6iXEQMNRY+oeFjXQTFcY/8rN/TmYQJUl65S92KTaudsmTr1SpwecVAvSW9JJ7\nBfNfQQKBgBlQtuzoL63QXunf2MS9+gLbWejrJpD1gtFcx220aYmo4I5iWylQWuIz\nZPUEbqzhO1bSclQUvkMnNDRZas2w1HGbIhbeqhVKAN+vk4xo/kqStdAkLoyByMVv\nGAUehndHgd6d72Sg/PT4prhWAtVrpriQ6i0pP6l6GY7bmX+CO9R6\n-----END RSA PRIVATE KEY-----\n" + }, + "immutable": null, + "kind": null, + "metadata": { + "annotations": { + "cert-manager.io/alt-names": "cass-operator-webhook-service.cass-operator.svc,cass-operator-webhook-service.cass-operator.svc.cluster.local", + "cert-manager.io/certificate-name": "cass-operator-serving-cert", + "cert-manager.io/common-name": "", + "cert-manager.io/ip-sans": "", + "cert-manager.io/issuer-group": "", + "cert-manager.io/issuer-kind": "Issuer", + "cert-manager.io/issuer-name": "cass-operator-selfsigned-issuer", + "cert-manager.io/uri-sans": "" + }, + "creation_timestamp": "2024-02-26T19:32:49+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:data": { + "f:ca.crt": {}, + "f:tls.crt": {}, + "f:tls.key": {} + }, + "f:metadata": { + "f:annotations": { + "f:cert-manager.io/alt-names": {}, + "f:cert-manager.io/certificate-name": {}, + "f:cert-manager.io/common-name": {}, + "f:cert-manager.io/ip-sans": {}, + "f:cert-manager.io/issuer-group": {}, + "f:cert-manager.io/issuer-kind": {}, + "f:cert-manager.io/issuer-name": {}, + "f:cert-manager.io/uri-sans": {} + } + }, + "f:type": {} + }, + "manager": "controller", + "operation": "Apply", + "subresource": null, + "time": "2024-02-26T19:32:49+00:00" + } + ], + "name": "webhook-server-cert", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1001", + "self_link": null, + "uid": "095a3203-e6c8-49d3-bfc0-05dfd4d04e3c" + }, + "string_data": null, + "type": "kubernetes.io/tls" + } + }, + "endpoints": { + "cass-operator-webhook-service": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:32:48+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:subsets": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:09+00:00" + } + ], + "name": "cass-operator-webhook-service", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1121", + "self_link": null, + "uid": "e405ae61-fa76-478c-9ccf-bf8396a4c870" + }, + "subsets": [ + { + "addresses": [ + { + "hostname": null, + "ip": "10.244.3.3", + "node_name": "acto-0-cluster-0-worker3", + "target_ref": { + "api_version": null, + "field_path": null, + "kind": "Pod", + "name": "cass-operator-controller-manager-7f9b66678b-z6j64", + "namespace": "cass-operator", + "resource_version": "1110", + "uid": "cb769fc5-2138-4ed6-a67a-6809b9982242" + } + } + ], + "not_ready_addresses": null, + "ports": [ + { + "app_protocol": null, + "name": null, + "port": 9443, + "protocol": "TCP" + } + ] + } + ] + }, + "cluster1-seed-service": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:30+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": { + "ACTOKEY": "ACTOKEY", + "app.kubernetes.io/instance": "cassandra-cluster1", + "app.kubernetes.io/managed-by": "cass-operator", + "app.kubernetes.io/name": "cassandra", + "app.kubernetes.io/version": "3.11.7", + "cassandra.datastax.com/cluster": "cluster1", + "service.kubernetes.io/headless": "" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:labels": { + ".": {}, + "f:ACTOKEY": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {}, + "f:app.kubernetes.io/version": {}, + "f:cassandra.datastax.com/cluster": {}, + "f:service.kubernetes.io/headless": {} + } + }, + "f:subsets": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:37:15+00:00" + } + ], + "name": "cluster1-seed-service", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "2205", + "self_link": null, + "uid": "7cc8c8ac-fd3e-4931-a465-36e3fd454685" + }, + "subsets": [ + { + "addresses": [ + { + "hostname": null, + "ip": "10.244.1.4", + "node_name": "acto-0-cluster-0-worker2", + "target_ref": { + "api_version": null, + "field_path": null, + "kind": "Pod", + "name": "cluster1-test-cluster-default-sts-0", + "namespace": "cass-operator", + "resource_version": "1581", + "uid": "e5322c75-6c05-4e97-90b8-c11bb1c04973" + } + }, + { + "hostname": null, + "ip": "10.244.2.5", + "node_name": "acto-0-cluster-0-worker", + "target_ref": { + "api_version": null, + "field_path": null, + "kind": "Pod", + "name": "cluster1-test-cluster-default-sts-1", + "namespace": "cass-operator", + "resource_version": "1976", + "uid": "142b87e9-242a-4cad-aa89-7164a010c1b0" + } + }, + { + "hostname": null, + "ip": "10.244.3.5", + "node_name": "acto-0-cluster-0-worker3", + "target_ref": { + "api_version": null, + "field_path": null, + "kind": "Pod", + "name": "cluster1-test-cluster-default-sts-2", + "namespace": "cass-operator", + "resource_version": "1793", + "uid": "939bdbbf-0ce4-4888-b71e-12983ba5c9aa" + } + } + ], + "not_ready_addresses": null, + "ports": null + } + ] + }, + "cluster1-test-cluster-all-pods-service": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": { + "endpoints.kubernetes.io/last-change-trigger-time": "2024-02-26T19:36:14Z" + }, + "creation_timestamp": "2024-02-26T19:33:30+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": { + "app.kubernetes.io/instance": "cassandra-cluster1", + "app.kubernetes.io/managed-by": "cass-operator", + "app.kubernetes.io/name": "cassandra", + "app.kubernetes.io/version": "3.11.7", + "cassandra.datastax.com/cluster": "cluster1", + "cassandra.datastax.com/datacenter": "test-cluster", + "cassandra.datastax.com/prom-metrics": "true", + "service.kubernetes.io/headless": "" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + ".": {}, + "f:endpoints.kubernetes.io/last-change-trigger-time": {} + }, + "f:labels": { + ".": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {}, + "f:app.kubernetes.io/version": {}, + "f:cassandra.datastax.com/cluster": {}, + "f:cassandra.datastax.com/datacenter": {}, + "f:cassandra.datastax.com/prom-metrics": {}, + "f:service.kubernetes.io/headless": {} + } + }, + "f:subsets": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:34:23+00:00" + } + ], + "name": "cluster1-test-cluster-all-pods-service", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1968", + "self_link": null, + "uid": "187bdfe8-5ecd-47db-a200-44d84b6ba723" + }, + "subsets": [ + { + "addresses": [ + { + "hostname": "cluster1-test-cluster-default-sts-0", + "ip": "10.244.1.4", + "node_name": "acto-0-cluster-0-worker2", + "target_ref": { + "api_version": null, + "field_path": null, + "kind": "Pod", + "name": "cluster1-test-cluster-default-sts-0", + "namespace": "cass-operator", + "resource_version": "1581", + "uid": "e5322c75-6c05-4e97-90b8-c11bb1c04973" + } + }, + { + "hostname": "cluster1-test-cluster-default-sts-1", + "ip": "10.244.2.5", + "node_name": "acto-0-cluster-0-worker", + "target_ref": { + "api_version": null, + "field_path": null, + "kind": "Pod", + "name": "cluster1-test-cluster-default-sts-1", + "namespace": "cass-operator", + "resource_version": "1965", + "uid": "142b87e9-242a-4cad-aa89-7164a010c1b0" + } + }, + { + "hostname": "cluster1-test-cluster-default-sts-2", + "ip": "10.244.3.5", + "node_name": "acto-0-cluster-0-worker3", + "target_ref": { + "api_version": null, + "field_path": null, + "kind": "Pod", + "name": "cluster1-test-cluster-default-sts-2", + "namespace": "cass-operator", + "resource_version": "1793", + "uid": "939bdbbf-0ce4-4888-b71e-12983ba5c9aa" + } + } + ], + "not_ready_addresses": null, + "ports": [ + { + "app_protocol": null, + "name": "native", + "port": 9042, + "protocol": "TCP" + }, + { + "app_protocol": null, + "name": "mgmt-api", + "port": 8080, + "protocol": "TCP" + }, + { + "app_protocol": null, + "name": "prometheus", + "port": 9103, + "protocol": "TCP" + } + ] + } + ] + }, + "cluster1-test-cluster-service": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": { + "endpoints.kubernetes.io/last-change-trigger-time": "2024-02-26T19:36:14Z" + }, + "creation_timestamp": "2024-02-26T19:33:30+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": { + "app.kubernetes.io/instance": "cassandra-cluster1", + "app.kubernetes.io/managed-by": "cass-operator", + "app.kubernetes.io/name": "cassandra", + "app.kubernetes.io/version": "3.11.7", + "cassandra.datastax.com/cluster": "cluster1", + "cassandra.datastax.com/datacenter": "test-cluster", + "service.kubernetes.io/headless": "" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + ".": {}, + "f:endpoints.kubernetes.io/last-change-trigger-time": {} + }, + "f:labels": { + ".": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {}, + "f:app.kubernetes.io/version": {}, + "f:cassandra.datastax.com/cluster": {}, + "f:cassandra.datastax.com/datacenter": {}, + "f:service.kubernetes.io/headless": {} + } + }, + "f:subsets": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:34:23+00:00" + } + ], + "name": "cluster1-test-cluster-service", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1966", + "self_link": null, + "uid": "279f15dd-d046-4501-a5a5-365b12a8c9a8" + }, + "subsets": [ + { + "addresses": [ + { + "hostname": null, + "ip": "10.244.1.4", + "node_name": "acto-0-cluster-0-worker2", + "target_ref": { + "api_version": null, + "field_path": null, + "kind": "Pod", + "name": "cluster1-test-cluster-default-sts-0", + "namespace": "cass-operator", + "resource_version": "1581", + "uid": "e5322c75-6c05-4e97-90b8-c11bb1c04973" + } + }, + { + "hostname": null, + "ip": "10.244.2.5", + "node_name": "acto-0-cluster-0-worker", + "target_ref": { + "api_version": null, + "field_path": null, + "kind": "Pod", + "name": "cluster1-test-cluster-default-sts-1", + "namespace": "cass-operator", + "resource_version": "1965", + "uid": "142b87e9-242a-4cad-aa89-7164a010c1b0" + } + }, + { + "hostname": null, + "ip": "10.244.3.5", + "node_name": "acto-0-cluster-0-worker3", + "target_ref": { + "api_version": null, + "field_path": null, + "kind": "Pod", + "name": "cluster1-test-cluster-default-sts-2", + "namespace": "cass-operator", + "resource_version": "1793", + "uid": "939bdbbf-0ce4-4888-b71e-12983ba5c9aa" + } + } + ], + "not_ready_addresses": null, + "ports": [ + { + "app_protocol": null, + "name": "tls-native", + "port": 9142, + "protocol": "TCP" + }, + { + "app_protocol": null, + "name": "native", + "port": 9042, + "protocol": "TCP" + }, + { + "app_protocol": null, + "name": "mgmt-api", + "port": 8080, + "protocol": "TCP" + }, + { + "app_protocol": null, + "name": "prometheus", + "port": 9103, + "protocol": "TCP" + }, + { + "app_protocol": null, + "name": "thrift", + "port": 9160, + "protocol": "TCP" + } + ] + } + ] + } + }, + "service_account": { + "cass-operator-controller-manager": { + "api_version": null, + "automount_service_account_token": null, + "image_pull_secrets": null, + "kind": null, + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:32:48+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": null, + "name": "cass-operator-controller-manager", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "956", + "self_link": null, + "uid": "5628ec65-235f-4db8-9828-ab8049e0af92" + }, + "secrets": [ + { + "api_version": null, + "field_path": null, + "kind": null, + "name": "cass-operator-controller-manager-token-78j4l", + "namespace": null, + "resource_version": null, + "uid": null + } + ] + }, + "default": { + "api_version": null, + "automount_service_account_token": null, + "image_pull_secrets": null, + "kind": null, + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:32:27+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": null, + "name": "default", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "738", + "self_link": null, + "uid": "b3fde095-7847-4277-9d68-1b6c28fa3d71" + }, + "secrets": [ + { + "api_version": null, + "field_path": null, + "kind": null, + "name": "default-token-85zgl", + "namespace": null, + "resource_version": null, + "uid": null + } + ] + } + }, + "job": {}, + "role": { + "cass-operator-leader-election-role": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:32:48+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "rbac.authorization.k8s.io/v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:rules": {} + }, + "manager": "kubectl", + "operation": "Apply", + "subresource": null, + "time": "2024-02-26T19:32:48+00:00" + } + ], + "name": "cass-operator-leader-election-role", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "952", + "self_link": null, + "uid": "8885366c-484d-40df-8586-c27476d9a5f3" + }, + "rules": [ + { + "api_groups": [ + "", + "coordination.k8s.io" + ], + "non_resource_ur_ls": null, + "resource_names": null, + "resources": [ + "configmaps", + "leases" + ], + "verbs": [ + "get", + "list", + "watch", + "create", + "update", + "patch", + "delete" + ] + }, + { + "api_groups": [ + "" + ], + "non_resource_ur_ls": null, + "resource_names": null, + "resources": [ + "events" + ], + "verbs": [ + "create", + "patch" + ] + } + ] + } + }, + "role_binding": { + "cass-operator-leader-election-rolebinding": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:32:48+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "rbac.authorization.k8s.io/v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:roleRef": {}, + "f:subjects": {} + }, + "manager": "kubectl", + "operation": "Apply", + "subresource": null, + "time": "2024-02-26T19:32:48+00:00" + } + ], + "name": "cass-operator-leader-election-rolebinding", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "957", + "self_link": null, + "uid": "86e9c8c8-1f9e-4033-897c-e2133a6aee61" + }, + "role_ref": { + "api_group": "rbac.authorization.k8s.io", + "kind": "Role", + "name": "cass-operator-leader-election-role" + }, + "subjects": [ + { + "api_group": null, + "kind": "ServiceAccount", + "name": "cass-operator-controller-manager", + "namespace": "cass-operator" + } + ] + } + }, + "custom_resource_spec": { + "additionalServiceConfig": { + "additionalSeedService": {}, + "allpodsService": {}, + "dcService": {}, + "nodePortService": {}, + "seedService": { + "additionalLabels": { + "ACTOKEY": "ACTOKEY" + } + } + }, + "clusterName": "cluster1", + "config": { + "cassandra-yaml": { + "authenticator": "org.apache.cassandra.auth.PasswordAuthenticator", + "authorizer": "org.apache.cassandra.auth.CassandraAuthorizer", + "role_manager": "org.apache.cassandra.auth.CassandraRoleManager" + }, + "jvm-options": { + "initial_heap_size": "800M", + "max_heap_size": "800M" + } + }, + "configBuilderResources": {}, + "managementApiAuth": { + "insecure": {} + }, + "resources": {}, + "serverType": "cassandra", + "serverVersion": "3.11.7", + "size": 3, + "storageConfig": { + "cassandraDataVolumeClaimSpec": { + "accessModes": [ + "ReadWriteOnce" + ], + "resources": { + "requests": { + "storage": "3Gi" + } + }, + "storageClassName": "server-storage" + } + }, + "systemLoggerResources": {} + }, + "custom_resource_status": { + "cassandraOperatorProgress": "Ready", + "conditions": [ + { + "lastTransitionTime": "2024-02-26T19:36:14Z", + "message": "", + "reason": "", + "status": "False", + "type": "Stopped" + }, + { + "lastTransitionTime": "2024-02-26T19:36:14Z", + "message": "", + "reason": "", + "status": "False", + "type": "ReplacingNodes" + }, + { + "lastTransitionTime": "2024-02-26T19:36:14Z", + "message": "", + "reason": "", + "status": "False", + "type": "Updating" + }, + { + "lastTransitionTime": "2024-02-26T19:36:14Z", + "message": "", + "reason": "", + "status": "False", + "type": "RollingRestart" + }, + { + "lastTransitionTime": "2024-02-26T19:36:14Z", + "message": "", + "reason": "", + "status": "False", + "type": "Resuming" + }, + { + "lastTransitionTime": "2024-02-26T19:36:14Z", + "message": "", + "reason": "", + "status": "False", + "type": "ScalingDown" + }, + { + "lastTransitionTime": "2024-02-26T19:36:14Z", + "message": "", + "reason": "", + "status": "True", + "type": "Valid" + }, + { + "lastTransitionTime": "2024-02-26T19:36:14Z", + "message": "", + "reason": "", + "status": "True", + "type": "Initialized" + }, + { + "lastTransitionTime": "2024-02-26T19:36:14Z", + "message": "", + "reason": "", + "status": "True", + "type": "Ready" + } + ], + "lastServerNodeStarted": "2024-02-26T19:35:24Z", + "nodeStatuses": { + "cluster1-test-cluster-default-sts-0": { + "hostID": "0279ff8f-464f-44ab-87ec-5e61a4ebab0e" + }, + "cluster1-test-cluster-default-sts-1": { + "hostID": "767e4881-4f9f-4375-a503-8f1496778265" + }, + "cluster1-test-cluster-default-sts-2": { + "hostID": "6488f37a-d640-490b-b66a-3afa7d021101" + } + }, + "observedGeneration": 2, + "quietPeriod": "2024-02-26T19:39:28Z", + "superUserUpserted": "2024-02-26T19:39:23Z", + "usersUpserted": "2024-02-26T19:39:23Z" + } +} diff --git a/docs/alarm_examples/true_alarm/system-state-000.json b/docs/alarm_examples/true_alarm/system-state-000.json new file mode 100644 index 0000000000..a9f17260d3 --- /dev/null +++ b/docs/alarm_examples/true_alarm/system-state-000.json @@ -0,0 +1,8501 @@ +{ + "pod": { + "cluster1-test-cluster-default-sts-0": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:30+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": "cluster1-test-cluster-default-sts-", + "generation": null, + "labels": { + "app.kubernetes.io/instance": "cassandra-cluster1", + "app.kubernetes.io/managed-by": "cass-operator", + "app.kubernetes.io/name": "cassandra", + "app.kubernetes.io/version": "3.11.7", + "cassandra.datastax.com/cluster": "cluster1", + "cassandra.datastax.com/datacenter": "test-cluster", + "cassandra.datastax.com/node-state": "Started", + "cassandra.datastax.com/rack": "default", + "cassandra.datastax.com/seed-node": "true", + "controller-revision-hash": "cluster1-test-cluster-default-sts-5d8d5c84f4", + "statefulset.kubernetes.io/pod-name": "cluster1-test-cluster-default-sts-0" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:generateName": {}, + "f:labels": { + ".": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {}, + "f:app.kubernetes.io/version": {}, + "f:cassandra.datastax.com/cluster": {}, + "f:cassandra.datastax.com/datacenter": {}, + "f:cassandra.datastax.com/rack": {}, + "f:controller-revision-hash": {}, + "f:statefulset.kubernetes.io/pod-name": {} + }, + "f:ownerReferences": { + ".": {}, + "k:{\"uid\":\"f34321ea-cb8c-422e-8e25-043ede05be43\"}": {} + } + }, + "f:spec": { + "f:affinity": { + ".": {}, + "f:podAntiAffinity": { + ".": {}, + "f:requiredDuringSchedulingIgnoredDuringExecution": {} + } + }, + "f:containers": { + "k:{\"name\":\"cassandra\"}": { + ".": {}, + "f:env": { + ".": {}, + "k:{\"name\":\"DSE_AUTO_CONF_OFF\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"DSE_MGMT_EXPLICIT_START\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"DS_LICENSE\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"MGMT_API_EXPLICIT_START\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"USE_MGMT_API\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + } + }, + "f:image": {}, + "f:imagePullPolicy": {}, + "f:lifecycle": { + ".": {}, + "f:preStop": { + ".": {}, + "f:exec": { + ".": {}, + "f:command": {} + } + } + }, + "f:livenessProbe": { + ".": {}, + "f:failureThreshold": {}, + "f:httpGet": { + ".": {}, + "f:path": {}, + "f:port": {}, + "f:scheme": {} + }, + "f:initialDelaySeconds": {}, + "f:periodSeconds": {}, + "f:successThreshold": {}, + "f:timeoutSeconds": {} + }, + "f:name": {}, + "f:ports": { + ".": {}, + "k:{\"containerPort\":7000,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + }, + "k:{\"containerPort\":7001,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + }, + "k:{\"containerPort\":7199,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + }, + "k:{\"containerPort\":8080,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + }, + "k:{\"containerPort\":9042,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + }, + "k:{\"containerPort\":9103,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + }, + "k:{\"containerPort\":9142,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + }, + "k:{\"containerPort\":9160,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + } + }, + "f:readinessProbe": { + ".": {}, + "f:failureThreshold": {}, + "f:httpGet": { + ".": {}, + "f:path": {}, + "f:port": {}, + "f:scheme": {} + }, + "f:initialDelaySeconds": {}, + "f:periodSeconds": {}, + "f:successThreshold": {}, + "f:timeoutSeconds": {} + }, + "f:resources": {}, + "f:terminationMessagePath": {}, + "f:terminationMessagePolicy": {}, + "f:volumeMounts": { + ".": {}, + "k:{\"mountPath\":\"/config\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {} + }, + "k:{\"mountPath\":\"/etc/encryption/\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {} + }, + "k:{\"mountPath\":\"/var/lib/cassandra\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {} + }, + "k:{\"mountPath\":\"/var/log/cassandra\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {} + } + } + }, + "k:{\"name\":\"server-system-logger\"}": { + ".": {}, + "f:image": {}, + "f:imagePullPolicy": {}, + "f:name": {}, + "f:resources": { + ".": {}, + "f:limits": { + ".": {}, + "f:cpu": {}, + "f:memory": {} + }, + "f:requests": { + ".": {}, + "f:cpu": {}, + "f:memory": {} + } + }, + "f:terminationMessagePath": {}, + "f:terminationMessagePolicy": {}, + "f:volumeMounts": { + ".": {}, + "k:{\"mountPath\":\"/var/log/cassandra\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {} + } + } + } + }, + "f:dnsPolicy": {}, + "f:enableServiceLinks": {}, + "f:hostname": {}, + "f:initContainers": { + ".": {}, + "k:{\"name\":\"server-config-init\"}": { + ".": {}, + "f:env": { + ".": {}, + "k:{\"name\":\"CONFIG_FILE_DATA\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"DSE_VERSION\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"HOST_IP\"}": { + ".": {}, + "f:name": {}, + "f:valueFrom": { + ".": {}, + "f:fieldRef": {} + } + }, + "k:{\"name\":\"POD_IP\"}": { + ".": {}, + "f:name": {}, + "f:valueFrom": { + ".": {}, + "f:fieldRef": {} + } + }, + "k:{\"name\":\"PRODUCT_NAME\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"PRODUCT_VERSION\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"RACK_NAME\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"USE_HOST_IP_FOR_BROADCAST\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + } + }, + "f:image": {}, + "f:imagePullPolicy": {}, + "f:name": {}, + "f:resources": { + ".": {}, + "f:limits": { + ".": {}, + "f:cpu": {}, + "f:memory": {} + }, + "f:requests": { + ".": {}, + "f:cpu": {}, + "f:memory": {} + } + }, + "f:terminationMessagePath": {}, + "f:terminationMessagePolicy": {}, + "f:volumeMounts": { + ".": {}, + "k:{\"mountPath\":\"/config\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {} + } + } + } + }, + "f:restartPolicy": {}, + "f:schedulerName": {}, + "f:securityContext": { + ".": {}, + "f:fsGroup": {}, + "f:runAsGroup": {}, + "f:runAsUser": {} + }, + "f:serviceAccount": {}, + "f:serviceAccountName": {}, + "f:subdomain": {}, + "f:terminationGracePeriodSeconds": {}, + "f:volumes": { + ".": {}, + "k:{\"name\":\"encryption-cred-storage\"}": { + ".": {}, + "f:name": {}, + "f:secret": { + ".": {}, + "f:defaultMode": {}, + "f:secretName": {} + } + }, + "k:{\"name\":\"server-config\"}": { + ".": {}, + "f:emptyDir": {}, + "f:name": {} + }, + "k:{\"name\":\"server-data\"}": { + ".": {}, + "f:name": {}, + "f:persistentVolumeClaim": { + ".": {}, + "f:claimName": {} + } + }, + "k:{\"name\":\"server-logs\"}": { + ".": {}, + "f:emptyDir": {}, + "f:name": {} + } + } + } + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:30+00:00" + }, + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:labels": { + "f:cassandra.datastax.com/node-state": {}, + "f:cassandra.datastax.com/seed-node": {} + } + } + }, + "manager": "manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:34:08+00:00" + }, + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:status": { + "f:conditions": { + "k:{\"type\":\"ContainersReady\"}": { + ".": {}, + "f:lastProbeTime": {}, + "f:lastTransitionTime": {}, + "f:status": {}, + "f:type": {} + }, + "k:{\"type\":\"Initialized\"}": { + ".": {}, + "f:lastProbeTime": {}, + "f:lastTransitionTime": {}, + "f:status": {}, + "f:type": {} + }, + "k:{\"type\":\"Ready\"}": { + ".": {}, + "f:lastProbeTime": {}, + "f:lastTransitionTime": {}, + "f:status": {}, + "f:type": {} + } + }, + "f:containerStatuses": {}, + "f:hostIP": {}, + "f:initContainerStatuses": {}, + "f:phase": {}, + "f:podIP": {}, + "f:podIPs": { + ".": {}, + "k:{\"ip\":\"10.244.1.4\"}": { + ".": {}, + "f:ip": {} + } + }, + "f:startTime": {} + } + }, + "manager": "Go-http-client", + "operation": "Update", + "subresource": "status", + "time": "2024-02-26T19:34:23+00:00" + } + ], + "name": "cluster1-test-cluster-default-sts-0", + "namespace": "cass-operator", + "owner_references": [ + { + "api_version": "apps/v1", + "block_owner_deletion": true, + "controller": true, + "kind": "StatefulSet", + "name": "cluster1-test-cluster-default-sts", + "uid": "f34321ea-cb8c-422e-8e25-043ede05be43" + } + ], + "resource_version": "1581", + "self_link": null, + "uid": "e5322c75-6c05-4e97-90b8-c11bb1c04973" + }, + "spec": { + "active_deadline_seconds": null, + "affinity": { + "node_affinity": null, + "pod_affinity": null, + "pod_anti_affinity": { + "preferred_during_scheduling_ignored_during_execution": null, + "required_during_scheduling_ignored_during_execution": [ + { + "label_selector": { + "match_expressions": [ + { + "key": "cassandra.datastax.com/cluster", + "operator": "Exists", + "values": null + }, + { + "key": "cassandra.datastax.com/datacenter", + "operator": "Exists", + "values": null + }, + { + "key": "cassandra.datastax.com/rack", + "operator": "Exists", + "values": null + } + ], + "match_labels": null + }, + "namespace_selector": null, + "namespaces": null, + "topology_key": "kubernetes.io/hostname" + } + ] + } + }, + "automount_service_account_token": null, + "containers": [ + { + "args": null, + "command": null, + "env": [ + { + "name": "DS_LICENSE", + "value": "accept", + "value_from": null + }, + { + "name": "DSE_AUTO_CONF_OFF", + "value": "all", + "value_from": null + }, + { + "name": "USE_MGMT_API", + "value": "true", + "value_from": null + }, + { + "name": "MGMT_API_EXPLICIT_START", + "value": "true", + "value_from": null + }, + { + "name": "DSE_MGMT_EXPLICIT_START", + "value": "true", + "value_from": null + } + ], + "env_from": null, + "image": "k8ssandra/cass-management-api:3.11.7", + "image_pull_policy": "IfNotPresent", + "lifecycle": { + "post_start": null, + "pre_stop": { + "_exec": { + "command": [ + "wget", + "--output-document", + "/dev/null", + "--no-check-certificate", + "--post-data=''", + "http://localhost:8080/api/v0/ops/node/drain" + ] + }, + "http_get": null, + "tcp_socket": null + } + }, + "liveness_probe": { + "_exec": null, + "failure_threshold": 3, + "grpc": null, + "http_get": { + "host": null, + "http_headers": null, + "path": "/api/v0/probes/liveness", + "port": 8080, + "scheme": "HTTP" + }, + "initial_delay_seconds": 15, + "period_seconds": 15, + "success_threshold": 1, + "tcp_socket": null, + "termination_grace_period_seconds": null, + "timeout_seconds": 1 + }, + "name": "cassandra", + "ports": [ + { + "container_port": 9042, + "host_ip": null, + "host_port": null, + "name": "native", + "protocol": "TCP" + }, + { + "container_port": 9142, + "host_ip": null, + "host_port": null, + "name": "tls-native", + "protocol": "TCP" + }, + { + "container_port": 7000, + "host_ip": null, + "host_port": null, + "name": "internode", + "protocol": "TCP" + }, + { + "container_port": 7001, + "host_ip": null, + "host_port": null, + "name": "tls-internode", + "protocol": "TCP" + }, + { + "container_port": 7199, + "host_ip": null, + "host_port": null, + "name": "jmx", + "protocol": "TCP" + }, + { + "container_port": 8080, + "host_ip": null, + "host_port": null, + "name": "mgmt-api-http", + "protocol": "TCP" + }, + { + "container_port": 9103, + "host_ip": null, + "host_port": null, + "name": "prometheus", + "protocol": "TCP" + }, + { + "container_port": 9160, + "host_ip": null, + "host_port": null, + "name": "thrift", + "protocol": "TCP" + } + ], + "readiness_probe": { + "_exec": null, + "failure_threshold": 3, + "grpc": null, + "http_get": { + "host": null, + "http_headers": null, + "path": "/api/v0/probes/readiness", + "port": 8080, + "scheme": "HTTP" + }, + "initial_delay_seconds": 20, + "period_seconds": 10, + "success_threshold": 1, + "tcp_socket": null, + "termination_grace_period_seconds": null, + "timeout_seconds": 1 + }, + "resources": { + "claims": null, + "limits": null, + "requests": null + }, + "security_context": null, + "startup_probe": null, + "stdin": null, + "stdin_once": null, + "termination_message_path": "/dev/termination-log", + "termination_message_policy": "File", + "tty": null, + "volume_devices": null, + "volume_mounts": [ + { + "mount_path": "/var/log/cassandra", + "mount_propagation": null, + "name": "server-logs", + "read_only": null, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/var/lib/cassandra", + "mount_propagation": null, + "name": "server-data", + "read_only": null, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/etc/encryption/", + "mount_propagation": null, + "name": "encryption-cred-storage", + "read_only": null, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/config", + "mount_propagation": null, + "name": "server-config", + "read_only": null, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/var/run/secrets/kubernetes.io/serviceaccount", + "mount_propagation": null, + "name": "kube-api-access-bv8fr", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + } + ], + "working_dir": null + }, + { + "args": null, + "command": null, + "env": null, + "env_from": null, + "image": "k8ssandra/system-logger:v1.10.3", + "image_pull_policy": "IfNotPresent", + "lifecycle": null, + "liveness_probe": null, + "name": "server-system-logger", + "ports": null, + "readiness_probe": null, + "resources": { + "claims": null, + "limits": { + "cpu": "100m", + "memory": "64M" + }, + "requests": { + "cpu": "100m", + "memory": "64M" + } + }, + "security_context": null, + "startup_probe": null, + "stdin": null, + "stdin_once": null, + "termination_message_path": "/dev/termination-log", + "termination_message_policy": "File", + "tty": null, + "volume_devices": null, + "volume_mounts": [ + { + "mount_path": "/var/log/cassandra", + "mount_propagation": null, + "name": "server-logs", + "read_only": null, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/var/run/secrets/kubernetes.io/serviceaccount", + "mount_propagation": null, + "name": "kube-api-access-bv8fr", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + } + ], + "working_dir": null + } + ], + "dns_config": null, + "dns_policy": "ClusterFirst", + "enable_service_links": true, + "ephemeral_containers": null, + "host_aliases": null, + "host_ipc": null, + "host_network": null, + "host_pid": null, + "host_users": null, + "hostname": "cluster1-test-cluster-default-sts-0", + "image_pull_secrets": null, + "init_containers": [ + { + "args": null, + "command": null, + "env": [ + { + "name": "POD_IP", + "value": null, + "value_from": { + "config_map_key_ref": null, + "field_ref": { + "api_version": "v1", + "field_path": "status.podIP" + }, + "resource_field_ref": null, + "secret_key_ref": null + } + }, + { + "name": "HOST_IP", + "value": null, + "value_from": { + "config_map_key_ref": null, + "field_ref": { + "api_version": "v1", + "field_path": "status.hostIP" + }, + "resource_field_ref": null, + "secret_key_ref": null + } + }, + { + "name": "USE_HOST_IP_FOR_BROADCAST", + "value": "false", + "value_from": null + }, + { + "name": "RACK_NAME", + "value": "default", + "value_from": null + }, + { + "name": "PRODUCT_VERSION", + "value": "3.11.7", + "value_from": null + }, + { + "name": "PRODUCT_NAME", + "value": "cassandra", + "value_from": null + }, + { + "name": "DSE_VERSION", + "value": "3.11.7", + "value_from": null + }, + { + "name": "CONFIG_FILE_DATA", + "value": "{\"cassandra-yaml\":{\"authenticator\":\"org.apache.cassandra.auth.PasswordAuthenticator\",\"authorizer\":\"org.apache.cassandra.auth.CassandraAuthorizer\",\"role_manager\":\"org.apache.cassandra.auth.CassandraRoleManager\"},\"cluster-info\":{\"name\":\"cluster1\",\"seeds\":\"cluster1-seed-service,cluster1-test-cluster-additional-seed-service\"},\"datacenter-info\":{\"graph-enabled\":0,\"name\":\"test-cluster\",\"solr-enabled\":0,\"spark-enabled\":0},\"jvm-options\":{\"initial_heap_size\":\"800M\",\"max_heap_size\":\"800M\"}}", + "value_from": null + } + ], + "env_from": null, + "image": "datastax/cass-config-builder:1.0.4-ubi7", + "image_pull_policy": "IfNotPresent", + "lifecycle": null, + "liveness_probe": null, + "name": "server-config-init", + "ports": null, + "readiness_probe": null, + "resources": { + "claims": null, + "limits": { + "cpu": "1", + "memory": "256M" + }, + "requests": { + "cpu": "1", + "memory": "256M" + } + }, + "security_context": null, + "startup_probe": null, + "stdin": null, + "stdin_once": null, + "termination_message_path": "/dev/termination-log", + "termination_message_policy": "File", + "tty": null, + "volume_devices": null, + "volume_mounts": [ + { + "mount_path": "/config", + "mount_propagation": null, + "name": "server-config", + "read_only": null, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/var/run/secrets/kubernetes.io/serviceaccount", + "mount_propagation": null, + "name": "kube-api-access-bv8fr", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + } + ], + "working_dir": null + } + ], + "node_name": "acto-0-cluster-0-worker2", + "node_selector": null, + "os": null, + "overhead": null, + "preemption_policy": "PreemptLowerPriority", + "priority": 0, + "priority_class_name": null, + "readiness_gates": null, + "resource_claims": null, + "restart_policy": "Always", + "runtime_class_name": null, + "scheduler_name": "default-scheduler", + "scheduling_gates": null, + "security_context": { + "fs_group": 999, + "fs_group_change_policy": null, + "run_as_group": 999, + "run_as_non_root": null, + "run_as_user": 999, + "se_linux_options": null, + "seccomp_profile": null, + "supplemental_groups": null, + "sysctls": null, + "windows_options": null + }, + "service_account": "default", + "service_account_name": "default", + "set_hostname_as_fqdn": null, + "share_process_namespace": null, + "subdomain": "cluster1-test-cluster-all-pods-service", + "termination_grace_period_seconds": 120, + "tolerations": [ + { + "effect": "NoExecute", + "key": "node.kubernetes.io/not-ready", + "operator": "Exists", + "toleration_seconds": 300, + "value": null + }, + { + "effect": "NoExecute", + "key": "node.kubernetes.io/unreachable", + "operator": "Exists", + "toleration_seconds": 300, + "value": null + } + ], + "topology_spread_constraints": null, + "volumes": [ + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "server-data", + "nfs": null, + "persistent_volume_claim": { + "claim_name": "server-data-cluster1-test-cluster-default-sts-0", + "read_only": null + }, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": null, + "empty_dir": { + "medium": null, + "size_limit": null + }, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "server-config", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": null, + "empty_dir": { + "medium": null, + "size_limit": null + }, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "server-logs", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "encryption-cred-storage", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": { + "default_mode": 420, + "items": null, + "optional": null, + "secret_name": "test-cluster-keystore" + }, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "kube-api-access-bv8fr", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": { + "default_mode": 420, + "sources": [ + { + "config_map": null, + "downward_api": null, + "secret": null, + "service_account_token": { + "audience": null, + "expiration_seconds": 3607, + "path": "token" + } + }, + { + "config_map": { + "items": [ + { + "key": "ca.crt", + "mode": null, + "path": "ca.crt" + } + ], + "name": "kube-root-ca.crt", + "optional": null + }, + "downward_api": null, + "secret": null, + "service_account_token": null + }, + { + "config_map": null, + "downward_api": { + "items": [ + { + "field_ref": { + "api_version": "v1", + "field_path": "metadata.namespace" + }, + "mode": null, + "path": "namespace", + "resource_field_ref": null + } + ] + }, + "secret": null, + "service_account_token": null + } + ] + }, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + } + ] + }, + "status": { + "conditions": [ + { + "last_probe_time": null, + "last_transition_time": "2024-02-26T19:33:52+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "Initialized" + }, + { + "last_probe_time": null, + "last_transition_time": "2024-02-26T19:34:23+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "Ready" + }, + { + "last_probe_time": null, + "last_transition_time": "2024-02-26T19:34:23+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "ContainersReady" + }, + { + "last_probe_time": null, + "last_transition_time": "2024-02-26T19:33:33+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "PodScheduled" + } + ], + "container_statuses": [ + { + "container_id": "containerd://6781899841b23cd996e6d3e8f3eb7e420b19c55a85ee722533b37956f1569510", + "image": "docker.io/k8ssandra/cass-management-api:3.11.7", + "image_id": "docker.io/library/import-2024-02-26@sha256:3c740a7979c8fdbade5e4a289fd9bd2518bddafb76c7135fff09fb049b91ec77", + "last_state": { + "running": null, + "terminated": null, + "waiting": null + }, + "name": "cassandra", + "ready": true, + "restart_count": 0, + "started": true, + "state": { + "running": { + "started_at": "2024-02-26T19:33:52+00:00" + }, + "terminated": null, + "waiting": null + } + }, + { + "container_id": "containerd://b440f9849e6af66780de051ba270a0aad909c4cd5c45cc27b8ff658c4729a85b", + "image": "docker.io/k8ssandra/system-logger:v1.10.3", + "image_id": "docker.io/library/import-2024-02-26@sha256:d7125862ace61780e73a267eb69aafd40aefe5f9aa4fa37c82728488d36afe34", + "last_state": { + "running": null, + "terminated": null, + "waiting": null + }, + "name": "server-system-logger", + "ready": true, + "restart_count": 0, + "started": true, + "state": { + "running": { + "started_at": "2024-02-26T19:33:52+00:00" + }, + "terminated": null, + "waiting": null + } + } + ], + "ephemeral_container_statuses": null, + "host_ip": "172.18.0.3", + "init_container_statuses": [ + { + "container_id": "containerd://8783e2ce5d431ff462c90cbe98e5c045aa3c63bb42625771dc5b4e7545fdef16", + "image": "docker.io/datastax/cass-config-builder:1.0.4-ubi7", + "image_id": "docker.io/library/import-2024-02-26@sha256:a2fd99198174a7e97d77e9146e5bc9aa096444b5f3ca71aba30c410661f4fec1", + "last_state": { + "running": null, + "terminated": null, + "waiting": null + }, + "name": "server-config-init", + "ready": true, + "restart_count": 0, + "started": null, + "state": { + "running": null, + "terminated": { + "container_id": "containerd://8783e2ce5d431ff462c90cbe98e5c045aa3c63bb42625771dc5b4e7545fdef16", + "exit_code": 0, + "finished_at": "2024-02-26T19:33:52+00:00", + "message": null, + "reason": "Completed", + "signal": null, + "started_at": "2024-02-26T19:33:49+00:00" + }, + "waiting": null + } + } + ], + "message": null, + "nominated_node_name": null, + "phase": "Running", + "pod_ip": "10.244.1.4", + "pod_i_ps": [ + { + "ip": "10.244.1.4" + } + ], + "qos_class": "Burstable", + "reason": null, + "start_time": "2024-02-26T19:33:33+00:00" + } + }, + "cluster1-test-cluster-default-sts-1": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:30+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": "cluster1-test-cluster-default-sts-", + "generation": null, + "labels": { + "app.kubernetes.io/instance": "cassandra-cluster1", + "app.kubernetes.io/managed-by": "cass-operator", + "app.kubernetes.io/name": "cassandra", + "app.kubernetes.io/version": "3.11.7", + "cassandra.datastax.com/cluster": "cluster1", + "cassandra.datastax.com/datacenter": "test-cluster", + "cassandra.datastax.com/node-state": "Started", + "cassandra.datastax.com/rack": "default", + "cassandra.datastax.com/seed-node": "true", + "controller-revision-hash": "cluster1-test-cluster-default-sts-5d8d5c84f4", + "statefulset.kubernetes.io/pod-name": "cluster1-test-cluster-default-sts-1" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:generateName": {}, + "f:labels": { + ".": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {}, + "f:app.kubernetes.io/version": {}, + "f:cassandra.datastax.com/cluster": {}, + "f:cassandra.datastax.com/datacenter": {}, + "f:cassandra.datastax.com/rack": {}, + "f:controller-revision-hash": {}, + "f:statefulset.kubernetes.io/pod-name": {} + }, + "f:ownerReferences": { + ".": {}, + "k:{\"uid\":\"f34321ea-cb8c-422e-8e25-043ede05be43\"}": {} + } + }, + "f:spec": { + "f:affinity": { + ".": {}, + "f:podAntiAffinity": { + ".": {}, + "f:requiredDuringSchedulingIgnoredDuringExecution": {} + } + }, + "f:containers": { + "k:{\"name\":\"cassandra\"}": { + ".": {}, + "f:env": { + ".": {}, + "k:{\"name\":\"DSE_AUTO_CONF_OFF\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"DSE_MGMT_EXPLICIT_START\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"DS_LICENSE\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"MGMT_API_EXPLICIT_START\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"USE_MGMT_API\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + } + }, + "f:image": {}, + "f:imagePullPolicy": {}, + "f:lifecycle": { + ".": {}, + "f:preStop": { + ".": {}, + "f:exec": { + ".": {}, + "f:command": {} + } + } + }, + "f:livenessProbe": { + ".": {}, + "f:failureThreshold": {}, + "f:httpGet": { + ".": {}, + "f:path": {}, + "f:port": {}, + "f:scheme": {} + }, + "f:initialDelaySeconds": {}, + "f:periodSeconds": {}, + "f:successThreshold": {}, + "f:timeoutSeconds": {} + }, + "f:name": {}, + "f:ports": { + ".": {}, + "k:{\"containerPort\":7000,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + }, + "k:{\"containerPort\":7001,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + }, + "k:{\"containerPort\":7199,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + }, + "k:{\"containerPort\":8080,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + }, + "k:{\"containerPort\":9042,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + }, + "k:{\"containerPort\":9103,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + }, + "k:{\"containerPort\":9142,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + }, + "k:{\"containerPort\":9160,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + } + }, + "f:readinessProbe": { + ".": {}, + "f:failureThreshold": {}, + "f:httpGet": { + ".": {}, + "f:path": {}, + "f:port": {}, + "f:scheme": {} + }, + "f:initialDelaySeconds": {}, + "f:periodSeconds": {}, + "f:successThreshold": {}, + "f:timeoutSeconds": {} + }, + "f:resources": {}, + "f:terminationMessagePath": {}, + "f:terminationMessagePolicy": {}, + "f:volumeMounts": { + ".": {}, + "k:{\"mountPath\":\"/config\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {} + }, + "k:{\"mountPath\":\"/etc/encryption/\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {} + }, + "k:{\"mountPath\":\"/var/lib/cassandra\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {} + }, + "k:{\"mountPath\":\"/var/log/cassandra\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {} + } + } + }, + "k:{\"name\":\"server-system-logger\"}": { + ".": {}, + "f:image": {}, + "f:imagePullPolicy": {}, + "f:name": {}, + "f:resources": { + ".": {}, + "f:limits": { + ".": {}, + "f:cpu": {}, + "f:memory": {} + }, + "f:requests": { + ".": {}, + "f:cpu": {}, + "f:memory": {} + } + }, + "f:terminationMessagePath": {}, + "f:terminationMessagePolicy": {}, + "f:volumeMounts": { + ".": {}, + "k:{\"mountPath\":\"/var/log/cassandra\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {} + } + } + } + }, + "f:dnsPolicy": {}, + "f:enableServiceLinks": {}, + "f:hostname": {}, + "f:initContainers": { + ".": {}, + "k:{\"name\":\"server-config-init\"}": { + ".": {}, + "f:env": { + ".": {}, + "k:{\"name\":\"CONFIG_FILE_DATA\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"DSE_VERSION\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"HOST_IP\"}": { + ".": {}, + "f:name": {}, + "f:valueFrom": { + ".": {}, + "f:fieldRef": {} + } + }, + "k:{\"name\":\"POD_IP\"}": { + ".": {}, + "f:name": {}, + "f:valueFrom": { + ".": {}, + "f:fieldRef": {} + } + }, + "k:{\"name\":\"PRODUCT_NAME\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"PRODUCT_VERSION\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"RACK_NAME\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"USE_HOST_IP_FOR_BROADCAST\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + } + }, + "f:image": {}, + "f:imagePullPolicy": {}, + "f:name": {}, + "f:resources": { + ".": {}, + "f:limits": { + ".": {}, + "f:cpu": {}, + "f:memory": {} + }, + "f:requests": { + ".": {}, + "f:cpu": {}, + "f:memory": {} + } + }, + "f:terminationMessagePath": {}, + "f:terminationMessagePolicy": {}, + "f:volumeMounts": { + ".": {}, + "k:{\"mountPath\":\"/config\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {} + } + } + } + }, + "f:restartPolicy": {}, + "f:schedulerName": {}, + "f:securityContext": { + ".": {}, + "f:fsGroup": {}, + "f:runAsGroup": {}, + "f:runAsUser": {} + }, + "f:serviceAccount": {}, + "f:serviceAccountName": {}, + "f:subdomain": {}, + "f:terminationGracePeriodSeconds": {}, + "f:volumes": { + ".": {}, + "k:{\"name\":\"encryption-cred-storage\"}": { + ".": {}, + "f:name": {}, + "f:secret": { + ".": {}, + "f:defaultMode": {}, + "f:secretName": {} + } + }, + "k:{\"name\":\"server-config\"}": { + ".": {}, + "f:emptyDir": {}, + "f:name": {} + }, + "k:{\"name\":\"server-data\"}": { + ".": {}, + "f:name": {}, + "f:persistentVolumeClaim": { + ".": {}, + "f:claimName": {} + } + }, + "k:{\"name\":\"server-logs\"}": { + ".": {}, + "f:emptyDir": {}, + "f:name": {} + } + } + } + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:30+00:00" + }, + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:status": { + "f:conditions": { + "k:{\"type\":\"ContainersReady\"}": { + ".": {}, + "f:lastProbeTime": {}, + "f:lastTransitionTime": {}, + "f:status": {}, + "f:type": {} + }, + "k:{\"type\":\"Initialized\"}": { + ".": {}, + "f:lastProbeTime": {}, + "f:lastTransitionTime": {}, + "f:status": {}, + "f:type": {} + }, + "k:{\"type\":\"Ready\"}": { + ".": {}, + "f:lastProbeTime": {}, + "f:lastTransitionTime": {}, + "f:status": {}, + "f:type": {} + } + }, + "f:containerStatuses": {}, + "f:hostIP": {}, + "f:initContainerStatuses": {}, + "f:phase": {}, + "f:podIP": {}, + "f:podIPs": { + ".": {}, + "k:{\"ip\":\"10.244.2.5\"}": { + ".": {}, + "f:ip": {} + } + }, + "f:startTime": {} + } + }, + "manager": "Go-http-client", + "operation": "Update", + "subresource": "status", + "time": "2024-02-26T19:36:14+00:00" + }, + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:labels": { + "f:cassandra.datastax.com/node-state": {}, + "f:cassandra.datastax.com/seed-node": {} + } + } + }, + "manager": "manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:36:14+00:00" + } + ], + "name": "cluster1-test-cluster-default-sts-1", + "namespace": "cass-operator", + "owner_references": [ + { + "api_version": "apps/v1", + "block_owner_deletion": true, + "controller": true, + "kind": "StatefulSet", + "name": "cluster1-test-cluster-default-sts", + "uid": "f34321ea-cb8c-422e-8e25-043ede05be43" + } + ], + "resource_version": "1976", + "self_link": null, + "uid": "142b87e9-242a-4cad-aa89-7164a010c1b0" + }, + "spec": { + "active_deadline_seconds": null, + "affinity": { + "node_affinity": null, + "pod_affinity": null, + "pod_anti_affinity": { + "preferred_during_scheduling_ignored_during_execution": null, + "required_during_scheduling_ignored_during_execution": [ + { + "label_selector": { + "match_expressions": [ + { + "key": "cassandra.datastax.com/cluster", + "operator": "Exists", + "values": null + }, + { + "key": "cassandra.datastax.com/datacenter", + "operator": "Exists", + "values": null + }, + { + "key": "cassandra.datastax.com/rack", + "operator": "Exists", + "values": null + } + ], + "match_labels": null + }, + "namespace_selector": null, + "namespaces": null, + "topology_key": "kubernetes.io/hostname" + } + ] + } + }, + "automount_service_account_token": null, + "containers": [ + { + "args": null, + "command": null, + "env": [ + { + "name": "DS_LICENSE", + "value": "accept", + "value_from": null + }, + { + "name": "DSE_AUTO_CONF_OFF", + "value": "all", + "value_from": null + }, + { + "name": "USE_MGMT_API", + "value": "true", + "value_from": null + }, + { + "name": "MGMT_API_EXPLICIT_START", + "value": "true", + "value_from": null + }, + { + "name": "DSE_MGMT_EXPLICIT_START", + "value": "true", + "value_from": null + } + ], + "env_from": null, + "image": "k8ssandra/cass-management-api:3.11.7", + "image_pull_policy": "IfNotPresent", + "lifecycle": { + "post_start": null, + "pre_stop": { + "_exec": { + "command": [ + "wget", + "--output-document", + "/dev/null", + "--no-check-certificate", + "--post-data=''", + "http://localhost:8080/api/v0/ops/node/drain" + ] + }, + "http_get": null, + "tcp_socket": null + } + }, + "liveness_probe": { + "_exec": null, + "failure_threshold": 3, + "grpc": null, + "http_get": { + "host": null, + "http_headers": null, + "path": "/api/v0/probes/liveness", + "port": 8080, + "scheme": "HTTP" + }, + "initial_delay_seconds": 15, + "period_seconds": 15, + "success_threshold": 1, + "tcp_socket": null, + "termination_grace_period_seconds": null, + "timeout_seconds": 1 + }, + "name": "cassandra", + "ports": [ + { + "container_port": 9042, + "host_ip": null, + "host_port": null, + "name": "native", + "protocol": "TCP" + }, + { + "container_port": 9142, + "host_ip": null, + "host_port": null, + "name": "tls-native", + "protocol": "TCP" + }, + { + "container_port": 7000, + "host_ip": null, + "host_port": null, + "name": "internode", + "protocol": "TCP" + }, + { + "container_port": 7001, + "host_ip": null, + "host_port": null, + "name": "tls-internode", + "protocol": "TCP" + }, + { + "container_port": 7199, + "host_ip": null, + "host_port": null, + "name": "jmx", + "protocol": "TCP" + }, + { + "container_port": 8080, + "host_ip": null, + "host_port": null, + "name": "mgmt-api-http", + "protocol": "TCP" + }, + { + "container_port": 9103, + "host_ip": null, + "host_port": null, + "name": "prometheus", + "protocol": "TCP" + }, + { + "container_port": 9160, + "host_ip": null, + "host_port": null, + "name": "thrift", + "protocol": "TCP" + } + ], + "readiness_probe": { + "_exec": null, + "failure_threshold": 3, + "grpc": null, + "http_get": { + "host": null, + "http_headers": null, + "path": "/api/v0/probes/readiness", + "port": 8080, + "scheme": "HTTP" + }, + "initial_delay_seconds": 20, + "period_seconds": 10, + "success_threshold": 1, + "tcp_socket": null, + "termination_grace_period_seconds": null, + "timeout_seconds": 1 + }, + "resources": { + "claims": null, + "limits": null, + "requests": null + }, + "security_context": null, + "startup_probe": null, + "stdin": null, + "stdin_once": null, + "termination_message_path": "/dev/termination-log", + "termination_message_policy": "File", + "tty": null, + "volume_devices": null, + "volume_mounts": [ + { + "mount_path": "/var/log/cassandra", + "mount_propagation": null, + "name": "server-logs", + "read_only": null, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/var/lib/cassandra", + "mount_propagation": null, + "name": "server-data", + "read_only": null, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/etc/encryption/", + "mount_propagation": null, + "name": "encryption-cred-storage", + "read_only": null, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/config", + "mount_propagation": null, + "name": "server-config", + "read_only": null, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/var/run/secrets/kubernetes.io/serviceaccount", + "mount_propagation": null, + "name": "kube-api-access-5qwsl", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + } + ], + "working_dir": null + }, + { + "args": null, + "command": null, + "env": null, + "env_from": null, + "image": "k8ssandra/system-logger:v1.10.3", + "image_pull_policy": "IfNotPresent", + "lifecycle": null, + "liveness_probe": null, + "name": "server-system-logger", + "ports": null, + "readiness_probe": null, + "resources": { + "claims": null, + "limits": { + "cpu": "100m", + "memory": "64M" + }, + "requests": { + "cpu": "100m", + "memory": "64M" + } + }, + "security_context": null, + "startup_probe": null, + "stdin": null, + "stdin_once": null, + "termination_message_path": "/dev/termination-log", + "termination_message_policy": "File", + "tty": null, + "volume_devices": null, + "volume_mounts": [ + { + "mount_path": "/var/log/cassandra", + "mount_propagation": null, + "name": "server-logs", + "read_only": null, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/var/run/secrets/kubernetes.io/serviceaccount", + "mount_propagation": null, + "name": "kube-api-access-5qwsl", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + } + ], + "working_dir": null + } + ], + "dns_config": null, + "dns_policy": "ClusterFirst", + "enable_service_links": true, + "ephemeral_containers": null, + "host_aliases": null, + "host_ipc": null, + "host_network": null, + "host_pid": null, + "host_users": null, + "hostname": "cluster1-test-cluster-default-sts-1", + "image_pull_secrets": null, + "init_containers": [ + { + "args": null, + "command": null, + "env": [ + { + "name": "POD_IP", + "value": null, + "value_from": { + "config_map_key_ref": null, + "field_ref": { + "api_version": "v1", + "field_path": "status.podIP" + }, + "resource_field_ref": null, + "secret_key_ref": null + } + }, + { + "name": "HOST_IP", + "value": null, + "value_from": { + "config_map_key_ref": null, + "field_ref": { + "api_version": "v1", + "field_path": "status.hostIP" + }, + "resource_field_ref": null, + "secret_key_ref": null + } + }, + { + "name": "USE_HOST_IP_FOR_BROADCAST", + "value": "false", + "value_from": null + }, + { + "name": "RACK_NAME", + "value": "default", + "value_from": null + }, + { + "name": "PRODUCT_VERSION", + "value": "3.11.7", + "value_from": null + }, + { + "name": "PRODUCT_NAME", + "value": "cassandra", + "value_from": null + }, + { + "name": "DSE_VERSION", + "value": "3.11.7", + "value_from": null + }, + { + "name": "CONFIG_FILE_DATA", + "value": "{\"cassandra-yaml\":{\"authenticator\":\"org.apache.cassandra.auth.PasswordAuthenticator\",\"authorizer\":\"org.apache.cassandra.auth.CassandraAuthorizer\",\"role_manager\":\"org.apache.cassandra.auth.CassandraRoleManager\"},\"cluster-info\":{\"name\":\"cluster1\",\"seeds\":\"cluster1-seed-service,cluster1-test-cluster-additional-seed-service\"},\"datacenter-info\":{\"graph-enabled\":0,\"name\":\"test-cluster\",\"solr-enabled\":0,\"spark-enabled\":0},\"jvm-options\":{\"initial_heap_size\":\"800M\",\"max_heap_size\":\"800M\"}}", + "value_from": null + } + ], + "env_from": null, + "image": "datastax/cass-config-builder:1.0.4-ubi7", + "image_pull_policy": "IfNotPresent", + "lifecycle": null, + "liveness_probe": null, + "name": "server-config-init", + "ports": null, + "readiness_probe": null, + "resources": { + "claims": null, + "limits": { + "cpu": "1", + "memory": "256M" + }, + "requests": { + "cpu": "1", + "memory": "256M" + } + }, + "security_context": null, + "startup_probe": null, + "stdin": null, + "stdin_once": null, + "termination_message_path": "/dev/termination-log", + "termination_message_policy": "File", + "tty": null, + "volume_devices": null, + "volume_mounts": [ + { + "mount_path": "/config", + "mount_propagation": null, + "name": "server-config", + "read_only": null, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/var/run/secrets/kubernetes.io/serviceaccount", + "mount_propagation": null, + "name": "kube-api-access-5qwsl", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + } + ], + "working_dir": null + } + ], + "node_name": "acto-0-cluster-0-worker", + "node_selector": null, + "os": null, + "overhead": null, + "preemption_policy": "PreemptLowerPriority", + "priority": 0, + "priority_class_name": null, + "readiness_gates": null, + "resource_claims": null, + "restart_policy": "Always", + "runtime_class_name": null, + "scheduler_name": "default-scheduler", + "scheduling_gates": null, + "security_context": { + "fs_group": 999, + "fs_group_change_policy": null, + "run_as_group": 999, + "run_as_non_root": null, + "run_as_user": 999, + "se_linux_options": null, + "seccomp_profile": null, + "supplemental_groups": null, + "sysctls": null, + "windows_options": null + }, + "service_account": "default", + "service_account_name": "default", + "set_hostname_as_fqdn": null, + "share_process_namespace": null, + "subdomain": "cluster1-test-cluster-all-pods-service", + "termination_grace_period_seconds": 120, + "tolerations": [ + { + "effect": "NoExecute", + "key": "node.kubernetes.io/not-ready", + "operator": "Exists", + "toleration_seconds": 300, + "value": null + }, + { + "effect": "NoExecute", + "key": "node.kubernetes.io/unreachable", + "operator": "Exists", + "toleration_seconds": 300, + "value": null + } + ], + "topology_spread_constraints": null, + "volumes": [ + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "server-data", + "nfs": null, + "persistent_volume_claim": { + "claim_name": "server-data-cluster1-test-cluster-default-sts-1", + "read_only": null + }, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": null, + "empty_dir": { + "medium": null, + "size_limit": null + }, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "server-config", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": null, + "empty_dir": { + "medium": null, + "size_limit": null + }, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "server-logs", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "encryption-cred-storage", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": { + "default_mode": 420, + "items": null, + "optional": null, + "secret_name": "test-cluster-keystore" + }, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "kube-api-access-5qwsl", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": { + "default_mode": 420, + "sources": [ + { + "config_map": null, + "downward_api": null, + "secret": null, + "service_account_token": { + "audience": null, + "expiration_seconds": 3607, + "path": "token" + } + }, + { + "config_map": { + "items": [ + { + "key": "ca.crt", + "mode": null, + "path": "ca.crt" + } + ], + "name": "kube-root-ca.crt", + "optional": null + }, + "downward_api": null, + "secret": null, + "service_account_token": null + }, + { + "config_map": null, + "downward_api": { + "items": [ + { + "field_ref": { + "api_version": "v1", + "field_path": "metadata.namespace" + }, + "mode": null, + "path": "namespace", + "resource_field_ref": null + } + ] + }, + "secret": null, + "service_account_token": null + } + ] + }, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + } + ] + }, + "status": { + "conditions": [ + { + "last_probe_time": null, + "last_transition_time": "2024-02-26T19:33:53+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "Initialized" + }, + { + "last_probe_time": null, + "last_transition_time": "2024-02-26T19:36:14+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "Ready" + }, + { + "last_probe_time": null, + "last_transition_time": "2024-02-26T19:36:14+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "ContainersReady" + }, + { + "last_probe_time": null, + "last_transition_time": "2024-02-26T19:33:34+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "PodScheduled" + } + ], + "container_statuses": [ + { + "container_id": "containerd://e27a1c201fa1ecb46b015512bae5ba8f2be69fe6b44c7fd88f737e19adc75e21", + "image": "docker.io/k8ssandra/cass-management-api:3.11.7", + "image_id": "docker.io/library/import-2024-02-26@sha256:3c740a7979c8fdbade5e4a289fd9bd2518bddafb76c7135fff09fb049b91ec77", + "last_state": { + "running": null, + "terminated": null, + "waiting": null + }, + "name": "cassandra", + "ready": true, + "restart_count": 0, + "started": true, + "state": { + "running": { + "started_at": "2024-02-26T19:33:53+00:00" + }, + "terminated": null, + "waiting": null + } + }, + { + "container_id": "containerd://d2138e6ad02d0ba6a187f65720347f0c8bc4cb0642a0e91d5ac1ea571ecbf725", + "image": "docker.io/k8ssandra/system-logger:v1.10.3", + "image_id": "docker.io/library/import-2024-02-26@sha256:d7125862ace61780e73a267eb69aafd40aefe5f9aa4fa37c82728488d36afe34", + "last_state": { + "running": null, + "terminated": null, + "waiting": null + }, + "name": "server-system-logger", + "ready": true, + "restart_count": 0, + "started": true, + "state": { + "running": { + "started_at": "2024-02-26T19:33:54+00:00" + }, + "terminated": null, + "waiting": null + } + } + ], + "ephemeral_container_statuses": null, + "host_ip": "172.18.0.5", + "init_container_statuses": [ + { + "container_id": "containerd://fbc9b2c3d327d1ca5c482158e10098ace29b54eb27a353bd3cb9098170956407", + "image": "docker.io/datastax/cass-config-builder:1.0.4-ubi7", + "image_id": "docker.io/library/import-2024-02-26@sha256:a2fd99198174a7e97d77e9146e5bc9aa096444b5f3ca71aba30c410661f4fec1", + "last_state": { + "running": null, + "terminated": null, + "waiting": null + }, + "name": "server-config-init", + "ready": true, + "restart_count": 0, + "started": null, + "state": { + "running": null, + "terminated": { + "container_id": "containerd://fbc9b2c3d327d1ca5c482158e10098ace29b54eb27a353bd3cb9098170956407", + "exit_code": 0, + "finished_at": "2024-02-26T19:33:52+00:00", + "message": null, + "reason": "Completed", + "signal": null, + "started_at": "2024-02-26T19:33:50+00:00" + }, + "waiting": null + } + } + ], + "message": null, + "nominated_node_name": null, + "phase": "Running", + "pod_ip": "10.244.2.5", + "pod_i_ps": [ + { + "ip": "10.244.2.5" + } + ], + "qos_class": "Burstable", + "reason": null, + "start_time": "2024-02-26T19:33:34+00:00" + } + }, + "cluster1-test-cluster-default-sts-2": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:30+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": "cluster1-test-cluster-default-sts-", + "generation": null, + "labels": { + "app.kubernetes.io/instance": "cassandra-cluster1", + "app.kubernetes.io/managed-by": "cass-operator", + "app.kubernetes.io/name": "cassandra", + "app.kubernetes.io/version": "3.11.7", + "cassandra.datastax.com/cluster": "cluster1", + "cassandra.datastax.com/datacenter": "test-cluster", + "cassandra.datastax.com/node-state": "Started", + "cassandra.datastax.com/rack": "default", + "cassandra.datastax.com/seed-node": "true", + "controller-revision-hash": "cluster1-test-cluster-default-sts-5d8d5c84f4", + "statefulset.kubernetes.io/pod-name": "cluster1-test-cluster-default-sts-2" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:generateName": {}, + "f:labels": { + ".": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {}, + "f:app.kubernetes.io/version": {}, + "f:cassandra.datastax.com/cluster": {}, + "f:cassandra.datastax.com/datacenter": {}, + "f:cassandra.datastax.com/rack": {}, + "f:controller-revision-hash": {}, + "f:statefulset.kubernetes.io/pod-name": {} + }, + "f:ownerReferences": { + ".": {}, + "k:{\"uid\":\"f34321ea-cb8c-422e-8e25-043ede05be43\"}": {} + } + }, + "f:spec": { + "f:affinity": { + ".": {}, + "f:podAntiAffinity": { + ".": {}, + "f:requiredDuringSchedulingIgnoredDuringExecution": {} + } + }, + "f:containers": { + "k:{\"name\":\"cassandra\"}": { + ".": {}, + "f:env": { + ".": {}, + "k:{\"name\":\"DSE_AUTO_CONF_OFF\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"DSE_MGMT_EXPLICIT_START\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"DS_LICENSE\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"MGMT_API_EXPLICIT_START\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"USE_MGMT_API\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + } + }, + "f:image": {}, + "f:imagePullPolicy": {}, + "f:lifecycle": { + ".": {}, + "f:preStop": { + ".": {}, + "f:exec": { + ".": {}, + "f:command": {} + } + } + }, + "f:livenessProbe": { + ".": {}, + "f:failureThreshold": {}, + "f:httpGet": { + ".": {}, + "f:path": {}, + "f:port": {}, + "f:scheme": {} + }, + "f:initialDelaySeconds": {}, + "f:periodSeconds": {}, + "f:successThreshold": {}, + "f:timeoutSeconds": {} + }, + "f:name": {}, + "f:ports": { + ".": {}, + "k:{\"containerPort\":7000,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + }, + "k:{\"containerPort\":7001,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + }, + "k:{\"containerPort\":7199,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + }, + "k:{\"containerPort\":8080,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + }, + "k:{\"containerPort\":9042,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + }, + "k:{\"containerPort\":9103,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + }, + "k:{\"containerPort\":9142,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + }, + "k:{\"containerPort\":9160,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + } + }, + "f:readinessProbe": { + ".": {}, + "f:failureThreshold": {}, + "f:httpGet": { + ".": {}, + "f:path": {}, + "f:port": {}, + "f:scheme": {} + }, + "f:initialDelaySeconds": {}, + "f:periodSeconds": {}, + "f:successThreshold": {}, + "f:timeoutSeconds": {} + }, + "f:resources": {}, + "f:terminationMessagePath": {}, + "f:terminationMessagePolicy": {}, + "f:volumeMounts": { + ".": {}, + "k:{\"mountPath\":\"/config\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {} + }, + "k:{\"mountPath\":\"/etc/encryption/\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {} + }, + "k:{\"mountPath\":\"/var/lib/cassandra\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {} + }, + "k:{\"mountPath\":\"/var/log/cassandra\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {} + } + } + }, + "k:{\"name\":\"server-system-logger\"}": { + ".": {}, + "f:image": {}, + "f:imagePullPolicy": {}, + "f:name": {}, + "f:resources": { + ".": {}, + "f:limits": { + ".": {}, + "f:cpu": {}, + "f:memory": {} + }, + "f:requests": { + ".": {}, + "f:cpu": {}, + "f:memory": {} + } + }, + "f:terminationMessagePath": {}, + "f:terminationMessagePolicy": {}, + "f:volumeMounts": { + ".": {}, + "k:{\"mountPath\":\"/var/log/cassandra\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {} + } + } + } + }, + "f:dnsPolicy": {}, + "f:enableServiceLinks": {}, + "f:hostname": {}, + "f:initContainers": { + ".": {}, + "k:{\"name\":\"server-config-init\"}": { + ".": {}, + "f:env": { + ".": {}, + "k:{\"name\":\"CONFIG_FILE_DATA\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"DSE_VERSION\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"HOST_IP\"}": { + ".": {}, + "f:name": {}, + "f:valueFrom": { + ".": {}, + "f:fieldRef": {} + } + }, + "k:{\"name\":\"POD_IP\"}": { + ".": {}, + "f:name": {}, + "f:valueFrom": { + ".": {}, + "f:fieldRef": {} + } + }, + "k:{\"name\":\"PRODUCT_NAME\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"PRODUCT_VERSION\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"RACK_NAME\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"USE_HOST_IP_FOR_BROADCAST\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + } + }, + "f:image": {}, + "f:imagePullPolicy": {}, + "f:name": {}, + "f:resources": { + ".": {}, + "f:limits": { + ".": {}, + "f:cpu": {}, + "f:memory": {} + }, + "f:requests": { + ".": {}, + "f:cpu": {}, + "f:memory": {} + } + }, + "f:terminationMessagePath": {}, + "f:terminationMessagePolicy": {}, + "f:volumeMounts": { + ".": {}, + "k:{\"mountPath\":\"/config\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {} + } + } + } + }, + "f:restartPolicy": {}, + "f:schedulerName": {}, + "f:securityContext": { + ".": {}, + "f:fsGroup": {}, + "f:runAsGroup": {}, + "f:runAsUser": {} + }, + "f:serviceAccount": {}, + "f:serviceAccountName": {}, + "f:subdomain": {}, + "f:terminationGracePeriodSeconds": {}, + "f:volumes": { + ".": {}, + "k:{\"name\":\"encryption-cred-storage\"}": { + ".": {}, + "f:name": {}, + "f:secret": { + ".": {}, + "f:defaultMode": {}, + "f:secretName": {} + } + }, + "k:{\"name\":\"server-config\"}": { + ".": {}, + "f:emptyDir": {}, + "f:name": {} + }, + "k:{\"name\":\"server-data\"}": { + ".": {}, + "f:name": {}, + "f:persistentVolumeClaim": { + ".": {}, + "f:claimName": {} + } + }, + "k:{\"name\":\"server-logs\"}": { + ".": {}, + "f:emptyDir": {}, + "f:name": {} + } + } + } + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:30+00:00" + }, + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:status": { + "f:conditions": { + "k:{\"type\":\"ContainersReady\"}": { + ".": {}, + "f:lastProbeTime": {}, + "f:lastTransitionTime": {}, + "f:status": {}, + "f:type": {} + }, + "k:{\"type\":\"Initialized\"}": { + ".": {}, + "f:lastProbeTime": {}, + "f:lastTransitionTime": {}, + "f:status": {}, + "f:type": {} + }, + "k:{\"type\":\"Ready\"}": { + ".": {}, + "f:lastProbeTime": {}, + "f:lastTransitionTime": {}, + "f:status": {}, + "f:type": {} + } + }, + "f:containerStatuses": {}, + "f:hostIP": {}, + "f:initContainerStatuses": {}, + "f:phase": {}, + "f:podIP": {}, + "f:podIPs": { + ".": {}, + "k:{\"ip\":\"10.244.3.5\"}": { + ".": {}, + "f:ip": {} + } + }, + "f:startTime": {} + } + }, + "manager": "Go-http-client", + "operation": "Update", + "subresource": "status", + "time": "2024-02-26T19:35:24+00:00" + }, + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:labels": { + "f:cassandra.datastax.com/node-state": {}, + "f:cassandra.datastax.com/seed-node": {} + } + } + }, + "manager": "manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:35:24+00:00" + } + ], + "name": "cluster1-test-cluster-default-sts-2", + "namespace": "cass-operator", + "owner_references": [ + { + "api_version": "apps/v1", + "block_owner_deletion": true, + "controller": true, + "kind": "StatefulSet", + "name": "cluster1-test-cluster-default-sts", + "uid": "f34321ea-cb8c-422e-8e25-043ede05be43" + } + ], + "resource_version": "1793", + "self_link": null, + "uid": "939bdbbf-0ce4-4888-b71e-12983ba5c9aa" + }, + "spec": { + "active_deadline_seconds": null, + "affinity": { + "node_affinity": null, + "pod_affinity": null, + "pod_anti_affinity": { + "preferred_during_scheduling_ignored_during_execution": null, + "required_during_scheduling_ignored_during_execution": [ + { + "label_selector": { + "match_expressions": [ + { + "key": "cassandra.datastax.com/cluster", + "operator": "Exists", + "values": null + }, + { + "key": "cassandra.datastax.com/datacenter", + "operator": "Exists", + "values": null + }, + { + "key": "cassandra.datastax.com/rack", + "operator": "Exists", + "values": null + } + ], + "match_labels": null + }, + "namespace_selector": null, + "namespaces": null, + "topology_key": "kubernetes.io/hostname" + } + ] + } + }, + "automount_service_account_token": null, + "containers": [ + { + "args": null, + "command": null, + "env": [ + { + "name": "DS_LICENSE", + "value": "accept", + "value_from": null + }, + { + "name": "DSE_AUTO_CONF_OFF", + "value": "all", + "value_from": null + }, + { + "name": "USE_MGMT_API", + "value": "true", + "value_from": null + }, + { + "name": "MGMT_API_EXPLICIT_START", + "value": "true", + "value_from": null + }, + { + "name": "DSE_MGMT_EXPLICIT_START", + "value": "true", + "value_from": null + } + ], + "env_from": null, + "image": "k8ssandra/cass-management-api:3.11.7", + "image_pull_policy": "IfNotPresent", + "lifecycle": { + "post_start": null, + "pre_stop": { + "_exec": { + "command": [ + "wget", + "--output-document", + "/dev/null", + "--no-check-certificate", + "--post-data=''", + "http://localhost:8080/api/v0/ops/node/drain" + ] + }, + "http_get": null, + "tcp_socket": null + } + }, + "liveness_probe": { + "_exec": null, + "failure_threshold": 3, + "grpc": null, + "http_get": { + "host": null, + "http_headers": null, + "path": "/api/v0/probes/liveness", + "port": 8080, + "scheme": "HTTP" + }, + "initial_delay_seconds": 15, + "period_seconds": 15, + "success_threshold": 1, + "tcp_socket": null, + "termination_grace_period_seconds": null, + "timeout_seconds": 1 + }, + "name": "cassandra", + "ports": [ + { + "container_port": 9042, + "host_ip": null, + "host_port": null, + "name": "native", + "protocol": "TCP" + }, + { + "container_port": 9142, + "host_ip": null, + "host_port": null, + "name": "tls-native", + "protocol": "TCP" + }, + { + "container_port": 7000, + "host_ip": null, + "host_port": null, + "name": "internode", + "protocol": "TCP" + }, + { + "container_port": 7001, + "host_ip": null, + "host_port": null, + "name": "tls-internode", + "protocol": "TCP" + }, + { + "container_port": 7199, + "host_ip": null, + "host_port": null, + "name": "jmx", + "protocol": "TCP" + }, + { + "container_port": 8080, + "host_ip": null, + "host_port": null, + "name": "mgmt-api-http", + "protocol": "TCP" + }, + { + "container_port": 9103, + "host_ip": null, + "host_port": null, + "name": "prometheus", + "protocol": "TCP" + }, + { + "container_port": 9160, + "host_ip": null, + "host_port": null, + "name": "thrift", + "protocol": "TCP" + } + ], + "readiness_probe": { + "_exec": null, + "failure_threshold": 3, + "grpc": null, + "http_get": { + "host": null, + "http_headers": null, + "path": "/api/v0/probes/readiness", + "port": 8080, + "scheme": "HTTP" + }, + "initial_delay_seconds": 20, + "period_seconds": 10, + "success_threshold": 1, + "tcp_socket": null, + "termination_grace_period_seconds": null, + "timeout_seconds": 1 + }, + "resources": { + "claims": null, + "limits": null, + "requests": null + }, + "security_context": null, + "startup_probe": null, + "stdin": null, + "stdin_once": null, + "termination_message_path": "/dev/termination-log", + "termination_message_policy": "File", + "tty": null, + "volume_devices": null, + "volume_mounts": [ + { + "mount_path": "/var/log/cassandra", + "mount_propagation": null, + "name": "server-logs", + "read_only": null, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/var/lib/cassandra", + "mount_propagation": null, + "name": "server-data", + "read_only": null, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/etc/encryption/", + "mount_propagation": null, + "name": "encryption-cred-storage", + "read_only": null, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/config", + "mount_propagation": null, + "name": "server-config", + "read_only": null, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/var/run/secrets/kubernetes.io/serviceaccount", + "mount_propagation": null, + "name": "kube-api-access-7nwkq", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + } + ], + "working_dir": null + }, + { + "args": null, + "command": null, + "env": null, + "env_from": null, + "image": "k8ssandra/system-logger:v1.10.3", + "image_pull_policy": "IfNotPresent", + "lifecycle": null, + "liveness_probe": null, + "name": "server-system-logger", + "ports": null, + "readiness_probe": null, + "resources": { + "claims": null, + "limits": { + "cpu": "100m", + "memory": "64M" + }, + "requests": { + "cpu": "100m", + "memory": "64M" + } + }, + "security_context": null, + "startup_probe": null, + "stdin": null, + "stdin_once": null, + "termination_message_path": "/dev/termination-log", + "termination_message_policy": "File", + "tty": null, + "volume_devices": null, + "volume_mounts": [ + { + "mount_path": "/var/log/cassandra", + "mount_propagation": null, + "name": "server-logs", + "read_only": null, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/var/run/secrets/kubernetes.io/serviceaccount", + "mount_propagation": null, + "name": "kube-api-access-7nwkq", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + } + ], + "working_dir": null + } + ], + "dns_config": null, + "dns_policy": "ClusterFirst", + "enable_service_links": true, + "ephemeral_containers": null, + "host_aliases": null, + "host_ipc": null, + "host_network": null, + "host_pid": null, + "host_users": null, + "hostname": "cluster1-test-cluster-default-sts-2", + "image_pull_secrets": null, + "init_containers": [ + { + "args": null, + "command": null, + "env": [ + { + "name": "POD_IP", + "value": null, + "value_from": { + "config_map_key_ref": null, + "field_ref": { + "api_version": "v1", + "field_path": "status.podIP" + }, + "resource_field_ref": null, + "secret_key_ref": null + } + }, + { + "name": "HOST_IP", + "value": null, + "value_from": { + "config_map_key_ref": null, + "field_ref": { + "api_version": "v1", + "field_path": "status.hostIP" + }, + "resource_field_ref": null, + "secret_key_ref": null + } + }, + { + "name": "USE_HOST_IP_FOR_BROADCAST", + "value": "false", + "value_from": null + }, + { + "name": "RACK_NAME", + "value": "default", + "value_from": null + }, + { + "name": "PRODUCT_VERSION", + "value": "3.11.7", + "value_from": null + }, + { + "name": "PRODUCT_NAME", + "value": "cassandra", + "value_from": null + }, + { + "name": "DSE_VERSION", + "value": "3.11.7", + "value_from": null + }, + { + "name": "CONFIG_FILE_DATA", + "value": "{\"cassandra-yaml\":{\"authenticator\":\"org.apache.cassandra.auth.PasswordAuthenticator\",\"authorizer\":\"org.apache.cassandra.auth.CassandraAuthorizer\",\"role_manager\":\"org.apache.cassandra.auth.CassandraRoleManager\"},\"cluster-info\":{\"name\":\"cluster1\",\"seeds\":\"cluster1-seed-service,cluster1-test-cluster-additional-seed-service\"},\"datacenter-info\":{\"graph-enabled\":0,\"name\":\"test-cluster\",\"solr-enabled\":0,\"spark-enabled\":0},\"jvm-options\":{\"initial_heap_size\":\"800M\",\"max_heap_size\":\"800M\"}}", + "value_from": null + } + ], + "env_from": null, + "image": "datastax/cass-config-builder:1.0.4-ubi7", + "image_pull_policy": "IfNotPresent", + "lifecycle": null, + "liveness_probe": null, + "name": "server-config-init", + "ports": null, + "readiness_probe": null, + "resources": { + "claims": null, + "limits": { + "cpu": "1", + "memory": "256M" + }, + "requests": { + "cpu": "1", + "memory": "256M" + } + }, + "security_context": null, + "startup_probe": null, + "stdin": null, + "stdin_once": null, + "termination_message_path": "/dev/termination-log", + "termination_message_policy": "File", + "tty": null, + "volume_devices": null, + "volume_mounts": [ + { + "mount_path": "/config", + "mount_propagation": null, + "name": "server-config", + "read_only": null, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/var/run/secrets/kubernetes.io/serviceaccount", + "mount_propagation": null, + "name": "kube-api-access-7nwkq", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + } + ], + "working_dir": null + } + ], + "node_name": "acto-0-cluster-0-worker3", + "node_selector": null, + "os": null, + "overhead": null, + "preemption_policy": "PreemptLowerPriority", + "priority": 0, + "priority_class_name": null, + "readiness_gates": null, + "resource_claims": null, + "restart_policy": "Always", + "runtime_class_name": null, + "scheduler_name": "default-scheduler", + "scheduling_gates": null, + "security_context": { + "fs_group": 999, + "fs_group_change_policy": null, + "run_as_group": 999, + "run_as_non_root": null, + "run_as_user": 999, + "se_linux_options": null, + "seccomp_profile": null, + "supplemental_groups": null, + "sysctls": null, + "windows_options": null + }, + "service_account": "default", + "service_account_name": "default", + "set_hostname_as_fqdn": null, + "share_process_namespace": null, + "subdomain": "cluster1-test-cluster-all-pods-service", + "termination_grace_period_seconds": 120, + "tolerations": [ + { + "effect": "NoExecute", + "key": "node.kubernetes.io/not-ready", + "operator": "Exists", + "toleration_seconds": 300, + "value": null + }, + { + "effect": "NoExecute", + "key": "node.kubernetes.io/unreachable", + "operator": "Exists", + "toleration_seconds": 300, + "value": null + } + ], + "topology_spread_constraints": null, + "volumes": [ + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "server-data", + "nfs": null, + "persistent_volume_claim": { + "claim_name": "server-data-cluster1-test-cluster-default-sts-2", + "read_only": null + }, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": null, + "empty_dir": { + "medium": null, + "size_limit": null + }, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "server-config", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": null, + "empty_dir": { + "medium": null, + "size_limit": null + }, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "server-logs", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "encryption-cred-storage", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": { + "default_mode": 420, + "items": null, + "optional": null, + "secret_name": "test-cluster-keystore" + }, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "kube-api-access-7nwkq", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": { + "default_mode": 420, + "sources": [ + { + "config_map": null, + "downward_api": null, + "secret": null, + "service_account_token": { + "audience": null, + "expiration_seconds": 3607, + "path": "token" + } + }, + { + "config_map": { + "items": [ + { + "key": "ca.crt", + "mode": null, + "path": "ca.crt" + } + ], + "name": "kube-root-ca.crt", + "optional": null + }, + "downward_api": null, + "secret": null, + "service_account_token": null + }, + { + "config_map": null, + "downward_api": { + "items": [ + { + "field_ref": { + "api_version": "v1", + "field_path": "metadata.namespace" + }, + "mode": null, + "path": "namespace", + "resource_field_ref": null + } + ] + }, + "secret": null, + "service_account_token": null + } + ] + }, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + } + ] + }, + "status": { + "conditions": [ + { + "last_probe_time": null, + "last_transition_time": "2024-02-26T19:33:53+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "Initialized" + }, + { + "last_probe_time": null, + "last_transition_time": "2024-02-26T19:35:24+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "Ready" + }, + { + "last_probe_time": null, + "last_transition_time": "2024-02-26T19:35:24+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "ContainersReady" + }, + { + "last_probe_time": null, + "last_transition_time": "2024-02-26T19:33:34+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "PodScheduled" + } + ], + "container_statuses": [ + { + "container_id": "containerd://e7179b2542c9da5c579c4e790603e3c5e03996376593edaf03a3c352c35f8f43", + "image": "docker.io/k8ssandra/cass-management-api:3.11.7", + "image_id": "docker.io/library/import-2024-02-26@sha256:3c740a7979c8fdbade5e4a289fd9bd2518bddafb76c7135fff09fb049b91ec77", + "last_state": { + "running": null, + "terminated": null, + "waiting": null + }, + "name": "cassandra", + "ready": true, + "restart_count": 0, + "started": true, + "state": { + "running": { + "started_at": "2024-02-26T19:33:53+00:00" + }, + "terminated": null, + "waiting": null + } + }, + { + "container_id": "containerd://bd3f0cf4edfd75dd626a28f884a35e447f2e5d07442d11eda98bc78348f602b1", + "image": "docker.io/k8ssandra/system-logger:v1.10.3", + "image_id": "docker.io/library/import-2024-02-26@sha256:d7125862ace61780e73a267eb69aafd40aefe5f9aa4fa37c82728488d36afe34", + "last_state": { + "running": null, + "terminated": null, + "waiting": null + }, + "name": "server-system-logger", + "ready": true, + "restart_count": 0, + "started": true, + "state": { + "running": { + "started_at": "2024-02-26T19:33:54+00:00" + }, + "terminated": null, + "waiting": null + } + } + ], + "ephemeral_container_statuses": null, + "host_ip": "172.18.0.2", + "init_container_statuses": [ + { + "container_id": "containerd://edeb7ccb8c3a582f61982cbcd7f3df8496980a8744ba802cd51cf709e5e44290", + "image": "docker.io/datastax/cass-config-builder:1.0.4-ubi7", + "image_id": "docker.io/library/import-2024-02-26@sha256:a2fd99198174a7e97d77e9146e5bc9aa096444b5f3ca71aba30c410661f4fec1", + "last_state": { + "running": null, + "terminated": null, + "waiting": null + }, + "name": "server-config-init", + "ready": true, + "restart_count": 0, + "started": null, + "state": { + "running": null, + "terminated": { + "container_id": "containerd://edeb7ccb8c3a582f61982cbcd7f3df8496980a8744ba802cd51cf709e5e44290", + "exit_code": 0, + "finished_at": "2024-02-26T19:33:53+00:00", + "message": null, + "reason": "Completed", + "signal": null, + "started_at": "2024-02-26T19:33:50+00:00" + }, + "waiting": null + } + } + ], + "message": null, + "nominated_node_name": null, + "phase": "Running", + "pod_ip": "10.244.3.5", + "pod_i_ps": [ + { + "ip": "10.244.3.5" + } + ], + "qos_class": "Burstable", + "reason": null, + "start_time": "2024-02-26T19:33:34+00:00" + } + } + }, + "deployment_pods": { + "cass-operator-controller-manager": [ + { + "api_version": null, + "kind": null, + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:32:59+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": "cass-operator-controller-manager-7f9b66678b-", + "generation": null, + "labels": { + "acto/tag": "operator-pod", + "control-plane": "controller-manager", + "name": "cass-operator", + "pod-template-hash": "7f9b66678b" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:generateName": {}, + "f:labels": { + ".": {}, + "f:acto/tag": {}, + "f:control-plane": {}, + "f:name": {}, + "f:pod-template-hash": {} + }, + "f:ownerReferences": { + ".": {}, + "k:{\"uid\":\"e38b5d98-937b-4f7a-9830-ede14d9e8f42\"}": {} + } + }, + "f:spec": { + "f:containers": { + "k:{\"name\":\"manager\"}": { + ".": {}, + "f:args": {}, + "f:command": {}, + "f:env": { + ".": {}, + "k:{\"name\":\"WATCH_NAMESPACE\"}": { + ".": {}, + "f:name": {} + } + }, + "f:image": {}, + "f:imagePullPolicy": {}, + "f:livenessProbe": { + ".": {}, + "f:failureThreshold": {}, + "f:httpGet": { + ".": {}, + "f:path": {}, + "f:port": {}, + "f:scheme": {} + }, + "f:initialDelaySeconds": {}, + "f:periodSeconds": {}, + "f:successThreshold": {}, + "f:timeoutSeconds": {} + }, + "f:name": {}, + "f:ports": { + ".": {}, + "k:{\"containerPort\":9443,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + } + }, + "f:readinessProbe": { + ".": {}, + "f:failureThreshold": {}, + "f:httpGet": { + ".": {}, + "f:path": {}, + "f:port": {}, + "f:scheme": {} + }, + "f:initialDelaySeconds": {}, + "f:periodSeconds": {}, + "f:successThreshold": {}, + "f:timeoutSeconds": {} + }, + "f:resources": { + ".": {}, + "f:limits": { + ".": {}, + "f:cpu": {}, + "f:memory": {} + }, + "f:requests": { + ".": {}, + "f:cpu": {}, + "f:memory": {} + } + }, + "f:securityContext": { + ".": {}, + "f:allowPrivilegeEscalation": {} + }, + "f:terminationMessagePath": {}, + "f:terminationMessagePolicy": {}, + "f:volumeMounts": { + ".": {}, + "k:{\"mountPath\":\"/configs\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {} + }, + "k:{\"mountPath\":\"/tmp/k8s-webhook-server/serving-certs\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {}, + "f:readOnly": {} + } + } + } + }, + "f:dnsPolicy": {}, + "f:enableServiceLinks": {}, + "f:restartPolicy": {}, + "f:schedulerName": {}, + "f:securityContext": { + ".": {}, + "f:runAsNonRoot": {} + }, + "f:serviceAccount": {}, + "f:serviceAccountName": {}, + "f:terminationGracePeriodSeconds": {}, + "f:volumes": { + ".": {}, + "k:{\"name\":\"cert\"}": { + ".": {}, + "f:name": {}, + "f:secret": { + ".": {}, + "f:defaultMode": {}, + "f:secretName": {} + } + }, + "k:{\"name\":\"manager-config\"}": { + ".": {}, + "f:configMap": { + ".": {}, + "f:defaultMode": {}, + "f:name": {} + }, + "f:name": {} + } + } + } + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:32:59+00:00" + }, + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:status": { + "f:conditions": { + "k:{\"type\":\"ContainersReady\"}": { + ".": {}, + "f:lastProbeTime": {}, + "f:lastTransitionTime": {}, + "f:status": {}, + "f:type": {} + }, + "k:{\"type\":\"Initialized\"}": { + ".": {}, + "f:lastProbeTime": {}, + "f:lastTransitionTime": {}, + "f:status": {}, + "f:type": {} + }, + "k:{\"type\":\"Ready\"}": { + ".": {}, + "f:lastProbeTime": {}, + "f:lastTransitionTime": {}, + "f:status": {}, + "f:type": {} + } + }, + "f:containerStatuses": {}, + "f:hostIP": {}, + "f:phase": {}, + "f:podIP": {}, + "f:podIPs": { + ".": {}, + "k:{\"ip\":\"10.244.3.3\"}": { + ".": {}, + "f:ip": {} + } + }, + "f:startTime": {} + } + }, + "manager": "Go-http-client", + "operation": "Update", + "subresource": "status", + "time": "2024-02-26T19:33:09+00:00" + } + ], + "name": "cass-operator-controller-manager-7f9b66678b-z6j64", + "namespace": "cass-operator", + "owner_references": [ + { + "api_version": "apps/v1", + "block_owner_deletion": true, + "controller": true, + "kind": "ReplicaSet", + "name": "cass-operator-controller-manager-7f9b66678b", + "uid": "e38b5d98-937b-4f7a-9830-ede14d9e8f42" + } + ], + "resource_version": "1110", + "self_link": null, + "uid": "cb769fc5-2138-4ed6-a67a-6809b9982242" + }, + "spec": { + "active_deadline_seconds": null, + "affinity": null, + "automount_service_account_token": null, + "containers": [ + { + "args": [ + "--config=/configs/controller_manager_config.yaml" + ], + "command": [ + "/manager" + ], + "env": [ + { + "name": "WATCH_NAMESPACE", + "value": null, + "value_from": null + } + ], + "env_from": null, + "image": "k8ssandra/cass-operator:v1.10.3", + "image_pull_policy": "IfNotPresent", + "lifecycle": null, + "liveness_probe": { + "_exec": null, + "failure_threshold": 3, + "grpc": null, + "http_get": { + "host": null, + "http_headers": null, + "path": "/healthz", + "port": 8081, + "scheme": "HTTP" + }, + "initial_delay_seconds": 15, + "period_seconds": 20, + "success_threshold": 1, + "tcp_socket": null, + "termination_grace_period_seconds": null, + "timeout_seconds": 1 + }, + "name": "manager", + "ports": [ + { + "container_port": 9443, + "host_ip": null, + "host_port": null, + "name": "webhook-server", + "protocol": "TCP" + } + ], + "readiness_probe": { + "_exec": null, + "failure_threshold": 3, + "grpc": null, + "http_get": { + "host": null, + "http_headers": null, + "path": "/readyz", + "port": 8081, + "scheme": "HTTP" + }, + "initial_delay_seconds": 5, + "period_seconds": 10, + "success_threshold": 1, + "tcp_socket": null, + "termination_grace_period_seconds": null, + "timeout_seconds": 1 + }, + "resources": { + "claims": null, + "limits": { + "cpu": "200m", + "memory": "100Mi" + }, + "requests": { + "cpu": "100m", + "memory": "20Mi" + } + }, + "security_context": { + "allow_privilege_escalation": false, + "capabilities": null, + "privileged": null, + "proc_mount": null, + "read_only_root_filesystem": null, + "run_as_group": null, + "run_as_non_root": null, + "run_as_user": null, + "se_linux_options": null, + "seccomp_profile": null, + "windows_options": null + }, + "startup_probe": null, + "stdin": null, + "stdin_once": null, + "termination_message_path": "/dev/termination-log", + "termination_message_policy": "File", + "tty": null, + "volume_devices": null, + "volume_mounts": [ + { + "mount_path": "/tmp/k8s-webhook-server/serving-certs", + "mount_propagation": null, + "name": "cert", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/configs", + "mount_propagation": null, + "name": "manager-config", + "read_only": null, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/var/run/secrets/kubernetes.io/serviceaccount", + "mount_propagation": null, + "name": "kube-api-access-9c9ht", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + } + ], + "working_dir": null + } + ], + "dns_config": null, + "dns_policy": "ClusterFirst", + "enable_service_links": true, + "ephemeral_containers": null, + "host_aliases": null, + "host_ipc": null, + "host_network": null, + "host_pid": null, + "host_users": null, + "hostname": null, + "image_pull_secrets": null, + "init_containers": null, + "node_name": "acto-0-cluster-0-worker3", + "node_selector": null, + "os": null, + "overhead": null, + "preemption_policy": "PreemptLowerPriority", + "priority": 0, + "priority_class_name": null, + "readiness_gates": null, + "resource_claims": null, + "restart_policy": "Always", + "runtime_class_name": null, + "scheduler_name": "default-scheduler", + "scheduling_gates": null, + "security_context": { + "fs_group": null, + "fs_group_change_policy": null, + "run_as_group": null, + "run_as_non_root": true, + "run_as_user": null, + "se_linux_options": null, + "seccomp_profile": null, + "supplemental_groups": null, + "sysctls": null, + "windows_options": null + }, + "service_account": "cass-operator-controller-manager", + "service_account_name": "cass-operator-controller-manager", + "set_hostname_as_fqdn": null, + "share_process_namespace": null, + "subdomain": null, + "termination_grace_period_seconds": 10, + "tolerations": [ + { + "effect": "NoExecute", + "key": "node.kubernetes.io/not-ready", + "operator": "Exists", + "toleration_seconds": 300, + "value": null + }, + { + "effect": "NoExecute", + "key": "node.kubernetes.io/unreachable", + "operator": "Exists", + "toleration_seconds": 300, + "value": null + } + ], + "topology_spread_constraints": null, + "volumes": [ + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "cert", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": { + "default_mode": 420, + "items": null, + "optional": null, + "secret_name": "webhook-server-cert" + }, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": { + "default_mode": 420, + "items": null, + "name": "cass-operator-manager-config", + "optional": null + }, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "manager-config", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "kube-api-access-9c9ht", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": { + "default_mode": 420, + "sources": [ + { + "config_map": null, + "downward_api": null, + "secret": null, + "service_account_token": { + "audience": null, + "expiration_seconds": 3607, + "path": "token" + } + }, + { + "config_map": { + "items": [ + { + "key": "ca.crt", + "mode": null, + "path": "ca.crt" + } + ], + "name": "kube-root-ca.crt", + "optional": null + }, + "downward_api": null, + "secret": null, + "service_account_token": null + }, + { + "config_map": null, + "downward_api": { + "items": [ + { + "field_ref": { + "api_version": "v1", + "field_path": "metadata.namespace" + }, + "mode": null, + "path": "namespace", + "resource_field_ref": null + } + ] + }, + "secret": null, + "service_account_token": null + } + ] + }, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + } + ] + }, + "status": { + "conditions": [ + { + "last_probe_time": null, + "last_transition_time": "2024-02-26T19:32:59+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "Initialized" + }, + { + "last_probe_time": null, + "last_transition_time": "2024-02-26T19:33:09+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "Ready" + }, + { + "last_probe_time": null, + "last_transition_time": "2024-02-26T19:33:09+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "ContainersReady" + }, + { + "last_probe_time": null, + "last_transition_time": "2024-02-26T19:32:59+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "PodScheduled" + } + ], + "container_statuses": [ + { + "container_id": "containerd://22e35e1d8763c8d751ade2fb980f5ea7bbd5bf2d62396406e3dc2e5823f6a795", + "image": "docker.io/k8ssandra/cass-operator:v1.10.3", + "image_id": "docker.io/library/import-2024-02-26@sha256:f49a4c207c57d255a49829936c0742362c29e184f8ba7f103f33552cfbf52376", + "last_state": { + "running": null, + "terminated": null, + "waiting": null + }, + "name": "manager", + "ready": true, + "restart_count": 0, + "started": true, + "state": { + "running": { + "started_at": "2024-02-26T19:32:59+00:00" + }, + "terminated": null, + "waiting": null + } + } + ], + "ephemeral_container_statuses": null, + "host_ip": "172.18.0.2", + "init_container_statuses": null, + "message": null, + "nominated_node_name": null, + "phase": "Running", + "pod_ip": "10.244.3.3", + "pod_i_ps": [ + { + "ip": "10.244.3.3" + } + ], + "qos_class": "Burstable", + "reason": null, + "start_time": "2024-02-26T19:32:59+00:00" + } + } + ] + }, + "daemonset_pods": {}, + "stateful_set": { + "cluster1-test-cluster-default-sts": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": { + "cassandra.datastax.com/resource-hash": "lAD4DISuzU5/CLRvW5A/cZHk0E5jbMdJJWVB9+Ul1rE=" + }, + "creation_timestamp": "2024-02-26T19:33:30+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": 1, + "labels": { + "app.kubernetes.io/instance": "cassandra-cluster1", + "app.kubernetes.io/managed-by": "cass-operator", + "app.kubernetes.io/name": "cassandra", + "app.kubernetes.io/version": "3.11.7", + "cassandra.datastax.com/cluster": "cluster1", + "cassandra.datastax.com/datacenter": "test-cluster", + "cassandra.datastax.com/rack": "default" + }, + "managed_fields": [ + { + "api_version": "apps/v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + ".": {}, + "f:cassandra.datastax.com/resource-hash": {} + }, + "f:labels": { + ".": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {}, + "f:app.kubernetes.io/version": {}, + "f:cassandra.datastax.com/cluster": {}, + "f:cassandra.datastax.com/datacenter": {}, + "f:cassandra.datastax.com/rack": {} + }, + "f:ownerReferences": { + ".": {}, + "k:{\"uid\":\"9b81ee5e-f473-4cc4-8eba-88b9581a973d\"}": {} + } + }, + "f:spec": { + "f:podManagementPolicy": {}, + "f:replicas": {}, + "f:revisionHistoryLimit": {}, + "f:selector": {}, + "f:serviceName": {}, + "f:template": { + "f:metadata": { + "f:labels": { + ".": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {}, + "f:app.kubernetes.io/version": {}, + "f:cassandra.datastax.com/cluster": {}, + "f:cassandra.datastax.com/datacenter": {}, + "f:cassandra.datastax.com/node-state": {}, + "f:cassandra.datastax.com/rack": {} + } + }, + "f:spec": { + "f:affinity": { + ".": {}, + "f:podAntiAffinity": { + ".": {}, + "f:requiredDuringSchedulingIgnoredDuringExecution": {} + } + }, + "f:containers": { + "k:{\"name\":\"cassandra\"}": { + ".": {}, + "f:env": { + ".": {}, + "k:{\"name\":\"DSE_AUTO_CONF_OFF\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"DSE_MGMT_EXPLICIT_START\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"DS_LICENSE\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"MGMT_API_EXPLICIT_START\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"USE_MGMT_API\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + } + }, + "f:image": {}, + "f:imagePullPolicy": {}, + "f:lifecycle": { + ".": {}, + "f:preStop": { + ".": {}, + "f:exec": { + ".": {}, + "f:command": {} + } + } + }, + "f:livenessProbe": { + ".": {}, + "f:failureThreshold": {}, + "f:httpGet": { + ".": {}, + "f:path": {}, + "f:port": {}, + "f:scheme": {} + }, + "f:initialDelaySeconds": {}, + "f:periodSeconds": {}, + "f:successThreshold": {}, + "f:timeoutSeconds": {} + }, + "f:name": {}, + "f:ports": { + ".": {}, + "k:{\"containerPort\":7000,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + }, + "k:{\"containerPort\":7001,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + }, + "k:{\"containerPort\":7199,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + }, + "k:{\"containerPort\":8080,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + }, + "k:{\"containerPort\":9042,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + }, + "k:{\"containerPort\":9103,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + }, + "k:{\"containerPort\":9142,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + }, + "k:{\"containerPort\":9160,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + } + }, + "f:readinessProbe": { + ".": {}, + "f:failureThreshold": {}, + "f:httpGet": { + ".": {}, + "f:path": {}, + "f:port": {}, + "f:scheme": {} + }, + "f:initialDelaySeconds": {}, + "f:periodSeconds": {}, + "f:successThreshold": {}, + "f:timeoutSeconds": {} + }, + "f:resources": {}, + "f:terminationMessagePath": {}, + "f:terminationMessagePolicy": {}, + "f:volumeMounts": { + ".": {}, + "k:{\"mountPath\":\"/config\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {} + }, + "k:{\"mountPath\":\"/etc/encryption/\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {} + }, + "k:{\"mountPath\":\"/var/lib/cassandra\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {} + }, + "k:{\"mountPath\":\"/var/log/cassandra\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {} + } + } + }, + "k:{\"name\":\"server-system-logger\"}": { + ".": {}, + "f:image": {}, + "f:imagePullPolicy": {}, + "f:name": {}, + "f:resources": { + ".": {}, + "f:limits": { + ".": {}, + "f:cpu": {}, + "f:memory": {} + }, + "f:requests": { + ".": {}, + "f:cpu": {}, + "f:memory": {} + } + }, + "f:terminationMessagePath": {}, + "f:terminationMessagePolicy": {}, + "f:volumeMounts": { + ".": {}, + "k:{\"mountPath\":\"/var/log/cassandra\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {} + } + } + } + }, + "f:dnsPolicy": {}, + "f:initContainers": { + ".": {}, + "k:{\"name\":\"server-config-init\"}": { + ".": {}, + "f:env": { + ".": {}, + "k:{\"name\":\"CONFIG_FILE_DATA\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"DSE_VERSION\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"HOST_IP\"}": { + ".": {}, + "f:name": {}, + "f:valueFrom": { + ".": {}, + "f:fieldRef": {} + } + }, + "k:{\"name\":\"POD_IP\"}": { + ".": {}, + "f:name": {}, + "f:valueFrom": { + ".": {}, + "f:fieldRef": {} + } + }, + "k:{\"name\":\"PRODUCT_NAME\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"PRODUCT_VERSION\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"RACK_NAME\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"USE_HOST_IP_FOR_BROADCAST\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + } + }, + "f:image": {}, + "f:imagePullPolicy": {}, + "f:name": {}, + "f:resources": { + ".": {}, + "f:limits": { + ".": {}, + "f:cpu": {}, + "f:memory": {} + }, + "f:requests": { + ".": {}, + "f:cpu": {}, + "f:memory": {} + } + }, + "f:terminationMessagePath": {}, + "f:terminationMessagePolicy": {}, + "f:volumeMounts": { + ".": {}, + "k:{\"mountPath\":\"/config\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {} + } + } + } + }, + "f:restartPolicy": {}, + "f:schedulerName": {}, + "f:securityContext": { + ".": {}, + "f:fsGroup": {}, + "f:runAsGroup": {}, + "f:runAsUser": {} + }, + "f:serviceAccount": {}, + "f:serviceAccountName": {}, + "f:terminationGracePeriodSeconds": {}, + "f:volumes": { + ".": {}, + "k:{\"name\":\"encryption-cred-storage\"}": { + ".": {}, + "f:name": {}, + "f:secret": { + ".": {}, + "f:defaultMode": {}, + "f:secretName": {} + } + }, + "k:{\"name\":\"server-config\"}": { + ".": {}, + "f:emptyDir": {}, + "f:name": {} + }, + "k:{\"name\":\"server-logs\"}": { + ".": {}, + "f:emptyDir": {}, + "f:name": {} + } + } + } + }, + "f:updateStrategy": { + "f:rollingUpdate": { + ".": {}, + "f:partition": {} + }, + "f:type": {} + }, + "f:volumeClaimTemplates": {} + } + }, + "manager": "manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:30+00:00" + }, + { + "api_version": "apps/v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:status": { + "f:availableReplicas": {}, + "f:collisionCount": {}, + "f:currentReplicas": {}, + "f:currentRevision": {}, + "f:observedGeneration": {}, + "f:readyReplicas": {}, + "f:replicas": {}, + "f:updateRevision": {}, + "f:updatedReplicas": {} + } + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": "status", + "time": "2024-02-26T19:34:23+00:00" + } + ], + "name": "cluster1-test-cluster-default-sts", + "namespace": "cass-operator", + "owner_references": [ + { + "api_version": "cassandra.datastax.com/v1beta1", + "block_owner_deletion": true, + "controller": true, + "kind": "CassandraDatacenter", + "name": "test-cluster", + "uid": "9b81ee5e-f473-4cc4-8eba-88b9581a973d" + } + ], + "resource_version": "1970", + "self_link": null, + "uid": "f34321ea-cb8c-422e-8e25-043ede05be43" + }, + "spec": { + "min_ready_seconds": null, + "ordinals": null, + "persistent_volume_claim_retention_policy": null, + "pod_management_policy": "Parallel", + "replicas": 3, + "revision_history_limit": 10, + "selector": { + "match_expressions": null, + "match_labels": { + "cassandra.datastax.com/cluster": "cluster1", + "cassandra.datastax.com/datacenter": "test-cluster", + "cassandra.datastax.com/rack": "default" + } + }, + "service_name": "cluster1-test-cluster-all-pods-service", + "template": { + "metadata": { + "annotations": null, + "creation_timestamp": null, + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": { + "app.kubernetes.io/instance": "cassandra-cluster1", + "app.kubernetes.io/managed-by": "cass-operator", + "app.kubernetes.io/name": "cassandra", + "app.kubernetes.io/version": "3.11.7", + "cassandra.datastax.com/cluster": "cluster1", + "cassandra.datastax.com/datacenter": "test-cluster", + "cassandra.datastax.com/node-state": "Ready-to-Start", + "cassandra.datastax.com/rack": "default" + }, + "managed_fields": null, + "name": null, + "namespace": null, + "owner_references": null, + "resource_version": null, + "self_link": null, + "uid": null + }, + "spec": { + "active_deadline_seconds": null, + "affinity": { + "node_affinity": null, + "pod_affinity": null, + "pod_anti_affinity": { + "preferred_during_scheduling_ignored_during_execution": null, + "required_during_scheduling_ignored_during_execution": [ + { + "label_selector": { + "match_expressions": [ + { + "key": "cassandra.datastax.com/cluster", + "operator": "Exists", + "values": null + }, + { + "key": "cassandra.datastax.com/datacenter", + "operator": "Exists", + "values": null + }, + { + "key": "cassandra.datastax.com/rack", + "operator": "Exists", + "values": null + } + ], + "match_labels": null + }, + "namespace_selector": null, + "namespaces": null, + "topology_key": "kubernetes.io/hostname" + } + ] + } + }, + "automount_service_account_token": null, + "containers": [ + { + "args": null, + "command": null, + "env": [ + { + "name": "DS_LICENSE", + "value": "accept", + "value_from": null + }, + { + "name": "DSE_AUTO_CONF_OFF", + "value": "all", + "value_from": null + }, + { + "name": "USE_MGMT_API", + "value": "true", + "value_from": null + }, + { + "name": "MGMT_API_EXPLICIT_START", + "value": "true", + "value_from": null + }, + { + "name": "DSE_MGMT_EXPLICIT_START", + "value": "true", + "value_from": null + } + ], + "env_from": null, + "image": "k8ssandra/cass-management-api:3.11.7", + "image_pull_policy": "IfNotPresent", + "lifecycle": { + "post_start": null, + "pre_stop": { + "_exec": { + "command": [ + "wget", + "--output-document", + "/dev/null", + "--no-check-certificate", + "--post-data=''", + "http://localhost:8080/api/v0/ops/node/drain" + ] + }, + "http_get": null, + "tcp_socket": null + } + }, + "liveness_probe": { + "_exec": null, + "failure_threshold": 3, + "grpc": null, + "http_get": { + "host": null, + "http_headers": null, + "path": "/api/v0/probes/liveness", + "port": 8080, + "scheme": "HTTP" + }, + "initial_delay_seconds": 15, + "period_seconds": 15, + "success_threshold": 1, + "tcp_socket": null, + "termination_grace_period_seconds": null, + "timeout_seconds": 1 + }, + "name": "cassandra", + "ports": [ + { + "container_port": 9042, + "host_ip": null, + "host_port": null, + "name": "native", + "protocol": "TCP" + }, + { + "container_port": 9142, + "host_ip": null, + "host_port": null, + "name": "tls-native", + "protocol": "TCP" + }, + { + "container_port": 7000, + "host_ip": null, + "host_port": null, + "name": "internode", + "protocol": "TCP" + }, + { + "container_port": 7001, + "host_ip": null, + "host_port": null, + "name": "tls-internode", + "protocol": "TCP" + }, + { + "container_port": 7199, + "host_ip": null, + "host_port": null, + "name": "jmx", + "protocol": "TCP" + }, + { + "container_port": 8080, + "host_ip": null, + "host_port": null, + "name": "mgmt-api-http", + "protocol": "TCP" + }, + { + "container_port": 9103, + "host_ip": null, + "host_port": null, + "name": "prometheus", + "protocol": "TCP" + }, + { + "container_port": 9160, + "host_ip": null, + "host_port": null, + "name": "thrift", + "protocol": "TCP" + } + ], + "readiness_probe": { + "_exec": null, + "failure_threshold": 3, + "grpc": null, + "http_get": { + "host": null, + "http_headers": null, + "path": "/api/v0/probes/readiness", + "port": 8080, + "scheme": "HTTP" + }, + "initial_delay_seconds": 20, + "period_seconds": 10, + "success_threshold": 1, + "tcp_socket": null, + "termination_grace_period_seconds": null, + "timeout_seconds": 1 + }, + "resources": { + "claims": null, + "limits": null, + "requests": null + }, + "security_context": null, + "startup_probe": null, + "stdin": null, + "stdin_once": null, + "termination_message_path": "/dev/termination-log", + "termination_message_policy": "File", + "tty": null, + "volume_devices": null, + "volume_mounts": [ + { + "mount_path": "/var/log/cassandra", + "mount_propagation": null, + "name": "server-logs", + "read_only": null, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/var/lib/cassandra", + "mount_propagation": null, + "name": "server-data", + "read_only": null, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/etc/encryption/", + "mount_propagation": null, + "name": "encryption-cred-storage", + "read_only": null, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/config", + "mount_propagation": null, + "name": "server-config", + "read_only": null, + "sub_path": null, + "sub_path_expr": null + } + ], + "working_dir": null + }, + { + "args": null, + "command": null, + "env": null, + "env_from": null, + "image": "k8ssandra/system-logger:v1.10.3", + "image_pull_policy": "IfNotPresent", + "lifecycle": null, + "liveness_probe": null, + "name": "server-system-logger", + "ports": null, + "readiness_probe": null, + "resources": { + "claims": null, + "limits": { + "cpu": "100m", + "memory": "64M" + }, + "requests": { + "cpu": "100m", + "memory": "64M" + } + }, + "security_context": null, + "startup_probe": null, + "stdin": null, + "stdin_once": null, + "termination_message_path": "/dev/termination-log", + "termination_message_policy": "File", + "tty": null, + "volume_devices": null, + "volume_mounts": [ + { + "mount_path": "/var/log/cassandra", + "mount_propagation": null, + "name": "server-logs", + "read_only": null, + "sub_path": null, + "sub_path_expr": null + } + ], + "working_dir": null + } + ], + "dns_config": null, + "dns_policy": "ClusterFirst", + "enable_service_links": null, + "ephemeral_containers": null, + "host_aliases": null, + "host_ipc": null, + "host_network": null, + "host_pid": null, + "host_users": null, + "hostname": null, + "image_pull_secrets": null, + "init_containers": [ + { + "args": null, + "command": null, + "env": [ + { + "name": "POD_IP", + "value": null, + "value_from": { + "config_map_key_ref": null, + "field_ref": { + "api_version": "v1", + "field_path": "status.podIP" + }, + "resource_field_ref": null, + "secret_key_ref": null + } + }, + { + "name": "HOST_IP", + "value": null, + "value_from": { + "config_map_key_ref": null, + "field_ref": { + "api_version": "v1", + "field_path": "status.hostIP" + }, + "resource_field_ref": null, + "secret_key_ref": null + } + }, + { + "name": "USE_HOST_IP_FOR_BROADCAST", + "value": "false", + "value_from": null + }, + { + "name": "RACK_NAME", + "value": "default", + "value_from": null + }, + { + "name": "PRODUCT_VERSION", + "value": "3.11.7", + "value_from": null + }, + { + "name": "PRODUCT_NAME", + "value": "cassandra", + "value_from": null + }, + { + "name": "DSE_VERSION", + "value": "3.11.7", + "value_from": null + }, + { + "name": "CONFIG_FILE_DATA", + "value": "{\"cassandra-yaml\":{\"authenticator\":\"org.apache.cassandra.auth.PasswordAuthenticator\",\"authorizer\":\"org.apache.cassandra.auth.CassandraAuthorizer\",\"role_manager\":\"org.apache.cassandra.auth.CassandraRoleManager\"},\"cluster-info\":{\"name\":\"cluster1\",\"seeds\":\"cluster1-seed-service,cluster1-test-cluster-additional-seed-service\"},\"datacenter-info\":{\"graph-enabled\":0,\"name\":\"test-cluster\",\"solr-enabled\":0,\"spark-enabled\":0},\"jvm-options\":{\"initial_heap_size\":\"800M\",\"max_heap_size\":\"800M\"}}", + "value_from": null + } + ], + "env_from": null, + "image": "datastax/cass-config-builder:1.0.4-ubi7", + "image_pull_policy": "IfNotPresent", + "lifecycle": null, + "liveness_probe": null, + "name": "server-config-init", + "ports": null, + "readiness_probe": null, + "resources": { + "claims": null, + "limits": { + "cpu": "1", + "memory": "256M" + }, + "requests": { + "cpu": "1", + "memory": "256M" + } + }, + "security_context": null, + "startup_probe": null, + "stdin": null, + "stdin_once": null, + "termination_message_path": "/dev/termination-log", + "termination_message_policy": "File", + "tty": null, + "volume_devices": null, + "volume_mounts": [ + { + "mount_path": "/config", + "mount_propagation": null, + "name": "server-config", + "read_only": null, + "sub_path": null, + "sub_path_expr": null + } + ], + "working_dir": null + } + ], + "node_name": null, + "node_selector": null, + "os": null, + "overhead": null, + "preemption_policy": null, + "priority": null, + "priority_class_name": null, + "readiness_gates": null, + "resource_claims": null, + "restart_policy": "Always", + "runtime_class_name": null, + "scheduler_name": "default-scheduler", + "scheduling_gates": null, + "security_context": { + "fs_group": 999, + "fs_group_change_policy": null, + "run_as_group": 999, + "run_as_non_root": null, + "run_as_user": 999, + "se_linux_options": null, + "seccomp_profile": null, + "supplemental_groups": null, + "sysctls": null, + "windows_options": null + }, + "service_account": "default", + "service_account_name": "default", + "set_hostname_as_fqdn": null, + "share_process_namespace": null, + "subdomain": null, + "termination_grace_period_seconds": 120, + "tolerations": null, + "topology_spread_constraints": null, + "volumes": [ + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": null, + "empty_dir": { + "medium": null, + "size_limit": null + }, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "server-config", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": null, + "empty_dir": { + "medium": null, + "size_limit": null + }, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "server-logs", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "encryption-cred-storage", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": { + "default_mode": 420, + "items": null, + "optional": null, + "secret_name": "test-cluster-keystore" + }, + "storageos": null, + "vsphere_volume": null + } + ] + } + }, + "update_strategy": { + "rolling_update": { + "max_unavailable": null, + "partition": 0 + }, + "type": "RollingUpdate" + }, + "volume_claim_templates": [ + { + "api_version": "v1", + "kind": "PersistentVolumeClaim", + "metadata": { + "annotations": null, + "creation_timestamp": null, + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": { + "app.kubernetes.io/instance": "cassandra-cluster1", + "app.kubernetes.io/managed-by": "cass-operator", + "app.kubernetes.io/name": "cassandra", + "app.kubernetes.io/version": "3.11.7", + "cassandra.datastax.com/cluster": "cluster1", + "cassandra.datastax.com/datacenter": "test-cluster", + "cassandra.datastax.com/rack": "default" + }, + "managed_fields": null, + "name": "server-data", + "namespace": null, + "owner_references": null, + "resource_version": null, + "self_link": null, + "uid": null + }, + "spec": { + "access_modes": [ + "ReadWriteOnce" + ], + "data_source": null, + "data_source_ref": null, + "resources": { + "claims": null, + "limits": null, + "requests": { + "storage": "3Gi" + } + }, + "selector": null, + "storage_class_name": "server-storage", + "volume_mode": "Filesystem", + "volume_name": null + }, + "status": { + "access_modes": null, + "allocated_resources": null, + "capacity": null, + "conditions": null, + "phase": "Pending", + "resize_status": null + } + } + ] + }, + "status": { + "available_replicas": 3, + "collision_count": 0, + "conditions": null, + "current_replicas": 3, + "current_revision": "cluster1-test-cluster-default-sts-5d8d5c84f4", + "observed_generation": 1, + "ready_replicas": 3, + "replicas": 3, + "update_revision": "cluster1-test-cluster-default-sts-5d8d5c84f4", + "updated_replicas": 3 + } + } + }, + "deployment": { + "cass-operator-controller-manager": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": { + "deployment.kubernetes.io/revision": "2" + }, + "creation_timestamp": "2024-02-26T19:32:48+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": 2, + "labels": { + "acto/tag": "operator-deployment", + "control-plane": "controller-manager" + }, + "managed_fields": [ + { + "api_version": "apps/v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:labels": { + "f:control-plane": {} + } + }, + "f:spec": { + "f:replicas": {}, + "f:selector": {}, + "f:template": { + "f:metadata": { + "f:labels": { + "f:control-plane": {}, + "f:name": {} + } + }, + "f:spec": { + "f:containers": { + "k:{\"name\":\"manager\"}": { + ".": {}, + "f:args": {}, + "f:command": {}, + "f:env": { + "k:{\"name\":\"WATCH_NAMESPACE\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + } + }, + "f:image": {}, + "f:imagePullPolicy": {}, + "f:livenessProbe": { + "f:httpGet": { + "f:path": {}, + "f:port": {} + }, + "f:initialDelaySeconds": {}, + "f:periodSeconds": {} + }, + "f:name": {}, + "f:ports": { + "k:{\"containerPort\":9443,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + } + }, + "f:readinessProbe": { + "f:httpGet": { + "f:path": {}, + "f:port": {} + }, + "f:initialDelaySeconds": {}, + "f:periodSeconds": {} + }, + "f:resources": { + "f:limits": { + "f:cpu": {}, + "f:memory": {} + }, + "f:requests": { + "f:cpu": {}, + "f:memory": {} + } + }, + "f:securityContext": { + "f:allowPrivilegeEscalation": {} + }, + "f:volumeMounts": { + "k:{\"mountPath\":\"/configs\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {} + }, + "k:{\"mountPath\":\"/tmp/k8s-webhook-server/serving-certs\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {}, + "f:readOnly": {} + } + } + } + }, + "f:securityContext": { + "f:runAsNonRoot": {} + }, + "f:serviceAccountName": {}, + "f:terminationGracePeriodSeconds": {}, + "f:volumes": { + "k:{\"name\":\"cert\"}": { + ".": {}, + "f:name": {}, + "f:secret": { + "f:defaultMode": {}, + "f:secretName": {} + } + }, + "k:{\"name\":\"manager-config\"}": { + ".": {}, + "f:configMap": { + "f:name": {} + }, + "f:name": {} + } + } + } + } + } + }, + "manager": "kubectl", + "operation": "Apply", + "subresource": null, + "time": "2024-02-26T19:32:48+00:00" + }, + { + "api_version": "apps/v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:labels": { + "f:acto/tag": {} + } + }, + "f:spec": { + "f:template": { + "f:metadata": { + "f:labels": { + "f:acto/tag": {} + } + } + } + } + }, + "manager": "OpenAPI-Generator", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:32:59+00:00" + }, + { + "api_version": "apps/v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + ".": {}, + "f:deployment.kubernetes.io/revision": {} + } + }, + "f:status": { + "f:availableReplicas": {}, + "f:conditions": { + ".": {}, + "k:{\"type\":\"Available\"}": { + ".": {}, + "f:lastTransitionTime": {}, + "f:lastUpdateTime": {}, + "f:message": {}, + "f:reason": {}, + "f:status": {}, + "f:type": {} + }, + "k:{\"type\":\"Progressing\"}": { + ".": {}, + "f:lastTransitionTime": {}, + "f:lastUpdateTime": {}, + "f:message": {}, + "f:reason": {}, + "f:status": {}, + "f:type": {} + } + }, + "f:observedGeneration": {}, + "f:readyReplicas": {}, + "f:replicas": {}, + "f:updatedReplicas": {} + } + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": "status", + "time": "2024-02-26T19:33:09+00:00" + } + ], + "name": "cass-operator-controller-manager", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1124", + "self_link": null, + "uid": "df3d20c7-d213-4071-8f88-541e84b55bd6" + }, + "spec": { + "min_ready_seconds": null, + "paused": null, + "progress_deadline_seconds": 600, + "replicas": 1, + "revision_history_limit": 10, + "selector": { + "match_expressions": null, + "match_labels": { + "control-plane": "controller-manager", + "name": "cass-operator" + } + }, + "strategy": { + "rolling_update": { + "max_surge": "25%", + "max_unavailable": "25%" + }, + "type": "RollingUpdate" + }, + "template": { + "metadata": { + "annotations": null, + "creation_timestamp": null, + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": { + "acto/tag": "operator-pod", + "control-plane": "controller-manager", + "name": "cass-operator" + }, + "managed_fields": null, + "name": null, + "namespace": null, + "owner_references": null, + "resource_version": null, + "self_link": null, + "uid": null + }, + "spec": { + "active_deadline_seconds": null, + "affinity": null, + "automount_service_account_token": null, + "containers": [ + { + "args": [ + "--config=/configs/controller_manager_config.yaml" + ], + "command": [ + "/manager" + ], + "env": [ + { + "name": "WATCH_NAMESPACE", + "value": null, + "value_from": null + } + ], + "env_from": null, + "image": "k8ssandra/cass-operator:v1.10.3", + "image_pull_policy": "IfNotPresent", + "lifecycle": null, + "liveness_probe": { + "_exec": null, + "failure_threshold": 3, + "grpc": null, + "http_get": { + "host": null, + "http_headers": null, + "path": "/healthz", + "port": 8081, + "scheme": "HTTP" + }, + "initial_delay_seconds": 15, + "period_seconds": 20, + "success_threshold": 1, + "tcp_socket": null, + "termination_grace_period_seconds": null, + "timeout_seconds": 1 + }, + "name": "manager", + "ports": [ + { + "container_port": 9443, + "host_ip": null, + "host_port": null, + "name": "webhook-server", + "protocol": "TCP" + } + ], + "readiness_probe": { + "_exec": null, + "failure_threshold": 3, + "grpc": null, + "http_get": { + "host": null, + "http_headers": null, + "path": "/readyz", + "port": 8081, + "scheme": "HTTP" + }, + "initial_delay_seconds": 5, + "period_seconds": 10, + "success_threshold": 1, + "tcp_socket": null, + "termination_grace_period_seconds": null, + "timeout_seconds": 1 + }, + "resources": { + "claims": null, + "limits": { + "cpu": "200m", + "memory": "100Mi" + }, + "requests": { + "cpu": "100m", + "memory": "20Mi" + } + }, + "security_context": { + "allow_privilege_escalation": false, + "capabilities": null, + "privileged": null, + "proc_mount": null, + "read_only_root_filesystem": null, + "run_as_group": null, + "run_as_non_root": null, + "run_as_user": null, + "se_linux_options": null, + "seccomp_profile": null, + "windows_options": null + }, + "startup_probe": null, + "stdin": null, + "stdin_once": null, + "termination_message_path": "/dev/termination-log", + "termination_message_policy": "File", + "tty": null, + "volume_devices": null, + "volume_mounts": [ + { + "mount_path": "/tmp/k8s-webhook-server/serving-certs", + "mount_propagation": null, + "name": "cert", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/configs", + "mount_propagation": null, + "name": "manager-config", + "read_only": null, + "sub_path": null, + "sub_path_expr": null + } + ], + "working_dir": null + } + ], + "dns_config": null, + "dns_policy": "ClusterFirst", + "enable_service_links": null, + "ephemeral_containers": null, + "host_aliases": null, + "host_ipc": null, + "host_network": null, + "host_pid": null, + "host_users": null, + "hostname": null, + "image_pull_secrets": null, + "init_containers": null, + "node_name": null, + "node_selector": null, + "os": null, + "overhead": null, + "preemption_policy": null, + "priority": null, + "priority_class_name": null, + "readiness_gates": null, + "resource_claims": null, + "restart_policy": "Always", + "runtime_class_name": null, + "scheduler_name": "default-scheduler", + "scheduling_gates": null, + "security_context": { + "fs_group": null, + "fs_group_change_policy": null, + "run_as_group": null, + "run_as_non_root": true, + "run_as_user": null, + "se_linux_options": null, + "seccomp_profile": null, + "supplemental_groups": null, + "sysctls": null, + "windows_options": null + }, + "service_account": "cass-operator-controller-manager", + "service_account_name": "cass-operator-controller-manager", + "set_hostname_as_fqdn": null, + "share_process_namespace": null, + "subdomain": null, + "termination_grace_period_seconds": 10, + "tolerations": null, + "topology_spread_constraints": null, + "volumes": [ + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "cert", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": { + "default_mode": 420, + "items": null, + "optional": null, + "secret_name": "webhook-server-cert" + }, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": { + "default_mode": 420, + "items": null, + "name": "cass-operator-manager-config", + "optional": null + }, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "manager-config", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + } + ] + } + } + }, + "status": { + "available_replicas": 1, + "collision_count": null, + "conditions": [ + { + "last_transition_time": "2024-02-26T19:32:59+00:00", + "last_update_time": "2024-02-26T19:32:59+00:00", + "message": "Deployment has minimum availability.", + "reason": "MinimumReplicasAvailable", + "status": "True", + "type": "Available" + }, + { + "last_transition_time": "2024-02-26T19:32:48+00:00", + "last_update_time": "2024-02-26T19:33:09+00:00", + "message": "ReplicaSet \"cass-operator-controller-manager-7f9b66678b\" has successfully progressed.", + "reason": "NewReplicaSetAvailable", + "status": "True", + "type": "Progressing" + } + ], + "observed_generation": 2, + "ready_replicas": 1, + "replicas": 1, + "unavailable_replicas": null, + "updated_replicas": 1 + } + } + }, + "daemon_set": {}, + "config_map": { + "b569adb7.cassandra.datastax.com": { + "api_version": null, + "binary_data": null, + "data": null, + "immutable": null, + "kind": null, + "metadata": { + "annotations": { + "control-plane.alpha.kubernetes.io/leader": "{\"holderIdentity\":\"cass-operator-controller-manager-7f9b66678b-z6j64_6c9b4450-3b5f-46e2-b713-650dfa0b8f7f\",\"leaseDurationSeconds\":15,\"acquireTime\":\"2024-02-26T19:33:24Z\",\"renewTime\":\"2024-02-26T19:37:13Z\",\"leaderTransitions\":1}" + }, + "creation_timestamp": "2024-02-26T19:32:50+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + ".": {}, + "f:control-plane.alpha.kubernetes.io/leader": {} + } + } + }, + "manager": "manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:32:50+00:00" + } + ], + "name": "b569adb7.cassandra.datastax.com", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "2192", + "self_link": null, + "uid": "addfb43f-462e-43d9-8c36-adfb859f3c69" + } + }, + "cass-operator-manager-config": { + "api_version": null, + "binary_data": null, + "data": { + "controller_manager_config.yaml": "apiVersion: config.k8ssandra.io/v1beta1\nkind: OperatorConfig\nmetadata:\n name: operator-config\nhealth:\n healthProbeBindAddress: :8081\nmetrics:\n bindAddress: 127.0.0.1:8080\nwebhook:\n port: 9443\nleaderElection:\n leaderElect: true\n resourceName: b569adb7.cassandra.datastax.com\ndisableWebhooks: false\nimageConfigFile: /configs/image_config.yaml\n", + "image_config.yaml": "apiVersion: config.k8ssandra.io/v1beta1\nkind: ImageConfig\nmetadata:\n name: image-config\nimages:\n system-logger: \"k8ssandra/system-logger:v1.10.3\"\n config-builder: \"datastax/cass-config-builder:1.0.4-ubi7\"\n # cassandra:\n # \"4.0.0\": \"k8ssandra/cassandra-ubi:latest\"\n # dse:\n # \"6.8.999\": \"datastax/dse-server-prototype:latest\"\n# imageRegistry: \"localhost:5000\"\n# imagePullPolicy: IfNotPresent\n# imagePullSecret:\n# name: my-secret-pull-registry\ndefaults:\n # Note, postfix is ignored if repository is not set\n cassandra:\n repository: \"k8ssandra/cass-management-api\"\n dse:\n repository: \"datastax/dse-server\"\n suffix: \"-ubi7\"\n" + }, + "immutable": null, + "kind": null, + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:32:48+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:data": { + "f:controller_manager_config.yaml": {}, + "f:image_config.yaml": {} + } + }, + "manager": "kubectl", + "operation": "Apply", + "subresource": null, + "time": "2024-02-26T19:32:48+00:00" + } + ], + "name": "cass-operator-manager-config", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "961", + "self_link": null, + "uid": "73e2ba7c-3170-4578-a873-ada31f5f89bd" + } + }, + "kube-root-ca.crt": { + "api_version": null, + "binary_data": null, + "data": { + "ca.crt": "-----BEGIN CERTIFICATE-----\nMIIC/jCCAeagAwIBAgIBADANBgkqhkiG9w0BAQsFADAVMRMwEQYDVQQDEwprdWJl\ncm5ldGVzMB4XDTI0MDIyNjE5MzEyNVoXDTM0MDIyMzE5MzEyNVowFTETMBEGA1UE\nAxMKa3ViZXJuZXRlczCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMmH\nFaWb2Wjn7HoSYrErkc76xYf8Iz5XjB4005cdOSVc8bovTzFpQwmV7B09zUpq6nOq\nTNk86Zfrth8KyS1crMrlNhOkOZYeGPT2L8NMO9V/XrgaRv8cEWZjeMRpWlNdwVtJ\nrK+CQF/e4vMbv17zjT5DeSXJtYpY87TWY69RH4cJFnD93Y1BUSfPbSbtaAXLdH03\nPVTtFWm6H8NFzf+bw1hN1W+62DOWjZ7YbR3aJqyyle26Qz35VocYnRo705lZKPwO\nt5XnwmnIE6sMwngJutGipU8/v/OG8SsvoOgfLU8sSeuatXV6q/UzvAv0x0X7b6BH\nvEPkLge3JISAylxOu+0CAwEAAaNZMFcwDgYDVR0PAQH/BAQDAgKkMA8GA1UdEwEB\n/wQFMAMBAf8wHQYDVR0OBBYEFBn5yq8hFn3wVwtApoqJ9eQF1zPpMBUGA1UdEQQO\nMAyCCmt1YmVybmV0ZXMwDQYJKoZIhvcNAQELBQADggEBABrIGLIeWKkQrHtRF/lJ\nUqLBDKSkOOdHlAXfYJNM3LgYEoNBV1hvt5Pte95QKpflyLBEqiaIeq1Qpw4OfH3x\nj1xsNULGk6Xjce8/UpG4xSfsJ7xntFzg22pEZKuAF1FGOOfZh5orla6UHk8Bg5+b\nXZeJzUGJSKfjVhlxf72udWFzvJdcG/sEUkvyX5Mlrph8tUyOpY/6LRAmDBrfokBk\nEA8DQjsL0IaIOoHP2eMVqIws8Biyptn6q047jjayTjn2ITN3Cd2yj9qGwlBaO6rE\nrtqStZSE+M7MNHsY4ha/Jgarg3VzafqRXCA2QVuc8iqke0v1ntnOzZz2RUmLY5UA\nGyM=\n-----END CERTIFICATE-----\n" + }, + "immutable": null, + "kind": null, + "metadata": { + "annotations": { + "kubernetes.io/description": "Contains a CA bundle that can be used to verify the kube-apiserver when using internal endpoints such as the internal service IP or kubernetes.default.svc. No other usage is guaranteed across distributions of Kubernetes clusters." + }, + "creation_timestamp": "2024-02-26T19:32:27+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:data": { + ".": {}, + "f:ca.crt": {} + }, + "f:metadata": { + "f:annotations": { + ".": {}, + "f:kubernetes.io/description": {} + } + } + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:32:27+00:00" + } + ], + "name": "kube-root-ca.crt", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "736", + "self_link": null, + "uid": "1d6934a6-c272-4b0d-971b-7b0d46c820f2" + } + } + }, + "service": { + "cass-operator-webhook-service": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:32:48+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:spec": { + "f:ports": { + "k:{\"port\":443,\"protocol\":\"TCP\"}": { + ".": {}, + "f:port": {}, + "f:targetPort": {} + } + }, + "f:selector": {} + } + }, + "manager": "kubectl", + "operation": "Apply", + "subresource": null, + "time": "2024-02-26T19:32:48+00:00" + } + ], + "name": "cass-operator-webhook-service", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "963", + "self_link": null, + "uid": "beeeef70-d867-461d-a10a-75213fde5788" + }, + "spec": { + "allocate_load_balancer_node_ports": null, + "cluster_ip": "10.96.2.224", + "cluster_i_ps": [ + "10.96.2.224" + ], + "external_i_ps": null, + "external_name": null, + "external_traffic_policy": null, + "health_check_node_port": null, + "internal_traffic_policy": "Cluster", + "ip_families": [ + "IPv4" + ], + "ip_family_policy": "SingleStack", + "load_balancer_class": null, + "load_balancer_ip": null, + "load_balancer_source_ranges": null, + "ports": [ + { + "app_protocol": null, + "name": null, + "node_port": null, + "port": 443, + "protocol": "TCP", + "target_port": 9443 + } + ], + "publish_not_ready_addresses": null, + "selector": { + "control-plane": "controller-manager" + }, + "session_affinity": "None", + "session_affinity_config": null, + "type": "ClusterIP" + }, + "status": { + "conditions": null, + "load_balancer": { + "ingress": null + } + } + }, + "cluster1-seed-service": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": { + "cassandra.datastax.com/resource-hash": "1uQq3KjBiQ6WSYWu9LR5c1HXTd2WMvTi7kggXePHlks=" + }, + "creation_timestamp": "2024-02-26T19:33:30+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": { + "app.kubernetes.io/instance": "cassandra-cluster1", + "app.kubernetes.io/managed-by": "cass-operator", + "app.kubernetes.io/name": "cassandra", + "app.kubernetes.io/version": "3.11.7", + "cassandra.datastax.com/cluster": "cluster1" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + ".": {}, + "f:cassandra.datastax.com/resource-hash": {} + }, + "f:labels": { + ".": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {}, + "f:app.kubernetes.io/version": {}, + "f:cassandra.datastax.com/cluster": {} + }, + "f:ownerReferences": { + ".": {}, + "k:{\"uid\":\"9b81ee5e-f473-4cc4-8eba-88b9581a973d\"}": {} + } + }, + "f:spec": { + "f:clusterIP": {}, + "f:internalTrafficPolicy": {}, + "f:publishNotReadyAddresses": {}, + "f:selector": {}, + "f:sessionAffinity": {}, + "f:type": {} + } + }, + "manager": "manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:30+00:00" + } + ], + "name": "cluster1-seed-service", + "namespace": "cass-operator", + "owner_references": [ + { + "api_version": "cassandra.datastax.com/v1beta1", + "block_owner_deletion": true, + "controller": true, + "kind": "CassandraDatacenter", + "name": "test-cluster", + "uid": "9b81ee5e-f473-4cc4-8eba-88b9581a973d" + } + ], + "resource_version": "1191", + "self_link": null, + "uid": "00b0d2fa-310d-439b-b427-39b249a2177b" + }, + "spec": { + "allocate_load_balancer_node_ports": null, + "cluster_ip": "None", + "cluster_i_ps": [ + "None" + ], + "external_i_ps": null, + "external_name": null, + "external_traffic_policy": null, + "health_check_node_port": null, + "internal_traffic_policy": "Cluster", + "ip_families": [ + "IPv4" + ], + "ip_family_policy": "SingleStack", + "load_balancer_class": null, + "load_balancer_ip": null, + "load_balancer_source_ranges": null, + "ports": null, + "publish_not_ready_addresses": true, + "selector": { + "cassandra.datastax.com/cluster": "cluster1", + "cassandra.datastax.com/seed-node": "true" + }, + "session_affinity": "None", + "session_affinity_config": null, + "type": "ClusterIP" + }, + "status": { + "conditions": null, + "load_balancer": { + "ingress": null + } + } + }, + "cluster1-test-cluster-additional-seed-service": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": { + "cassandra.datastax.com/resource-hash": "08fmY5i8j4N9Ih3XJefcPdJzIhMSZRLxdHMt09popds=" + }, + "creation_timestamp": "2024-02-26T19:33:30+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": { + "app.kubernetes.io/instance": "cassandra-cluster1", + "app.kubernetes.io/managed-by": "cass-operator", + "app.kubernetes.io/name": "cassandra", + "app.kubernetes.io/version": "3.11.7", + "cassandra.datastax.com/cluster": "cluster1", + "cassandra.datastax.com/datacenter": "test-cluster" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + ".": {}, + "f:cassandra.datastax.com/resource-hash": {} + }, + "f:labels": { + ".": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {}, + "f:app.kubernetes.io/version": {}, + "f:cassandra.datastax.com/cluster": {}, + "f:cassandra.datastax.com/datacenter": {} + }, + "f:ownerReferences": { + ".": {}, + "k:{\"uid\":\"9b81ee5e-f473-4cc4-8eba-88b9581a973d\"}": {} + } + }, + "f:spec": { + "f:clusterIP": {}, + "f:internalTrafficPolicy": {}, + "f:publishNotReadyAddresses": {}, + "f:sessionAffinity": {}, + "f:type": {} + } + }, + "manager": "manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:30+00:00" + } + ], + "name": "cluster1-test-cluster-additional-seed-service", + "namespace": "cass-operator", + "owner_references": [ + { + "api_version": "cassandra.datastax.com/v1beta1", + "block_owner_deletion": true, + "controller": true, + "kind": "CassandraDatacenter", + "name": "test-cluster", + "uid": "9b81ee5e-f473-4cc4-8eba-88b9581a973d" + } + ], + "resource_version": "1197", + "self_link": null, + "uid": "13e486e8-b4af-4e5d-8069-8627f88868ea" + }, + "spec": { + "allocate_load_balancer_node_ports": null, + "cluster_ip": "None", + "cluster_i_ps": [ + "None" + ], + "external_i_ps": null, + "external_name": null, + "external_traffic_policy": null, + "health_check_node_port": null, + "internal_traffic_policy": "Cluster", + "ip_families": [ + "IPv4", + "IPv6" + ], + "ip_family_policy": "RequireDualStack", + "load_balancer_class": null, + "load_balancer_ip": null, + "load_balancer_source_ranges": null, + "ports": null, + "publish_not_ready_addresses": true, + "selector": null, + "session_affinity": "None", + "session_affinity_config": null, + "type": "ClusterIP" + }, + "status": { + "conditions": null, + "load_balancer": { + "ingress": null + } + } + }, + "cluster1-test-cluster-all-pods-service": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": { + "cassandra.datastax.com/resource-hash": "KfxzJFWkJsi0aVju584rMKEgw1NQw25q/4PPXeWb4mw=" + }, + "creation_timestamp": "2024-02-26T19:33:30+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": { + "app.kubernetes.io/instance": "cassandra-cluster1", + "app.kubernetes.io/managed-by": "cass-operator", + "app.kubernetes.io/name": "cassandra", + "app.kubernetes.io/version": "3.11.7", + "cassandra.datastax.com/cluster": "cluster1", + "cassandra.datastax.com/datacenter": "test-cluster", + "cassandra.datastax.com/prom-metrics": "true" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + ".": {}, + "f:cassandra.datastax.com/resource-hash": {} + }, + "f:labels": { + ".": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {}, + "f:app.kubernetes.io/version": {}, + "f:cassandra.datastax.com/cluster": {}, + "f:cassandra.datastax.com/datacenter": {}, + "f:cassandra.datastax.com/prom-metrics": {} + }, + "f:ownerReferences": { + ".": {}, + "k:{\"uid\":\"9b81ee5e-f473-4cc4-8eba-88b9581a973d\"}": {} + } + }, + "f:spec": { + "f:clusterIP": {}, + "f:internalTrafficPolicy": {}, + "f:ports": { + ".": {}, + "k:{\"port\":8080,\"protocol\":\"TCP\"}": { + ".": {}, + "f:name": {}, + "f:port": {}, + "f:protocol": {}, + "f:targetPort": {} + }, + "k:{\"port\":9042,\"protocol\":\"TCP\"}": { + ".": {}, + "f:name": {}, + "f:port": {}, + "f:protocol": {}, + "f:targetPort": {} + }, + "k:{\"port\":9103,\"protocol\":\"TCP\"}": { + ".": {}, + "f:name": {}, + "f:port": {}, + "f:protocol": {}, + "f:targetPort": {} + } + }, + "f:publishNotReadyAddresses": {}, + "f:selector": {}, + "f:sessionAffinity": {}, + "f:type": {} + } + }, + "manager": "manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:30+00:00" + } + ], + "name": "cluster1-test-cluster-all-pods-service", + "namespace": "cass-operator", + "owner_references": [ + { + "api_version": "cassandra.datastax.com/v1beta1", + "block_owner_deletion": true, + "controller": true, + "kind": "CassandraDatacenter", + "name": "test-cluster", + "uid": "9b81ee5e-f473-4cc4-8eba-88b9581a973d" + } + ], + "resource_version": "1193", + "self_link": null, + "uid": "358ff370-5a9c-409a-8ad4-6cb19ee410a9" + }, + "spec": { + "allocate_load_balancer_node_ports": null, + "cluster_ip": "None", + "cluster_i_ps": [ + "None" + ], + "external_i_ps": null, + "external_name": null, + "external_traffic_policy": null, + "health_check_node_port": null, + "internal_traffic_policy": "Cluster", + "ip_families": [ + "IPv4" + ], + "ip_family_policy": "SingleStack", + "load_balancer_class": null, + "load_balancer_ip": null, + "load_balancer_source_ranges": null, + "ports": [ + { + "app_protocol": null, + "name": "native", + "node_port": null, + "port": 9042, + "protocol": "TCP", + "target_port": 9042 + }, + { + "app_protocol": null, + "name": "mgmt-api", + "node_port": null, + "port": 8080, + "protocol": "TCP", + "target_port": 8080 + }, + { + "app_protocol": null, + "name": "prometheus", + "node_port": null, + "port": 9103, + "protocol": "TCP", + "target_port": 9103 + } + ], + "publish_not_ready_addresses": true, + "selector": { + "cassandra.datastax.com/cluster": "cluster1", + "cassandra.datastax.com/datacenter": "test-cluster" + }, + "session_affinity": "None", + "session_affinity_config": null, + "type": "ClusterIP" + }, + "status": { + "conditions": null, + "load_balancer": { + "ingress": null + } + } + }, + "cluster1-test-cluster-service": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": { + "cassandra.datastax.com/resource-hash": "veMcfmIxEezVk0s29xOumZv+nuuRE+2udQuOxKrwNAs=" + }, + "creation_timestamp": "2024-02-26T19:33:30+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": { + "app.kubernetes.io/instance": "cassandra-cluster1", + "app.kubernetes.io/managed-by": "cass-operator", + "app.kubernetes.io/name": "cassandra", + "app.kubernetes.io/version": "3.11.7", + "cassandra.datastax.com/cluster": "cluster1", + "cassandra.datastax.com/datacenter": "test-cluster" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + ".": {}, + "f:cassandra.datastax.com/resource-hash": {} + }, + "f:labels": { + ".": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {}, + "f:app.kubernetes.io/version": {}, + "f:cassandra.datastax.com/cluster": {}, + "f:cassandra.datastax.com/datacenter": {} + }, + "f:ownerReferences": { + ".": {}, + "k:{\"uid\":\"9b81ee5e-f473-4cc4-8eba-88b9581a973d\"}": {} + } + }, + "f:spec": { + "f:clusterIP": {}, + "f:internalTrafficPolicy": {}, + "f:ports": { + ".": {}, + "k:{\"port\":8080,\"protocol\":\"TCP\"}": { + ".": {}, + "f:name": {}, + "f:port": {}, + "f:protocol": {}, + "f:targetPort": {} + }, + "k:{\"port\":9042,\"protocol\":\"TCP\"}": { + ".": {}, + "f:name": {}, + "f:port": {}, + "f:protocol": {}, + "f:targetPort": {} + }, + "k:{\"port\":9103,\"protocol\":\"TCP\"}": { + ".": {}, + "f:name": {}, + "f:port": {}, + "f:protocol": {}, + "f:targetPort": {} + }, + "k:{\"port\":9142,\"protocol\":\"TCP\"}": { + ".": {}, + "f:name": {}, + "f:port": {}, + "f:protocol": {}, + "f:targetPort": {} + }, + "k:{\"port\":9160,\"protocol\":\"TCP\"}": { + ".": {}, + "f:name": {}, + "f:port": {}, + "f:protocol": {}, + "f:targetPort": {} + } + }, + "f:selector": {}, + "f:sessionAffinity": {}, + "f:type": {} + } + }, + "manager": "manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:30+00:00" + } + ], + "name": "cluster1-test-cluster-service", + "namespace": "cass-operator", + "owner_references": [ + { + "api_version": "cassandra.datastax.com/v1beta1", + "block_owner_deletion": true, + "controller": true, + "kind": "CassandraDatacenter", + "name": "test-cluster", + "uid": "9b81ee5e-f473-4cc4-8eba-88b9581a973d" + } + ], + "resource_version": "1190", + "self_link": null, + "uid": "f7afd0c2-64c1-442a-88c2-f903a0e22824" + }, + "spec": { + "allocate_load_balancer_node_ports": null, + "cluster_ip": "None", + "cluster_i_ps": [ + "None" + ], + "external_i_ps": null, + "external_name": null, + "external_traffic_policy": null, + "health_check_node_port": null, + "internal_traffic_policy": "Cluster", + "ip_families": [ + "IPv4" + ], + "ip_family_policy": "SingleStack", + "load_balancer_class": null, + "load_balancer_ip": null, + "load_balancer_source_ranges": null, + "ports": [ + { + "app_protocol": null, + "name": "native", + "node_port": null, + "port": 9042, + "protocol": "TCP", + "target_port": 9042 + }, + { + "app_protocol": null, + "name": "tls-native", + "node_port": null, + "port": 9142, + "protocol": "TCP", + "target_port": 9142 + }, + { + "app_protocol": null, + "name": "mgmt-api", + "node_port": null, + "port": 8080, + "protocol": "TCP", + "target_port": 8080 + }, + { + "app_protocol": null, + "name": "prometheus", + "node_port": null, + "port": 9103, + "protocol": "TCP", + "target_port": 9103 + }, + { + "app_protocol": null, + "name": "thrift", + "node_port": null, + "port": 9160, + "protocol": "TCP", + "target_port": 9160 + } + ], + "publish_not_ready_addresses": null, + "selector": { + "cassandra.datastax.com/cluster": "cluster1", + "cassandra.datastax.com/datacenter": "test-cluster" + }, + "session_affinity": "None", + "session_affinity_config": null, + "type": "ClusterIP" + }, + "status": { + "conditions": null, + "load_balancer": { + "ingress": null + } + } + } + }, + "pvc": { + "server-data-cluster1-test-cluster-default-sts-0": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": { + "pv.kubernetes.io/bind-completed": "yes", + "pv.kubernetes.io/bound-by-controller": "yes", + "volume.beta.kubernetes.io/storage-provisioner": "rancher.io/local-path", + "volume.kubernetes.io/selected-node": "acto-0-cluster-0-worker2", + "volume.kubernetes.io/storage-provisioner": "rancher.io/local-path" + }, + "creation_timestamp": "2024-02-26T19:33:30+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": [ + "kubernetes.io/pvc-protection" + ], + "generate_name": null, + "generation": null, + "labels": { + "app.kubernetes.io/instance": "cassandra-cluster1", + "app.kubernetes.io/managed-by": "cass-operator", + "app.kubernetes.io/name": "cassandra", + "app.kubernetes.io/version": "3.11.7", + "cassandra.datastax.com/cluster": "cluster1", + "cassandra.datastax.com/datacenter": "test-cluster", + "cassandra.datastax.com/rack": "default" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + ".": {}, + "f:volume.kubernetes.io/selected-node": {} + } + } + }, + "manager": "kube-scheduler", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:30+00:00" + }, + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + "f:pv.kubernetes.io/bind-completed": {}, + "f:pv.kubernetes.io/bound-by-controller": {}, + "f:volume.beta.kubernetes.io/storage-provisioner": {}, + "f:volume.kubernetes.io/storage-provisioner": {} + }, + "f:labels": { + ".": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {}, + "f:app.kubernetes.io/version": {}, + "f:cassandra.datastax.com/cluster": {}, + "f:cassandra.datastax.com/datacenter": {}, + "f:cassandra.datastax.com/rack": {} + } + }, + "f:spec": { + "f:accessModes": {}, + "f:resources": { + "f:requests": { + ".": {}, + "f:storage": {} + } + }, + "f:storageClassName": {}, + "f:volumeMode": {}, + "f:volumeName": {} + } + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:32+00:00" + }, + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:status": { + "f:accessModes": {}, + "f:capacity": { + ".": {}, + "f:storage": {} + }, + "f:phase": {} + } + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": "status", + "time": "2024-02-26T19:33:32+00:00" + } + ], + "name": "server-data-cluster1-test-cluster-default-sts-0", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1283", + "self_link": null, + "uid": "b78a30f1-4bf6-43d3-9df5-d10275907d6f" + }, + "spec": { + "access_modes": [ + "ReadWriteOnce" + ], + "data_source": null, + "data_source_ref": null, + "resources": { + "claims": null, + "limits": null, + "requests": { + "storage": "3Gi" + } + }, + "selector": null, + "storage_class_name": "server-storage", + "volume_mode": "Filesystem", + "volume_name": "pvc-b78a30f1-4bf6-43d3-9df5-d10275907d6f" + }, + "status": { + "access_modes": [ + "ReadWriteOnce" + ], + "allocated_resources": null, + "capacity": { + "storage": "3Gi" + }, + "conditions": null, + "phase": "Bound", + "resize_status": null + } + }, + "server-data-cluster1-test-cluster-default-sts-1": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": { + "pv.kubernetes.io/bind-completed": "yes", + "pv.kubernetes.io/bound-by-controller": "yes", + "volume.beta.kubernetes.io/storage-provisioner": "rancher.io/local-path", + "volume.kubernetes.io/selected-node": "acto-0-cluster-0-worker", + "volume.kubernetes.io/storage-provisioner": "rancher.io/local-path" + }, + "creation_timestamp": "2024-02-26T19:33:30+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": [ + "kubernetes.io/pvc-protection" + ], + "generate_name": null, + "generation": null, + "labels": { + "app.kubernetes.io/instance": "cassandra-cluster1", + "app.kubernetes.io/managed-by": "cass-operator", + "app.kubernetes.io/name": "cassandra", + "app.kubernetes.io/version": "3.11.7", + "cassandra.datastax.com/cluster": "cluster1", + "cassandra.datastax.com/datacenter": "test-cluster", + "cassandra.datastax.com/rack": "default" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + ".": {}, + "f:volume.kubernetes.io/selected-node": {} + } + } + }, + "manager": "kube-scheduler", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:30+00:00" + }, + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + "f:pv.kubernetes.io/bind-completed": {}, + "f:pv.kubernetes.io/bound-by-controller": {}, + "f:volume.beta.kubernetes.io/storage-provisioner": {}, + "f:volume.kubernetes.io/storage-provisioner": {} + }, + "f:labels": { + ".": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {}, + "f:app.kubernetes.io/version": {}, + "f:cassandra.datastax.com/cluster": {}, + "f:cassandra.datastax.com/datacenter": {}, + "f:cassandra.datastax.com/rack": {} + } + }, + "f:spec": { + "f:accessModes": {}, + "f:resources": { + "f:requests": { + ".": {}, + "f:storage": {} + } + }, + "f:storageClassName": {}, + "f:volumeMode": {}, + "f:volumeName": {} + } + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:33+00:00" + }, + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:status": { + "f:accessModes": {}, + "f:capacity": { + ".": {}, + "f:storage": {} + }, + "f:phase": {} + } + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": "status", + "time": "2024-02-26T19:33:33+00:00" + } + ], + "name": "server-data-cluster1-test-cluster-default-sts-1", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1301", + "self_link": null, + "uid": "5921cc87-b65e-4389-9c27-bfd4674f40dc" + }, + "spec": { + "access_modes": [ + "ReadWriteOnce" + ], + "data_source": null, + "data_source_ref": null, + "resources": { + "claims": null, + "limits": null, + "requests": { + "storage": "3Gi" + } + }, + "selector": null, + "storage_class_name": "server-storage", + "volume_mode": "Filesystem", + "volume_name": "pvc-5921cc87-b65e-4389-9c27-bfd4674f40dc" + }, + "status": { + "access_modes": [ + "ReadWriteOnce" + ], + "allocated_resources": null, + "capacity": { + "storage": "3Gi" + }, + "conditions": null, + "phase": "Bound", + "resize_status": null + } + }, + "server-data-cluster1-test-cluster-default-sts-2": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": { + "pv.kubernetes.io/bind-completed": "yes", + "pv.kubernetes.io/bound-by-controller": "yes", + "volume.beta.kubernetes.io/storage-provisioner": "rancher.io/local-path", + "volume.kubernetes.io/selected-node": "acto-0-cluster-0-worker3", + "volume.kubernetes.io/storage-provisioner": "rancher.io/local-path" + }, + "creation_timestamp": "2024-02-26T19:33:30+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": [ + "kubernetes.io/pvc-protection" + ], + "generate_name": null, + "generation": null, + "labels": { + "app.kubernetes.io/instance": "cassandra-cluster1", + "app.kubernetes.io/managed-by": "cass-operator", + "app.kubernetes.io/name": "cassandra", + "app.kubernetes.io/version": "3.11.7", + "cassandra.datastax.com/cluster": "cluster1", + "cassandra.datastax.com/datacenter": "test-cluster", + "cassandra.datastax.com/rack": "default" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + ".": {}, + "f:volume.kubernetes.io/selected-node": {} + } + } + }, + "manager": "kube-scheduler", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:30+00:00" + }, + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + "f:pv.kubernetes.io/bind-completed": {}, + "f:pv.kubernetes.io/bound-by-controller": {}, + "f:volume.beta.kubernetes.io/storage-provisioner": {}, + "f:volume.kubernetes.io/storage-provisioner": {} + }, + "f:labels": { + ".": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {}, + "f:app.kubernetes.io/version": {}, + "f:cassandra.datastax.com/cluster": {}, + "f:cassandra.datastax.com/datacenter": {}, + "f:cassandra.datastax.com/rack": {} + } + }, + "f:spec": { + "f:accessModes": {}, + "f:resources": { + "f:requests": { + ".": {}, + "f:storage": {} + } + }, + "f:storageClassName": {}, + "f:volumeMode": {}, + "f:volumeName": {} + } + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:33+00:00" + }, + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:status": { + "f:accessModes": {}, + "f:capacity": { + ".": {}, + "f:storage": {} + }, + "f:phase": {} + } + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": "status", + "time": "2024-02-26T19:33:33+00:00" + } + ], + "name": "server-data-cluster1-test-cluster-default-sts-2", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1309", + "self_link": null, + "uid": "46c1b026-ace4-4bb1-83b7-39b6f5a2cb7f" + }, + "spec": { + "access_modes": [ + "ReadWriteOnce" + ], + "data_source": null, + "data_source_ref": null, + "resources": { + "claims": null, + "limits": null, + "requests": { + "storage": "3Gi" + } + }, + "selector": null, + "storage_class_name": "server-storage", + "volume_mode": "Filesystem", + "volume_name": "pvc-46c1b026-ace4-4bb1-83b7-39b6f5a2cb7f" + }, + "status": { + "access_modes": [ + "ReadWriteOnce" + ], + "allocated_resources": null, + "capacity": { + "storage": "3Gi" + }, + "conditions": null, + "phase": "Bound", + "resize_status": null + } + } + }, + "cronjob": {}, + "ingress": {}, + "network_policy": {}, + "pod_disruption_budget": { + "test-cluster-pdb": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": { + "cassandra.datastax.com/resource-hash": "N5O7i+zXqVMtvfYRMnksAOtwD64XnXhWx4ZtrExoAfU=" + }, + "creation_timestamp": "2024-02-26T19:36:14+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": 1, + "labels": { + "app.kubernetes.io/instance": "cassandra-cluster1", + "app.kubernetes.io/managed-by": "cass-operator", + "app.kubernetes.io/name": "cassandra", + "app.kubernetes.io/version": "3.11.7", + "cassandra.datastax.com/cluster": "cluster1", + "cassandra.datastax.com/datacenter": "test-cluster" + }, + "managed_fields": [ + { + "api_version": "policy/v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:status": { + "f:conditions": { + ".": {}, + "k:{\"type\":\"DisruptionAllowed\"}": { + ".": {}, + "f:lastTransitionTime": {}, + "f:message": {}, + "f:observedGeneration": {}, + "f:reason": {}, + "f:status": {}, + "f:type": {} + } + }, + "f:currentHealthy": {}, + "f:desiredHealthy": {}, + "f:disruptionsAllowed": {}, + "f:expectedPods": {}, + "f:observedGeneration": {} + } + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": "status", + "time": "2024-02-26T19:36:14+00:00" + }, + { + "api_version": "policy/v1beta1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + ".": {}, + "f:cassandra.datastax.com/resource-hash": {} + }, + "f:labels": { + ".": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {}, + "f:app.kubernetes.io/version": {}, + "f:cassandra.datastax.com/cluster": {}, + "f:cassandra.datastax.com/datacenter": {} + }, + "f:ownerReferences": { + ".": {}, + "k:{\"uid\":\"9b81ee5e-f473-4cc4-8eba-88b9581a973d\"}": {} + } + }, + "f:spec": { + "f:minAvailable": {}, + "f:selector": {} + } + }, + "manager": "manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:36:14+00:00" + } + ], + "name": "test-cluster-pdb", + "namespace": "cass-operator", + "owner_references": [ + { + "api_version": "cassandra.datastax.com/v1beta1", + "block_owner_deletion": true, + "controller": true, + "kind": "CassandraDatacenter", + "name": "test-cluster", + "uid": "9b81ee5e-f473-4cc4-8eba-88b9581a973d" + } + ], + "resource_version": "1980", + "self_link": null, + "uid": "d836002c-7c09-488a-b295-d5a972973ee4" + }, + "spec": { + "max_unavailable": null, + "min_available": 2, + "selector": { + "match_expressions": null, + "match_labels": { + "cassandra.datastax.com/cluster": "cluster1", + "cassandra.datastax.com/datacenter": "test-cluster" + } + }, + "unhealthy_pod_eviction_policy": null + }, + "status": { + "conditions": [ + { + "last_transition_time": "2024-02-26T19:36:14+00:00", + "message": "", + "observed_generation": 1, + "reason": "SufficientPods", + "status": "True", + "type": "DisruptionAllowed" + } + ], + "current_healthy": 3, + "desired_healthy": 2, + "disrupted_pods": null, + "disruptions_allowed": 1, + "expected_pods": 3, + "observed_generation": 1 + } + } + }, + "secret": { + "cass-operator-controller-manager-token-78j4l": { + "api_version": null, + "data": { + "ca.crt": "-----BEGIN CERTIFICATE-----\nMIIC/jCCAeagAwIBAgIBADANBgkqhkiG9w0BAQsFADAVMRMwEQYDVQQDEwprdWJl\ncm5ldGVzMB4XDTI0MDIyNjE5MzEyNVoXDTM0MDIyMzE5MzEyNVowFTETMBEGA1UE\nAxMKa3ViZXJuZXRlczCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMmH\nFaWb2Wjn7HoSYrErkc76xYf8Iz5XjB4005cdOSVc8bovTzFpQwmV7B09zUpq6nOq\nTNk86Zfrth8KyS1crMrlNhOkOZYeGPT2L8NMO9V/XrgaRv8cEWZjeMRpWlNdwVtJ\nrK+CQF/e4vMbv17zjT5DeSXJtYpY87TWY69RH4cJFnD93Y1BUSfPbSbtaAXLdH03\nPVTtFWm6H8NFzf+bw1hN1W+62DOWjZ7YbR3aJqyyle26Qz35VocYnRo705lZKPwO\nt5XnwmnIE6sMwngJutGipU8/v/OG8SsvoOgfLU8sSeuatXV6q/UzvAv0x0X7b6BH\nvEPkLge3JISAylxOu+0CAwEAAaNZMFcwDgYDVR0PAQH/BAQDAgKkMA8GA1UdEwEB\n/wQFMAMBAf8wHQYDVR0OBBYEFBn5yq8hFn3wVwtApoqJ9eQF1zPpMBUGA1UdEQQO\nMAyCCmt1YmVybmV0ZXMwDQYJKoZIhvcNAQELBQADggEBABrIGLIeWKkQrHtRF/lJ\nUqLBDKSkOOdHlAXfYJNM3LgYEoNBV1hvt5Pte95QKpflyLBEqiaIeq1Qpw4OfH3x\nj1xsNULGk6Xjce8/UpG4xSfsJ7xntFzg22pEZKuAF1FGOOfZh5orla6UHk8Bg5+b\nXZeJzUGJSKfjVhlxf72udWFzvJdcG/sEUkvyX5Mlrph8tUyOpY/6LRAmDBrfokBk\nEA8DQjsL0IaIOoHP2eMVqIws8Biyptn6q047jjayTjn2ITN3Cd2yj9qGwlBaO6rE\nrtqStZSE+M7MNHsY4ha/Jgarg3VzafqRXCA2QVuc8iqke0v1ntnOzZz2RUmLY5UA\nGyM=\n-----END CERTIFICATE-----\n", + "namespace": "cass-operator", + "token": "eyJhbGciOiJSUzI1NiIsImtpZCI6Inh4RE1zTEVXZVFPYU9hV2FoYi05em80SnZ0WExGeHJ2blN4NHlEa2V4NTgifQ.eyJpc3MiOiJrdWJlcm5ldGVzL3NlcnZpY2VhY2NvdW50Iiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9uYW1lc3BhY2UiOiJjYXNzLW9wZXJhdG9yIiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9zZWNyZXQubmFtZSI6ImNhc3Mtb3BlcmF0b3ItY29udHJvbGxlci1tYW5hZ2VyLXRva2VuLTc4ajRsIiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9zZXJ2aWNlLWFjY291bnQubmFtZSI6ImNhc3Mtb3BlcmF0b3ItY29udHJvbGxlci1tYW5hZ2VyIiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9zZXJ2aWNlLWFjY291bnQudWlkIjoiNTYyOGVjNjUtMjM1Zi00ZGI4LTk4MjgtYWI4MDQ5ZTBhZjkyIiwic3ViIjoic3lzdGVtOnNlcnZpY2VhY2NvdW50OmNhc3Mtb3BlcmF0b3I6Y2Fzcy1vcGVyYXRvci1jb250cm9sbGVyLW1hbmFnZXIifQ.MXOf_QvpwuQk88mZTM2c8BVZ3x-KieQiLN2Rx9Rss1cj6jYjH320QPtBRe1qZ5S4Dkkz4eUg3lHrX-rj4q_0UHz-SH8vKeXMyX8dxkwZHcS00PAEtCIlgKC-WzAPqnaKdY4duHZUnA2mK2Bd-ewwiOdFLO8hf7bR11JXdpj0t9T3SZrw8WnHCMPmAdgaF8dM_QDhU2n9vKlyh5-6J8-g6mM-ebtGOP26j4x76P6hECgtxD3xOzVIzV_rWRaxHT2Bl3IPTZ_rK8RtU9Vovz0YVWbr65EHDXSBs5oxeId4iVZywCN_4BMJ1zL36S-Gc6Bm5mMtWyiyXrK7fXN8sMTCiw" + }, + "immutable": null, + "kind": null, + "metadata": { + "annotations": { + "kubernetes.io/service-account.name": "cass-operator-controller-manager", + "kubernetes.io/service-account.uid": "5628ec65-235f-4db8-9828-ab8049e0af92" + }, + "creation_timestamp": "2024-02-26T19:32:48+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:data": { + ".": {}, + "f:ca.crt": {}, + "f:namespace": {}, + "f:token": {} + }, + "f:metadata": { + "f:annotations": { + ".": {}, + "f:kubernetes.io/service-account.name": {}, + "f:kubernetes.io/service-account.uid": {} + } + }, + "f:type": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:32:48+00:00" + } + ], + "name": "cass-operator-controller-manager-token-78j4l", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "954", + "self_link": null, + "uid": "fc2c5c76-6bf8-4dd5-858e-15718ab80648" + }, + "string_data": null, + "type": "kubernetes.io/service-account-token" + }, + "cluster1-superuser": { + "api_version": null, + "data": { + "password": "lgA50wzRdKTOoZjU2DbbqiTljvOlrKE2CUxGcTMi4CsjCQ5KfcM0Dg", + "username": "cluster1-superuser" + }, + "immutable": null, + "kind": null, + "metadata": { + "annotations": { + "cassandra.datastax.com/watched-by": "[\"cass-operator/test-cluster\"]" + }, + "creation_timestamp": "2024-02-26T19:33:30+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": { + "app.kubernetes.io/instance": "cassandra-cluster1", + "app.kubernetes.io/managed-by": "cass-operator", + "app.kubernetes.io/name": "cassandra", + "app.kubernetes.io/version": "3.11.7", + "cassandra.datastax.com/watched": "true" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:data": { + ".": {}, + "f:password": {}, + "f:username": {} + }, + "f:metadata": { + "f:annotations": { + ".": {}, + "f:cassandra.datastax.com/watched-by": {} + }, + "f:labels": { + ".": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {}, + "f:app.kubernetes.io/version": {}, + "f:cassandra.datastax.com/watched": {} + } + }, + "f:type": {} + }, + "manager": "manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:36:14+00:00" + } + ], + "name": "cluster1-superuser", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1979", + "self_link": null, + "uid": "d70fb378-1971-4597-836f-222a7c423688" + }, + "string_data": null, + "type": "Opaque" + }, + "default-token-85zgl": { + "api_version": null, + "data": { + "ca.crt": "-----BEGIN CERTIFICATE-----\nMIIC/jCCAeagAwIBAgIBADANBgkqhkiG9w0BAQsFADAVMRMwEQYDVQQDEwprdWJl\ncm5ldGVzMB4XDTI0MDIyNjE5MzEyNVoXDTM0MDIyMzE5MzEyNVowFTETMBEGA1UE\nAxMKa3ViZXJuZXRlczCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMmH\nFaWb2Wjn7HoSYrErkc76xYf8Iz5XjB4005cdOSVc8bovTzFpQwmV7B09zUpq6nOq\nTNk86Zfrth8KyS1crMrlNhOkOZYeGPT2L8NMO9V/XrgaRv8cEWZjeMRpWlNdwVtJ\nrK+CQF/e4vMbv17zjT5DeSXJtYpY87TWY69RH4cJFnD93Y1BUSfPbSbtaAXLdH03\nPVTtFWm6H8NFzf+bw1hN1W+62DOWjZ7YbR3aJqyyle26Qz35VocYnRo705lZKPwO\nt5XnwmnIE6sMwngJutGipU8/v/OG8SsvoOgfLU8sSeuatXV6q/UzvAv0x0X7b6BH\nvEPkLge3JISAylxOu+0CAwEAAaNZMFcwDgYDVR0PAQH/BAQDAgKkMA8GA1UdEwEB\n/wQFMAMBAf8wHQYDVR0OBBYEFBn5yq8hFn3wVwtApoqJ9eQF1zPpMBUGA1UdEQQO\nMAyCCmt1YmVybmV0ZXMwDQYJKoZIhvcNAQELBQADggEBABrIGLIeWKkQrHtRF/lJ\nUqLBDKSkOOdHlAXfYJNM3LgYEoNBV1hvt5Pte95QKpflyLBEqiaIeq1Qpw4OfH3x\nj1xsNULGk6Xjce8/UpG4xSfsJ7xntFzg22pEZKuAF1FGOOfZh5orla6UHk8Bg5+b\nXZeJzUGJSKfjVhlxf72udWFzvJdcG/sEUkvyX5Mlrph8tUyOpY/6LRAmDBrfokBk\nEA8DQjsL0IaIOoHP2eMVqIws8Biyptn6q047jjayTjn2ITN3Cd2yj9qGwlBaO6rE\nrtqStZSE+M7MNHsY4ha/Jgarg3VzafqRXCA2QVuc8iqke0v1ntnOzZz2RUmLY5UA\nGyM=\n-----END CERTIFICATE-----\n", + "namespace": "cass-operator", + "token": "eyJhbGciOiJSUzI1NiIsImtpZCI6Inh4RE1zTEVXZVFPYU9hV2FoYi05em80SnZ0WExGeHJ2blN4NHlEa2V4NTgifQ.eyJpc3MiOiJrdWJlcm5ldGVzL3NlcnZpY2VhY2NvdW50Iiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9uYW1lc3BhY2UiOiJjYXNzLW9wZXJhdG9yIiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9zZWNyZXQubmFtZSI6ImRlZmF1bHQtdG9rZW4tODV6Z2wiLCJrdWJlcm5ldGVzLmlvL3NlcnZpY2VhY2NvdW50L3NlcnZpY2UtYWNjb3VudC5uYW1lIjoiZGVmYXVsdCIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VydmljZS1hY2NvdW50LnVpZCI6ImIzZmRlMDk1LTc4NDctNDI3Ny05ZDY4LTFiNmMyOGZhM2Q3MSIsInN1YiI6InN5c3RlbTpzZXJ2aWNlYWNjb3VudDpjYXNzLW9wZXJhdG9yOmRlZmF1bHQifQ.oDBiilLn6TaBtuduVklCDCNa0UIM_qwI-y5GEvoM_kgUDugNiJj8x5elLWbS1BklUEiLIYPGdDZyQWnEtuJO9kNAEqKQrtIlYxKy3T1uaG_JZ0tFkUa3yXAisNYZnnX4ZYjFDCycUtVP8TiF2ZV0iR900tLL2TWM7jEnacKkIOviL2zqiBTD5v3d33aj9KXQwGMT1IMGDKX4x1VIySiDRHUS03ogGaPijilw45v0lWN18BI3vRtMSwuQIsaE8knoVKavm4AurK80rVP6Tm-CHNqWTiOnZ56lM11lnDVDsT2agXjO52MYV0TQkYVKgdq0YgUYf2rbBxpvQ4tTNqTS_A" + }, + "immutable": null, + "kind": null, + "metadata": { + "annotations": { + "kubernetes.io/service-account.name": "default", + "kubernetes.io/service-account.uid": "b3fde095-7847-4277-9d68-1b6c28fa3d71" + }, + "creation_timestamp": "2024-02-26T19:32:27+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:data": { + ".": {}, + "f:ca.crt": {}, + "f:namespace": {}, + "f:token": {} + }, + "f:metadata": { + "f:annotations": { + ".": {}, + "f:kubernetes.io/service-account.name": {}, + "f:kubernetes.io/service-account.uid": {} + } + }, + "f:type": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:32:27+00:00" + } + ], + "name": "default-token-85zgl", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "737", + "self_link": null, + "uid": "4f46c8c1-ec8e-454c-b261-48c03c463f85" + }, + "string_data": null, + "type": "kubernetes.io/service-account-token" + }, + "test-cluster-ca-keystore": { + "api_version": null, + "data": { + "cert": "-----BEGIN CERTIFICATE-----\nMIIF9zCCA9+gAwIBAgIQX1+/mcEfMJBDyRV8seUWAjANBgkqhkiG9w0BAQsFADBp\nMTIwMAYDVQQKEylDYXNzYW5kcmEgS3ViZXJuZXRlcyBPcGVyYXRvciBCeSBEYXRh\nc3RheDEzMDEGA1UEAxMqdGVzdC1jbHVzdGVyLWNhLWtleXN0b3JlLmNhc3Mtb3Bl\ncmF0b3Iuc3ZjMB4XDTI0MDIyNjE5MzMzMFoXDTI1MDIyNTE5MzMzMFowaTEyMDAG\nA1UEChMpQ2Fzc2FuZHJhIEt1YmVybmV0ZXMgT3BlcmF0b3IgQnkgRGF0YXN0YXgx\nMzAxBgNVBAMTKnRlc3QtY2x1c3Rlci1jYS1rZXlzdG9yZS5jYXNzLW9wZXJhdG9y\nLnN2YzCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAPjypL+aX9rQ6gjq\nWkdsYubR8oVk3VcL4rb4zO0BttU0yia0mB+iBYx0Sjc2YBeTpP6j2J3THbmtU8+F\nh6Q9Gmp0egJiElSNyzVZcLaReCi+2P9rYrWgqz9L8QzLB2hOBhQ3Tn/iL4fkiU0l\nP+veI/HutmzYXQhe0gWdMtip5rVmOxwupN53dhupOAW4cOB05cBEim23mmG2g5KI\nPZ1Qog2FytOWLgcVLX5QyRUwkSWmPDzaFA/c4BHzpF0y4B9Gf/pjkUvAYF2uD64C\nZL/dxk5++9DlH7lD8Df5If3lne6scxlKLes4b1aevgD2yJNSEQnFBdzPGh6jXmHk\npaWQbMY8Wzbc+3HWUIfYvq9YMQXTZkn9A+lF8fTnOeY5gbpmYy/0Za9e1T+YdP5Z\n2dI9nPi6kWciiIkT9bOL4/cvFYFZqMoqbmoiXW0X5ns7dajeto63RT/SDos0FNqp\nwVylcsEesQM3nPAWgP2H4L5cOYt0ODAY/HTQ4gX942SzeS9+0ptGCdx7pyzn4N65\nXtZbTf/Nqn0ZWwy5aAe2j2PA1/XUUJ7VI5X9VbH71bkStmMwBwSkijkeLeIws4He\n36Mwm5ZQSPond4GMQi7Rvhw1Viu0jrW+R+3VzvYZqW/ucUhY8K/vQh4jWjtIDE8r\nyxOxe1UeqThK2hVQC/7V7quKBXXlAgMBAAGjgZowgZcwDgYDVR0PAQH/BAQDAgKk\nMBMGA1UdJQQMMAoGCCsGAQUFBwMBMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYE\nFKihpplWTjvB13YVR/+rJIXDDySlMEAGA1UdEQQ5MDeCNWNhc3NhbmRyYWRhdGFj\nZW50ZXItd2ViaG9vay1zZXJ2aWNlLmNhc3Mtb3BlcmF0b3Iuc3ZjMA0GCSqGSIb3\nDQEBCwUAA4ICAQB5mrJBCJW1YzHSfe7h4OHvbqJViIcEDfhdz43+4tRheS1+t6Lp\n78LAT7ExsVzbe7de+qJgQVaG8RwXTS0mGmowrqb1xRvIM6nYvNP5NurL7O988gwQ\npZFrJwzGftnqQurTARGPTFtIkm6gSJNXH2Fr+amO8CPTTvkvH2Rt1VMHbsnI8/N0\nTDsKs4ohYYQfUPp+F/hT6EPpSURMOGa0zsaYV5oZnvVnxSPn80HBhXBNBOA0Dh7Z\nwqXCiAm1L65zB8HIe9fHxTRMFc7cnVOqnCDDSrfu3yRvj6HcGqjX899e9SDklW6R\npupvRhJeZW3a9XoH5oMzYcfdQKFmTwhGr39TMCfdTbNEyGQmEtJiqLegddBYGuDm\n1KOys4cTuamhoXo8NoQN/p9oVzCBqVasv1fER01fX+DoN3lWUVL9Xalqzv1KZd8w\ncJB9VJL2cfWg7/DI8ZcSk/IlzEenglB578Kg5vTCgcCMpYbjzkJGXbWD49Z/jZ2p\nxp0RtKLOIW0cdzETxwIpiL0vfeyJ3Ri8KKisZskBmvmog/+GSyaCeNsFMU9gziRx\nXfvdzd9P0dC9FfSigm/uQ2FHSWaVASwZ4MKg7zozsDHrAHZPdwfelmyB4cntOaYU\nIQ7YMDs41bCU+CBwPLNc54Y9gC+HbfBehM3Zt8Xf4CiQ7/1yK0pttiLaQQ==\n-----END CERTIFICATE-----\n", + "key": "-----BEGIN PRIVATE KEY-----\nMIIJQwIBADANBgkqhkiG9w0BAQEFAASCCS0wggkpAgEAAoICAQD48qS/ml/a0OoI\n6lpHbGLm0fKFZN1XC+K2+MztAbbVNMomtJgfogWMdEo3NmAXk6T+o9id0x25rVPP\nhYekPRpqdHoCYhJUjcs1WXC2kXgovtj/a2K1oKs/S/EMywdoTgYUN05/4i+H5IlN\nJT/r3iPx7rZs2F0IXtIFnTLYqea1ZjscLqTed3YbqTgFuHDgdOXARIptt5phtoOS\niD2dUKINhcrTli4HFS1+UMkVMJElpjw82hQP3OAR86RdMuAfRn/6Y5FLwGBdrg+u\nAmS/3cZOfvvQ5R+5Q/A3+SH95Z3urHMZSi3rOG9Wnr4A9siTUhEJxQXczxoeo15h\n5KWlkGzGPFs23Ptx1lCH2L6vWDEF02ZJ/QPpRfH05znmOYG6ZmMv9GWvXtU/mHT+\nWdnSPZz4upFnIoiJE/Wzi+P3LxWBWajKKm5qIl1tF+Z7O3Wo3raOt0U/0g6LNBTa\nqcFcpXLBHrEDN5zwFoD9h+C+XDmLdDgwGPx00OIF/eNks3kvftKbRgnce6cs5+De\nuV7WW03/zap9GVsMuWgHto9jwNf11FCe1SOV/VWx+9W5ErZjMAcEpIo5Hi3iMLOB\n3t+jMJuWUEj6J3eBjEIu0b4cNVYrtI61vkft1c72Galv7nFIWPCv70IeI1o7SAxP\nK8sTsXtVHqk4StoVUAv+1e6rigV15QIDAQABAoICAQCEecL3/zOBIulXwzY1idT7\nlb+kAq/SkY2c5rtOaDoeLRBiFnpZYwPm4T9ZMENkaHpF03UDT4Qi+bx+00UCPk3f\nVopS2FN+0VHQ2v6i+LhjnmOlUETf+FcIwOXOdABGHjcX7PKGFRxMCW6TMf5ZCwY/\nyVMkiuK/AI5s1GFpcMhHwdY0whGUHSgpwhwA10yh9TMJ5K9xgWHTG6fag0ueenky\nDv+HJwTpWfiynlTTRNwIl/S4QSip5FUM2IWf3uHrYr3ZxcBc+kuNroHDjJyGiYLs\n5KAmYrdGBIRBlP7kuJsZloVNcO8MnCSLiL/9jVXhJ6vPchwTi9YPdcpU97K6byei\nLWlrtwRd1tLzgH3bBkJ+BhAzKiCwd8jYaBuAK3jFK7r9mjy1niBAbLhsbc6KZrK9\nRQUegurjmpyoi5k2WyApgWs3cMCXje/0vuDPvMwv3+vWXsrlL8dGwsTsMaLrwbxX\nE6KXYz9uO1wL+Jy4cOp2WOGle1cCHrewEYB/VGs0TBTNSz8O6ebR9g4ucFwnFq/7\nd9mRRDef5+hF7vwaeG3FGDgXJcqf99TFpj1rXukIrVxhjVX+hNvegn4UhZ/FJWum\nEtP5MOs+hzq3+bgAlSyeaNqqPmM6r+R7Zl/OrB3PXmdrYStTP3NRTq3hrBIGDeVz\nqaRH8eBwAFPud0A6hPv0AQKCAQEA/9yTXvaugYTk0uvVckwBQoFgzaRIJXV5tpui\nKsY1Pxn6OfsKqTVvfW73yYErwglDK3rGrLY5jDk69BSywdhW9vQl/q290xMJyGeb\n3EsYEdlSvP//npgM7UJVVyfV6bhUY3CiMt1pjyFkdriiKh5kEXB+wT96oyxHRzLP\ng224DS2NGOfkW9VMLzTtJ/W8bfO2QG9FULnEgaSbWRzLgKaz3CH1DQOXKiJdBCBm\nVbprVt7hz7K3a4B8xuANddt4YnUfiYod0LabMClt/7yE/dGw/fX7UyHKzrxPAVt5\nBE9PaW7a8UUtp+i/oi6aqibw2JBMxeGgNse+owFVCMDYTKc65QKCAQEA+RUcVBEp\nhFdnqCf9Zzc8mWwVpOGh9dIqXS7fJ7wUpFSKieaiBEdZNi8771jn3OGzyMgpB66D\nuY/GCm7wL0RAeek3CjaxAPazgbj5tlt4b7NeiDY7diIcOM3nZR5z2yb2eAPR1f2Q\nW/luLdD2m5FZQxV0kiDXZrmbjv7bE8Pn9uGn4tRdQTL0+2kTSywbEs2r6IZefePL\nIbuzx2SQTe6cA/Zhgg3hfS+5ZJbmUQvqLWc+NMr4WdUXQ4TYXjV7fZyc8YaQ9cZj\nIzD5sPtA7Y96fVUx4oRJGhdCqcqxqFJSGz5QzrIDBqT4lzLFh4Xr9KWUe88XfICM\nvY7rKtTUogKfAQKCAQAfKpAs/iFtl3GEG8QJQybYIghXpE5BedjUnIqZaUFtKU3o\nqCK5T8//2HeIbRqWbShocHEo8p157jK3LppDsIWPWVgTeLhpsKT9a1l58Q/ChNVm\nPky11dGlSPI6Rpjw+koVPtATIBNOowOozn66YK9RzIE0KvZWT/tyuca7PK8xs72/\nLegMI6Q/D9RfjLhiMFCf8q3f0nEUVaeyqCZFyoiYJO7Dog9Uy5DHAudUQ/v1PfsF\noMBk8ObCFuKs24oDfD7WMyPEm6m1qSZEA4Ozo0pK9R6jFresjRWWlbzdAIgs0JsM\nzp9sF5bYO5MNbObjilg/tmccpSIcmvnvsgXm+GvdAoIBAQCEPz0nNWWBqpaSpYjZ\ngG5gVw622EWRquBrUTOSeT3MckaMKTPkaa1oI3QDBIU2tW8rL3r5ZSLzJu7TI0vL\nDMXe9IAQoDEifdmZCokq1S4AwI90arbvZfTuBATTn3OL7Af4eK60m0hGTQy+rrAA\nsQ9fmsilvWIgXHPHXHEc8Wr7nZvxxycsMs33njZsNyK4vRKFBrKszIFRi8NMHoyv\nk/yp7eqfjpcmTGx2h9gJN/ZB3QseJJXvvD/5zVLD0kmay8hYREY69/Yy/RHVcdFr\nUD6MxOsThYD6pVbzp3bkE7EcXd2xoLoSkQyb2o0eA3DgF/naMn4Z0HbpPjSGLTIo\nQpQBAoIBAF8VekmSHpdQ83n5e+qh11niQqAMgUGTx+ysZLJpBOd7mCXF2x1CTj5X\n1G1QKK35H5Pfk12n7qQ+Kokqxs4l1oD31EIkpWbKVW4KUkWIaA5QAWSwjfKb+WyP\npHyCA0O+67JBqSeJa5+VIVaxtpXCDKc6L3Vp+dkx0zzcb0jFTcyIQWGea3JtB29Z\nvsOs4wVJtWTr0yiwhOS0rq/jnhjEcdfUWqvkt6nZ5djGIi7WP6biT3DTriV+1TSP\nlD5H04K2KGKYeYJeQoeGicOKBU77fmth/IlceEv3HiIrNaP1/xHZSGjdCbhPi8q8\nK/noZDwAYuMSlWygyJgv+nGkI4P1BV4=\n-----END PRIVATE KEY-----\n" + }, + "immutable": null, + "kind": null, + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:42+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:data": { + ".": {}, + "f:cert": {}, + "f:key": {} + }, + "f:type": {} + }, + "manager": "manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:42+00:00" + } + ], + "name": "test-cluster-ca-keystore", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1356", + "self_link": null, + "uid": "092210cd-012b-4880-8be0-31892909c652" + }, + "string_data": null, + "type": "Opaque" + }, + "test-cluster-keystore": { + "api_version": null, + "data": { + "node-keystore.jks": "/u3+7QAAAAIAAAACAAAAAQAhdGVzdC1jbHVzdGVyLmNhc3Mtb3BlcmF0b3IuY2Fzc2RjAAABjeborQAAAAmHMIIJgzAOBgorBgEEASoCEQEBBQAEgglv9f5XKDWJsPMHaGZN9azx/zCVpVkEHO1IR+xJaay0NjuPlDn3Ffjy7zqOyTV/s+xIFNJJKokZPeJl4QGfxG1Odb8CCgVFnO9Msugy3DbrIDaIAmH0d4Sl9MyTxuGJxLX0ZhCqlBwwYjHIG3W1r+sQ1nz1nyjErTwmmbkF5Mgnqqt4YE9Zvyn2eTakG1FNXX+8M3c8wZyzrgKModYK+n5DPu70UkM9OSzWCA6tFige34NGkbCKm04Adjix6OP6xkAzG+KOrF7Pd7dVRUsdaRbEXsgq1sjzI0DCqo2RnTQc0O3FuzoP1rxywO2wSS8UYs/bX7CZXivnaoIVmPDuzzboiGUgpIiTMjOyzGDWkecIc7XU+aDJWEsKh2Ws98qflPMkU5DxQmtG1SQAjmNsz2irBJSnjOQf/4iEu/QA0GjL/4CAKukX2U8GbbAxYjVW0n/aH6fLHLWkmViqVFjkOX7wBV3bU7CU1cSBGz8Vqo27lgBQpHgKURnvxV9wIYHdLOD6ZOPAIfEErQpqkHApQSt1RhtQV/eI4BXig+z2B+XAY/re41wrwEkgAxklFg/5pK2T9ZnIxxB9py9kaBbg+WSc7acVuFAhI7IdTXNb4kVxNdEV0rxwCP1zZOZn3dClq1MtwiZB9/t+oAGfT5K2kxpRPTAck8NRKxQvsNgFrIqjLe6zJgTWKGUWe9Y1PWvBz5P6+gCv76SGUg7cm85HmhLJBIpElORGIK5O7GcrCqseZDqi/SsoW/e2m3+VWQRjPPexslcVnRVkIN+djPp22UVyAh1ebd1YlgioIVMkvCyuYKgQlV48VvfkPhY/iNtfy8+dH0mwVT1eHw6C6Dt89Cp5XOYNesBcAqOdIZmPNfWZyQa2BwnT8TjQeV6ojxx5WB2fMMruXDLTB0a9vTH5Wd041dJNm64KbtJCGsa9zsm6zePvvU0/K6FxBYAqTGAlzzju5M3oUh0MPgcAKptRbAlPl3C2b3yS5ydnfFX6UKu78ph46XP9MiGw6Rti+YOK5QQOTPzcPvaLsu27LMdYR9nO9epZDHoD1HfLNci3TVBQY/1AbyCArpAz6lgvCPZ9o+JuI890X/mH4LDRO2+1DwTaPb/QcaV9bng9Lw0pcdnbUezIR/xFIW+58tmg+gqe8EaplRa7yaGVitDhTQF2Kq2wl9dqTVzgDGqNcuBCpT6BAAQKv9jeMb3KCqXFwzGPJLCzsN26vz/R5GnSIADSsnxWf1egqr1wKdSG9BnFkoIuC55PvEMVrUKKpVbT0Jmk8/8F3umhSUGh/MNtUN4eqClm8VhZovXpj+bRvY4RQ+NtVStA7HhdO7Tj7lDY9pVlKKnRkEok2h/2r1WE0H/aSFxzU2v4xyy3hEDGMXga9CTIxTGHDEUwDC3SEHzCIYIyL3zur5dFM5W2RYAggNwWyXIn7z6ux0M72tpkdCLNCBH86qE1fnAoqRaj/ZWl54WU9qQqEcKeZjy8yF4CSdtSuVOdvYI/AU8py2lRYUDUl+hSemPUTpv2SYRhqGxCw39Db8mUoLZjKs2/wANf/uV5JWj7hif9T8w1AwxHUXTgu+IurmmWCuqBkEXiuekpNpNi/SMxhmyE/0OOXAGGViKa8ionEPek1GFXGSTnEg28IMakDxn1sw0b7pbMBazq2MGI3z8GbUvTmKA+qAK7dSjCIN/UyEBVt88FJOGZFngAEHJtf/YgYgN2OiMqwvrEpR6vjOAAwrdpgSl2rR2UOSG6XA7204qr8lM6oabNUC1Dj9OtrCjHtE4RFwlb+aOK8XHkxDKievVBI453h8tjcAiEQpm4qVFP9WyiHvpJ+Z4QTp9GfQP6etYC2b0u/UtUgrhTWgceAk9SrfYdNaOxLdHCKKXernC42MZar6fLNa2Dicm9x4ElI1p44x/pgrgQsvz0IbtpHgradj/D+e+3awJnYVRYnayH5JkWlow9gi3/hUEq5Eat577z5PlFrEEwq2CMPNNzzV2bsfJjBs/7oHsv7VEZYF+OJ97mEMDftgfGts1gkeG4HyA4dAmA8sxIsfT2ukLtGLvqUtafQSRqHwOWPfVznU7ddi9ApbIty9VjJ/NUKicr01M7E5Ba8CXcKixrwRDjR+cvn3fzcFtAewIjK1z60LLD47q+2gBNtz78O2gi/oqKJOtw3mGWSsFLAOmGgzDf9EO32atVQZw1uNceC2+beP9CsI/26bxH0/U3zxXLuYrdDGxEwSgRY+CWRAMyz7czva2QVMUXfVq1gTEz0ZauZfdaGEizDexoFM+sXH52ZGjXeI+jhQGIjPtdJ5cTCgzcOpwjoHDFXxHzVH5QBk3TJOnB6B1X7PtcrmgexOq0IL7g7qQ5zZlgpwc9Dm6Rbe0Iqo+N6XN8QR78qdrht5/PJs94RzwjuHyHYBbzFASBogR52Cemg+/NkHfb3Ct63roTJyzjdzT+Tk6jQXXSdvvffVcAnOTDkTC1v/TaHTrbT10P5frX0n9UZ9XFbdfQG6ad64px8DbLKs9b4utbvyB3CrE5UGrEyFIWc2FnN+OqAMj2f5RkxEoelwRlIKZZDDFIUbLnz4RZ6feZ5VW9Of/YddGOH4KkMiELY4Ufw5xl//7v53MoKB4NU/LVCxF+m7CdKCsNEYZ3hGzrlpeh54EB1VkiG2Y5t6gy2UCcGCWJSbdi9/sHsWkANt3yPpz0J4FIUtnF17xFWMYSt528Xn6bIpQaIEmLZzM+6c7QaOzISMWKmtosuUdH0xK5F3T/4EoHVZnDEOnsHc0qvY0gfyxkxPq0TWFM2dGDzbk6EZwXLV0wiYa+sZO4JYvRPpzrjER7W4xgPgrGbJHXml9EsbXTXILV8A2ywtoOFDt9Fws8deZrQWuNwhMcp70/Uh1RMhZIyIuJ9WJZV80YSzdr2K8C7pVDPfimhTZ9fMgstMe/vQanfMIDgFA332j4X3XUuCRq/hAJ9+mzyt+RqVt+BKlhsbUmKkc34FZNGy8nAN7dLawLdJ/yFPavH6NKWuAO9GajgavBlFyRIlICDwf5zhKOKqDXLjzS+1lDRktwWQHWLQ3P5NuO9U4uLTvFu9z4PvKwqmoXc95BGHc5c8NgkQsb4EMv7T9Ln+fd2ztI6s+/VAlGbvlk9i9KQjjKJtDCMX90AFOQ9f3HlltDj6ATn3wKipwTu2APB77oZYG7SuZtEkhpTBT+ORJXktkrnZrIUMptVWsI7z+ipZa7ko4ASoRNAAAAAgAEWDUwOQAABd0wggXZMIIDwaADAgECAhAMLNdBce6CO4Xx9KDqtCYPMA0GCSqGSIb3DQEBCwUAMGkxMjAwBgNVBAoTKUNhc3NhbmRyYSBLdWJlcm5ldGVzIE9wZXJhdG9yIEJ5IERhdGFzdGF4MTMwMQYDVQQDEyp0ZXN0LWNsdXN0ZXItY2Eta2V5c3RvcmUuY2Fzcy1vcGVyYXRvci5zdmMwHhcNMjQwMjI2MTkzMzQyWhcNMjUwMjI1MTkzMzQyWjBgMTIwMAYDVQQKEylDYXNzYW5kcmEgS3ViZXJuZXRlcyBPcGVyYXRvciBCeSBEYXRhc3RheDEqMCgGA1UEAxMhdGVzdC1jbHVzdGVyLmNhc3Mtb3BlcmF0b3IuY2Fzc2RjMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAtmr114IYH9WN6qSrBjSIuP3XP2m4vxpLw4Sl7u8bV19BeidSTiWYGa73fqAQ4uYSKfHWHrOdmy0s3C3A8FM1C7O3Z22yHIVlBVeBA2zN0Gl/E7m9+/qsviT5PwolT53MoqfOIQPV7BWsSdBe2QBJQmHsCj6dfPoWWqUab16dkq9mYLzBeANvu01R3YyJrKPk/Sg4s3kPryOcrH2B6si384ZnVCkupDp+S98rOotw5pW9wzpFGX4/Z1X8uq6o0FTVdL+K9y1i+ZroUaYbRDpwTc6lTVUN5CHCjFXuyavBYy1Rb9ugSehhBOCVtZkXNzln6RGVrG9Ae77vfaZlaK2vM4rDSC9oOQ67IYAQBvjuwea5zpR4NloJ29hgStjClHrXqzt6YjKEiC/JJB7E+S+ebqVw+1yEF5XhQ0mPo4prPA5eC7XWmarNTABvDYdid/95CwN263bLSQwjAWe9IM0M7sKg/9M6ibkBR6prc7CkaFSyiKdBKUSivwpCdnmpCdaQNjpgTEKMx28iJKQuK0jZZtfN/FiaVIuCIVU/1sgQpgX5RcG6V/Op0zeduoR+AryXYnAGCVQPYlZJ4hVKGiSvf6kXGtOLOOtsWebGVgjOANpdZqu97Jb8tW9xT5Ao7SiuXoY6oa4nneB9zQoG/YcgGfuuxz+jX6uMjRP1JAifF3sCAwEAAaOBhTCBgjAOBgNVHQ8BAf8EBAMCBaAwEwYDVR0lBAwwCgYIKwYBBQUHAwEwDAYDVR0TAQH/BAIwADAfBgNVHSMEGDAWgBSooaaZVk47wdd2FUf/qySFww8kpTAsBgNVHREEJTAjgiF0ZXN0LWNsdXN0ZXIuY2Fzcy1vcGVyYXRvci5jYXNzZGMwDQYJKoZIhvcNAQELBQADggIBAF5sL8ARkf7L5VIZY0J4LInw3Ete126ljRPIF7MfuRJfzWyqrzeCNIdMKkW58OzVjJ8dhOFhf8wCZTJbrNmIvnOYo0CJgPq6Ko5Ie9o6BthSx9S8BgoFFO6F89FPOPjAMf9rUMHJef/E5uPC4WaxfTlkxzbbxuyZe2do2RtXkY5MmkQka4hqpptb4uc13ZtDqc9lP9fehB5dSplIyVbTc8JH/CSZnj9E6gSYKQSUgZAWtLPHduB+SDxLJ1Rz6iQiJrrjiy7RXgkRYzyDZGejh9lUh7F+kE9+9k9r8/8tBjbIFo91kZTcm5wxdZhhXQmIiGWaOFacaqJ+TVhR+vwWc/VRVghmzMe0Xp1tmXOqsZE6H7P8sAdpkWou82/nhlPf/nq4VPy2JtR63cmFHM03RlUDviSsdJhN/yINdxXNV8iqfvsVzzuXZ8OHF/1lV61+iMZkz6HAeh07Ojk4zLpOJzOn756BfOjilUVkWx2pDMHsObW/YhW1wckbjyIuBtqqAnSHl68AUjojyhwJoQr2erZtSKSL96T6naDJFJaSjYvxDg748hyLXx2sc1dwU3hXzoqiQyrBedviY6kqZuv4eKxFas0nBvctmiDO/fTV0sB8PXOMryHDdYQgQKnKmECOj/clALF+r48a3i89vLN6VcsC2QHgrPQZauZqi87ArHVkAARYNTA5AAAF+zCCBfcwggPfoAMCAQICEF9fv5nBHzCQQ8kVfLHlFgIwDQYJKoZIhvcNAQELBQAwaTEyMDAGA1UEChMpQ2Fzc2FuZHJhIEt1YmVybmV0ZXMgT3BlcmF0b3IgQnkgRGF0YXN0YXgxMzAxBgNVBAMTKnRlc3QtY2x1c3Rlci1jYS1rZXlzdG9yZS5jYXNzLW9wZXJhdG9yLnN2YzAeFw0yNDAyMjYxOTMzMzBaFw0yNTAyMjUxOTMzMzBaMGkxMjAwBgNVBAoTKUNhc3NhbmRyYSBLdWJlcm5ldGVzIE9wZXJhdG9yIEJ5IERhdGFzdGF4MTMwMQYDVQQDEyp0ZXN0LWNsdXN0ZXItY2Eta2V5c3RvcmUuY2Fzcy1vcGVyYXRvci5zdmMwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQD48qS/ml/a0OoI6lpHbGLm0fKFZN1XC+K2+MztAbbVNMomtJgfogWMdEo3NmAXk6T+o9id0x25rVPPhYekPRpqdHoCYhJUjcs1WXC2kXgovtj/a2K1oKs/S/EMywdoTgYUN05/4i+H5IlNJT/r3iPx7rZs2F0IXtIFnTLYqea1ZjscLqTed3YbqTgFuHDgdOXARIptt5phtoOSiD2dUKINhcrTli4HFS1+UMkVMJElpjw82hQP3OAR86RdMuAfRn/6Y5FLwGBdrg+uAmS/3cZOfvvQ5R+5Q/A3+SH95Z3urHMZSi3rOG9Wnr4A9siTUhEJxQXczxoeo15h5KWlkGzGPFs23Ptx1lCH2L6vWDEF02ZJ/QPpRfH05znmOYG6ZmMv9GWvXtU/mHT+WdnSPZz4upFnIoiJE/Wzi+P3LxWBWajKKm5qIl1tF+Z7O3Wo3raOt0U/0g6LNBTaqcFcpXLBHrEDN5zwFoD9h+C+XDmLdDgwGPx00OIF/eNks3kvftKbRgnce6cs5+DeuV7WW03/zap9GVsMuWgHto9jwNf11FCe1SOV/VWx+9W5ErZjMAcEpIo5Hi3iMLOB3t+jMJuWUEj6J3eBjEIu0b4cNVYrtI61vkft1c72Galv7nFIWPCv70IeI1o7SAxPK8sTsXtVHqk4StoVUAv+1e6rigV15QIDAQABo4GaMIGXMA4GA1UdDwEB/wQEAwICpDATBgNVHSUEDDAKBggrBgEFBQcDATAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBSooaaZVk47wdd2FUf/qySFww8kpTBABgNVHREEOTA3gjVjYXNzYW5kcmFkYXRhY2VudGVyLXdlYmhvb2stc2VydmljZS5jYXNzLW9wZXJhdG9yLnN2YzANBgkqhkiG9w0BAQsFAAOCAgEAeZqyQQiVtWMx0n3u4eDh726iVYiHBA34Xc+N/uLUYXktfrei6e/CwE+xMbFc23u3XvqiYEFWhvEcF00tJhpqMK6m9cUbyDOp2LzT+Tbqy+zvfPIMEKWRaycMxn7Z6kLq0wERj0xbSJJuoEiTVx9ha/mpjvAj0075Lx9kbdVTB27JyPPzdEw7CrOKIWGEH1D6fhf4U+hD6UlETDhmtM7GmFeaGZ71Z8Uj5/NBwYVwTQTgNA4e2cKlwogJtS+ucwfByHvXx8U0TBXO3J1Tqpwgw0q37t8kb4+h3Bqo1/PfXvUg5JVukabqb0YSXmVt2vV6B+aDM2HH3UChZk8IRq9/UzAn3U2zRMhkJhLSYqi3oHXQWBrg5tSjsrOHE7mpoaF6PDaEDf6faFcwgalWrL9XxEdNX1/g6Dd5VlFS/V2pas79SmXfMHCQfVSS9nH1oO/wyPGXEpPyJcxHp4JQee/CoOb0woHAjKWG485CRl21g+PWf42dqcadEbSiziFtHHcxE8cCKYi9L33sid0YvCiorGbJAZr5qIP/hksmgnjbBTFPYM4kcV373c3fT9HQvRX0ooJv7kNhR0lmlQEsGeDCoO86M7Ax6wB2T3cH3pZsgeHJ7TmmFCEO2DA7ONWwlPggcDyzXOeGPYAvh23wXoTN2bfF3+AokO/9citKbbYi2kEAAAACAAJjYQAAAY3m6K0AAARYNTA5AAAF+zCCBfcwggPfoAMCAQICEF9fv5nBHzCQQ8kVfLHlFgIwDQYJKoZIhvcNAQELBQAwaTEyMDAGA1UEChMpQ2Fzc2FuZHJhIEt1YmVybmV0ZXMgT3BlcmF0b3IgQnkgRGF0YXN0YXgxMzAxBgNVBAMTKnRlc3QtY2x1c3Rlci1jYS1rZXlzdG9yZS5jYXNzLW9wZXJhdG9yLnN2YzAeFw0yNDAyMjYxOTMzMzBaFw0yNTAyMjUxOTMzMzBaMGkxMjAwBgNVBAoTKUNhc3NhbmRyYSBLdWJlcm5ldGVzIE9wZXJhdG9yIEJ5IERhdGFzdGF4MTMwMQYDVQQDEyp0ZXN0LWNsdXN0ZXItY2Eta2V5c3RvcmUuY2Fzcy1vcGVyYXRvci5zdmMwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQD48qS/ml/a0OoI6lpHbGLm0fKFZN1XC+K2+MztAbbVNMomtJgfogWMdEo3NmAXk6T+o9id0x25rVPPhYekPRpqdHoCYhJUjcs1WXC2kXgovtj/a2K1oKs/S/EMywdoTgYUN05/4i+H5IlNJT/r3iPx7rZs2F0IXtIFnTLYqea1ZjscLqTed3YbqTgFuHDgdOXARIptt5phtoOSiD2dUKINhcrTli4HFS1+UMkVMJElpjw82hQP3OAR86RdMuAfRn/6Y5FLwGBdrg+uAmS/3cZOfvvQ5R+5Q/A3+SH95Z3urHMZSi3rOG9Wnr4A9siTUhEJxQXczxoeo15h5KWlkGzGPFs23Ptx1lCH2L6vWDEF02ZJ/QPpRfH05znmOYG6ZmMv9GWvXtU/mHT+WdnSPZz4upFnIoiJE/Wzi+P3LxWBWajKKm5qIl1tF+Z7O3Wo3raOt0U/0g6LNBTaqcFcpXLBHrEDN5zwFoD9h+C+XDmLdDgwGPx00OIF/eNks3kvftKbRgnce6cs5+DeuV7WW03/zap9GVsMuWgHto9jwNf11FCe1SOV/VWx+9W5ErZjMAcEpIo5Hi3iMLOB3t+jMJuWUEj6J3eBjEIu0b4cNVYrtI61vkft1c72Galv7nFIWPCv70IeI1o7SAxPK8sTsXtVHqk4StoVUAv+1e6rigV15QIDAQABo4GaMIGXMA4GA1UdDwEB/wQEAwICpDATBgNVHSUEDDAKBggrBgEFBQcDATAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBSooaaZVk47wdd2FUf/qySFww8kpTBABgNVHREEOTA3gjVjYXNzYW5kcmFkYXRhY2VudGVyLXdlYmhvb2stc2VydmljZS5jYXNzLW9wZXJhdG9yLnN2YzANBgkqhkiG9w0BAQsFAAOCAgEAeZqyQQiVtWMx0n3u4eDh726iVYiHBA34Xc+N/uLUYXktfrei6e/CwE+xMbFc23u3XvqiYEFWhvEcF00tJhpqMK6m9cUbyDOp2LzT+Tbqy+zvfPIMEKWRaycMxn7Z6kLq0wERj0xbSJJuoEiTVx9ha/mpjvAj0075Lx9kbdVTB27JyPPzdEw7CrOKIWGEH1D6fhf4U+hD6UlETDhmtM7GmFeaGZ71Z8Uj5/NBwYVwTQTgNA4e2cKlwogJtS+ucwfByHvXx8U0TBXO3J1Tqpwgw0q37t8kb4+h3Bqo1/PfXvUg5JVukabqb0YSXmVt2vV6B+aDM2HH3UChZk8IRq9/UzAn3U2zRMhkJhLSYqi3oHXQWBrg5tSjsrOHE7mpoaF6PDaEDf6faFcwgalWrL9XxEdNX1/g6Dd5VlFS/V2pas79SmXfMHCQfVSS9nH1oO/wyPGXEpPyJcxHp4JQee/CoOb0woHAjKWG485CRl21g+PWf42dqcadEbSiziFtHHcxE8cCKYi9L33sid0YvCiorGbJAZr5qIP/hksmgnjbBTFPYM4kcV373c3fT9HQvRX0ooJv7kNhR0lmlQEsGeDCoO86M7Ax6wB2T3cH3pZsgeHJ7TmmFCEO2DA7ONWwlPggcDyzXOeGPYAvh23wXoTN2bfF3+AokO/9citKbbYi2kERsiTgKA05ZI/7bOerd7z0t94fLg==" + }, + "immutable": null, + "kind": null, + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:44+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:data": { + ".": {}, + "f:node-keystore.jks": {} + }, + "f:type": {} + }, + "manager": "manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:44+00:00" + } + ], + "name": "test-cluster-keystore", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1365", + "self_link": null, + "uid": "709ecc89-6979-4106-9453-c2705d2de5f3" + }, + "string_data": null, + "type": "Opaque" + }, + "webhook-server-cert": { + "api_version": null, + "data": { + "ca.crt": "-----BEGIN CERTIFICATE-----\nMIIDKzCCAhOgAwIBAgIRAOO104KqbTj3LO7fzPyTnd4wDQYJKoZIhvcNAQELBQAw\nADAeFw0yNDAyMjYxOTMyNDlaFw0yNDA1MjYxOTMyNDlaMAAwggEiMA0GCSqGSIb3\nDQEBAQUAA4IBDwAwggEKAoIBAQDU6NBYegOBz49CnCtwkfFrsg/xqOLtVvpKgiLT\np7coBseJydpxoepKDaNKqjcl9dzq9ckpRrNFjwqYbOo5qB/z84npvoqEZzdEFRCy\n17+liPLqzW7S6Hpy7Gciq6ytkl/UwZ2MN244alGyN4Jv/2yJ+9X5N7R2f2V2Iyg2\nz9XIjmQxJOoc28KbC9y4TXHNz1Yxpg+d1W+RhIvtSbWm6Fj9brpF854kPjSIsLI5\n11DmLO6aLXcmiiKd+wbuvv2fubus333sqQbKaIeHNPZpCoPfp54lgOcG8eN+sNpf\n9rcgJzND8ZJ0Q75EFSkdLZ71wZLchYxGiRhIEThKaAkJHs8DAgMBAAGjgZ8wgZww\nDgYDVR0PAQH/BAQDAgWgMAwGA1UdEwEB/wQCMAAwfAYDVR0RAQH/BHIwcIIvY2Fz\ncy1vcGVyYXRvci13ZWJob29rLXNlcnZpY2UuY2Fzcy1vcGVyYXRvci5zdmOCPWNh\nc3Mtb3BlcmF0b3Itd2ViaG9vay1zZXJ2aWNlLmNhc3Mtb3BlcmF0b3Iuc3ZjLmNs\ndXN0ZXIubG9jYWwwDQYJKoZIhvcNAQELBQADggEBAHfVgQEXhr9+w2lxRydmNqBu\nbOEhAB87lzlO3blIUUpQW6htBUV/Iu/eCysoSF/hTV5iI4hIvCWCwClPZ0FMEi9b\n+u1qqo589DqS0EjJZ617ODY9lidjUXUjTt/mXd9R+IvwkjKEcvQkolPARNzy/EtM\n7gdTZTXghmu58q3kWeebV86lfSivhpqY6RzqZbe/w1S100Uv68tdeEeb31YXf2fU\nUBZ3ddIiKcl7YGMIN/712ujhiKuCh0K7WnSH3Z9yVYW8ce8RLRuMqAywvzY2GYy6\ndTzvQwrosLw3jrObz1Y8E+5FkRGyRwvY3N52Vlr7H8QVrRsAMLcD4H4U0P/kvmQ=\n-----END CERTIFICATE-----\n", + "tls.crt": "-----BEGIN CERTIFICATE-----\nMIIDKzCCAhOgAwIBAgIRAOO104KqbTj3LO7fzPyTnd4wDQYJKoZIhvcNAQELBQAw\nADAeFw0yNDAyMjYxOTMyNDlaFw0yNDA1MjYxOTMyNDlaMAAwggEiMA0GCSqGSIb3\nDQEBAQUAA4IBDwAwggEKAoIBAQDU6NBYegOBz49CnCtwkfFrsg/xqOLtVvpKgiLT\np7coBseJydpxoepKDaNKqjcl9dzq9ckpRrNFjwqYbOo5qB/z84npvoqEZzdEFRCy\n17+liPLqzW7S6Hpy7Gciq6ytkl/UwZ2MN244alGyN4Jv/2yJ+9X5N7R2f2V2Iyg2\nz9XIjmQxJOoc28KbC9y4TXHNz1Yxpg+d1W+RhIvtSbWm6Fj9brpF854kPjSIsLI5\n11DmLO6aLXcmiiKd+wbuvv2fubus333sqQbKaIeHNPZpCoPfp54lgOcG8eN+sNpf\n9rcgJzND8ZJ0Q75EFSkdLZ71wZLchYxGiRhIEThKaAkJHs8DAgMBAAGjgZ8wgZww\nDgYDVR0PAQH/BAQDAgWgMAwGA1UdEwEB/wQCMAAwfAYDVR0RAQH/BHIwcIIvY2Fz\ncy1vcGVyYXRvci13ZWJob29rLXNlcnZpY2UuY2Fzcy1vcGVyYXRvci5zdmOCPWNh\nc3Mtb3BlcmF0b3Itd2ViaG9vay1zZXJ2aWNlLmNhc3Mtb3BlcmF0b3Iuc3ZjLmNs\ndXN0ZXIubG9jYWwwDQYJKoZIhvcNAQELBQADggEBAHfVgQEXhr9+w2lxRydmNqBu\nbOEhAB87lzlO3blIUUpQW6htBUV/Iu/eCysoSF/hTV5iI4hIvCWCwClPZ0FMEi9b\n+u1qqo589DqS0EjJZ617ODY9lidjUXUjTt/mXd9R+IvwkjKEcvQkolPARNzy/EtM\n7gdTZTXghmu58q3kWeebV86lfSivhpqY6RzqZbe/w1S100Uv68tdeEeb31YXf2fU\nUBZ3ddIiKcl7YGMIN/712ujhiKuCh0K7WnSH3Z9yVYW8ce8RLRuMqAywvzY2GYy6\ndTzvQwrosLw3jrObz1Y8E+5FkRGyRwvY3N52Vlr7H8QVrRsAMLcD4H4U0P/kvmQ=\n-----END CERTIFICATE-----\n", + "tls.key": "-----BEGIN RSA PRIVATE KEY-----\nMIIEowIBAAKCAQEA1OjQWHoDgc+PQpwrcJHxa7IP8aji7Vb6SoIi06e3KAbHicna\ncaHqSg2jSqo3JfXc6vXJKUazRY8KmGzqOagf8/OJ6b6KhGc3RBUQste/pYjy6s1u\n0uh6cuxnIqusrZJf1MGdjDduOGpRsjeCb/9sifvV+Te0dn9ldiMoNs/VyI5kMSTq\nHNvCmwvcuE1xzc9WMaYPndVvkYSL7Um1puhY/W66RfOeJD40iLCyOddQ5izumi13\nJooinfsG7r79n7m7rN997KkGymiHhzT2aQqD36eeJYDnBvHjfrDaX/a3ICczQ/GS\ndEO+RBUpHS2e9cGS3IWMRokYSBE4SmgJCR7PAwIDAQABAoIBAEW0MwHEcIF/Qpe8\nKTyhiziHA1FKyYCKiUb7dAt3TS99iLZDr5CkQeActukq8QMsizchYMpyqx6Kxh1B\nCy31LQDhKrWr/A18/Ur82oqyt7uqKl1VBINoOS6G1v0y10W8NkOhX8MYIq21oSmH\notyn8xD5sgP1iM+CxeT3faL0SDlwS8ZhgyDeU0YzW8BsXwID8HQHjL/O2U+kst2d\nhdieDLl/6wuoqrq6rw33aSrfE2VWNWculaZ7MMq0DAOkoih4SAhSXjUc0bDXxXS8\nDZC0pGHJXeb62yr420qoq0XJbzLDFA2VOMLd9AEh977MxHSaCTRZA65vY6EicZQA\napYc0wECgYEA4VlZ8AJvA8V6tnz9RpnGzIj/scEDUu0JspM8w614dKvd1bH3ySsA\nbvWVKFfMFZhJ98FvniX2oVLuohYguJYjeO6w3CG8qEmka6PxUBwWVUQXrFcqGvM2\n/MnY8n0Cx6O3MwAtvxLq4hQrtoawmhbPHjc4q8TfiwkLeYBjV/yRftkCgYEA8d5Q\n4H5wtHi1lqDGudOXr1zEI1vSxEXQ6oFfLsyHTyJDJDOIpEDD2/92g45Ujw7GM2TQ\n+cbp5aMwAzQNfxs3YFNX+trT2jxPZHjp5ejlCkJwEUz+Yj9mENqYQ7qdx3ElqKH1\nxDPVDjbnbsK5Tik54Rj1665L/Cd4EDo+viS1SzsCgYAkFWifU+Ru2CpEGlN8AJei\nnLVEw0FDAA2zeHwcYSSOmg6Vbz/cCHSzT8OoiBZ3xsDhWSoEStPpFRx8+8oVhIT9\nkkrjlMterxwS2FeFmlnBIXwg7nwhgJxncfK5MWdGjGKDWh35IJBXzx8IxRx2L/zO\nO81pQ8b/vl0GAZbmudyaUQKBgQCinveB+YGN1htBy5fSGZJDNfwqSfLMRKTTB2kX\n7iyL6F18WanlxiXqJTlp+qigBy78Hyziw/s/ixkdDkKE06fH/EGLSNZoRWScCTA6\nhPx6iXEQMNRY+oeFjXQTFcY/8rN/TmYQJUl65S92KTaudsmTr1SpwecVAvSW9JJ7\nBfNfQQKBgBlQtuzoL63QXunf2MS9+gLbWejrJpD1gtFcx220aYmo4I5iWylQWuIz\nZPUEbqzhO1bSclQUvkMnNDRZas2w1HGbIhbeqhVKAN+vk4xo/kqStdAkLoyByMVv\nGAUehndHgd6d72Sg/PT4prhWAtVrpriQ6i0pP6l6GY7bmX+CO9R6\n-----END RSA PRIVATE KEY-----\n" + }, + "immutable": null, + "kind": null, + "metadata": { + "annotations": { + "cert-manager.io/alt-names": "cass-operator-webhook-service.cass-operator.svc,cass-operator-webhook-service.cass-operator.svc.cluster.local", + "cert-manager.io/certificate-name": "cass-operator-serving-cert", + "cert-manager.io/common-name": "", + "cert-manager.io/ip-sans": "", + "cert-manager.io/issuer-group": "", + "cert-manager.io/issuer-kind": "Issuer", + "cert-manager.io/issuer-name": "cass-operator-selfsigned-issuer", + "cert-manager.io/uri-sans": "" + }, + "creation_timestamp": "2024-02-26T19:32:49+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:data": { + "f:ca.crt": {}, + "f:tls.crt": {}, + "f:tls.key": {} + }, + "f:metadata": { + "f:annotations": { + "f:cert-manager.io/alt-names": {}, + "f:cert-manager.io/certificate-name": {}, + "f:cert-manager.io/common-name": {}, + "f:cert-manager.io/ip-sans": {}, + "f:cert-manager.io/issuer-group": {}, + "f:cert-manager.io/issuer-kind": {}, + "f:cert-manager.io/issuer-name": {}, + "f:cert-manager.io/uri-sans": {} + } + }, + "f:type": {} + }, + "manager": "controller", + "operation": "Apply", + "subresource": null, + "time": "2024-02-26T19:32:49+00:00" + } + ], + "name": "webhook-server-cert", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1001", + "self_link": null, + "uid": "095a3203-e6c8-49d3-bfc0-05dfd4d04e3c" + }, + "string_data": null, + "type": "kubernetes.io/tls" + } + }, + "endpoints": { + "cass-operator-webhook-service": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:32:48+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:subsets": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:09+00:00" + } + ], + "name": "cass-operator-webhook-service", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1121", + "self_link": null, + "uid": "e405ae61-fa76-478c-9ccf-bf8396a4c870" + }, + "subsets": [ + { + "addresses": [ + { + "hostname": null, + "ip": "10.244.3.3", + "node_name": "acto-0-cluster-0-worker3", + "target_ref": { + "api_version": null, + "field_path": null, + "kind": "Pod", + "name": "cass-operator-controller-manager-7f9b66678b-z6j64", + "namespace": "cass-operator", + "resource_version": "1110", + "uid": "cb769fc5-2138-4ed6-a67a-6809b9982242" + } + } + ], + "not_ready_addresses": null, + "ports": [ + { + "app_protocol": null, + "name": null, + "port": 9443, + "protocol": "TCP" + } + ] + } + ] + }, + "cluster1-seed-service": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": { + "endpoints.kubernetes.io/last-change-trigger-time": "2024-02-26T19:36:14Z" + }, + "creation_timestamp": "2024-02-26T19:33:30+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": { + "app.kubernetes.io/instance": "cassandra-cluster1", + "app.kubernetes.io/managed-by": "cass-operator", + "app.kubernetes.io/name": "cassandra", + "app.kubernetes.io/version": "3.11.7", + "cassandra.datastax.com/cluster": "cluster1", + "service.kubernetes.io/headless": "" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + ".": {}, + "f:endpoints.kubernetes.io/last-change-trigger-time": {} + }, + "f:labels": { + ".": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {}, + "f:app.kubernetes.io/version": {}, + "f:cassandra.datastax.com/cluster": {}, + "f:service.kubernetes.io/headless": {} + } + }, + "f:subsets": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:34:03+00:00" + } + ], + "name": "cluster1-seed-service", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1974", + "self_link": null, + "uid": "7cc8c8ac-fd3e-4931-a465-36e3fd454685" + }, + "subsets": [ + { + "addresses": [ + { + "hostname": null, + "ip": "10.244.1.4", + "node_name": "acto-0-cluster-0-worker2", + "target_ref": { + "api_version": null, + "field_path": null, + "kind": "Pod", + "name": "cluster1-test-cluster-default-sts-0", + "namespace": "cass-operator", + "resource_version": "1581", + "uid": "e5322c75-6c05-4e97-90b8-c11bb1c04973" + } + }, + { + "hostname": null, + "ip": "10.244.2.5", + "node_name": "acto-0-cluster-0-worker", + "target_ref": { + "api_version": null, + "field_path": null, + "kind": "Pod", + "name": "cluster1-test-cluster-default-sts-1", + "namespace": "cass-operator", + "resource_version": "1972", + "uid": "142b87e9-242a-4cad-aa89-7164a010c1b0" + } + }, + { + "hostname": null, + "ip": "10.244.3.5", + "node_name": "acto-0-cluster-0-worker3", + "target_ref": { + "api_version": null, + "field_path": null, + "kind": "Pod", + "name": "cluster1-test-cluster-default-sts-2", + "namespace": "cass-operator", + "resource_version": "1793", + "uid": "939bdbbf-0ce4-4888-b71e-12983ba5c9aa" + } + } + ], + "not_ready_addresses": null, + "ports": null + } + ] + }, + "cluster1-test-cluster-all-pods-service": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": { + "endpoints.kubernetes.io/last-change-trigger-time": "2024-02-26T19:36:14Z" + }, + "creation_timestamp": "2024-02-26T19:33:30+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": { + "app.kubernetes.io/instance": "cassandra-cluster1", + "app.kubernetes.io/managed-by": "cass-operator", + "app.kubernetes.io/name": "cassandra", + "app.kubernetes.io/version": "3.11.7", + "cassandra.datastax.com/cluster": "cluster1", + "cassandra.datastax.com/datacenter": "test-cluster", + "cassandra.datastax.com/prom-metrics": "true", + "service.kubernetes.io/headless": "" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + ".": {}, + "f:endpoints.kubernetes.io/last-change-trigger-time": {} + }, + "f:labels": { + ".": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {}, + "f:app.kubernetes.io/version": {}, + "f:cassandra.datastax.com/cluster": {}, + "f:cassandra.datastax.com/datacenter": {}, + "f:cassandra.datastax.com/prom-metrics": {}, + "f:service.kubernetes.io/headless": {} + } + }, + "f:subsets": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:34:23+00:00" + } + ], + "name": "cluster1-test-cluster-all-pods-service", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1968", + "self_link": null, + "uid": "187bdfe8-5ecd-47db-a200-44d84b6ba723" + }, + "subsets": [ + { + "addresses": [ + { + "hostname": "cluster1-test-cluster-default-sts-0", + "ip": "10.244.1.4", + "node_name": "acto-0-cluster-0-worker2", + "target_ref": { + "api_version": null, + "field_path": null, + "kind": "Pod", + "name": "cluster1-test-cluster-default-sts-0", + "namespace": "cass-operator", + "resource_version": "1581", + "uid": "e5322c75-6c05-4e97-90b8-c11bb1c04973" + } + }, + { + "hostname": "cluster1-test-cluster-default-sts-1", + "ip": "10.244.2.5", + "node_name": "acto-0-cluster-0-worker", + "target_ref": { + "api_version": null, + "field_path": null, + "kind": "Pod", + "name": "cluster1-test-cluster-default-sts-1", + "namespace": "cass-operator", + "resource_version": "1965", + "uid": "142b87e9-242a-4cad-aa89-7164a010c1b0" + } + }, + { + "hostname": "cluster1-test-cluster-default-sts-2", + "ip": "10.244.3.5", + "node_name": "acto-0-cluster-0-worker3", + "target_ref": { + "api_version": null, + "field_path": null, + "kind": "Pod", + "name": "cluster1-test-cluster-default-sts-2", + "namespace": "cass-operator", + "resource_version": "1793", + "uid": "939bdbbf-0ce4-4888-b71e-12983ba5c9aa" + } + } + ], + "not_ready_addresses": null, + "ports": [ + { + "app_protocol": null, + "name": "native", + "port": 9042, + "protocol": "TCP" + }, + { + "app_protocol": null, + "name": "mgmt-api", + "port": 8080, + "protocol": "TCP" + }, + { + "app_protocol": null, + "name": "prometheus", + "port": 9103, + "protocol": "TCP" + } + ] + } + ] + }, + "cluster1-test-cluster-service": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": { + "endpoints.kubernetes.io/last-change-trigger-time": "2024-02-26T19:36:14Z" + }, + "creation_timestamp": "2024-02-26T19:33:30+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": { + "app.kubernetes.io/instance": "cassandra-cluster1", + "app.kubernetes.io/managed-by": "cass-operator", + "app.kubernetes.io/name": "cassandra", + "app.kubernetes.io/version": "3.11.7", + "cassandra.datastax.com/cluster": "cluster1", + "cassandra.datastax.com/datacenter": "test-cluster", + "service.kubernetes.io/headless": "" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + ".": {}, + "f:endpoints.kubernetes.io/last-change-trigger-time": {} + }, + "f:labels": { + ".": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {}, + "f:app.kubernetes.io/version": {}, + "f:cassandra.datastax.com/cluster": {}, + "f:cassandra.datastax.com/datacenter": {}, + "f:service.kubernetes.io/headless": {} + } + }, + "f:subsets": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:34:23+00:00" + } + ], + "name": "cluster1-test-cluster-service", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1966", + "self_link": null, + "uid": "279f15dd-d046-4501-a5a5-365b12a8c9a8" + }, + "subsets": [ + { + "addresses": [ + { + "hostname": null, + "ip": "10.244.1.4", + "node_name": "acto-0-cluster-0-worker2", + "target_ref": { + "api_version": null, + "field_path": null, + "kind": "Pod", + "name": "cluster1-test-cluster-default-sts-0", + "namespace": "cass-operator", + "resource_version": "1581", + "uid": "e5322c75-6c05-4e97-90b8-c11bb1c04973" + } + }, + { + "hostname": null, + "ip": "10.244.2.5", + "node_name": "acto-0-cluster-0-worker", + "target_ref": { + "api_version": null, + "field_path": null, + "kind": "Pod", + "name": "cluster1-test-cluster-default-sts-1", + "namespace": "cass-operator", + "resource_version": "1965", + "uid": "142b87e9-242a-4cad-aa89-7164a010c1b0" + } + }, + { + "hostname": null, + "ip": "10.244.3.5", + "node_name": "acto-0-cluster-0-worker3", + "target_ref": { + "api_version": null, + "field_path": null, + "kind": "Pod", + "name": "cluster1-test-cluster-default-sts-2", + "namespace": "cass-operator", + "resource_version": "1793", + "uid": "939bdbbf-0ce4-4888-b71e-12983ba5c9aa" + } + } + ], + "not_ready_addresses": null, + "ports": [ + { + "app_protocol": null, + "name": "tls-native", + "port": 9142, + "protocol": "TCP" + }, + { + "app_protocol": null, + "name": "native", + "port": 9042, + "protocol": "TCP" + }, + { + "app_protocol": null, + "name": "mgmt-api", + "port": 8080, + "protocol": "TCP" + }, + { + "app_protocol": null, + "name": "prometheus", + "port": 9103, + "protocol": "TCP" + }, + { + "app_protocol": null, + "name": "thrift", + "port": 9160, + "protocol": "TCP" + } + ] + } + ] + } + }, + "service_account": { + "cass-operator-controller-manager": { + "api_version": null, + "automount_service_account_token": null, + "image_pull_secrets": null, + "kind": null, + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:32:48+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": null, + "name": "cass-operator-controller-manager", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "956", + "self_link": null, + "uid": "5628ec65-235f-4db8-9828-ab8049e0af92" + }, + "secrets": [ + { + "api_version": null, + "field_path": null, + "kind": null, + "name": "cass-operator-controller-manager-token-78j4l", + "namespace": null, + "resource_version": null, + "uid": null + } + ] + }, + "default": { + "api_version": null, + "automount_service_account_token": null, + "image_pull_secrets": null, + "kind": null, + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:32:27+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": null, + "name": "default", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "738", + "self_link": null, + "uid": "b3fde095-7847-4277-9d68-1b6c28fa3d71" + }, + "secrets": [ + { + "api_version": null, + "field_path": null, + "kind": null, + "name": "default-token-85zgl", + "namespace": null, + "resource_version": null, + "uid": null + } + ] + } + }, + "job": {}, + "role": { + "cass-operator-leader-election-role": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:32:48+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "rbac.authorization.k8s.io/v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:rules": {} + }, + "manager": "kubectl", + "operation": "Apply", + "subresource": null, + "time": "2024-02-26T19:32:48+00:00" + } + ], + "name": "cass-operator-leader-election-role", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "952", + "self_link": null, + "uid": "8885366c-484d-40df-8586-c27476d9a5f3" + }, + "rules": [ + { + "api_groups": [ + "", + "coordination.k8s.io" + ], + "non_resource_ur_ls": null, + "resource_names": null, + "resources": [ + "configmaps", + "leases" + ], + "verbs": [ + "get", + "list", + "watch", + "create", + "update", + "patch", + "delete" + ] + }, + { + "api_groups": [ + "" + ], + "non_resource_ur_ls": null, + "resource_names": null, + "resources": [ + "events" + ], + "verbs": [ + "create", + "patch" + ] + } + ] + } + }, + "role_binding": { + "cass-operator-leader-election-rolebinding": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:32:48+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "rbac.authorization.k8s.io/v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:roleRef": {}, + "f:subjects": {} + }, + "manager": "kubectl", + "operation": "Apply", + "subresource": null, + "time": "2024-02-26T19:32:48+00:00" + } + ], + "name": "cass-operator-leader-election-rolebinding", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "957", + "self_link": null, + "uid": "86e9c8c8-1f9e-4033-897c-e2133a6aee61" + }, + "role_ref": { + "api_group": "rbac.authorization.k8s.io", + "kind": "Role", + "name": "cass-operator-leader-election-role" + }, + "subjects": [ + { + "api_group": null, + "kind": "ServiceAccount", + "name": "cass-operator-controller-manager", + "namespace": "cass-operator" + } + ] + } + }, + "custom_resource_spec": { + "additionalServiceConfig": { + "additionalSeedService": {}, + "allpodsService": {}, + "dcService": {}, + "nodePortService": {}, + "seedService": {} + }, + "clusterName": "cluster1", + "config": { + "cassandra-yaml": { + "authenticator": "org.apache.cassandra.auth.PasswordAuthenticator", + "authorizer": "org.apache.cassandra.auth.CassandraAuthorizer", + "role_manager": "org.apache.cassandra.auth.CassandraRoleManager" + }, + "jvm-options": { + "initial_heap_size": "800M", + "max_heap_size": "800M" + } + }, + "configBuilderResources": {}, + "managementApiAuth": { + "insecure": {} + }, + "resources": {}, + "serverType": "cassandra", + "serverVersion": "3.11.7", + "size": 3, + "storageConfig": { + "cassandraDataVolumeClaimSpec": { + "accessModes": [ + "ReadWriteOnce" + ], + "resources": { + "requests": { + "storage": "3Gi" + } + }, + "storageClassName": "server-storage" + } + }, + "systemLoggerResources": {} + }, + "custom_resource_status": { + "cassandraOperatorProgress": "Ready", + "conditions": [ + { + "lastTransitionTime": "2024-02-26T19:36:14Z", + "message": "", + "reason": "", + "status": "False", + "type": "Stopped" + }, + { + "lastTransitionTime": "2024-02-26T19:36:14Z", + "message": "", + "reason": "", + "status": "False", + "type": "ReplacingNodes" + }, + { + "lastTransitionTime": "2024-02-26T19:36:14Z", + "message": "", + "reason": "", + "status": "False", + "type": "Updating" + }, + { + "lastTransitionTime": "2024-02-26T19:36:14Z", + "message": "", + "reason": "", + "status": "False", + "type": "RollingRestart" + }, + { + "lastTransitionTime": "2024-02-26T19:36:14Z", + "message": "", + "reason": "", + "status": "False", + "type": "Resuming" + }, + { + "lastTransitionTime": "2024-02-26T19:36:14Z", + "message": "", + "reason": "", + "status": "False", + "type": "ScalingDown" + }, + { + "lastTransitionTime": "2024-02-26T19:36:14Z", + "message": "", + "reason": "", + "status": "True", + "type": "Valid" + }, + { + "lastTransitionTime": "2024-02-26T19:36:14Z", + "message": "", + "reason": "", + "status": "True", + "type": "Initialized" + }, + { + "lastTransitionTime": "2024-02-26T19:36:14Z", + "message": "", + "reason": "", + "status": "True", + "type": "Ready" + } + ], + "lastServerNodeStarted": "2024-02-26T19:35:24Z", + "nodeStatuses": { + "cluster1-test-cluster-default-sts-0": { + "hostID": "0279ff8f-464f-44ab-87ec-5e61a4ebab0e" + }, + "cluster1-test-cluster-default-sts-1": { + "hostID": "767e4881-4f9f-4375-a503-8f1496778265" + }, + "cluster1-test-cluster-default-sts-2": { + "hostID": "6488f37a-d640-490b-b66a-3afa7d021101" + } + }, + "observedGeneration": 2, + "quietPeriod": "2024-02-26T19:36:19Z", + "superUserUpserted": "2024-02-26T19:36:14Z", + "usersUpserted": "2024-02-26T19:36:14Z" + } +} diff --git a/docs/alarm_examples/true_alarm/system-state-001.json b/docs/alarm_examples/true_alarm/system-state-001.json new file mode 100644 index 0000000000..c82591ad33 --- /dev/null +++ b/docs/alarm_examples/true_alarm/system-state-001.json @@ -0,0 +1,8503 @@ +{ + "pod": { + "cluster1-test-cluster-default-sts-0": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:30+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": "cluster1-test-cluster-default-sts-", + "generation": null, + "labels": { + "app.kubernetes.io/instance": "cassandra-cluster1", + "app.kubernetes.io/managed-by": "cass-operator", + "app.kubernetes.io/name": "cassandra", + "app.kubernetes.io/version": "3.11.7", + "cassandra.datastax.com/cluster": "cluster1", + "cassandra.datastax.com/datacenter": "test-cluster", + "cassandra.datastax.com/node-state": "Started", + "cassandra.datastax.com/rack": "default", + "cassandra.datastax.com/seed-node": "true", + "controller-revision-hash": "cluster1-test-cluster-default-sts-5d8d5c84f4", + "statefulset.kubernetes.io/pod-name": "cluster1-test-cluster-default-sts-0" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:generateName": {}, + "f:labels": { + ".": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {}, + "f:app.kubernetes.io/version": {}, + "f:cassandra.datastax.com/cluster": {}, + "f:cassandra.datastax.com/datacenter": {}, + "f:cassandra.datastax.com/rack": {}, + "f:controller-revision-hash": {}, + "f:statefulset.kubernetes.io/pod-name": {} + }, + "f:ownerReferences": { + ".": {}, + "k:{\"uid\":\"f34321ea-cb8c-422e-8e25-043ede05be43\"}": {} + } + }, + "f:spec": { + "f:affinity": { + ".": {}, + "f:podAntiAffinity": { + ".": {}, + "f:requiredDuringSchedulingIgnoredDuringExecution": {} + } + }, + "f:containers": { + "k:{\"name\":\"cassandra\"}": { + ".": {}, + "f:env": { + ".": {}, + "k:{\"name\":\"DSE_AUTO_CONF_OFF\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"DSE_MGMT_EXPLICIT_START\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"DS_LICENSE\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"MGMT_API_EXPLICIT_START\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"USE_MGMT_API\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + } + }, + "f:image": {}, + "f:imagePullPolicy": {}, + "f:lifecycle": { + ".": {}, + "f:preStop": { + ".": {}, + "f:exec": { + ".": {}, + "f:command": {} + } + } + }, + "f:livenessProbe": { + ".": {}, + "f:failureThreshold": {}, + "f:httpGet": { + ".": {}, + "f:path": {}, + "f:port": {}, + "f:scheme": {} + }, + "f:initialDelaySeconds": {}, + "f:periodSeconds": {}, + "f:successThreshold": {}, + "f:timeoutSeconds": {} + }, + "f:name": {}, + "f:ports": { + ".": {}, + "k:{\"containerPort\":7000,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + }, + "k:{\"containerPort\":7001,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + }, + "k:{\"containerPort\":7199,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + }, + "k:{\"containerPort\":8080,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + }, + "k:{\"containerPort\":9042,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + }, + "k:{\"containerPort\":9103,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + }, + "k:{\"containerPort\":9142,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + }, + "k:{\"containerPort\":9160,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + } + }, + "f:readinessProbe": { + ".": {}, + "f:failureThreshold": {}, + "f:httpGet": { + ".": {}, + "f:path": {}, + "f:port": {}, + "f:scheme": {} + }, + "f:initialDelaySeconds": {}, + "f:periodSeconds": {}, + "f:successThreshold": {}, + "f:timeoutSeconds": {} + }, + "f:resources": {}, + "f:terminationMessagePath": {}, + "f:terminationMessagePolicy": {}, + "f:volumeMounts": { + ".": {}, + "k:{\"mountPath\":\"/config\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {} + }, + "k:{\"mountPath\":\"/etc/encryption/\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {} + }, + "k:{\"mountPath\":\"/var/lib/cassandra\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {} + }, + "k:{\"mountPath\":\"/var/log/cassandra\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {} + } + } + }, + "k:{\"name\":\"server-system-logger\"}": { + ".": {}, + "f:image": {}, + "f:imagePullPolicy": {}, + "f:name": {}, + "f:resources": { + ".": {}, + "f:limits": { + ".": {}, + "f:cpu": {}, + "f:memory": {} + }, + "f:requests": { + ".": {}, + "f:cpu": {}, + "f:memory": {} + } + }, + "f:terminationMessagePath": {}, + "f:terminationMessagePolicy": {}, + "f:volumeMounts": { + ".": {}, + "k:{\"mountPath\":\"/var/log/cassandra\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {} + } + } + } + }, + "f:dnsPolicy": {}, + "f:enableServiceLinks": {}, + "f:hostname": {}, + "f:initContainers": { + ".": {}, + "k:{\"name\":\"server-config-init\"}": { + ".": {}, + "f:env": { + ".": {}, + "k:{\"name\":\"CONFIG_FILE_DATA\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"DSE_VERSION\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"HOST_IP\"}": { + ".": {}, + "f:name": {}, + "f:valueFrom": { + ".": {}, + "f:fieldRef": {} + } + }, + "k:{\"name\":\"POD_IP\"}": { + ".": {}, + "f:name": {}, + "f:valueFrom": { + ".": {}, + "f:fieldRef": {} + } + }, + "k:{\"name\":\"PRODUCT_NAME\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"PRODUCT_VERSION\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"RACK_NAME\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"USE_HOST_IP_FOR_BROADCAST\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + } + }, + "f:image": {}, + "f:imagePullPolicy": {}, + "f:name": {}, + "f:resources": { + ".": {}, + "f:limits": { + ".": {}, + "f:cpu": {}, + "f:memory": {} + }, + "f:requests": { + ".": {}, + "f:cpu": {}, + "f:memory": {} + } + }, + "f:terminationMessagePath": {}, + "f:terminationMessagePolicy": {}, + "f:volumeMounts": { + ".": {}, + "k:{\"mountPath\":\"/config\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {} + } + } + } + }, + "f:restartPolicy": {}, + "f:schedulerName": {}, + "f:securityContext": { + ".": {}, + "f:fsGroup": {}, + "f:runAsGroup": {}, + "f:runAsUser": {} + }, + "f:serviceAccount": {}, + "f:serviceAccountName": {}, + "f:subdomain": {}, + "f:terminationGracePeriodSeconds": {}, + "f:volumes": { + ".": {}, + "k:{\"name\":\"encryption-cred-storage\"}": { + ".": {}, + "f:name": {}, + "f:secret": { + ".": {}, + "f:defaultMode": {}, + "f:secretName": {} + } + }, + "k:{\"name\":\"server-config\"}": { + ".": {}, + "f:emptyDir": {}, + "f:name": {} + }, + "k:{\"name\":\"server-data\"}": { + ".": {}, + "f:name": {}, + "f:persistentVolumeClaim": { + ".": {}, + "f:claimName": {} + } + }, + "k:{\"name\":\"server-logs\"}": { + ".": {}, + "f:emptyDir": {}, + "f:name": {} + } + } + } + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:30+00:00" + }, + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:labels": { + "f:cassandra.datastax.com/node-state": {}, + "f:cassandra.datastax.com/seed-node": {} + } + } + }, + "manager": "manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:34:08+00:00" + }, + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:status": { + "f:conditions": { + "k:{\"type\":\"ContainersReady\"}": { + ".": {}, + "f:lastProbeTime": {}, + "f:lastTransitionTime": {}, + "f:status": {}, + "f:type": {} + }, + "k:{\"type\":\"Initialized\"}": { + ".": {}, + "f:lastProbeTime": {}, + "f:lastTransitionTime": {}, + "f:status": {}, + "f:type": {} + }, + "k:{\"type\":\"Ready\"}": { + ".": {}, + "f:lastProbeTime": {}, + "f:lastTransitionTime": {}, + "f:status": {}, + "f:type": {} + } + }, + "f:containerStatuses": {}, + "f:hostIP": {}, + "f:initContainerStatuses": {}, + "f:phase": {}, + "f:podIP": {}, + "f:podIPs": { + ".": {}, + "k:{\"ip\":\"10.244.1.4\"}": { + ".": {}, + "f:ip": {} + } + }, + "f:startTime": {} + } + }, + "manager": "Go-http-client", + "operation": "Update", + "subresource": "status", + "time": "2024-02-26T19:34:23+00:00" + } + ], + "name": "cluster1-test-cluster-default-sts-0", + "namespace": "cass-operator", + "owner_references": [ + { + "api_version": "apps/v1", + "block_owner_deletion": true, + "controller": true, + "kind": "StatefulSet", + "name": "cluster1-test-cluster-default-sts", + "uid": "f34321ea-cb8c-422e-8e25-043ede05be43" + } + ], + "resource_version": "1581", + "self_link": null, + "uid": "e5322c75-6c05-4e97-90b8-c11bb1c04973" + }, + "spec": { + "active_deadline_seconds": null, + "affinity": { + "node_affinity": null, + "pod_affinity": null, + "pod_anti_affinity": { + "preferred_during_scheduling_ignored_during_execution": null, + "required_during_scheduling_ignored_during_execution": [ + { + "label_selector": { + "match_expressions": [ + { + "key": "cassandra.datastax.com/cluster", + "operator": "Exists", + "values": null + }, + { + "key": "cassandra.datastax.com/datacenter", + "operator": "Exists", + "values": null + }, + { + "key": "cassandra.datastax.com/rack", + "operator": "Exists", + "values": null + } + ], + "match_labels": null + }, + "namespace_selector": null, + "namespaces": null, + "topology_key": "kubernetes.io/hostname" + } + ] + } + }, + "automount_service_account_token": null, + "containers": [ + { + "args": null, + "command": null, + "env": [ + { + "name": "DS_LICENSE", + "value": "accept", + "value_from": null + }, + { + "name": "DSE_AUTO_CONF_OFF", + "value": "all", + "value_from": null + }, + { + "name": "USE_MGMT_API", + "value": "true", + "value_from": null + }, + { + "name": "MGMT_API_EXPLICIT_START", + "value": "true", + "value_from": null + }, + { + "name": "DSE_MGMT_EXPLICIT_START", + "value": "true", + "value_from": null + } + ], + "env_from": null, + "image": "k8ssandra/cass-management-api:3.11.7", + "image_pull_policy": "IfNotPresent", + "lifecycle": { + "post_start": null, + "pre_stop": { + "_exec": { + "command": [ + "wget", + "--output-document", + "/dev/null", + "--no-check-certificate", + "--post-data=''", + "http://localhost:8080/api/v0/ops/node/drain" + ] + }, + "http_get": null, + "tcp_socket": null + } + }, + "liveness_probe": { + "_exec": null, + "failure_threshold": 3, + "grpc": null, + "http_get": { + "host": null, + "http_headers": null, + "path": "/api/v0/probes/liveness", + "port": 8080, + "scheme": "HTTP" + }, + "initial_delay_seconds": 15, + "period_seconds": 15, + "success_threshold": 1, + "tcp_socket": null, + "termination_grace_period_seconds": null, + "timeout_seconds": 1 + }, + "name": "cassandra", + "ports": [ + { + "container_port": 9042, + "host_ip": null, + "host_port": null, + "name": "native", + "protocol": "TCP" + }, + { + "container_port": 9142, + "host_ip": null, + "host_port": null, + "name": "tls-native", + "protocol": "TCP" + }, + { + "container_port": 7000, + "host_ip": null, + "host_port": null, + "name": "internode", + "protocol": "TCP" + }, + { + "container_port": 7001, + "host_ip": null, + "host_port": null, + "name": "tls-internode", + "protocol": "TCP" + }, + { + "container_port": 7199, + "host_ip": null, + "host_port": null, + "name": "jmx", + "protocol": "TCP" + }, + { + "container_port": 8080, + "host_ip": null, + "host_port": null, + "name": "mgmt-api-http", + "protocol": "TCP" + }, + { + "container_port": 9103, + "host_ip": null, + "host_port": null, + "name": "prometheus", + "protocol": "TCP" + }, + { + "container_port": 9160, + "host_ip": null, + "host_port": null, + "name": "thrift", + "protocol": "TCP" + } + ], + "readiness_probe": { + "_exec": null, + "failure_threshold": 3, + "grpc": null, + "http_get": { + "host": null, + "http_headers": null, + "path": "/api/v0/probes/readiness", + "port": 8080, + "scheme": "HTTP" + }, + "initial_delay_seconds": 20, + "period_seconds": 10, + "success_threshold": 1, + "tcp_socket": null, + "termination_grace_period_seconds": null, + "timeout_seconds": 1 + }, + "resources": { + "claims": null, + "limits": null, + "requests": null + }, + "security_context": null, + "startup_probe": null, + "stdin": null, + "stdin_once": null, + "termination_message_path": "/dev/termination-log", + "termination_message_policy": "File", + "tty": null, + "volume_devices": null, + "volume_mounts": [ + { + "mount_path": "/var/log/cassandra", + "mount_propagation": null, + "name": "server-logs", + "read_only": null, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/var/lib/cassandra", + "mount_propagation": null, + "name": "server-data", + "read_only": null, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/etc/encryption/", + "mount_propagation": null, + "name": "encryption-cred-storage", + "read_only": null, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/config", + "mount_propagation": null, + "name": "server-config", + "read_only": null, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/var/run/secrets/kubernetes.io/serviceaccount", + "mount_propagation": null, + "name": "kube-api-access-bv8fr", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + } + ], + "working_dir": null + }, + { + "args": null, + "command": null, + "env": null, + "env_from": null, + "image": "k8ssandra/system-logger:v1.10.3", + "image_pull_policy": "IfNotPresent", + "lifecycle": null, + "liveness_probe": null, + "name": "server-system-logger", + "ports": null, + "readiness_probe": null, + "resources": { + "claims": null, + "limits": { + "cpu": "100m", + "memory": "64M" + }, + "requests": { + "cpu": "100m", + "memory": "64M" + } + }, + "security_context": null, + "startup_probe": null, + "stdin": null, + "stdin_once": null, + "termination_message_path": "/dev/termination-log", + "termination_message_policy": "File", + "tty": null, + "volume_devices": null, + "volume_mounts": [ + { + "mount_path": "/var/log/cassandra", + "mount_propagation": null, + "name": "server-logs", + "read_only": null, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/var/run/secrets/kubernetes.io/serviceaccount", + "mount_propagation": null, + "name": "kube-api-access-bv8fr", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + } + ], + "working_dir": null + } + ], + "dns_config": null, + "dns_policy": "ClusterFirst", + "enable_service_links": true, + "ephemeral_containers": null, + "host_aliases": null, + "host_ipc": null, + "host_network": null, + "host_pid": null, + "host_users": null, + "hostname": "cluster1-test-cluster-default-sts-0", + "image_pull_secrets": null, + "init_containers": [ + { + "args": null, + "command": null, + "env": [ + { + "name": "POD_IP", + "value": null, + "value_from": { + "config_map_key_ref": null, + "field_ref": { + "api_version": "v1", + "field_path": "status.podIP" + }, + "resource_field_ref": null, + "secret_key_ref": null + } + }, + { + "name": "HOST_IP", + "value": null, + "value_from": { + "config_map_key_ref": null, + "field_ref": { + "api_version": "v1", + "field_path": "status.hostIP" + }, + "resource_field_ref": null, + "secret_key_ref": null + } + }, + { + "name": "USE_HOST_IP_FOR_BROADCAST", + "value": "false", + "value_from": null + }, + { + "name": "RACK_NAME", + "value": "default", + "value_from": null + }, + { + "name": "PRODUCT_VERSION", + "value": "3.11.7", + "value_from": null + }, + { + "name": "PRODUCT_NAME", + "value": "cassandra", + "value_from": null + }, + { + "name": "DSE_VERSION", + "value": "3.11.7", + "value_from": null + }, + { + "name": "CONFIG_FILE_DATA", + "value": "{\"cassandra-yaml\":{\"authenticator\":\"org.apache.cassandra.auth.PasswordAuthenticator\",\"authorizer\":\"org.apache.cassandra.auth.CassandraAuthorizer\",\"role_manager\":\"org.apache.cassandra.auth.CassandraRoleManager\"},\"cluster-info\":{\"name\":\"cluster1\",\"seeds\":\"cluster1-seed-service,cluster1-test-cluster-additional-seed-service\"},\"datacenter-info\":{\"graph-enabled\":0,\"name\":\"test-cluster\",\"solr-enabled\":0,\"spark-enabled\":0},\"jvm-options\":{\"initial_heap_size\":\"800M\",\"max_heap_size\":\"800M\"}}", + "value_from": null + } + ], + "env_from": null, + "image": "datastax/cass-config-builder:1.0.4-ubi7", + "image_pull_policy": "IfNotPresent", + "lifecycle": null, + "liveness_probe": null, + "name": "server-config-init", + "ports": null, + "readiness_probe": null, + "resources": { + "claims": null, + "limits": { + "cpu": "1", + "memory": "256M" + }, + "requests": { + "cpu": "1", + "memory": "256M" + } + }, + "security_context": null, + "startup_probe": null, + "stdin": null, + "stdin_once": null, + "termination_message_path": "/dev/termination-log", + "termination_message_policy": "File", + "tty": null, + "volume_devices": null, + "volume_mounts": [ + { + "mount_path": "/config", + "mount_propagation": null, + "name": "server-config", + "read_only": null, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/var/run/secrets/kubernetes.io/serviceaccount", + "mount_propagation": null, + "name": "kube-api-access-bv8fr", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + } + ], + "working_dir": null + } + ], + "node_name": "acto-0-cluster-0-worker2", + "node_selector": null, + "os": null, + "overhead": null, + "preemption_policy": "PreemptLowerPriority", + "priority": 0, + "priority_class_name": null, + "readiness_gates": null, + "resource_claims": null, + "restart_policy": "Always", + "runtime_class_name": null, + "scheduler_name": "default-scheduler", + "scheduling_gates": null, + "security_context": { + "fs_group": 999, + "fs_group_change_policy": null, + "run_as_group": 999, + "run_as_non_root": null, + "run_as_user": 999, + "se_linux_options": null, + "seccomp_profile": null, + "supplemental_groups": null, + "sysctls": null, + "windows_options": null + }, + "service_account": "default", + "service_account_name": "default", + "set_hostname_as_fqdn": null, + "share_process_namespace": null, + "subdomain": "cluster1-test-cluster-all-pods-service", + "termination_grace_period_seconds": 120, + "tolerations": [ + { + "effect": "NoExecute", + "key": "node.kubernetes.io/not-ready", + "operator": "Exists", + "toleration_seconds": 300, + "value": null + }, + { + "effect": "NoExecute", + "key": "node.kubernetes.io/unreachable", + "operator": "Exists", + "toleration_seconds": 300, + "value": null + } + ], + "topology_spread_constraints": null, + "volumes": [ + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "server-data", + "nfs": null, + "persistent_volume_claim": { + "claim_name": "server-data-cluster1-test-cluster-default-sts-0", + "read_only": null + }, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": null, + "empty_dir": { + "medium": null, + "size_limit": null + }, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "server-config", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": null, + "empty_dir": { + "medium": null, + "size_limit": null + }, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "server-logs", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "encryption-cred-storage", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": { + "default_mode": 420, + "items": null, + "optional": null, + "secret_name": "test-cluster-keystore" + }, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "kube-api-access-bv8fr", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": { + "default_mode": 420, + "sources": [ + { + "config_map": null, + "downward_api": null, + "secret": null, + "service_account_token": { + "audience": null, + "expiration_seconds": 3607, + "path": "token" + } + }, + { + "config_map": { + "items": [ + { + "key": "ca.crt", + "mode": null, + "path": "ca.crt" + } + ], + "name": "kube-root-ca.crt", + "optional": null + }, + "downward_api": null, + "secret": null, + "service_account_token": null + }, + { + "config_map": null, + "downward_api": { + "items": [ + { + "field_ref": { + "api_version": "v1", + "field_path": "metadata.namespace" + }, + "mode": null, + "path": "namespace", + "resource_field_ref": null + } + ] + }, + "secret": null, + "service_account_token": null + } + ] + }, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + } + ] + }, + "status": { + "conditions": [ + { + "last_probe_time": null, + "last_transition_time": "2024-02-26T19:33:52+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "Initialized" + }, + { + "last_probe_time": null, + "last_transition_time": "2024-02-26T19:34:23+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "Ready" + }, + { + "last_probe_time": null, + "last_transition_time": "2024-02-26T19:34:23+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "ContainersReady" + }, + { + "last_probe_time": null, + "last_transition_time": "2024-02-26T19:33:33+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "PodScheduled" + } + ], + "container_statuses": [ + { + "container_id": "containerd://6781899841b23cd996e6d3e8f3eb7e420b19c55a85ee722533b37956f1569510", + "image": "docker.io/k8ssandra/cass-management-api:3.11.7", + "image_id": "docker.io/library/import-2024-02-26@sha256:3c740a7979c8fdbade5e4a289fd9bd2518bddafb76c7135fff09fb049b91ec77", + "last_state": { + "running": null, + "terminated": null, + "waiting": null + }, + "name": "cassandra", + "ready": true, + "restart_count": 0, + "started": true, + "state": { + "running": { + "started_at": "2024-02-26T19:33:52+00:00" + }, + "terminated": null, + "waiting": null + } + }, + { + "container_id": "containerd://b440f9849e6af66780de051ba270a0aad909c4cd5c45cc27b8ff658c4729a85b", + "image": "docker.io/k8ssandra/system-logger:v1.10.3", + "image_id": "docker.io/library/import-2024-02-26@sha256:d7125862ace61780e73a267eb69aafd40aefe5f9aa4fa37c82728488d36afe34", + "last_state": { + "running": null, + "terminated": null, + "waiting": null + }, + "name": "server-system-logger", + "ready": true, + "restart_count": 0, + "started": true, + "state": { + "running": { + "started_at": "2024-02-26T19:33:52+00:00" + }, + "terminated": null, + "waiting": null + } + } + ], + "ephemeral_container_statuses": null, + "host_ip": "172.18.0.3", + "init_container_statuses": [ + { + "container_id": "containerd://8783e2ce5d431ff462c90cbe98e5c045aa3c63bb42625771dc5b4e7545fdef16", + "image": "docker.io/datastax/cass-config-builder:1.0.4-ubi7", + "image_id": "docker.io/library/import-2024-02-26@sha256:a2fd99198174a7e97d77e9146e5bc9aa096444b5f3ca71aba30c410661f4fec1", + "last_state": { + "running": null, + "terminated": null, + "waiting": null + }, + "name": "server-config-init", + "ready": true, + "restart_count": 0, + "started": null, + "state": { + "running": null, + "terminated": { + "container_id": "containerd://8783e2ce5d431ff462c90cbe98e5c045aa3c63bb42625771dc5b4e7545fdef16", + "exit_code": 0, + "finished_at": "2024-02-26T19:33:52+00:00", + "message": null, + "reason": "Completed", + "signal": null, + "started_at": "2024-02-26T19:33:49+00:00" + }, + "waiting": null + } + } + ], + "message": null, + "nominated_node_name": null, + "phase": "Running", + "pod_ip": "10.244.1.4", + "pod_i_ps": [ + { + "ip": "10.244.1.4" + } + ], + "qos_class": "Burstable", + "reason": null, + "start_time": "2024-02-26T19:33:33+00:00" + } + }, + "cluster1-test-cluster-default-sts-1": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:30+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": "cluster1-test-cluster-default-sts-", + "generation": null, + "labels": { + "app.kubernetes.io/instance": "cassandra-cluster1", + "app.kubernetes.io/managed-by": "cass-operator", + "app.kubernetes.io/name": "cassandra", + "app.kubernetes.io/version": "3.11.7", + "cassandra.datastax.com/cluster": "cluster1", + "cassandra.datastax.com/datacenter": "test-cluster", + "cassandra.datastax.com/node-state": "Started", + "cassandra.datastax.com/rack": "default", + "cassandra.datastax.com/seed-node": "true", + "controller-revision-hash": "cluster1-test-cluster-default-sts-5d8d5c84f4", + "statefulset.kubernetes.io/pod-name": "cluster1-test-cluster-default-sts-1" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:generateName": {}, + "f:labels": { + ".": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {}, + "f:app.kubernetes.io/version": {}, + "f:cassandra.datastax.com/cluster": {}, + "f:cassandra.datastax.com/datacenter": {}, + "f:cassandra.datastax.com/rack": {}, + "f:controller-revision-hash": {}, + "f:statefulset.kubernetes.io/pod-name": {} + }, + "f:ownerReferences": { + ".": {}, + "k:{\"uid\":\"f34321ea-cb8c-422e-8e25-043ede05be43\"}": {} + } + }, + "f:spec": { + "f:affinity": { + ".": {}, + "f:podAntiAffinity": { + ".": {}, + "f:requiredDuringSchedulingIgnoredDuringExecution": {} + } + }, + "f:containers": { + "k:{\"name\":\"cassandra\"}": { + ".": {}, + "f:env": { + ".": {}, + "k:{\"name\":\"DSE_AUTO_CONF_OFF\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"DSE_MGMT_EXPLICIT_START\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"DS_LICENSE\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"MGMT_API_EXPLICIT_START\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"USE_MGMT_API\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + } + }, + "f:image": {}, + "f:imagePullPolicy": {}, + "f:lifecycle": { + ".": {}, + "f:preStop": { + ".": {}, + "f:exec": { + ".": {}, + "f:command": {} + } + } + }, + "f:livenessProbe": { + ".": {}, + "f:failureThreshold": {}, + "f:httpGet": { + ".": {}, + "f:path": {}, + "f:port": {}, + "f:scheme": {} + }, + "f:initialDelaySeconds": {}, + "f:periodSeconds": {}, + "f:successThreshold": {}, + "f:timeoutSeconds": {} + }, + "f:name": {}, + "f:ports": { + ".": {}, + "k:{\"containerPort\":7000,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + }, + "k:{\"containerPort\":7001,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + }, + "k:{\"containerPort\":7199,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + }, + "k:{\"containerPort\":8080,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + }, + "k:{\"containerPort\":9042,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + }, + "k:{\"containerPort\":9103,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + }, + "k:{\"containerPort\":9142,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + }, + "k:{\"containerPort\":9160,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + } + }, + "f:readinessProbe": { + ".": {}, + "f:failureThreshold": {}, + "f:httpGet": { + ".": {}, + "f:path": {}, + "f:port": {}, + "f:scheme": {} + }, + "f:initialDelaySeconds": {}, + "f:periodSeconds": {}, + "f:successThreshold": {}, + "f:timeoutSeconds": {} + }, + "f:resources": {}, + "f:terminationMessagePath": {}, + "f:terminationMessagePolicy": {}, + "f:volumeMounts": { + ".": {}, + "k:{\"mountPath\":\"/config\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {} + }, + "k:{\"mountPath\":\"/etc/encryption/\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {} + }, + "k:{\"mountPath\":\"/var/lib/cassandra\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {} + }, + "k:{\"mountPath\":\"/var/log/cassandra\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {} + } + } + }, + "k:{\"name\":\"server-system-logger\"}": { + ".": {}, + "f:image": {}, + "f:imagePullPolicy": {}, + "f:name": {}, + "f:resources": { + ".": {}, + "f:limits": { + ".": {}, + "f:cpu": {}, + "f:memory": {} + }, + "f:requests": { + ".": {}, + "f:cpu": {}, + "f:memory": {} + } + }, + "f:terminationMessagePath": {}, + "f:terminationMessagePolicy": {}, + "f:volumeMounts": { + ".": {}, + "k:{\"mountPath\":\"/var/log/cassandra\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {} + } + } + } + }, + "f:dnsPolicy": {}, + "f:enableServiceLinks": {}, + "f:hostname": {}, + "f:initContainers": { + ".": {}, + "k:{\"name\":\"server-config-init\"}": { + ".": {}, + "f:env": { + ".": {}, + "k:{\"name\":\"CONFIG_FILE_DATA\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"DSE_VERSION\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"HOST_IP\"}": { + ".": {}, + "f:name": {}, + "f:valueFrom": { + ".": {}, + "f:fieldRef": {} + } + }, + "k:{\"name\":\"POD_IP\"}": { + ".": {}, + "f:name": {}, + "f:valueFrom": { + ".": {}, + "f:fieldRef": {} + } + }, + "k:{\"name\":\"PRODUCT_NAME\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"PRODUCT_VERSION\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"RACK_NAME\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"USE_HOST_IP_FOR_BROADCAST\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + } + }, + "f:image": {}, + "f:imagePullPolicy": {}, + "f:name": {}, + "f:resources": { + ".": {}, + "f:limits": { + ".": {}, + "f:cpu": {}, + "f:memory": {} + }, + "f:requests": { + ".": {}, + "f:cpu": {}, + "f:memory": {} + } + }, + "f:terminationMessagePath": {}, + "f:terminationMessagePolicy": {}, + "f:volumeMounts": { + ".": {}, + "k:{\"mountPath\":\"/config\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {} + } + } + } + }, + "f:restartPolicy": {}, + "f:schedulerName": {}, + "f:securityContext": { + ".": {}, + "f:fsGroup": {}, + "f:runAsGroup": {}, + "f:runAsUser": {} + }, + "f:serviceAccount": {}, + "f:serviceAccountName": {}, + "f:subdomain": {}, + "f:terminationGracePeriodSeconds": {}, + "f:volumes": { + ".": {}, + "k:{\"name\":\"encryption-cred-storage\"}": { + ".": {}, + "f:name": {}, + "f:secret": { + ".": {}, + "f:defaultMode": {}, + "f:secretName": {} + } + }, + "k:{\"name\":\"server-config\"}": { + ".": {}, + "f:emptyDir": {}, + "f:name": {} + }, + "k:{\"name\":\"server-data\"}": { + ".": {}, + "f:name": {}, + "f:persistentVolumeClaim": { + ".": {}, + "f:claimName": {} + } + }, + "k:{\"name\":\"server-logs\"}": { + ".": {}, + "f:emptyDir": {}, + "f:name": {} + } + } + } + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:30+00:00" + }, + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:status": { + "f:conditions": { + "k:{\"type\":\"ContainersReady\"}": { + ".": {}, + "f:lastProbeTime": {}, + "f:lastTransitionTime": {}, + "f:status": {}, + "f:type": {} + }, + "k:{\"type\":\"Initialized\"}": { + ".": {}, + "f:lastProbeTime": {}, + "f:lastTransitionTime": {}, + "f:status": {}, + "f:type": {} + }, + "k:{\"type\":\"Ready\"}": { + ".": {}, + "f:lastProbeTime": {}, + "f:lastTransitionTime": {}, + "f:status": {}, + "f:type": {} + } + }, + "f:containerStatuses": {}, + "f:hostIP": {}, + "f:initContainerStatuses": {}, + "f:phase": {}, + "f:podIP": {}, + "f:podIPs": { + ".": {}, + "k:{\"ip\":\"10.244.2.5\"}": { + ".": {}, + "f:ip": {} + } + }, + "f:startTime": {} + } + }, + "manager": "Go-http-client", + "operation": "Update", + "subresource": "status", + "time": "2024-02-26T19:36:14+00:00" + }, + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:labels": { + "f:cassandra.datastax.com/node-state": {}, + "f:cassandra.datastax.com/seed-node": {} + } + } + }, + "manager": "manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:36:14+00:00" + } + ], + "name": "cluster1-test-cluster-default-sts-1", + "namespace": "cass-operator", + "owner_references": [ + { + "api_version": "apps/v1", + "block_owner_deletion": true, + "controller": true, + "kind": "StatefulSet", + "name": "cluster1-test-cluster-default-sts", + "uid": "f34321ea-cb8c-422e-8e25-043ede05be43" + } + ], + "resource_version": "1976", + "self_link": null, + "uid": "142b87e9-242a-4cad-aa89-7164a010c1b0" + }, + "spec": { + "active_deadline_seconds": null, + "affinity": { + "node_affinity": null, + "pod_affinity": null, + "pod_anti_affinity": { + "preferred_during_scheduling_ignored_during_execution": null, + "required_during_scheduling_ignored_during_execution": [ + { + "label_selector": { + "match_expressions": [ + { + "key": "cassandra.datastax.com/cluster", + "operator": "Exists", + "values": null + }, + { + "key": "cassandra.datastax.com/datacenter", + "operator": "Exists", + "values": null + }, + { + "key": "cassandra.datastax.com/rack", + "operator": "Exists", + "values": null + } + ], + "match_labels": null + }, + "namespace_selector": null, + "namespaces": null, + "topology_key": "kubernetes.io/hostname" + } + ] + } + }, + "automount_service_account_token": null, + "containers": [ + { + "args": null, + "command": null, + "env": [ + { + "name": "DS_LICENSE", + "value": "accept", + "value_from": null + }, + { + "name": "DSE_AUTO_CONF_OFF", + "value": "all", + "value_from": null + }, + { + "name": "USE_MGMT_API", + "value": "true", + "value_from": null + }, + { + "name": "MGMT_API_EXPLICIT_START", + "value": "true", + "value_from": null + }, + { + "name": "DSE_MGMT_EXPLICIT_START", + "value": "true", + "value_from": null + } + ], + "env_from": null, + "image": "k8ssandra/cass-management-api:3.11.7", + "image_pull_policy": "IfNotPresent", + "lifecycle": { + "post_start": null, + "pre_stop": { + "_exec": { + "command": [ + "wget", + "--output-document", + "/dev/null", + "--no-check-certificate", + "--post-data=''", + "http://localhost:8080/api/v0/ops/node/drain" + ] + }, + "http_get": null, + "tcp_socket": null + } + }, + "liveness_probe": { + "_exec": null, + "failure_threshold": 3, + "grpc": null, + "http_get": { + "host": null, + "http_headers": null, + "path": "/api/v0/probes/liveness", + "port": 8080, + "scheme": "HTTP" + }, + "initial_delay_seconds": 15, + "period_seconds": 15, + "success_threshold": 1, + "tcp_socket": null, + "termination_grace_period_seconds": null, + "timeout_seconds": 1 + }, + "name": "cassandra", + "ports": [ + { + "container_port": 9042, + "host_ip": null, + "host_port": null, + "name": "native", + "protocol": "TCP" + }, + { + "container_port": 9142, + "host_ip": null, + "host_port": null, + "name": "tls-native", + "protocol": "TCP" + }, + { + "container_port": 7000, + "host_ip": null, + "host_port": null, + "name": "internode", + "protocol": "TCP" + }, + { + "container_port": 7001, + "host_ip": null, + "host_port": null, + "name": "tls-internode", + "protocol": "TCP" + }, + { + "container_port": 7199, + "host_ip": null, + "host_port": null, + "name": "jmx", + "protocol": "TCP" + }, + { + "container_port": 8080, + "host_ip": null, + "host_port": null, + "name": "mgmt-api-http", + "protocol": "TCP" + }, + { + "container_port": 9103, + "host_ip": null, + "host_port": null, + "name": "prometheus", + "protocol": "TCP" + }, + { + "container_port": 9160, + "host_ip": null, + "host_port": null, + "name": "thrift", + "protocol": "TCP" + } + ], + "readiness_probe": { + "_exec": null, + "failure_threshold": 3, + "grpc": null, + "http_get": { + "host": null, + "http_headers": null, + "path": "/api/v0/probes/readiness", + "port": 8080, + "scheme": "HTTP" + }, + "initial_delay_seconds": 20, + "period_seconds": 10, + "success_threshold": 1, + "tcp_socket": null, + "termination_grace_period_seconds": null, + "timeout_seconds": 1 + }, + "resources": { + "claims": null, + "limits": null, + "requests": null + }, + "security_context": null, + "startup_probe": null, + "stdin": null, + "stdin_once": null, + "termination_message_path": "/dev/termination-log", + "termination_message_policy": "File", + "tty": null, + "volume_devices": null, + "volume_mounts": [ + { + "mount_path": "/var/log/cassandra", + "mount_propagation": null, + "name": "server-logs", + "read_only": null, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/var/lib/cassandra", + "mount_propagation": null, + "name": "server-data", + "read_only": null, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/etc/encryption/", + "mount_propagation": null, + "name": "encryption-cred-storage", + "read_only": null, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/config", + "mount_propagation": null, + "name": "server-config", + "read_only": null, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/var/run/secrets/kubernetes.io/serviceaccount", + "mount_propagation": null, + "name": "kube-api-access-5qwsl", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + } + ], + "working_dir": null + }, + { + "args": null, + "command": null, + "env": null, + "env_from": null, + "image": "k8ssandra/system-logger:v1.10.3", + "image_pull_policy": "IfNotPresent", + "lifecycle": null, + "liveness_probe": null, + "name": "server-system-logger", + "ports": null, + "readiness_probe": null, + "resources": { + "claims": null, + "limits": { + "cpu": "100m", + "memory": "64M" + }, + "requests": { + "cpu": "100m", + "memory": "64M" + } + }, + "security_context": null, + "startup_probe": null, + "stdin": null, + "stdin_once": null, + "termination_message_path": "/dev/termination-log", + "termination_message_policy": "File", + "tty": null, + "volume_devices": null, + "volume_mounts": [ + { + "mount_path": "/var/log/cassandra", + "mount_propagation": null, + "name": "server-logs", + "read_only": null, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/var/run/secrets/kubernetes.io/serviceaccount", + "mount_propagation": null, + "name": "kube-api-access-5qwsl", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + } + ], + "working_dir": null + } + ], + "dns_config": null, + "dns_policy": "ClusterFirst", + "enable_service_links": true, + "ephemeral_containers": null, + "host_aliases": null, + "host_ipc": null, + "host_network": null, + "host_pid": null, + "host_users": null, + "hostname": "cluster1-test-cluster-default-sts-1", + "image_pull_secrets": null, + "init_containers": [ + { + "args": null, + "command": null, + "env": [ + { + "name": "POD_IP", + "value": null, + "value_from": { + "config_map_key_ref": null, + "field_ref": { + "api_version": "v1", + "field_path": "status.podIP" + }, + "resource_field_ref": null, + "secret_key_ref": null + } + }, + { + "name": "HOST_IP", + "value": null, + "value_from": { + "config_map_key_ref": null, + "field_ref": { + "api_version": "v1", + "field_path": "status.hostIP" + }, + "resource_field_ref": null, + "secret_key_ref": null + } + }, + { + "name": "USE_HOST_IP_FOR_BROADCAST", + "value": "false", + "value_from": null + }, + { + "name": "RACK_NAME", + "value": "default", + "value_from": null + }, + { + "name": "PRODUCT_VERSION", + "value": "3.11.7", + "value_from": null + }, + { + "name": "PRODUCT_NAME", + "value": "cassandra", + "value_from": null + }, + { + "name": "DSE_VERSION", + "value": "3.11.7", + "value_from": null + }, + { + "name": "CONFIG_FILE_DATA", + "value": "{\"cassandra-yaml\":{\"authenticator\":\"org.apache.cassandra.auth.PasswordAuthenticator\",\"authorizer\":\"org.apache.cassandra.auth.CassandraAuthorizer\",\"role_manager\":\"org.apache.cassandra.auth.CassandraRoleManager\"},\"cluster-info\":{\"name\":\"cluster1\",\"seeds\":\"cluster1-seed-service,cluster1-test-cluster-additional-seed-service\"},\"datacenter-info\":{\"graph-enabled\":0,\"name\":\"test-cluster\",\"solr-enabled\":0,\"spark-enabled\":0},\"jvm-options\":{\"initial_heap_size\":\"800M\",\"max_heap_size\":\"800M\"}}", + "value_from": null + } + ], + "env_from": null, + "image": "datastax/cass-config-builder:1.0.4-ubi7", + "image_pull_policy": "IfNotPresent", + "lifecycle": null, + "liveness_probe": null, + "name": "server-config-init", + "ports": null, + "readiness_probe": null, + "resources": { + "claims": null, + "limits": { + "cpu": "1", + "memory": "256M" + }, + "requests": { + "cpu": "1", + "memory": "256M" + } + }, + "security_context": null, + "startup_probe": null, + "stdin": null, + "stdin_once": null, + "termination_message_path": "/dev/termination-log", + "termination_message_policy": "File", + "tty": null, + "volume_devices": null, + "volume_mounts": [ + { + "mount_path": "/config", + "mount_propagation": null, + "name": "server-config", + "read_only": null, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/var/run/secrets/kubernetes.io/serviceaccount", + "mount_propagation": null, + "name": "kube-api-access-5qwsl", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + } + ], + "working_dir": null + } + ], + "node_name": "acto-0-cluster-0-worker", + "node_selector": null, + "os": null, + "overhead": null, + "preemption_policy": "PreemptLowerPriority", + "priority": 0, + "priority_class_name": null, + "readiness_gates": null, + "resource_claims": null, + "restart_policy": "Always", + "runtime_class_name": null, + "scheduler_name": "default-scheduler", + "scheduling_gates": null, + "security_context": { + "fs_group": 999, + "fs_group_change_policy": null, + "run_as_group": 999, + "run_as_non_root": null, + "run_as_user": 999, + "se_linux_options": null, + "seccomp_profile": null, + "supplemental_groups": null, + "sysctls": null, + "windows_options": null + }, + "service_account": "default", + "service_account_name": "default", + "set_hostname_as_fqdn": null, + "share_process_namespace": null, + "subdomain": "cluster1-test-cluster-all-pods-service", + "termination_grace_period_seconds": 120, + "tolerations": [ + { + "effect": "NoExecute", + "key": "node.kubernetes.io/not-ready", + "operator": "Exists", + "toleration_seconds": 300, + "value": null + }, + { + "effect": "NoExecute", + "key": "node.kubernetes.io/unreachable", + "operator": "Exists", + "toleration_seconds": 300, + "value": null + } + ], + "topology_spread_constraints": null, + "volumes": [ + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "server-data", + "nfs": null, + "persistent_volume_claim": { + "claim_name": "server-data-cluster1-test-cluster-default-sts-1", + "read_only": null + }, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": null, + "empty_dir": { + "medium": null, + "size_limit": null + }, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "server-config", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": null, + "empty_dir": { + "medium": null, + "size_limit": null + }, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "server-logs", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "encryption-cred-storage", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": { + "default_mode": 420, + "items": null, + "optional": null, + "secret_name": "test-cluster-keystore" + }, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "kube-api-access-5qwsl", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": { + "default_mode": 420, + "sources": [ + { + "config_map": null, + "downward_api": null, + "secret": null, + "service_account_token": { + "audience": null, + "expiration_seconds": 3607, + "path": "token" + } + }, + { + "config_map": { + "items": [ + { + "key": "ca.crt", + "mode": null, + "path": "ca.crt" + } + ], + "name": "kube-root-ca.crt", + "optional": null + }, + "downward_api": null, + "secret": null, + "service_account_token": null + }, + { + "config_map": null, + "downward_api": { + "items": [ + { + "field_ref": { + "api_version": "v1", + "field_path": "metadata.namespace" + }, + "mode": null, + "path": "namespace", + "resource_field_ref": null + } + ] + }, + "secret": null, + "service_account_token": null + } + ] + }, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + } + ] + }, + "status": { + "conditions": [ + { + "last_probe_time": null, + "last_transition_time": "2024-02-26T19:33:53+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "Initialized" + }, + { + "last_probe_time": null, + "last_transition_time": "2024-02-26T19:36:14+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "Ready" + }, + { + "last_probe_time": null, + "last_transition_time": "2024-02-26T19:36:14+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "ContainersReady" + }, + { + "last_probe_time": null, + "last_transition_time": "2024-02-26T19:33:34+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "PodScheduled" + } + ], + "container_statuses": [ + { + "container_id": "containerd://e27a1c201fa1ecb46b015512bae5ba8f2be69fe6b44c7fd88f737e19adc75e21", + "image": "docker.io/k8ssandra/cass-management-api:3.11.7", + "image_id": "docker.io/library/import-2024-02-26@sha256:3c740a7979c8fdbade5e4a289fd9bd2518bddafb76c7135fff09fb049b91ec77", + "last_state": { + "running": null, + "terminated": null, + "waiting": null + }, + "name": "cassandra", + "ready": true, + "restart_count": 0, + "started": true, + "state": { + "running": { + "started_at": "2024-02-26T19:33:53+00:00" + }, + "terminated": null, + "waiting": null + } + }, + { + "container_id": "containerd://d2138e6ad02d0ba6a187f65720347f0c8bc4cb0642a0e91d5ac1ea571ecbf725", + "image": "docker.io/k8ssandra/system-logger:v1.10.3", + "image_id": "docker.io/library/import-2024-02-26@sha256:d7125862ace61780e73a267eb69aafd40aefe5f9aa4fa37c82728488d36afe34", + "last_state": { + "running": null, + "terminated": null, + "waiting": null + }, + "name": "server-system-logger", + "ready": true, + "restart_count": 0, + "started": true, + "state": { + "running": { + "started_at": "2024-02-26T19:33:54+00:00" + }, + "terminated": null, + "waiting": null + } + } + ], + "ephemeral_container_statuses": null, + "host_ip": "172.18.0.5", + "init_container_statuses": [ + { + "container_id": "containerd://fbc9b2c3d327d1ca5c482158e10098ace29b54eb27a353bd3cb9098170956407", + "image": "docker.io/datastax/cass-config-builder:1.0.4-ubi7", + "image_id": "docker.io/library/import-2024-02-26@sha256:a2fd99198174a7e97d77e9146e5bc9aa096444b5f3ca71aba30c410661f4fec1", + "last_state": { + "running": null, + "terminated": null, + "waiting": null + }, + "name": "server-config-init", + "ready": true, + "restart_count": 0, + "started": null, + "state": { + "running": null, + "terminated": { + "container_id": "containerd://fbc9b2c3d327d1ca5c482158e10098ace29b54eb27a353bd3cb9098170956407", + "exit_code": 0, + "finished_at": "2024-02-26T19:33:52+00:00", + "message": null, + "reason": "Completed", + "signal": null, + "started_at": "2024-02-26T19:33:50+00:00" + }, + "waiting": null + } + } + ], + "message": null, + "nominated_node_name": null, + "phase": "Running", + "pod_ip": "10.244.2.5", + "pod_i_ps": [ + { + "ip": "10.244.2.5" + } + ], + "qos_class": "Burstable", + "reason": null, + "start_time": "2024-02-26T19:33:34+00:00" + } + }, + "cluster1-test-cluster-default-sts-2": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:30+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": "cluster1-test-cluster-default-sts-", + "generation": null, + "labels": { + "app.kubernetes.io/instance": "cassandra-cluster1", + "app.kubernetes.io/managed-by": "cass-operator", + "app.kubernetes.io/name": "cassandra", + "app.kubernetes.io/version": "3.11.7", + "cassandra.datastax.com/cluster": "cluster1", + "cassandra.datastax.com/datacenter": "test-cluster", + "cassandra.datastax.com/node-state": "Started", + "cassandra.datastax.com/rack": "default", + "cassandra.datastax.com/seed-node": "true", + "controller-revision-hash": "cluster1-test-cluster-default-sts-5d8d5c84f4", + "statefulset.kubernetes.io/pod-name": "cluster1-test-cluster-default-sts-2" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:generateName": {}, + "f:labels": { + ".": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {}, + "f:app.kubernetes.io/version": {}, + "f:cassandra.datastax.com/cluster": {}, + "f:cassandra.datastax.com/datacenter": {}, + "f:cassandra.datastax.com/rack": {}, + "f:controller-revision-hash": {}, + "f:statefulset.kubernetes.io/pod-name": {} + }, + "f:ownerReferences": { + ".": {}, + "k:{\"uid\":\"f34321ea-cb8c-422e-8e25-043ede05be43\"}": {} + } + }, + "f:spec": { + "f:affinity": { + ".": {}, + "f:podAntiAffinity": { + ".": {}, + "f:requiredDuringSchedulingIgnoredDuringExecution": {} + } + }, + "f:containers": { + "k:{\"name\":\"cassandra\"}": { + ".": {}, + "f:env": { + ".": {}, + "k:{\"name\":\"DSE_AUTO_CONF_OFF\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"DSE_MGMT_EXPLICIT_START\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"DS_LICENSE\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"MGMT_API_EXPLICIT_START\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"USE_MGMT_API\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + } + }, + "f:image": {}, + "f:imagePullPolicy": {}, + "f:lifecycle": { + ".": {}, + "f:preStop": { + ".": {}, + "f:exec": { + ".": {}, + "f:command": {} + } + } + }, + "f:livenessProbe": { + ".": {}, + "f:failureThreshold": {}, + "f:httpGet": { + ".": {}, + "f:path": {}, + "f:port": {}, + "f:scheme": {} + }, + "f:initialDelaySeconds": {}, + "f:periodSeconds": {}, + "f:successThreshold": {}, + "f:timeoutSeconds": {} + }, + "f:name": {}, + "f:ports": { + ".": {}, + "k:{\"containerPort\":7000,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + }, + "k:{\"containerPort\":7001,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + }, + "k:{\"containerPort\":7199,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + }, + "k:{\"containerPort\":8080,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + }, + "k:{\"containerPort\":9042,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + }, + "k:{\"containerPort\":9103,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + }, + "k:{\"containerPort\":9142,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + }, + "k:{\"containerPort\":9160,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + } + }, + "f:readinessProbe": { + ".": {}, + "f:failureThreshold": {}, + "f:httpGet": { + ".": {}, + "f:path": {}, + "f:port": {}, + "f:scheme": {} + }, + "f:initialDelaySeconds": {}, + "f:periodSeconds": {}, + "f:successThreshold": {}, + "f:timeoutSeconds": {} + }, + "f:resources": {}, + "f:terminationMessagePath": {}, + "f:terminationMessagePolicy": {}, + "f:volumeMounts": { + ".": {}, + "k:{\"mountPath\":\"/config\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {} + }, + "k:{\"mountPath\":\"/etc/encryption/\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {} + }, + "k:{\"mountPath\":\"/var/lib/cassandra\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {} + }, + "k:{\"mountPath\":\"/var/log/cassandra\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {} + } + } + }, + "k:{\"name\":\"server-system-logger\"}": { + ".": {}, + "f:image": {}, + "f:imagePullPolicy": {}, + "f:name": {}, + "f:resources": { + ".": {}, + "f:limits": { + ".": {}, + "f:cpu": {}, + "f:memory": {} + }, + "f:requests": { + ".": {}, + "f:cpu": {}, + "f:memory": {} + } + }, + "f:terminationMessagePath": {}, + "f:terminationMessagePolicy": {}, + "f:volumeMounts": { + ".": {}, + "k:{\"mountPath\":\"/var/log/cassandra\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {} + } + } + } + }, + "f:dnsPolicy": {}, + "f:enableServiceLinks": {}, + "f:hostname": {}, + "f:initContainers": { + ".": {}, + "k:{\"name\":\"server-config-init\"}": { + ".": {}, + "f:env": { + ".": {}, + "k:{\"name\":\"CONFIG_FILE_DATA\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"DSE_VERSION\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"HOST_IP\"}": { + ".": {}, + "f:name": {}, + "f:valueFrom": { + ".": {}, + "f:fieldRef": {} + } + }, + "k:{\"name\":\"POD_IP\"}": { + ".": {}, + "f:name": {}, + "f:valueFrom": { + ".": {}, + "f:fieldRef": {} + } + }, + "k:{\"name\":\"PRODUCT_NAME\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"PRODUCT_VERSION\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"RACK_NAME\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"USE_HOST_IP_FOR_BROADCAST\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + } + }, + "f:image": {}, + "f:imagePullPolicy": {}, + "f:name": {}, + "f:resources": { + ".": {}, + "f:limits": { + ".": {}, + "f:cpu": {}, + "f:memory": {} + }, + "f:requests": { + ".": {}, + "f:cpu": {}, + "f:memory": {} + } + }, + "f:terminationMessagePath": {}, + "f:terminationMessagePolicy": {}, + "f:volumeMounts": { + ".": {}, + "k:{\"mountPath\":\"/config\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {} + } + } + } + }, + "f:restartPolicy": {}, + "f:schedulerName": {}, + "f:securityContext": { + ".": {}, + "f:fsGroup": {}, + "f:runAsGroup": {}, + "f:runAsUser": {} + }, + "f:serviceAccount": {}, + "f:serviceAccountName": {}, + "f:subdomain": {}, + "f:terminationGracePeriodSeconds": {}, + "f:volumes": { + ".": {}, + "k:{\"name\":\"encryption-cred-storage\"}": { + ".": {}, + "f:name": {}, + "f:secret": { + ".": {}, + "f:defaultMode": {}, + "f:secretName": {} + } + }, + "k:{\"name\":\"server-config\"}": { + ".": {}, + "f:emptyDir": {}, + "f:name": {} + }, + "k:{\"name\":\"server-data\"}": { + ".": {}, + "f:name": {}, + "f:persistentVolumeClaim": { + ".": {}, + "f:claimName": {} + } + }, + "k:{\"name\":\"server-logs\"}": { + ".": {}, + "f:emptyDir": {}, + "f:name": {} + } + } + } + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:30+00:00" + }, + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:status": { + "f:conditions": { + "k:{\"type\":\"ContainersReady\"}": { + ".": {}, + "f:lastProbeTime": {}, + "f:lastTransitionTime": {}, + "f:status": {}, + "f:type": {} + }, + "k:{\"type\":\"Initialized\"}": { + ".": {}, + "f:lastProbeTime": {}, + "f:lastTransitionTime": {}, + "f:status": {}, + "f:type": {} + }, + "k:{\"type\":\"Ready\"}": { + ".": {}, + "f:lastProbeTime": {}, + "f:lastTransitionTime": {}, + "f:status": {}, + "f:type": {} + } + }, + "f:containerStatuses": {}, + "f:hostIP": {}, + "f:initContainerStatuses": {}, + "f:phase": {}, + "f:podIP": {}, + "f:podIPs": { + ".": {}, + "k:{\"ip\":\"10.244.3.5\"}": { + ".": {}, + "f:ip": {} + } + }, + "f:startTime": {} + } + }, + "manager": "Go-http-client", + "operation": "Update", + "subresource": "status", + "time": "2024-02-26T19:35:24+00:00" + }, + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:labels": { + "f:cassandra.datastax.com/node-state": {}, + "f:cassandra.datastax.com/seed-node": {} + } + } + }, + "manager": "manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:35:24+00:00" + } + ], + "name": "cluster1-test-cluster-default-sts-2", + "namespace": "cass-operator", + "owner_references": [ + { + "api_version": "apps/v1", + "block_owner_deletion": true, + "controller": true, + "kind": "StatefulSet", + "name": "cluster1-test-cluster-default-sts", + "uid": "f34321ea-cb8c-422e-8e25-043ede05be43" + } + ], + "resource_version": "1793", + "self_link": null, + "uid": "939bdbbf-0ce4-4888-b71e-12983ba5c9aa" + }, + "spec": { + "active_deadline_seconds": null, + "affinity": { + "node_affinity": null, + "pod_affinity": null, + "pod_anti_affinity": { + "preferred_during_scheduling_ignored_during_execution": null, + "required_during_scheduling_ignored_during_execution": [ + { + "label_selector": { + "match_expressions": [ + { + "key": "cassandra.datastax.com/cluster", + "operator": "Exists", + "values": null + }, + { + "key": "cassandra.datastax.com/datacenter", + "operator": "Exists", + "values": null + }, + { + "key": "cassandra.datastax.com/rack", + "operator": "Exists", + "values": null + } + ], + "match_labels": null + }, + "namespace_selector": null, + "namespaces": null, + "topology_key": "kubernetes.io/hostname" + } + ] + } + }, + "automount_service_account_token": null, + "containers": [ + { + "args": null, + "command": null, + "env": [ + { + "name": "DS_LICENSE", + "value": "accept", + "value_from": null + }, + { + "name": "DSE_AUTO_CONF_OFF", + "value": "all", + "value_from": null + }, + { + "name": "USE_MGMT_API", + "value": "true", + "value_from": null + }, + { + "name": "MGMT_API_EXPLICIT_START", + "value": "true", + "value_from": null + }, + { + "name": "DSE_MGMT_EXPLICIT_START", + "value": "true", + "value_from": null + } + ], + "env_from": null, + "image": "k8ssandra/cass-management-api:3.11.7", + "image_pull_policy": "IfNotPresent", + "lifecycle": { + "post_start": null, + "pre_stop": { + "_exec": { + "command": [ + "wget", + "--output-document", + "/dev/null", + "--no-check-certificate", + "--post-data=''", + "http://localhost:8080/api/v0/ops/node/drain" + ] + }, + "http_get": null, + "tcp_socket": null + } + }, + "liveness_probe": { + "_exec": null, + "failure_threshold": 3, + "grpc": null, + "http_get": { + "host": null, + "http_headers": null, + "path": "/api/v0/probes/liveness", + "port": 8080, + "scheme": "HTTP" + }, + "initial_delay_seconds": 15, + "period_seconds": 15, + "success_threshold": 1, + "tcp_socket": null, + "termination_grace_period_seconds": null, + "timeout_seconds": 1 + }, + "name": "cassandra", + "ports": [ + { + "container_port": 9042, + "host_ip": null, + "host_port": null, + "name": "native", + "protocol": "TCP" + }, + { + "container_port": 9142, + "host_ip": null, + "host_port": null, + "name": "tls-native", + "protocol": "TCP" + }, + { + "container_port": 7000, + "host_ip": null, + "host_port": null, + "name": "internode", + "protocol": "TCP" + }, + { + "container_port": 7001, + "host_ip": null, + "host_port": null, + "name": "tls-internode", + "protocol": "TCP" + }, + { + "container_port": 7199, + "host_ip": null, + "host_port": null, + "name": "jmx", + "protocol": "TCP" + }, + { + "container_port": 8080, + "host_ip": null, + "host_port": null, + "name": "mgmt-api-http", + "protocol": "TCP" + }, + { + "container_port": 9103, + "host_ip": null, + "host_port": null, + "name": "prometheus", + "protocol": "TCP" + }, + { + "container_port": 9160, + "host_ip": null, + "host_port": null, + "name": "thrift", + "protocol": "TCP" + } + ], + "readiness_probe": { + "_exec": null, + "failure_threshold": 3, + "grpc": null, + "http_get": { + "host": null, + "http_headers": null, + "path": "/api/v0/probes/readiness", + "port": 8080, + "scheme": "HTTP" + }, + "initial_delay_seconds": 20, + "period_seconds": 10, + "success_threshold": 1, + "tcp_socket": null, + "termination_grace_period_seconds": null, + "timeout_seconds": 1 + }, + "resources": { + "claims": null, + "limits": null, + "requests": null + }, + "security_context": null, + "startup_probe": null, + "stdin": null, + "stdin_once": null, + "termination_message_path": "/dev/termination-log", + "termination_message_policy": "File", + "tty": null, + "volume_devices": null, + "volume_mounts": [ + { + "mount_path": "/var/log/cassandra", + "mount_propagation": null, + "name": "server-logs", + "read_only": null, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/var/lib/cassandra", + "mount_propagation": null, + "name": "server-data", + "read_only": null, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/etc/encryption/", + "mount_propagation": null, + "name": "encryption-cred-storage", + "read_only": null, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/config", + "mount_propagation": null, + "name": "server-config", + "read_only": null, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/var/run/secrets/kubernetes.io/serviceaccount", + "mount_propagation": null, + "name": "kube-api-access-7nwkq", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + } + ], + "working_dir": null + }, + { + "args": null, + "command": null, + "env": null, + "env_from": null, + "image": "k8ssandra/system-logger:v1.10.3", + "image_pull_policy": "IfNotPresent", + "lifecycle": null, + "liveness_probe": null, + "name": "server-system-logger", + "ports": null, + "readiness_probe": null, + "resources": { + "claims": null, + "limits": { + "cpu": "100m", + "memory": "64M" + }, + "requests": { + "cpu": "100m", + "memory": "64M" + } + }, + "security_context": null, + "startup_probe": null, + "stdin": null, + "stdin_once": null, + "termination_message_path": "/dev/termination-log", + "termination_message_policy": "File", + "tty": null, + "volume_devices": null, + "volume_mounts": [ + { + "mount_path": "/var/log/cassandra", + "mount_propagation": null, + "name": "server-logs", + "read_only": null, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/var/run/secrets/kubernetes.io/serviceaccount", + "mount_propagation": null, + "name": "kube-api-access-7nwkq", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + } + ], + "working_dir": null + } + ], + "dns_config": null, + "dns_policy": "ClusterFirst", + "enable_service_links": true, + "ephemeral_containers": null, + "host_aliases": null, + "host_ipc": null, + "host_network": null, + "host_pid": null, + "host_users": null, + "hostname": "cluster1-test-cluster-default-sts-2", + "image_pull_secrets": null, + "init_containers": [ + { + "args": null, + "command": null, + "env": [ + { + "name": "POD_IP", + "value": null, + "value_from": { + "config_map_key_ref": null, + "field_ref": { + "api_version": "v1", + "field_path": "status.podIP" + }, + "resource_field_ref": null, + "secret_key_ref": null + } + }, + { + "name": "HOST_IP", + "value": null, + "value_from": { + "config_map_key_ref": null, + "field_ref": { + "api_version": "v1", + "field_path": "status.hostIP" + }, + "resource_field_ref": null, + "secret_key_ref": null + } + }, + { + "name": "USE_HOST_IP_FOR_BROADCAST", + "value": "false", + "value_from": null + }, + { + "name": "RACK_NAME", + "value": "default", + "value_from": null + }, + { + "name": "PRODUCT_VERSION", + "value": "3.11.7", + "value_from": null + }, + { + "name": "PRODUCT_NAME", + "value": "cassandra", + "value_from": null + }, + { + "name": "DSE_VERSION", + "value": "3.11.7", + "value_from": null + }, + { + "name": "CONFIG_FILE_DATA", + "value": "{\"cassandra-yaml\":{\"authenticator\":\"org.apache.cassandra.auth.PasswordAuthenticator\",\"authorizer\":\"org.apache.cassandra.auth.CassandraAuthorizer\",\"role_manager\":\"org.apache.cassandra.auth.CassandraRoleManager\"},\"cluster-info\":{\"name\":\"cluster1\",\"seeds\":\"cluster1-seed-service,cluster1-test-cluster-additional-seed-service\"},\"datacenter-info\":{\"graph-enabled\":0,\"name\":\"test-cluster\",\"solr-enabled\":0,\"spark-enabled\":0},\"jvm-options\":{\"initial_heap_size\":\"800M\",\"max_heap_size\":\"800M\"}}", + "value_from": null + } + ], + "env_from": null, + "image": "datastax/cass-config-builder:1.0.4-ubi7", + "image_pull_policy": "IfNotPresent", + "lifecycle": null, + "liveness_probe": null, + "name": "server-config-init", + "ports": null, + "readiness_probe": null, + "resources": { + "claims": null, + "limits": { + "cpu": "1", + "memory": "256M" + }, + "requests": { + "cpu": "1", + "memory": "256M" + } + }, + "security_context": null, + "startup_probe": null, + "stdin": null, + "stdin_once": null, + "termination_message_path": "/dev/termination-log", + "termination_message_policy": "File", + "tty": null, + "volume_devices": null, + "volume_mounts": [ + { + "mount_path": "/config", + "mount_propagation": null, + "name": "server-config", + "read_only": null, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/var/run/secrets/kubernetes.io/serviceaccount", + "mount_propagation": null, + "name": "kube-api-access-7nwkq", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + } + ], + "working_dir": null + } + ], + "node_name": "acto-0-cluster-0-worker3", + "node_selector": null, + "os": null, + "overhead": null, + "preemption_policy": "PreemptLowerPriority", + "priority": 0, + "priority_class_name": null, + "readiness_gates": null, + "resource_claims": null, + "restart_policy": "Always", + "runtime_class_name": null, + "scheduler_name": "default-scheduler", + "scheduling_gates": null, + "security_context": { + "fs_group": 999, + "fs_group_change_policy": null, + "run_as_group": 999, + "run_as_non_root": null, + "run_as_user": 999, + "se_linux_options": null, + "seccomp_profile": null, + "supplemental_groups": null, + "sysctls": null, + "windows_options": null + }, + "service_account": "default", + "service_account_name": "default", + "set_hostname_as_fqdn": null, + "share_process_namespace": null, + "subdomain": "cluster1-test-cluster-all-pods-service", + "termination_grace_period_seconds": 120, + "tolerations": [ + { + "effect": "NoExecute", + "key": "node.kubernetes.io/not-ready", + "operator": "Exists", + "toleration_seconds": 300, + "value": null + }, + { + "effect": "NoExecute", + "key": "node.kubernetes.io/unreachable", + "operator": "Exists", + "toleration_seconds": 300, + "value": null + } + ], + "topology_spread_constraints": null, + "volumes": [ + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "server-data", + "nfs": null, + "persistent_volume_claim": { + "claim_name": "server-data-cluster1-test-cluster-default-sts-2", + "read_only": null + }, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": null, + "empty_dir": { + "medium": null, + "size_limit": null + }, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "server-config", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": null, + "empty_dir": { + "medium": null, + "size_limit": null + }, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "server-logs", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "encryption-cred-storage", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": { + "default_mode": 420, + "items": null, + "optional": null, + "secret_name": "test-cluster-keystore" + }, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "kube-api-access-7nwkq", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": { + "default_mode": 420, + "sources": [ + { + "config_map": null, + "downward_api": null, + "secret": null, + "service_account_token": { + "audience": null, + "expiration_seconds": 3607, + "path": "token" + } + }, + { + "config_map": { + "items": [ + { + "key": "ca.crt", + "mode": null, + "path": "ca.crt" + } + ], + "name": "kube-root-ca.crt", + "optional": null + }, + "downward_api": null, + "secret": null, + "service_account_token": null + }, + { + "config_map": null, + "downward_api": { + "items": [ + { + "field_ref": { + "api_version": "v1", + "field_path": "metadata.namespace" + }, + "mode": null, + "path": "namespace", + "resource_field_ref": null + } + ] + }, + "secret": null, + "service_account_token": null + } + ] + }, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + } + ] + }, + "status": { + "conditions": [ + { + "last_probe_time": null, + "last_transition_time": "2024-02-26T19:33:53+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "Initialized" + }, + { + "last_probe_time": null, + "last_transition_time": "2024-02-26T19:35:24+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "Ready" + }, + { + "last_probe_time": null, + "last_transition_time": "2024-02-26T19:35:24+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "ContainersReady" + }, + { + "last_probe_time": null, + "last_transition_time": "2024-02-26T19:33:34+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "PodScheduled" + } + ], + "container_statuses": [ + { + "container_id": "containerd://e7179b2542c9da5c579c4e790603e3c5e03996376593edaf03a3c352c35f8f43", + "image": "docker.io/k8ssandra/cass-management-api:3.11.7", + "image_id": "docker.io/library/import-2024-02-26@sha256:3c740a7979c8fdbade5e4a289fd9bd2518bddafb76c7135fff09fb049b91ec77", + "last_state": { + "running": null, + "terminated": null, + "waiting": null + }, + "name": "cassandra", + "ready": true, + "restart_count": 0, + "started": true, + "state": { + "running": { + "started_at": "2024-02-26T19:33:53+00:00" + }, + "terminated": null, + "waiting": null + } + }, + { + "container_id": "containerd://bd3f0cf4edfd75dd626a28f884a35e447f2e5d07442d11eda98bc78348f602b1", + "image": "docker.io/k8ssandra/system-logger:v1.10.3", + "image_id": "docker.io/library/import-2024-02-26@sha256:d7125862ace61780e73a267eb69aafd40aefe5f9aa4fa37c82728488d36afe34", + "last_state": { + "running": null, + "terminated": null, + "waiting": null + }, + "name": "server-system-logger", + "ready": true, + "restart_count": 0, + "started": true, + "state": { + "running": { + "started_at": "2024-02-26T19:33:54+00:00" + }, + "terminated": null, + "waiting": null + } + } + ], + "ephemeral_container_statuses": null, + "host_ip": "172.18.0.2", + "init_container_statuses": [ + { + "container_id": "containerd://edeb7ccb8c3a582f61982cbcd7f3df8496980a8744ba802cd51cf709e5e44290", + "image": "docker.io/datastax/cass-config-builder:1.0.4-ubi7", + "image_id": "docker.io/library/import-2024-02-26@sha256:a2fd99198174a7e97d77e9146e5bc9aa096444b5f3ca71aba30c410661f4fec1", + "last_state": { + "running": null, + "terminated": null, + "waiting": null + }, + "name": "server-config-init", + "ready": true, + "restart_count": 0, + "started": null, + "state": { + "running": null, + "terminated": { + "container_id": "containerd://edeb7ccb8c3a582f61982cbcd7f3df8496980a8744ba802cd51cf709e5e44290", + "exit_code": 0, + "finished_at": "2024-02-26T19:33:53+00:00", + "message": null, + "reason": "Completed", + "signal": null, + "started_at": "2024-02-26T19:33:50+00:00" + }, + "waiting": null + } + } + ], + "message": null, + "nominated_node_name": null, + "phase": "Running", + "pod_ip": "10.244.3.5", + "pod_i_ps": [ + { + "ip": "10.244.3.5" + } + ], + "qos_class": "Burstable", + "reason": null, + "start_time": "2024-02-26T19:33:34+00:00" + } + } + }, + "deployment_pods": { + "cass-operator-controller-manager": [ + { + "api_version": null, + "kind": null, + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:32:59+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": "cass-operator-controller-manager-7f9b66678b-", + "generation": null, + "labels": { + "acto/tag": "operator-pod", + "control-plane": "controller-manager", + "name": "cass-operator", + "pod-template-hash": "7f9b66678b" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:generateName": {}, + "f:labels": { + ".": {}, + "f:acto/tag": {}, + "f:control-plane": {}, + "f:name": {}, + "f:pod-template-hash": {} + }, + "f:ownerReferences": { + ".": {}, + "k:{\"uid\":\"e38b5d98-937b-4f7a-9830-ede14d9e8f42\"}": {} + } + }, + "f:spec": { + "f:containers": { + "k:{\"name\":\"manager\"}": { + ".": {}, + "f:args": {}, + "f:command": {}, + "f:env": { + ".": {}, + "k:{\"name\":\"WATCH_NAMESPACE\"}": { + ".": {}, + "f:name": {} + } + }, + "f:image": {}, + "f:imagePullPolicy": {}, + "f:livenessProbe": { + ".": {}, + "f:failureThreshold": {}, + "f:httpGet": { + ".": {}, + "f:path": {}, + "f:port": {}, + "f:scheme": {} + }, + "f:initialDelaySeconds": {}, + "f:periodSeconds": {}, + "f:successThreshold": {}, + "f:timeoutSeconds": {} + }, + "f:name": {}, + "f:ports": { + ".": {}, + "k:{\"containerPort\":9443,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + } + }, + "f:readinessProbe": { + ".": {}, + "f:failureThreshold": {}, + "f:httpGet": { + ".": {}, + "f:path": {}, + "f:port": {}, + "f:scheme": {} + }, + "f:initialDelaySeconds": {}, + "f:periodSeconds": {}, + "f:successThreshold": {}, + "f:timeoutSeconds": {} + }, + "f:resources": { + ".": {}, + "f:limits": { + ".": {}, + "f:cpu": {}, + "f:memory": {} + }, + "f:requests": { + ".": {}, + "f:cpu": {}, + "f:memory": {} + } + }, + "f:securityContext": { + ".": {}, + "f:allowPrivilegeEscalation": {} + }, + "f:terminationMessagePath": {}, + "f:terminationMessagePolicy": {}, + "f:volumeMounts": { + ".": {}, + "k:{\"mountPath\":\"/configs\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {} + }, + "k:{\"mountPath\":\"/tmp/k8s-webhook-server/serving-certs\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {}, + "f:readOnly": {} + } + } + } + }, + "f:dnsPolicy": {}, + "f:enableServiceLinks": {}, + "f:restartPolicy": {}, + "f:schedulerName": {}, + "f:securityContext": { + ".": {}, + "f:runAsNonRoot": {} + }, + "f:serviceAccount": {}, + "f:serviceAccountName": {}, + "f:terminationGracePeriodSeconds": {}, + "f:volumes": { + ".": {}, + "k:{\"name\":\"cert\"}": { + ".": {}, + "f:name": {}, + "f:secret": { + ".": {}, + "f:defaultMode": {}, + "f:secretName": {} + } + }, + "k:{\"name\":\"manager-config\"}": { + ".": {}, + "f:configMap": { + ".": {}, + "f:defaultMode": {}, + "f:name": {} + }, + "f:name": {} + } + } + } + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:32:59+00:00" + }, + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:status": { + "f:conditions": { + "k:{\"type\":\"ContainersReady\"}": { + ".": {}, + "f:lastProbeTime": {}, + "f:lastTransitionTime": {}, + "f:status": {}, + "f:type": {} + }, + "k:{\"type\":\"Initialized\"}": { + ".": {}, + "f:lastProbeTime": {}, + "f:lastTransitionTime": {}, + "f:status": {}, + "f:type": {} + }, + "k:{\"type\":\"Ready\"}": { + ".": {}, + "f:lastProbeTime": {}, + "f:lastTransitionTime": {}, + "f:status": {}, + "f:type": {} + } + }, + "f:containerStatuses": {}, + "f:hostIP": {}, + "f:phase": {}, + "f:podIP": {}, + "f:podIPs": { + ".": {}, + "k:{\"ip\":\"10.244.3.3\"}": { + ".": {}, + "f:ip": {} + } + }, + "f:startTime": {} + } + }, + "manager": "Go-http-client", + "operation": "Update", + "subresource": "status", + "time": "2024-02-26T19:33:09+00:00" + } + ], + "name": "cass-operator-controller-manager-7f9b66678b-z6j64", + "namespace": "cass-operator", + "owner_references": [ + { + "api_version": "apps/v1", + "block_owner_deletion": true, + "controller": true, + "kind": "ReplicaSet", + "name": "cass-operator-controller-manager-7f9b66678b", + "uid": "e38b5d98-937b-4f7a-9830-ede14d9e8f42" + } + ], + "resource_version": "1110", + "self_link": null, + "uid": "cb769fc5-2138-4ed6-a67a-6809b9982242" + }, + "spec": { + "active_deadline_seconds": null, + "affinity": null, + "automount_service_account_token": null, + "containers": [ + { + "args": [ + "--config=/configs/controller_manager_config.yaml" + ], + "command": [ + "/manager" + ], + "env": [ + { + "name": "WATCH_NAMESPACE", + "value": null, + "value_from": null + } + ], + "env_from": null, + "image": "k8ssandra/cass-operator:v1.10.3", + "image_pull_policy": "IfNotPresent", + "lifecycle": null, + "liveness_probe": { + "_exec": null, + "failure_threshold": 3, + "grpc": null, + "http_get": { + "host": null, + "http_headers": null, + "path": "/healthz", + "port": 8081, + "scheme": "HTTP" + }, + "initial_delay_seconds": 15, + "period_seconds": 20, + "success_threshold": 1, + "tcp_socket": null, + "termination_grace_period_seconds": null, + "timeout_seconds": 1 + }, + "name": "manager", + "ports": [ + { + "container_port": 9443, + "host_ip": null, + "host_port": null, + "name": "webhook-server", + "protocol": "TCP" + } + ], + "readiness_probe": { + "_exec": null, + "failure_threshold": 3, + "grpc": null, + "http_get": { + "host": null, + "http_headers": null, + "path": "/readyz", + "port": 8081, + "scheme": "HTTP" + }, + "initial_delay_seconds": 5, + "period_seconds": 10, + "success_threshold": 1, + "tcp_socket": null, + "termination_grace_period_seconds": null, + "timeout_seconds": 1 + }, + "resources": { + "claims": null, + "limits": { + "cpu": "200m", + "memory": "100Mi" + }, + "requests": { + "cpu": "100m", + "memory": "20Mi" + } + }, + "security_context": { + "allow_privilege_escalation": false, + "capabilities": null, + "privileged": null, + "proc_mount": null, + "read_only_root_filesystem": null, + "run_as_group": null, + "run_as_non_root": null, + "run_as_user": null, + "se_linux_options": null, + "seccomp_profile": null, + "windows_options": null + }, + "startup_probe": null, + "stdin": null, + "stdin_once": null, + "termination_message_path": "/dev/termination-log", + "termination_message_policy": "File", + "tty": null, + "volume_devices": null, + "volume_mounts": [ + { + "mount_path": "/tmp/k8s-webhook-server/serving-certs", + "mount_propagation": null, + "name": "cert", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/configs", + "mount_propagation": null, + "name": "manager-config", + "read_only": null, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/var/run/secrets/kubernetes.io/serviceaccount", + "mount_propagation": null, + "name": "kube-api-access-9c9ht", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + } + ], + "working_dir": null + } + ], + "dns_config": null, + "dns_policy": "ClusterFirst", + "enable_service_links": true, + "ephemeral_containers": null, + "host_aliases": null, + "host_ipc": null, + "host_network": null, + "host_pid": null, + "host_users": null, + "hostname": null, + "image_pull_secrets": null, + "init_containers": null, + "node_name": "acto-0-cluster-0-worker3", + "node_selector": null, + "os": null, + "overhead": null, + "preemption_policy": "PreemptLowerPriority", + "priority": 0, + "priority_class_name": null, + "readiness_gates": null, + "resource_claims": null, + "restart_policy": "Always", + "runtime_class_name": null, + "scheduler_name": "default-scheduler", + "scheduling_gates": null, + "security_context": { + "fs_group": null, + "fs_group_change_policy": null, + "run_as_group": null, + "run_as_non_root": true, + "run_as_user": null, + "se_linux_options": null, + "seccomp_profile": null, + "supplemental_groups": null, + "sysctls": null, + "windows_options": null + }, + "service_account": "cass-operator-controller-manager", + "service_account_name": "cass-operator-controller-manager", + "set_hostname_as_fqdn": null, + "share_process_namespace": null, + "subdomain": null, + "termination_grace_period_seconds": 10, + "tolerations": [ + { + "effect": "NoExecute", + "key": "node.kubernetes.io/not-ready", + "operator": "Exists", + "toleration_seconds": 300, + "value": null + }, + { + "effect": "NoExecute", + "key": "node.kubernetes.io/unreachable", + "operator": "Exists", + "toleration_seconds": 300, + "value": null + } + ], + "topology_spread_constraints": null, + "volumes": [ + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "cert", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": { + "default_mode": 420, + "items": null, + "optional": null, + "secret_name": "webhook-server-cert" + }, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": { + "default_mode": 420, + "items": null, + "name": "cass-operator-manager-config", + "optional": null + }, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "manager-config", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "kube-api-access-9c9ht", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": { + "default_mode": 420, + "sources": [ + { + "config_map": null, + "downward_api": null, + "secret": null, + "service_account_token": { + "audience": null, + "expiration_seconds": 3607, + "path": "token" + } + }, + { + "config_map": { + "items": [ + { + "key": "ca.crt", + "mode": null, + "path": "ca.crt" + } + ], + "name": "kube-root-ca.crt", + "optional": null + }, + "downward_api": null, + "secret": null, + "service_account_token": null + }, + { + "config_map": null, + "downward_api": { + "items": [ + { + "field_ref": { + "api_version": "v1", + "field_path": "metadata.namespace" + }, + "mode": null, + "path": "namespace", + "resource_field_ref": null + } + ] + }, + "secret": null, + "service_account_token": null + } + ] + }, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + } + ] + }, + "status": { + "conditions": [ + { + "last_probe_time": null, + "last_transition_time": "2024-02-26T19:32:59+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "Initialized" + }, + { + "last_probe_time": null, + "last_transition_time": "2024-02-26T19:33:09+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "Ready" + }, + { + "last_probe_time": null, + "last_transition_time": "2024-02-26T19:33:09+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "ContainersReady" + }, + { + "last_probe_time": null, + "last_transition_time": "2024-02-26T19:32:59+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "PodScheduled" + } + ], + "container_statuses": [ + { + "container_id": "containerd://22e35e1d8763c8d751ade2fb980f5ea7bbd5bf2d62396406e3dc2e5823f6a795", + "image": "docker.io/k8ssandra/cass-operator:v1.10.3", + "image_id": "docker.io/library/import-2024-02-26@sha256:f49a4c207c57d255a49829936c0742362c29e184f8ba7f103f33552cfbf52376", + "last_state": { + "running": null, + "terminated": null, + "waiting": null + }, + "name": "manager", + "ready": true, + "restart_count": 0, + "started": true, + "state": { + "running": { + "started_at": "2024-02-26T19:32:59+00:00" + }, + "terminated": null, + "waiting": null + } + } + ], + "ephemeral_container_statuses": null, + "host_ip": "172.18.0.2", + "init_container_statuses": null, + "message": null, + "nominated_node_name": null, + "phase": "Running", + "pod_ip": "10.244.3.3", + "pod_i_ps": [ + { + "ip": "10.244.3.3" + } + ], + "qos_class": "Burstable", + "reason": null, + "start_time": "2024-02-26T19:32:59+00:00" + } + } + ] + }, + "daemonset_pods": {}, + "stateful_set": { + "cluster1-test-cluster-default-sts": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": { + "cassandra.datastax.com/resource-hash": "lAD4DISuzU5/CLRvW5A/cZHk0E5jbMdJJWVB9+Ul1rE=" + }, + "creation_timestamp": "2024-02-26T19:33:30+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": 1, + "labels": { + "app.kubernetes.io/instance": "cassandra-cluster1", + "app.kubernetes.io/managed-by": "cass-operator", + "app.kubernetes.io/name": "cassandra", + "app.kubernetes.io/version": "3.11.7", + "cassandra.datastax.com/cluster": "cluster1", + "cassandra.datastax.com/datacenter": "test-cluster", + "cassandra.datastax.com/rack": "default" + }, + "managed_fields": [ + { + "api_version": "apps/v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + ".": {}, + "f:cassandra.datastax.com/resource-hash": {} + }, + "f:labels": { + ".": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {}, + "f:app.kubernetes.io/version": {}, + "f:cassandra.datastax.com/cluster": {}, + "f:cassandra.datastax.com/datacenter": {}, + "f:cassandra.datastax.com/rack": {} + }, + "f:ownerReferences": { + ".": {}, + "k:{\"uid\":\"9b81ee5e-f473-4cc4-8eba-88b9581a973d\"}": {} + } + }, + "f:spec": { + "f:podManagementPolicy": {}, + "f:replicas": {}, + "f:revisionHistoryLimit": {}, + "f:selector": {}, + "f:serviceName": {}, + "f:template": { + "f:metadata": { + "f:labels": { + ".": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {}, + "f:app.kubernetes.io/version": {}, + "f:cassandra.datastax.com/cluster": {}, + "f:cassandra.datastax.com/datacenter": {}, + "f:cassandra.datastax.com/node-state": {}, + "f:cassandra.datastax.com/rack": {} + } + }, + "f:spec": { + "f:affinity": { + ".": {}, + "f:podAntiAffinity": { + ".": {}, + "f:requiredDuringSchedulingIgnoredDuringExecution": {} + } + }, + "f:containers": { + "k:{\"name\":\"cassandra\"}": { + ".": {}, + "f:env": { + ".": {}, + "k:{\"name\":\"DSE_AUTO_CONF_OFF\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"DSE_MGMT_EXPLICIT_START\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"DS_LICENSE\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"MGMT_API_EXPLICIT_START\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"USE_MGMT_API\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + } + }, + "f:image": {}, + "f:imagePullPolicy": {}, + "f:lifecycle": { + ".": {}, + "f:preStop": { + ".": {}, + "f:exec": { + ".": {}, + "f:command": {} + } + } + }, + "f:livenessProbe": { + ".": {}, + "f:failureThreshold": {}, + "f:httpGet": { + ".": {}, + "f:path": {}, + "f:port": {}, + "f:scheme": {} + }, + "f:initialDelaySeconds": {}, + "f:periodSeconds": {}, + "f:successThreshold": {}, + "f:timeoutSeconds": {} + }, + "f:name": {}, + "f:ports": { + ".": {}, + "k:{\"containerPort\":7000,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + }, + "k:{\"containerPort\":7001,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + }, + "k:{\"containerPort\":7199,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + }, + "k:{\"containerPort\":8080,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + }, + "k:{\"containerPort\":9042,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + }, + "k:{\"containerPort\":9103,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + }, + "k:{\"containerPort\":9142,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + }, + "k:{\"containerPort\":9160,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + } + }, + "f:readinessProbe": { + ".": {}, + "f:failureThreshold": {}, + "f:httpGet": { + ".": {}, + "f:path": {}, + "f:port": {}, + "f:scheme": {} + }, + "f:initialDelaySeconds": {}, + "f:periodSeconds": {}, + "f:successThreshold": {}, + "f:timeoutSeconds": {} + }, + "f:resources": {}, + "f:terminationMessagePath": {}, + "f:terminationMessagePolicy": {}, + "f:volumeMounts": { + ".": {}, + "k:{\"mountPath\":\"/config\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {} + }, + "k:{\"mountPath\":\"/etc/encryption/\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {} + }, + "k:{\"mountPath\":\"/var/lib/cassandra\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {} + }, + "k:{\"mountPath\":\"/var/log/cassandra\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {} + } + } + }, + "k:{\"name\":\"server-system-logger\"}": { + ".": {}, + "f:image": {}, + "f:imagePullPolicy": {}, + "f:name": {}, + "f:resources": { + ".": {}, + "f:limits": { + ".": {}, + "f:cpu": {}, + "f:memory": {} + }, + "f:requests": { + ".": {}, + "f:cpu": {}, + "f:memory": {} + } + }, + "f:terminationMessagePath": {}, + "f:terminationMessagePolicy": {}, + "f:volumeMounts": { + ".": {}, + "k:{\"mountPath\":\"/var/log/cassandra\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {} + } + } + } + }, + "f:dnsPolicy": {}, + "f:initContainers": { + ".": {}, + "k:{\"name\":\"server-config-init\"}": { + ".": {}, + "f:env": { + ".": {}, + "k:{\"name\":\"CONFIG_FILE_DATA\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"DSE_VERSION\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"HOST_IP\"}": { + ".": {}, + "f:name": {}, + "f:valueFrom": { + ".": {}, + "f:fieldRef": {} + } + }, + "k:{\"name\":\"POD_IP\"}": { + ".": {}, + "f:name": {}, + "f:valueFrom": { + ".": {}, + "f:fieldRef": {} + } + }, + "k:{\"name\":\"PRODUCT_NAME\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"PRODUCT_VERSION\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"RACK_NAME\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"USE_HOST_IP_FOR_BROADCAST\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + } + }, + "f:image": {}, + "f:imagePullPolicy": {}, + "f:name": {}, + "f:resources": { + ".": {}, + "f:limits": { + ".": {}, + "f:cpu": {}, + "f:memory": {} + }, + "f:requests": { + ".": {}, + "f:cpu": {}, + "f:memory": {} + } + }, + "f:terminationMessagePath": {}, + "f:terminationMessagePolicy": {}, + "f:volumeMounts": { + ".": {}, + "k:{\"mountPath\":\"/config\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {} + } + } + } + }, + "f:restartPolicy": {}, + "f:schedulerName": {}, + "f:securityContext": { + ".": {}, + "f:fsGroup": {}, + "f:runAsGroup": {}, + "f:runAsUser": {} + }, + "f:serviceAccount": {}, + "f:serviceAccountName": {}, + "f:terminationGracePeriodSeconds": {}, + "f:volumes": { + ".": {}, + "k:{\"name\":\"encryption-cred-storage\"}": { + ".": {}, + "f:name": {}, + "f:secret": { + ".": {}, + "f:defaultMode": {}, + "f:secretName": {} + } + }, + "k:{\"name\":\"server-config\"}": { + ".": {}, + "f:emptyDir": {}, + "f:name": {} + }, + "k:{\"name\":\"server-logs\"}": { + ".": {}, + "f:emptyDir": {}, + "f:name": {} + } + } + } + }, + "f:updateStrategy": { + "f:rollingUpdate": { + ".": {}, + "f:partition": {} + }, + "f:type": {} + }, + "f:volumeClaimTemplates": {} + } + }, + "manager": "manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:30+00:00" + }, + { + "api_version": "apps/v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:status": { + "f:availableReplicas": {}, + "f:collisionCount": {}, + "f:currentReplicas": {}, + "f:currentRevision": {}, + "f:observedGeneration": {}, + "f:readyReplicas": {}, + "f:replicas": {}, + "f:updateRevision": {}, + "f:updatedReplicas": {} + } + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": "status", + "time": "2024-02-26T19:34:23+00:00" + } + ], + "name": "cluster1-test-cluster-default-sts", + "namespace": "cass-operator", + "owner_references": [ + { + "api_version": "cassandra.datastax.com/v1beta1", + "block_owner_deletion": true, + "controller": true, + "kind": "CassandraDatacenter", + "name": "test-cluster", + "uid": "9b81ee5e-f473-4cc4-8eba-88b9581a973d" + } + ], + "resource_version": "1970", + "self_link": null, + "uid": "f34321ea-cb8c-422e-8e25-043ede05be43" + }, + "spec": { + "min_ready_seconds": null, + "ordinals": null, + "persistent_volume_claim_retention_policy": null, + "pod_management_policy": "Parallel", + "replicas": 3, + "revision_history_limit": 10, + "selector": { + "match_expressions": null, + "match_labels": { + "cassandra.datastax.com/cluster": "cluster1", + "cassandra.datastax.com/datacenter": "test-cluster", + "cassandra.datastax.com/rack": "default" + } + }, + "service_name": "cluster1-test-cluster-all-pods-service", + "template": { + "metadata": { + "annotations": null, + "creation_timestamp": null, + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": { + "app.kubernetes.io/instance": "cassandra-cluster1", + "app.kubernetes.io/managed-by": "cass-operator", + "app.kubernetes.io/name": "cassandra", + "app.kubernetes.io/version": "3.11.7", + "cassandra.datastax.com/cluster": "cluster1", + "cassandra.datastax.com/datacenter": "test-cluster", + "cassandra.datastax.com/node-state": "Ready-to-Start", + "cassandra.datastax.com/rack": "default" + }, + "managed_fields": null, + "name": null, + "namespace": null, + "owner_references": null, + "resource_version": null, + "self_link": null, + "uid": null + }, + "spec": { + "active_deadline_seconds": null, + "affinity": { + "node_affinity": null, + "pod_affinity": null, + "pod_anti_affinity": { + "preferred_during_scheduling_ignored_during_execution": null, + "required_during_scheduling_ignored_during_execution": [ + { + "label_selector": { + "match_expressions": [ + { + "key": "cassandra.datastax.com/cluster", + "operator": "Exists", + "values": null + }, + { + "key": "cassandra.datastax.com/datacenter", + "operator": "Exists", + "values": null + }, + { + "key": "cassandra.datastax.com/rack", + "operator": "Exists", + "values": null + } + ], + "match_labels": null + }, + "namespace_selector": null, + "namespaces": null, + "topology_key": "kubernetes.io/hostname" + } + ] + } + }, + "automount_service_account_token": null, + "containers": [ + { + "args": null, + "command": null, + "env": [ + { + "name": "DS_LICENSE", + "value": "accept", + "value_from": null + }, + { + "name": "DSE_AUTO_CONF_OFF", + "value": "all", + "value_from": null + }, + { + "name": "USE_MGMT_API", + "value": "true", + "value_from": null + }, + { + "name": "MGMT_API_EXPLICIT_START", + "value": "true", + "value_from": null + }, + { + "name": "DSE_MGMT_EXPLICIT_START", + "value": "true", + "value_from": null + } + ], + "env_from": null, + "image": "k8ssandra/cass-management-api:3.11.7", + "image_pull_policy": "IfNotPresent", + "lifecycle": { + "post_start": null, + "pre_stop": { + "_exec": { + "command": [ + "wget", + "--output-document", + "/dev/null", + "--no-check-certificate", + "--post-data=''", + "http://localhost:8080/api/v0/ops/node/drain" + ] + }, + "http_get": null, + "tcp_socket": null + } + }, + "liveness_probe": { + "_exec": null, + "failure_threshold": 3, + "grpc": null, + "http_get": { + "host": null, + "http_headers": null, + "path": "/api/v0/probes/liveness", + "port": 8080, + "scheme": "HTTP" + }, + "initial_delay_seconds": 15, + "period_seconds": 15, + "success_threshold": 1, + "tcp_socket": null, + "termination_grace_period_seconds": null, + "timeout_seconds": 1 + }, + "name": "cassandra", + "ports": [ + { + "container_port": 9042, + "host_ip": null, + "host_port": null, + "name": "native", + "protocol": "TCP" + }, + { + "container_port": 9142, + "host_ip": null, + "host_port": null, + "name": "tls-native", + "protocol": "TCP" + }, + { + "container_port": 7000, + "host_ip": null, + "host_port": null, + "name": "internode", + "protocol": "TCP" + }, + { + "container_port": 7001, + "host_ip": null, + "host_port": null, + "name": "tls-internode", + "protocol": "TCP" + }, + { + "container_port": 7199, + "host_ip": null, + "host_port": null, + "name": "jmx", + "protocol": "TCP" + }, + { + "container_port": 8080, + "host_ip": null, + "host_port": null, + "name": "mgmt-api-http", + "protocol": "TCP" + }, + { + "container_port": 9103, + "host_ip": null, + "host_port": null, + "name": "prometheus", + "protocol": "TCP" + }, + { + "container_port": 9160, + "host_ip": null, + "host_port": null, + "name": "thrift", + "protocol": "TCP" + } + ], + "readiness_probe": { + "_exec": null, + "failure_threshold": 3, + "grpc": null, + "http_get": { + "host": null, + "http_headers": null, + "path": "/api/v0/probes/readiness", + "port": 8080, + "scheme": "HTTP" + }, + "initial_delay_seconds": 20, + "period_seconds": 10, + "success_threshold": 1, + "tcp_socket": null, + "termination_grace_period_seconds": null, + "timeout_seconds": 1 + }, + "resources": { + "claims": null, + "limits": null, + "requests": null + }, + "security_context": null, + "startup_probe": null, + "stdin": null, + "stdin_once": null, + "termination_message_path": "/dev/termination-log", + "termination_message_policy": "File", + "tty": null, + "volume_devices": null, + "volume_mounts": [ + { + "mount_path": "/var/log/cassandra", + "mount_propagation": null, + "name": "server-logs", + "read_only": null, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/var/lib/cassandra", + "mount_propagation": null, + "name": "server-data", + "read_only": null, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/etc/encryption/", + "mount_propagation": null, + "name": "encryption-cred-storage", + "read_only": null, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/config", + "mount_propagation": null, + "name": "server-config", + "read_only": null, + "sub_path": null, + "sub_path_expr": null + } + ], + "working_dir": null + }, + { + "args": null, + "command": null, + "env": null, + "env_from": null, + "image": "k8ssandra/system-logger:v1.10.3", + "image_pull_policy": "IfNotPresent", + "lifecycle": null, + "liveness_probe": null, + "name": "server-system-logger", + "ports": null, + "readiness_probe": null, + "resources": { + "claims": null, + "limits": { + "cpu": "100m", + "memory": "64M" + }, + "requests": { + "cpu": "100m", + "memory": "64M" + } + }, + "security_context": null, + "startup_probe": null, + "stdin": null, + "stdin_once": null, + "termination_message_path": "/dev/termination-log", + "termination_message_policy": "File", + "tty": null, + "volume_devices": null, + "volume_mounts": [ + { + "mount_path": "/var/log/cassandra", + "mount_propagation": null, + "name": "server-logs", + "read_only": null, + "sub_path": null, + "sub_path_expr": null + } + ], + "working_dir": null + } + ], + "dns_config": null, + "dns_policy": "ClusterFirst", + "enable_service_links": null, + "ephemeral_containers": null, + "host_aliases": null, + "host_ipc": null, + "host_network": null, + "host_pid": null, + "host_users": null, + "hostname": null, + "image_pull_secrets": null, + "init_containers": [ + { + "args": null, + "command": null, + "env": [ + { + "name": "POD_IP", + "value": null, + "value_from": { + "config_map_key_ref": null, + "field_ref": { + "api_version": "v1", + "field_path": "status.podIP" + }, + "resource_field_ref": null, + "secret_key_ref": null + } + }, + { + "name": "HOST_IP", + "value": null, + "value_from": { + "config_map_key_ref": null, + "field_ref": { + "api_version": "v1", + "field_path": "status.hostIP" + }, + "resource_field_ref": null, + "secret_key_ref": null + } + }, + { + "name": "USE_HOST_IP_FOR_BROADCAST", + "value": "false", + "value_from": null + }, + { + "name": "RACK_NAME", + "value": "default", + "value_from": null + }, + { + "name": "PRODUCT_VERSION", + "value": "3.11.7", + "value_from": null + }, + { + "name": "PRODUCT_NAME", + "value": "cassandra", + "value_from": null + }, + { + "name": "DSE_VERSION", + "value": "3.11.7", + "value_from": null + }, + { + "name": "CONFIG_FILE_DATA", + "value": "{\"cassandra-yaml\":{\"authenticator\":\"org.apache.cassandra.auth.PasswordAuthenticator\",\"authorizer\":\"org.apache.cassandra.auth.CassandraAuthorizer\",\"role_manager\":\"org.apache.cassandra.auth.CassandraRoleManager\"},\"cluster-info\":{\"name\":\"cluster1\",\"seeds\":\"cluster1-seed-service,cluster1-test-cluster-additional-seed-service\"},\"datacenter-info\":{\"graph-enabled\":0,\"name\":\"test-cluster\",\"solr-enabled\":0,\"spark-enabled\":0},\"jvm-options\":{\"initial_heap_size\":\"800M\",\"max_heap_size\":\"800M\"}}", + "value_from": null + } + ], + "env_from": null, + "image": "datastax/cass-config-builder:1.0.4-ubi7", + "image_pull_policy": "IfNotPresent", + "lifecycle": null, + "liveness_probe": null, + "name": "server-config-init", + "ports": null, + "readiness_probe": null, + "resources": { + "claims": null, + "limits": { + "cpu": "1", + "memory": "256M" + }, + "requests": { + "cpu": "1", + "memory": "256M" + } + }, + "security_context": null, + "startup_probe": null, + "stdin": null, + "stdin_once": null, + "termination_message_path": "/dev/termination-log", + "termination_message_policy": "File", + "tty": null, + "volume_devices": null, + "volume_mounts": [ + { + "mount_path": "/config", + "mount_propagation": null, + "name": "server-config", + "read_only": null, + "sub_path": null, + "sub_path_expr": null + } + ], + "working_dir": null + } + ], + "node_name": null, + "node_selector": null, + "os": null, + "overhead": null, + "preemption_policy": null, + "priority": null, + "priority_class_name": null, + "readiness_gates": null, + "resource_claims": null, + "restart_policy": "Always", + "runtime_class_name": null, + "scheduler_name": "default-scheduler", + "scheduling_gates": null, + "security_context": { + "fs_group": 999, + "fs_group_change_policy": null, + "run_as_group": 999, + "run_as_non_root": null, + "run_as_user": 999, + "se_linux_options": null, + "seccomp_profile": null, + "supplemental_groups": null, + "sysctls": null, + "windows_options": null + }, + "service_account": "default", + "service_account_name": "default", + "set_hostname_as_fqdn": null, + "share_process_namespace": null, + "subdomain": null, + "termination_grace_period_seconds": 120, + "tolerations": null, + "topology_spread_constraints": null, + "volumes": [ + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": null, + "empty_dir": { + "medium": null, + "size_limit": null + }, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "server-config", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": null, + "empty_dir": { + "medium": null, + "size_limit": null + }, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "server-logs", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "encryption-cred-storage", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": { + "default_mode": 420, + "items": null, + "optional": null, + "secret_name": "test-cluster-keystore" + }, + "storageos": null, + "vsphere_volume": null + } + ] + } + }, + "update_strategy": { + "rolling_update": { + "max_unavailable": null, + "partition": 0 + }, + "type": "RollingUpdate" + }, + "volume_claim_templates": [ + { + "api_version": "v1", + "kind": "PersistentVolumeClaim", + "metadata": { + "annotations": null, + "creation_timestamp": null, + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": { + "app.kubernetes.io/instance": "cassandra-cluster1", + "app.kubernetes.io/managed-by": "cass-operator", + "app.kubernetes.io/name": "cassandra", + "app.kubernetes.io/version": "3.11.7", + "cassandra.datastax.com/cluster": "cluster1", + "cassandra.datastax.com/datacenter": "test-cluster", + "cassandra.datastax.com/rack": "default" + }, + "managed_fields": null, + "name": "server-data", + "namespace": null, + "owner_references": null, + "resource_version": null, + "self_link": null, + "uid": null + }, + "spec": { + "access_modes": [ + "ReadWriteOnce" + ], + "data_source": null, + "data_source_ref": null, + "resources": { + "claims": null, + "limits": null, + "requests": { + "storage": "3Gi" + } + }, + "selector": null, + "storage_class_name": "server-storage", + "volume_mode": "Filesystem", + "volume_name": null + }, + "status": { + "access_modes": null, + "allocated_resources": null, + "capacity": null, + "conditions": null, + "phase": "Pending", + "resize_status": null + } + } + ] + }, + "status": { + "available_replicas": 3, + "collision_count": 0, + "conditions": null, + "current_replicas": 3, + "current_revision": "cluster1-test-cluster-default-sts-5d8d5c84f4", + "observed_generation": 1, + "ready_replicas": 3, + "replicas": 3, + "update_revision": "cluster1-test-cluster-default-sts-5d8d5c84f4", + "updated_replicas": 3 + } + } + }, + "deployment": { + "cass-operator-controller-manager": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": { + "deployment.kubernetes.io/revision": "2" + }, + "creation_timestamp": "2024-02-26T19:32:48+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": 2, + "labels": { + "acto/tag": "operator-deployment", + "control-plane": "controller-manager" + }, + "managed_fields": [ + { + "api_version": "apps/v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:labels": { + "f:control-plane": {} + } + }, + "f:spec": { + "f:replicas": {}, + "f:selector": {}, + "f:template": { + "f:metadata": { + "f:labels": { + "f:control-plane": {}, + "f:name": {} + } + }, + "f:spec": { + "f:containers": { + "k:{\"name\":\"manager\"}": { + ".": {}, + "f:args": {}, + "f:command": {}, + "f:env": { + "k:{\"name\":\"WATCH_NAMESPACE\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + } + }, + "f:image": {}, + "f:imagePullPolicy": {}, + "f:livenessProbe": { + "f:httpGet": { + "f:path": {}, + "f:port": {} + }, + "f:initialDelaySeconds": {}, + "f:periodSeconds": {} + }, + "f:name": {}, + "f:ports": { + "k:{\"containerPort\":9443,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + } + }, + "f:readinessProbe": { + "f:httpGet": { + "f:path": {}, + "f:port": {} + }, + "f:initialDelaySeconds": {}, + "f:periodSeconds": {} + }, + "f:resources": { + "f:limits": { + "f:cpu": {}, + "f:memory": {} + }, + "f:requests": { + "f:cpu": {}, + "f:memory": {} + } + }, + "f:securityContext": { + "f:allowPrivilegeEscalation": {} + }, + "f:volumeMounts": { + "k:{\"mountPath\":\"/configs\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {} + }, + "k:{\"mountPath\":\"/tmp/k8s-webhook-server/serving-certs\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {}, + "f:readOnly": {} + } + } + } + }, + "f:securityContext": { + "f:runAsNonRoot": {} + }, + "f:serviceAccountName": {}, + "f:terminationGracePeriodSeconds": {}, + "f:volumes": { + "k:{\"name\":\"cert\"}": { + ".": {}, + "f:name": {}, + "f:secret": { + "f:defaultMode": {}, + "f:secretName": {} + } + }, + "k:{\"name\":\"manager-config\"}": { + ".": {}, + "f:configMap": { + "f:name": {} + }, + "f:name": {} + } + } + } + } + } + }, + "manager": "kubectl", + "operation": "Apply", + "subresource": null, + "time": "2024-02-26T19:32:48+00:00" + }, + { + "api_version": "apps/v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:labels": { + "f:acto/tag": {} + } + }, + "f:spec": { + "f:template": { + "f:metadata": { + "f:labels": { + "f:acto/tag": {} + } + } + } + } + }, + "manager": "OpenAPI-Generator", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:32:59+00:00" + }, + { + "api_version": "apps/v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + ".": {}, + "f:deployment.kubernetes.io/revision": {} + } + }, + "f:status": { + "f:availableReplicas": {}, + "f:conditions": { + ".": {}, + "k:{\"type\":\"Available\"}": { + ".": {}, + "f:lastTransitionTime": {}, + "f:lastUpdateTime": {}, + "f:message": {}, + "f:reason": {}, + "f:status": {}, + "f:type": {} + }, + "k:{\"type\":\"Progressing\"}": { + ".": {}, + "f:lastTransitionTime": {}, + "f:lastUpdateTime": {}, + "f:message": {}, + "f:reason": {}, + "f:status": {}, + "f:type": {} + } + }, + "f:observedGeneration": {}, + "f:readyReplicas": {}, + "f:replicas": {}, + "f:updatedReplicas": {} + } + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": "status", + "time": "2024-02-26T19:33:09+00:00" + } + ], + "name": "cass-operator-controller-manager", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1124", + "self_link": null, + "uid": "df3d20c7-d213-4071-8f88-541e84b55bd6" + }, + "spec": { + "min_ready_seconds": null, + "paused": null, + "progress_deadline_seconds": 600, + "replicas": 1, + "revision_history_limit": 10, + "selector": { + "match_expressions": null, + "match_labels": { + "control-plane": "controller-manager", + "name": "cass-operator" + } + }, + "strategy": { + "rolling_update": { + "max_surge": "25%", + "max_unavailable": "25%" + }, + "type": "RollingUpdate" + }, + "template": { + "metadata": { + "annotations": null, + "creation_timestamp": null, + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": { + "acto/tag": "operator-pod", + "control-plane": "controller-manager", + "name": "cass-operator" + }, + "managed_fields": null, + "name": null, + "namespace": null, + "owner_references": null, + "resource_version": null, + "self_link": null, + "uid": null + }, + "spec": { + "active_deadline_seconds": null, + "affinity": null, + "automount_service_account_token": null, + "containers": [ + { + "args": [ + "--config=/configs/controller_manager_config.yaml" + ], + "command": [ + "/manager" + ], + "env": [ + { + "name": "WATCH_NAMESPACE", + "value": null, + "value_from": null + } + ], + "env_from": null, + "image": "k8ssandra/cass-operator:v1.10.3", + "image_pull_policy": "IfNotPresent", + "lifecycle": null, + "liveness_probe": { + "_exec": null, + "failure_threshold": 3, + "grpc": null, + "http_get": { + "host": null, + "http_headers": null, + "path": "/healthz", + "port": 8081, + "scheme": "HTTP" + }, + "initial_delay_seconds": 15, + "period_seconds": 20, + "success_threshold": 1, + "tcp_socket": null, + "termination_grace_period_seconds": null, + "timeout_seconds": 1 + }, + "name": "manager", + "ports": [ + { + "container_port": 9443, + "host_ip": null, + "host_port": null, + "name": "webhook-server", + "protocol": "TCP" + } + ], + "readiness_probe": { + "_exec": null, + "failure_threshold": 3, + "grpc": null, + "http_get": { + "host": null, + "http_headers": null, + "path": "/readyz", + "port": 8081, + "scheme": "HTTP" + }, + "initial_delay_seconds": 5, + "period_seconds": 10, + "success_threshold": 1, + "tcp_socket": null, + "termination_grace_period_seconds": null, + "timeout_seconds": 1 + }, + "resources": { + "claims": null, + "limits": { + "cpu": "200m", + "memory": "100Mi" + }, + "requests": { + "cpu": "100m", + "memory": "20Mi" + } + }, + "security_context": { + "allow_privilege_escalation": false, + "capabilities": null, + "privileged": null, + "proc_mount": null, + "read_only_root_filesystem": null, + "run_as_group": null, + "run_as_non_root": null, + "run_as_user": null, + "se_linux_options": null, + "seccomp_profile": null, + "windows_options": null + }, + "startup_probe": null, + "stdin": null, + "stdin_once": null, + "termination_message_path": "/dev/termination-log", + "termination_message_policy": "File", + "tty": null, + "volume_devices": null, + "volume_mounts": [ + { + "mount_path": "/tmp/k8s-webhook-server/serving-certs", + "mount_propagation": null, + "name": "cert", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/configs", + "mount_propagation": null, + "name": "manager-config", + "read_only": null, + "sub_path": null, + "sub_path_expr": null + } + ], + "working_dir": null + } + ], + "dns_config": null, + "dns_policy": "ClusterFirst", + "enable_service_links": null, + "ephemeral_containers": null, + "host_aliases": null, + "host_ipc": null, + "host_network": null, + "host_pid": null, + "host_users": null, + "hostname": null, + "image_pull_secrets": null, + "init_containers": null, + "node_name": null, + "node_selector": null, + "os": null, + "overhead": null, + "preemption_policy": null, + "priority": null, + "priority_class_name": null, + "readiness_gates": null, + "resource_claims": null, + "restart_policy": "Always", + "runtime_class_name": null, + "scheduler_name": "default-scheduler", + "scheduling_gates": null, + "security_context": { + "fs_group": null, + "fs_group_change_policy": null, + "run_as_group": null, + "run_as_non_root": true, + "run_as_user": null, + "se_linux_options": null, + "seccomp_profile": null, + "supplemental_groups": null, + "sysctls": null, + "windows_options": null + }, + "service_account": "cass-operator-controller-manager", + "service_account_name": "cass-operator-controller-manager", + "set_hostname_as_fqdn": null, + "share_process_namespace": null, + "subdomain": null, + "termination_grace_period_seconds": 10, + "tolerations": null, + "topology_spread_constraints": null, + "volumes": [ + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "cert", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": { + "default_mode": 420, + "items": null, + "optional": null, + "secret_name": "webhook-server-cert" + }, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": { + "default_mode": 420, + "items": null, + "name": "cass-operator-manager-config", + "optional": null + }, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "manager-config", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + } + ] + } + } + }, + "status": { + "available_replicas": 1, + "collision_count": null, + "conditions": [ + { + "last_transition_time": "2024-02-26T19:32:59+00:00", + "last_update_time": "2024-02-26T19:32:59+00:00", + "message": "Deployment has minimum availability.", + "reason": "MinimumReplicasAvailable", + "status": "True", + "type": "Available" + }, + { + "last_transition_time": "2024-02-26T19:32:48+00:00", + "last_update_time": "2024-02-26T19:33:09+00:00", + "message": "ReplicaSet \"cass-operator-controller-manager-7f9b66678b\" has successfully progressed.", + "reason": "NewReplicaSetAvailable", + "status": "True", + "type": "Progressing" + } + ], + "observed_generation": 2, + "ready_replicas": 1, + "replicas": 1, + "unavailable_replicas": null, + "updated_replicas": 1 + } + } + }, + "daemon_set": {}, + "config_map": { + "b569adb7.cassandra.datastax.com": { + "api_version": null, + "binary_data": null, + "data": null, + "immutable": null, + "kind": null, + "metadata": { + "annotations": { + "control-plane.alpha.kubernetes.io/leader": "{\"holderIdentity\":\"cass-operator-controller-manager-7f9b66678b-z6j64_6c9b4450-3b5f-46e2-b713-650dfa0b8f7f\",\"leaseDurationSeconds\":15,\"acquireTime\":\"2024-02-26T19:33:24Z\",\"renewTime\":\"2024-02-26T19:38:15Z\",\"leaderTransitions\":1}" + }, + "creation_timestamp": "2024-02-26T19:32:50+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + ".": {}, + "f:control-plane.alpha.kubernetes.io/leader": {} + } + } + }, + "manager": "manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:32:50+00:00" + } + ], + "name": "b569adb7.cassandra.datastax.com", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "2412", + "self_link": null, + "uid": "addfb43f-462e-43d9-8c36-adfb859f3c69" + } + }, + "cass-operator-manager-config": { + "api_version": null, + "binary_data": null, + "data": { + "controller_manager_config.yaml": "apiVersion: config.k8ssandra.io/v1beta1\nkind: OperatorConfig\nmetadata:\n name: operator-config\nhealth:\n healthProbeBindAddress: :8081\nmetrics:\n bindAddress: 127.0.0.1:8080\nwebhook:\n port: 9443\nleaderElection:\n leaderElect: true\n resourceName: b569adb7.cassandra.datastax.com\ndisableWebhooks: false\nimageConfigFile: /configs/image_config.yaml\n", + "image_config.yaml": "apiVersion: config.k8ssandra.io/v1beta1\nkind: ImageConfig\nmetadata:\n name: image-config\nimages:\n system-logger: \"k8ssandra/system-logger:v1.10.3\"\n config-builder: \"datastax/cass-config-builder:1.0.4-ubi7\"\n # cassandra:\n # \"4.0.0\": \"k8ssandra/cassandra-ubi:latest\"\n # dse:\n # \"6.8.999\": \"datastax/dse-server-prototype:latest\"\n# imageRegistry: \"localhost:5000\"\n# imagePullPolicy: IfNotPresent\n# imagePullSecret:\n# name: my-secret-pull-registry\ndefaults:\n # Note, postfix is ignored if repository is not set\n cassandra:\n repository: \"k8ssandra/cass-management-api\"\n dse:\n repository: \"datastax/dse-server\"\n suffix: \"-ubi7\"\n" + }, + "immutable": null, + "kind": null, + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:32:48+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:data": { + "f:controller_manager_config.yaml": {}, + "f:image_config.yaml": {} + } + }, + "manager": "kubectl", + "operation": "Apply", + "subresource": null, + "time": "2024-02-26T19:32:48+00:00" + } + ], + "name": "cass-operator-manager-config", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "961", + "self_link": null, + "uid": "73e2ba7c-3170-4578-a873-ada31f5f89bd" + } + }, + "kube-root-ca.crt": { + "api_version": null, + "binary_data": null, + "data": { + "ca.crt": "-----BEGIN CERTIFICATE-----\nMIIC/jCCAeagAwIBAgIBADANBgkqhkiG9w0BAQsFADAVMRMwEQYDVQQDEwprdWJl\ncm5ldGVzMB4XDTI0MDIyNjE5MzEyNVoXDTM0MDIyMzE5MzEyNVowFTETMBEGA1UE\nAxMKa3ViZXJuZXRlczCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMmH\nFaWb2Wjn7HoSYrErkc76xYf8Iz5XjB4005cdOSVc8bovTzFpQwmV7B09zUpq6nOq\nTNk86Zfrth8KyS1crMrlNhOkOZYeGPT2L8NMO9V/XrgaRv8cEWZjeMRpWlNdwVtJ\nrK+CQF/e4vMbv17zjT5DeSXJtYpY87TWY69RH4cJFnD93Y1BUSfPbSbtaAXLdH03\nPVTtFWm6H8NFzf+bw1hN1W+62DOWjZ7YbR3aJqyyle26Qz35VocYnRo705lZKPwO\nt5XnwmnIE6sMwngJutGipU8/v/OG8SsvoOgfLU8sSeuatXV6q/UzvAv0x0X7b6BH\nvEPkLge3JISAylxOu+0CAwEAAaNZMFcwDgYDVR0PAQH/BAQDAgKkMA8GA1UdEwEB\n/wQFMAMBAf8wHQYDVR0OBBYEFBn5yq8hFn3wVwtApoqJ9eQF1zPpMBUGA1UdEQQO\nMAyCCmt1YmVybmV0ZXMwDQYJKoZIhvcNAQELBQADggEBABrIGLIeWKkQrHtRF/lJ\nUqLBDKSkOOdHlAXfYJNM3LgYEoNBV1hvt5Pte95QKpflyLBEqiaIeq1Qpw4OfH3x\nj1xsNULGk6Xjce8/UpG4xSfsJ7xntFzg22pEZKuAF1FGOOfZh5orla6UHk8Bg5+b\nXZeJzUGJSKfjVhlxf72udWFzvJdcG/sEUkvyX5Mlrph8tUyOpY/6LRAmDBrfokBk\nEA8DQjsL0IaIOoHP2eMVqIws8Biyptn6q047jjayTjn2ITN3Cd2yj9qGwlBaO6rE\nrtqStZSE+M7MNHsY4ha/Jgarg3VzafqRXCA2QVuc8iqke0v1ntnOzZz2RUmLY5UA\nGyM=\n-----END CERTIFICATE-----\n" + }, + "immutable": null, + "kind": null, + "metadata": { + "annotations": { + "kubernetes.io/description": "Contains a CA bundle that can be used to verify the kube-apiserver when using internal endpoints such as the internal service IP or kubernetes.default.svc. No other usage is guaranteed across distributions of Kubernetes clusters." + }, + "creation_timestamp": "2024-02-26T19:32:27+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:data": { + ".": {}, + "f:ca.crt": {} + }, + "f:metadata": { + "f:annotations": { + ".": {}, + "f:kubernetes.io/description": {} + } + } + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:32:27+00:00" + } + ], + "name": "kube-root-ca.crt", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "736", + "self_link": null, + "uid": "1d6934a6-c272-4b0d-971b-7b0d46c820f2" + } + } + }, + "service": { + "cass-operator-webhook-service": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:32:48+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:spec": { + "f:ports": { + "k:{\"port\":443,\"protocol\":\"TCP\"}": { + ".": {}, + "f:port": {}, + "f:targetPort": {} + } + }, + "f:selector": {} + } + }, + "manager": "kubectl", + "operation": "Apply", + "subresource": null, + "time": "2024-02-26T19:32:48+00:00" + } + ], + "name": "cass-operator-webhook-service", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "963", + "self_link": null, + "uid": "beeeef70-d867-461d-a10a-75213fde5788" + }, + "spec": { + "allocate_load_balancer_node_ports": null, + "cluster_ip": "10.96.2.224", + "cluster_i_ps": [ + "10.96.2.224" + ], + "external_i_ps": null, + "external_name": null, + "external_traffic_policy": null, + "health_check_node_port": null, + "internal_traffic_policy": "Cluster", + "ip_families": [ + "IPv4" + ], + "ip_family_policy": "SingleStack", + "load_balancer_class": null, + "load_balancer_ip": null, + "load_balancer_source_ranges": null, + "ports": [ + { + "app_protocol": null, + "name": null, + "node_port": null, + "port": 443, + "protocol": "TCP", + "target_port": 9443 + } + ], + "publish_not_ready_addresses": null, + "selector": { + "control-plane": "controller-manager" + }, + "session_affinity": "None", + "session_affinity_config": null, + "type": "ClusterIP" + }, + "status": { + "conditions": null, + "load_balancer": { + "ingress": null + } + } + }, + "cluster1-seed-service": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": { + "cassandra.datastax.com/resource-hash": "2w8oZMRjOchCUBFmmFQdqzZA+EtwqcC76HPC6uTI84I=" + }, + "creation_timestamp": "2024-02-26T19:33:30+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": { + "ACTOKEY": "ACTOKEY", + "app.kubernetes.io/instance": "cassandra-cluster1", + "app.kubernetes.io/managed-by": "cass-operator", + "app.kubernetes.io/name": "cassandra", + "app.kubernetes.io/version": "3.11.7", + "cassandra.datastax.com/cluster": "cluster1" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + ".": {}, + "f:cassandra.datastax.com/resource-hash": {} + }, + "f:labels": { + ".": {}, + "f:ACTOKEY": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {}, + "f:app.kubernetes.io/version": {}, + "f:cassandra.datastax.com/cluster": {} + }, + "f:ownerReferences": { + ".": {}, + "k:{\"uid\":\"9b81ee5e-f473-4cc4-8eba-88b9581a973d\"}": {} + } + }, + "f:spec": { + "f:clusterIP": {}, + "f:internalTrafficPolicy": {}, + "f:publishNotReadyAddresses": {}, + "f:selector": {}, + "f:sessionAffinity": {}, + "f:type": {} + } + }, + "manager": "manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:37:15+00:00" + } + ], + "name": "cluster1-seed-service", + "namespace": "cass-operator", + "owner_references": [ + { + "api_version": "cassandra.datastax.com/v1beta1", + "block_owner_deletion": true, + "controller": true, + "kind": "CassandraDatacenter", + "name": "test-cluster", + "uid": "9b81ee5e-f473-4cc4-8eba-88b9581a973d" + } + ], + "resource_version": "2204", + "self_link": null, + "uid": "00b0d2fa-310d-439b-b427-39b249a2177b" + }, + "spec": { + "allocate_load_balancer_node_ports": null, + "cluster_ip": "None", + "cluster_i_ps": [ + "None" + ], + "external_i_ps": null, + "external_name": null, + "external_traffic_policy": null, + "health_check_node_port": null, + "internal_traffic_policy": "Cluster", + "ip_families": [ + "IPv4" + ], + "ip_family_policy": "SingleStack", + "load_balancer_class": null, + "load_balancer_ip": null, + "load_balancer_source_ranges": null, + "ports": null, + "publish_not_ready_addresses": true, + "selector": { + "cassandra.datastax.com/cluster": "cluster1", + "cassandra.datastax.com/seed-node": "true" + }, + "session_affinity": "None", + "session_affinity_config": null, + "type": "ClusterIP" + }, + "status": { + "conditions": null, + "load_balancer": { + "ingress": null + } + } + }, + "cluster1-test-cluster-additional-seed-service": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": { + "cassandra.datastax.com/resource-hash": "08fmY5i8j4N9Ih3XJefcPdJzIhMSZRLxdHMt09popds=" + }, + "creation_timestamp": "2024-02-26T19:33:30+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": { + "app.kubernetes.io/instance": "cassandra-cluster1", + "app.kubernetes.io/managed-by": "cass-operator", + "app.kubernetes.io/name": "cassandra", + "app.kubernetes.io/version": "3.11.7", + "cassandra.datastax.com/cluster": "cluster1", + "cassandra.datastax.com/datacenter": "test-cluster" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + ".": {}, + "f:cassandra.datastax.com/resource-hash": {} + }, + "f:labels": { + ".": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {}, + "f:app.kubernetes.io/version": {}, + "f:cassandra.datastax.com/cluster": {}, + "f:cassandra.datastax.com/datacenter": {} + }, + "f:ownerReferences": { + ".": {}, + "k:{\"uid\":\"9b81ee5e-f473-4cc4-8eba-88b9581a973d\"}": {} + } + }, + "f:spec": { + "f:clusterIP": {}, + "f:internalTrafficPolicy": {}, + "f:publishNotReadyAddresses": {}, + "f:sessionAffinity": {}, + "f:type": {} + } + }, + "manager": "manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:30+00:00" + } + ], + "name": "cluster1-test-cluster-additional-seed-service", + "namespace": "cass-operator", + "owner_references": [ + { + "api_version": "cassandra.datastax.com/v1beta1", + "block_owner_deletion": true, + "controller": true, + "kind": "CassandraDatacenter", + "name": "test-cluster", + "uid": "9b81ee5e-f473-4cc4-8eba-88b9581a973d" + } + ], + "resource_version": "1197", + "self_link": null, + "uid": "13e486e8-b4af-4e5d-8069-8627f88868ea" + }, + "spec": { + "allocate_load_balancer_node_ports": null, + "cluster_ip": "None", + "cluster_i_ps": [ + "None" + ], + "external_i_ps": null, + "external_name": null, + "external_traffic_policy": null, + "health_check_node_port": null, + "internal_traffic_policy": "Cluster", + "ip_families": [ + "IPv4", + "IPv6" + ], + "ip_family_policy": "RequireDualStack", + "load_balancer_class": null, + "load_balancer_ip": null, + "load_balancer_source_ranges": null, + "ports": null, + "publish_not_ready_addresses": true, + "selector": null, + "session_affinity": "None", + "session_affinity_config": null, + "type": "ClusterIP" + }, + "status": { + "conditions": null, + "load_balancer": { + "ingress": null + } + } + }, + "cluster1-test-cluster-all-pods-service": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": { + "cassandra.datastax.com/resource-hash": "KfxzJFWkJsi0aVju584rMKEgw1NQw25q/4PPXeWb4mw=" + }, + "creation_timestamp": "2024-02-26T19:33:30+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": { + "app.kubernetes.io/instance": "cassandra-cluster1", + "app.kubernetes.io/managed-by": "cass-operator", + "app.kubernetes.io/name": "cassandra", + "app.kubernetes.io/version": "3.11.7", + "cassandra.datastax.com/cluster": "cluster1", + "cassandra.datastax.com/datacenter": "test-cluster", + "cassandra.datastax.com/prom-metrics": "true" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + ".": {}, + "f:cassandra.datastax.com/resource-hash": {} + }, + "f:labels": { + ".": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {}, + "f:app.kubernetes.io/version": {}, + "f:cassandra.datastax.com/cluster": {}, + "f:cassandra.datastax.com/datacenter": {}, + "f:cassandra.datastax.com/prom-metrics": {} + }, + "f:ownerReferences": { + ".": {}, + "k:{\"uid\":\"9b81ee5e-f473-4cc4-8eba-88b9581a973d\"}": {} + } + }, + "f:spec": { + "f:clusterIP": {}, + "f:internalTrafficPolicy": {}, + "f:ports": { + ".": {}, + "k:{\"port\":8080,\"protocol\":\"TCP\"}": { + ".": {}, + "f:name": {}, + "f:port": {}, + "f:protocol": {}, + "f:targetPort": {} + }, + "k:{\"port\":9042,\"protocol\":\"TCP\"}": { + ".": {}, + "f:name": {}, + "f:port": {}, + "f:protocol": {}, + "f:targetPort": {} + }, + "k:{\"port\":9103,\"protocol\":\"TCP\"}": { + ".": {}, + "f:name": {}, + "f:port": {}, + "f:protocol": {}, + "f:targetPort": {} + } + }, + "f:publishNotReadyAddresses": {}, + "f:selector": {}, + "f:sessionAffinity": {}, + "f:type": {} + } + }, + "manager": "manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:30+00:00" + } + ], + "name": "cluster1-test-cluster-all-pods-service", + "namespace": "cass-operator", + "owner_references": [ + { + "api_version": "cassandra.datastax.com/v1beta1", + "block_owner_deletion": true, + "controller": true, + "kind": "CassandraDatacenter", + "name": "test-cluster", + "uid": "9b81ee5e-f473-4cc4-8eba-88b9581a973d" + } + ], + "resource_version": "1193", + "self_link": null, + "uid": "358ff370-5a9c-409a-8ad4-6cb19ee410a9" + }, + "spec": { + "allocate_load_balancer_node_ports": null, + "cluster_ip": "None", + "cluster_i_ps": [ + "None" + ], + "external_i_ps": null, + "external_name": null, + "external_traffic_policy": null, + "health_check_node_port": null, + "internal_traffic_policy": "Cluster", + "ip_families": [ + "IPv4" + ], + "ip_family_policy": "SingleStack", + "load_balancer_class": null, + "load_balancer_ip": null, + "load_balancer_source_ranges": null, + "ports": [ + { + "app_protocol": null, + "name": "native", + "node_port": null, + "port": 9042, + "protocol": "TCP", + "target_port": 9042 + }, + { + "app_protocol": null, + "name": "mgmt-api", + "node_port": null, + "port": 8080, + "protocol": "TCP", + "target_port": 8080 + }, + { + "app_protocol": null, + "name": "prometheus", + "node_port": null, + "port": 9103, + "protocol": "TCP", + "target_port": 9103 + } + ], + "publish_not_ready_addresses": true, + "selector": { + "cassandra.datastax.com/cluster": "cluster1", + "cassandra.datastax.com/datacenter": "test-cluster" + }, + "session_affinity": "None", + "session_affinity_config": null, + "type": "ClusterIP" + }, + "status": { + "conditions": null, + "load_balancer": { + "ingress": null + } + } + }, + "cluster1-test-cluster-service": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": { + "cassandra.datastax.com/resource-hash": "veMcfmIxEezVk0s29xOumZv+nuuRE+2udQuOxKrwNAs=" + }, + "creation_timestamp": "2024-02-26T19:33:30+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": { + "app.kubernetes.io/instance": "cassandra-cluster1", + "app.kubernetes.io/managed-by": "cass-operator", + "app.kubernetes.io/name": "cassandra", + "app.kubernetes.io/version": "3.11.7", + "cassandra.datastax.com/cluster": "cluster1", + "cassandra.datastax.com/datacenter": "test-cluster" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + ".": {}, + "f:cassandra.datastax.com/resource-hash": {} + }, + "f:labels": { + ".": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {}, + "f:app.kubernetes.io/version": {}, + "f:cassandra.datastax.com/cluster": {}, + "f:cassandra.datastax.com/datacenter": {} + }, + "f:ownerReferences": { + ".": {}, + "k:{\"uid\":\"9b81ee5e-f473-4cc4-8eba-88b9581a973d\"}": {} + } + }, + "f:spec": { + "f:clusterIP": {}, + "f:internalTrafficPolicy": {}, + "f:ports": { + ".": {}, + "k:{\"port\":8080,\"protocol\":\"TCP\"}": { + ".": {}, + "f:name": {}, + "f:port": {}, + "f:protocol": {}, + "f:targetPort": {} + }, + "k:{\"port\":9042,\"protocol\":\"TCP\"}": { + ".": {}, + "f:name": {}, + "f:port": {}, + "f:protocol": {}, + "f:targetPort": {} + }, + "k:{\"port\":9103,\"protocol\":\"TCP\"}": { + ".": {}, + "f:name": {}, + "f:port": {}, + "f:protocol": {}, + "f:targetPort": {} + }, + "k:{\"port\":9142,\"protocol\":\"TCP\"}": { + ".": {}, + "f:name": {}, + "f:port": {}, + "f:protocol": {}, + "f:targetPort": {} + }, + "k:{\"port\":9160,\"protocol\":\"TCP\"}": { + ".": {}, + "f:name": {}, + "f:port": {}, + "f:protocol": {}, + "f:targetPort": {} + } + }, + "f:selector": {}, + "f:sessionAffinity": {}, + "f:type": {} + } + }, + "manager": "manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:30+00:00" + } + ], + "name": "cluster1-test-cluster-service", + "namespace": "cass-operator", + "owner_references": [ + { + "api_version": "cassandra.datastax.com/v1beta1", + "block_owner_deletion": true, + "controller": true, + "kind": "CassandraDatacenter", + "name": "test-cluster", + "uid": "9b81ee5e-f473-4cc4-8eba-88b9581a973d" + } + ], + "resource_version": "1190", + "self_link": null, + "uid": "f7afd0c2-64c1-442a-88c2-f903a0e22824" + }, + "spec": { + "allocate_load_balancer_node_ports": null, + "cluster_ip": "None", + "cluster_i_ps": [ + "None" + ], + "external_i_ps": null, + "external_name": null, + "external_traffic_policy": null, + "health_check_node_port": null, + "internal_traffic_policy": "Cluster", + "ip_families": [ + "IPv4" + ], + "ip_family_policy": "SingleStack", + "load_balancer_class": null, + "load_balancer_ip": null, + "load_balancer_source_ranges": null, + "ports": [ + { + "app_protocol": null, + "name": "native", + "node_port": null, + "port": 9042, + "protocol": "TCP", + "target_port": 9042 + }, + { + "app_protocol": null, + "name": "tls-native", + "node_port": null, + "port": 9142, + "protocol": "TCP", + "target_port": 9142 + }, + { + "app_protocol": null, + "name": "mgmt-api", + "node_port": null, + "port": 8080, + "protocol": "TCP", + "target_port": 8080 + }, + { + "app_protocol": null, + "name": "prometheus", + "node_port": null, + "port": 9103, + "protocol": "TCP", + "target_port": 9103 + }, + { + "app_protocol": null, + "name": "thrift", + "node_port": null, + "port": 9160, + "protocol": "TCP", + "target_port": 9160 + } + ], + "publish_not_ready_addresses": null, + "selector": { + "cassandra.datastax.com/cluster": "cluster1", + "cassandra.datastax.com/datacenter": "test-cluster" + }, + "session_affinity": "None", + "session_affinity_config": null, + "type": "ClusterIP" + }, + "status": { + "conditions": null, + "load_balancer": { + "ingress": null + } + } + } + }, + "pvc": { + "server-data-cluster1-test-cluster-default-sts-0": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": { + "pv.kubernetes.io/bind-completed": "yes", + "pv.kubernetes.io/bound-by-controller": "yes", + "volume.beta.kubernetes.io/storage-provisioner": "rancher.io/local-path", + "volume.kubernetes.io/selected-node": "acto-0-cluster-0-worker2", + "volume.kubernetes.io/storage-provisioner": "rancher.io/local-path" + }, + "creation_timestamp": "2024-02-26T19:33:30+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": [ + "kubernetes.io/pvc-protection" + ], + "generate_name": null, + "generation": null, + "labels": { + "app.kubernetes.io/instance": "cassandra-cluster1", + "app.kubernetes.io/managed-by": "cass-operator", + "app.kubernetes.io/name": "cassandra", + "app.kubernetes.io/version": "3.11.7", + "cassandra.datastax.com/cluster": "cluster1", + "cassandra.datastax.com/datacenter": "test-cluster", + "cassandra.datastax.com/rack": "default" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + ".": {}, + "f:volume.kubernetes.io/selected-node": {} + } + } + }, + "manager": "kube-scheduler", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:30+00:00" + }, + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + "f:pv.kubernetes.io/bind-completed": {}, + "f:pv.kubernetes.io/bound-by-controller": {}, + "f:volume.beta.kubernetes.io/storage-provisioner": {}, + "f:volume.kubernetes.io/storage-provisioner": {} + }, + "f:labels": { + ".": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {}, + "f:app.kubernetes.io/version": {}, + "f:cassandra.datastax.com/cluster": {}, + "f:cassandra.datastax.com/datacenter": {}, + "f:cassandra.datastax.com/rack": {} + } + }, + "f:spec": { + "f:accessModes": {}, + "f:resources": { + "f:requests": { + ".": {}, + "f:storage": {} + } + }, + "f:storageClassName": {}, + "f:volumeMode": {}, + "f:volumeName": {} + } + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:32+00:00" + }, + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:status": { + "f:accessModes": {}, + "f:capacity": { + ".": {}, + "f:storage": {} + }, + "f:phase": {} + } + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": "status", + "time": "2024-02-26T19:33:32+00:00" + } + ], + "name": "server-data-cluster1-test-cluster-default-sts-0", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1283", + "self_link": null, + "uid": "b78a30f1-4bf6-43d3-9df5-d10275907d6f" + }, + "spec": { + "access_modes": [ + "ReadWriteOnce" + ], + "data_source": null, + "data_source_ref": null, + "resources": { + "claims": null, + "limits": null, + "requests": { + "storage": "3Gi" + } + }, + "selector": null, + "storage_class_name": "server-storage", + "volume_mode": "Filesystem", + "volume_name": "pvc-b78a30f1-4bf6-43d3-9df5-d10275907d6f" + }, + "status": { + "access_modes": [ + "ReadWriteOnce" + ], + "allocated_resources": null, + "capacity": { + "storage": "3Gi" + }, + "conditions": null, + "phase": "Bound", + "resize_status": null + } + }, + "server-data-cluster1-test-cluster-default-sts-1": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": { + "pv.kubernetes.io/bind-completed": "yes", + "pv.kubernetes.io/bound-by-controller": "yes", + "volume.beta.kubernetes.io/storage-provisioner": "rancher.io/local-path", + "volume.kubernetes.io/selected-node": "acto-0-cluster-0-worker", + "volume.kubernetes.io/storage-provisioner": "rancher.io/local-path" + }, + "creation_timestamp": "2024-02-26T19:33:30+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": [ + "kubernetes.io/pvc-protection" + ], + "generate_name": null, + "generation": null, + "labels": { + "app.kubernetes.io/instance": "cassandra-cluster1", + "app.kubernetes.io/managed-by": "cass-operator", + "app.kubernetes.io/name": "cassandra", + "app.kubernetes.io/version": "3.11.7", + "cassandra.datastax.com/cluster": "cluster1", + "cassandra.datastax.com/datacenter": "test-cluster", + "cassandra.datastax.com/rack": "default" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + ".": {}, + "f:volume.kubernetes.io/selected-node": {} + } + } + }, + "manager": "kube-scheduler", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:30+00:00" + }, + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + "f:pv.kubernetes.io/bind-completed": {}, + "f:pv.kubernetes.io/bound-by-controller": {}, + "f:volume.beta.kubernetes.io/storage-provisioner": {}, + "f:volume.kubernetes.io/storage-provisioner": {} + }, + "f:labels": { + ".": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {}, + "f:app.kubernetes.io/version": {}, + "f:cassandra.datastax.com/cluster": {}, + "f:cassandra.datastax.com/datacenter": {}, + "f:cassandra.datastax.com/rack": {} + } + }, + "f:spec": { + "f:accessModes": {}, + "f:resources": { + "f:requests": { + ".": {}, + "f:storage": {} + } + }, + "f:storageClassName": {}, + "f:volumeMode": {}, + "f:volumeName": {} + } + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:33+00:00" + }, + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:status": { + "f:accessModes": {}, + "f:capacity": { + ".": {}, + "f:storage": {} + }, + "f:phase": {} + } + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": "status", + "time": "2024-02-26T19:33:33+00:00" + } + ], + "name": "server-data-cluster1-test-cluster-default-sts-1", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1301", + "self_link": null, + "uid": "5921cc87-b65e-4389-9c27-bfd4674f40dc" + }, + "spec": { + "access_modes": [ + "ReadWriteOnce" + ], + "data_source": null, + "data_source_ref": null, + "resources": { + "claims": null, + "limits": null, + "requests": { + "storage": "3Gi" + } + }, + "selector": null, + "storage_class_name": "server-storage", + "volume_mode": "Filesystem", + "volume_name": "pvc-5921cc87-b65e-4389-9c27-bfd4674f40dc" + }, + "status": { + "access_modes": [ + "ReadWriteOnce" + ], + "allocated_resources": null, + "capacity": { + "storage": "3Gi" + }, + "conditions": null, + "phase": "Bound", + "resize_status": null + } + }, + "server-data-cluster1-test-cluster-default-sts-2": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": { + "pv.kubernetes.io/bind-completed": "yes", + "pv.kubernetes.io/bound-by-controller": "yes", + "volume.beta.kubernetes.io/storage-provisioner": "rancher.io/local-path", + "volume.kubernetes.io/selected-node": "acto-0-cluster-0-worker3", + "volume.kubernetes.io/storage-provisioner": "rancher.io/local-path" + }, + "creation_timestamp": "2024-02-26T19:33:30+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": [ + "kubernetes.io/pvc-protection" + ], + "generate_name": null, + "generation": null, + "labels": { + "app.kubernetes.io/instance": "cassandra-cluster1", + "app.kubernetes.io/managed-by": "cass-operator", + "app.kubernetes.io/name": "cassandra", + "app.kubernetes.io/version": "3.11.7", + "cassandra.datastax.com/cluster": "cluster1", + "cassandra.datastax.com/datacenter": "test-cluster", + "cassandra.datastax.com/rack": "default" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + ".": {}, + "f:volume.kubernetes.io/selected-node": {} + } + } + }, + "manager": "kube-scheduler", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:30+00:00" + }, + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + "f:pv.kubernetes.io/bind-completed": {}, + "f:pv.kubernetes.io/bound-by-controller": {}, + "f:volume.beta.kubernetes.io/storage-provisioner": {}, + "f:volume.kubernetes.io/storage-provisioner": {} + }, + "f:labels": { + ".": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {}, + "f:app.kubernetes.io/version": {}, + "f:cassandra.datastax.com/cluster": {}, + "f:cassandra.datastax.com/datacenter": {}, + "f:cassandra.datastax.com/rack": {} + } + }, + "f:spec": { + "f:accessModes": {}, + "f:resources": { + "f:requests": { + ".": {}, + "f:storage": {} + } + }, + "f:storageClassName": {}, + "f:volumeMode": {}, + "f:volumeName": {} + } + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:33+00:00" + }, + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:status": { + "f:accessModes": {}, + "f:capacity": { + ".": {}, + "f:storage": {} + }, + "f:phase": {} + } + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": "status", + "time": "2024-02-26T19:33:33+00:00" + } + ], + "name": "server-data-cluster1-test-cluster-default-sts-2", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1309", + "self_link": null, + "uid": "46c1b026-ace4-4bb1-83b7-39b6f5a2cb7f" + }, + "spec": { + "access_modes": [ + "ReadWriteOnce" + ], + "data_source": null, + "data_source_ref": null, + "resources": { + "claims": null, + "limits": null, + "requests": { + "storage": "3Gi" + } + }, + "selector": null, + "storage_class_name": "server-storage", + "volume_mode": "Filesystem", + "volume_name": "pvc-46c1b026-ace4-4bb1-83b7-39b6f5a2cb7f" + }, + "status": { + "access_modes": [ + "ReadWriteOnce" + ], + "allocated_resources": null, + "capacity": { + "storage": "3Gi" + }, + "conditions": null, + "phase": "Bound", + "resize_status": null + } + } + }, + "cronjob": {}, + "ingress": {}, + "network_policy": {}, + "pod_disruption_budget": { + "test-cluster-pdb": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": { + "cassandra.datastax.com/resource-hash": "N5O7i+zXqVMtvfYRMnksAOtwD64XnXhWx4ZtrExoAfU=" + }, + "creation_timestamp": "2024-02-26T19:36:14+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": 1, + "labels": { + "app.kubernetes.io/instance": "cassandra-cluster1", + "app.kubernetes.io/managed-by": "cass-operator", + "app.kubernetes.io/name": "cassandra", + "app.kubernetes.io/version": "3.11.7", + "cassandra.datastax.com/cluster": "cluster1", + "cassandra.datastax.com/datacenter": "test-cluster" + }, + "managed_fields": [ + { + "api_version": "policy/v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:status": { + "f:conditions": { + ".": {}, + "k:{\"type\":\"DisruptionAllowed\"}": { + ".": {}, + "f:lastTransitionTime": {}, + "f:message": {}, + "f:observedGeneration": {}, + "f:reason": {}, + "f:status": {}, + "f:type": {} + } + }, + "f:currentHealthy": {}, + "f:desiredHealthy": {}, + "f:disruptionsAllowed": {}, + "f:expectedPods": {}, + "f:observedGeneration": {} + } + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": "status", + "time": "2024-02-26T19:36:14+00:00" + }, + { + "api_version": "policy/v1beta1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + ".": {}, + "f:cassandra.datastax.com/resource-hash": {} + }, + "f:labels": { + ".": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {}, + "f:app.kubernetes.io/version": {}, + "f:cassandra.datastax.com/cluster": {}, + "f:cassandra.datastax.com/datacenter": {} + }, + "f:ownerReferences": { + ".": {}, + "k:{\"uid\":\"9b81ee5e-f473-4cc4-8eba-88b9581a973d\"}": {} + } + }, + "f:spec": { + "f:minAvailable": {}, + "f:selector": {} + } + }, + "manager": "manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:36:14+00:00" + } + ], + "name": "test-cluster-pdb", + "namespace": "cass-operator", + "owner_references": [ + { + "api_version": "cassandra.datastax.com/v1beta1", + "block_owner_deletion": true, + "controller": true, + "kind": "CassandraDatacenter", + "name": "test-cluster", + "uid": "9b81ee5e-f473-4cc4-8eba-88b9581a973d" + } + ], + "resource_version": "1980", + "self_link": null, + "uid": "d836002c-7c09-488a-b295-d5a972973ee4" + }, + "spec": { + "max_unavailable": null, + "min_available": 2, + "selector": { + "match_expressions": null, + "match_labels": { + "cassandra.datastax.com/cluster": "cluster1", + "cassandra.datastax.com/datacenter": "test-cluster" + } + }, + "unhealthy_pod_eviction_policy": null + }, + "status": { + "conditions": [ + { + "last_transition_time": "2024-02-26T19:36:14+00:00", + "message": "", + "observed_generation": 1, + "reason": "SufficientPods", + "status": "True", + "type": "DisruptionAllowed" + } + ], + "current_healthy": 3, + "desired_healthy": 2, + "disrupted_pods": null, + "disruptions_allowed": 1, + "expected_pods": 3, + "observed_generation": 1 + } + } + }, + "secret": { + "cass-operator-controller-manager-token-78j4l": { + "api_version": null, + "data": { + "ca.crt": "-----BEGIN CERTIFICATE-----\nMIIC/jCCAeagAwIBAgIBADANBgkqhkiG9w0BAQsFADAVMRMwEQYDVQQDEwprdWJl\ncm5ldGVzMB4XDTI0MDIyNjE5MzEyNVoXDTM0MDIyMzE5MzEyNVowFTETMBEGA1UE\nAxMKa3ViZXJuZXRlczCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMmH\nFaWb2Wjn7HoSYrErkc76xYf8Iz5XjB4005cdOSVc8bovTzFpQwmV7B09zUpq6nOq\nTNk86Zfrth8KyS1crMrlNhOkOZYeGPT2L8NMO9V/XrgaRv8cEWZjeMRpWlNdwVtJ\nrK+CQF/e4vMbv17zjT5DeSXJtYpY87TWY69RH4cJFnD93Y1BUSfPbSbtaAXLdH03\nPVTtFWm6H8NFzf+bw1hN1W+62DOWjZ7YbR3aJqyyle26Qz35VocYnRo705lZKPwO\nt5XnwmnIE6sMwngJutGipU8/v/OG8SsvoOgfLU8sSeuatXV6q/UzvAv0x0X7b6BH\nvEPkLge3JISAylxOu+0CAwEAAaNZMFcwDgYDVR0PAQH/BAQDAgKkMA8GA1UdEwEB\n/wQFMAMBAf8wHQYDVR0OBBYEFBn5yq8hFn3wVwtApoqJ9eQF1zPpMBUGA1UdEQQO\nMAyCCmt1YmVybmV0ZXMwDQYJKoZIhvcNAQELBQADggEBABrIGLIeWKkQrHtRF/lJ\nUqLBDKSkOOdHlAXfYJNM3LgYEoNBV1hvt5Pte95QKpflyLBEqiaIeq1Qpw4OfH3x\nj1xsNULGk6Xjce8/UpG4xSfsJ7xntFzg22pEZKuAF1FGOOfZh5orla6UHk8Bg5+b\nXZeJzUGJSKfjVhlxf72udWFzvJdcG/sEUkvyX5Mlrph8tUyOpY/6LRAmDBrfokBk\nEA8DQjsL0IaIOoHP2eMVqIws8Biyptn6q047jjayTjn2ITN3Cd2yj9qGwlBaO6rE\nrtqStZSE+M7MNHsY4ha/Jgarg3VzafqRXCA2QVuc8iqke0v1ntnOzZz2RUmLY5UA\nGyM=\n-----END CERTIFICATE-----\n", + "namespace": "cass-operator", + "token": "eyJhbGciOiJSUzI1NiIsImtpZCI6Inh4RE1zTEVXZVFPYU9hV2FoYi05em80SnZ0WExGeHJ2blN4NHlEa2V4NTgifQ.eyJpc3MiOiJrdWJlcm5ldGVzL3NlcnZpY2VhY2NvdW50Iiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9uYW1lc3BhY2UiOiJjYXNzLW9wZXJhdG9yIiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9zZWNyZXQubmFtZSI6ImNhc3Mtb3BlcmF0b3ItY29udHJvbGxlci1tYW5hZ2VyLXRva2VuLTc4ajRsIiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9zZXJ2aWNlLWFjY291bnQubmFtZSI6ImNhc3Mtb3BlcmF0b3ItY29udHJvbGxlci1tYW5hZ2VyIiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9zZXJ2aWNlLWFjY291bnQudWlkIjoiNTYyOGVjNjUtMjM1Zi00ZGI4LTk4MjgtYWI4MDQ5ZTBhZjkyIiwic3ViIjoic3lzdGVtOnNlcnZpY2VhY2NvdW50OmNhc3Mtb3BlcmF0b3I6Y2Fzcy1vcGVyYXRvci1jb250cm9sbGVyLW1hbmFnZXIifQ.MXOf_QvpwuQk88mZTM2c8BVZ3x-KieQiLN2Rx9Rss1cj6jYjH320QPtBRe1qZ5S4Dkkz4eUg3lHrX-rj4q_0UHz-SH8vKeXMyX8dxkwZHcS00PAEtCIlgKC-WzAPqnaKdY4duHZUnA2mK2Bd-ewwiOdFLO8hf7bR11JXdpj0t9T3SZrw8WnHCMPmAdgaF8dM_QDhU2n9vKlyh5-6J8-g6mM-ebtGOP26j4x76P6hECgtxD3xOzVIzV_rWRaxHT2Bl3IPTZ_rK8RtU9Vovz0YVWbr65EHDXSBs5oxeId4iVZywCN_4BMJ1zL36S-Gc6Bm5mMtWyiyXrK7fXN8sMTCiw" + }, + "immutable": null, + "kind": null, + "metadata": { + "annotations": { + "kubernetes.io/service-account.name": "cass-operator-controller-manager", + "kubernetes.io/service-account.uid": "5628ec65-235f-4db8-9828-ab8049e0af92" + }, + "creation_timestamp": "2024-02-26T19:32:48+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:data": { + ".": {}, + "f:ca.crt": {}, + "f:namespace": {}, + "f:token": {} + }, + "f:metadata": { + "f:annotations": { + ".": {}, + "f:kubernetes.io/service-account.name": {}, + "f:kubernetes.io/service-account.uid": {} + } + }, + "f:type": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:32:48+00:00" + } + ], + "name": "cass-operator-controller-manager-token-78j4l", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "954", + "self_link": null, + "uid": "fc2c5c76-6bf8-4dd5-858e-15718ab80648" + }, + "string_data": null, + "type": "kubernetes.io/service-account-token" + }, + "cluster1-superuser": { + "api_version": null, + "data": { + "password": "lgA50wzRdKTOoZjU2DbbqiTljvOlrKE2CUxGcTMi4CsjCQ5KfcM0Dg", + "username": "cluster1-superuser" + }, + "immutable": null, + "kind": null, + "metadata": { + "annotations": { + "cassandra.datastax.com/watched-by": "[\"cass-operator/test-cluster\"]" + }, + "creation_timestamp": "2024-02-26T19:33:30+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": { + "app.kubernetes.io/instance": "cassandra-cluster1", + "app.kubernetes.io/managed-by": "cass-operator", + "app.kubernetes.io/name": "cassandra", + "app.kubernetes.io/version": "3.11.7", + "cassandra.datastax.com/watched": "true" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:data": { + ".": {}, + "f:password": {}, + "f:username": {} + }, + "f:metadata": { + "f:annotations": { + ".": {}, + "f:cassandra.datastax.com/watched-by": {} + }, + "f:labels": { + ".": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {}, + "f:app.kubernetes.io/version": {}, + "f:cassandra.datastax.com/watched": {} + } + }, + "f:type": {} + }, + "manager": "manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:36:14+00:00" + } + ], + "name": "cluster1-superuser", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1979", + "self_link": null, + "uid": "d70fb378-1971-4597-836f-222a7c423688" + }, + "string_data": null, + "type": "Opaque" + }, + "default-token-85zgl": { + "api_version": null, + "data": { + "ca.crt": "-----BEGIN CERTIFICATE-----\nMIIC/jCCAeagAwIBAgIBADANBgkqhkiG9w0BAQsFADAVMRMwEQYDVQQDEwprdWJl\ncm5ldGVzMB4XDTI0MDIyNjE5MzEyNVoXDTM0MDIyMzE5MzEyNVowFTETMBEGA1UE\nAxMKa3ViZXJuZXRlczCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMmH\nFaWb2Wjn7HoSYrErkc76xYf8Iz5XjB4005cdOSVc8bovTzFpQwmV7B09zUpq6nOq\nTNk86Zfrth8KyS1crMrlNhOkOZYeGPT2L8NMO9V/XrgaRv8cEWZjeMRpWlNdwVtJ\nrK+CQF/e4vMbv17zjT5DeSXJtYpY87TWY69RH4cJFnD93Y1BUSfPbSbtaAXLdH03\nPVTtFWm6H8NFzf+bw1hN1W+62DOWjZ7YbR3aJqyyle26Qz35VocYnRo705lZKPwO\nt5XnwmnIE6sMwngJutGipU8/v/OG8SsvoOgfLU8sSeuatXV6q/UzvAv0x0X7b6BH\nvEPkLge3JISAylxOu+0CAwEAAaNZMFcwDgYDVR0PAQH/BAQDAgKkMA8GA1UdEwEB\n/wQFMAMBAf8wHQYDVR0OBBYEFBn5yq8hFn3wVwtApoqJ9eQF1zPpMBUGA1UdEQQO\nMAyCCmt1YmVybmV0ZXMwDQYJKoZIhvcNAQELBQADggEBABrIGLIeWKkQrHtRF/lJ\nUqLBDKSkOOdHlAXfYJNM3LgYEoNBV1hvt5Pte95QKpflyLBEqiaIeq1Qpw4OfH3x\nj1xsNULGk6Xjce8/UpG4xSfsJ7xntFzg22pEZKuAF1FGOOfZh5orla6UHk8Bg5+b\nXZeJzUGJSKfjVhlxf72udWFzvJdcG/sEUkvyX5Mlrph8tUyOpY/6LRAmDBrfokBk\nEA8DQjsL0IaIOoHP2eMVqIws8Biyptn6q047jjayTjn2ITN3Cd2yj9qGwlBaO6rE\nrtqStZSE+M7MNHsY4ha/Jgarg3VzafqRXCA2QVuc8iqke0v1ntnOzZz2RUmLY5UA\nGyM=\n-----END CERTIFICATE-----\n", + "namespace": "cass-operator", + "token": "eyJhbGciOiJSUzI1NiIsImtpZCI6Inh4RE1zTEVXZVFPYU9hV2FoYi05em80SnZ0WExGeHJ2blN4NHlEa2V4NTgifQ.eyJpc3MiOiJrdWJlcm5ldGVzL3NlcnZpY2VhY2NvdW50Iiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9uYW1lc3BhY2UiOiJjYXNzLW9wZXJhdG9yIiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9zZWNyZXQubmFtZSI6ImRlZmF1bHQtdG9rZW4tODV6Z2wiLCJrdWJlcm5ldGVzLmlvL3NlcnZpY2VhY2NvdW50L3NlcnZpY2UtYWNjb3VudC5uYW1lIjoiZGVmYXVsdCIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VydmljZS1hY2NvdW50LnVpZCI6ImIzZmRlMDk1LTc4NDctNDI3Ny05ZDY4LTFiNmMyOGZhM2Q3MSIsInN1YiI6InN5c3RlbTpzZXJ2aWNlYWNjb3VudDpjYXNzLW9wZXJhdG9yOmRlZmF1bHQifQ.oDBiilLn6TaBtuduVklCDCNa0UIM_qwI-y5GEvoM_kgUDugNiJj8x5elLWbS1BklUEiLIYPGdDZyQWnEtuJO9kNAEqKQrtIlYxKy3T1uaG_JZ0tFkUa3yXAisNYZnnX4ZYjFDCycUtVP8TiF2ZV0iR900tLL2TWM7jEnacKkIOviL2zqiBTD5v3d33aj9KXQwGMT1IMGDKX4x1VIySiDRHUS03ogGaPijilw45v0lWN18BI3vRtMSwuQIsaE8knoVKavm4AurK80rVP6Tm-CHNqWTiOnZ56lM11lnDVDsT2agXjO52MYV0TQkYVKgdq0YgUYf2rbBxpvQ4tTNqTS_A" + }, + "immutable": null, + "kind": null, + "metadata": { + "annotations": { + "kubernetes.io/service-account.name": "default", + "kubernetes.io/service-account.uid": "b3fde095-7847-4277-9d68-1b6c28fa3d71" + }, + "creation_timestamp": "2024-02-26T19:32:27+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:data": { + ".": {}, + "f:ca.crt": {}, + "f:namespace": {}, + "f:token": {} + }, + "f:metadata": { + "f:annotations": { + ".": {}, + "f:kubernetes.io/service-account.name": {}, + "f:kubernetes.io/service-account.uid": {} + } + }, + "f:type": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:32:27+00:00" + } + ], + "name": "default-token-85zgl", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "737", + "self_link": null, + "uid": "4f46c8c1-ec8e-454c-b261-48c03c463f85" + }, + "string_data": null, + "type": "kubernetes.io/service-account-token" + }, + "test-cluster-ca-keystore": { + "api_version": null, + "data": { + "cert": "-----BEGIN CERTIFICATE-----\nMIIF9zCCA9+gAwIBAgIQX1+/mcEfMJBDyRV8seUWAjANBgkqhkiG9w0BAQsFADBp\nMTIwMAYDVQQKEylDYXNzYW5kcmEgS3ViZXJuZXRlcyBPcGVyYXRvciBCeSBEYXRh\nc3RheDEzMDEGA1UEAxMqdGVzdC1jbHVzdGVyLWNhLWtleXN0b3JlLmNhc3Mtb3Bl\ncmF0b3Iuc3ZjMB4XDTI0MDIyNjE5MzMzMFoXDTI1MDIyNTE5MzMzMFowaTEyMDAG\nA1UEChMpQ2Fzc2FuZHJhIEt1YmVybmV0ZXMgT3BlcmF0b3IgQnkgRGF0YXN0YXgx\nMzAxBgNVBAMTKnRlc3QtY2x1c3Rlci1jYS1rZXlzdG9yZS5jYXNzLW9wZXJhdG9y\nLnN2YzCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAPjypL+aX9rQ6gjq\nWkdsYubR8oVk3VcL4rb4zO0BttU0yia0mB+iBYx0Sjc2YBeTpP6j2J3THbmtU8+F\nh6Q9Gmp0egJiElSNyzVZcLaReCi+2P9rYrWgqz9L8QzLB2hOBhQ3Tn/iL4fkiU0l\nP+veI/HutmzYXQhe0gWdMtip5rVmOxwupN53dhupOAW4cOB05cBEim23mmG2g5KI\nPZ1Qog2FytOWLgcVLX5QyRUwkSWmPDzaFA/c4BHzpF0y4B9Gf/pjkUvAYF2uD64C\nZL/dxk5++9DlH7lD8Df5If3lne6scxlKLes4b1aevgD2yJNSEQnFBdzPGh6jXmHk\npaWQbMY8Wzbc+3HWUIfYvq9YMQXTZkn9A+lF8fTnOeY5gbpmYy/0Za9e1T+YdP5Z\n2dI9nPi6kWciiIkT9bOL4/cvFYFZqMoqbmoiXW0X5ns7dajeto63RT/SDos0FNqp\nwVylcsEesQM3nPAWgP2H4L5cOYt0ODAY/HTQ4gX942SzeS9+0ptGCdx7pyzn4N65\nXtZbTf/Nqn0ZWwy5aAe2j2PA1/XUUJ7VI5X9VbH71bkStmMwBwSkijkeLeIws4He\n36Mwm5ZQSPond4GMQi7Rvhw1Viu0jrW+R+3VzvYZqW/ucUhY8K/vQh4jWjtIDE8r\nyxOxe1UeqThK2hVQC/7V7quKBXXlAgMBAAGjgZowgZcwDgYDVR0PAQH/BAQDAgKk\nMBMGA1UdJQQMMAoGCCsGAQUFBwMBMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYE\nFKihpplWTjvB13YVR/+rJIXDDySlMEAGA1UdEQQ5MDeCNWNhc3NhbmRyYWRhdGFj\nZW50ZXItd2ViaG9vay1zZXJ2aWNlLmNhc3Mtb3BlcmF0b3Iuc3ZjMA0GCSqGSIb3\nDQEBCwUAA4ICAQB5mrJBCJW1YzHSfe7h4OHvbqJViIcEDfhdz43+4tRheS1+t6Lp\n78LAT7ExsVzbe7de+qJgQVaG8RwXTS0mGmowrqb1xRvIM6nYvNP5NurL7O988gwQ\npZFrJwzGftnqQurTARGPTFtIkm6gSJNXH2Fr+amO8CPTTvkvH2Rt1VMHbsnI8/N0\nTDsKs4ohYYQfUPp+F/hT6EPpSURMOGa0zsaYV5oZnvVnxSPn80HBhXBNBOA0Dh7Z\nwqXCiAm1L65zB8HIe9fHxTRMFc7cnVOqnCDDSrfu3yRvj6HcGqjX899e9SDklW6R\npupvRhJeZW3a9XoH5oMzYcfdQKFmTwhGr39TMCfdTbNEyGQmEtJiqLegddBYGuDm\n1KOys4cTuamhoXo8NoQN/p9oVzCBqVasv1fER01fX+DoN3lWUVL9Xalqzv1KZd8w\ncJB9VJL2cfWg7/DI8ZcSk/IlzEenglB578Kg5vTCgcCMpYbjzkJGXbWD49Z/jZ2p\nxp0RtKLOIW0cdzETxwIpiL0vfeyJ3Ri8KKisZskBmvmog/+GSyaCeNsFMU9gziRx\nXfvdzd9P0dC9FfSigm/uQ2FHSWaVASwZ4MKg7zozsDHrAHZPdwfelmyB4cntOaYU\nIQ7YMDs41bCU+CBwPLNc54Y9gC+HbfBehM3Zt8Xf4CiQ7/1yK0pttiLaQQ==\n-----END CERTIFICATE-----\n", + "key": "-----BEGIN PRIVATE KEY-----\nMIIJQwIBADANBgkqhkiG9w0BAQEFAASCCS0wggkpAgEAAoICAQD48qS/ml/a0OoI\n6lpHbGLm0fKFZN1XC+K2+MztAbbVNMomtJgfogWMdEo3NmAXk6T+o9id0x25rVPP\nhYekPRpqdHoCYhJUjcs1WXC2kXgovtj/a2K1oKs/S/EMywdoTgYUN05/4i+H5IlN\nJT/r3iPx7rZs2F0IXtIFnTLYqea1ZjscLqTed3YbqTgFuHDgdOXARIptt5phtoOS\niD2dUKINhcrTli4HFS1+UMkVMJElpjw82hQP3OAR86RdMuAfRn/6Y5FLwGBdrg+u\nAmS/3cZOfvvQ5R+5Q/A3+SH95Z3urHMZSi3rOG9Wnr4A9siTUhEJxQXczxoeo15h\n5KWlkGzGPFs23Ptx1lCH2L6vWDEF02ZJ/QPpRfH05znmOYG6ZmMv9GWvXtU/mHT+\nWdnSPZz4upFnIoiJE/Wzi+P3LxWBWajKKm5qIl1tF+Z7O3Wo3raOt0U/0g6LNBTa\nqcFcpXLBHrEDN5zwFoD9h+C+XDmLdDgwGPx00OIF/eNks3kvftKbRgnce6cs5+De\nuV7WW03/zap9GVsMuWgHto9jwNf11FCe1SOV/VWx+9W5ErZjMAcEpIo5Hi3iMLOB\n3t+jMJuWUEj6J3eBjEIu0b4cNVYrtI61vkft1c72Galv7nFIWPCv70IeI1o7SAxP\nK8sTsXtVHqk4StoVUAv+1e6rigV15QIDAQABAoICAQCEecL3/zOBIulXwzY1idT7\nlb+kAq/SkY2c5rtOaDoeLRBiFnpZYwPm4T9ZMENkaHpF03UDT4Qi+bx+00UCPk3f\nVopS2FN+0VHQ2v6i+LhjnmOlUETf+FcIwOXOdABGHjcX7PKGFRxMCW6TMf5ZCwY/\nyVMkiuK/AI5s1GFpcMhHwdY0whGUHSgpwhwA10yh9TMJ5K9xgWHTG6fag0ueenky\nDv+HJwTpWfiynlTTRNwIl/S4QSip5FUM2IWf3uHrYr3ZxcBc+kuNroHDjJyGiYLs\n5KAmYrdGBIRBlP7kuJsZloVNcO8MnCSLiL/9jVXhJ6vPchwTi9YPdcpU97K6byei\nLWlrtwRd1tLzgH3bBkJ+BhAzKiCwd8jYaBuAK3jFK7r9mjy1niBAbLhsbc6KZrK9\nRQUegurjmpyoi5k2WyApgWs3cMCXje/0vuDPvMwv3+vWXsrlL8dGwsTsMaLrwbxX\nE6KXYz9uO1wL+Jy4cOp2WOGle1cCHrewEYB/VGs0TBTNSz8O6ebR9g4ucFwnFq/7\nd9mRRDef5+hF7vwaeG3FGDgXJcqf99TFpj1rXukIrVxhjVX+hNvegn4UhZ/FJWum\nEtP5MOs+hzq3+bgAlSyeaNqqPmM6r+R7Zl/OrB3PXmdrYStTP3NRTq3hrBIGDeVz\nqaRH8eBwAFPud0A6hPv0AQKCAQEA/9yTXvaugYTk0uvVckwBQoFgzaRIJXV5tpui\nKsY1Pxn6OfsKqTVvfW73yYErwglDK3rGrLY5jDk69BSywdhW9vQl/q290xMJyGeb\n3EsYEdlSvP//npgM7UJVVyfV6bhUY3CiMt1pjyFkdriiKh5kEXB+wT96oyxHRzLP\ng224DS2NGOfkW9VMLzTtJ/W8bfO2QG9FULnEgaSbWRzLgKaz3CH1DQOXKiJdBCBm\nVbprVt7hz7K3a4B8xuANddt4YnUfiYod0LabMClt/7yE/dGw/fX7UyHKzrxPAVt5\nBE9PaW7a8UUtp+i/oi6aqibw2JBMxeGgNse+owFVCMDYTKc65QKCAQEA+RUcVBEp\nhFdnqCf9Zzc8mWwVpOGh9dIqXS7fJ7wUpFSKieaiBEdZNi8771jn3OGzyMgpB66D\nuY/GCm7wL0RAeek3CjaxAPazgbj5tlt4b7NeiDY7diIcOM3nZR5z2yb2eAPR1f2Q\nW/luLdD2m5FZQxV0kiDXZrmbjv7bE8Pn9uGn4tRdQTL0+2kTSywbEs2r6IZefePL\nIbuzx2SQTe6cA/Zhgg3hfS+5ZJbmUQvqLWc+NMr4WdUXQ4TYXjV7fZyc8YaQ9cZj\nIzD5sPtA7Y96fVUx4oRJGhdCqcqxqFJSGz5QzrIDBqT4lzLFh4Xr9KWUe88XfICM\nvY7rKtTUogKfAQKCAQAfKpAs/iFtl3GEG8QJQybYIghXpE5BedjUnIqZaUFtKU3o\nqCK5T8//2HeIbRqWbShocHEo8p157jK3LppDsIWPWVgTeLhpsKT9a1l58Q/ChNVm\nPky11dGlSPI6Rpjw+koVPtATIBNOowOozn66YK9RzIE0KvZWT/tyuca7PK8xs72/\nLegMI6Q/D9RfjLhiMFCf8q3f0nEUVaeyqCZFyoiYJO7Dog9Uy5DHAudUQ/v1PfsF\noMBk8ObCFuKs24oDfD7WMyPEm6m1qSZEA4Ozo0pK9R6jFresjRWWlbzdAIgs0JsM\nzp9sF5bYO5MNbObjilg/tmccpSIcmvnvsgXm+GvdAoIBAQCEPz0nNWWBqpaSpYjZ\ngG5gVw622EWRquBrUTOSeT3MckaMKTPkaa1oI3QDBIU2tW8rL3r5ZSLzJu7TI0vL\nDMXe9IAQoDEifdmZCokq1S4AwI90arbvZfTuBATTn3OL7Af4eK60m0hGTQy+rrAA\nsQ9fmsilvWIgXHPHXHEc8Wr7nZvxxycsMs33njZsNyK4vRKFBrKszIFRi8NMHoyv\nk/yp7eqfjpcmTGx2h9gJN/ZB3QseJJXvvD/5zVLD0kmay8hYREY69/Yy/RHVcdFr\nUD6MxOsThYD6pVbzp3bkE7EcXd2xoLoSkQyb2o0eA3DgF/naMn4Z0HbpPjSGLTIo\nQpQBAoIBAF8VekmSHpdQ83n5e+qh11niQqAMgUGTx+ysZLJpBOd7mCXF2x1CTj5X\n1G1QKK35H5Pfk12n7qQ+Kokqxs4l1oD31EIkpWbKVW4KUkWIaA5QAWSwjfKb+WyP\npHyCA0O+67JBqSeJa5+VIVaxtpXCDKc6L3Vp+dkx0zzcb0jFTcyIQWGea3JtB29Z\nvsOs4wVJtWTr0yiwhOS0rq/jnhjEcdfUWqvkt6nZ5djGIi7WP6biT3DTriV+1TSP\nlD5H04K2KGKYeYJeQoeGicOKBU77fmth/IlceEv3HiIrNaP1/xHZSGjdCbhPi8q8\nK/noZDwAYuMSlWygyJgv+nGkI4P1BV4=\n-----END PRIVATE KEY-----\n" + }, + "immutable": null, + "kind": null, + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:42+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:data": { + ".": {}, + "f:cert": {}, + "f:key": {} + }, + "f:type": {} + }, + "manager": "manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:42+00:00" + } + ], + "name": "test-cluster-ca-keystore", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1356", + "self_link": null, + "uid": "092210cd-012b-4880-8be0-31892909c652" + }, + "string_data": null, + "type": "Opaque" + }, + "test-cluster-keystore": { + "api_version": null, + "data": { + "node-keystore.jks": "/u3+7QAAAAIAAAACAAAAAQAhdGVzdC1jbHVzdGVyLmNhc3Mtb3BlcmF0b3IuY2Fzc2RjAAABjeborQAAAAmHMIIJgzAOBgorBgEEASoCEQEBBQAEgglv9f5XKDWJsPMHaGZN9azx/zCVpVkEHO1IR+xJaay0NjuPlDn3Ffjy7zqOyTV/s+xIFNJJKokZPeJl4QGfxG1Odb8CCgVFnO9Msugy3DbrIDaIAmH0d4Sl9MyTxuGJxLX0ZhCqlBwwYjHIG3W1r+sQ1nz1nyjErTwmmbkF5Mgnqqt4YE9Zvyn2eTakG1FNXX+8M3c8wZyzrgKModYK+n5DPu70UkM9OSzWCA6tFige34NGkbCKm04Adjix6OP6xkAzG+KOrF7Pd7dVRUsdaRbEXsgq1sjzI0DCqo2RnTQc0O3FuzoP1rxywO2wSS8UYs/bX7CZXivnaoIVmPDuzzboiGUgpIiTMjOyzGDWkecIc7XU+aDJWEsKh2Ws98qflPMkU5DxQmtG1SQAjmNsz2irBJSnjOQf/4iEu/QA0GjL/4CAKukX2U8GbbAxYjVW0n/aH6fLHLWkmViqVFjkOX7wBV3bU7CU1cSBGz8Vqo27lgBQpHgKURnvxV9wIYHdLOD6ZOPAIfEErQpqkHApQSt1RhtQV/eI4BXig+z2B+XAY/re41wrwEkgAxklFg/5pK2T9ZnIxxB9py9kaBbg+WSc7acVuFAhI7IdTXNb4kVxNdEV0rxwCP1zZOZn3dClq1MtwiZB9/t+oAGfT5K2kxpRPTAck8NRKxQvsNgFrIqjLe6zJgTWKGUWe9Y1PWvBz5P6+gCv76SGUg7cm85HmhLJBIpElORGIK5O7GcrCqseZDqi/SsoW/e2m3+VWQRjPPexslcVnRVkIN+djPp22UVyAh1ebd1YlgioIVMkvCyuYKgQlV48VvfkPhY/iNtfy8+dH0mwVT1eHw6C6Dt89Cp5XOYNesBcAqOdIZmPNfWZyQa2BwnT8TjQeV6ojxx5WB2fMMruXDLTB0a9vTH5Wd041dJNm64KbtJCGsa9zsm6zePvvU0/K6FxBYAqTGAlzzju5M3oUh0MPgcAKptRbAlPl3C2b3yS5ydnfFX6UKu78ph46XP9MiGw6Rti+YOK5QQOTPzcPvaLsu27LMdYR9nO9epZDHoD1HfLNci3TVBQY/1AbyCArpAz6lgvCPZ9o+JuI890X/mH4LDRO2+1DwTaPb/QcaV9bng9Lw0pcdnbUezIR/xFIW+58tmg+gqe8EaplRa7yaGVitDhTQF2Kq2wl9dqTVzgDGqNcuBCpT6BAAQKv9jeMb3KCqXFwzGPJLCzsN26vz/R5GnSIADSsnxWf1egqr1wKdSG9BnFkoIuC55PvEMVrUKKpVbT0Jmk8/8F3umhSUGh/MNtUN4eqClm8VhZovXpj+bRvY4RQ+NtVStA7HhdO7Tj7lDY9pVlKKnRkEok2h/2r1WE0H/aSFxzU2v4xyy3hEDGMXga9CTIxTGHDEUwDC3SEHzCIYIyL3zur5dFM5W2RYAggNwWyXIn7z6ux0M72tpkdCLNCBH86qE1fnAoqRaj/ZWl54WU9qQqEcKeZjy8yF4CSdtSuVOdvYI/AU8py2lRYUDUl+hSemPUTpv2SYRhqGxCw39Db8mUoLZjKs2/wANf/uV5JWj7hif9T8w1AwxHUXTgu+IurmmWCuqBkEXiuekpNpNi/SMxhmyE/0OOXAGGViKa8ionEPek1GFXGSTnEg28IMakDxn1sw0b7pbMBazq2MGI3z8GbUvTmKA+qAK7dSjCIN/UyEBVt88FJOGZFngAEHJtf/YgYgN2OiMqwvrEpR6vjOAAwrdpgSl2rR2UOSG6XA7204qr8lM6oabNUC1Dj9OtrCjHtE4RFwlb+aOK8XHkxDKievVBI453h8tjcAiEQpm4qVFP9WyiHvpJ+Z4QTp9GfQP6etYC2b0u/UtUgrhTWgceAk9SrfYdNaOxLdHCKKXernC42MZar6fLNa2Dicm9x4ElI1p44x/pgrgQsvz0IbtpHgradj/D+e+3awJnYVRYnayH5JkWlow9gi3/hUEq5Eat577z5PlFrEEwq2CMPNNzzV2bsfJjBs/7oHsv7VEZYF+OJ97mEMDftgfGts1gkeG4HyA4dAmA8sxIsfT2ukLtGLvqUtafQSRqHwOWPfVznU7ddi9ApbIty9VjJ/NUKicr01M7E5Ba8CXcKixrwRDjR+cvn3fzcFtAewIjK1z60LLD47q+2gBNtz78O2gi/oqKJOtw3mGWSsFLAOmGgzDf9EO32atVQZw1uNceC2+beP9CsI/26bxH0/U3zxXLuYrdDGxEwSgRY+CWRAMyz7czva2QVMUXfVq1gTEz0ZauZfdaGEizDexoFM+sXH52ZGjXeI+jhQGIjPtdJ5cTCgzcOpwjoHDFXxHzVH5QBk3TJOnB6B1X7PtcrmgexOq0IL7g7qQ5zZlgpwc9Dm6Rbe0Iqo+N6XN8QR78qdrht5/PJs94RzwjuHyHYBbzFASBogR52Cemg+/NkHfb3Ct63roTJyzjdzT+Tk6jQXXSdvvffVcAnOTDkTC1v/TaHTrbT10P5frX0n9UZ9XFbdfQG6ad64px8DbLKs9b4utbvyB3CrE5UGrEyFIWc2FnN+OqAMj2f5RkxEoelwRlIKZZDDFIUbLnz4RZ6feZ5VW9Of/YddGOH4KkMiELY4Ufw5xl//7v53MoKB4NU/LVCxF+m7CdKCsNEYZ3hGzrlpeh54EB1VkiG2Y5t6gy2UCcGCWJSbdi9/sHsWkANt3yPpz0J4FIUtnF17xFWMYSt528Xn6bIpQaIEmLZzM+6c7QaOzISMWKmtosuUdH0xK5F3T/4EoHVZnDEOnsHc0qvY0gfyxkxPq0TWFM2dGDzbk6EZwXLV0wiYa+sZO4JYvRPpzrjER7W4xgPgrGbJHXml9EsbXTXILV8A2ywtoOFDt9Fws8deZrQWuNwhMcp70/Uh1RMhZIyIuJ9WJZV80YSzdr2K8C7pVDPfimhTZ9fMgstMe/vQanfMIDgFA332j4X3XUuCRq/hAJ9+mzyt+RqVt+BKlhsbUmKkc34FZNGy8nAN7dLawLdJ/yFPavH6NKWuAO9GajgavBlFyRIlICDwf5zhKOKqDXLjzS+1lDRktwWQHWLQ3P5NuO9U4uLTvFu9z4PvKwqmoXc95BGHc5c8NgkQsb4EMv7T9Ln+fd2ztI6s+/VAlGbvlk9i9KQjjKJtDCMX90AFOQ9f3HlltDj6ATn3wKipwTu2APB77oZYG7SuZtEkhpTBT+ORJXktkrnZrIUMptVWsI7z+ipZa7ko4ASoRNAAAAAgAEWDUwOQAABd0wggXZMIIDwaADAgECAhAMLNdBce6CO4Xx9KDqtCYPMA0GCSqGSIb3DQEBCwUAMGkxMjAwBgNVBAoTKUNhc3NhbmRyYSBLdWJlcm5ldGVzIE9wZXJhdG9yIEJ5IERhdGFzdGF4MTMwMQYDVQQDEyp0ZXN0LWNsdXN0ZXItY2Eta2V5c3RvcmUuY2Fzcy1vcGVyYXRvci5zdmMwHhcNMjQwMjI2MTkzMzQyWhcNMjUwMjI1MTkzMzQyWjBgMTIwMAYDVQQKEylDYXNzYW5kcmEgS3ViZXJuZXRlcyBPcGVyYXRvciBCeSBEYXRhc3RheDEqMCgGA1UEAxMhdGVzdC1jbHVzdGVyLmNhc3Mtb3BlcmF0b3IuY2Fzc2RjMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAtmr114IYH9WN6qSrBjSIuP3XP2m4vxpLw4Sl7u8bV19BeidSTiWYGa73fqAQ4uYSKfHWHrOdmy0s3C3A8FM1C7O3Z22yHIVlBVeBA2zN0Gl/E7m9+/qsviT5PwolT53MoqfOIQPV7BWsSdBe2QBJQmHsCj6dfPoWWqUab16dkq9mYLzBeANvu01R3YyJrKPk/Sg4s3kPryOcrH2B6si384ZnVCkupDp+S98rOotw5pW9wzpFGX4/Z1X8uq6o0FTVdL+K9y1i+ZroUaYbRDpwTc6lTVUN5CHCjFXuyavBYy1Rb9ugSehhBOCVtZkXNzln6RGVrG9Ae77vfaZlaK2vM4rDSC9oOQ67IYAQBvjuwea5zpR4NloJ29hgStjClHrXqzt6YjKEiC/JJB7E+S+ebqVw+1yEF5XhQ0mPo4prPA5eC7XWmarNTABvDYdid/95CwN263bLSQwjAWe9IM0M7sKg/9M6ibkBR6prc7CkaFSyiKdBKUSivwpCdnmpCdaQNjpgTEKMx28iJKQuK0jZZtfN/FiaVIuCIVU/1sgQpgX5RcG6V/Op0zeduoR+AryXYnAGCVQPYlZJ4hVKGiSvf6kXGtOLOOtsWebGVgjOANpdZqu97Jb8tW9xT5Ao7SiuXoY6oa4nneB9zQoG/YcgGfuuxz+jX6uMjRP1JAifF3sCAwEAAaOBhTCBgjAOBgNVHQ8BAf8EBAMCBaAwEwYDVR0lBAwwCgYIKwYBBQUHAwEwDAYDVR0TAQH/BAIwADAfBgNVHSMEGDAWgBSooaaZVk47wdd2FUf/qySFww8kpTAsBgNVHREEJTAjgiF0ZXN0LWNsdXN0ZXIuY2Fzcy1vcGVyYXRvci5jYXNzZGMwDQYJKoZIhvcNAQELBQADggIBAF5sL8ARkf7L5VIZY0J4LInw3Ete126ljRPIF7MfuRJfzWyqrzeCNIdMKkW58OzVjJ8dhOFhf8wCZTJbrNmIvnOYo0CJgPq6Ko5Ie9o6BthSx9S8BgoFFO6F89FPOPjAMf9rUMHJef/E5uPC4WaxfTlkxzbbxuyZe2do2RtXkY5MmkQka4hqpptb4uc13ZtDqc9lP9fehB5dSplIyVbTc8JH/CSZnj9E6gSYKQSUgZAWtLPHduB+SDxLJ1Rz6iQiJrrjiy7RXgkRYzyDZGejh9lUh7F+kE9+9k9r8/8tBjbIFo91kZTcm5wxdZhhXQmIiGWaOFacaqJ+TVhR+vwWc/VRVghmzMe0Xp1tmXOqsZE6H7P8sAdpkWou82/nhlPf/nq4VPy2JtR63cmFHM03RlUDviSsdJhN/yINdxXNV8iqfvsVzzuXZ8OHF/1lV61+iMZkz6HAeh07Ojk4zLpOJzOn756BfOjilUVkWx2pDMHsObW/YhW1wckbjyIuBtqqAnSHl68AUjojyhwJoQr2erZtSKSL96T6naDJFJaSjYvxDg748hyLXx2sc1dwU3hXzoqiQyrBedviY6kqZuv4eKxFas0nBvctmiDO/fTV0sB8PXOMryHDdYQgQKnKmECOj/clALF+r48a3i89vLN6VcsC2QHgrPQZauZqi87ArHVkAARYNTA5AAAF+zCCBfcwggPfoAMCAQICEF9fv5nBHzCQQ8kVfLHlFgIwDQYJKoZIhvcNAQELBQAwaTEyMDAGA1UEChMpQ2Fzc2FuZHJhIEt1YmVybmV0ZXMgT3BlcmF0b3IgQnkgRGF0YXN0YXgxMzAxBgNVBAMTKnRlc3QtY2x1c3Rlci1jYS1rZXlzdG9yZS5jYXNzLW9wZXJhdG9yLnN2YzAeFw0yNDAyMjYxOTMzMzBaFw0yNTAyMjUxOTMzMzBaMGkxMjAwBgNVBAoTKUNhc3NhbmRyYSBLdWJlcm5ldGVzIE9wZXJhdG9yIEJ5IERhdGFzdGF4MTMwMQYDVQQDEyp0ZXN0LWNsdXN0ZXItY2Eta2V5c3RvcmUuY2Fzcy1vcGVyYXRvci5zdmMwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQD48qS/ml/a0OoI6lpHbGLm0fKFZN1XC+K2+MztAbbVNMomtJgfogWMdEo3NmAXk6T+o9id0x25rVPPhYekPRpqdHoCYhJUjcs1WXC2kXgovtj/a2K1oKs/S/EMywdoTgYUN05/4i+H5IlNJT/r3iPx7rZs2F0IXtIFnTLYqea1ZjscLqTed3YbqTgFuHDgdOXARIptt5phtoOSiD2dUKINhcrTli4HFS1+UMkVMJElpjw82hQP3OAR86RdMuAfRn/6Y5FLwGBdrg+uAmS/3cZOfvvQ5R+5Q/A3+SH95Z3urHMZSi3rOG9Wnr4A9siTUhEJxQXczxoeo15h5KWlkGzGPFs23Ptx1lCH2L6vWDEF02ZJ/QPpRfH05znmOYG6ZmMv9GWvXtU/mHT+WdnSPZz4upFnIoiJE/Wzi+P3LxWBWajKKm5qIl1tF+Z7O3Wo3raOt0U/0g6LNBTaqcFcpXLBHrEDN5zwFoD9h+C+XDmLdDgwGPx00OIF/eNks3kvftKbRgnce6cs5+DeuV7WW03/zap9GVsMuWgHto9jwNf11FCe1SOV/VWx+9W5ErZjMAcEpIo5Hi3iMLOB3t+jMJuWUEj6J3eBjEIu0b4cNVYrtI61vkft1c72Galv7nFIWPCv70IeI1o7SAxPK8sTsXtVHqk4StoVUAv+1e6rigV15QIDAQABo4GaMIGXMA4GA1UdDwEB/wQEAwICpDATBgNVHSUEDDAKBggrBgEFBQcDATAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBSooaaZVk47wdd2FUf/qySFww8kpTBABgNVHREEOTA3gjVjYXNzYW5kcmFkYXRhY2VudGVyLXdlYmhvb2stc2VydmljZS5jYXNzLW9wZXJhdG9yLnN2YzANBgkqhkiG9w0BAQsFAAOCAgEAeZqyQQiVtWMx0n3u4eDh726iVYiHBA34Xc+N/uLUYXktfrei6e/CwE+xMbFc23u3XvqiYEFWhvEcF00tJhpqMK6m9cUbyDOp2LzT+Tbqy+zvfPIMEKWRaycMxn7Z6kLq0wERj0xbSJJuoEiTVx9ha/mpjvAj0075Lx9kbdVTB27JyPPzdEw7CrOKIWGEH1D6fhf4U+hD6UlETDhmtM7GmFeaGZ71Z8Uj5/NBwYVwTQTgNA4e2cKlwogJtS+ucwfByHvXx8U0TBXO3J1Tqpwgw0q37t8kb4+h3Bqo1/PfXvUg5JVukabqb0YSXmVt2vV6B+aDM2HH3UChZk8IRq9/UzAn3U2zRMhkJhLSYqi3oHXQWBrg5tSjsrOHE7mpoaF6PDaEDf6faFcwgalWrL9XxEdNX1/g6Dd5VlFS/V2pas79SmXfMHCQfVSS9nH1oO/wyPGXEpPyJcxHp4JQee/CoOb0woHAjKWG485CRl21g+PWf42dqcadEbSiziFtHHcxE8cCKYi9L33sid0YvCiorGbJAZr5qIP/hksmgnjbBTFPYM4kcV373c3fT9HQvRX0ooJv7kNhR0lmlQEsGeDCoO86M7Ax6wB2T3cH3pZsgeHJ7TmmFCEO2DA7ONWwlPggcDyzXOeGPYAvh23wXoTN2bfF3+AokO/9citKbbYi2kEAAAACAAJjYQAAAY3m6K0AAARYNTA5AAAF+zCCBfcwggPfoAMCAQICEF9fv5nBHzCQQ8kVfLHlFgIwDQYJKoZIhvcNAQELBQAwaTEyMDAGA1UEChMpQ2Fzc2FuZHJhIEt1YmVybmV0ZXMgT3BlcmF0b3IgQnkgRGF0YXN0YXgxMzAxBgNVBAMTKnRlc3QtY2x1c3Rlci1jYS1rZXlzdG9yZS5jYXNzLW9wZXJhdG9yLnN2YzAeFw0yNDAyMjYxOTMzMzBaFw0yNTAyMjUxOTMzMzBaMGkxMjAwBgNVBAoTKUNhc3NhbmRyYSBLdWJlcm5ldGVzIE9wZXJhdG9yIEJ5IERhdGFzdGF4MTMwMQYDVQQDEyp0ZXN0LWNsdXN0ZXItY2Eta2V5c3RvcmUuY2Fzcy1vcGVyYXRvci5zdmMwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQD48qS/ml/a0OoI6lpHbGLm0fKFZN1XC+K2+MztAbbVNMomtJgfogWMdEo3NmAXk6T+o9id0x25rVPPhYekPRpqdHoCYhJUjcs1WXC2kXgovtj/a2K1oKs/S/EMywdoTgYUN05/4i+H5IlNJT/r3iPx7rZs2F0IXtIFnTLYqea1ZjscLqTed3YbqTgFuHDgdOXARIptt5phtoOSiD2dUKINhcrTli4HFS1+UMkVMJElpjw82hQP3OAR86RdMuAfRn/6Y5FLwGBdrg+uAmS/3cZOfvvQ5R+5Q/A3+SH95Z3urHMZSi3rOG9Wnr4A9siTUhEJxQXczxoeo15h5KWlkGzGPFs23Ptx1lCH2L6vWDEF02ZJ/QPpRfH05znmOYG6ZmMv9GWvXtU/mHT+WdnSPZz4upFnIoiJE/Wzi+P3LxWBWajKKm5qIl1tF+Z7O3Wo3raOt0U/0g6LNBTaqcFcpXLBHrEDN5zwFoD9h+C+XDmLdDgwGPx00OIF/eNks3kvftKbRgnce6cs5+DeuV7WW03/zap9GVsMuWgHto9jwNf11FCe1SOV/VWx+9W5ErZjMAcEpIo5Hi3iMLOB3t+jMJuWUEj6J3eBjEIu0b4cNVYrtI61vkft1c72Galv7nFIWPCv70IeI1o7SAxPK8sTsXtVHqk4StoVUAv+1e6rigV15QIDAQABo4GaMIGXMA4GA1UdDwEB/wQEAwICpDATBgNVHSUEDDAKBggrBgEFBQcDATAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBSooaaZVk47wdd2FUf/qySFww8kpTBABgNVHREEOTA3gjVjYXNzYW5kcmFkYXRhY2VudGVyLXdlYmhvb2stc2VydmljZS5jYXNzLW9wZXJhdG9yLnN2YzANBgkqhkiG9w0BAQsFAAOCAgEAeZqyQQiVtWMx0n3u4eDh726iVYiHBA34Xc+N/uLUYXktfrei6e/CwE+xMbFc23u3XvqiYEFWhvEcF00tJhpqMK6m9cUbyDOp2LzT+Tbqy+zvfPIMEKWRaycMxn7Z6kLq0wERj0xbSJJuoEiTVx9ha/mpjvAj0075Lx9kbdVTB27JyPPzdEw7CrOKIWGEH1D6fhf4U+hD6UlETDhmtM7GmFeaGZ71Z8Uj5/NBwYVwTQTgNA4e2cKlwogJtS+ucwfByHvXx8U0TBXO3J1Tqpwgw0q37t8kb4+h3Bqo1/PfXvUg5JVukabqb0YSXmVt2vV6B+aDM2HH3UChZk8IRq9/UzAn3U2zRMhkJhLSYqi3oHXQWBrg5tSjsrOHE7mpoaF6PDaEDf6faFcwgalWrL9XxEdNX1/g6Dd5VlFS/V2pas79SmXfMHCQfVSS9nH1oO/wyPGXEpPyJcxHp4JQee/CoOb0woHAjKWG485CRl21g+PWf42dqcadEbSiziFtHHcxE8cCKYi9L33sid0YvCiorGbJAZr5qIP/hksmgnjbBTFPYM4kcV373c3fT9HQvRX0ooJv7kNhR0lmlQEsGeDCoO86M7Ax6wB2T3cH3pZsgeHJ7TmmFCEO2DA7ONWwlPggcDyzXOeGPYAvh23wXoTN2bfF3+AokO/9citKbbYi2kERsiTgKA05ZI/7bOerd7z0t94fLg==" + }, + "immutable": null, + "kind": null, + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:44+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:data": { + ".": {}, + "f:node-keystore.jks": {} + }, + "f:type": {} + }, + "manager": "manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:44+00:00" + } + ], + "name": "test-cluster-keystore", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1365", + "self_link": null, + "uid": "709ecc89-6979-4106-9453-c2705d2de5f3" + }, + "string_data": null, + "type": "Opaque" + }, + "webhook-server-cert": { + "api_version": null, + "data": { + "ca.crt": "-----BEGIN CERTIFICATE-----\nMIIDKzCCAhOgAwIBAgIRAOO104KqbTj3LO7fzPyTnd4wDQYJKoZIhvcNAQELBQAw\nADAeFw0yNDAyMjYxOTMyNDlaFw0yNDA1MjYxOTMyNDlaMAAwggEiMA0GCSqGSIb3\nDQEBAQUAA4IBDwAwggEKAoIBAQDU6NBYegOBz49CnCtwkfFrsg/xqOLtVvpKgiLT\np7coBseJydpxoepKDaNKqjcl9dzq9ckpRrNFjwqYbOo5qB/z84npvoqEZzdEFRCy\n17+liPLqzW7S6Hpy7Gciq6ytkl/UwZ2MN244alGyN4Jv/2yJ+9X5N7R2f2V2Iyg2\nz9XIjmQxJOoc28KbC9y4TXHNz1Yxpg+d1W+RhIvtSbWm6Fj9brpF854kPjSIsLI5\n11DmLO6aLXcmiiKd+wbuvv2fubus333sqQbKaIeHNPZpCoPfp54lgOcG8eN+sNpf\n9rcgJzND8ZJ0Q75EFSkdLZ71wZLchYxGiRhIEThKaAkJHs8DAgMBAAGjgZ8wgZww\nDgYDVR0PAQH/BAQDAgWgMAwGA1UdEwEB/wQCMAAwfAYDVR0RAQH/BHIwcIIvY2Fz\ncy1vcGVyYXRvci13ZWJob29rLXNlcnZpY2UuY2Fzcy1vcGVyYXRvci5zdmOCPWNh\nc3Mtb3BlcmF0b3Itd2ViaG9vay1zZXJ2aWNlLmNhc3Mtb3BlcmF0b3Iuc3ZjLmNs\ndXN0ZXIubG9jYWwwDQYJKoZIhvcNAQELBQADggEBAHfVgQEXhr9+w2lxRydmNqBu\nbOEhAB87lzlO3blIUUpQW6htBUV/Iu/eCysoSF/hTV5iI4hIvCWCwClPZ0FMEi9b\n+u1qqo589DqS0EjJZ617ODY9lidjUXUjTt/mXd9R+IvwkjKEcvQkolPARNzy/EtM\n7gdTZTXghmu58q3kWeebV86lfSivhpqY6RzqZbe/w1S100Uv68tdeEeb31YXf2fU\nUBZ3ddIiKcl7YGMIN/712ujhiKuCh0K7WnSH3Z9yVYW8ce8RLRuMqAywvzY2GYy6\ndTzvQwrosLw3jrObz1Y8E+5FkRGyRwvY3N52Vlr7H8QVrRsAMLcD4H4U0P/kvmQ=\n-----END CERTIFICATE-----\n", + "tls.crt": "-----BEGIN CERTIFICATE-----\nMIIDKzCCAhOgAwIBAgIRAOO104KqbTj3LO7fzPyTnd4wDQYJKoZIhvcNAQELBQAw\nADAeFw0yNDAyMjYxOTMyNDlaFw0yNDA1MjYxOTMyNDlaMAAwggEiMA0GCSqGSIb3\nDQEBAQUAA4IBDwAwggEKAoIBAQDU6NBYegOBz49CnCtwkfFrsg/xqOLtVvpKgiLT\np7coBseJydpxoepKDaNKqjcl9dzq9ckpRrNFjwqYbOo5qB/z84npvoqEZzdEFRCy\n17+liPLqzW7S6Hpy7Gciq6ytkl/UwZ2MN244alGyN4Jv/2yJ+9X5N7R2f2V2Iyg2\nz9XIjmQxJOoc28KbC9y4TXHNz1Yxpg+d1W+RhIvtSbWm6Fj9brpF854kPjSIsLI5\n11DmLO6aLXcmiiKd+wbuvv2fubus333sqQbKaIeHNPZpCoPfp54lgOcG8eN+sNpf\n9rcgJzND8ZJ0Q75EFSkdLZ71wZLchYxGiRhIEThKaAkJHs8DAgMBAAGjgZ8wgZww\nDgYDVR0PAQH/BAQDAgWgMAwGA1UdEwEB/wQCMAAwfAYDVR0RAQH/BHIwcIIvY2Fz\ncy1vcGVyYXRvci13ZWJob29rLXNlcnZpY2UuY2Fzcy1vcGVyYXRvci5zdmOCPWNh\nc3Mtb3BlcmF0b3Itd2ViaG9vay1zZXJ2aWNlLmNhc3Mtb3BlcmF0b3Iuc3ZjLmNs\ndXN0ZXIubG9jYWwwDQYJKoZIhvcNAQELBQADggEBAHfVgQEXhr9+w2lxRydmNqBu\nbOEhAB87lzlO3blIUUpQW6htBUV/Iu/eCysoSF/hTV5iI4hIvCWCwClPZ0FMEi9b\n+u1qqo589DqS0EjJZ617ODY9lidjUXUjTt/mXd9R+IvwkjKEcvQkolPARNzy/EtM\n7gdTZTXghmu58q3kWeebV86lfSivhpqY6RzqZbe/w1S100Uv68tdeEeb31YXf2fU\nUBZ3ddIiKcl7YGMIN/712ujhiKuCh0K7WnSH3Z9yVYW8ce8RLRuMqAywvzY2GYy6\ndTzvQwrosLw3jrObz1Y8E+5FkRGyRwvY3N52Vlr7H8QVrRsAMLcD4H4U0P/kvmQ=\n-----END CERTIFICATE-----\n", + "tls.key": "-----BEGIN RSA PRIVATE KEY-----\nMIIEowIBAAKCAQEA1OjQWHoDgc+PQpwrcJHxa7IP8aji7Vb6SoIi06e3KAbHicna\ncaHqSg2jSqo3JfXc6vXJKUazRY8KmGzqOagf8/OJ6b6KhGc3RBUQste/pYjy6s1u\n0uh6cuxnIqusrZJf1MGdjDduOGpRsjeCb/9sifvV+Te0dn9ldiMoNs/VyI5kMSTq\nHNvCmwvcuE1xzc9WMaYPndVvkYSL7Um1puhY/W66RfOeJD40iLCyOddQ5izumi13\nJooinfsG7r79n7m7rN997KkGymiHhzT2aQqD36eeJYDnBvHjfrDaX/a3ICczQ/GS\ndEO+RBUpHS2e9cGS3IWMRokYSBE4SmgJCR7PAwIDAQABAoIBAEW0MwHEcIF/Qpe8\nKTyhiziHA1FKyYCKiUb7dAt3TS99iLZDr5CkQeActukq8QMsizchYMpyqx6Kxh1B\nCy31LQDhKrWr/A18/Ur82oqyt7uqKl1VBINoOS6G1v0y10W8NkOhX8MYIq21oSmH\notyn8xD5sgP1iM+CxeT3faL0SDlwS8ZhgyDeU0YzW8BsXwID8HQHjL/O2U+kst2d\nhdieDLl/6wuoqrq6rw33aSrfE2VWNWculaZ7MMq0DAOkoih4SAhSXjUc0bDXxXS8\nDZC0pGHJXeb62yr420qoq0XJbzLDFA2VOMLd9AEh977MxHSaCTRZA65vY6EicZQA\napYc0wECgYEA4VlZ8AJvA8V6tnz9RpnGzIj/scEDUu0JspM8w614dKvd1bH3ySsA\nbvWVKFfMFZhJ98FvniX2oVLuohYguJYjeO6w3CG8qEmka6PxUBwWVUQXrFcqGvM2\n/MnY8n0Cx6O3MwAtvxLq4hQrtoawmhbPHjc4q8TfiwkLeYBjV/yRftkCgYEA8d5Q\n4H5wtHi1lqDGudOXr1zEI1vSxEXQ6oFfLsyHTyJDJDOIpEDD2/92g45Ujw7GM2TQ\n+cbp5aMwAzQNfxs3YFNX+trT2jxPZHjp5ejlCkJwEUz+Yj9mENqYQ7qdx3ElqKH1\nxDPVDjbnbsK5Tik54Rj1665L/Cd4EDo+viS1SzsCgYAkFWifU+Ru2CpEGlN8AJei\nnLVEw0FDAA2zeHwcYSSOmg6Vbz/cCHSzT8OoiBZ3xsDhWSoEStPpFRx8+8oVhIT9\nkkrjlMterxwS2FeFmlnBIXwg7nwhgJxncfK5MWdGjGKDWh35IJBXzx8IxRx2L/zO\nO81pQ8b/vl0GAZbmudyaUQKBgQCinveB+YGN1htBy5fSGZJDNfwqSfLMRKTTB2kX\n7iyL6F18WanlxiXqJTlp+qigBy78Hyziw/s/ixkdDkKE06fH/EGLSNZoRWScCTA6\nhPx6iXEQMNRY+oeFjXQTFcY/8rN/TmYQJUl65S92KTaudsmTr1SpwecVAvSW9JJ7\nBfNfQQKBgBlQtuzoL63QXunf2MS9+gLbWejrJpD1gtFcx220aYmo4I5iWylQWuIz\nZPUEbqzhO1bSclQUvkMnNDRZas2w1HGbIhbeqhVKAN+vk4xo/kqStdAkLoyByMVv\nGAUehndHgd6d72Sg/PT4prhWAtVrpriQ6i0pP6l6GY7bmX+CO9R6\n-----END RSA PRIVATE KEY-----\n" + }, + "immutable": null, + "kind": null, + "metadata": { + "annotations": { + "cert-manager.io/alt-names": "cass-operator-webhook-service.cass-operator.svc,cass-operator-webhook-service.cass-operator.svc.cluster.local", + "cert-manager.io/certificate-name": "cass-operator-serving-cert", + "cert-manager.io/common-name": "", + "cert-manager.io/ip-sans": "", + "cert-manager.io/issuer-group": "", + "cert-manager.io/issuer-kind": "Issuer", + "cert-manager.io/issuer-name": "cass-operator-selfsigned-issuer", + "cert-manager.io/uri-sans": "" + }, + "creation_timestamp": "2024-02-26T19:32:49+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:data": { + "f:ca.crt": {}, + "f:tls.crt": {}, + "f:tls.key": {} + }, + "f:metadata": { + "f:annotations": { + "f:cert-manager.io/alt-names": {}, + "f:cert-manager.io/certificate-name": {}, + "f:cert-manager.io/common-name": {}, + "f:cert-manager.io/ip-sans": {}, + "f:cert-manager.io/issuer-group": {}, + "f:cert-manager.io/issuer-kind": {}, + "f:cert-manager.io/issuer-name": {}, + "f:cert-manager.io/uri-sans": {} + } + }, + "f:type": {} + }, + "manager": "controller", + "operation": "Apply", + "subresource": null, + "time": "2024-02-26T19:32:49+00:00" + } + ], + "name": "webhook-server-cert", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1001", + "self_link": null, + "uid": "095a3203-e6c8-49d3-bfc0-05dfd4d04e3c" + }, + "string_data": null, + "type": "kubernetes.io/tls" + } + }, + "endpoints": { + "cass-operator-webhook-service": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:32:48+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:subsets": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:09+00:00" + } + ], + "name": "cass-operator-webhook-service", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1121", + "self_link": null, + "uid": "e405ae61-fa76-478c-9ccf-bf8396a4c870" + }, + "subsets": [ + { + "addresses": [ + { + "hostname": null, + "ip": "10.244.3.3", + "node_name": "acto-0-cluster-0-worker3", + "target_ref": { + "api_version": null, + "field_path": null, + "kind": "Pod", + "name": "cass-operator-controller-manager-7f9b66678b-z6j64", + "namespace": "cass-operator", + "resource_version": "1110", + "uid": "cb769fc5-2138-4ed6-a67a-6809b9982242" + } + } + ], + "not_ready_addresses": null, + "ports": [ + { + "app_protocol": null, + "name": null, + "port": 9443, + "protocol": "TCP" + } + ] + } + ] + }, + "cluster1-seed-service": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:30+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": { + "ACTOKEY": "ACTOKEY", + "app.kubernetes.io/instance": "cassandra-cluster1", + "app.kubernetes.io/managed-by": "cass-operator", + "app.kubernetes.io/name": "cassandra", + "app.kubernetes.io/version": "3.11.7", + "cassandra.datastax.com/cluster": "cluster1", + "service.kubernetes.io/headless": "" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:labels": { + ".": {}, + "f:ACTOKEY": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {}, + "f:app.kubernetes.io/version": {}, + "f:cassandra.datastax.com/cluster": {}, + "f:service.kubernetes.io/headless": {} + } + }, + "f:subsets": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:37:15+00:00" + } + ], + "name": "cluster1-seed-service", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "2205", + "self_link": null, + "uid": "7cc8c8ac-fd3e-4931-a465-36e3fd454685" + }, + "subsets": [ + { + "addresses": [ + { + "hostname": null, + "ip": "10.244.1.4", + "node_name": "acto-0-cluster-0-worker2", + "target_ref": { + "api_version": null, + "field_path": null, + "kind": "Pod", + "name": "cluster1-test-cluster-default-sts-0", + "namespace": "cass-operator", + "resource_version": "1581", + "uid": "e5322c75-6c05-4e97-90b8-c11bb1c04973" + } + }, + { + "hostname": null, + "ip": "10.244.2.5", + "node_name": "acto-0-cluster-0-worker", + "target_ref": { + "api_version": null, + "field_path": null, + "kind": "Pod", + "name": "cluster1-test-cluster-default-sts-1", + "namespace": "cass-operator", + "resource_version": "1976", + "uid": "142b87e9-242a-4cad-aa89-7164a010c1b0" + } + }, + { + "hostname": null, + "ip": "10.244.3.5", + "node_name": "acto-0-cluster-0-worker3", + "target_ref": { + "api_version": null, + "field_path": null, + "kind": "Pod", + "name": "cluster1-test-cluster-default-sts-2", + "namespace": "cass-operator", + "resource_version": "1793", + "uid": "939bdbbf-0ce4-4888-b71e-12983ba5c9aa" + } + } + ], + "not_ready_addresses": null, + "ports": null + } + ] + }, + "cluster1-test-cluster-all-pods-service": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": { + "endpoints.kubernetes.io/last-change-trigger-time": "2024-02-26T19:36:14Z" + }, + "creation_timestamp": "2024-02-26T19:33:30+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": { + "app.kubernetes.io/instance": "cassandra-cluster1", + "app.kubernetes.io/managed-by": "cass-operator", + "app.kubernetes.io/name": "cassandra", + "app.kubernetes.io/version": "3.11.7", + "cassandra.datastax.com/cluster": "cluster1", + "cassandra.datastax.com/datacenter": "test-cluster", + "cassandra.datastax.com/prom-metrics": "true", + "service.kubernetes.io/headless": "" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + ".": {}, + "f:endpoints.kubernetes.io/last-change-trigger-time": {} + }, + "f:labels": { + ".": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {}, + "f:app.kubernetes.io/version": {}, + "f:cassandra.datastax.com/cluster": {}, + "f:cassandra.datastax.com/datacenter": {}, + "f:cassandra.datastax.com/prom-metrics": {}, + "f:service.kubernetes.io/headless": {} + } + }, + "f:subsets": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:34:23+00:00" + } + ], + "name": "cluster1-test-cluster-all-pods-service", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1968", + "self_link": null, + "uid": "187bdfe8-5ecd-47db-a200-44d84b6ba723" + }, + "subsets": [ + { + "addresses": [ + { + "hostname": "cluster1-test-cluster-default-sts-0", + "ip": "10.244.1.4", + "node_name": "acto-0-cluster-0-worker2", + "target_ref": { + "api_version": null, + "field_path": null, + "kind": "Pod", + "name": "cluster1-test-cluster-default-sts-0", + "namespace": "cass-operator", + "resource_version": "1581", + "uid": "e5322c75-6c05-4e97-90b8-c11bb1c04973" + } + }, + { + "hostname": "cluster1-test-cluster-default-sts-1", + "ip": "10.244.2.5", + "node_name": "acto-0-cluster-0-worker", + "target_ref": { + "api_version": null, + "field_path": null, + "kind": "Pod", + "name": "cluster1-test-cluster-default-sts-1", + "namespace": "cass-operator", + "resource_version": "1965", + "uid": "142b87e9-242a-4cad-aa89-7164a010c1b0" + } + }, + { + "hostname": "cluster1-test-cluster-default-sts-2", + "ip": "10.244.3.5", + "node_name": "acto-0-cluster-0-worker3", + "target_ref": { + "api_version": null, + "field_path": null, + "kind": "Pod", + "name": "cluster1-test-cluster-default-sts-2", + "namespace": "cass-operator", + "resource_version": "1793", + "uid": "939bdbbf-0ce4-4888-b71e-12983ba5c9aa" + } + } + ], + "not_ready_addresses": null, + "ports": [ + { + "app_protocol": null, + "name": "native", + "port": 9042, + "protocol": "TCP" + }, + { + "app_protocol": null, + "name": "mgmt-api", + "port": 8080, + "protocol": "TCP" + }, + { + "app_protocol": null, + "name": "prometheus", + "port": 9103, + "protocol": "TCP" + } + ] + } + ] + }, + "cluster1-test-cluster-service": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": { + "endpoints.kubernetes.io/last-change-trigger-time": "2024-02-26T19:36:14Z" + }, + "creation_timestamp": "2024-02-26T19:33:30+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": { + "app.kubernetes.io/instance": "cassandra-cluster1", + "app.kubernetes.io/managed-by": "cass-operator", + "app.kubernetes.io/name": "cassandra", + "app.kubernetes.io/version": "3.11.7", + "cassandra.datastax.com/cluster": "cluster1", + "cassandra.datastax.com/datacenter": "test-cluster", + "service.kubernetes.io/headless": "" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + ".": {}, + "f:endpoints.kubernetes.io/last-change-trigger-time": {} + }, + "f:labels": { + ".": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {}, + "f:app.kubernetes.io/version": {}, + "f:cassandra.datastax.com/cluster": {}, + "f:cassandra.datastax.com/datacenter": {}, + "f:service.kubernetes.io/headless": {} + } + }, + "f:subsets": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:34:23+00:00" + } + ], + "name": "cluster1-test-cluster-service", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1966", + "self_link": null, + "uid": "279f15dd-d046-4501-a5a5-365b12a8c9a8" + }, + "subsets": [ + { + "addresses": [ + { + "hostname": null, + "ip": "10.244.1.4", + "node_name": "acto-0-cluster-0-worker2", + "target_ref": { + "api_version": null, + "field_path": null, + "kind": "Pod", + "name": "cluster1-test-cluster-default-sts-0", + "namespace": "cass-operator", + "resource_version": "1581", + "uid": "e5322c75-6c05-4e97-90b8-c11bb1c04973" + } + }, + { + "hostname": null, + "ip": "10.244.2.5", + "node_name": "acto-0-cluster-0-worker", + "target_ref": { + "api_version": null, + "field_path": null, + "kind": "Pod", + "name": "cluster1-test-cluster-default-sts-1", + "namespace": "cass-operator", + "resource_version": "1965", + "uid": "142b87e9-242a-4cad-aa89-7164a010c1b0" + } + }, + { + "hostname": null, + "ip": "10.244.3.5", + "node_name": "acto-0-cluster-0-worker3", + "target_ref": { + "api_version": null, + "field_path": null, + "kind": "Pod", + "name": "cluster1-test-cluster-default-sts-2", + "namespace": "cass-operator", + "resource_version": "1793", + "uid": "939bdbbf-0ce4-4888-b71e-12983ba5c9aa" + } + } + ], + "not_ready_addresses": null, + "ports": [ + { + "app_protocol": null, + "name": "tls-native", + "port": 9142, + "protocol": "TCP" + }, + { + "app_protocol": null, + "name": "native", + "port": 9042, + "protocol": "TCP" + }, + { + "app_protocol": null, + "name": "mgmt-api", + "port": 8080, + "protocol": "TCP" + }, + { + "app_protocol": null, + "name": "prometheus", + "port": 9103, + "protocol": "TCP" + }, + { + "app_protocol": null, + "name": "thrift", + "port": 9160, + "protocol": "TCP" + } + ] + } + ] + } + }, + "service_account": { + "cass-operator-controller-manager": { + "api_version": null, + "automount_service_account_token": null, + "image_pull_secrets": null, + "kind": null, + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:32:48+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": null, + "name": "cass-operator-controller-manager", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "956", + "self_link": null, + "uid": "5628ec65-235f-4db8-9828-ab8049e0af92" + }, + "secrets": [ + { + "api_version": null, + "field_path": null, + "kind": null, + "name": "cass-operator-controller-manager-token-78j4l", + "namespace": null, + "resource_version": null, + "uid": null + } + ] + }, + "default": { + "api_version": null, + "automount_service_account_token": null, + "image_pull_secrets": null, + "kind": null, + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:32:27+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": null, + "name": "default", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "738", + "self_link": null, + "uid": "b3fde095-7847-4277-9d68-1b6c28fa3d71" + }, + "secrets": [ + { + "api_version": null, + "field_path": null, + "kind": null, + "name": "default-token-85zgl", + "namespace": null, + "resource_version": null, + "uid": null + } + ] + } + }, + "job": {}, + "role": { + "cass-operator-leader-election-role": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:32:48+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "rbac.authorization.k8s.io/v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:rules": {} + }, + "manager": "kubectl", + "operation": "Apply", + "subresource": null, + "time": "2024-02-26T19:32:48+00:00" + } + ], + "name": "cass-operator-leader-election-role", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "952", + "self_link": null, + "uid": "8885366c-484d-40df-8586-c27476d9a5f3" + }, + "rules": [ + { + "api_groups": [ + "", + "coordination.k8s.io" + ], + "non_resource_ur_ls": null, + "resource_names": null, + "resources": [ + "configmaps", + "leases" + ], + "verbs": [ + "get", + "list", + "watch", + "create", + "update", + "patch", + "delete" + ] + }, + { + "api_groups": [ + "" + ], + "non_resource_ur_ls": null, + "resource_names": null, + "resources": [ + "events" + ], + "verbs": [ + "create", + "patch" + ] + } + ] + } + }, + "role_binding": { + "cass-operator-leader-election-rolebinding": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:32:48+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "rbac.authorization.k8s.io/v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:roleRef": {}, + "f:subjects": {} + }, + "manager": "kubectl", + "operation": "Apply", + "subresource": null, + "time": "2024-02-26T19:32:48+00:00" + } + ], + "name": "cass-operator-leader-election-rolebinding", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "957", + "self_link": null, + "uid": "86e9c8c8-1f9e-4033-897c-e2133a6aee61" + }, + "role_ref": { + "api_group": "rbac.authorization.k8s.io", + "kind": "Role", + "name": "cass-operator-leader-election-role" + }, + "subjects": [ + { + "api_group": null, + "kind": "ServiceAccount", + "name": "cass-operator-controller-manager", + "namespace": "cass-operator" + } + ] + } + }, + "custom_resource_spec": { + "additionalServiceConfig": { + "additionalSeedService": {}, + "allpodsService": {}, + "dcService": {}, + "nodePortService": {}, + "seedService": { + "additionalLabels": { + "ACTOKEY": "ACTOKEY" + } + } + }, + "clusterName": "cluster1", + "config": { + "cassandra-yaml": { + "authenticator": "org.apache.cassandra.auth.PasswordAuthenticator", + "authorizer": "org.apache.cassandra.auth.CassandraAuthorizer", + "role_manager": "org.apache.cassandra.auth.CassandraRoleManager" + }, + "jvm-options": { + "initial_heap_size": "800M", + "max_heap_size": "800M" + } + }, + "configBuilderResources": {}, + "managementApiAuth": { + "insecure": {} + }, + "resources": {}, + "serverType": "cassandra", + "serverVersion": "3.11.7", + "size": 3, + "storageConfig": { + "cassandraDataVolumeClaimSpec": { + "accessModes": [ + "ReadWriteOnce" + ], + "resources": { + "requests": { + "storage": "3Gi" + } + }, + "storageClassName": "server-storage" + } + }, + "systemLoggerResources": {} + }, + "custom_resource_status": { + "cassandraOperatorProgress": "Ready", + "conditions": [ + { + "lastTransitionTime": "2024-02-26T19:36:14Z", + "message": "", + "reason": "", + "status": "False", + "type": "Stopped" + }, + { + "lastTransitionTime": "2024-02-26T19:36:14Z", + "message": "", + "reason": "", + "status": "False", + "type": "ReplacingNodes" + }, + { + "lastTransitionTime": "2024-02-26T19:36:14Z", + "message": "", + "reason": "", + "status": "False", + "type": "Updating" + }, + { + "lastTransitionTime": "2024-02-26T19:36:14Z", + "message": "", + "reason": "", + "status": "False", + "type": "RollingRestart" + }, + { + "lastTransitionTime": "2024-02-26T19:36:14Z", + "message": "", + "reason": "", + "status": "False", + "type": "Resuming" + }, + { + "lastTransitionTime": "2024-02-26T19:36:14Z", + "message": "", + "reason": "", + "status": "False", + "type": "ScalingDown" + }, + { + "lastTransitionTime": "2024-02-26T19:36:14Z", + "message": "", + "reason": "", + "status": "True", + "type": "Valid" + }, + { + "lastTransitionTime": "2024-02-26T19:36:14Z", + "message": "", + "reason": "", + "status": "True", + "type": "Initialized" + }, + { + "lastTransitionTime": "2024-02-26T19:36:14Z", + "message": "", + "reason": "", + "status": "True", + "type": "Ready" + } + ], + "lastServerNodeStarted": "2024-02-26T19:35:24Z", + "nodeStatuses": { + "cluster1-test-cluster-default-sts-0": { + "hostID": "0279ff8f-464f-44ab-87ec-5e61a4ebab0e" + }, + "cluster1-test-cluster-default-sts-1": { + "hostID": "767e4881-4f9f-4375-a503-8f1496778265" + }, + "cluster1-test-cluster-default-sts-2": { + "hostID": "6488f37a-d640-490b-b66a-3afa7d021101" + } + }, + "observedGeneration": 2, + "quietPeriod": "2024-02-26T19:37:20Z", + "superUserUpserted": "2024-02-26T19:37:15Z", + "usersUpserted": "2024-02-26T19:37:15Z" + } +} diff --git a/docs/alarm_examples/true_alarm/system-state-002.json b/docs/alarm_examples/true_alarm/system-state-002.json new file mode 100644 index 0000000000..49eaa87b2f --- /dev/null +++ b/docs/alarm_examples/true_alarm/system-state-002.json @@ -0,0 +1,8501 @@ +{ + "pod": { + "cluster1-test-cluster-default-sts-0": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:30+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": "cluster1-test-cluster-default-sts-", + "generation": null, + "labels": { + "app.kubernetes.io/instance": "cassandra-cluster1", + "app.kubernetes.io/managed-by": "cass-operator", + "app.kubernetes.io/name": "cassandra", + "app.kubernetes.io/version": "3.11.7", + "cassandra.datastax.com/cluster": "cluster1", + "cassandra.datastax.com/datacenter": "test-cluster", + "cassandra.datastax.com/node-state": "Started", + "cassandra.datastax.com/rack": "default", + "cassandra.datastax.com/seed-node": "true", + "controller-revision-hash": "cluster1-test-cluster-default-sts-5d8d5c84f4", + "statefulset.kubernetes.io/pod-name": "cluster1-test-cluster-default-sts-0" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:generateName": {}, + "f:labels": { + ".": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {}, + "f:app.kubernetes.io/version": {}, + "f:cassandra.datastax.com/cluster": {}, + "f:cassandra.datastax.com/datacenter": {}, + "f:cassandra.datastax.com/rack": {}, + "f:controller-revision-hash": {}, + "f:statefulset.kubernetes.io/pod-name": {} + }, + "f:ownerReferences": { + ".": {}, + "k:{\"uid\":\"f34321ea-cb8c-422e-8e25-043ede05be43\"}": {} + } + }, + "f:spec": { + "f:affinity": { + ".": {}, + "f:podAntiAffinity": { + ".": {}, + "f:requiredDuringSchedulingIgnoredDuringExecution": {} + } + }, + "f:containers": { + "k:{\"name\":\"cassandra\"}": { + ".": {}, + "f:env": { + ".": {}, + "k:{\"name\":\"DSE_AUTO_CONF_OFF\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"DSE_MGMT_EXPLICIT_START\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"DS_LICENSE\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"MGMT_API_EXPLICIT_START\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"USE_MGMT_API\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + } + }, + "f:image": {}, + "f:imagePullPolicy": {}, + "f:lifecycle": { + ".": {}, + "f:preStop": { + ".": {}, + "f:exec": { + ".": {}, + "f:command": {} + } + } + }, + "f:livenessProbe": { + ".": {}, + "f:failureThreshold": {}, + "f:httpGet": { + ".": {}, + "f:path": {}, + "f:port": {}, + "f:scheme": {} + }, + "f:initialDelaySeconds": {}, + "f:periodSeconds": {}, + "f:successThreshold": {}, + "f:timeoutSeconds": {} + }, + "f:name": {}, + "f:ports": { + ".": {}, + "k:{\"containerPort\":7000,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + }, + "k:{\"containerPort\":7001,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + }, + "k:{\"containerPort\":7199,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + }, + "k:{\"containerPort\":8080,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + }, + "k:{\"containerPort\":9042,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + }, + "k:{\"containerPort\":9103,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + }, + "k:{\"containerPort\":9142,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + }, + "k:{\"containerPort\":9160,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + } + }, + "f:readinessProbe": { + ".": {}, + "f:failureThreshold": {}, + "f:httpGet": { + ".": {}, + "f:path": {}, + "f:port": {}, + "f:scheme": {} + }, + "f:initialDelaySeconds": {}, + "f:periodSeconds": {}, + "f:successThreshold": {}, + "f:timeoutSeconds": {} + }, + "f:resources": {}, + "f:terminationMessagePath": {}, + "f:terminationMessagePolicy": {}, + "f:volumeMounts": { + ".": {}, + "k:{\"mountPath\":\"/config\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {} + }, + "k:{\"mountPath\":\"/etc/encryption/\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {} + }, + "k:{\"mountPath\":\"/var/lib/cassandra\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {} + }, + "k:{\"mountPath\":\"/var/log/cassandra\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {} + } + } + }, + "k:{\"name\":\"server-system-logger\"}": { + ".": {}, + "f:image": {}, + "f:imagePullPolicy": {}, + "f:name": {}, + "f:resources": { + ".": {}, + "f:limits": { + ".": {}, + "f:cpu": {}, + "f:memory": {} + }, + "f:requests": { + ".": {}, + "f:cpu": {}, + "f:memory": {} + } + }, + "f:terminationMessagePath": {}, + "f:terminationMessagePolicy": {}, + "f:volumeMounts": { + ".": {}, + "k:{\"mountPath\":\"/var/log/cassandra\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {} + } + } + } + }, + "f:dnsPolicy": {}, + "f:enableServiceLinks": {}, + "f:hostname": {}, + "f:initContainers": { + ".": {}, + "k:{\"name\":\"server-config-init\"}": { + ".": {}, + "f:env": { + ".": {}, + "k:{\"name\":\"CONFIG_FILE_DATA\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"DSE_VERSION\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"HOST_IP\"}": { + ".": {}, + "f:name": {}, + "f:valueFrom": { + ".": {}, + "f:fieldRef": {} + } + }, + "k:{\"name\":\"POD_IP\"}": { + ".": {}, + "f:name": {}, + "f:valueFrom": { + ".": {}, + "f:fieldRef": {} + } + }, + "k:{\"name\":\"PRODUCT_NAME\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"PRODUCT_VERSION\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"RACK_NAME\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"USE_HOST_IP_FOR_BROADCAST\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + } + }, + "f:image": {}, + "f:imagePullPolicy": {}, + "f:name": {}, + "f:resources": { + ".": {}, + "f:limits": { + ".": {}, + "f:cpu": {}, + "f:memory": {} + }, + "f:requests": { + ".": {}, + "f:cpu": {}, + "f:memory": {} + } + }, + "f:terminationMessagePath": {}, + "f:terminationMessagePolicy": {}, + "f:volumeMounts": { + ".": {}, + "k:{\"mountPath\":\"/config\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {} + } + } + } + }, + "f:restartPolicy": {}, + "f:schedulerName": {}, + "f:securityContext": { + ".": {}, + "f:fsGroup": {}, + "f:runAsGroup": {}, + "f:runAsUser": {} + }, + "f:serviceAccount": {}, + "f:serviceAccountName": {}, + "f:subdomain": {}, + "f:terminationGracePeriodSeconds": {}, + "f:volumes": { + ".": {}, + "k:{\"name\":\"encryption-cred-storage\"}": { + ".": {}, + "f:name": {}, + "f:secret": { + ".": {}, + "f:defaultMode": {}, + "f:secretName": {} + } + }, + "k:{\"name\":\"server-config\"}": { + ".": {}, + "f:emptyDir": {}, + "f:name": {} + }, + "k:{\"name\":\"server-data\"}": { + ".": {}, + "f:name": {}, + "f:persistentVolumeClaim": { + ".": {}, + "f:claimName": {} + } + }, + "k:{\"name\":\"server-logs\"}": { + ".": {}, + "f:emptyDir": {}, + "f:name": {} + } + } + } + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:30+00:00" + }, + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:labels": { + "f:cassandra.datastax.com/node-state": {}, + "f:cassandra.datastax.com/seed-node": {} + } + } + }, + "manager": "manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:34:08+00:00" + }, + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:status": { + "f:conditions": { + "k:{\"type\":\"ContainersReady\"}": { + ".": {}, + "f:lastProbeTime": {}, + "f:lastTransitionTime": {}, + "f:status": {}, + "f:type": {} + }, + "k:{\"type\":\"Initialized\"}": { + ".": {}, + "f:lastProbeTime": {}, + "f:lastTransitionTime": {}, + "f:status": {}, + "f:type": {} + }, + "k:{\"type\":\"Ready\"}": { + ".": {}, + "f:lastProbeTime": {}, + "f:lastTransitionTime": {}, + "f:status": {}, + "f:type": {} + } + }, + "f:containerStatuses": {}, + "f:hostIP": {}, + "f:initContainerStatuses": {}, + "f:phase": {}, + "f:podIP": {}, + "f:podIPs": { + ".": {}, + "k:{\"ip\":\"10.244.1.4\"}": { + ".": {}, + "f:ip": {} + } + }, + "f:startTime": {} + } + }, + "manager": "Go-http-client", + "operation": "Update", + "subresource": "status", + "time": "2024-02-26T19:34:23+00:00" + } + ], + "name": "cluster1-test-cluster-default-sts-0", + "namespace": "cass-operator", + "owner_references": [ + { + "api_version": "apps/v1", + "block_owner_deletion": true, + "controller": true, + "kind": "StatefulSet", + "name": "cluster1-test-cluster-default-sts", + "uid": "f34321ea-cb8c-422e-8e25-043ede05be43" + } + ], + "resource_version": "1581", + "self_link": null, + "uid": "e5322c75-6c05-4e97-90b8-c11bb1c04973" + }, + "spec": { + "active_deadline_seconds": null, + "affinity": { + "node_affinity": null, + "pod_affinity": null, + "pod_anti_affinity": { + "preferred_during_scheduling_ignored_during_execution": null, + "required_during_scheduling_ignored_during_execution": [ + { + "label_selector": { + "match_expressions": [ + { + "key": "cassandra.datastax.com/cluster", + "operator": "Exists", + "values": null + }, + { + "key": "cassandra.datastax.com/datacenter", + "operator": "Exists", + "values": null + }, + { + "key": "cassandra.datastax.com/rack", + "operator": "Exists", + "values": null + } + ], + "match_labels": null + }, + "namespace_selector": null, + "namespaces": null, + "topology_key": "kubernetes.io/hostname" + } + ] + } + }, + "automount_service_account_token": null, + "containers": [ + { + "args": null, + "command": null, + "env": [ + { + "name": "DS_LICENSE", + "value": "accept", + "value_from": null + }, + { + "name": "DSE_AUTO_CONF_OFF", + "value": "all", + "value_from": null + }, + { + "name": "USE_MGMT_API", + "value": "true", + "value_from": null + }, + { + "name": "MGMT_API_EXPLICIT_START", + "value": "true", + "value_from": null + }, + { + "name": "DSE_MGMT_EXPLICIT_START", + "value": "true", + "value_from": null + } + ], + "env_from": null, + "image": "k8ssandra/cass-management-api:3.11.7", + "image_pull_policy": "IfNotPresent", + "lifecycle": { + "post_start": null, + "pre_stop": { + "_exec": { + "command": [ + "wget", + "--output-document", + "/dev/null", + "--no-check-certificate", + "--post-data=''", + "http://localhost:8080/api/v0/ops/node/drain" + ] + }, + "http_get": null, + "tcp_socket": null + } + }, + "liveness_probe": { + "_exec": null, + "failure_threshold": 3, + "grpc": null, + "http_get": { + "host": null, + "http_headers": null, + "path": "/api/v0/probes/liveness", + "port": 8080, + "scheme": "HTTP" + }, + "initial_delay_seconds": 15, + "period_seconds": 15, + "success_threshold": 1, + "tcp_socket": null, + "termination_grace_period_seconds": null, + "timeout_seconds": 1 + }, + "name": "cassandra", + "ports": [ + { + "container_port": 9042, + "host_ip": null, + "host_port": null, + "name": "native", + "protocol": "TCP" + }, + { + "container_port": 9142, + "host_ip": null, + "host_port": null, + "name": "tls-native", + "protocol": "TCP" + }, + { + "container_port": 7000, + "host_ip": null, + "host_port": null, + "name": "internode", + "protocol": "TCP" + }, + { + "container_port": 7001, + "host_ip": null, + "host_port": null, + "name": "tls-internode", + "protocol": "TCP" + }, + { + "container_port": 7199, + "host_ip": null, + "host_port": null, + "name": "jmx", + "protocol": "TCP" + }, + { + "container_port": 8080, + "host_ip": null, + "host_port": null, + "name": "mgmt-api-http", + "protocol": "TCP" + }, + { + "container_port": 9103, + "host_ip": null, + "host_port": null, + "name": "prometheus", + "protocol": "TCP" + }, + { + "container_port": 9160, + "host_ip": null, + "host_port": null, + "name": "thrift", + "protocol": "TCP" + } + ], + "readiness_probe": { + "_exec": null, + "failure_threshold": 3, + "grpc": null, + "http_get": { + "host": null, + "http_headers": null, + "path": "/api/v0/probes/readiness", + "port": 8080, + "scheme": "HTTP" + }, + "initial_delay_seconds": 20, + "period_seconds": 10, + "success_threshold": 1, + "tcp_socket": null, + "termination_grace_period_seconds": null, + "timeout_seconds": 1 + }, + "resources": { + "claims": null, + "limits": null, + "requests": null + }, + "security_context": null, + "startup_probe": null, + "stdin": null, + "stdin_once": null, + "termination_message_path": "/dev/termination-log", + "termination_message_policy": "File", + "tty": null, + "volume_devices": null, + "volume_mounts": [ + { + "mount_path": "/var/log/cassandra", + "mount_propagation": null, + "name": "server-logs", + "read_only": null, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/var/lib/cassandra", + "mount_propagation": null, + "name": "server-data", + "read_only": null, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/etc/encryption/", + "mount_propagation": null, + "name": "encryption-cred-storage", + "read_only": null, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/config", + "mount_propagation": null, + "name": "server-config", + "read_only": null, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/var/run/secrets/kubernetes.io/serviceaccount", + "mount_propagation": null, + "name": "kube-api-access-bv8fr", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + } + ], + "working_dir": null + }, + { + "args": null, + "command": null, + "env": null, + "env_from": null, + "image": "k8ssandra/system-logger:v1.10.3", + "image_pull_policy": "IfNotPresent", + "lifecycle": null, + "liveness_probe": null, + "name": "server-system-logger", + "ports": null, + "readiness_probe": null, + "resources": { + "claims": null, + "limits": { + "cpu": "100m", + "memory": "64M" + }, + "requests": { + "cpu": "100m", + "memory": "64M" + } + }, + "security_context": null, + "startup_probe": null, + "stdin": null, + "stdin_once": null, + "termination_message_path": "/dev/termination-log", + "termination_message_policy": "File", + "tty": null, + "volume_devices": null, + "volume_mounts": [ + { + "mount_path": "/var/log/cassandra", + "mount_propagation": null, + "name": "server-logs", + "read_only": null, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/var/run/secrets/kubernetes.io/serviceaccount", + "mount_propagation": null, + "name": "kube-api-access-bv8fr", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + } + ], + "working_dir": null + } + ], + "dns_config": null, + "dns_policy": "ClusterFirst", + "enable_service_links": true, + "ephemeral_containers": null, + "host_aliases": null, + "host_ipc": null, + "host_network": null, + "host_pid": null, + "host_users": null, + "hostname": "cluster1-test-cluster-default-sts-0", + "image_pull_secrets": null, + "init_containers": [ + { + "args": null, + "command": null, + "env": [ + { + "name": "POD_IP", + "value": null, + "value_from": { + "config_map_key_ref": null, + "field_ref": { + "api_version": "v1", + "field_path": "status.podIP" + }, + "resource_field_ref": null, + "secret_key_ref": null + } + }, + { + "name": "HOST_IP", + "value": null, + "value_from": { + "config_map_key_ref": null, + "field_ref": { + "api_version": "v1", + "field_path": "status.hostIP" + }, + "resource_field_ref": null, + "secret_key_ref": null + } + }, + { + "name": "USE_HOST_IP_FOR_BROADCAST", + "value": "false", + "value_from": null + }, + { + "name": "RACK_NAME", + "value": "default", + "value_from": null + }, + { + "name": "PRODUCT_VERSION", + "value": "3.11.7", + "value_from": null + }, + { + "name": "PRODUCT_NAME", + "value": "cassandra", + "value_from": null + }, + { + "name": "DSE_VERSION", + "value": "3.11.7", + "value_from": null + }, + { + "name": "CONFIG_FILE_DATA", + "value": "{\"cassandra-yaml\":{\"authenticator\":\"org.apache.cassandra.auth.PasswordAuthenticator\",\"authorizer\":\"org.apache.cassandra.auth.CassandraAuthorizer\",\"role_manager\":\"org.apache.cassandra.auth.CassandraRoleManager\"},\"cluster-info\":{\"name\":\"cluster1\",\"seeds\":\"cluster1-seed-service,cluster1-test-cluster-additional-seed-service\"},\"datacenter-info\":{\"graph-enabled\":0,\"name\":\"test-cluster\",\"solr-enabled\":0,\"spark-enabled\":0},\"jvm-options\":{\"initial_heap_size\":\"800M\",\"max_heap_size\":\"800M\"}}", + "value_from": null + } + ], + "env_from": null, + "image": "datastax/cass-config-builder:1.0.4-ubi7", + "image_pull_policy": "IfNotPresent", + "lifecycle": null, + "liveness_probe": null, + "name": "server-config-init", + "ports": null, + "readiness_probe": null, + "resources": { + "claims": null, + "limits": { + "cpu": "1", + "memory": "256M" + }, + "requests": { + "cpu": "1", + "memory": "256M" + } + }, + "security_context": null, + "startup_probe": null, + "stdin": null, + "stdin_once": null, + "termination_message_path": "/dev/termination-log", + "termination_message_policy": "File", + "tty": null, + "volume_devices": null, + "volume_mounts": [ + { + "mount_path": "/config", + "mount_propagation": null, + "name": "server-config", + "read_only": null, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/var/run/secrets/kubernetes.io/serviceaccount", + "mount_propagation": null, + "name": "kube-api-access-bv8fr", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + } + ], + "working_dir": null + } + ], + "node_name": "acto-0-cluster-0-worker2", + "node_selector": null, + "os": null, + "overhead": null, + "preemption_policy": "PreemptLowerPriority", + "priority": 0, + "priority_class_name": null, + "readiness_gates": null, + "resource_claims": null, + "restart_policy": "Always", + "runtime_class_name": null, + "scheduler_name": "default-scheduler", + "scheduling_gates": null, + "security_context": { + "fs_group": 999, + "fs_group_change_policy": null, + "run_as_group": 999, + "run_as_non_root": null, + "run_as_user": 999, + "se_linux_options": null, + "seccomp_profile": null, + "supplemental_groups": null, + "sysctls": null, + "windows_options": null + }, + "service_account": "default", + "service_account_name": "default", + "set_hostname_as_fqdn": null, + "share_process_namespace": null, + "subdomain": "cluster1-test-cluster-all-pods-service", + "termination_grace_period_seconds": 120, + "tolerations": [ + { + "effect": "NoExecute", + "key": "node.kubernetes.io/not-ready", + "operator": "Exists", + "toleration_seconds": 300, + "value": null + }, + { + "effect": "NoExecute", + "key": "node.kubernetes.io/unreachable", + "operator": "Exists", + "toleration_seconds": 300, + "value": null + } + ], + "topology_spread_constraints": null, + "volumes": [ + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "server-data", + "nfs": null, + "persistent_volume_claim": { + "claim_name": "server-data-cluster1-test-cluster-default-sts-0", + "read_only": null + }, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": null, + "empty_dir": { + "medium": null, + "size_limit": null + }, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "server-config", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": null, + "empty_dir": { + "medium": null, + "size_limit": null + }, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "server-logs", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "encryption-cred-storage", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": { + "default_mode": 420, + "items": null, + "optional": null, + "secret_name": "test-cluster-keystore" + }, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "kube-api-access-bv8fr", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": { + "default_mode": 420, + "sources": [ + { + "config_map": null, + "downward_api": null, + "secret": null, + "service_account_token": { + "audience": null, + "expiration_seconds": 3607, + "path": "token" + } + }, + { + "config_map": { + "items": [ + { + "key": "ca.crt", + "mode": null, + "path": "ca.crt" + } + ], + "name": "kube-root-ca.crt", + "optional": null + }, + "downward_api": null, + "secret": null, + "service_account_token": null + }, + { + "config_map": null, + "downward_api": { + "items": [ + { + "field_ref": { + "api_version": "v1", + "field_path": "metadata.namespace" + }, + "mode": null, + "path": "namespace", + "resource_field_ref": null + } + ] + }, + "secret": null, + "service_account_token": null + } + ] + }, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + } + ] + }, + "status": { + "conditions": [ + { + "last_probe_time": null, + "last_transition_time": "2024-02-26T19:33:52+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "Initialized" + }, + { + "last_probe_time": null, + "last_transition_time": "2024-02-26T19:34:23+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "Ready" + }, + { + "last_probe_time": null, + "last_transition_time": "2024-02-26T19:34:23+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "ContainersReady" + }, + { + "last_probe_time": null, + "last_transition_time": "2024-02-26T19:33:33+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "PodScheduled" + } + ], + "container_statuses": [ + { + "container_id": "containerd://6781899841b23cd996e6d3e8f3eb7e420b19c55a85ee722533b37956f1569510", + "image": "docker.io/k8ssandra/cass-management-api:3.11.7", + "image_id": "docker.io/library/import-2024-02-26@sha256:3c740a7979c8fdbade5e4a289fd9bd2518bddafb76c7135fff09fb049b91ec77", + "last_state": { + "running": null, + "terminated": null, + "waiting": null + }, + "name": "cassandra", + "ready": true, + "restart_count": 0, + "started": true, + "state": { + "running": { + "started_at": "2024-02-26T19:33:52+00:00" + }, + "terminated": null, + "waiting": null + } + }, + { + "container_id": "containerd://b440f9849e6af66780de051ba270a0aad909c4cd5c45cc27b8ff658c4729a85b", + "image": "docker.io/k8ssandra/system-logger:v1.10.3", + "image_id": "docker.io/library/import-2024-02-26@sha256:d7125862ace61780e73a267eb69aafd40aefe5f9aa4fa37c82728488d36afe34", + "last_state": { + "running": null, + "terminated": null, + "waiting": null + }, + "name": "server-system-logger", + "ready": true, + "restart_count": 0, + "started": true, + "state": { + "running": { + "started_at": "2024-02-26T19:33:52+00:00" + }, + "terminated": null, + "waiting": null + } + } + ], + "ephemeral_container_statuses": null, + "host_ip": "172.18.0.3", + "init_container_statuses": [ + { + "container_id": "containerd://8783e2ce5d431ff462c90cbe98e5c045aa3c63bb42625771dc5b4e7545fdef16", + "image": "docker.io/datastax/cass-config-builder:1.0.4-ubi7", + "image_id": "docker.io/library/import-2024-02-26@sha256:a2fd99198174a7e97d77e9146e5bc9aa096444b5f3ca71aba30c410661f4fec1", + "last_state": { + "running": null, + "terminated": null, + "waiting": null + }, + "name": "server-config-init", + "ready": true, + "restart_count": 0, + "started": null, + "state": { + "running": null, + "terminated": { + "container_id": "containerd://8783e2ce5d431ff462c90cbe98e5c045aa3c63bb42625771dc5b4e7545fdef16", + "exit_code": 0, + "finished_at": "2024-02-26T19:33:52+00:00", + "message": null, + "reason": "Completed", + "signal": null, + "started_at": "2024-02-26T19:33:49+00:00" + }, + "waiting": null + } + } + ], + "message": null, + "nominated_node_name": null, + "phase": "Running", + "pod_ip": "10.244.1.4", + "pod_i_ps": [ + { + "ip": "10.244.1.4" + } + ], + "qos_class": "Burstable", + "reason": null, + "start_time": "2024-02-26T19:33:33+00:00" + } + }, + "cluster1-test-cluster-default-sts-1": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:30+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": "cluster1-test-cluster-default-sts-", + "generation": null, + "labels": { + "app.kubernetes.io/instance": "cassandra-cluster1", + "app.kubernetes.io/managed-by": "cass-operator", + "app.kubernetes.io/name": "cassandra", + "app.kubernetes.io/version": "3.11.7", + "cassandra.datastax.com/cluster": "cluster1", + "cassandra.datastax.com/datacenter": "test-cluster", + "cassandra.datastax.com/node-state": "Started", + "cassandra.datastax.com/rack": "default", + "cassandra.datastax.com/seed-node": "true", + "controller-revision-hash": "cluster1-test-cluster-default-sts-5d8d5c84f4", + "statefulset.kubernetes.io/pod-name": "cluster1-test-cluster-default-sts-1" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:generateName": {}, + "f:labels": { + ".": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {}, + "f:app.kubernetes.io/version": {}, + "f:cassandra.datastax.com/cluster": {}, + "f:cassandra.datastax.com/datacenter": {}, + "f:cassandra.datastax.com/rack": {}, + "f:controller-revision-hash": {}, + "f:statefulset.kubernetes.io/pod-name": {} + }, + "f:ownerReferences": { + ".": {}, + "k:{\"uid\":\"f34321ea-cb8c-422e-8e25-043ede05be43\"}": {} + } + }, + "f:spec": { + "f:affinity": { + ".": {}, + "f:podAntiAffinity": { + ".": {}, + "f:requiredDuringSchedulingIgnoredDuringExecution": {} + } + }, + "f:containers": { + "k:{\"name\":\"cassandra\"}": { + ".": {}, + "f:env": { + ".": {}, + "k:{\"name\":\"DSE_AUTO_CONF_OFF\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"DSE_MGMT_EXPLICIT_START\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"DS_LICENSE\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"MGMT_API_EXPLICIT_START\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"USE_MGMT_API\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + } + }, + "f:image": {}, + "f:imagePullPolicy": {}, + "f:lifecycle": { + ".": {}, + "f:preStop": { + ".": {}, + "f:exec": { + ".": {}, + "f:command": {} + } + } + }, + "f:livenessProbe": { + ".": {}, + "f:failureThreshold": {}, + "f:httpGet": { + ".": {}, + "f:path": {}, + "f:port": {}, + "f:scheme": {} + }, + "f:initialDelaySeconds": {}, + "f:periodSeconds": {}, + "f:successThreshold": {}, + "f:timeoutSeconds": {} + }, + "f:name": {}, + "f:ports": { + ".": {}, + "k:{\"containerPort\":7000,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + }, + "k:{\"containerPort\":7001,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + }, + "k:{\"containerPort\":7199,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + }, + "k:{\"containerPort\":8080,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + }, + "k:{\"containerPort\":9042,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + }, + "k:{\"containerPort\":9103,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + }, + "k:{\"containerPort\":9142,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + }, + "k:{\"containerPort\":9160,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + } + }, + "f:readinessProbe": { + ".": {}, + "f:failureThreshold": {}, + "f:httpGet": { + ".": {}, + "f:path": {}, + "f:port": {}, + "f:scheme": {} + }, + "f:initialDelaySeconds": {}, + "f:periodSeconds": {}, + "f:successThreshold": {}, + "f:timeoutSeconds": {} + }, + "f:resources": {}, + "f:terminationMessagePath": {}, + "f:terminationMessagePolicy": {}, + "f:volumeMounts": { + ".": {}, + "k:{\"mountPath\":\"/config\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {} + }, + "k:{\"mountPath\":\"/etc/encryption/\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {} + }, + "k:{\"mountPath\":\"/var/lib/cassandra\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {} + }, + "k:{\"mountPath\":\"/var/log/cassandra\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {} + } + } + }, + "k:{\"name\":\"server-system-logger\"}": { + ".": {}, + "f:image": {}, + "f:imagePullPolicy": {}, + "f:name": {}, + "f:resources": { + ".": {}, + "f:limits": { + ".": {}, + "f:cpu": {}, + "f:memory": {} + }, + "f:requests": { + ".": {}, + "f:cpu": {}, + "f:memory": {} + } + }, + "f:terminationMessagePath": {}, + "f:terminationMessagePolicy": {}, + "f:volumeMounts": { + ".": {}, + "k:{\"mountPath\":\"/var/log/cassandra\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {} + } + } + } + }, + "f:dnsPolicy": {}, + "f:enableServiceLinks": {}, + "f:hostname": {}, + "f:initContainers": { + ".": {}, + "k:{\"name\":\"server-config-init\"}": { + ".": {}, + "f:env": { + ".": {}, + "k:{\"name\":\"CONFIG_FILE_DATA\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"DSE_VERSION\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"HOST_IP\"}": { + ".": {}, + "f:name": {}, + "f:valueFrom": { + ".": {}, + "f:fieldRef": {} + } + }, + "k:{\"name\":\"POD_IP\"}": { + ".": {}, + "f:name": {}, + "f:valueFrom": { + ".": {}, + "f:fieldRef": {} + } + }, + "k:{\"name\":\"PRODUCT_NAME\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"PRODUCT_VERSION\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"RACK_NAME\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"USE_HOST_IP_FOR_BROADCAST\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + } + }, + "f:image": {}, + "f:imagePullPolicy": {}, + "f:name": {}, + "f:resources": { + ".": {}, + "f:limits": { + ".": {}, + "f:cpu": {}, + "f:memory": {} + }, + "f:requests": { + ".": {}, + "f:cpu": {}, + "f:memory": {} + } + }, + "f:terminationMessagePath": {}, + "f:terminationMessagePolicy": {}, + "f:volumeMounts": { + ".": {}, + "k:{\"mountPath\":\"/config\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {} + } + } + } + }, + "f:restartPolicy": {}, + "f:schedulerName": {}, + "f:securityContext": { + ".": {}, + "f:fsGroup": {}, + "f:runAsGroup": {}, + "f:runAsUser": {} + }, + "f:serviceAccount": {}, + "f:serviceAccountName": {}, + "f:subdomain": {}, + "f:terminationGracePeriodSeconds": {}, + "f:volumes": { + ".": {}, + "k:{\"name\":\"encryption-cred-storage\"}": { + ".": {}, + "f:name": {}, + "f:secret": { + ".": {}, + "f:defaultMode": {}, + "f:secretName": {} + } + }, + "k:{\"name\":\"server-config\"}": { + ".": {}, + "f:emptyDir": {}, + "f:name": {} + }, + "k:{\"name\":\"server-data\"}": { + ".": {}, + "f:name": {}, + "f:persistentVolumeClaim": { + ".": {}, + "f:claimName": {} + } + }, + "k:{\"name\":\"server-logs\"}": { + ".": {}, + "f:emptyDir": {}, + "f:name": {} + } + } + } + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:30+00:00" + }, + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:status": { + "f:conditions": { + "k:{\"type\":\"ContainersReady\"}": { + ".": {}, + "f:lastProbeTime": {}, + "f:lastTransitionTime": {}, + "f:status": {}, + "f:type": {} + }, + "k:{\"type\":\"Initialized\"}": { + ".": {}, + "f:lastProbeTime": {}, + "f:lastTransitionTime": {}, + "f:status": {}, + "f:type": {} + }, + "k:{\"type\":\"Ready\"}": { + ".": {}, + "f:lastProbeTime": {}, + "f:lastTransitionTime": {}, + "f:status": {}, + "f:type": {} + } + }, + "f:containerStatuses": {}, + "f:hostIP": {}, + "f:initContainerStatuses": {}, + "f:phase": {}, + "f:podIP": {}, + "f:podIPs": { + ".": {}, + "k:{\"ip\":\"10.244.2.5\"}": { + ".": {}, + "f:ip": {} + } + }, + "f:startTime": {} + } + }, + "manager": "Go-http-client", + "operation": "Update", + "subresource": "status", + "time": "2024-02-26T19:36:14+00:00" + }, + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:labels": { + "f:cassandra.datastax.com/node-state": {}, + "f:cassandra.datastax.com/seed-node": {} + } + } + }, + "manager": "manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:36:14+00:00" + } + ], + "name": "cluster1-test-cluster-default-sts-1", + "namespace": "cass-operator", + "owner_references": [ + { + "api_version": "apps/v1", + "block_owner_deletion": true, + "controller": true, + "kind": "StatefulSet", + "name": "cluster1-test-cluster-default-sts", + "uid": "f34321ea-cb8c-422e-8e25-043ede05be43" + } + ], + "resource_version": "1976", + "self_link": null, + "uid": "142b87e9-242a-4cad-aa89-7164a010c1b0" + }, + "spec": { + "active_deadline_seconds": null, + "affinity": { + "node_affinity": null, + "pod_affinity": null, + "pod_anti_affinity": { + "preferred_during_scheduling_ignored_during_execution": null, + "required_during_scheduling_ignored_during_execution": [ + { + "label_selector": { + "match_expressions": [ + { + "key": "cassandra.datastax.com/cluster", + "operator": "Exists", + "values": null + }, + { + "key": "cassandra.datastax.com/datacenter", + "operator": "Exists", + "values": null + }, + { + "key": "cassandra.datastax.com/rack", + "operator": "Exists", + "values": null + } + ], + "match_labels": null + }, + "namespace_selector": null, + "namespaces": null, + "topology_key": "kubernetes.io/hostname" + } + ] + } + }, + "automount_service_account_token": null, + "containers": [ + { + "args": null, + "command": null, + "env": [ + { + "name": "DS_LICENSE", + "value": "accept", + "value_from": null + }, + { + "name": "DSE_AUTO_CONF_OFF", + "value": "all", + "value_from": null + }, + { + "name": "USE_MGMT_API", + "value": "true", + "value_from": null + }, + { + "name": "MGMT_API_EXPLICIT_START", + "value": "true", + "value_from": null + }, + { + "name": "DSE_MGMT_EXPLICIT_START", + "value": "true", + "value_from": null + } + ], + "env_from": null, + "image": "k8ssandra/cass-management-api:3.11.7", + "image_pull_policy": "IfNotPresent", + "lifecycle": { + "post_start": null, + "pre_stop": { + "_exec": { + "command": [ + "wget", + "--output-document", + "/dev/null", + "--no-check-certificate", + "--post-data=''", + "http://localhost:8080/api/v0/ops/node/drain" + ] + }, + "http_get": null, + "tcp_socket": null + } + }, + "liveness_probe": { + "_exec": null, + "failure_threshold": 3, + "grpc": null, + "http_get": { + "host": null, + "http_headers": null, + "path": "/api/v0/probes/liveness", + "port": 8080, + "scheme": "HTTP" + }, + "initial_delay_seconds": 15, + "period_seconds": 15, + "success_threshold": 1, + "tcp_socket": null, + "termination_grace_period_seconds": null, + "timeout_seconds": 1 + }, + "name": "cassandra", + "ports": [ + { + "container_port": 9042, + "host_ip": null, + "host_port": null, + "name": "native", + "protocol": "TCP" + }, + { + "container_port": 9142, + "host_ip": null, + "host_port": null, + "name": "tls-native", + "protocol": "TCP" + }, + { + "container_port": 7000, + "host_ip": null, + "host_port": null, + "name": "internode", + "protocol": "TCP" + }, + { + "container_port": 7001, + "host_ip": null, + "host_port": null, + "name": "tls-internode", + "protocol": "TCP" + }, + { + "container_port": 7199, + "host_ip": null, + "host_port": null, + "name": "jmx", + "protocol": "TCP" + }, + { + "container_port": 8080, + "host_ip": null, + "host_port": null, + "name": "mgmt-api-http", + "protocol": "TCP" + }, + { + "container_port": 9103, + "host_ip": null, + "host_port": null, + "name": "prometheus", + "protocol": "TCP" + }, + { + "container_port": 9160, + "host_ip": null, + "host_port": null, + "name": "thrift", + "protocol": "TCP" + } + ], + "readiness_probe": { + "_exec": null, + "failure_threshold": 3, + "grpc": null, + "http_get": { + "host": null, + "http_headers": null, + "path": "/api/v0/probes/readiness", + "port": 8080, + "scheme": "HTTP" + }, + "initial_delay_seconds": 20, + "period_seconds": 10, + "success_threshold": 1, + "tcp_socket": null, + "termination_grace_period_seconds": null, + "timeout_seconds": 1 + }, + "resources": { + "claims": null, + "limits": null, + "requests": null + }, + "security_context": null, + "startup_probe": null, + "stdin": null, + "stdin_once": null, + "termination_message_path": "/dev/termination-log", + "termination_message_policy": "File", + "tty": null, + "volume_devices": null, + "volume_mounts": [ + { + "mount_path": "/var/log/cassandra", + "mount_propagation": null, + "name": "server-logs", + "read_only": null, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/var/lib/cassandra", + "mount_propagation": null, + "name": "server-data", + "read_only": null, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/etc/encryption/", + "mount_propagation": null, + "name": "encryption-cred-storage", + "read_only": null, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/config", + "mount_propagation": null, + "name": "server-config", + "read_only": null, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/var/run/secrets/kubernetes.io/serviceaccount", + "mount_propagation": null, + "name": "kube-api-access-5qwsl", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + } + ], + "working_dir": null + }, + { + "args": null, + "command": null, + "env": null, + "env_from": null, + "image": "k8ssandra/system-logger:v1.10.3", + "image_pull_policy": "IfNotPresent", + "lifecycle": null, + "liveness_probe": null, + "name": "server-system-logger", + "ports": null, + "readiness_probe": null, + "resources": { + "claims": null, + "limits": { + "cpu": "100m", + "memory": "64M" + }, + "requests": { + "cpu": "100m", + "memory": "64M" + } + }, + "security_context": null, + "startup_probe": null, + "stdin": null, + "stdin_once": null, + "termination_message_path": "/dev/termination-log", + "termination_message_policy": "File", + "tty": null, + "volume_devices": null, + "volume_mounts": [ + { + "mount_path": "/var/log/cassandra", + "mount_propagation": null, + "name": "server-logs", + "read_only": null, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/var/run/secrets/kubernetes.io/serviceaccount", + "mount_propagation": null, + "name": "kube-api-access-5qwsl", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + } + ], + "working_dir": null + } + ], + "dns_config": null, + "dns_policy": "ClusterFirst", + "enable_service_links": true, + "ephemeral_containers": null, + "host_aliases": null, + "host_ipc": null, + "host_network": null, + "host_pid": null, + "host_users": null, + "hostname": "cluster1-test-cluster-default-sts-1", + "image_pull_secrets": null, + "init_containers": [ + { + "args": null, + "command": null, + "env": [ + { + "name": "POD_IP", + "value": null, + "value_from": { + "config_map_key_ref": null, + "field_ref": { + "api_version": "v1", + "field_path": "status.podIP" + }, + "resource_field_ref": null, + "secret_key_ref": null + } + }, + { + "name": "HOST_IP", + "value": null, + "value_from": { + "config_map_key_ref": null, + "field_ref": { + "api_version": "v1", + "field_path": "status.hostIP" + }, + "resource_field_ref": null, + "secret_key_ref": null + } + }, + { + "name": "USE_HOST_IP_FOR_BROADCAST", + "value": "false", + "value_from": null + }, + { + "name": "RACK_NAME", + "value": "default", + "value_from": null + }, + { + "name": "PRODUCT_VERSION", + "value": "3.11.7", + "value_from": null + }, + { + "name": "PRODUCT_NAME", + "value": "cassandra", + "value_from": null + }, + { + "name": "DSE_VERSION", + "value": "3.11.7", + "value_from": null + }, + { + "name": "CONFIG_FILE_DATA", + "value": "{\"cassandra-yaml\":{\"authenticator\":\"org.apache.cassandra.auth.PasswordAuthenticator\",\"authorizer\":\"org.apache.cassandra.auth.CassandraAuthorizer\",\"role_manager\":\"org.apache.cassandra.auth.CassandraRoleManager\"},\"cluster-info\":{\"name\":\"cluster1\",\"seeds\":\"cluster1-seed-service,cluster1-test-cluster-additional-seed-service\"},\"datacenter-info\":{\"graph-enabled\":0,\"name\":\"test-cluster\",\"solr-enabled\":0,\"spark-enabled\":0},\"jvm-options\":{\"initial_heap_size\":\"800M\",\"max_heap_size\":\"800M\"}}", + "value_from": null + } + ], + "env_from": null, + "image": "datastax/cass-config-builder:1.0.4-ubi7", + "image_pull_policy": "IfNotPresent", + "lifecycle": null, + "liveness_probe": null, + "name": "server-config-init", + "ports": null, + "readiness_probe": null, + "resources": { + "claims": null, + "limits": { + "cpu": "1", + "memory": "256M" + }, + "requests": { + "cpu": "1", + "memory": "256M" + } + }, + "security_context": null, + "startup_probe": null, + "stdin": null, + "stdin_once": null, + "termination_message_path": "/dev/termination-log", + "termination_message_policy": "File", + "tty": null, + "volume_devices": null, + "volume_mounts": [ + { + "mount_path": "/config", + "mount_propagation": null, + "name": "server-config", + "read_only": null, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/var/run/secrets/kubernetes.io/serviceaccount", + "mount_propagation": null, + "name": "kube-api-access-5qwsl", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + } + ], + "working_dir": null + } + ], + "node_name": "acto-0-cluster-0-worker", + "node_selector": null, + "os": null, + "overhead": null, + "preemption_policy": "PreemptLowerPriority", + "priority": 0, + "priority_class_name": null, + "readiness_gates": null, + "resource_claims": null, + "restart_policy": "Always", + "runtime_class_name": null, + "scheduler_name": "default-scheduler", + "scheduling_gates": null, + "security_context": { + "fs_group": 999, + "fs_group_change_policy": null, + "run_as_group": 999, + "run_as_non_root": null, + "run_as_user": 999, + "se_linux_options": null, + "seccomp_profile": null, + "supplemental_groups": null, + "sysctls": null, + "windows_options": null + }, + "service_account": "default", + "service_account_name": "default", + "set_hostname_as_fqdn": null, + "share_process_namespace": null, + "subdomain": "cluster1-test-cluster-all-pods-service", + "termination_grace_period_seconds": 120, + "tolerations": [ + { + "effect": "NoExecute", + "key": "node.kubernetes.io/not-ready", + "operator": "Exists", + "toleration_seconds": 300, + "value": null + }, + { + "effect": "NoExecute", + "key": "node.kubernetes.io/unreachable", + "operator": "Exists", + "toleration_seconds": 300, + "value": null + } + ], + "topology_spread_constraints": null, + "volumes": [ + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "server-data", + "nfs": null, + "persistent_volume_claim": { + "claim_name": "server-data-cluster1-test-cluster-default-sts-1", + "read_only": null + }, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": null, + "empty_dir": { + "medium": null, + "size_limit": null + }, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "server-config", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": null, + "empty_dir": { + "medium": null, + "size_limit": null + }, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "server-logs", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "encryption-cred-storage", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": { + "default_mode": 420, + "items": null, + "optional": null, + "secret_name": "test-cluster-keystore" + }, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "kube-api-access-5qwsl", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": { + "default_mode": 420, + "sources": [ + { + "config_map": null, + "downward_api": null, + "secret": null, + "service_account_token": { + "audience": null, + "expiration_seconds": 3607, + "path": "token" + } + }, + { + "config_map": { + "items": [ + { + "key": "ca.crt", + "mode": null, + "path": "ca.crt" + } + ], + "name": "kube-root-ca.crt", + "optional": null + }, + "downward_api": null, + "secret": null, + "service_account_token": null + }, + { + "config_map": null, + "downward_api": { + "items": [ + { + "field_ref": { + "api_version": "v1", + "field_path": "metadata.namespace" + }, + "mode": null, + "path": "namespace", + "resource_field_ref": null + } + ] + }, + "secret": null, + "service_account_token": null + } + ] + }, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + } + ] + }, + "status": { + "conditions": [ + { + "last_probe_time": null, + "last_transition_time": "2024-02-26T19:33:53+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "Initialized" + }, + { + "last_probe_time": null, + "last_transition_time": "2024-02-26T19:36:14+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "Ready" + }, + { + "last_probe_time": null, + "last_transition_time": "2024-02-26T19:36:14+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "ContainersReady" + }, + { + "last_probe_time": null, + "last_transition_time": "2024-02-26T19:33:34+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "PodScheduled" + } + ], + "container_statuses": [ + { + "container_id": "containerd://e27a1c201fa1ecb46b015512bae5ba8f2be69fe6b44c7fd88f737e19adc75e21", + "image": "docker.io/k8ssandra/cass-management-api:3.11.7", + "image_id": "docker.io/library/import-2024-02-26@sha256:3c740a7979c8fdbade5e4a289fd9bd2518bddafb76c7135fff09fb049b91ec77", + "last_state": { + "running": null, + "terminated": null, + "waiting": null + }, + "name": "cassandra", + "ready": true, + "restart_count": 0, + "started": true, + "state": { + "running": { + "started_at": "2024-02-26T19:33:53+00:00" + }, + "terminated": null, + "waiting": null + } + }, + { + "container_id": "containerd://d2138e6ad02d0ba6a187f65720347f0c8bc4cb0642a0e91d5ac1ea571ecbf725", + "image": "docker.io/k8ssandra/system-logger:v1.10.3", + "image_id": "docker.io/library/import-2024-02-26@sha256:d7125862ace61780e73a267eb69aafd40aefe5f9aa4fa37c82728488d36afe34", + "last_state": { + "running": null, + "terminated": null, + "waiting": null + }, + "name": "server-system-logger", + "ready": true, + "restart_count": 0, + "started": true, + "state": { + "running": { + "started_at": "2024-02-26T19:33:54+00:00" + }, + "terminated": null, + "waiting": null + } + } + ], + "ephemeral_container_statuses": null, + "host_ip": "172.18.0.5", + "init_container_statuses": [ + { + "container_id": "containerd://fbc9b2c3d327d1ca5c482158e10098ace29b54eb27a353bd3cb9098170956407", + "image": "docker.io/datastax/cass-config-builder:1.0.4-ubi7", + "image_id": "docker.io/library/import-2024-02-26@sha256:a2fd99198174a7e97d77e9146e5bc9aa096444b5f3ca71aba30c410661f4fec1", + "last_state": { + "running": null, + "terminated": null, + "waiting": null + }, + "name": "server-config-init", + "ready": true, + "restart_count": 0, + "started": null, + "state": { + "running": null, + "terminated": { + "container_id": "containerd://fbc9b2c3d327d1ca5c482158e10098ace29b54eb27a353bd3cb9098170956407", + "exit_code": 0, + "finished_at": "2024-02-26T19:33:52+00:00", + "message": null, + "reason": "Completed", + "signal": null, + "started_at": "2024-02-26T19:33:50+00:00" + }, + "waiting": null + } + } + ], + "message": null, + "nominated_node_name": null, + "phase": "Running", + "pod_ip": "10.244.2.5", + "pod_i_ps": [ + { + "ip": "10.244.2.5" + } + ], + "qos_class": "Burstable", + "reason": null, + "start_time": "2024-02-26T19:33:34+00:00" + } + }, + "cluster1-test-cluster-default-sts-2": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:30+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": "cluster1-test-cluster-default-sts-", + "generation": null, + "labels": { + "app.kubernetes.io/instance": "cassandra-cluster1", + "app.kubernetes.io/managed-by": "cass-operator", + "app.kubernetes.io/name": "cassandra", + "app.kubernetes.io/version": "3.11.7", + "cassandra.datastax.com/cluster": "cluster1", + "cassandra.datastax.com/datacenter": "test-cluster", + "cassandra.datastax.com/node-state": "Started", + "cassandra.datastax.com/rack": "default", + "cassandra.datastax.com/seed-node": "true", + "controller-revision-hash": "cluster1-test-cluster-default-sts-5d8d5c84f4", + "statefulset.kubernetes.io/pod-name": "cluster1-test-cluster-default-sts-2" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:generateName": {}, + "f:labels": { + ".": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {}, + "f:app.kubernetes.io/version": {}, + "f:cassandra.datastax.com/cluster": {}, + "f:cassandra.datastax.com/datacenter": {}, + "f:cassandra.datastax.com/rack": {}, + "f:controller-revision-hash": {}, + "f:statefulset.kubernetes.io/pod-name": {} + }, + "f:ownerReferences": { + ".": {}, + "k:{\"uid\":\"f34321ea-cb8c-422e-8e25-043ede05be43\"}": {} + } + }, + "f:spec": { + "f:affinity": { + ".": {}, + "f:podAntiAffinity": { + ".": {}, + "f:requiredDuringSchedulingIgnoredDuringExecution": {} + } + }, + "f:containers": { + "k:{\"name\":\"cassandra\"}": { + ".": {}, + "f:env": { + ".": {}, + "k:{\"name\":\"DSE_AUTO_CONF_OFF\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"DSE_MGMT_EXPLICIT_START\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"DS_LICENSE\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"MGMT_API_EXPLICIT_START\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"USE_MGMT_API\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + } + }, + "f:image": {}, + "f:imagePullPolicy": {}, + "f:lifecycle": { + ".": {}, + "f:preStop": { + ".": {}, + "f:exec": { + ".": {}, + "f:command": {} + } + } + }, + "f:livenessProbe": { + ".": {}, + "f:failureThreshold": {}, + "f:httpGet": { + ".": {}, + "f:path": {}, + "f:port": {}, + "f:scheme": {} + }, + "f:initialDelaySeconds": {}, + "f:periodSeconds": {}, + "f:successThreshold": {}, + "f:timeoutSeconds": {} + }, + "f:name": {}, + "f:ports": { + ".": {}, + "k:{\"containerPort\":7000,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + }, + "k:{\"containerPort\":7001,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + }, + "k:{\"containerPort\":7199,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + }, + "k:{\"containerPort\":8080,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + }, + "k:{\"containerPort\":9042,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + }, + "k:{\"containerPort\":9103,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + }, + "k:{\"containerPort\":9142,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + }, + "k:{\"containerPort\":9160,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + } + }, + "f:readinessProbe": { + ".": {}, + "f:failureThreshold": {}, + "f:httpGet": { + ".": {}, + "f:path": {}, + "f:port": {}, + "f:scheme": {} + }, + "f:initialDelaySeconds": {}, + "f:periodSeconds": {}, + "f:successThreshold": {}, + "f:timeoutSeconds": {} + }, + "f:resources": {}, + "f:terminationMessagePath": {}, + "f:terminationMessagePolicy": {}, + "f:volumeMounts": { + ".": {}, + "k:{\"mountPath\":\"/config\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {} + }, + "k:{\"mountPath\":\"/etc/encryption/\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {} + }, + "k:{\"mountPath\":\"/var/lib/cassandra\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {} + }, + "k:{\"mountPath\":\"/var/log/cassandra\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {} + } + } + }, + "k:{\"name\":\"server-system-logger\"}": { + ".": {}, + "f:image": {}, + "f:imagePullPolicy": {}, + "f:name": {}, + "f:resources": { + ".": {}, + "f:limits": { + ".": {}, + "f:cpu": {}, + "f:memory": {} + }, + "f:requests": { + ".": {}, + "f:cpu": {}, + "f:memory": {} + } + }, + "f:terminationMessagePath": {}, + "f:terminationMessagePolicy": {}, + "f:volumeMounts": { + ".": {}, + "k:{\"mountPath\":\"/var/log/cassandra\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {} + } + } + } + }, + "f:dnsPolicy": {}, + "f:enableServiceLinks": {}, + "f:hostname": {}, + "f:initContainers": { + ".": {}, + "k:{\"name\":\"server-config-init\"}": { + ".": {}, + "f:env": { + ".": {}, + "k:{\"name\":\"CONFIG_FILE_DATA\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"DSE_VERSION\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"HOST_IP\"}": { + ".": {}, + "f:name": {}, + "f:valueFrom": { + ".": {}, + "f:fieldRef": {} + } + }, + "k:{\"name\":\"POD_IP\"}": { + ".": {}, + "f:name": {}, + "f:valueFrom": { + ".": {}, + "f:fieldRef": {} + } + }, + "k:{\"name\":\"PRODUCT_NAME\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"PRODUCT_VERSION\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"RACK_NAME\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"USE_HOST_IP_FOR_BROADCAST\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + } + }, + "f:image": {}, + "f:imagePullPolicy": {}, + "f:name": {}, + "f:resources": { + ".": {}, + "f:limits": { + ".": {}, + "f:cpu": {}, + "f:memory": {} + }, + "f:requests": { + ".": {}, + "f:cpu": {}, + "f:memory": {} + } + }, + "f:terminationMessagePath": {}, + "f:terminationMessagePolicy": {}, + "f:volumeMounts": { + ".": {}, + "k:{\"mountPath\":\"/config\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {} + } + } + } + }, + "f:restartPolicy": {}, + "f:schedulerName": {}, + "f:securityContext": { + ".": {}, + "f:fsGroup": {}, + "f:runAsGroup": {}, + "f:runAsUser": {} + }, + "f:serviceAccount": {}, + "f:serviceAccountName": {}, + "f:subdomain": {}, + "f:terminationGracePeriodSeconds": {}, + "f:volumes": { + ".": {}, + "k:{\"name\":\"encryption-cred-storage\"}": { + ".": {}, + "f:name": {}, + "f:secret": { + ".": {}, + "f:defaultMode": {}, + "f:secretName": {} + } + }, + "k:{\"name\":\"server-config\"}": { + ".": {}, + "f:emptyDir": {}, + "f:name": {} + }, + "k:{\"name\":\"server-data\"}": { + ".": {}, + "f:name": {}, + "f:persistentVolumeClaim": { + ".": {}, + "f:claimName": {} + } + }, + "k:{\"name\":\"server-logs\"}": { + ".": {}, + "f:emptyDir": {}, + "f:name": {} + } + } + } + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:30+00:00" + }, + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:status": { + "f:conditions": { + "k:{\"type\":\"ContainersReady\"}": { + ".": {}, + "f:lastProbeTime": {}, + "f:lastTransitionTime": {}, + "f:status": {}, + "f:type": {} + }, + "k:{\"type\":\"Initialized\"}": { + ".": {}, + "f:lastProbeTime": {}, + "f:lastTransitionTime": {}, + "f:status": {}, + "f:type": {} + }, + "k:{\"type\":\"Ready\"}": { + ".": {}, + "f:lastProbeTime": {}, + "f:lastTransitionTime": {}, + "f:status": {}, + "f:type": {} + } + }, + "f:containerStatuses": {}, + "f:hostIP": {}, + "f:initContainerStatuses": {}, + "f:phase": {}, + "f:podIP": {}, + "f:podIPs": { + ".": {}, + "k:{\"ip\":\"10.244.3.5\"}": { + ".": {}, + "f:ip": {} + } + }, + "f:startTime": {} + } + }, + "manager": "Go-http-client", + "operation": "Update", + "subresource": "status", + "time": "2024-02-26T19:35:24+00:00" + }, + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:labels": { + "f:cassandra.datastax.com/node-state": {}, + "f:cassandra.datastax.com/seed-node": {} + } + } + }, + "manager": "manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:35:24+00:00" + } + ], + "name": "cluster1-test-cluster-default-sts-2", + "namespace": "cass-operator", + "owner_references": [ + { + "api_version": "apps/v1", + "block_owner_deletion": true, + "controller": true, + "kind": "StatefulSet", + "name": "cluster1-test-cluster-default-sts", + "uid": "f34321ea-cb8c-422e-8e25-043ede05be43" + } + ], + "resource_version": "1793", + "self_link": null, + "uid": "939bdbbf-0ce4-4888-b71e-12983ba5c9aa" + }, + "spec": { + "active_deadline_seconds": null, + "affinity": { + "node_affinity": null, + "pod_affinity": null, + "pod_anti_affinity": { + "preferred_during_scheduling_ignored_during_execution": null, + "required_during_scheduling_ignored_during_execution": [ + { + "label_selector": { + "match_expressions": [ + { + "key": "cassandra.datastax.com/cluster", + "operator": "Exists", + "values": null + }, + { + "key": "cassandra.datastax.com/datacenter", + "operator": "Exists", + "values": null + }, + { + "key": "cassandra.datastax.com/rack", + "operator": "Exists", + "values": null + } + ], + "match_labels": null + }, + "namespace_selector": null, + "namespaces": null, + "topology_key": "kubernetes.io/hostname" + } + ] + } + }, + "automount_service_account_token": null, + "containers": [ + { + "args": null, + "command": null, + "env": [ + { + "name": "DS_LICENSE", + "value": "accept", + "value_from": null + }, + { + "name": "DSE_AUTO_CONF_OFF", + "value": "all", + "value_from": null + }, + { + "name": "USE_MGMT_API", + "value": "true", + "value_from": null + }, + { + "name": "MGMT_API_EXPLICIT_START", + "value": "true", + "value_from": null + }, + { + "name": "DSE_MGMT_EXPLICIT_START", + "value": "true", + "value_from": null + } + ], + "env_from": null, + "image": "k8ssandra/cass-management-api:3.11.7", + "image_pull_policy": "IfNotPresent", + "lifecycle": { + "post_start": null, + "pre_stop": { + "_exec": { + "command": [ + "wget", + "--output-document", + "/dev/null", + "--no-check-certificate", + "--post-data=''", + "http://localhost:8080/api/v0/ops/node/drain" + ] + }, + "http_get": null, + "tcp_socket": null + } + }, + "liveness_probe": { + "_exec": null, + "failure_threshold": 3, + "grpc": null, + "http_get": { + "host": null, + "http_headers": null, + "path": "/api/v0/probes/liveness", + "port": 8080, + "scheme": "HTTP" + }, + "initial_delay_seconds": 15, + "period_seconds": 15, + "success_threshold": 1, + "tcp_socket": null, + "termination_grace_period_seconds": null, + "timeout_seconds": 1 + }, + "name": "cassandra", + "ports": [ + { + "container_port": 9042, + "host_ip": null, + "host_port": null, + "name": "native", + "protocol": "TCP" + }, + { + "container_port": 9142, + "host_ip": null, + "host_port": null, + "name": "tls-native", + "protocol": "TCP" + }, + { + "container_port": 7000, + "host_ip": null, + "host_port": null, + "name": "internode", + "protocol": "TCP" + }, + { + "container_port": 7001, + "host_ip": null, + "host_port": null, + "name": "tls-internode", + "protocol": "TCP" + }, + { + "container_port": 7199, + "host_ip": null, + "host_port": null, + "name": "jmx", + "protocol": "TCP" + }, + { + "container_port": 8080, + "host_ip": null, + "host_port": null, + "name": "mgmt-api-http", + "protocol": "TCP" + }, + { + "container_port": 9103, + "host_ip": null, + "host_port": null, + "name": "prometheus", + "protocol": "TCP" + }, + { + "container_port": 9160, + "host_ip": null, + "host_port": null, + "name": "thrift", + "protocol": "TCP" + } + ], + "readiness_probe": { + "_exec": null, + "failure_threshold": 3, + "grpc": null, + "http_get": { + "host": null, + "http_headers": null, + "path": "/api/v0/probes/readiness", + "port": 8080, + "scheme": "HTTP" + }, + "initial_delay_seconds": 20, + "period_seconds": 10, + "success_threshold": 1, + "tcp_socket": null, + "termination_grace_period_seconds": null, + "timeout_seconds": 1 + }, + "resources": { + "claims": null, + "limits": null, + "requests": null + }, + "security_context": null, + "startup_probe": null, + "stdin": null, + "stdin_once": null, + "termination_message_path": "/dev/termination-log", + "termination_message_policy": "File", + "tty": null, + "volume_devices": null, + "volume_mounts": [ + { + "mount_path": "/var/log/cassandra", + "mount_propagation": null, + "name": "server-logs", + "read_only": null, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/var/lib/cassandra", + "mount_propagation": null, + "name": "server-data", + "read_only": null, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/etc/encryption/", + "mount_propagation": null, + "name": "encryption-cred-storage", + "read_only": null, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/config", + "mount_propagation": null, + "name": "server-config", + "read_only": null, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/var/run/secrets/kubernetes.io/serviceaccount", + "mount_propagation": null, + "name": "kube-api-access-7nwkq", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + } + ], + "working_dir": null + }, + { + "args": null, + "command": null, + "env": null, + "env_from": null, + "image": "k8ssandra/system-logger:v1.10.3", + "image_pull_policy": "IfNotPresent", + "lifecycle": null, + "liveness_probe": null, + "name": "server-system-logger", + "ports": null, + "readiness_probe": null, + "resources": { + "claims": null, + "limits": { + "cpu": "100m", + "memory": "64M" + }, + "requests": { + "cpu": "100m", + "memory": "64M" + } + }, + "security_context": null, + "startup_probe": null, + "stdin": null, + "stdin_once": null, + "termination_message_path": "/dev/termination-log", + "termination_message_policy": "File", + "tty": null, + "volume_devices": null, + "volume_mounts": [ + { + "mount_path": "/var/log/cassandra", + "mount_propagation": null, + "name": "server-logs", + "read_only": null, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/var/run/secrets/kubernetes.io/serviceaccount", + "mount_propagation": null, + "name": "kube-api-access-7nwkq", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + } + ], + "working_dir": null + } + ], + "dns_config": null, + "dns_policy": "ClusterFirst", + "enable_service_links": true, + "ephemeral_containers": null, + "host_aliases": null, + "host_ipc": null, + "host_network": null, + "host_pid": null, + "host_users": null, + "hostname": "cluster1-test-cluster-default-sts-2", + "image_pull_secrets": null, + "init_containers": [ + { + "args": null, + "command": null, + "env": [ + { + "name": "POD_IP", + "value": null, + "value_from": { + "config_map_key_ref": null, + "field_ref": { + "api_version": "v1", + "field_path": "status.podIP" + }, + "resource_field_ref": null, + "secret_key_ref": null + } + }, + { + "name": "HOST_IP", + "value": null, + "value_from": { + "config_map_key_ref": null, + "field_ref": { + "api_version": "v1", + "field_path": "status.hostIP" + }, + "resource_field_ref": null, + "secret_key_ref": null + } + }, + { + "name": "USE_HOST_IP_FOR_BROADCAST", + "value": "false", + "value_from": null + }, + { + "name": "RACK_NAME", + "value": "default", + "value_from": null + }, + { + "name": "PRODUCT_VERSION", + "value": "3.11.7", + "value_from": null + }, + { + "name": "PRODUCT_NAME", + "value": "cassandra", + "value_from": null + }, + { + "name": "DSE_VERSION", + "value": "3.11.7", + "value_from": null + }, + { + "name": "CONFIG_FILE_DATA", + "value": "{\"cassandra-yaml\":{\"authenticator\":\"org.apache.cassandra.auth.PasswordAuthenticator\",\"authorizer\":\"org.apache.cassandra.auth.CassandraAuthorizer\",\"role_manager\":\"org.apache.cassandra.auth.CassandraRoleManager\"},\"cluster-info\":{\"name\":\"cluster1\",\"seeds\":\"cluster1-seed-service,cluster1-test-cluster-additional-seed-service\"},\"datacenter-info\":{\"graph-enabled\":0,\"name\":\"test-cluster\",\"solr-enabled\":0,\"spark-enabled\":0},\"jvm-options\":{\"initial_heap_size\":\"800M\",\"max_heap_size\":\"800M\"}}", + "value_from": null + } + ], + "env_from": null, + "image": "datastax/cass-config-builder:1.0.4-ubi7", + "image_pull_policy": "IfNotPresent", + "lifecycle": null, + "liveness_probe": null, + "name": "server-config-init", + "ports": null, + "readiness_probe": null, + "resources": { + "claims": null, + "limits": { + "cpu": "1", + "memory": "256M" + }, + "requests": { + "cpu": "1", + "memory": "256M" + } + }, + "security_context": null, + "startup_probe": null, + "stdin": null, + "stdin_once": null, + "termination_message_path": "/dev/termination-log", + "termination_message_policy": "File", + "tty": null, + "volume_devices": null, + "volume_mounts": [ + { + "mount_path": "/config", + "mount_propagation": null, + "name": "server-config", + "read_only": null, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/var/run/secrets/kubernetes.io/serviceaccount", + "mount_propagation": null, + "name": "kube-api-access-7nwkq", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + } + ], + "working_dir": null + } + ], + "node_name": "acto-0-cluster-0-worker3", + "node_selector": null, + "os": null, + "overhead": null, + "preemption_policy": "PreemptLowerPriority", + "priority": 0, + "priority_class_name": null, + "readiness_gates": null, + "resource_claims": null, + "restart_policy": "Always", + "runtime_class_name": null, + "scheduler_name": "default-scheduler", + "scheduling_gates": null, + "security_context": { + "fs_group": 999, + "fs_group_change_policy": null, + "run_as_group": 999, + "run_as_non_root": null, + "run_as_user": 999, + "se_linux_options": null, + "seccomp_profile": null, + "supplemental_groups": null, + "sysctls": null, + "windows_options": null + }, + "service_account": "default", + "service_account_name": "default", + "set_hostname_as_fqdn": null, + "share_process_namespace": null, + "subdomain": "cluster1-test-cluster-all-pods-service", + "termination_grace_period_seconds": 120, + "tolerations": [ + { + "effect": "NoExecute", + "key": "node.kubernetes.io/not-ready", + "operator": "Exists", + "toleration_seconds": 300, + "value": null + }, + { + "effect": "NoExecute", + "key": "node.kubernetes.io/unreachable", + "operator": "Exists", + "toleration_seconds": 300, + "value": null + } + ], + "topology_spread_constraints": null, + "volumes": [ + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "server-data", + "nfs": null, + "persistent_volume_claim": { + "claim_name": "server-data-cluster1-test-cluster-default-sts-2", + "read_only": null + }, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": null, + "empty_dir": { + "medium": null, + "size_limit": null + }, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "server-config", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": null, + "empty_dir": { + "medium": null, + "size_limit": null + }, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "server-logs", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "encryption-cred-storage", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": { + "default_mode": 420, + "items": null, + "optional": null, + "secret_name": "test-cluster-keystore" + }, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "kube-api-access-7nwkq", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": { + "default_mode": 420, + "sources": [ + { + "config_map": null, + "downward_api": null, + "secret": null, + "service_account_token": { + "audience": null, + "expiration_seconds": 3607, + "path": "token" + } + }, + { + "config_map": { + "items": [ + { + "key": "ca.crt", + "mode": null, + "path": "ca.crt" + } + ], + "name": "kube-root-ca.crt", + "optional": null + }, + "downward_api": null, + "secret": null, + "service_account_token": null + }, + { + "config_map": null, + "downward_api": { + "items": [ + { + "field_ref": { + "api_version": "v1", + "field_path": "metadata.namespace" + }, + "mode": null, + "path": "namespace", + "resource_field_ref": null + } + ] + }, + "secret": null, + "service_account_token": null + } + ] + }, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + } + ] + }, + "status": { + "conditions": [ + { + "last_probe_time": null, + "last_transition_time": "2024-02-26T19:33:53+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "Initialized" + }, + { + "last_probe_time": null, + "last_transition_time": "2024-02-26T19:35:24+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "Ready" + }, + { + "last_probe_time": null, + "last_transition_time": "2024-02-26T19:35:24+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "ContainersReady" + }, + { + "last_probe_time": null, + "last_transition_time": "2024-02-26T19:33:34+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "PodScheduled" + } + ], + "container_statuses": [ + { + "container_id": "containerd://e7179b2542c9da5c579c4e790603e3c5e03996376593edaf03a3c352c35f8f43", + "image": "docker.io/k8ssandra/cass-management-api:3.11.7", + "image_id": "docker.io/library/import-2024-02-26@sha256:3c740a7979c8fdbade5e4a289fd9bd2518bddafb76c7135fff09fb049b91ec77", + "last_state": { + "running": null, + "terminated": null, + "waiting": null + }, + "name": "cassandra", + "ready": true, + "restart_count": 0, + "started": true, + "state": { + "running": { + "started_at": "2024-02-26T19:33:53+00:00" + }, + "terminated": null, + "waiting": null + } + }, + { + "container_id": "containerd://bd3f0cf4edfd75dd626a28f884a35e447f2e5d07442d11eda98bc78348f602b1", + "image": "docker.io/k8ssandra/system-logger:v1.10.3", + "image_id": "docker.io/library/import-2024-02-26@sha256:d7125862ace61780e73a267eb69aafd40aefe5f9aa4fa37c82728488d36afe34", + "last_state": { + "running": null, + "terminated": null, + "waiting": null + }, + "name": "server-system-logger", + "ready": true, + "restart_count": 0, + "started": true, + "state": { + "running": { + "started_at": "2024-02-26T19:33:54+00:00" + }, + "terminated": null, + "waiting": null + } + } + ], + "ephemeral_container_statuses": null, + "host_ip": "172.18.0.2", + "init_container_statuses": [ + { + "container_id": "containerd://edeb7ccb8c3a582f61982cbcd7f3df8496980a8744ba802cd51cf709e5e44290", + "image": "docker.io/datastax/cass-config-builder:1.0.4-ubi7", + "image_id": "docker.io/library/import-2024-02-26@sha256:a2fd99198174a7e97d77e9146e5bc9aa096444b5f3ca71aba30c410661f4fec1", + "last_state": { + "running": null, + "terminated": null, + "waiting": null + }, + "name": "server-config-init", + "ready": true, + "restart_count": 0, + "started": null, + "state": { + "running": null, + "terminated": { + "container_id": "containerd://edeb7ccb8c3a582f61982cbcd7f3df8496980a8744ba802cd51cf709e5e44290", + "exit_code": 0, + "finished_at": "2024-02-26T19:33:53+00:00", + "message": null, + "reason": "Completed", + "signal": null, + "started_at": "2024-02-26T19:33:50+00:00" + }, + "waiting": null + } + } + ], + "message": null, + "nominated_node_name": null, + "phase": "Running", + "pod_ip": "10.244.3.5", + "pod_i_ps": [ + { + "ip": "10.244.3.5" + } + ], + "qos_class": "Burstable", + "reason": null, + "start_time": "2024-02-26T19:33:34+00:00" + } + } + }, + "deployment_pods": { + "cass-operator-controller-manager": [ + { + "api_version": null, + "kind": null, + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:32:59+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": "cass-operator-controller-manager-7f9b66678b-", + "generation": null, + "labels": { + "acto/tag": "operator-pod", + "control-plane": "controller-manager", + "name": "cass-operator", + "pod-template-hash": "7f9b66678b" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:generateName": {}, + "f:labels": { + ".": {}, + "f:acto/tag": {}, + "f:control-plane": {}, + "f:name": {}, + "f:pod-template-hash": {} + }, + "f:ownerReferences": { + ".": {}, + "k:{\"uid\":\"e38b5d98-937b-4f7a-9830-ede14d9e8f42\"}": {} + } + }, + "f:spec": { + "f:containers": { + "k:{\"name\":\"manager\"}": { + ".": {}, + "f:args": {}, + "f:command": {}, + "f:env": { + ".": {}, + "k:{\"name\":\"WATCH_NAMESPACE\"}": { + ".": {}, + "f:name": {} + } + }, + "f:image": {}, + "f:imagePullPolicy": {}, + "f:livenessProbe": { + ".": {}, + "f:failureThreshold": {}, + "f:httpGet": { + ".": {}, + "f:path": {}, + "f:port": {}, + "f:scheme": {} + }, + "f:initialDelaySeconds": {}, + "f:periodSeconds": {}, + "f:successThreshold": {}, + "f:timeoutSeconds": {} + }, + "f:name": {}, + "f:ports": { + ".": {}, + "k:{\"containerPort\":9443,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + } + }, + "f:readinessProbe": { + ".": {}, + "f:failureThreshold": {}, + "f:httpGet": { + ".": {}, + "f:path": {}, + "f:port": {}, + "f:scheme": {} + }, + "f:initialDelaySeconds": {}, + "f:periodSeconds": {}, + "f:successThreshold": {}, + "f:timeoutSeconds": {} + }, + "f:resources": { + ".": {}, + "f:limits": { + ".": {}, + "f:cpu": {}, + "f:memory": {} + }, + "f:requests": { + ".": {}, + "f:cpu": {}, + "f:memory": {} + } + }, + "f:securityContext": { + ".": {}, + "f:allowPrivilegeEscalation": {} + }, + "f:terminationMessagePath": {}, + "f:terminationMessagePolicy": {}, + "f:volumeMounts": { + ".": {}, + "k:{\"mountPath\":\"/configs\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {} + }, + "k:{\"mountPath\":\"/tmp/k8s-webhook-server/serving-certs\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {}, + "f:readOnly": {} + } + } + } + }, + "f:dnsPolicy": {}, + "f:enableServiceLinks": {}, + "f:restartPolicy": {}, + "f:schedulerName": {}, + "f:securityContext": { + ".": {}, + "f:runAsNonRoot": {} + }, + "f:serviceAccount": {}, + "f:serviceAccountName": {}, + "f:terminationGracePeriodSeconds": {}, + "f:volumes": { + ".": {}, + "k:{\"name\":\"cert\"}": { + ".": {}, + "f:name": {}, + "f:secret": { + ".": {}, + "f:defaultMode": {}, + "f:secretName": {} + } + }, + "k:{\"name\":\"manager-config\"}": { + ".": {}, + "f:configMap": { + ".": {}, + "f:defaultMode": {}, + "f:name": {} + }, + "f:name": {} + } + } + } + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:32:59+00:00" + }, + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:status": { + "f:conditions": { + "k:{\"type\":\"ContainersReady\"}": { + ".": {}, + "f:lastProbeTime": {}, + "f:lastTransitionTime": {}, + "f:status": {}, + "f:type": {} + }, + "k:{\"type\":\"Initialized\"}": { + ".": {}, + "f:lastProbeTime": {}, + "f:lastTransitionTime": {}, + "f:status": {}, + "f:type": {} + }, + "k:{\"type\":\"Ready\"}": { + ".": {}, + "f:lastProbeTime": {}, + "f:lastTransitionTime": {}, + "f:status": {}, + "f:type": {} + } + }, + "f:containerStatuses": {}, + "f:hostIP": {}, + "f:phase": {}, + "f:podIP": {}, + "f:podIPs": { + ".": {}, + "k:{\"ip\":\"10.244.3.3\"}": { + ".": {}, + "f:ip": {} + } + }, + "f:startTime": {} + } + }, + "manager": "Go-http-client", + "operation": "Update", + "subresource": "status", + "time": "2024-02-26T19:33:09+00:00" + } + ], + "name": "cass-operator-controller-manager-7f9b66678b-z6j64", + "namespace": "cass-operator", + "owner_references": [ + { + "api_version": "apps/v1", + "block_owner_deletion": true, + "controller": true, + "kind": "ReplicaSet", + "name": "cass-operator-controller-manager-7f9b66678b", + "uid": "e38b5d98-937b-4f7a-9830-ede14d9e8f42" + } + ], + "resource_version": "1110", + "self_link": null, + "uid": "cb769fc5-2138-4ed6-a67a-6809b9982242" + }, + "spec": { + "active_deadline_seconds": null, + "affinity": null, + "automount_service_account_token": null, + "containers": [ + { + "args": [ + "--config=/configs/controller_manager_config.yaml" + ], + "command": [ + "/manager" + ], + "env": [ + { + "name": "WATCH_NAMESPACE", + "value": null, + "value_from": null + } + ], + "env_from": null, + "image": "k8ssandra/cass-operator:v1.10.3", + "image_pull_policy": "IfNotPresent", + "lifecycle": null, + "liveness_probe": { + "_exec": null, + "failure_threshold": 3, + "grpc": null, + "http_get": { + "host": null, + "http_headers": null, + "path": "/healthz", + "port": 8081, + "scheme": "HTTP" + }, + "initial_delay_seconds": 15, + "period_seconds": 20, + "success_threshold": 1, + "tcp_socket": null, + "termination_grace_period_seconds": null, + "timeout_seconds": 1 + }, + "name": "manager", + "ports": [ + { + "container_port": 9443, + "host_ip": null, + "host_port": null, + "name": "webhook-server", + "protocol": "TCP" + } + ], + "readiness_probe": { + "_exec": null, + "failure_threshold": 3, + "grpc": null, + "http_get": { + "host": null, + "http_headers": null, + "path": "/readyz", + "port": 8081, + "scheme": "HTTP" + }, + "initial_delay_seconds": 5, + "period_seconds": 10, + "success_threshold": 1, + "tcp_socket": null, + "termination_grace_period_seconds": null, + "timeout_seconds": 1 + }, + "resources": { + "claims": null, + "limits": { + "cpu": "200m", + "memory": "100Mi" + }, + "requests": { + "cpu": "100m", + "memory": "20Mi" + } + }, + "security_context": { + "allow_privilege_escalation": false, + "capabilities": null, + "privileged": null, + "proc_mount": null, + "read_only_root_filesystem": null, + "run_as_group": null, + "run_as_non_root": null, + "run_as_user": null, + "se_linux_options": null, + "seccomp_profile": null, + "windows_options": null + }, + "startup_probe": null, + "stdin": null, + "stdin_once": null, + "termination_message_path": "/dev/termination-log", + "termination_message_policy": "File", + "tty": null, + "volume_devices": null, + "volume_mounts": [ + { + "mount_path": "/tmp/k8s-webhook-server/serving-certs", + "mount_propagation": null, + "name": "cert", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/configs", + "mount_propagation": null, + "name": "manager-config", + "read_only": null, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/var/run/secrets/kubernetes.io/serviceaccount", + "mount_propagation": null, + "name": "kube-api-access-9c9ht", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + } + ], + "working_dir": null + } + ], + "dns_config": null, + "dns_policy": "ClusterFirst", + "enable_service_links": true, + "ephemeral_containers": null, + "host_aliases": null, + "host_ipc": null, + "host_network": null, + "host_pid": null, + "host_users": null, + "hostname": null, + "image_pull_secrets": null, + "init_containers": null, + "node_name": "acto-0-cluster-0-worker3", + "node_selector": null, + "os": null, + "overhead": null, + "preemption_policy": "PreemptLowerPriority", + "priority": 0, + "priority_class_name": null, + "readiness_gates": null, + "resource_claims": null, + "restart_policy": "Always", + "runtime_class_name": null, + "scheduler_name": "default-scheduler", + "scheduling_gates": null, + "security_context": { + "fs_group": null, + "fs_group_change_policy": null, + "run_as_group": null, + "run_as_non_root": true, + "run_as_user": null, + "se_linux_options": null, + "seccomp_profile": null, + "supplemental_groups": null, + "sysctls": null, + "windows_options": null + }, + "service_account": "cass-operator-controller-manager", + "service_account_name": "cass-operator-controller-manager", + "set_hostname_as_fqdn": null, + "share_process_namespace": null, + "subdomain": null, + "termination_grace_period_seconds": 10, + "tolerations": [ + { + "effect": "NoExecute", + "key": "node.kubernetes.io/not-ready", + "operator": "Exists", + "toleration_seconds": 300, + "value": null + }, + { + "effect": "NoExecute", + "key": "node.kubernetes.io/unreachable", + "operator": "Exists", + "toleration_seconds": 300, + "value": null + } + ], + "topology_spread_constraints": null, + "volumes": [ + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "cert", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": { + "default_mode": 420, + "items": null, + "optional": null, + "secret_name": "webhook-server-cert" + }, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": { + "default_mode": 420, + "items": null, + "name": "cass-operator-manager-config", + "optional": null + }, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "manager-config", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "kube-api-access-9c9ht", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": { + "default_mode": 420, + "sources": [ + { + "config_map": null, + "downward_api": null, + "secret": null, + "service_account_token": { + "audience": null, + "expiration_seconds": 3607, + "path": "token" + } + }, + { + "config_map": { + "items": [ + { + "key": "ca.crt", + "mode": null, + "path": "ca.crt" + } + ], + "name": "kube-root-ca.crt", + "optional": null + }, + "downward_api": null, + "secret": null, + "service_account_token": null + }, + { + "config_map": null, + "downward_api": { + "items": [ + { + "field_ref": { + "api_version": "v1", + "field_path": "metadata.namespace" + }, + "mode": null, + "path": "namespace", + "resource_field_ref": null + } + ] + }, + "secret": null, + "service_account_token": null + } + ] + }, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + } + ] + }, + "status": { + "conditions": [ + { + "last_probe_time": null, + "last_transition_time": "2024-02-26T19:32:59+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "Initialized" + }, + { + "last_probe_time": null, + "last_transition_time": "2024-02-26T19:33:09+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "Ready" + }, + { + "last_probe_time": null, + "last_transition_time": "2024-02-26T19:33:09+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "ContainersReady" + }, + { + "last_probe_time": null, + "last_transition_time": "2024-02-26T19:32:59+00:00", + "message": null, + "reason": null, + "status": "True", + "type": "PodScheduled" + } + ], + "container_statuses": [ + { + "container_id": "containerd://22e35e1d8763c8d751ade2fb980f5ea7bbd5bf2d62396406e3dc2e5823f6a795", + "image": "docker.io/k8ssandra/cass-operator:v1.10.3", + "image_id": "docker.io/library/import-2024-02-26@sha256:f49a4c207c57d255a49829936c0742362c29e184f8ba7f103f33552cfbf52376", + "last_state": { + "running": null, + "terminated": null, + "waiting": null + }, + "name": "manager", + "ready": true, + "restart_count": 0, + "started": true, + "state": { + "running": { + "started_at": "2024-02-26T19:32:59+00:00" + }, + "terminated": null, + "waiting": null + } + } + ], + "ephemeral_container_statuses": null, + "host_ip": "172.18.0.2", + "init_container_statuses": null, + "message": null, + "nominated_node_name": null, + "phase": "Running", + "pod_ip": "10.244.3.3", + "pod_i_ps": [ + { + "ip": "10.244.3.3" + } + ], + "qos_class": "Burstable", + "reason": null, + "start_time": "2024-02-26T19:32:59+00:00" + } + } + ] + }, + "daemonset_pods": {}, + "stateful_set": { + "cluster1-test-cluster-default-sts": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": { + "cassandra.datastax.com/resource-hash": "lAD4DISuzU5/CLRvW5A/cZHk0E5jbMdJJWVB9+Ul1rE=" + }, + "creation_timestamp": "2024-02-26T19:33:30+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": 1, + "labels": { + "app.kubernetes.io/instance": "cassandra-cluster1", + "app.kubernetes.io/managed-by": "cass-operator", + "app.kubernetes.io/name": "cassandra", + "app.kubernetes.io/version": "3.11.7", + "cassandra.datastax.com/cluster": "cluster1", + "cassandra.datastax.com/datacenter": "test-cluster", + "cassandra.datastax.com/rack": "default" + }, + "managed_fields": [ + { + "api_version": "apps/v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + ".": {}, + "f:cassandra.datastax.com/resource-hash": {} + }, + "f:labels": { + ".": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {}, + "f:app.kubernetes.io/version": {}, + "f:cassandra.datastax.com/cluster": {}, + "f:cassandra.datastax.com/datacenter": {}, + "f:cassandra.datastax.com/rack": {} + }, + "f:ownerReferences": { + ".": {}, + "k:{\"uid\":\"9b81ee5e-f473-4cc4-8eba-88b9581a973d\"}": {} + } + }, + "f:spec": { + "f:podManagementPolicy": {}, + "f:replicas": {}, + "f:revisionHistoryLimit": {}, + "f:selector": {}, + "f:serviceName": {}, + "f:template": { + "f:metadata": { + "f:labels": { + ".": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {}, + "f:app.kubernetes.io/version": {}, + "f:cassandra.datastax.com/cluster": {}, + "f:cassandra.datastax.com/datacenter": {}, + "f:cassandra.datastax.com/node-state": {}, + "f:cassandra.datastax.com/rack": {} + } + }, + "f:spec": { + "f:affinity": { + ".": {}, + "f:podAntiAffinity": { + ".": {}, + "f:requiredDuringSchedulingIgnoredDuringExecution": {} + } + }, + "f:containers": { + "k:{\"name\":\"cassandra\"}": { + ".": {}, + "f:env": { + ".": {}, + "k:{\"name\":\"DSE_AUTO_CONF_OFF\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"DSE_MGMT_EXPLICIT_START\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"DS_LICENSE\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"MGMT_API_EXPLICIT_START\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"USE_MGMT_API\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + } + }, + "f:image": {}, + "f:imagePullPolicy": {}, + "f:lifecycle": { + ".": {}, + "f:preStop": { + ".": {}, + "f:exec": { + ".": {}, + "f:command": {} + } + } + }, + "f:livenessProbe": { + ".": {}, + "f:failureThreshold": {}, + "f:httpGet": { + ".": {}, + "f:path": {}, + "f:port": {}, + "f:scheme": {} + }, + "f:initialDelaySeconds": {}, + "f:periodSeconds": {}, + "f:successThreshold": {}, + "f:timeoutSeconds": {} + }, + "f:name": {}, + "f:ports": { + ".": {}, + "k:{\"containerPort\":7000,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + }, + "k:{\"containerPort\":7001,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + }, + "k:{\"containerPort\":7199,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + }, + "k:{\"containerPort\":8080,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + }, + "k:{\"containerPort\":9042,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + }, + "k:{\"containerPort\":9103,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + }, + "k:{\"containerPort\":9142,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + }, + "k:{\"containerPort\":9160,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + } + }, + "f:readinessProbe": { + ".": {}, + "f:failureThreshold": {}, + "f:httpGet": { + ".": {}, + "f:path": {}, + "f:port": {}, + "f:scheme": {} + }, + "f:initialDelaySeconds": {}, + "f:periodSeconds": {}, + "f:successThreshold": {}, + "f:timeoutSeconds": {} + }, + "f:resources": {}, + "f:terminationMessagePath": {}, + "f:terminationMessagePolicy": {}, + "f:volumeMounts": { + ".": {}, + "k:{\"mountPath\":\"/config\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {} + }, + "k:{\"mountPath\":\"/etc/encryption/\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {} + }, + "k:{\"mountPath\":\"/var/lib/cassandra\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {} + }, + "k:{\"mountPath\":\"/var/log/cassandra\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {} + } + } + }, + "k:{\"name\":\"server-system-logger\"}": { + ".": {}, + "f:image": {}, + "f:imagePullPolicy": {}, + "f:name": {}, + "f:resources": { + ".": {}, + "f:limits": { + ".": {}, + "f:cpu": {}, + "f:memory": {} + }, + "f:requests": { + ".": {}, + "f:cpu": {}, + "f:memory": {} + } + }, + "f:terminationMessagePath": {}, + "f:terminationMessagePolicy": {}, + "f:volumeMounts": { + ".": {}, + "k:{\"mountPath\":\"/var/log/cassandra\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {} + } + } + } + }, + "f:dnsPolicy": {}, + "f:initContainers": { + ".": {}, + "k:{\"name\":\"server-config-init\"}": { + ".": {}, + "f:env": { + ".": {}, + "k:{\"name\":\"CONFIG_FILE_DATA\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"DSE_VERSION\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"HOST_IP\"}": { + ".": {}, + "f:name": {}, + "f:valueFrom": { + ".": {}, + "f:fieldRef": {} + } + }, + "k:{\"name\":\"POD_IP\"}": { + ".": {}, + "f:name": {}, + "f:valueFrom": { + ".": {}, + "f:fieldRef": {} + } + }, + "k:{\"name\":\"PRODUCT_NAME\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"PRODUCT_VERSION\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"RACK_NAME\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + }, + "k:{\"name\":\"USE_HOST_IP_FOR_BROADCAST\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + } + }, + "f:image": {}, + "f:imagePullPolicy": {}, + "f:name": {}, + "f:resources": { + ".": {}, + "f:limits": { + ".": {}, + "f:cpu": {}, + "f:memory": {} + }, + "f:requests": { + ".": {}, + "f:cpu": {}, + "f:memory": {} + } + }, + "f:terminationMessagePath": {}, + "f:terminationMessagePolicy": {}, + "f:volumeMounts": { + ".": {}, + "k:{\"mountPath\":\"/config\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {} + } + } + } + }, + "f:restartPolicy": {}, + "f:schedulerName": {}, + "f:securityContext": { + ".": {}, + "f:fsGroup": {}, + "f:runAsGroup": {}, + "f:runAsUser": {} + }, + "f:serviceAccount": {}, + "f:serviceAccountName": {}, + "f:terminationGracePeriodSeconds": {}, + "f:volumes": { + ".": {}, + "k:{\"name\":\"encryption-cred-storage\"}": { + ".": {}, + "f:name": {}, + "f:secret": { + ".": {}, + "f:defaultMode": {}, + "f:secretName": {} + } + }, + "k:{\"name\":\"server-config\"}": { + ".": {}, + "f:emptyDir": {}, + "f:name": {} + }, + "k:{\"name\":\"server-logs\"}": { + ".": {}, + "f:emptyDir": {}, + "f:name": {} + } + } + } + }, + "f:updateStrategy": { + "f:rollingUpdate": { + ".": {}, + "f:partition": {} + }, + "f:type": {} + }, + "f:volumeClaimTemplates": {} + } + }, + "manager": "manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:30+00:00" + }, + { + "api_version": "apps/v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:status": { + "f:availableReplicas": {}, + "f:collisionCount": {}, + "f:currentReplicas": {}, + "f:currentRevision": {}, + "f:observedGeneration": {}, + "f:readyReplicas": {}, + "f:replicas": {}, + "f:updateRevision": {}, + "f:updatedReplicas": {} + } + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": "status", + "time": "2024-02-26T19:34:23+00:00" + } + ], + "name": "cluster1-test-cluster-default-sts", + "namespace": "cass-operator", + "owner_references": [ + { + "api_version": "cassandra.datastax.com/v1beta1", + "block_owner_deletion": true, + "controller": true, + "kind": "CassandraDatacenter", + "name": "test-cluster", + "uid": "9b81ee5e-f473-4cc4-8eba-88b9581a973d" + } + ], + "resource_version": "1970", + "self_link": null, + "uid": "f34321ea-cb8c-422e-8e25-043ede05be43" + }, + "spec": { + "min_ready_seconds": null, + "ordinals": null, + "persistent_volume_claim_retention_policy": null, + "pod_management_policy": "Parallel", + "replicas": 3, + "revision_history_limit": 10, + "selector": { + "match_expressions": null, + "match_labels": { + "cassandra.datastax.com/cluster": "cluster1", + "cassandra.datastax.com/datacenter": "test-cluster", + "cassandra.datastax.com/rack": "default" + } + }, + "service_name": "cluster1-test-cluster-all-pods-service", + "template": { + "metadata": { + "annotations": null, + "creation_timestamp": null, + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": { + "app.kubernetes.io/instance": "cassandra-cluster1", + "app.kubernetes.io/managed-by": "cass-operator", + "app.kubernetes.io/name": "cassandra", + "app.kubernetes.io/version": "3.11.7", + "cassandra.datastax.com/cluster": "cluster1", + "cassandra.datastax.com/datacenter": "test-cluster", + "cassandra.datastax.com/node-state": "Ready-to-Start", + "cassandra.datastax.com/rack": "default" + }, + "managed_fields": null, + "name": null, + "namespace": null, + "owner_references": null, + "resource_version": null, + "self_link": null, + "uid": null + }, + "spec": { + "active_deadline_seconds": null, + "affinity": { + "node_affinity": null, + "pod_affinity": null, + "pod_anti_affinity": { + "preferred_during_scheduling_ignored_during_execution": null, + "required_during_scheduling_ignored_during_execution": [ + { + "label_selector": { + "match_expressions": [ + { + "key": "cassandra.datastax.com/cluster", + "operator": "Exists", + "values": null + }, + { + "key": "cassandra.datastax.com/datacenter", + "operator": "Exists", + "values": null + }, + { + "key": "cassandra.datastax.com/rack", + "operator": "Exists", + "values": null + } + ], + "match_labels": null + }, + "namespace_selector": null, + "namespaces": null, + "topology_key": "kubernetes.io/hostname" + } + ] + } + }, + "automount_service_account_token": null, + "containers": [ + { + "args": null, + "command": null, + "env": [ + { + "name": "DS_LICENSE", + "value": "accept", + "value_from": null + }, + { + "name": "DSE_AUTO_CONF_OFF", + "value": "all", + "value_from": null + }, + { + "name": "USE_MGMT_API", + "value": "true", + "value_from": null + }, + { + "name": "MGMT_API_EXPLICIT_START", + "value": "true", + "value_from": null + }, + { + "name": "DSE_MGMT_EXPLICIT_START", + "value": "true", + "value_from": null + } + ], + "env_from": null, + "image": "k8ssandra/cass-management-api:3.11.7", + "image_pull_policy": "IfNotPresent", + "lifecycle": { + "post_start": null, + "pre_stop": { + "_exec": { + "command": [ + "wget", + "--output-document", + "/dev/null", + "--no-check-certificate", + "--post-data=''", + "http://localhost:8080/api/v0/ops/node/drain" + ] + }, + "http_get": null, + "tcp_socket": null + } + }, + "liveness_probe": { + "_exec": null, + "failure_threshold": 3, + "grpc": null, + "http_get": { + "host": null, + "http_headers": null, + "path": "/api/v0/probes/liveness", + "port": 8080, + "scheme": "HTTP" + }, + "initial_delay_seconds": 15, + "period_seconds": 15, + "success_threshold": 1, + "tcp_socket": null, + "termination_grace_period_seconds": null, + "timeout_seconds": 1 + }, + "name": "cassandra", + "ports": [ + { + "container_port": 9042, + "host_ip": null, + "host_port": null, + "name": "native", + "protocol": "TCP" + }, + { + "container_port": 9142, + "host_ip": null, + "host_port": null, + "name": "tls-native", + "protocol": "TCP" + }, + { + "container_port": 7000, + "host_ip": null, + "host_port": null, + "name": "internode", + "protocol": "TCP" + }, + { + "container_port": 7001, + "host_ip": null, + "host_port": null, + "name": "tls-internode", + "protocol": "TCP" + }, + { + "container_port": 7199, + "host_ip": null, + "host_port": null, + "name": "jmx", + "protocol": "TCP" + }, + { + "container_port": 8080, + "host_ip": null, + "host_port": null, + "name": "mgmt-api-http", + "protocol": "TCP" + }, + { + "container_port": 9103, + "host_ip": null, + "host_port": null, + "name": "prometheus", + "protocol": "TCP" + }, + { + "container_port": 9160, + "host_ip": null, + "host_port": null, + "name": "thrift", + "protocol": "TCP" + } + ], + "readiness_probe": { + "_exec": null, + "failure_threshold": 3, + "grpc": null, + "http_get": { + "host": null, + "http_headers": null, + "path": "/api/v0/probes/readiness", + "port": 8080, + "scheme": "HTTP" + }, + "initial_delay_seconds": 20, + "period_seconds": 10, + "success_threshold": 1, + "tcp_socket": null, + "termination_grace_period_seconds": null, + "timeout_seconds": 1 + }, + "resources": { + "claims": null, + "limits": null, + "requests": null + }, + "security_context": null, + "startup_probe": null, + "stdin": null, + "stdin_once": null, + "termination_message_path": "/dev/termination-log", + "termination_message_policy": "File", + "tty": null, + "volume_devices": null, + "volume_mounts": [ + { + "mount_path": "/var/log/cassandra", + "mount_propagation": null, + "name": "server-logs", + "read_only": null, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/var/lib/cassandra", + "mount_propagation": null, + "name": "server-data", + "read_only": null, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/etc/encryption/", + "mount_propagation": null, + "name": "encryption-cred-storage", + "read_only": null, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/config", + "mount_propagation": null, + "name": "server-config", + "read_only": null, + "sub_path": null, + "sub_path_expr": null + } + ], + "working_dir": null + }, + { + "args": null, + "command": null, + "env": null, + "env_from": null, + "image": "k8ssandra/system-logger:v1.10.3", + "image_pull_policy": "IfNotPresent", + "lifecycle": null, + "liveness_probe": null, + "name": "server-system-logger", + "ports": null, + "readiness_probe": null, + "resources": { + "claims": null, + "limits": { + "cpu": "100m", + "memory": "64M" + }, + "requests": { + "cpu": "100m", + "memory": "64M" + } + }, + "security_context": null, + "startup_probe": null, + "stdin": null, + "stdin_once": null, + "termination_message_path": "/dev/termination-log", + "termination_message_policy": "File", + "tty": null, + "volume_devices": null, + "volume_mounts": [ + { + "mount_path": "/var/log/cassandra", + "mount_propagation": null, + "name": "server-logs", + "read_only": null, + "sub_path": null, + "sub_path_expr": null + } + ], + "working_dir": null + } + ], + "dns_config": null, + "dns_policy": "ClusterFirst", + "enable_service_links": null, + "ephemeral_containers": null, + "host_aliases": null, + "host_ipc": null, + "host_network": null, + "host_pid": null, + "host_users": null, + "hostname": null, + "image_pull_secrets": null, + "init_containers": [ + { + "args": null, + "command": null, + "env": [ + { + "name": "POD_IP", + "value": null, + "value_from": { + "config_map_key_ref": null, + "field_ref": { + "api_version": "v1", + "field_path": "status.podIP" + }, + "resource_field_ref": null, + "secret_key_ref": null + } + }, + { + "name": "HOST_IP", + "value": null, + "value_from": { + "config_map_key_ref": null, + "field_ref": { + "api_version": "v1", + "field_path": "status.hostIP" + }, + "resource_field_ref": null, + "secret_key_ref": null + } + }, + { + "name": "USE_HOST_IP_FOR_BROADCAST", + "value": "false", + "value_from": null + }, + { + "name": "RACK_NAME", + "value": "default", + "value_from": null + }, + { + "name": "PRODUCT_VERSION", + "value": "3.11.7", + "value_from": null + }, + { + "name": "PRODUCT_NAME", + "value": "cassandra", + "value_from": null + }, + { + "name": "DSE_VERSION", + "value": "3.11.7", + "value_from": null + }, + { + "name": "CONFIG_FILE_DATA", + "value": "{\"cassandra-yaml\":{\"authenticator\":\"org.apache.cassandra.auth.PasswordAuthenticator\",\"authorizer\":\"org.apache.cassandra.auth.CassandraAuthorizer\",\"role_manager\":\"org.apache.cassandra.auth.CassandraRoleManager\"},\"cluster-info\":{\"name\":\"cluster1\",\"seeds\":\"cluster1-seed-service,cluster1-test-cluster-additional-seed-service\"},\"datacenter-info\":{\"graph-enabled\":0,\"name\":\"test-cluster\",\"solr-enabled\":0,\"spark-enabled\":0},\"jvm-options\":{\"initial_heap_size\":\"800M\",\"max_heap_size\":\"800M\"}}", + "value_from": null + } + ], + "env_from": null, + "image": "datastax/cass-config-builder:1.0.4-ubi7", + "image_pull_policy": "IfNotPresent", + "lifecycle": null, + "liveness_probe": null, + "name": "server-config-init", + "ports": null, + "readiness_probe": null, + "resources": { + "claims": null, + "limits": { + "cpu": "1", + "memory": "256M" + }, + "requests": { + "cpu": "1", + "memory": "256M" + } + }, + "security_context": null, + "startup_probe": null, + "stdin": null, + "stdin_once": null, + "termination_message_path": "/dev/termination-log", + "termination_message_policy": "File", + "tty": null, + "volume_devices": null, + "volume_mounts": [ + { + "mount_path": "/config", + "mount_propagation": null, + "name": "server-config", + "read_only": null, + "sub_path": null, + "sub_path_expr": null + } + ], + "working_dir": null + } + ], + "node_name": null, + "node_selector": null, + "os": null, + "overhead": null, + "preemption_policy": null, + "priority": null, + "priority_class_name": null, + "readiness_gates": null, + "resource_claims": null, + "restart_policy": "Always", + "runtime_class_name": null, + "scheduler_name": "default-scheduler", + "scheduling_gates": null, + "security_context": { + "fs_group": 999, + "fs_group_change_policy": null, + "run_as_group": 999, + "run_as_non_root": null, + "run_as_user": 999, + "se_linux_options": null, + "seccomp_profile": null, + "supplemental_groups": null, + "sysctls": null, + "windows_options": null + }, + "service_account": "default", + "service_account_name": "default", + "set_hostname_as_fqdn": null, + "share_process_namespace": null, + "subdomain": null, + "termination_grace_period_seconds": 120, + "tolerations": null, + "topology_spread_constraints": null, + "volumes": [ + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": null, + "empty_dir": { + "medium": null, + "size_limit": null + }, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "server-config", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": null, + "empty_dir": { + "medium": null, + "size_limit": null + }, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "server-logs", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "encryption-cred-storage", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": { + "default_mode": 420, + "items": null, + "optional": null, + "secret_name": "test-cluster-keystore" + }, + "storageos": null, + "vsphere_volume": null + } + ] + } + }, + "update_strategy": { + "rolling_update": { + "max_unavailable": null, + "partition": 0 + }, + "type": "RollingUpdate" + }, + "volume_claim_templates": [ + { + "api_version": "v1", + "kind": "PersistentVolumeClaim", + "metadata": { + "annotations": null, + "creation_timestamp": null, + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": { + "app.kubernetes.io/instance": "cassandra-cluster1", + "app.kubernetes.io/managed-by": "cass-operator", + "app.kubernetes.io/name": "cassandra", + "app.kubernetes.io/version": "3.11.7", + "cassandra.datastax.com/cluster": "cluster1", + "cassandra.datastax.com/datacenter": "test-cluster", + "cassandra.datastax.com/rack": "default" + }, + "managed_fields": null, + "name": "server-data", + "namespace": null, + "owner_references": null, + "resource_version": null, + "self_link": null, + "uid": null + }, + "spec": { + "access_modes": [ + "ReadWriteOnce" + ], + "data_source": null, + "data_source_ref": null, + "resources": { + "claims": null, + "limits": null, + "requests": { + "storage": "3Gi" + } + }, + "selector": null, + "storage_class_name": "server-storage", + "volume_mode": "Filesystem", + "volume_name": null + }, + "status": { + "access_modes": null, + "allocated_resources": null, + "capacity": null, + "conditions": null, + "phase": "Pending", + "resize_status": null + } + } + ] + }, + "status": { + "available_replicas": 3, + "collision_count": 0, + "conditions": null, + "current_replicas": 3, + "current_revision": "cluster1-test-cluster-default-sts-5d8d5c84f4", + "observed_generation": 1, + "ready_replicas": 3, + "replicas": 3, + "update_revision": "cluster1-test-cluster-default-sts-5d8d5c84f4", + "updated_replicas": 3 + } + } + }, + "deployment": { + "cass-operator-controller-manager": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": { + "deployment.kubernetes.io/revision": "2" + }, + "creation_timestamp": "2024-02-26T19:32:48+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": 2, + "labels": { + "acto/tag": "operator-deployment", + "control-plane": "controller-manager" + }, + "managed_fields": [ + { + "api_version": "apps/v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:labels": { + "f:control-plane": {} + } + }, + "f:spec": { + "f:replicas": {}, + "f:selector": {}, + "f:template": { + "f:metadata": { + "f:labels": { + "f:control-plane": {}, + "f:name": {} + } + }, + "f:spec": { + "f:containers": { + "k:{\"name\":\"manager\"}": { + ".": {}, + "f:args": {}, + "f:command": {}, + "f:env": { + "k:{\"name\":\"WATCH_NAMESPACE\"}": { + ".": {}, + "f:name": {}, + "f:value": {} + } + }, + "f:image": {}, + "f:imagePullPolicy": {}, + "f:livenessProbe": { + "f:httpGet": { + "f:path": {}, + "f:port": {} + }, + "f:initialDelaySeconds": {}, + "f:periodSeconds": {} + }, + "f:name": {}, + "f:ports": { + "k:{\"containerPort\":9443,\"protocol\":\"TCP\"}": { + ".": {}, + "f:containerPort": {}, + "f:name": {}, + "f:protocol": {} + } + }, + "f:readinessProbe": { + "f:httpGet": { + "f:path": {}, + "f:port": {} + }, + "f:initialDelaySeconds": {}, + "f:periodSeconds": {} + }, + "f:resources": { + "f:limits": { + "f:cpu": {}, + "f:memory": {} + }, + "f:requests": { + "f:cpu": {}, + "f:memory": {} + } + }, + "f:securityContext": { + "f:allowPrivilegeEscalation": {} + }, + "f:volumeMounts": { + "k:{\"mountPath\":\"/configs\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {} + }, + "k:{\"mountPath\":\"/tmp/k8s-webhook-server/serving-certs\"}": { + ".": {}, + "f:mountPath": {}, + "f:name": {}, + "f:readOnly": {} + } + } + } + }, + "f:securityContext": { + "f:runAsNonRoot": {} + }, + "f:serviceAccountName": {}, + "f:terminationGracePeriodSeconds": {}, + "f:volumes": { + "k:{\"name\":\"cert\"}": { + ".": {}, + "f:name": {}, + "f:secret": { + "f:defaultMode": {}, + "f:secretName": {} + } + }, + "k:{\"name\":\"manager-config\"}": { + ".": {}, + "f:configMap": { + "f:name": {} + }, + "f:name": {} + } + } + } + } + } + }, + "manager": "kubectl", + "operation": "Apply", + "subresource": null, + "time": "2024-02-26T19:32:48+00:00" + }, + { + "api_version": "apps/v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:labels": { + "f:acto/tag": {} + } + }, + "f:spec": { + "f:template": { + "f:metadata": { + "f:labels": { + "f:acto/tag": {} + } + } + } + } + }, + "manager": "OpenAPI-Generator", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:32:59+00:00" + }, + { + "api_version": "apps/v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + ".": {}, + "f:deployment.kubernetes.io/revision": {} + } + }, + "f:status": { + "f:availableReplicas": {}, + "f:conditions": { + ".": {}, + "k:{\"type\":\"Available\"}": { + ".": {}, + "f:lastTransitionTime": {}, + "f:lastUpdateTime": {}, + "f:message": {}, + "f:reason": {}, + "f:status": {}, + "f:type": {} + }, + "k:{\"type\":\"Progressing\"}": { + ".": {}, + "f:lastTransitionTime": {}, + "f:lastUpdateTime": {}, + "f:message": {}, + "f:reason": {}, + "f:status": {}, + "f:type": {} + } + }, + "f:observedGeneration": {}, + "f:readyReplicas": {}, + "f:replicas": {}, + "f:updatedReplicas": {} + } + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": "status", + "time": "2024-02-26T19:33:09+00:00" + } + ], + "name": "cass-operator-controller-manager", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1124", + "self_link": null, + "uid": "df3d20c7-d213-4071-8f88-541e84b55bd6" + }, + "spec": { + "min_ready_seconds": null, + "paused": null, + "progress_deadline_seconds": 600, + "replicas": 1, + "revision_history_limit": 10, + "selector": { + "match_expressions": null, + "match_labels": { + "control-plane": "controller-manager", + "name": "cass-operator" + } + }, + "strategy": { + "rolling_update": { + "max_surge": "25%", + "max_unavailable": "25%" + }, + "type": "RollingUpdate" + }, + "template": { + "metadata": { + "annotations": null, + "creation_timestamp": null, + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": { + "acto/tag": "operator-pod", + "control-plane": "controller-manager", + "name": "cass-operator" + }, + "managed_fields": null, + "name": null, + "namespace": null, + "owner_references": null, + "resource_version": null, + "self_link": null, + "uid": null + }, + "spec": { + "active_deadline_seconds": null, + "affinity": null, + "automount_service_account_token": null, + "containers": [ + { + "args": [ + "--config=/configs/controller_manager_config.yaml" + ], + "command": [ + "/manager" + ], + "env": [ + { + "name": "WATCH_NAMESPACE", + "value": null, + "value_from": null + } + ], + "env_from": null, + "image": "k8ssandra/cass-operator:v1.10.3", + "image_pull_policy": "IfNotPresent", + "lifecycle": null, + "liveness_probe": { + "_exec": null, + "failure_threshold": 3, + "grpc": null, + "http_get": { + "host": null, + "http_headers": null, + "path": "/healthz", + "port": 8081, + "scheme": "HTTP" + }, + "initial_delay_seconds": 15, + "period_seconds": 20, + "success_threshold": 1, + "tcp_socket": null, + "termination_grace_period_seconds": null, + "timeout_seconds": 1 + }, + "name": "manager", + "ports": [ + { + "container_port": 9443, + "host_ip": null, + "host_port": null, + "name": "webhook-server", + "protocol": "TCP" + } + ], + "readiness_probe": { + "_exec": null, + "failure_threshold": 3, + "grpc": null, + "http_get": { + "host": null, + "http_headers": null, + "path": "/readyz", + "port": 8081, + "scheme": "HTTP" + }, + "initial_delay_seconds": 5, + "period_seconds": 10, + "success_threshold": 1, + "tcp_socket": null, + "termination_grace_period_seconds": null, + "timeout_seconds": 1 + }, + "resources": { + "claims": null, + "limits": { + "cpu": "200m", + "memory": "100Mi" + }, + "requests": { + "cpu": "100m", + "memory": "20Mi" + } + }, + "security_context": { + "allow_privilege_escalation": false, + "capabilities": null, + "privileged": null, + "proc_mount": null, + "read_only_root_filesystem": null, + "run_as_group": null, + "run_as_non_root": null, + "run_as_user": null, + "se_linux_options": null, + "seccomp_profile": null, + "windows_options": null + }, + "startup_probe": null, + "stdin": null, + "stdin_once": null, + "termination_message_path": "/dev/termination-log", + "termination_message_policy": "File", + "tty": null, + "volume_devices": null, + "volume_mounts": [ + { + "mount_path": "/tmp/k8s-webhook-server/serving-certs", + "mount_propagation": null, + "name": "cert", + "read_only": true, + "sub_path": null, + "sub_path_expr": null + }, + { + "mount_path": "/configs", + "mount_propagation": null, + "name": "manager-config", + "read_only": null, + "sub_path": null, + "sub_path_expr": null + } + ], + "working_dir": null + } + ], + "dns_config": null, + "dns_policy": "ClusterFirst", + "enable_service_links": null, + "ephemeral_containers": null, + "host_aliases": null, + "host_ipc": null, + "host_network": null, + "host_pid": null, + "host_users": null, + "hostname": null, + "image_pull_secrets": null, + "init_containers": null, + "node_name": null, + "node_selector": null, + "os": null, + "overhead": null, + "preemption_policy": null, + "priority": null, + "priority_class_name": null, + "readiness_gates": null, + "resource_claims": null, + "restart_policy": "Always", + "runtime_class_name": null, + "scheduler_name": "default-scheduler", + "scheduling_gates": null, + "security_context": { + "fs_group": null, + "fs_group_change_policy": null, + "run_as_group": null, + "run_as_non_root": true, + "run_as_user": null, + "se_linux_options": null, + "seccomp_profile": null, + "supplemental_groups": null, + "sysctls": null, + "windows_options": null + }, + "service_account": "cass-operator-controller-manager", + "service_account_name": "cass-operator-controller-manager", + "set_hostname_as_fqdn": null, + "share_process_namespace": null, + "subdomain": null, + "termination_grace_period_seconds": 10, + "tolerations": null, + "topology_spread_constraints": null, + "volumes": [ + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": null, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "cert", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": { + "default_mode": 420, + "items": null, + "optional": null, + "secret_name": "webhook-server-cert" + }, + "storageos": null, + "vsphere_volume": null + }, + { + "aws_elastic_block_store": null, + "azure_disk": null, + "azure_file": null, + "cephfs": null, + "cinder": null, + "config_map": { + "default_mode": 420, + "items": null, + "name": "cass-operator-manager-config", + "optional": null + }, + "csi": null, + "downward_api": null, + "empty_dir": null, + "ephemeral": null, + "fc": null, + "flex_volume": null, + "flocker": null, + "gce_persistent_disk": null, + "git_repo": null, + "glusterfs": null, + "host_path": null, + "iscsi": null, + "name": "manager-config", + "nfs": null, + "persistent_volume_claim": null, + "photon_persistent_disk": null, + "portworx_volume": null, + "projected": null, + "quobyte": null, + "rbd": null, + "scale_io": null, + "secret": null, + "storageos": null, + "vsphere_volume": null + } + ] + } + } + }, + "status": { + "available_replicas": 1, + "collision_count": null, + "conditions": [ + { + "last_transition_time": "2024-02-26T19:32:59+00:00", + "last_update_time": "2024-02-26T19:32:59+00:00", + "message": "Deployment has minimum availability.", + "reason": "MinimumReplicasAvailable", + "status": "True", + "type": "Available" + }, + { + "last_transition_time": "2024-02-26T19:32:48+00:00", + "last_update_time": "2024-02-26T19:33:09+00:00", + "message": "ReplicaSet \"cass-operator-controller-manager-7f9b66678b\" has successfully progressed.", + "reason": "NewReplicaSetAvailable", + "status": "True", + "type": "Progressing" + } + ], + "observed_generation": 2, + "ready_replicas": 1, + "replicas": 1, + "unavailable_replicas": null, + "updated_replicas": 1 + } + } + }, + "daemon_set": {}, + "config_map": { + "b569adb7.cassandra.datastax.com": { + "api_version": null, + "binary_data": null, + "data": null, + "immutable": null, + "kind": null, + "metadata": { + "annotations": { + "control-plane.alpha.kubernetes.io/leader": "{\"holderIdentity\":\"cass-operator-controller-manager-7f9b66678b-z6j64_6c9b4450-3b5f-46e2-b713-650dfa0b8f7f\",\"leaseDurationSeconds\":15,\"acquireTime\":\"2024-02-26T19:33:24Z\",\"renewTime\":\"2024-02-26T19:39:16Z\",\"leaderTransitions\":1}" + }, + "creation_timestamp": "2024-02-26T19:32:50+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + ".": {}, + "f:control-plane.alpha.kubernetes.io/leader": {} + } + } + }, + "manager": "manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:32:50+00:00" + } + ], + "name": "b569adb7.cassandra.datastax.com", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "2612", + "self_link": null, + "uid": "addfb43f-462e-43d9-8c36-adfb859f3c69" + } + }, + "cass-operator-manager-config": { + "api_version": null, + "binary_data": null, + "data": { + "controller_manager_config.yaml": "apiVersion: config.k8ssandra.io/v1beta1\nkind: OperatorConfig\nmetadata:\n name: operator-config\nhealth:\n healthProbeBindAddress: :8081\nmetrics:\n bindAddress: 127.0.0.1:8080\nwebhook:\n port: 9443\nleaderElection:\n leaderElect: true\n resourceName: b569adb7.cassandra.datastax.com\ndisableWebhooks: false\nimageConfigFile: /configs/image_config.yaml\n", + "image_config.yaml": "apiVersion: config.k8ssandra.io/v1beta1\nkind: ImageConfig\nmetadata:\n name: image-config\nimages:\n system-logger: \"k8ssandra/system-logger:v1.10.3\"\n config-builder: \"datastax/cass-config-builder:1.0.4-ubi7\"\n # cassandra:\n # \"4.0.0\": \"k8ssandra/cassandra-ubi:latest\"\n # dse:\n # \"6.8.999\": \"datastax/dse-server-prototype:latest\"\n# imageRegistry: \"localhost:5000\"\n# imagePullPolicy: IfNotPresent\n# imagePullSecret:\n# name: my-secret-pull-registry\ndefaults:\n # Note, postfix is ignored if repository is not set\n cassandra:\n repository: \"k8ssandra/cass-management-api\"\n dse:\n repository: \"datastax/dse-server\"\n suffix: \"-ubi7\"\n" + }, + "immutable": null, + "kind": null, + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:32:48+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:data": { + "f:controller_manager_config.yaml": {}, + "f:image_config.yaml": {} + } + }, + "manager": "kubectl", + "operation": "Apply", + "subresource": null, + "time": "2024-02-26T19:32:48+00:00" + } + ], + "name": "cass-operator-manager-config", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "961", + "self_link": null, + "uid": "73e2ba7c-3170-4578-a873-ada31f5f89bd" + } + }, + "kube-root-ca.crt": { + "api_version": null, + "binary_data": null, + "data": { + "ca.crt": "-----BEGIN CERTIFICATE-----\nMIIC/jCCAeagAwIBAgIBADANBgkqhkiG9w0BAQsFADAVMRMwEQYDVQQDEwprdWJl\ncm5ldGVzMB4XDTI0MDIyNjE5MzEyNVoXDTM0MDIyMzE5MzEyNVowFTETMBEGA1UE\nAxMKa3ViZXJuZXRlczCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMmH\nFaWb2Wjn7HoSYrErkc76xYf8Iz5XjB4005cdOSVc8bovTzFpQwmV7B09zUpq6nOq\nTNk86Zfrth8KyS1crMrlNhOkOZYeGPT2L8NMO9V/XrgaRv8cEWZjeMRpWlNdwVtJ\nrK+CQF/e4vMbv17zjT5DeSXJtYpY87TWY69RH4cJFnD93Y1BUSfPbSbtaAXLdH03\nPVTtFWm6H8NFzf+bw1hN1W+62DOWjZ7YbR3aJqyyle26Qz35VocYnRo705lZKPwO\nt5XnwmnIE6sMwngJutGipU8/v/OG8SsvoOgfLU8sSeuatXV6q/UzvAv0x0X7b6BH\nvEPkLge3JISAylxOu+0CAwEAAaNZMFcwDgYDVR0PAQH/BAQDAgKkMA8GA1UdEwEB\n/wQFMAMBAf8wHQYDVR0OBBYEFBn5yq8hFn3wVwtApoqJ9eQF1zPpMBUGA1UdEQQO\nMAyCCmt1YmVybmV0ZXMwDQYJKoZIhvcNAQELBQADggEBABrIGLIeWKkQrHtRF/lJ\nUqLBDKSkOOdHlAXfYJNM3LgYEoNBV1hvt5Pte95QKpflyLBEqiaIeq1Qpw4OfH3x\nj1xsNULGk6Xjce8/UpG4xSfsJ7xntFzg22pEZKuAF1FGOOfZh5orla6UHk8Bg5+b\nXZeJzUGJSKfjVhlxf72udWFzvJdcG/sEUkvyX5Mlrph8tUyOpY/6LRAmDBrfokBk\nEA8DQjsL0IaIOoHP2eMVqIws8Biyptn6q047jjayTjn2ITN3Cd2yj9qGwlBaO6rE\nrtqStZSE+M7MNHsY4ha/Jgarg3VzafqRXCA2QVuc8iqke0v1ntnOzZz2RUmLY5UA\nGyM=\n-----END CERTIFICATE-----\n" + }, + "immutable": null, + "kind": null, + "metadata": { + "annotations": { + "kubernetes.io/description": "Contains a CA bundle that can be used to verify the kube-apiserver when using internal endpoints such as the internal service IP or kubernetes.default.svc. No other usage is guaranteed across distributions of Kubernetes clusters." + }, + "creation_timestamp": "2024-02-26T19:32:27+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:data": { + ".": {}, + "f:ca.crt": {} + }, + "f:metadata": { + "f:annotations": { + ".": {}, + "f:kubernetes.io/description": {} + } + } + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:32:27+00:00" + } + ], + "name": "kube-root-ca.crt", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "736", + "self_link": null, + "uid": "1d6934a6-c272-4b0d-971b-7b0d46c820f2" + } + } + }, + "service": { + "cass-operator-webhook-service": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:32:48+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:spec": { + "f:ports": { + "k:{\"port\":443,\"protocol\":\"TCP\"}": { + ".": {}, + "f:port": {}, + "f:targetPort": {} + } + }, + "f:selector": {} + } + }, + "manager": "kubectl", + "operation": "Apply", + "subresource": null, + "time": "2024-02-26T19:32:48+00:00" + } + ], + "name": "cass-operator-webhook-service", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "963", + "self_link": null, + "uid": "beeeef70-d867-461d-a10a-75213fde5788" + }, + "spec": { + "allocate_load_balancer_node_ports": null, + "cluster_ip": "10.96.2.224", + "cluster_i_ps": [ + "10.96.2.224" + ], + "external_i_ps": null, + "external_name": null, + "external_traffic_policy": null, + "health_check_node_port": null, + "internal_traffic_policy": "Cluster", + "ip_families": [ + "IPv4" + ], + "ip_family_policy": "SingleStack", + "load_balancer_class": null, + "load_balancer_ip": null, + "load_balancer_source_ranges": null, + "ports": [ + { + "app_protocol": null, + "name": null, + "node_port": null, + "port": 443, + "protocol": "TCP", + "target_port": 9443 + } + ], + "publish_not_ready_addresses": null, + "selector": { + "control-plane": "controller-manager" + }, + "session_affinity": "None", + "session_affinity_config": null, + "type": "ClusterIP" + }, + "status": { + "conditions": null, + "load_balancer": { + "ingress": null + } + } + }, + "cluster1-seed-service": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": { + "cassandra.datastax.com/resource-hash": "1uQq3KjBiQ6WSYWu9LR5c1HXTd2WMvTi7kggXePHlks=" + }, + "creation_timestamp": "2024-02-26T19:33:30+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": { + "ACTOKEY": "ACTOKEY", + "app.kubernetes.io/instance": "cassandra-cluster1", + "app.kubernetes.io/managed-by": "cass-operator", + "app.kubernetes.io/name": "cassandra", + "app.kubernetes.io/version": "3.11.7", + "cassandra.datastax.com/cluster": "cluster1" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + ".": {}, + "f:cassandra.datastax.com/resource-hash": {} + }, + "f:labels": { + ".": {}, + "f:ACTOKEY": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {}, + "f:app.kubernetes.io/version": {}, + "f:cassandra.datastax.com/cluster": {} + }, + "f:ownerReferences": { + ".": {}, + "k:{\"uid\":\"9b81ee5e-f473-4cc4-8eba-88b9581a973d\"}": {} + } + }, + "f:spec": { + "f:clusterIP": {}, + "f:internalTrafficPolicy": {}, + "f:publishNotReadyAddresses": {}, + "f:selector": {}, + "f:sessionAffinity": {}, + "f:type": {} + } + }, + "manager": "manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:37:15+00:00" + } + ], + "name": "cluster1-seed-service", + "namespace": "cass-operator", + "owner_references": [ + { + "api_version": "cassandra.datastax.com/v1beta1", + "block_owner_deletion": true, + "controller": true, + "kind": "CassandraDatacenter", + "name": "test-cluster", + "uid": "9b81ee5e-f473-4cc4-8eba-88b9581a973d" + } + ], + "resource_version": "2415", + "self_link": null, + "uid": "00b0d2fa-310d-439b-b427-39b249a2177b" + }, + "spec": { + "allocate_load_balancer_node_ports": null, + "cluster_ip": "None", + "cluster_i_ps": [ + "None" + ], + "external_i_ps": null, + "external_name": null, + "external_traffic_policy": null, + "health_check_node_port": null, + "internal_traffic_policy": "Cluster", + "ip_families": [ + "IPv4" + ], + "ip_family_policy": "SingleStack", + "load_balancer_class": null, + "load_balancer_ip": null, + "load_balancer_source_ranges": null, + "ports": null, + "publish_not_ready_addresses": true, + "selector": { + "cassandra.datastax.com/cluster": "cluster1", + "cassandra.datastax.com/seed-node": "true" + }, + "session_affinity": "None", + "session_affinity_config": null, + "type": "ClusterIP" + }, + "status": { + "conditions": null, + "load_balancer": { + "ingress": null + } + } + }, + "cluster1-test-cluster-additional-seed-service": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": { + "cassandra.datastax.com/resource-hash": "08fmY5i8j4N9Ih3XJefcPdJzIhMSZRLxdHMt09popds=" + }, + "creation_timestamp": "2024-02-26T19:33:30+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": { + "app.kubernetes.io/instance": "cassandra-cluster1", + "app.kubernetes.io/managed-by": "cass-operator", + "app.kubernetes.io/name": "cassandra", + "app.kubernetes.io/version": "3.11.7", + "cassandra.datastax.com/cluster": "cluster1", + "cassandra.datastax.com/datacenter": "test-cluster" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + ".": {}, + "f:cassandra.datastax.com/resource-hash": {} + }, + "f:labels": { + ".": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {}, + "f:app.kubernetes.io/version": {}, + "f:cassandra.datastax.com/cluster": {}, + "f:cassandra.datastax.com/datacenter": {} + }, + "f:ownerReferences": { + ".": {}, + "k:{\"uid\":\"9b81ee5e-f473-4cc4-8eba-88b9581a973d\"}": {} + } + }, + "f:spec": { + "f:clusterIP": {}, + "f:internalTrafficPolicy": {}, + "f:publishNotReadyAddresses": {}, + "f:sessionAffinity": {}, + "f:type": {} + } + }, + "manager": "manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:30+00:00" + } + ], + "name": "cluster1-test-cluster-additional-seed-service", + "namespace": "cass-operator", + "owner_references": [ + { + "api_version": "cassandra.datastax.com/v1beta1", + "block_owner_deletion": true, + "controller": true, + "kind": "CassandraDatacenter", + "name": "test-cluster", + "uid": "9b81ee5e-f473-4cc4-8eba-88b9581a973d" + } + ], + "resource_version": "1197", + "self_link": null, + "uid": "13e486e8-b4af-4e5d-8069-8627f88868ea" + }, + "spec": { + "allocate_load_balancer_node_ports": null, + "cluster_ip": "None", + "cluster_i_ps": [ + "None" + ], + "external_i_ps": null, + "external_name": null, + "external_traffic_policy": null, + "health_check_node_port": null, + "internal_traffic_policy": "Cluster", + "ip_families": [ + "IPv4", + "IPv6" + ], + "ip_family_policy": "RequireDualStack", + "load_balancer_class": null, + "load_balancer_ip": null, + "load_balancer_source_ranges": null, + "ports": null, + "publish_not_ready_addresses": true, + "selector": null, + "session_affinity": "None", + "session_affinity_config": null, + "type": "ClusterIP" + }, + "status": { + "conditions": null, + "load_balancer": { + "ingress": null + } + } + }, + "cluster1-test-cluster-all-pods-service": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": { + "cassandra.datastax.com/resource-hash": "KfxzJFWkJsi0aVju584rMKEgw1NQw25q/4PPXeWb4mw=" + }, + "creation_timestamp": "2024-02-26T19:33:30+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": { + "app.kubernetes.io/instance": "cassandra-cluster1", + "app.kubernetes.io/managed-by": "cass-operator", + "app.kubernetes.io/name": "cassandra", + "app.kubernetes.io/version": "3.11.7", + "cassandra.datastax.com/cluster": "cluster1", + "cassandra.datastax.com/datacenter": "test-cluster", + "cassandra.datastax.com/prom-metrics": "true" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + ".": {}, + "f:cassandra.datastax.com/resource-hash": {} + }, + "f:labels": { + ".": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {}, + "f:app.kubernetes.io/version": {}, + "f:cassandra.datastax.com/cluster": {}, + "f:cassandra.datastax.com/datacenter": {}, + "f:cassandra.datastax.com/prom-metrics": {} + }, + "f:ownerReferences": { + ".": {}, + "k:{\"uid\":\"9b81ee5e-f473-4cc4-8eba-88b9581a973d\"}": {} + } + }, + "f:spec": { + "f:clusterIP": {}, + "f:internalTrafficPolicy": {}, + "f:ports": { + ".": {}, + "k:{\"port\":8080,\"protocol\":\"TCP\"}": { + ".": {}, + "f:name": {}, + "f:port": {}, + "f:protocol": {}, + "f:targetPort": {} + }, + "k:{\"port\":9042,\"protocol\":\"TCP\"}": { + ".": {}, + "f:name": {}, + "f:port": {}, + "f:protocol": {}, + "f:targetPort": {} + }, + "k:{\"port\":9103,\"protocol\":\"TCP\"}": { + ".": {}, + "f:name": {}, + "f:port": {}, + "f:protocol": {}, + "f:targetPort": {} + } + }, + "f:publishNotReadyAddresses": {}, + "f:selector": {}, + "f:sessionAffinity": {}, + "f:type": {} + } + }, + "manager": "manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:30+00:00" + } + ], + "name": "cluster1-test-cluster-all-pods-service", + "namespace": "cass-operator", + "owner_references": [ + { + "api_version": "cassandra.datastax.com/v1beta1", + "block_owner_deletion": true, + "controller": true, + "kind": "CassandraDatacenter", + "name": "test-cluster", + "uid": "9b81ee5e-f473-4cc4-8eba-88b9581a973d" + } + ], + "resource_version": "1193", + "self_link": null, + "uid": "358ff370-5a9c-409a-8ad4-6cb19ee410a9" + }, + "spec": { + "allocate_load_balancer_node_ports": null, + "cluster_ip": "None", + "cluster_i_ps": [ + "None" + ], + "external_i_ps": null, + "external_name": null, + "external_traffic_policy": null, + "health_check_node_port": null, + "internal_traffic_policy": "Cluster", + "ip_families": [ + "IPv4" + ], + "ip_family_policy": "SingleStack", + "load_balancer_class": null, + "load_balancer_ip": null, + "load_balancer_source_ranges": null, + "ports": [ + { + "app_protocol": null, + "name": "native", + "node_port": null, + "port": 9042, + "protocol": "TCP", + "target_port": 9042 + }, + { + "app_protocol": null, + "name": "mgmt-api", + "node_port": null, + "port": 8080, + "protocol": "TCP", + "target_port": 8080 + }, + { + "app_protocol": null, + "name": "prometheus", + "node_port": null, + "port": 9103, + "protocol": "TCP", + "target_port": 9103 + } + ], + "publish_not_ready_addresses": true, + "selector": { + "cassandra.datastax.com/cluster": "cluster1", + "cassandra.datastax.com/datacenter": "test-cluster" + }, + "session_affinity": "None", + "session_affinity_config": null, + "type": "ClusterIP" + }, + "status": { + "conditions": null, + "load_balancer": { + "ingress": null + } + } + }, + "cluster1-test-cluster-service": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": { + "cassandra.datastax.com/resource-hash": "veMcfmIxEezVk0s29xOumZv+nuuRE+2udQuOxKrwNAs=" + }, + "creation_timestamp": "2024-02-26T19:33:30+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": { + "app.kubernetes.io/instance": "cassandra-cluster1", + "app.kubernetes.io/managed-by": "cass-operator", + "app.kubernetes.io/name": "cassandra", + "app.kubernetes.io/version": "3.11.7", + "cassandra.datastax.com/cluster": "cluster1", + "cassandra.datastax.com/datacenter": "test-cluster" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + ".": {}, + "f:cassandra.datastax.com/resource-hash": {} + }, + "f:labels": { + ".": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {}, + "f:app.kubernetes.io/version": {}, + "f:cassandra.datastax.com/cluster": {}, + "f:cassandra.datastax.com/datacenter": {} + }, + "f:ownerReferences": { + ".": {}, + "k:{\"uid\":\"9b81ee5e-f473-4cc4-8eba-88b9581a973d\"}": {} + } + }, + "f:spec": { + "f:clusterIP": {}, + "f:internalTrafficPolicy": {}, + "f:ports": { + ".": {}, + "k:{\"port\":8080,\"protocol\":\"TCP\"}": { + ".": {}, + "f:name": {}, + "f:port": {}, + "f:protocol": {}, + "f:targetPort": {} + }, + "k:{\"port\":9042,\"protocol\":\"TCP\"}": { + ".": {}, + "f:name": {}, + "f:port": {}, + "f:protocol": {}, + "f:targetPort": {} + }, + "k:{\"port\":9103,\"protocol\":\"TCP\"}": { + ".": {}, + "f:name": {}, + "f:port": {}, + "f:protocol": {}, + "f:targetPort": {} + }, + "k:{\"port\":9142,\"protocol\":\"TCP\"}": { + ".": {}, + "f:name": {}, + "f:port": {}, + "f:protocol": {}, + "f:targetPort": {} + }, + "k:{\"port\":9160,\"protocol\":\"TCP\"}": { + ".": {}, + "f:name": {}, + "f:port": {}, + "f:protocol": {}, + "f:targetPort": {} + } + }, + "f:selector": {}, + "f:sessionAffinity": {}, + "f:type": {} + } + }, + "manager": "manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:30+00:00" + } + ], + "name": "cluster1-test-cluster-service", + "namespace": "cass-operator", + "owner_references": [ + { + "api_version": "cassandra.datastax.com/v1beta1", + "block_owner_deletion": true, + "controller": true, + "kind": "CassandraDatacenter", + "name": "test-cluster", + "uid": "9b81ee5e-f473-4cc4-8eba-88b9581a973d" + } + ], + "resource_version": "1190", + "self_link": null, + "uid": "f7afd0c2-64c1-442a-88c2-f903a0e22824" + }, + "spec": { + "allocate_load_balancer_node_ports": null, + "cluster_ip": "None", + "cluster_i_ps": [ + "None" + ], + "external_i_ps": null, + "external_name": null, + "external_traffic_policy": null, + "health_check_node_port": null, + "internal_traffic_policy": "Cluster", + "ip_families": [ + "IPv4" + ], + "ip_family_policy": "SingleStack", + "load_balancer_class": null, + "load_balancer_ip": null, + "load_balancer_source_ranges": null, + "ports": [ + { + "app_protocol": null, + "name": "native", + "node_port": null, + "port": 9042, + "protocol": "TCP", + "target_port": 9042 + }, + { + "app_protocol": null, + "name": "tls-native", + "node_port": null, + "port": 9142, + "protocol": "TCP", + "target_port": 9142 + }, + { + "app_protocol": null, + "name": "mgmt-api", + "node_port": null, + "port": 8080, + "protocol": "TCP", + "target_port": 8080 + }, + { + "app_protocol": null, + "name": "prometheus", + "node_port": null, + "port": 9103, + "protocol": "TCP", + "target_port": 9103 + }, + { + "app_protocol": null, + "name": "thrift", + "node_port": null, + "port": 9160, + "protocol": "TCP", + "target_port": 9160 + } + ], + "publish_not_ready_addresses": null, + "selector": { + "cassandra.datastax.com/cluster": "cluster1", + "cassandra.datastax.com/datacenter": "test-cluster" + }, + "session_affinity": "None", + "session_affinity_config": null, + "type": "ClusterIP" + }, + "status": { + "conditions": null, + "load_balancer": { + "ingress": null + } + } + } + }, + "pvc": { + "server-data-cluster1-test-cluster-default-sts-0": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": { + "pv.kubernetes.io/bind-completed": "yes", + "pv.kubernetes.io/bound-by-controller": "yes", + "volume.beta.kubernetes.io/storage-provisioner": "rancher.io/local-path", + "volume.kubernetes.io/selected-node": "acto-0-cluster-0-worker2", + "volume.kubernetes.io/storage-provisioner": "rancher.io/local-path" + }, + "creation_timestamp": "2024-02-26T19:33:30+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": [ + "kubernetes.io/pvc-protection" + ], + "generate_name": null, + "generation": null, + "labels": { + "app.kubernetes.io/instance": "cassandra-cluster1", + "app.kubernetes.io/managed-by": "cass-operator", + "app.kubernetes.io/name": "cassandra", + "app.kubernetes.io/version": "3.11.7", + "cassandra.datastax.com/cluster": "cluster1", + "cassandra.datastax.com/datacenter": "test-cluster", + "cassandra.datastax.com/rack": "default" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + ".": {}, + "f:volume.kubernetes.io/selected-node": {} + } + } + }, + "manager": "kube-scheduler", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:30+00:00" + }, + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + "f:pv.kubernetes.io/bind-completed": {}, + "f:pv.kubernetes.io/bound-by-controller": {}, + "f:volume.beta.kubernetes.io/storage-provisioner": {}, + "f:volume.kubernetes.io/storage-provisioner": {} + }, + "f:labels": { + ".": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {}, + "f:app.kubernetes.io/version": {}, + "f:cassandra.datastax.com/cluster": {}, + "f:cassandra.datastax.com/datacenter": {}, + "f:cassandra.datastax.com/rack": {} + } + }, + "f:spec": { + "f:accessModes": {}, + "f:resources": { + "f:requests": { + ".": {}, + "f:storage": {} + } + }, + "f:storageClassName": {}, + "f:volumeMode": {}, + "f:volumeName": {} + } + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:32+00:00" + }, + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:status": { + "f:accessModes": {}, + "f:capacity": { + ".": {}, + "f:storage": {} + }, + "f:phase": {} + } + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": "status", + "time": "2024-02-26T19:33:32+00:00" + } + ], + "name": "server-data-cluster1-test-cluster-default-sts-0", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1283", + "self_link": null, + "uid": "b78a30f1-4bf6-43d3-9df5-d10275907d6f" + }, + "spec": { + "access_modes": [ + "ReadWriteOnce" + ], + "data_source": null, + "data_source_ref": null, + "resources": { + "claims": null, + "limits": null, + "requests": { + "storage": "3Gi" + } + }, + "selector": null, + "storage_class_name": "server-storage", + "volume_mode": "Filesystem", + "volume_name": "pvc-b78a30f1-4bf6-43d3-9df5-d10275907d6f" + }, + "status": { + "access_modes": [ + "ReadWriteOnce" + ], + "allocated_resources": null, + "capacity": { + "storage": "3Gi" + }, + "conditions": null, + "phase": "Bound", + "resize_status": null + } + }, + "server-data-cluster1-test-cluster-default-sts-1": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": { + "pv.kubernetes.io/bind-completed": "yes", + "pv.kubernetes.io/bound-by-controller": "yes", + "volume.beta.kubernetes.io/storage-provisioner": "rancher.io/local-path", + "volume.kubernetes.io/selected-node": "acto-0-cluster-0-worker", + "volume.kubernetes.io/storage-provisioner": "rancher.io/local-path" + }, + "creation_timestamp": "2024-02-26T19:33:30+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": [ + "kubernetes.io/pvc-protection" + ], + "generate_name": null, + "generation": null, + "labels": { + "app.kubernetes.io/instance": "cassandra-cluster1", + "app.kubernetes.io/managed-by": "cass-operator", + "app.kubernetes.io/name": "cassandra", + "app.kubernetes.io/version": "3.11.7", + "cassandra.datastax.com/cluster": "cluster1", + "cassandra.datastax.com/datacenter": "test-cluster", + "cassandra.datastax.com/rack": "default" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + ".": {}, + "f:volume.kubernetes.io/selected-node": {} + } + } + }, + "manager": "kube-scheduler", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:30+00:00" + }, + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + "f:pv.kubernetes.io/bind-completed": {}, + "f:pv.kubernetes.io/bound-by-controller": {}, + "f:volume.beta.kubernetes.io/storage-provisioner": {}, + "f:volume.kubernetes.io/storage-provisioner": {} + }, + "f:labels": { + ".": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {}, + "f:app.kubernetes.io/version": {}, + "f:cassandra.datastax.com/cluster": {}, + "f:cassandra.datastax.com/datacenter": {}, + "f:cassandra.datastax.com/rack": {} + } + }, + "f:spec": { + "f:accessModes": {}, + "f:resources": { + "f:requests": { + ".": {}, + "f:storage": {} + } + }, + "f:storageClassName": {}, + "f:volumeMode": {}, + "f:volumeName": {} + } + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:33+00:00" + }, + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:status": { + "f:accessModes": {}, + "f:capacity": { + ".": {}, + "f:storage": {} + }, + "f:phase": {} + } + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": "status", + "time": "2024-02-26T19:33:33+00:00" + } + ], + "name": "server-data-cluster1-test-cluster-default-sts-1", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1301", + "self_link": null, + "uid": "5921cc87-b65e-4389-9c27-bfd4674f40dc" + }, + "spec": { + "access_modes": [ + "ReadWriteOnce" + ], + "data_source": null, + "data_source_ref": null, + "resources": { + "claims": null, + "limits": null, + "requests": { + "storage": "3Gi" + } + }, + "selector": null, + "storage_class_name": "server-storage", + "volume_mode": "Filesystem", + "volume_name": "pvc-5921cc87-b65e-4389-9c27-bfd4674f40dc" + }, + "status": { + "access_modes": [ + "ReadWriteOnce" + ], + "allocated_resources": null, + "capacity": { + "storage": "3Gi" + }, + "conditions": null, + "phase": "Bound", + "resize_status": null + } + }, + "server-data-cluster1-test-cluster-default-sts-2": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": { + "pv.kubernetes.io/bind-completed": "yes", + "pv.kubernetes.io/bound-by-controller": "yes", + "volume.beta.kubernetes.io/storage-provisioner": "rancher.io/local-path", + "volume.kubernetes.io/selected-node": "acto-0-cluster-0-worker3", + "volume.kubernetes.io/storage-provisioner": "rancher.io/local-path" + }, + "creation_timestamp": "2024-02-26T19:33:30+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": [ + "kubernetes.io/pvc-protection" + ], + "generate_name": null, + "generation": null, + "labels": { + "app.kubernetes.io/instance": "cassandra-cluster1", + "app.kubernetes.io/managed-by": "cass-operator", + "app.kubernetes.io/name": "cassandra", + "app.kubernetes.io/version": "3.11.7", + "cassandra.datastax.com/cluster": "cluster1", + "cassandra.datastax.com/datacenter": "test-cluster", + "cassandra.datastax.com/rack": "default" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + ".": {}, + "f:volume.kubernetes.io/selected-node": {} + } + } + }, + "manager": "kube-scheduler", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:30+00:00" + }, + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + "f:pv.kubernetes.io/bind-completed": {}, + "f:pv.kubernetes.io/bound-by-controller": {}, + "f:volume.beta.kubernetes.io/storage-provisioner": {}, + "f:volume.kubernetes.io/storage-provisioner": {} + }, + "f:labels": { + ".": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {}, + "f:app.kubernetes.io/version": {}, + "f:cassandra.datastax.com/cluster": {}, + "f:cassandra.datastax.com/datacenter": {}, + "f:cassandra.datastax.com/rack": {} + } + }, + "f:spec": { + "f:accessModes": {}, + "f:resources": { + "f:requests": { + ".": {}, + "f:storage": {} + } + }, + "f:storageClassName": {}, + "f:volumeMode": {}, + "f:volumeName": {} + } + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:33+00:00" + }, + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:status": { + "f:accessModes": {}, + "f:capacity": { + ".": {}, + "f:storage": {} + }, + "f:phase": {} + } + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": "status", + "time": "2024-02-26T19:33:33+00:00" + } + ], + "name": "server-data-cluster1-test-cluster-default-sts-2", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1309", + "self_link": null, + "uid": "46c1b026-ace4-4bb1-83b7-39b6f5a2cb7f" + }, + "spec": { + "access_modes": [ + "ReadWriteOnce" + ], + "data_source": null, + "data_source_ref": null, + "resources": { + "claims": null, + "limits": null, + "requests": { + "storage": "3Gi" + } + }, + "selector": null, + "storage_class_name": "server-storage", + "volume_mode": "Filesystem", + "volume_name": "pvc-46c1b026-ace4-4bb1-83b7-39b6f5a2cb7f" + }, + "status": { + "access_modes": [ + "ReadWriteOnce" + ], + "allocated_resources": null, + "capacity": { + "storage": "3Gi" + }, + "conditions": null, + "phase": "Bound", + "resize_status": null + } + } + }, + "cronjob": {}, + "ingress": {}, + "network_policy": {}, + "pod_disruption_budget": { + "test-cluster-pdb": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": { + "cassandra.datastax.com/resource-hash": "N5O7i+zXqVMtvfYRMnksAOtwD64XnXhWx4ZtrExoAfU=" + }, + "creation_timestamp": "2024-02-26T19:36:14+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": 1, + "labels": { + "app.kubernetes.io/instance": "cassandra-cluster1", + "app.kubernetes.io/managed-by": "cass-operator", + "app.kubernetes.io/name": "cassandra", + "app.kubernetes.io/version": "3.11.7", + "cassandra.datastax.com/cluster": "cluster1", + "cassandra.datastax.com/datacenter": "test-cluster" + }, + "managed_fields": [ + { + "api_version": "policy/v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:status": { + "f:conditions": { + ".": {}, + "k:{\"type\":\"DisruptionAllowed\"}": { + ".": {}, + "f:lastTransitionTime": {}, + "f:message": {}, + "f:observedGeneration": {}, + "f:reason": {}, + "f:status": {}, + "f:type": {} + } + }, + "f:currentHealthy": {}, + "f:desiredHealthy": {}, + "f:disruptionsAllowed": {}, + "f:expectedPods": {}, + "f:observedGeneration": {} + } + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": "status", + "time": "2024-02-26T19:36:14+00:00" + }, + { + "api_version": "policy/v1beta1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + ".": {}, + "f:cassandra.datastax.com/resource-hash": {} + }, + "f:labels": { + ".": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {}, + "f:app.kubernetes.io/version": {}, + "f:cassandra.datastax.com/cluster": {}, + "f:cassandra.datastax.com/datacenter": {} + }, + "f:ownerReferences": { + ".": {}, + "k:{\"uid\":\"9b81ee5e-f473-4cc4-8eba-88b9581a973d\"}": {} + } + }, + "f:spec": { + "f:minAvailable": {}, + "f:selector": {} + } + }, + "manager": "manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:36:14+00:00" + } + ], + "name": "test-cluster-pdb", + "namespace": "cass-operator", + "owner_references": [ + { + "api_version": "cassandra.datastax.com/v1beta1", + "block_owner_deletion": true, + "controller": true, + "kind": "CassandraDatacenter", + "name": "test-cluster", + "uid": "9b81ee5e-f473-4cc4-8eba-88b9581a973d" + } + ], + "resource_version": "1980", + "self_link": null, + "uid": "d836002c-7c09-488a-b295-d5a972973ee4" + }, + "spec": { + "max_unavailable": null, + "min_available": 2, + "selector": { + "match_expressions": null, + "match_labels": { + "cassandra.datastax.com/cluster": "cluster1", + "cassandra.datastax.com/datacenter": "test-cluster" + } + }, + "unhealthy_pod_eviction_policy": null + }, + "status": { + "conditions": [ + { + "last_transition_time": "2024-02-26T19:36:14+00:00", + "message": "", + "observed_generation": 1, + "reason": "SufficientPods", + "status": "True", + "type": "DisruptionAllowed" + } + ], + "current_healthy": 3, + "desired_healthy": 2, + "disrupted_pods": null, + "disruptions_allowed": 1, + "expected_pods": 3, + "observed_generation": 1 + } + } + }, + "secret": { + "cass-operator-controller-manager-token-78j4l": { + "api_version": null, + "data": { + "ca.crt": "-----BEGIN CERTIFICATE-----\nMIIC/jCCAeagAwIBAgIBADANBgkqhkiG9w0BAQsFADAVMRMwEQYDVQQDEwprdWJl\ncm5ldGVzMB4XDTI0MDIyNjE5MzEyNVoXDTM0MDIyMzE5MzEyNVowFTETMBEGA1UE\nAxMKa3ViZXJuZXRlczCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMmH\nFaWb2Wjn7HoSYrErkc76xYf8Iz5XjB4005cdOSVc8bovTzFpQwmV7B09zUpq6nOq\nTNk86Zfrth8KyS1crMrlNhOkOZYeGPT2L8NMO9V/XrgaRv8cEWZjeMRpWlNdwVtJ\nrK+CQF/e4vMbv17zjT5DeSXJtYpY87TWY69RH4cJFnD93Y1BUSfPbSbtaAXLdH03\nPVTtFWm6H8NFzf+bw1hN1W+62DOWjZ7YbR3aJqyyle26Qz35VocYnRo705lZKPwO\nt5XnwmnIE6sMwngJutGipU8/v/OG8SsvoOgfLU8sSeuatXV6q/UzvAv0x0X7b6BH\nvEPkLge3JISAylxOu+0CAwEAAaNZMFcwDgYDVR0PAQH/BAQDAgKkMA8GA1UdEwEB\n/wQFMAMBAf8wHQYDVR0OBBYEFBn5yq8hFn3wVwtApoqJ9eQF1zPpMBUGA1UdEQQO\nMAyCCmt1YmVybmV0ZXMwDQYJKoZIhvcNAQELBQADggEBABrIGLIeWKkQrHtRF/lJ\nUqLBDKSkOOdHlAXfYJNM3LgYEoNBV1hvt5Pte95QKpflyLBEqiaIeq1Qpw4OfH3x\nj1xsNULGk6Xjce8/UpG4xSfsJ7xntFzg22pEZKuAF1FGOOfZh5orla6UHk8Bg5+b\nXZeJzUGJSKfjVhlxf72udWFzvJdcG/sEUkvyX5Mlrph8tUyOpY/6LRAmDBrfokBk\nEA8DQjsL0IaIOoHP2eMVqIws8Biyptn6q047jjayTjn2ITN3Cd2yj9qGwlBaO6rE\nrtqStZSE+M7MNHsY4ha/Jgarg3VzafqRXCA2QVuc8iqke0v1ntnOzZz2RUmLY5UA\nGyM=\n-----END CERTIFICATE-----\n", + "namespace": "cass-operator", + "token": "eyJhbGciOiJSUzI1NiIsImtpZCI6Inh4RE1zTEVXZVFPYU9hV2FoYi05em80SnZ0WExGeHJ2blN4NHlEa2V4NTgifQ.eyJpc3MiOiJrdWJlcm5ldGVzL3NlcnZpY2VhY2NvdW50Iiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9uYW1lc3BhY2UiOiJjYXNzLW9wZXJhdG9yIiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9zZWNyZXQubmFtZSI6ImNhc3Mtb3BlcmF0b3ItY29udHJvbGxlci1tYW5hZ2VyLXRva2VuLTc4ajRsIiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9zZXJ2aWNlLWFjY291bnQubmFtZSI6ImNhc3Mtb3BlcmF0b3ItY29udHJvbGxlci1tYW5hZ2VyIiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9zZXJ2aWNlLWFjY291bnQudWlkIjoiNTYyOGVjNjUtMjM1Zi00ZGI4LTk4MjgtYWI4MDQ5ZTBhZjkyIiwic3ViIjoic3lzdGVtOnNlcnZpY2VhY2NvdW50OmNhc3Mtb3BlcmF0b3I6Y2Fzcy1vcGVyYXRvci1jb250cm9sbGVyLW1hbmFnZXIifQ.MXOf_QvpwuQk88mZTM2c8BVZ3x-KieQiLN2Rx9Rss1cj6jYjH320QPtBRe1qZ5S4Dkkz4eUg3lHrX-rj4q_0UHz-SH8vKeXMyX8dxkwZHcS00PAEtCIlgKC-WzAPqnaKdY4duHZUnA2mK2Bd-ewwiOdFLO8hf7bR11JXdpj0t9T3SZrw8WnHCMPmAdgaF8dM_QDhU2n9vKlyh5-6J8-g6mM-ebtGOP26j4x76P6hECgtxD3xOzVIzV_rWRaxHT2Bl3IPTZ_rK8RtU9Vovz0YVWbr65EHDXSBs5oxeId4iVZywCN_4BMJ1zL36S-Gc6Bm5mMtWyiyXrK7fXN8sMTCiw" + }, + "immutable": null, + "kind": null, + "metadata": { + "annotations": { + "kubernetes.io/service-account.name": "cass-operator-controller-manager", + "kubernetes.io/service-account.uid": "5628ec65-235f-4db8-9828-ab8049e0af92" + }, + "creation_timestamp": "2024-02-26T19:32:48+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:data": { + ".": {}, + "f:ca.crt": {}, + "f:namespace": {}, + "f:token": {} + }, + "f:metadata": { + "f:annotations": { + ".": {}, + "f:kubernetes.io/service-account.name": {}, + "f:kubernetes.io/service-account.uid": {} + } + }, + "f:type": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:32:48+00:00" + } + ], + "name": "cass-operator-controller-manager-token-78j4l", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "954", + "self_link": null, + "uid": "fc2c5c76-6bf8-4dd5-858e-15718ab80648" + }, + "string_data": null, + "type": "kubernetes.io/service-account-token" + }, + "cluster1-superuser": { + "api_version": null, + "data": { + "password": "lgA50wzRdKTOoZjU2DbbqiTljvOlrKE2CUxGcTMi4CsjCQ5KfcM0Dg", + "username": "cluster1-superuser" + }, + "immutable": null, + "kind": null, + "metadata": { + "annotations": { + "cassandra.datastax.com/watched-by": "[\"cass-operator/test-cluster\"]" + }, + "creation_timestamp": "2024-02-26T19:33:30+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": { + "app.kubernetes.io/instance": "cassandra-cluster1", + "app.kubernetes.io/managed-by": "cass-operator", + "app.kubernetes.io/name": "cassandra", + "app.kubernetes.io/version": "3.11.7", + "cassandra.datastax.com/watched": "true" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:data": { + ".": {}, + "f:password": {}, + "f:username": {} + }, + "f:metadata": { + "f:annotations": { + ".": {}, + "f:cassandra.datastax.com/watched-by": {} + }, + "f:labels": { + ".": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {}, + "f:app.kubernetes.io/version": {}, + "f:cassandra.datastax.com/watched": {} + } + }, + "f:type": {} + }, + "manager": "manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:36:14+00:00" + } + ], + "name": "cluster1-superuser", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1979", + "self_link": null, + "uid": "d70fb378-1971-4597-836f-222a7c423688" + }, + "string_data": null, + "type": "Opaque" + }, + "default-token-85zgl": { + "api_version": null, + "data": { + "ca.crt": "-----BEGIN CERTIFICATE-----\nMIIC/jCCAeagAwIBAgIBADANBgkqhkiG9w0BAQsFADAVMRMwEQYDVQQDEwprdWJl\ncm5ldGVzMB4XDTI0MDIyNjE5MzEyNVoXDTM0MDIyMzE5MzEyNVowFTETMBEGA1UE\nAxMKa3ViZXJuZXRlczCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMmH\nFaWb2Wjn7HoSYrErkc76xYf8Iz5XjB4005cdOSVc8bovTzFpQwmV7B09zUpq6nOq\nTNk86Zfrth8KyS1crMrlNhOkOZYeGPT2L8NMO9V/XrgaRv8cEWZjeMRpWlNdwVtJ\nrK+CQF/e4vMbv17zjT5DeSXJtYpY87TWY69RH4cJFnD93Y1BUSfPbSbtaAXLdH03\nPVTtFWm6H8NFzf+bw1hN1W+62DOWjZ7YbR3aJqyyle26Qz35VocYnRo705lZKPwO\nt5XnwmnIE6sMwngJutGipU8/v/OG8SsvoOgfLU8sSeuatXV6q/UzvAv0x0X7b6BH\nvEPkLge3JISAylxOu+0CAwEAAaNZMFcwDgYDVR0PAQH/BAQDAgKkMA8GA1UdEwEB\n/wQFMAMBAf8wHQYDVR0OBBYEFBn5yq8hFn3wVwtApoqJ9eQF1zPpMBUGA1UdEQQO\nMAyCCmt1YmVybmV0ZXMwDQYJKoZIhvcNAQELBQADggEBABrIGLIeWKkQrHtRF/lJ\nUqLBDKSkOOdHlAXfYJNM3LgYEoNBV1hvt5Pte95QKpflyLBEqiaIeq1Qpw4OfH3x\nj1xsNULGk6Xjce8/UpG4xSfsJ7xntFzg22pEZKuAF1FGOOfZh5orla6UHk8Bg5+b\nXZeJzUGJSKfjVhlxf72udWFzvJdcG/sEUkvyX5Mlrph8tUyOpY/6LRAmDBrfokBk\nEA8DQjsL0IaIOoHP2eMVqIws8Biyptn6q047jjayTjn2ITN3Cd2yj9qGwlBaO6rE\nrtqStZSE+M7MNHsY4ha/Jgarg3VzafqRXCA2QVuc8iqke0v1ntnOzZz2RUmLY5UA\nGyM=\n-----END CERTIFICATE-----\n", + "namespace": "cass-operator", + "token": "eyJhbGciOiJSUzI1NiIsImtpZCI6Inh4RE1zTEVXZVFPYU9hV2FoYi05em80SnZ0WExGeHJ2blN4NHlEa2V4NTgifQ.eyJpc3MiOiJrdWJlcm5ldGVzL3NlcnZpY2VhY2NvdW50Iiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9uYW1lc3BhY2UiOiJjYXNzLW9wZXJhdG9yIiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9zZWNyZXQubmFtZSI6ImRlZmF1bHQtdG9rZW4tODV6Z2wiLCJrdWJlcm5ldGVzLmlvL3NlcnZpY2VhY2NvdW50L3NlcnZpY2UtYWNjb3VudC5uYW1lIjoiZGVmYXVsdCIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VydmljZS1hY2NvdW50LnVpZCI6ImIzZmRlMDk1LTc4NDctNDI3Ny05ZDY4LTFiNmMyOGZhM2Q3MSIsInN1YiI6InN5c3RlbTpzZXJ2aWNlYWNjb3VudDpjYXNzLW9wZXJhdG9yOmRlZmF1bHQifQ.oDBiilLn6TaBtuduVklCDCNa0UIM_qwI-y5GEvoM_kgUDugNiJj8x5elLWbS1BklUEiLIYPGdDZyQWnEtuJO9kNAEqKQrtIlYxKy3T1uaG_JZ0tFkUa3yXAisNYZnnX4ZYjFDCycUtVP8TiF2ZV0iR900tLL2TWM7jEnacKkIOviL2zqiBTD5v3d33aj9KXQwGMT1IMGDKX4x1VIySiDRHUS03ogGaPijilw45v0lWN18BI3vRtMSwuQIsaE8knoVKavm4AurK80rVP6Tm-CHNqWTiOnZ56lM11lnDVDsT2agXjO52MYV0TQkYVKgdq0YgUYf2rbBxpvQ4tTNqTS_A" + }, + "immutable": null, + "kind": null, + "metadata": { + "annotations": { + "kubernetes.io/service-account.name": "default", + "kubernetes.io/service-account.uid": "b3fde095-7847-4277-9d68-1b6c28fa3d71" + }, + "creation_timestamp": "2024-02-26T19:32:27+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:data": { + ".": {}, + "f:ca.crt": {}, + "f:namespace": {}, + "f:token": {} + }, + "f:metadata": { + "f:annotations": { + ".": {}, + "f:kubernetes.io/service-account.name": {}, + "f:kubernetes.io/service-account.uid": {} + } + }, + "f:type": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:32:27+00:00" + } + ], + "name": "default-token-85zgl", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "737", + "self_link": null, + "uid": "4f46c8c1-ec8e-454c-b261-48c03c463f85" + }, + "string_data": null, + "type": "kubernetes.io/service-account-token" + }, + "test-cluster-ca-keystore": { + "api_version": null, + "data": { + "cert": "-----BEGIN CERTIFICATE-----\nMIIF9zCCA9+gAwIBAgIQX1+/mcEfMJBDyRV8seUWAjANBgkqhkiG9w0BAQsFADBp\nMTIwMAYDVQQKEylDYXNzYW5kcmEgS3ViZXJuZXRlcyBPcGVyYXRvciBCeSBEYXRh\nc3RheDEzMDEGA1UEAxMqdGVzdC1jbHVzdGVyLWNhLWtleXN0b3JlLmNhc3Mtb3Bl\ncmF0b3Iuc3ZjMB4XDTI0MDIyNjE5MzMzMFoXDTI1MDIyNTE5MzMzMFowaTEyMDAG\nA1UEChMpQ2Fzc2FuZHJhIEt1YmVybmV0ZXMgT3BlcmF0b3IgQnkgRGF0YXN0YXgx\nMzAxBgNVBAMTKnRlc3QtY2x1c3Rlci1jYS1rZXlzdG9yZS5jYXNzLW9wZXJhdG9y\nLnN2YzCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAPjypL+aX9rQ6gjq\nWkdsYubR8oVk3VcL4rb4zO0BttU0yia0mB+iBYx0Sjc2YBeTpP6j2J3THbmtU8+F\nh6Q9Gmp0egJiElSNyzVZcLaReCi+2P9rYrWgqz9L8QzLB2hOBhQ3Tn/iL4fkiU0l\nP+veI/HutmzYXQhe0gWdMtip5rVmOxwupN53dhupOAW4cOB05cBEim23mmG2g5KI\nPZ1Qog2FytOWLgcVLX5QyRUwkSWmPDzaFA/c4BHzpF0y4B9Gf/pjkUvAYF2uD64C\nZL/dxk5++9DlH7lD8Df5If3lne6scxlKLes4b1aevgD2yJNSEQnFBdzPGh6jXmHk\npaWQbMY8Wzbc+3HWUIfYvq9YMQXTZkn9A+lF8fTnOeY5gbpmYy/0Za9e1T+YdP5Z\n2dI9nPi6kWciiIkT9bOL4/cvFYFZqMoqbmoiXW0X5ns7dajeto63RT/SDos0FNqp\nwVylcsEesQM3nPAWgP2H4L5cOYt0ODAY/HTQ4gX942SzeS9+0ptGCdx7pyzn4N65\nXtZbTf/Nqn0ZWwy5aAe2j2PA1/XUUJ7VI5X9VbH71bkStmMwBwSkijkeLeIws4He\n36Mwm5ZQSPond4GMQi7Rvhw1Viu0jrW+R+3VzvYZqW/ucUhY8K/vQh4jWjtIDE8r\nyxOxe1UeqThK2hVQC/7V7quKBXXlAgMBAAGjgZowgZcwDgYDVR0PAQH/BAQDAgKk\nMBMGA1UdJQQMMAoGCCsGAQUFBwMBMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYE\nFKihpplWTjvB13YVR/+rJIXDDySlMEAGA1UdEQQ5MDeCNWNhc3NhbmRyYWRhdGFj\nZW50ZXItd2ViaG9vay1zZXJ2aWNlLmNhc3Mtb3BlcmF0b3Iuc3ZjMA0GCSqGSIb3\nDQEBCwUAA4ICAQB5mrJBCJW1YzHSfe7h4OHvbqJViIcEDfhdz43+4tRheS1+t6Lp\n78LAT7ExsVzbe7de+qJgQVaG8RwXTS0mGmowrqb1xRvIM6nYvNP5NurL7O988gwQ\npZFrJwzGftnqQurTARGPTFtIkm6gSJNXH2Fr+amO8CPTTvkvH2Rt1VMHbsnI8/N0\nTDsKs4ohYYQfUPp+F/hT6EPpSURMOGa0zsaYV5oZnvVnxSPn80HBhXBNBOA0Dh7Z\nwqXCiAm1L65zB8HIe9fHxTRMFc7cnVOqnCDDSrfu3yRvj6HcGqjX899e9SDklW6R\npupvRhJeZW3a9XoH5oMzYcfdQKFmTwhGr39TMCfdTbNEyGQmEtJiqLegddBYGuDm\n1KOys4cTuamhoXo8NoQN/p9oVzCBqVasv1fER01fX+DoN3lWUVL9Xalqzv1KZd8w\ncJB9VJL2cfWg7/DI8ZcSk/IlzEenglB578Kg5vTCgcCMpYbjzkJGXbWD49Z/jZ2p\nxp0RtKLOIW0cdzETxwIpiL0vfeyJ3Ri8KKisZskBmvmog/+GSyaCeNsFMU9gziRx\nXfvdzd9P0dC9FfSigm/uQ2FHSWaVASwZ4MKg7zozsDHrAHZPdwfelmyB4cntOaYU\nIQ7YMDs41bCU+CBwPLNc54Y9gC+HbfBehM3Zt8Xf4CiQ7/1yK0pttiLaQQ==\n-----END CERTIFICATE-----\n", + "key": "-----BEGIN PRIVATE KEY-----\nMIIJQwIBADANBgkqhkiG9w0BAQEFAASCCS0wggkpAgEAAoICAQD48qS/ml/a0OoI\n6lpHbGLm0fKFZN1XC+K2+MztAbbVNMomtJgfogWMdEo3NmAXk6T+o9id0x25rVPP\nhYekPRpqdHoCYhJUjcs1WXC2kXgovtj/a2K1oKs/S/EMywdoTgYUN05/4i+H5IlN\nJT/r3iPx7rZs2F0IXtIFnTLYqea1ZjscLqTed3YbqTgFuHDgdOXARIptt5phtoOS\niD2dUKINhcrTli4HFS1+UMkVMJElpjw82hQP3OAR86RdMuAfRn/6Y5FLwGBdrg+u\nAmS/3cZOfvvQ5R+5Q/A3+SH95Z3urHMZSi3rOG9Wnr4A9siTUhEJxQXczxoeo15h\n5KWlkGzGPFs23Ptx1lCH2L6vWDEF02ZJ/QPpRfH05znmOYG6ZmMv9GWvXtU/mHT+\nWdnSPZz4upFnIoiJE/Wzi+P3LxWBWajKKm5qIl1tF+Z7O3Wo3raOt0U/0g6LNBTa\nqcFcpXLBHrEDN5zwFoD9h+C+XDmLdDgwGPx00OIF/eNks3kvftKbRgnce6cs5+De\nuV7WW03/zap9GVsMuWgHto9jwNf11FCe1SOV/VWx+9W5ErZjMAcEpIo5Hi3iMLOB\n3t+jMJuWUEj6J3eBjEIu0b4cNVYrtI61vkft1c72Galv7nFIWPCv70IeI1o7SAxP\nK8sTsXtVHqk4StoVUAv+1e6rigV15QIDAQABAoICAQCEecL3/zOBIulXwzY1idT7\nlb+kAq/SkY2c5rtOaDoeLRBiFnpZYwPm4T9ZMENkaHpF03UDT4Qi+bx+00UCPk3f\nVopS2FN+0VHQ2v6i+LhjnmOlUETf+FcIwOXOdABGHjcX7PKGFRxMCW6TMf5ZCwY/\nyVMkiuK/AI5s1GFpcMhHwdY0whGUHSgpwhwA10yh9TMJ5K9xgWHTG6fag0ueenky\nDv+HJwTpWfiynlTTRNwIl/S4QSip5FUM2IWf3uHrYr3ZxcBc+kuNroHDjJyGiYLs\n5KAmYrdGBIRBlP7kuJsZloVNcO8MnCSLiL/9jVXhJ6vPchwTi9YPdcpU97K6byei\nLWlrtwRd1tLzgH3bBkJ+BhAzKiCwd8jYaBuAK3jFK7r9mjy1niBAbLhsbc6KZrK9\nRQUegurjmpyoi5k2WyApgWs3cMCXje/0vuDPvMwv3+vWXsrlL8dGwsTsMaLrwbxX\nE6KXYz9uO1wL+Jy4cOp2WOGle1cCHrewEYB/VGs0TBTNSz8O6ebR9g4ucFwnFq/7\nd9mRRDef5+hF7vwaeG3FGDgXJcqf99TFpj1rXukIrVxhjVX+hNvegn4UhZ/FJWum\nEtP5MOs+hzq3+bgAlSyeaNqqPmM6r+R7Zl/OrB3PXmdrYStTP3NRTq3hrBIGDeVz\nqaRH8eBwAFPud0A6hPv0AQKCAQEA/9yTXvaugYTk0uvVckwBQoFgzaRIJXV5tpui\nKsY1Pxn6OfsKqTVvfW73yYErwglDK3rGrLY5jDk69BSywdhW9vQl/q290xMJyGeb\n3EsYEdlSvP//npgM7UJVVyfV6bhUY3CiMt1pjyFkdriiKh5kEXB+wT96oyxHRzLP\ng224DS2NGOfkW9VMLzTtJ/W8bfO2QG9FULnEgaSbWRzLgKaz3CH1DQOXKiJdBCBm\nVbprVt7hz7K3a4B8xuANddt4YnUfiYod0LabMClt/7yE/dGw/fX7UyHKzrxPAVt5\nBE9PaW7a8UUtp+i/oi6aqibw2JBMxeGgNse+owFVCMDYTKc65QKCAQEA+RUcVBEp\nhFdnqCf9Zzc8mWwVpOGh9dIqXS7fJ7wUpFSKieaiBEdZNi8771jn3OGzyMgpB66D\nuY/GCm7wL0RAeek3CjaxAPazgbj5tlt4b7NeiDY7diIcOM3nZR5z2yb2eAPR1f2Q\nW/luLdD2m5FZQxV0kiDXZrmbjv7bE8Pn9uGn4tRdQTL0+2kTSywbEs2r6IZefePL\nIbuzx2SQTe6cA/Zhgg3hfS+5ZJbmUQvqLWc+NMr4WdUXQ4TYXjV7fZyc8YaQ9cZj\nIzD5sPtA7Y96fVUx4oRJGhdCqcqxqFJSGz5QzrIDBqT4lzLFh4Xr9KWUe88XfICM\nvY7rKtTUogKfAQKCAQAfKpAs/iFtl3GEG8QJQybYIghXpE5BedjUnIqZaUFtKU3o\nqCK5T8//2HeIbRqWbShocHEo8p157jK3LppDsIWPWVgTeLhpsKT9a1l58Q/ChNVm\nPky11dGlSPI6Rpjw+koVPtATIBNOowOozn66YK9RzIE0KvZWT/tyuca7PK8xs72/\nLegMI6Q/D9RfjLhiMFCf8q3f0nEUVaeyqCZFyoiYJO7Dog9Uy5DHAudUQ/v1PfsF\noMBk8ObCFuKs24oDfD7WMyPEm6m1qSZEA4Ozo0pK9R6jFresjRWWlbzdAIgs0JsM\nzp9sF5bYO5MNbObjilg/tmccpSIcmvnvsgXm+GvdAoIBAQCEPz0nNWWBqpaSpYjZ\ngG5gVw622EWRquBrUTOSeT3MckaMKTPkaa1oI3QDBIU2tW8rL3r5ZSLzJu7TI0vL\nDMXe9IAQoDEifdmZCokq1S4AwI90arbvZfTuBATTn3OL7Af4eK60m0hGTQy+rrAA\nsQ9fmsilvWIgXHPHXHEc8Wr7nZvxxycsMs33njZsNyK4vRKFBrKszIFRi8NMHoyv\nk/yp7eqfjpcmTGx2h9gJN/ZB3QseJJXvvD/5zVLD0kmay8hYREY69/Yy/RHVcdFr\nUD6MxOsThYD6pVbzp3bkE7EcXd2xoLoSkQyb2o0eA3DgF/naMn4Z0HbpPjSGLTIo\nQpQBAoIBAF8VekmSHpdQ83n5e+qh11niQqAMgUGTx+ysZLJpBOd7mCXF2x1CTj5X\n1G1QKK35H5Pfk12n7qQ+Kokqxs4l1oD31EIkpWbKVW4KUkWIaA5QAWSwjfKb+WyP\npHyCA0O+67JBqSeJa5+VIVaxtpXCDKc6L3Vp+dkx0zzcb0jFTcyIQWGea3JtB29Z\nvsOs4wVJtWTr0yiwhOS0rq/jnhjEcdfUWqvkt6nZ5djGIi7WP6biT3DTriV+1TSP\nlD5H04K2KGKYeYJeQoeGicOKBU77fmth/IlceEv3HiIrNaP1/xHZSGjdCbhPi8q8\nK/noZDwAYuMSlWygyJgv+nGkI4P1BV4=\n-----END PRIVATE KEY-----\n" + }, + "immutable": null, + "kind": null, + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:42+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:data": { + ".": {}, + "f:cert": {}, + "f:key": {} + }, + "f:type": {} + }, + "manager": "manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:42+00:00" + } + ], + "name": "test-cluster-ca-keystore", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1356", + "self_link": null, + "uid": "092210cd-012b-4880-8be0-31892909c652" + }, + "string_data": null, + "type": "Opaque" + }, + "test-cluster-keystore": { + "api_version": null, + "data": { + "node-keystore.jks": "/u3+7QAAAAIAAAACAAAAAQAhdGVzdC1jbHVzdGVyLmNhc3Mtb3BlcmF0b3IuY2Fzc2RjAAABjeborQAAAAmHMIIJgzAOBgorBgEEASoCEQEBBQAEgglv9f5XKDWJsPMHaGZN9azx/zCVpVkEHO1IR+xJaay0NjuPlDn3Ffjy7zqOyTV/s+xIFNJJKokZPeJl4QGfxG1Odb8CCgVFnO9Msugy3DbrIDaIAmH0d4Sl9MyTxuGJxLX0ZhCqlBwwYjHIG3W1r+sQ1nz1nyjErTwmmbkF5Mgnqqt4YE9Zvyn2eTakG1FNXX+8M3c8wZyzrgKModYK+n5DPu70UkM9OSzWCA6tFige34NGkbCKm04Adjix6OP6xkAzG+KOrF7Pd7dVRUsdaRbEXsgq1sjzI0DCqo2RnTQc0O3FuzoP1rxywO2wSS8UYs/bX7CZXivnaoIVmPDuzzboiGUgpIiTMjOyzGDWkecIc7XU+aDJWEsKh2Ws98qflPMkU5DxQmtG1SQAjmNsz2irBJSnjOQf/4iEu/QA0GjL/4CAKukX2U8GbbAxYjVW0n/aH6fLHLWkmViqVFjkOX7wBV3bU7CU1cSBGz8Vqo27lgBQpHgKURnvxV9wIYHdLOD6ZOPAIfEErQpqkHApQSt1RhtQV/eI4BXig+z2B+XAY/re41wrwEkgAxklFg/5pK2T9ZnIxxB9py9kaBbg+WSc7acVuFAhI7IdTXNb4kVxNdEV0rxwCP1zZOZn3dClq1MtwiZB9/t+oAGfT5K2kxpRPTAck8NRKxQvsNgFrIqjLe6zJgTWKGUWe9Y1PWvBz5P6+gCv76SGUg7cm85HmhLJBIpElORGIK5O7GcrCqseZDqi/SsoW/e2m3+VWQRjPPexslcVnRVkIN+djPp22UVyAh1ebd1YlgioIVMkvCyuYKgQlV48VvfkPhY/iNtfy8+dH0mwVT1eHw6C6Dt89Cp5XOYNesBcAqOdIZmPNfWZyQa2BwnT8TjQeV6ojxx5WB2fMMruXDLTB0a9vTH5Wd041dJNm64KbtJCGsa9zsm6zePvvU0/K6FxBYAqTGAlzzju5M3oUh0MPgcAKptRbAlPl3C2b3yS5ydnfFX6UKu78ph46XP9MiGw6Rti+YOK5QQOTPzcPvaLsu27LMdYR9nO9epZDHoD1HfLNci3TVBQY/1AbyCArpAz6lgvCPZ9o+JuI890X/mH4LDRO2+1DwTaPb/QcaV9bng9Lw0pcdnbUezIR/xFIW+58tmg+gqe8EaplRa7yaGVitDhTQF2Kq2wl9dqTVzgDGqNcuBCpT6BAAQKv9jeMb3KCqXFwzGPJLCzsN26vz/R5GnSIADSsnxWf1egqr1wKdSG9BnFkoIuC55PvEMVrUKKpVbT0Jmk8/8F3umhSUGh/MNtUN4eqClm8VhZovXpj+bRvY4RQ+NtVStA7HhdO7Tj7lDY9pVlKKnRkEok2h/2r1WE0H/aSFxzU2v4xyy3hEDGMXga9CTIxTGHDEUwDC3SEHzCIYIyL3zur5dFM5W2RYAggNwWyXIn7z6ux0M72tpkdCLNCBH86qE1fnAoqRaj/ZWl54WU9qQqEcKeZjy8yF4CSdtSuVOdvYI/AU8py2lRYUDUl+hSemPUTpv2SYRhqGxCw39Db8mUoLZjKs2/wANf/uV5JWj7hif9T8w1AwxHUXTgu+IurmmWCuqBkEXiuekpNpNi/SMxhmyE/0OOXAGGViKa8ionEPek1GFXGSTnEg28IMakDxn1sw0b7pbMBazq2MGI3z8GbUvTmKA+qAK7dSjCIN/UyEBVt88FJOGZFngAEHJtf/YgYgN2OiMqwvrEpR6vjOAAwrdpgSl2rR2UOSG6XA7204qr8lM6oabNUC1Dj9OtrCjHtE4RFwlb+aOK8XHkxDKievVBI453h8tjcAiEQpm4qVFP9WyiHvpJ+Z4QTp9GfQP6etYC2b0u/UtUgrhTWgceAk9SrfYdNaOxLdHCKKXernC42MZar6fLNa2Dicm9x4ElI1p44x/pgrgQsvz0IbtpHgradj/D+e+3awJnYVRYnayH5JkWlow9gi3/hUEq5Eat577z5PlFrEEwq2CMPNNzzV2bsfJjBs/7oHsv7VEZYF+OJ97mEMDftgfGts1gkeG4HyA4dAmA8sxIsfT2ukLtGLvqUtafQSRqHwOWPfVznU7ddi9ApbIty9VjJ/NUKicr01M7E5Ba8CXcKixrwRDjR+cvn3fzcFtAewIjK1z60LLD47q+2gBNtz78O2gi/oqKJOtw3mGWSsFLAOmGgzDf9EO32atVQZw1uNceC2+beP9CsI/26bxH0/U3zxXLuYrdDGxEwSgRY+CWRAMyz7czva2QVMUXfVq1gTEz0ZauZfdaGEizDexoFM+sXH52ZGjXeI+jhQGIjPtdJ5cTCgzcOpwjoHDFXxHzVH5QBk3TJOnB6B1X7PtcrmgexOq0IL7g7qQ5zZlgpwc9Dm6Rbe0Iqo+N6XN8QR78qdrht5/PJs94RzwjuHyHYBbzFASBogR52Cemg+/NkHfb3Ct63roTJyzjdzT+Tk6jQXXSdvvffVcAnOTDkTC1v/TaHTrbT10P5frX0n9UZ9XFbdfQG6ad64px8DbLKs9b4utbvyB3CrE5UGrEyFIWc2FnN+OqAMj2f5RkxEoelwRlIKZZDDFIUbLnz4RZ6feZ5VW9Of/YddGOH4KkMiELY4Ufw5xl//7v53MoKB4NU/LVCxF+m7CdKCsNEYZ3hGzrlpeh54EB1VkiG2Y5t6gy2UCcGCWJSbdi9/sHsWkANt3yPpz0J4FIUtnF17xFWMYSt528Xn6bIpQaIEmLZzM+6c7QaOzISMWKmtosuUdH0xK5F3T/4EoHVZnDEOnsHc0qvY0gfyxkxPq0TWFM2dGDzbk6EZwXLV0wiYa+sZO4JYvRPpzrjER7W4xgPgrGbJHXml9EsbXTXILV8A2ywtoOFDt9Fws8deZrQWuNwhMcp70/Uh1RMhZIyIuJ9WJZV80YSzdr2K8C7pVDPfimhTZ9fMgstMe/vQanfMIDgFA332j4X3XUuCRq/hAJ9+mzyt+RqVt+BKlhsbUmKkc34FZNGy8nAN7dLawLdJ/yFPavH6NKWuAO9GajgavBlFyRIlICDwf5zhKOKqDXLjzS+1lDRktwWQHWLQ3P5NuO9U4uLTvFu9z4PvKwqmoXc95BGHc5c8NgkQsb4EMv7T9Ln+fd2ztI6s+/VAlGbvlk9i9KQjjKJtDCMX90AFOQ9f3HlltDj6ATn3wKipwTu2APB77oZYG7SuZtEkhpTBT+ORJXktkrnZrIUMptVWsI7z+ipZa7ko4ASoRNAAAAAgAEWDUwOQAABd0wggXZMIIDwaADAgECAhAMLNdBce6CO4Xx9KDqtCYPMA0GCSqGSIb3DQEBCwUAMGkxMjAwBgNVBAoTKUNhc3NhbmRyYSBLdWJlcm5ldGVzIE9wZXJhdG9yIEJ5IERhdGFzdGF4MTMwMQYDVQQDEyp0ZXN0LWNsdXN0ZXItY2Eta2V5c3RvcmUuY2Fzcy1vcGVyYXRvci5zdmMwHhcNMjQwMjI2MTkzMzQyWhcNMjUwMjI1MTkzMzQyWjBgMTIwMAYDVQQKEylDYXNzYW5kcmEgS3ViZXJuZXRlcyBPcGVyYXRvciBCeSBEYXRhc3RheDEqMCgGA1UEAxMhdGVzdC1jbHVzdGVyLmNhc3Mtb3BlcmF0b3IuY2Fzc2RjMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAtmr114IYH9WN6qSrBjSIuP3XP2m4vxpLw4Sl7u8bV19BeidSTiWYGa73fqAQ4uYSKfHWHrOdmy0s3C3A8FM1C7O3Z22yHIVlBVeBA2zN0Gl/E7m9+/qsviT5PwolT53MoqfOIQPV7BWsSdBe2QBJQmHsCj6dfPoWWqUab16dkq9mYLzBeANvu01R3YyJrKPk/Sg4s3kPryOcrH2B6si384ZnVCkupDp+S98rOotw5pW9wzpFGX4/Z1X8uq6o0FTVdL+K9y1i+ZroUaYbRDpwTc6lTVUN5CHCjFXuyavBYy1Rb9ugSehhBOCVtZkXNzln6RGVrG9Ae77vfaZlaK2vM4rDSC9oOQ67IYAQBvjuwea5zpR4NloJ29hgStjClHrXqzt6YjKEiC/JJB7E+S+ebqVw+1yEF5XhQ0mPo4prPA5eC7XWmarNTABvDYdid/95CwN263bLSQwjAWe9IM0M7sKg/9M6ibkBR6prc7CkaFSyiKdBKUSivwpCdnmpCdaQNjpgTEKMx28iJKQuK0jZZtfN/FiaVIuCIVU/1sgQpgX5RcG6V/Op0zeduoR+AryXYnAGCVQPYlZJ4hVKGiSvf6kXGtOLOOtsWebGVgjOANpdZqu97Jb8tW9xT5Ao7SiuXoY6oa4nneB9zQoG/YcgGfuuxz+jX6uMjRP1JAifF3sCAwEAAaOBhTCBgjAOBgNVHQ8BAf8EBAMCBaAwEwYDVR0lBAwwCgYIKwYBBQUHAwEwDAYDVR0TAQH/BAIwADAfBgNVHSMEGDAWgBSooaaZVk47wdd2FUf/qySFww8kpTAsBgNVHREEJTAjgiF0ZXN0LWNsdXN0ZXIuY2Fzcy1vcGVyYXRvci5jYXNzZGMwDQYJKoZIhvcNAQELBQADggIBAF5sL8ARkf7L5VIZY0J4LInw3Ete126ljRPIF7MfuRJfzWyqrzeCNIdMKkW58OzVjJ8dhOFhf8wCZTJbrNmIvnOYo0CJgPq6Ko5Ie9o6BthSx9S8BgoFFO6F89FPOPjAMf9rUMHJef/E5uPC4WaxfTlkxzbbxuyZe2do2RtXkY5MmkQka4hqpptb4uc13ZtDqc9lP9fehB5dSplIyVbTc8JH/CSZnj9E6gSYKQSUgZAWtLPHduB+SDxLJ1Rz6iQiJrrjiy7RXgkRYzyDZGejh9lUh7F+kE9+9k9r8/8tBjbIFo91kZTcm5wxdZhhXQmIiGWaOFacaqJ+TVhR+vwWc/VRVghmzMe0Xp1tmXOqsZE6H7P8sAdpkWou82/nhlPf/nq4VPy2JtR63cmFHM03RlUDviSsdJhN/yINdxXNV8iqfvsVzzuXZ8OHF/1lV61+iMZkz6HAeh07Ojk4zLpOJzOn756BfOjilUVkWx2pDMHsObW/YhW1wckbjyIuBtqqAnSHl68AUjojyhwJoQr2erZtSKSL96T6naDJFJaSjYvxDg748hyLXx2sc1dwU3hXzoqiQyrBedviY6kqZuv4eKxFas0nBvctmiDO/fTV0sB8PXOMryHDdYQgQKnKmECOj/clALF+r48a3i89vLN6VcsC2QHgrPQZauZqi87ArHVkAARYNTA5AAAF+zCCBfcwggPfoAMCAQICEF9fv5nBHzCQQ8kVfLHlFgIwDQYJKoZIhvcNAQELBQAwaTEyMDAGA1UEChMpQ2Fzc2FuZHJhIEt1YmVybmV0ZXMgT3BlcmF0b3IgQnkgRGF0YXN0YXgxMzAxBgNVBAMTKnRlc3QtY2x1c3Rlci1jYS1rZXlzdG9yZS5jYXNzLW9wZXJhdG9yLnN2YzAeFw0yNDAyMjYxOTMzMzBaFw0yNTAyMjUxOTMzMzBaMGkxMjAwBgNVBAoTKUNhc3NhbmRyYSBLdWJlcm5ldGVzIE9wZXJhdG9yIEJ5IERhdGFzdGF4MTMwMQYDVQQDEyp0ZXN0LWNsdXN0ZXItY2Eta2V5c3RvcmUuY2Fzcy1vcGVyYXRvci5zdmMwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQD48qS/ml/a0OoI6lpHbGLm0fKFZN1XC+K2+MztAbbVNMomtJgfogWMdEo3NmAXk6T+o9id0x25rVPPhYekPRpqdHoCYhJUjcs1WXC2kXgovtj/a2K1oKs/S/EMywdoTgYUN05/4i+H5IlNJT/r3iPx7rZs2F0IXtIFnTLYqea1ZjscLqTed3YbqTgFuHDgdOXARIptt5phtoOSiD2dUKINhcrTli4HFS1+UMkVMJElpjw82hQP3OAR86RdMuAfRn/6Y5FLwGBdrg+uAmS/3cZOfvvQ5R+5Q/A3+SH95Z3urHMZSi3rOG9Wnr4A9siTUhEJxQXczxoeo15h5KWlkGzGPFs23Ptx1lCH2L6vWDEF02ZJ/QPpRfH05znmOYG6ZmMv9GWvXtU/mHT+WdnSPZz4upFnIoiJE/Wzi+P3LxWBWajKKm5qIl1tF+Z7O3Wo3raOt0U/0g6LNBTaqcFcpXLBHrEDN5zwFoD9h+C+XDmLdDgwGPx00OIF/eNks3kvftKbRgnce6cs5+DeuV7WW03/zap9GVsMuWgHto9jwNf11FCe1SOV/VWx+9W5ErZjMAcEpIo5Hi3iMLOB3t+jMJuWUEj6J3eBjEIu0b4cNVYrtI61vkft1c72Galv7nFIWPCv70IeI1o7SAxPK8sTsXtVHqk4StoVUAv+1e6rigV15QIDAQABo4GaMIGXMA4GA1UdDwEB/wQEAwICpDATBgNVHSUEDDAKBggrBgEFBQcDATAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBSooaaZVk47wdd2FUf/qySFww8kpTBABgNVHREEOTA3gjVjYXNzYW5kcmFkYXRhY2VudGVyLXdlYmhvb2stc2VydmljZS5jYXNzLW9wZXJhdG9yLnN2YzANBgkqhkiG9w0BAQsFAAOCAgEAeZqyQQiVtWMx0n3u4eDh726iVYiHBA34Xc+N/uLUYXktfrei6e/CwE+xMbFc23u3XvqiYEFWhvEcF00tJhpqMK6m9cUbyDOp2LzT+Tbqy+zvfPIMEKWRaycMxn7Z6kLq0wERj0xbSJJuoEiTVx9ha/mpjvAj0075Lx9kbdVTB27JyPPzdEw7CrOKIWGEH1D6fhf4U+hD6UlETDhmtM7GmFeaGZ71Z8Uj5/NBwYVwTQTgNA4e2cKlwogJtS+ucwfByHvXx8U0TBXO3J1Tqpwgw0q37t8kb4+h3Bqo1/PfXvUg5JVukabqb0YSXmVt2vV6B+aDM2HH3UChZk8IRq9/UzAn3U2zRMhkJhLSYqi3oHXQWBrg5tSjsrOHE7mpoaF6PDaEDf6faFcwgalWrL9XxEdNX1/g6Dd5VlFS/V2pas79SmXfMHCQfVSS9nH1oO/wyPGXEpPyJcxHp4JQee/CoOb0woHAjKWG485CRl21g+PWf42dqcadEbSiziFtHHcxE8cCKYi9L33sid0YvCiorGbJAZr5qIP/hksmgnjbBTFPYM4kcV373c3fT9HQvRX0ooJv7kNhR0lmlQEsGeDCoO86M7Ax6wB2T3cH3pZsgeHJ7TmmFCEO2DA7ONWwlPggcDyzXOeGPYAvh23wXoTN2bfF3+AokO/9citKbbYi2kEAAAACAAJjYQAAAY3m6K0AAARYNTA5AAAF+zCCBfcwggPfoAMCAQICEF9fv5nBHzCQQ8kVfLHlFgIwDQYJKoZIhvcNAQELBQAwaTEyMDAGA1UEChMpQ2Fzc2FuZHJhIEt1YmVybmV0ZXMgT3BlcmF0b3IgQnkgRGF0YXN0YXgxMzAxBgNVBAMTKnRlc3QtY2x1c3Rlci1jYS1rZXlzdG9yZS5jYXNzLW9wZXJhdG9yLnN2YzAeFw0yNDAyMjYxOTMzMzBaFw0yNTAyMjUxOTMzMzBaMGkxMjAwBgNVBAoTKUNhc3NhbmRyYSBLdWJlcm5ldGVzIE9wZXJhdG9yIEJ5IERhdGFzdGF4MTMwMQYDVQQDEyp0ZXN0LWNsdXN0ZXItY2Eta2V5c3RvcmUuY2Fzcy1vcGVyYXRvci5zdmMwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQD48qS/ml/a0OoI6lpHbGLm0fKFZN1XC+K2+MztAbbVNMomtJgfogWMdEo3NmAXk6T+o9id0x25rVPPhYekPRpqdHoCYhJUjcs1WXC2kXgovtj/a2K1oKs/S/EMywdoTgYUN05/4i+H5IlNJT/r3iPx7rZs2F0IXtIFnTLYqea1ZjscLqTed3YbqTgFuHDgdOXARIptt5phtoOSiD2dUKINhcrTli4HFS1+UMkVMJElpjw82hQP3OAR86RdMuAfRn/6Y5FLwGBdrg+uAmS/3cZOfvvQ5R+5Q/A3+SH95Z3urHMZSi3rOG9Wnr4A9siTUhEJxQXczxoeo15h5KWlkGzGPFs23Ptx1lCH2L6vWDEF02ZJ/QPpRfH05znmOYG6ZmMv9GWvXtU/mHT+WdnSPZz4upFnIoiJE/Wzi+P3LxWBWajKKm5qIl1tF+Z7O3Wo3raOt0U/0g6LNBTaqcFcpXLBHrEDN5zwFoD9h+C+XDmLdDgwGPx00OIF/eNks3kvftKbRgnce6cs5+DeuV7WW03/zap9GVsMuWgHto9jwNf11FCe1SOV/VWx+9W5ErZjMAcEpIo5Hi3iMLOB3t+jMJuWUEj6J3eBjEIu0b4cNVYrtI61vkft1c72Galv7nFIWPCv70IeI1o7SAxPK8sTsXtVHqk4StoVUAv+1e6rigV15QIDAQABo4GaMIGXMA4GA1UdDwEB/wQEAwICpDATBgNVHSUEDDAKBggrBgEFBQcDATAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBSooaaZVk47wdd2FUf/qySFww8kpTBABgNVHREEOTA3gjVjYXNzYW5kcmFkYXRhY2VudGVyLXdlYmhvb2stc2VydmljZS5jYXNzLW9wZXJhdG9yLnN2YzANBgkqhkiG9w0BAQsFAAOCAgEAeZqyQQiVtWMx0n3u4eDh726iVYiHBA34Xc+N/uLUYXktfrei6e/CwE+xMbFc23u3XvqiYEFWhvEcF00tJhpqMK6m9cUbyDOp2LzT+Tbqy+zvfPIMEKWRaycMxn7Z6kLq0wERj0xbSJJuoEiTVx9ha/mpjvAj0075Lx9kbdVTB27JyPPzdEw7CrOKIWGEH1D6fhf4U+hD6UlETDhmtM7GmFeaGZ71Z8Uj5/NBwYVwTQTgNA4e2cKlwogJtS+ucwfByHvXx8U0TBXO3J1Tqpwgw0q37t8kb4+h3Bqo1/PfXvUg5JVukabqb0YSXmVt2vV6B+aDM2HH3UChZk8IRq9/UzAn3U2zRMhkJhLSYqi3oHXQWBrg5tSjsrOHE7mpoaF6PDaEDf6faFcwgalWrL9XxEdNX1/g6Dd5VlFS/V2pas79SmXfMHCQfVSS9nH1oO/wyPGXEpPyJcxHp4JQee/CoOb0woHAjKWG485CRl21g+PWf42dqcadEbSiziFtHHcxE8cCKYi9L33sid0YvCiorGbJAZr5qIP/hksmgnjbBTFPYM4kcV373c3fT9HQvRX0ooJv7kNhR0lmlQEsGeDCoO86M7Ax6wB2T3cH3pZsgeHJ7TmmFCEO2DA7ONWwlPggcDyzXOeGPYAvh23wXoTN2bfF3+AokO/9citKbbYi2kERsiTgKA05ZI/7bOerd7z0t94fLg==" + }, + "immutable": null, + "kind": null, + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:44+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:data": { + ".": {}, + "f:node-keystore.jks": {} + }, + "f:type": {} + }, + "manager": "manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:44+00:00" + } + ], + "name": "test-cluster-keystore", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1365", + "self_link": null, + "uid": "709ecc89-6979-4106-9453-c2705d2de5f3" + }, + "string_data": null, + "type": "Opaque" + }, + "webhook-server-cert": { + "api_version": null, + "data": { + "ca.crt": "-----BEGIN CERTIFICATE-----\nMIIDKzCCAhOgAwIBAgIRAOO104KqbTj3LO7fzPyTnd4wDQYJKoZIhvcNAQELBQAw\nADAeFw0yNDAyMjYxOTMyNDlaFw0yNDA1MjYxOTMyNDlaMAAwggEiMA0GCSqGSIb3\nDQEBAQUAA4IBDwAwggEKAoIBAQDU6NBYegOBz49CnCtwkfFrsg/xqOLtVvpKgiLT\np7coBseJydpxoepKDaNKqjcl9dzq9ckpRrNFjwqYbOo5qB/z84npvoqEZzdEFRCy\n17+liPLqzW7S6Hpy7Gciq6ytkl/UwZ2MN244alGyN4Jv/2yJ+9X5N7R2f2V2Iyg2\nz9XIjmQxJOoc28KbC9y4TXHNz1Yxpg+d1W+RhIvtSbWm6Fj9brpF854kPjSIsLI5\n11DmLO6aLXcmiiKd+wbuvv2fubus333sqQbKaIeHNPZpCoPfp54lgOcG8eN+sNpf\n9rcgJzND8ZJ0Q75EFSkdLZ71wZLchYxGiRhIEThKaAkJHs8DAgMBAAGjgZ8wgZww\nDgYDVR0PAQH/BAQDAgWgMAwGA1UdEwEB/wQCMAAwfAYDVR0RAQH/BHIwcIIvY2Fz\ncy1vcGVyYXRvci13ZWJob29rLXNlcnZpY2UuY2Fzcy1vcGVyYXRvci5zdmOCPWNh\nc3Mtb3BlcmF0b3Itd2ViaG9vay1zZXJ2aWNlLmNhc3Mtb3BlcmF0b3Iuc3ZjLmNs\ndXN0ZXIubG9jYWwwDQYJKoZIhvcNAQELBQADggEBAHfVgQEXhr9+w2lxRydmNqBu\nbOEhAB87lzlO3blIUUpQW6htBUV/Iu/eCysoSF/hTV5iI4hIvCWCwClPZ0FMEi9b\n+u1qqo589DqS0EjJZ617ODY9lidjUXUjTt/mXd9R+IvwkjKEcvQkolPARNzy/EtM\n7gdTZTXghmu58q3kWeebV86lfSivhpqY6RzqZbe/w1S100Uv68tdeEeb31YXf2fU\nUBZ3ddIiKcl7YGMIN/712ujhiKuCh0K7WnSH3Z9yVYW8ce8RLRuMqAywvzY2GYy6\ndTzvQwrosLw3jrObz1Y8E+5FkRGyRwvY3N52Vlr7H8QVrRsAMLcD4H4U0P/kvmQ=\n-----END CERTIFICATE-----\n", + "tls.crt": "-----BEGIN CERTIFICATE-----\nMIIDKzCCAhOgAwIBAgIRAOO104KqbTj3LO7fzPyTnd4wDQYJKoZIhvcNAQELBQAw\nADAeFw0yNDAyMjYxOTMyNDlaFw0yNDA1MjYxOTMyNDlaMAAwggEiMA0GCSqGSIb3\nDQEBAQUAA4IBDwAwggEKAoIBAQDU6NBYegOBz49CnCtwkfFrsg/xqOLtVvpKgiLT\np7coBseJydpxoepKDaNKqjcl9dzq9ckpRrNFjwqYbOo5qB/z84npvoqEZzdEFRCy\n17+liPLqzW7S6Hpy7Gciq6ytkl/UwZ2MN244alGyN4Jv/2yJ+9X5N7R2f2V2Iyg2\nz9XIjmQxJOoc28KbC9y4TXHNz1Yxpg+d1W+RhIvtSbWm6Fj9brpF854kPjSIsLI5\n11DmLO6aLXcmiiKd+wbuvv2fubus333sqQbKaIeHNPZpCoPfp54lgOcG8eN+sNpf\n9rcgJzND8ZJ0Q75EFSkdLZ71wZLchYxGiRhIEThKaAkJHs8DAgMBAAGjgZ8wgZww\nDgYDVR0PAQH/BAQDAgWgMAwGA1UdEwEB/wQCMAAwfAYDVR0RAQH/BHIwcIIvY2Fz\ncy1vcGVyYXRvci13ZWJob29rLXNlcnZpY2UuY2Fzcy1vcGVyYXRvci5zdmOCPWNh\nc3Mtb3BlcmF0b3Itd2ViaG9vay1zZXJ2aWNlLmNhc3Mtb3BlcmF0b3Iuc3ZjLmNs\ndXN0ZXIubG9jYWwwDQYJKoZIhvcNAQELBQADggEBAHfVgQEXhr9+w2lxRydmNqBu\nbOEhAB87lzlO3blIUUpQW6htBUV/Iu/eCysoSF/hTV5iI4hIvCWCwClPZ0FMEi9b\n+u1qqo589DqS0EjJZ617ODY9lidjUXUjTt/mXd9R+IvwkjKEcvQkolPARNzy/EtM\n7gdTZTXghmu58q3kWeebV86lfSivhpqY6RzqZbe/w1S100Uv68tdeEeb31YXf2fU\nUBZ3ddIiKcl7YGMIN/712ujhiKuCh0K7WnSH3Z9yVYW8ce8RLRuMqAywvzY2GYy6\ndTzvQwrosLw3jrObz1Y8E+5FkRGyRwvY3N52Vlr7H8QVrRsAMLcD4H4U0P/kvmQ=\n-----END CERTIFICATE-----\n", + "tls.key": "-----BEGIN RSA PRIVATE KEY-----\nMIIEowIBAAKCAQEA1OjQWHoDgc+PQpwrcJHxa7IP8aji7Vb6SoIi06e3KAbHicna\ncaHqSg2jSqo3JfXc6vXJKUazRY8KmGzqOagf8/OJ6b6KhGc3RBUQste/pYjy6s1u\n0uh6cuxnIqusrZJf1MGdjDduOGpRsjeCb/9sifvV+Te0dn9ldiMoNs/VyI5kMSTq\nHNvCmwvcuE1xzc9WMaYPndVvkYSL7Um1puhY/W66RfOeJD40iLCyOddQ5izumi13\nJooinfsG7r79n7m7rN997KkGymiHhzT2aQqD36eeJYDnBvHjfrDaX/a3ICczQ/GS\ndEO+RBUpHS2e9cGS3IWMRokYSBE4SmgJCR7PAwIDAQABAoIBAEW0MwHEcIF/Qpe8\nKTyhiziHA1FKyYCKiUb7dAt3TS99iLZDr5CkQeActukq8QMsizchYMpyqx6Kxh1B\nCy31LQDhKrWr/A18/Ur82oqyt7uqKl1VBINoOS6G1v0y10W8NkOhX8MYIq21oSmH\notyn8xD5sgP1iM+CxeT3faL0SDlwS8ZhgyDeU0YzW8BsXwID8HQHjL/O2U+kst2d\nhdieDLl/6wuoqrq6rw33aSrfE2VWNWculaZ7MMq0DAOkoih4SAhSXjUc0bDXxXS8\nDZC0pGHJXeb62yr420qoq0XJbzLDFA2VOMLd9AEh977MxHSaCTRZA65vY6EicZQA\napYc0wECgYEA4VlZ8AJvA8V6tnz9RpnGzIj/scEDUu0JspM8w614dKvd1bH3ySsA\nbvWVKFfMFZhJ98FvniX2oVLuohYguJYjeO6w3CG8qEmka6PxUBwWVUQXrFcqGvM2\n/MnY8n0Cx6O3MwAtvxLq4hQrtoawmhbPHjc4q8TfiwkLeYBjV/yRftkCgYEA8d5Q\n4H5wtHi1lqDGudOXr1zEI1vSxEXQ6oFfLsyHTyJDJDOIpEDD2/92g45Ujw7GM2TQ\n+cbp5aMwAzQNfxs3YFNX+trT2jxPZHjp5ejlCkJwEUz+Yj9mENqYQ7qdx3ElqKH1\nxDPVDjbnbsK5Tik54Rj1665L/Cd4EDo+viS1SzsCgYAkFWifU+Ru2CpEGlN8AJei\nnLVEw0FDAA2zeHwcYSSOmg6Vbz/cCHSzT8OoiBZ3xsDhWSoEStPpFRx8+8oVhIT9\nkkrjlMterxwS2FeFmlnBIXwg7nwhgJxncfK5MWdGjGKDWh35IJBXzx8IxRx2L/zO\nO81pQ8b/vl0GAZbmudyaUQKBgQCinveB+YGN1htBy5fSGZJDNfwqSfLMRKTTB2kX\n7iyL6F18WanlxiXqJTlp+qigBy78Hyziw/s/ixkdDkKE06fH/EGLSNZoRWScCTA6\nhPx6iXEQMNRY+oeFjXQTFcY/8rN/TmYQJUl65S92KTaudsmTr1SpwecVAvSW9JJ7\nBfNfQQKBgBlQtuzoL63QXunf2MS9+gLbWejrJpD1gtFcx220aYmo4I5iWylQWuIz\nZPUEbqzhO1bSclQUvkMnNDRZas2w1HGbIhbeqhVKAN+vk4xo/kqStdAkLoyByMVv\nGAUehndHgd6d72Sg/PT4prhWAtVrpriQ6i0pP6l6GY7bmX+CO9R6\n-----END RSA PRIVATE KEY-----\n" + }, + "immutable": null, + "kind": null, + "metadata": { + "annotations": { + "cert-manager.io/alt-names": "cass-operator-webhook-service.cass-operator.svc,cass-operator-webhook-service.cass-operator.svc.cluster.local", + "cert-manager.io/certificate-name": "cass-operator-serving-cert", + "cert-manager.io/common-name": "", + "cert-manager.io/ip-sans": "", + "cert-manager.io/issuer-group": "", + "cert-manager.io/issuer-kind": "Issuer", + "cert-manager.io/issuer-name": "cass-operator-selfsigned-issuer", + "cert-manager.io/uri-sans": "" + }, + "creation_timestamp": "2024-02-26T19:32:49+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:data": { + "f:ca.crt": {}, + "f:tls.crt": {}, + "f:tls.key": {} + }, + "f:metadata": { + "f:annotations": { + "f:cert-manager.io/alt-names": {}, + "f:cert-manager.io/certificate-name": {}, + "f:cert-manager.io/common-name": {}, + "f:cert-manager.io/ip-sans": {}, + "f:cert-manager.io/issuer-group": {}, + "f:cert-manager.io/issuer-kind": {}, + "f:cert-manager.io/issuer-name": {}, + "f:cert-manager.io/uri-sans": {} + } + }, + "f:type": {} + }, + "manager": "controller", + "operation": "Apply", + "subresource": null, + "time": "2024-02-26T19:32:49+00:00" + } + ], + "name": "webhook-server-cert", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1001", + "self_link": null, + "uid": "095a3203-e6c8-49d3-bfc0-05dfd4d04e3c" + }, + "string_data": null, + "type": "kubernetes.io/tls" + } + }, + "endpoints": { + "cass-operator-webhook-service": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:32:48+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:subsets": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:33:09+00:00" + } + ], + "name": "cass-operator-webhook-service", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1121", + "self_link": null, + "uid": "e405ae61-fa76-478c-9ccf-bf8396a4c870" + }, + "subsets": [ + { + "addresses": [ + { + "hostname": null, + "ip": "10.244.3.3", + "node_name": "acto-0-cluster-0-worker3", + "target_ref": { + "api_version": null, + "field_path": null, + "kind": "Pod", + "name": "cass-operator-controller-manager-7f9b66678b-z6j64", + "namespace": "cass-operator", + "resource_version": "1110", + "uid": "cb769fc5-2138-4ed6-a67a-6809b9982242" + } + } + ], + "not_ready_addresses": null, + "ports": [ + { + "app_protocol": null, + "name": null, + "port": 9443, + "protocol": "TCP" + } + ] + } + ] + }, + "cluster1-seed-service": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:33:30+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": { + "ACTOKEY": "ACTOKEY", + "app.kubernetes.io/instance": "cassandra-cluster1", + "app.kubernetes.io/managed-by": "cass-operator", + "app.kubernetes.io/name": "cassandra", + "app.kubernetes.io/version": "3.11.7", + "cassandra.datastax.com/cluster": "cluster1", + "service.kubernetes.io/headless": "" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:labels": { + ".": {}, + "f:ACTOKEY": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {}, + "f:app.kubernetes.io/version": {}, + "f:cassandra.datastax.com/cluster": {}, + "f:service.kubernetes.io/headless": {} + } + }, + "f:subsets": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:37:15+00:00" + } + ], + "name": "cluster1-seed-service", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "2205", + "self_link": null, + "uid": "7cc8c8ac-fd3e-4931-a465-36e3fd454685" + }, + "subsets": [ + { + "addresses": [ + { + "hostname": null, + "ip": "10.244.1.4", + "node_name": "acto-0-cluster-0-worker2", + "target_ref": { + "api_version": null, + "field_path": null, + "kind": "Pod", + "name": "cluster1-test-cluster-default-sts-0", + "namespace": "cass-operator", + "resource_version": "1581", + "uid": "e5322c75-6c05-4e97-90b8-c11bb1c04973" + } + }, + { + "hostname": null, + "ip": "10.244.2.5", + "node_name": "acto-0-cluster-0-worker", + "target_ref": { + "api_version": null, + "field_path": null, + "kind": "Pod", + "name": "cluster1-test-cluster-default-sts-1", + "namespace": "cass-operator", + "resource_version": "1976", + "uid": "142b87e9-242a-4cad-aa89-7164a010c1b0" + } + }, + { + "hostname": null, + "ip": "10.244.3.5", + "node_name": "acto-0-cluster-0-worker3", + "target_ref": { + "api_version": null, + "field_path": null, + "kind": "Pod", + "name": "cluster1-test-cluster-default-sts-2", + "namespace": "cass-operator", + "resource_version": "1793", + "uid": "939bdbbf-0ce4-4888-b71e-12983ba5c9aa" + } + } + ], + "not_ready_addresses": null, + "ports": null + } + ] + }, + "cluster1-test-cluster-all-pods-service": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": { + "endpoints.kubernetes.io/last-change-trigger-time": "2024-02-26T19:36:14Z" + }, + "creation_timestamp": "2024-02-26T19:33:30+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": { + "app.kubernetes.io/instance": "cassandra-cluster1", + "app.kubernetes.io/managed-by": "cass-operator", + "app.kubernetes.io/name": "cassandra", + "app.kubernetes.io/version": "3.11.7", + "cassandra.datastax.com/cluster": "cluster1", + "cassandra.datastax.com/datacenter": "test-cluster", + "cassandra.datastax.com/prom-metrics": "true", + "service.kubernetes.io/headless": "" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + ".": {}, + "f:endpoints.kubernetes.io/last-change-trigger-time": {} + }, + "f:labels": { + ".": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {}, + "f:app.kubernetes.io/version": {}, + "f:cassandra.datastax.com/cluster": {}, + "f:cassandra.datastax.com/datacenter": {}, + "f:cassandra.datastax.com/prom-metrics": {}, + "f:service.kubernetes.io/headless": {} + } + }, + "f:subsets": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:34:23+00:00" + } + ], + "name": "cluster1-test-cluster-all-pods-service", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1968", + "self_link": null, + "uid": "187bdfe8-5ecd-47db-a200-44d84b6ba723" + }, + "subsets": [ + { + "addresses": [ + { + "hostname": "cluster1-test-cluster-default-sts-0", + "ip": "10.244.1.4", + "node_name": "acto-0-cluster-0-worker2", + "target_ref": { + "api_version": null, + "field_path": null, + "kind": "Pod", + "name": "cluster1-test-cluster-default-sts-0", + "namespace": "cass-operator", + "resource_version": "1581", + "uid": "e5322c75-6c05-4e97-90b8-c11bb1c04973" + } + }, + { + "hostname": "cluster1-test-cluster-default-sts-1", + "ip": "10.244.2.5", + "node_name": "acto-0-cluster-0-worker", + "target_ref": { + "api_version": null, + "field_path": null, + "kind": "Pod", + "name": "cluster1-test-cluster-default-sts-1", + "namespace": "cass-operator", + "resource_version": "1965", + "uid": "142b87e9-242a-4cad-aa89-7164a010c1b0" + } + }, + { + "hostname": "cluster1-test-cluster-default-sts-2", + "ip": "10.244.3.5", + "node_name": "acto-0-cluster-0-worker3", + "target_ref": { + "api_version": null, + "field_path": null, + "kind": "Pod", + "name": "cluster1-test-cluster-default-sts-2", + "namespace": "cass-operator", + "resource_version": "1793", + "uid": "939bdbbf-0ce4-4888-b71e-12983ba5c9aa" + } + } + ], + "not_ready_addresses": null, + "ports": [ + { + "app_protocol": null, + "name": "native", + "port": 9042, + "protocol": "TCP" + }, + { + "app_protocol": null, + "name": "mgmt-api", + "port": 8080, + "protocol": "TCP" + }, + { + "app_protocol": null, + "name": "prometheus", + "port": 9103, + "protocol": "TCP" + } + ] + } + ] + }, + "cluster1-test-cluster-service": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": { + "endpoints.kubernetes.io/last-change-trigger-time": "2024-02-26T19:36:14Z" + }, + "creation_timestamp": "2024-02-26T19:33:30+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": { + "app.kubernetes.io/instance": "cassandra-cluster1", + "app.kubernetes.io/managed-by": "cass-operator", + "app.kubernetes.io/name": "cassandra", + "app.kubernetes.io/version": "3.11.7", + "cassandra.datastax.com/cluster": "cluster1", + "cassandra.datastax.com/datacenter": "test-cluster", + "service.kubernetes.io/headless": "" + }, + "managed_fields": [ + { + "api_version": "v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:metadata": { + "f:annotations": { + ".": {}, + "f:endpoints.kubernetes.io/last-change-trigger-time": {} + }, + "f:labels": { + ".": {}, + "f:app.kubernetes.io/instance": {}, + "f:app.kubernetes.io/managed-by": {}, + "f:app.kubernetes.io/name": {}, + "f:app.kubernetes.io/version": {}, + "f:cassandra.datastax.com/cluster": {}, + "f:cassandra.datastax.com/datacenter": {}, + "f:service.kubernetes.io/headless": {} + } + }, + "f:subsets": {} + }, + "manager": "kube-controller-manager", + "operation": "Update", + "subresource": null, + "time": "2024-02-26T19:34:23+00:00" + } + ], + "name": "cluster1-test-cluster-service", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "1966", + "self_link": null, + "uid": "279f15dd-d046-4501-a5a5-365b12a8c9a8" + }, + "subsets": [ + { + "addresses": [ + { + "hostname": null, + "ip": "10.244.1.4", + "node_name": "acto-0-cluster-0-worker2", + "target_ref": { + "api_version": null, + "field_path": null, + "kind": "Pod", + "name": "cluster1-test-cluster-default-sts-0", + "namespace": "cass-operator", + "resource_version": "1581", + "uid": "e5322c75-6c05-4e97-90b8-c11bb1c04973" + } + }, + { + "hostname": null, + "ip": "10.244.2.5", + "node_name": "acto-0-cluster-0-worker", + "target_ref": { + "api_version": null, + "field_path": null, + "kind": "Pod", + "name": "cluster1-test-cluster-default-sts-1", + "namespace": "cass-operator", + "resource_version": "1965", + "uid": "142b87e9-242a-4cad-aa89-7164a010c1b0" + } + }, + { + "hostname": null, + "ip": "10.244.3.5", + "node_name": "acto-0-cluster-0-worker3", + "target_ref": { + "api_version": null, + "field_path": null, + "kind": "Pod", + "name": "cluster1-test-cluster-default-sts-2", + "namespace": "cass-operator", + "resource_version": "1793", + "uid": "939bdbbf-0ce4-4888-b71e-12983ba5c9aa" + } + } + ], + "not_ready_addresses": null, + "ports": [ + { + "app_protocol": null, + "name": "tls-native", + "port": 9142, + "protocol": "TCP" + }, + { + "app_protocol": null, + "name": "native", + "port": 9042, + "protocol": "TCP" + }, + { + "app_protocol": null, + "name": "mgmt-api", + "port": 8080, + "protocol": "TCP" + }, + { + "app_protocol": null, + "name": "prometheus", + "port": 9103, + "protocol": "TCP" + }, + { + "app_protocol": null, + "name": "thrift", + "port": 9160, + "protocol": "TCP" + } + ] + } + ] + } + }, + "service_account": { + "cass-operator-controller-manager": { + "api_version": null, + "automount_service_account_token": null, + "image_pull_secrets": null, + "kind": null, + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:32:48+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": null, + "name": "cass-operator-controller-manager", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "956", + "self_link": null, + "uid": "5628ec65-235f-4db8-9828-ab8049e0af92" + }, + "secrets": [ + { + "api_version": null, + "field_path": null, + "kind": null, + "name": "cass-operator-controller-manager-token-78j4l", + "namespace": null, + "resource_version": null, + "uid": null + } + ] + }, + "default": { + "api_version": null, + "automount_service_account_token": null, + "image_pull_secrets": null, + "kind": null, + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:32:27+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": null, + "name": "default", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "738", + "self_link": null, + "uid": "b3fde095-7847-4277-9d68-1b6c28fa3d71" + }, + "secrets": [ + { + "api_version": null, + "field_path": null, + "kind": null, + "name": "default-token-85zgl", + "namespace": null, + "resource_version": null, + "uid": null + } + ] + } + }, + "job": {}, + "role": { + "cass-operator-leader-election-role": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:32:48+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "rbac.authorization.k8s.io/v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:rules": {} + }, + "manager": "kubectl", + "operation": "Apply", + "subresource": null, + "time": "2024-02-26T19:32:48+00:00" + } + ], + "name": "cass-operator-leader-election-role", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "952", + "self_link": null, + "uid": "8885366c-484d-40df-8586-c27476d9a5f3" + }, + "rules": [ + { + "api_groups": [ + "", + "coordination.k8s.io" + ], + "non_resource_ur_ls": null, + "resource_names": null, + "resources": [ + "configmaps", + "leases" + ], + "verbs": [ + "get", + "list", + "watch", + "create", + "update", + "patch", + "delete" + ] + }, + { + "api_groups": [ + "" + ], + "non_resource_ur_ls": null, + "resource_names": null, + "resources": [ + "events" + ], + "verbs": [ + "create", + "patch" + ] + } + ] + } + }, + "role_binding": { + "cass-operator-leader-election-rolebinding": { + "api_version": null, + "kind": null, + "metadata": { + "annotations": null, + "creation_timestamp": "2024-02-26T19:32:48+00:00", + "deletion_grace_period_seconds": null, + "deletion_timestamp": null, + "finalizers": null, + "generate_name": null, + "generation": null, + "labels": null, + "managed_fields": [ + { + "api_version": "rbac.authorization.k8s.io/v1", + "fields_type": "FieldsV1", + "fields_v1": { + "f:roleRef": {}, + "f:subjects": {} + }, + "manager": "kubectl", + "operation": "Apply", + "subresource": null, + "time": "2024-02-26T19:32:48+00:00" + } + ], + "name": "cass-operator-leader-election-rolebinding", + "namespace": "cass-operator", + "owner_references": null, + "resource_version": "957", + "self_link": null, + "uid": "86e9c8c8-1f9e-4033-897c-e2133a6aee61" + }, + "role_ref": { + "api_group": "rbac.authorization.k8s.io", + "kind": "Role", + "name": "cass-operator-leader-election-role" + }, + "subjects": [ + { + "api_group": null, + "kind": "ServiceAccount", + "name": "cass-operator-controller-manager", + "namespace": "cass-operator" + } + ] + } + }, + "custom_resource_spec": { + "additionalServiceConfig": { + "additionalSeedService": {}, + "allpodsService": {}, + "dcService": {}, + "nodePortService": {}, + "seedService": { + "additionalLabels": {} + } + }, + "clusterName": "cluster1", + "config": { + "cassandra-yaml": { + "authenticator": "org.apache.cassandra.auth.PasswordAuthenticator", + "authorizer": "org.apache.cassandra.auth.CassandraAuthorizer", + "role_manager": "org.apache.cassandra.auth.CassandraRoleManager" + }, + "jvm-options": { + "initial_heap_size": "800M", + "max_heap_size": "800M" + } + }, + "configBuilderResources": {}, + "managementApiAuth": { + "insecure": {} + }, + "resources": {}, + "serverType": "cassandra", + "serverVersion": "3.11.7", + "size": 3, + "storageConfig": { + "cassandraDataVolumeClaimSpec": { + "accessModes": [ + "ReadWriteOnce" + ], + "resources": { + "requests": { + "storage": "3Gi" + } + }, + "storageClassName": "server-storage" + } + }, + "systemLoggerResources": {} + }, + "custom_resource_status": { + "cassandraOperatorProgress": "Ready", + "conditions": [ + { + "lastTransitionTime": "2024-02-26T19:36:14Z", + "message": "", + "reason": "", + "status": "False", + "type": "Stopped" + }, + { + "lastTransitionTime": "2024-02-26T19:36:14Z", + "message": "", + "reason": "", + "status": "False", + "type": "ReplacingNodes" + }, + { + "lastTransitionTime": "2024-02-26T19:36:14Z", + "message": "", + "reason": "", + "status": "False", + "type": "Updating" + }, + { + "lastTransitionTime": "2024-02-26T19:36:14Z", + "message": "", + "reason": "", + "status": "False", + "type": "RollingRestart" + }, + { + "lastTransitionTime": "2024-02-26T19:36:14Z", + "message": "", + "reason": "", + "status": "False", + "type": "Resuming" + }, + { + "lastTransitionTime": "2024-02-26T19:36:14Z", + "message": "", + "reason": "", + "status": "False", + "type": "ScalingDown" + }, + { + "lastTransitionTime": "2024-02-26T19:36:14Z", + "message": "", + "reason": "", + "status": "True", + "type": "Valid" + }, + { + "lastTransitionTime": "2024-02-26T19:36:14Z", + "message": "", + "reason": "", + "status": "True", + "type": "Initialized" + }, + { + "lastTransitionTime": "2024-02-26T19:36:14Z", + "message": "", + "reason": "", + "status": "True", + "type": "Ready" + } + ], + "lastServerNodeStarted": "2024-02-26T19:35:24Z", + "nodeStatuses": { + "cluster1-test-cluster-default-sts-0": { + "hostID": "0279ff8f-464f-44ab-87ec-5e61a4ebab0e" + }, + "cluster1-test-cluster-default-sts-1": { + "hostID": "767e4881-4f9f-4375-a503-8f1496778265" + }, + "cluster1-test-cluster-default-sts-2": { + "hostID": "6488f37a-d640-490b-b66a-3afa7d021101" + } + }, + "observedGeneration": 2, + "quietPeriod": "2024-02-26T19:38:22Z", + "superUserUpserted": "2024-02-26T19:38:17Z", + "usersUpserted": "2024-02-26T19:38:17Z" + } +} diff --git a/docs/port.md b/docs/port.md index b78e6d296e..413451e0e4 100644 --- a/docs/port.md +++ b/docs/port.md @@ -967,3 +967,106 @@ options: ## FAQ Please refer to [FAQ](./FAQ.md) for frequently asked questions. +### Example of A True Alarm + +Let’s take a look at one example how we analyzed one alarm produced by Acto and found the https://github.com/k8ssandra/cass-operator/issues/330 + +You can find the trial which produced the result [here](alarm_examples/true_alarm/), and the alarm is raise inside [this file](alarm_examples/true_alarm/generation-002-runtime.json) + +Inside the [generation-002-runtime.json](alarm_examples/true_alarm/generation-002-runtime.json), you can find the following the alarm: + +```json +"consistency": { + "message": "Found no matching fields for input", + "input_diff": { + "prev": "ACTOKEY", + "curr": "NotPresent", + "path": { + "path": [ + "spec", + "additionalServiceConfig", + "seedService", + "additionalLabels", + "ACTOKEY" + ] + } + }, + "system_state_diff": null +}, +``` + +This shows that the alarm is raised by Acto’s consistency oracle. In the alarm description, you can see three fields: `message`, `input_diff`, and `system_state_diff`. In the `input_diff`, it shows the following information: + +- In this step, Acto changed the property of path `spec.additionalServiceConfig.seedService.additionalLabels.ACTOKEY` from `ACTOKEY` to `NotPresent`. This basically means that Acto deleted the `spec.additionalServiceConfig.seedService.additionalLabels.ACTOKEY` from the CR. +- Acto checked through the system state change, and could not find a matching change. + +To look deeper into this alarm, we can check the [delta-002.log](alarm_examples/true_alarm/delta-002.log) file. The `delta-002.log` file contains two sections: `INPUT DELTA` and `SYSTEM DELTA`. In the `INPUT DELTA`, you can see the diff from the `mutated-001.yaml` to `mutated-002.yaml`. In the `SYSTEM DELTA`, you can see the diff from `system-state-001.json` to `system-state-002.json`. You can also view the `mutated-*.yaml` and `system-state-*.json` files directly to see the full CR or full states. + +These files tell us the behavior of the operator when reacting to the CR transition. Next, we need to understand why the operator behaves in this way. We need to look into the operator source code to understand the behavior. + +The operator codebase may be large, so we need to pinpoint the subset of the operator source code which is related to the `spec.additionalServiceConfig.seedService.additionalLabels.ACTOKEY` property. + +We first need to find the places in the source code which reference the property. + +- We can find the type definition for the property at [https://github.com/k8ssandra/cass-operator/blob/9d320dd1960706adb092541a2dc30f186a76338e/apis/cassandra/v1beta1/cassandradatacenter_types.go#L342.](https://github.com/k8ssandra/cass-operator/blob/53c637c22f0d5f1e2f4c09156591a47f7919e0b5/apis/cassandra/v1beta1/cassandradatacenter_types.go#L299) +- Then we trace through the code to find the uses of this field, and eventually we arrive at this line: [https://github.com/k8ssandra/cass-operator/blob/9d320dd1960706adb092541a2dc30f186a76338e/pkg/reconciliation/construct_service.go#L91.](https://github.com/k8ssandra/cass-operator/blob/53c637c22f0d5f1e2f4c09156591a47f7919e0b5/pkg/reconciliation/construct_service.go#L90) +- Tracing backward to see how the returned values are used, we arrive at this line: https://github.com/k8ssandra/cass-operator/blob/53c637c22f0d5f1e2f4c09156591a47f7919e0b5/pkg/reconciliation/reconcile_services.go#L59. +- We can see that the operator always merge the existing annotations with the annotations specified in the CR. This “merge” behavior causes the old annotations to be never deleted: https://github.com/k8ssandra/cass-operator/blob/53c637c22f0d5f1e2f4c09156591a47f7919e0b5/pkg/reconciliation/reconcile_services.go#L104. + +### Example of Misoperation + +Let’s take a look at one example of an alarm caused by a misoperation vulnerability in the tidb-operator. A misoperation vulnerability means that the operator failed to reject an erroneous desired state, and caused the system to be in an error state. + +You can look at the example alarm [here](alarm_examples/misoperation/) + +Inside the [alarm file](alarm_examples/misoperation/generation-001-runtime.json), you can find the following alarm message: + +```json +"health": { + "message": "statefulset: test-cluster-tidb replicas [3] ready_replicas [2]" +}, +``` + +This shows the alarm is raised by the health oracle, which checks if the Kubernetes resources have desired number of replicas. In this alarm, Acto found that the StatefulSet object named `test-cluster-tidb` only has two ready replicas, whereas the desired number of replicas is three. + +To find out what happened, we can take a look at the [delta-001.log](alarm_examples/misoperation/delta-001.log) . It tells us that from the previous step, Acto added an Affinity rule to the tidb’s CR. And in the system state, the tidb-2 pod is recreated with the Affinity rule. + +Next, we need to figure out why the tidb-2 pod is recreated, but cannot be scheduled. After taking a look at the [events-001.json](alarm_examples/misoperation/events-001.json) file, we can find an error event issued by the `Pod` with the message: `"0/4 nodes are available: 1 node(s) had untolerated taint {node-role.kubernetes.io/control-plane: }, 3 node(s) didn't match Pod's node affinity/selector. preemption: 0/4 nodes are available: 4 Preemption is not helpful for scheduling.."` indicating that the new Pod cannot be properly scheduled to nodes. + +The root cause is because the desired Affinity specified in the TiDB CR cannot be satisfied in the current cluster state. The tidb-operator fails to reject the erroneous desired state, updates the TiDB cluster with the unsatisfiable Affinity rule, causing the cluster to lose one replica. + +### Example of False Alarm + +Acto’s oracles are not sound, meaning that Acto may report an alarm, but the operator’s behavior is correct. [Here](alarm_examples/false_alarm/) is an example of false alarms produced by Acto. + +Looking at the [generation-002-runtime.json](alarm_examples/false_alarm/generation-002-runtime.json), you can find the following error message from the consistency oracle: + +```json +"oracle_result": { + "crash": null, + "health": null, + "operator_log": null, + "consistency": { + "message": "Found no matching fields for input", + "input_diff": { + "prev": "1Gi", + "curr": "2Gi", + "path": { + "path": [ + "spec", + "ephemeral", + "emptydirvolumesource", + "sizeLimit" + ] + } + }, + "system_state_diff": null + }, + "differential": null, + "custom": null +}, +``` + +This indicates that Acto expects a corresponding system state change for the input delta of path `spec.ephemeral.emptydirvolumesource.sizeLimit`. To understand the operator’s behavior, we trace through the operator source. We can see that the property has a control-flow dependency on another property: https://github.com/pravega/zookeeper-operator/blob/9fc6151757018cd99acd7b73c24870dce24ba3d5/pkg/zk/generators.go#L48C1-L52C54. And in the CR generated by Acto, the property `spec.storageType` is set to `persistent` instead of `ephemeral`. + +This alarm is thus a false alarm. The operator’s behavior is correct. It did not update the system state because the storageType is not set to `ephemeral`. Acto raised this alarm because it fails to recognize the control-flow dependency among the properties `spec.ephemeral.emptydirvolumesource.sizeLimit` and `spec.storageType`. From 3074b9894f78cd90cbfcac3348e2e5b38227e11c Mon Sep 17 00:00:00 2001 From: "Jiawei \"Tyler\" Gu" <47795840+tylergu@users.noreply.github.com> Date: Tue, 27 Feb 2024 13:55:24 -0600 Subject: [PATCH 09/38] Automatically computing the regex for indeterministic properties (#323) * Automate figuring out the indeterministic properties regex Signed-off-by: Tyler Gu * Check seed CR as a sanity check Signed-off-by: Tyler Gu * Fix CR loading Signed-off-by: Tyler Gu * Log additional exclude regex later Signed-off-by: Tyler Gu * Fix diff level Signed-off-by: Tyler Gu * Fix regex escape Signed-off-by: Tyler Gu * Handle all diff categories Signed-off-by: Tyler Gu * Parallelize initial pass Signed-off-by: Tyler Gu * Fix multiprocessing pool map Signed-off-by: Tyler Gu --------- Signed-off-by: Tyler Gu --- acto/input/input.py | 5 + acto/post_process/post_diff_test.py | 209 +++++++++++++++++++++-- acto/post_process/post_diff_test_test.py | 105 ++++++++++++ acto/post_process/post_process.py | 150 +--------------- acto/reproduce.py | 74 +++++++- 5 files changed, 373 insertions(+), 170 deletions(-) create mode 100644 acto/post_process/post_diff_test_test.py diff --git a/acto/input/input.py b/acto/input/input.py index 3f2b406ae5..920c0c46b3 100644 --- a/acto/input/input.py +++ b/acto/input/input.py @@ -251,6 +251,11 @@ def __init__( ) ) + for base_schema, k8s_schema_name in self.full_matched_schemas: + base_schema.attributes |= ( + property_attribute.PropertyAttribute.Mapped + ) + # Apply custom property attributes based on the property_attribute module self.apply_custom_field() diff --git a/acto/post_process/post_diff_test.py b/acto/post_process/post_diff_test.py index eef5e43530..6929ba686c 100644 --- a/acto/post_process/post_diff_test.py +++ b/acto/post_process/post_diff_test.py @@ -1,6 +1,8 @@ import argparse +import difflib import glob import hashlib +import itertools import json import logging import multiprocessing @@ -13,10 +15,11 @@ import threading import time from copy import deepcopy -from typing import Dict, List, Optional +from typing import Optional import pandas as pd import pydantic +import yaml from deepdiff import DeepDiff from deepdiff.helper import CannotCompare from deepdiff.model import DiffLevel, TreeResult @@ -33,22 +36,21 @@ from acto.serialization import ActoEncoder from acto.snapshot import Snapshot from acto.trial import Step -from acto.utils import add_acto_label, get_thread_logger -from acto.utils.error_handler import handle_excepthook, thread_excepthook +from acto.utils import add_acto_label, error_handler, get_thread_logger class DiffTestResult(pydantic.BaseModel): """The result of a diff test It contains the input digest, the snapshot, the original trial and generation, and the time spent on each step - The oracle result is separated from this dataclass, so that it can easily recomputed - after changing the oracle + The oracle result is separated from this dataclass, + so that it can easily recomputed after changing the oracle """ input_digest: str snapshot: Snapshot - originals: list[Dict] - time: Dict + originals: list[dict] + time: dict @classmethod def from_file(cls, file_path: str) -> "DiffTestResult": @@ -332,7 +334,7 @@ class AdditionalRunner: def __init__( self, - context: Dict, + context: dict, deploy: Deploy, workdir: str, cluster: base.KubernetesEngine, @@ -403,7 +405,7 @@ class DeployRunner: def __init__( self, workqueue: multiprocessing.Queue, - context: Dict, + context: dict, deploy: Deploy, workdir: str, cluster: base.KubernetesEngine, @@ -517,6 +519,80 @@ def run(self): generation += 1 +def compute_common_regex(paths: list[str]) -> list[str]: + """Compute the common regex from the list of paths""" + common_regex: set[str] = set() + sorted_paths = sorted(paths) + curr_regex = None + for i in range(len(sorted_paths)): + if curr_regex is None or not re.match(curr_regex, sorted_paths[i]): + # if we do not have enough items to look ahead, then we give up + if i + 2 >= len(sorted_paths): + common_regex.add("^" + re.escape(sorted_paths[i]) + "$") + continue + + path = sorted_paths[i] + next_path = sorted_paths[i + 1] + next_next_path = sorted_paths[i + 2] + + # if the resource type is different, then we give up to avoid + # a wildcard regex + if ( + path.startswith("root") + and next_path.startswith("root") + and next_next_path.startswith("root") + ): + resource_type = re.findall(r"root\['(.*?)'\]", path)[0] + next_resource_type = re.findall(r"root\['(.*?)'\]", next_path)[ + 0 + ] + next_next_resource_type = re.findall( + r"root\['(.*?)'\]", next_next_path + )[0] + if ( + resource_type != next_resource_type + or next_resource_type != next_next_resource_type + ): + common_regex.add("^" + re.escape(path) + "$") + continue + + # Look ahead to find a regex candidate + # Construct the regex candidate using the difflib + matched_blocks = difflib.SequenceMatcher( + None, + path, + next_path, + ).get_matching_blocks() + regex_candidate = r"" + for block in matched_blocks: + if block.a == 0 and block.b == 0: + regex_candidate += r"^" + elif block.size != 0: + # we may have duplicate wild card here, + # but it is fine because two consequence wild cards is + # equivalent to one wild card + regex_candidate += r".*" + + if block.size <= 3: + # prevent accidental single character match in random string + continue + regex_candidate += re.escape( + path[block.a : block.a + block.size] + ) + regex_candidate += r"$" + + # Check if the regex candidate is valid for the third item + # if matched, then we have a valid regex + # if not, then we give up finding a common regex for the current + # item + if re.match(regex_candidate, next_next_path): + common_regex.add(regex_candidate) + curr_regex = regex_candidate + else: + common_regex.add(path) + return list(common_regex) + + class PostDiffTest(PostProcessor): """Post diff test class for Acto""" @@ -566,9 +642,8 @@ def __init__( ], ) - self.unique_inputs: Dict[ - str, pd.DataFrame - ] = {} # input digest -> group of steps + # input digest -> group of steps + self.unique_inputs: dict[str, pd.DataFrame] = {} groups = self.df.groupby("input_digest") for digest, group in groups: self.unique_inputs[digest] = group @@ -605,7 +680,7 @@ def post_process(self, workdir: str, num_workers: int = 1): for unique_input_group in self.unique_inputs.values(): workqueue.put(unique_input_group) - runners: List[DeployRunner] = [] + runners: list[DeployRunner] = [] for i in range(num_workers): runner = DeployRunner( workqueue, @@ -630,18 +705,44 @@ def post_process(self, workdir: str, num_workers: int = 1): def check(self, workdir: str, num_workers: int = 1): """Check the post process result""" logger = get_thread_logger(with_prefix=True) - logger.info( - "Additional exclude paths: %s", self.config.diff_ignore_fields - ) trial_dirs = glob.glob(os.path.join(workdir, "trial-*")) + with open(self.config.seed_custom_resource, "r", encoding="utf-8") as f: + seed_cr = yaml.load(f, Loader=yaml.FullLoader) + seed_input_digest = hashlib.md5( + json.dumps(seed_cr, sort_keys=True).encode("utf-8") + ).hexdigest() + workqueue: multiprocessing.Queue = multiprocessing.Queue() for trial_dir in trial_dirs: for diff_test_result_path in glob.glob( os.path.join(trial_dir, "difftest-*.json") ): + # 1. Populate the workqueue workqueue.put(diff_test_result_path) + # 2. Find the seed test result and compute the common regex + diff_test_result = DiffTestResult.from_file( + diff_test_result_path + ) + if diff_test_result.input_digest == seed_input_digest: + diff_skip_regex = self.__get_diff_paths( + diff_test_result, num_workers + ) + logger.info( + "Seed input digest: %s, diff_skip_regex: %s", + seed_input_digest, + diff_skip_regex, + ) + if self.config.diff_ignore_fields is None: + self.config.diff_ignore_fields = diff_skip_regex + else: + self.config.diff_ignore_fields.extend(diff_skip_regex) + + logger.info( + "Additional exclude paths: %s", self.config.diff_ignore_fields + ) + processes = [] for i in range(num_workers): p = multiprocessing.Process( @@ -822,6 +923,78 @@ def check_diff_test_step( to_state=diff_test_result.snapshot.system_state, ) + def __get_diff_paths( + self, diff_test_result: DiffTestResult, num_workers: int + ) -> list[str]: + """Get the diff paths from a diff test result + Algorithm: + Iterate on the original trials, in principle they should be the same + If they are not, the diffs should be the indeterministic fields + to be skipped when doing the comparison. + Naively, we can just append all the indeterministic fields and return + them, however, there are cases where the field path itself is not + deterministic (e.g. the name of the secret could be randomly generated) + To handle this randomness in the name, we can use the first two + original trials to compare the system state to get the initial + regex for skipping. + If we do not have random names, the subsequent trials should not + have additional indeterministic fields. + + Then, we keep iterating on the rest of the original results, and + check if we have additional indeterministic fields. If we do, we + collect them and try to figure out the proper regex to skip them. + + Args: + diff_test_result (DiffTestResult): The diff test result + + Returns: + list[str]: The list of diff paths + """ + + indeterministic_regex: set[str] = set() + + args = [] + for original in diff_test_result.originals: + trial = original["trial"] + gen = original["gen"] + trial_basename = os.path.basename(trial) + original_result = self.trial_to_steps[trial_basename].steps[ + str(gen) + ] + args.append([diff_test_result, original_result, self.config]) + + with multiprocessing.Pool(num_workers) as pool: + diff_results = pool.starmap(get_diff_paths_helper, args) + + for diff_item in itertools.chain.from_iterable(diff_results): + indeterministic_regex.add(diff_item) + + # Handle the case where the name is not deterministic + common_regex = compute_common_regex(list(indeterministic_regex)) + + return common_regex + + +def get_diff_paths_helper( + diff_test_result: DiffTestResult, + original_result: Step, + config: OperatorConfig, +) -> list[str]: + """Get the diff paths helper""" + diff_result = PostDiffTest.check_diff_test_step( + diff_test_result, original_result, config + ) + indeterministic_regex = set() + if diff_result is not None: + for diff in diff_result.diff.values(): + if not isinstance(diff, list): + continue + for diff_item in diff: + if not isinstance(diff_item, DiffLevel): + continue + indeterministic_regex.add(diff_item.path()) + return list(indeterministic_regex) + def main(): """Main entry point.""" @@ -834,8 +1007,8 @@ def main(): args = parser.parse_args() # Register custom exception hook - sys.excepthook = handle_excepthook - threading.excepthook = thread_excepthook + sys.excepthook = error_handler.handle_excepthook + threading.excepthook = error_handler.thread_excepthook log_filename = "check.log" if args.checkonly else "test.log" os.makedirs(args.workdir_path, exist_ok=True) diff --git a/acto/post_process/post_diff_test_test.py b/acto/post_process/post_diff_test_test.py new file mode 100644 index 0000000000..0494a611b4 --- /dev/null +++ b/acto/post_process/post_diff_test_test.py @@ -0,0 +1,105 @@ +import unittest + +from acto.post_process.post_diff_test import compute_common_regex + + +class TestPostDiffTest(unittest.TestCase): + """Test PostDiffTest""" + + def test_compute_common_regex_prefix(self): + """Test computing common regex""" + testdata = [ + "root['pod_disruption_budget']['test-cluster-pdb']", + "root['pod_disruption_budget']['test-cluster-pda']", + "root['pod_disruption_budget']['test-cluster-pdc']", + "root['pod_disruption_budget']['test-cluster-pdd']", + ] + self.assertCountEqual( + compute_common_regex(testdata), + ["^root\\['pod_disruption_budget'\\]\\['test\\-cluster\\-pd.*$"], + ) + + def test_compute_common_regex_suffix(self): + """Test computing common regex""" + testdata = [ + "root['pod_disruption_budget']['test-cluster-pda']['metadata']['name']", + "root['pod_disruption_budget']['test-cluster-pdb']['metadata']['name']", + "root['pod_disruption_budget']['test-cluster-pdc']['metadata']['name']", + "root['pod_disruption_budget']['test-cluster-pdd']['metadata']['name']", + "root['pod_disruption_budget']['test-cluster-pde']['metadata']['name']", + ] + self.assertCountEqual( + compute_common_regex(testdata), + [ + "^root\\['pod_disruption_budget'\\]" + "\\['test\\-cluster\\-pd.*'\\]\\['metadata'\\]\\['name'\\]$" + ], + ) + + def test_compute_common_regex_different_resources(self): + """Test computing common regex""" + testdata = [ + "root['secret']['my-secret']", + "root['pod_disruption_budget']['test-cluster-pdb']['metadata']['name']", + "root['pod_disruption_budget']['test-cluster-pdc']['metadata']['name']", + "root['pod_disruption_budget']['test-cluster-pdd']['metadata']['name']", + "root['pod_disruption_budget']['test-cluster-pde']['metadata']['name']", + "root['pod_disruption_budget']['test-cluster-pde']['metadata']['namespace']", + ] + self.assertCountEqual( + compute_common_regex(testdata), + [ + "^root\\['pod_disruption_budget'\\]" + "\\['test\\-cluster\\-pde'\\]\\['metadata'\\]\\['namespace'\\]$", + "^root\\['secret'\\]\\['my\\-secret'\\]$", + "^root\\['pod_disruption_budget'\\]" + "\\['test\\-cluster\\-pd.*'\\]\\['metadata'\\]\\['name'\\]$", + ], + ) + + def test_compute_common_regex_secret(self): + """Test computing common regex""" + testdata = [ + "root['secret']['my-secret-vczvds']", + "root['secret']['my-secret-adsfas']", + "root['secret']['my-secret-sfdsdf']", + ] + self.assertCountEqual( + compute_common_regex(testdata), + ["^root\\['secret'\\]\\['my\\-secret\\-.*.*.*$"], + ) + + def test_compute_common_regex_complex(self): + """Test computing common regex""" + testdata = [ + "root['secret']['my-secret-vczvds']", + "root['secret']['my-secret-adsfas']", + "root['secret']['my-secret-bbbdfs']", + "root['pod_disruption_budget']['test-cluster-pdb']['metadata']['name']", + "root['pod_disruption_budget']['test-cluster-pdc']['metadata']['name']", + "root['pod_disruption_budget']['test-cluster-pdd']['metadata']['name']", + "root['pod_disruption_budget']['test-cluster-pde']['metadata']['name']", + "root['pod_disruption_budget']['test-cluster-pde']['metadata']['namespace']", + "root['pod_disruption_budget']['test-cluster-pde']['metadata']['namespace']", + "root['pod_disruption_budget']['test-cluster-pde']['metadata']['namespace']", + "root['pod_disruption_budget']['test-cluster-pde']['metadata']['namespace']", + "root['pod_disruption_budget']['test-cluster-pde']['metadata']['namespace']", + "root['pod_disruption_budget']['test-cluster-pde']['metadata']['namespace']", + "root['pod_disruption_budget']['test-cluster-pde']['metadata']['namespace']", + "root['pod_disruption_budget']['test-cluster-pde']['metadata']['namespace']", + "root['pod_disruption_budget']['test-cluster-pde']['metadata']['namespace']", + ] + self.assertCountEqual( + compute_common_regex(testdata), + [ + "^root\\['secret'\\]\\['my\\-secret\\-.*.*.*$", + "^root\\['pod_disruption_budget'\\]" + "\\['test\\-cluster\\-pd.*'\\]\\['metadata'\\]\\['name'\\]$", + "^root\\['pod_disruption_budget'\\]" + "\\['test\\-cluster\\-pde'\\]\\['metadata'\\]\\['namespace'\\]$", + ], + ) + + +if __name__ == "__main__": + unittest.main() diff --git a/acto/post_process/post_process.py b/acto/post_process/post_process.py index df6daa92db..81eb4de334 100644 --- a/acto/post_process/post_process.py +++ b/acto/post_process/post_process.py @@ -1,4 +1,5 @@ """Post process the testrun results""" + import glob import json import os @@ -7,150 +8,6 @@ from acto.lib.operator_config import OperatorConfig from acto.trial import Trial -# class Step: -# """A step in a trial - -# Attributes: -# input (Dict): input to the operator -# operator_log (str): operator log -# system_state (Dict): system state -# cli_output (str): cli output -# runtime_result (Dict): runtime result -# """ - -# def __init__( -# self, -# trial_dir: str, -# gen: int, -# input_cr: Dict, -# operator_log: list[str], -# system_state: Dict, -# cli_output: str, -# runtime_result: Dict, -# ): -# self._trial_dir = trial_dir -# self._gen = gen -# self._input = input_cr -# self._input_digest = hashlib.md5( -# json.dumps(input_cr, sort_keys=True).encode("utf-8") -# ).hexdigest() -# self._operator_log = operator_log -# self._system_state = system_state -# self._cli_output = cli_output -# self._runtime_result = RunResult(**runtime_result) - -# @property -# def trial_dir(self) -> str: -# """Return trial directory""" -# return self._trial_dir - -# @property -# def gen(self) -> int: -# """Return generation""" -# return self._gen - -# @property -# def input(self) -> Dict: -# """Return input""" -# return self._input - -# @property -# def input_digest(self) -> str: -# """Return input digest""" -# return self._input_digest - -# @property -# def operator_log(self) -> list[str]: -# """Return operator log""" -# return self._operator_log - -# @property -# def system_state(self) -> Dict: -# """Return system state""" -# return self._system_state - -# @property -# def cli_output(self) -> str: -# """Return cli output""" -# return self._cli_output - -# @property -# def runtime_result(self) -> RunResult: -# """Return runtime result""" -# return self._runtime_result - - -# def read_trial_dir(trial_dir: str) -> Dict[str, Step]: -# """Read a trial directory and return a list of steps""" - -# steps: Dict[str, Step] = {} -# for generation in range(0, 20): -# if not os.path.exists(f"{trial_dir}/mutated-{generation:03d}.yaml"): -# break - -# step = construct_step(trial_dir, generation) -# if step is None: -# continue -# else: -# steps[str(generation)] = step - -# return steps - - -# def construct_step(trial_dir, generation) -> Optional[Step]: -# """Construct a step from a trial directory and generation""" -# events_log_path = f"{trial_dir}/events-{generation:03d}.json" -# mutated_filename = f"{trial_dir}/mutated-{generation:03d}.yaml" -# operator_log_path = f"{trial_dir}/operator-{generation:03d}.log" -# system_state_path = f"{trial_dir}/system-state-{generation:03d}.json" -# cli_output_path = f"{trial_dir}/cli-output-{generation:03d}.log" -# runtime_result_path = ( -# f"{trial_dir}/generation-{generation:03d}-runtime.json" -# ) - -# if not os.path.exists(operator_log_path): -# return None - -# if not os.path.exists(runtime_result_path): -# return None - -# with open(mutated_filename, "r", encoding="utf-8") as input_file, open( -# operator_log_path, -# "r", -# encoding="utf-8", -# ) as operator_log_file, open( -# system_state_path, -# "r", -# encoding="utf-8", -# ) as system_state_file, open( -# events_log_path, -# "r", -# encoding="utf-8", -# ) as _, open( -# cli_output_path, -# "r", -# encoding="utf-8", -# ) as cli_output, open( -# runtime_result_path, -# "r", -# encoding="utf-8", -# ) as runtime_result_file: -# input_cr = yaml.load(input_file, Loader=yaml.FullLoader) -# operator_log = operator_log_file.read().splitlines() -# system_state = json.load(system_state_file) -# cli_result = json.load(cli_output) -# runtime_result = json.load(runtime_result_file) - -# return Step( -# trial_dir, -# generation, -# input_cr, -# operator_log, -# system_state, -# cli_result, -# runtime_result, -# ) - class PostProcessor: """Post processor base class""" @@ -169,9 +26,8 @@ def __init__(self, testrun_dir: str, config: OperatorConfig): # Initliaze trial dirs self._trials: List[str] = [] - self._trial_to_steps: dict[ - str, Trial - ] = {} # trial_dir -> steps, key by trial_dir string + # trial_dir -> steps, key by trial_dir string + self._trial_to_steps: dict[str, Trial] = {} trial_dirs = glob.glob(testrun_dir + "/*") for trial_dir in trial_dirs: if not os.path.isdir(trial_dir): diff --git a/acto/reproduce.py b/acto/reproduce.py index 9544ad21a1..791f26418d 100644 --- a/acto/reproduce.py +++ b/acto/reproduce.py @@ -1,5 +1,6 @@ import argparse import functools +import importlib import json import logging import os @@ -13,14 +14,16 @@ from acto import DEFAULT_KUBERNETES_VERSION from acto.engine import Acto -from acto.input.input import DeterministicInputModel +from acto.input import k8s_schemas, property_attribute +from acto.input.input import CustomKubernetesMapping, DeterministicInputModel from acto.input.testcase import TestCase from acto.input.testplan import TestGroup from acto.input.value_with_schema import ValueWithSchema -from acto.input.valuegenerator import extract_schema_with_value_generator from acto.lib.operator_config import OperatorConfig from acto.post_process.post_diff_test import PostDiffTest from acto.result import OracleResults +from acto.schema.base import BaseSchema +from acto.schema.schema import extract_schema from acto.utils import get_thread_logger @@ -81,9 +84,7 @@ def __init__( custom_module_path: Optional[str] = None, ) -> None: logger = get_thread_logger(with_prefix=True) - # WARNING: Not sure the initialization is correct - # TODO: The line below need to be reviewed. - self.root_schema = extract_schema_with_value_generator( + self.root_schema = extract_schema( [], crd["spec"]["versions"][-1]["schema"]["openAPIV3Schema"] ) self.testcases = [] @@ -107,6 +108,69 @@ def __init__( self.num_workers = 1 self.metadata = {} + override_matches: Optional[list[tuple[BaseSchema, str]]] = None + if custom_module_path is not None: + custom_module = importlib.import_module(custom_module_path) + + # We need to do very careful sanitization here because we are + # loading user-provided module + if hasattr(custom_module, "KUBERNETES_TYPE_MAPPING"): + custum_kubernetes_type_mapping = ( + custom_module.KUBERNETES_TYPE_MAPPING + ) + if isinstance(custum_kubernetes_type_mapping, list): + override_matches = [] + for custom_mapping in custum_kubernetes_type_mapping: + if isinstance(custom_mapping, CustomKubernetesMapping): + try: + schema = self.get_schema_by_path( + custom_mapping.schema_path + ) + except KeyError as exc: + raise RuntimeError( + "Schema path of the custom mapping is invalid: " + f"{custom_mapping.schema_path}" + ) from exc + + override_matches.append( + (schema, custom_mapping.kubernetes_schema_name) + ) + else: + raise TypeError( + "Expected CustomKubernetesMapping in KUBERNETES_TYPE_MAPPING, " + f"but got {type(custom_mapping)}" + ) + + # Do the matching from CRD to Kubernetes schemas + # Match the Kubernetes schemas to subproperties of the root schema + kubernetes_schema_matcher = k8s_schemas.K8sSchemaMatcher.from_version( + kubernetes_version, None + ) + top_matched_schemas = ( + kubernetes_schema_matcher.find_top_level_matched_schemas( + self.root_schema + ) + ) + for base_schema, k8s_schema_name in top_matched_schemas: + logging.info( + "Matched schema %s to k8s schema %s", + base_schema.get_path(), + k8s_schema_name, + ) + self.full_matched_schemas = ( + kubernetes_schema_matcher.expand_top_level_matched_schemas( + top_matched_schemas + ) + ) + + for base_schema, k8s_schema_name in self.full_matched_schemas: + base_schema.attributes |= ( + property_attribute.PropertyAttribute.Mapped + ) + + # Apply custom property attributes based on the property_attribute module + self.apply_custom_field() + def initialize(self, initial_value: dict): """Override""" From 09746d0e07ddaa52e7f9a3f8bdea7f8fbf04b375 Mon Sep 17 00:00:00 2001 From: Tianyin Xu Date: Wed, 28 Feb 2024 22:02:10 -0600 Subject: [PATCH 10/38] Update port.md --- docs/port.md | 8 +++----- 1 file changed, 3 insertions(+), 5 deletions(-) diff --git a/docs/port.md b/docs/port.md index 413451e0e4..17faba50b6 100644 --- a/docs/port.md +++ b/docs/port.md @@ -965,9 +965,7 @@ options: Path to the testrun dir which contains the testing result ``` -## FAQ -Please refer to [FAQ](./FAQ.md) for frequently asked questions. -### Example of A True Alarm +### An Example of True Alarms Let’s take a look at one example how we analyzed one alarm produced by Acto and found the https://github.com/k8ssandra/cass-operator/issues/330 @@ -1013,7 +1011,7 @@ We first need to find the places in the source code which reference the property - Tracing backward to see how the returned values are used, we arrive at this line: https://github.com/k8ssandra/cass-operator/blob/53c637c22f0d5f1e2f4c09156591a47f7919e0b5/pkg/reconciliation/reconcile_services.go#L59. - We can see that the operator always merge the existing annotations with the annotations specified in the CR. This “merge” behavior causes the old annotations to be never deleted: https://github.com/k8ssandra/cass-operator/blob/53c637c22f0d5f1e2f4c09156591a47f7919e0b5/pkg/reconciliation/reconcile_services.go#L104. -### Example of Misoperation +### An Example of Misoperations Let’s take a look at one example of an alarm caused by a misoperation vulnerability in the tidb-operator. A misoperation vulnerability means that the operator failed to reject an erroneous desired state, and caused the system to be in an error state. @@ -1035,7 +1033,7 @@ Next, we need to figure out why the tidb-2 pod is recreated, but cannot be sched The root cause is because the desired Affinity specified in the TiDB CR cannot be satisfied in the current cluster state. The tidb-operator fails to reject the erroneous desired state, updates the TiDB cluster with the unsatisfiable Affinity rule, causing the cluster to lose one replica. -### Example of False Alarm +### An Example of False Alarms Acto’s oracles are not sound, meaning that Acto may report an alarm, but the operator’s behavior is correct. [Here](alarm_examples/false_alarm/) is an example of false alarms produced by Acto. From 53aa9e631f34c8545b138ea1092de58f7504e64b Mon Sep 17 00:00:00 2001 From: hzeng21 Date: Wed, 28 Feb 2024 23:12:43 -0600 Subject: [PATCH 11/38] Re enable arg helper_crd (#334) * Re-enable arg helper_crd * show helper crd path --- acto/__main__.py | 9 ++++++++- acto/engine.py | 2 +- 2 files changed, 9 insertions(+), 2 deletions(-) diff --git a/acto/__main__.py b/acto/__main__.py index f00cb09dac..94858e7d18 100644 --- a/acto/__main__.py +++ b/acto/__main__.py @@ -51,6 +51,13 @@ default=1, help="Number of concurrent workers to run Acto with", ) +parser.add_argument( + "--helper_crd", + dest="helper_crd", + type=str, + default="", + help="helper crd file to test on", +) parser.add_argument( "--num-cases", dest="num_cases", @@ -133,7 +140,7 @@ cluster_runtime="KIND", preload_images_=None, context_file=context_cache, - helper_crd=None, + helper_crd=args.helper_crd, num_workers=args.num_workers, num_cases=args.num_cases, dryrun=args.dryrun, diff --git a/acto/engine.py b/acto/engine.py index 665b877865..5f963fee35 100644 --- a/acto/engine.py +++ b/acto/engine.py @@ -952,7 +952,7 @@ def __learn(self, context_file, helper_crd, analysis_only=False): if deployed: break apiclient = kubernetes_client(learn_kubeconfig, learn_context_name) - + logger.debug("helper crd path is %s", helper_crd) self.context["crd"] = process_crd( apiclient, KubectlClient(learn_kubeconfig, learn_context_name), From 33ed51913513582c968f1e466db26383e8de659c Mon Sep 17 00:00:00 2001 From: "Jiawei \"Tyler\" Gu" <47795840+tylergu@users.noreply.github.com> Date: Thu, 29 Feb 2024 14:03:48 -0600 Subject: [PATCH 12/38] Update issue templates --- .../ISSUE_TEMPLATE/alarm-inspection-report.md | 21 +++++++++++++++++++ 1 file changed, 21 insertions(+) create mode 100644 .github/ISSUE_TEMPLATE/alarm-inspection-report.md diff --git a/.github/ISSUE_TEMPLATE/alarm-inspection-report.md b/.github/ISSUE_TEMPLATE/alarm-inspection-report.md new file mode 100644 index 0000000000..16aadc0610 --- /dev/null +++ b/.github/ISSUE_TEMPLATE/alarm-inspection-report.md @@ -0,0 +1,21 @@ +--- +name: Alarm Inspection Report +about: An analysis report for the alarms produced by Acto +title: "[Alarm Inspection] " +labels: '' +assignees: '' + +--- + +## What happened +Why did Acto raise this alarm? +What happened in the state transition? +Why Acto’s oracles raised an alarm? + + +## Root Cause +Why did the operator behave in this way? Please find the exact block in the operator source code resulting in the behavior. + +## Expected behavior? +If it is a true alarm, how to fix it in the operator code? +If it is a false alarm, how to fix it in Acto code? From 5884845f81f0c43e9b4c86f0458b4fac9f909c86 Mon Sep 17 00:00:00 2001 From: "Jiawei \"Tyler\" Gu" <47795840+tylergu@users.noreply.github.com> Date: Thu, 29 Feb 2024 14:11:59 -0600 Subject: [PATCH 13/38] Update alarm-inspection-report.md --- .../ISSUE_TEMPLATE/alarm-inspection-report.md | 41 +++++++++++-------- 1 file changed, 25 insertions(+), 16 deletions(-) diff --git a/.github/ISSUE_TEMPLATE/alarm-inspection-report.md b/.github/ISSUE_TEMPLATE/alarm-inspection-report.md index 16aadc0610..c18c8538d0 100644 --- a/.github/ISSUE_TEMPLATE/alarm-inspection-report.md +++ b/.github/ISSUE_TEMPLATE/alarm-inspection-report.md @@ -1,21 +1,30 @@ ---- name: Alarm Inspection Report about: An analysis report for the alarms produced by Acto -title: "[Alarm Inspection] " labels: '' -assignees: '' +body: + - type: textarea + id: problem + attributes: + label: What happened? + description: | + Why did Acto raise this alarm? What happened in the state transition? Why Acto’s oracles raised an alarm? + validations: + required: true ---- + - type: textarea + id: root-cause + attributes: + label: What did you expect to happen? + description: | + Why did the operator behave in this way? Please find the exact block in the operator source code resulting in the behavior. + validations: + required: true -## What happened -Why did Acto raise this alarm? -What happened in the state transition? -Why Acto’s oracles raised an alarm? - - -## Root Cause -Why did the operator behave in this way? Please find the exact block in the operator source code resulting in the behavior. - -## Expected behavior? -If it is a true alarm, how to fix it in the operator code? -If it is a false alarm, how to fix it in Acto code? + - type: textarea + id: expected + attributes: + label: Root Cause + description: | + If it is a true alarm, how to fix it in the operator code? If it is a false alarm, how to fix it in Acto code? + validations: + required: true From ea26b103160d9d191374c09b8a905a1265183523 Mon Sep 17 00:00:00 2001 From: "Jiawei \"Tyler\" Gu" <47795840+tylergu@users.noreply.github.com> Date: Thu, 29 Feb 2024 14:12:49 -0600 Subject: [PATCH 14/38] Rename alarm-inspection-report.md to alarm-inspection-report.yaml --- .../{alarm-inspection-report.md => alarm-inspection-report.yaml} | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename .github/ISSUE_TEMPLATE/{alarm-inspection-report.md => alarm-inspection-report.yaml} (100%) diff --git a/.github/ISSUE_TEMPLATE/alarm-inspection-report.md b/.github/ISSUE_TEMPLATE/alarm-inspection-report.yaml similarity index 100% rename from .github/ISSUE_TEMPLATE/alarm-inspection-report.md rename to .github/ISSUE_TEMPLATE/alarm-inspection-report.yaml From 4c344cebb651529a1c019cb2cd0419b337f71a4c Mon Sep 17 00:00:00 2001 From: "Jiawei \"Tyler\" Gu" <47795840+tylergu@users.noreply.github.com> Date: Thu, 29 Feb 2024 14:15:17 -0600 Subject: [PATCH 15/38] Update alarm-inspection-report.yaml --- .github/ISSUE_TEMPLATE/alarm-inspection-report.yaml | 11 +++++------ 1 file changed, 5 insertions(+), 6 deletions(-) diff --git a/.github/ISSUE_TEMPLATE/alarm-inspection-report.yaml b/.github/ISSUE_TEMPLATE/alarm-inspection-report.yaml index c18c8538d0..d6b561ba0f 100644 --- a/.github/ISSUE_TEMPLATE/alarm-inspection-report.yaml +++ b/.github/ISSUE_TEMPLATE/alarm-inspection-report.yaml @@ -1,6 +1,5 @@ name: Alarm Inspection Report -about: An analysis report for the alarms produced by Acto -labels: '' +description: An analysis report for the alarms produced by Acto body: - type: textarea id: problem @@ -15,8 +14,8 @@ body: id: root-cause attributes: label: What did you expect to happen? - description: | - Why did the operator behave in this way? Please find the exact block in the operator source code resulting in the behavior. + description: | + Why did the operator behave in this way? Please find the exact block in the operator source code resulting in the behavior. validations: required: true @@ -24,7 +23,7 @@ body: id: expected attributes: label: Root Cause - description: | - If it is a true alarm, how to fix it in the operator code? If it is a false alarm, how to fix it in Acto code? + description: | + If it is a true alarm, how to fix it in the operator code? If it is a false alarm, how to fix it in Acto code? validations: required: true From d2ab6b2f0f434478aae43aeab44d93aa2d9fde27 Mon Sep 17 00:00:00 2001 From: "Jiawei \"Tyler\" Gu" <47795840+tylergu@users.noreply.github.com> Date: Thu, 29 Feb 2024 14:32:52 -0600 Subject: [PATCH 16/38] Update issue templates --- .github/ISSUE_TEMPLATE/bug_report.md | 27 +++++++++++++++++++++++++++ 1 file changed, 27 insertions(+) create mode 100644 .github/ISSUE_TEMPLATE/bug_report.md diff --git a/.github/ISSUE_TEMPLATE/bug_report.md b/.github/ISSUE_TEMPLATE/bug_report.md new file mode 100644 index 0000000000..891c617754 --- /dev/null +++ b/.github/ISSUE_TEMPLATE/bug_report.md @@ -0,0 +1,27 @@ +--- +name: Bug report +about: Create a report to help us improve +title: '' +labels: '' +assignees: '' + +--- + +**Describe the bug** +A clear and concise description of what the bug is. + +**To Reproduce** +Steps to reproduce the behavior: +1. Go to '...' +2. Click on '....' +3. Scroll down to '....' +4. See error + +**Expected behavior** +A clear and concise description of what you expected to happen. + +**Screenshots** +If applicable, add screenshots to help explain your problem. + +**Additional context** +Add any other context about the problem here. From 2997980347e1ca7ed70189e94911b551aae6c1d5 Mon Sep 17 00:00:00 2001 From: "Jiawei \"Tyler\" Gu" <47795840+tylergu@users.noreply.github.com> Date: Thu, 29 Feb 2024 14:33:37 -0600 Subject: [PATCH 17/38] Update issue templates --- .github/ISSUE_TEMPLATE/feature_request.md | 20 ++++++++++++++++++++ 1 file changed, 20 insertions(+) create mode 100644 .github/ISSUE_TEMPLATE/feature_request.md diff --git a/.github/ISSUE_TEMPLATE/feature_request.md b/.github/ISSUE_TEMPLATE/feature_request.md new file mode 100644 index 0000000000..bbcbbe7d61 --- /dev/null +++ b/.github/ISSUE_TEMPLATE/feature_request.md @@ -0,0 +1,20 @@ +--- +name: Feature request +about: Suggest an idea for this project +title: '' +labels: '' +assignees: '' + +--- + +**Is your feature request related to a problem? Please describe.** +A clear and concise description of what the problem is. Ex. I'm always frustrated when [...] + +**Describe the solution you'd like** +A clear and concise description of what you want to happen. + +**Describe alternatives you've considered** +A clear and concise description of any alternative solutions or features you've considered. + +**Additional context** +Add any other context or screenshots about the feature request here. From ad864189dad6871307bb08a9cbbc53b0f4cac7a8 Mon Sep 17 00:00:00 2001 From: "Jiawei \"Tyler\" Gu" <47795840+tylergu@users.noreply.github.com> Date: Thu, 29 Feb 2024 17:17:27 -0600 Subject: [PATCH 18/38] Fix security alert from dependencies (#337) Signed-off-by: Tyler Gu --- pyproject.toml | 2 +- requirements-dev.txt | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/pyproject.toml b/pyproject.toml index 06d040d18d..66e2ed2c6c 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -28,7 +28,7 @@ dev = [ "pip-tools~=7.3.0", "pre-commit~=3.6.0", "ansible-core>=2.16.3", - "cryptography>=42.0.0", + "cryptography>=42.0.4", "aiohttp>=3.9.2", "jinja2>=3.1.3", "isort", diff --git a/requirements-dev.txt b/requirements-dev.txt index faf20395c5..10b0c2542e 100644 --- a/requirements-dev.txt +++ b/requirements-dev.txt @@ -46,7 +46,7 @@ coverage[toml]==7.3.3 # via # coverage # pytest-cov -cryptography==42.0.2 +cryptography==42.0.5 # via # acto (pyproject.toml) # ansible-core From 89be38bee7df75b853ca98d4acedf37cd4db63e9 Mon Sep 17 00:00:00 2001 From: "Jiawei \"Tyler\" Gu" <47795840+tylergu@users.noreply.github.com> Date: Thu, 29 Feb 2024 17:17:35 -0600 Subject: [PATCH 19/38] Fix optional argument helper_crd (#338) Signed-off-by: Tyler Gu --- acto/__main__.py | 1 - 1 file changed, 1 deletion(-) diff --git a/acto/__main__.py b/acto/__main__.py index 94858e7d18..0ca73a0166 100644 --- a/acto/__main__.py +++ b/acto/__main__.py @@ -55,7 +55,6 @@ "--helper_crd", dest="helper_crd", type=str, - default="", help="helper crd file to test on", ) parser.add_argument( From ab6873a0399817fadf3d5044e7e05088b3fbc828 Mon Sep 17 00:00:00 2001 From: Tyler Gu Date: Thu, 29 Feb 2024 21:46:55 -0600 Subject: [PATCH 20/38] Fix test case mount Signed-off-by: Tyler Gu --- acto/input/input.py | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/acto/input/input.py b/acto/input/input.py index 920c0c46b3..f7271f28f0 100644 --- a/acto/input/input.py +++ b/acto/input/input.py @@ -293,7 +293,9 @@ def generate_test_plan( normal_testcases = {} - test_cases = get_testcases(self.root_schema, self.full_matched_schemas) + test_cases = get_testcases( + self.get_schema_by_path(self.mount), self.full_matched_schemas + ) num_test_cases = 0 num_run_test_cases = 0 From 3627346a112dcec492bcb9f3c7989f7aeeb63c5d Mon Sep 17 00:00:00 2001 From: Erdao <66999583+TwinIsland@users.noreply.github.com> Date: Fri, 1 Mar 2024 12:27:24 -0600 Subject: [PATCH 21/38] Fix retry logic for deploying operators (#339) --- acto/engine.py | 34 +++++++++++++++++----------------- 1 file changed, 17 insertions(+), 17 deletions(-) diff --git a/acto/engine.py b/acto/engine.py index 5f963fee35..5ad5021346 100644 --- a/acto/engine.py +++ b/acto/engine.py @@ -933,24 +933,24 @@ def __learn(self, context_file, helper_crd, analysis_only=False): os.path.expanduser("~"), ".kube", learn_context_name ) - while True: - self.cluster.restart_cluster("learn", learn_kubeconfig) - namespace = ( - get_yaml_existing_namespace(self.deploy.operator_yaml) - or CONST.ACTO_NAMESPACE - ) - self.context["namespace"] = namespace - kubectl_client = KubectlClient( - learn_kubeconfig, learn_context_name - ) - deployed = self.deploy.deploy_with_retry( - learn_kubeconfig, - learn_context_name, - kubectl_client=kubectl_client, - namespace=namespace, + self.cluster.restart_cluster("learn", learn_kubeconfig) + namespace = ( + get_yaml_existing_namespace(self.deploy.operator_yaml) + or CONST.ACTO_NAMESPACE + ) + self.context["namespace"] = namespace + kubectl_client = KubectlClient(learn_kubeconfig, learn_context_name) + deployed = self.deploy.deploy_with_retry( + learn_kubeconfig, + learn_context_name, + kubectl_client=kubectl_client, + namespace=namespace, + ) + if not deployed: + raise RuntimeError( + f"Failed to deploy operator due to max retry exceed" ) - if deployed: - break + apiclient = kubernetes_client(learn_kubeconfig, learn_context_name) logger.debug("helper crd path is %s", helper_crd) self.context["crd"] = process_crd( From 800dbfcf36fe4262807a9e7f4908879e2ff547c1 Mon Sep 17 00:00:00 2001 From: Tianyin Xu Date: Tue, 5 Mar 2024 01:17:42 -0600 Subject: [PATCH 22/38] Update README.md --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 80618d7750..491f8c4ba9 100644 --- a/README.md +++ b/README.md @@ -1,4 +1,4 @@ -# Acto: Push-Button End-to-End Testing of Kubernetes Operators/Controllers +# Acto: Push-Button End-to-End Testing of Kubernetes Operators and Controllers [![License](https://img.shields.io/badge/License-Apache_2.0-blue.svg)](https://opensource.org/licenses/Apache-2.0) [![Regression Test](https://github.com/xlab-uiuc/acto/actions/workflows/unittest.yaml/badge.svg)](https://github.com/xlab-uiuc/acto/actions/workflows/unittest.yaml) [![End-to-End Test](https://github.com/xlab-uiuc/acto/actions/workflows/e2e-test.yml/badge.svg)](https://github.com/xlab-uiuc/acto/actions/workflows/e2e-test.yml) From 4d0692f334e8cbbca6ed69bac5e9e7a16909da37 Mon Sep 17 00:00:00 2001 From: TZ-zzz <77227890+TZ-zzz@users.noreply.github.com> Date: Fri, 8 Mar 2024 00:37:04 -0600 Subject: [PATCH 23/38] Add minio-operator config (#342) * add minio operator config * add context.json --- data/minio-operator/config.json | 29 + data/minio-operator/context.json | 7810 ++++++++++++++++++++++++ data/minio-operator/cr.yaml | 81 + data/minio-operator/operator.yaml | 5802 ++++++++++++++++++ data/minio-operator/storage-user.yaml | 9 + data/minio-operator/tenant-config.yaml | 11 + 6 files changed, 13742 insertions(+) create mode 100644 data/minio-operator/config.json create mode 100644 data/minio-operator/context.json create mode 100644 data/minio-operator/cr.yaml create mode 100644 data/minio-operator/operator.yaml create mode 100644 data/minio-operator/storage-user.yaml create mode 100644 data/minio-operator/tenant-config.yaml diff --git a/data/minio-operator/config.json b/data/minio-operator/config.json new file mode 100644 index 0000000000..04c693b81d --- /dev/null +++ b/data/minio-operator/config.json @@ -0,0 +1,29 @@ +{ + "deploy": { + "steps": [ + { + "apply": { + "file": "data/minio-operator/operator.yaml", + "operator": true + } + }, + { + "wait": { + "duration": 10 + } + }, + { + "apply": { + "file": "data/minio-operator/tenant-config.yaml" + } + }, + { + "apply": { + "file": "data/minio-operator/storage-user.yaml" + } + } + ] + }, + "crd_name": "tenants.minio.min.io", + "seed_custom_resource": "data/minio-operator/cr.yaml" +} diff --git a/data/minio-operator/context.json b/data/minio-operator/context.json new file mode 100644 index 0000000000..cdad7d8e4e --- /dev/null +++ b/data/minio-operator/context.json @@ -0,0 +1,7810 @@ +{ + "crd": { + "body": { + "apiVersion": "apiextensions.k8s.io/v1", + "kind": "CustomResourceDefinition", + "metadata": { + "annotations": { + "controller-gen.kubebuilder.io/version": "v0.11.1", + "operator.min.io/authors": "MinIO, Inc.", + "operator.min.io/license": "AGPLv3", + "operator.min.io/support": "https://subnet.min.io" + }, + "creationTimestamp": "2024-03-01T08:19:09Z", + "generation": 1, + "name": "tenants.minio.min.io", + "resourceVersion": "681", + "uid": "de8ffbca-c518-40e9-a8f6-f01ab31d565e" + }, + "spec": { + "conversion": { + "strategy": "None" + }, + "group": "minio.min.io", + "names": { + "kind": "Tenant", + "listKind": "TenantList", + "plural": "tenants", + "shortNames": [ + "tenant" + ], + "singular": "tenant" + }, + "scope": "Namespaced", + "versions": [ + { + "additionalPrinterColumns": [ + { + "jsonPath": ".status.currentState", + "name": "State", + "type": "string" + }, + { + "jsonPath": ".metadata.creationTimestamp", + "name": "Age", + "type": "date" + } + ], + "name": "v2", + "schema": { + "openAPIV3Schema": { + "properties": { + "apiVersion": { + "type": "string" + }, + "kind": { + "type": "string" + }, + "metadata": { + "type": "object" + }, + "scheduler": { + "properties": { + "name": { + "type": "string" + } + }, + "required": [ + "name" + ], + "type": "object" + }, + "spec": { + "properties": { + "additionalVolumeMounts": { + "items": { + "properties": { + "mountPath": { + "type": "string" + }, + "mountPropagation": { + "type": "string" + }, + "name": { + "type": "string" + }, + "readOnly": { + "type": "boolean" + }, + "subPath": { + "type": "string" + }, + "subPathExpr": { + "type": "string" + } + }, + "required": [ + "mountPath", + "name" + ], + "type": "object" + }, + "type": "array" + }, + "additionalVolumes": { + "items": { + "properties": { + "awsElasticBlockStore": { + "properties": { + "fsType": { + "type": "string" + }, + "partition": { + "format": "int32", + "type": "integer" + }, + "readOnly": { + "type": "boolean" + }, + "volumeID": { + "type": "string" + } + }, + "required": [ + "volumeID" + ], + "type": "object" + }, + "azureDisk": { + "properties": { + "cachingMode": { + "type": "string" + }, + "diskName": { + "type": "string" + }, + "diskURI": { + "type": "string" + }, + "fsType": { + "type": "string" + }, + "kind": { + "type": "string" + }, + "readOnly": { + "type": "boolean" + } + }, + "required": [ + "diskName", + "diskURI" + ], + "type": "object" + }, + "azureFile": { + "properties": { + "readOnly": { + "type": "boolean" + }, + "secretName": { + "type": "string" + }, + "shareName": { + "type": "string" + } + }, + "required": [ + "secretName", + "shareName" + ], + "type": "object" + }, + "cephfs": { + "properties": { + "monitors": { + "items": { + "type": "string" + }, + "type": "array" + }, + "path": { + "type": "string" + }, + "readOnly": { + "type": "boolean" + }, + "secretFile": { + "type": "string" + }, + "secretRef": { + "properties": { + "name": { + "type": "string" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "user": { + "type": "string" + } + }, + "required": [ + "monitors" + ], + "type": "object" + }, + "cinder": { + "properties": { + "fsType": { + "type": "string" + }, + "readOnly": { + "type": "boolean" + }, + "secretRef": { + "properties": { + "name": { + "type": "string" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "volumeID": { + "type": "string" + } + }, + "required": [ + "volumeID" + ], + "type": "object" + }, + "configMap": { + "properties": { + "defaultMode": { + "format": "int32", + "type": "integer" + }, + "items": { + "items": { + "properties": { + "key": { + "type": "string" + }, + "mode": { + "format": "int32", + "type": "integer" + }, + "path": { + "type": "string" + } + }, + "required": [ + "key", + "path" + ], + "type": "object" + }, + "type": "array" + }, + "name": { + "type": "string" + }, + "optional": { + "type": "boolean" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "csi": { + "properties": { + "driver": { + "type": "string" + }, + "fsType": { + "type": "string" + }, + "nodePublishSecretRef": { + "properties": { + "name": { + "type": "string" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "readOnly": { + "type": "boolean" + }, + "volumeAttributes": { + "additionalProperties": { + "type": "string" + }, + "type": "object" + } + }, + "required": [ + "driver" + ], + "type": "object" + }, + "downwardAPI": { + "properties": { + "defaultMode": { + "format": "int32", + "type": "integer" + }, + "items": { + "items": { + "properties": { + "fieldRef": { + "properties": { + "apiVersion": { + "type": "string" + }, + "fieldPath": { + "type": "string" + } + }, + "required": [ + "fieldPath" + ], + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "mode": { + "format": "int32", + "type": "integer" + }, + "path": { + "type": "string" + }, + "resourceFieldRef": { + "properties": { + "containerName": { + "type": "string" + }, + "divisor": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "resource": { + "type": "string" + } + }, + "required": [ + "resource" + ], + "type": "object", + "x-kubernetes-map-type": "atomic" + } + }, + "required": [ + "path" + ], + "type": "object" + }, + "type": "array" + } + }, + "type": "object" + }, + "emptyDir": { + "properties": { + "medium": { + "type": "string" + }, + "sizeLimit": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + } + }, + "type": "object" + }, + "ephemeral": { + "properties": { + "volumeClaimTemplate": { + "properties": { + "metadata": { + "properties": { + "annotations": { + "additionalProperties": { + "type": "string" + }, + "type": "object" + }, + "finalizers": { + "items": { + "type": "string" + }, + "type": "array" + }, + "labels": { + "additionalProperties": { + "type": "string" + }, + "type": "object" + }, + "name": { + "type": "string" + }, + "namespace": { + "type": "string" + } + }, + "type": "object" + }, + "spec": { + "properties": { + "accessModes": { + "items": { + "type": "string" + }, + "type": "array" + }, + "dataSource": { + "properties": { + "apiGroup": { + "type": "string" + }, + "kind": { + "type": "string" + }, + "name": { + "type": "string" + } + }, + "required": [ + "kind", + "name" + ], + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "dataSourceRef": { + "properties": { + "apiGroup": { + "type": "string" + }, + "kind": { + "type": "string" + }, + "name": { + "type": "string" + }, + "namespace": { + "type": "string" + } + }, + "required": [ + "kind", + "name" + ], + "type": "object" + }, + "resources": { + "properties": { + "claims": { + "items": { + "properties": { + "name": { + "type": "string" + } + }, + "required": [ + "name" + ], + "type": "object" + }, + "type": "array", + "x-kubernetes-list-map-keys": [ + "name" + ], + "x-kubernetes-list-type": "map" + }, + "limits": { + "additionalProperties": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "type": "object" + }, + "requests": { + "additionalProperties": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "type": "object" + } + }, + "type": "object" + }, + "selector": { + "properties": { + "matchExpressions": { + "items": { + "properties": { + "key": { + "type": "string" + }, + "operator": { + "type": "string" + }, + "values": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array" + }, + "matchLabels": { + "additionalProperties": { + "type": "string" + }, + "type": "object" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "storageClassName": { + "type": "string" + }, + "volumeMode": { + "type": "string" + }, + "volumeName": { + "type": "string" + } + }, + "type": "object" + } + }, + "required": [ + "spec" + ], + "type": "object" + } + }, + "type": "object" + }, + "fc": { + "properties": { + "fsType": { + "type": "string" + }, + "lun": { + "format": "int32", + "type": "integer" + }, + "readOnly": { + "type": "boolean" + }, + "targetWWNs": { + "items": { + "type": "string" + }, + "type": "array" + }, + "wwids": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + }, + "flexVolume": { + "properties": { + "driver": { + "type": "string" + }, + "fsType": { + "type": "string" + }, + "options": { + "additionalProperties": { + "type": "string" + }, + "type": "object" + }, + "readOnly": { + "type": "boolean" + }, + "secretRef": { + "properties": { + "name": { + "type": "string" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + } + }, + "required": [ + "driver" + ], + "type": "object" + }, + "flocker": { + "properties": { + "datasetName": { + "type": "string" + }, + "datasetUUID": { + "type": "string" + } + }, + "type": "object" + }, + "gcePersistentDisk": { + "properties": { + "fsType": { + "type": "string" + }, + "partition": { + "format": "int32", + "type": "integer" + }, + "pdName": { + "type": "string" + }, + "readOnly": { + "type": "boolean" + } + }, + "required": [ + "pdName" + ], + "type": "object" + }, + "gitRepo": { + "properties": { + "directory": { + "type": "string" + }, + "repository": { + "type": "string" + }, + "revision": { + "type": "string" + } + }, + "required": [ + "repository" + ], + "type": "object" + }, + "glusterfs": { + "properties": { + "endpoints": { + "type": "string" + }, + "path": { + "type": "string" + }, + "readOnly": { + "type": "boolean" + } + }, + "required": [ + "endpoints", + "path" + ], + "type": "object" + }, + "hostPath": { + "properties": { + "path": { + "type": "string" + }, + "type": { + "type": "string" + } + }, + "required": [ + "path" + ], + "type": "object" + }, + "iscsi": { + "properties": { + "chapAuthDiscovery": { + "type": "boolean" + }, + "chapAuthSession": { + "type": "boolean" + }, + "fsType": { + "type": "string" + }, + "initiatorName": { + "type": "string" + }, + "iqn": { + "type": "string" + }, + "iscsiInterface": { + "type": "string" + }, + "lun": { + "format": "int32", + "type": "integer" + }, + "portals": { + "items": { + "type": "string" + }, + "type": "array" + }, + "readOnly": { + "type": "boolean" + }, + "secretRef": { + "properties": { + "name": { + "type": "string" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "targetPortal": { + "type": "string" + } + }, + "required": [ + "iqn", + "lun", + "targetPortal" + ], + "type": "object" + }, + "name": { + "type": "string" + }, + "nfs": { + "properties": { + "path": { + "type": "string" + }, + "readOnly": { + "type": "boolean" + }, + "server": { + "type": "string" + } + }, + "required": [ + "path", + "server" + ], + "type": "object" + }, + "persistentVolumeClaim": { + "properties": { + "claimName": { + "type": "string" + }, + "readOnly": { + "type": "boolean" + } + }, + "required": [ + "claimName" + ], + "type": "object" + }, + "photonPersistentDisk": { + "properties": { + "fsType": { + "type": "string" + }, + "pdID": { + "type": "string" + } + }, + "required": [ + "pdID" + ], + "type": "object" + }, + "portworxVolume": { + "properties": { + "fsType": { + "type": "string" + }, + "readOnly": { + "type": "boolean" + }, + "volumeID": { + "type": "string" + } + }, + "required": [ + "volumeID" + ], + "type": "object" + }, + "projected": { + "properties": { + "defaultMode": { + "format": "int32", + "type": "integer" + }, + "sources": { + "items": { + "properties": { + "configMap": { + "properties": { + "items": { + "items": { + "properties": { + "key": { + "type": "string" + }, + "mode": { + "format": "int32", + "type": "integer" + }, + "path": { + "type": "string" + } + }, + "required": [ + "key", + "path" + ], + "type": "object" + }, + "type": "array" + }, + "name": { + "type": "string" + }, + "optional": { + "type": "boolean" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "downwardAPI": { + "properties": { + "items": { + "items": { + "properties": { + "fieldRef": { + "properties": { + "apiVersion": { + "type": "string" + }, + "fieldPath": { + "type": "string" + } + }, + "required": [ + "fieldPath" + ], + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "mode": { + "format": "int32", + "type": "integer" + }, + "path": { + "type": "string" + }, + "resourceFieldRef": { + "properties": { + "containerName": { + "type": "string" + }, + "divisor": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "resource": { + "type": "string" + } + }, + "required": [ + "resource" + ], + "type": "object", + "x-kubernetes-map-type": "atomic" + } + }, + "required": [ + "path" + ], + "type": "object" + }, + "type": "array" + } + }, + "type": "object" + }, + "secret": { + "properties": { + "items": { + "items": { + "properties": { + "key": { + "type": "string" + }, + "mode": { + "format": "int32", + "type": "integer" + }, + "path": { + "type": "string" + } + }, + "required": [ + "key", + "path" + ], + "type": "object" + }, + "type": "array" + }, + "name": { + "type": "string" + }, + "optional": { + "type": "boolean" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "serviceAccountToken": { + "properties": { + "audience": { + "type": "string" + }, + "expirationSeconds": { + "format": "int64", + "type": "integer" + }, + "path": { + "type": "string" + } + }, + "required": [ + "path" + ], + "type": "object" + } + }, + "type": "object" + }, + "type": "array" + } + }, + "type": "object" + }, + "quobyte": { + "properties": { + "group": { + "type": "string" + }, + "readOnly": { + "type": "boolean" + }, + "registry": { + "type": "string" + }, + "tenant": { + "type": "string" + }, + "user": { + "type": "string" + }, + "volume": { + "type": "string" + } + }, + "required": [ + "registry", + "volume" + ], + "type": "object" + }, + "rbd": { + "properties": { + "fsType": { + "type": "string" + }, + "image": { + "type": "string" + }, + "keyring": { + "type": "string" + }, + "monitors": { + "items": { + "type": "string" + }, + "type": "array" + }, + "pool": { + "type": "string" + }, + "readOnly": { + "type": "boolean" + }, + "secretRef": { + "properties": { + "name": { + "type": "string" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "user": { + "type": "string" + } + }, + "required": [ + "image", + "monitors" + ], + "type": "object" + }, + "scaleIO": { + "properties": { + "fsType": { + "type": "string" + }, + "gateway": { + "type": "string" + }, + "protectionDomain": { + "type": "string" + }, + "readOnly": { + "type": "boolean" + }, + "secretRef": { + "properties": { + "name": { + "type": "string" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "sslEnabled": { + "type": "boolean" + }, + "storageMode": { + "type": "string" + }, + "storagePool": { + "type": "string" + }, + "system": { + "type": "string" + }, + "volumeName": { + "type": "string" + } + }, + "required": [ + "gateway", + "secretRef", + "system" + ], + "type": "object" + }, + "secret": { + "properties": { + "defaultMode": { + "format": "int32", + "type": "integer" + }, + "items": { + "items": { + "properties": { + "key": { + "type": "string" + }, + "mode": { + "format": "int32", + "type": "integer" + }, + "path": { + "type": "string" + } + }, + "required": [ + "key", + "path" + ], + "type": "object" + }, + "type": "array" + }, + "optional": { + "type": "boolean" + }, + "secretName": { + "type": "string" + } + }, + "type": "object" + }, + "storageos": { + "properties": { + "fsType": { + "type": "string" + }, + "readOnly": { + "type": "boolean" + }, + "secretRef": { + "properties": { + "name": { + "type": "string" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "volumeName": { + "type": "string" + }, + "volumeNamespace": { + "type": "string" + } + }, + "type": "object" + }, + "vsphereVolume": { + "properties": { + "fsType": { + "type": "string" + }, + "storagePolicyID": { + "type": "string" + }, + "storagePolicyName": { + "type": "string" + }, + "volumePath": { + "type": "string" + } + }, + "required": [ + "volumePath" + ], + "type": "object" + } + }, + "required": [ + "name" + ], + "type": "object" + }, + "type": "array" + }, + "buckets": { + "items": { + "properties": { + "name": { + "type": "string" + }, + "objectLock": { + "type": "boolean" + }, + "region": { + "type": "string" + } + }, + "type": "object" + }, + "type": "array" + }, + "certConfig": { + "properties": { + "commonName": { + "type": "string" + }, + "dnsNames": { + "items": { + "type": "string" + }, + "type": "array" + }, + "organizationName": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + }, + "configuration": { + "properties": { + "name": { + "type": "string" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "credsSecret": { + "properties": { + "name": { + "type": "string" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "env": { + "items": { + "properties": { + "name": { + "type": "string" + }, + "value": { + "type": "string" + }, + "valueFrom": { + "properties": { + "configMapKeyRef": { + "properties": { + "key": { + "type": "string" + }, + "name": { + "type": "string" + }, + "optional": { + "type": "boolean" + } + }, + "required": [ + "key" + ], + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "fieldRef": { + "properties": { + "apiVersion": { + "type": "string" + }, + "fieldPath": { + "type": "string" + } + }, + "required": [ + "fieldPath" + ], + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "resourceFieldRef": { + "properties": { + "containerName": { + "type": "string" + }, + "divisor": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "resource": { + "type": "string" + } + }, + "required": [ + "resource" + ], + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "secretKeyRef": { + "properties": { + "key": { + "type": "string" + }, + "name": { + "type": "string" + }, + "optional": { + "type": "boolean" + } + }, + "required": [ + "key" + ], + "type": "object", + "x-kubernetes-map-type": "atomic" + } + }, + "type": "object" + } + }, + "required": [ + "name" + ], + "type": "object" + }, + "type": "array" + }, + "exposeServices": { + "properties": { + "console": { + "type": "boolean" + }, + "minio": { + "type": "boolean" + } + }, + "type": "object" + }, + "externalCaCertSecret": { + "items": { + "properties": { + "name": { + "type": "string" + }, + "type": { + "type": "string" + } + }, + "required": [ + "name" + ], + "type": "object" + }, + "type": "array" + }, + "externalCertSecret": { + "items": { + "properties": { + "name": { + "type": "string" + }, + "type": { + "type": "string" + } + }, + "required": [ + "name" + ], + "type": "object" + }, + "type": "array" + }, + "externalClientCertSecret": { + "properties": { + "name": { + "type": "string" + }, + "type": { + "type": "string" + } + }, + "required": [ + "name" + ], + "type": "object" + }, + "externalClientCertSecrets": { + "items": { + "properties": { + "name": { + "type": "string" + }, + "type": { + "type": "string" + } + }, + "required": [ + "name" + ], + "type": "object" + }, + "type": "array" + }, + "features": { + "properties": { + "bucketDNS": { + "type": "boolean" + }, + "domains": { + "properties": { + "console": { + "type": "string" + }, + "minio": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + }, + "enableSFTP": { + "type": "boolean" + } + }, + "type": "object" + }, + "image": { + "type": "string" + }, + "imagePullPolicy": { + "type": "string" + }, + "imagePullSecret": { + "properties": { + "name": { + "type": "string" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "initContainers": { + "items": { + "properties": { + "args": { + "items": { + "type": "string" + }, + "type": "array" + }, + "command": { + "items": { + "type": "string" + }, + "type": "array" + }, + "env": { + "items": { + "properties": { + "name": { + "type": "string" + }, + "value": { + "type": "string" + }, + "valueFrom": { + "properties": { + "configMapKeyRef": { + "properties": { + "key": { + "type": "string" + }, + "name": { + "type": "string" + }, + "optional": { + "type": "boolean" + } + }, + "required": [ + "key" + ], + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "fieldRef": { + "properties": { + "apiVersion": { + "type": "string" + }, + "fieldPath": { + "type": "string" + } + }, + "required": [ + "fieldPath" + ], + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "resourceFieldRef": { + "properties": { + "containerName": { + "type": "string" + }, + "divisor": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "resource": { + "type": "string" + } + }, + "required": [ + "resource" + ], + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "secretKeyRef": { + "properties": { + "key": { + "type": "string" + }, + "name": { + "type": "string" + }, + "optional": { + "type": "boolean" + } + }, + "required": [ + "key" + ], + "type": "object", + "x-kubernetes-map-type": "atomic" + } + }, + "type": "object" + } + }, + "required": [ + "name" + ], + "type": "object" + }, + "type": "array" + }, + "envFrom": { + "items": { + "properties": { + "configMapRef": { + "properties": { + "name": { + "type": "string" + }, + "optional": { + "type": "boolean" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "prefix": { + "type": "string" + }, + "secretRef": { + "properties": { + "name": { + "type": "string" + }, + "optional": { + "type": "boolean" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + } + }, + "type": "object" + }, + "type": "array" + }, + "image": { + "type": "string" + }, + "imagePullPolicy": { + "type": "string" + }, + "lifecycle": { + "properties": { + "postStart": { + "properties": { + "exec": { + "properties": { + "command": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + }, + "httpGet": { + "properties": { + "host": { + "type": "string" + }, + "httpHeaders": { + "items": { + "properties": { + "name": { + "type": "string" + }, + "value": { + "type": "string" + } + }, + "required": [ + "name", + "value" + ], + "type": "object" + }, + "type": "array" + }, + "path": { + "type": "string" + }, + "port": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "x-kubernetes-int-or-string": true + }, + "scheme": { + "type": "string" + } + }, + "required": [ + "port" + ], + "type": "object" + }, + "tcpSocket": { + "properties": { + "host": { + "type": "string" + }, + "port": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "x-kubernetes-int-or-string": true + } + }, + "required": [ + "port" + ], + "type": "object" + } + }, + "type": "object" + }, + "preStop": { + "properties": { + "exec": { + "properties": { + "command": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + }, + "httpGet": { + "properties": { + "host": { + "type": "string" + }, + "httpHeaders": { + "items": { + "properties": { + "name": { + "type": "string" + }, + "value": { + "type": "string" + } + }, + "required": [ + "name", + "value" + ], + "type": "object" + }, + "type": "array" + }, + "path": { + "type": "string" + }, + "port": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "x-kubernetes-int-or-string": true + }, + "scheme": { + "type": "string" + } + }, + "required": [ + "port" + ], + "type": "object" + }, + "tcpSocket": { + "properties": { + "host": { + "type": "string" + }, + "port": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "x-kubernetes-int-or-string": true + } + }, + "required": [ + "port" + ], + "type": "object" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "livenessProbe": { + "properties": { + "exec": { + "properties": { + "command": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + }, + "failureThreshold": { + "format": "int32", + "type": "integer" + }, + "grpc": { + "properties": { + "port": { + "format": "int32", + "type": "integer" + }, + "service": { + "type": "string" + } + }, + "required": [ + "port" + ], + "type": "object" + }, + "httpGet": { + "properties": { + "host": { + "type": "string" + }, + "httpHeaders": { + "items": { + "properties": { + "name": { + "type": "string" + }, + "value": { + "type": "string" + } + }, + "required": [ + "name", + "value" + ], + "type": "object" + }, + "type": "array" + }, + "path": { + "type": "string" + }, + "port": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "x-kubernetes-int-or-string": true + }, + "scheme": { + "type": "string" + } + }, + "required": [ + "port" + ], + "type": "object" + }, + "initialDelaySeconds": { + "format": "int32", + "type": "integer" + }, + "periodSeconds": { + "format": "int32", + "type": "integer" + }, + "successThreshold": { + "format": "int32", + "type": "integer" + }, + "tcpSocket": { + "properties": { + "host": { + "type": "string" + }, + "port": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "x-kubernetes-int-or-string": true + } + }, + "required": [ + "port" + ], + "type": "object" + }, + "terminationGracePeriodSeconds": { + "format": "int64", + "type": "integer" + }, + "timeoutSeconds": { + "format": "int32", + "type": "integer" + } + }, + "type": "object" + }, + "name": { + "type": "string" + }, + "ports": { + "items": { + "properties": { + "containerPort": { + "format": "int32", + "type": "integer" + }, + "hostIP": { + "type": "string" + }, + "hostPort": { + "format": "int32", + "type": "integer" + }, + "name": { + "type": "string" + }, + "protocol": { + "default": "TCP", + "type": "string" + } + }, + "required": [ + "containerPort" + ], + "type": "object" + }, + "type": "array", + "x-kubernetes-list-map-keys": [ + "containerPort", + "protocol" + ], + "x-kubernetes-list-type": "map" + }, + "readinessProbe": { + "properties": { + "exec": { + "properties": { + "command": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + }, + "failureThreshold": { + "format": "int32", + "type": "integer" + }, + "grpc": { + "properties": { + "port": { + "format": "int32", + "type": "integer" + }, + "service": { + "type": "string" + } + }, + "required": [ + "port" + ], + "type": "object" + }, + "httpGet": { + "properties": { + "host": { + "type": "string" + }, + "httpHeaders": { + "items": { + "properties": { + "name": { + "type": "string" + }, + "value": { + "type": "string" + } + }, + "required": [ + "name", + "value" + ], + "type": "object" + }, + "type": "array" + }, + "path": { + "type": "string" + }, + "port": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "x-kubernetes-int-or-string": true + }, + "scheme": { + "type": "string" + } + }, + "required": [ + "port" + ], + "type": "object" + }, + "initialDelaySeconds": { + "format": "int32", + "type": "integer" + }, + "periodSeconds": { + "format": "int32", + "type": "integer" + }, + "successThreshold": { + "format": "int32", + "type": "integer" + }, + "tcpSocket": { + "properties": { + "host": { + "type": "string" + }, + "port": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "x-kubernetes-int-or-string": true + } + }, + "required": [ + "port" + ], + "type": "object" + }, + "terminationGracePeriodSeconds": { + "format": "int64", + "type": "integer" + }, + "timeoutSeconds": { + "format": "int32", + "type": "integer" + } + }, + "type": "object" + }, + "resizePolicy": { + "items": { + "properties": { + "resourceName": { + "type": "string" + }, + "restartPolicy": { + "type": "string" + } + }, + "required": [ + "resourceName", + "restartPolicy" + ], + "type": "object" + }, + "type": "array", + "x-kubernetes-list-type": "atomic" + }, + "resources": { + "properties": { + "claims": { + "items": { + "properties": { + "name": { + "type": "string" + } + }, + "required": [ + "name" + ], + "type": "object" + }, + "type": "array", + "x-kubernetes-list-map-keys": [ + "name" + ], + "x-kubernetes-list-type": "map" + }, + "limits": { + "additionalProperties": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "type": "object" + }, + "requests": { + "additionalProperties": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "type": "object" + } + }, + "type": "object" + }, + "restartPolicy": { + "type": "string" + }, + "securityContext": { + "properties": { + "allowPrivilegeEscalation": { + "type": "boolean" + }, + "capabilities": { + "properties": { + "add": { + "items": { + "type": "string" + }, + "type": "array" + }, + "drop": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + }, + "privileged": { + "type": "boolean" + }, + "procMount": { + "type": "string" + }, + "readOnlyRootFilesystem": { + "type": "boolean" + }, + "runAsGroup": { + "format": "int64", + "type": "integer" + }, + "runAsNonRoot": { + "type": "boolean" + }, + "runAsUser": { + "format": "int64", + "type": "integer" + }, + "seLinuxOptions": { + "properties": { + "level": { + "type": "string" + }, + "role": { + "type": "string" + }, + "type": { + "type": "string" + }, + "user": { + "type": "string" + } + }, + "type": "object" + }, + "seccompProfile": { + "properties": { + "localhostProfile": { + "type": "string" + }, + "type": { + "type": "string" + } + }, + "required": [ + "type" + ], + "type": "object" + }, + "windowsOptions": { + "properties": { + "gmsaCredentialSpec": { + "type": "string" + }, + "gmsaCredentialSpecName": { + "type": "string" + }, + "hostProcess": { + "type": "boolean" + }, + "runAsUserName": { + "type": "string" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "startupProbe": { + "properties": { + "exec": { + "properties": { + "command": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + }, + "failureThreshold": { + "format": "int32", + "type": "integer" + }, + "grpc": { + "properties": { + "port": { + "format": "int32", + "type": "integer" + }, + "service": { + "type": "string" + } + }, + "required": [ + "port" + ], + "type": "object" + }, + "httpGet": { + "properties": { + "host": { + "type": "string" + }, + "httpHeaders": { + "items": { + "properties": { + "name": { + "type": "string" + }, + "value": { + "type": "string" + } + }, + "required": [ + "name", + "value" + ], + "type": "object" + }, + "type": "array" + }, + "path": { + "type": "string" + }, + "port": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "x-kubernetes-int-or-string": true + }, + "scheme": { + "type": "string" + } + }, + "required": [ + "port" + ], + "type": "object" + }, + "initialDelaySeconds": { + "format": "int32", + "type": "integer" + }, + "periodSeconds": { + "format": "int32", + "type": "integer" + }, + "successThreshold": { + "format": "int32", + "type": "integer" + }, + "tcpSocket": { + "properties": { + "host": { + "type": "string" + }, + "port": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "x-kubernetes-int-or-string": true + } + }, + "required": [ + "port" + ], + "type": "object" + }, + "terminationGracePeriodSeconds": { + "format": "int64", + "type": "integer" + }, + "timeoutSeconds": { + "format": "int32", + "type": "integer" + } + }, + "type": "object" + }, + "stdin": { + "type": "boolean" + }, + "stdinOnce": { + "type": "boolean" + }, + "terminationMessagePath": { + "type": "string" + }, + "terminationMessagePolicy": { + "type": "string" + }, + "tty": { + "type": "boolean" + }, + "volumeDevices": { + "items": { + "properties": { + "devicePath": { + "type": "string" + }, + "name": { + "type": "string" + } + }, + "required": [ + "devicePath", + "name" + ], + "type": "object" + }, + "type": "array" + }, + "volumeMounts": { + "items": { + "properties": { + "mountPath": { + "type": "string" + }, + "mountPropagation": { + "type": "string" + }, + "name": { + "type": "string" + }, + "readOnly": { + "type": "boolean" + }, + "subPath": { + "type": "string" + }, + "subPathExpr": { + "type": "string" + } + }, + "required": [ + "mountPath", + "name" + ], + "type": "object" + }, + "type": "array" + }, + "workingDir": { + "type": "string" + } + }, + "required": [ + "name" + ], + "type": "object" + }, + "type": "array" + }, + "kes": { + "properties": { + "affinity": { + "properties": { + "nodeAffinity": { + "properties": { + "preferredDuringSchedulingIgnoredDuringExecution": { + "items": { + "properties": { + "preference": { + "properties": { + "matchExpressions": { + "items": { + "properties": { + "key": { + "type": "string" + }, + "operator": { + "type": "string" + }, + "values": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array" + }, + "matchFields": { + "items": { + "properties": { + "key": { + "type": "string" + }, + "operator": { + "type": "string" + }, + "values": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "weight": { + "format": "int32", + "type": "integer" + } + }, + "required": [ + "preference", + "weight" + ], + "type": "object" + }, + "type": "array" + }, + "requiredDuringSchedulingIgnoredDuringExecution": { + "properties": { + "nodeSelectorTerms": { + "items": { + "properties": { + "matchExpressions": { + "items": { + "properties": { + "key": { + "type": "string" + }, + "operator": { + "type": "string" + }, + "values": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array" + }, + "matchFields": { + "items": { + "properties": { + "key": { + "type": "string" + }, + "operator": { + "type": "string" + }, + "values": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "type": "array" + } + }, + "required": [ + "nodeSelectorTerms" + ], + "type": "object", + "x-kubernetes-map-type": "atomic" + } + }, + "type": "object" + }, + "podAffinity": { + "properties": { + "preferredDuringSchedulingIgnoredDuringExecution": { + "items": { + "properties": { + "podAffinityTerm": { + "properties": { + "labelSelector": { + "properties": { + "matchExpressions": { + "items": { + "properties": { + "key": { + "type": "string" + }, + "operator": { + "type": "string" + }, + "values": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array" + }, + "matchLabels": { + "additionalProperties": { + "type": "string" + }, + "type": "object" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "namespaceSelector": { + "properties": { + "matchExpressions": { + "items": { + "properties": { + "key": { + "type": "string" + }, + "operator": { + "type": "string" + }, + "values": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array" + }, + "matchLabels": { + "additionalProperties": { + "type": "string" + }, + "type": "object" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "namespaces": { + "items": { + "type": "string" + }, + "type": "array" + }, + "topologyKey": { + "type": "string" + } + }, + "required": [ + "topologyKey" + ], + "type": "object" + }, + "weight": { + "format": "int32", + "type": "integer" + } + }, + "required": [ + "podAffinityTerm", + "weight" + ], + "type": "object" + }, + "type": "array" + }, + "requiredDuringSchedulingIgnoredDuringExecution": { + "items": { + "properties": { + "labelSelector": { + "properties": { + "matchExpressions": { + "items": { + "properties": { + "key": { + "type": "string" + }, + "operator": { + "type": "string" + }, + "values": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array" + }, + "matchLabels": { + "additionalProperties": { + "type": "string" + }, + "type": "object" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "namespaceSelector": { + "properties": { + "matchExpressions": { + "items": { + "properties": { + "key": { + "type": "string" + }, + "operator": { + "type": "string" + }, + "values": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array" + }, + "matchLabels": { + "additionalProperties": { + "type": "string" + }, + "type": "object" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "namespaces": { + "items": { + "type": "string" + }, + "type": "array" + }, + "topologyKey": { + "type": "string" + } + }, + "required": [ + "topologyKey" + ], + "type": "object" + }, + "type": "array" + } + }, + "type": "object" + }, + "podAntiAffinity": { + "properties": { + "preferredDuringSchedulingIgnoredDuringExecution": { + "items": { + "properties": { + "podAffinityTerm": { + "properties": { + "labelSelector": { + "properties": { + "matchExpressions": { + "items": { + "properties": { + "key": { + "type": "string" + }, + "operator": { + "type": "string" + }, + "values": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array" + }, + "matchLabels": { + "additionalProperties": { + "type": "string" + }, + "type": "object" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "namespaceSelector": { + "properties": { + "matchExpressions": { + "items": { + "properties": { + "key": { + "type": "string" + }, + "operator": { + "type": "string" + }, + "values": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array" + }, + "matchLabels": { + "additionalProperties": { + "type": "string" + }, + "type": "object" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "namespaces": { + "items": { + "type": "string" + }, + "type": "array" + }, + "topologyKey": { + "type": "string" + } + }, + "required": [ + "topologyKey" + ], + "type": "object" + }, + "weight": { + "format": "int32", + "type": "integer" + } + }, + "required": [ + "podAffinityTerm", + "weight" + ], + "type": "object" + }, + "type": "array" + }, + "requiredDuringSchedulingIgnoredDuringExecution": { + "items": { + "properties": { + "labelSelector": { + "properties": { + "matchExpressions": { + "items": { + "properties": { + "key": { + "type": "string" + }, + "operator": { + "type": "string" + }, + "values": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array" + }, + "matchLabels": { + "additionalProperties": { + "type": "string" + }, + "type": "object" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "namespaceSelector": { + "properties": { + "matchExpressions": { + "items": { + "properties": { + "key": { + "type": "string" + }, + "operator": { + "type": "string" + }, + "values": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array" + }, + "matchLabels": { + "additionalProperties": { + "type": "string" + }, + "type": "object" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "namespaces": { + "items": { + "type": "string" + }, + "type": "array" + }, + "topologyKey": { + "type": "string" + } + }, + "required": [ + "topologyKey" + ], + "type": "object" + }, + "type": "array" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "annotations": { + "additionalProperties": { + "type": "string" + }, + "type": "object" + }, + "clientCertSecret": { + "properties": { + "name": { + "type": "string" + }, + "type": { + "type": "string" + } + }, + "required": [ + "name" + ], + "type": "object" + }, + "env": { + "items": { + "properties": { + "name": { + "type": "string" + }, + "value": { + "type": "string" + }, + "valueFrom": { + "properties": { + "configMapKeyRef": { + "properties": { + "key": { + "type": "string" + }, + "name": { + "type": "string" + }, + "optional": { + "type": "boolean" + } + }, + "required": [ + "key" + ], + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "fieldRef": { + "properties": { + "apiVersion": { + "type": "string" + }, + "fieldPath": { + "type": "string" + } + }, + "required": [ + "fieldPath" + ], + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "resourceFieldRef": { + "properties": { + "containerName": { + "type": "string" + }, + "divisor": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "resource": { + "type": "string" + } + }, + "required": [ + "resource" + ], + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "secretKeyRef": { + "properties": { + "key": { + "type": "string" + }, + "name": { + "type": "string" + }, + "optional": { + "type": "boolean" + } + }, + "required": [ + "key" + ], + "type": "object", + "x-kubernetes-map-type": "atomic" + } + }, + "type": "object" + } + }, + "required": [ + "name" + ], + "type": "object" + }, + "type": "array" + }, + "externalCertSecret": { + "properties": { + "name": { + "type": "string" + }, + "type": { + "type": "string" + } + }, + "required": [ + "name" + ], + "type": "object" + }, + "gcpCredentialSecretName": { + "type": "string" + }, + "gcpWorkloadIdentityPool": { + "type": "string" + }, + "image": { + "type": "string" + }, + "imagePullPolicy": { + "type": "string" + }, + "kesSecret": { + "properties": { + "name": { + "type": "string" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "keyName": { + "type": "string" + }, + "labels": { + "additionalProperties": { + "type": "string" + }, + "type": "object" + }, + "nodeSelector": { + "additionalProperties": { + "type": "string" + }, + "type": "object" + }, + "replicas": { + "format": "int32", + "type": "integer" + }, + "resources": { + "properties": { + "claims": { + "items": { + "properties": { + "name": { + "type": "string" + } + }, + "required": [ + "name" + ], + "type": "object" + }, + "type": "array", + "x-kubernetes-list-map-keys": [ + "name" + ], + "x-kubernetes-list-type": "map" + }, + "limits": { + "additionalProperties": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "type": "object" + }, + "requests": { + "additionalProperties": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "type": "object" + } + }, + "type": "object" + }, + "securityContext": { + "properties": { + "fsGroup": { + "format": "int64", + "type": "integer" + }, + "fsGroupChangePolicy": { + "type": "string" + }, + "runAsGroup": { + "format": "int64", + "type": "integer" + }, + "runAsNonRoot": { + "type": "boolean" + }, + "runAsUser": { + "format": "int64", + "type": "integer" + }, + "seLinuxOptions": { + "properties": { + "level": { + "type": "string" + }, + "role": { + "type": "string" + }, + "type": { + "type": "string" + }, + "user": { + "type": "string" + } + }, + "type": "object" + }, + "seccompProfile": { + "properties": { + "localhostProfile": { + "type": "string" + }, + "type": { + "type": "string" + } + }, + "required": [ + "type" + ], + "type": "object" + }, + "supplementalGroups": { + "items": { + "format": "int64", + "type": "integer" + }, + "type": "array" + }, + "sysctls": { + "items": { + "properties": { + "name": { + "type": "string" + }, + "value": { + "type": "string" + } + }, + "required": [ + "name", + "value" + ], + "type": "object" + }, + "type": "array" + }, + "windowsOptions": { + "properties": { + "gmsaCredentialSpec": { + "type": "string" + }, + "gmsaCredentialSpecName": { + "type": "string" + }, + "hostProcess": { + "type": "boolean" + }, + "runAsUserName": { + "type": "string" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "serviceAccountName": { + "type": "string" + }, + "tolerations": { + "items": { + "properties": { + "effect": { + "type": "string" + }, + "key": { + "type": "string" + }, + "operator": { + "type": "string" + }, + "tolerationSeconds": { + "format": "int64", + "type": "integer" + }, + "value": { + "type": "string" + } + }, + "type": "object" + }, + "type": "array" + }, + "topologySpreadConstraints": { + "items": { + "properties": { + "labelSelector": { + "properties": { + "matchExpressions": { + "items": { + "properties": { + "key": { + "type": "string" + }, + "operator": { + "type": "string" + }, + "values": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array" + }, + "matchLabels": { + "additionalProperties": { + "type": "string" + }, + "type": "object" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "matchLabelKeys": { + "items": { + "type": "string" + }, + "type": "array", + "x-kubernetes-list-type": "atomic" + }, + "maxSkew": { + "format": "int32", + "type": "integer" + }, + "minDomains": { + "format": "int32", + "type": "integer" + }, + "nodeAffinityPolicy": { + "type": "string" + }, + "nodeTaintsPolicy": { + "type": "string" + }, + "topologyKey": { + "type": "string" + }, + "whenUnsatisfiable": { + "type": "string" + } + }, + "required": [ + "maxSkew", + "topologyKey", + "whenUnsatisfiable" + ], + "type": "object" + }, + "type": "array" + } + }, + "required": [ + "kesSecret" + ], + "type": "object" + }, + "liveness": { + "properties": { + "exec": { + "properties": { + "command": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + }, + "failureThreshold": { + "format": "int32", + "type": "integer" + }, + "grpc": { + "properties": { + "port": { + "format": "int32", + "type": "integer" + }, + "service": { + "type": "string" + } + }, + "required": [ + "port" + ], + "type": "object" + }, + "httpGet": { + "properties": { + "host": { + "type": "string" + }, + "httpHeaders": { + "items": { + "properties": { + "name": { + "type": "string" + }, + "value": { + "type": "string" + } + }, + "required": [ + "name", + "value" + ], + "type": "object" + }, + "type": "array" + }, + "path": { + "type": "string" + }, + "port": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "x-kubernetes-int-or-string": true + }, + "scheme": { + "type": "string" + } + }, + "required": [ + "port" + ], + "type": "object" + }, + "initialDelaySeconds": { + "format": "int32", + "type": "integer" + }, + "periodSeconds": { + "format": "int32", + "type": "integer" + }, + "successThreshold": { + "format": "int32", + "type": "integer" + }, + "tcpSocket": { + "properties": { + "host": { + "type": "string" + }, + "port": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "x-kubernetes-int-or-string": true + } + }, + "required": [ + "port" + ], + "type": "object" + }, + "terminationGracePeriodSeconds": { + "format": "int64", + "type": "integer" + }, + "timeoutSeconds": { + "format": "int32", + "type": "integer" + } + }, + "type": "object" + }, + "logging": { + "properties": { + "anonymous": { + "type": "boolean" + }, + "json": { + "type": "boolean" + }, + "quiet": { + "type": "boolean" + } + }, + "type": "object" + }, + "mountPath": { + "type": "string" + }, + "podManagementPolicy": { + "type": "string" + }, + "pools": { + "items": { + "properties": { + "affinity": { + "properties": { + "nodeAffinity": { + "properties": { + "preferredDuringSchedulingIgnoredDuringExecution": { + "items": { + "properties": { + "preference": { + "properties": { + "matchExpressions": { + "items": { + "properties": { + "key": { + "type": "string" + }, + "operator": { + "type": "string" + }, + "values": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array" + }, + "matchFields": { + "items": { + "properties": { + "key": { + "type": "string" + }, + "operator": { + "type": "string" + }, + "values": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "weight": { + "format": "int32", + "type": "integer" + } + }, + "required": [ + "preference", + "weight" + ], + "type": "object" + }, + "type": "array" + }, + "requiredDuringSchedulingIgnoredDuringExecution": { + "properties": { + "nodeSelectorTerms": { + "items": { + "properties": { + "matchExpressions": { + "items": { + "properties": { + "key": { + "type": "string" + }, + "operator": { + "type": "string" + }, + "values": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array" + }, + "matchFields": { + "items": { + "properties": { + "key": { + "type": "string" + }, + "operator": { + "type": "string" + }, + "values": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "type": "array" + } + }, + "required": [ + "nodeSelectorTerms" + ], + "type": "object", + "x-kubernetes-map-type": "atomic" + } + }, + "type": "object" + }, + "podAffinity": { + "properties": { + "preferredDuringSchedulingIgnoredDuringExecution": { + "items": { + "properties": { + "podAffinityTerm": { + "properties": { + "labelSelector": { + "properties": { + "matchExpressions": { + "items": { + "properties": { + "key": { + "type": "string" + }, + "operator": { + "type": "string" + }, + "values": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array" + }, + "matchLabels": { + "additionalProperties": { + "type": "string" + }, + "type": "object" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "namespaceSelector": { + "properties": { + "matchExpressions": { + "items": { + "properties": { + "key": { + "type": "string" + }, + "operator": { + "type": "string" + }, + "values": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array" + }, + "matchLabels": { + "additionalProperties": { + "type": "string" + }, + "type": "object" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "namespaces": { + "items": { + "type": "string" + }, + "type": "array" + }, + "topologyKey": { + "type": "string" + } + }, + "required": [ + "topologyKey" + ], + "type": "object" + }, + "weight": { + "format": "int32", + "type": "integer" + } + }, + "required": [ + "podAffinityTerm", + "weight" + ], + "type": "object" + }, + "type": "array" + }, + "requiredDuringSchedulingIgnoredDuringExecution": { + "items": { + "properties": { + "labelSelector": { + "properties": { + "matchExpressions": { + "items": { + "properties": { + "key": { + "type": "string" + }, + "operator": { + "type": "string" + }, + "values": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array" + }, + "matchLabels": { + "additionalProperties": { + "type": "string" + }, + "type": "object" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "namespaceSelector": { + "properties": { + "matchExpressions": { + "items": { + "properties": { + "key": { + "type": "string" + }, + "operator": { + "type": "string" + }, + "values": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array" + }, + "matchLabels": { + "additionalProperties": { + "type": "string" + }, + "type": "object" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "namespaces": { + "items": { + "type": "string" + }, + "type": "array" + }, + "topologyKey": { + "type": "string" + } + }, + "required": [ + "topologyKey" + ], + "type": "object" + }, + "type": "array" + } + }, + "type": "object" + }, + "podAntiAffinity": { + "properties": { + "preferredDuringSchedulingIgnoredDuringExecution": { + "items": { + "properties": { + "podAffinityTerm": { + "properties": { + "labelSelector": { + "properties": { + "matchExpressions": { + "items": { + "properties": { + "key": { + "type": "string" + }, + "operator": { + "type": "string" + }, + "values": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array" + }, + "matchLabels": { + "additionalProperties": { + "type": "string" + }, + "type": "object" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "namespaceSelector": { + "properties": { + "matchExpressions": { + "items": { + "properties": { + "key": { + "type": "string" + }, + "operator": { + "type": "string" + }, + "values": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array" + }, + "matchLabels": { + "additionalProperties": { + "type": "string" + }, + "type": "object" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "namespaces": { + "items": { + "type": "string" + }, + "type": "array" + }, + "topologyKey": { + "type": "string" + } + }, + "required": [ + "topologyKey" + ], + "type": "object" + }, + "weight": { + "format": "int32", + "type": "integer" + } + }, + "required": [ + "podAffinityTerm", + "weight" + ], + "type": "object" + }, + "type": "array" + }, + "requiredDuringSchedulingIgnoredDuringExecution": { + "items": { + "properties": { + "labelSelector": { + "properties": { + "matchExpressions": { + "items": { + "properties": { + "key": { + "type": "string" + }, + "operator": { + "type": "string" + }, + "values": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array" + }, + "matchLabels": { + "additionalProperties": { + "type": "string" + }, + "type": "object" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "namespaceSelector": { + "properties": { + "matchExpressions": { + "items": { + "properties": { + "key": { + "type": "string" + }, + "operator": { + "type": "string" + }, + "values": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array" + }, + "matchLabels": { + "additionalProperties": { + "type": "string" + }, + "type": "object" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "namespaces": { + "items": { + "type": "string" + }, + "type": "array" + }, + "topologyKey": { + "type": "string" + } + }, + "required": [ + "topologyKey" + ], + "type": "object" + }, + "type": "array" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "annotations": { + "additionalProperties": { + "type": "string" + }, + "type": "object" + }, + "containerSecurityContext": { + "properties": { + "allowPrivilegeEscalation": { + "type": "boolean" + }, + "capabilities": { + "properties": { + "add": { + "items": { + "type": "string" + }, + "type": "array" + }, + "drop": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + }, + "privileged": { + "type": "boolean" + }, + "procMount": { + "type": "string" + }, + "readOnlyRootFilesystem": { + "type": "boolean" + }, + "runAsGroup": { + "format": "int64", + "type": "integer" + }, + "runAsNonRoot": { + "type": "boolean" + }, + "runAsUser": { + "format": "int64", + "type": "integer" + }, + "seLinuxOptions": { + "properties": { + "level": { + "type": "string" + }, + "role": { + "type": "string" + }, + "type": { + "type": "string" + }, + "user": { + "type": "string" + } + }, + "type": "object" + }, + "seccompProfile": { + "properties": { + "localhostProfile": { + "type": "string" + }, + "type": { + "type": "string" + } + }, + "required": [ + "type" + ], + "type": "object" + }, + "windowsOptions": { + "properties": { + "gmsaCredentialSpec": { + "type": "string" + }, + "gmsaCredentialSpecName": { + "type": "string" + }, + "hostProcess": { + "type": "boolean" + }, + "runAsUserName": { + "type": "string" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "labels": { + "additionalProperties": { + "type": "string" + }, + "type": "object" + }, + "name": { + "type": "string" + }, + "nodeSelector": { + "additionalProperties": { + "type": "string" + }, + "type": "object" + }, + "reclaimStorage": { + "type": "boolean" + }, + "resources": { + "properties": { + "claims": { + "items": { + "properties": { + "name": { + "type": "string" + } + }, + "required": [ + "name" + ], + "type": "object" + }, + "type": "array", + "x-kubernetes-list-map-keys": [ + "name" + ], + "x-kubernetes-list-type": "map" + }, + "limits": { + "additionalProperties": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "type": "object" + }, + "requests": { + "additionalProperties": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "type": "object" + } + }, + "type": "object" + }, + "runtimeClassName": { + "type": "string" + }, + "securityContext": { + "properties": { + "fsGroup": { + "format": "int64", + "type": "integer" + }, + "fsGroupChangePolicy": { + "type": "string" + }, + "runAsGroup": { + "format": "int64", + "type": "integer" + }, + "runAsNonRoot": { + "type": "boolean" + }, + "runAsUser": { + "format": "int64", + "type": "integer" + }, + "seLinuxOptions": { + "properties": { + "level": { + "type": "string" + }, + "role": { + "type": "string" + }, + "type": { + "type": "string" + }, + "user": { + "type": "string" + } + }, + "type": "object" + }, + "seccompProfile": { + "properties": { + "localhostProfile": { + "type": "string" + }, + "type": { + "type": "string" + } + }, + "required": [ + "type" + ], + "type": "object" + }, + "supplementalGroups": { + "items": { + "format": "int64", + "type": "integer" + }, + "type": "array" + }, + "sysctls": { + "items": { + "properties": { + "name": { + "type": "string" + }, + "value": { + "type": "string" + } + }, + "required": [ + "name", + "value" + ], + "type": "object" + }, + "type": "array" + }, + "windowsOptions": { + "properties": { + "gmsaCredentialSpec": { + "type": "string" + }, + "gmsaCredentialSpecName": { + "type": "string" + }, + "hostProcess": { + "type": "boolean" + }, + "runAsUserName": { + "type": "string" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "servers": { + "format": "int32", + "type": "integer" + }, + "tolerations": { + "items": { + "properties": { + "effect": { + "type": "string" + }, + "key": { + "type": "string" + }, + "operator": { + "type": "string" + }, + "tolerationSeconds": { + "format": "int64", + "type": "integer" + }, + "value": { + "type": "string" + } + }, + "type": "object" + }, + "type": "array" + }, + "topologySpreadConstraints": { + "items": { + "properties": { + "labelSelector": { + "properties": { + "matchExpressions": { + "items": { + "properties": { + "key": { + "type": "string" + }, + "operator": { + "type": "string" + }, + "values": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array" + }, + "matchLabels": { + "additionalProperties": { + "type": "string" + }, + "type": "object" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "matchLabelKeys": { + "items": { + "type": "string" + }, + "type": "array", + "x-kubernetes-list-type": "atomic" + }, + "maxSkew": { + "format": "int32", + "type": "integer" + }, + "minDomains": { + "format": "int32", + "type": "integer" + }, + "nodeAffinityPolicy": { + "type": "string" + }, + "nodeTaintsPolicy": { + "type": "string" + }, + "topologyKey": { + "type": "string" + }, + "whenUnsatisfiable": { + "type": "string" + } + }, + "required": [ + "maxSkew", + "topologyKey", + "whenUnsatisfiable" + ], + "type": "object" + }, + "type": "array" + }, + "volumeClaimTemplate": { + "properties": { + "apiVersion": { + "type": "string" + }, + "kind": { + "type": "string" + }, + "metadata": { + "properties": { + "annotations": { + "additionalProperties": { + "type": "string" + }, + "type": "object" + }, + "finalizers": { + "items": { + "type": "string" + }, + "type": "array" + }, + "labels": { + "additionalProperties": { + "type": "string" + }, + "type": "object" + }, + "name": { + "type": "string" + }, + "namespace": { + "type": "string" + } + }, + "type": "object" + }, + "spec": { + "properties": { + "accessModes": { + "items": { + "type": "string" + }, + "type": "array" + }, + "dataSource": { + "properties": { + "apiGroup": { + "type": "string" + }, + "kind": { + "type": "string" + }, + "name": { + "type": "string" + } + }, + "required": [ + "kind", + "name" + ], + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "dataSourceRef": { + "properties": { + "apiGroup": { + "type": "string" + }, + "kind": { + "type": "string" + }, + "name": { + "type": "string" + }, + "namespace": { + "type": "string" + } + }, + "required": [ + "kind", + "name" + ], + "type": "object" + }, + "resources": { + "properties": { + "claims": { + "items": { + "properties": { + "name": { + "type": "string" + } + }, + "required": [ + "name" + ], + "type": "object" + }, + "type": "array", + "x-kubernetes-list-map-keys": [ + "name" + ], + "x-kubernetes-list-type": "map" + }, + "limits": { + "additionalProperties": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "type": "object" + }, + "requests": { + "additionalProperties": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "type": "object" + } + }, + "type": "object" + }, + "selector": { + "properties": { + "matchExpressions": { + "items": { + "properties": { + "key": { + "type": "string" + }, + "operator": { + "type": "string" + }, + "values": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array" + }, + "matchLabels": { + "additionalProperties": { + "type": "string" + }, + "type": "object" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "storageClassName": { + "type": "string" + }, + "volumeMode": { + "type": "string" + }, + "volumeName": { + "type": "string" + } + }, + "type": "object" + }, + "status": { + "properties": { + "accessModes": { + "items": { + "type": "string" + }, + "type": "array" + }, + "allocatedResourceStatuses": { + "additionalProperties": { + "type": "string" + }, + "type": "object", + "x-kubernetes-map-type": "granular" + }, + "allocatedResources": { + "additionalProperties": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "type": "object" + }, + "capacity": { + "additionalProperties": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "type": "object" + }, + "conditions": { + "items": { + "properties": { + "lastProbeTime": { + "format": "date-time", + "type": "string" + }, + "lastTransitionTime": { + "format": "date-time", + "type": "string" + }, + "message": { + "type": "string" + }, + "reason": { + "type": "string" + }, + "status": { + "type": "string" + }, + "type": { + "type": "string" + } + }, + "required": [ + "status", + "type" + ], + "type": "object" + }, + "type": "array" + }, + "phase": { + "type": "string" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "volumesPerServer": { + "format": "int32", + "type": "integer" + } + }, + "required": [ + "servers", + "volumeClaimTemplate", + "volumesPerServer" + ], + "type": "object" + }, + "type": "array" + }, + "priorityClassName": { + "type": "string" + }, + "prometheusOperator": { + "type": "boolean" + }, + "readiness": { + "properties": { + "exec": { + "properties": { + "command": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + }, + "failureThreshold": { + "format": "int32", + "type": "integer" + }, + "grpc": { + "properties": { + "port": { + "format": "int32", + "type": "integer" + }, + "service": { + "type": "string" + } + }, + "required": [ + "port" + ], + "type": "object" + }, + "httpGet": { + "properties": { + "host": { + "type": "string" + }, + "httpHeaders": { + "items": { + "properties": { + "name": { + "type": "string" + }, + "value": { + "type": "string" + } + }, + "required": [ + "name", + "value" + ], + "type": "object" + }, + "type": "array" + }, + "path": { + "type": "string" + }, + "port": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "x-kubernetes-int-or-string": true + }, + "scheme": { + "type": "string" + } + }, + "required": [ + "port" + ], + "type": "object" + }, + "initialDelaySeconds": { + "format": "int32", + "type": "integer" + }, + "periodSeconds": { + "format": "int32", + "type": "integer" + }, + "successThreshold": { + "format": "int32", + "type": "integer" + }, + "tcpSocket": { + "properties": { + "host": { + "type": "string" + }, + "port": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "x-kubernetes-int-or-string": true + } + }, + "required": [ + "port" + ], + "type": "object" + }, + "terminationGracePeriodSeconds": { + "format": "int64", + "type": "integer" + }, + "timeoutSeconds": { + "format": "int32", + "type": "integer" + } + }, + "type": "object" + }, + "requestAutoCert": { + "type": "boolean" + }, + "serviceAccountName": { + "type": "string" + }, + "serviceMetadata": { + "properties": { + "consoleServiceAnnotations": { + "additionalProperties": { + "type": "string" + }, + "type": "object" + }, + "consoleServiceLabels": { + "additionalProperties": { + "type": "string" + }, + "type": "object" + }, + "minioServiceAnnotations": { + "additionalProperties": { + "type": "string" + }, + "type": "object" + }, + "minioServiceLabels": { + "additionalProperties": { + "type": "string" + }, + "type": "object" + } + }, + "type": "object" + }, + "sideCars": { + "properties": { + "containers": { + "items": { + "properties": { + "args": { + "items": { + "type": "string" + }, + "type": "array" + }, + "command": { + "items": { + "type": "string" + }, + "type": "array" + }, + "env": { + "items": { + "properties": { + "name": { + "type": "string" + }, + "value": { + "type": "string" + }, + "valueFrom": { + "properties": { + "configMapKeyRef": { + "properties": { + "key": { + "type": "string" + }, + "name": { + "type": "string" + }, + "optional": { + "type": "boolean" + } + }, + "required": [ + "key" + ], + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "fieldRef": { + "properties": { + "apiVersion": { + "type": "string" + }, + "fieldPath": { + "type": "string" + } + }, + "required": [ + "fieldPath" + ], + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "resourceFieldRef": { + "properties": { + "containerName": { + "type": "string" + }, + "divisor": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "resource": { + "type": "string" + } + }, + "required": [ + "resource" + ], + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "secretKeyRef": { + "properties": { + "key": { + "type": "string" + }, + "name": { + "type": "string" + }, + "optional": { + "type": "boolean" + } + }, + "required": [ + "key" + ], + "type": "object", + "x-kubernetes-map-type": "atomic" + } + }, + "type": "object" + } + }, + "required": [ + "name" + ], + "type": "object" + }, + "type": "array" + }, + "envFrom": { + "items": { + "properties": { + "configMapRef": { + "properties": { + "name": { + "type": "string" + }, + "optional": { + "type": "boolean" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "prefix": { + "type": "string" + }, + "secretRef": { + "properties": { + "name": { + "type": "string" + }, + "optional": { + "type": "boolean" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + } + }, + "type": "object" + }, + "type": "array" + }, + "image": { + "type": "string" + }, + "imagePullPolicy": { + "type": "string" + }, + "lifecycle": { + "properties": { + "postStart": { + "properties": { + "exec": { + "properties": { + "command": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + }, + "httpGet": { + "properties": { + "host": { + "type": "string" + }, + "httpHeaders": { + "items": { + "properties": { + "name": { + "type": "string" + }, + "value": { + "type": "string" + } + }, + "required": [ + "name", + "value" + ], + "type": "object" + }, + "type": "array" + }, + "path": { + "type": "string" + }, + "port": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "x-kubernetes-int-or-string": true + }, + "scheme": { + "type": "string" + } + }, + "required": [ + "port" + ], + "type": "object" + }, + "tcpSocket": { + "properties": { + "host": { + "type": "string" + }, + "port": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "x-kubernetes-int-or-string": true + } + }, + "required": [ + "port" + ], + "type": "object" + } + }, + "type": "object" + }, + "preStop": { + "properties": { + "exec": { + "properties": { + "command": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + }, + "httpGet": { + "properties": { + "host": { + "type": "string" + }, + "httpHeaders": { + "items": { + "properties": { + "name": { + "type": "string" + }, + "value": { + "type": "string" + } + }, + "required": [ + "name", + "value" + ], + "type": "object" + }, + "type": "array" + }, + "path": { + "type": "string" + }, + "port": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "x-kubernetes-int-or-string": true + }, + "scheme": { + "type": "string" + } + }, + "required": [ + "port" + ], + "type": "object" + }, + "tcpSocket": { + "properties": { + "host": { + "type": "string" + }, + "port": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "x-kubernetes-int-or-string": true + } + }, + "required": [ + "port" + ], + "type": "object" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "livenessProbe": { + "properties": { + "exec": { + "properties": { + "command": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + }, + "failureThreshold": { + "format": "int32", + "type": "integer" + }, + "grpc": { + "properties": { + "port": { + "format": "int32", + "type": "integer" + }, + "service": { + "type": "string" + } + }, + "required": [ + "port" + ], + "type": "object" + }, + "httpGet": { + "properties": { + "host": { + "type": "string" + }, + "httpHeaders": { + "items": { + "properties": { + "name": { + "type": "string" + }, + "value": { + "type": "string" + } + }, + "required": [ + "name", + "value" + ], + "type": "object" + }, + "type": "array" + }, + "path": { + "type": "string" + }, + "port": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "x-kubernetes-int-or-string": true + }, + "scheme": { + "type": "string" + } + }, + "required": [ + "port" + ], + "type": "object" + }, + "initialDelaySeconds": { + "format": "int32", + "type": "integer" + }, + "periodSeconds": { + "format": "int32", + "type": "integer" + }, + "successThreshold": { + "format": "int32", + "type": "integer" + }, + "tcpSocket": { + "properties": { + "host": { + "type": "string" + }, + "port": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "x-kubernetes-int-or-string": true + } + }, + "required": [ + "port" + ], + "type": "object" + }, + "terminationGracePeriodSeconds": { + "format": "int64", + "type": "integer" + }, + "timeoutSeconds": { + "format": "int32", + "type": "integer" + } + }, + "type": "object" + }, + "name": { + "type": "string" + }, + "ports": { + "items": { + "properties": { + "containerPort": { + "format": "int32", + "type": "integer" + }, + "hostIP": { + "type": "string" + }, + "hostPort": { + "format": "int32", + "type": "integer" + }, + "name": { + "type": "string" + }, + "protocol": { + "default": "TCP", + "type": "string" + } + }, + "required": [ + "containerPort" + ], + "type": "object" + }, + "type": "array", + "x-kubernetes-list-map-keys": [ + "containerPort", + "protocol" + ], + "x-kubernetes-list-type": "map" + }, + "readinessProbe": { + "properties": { + "exec": { + "properties": { + "command": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + }, + "failureThreshold": { + "format": "int32", + "type": "integer" + }, + "grpc": { + "properties": { + "port": { + "format": "int32", + "type": "integer" + }, + "service": { + "type": "string" + } + }, + "required": [ + "port" + ], + "type": "object" + }, + "httpGet": { + "properties": { + "host": { + "type": "string" + }, + "httpHeaders": { + "items": { + "properties": { + "name": { + "type": "string" + }, + "value": { + "type": "string" + } + }, + "required": [ + "name", + "value" + ], + "type": "object" + }, + "type": "array" + }, + "path": { + "type": "string" + }, + "port": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "x-kubernetes-int-or-string": true + }, + "scheme": { + "type": "string" + } + }, + "required": [ + "port" + ], + "type": "object" + }, + "initialDelaySeconds": { + "format": "int32", + "type": "integer" + }, + "periodSeconds": { + "format": "int32", + "type": "integer" + }, + "successThreshold": { + "format": "int32", + "type": "integer" + }, + "tcpSocket": { + "properties": { + "host": { + "type": "string" + }, + "port": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "x-kubernetes-int-or-string": true + } + }, + "required": [ + "port" + ], + "type": "object" + }, + "terminationGracePeriodSeconds": { + "format": "int64", + "type": "integer" + }, + "timeoutSeconds": { + "format": "int32", + "type": "integer" + } + }, + "type": "object" + }, + "resizePolicy": { + "items": { + "properties": { + "resourceName": { + "type": "string" + }, + "restartPolicy": { + "type": "string" + } + }, + "required": [ + "resourceName", + "restartPolicy" + ], + "type": "object" + }, + "type": "array", + "x-kubernetes-list-type": "atomic" + }, + "resources": { + "properties": { + "claims": { + "items": { + "properties": { + "name": { + "type": "string" + } + }, + "required": [ + "name" + ], + "type": "object" + }, + "type": "array", + "x-kubernetes-list-map-keys": [ + "name" + ], + "x-kubernetes-list-type": "map" + }, + "limits": { + "additionalProperties": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "type": "object" + }, + "requests": { + "additionalProperties": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "type": "object" + } + }, + "type": "object" + }, + "restartPolicy": { + "type": "string" + }, + "securityContext": { + "properties": { + "allowPrivilegeEscalation": { + "type": "boolean" + }, + "capabilities": { + "properties": { + "add": { + "items": { + "type": "string" + }, + "type": "array" + }, + "drop": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + }, + "privileged": { + "type": "boolean" + }, + "procMount": { + "type": "string" + }, + "readOnlyRootFilesystem": { + "type": "boolean" + }, + "runAsGroup": { + "format": "int64", + "type": "integer" + }, + "runAsNonRoot": { + "type": "boolean" + }, + "runAsUser": { + "format": "int64", + "type": "integer" + }, + "seLinuxOptions": { + "properties": { + "level": { + "type": "string" + }, + "role": { + "type": "string" + }, + "type": { + "type": "string" + }, + "user": { + "type": "string" + } + }, + "type": "object" + }, + "seccompProfile": { + "properties": { + "localhostProfile": { + "type": "string" + }, + "type": { + "type": "string" + } + }, + "required": [ + "type" + ], + "type": "object" + }, + "windowsOptions": { + "properties": { + "gmsaCredentialSpec": { + "type": "string" + }, + "gmsaCredentialSpecName": { + "type": "string" + }, + "hostProcess": { + "type": "boolean" + }, + "runAsUserName": { + "type": "string" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "startupProbe": { + "properties": { + "exec": { + "properties": { + "command": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + }, + "failureThreshold": { + "format": "int32", + "type": "integer" + }, + "grpc": { + "properties": { + "port": { + "format": "int32", + "type": "integer" + }, + "service": { + "type": "string" + } + }, + "required": [ + "port" + ], + "type": "object" + }, + "httpGet": { + "properties": { + "host": { + "type": "string" + }, + "httpHeaders": { + "items": { + "properties": { + "name": { + "type": "string" + }, + "value": { + "type": "string" + } + }, + "required": [ + "name", + "value" + ], + "type": "object" + }, + "type": "array" + }, + "path": { + "type": "string" + }, + "port": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "x-kubernetes-int-or-string": true + }, + "scheme": { + "type": "string" + } + }, + "required": [ + "port" + ], + "type": "object" + }, + "initialDelaySeconds": { + "format": "int32", + "type": "integer" + }, + "periodSeconds": { + "format": "int32", + "type": "integer" + }, + "successThreshold": { + "format": "int32", + "type": "integer" + }, + "tcpSocket": { + "properties": { + "host": { + "type": "string" + }, + "port": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "x-kubernetes-int-or-string": true + } + }, + "required": [ + "port" + ], + "type": "object" + }, + "terminationGracePeriodSeconds": { + "format": "int64", + "type": "integer" + }, + "timeoutSeconds": { + "format": "int32", + "type": "integer" + } + }, + "type": "object" + }, + "stdin": { + "type": "boolean" + }, + "stdinOnce": { + "type": "boolean" + }, + "terminationMessagePath": { + "type": "string" + }, + "terminationMessagePolicy": { + "type": "string" + }, + "tty": { + "type": "boolean" + }, + "volumeDevices": { + "items": { + "properties": { + "devicePath": { + "type": "string" + }, + "name": { + "type": "string" + } + }, + "required": [ + "devicePath", + "name" + ], + "type": "object" + }, + "type": "array" + }, + "volumeMounts": { + "items": { + "properties": { + "mountPath": { + "type": "string" + }, + "mountPropagation": { + "type": "string" + }, + "name": { + "type": "string" + }, + "readOnly": { + "type": "boolean" + }, + "subPath": { + "type": "string" + }, + "subPathExpr": { + "type": "string" + } + }, + "required": [ + "mountPath", + "name" + ], + "type": "object" + }, + "type": "array" + }, + "workingDir": { + "type": "string" + } + }, + "required": [ + "name" + ], + "type": "object" + }, + "type": "array" + }, + "resources": { + "properties": { + "claims": { + "items": { + "properties": { + "name": { + "type": "string" + } + }, + "required": [ + "name" + ], + "type": "object" + }, + "type": "array", + "x-kubernetes-list-map-keys": [ + "name" + ], + "x-kubernetes-list-type": "map" + }, + "limits": { + "additionalProperties": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "type": "object" + }, + "requests": { + "additionalProperties": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "type": "object" + } + }, + "type": "object" + }, + "volumeClaimTemplates": { + "items": { + "properties": { + "apiVersion": { + "type": "string" + }, + "kind": { + "type": "string" + }, + "metadata": { + "properties": { + "annotations": { + "additionalProperties": { + "type": "string" + }, + "type": "object" + }, + "finalizers": { + "items": { + "type": "string" + }, + "type": "array" + }, + "labels": { + "additionalProperties": { + "type": "string" + }, + "type": "object" + }, + "name": { + "type": "string" + }, + "namespace": { + "type": "string" + } + }, + "type": "object" + }, + "spec": { + "properties": { + "accessModes": { + "items": { + "type": "string" + }, + "type": "array" + }, + "dataSource": { + "properties": { + "apiGroup": { + "type": "string" + }, + "kind": { + "type": "string" + }, + "name": { + "type": "string" + } + }, + "required": [ + "kind", + "name" + ], + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "dataSourceRef": { + "properties": { + "apiGroup": { + "type": "string" + }, + "kind": { + "type": "string" + }, + "name": { + "type": "string" + }, + "namespace": { + "type": "string" + } + }, + "required": [ + "kind", + "name" + ], + "type": "object" + }, + "resources": { + "properties": { + "claims": { + "items": { + "properties": { + "name": { + "type": "string" + } + }, + "required": [ + "name" + ], + "type": "object" + }, + "type": "array", + "x-kubernetes-list-map-keys": [ + "name" + ], + "x-kubernetes-list-type": "map" + }, + "limits": { + "additionalProperties": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "type": "object" + }, + "requests": { + "additionalProperties": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "type": "object" + } + }, + "type": "object" + }, + "selector": { + "properties": { + "matchExpressions": { + "items": { + "properties": { + "key": { + "type": "string" + }, + "operator": { + "type": "string" + }, + "values": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array" + }, + "matchLabels": { + "additionalProperties": { + "type": "string" + }, + "type": "object" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "storageClassName": { + "type": "string" + }, + "volumeMode": { + "type": "string" + }, + "volumeName": { + "type": "string" + } + }, + "type": "object" + }, + "status": { + "properties": { + "accessModes": { + "items": { + "type": "string" + }, + "type": "array" + }, + "allocatedResourceStatuses": { + "additionalProperties": { + "type": "string" + }, + "type": "object", + "x-kubernetes-map-type": "granular" + }, + "allocatedResources": { + "additionalProperties": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "type": "object" + }, + "capacity": { + "additionalProperties": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "type": "object" + }, + "conditions": { + "items": { + "properties": { + "lastProbeTime": { + "format": "date-time", + "type": "string" + }, + "lastTransitionTime": { + "format": "date-time", + "type": "string" + }, + "message": { + "type": "string" + }, + "reason": { + "type": "string" + }, + "status": { + "type": "string" + }, + "type": { + "type": "string" + } + }, + "required": [ + "status", + "type" + ], + "type": "object" + }, + "type": "array" + }, + "phase": { + "type": "string" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "type": "array" + }, + "volumes": { + "items": { + "properties": { + "awsElasticBlockStore": { + "properties": { + "fsType": { + "type": "string" + }, + "partition": { + "format": "int32", + "type": "integer" + }, + "readOnly": { + "type": "boolean" + }, + "volumeID": { + "type": "string" + } + }, + "required": [ + "volumeID" + ], + "type": "object" + }, + "azureDisk": { + "properties": { + "cachingMode": { + "type": "string" + }, + "diskName": { + "type": "string" + }, + "diskURI": { + "type": "string" + }, + "fsType": { + "type": "string" + }, + "kind": { + "type": "string" + }, + "readOnly": { + "type": "boolean" + } + }, + "required": [ + "diskName", + "diskURI" + ], + "type": "object" + }, + "azureFile": { + "properties": { + "readOnly": { + "type": "boolean" + }, + "secretName": { + "type": "string" + }, + "shareName": { + "type": "string" + } + }, + "required": [ + "secretName", + "shareName" + ], + "type": "object" + }, + "cephfs": { + "properties": { + "monitors": { + "items": { + "type": "string" + }, + "type": "array" + }, + "path": { + "type": "string" + }, + "readOnly": { + "type": "boolean" + }, + "secretFile": { + "type": "string" + }, + "secretRef": { + "properties": { + "name": { + "type": "string" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "user": { + "type": "string" + } + }, + "required": [ + "monitors" + ], + "type": "object" + }, + "cinder": { + "properties": { + "fsType": { + "type": "string" + }, + "readOnly": { + "type": "boolean" + }, + "secretRef": { + "properties": { + "name": { + "type": "string" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "volumeID": { + "type": "string" + } + }, + "required": [ + "volumeID" + ], + "type": "object" + }, + "configMap": { + "properties": { + "defaultMode": { + "format": "int32", + "type": "integer" + }, + "items": { + "items": { + "properties": { + "key": { + "type": "string" + }, + "mode": { + "format": "int32", + "type": "integer" + }, + "path": { + "type": "string" + } + }, + "required": [ + "key", + "path" + ], + "type": "object" + }, + "type": "array" + }, + "name": { + "type": "string" + }, + "optional": { + "type": "boolean" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "csi": { + "properties": { + "driver": { + "type": "string" + }, + "fsType": { + "type": "string" + }, + "nodePublishSecretRef": { + "properties": { + "name": { + "type": "string" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "readOnly": { + "type": "boolean" + }, + "volumeAttributes": { + "additionalProperties": { + "type": "string" + }, + "type": "object" + } + }, + "required": [ + "driver" + ], + "type": "object" + }, + "downwardAPI": { + "properties": { + "defaultMode": { + "format": "int32", + "type": "integer" + }, + "items": { + "items": { + "properties": { + "fieldRef": { + "properties": { + "apiVersion": { + "type": "string" + }, + "fieldPath": { + "type": "string" + } + }, + "required": [ + "fieldPath" + ], + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "mode": { + "format": "int32", + "type": "integer" + }, + "path": { + "type": "string" + }, + "resourceFieldRef": { + "properties": { + "containerName": { + "type": "string" + }, + "divisor": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "resource": { + "type": "string" + } + }, + "required": [ + "resource" + ], + "type": "object", + "x-kubernetes-map-type": "atomic" + } + }, + "required": [ + "path" + ], + "type": "object" + }, + "type": "array" + } + }, + "type": "object" + }, + "emptyDir": { + "properties": { + "medium": { + "type": "string" + }, + "sizeLimit": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + } + }, + "type": "object" + }, + "ephemeral": { + "properties": { + "volumeClaimTemplate": { + "properties": { + "metadata": { + "properties": { + "annotations": { + "additionalProperties": { + "type": "string" + }, + "type": "object" + }, + "finalizers": { + "items": { + "type": "string" + }, + "type": "array" + }, + "labels": { + "additionalProperties": { + "type": "string" + }, + "type": "object" + }, + "name": { + "type": "string" + }, + "namespace": { + "type": "string" + } + }, + "type": "object" + }, + "spec": { + "properties": { + "accessModes": { + "items": { + "type": "string" + }, + "type": "array" + }, + "dataSource": { + "properties": { + "apiGroup": { + "type": "string" + }, + "kind": { + "type": "string" + }, + "name": { + "type": "string" + } + }, + "required": [ + "kind", + "name" + ], + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "dataSourceRef": { + "properties": { + "apiGroup": { + "type": "string" + }, + "kind": { + "type": "string" + }, + "name": { + "type": "string" + }, + "namespace": { + "type": "string" + } + }, + "required": [ + "kind", + "name" + ], + "type": "object" + }, + "resources": { + "properties": { + "claims": { + "items": { + "properties": { + "name": { + "type": "string" + } + }, + "required": [ + "name" + ], + "type": "object" + }, + "type": "array", + "x-kubernetes-list-map-keys": [ + "name" + ], + "x-kubernetes-list-type": "map" + }, + "limits": { + "additionalProperties": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "type": "object" + }, + "requests": { + "additionalProperties": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "type": "object" + } + }, + "type": "object" + }, + "selector": { + "properties": { + "matchExpressions": { + "items": { + "properties": { + "key": { + "type": "string" + }, + "operator": { + "type": "string" + }, + "values": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array" + }, + "matchLabels": { + "additionalProperties": { + "type": "string" + }, + "type": "object" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "storageClassName": { + "type": "string" + }, + "volumeMode": { + "type": "string" + }, + "volumeName": { + "type": "string" + } + }, + "type": "object" + } + }, + "required": [ + "spec" + ], + "type": "object" + } + }, + "type": "object" + }, + "fc": { + "properties": { + "fsType": { + "type": "string" + }, + "lun": { + "format": "int32", + "type": "integer" + }, + "readOnly": { + "type": "boolean" + }, + "targetWWNs": { + "items": { + "type": "string" + }, + "type": "array" + }, + "wwids": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + }, + "flexVolume": { + "properties": { + "driver": { + "type": "string" + }, + "fsType": { + "type": "string" + }, + "options": { + "additionalProperties": { + "type": "string" + }, + "type": "object" + }, + "readOnly": { + "type": "boolean" + }, + "secretRef": { + "properties": { + "name": { + "type": "string" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + } + }, + "required": [ + "driver" + ], + "type": "object" + }, + "flocker": { + "properties": { + "datasetName": { + "type": "string" + }, + "datasetUUID": { + "type": "string" + } + }, + "type": "object" + }, + "gcePersistentDisk": { + "properties": { + "fsType": { + "type": "string" + }, + "partition": { + "format": "int32", + "type": "integer" + }, + "pdName": { + "type": "string" + }, + "readOnly": { + "type": "boolean" + } + }, + "required": [ + "pdName" + ], + "type": "object" + }, + "gitRepo": { + "properties": { + "directory": { + "type": "string" + }, + "repository": { + "type": "string" + }, + "revision": { + "type": "string" + } + }, + "required": [ + "repository" + ], + "type": "object" + }, + "glusterfs": { + "properties": { + "endpoints": { + "type": "string" + }, + "path": { + "type": "string" + }, + "readOnly": { + "type": "boolean" + } + }, + "required": [ + "endpoints", + "path" + ], + "type": "object" + }, + "hostPath": { + "properties": { + "path": { + "type": "string" + }, + "type": { + "type": "string" + } + }, + "required": [ + "path" + ], + "type": "object" + }, + "iscsi": { + "properties": { + "chapAuthDiscovery": { + "type": "boolean" + }, + "chapAuthSession": { + "type": "boolean" + }, + "fsType": { + "type": "string" + }, + "initiatorName": { + "type": "string" + }, + "iqn": { + "type": "string" + }, + "iscsiInterface": { + "type": "string" + }, + "lun": { + "format": "int32", + "type": "integer" + }, + "portals": { + "items": { + "type": "string" + }, + "type": "array" + }, + "readOnly": { + "type": "boolean" + }, + "secretRef": { + "properties": { + "name": { + "type": "string" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "targetPortal": { + "type": "string" + } + }, + "required": [ + "iqn", + "lun", + "targetPortal" + ], + "type": "object" + }, + "name": { + "type": "string" + }, + "nfs": { + "properties": { + "path": { + "type": "string" + }, + "readOnly": { + "type": "boolean" + }, + "server": { + "type": "string" + } + }, + "required": [ + "path", + "server" + ], + "type": "object" + }, + "persistentVolumeClaim": { + "properties": { + "claimName": { + "type": "string" + }, + "readOnly": { + "type": "boolean" + } + }, + "required": [ + "claimName" + ], + "type": "object" + }, + "photonPersistentDisk": { + "properties": { + "fsType": { + "type": "string" + }, + "pdID": { + "type": "string" + } + }, + "required": [ + "pdID" + ], + "type": "object" + }, + "portworxVolume": { + "properties": { + "fsType": { + "type": "string" + }, + "readOnly": { + "type": "boolean" + }, + "volumeID": { + "type": "string" + } + }, + "required": [ + "volumeID" + ], + "type": "object" + }, + "projected": { + "properties": { + "defaultMode": { + "format": "int32", + "type": "integer" + }, + "sources": { + "items": { + "properties": { + "configMap": { + "properties": { + "items": { + "items": { + "properties": { + "key": { + "type": "string" + }, + "mode": { + "format": "int32", + "type": "integer" + }, + "path": { + "type": "string" + } + }, + "required": [ + "key", + "path" + ], + "type": "object" + }, + "type": "array" + }, + "name": { + "type": "string" + }, + "optional": { + "type": "boolean" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "downwardAPI": { + "properties": { + "items": { + "items": { + "properties": { + "fieldRef": { + "properties": { + "apiVersion": { + "type": "string" + }, + "fieldPath": { + "type": "string" + } + }, + "required": [ + "fieldPath" + ], + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "mode": { + "format": "int32", + "type": "integer" + }, + "path": { + "type": "string" + }, + "resourceFieldRef": { + "properties": { + "containerName": { + "type": "string" + }, + "divisor": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "resource": { + "type": "string" + } + }, + "required": [ + "resource" + ], + "type": "object", + "x-kubernetes-map-type": "atomic" + } + }, + "required": [ + "path" + ], + "type": "object" + }, + "type": "array" + } + }, + "type": "object" + }, + "secret": { + "properties": { + "items": { + "items": { + "properties": { + "key": { + "type": "string" + }, + "mode": { + "format": "int32", + "type": "integer" + }, + "path": { + "type": "string" + } + }, + "required": [ + "key", + "path" + ], + "type": "object" + }, + "type": "array" + }, + "name": { + "type": "string" + }, + "optional": { + "type": "boolean" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "serviceAccountToken": { + "properties": { + "audience": { + "type": "string" + }, + "expirationSeconds": { + "format": "int64", + "type": "integer" + }, + "path": { + "type": "string" + } + }, + "required": [ + "path" + ], + "type": "object" + } + }, + "type": "object" + }, + "type": "array" + } + }, + "type": "object" + }, + "quobyte": { + "properties": { + "group": { + "type": "string" + }, + "readOnly": { + "type": "boolean" + }, + "registry": { + "type": "string" + }, + "tenant": { + "type": "string" + }, + "user": { + "type": "string" + }, + "volume": { + "type": "string" + } + }, + "required": [ + "registry", + "volume" + ], + "type": "object" + }, + "rbd": { + "properties": { + "fsType": { + "type": "string" + }, + "image": { + "type": "string" + }, + "keyring": { + "type": "string" + }, + "monitors": { + "items": { + "type": "string" + }, + "type": "array" + }, + "pool": { + "type": "string" + }, + "readOnly": { + "type": "boolean" + }, + "secretRef": { + "properties": { + "name": { + "type": "string" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "user": { + "type": "string" + } + }, + "required": [ + "image", + "monitors" + ], + "type": "object" + }, + "scaleIO": { + "properties": { + "fsType": { + "type": "string" + }, + "gateway": { + "type": "string" + }, + "protectionDomain": { + "type": "string" + }, + "readOnly": { + "type": "boolean" + }, + "secretRef": { + "properties": { + "name": { + "type": "string" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "sslEnabled": { + "type": "boolean" + }, + "storageMode": { + "type": "string" + }, + "storagePool": { + "type": "string" + }, + "system": { + "type": "string" + }, + "volumeName": { + "type": "string" + } + }, + "required": [ + "gateway", + "secretRef", + "system" + ], + "type": "object" + }, + "secret": { + "properties": { + "defaultMode": { + "format": "int32", + "type": "integer" + }, + "items": { + "items": { + "properties": { + "key": { + "type": "string" + }, + "mode": { + "format": "int32", + "type": "integer" + }, + "path": { + "type": "string" + } + }, + "required": [ + "key", + "path" + ], + "type": "object" + }, + "type": "array" + }, + "optional": { + "type": "boolean" + }, + "secretName": { + "type": "string" + } + }, + "type": "object" + }, + "storageos": { + "properties": { + "fsType": { + "type": "string" + }, + "readOnly": { + "type": "boolean" + }, + "secretRef": { + "properties": { + "name": { + "type": "string" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "volumeName": { + "type": "string" + }, + "volumeNamespace": { + "type": "string" + } + }, + "type": "object" + }, + "vsphereVolume": { + "properties": { + "fsType": { + "type": "string" + }, + "storagePolicyID": { + "type": "string" + }, + "storagePolicyName": { + "type": "string" + }, + "volumePath": { + "type": "string" + } + }, + "required": [ + "volumePath" + ], + "type": "object" + } + }, + "required": [ + "name" + ], + "type": "object" + }, + "type": "array" + } + }, + "type": "object" + }, + "startup": { + "properties": { + "exec": { + "properties": { + "command": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + }, + "failureThreshold": { + "format": "int32", + "type": "integer" + }, + "grpc": { + "properties": { + "port": { + "format": "int32", + "type": "integer" + }, + "service": { + "type": "string" + } + }, + "required": [ + "port" + ], + "type": "object" + }, + "httpGet": { + "properties": { + "host": { + "type": "string" + }, + "httpHeaders": { + "items": { + "properties": { + "name": { + "type": "string" + }, + "value": { + "type": "string" + } + }, + "required": [ + "name", + "value" + ], + "type": "object" + }, + "type": "array" + }, + "path": { + "type": "string" + }, + "port": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "x-kubernetes-int-or-string": true + }, + "scheme": { + "type": "string" + } + }, + "required": [ + "port" + ], + "type": "object" + }, + "initialDelaySeconds": { + "format": "int32", + "type": "integer" + }, + "periodSeconds": { + "format": "int32", + "type": "integer" + }, + "successThreshold": { + "format": "int32", + "type": "integer" + }, + "tcpSocket": { + "properties": { + "host": { + "type": "string" + }, + "port": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "x-kubernetes-int-or-string": true + } + }, + "required": [ + "port" + ], + "type": "object" + }, + "terminationGracePeriodSeconds": { + "format": "int64", + "type": "integer" + }, + "timeoutSeconds": { + "format": "int32", + "type": "integer" + } + }, + "type": "object" + }, + "subPath": { + "type": "string" + }, + "users": { + "items": { + "properties": { + "name": { + "type": "string" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "type": "array" + } + }, + "required": [ + "pools" + ], + "type": "object" + }, + "status": { + "properties": { + "availableReplicas": { + "format": "int32", + "type": "integer" + }, + "certificates": { + "nullable": true, + "properties": { + "autoCertEnabled": { + "nullable": true, + "type": "boolean" + }, + "customCertificates": { + "nullable": true, + "properties": { + "client": { + "items": { + "properties": { + "certName": { + "type": "string" + }, + "domains": { + "items": { + "type": "string" + }, + "type": "array" + }, + "expiresIn": { + "type": "string" + }, + "expiry": { + "type": "string" + }, + "serialNo": { + "type": "string" + } + }, + "type": "object" + }, + "type": "array" + }, + "minio": { + "items": { + "properties": { + "certName": { + "type": "string" + }, + "domains": { + "items": { + "type": "string" + }, + "type": "array" + }, + "expiresIn": { + "type": "string" + }, + "expiry": { + "type": "string" + }, + "serialNo": { + "type": "string" + } + }, + "type": "object" + }, + "type": "array" + }, + "minioCAs": { + "items": { + "properties": { + "certName": { + "type": "string" + }, + "domains": { + "items": { + "type": "string" + }, + "type": "array" + }, + "expiresIn": { + "type": "string" + }, + "expiry": { + "type": "string" + }, + "serialNo": { + "type": "string" + } + }, + "type": "object" + }, + "type": "array" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "currentState": { + "type": "string" + }, + "drivesHealing": { + "format": "int32", + "type": "integer" + }, + "drivesOffline": { + "format": "int32", + "type": "integer" + }, + "drivesOnline": { + "format": "int32", + "type": "integer" + }, + "healthMessage": { + "type": "string" + }, + "healthStatus": { + "type": "string" + }, + "pools": { + "items": { + "properties": { + "legacySecurityContext": { + "type": "boolean" + }, + "ssName": { + "type": "string" + }, + "state": { + "type": "string" + } + }, + "required": [ + "ssName", + "state" + ], + "type": "object" + }, + "nullable": true, + "type": "array" + }, + "provisionedBuckets": { + "type": "boolean" + }, + "provisionedUsers": { + "type": "boolean" + }, + "revision": { + "format": "int32", + "type": "integer" + }, + "syncVersion": { + "type": "string" + }, + "usage": { + "properties": { + "capacity": { + "format": "int64", + "type": "integer" + }, + "rawCapacity": { + "format": "int64", + "type": "integer" + }, + "rawUsage": { + "format": "int64", + "type": "integer" + }, + "tiers": { + "items": { + "properties": { + "Name": { + "type": "string" + }, + "Type": { + "type": "string" + }, + "totalSize": { + "format": "int64", + "type": "integer" + } + }, + "required": [ + "Name", + "totalSize" + ], + "type": "object" + }, + "type": "array" + }, + "usage": { + "format": "int64", + "type": "integer" + } + }, + "type": "object" + }, + "waitingOnReady": { + "format": "date-time", + "type": "string" + }, + "writeQuorum": { + "format": "int32", + "type": "integer" + } + }, + "required": [ + "availableReplicas", + "certificates", + "currentState", + "pools", + "revision", + "syncVersion" + ], + "type": "object" + } + }, + "required": [ + "spec" + ], + "type": "object" + } + }, + "served": true, + "storage": true, + "subresources": { + "status": {} + } + } + ] + }, + "status": { + "acceptedNames": { + "kind": "Tenant", + "listKind": "TenantList", + "plural": "tenants", + "shortNames": [ + "tenant" + ], + "singular": "tenant" + }, + "conditions": [ + { + "lastTransitionTime": "2024-03-01T08:19:09Z", + "message": "no conflicts found", + "reason": "NoConflicts", + "status": "True", + "type": "NamesAccepted" + }, + { + "lastTransitionTime": "2024-03-01T08:19:10Z", + "message": "the initial names have been accepted", + "reason": "InitialNamesAccepted", + "status": "True", + "type": "Established" + } + ], + "storedVersions": [ + "v2" + ] + } + }, + "group": "minio.min.io", + "plural": "tenants", + "version": "v2" + }, + "learnrun_time": 217.76661849021912, + "namespace": "minio-operator", + "preload_images": [ + "docker.io/minio/operator:v5.0.11", + "quay.io/minio/minio:RELEASE.2024-02-09T21-25-16Z" + ], + "static_analysis_time": 9.059906005859375e-06 +} \ No newline at end of file diff --git a/data/minio-operator/cr.yaml b/data/minio-operator/cr.yaml new file mode 100644 index 0000000000..e35192092f --- /dev/null +++ b/data/minio-operator/cr.yaml @@ -0,0 +1,81 @@ +apiVersion: minio.min.io/v2 +kind: Tenant +metadata: + name: test-cluster + namespace: minio-operator +scheduler: + name: "" +spec: + certConfig: + commonName: '*.minio-tenant-1-hl.minio-tenant-1.svc.cluster.local' + dnsNames: + - minio-tenant-1-ss-0-{0...2}.minio-tenant-1-hl.minio-tenant-1.svc.cluster.local + organizationName: + - system:nodes + configuration: + name: storage-configuration + exposeServices: {} + features: + enableSFTP: false + image: minio/minio:RELEASE.2024-01-31T20-20-33Z + imagePullPolicy: IfNotPresent + imagePullSecret: {} + mountPath: /export + podManagementPolicy: Parallel + pools: + - affinity: + podAntiAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + - labelSelector: + matchExpressions: + - key: v1.min.io/tenant + operator: In + values: + - minio-tenant-1 + topologyKey: kubernetes.io/hostname + name: ss-0 + resources: {} + servers: 1 + volumeClaimTemplate: + apiVersion: v1 + kind: persistentvolumeclaims + spec: + accessModes: + - ReadWriteOnce + resources: + requests: + storage: 2Gi + storageClassName: standard + status: {} + volumesPerServer: 1 + requestAutoCert: true + serviceAccountName: minio-tenant-1-sa + users: + - name: storage-user +status: + availableReplicas: 0 + certificates: {} + currentState: "" + pools: null + revision: 0 + syncVersion: "" + usage: {} + +# --- +# apiVersion: v1 +# data: +# config.env: ZXhwb3J0IE1JTklPX1JPT1RfVVNFUj0iQ0U4NzdHWVlLUUNENDJOREVCODQiCmV4cG9ydCBNSU5JT19ST09UX1BBU1NXT1JEPSJLcmQ5QmNTQ0JoZXVIaFBKenB1M2QwOFVVdXRvUFBBWTZHU3JjQ1FVIgo= +# kind: Secret +# metadata: +# name: minio-tenant-1-env-configuration +# namespace: minio-operator + +# --- +# apiVersion: v1 +# data: +# CONSOLE_ACCESS_KEY: MExZSVY3V1lJWk5VWVlOQzVIUU8= +# CONSOLE_SECRET_KEY: dEoxVWVvRkwyZ04zME1BSWlqdHJUVTcxZXZHN1pIZkRNMkdIYkgwZg== +# kind: Secret +# metadata: +# name: minio-tenant-1-user-1 +# namespace: minio-operator diff --git a/data/minio-operator/operator.yaml b/data/minio-operator/operator.yaml new file mode 100644 index 0000000000..74eefd988d --- /dev/null +++ b/data/minio-operator/operator.yaml @@ -0,0 +1,5802 @@ +apiVersion: v1 +kind: Namespace +metadata: + annotations: + operator.min.io/authors: MinIO, Inc. + operator.min.io/license: AGPLv3 + operator.min.io/support: https://subnet.min.io + name: minio-operator +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.11.1 + operator.min.io/authors: MinIO, Inc. + operator.min.io/license: AGPLv3 + operator.min.io/support: https://subnet.min.io + creationTimestamp: null + name: policybindings.sts.min.io +spec: + group: sts.min.io + names: + kind: PolicyBinding + listKind: PolicyBindingList + plural: policybindings + shortNames: + - policybinding + singular: policybinding + scope: Namespaced + versions: + - additionalPrinterColumns: + - jsonPath: .status.currentState + name: State + type: string + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1alpha1 + schema: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + application: + properties: + namespace: + type: string + serviceaccount: + type: string + required: + - namespace + - serviceaccount + type: object + policies: + items: + type: string + type: array + required: + - application + - policies + type: object + status: + properties: + currentState: + type: string + usage: + nullable: true + properties: + authotizations: + format: int64 + type: integer + type: object + required: + - currentState + - usage + type: object + type: object + served: true + storage: true + subresources: + status: {} +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.11.1 + operator.min.io/authors: MinIO, Inc. + operator.min.io/license: AGPLv3 + operator.min.io/support: https://subnet.min.io + creationTimestamp: null + name: tenants.minio.min.io +spec: + group: minio.min.io + names: + kind: Tenant + listKind: TenantList + plural: tenants + shortNames: + - tenant + singular: tenant + scope: Namespaced + versions: + - additionalPrinterColumns: + - jsonPath: .status.currentState + name: State + type: string + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v2 + schema: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + scheduler: + properties: + name: + type: string + required: + - name + type: object + spec: + properties: + additionalVolumeMounts: + items: + properties: + mountPath: + type: string + mountPropagation: + type: string + name: + type: string + readOnly: + type: boolean + subPath: + type: string + subPathExpr: + type: string + required: + - mountPath + - name + type: object + type: array + additionalVolumes: + items: + properties: + awsElasticBlockStore: + properties: + fsType: + type: string + partition: + format: int32 + type: integer + readOnly: + type: boolean + volumeID: + type: string + required: + - volumeID + type: object + azureDisk: + properties: + cachingMode: + type: string + diskName: + type: string + diskURI: + type: string + fsType: + type: string + kind: + type: string + readOnly: + type: boolean + required: + - diskName + - diskURI + type: object + azureFile: + properties: + readOnly: + type: boolean + secretName: + type: string + shareName: + type: string + required: + - secretName + - shareName + type: object + cephfs: + properties: + monitors: + items: + type: string + type: array + path: + type: string + readOnly: + type: boolean + secretFile: + type: string + secretRef: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + user: + type: string + required: + - monitors + type: object + cinder: + properties: + fsType: + type: string + readOnly: + type: boolean + secretRef: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + volumeID: + type: string + required: + - volumeID + type: object + configMap: + properties: + defaultMode: + format: int32 + type: integer + items: + items: + properties: + key: + type: string + mode: + format: int32 + type: integer + path: + type: string + required: + - key + - path + type: object + type: array + name: + type: string + optional: + type: boolean + type: object + x-kubernetes-map-type: atomic + csi: + properties: + driver: + type: string + fsType: + type: string + nodePublishSecretRef: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + readOnly: + type: boolean + volumeAttributes: + additionalProperties: + type: string + type: object + required: + - driver + type: object + downwardAPI: + properties: + defaultMode: + format: int32 + type: integer + items: + items: + properties: + fieldRef: + properties: + apiVersion: + type: string + fieldPath: + type: string + required: + - fieldPath + type: object + x-kubernetes-map-type: atomic + mode: + format: int32 + type: integer + path: + type: string + resourceFieldRef: + properties: + containerName: + type: string + divisor: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + type: string + required: + - resource + type: object + x-kubernetes-map-type: atomic + required: + - path + type: object + type: array + type: object + emptyDir: + properties: + medium: + type: string + sizeLimit: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + ephemeral: + properties: + volumeClaimTemplate: + properties: + metadata: + properties: + annotations: + additionalProperties: + type: string + type: object + finalizers: + items: + type: string + type: array + labels: + additionalProperties: + type: string + type: object + name: + type: string + namespace: + type: string + type: object + spec: + properties: + accessModes: + items: + type: string + type: array + dataSource: + properties: + apiGroup: + type: string + kind: + type: string + name: + type: string + required: + - kind + - name + type: object + x-kubernetes-map-type: atomic + dataSourceRef: + properties: + apiGroup: + type: string + kind: + type: string + name: + type: string + namespace: + type: string + required: + - kind + - name + type: object + resources: + properties: + claims: + items: + properties: + name: + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + type: object + selector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object + x-kubernetes-map-type: atomic + storageClassName: + type: string + volumeMode: + type: string + volumeName: + type: string + type: object + required: + - spec + type: object + type: object + fc: + properties: + fsType: + type: string + lun: + format: int32 + type: integer + readOnly: + type: boolean + targetWWNs: + items: + type: string + type: array + wwids: + items: + type: string + type: array + type: object + flexVolume: + properties: + driver: + type: string + fsType: + type: string + options: + additionalProperties: + type: string + type: object + readOnly: + type: boolean + secretRef: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + required: + - driver + type: object + flocker: + properties: + datasetName: + type: string + datasetUUID: + type: string + type: object + gcePersistentDisk: + properties: + fsType: + type: string + partition: + format: int32 + type: integer + pdName: + type: string + readOnly: + type: boolean + required: + - pdName + type: object + gitRepo: + properties: + directory: + type: string + repository: + type: string + revision: + type: string + required: + - repository + type: object + glusterfs: + properties: + endpoints: + type: string + path: + type: string + readOnly: + type: boolean + required: + - endpoints + - path + type: object + hostPath: + properties: + path: + type: string + type: + type: string + required: + - path + type: object + iscsi: + properties: + chapAuthDiscovery: + type: boolean + chapAuthSession: + type: boolean + fsType: + type: string + initiatorName: + type: string + iqn: + type: string + iscsiInterface: + type: string + lun: + format: int32 + type: integer + portals: + items: + type: string + type: array + readOnly: + type: boolean + secretRef: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + targetPortal: + type: string + required: + - iqn + - lun + - targetPortal + type: object + name: + type: string + nfs: + properties: + path: + type: string + readOnly: + type: boolean + server: + type: string + required: + - path + - server + type: object + persistentVolumeClaim: + properties: + claimName: + type: string + readOnly: + type: boolean + required: + - claimName + type: object + photonPersistentDisk: + properties: + fsType: + type: string + pdID: + type: string + required: + - pdID + type: object + portworxVolume: + properties: + fsType: + type: string + readOnly: + type: boolean + volumeID: + type: string + required: + - volumeID + type: object + projected: + properties: + defaultMode: + format: int32 + type: integer + sources: + items: + properties: + configMap: + properties: + items: + items: + properties: + key: + type: string + mode: + format: int32 + type: integer + path: + type: string + required: + - key + - path + type: object + type: array + name: + type: string + optional: + type: boolean + type: object + x-kubernetes-map-type: atomic + downwardAPI: + properties: + items: + items: + properties: + fieldRef: + properties: + apiVersion: + type: string + fieldPath: + type: string + required: + - fieldPath + type: object + x-kubernetes-map-type: atomic + mode: + format: int32 + type: integer + path: + type: string + resourceFieldRef: + properties: + containerName: + type: string + divisor: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + type: string + required: + - resource + type: object + x-kubernetes-map-type: atomic + required: + - path + type: object + type: array + type: object + secret: + properties: + items: + items: + properties: + key: + type: string + mode: + format: int32 + type: integer + path: + type: string + required: + - key + - path + type: object + type: array + name: + type: string + optional: + type: boolean + type: object + x-kubernetes-map-type: atomic + serviceAccountToken: + properties: + audience: + type: string + expirationSeconds: + format: int64 + type: integer + path: + type: string + required: + - path + type: object + type: object + type: array + type: object + quobyte: + properties: + group: + type: string + readOnly: + type: boolean + registry: + type: string + tenant: + type: string + user: + type: string + volume: + type: string + required: + - registry + - volume + type: object + rbd: + properties: + fsType: + type: string + image: + type: string + keyring: + type: string + monitors: + items: + type: string + type: array + pool: + type: string + readOnly: + type: boolean + secretRef: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + user: + type: string + required: + - image + - monitors + type: object + scaleIO: + properties: + fsType: + type: string + gateway: + type: string + protectionDomain: + type: string + readOnly: + type: boolean + secretRef: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + sslEnabled: + type: boolean + storageMode: + type: string + storagePool: + type: string + system: + type: string + volumeName: + type: string + required: + - gateway + - secretRef + - system + type: object + secret: + properties: + defaultMode: + format: int32 + type: integer + items: + items: + properties: + key: + type: string + mode: + format: int32 + type: integer + path: + type: string + required: + - key + - path + type: object + type: array + optional: + type: boolean + secretName: + type: string + type: object + storageos: + properties: + fsType: + type: string + readOnly: + type: boolean + secretRef: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + volumeName: + type: string + volumeNamespace: + type: string + type: object + vsphereVolume: + properties: + fsType: + type: string + storagePolicyID: + type: string + storagePolicyName: + type: string + volumePath: + type: string + required: + - volumePath + type: object + required: + - name + type: object + type: array + buckets: + items: + properties: + name: + type: string + objectLock: + type: boolean + region: + type: string + type: object + type: array + certConfig: + properties: + commonName: + type: string + dnsNames: + items: + type: string + type: array + organizationName: + items: + type: string + type: array + type: object + configuration: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + credsSecret: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + env: + items: + properties: + name: + type: string + value: + type: string + valueFrom: + properties: + configMapKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + fieldRef: + properties: + apiVersion: + type: string + fieldPath: + type: string + required: + - fieldPath + type: object + x-kubernetes-map-type: atomic + resourceFieldRef: + properties: + containerName: + type: string + divisor: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + type: string + required: + - resource + type: object + x-kubernetes-map-type: atomic + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + required: + - name + type: object + type: array + exposeServices: + properties: + console: + type: boolean + minio: + type: boolean + type: object + externalCaCertSecret: + items: + properties: + name: + type: string + type: + type: string + required: + - name + type: object + type: array + externalCertSecret: + items: + properties: + name: + type: string + type: + type: string + required: + - name + type: object + type: array + externalClientCertSecret: + properties: + name: + type: string + type: + type: string + required: + - name + type: object + externalClientCertSecrets: + items: + properties: + name: + type: string + type: + type: string + required: + - name + type: object + type: array + features: + properties: + bucketDNS: + type: boolean + domains: + properties: + console: + type: string + minio: + items: + type: string + type: array + type: object + enableSFTP: + type: boolean + type: object + image: + type: string + imagePullPolicy: + type: string + imagePullSecret: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + initContainers: + items: + properties: + args: + items: + type: string + type: array + command: + items: + type: string + type: array + env: + items: + properties: + name: + type: string + value: + type: string + valueFrom: + properties: + configMapKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + fieldRef: + properties: + apiVersion: + type: string + fieldPath: + type: string + required: + - fieldPath + type: object + x-kubernetes-map-type: atomic + resourceFieldRef: + properties: + containerName: + type: string + divisor: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + type: string + required: + - resource + type: object + x-kubernetes-map-type: atomic + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + required: + - name + type: object + type: array + envFrom: + items: + properties: + configMapRef: + properties: + name: + type: string + optional: + type: boolean + type: object + x-kubernetes-map-type: atomic + prefix: + type: string + secretRef: + properties: + name: + type: string + optional: + type: boolean + type: object + x-kubernetes-map-type: atomic + type: object + type: array + image: + type: string + imagePullPolicy: + type: string + lifecycle: + properties: + postStart: + properties: + exec: + properties: + command: + items: + type: string + type: array + type: object + httpGet: + properties: + host: + type: string + httpHeaders: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + path: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + scheme: + type: string + required: + - port + type: object + tcpSocket: + properties: + host: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + required: + - port + type: object + type: object + preStop: + properties: + exec: + properties: + command: + items: + type: string + type: array + type: object + httpGet: + properties: + host: + type: string + httpHeaders: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + path: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + scheme: + type: string + required: + - port + type: object + tcpSocket: + properties: + host: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + required: + - port + type: object + type: object + type: object + livenessProbe: + properties: + exec: + properties: + command: + items: + type: string + type: array + type: object + failureThreshold: + format: int32 + type: integer + grpc: + properties: + port: + format: int32 + type: integer + service: + type: string + required: + - port + type: object + httpGet: + properties: + host: + type: string + httpHeaders: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + path: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + scheme: + type: string + required: + - port + type: object + initialDelaySeconds: + format: int32 + type: integer + periodSeconds: + format: int32 + type: integer + successThreshold: + format: int32 + type: integer + tcpSocket: + properties: + host: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + required: + - port + type: object + terminationGracePeriodSeconds: + format: int64 + type: integer + timeoutSeconds: + format: int32 + type: integer + type: object + name: + type: string + ports: + items: + properties: + containerPort: + format: int32 + type: integer + hostIP: + type: string + hostPort: + format: int32 + type: integer + name: + type: string + protocol: + default: TCP + type: string + required: + - containerPort + type: object + type: array + x-kubernetes-list-map-keys: + - containerPort + - protocol + x-kubernetes-list-type: map + readinessProbe: + properties: + exec: + properties: + command: + items: + type: string + type: array + type: object + failureThreshold: + format: int32 + type: integer + grpc: + properties: + port: + format: int32 + type: integer + service: + type: string + required: + - port + type: object + httpGet: + properties: + host: + type: string + httpHeaders: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + path: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + scheme: + type: string + required: + - port + type: object + initialDelaySeconds: + format: int32 + type: integer + periodSeconds: + format: int32 + type: integer + successThreshold: + format: int32 + type: integer + tcpSocket: + properties: + host: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + required: + - port + type: object + terminationGracePeriodSeconds: + format: int64 + type: integer + timeoutSeconds: + format: int32 + type: integer + type: object + resizePolicy: + items: + properties: + resourceName: + type: string + restartPolicy: + type: string + required: + - resourceName + - restartPolicy + type: object + type: array + x-kubernetes-list-type: atomic + resources: + properties: + claims: + items: + properties: + name: + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + type: object + restartPolicy: + type: string + securityContext: + properties: + allowPrivilegeEscalation: + type: boolean + capabilities: + properties: + add: + items: + type: string + type: array + drop: + items: + type: string + type: array + type: object + privileged: + type: boolean + procMount: + type: string + readOnlyRootFilesystem: + type: boolean + runAsGroup: + format: int64 + type: integer + runAsNonRoot: + type: boolean + runAsUser: + format: int64 + type: integer + seLinuxOptions: + properties: + level: + type: string + role: + type: string + type: + type: string + user: + type: string + type: object + seccompProfile: + properties: + localhostProfile: + type: string + type: + type: string + required: + - type + type: object + windowsOptions: + properties: + gmsaCredentialSpec: + type: string + gmsaCredentialSpecName: + type: string + hostProcess: + type: boolean + runAsUserName: + type: string + type: object + type: object + startupProbe: + properties: + exec: + properties: + command: + items: + type: string + type: array + type: object + failureThreshold: + format: int32 + type: integer + grpc: + properties: + port: + format: int32 + type: integer + service: + type: string + required: + - port + type: object + httpGet: + properties: + host: + type: string + httpHeaders: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + path: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + scheme: + type: string + required: + - port + type: object + initialDelaySeconds: + format: int32 + type: integer + periodSeconds: + format: int32 + type: integer + successThreshold: + format: int32 + type: integer + tcpSocket: + properties: + host: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + required: + - port + type: object + terminationGracePeriodSeconds: + format: int64 + type: integer + timeoutSeconds: + format: int32 + type: integer + type: object + stdin: + type: boolean + stdinOnce: + type: boolean + terminationMessagePath: + type: string + terminationMessagePolicy: + type: string + tty: + type: boolean + volumeDevices: + items: + properties: + devicePath: + type: string + name: + type: string + required: + - devicePath + - name + type: object + type: array + volumeMounts: + items: + properties: + mountPath: + type: string + mountPropagation: + type: string + name: + type: string + readOnly: + type: boolean + subPath: + type: string + subPathExpr: + type: string + required: + - mountPath + - name + type: object + type: array + workingDir: + type: string + required: + - name + type: object + type: array + kes: + properties: + affinity: + properties: + nodeAffinity: + properties: + preferredDuringSchedulingIgnoredDuringExecution: + items: + properties: + preference: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchFields: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + type: object + x-kubernetes-map-type: atomic + weight: + format: int32 + type: integer + required: + - preference + - weight + type: object + type: array + requiredDuringSchedulingIgnoredDuringExecution: + properties: + nodeSelectorTerms: + items: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchFields: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + type: object + x-kubernetes-map-type: atomic + type: array + required: + - nodeSelectorTerms + type: object + x-kubernetes-map-type: atomic + type: object + podAffinity: + properties: + preferredDuringSchedulingIgnoredDuringExecution: + items: + properties: + podAffinityTerm: + properties: + labelSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object + x-kubernetes-map-type: atomic + namespaceSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object + x-kubernetes-map-type: atomic + namespaces: + items: + type: string + type: array + topologyKey: + type: string + required: + - topologyKey + type: object + weight: + format: int32 + type: integer + required: + - podAffinityTerm + - weight + type: object + type: array + requiredDuringSchedulingIgnoredDuringExecution: + items: + properties: + labelSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object + x-kubernetes-map-type: atomic + namespaceSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object + x-kubernetes-map-type: atomic + namespaces: + items: + type: string + type: array + topologyKey: + type: string + required: + - topologyKey + type: object + type: array + type: object + podAntiAffinity: + properties: + preferredDuringSchedulingIgnoredDuringExecution: + items: + properties: + podAffinityTerm: + properties: + labelSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object + x-kubernetes-map-type: atomic + namespaceSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object + x-kubernetes-map-type: atomic + namespaces: + items: + type: string + type: array + topologyKey: + type: string + required: + - topologyKey + type: object + weight: + format: int32 + type: integer + required: + - podAffinityTerm + - weight + type: object + type: array + requiredDuringSchedulingIgnoredDuringExecution: + items: + properties: + labelSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object + x-kubernetes-map-type: atomic + namespaceSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object + x-kubernetes-map-type: atomic + namespaces: + items: + type: string + type: array + topologyKey: + type: string + required: + - topologyKey + type: object + type: array + type: object + type: object + annotations: + additionalProperties: + type: string + type: object + clientCertSecret: + properties: + name: + type: string + type: + type: string + required: + - name + type: object + env: + items: + properties: + name: + type: string + value: + type: string + valueFrom: + properties: + configMapKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + fieldRef: + properties: + apiVersion: + type: string + fieldPath: + type: string + required: + - fieldPath + type: object + x-kubernetes-map-type: atomic + resourceFieldRef: + properties: + containerName: + type: string + divisor: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + type: string + required: + - resource + type: object + x-kubernetes-map-type: atomic + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + required: + - name + type: object + type: array + externalCertSecret: + properties: + name: + type: string + type: + type: string + required: + - name + type: object + gcpCredentialSecretName: + type: string + gcpWorkloadIdentityPool: + type: string + image: + type: string + imagePullPolicy: + type: string + kesSecret: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + keyName: + type: string + labels: + additionalProperties: + type: string + type: object + nodeSelector: + additionalProperties: + type: string + type: object + replicas: + format: int32 + type: integer + resources: + properties: + claims: + items: + properties: + name: + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + type: object + securityContext: + properties: + fsGroup: + format: int64 + type: integer + fsGroupChangePolicy: + type: string + runAsGroup: + format: int64 + type: integer + runAsNonRoot: + type: boolean + runAsUser: + format: int64 + type: integer + seLinuxOptions: + properties: + level: + type: string + role: + type: string + type: + type: string + user: + type: string + type: object + seccompProfile: + properties: + localhostProfile: + type: string + type: + type: string + required: + - type + type: object + supplementalGroups: + items: + format: int64 + type: integer + type: array + sysctls: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + windowsOptions: + properties: + gmsaCredentialSpec: + type: string + gmsaCredentialSpecName: + type: string + hostProcess: + type: boolean + runAsUserName: + type: string + type: object + type: object + serviceAccountName: + type: string + tolerations: + items: + properties: + effect: + type: string + key: + type: string + operator: + type: string + tolerationSeconds: + format: int64 + type: integer + value: + type: string + type: object + type: array + topologySpreadConstraints: + items: + properties: + labelSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object + x-kubernetes-map-type: atomic + matchLabelKeys: + items: + type: string + type: array + x-kubernetes-list-type: atomic + maxSkew: + format: int32 + type: integer + minDomains: + format: int32 + type: integer + nodeAffinityPolicy: + type: string + nodeTaintsPolicy: + type: string + topologyKey: + type: string + whenUnsatisfiable: + type: string + required: + - maxSkew + - topologyKey + - whenUnsatisfiable + type: object + type: array + required: + - kesSecret + type: object + liveness: + properties: + exec: + properties: + command: + items: + type: string + type: array + type: object + failureThreshold: + format: int32 + type: integer + grpc: + properties: + port: + format: int32 + type: integer + service: + type: string + required: + - port + type: object + httpGet: + properties: + host: + type: string + httpHeaders: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + path: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + scheme: + type: string + required: + - port + type: object + initialDelaySeconds: + format: int32 + type: integer + periodSeconds: + format: int32 + type: integer + successThreshold: + format: int32 + type: integer + tcpSocket: + properties: + host: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + required: + - port + type: object + terminationGracePeriodSeconds: + format: int64 + type: integer + timeoutSeconds: + format: int32 + type: integer + type: object + logging: + properties: + anonymous: + type: boolean + json: + type: boolean + quiet: + type: boolean + type: object + mountPath: + type: string + podManagementPolicy: + type: string + pools: + items: + properties: + affinity: + properties: + nodeAffinity: + properties: + preferredDuringSchedulingIgnoredDuringExecution: + items: + properties: + preference: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchFields: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + type: object + x-kubernetes-map-type: atomic + weight: + format: int32 + type: integer + required: + - preference + - weight + type: object + type: array + requiredDuringSchedulingIgnoredDuringExecution: + properties: + nodeSelectorTerms: + items: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchFields: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + type: object + x-kubernetes-map-type: atomic + type: array + required: + - nodeSelectorTerms + type: object + x-kubernetes-map-type: atomic + type: object + podAffinity: + properties: + preferredDuringSchedulingIgnoredDuringExecution: + items: + properties: + podAffinityTerm: + properties: + labelSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object + x-kubernetes-map-type: atomic + namespaceSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object + x-kubernetes-map-type: atomic + namespaces: + items: + type: string + type: array + topologyKey: + type: string + required: + - topologyKey + type: object + weight: + format: int32 + type: integer + required: + - podAffinityTerm + - weight + type: object + type: array + requiredDuringSchedulingIgnoredDuringExecution: + items: + properties: + labelSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object + x-kubernetes-map-type: atomic + namespaceSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object + x-kubernetes-map-type: atomic + namespaces: + items: + type: string + type: array + topologyKey: + type: string + required: + - topologyKey + type: object + type: array + type: object + podAntiAffinity: + properties: + preferredDuringSchedulingIgnoredDuringExecution: + items: + properties: + podAffinityTerm: + properties: + labelSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object + x-kubernetes-map-type: atomic + namespaceSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object + x-kubernetes-map-type: atomic + namespaces: + items: + type: string + type: array + topologyKey: + type: string + required: + - topologyKey + type: object + weight: + format: int32 + type: integer + required: + - podAffinityTerm + - weight + type: object + type: array + requiredDuringSchedulingIgnoredDuringExecution: + items: + properties: + labelSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object + x-kubernetes-map-type: atomic + namespaceSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object + x-kubernetes-map-type: atomic + namespaces: + items: + type: string + type: array + topologyKey: + type: string + required: + - topologyKey + type: object + type: array + type: object + type: object + annotations: + additionalProperties: + type: string + type: object + containerSecurityContext: + properties: + allowPrivilegeEscalation: + type: boolean + capabilities: + properties: + add: + items: + type: string + type: array + drop: + items: + type: string + type: array + type: object + privileged: + type: boolean + procMount: + type: string + readOnlyRootFilesystem: + type: boolean + runAsGroup: + format: int64 + type: integer + runAsNonRoot: + type: boolean + runAsUser: + format: int64 + type: integer + seLinuxOptions: + properties: + level: + type: string + role: + type: string + type: + type: string + user: + type: string + type: object + seccompProfile: + properties: + localhostProfile: + type: string + type: + type: string + required: + - type + type: object + windowsOptions: + properties: + gmsaCredentialSpec: + type: string + gmsaCredentialSpecName: + type: string + hostProcess: + type: boolean + runAsUserName: + type: string + type: object + type: object + labels: + additionalProperties: + type: string + type: object + name: + type: string + nodeSelector: + additionalProperties: + type: string + type: object + reclaimStorage: + type: boolean + resources: + properties: + claims: + items: + properties: + name: + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + type: object + runtimeClassName: + type: string + securityContext: + properties: + fsGroup: + format: int64 + type: integer + fsGroupChangePolicy: + type: string + runAsGroup: + format: int64 + type: integer + runAsNonRoot: + type: boolean + runAsUser: + format: int64 + type: integer + seLinuxOptions: + properties: + level: + type: string + role: + type: string + type: + type: string + user: + type: string + type: object + seccompProfile: + properties: + localhostProfile: + type: string + type: + type: string + required: + - type + type: object + supplementalGroups: + items: + format: int64 + type: integer + type: array + sysctls: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + windowsOptions: + properties: + gmsaCredentialSpec: + type: string + gmsaCredentialSpecName: + type: string + hostProcess: + type: boolean + runAsUserName: + type: string + type: object + type: object + servers: + format: int32 + type: integer + tolerations: + items: + properties: + effect: + type: string + key: + type: string + operator: + type: string + tolerationSeconds: + format: int64 + type: integer + value: + type: string + type: object + type: array + topologySpreadConstraints: + items: + properties: + labelSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object + x-kubernetes-map-type: atomic + matchLabelKeys: + items: + type: string + type: array + x-kubernetes-list-type: atomic + maxSkew: + format: int32 + type: integer + minDomains: + format: int32 + type: integer + nodeAffinityPolicy: + type: string + nodeTaintsPolicy: + type: string + topologyKey: + type: string + whenUnsatisfiable: + type: string + required: + - maxSkew + - topologyKey + - whenUnsatisfiable + type: object + type: array + volumeClaimTemplate: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + properties: + annotations: + additionalProperties: + type: string + type: object + finalizers: + items: + type: string + type: array + labels: + additionalProperties: + type: string + type: object + name: + type: string + namespace: + type: string + type: object + spec: + properties: + accessModes: + items: + type: string + type: array + dataSource: + properties: + apiGroup: + type: string + kind: + type: string + name: + type: string + required: + - kind + - name + type: object + x-kubernetes-map-type: atomic + dataSourceRef: + properties: + apiGroup: + type: string + kind: + type: string + name: + type: string + namespace: + type: string + required: + - kind + - name + type: object + resources: + properties: + claims: + items: + properties: + name: + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + type: object + selector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object + x-kubernetes-map-type: atomic + storageClassName: + type: string + volumeMode: + type: string + volumeName: + type: string + type: object + status: + properties: + accessModes: + items: + type: string + type: array + allocatedResourceStatuses: + additionalProperties: + type: string + type: object + x-kubernetes-map-type: granular + allocatedResources: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + capacity: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + conditions: + items: + properties: + lastProbeTime: + format: date-time + type: string + lastTransitionTime: + format: date-time + type: string + message: + type: string + reason: + type: string + status: + type: string + type: + type: string + required: + - status + - type + type: object + type: array + phase: + type: string + type: object + type: object + volumesPerServer: + format: int32 + type: integer + required: + - servers + - volumeClaimTemplate + - volumesPerServer + type: object + type: array + priorityClassName: + type: string + prometheusOperator: + type: boolean + readiness: + properties: + exec: + properties: + command: + items: + type: string + type: array + type: object + failureThreshold: + format: int32 + type: integer + grpc: + properties: + port: + format: int32 + type: integer + service: + type: string + required: + - port + type: object + httpGet: + properties: + host: + type: string + httpHeaders: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + path: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + scheme: + type: string + required: + - port + type: object + initialDelaySeconds: + format: int32 + type: integer + periodSeconds: + format: int32 + type: integer + successThreshold: + format: int32 + type: integer + tcpSocket: + properties: + host: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + required: + - port + type: object + terminationGracePeriodSeconds: + format: int64 + type: integer + timeoutSeconds: + format: int32 + type: integer + type: object + requestAutoCert: + type: boolean + serviceAccountName: + type: string + serviceMetadata: + properties: + consoleServiceAnnotations: + additionalProperties: + type: string + type: object + consoleServiceLabels: + additionalProperties: + type: string + type: object + minioServiceAnnotations: + additionalProperties: + type: string + type: object + minioServiceLabels: + additionalProperties: + type: string + type: object + type: object + sideCars: + properties: + containers: + items: + properties: + args: + items: + type: string + type: array + command: + items: + type: string + type: array + env: + items: + properties: + name: + type: string + value: + type: string + valueFrom: + properties: + configMapKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + fieldRef: + properties: + apiVersion: + type: string + fieldPath: + type: string + required: + - fieldPath + type: object + x-kubernetes-map-type: atomic + resourceFieldRef: + properties: + containerName: + type: string + divisor: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + type: string + required: + - resource + type: object + x-kubernetes-map-type: atomic + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + required: + - name + type: object + type: array + envFrom: + items: + properties: + configMapRef: + properties: + name: + type: string + optional: + type: boolean + type: object + x-kubernetes-map-type: atomic + prefix: + type: string + secretRef: + properties: + name: + type: string + optional: + type: boolean + type: object + x-kubernetes-map-type: atomic + type: object + type: array + image: + type: string + imagePullPolicy: + type: string + lifecycle: + properties: + postStart: + properties: + exec: + properties: + command: + items: + type: string + type: array + type: object + httpGet: + properties: + host: + type: string + httpHeaders: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + path: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + scheme: + type: string + required: + - port + type: object + tcpSocket: + properties: + host: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + required: + - port + type: object + type: object + preStop: + properties: + exec: + properties: + command: + items: + type: string + type: array + type: object + httpGet: + properties: + host: + type: string + httpHeaders: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + path: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + scheme: + type: string + required: + - port + type: object + tcpSocket: + properties: + host: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + required: + - port + type: object + type: object + type: object + livenessProbe: + properties: + exec: + properties: + command: + items: + type: string + type: array + type: object + failureThreshold: + format: int32 + type: integer + grpc: + properties: + port: + format: int32 + type: integer + service: + type: string + required: + - port + type: object + httpGet: + properties: + host: + type: string + httpHeaders: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + path: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + scheme: + type: string + required: + - port + type: object + initialDelaySeconds: + format: int32 + type: integer + periodSeconds: + format: int32 + type: integer + successThreshold: + format: int32 + type: integer + tcpSocket: + properties: + host: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + required: + - port + type: object + terminationGracePeriodSeconds: + format: int64 + type: integer + timeoutSeconds: + format: int32 + type: integer + type: object + name: + type: string + ports: + items: + properties: + containerPort: + format: int32 + type: integer + hostIP: + type: string + hostPort: + format: int32 + type: integer + name: + type: string + protocol: + default: TCP + type: string + required: + - containerPort + type: object + type: array + x-kubernetes-list-map-keys: + - containerPort + - protocol + x-kubernetes-list-type: map + readinessProbe: + properties: + exec: + properties: + command: + items: + type: string + type: array + type: object + failureThreshold: + format: int32 + type: integer + grpc: + properties: + port: + format: int32 + type: integer + service: + type: string + required: + - port + type: object + httpGet: + properties: + host: + type: string + httpHeaders: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + path: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + scheme: + type: string + required: + - port + type: object + initialDelaySeconds: + format: int32 + type: integer + periodSeconds: + format: int32 + type: integer + successThreshold: + format: int32 + type: integer + tcpSocket: + properties: + host: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + required: + - port + type: object + terminationGracePeriodSeconds: + format: int64 + type: integer + timeoutSeconds: + format: int32 + type: integer + type: object + resizePolicy: + items: + properties: + resourceName: + type: string + restartPolicy: + type: string + required: + - resourceName + - restartPolicy + type: object + type: array + x-kubernetes-list-type: atomic + resources: + properties: + claims: + items: + properties: + name: + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + type: object + restartPolicy: + type: string + securityContext: + properties: + allowPrivilegeEscalation: + type: boolean + capabilities: + properties: + add: + items: + type: string + type: array + drop: + items: + type: string + type: array + type: object + privileged: + type: boolean + procMount: + type: string + readOnlyRootFilesystem: + type: boolean + runAsGroup: + format: int64 + type: integer + runAsNonRoot: + type: boolean + runAsUser: + format: int64 + type: integer + seLinuxOptions: + properties: + level: + type: string + role: + type: string + type: + type: string + user: + type: string + type: object + seccompProfile: + properties: + localhostProfile: + type: string + type: + type: string + required: + - type + type: object + windowsOptions: + properties: + gmsaCredentialSpec: + type: string + gmsaCredentialSpecName: + type: string + hostProcess: + type: boolean + runAsUserName: + type: string + type: object + type: object + startupProbe: + properties: + exec: + properties: + command: + items: + type: string + type: array + type: object + failureThreshold: + format: int32 + type: integer + grpc: + properties: + port: + format: int32 + type: integer + service: + type: string + required: + - port + type: object + httpGet: + properties: + host: + type: string + httpHeaders: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + path: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + scheme: + type: string + required: + - port + type: object + initialDelaySeconds: + format: int32 + type: integer + periodSeconds: + format: int32 + type: integer + successThreshold: + format: int32 + type: integer + tcpSocket: + properties: + host: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + required: + - port + type: object + terminationGracePeriodSeconds: + format: int64 + type: integer + timeoutSeconds: + format: int32 + type: integer + type: object + stdin: + type: boolean + stdinOnce: + type: boolean + terminationMessagePath: + type: string + terminationMessagePolicy: + type: string + tty: + type: boolean + volumeDevices: + items: + properties: + devicePath: + type: string + name: + type: string + required: + - devicePath + - name + type: object + type: array + volumeMounts: + items: + properties: + mountPath: + type: string + mountPropagation: + type: string + name: + type: string + readOnly: + type: boolean + subPath: + type: string + subPathExpr: + type: string + required: + - mountPath + - name + type: object + type: array + workingDir: + type: string + required: + - name + type: object + type: array + resources: + properties: + claims: + items: + properties: + name: + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + type: object + volumeClaimTemplates: + items: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + properties: + annotations: + additionalProperties: + type: string + type: object + finalizers: + items: + type: string + type: array + labels: + additionalProperties: + type: string + type: object + name: + type: string + namespace: + type: string + type: object + spec: + properties: + accessModes: + items: + type: string + type: array + dataSource: + properties: + apiGroup: + type: string + kind: + type: string + name: + type: string + required: + - kind + - name + type: object + x-kubernetes-map-type: atomic + dataSourceRef: + properties: + apiGroup: + type: string + kind: + type: string + name: + type: string + namespace: + type: string + required: + - kind + - name + type: object + resources: + properties: + claims: + items: + properties: + name: + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + type: object + selector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object + x-kubernetes-map-type: atomic + storageClassName: + type: string + volumeMode: + type: string + volumeName: + type: string + type: object + status: + properties: + accessModes: + items: + type: string + type: array + allocatedResourceStatuses: + additionalProperties: + type: string + type: object + x-kubernetes-map-type: granular + allocatedResources: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + capacity: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + conditions: + items: + properties: + lastProbeTime: + format: date-time + type: string + lastTransitionTime: + format: date-time + type: string + message: + type: string + reason: + type: string + status: + type: string + type: + type: string + required: + - status + - type + type: object + type: array + phase: + type: string + type: object + type: object + type: array + volumes: + items: + properties: + awsElasticBlockStore: + properties: + fsType: + type: string + partition: + format: int32 + type: integer + readOnly: + type: boolean + volumeID: + type: string + required: + - volumeID + type: object + azureDisk: + properties: + cachingMode: + type: string + diskName: + type: string + diskURI: + type: string + fsType: + type: string + kind: + type: string + readOnly: + type: boolean + required: + - diskName + - diskURI + type: object + azureFile: + properties: + readOnly: + type: boolean + secretName: + type: string + shareName: + type: string + required: + - secretName + - shareName + type: object + cephfs: + properties: + monitors: + items: + type: string + type: array + path: + type: string + readOnly: + type: boolean + secretFile: + type: string + secretRef: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + user: + type: string + required: + - monitors + type: object + cinder: + properties: + fsType: + type: string + readOnly: + type: boolean + secretRef: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + volumeID: + type: string + required: + - volumeID + type: object + configMap: + properties: + defaultMode: + format: int32 + type: integer + items: + items: + properties: + key: + type: string + mode: + format: int32 + type: integer + path: + type: string + required: + - key + - path + type: object + type: array + name: + type: string + optional: + type: boolean + type: object + x-kubernetes-map-type: atomic + csi: + properties: + driver: + type: string + fsType: + type: string + nodePublishSecretRef: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + readOnly: + type: boolean + volumeAttributes: + additionalProperties: + type: string + type: object + required: + - driver + type: object + downwardAPI: + properties: + defaultMode: + format: int32 + type: integer + items: + items: + properties: + fieldRef: + properties: + apiVersion: + type: string + fieldPath: + type: string + required: + - fieldPath + type: object + x-kubernetes-map-type: atomic + mode: + format: int32 + type: integer + path: + type: string + resourceFieldRef: + properties: + containerName: + type: string + divisor: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + type: string + required: + - resource + type: object + x-kubernetes-map-type: atomic + required: + - path + type: object + type: array + type: object + emptyDir: + properties: + medium: + type: string + sizeLimit: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + ephemeral: + properties: + volumeClaimTemplate: + properties: + metadata: + properties: + annotations: + additionalProperties: + type: string + type: object + finalizers: + items: + type: string + type: array + labels: + additionalProperties: + type: string + type: object + name: + type: string + namespace: + type: string + type: object + spec: + properties: + accessModes: + items: + type: string + type: array + dataSource: + properties: + apiGroup: + type: string + kind: + type: string + name: + type: string + required: + - kind + - name + type: object + x-kubernetes-map-type: atomic + dataSourceRef: + properties: + apiGroup: + type: string + kind: + type: string + name: + type: string + namespace: + type: string + required: + - kind + - name + type: object + resources: + properties: + claims: + items: + properties: + name: + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + type: object + selector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object + x-kubernetes-map-type: atomic + storageClassName: + type: string + volumeMode: + type: string + volumeName: + type: string + type: object + required: + - spec + type: object + type: object + fc: + properties: + fsType: + type: string + lun: + format: int32 + type: integer + readOnly: + type: boolean + targetWWNs: + items: + type: string + type: array + wwids: + items: + type: string + type: array + type: object + flexVolume: + properties: + driver: + type: string + fsType: + type: string + options: + additionalProperties: + type: string + type: object + readOnly: + type: boolean + secretRef: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + required: + - driver + type: object + flocker: + properties: + datasetName: + type: string + datasetUUID: + type: string + type: object + gcePersistentDisk: + properties: + fsType: + type: string + partition: + format: int32 + type: integer + pdName: + type: string + readOnly: + type: boolean + required: + - pdName + type: object + gitRepo: + properties: + directory: + type: string + repository: + type: string + revision: + type: string + required: + - repository + type: object + glusterfs: + properties: + endpoints: + type: string + path: + type: string + readOnly: + type: boolean + required: + - endpoints + - path + type: object + hostPath: + properties: + path: + type: string + type: + type: string + required: + - path + type: object + iscsi: + properties: + chapAuthDiscovery: + type: boolean + chapAuthSession: + type: boolean + fsType: + type: string + initiatorName: + type: string + iqn: + type: string + iscsiInterface: + type: string + lun: + format: int32 + type: integer + portals: + items: + type: string + type: array + readOnly: + type: boolean + secretRef: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + targetPortal: + type: string + required: + - iqn + - lun + - targetPortal + type: object + name: + type: string + nfs: + properties: + path: + type: string + readOnly: + type: boolean + server: + type: string + required: + - path + - server + type: object + persistentVolumeClaim: + properties: + claimName: + type: string + readOnly: + type: boolean + required: + - claimName + type: object + photonPersistentDisk: + properties: + fsType: + type: string + pdID: + type: string + required: + - pdID + type: object + portworxVolume: + properties: + fsType: + type: string + readOnly: + type: boolean + volumeID: + type: string + required: + - volumeID + type: object + projected: + properties: + defaultMode: + format: int32 + type: integer + sources: + items: + properties: + configMap: + properties: + items: + items: + properties: + key: + type: string + mode: + format: int32 + type: integer + path: + type: string + required: + - key + - path + type: object + type: array + name: + type: string + optional: + type: boolean + type: object + x-kubernetes-map-type: atomic + downwardAPI: + properties: + items: + items: + properties: + fieldRef: + properties: + apiVersion: + type: string + fieldPath: + type: string + required: + - fieldPath + type: object + x-kubernetes-map-type: atomic + mode: + format: int32 + type: integer + path: + type: string + resourceFieldRef: + properties: + containerName: + type: string + divisor: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + type: string + required: + - resource + type: object + x-kubernetes-map-type: atomic + required: + - path + type: object + type: array + type: object + secret: + properties: + items: + items: + properties: + key: + type: string + mode: + format: int32 + type: integer + path: + type: string + required: + - key + - path + type: object + type: array + name: + type: string + optional: + type: boolean + type: object + x-kubernetes-map-type: atomic + serviceAccountToken: + properties: + audience: + type: string + expirationSeconds: + format: int64 + type: integer + path: + type: string + required: + - path + type: object + type: object + type: array + type: object + quobyte: + properties: + group: + type: string + readOnly: + type: boolean + registry: + type: string + tenant: + type: string + user: + type: string + volume: + type: string + required: + - registry + - volume + type: object + rbd: + properties: + fsType: + type: string + image: + type: string + keyring: + type: string + monitors: + items: + type: string + type: array + pool: + type: string + readOnly: + type: boolean + secretRef: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + user: + type: string + required: + - image + - monitors + type: object + scaleIO: + properties: + fsType: + type: string + gateway: + type: string + protectionDomain: + type: string + readOnly: + type: boolean + secretRef: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + sslEnabled: + type: boolean + storageMode: + type: string + storagePool: + type: string + system: + type: string + volumeName: + type: string + required: + - gateway + - secretRef + - system + type: object + secret: + properties: + defaultMode: + format: int32 + type: integer + items: + items: + properties: + key: + type: string + mode: + format: int32 + type: integer + path: + type: string + required: + - key + - path + type: object + type: array + optional: + type: boolean + secretName: + type: string + type: object + storageos: + properties: + fsType: + type: string + readOnly: + type: boolean + secretRef: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + volumeName: + type: string + volumeNamespace: + type: string + type: object + vsphereVolume: + properties: + fsType: + type: string + storagePolicyID: + type: string + storagePolicyName: + type: string + volumePath: + type: string + required: + - volumePath + type: object + required: + - name + type: object + type: array + type: object + startup: + properties: + exec: + properties: + command: + items: + type: string + type: array + type: object + failureThreshold: + format: int32 + type: integer + grpc: + properties: + port: + format: int32 + type: integer + service: + type: string + required: + - port + type: object + httpGet: + properties: + host: + type: string + httpHeaders: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + path: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + scheme: + type: string + required: + - port + type: object + initialDelaySeconds: + format: int32 + type: integer + periodSeconds: + format: int32 + type: integer + successThreshold: + format: int32 + type: integer + tcpSocket: + properties: + host: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + required: + - port + type: object + terminationGracePeriodSeconds: + format: int64 + type: integer + timeoutSeconds: + format: int32 + type: integer + type: object + subPath: + type: string + users: + items: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + type: array + required: + - pools + type: object + status: + properties: + availableReplicas: + format: int32 + type: integer + certificates: + nullable: true + properties: + autoCertEnabled: + nullable: true + type: boolean + customCertificates: + nullable: true + properties: + client: + items: + properties: + certName: + type: string + domains: + items: + type: string + type: array + expiresIn: + type: string + expiry: + type: string + serialNo: + type: string + type: object + type: array + minio: + items: + properties: + certName: + type: string + domains: + items: + type: string + type: array + expiresIn: + type: string + expiry: + type: string + serialNo: + type: string + type: object + type: array + minioCAs: + items: + properties: + certName: + type: string + domains: + items: + type: string + type: array + expiresIn: + type: string + expiry: + type: string + serialNo: + type: string + type: object + type: array + type: object + type: object + currentState: + type: string + drivesHealing: + format: int32 + type: integer + drivesOffline: + format: int32 + type: integer + drivesOnline: + format: int32 + type: integer + healthMessage: + type: string + healthStatus: + type: string + pools: + items: + properties: + legacySecurityContext: + type: boolean + ssName: + type: string + state: + type: string + required: + - ssName + - state + type: object + nullable: true + type: array + provisionedBuckets: + type: boolean + provisionedUsers: + type: boolean + revision: + format: int32 + type: integer + syncVersion: + type: string + usage: + properties: + capacity: + format: int64 + type: integer + rawCapacity: + format: int64 + type: integer + rawUsage: + format: int64 + type: integer + tiers: + items: + properties: + Name: + type: string + Type: + type: string + totalSize: + format: int64 + type: integer + required: + - Name + - totalSize + type: object + type: array + usage: + format: int64 + type: integer + type: object + waitingOnReady: + format: date-time + type: string + writeQuorum: + format: int32 + type: integer + required: + - availableReplicas + - certificates + - currentState + - pools + - revision + - syncVersion + type: object + required: + - spec + type: object + served: true + storage: true + subresources: + status: {} +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + annotations: + operator.min.io/authors: MinIO, Inc. + operator.min.io/license: AGPLv3 + operator.min.io/support: https://subnet.min.io + name: console-sa + namespace: minio-operator +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + annotations: + operator.min.io/authors: MinIO, Inc. + operator.min.io/license: AGPLv3 + operator.min.io/support: https://subnet.min.io + name: minio-operator + namespace: minio-operator +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + annotations: + operator.min.io/authors: MinIO, Inc. + operator.min.io/license: AGPLv3 + operator.min.io/support: https://subnet.min.io + name: console-sa-role +rules: +- apiGroups: + - "" + resources: + - secrets + verbs: + - get + - watch + - create + - list + - patch + - update + - delete + - deletecollection +- apiGroups: + - "" + resources: + - namespaces + - services + - events + - resourcequotas + - nodes + verbs: + - get + - watch + - create + - list + - patch +- apiGroups: + - "" + resources: + - pods + verbs: + - get + - watch + - create + - list + - patch + - delete + - deletecollection +- apiGroups: + - "" + resources: + - persistentvolumeclaims + verbs: + - deletecollection + - list + - get + - watch + - update +- apiGroups: + - storage.k8s.io + resources: + - storageclasses + verbs: + - get + - watch + - create + - list + - patch +- apiGroups: + - apps + resources: + - statefulsets + - deployments + verbs: + - get + - create + - list + - patch + - watch + - update + - delete +- apiGroups: + - batch + resources: + - jobs + verbs: + - get + - create + - list + - patch + - watch + - update + - delete +- apiGroups: + - certificates.k8s.io + resources: + - certificatesigningrequests + - certificatesigningrequests/approval + - certificatesigningrequests/status + verbs: + - update + - create + - get + - delete + - list +- apiGroups: + - minio.min.io + resources: + - '*' + verbs: + - '*' +- apiGroups: + - min.io + resources: + - '*' + verbs: + - '*' +- apiGroups: + - "" + resources: + - persistentvolumes + verbs: + - get + - list + - watch + - create + - delete +- apiGroups: + - "" + resources: + - persistentvolumeclaims + verbs: + - get + - list + - watch + - update +- apiGroups: + - "" + resources: + - events + verbs: + - create + - list + - watch + - update + - patch +- apiGroups: + - snapshot.storage.k8s.io + resources: + - volumesnapshots + verbs: + - get + - list +- apiGroups: + - snapshot.storage.k8s.io + resources: + - volumesnapshotcontents + verbs: + - get + - list +- apiGroups: + - storage.k8s.io + resources: + - csinodes + verbs: + - get + - list + - watch +- apiGroups: + - storage.k8s.io + resources: + - volumeattachments + verbs: + - get + - list + - watch +- apiGroups: + - "" + resources: + - endpoints + verbs: + - get + - list + - watch + - create + - update + - delete +- apiGroups: + - coordination.k8s.io + resources: + - leases + verbs: + - get + - list + - watch + - create + - update + - delete +- apiGroups: + - apiextensions.k8s.io + resources: + - customresourcedefinitions + verbs: + - get + - list + - watch + - create + - update + - delete +- apiGroups: + - "" + resources: + - pod + - pods/log + verbs: + - get + - list + - watch +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + annotations: + operator.min.io/authors: MinIO, Inc. + operator.min.io/license: AGPLv3 + operator.min.io/support: https://subnet.min.io + name: minio-operator-role +rules: +- apiGroups: + - apiextensions.k8s.io + resources: + - customresourcedefinitions + verbs: + - get + - update +- apiGroups: + - "" + resources: + - persistentvolumeclaims + verbs: + - get + - update + - list + - delete +- apiGroups: + - "" + resources: + - namespaces + - nodes + verbs: + - get + - watch + - list +- apiGroups: + - "" + resources: + - pods + - services + - events + - configmaps + verbs: + - get + - watch + - create + - list + - delete + - deletecollection + - update + - patch +- apiGroups: + - "" + resources: + - secrets + verbs: + - get + - watch + - create + - update + - list + - delete + - deletecollection +- apiGroups: + - "" + resources: + - serviceaccounts + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - rbac.authorization.k8s.io + resources: + - roles + - rolebindings + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - apps + resources: + - statefulsets + - deployments + - deployments/finalizers + verbs: + - get + - create + - list + - patch + - watch + - update + - delete +- apiGroups: + - batch + resources: + - jobs + verbs: + - get + - create + - list + - patch + - watch + - update + - delete +- apiGroups: + - certificates.k8s.io + resources: + - certificatesigningrequests + - certificatesigningrequests/approval + - certificatesigningrequests/status + verbs: + - update + - create + - get + - delete + - list +- apiGroups: + - certificates.k8s.io + resourceNames: + - kubernetes.io/legacy-unknown + - kubernetes.io/kube-apiserver-client + - kubernetes.io/kubelet-serving + - beta.eks.amazonaws.com/app-serving + resources: + - signers + verbs: + - approve + - sign +- apiGroups: + - authentication.k8s.io + resources: + - tokenreviews + verbs: + - create +- apiGroups: + - minio.min.io + - sts.min.io + resources: + - '*' + verbs: + - '*' +- apiGroups: + - min.io + resources: + - '*' + verbs: + - '*' +- apiGroups: + - monitoring.coreos.com + resources: + - prometheuses + verbs: + - '*' +- apiGroups: + - coordination.k8s.io + resources: + - leases + verbs: + - get + - update + - create +- apiGroups: + - policy + resources: + - poddisruptionbudgets + verbs: + - create + - delete + - get + - list + - patch + - update + - deletecollection +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + annotations: + operator.min.io/authors: MinIO, Inc. + operator.min.io/license: AGPLv3 + operator.min.io/support: https://subnet.min.io + name: console-sa-binding +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: console-sa-role +subjects: +- kind: ServiceAccount + name: console-sa + namespace: minio-operator +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + annotations: + operator.min.io/authors: MinIO, Inc. + operator.min.io/license: AGPLv3 + operator.min.io/support: https://subnet.min.io + name: minio-operator-binding +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: minio-operator-role +subjects: +- kind: ServiceAccount + name: minio-operator + namespace: minio-operator +--- +apiVersion: v1 +data: + CONSOLE_PORT: "9090" + CONSOLE_TLS_PORT: "9443" +kind: ConfigMap +metadata: + annotations: + operator.min.io/authors: MinIO, Inc. + operator.min.io/license: AGPLv3 + operator.min.io/support: https://subnet.min.io + name: console-env + namespace: minio-operator +--- +apiVersion: v1 +kind: Secret +metadata: + annotations: + kubernetes.io/service-account.name: console-sa + operator.min.io/authors: MinIO, Inc. + operator.min.io/license: AGPLv3 + operator.min.io/support: https://subnet.min.io + name: console-sa-secret + namespace: minio-operator +type: kubernetes.io/service-account-token +--- +apiVersion: v1 +kind: Service +metadata: + annotations: + operator.min.io/authors: MinIO, Inc. + operator.min.io/license: AGPLv3 + operator.min.io/support: https://subnet.min.io + labels: + app.kubernetes.io/instance: minio-operator + app.kubernetes.io/name: operator + name: console + name: console + namespace: minio-operator +spec: + ports: + - name: http + port: 9090 + - name: https + port: 9443 + selector: + app: console +--- +apiVersion: v1 +kind: Service +metadata: + annotations: + operator.min.io/authors: MinIO, Inc. + operator.min.io/license: AGPLv3 + operator.min.io/support: https://subnet.min.io + labels: + app.kubernetes.io/instance: minio-operator + app.kubernetes.io/name: operator + name: minio-operator + name: operator + namespace: minio-operator +spec: + ports: + - name: http + port: 4221 + selector: + name: minio-operator + operator: leader + type: ClusterIP +--- +apiVersion: v1 +kind: Service +metadata: + annotations: + operator.min.io/authors: MinIO, Inc. + operator.min.io/license: AGPLv3 + operator.min.io/support: https://subnet.min.io + labels: + name: minio-operator + name: sts + namespace: minio-operator +spec: + ports: + - name: https + port: 4223 + targetPort: 4223 + selector: + name: minio-operator + type: ClusterIP +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + annotations: + operator.min.io/authors: MinIO, Inc. + operator.min.io/license: AGPLv3 + operator.min.io/support: https://subnet.min.io + labels: + app.kubernetes.io/instance: minio-operator + app.kubernetes.io/name: operator + name: console + namespace: minio-operator +spec: + replicas: 1 + selector: + matchLabels: + app: console + template: + metadata: + annotations: + operator.min.io/authors: MinIO, Inc. + operator.min.io/license: AGPLv3 + operator.min.io/support: https://subnet.min.io + labels: + app: console + app.kubernetes.io/instance: minio-operator-console + app.kubernetes.io/name: operator + spec: + containers: + - args: + - ui + - --certs-dir=/tmp/certs + image: minio/operator:v5.0.11 + imagePullPolicy: IfNotPresent + name: console + ports: + - containerPort: 9090 + name: http + - containerPort: 9443 + name: https + securityContext: + runAsGroup: 1000 + runAsNonRoot: true + runAsUser: 1000 + volumeMounts: + - mountPath: /tmp/certs + name: tls-certificates + - mountPath: /tmp/certs/CAs + name: tmp + serviceAccountName: console-sa + volumes: + - name: tls-certificates + projected: + sources: + - secret: + items: + - key: public.crt + path: public.crt + - key: public.crt + path: CAs/public.crt + - key: private.key + path: private.key + - key: tls.crt + path: tls.crt + - key: tls.crt + path: CAs/tls.crt + - key: tls.key + path: tls.key + name: console-tls + optional: true + - emptyDir: {} + name: tmp +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + annotations: + operator.min.io/authors: MinIO, Inc. + operator.min.io/license: AGPLv3 + operator.min.io/support: https://subnet.min.io + labels: + app.kubernetes.io/instance: minio-operator + app.kubernetes.io/name: operator + name: minio-operator + namespace: minio-operator +spec: + replicas: 2 + selector: + matchLabels: + name: minio-operator + strategy: + type: Recreate + template: + metadata: + annotations: + operator.min.io/authors: MinIO, Inc. + operator.min.io/license: AGPLv3 + operator.min.io/support: https://subnet.min.io + labels: + app.kubernetes.io/instance: minio-operator + app.kubernetes.io/name: operator + name: minio-operator + spec: + affinity: + podAntiAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + - labelSelector: + matchExpressions: + - key: name + operator: In + values: + - minio-operator + topologyKey: kubernetes.io/hostname + containers: + - args: + - controller + env: + - name: MINIO_CONSOLE_TLS_ENABLE + value: "off" + - name: OPERATOR_STS_ENABLED + value: "on" + image: minio/operator:v5.0.11 + imagePullPolicy: IfNotPresent + name: minio-operator + resources: + requests: + cpu: 200m + ephemeral-storage: 500Mi + memory: 256Mi + securityContext: + runAsGroup: 1000 + runAsNonRoot: true + runAsUser: 1000 + serviceAccountName: minio-operator diff --git a/data/minio-operator/storage-user.yaml b/data/minio-operator/storage-user.yaml new file mode 100644 index 0000000000..2551e72a39 --- /dev/null +++ b/data/minio-operator/storage-user.yaml @@ -0,0 +1,9 @@ +apiVersion: v1 +data: + CONSOLE_ACCESS_KEY: Y29uc29sZQ== + CONSOLE_SECRET_KEY: Y29uc29sZTEyMw== +kind: Secret +metadata: + name: storage-user + namespace: minio-operator +type: Opaque diff --git a/data/minio-operator/tenant-config.yaml b/data/minio-operator/tenant-config.yaml new file mode 100644 index 0000000000..2ce6405ace --- /dev/null +++ b/data/minio-operator/tenant-config.yaml @@ -0,0 +1,11 @@ +apiVersion: v1 +kind: Secret +metadata: + name: storage-configuration + namespace: minio-operator +type: Opaque +stringData: + config.env: |- + export MINIO_ROOT_USER="minio" + export MINIO_ROOT_PASSWORD="minio123" + export MINIO_BROWSER="on" From f2b149d3db9ec5c7152e081284e8109e4a87dc02 Mon Sep 17 00:00:00 2001 From: "Jiawei \"Tyler\" Gu" <47795840+tylergu@users.noreply.github.com> Date: Fri, 8 Mar 2024 16:09:40 -0600 Subject: [PATCH 24/38] Include guidelines for contributing porting config --- docs/port.md | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) diff --git a/docs/port.md b/docs/port.md index 17faba50b6..c01bfdacfb 100644 --- a/docs/port.md +++ b/docs/port.md @@ -1068,3 +1068,19 @@ Looking at the [generation-002-runtime.json](alarm_examples/false_alarm/generati This indicates that Acto expects a corresponding system state change for the input delta of path `spec.ephemeral.emptydirvolumesource.sizeLimit`. To understand the operator’s behavior, we trace through the operator source. We can see that the property has a control-flow dependency on another property: https://github.com/pravega/zookeeper-operator/blob/9fc6151757018cd99acd7b73c24870dce24ba3d5/pkg/zk/generators.go#L48C1-L52C54. And in the CR generated by Acto, the property `spec.storageType` is set to `persistent` instead of `ephemeral`. This alarm is thus a false alarm. The operator’s behavior is correct. It did not update the system state because the storageType is not set to `ephemeral`. Acto raised this alarm because it fails to recognize the control-flow dependency among the properties `spec.ephemeral.emptydirvolumesource.sizeLimit` and `spec.storageType`. + +## Contributing the Porting Config +After you have inspected the alarms, you have successfully ported and tested an operator using Acto. Congratulations! As you may already experience, porting an operator is non-trivial effort, and sharing the porting config would allow others to directly test the operators. + +To contribute your porting config to Acto, please create a directory under Acto’s data directory named as {OWNER}\_{REPO\_NAME} (e.g., pravega\_zookeeper-operator for [https://github.com/pravega/zookeeper-operator](https://github.com/pravega/zookeeper-operator)). Inside the create directory, please upload the following assets: + +* YAML files required to deploy the operator +* Seed CR file +* The config.json file for porting the operator (please remember to change the file paths to reflect the correct relative path from acto’s root directory) +* The `context.json` file produced by Acto's learning run + +To avoid conflict with other students porting the same operator, please name the Seed CR file as {SYSTEM\_NAME}-cr.yaml and the config file as {SYSTEM\_NAME}-config.json . For example, pd-cr.yaml and pd-config.json for porting the pd system for the tidb-operator. + +There are plenty existing examples for reference in the current data directory: [https://github.com/xlab-uiuc/acto/tree/main/data](https://github.com/xlab-uiuc/acto/tree/main/data). You may notice that your operator already has a corresponding directory under the data directory (e.g. [https://github.com/xlab-uiuc/acto/tree/main/data/cass-operator](https://github.com/xlab-uiuc/acto/tree/main/data/cass-operator) for the k8ssandra/cass-operator). Please just ignore the existing porting directories and create your own. The existing ones do not follow the {OWNER}\_{REPO\_NAME} naming convention, thus would not conflict with your porting directory. + +Please open a PR to Acto’s repository with the above changes: https://github.com/xlab-uiuc/acto/pulls From 90f5a75616ab24f863f1c6974e22159164e8dc8c Mon Sep 17 00:00:00 2001 From: Gisaldjo <13576286+Gisaldjo@users.noreply.github.com> Date: Sat, 9 Mar 2024 22:53:46 -0600 Subject: [PATCH 25/38] Add config and required files for deploying ArgoCD operator (#346) * Add config and required files for deploying ArgoCD operator * Add `context.json` --- .../argocd-basic-cr.yaml | 7 + .../argocd_acto_config | 25 + .../argocd_combined_crd.yaml | 32860 ++++++++++++++++ .../cert-manager.yaml | 5840 +++ .../context.json | 12851 ++++++ 5 files changed, 51583 insertions(+) create mode 100644 data/argoproj-labs_argocd-operator/argocd-basic-cr.yaml create mode 100644 data/argoproj-labs_argocd-operator/argocd_acto_config create mode 100644 data/argoproj-labs_argocd-operator/argocd_combined_crd.yaml create mode 100644 data/argoproj-labs_argocd-operator/cert-manager.yaml create mode 100644 data/argoproj-labs_argocd-operator/context.json diff --git a/data/argoproj-labs_argocd-operator/argocd-basic-cr.yaml b/data/argoproj-labs_argocd-operator/argocd-basic-cr.yaml new file mode 100644 index 0000000000..79572acd28 --- /dev/null +++ b/data/argoproj-labs_argocd-operator/argocd-basic-cr.yaml @@ -0,0 +1,7 @@ +apiVersion: argoproj.io/v1beta1 +kind: ArgoCD +metadata: + name: test-cluster + labels: + example: basic +spec: {} diff --git a/data/argoproj-labs_argocd-operator/argocd_acto_config b/data/argoproj-labs_argocd-operator/argocd_acto_config new file mode 100644 index 0000000000..8a720d13ce --- /dev/null +++ b/data/argoproj-labs_argocd-operator/argocd_acto_config @@ -0,0 +1,25 @@ +{ + "deploy": { + "steps": [ + { + "apply": { + "file": "data/argoproj-labs_argocd-operator/cert-manager.yaml", + "namespace": null + } + }, + { + "wait": { + "duration": 10 + } + }, + { + "apply": { + "file": "data/argoproj-labs_argocd-operator/argocd_combined_crd.yaml", + "operator": true + } + } + ] + }, + "crd_name": "argocds.argoproj.io", + "seed_custom_resource": "data/argoproj-labs_argocd-operator/argocd-basic-cr.yaml" +} diff --git a/data/argoproj-labs_argocd-operator/argocd_combined_crd.yaml b/data/argoproj-labs_argocd-operator/argocd_combined_crd.yaml new file mode 100644 index 0000000000..d468771eb1 --- /dev/null +++ b/data/argoproj-labs_argocd-operator/argocd_combined_crd.yaml @@ -0,0 +1,32860 @@ +apiVersion: v1 +kind: Namespace +metadata: + labels: + control-plane: argocd-operator + name: argocd-operator-system +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + labels: + app.kubernetes.io/name: applications.argoproj.io + app.kubernetes.io/part-of: argocd + name: applications.argoproj.io +spec: + group: argoproj.io + names: + kind: Application + listKind: ApplicationList + plural: applications + shortNames: + - app + - apps + singular: application + scope: Namespaced + versions: + - additionalPrinterColumns: + - jsonPath: .status.sync.status + name: Sync Status + type: string + - jsonPath: .status.health.status + name: Health Status + type: string + - jsonPath: .status.sync.revision + name: Revision + priority: 10 + type: string + name: v1alpha1 + schema: + openAPIV3Schema: + description: Application is a definition of Application resource. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + operation: + description: Operation contains information about a requested or running + operation + properties: + info: + description: Info is a list of informational items for this operation + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + initiatedBy: + description: InitiatedBy contains information about who initiated + the operations + properties: + automated: + description: Automated is set to true if operation was initiated + automatically by the application controller. + type: boolean + username: + description: Username contains the name of a user who started + operation + type: string + type: object + retry: + description: Retry controls the strategy to apply if a sync fails + properties: + backoff: + description: Backoff controls how to backoff on subsequent retries + of failed syncs + properties: + duration: + description: Duration is the amount to back off. Default unit + is seconds, but could also be a duration (e.g. "2m", "1h") + type: string + factor: + description: Factor is a factor to multiply the base duration + after each failed retry + format: int64 + type: integer + maxDuration: + description: MaxDuration is the maximum amount of time allowed + for the backoff strategy + type: string + type: object + limit: + description: Limit is the maximum number of attempts for retrying + a failed sync. If set to 0, no retries will be performed. + format: int64 + type: integer + type: object + sync: + description: Sync contains parameters for the operation + properties: + dryRun: + description: DryRun specifies to perform a `kubectl apply --dry-run` + without actually performing the sync + type: boolean + manifests: + description: Manifests is an optional field that overrides sync + source with a local directory for development + items: + type: string + type: array + prune: + description: Prune specifies to delete resources from the cluster + that are no longer tracked in git + type: boolean + resources: + description: Resources describes which resources shall be part + of the sync + items: + description: SyncOperationResource contains resources to sync. + properties: + group: + type: string + kind: + type: string + name: + type: string + namespace: + type: string + required: + - kind + - name + type: object + type: array + revision: + description: Revision is the revision (Git) or chart version (Helm) + which to sync the application to If omitted, will use the revision + specified in app spec. + type: string + revisions: + description: Revisions is the list of revision (Git) or chart + version (Helm) which to sync each source in sources field for + the application to If omitted, will use the revision specified + in app spec. + items: + type: string + type: array + source: + description: Source overrides the source definition set in the + application. This is typically set in a Rollback operation and + is nil during a Sync operation + properties: + chart: + description: Chart is a Helm chart name, and must be specified + for applications sourced from a Helm repo. + type: string + directory: + description: Directory holds path/directory specific options + properties: + exclude: + description: Exclude contains a glob pattern to match + paths against that should be explicitly excluded from + being used during manifest generation + type: string + include: + description: Include contains a glob pattern to match + paths against that should be explicitly included during + manifest generation + type: string + jsonnet: + description: Jsonnet holds options specific to Jsonnet + properties: + extVars: + description: ExtVars is a list of Jsonnet External + Variables + items: + description: JsonnetVar represents a variable to + be passed to jsonnet during manifest generation + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + description: Additional library search dirs + items: + type: string + type: array + tlas: + description: TLAS is a list of Jsonnet Top-level Arguments + items: + description: JsonnetVar represents a variable to + be passed to jsonnet during manifest generation + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + description: Recurse specifies whether to scan a directory + recursively for manifests + type: boolean + type: object + helm: + description: Helm holds helm specific options + properties: + fileParameters: + description: FileParameters are file parameters to the + helm template + items: + description: HelmFileParameter is a file parameter that's + passed to helm template during manifest generation + properties: + name: + description: Name is the name of the Helm parameter + type: string + path: + description: Path is the path to the file containing + the values for the Helm parameter + type: string + type: object + type: array + ignoreMissingValueFiles: + description: IgnoreMissingValueFiles prevents helm template + from failing when valueFiles do not exist locally by + not appending them to helm template --values + type: boolean + parameters: + description: Parameters is a list of Helm parameters which + are passed to the helm template command upon manifest + generation + items: + description: HelmParameter is a parameter that's passed + to helm template during manifest generation + properties: + forceString: + description: ForceString determines whether to tell + Helm to interpret booleans and numbers as strings + type: boolean + name: + description: Name is the name of the Helm parameter + type: string + value: + description: Value is the value for the Helm parameter + type: string + type: object + type: array + passCredentials: + description: PassCredentials pass credentials to all domains + (Helm's --pass-credentials) + type: boolean + releaseName: + description: ReleaseName is the Helm release name to use. + If omitted it will use the application name + type: string + skipCrds: + description: SkipCrds skips custom resource definition + installation step (Helm's --skip-crds) + type: boolean + valueFiles: + description: ValuesFiles is a list of Helm value files + to use when generating a template + items: + type: string + type: array + values: + description: Values specifies Helm values to be passed + to helm template, typically defined as a block. ValuesObject + takes precedence over Values, so use one or the other. + type: string + valuesObject: + description: ValuesObject specifies Helm values to be + passed to helm template, defined as a map. This takes + precedence over Values. + type: object + x-kubernetes-preserve-unknown-fields: true + version: + description: Version is the Helm version to use for templating + ("3") + type: string + type: object + kustomize: + description: Kustomize holds kustomize specific options + properties: + commonAnnotations: + additionalProperties: + type: string + description: CommonAnnotations is a list of additional + annotations to add to rendered manifests + type: object + commonAnnotationsEnvsubst: + description: CommonAnnotationsEnvsubst specifies whether + to apply env variables substitution for annotation values + type: boolean + commonLabels: + additionalProperties: + type: string + description: CommonLabels is a list of additional labels + to add to rendered manifests + type: object + forceCommonAnnotations: + description: ForceCommonAnnotations specifies whether + to force applying common annotations to resources for + Kustomize apps + type: boolean + forceCommonLabels: + description: ForceCommonLabels specifies whether to force + applying common labels to resources for Kustomize apps + type: boolean + images: + description: Images is a list of Kustomize image override + specifications + items: + description: KustomizeImage represents a Kustomize image + definition in the format [old_image_name=]: + type: string + type: array + namePrefix: + description: NamePrefix is a prefix appended to resources + for Kustomize apps + type: string + nameSuffix: + description: NameSuffix is a suffix appended to resources + for Kustomize apps + type: string + namespace: + description: Namespace sets the namespace that Kustomize + adds to all resources + type: string + replicas: + description: Replicas is a list of Kustomize Replicas + override specifications + items: + properties: + count: + anyOf: + - type: integer + - type: string + description: Number of replicas + x-kubernetes-int-or-string: true + name: + description: Name of Deployment or StatefulSet + type: string + required: + - count + - name + type: object + type: array + version: + description: Version controls which version of Kustomize + to use for rendering manifests + type: string + type: object + path: + description: Path is a directory path within the Git repository, + and is only valid for applications sourced from Git. + type: string + plugin: + description: Plugin holds config management plugin specific + options + properties: + env: + description: Env is a list of environment variable entries + items: + description: EnvEntry represents an entry in the application's + environment + properties: + name: + description: Name is the name of the variable, usually + expressed in uppercase + type: string + value: + description: Value is the value of the variable + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + description: Array is the value of an array type + parameter. + items: + type: string + type: array + map: + additionalProperties: + type: string + description: Map is the value of a map type parameter. + type: object + name: + description: Name is the name identifying a parameter. + type: string + string: + description: String_ is the value of a string type + parameter. + type: string + type: object + type: array + type: object + ref: + description: Ref is reference to another source within sources + field. This field will not be used if used with a `source` + tag. + type: string + repoURL: + description: RepoURL is the URL to the repository (Git or + Helm) that contains the application manifests + type: string + targetRevision: + description: TargetRevision defines the revision of the source + to sync the application to. In case of Git, this can be + commit, tag, or branch. If omitted, will equal to HEAD. + In case of Helm, this is a semver tag for the Chart's version. + type: string + required: + - repoURL + type: object + sources: + description: Sources overrides the source definition set in the + application. This is typically set in a Rollback operation and + is nil during a Sync operation + items: + description: ApplicationSource contains all required information + about the source of an application + properties: + chart: + description: Chart is a Helm chart name, and must be specified + for applications sourced from a Helm repo. + type: string + directory: + description: Directory holds path/directory specific options + properties: + exclude: + description: Exclude contains a glob pattern to match + paths against that should be explicitly excluded from + being used during manifest generation + type: string + include: + description: Include contains a glob pattern to match + paths against that should be explicitly included during + manifest generation + type: string + jsonnet: + description: Jsonnet holds options specific to Jsonnet + properties: + extVars: + description: ExtVars is a list of Jsonnet External + Variables + items: + description: JsonnetVar represents a variable + to be passed to jsonnet during manifest generation + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + description: Additional library search dirs + items: + type: string + type: array + tlas: + description: TLAS is a list of Jsonnet Top-level + Arguments + items: + description: JsonnetVar represents a variable + to be passed to jsonnet during manifest generation + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + description: Recurse specifies whether to scan a directory + recursively for manifests + type: boolean + type: object + helm: + description: Helm holds helm specific options + properties: + fileParameters: + description: FileParameters are file parameters to the + helm template + items: + description: HelmFileParameter is a file parameter + that's passed to helm template during manifest generation + properties: + name: + description: Name is the name of the Helm parameter + type: string + path: + description: Path is the path to the file containing + the values for the Helm parameter + type: string + type: object + type: array + ignoreMissingValueFiles: + description: IgnoreMissingValueFiles prevents helm template + from failing when valueFiles do not exist locally + by not appending them to helm template --values + type: boolean + parameters: + description: Parameters is a list of Helm parameters + which are passed to the helm template command upon + manifest generation + items: + description: HelmParameter is a parameter that's passed + to helm template during manifest generation + properties: + forceString: + description: ForceString determines whether to + tell Helm to interpret booleans and numbers + as strings + type: boolean + name: + description: Name is the name of the Helm parameter + type: string + value: + description: Value is the value for the Helm parameter + type: string + type: object + type: array + passCredentials: + description: PassCredentials pass credentials to all + domains (Helm's --pass-credentials) + type: boolean + releaseName: + description: ReleaseName is the Helm release name to + use. If omitted it will use the application name + type: string + skipCrds: + description: SkipCrds skips custom resource definition + installation step (Helm's --skip-crds) + type: boolean + valueFiles: + description: ValuesFiles is a list of Helm value files + to use when generating a template + items: + type: string + type: array + values: + description: Values specifies Helm values to be passed + to helm template, typically defined as a block. ValuesObject + takes precedence over Values, so use one or the other. + type: string + valuesObject: + description: ValuesObject specifies Helm values to be + passed to helm template, defined as a map. This takes + precedence over Values. + type: object + x-kubernetes-preserve-unknown-fields: true + version: + description: Version is the Helm version to use for + templating ("3") + type: string + type: object + kustomize: + description: Kustomize holds kustomize specific options + properties: + commonAnnotations: + additionalProperties: + type: string + description: CommonAnnotations is a list of additional + annotations to add to rendered manifests + type: object + commonAnnotationsEnvsubst: + description: CommonAnnotationsEnvsubst specifies whether + to apply env variables substitution for annotation + values + type: boolean + commonLabels: + additionalProperties: + type: string + description: CommonLabels is a list of additional labels + to add to rendered manifests + type: object + forceCommonAnnotations: + description: ForceCommonAnnotations specifies whether + to force applying common annotations to resources + for Kustomize apps + type: boolean + forceCommonLabels: + description: ForceCommonLabels specifies whether to + force applying common labels to resources for Kustomize + apps + type: boolean + images: + description: Images is a list of Kustomize image override + specifications + items: + description: KustomizeImage represents a Kustomize + image definition in the format [old_image_name=]: + type: string + type: array + namePrefix: + description: NamePrefix is a prefix appended to resources + for Kustomize apps + type: string + nameSuffix: + description: NameSuffix is a suffix appended to resources + for Kustomize apps + type: string + namespace: + description: Namespace sets the namespace that Kustomize + adds to all resources + type: string + replicas: + description: Replicas is a list of Kustomize Replicas + override specifications + items: + properties: + count: + anyOf: + - type: integer + - type: string + description: Number of replicas + x-kubernetes-int-or-string: true + name: + description: Name of Deployment or StatefulSet + type: string + required: + - count + - name + type: object + type: array + version: + description: Version controls which version of Kustomize + to use for rendering manifests + type: string + type: object + path: + description: Path is a directory path within the Git repository, + and is only valid for applications sourced from Git. + type: string + plugin: + description: Plugin holds config management plugin specific + options + properties: + env: + description: Env is a list of environment variable entries + items: + description: EnvEntry represents an entry in the application's + environment + properties: + name: + description: Name is the name of the variable, + usually expressed in uppercase + type: string + value: + description: Value is the value of the variable + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + description: Array is the value of an array type + parameter. + items: + type: string + type: array + map: + additionalProperties: + type: string + description: Map is the value of a map type parameter. + type: object + name: + description: Name is the name identifying a parameter. + type: string + string: + description: String_ is the value of a string + type parameter. + type: string + type: object + type: array + type: object + ref: + description: Ref is reference to another source within sources + field. This field will not be used if used with a `source` + tag. + type: string + repoURL: + description: RepoURL is the URL to the repository (Git or + Helm) that contains the application manifests + type: string + targetRevision: + description: TargetRevision defines the revision of the + source to sync the application to. In case of Git, this + can be commit, tag, or branch. If omitted, will equal + to HEAD. In case of Helm, this is a semver tag for the + Chart's version. + type: string + required: + - repoURL + type: object + type: array + syncOptions: + description: SyncOptions provide per-sync sync-options, e.g. Validate=false + items: + type: string + type: array + syncStrategy: + description: SyncStrategy describes how to perform the sync + properties: + apply: + description: Apply will perform a `kubectl apply` to perform + the sync. + properties: + force: + description: Force indicates whether or not to supply + the --force flag to `kubectl apply`. The --force flag + deletes and re-create the resource, when PATCH encounters + conflict and has retried for 5 times. + type: boolean + type: object + hook: + description: Hook will submit any referenced resources to + perform the sync. This is the default strategy + properties: + force: + description: Force indicates whether or not to supply + the --force flag to `kubectl apply`. The --force flag + deletes and re-create the resource, when PATCH encounters + conflict and has retried for 5 times. + type: boolean + type: object + type: object + type: object + type: object + spec: + description: ApplicationSpec represents desired application state. Contains + link to repository with application definition and additional parameters + link definition revision. + properties: + destination: + description: Destination is a reference to the target Kubernetes server + and namespace + properties: + name: + description: Name is an alternate way of specifying the target + cluster by its symbolic name + type: string + namespace: + description: Namespace specifies the target namespace for the + application's resources. The namespace will only be set for + namespace-scoped resources that have not set a value for .metadata.namespace + type: string + server: + description: Server specifies the URL of the target cluster and + must be set to the Kubernetes control plane API + type: string + type: object + ignoreDifferences: + description: IgnoreDifferences is a list of resources and their fields + which should be ignored during comparison + items: + description: ResourceIgnoreDifferences contains resource filter + and list of json paths which should be ignored during comparison + with live state. + properties: + group: + type: string + jqPathExpressions: + items: + type: string + type: array + jsonPointers: + items: + type: string + type: array + kind: + type: string + managedFieldsManagers: + description: ManagedFieldsManagers is a list of trusted managers. + Fields mutated by those managers will take precedence over + the desired state defined in the SCM and won't be displayed + in diffs + items: + type: string + type: array + name: + type: string + namespace: + type: string + required: + - kind + type: object + type: array + info: + description: Info contains a list of information (URLs, email addresses, + and plain text) that relates to the application + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + project: + description: Project is a reference to the project this application + belongs to. The empty string means that application belongs to the + 'default' project. + type: string + revisionHistoryLimit: + description: RevisionHistoryLimit limits the number of items kept + in the application's revision history, which is used for informational + purposes as well as for rollbacks to previous versions. This should + only be changed in exceptional circumstances. Setting to zero will + store no history. This will reduce storage used. Increasing will + increase the space used to store the history, so we do not recommend + increasing it. Default is 10. + format: int64 + type: integer + source: + description: Source is a reference to the location of the application's + manifests or chart + properties: + chart: + description: Chart is a Helm chart name, and must be specified + for applications sourced from a Helm repo. + type: string + directory: + description: Directory holds path/directory specific options + properties: + exclude: + description: Exclude contains a glob pattern to match paths + against that should be explicitly excluded from being used + during manifest generation + type: string + include: + description: Include contains a glob pattern to match paths + against that should be explicitly included during manifest + generation + type: string + jsonnet: + description: Jsonnet holds options specific to Jsonnet + properties: + extVars: + description: ExtVars is a list of Jsonnet External Variables + items: + description: JsonnetVar represents a variable to be + passed to jsonnet during manifest generation + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + description: Additional library search dirs + items: + type: string + type: array + tlas: + description: TLAS is a list of Jsonnet Top-level Arguments + items: + description: JsonnetVar represents a variable to be + passed to jsonnet during manifest generation + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + description: Recurse specifies whether to scan a directory + recursively for manifests + type: boolean + type: object + helm: + description: Helm holds helm specific options + properties: + fileParameters: + description: FileParameters are file parameters to the helm + template + items: + description: HelmFileParameter is a file parameter that's + passed to helm template during manifest generation + properties: + name: + description: Name is the name of the Helm parameter + type: string + path: + description: Path is the path to the file containing + the values for the Helm parameter + type: string + type: object + type: array + ignoreMissingValueFiles: + description: IgnoreMissingValueFiles prevents helm template + from failing when valueFiles do not exist locally by not + appending them to helm template --values + type: boolean + parameters: + description: Parameters is a list of Helm parameters which + are passed to the helm template command upon manifest generation + items: + description: HelmParameter is a parameter that's passed + to helm template during manifest generation + properties: + forceString: + description: ForceString determines whether to tell + Helm to interpret booleans and numbers as strings + type: boolean + name: + description: Name is the name of the Helm parameter + type: string + value: + description: Value is the value for the Helm parameter + type: string + type: object + type: array + passCredentials: + description: PassCredentials pass credentials to all domains + (Helm's --pass-credentials) + type: boolean + releaseName: + description: ReleaseName is the Helm release name to use. + If omitted it will use the application name + type: string + skipCrds: + description: SkipCrds skips custom resource definition installation + step (Helm's --skip-crds) + type: boolean + valueFiles: + description: ValuesFiles is a list of Helm value files to + use when generating a template + items: + type: string + type: array + values: + description: Values specifies Helm values to be passed to + helm template, typically defined as a block. ValuesObject + takes precedence over Values, so use one or the other. + type: string + valuesObject: + description: ValuesObject specifies Helm values to be passed + to helm template, defined as a map. This takes precedence + over Values. + type: object + x-kubernetes-preserve-unknown-fields: true + version: + description: Version is the Helm version to use for templating + ("3") + type: string + type: object + kustomize: + description: Kustomize holds kustomize specific options + properties: + commonAnnotations: + additionalProperties: + type: string + description: CommonAnnotations is a list of additional annotations + to add to rendered manifests + type: object + commonAnnotationsEnvsubst: + description: CommonAnnotationsEnvsubst specifies whether to + apply env variables substitution for annotation values + type: boolean + commonLabels: + additionalProperties: + type: string + description: CommonLabels is a list of additional labels to + add to rendered manifests + type: object + forceCommonAnnotations: + description: ForceCommonAnnotations specifies whether to force + applying common annotations to resources for Kustomize apps + type: boolean + forceCommonLabels: + description: ForceCommonLabels specifies whether to force + applying common labels to resources for Kustomize apps + type: boolean + images: + description: Images is a list of Kustomize image override + specifications + items: + description: KustomizeImage represents a Kustomize image + definition in the format [old_image_name=]: + type: string + type: array + namePrefix: + description: NamePrefix is a prefix appended to resources + for Kustomize apps + type: string + nameSuffix: + description: NameSuffix is a suffix appended to resources + for Kustomize apps + type: string + namespace: + description: Namespace sets the namespace that Kustomize adds + to all resources + type: string + replicas: + description: Replicas is a list of Kustomize Replicas override + specifications + items: + properties: + count: + anyOf: + - type: integer + - type: string + description: Number of replicas + x-kubernetes-int-or-string: true + name: + description: Name of Deployment or StatefulSet + type: string + required: + - count + - name + type: object + type: array + version: + description: Version controls which version of Kustomize to + use for rendering manifests + type: string + type: object + path: + description: Path is a directory path within the Git repository, + and is only valid for applications sourced from Git. + type: string + plugin: + description: Plugin holds config management plugin specific options + properties: + env: + description: Env is a list of environment variable entries + items: + description: EnvEntry represents an entry in the application's + environment + properties: + name: + description: Name is the name of the variable, usually + expressed in uppercase + type: string + value: + description: Value is the value of the variable + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + description: Array is the value of an array type parameter. + items: + type: string + type: array + map: + additionalProperties: + type: string + description: Map is the value of a map type parameter. + type: object + name: + description: Name is the name identifying a parameter. + type: string + string: + description: String_ is the value of a string type parameter. + type: string + type: object + type: array + type: object + ref: + description: Ref is reference to another source within sources + field. This field will not be used if used with a `source` tag. + type: string + repoURL: + description: RepoURL is the URL to the repository (Git or Helm) + that contains the application manifests + type: string + targetRevision: + description: TargetRevision defines the revision of the source + to sync the application to. In case of Git, this can be commit, + tag, or branch. If omitted, will equal to HEAD. In case of Helm, + this is a semver tag for the Chart's version. + type: string + required: + - repoURL + type: object + sources: + description: Sources is a reference to the location of the application's + manifests or chart + items: + description: ApplicationSource contains all required information + about the source of an application + properties: + chart: + description: Chart is a Helm chart name, and must be specified + for applications sourced from a Helm repo. + type: string + directory: + description: Directory holds path/directory specific options + properties: + exclude: + description: Exclude contains a glob pattern to match paths + against that should be explicitly excluded from being + used during manifest generation + type: string + include: + description: Include contains a glob pattern to match paths + against that should be explicitly included during manifest + generation + type: string + jsonnet: + description: Jsonnet holds options specific to Jsonnet + properties: + extVars: + description: ExtVars is a list of Jsonnet External Variables + items: + description: JsonnetVar represents a variable to be + passed to jsonnet during manifest generation + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + description: Additional library search dirs + items: + type: string + type: array + tlas: + description: TLAS is a list of Jsonnet Top-level Arguments + items: + description: JsonnetVar represents a variable to be + passed to jsonnet during manifest generation + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + description: Recurse specifies whether to scan a directory + recursively for manifests + type: boolean + type: object + helm: + description: Helm holds helm specific options + properties: + fileParameters: + description: FileParameters are file parameters to the helm + template + items: + description: HelmFileParameter is a file parameter that's + passed to helm template during manifest generation + properties: + name: + description: Name is the name of the Helm parameter + type: string + path: + description: Path is the path to the file containing + the values for the Helm parameter + type: string + type: object + type: array + ignoreMissingValueFiles: + description: IgnoreMissingValueFiles prevents helm template + from failing when valueFiles do not exist locally by not + appending them to helm template --values + type: boolean + parameters: + description: Parameters is a list of Helm parameters which + are passed to the helm template command upon manifest + generation + items: + description: HelmParameter is a parameter that's passed + to helm template during manifest generation + properties: + forceString: + description: ForceString determines whether to tell + Helm to interpret booleans and numbers as strings + type: boolean + name: + description: Name is the name of the Helm parameter + type: string + value: + description: Value is the value for the Helm parameter + type: string + type: object + type: array + passCredentials: + description: PassCredentials pass credentials to all domains + (Helm's --pass-credentials) + type: boolean + releaseName: + description: ReleaseName is the Helm release name to use. + If omitted it will use the application name + type: string + skipCrds: + description: SkipCrds skips custom resource definition installation + step (Helm's --skip-crds) + type: boolean + valueFiles: + description: ValuesFiles is a list of Helm value files to + use when generating a template + items: + type: string + type: array + values: + description: Values specifies Helm values to be passed to + helm template, typically defined as a block. ValuesObject + takes precedence over Values, so use one or the other. + type: string + valuesObject: + description: ValuesObject specifies Helm values to be passed + to helm template, defined as a map. This takes precedence + over Values. + type: object + x-kubernetes-preserve-unknown-fields: true + version: + description: Version is the Helm version to use for templating + ("3") + type: string + type: object + kustomize: + description: Kustomize holds kustomize specific options + properties: + commonAnnotations: + additionalProperties: + type: string + description: CommonAnnotations is a list of additional annotations + to add to rendered manifests + type: object + commonAnnotationsEnvsubst: + description: CommonAnnotationsEnvsubst specifies whether + to apply env variables substitution for annotation values + type: boolean + commonLabels: + additionalProperties: + type: string + description: CommonLabels is a list of additional labels + to add to rendered manifests + type: object + forceCommonAnnotations: + description: ForceCommonAnnotations specifies whether to + force applying common annotations to resources for Kustomize + apps + type: boolean + forceCommonLabels: + description: ForceCommonLabels specifies whether to force + applying common labels to resources for Kustomize apps + type: boolean + images: + description: Images is a list of Kustomize image override + specifications + items: + description: KustomizeImage represents a Kustomize image + definition in the format [old_image_name=]: + type: string + type: array + namePrefix: + description: NamePrefix is a prefix appended to resources + for Kustomize apps + type: string + nameSuffix: + description: NameSuffix is a suffix appended to resources + for Kustomize apps + type: string + namespace: + description: Namespace sets the namespace that Kustomize + adds to all resources + type: string + replicas: + description: Replicas is a list of Kustomize Replicas override + specifications + items: + properties: + count: + anyOf: + - type: integer + - type: string + description: Number of replicas + x-kubernetes-int-or-string: true + name: + description: Name of Deployment or StatefulSet + type: string + required: + - count + - name + type: object + type: array + version: + description: Version controls which version of Kustomize + to use for rendering manifests + type: string + type: object + path: + description: Path is a directory path within the Git repository, + and is only valid for applications sourced from Git. + type: string + plugin: + description: Plugin holds config management plugin specific + options + properties: + env: + description: Env is a list of environment variable entries + items: + description: EnvEntry represents an entry in the application's + environment + properties: + name: + description: Name is the name of the variable, usually + expressed in uppercase + type: string + value: + description: Value is the value of the variable + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + description: Array is the value of an array type parameter. + items: + type: string + type: array + map: + additionalProperties: + type: string + description: Map is the value of a map type parameter. + type: object + name: + description: Name is the name identifying a parameter. + type: string + string: + description: String_ is the value of a string type + parameter. + type: string + type: object + type: array + type: object + ref: + description: Ref is reference to another source within sources + field. This field will not be used if used with a `source` + tag. + type: string + repoURL: + description: RepoURL is the URL to the repository (Git or Helm) + that contains the application manifests + type: string + targetRevision: + description: TargetRevision defines the revision of the source + to sync the application to. In case of Git, this can be commit, + tag, or branch. If omitted, will equal to HEAD. In case of + Helm, this is a semver tag for the Chart's version. + type: string + required: + - repoURL + type: object + type: array + syncPolicy: + description: SyncPolicy controls when and how a sync will be performed + properties: + automated: + description: Automated will keep an application synced to the + target revision + properties: + allowEmpty: + description: 'AllowEmpty allows apps have zero live resources + (default: false)' + type: boolean + prune: + description: 'Prune specifies whether to delete resources + from the cluster that are not found in the sources anymore + as part of automated sync (default: false)' + type: boolean + selfHeal: + description: 'SelfHeal specifies whether to revert resources + back to their desired state upon modification in the cluster + (default: false)' + type: boolean + type: object + managedNamespaceMetadata: + description: ManagedNamespaceMetadata controls metadata in the + given namespace (if CreateNamespace=true) + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object + retry: + description: Retry controls failed sync retry behavior + properties: + backoff: + description: Backoff controls how to backoff on subsequent + retries of failed syncs + properties: + duration: + description: Duration is the amount to back off. Default + unit is seconds, but could also be a duration (e.g. + "2m", "1h") + type: string + factor: + description: Factor is a factor to multiply the base duration + after each failed retry + format: int64 + type: integer + maxDuration: + description: MaxDuration is the maximum amount of time + allowed for the backoff strategy + type: string + type: object + limit: + description: Limit is the maximum number of attempts for retrying + a failed sync. If set to 0, no retries will be performed. + format: int64 + type: integer + type: object + syncOptions: + description: Options allow you to specify whole app sync-options + items: + type: string + type: array + type: object + required: + - destination + - project + type: object + status: + description: ApplicationStatus contains status information for the application + properties: + conditions: + description: Conditions is a list of currently observed application + conditions + items: + description: ApplicationCondition contains details about an application + condition, which is usually an error or warning + properties: + lastTransitionTime: + description: LastTransitionTime is the time the condition was + last observed + format: date-time + type: string + message: + description: Message contains human-readable message indicating + details about condition + type: string + type: + description: Type is an application condition type + type: string + required: + - message + - type + type: object + type: array + controllerNamespace: + description: ControllerNamespace indicates the namespace in which + the application controller is located + type: string + health: + description: Health contains information about the application's current + health status + properties: + message: + description: Message is a human-readable informational message + describing the health status + type: string + status: + description: Status holds the status code of the application or + resource + type: string + type: object + history: + description: History contains information about the application's + sync history + items: + description: RevisionHistory contains history information about + a previous sync + properties: + deployStartedAt: + description: DeployStartedAt holds the time the sync operation + started + format: date-time + type: string + deployedAt: + description: DeployedAt holds the time the sync operation completed + format: date-time + type: string + id: + description: ID is an auto incrementing identifier of the RevisionHistory + format: int64 + type: integer + revision: + description: Revision holds the revision the sync was performed + against + type: string + revisions: + description: Revisions holds the revision of each source in + sources field the sync was performed against + items: + type: string + type: array + source: + description: Source is a reference to the application source + used for the sync operation + properties: + chart: + description: Chart is a Helm chart name, and must be specified + for applications sourced from a Helm repo. + type: string + directory: + description: Directory holds path/directory specific options + properties: + exclude: + description: Exclude contains a glob pattern to match + paths against that should be explicitly excluded from + being used during manifest generation + type: string + include: + description: Include contains a glob pattern to match + paths against that should be explicitly included during + manifest generation + type: string + jsonnet: + description: Jsonnet holds options specific to Jsonnet + properties: + extVars: + description: ExtVars is a list of Jsonnet External + Variables + items: + description: JsonnetVar represents a variable + to be passed to jsonnet during manifest generation + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + description: Additional library search dirs + items: + type: string + type: array + tlas: + description: TLAS is a list of Jsonnet Top-level + Arguments + items: + description: JsonnetVar represents a variable + to be passed to jsonnet during manifest generation + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + description: Recurse specifies whether to scan a directory + recursively for manifests + type: boolean + type: object + helm: + description: Helm holds helm specific options + properties: + fileParameters: + description: FileParameters are file parameters to the + helm template + items: + description: HelmFileParameter is a file parameter + that's passed to helm template during manifest generation + properties: + name: + description: Name is the name of the Helm parameter + type: string + path: + description: Path is the path to the file containing + the values for the Helm parameter + type: string + type: object + type: array + ignoreMissingValueFiles: + description: IgnoreMissingValueFiles prevents helm template + from failing when valueFiles do not exist locally + by not appending them to helm template --values + type: boolean + parameters: + description: Parameters is a list of Helm parameters + which are passed to the helm template command upon + manifest generation + items: + description: HelmParameter is a parameter that's passed + to helm template during manifest generation + properties: + forceString: + description: ForceString determines whether to + tell Helm to interpret booleans and numbers + as strings + type: boolean + name: + description: Name is the name of the Helm parameter + type: string + value: + description: Value is the value for the Helm parameter + type: string + type: object + type: array + passCredentials: + description: PassCredentials pass credentials to all + domains (Helm's --pass-credentials) + type: boolean + releaseName: + description: ReleaseName is the Helm release name to + use. If omitted it will use the application name + type: string + skipCrds: + description: SkipCrds skips custom resource definition + installation step (Helm's --skip-crds) + type: boolean + valueFiles: + description: ValuesFiles is a list of Helm value files + to use when generating a template + items: + type: string + type: array + values: + description: Values specifies Helm values to be passed + to helm template, typically defined as a block. ValuesObject + takes precedence over Values, so use one or the other. + type: string + valuesObject: + description: ValuesObject specifies Helm values to be + passed to helm template, defined as a map. This takes + precedence over Values. + type: object + x-kubernetes-preserve-unknown-fields: true + version: + description: Version is the Helm version to use for + templating ("3") + type: string + type: object + kustomize: + description: Kustomize holds kustomize specific options + properties: + commonAnnotations: + additionalProperties: + type: string + description: CommonAnnotations is a list of additional + annotations to add to rendered manifests + type: object + commonAnnotationsEnvsubst: + description: CommonAnnotationsEnvsubst specifies whether + to apply env variables substitution for annotation + values + type: boolean + commonLabels: + additionalProperties: + type: string + description: CommonLabels is a list of additional labels + to add to rendered manifests + type: object + forceCommonAnnotations: + description: ForceCommonAnnotations specifies whether + to force applying common annotations to resources + for Kustomize apps + type: boolean + forceCommonLabels: + description: ForceCommonLabels specifies whether to + force applying common labels to resources for Kustomize + apps + type: boolean + images: + description: Images is a list of Kustomize image override + specifications + items: + description: KustomizeImage represents a Kustomize + image definition in the format [old_image_name=]: + type: string + type: array + namePrefix: + description: NamePrefix is a prefix appended to resources + for Kustomize apps + type: string + nameSuffix: + description: NameSuffix is a suffix appended to resources + for Kustomize apps + type: string + namespace: + description: Namespace sets the namespace that Kustomize + adds to all resources + type: string + replicas: + description: Replicas is a list of Kustomize Replicas + override specifications + items: + properties: + count: + anyOf: + - type: integer + - type: string + description: Number of replicas + x-kubernetes-int-or-string: true + name: + description: Name of Deployment or StatefulSet + type: string + required: + - count + - name + type: object + type: array + version: + description: Version controls which version of Kustomize + to use for rendering manifests + type: string + type: object + path: + description: Path is a directory path within the Git repository, + and is only valid for applications sourced from Git. + type: string + plugin: + description: Plugin holds config management plugin specific + options + properties: + env: + description: Env is a list of environment variable entries + items: + description: EnvEntry represents an entry in the application's + environment + properties: + name: + description: Name is the name of the variable, + usually expressed in uppercase + type: string + value: + description: Value is the value of the variable + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + description: Array is the value of an array type + parameter. + items: + type: string + type: array + map: + additionalProperties: + type: string + description: Map is the value of a map type parameter. + type: object + name: + description: Name is the name identifying a parameter. + type: string + string: + description: String_ is the value of a string + type parameter. + type: string + type: object + type: array + type: object + ref: + description: Ref is reference to another source within sources + field. This field will not be used if used with a `source` + tag. + type: string + repoURL: + description: RepoURL is the URL to the repository (Git or + Helm) that contains the application manifests + type: string + targetRevision: + description: TargetRevision defines the revision of the + source to sync the application to. In case of Git, this + can be commit, tag, or branch. If omitted, will equal + to HEAD. In case of Helm, this is a semver tag for the + Chart's version. + type: string + required: + - repoURL + type: object + sources: + description: Sources is a reference to the application sources + used for the sync operation + items: + description: ApplicationSource contains all required information + about the source of an application + properties: + chart: + description: Chart is a Helm chart name, and must be specified + for applications sourced from a Helm repo. + type: string + directory: + description: Directory holds path/directory specific options + properties: + exclude: + description: Exclude contains a glob pattern to match + paths against that should be explicitly excluded + from being used during manifest generation + type: string + include: + description: Include contains a glob pattern to match + paths against that should be explicitly included + during manifest generation + type: string + jsonnet: + description: Jsonnet holds options specific to Jsonnet + properties: + extVars: + description: ExtVars is a list of Jsonnet External + Variables + items: + description: JsonnetVar represents a variable + to be passed to jsonnet during manifest generation + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + description: Additional library search dirs + items: + type: string + type: array + tlas: + description: TLAS is a list of Jsonnet Top-level + Arguments + items: + description: JsonnetVar represents a variable + to be passed to jsonnet during manifest generation + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + description: Recurse specifies whether to scan a directory + recursively for manifests + type: boolean + type: object + helm: + description: Helm holds helm specific options + properties: + fileParameters: + description: FileParameters are file parameters to + the helm template + items: + description: HelmFileParameter is a file parameter + that's passed to helm template during manifest + generation + properties: + name: + description: Name is the name of the Helm parameter + type: string + path: + description: Path is the path to the file containing + the values for the Helm parameter + type: string + type: object + type: array + ignoreMissingValueFiles: + description: IgnoreMissingValueFiles prevents helm + template from failing when valueFiles do not exist + locally by not appending them to helm template --values + type: boolean + parameters: + description: Parameters is a list of Helm parameters + which are passed to the helm template command upon + manifest generation + items: + description: HelmParameter is a parameter that's + passed to helm template during manifest generation + properties: + forceString: + description: ForceString determines whether + to tell Helm to interpret booleans and numbers + as strings + type: boolean + name: + description: Name is the name of the Helm parameter + type: string + value: + description: Value is the value for the Helm + parameter + type: string + type: object + type: array + passCredentials: + description: PassCredentials pass credentials to all + domains (Helm's --pass-credentials) + type: boolean + releaseName: + description: ReleaseName is the Helm release name + to use. If omitted it will use the application name + type: string + skipCrds: + description: SkipCrds skips custom resource definition + installation step (Helm's --skip-crds) + type: boolean + valueFiles: + description: ValuesFiles is a list of Helm value files + to use when generating a template + items: + type: string + type: array + values: + description: Values specifies Helm values to be passed + to helm template, typically defined as a block. + ValuesObject takes precedence over Values, so use + one or the other. + type: string + valuesObject: + description: ValuesObject specifies Helm values to + be passed to helm template, defined as a map. This + takes precedence over Values. + type: object + x-kubernetes-preserve-unknown-fields: true + version: + description: Version is the Helm version to use for + templating ("3") + type: string + type: object + kustomize: + description: Kustomize holds kustomize specific options + properties: + commonAnnotations: + additionalProperties: + type: string + description: CommonAnnotations is a list of additional + annotations to add to rendered manifests + type: object + commonAnnotationsEnvsubst: + description: CommonAnnotationsEnvsubst specifies whether + to apply env variables substitution for annotation + values + type: boolean + commonLabels: + additionalProperties: + type: string + description: CommonLabels is a list of additional + labels to add to rendered manifests + type: object + forceCommonAnnotations: + description: ForceCommonAnnotations specifies whether + to force applying common annotations to resources + for Kustomize apps + type: boolean + forceCommonLabels: + description: ForceCommonLabels specifies whether to + force applying common labels to resources for Kustomize + apps + type: boolean + images: + description: Images is a list of Kustomize image override + specifications + items: + description: KustomizeImage represents a Kustomize + image definition in the format [old_image_name=]: + type: string + type: array + namePrefix: + description: NamePrefix is a prefix appended to resources + for Kustomize apps + type: string + nameSuffix: + description: NameSuffix is a suffix appended to resources + for Kustomize apps + type: string + namespace: + description: Namespace sets the namespace that Kustomize + adds to all resources + type: string + replicas: + description: Replicas is a list of Kustomize Replicas + override specifications + items: + properties: + count: + anyOf: + - type: integer + - type: string + description: Number of replicas + x-kubernetes-int-or-string: true + name: + description: Name of Deployment or StatefulSet + type: string + required: + - count + - name + type: object + type: array + version: + description: Version controls which version of Kustomize + to use for rendering manifests + type: string + type: object + path: + description: Path is a directory path within the Git repository, + and is only valid for applications sourced from Git. + type: string + plugin: + description: Plugin holds config management plugin specific + options + properties: + env: + description: Env is a list of environment variable + entries + items: + description: EnvEntry represents an entry in the + application's environment + properties: + name: + description: Name is the name of the variable, + usually expressed in uppercase + type: string + value: + description: Value is the value of the variable + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + description: Array is the value of an array + type parameter. + items: + type: string + type: array + map: + additionalProperties: + type: string + description: Map is the value of a map type + parameter. + type: object + name: + description: Name is the name identifying a + parameter. + type: string + string: + description: String_ is the value of a string + type parameter. + type: string + type: object + type: array + type: object + ref: + description: Ref is reference to another source within + sources field. This field will not be used if used with + a `source` tag. + type: string + repoURL: + description: RepoURL is the URL to the repository (Git + or Helm) that contains the application manifests + type: string + targetRevision: + description: TargetRevision defines the revision of the + source to sync the application to. In case of Git, this + can be commit, tag, or branch. If omitted, will equal + to HEAD. In case of Helm, this is a semver tag for the + Chart's version. + type: string + required: + - repoURL + type: object + type: array + required: + - deployedAt + - id + type: object + type: array + observedAt: + description: 'ObservedAt indicates when the application state was + updated without querying latest git state Deprecated: controller + no longer updates ObservedAt field' + format: date-time + type: string + operationState: + description: OperationState contains information about any ongoing + operations, such as a sync + properties: + finishedAt: + description: FinishedAt contains time of operation completion + format: date-time + type: string + message: + description: Message holds any pertinent messages when attempting + to perform operation (typically errors). + type: string + operation: + description: Operation is the original requested operation + properties: + info: + description: Info is a list of informational items for this + operation + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + initiatedBy: + description: InitiatedBy contains information about who initiated + the operations + properties: + automated: + description: Automated is set to true if operation was + initiated automatically by the application controller. + type: boolean + username: + description: Username contains the name of a user who + started operation + type: string + type: object + retry: + description: Retry controls the strategy to apply if a sync + fails + properties: + backoff: + description: Backoff controls how to backoff on subsequent + retries of failed syncs + properties: + duration: + description: Duration is the amount to back off. Default + unit is seconds, but could also be a duration (e.g. + "2m", "1h") + type: string + factor: + description: Factor is a factor to multiply the base + duration after each failed retry + format: int64 + type: integer + maxDuration: + description: MaxDuration is the maximum amount of + time allowed for the backoff strategy + type: string + type: object + limit: + description: Limit is the maximum number of attempts for + retrying a failed sync. If set to 0, no retries will + be performed. + format: int64 + type: integer + type: object + sync: + description: Sync contains parameters for the operation + properties: + dryRun: + description: DryRun specifies to perform a `kubectl apply + --dry-run` without actually performing the sync + type: boolean + manifests: + description: Manifests is an optional field that overrides + sync source with a local directory for development + items: + type: string + type: array + prune: + description: Prune specifies to delete resources from + the cluster that are no longer tracked in git + type: boolean + resources: + description: Resources describes which resources shall + be part of the sync + items: + description: SyncOperationResource contains resources + to sync. + properties: + group: + type: string + kind: + type: string + name: + type: string + namespace: + type: string + required: + - kind + - name + type: object + type: array + revision: + description: Revision is the revision (Git) or chart version + (Helm) which to sync the application to If omitted, + will use the revision specified in app spec. + type: string + revisions: + description: Revisions is the list of revision (Git) or + chart version (Helm) which to sync each source in sources + field for the application to If omitted, will use the + revision specified in app spec. + items: + type: string + type: array + source: + description: Source overrides the source definition set + in the application. This is typically set in a Rollback + operation and is nil during a Sync operation + properties: + chart: + description: Chart is a Helm chart name, and must + be specified for applications sourced from a Helm + repo. + type: string + directory: + description: Directory holds path/directory specific + options + properties: + exclude: + description: Exclude contains a glob pattern to + match paths against that should be explicitly + excluded from being used during manifest generation + type: string + include: + description: Include contains a glob pattern to + match paths against that should be explicitly + included during manifest generation + type: string + jsonnet: + description: Jsonnet holds options specific to + Jsonnet + properties: + extVars: + description: ExtVars is a list of Jsonnet + External Variables + items: + description: JsonnetVar represents a variable + to be passed to jsonnet during manifest + generation + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + description: Additional library search dirs + items: + type: string + type: array + tlas: + description: TLAS is a list of Jsonnet Top-level + Arguments + items: + description: JsonnetVar represents a variable + to be passed to jsonnet during manifest + generation + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + description: Recurse specifies whether to scan + a directory recursively for manifests + type: boolean + type: object + helm: + description: Helm holds helm specific options + properties: + fileParameters: + description: FileParameters are file parameters + to the helm template + items: + description: HelmFileParameter is a file parameter + that's passed to helm template during manifest + generation + properties: + name: + description: Name is the name of the Helm + parameter + type: string + path: + description: Path is the path to the file + containing the values for the Helm parameter + type: string + type: object + type: array + ignoreMissingValueFiles: + description: IgnoreMissingValueFiles prevents + helm template from failing when valueFiles do + not exist locally by not appending them to helm + template --values + type: boolean + parameters: + description: Parameters is a list of Helm parameters + which are passed to the helm template command + upon manifest generation + items: + description: HelmParameter is a parameter that's + passed to helm template during manifest generation + properties: + forceString: + description: ForceString determines whether + to tell Helm to interpret booleans and + numbers as strings + type: boolean + name: + description: Name is the name of the Helm + parameter + type: string + value: + description: Value is the value for the + Helm parameter + type: string + type: object + type: array + passCredentials: + description: PassCredentials pass credentials + to all domains (Helm's --pass-credentials) + type: boolean + releaseName: + description: ReleaseName is the Helm release name + to use. If omitted it will use the application + name + type: string + skipCrds: + description: SkipCrds skips custom resource definition + installation step (Helm's --skip-crds) + type: boolean + valueFiles: + description: ValuesFiles is a list of Helm value + files to use when generating a template + items: + type: string + type: array + values: + description: Values specifies Helm values to be + passed to helm template, typically defined as + a block. ValuesObject takes precedence over + Values, so use one or the other. + type: string + valuesObject: + description: ValuesObject specifies Helm values + to be passed to helm template, defined as a + map. This takes precedence over Values. + type: object + x-kubernetes-preserve-unknown-fields: true + version: + description: Version is the Helm version to use + for templating ("3") + type: string + type: object + kustomize: + description: Kustomize holds kustomize specific options + properties: + commonAnnotations: + additionalProperties: + type: string + description: CommonAnnotations is a list of additional + annotations to add to rendered manifests + type: object + commonAnnotationsEnvsubst: + description: CommonAnnotationsEnvsubst specifies + whether to apply env variables substitution + for annotation values + type: boolean + commonLabels: + additionalProperties: + type: string + description: CommonLabels is a list of additional + labels to add to rendered manifests + type: object + forceCommonAnnotations: + description: ForceCommonAnnotations specifies + whether to force applying common annotations + to resources for Kustomize apps + type: boolean + forceCommonLabels: + description: ForceCommonLabels specifies whether + to force applying common labels to resources + for Kustomize apps + type: boolean + images: + description: Images is a list of Kustomize image + override specifications + items: + description: KustomizeImage represents a Kustomize + image definition in the format [old_image_name=]: + type: string + type: array + namePrefix: + description: NamePrefix is a prefix appended to + resources for Kustomize apps + type: string + nameSuffix: + description: NameSuffix is a suffix appended to + resources for Kustomize apps + type: string + namespace: + description: Namespace sets the namespace that + Kustomize adds to all resources + type: string + replicas: + description: Replicas is a list of Kustomize Replicas + override specifications + items: + properties: + count: + anyOf: + - type: integer + - type: string + description: Number of replicas + x-kubernetes-int-or-string: true + name: + description: Name of Deployment or StatefulSet + type: string + required: + - count + - name + type: object + type: array + version: + description: Version controls which version of + Kustomize to use for rendering manifests + type: string + type: object + path: + description: Path is a directory path within the Git + repository, and is only valid for applications sourced + from Git. + type: string + plugin: + description: Plugin holds config management plugin + specific options + properties: + env: + description: Env is a list of environment variable + entries + items: + description: EnvEntry represents an entry in + the application's environment + properties: + name: + description: Name is the name of the variable, + usually expressed in uppercase + type: string + value: + description: Value is the value of the variable + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + description: Array is the value of an array + type parameter. + items: + type: string + type: array + map: + additionalProperties: + type: string + description: Map is the value of a map type + parameter. + type: object + name: + description: Name is the name identifying + a parameter. + type: string + string: + description: String_ is the value of a string + type parameter. + type: string + type: object + type: array + type: object + ref: + description: Ref is reference to another source within + sources field. This field will not be used if used + with a `source` tag. + type: string + repoURL: + description: RepoURL is the URL to the repository + (Git or Helm) that contains the application manifests + type: string + targetRevision: + description: TargetRevision defines the revision of + the source to sync the application to. In case of + Git, this can be commit, tag, or branch. If omitted, + will equal to HEAD. In case of Helm, this is a semver + tag for the Chart's version. + type: string + required: + - repoURL + type: object + sources: + description: Sources overrides the source definition set + in the application. This is typically set in a Rollback + operation and is nil during a Sync operation + items: + description: ApplicationSource contains all required + information about the source of an application + properties: + chart: + description: Chart is a Helm chart name, and must + be specified for applications sourced from a Helm + repo. + type: string + directory: + description: Directory holds path/directory specific + options + properties: + exclude: + description: Exclude contains a glob pattern + to match paths against that should be explicitly + excluded from being used during manifest generation + type: string + include: + description: Include contains a glob pattern + to match paths against that should be explicitly + included during manifest generation + type: string + jsonnet: + description: Jsonnet holds options specific + to Jsonnet + properties: + extVars: + description: ExtVars is a list of Jsonnet + External Variables + items: + description: JsonnetVar represents a variable + to be passed to jsonnet during manifest + generation + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + description: Additional library search dirs + items: + type: string + type: array + tlas: + description: TLAS is a list of Jsonnet Top-level + Arguments + items: + description: JsonnetVar represents a variable + to be passed to jsonnet during manifest + generation + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + description: Recurse specifies whether to scan + a directory recursively for manifests + type: boolean + type: object + helm: + description: Helm holds helm specific options + properties: + fileParameters: + description: FileParameters are file parameters + to the helm template + items: + description: HelmFileParameter is a file parameter + that's passed to helm template during manifest + generation + properties: + name: + description: Name is the name of the Helm + parameter + type: string + path: + description: Path is the path to the file + containing the values for the Helm parameter + type: string + type: object + type: array + ignoreMissingValueFiles: + description: IgnoreMissingValueFiles prevents + helm template from failing when valueFiles + do not exist locally by not appending them + to helm template --values + type: boolean + parameters: + description: Parameters is a list of Helm parameters + which are passed to the helm template command + upon manifest generation + items: + description: HelmParameter is a parameter + that's passed to helm template during manifest + generation + properties: + forceString: + description: ForceString determines whether + to tell Helm to interpret booleans and + numbers as strings + type: boolean + name: + description: Name is the name of the Helm + parameter + type: string + value: + description: Value is the value for the + Helm parameter + type: string + type: object + type: array + passCredentials: + description: PassCredentials pass credentials + to all domains (Helm's --pass-credentials) + type: boolean + releaseName: + description: ReleaseName is the Helm release + name to use. If omitted it will use the application + name + type: string + skipCrds: + description: SkipCrds skips custom resource + definition installation step (Helm's --skip-crds) + type: boolean + valueFiles: + description: ValuesFiles is a list of Helm value + files to use when generating a template + items: + type: string + type: array + values: + description: Values specifies Helm values to + be passed to helm template, typically defined + as a block. ValuesObject takes precedence + over Values, so use one or the other. + type: string + valuesObject: + description: ValuesObject specifies Helm values + to be passed to helm template, defined as + a map. This takes precedence over Values. + type: object + x-kubernetes-preserve-unknown-fields: true + version: + description: Version is the Helm version to + use for templating ("3") + type: string + type: object + kustomize: + description: Kustomize holds kustomize specific + options + properties: + commonAnnotations: + additionalProperties: + type: string + description: CommonAnnotations is a list of + additional annotations to add to rendered + manifests + type: object + commonAnnotationsEnvsubst: + description: CommonAnnotationsEnvsubst specifies + whether to apply env variables substitution + for annotation values + type: boolean + commonLabels: + additionalProperties: + type: string + description: CommonLabels is a list of additional + labels to add to rendered manifests + type: object + forceCommonAnnotations: + description: ForceCommonAnnotations specifies + whether to force applying common annotations + to resources for Kustomize apps + type: boolean + forceCommonLabels: + description: ForceCommonLabels specifies whether + to force applying common labels to resources + for Kustomize apps + type: boolean + images: + description: Images is a list of Kustomize image + override specifications + items: + description: KustomizeImage represents a Kustomize + image definition in the format [old_image_name=]: + type: string + type: array + namePrefix: + description: NamePrefix is a prefix appended + to resources for Kustomize apps + type: string + nameSuffix: + description: NameSuffix is a suffix appended + to resources for Kustomize apps + type: string + namespace: + description: Namespace sets the namespace that + Kustomize adds to all resources + type: string + replicas: + description: Replicas is a list of Kustomize + Replicas override specifications + items: + properties: + count: + anyOf: + - type: integer + - type: string + description: Number of replicas + x-kubernetes-int-or-string: true + name: + description: Name of Deployment or StatefulSet + type: string + required: + - count + - name + type: object + type: array + version: + description: Version controls which version + of Kustomize to use for rendering manifests + type: string + type: object + path: + description: Path is a directory path within the + Git repository, and is only valid for applications + sourced from Git. + type: string + plugin: + description: Plugin holds config management plugin + specific options + properties: + env: + description: Env is a list of environment variable + entries + items: + description: EnvEntry represents an entry + in the application's environment + properties: + name: + description: Name is the name of the variable, + usually expressed in uppercase + type: string + value: + description: Value is the value of the + variable + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + description: Array is the value of an + array type parameter. + items: + type: string + type: array + map: + additionalProperties: + type: string + description: Map is the value of a map + type parameter. + type: object + name: + description: Name is the name identifying + a parameter. + type: string + string: + description: String_ is the value of a + string type parameter. + type: string + type: object + type: array + type: object + ref: + description: Ref is reference to another source + within sources field. This field will not be used + if used with a `source` tag. + type: string + repoURL: + description: RepoURL is the URL to the repository + (Git or Helm) that contains the application manifests + type: string + targetRevision: + description: TargetRevision defines the revision + of the source to sync the application to. In case + of Git, this can be commit, tag, or branch. If + omitted, will equal to HEAD. In case of Helm, + this is a semver tag for the Chart's version. + type: string + required: + - repoURL + type: object + type: array + syncOptions: + description: SyncOptions provide per-sync sync-options, + e.g. Validate=false + items: + type: string + type: array + syncStrategy: + description: SyncStrategy describes how to perform the + sync + properties: + apply: + description: Apply will perform a `kubectl apply` + to perform the sync. + properties: + force: + description: Force indicates whether or not to + supply the --force flag to `kubectl apply`. + The --force flag deletes and re-create the resource, + when PATCH encounters conflict and has retried + for 5 times. + type: boolean + type: object + hook: + description: Hook will submit any referenced resources + to perform the sync. This is the default strategy + properties: + force: + description: Force indicates whether or not to + supply the --force flag to `kubectl apply`. + The --force flag deletes and re-create the resource, + when PATCH encounters conflict and has retried + for 5 times. + type: boolean + type: object + type: object + type: object + type: object + phase: + description: Phase is the current phase of the operation + type: string + retryCount: + description: RetryCount contains time of operation retries + format: int64 + type: integer + startedAt: + description: StartedAt contains time of operation start + format: date-time + type: string + syncResult: + description: SyncResult is the result of a Sync operation + properties: + managedNamespaceMetadata: + description: ManagedNamespaceMetadata contains the current + sync state of managed namespace metadata + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object + resources: + description: Resources contains a list of sync result items + for each individual resource in a sync operation + items: + description: ResourceResult holds the operation result details + of a specific resource + properties: + group: + description: Group specifies the API group of the resource + type: string + hookPhase: + description: HookPhase contains the state of any operation + associated with this resource OR hook This can also + contain values for non-hook resources. + type: string + hookType: + description: HookType specifies the type of the hook. + Empty for non-hook resources + type: string + kind: + description: Kind specifies the API kind of the resource + type: string + message: + description: Message contains an informational or error + message for the last sync OR operation + type: string + name: + description: Name specifies the name of the resource + type: string + namespace: + description: Namespace specifies the target namespace + of the resource + type: string + status: + description: Status holds the final result of the sync. + Will be empty if the resources is yet to be applied/pruned + and is always zero-value for hooks + type: string + syncPhase: + description: SyncPhase indicates the particular phase + of the sync that this result was acquired in + type: string + version: + description: Version specifies the API version of the + resource + type: string + required: + - group + - kind + - name + - namespace + - version + type: object + type: array + revision: + description: Revision holds the revision this sync operation + was performed to + type: string + revisions: + description: Revisions holds the revision this sync operation + was performed for respective indexed source in sources field + items: + type: string + type: array + source: + description: Source records the application source information + of the sync, used for comparing auto-sync + properties: + chart: + description: Chart is a Helm chart name, and must be specified + for applications sourced from a Helm repo. + type: string + directory: + description: Directory holds path/directory specific options + properties: + exclude: + description: Exclude contains a glob pattern to match + paths against that should be explicitly excluded + from being used during manifest generation + type: string + include: + description: Include contains a glob pattern to match + paths against that should be explicitly included + during manifest generation + type: string + jsonnet: + description: Jsonnet holds options specific to Jsonnet + properties: + extVars: + description: ExtVars is a list of Jsonnet External + Variables + items: + description: JsonnetVar represents a variable + to be passed to jsonnet during manifest generation + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + description: Additional library search dirs + items: + type: string + type: array + tlas: + description: TLAS is a list of Jsonnet Top-level + Arguments + items: + description: JsonnetVar represents a variable + to be passed to jsonnet during manifest generation + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + description: Recurse specifies whether to scan a directory + recursively for manifests + type: boolean + type: object + helm: + description: Helm holds helm specific options + properties: + fileParameters: + description: FileParameters are file parameters to + the helm template + items: + description: HelmFileParameter is a file parameter + that's passed to helm template during manifest + generation + properties: + name: + description: Name is the name of the Helm parameter + type: string + path: + description: Path is the path to the file containing + the values for the Helm parameter + type: string + type: object + type: array + ignoreMissingValueFiles: + description: IgnoreMissingValueFiles prevents helm + template from failing when valueFiles do not exist + locally by not appending them to helm template --values + type: boolean + parameters: + description: Parameters is a list of Helm parameters + which are passed to the helm template command upon + manifest generation + items: + description: HelmParameter is a parameter that's + passed to helm template during manifest generation + properties: + forceString: + description: ForceString determines whether + to tell Helm to interpret booleans and numbers + as strings + type: boolean + name: + description: Name is the name of the Helm parameter + type: string + value: + description: Value is the value for the Helm + parameter + type: string + type: object + type: array + passCredentials: + description: PassCredentials pass credentials to all + domains (Helm's --pass-credentials) + type: boolean + releaseName: + description: ReleaseName is the Helm release name + to use. If omitted it will use the application name + type: string + skipCrds: + description: SkipCrds skips custom resource definition + installation step (Helm's --skip-crds) + type: boolean + valueFiles: + description: ValuesFiles is a list of Helm value files + to use when generating a template + items: + type: string + type: array + values: + description: Values specifies Helm values to be passed + to helm template, typically defined as a block. + ValuesObject takes precedence over Values, so use + one or the other. + type: string + valuesObject: + description: ValuesObject specifies Helm values to + be passed to helm template, defined as a map. This + takes precedence over Values. + type: object + x-kubernetes-preserve-unknown-fields: true + version: + description: Version is the Helm version to use for + templating ("3") + type: string + type: object + kustomize: + description: Kustomize holds kustomize specific options + properties: + commonAnnotations: + additionalProperties: + type: string + description: CommonAnnotations is a list of additional + annotations to add to rendered manifests + type: object + commonAnnotationsEnvsubst: + description: CommonAnnotationsEnvsubst specifies whether + to apply env variables substitution for annotation + values + type: boolean + commonLabels: + additionalProperties: + type: string + description: CommonLabels is a list of additional + labels to add to rendered manifests + type: object + forceCommonAnnotations: + description: ForceCommonAnnotations specifies whether + to force applying common annotations to resources + for Kustomize apps + type: boolean + forceCommonLabels: + description: ForceCommonLabels specifies whether to + force applying common labels to resources for Kustomize + apps + type: boolean + images: + description: Images is a list of Kustomize image override + specifications + items: + description: KustomizeImage represents a Kustomize + image definition in the format [old_image_name=]: + type: string + type: array + namePrefix: + description: NamePrefix is a prefix appended to resources + for Kustomize apps + type: string + nameSuffix: + description: NameSuffix is a suffix appended to resources + for Kustomize apps + type: string + namespace: + description: Namespace sets the namespace that Kustomize + adds to all resources + type: string + replicas: + description: Replicas is a list of Kustomize Replicas + override specifications + items: + properties: + count: + anyOf: + - type: integer + - type: string + description: Number of replicas + x-kubernetes-int-or-string: true + name: + description: Name of Deployment or StatefulSet + type: string + required: + - count + - name + type: object + type: array + version: + description: Version controls which version of Kustomize + to use for rendering manifests + type: string + type: object + path: + description: Path is a directory path within the Git repository, + and is only valid for applications sourced from Git. + type: string + plugin: + description: Plugin holds config management plugin specific + options + properties: + env: + description: Env is a list of environment variable + entries + items: + description: EnvEntry represents an entry in the + application's environment + properties: + name: + description: Name is the name of the variable, + usually expressed in uppercase + type: string + value: + description: Value is the value of the variable + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + description: Array is the value of an array + type parameter. + items: + type: string + type: array + map: + additionalProperties: + type: string + description: Map is the value of a map type + parameter. + type: object + name: + description: Name is the name identifying a + parameter. + type: string + string: + description: String_ is the value of a string + type parameter. + type: string + type: object + type: array + type: object + ref: + description: Ref is reference to another source within + sources field. This field will not be used if used with + a `source` tag. + type: string + repoURL: + description: RepoURL is the URL to the repository (Git + or Helm) that contains the application manifests + type: string + targetRevision: + description: TargetRevision defines the revision of the + source to sync the application to. In case of Git, this + can be commit, tag, or branch. If omitted, will equal + to HEAD. In case of Helm, this is a semver tag for the + Chart's version. + type: string + required: + - repoURL + type: object + sources: + description: Source records the application source information + of the sync, used for comparing auto-sync + items: + description: ApplicationSource contains all required information + about the source of an application + properties: + chart: + description: Chart is a Helm chart name, and must be + specified for applications sourced from a Helm repo. + type: string + directory: + description: Directory holds path/directory specific + options + properties: + exclude: + description: Exclude contains a glob pattern to + match paths against that should be explicitly + excluded from being used during manifest generation + type: string + include: + description: Include contains a glob pattern to + match paths against that should be explicitly + included during manifest generation + type: string + jsonnet: + description: Jsonnet holds options specific to Jsonnet + properties: + extVars: + description: ExtVars is a list of Jsonnet External + Variables + items: + description: JsonnetVar represents a variable + to be passed to jsonnet during manifest + generation + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + description: Additional library search dirs + items: + type: string + type: array + tlas: + description: TLAS is a list of Jsonnet Top-level + Arguments + items: + description: JsonnetVar represents a variable + to be passed to jsonnet during manifest + generation + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + description: Recurse specifies whether to scan a + directory recursively for manifests + type: boolean + type: object + helm: + description: Helm holds helm specific options + properties: + fileParameters: + description: FileParameters are file parameters + to the helm template + items: + description: HelmFileParameter is a file parameter + that's passed to helm template during manifest + generation + properties: + name: + description: Name is the name of the Helm + parameter + type: string + path: + description: Path is the path to the file + containing the values for the Helm parameter + type: string + type: object + type: array + ignoreMissingValueFiles: + description: IgnoreMissingValueFiles prevents helm + template from failing when valueFiles do not exist + locally by not appending them to helm template + --values + type: boolean + parameters: + description: Parameters is a list of Helm parameters + which are passed to the helm template command + upon manifest generation + items: + description: HelmParameter is a parameter that's + passed to helm template during manifest generation + properties: + forceString: + description: ForceString determines whether + to tell Helm to interpret booleans and numbers + as strings + type: boolean + name: + description: Name is the name of the Helm + parameter + type: string + value: + description: Value is the value for the Helm + parameter + type: string + type: object + type: array + passCredentials: + description: PassCredentials pass credentials to + all domains (Helm's --pass-credentials) + type: boolean + releaseName: + description: ReleaseName is the Helm release name + to use. If omitted it will use the application + name + type: string + skipCrds: + description: SkipCrds skips custom resource definition + installation step (Helm's --skip-crds) + type: boolean + valueFiles: + description: ValuesFiles is a list of Helm value + files to use when generating a template + items: + type: string + type: array + values: + description: Values specifies Helm values to be + passed to helm template, typically defined as + a block. ValuesObject takes precedence over Values, + so use one or the other. + type: string + valuesObject: + description: ValuesObject specifies Helm values + to be passed to helm template, defined as a map. + This takes precedence over Values. + type: object + x-kubernetes-preserve-unknown-fields: true + version: + description: Version is the Helm version to use + for templating ("3") + type: string + type: object + kustomize: + description: Kustomize holds kustomize specific options + properties: + commonAnnotations: + additionalProperties: + type: string + description: CommonAnnotations is a list of additional + annotations to add to rendered manifests + type: object + commonAnnotationsEnvsubst: + description: CommonAnnotationsEnvsubst specifies + whether to apply env variables substitution for + annotation values + type: boolean + commonLabels: + additionalProperties: + type: string + description: CommonLabels is a list of additional + labels to add to rendered manifests + type: object + forceCommonAnnotations: + description: ForceCommonAnnotations specifies whether + to force applying common annotations to resources + for Kustomize apps + type: boolean + forceCommonLabels: + description: ForceCommonLabels specifies whether + to force applying common labels to resources for + Kustomize apps + type: boolean + images: + description: Images is a list of Kustomize image + override specifications + items: + description: KustomizeImage represents a Kustomize + image definition in the format [old_image_name=]: + type: string + type: array + namePrefix: + description: NamePrefix is a prefix appended to + resources for Kustomize apps + type: string + nameSuffix: + description: NameSuffix is a suffix appended to + resources for Kustomize apps + type: string + namespace: + description: Namespace sets the namespace that Kustomize + adds to all resources + type: string + replicas: + description: Replicas is a list of Kustomize Replicas + override specifications + items: + properties: + count: + anyOf: + - type: integer + - type: string + description: Number of replicas + x-kubernetes-int-or-string: true + name: + description: Name of Deployment or StatefulSet + type: string + required: + - count + - name + type: object + type: array + version: + description: Version controls which version of Kustomize + to use for rendering manifests + type: string + type: object + path: + description: Path is a directory path within the Git + repository, and is only valid for applications sourced + from Git. + type: string + plugin: + description: Plugin holds config management plugin specific + options + properties: + env: + description: Env is a list of environment variable + entries + items: + description: EnvEntry represents an entry in the + application's environment + properties: + name: + description: Name is the name of the variable, + usually expressed in uppercase + type: string + value: + description: Value is the value of the variable + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + description: Array is the value of an array + type parameter. + items: + type: string + type: array + map: + additionalProperties: + type: string + description: Map is the value of a map type + parameter. + type: object + name: + description: Name is the name identifying + a parameter. + type: string + string: + description: String_ is the value of a string + type parameter. + type: string + type: object + type: array + type: object + ref: + description: Ref is reference to another source within + sources field. This field will not be used if used + with a `source` tag. + type: string + repoURL: + description: RepoURL is the URL to the repository (Git + or Helm) that contains the application manifests + type: string + targetRevision: + description: TargetRevision defines the revision of + the source to sync the application to. In case of + Git, this can be commit, tag, or branch. If omitted, + will equal to HEAD. In case of Helm, this is a semver + tag for the Chart's version. + type: string + required: + - repoURL + type: object + type: array + required: + - revision + type: object + required: + - operation + - phase + - startedAt + type: object + reconciledAt: + description: ReconciledAt indicates when the application state was + reconciled using the latest git version + format: date-time + type: string + resourceHealthSource: + description: 'ResourceHealthSource indicates where the resource health + status is stored: inline if not set or appTree' + type: string + resources: + description: Resources is a list of Kubernetes resources managed by + this application + items: + description: 'ResourceStatus holds the current sync and health status + of a resource TODO: describe members of this type' + properties: + group: + type: string + health: + description: HealthStatus contains information about the currently + observed health state of an application or resource + properties: + message: + description: Message is a human-readable informational message + describing the health status + type: string + status: + description: Status holds the status code of the application + or resource + type: string + type: object + hook: + type: boolean + kind: + type: string + name: + type: string + namespace: + type: string + requiresPruning: + type: boolean + status: + description: SyncStatusCode is a type which represents possible + comparison results + type: string + syncWave: + format: int64 + type: integer + version: + type: string + type: object + type: array + sourceType: + description: SourceType specifies the type of this application + type: string + sourceTypes: + description: SourceTypes specifies the type of the sources included + in the application + items: + description: ApplicationSourceType specifies the type of the application's + source + type: string + type: array + summary: + description: Summary contains a list of URLs and container images + used by this application + properties: + externalURLs: + description: ExternalURLs holds all external URLs of application + child resources. + items: + type: string + type: array + images: + description: Images holds all images of application child resources. + items: + type: string + type: array + type: object + sync: + description: Sync contains information about the application's current + sync status + properties: + comparedTo: + description: ComparedTo contains information about what has been + compared + properties: + destination: + description: Destination is a reference to the application's + destination used for comparison + properties: + name: + description: Name is an alternate way of specifying the + target cluster by its symbolic name + type: string + namespace: + description: Namespace specifies the target namespace + for the application's resources. The namespace will + only be set for namespace-scoped resources that have + not set a value for .metadata.namespace + type: string + server: + description: Server specifies the URL of the target cluster + and must be set to the Kubernetes control plane API + type: string + type: object + ignoreDifferences: + description: IgnoreDifferences is a reference to the application's + ignored differences used for comparison + items: + description: ResourceIgnoreDifferences contains resource + filter and list of json paths which should be ignored + during comparison with live state. + properties: + group: + type: string + jqPathExpressions: + items: + type: string + type: array + jsonPointers: + items: + type: string + type: array + kind: + type: string + managedFieldsManagers: + description: ManagedFieldsManagers is a list of trusted + managers. Fields mutated by those managers will take + precedence over the desired state defined in the SCM + and won't be displayed in diffs + items: + type: string + type: array + name: + type: string + namespace: + type: string + required: + - kind + type: object + type: array + source: + description: Source is a reference to the application's source + used for comparison + properties: + chart: + description: Chart is a Helm chart name, and must be specified + for applications sourced from a Helm repo. + type: string + directory: + description: Directory holds path/directory specific options + properties: + exclude: + description: Exclude contains a glob pattern to match + paths against that should be explicitly excluded + from being used during manifest generation + type: string + include: + description: Include contains a glob pattern to match + paths against that should be explicitly included + during manifest generation + type: string + jsonnet: + description: Jsonnet holds options specific to Jsonnet + properties: + extVars: + description: ExtVars is a list of Jsonnet External + Variables + items: + description: JsonnetVar represents a variable + to be passed to jsonnet during manifest generation + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + description: Additional library search dirs + items: + type: string + type: array + tlas: + description: TLAS is a list of Jsonnet Top-level + Arguments + items: + description: JsonnetVar represents a variable + to be passed to jsonnet during manifest generation + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + description: Recurse specifies whether to scan a directory + recursively for manifests + type: boolean + type: object + helm: + description: Helm holds helm specific options + properties: + fileParameters: + description: FileParameters are file parameters to + the helm template + items: + description: HelmFileParameter is a file parameter + that's passed to helm template during manifest + generation + properties: + name: + description: Name is the name of the Helm parameter + type: string + path: + description: Path is the path to the file containing + the values for the Helm parameter + type: string + type: object + type: array + ignoreMissingValueFiles: + description: IgnoreMissingValueFiles prevents helm + template from failing when valueFiles do not exist + locally by not appending them to helm template --values + type: boolean + parameters: + description: Parameters is a list of Helm parameters + which are passed to the helm template command upon + manifest generation + items: + description: HelmParameter is a parameter that's + passed to helm template during manifest generation + properties: + forceString: + description: ForceString determines whether + to tell Helm to interpret booleans and numbers + as strings + type: boolean + name: + description: Name is the name of the Helm parameter + type: string + value: + description: Value is the value for the Helm + parameter + type: string + type: object + type: array + passCredentials: + description: PassCredentials pass credentials to all + domains (Helm's --pass-credentials) + type: boolean + releaseName: + description: ReleaseName is the Helm release name + to use. If omitted it will use the application name + type: string + skipCrds: + description: SkipCrds skips custom resource definition + installation step (Helm's --skip-crds) + type: boolean + valueFiles: + description: ValuesFiles is a list of Helm value files + to use when generating a template + items: + type: string + type: array + values: + description: Values specifies Helm values to be passed + to helm template, typically defined as a block. + ValuesObject takes precedence over Values, so use + one or the other. + type: string + valuesObject: + description: ValuesObject specifies Helm values to + be passed to helm template, defined as a map. This + takes precedence over Values. + type: object + x-kubernetes-preserve-unknown-fields: true + version: + description: Version is the Helm version to use for + templating ("3") + type: string + type: object + kustomize: + description: Kustomize holds kustomize specific options + properties: + commonAnnotations: + additionalProperties: + type: string + description: CommonAnnotations is a list of additional + annotations to add to rendered manifests + type: object + commonAnnotationsEnvsubst: + description: CommonAnnotationsEnvsubst specifies whether + to apply env variables substitution for annotation + values + type: boolean + commonLabels: + additionalProperties: + type: string + description: CommonLabels is a list of additional + labels to add to rendered manifests + type: object + forceCommonAnnotations: + description: ForceCommonAnnotations specifies whether + to force applying common annotations to resources + for Kustomize apps + type: boolean + forceCommonLabels: + description: ForceCommonLabels specifies whether to + force applying common labels to resources for Kustomize + apps + type: boolean + images: + description: Images is a list of Kustomize image override + specifications + items: + description: KustomizeImage represents a Kustomize + image definition in the format [old_image_name=]: + type: string + type: array + namePrefix: + description: NamePrefix is a prefix appended to resources + for Kustomize apps + type: string + nameSuffix: + description: NameSuffix is a suffix appended to resources + for Kustomize apps + type: string + namespace: + description: Namespace sets the namespace that Kustomize + adds to all resources + type: string + replicas: + description: Replicas is a list of Kustomize Replicas + override specifications + items: + properties: + count: + anyOf: + - type: integer + - type: string + description: Number of replicas + x-kubernetes-int-or-string: true + name: + description: Name of Deployment or StatefulSet + type: string + required: + - count + - name + type: object + type: array + version: + description: Version controls which version of Kustomize + to use for rendering manifests + type: string + type: object + path: + description: Path is a directory path within the Git repository, + and is only valid for applications sourced from Git. + type: string + plugin: + description: Plugin holds config management plugin specific + options + properties: + env: + description: Env is a list of environment variable + entries + items: + description: EnvEntry represents an entry in the + application's environment + properties: + name: + description: Name is the name of the variable, + usually expressed in uppercase + type: string + value: + description: Value is the value of the variable + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + description: Array is the value of an array + type parameter. + items: + type: string + type: array + map: + additionalProperties: + type: string + description: Map is the value of a map type + parameter. + type: object + name: + description: Name is the name identifying a + parameter. + type: string + string: + description: String_ is the value of a string + type parameter. + type: string + type: object + type: array + type: object + ref: + description: Ref is reference to another source within + sources field. This field will not be used if used with + a `source` tag. + type: string + repoURL: + description: RepoURL is the URL to the repository (Git + or Helm) that contains the application manifests + type: string + targetRevision: + description: TargetRevision defines the revision of the + source to sync the application to. In case of Git, this + can be commit, tag, or branch. If omitted, will equal + to HEAD. In case of Helm, this is a semver tag for the + Chart's version. + type: string + required: + - repoURL + type: object + sources: + description: Sources is a reference to the application's multiple + sources used for comparison + items: + description: ApplicationSource contains all required information + about the source of an application + properties: + chart: + description: Chart is a Helm chart name, and must be + specified for applications sourced from a Helm repo. + type: string + directory: + description: Directory holds path/directory specific + options + properties: + exclude: + description: Exclude contains a glob pattern to + match paths against that should be explicitly + excluded from being used during manifest generation + type: string + include: + description: Include contains a glob pattern to + match paths against that should be explicitly + included during manifest generation + type: string + jsonnet: + description: Jsonnet holds options specific to Jsonnet + properties: + extVars: + description: ExtVars is a list of Jsonnet External + Variables + items: + description: JsonnetVar represents a variable + to be passed to jsonnet during manifest + generation + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + description: Additional library search dirs + items: + type: string + type: array + tlas: + description: TLAS is a list of Jsonnet Top-level + Arguments + items: + description: JsonnetVar represents a variable + to be passed to jsonnet during manifest + generation + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + description: Recurse specifies whether to scan a + directory recursively for manifests + type: boolean + type: object + helm: + description: Helm holds helm specific options + properties: + fileParameters: + description: FileParameters are file parameters + to the helm template + items: + description: HelmFileParameter is a file parameter + that's passed to helm template during manifest + generation + properties: + name: + description: Name is the name of the Helm + parameter + type: string + path: + description: Path is the path to the file + containing the values for the Helm parameter + type: string + type: object + type: array + ignoreMissingValueFiles: + description: IgnoreMissingValueFiles prevents helm + template from failing when valueFiles do not exist + locally by not appending them to helm template + --values + type: boolean + parameters: + description: Parameters is a list of Helm parameters + which are passed to the helm template command + upon manifest generation + items: + description: HelmParameter is a parameter that's + passed to helm template during manifest generation + properties: + forceString: + description: ForceString determines whether + to tell Helm to interpret booleans and numbers + as strings + type: boolean + name: + description: Name is the name of the Helm + parameter + type: string + value: + description: Value is the value for the Helm + parameter + type: string + type: object + type: array + passCredentials: + description: PassCredentials pass credentials to + all domains (Helm's --pass-credentials) + type: boolean + releaseName: + description: ReleaseName is the Helm release name + to use. If omitted it will use the application + name + type: string + skipCrds: + description: SkipCrds skips custom resource definition + installation step (Helm's --skip-crds) + type: boolean + valueFiles: + description: ValuesFiles is a list of Helm value + files to use when generating a template + items: + type: string + type: array + values: + description: Values specifies Helm values to be + passed to helm template, typically defined as + a block. ValuesObject takes precedence over Values, + so use one or the other. + type: string + valuesObject: + description: ValuesObject specifies Helm values + to be passed to helm template, defined as a map. + This takes precedence over Values. + type: object + x-kubernetes-preserve-unknown-fields: true + version: + description: Version is the Helm version to use + for templating ("3") + type: string + type: object + kustomize: + description: Kustomize holds kustomize specific options + properties: + commonAnnotations: + additionalProperties: + type: string + description: CommonAnnotations is a list of additional + annotations to add to rendered manifests + type: object + commonAnnotationsEnvsubst: + description: CommonAnnotationsEnvsubst specifies + whether to apply env variables substitution for + annotation values + type: boolean + commonLabels: + additionalProperties: + type: string + description: CommonLabels is a list of additional + labels to add to rendered manifests + type: object + forceCommonAnnotations: + description: ForceCommonAnnotations specifies whether + to force applying common annotations to resources + for Kustomize apps + type: boolean + forceCommonLabels: + description: ForceCommonLabels specifies whether + to force applying common labels to resources for + Kustomize apps + type: boolean + images: + description: Images is a list of Kustomize image + override specifications + items: + description: KustomizeImage represents a Kustomize + image definition in the format [old_image_name=]: + type: string + type: array + namePrefix: + description: NamePrefix is a prefix appended to + resources for Kustomize apps + type: string + nameSuffix: + description: NameSuffix is a suffix appended to + resources for Kustomize apps + type: string + namespace: + description: Namespace sets the namespace that Kustomize + adds to all resources + type: string + replicas: + description: Replicas is a list of Kustomize Replicas + override specifications + items: + properties: + count: + anyOf: + - type: integer + - type: string + description: Number of replicas + x-kubernetes-int-or-string: true + name: + description: Name of Deployment or StatefulSet + type: string + required: + - count + - name + type: object + type: array + version: + description: Version controls which version of Kustomize + to use for rendering manifests + type: string + type: object + path: + description: Path is a directory path within the Git + repository, and is only valid for applications sourced + from Git. + type: string + plugin: + description: Plugin holds config management plugin specific + options + properties: + env: + description: Env is a list of environment variable + entries + items: + description: EnvEntry represents an entry in the + application's environment + properties: + name: + description: Name is the name of the variable, + usually expressed in uppercase + type: string + value: + description: Value is the value of the variable + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + description: Array is the value of an array + type parameter. + items: + type: string + type: array + map: + additionalProperties: + type: string + description: Map is the value of a map type + parameter. + type: object + name: + description: Name is the name identifying + a parameter. + type: string + string: + description: String_ is the value of a string + type parameter. + type: string + type: object + type: array + type: object + ref: + description: Ref is reference to another source within + sources field. This field will not be used if used + with a `source` tag. + type: string + repoURL: + description: RepoURL is the URL to the repository (Git + or Helm) that contains the application manifests + type: string + targetRevision: + description: TargetRevision defines the revision of + the source to sync the application to. In case of + Git, this can be commit, tag, or branch. If omitted, + will equal to HEAD. In case of Helm, this is a semver + tag for the Chart's version. + type: string + required: + - repoURL + type: object + type: array + required: + - destination + type: object + revision: + description: Revision contains information about the revision + the comparison has been performed to + type: string + revisions: + description: Revisions contains information about the revisions + of multiple sources the comparison has been performed to + items: + type: string + type: array + status: + description: Status is the sync state of the comparison + type: string + required: + - status + type: object + type: object + required: + - metadata + - spec + type: object + served: true + storage: true + subresources: {} +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + labels: + app.kubernetes.io/name: applicationsets.argoproj.io + app.kubernetes.io/part-of: argocd + name: applicationsets.argoproj.io +spec: + group: argoproj.io + names: + kind: ApplicationSet + listKind: ApplicationSetList + plural: applicationsets + shortNames: + - appset + - appsets + singular: applicationset + scope: Namespaced + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + applyNestedSelectors: + type: boolean + generators: + items: + properties: + clusterDecisionResource: + properties: + configMapRef: + type: string + labelSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object + name: + type: string + requeueAfterSeconds: + format: int64 + type: integer + template: + properties: + metadata: + properties: + annotations: + additionalProperties: + type: string + type: object + finalizers: + items: + type: string + type: array + labels: + additionalProperties: + type: string + type: object + name: + type: string + namespace: + type: string + type: object + spec: + properties: + destination: + properties: + name: + type: string + namespace: + type: string + server: + type: string + type: object + ignoreDifferences: + items: + properties: + group: + type: string + jqPathExpressions: + items: + type: string + type: array + jsonPointers: + items: + type: string + type: array + kind: + type: string + managedFieldsManagers: + items: + type: string + type: array + name: + type: string + namespace: + type: string + required: + - kind + type: object + type: array + info: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + project: + type: string + revisionHistoryLimit: + format: int64 + type: integer + source: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + ignoreMissingValueFiles: + type: boolean + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true + version: + type: string + type: object + kustomize: + properties: + commonAnnotations: + additionalProperties: + type: string + type: object + commonAnnotationsEnvsubst: + type: boolean + commonLabels: + additionalProperties: + type: string + type: object + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + images: + items: + type: string + type: array + namePrefix: + type: string + nameSuffix: + type: string + namespace: + type: string + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array + version: + type: string + type: object + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array + type: object + ref: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + sources: + items: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + ignoreMissingValueFiles: + type: boolean + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true + version: + type: string + type: object + kustomize: + properties: + commonAnnotations: + additionalProperties: + type: string + type: object + commonAnnotationsEnvsubst: + type: boolean + commonLabels: + additionalProperties: + type: string + type: object + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + images: + items: + type: string + type: array + namePrefix: + type: string + nameSuffix: + type: string + namespace: + type: string + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array + version: + type: string + type: object + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array + type: object + ref: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + type: array + syncPolicy: + properties: + automated: + properties: + allowEmpty: + type: boolean + prune: + type: boolean + selfHeal: + type: boolean + type: object + managedNamespaceMetadata: + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object + retry: + properties: + backoff: + properties: + duration: + type: string + factor: + format: int64 + type: integer + maxDuration: + type: string + type: object + limit: + format: int64 + type: integer + type: object + syncOptions: + items: + type: string + type: array + type: object + required: + - destination + - project + type: object + required: + - metadata + - spec + type: object + values: + additionalProperties: + type: string + type: object + required: + - configMapRef + type: object + clusters: + properties: + selector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object + template: + properties: + metadata: + properties: + annotations: + additionalProperties: + type: string + type: object + finalizers: + items: + type: string + type: array + labels: + additionalProperties: + type: string + type: object + name: + type: string + namespace: + type: string + type: object + spec: + properties: + destination: + properties: + name: + type: string + namespace: + type: string + server: + type: string + type: object + ignoreDifferences: + items: + properties: + group: + type: string + jqPathExpressions: + items: + type: string + type: array + jsonPointers: + items: + type: string + type: array + kind: + type: string + managedFieldsManagers: + items: + type: string + type: array + name: + type: string + namespace: + type: string + required: + - kind + type: object + type: array + info: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + project: + type: string + revisionHistoryLimit: + format: int64 + type: integer + source: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + ignoreMissingValueFiles: + type: boolean + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true + version: + type: string + type: object + kustomize: + properties: + commonAnnotations: + additionalProperties: + type: string + type: object + commonAnnotationsEnvsubst: + type: boolean + commonLabels: + additionalProperties: + type: string + type: object + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + images: + items: + type: string + type: array + namePrefix: + type: string + nameSuffix: + type: string + namespace: + type: string + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array + version: + type: string + type: object + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array + type: object + ref: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + sources: + items: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + ignoreMissingValueFiles: + type: boolean + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true + version: + type: string + type: object + kustomize: + properties: + commonAnnotations: + additionalProperties: + type: string + type: object + commonAnnotationsEnvsubst: + type: boolean + commonLabels: + additionalProperties: + type: string + type: object + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + images: + items: + type: string + type: array + namePrefix: + type: string + nameSuffix: + type: string + namespace: + type: string + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array + version: + type: string + type: object + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array + type: object + ref: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + type: array + syncPolicy: + properties: + automated: + properties: + allowEmpty: + type: boolean + prune: + type: boolean + selfHeal: + type: boolean + type: object + managedNamespaceMetadata: + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object + retry: + properties: + backoff: + properties: + duration: + type: string + factor: + format: int64 + type: integer + maxDuration: + type: string + type: object + limit: + format: int64 + type: integer + type: object + syncOptions: + items: + type: string + type: array + type: object + required: + - destination + - project + type: object + required: + - metadata + - spec + type: object + values: + additionalProperties: + type: string + type: object + type: object + git: + properties: + directories: + items: + properties: + exclude: + type: boolean + path: + type: string + required: + - path + type: object + type: array + files: + items: + properties: + path: + type: string + required: + - path + type: object + type: array + pathParamPrefix: + type: string + repoURL: + type: string + requeueAfterSeconds: + format: int64 + type: integer + revision: + type: string + template: + properties: + metadata: + properties: + annotations: + additionalProperties: + type: string + type: object + finalizers: + items: + type: string + type: array + labels: + additionalProperties: + type: string + type: object + name: + type: string + namespace: + type: string + type: object + spec: + properties: + destination: + properties: + name: + type: string + namespace: + type: string + server: + type: string + type: object + ignoreDifferences: + items: + properties: + group: + type: string + jqPathExpressions: + items: + type: string + type: array + jsonPointers: + items: + type: string + type: array + kind: + type: string + managedFieldsManagers: + items: + type: string + type: array + name: + type: string + namespace: + type: string + required: + - kind + type: object + type: array + info: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + project: + type: string + revisionHistoryLimit: + format: int64 + type: integer + source: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + ignoreMissingValueFiles: + type: boolean + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true + version: + type: string + type: object + kustomize: + properties: + commonAnnotations: + additionalProperties: + type: string + type: object + commonAnnotationsEnvsubst: + type: boolean + commonLabels: + additionalProperties: + type: string + type: object + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + images: + items: + type: string + type: array + namePrefix: + type: string + nameSuffix: + type: string + namespace: + type: string + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array + version: + type: string + type: object + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array + type: object + ref: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + sources: + items: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + ignoreMissingValueFiles: + type: boolean + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true + version: + type: string + type: object + kustomize: + properties: + commonAnnotations: + additionalProperties: + type: string + type: object + commonAnnotationsEnvsubst: + type: boolean + commonLabels: + additionalProperties: + type: string + type: object + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + images: + items: + type: string + type: array + namePrefix: + type: string + nameSuffix: + type: string + namespace: + type: string + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array + version: + type: string + type: object + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array + type: object + ref: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + type: array + syncPolicy: + properties: + automated: + properties: + allowEmpty: + type: boolean + prune: + type: boolean + selfHeal: + type: boolean + type: object + managedNamespaceMetadata: + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object + retry: + properties: + backoff: + properties: + duration: + type: string + factor: + format: int64 + type: integer + maxDuration: + type: string + type: object + limit: + format: int64 + type: integer + type: object + syncOptions: + items: + type: string + type: array + type: object + required: + - destination + - project + type: object + required: + - metadata + - spec + type: object + values: + additionalProperties: + type: string + type: object + required: + - repoURL + - revision + type: object + list: + properties: + elements: + items: + x-kubernetes-preserve-unknown-fields: true + type: array + elementsYaml: + type: string + template: + properties: + metadata: + properties: + annotations: + additionalProperties: + type: string + type: object + finalizers: + items: + type: string + type: array + labels: + additionalProperties: + type: string + type: object + name: + type: string + namespace: + type: string + type: object + spec: + properties: + destination: + properties: + name: + type: string + namespace: + type: string + server: + type: string + type: object + ignoreDifferences: + items: + properties: + group: + type: string + jqPathExpressions: + items: + type: string + type: array + jsonPointers: + items: + type: string + type: array + kind: + type: string + managedFieldsManagers: + items: + type: string + type: array + name: + type: string + namespace: + type: string + required: + - kind + type: object + type: array + info: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + project: + type: string + revisionHistoryLimit: + format: int64 + type: integer + source: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + ignoreMissingValueFiles: + type: boolean + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true + version: + type: string + type: object + kustomize: + properties: + commonAnnotations: + additionalProperties: + type: string + type: object + commonAnnotationsEnvsubst: + type: boolean + commonLabels: + additionalProperties: + type: string + type: object + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + images: + items: + type: string + type: array + namePrefix: + type: string + nameSuffix: + type: string + namespace: + type: string + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array + version: + type: string + type: object + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array + type: object + ref: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + sources: + items: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + ignoreMissingValueFiles: + type: boolean + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true + version: + type: string + type: object + kustomize: + properties: + commonAnnotations: + additionalProperties: + type: string + type: object + commonAnnotationsEnvsubst: + type: boolean + commonLabels: + additionalProperties: + type: string + type: object + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + images: + items: + type: string + type: array + namePrefix: + type: string + nameSuffix: + type: string + namespace: + type: string + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array + version: + type: string + type: object + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array + type: object + ref: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + type: array + syncPolicy: + properties: + automated: + properties: + allowEmpty: + type: boolean + prune: + type: boolean + selfHeal: + type: boolean + type: object + managedNamespaceMetadata: + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object + retry: + properties: + backoff: + properties: + duration: + type: string + factor: + format: int64 + type: integer + maxDuration: + type: string + type: object + limit: + format: int64 + type: integer + type: object + syncOptions: + items: + type: string + type: array + type: object + required: + - destination + - project + type: object + required: + - metadata + - spec + type: object + required: + - elements + type: object + matrix: + properties: + generators: + items: + properties: + clusterDecisionResource: + properties: + configMapRef: + type: string + labelSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object + name: + type: string + requeueAfterSeconds: + format: int64 + type: integer + template: + properties: + metadata: + properties: + annotations: + additionalProperties: + type: string + type: object + finalizers: + items: + type: string + type: array + labels: + additionalProperties: + type: string + type: object + name: + type: string + namespace: + type: string + type: object + spec: + properties: + destination: + properties: + name: + type: string + namespace: + type: string + server: + type: string + type: object + ignoreDifferences: + items: + properties: + group: + type: string + jqPathExpressions: + items: + type: string + type: array + jsonPointers: + items: + type: string + type: array + kind: + type: string + managedFieldsManagers: + items: + type: string + type: array + name: + type: string + namespace: + type: string + required: + - kind + type: object + type: array + info: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + project: + type: string + revisionHistoryLimit: + format: int64 + type: integer + source: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + ignoreMissingValueFiles: + type: boolean + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true + version: + type: string + type: object + kustomize: + properties: + commonAnnotations: + additionalProperties: + type: string + type: object + commonAnnotationsEnvsubst: + type: boolean + commonLabels: + additionalProperties: + type: string + type: object + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + images: + items: + type: string + type: array + namePrefix: + type: string + nameSuffix: + type: string + namespace: + type: string + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array + version: + type: string + type: object + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array + type: object + ref: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + sources: + items: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + ignoreMissingValueFiles: + type: boolean + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true + version: + type: string + type: object + kustomize: + properties: + commonAnnotations: + additionalProperties: + type: string + type: object + commonAnnotationsEnvsubst: + type: boolean + commonLabels: + additionalProperties: + type: string + type: object + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + images: + items: + type: string + type: array + namePrefix: + type: string + nameSuffix: + type: string + namespace: + type: string + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array + version: + type: string + type: object + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array + type: object + ref: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + type: array + syncPolicy: + properties: + automated: + properties: + allowEmpty: + type: boolean + prune: + type: boolean + selfHeal: + type: boolean + type: object + managedNamespaceMetadata: + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object + retry: + properties: + backoff: + properties: + duration: + type: string + factor: + format: int64 + type: integer + maxDuration: + type: string + type: object + limit: + format: int64 + type: integer + type: object + syncOptions: + items: + type: string + type: array + type: object + required: + - destination + - project + type: object + required: + - metadata + - spec + type: object + values: + additionalProperties: + type: string + type: object + required: + - configMapRef + type: object + clusters: + properties: + selector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object + template: + properties: + metadata: + properties: + annotations: + additionalProperties: + type: string + type: object + finalizers: + items: + type: string + type: array + labels: + additionalProperties: + type: string + type: object + name: + type: string + namespace: + type: string + type: object + spec: + properties: + destination: + properties: + name: + type: string + namespace: + type: string + server: + type: string + type: object + ignoreDifferences: + items: + properties: + group: + type: string + jqPathExpressions: + items: + type: string + type: array + jsonPointers: + items: + type: string + type: array + kind: + type: string + managedFieldsManagers: + items: + type: string + type: array + name: + type: string + namespace: + type: string + required: + - kind + type: object + type: array + info: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + project: + type: string + revisionHistoryLimit: + format: int64 + type: integer + source: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + ignoreMissingValueFiles: + type: boolean + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true + version: + type: string + type: object + kustomize: + properties: + commonAnnotations: + additionalProperties: + type: string + type: object + commonAnnotationsEnvsubst: + type: boolean + commonLabels: + additionalProperties: + type: string + type: object + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + images: + items: + type: string + type: array + namePrefix: + type: string + nameSuffix: + type: string + namespace: + type: string + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array + version: + type: string + type: object + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array + type: object + ref: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + sources: + items: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + ignoreMissingValueFiles: + type: boolean + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true + version: + type: string + type: object + kustomize: + properties: + commonAnnotations: + additionalProperties: + type: string + type: object + commonAnnotationsEnvsubst: + type: boolean + commonLabels: + additionalProperties: + type: string + type: object + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + images: + items: + type: string + type: array + namePrefix: + type: string + nameSuffix: + type: string + namespace: + type: string + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array + version: + type: string + type: object + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array + type: object + ref: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + type: array + syncPolicy: + properties: + automated: + properties: + allowEmpty: + type: boolean + prune: + type: boolean + selfHeal: + type: boolean + type: object + managedNamespaceMetadata: + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object + retry: + properties: + backoff: + properties: + duration: + type: string + factor: + format: int64 + type: integer + maxDuration: + type: string + type: object + limit: + format: int64 + type: integer + type: object + syncOptions: + items: + type: string + type: array + type: object + required: + - destination + - project + type: object + required: + - metadata + - spec + type: object + values: + additionalProperties: + type: string + type: object + type: object + git: + properties: + directories: + items: + properties: + exclude: + type: boolean + path: + type: string + required: + - path + type: object + type: array + files: + items: + properties: + path: + type: string + required: + - path + type: object + type: array + pathParamPrefix: + type: string + repoURL: + type: string + requeueAfterSeconds: + format: int64 + type: integer + revision: + type: string + template: + properties: + metadata: + properties: + annotations: + additionalProperties: + type: string + type: object + finalizers: + items: + type: string + type: array + labels: + additionalProperties: + type: string + type: object + name: + type: string + namespace: + type: string + type: object + spec: + properties: + destination: + properties: + name: + type: string + namespace: + type: string + server: + type: string + type: object + ignoreDifferences: + items: + properties: + group: + type: string + jqPathExpressions: + items: + type: string + type: array + jsonPointers: + items: + type: string + type: array + kind: + type: string + managedFieldsManagers: + items: + type: string + type: array + name: + type: string + namespace: + type: string + required: + - kind + type: object + type: array + info: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + project: + type: string + revisionHistoryLimit: + format: int64 + type: integer + source: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + ignoreMissingValueFiles: + type: boolean + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true + version: + type: string + type: object + kustomize: + properties: + commonAnnotations: + additionalProperties: + type: string + type: object + commonAnnotationsEnvsubst: + type: boolean + commonLabels: + additionalProperties: + type: string + type: object + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + images: + items: + type: string + type: array + namePrefix: + type: string + nameSuffix: + type: string + namespace: + type: string + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array + version: + type: string + type: object + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array + type: object + ref: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + sources: + items: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + ignoreMissingValueFiles: + type: boolean + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true + version: + type: string + type: object + kustomize: + properties: + commonAnnotations: + additionalProperties: + type: string + type: object + commonAnnotationsEnvsubst: + type: boolean + commonLabels: + additionalProperties: + type: string + type: object + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + images: + items: + type: string + type: array + namePrefix: + type: string + nameSuffix: + type: string + namespace: + type: string + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array + version: + type: string + type: object + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array + type: object + ref: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + type: array + syncPolicy: + properties: + automated: + properties: + allowEmpty: + type: boolean + prune: + type: boolean + selfHeal: + type: boolean + type: object + managedNamespaceMetadata: + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object + retry: + properties: + backoff: + properties: + duration: + type: string + factor: + format: int64 + type: integer + maxDuration: + type: string + type: object + limit: + format: int64 + type: integer + type: object + syncOptions: + items: + type: string + type: array + type: object + required: + - destination + - project + type: object + required: + - metadata + - spec + type: object + values: + additionalProperties: + type: string + type: object + required: + - repoURL + - revision + type: object + list: + properties: + elements: + items: + x-kubernetes-preserve-unknown-fields: true + type: array + elementsYaml: + type: string + template: + properties: + metadata: + properties: + annotations: + additionalProperties: + type: string + type: object + finalizers: + items: + type: string + type: array + labels: + additionalProperties: + type: string + type: object + name: + type: string + namespace: + type: string + type: object + spec: + properties: + destination: + properties: + name: + type: string + namespace: + type: string + server: + type: string + type: object + ignoreDifferences: + items: + properties: + group: + type: string + jqPathExpressions: + items: + type: string + type: array + jsonPointers: + items: + type: string + type: array + kind: + type: string + managedFieldsManagers: + items: + type: string + type: array + name: + type: string + namespace: + type: string + required: + - kind + type: object + type: array + info: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + project: + type: string + revisionHistoryLimit: + format: int64 + type: integer + source: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + ignoreMissingValueFiles: + type: boolean + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true + version: + type: string + type: object + kustomize: + properties: + commonAnnotations: + additionalProperties: + type: string + type: object + commonAnnotationsEnvsubst: + type: boolean + commonLabels: + additionalProperties: + type: string + type: object + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + images: + items: + type: string + type: array + namePrefix: + type: string + nameSuffix: + type: string + namespace: + type: string + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array + version: + type: string + type: object + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array + type: object + ref: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + sources: + items: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + ignoreMissingValueFiles: + type: boolean + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true + version: + type: string + type: object + kustomize: + properties: + commonAnnotations: + additionalProperties: + type: string + type: object + commonAnnotationsEnvsubst: + type: boolean + commonLabels: + additionalProperties: + type: string + type: object + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + images: + items: + type: string + type: array + namePrefix: + type: string + nameSuffix: + type: string + namespace: + type: string + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array + version: + type: string + type: object + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array + type: object + ref: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + type: array + syncPolicy: + properties: + automated: + properties: + allowEmpty: + type: boolean + prune: + type: boolean + selfHeal: + type: boolean + type: object + managedNamespaceMetadata: + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object + retry: + properties: + backoff: + properties: + duration: + type: string + factor: + format: int64 + type: integer + maxDuration: + type: string + type: object + limit: + format: int64 + type: integer + type: object + syncOptions: + items: + type: string + type: array + type: object + required: + - destination + - project + type: object + required: + - metadata + - spec + type: object + required: + - elements + type: object + matrix: + x-kubernetes-preserve-unknown-fields: true + merge: + x-kubernetes-preserve-unknown-fields: true + plugin: + properties: + configMapRef: + properties: + name: + type: string + required: + - name + type: object + input: + properties: + parameters: + additionalProperties: + x-kubernetes-preserve-unknown-fields: true + type: object + type: object + requeueAfterSeconds: + format: int64 + type: integer + template: + properties: + metadata: + properties: + annotations: + additionalProperties: + type: string + type: object + finalizers: + items: + type: string + type: array + labels: + additionalProperties: + type: string + type: object + name: + type: string + namespace: + type: string + type: object + spec: + properties: + destination: + properties: + name: + type: string + namespace: + type: string + server: + type: string + type: object + ignoreDifferences: + items: + properties: + group: + type: string + jqPathExpressions: + items: + type: string + type: array + jsonPointers: + items: + type: string + type: array + kind: + type: string + managedFieldsManagers: + items: + type: string + type: array + name: + type: string + namespace: + type: string + required: + - kind + type: object + type: array + info: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + project: + type: string + revisionHistoryLimit: + format: int64 + type: integer + source: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + ignoreMissingValueFiles: + type: boolean + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true + version: + type: string + type: object + kustomize: + properties: + commonAnnotations: + additionalProperties: + type: string + type: object + commonAnnotationsEnvsubst: + type: boolean + commonLabels: + additionalProperties: + type: string + type: object + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + images: + items: + type: string + type: array + namePrefix: + type: string + nameSuffix: + type: string + namespace: + type: string + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array + version: + type: string + type: object + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array + type: object + ref: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + sources: + items: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + ignoreMissingValueFiles: + type: boolean + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true + version: + type: string + type: object + kustomize: + properties: + commonAnnotations: + additionalProperties: + type: string + type: object + commonAnnotationsEnvsubst: + type: boolean + commonLabels: + additionalProperties: + type: string + type: object + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + images: + items: + type: string + type: array + namePrefix: + type: string + nameSuffix: + type: string + namespace: + type: string + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array + version: + type: string + type: object + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array + type: object + ref: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + type: array + syncPolicy: + properties: + automated: + properties: + allowEmpty: + type: boolean + prune: + type: boolean + selfHeal: + type: boolean + type: object + managedNamespaceMetadata: + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object + retry: + properties: + backoff: + properties: + duration: + type: string + factor: + format: int64 + type: integer + maxDuration: + type: string + type: object + limit: + format: int64 + type: integer + type: object + syncOptions: + items: + type: string + type: array + type: object + required: + - destination + - project + type: object + required: + - metadata + - spec + type: object + values: + additionalProperties: + type: string + type: object + required: + - configMapRef + type: object + pullRequest: + properties: + azuredevops: + properties: + api: + type: string + labels: + items: + type: string + type: array + organization: + type: string + project: + type: string + repo: + type: string + tokenRef: + properties: + key: + type: string + secretName: + type: string + required: + - key + - secretName + type: object + required: + - organization + - project + - repo + type: object + bitbucket: + properties: + api: + type: string + basicAuth: + properties: + passwordRef: + properties: + key: + type: string + secretName: + type: string + required: + - key + - secretName + type: object + username: + type: string + required: + - passwordRef + - username + type: object + bearerToken: + properties: + tokenRef: + properties: + key: + type: string + secretName: + type: string + required: + - key + - secretName + type: object + required: + - tokenRef + type: object + owner: + type: string + repo: + type: string + required: + - owner + - repo + type: object + bitbucketServer: + properties: + api: + type: string + basicAuth: + properties: + passwordRef: + properties: + key: + type: string + secretName: + type: string + required: + - key + - secretName + type: object + username: + type: string + required: + - passwordRef + - username + type: object + project: + type: string + repo: + type: string + required: + - api + - project + - repo + type: object + filters: + items: + properties: + branchMatch: + type: string + targetBranchMatch: + type: string + type: object + type: array + gitea: + properties: + api: + type: string + insecure: + type: boolean + owner: + type: string + repo: + type: string + tokenRef: + properties: + key: + type: string + secretName: + type: string + required: + - key + - secretName + type: object + required: + - api + - owner + - repo + type: object + github: + properties: + api: + type: string + appSecretName: + type: string + labels: + items: + type: string + type: array + owner: + type: string + repo: + type: string + tokenRef: + properties: + key: + type: string + secretName: + type: string + required: + - key + - secretName + type: object + required: + - owner + - repo + type: object + gitlab: + properties: + api: + type: string + insecure: + type: boolean + labels: + items: + type: string + type: array + project: + type: string + pullRequestState: + type: string + tokenRef: + properties: + key: + type: string + secretName: + type: string + required: + - key + - secretName + type: object + required: + - project + type: object + requeueAfterSeconds: + format: int64 + type: integer + template: + properties: + metadata: + properties: + annotations: + additionalProperties: + type: string + type: object + finalizers: + items: + type: string + type: array + labels: + additionalProperties: + type: string + type: object + name: + type: string + namespace: + type: string + type: object + spec: + properties: + destination: + properties: + name: + type: string + namespace: + type: string + server: + type: string + type: object + ignoreDifferences: + items: + properties: + group: + type: string + jqPathExpressions: + items: + type: string + type: array + jsonPointers: + items: + type: string + type: array + kind: + type: string + managedFieldsManagers: + items: + type: string + type: array + name: + type: string + namespace: + type: string + required: + - kind + type: object + type: array + info: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + project: + type: string + revisionHistoryLimit: + format: int64 + type: integer + source: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + ignoreMissingValueFiles: + type: boolean + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true + version: + type: string + type: object + kustomize: + properties: + commonAnnotations: + additionalProperties: + type: string + type: object + commonAnnotationsEnvsubst: + type: boolean + commonLabels: + additionalProperties: + type: string + type: object + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + images: + items: + type: string + type: array + namePrefix: + type: string + nameSuffix: + type: string + namespace: + type: string + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array + version: + type: string + type: object + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array + type: object + ref: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + sources: + items: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + ignoreMissingValueFiles: + type: boolean + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true + version: + type: string + type: object + kustomize: + properties: + commonAnnotations: + additionalProperties: + type: string + type: object + commonAnnotationsEnvsubst: + type: boolean + commonLabels: + additionalProperties: + type: string + type: object + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + images: + items: + type: string + type: array + namePrefix: + type: string + nameSuffix: + type: string + namespace: + type: string + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array + version: + type: string + type: object + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array + type: object + ref: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + type: array + syncPolicy: + properties: + automated: + properties: + allowEmpty: + type: boolean + prune: + type: boolean + selfHeal: + type: boolean + type: object + managedNamespaceMetadata: + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object + retry: + properties: + backoff: + properties: + duration: + type: string + factor: + format: int64 + type: integer + maxDuration: + type: string + type: object + limit: + format: int64 + type: integer + type: object + syncOptions: + items: + type: string + type: array + type: object + required: + - destination + - project + type: object + required: + - metadata + - spec + type: object + type: object + scmProvider: + properties: + awsCodeCommit: + properties: + allBranches: + type: boolean + region: + type: string + role: + type: string + tagFilters: + items: + properties: + key: + type: string + value: + type: string + required: + - key + type: object + type: array + type: object + azureDevOps: + properties: + accessTokenRef: + properties: + key: + type: string + secretName: + type: string + required: + - key + - secretName + type: object + allBranches: + type: boolean + api: + type: string + organization: + type: string + teamProject: + type: string + required: + - accessTokenRef + - organization + - teamProject + type: object + bitbucket: + properties: + allBranches: + type: boolean + appPasswordRef: + properties: + key: + type: string + secretName: + type: string + required: + - key + - secretName + type: object + owner: + type: string + user: + type: string + required: + - appPasswordRef + - owner + - user + type: object + bitbucketServer: + properties: + allBranches: + type: boolean + api: + type: string + basicAuth: + properties: + passwordRef: + properties: + key: + type: string + secretName: + type: string + required: + - key + - secretName + type: object + username: + type: string + required: + - passwordRef + - username + type: object + project: + type: string + required: + - api + - project + type: object + cloneProtocol: + type: string + filters: + items: + properties: + branchMatch: + type: string + labelMatch: + type: string + pathsDoNotExist: + items: + type: string + type: array + pathsExist: + items: + type: string + type: array + repositoryMatch: + type: string + type: object + type: array + gitea: + properties: + allBranches: + type: boolean + api: + type: string + insecure: + type: boolean + owner: + type: string + tokenRef: + properties: + key: + type: string + secretName: + type: string + required: + - key + - secretName + type: object + required: + - api + - owner + type: object + github: + properties: + allBranches: + type: boolean + api: + type: string + appSecretName: + type: string + organization: + type: string + tokenRef: + properties: + key: + type: string + secretName: + type: string + required: + - key + - secretName + type: object + required: + - organization + type: object + gitlab: + properties: + allBranches: + type: boolean + api: + type: string + group: + type: string + includeSubgroups: + type: boolean + insecure: + type: boolean + tokenRef: + properties: + key: + type: string + secretName: + type: string + required: + - key + - secretName + type: object + required: + - group + type: object + requeueAfterSeconds: + format: int64 + type: integer + template: + properties: + metadata: + properties: + annotations: + additionalProperties: + type: string + type: object + finalizers: + items: + type: string + type: array + labels: + additionalProperties: + type: string + type: object + name: + type: string + namespace: + type: string + type: object + spec: + properties: + destination: + properties: + name: + type: string + namespace: + type: string + server: + type: string + type: object + ignoreDifferences: + items: + properties: + group: + type: string + jqPathExpressions: + items: + type: string + type: array + jsonPointers: + items: + type: string + type: array + kind: + type: string + managedFieldsManagers: + items: + type: string + type: array + name: + type: string + namespace: + type: string + required: + - kind + type: object + type: array + info: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + project: + type: string + revisionHistoryLimit: + format: int64 + type: integer + source: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + ignoreMissingValueFiles: + type: boolean + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true + version: + type: string + type: object + kustomize: + properties: + commonAnnotations: + additionalProperties: + type: string + type: object + commonAnnotationsEnvsubst: + type: boolean + commonLabels: + additionalProperties: + type: string + type: object + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + images: + items: + type: string + type: array + namePrefix: + type: string + nameSuffix: + type: string + namespace: + type: string + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array + version: + type: string + type: object + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array + type: object + ref: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + sources: + items: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + ignoreMissingValueFiles: + type: boolean + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true + version: + type: string + type: object + kustomize: + properties: + commonAnnotations: + additionalProperties: + type: string + type: object + commonAnnotationsEnvsubst: + type: boolean + commonLabels: + additionalProperties: + type: string + type: object + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + images: + items: + type: string + type: array + namePrefix: + type: string + nameSuffix: + type: string + namespace: + type: string + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array + version: + type: string + type: object + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array + type: object + ref: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + type: array + syncPolicy: + properties: + automated: + properties: + allowEmpty: + type: boolean + prune: + type: boolean + selfHeal: + type: boolean + type: object + managedNamespaceMetadata: + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object + retry: + properties: + backoff: + properties: + duration: + type: string + factor: + format: int64 + type: integer + maxDuration: + type: string + type: object + limit: + format: int64 + type: integer + type: object + syncOptions: + items: + type: string + type: array + type: object + required: + - destination + - project + type: object + required: + - metadata + - spec + type: object + values: + additionalProperties: + type: string + type: object + type: object + selector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object + type: object + type: array + template: + properties: + metadata: + properties: + annotations: + additionalProperties: + type: string + type: object + finalizers: + items: + type: string + type: array + labels: + additionalProperties: + type: string + type: object + name: + type: string + namespace: + type: string + type: object + spec: + properties: + destination: + properties: + name: + type: string + namespace: + type: string + server: + type: string + type: object + ignoreDifferences: + items: + properties: + group: + type: string + jqPathExpressions: + items: + type: string + type: array + jsonPointers: + items: + type: string + type: array + kind: + type: string + managedFieldsManagers: + items: + type: string + type: array + name: + type: string + namespace: + type: string + required: + - kind + type: object + type: array + info: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + project: + type: string + revisionHistoryLimit: + format: int64 + type: integer + source: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + ignoreMissingValueFiles: + type: boolean + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true + version: + type: string + type: object + kustomize: + properties: + commonAnnotations: + additionalProperties: + type: string + type: object + commonAnnotationsEnvsubst: + type: boolean + commonLabels: + additionalProperties: + type: string + type: object + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + images: + items: + type: string + type: array + namePrefix: + type: string + nameSuffix: + type: string + namespace: + type: string + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array + version: + type: string + type: object + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array + type: object + ref: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + sources: + items: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + ignoreMissingValueFiles: + type: boolean + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true + version: + type: string + type: object + kustomize: + properties: + commonAnnotations: + additionalProperties: + type: string + type: object + commonAnnotationsEnvsubst: + type: boolean + commonLabels: + additionalProperties: + type: string + type: object + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + images: + items: + type: string + type: array + namePrefix: + type: string + nameSuffix: + type: string + namespace: + type: string + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array + version: + type: string + type: object + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array + type: object + ref: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + type: array + syncPolicy: + properties: + automated: + properties: + allowEmpty: + type: boolean + prune: + type: boolean + selfHeal: + type: boolean + type: object + managedNamespaceMetadata: + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object + retry: + properties: + backoff: + properties: + duration: + type: string + factor: + format: int64 + type: integer + maxDuration: + type: string + type: object + limit: + format: int64 + type: integer + type: object + syncOptions: + items: + type: string + type: array + type: object + required: + - destination + - project + type: object + required: + - metadata + - spec + type: object + required: + - generators + type: object + merge: + properties: + generators: + items: + properties: + clusterDecisionResource: + properties: + configMapRef: + type: string + labelSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object + name: + type: string + requeueAfterSeconds: + format: int64 + type: integer + template: + properties: + metadata: + properties: + annotations: + additionalProperties: + type: string + type: object + finalizers: + items: + type: string + type: array + labels: + additionalProperties: + type: string + type: object + name: + type: string + namespace: + type: string + type: object + spec: + properties: + destination: + properties: + name: + type: string + namespace: + type: string + server: + type: string + type: object + ignoreDifferences: + items: + properties: + group: + type: string + jqPathExpressions: + items: + type: string + type: array + jsonPointers: + items: + type: string + type: array + kind: + type: string + managedFieldsManagers: + items: + type: string + type: array + name: + type: string + namespace: + type: string + required: + - kind + type: object + type: array + info: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + project: + type: string + revisionHistoryLimit: + format: int64 + type: integer + source: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + ignoreMissingValueFiles: + type: boolean + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true + version: + type: string + type: object + kustomize: + properties: + commonAnnotations: + additionalProperties: + type: string + type: object + commonAnnotationsEnvsubst: + type: boolean + commonLabels: + additionalProperties: + type: string + type: object + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + images: + items: + type: string + type: array + namePrefix: + type: string + nameSuffix: + type: string + namespace: + type: string + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array + version: + type: string + type: object + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array + type: object + ref: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + sources: + items: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + ignoreMissingValueFiles: + type: boolean + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true + version: + type: string + type: object + kustomize: + properties: + commonAnnotations: + additionalProperties: + type: string + type: object + commonAnnotationsEnvsubst: + type: boolean + commonLabels: + additionalProperties: + type: string + type: object + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + images: + items: + type: string + type: array + namePrefix: + type: string + nameSuffix: + type: string + namespace: + type: string + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array + version: + type: string + type: object + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array + type: object + ref: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + type: array + syncPolicy: + properties: + automated: + properties: + allowEmpty: + type: boolean + prune: + type: boolean + selfHeal: + type: boolean + type: object + managedNamespaceMetadata: + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object + retry: + properties: + backoff: + properties: + duration: + type: string + factor: + format: int64 + type: integer + maxDuration: + type: string + type: object + limit: + format: int64 + type: integer + type: object + syncOptions: + items: + type: string + type: array + type: object + required: + - destination + - project + type: object + required: + - metadata + - spec + type: object + values: + additionalProperties: + type: string + type: object + required: + - configMapRef + type: object + clusters: + properties: + selector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object + template: + properties: + metadata: + properties: + annotations: + additionalProperties: + type: string + type: object + finalizers: + items: + type: string + type: array + labels: + additionalProperties: + type: string + type: object + name: + type: string + namespace: + type: string + type: object + spec: + properties: + destination: + properties: + name: + type: string + namespace: + type: string + server: + type: string + type: object + ignoreDifferences: + items: + properties: + group: + type: string + jqPathExpressions: + items: + type: string + type: array + jsonPointers: + items: + type: string + type: array + kind: + type: string + managedFieldsManagers: + items: + type: string + type: array + name: + type: string + namespace: + type: string + required: + - kind + type: object + type: array + info: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + project: + type: string + revisionHistoryLimit: + format: int64 + type: integer + source: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + ignoreMissingValueFiles: + type: boolean + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true + version: + type: string + type: object + kustomize: + properties: + commonAnnotations: + additionalProperties: + type: string + type: object + commonAnnotationsEnvsubst: + type: boolean + commonLabels: + additionalProperties: + type: string + type: object + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + images: + items: + type: string + type: array + namePrefix: + type: string + nameSuffix: + type: string + namespace: + type: string + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array + version: + type: string + type: object + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array + type: object + ref: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + sources: + items: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + ignoreMissingValueFiles: + type: boolean + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true + version: + type: string + type: object + kustomize: + properties: + commonAnnotations: + additionalProperties: + type: string + type: object + commonAnnotationsEnvsubst: + type: boolean + commonLabels: + additionalProperties: + type: string + type: object + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + images: + items: + type: string + type: array + namePrefix: + type: string + nameSuffix: + type: string + namespace: + type: string + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array + version: + type: string + type: object + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array + type: object + ref: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + type: array + syncPolicy: + properties: + automated: + properties: + allowEmpty: + type: boolean + prune: + type: boolean + selfHeal: + type: boolean + type: object + managedNamespaceMetadata: + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object + retry: + properties: + backoff: + properties: + duration: + type: string + factor: + format: int64 + type: integer + maxDuration: + type: string + type: object + limit: + format: int64 + type: integer + type: object + syncOptions: + items: + type: string + type: array + type: object + required: + - destination + - project + type: object + required: + - metadata + - spec + type: object + values: + additionalProperties: + type: string + type: object + type: object + git: + properties: + directories: + items: + properties: + exclude: + type: boolean + path: + type: string + required: + - path + type: object + type: array + files: + items: + properties: + path: + type: string + required: + - path + type: object + type: array + pathParamPrefix: + type: string + repoURL: + type: string + requeueAfterSeconds: + format: int64 + type: integer + revision: + type: string + template: + properties: + metadata: + properties: + annotations: + additionalProperties: + type: string + type: object + finalizers: + items: + type: string + type: array + labels: + additionalProperties: + type: string + type: object + name: + type: string + namespace: + type: string + type: object + spec: + properties: + destination: + properties: + name: + type: string + namespace: + type: string + server: + type: string + type: object + ignoreDifferences: + items: + properties: + group: + type: string + jqPathExpressions: + items: + type: string + type: array + jsonPointers: + items: + type: string + type: array + kind: + type: string + managedFieldsManagers: + items: + type: string + type: array + name: + type: string + namespace: + type: string + required: + - kind + type: object + type: array + info: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + project: + type: string + revisionHistoryLimit: + format: int64 + type: integer + source: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + ignoreMissingValueFiles: + type: boolean + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true + version: + type: string + type: object + kustomize: + properties: + commonAnnotations: + additionalProperties: + type: string + type: object + commonAnnotationsEnvsubst: + type: boolean + commonLabels: + additionalProperties: + type: string + type: object + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + images: + items: + type: string + type: array + namePrefix: + type: string + nameSuffix: + type: string + namespace: + type: string + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array + version: + type: string + type: object + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array + type: object + ref: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + sources: + items: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + ignoreMissingValueFiles: + type: boolean + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true + version: + type: string + type: object + kustomize: + properties: + commonAnnotations: + additionalProperties: + type: string + type: object + commonAnnotationsEnvsubst: + type: boolean + commonLabels: + additionalProperties: + type: string + type: object + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + images: + items: + type: string + type: array + namePrefix: + type: string + nameSuffix: + type: string + namespace: + type: string + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array + version: + type: string + type: object + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array + type: object + ref: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + type: array + syncPolicy: + properties: + automated: + properties: + allowEmpty: + type: boolean + prune: + type: boolean + selfHeal: + type: boolean + type: object + managedNamespaceMetadata: + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object + retry: + properties: + backoff: + properties: + duration: + type: string + factor: + format: int64 + type: integer + maxDuration: + type: string + type: object + limit: + format: int64 + type: integer + type: object + syncOptions: + items: + type: string + type: array + type: object + required: + - destination + - project + type: object + required: + - metadata + - spec + type: object + values: + additionalProperties: + type: string + type: object + required: + - repoURL + - revision + type: object + list: + properties: + elements: + items: + x-kubernetes-preserve-unknown-fields: true + type: array + elementsYaml: + type: string + template: + properties: + metadata: + properties: + annotations: + additionalProperties: + type: string + type: object + finalizers: + items: + type: string + type: array + labels: + additionalProperties: + type: string + type: object + name: + type: string + namespace: + type: string + type: object + spec: + properties: + destination: + properties: + name: + type: string + namespace: + type: string + server: + type: string + type: object + ignoreDifferences: + items: + properties: + group: + type: string + jqPathExpressions: + items: + type: string + type: array + jsonPointers: + items: + type: string + type: array + kind: + type: string + managedFieldsManagers: + items: + type: string + type: array + name: + type: string + namespace: + type: string + required: + - kind + type: object + type: array + info: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + project: + type: string + revisionHistoryLimit: + format: int64 + type: integer + source: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + ignoreMissingValueFiles: + type: boolean + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true + version: + type: string + type: object + kustomize: + properties: + commonAnnotations: + additionalProperties: + type: string + type: object + commonAnnotationsEnvsubst: + type: boolean + commonLabels: + additionalProperties: + type: string + type: object + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + images: + items: + type: string + type: array + namePrefix: + type: string + nameSuffix: + type: string + namespace: + type: string + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array + version: + type: string + type: object + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array + type: object + ref: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + sources: + items: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + ignoreMissingValueFiles: + type: boolean + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true + version: + type: string + type: object + kustomize: + properties: + commonAnnotations: + additionalProperties: + type: string + type: object + commonAnnotationsEnvsubst: + type: boolean + commonLabels: + additionalProperties: + type: string + type: object + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + images: + items: + type: string + type: array + namePrefix: + type: string + nameSuffix: + type: string + namespace: + type: string + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array + version: + type: string + type: object + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array + type: object + ref: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + type: array + syncPolicy: + properties: + automated: + properties: + allowEmpty: + type: boolean + prune: + type: boolean + selfHeal: + type: boolean + type: object + managedNamespaceMetadata: + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object + retry: + properties: + backoff: + properties: + duration: + type: string + factor: + format: int64 + type: integer + maxDuration: + type: string + type: object + limit: + format: int64 + type: integer + type: object + syncOptions: + items: + type: string + type: array + type: object + required: + - destination + - project + type: object + required: + - metadata + - spec + type: object + required: + - elements + type: object + matrix: + x-kubernetes-preserve-unknown-fields: true + merge: + x-kubernetes-preserve-unknown-fields: true + plugin: + properties: + configMapRef: + properties: + name: + type: string + required: + - name + type: object + input: + properties: + parameters: + additionalProperties: + x-kubernetes-preserve-unknown-fields: true + type: object + type: object + requeueAfterSeconds: + format: int64 + type: integer + template: + properties: + metadata: + properties: + annotations: + additionalProperties: + type: string + type: object + finalizers: + items: + type: string + type: array + labels: + additionalProperties: + type: string + type: object + name: + type: string + namespace: + type: string + type: object + spec: + properties: + destination: + properties: + name: + type: string + namespace: + type: string + server: + type: string + type: object + ignoreDifferences: + items: + properties: + group: + type: string + jqPathExpressions: + items: + type: string + type: array + jsonPointers: + items: + type: string + type: array + kind: + type: string + managedFieldsManagers: + items: + type: string + type: array + name: + type: string + namespace: + type: string + required: + - kind + type: object + type: array + info: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + project: + type: string + revisionHistoryLimit: + format: int64 + type: integer + source: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + ignoreMissingValueFiles: + type: boolean + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true + version: + type: string + type: object + kustomize: + properties: + commonAnnotations: + additionalProperties: + type: string + type: object + commonAnnotationsEnvsubst: + type: boolean + commonLabels: + additionalProperties: + type: string + type: object + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + images: + items: + type: string + type: array + namePrefix: + type: string + nameSuffix: + type: string + namespace: + type: string + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array + version: + type: string + type: object + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array + type: object + ref: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + sources: + items: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + ignoreMissingValueFiles: + type: boolean + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true + version: + type: string + type: object + kustomize: + properties: + commonAnnotations: + additionalProperties: + type: string + type: object + commonAnnotationsEnvsubst: + type: boolean + commonLabels: + additionalProperties: + type: string + type: object + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + images: + items: + type: string + type: array + namePrefix: + type: string + nameSuffix: + type: string + namespace: + type: string + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array + version: + type: string + type: object + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array + type: object + ref: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + type: array + syncPolicy: + properties: + automated: + properties: + allowEmpty: + type: boolean + prune: + type: boolean + selfHeal: + type: boolean + type: object + managedNamespaceMetadata: + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object + retry: + properties: + backoff: + properties: + duration: + type: string + factor: + format: int64 + type: integer + maxDuration: + type: string + type: object + limit: + format: int64 + type: integer + type: object + syncOptions: + items: + type: string + type: array + type: object + required: + - destination + - project + type: object + required: + - metadata + - spec + type: object + values: + additionalProperties: + type: string + type: object + required: + - configMapRef + type: object + pullRequest: + properties: + azuredevops: + properties: + api: + type: string + labels: + items: + type: string + type: array + organization: + type: string + project: + type: string + repo: + type: string + tokenRef: + properties: + key: + type: string + secretName: + type: string + required: + - key + - secretName + type: object + required: + - organization + - project + - repo + type: object + bitbucket: + properties: + api: + type: string + basicAuth: + properties: + passwordRef: + properties: + key: + type: string + secretName: + type: string + required: + - key + - secretName + type: object + username: + type: string + required: + - passwordRef + - username + type: object + bearerToken: + properties: + tokenRef: + properties: + key: + type: string + secretName: + type: string + required: + - key + - secretName + type: object + required: + - tokenRef + type: object + owner: + type: string + repo: + type: string + required: + - owner + - repo + type: object + bitbucketServer: + properties: + api: + type: string + basicAuth: + properties: + passwordRef: + properties: + key: + type: string + secretName: + type: string + required: + - key + - secretName + type: object + username: + type: string + required: + - passwordRef + - username + type: object + project: + type: string + repo: + type: string + required: + - api + - project + - repo + type: object + filters: + items: + properties: + branchMatch: + type: string + targetBranchMatch: + type: string + type: object + type: array + gitea: + properties: + api: + type: string + insecure: + type: boolean + owner: + type: string + repo: + type: string + tokenRef: + properties: + key: + type: string + secretName: + type: string + required: + - key + - secretName + type: object + required: + - api + - owner + - repo + type: object + github: + properties: + api: + type: string + appSecretName: + type: string + labels: + items: + type: string + type: array + owner: + type: string + repo: + type: string + tokenRef: + properties: + key: + type: string + secretName: + type: string + required: + - key + - secretName + type: object + required: + - owner + - repo + type: object + gitlab: + properties: + api: + type: string + insecure: + type: boolean + labels: + items: + type: string + type: array + project: + type: string + pullRequestState: + type: string + tokenRef: + properties: + key: + type: string + secretName: + type: string + required: + - key + - secretName + type: object + required: + - project + type: object + requeueAfterSeconds: + format: int64 + type: integer + template: + properties: + metadata: + properties: + annotations: + additionalProperties: + type: string + type: object + finalizers: + items: + type: string + type: array + labels: + additionalProperties: + type: string + type: object + name: + type: string + namespace: + type: string + type: object + spec: + properties: + destination: + properties: + name: + type: string + namespace: + type: string + server: + type: string + type: object + ignoreDifferences: + items: + properties: + group: + type: string + jqPathExpressions: + items: + type: string + type: array + jsonPointers: + items: + type: string + type: array + kind: + type: string + managedFieldsManagers: + items: + type: string + type: array + name: + type: string + namespace: + type: string + required: + - kind + type: object + type: array + info: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + project: + type: string + revisionHistoryLimit: + format: int64 + type: integer + source: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + ignoreMissingValueFiles: + type: boolean + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true + version: + type: string + type: object + kustomize: + properties: + commonAnnotations: + additionalProperties: + type: string + type: object + commonAnnotationsEnvsubst: + type: boolean + commonLabels: + additionalProperties: + type: string + type: object + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + images: + items: + type: string + type: array + namePrefix: + type: string + nameSuffix: + type: string + namespace: + type: string + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array + version: + type: string + type: object + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array + type: object + ref: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + sources: + items: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + ignoreMissingValueFiles: + type: boolean + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true + version: + type: string + type: object + kustomize: + properties: + commonAnnotations: + additionalProperties: + type: string + type: object + commonAnnotationsEnvsubst: + type: boolean + commonLabels: + additionalProperties: + type: string + type: object + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + images: + items: + type: string + type: array + namePrefix: + type: string + nameSuffix: + type: string + namespace: + type: string + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array + version: + type: string + type: object + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array + type: object + ref: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + type: array + syncPolicy: + properties: + automated: + properties: + allowEmpty: + type: boolean + prune: + type: boolean + selfHeal: + type: boolean + type: object + managedNamespaceMetadata: + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object + retry: + properties: + backoff: + properties: + duration: + type: string + factor: + format: int64 + type: integer + maxDuration: + type: string + type: object + limit: + format: int64 + type: integer + type: object + syncOptions: + items: + type: string + type: array + type: object + required: + - destination + - project + type: object + required: + - metadata + - spec + type: object + type: object + scmProvider: + properties: + awsCodeCommit: + properties: + allBranches: + type: boolean + region: + type: string + role: + type: string + tagFilters: + items: + properties: + key: + type: string + value: + type: string + required: + - key + type: object + type: array + type: object + azureDevOps: + properties: + accessTokenRef: + properties: + key: + type: string + secretName: + type: string + required: + - key + - secretName + type: object + allBranches: + type: boolean + api: + type: string + organization: + type: string + teamProject: + type: string + required: + - accessTokenRef + - organization + - teamProject + type: object + bitbucket: + properties: + allBranches: + type: boolean + appPasswordRef: + properties: + key: + type: string + secretName: + type: string + required: + - key + - secretName + type: object + owner: + type: string + user: + type: string + required: + - appPasswordRef + - owner + - user + type: object + bitbucketServer: + properties: + allBranches: + type: boolean + api: + type: string + basicAuth: + properties: + passwordRef: + properties: + key: + type: string + secretName: + type: string + required: + - key + - secretName + type: object + username: + type: string + required: + - passwordRef + - username + type: object + project: + type: string + required: + - api + - project + type: object + cloneProtocol: + type: string + filters: + items: + properties: + branchMatch: + type: string + labelMatch: + type: string + pathsDoNotExist: + items: + type: string + type: array + pathsExist: + items: + type: string + type: array + repositoryMatch: + type: string + type: object + type: array + gitea: + properties: + allBranches: + type: boolean + api: + type: string + insecure: + type: boolean + owner: + type: string + tokenRef: + properties: + key: + type: string + secretName: + type: string + required: + - key + - secretName + type: object + required: + - api + - owner + type: object + github: + properties: + allBranches: + type: boolean + api: + type: string + appSecretName: + type: string + organization: + type: string + tokenRef: + properties: + key: + type: string + secretName: + type: string + required: + - key + - secretName + type: object + required: + - organization + type: object + gitlab: + properties: + allBranches: + type: boolean + api: + type: string + group: + type: string + includeSubgroups: + type: boolean + insecure: + type: boolean + tokenRef: + properties: + key: + type: string + secretName: + type: string + required: + - key + - secretName + type: object + required: + - group + type: object + requeueAfterSeconds: + format: int64 + type: integer + template: + properties: + metadata: + properties: + annotations: + additionalProperties: + type: string + type: object + finalizers: + items: + type: string + type: array + labels: + additionalProperties: + type: string + type: object + name: + type: string + namespace: + type: string + type: object + spec: + properties: + destination: + properties: + name: + type: string + namespace: + type: string + server: + type: string + type: object + ignoreDifferences: + items: + properties: + group: + type: string + jqPathExpressions: + items: + type: string + type: array + jsonPointers: + items: + type: string + type: array + kind: + type: string + managedFieldsManagers: + items: + type: string + type: array + name: + type: string + namespace: + type: string + required: + - kind + type: object + type: array + info: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + project: + type: string + revisionHistoryLimit: + format: int64 + type: integer + source: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + ignoreMissingValueFiles: + type: boolean + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true + version: + type: string + type: object + kustomize: + properties: + commonAnnotations: + additionalProperties: + type: string + type: object + commonAnnotationsEnvsubst: + type: boolean + commonLabels: + additionalProperties: + type: string + type: object + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + images: + items: + type: string + type: array + namePrefix: + type: string + nameSuffix: + type: string + namespace: + type: string + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array + version: + type: string + type: object + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array + type: object + ref: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + sources: + items: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + ignoreMissingValueFiles: + type: boolean + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true + version: + type: string + type: object + kustomize: + properties: + commonAnnotations: + additionalProperties: + type: string + type: object + commonAnnotationsEnvsubst: + type: boolean + commonLabels: + additionalProperties: + type: string + type: object + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + images: + items: + type: string + type: array + namePrefix: + type: string + nameSuffix: + type: string + namespace: + type: string + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array + version: + type: string + type: object + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array + type: object + ref: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + type: array + syncPolicy: + properties: + automated: + properties: + allowEmpty: + type: boolean + prune: + type: boolean + selfHeal: + type: boolean + type: object + managedNamespaceMetadata: + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object + retry: + properties: + backoff: + properties: + duration: + type: string + factor: + format: int64 + type: integer + maxDuration: + type: string + type: object + limit: + format: int64 + type: integer + type: object + syncOptions: + items: + type: string + type: array + type: object + required: + - destination + - project + type: object + required: + - metadata + - spec + type: object + values: + additionalProperties: + type: string + type: object + type: object + selector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object + type: object + type: array + mergeKeys: + items: + type: string + type: array + template: + properties: + metadata: + properties: + annotations: + additionalProperties: + type: string + type: object + finalizers: + items: + type: string + type: array + labels: + additionalProperties: + type: string + type: object + name: + type: string + namespace: + type: string + type: object + spec: + properties: + destination: + properties: + name: + type: string + namespace: + type: string + server: + type: string + type: object + ignoreDifferences: + items: + properties: + group: + type: string + jqPathExpressions: + items: + type: string + type: array + jsonPointers: + items: + type: string + type: array + kind: + type: string + managedFieldsManagers: + items: + type: string + type: array + name: + type: string + namespace: + type: string + required: + - kind + type: object + type: array + info: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + project: + type: string + revisionHistoryLimit: + format: int64 + type: integer + source: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + ignoreMissingValueFiles: + type: boolean + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true + version: + type: string + type: object + kustomize: + properties: + commonAnnotations: + additionalProperties: + type: string + type: object + commonAnnotationsEnvsubst: + type: boolean + commonLabels: + additionalProperties: + type: string + type: object + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + images: + items: + type: string + type: array + namePrefix: + type: string + nameSuffix: + type: string + namespace: + type: string + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array + version: + type: string + type: object + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array + type: object + ref: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + sources: + items: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + ignoreMissingValueFiles: + type: boolean + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true + version: + type: string + type: object + kustomize: + properties: + commonAnnotations: + additionalProperties: + type: string + type: object + commonAnnotationsEnvsubst: + type: boolean + commonLabels: + additionalProperties: + type: string + type: object + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + images: + items: + type: string + type: array + namePrefix: + type: string + nameSuffix: + type: string + namespace: + type: string + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array + version: + type: string + type: object + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array + type: object + ref: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + type: array + syncPolicy: + properties: + automated: + properties: + allowEmpty: + type: boolean + prune: + type: boolean + selfHeal: + type: boolean + type: object + managedNamespaceMetadata: + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object + retry: + properties: + backoff: + properties: + duration: + type: string + factor: + format: int64 + type: integer + maxDuration: + type: string + type: object + limit: + format: int64 + type: integer + type: object + syncOptions: + items: + type: string + type: array + type: object + required: + - destination + - project + type: object + required: + - metadata + - spec + type: object + required: + - generators + - mergeKeys + type: object + plugin: + properties: + configMapRef: + properties: + name: + type: string + required: + - name + type: object + input: + properties: + parameters: + additionalProperties: + x-kubernetes-preserve-unknown-fields: true + type: object + type: object + requeueAfterSeconds: + format: int64 + type: integer + template: + properties: + metadata: + properties: + annotations: + additionalProperties: + type: string + type: object + finalizers: + items: + type: string + type: array + labels: + additionalProperties: + type: string + type: object + name: + type: string + namespace: + type: string + type: object + spec: + properties: + destination: + properties: + name: + type: string + namespace: + type: string + server: + type: string + type: object + ignoreDifferences: + items: + properties: + group: + type: string + jqPathExpressions: + items: + type: string + type: array + jsonPointers: + items: + type: string + type: array + kind: + type: string + managedFieldsManagers: + items: + type: string + type: array + name: + type: string + namespace: + type: string + required: + - kind + type: object + type: array + info: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + project: + type: string + revisionHistoryLimit: + format: int64 + type: integer + source: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + ignoreMissingValueFiles: + type: boolean + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true + version: + type: string + type: object + kustomize: + properties: + commonAnnotations: + additionalProperties: + type: string + type: object + commonAnnotationsEnvsubst: + type: boolean + commonLabels: + additionalProperties: + type: string + type: object + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + images: + items: + type: string + type: array + namePrefix: + type: string + nameSuffix: + type: string + namespace: + type: string + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array + version: + type: string + type: object + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array + type: object + ref: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + sources: + items: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + ignoreMissingValueFiles: + type: boolean + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true + version: + type: string + type: object + kustomize: + properties: + commonAnnotations: + additionalProperties: + type: string + type: object + commonAnnotationsEnvsubst: + type: boolean + commonLabels: + additionalProperties: + type: string + type: object + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + images: + items: + type: string + type: array + namePrefix: + type: string + nameSuffix: + type: string + namespace: + type: string + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array + version: + type: string + type: object + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array + type: object + ref: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + type: array + syncPolicy: + properties: + automated: + properties: + allowEmpty: + type: boolean + prune: + type: boolean + selfHeal: + type: boolean + type: object + managedNamespaceMetadata: + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object + retry: + properties: + backoff: + properties: + duration: + type: string + factor: + format: int64 + type: integer + maxDuration: + type: string + type: object + limit: + format: int64 + type: integer + type: object + syncOptions: + items: + type: string + type: array + type: object + required: + - destination + - project + type: object + required: + - metadata + - spec + type: object + values: + additionalProperties: + type: string + type: object + required: + - configMapRef + type: object + pullRequest: + properties: + azuredevops: + properties: + api: + type: string + labels: + items: + type: string + type: array + organization: + type: string + project: + type: string + repo: + type: string + tokenRef: + properties: + key: + type: string + secretName: + type: string + required: + - key + - secretName + type: object + required: + - organization + - project + - repo + type: object + bitbucket: + properties: + api: + type: string + basicAuth: + properties: + passwordRef: + properties: + key: + type: string + secretName: + type: string + required: + - key + - secretName + type: object + username: + type: string + required: + - passwordRef + - username + type: object + bearerToken: + properties: + tokenRef: + properties: + key: + type: string + secretName: + type: string + required: + - key + - secretName + type: object + required: + - tokenRef + type: object + owner: + type: string + repo: + type: string + required: + - owner + - repo + type: object + bitbucketServer: + properties: + api: + type: string + basicAuth: + properties: + passwordRef: + properties: + key: + type: string + secretName: + type: string + required: + - key + - secretName + type: object + username: + type: string + required: + - passwordRef + - username + type: object + project: + type: string + repo: + type: string + required: + - api + - project + - repo + type: object + filters: + items: + properties: + branchMatch: + type: string + targetBranchMatch: + type: string + type: object + type: array + gitea: + properties: + api: + type: string + insecure: + type: boolean + owner: + type: string + repo: + type: string + tokenRef: + properties: + key: + type: string + secretName: + type: string + required: + - key + - secretName + type: object + required: + - api + - owner + - repo + type: object + github: + properties: + api: + type: string + appSecretName: + type: string + labels: + items: + type: string + type: array + owner: + type: string + repo: + type: string + tokenRef: + properties: + key: + type: string + secretName: + type: string + required: + - key + - secretName + type: object + required: + - owner + - repo + type: object + gitlab: + properties: + api: + type: string + insecure: + type: boolean + labels: + items: + type: string + type: array + project: + type: string + pullRequestState: + type: string + tokenRef: + properties: + key: + type: string + secretName: + type: string + required: + - key + - secretName + type: object + required: + - project + type: object + requeueAfterSeconds: + format: int64 + type: integer + template: + properties: + metadata: + properties: + annotations: + additionalProperties: + type: string + type: object + finalizers: + items: + type: string + type: array + labels: + additionalProperties: + type: string + type: object + name: + type: string + namespace: + type: string + type: object + spec: + properties: + destination: + properties: + name: + type: string + namespace: + type: string + server: + type: string + type: object + ignoreDifferences: + items: + properties: + group: + type: string + jqPathExpressions: + items: + type: string + type: array + jsonPointers: + items: + type: string + type: array + kind: + type: string + managedFieldsManagers: + items: + type: string + type: array + name: + type: string + namespace: + type: string + required: + - kind + type: object + type: array + info: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + project: + type: string + revisionHistoryLimit: + format: int64 + type: integer + source: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + ignoreMissingValueFiles: + type: boolean + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true + version: + type: string + type: object + kustomize: + properties: + commonAnnotations: + additionalProperties: + type: string + type: object + commonAnnotationsEnvsubst: + type: boolean + commonLabels: + additionalProperties: + type: string + type: object + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + images: + items: + type: string + type: array + namePrefix: + type: string + nameSuffix: + type: string + namespace: + type: string + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array + version: + type: string + type: object + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array + type: object + ref: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + sources: + items: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + ignoreMissingValueFiles: + type: boolean + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true + version: + type: string + type: object + kustomize: + properties: + commonAnnotations: + additionalProperties: + type: string + type: object + commonAnnotationsEnvsubst: + type: boolean + commonLabels: + additionalProperties: + type: string + type: object + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + images: + items: + type: string + type: array + namePrefix: + type: string + nameSuffix: + type: string + namespace: + type: string + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array + version: + type: string + type: object + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array + type: object + ref: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + type: array + syncPolicy: + properties: + automated: + properties: + allowEmpty: + type: boolean + prune: + type: boolean + selfHeal: + type: boolean + type: object + managedNamespaceMetadata: + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object + retry: + properties: + backoff: + properties: + duration: + type: string + factor: + format: int64 + type: integer + maxDuration: + type: string + type: object + limit: + format: int64 + type: integer + type: object + syncOptions: + items: + type: string + type: array + type: object + required: + - destination + - project + type: object + required: + - metadata + - spec + type: object + type: object + scmProvider: + properties: + awsCodeCommit: + properties: + allBranches: + type: boolean + region: + type: string + role: + type: string + tagFilters: + items: + properties: + key: + type: string + value: + type: string + required: + - key + type: object + type: array + type: object + azureDevOps: + properties: + accessTokenRef: + properties: + key: + type: string + secretName: + type: string + required: + - key + - secretName + type: object + allBranches: + type: boolean + api: + type: string + organization: + type: string + teamProject: + type: string + required: + - accessTokenRef + - organization + - teamProject + type: object + bitbucket: + properties: + allBranches: + type: boolean + appPasswordRef: + properties: + key: + type: string + secretName: + type: string + required: + - key + - secretName + type: object + owner: + type: string + user: + type: string + required: + - appPasswordRef + - owner + - user + type: object + bitbucketServer: + properties: + allBranches: + type: boolean + api: + type: string + basicAuth: + properties: + passwordRef: + properties: + key: + type: string + secretName: + type: string + required: + - key + - secretName + type: object + username: + type: string + required: + - passwordRef + - username + type: object + project: + type: string + required: + - api + - project + type: object + cloneProtocol: + type: string + filters: + items: + properties: + branchMatch: + type: string + labelMatch: + type: string + pathsDoNotExist: + items: + type: string + type: array + pathsExist: + items: + type: string + type: array + repositoryMatch: + type: string + type: object + type: array + gitea: + properties: + allBranches: + type: boolean + api: + type: string + insecure: + type: boolean + owner: + type: string + tokenRef: + properties: + key: + type: string + secretName: + type: string + required: + - key + - secretName + type: object + required: + - api + - owner + type: object + github: + properties: + allBranches: + type: boolean + api: + type: string + appSecretName: + type: string + organization: + type: string + tokenRef: + properties: + key: + type: string + secretName: + type: string + required: + - key + - secretName + type: object + required: + - organization + type: object + gitlab: + properties: + allBranches: + type: boolean + api: + type: string + group: + type: string + includeSubgroups: + type: boolean + insecure: + type: boolean + tokenRef: + properties: + key: + type: string + secretName: + type: string + required: + - key + - secretName + type: object + required: + - group + type: object + requeueAfterSeconds: + format: int64 + type: integer + template: + properties: + metadata: + properties: + annotations: + additionalProperties: + type: string + type: object + finalizers: + items: + type: string + type: array + labels: + additionalProperties: + type: string + type: object + name: + type: string + namespace: + type: string + type: object + spec: + properties: + destination: + properties: + name: + type: string + namespace: + type: string + server: + type: string + type: object + ignoreDifferences: + items: + properties: + group: + type: string + jqPathExpressions: + items: + type: string + type: array + jsonPointers: + items: + type: string + type: array + kind: + type: string + managedFieldsManagers: + items: + type: string + type: array + name: + type: string + namespace: + type: string + required: + - kind + type: object + type: array + info: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + project: + type: string + revisionHistoryLimit: + format: int64 + type: integer + source: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + ignoreMissingValueFiles: + type: boolean + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true + version: + type: string + type: object + kustomize: + properties: + commonAnnotations: + additionalProperties: + type: string + type: object + commonAnnotationsEnvsubst: + type: boolean + commonLabels: + additionalProperties: + type: string + type: object + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + images: + items: + type: string + type: array + namePrefix: + type: string + nameSuffix: + type: string + namespace: + type: string + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array + version: + type: string + type: object + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array + type: object + ref: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + sources: + items: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + ignoreMissingValueFiles: + type: boolean + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true + version: + type: string + type: object + kustomize: + properties: + commonAnnotations: + additionalProperties: + type: string + type: object + commonAnnotationsEnvsubst: + type: boolean + commonLabels: + additionalProperties: + type: string + type: object + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + images: + items: + type: string + type: array + namePrefix: + type: string + nameSuffix: + type: string + namespace: + type: string + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array + version: + type: string + type: object + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array + type: object + ref: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + type: array + syncPolicy: + properties: + automated: + properties: + allowEmpty: + type: boolean + prune: + type: boolean + selfHeal: + type: boolean + type: object + managedNamespaceMetadata: + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object + retry: + properties: + backoff: + properties: + duration: + type: string + factor: + format: int64 + type: integer + maxDuration: + type: string + type: object + limit: + format: int64 + type: integer + type: object + syncOptions: + items: + type: string + type: array + type: object + required: + - destination + - project + type: object + required: + - metadata + - spec + type: object + values: + additionalProperties: + type: string + type: object + type: object + selector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object + type: object + type: array + goTemplate: + type: boolean + goTemplateOptions: + items: + type: string + type: array + preservedFields: + properties: + annotations: + items: + type: string + type: array + type: object + strategy: + properties: + rollingSync: + properties: + steps: + items: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + type: object + type: array + maxUpdate: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + type: object + type: array + type: object + type: + type: string + type: object + syncPolicy: + properties: + applicationsSync: + enum: + - create-only + - create-update + - create-delete + - sync + type: string + preserveResourcesOnDeletion: + type: boolean + type: object + template: + properties: + metadata: + properties: + annotations: + additionalProperties: + type: string + type: object + finalizers: + items: + type: string + type: array + labels: + additionalProperties: + type: string + type: object + name: + type: string + namespace: + type: string + type: object + spec: + properties: + destination: + properties: + name: + type: string + namespace: + type: string + server: + type: string + type: object + ignoreDifferences: + items: + properties: + group: + type: string + jqPathExpressions: + items: + type: string + type: array + jsonPointers: + items: + type: string + type: array + kind: + type: string + managedFieldsManagers: + items: + type: string + type: array + name: + type: string + namespace: + type: string + required: + - kind + type: object + type: array + info: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + project: + type: string + revisionHistoryLimit: + format: int64 + type: integer + source: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + ignoreMissingValueFiles: + type: boolean + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true + version: + type: string + type: object + kustomize: + properties: + commonAnnotations: + additionalProperties: + type: string + type: object + commonAnnotationsEnvsubst: + type: boolean + commonLabels: + additionalProperties: + type: string + type: object + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + images: + items: + type: string + type: array + namePrefix: + type: string + nameSuffix: + type: string + namespace: + type: string + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array + version: + type: string + type: object + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array + type: object + ref: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + sources: + items: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + ignoreMissingValueFiles: + type: boolean + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true + version: + type: string + type: object + kustomize: + properties: + commonAnnotations: + additionalProperties: + type: string + type: object + commonAnnotationsEnvsubst: + type: boolean + commonLabels: + additionalProperties: + type: string + type: object + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + images: + items: + type: string + type: array + namePrefix: + type: string + nameSuffix: + type: string + namespace: + type: string + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array + version: + type: string + type: object + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array + type: object + ref: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + type: array + syncPolicy: + properties: + automated: + properties: + allowEmpty: + type: boolean + prune: + type: boolean + selfHeal: + type: boolean + type: object + managedNamespaceMetadata: + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object + retry: + properties: + backoff: + properties: + duration: + type: string + factor: + format: int64 + type: integer + maxDuration: + type: string + type: object + limit: + format: int64 + type: integer + type: object + syncOptions: + items: + type: string + type: array + type: object + required: + - destination + - project + type: object + required: + - metadata + - spec + type: object + required: + - generators + - template + type: object + status: + properties: + applicationStatus: + items: + properties: + application: + type: string + lastTransitionTime: + format: date-time + type: string + message: + type: string + status: + type: string + step: + type: string + required: + - application + - message + - status + - step + type: object + type: array + conditions: + items: + properties: + lastTransitionTime: + format: date-time + type: string + message: + type: string + reason: + type: string + status: + type: string + type: + type: string + required: + - message + - reason + - status + - type + type: object + type: array + type: object + required: + - metadata + - spec + type: object + served: true + storage: true + subresources: + status: {} +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + labels: + app.kubernetes.io/name: appprojects.argoproj.io + app.kubernetes.io/part-of: argocd + name: appprojects.argoproj.io +spec: + group: argoproj.io + names: + kind: AppProject + listKind: AppProjectList + plural: appprojects + shortNames: + - appproj + - appprojs + singular: appproject + scope: Namespaced + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: 'AppProject provides a logical grouping of applications, providing + controls for: * where the apps may deploy to (cluster whitelist) * what + may be deployed (repository whitelist, resource whitelist/blacklist) * who + can access these applications (roles, OIDC group claims bindings) * and + what they can do (RBAC policies) * automation access to these roles (JWT + tokens)' + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: AppProjectSpec is the specification of an AppProject + properties: + clusterResourceBlacklist: + description: ClusterResourceBlacklist contains list of blacklisted + cluster level resources + items: + description: GroupKind specifies a Group and a Kind, but does not + force a version. This is useful for identifying concepts during + lookup stages without having partially valid types + properties: + group: + type: string + kind: + type: string + required: + - group + - kind + type: object + type: array + clusterResourceWhitelist: + description: ClusterResourceWhitelist contains list of whitelisted + cluster level resources + items: + description: GroupKind specifies a Group and a Kind, but does not + force a version. This is useful for identifying concepts during + lookup stages without having partially valid types + properties: + group: + type: string + kind: + type: string + required: + - group + - kind + type: object + type: array + description: + description: Description contains optional project description + type: string + destinations: + description: Destinations contains list of destinations available + for deployment + items: + description: ApplicationDestination holds information about the + application's destination + properties: + name: + description: Name is an alternate way of specifying the target + cluster by its symbolic name + type: string + namespace: + description: Namespace specifies the target namespace for the + application's resources. The namespace will only be set for + namespace-scoped resources that have not set a value for .metadata.namespace + type: string + server: + description: Server specifies the URL of the target cluster + and must be set to the Kubernetes control plane API + type: string + type: object + type: array + namespaceResourceBlacklist: + description: NamespaceResourceBlacklist contains list of blacklisted + namespace level resources + items: + description: GroupKind specifies a Group and a Kind, but does not + force a version. This is useful for identifying concepts during + lookup stages without having partially valid types + properties: + group: + type: string + kind: + type: string + required: + - group + - kind + type: object + type: array + namespaceResourceWhitelist: + description: NamespaceResourceWhitelist contains list of whitelisted + namespace level resources + items: + description: GroupKind specifies a Group and a Kind, but does not + force a version. This is useful for identifying concepts during + lookup stages without having partially valid types + properties: + group: + type: string + kind: + type: string + required: + - group + - kind + type: object + type: array + orphanedResources: + description: OrphanedResources specifies if controller should monitor + orphaned resources of apps in this project + properties: + ignore: + description: Ignore contains a list of resources that are to be + excluded from orphaned resources monitoring + items: + description: OrphanedResourceKey is a reference to a resource + to be ignored from + properties: + group: + type: string + kind: + type: string + name: + type: string + type: object + type: array + warn: + description: Warn indicates if warning condition should be created + for apps which have orphaned resources + type: boolean + type: object + permitOnlyProjectScopedClusters: + description: PermitOnlyProjectScopedClusters determines whether destinations + can only reference clusters which are project-scoped + type: boolean + roles: + description: Roles are user defined RBAC roles associated with this + project + items: + description: ProjectRole represents a role that has access to a + project + properties: + description: + description: Description is a description of the role + type: string + groups: + description: Groups are a list of OIDC group claims bound to + this role + items: + type: string + type: array + jwtTokens: + description: JWTTokens are a list of generated JWT tokens bound + to this role + items: + description: JWTToken holds the issuedAt and expiresAt values + of a token + properties: + exp: + format: int64 + type: integer + iat: + format: int64 + type: integer + id: + type: string + required: + - iat + type: object + type: array + name: + description: Name is a name for this role + type: string + policies: + description: Policies Stores a list of casbin formatted strings + that define access policies for the role in the project + items: + type: string + type: array + required: + - name + type: object + type: array + signatureKeys: + description: SignatureKeys contains a list of PGP key IDs that commits + in Git must be signed with in order to be allowed for sync + items: + description: SignatureKey is the specification of a key required + to verify commit signatures with + properties: + keyID: + description: The ID of the key in hexadecimal notation + type: string + required: + - keyID + type: object + type: array + sourceNamespaces: + description: SourceNamespaces defines the namespaces application resources + are allowed to be created in + items: + type: string + type: array + sourceRepos: + description: SourceRepos contains list of repository URLs which can + be used for deployment + items: + type: string + type: array + syncWindows: + description: SyncWindows controls when syncs can be run for apps in + this project + items: + description: SyncWindow contains the kind, time, duration and attributes + that are used to assign the syncWindows to apps + properties: + applications: + description: Applications contains a list of applications that + the window will apply to + items: + type: string + type: array + clusters: + description: Clusters contains a list of clusters that the window + will apply to + items: + type: string + type: array + duration: + description: Duration is the amount of time the sync window + will be open + type: string + kind: + description: Kind defines if the window allows or blocks syncs + type: string + manualSync: + description: ManualSync enables manual syncs when they would + otherwise be blocked + type: boolean + namespaces: + description: Namespaces contains a list of namespaces that the + window will apply to + items: + type: string + type: array + schedule: + description: Schedule is the time the window will begin, specified + in cron format + type: string + timeZone: + description: TimeZone of the sync that will be applied to the + schedule + type: string + type: object + type: array + type: object + status: + description: AppProjectStatus contains status information for AppProject + CRs + properties: + jwtTokensByRole: + additionalProperties: + description: JWTTokens represents a list of JWT tokens + properties: + items: + items: + description: JWTToken holds the issuedAt and expiresAt values + of a token + properties: + exp: + format: int64 + type: integer + iat: + format: int64 + type: integer + id: + type: string + required: + - iat + type: object + type: array + type: object + description: JWTTokensByRole contains a list of JWT tokens issued + for a given role + type: object + type: object + required: + - metadata + - spec + type: object + served: true + storage: true +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.6.1 + creationTimestamp: null + name: argocdexports.argoproj.io +spec: + group: argoproj.io + names: + kind: ArgoCDExport + listKind: ArgoCDExportList + plural: argocdexports + singular: argocdexport + scope: Namespaced + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: ArgoCDExport is the Schema for the argocdexports API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: ArgoCDExportSpec defines the desired state of ArgoCDExport + properties: + argocd: + description: Argocd is the name of the ArgoCD instance to export. + type: string + image: + description: Image is the container image to use for the export Job. + type: string + schedule: + description: Schedule in Cron format, see https://en.wikipedia.org/wiki/Cron. + type: string + storage: + description: Storage defines the storage configuration options. + properties: + backend: + description: Backend defines the storage backend to use, must + be "local" (the default), "aws", "azure" or "gcp". + type: string + pvc: + description: PVC is the desired characteristics for a PersistentVolumeClaim. + properties: + accessModes: + description: 'accessModes contains the desired access modes + the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1' + items: + type: string + type: array + dataSource: + description: 'dataSource field can be used to specify either: + * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) + * An existing PVC (PersistentVolumeClaim) If the provisioner + or an external controller can support the specified data + source, it will create a new volume based on the contents + of the specified data source. When the AnyVolumeDataSource + feature gate is enabled, dataSource contents will be copied + to dataSourceRef, and dataSourceRef contents will be copied + to dataSource when dataSourceRef.namespace is not specified. + If the namespace is specified, then dataSourceRef will not + be copied to dataSource.' + properties: + apiGroup: + description: APIGroup is the group for the resource being + referenced. If APIGroup is not specified, the specified + Kind must be in the core API group. For any other third-party + types, APIGroup is required. + type: string + kind: + description: Kind is the type of resource being referenced + type: string + name: + description: Name is the name of resource being referenced + type: string + required: + - kind + - name + type: object + dataSourceRef: + description: 'dataSourceRef specifies the object from which + to populate the volume with data, if a non-empty volume + is desired. This may be any object from a non-empty API + group (non core object) or a PersistentVolumeClaim object. + When this field is specified, volume binding will only succeed + if the type of the specified object matches some installed + volume populator or dynamic provisioner. This field will + replace the functionality of the dataSource field and as + such if both fields are non-empty, they must have the same + value. For backwards compatibility, when namespace isn''t + specified in dataSourceRef, both fields (dataSource and + dataSourceRef) will be set to the same value automatically + if one of them is empty and the other is non-empty. When + namespace is specified in dataSourceRef, dataSource isn''t + set to the same value and must be empty. There are three + important differences between dataSource and dataSourceRef: + * While dataSource only allows two specific types of objects, + dataSourceRef allows any non-core object, as well as PersistentVolumeClaim + objects. * While dataSource ignores disallowed values (dropping + them), dataSourceRef preserves all values, and generates + an error if a disallowed value is specified. * While dataSource + only allows local objects, dataSourceRef allows objects in + any namespaces. (Beta) Using this field requires the AnyVolumeDataSource + feature gate to be enabled. (Alpha) Using the namespace + field of dataSourceRef requires the CrossNamespaceVolumeDataSource + feature gate to be enabled.' + properties: + apiGroup: + description: APIGroup is the group for the resource being + referenced. If APIGroup is not specified, the specified + Kind must be in the core API group. For any other third-party + types, APIGroup is required. + type: string + kind: + description: Kind is the type of resource being referenced + type: string + name: + description: Name is the name of resource being referenced + type: string + namespace: + description: Namespace is the namespace of resource being + referenced Note that when a namespace is specified, + a gateway.networking.k8s.io/ReferenceGrant object is + required in the referent namespace to allow that namespace's + owner to accept the reference. See the ReferenceGrant + documentation for details. (Alpha) This field requires + the CrossNamespaceVolumeDataSource feature gate to be + enabled. + type: string + required: + - kind + - name + type: object + resources: + description: 'resources represents the minimum resources the + volume should have. If RecoverVolumeExpansionFailure feature + is enabled users are allowed to specify resource requirements + that are lower than previous value but must still be higher + than capacity recorded in the status field of the claim. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources' + properties: + claims: + description: "Claims lists the names of resources, defined + in spec.resourceClaims, that are used by this container. + \n This is an alpha field and requires enabling the + DynamicResourceAllocation feature gate. \n This field + is immutable. It can only be set for containers." + items: + description: ResourceClaim references one entry in PodSpec.ResourceClaims. + properties: + name: + description: Name must match the name of one entry + in pod.spec.resourceClaims of the Pod where this + field is used. It makes that resource available + inside a container. + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum amount of compute + resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum amount of + compute resources required. If Requests is omitted for + a container, it defaults to Limits if that is explicitly + specified, otherwise to an implementation-defined value. + Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + type: object + selector: + description: selector is a label query over volumes to consider + for binding. + properties: + matchExpressions: + description: matchExpressions is a list of label selector + requirements. The requirements are ANDed. + items: + description: A label selector requirement is a selector + that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector + applies to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are In, NotIn, + Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. + If the operator is In or NotIn, the values array + must be non-empty. If the operator is Exists or + DoesNotExist, the values array must be empty. + This array is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} pairs. + A single {key,value} in the matchLabels map is equivalent + to an element of matchExpressions, whose key field is + "key", the operator is "In", and the values array contains + only "value". The requirements are ANDed. + type: object + type: object + storageClassName: + description: 'storageClassName is the name of the StorageClass + required by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1' + type: string + volumeMode: + description: volumeMode defines what type of volume is required + by the claim. Value of Filesystem is implied when not included + in claim spec. + type: string + volumeName: + description: volumeName is the binding reference to the PersistentVolume + backing this claim. + type: string + type: object + secretName: + description: SecretName is the name of a Secret with encryption + key, credentials, etc. + type: string + type: object + version: + description: Version is the tag/digest to use for the export Job container + image. + type: string + required: + - argocd + type: object + status: + description: ArgoCDExportStatus defines the observed state of ArgoCDExport + properties: + phase: + description: 'Phase is a simple, high-level summary of where the ArgoCDExport + is in its lifecycle. There are five possible phase values: Pending: + The ArgoCDExport has been accepted by the Kubernetes system, but + one or more of the required resources have not been created. Running: + All of the containers for the ArgoCDExport are still running, or + in the process of starting or restarting. Succeeded: All containers + for the ArgoCDExport have terminated in success, and will not be + restarted. Failed: At least one container has terminated in failure, + either exited with non-zero status or was terminated by the system. + Unknown: For some reason the state of the ArgoCDExport could not + be obtained.' + type: string + required: + - phase + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + cert-manager.io/inject-ca-from: argocd-operator-system/argocd-operator-serving-cert + controller-gen.kubebuilder.io/version: v0.6.1 + name: argocds.argoproj.io +spec: + conversion: + strategy: Webhook + webhook: + clientConfig: + service: + name: argocd-operator-webhook-service + namespace: argocd-operator-system + path: /convert + conversionReviewVersions: + - v1alpha1 + - v1beta1 + group: argoproj.io + names: + kind: ArgoCD + listKind: ArgoCDList + plural: argocds + singular: argocd + scope: Namespaced + versions: + - deprecated: true + deprecationWarning: ArgoCD v1alpha1 version is deprecated and will be converted + to v1beta1 automatically. Moving forward, please use v1beta1 as the ArgoCD API + version. + name: v1alpha1 + schema: + openAPIV3Schema: + description: ArgoCD is the Schema for the argocds API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: ArgoCDSpec defines the desired state of ArgoCD + properties: + applicationInstanceLabelKey: + description: ApplicationInstanceLabelKey is the key name where Argo + CD injects the app name as a tracking label. + type: string + applicationSet: + description: ArgoCDApplicationSet defines whether the Argo CD ApplicationSet + controller should be installed. + properties: + env: + description: Env lets you specify environment for applicationSet + controller pods + items: + description: EnvVar represents an environment variable present + in a Container. + properties: + name: + description: Name of the environment variable. Must be a + C_IDENTIFIER. + type: string + value: + description: 'Variable references $(VAR_NAME) are expanded + using the previously defined environment variables in + the container and any service environment variables. If + a variable cannot be resolved, the reference in the input + string will be unchanged. Double $$ are reduced to a single + $, which allows for escaping the $(VAR_NAME) syntax: i.e. + "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". + Escaped references will never be expanded, regardless + of whether the variable exists or not. Defaults to "".' + type: string + valueFrom: + description: Source for the environment variable's value. + Cannot be used if value is not empty. + properties: + configMapKeyRef: + description: Selects a key of a ConfigMap. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether the ConfigMap or its + key must be defined + type: boolean + required: + - key + type: object + fieldRef: + description: 'Selects a field of the pod: supports metadata.name, + metadata.namespace, `metadata.labels['''']`, + `metadata.annotations['''']`, spec.nodeName, + spec.serviceAccountName, status.hostIP, status.podIP, + status.podIPs.' + properties: + apiVersion: + description: Version of the schema the FieldPath + is written in terms of, defaults to "v1". + type: string + fieldPath: + description: Path of the field to select in the + specified API version. + type: string + required: + - fieldPath + type: object + resourceFieldRef: + description: 'Selects a resource of the container: only + resources limits and requests (limits.cpu, limits.memory, + limits.ephemeral-storage, requests.cpu, requests.memory + and requests.ephemeral-storage) are currently supported.' + properties: + containerName: + description: 'Container name: required for volumes, + optional for env vars' + type: string + divisor: + anyOf: + - type: integer + - type: string + description: Specifies the output format of the + exposed resources, defaults to "1" + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + description: 'Required: resource to select' + type: string + required: + - resource + type: object + secretKeyRef: + description: Selects a key of a secret in the pod's + namespace + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + type: object + required: + - name + type: object + type: array + extraCommandArgs: + description: ExtraCommandArgs allows users to pass command line + arguments to ApplicationSet controller. They get added to default + command line arguments provided by the operator. Please note + that the command line arguments provided as part of ExtraCommandArgs + will not overwrite the default command line arguments. + items: + type: string + type: array + image: + description: Image is the Argo CD ApplicationSet image (optional) + type: string + logLevel: + description: LogLevel describes the log level that should be used + by the ApplicationSet controller. Defaults to ArgoCDDefaultLogLevel + if not set. Valid options are debug,info, error, and warn. + type: string + resources: + description: Resources defines the Compute Resources required + by the container for ApplicationSet. + properties: + claims: + description: "Claims lists the names of resources, defined + in spec.resourceClaims, that are used by this container. + \n This is an alpha field and requires enabling the DynamicResourceAllocation + feature gate. \n This field is immutable. It can only be + set for containers." + items: + description: ResourceClaim references one entry in PodSpec.ResourceClaims. + properties: + name: + description: Name must match the name of one entry in + pod.spec.resourceClaims of the Pod where this field + is used. It makes that resource available inside a + container. + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum amount of compute + resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum amount of compute + resources required. If Requests is omitted for a container, + it defaults to Limits if that is explicitly specified, otherwise + to an implementation-defined value. Requests cannot exceed + Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + type: object + version: + description: Version is the Argo CD ApplicationSet image tag. + (optional) + type: string + webhookServer: + description: WebhookServerSpec defines the options for the ApplicationSet + Webhook Server component. + properties: + host: + description: Host is the hostname to use for Ingress/Route + resources. + type: string + ingress: + description: Ingress defines the desired state for an Ingress + for the Application set webhook component. + properties: + annotations: + additionalProperties: + type: string + description: Annotations is the map of annotations to + apply to the Ingress. + type: object + enabled: + description: Enabled will toggle the creation of the Ingress. + type: boolean + ingressClassName: + description: IngressClassName for the Ingress resource. + type: string + path: + description: Path used for the Ingress resource. + type: string + tls: + description: TLS configuration. Currently the Ingress + only supports a single TLS port, 443. If multiple members + of this list specify different hosts, they will be multiplexed + on the same port according to the hostname specified + through the SNI TLS extension, if the ingress controller + fulfilling the ingress supports SNI. + items: + description: IngressTLS describes the transport layer + security associated with an ingress. + properties: + hosts: + description: hosts is a list of hosts included in + the TLS certificate. The values in this list must + match the name/s used in the tlsSecret. Defaults + to the wildcard host setting for the loadbalancer + controller fulfilling this Ingress, if left unspecified. + items: + type: string + type: array + x-kubernetes-list-type: atomic + secretName: + description: secretName is the name of the secret + used to terminate TLS traffic on port 443. Field + is left optional to allow TLS routing based on + SNI hostname alone. If the SNI host in a listener + conflicts with the "Host" header field used by + an IngressRule, the SNI host is used for termination + and value of the "Host" header is used for routing. + type: string + type: object + type: array + required: + - enabled + type: object + route: + description: Route defines the desired state for an OpenShift + Route for the Application set webhook component. + properties: + annotations: + additionalProperties: + type: string + description: Annotations is the map of annotations to + use for the Route resource. + type: object + enabled: + description: Enabled will toggle the creation of the OpenShift + Route. + type: boolean + labels: + additionalProperties: + type: string + description: Labels is the map of labels to use for the + Route resource + type: object + path: + description: Path the router watches for, to route traffic + for to the service. + type: string + tls: + description: TLS provides the ability to configure certificates + and termination for the Route. + properties: + caCertificate: + description: caCertificate provides the cert authority + certificate contents + type: string + certificate: + description: certificate provides certificate contents + type: string + destinationCACertificate: + description: destinationCACertificate provides the + contents of the ca certificate of the final destination. When + using reencrypt termination this file should be + provided in order to have routers use it for health + checks on the secure connection. If this field is + not specified, the router may provide its own destination + CA and perform hostname validation using the short + service name (service.namespace.svc), which allows + infrastructure generated certificates to automatically + verify. + type: string + insecureEdgeTerminationPolicy: + description: "insecureEdgeTerminationPolicy indicates + the desired behavior for insecure connections to + a route. While each router may make its own decisions + on which ports to expose, this is normally port + 80. \n * Allow - traffic is sent to the server on + the insecure port (default) * Disable - no traffic + is allowed on the insecure port. * Redirect - clients + are redirected to the secure port." + type: string + key: + description: key provides key file contents + type: string + termination: + description: termination indicates termination type. + type: string + required: + - termination + type: object + wildcardPolicy: + description: WildcardPolicy if any for the route. Currently + only 'Subdomain' or 'None' is allowed. + type: string + required: + - enabled + type: object + type: object + type: object + banner: + description: Banner defines an additional banner to be displayed in + Argo CD UI + properties: + content: + description: Content defines the banner message content to display + type: string + url: + description: URL defines an optional URL to be used as banner + message link + type: string + required: + - content + type: object + configManagementPlugins: + description: ConfigManagementPlugins is used to specify additional + config management plugins. + type: string + controller: + description: Controller defines the Application Controller options + for ArgoCD. + properties: + appSync: + description: "AppSync is used to control the sync frequency, by + default the ArgoCD controller polls Git every 3m. \n Set this + to a duration, e.g. 10m or 600s to control the synchronisation + frequency." + type: string + env: + description: Env lets you specify environment for application + controller pods + items: + description: EnvVar represents an environment variable present + in a Container. + properties: + name: + description: Name of the environment variable. Must be a + C_IDENTIFIER. + type: string + value: + description: 'Variable references $(VAR_NAME) are expanded + using the previously defined environment variables in + the container and any service environment variables. If + a variable cannot be resolved, the reference in the input + string will be unchanged. Double $$ are reduced to a single + $, which allows for escaping the $(VAR_NAME) syntax: i.e. + "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". + Escaped references will never be expanded, regardless + of whether the variable exists or not. Defaults to "".' + type: string + valueFrom: + description: Source for the environment variable's value. + Cannot be used if value is not empty. + properties: + configMapKeyRef: + description: Selects a key of a ConfigMap. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether the ConfigMap or its + key must be defined + type: boolean + required: + - key + type: object + fieldRef: + description: 'Selects a field of the pod: supports metadata.name, + metadata.namespace, `metadata.labels['''']`, + `metadata.annotations['''']`, spec.nodeName, + spec.serviceAccountName, status.hostIP, status.podIP, + status.podIPs.' + properties: + apiVersion: + description: Version of the schema the FieldPath + is written in terms of, defaults to "v1". + type: string + fieldPath: + description: Path of the field to select in the + specified API version. + type: string + required: + - fieldPath + type: object + resourceFieldRef: + description: 'Selects a resource of the container: only + resources limits and requests (limits.cpu, limits.memory, + limits.ephemeral-storage, requests.cpu, requests.memory + and requests.ephemeral-storage) are currently supported.' + properties: + containerName: + description: 'Container name: required for volumes, + optional for env vars' + type: string + divisor: + anyOf: + - type: integer + - type: string + description: Specifies the output format of the + exposed resources, defaults to "1" + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + description: 'Required: resource to select' + type: string + required: + - resource + type: object + secretKeyRef: + description: Selects a key of a secret in the pod's + namespace + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + type: object + required: + - name + type: object + type: array + logFormat: + description: LogFormat refers to the log format used by the Application + Controller component. Defaults to ArgoCDDefaultLogFormat if + not configured. Valid options are text or json. + type: string + logLevel: + description: LogLevel refers to the log level used by the Application + Controller component. Defaults to ArgoCDDefaultLogLevel if not + configured. Valid options are debug, info, error, and warn. + type: string + parallelismLimit: + description: ParallelismLimit defines the limit for parallel kubectl + operations + format: int32 + type: integer + processors: + description: Processors contains the options for the Application + Controller processors. + properties: + operation: + description: Operation is the number of application operation + processors. + format: int32 + type: integer + status: + description: Status is the number of application status processors. + format: int32 + type: integer + type: object + resources: + description: Resources defines the Compute Resources required + by the container for the Application Controller. + properties: + claims: + description: "Claims lists the names of resources, defined + in spec.resourceClaims, that are used by this container. + \n This is an alpha field and requires enabling the DynamicResourceAllocation + feature gate. \n This field is immutable. It can only be + set for containers." + items: + description: ResourceClaim references one entry in PodSpec.ResourceClaims. + properties: + name: + description: Name must match the name of one entry in + pod.spec.resourceClaims of the Pod where this field + is used. It makes that resource available inside a + container. + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum amount of compute + resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum amount of compute + resources required. If Requests is omitted for a container, + it defaults to Limits if that is explicitly specified, otherwise + to an implementation-defined value. Requests cannot exceed + Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + type: object + sharding: + description: Sharding contains the options for the Application + Controller sharding configuration. + properties: + clustersPerShard: + description: ClustersPerShard defines the maximum number of + clusters managed by each argocd shard + format: int32 + minimum: 1 + type: integer + dynamicScalingEnabled: + description: DynamicScalingEnabled defines whether dynamic + scaling should be enabled for Application Controller component + type: boolean + enabled: + description: Enabled defines whether sharding should be enabled + on the Application Controller component. + type: boolean + maxShards: + description: MaxShards defines the maximum number of shards + at any given point + format: int32 + type: integer + minShards: + description: MinShards defines the minimum number of shards + at any given point + format: int32 + minimum: 1 + type: integer + replicas: + description: Replicas defines the number of replicas to run + in the Application controller shard. + format: int32 + type: integer + type: object + type: object + dex: + description: Deprecated field. Support dropped in v1beta1 version. + Dex defines the Dex server options for ArgoCD. + properties: + config: + description: Config is the dex connector configuration. + type: string + groups: + description: Optional list of required groups a user must be a + member of + items: + type: string + type: array + image: + description: Image is the Dex container image. + type: string + openShiftOAuth: + description: OpenShiftOAuth enables OpenShift OAuth authentication + for the Dex server. + type: boolean + resources: + description: Resources defines the Compute Resources required + by the container for Dex. + properties: + claims: + description: "Claims lists the names of resources, defined + in spec.resourceClaims, that are used by this container. + \n This is an alpha field and requires enabling the DynamicResourceAllocation + feature gate. \n This field is immutable. It can only be + set for containers." + items: + description: ResourceClaim references one entry in PodSpec.ResourceClaims. + properties: + name: + description: Name must match the name of one entry in + pod.spec.resourceClaims of the Pod where this field + is used. It makes that resource available inside a + container. + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum amount of compute + resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum amount of compute + resources required. If Requests is omitted for a container, + it defaults to Limits if that is explicitly specified, otherwise + to an implementation-defined value. Requests cannot exceed + Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + type: object + version: + description: Version is the Dex container image tag. + type: string + type: object + disableAdmin: + description: DisableAdmin will disable the admin user. + type: boolean + extraConfig: + additionalProperties: + type: string + description: "ExtraConfig can be used to add fields to Argo CD configmap + that are not supported by Argo CD CRD. \n Note: ExtraConfig takes + precedence over Argo CD CRD. For example, A user sets `argocd.Spec.DisableAdmin` + = true and also `a.Spec.ExtraConfig[\"admin.enabled\"]` = true. + In this case, operator updates Argo CD Configmap as follows -> argocd-cm.Data[\"admin.enabled\"] + = true." + type: object + gaAnonymizeUsers: + description: GAAnonymizeUsers toggles user IDs being hashed before + sending to google analytics. + type: boolean + gaTrackingID: + description: GATrackingID is the google analytics tracking ID to use. + type: string + grafana: + description: Grafana defines the Grafana server options for ArgoCD. + properties: + enabled: + description: Enabled will toggle Grafana support globally for + ArgoCD. + type: boolean + host: + description: Host is the hostname to use for Ingress/Route resources. + type: string + image: + description: Image is the Grafana container image. + type: string + ingress: + description: Ingress defines the desired state for an Ingress + for the Grafana component. + properties: + annotations: + additionalProperties: + type: string + description: Annotations is the map of annotations to apply + to the Ingress. + type: object + enabled: + description: Enabled will toggle the creation of the Ingress. + type: boolean + ingressClassName: + description: IngressClassName for the Ingress resource. + type: string + path: + description: Path used for the Ingress resource. + type: string + tls: + description: TLS configuration. Currently the Ingress only + supports a single TLS port, 443. If multiple members of + this list specify different hosts, they will be multiplexed + on the same port according to the hostname specified through + the SNI TLS extension, if the ingress controller fulfilling + the ingress supports SNI. + items: + description: IngressTLS describes the transport layer security + associated with an ingress. + properties: + hosts: + description: hosts is a list of hosts included in the + TLS certificate. The values in this list must match + the name/s used in the tlsSecret. Defaults to the + wildcard host setting for the loadbalancer controller + fulfilling this Ingress, if left unspecified. + items: + type: string + type: array + x-kubernetes-list-type: atomic + secretName: + description: secretName is the name of the secret used + to terminate TLS traffic on port 443. Field is left + optional to allow TLS routing based on SNI hostname + alone. If the SNI host in a listener conflicts with + the "Host" header field used by an IngressRule, the + SNI host is used for termination and value of the + "Host" header is used for routing. + type: string + type: object + type: array + required: + - enabled + type: object + resources: + description: Resources defines the Compute Resources required + by the container for Grafana. + properties: + claims: + description: "Claims lists the names of resources, defined + in spec.resourceClaims, that are used by this container. + \n This is an alpha field and requires enabling the DynamicResourceAllocation + feature gate. \n This field is immutable. It can only be + set for containers." + items: + description: ResourceClaim references one entry in PodSpec.ResourceClaims. + properties: + name: + description: Name must match the name of one entry in + pod.spec.resourceClaims of the Pod where this field + is used. It makes that resource available inside a + container. + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum amount of compute + resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum amount of compute + resources required. If Requests is omitted for a container, + it defaults to Limits if that is explicitly specified, otherwise + to an implementation-defined value. Requests cannot exceed + Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + type: object + route: + description: Route defines the desired state for an OpenShift + Route for the Grafana component. + properties: + annotations: + additionalProperties: + type: string + description: Annotations is the map of annotations to use + for the Route resource. + type: object + enabled: + description: Enabled will toggle the creation of the OpenShift + Route. + type: boolean + labels: + additionalProperties: + type: string + description: Labels is the map of labels to use for the Route + resource + type: object + path: + description: Path the router watches for, to route traffic + for to the service. + type: string + tls: + description: TLS provides the ability to configure certificates + and termination for the Route. + properties: + caCertificate: + description: caCertificate provides the cert authority + certificate contents + type: string + certificate: + description: certificate provides certificate contents + type: string + destinationCACertificate: + description: destinationCACertificate provides the contents + of the ca certificate of the final destination. When + using reencrypt termination this file should be provided + in order to have routers use it for health checks on + the secure connection. If this field is not specified, + the router may provide its own destination CA and perform + hostname validation using the short service name (service.namespace.svc), + which allows infrastructure generated certificates to + automatically verify. + type: string + insecureEdgeTerminationPolicy: + description: "insecureEdgeTerminationPolicy indicates + the desired behavior for insecure connections to a route. + While each router may make its own decisions on which + ports to expose, this is normally port 80. \n * Allow + - traffic is sent to the server on the insecure port + (default) * Disable - no traffic is allowed on the insecure + port. * Redirect - clients are redirected to the secure + port." + type: string + key: + description: key provides key file contents + type: string + termination: + description: termination indicates termination type. + type: string + required: + - termination + type: object + wildcardPolicy: + description: WildcardPolicy if any for the route. Currently + only 'Subdomain' or 'None' is allowed. + type: string + required: + - enabled + type: object + size: + description: Size is the replica count for the Grafana Deployment. + format: int32 + type: integer + version: + description: Version is the Grafana container image tag. + type: string + required: + - enabled + type: object + ha: + description: HA options for High Availability support for the Redis + component. + properties: + enabled: + description: Enabled will toggle HA support globally for Argo + CD. + type: boolean + redisProxyImage: + description: RedisProxyImage is the Redis HAProxy container image. + type: string + redisProxyVersion: + description: RedisProxyVersion is the Redis HAProxy container + image tag. + type: string + resources: + description: Resources defines the Compute Resources required + by the container for HA. + properties: + claims: + description: "Claims lists the names of resources, defined + in spec.resourceClaims, that are used by this container. + \n This is an alpha field and requires enabling the DynamicResourceAllocation + feature gate. \n This field is immutable. It can only be + set for containers." + items: + description: ResourceClaim references one entry in PodSpec.ResourceClaims. + properties: + name: + description: Name must match the name of one entry in + pod.spec.resourceClaims of the Pod where this field + is used. It makes that resource available inside a + container. + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum amount of compute + resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum amount of compute + resources required. If Requests is omitted for a container, + it defaults to Limits if that is explicitly specified, otherwise + to an implementation-defined value. Requests cannot exceed + Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + type: object + required: + - enabled + type: object + helpChatText: + description: HelpChatText is the text for getting chat help, defaults + to "Chat now!" + type: string + helpChatURL: + description: HelpChatURL is the URL for getting chat help, this will + typically be your Slack channel for support. + type: string + image: + description: Image is the ArgoCD container image for all ArgoCD components. + type: string + import: + description: Import is the import/restore options for ArgoCD. + properties: + name: + description: Name of an ArgoCDExport from which to import data. + type: string + namespace: + description: Namespace for the ArgoCDExport, defaults to the same + namespace as the ArgoCD. + type: string + required: + - name + type: object + initialRepositories: + description: InitialRepositories to configure Argo CD with upon creation + of the cluster. + type: string + initialSSHKnownHosts: + description: InitialSSHKnownHosts defines the SSH known hosts data + upon creation of the cluster for connecting Git repositories via + SSH. + properties: + excludedefaulthosts: + description: ExcludeDefaultHosts describes whether you would like + to include the default list of SSH Known Hosts provided by ArgoCD. + type: boolean + keys: + description: Keys describes a custom set of SSH Known Hosts that + you would like to have included in your ArgoCD server. + type: string + type: object + kustomizeBuildOptions: + description: KustomizeBuildOptions is used to specify build options/parameters + to use with `kustomize build`. + type: string + kustomizeVersions: + description: KustomizeVersions is a listing of configured versions + of Kustomize to be made available within ArgoCD. + items: + description: KustomizeVersionSpec is used to specify information + about a kustomize version to be used within ArgoCD. + properties: + path: + description: Path is the path to a configured kustomize version + on the filesystem of your repo server. + type: string + version: + description: Version is a configured kustomize version in the + format of vX.Y.Z + type: string + type: object + type: array + monitoring: + description: Monitoring defines whether workload status monitoring + configuration for this instance. + properties: + enabled: + description: Enabled defines whether workload status monitoring + is enabled for this instance or not + type: boolean + required: + - enabled + type: object + nodePlacement: + description: NodePlacement defines NodeSelectors and Taints for Argo + CD workloads + properties: + nodeSelector: + additionalProperties: + type: string + description: NodeSelector is a field of PodSpec, it is a map of + key value pairs used for node selection + type: object + tolerations: + description: Tolerations allow the pods to schedule onto nodes + with matching taints + items: + description: The pod this Toleration is attached to tolerates + any taint that matches the triple using + the matching operator . + properties: + effect: + description: Effect indicates the taint effect to match. + Empty means match all taint effects. When specified, allowed + values are NoSchedule, PreferNoSchedule and NoExecute. + type: string + key: + description: Key is the taint key that the toleration applies + to. Empty means match all taint keys. If the key is empty, + operator must be Exists; this combination means to match + all values and all keys. + type: string + operator: + description: Operator represents a key's relationship to + the value. Valid operators are Exists and Equal. Defaults + to Equal. Exists is equivalent to wildcard for value, + so that a pod can tolerate all taints of a particular + category. + type: string + tolerationSeconds: + description: TolerationSeconds represents the period of + time the toleration (which must be of effect NoExecute, + otherwise this field is ignored) tolerates the taint. + By default, it is not set, which means tolerate the taint + forever (do not evict). Zero and negative values will + be treated as 0 (evict immediately) by the system. + format: int64 + type: integer + value: + description: Value is the taint value the toleration matches + to. If the operator is Exists, the value should be empty, + otherwise just a regular string. + type: string + type: object + type: array + type: object + notifications: + description: Notifications defines whether the Argo CD Notifications + controller should be installed. + properties: + enabled: + description: Enabled defines whether argocd-notifications controller + should be deployed or not + type: boolean + env: + description: Env let you specify environment variables for Notifications + pods + items: + description: EnvVar represents an environment variable present + in a Container. + properties: + name: + description: Name of the environment variable. Must be a + C_IDENTIFIER. + type: string + value: + description: 'Variable references $(VAR_NAME) are expanded + using the previously defined environment variables in + the container and any service environment variables. If + a variable cannot be resolved, the reference in the input + string will be unchanged. Double $$ are reduced to a single + $, which allows for escaping the $(VAR_NAME) syntax: i.e. + "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". + Escaped references will never be expanded, regardless + of whether the variable exists or not. Defaults to "".' + type: string + valueFrom: + description: Source for the environment variable's value. + Cannot be used if value is not empty. + properties: + configMapKeyRef: + description: Selects a key of a ConfigMap. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether the ConfigMap or its + key must be defined + type: boolean + required: + - key + type: object + fieldRef: + description: 'Selects a field of the pod: supports metadata.name, + metadata.namespace, `metadata.labels['''']`, + `metadata.annotations['''']`, spec.nodeName, + spec.serviceAccountName, status.hostIP, status.podIP, + status.podIPs.' + properties: + apiVersion: + description: Version of the schema the FieldPath + is written in terms of, defaults to "v1". + type: string + fieldPath: + description: Path of the field to select in the + specified API version. + type: string + required: + - fieldPath + type: object + resourceFieldRef: + description: 'Selects a resource of the container: only + resources limits and requests (limits.cpu, limits.memory, + limits.ephemeral-storage, requests.cpu, requests.memory + and requests.ephemeral-storage) are currently supported.' + properties: + containerName: + description: 'Container name: required for volumes, + optional for env vars' + type: string + divisor: + anyOf: + - type: integer + - type: string + description: Specifies the output format of the + exposed resources, defaults to "1" + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + description: 'Required: resource to select' + type: string + required: + - resource + type: object + secretKeyRef: + description: Selects a key of a secret in the pod's + namespace + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + type: object + required: + - name + type: object + type: array + image: + description: Image is the Argo CD Notifications image (optional) + type: string + logLevel: + description: LogLevel describes the log level that should be used + by the argocd-notifications. Defaults to ArgoCDDefaultLogLevel + if not set. Valid options are debug,info, error, and warn. + type: string + replicas: + description: Replicas defines the number of replicas to run for + notifications-controller + format: int32 + type: integer + resources: + description: Resources defines the Compute Resources required + by the container for Argo CD Notifications. + properties: + claims: + description: "Claims lists the names of resources, defined + in spec.resourceClaims, that are used by this container. + \n This is an alpha field and requires enabling the DynamicResourceAllocation + feature gate. \n This field is immutable. It can only be + set for containers." + items: + description: ResourceClaim references one entry in PodSpec.ResourceClaims. + properties: + name: + description: Name must match the name of one entry in + pod.spec.resourceClaims of the Pod where this field + is used. It makes that resource available inside a + container. + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum amount of compute + resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum amount of compute + resources required. If Requests is omitted for a container, + it defaults to Limits if that is explicitly specified, otherwise + to an implementation-defined value. Requests cannot exceed + Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + type: object + version: + description: Version is the Argo CD Notifications image tag. (optional) + type: string + required: + - enabled + type: object + oidcConfig: + description: OIDCConfig is the OIDC configuration as an alternative + to dex. + type: string + prometheus: + description: Prometheus defines the Prometheus server options for + ArgoCD. + properties: + enabled: + description: Enabled will toggle Prometheus support globally for + ArgoCD. + type: boolean + host: + description: Host is the hostname to use for Ingress/Route resources. + type: string + ingress: + description: Ingress defines the desired state for an Ingress + for the Prometheus component. + properties: + annotations: + additionalProperties: + type: string + description: Annotations is the map of annotations to apply + to the Ingress. + type: object + enabled: + description: Enabled will toggle the creation of the Ingress. + type: boolean + ingressClassName: + description: IngressClassName for the Ingress resource. + type: string + path: + description: Path used for the Ingress resource. + type: string + tls: + description: TLS configuration. Currently the Ingress only + supports a single TLS port, 443. If multiple members of + this list specify different hosts, they will be multiplexed + on the same port according to the hostname specified through + the SNI TLS extension, if the ingress controller fulfilling + the ingress supports SNI. + items: + description: IngressTLS describes the transport layer security + associated with an ingress. + properties: + hosts: + description: hosts is a list of hosts included in the + TLS certificate. The values in this list must match + the name/s used in the tlsSecret. Defaults to the + wildcard host setting for the loadbalancer controller + fulfilling this Ingress, if left unspecified. + items: + type: string + type: array + x-kubernetes-list-type: atomic + secretName: + description: secretName is the name of the secret used + to terminate TLS traffic on port 443. Field is left + optional to allow TLS routing based on SNI hostname + alone. If the SNI host in a listener conflicts with + the "Host" header field used by an IngressRule, the + SNI host is used for termination and value of the + "Host" header is used for routing. + type: string + type: object + type: array + required: + - enabled + type: object + route: + description: Route defines the desired state for an OpenShift + Route for the Prometheus component. + properties: + annotations: + additionalProperties: + type: string + description: Annotations is the map of annotations to use + for the Route resource. + type: object + enabled: + description: Enabled will toggle the creation of the OpenShift + Route. + type: boolean + labels: + additionalProperties: + type: string + description: Labels is the map of labels to use for the Route + resource + type: object + path: + description: Path the router watches for, to route traffic + for to the service. + type: string + tls: + description: TLS provides the ability to configure certificates + and termination for the Route. + properties: + caCertificate: + description: caCertificate provides the cert authority + certificate contents + type: string + certificate: + description: certificate provides certificate contents + type: string + destinationCACertificate: + description: destinationCACertificate provides the contents + of the ca certificate of the final destination. When + using reencrypt termination this file should be provided + in order to have routers use it for health checks on + the secure connection. If this field is not specified, + the router may provide its own destination CA and perform + hostname validation using the short service name (service.namespace.svc), + which allows infrastructure generated certificates to + automatically verify. + type: string + insecureEdgeTerminationPolicy: + description: "insecureEdgeTerminationPolicy indicates + the desired behavior for insecure connections to a route. + While each router may make its own decisions on which + ports to expose, this is normally port 80. \n * Allow + - traffic is sent to the server on the insecure port + (default) * Disable - no traffic is allowed on the insecure + port. * Redirect - clients are redirected to the secure + port." + type: string + key: + description: key provides key file contents + type: string + termination: + description: termination indicates termination type. + type: string + required: + - termination + type: object + wildcardPolicy: + description: WildcardPolicy if any for the route. Currently + only 'Subdomain' or 'None' is allowed. + type: string + required: + - enabled + type: object + size: + description: Size is the replica count for the Prometheus StatefulSet. + format: int32 + type: integer + required: + - enabled + type: object + rbac: + description: RBAC defines the RBAC configuration for Argo CD. + properties: + defaultPolicy: + description: DefaultPolicy is the name of the default role which + Argo CD will falls back to, when authorizing API requests (optional). + If omitted or empty, users may be still be able to login, but + will see no apps, projects, etc... + type: string + policy: + description: 'Policy is CSV containing user-defined RBAC policies + and role definitions. Policy rules are in the form: p, subject, + resource, action, object, effect Role definitions and bindings + are in the form: g, subject, inherited-subject See https://github.com/argoproj/argo-cd/blob/master/docs/operator-manual/rbac.md + for additional information.' + type: string + policyMatcherMode: + description: PolicyMatcherMode configures the matchers function + mode for casbin. There are two options for this, 'glob' for + glob matcher or 'regex' for regex matcher. + type: string + scopes: + description: 'Scopes controls which OIDC scopes to examine during + rbac enforcement (in addition to `sub` scope). If omitted, defaults + to: ''[groups]''.' + type: string + type: object + redis: + description: Redis defines the Redis server options for ArgoCD. + properties: + autotls: + description: 'AutoTLS specifies the method to use for automatic + TLS configuration for the redis server The value specified here + can currently be: - openshift - Use the OpenShift service CA + to request TLS config' + type: string + disableTLSVerification: + description: DisableTLSVerification defines whether redis server + API should be accessed using strict TLS validation + type: boolean + image: + description: Image is the Redis container image. + type: string + resources: + description: Resources defines the Compute Resources required + by the container for Redis. + properties: + claims: + description: "Claims lists the names of resources, defined + in spec.resourceClaims, that are used by this container. + \n This is an alpha field and requires enabling the DynamicResourceAllocation + feature gate. \n This field is immutable. It can only be + set for containers." + items: + description: ResourceClaim references one entry in PodSpec.ResourceClaims. + properties: + name: + description: Name must match the name of one entry in + pod.spec.resourceClaims of the Pod where this field + is used. It makes that resource available inside a + container. + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum amount of compute + resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum amount of compute + resources required. If Requests is omitted for a container, + it defaults to Limits if that is explicitly specified, otherwise + to an implementation-defined value. Requests cannot exceed + Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + type: object + version: + description: Version is the Redis container image tag. + type: string + type: object + repo: + description: Repo defines the repo server options for Argo CD. + properties: + autotls: + description: 'AutoTLS specifies the method to use for automatic + TLS configuration for the repo server The value specified here + can currently be: - openshift - Use the OpenShift service CA + to request TLS config' + type: string + env: + description: Env lets you specify environment for repo server + pods + items: + description: EnvVar represents an environment variable present + in a Container. + properties: + name: + description: Name of the environment variable. Must be a + C_IDENTIFIER. + type: string + value: + description: 'Variable references $(VAR_NAME) are expanded + using the previously defined environment variables in + the container and any service environment variables. If + a variable cannot be resolved, the reference in the input + string will be unchanged. Double $$ are reduced to a single + $, which allows for escaping the $(VAR_NAME) syntax: i.e. + "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". + Escaped references will never be expanded, regardless + of whether the variable exists or not. Defaults to "".' + type: string + valueFrom: + description: Source for the environment variable's value. + Cannot be used if value is not empty. + properties: + configMapKeyRef: + description: Selects a key of a ConfigMap. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether the ConfigMap or its + key must be defined + type: boolean + required: + - key + type: object + fieldRef: + description: 'Selects a field of the pod: supports metadata.name, + metadata.namespace, `metadata.labels['''']`, + `metadata.annotations['''']`, spec.nodeName, + spec.serviceAccountName, status.hostIP, status.podIP, + status.podIPs.' + properties: + apiVersion: + description: Version of the schema the FieldPath + is written in terms of, defaults to "v1". + type: string + fieldPath: + description: Path of the field to select in the + specified API version. + type: string + required: + - fieldPath + type: object + resourceFieldRef: + description: 'Selects a resource of the container: only + resources limits and requests (limits.cpu, limits.memory, + limits.ephemeral-storage, requests.cpu, requests.memory + and requests.ephemeral-storage) are currently supported.' + properties: + containerName: + description: 'Container name: required for volumes, + optional for env vars' + type: string + divisor: + anyOf: + - type: integer + - type: string + description: Specifies the output format of the + exposed resources, defaults to "1" + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + description: 'Required: resource to select' + type: string + required: + - resource + type: object + secretKeyRef: + description: Selects a key of a secret in the pod's + namespace + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + type: object + required: + - name + type: object + type: array + execTimeout: + description: ExecTimeout specifies the timeout in seconds for + tool execution + type: integer + extraRepoCommandArgs: + description: Extra Command arguments allows users to pass command + line arguments to repo server workload. They get added to default + command line arguments provided by the operator. Please note + that the command line arguments provided as part of ExtraRepoCommandArgs + will not overwrite the default command line arguments. + items: + type: string + type: array + image: + description: Image is the ArgoCD Repo Server container image. + type: string + initContainers: + description: InitContainers defines the list of initialization + containers for the repo server deployment + items: + description: A single application container that you want to + run within a pod. + properties: + args: + description: 'Arguments to the entrypoint. The container + image''s CMD is used if this is not provided. Variable + references $(VAR_NAME) are expanded using the container''s + environment. If a variable cannot be resolved, the reference + in the input string will be unchanged. Double $$ are reduced + to a single $, which allows for escaping the $(VAR_NAME) + syntax: i.e. "$$(VAR_NAME)" will produce the string literal + "$(VAR_NAME)". Escaped references will never be expanded, + regardless of whether the variable exists or not. Cannot + be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' + items: + type: string + type: array + command: + description: 'Entrypoint array. Not executed within a shell. + The container image''s ENTRYPOINT is used if this is not + provided. Variable references $(VAR_NAME) are expanded + using the container''s environment. If a variable cannot + be resolved, the reference in the input string will be + unchanged. Double $$ are reduced to a single $, which + allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" + will produce the string literal "$(VAR_NAME)". Escaped + references will never be expanded, regardless of whether + the variable exists or not. Cannot be updated. More info: + https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' + items: + type: string + type: array + env: + description: List of environment variables to set in the + container. Cannot be updated. + items: + description: EnvVar represents an environment variable + present in a Container. + properties: + name: + description: Name of the environment variable. Must + be a C_IDENTIFIER. + type: string + value: + description: 'Variable references $(VAR_NAME) are + expanded using the previously defined environment + variables in the container and any service environment + variables. If a variable cannot be resolved, the + reference in the input string will be unchanged. + Double $$ are reduced to a single $, which allows + for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" + will produce the string literal "$(VAR_NAME)". Escaped + references will never be expanded, regardless of + whether the variable exists or not. Defaults to + "".' + type: string + valueFrom: + description: Source for the environment variable's + value. Cannot be used if value is not empty. + properties: + configMapKeyRef: + description: Selects a key of a ConfigMap. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the ConfigMap + or its key must be defined + type: boolean + required: + - key + type: object + fieldRef: + description: 'Selects a field of the pod: supports + metadata.name, metadata.namespace, `metadata.labels['''']`, + `metadata.annotations['''']`, spec.nodeName, + spec.serviceAccountName, status.hostIP, status.podIP, + status.podIPs.' + properties: + apiVersion: + description: Version of the schema the FieldPath + is written in terms of, defaults to "v1". + type: string + fieldPath: + description: Path of the field to select in + the specified API version. + type: string + required: + - fieldPath + type: object + resourceFieldRef: + description: 'Selects a resource of the container: + only resources limits and requests (limits.cpu, + limits.memory, limits.ephemeral-storage, requests.cpu, + requests.memory and requests.ephemeral-storage) + are currently supported.' + properties: + containerName: + description: 'Container name: required for + volumes, optional for env vars' + type: string + divisor: + anyOf: + - type: integer + - type: string + description: Specifies the output format of + the exposed resources, defaults to "1" + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + description: 'Required: resource to select' + type: string + required: + - resource + type: object + secretKeyRef: + description: Selects a key of a secret in the + pod's namespace + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret or + its key must be defined + type: boolean + required: + - key + type: object + type: object + required: + - name + type: object + type: array + envFrom: + description: List of sources to populate environment variables + in the container. The keys defined within a source must + be a C_IDENTIFIER. All invalid keys will be reported as + an event when the container is starting. When a key exists + in multiple sources, the value associated with the last + source will take precedence. Values defined by an Env + with a duplicate key will take precedence. Cannot be updated. + items: + description: EnvFromSource represents the source of a + set of ConfigMaps + properties: + configMapRef: + description: The ConfigMap to select from + properties: + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether the ConfigMap must + be defined + type: boolean + type: object + prefix: + description: An optional identifier to prepend to + each key in the ConfigMap. Must be a C_IDENTIFIER. + type: string + secretRef: + description: The Secret to select from + properties: + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether the Secret must be + defined + type: boolean + type: object + type: object + type: array + image: + description: 'Container image name. More info: https://kubernetes.io/docs/concepts/containers/images + This field is optional to allow higher level config management + to default or override container images in workload controllers + like Deployments and StatefulSets.' + type: string + imagePullPolicy: + description: 'Image pull policy. One of Always, Never, IfNotPresent. + Defaults to Always if :latest tag is specified, or IfNotPresent + otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' + type: string + lifecycle: + description: Actions that the management system should take + in response to container lifecycle events. Cannot be updated. + properties: + postStart: + description: 'PostStart is called immediately after + a container is created. If the handler fails, the + container is terminated and restarted according to + its restart policy. Other management of the container + blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' + properties: + exec: + description: Exec specifies the action to take. + properties: + command: + description: Command is the command line to + execute inside the container, the working + directory for the command is root ('/') in + the container's filesystem. The command is + simply exec'd, it is not run inside a shell, + so traditional shell instructions ('|', etc) + won't work. To use a shell, you need to explicitly + call out to that shell. Exit status of 0 is + treated as live/healthy and non-zero is unhealthy. + items: + type: string + type: array + type: object + httpGet: + description: HTTPGet specifies the http request + to perform. + properties: + host: + description: Host name to connect to, defaults + to the pod IP. You probably want to set "Host" + in httpHeaders instead. + type: string + httpHeaders: + description: Custom headers to set in the request. + HTTP allows repeated headers. + items: + description: HTTPHeader describes a custom + header to be used in HTTP probes + properties: + name: + description: The header field name. This + will be canonicalized upon output, so + case-variant names will be understood + as the same header. + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: integer + - type: string + description: Name or number of the port to access + on the container. Number must be in the range + 1 to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: Scheme to use for connecting to + the host. Defaults to HTTP. + type: string + required: + - port + type: object + tcpSocket: + description: Deprecated. TCPSocket is NOT supported + as a LifecycleHandler and kept for the backward + compatibility. There are no validation of this + field and lifecycle hooks will fail in runtime + when tcp handler is specified. + properties: + host: + description: 'Optional: Host name to connect + to, defaults to the pod IP.' + type: string + port: + anyOf: + - type: integer + - type: string + description: Number or name of the port to access + on the container. Number must be in the range + 1 to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + type: object + preStop: + description: 'PreStop is called immediately before a + container is terminated due to an API request or management + event such as liveness/startup probe failure, preemption, + resource contention, etc. The handler is not called + if the container crashes or exits. The Pod''s termination + grace period countdown begins before the PreStop hook + is executed. Regardless of the outcome of the handler, + the container will eventually terminate within the + Pod''s termination grace period (unless delayed by + finalizers). Other management of the container blocks + until the hook completes or until the termination + grace period is reached. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' + properties: + exec: + description: Exec specifies the action to take. + properties: + command: + description: Command is the command line to + execute inside the container, the working + directory for the command is root ('/') in + the container's filesystem. The command is + simply exec'd, it is not run inside a shell, + so traditional shell instructions ('|', etc) + won't work. To use a shell, you need to explicitly + call out to that shell. Exit status of 0 is + treated as live/healthy and non-zero is unhealthy. + items: + type: string + type: array + type: object + httpGet: + description: HTTPGet specifies the http request + to perform. + properties: + host: + description: Host name to connect to, defaults + to the pod IP. You probably want to set "Host" + in httpHeaders instead. + type: string + httpHeaders: + description: Custom headers to set in the request. + HTTP allows repeated headers. + items: + description: HTTPHeader describes a custom + header to be used in HTTP probes + properties: + name: + description: The header field name. This + will be canonicalized upon output, so + case-variant names will be understood + as the same header. + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: integer + - type: string + description: Name or number of the port to access + on the container. Number must be in the range + 1 to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: Scheme to use for connecting to + the host. Defaults to HTTP. + type: string + required: + - port + type: object + tcpSocket: + description: Deprecated. TCPSocket is NOT supported + as a LifecycleHandler and kept for the backward + compatibility. There are no validation of this + field and lifecycle hooks will fail in runtime + when tcp handler is specified. + properties: + host: + description: 'Optional: Host name to connect + to, defaults to the pod IP.' + type: string + port: + anyOf: + - type: integer + - type: string + description: Number or name of the port to access + on the container. Number must be in the range + 1 to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + type: object + type: object + livenessProbe: + description: 'Periodic probe of container liveness. Container + will be restarted if the probe fails. Cannot be updated. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + properties: + exec: + description: Exec specifies the action to take. + properties: + command: + description: Command is the command line to execute + inside the container, the working directory for + the command is root ('/') in the container's + filesystem. The command is simply exec'd, it is + not run inside a shell, so traditional shell instructions + ('|', etc) won't work. To use a shell, you need + to explicitly call out to that shell. Exit status + of 0 is treated as live/healthy and non-zero is + unhealthy. + items: + type: string + type: array + type: object + failureThreshold: + description: Minimum consecutive failures for the probe + to be considered failed after having succeeded. Defaults + to 3. Minimum value is 1. + format: int32 + type: integer + grpc: + description: GRPC specifies an action involving a GRPC + port. + properties: + port: + description: Port number of the gRPC service. Number + must be in the range 1 to 65535. + format: int32 + type: integer + service: + description: "Service is the name of the service + to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + \n If this is not specified, the default behavior + is defined by gRPC." + type: string + required: + - port + type: object + httpGet: + description: HTTPGet specifies the http request to perform. + properties: + host: + description: Host name to connect to, defaults to + the pod IP. You probably want to set "Host" in + httpHeaders instead. + type: string + httpHeaders: + description: Custom headers to set in the request. + HTTP allows repeated headers. + items: + description: HTTPHeader describes a custom header + to be used in HTTP probes + properties: + name: + description: The header field name. This will + be canonicalized upon output, so case-variant + names will be understood as the same header. + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: integer + - type: string + description: Name or number of the port to access + on the container. Number must be in the range + 1 to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: Scheme to use for connecting to the + host. Defaults to HTTP. + type: string + required: + - port + type: object + initialDelaySeconds: + description: 'Number of seconds after the container + has started before liveness probes are initiated. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + periodSeconds: + description: How often (in seconds) to perform the probe. + Default to 10 seconds. Minimum value is 1. + format: int32 + type: integer + successThreshold: + description: Minimum consecutive successes for the probe + to be considered successful after having failed. Defaults + to 1. Must be 1 for liveness and startup. Minimum + value is 1. + format: int32 + type: integer + tcpSocket: + description: TCPSocket specifies an action involving + a TCP port. + properties: + host: + description: 'Optional: Host name to connect to, + defaults to the pod IP.' + type: string + port: + anyOf: + - type: integer + - type: string + description: Number or name of the port to access + on the container. Number must be in the range + 1 to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + terminationGracePeriodSeconds: + description: Optional duration in seconds the pod needs + to terminate gracefully upon probe failure. The grace + period is the duration in seconds after the processes + running in the pod are sent a termination signal and + the time when the processes are forcibly halted with + a kill signal. Set this value longer than the expected + cleanup time for your process. If this value is nil, + the pod's terminationGracePeriodSeconds will be used. + Otherwise, this value overrides the value provided + by the pod spec. Value must be non-negative integer. + The value zero indicates stop immediately via the + kill signal (no opportunity to shut down). This is + a beta field and requires enabling ProbeTerminationGracePeriod + feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds + is used if unset. + format: int64 + type: integer + timeoutSeconds: + description: 'Number of seconds after which the probe + times out. Defaults to 1 second. Minimum value is + 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + type: object + name: + description: Name of the container specified as a DNS_LABEL. + Each container in a pod must have a unique name (DNS_LABEL). + Cannot be updated. + type: string + ports: + description: List of ports to expose from the container. + Not specifying a port here DOES NOT prevent that port + from being exposed. Any port which is listening on the + default "0.0.0.0" address inside a container will be accessible + from the network. Modifying this array with strategic + merge patch may corrupt the data. For more information + See https://github.com/kubernetes/kubernetes/issues/108255. + Cannot be updated. + items: + description: ContainerPort represents a network port in + a single container. + properties: + containerPort: + description: Number of port to expose on the pod's + IP address. This must be a valid port number, 0 + < x < 65536. + format: int32 + type: integer + hostIP: + description: What host IP to bind the external port + to. + type: string + hostPort: + description: Number of port to expose on the host. + If specified, this must be a valid port number, + 0 < x < 65536. If HostNetwork is specified, this + must match ContainerPort. Most containers do not + need this. + format: int32 + type: integer + name: + description: If specified, this must be an IANA_SVC_NAME + and unique within the pod. Each named port in a + pod must have a unique name. Name for the port that + can be referred to by services. + type: string + protocol: + default: TCP + description: Protocol for port. Must be UDP, TCP, + or SCTP. Defaults to "TCP". + type: string + required: + - containerPort + type: object + type: array + x-kubernetes-list-map-keys: + - containerPort + - protocol + x-kubernetes-list-type: map + readinessProbe: + description: 'Periodic probe of container service readiness. + Container will be removed from service endpoints if the + probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + properties: + exec: + description: Exec specifies the action to take. + properties: + command: + description: Command is the command line to execute + inside the container, the working directory for + the command is root ('/') in the container's + filesystem. The command is simply exec'd, it is + not run inside a shell, so traditional shell instructions + ('|', etc) won't work. To use a shell, you need + to explicitly call out to that shell. Exit status + of 0 is treated as live/healthy and non-zero is + unhealthy. + items: + type: string + type: array + type: object + failureThreshold: + description: Minimum consecutive failures for the probe + to be considered failed after having succeeded. Defaults + to 3. Minimum value is 1. + format: int32 + type: integer + grpc: + description: GRPC specifies an action involving a GRPC + port. + properties: + port: + description: Port number of the gRPC service. Number + must be in the range 1 to 65535. + format: int32 + type: integer + service: + description: "Service is the name of the service + to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + \n If this is not specified, the default behavior + is defined by gRPC." + type: string + required: + - port + type: object + httpGet: + description: HTTPGet specifies the http request to perform. + properties: + host: + description: Host name to connect to, defaults to + the pod IP. You probably want to set "Host" in + httpHeaders instead. + type: string + httpHeaders: + description: Custom headers to set in the request. + HTTP allows repeated headers. + items: + description: HTTPHeader describes a custom header + to be used in HTTP probes + properties: + name: + description: The header field name. This will + be canonicalized upon output, so case-variant + names will be understood as the same header. + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: integer + - type: string + description: Name or number of the port to access + on the container. Number must be in the range + 1 to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: Scheme to use for connecting to the + host. Defaults to HTTP. + type: string + required: + - port + type: object + initialDelaySeconds: + description: 'Number of seconds after the container + has started before liveness probes are initiated. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + periodSeconds: + description: How often (in seconds) to perform the probe. + Default to 10 seconds. Minimum value is 1. + format: int32 + type: integer + successThreshold: + description: Minimum consecutive successes for the probe + to be considered successful after having failed. Defaults + to 1. Must be 1 for liveness and startup. Minimum + value is 1. + format: int32 + type: integer + tcpSocket: + description: TCPSocket specifies an action involving + a TCP port. + properties: + host: + description: 'Optional: Host name to connect to, + defaults to the pod IP.' + type: string + port: + anyOf: + - type: integer + - type: string + description: Number or name of the port to access + on the container. Number must be in the range + 1 to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + terminationGracePeriodSeconds: + description: Optional duration in seconds the pod needs + to terminate gracefully upon probe failure. The grace + period is the duration in seconds after the processes + running in the pod are sent a termination signal and + the time when the processes are forcibly halted with + a kill signal. Set this value longer than the expected + cleanup time for your process. If this value is nil, + the pod's terminationGracePeriodSeconds will be used. + Otherwise, this value overrides the value provided + by the pod spec. Value must be non-negative integer. + The value zero indicates stop immediately via the + kill signal (no opportunity to shut down). This is + a beta field and requires enabling ProbeTerminationGracePeriod + feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds + is used if unset. + format: int64 + type: integer + timeoutSeconds: + description: 'Number of seconds after which the probe + times out. Defaults to 1 second. Minimum value is + 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + type: object + resizePolicy: + description: Resources resize policy for the container. + items: + description: ContainerResizePolicy represents resource + resize policy for the container. + properties: + resourceName: + description: 'Name of the resource to which this resource + resize policy applies. Supported values: cpu, memory.' + type: string + restartPolicy: + description: Restart policy to apply when specified + resource is resized. If not specified, it defaults + to NotRequired. + type: string + required: + - resourceName + - restartPolicy + type: object + type: array + x-kubernetes-list-type: atomic + resources: + description: 'Compute Resources required by this container. + Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + properties: + claims: + description: "Claims lists the names of resources, defined + in spec.resourceClaims, that are used by this container. + \n This is an alpha field and requires enabling the + DynamicResourceAllocation feature gate. \n This field + is immutable. It can only be set for containers." + items: + description: ResourceClaim references one entry in + PodSpec.ResourceClaims. + properties: + name: + description: Name must match the name of one entry + in pod.spec.resourceClaims of the Pod where + this field is used. It makes that resource available + inside a container. + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum amount of + compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum amount + of compute resources required. If Requests is omitted + for a container, it defaults to Limits if that is + explicitly specified, otherwise to an implementation-defined + value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + type: object + restartPolicy: + description: 'RestartPolicy defines the restart behavior + of individual containers in a pod. This field may only + be set for init containers, and the only allowed value + is "Always". For non-init containers or when this field + is not specified, the restart behavior is defined by the + Pod''s restart policy and the container type. Setting + the RestartPolicy as "Always" for the init container will + have the following effect: this init container will be + continually restarted on exit until all regular containers + have terminated. Once all regular containers have completed, + all init containers with restartPolicy "Always" will be + shut down. This lifecycle differs from normal init containers + and is often referred to as a "sidecar" container. Although + this init container still starts in the init container + sequence, it does not wait for the container to complete + before proceeding to the next init container. Instead, + the next init container starts immediately after this + init container is started, or after any startupProbe has + successfully completed.' + type: string + securityContext: + description: 'SecurityContext defines the security options + the container should be run with. If set, the fields of + SecurityContext override the equivalent fields of PodSecurityContext. + More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/' + properties: + allowPrivilegeEscalation: + description: 'AllowPrivilegeEscalation controls whether + a process can gain more privileges than its parent + process. This bool directly controls if the no_new_privs + flag will be set on the container process. AllowPrivilegeEscalation + is true always when the container is: 1) run as Privileged + 2) has CAP_SYS_ADMIN Note that this field cannot be + set when spec.os.name is windows.' + type: boolean + capabilities: + description: The capabilities to add/drop when running + containers. Defaults to the default set of capabilities + granted by the container runtime. Note that this field + cannot be set when spec.os.name is windows. + properties: + add: + description: Added capabilities + items: + description: Capability represent POSIX capabilities + type + type: string + type: array + drop: + description: Removed capabilities + items: + description: Capability represent POSIX capabilities + type + type: string + type: array + type: object + privileged: + description: Run container in privileged mode. Processes + in privileged containers are essentially equivalent + to root on the host. Defaults to false. Note that + this field cannot be set when spec.os.name is windows. + type: boolean + procMount: + description: procMount denotes the type of proc mount + to use for the containers. The default is DefaultProcMount + which uses the container runtime defaults for readonly + paths and masked paths. This requires the ProcMountType + feature flag to be enabled. Note that this field cannot + be set when spec.os.name is windows. + type: string + readOnlyRootFilesystem: + description: Whether this container has a read-only + root filesystem. Default is false. Note that this + field cannot be set when spec.os.name is windows. + type: boolean + runAsGroup: + description: The GID to run the entrypoint of the container + process. Uses runtime default if unset. May also be + set in PodSecurityContext. If set in both SecurityContext + and PodSecurityContext, the value specified in SecurityContext + takes precedence. Note that this field cannot be set + when spec.os.name is windows. + format: int64 + type: integer + runAsNonRoot: + description: Indicates that the container must run as + a non-root user. If true, the Kubelet will validate + the image at runtime to ensure that it does not run + as UID 0 (root) and fail to start the container if + it does. If unset or false, no such validation will + be performed. May also be set in PodSecurityContext. If + set in both SecurityContext and PodSecurityContext, + the value specified in SecurityContext takes precedence. + type: boolean + runAsUser: + description: The UID to run the entrypoint of the container + process. Defaults to user specified in image metadata + if unspecified. May also be set in PodSecurityContext. If + set in both SecurityContext and PodSecurityContext, + the value specified in SecurityContext takes precedence. + Note that this field cannot be set when spec.os.name + is windows. + format: int64 + type: integer + seLinuxOptions: + description: The SELinux context to be applied to the + container. If unspecified, the container runtime will + allocate a random SELinux context for each container. May + also be set in PodSecurityContext. If set in both + SecurityContext and PodSecurityContext, the value + specified in SecurityContext takes precedence. Note + that this field cannot be set when spec.os.name is + windows. + properties: + level: + description: Level is SELinux level label that applies + to the container. + type: string + role: + description: Role is a SELinux role label that applies + to the container. + type: string + type: + description: Type is a SELinux type label that applies + to the container. + type: string + user: + description: User is a SELinux user label that applies + to the container. + type: string + type: object + seccompProfile: + description: The seccomp options to use by this container. + If seccomp options are provided at both the pod & + container level, the container options override the + pod options. Note that this field cannot be set when + spec.os.name is windows. + properties: + localhostProfile: + description: localhostProfile indicates a profile + defined in a file on the node should be used. + The profile must be preconfigured on the node + to work. Must be a descending path, relative to + the kubelet's configured seccomp profile location. + Must be set if type is "Localhost". Must NOT be + set for any other type. + type: string + type: + description: "type indicates which kind of seccomp + profile will be applied. Valid options are: \n + Localhost - a profile defined in a file on the + node should be used. RuntimeDefault - the container + runtime default profile should be used. Unconfined + - no profile should be applied." + type: string + required: + - type + type: object + windowsOptions: + description: The Windows specific settings applied to + all containers. If unspecified, the options from the + PodSecurityContext will be used. If set in both SecurityContext + and PodSecurityContext, the value specified in SecurityContext + takes precedence. Note that this field cannot be set + when spec.os.name is linux. + properties: + gmsaCredentialSpec: + description: GMSACredentialSpec is where the GMSA + admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) + inlines the contents of the GMSA credential spec + named by the GMSACredentialSpecName field. + type: string + gmsaCredentialSpecName: + description: GMSACredentialSpecName is the name + of the GMSA credential spec to use. + type: string + hostProcess: + description: HostProcess determines if a container + should be run as a 'Host Process' container. All + of a Pod's containers must have the same effective + HostProcess value (it is not allowed to have a + mix of HostProcess containers and non-HostProcess + containers). In addition, if HostProcess is true + then HostNetwork must also be set to true. + type: boolean + runAsUserName: + description: The UserName in Windows to run the + entrypoint of the container process. Defaults + to the user specified in image metadata if unspecified. + May also be set in PodSecurityContext. If set + in both SecurityContext and PodSecurityContext, + the value specified in SecurityContext takes precedence. + type: string + type: object + type: object + startupProbe: + description: 'StartupProbe indicates that the Pod has successfully + initialized. If specified, no other probes are executed + until this completes successfully. If this probe fails, + the Pod will be restarted, just as if the livenessProbe + failed. This can be used to provide different probe parameters + at the beginning of a Pod''s lifecycle, when it might + take a long time to load data or warm a cache, than during + steady-state operation. This cannot be updated. More info: + https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + properties: + exec: + description: Exec specifies the action to take. + properties: + command: + description: Command is the command line to execute + inside the container, the working directory for + the command is root ('/') in the container's + filesystem. The command is simply exec'd, it is + not run inside a shell, so traditional shell instructions + ('|', etc) won't work. To use a shell, you need + to explicitly call out to that shell. Exit status + of 0 is treated as live/healthy and non-zero is + unhealthy. + items: + type: string + type: array + type: object + failureThreshold: + description: Minimum consecutive failures for the probe + to be considered failed after having succeeded. Defaults + to 3. Minimum value is 1. + format: int32 + type: integer + grpc: + description: GRPC specifies an action involving a GRPC + port. + properties: + port: + description: Port number of the gRPC service. Number + must be in the range 1 to 65535. + format: int32 + type: integer + service: + description: "Service is the name of the service + to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + \n If this is not specified, the default behavior + is defined by gRPC." + type: string + required: + - port + type: object + httpGet: + description: HTTPGet specifies the http request to perform. + properties: + host: + description: Host name to connect to, defaults to + the pod IP. You probably want to set "Host" in + httpHeaders instead. + type: string + httpHeaders: + description: Custom headers to set in the request. + HTTP allows repeated headers. + items: + description: HTTPHeader describes a custom header + to be used in HTTP probes + properties: + name: + description: The header field name. This will + be canonicalized upon output, so case-variant + names will be understood as the same header. + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: integer + - type: string + description: Name or number of the port to access + on the container. Number must be in the range + 1 to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: Scheme to use for connecting to the + host. Defaults to HTTP. + type: string + required: + - port + type: object + initialDelaySeconds: + description: 'Number of seconds after the container + has started before liveness probes are initiated. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + periodSeconds: + description: How often (in seconds) to perform the probe. + Default to 10 seconds. Minimum value is 1. + format: int32 + type: integer + successThreshold: + description: Minimum consecutive successes for the probe + to be considered successful after having failed. Defaults + to 1. Must be 1 for liveness and startup. Minimum + value is 1. + format: int32 + type: integer + tcpSocket: + description: TCPSocket specifies an action involving + a TCP port. + properties: + host: + description: 'Optional: Host name to connect to, + defaults to the pod IP.' + type: string + port: + anyOf: + - type: integer + - type: string + description: Number or name of the port to access + on the container. Number must be in the range + 1 to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + terminationGracePeriodSeconds: + description: Optional duration in seconds the pod needs + to terminate gracefully upon probe failure. The grace + period is the duration in seconds after the processes + running in the pod are sent a termination signal and + the time when the processes are forcibly halted with + a kill signal. Set this value longer than the expected + cleanup time for your process. If this value is nil, + the pod's terminationGracePeriodSeconds will be used. + Otherwise, this value overrides the value provided + by the pod spec. Value must be non-negative integer. + The value zero indicates stop immediately via the + kill signal (no opportunity to shut down). This is + a beta field and requires enabling ProbeTerminationGracePeriod + feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds + is used if unset. + format: int64 + type: integer + timeoutSeconds: + description: 'Number of seconds after which the probe + times out. Defaults to 1 second. Minimum value is + 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + type: object + stdin: + description: Whether this container should allocate a buffer + for stdin in the container runtime. If this is not set, + reads from stdin in the container will always result in + EOF. Default is false. + type: boolean + stdinOnce: + description: Whether the container runtime should close + the stdin channel after it has been opened by a single + attach. When stdin is true the stdin stream will remain + open across multiple attach sessions. If stdinOnce is + set to true, stdin is opened on container start, is empty + until the first client attaches to stdin, and then remains + open and accepts data until the client disconnects, at + which time stdin is closed and remains closed until the + container is restarted. If this flag is false, a container + processes that reads from stdin will never receive an + EOF. Default is false + type: boolean + terminationMessagePath: + description: 'Optional: Path at which the file to which + the container''s termination message will be written is + mounted into the container''s filesystem. Message written + is intended to be brief final status, such as an assertion + failure message. Will be truncated by the node if greater + than 4096 bytes. The total message length across all containers + will be limited to 12kb. Defaults to /dev/termination-log. + Cannot be updated.' + type: string + terminationMessagePolicy: + description: Indicate how the termination message should + be populated. File will use the contents of terminationMessagePath + to populate the container status message on both success + and failure. FallbackToLogsOnError will use the last chunk + of container log output if the termination message file + is empty and the container exited with an error. The log + output is limited to 2048 bytes or 80 lines, whichever + is smaller. Defaults to File. Cannot be updated. + type: string + tty: + description: Whether this container should allocate a TTY + for itself, also requires 'stdin' to be true. Default + is false. + type: boolean + volumeDevices: + description: volumeDevices is the list of block devices + to be used by the container. + items: + description: volumeDevice describes a mapping of a raw + block device within a container. + properties: + devicePath: + description: devicePath is the path inside of the + container that the device will be mapped to. + type: string + name: + description: name must match the name of a persistentVolumeClaim + in the pod + type: string + required: + - devicePath + - name + type: object + type: array + volumeMounts: + description: Pod volumes to mount into the container's filesystem. + Cannot be updated. + items: + description: VolumeMount describes a mounting of a Volume + within a container. + properties: + mountPath: + description: Path within the container at which the + volume should be mounted. Must not contain ':'. + type: string + mountPropagation: + description: mountPropagation determines how mounts + are propagated from the host to container and the + other way around. When not set, MountPropagationNone + is used. This field is beta in 1.10. + type: string + name: + description: This must match the Name of a Volume. + type: string + readOnly: + description: Mounted read-only if true, read-write + otherwise (false or unspecified). Defaults to false. + type: boolean + subPath: + description: Path within the volume from which the + container's volume should be mounted. Defaults to + "" (volume's root). + type: string + subPathExpr: + description: Expanded path within the volume from + which the container's volume should be mounted. + Behaves similarly to SubPath but environment variable + references $(VAR_NAME) are expanded using the container's + environment. Defaults to "" (volume's root). SubPathExpr + and SubPath are mutually exclusive. + type: string + required: + - mountPath + - name + type: object + type: array + workingDir: + description: Container's working directory. If not specified, + the container runtime's default will be used, which might + be configured in the container image. Cannot be updated. + type: string + required: + - name + type: object + type: array + logFormat: + description: LogFormat describes the log format that should be + used by the Repo Server. Defaults to ArgoCDDefaultLogFormat + if not configured. Valid options are text or json. + type: string + logLevel: + description: LogLevel describes the log level that should be used + by the Repo Server. Defaults to ArgoCDDefaultLogLevel if not + set. Valid options are debug, info, error, and warn. + type: string + mountsatoken: + description: MountSAToken describes whether you would like to + have the Repo server mount the service account token + type: boolean + replicas: + description: Replicas defines the number of replicas for argocd-repo-server. + Value should be greater than or equal to 0. Default is nil. + format: int32 + type: integer + resources: + description: Resources defines the Compute Resources required + by the container for Redis. + properties: + claims: + description: "Claims lists the names of resources, defined + in spec.resourceClaims, that are used by this container. + \n This is an alpha field and requires enabling the DynamicResourceAllocation + feature gate. \n This field is immutable. It can only be + set for containers." + items: + description: ResourceClaim references one entry in PodSpec.ResourceClaims. + properties: + name: + description: Name must match the name of one entry in + pod.spec.resourceClaims of the Pod where this field + is used. It makes that resource available inside a + container. + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum amount of compute + resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum amount of compute + resources required. If Requests is omitted for a container, + it defaults to Limits if that is explicitly specified, otherwise + to an implementation-defined value. Requests cannot exceed + Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + type: object + serviceaccount: + description: ServiceAccount defines the ServiceAccount user that + you would like the Repo server to use + type: string + sidecarContainers: + description: SidecarContainers defines the list of sidecar containers + for the repo server deployment + items: + description: A single application container that you want to + run within a pod. + properties: + args: + description: 'Arguments to the entrypoint. The container + image''s CMD is used if this is not provided. Variable + references $(VAR_NAME) are expanded using the container''s + environment. If a variable cannot be resolved, the reference + in the input string will be unchanged. Double $$ are reduced + to a single $, which allows for escaping the $(VAR_NAME) + syntax: i.e. "$$(VAR_NAME)" will produce the string literal + "$(VAR_NAME)". Escaped references will never be expanded, + regardless of whether the variable exists or not. Cannot + be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' + items: + type: string + type: array + command: + description: 'Entrypoint array. Not executed within a shell. + The container image''s ENTRYPOINT is used if this is not + provided. Variable references $(VAR_NAME) are expanded + using the container''s environment. If a variable cannot + be resolved, the reference in the input string will be + unchanged. Double $$ are reduced to a single $, which + allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" + will produce the string literal "$(VAR_NAME)". Escaped + references will never be expanded, regardless of whether + the variable exists or not. Cannot be updated. More info: + https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' + items: + type: string + type: array + env: + description: List of environment variables to set in the + container. Cannot be updated. + items: + description: EnvVar represents an environment variable + present in a Container. + properties: + name: + description: Name of the environment variable. Must + be a C_IDENTIFIER. + type: string + value: + description: 'Variable references $(VAR_NAME) are + expanded using the previously defined environment + variables in the container and any service environment + variables. If a variable cannot be resolved, the + reference in the input string will be unchanged. + Double $$ are reduced to a single $, which allows + for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" + will produce the string literal "$(VAR_NAME)". Escaped + references will never be expanded, regardless of + whether the variable exists or not. Defaults to + "".' + type: string + valueFrom: + description: Source for the environment variable's + value. Cannot be used if value is not empty. + properties: + configMapKeyRef: + description: Selects a key of a ConfigMap. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the ConfigMap + or its key must be defined + type: boolean + required: + - key + type: object + fieldRef: + description: 'Selects a field of the pod: supports + metadata.name, metadata.namespace, `metadata.labels['''']`, + `metadata.annotations['''']`, spec.nodeName, + spec.serviceAccountName, status.hostIP, status.podIP, + status.podIPs.' + properties: + apiVersion: + description: Version of the schema the FieldPath + is written in terms of, defaults to "v1". + type: string + fieldPath: + description: Path of the field to select in + the specified API version. + type: string + required: + - fieldPath + type: object + resourceFieldRef: + description: 'Selects a resource of the container: + only resources limits and requests (limits.cpu, + limits.memory, limits.ephemeral-storage, requests.cpu, + requests.memory and requests.ephemeral-storage) + are currently supported.' + properties: + containerName: + description: 'Container name: required for + volumes, optional for env vars' + type: string + divisor: + anyOf: + - type: integer + - type: string + description: Specifies the output format of + the exposed resources, defaults to "1" + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + description: 'Required: resource to select' + type: string + required: + - resource + type: object + secretKeyRef: + description: Selects a key of a secret in the + pod's namespace + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret or + its key must be defined + type: boolean + required: + - key + type: object + type: object + required: + - name + type: object + type: array + envFrom: + description: List of sources to populate environment variables + in the container. The keys defined within a source must + be a C_IDENTIFIER. All invalid keys will be reported as + an event when the container is starting. When a key exists + in multiple sources, the value associated with the last + source will take precedence. Values defined by an Env + with a duplicate key will take precedence. Cannot be updated. + items: + description: EnvFromSource represents the source of a + set of ConfigMaps + properties: + configMapRef: + description: The ConfigMap to select from + properties: + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether the ConfigMap must + be defined + type: boolean + type: object + prefix: + description: An optional identifier to prepend to + each key in the ConfigMap. Must be a C_IDENTIFIER. + type: string + secretRef: + description: The Secret to select from + properties: + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether the Secret must be + defined + type: boolean + type: object + type: object + type: array + image: + description: 'Container image name. More info: https://kubernetes.io/docs/concepts/containers/images + This field is optional to allow higher level config management + to default or override container images in workload controllers + like Deployments and StatefulSets.' + type: string + imagePullPolicy: + description: 'Image pull policy. One of Always, Never, IfNotPresent. + Defaults to Always if :latest tag is specified, or IfNotPresent + otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' + type: string + lifecycle: + description: Actions that the management system should take + in response to container lifecycle events. Cannot be updated. + properties: + postStart: + description: 'PostStart is called immediately after + a container is created. If the handler fails, the + container is terminated and restarted according to + its restart policy. Other management of the container + blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' + properties: + exec: + description: Exec specifies the action to take. + properties: + command: + description: Command is the command line to + execute inside the container, the working + directory for the command is root ('/') in + the container's filesystem. The command is + simply exec'd, it is not run inside a shell, + so traditional shell instructions ('|', etc) + won't work. To use a shell, you need to explicitly + call out to that shell. Exit status of 0 is + treated as live/healthy and non-zero is unhealthy. + items: + type: string + type: array + type: object + httpGet: + description: HTTPGet specifies the http request + to perform. + properties: + host: + description: Host name to connect to, defaults + to the pod IP. You probably want to set "Host" + in httpHeaders instead. + type: string + httpHeaders: + description: Custom headers to set in the request. + HTTP allows repeated headers. + items: + description: HTTPHeader describes a custom + header to be used in HTTP probes + properties: + name: + description: The header field name. This + will be canonicalized upon output, so + case-variant names will be understood + as the same header. + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: integer + - type: string + description: Name or number of the port to access + on the container. Number must be in the range + 1 to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: Scheme to use for connecting to + the host. Defaults to HTTP. + type: string + required: + - port + type: object + tcpSocket: + description: Deprecated. TCPSocket is NOT supported + as a LifecycleHandler and kept for the backward + compatibility. There are no validation of this + field and lifecycle hooks will fail in runtime + when tcp handler is specified. + properties: + host: + description: 'Optional: Host name to connect + to, defaults to the pod IP.' + type: string + port: + anyOf: + - type: integer + - type: string + description: Number or name of the port to access + on the container. Number must be in the range + 1 to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + type: object + preStop: + description: 'PreStop is called immediately before a + container is terminated due to an API request or management + event such as liveness/startup probe failure, preemption, + resource contention, etc. The handler is not called + if the container crashes or exits. The Pod''s termination + grace period countdown begins before the PreStop hook + is executed. Regardless of the outcome of the handler, + the container will eventually terminate within the + Pod''s termination grace period (unless delayed by + finalizers). Other management of the container blocks + until the hook completes or until the termination + grace period is reached. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' + properties: + exec: + description: Exec specifies the action to take. + properties: + command: + description: Command is the command line to + execute inside the container, the working + directory for the command is root ('/') in + the container's filesystem. The command is + simply exec'd, it is not run inside a shell, + so traditional shell instructions ('|', etc) + won't work. To use a shell, you need to explicitly + call out to that shell. Exit status of 0 is + treated as live/healthy and non-zero is unhealthy. + items: + type: string + type: array + type: object + httpGet: + description: HTTPGet specifies the http request + to perform. + properties: + host: + description: Host name to connect to, defaults + to the pod IP. You probably want to set "Host" + in httpHeaders instead. + type: string + httpHeaders: + description: Custom headers to set in the request. + HTTP allows repeated headers. + items: + description: HTTPHeader describes a custom + header to be used in HTTP probes + properties: + name: + description: The header field name. This + will be canonicalized upon output, so + case-variant names will be understood + as the same header. + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: integer + - type: string + description: Name or number of the port to access + on the container. Number must be in the range + 1 to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: Scheme to use for connecting to + the host. Defaults to HTTP. + type: string + required: + - port + type: object + tcpSocket: + description: Deprecated. TCPSocket is NOT supported + as a LifecycleHandler and kept for the backward + compatibility. There are no validation of this + field and lifecycle hooks will fail in runtime + when tcp handler is specified. + properties: + host: + description: 'Optional: Host name to connect + to, defaults to the pod IP.' + type: string + port: + anyOf: + - type: integer + - type: string + description: Number or name of the port to access + on the container. Number must be in the range + 1 to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + type: object + type: object + livenessProbe: + description: 'Periodic probe of container liveness. Container + will be restarted if the probe fails. Cannot be updated. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + properties: + exec: + description: Exec specifies the action to take. + properties: + command: + description: Command is the command line to execute + inside the container, the working directory for + the command is root ('/') in the container's + filesystem. The command is simply exec'd, it is + not run inside a shell, so traditional shell instructions + ('|', etc) won't work. To use a shell, you need + to explicitly call out to that shell. Exit status + of 0 is treated as live/healthy and non-zero is + unhealthy. + items: + type: string + type: array + type: object + failureThreshold: + description: Minimum consecutive failures for the probe + to be considered failed after having succeeded. Defaults + to 3. Minimum value is 1. + format: int32 + type: integer + grpc: + description: GRPC specifies an action involving a GRPC + port. + properties: + port: + description: Port number of the gRPC service. Number + must be in the range 1 to 65535. + format: int32 + type: integer + service: + description: "Service is the name of the service + to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + \n If this is not specified, the default behavior + is defined by gRPC." + type: string + required: + - port + type: object + httpGet: + description: HTTPGet specifies the http request to perform. + properties: + host: + description: Host name to connect to, defaults to + the pod IP. You probably want to set "Host" in + httpHeaders instead. + type: string + httpHeaders: + description: Custom headers to set in the request. + HTTP allows repeated headers. + items: + description: HTTPHeader describes a custom header + to be used in HTTP probes + properties: + name: + description: The header field name. This will + be canonicalized upon output, so case-variant + names will be understood as the same header. + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: integer + - type: string + description: Name or number of the port to access + on the container. Number must be in the range + 1 to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: Scheme to use for connecting to the + host. Defaults to HTTP. + type: string + required: + - port + type: object + initialDelaySeconds: + description: 'Number of seconds after the container + has started before liveness probes are initiated. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + periodSeconds: + description: How often (in seconds) to perform the probe. + Default to 10 seconds. Minimum value is 1. + format: int32 + type: integer + successThreshold: + description: Minimum consecutive successes for the probe + to be considered successful after having failed. Defaults + to 1. Must be 1 for liveness and startup. Minimum + value is 1. + format: int32 + type: integer + tcpSocket: + description: TCPSocket specifies an action involving + a TCP port. + properties: + host: + description: 'Optional: Host name to connect to, + defaults to the pod IP.' + type: string + port: + anyOf: + - type: integer + - type: string + description: Number or name of the port to access + on the container. Number must be in the range + 1 to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + terminationGracePeriodSeconds: + description: Optional duration in seconds the pod needs + to terminate gracefully upon probe failure. The grace + period is the duration in seconds after the processes + running in the pod are sent a termination signal and + the time when the processes are forcibly halted with + a kill signal. Set this value longer than the expected + cleanup time for your process. If this value is nil, + the pod's terminationGracePeriodSeconds will be used. + Otherwise, this value overrides the value provided + by the pod spec. Value must be non-negative integer. + The value zero indicates stop immediately via the + kill signal (no opportunity to shut down). This is + a beta field and requires enabling ProbeTerminationGracePeriod + feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds + is used if unset. + format: int64 + type: integer + timeoutSeconds: + description: 'Number of seconds after which the probe + times out. Defaults to 1 second. Minimum value is + 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + type: object + name: + description: Name of the container specified as a DNS_LABEL. + Each container in a pod must have a unique name (DNS_LABEL). + Cannot be updated. + type: string + ports: + description: List of ports to expose from the container. + Not specifying a port here DOES NOT prevent that port + from being exposed. Any port which is listening on the + default "0.0.0.0" address inside a container will be accessible + from the network. Modifying this array with strategic + merge patch may corrupt the data. For more information + See https://github.com/kubernetes/kubernetes/issues/108255. + Cannot be updated. + items: + description: ContainerPort represents a network port in + a single container. + properties: + containerPort: + description: Number of port to expose on the pod's + IP address. This must be a valid port number, 0 + < x < 65536. + format: int32 + type: integer + hostIP: + description: What host IP to bind the external port + to. + type: string + hostPort: + description: Number of port to expose on the host. + If specified, this must be a valid port number, + 0 < x < 65536. If HostNetwork is specified, this + must match ContainerPort. Most containers do not + need this. + format: int32 + type: integer + name: + description: If specified, this must be an IANA_SVC_NAME + and unique within the pod. Each named port in a + pod must have a unique name. Name for the port that + can be referred to by services. + type: string + protocol: + default: TCP + description: Protocol for port. Must be UDP, TCP, + or SCTP. Defaults to "TCP". + type: string + required: + - containerPort + type: object + type: array + x-kubernetes-list-map-keys: + - containerPort + - protocol + x-kubernetes-list-type: map + readinessProbe: + description: 'Periodic probe of container service readiness. + Container will be removed from service endpoints if the + probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + properties: + exec: + description: Exec specifies the action to take. + properties: + command: + description: Command is the command line to execute + inside the container, the working directory for + the command is root ('/') in the container's + filesystem. The command is simply exec'd, it is + not run inside a shell, so traditional shell instructions + ('|', etc) won't work. To use a shell, you need + to explicitly call out to that shell. Exit status + of 0 is treated as live/healthy and non-zero is + unhealthy. + items: + type: string + type: array + type: object + failureThreshold: + description: Minimum consecutive failures for the probe + to be considered failed after having succeeded. Defaults + to 3. Minimum value is 1. + format: int32 + type: integer + grpc: + description: GRPC specifies an action involving a GRPC + port. + properties: + port: + description: Port number of the gRPC service. Number + must be in the range 1 to 65535. + format: int32 + type: integer + service: + description: "Service is the name of the service + to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + \n If this is not specified, the default behavior + is defined by gRPC." + type: string + required: + - port + type: object + httpGet: + description: HTTPGet specifies the http request to perform. + properties: + host: + description: Host name to connect to, defaults to + the pod IP. You probably want to set "Host" in + httpHeaders instead. + type: string + httpHeaders: + description: Custom headers to set in the request. + HTTP allows repeated headers. + items: + description: HTTPHeader describes a custom header + to be used in HTTP probes + properties: + name: + description: The header field name. This will + be canonicalized upon output, so case-variant + names will be understood as the same header. + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: integer + - type: string + description: Name or number of the port to access + on the container. Number must be in the range + 1 to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: Scheme to use for connecting to the + host. Defaults to HTTP. + type: string + required: + - port + type: object + initialDelaySeconds: + description: 'Number of seconds after the container + has started before liveness probes are initiated. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + periodSeconds: + description: How often (in seconds) to perform the probe. + Default to 10 seconds. Minimum value is 1. + format: int32 + type: integer + successThreshold: + description: Minimum consecutive successes for the probe + to be considered successful after having failed. Defaults + to 1. Must be 1 for liveness and startup. Minimum + value is 1. + format: int32 + type: integer + tcpSocket: + description: TCPSocket specifies an action involving + a TCP port. + properties: + host: + description: 'Optional: Host name to connect to, + defaults to the pod IP.' + type: string + port: + anyOf: + - type: integer + - type: string + description: Number or name of the port to access + on the container. Number must be in the range + 1 to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + terminationGracePeriodSeconds: + description: Optional duration in seconds the pod needs + to terminate gracefully upon probe failure. The grace + period is the duration in seconds after the processes + running in the pod are sent a termination signal and + the time when the processes are forcibly halted with + a kill signal. Set this value longer than the expected + cleanup time for your process. If this value is nil, + the pod's terminationGracePeriodSeconds will be used. + Otherwise, this value overrides the value provided + by the pod spec. Value must be non-negative integer. + The value zero indicates stop immediately via the + kill signal (no opportunity to shut down). This is + a beta field and requires enabling ProbeTerminationGracePeriod + feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds + is used if unset. + format: int64 + type: integer + timeoutSeconds: + description: 'Number of seconds after which the probe + times out. Defaults to 1 second. Minimum value is + 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + type: object + resizePolicy: + description: Resources resize policy for the container. + items: + description: ContainerResizePolicy represents resource + resize policy for the container. + properties: + resourceName: + description: 'Name of the resource to which this resource + resize policy applies. Supported values: cpu, memory.' + type: string + restartPolicy: + description: Restart policy to apply when specified + resource is resized. If not specified, it defaults + to NotRequired. + type: string + required: + - resourceName + - restartPolicy + type: object + type: array + x-kubernetes-list-type: atomic + resources: + description: 'Compute Resources required by this container. + Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + properties: + claims: + description: "Claims lists the names of resources, defined + in spec.resourceClaims, that are used by this container. + \n This is an alpha field and requires enabling the + DynamicResourceAllocation feature gate. \n This field + is immutable. It can only be set for containers." + items: + description: ResourceClaim references one entry in + PodSpec.ResourceClaims. + properties: + name: + description: Name must match the name of one entry + in pod.spec.resourceClaims of the Pod where + this field is used. It makes that resource available + inside a container. + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum amount of + compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum amount + of compute resources required. If Requests is omitted + for a container, it defaults to Limits if that is + explicitly specified, otherwise to an implementation-defined + value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + type: object + restartPolicy: + description: 'RestartPolicy defines the restart behavior + of individual containers in a pod. This field may only + be set for init containers, and the only allowed value + is "Always". For non-init containers or when this field + is not specified, the restart behavior is defined by the + Pod''s restart policy and the container type. Setting + the RestartPolicy as "Always" for the init container will + have the following effect: this init container will be + continually restarted on exit until all regular containers + have terminated. Once all regular containers have completed, + all init containers with restartPolicy "Always" will be + shut down. This lifecycle differs from normal init containers + and is often referred to as a "sidecar" container. Although + this init container still starts in the init container + sequence, it does not wait for the container to complete + before proceeding to the next init container. Instead, + the next init container starts immediately after this + init container is started, or after any startupProbe has + successfully completed.' + type: string + securityContext: + description: 'SecurityContext defines the security options + the container should be run with. If set, the fields of + SecurityContext override the equivalent fields of PodSecurityContext. + More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/' + properties: + allowPrivilegeEscalation: + description: 'AllowPrivilegeEscalation controls whether + a process can gain more privileges than its parent + process. This bool directly controls if the no_new_privs + flag will be set on the container process. AllowPrivilegeEscalation + is true always when the container is: 1) run as Privileged + 2) has CAP_SYS_ADMIN Note that this field cannot be + set when spec.os.name is windows.' + type: boolean + capabilities: + description: The capabilities to add/drop when running + containers. Defaults to the default set of capabilities + granted by the container runtime. Note that this field + cannot be set when spec.os.name is windows. + properties: + add: + description: Added capabilities + items: + description: Capability represent POSIX capabilities + type + type: string + type: array + drop: + description: Removed capabilities + items: + description: Capability represent POSIX capabilities + type + type: string + type: array + type: object + privileged: + description: Run container in privileged mode. Processes + in privileged containers are essentially equivalent + to root on the host. Defaults to false. Note that + this field cannot be set when spec.os.name is windows. + type: boolean + procMount: + description: procMount denotes the type of proc mount + to use for the containers. The default is DefaultProcMount + which uses the container runtime defaults for readonly + paths and masked paths. This requires the ProcMountType + feature flag to be enabled. Note that this field cannot + be set when spec.os.name is windows. + type: string + readOnlyRootFilesystem: + description: Whether this container has a read-only + root filesystem. Default is false. Note that this + field cannot be set when spec.os.name is windows. + type: boolean + runAsGroup: + description: The GID to run the entrypoint of the container + process. Uses runtime default if unset. May also be + set in PodSecurityContext. If set in both SecurityContext + and PodSecurityContext, the value specified in SecurityContext + takes precedence. Note that this field cannot be set + when spec.os.name is windows. + format: int64 + type: integer + runAsNonRoot: + description: Indicates that the container must run as + a non-root user. If true, the Kubelet will validate + the image at runtime to ensure that it does not run + as UID 0 (root) and fail to start the container if + it does. If unset or false, no such validation will + be performed. May also be set in PodSecurityContext. If + set in both SecurityContext and PodSecurityContext, + the value specified in SecurityContext takes precedence. + type: boolean + runAsUser: + description: The UID to run the entrypoint of the container + process. Defaults to user specified in image metadata + if unspecified. May also be set in PodSecurityContext. If + set in both SecurityContext and PodSecurityContext, + the value specified in SecurityContext takes precedence. + Note that this field cannot be set when spec.os.name + is windows. + format: int64 + type: integer + seLinuxOptions: + description: The SELinux context to be applied to the + container. If unspecified, the container runtime will + allocate a random SELinux context for each container. May + also be set in PodSecurityContext. If set in both + SecurityContext and PodSecurityContext, the value + specified in SecurityContext takes precedence. Note + that this field cannot be set when spec.os.name is + windows. + properties: + level: + description: Level is SELinux level label that applies + to the container. + type: string + role: + description: Role is a SELinux role label that applies + to the container. + type: string + type: + description: Type is a SELinux type label that applies + to the container. + type: string + user: + description: User is a SELinux user label that applies + to the container. + type: string + type: object + seccompProfile: + description: The seccomp options to use by this container. + If seccomp options are provided at both the pod & + container level, the container options override the + pod options. Note that this field cannot be set when + spec.os.name is windows. + properties: + localhostProfile: + description: localhostProfile indicates a profile + defined in a file on the node should be used. + The profile must be preconfigured on the node + to work. Must be a descending path, relative to + the kubelet's configured seccomp profile location. + Must be set if type is "Localhost". Must NOT be + set for any other type. + type: string + type: + description: "type indicates which kind of seccomp + profile will be applied. Valid options are: \n + Localhost - a profile defined in a file on the + node should be used. RuntimeDefault - the container + runtime default profile should be used. Unconfined + - no profile should be applied." + type: string + required: + - type + type: object + windowsOptions: + description: The Windows specific settings applied to + all containers. If unspecified, the options from the + PodSecurityContext will be used. If set in both SecurityContext + and PodSecurityContext, the value specified in SecurityContext + takes precedence. Note that this field cannot be set + when spec.os.name is linux. + properties: + gmsaCredentialSpec: + description: GMSACredentialSpec is where the GMSA + admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) + inlines the contents of the GMSA credential spec + named by the GMSACredentialSpecName field. + type: string + gmsaCredentialSpecName: + description: GMSACredentialSpecName is the name + of the GMSA credential spec to use. + type: string + hostProcess: + description: HostProcess determines if a container + should be run as a 'Host Process' container. All + of a Pod's containers must have the same effective + HostProcess value (it is not allowed to have a + mix of HostProcess containers and non-HostProcess + containers). In addition, if HostProcess is true + then HostNetwork must also be set to true. + type: boolean + runAsUserName: + description: The UserName in Windows to run the + entrypoint of the container process. Defaults + to the user specified in image metadata if unspecified. + May also be set in PodSecurityContext. If set + in both SecurityContext and PodSecurityContext, + the value specified in SecurityContext takes precedence. + type: string + type: object + type: object + startupProbe: + description: 'StartupProbe indicates that the Pod has successfully + initialized. If specified, no other probes are executed + until this completes successfully. If this probe fails, + the Pod will be restarted, just as if the livenessProbe + failed. This can be used to provide different probe parameters + at the beginning of a Pod''s lifecycle, when it might + take a long time to load data or warm a cache, than during + steady-state operation. This cannot be updated. More info: + https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + properties: + exec: + description: Exec specifies the action to take. + properties: + command: + description: Command is the command line to execute + inside the container, the working directory for + the command is root ('/') in the container's + filesystem. The command is simply exec'd, it is + not run inside a shell, so traditional shell instructions + ('|', etc) won't work. To use a shell, you need + to explicitly call out to that shell. Exit status + of 0 is treated as live/healthy and non-zero is + unhealthy. + items: + type: string + type: array + type: object + failureThreshold: + description: Minimum consecutive failures for the probe + to be considered failed after having succeeded. Defaults + to 3. Minimum value is 1. + format: int32 + type: integer + grpc: + description: GRPC specifies an action involving a GRPC + port. + properties: + port: + description: Port number of the gRPC service. Number + must be in the range 1 to 65535. + format: int32 + type: integer + service: + description: "Service is the name of the service + to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + \n If this is not specified, the default behavior + is defined by gRPC." + type: string + required: + - port + type: object + httpGet: + description: HTTPGet specifies the http request to perform. + properties: + host: + description: Host name to connect to, defaults to + the pod IP. You probably want to set "Host" in + httpHeaders instead. + type: string + httpHeaders: + description: Custom headers to set in the request. + HTTP allows repeated headers. + items: + description: HTTPHeader describes a custom header + to be used in HTTP probes + properties: + name: + description: The header field name. This will + be canonicalized upon output, so case-variant + names will be understood as the same header. + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: integer + - type: string + description: Name or number of the port to access + on the container. Number must be in the range + 1 to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: Scheme to use for connecting to the + host. Defaults to HTTP. + type: string + required: + - port + type: object + initialDelaySeconds: + description: 'Number of seconds after the container + has started before liveness probes are initiated. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + periodSeconds: + description: How often (in seconds) to perform the probe. + Default to 10 seconds. Minimum value is 1. + format: int32 + type: integer + successThreshold: + description: Minimum consecutive successes for the probe + to be considered successful after having failed. Defaults + to 1. Must be 1 for liveness and startup. Minimum + value is 1. + format: int32 + type: integer + tcpSocket: + description: TCPSocket specifies an action involving + a TCP port. + properties: + host: + description: 'Optional: Host name to connect to, + defaults to the pod IP.' + type: string + port: + anyOf: + - type: integer + - type: string + description: Number or name of the port to access + on the container. Number must be in the range + 1 to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + terminationGracePeriodSeconds: + description: Optional duration in seconds the pod needs + to terminate gracefully upon probe failure. The grace + period is the duration in seconds after the processes + running in the pod are sent a termination signal and + the time when the processes are forcibly halted with + a kill signal. Set this value longer than the expected + cleanup time for your process. If this value is nil, + the pod's terminationGracePeriodSeconds will be used. + Otherwise, this value overrides the value provided + by the pod spec. Value must be non-negative integer. + The value zero indicates stop immediately via the + kill signal (no opportunity to shut down). This is + a beta field and requires enabling ProbeTerminationGracePeriod + feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds + is used if unset. + format: int64 + type: integer + timeoutSeconds: + description: 'Number of seconds after which the probe + times out. Defaults to 1 second. Minimum value is + 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + type: object + stdin: + description: Whether this container should allocate a buffer + for stdin in the container runtime. If this is not set, + reads from stdin in the container will always result in + EOF. Default is false. + type: boolean + stdinOnce: + description: Whether the container runtime should close + the stdin channel after it has been opened by a single + attach. When stdin is true the stdin stream will remain + open across multiple attach sessions. If stdinOnce is + set to true, stdin is opened on container start, is empty + until the first client attaches to stdin, and then remains + open and accepts data until the client disconnects, at + which time stdin is closed and remains closed until the + container is restarted. If this flag is false, a container + processes that reads from stdin will never receive an + EOF. Default is false + type: boolean + terminationMessagePath: + description: 'Optional: Path at which the file to which + the container''s termination message will be written is + mounted into the container''s filesystem. Message written + is intended to be brief final status, such as an assertion + failure message. Will be truncated by the node if greater + than 4096 bytes. The total message length across all containers + will be limited to 12kb. Defaults to /dev/termination-log. + Cannot be updated.' + type: string + terminationMessagePolicy: + description: Indicate how the termination message should + be populated. File will use the contents of terminationMessagePath + to populate the container status message on both success + and failure. FallbackToLogsOnError will use the last chunk + of container log output if the termination message file + is empty and the container exited with an error. The log + output is limited to 2048 bytes or 80 lines, whichever + is smaller. Defaults to File. Cannot be updated. + type: string + tty: + description: Whether this container should allocate a TTY + for itself, also requires 'stdin' to be true. Default + is false. + type: boolean + volumeDevices: + description: volumeDevices is the list of block devices + to be used by the container. + items: + description: volumeDevice describes a mapping of a raw + block device within a container. + properties: + devicePath: + description: devicePath is the path inside of the + container that the device will be mapped to. + type: string + name: + description: name must match the name of a persistentVolumeClaim + in the pod + type: string + required: + - devicePath + - name + type: object + type: array + volumeMounts: + description: Pod volumes to mount into the container's filesystem. + Cannot be updated. + items: + description: VolumeMount describes a mounting of a Volume + within a container. + properties: + mountPath: + description: Path within the container at which the + volume should be mounted. Must not contain ':'. + type: string + mountPropagation: + description: mountPropagation determines how mounts + are propagated from the host to container and the + other way around. When not set, MountPropagationNone + is used. This field is beta in 1.10. + type: string + name: + description: This must match the Name of a Volume. + type: string + readOnly: + description: Mounted read-only if true, read-write + otherwise (false or unspecified). Defaults to false. + type: boolean + subPath: + description: Path within the volume from which the + container's volume should be mounted. Defaults to + "" (volume's root). + type: string + subPathExpr: + description: Expanded path within the volume from + which the container's volume should be mounted. + Behaves similarly to SubPath but environment variable + references $(VAR_NAME) are expanded using the container's + environment. Defaults to "" (volume's root). SubPathExpr + and SubPath are mutually exclusive. + type: string + required: + - mountPath + - name + type: object + type: array + workingDir: + description: Container's working directory. If not specified, + the container runtime's default will be used, which might + be configured in the container image. Cannot be updated. + type: string + required: + - name + type: object + type: array + verifytls: + description: VerifyTLS defines whether repo server API should + be accessed using strict TLS validation + type: boolean + version: + description: Version is the ArgoCD Repo Server container image + tag. + type: string + volumeMounts: + description: VolumeMounts adds volumeMounts to the repo server + container + items: + description: VolumeMount describes a mounting of a Volume within + a container. + properties: + mountPath: + description: Path within the container at which the volume + should be mounted. Must not contain ':'. + type: string + mountPropagation: + description: mountPropagation determines how mounts are + propagated from the host to container and the other way + around. When not set, MountPropagationNone is used. This + field is beta in 1.10. + type: string + name: + description: This must match the Name of a Volume. + type: string + readOnly: + description: Mounted read-only if true, read-write otherwise + (false or unspecified). Defaults to false. + type: boolean + subPath: + description: Path within the volume from which the container's + volume should be mounted. Defaults to "" (volume's root). + type: string + subPathExpr: + description: Expanded path within the volume from which + the container's volume should be mounted. Behaves similarly + to SubPath but environment variable references $(VAR_NAME) + are expanded using the container's environment. Defaults + to "" (volume's root). SubPathExpr and SubPath are mutually + exclusive. + type: string + required: + - mountPath + - name + type: object + type: array + volumes: + description: Volumes adds volumes to the repo server deployment + items: + description: Volume represents a named volume in a pod that + may be accessed by any container in the pod. + properties: + awsElasticBlockStore: + description: 'awsElasticBlockStore represents an AWS Disk + resource that is attached to a kubelet''s host machine + and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' + properties: + fsType: + description: 'fsType is the filesystem type of the volume + that you want to mount. Tip: Ensure that the filesystem + type is supported by the host operating system. Examples: + "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" + if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore + TODO: how do we prevent errors in the filesystem from + compromising the machine' + type: string + partition: + description: 'partition is the partition in the volume + that you want to mount. If omitted, the default is + to mount by volume name. Examples: For volume /dev/sda1, + you specify the partition as "1". Similarly, the volume + partition for /dev/sda is "0" (or you can leave the + property empty).' + format: int32 + type: integer + readOnly: + description: 'readOnly value true will force the readOnly + setting in VolumeMounts. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' + type: boolean + volumeID: + description: 'volumeID is unique ID of the persistent + disk resource in AWS (Amazon EBS volume). More info: + https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' + type: string + required: + - volumeID + type: object + azureDisk: + description: azureDisk represents an Azure Data Disk mount + on the host and bind mount to the pod. + properties: + cachingMode: + description: 'cachingMode is the Host Caching mode: + None, Read Only, Read Write.' + type: string + diskName: + description: diskName is the Name of the data disk in + the blob storage + type: string + diskURI: + description: diskURI is the URI of data disk in the + blob storage + type: string + fsType: + description: fsType is Filesystem type to mount. Must + be a filesystem type supported by the host operating + system. Ex. "ext4", "xfs", "ntfs". Implicitly inferred + to be "ext4" if unspecified. + type: string + kind: + description: 'kind expected values are Shared: multiple + blob disks per storage account Dedicated: single + blob disk per storage account Managed: azure managed + data disk (only in managed availability set). defaults + to shared' + type: string + readOnly: + description: readOnly Defaults to false (read/write). + ReadOnly here will force the ReadOnly setting in VolumeMounts. + type: boolean + required: + - diskName + - diskURI + type: object + azureFile: + description: azureFile represents an Azure File Service + mount on the host and bind mount to the pod. + properties: + readOnly: + description: readOnly defaults to false (read/write). + ReadOnly here will force the ReadOnly setting in VolumeMounts. + type: boolean + secretName: + description: secretName is the name of secret that + contains Azure Storage Account Name and Key + type: string + shareName: + description: shareName is the azure share Name + type: string + required: + - secretName + - shareName + type: object + cephfs: + description: cephFS represents a Ceph FS mount on the host + that shares a pod's lifetime + properties: + monitors: + description: 'monitors is Required: Monitors is a collection + of Ceph monitors More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' + items: + type: string + type: array + path: + description: 'path is Optional: Used as the mounted + root, rather than the full Ceph tree, default is /' + type: string + readOnly: + description: 'readOnly is Optional: Defaults to false + (read/write). ReadOnly here will force the ReadOnly + setting in VolumeMounts. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' + type: boolean + secretFile: + description: 'secretFile is Optional: SecretFile is + the path to key ring for User, default is /etc/ceph/user.secret + More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' + type: string + secretRef: + description: 'secretRef is Optional: SecretRef is reference + to the authentication secret for User, default is + empty. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + type: object + user: + description: 'user is optional: User is the rados user + name, default is admin More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' + type: string + required: + - monitors + type: object + cinder: + description: 'cinder represents a cinder volume attached + and mounted on kubelets host machine. More info: https://examples.k8s.io/mysql-cinder-pd/README.md' + properties: + fsType: + description: 'fsType is the filesystem type to mount. + Must be a filesystem type supported by the host operating + system. Examples: "ext4", "xfs", "ntfs". Implicitly + inferred to be "ext4" if unspecified. More info: https://examples.k8s.io/mysql-cinder-pd/README.md' + type: string + readOnly: + description: 'readOnly defaults to false (read/write). + ReadOnly here will force the ReadOnly setting in VolumeMounts. + More info: https://examples.k8s.io/mysql-cinder-pd/README.md' + type: boolean + secretRef: + description: 'secretRef is optional: points to a secret + object containing parameters used to connect to OpenStack.' + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + type: object + volumeID: + description: 'volumeID used to identify the volume in + cinder. More info: https://examples.k8s.io/mysql-cinder-pd/README.md' + type: string + required: + - volumeID + type: object + configMap: + description: configMap represents a configMap that should + populate this volume + properties: + defaultMode: + description: 'defaultMode is optional: mode bits used + to set permissions on created files by default. Must + be an octal value between 0000 and 0777 or a decimal + value between 0 and 511. YAML accepts both octal and + decimal values, JSON requires decimal values for mode + bits. Defaults to 0644. Directories within the path + are not affected by this setting. This might be in + conflict with other options that affect the file mode, + like fsGroup, and the result can be other mode bits + set.' + format: int32 + type: integer + items: + description: items if unspecified, each key-value pair + in the Data field of the referenced ConfigMap will + be projected into the volume as a file whose name + is the key and content is the value. If specified, + the listed keys will be projected into the specified + paths, and unlisted keys will not be present. If a + key is specified which is not present in the ConfigMap, + the volume setup will error unless it is marked optional. + Paths must be relative and may not contain the '..' + path or start with '..'. + items: + description: Maps a string key to a path within a + volume. + properties: + key: + description: key is the key to project. + type: string + mode: + description: 'mode is Optional: mode bits used + to set permissions on this file. Must be an + octal value between 0000 and 0777 or a decimal + value between 0 and 511. YAML accepts both octal + and decimal values, JSON requires decimal values + for mode bits. If not specified, the volume + defaultMode will be used. This might be in conflict + with other options that affect the file mode, + like fsGroup, and the result can be other mode + bits set.' + format: int32 + type: integer + path: + description: path is the relative path of the + file to map the key to. May not be an absolute + path. May not contain the path element '..'. + May not start with the string '..'. + type: string + required: + - key + - path + type: object + type: array + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + optional: + description: optional specify whether the ConfigMap + or its keys must be defined + type: boolean + type: object + csi: + description: csi (Container Storage Interface) represents + ephemeral storage that is handled by certain external + CSI drivers (Beta feature). + properties: + driver: + description: driver is the name of the CSI driver that + handles this volume. Consult with your admin for the + correct name as registered in the cluster. + type: string + fsType: + description: fsType to mount. Ex. "ext4", "xfs", "ntfs". + If not provided, the empty value is passed to the + associated CSI driver which will determine the default + filesystem to apply. + type: string + nodePublishSecretRef: + description: nodePublishSecretRef is a reference to + the secret object containing sensitive information + to pass to the CSI driver to complete the CSI NodePublishVolume + and NodeUnpublishVolume calls. This field is optional, + and may be empty if no secret is required. If the + secret object contains more than one secret, all secret + references are passed. + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + type: object + readOnly: + description: readOnly specifies a read-only configuration + for the volume. Defaults to false (read/write). + type: boolean + volumeAttributes: + additionalProperties: + type: string + description: volumeAttributes stores driver-specific + properties that are passed to the CSI driver. Consult + your driver's documentation for supported values. + type: object + required: + - driver + type: object + downwardAPI: + description: downwardAPI represents downward API about the + pod that should populate this volume + properties: + defaultMode: + description: 'Optional: mode bits to use on created + files by default. Must be a Optional: mode bits used + to set permissions on created files by default. Must + be an octal value between 0000 and 0777 or a decimal + value between 0 and 511. YAML accepts both octal and + decimal values, JSON requires decimal values for mode + bits. Defaults to 0644. Directories within the path + are not affected by this setting. This might be in + conflict with other options that affect the file mode, + like fsGroup, and the result can be other mode bits + set.' + format: int32 + type: integer + items: + description: Items is a list of downward API volume + file + items: + description: DownwardAPIVolumeFile represents information + to create the file containing the pod field + properties: + fieldRef: + description: 'Required: Selects a field of the + pod: only annotations, labels, name and namespace + are supported.' + properties: + apiVersion: + description: Version of the schema the FieldPath + is written in terms of, defaults to "v1". + type: string + fieldPath: + description: Path of the field to select in + the specified API version. + type: string + required: + - fieldPath + type: object + mode: + description: 'Optional: mode bits used to set + permissions on this file, must be an octal value + between 0000 and 0777 or a decimal value between + 0 and 511. YAML accepts both octal and decimal + values, JSON requires decimal values for mode + bits. If not specified, the volume defaultMode + will be used. This might be in conflict with + other options that affect the file mode, like + fsGroup, and the result can be other mode bits + set.' + format: int32 + type: integer + path: + description: 'Required: Path is the relative + path name of the file to be created. Must not + be absolute or contain the ''..'' path. Must + be utf-8 encoded. The first item of the relative + path must not start with ''..''' + type: string + resourceFieldRef: + description: 'Selects a resource of the container: + only resources limits and requests (limits.cpu, + limits.memory, requests.cpu and requests.memory) + are currently supported.' + properties: + containerName: + description: 'Container name: required for + volumes, optional for env vars' + type: string + divisor: + anyOf: + - type: integer + - type: string + description: Specifies the output format of + the exposed resources, defaults to "1" + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + description: 'Required: resource to select' + type: string + required: + - resource + type: object + required: + - path + type: object + type: array + type: object + emptyDir: + description: 'emptyDir represents a temporary directory + that shares a pod''s lifetime. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' + properties: + medium: + description: 'medium represents what type of storage + medium should back this directory. The default is + "" which means to use the node''s default medium. + Must be an empty string (default) or Memory. More + info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' + type: string + sizeLimit: + anyOf: + - type: integer + - type: string + description: 'sizeLimit is the total amount of local + storage required for this EmptyDir volume. The size + limit is also applicable for memory medium. The maximum + usage on memory medium EmptyDir would be the minimum + value between the SizeLimit specified here and the + sum of memory limits of all containers in a pod. The + default is nil which means that the limit is undefined. + More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + ephemeral: + description: "ephemeral represents a volume that is handled + by a cluster storage driver. The volume's lifecycle is + tied to the pod that defines it - it will be created before + the pod starts, and deleted when the pod is removed. \n + Use this if: a) the volume is only needed while the pod + runs, b) features of normal volumes like restoring from + snapshot or capacity tracking are needed, c) the storage + driver is specified through a storage class, and d) the + storage driver supports dynamic volume provisioning through + \ a PersistentVolumeClaim (see EphemeralVolumeSource + for more information on the connection between this + volume type and PersistentVolumeClaim). \n Use PersistentVolumeClaim + or one of the vendor-specific APIs for volumes that persist + for longer than the lifecycle of an individual pod. \n + Use CSI for light-weight local ephemeral volumes if the + CSI driver is meant to be used that way - see the documentation + of the driver for more information. \n A pod can use both + types of ephemeral volumes and persistent volumes at the + same time." + properties: + volumeClaimTemplate: + description: "Will be used to create a stand-alone PVC + to provision the volume. The pod in which this EphemeralVolumeSource + is embedded will be the owner of the PVC, i.e. the + PVC will be deleted together with the pod. The name + of the PVC will be `-` where + `` is the name from the `PodSpec.Volumes` + array entry. Pod validation will reject the pod if + the concatenated name is not valid for a PVC (for + example, too long). \n An existing PVC with that name + that is not owned by the pod will *not* be used for + the pod to avoid using an unrelated volume by mistake. + Starting the pod is then blocked until the unrelated + PVC is removed. If such a pre-created PVC is meant + to be used by the pod, the PVC has to updated with + an owner reference to the pod once the pod exists. + Normally this should not be necessary, but it may + be useful when manually reconstructing a broken cluster. + \n This field is read-only and no changes will be + made by Kubernetes to the PVC after it has been created. + \n Required, must not be nil." + properties: + metadata: + description: May contain labels and annotations + that will be copied into the PVC when creating + it. No other fields are allowed and will be rejected + during validation. + type: object + spec: + description: The specification for the PersistentVolumeClaim. + The entire content is copied unchanged into the + PVC that gets created from this template. The + same fields as in a PersistentVolumeClaim are + also valid here. + properties: + accessModes: + description: 'accessModes contains the desired + access modes the volume should have. More + info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1' + items: + type: string + type: array + dataSource: + description: 'dataSource field can be used to + specify either: * An existing VolumeSnapshot + object (snapshot.storage.k8s.io/VolumeSnapshot) + * An existing PVC (PersistentVolumeClaim) + If the provisioner or an external controller + can support the specified data source, it + will create a new volume based on the contents + of the specified data source. When the AnyVolumeDataSource + feature gate is enabled, dataSource contents + will be copied to dataSourceRef, and dataSourceRef + contents will be copied to dataSource when + dataSourceRef.namespace is not specified. + If the namespace is specified, then dataSourceRef + will not be copied to dataSource.' + properties: + apiGroup: + description: APIGroup is the group for the + resource being referenced. If APIGroup + is not specified, the specified Kind must + be in the core API group. For any other + third-party types, APIGroup is required. + type: string + kind: + description: Kind is the type of resource + being referenced + type: string + name: + description: Name is the name of resource + being referenced + type: string + required: + - kind + - name + type: object + dataSourceRef: + description: 'dataSourceRef specifies the object + from which to populate the volume with data, + if a non-empty volume is desired. This may + be any object from a non-empty API group (non + core object) or a PersistentVolumeClaim object. + When this field is specified, volume binding + will only succeed if the type of the specified + object matches some installed volume populator + or dynamic provisioner. This field will replace + the functionality of the dataSource field + and as such if both fields are non-empty, + they must have the same value. For backwards + compatibility, when namespace isn''t specified + in dataSourceRef, both fields (dataSource + and dataSourceRef) will be set to the same + value automatically if one of them is empty + and the other is non-empty. When namespace + is specified in dataSourceRef, dataSource + isn''t set to the same value and must be empty. + There are three important differences between + dataSource and dataSourceRef: * While dataSource + only allows two specific types of objects, + dataSourceRef allows any non-core object, + as well as PersistentVolumeClaim objects. + * While dataSource ignores disallowed values + (dropping them), dataSourceRef preserves + all values, and generates an error if a disallowed + value is specified. * While dataSource only + allows local objects, dataSourceRef allows + objects in any namespaces. (Beta) Using + this field requires the AnyVolumeDataSource + feature gate to be enabled. (Alpha) Using + the namespace field of dataSourceRef requires + the CrossNamespaceVolumeDataSource feature + gate to be enabled.' + properties: + apiGroup: + description: APIGroup is the group for the + resource being referenced. If APIGroup + is not specified, the specified Kind must + be in the core API group. For any other + third-party types, APIGroup is required. + type: string + kind: + description: Kind is the type of resource + being referenced + type: string + name: + description: Name is the name of resource + being referenced + type: string + namespace: + description: Namespace is the namespace + of resource being referenced Note that + when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant + object is required in the referent namespace + to allow that namespace's owner to accept + the reference. See the ReferenceGrant + documentation for details. (Alpha) This + field requires the CrossNamespaceVolumeDataSource + feature gate to be enabled. + type: string + required: + - kind + - name + type: object + resources: + description: 'resources represents the minimum + resources the volume should have. If RecoverVolumeExpansionFailure + feature is enabled users are allowed to specify + resource requirements that are lower than + previous value but must still be higher than + capacity recorded in the status field of the + claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources' + properties: + claims: + description: "Claims lists the names of + resources, defined in spec.resourceClaims, + that are used by this container. \n This + is an alpha field and requires enabling + the DynamicResourceAllocation feature + gate. \n This field is immutable. It can + only be set for containers." + items: + description: ResourceClaim references + one entry in PodSpec.ResourceClaims. + properties: + name: + description: Name must match the name + of one entry in pod.spec.resourceClaims + of the Pod where this field is used. + It makes that resource available + inside a container. + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum + amount of compute resources allowed. More + info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum + amount of compute resources required. + If Requests is omitted for a container, + it defaults to Limits if that is explicitly + specified, otherwise to an implementation-defined + value. Requests cannot exceed Limits. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + type: object + selector: + description: selector is a label query over + volumes to consider for binding. + properties: + matchExpressions: + description: matchExpressions is a list + of label selector requirements. The requirements + are ANDed. + items: + description: A label selector requirement + is a selector that contains values, + a key, and an operator that relates + the key and values. + properties: + key: + description: key is the label key + that the selector applies to. + type: string + operator: + description: operator represents a + key's relationship to a set of values. + Valid operators are In, NotIn, Exists + and DoesNotExist. + type: string + values: + description: values is an array of + string values. If the operator is + In or NotIn, the values array must + be non-empty. If the operator is + Exists or DoesNotExist, the values + array must be empty. This array + is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator + is "In", and the values array contains + only "value". The requirements are ANDed. + type: object + type: object + storageClassName: + description: 'storageClassName is the name of + the StorageClass required by the claim. More + info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1' + type: string + volumeMode: + description: volumeMode defines what type of + volume is required by the claim. Value of + Filesystem is implied when not included in + claim spec. + type: string + volumeName: + description: volumeName is the binding reference + to the PersistentVolume backing this claim. + type: string + type: object + required: + - spec + type: object + type: object + fc: + description: fc represents a Fibre Channel resource that + is attached to a kubelet's host machine and then exposed + to the pod. + properties: + fsType: + description: 'fsType is the filesystem type to mount. + Must be a filesystem type supported by the host operating + system. Ex. "ext4", "xfs", "ntfs". Implicitly inferred + to be "ext4" if unspecified. TODO: how do we prevent + errors in the filesystem from compromising the machine' + type: string + lun: + description: 'lun is Optional: FC target lun number' + format: int32 + type: integer + readOnly: + description: 'readOnly is Optional: Defaults to false + (read/write). ReadOnly here will force the ReadOnly + setting in VolumeMounts.' + type: boolean + targetWWNs: + description: 'targetWWNs is Optional: FC target worldwide + names (WWNs)' + items: + type: string + type: array + wwids: + description: 'wwids Optional: FC volume world wide identifiers + (wwids) Either wwids or combination of targetWWNs + and lun must be set, but not both simultaneously.' + items: + type: string + type: array + type: object + flexVolume: + description: flexVolume represents a generic volume resource + that is provisioned/attached using an exec based plugin. + properties: + driver: + description: driver is the name of the driver to use + for this volume. + type: string + fsType: + description: fsType is the filesystem type to mount. + Must be a filesystem type supported by the host operating + system. Ex. "ext4", "xfs", "ntfs". The default filesystem + depends on FlexVolume script. + type: string + options: + additionalProperties: + type: string + description: 'options is Optional: this field holds + extra command options if any.' + type: object + readOnly: + description: 'readOnly is Optional: defaults to false + (read/write). ReadOnly here will force the ReadOnly + setting in VolumeMounts.' + type: boolean + secretRef: + description: 'secretRef is Optional: secretRef is reference + to the secret object containing sensitive information + to pass to the plugin scripts. This may be empty if + no secret object is specified. If the secret object + contains more than one secret, all secrets are passed + to the plugin scripts.' + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + type: object + required: + - driver + type: object + flocker: + description: flocker represents a Flocker volume attached + to a kubelet's host machine. This depends on the Flocker + control service being running + properties: + datasetName: + description: datasetName is Name of the dataset stored + as metadata -> name on the dataset for Flocker should + be considered as deprecated + type: string + datasetUUID: + description: datasetUUID is the UUID of the dataset. + This is unique identifier of a Flocker dataset + type: string + type: object + gcePersistentDisk: + description: 'gcePersistentDisk represents a GCE Disk resource + that is attached to a kubelet''s host machine and then + exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' + properties: + fsType: + description: 'fsType is filesystem type of the volume + that you want to mount. Tip: Ensure that the filesystem + type is supported by the host operating system. Examples: + "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" + if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk + TODO: how do we prevent errors in the filesystem from + compromising the machine' + type: string + partition: + description: 'partition is the partition in the volume + that you want to mount. If omitted, the default is + to mount by volume name. Examples: For volume /dev/sda1, + you specify the partition as "1". Similarly, the volume + partition for /dev/sda is "0" (or you can leave the + property empty). More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' + format: int32 + type: integer + pdName: + description: 'pdName is unique name of the PD resource + in GCE. Used to identify the disk in GCE. More info: + https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' + type: string + readOnly: + description: 'readOnly here will force the ReadOnly + setting in VolumeMounts. Defaults to false. More info: + https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' + type: boolean + required: + - pdName + type: object + gitRepo: + description: 'gitRepo represents a git repository at a particular + revision. DEPRECATED: GitRepo is deprecated. To provision + a container with a git repo, mount an EmptyDir into an + InitContainer that clones the repo using git, then mount + the EmptyDir into the Pod''s container.' + properties: + directory: + description: directory is the target directory name. + Must not contain or start with '..'. If '.' is supplied, + the volume directory will be the git repository. Otherwise, + if specified, the volume will contain the git repository + in the subdirectory with the given name. + type: string + repository: + description: repository is the URL + type: string + revision: + description: revision is the commit hash for the specified + revision. + type: string + required: + - repository + type: object + glusterfs: + description: 'glusterfs represents a Glusterfs mount on + the host that shares a pod''s lifetime. More info: https://examples.k8s.io/volumes/glusterfs/README.md' + properties: + endpoints: + description: 'endpoints is the endpoint name that details + Glusterfs topology. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' + type: string + path: + description: 'path is the Glusterfs volume path. More + info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' + type: string + readOnly: + description: 'readOnly here will force the Glusterfs + volume to be mounted with read-only permissions. Defaults + to false. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' + type: boolean + required: + - endpoints + - path + type: object + hostPath: + description: 'hostPath represents a pre-existing file or + directory on the host machine that is directly exposed + to the container. This is generally used for system agents + or other privileged things that are allowed to see the + host machine. Most containers will NOT need this. More + info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath + --- TODO(jonesdl) We need to restrict who can use host + directory mounts and who can/can not mount host directories + as read/write.' + properties: + path: + description: 'path of the directory on the host. If + the path is a symlink, it will follow the link to + the real path. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath' + type: string + type: + description: 'type for HostPath Volume Defaults to "" + More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath' + type: string + required: + - path + type: object + iscsi: + description: 'iscsi represents an ISCSI Disk resource that + is attached to a kubelet''s host machine and then exposed + to the pod. More info: https://examples.k8s.io/volumes/iscsi/README.md' + properties: + chapAuthDiscovery: + description: chapAuthDiscovery defines whether support + iSCSI Discovery CHAP authentication + type: boolean + chapAuthSession: + description: chapAuthSession defines whether support + iSCSI Session CHAP authentication + type: boolean + fsType: + description: 'fsType is the filesystem type of the volume + that you want to mount. Tip: Ensure that the filesystem + type is supported by the host operating system. Examples: + "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" + if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi + TODO: how do we prevent errors in the filesystem from + compromising the machine' + type: string + initiatorName: + description: initiatorName is the custom iSCSI Initiator + Name. If initiatorName is specified with iscsiInterface + simultaneously, new iSCSI interface : will be created for the connection. + type: string + iqn: + description: iqn is the target iSCSI Qualified Name. + type: string + iscsiInterface: + description: iscsiInterface is the interface Name that + uses an iSCSI transport. Defaults to 'default' (tcp). + type: string + lun: + description: lun represents iSCSI Target Lun number. + format: int32 + type: integer + portals: + description: portals is the iSCSI Target Portal List. + The portal is either an IP or ip_addr:port if the + port is other than default (typically TCP ports 860 + and 3260). + items: + type: string + type: array + readOnly: + description: readOnly here will force the ReadOnly setting + in VolumeMounts. Defaults to false. + type: boolean + secretRef: + description: secretRef is the CHAP Secret for iSCSI + target and initiator authentication + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + type: object + targetPortal: + description: targetPortal is iSCSI Target Portal. The + Portal is either an IP or ip_addr:port if the port + is other than default (typically TCP ports 860 and + 3260). + type: string + required: + - iqn + - lun + - targetPortal + type: object + name: + description: 'name of the volume. Must be a DNS_LABEL and + unique within the pod. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + nfs: + description: 'nfs represents an NFS mount on the host that + shares a pod''s lifetime More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' + properties: + path: + description: 'path that is exported by the NFS server. + More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' + type: string + readOnly: + description: 'readOnly here will force the NFS export + to be mounted with read-only permissions. Defaults + to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' + type: boolean + server: + description: 'server is the hostname or IP address of + the NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' + type: string + required: + - path + - server + type: object + persistentVolumeClaim: + description: 'persistentVolumeClaimVolumeSource represents + a reference to a PersistentVolumeClaim in the same namespace. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' + properties: + claimName: + description: 'claimName is the name of a PersistentVolumeClaim + in the same namespace as the pod using this volume. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' + type: string + readOnly: + description: readOnly Will force the ReadOnly setting + in VolumeMounts. Default false. + type: boolean + required: + - claimName + type: object + photonPersistentDisk: + description: photonPersistentDisk represents a PhotonController + persistent disk attached and mounted on kubelets host + machine + properties: + fsType: + description: fsType is the filesystem type to mount. + Must be a filesystem type supported by the host operating + system. Ex. "ext4", "xfs", "ntfs". Implicitly inferred + to be "ext4" if unspecified. + type: string + pdID: + description: pdID is the ID that identifies Photon Controller + persistent disk + type: string + required: + - pdID + type: object + portworxVolume: + description: portworxVolume represents a portworx volume + attached and mounted on kubelets host machine + properties: + fsType: + description: fSType represents the filesystem type to + mount Must be a filesystem type supported by the host + operating system. Ex. "ext4", "xfs". Implicitly inferred + to be "ext4" if unspecified. + type: string + readOnly: + description: readOnly defaults to false (read/write). + ReadOnly here will force the ReadOnly setting in VolumeMounts. + type: boolean + volumeID: + description: volumeID uniquely identifies a Portworx + volume + type: string + required: + - volumeID + type: object + projected: + description: projected items for all in one resources secrets, + configmaps, and downward API + properties: + defaultMode: + description: defaultMode are the mode bits used to set + permissions on created files by default. Must be an + octal value between 0000 and 0777 or a decimal value + between 0 and 511. YAML accepts both octal and decimal + values, JSON requires decimal values for mode bits. + Directories within the path are not affected by this + setting. This might be in conflict with other options + that affect the file mode, like fsGroup, and the result + can be other mode bits set. + format: int32 + type: integer + sources: + description: sources is the list of volume projections + items: + description: Projection that may be projected along + with other supported volume types + properties: + configMap: + description: configMap information about the configMap + data to project + properties: + items: + description: items if unspecified, each key-value + pair in the Data field of the referenced + ConfigMap will be projected into the volume + as a file whose name is the key and content + is the value. If specified, the listed keys + will be projected into the specified paths, + and unlisted keys will not be present. If + a key is specified which is not present + in the ConfigMap, the volume setup will + error unless it is marked optional. Paths + must be relative and may not contain the + '..' path or start with '..'. + items: + description: Maps a string key to a path + within a volume. + properties: + key: + description: key is the key to project. + type: string + mode: + description: 'mode is Optional: mode + bits used to set permissions on this + file. Must be an octal value between + 0000 and 0777 or a decimal value between + 0 and 511. YAML accepts both octal + and decimal values, JSON requires + decimal values for mode bits. If not + specified, the volume defaultMode + will be used. This might be in conflict + with other options that affect the + file mode, like fsGroup, and the result + can be other mode bits set.' + format: int32 + type: integer + path: + description: path is the relative path + of the file to map the key to. May + not be an absolute path. May not contain + the path element '..'. May not start + with the string '..'. + type: string + required: + - key + - path + type: object + type: array + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: optional specify whether the + ConfigMap or its keys must be defined + type: boolean + type: object + downwardAPI: + description: downwardAPI information about the + downwardAPI data to project + properties: + items: + description: Items is a list of DownwardAPIVolume + file + items: + description: DownwardAPIVolumeFile represents + information to create the file containing + the pod field + properties: + fieldRef: + description: 'Required: Selects a field + of the pod: only annotations, labels, + name and namespace are supported.' + properties: + apiVersion: + description: Version of the schema + the FieldPath is written in terms + of, defaults to "v1". + type: string + fieldPath: + description: Path of the field to + select in the specified API version. + type: string + required: + - fieldPath + type: object + mode: + description: 'Optional: mode bits used + to set permissions on this file, must + be an octal value between 0000 and + 0777 or a decimal value between 0 + and 511. YAML accepts both octal and + decimal values, JSON requires decimal + values for mode bits. If not specified, + the volume defaultMode will be used. + This might be in conflict with other + options that affect the file mode, + like fsGroup, and the result can be + other mode bits set.' + format: int32 + type: integer + path: + description: 'Required: Path is the + relative path name of the file to + be created. Must not be absolute or + contain the ''..'' path. Must be utf-8 + encoded. The first item of the relative + path must not start with ''..''' + type: string + resourceFieldRef: + description: 'Selects a resource of + the container: only resources limits + and requests (limits.cpu, limits.memory, + requests.cpu and requests.memory) + are currently supported.' + properties: + containerName: + description: 'Container name: required + for volumes, optional for env + vars' + type: string + divisor: + anyOf: + - type: integer + - type: string + description: Specifies the output + format of the exposed resources, + defaults to "1" + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + description: 'Required: resource + to select' + type: string + required: + - resource + type: object + required: + - path + type: object + type: array + type: object + secret: + description: secret information about the secret + data to project + properties: + items: + description: items if unspecified, each key-value + pair in the Data field of the referenced + Secret will be projected into the volume + as a file whose name is the key and content + is the value. If specified, the listed keys + will be projected into the specified paths, + and unlisted keys will not be present. If + a key is specified which is not present + in the Secret, the volume setup will error + unless it is marked optional. Paths must + be relative and may not contain the '..' + path or start with '..'. + items: + description: Maps a string key to a path + within a volume. + properties: + key: + description: key is the key to project. + type: string + mode: + description: 'mode is Optional: mode + bits used to set permissions on this + file. Must be an octal value between + 0000 and 0777 or a decimal value between + 0 and 511. YAML accepts both octal + and decimal values, JSON requires + decimal values for mode bits. If not + specified, the volume defaultMode + will be used. This might be in conflict + with other options that affect the + file mode, like fsGroup, and the result + can be other mode bits set.' + format: int32 + type: integer + path: + description: path is the relative path + of the file to map the key to. May + not be an absolute path. May not contain + the path element '..'. May not start + with the string '..'. + type: string + required: + - key + - path + type: object + type: array + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: optional field specify whether + the Secret or its key must be defined + type: boolean + type: object + serviceAccountToken: + description: serviceAccountToken is information + about the serviceAccountToken data to project + properties: + audience: + description: audience is the intended audience + of the token. A recipient of a token must + identify itself with an identifier specified + in the audience of the token, and otherwise + should reject the token. The audience defaults + to the identifier of the apiserver. + type: string + expirationSeconds: + description: expirationSeconds is the requested + duration of validity of the service account + token. As the token approaches expiration, + the kubelet volume plugin will proactively + rotate the service account token. The kubelet + will start trying to rotate the token if + the token is older than 80 percent of its + time to live or if the token is older than + 24 hours.Defaults to 1 hour and must be + at least 10 minutes. + format: int64 + type: integer + path: + description: path is the path relative to + the mount point of the file to project the + token into. + type: string + required: + - path + type: object + type: object + type: array + type: object + quobyte: + description: quobyte represents a Quobyte mount on the host + that shares a pod's lifetime + properties: + group: + description: group to map volume access to Default is + no group + type: string + readOnly: + description: readOnly here will force the Quobyte volume + to be mounted with read-only permissions. Defaults + to false. + type: boolean + registry: + description: registry represents a single or multiple + Quobyte Registry services specified as a string as + host:port pair (multiple entries are separated with + commas) which acts as the central registry for volumes + type: string + tenant: + description: tenant owning the given Quobyte volume + in the Backend Used with dynamically provisioned Quobyte + volumes, value is set by the plugin + type: string + user: + description: user to map volume access to Defaults to + serivceaccount user + type: string + volume: + description: volume is a string that references an already + created Quobyte volume by name. + type: string + required: + - registry + - volume + type: object + rbd: + description: 'rbd represents a Rados Block Device mount + on the host that shares a pod''s lifetime. More info: + https://examples.k8s.io/volumes/rbd/README.md' + properties: + fsType: + description: 'fsType is the filesystem type of the volume + that you want to mount. Tip: Ensure that the filesystem + type is supported by the host operating system. Examples: + "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" + if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#rbd + TODO: how do we prevent errors in the filesystem from + compromising the machine' + type: string + image: + description: 'image is the rados image name. More info: + https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' + type: string + keyring: + description: 'keyring is the path to key ring for RBDUser. + Default is /etc/ceph/keyring. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' + type: string + monitors: + description: 'monitors is a collection of Ceph monitors. + More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' + items: + type: string + type: array + pool: + description: 'pool is the rados pool name. Default is + rbd. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' + type: string + readOnly: + description: 'readOnly here will force the ReadOnly + setting in VolumeMounts. Defaults to false. More info: + https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' + type: boolean + secretRef: + description: 'secretRef is name of the authentication + secret for RBDUser. If provided overrides keyring. + Default is nil. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + type: object + user: + description: 'user is the rados user name. Default is + admin. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' + type: string + required: + - image + - monitors + type: object + scaleIO: + description: scaleIO represents a ScaleIO persistent volume + attached and mounted on Kubernetes nodes. + properties: + fsType: + description: fsType is the filesystem type to mount. + Must be a filesystem type supported by the host operating + system. Ex. "ext4", "xfs", "ntfs". Default is "xfs". + type: string + gateway: + description: gateway is the host address of the ScaleIO + API Gateway. + type: string + protectionDomain: + description: protectionDomain is the name of the ScaleIO + Protection Domain for the configured storage. + type: string + readOnly: + description: readOnly Defaults to false (read/write). + ReadOnly here will force the ReadOnly setting in VolumeMounts. + type: boolean + secretRef: + description: secretRef references to the secret for + ScaleIO user and other sensitive information. If this + is not provided, Login operation will fail. + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + type: object + sslEnabled: + description: sslEnabled Flag enable/disable SSL communication + with Gateway, default false + type: boolean + storageMode: + description: storageMode indicates whether the storage + for a volume should be ThickProvisioned or ThinProvisioned. + Default is ThinProvisioned. + type: string + storagePool: + description: storagePool is the ScaleIO Storage Pool + associated with the protection domain. + type: string + system: + description: system is the name of the storage system + as configured in ScaleIO. + type: string + volumeName: + description: volumeName is the name of a volume already + created in the ScaleIO system that is associated with + this volume source. + type: string + required: + - gateway + - secretRef + - system + type: object + secret: + description: 'secret represents a secret that should populate + this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' + properties: + defaultMode: + description: 'defaultMode is Optional: mode bits used + to set permissions on created files by default. Must + be an octal value between 0000 and 0777 or a decimal + value between 0 and 511. YAML accepts both octal and + decimal values, JSON requires decimal values for mode + bits. Defaults to 0644. Directories within the path + are not affected by this setting. This might be in + conflict with other options that affect the file mode, + like fsGroup, and the result can be other mode bits + set.' + format: int32 + type: integer + items: + description: items If unspecified, each key-value pair + in the Data field of the referenced Secret will be + projected into the volume as a file whose name is + the key and content is the value. If specified, the + listed keys will be projected into the specified paths, + and unlisted keys will not be present. If a key is + specified which is not present in the Secret, the + volume setup will error unless it is marked optional. + Paths must be relative and may not contain the '..' + path or start with '..'. + items: + description: Maps a string key to a path within a + volume. + properties: + key: + description: key is the key to project. + type: string + mode: + description: 'mode is Optional: mode bits used + to set permissions on this file. Must be an + octal value between 0000 and 0777 or a decimal + value between 0 and 511. YAML accepts both octal + and decimal values, JSON requires decimal values + for mode bits. If not specified, the volume + defaultMode will be used. This might be in conflict + with other options that affect the file mode, + like fsGroup, and the result can be other mode + bits set.' + format: int32 + type: integer + path: + description: path is the relative path of the + file to map the key to. May not be an absolute + path. May not contain the path element '..'. + May not start with the string '..'. + type: string + required: + - key + - path + type: object + type: array + optional: + description: optional field specify whether the Secret + or its keys must be defined + type: boolean + secretName: + description: 'secretName is the name of the secret in + the pod''s namespace to use. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' + type: string + type: object + storageos: + description: storageOS represents a StorageOS volume attached + and mounted on Kubernetes nodes. + properties: + fsType: + description: fsType is the filesystem type to mount. + Must be a filesystem type supported by the host operating + system. Ex. "ext4", "xfs", "ntfs". Implicitly inferred + to be "ext4" if unspecified. + type: string + readOnly: + description: readOnly defaults to false (read/write). + ReadOnly here will force the ReadOnly setting in VolumeMounts. + type: boolean + secretRef: + description: secretRef specifies the secret to use for + obtaining the StorageOS API credentials. If not specified, + default values will be attempted. + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + type: object + volumeName: + description: volumeName is the human-readable name of + the StorageOS volume. Volume names are only unique + within a namespace. + type: string + volumeNamespace: + description: volumeNamespace specifies the scope of + the volume within StorageOS. If no namespace is specified + then the Pod's namespace will be used. This allows + the Kubernetes name scoping to be mirrored within + StorageOS for tighter integration. Set VolumeName + to any name to override the default behaviour. Set + to "default" if you are not using namespaces within + StorageOS. Namespaces that do not pre-exist within + StorageOS will be created. + type: string + type: object + vsphereVolume: + description: vsphereVolume represents a vSphere volume attached + and mounted on kubelets host machine + properties: + fsType: + description: fsType is filesystem type to mount. Must + be a filesystem type supported by the host operating + system. Ex. "ext4", "xfs", "ntfs". Implicitly inferred + to be "ext4" if unspecified. + type: string + storagePolicyID: + description: storagePolicyID is the storage Policy Based + Management (SPBM) profile ID associated with the StoragePolicyName. + type: string + storagePolicyName: + description: storagePolicyName is the storage Policy + Based Management (SPBM) profile name. + type: string + volumePath: + description: volumePath is the path that identifies + vSphere volume vmdk + type: string + required: + - volumePath + type: object + required: + - name + type: object + type: array + type: object + repositoryCredentials: + description: RepositoryCredentials are the Git pull credentials to + configure Argo CD with upon creation of the cluster. + type: string + resourceActions: + description: ResourceActions customizes resource action behavior. + items: + description: Resource Customization for custom action + properties: + action: + type: string + group: + type: string + kind: + type: string + type: object + type: array + resourceCustomizations: + description: 'Deprecated field. Support dropped in v1beta1 version. + ResourceCustomizations customizes resource behavior. Keys are in + the form: group/Kind. Please note that this is being deprecated + in favor of ResourceHealthChecks, ResourceIgnoreDifferences, and + ResourceActions.' + type: string + resourceExclusions: + description: ResourceExclusions is used to completely ignore entire + classes of resource group/kinds. + type: string + resourceHealthChecks: + description: ResourceHealthChecks customizes resource health check + behavior. + items: + description: Resource Customization for custom health check + properties: + check: + type: string + group: + type: string + kind: + type: string + type: object + type: array + resourceIgnoreDifferences: + description: ResourceIgnoreDifferences customizes resource ignore + difference behavior. + properties: + all: + properties: + jqPathExpressions: + items: + type: string + type: array + jsonPointers: + items: + type: string + type: array + managedFieldsManagers: + items: + type: string + type: array + type: object + resourceIdentifiers: + items: + description: Resource Customization fields for ignore difference + properties: + customization: + properties: + jqPathExpressions: + items: + type: string + type: array + jsonPointers: + items: + type: string + type: array + managedFieldsManagers: + items: + type: string + type: array + type: object + group: + type: string + kind: + type: string + type: object + type: array + type: object + resourceInclusions: + description: ResourceInclusions is used to only include specific group/kinds + in the reconciliation process. + type: string + resourceTrackingMethod: + description: ResourceTrackingMethod defines how Argo CD should track + resources that it manages + type: string + server: + description: Server defines the options for the ArgoCD Server component. + properties: + autoscale: + description: Autoscale defines the autoscale options for the Argo + CD Server component. + properties: + enabled: + description: Enabled will toggle autoscaling support for the + Argo CD Server component. + type: boolean + hpa: + description: HPA defines the HorizontalPodAutoscaler options + for the Argo CD Server component. + properties: + maxReplicas: + description: maxReplicas is the upper limit for the number + of pods that can be set by the autoscaler; cannot be + smaller than MinReplicas. + format: int32 + type: integer + minReplicas: + description: minReplicas is the lower limit for the number + of replicas to which the autoscaler can scale down. It + defaults to 1 pod. minReplicas is allowed to be 0 if + the alpha feature gate HPAScaleToZero is enabled and + at least one Object or External metric is configured. Scaling + is active as long as at least one metric value is available. + format: int32 + type: integer + scaleTargetRef: + description: reference to scaled resource; horizontal + pod autoscaler will learn the current resource consumption + and will set the desired number of pods by using its + Scale subresource. + properties: + apiVersion: + description: apiVersion is the API version of the + referent + type: string + kind: + description: 'kind is the kind of the referent; More + info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + name: + description: 'name is the name of the referent; More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + required: + - kind + - name + type: object + targetCPUUtilizationPercentage: + description: targetCPUUtilizationPercentage is the target + average CPU utilization (represented as a percentage + of requested CPU) over all the pods; if not specified + the default autoscaling policy will be used. + format: int32 + type: integer + required: + - maxReplicas + - scaleTargetRef + type: object + required: + - enabled + type: object + env: + description: Env lets you specify environment for API server pods + items: + description: EnvVar represents an environment variable present + in a Container. + properties: + name: + description: Name of the environment variable. Must be a + C_IDENTIFIER. + type: string + value: + description: 'Variable references $(VAR_NAME) are expanded + using the previously defined environment variables in + the container and any service environment variables. If + a variable cannot be resolved, the reference in the input + string will be unchanged. Double $$ are reduced to a single + $, which allows for escaping the $(VAR_NAME) syntax: i.e. + "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". + Escaped references will never be expanded, regardless + of whether the variable exists or not. Defaults to "".' + type: string + valueFrom: + description: Source for the environment variable's value. + Cannot be used if value is not empty. + properties: + configMapKeyRef: + description: Selects a key of a ConfigMap. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether the ConfigMap or its + key must be defined + type: boolean + required: + - key + type: object + fieldRef: + description: 'Selects a field of the pod: supports metadata.name, + metadata.namespace, `metadata.labels['''']`, + `metadata.annotations['''']`, spec.nodeName, + spec.serviceAccountName, status.hostIP, status.podIP, + status.podIPs.' + properties: + apiVersion: + description: Version of the schema the FieldPath + is written in terms of, defaults to "v1". + type: string + fieldPath: + description: Path of the field to select in the + specified API version. + type: string + required: + - fieldPath + type: object + resourceFieldRef: + description: 'Selects a resource of the container: only + resources limits and requests (limits.cpu, limits.memory, + limits.ephemeral-storage, requests.cpu, requests.memory + and requests.ephemeral-storage) are currently supported.' + properties: + containerName: + description: 'Container name: required for volumes, + optional for env vars' + type: string + divisor: + anyOf: + - type: integer + - type: string + description: Specifies the output format of the + exposed resources, defaults to "1" + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + description: 'Required: resource to select' + type: string + required: + - resource + type: object + secretKeyRef: + description: Selects a key of a secret in the pod's + namespace + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + type: object + required: + - name + type: object + type: array + extraCommandArgs: + description: Extra Command arguments that would append to the + Argo CD server command. ExtraCommandArgs will not be added, + if one of these commands is already part of the server command + with same or different value. + items: + type: string + type: array + grpc: + description: GRPC defines the state for the Argo CD Server GRPC + options. + properties: + host: + description: Host is the hostname to use for Ingress/Route + resources. + type: string + ingress: + description: Ingress defines the desired state for the Argo + CD Server GRPC Ingress. + properties: + annotations: + additionalProperties: + type: string + description: Annotations is the map of annotations to + apply to the Ingress. + type: object + enabled: + description: Enabled will toggle the creation of the Ingress. + type: boolean + ingressClassName: + description: IngressClassName for the Ingress resource. + type: string + path: + description: Path used for the Ingress resource. + type: string + tls: + description: TLS configuration. Currently the Ingress + only supports a single TLS port, 443. If multiple members + of this list specify different hosts, they will be multiplexed + on the same port according to the hostname specified + through the SNI TLS extension, if the ingress controller + fulfilling the ingress supports SNI. + items: + description: IngressTLS describes the transport layer + security associated with an ingress. + properties: + hosts: + description: hosts is a list of hosts included in + the TLS certificate. The values in this list must + match the name/s used in the tlsSecret. Defaults + to the wildcard host setting for the loadbalancer + controller fulfilling this Ingress, if left unspecified. + items: + type: string + type: array + x-kubernetes-list-type: atomic + secretName: + description: secretName is the name of the secret + used to terminate TLS traffic on port 443. Field + is left optional to allow TLS routing based on + SNI hostname alone. If the SNI host in a listener + conflicts with the "Host" header field used by + an IngressRule, the SNI host is used for termination + and value of the "Host" header is used for routing. + type: string + type: object + type: array + required: + - enabled + type: object + type: object + host: + description: Host is the hostname to use for Ingress/Route resources. + type: string + ingress: + description: Ingress defines the desired state for an Ingress + for the Argo CD Server component. + properties: + annotations: + additionalProperties: + type: string + description: Annotations is the map of annotations to apply + to the Ingress. + type: object + enabled: + description: Enabled will toggle the creation of the Ingress. + type: boolean + ingressClassName: + description: IngressClassName for the Ingress resource. + type: string + path: + description: Path used for the Ingress resource. + type: string + tls: + description: TLS configuration. Currently the Ingress only + supports a single TLS port, 443. If multiple members of + this list specify different hosts, they will be multiplexed + on the same port according to the hostname specified through + the SNI TLS extension, if the ingress controller fulfilling + the ingress supports SNI. + items: + description: IngressTLS describes the transport layer security + associated with an ingress. + properties: + hosts: + description: hosts is a list of hosts included in the + TLS certificate. The values in this list must match + the name/s used in the tlsSecret. Defaults to the + wildcard host setting for the loadbalancer controller + fulfilling this Ingress, if left unspecified. + items: + type: string + type: array + x-kubernetes-list-type: atomic + secretName: + description: secretName is the name of the secret used + to terminate TLS traffic on port 443. Field is left + optional to allow TLS routing based on SNI hostname + alone. If the SNI host in a listener conflicts with + the "Host" header field used by an IngressRule, the + SNI host is used for termination and value of the + "Host" header is used for routing. + type: string + type: object + type: array + required: + - enabled + type: object + insecure: + description: Insecure toggles the insecure flag. + type: boolean + logFormat: + description: LogFormat refers to the log level to be used by the + ArgoCD Server component. Defaults to ArgoCDDefaultLogFormat + if not configured. Valid options are text or json. + type: string + logLevel: + description: LogLevel refers to the log level to be used by the + ArgoCD Server component. Defaults to ArgoCDDefaultLogLevel if + not set. Valid options are debug, info, error, and warn. + type: string + replicas: + description: Replicas defines the number of replicas for argocd-server. + Default is nil. Value should be greater than or equal to 0. + Value will be ignored if Autoscaler is enabled. + format: int32 + type: integer + resources: + description: Resources defines the Compute Resources required + by the container for the Argo CD server component. + properties: + claims: + description: "Claims lists the names of resources, defined + in spec.resourceClaims, that are used by this container. + \n This is an alpha field and requires enabling the DynamicResourceAllocation + feature gate. \n This field is immutable. It can only be + set for containers." + items: + description: ResourceClaim references one entry in PodSpec.ResourceClaims. + properties: + name: + description: Name must match the name of one entry in + pod.spec.resourceClaims of the Pod where this field + is used. It makes that resource available inside a + container. + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum amount of compute + resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum amount of compute + resources required. If Requests is omitted for a container, + it defaults to Limits if that is explicitly specified, otherwise + to an implementation-defined value. Requests cannot exceed + Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + type: object + route: + description: Route defines the desired state for an OpenShift + Route for the Argo CD Server component. + properties: + annotations: + additionalProperties: + type: string + description: Annotations is the map of annotations to use + for the Route resource. + type: object + enabled: + description: Enabled will toggle the creation of the OpenShift + Route. + type: boolean + labels: + additionalProperties: + type: string + description: Labels is the map of labels to use for the Route + resource + type: object + path: + description: Path the router watches for, to route traffic + for to the service. + type: string + tls: + description: TLS provides the ability to configure certificates + and termination for the Route. + properties: + caCertificate: + description: caCertificate provides the cert authority + certificate contents + type: string + certificate: + description: certificate provides certificate contents + type: string + destinationCACertificate: + description: destinationCACertificate provides the contents + of the ca certificate of the final destination. When + using reencrypt termination this file should be provided + in order to have routers use it for health checks on + the secure connection. If this field is not specified, + the router may provide its own destination CA and perform + hostname validation using the short service name (service.namespace.svc), + which allows infrastructure generated certificates to + automatically verify. + type: string + insecureEdgeTerminationPolicy: + description: "insecureEdgeTerminationPolicy indicates + the desired behavior for insecure connections to a route. + While each router may make its own decisions on which + ports to expose, this is normally port 80. \n * Allow + - traffic is sent to the server on the insecure port + (default) * Disable - no traffic is allowed on the insecure + port. * Redirect - clients are redirected to the secure + port." + type: string + key: + description: key provides key file contents + type: string + termination: + description: termination indicates termination type. + type: string + required: + - termination + type: object + wildcardPolicy: + description: WildcardPolicy if any for the route. Currently + only 'Subdomain' or 'None' is allowed. + type: string + required: + - enabled + type: object + service: + description: Service defines the options for the Service backing + the ArgoCD Server component. + properties: + type: + description: Type is the ServiceType to use for the Service + resource. + type: string + required: + - type + type: object + type: object + sourceNamespaces: + description: SourceNamespaces defines the namespaces application resources + are allowed to be created in + items: + type: string + type: array + sso: + description: SSO defines the Single Sign-on configuration for Argo + CD + properties: + dex: + description: Dex contains the configuration for Argo CD dex authentication + properties: + config: + description: Config is the dex connector configuration. + type: string + groups: + description: Optional list of required groups a user must + be a member of + items: + type: string + type: array + image: + description: Image is the Dex container image. + type: string + openShiftOAuth: + description: OpenShiftOAuth enables OpenShift OAuth authentication + for the Dex server. + type: boolean + resources: + description: Resources defines the Compute Resources required + by the container for Dex. + properties: + claims: + description: "Claims lists the names of resources, defined + in spec.resourceClaims, that are used by this container. + \n This is an alpha field and requires enabling the + DynamicResourceAllocation feature gate. \n This field + is immutable. It can only be set for containers." + items: + description: ResourceClaim references one entry in PodSpec.ResourceClaims. + properties: + name: + description: Name must match the name of one entry + in pod.spec.resourceClaims of the Pod where this + field is used. It makes that resource available + inside a container. + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum amount of compute + resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum amount of + compute resources required. If Requests is omitted for + a container, it defaults to Limits if that is explicitly + specified, otherwise to an implementation-defined value. + Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + type: object + version: + description: Version is the Dex container image tag. + type: string + type: object + image: + description: Deprecated field. Support dropped in v1beta1 version. + Image is the SSO container image. + type: string + keycloak: + description: Keycloak contains the configuration for Argo CD keycloak + authentication + properties: + image: + description: Image is the Keycloak container image. + type: string + resources: + description: Resources defines the Compute Resources required + by the container for Keycloak. + properties: + claims: + description: "Claims lists the names of resources, defined + in spec.resourceClaims, that are used by this container. + \n This is an alpha field and requires enabling the + DynamicResourceAllocation feature gate. \n This field + is immutable. It can only be set for containers." + items: + description: ResourceClaim references one entry in PodSpec.ResourceClaims. + properties: + name: + description: Name must match the name of one entry + in pod.spec.resourceClaims of the Pod where this + field is used. It makes that resource available + inside a container. + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum amount of compute + resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum amount of + compute resources required. If Requests is omitted for + a container, it defaults to Limits if that is explicitly + specified, otherwise to an implementation-defined value. + Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + type: object + rootCA: + description: Custom root CA certificate for communicating + with the Keycloak OIDC provider + type: string + verifyTLS: + description: VerifyTLS set to false disables strict TLS validation. + type: boolean + version: + description: Version is the Keycloak container image tag. + type: string + type: object + provider: + description: Provider installs and configures the given SSO Provider + with Argo CD. + type: string + resources: + description: Deprecated field. Support dropped in v1beta1 version. + Resources defines the Compute Resources required by the container + for SSO. + properties: + claims: + description: "Claims lists the names of resources, defined + in spec.resourceClaims, that are used by this container. + \n This is an alpha field and requires enabling the DynamicResourceAllocation + feature gate. \n This field is immutable. It can only be + set for containers." + items: + description: ResourceClaim references one entry in PodSpec.ResourceClaims. + properties: + name: + description: Name must match the name of one entry in + pod.spec.resourceClaims of the Pod where this field + is used. It makes that resource available inside a + container. + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum amount of compute + resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum amount of compute + resources required. If Requests is omitted for a container, + it defaults to Limits if that is explicitly specified, otherwise + to an implementation-defined value. Requests cannot exceed + Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + type: object + verifyTLS: + description: Deprecated field. Support dropped in v1beta1 version. + VerifyTLS set to false disables strict TLS validation. + type: boolean + version: + description: Deprecated field. Support dropped in v1beta1 version. + Version is the SSO container image tag. + type: string + type: object + statusBadgeEnabled: + description: StatusBadgeEnabled toggles application status badge feature. + type: boolean + tls: + description: TLS defines the TLS options for ArgoCD. + properties: + ca: + description: CA defines the CA options. + properties: + configMapName: + description: ConfigMapName is the name of the ConfigMap containing + the CA Certificate. + type: string + secretName: + description: SecretName is the name of the Secret containing + the CA Certificate and Key. + type: string + type: object + initialCerts: + additionalProperties: + type: string + description: InitialCerts defines custom TLS certificates upon + creation of the cluster for connecting Git repositories via + HTTPS. + type: object + type: object + usersAnonymousEnabled: + description: UsersAnonymousEnabled toggles anonymous user access. + The anonymous users get default role permissions specified argocd-rbac-cm. + type: boolean + version: + description: Version is the tag to use with the ArgoCD container image + for all ArgoCD components. + type: string + type: object + status: + description: ArgoCDStatus defines the observed state of ArgoCD + properties: + applicationController: + description: 'ApplicationController is a simple, high-level summary + of where the Argo CD application controller component is in its + lifecycle. There are four possible ApplicationController values: + Pending: The Argo CD application controller component has been accepted + by the Kubernetes system, but one or more of the required resources + have not been created. Running: All of the required Pods for the + Argo CD application controller component are in a Ready state. Failed: + At least one of the Argo CD application controller component Pods + had a failure. Unknown: The state of the Argo CD application controller + component could not be obtained.' + type: string + applicationSetController: + description: 'ApplicationSetController is a simple, high-level summary + of where the Argo CD applicationSet controller component is in its + lifecycle. There are four possible ApplicationSetController values: + Pending: The Argo CD applicationSet controller component has been + accepted by the Kubernetes system, but one or more of the required + resources have not been created. Running: All of the required Pods + for the Argo CD applicationSet controller component are in a Ready + state. Failed: At least one of the Argo CD applicationSet controller + component Pods had a failure. Unknown: The state of the Argo CD + applicationSet controller component could not be obtained.' + type: string + host: + description: Host is the hostname of the Ingress. + type: string + notificationsController: + description: 'NotificationsController is a simple, high-level summary + of where the Argo CD notifications controller component is in its + lifecycle. There are four possible NotificationsController values: + Pending: The Argo CD notifications controller component has been + accepted by the Kubernetes system, but one or more of the required + resources have not been created. Running: All of the required Pods + for the Argo CD notifications controller component are in a Ready + state. Failed: At least one of the Argo CD notifications controller + component Pods had a failure. Unknown: The state of the Argo CD + notifications controller component could not be obtained.' + type: string + phase: + description: 'Phase is a simple, high-level summary of where the ArgoCD + is in its lifecycle. There are four possible phase values: Pending: + The ArgoCD has been accepted by the Kubernetes system, but one or + more of the required resources have not been created. Available: + All of the resources for the ArgoCD are ready. Failed: At least + one resource has experienced a failure. Unknown: The state of the + ArgoCD phase could not be obtained.' + type: string + redis: + description: 'Redis is a simple, high-level summary of where the Argo + CD Redis component is in its lifecycle. There are four possible + redis values: Pending: The Argo CD Redis component has been accepted + by the Kubernetes system, but one or more of the required resources + have not been created. Running: All of the required Pods for the + Argo CD Redis component are in a Ready state. Failed: At least one + of the Argo CD Redis component Pods had a failure. Unknown: The + state of the Argo CD Redis component could not be obtained.' + type: string + redisTLSChecksum: + description: RedisTLSChecksum contains the SHA256 checksum of the + latest known state of tls.crt and tls.key in the argocd-operator-redis-tls + secret. + type: string + repo: + description: 'Repo is a simple, high-level summary of where the Argo + CD Repo component is in its lifecycle. There are four possible repo + values: Pending: The Argo CD Repo component has been accepted by + the Kubernetes system, but one or more of the required resources + have not been created. Running: All of the required Pods for the + Argo CD Repo component are in a Ready state. Failed: At least one + of the Argo CD Repo component Pods had a failure. Unknown: The + state of the Argo CD Repo component could not be obtained.' + type: string + repoTLSChecksum: + description: RepoTLSChecksum contains the SHA256 checksum of the latest + known state of tls.crt and tls.key in the argocd-repo-server-tls + secret. + type: string + server: + description: 'Server is a simple, high-level summary of where the + Argo CD server component is in its lifecycle. There are four possible + server values: Pending: The Argo CD server component has been accepted + by the Kubernetes system, but one or more of the required resources + have not been created. Running: All of the required Pods for the + Argo CD server component are in a Ready state. Failed: At least + one of the Argo CD server component Pods had a failure. Unknown: + The state of the Argo CD server component could not be obtained.' + type: string + sso: + description: 'SSO is a simple, high-level summary of where the Argo + CD SSO(Dex/Keycloak) component is in its lifecycle. There are four + possible sso values: Pending: The Argo CD SSO component has been + accepted by the Kubernetes system, but one or more of the required + resources have not been created. Running: All of the required Pods + for the Argo CD SSO component are in a Ready state. Failed: At least + one of the Argo CD SSO component Pods had a failure. Unknown: The + state of the Argo CD SSO component could not be obtained.' + type: string + type: object + type: object + served: true + storage: false + subresources: + status: {} + - name: v1beta1 + schema: + openAPIV3Schema: + description: ArgoCD is the Schema for the argocds API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: ArgoCDSpec defines the desired state of ArgoCD + properties: + applicationInstanceLabelKey: + description: ApplicationInstanceLabelKey is the key name where Argo + CD injects the app name as a tracking label. + type: string + applicationSet: + description: ArgoCDApplicationSet defines whether the Argo CD ApplicationSet + controller should be installed. + properties: + env: + description: Env lets you specify environment for applicationSet + controller pods + items: + description: EnvVar represents an environment variable present + in a Container. + properties: + name: + description: Name of the environment variable. Must be a + C_IDENTIFIER. + type: string + value: + description: 'Variable references $(VAR_NAME) are expanded + using the previously defined environment variables in + the container and any service environment variables. If + a variable cannot be resolved, the reference in the input + string will be unchanged. Double $$ are reduced to a single + $, which allows for escaping the $(VAR_NAME) syntax: i.e. + "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". + Escaped references will never be expanded, regardless + of whether the variable exists or not. Defaults to "".' + type: string + valueFrom: + description: Source for the environment variable's value. + Cannot be used if value is not empty. + properties: + configMapKeyRef: + description: Selects a key of a ConfigMap. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether the ConfigMap or its + key must be defined + type: boolean + required: + - key + type: object + fieldRef: + description: 'Selects a field of the pod: supports metadata.name, + metadata.namespace, `metadata.labels['''']`, + `metadata.annotations['''']`, spec.nodeName, + spec.serviceAccountName, status.hostIP, status.podIP, + status.podIPs.' + properties: + apiVersion: + description: Version of the schema the FieldPath + is written in terms of, defaults to "v1". + type: string + fieldPath: + description: Path of the field to select in the + specified API version. + type: string + required: + - fieldPath + type: object + resourceFieldRef: + description: 'Selects a resource of the container: only + resources limits and requests (limits.cpu, limits.memory, + limits.ephemeral-storage, requests.cpu, requests.memory + and requests.ephemeral-storage) are currently supported.' + properties: + containerName: + description: 'Container name: required for volumes, + optional for env vars' + type: string + divisor: + anyOf: + - type: integer + - type: string + description: Specifies the output format of the + exposed resources, defaults to "1" + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + description: 'Required: resource to select' + type: string + required: + - resource + type: object + secretKeyRef: + description: Selects a key of a secret in the pod's + namespace + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + type: object + required: + - name + type: object + type: array + extraCommandArgs: + description: ExtraCommandArgs allows users to pass command line + arguments to ApplicationSet controller. They get added to default + command line arguments provided by the operator. Please note + that the command line arguments provided as part of ExtraCommandArgs + will not overwrite the default command line arguments. + items: + type: string + type: array + image: + description: Image is the Argo CD ApplicationSet image (optional) + type: string + logLevel: + description: LogLevel describes the log level that should be used + by the ApplicationSet controller. Defaults to ArgoCDDefaultLogLevel + if not set. Valid options are debug,info, error, and warn. + type: string + resources: + description: Resources defines the Compute Resources required + by the container for ApplicationSet. + properties: + claims: + description: "Claims lists the names of resources, defined + in spec.resourceClaims, that are used by this container. + \n This is an alpha field and requires enabling the DynamicResourceAllocation + feature gate. \n This field is immutable. It can only be + set for containers." + items: + description: ResourceClaim references one entry in PodSpec.ResourceClaims. + properties: + name: + description: Name must match the name of one entry in + pod.spec.resourceClaims of the Pod where this field + is used. It makes that resource available inside a + container. + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum amount of compute + resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum amount of compute + resources required. If Requests is omitted for a container, + it defaults to Limits if that is explicitly specified, otherwise + to an implementation-defined value. Requests cannot exceed + Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + type: object + scmRootCAConfigMap: + description: SCMRootCAConfigMap is the name of the config map + that stores the Gitlab SCM Provider's TLS certificate which + will be mounted on the ApplicationSet Controller (optional). + type: string + version: + description: Version is the Argo CD ApplicationSet image tag. + (optional) + type: string + webhookServer: + description: WebhookServerSpec defines the options for the ApplicationSet + Webhook Server component. + properties: + host: + description: Host is the hostname to use for Ingress/Route + resources. + type: string + ingress: + description: Ingress defines the desired state for an Ingress + for the Application set webhook component. + properties: + annotations: + additionalProperties: + type: string + description: Annotations is the map of annotations to + apply to the Ingress. + type: object + enabled: + description: Enabled will toggle the creation of the Ingress. + type: boolean + ingressClassName: + description: IngressClassName for the Ingress resource. + type: string + path: + description: Path used for the Ingress resource. + type: string + tls: + description: TLS configuration. Currently the Ingress + only supports a single TLS port, 443. If multiple members + of this list specify different hosts, they will be multiplexed + on the same port according to the hostname specified + through the SNI TLS extension, if the ingress controller + fulfilling the ingress supports SNI. + items: + description: IngressTLS describes the transport layer + security associated with an ingress. + properties: + hosts: + description: hosts is a list of hosts included in + the TLS certificate. The values in this list must + match the name/s used in the tlsSecret. Defaults + to the wildcard host setting for the loadbalancer + controller fulfilling this Ingress, if left unspecified. + items: + type: string + type: array + x-kubernetes-list-type: atomic + secretName: + description: secretName is the name of the secret + used to terminate TLS traffic on port 443. Field + is left optional to allow TLS routing based on + SNI hostname alone. If the SNI host in a listener + conflicts with the "Host" header field used by + an IngressRule, the SNI host is used for termination + and value of the "Host" header is used for routing. + type: string + type: object + type: array + required: + - enabled + type: object + route: + description: Route defines the desired state for an OpenShift + Route for the Application set webhook component. + properties: + annotations: + additionalProperties: + type: string + description: Annotations is the map of annotations to + use for the Route resource. + type: object + enabled: + description: Enabled will toggle the creation of the OpenShift + Route. + type: boolean + labels: + additionalProperties: + type: string + description: Labels is the map of labels to use for the + Route resource + type: object + path: + description: Path the router watches for, to route traffic + for to the service. + type: string + tls: + description: TLS provides the ability to configure certificates + and termination for the Route. + properties: + caCertificate: + description: caCertificate provides the cert authority + certificate contents + type: string + certificate: + description: certificate provides certificate contents + type: string + destinationCACertificate: + description: destinationCACertificate provides the + contents of the ca certificate of the final destination. When + using reencrypt termination this file should be + provided in order to have routers use it for health + checks on the secure connection. If this field is + not specified, the router may provide its own destination + CA and perform hostname validation using the short + service name (service.namespace.svc), which allows + infrastructure generated certificates to automatically + verify. + type: string + insecureEdgeTerminationPolicy: + description: "insecureEdgeTerminationPolicy indicates + the desired behavior for insecure connections to + a route. While each router may make its own decisions + on which ports to expose, this is normally port + 80. \n * Allow - traffic is sent to the server on + the insecure port (default) * Disable - no traffic + is allowed on the insecure port. * Redirect - clients + are redirected to the secure port." + type: string + key: + description: key provides key file contents + type: string + termination: + description: termination indicates termination type. + type: string + required: + - termination + type: object + wildcardPolicy: + description: WildcardPolicy if any for the route. Currently + only 'Subdomain' or 'None' is allowed. + type: string + required: + - enabled + type: object + type: object + type: object + banner: + description: Banner defines an additional banner to be displayed in + Argo CD UI + properties: + content: + description: Content defines the banner message content to display + type: string + url: + description: URL defines an optional URL to be used as banner + message link + type: string + required: + - content + type: object + configManagementPlugins: + description: ConfigManagementPlugins is used to specify additional + config management plugins. + type: string + controller: + description: Controller defines the Application Controller options + for ArgoCD. + properties: + appSync: + description: "AppSync is used to control the sync frequency, by + default the ArgoCD controller polls Git every 3m. \n Set this + to a duration, e.g. 10m or 600s to control the synchronisation + frequency." + type: string + env: + description: Env lets you specify environment for application + controller pods + items: + description: EnvVar represents an environment variable present + in a Container. + properties: + name: + description: Name of the environment variable. Must be a + C_IDENTIFIER. + type: string + value: + description: 'Variable references $(VAR_NAME) are expanded + using the previously defined environment variables in + the container and any service environment variables. If + a variable cannot be resolved, the reference in the input + string will be unchanged. Double $$ are reduced to a single + $, which allows for escaping the $(VAR_NAME) syntax: i.e. + "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". + Escaped references will never be expanded, regardless + of whether the variable exists or not. Defaults to "".' + type: string + valueFrom: + description: Source for the environment variable's value. + Cannot be used if value is not empty. + properties: + configMapKeyRef: + description: Selects a key of a ConfigMap. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether the ConfigMap or its + key must be defined + type: boolean + required: + - key + type: object + fieldRef: + description: 'Selects a field of the pod: supports metadata.name, + metadata.namespace, `metadata.labels['''']`, + `metadata.annotations['''']`, spec.nodeName, + spec.serviceAccountName, status.hostIP, status.podIP, + status.podIPs.' + properties: + apiVersion: + description: Version of the schema the FieldPath + is written in terms of, defaults to "v1". + type: string + fieldPath: + description: Path of the field to select in the + specified API version. + type: string + required: + - fieldPath + type: object + resourceFieldRef: + description: 'Selects a resource of the container: only + resources limits and requests (limits.cpu, limits.memory, + limits.ephemeral-storage, requests.cpu, requests.memory + and requests.ephemeral-storage) are currently supported.' + properties: + containerName: + description: 'Container name: required for volumes, + optional for env vars' + type: string + divisor: + anyOf: + - type: integer + - type: string + description: Specifies the output format of the + exposed resources, defaults to "1" + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + description: 'Required: resource to select' + type: string + required: + - resource + type: object + secretKeyRef: + description: Selects a key of a secret in the pod's + namespace + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + type: object + required: + - name + type: object + type: array + logFormat: + description: LogFormat refers to the log format used by the Application + Controller component. Defaults to ArgoCDDefaultLogFormat if + not configured. Valid options are text or json. + type: string + logLevel: + description: LogLevel refers to the log level used by the Application + Controller component. Defaults to ArgoCDDefaultLogLevel if not + configured. Valid options are debug, info, error, and warn. + type: string + parallelismLimit: + description: ParallelismLimit defines the limit for parallel kubectl + operations + format: int32 + type: integer + processors: + description: Processors contains the options for the Application + Controller processors. + properties: + operation: + description: Operation is the number of application operation + processors. + format: int32 + type: integer + status: + description: Status is the number of application status processors. + format: int32 + type: integer + type: object + resources: + description: Resources defines the Compute Resources required + by the container for the Application Controller. + properties: + claims: + description: "Claims lists the names of resources, defined + in spec.resourceClaims, that are used by this container. + \n This is an alpha field and requires enabling the DynamicResourceAllocation + feature gate. \n This field is immutable. It can only be + set for containers." + items: + description: ResourceClaim references one entry in PodSpec.ResourceClaims. + properties: + name: + description: Name must match the name of one entry in + pod.spec.resourceClaims of the Pod where this field + is used. It makes that resource available inside a + container. + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum amount of compute + resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum amount of compute + resources required. If Requests is omitted for a container, + it defaults to Limits if that is explicitly specified, otherwise + to an implementation-defined value. Requests cannot exceed + Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + type: object + sharding: + description: Sharding contains the options for the Application + Controller sharding configuration. + properties: + clustersPerShard: + description: ClustersPerShard defines the maximum number of + clusters managed by each argocd shard + format: int32 + minimum: 1 + type: integer + dynamicScalingEnabled: + description: DynamicScalingEnabled defines whether dynamic + scaling should be enabled for Application Controller component + type: boolean + enabled: + description: Enabled defines whether sharding should be enabled + on the Application Controller component. + type: boolean + maxShards: + description: MaxShards defines the maximum number of shards + at any given point + format: int32 + type: integer + minShards: + description: MinShards defines the minimum number of shards + at any given point + format: int32 + minimum: 1 + type: integer + replicas: + description: Replicas defines the number of replicas to run + in the Application controller shard. + format: int32 + type: integer + type: object + type: object + disableAdmin: + description: DisableAdmin will disable the admin user. + type: boolean + extraConfig: + additionalProperties: + type: string + description: "ExtraConfig can be used to add fields to Argo CD configmap + that are not supported by Argo CD CRD. \n Note: ExtraConfig takes + precedence over Argo CD CRD. For example, A user sets `argocd.Spec.DisableAdmin` + = true and also `a.Spec.ExtraConfig[\"admin.enabled\"]` = true. + In this case, operator updates Argo CD Configmap as follows -> argocd-cm.Data[\"admin.enabled\"] + = true." + type: object + gaAnonymizeUsers: + description: GAAnonymizeUsers toggles user IDs being hashed before + sending to google analytics. + type: boolean + gaTrackingID: + description: GATrackingID is the google analytics tracking ID to use. + type: string + grafana: + description: Grafana defines the Grafana server options for ArgoCD. + properties: + enabled: + description: Enabled will toggle Grafana support globally for + ArgoCD. + type: boolean + host: + description: Host is the hostname to use for Ingress/Route resources. + type: string + image: + description: Image is the Grafana container image. + type: string + ingress: + description: Ingress defines the desired state for an Ingress + for the Grafana component. + properties: + annotations: + additionalProperties: + type: string + description: Annotations is the map of annotations to apply + to the Ingress. + type: object + enabled: + description: Enabled will toggle the creation of the Ingress. + type: boolean + ingressClassName: + description: IngressClassName for the Ingress resource. + type: string + path: + description: Path used for the Ingress resource. + type: string + tls: + description: TLS configuration. Currently the Ingress only + supports a single TLS port, 443. If multiple members of + this list specify different hosts, they will be multiplexed + on the same port according to the hostname specified through + the SNI TLS extension, if the ingress controller fulfilling + the ingress supports SNI. + items: + description: IngressTLS describes the transport layer security + associated with an ingress. + properties: + hosts: + description: hosts is a list of hosts included in the + TLS certificate. The values in this list must match + the name/s used in the tlsSecret. Defaults to the + wildcard host setting for the loadbalancer controller + fulfilling this Ingress, if left unspecified. + items: + type: string + type: array + x-kubernetes-list-type: atomic + secretName: + description: secretName is the name of the secret used + to terminate TLS traffic on port 443. Field is left + optional to allow TLS routing based on SNI hostname + alone. If the SNI host in a listener conflicts with + the "Host" header field used by an IngressRule, the + SNI host is used for termination and value of the + "Host" header is used for routing. + type: string + type: object + type: array + required: + - enabled + type: object + resources: + description: Resources defines the Compute Resources required + by the container for Grafana. + properties: + claims: + description: "Claims lists the names of resources, defined + in spec.resourceClaims, that are used by this container. + \n This is an alpha field and requires enabling the DynamicResourceAllocation + feature gate. \n This field is immutable. It can only be + set for containers." + items: + description: ResourceClaim references one entry in PodSpec.ResourceClaims. + properties: + name: + description: Name must match the name of one entry in + pod.spec.resourceClaims of the Pod where this field + is used. It makes that resource available inside a + container. + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum amount of compute + resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum amount of compute + resources required. If Requests is omitted for a container, + it defaults to Limits if that is explicitly specified, otherwise + to an implementation-defined value. Requests cannot exceed + Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + type: object + route: + description: Route defines the desired state for an OpenShift + Route for the Grafana component. + properties: + annotations: + additionalProperties: + type: string + description: Annotations is the map of annotations to use + for the Route resource. + type: object + enabled: + description: Enabled will toggle the creation of the OpenShift + Route. + type: boolean + labels: + additionalProperties: + type: string + description: Labels is the map of labels to use for the Route + resource + type: object + path: + description: Path the router watches for, to route traffic + for to the service. + type: string + tls: + description: TLS provides the ability to configure certificates + and termination for the Route. + properties: + caCertificate: + description: caCertificate provides the cert authority + certificate contents + type: string + certificate: + description: certificate provides certificate contents + type: string + destinationCACertificate: + description: destinationCACertificate provides the contents + of the ca certificate of the final destination. When + using reencrypt termination this file should be provided + in order to have routers use it for health checks on + the secure connection. If this field is not specified, + the router may provide its own destination CA and perform + hostname validation using the short service name (service.namespace.svc), + which allows infrastructure generated certificates to + automatically verify. + type: string + insecureEdgeTerminationPolicy: + description: "insecureEdgeTerminationPolicy indicates + the desired behavior for insecure connections to a route. + While each router may make its own decisions on which + ports to expose, this is normally port 80. \n * Allow + - traffic is sent to the server on the insecure port + (default) * Disable - no traffic is allowed on the insecure + port. * Redirect - clients are redirected to the secure + port." + type: string + key: + description: key provides key file contents + type: string + termination: + description: termination indicates termination type. + type: string + required: + - termination + type: object + wildcardPolicy: + description: WildcardPolicy if any for the route. Currently + only 'Subdomain' or 'None' is allowed. + type: string + required: + - enabled + type: object + size: + description: Size is the replica count for the Grafana Deployment. + format: int32 + type: integer + version: + description: Version is the Grafana container image tag. + type: string + required: + - enabled + type: object + ha: + description: HA options for High Availability support for the Redis + component. + properties: + enabled: + description: Enabled will toggle HA support globally for Argo + CD. + type: boolean + redisProxyImage: + description: RedisProxyImage is the Redis HAProxy container image. + type: string + redisProxyVersion: + description: RedisProxyVersion is the Redis HAProxy container + image tag. + type: string + resources: + description: Resources defines the Compute Resources required + by the container for HA. + properties: + claims: + description: "Claims lists the names of resources, defined + in spec.resourceClaims, that are used by this container. + \n This is an alpha field and requires enabling the DynamicResourceAllocation + feature gate. \n This field is immutable. It can only be + set for containers." + items: + description: ResourceClaim references one entry in PodSpec.ResourceClaims. + properties: + name: + description: Name must match the name of one entry in + pod.spec.resourceClaims of the Pod where this field + is used. It makes that resource available inside a + container. + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum amount of compute + resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum amount of compute + resources required. If Requests is omitted for a container, + it defaults to Limits if that is explicitly specified, otherwise + to an implementation-defined value. Requests cannot exceed + Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + type: object + required: + - enabled + type: object + helpChatText: + description: HelpChatText is the text for getting chat help, defaults + to "Chat now!" + type: string + helpChatURL: + description: HelpChatURL is the URL for getting chat help, this will + typically be your Slack channel for support. + type: string + image: + description: Image is the ArgoCD container image for all ArgoCD components. + type: string + import: + description: Import is the import/restore options for ArgoCD. + properties: + name: + description: Name of an ArgoCDExport from which to import data. + type: string + namespace: + description: Namespace for the ArgoCDExport, defaults to the same + namespace as the ArgoCD. + type: string + required: + - name + type: object + initialRepositories: + description: InitialRepositories to configure Argo CD with upon creation + of the cluster. + type: string + initialSSHKnownHosts: + description: InitialSSHKnownHosts defines the SSH known hosts data + upon creation of the cluster for connecting Git repositories via + SSH. + properties: + excludedefaulthosts: + description: ExcludeDefaultHosts describes whether you would like + to include the default list of SSH Known Hosts provided by ArgoCD. + type: boolean + keys: + description: Keys describes a custom set of SSH Known Hosts that + you would like to have included in your ArgoCD server. + type: string + type: object + kustomizeBuildOptions: + description: KustomizeBuildOptions is used to specify build options/parameters + to use with `kustomize build`. + type: string + kustomizeVersions: + description: KustomizeVersions is a listing of configured versions + of Kustomize to be made available within ArgoCD. + items: + description: KustomizeVersionSpec is used to specify information + about a kustomize version to be used within ArgoCD. + properties: + path: + description: Path is the path to a configured kustomize version + on the filesystem of your repo server. + type: string + version: + description: Version is a configured kustomize version in the + format of vX.Y.Z + type: string + type: object + type: array + monitoring: + description: Monitoring defines whether workload status monitoring + configuration for this instance. + properties: + enabled: + description: Enabled defines whether workload status monitoring + is enabled for this instance or not + type: boolean + required: + - enabled + type: object + nodePlacement: + description: NodePlacement defines NodeSelectors and Taints for Argo + CD workloads + properties: + nodeSelector: + additionalProperties: + type: string + description: NodeSelector is a field of PodSpec, it is a map of + key value pairs used for node selection + type: object + tolerations: + description: Tolerations allow the pods to schedule onto nodes + with matching taints + items: + description: The pod this Toleration is attached to tolerates + any taint that matches the triple using + the matching operator . + properties: + effect: + description: Effect indicates the taint effect to match. + Empty means match all taint effects. When specified, allowed + values are NoSchedule, PreferNoSchedule and NoExecute. + type: string + key: + description: Key is the taint key that the toleration applies + to. Empty means match all taint keys. If the key is empty, + operator must be Exists; this combination means to match + all values and all keys. + type: string + operator: + description: Operator represents a key's relationship to + the value. Valid operators are Exists and Equal. Defaults + to Equal. Exists is equivalent to wildcard for value, + so that a pod can tolerate all taints of a particular + category. + type: string + tolerationSeconds: + description: TolerationSeconds represents the period of + time the toleration (which must be of effect NoExecute, + otherwise this field is ignored) tolerates the taint. + By default, it is not set, which means tolerate the taint + forever (do not evict). Zero and negative values will + be treated as 0 (evict immediately) by the system. + format: int64 + type: integer + value: + description: Value is the taint value the toleration matches + to. If the operator is Exists, the value should be empty, + otherwise just a regular string. + type: string + type: object + type: array + type: object + notifications: + description: Notifications defines whether the Argo CD Notifications + controller should be installed. + properties: + enabled: + description: Enabled defines whether argocd-notifications controller + should be deployed or not + type: boolean + env: + description: Env let you specify environment variables for Notifications + pods + items: + description: EnvVar represents an environment variable present + in a Container. + properties: + name: + description: Name of the environment variable. Must be a + C_IDENTIFIER. + type: string + value: + description: 'Variable references $(VAR_NAME) are expanded + using the previously defined environment variables in + the container and any service environment variables. If + a variable cannot be resolved, the reference in the input + string will be unchanged. Double $$ are reduced to a single + $, which allows for escaping the $(VAR_NAME) syntax: i.e. + "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". + Escaped references will never be expanded, regardless + of whether the variable exists or not. Defaults to "".' + type: string + valueFrom: + description: Source for the environment variable's value. + Cannot be used if value is not empty. + properties: + configMapKeyRef: + description: Selects a key of a ConfigMap. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether the ConfigMap or its + key must be defined + type: boolean + required: + - key + type: object + fieldRef: + description: 'Selects a field of the pod: supports metadata.name, + metadata.namespace, `metadata.labels['''']`, + `metadata.annotations['''']`, spec.nodeName, + spec.serviceAccountName, status.hostIP, status.podIP, + status.podIPs.' + properties: + apiVersion: + description: Version of the schema the FieldPath + is written in terms of, defaults to "v1". + type: string + fieldPath: + description: Path of the field to select in the + specified API version. + type: string + required: + - fieldPath + type: object + resourceFieldRef: + description: 'Selects a resource of the container: only + resources limits and requests (limits.cpu, limits.memory, + limits.ephemeral-storage, requests.cpu, requests.memory + and requests.ephemeral-storage) are currently supported.' + properties: + containerName: + description: 'Container name: required for volumes, + optional for env vars' + type: string + divisor: + anyOf: + - type: integer + - type: string + description: Specifies the output format of the + exposed resources, defaults to "1" + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + description: 'Required: resource to select' + type: string + required: + - resource + type: object + secretKeyRef: + description: Selects a key of a secret in the pod's + namespace + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + type: object + required: + - name + type: object + type: array + image: + description: Image is the Argo CD Notifications image (optional) + type: string + logLevel: + description: LogLevel describes the log level that should be used + by the argocd-notifications. Defaults to ArgoCDDefaultLogLevel + if not set. Valid options are debug,info, error, and warn. + type: string + replicas: + description: Replicas defines the number of replicas to run for + notifications-controller + format: int32 + type: integer + resources: + description: Resources defines the Compute Resources required + by the container for Argo CD Notifications. + properties: + claims: + description: "Claims lists the names of resources, defined + in spec.resourceClaims, that are used by this container. + \n This is an alpha field and requires enabling the DynamicResourceAllocation + feature gate. \n This field is immutable. It can only be + set for containers." + items: + description: ResourceClaim references one entry in PodSpec.ResourceClaims. + properties: + name: + description: Name must match the name of one entry in + pod.spec.resourceClaims of the Pod where this field + is used. It makes that resource available inside a + container. + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum amount of compute + resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum amount of compute + resources required. If Requests is omitted for a container, + it defaults to Limits if that is explicitly specified, otherwise + to an implementation-defined value. Requests cannot exceed + Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + type: object + version: + description: Version is the Argo CD Notifications image tag. (optional) + type: string + required: + - enabled + type: object + oidcConfig: + description: OIDCConfig is the OIDC configuration as an alternative + to dex. + type: string + prometheus: + description: Prometheus defines the Prometheus server options for + ArgoCD. + properties: + enabled: + description: Enabled will toggle Prometheus support globally for + ArgoCD. + type: boolean + host: + description: Host is the hostname to use for Ingress/Route resources. + type: string + ingress: + description: Ingress defines the desired state for an Ingress + for the Prometheus component. + properties: + annotations: + additionalProperties: + type: string + description: Annotations is the map of annotations to apply + to the Ingress. + type: object + enabled: + description: Enabled will toggle the creation of the Ingress. + type: boolean + ingressClassName: + description: IngressClassName for the Ingress resource. + type: string + path: + description: Path used for the Ingress resource. + type: string + tls: + description: TLS configuration. Currently the Ingress only + supports a single TLS port, 443. If multiple members of + this list specify different hosts, they will be multiplexed + on the same port according to the hostname specified through + the SNI TLS extension, if the ingress controller fulfilling + the ingress supports SNI. + items: + description: IngressTLS describes the transport layer security + associated with an ingress. + properties: + hosts: + description: hosts is a list of hosts included in the + TLS certificate. The values in this list must match + the name/s used in the tlsSecret. Defaults to the + wildcard host setting for the loadbalancer controller + fulfilling this Ingress, if left unspecified. + items: + type: string + type: array + x-kubernetes-list-type: atomic + secretName: + description: secretName is the name of the secret used + to terminate TLS traffic on port 443. Field is left + optional to allow TLS routing based on SNI hostname + alone. If the SNI host in a listener conflicts with + the "Host" header field used by an IngressRule, the + SNI host is used for termination and value of the + "Host" header is used for routing. + type: string + type: object + type: array + required: + - enabled + type: object + route: + description: Route defines the desired state for an OpenShift + Route for the Prometheus component. + properties: + annotations: + additionalProperties: + type: string + description: Annotations is the map of annotations to use + for the Route resource. + type: object + enabled: + description: Enabled will toggle the creation of the OpenShift + Route. + type: boolean + labels: + additionalProperties: + type: string + description: Labels is the map of labels to use for the Route + resource + type: object + path: + description: Path the router watches for, to route traffic + for to the service. + type: string + tls: + description: TLS provides the ability to configure certificates + and termination for the Route. + properties: + caCertificate: + description: caCertificate provides the cert authority + certificate contents + type: string + certificate: + description: certificate provides certificate contents + type: string + destinationCACertificate: + description: destinationCACertificate provides the contents + of the ca certificate of the final destination. When + using reencrypt termination this file should be provided + in order to have routers use it for health checks on + the secure connection. If this field is not specified, + the router may provide its own destination CA and perform + hostname validation using the short service name (service.namespace.svc), + which allows infrastructure generated certificates to + automatically verify. + type: string + insecureEdgeTerminationPolicy: + description: "insecureEdgeTerminationPolicy indicates + the desired behavior for insecure connections to a route. + While each router may make its own decisions on which + ports to expose, this is normally port 80. \n * Allow + - traffic is sent to the server on the insecure port + (default) * Disable - no traffic is allowed on the insecure + port. * Redirect - clients are redirected to the secure + port." + type: string + key: + description: key provides key file contents + type: string + termination: + description: termination indicates termination type. + type: string + required: + - termination + type: object + wildcardPolicy: + description: WildcardPolicy if any for the route. Currently + only 'Subdomain' or 'None' is allowed. + type: string + required: + - enabled + type: object + size: + description: Size is the replica count for the Prometheus StatefulSet. + format: int32 + type: integer + required: + - enabled + type: object + rbac: + description: RBAC defines the RBAC configuration for Argo CD. + properties: + defaultPolicy: + description: DefaultPolicy is the name of the default role which + Argo CD will falls back to, when authorizing API requests (optional). + If omitted or empty, users may be still be able to login, but + will see no apps, projects, etc... + type: string + policy: + description: 'Policy is CSV containing user-defined RBAC policies + and role definitions. Policy rules are in the form: p, subject, + resource, action, object, effect Role definitions and bindings + are in the form: g, subject, inherited-subject See https://github.com/argoproj/argo-cd/blob/master/docs/operator-manual/rbac.md + for additional information.' + type: string + policyMatcherMode: + description: PolicyMatcherMode configures the matchers function + mode for casbin. There are two options for this, 'glob' for + glob matcher or 'regex' for regex matcher. + type: string + scopes: + description: 'Scopes controls which OIDC scopes to examine during + rbac enforcement (in addition to `sub` scope). If omitted, defaults + to: ''[groups]''.' + type: string + type: object + redis: + description: Redis defines the Redis server options for ArgoCD. + properties: + autotls: + description: 'AutoTLS specifies the method to use for automatic + TLS configuration for the redis server The value specified here + can currently be: - openshift - Use the OpenShift service CA + to request TLS config' + type: string + disableTLSVerification: + description: DisableTLSVerification defines whether redis server + API should be accessed using strict TLS validation + type: boolean + image: + description: Image is the Redis container image. + type: string + resources: + description: Resources defines the Compute Resources required + by the container for Redis. + properties: + claims: + description: "Claims lists the names of resources, defined + in spec.resourceClaims, that are used by this container. + \n This is an alpha field and requires enabling the DynamicResourceAllocation + feature gate. \n This field is immutable. It can only be + set for containers." + items: + description: ResourceClaim references one entry in PodSpec.ResourceClaims. + properties: + name: + description: Name must match the name of one entry in + pod.spec.resourceClaims of the Pod where this field + is used. It makes that resource available inside a + container. + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum amount of compute + resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum amount of compute + resources required. If Requests is omitted for a container, + it defaults to Limits if that is explicitly specified, otherwise + to an implementation-defined value. Requests cannot exceed + Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + type: object + version: + description: Version is the Redis container image tag. + type: string + type: object + repo: + description: Repo defines the repo server options for Argo CD. + properties: + autotls: + description: 'AutoTLS specifies the method to use for automatic + TLS configuration for the repo server The value specified here + can currently be: - openshift - Use the OpenShift service CA + to request TLS config' + type: string + env: + description: Env lets you specify environment for repo server + pods + items: + description: EnvVar represents an environment variable present + in a Container. + properties: + name: + description: Name of the environment variable. Must be a + C_IDENTIFIER. + type: string + value: + description: 'Variable references $(VAR_NAME) are expanded + using the previously defined environment variables in + the container and any service environment variables. If + a variable cannot be resolved, the reference in the input + string will be unchanged. Double $$ are reduced to a single + $, which allows for escaping the $(VAR_NAME) syntax: i.e. + "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". + Escaped references will never be expanded, regardless + of whether the variable exists or not. Defaults to "".' + type: string + valueFrom: + description: Source for the environment variable's value. + Cannot be used if value is not empty. + properties: + configMapKeyRef: + description: Selects a key of a ConfigMap. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether the ConfigMap or its + key must be defined + type: boolean + required: + - key + type: object + fieldRef: + description: 'Selects a field of the pod: supports metadata.name, + metadata.namespace, `metadata.labels['''']`, + `metadata.annotations['''']`, spec.nodeName, + spec.serviceAccountName, status.hostIP, status.podIP, + status.podIPs.' + properties: + apiVersion: + description: Version of the schema the FieldPath + is written in terms of, defaults to "v1". + type: string + fieldPath: + description: Path of the field to select in the + specified API version. + type: string + required: + - fieldPath + type: object + resourceFieldRef: + description: 'Selects a resource of the container: only + resources limits and requests (limits.cpu, limits.memory, + limits.ephemeral-storage, requests.cpu, requests.memory + and requests.ephemeral-storage) are currently supported.' + properties: + containerName: + description: 'Container name: required for volumes, + optional for env vars' + type: string + divisor: + anyOf: + - type: integer + - type: string + description: Specifies the output format of the + exposed resources, defaults to "1" + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + description: 'Required: resource to select' + type: string + required: + - resource + type: object + secretKeyRef: + description: Selects a key of a secret in the pod's + namespace + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + type: object + required: + - name + type: object + type: array + execTimeout: + description: ExecTimeout specifies the timeout in seconds for + tool execution + type: integer + extraRepoCommandArgs: + description: Extra Command arguments allows users to pass command + line arguments to repo server workload. They get added to default + command line arguments provided by the operator. Please note + that the command line arguments provided as part of ExtraRepoCommandArgs + will not overwrite the default command line arguments. + items: + type: string + type: array + image: + description: Image is the ArgoCD Repo Server container image. + type: string + initContainers: + description: InitContainers defines the list of initialization + containers for the repo server deployment + items: + description: A single application container that you want to + run within a pod. + properties: + args: + description: 'Arguments to the entrypoint. The container + image''s CMD is used if this is not provided. Variable + references $(VAR_NAME) are expanded using the container''s + environment. If a variable cannot be resolved, the reference + in the input string will be unchanged. Double $$ are reduced + to a single $, which allows for escaping the $(VAR_NAME) + syntax: i.e. "$$(VAR_NAME)" will produce the string literal + "$(VAR_NAME)". Escaped references will never be expanded, + regardless of whether the variable exists or not. Cannot + be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' + items: + type: string + type: array + command: + description: 'Entrypoint array. Not executed within a shell. + The container image''s ENTRYPOINT is used if this is not + provided. Variable references $(VAR_NAME) are expanded + using the container''s environment. If a variable cannot + be resolved, the reference in the input string will be + unchanged. Double $$ are reduced to a single $, which + allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" + will produce the string literal "$(VAR_NAME)". Escaped + references will never be expanded, regardless of whether + the variable exists or not. Cannot be updated. More info: + https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' + items: + type: string + type: array + env: + description: List of environment variables to set in the + container. Cannot be updated. + items: + description: EnvVar represents an environment variable + present in a Container. + properties: + name: + description: Name of the environment variable. Must + be a C_IDENTIFIER. + type: string + value: + description: 'Variable references $(VAR_NAME) are + expanded using the previously defined environment + variables in the container and any service environment + variables. If a variable cannot be resolved, the + reference in the input string will be unchanged. + Double $$ are reduced to a single $, which allows + for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" + will produce the string literal "$(VAR_NAME)". Escaped + references will never be expanded, regardless of + whether the variable exists or not. Defaults to + "".' + type: string + valueFrom: + description: Source for the environment variable's + value. Cannot be used if value is not empty. + properties: + configMapKeyRef: + description: Selects a key of a ConfigMap. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the ConfigMap + or its key must be defined + type: boolean + required: + - key + type: object + fieldRef: + description: 'Selects a field of the pod: supports + metadata.name, metadata.namespace, `metadata.labels['''']`, + `metadata.annotations['''']`, spec.nodeName, + spec.serviceAccountName, status.hostIP, status.podIP, + status.podIPs.' + properties: + apiVersion: + description: Version of the schema the FieldPath + is written in terms of, defaults to "v1". + type: string + fieldPath: + description: Path of the field to select in + the specified API version. + type: string + required: + - fieldPath + type: object + resourceFieldRef: + description: 'Selects a resource of the container: + only resources limits and requests (limits.cpu, + limits.memory, limits.ephemeral-storage, requests.cpu, + requests.memory and requests.ephemeral-storage) + are currently supported.' + properties: + containerName: + description: 'Container name: required for + volumes, optional for env vars' + type: string + divisor: + anyOf: + - type: integer + - type: string + description: Specifies the output format of + the exposed resources, defaults to "1" + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + description: 'Required: resource to select' + type: string + required: + - resource + type: object + secretKeyRef: + description: Selects a key of a secret in the + pod's namespace + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret or + its key must be defined + type: boolean + required: + - key + type: object + type: object + required: + - name + type: object + type: array + envFrom: + description: List of sources to populate environment variables + in the container. The keys defined within a source must + be a C_IDENTIFIER. All invalid keys will be reported as + an event when the container is starting. When a key exists + in multiple sources, the value associated with the last + source will take precedence. Values defined by an Env + with a duplicate key will take precedence. Cannot be updated. + items: + description: EnvFromSource represents the source of a + set of ConfigMaps + properties: + configMapRef: + description: The ConfigMap to select from + properties: + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether the ConfigMap must + be defined + type: boolean + type: object + prefix: + description: An optional identifier to prepend to + each key in the ConfigMap. Must be a C_IDENTIFIER. + type: string + secretRef: + description: The Secret to select from + properties: + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether the Secret must be + defined + type: boolean + type: object + type: object + type: array + image: + description: 'Container image name. More info: https://kubernetes.io/docs/concepts/containers/images + This field is optional to allow higher level config management + to default or override container images in workload controllers + like Deployments and StatefulSets.' + type: string + imagePullPolicy: + description: 'Image pull policy. One of Always, Never, IfNotPresent. + Defaults to Always if :latest tag is specified, or IfNotPresent + otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' + type: string + lifecycle: + description: Actions that the management system should take + in response to container lifecycle events. Cannot be updated. + properties: + postStart: + description: 'PostStart is called immediately after + a container is created. If the handler fails, the + container is terminated and restarted according to + its restart policy. Other management of the container + blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' + properties: + exec: + description: Exec specifies the action to take. + properties: + command: + description: Command is the command line to + execute inside the container, the working + directory for the command is root ('/') in + the container's filesystem. The command is + simply exec'd, it is not run inside a shell, + so traditional shell instructions ('|', etc) + won't work. To use a shell, you need to explicitly + call out to that shell. Exit status of 0 is + treated as live/healthy and non-zero is unhealthy. + items: + type: string + type: array + type: object + httpGet: + description: HTTPGet specifies the http request + to perform. + properties: + host: + description: Host name to connect to, defaults + to the pod IP. You probably want to set "Host" + in httpHeaders instead. + type: string + httpHeaders: + description: Custom headers to set in the request. + HTTP allows repeated headers. + items: + description: HTTPHeader describes a custom + header to be used in HTTP probes + properties: + name: + description: The header field name. This + will be canonicalized upon output, so + case-variant names will be understood + as the same header. + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: integer + - type: string + description: Name or number of the port to access + on the container. Number must be in the range + 1 to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: Scheme to use for connecting to + the host. Defaults to HTTP. + type: string + required: + - port + type: object + tcpSocket: + description: Deprecated. TCPSocket is NOT supported + as a LifecycleHandler and kept for the backward + compatibility. There are no validation of this + field and lifecycle hooks will fail in runtime + when tcp handler is specified. + properties: + host: + description: 'Optional: Host name to connect + to, defaults to the pod IP.' + type: string + port: + anyOf: + - type: integer + - type: string + description: Number or name of the port to access + on the container. Number must be in the range + 1 to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + type: object + preStop: + description: 'PreStop is called immediately before a + container is terminated due to an API request or management + event such as liveness/startup probe failure, preemption, + resource contention, etc. The handler is not called + if the container crashes or exits. The Pod''s termination + grace period countdown begins before the PreStop hook + is executed. Regardless of the outcome of the handler, + the container will eventually terminate within the + Pod''s termination grace period (unless delayed by + finalizers). Other management of the container blocks + until the hook completes or until the termination + grace period is reached. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' + properties: + exec: + description: Exec specifies the action to take. + properties: + command: + description: Command is the command line to + execute inside the container, the working + directory for the command is root ('/') in + the container's filesystem. The command is + simply exec'd, it is not run inside a shell, + so traditional shell instructions ('|', etc) + won't work. To use a shell, you need to explicitly + call out to that shell. Exit status of 0 is + treated as live/healthy and non-zero is unhealthy. + items: + type: string + type: array + type: object + httpGet: + description: HTTPGet specifies the http request + to perform. + properties: + host: + description: Host name to connect to, defaults + to the pod IP. You probably want to set "Host" + in httpHeaders instead. + type: string + httpHeaders: + description: Custom headers to set in the request. + HTTP allows repeated headers. + items: + description: HTTPHeader describes a custom + header to be used in HTTP probes + properties: + name: + description: The header field name. This + will be canonicalized upon output, so + case-variant names will be understood + as the same header. + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: integer + - type: string + description: Name or number of the port to access + on the container. Number must be in the range + 1 to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: Scheme to use for connecting to + the host. Defaults to HTTP. + type: string + required: + - port + type: object + tcpSocket: + description: Deprecated. TCPSocket is NOT supported + as a LifecycleHandler and kept for the backward + compatibility. There are no validation of this + field and lifecycle hooks will fail in runtime + when tcp handler is specified. + properties: + host: + description: 'Optional: Host name to connect + to, defaults to the pod IP.' + type: string + port: + anyOf: + - type: integer + - type: string + description: Number or name of the port to access + on the container. Number must be in the range + 1 to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + type: object + type: object + livenessProbe: + description: 'Periodic probe of container liveness. Container + will be restarted if the probe fails. Cannot be updated. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + properties: + exec: + description: Exec specifies the action to take. + properties: + command: + description: Command is the command line to execute + inside the container, the working directory for + the command is root ('/') in the container's + filesystem. The command is simply exec'd, it is + not run inside a shell, so traditional shell instructions + ('|', etc) won't work. To use a shell, you need + to explicitly call out to that shell. Exit status + of 0 is treated as live/healthy and non-zero is + unhealthy. + items: + type: string + type: array + type: object + failureThreshold: + description: Minimum consecutive failures for the probe + to be considered failed after having succeeded. Defaults + to 3. Minimum value is 1. + format: int32 + type: integer + grpc: + description: GRPC specifies an action involving a GRPC + port. + properties: + port: + description: Port number of the gRPC service. Number + must be in the range 1 to 65535. + format: int32 + type: integer + service: + description: "Service is the name of the service + to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + \n If this is not specified, the default behavior + is defined by gRPC." + type: string + required: + - port + type: object + httpGet: + description: HTTPGet specifies the http request to perform. + properties: + host: + description: Host name to connect to, defaults to + the pod IP. You probably want to set "Host" in + httpHeaders instead. + type: string + httpHeaders: + description: Custom headers to set in the request. + HTTP allows repeated headers. + items: + description: HTTPHeader describes a custom header + to be used in HTTP probes + properties: + name: + description: The header field name. This will + be canonicalized upon output, so case-variant + names will be understood as the same header. + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: integer + - type: string + description: Name or number of the port to access + on the container. Number must be in the range + 1 to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: Scheme to use for connecting to the + host. Defaults to HTTP. + type: string + required: + - port + type: object + initialDelaySeconds: + description: 'Number of seconds after the container + has started before liveness probes are initiated. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + periodSeconds: + description: How often (in seconds) to perform the probe. + Default to 10 seconds. Minimum value is 1. + format: int32 + type: integer + successThreshold: + description: Minimum consecutive successes for the probe + to be considered successful after having failed. Defaults + to 1. Must be 1 for liveness and startup. Minimum + value is 1. + format: int32 + type: integer + tcpSocket: + description: TCPSocket specifies an action involving + a TCP port. + properties: + host: + description: 'Optional: Host name to connect to, + defaults to the pod IP.' + type: string + port: + anyOf: + - type: integer + - type: string + description: Number or name of the port to access + on the container. Number must be in the range + 1 to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + terminationGracePeriodSeconds: + description: Optional duration in seconds the pod needs + to terminate gracefully upon probe failure. The grace + period is the duration in seconds after the processes + running in the pod are sent a termination signal and + the time when the processes are forcibly halted with + a kill signal. Set this value longer than the expected + cleanup time for your process. If this value is nil, + the pod's terminationGracePeriodSeconds will be used. + Otherwise, this value overrides the value provided + by the pod spec. Value must be non-negative integer. + The value zero indicates stop immediately via the + kill signal (no opportunity to shut down). This is + a beta field and requires enabling ProbeTerminationGracePeriod + feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds + is used if unset. + format: int64 + type: integer + timeoutSeconds: + description: 'Number of seconds after which the probe + times out. Defaults to 1 second. Minimum value is + 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + type: object + name: + description: Name of the container specified as a DNS_LABEL. + Each container in a pod must have a unique name (DNS_LABEL). + Cannot be updated. + type: string + ports: + description: List of ports to expose from the container. + Not specifying a port here DOES NOT prevent that port + from being exposed. Any port which is listening on the + default "0.0.0.0" address inside a container will be accessible + from the network. Modifying this array with strategic + merge patch may corrupt the data. For more information + See https://github.com/kubernetes/kubernetes/issues/108255. + Cannot be updated. + items: + description: ContainerPort represents a network port in + a single container. + properties: + containerPort: + description: Number of port to expose on the pod's + IP address. This must be a valid port number, 0 + < x < 65536. + format: int32 + type: integer + hostIP: + description: What host IP to bind the external port + to. + type: string + hostPort: + description: Number of port to expose on the host. + If specified, this must be a valid port number, + 0 < x < 65536. If HostNetwork is specified, this + must match ContainerPort. Most containers do not + need this. + format: int32 + type: integer + name: + description: If specified, this must be an IANA_SVC_NAME + and unique within the pod. Each named port in a + pod must have a unique name. Name for the port that + can be referred to by services. + type: string + protocol: + default: TCP + description: Protocol for port. Must be UDP, TCP, + or SCTP. Defaults to "TCP". + type: string + required: + - containerPort + type: object + type: array + x-kubernetes-list-map-keys: + - containerPort + - protocol + x-kubernetes-list-type: map + readinessProbe: + description: 'Periodic probe of container service readiness. + Container will be removed from service endpoints if the + probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + properties: + exec: + description: Exec specifies the action to take. + properties: + command: + description: Command is the command line to execute + inside the container, the working directory for + the command is root ('/') in the container's + filesystem. The command is simply exec'd, it is + not run inside a shell, so traditional shell instructions + ('|', etc) won't work. To use a shell, you need + to explicitly call out to that shell. Exit status + of 0 is treated as live/healthy and non-zero is + unhealthy. + items: + type: string + type: array + type: object + failureThreshold: + description: Minimum consecutive failures for the probe + to be considered failed after having succeeded. Defaults + to 3. Minimum value is 1. + format: int32 + type: integer + grpc: + description: GRPC specifies an action involving a GRPC + port. + properties: + port: + description: Port number of the gRPC service. Number + must be in the range 1 to 65535. + format: int32 + type: integer + service: + description: "Service is the name of the service + to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + \n If this is not specified, the default behavior + is defined by gRPC." + type: string + required: + - port + type: object + httpGet: + description: HTTPGet specifies the http request to perform. + properties: + host: + description: Host name to connect to, defaults to + the pod IP. You probably want to set "Host" in + httpHeaders instead. + type: string + httpHeaders: + description: Custom headers to set in the request. + HTTP allows repeated headers. + items: + description: HTTPHeader describes a custom header + to be used in HTTP probes + properties: + name: + description: The header field name. This will + be canonicalized upon output, so case-variant + names will be understood as the same header. + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: integer + - type: string + description: Name or number of the port to access + on the container. Number must be in the range + 1 to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: Scheme to use for connecting to the + host. Defaults to HTTP. + type: string + required: + - port + type: object + initialDelaySeconds: + description: 'Number of seconds after the container + has started before liveness probes are initiated. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + periodSeconds: + description: How often (in seconds) to perform the probe. + Default to 10 seconds. Minimum value is 1. + format: int32 + type: integer + successThreshold: + description: Minimum consecutive successes for the probe + to be considered successful after having failed. Defaults + to 1. Must be 1 for liveness and startup. Minimum + value is 1. + format: int32 + type: integer + tcpSocket: + description: TCPSocket specifies an action involving + a TCP port. + properties: + host: + description: 'Optional: Host name to connect to, + defaults to the pod IP.' + type: string + port: + anyOf: + - type: integer + - type: string + description: Number or name of the port to access + on the container. Number must be in the range + 1 to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + terminationGracePeriodSeconds: + description: Optional duration in seconds the pod needs + to terminate gracefully upon probe failure. The grace + period is the duration in seconds after the processes + running in the pod are sent a termination signal and + the time when the processes are forcibly halted with + a kill signal. Set this value longer than the expected + cleanup time for your process. If this value is nil, + the pod's terminationGracePeriodSeconds will be used. + Otherwise, this value overrides the value provided + by the pod spec. Value must be non-negative integer. + The value zero indicates stop immediately via the + kill signal (no opportunity to shut down). This is + a beta field and requires enabling ProbeTerminationGracePeriod + feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds + is used if unset. + format: int64 + type: integer + timeoutSeconds: + description: 'Number of seconds after which the probe + times out. Defaults to 1 second. Minimum value is + 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + type: object + resizePolicy: + description: Resources resize policy for the container. + items: + description: ContainerResizePolicy represents resource + resize policy for the container. + properties: + resourceName: + description: 'Name of the resource to which this resource + resize policy applies. Supported values: cpu, memory.' + type: string + restartPolicy: + description: Restart policy to apply when specified + resource is resized. If not specified, it defaults + to NotRequired. + type: string + required: + - resourceName + - restartPolicy + type: object + type: array + x-kubernetes-list-type: atomic + resources: + description: 'Compute Resources required by this container. + Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + properties: + claims: + description: "Claims lists the names of resources, defined + in spec.resourceClaims, that are used by this container. + \n This is an alpha field and requires enabling the + DynamicResourceAllocation feature gate. \n This field + is immutable. It can only be set for containers." + items: + description: ResourceClaim references one entry in + PodSpec.ResourceClaims. + properties: + name: + description: Name must match the name of one entry + in pod.spec.resourceClaims of the Pod where + this field is used. It makes that resource available + inside a container. + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum amount of + compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum amount + of compute resources required. If Requests is omitted + for a container, it defaults to Limits if that is + explicitly specified, otherwise to an implementation-defined + value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + type: object + restartPolicy: + description: 'RestartPolicy defines the restart behavior + of individual containers in a pod. This field may only + be set for init containers, and the only allowed value + is "Always". For non-init containers or when this field + is not specified, the restart behavior is defined by the + Pod''s restart policy and the container type. Setting + the RestartPolicy as "Always" for the init container will + have the following effect: this init container will be + continually restarted on exit until all regular containers + have terminated. Once all regular containers have completed, + all init containers with restartPolicy "Always" will be + shut down. This lifecycle differs from normal init containers + and is often referred to as a "sidecar" container. Although + this init container still starts in the init container + sequence, it does not wait for the container to complete + before proceeding to the next init container. Instead, + the next init container starts immediately after this + init container is started, or after any startupProbe has + successfully completed.' + type: string + securityContext: + description: 'SecurityContext defines the security options + the container should be run with. If set, the fields of + SecurityContext override the equivalent fields of PodSecurityContext. + More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/' + properties: + allowPrivilegeEscalation: + description: 'AllowPrivilegeEscalation controls whether + a process can gain more privileges than its parent + process. This bool directly controls if the no_new_privs + flag will be set on the container process. AllowPrivilegeEscalation + is true always when the container is: 1) run as Privileged + 2) has CAP_SYS_ADMIN Note that this field cannot be + set when spec.os.name is windows.' + type: boolean + capabilities: + description: The capabilities to add/drop when running + containers. Defaults to the default set of capabilities + granted by the container runtime. Note that this field + cannot be set when spec.os.name is windows. + properties: + add: + description: Added capabilities + items: + description: Capability represent POSIX capabilities + type + type: string + type: array + drop: + description: Removed capabilities + items: + description: Capability represent POSIX capabilities + type + type: string + type: array + type: object + privileged: + description: Run container in privileged mode. Processes + in privileged containers are essentially equivalent + to root on the host. Defaults to false. Note that + this field cannot be set when spec.os.name is windows. + type: boolean + procMount: + description: procMount denotes the type of proc mount + to use for the containers. The default is DefaultProcMount + which uses the container runtime defaults for readonly + paths and masked paths. This requires the ProcMountType + feature flag to be enabled. Note that this field cannot + be set when spec.os.name is windows. + type: string + readOnlyRootFilesystem: + description: Whether this container has a read-only + root filesystem. Default is false. Note that this + field cannot be set when spec.os.name is windows. + type: boolean + runAsGroup: + description: The GID to run the entrypoint of the container + process. Uses runtime default if unset. May also be + set in PodSecurityContext. If set in both SecurityContext + and PodSecurityContext, the value specified in SecurityContext + takes precedence. Note that this field cannot be set + when spec.os.name is windows. + format: int64 + type: integer + runAsNonRoot: + description: Indicates that the container must run as + a non-root user. If true, the Kubelet will validate + the image at runtime to ensure that it does not run + as UID 0 (root) and fail to start the container if + it does. If unset or false, no such validation will + be performed. May also be set in PodSecurityContext. If + set in both SecurityContext and PodSecurityContext, + the value specified in SecurityContext takes precedence. + type: boolean + runAsUser: + description: The UID to run the entrypoint of the container + process. Defaults to user specified in image metadata + if unspecified. May also be set in PodSecurityContext. If + set in both SecurityContext and PodSecurityContext, + the value specified in SecurityContext takes precedence. + Note that this field cannot be set when spec.os.name + is windows. + format: int64 + type: integer + seLinuxOptions: + description: The SELinux context to be applied to the + container. If unspecified, the container runtime will + allocate a random SELinux context for each container. May + also be set in PodSecurityContext. If set in both + SecurityContext and PodSecurityContext, the value + specified in SecurityContext takes precedence. Note + that this field cannot be set when spec.os.name is + windows. + properties: + level: + description: Level is SELinux level label that applies + to the container. + type: string + role: + description: Role is a SELinux role label that applies + to the container. + type: string + type: + description: Type is a SELinux type label that applies + to the container. + type: string + user: + description: User is a SELinux user label that applies + to the container. + type: string + type: object + seccompProfile: + description: The seccomp options to use by this container. + If seccomp options are provided at both the pod & + container level, the container options override the + pod options. Note that this field cannot be set when + spec.os.name is windows. + properties: + localhostProfile: + description: localhostProfile indicates a profile + defined in a file on the node should be used. + The profile must be preconfigured on the node + to work. Must be a descending path, relative to + the kubelet's configured seccomp profile location. + Must be set if type is "Localhost". Must NOT be + set for any other type. + type: string + type: + description: "type indicates which kind of seccomp + profile will be applied. Valid options are: \n + Localhost - a profile defined in a file on the + node should be used. RuntimeDefault - the container + runtime default profile should be used. Unconfined + - no profile should be applied." + type: string + required: + - type + type: object + windowsOptions: + description: The Windows specific settings applied to + all containers. If unspecified, the options from the + PodSecurityContext will be used. If set in both SecurityContext + and PodSecurityContext, the value specified in SecurityContext + takes precedence. Note that this field cannot be set + when spec.os.name is linux. + properties: + gmsaCredentialSpec: + description: GMSACredentialSpec is where the GMSA + admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) + inlines the contents of the GMSA credential spec + named by the GMSACredentialSpecName field. + type: string + gmsaCredentialSpecName: + description: GMSACredentialSpecName is the name + of the GMSA credential spec to use. + type: string + hostProcess: + description: HostProcess determines if a container + should be run as a 'Host Process' container. All + of a Pod's containers must have the same effective + HostProcess value (it is not allowed to have a + mix of HostProcess containers and non-HostProcess + containers). In addition, if HostProcess is true + then HostNetwork must also be set to true. + type: boolean + runAsUserName: + description: The UserName in Windows to run the + entrypoint of the container process. Defaults + to the user specified in image metadata if unspecified. + May also be set in PodSecurityContext. If set + in both SecurityContext and PodSecurityContext, + the value specified in SecurityContext takes precedence. + type: string + type: object + type: object + startupProbe: + description: 'StartupProbe indicates that the Pod has successfully + initialized. If specified, no other probes are executed + until this completes successfully. If this probe fails, + the Pod will be restarted, just as if the livenessProbe + failed. This can be used to provide different probe parameters + at the beginning of a Pod''s lifecycle, when it might + take a long time to load data or warm a cache, than during + steady-state operation. This cannot be updated. More info: + https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + properties: + exec: + description: Exec specifies the action to take. + properties: + command: + description: Command is the command line to execute + inside the container, the working directory for + the command is root ('/') in the container's + filesystem. The command is simply exec'd, it is + not run inside a shell, so traditional shell instructions + ('|', etc) won't work. To use a shell, you need + to explicitly call out to that shell. Exit status + of 0 is treated as live/healthy and non-zero is + unhealthy. + items: + type: string + type: array + type: object + failureThreshold: + description: Minimum consecutive failures for the probe + to be considered failed after having succeeded. Defaults + to 3. Minimum value is 1. + format: int32 + type: integer + grpc: + description: GRPC specifies an action involving a GRPC + port. + properties: + port: + description: Port number of the gRPC service. Number + must be in the range 1 to 65535. + format: int32 + type: integer + service: + description: "Service is the name of the service + to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + \n If this is not specified, the default behavior + is defined by gRPC." + type: string + required: + - port + type: object + httpGet: + description: HTTPGet specifies the http request to perform. + properties: + host: + description: Host name to connect to, defaults to + the pod IP. You probably want to set "Host" in + httpHeaders instead. + type: string + httpHeaders: + description: Custom headers to set in the request. + HTTP allows repeated headers. + items: + description: HTTPHeader describes a custom header + to be used in HTTP probes + properties: + name: + description: The header field name. This will + be canonicalized upon output, so case-variant + names will be understood as the same header. + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: integer + - type: string + description: Name or number of the port to access + on the container. Number must be in the range + 1 to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: Scheme to use for connecting to the + host. Defaults to HTTP. + type: string + required: + - port + type: object + initialDelaySeconds: + description: 'Number of seconds after the container + has started before liveness probes are initiated. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + periodSeconds: + description: How often (in seconds) to perform the probe. + Default to 10 seconds. Minimum value is 1. + format: int32 + type: integer + successThreshold: + description: Minimum consecutive successes for the probe + to be considered successful after having failed. Defaults + to 1. Must be 1 for liveness and startup. Minimum + value is 1. + format: int32 + type: integer + tcpSocket: + description: TCPSocket specifies an action involving + a TCP port. + properties: + host: + description: 'Optional: Host name to connect to, + defaults to the pod IP.' + type: string + port: + anyOf: + - type: integer + - type: string + description: Number or name of the port to access + on the container. Number must be in the range + 1 to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + terminationGracePeriodSeconds: + description: Optional duration in seconds the pod needs + to terminate gracefully upon probe failure. The grace + period is the duration in seconds after the processes + running in the pod are sent a termination signal and + the time when the processes are forcibly halted with + a kill signal. Set this value longer than the expected + cleanup time for your process. If this value is nil, + the pod's terminationGracePeriodSeconds will be used. + Otherwise, this value overrides the value provided + by the pod spec. Value must be non-negative integer. + The value zero indicates stop immediately via the + kill signal (no opportunity to shut down). This is + a beta field and requires enabling ProbeTerminationGracePeriod + feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds + is used if unset. + format: int64 + type: integer + timeoutSeconds: + description: 'Number of seconds after which the probe + times out. Defaults to 1 second. Minimum value is + 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + type: object + stdin: + description: Whether this container should allocate a buffer + for stdin in the container runtime. If this is not set, + reads from stdin in the container will always result in + EOF. Default is false. + type: boolean + stdinOnce: + description: Whether the container runtime should close + the stdin channel after it has been opened by a single + attach. When stdin is true the stdin stream will remain + open across multiple attach sessions. If stdinOnce is + set to true, stdin is opened on container start, is empty + until the first client attaches to stdin, and then remains + open and accepts data until the client disconnects, at + which time stdin is closed and remains closed until the + container is restarted. If this flag is false, a container + processes that reads from stdin will never receive an + EOF. Default is false + type: boolean + terminationMessagePath: + description: 'Optional: Path at which the file to which + the container''s termination message will be written is + mounted into the container''s filesystem. Message written + is intended to be brief final status, such as an assertion + failure message. Will be truncated by the node if greater + than 4096 bytes. The total message length across all containers + will be limited to 12kb. Defaults to /dev/termination-log. + Cannot be updated.' + type: string + terminationMessagePolicy: + description: Indicate how the termination message should + be populated. File will use the contents of terminationMessagePath + to populate the container status message on both success + and failure. FallbackToLogsOnError will use the last chunk + of container log output if the termination message file + is empty and the container exited with an error. The log + output is limited to 2048 bytes or 80 lines, whichever + is smaller. Defaults to File. Cannot be updated. + type: string + tty: + description: Whether this container should allocate a TTY + for itself, also requires 'stdin' to be true. Default + is false. + type: boolean + volumeDevices: + description: volumeDevices is the list of block devices + to be used by the container. + items: + description: volumeDevice describes a mapping of a raw + block device within a container. + properties: + devicePath: + description: devicePath is the path inside of the + container that the device will be mapped to. + type: string + name: + description: name must match the name of a persistentVolumeClaim + in the pod + type: string + required: + - devicePath + - name + type: object + type: array + volumeMounts: + description: Pod volumes to mount into the container's filesystem. + Cannot be updated. + items: + description: VolumeMount describes a mounting of a Volume + within a container. + properties: + mountPath: + description: Path within the container at which the + volume should be mounted. Must not contain ':'. + type: string + mountPropagation: + description: mountPropagation determines how mounts + are propagated from the host to container and the + other way around. When not set, MountPropagationNone + is used. This field is beta in 1.10. + type: string + name: + description: This must match the Name of a Volume. + type: string + readOnly: + description: Mounted read-only if true, read-write + otherwise (false or unspecified). Defaults to false. + type: boolean + subPath: + description: Path within the volume from which the + container's volume should be mounted. Defaults to + "" (volume's root). + type: string + subPathExpr: + description: Expanded path within the volume from + which the container's volume should be mounted. + Behaves similarly to SubPath but environment variable + references $(VAR_NAME) are expanded using the container's + environment. Defaults to "" (volume's root). SubPathExpr + and SubPath are mutually exclusive. + type: string + required: + - mountPath + - name + type: object + type: array + workingDir: + description: Container's working directory. If not specified, + the container runtime's default will be used, which might + be configured in the container image. Cannot be updated. + type: string + required: + - name + type: object + type: array + logFormat: + description: LogFormat describes the log format that should be + used by the Repo Server. Defaults to ArgoCDDefaultLogFormat + if not configured. Valid options are text or json. + type: string + logLevel: + description: LogLevel describes the log level that should be used + by the Repo Server. Defaults to ArgoCDDefaultLogLevel if not + set. Valid options are debug, info, error, and warn. + type: string + mountsatoken: + description: MountSAToken describes whether you would like to + have the Repo server mount the service account token + type: boolean + replicas: + description: Replicas defines the number of replicas for argocd-repo-server. + Value should be greater than or equal to 0. Default is nil. + format: int32 + type: integer + resources: + description: Resources defines the Compute Resources required + by the container for Redis. + properties: + claims: + description: "Claims lists the names of resources, defined + in spec.resourceClaims, that are used by this container. + \n This is an alpha field and requires enabling the DynamicResourceAllocation + feature gate. \n This field is immutable. It can only be + set for containers." + items: + description: ResourceClaim references one entry in PodSpec.ResourceClaims. + properties: + name: + description: Name must match the name of one entry in + pod.spec.resourceClaims of the Pod where this field + is used. It makes that resource available inside a + container. + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum amount of compute + resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum amount of compute + resources required. If Requests is omitted for a container, + it defaults to Limits if that is explicitly specified, otherwise + to an implementation-defined value. Requests cannot exceed + Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + type: object + serviceaccount: + description: ServiceAccount defines the ServiceAccount user that + you would like the Repo server to use + type: string + sidecarContainers: + description: SidecarContainers defines the list of sidecar containers + for the repo server deployment + items: + description: A single application container that you want to + run within a pod. + properties: + args: + description: 'Arguments to the entrypoint. The container + image''s CMD is used if this is not provided. Variable + references $(VAR_NAME) are expanded using the container''s + environment. If a variable cannot be resolved, the reference + in the input string will be unchanged. Double $$ are reduced + to a single $, which allows for escaping the $(VAR_NAME) + syntax: i.e. "$$(VAR_NAME)" will produce the string literal + "$(VAR_NAME)". Escaped references will never be expanded, + regardless of whether the variable exists or not. Cannot + be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' + items: + type: string + type: array + command: + description: 'Entrypoint array. Not executed within a shell. + The container image''s ENTRYPOINT is used if this is not + provided. Variable references $(VAR_NAME) are expanded + using the container''s environment. If a variable cannot + be resolved, the reference in the input string will be + unchanged. Double $$ are reduced to a single $, which + allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" + will produce the string literal "$(VAR_NAME)". Escaped + references will never be expanded, regardless of whether + the variable exists or not. Cannot be updated. More info: + https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' + items: + type: string + type: array + env: + description: List of environment variables to set in the + container. Cannot be updated. + items: + description: EnvVar represents an environment variable + present in a Container. + properties: + name: + description: Name of the environment variable. Must + be a C_IDENTIFIER. + type: string + value: + description: 'Variable references $(VAR_NAME) are + expanded using the previously defined environment + variables in the container and any service environment + variables. If a variable cannot be resolved, the + reference in the input string will be unchanged. + Double $$ are reduced to a single $, which allows + for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" + will produce the string literal "$(VAR_NAME)". Escaped + references will never be expanded, regardless of + whether the variable exists or not. Defaults to + "".' + type: string + valueFrom: + description: Source for the environment variable's + value. Cannot be used if value is not empty. + properties: + configMapKeyRef: + description: Selects a key of a ConfigMap. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the ConfigMap + or its key must be defined + type: boolean + required: + - key + type: object + fieldRef: + description: 'Selects a field of the pod: supports + metadata.name, metadata.namespace, `metadata.labels['''']`, + `metadata.annotations['''']`, spec.nodeName, + spec.serviceAccountName, status.hostIP, status.podIP, + status.podIPs.' + properties: + apiVersion: + description: Version of the schema the FieldPath + is written in terms of, defaults to "v1". + type: string + fieldPath: + description: Path of the field to select in + the specified API version. + type: string + required: + - fieldPath + type: object + resourceFieldRef: + description: 'Selects a resource of the container: + only resources limits and requests (limits.cpu, + limits.memory, limits.ephemeral-storage, requests.cpu, + requests.memory and requests.ephemeral-storage) + are currently supported.' + properties: + containerName: + description: 'Container name: required for + volumes, optional for env vars' + type: string + divisor: + anyOf: + - type: integer + - type: string + description: Specifies the output format of + the exposed resources, defaults to "1" + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + description: 'Required: resource to select' + type: string + required: + - resource + type: object + secretKeyRef: + description: Selects a key of a secret in the + pod's namespace + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret or + its key must be defined + type: boolean + required: + - key + type: object + type: object + required: + - name + type: object + type: array + envFrom: + description: List of sources to populate environment variables + in the container. The keys defined within a source must + be a C_IDENTIFIER. All invalid keys will be reported as + an event when the container is starting. When a key exists + in multiple sources, the value associated with the last + source will take precedence. Values defined by an Env + with a duplicate key will take precedence. Cannot be updated. + items: + description: EnvFromSource represents the source of a + set of ConfigMaps + properties: + configMapRef: + description: The ConfigMap to select from + properties: + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether the ConfigMap must + be defined + type: boolean + type: object + prefix: + description: An optional identifier to prepend to + each key in the ConfigMap. Must be a C_IDENTIFIER. + type: string + secretRef: + description: The Secret to select from + properties: + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether the Secret must be + defined + type: boolean + type: object + type: object + type: array + image: + description: 'Container image name. More info: https://kubernetes.io/docs/concepts/containers/images + This field is optional to allow higher level config management + to default or override container images in workload controllers + like Deployments and StatefulSets.' + type: string + imagePullPolicy: + description: 'Image pull policy. One of Always, Never, IfNotPresent. + Defaults to Always if :latest tag is specified, or IfNotPresent + otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' + type: string + lifecycle: + description: Actions that the management system should take + in response to container lifecycle events. Cannot be updated. + properties: + postStart: + description: 'PostStart is called immediately after + a container is created. If the handler fails, the + container is terminated and restarted according to + its restart policy. Other management of the container + blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' + properties: + exec: + description: Exec specifies the action to take. + properties: + command: + description: Command is the command line to + execute inside the container, the working + directory for the command is root ('/') in + the container's filesystem. The command is + simply exec'd, it is not run inside a shell, + so traditional shell instructions ('|', etc) + won't work. To use a shell, you need to explicitly + call out to that shell. Exit status of 0 is + treated as live/healthy and non-zero is unhealthy. + items: + type: string + type: array + type: object + httpGet: + description: HTTPGet specifies the http request + to perform. + properties: + host: + description: Host name to connect to, defaults + to the pod IP. You probably want to set "Host" + in httpHeaders instead. + type: string + httpHeaders: + description: Custom headers to set in the request. + HTTP allows repeated headers. + items: + description: HTTPHeader describes a custom + header to be used in HTTP probes + properties: + name: + description: The header field name. This + will be canonicalized upon output, so + case-variant names will be understood + as the same header. + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: integer + - type: string + description: Name or number of the port to access + on the container. Number must be in the range + 1 to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: Scheme to use for connecting to + the host. Defaults to HTTP. + type: string + required: + - port + type: object + tcpSocket: + description: Deprecated. TCPSocket is NOT supported + as a LifecycleHandler and kept for the backward + compatibility. There are no validation of this + field and lifecycle hooks will fail in runtime + when tcp handler is specified. + properties: + host: + description: 'Optional: Host name to connect + to, defaults to the pod IP.' + type: string + port: + anyOf: + - type: integer + - type: string + description: Number or name of the port to access + on the container. Number must be in the range + 1 to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + type: object + preStop: + description: 'PreStop is called immediately before a + container is terminated due to an API request or management + event such as liveness/startup probe failure, preemption, + resource contention, etc. The handler is not called + if the container crashes or exits. The Pod''s termination + grace period countdown begins before the PreStop hook + is executed. Regardless of the outcome of the handler, + the container will eventually terminate within the + Pod''s termination grace period (unless delayed by + finalizers). Other management of the container blocks + until the hook completes or until the termination + grace period is reached. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' + properties: + exec: + description: Exec specifies the action to take. + properties: + command: + description: Command is the command line to + execute inside the container, the working + directory for the command is root ('/') in + the container's filesystem. The command is + simply exec'd, it is not run inside a shell, + so traditional shell instructions ('|', etc) + won't work. To use a shell, you need to explicitly + call out to that shell. Exit status of 0 is + treated as live/healthy and non-zero is unhealthy. + items: + type: string + type: array + type: object + httpGet: + description: HTTPGet specifies the http request + to perform. + properties: + host: + description: Host name to connect to, defaults + to the pod IP. You probably want to set "Host" + in httpHeaders instead. + type: string + httpHeaders: + description: Custom headers to set in the request. + HTTP allows repeated headers. + items: + description: HTTPHeader describes a custom + header to be used in HTTP probes + properties: + name: + description: The header field name. This + will be canonicalized upon output, so + case-variant names will be understood + as the same header. + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: integer + - type: string + description: Name or number of the port to access + on the container. Number must be in the range + 1 to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: Scheme to use for connecting to + the host. Defaults to HTTP. + type: string + required: + - port + type: object + tcpSocket: + description: Deprecated. TCPSocket is NOT supported + as a LifecycleHandler and kept for the backward + compatibility. There are no validation of this + field and lifecycle hooks will fail in runtime + when tcp handler is specified. + properties: + host: + description: 'Optional: Host name to connect + to, defaults to the pod IP.' + type: string + port: + anyOf: + - type: integer + - type: string + description: Number or name of the port to access + on the container. Number must be in the range + 1 to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + type: object + type: object + livenessProbe: + description: 'Periodic probe of container liveness. Container + will be restarted if the probe fails. Cannot be updated. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + properties: + exec: + description: Exec specifies the action to take. + properties: + command: + description: Command is the command line to execute + inside the container, the working directory for + the command is root ('/') in the container's + filesystem. The command is simply exec'd, it is + not run inside a shell, so traditional shell instructions + ('|', etc) won't work. To use a shell, you need + to explicitly call out to that shell. Exit status + of 0 is treated as live/healthy and non-zero is + unhealthy. + items: + type: string + type: array + type: object + failureThreshold: + description: Minimum consecutive failures for the probe + to be considered failed after having succeeded. Defaults + to 3. Minimum value is 1. + format: int32 + type: integer + grpc: + description: GRPC specifies an action involving a GRPC + port. + properties: + port: + description: Port number of the gRPC service. Number + must be in the range 1 to 65535. + format: int32 + type: integer + service: + description: "Service is the name of the service + to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + \n If this is not specified, the default behavior + is defined by gRPC." + type: string + required: + - port + type: object + httpGet: + description: HTTPGet specifies the http request to perform. + properties: + host: + description: Host name to connect to, defaults to + the pod IP. You probably want to set "Host" in + httpHeaders instead. + type: string + httpHeaders: + description: Custom headers to set in the request. + HTTP allows repeated headers. + items: + description: HTTPHeader describes a custom header + to be used in HTTP probes + properties: + name: + description: The header field name. This will + be canonicalized upon output, so case-variant + names will be understood as the same header. + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: integer + - type: string + description: Name or number of the port to access + on the container. Number must be in the range + 1 to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: Scheme to use for connecting to the + host. Defaults to HTTP. + type: string + required: + - port + type: object + initialDelaySeconds: + description: 'Number of seconds after the container + has started before liveness probes are initiated. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + periodSeconds: + description: How often (in seconds) to perform the probe. + Default to 10 seconds. Minimum value is 1. + format: int32 + type: integer + successThreshold: + description: Minimum consecutive successes for the probe + to be considered successful after having failed. Defaults + to 1. Must be 1 for liveness and startup. Minimum + value is 1. + format: int32 + type: integer + tcpSocket: + description: TCPSocket specifies an action involving + a TCP port. + properties: + host: + description: 'Optional: Host name to connect to, + defaults to the pod IP.' + type: string + port: + anyOf: + - type: integer + - type: string + description: Number or name of the port to access + on the container. Number must be in the range + 1 to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + terminationGracePeriodSeconds: + description: Optional duration in seconds the pod needs + to terminate gracefully upon probe failure. The grace + period is the duration in seconds after the processes + running in the pod are sent a termination signal and + the time when the processes are forcibly halted with + a kill signal. Set this value longer than the expected + cleanup time for your process. If this value is nil, + the pod's terminationGracePeriodSeconds will be used. + Otherwise, this value overrides the value provided + by the pod spec. Value must be non-negative integer. + The value zero indicates stop immediately via the + kill signal (no opportunity to shut down). This is + a beta field and requires enabling ProbeTerminationGracePeriod + feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds + is used if unset. + format: int64 + type: integer + timeoutSeconds: + description: 'Number of seconds after which the probe + times out. Defaults to 1 second. Minimum value is + 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + type: object + name: + description: Name of the container specified as a DNS_LABEL. + Each container in a pod must have a unique name (DNS_LABEL). + Cannot be updated. + type: string + ports: + description: List of ports to expose from the container. + Not specifying a port here DOES NOT prevent that port + from being exposed. Any port which is listening on the + default "0.0.0.0" address inside a container will be accessible + from the network. Modifying this array with strategic + merge patch may corrupt the data. For more information + See https://github.com/kubernetes/kubernetes/issues/108255. + Cannot be updated. + items: + description: ContainerPort represents a network port in + a single container. + properties: + containerPort: + description: Number of port to expose on the pod's + IP address. This must be a valid port number, 0 + < x < 65536. + format: int32 + type: integer + hostIP: + description: What host IP to bind the external port + to. + type: string + hostPort: + description: Number of port to expose on the host. + If specified, this must be a valid port number, + 0 < x < 65536. If HostNetwork is specified, this + must match ContainerPort. Most containers do not + need this. + format: int32 + type: integer + name: + description: If specified, this must be an IANA_SVC_NAME + and unique within the pod. Each named port in a + pod must have a unique name. Name for the port that + can be referred to by services. + type: string + protocol: + default: TCP + description: Protocol for port. Must be UDP, TCP, + or SCTP. Defaults to "TCP". + type: string + required: + - containerPort + type: object + type: array + x-kubernetes-list-map-keys: + - containerPort + - protocol + x-kubernetes-list-type: map + readinessProbe: + description: 'Periodic probe of container service readiness. + Container will be removed from service endpoints if the + probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + properties: + exec: + description: Exec specifies the action to take. + properties: + command: + description: Command is the command line to execute + inside the container, the working directory for + the command is root ('/') in the container's + filesystem. The command is simply exec'd, it is + not run inside a shell, so traditional shell instructions + ('|', etc) won't work. To use a shell, you need + to explicitly call out to that shell. Exit status + of 0 is treated as live/healthy and non-zero is + unhealthy. + items: + type: string + type: array + type: object + failureThreshold: + description: Minimum consecutive failures for the probe + to be considered failed after having succeeded. Defaults + to 3. Minimum value is 1. + format: int32 + type: integer + grpc: + description: GRPC specifies an action involving a GRPC + port. + properties: + port: + description: Port number of the gRPC service. Number + must be in the range 1 to 65535. + format: int32 + type: integer + service: + description: "Service is the name of the service + to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + \n If this is not specified, the default behavior + is defined by gRPC." + type: string + required: + - port + type: object + httpGet: + description: HTTPGet specifies the http request to perform. + properties: + host: + description: Host name to connect to, defaults to + the pod IP. You probably want to set "Host" in + httpHeaders instead. + type: string + httpHeaders: + description: Custom headers to set in the request. + HTTP allows repeated headers. + items: + description: HTTPHeader describes a custom header + to be used in HTTP probes + properties: + name: + description: The header field name. This will + be canonicalized upon output, so case-variant + names will be understood as the same header. + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: integer + - type: string + description: Name or number of the port to access + on the container. Number must be in the range + 1 to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: Scheme to use for connecting to the + host. Defaults to HTTP. + type: string + required: + - port + type: object + initialDelaySeconds: + description: 'Number of seconds after the container + has started before liveness probes are initiated. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + periodSeconds: + description: How often (in seconds) to perform the probe. + Default to 10 seconds. Minimum value is 1. + format: int32 + type: integer + successThreshold: + description: Minimum consecutive successes for the probe + to be considered successful after having failed. Defaults + to 1. Must be 1 for liveness and startup. Minimum + value is 1. + format: int32 + type: integer + tcpSocket: + description: TCPSocket specifies an action involving + a TCP port. + properties: + host: + description: 'Optional: Host name to connect to, + defaults to the pod IP.' + type: string + port: + anyOf: + - type: integer + - type: string + description: Number or name of the port to access + on the container. Number must be in the range + 1 to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + terminationGracePeriodSeconds: + description: Optional duration in seconds the pod needs + to terminate gracefully upon probe failure. The grace + period is the duration in seconds after the processes + running in the pod are sent a termination signal and + the time when the processes are forcibly halted with + a kill signal. Set this value longer than the expected + cleanup time for your process. If this value is nil, + the pod's terminationGracePeriodSeconds will be used. + Otherwise, this value overrides the value provided + by the pod spec. Value must be non-negative integer. + The value zero indicates stop immediately via the + kill signal (no opportunity to shut down). This is + a beta field and requires enabling ProbeTerminationGracePeriod + feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds + is used if unset. + format: int64 + type: integer + timeoutSeconds: + description: 'Number of seconds after which the probe + times out. Defaults to 1 second. Minimum value is + 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + type: object + resizePolicy: + description: Resources resize policy for the container. + items: + description: ContainerResizePolicy represents resource + resize policy for the container. + properties: + resourceName: + description: 'Name of the resource to which this resource + resize policy applies. Supported values: cpu, memory.' + type: string + restartPolicy: + description: Restart policy to apply when specified + resource is resized. If not specified, it defaults + to NotRequired. + type: string + required: + - resourceName + - restartPolicy + type: object + type: array + x-kubernetes-list-type: atomic + resources: + description: 'Compute Resources required by this container. + Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + properties: + claims: + description: "Claims lists the names of resources, defined + in spec.resourceClaims, that are used by this container. + \n This is an alpha field and requires enabling the + DynamicResourceAllocation feature gate. \n This field + is immutable. It can only be set for containers." + items: + description: ResourceClaim references one entry in + PodSpec.ResourceClaims. + properties: + name: + description: Name must match the name of one entry + in pod.spec.resourceClaims of the Pod where + this field is used. It makes that resource available + inside a container. + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum amount of + compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum amount + of compute resources required. If Requests is omitted + for a container, it defaults to Limits if that is + explicitly specified, otherwise to an implementation-defined + value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + type: object + restartPolicy: + description: 'RestartPolicy defines the restart behavior + of individual containers in a pod. This field may only + be set for init containers, and the only allowed value + is "Always". For non-init containers or when this field + is not specified, the restart behavior is defined by the + Pod''s restart policy and the container type. Setting + the RestartPolicy as "Always" for the init container will + have the following effect: this init container will be + continually restarted on exit until all regular containers + have terminated. Once all regular containers have completed, + all init containers with restartPolicy "Always" will be + shut down. This lifecycle differs from normal init containers + and is often referred to as a "sidecar" container. Although + this init container still starts in the init container + sequence, it does not wait for the container to complete + before proceeding to the next init container. Instead, + the next init container starts immediately after this + init container is started, or after any startupProbe has + successfully completed.' + type: string + securityContext: + description: 'SecurityContext defines the security options + the container should be run with. If set, the fields of + SecurityContext override the equivalent fields of PodSecurityContext. + More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/' + properties: + allowPrivilegeEscalation: + description: 'AllowPrivilegeEscalation controls whether + a process can gain more privileges than its parent + process. This bool directly controls if the no_new_privs + flag will be set on the container process. AllowPrivilegeEscalation + is true always when the container is: 1) run as Privileged + 2) has CAP_SYS_ADMIN Note that this field cannot be + set when spec.os.name is windows.' + type: boolean + capabilities: + description: The capabilities to add/drop when running + containers. Defaults to the default set of capabilities + granted by the container runtime. Note that this field + cannot be set when spec.os.name is windows. + properties: + add: + description: Added capabilities + items: + description: Capability represent POSIX capabilities + type + type: string + type: array + drop: + description: Removed capabilities + items: + description: Capability represent POSIX capabilities + type + type: string + type: array + type: object + privileged: + description: Run container in privileged mode. Processes + in privileged containers are essentially equivalent + to root on the host. Defaults to false. Note that + this field cannot be set when spec.os.name is windows. + type: boolean + procMount: + description: procMount denotes the type of proc mount + to use for the containers. The default is DefaultProcMount + which uses the container runtime defaults for readonly + paths and masked paths. This requires the ProcMountType + feature flag to be enabled. Note that this field cannot + be set when spec.os.name is windows. + type: string + readOnlyRootFilesystem: + description: Whether this container has a read-only + root filesystem. Default is false. Note that this + field cannot be set when spec.os.name is windows. + type: boolean + runAsGroup: + description: The GID to run the entrypoint of the container + process. Uses runtime default if unset. May also be + set in PodSecurityContext. If set in both SecurityContext + and PodSecurityContext, the value specified in SecurityContext + takes precedence. Note that this field cannot be set + when spec.os.name is windows. + format: int64 + type: integer + runAsNonRoot: + description: Indicates that the container must run as + a non-root user. If true, the Kubelet will validate + the image at runtime to ensure that it does not run + as UID 0 (root) and fail to start the container if + it does. If unset or false, no such validation will + be performed. May also be set in PodSecurityContext. If + set in both SecurityContext and PodSecurityContext, + the value specified in SecurityContext takes precedence. + type: boolean + runAsUser: + description: The UID to run the entrypoint of the container + process. Defaults to user specified in image metadata + if unspecified. May also be set in PodSecurityContext. If + set in both SecurityContext and PodSecurityContext, + the value specified in SecurityContext takes precedence. + Note that this field cannot be set when spec.os.name + is windows. + format: int64 + type: integer + seLinuxOptions: + description: The SELinux context to be applied to the + container. If unspecified, the container runtime will + allocate a random SELinux context for each container. May + also be set in PodSecurityContext. If set in both + SecurityContext and PodSecurityContext, the value + specified in SecurityContext takes precedence. Note + that this field cannot be set when spec.os.name is + windows. + properties: + level: + description: Level is SELinux level label that applies + to the container. + type: string + role: + description: Role is a SELinux role label that applies + to the container. + type: string + type: + description: Type is a SELinux type label that applies + to the container. + type: string + user: + description: User is a SELinux user label that applies + to the container. + type: string + type: object + seccompProfile: + description: The seccomp options to use by this container. + If seccomp options are provided at both the pod & + container level, the container options override the + pod options. Note that this field cannot be set when + spec.os.name is windows. + properties: + localhostProfile: + description: localhostProfile indicates a profile + defined in a file on the node should be used. + The profile must be preconfigured on the node + to work. Must be a descending path, relative to + the kubelet's configured seccomp profile location. + Must be set if type is "Localhost". Must NOT be + set for any other type. + type: string + type: + description: "type indicates which kind of seccomp + profile will be applied. Valid options are: \n + Localhost - a profile defined in a file on the + node should be used. RuntimeDefault - the container + runtime default profile should be used. Unconfined + - no profile should be applied." + type: string + required: + - type + type: object + windowsOptions: + description: The Windows specific settings applied to + all containers. If unspecified, the options from the + PodSecurityContext will be used. If set in both SecurityContext + and PodSecurityContext, the value specified in SecurityContext + takes precedence. Note that this field cannot be set + when spec.os.name is linux. + properties: + gmsaCredentialSpec: + description: GMSACredentialSpec is where the GMSA + admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) + inlines the contents of the GMSA credential spec + named by the GMSACredentialSpecName field. + type: string + gmsaCredentialSpecName: + description: GMSACredentialSpecName is the name + of the GMSA credential spec to use. + type: string + hostProcess: + description: HostProcess determines if a container + should be run as a 'Host Process' container. All + of a Pod's containers must have the same effective + HostProcess value (it is not allowed to have a + mix of HostProcess containers and non-HostProcess + containers). In addition, if HostProcess is true + then HostNetwork must also be set to true. + type: boolean + runAsUserName: + description: The UserName in Windows to run the + entrypoint of the container process. Defaults + to the user specified in image metadata if unspecified. + May also be set in PodSecurityContext. If set + in both SecurityContext and PodSecurityContext, + the value specified in SecurityContext takes precedence. + type: string + type: object + type: object + startupProbe: + description: 'StartupProbe indicates that the Pod has successfully + initialized. If specified, no other probes are executed + until this completes successfully. If this probe fails, + the Pod will be restarted, just as if the livenessProbe + failed. This can be used to provide different probe parameters + at the beginning of a Pod''s lifecycle, when it might + take a long time to load data or warm a cache, than during + steady-state operation. This cannot be updated. More info: + https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + properties: + exec: + description: Exec specifies the action to take. + properties: + command: + description: Command is the command line to execute + inside the container, the working directory for + the command is root ('/') in the container's + filesystem. The command is simply exec'd, it is + not run inside a shell, so traditional shell instructions + ('|', etc) won't work. To use a shell, you need + to explicitly call out to that shell. Exit status + of 0 is treated as live/healthy and non-zero is + unhealthy. + items: + type: string + type: array + type: object + failureThreshold: + description: Minimum consecutive failures for the probe + to be considered failed after having succeeded. Defaults + to 3. Minimum value is 1. + format: int32 + type: integer + grpc: + description: GRPC specifies an action involving a GRPC + port. + properties: + port: + description: Port number of the gRPC service. Number + must be in the range 1 to 65535. + format: int32 + type: integer + service: + description: "Service is the name of the service + to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + \n If this is not specified, the default behavior + is defined by gRPC." + type: string + required: + - port + type: object + httpGet: + description: HTTPGet specifies the http request to perform. + properties: + host: + description: Host name to connect to, defaults to + the pod IP. You probably want to set "Host" in + httpHeaders instead. + type: string + httpHeaders: + description: Custom headers to set in the request. + HTTP allows repeated headers. + items: + description: HTTPHeader describes a custom header + to be used in HTTP probes + properties: + name: + description: The header field name. This will + be canonicalized upon output, so case-variant + names will be understood as the same header. + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: integer + - type: string + description: Name or number of the port to access + on the container. Number must be in the range + 1 to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: Scheme to use for connecting to the + host. Defaults to HTTP. + type: string + required: + - port + type: object + initialDelaySeconds: + description: 'Number of seconds after the container + has started before liveness probes are initiated. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + periodSeconds: + description: How often (in seconds) to perform the probe. + Default to 10 seconds. Minimum value is 1. + format: int32 + type: integer + successThreshold: + description: Minimum consecutive successes for the probe + to be considered successful after having failed. Defaults + to 1. Must be 1 for liveness and startup. Minimum + value is 1. + format: int32 + type: integer + tcpSocket: + description: TCPSocket specifies an action involving + a TCP port. + properties: + host: + description: 'Optional: Host name to connect to, + defaults to the pod IP.' + type: string + port: + anyOf: + - type: integer + - type: string + description: Number or name of the port to access + on the container. Number must be in the range + 1 to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + terminationGracePeriodSeconds: + description: Optional duration in seconds the pod needs + to terminate gracefully upon probe failure. The grace + period is the duration in seconds after the processes + running in the pod are sent a termination signal and + the time when the processes are forcibly halted with + a kill signal. Set this value longer than the expected + cleanup time for your process. If this value is nil, + the pod's terminationGracePeriodSeconds will be used. + Otherwise, this value overrides the value provided + by the pod spec. Value must be non-negative integer. + The value zero indicates stop immediately via the + kill signal (no opportunity to shut down). This is + a beta field and requires enabling ProbeTerminationGracePeriod + feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds + is used if unset. + format: int64 + type: integer + timeoutSeconds: + description: 'Number of seconds after which the probe + times out. Defaults to 1 second. Minimum value is + 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + type: object + stdin: + description: Whether this container should allocate a buffer + for stdin in the container runtime. If this is not set, + reads from stdin in the container will always result in + EOF. Default is false. + type: boolean + stdinOnce: + description: Whether the container runtime should close + the stdin channel after it has been opened by a single + attach. When stdin is true the stdin stream will remain + open across multiple attach sessions. If stdinOnce is + set to true, stdin is opened on container start, is empty + until the first client attaches to stdin, and then remains + open and accepts data until the client disconnects, at + which time stdin is closed and remains closed until the + container is restarted. If this flag is false, a container + processes that reads from stdin will never receive an + EOF. Default is false + type: boolean + terminationMessagePath: + description: 'Optional: Path at which the file to which + the container''s termination message will be written is + mounted into the container''s filesystem. Message written + is intended to be brief final status, such as an assertion + failure message. Will be truncated by the node if greater + than 4096 bytes. The total message length across all containers + will be limited to 12kb. Defaults to /dev/termination-log. + Cannot be updated.' + type: string + terminationMessagePolicy: + description: Indicate how the termination message should + be populated. File will use the contents of terminationMessagePath + to populate the container status message on both success + and failure. FallbackToLogsOnError will use the last chunk + of container log output if the termination message file + is empty and the container exited with an error. The log + output is limited to 2048 bytes or 80 lines, whichever + is smaller. Defaults to File. Cannot be updated. + type: string + tty: + description: Whether this container should allocate a TTY + for itself, also requires 'stdin' to be true. Default + is false. + type: boolean + volumeDevices: + description: volumeDevices is the list of block devices + to be used by the container. + items: + description: volumeDevice describes a mapping of a raw + block device within a container. + properties: + devicePath: + description: devicePath is the path inside of the + container that the device will be mapped to. + type: string + name: + description: name must match the name of a persistentVolumeClaim + in the pod + type: string + required: + - devicePath + - name + type: object + type: array + volumeMounts: + description: Pod volumes to mount into the container's filesystem. + Cannot be updated. + items: + description: VolumeMount describes a mounting of a Volume + within a container. + properties: + mountPath: + description: Path within the container at which the + volume should be mounted. Must not contain ':'. + type: string + mountPropagation: + description: mountPropagation determines how mounts + are propagated from the host to container and the + other way around. When not set, MountPropagationNone + is used. This field is beta in 1.10. + type: string + name: + description: This must match the Name of a Volume. + type: string + readOnly: + description: Mounted read-only if true, read-write + otherwise (false or unspecified). Defaults to false. + type: boolean + subPath: + description: Path within the volume from which the + container's volume should be mounted. Defaults to + "" (volume's root). + type: string + subPathExpr: + description: Expanded path within the volume from + which the container's volume should be mounted. + Behaves similarly to SubPath but environment variable + references $(VAR_NAME) are expanded using the container's + environment. Defaults to "" (volume's root). SubPathExpr + and SubPath are mutually exclusive. + type: string + required: + - mountPath + - name + type: object + type: array + workingDir: + description: Container's working directory. If not specified, + the container runtime's default will be used, which might + be configured in the container image. Cannot be updated. + type: string + required: + - name + type: object + type: array + verifytls: + description: VerifyTLS defines whether repo server API should + be accessed using strict TLS validation + type: boolean + version: + description: Version is the ArgoCD Repo Server container image + tag. + type: string + volumeMounts: + description: VolumeMounts adds volumeMounts to the repo server + container + items: + description: VolumeMount describes a mounting of a Volume within + a container. + properties: + mountPath: + description: Path within the container at which the volume + should be mounted. Must not contain ':'. + type: string + mountPropagation: + description: mountPropagation determines how mounts are + propagated from the host to container and the other way + around. When not set, MountPropagationNone is used. This + field is beta in 1.10. + type: string + name: + description: This must match the Name of a Volume. + type: string + readOnly: + description: Mounted read-only if true, read-write otherwise + (false or unspecified). Defaults to false. + type: boolean + subPath: + description: Path within the volume from which the container's + volume should be mounted. Defaults to "" (volume's root). + type: string + subPathExpr: + description: Expanded path within the volume from which + the container's volume should be mounted. Behaves similarly + to SubPath but environment variable references $(VAR_NAME) + are expanded using the container's environment. Defaults + to "" (volume's root). SubPathExpr and SubPath are mutually + exclusive. + type: string + required: + - mountPath + - name + type: object + type: array + volumes: + description: Volumes adds volumes to the repo server deployment + items: + description: Volume represents a named volume in a pod that + may be accessed by any container in the pod. + properties: + awsElasticBlockStore: + description: 'awsElasticBlockStore represents an AWS Disk + resource that is attached to a kubelet''s host machine + and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' + properties: + fsType: + description: 'fsType is the filesystem type of the volume + that you want to mount. Tip: Ensure that the filesystem + type is supported by the host operating system. Examples: + "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" + if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore + TODO: how do we prevent errors in the filesystem from + compromising the machine' + type: string + partition: + description: 'partition is the partition in the volume + that you want to mount. If omitted, the default is + to mount by volume name. Examples: For volume /dev/sda1, + you specify the partition as "1". Similarly, the volume + partition for /dev/sda is "0" (or you can leave the + property empty).' + format: int32 + type: integer + readOnly: + description: 'readOnly value true will force the readOnly + setting in VolumeMounts. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' + type: boolean + volumeID: + description: 'volumeID is unique ID of the persistent + disk resource in AWS (Amazon EBS volume). More info: + https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' + type: string + required: + - volumeID + type: object + azureDisk: + description: azureDisk represents an Azure Data Disk mount + on the host and bind mount to the pod. + properties: + cachingMode: + description: 'cachingMode is the Host Caching mode: + None, Read Only, Read Write.' + type: string + diskName: + description: diskName is the Name of the data disk in + the blob storage + type: string + diskURI: + description: diskURI is the URI of data disk in the + blob storage + type: string + fsType: + description: fsType is Filesystem type to mount. Must + be a filesystem type supported by the host operating + system. Ex. "ext4", "xfs", "ntfs". Implicitly inferred + to be "ext4" if unspecified. + type: string + kind: + description: 'kind expected values are Shared: multiple + blob disks per storage account Dedicated: single + blob disk per storage account Managed: azure managed + data disk (only in managed availability set). defaults + to shared' + type: string + readOnly: + description: readOnly Defaults to false (read/write). + ReadOnly here will force the ReadOnly setting in VolumeMounts. + type: boolean + required: + - diskName + - diskURI + type: object + azureFile: + description: azureFile represents an Azure File Service + mount on the host and bind mount to the pod. + properties: + readOnly: + description: readOnly defaults to false (read/write). + ReadOnly here will force the ReadOnly setting in VolumeMounts. + type: boolean + secretName: + description: secretName is the name of secret that + contains Azure Storage Account Name and Key + type: string + shareName: + description: shareName is the azure share Name + type: string + required: + - secretName + - shareName + type: object + cephfs: + description: cephFS represents a Ceph FS mount on the host + that shares a pod's lifetime + properties: + monitors: + description: 'monitors is Required: Monitors is a collection + of Ceph monitors More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' + items: + type: string + type: array + path: + description: 'path is Optional: Used as the mounted + root, rather than the full Ceph tree, default is /' + type: string + readOnly: + description: 'readOnly is Optional: Defaults to false + (read/write). ReadOnly here will force the ReadOnly + setting in VolumeMounts. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' + type: boolean + secretFile: + description: 'secretFile is Optional: SecretFile is + the path to key ring for User, default is /etc/ceph/user.secret + More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' + type: string + secretRef: + description: 'secretRef is Optional: SecretRef is reference + to the authentication secret for User, default is + empty. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + type: object + user: + description: 'user is optional: User is the rados user + name, default is admin More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' + type: string + required: + - monitors + type: object + cinder: + description: 'cinder represents a cinder volume attached + and mounted on kubelets host machine. More info: https://examples.k8s.io/mysql-cinder-pd/README.md' + properties: + fsType: + description: 'fsType is the filesystem type to mount. + Must be a filesystem type supported by the host operating + system. Examples: "ext4", "xfs", "ntfs". Implicitly + inferred to be "ext4" if unspecified. More info: https://examples.k8s.io/mysql-cinder-pd/README.md' + type: string + readOnly: + description: 'readOnly defaults to false (read/write). + ReadOnly here will force the ReadOnly setting in VolumeMounts. + More info: https://examples.k8s.io/mysql-cinder-pd/README.md' + type: boolean + secretRef: + description: 'secretRef is optional: points to a secret + object containing parameters used to connect to OpenStack.' + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + type: object + volumeID: + description: 'volumeID used to identify the volume in + cinder. More info: https://examples.k8s.io/mysql-cinder-pd/README.md' + type: string + required: + - volumeID + type: object + configMap: + description: configMap represents a configMap that should + populate this volume + properties: + defaultMode: + description: 'defaultMode is optional: mode bits used + to set permissions on created files by default. Must + be an octal value between 0000 and 0777 or a decimal + value between 0 and 511. YAML accepts both octal and + decimal values, JSON requires decimal values for mode + bits. Defaults to 0644. Directories within the path + are not affected by this setting. This might be in + conflict with other options that affect the file mode, + like fsGroup, and the result can be other mode bits + set.' + format: int32 + type: integer + items: + description: items if unspecified, each key-value pair + in the Data field of the referenced ConfigMap will + be projected into the volume as a file whose name + is the key and content is the value. If specified, + the listed keys will be projected into the specified + paths, and unlisted keys will not be present. If a + key is specified which is not present in the ConfigMap, + the volume setup will error unless it is marked optional. + Paths must be relative and may not contain the '..' + path or start with '..'. + items: + description: Maps a string key to a path within a + volume. + properties: + key: + description: key is the key to project. + type: string + mode: + description: 'mode is Optional: mode bits used + to set permissions on this file. Must be an + octal value between 0000 and 0777 or a decimal + value between 0 and 511. YAML accepts both octal + and decimal values, JSON requires decimal values + for mode bits. If not specified, the volume + defaultMode will be used. This might be in conflict + with other options that affect the file mode, + like fsGroup, and the result can be other mode + bits set.' + format: int32 + type: integer + path: + description: path is the relative path of the + file to map the key to. May not be an absolute + path. May not contain the path element '..'. + May not start with the string '..'. + type: string + required: + - key + - path + type: object + type: array + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + optional: + description: optional specify whether the ConfigMap + or its keys must be defined + type: boolean + type: object + csi: + description: csi (Container Storage Interface) represents + ephemeral storage that is handled by certain external + CSI drivers (Beta feature). + properties: + driver: + description: driver is the name of the CSI driver that + handles this volume. Consult with your admin for the + correct name as registered in the cluster. + type: string + fsType: + description: fsType to mount. Ex. "ext4", "xfs", "ntfs". + If not provided, the empty value is passed to the + associated CSI driver which will determine the default + filesystem to apply. + type: string + nodePublishSecretRef: + description: nodePublishSecretRef is a reference to + the secret object containing sensitive information + to pass to the CSI driver to complete the CSI NodePublishVolume + and NodeUnpublishVolume calls. This field is optional, + and may be empty if no secret is required. If the + secret object contains more than one secret, all secret + references are passed. + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + type: object + readOnly: + description: readOnly specifies a read-only configuration + for the volume. Defaults to false (read/write). + type: boolean + volumeAttributes: + additionalProperties: + type: string + description: volumeAttributes stores driver-specific + properties that are passed to the CSI driver. Consult + your driver's documentation for supported values. + type: object + required: + - driver + type: object + downwardAPI: + description: downwardAPI represents downward API about the + pod that should populate this volume + properties: + defaultMode: + description: 'Optional: mode bits to use on created + files by default. Must be a Optional: mode bits used + to set permissions on created files by default. Must + be an octal value between 0000 and 0777 or a decimal + value between 0 and 511. YAML accepts both octal and + decimal values, JSON requires decimal values for mode + bits. Defaults to 0644. Directories within the path + are not affected by this setting. This might be in + conflict with other options that affect the file mode, + like fsGroup, and the result can be other mode bits + set.' + format: int32 + type: integer + items: + description: Items is a list of downward API volume + file + items: + description: DownwardAPIVolumeFile represents information + to create the file containing the pod field + properties: + fieldRef: + description: 'Required: Selects a field of the + pod: only annotations, labels, name and namespace + are supported.' + properties: + apiVersion: + description: Version of the schema the FieldPath + is written in terms of, defaults to "v1". + type: string + fieldPath: + description: Path of the field to select in + the specified API version. + type: string + required: + - fieldPath + type: object + mode: + description: 'Optional: mode bits used to set + permissions on this file, must be an octal value + between 0000 and 0777 or a decimal value between + 0 and 511. YAML accepts both octal and decimal + values, JSON requires decimal values for mode + bits. If not specified, the volume defaultMode + will be used. This might be in conflict with + other options that affect the file mode, like + fsGroup, and the result can be other mode bits + set.' + format: int32 + type: integer + path: + description: 'Required: Path is the relative + path name of the file to be created. Must not + be absolute or contain the ''..'' path. Must + be utf-8 encoded. The first item of the relative + path must not start with ''..''' + type: string + resourceFieldRef: + description: 'Selects a resource of the container: + only resources limits and requests (limits.cpu, + limits.memory, requests.cpu and requests.memory) + are currently supported.' + properties: + containerName: + description: 'Container name: required for + volumes, optional for env vars' + type: string + divisor: + anyOf: + - type: integer + - type: string + description: Specifies the output format of + the exposed resources, defaults to "1" + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + description: 'Required: resource to select' + type: string + required: + - resource + type: object + required: + - path + type: object + type: array + type: object + emptyDir: + description: 'emptyDir represents a temporary directory + that shares a pod''s lifetime. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' + properties: + medium: + description: 'medium represents what type of storage + medium should back this directory. The default is + "" which means to use the node''s default medium. + Must be an empty string (default) or Memory. More + info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' + type: string + sizeLimit: + anyOf: + - type: integer + - type: string + description: 'sizeLimit is the total amount of local + storage required for this EmptyDir volume. The size + limit is also applicable for memory medium. The maximum + usage on memory medium EmptyDir would be the minimum + value between the SizeLimit specified here and the + sum of memory limits of all containers in a pod. The + default is nil which means that the limit is undefined. + More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + ephemeral: + description: "ephemeral represents a volume that is handled + by a cluster storage driver. The volume's lifecycle is + tied to the pod that defines it - it will be created before + the pod starts, and deleted when the pod is removed. \n + Use this if: a) the volume is only needed while the pod + runs, b) features of normal volumes like restoring from + snapshot or capacity tracking are needed, c) the storage + driver is specified through a storage class, and d) the + storage driver supports dynamic volume provisioning through + \ a PersistentVolumeClaim (see EphemeralVolumeSource + for more information on the connection between this + volume type and PersistentVolumeClaim). \n Use PersistentVolumeClaim + or one of the vendor-specific APIs for volumes that persist + for longer than the lifecycle of an individual pod. \n + Use CSI for light-weight local ephemeral volumes if the + CSI driver is meant to be used that way - see the documentation + of the driver for more information. \n A pod can use both + types of ephemeral volumes and persistent volumes at the + same time." + properties: + volumeClaimTemplate: + description: "Will be used to create a stand-alone PVC + to provision the volume. The pod in which this EphemeralVolumeSource + is embedded will be the owner of the PVC, i.e. the + PVC will be deleted together with the pod. The name + of the PVC will be `-` where + `` is the name from the `PodSpec.Volumes` + array entry. Pod validation will reject the pod if + the concatenated name is not valid for a PVC (for + example, too long). \n An existing PVC with that name + that is not owned by the pod will *not* be used for + the pod to avoid using an unrelated volume by mistake. + Starting the pod is then blocked until the unrelated + PVC is removed. If such a pre-created PVC is meant + to be used by the pod, the PVC has to updated with + an owner reference to the pod once the pod exists. + Normally this should not be necessary, but it may + be useful when manually reconstructing a broken cluster. + \n This field is read-only and no changes will be + made by Kubernetes to the PVC after it has been created. + \n Required, must not be nil." + properties: + metadata: + description: May contain labels and annotations + that will be copied into the PVC when creating + it. No other fields are allowed and will be rejected + during validation. + type: object + spec: + description: The specification for the PersistentVolumeClaim. + The entire content is copied unchanged into the + PVC that gets created from this template. The + same fields as in a PersistentVolumeClaim are + also valid here. + properties: + accessModes: + description: 'accessModes contains the desired + access modes the volume should have. More + info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1' + items: + type: string + type: array + dataSource: + description: 'dataSource field can be used to + specify either: * An existing VolumeSnapshot + object (snapshot.storage.k8s.io/VolumeSnapshot) + * An existing PVC (PersistentVolumeClaim) + If the provisioner or an external controller + can support the specified data source, it + will create a new volume based on the contents + of the specified data source. When the AnyVolumeDataSource + feature gate is enabled, dataSource contents + will be copied to dataSourceRef, and dataSourceRef + contents will be copied to dataSource when + dataSourceRef.namespace is not specified. + If the namespace is specified, then dataSourceRef + will not be copied to dataSource.' + properties: + apiGroup: + description: APIGroup is the group for the + resource being referenced. If APIGroup + is not specified, the specified Kind must + be in the core API group. For any other + third-party types, APIGroup is required. + type: string + kind: + description: Kind is the type of resource + being referenced + type: string + name: + description: Name is the name of resource + being referenced + type: string + required: + - kind + - name + type: object + dataSourceRef: + description: 'dataSourceRef specifies the object + from which to populate the volume with data, + if a non-empty volume is desired. This may + be any object from a non-empty API group (non + core object) or a PersistentVolumeClaim object. + When this field is specified, volume binding + will only succeed if the type of the specified + object matches some installed volume populator + or dynamic provisioner. This field will replace + the functionality of the dataSource field + and as such if both fields are non-empty, + they must have the same value. For backwards + compatibility, when namespace isn''t specified + in dataSourceRef, both fields (dataSource + and dataSourceRef) will be set to the same + value automatically if one of them is empty + and the other is non-empty. When namespace + is specified in dataSourceRef, dataSource + isn''t set to the same value and must be empty. + There are three important differences between + dataSource and dataSourceRef: * While dataSource + only allows two specific types of objects, + dataSourceRef allows any non-core object, + as well as PersistentVolumeClaim objects. + * While dataSource ignores disallowed values + (dropping them), dataSourceRef preserves + all values, and generates an error if a disallowed + value is specified. * While dataSource only + allows local objects, dataSourceRef allows + objects in any namespaces. (Beta) Using + this field requires the AnyVolumeDataSource + feature gate to be enabled. (Alpha) Using + the namespace field of dataSourceRef requires + the CrossNamespaceVolumeDataSource feature + gate to be enabled.' + properties: + apiGroup: + description: APIGroup is the group for the + resource being referenced. If APIGroup + is not specified, the specified Kind must + be in the core API group. For any other + third-party types, APIGroup is required. + type: string + kind: + description: Kind is the type of resource + being referenced + type: string + name: + description: Name is the name of resource + being referenced + type: string + namespace: + description: Namespace is the namespace + of resource being referenced Note that + when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant + object is required in the referent namespace + to allow that namespace's owner to accept + the reference. See the ReferenceGrant + documentation for details. (Alpha) This + field requires the CrossNamespaceVolumeDataSource + feature gate to be enabled. + type: string + required: + - kind + - name + type: object + resources: + description: 'resources represents the minimum + resources the volume should have. If RecoverVolumeExpansionFailure + feature is enabled users are allowed to specify + resource requirements that are lower than + previous value but must still be higher than + capacity recorded in the status field of the + claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources' + properties: + claims: + description: "Claims lists the names of + resources, defined in spec.resourceClaims, + that are used by this container. \n This + is an alpha field and requires enabling + the DynamicResourceAllocation feature + gate. \n This field is immutable. It can + only be set for containers." + items: + description: ResourceClaim references + one entry in PodSpec.ResourceClaims. + properties: + name: + description: Name must match the name + of one entry in pod.spec.resourceClaims + of the Pod where this field is used. + It makes that resource available + inside a container. + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum + amount of compute resources allowed. More + info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum + amount of compute resources required. + If Requests is omitted for a container, + it defaults to Limits if that is explicitly + specified, otherwise to an implementation-defined + value. Requests cannot exceed Limits. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + type: object + selector: + description: selector is a label query over + volumes to consider for binding. + properties: + matchExpressions: + description: matchExpressions is a list + of label selector requirements. The requirements + are ANDed. + items: + description: A label selector requirement + is a selector that contains values, + a key, and an operator that relates + the key and values. + properties: + key: + description: key is the label key + that the selector applies to. + type: string + operator: + description: operator represents a + key's relationship to a set of values. + Valid operators are In, NotIn, Exists + and DoesNotExist. + type: string + values: + description: values is an array of + string values. If the operator is + In or NotIn, the values array must + be non-empty. If the operator is + Exists or DoesNotExist, the values + array must be empty. This array + is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator + is "In", and the values array contains + only "value". The requirements are ANDed. + type: object + type: object + storageClassName: + description: 'storageClassName is the name of + the StorageClass required by the claim. More + info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1' + type: string + volumeMode: + description: volumeMode defines what type of + volume is required by the claim. Value of + Filesystem is implied when not included in + claim spec. + type: string + volumeName: + description: volumeName is the binding reference + to the PersistentVolume backing this claim. + type: string + type: object + required: + - spec + type: object + type: object + fc: + description: fc represents a Fibre Channel resource that + is attached to a kubelet's host machine and then exposed + to the pod. + properties: + fsType: + description: 'fsType is the filesystem type to mount. + Must be a filesystem type supported by the host operating + system. Ex. "ext4", "xfs", "ntfs". Implicitly inferred + to be "ext4" if unspecified. TODO: how do we prevent + errors in the filesystem from compromising the machine' + type: string + lun: + description: 'lun is Optional: FC target lun number' + format: int32 + type: integer + readOnly: + description: 'readOnly is Optional: Defaults to false + (read/write). ReadOnly here will force the ReadOnly + setting in VolumeMounts.' + type: boolean + targetWWNs: + description: 'targetWWNs is Optional: FC target worldwide + names (WWNs)' + items: + type: string + type: array + wwids: + description: 'wwids Optional: FC volume world wide identifiers + (wwids) Either wwids or combination of targetWWNs + and lun must be set, but not both simultaneously.' + items: + type: string + type: array + type: object + flexVolume: + description: flexVolume represents a generic volume resource + that is provisioned/attached using an exec based plugin. + properties: + driver: + description: driver is the name of the driver to use + for this volume. + type: string + fsType: + description: fsType is the filesystem type to mount. + Must be a filesystem type supported by the host operating + system. Ex. "ext4", "xfs", "ntfs". The default filesystem + depends on FlexVolume script. + type: string + options: + additionalProperties: + type: string + description: 'options is Optional: this field holds + extra command options if any.' + type: object + readOnly: + description: 'readOnly is Optional: defaults to false + (read/write). ReadOnly here will force the ReadOnly + setting in VolumeMounts.' + type: boolean + secretRef: + description: 'secretRef is Optional: secretRef is reference + to the secret object containing sensitive information + to pass to the plugin scripts. This may be empty if + no secret object is specified. If the secret object + contains more than one secret, all secrets are passed + to the plugin scripts.' + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + type: object + required: + - driver + type: object + flocker: + description: flocker represents a Flocker volume attached + to a kubelet's host machine. This depends on the Flocker + control service being running + properties: + datasetName: + description: datasetName is Name of the dataset stored + as metadata -> name on the dataset for Flocker should + be considered as deprecated + type: string + datasetUUID: + description: datasetUUID is the UUID of the dataset. + This is unique identifier of a Flocker dataset + type: string + type: object + gcePersistentDisk: + description: 'gcePersistentDisk represents a GCE Disk resource + that is attached to a kubelet''s host machine and then + exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' + properties: + fsType: + description: 'fsType is filesystem type of the volume + that you want to mount. Tip: Ensure that the filesystem + type is supported by the host operating system. Examples: + "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" + if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk + TODO: how do we prevent errors in the filesystem from + compromising the machine' + type: string + partition: + description: 'partition is the partition in the volume + that you want to mount. If omitted, the default is + to mount by volume name. Examples: For volume /dev/sda1, + you specify the partition as "1". Similarly, the volume + partition for /dev/sda is "0" (or you can leave the + property empty). More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' + format: int32 + type: integer + pdName: + description: 'pdName is unique name of the PD resource + in GCE. Used to identify the disk in GCE. More info: + https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' + type: string + readOnly: + description: 'readOnly here will force the ReadOnly + setting in VolumeMounts. Defaults to false. More info: + https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' + type: boolean + required: + - pdName + type: object + gitRepo: + description: 'gitRepo represents a git repository at a particular + revision. DEPRECATED: GitRepo is deprecated. To provision + a container with a git repo, mount an EmptyDir into an + InitContainer that clones the repo using git, then mount + the EmptyDir into the Pod''s container.' + properties: + directory: + description: directory is the target directory name. + Must not contain or start with '..'. If '.' is supplied, + the volume directory will be the git repository. Otherwise, + if specified, the volume will contain the git repository + in the subdirectory with the given name. + type: string + repository: + description: repository is the URL + type: string + revision: + description: revision is the commit hash for the specified + revision. + type: string + required: + - repository + type: object + glusterfs: + description: 'glusterfs represents a Glusterfs mount on + the host that shares a pod''s lifetime. More info: https://examples.k8s.io/volumes/glusterfs/README.md' + properties: + endpoints: + description: 'endpoints is the endpoint name that details + Glusterfs topology. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' + type: string + path: + description: 'path is the Glusterfs volume path. More + info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' + type: string + readOnly: + description: 'readOnly here will force the Glusterfs + volume to be mounted with read-only permissions. Defaults + to false. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' + type: boolean + required: + - endpoints + - path + type: object + hostPath: + description: 'hostPath represents a pre-existing file or + directory on the host machine that is directly exposed + to the container. This is generally used for system agents + or other privileged things that are allowed to see the + host machine. Most containers will NOT need this. More + info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath + --- TODO(jonesdl) We need to restrict who can use host + directory mounts and who can/can not mount host directories + as read/write.' + properties: + path: + description: 'path of the directory on the host. If + the path is a symlink, it will follow the link to + the real path. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath' + type: string + type: + description: 'type for HostPath Volume Defaults to "" + More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath' + type: string + required: + - path + type: object + iscsi: + description: 'iscsi represents an ISCSI Disk resource that + is attached to a kubelet''s host machine and then exposed + to the pod. More info: https://examples.k8s.io/volumes/iscsi/README.md' + properties: + chapAuthDiscovery: + description: chapAuthDiscovery defines whether support + iSCSI Discovery CHAP authentication + type: boolean + chapAuthSession: + description: chapAuthSession defines whether support + iSCSI Session CHAP authentication + type: boolean + fsType: + description: 'fsType is the filesystem type of the volume + that you want to mount. Tip: Ensure that the filesystem + type is supported by the host operating system. Examples: + "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" + if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi + TODO: how do we prevent errors in the filesystem from + compromising the machine' + type: string + initiatorName: + description: initiatorName is the custom iSCSI Initiator + Name. If initiatorName is specified with iscsiInterface + simultaneously, new iSCSI interface : will be created for the connection. + type: string + iqn: + description: iqn is the target iSCSI Qualified Name. + type: string + iscsiInterface: + description: iscsiInterface is the interface Name that + uses an iSCSI transport. Defaults to 'default' (tcp). + type: string + lun: + description: lun represents iSCSI Target Lun number. + format: int32 + type: integer + portals: + description: portals is the iSCSI Target Portal List. + The portal is either an IP or ip_addr:port if the + port is other than default (typically TCP ports 860 + and 3260). + items: + type: string + type: array + readOnly: + description: readOnly here will force the ReadOnly setting + in VolumeMounts. Defaults to false. + type: boolean + secretRef: + description: secretRef is the CHAP Secret for iSCSI + target and initiator authentication + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + type: object + targetPortal: + description: targetPortal is iSCSI Target Portal. The + Portal is either an IP or ip_addr:port if the port + is other than default (typically TCP ports 860 and + 3260). + type: string + required: + - iqn + - lun + - targetPortal + type: object + name: + description: 'name of the volume. Must be a DNS_LABEL and + unique within the pod. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + nfs: + description: 'nfs represents an NFS mount on the host that + shares a pod''s lifetime More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' + properties: + path: + description: 'path that is exported by the NFS server. + More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' + type: string + readOnly: + description: 'readOnly here will force the NFS export + to be mounted with read-only permissions. Defaults + to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' + type: boolean + server: + description: 'server is the hostname or IP address of + the NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' + type: string + required: + - path + - server + type: object + persistentVolumeClaim: + description: 'persistentVolumeClaimVolumeSource represents + a reference to a PersistentVolumeClaim in the same namespace. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' + properties: + claimName: + description: 'claimName is the name of a PersistentVolumeClaim + in the same namespace as the pod using this volume. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' + type: string + readOnly: + description: readOnly Will force the ReadOnly setting + in VolumeMounts. Default false. + type: boolean + required: + - claimName + type: object + photonPersistentDisk: + description: photonPersistentDisk represents a PhotonController + persistent disk attached and mounted on kubelets host + machine + properties: + fsType: + description: fsType is the filesystem type to mount. + Must be a filesystem type supported by the host operating + system. Ex. "ext4", "xfs", "ntfs". Implicitly inferred + to be "ext4" if unspecified. + type: string + pdID: + description: pdID is the ID that identifies Photon Controller + persistent disk + type: string + required: + - pdID + type: object + portworxVolume: + description: portworxVolume represents a portworx volume + attached and mounted on kubelets host machine + properties: + fsType: + description: fSType represents the filesystem type to + mount Must be a filesystem type supported by the host + operating system. Ex. "ext4", "xfs". Implicitly inferred + to be "ext4" if unspecified. + type: string + readOnly: + description: readOnly defaults to false (read/write). + ReadOnly here will force the ReadOnly setting in VolumeMounts. + type: boolean + volumeID: + description: volumeID uniquely identifies a Portworx + volume + type: string + required: + - volumeID + type: object + projected: + description: projected items for all in one resources secrets, + configmaps, and downward API + properties: + defaultMode: + description: defaultMode are the mode bits used to set + permissions on created files by default. Must be an + octal value between 0000 and 0777 or a decimal value + between 0 and 511. YAML accepts both octal and decimal + values, JSON requires decimal values for mode bits. + Directories within the path are not affected by this + setting. This might be in conflict with other options + that affect the file mode, like fsGroup, and the result + can be other mode bits set. + format: int32 + type: integer + sources: + description: sources is the list of volume projections + items: + description: Projection that may be projected along + with other supported volume types + properties: + configMap: + description: configMap information about the configMap + data to project + properties: + items: + description: items if unspecified, each key-value + pair in the Data field of the referenced + ConfigMap will be projected into the volume + as a file whose name is the key and content + is the value. If specified, the listed keys + will be projected into the specified paths, + and unlisted keys will not be present. If + a key is specified which is not present + in the ConfigMap, the volume setup will + error unless it is marked optional. Paths + must be relative and may not contain the + '..' path or start with '..'. + items: + description: Maps a string key to a path + within a volume. + properties: + key: + description: key is the key to project. + type: string + mode: + description: 'mode is Optional: mode + bits used to set permissions on this + file. Must be an octal value between + 0000 and 0777 or a decimal value between + 0 and 511. YAML accepts both octal + and decimal values, JSON requires + decimal values for mode bits. If not + specified, the volume defaultMode + will be used. This might be in conflict + with other options that affect the + file mode, like fsGroup, and the result + can be other mode bits set.' + format: int32 + type: integer + path: + description: path is the relative path + of the file to map the key to. May + not be an absolute path. May not contain + the path element '..'. May not start + with the string '..'. + type: string + required: + - key + - path + type: object + type: array + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: optional specify whether the + ConfigMap or its keys must be defined + type: boolean + type: object + downwardAPI: + description: downwardAPI information about the + downwardAPI data to project + properties: + items: + description: Items is a list of DownwardAPIVolume + file + items: + description: DownwardAPIVolumeFile represents + information to create the file containing + the pod field + properties: + fieldRef: + description: 'Required: Selects a field + of the pod: only annotations, labels, + name and namespace are supported.' + properties: + apiVersion: + description: Version of the schema + the FieldPath is written in terms + of, defaults to "v1". + type: string + fieldPath: + description: Path of the field to + select in the specified API version. + type: string + required: + - fieldPath + type: object + mode: + description: 'Optional: mode bits used + to set permissions on this file, must + be an octal value between 0000 and + 0777 or a decimal value between 0 + and 511. YAML accepts both octal and + decimal values, JSON requires decimal + values for mode bits. If not specified, + the volume defaultMode will be used. + This might be in conflict with other + options that affect the file mode, + like fsGroup, and the result can be + other mode bits set.' + format: int32 + type: integer + path: + description: 'Required: Path is the + relative path name of the file to + be created. Must not be absolute or + contain the ''..'' path. Must be utf-8 + encoded. The first item of the relative + path must not start with ''..''' + type: string + resourceFieldRef: + description: 'Selects a resource of + the container: only resources limits + and requests (limits.cpu, limits.memory, + requests.cpu and requests.memory) + are currently supported.' + properties: + containerName: + description: 'Container name: required + for volumes, optional for env + vars' + type: string + divisor: + anyOf: + - type: integer + - type: string + description: Specifies the output + format of the exposed resources, + defaults to "1" + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + description: 'Required: resource + to select' + type: string + required: + - resource + type: object + required: + - path + type: object + type: array + type: object + secret: + description: secret information about the secret + data to project + properties: + items: + description: items if unspecified, each key-value + pair in the Data field of the referenced + Secret will be projected into the volume + as a file whose name is the key and content + is the value. If specified, the listed keys + will be projected into the specified paths, + and unlisted keys will not be present. If + a key is specified which is not present + in the Secret, the volume setup will error + unless it is marked optional. Paths must + be relative and may not contain the '..' + path or start with '..'. + items: + description: Maps a string key to a path + within a volume. + properties: + key: + description: key is the key to project. + type: string + mode: + description: 'mode is Optional: mode + bits used to set permissions on this + file. Must be an octal value between + 0000 and 0777 or a decimal value between + 0 and 511. YAML accepts both octal + and decimal values, JSON requires + decimal values for mode bits. If not + specified, the volume defaultMode + will be used. This might be in conflict + with other options that affect the + file mode, like fsGroup, and the result + can be other mode bits set.' + format: int32 + type: integer + path: + description: path is the relative path + of the file to map the key to. May + not be an absolute path. May not contain + the path element '..'. May not start + with the string '..'. + type: string + required: + - key + - path + type: object + type: array + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: optional field specify whether + the Secret or its key must be defined + type: boolean + type: object + serviceAccountToken: + description: serviceAccountToken is information + about the serviceAccountToken data to project + properties: + audience: + description: audience is the intended audience + of the token. A recipient of a token must + identify itself with an identifier specified + in the audience of the token, and otherwise + should reject the token. The audience defaults + to the identifier of the apiserver. + type: string + expirationSeconds: + description: expirationSeconds is the requested + duration of validity of the service account + token. As the token approaches expiration, + the kubelet volume plugin will proactively + rotate the service account token. The kubelet + will start trying to rotate the token if + the token is older than 80 percent of its + time to live or if the token is older than + 24 hours.Defaults to 1 hour and must be + at least 10 minutes. + format: int64 + type: integer + path: + description: path is the path relative to + the mount point of the file to project the + token into. + type: string + required: + - path + type: object + type: object + type: array + type: object + quobyte: + description: quobyte represents a Quobyte mount on the host + that shares a pod's lifetime + properties: + group: + description: group to map volume access to Default is + no group + type: string + readOnly: + description: readOnly here will force the Quobyte volume + to be mounted with read-only permissions. Defaults + to false. + type: boolean + registry: + description: registry represents a single or multiple + Quobyte Registry services specified as a string as + host:port pair (multiple entries are separated with + commas) which acts as the central registry for volumes + type: string + tenant: + description: tenant owning the given Quobyte volume + in the Backend Used with dynamically provisioned Quobyte + volumes, value is set by the plugin + type: string + user: + description: user to map volume access to Defaults to + serivceaccount user + type: string + volume: + description: volume is a string that references an already + created Quobyte volume by name. + type: string + required: + - registry + - volume + type: object + rbd: + description: 'rbd represents a Rados Block Device mount + on the host that shares a pod''s lifetime. More info: + https://examples.k8s.io/volumes/rbd/README.md' + properties: + fsType: + description: 'fsType is the filesystem type of the volume + that you want to mount. Tip: Ensure that the filesystem + type is supported by the host operating system. Examples: + "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" + if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#rbd + TODO: how do we prevent errors in the filesystem from + compromising the machine' + type: string + image: + description: 'image is the rados image name. More info: + https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' + type: string + keyring: + description: 'keyring is the path to key ring for RBDUser. + Default is /etc/ceph/keyring. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' + type: string + monitors: + description: 'monitors is a collection of Ceph monitors. + More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' + items: + type: string + type: array + pool: + description: 'pool is the rados pool name. Default is + rbd. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' + type: string + readOnly: + description: 'readOnly here will force the ReadOnly + setting in VolumeMounts. Defaults to false. More info: + https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' + type: boolean + secretRef: + description: 'secretRef is name of the authentication + secret for RBDUser. If provided overrides keyring. + Default is nil. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + type: object + user: + description: 'user is the rados user name. Default is + admin. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' + type: string + required: + - image + - monitors + type: object + scaleIO: + description: scaleIO represents a ScaleIO persistent volume + attached and mounted on Kubernetes nodes. + properties: + fsType: + description: fsType is the filesystem type to mount. + Must be a filesystem type supported by the host operating + system. Ex. "ext4", "xfs", "ntfs". Default is "xfs". + type: string + gateway: + description: gateway is the host address of the ScaleIO + API Gateway. + type: string + protectionDomain: + description: protectionDomain is the name of the ScaleIO + Protection Domain for the configured storage. + type: string + readOnly: + description: readOnly Defaults to false (read/write). + ReadOnly here will force the ReadOnly setting in VolumeMounts. + type: boolean + secretRef: + description: secretRef references to the secret for + ScaleIO user and other sensitive information. If this + is not provided, Login operation will fail. + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + type: object + sslEnabled: + description: sslEnabled Flag enable/disable SSL communication + with Gateway, default false + type: boolean + storageMode: + description: storageMode indicates whether the storage + for a volume should be ThickProvisioned or ThinProvisioned. + Default is ThinProvisioned. + type: string + storagePool: + description: storagePool is the ScaleIO Storage Pool + associated with the protection domain. + type: string + system: + description: system is the name of the storage system + as configured in ScaleIO. + type: string + volumeName: + description: volumeName is the name of a volume already + created in the ScaleIO system that is associated with + this volume source. + type: string + required: + - gateway + - secretRef + - system + type: object + secret: + description: 'secret represents a secret that should populate + this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' + properties: + defaultMode: + description: 'defaultMode is Optional: mode bits used + to set permissions on created files by default. Must + be an octal value between 0000 and 0777 or a decimal + value between 0 and 511. YAML accepts both octal and + decimal values, JSON requires decimal values for mode + bits. Defaults to 0644. Directories within the path + are not affected by this setting. This might be in + conflict with other options that affect the file mode, + like fsGroup, and the result can be other mode bits + set.' + format: int32 + type: integer + items: + description: items If unspecified, each key-value pair + in the Data field of the referenced Secret will be + projected into the volume as a file whose name is + the key and content is the value. If specified, the + listed keys will be projected into the specified paths, + and unlisted keys will not be present. If a key is + specified which is not present in the Secret, the + volume setup will error unless it is marked optional. + Paths must be relative and may not contain the '..' + path or start with '..'. + items: + description: Maps a string key to a path within a + volume. + properties: + key: + description: key is the key to project. + type: string + mode: + description: 'mode is Optional: mode bits used + to set permissions on this file. Must be an + octal value between 0000 and 0777 or a decimal + value between 0 and 511. YAML accepts both octal + and decimal values, JSON requires decimal values + for mode bits. If not specified, the volume + defaultMode will be used. This might be in conflict + with other options that affect the file mode, + like fsGroup, and the result can be other mode + bits set.' + format: int32 + type: integer + path: + description: path is the relative path of the + file to map the key to. May not be an absolute + path. May not contain the path element '..'. + May not start with the string '..'. + type: string + required: + - key + - path + type: object + type: array + optional: + description: optional field specify whether the Secret + or its keys must be defined + type: boolean + secretName: + description: 'secretName is the name of the secret in + the pod''s namespace to use. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' + type: string + type: object + storageos: + description: storageOS represents a StorageOS volume attached + and mounted on Kubernetes nodes. + properties: + fsType: + description: fsType is the filesystem type to mount. + Must be a filesystem type supported by the host operating + system. Ex. "ext4", "xfs", "ntfs". Implicitly inferred + to be "ext4" if unspecified. + type: string + readOnly: + description: readOnly defaults to false (read/write). + ReadOnly here will force the ReadOnly setting in VolumeMounts. + type: boolean + secretRef: + description: secretRef specifies the secret to use for + obtaining the StorageOS API credentials. If not specified, + default values will be attempted. + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + type: object + volumeName: + description: volumeName is the human-readable name of + the StorageOS volume. Volume names are only unique + within a namespace. + type: string + volumeNamespace: + description: volumeNamespace specifies the scope of + the volume within StorageOS. If no namespace is specified + then the Pod's namespace will be used. This allows + the Kubernetes name scoping to be mirrored within + StorageOS for tighter integration. Set VolumeName + to any name to override the default behaviour. Set + to "default" if you are not using namespaces within + StorageOS. Namespaces that do not pre-exist within + StorageOS will be created. + type: string + type: object + vsphereVolume: + description: vsphereVolume represents a vSphere volume attached + and mounted on kubelets host machine + properties: + fsType: + description: fsType is filesystem type to mount. Must + be a filesystem type supported by the host operating + system. Ex. "ext4", "xfs", "ntfs". Implicitly inferred + to be "ext4" if unspecified. + type: string + storagePolicyID: + description: storagePolicyID is the storage Policy Based + Management (SPBM) profile ID associated with the StoragePolicyName. + type: string + storagePolicyName: + description: storagePolicyName is the storage Policy + Based Management (SPBM) profile name. + type: string + volumePath: + description: volumePath is the path that identifies + vSphere volume vmdk + type: string + required: + - volumePath + type: object + required: + - name + type: object + type: array + type: object + repositoryCredentials: + description: RepositoryCredentials are the Git pull credentials to + configure Argo CD with upon creation of the cluster. + type: string + resourceActions: + description: ResourceActions customizes resource action behavior. + items: + description: Resource Customization for custom action + properties: + action: + type: string + group: + type: string + kind: + type: string + type: object + type: array + resourceExclusions: + description: ResourceExclusions is used to completely ignore entire + classes of resource group/kinds. + type: string + resourceHealthChecks: + description: ResourceHealthChecks customizes resource health check + behavior. + items: + description: Resource Customization for custom health check + properties: + check: + type: string + group: + type: string + kind: + type: string + type: object + type: array + resourceIgnoreDifferences: + description: ResourceIgnoreDifferences customizes resource ignore + difference behavior. + properties: + all: + properties: + jqPathExpressions: + items: + type: string + type: array + jsonPointers: + items: + type: string + type: array + managedFieldsManagers: + items: + type: string + type: array + type: object + resourceIdentifiers: + items: + description: Resource Customization fields for ignore difference + properties: + customization: + properties: + jqPathExpressions: + items: + type: string + type: array + jsonPointers: + items: + type: string + type: array + managedFieldsManagers: + items: + type: string + type: array + type: object + group: + type: string + kind: + type: string + type: object + type: array + type: object + resourceInclusions: + description: ResourceInclusions is used to only include specific group/kinds + in the reconciliation process. + type: string + resourceTrackingMethod: + description: ResourceTrackingMethod defines how Argo CD should track + resources that it manages + type: string + server: + description: Server defines the options for the ArgoCD Server component. + properties: + autoscale: + description: Autoscale defines the autoscale options for the Argo + CD Server component. + properties: + enabled: + description: Enabled will toggle autoscaling support for the + Argo CD Server component. + type: boolean + hpa: + description: HPA defines the HorizontalPodAutoscaler options + for the Argo CD Server component. + properties: + maxReplicas: + description: maxReplicas is the upper limit for the number + of pods that can be set by the autoscaler; cannot be + smaller than MinReplicas. + format: int32 + type: integer + minReplicas: + description: minReplicas is the lower limit for the number + of replicas to which the autoscaler can scale down. It + defaults to 1 pod. minReplicas is allowed to be 0 if + the alpha feature gate HPAScaleToZero is enabled and + at least one Object or External metric is configured. Scaling + is active as long as at least one metric value is available. + format: int32 + type: integer + scaleTargetRef: + description: reference to scaled resource; horizontal + pod autoscaler will learn the current resource consumption + and will set the desired number of pods by using its + Scale subresource. + properties: + apiVersion: + description: apiVersion is the API version of the + referent + type: string + kind: + description: 'kind is the kind of the referent; More + info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + name: + description: 'name is the name of the referent; More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + required: + - kind + - name + type: object + targetCPUUtilizationPercentage: + description: targetCPUUtilizationPercentage is the target + average CPU utilization (represented as a percentage + of requested CPU) over all the pods; if not specified + the default autoscaling policy will be used. + format: int32 + type: integer + required: + - maxReplicas + - scaleTargetRef + type: object + required: + - enabled + type: object + env: + description: Env lets you specify environment for API server pods + items: + description: EnvVar represents an environment variable present + in a Container. + properties: + name: + description: Name of the environment variable. Must be a + C_IDENTIFIER. + type: string + value: + description: 'Variable references $(VAR_NAME) are expanded + using the previously defined environment variables in + the container and any service environment variables. If + a variable cannot be resolved, the reference in the input + string will be unchanged. Double $$ are reduced to a single + $, which allows for escaping the $(VAR_NAME) syntax: i.e. + "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". + Escaped references will never be expanded, regardless + of whether the variable exists or not. Defaults to "".' + type: string + valueFrom: + description: Source for the environment variable's value. + Cannot be used if value is not empty. + properties: + configMapKeyRef: + description: Selects a key of a ConfigMap. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether the ConfigMap or its + key must be defined + type: boolean + required: + - key + type: object + fieldRef: + description: 'Selects a field of the pod: supports metadata.name, + metadata.namespace, `metadata.labels['''']`, + `metadata.annotations['''']`, spec.nodeName, + spec.serviceAccountName, status.hostIP, status.podIP, + status.podIPs.' + properties: + apiVersion: + description: Version of the schema the FieldPath + is written in terms of, defaults to "v1". + type: string + fieldPath: + description: Path of the field to select in the + specified API version. + type: string + required: + - fieldPath + type: object + resourceFieldRef: + description: 'Selects a resource of the container: only + resources limits and requests (limits.cpu, limits.memory, + limits.ephemeral-storage, requests.cpu, requests.memory + and requests.ephemeral-storage) are currently supported.' + properties: + containerName: + description: 'Container name: required for volumes, + optional for env vars' + type: string + divisor: + anyOf: + - type: integer + - type: string + description: Specifies the output format of the + exposed resources, defaults to "1" + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + description: 'Required: resource to select' + type: string + required: + - resource + type: object + secretKeyRef: + description: Selects a key of a secret in the pod's + namespace + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + type: object + required: + - name + type: object + type: array + extraCommandArgs: + description: Extra Command arguments that would append to the + Argo CD server command. ExtraCommandArgs will not be added, + if one of these commands is already part of the server command + with same or different value. + items: + type: string + type: array + grpc: + description: GRPC defines the state for the Argo CD Server GRPC + options. + properties: + host: + description: Host is the hostname to use for Ingress/Route + resources. + type: string + ingress: + description: Ingress defines the desired state for the Argo + CD Server GRPC Ingress. + properties: + annotations: + additionalProperties: + type: string + description: Annotations is the map of annotations to + apply to the Ingress. + type: object + enabled: + description: Enabled will toggle the creation of the Ingress. + type: boolean + ingressClassName: + description: IngressClassName for the Ingress resource. + type: string + path: + description: Path used for the Ingress resource. + type: string + tls: + description: TLS configuration. Currently the Ingress + only supports a single TLS port, 443. If multiple members + of this list specify different hosts, they will be multiplexed + on the same port according to the hostname specified + through the SNI TLS extension, if the ingress controller + fulfilling the ingress supports SNI. + items: + description: IngressTLS describes the transport layer + security associated with an ingress. + properties: + hosts: + description: hosts is a list of hosts included in + the TLS certificate. The values in this list must + match the name/s used in the tlsSecret. Defaults + to the wildcard host setting for the loadbalancer + controller fulfilling this Ingress, if left unspecified. + items: + type: string + type: array + x-kubernetes-list-type: atomic + secretName: + description: secretName is the name of the secret + used to terminate TLS traffic on port 443. Field + is left optional to allow TLS routing based on + SNI hostname alone. If the SNI host in a listener + conflicts with the "Host" header field used by + an IngressRule, the SNI host is used for termination + and value of the "Host" header is used for routing. + type: string + type: object + type: array + required: + - enabled + type: object + type: object + host: + description: Host is the hostname to use for Ingress/Route resources. + type: string + ingress: + description: Ingress defines the desired state for an Ingress + for the Argo CD Server component. + properties: + annotations: + additionalProperties: + type: string + description: Annotations is the map of annotations to apply + to the Ingress. + type: object + enabled: + description: Enabled will toggle the creation of the Ingress. + type: boolean + ingressClassName: + description: IngressClassName for the Ingress resource. + type: string + path: + description: Path used for the Ingress resource. + type: string + tls: + description: TLS configuration. Currently the Ingress only + supports a single TLS port, 443. If multiple members of + this list specify different hosts, they will be multiplexed + on the same port according to the hostname specified through + the SNI TLS extension, if the ingress controller fulfilling + the ingress supports SNI. + items: + description: IngressTLS describes the transport layer security + associated with an ingress. + properties: + hosts: + description: hosts is a list of hosts included in the + TLS certificate. The values in this list must match + the name/s used in the tlsSecret. Defaults to the + wildcard host setting for the loadbalancer controller + fulfilling this Ingress, if left unspecified. + items: + type: string + type: array + x-kubernetes-list-type: atomic + secretName: + description: secretName is the name of the secret used + to terminate TLS traffic on port 443. Field is left + optional to allow TLS routing based on SNI hostname + alone. If the SNI host in a listener conflicts with + the "Host" header field used by an IngressRule, the + SNI host is used for termination and value of the + "Host" header is used for routing. + type: string + type: object + type: array + required: + - enabled + type: object + insecure: + description: Insecure toggles the insecure flag. + type: boolean + logFormat: + description: LogFormat refers to the log level to be used by the + ArgoCD Server component. Defaults to ArgoCDDefaultLogFormat + if not configured. Valid options are text or json. + type: string + logLevel: + description: LogLevel refers to the log level to be used by the + ArgoCD Server component. Defaults to ArgoCDDefaultLogLevel if + not set. Valid options are debug, info, error, and warn. + type: string + replicas: + description: Replicas defines the number of replicas for argocd-server. + Default is nil. Value should be greater than or equal to 0. + Value will be ignored if Autoscaler is enabled. + format: int32 + type: integer + resources: + description: Resources defines the Compute Resources required + by the container for the Argo CD server component. + properties: + claims: + description: "Claims lists the names of resources, defined + in spec.resourceClaims, that are used by this container. + \n This is an alpha field and requires enabling the DynamicResourceAllocation + feature gate. \n This field is immutable. It can only be + set for containers." + items: + description: ResourceClaim references one entry in PodSpec.ResourceClaims. + properties: + name: + description: Name must match the name of one entry in + pod.spec.resourceClaims of the Pod where this field + is used. It makes that resource available inside a + container. + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum amount of compute + resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum amount of compute + resources required. If Requests is omitted for a container, + it defaults to Limits if that is explicitly specified, otherwise + to an implementation-defined value. Requests cannot exceed + Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + type: object + route: + description: Route defines the desired state for an OpenShift + Route for the Argo CD Server component. + properties: + annotations: + additionalProperties: + type: string + description: Annotations is the map of annotations to use + for the Route resource. + type: object + enabled: + description: Enabled will toggle the creation of the OpenShift + Route. + type: boolean + labels: + additionalProperties: + type: string + description: Labels is the map of labels to use for the Route + resource + type: object + path: + description: Path the router watches for, to route traffic + for to the service. + type: string + tls: + description: TLS provides the ability to configure certificates + and termination for the Route. + properties: + caCertificate: + description: caCertificate provides the cert authority + certificate contents + type: string + certificate: + description: certificate provides certificate contents + type: string + destinationCACertificate: + description: destinationCACertificate provides the contents + of the ca certificate of the final destination. When + using reencrypt termination this file should be provided + in order to have routers use it for health checks on + the secure connection. If this field is not specified, + the router may provide its own destination CA and perform + hostname validation using the short service name (service.namespace.svc), + which allows infrastructure generated certificates to + automatically verify. + type: string + insecureEdgeTerminationPolicy: + description: "insecureEdgeTerminationPolicy indicates + the desired behavior for insecure connections to a route. + While each router may make its own decisions on which + ports to expose, this is normally port 80. \n * Allow + - traffic is sent to the server on the insecure port + (default) * Disable - no traffic is allowed on the insecure + port. * Redirect - clients are redirected to the secure + port." + type: string + key: + description: key provides key file contents + type: string + termination: + description: termination indicates termination type. + type: string + required: + - termination + type: object + wildcardPolicy: + description: WildcardPolicy if any for the route. Currently + only 'Subdomain' or 'None' is allowed. + type: string + required: + - enabled + type: object + service: + description: Service defines the options for the Service backing + the ArgoCD Server component. + properties: + type: + description: Type is the ServiceType to use for the Service + resource. + type: string + required: + - type + type: object + type: object + sourceNamespaces: + description: SourceNamespaces defines the namespaces application resources + are allowed to be created in + items: + type: string + type: array + sso: + description: SSO defines the Single Sign-on configuration for Argo + CD + properties: + dex: + description: Dex contains the configuration for Argo CD dex authentication + properties: + config: + description: Config is the dex connector configuration. + type: string + groups: + description: Optional list of required groups a user must + be a member of + items: + type: string + type: array + image: + description: Image is the Dex container image. + type: string + openShiftOAuth: + description: OpenShiftOAuth enables OpenShift OAuth authentication + for the Dex server. + type: boolean + resources: + description: Resources defines the Compute Resources required + by the container for Dex. + properties: + claims: + description: "Claims lists the names of resources, defined + in spec.resourceClaims, that are used by this container. + \n This is an alpha field and requires enabling the + DynamicResourceAllocation feature gate. \n This field + is immutable. It can only be set for containers." + items: + description: ResourceClaim references one entry in PodSpec.ResourceClaims. + properties: + name: + description: Name must match the name of one entry + in pod.spec.resourceClaims of the Pod where this + field is used. It makes that resource available + inside a container. + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum amount of compute + resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum amount of + compute resources required. If Requests is omitted for + a container, it defaults to Limits if that is explicitly + specified, otherwise to an implementation-defined value. + Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + type: object + version: + description: Version is the Dex container image tag. + type: string + type: object + keycloak: + description: Keycloak contains the configuration for Argo CD keycloak + authentication + properties: + image: + description: Image is the Keycloak container image. + type: string + resources: + description: Resources defines the Compute Resources required + by the container for Keycloak. + properties: + claims: + description: "Claims lists the names of resources, defined + in spec.resourceClaims, that are used by this container. + \n This is an alpha field and requires enabling the + DynamicResourceAllocation feature gate. \n This field + is immutable. It can only be set for containers." + items: + description: ResourceClaim references one entry in PodSpec.ResourceClaims. + properties: + name: + description: Name must match the name of one entry + in pod.spec.resourceClaims of the Pod where this + field is used. It makes that resource available + inside a container. + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum amount of compute + resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum amount of + compute resources required. If Requests is omitted for + a container, it defaults to Limits if that is explicitly + specified, otherwise to an implementation-defined value. + Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + type: object + rootCA: + description: Custom root CA certificate for communicating + with the Keycloak OIDC provider + type: string + verifyTLS: + description: VerifyTLS set to false disables strict TLS validation. + type: boolean + version: + description: Version is the Keycloak container image tag. + type: string + type: object + provider: + description: Provider installs and configures the given SSO Provider + with Argo CD. + type: string + type: object + statusBadgeEnabled: + description: StatusBadgeEnabled toggles application status badge feature. + type: boolean + tls: + description: TLS defines the TLS options for ArgoCD. + properties: + ca: + description: CA defines the CA options. + properties: + configMapName: + description: ConfigMapName is the name of the ConfigMap containing + the CA Certificate. + type: string + secretName: + description: SecretName is the name of the Secret containing + the CA Certificate and Key. + type: string + type: object + initialCerts: + additionalProperties: + type: string + description: InitialCerts defines custom TLS certificates upon + creation of the cluster for connecting Git repositories via + HTTPS. + type: object + type: object + usersAnonymousEnabled: + description: UsersAnonymousEnabled toggles anonymous user access. + The anonymous users get default role permissions specified argocd-rbac-cm. + type: boolean + version: + description: Version is the tag to use with the ArgoCD container image + for all ArgoCD components. + type: string + type: object + status: + description: ArgoCDStatus defines the observed state of ArgoCD + properties: + applicationController: + description: 'ApplicationController is a simple, high-level summary + of where the Argo CD application controller component is in its + lifecycle. There are four possible ApplicationController values: + Pending: The Argo CD application controller component has been accepted + by the Kubernetes system, but one or more of the required resources + have not been created. Running: All of the required Pods for the + Argo CD application controller component are in a Ready state. Failed: + At least one of the Argo CD application controller component Pods + had a failure. Unknown: The state of the Argo CD application controller + component could not be obtained.' + type: string + applicationSetController: + description: 'ApplicationSetController is a simple, high-level summary + of where the Argo CD applicationSet controller component is in its + lifecycle. There are four possible ApplicationSetController values: + Pending: The Argo CD applicationSet controller component has been + accepted by the Kubernetes system, but one or more of the required + resources have not been created. Running: All of the required Pods + for the Argo CD applicationSet controller component are in a Ready + state. Failed: At least one of the Argo CD applicationSet controller + component Pods had a failure. Unknown: The state of the Argo CD + applicationSet controller component could not be obtained.' + type: string + host: + description: Host is the hostname of the Ingress. + type: string + notificationsController: + description: 'NotificationsController is a simple, high-level summary + of where the Argo CD notifications controller component is in its + lifecycle. There are four possible NotificationsController values: + Pending: The Argo CD notifications controller component has been + accepted by the Kubernetes system, but one or more of the required + resources have not been created. Running: All of the required Pods + for the Argo CD notifications controller component are in a Ready + state. Failed: At least one of the Argo CD notifications controller + component Pods had a failure. Unknown: The state of the Argo CD + notifications controller component could not be obtained.' + type: string + phase: + description: 'Phase is a simple, high-level summary of where the ArgoCD + is in its lifecycle. There are four possible phase values: Pending: + The ArgoCD has been accepted by the Kubernetes system, but one or + more of the required resources have not been created. Available: + All of the resources for the ArgoCD are ready. Failed: At least + one resource has experienced a failure. Unknown: The state of the + ArgoCD phase could not be obtained.' + type: string + redis: + description: 'Redis is a simple, high-level summary of where the Argo + CD Redis component is in its lifecycle. There are four possible + redis values: Pending: The Argo CD Redis component has been accepted + by the Kubernetes system, but one or more of the required resources + have not been created. Running: All of the required Pods for the + Argo CD Redis component are in a Ready state. Failed: At least one + of the Argo CD Redis component Pods had a failure. Unknown: The + state of the Argo CD Redis component could not be obtained.' + type: string + redisTLSChecksum: + description: RedisTLSChecksum contains the SHA256 checksum of the + latest known state of tls.crt and tls.key in the argocd-operator-redis-tls + secret. + type: string + repo: + description: 'Repo is a simple, high-level summary of where the Argo + CD Repo component is in its lifecycle. There are four possible repo + values: Pending: The Argo CD Repo component has been accepted by + the Kubernetes system, but one or more of the required resources + have not been created. Running: All of the required Pods for the + Argo CD Repo component are in a Ready state. Failed: At least one + of the Argo CD Repo component Pods had a failure. Unknown: The + state of the Argo CD Repo component could not be obtained.' + type: string + repoTLSChecksum: + description: RepoTLSChecksum contains the SHA256 checksum of the latest + known state of tls.crt and tls.key in the argocd-repo-server-tls + secret. + type: string + server: + description: 'Server is a simple, high-level summary of where the + Argo CD server component is in its lifecycle. There are four possible + server values: Pending: The Argo CD server component has been accepted + by the Kubernetes system, but one or more of the required resources + have not been created. Running: All of the required Pods for the + Argo CD server component are in a Ready state. Failed: At least + one of the Argo CD server component Pods had a failure. Unknown: + The state of the Argo CD server component could not be obtained.' + type: string + sso: + description: 'SSO is a simple, high-level summary of where the Argo + CD SSO(Dex/Keycloak) component is in its lifecycle. There are four + possible sso values: Pending: The Argo CD SSO component has been + accepted by the Kubernetes system, but one or more of the required + resources have not been created. Running: All of the required Pods + for the Argo CD SSO component are in a Ready state. Failed: At least + one of the Argo CD SSO component Pods had a failure. Unknown: The + state of the Argo CD SSO component could not be obtained.' + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: argocd-operator-controller-manager + namespace: argocd-operator-system +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: argocd-operator-leader-election-role + namespace: argocd-operator-system +rules: +- apiGroups: + - "" + resources: + - configmaps + verbs: + - get + - list + - watch + - create + - update + - patch + - delete +- apiGroups: + - coordination.k8s.io + resources: + - leases + verbs: + - get + - list + - watch + - create + - update + - patch + - delete +- apiGroups: + - "" + resources: + - events + verbs: + - create + - patch +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + creationTimestamp: null + name: argocd-operator-manager-role +rules: +- apiGroups: + - "" + resources: + - configmaps + - endpoints + - events + - namespaces + - persistentvolumeclaims + - pods + - secrets + - serviceaccounts + - services + - services/finalizers + verbs: + - '*' +- apiGroups: + - "" + resources: + - pods + - pods/log + verbs: + - get +- apiGroups: + - apps + resources: + - daemonsets + - deployments + - replicasets + - statefulsets + verbs: + - '*' +- apiGroups: + - apps + resourceNames: + - argocd-operator + resources: + - deployments/finalizers + verbs: + - update +- apiGroups: + - apps.openshift.io + resources: + - deploymentconfigs + verbs: + - '*' +- apiGroups: + - argoproj.io + resources: + - applications + - appprojects + verbs: + - '*' +- apiGroups: + - argoproj.io + resources: + - argocdexports + - argocdexports/finalizers + - argocdexports/status + verbs: + - '*' +- apiGroups: + - argoproj.io + resources: + - argocds + - argocds/finalizers + - argocds/status + verbs: + - '*' +- apiGroups: + - autoscaling + resources: + - horizontalpodautoscalers + verbs: + - '*' +- apiGroups: + - batch + resources: + - cronjobs + - jobs + verbs: + - '*' +- apiGroups: + - config.openshift.io + resources: + - clusterversions + verbs: + - get + - list + - watch +- apiGroups: + - monitoring.coreos.com + resources: + - prometheuses + - prometheusrules + - servicemonitors + verbs: + - '*' +- apiGroups: + - networking.k8s.io + resources: + - ingresses + verbs: + - '*' +- apiGroups: + - oauth.openshift.io + resources: + - oauthclients + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - rbac.authorization.k8s.io + resources: + - '*' + verbs: + - '*' +- apiGroups: + - rbac.authorization.k8s.io + resources: + - clusterrolebindings + - clusterroles + verbs: + - '*' +- apiGroups: + - route.openshift.io + resources: + - routes + - routes/custom-host + verbs: + - '*' +- apiGroups: + - template.openshift.io + resources: + - templateconfigs + - templateinstances + - templates + verbs: + - '*' +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: argocd-operator-metrics-reader +rules: +- nonResourceURLs: + - /metrics + verbs: + - get +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: argocd-operator-proxy-role +rules: +- apiGroups: + - authentication.k8s.io + resources: + - tokenreviews + verbs: + - create +- apiGroups: + - authorization.k8s.io + resources: + - subjectaccessreviews + verbs: + - create +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: argocd-operator-leader-election-rolebinding + namespace: argocd-operator-system +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: argocd-operator-leader-election-role +subjects: +- kind: ServiceAccount + name: argocd-operator-controller-manager + namespace: argocd-operator-system +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: argocd-operator-manager-rolebinding +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: argocd-operator-manager-role +subjects: +- kind: ServiceAccount + name: argocd-operator-controller-manager + namespace: argocd-operator-system +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: argocd-operator-proxy-rolebinding +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: argocd-operator-proxy-role +subjects: +- kind: ServiceAccount + name: argocd-operator-controller-manager + namespace: argocd-operator-system +--- +apiVersion: v1 +data: + controller_manager_config.yaml: | + apiVersion: controller-runtime.sigs.k8s.io/v1alpha1 + kind: ControllerManagerConfig + health: + healthProbeBindAddress: :8081 + metrics: + bindAddress: 127.0.0.1:8080 + webhook: + port: 9443 + leaderElection: + leaderElect: true + resourceName: b674928d.argoproj.io +kind: ConfigMap +metadata: + name: argocd-operator-manager-config + namespace: argocd-operator-system +--- +apiVersion: v1 +kind: Service +metadata: + labels: + control-plane: argocd-operator + name: argocd-operator-controller-manager-metrics-service + namespace: argocd-operator-system +spec: + ports: + - name: https + port: 8443 + targetPort: 8080 + selector: + control-plane: argocd-operator +--- +apiVersion: v1 +kind: Service +metadata: + name: argocd-operator-webhook-service + namespace: argocd-operator-system +spec: + ports: + - port: 443 + protocol: TCP + targetPort: 9443 + selector: + control-plane: argocd-operator +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + labels: + control-plane: argocd-operator + name: argocd-operator-controller-manager + namespace: argocd-operator-system +spec: + replicas: 1 + selector: + matchLabels: + control-plane: argocd-operator + template: + metadata: + labels: + control-plane: argocd-operator + spec: + containers: + - args: + - --leader-elect + command: + - /manager + env: + - name: ENABLE_CONVERSION_WEBHOOK + value: "true" + - name: WATCH_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.annotations['olm.targetNamespaces'] + image: quay.io/argoprojlabs/argocd-operator:v0.8.0 + livenessProbe: + httpGet: + path: /healthz + port: 8081 + initialDelaySeconds: 15 + periodSeconds: 20 + name: manager + ports: + - containerPort: 9443 + name: webhook-server + protocol: TCP + readinessProbe: + httpGet: + path: /readyz + port: 8081 + initialDelaySeconds: 5 + periodSeconds: 10 + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + readOnlyRootFilesystem: true + runAsNonRoot: true + volumeMounts: + - mountPath: /tmp/k8s-webhook-server/serving-certs + name: cert + readOnly: true + securityContext: + runAsNonRoot: true + serviceAccountName: argocd-operator-controller-manager + terminationGracePeriodSeconds: 10 + volumes: + - name: cert + secret: + defaultMode: 420 + secretName: webhook-server-cert +--- +apiVersion: cert-manager.io/v1 +kind: Certificate +metadata: + name: argocd-operator-serving-cert + namespace: argocd-operator-system +spec: + dnsNames: + - argocd-operator-webhook-service.argocd-operator-system.svc + - argocd-operator-webhook-service.argocd-operator-system.svc.cluster.local + issuerRef: + kind: Issuer + name: argocd-operator-selfsigned-issuer + secretName: webhook-server-cert +--- +apiVersion: cert-manager.io/v1 +kind: Issuer +metadata: + name: argocd-operator-selfsigned-issuer + namespace: argocd-operator-system +spec: + selfSigned: {} diff --git a/data/argoproj-labs_argocd-operator/cert-manager.yaml b/data/argoproj-labs_argocd-operator/cert-manager.yaml new file mode 100644 index 0000000000..99ead88532 --- /dev/null +++ b/data/argoproj-labs_argocd-operator/cert-manager.yaml @@ -0,0 +1,5840 @@ +# Copyright 2022 The cert-manager Authors. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +kind: Namespace +metadata: + name: cert-manager +--- +# Source: cert-manager/templates/crds.yaml +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: certificaterequests.cert-manager.io + labels: + app: 'cert-manager' + app.kubernetes.io/name: 'cert-manager' + app.kubernetes.io/instance: 'cert-manager' + # Generated labels + app.kubernetes.io/version: "v1.14.1" +spec: + group: cert-manager.io + names: + kind: CertificateRequest + listKind: CertificateRequestList + plural: certificaterequests + shortNames: + - cr + - crs + singular: certificaterequest + categories: + - cert-manager + scope: Namespaced + versions: + - name: v1 + subresources: + status: {} + additionalPrinterColumns: + - jsonPath: .status.conditions[?(@.type=="Approved")].status + name: Approved + type: string + - jsonPath: .status.conditions[?(@.type=="Denied")].status + name: Denied + type: string + - jsonPath: .status.conditions[?(@.type=="Ready")].status + name: Ready + type: string + - jsonPath: .spec.issuerRef.name + name: Issuer + type: string + - jsonPath: .spec.username + name: Requestor + type: string + - jsonPath: .status.conditions[?(@.type=="Ready")].message + name: Status + priority: 1 + type: string + - jsonPath: .metadata.creationTimestamp + description: CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC. + name: Age + type: date + schema: + openAPIV3Schema: + description: "A CertificateRequest is used to request a signed certificate from one of the configured issuers. \n All fields within the CertificateRequest's `spec` are immutable after creation. A CertificateRequest will either succeed or fail, as denoted by its `Ready` status condition and its `status.failureTime` field. \n A CertificateRequest is a one-shot resource, meaning it represents a single point in time request for a certificate and cannot be re-used." + type: object + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: Specification of the desired state of the CertificateRequest resource. https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status + type: object + required: + - issuerRef + - request + properties: + duration: + description: Requested 'duration' (i.e. lifetime) of the Certificate. Note that the issuer may choose to ignore the requested duration, just like any other requested attribute. + type: string + extra: + description: Extra contains extra attributes of the user that created the CertificateRequest. Populated by the cert-manager webhook on creation and immutable. + type: object + additionalProperties: + type: array + items: + type: string + groups: + description: Groups contains group membership of the user that created the CertificateRequest. Populated by the cert-manager webhook on creation and immutable. + type: array + items: + type: string + x-kubernetes-list-type: atomic + isCA: + description: "Requested basic constraints isCA value. Note that the issuer may choose to ignore the requested isCA value, just like any other requested attribute. \n NOTE: If the CSR in the `Request` field has a BasicConstraints extension, it must have the same isCA value as specified here. \n If true, this will automatically add the `cert sign` usage to the list of requested `usages`." + type: boolean + issuerRef: + description: "Reference to the issuer responsible for issuing the certificate. If the issuer is namespace-scoped, it must be in the same namespace as the Certificate. If the issuer is cluster-scoped, it can be used from any namespace. \n The `name` field of the reference must always be specified." + type: object + required: + - name + properties: + group: + description: Group of the resource being referred to. + type: string + kind: + description: Kind of the resource being referred to. + type: string + name: + description: Name of the resource being referred to. + type: string + request: + description: "The PEM-encoded X.509 certificate signing request to be submitted to the issuer for signing. \n If the CSR has a BasicConstraints extension, its isCA attribute must match the `isCA` value of this CertificateRequest. If the CSR has a KeyUsage extension, its key usages must match the key usages in the `usages` field of this CertificateRequest. If the CSR has a ExtKeyUsage extension, its extended key usages must match the extended key usages in the `usages` field of this CertificateRequest." + type: string + format: byte + uid: + description: UID contains the uid of the user that created the CertificateRequest. Populated by the cert-manager webhook on creation and immutable. + type: string + usages: + description: "Requested key usages and extended key usages. \n NOTE: If the CSR in the `Request` field has uses the KeyUsage or ExtKeyUsage extension, these extensions must have the same values as specified here without any additional values. \n If unset, defaults to `digital signature` and `key encipherment`." + type: array + items: + description: "KeyUsage specifies valid usage contexts for keys. See: https://tools.ietf.org/html/rfc5280#section-4.2.1.3 https://tools.ietf.org/html/rfc5280#section-4.2.1.12 \n Valid KeyUsage values are as follows: \"signing\", \"digital signature\", \"content commitment\", \"key encipherment\", \"key agreement\", \"data encipherment\", \"cert sign\", \"crl sign\", \"encipher only\", \"decipher only\", \"any\", \"server auth\", \"client auth\", \"code signing\", \"email protection\", \"s/mime\", \"ipsec end system\", \"ipsec tunnel\", \"ipsec user\", \"timestamping\", \"ocsp signing\", \"microsoft sgc\", \"netscape sgc\"" + type: string + enum: + - signing + - digital signature + - content commitment + - key encipherment + - key agreement + - data encipherment + - cert sign + - crl sign + - encipher only + - decipher only + - any + - server auth + - client auth + - code signing + - email protection + - s/mime + - ipsec end system + - ipsec tunnel + - ipsec user + - timestamping + - ocsp signing + - microsoft sgc + - netscape sgc + username: + description: Username contains the name of the user that created the CertificateRequest. Populated by the cert-manager webhook on creation and immutable. + type: string + status: + description: 'Status of the CertificateRequest. This is set and managed automatically. Read-only. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status' + type: object + properties: + ca: + description: The PEM encoded X.509 certificate of the signer, also known as the CA (Certificate Authority). This is set on a best-effort basis by different issuers. If not set, the CA is assumed to be unknown/not available. + type: string + format: byte + certificate: + description: The PEM encoded X.509 certificate resulting from the certificate signing request. If not set, the CertificateRequest has either not been completed or has failed. More information on failure can be found by checking the `conditions` field. + type: string + format: byte + conditions: + description: List of status conditions to indicate the status of a CertificateRequest. Known condition types are `Ready`, `InvalidRequest`, `Approved` and `Denied`. + type: array + items: + description: CertificateRequestCondition contains condition information for a CertificateRequest. + type: object + required: + - status + - type + properties: + lastTransitionTime: + description: LastTransitionTime is the timestamp corresponding to the last status change of this condition. + type: string + format: date-time + message: + description: Message is a human readable description of the details of the last transition, complementing reason. + type: string + reason: + description: Reason is a brief machine readable explanation for the condition's last transition. + type: string + status: + description: Status of the condition, one of (`True`, `False`, `Unknown`). + type: string + enum: + - "True" + - "False" + - Unknown + type: + description: Type of the condition, known values are (`Ready`, `InvalidRequest`, `Approved`, `Denied`). + type: string + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map + failureTime: + description: FailureTime stores the time that this CertificateRequest failed. This is used to influence garbage collection and back-off. + type: string + format: date-time + served: true + storage: true +--- +# Source: cert-manager/templates/crds.yaml +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: certificates.cert-manager.io + labels: + app: 'cert-manager' + app.kubernetes.io/name: 'cert-manager' + app.kubernetes.io/instance: 'cert-manager' + # Generated labels + app.kubernetes.io/version: "v1.14.1" +spec: + group: cert-manager.io + names: + kind: Certificate + listKind: CertificateList + plural: certificates + shortNames: + - cert + - certs + singular: certificate + categories: + - cert-manager + scope: Namespaced + versions: + - name: v1 + subresources: + status: {} + additionalPrinterColumns: + - jsonPath: .status.conditions[?(@.type=="Ready")].status + name: Ready + type: string + - jsonPath: .spec.secretName + name: Secret + type: string + - jsonPath: .spec.issuerRef.name + name: Issuer + priority: 1 + type: string + - jsonPath: .status.conditions[?(@.type=="Ready")].message + name: Status + priority: 1 + type: string + - jsonPath: .metadata.creationTimestamp + description: CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC. + name: Age + type: date + schema: + openAPIV3Schema: + description: "A Certificate resource should be created to ensure an up to date and signed X.509 certificate is stored in the Kubernetes Secret resource named in `spec.secretName`. \n The stored certificate will be renewed before it expires (as configured by `spec.renewBefore`)." + type: object + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: Specification of the desired state of the Certificate resource. https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status + type: object + required: + - issuerRef + - secretName + properties: + additionalOutputFormats: + description: "Defines extra output formats of the private key and signed certificate chain to be written to this Certificate's target Secret. \n This is an Alpha Feature and is only enabled with the `--feature-gates=AdditionalCertificateOutputFormats=true` option set on both the controller and webhook components." + type: array + items: + description: CertificateAdditionalOutputFormat defines an additional output format of a Certificate resource. These contain supplementary data formats of the signed certificate chain and paired private key. + type: object + required: + - type + properties: + type: + description: Type is the name of the format type that should be written to the Certificate's target Secret. + type: string + enum: + - DER + - CombinedPEM + commonName: + description: "Requested common name X509 certificate subject attribute. More info: https://datatracker.ietf.org/doc/html/rfc5280#section-4.1.2.6 NOTE: TLS clients will ignore this value when any subject alternative name is set (see https://tools.ietf.org/html/rfc6125#section-6.4.4). \n Should have a length of 64 characters or fewer to avoid generating invalid CSRs. Cannot be set if the `literalSubject` field is set." + type: string + dnsNames: + description: Requested DNS subject alternative names. + type: array + items: + type: string + duration: + description: "Requested 'duration' (i.e. lifetime) of the Certificate. Note that the issuer may choose to ignore the requested duration, just like any other requested attribute. \n If unset, this defaults to 90 days. Minimum accepted duration is 1 hour. Value must be in units accepted by Go time.ParseDuration https://golang.org/pkg/time/#ParseDuration." + type: string + emailAddresses: + description: Requested email subject alternative names. + type: array + items: + type: string + encodeUsagesInRequest: + description: "Whether the KeyUsage and ExtKeyUsage extensions should be set in the encoded CSR. \n This option defaults to true, and should only be disabled if the target issuer does not support CSRs with these X509 KeyUsage/ ExtKeyUsage extensions." + type: boolean + ipAddresses: + description: Requested IP address subject alternative names. + type: array + items: + type: string + isCA: + description: "Requested basic constraints isCA value. The isCA value is used to set the `isCA` field on the created CertificateRequest resources. Note that the issuer may choose to ignore the requested isCA value, just like any other requested attribute. \n If true, this will automatically add the `cert sign` usage to the list of requested `usages`." + type: boolean + issuerRef: + description: "Reference to the issuer responsible for issuing the certificate. If the issuer is namespace-scoped, it must be in the same namespace as the Certificate. If the issuer is cluster-scoped, it can be used from any namespace. \n The `name` field of the reference must always be specified." + type: object + required: + - name + properties: + group: + description: Group of the resource being referred to. + type: string + kind: + description: Kind of the resource being referred to. + type: string + name: + description: Name of the resource being referred to. + type: string + keystores: + description: Additional keystore output formats to be stored in the Certificate's Secret. + type: object + properties: + jks: + description: JKS configures options for storing a JKS keystore in the `spec.secretName` Secret resource. + type: object + required: + - create + - passwordSecretRef + properties: + create: + description: Create enables JKS keystore creation for the Certificate. If true, a file named `keystore.jks` will be created in the target Secret resource, encrypted using the password stored in `passwordSecretRef`. The keystore file will be updated immediately. If the issuer provided a CA certificate, a file named `truststore.jks` will also be created in the target Secret resource, encrypted using the password stored in `passwordSecretRef` containing the issuing Certificate Authority + type: boolean + passwordSecretRef: + description: PasswordSecretRef is a reference to a key in a Secret resource containing the password used to encrypt the JKS keystore. + type: object + required: + - name + properties: + key: + description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. + type: string + name: + description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + pkcs12: + description: PKCS12 configures options for storing a PKCS12 keystore in the `spec.secretName` Secret resource. + type: object + required: + - create + - passwordSecretRef + properties: + create: + description: Create enables PKCS12 keystore creation for the Certificate. If true, a file named `keystore.p12` will be created in the target Secret resource, encrypted using the password stored in `passwordSecretRef`. The keystore file will be updated immediately. If the issuer provided a CA certificate, a file named `truststore.p12` will also be created in the target Secret resource, encrypted using the password stored in `passwordSecretRef` containing the issuing Certificate Authority + type: boolean + passwordSecretRef: + description: PasswordSecretRef is a reference to a key in a Secret resource containing the password used to encrypt the PKCS12 keystore. + type: object + required: + - name + properties: + key: + description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. + type: string + name: + description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + profile: + description: "Profile specifies the key and certificate encryption algorithms and the HMAC algorithm used to create the PKCS12 keystore. Default value is `LegacyRC2` for backward compatibility. \n If provided, allowed values are: `LegacyRC2`: Deprecated. Not supported by default in OpenSSL 3 or Java 20. `LegacyDES`: Less secure algorithm. Use this option for maximal compatibility. `Modern2023`: Secure algorithm. Use this option in case you have to always use secure algorithms (eg. because of company policy). Please note that the security of the algorithm is not that important in reality, because the unencrypted certificate and private key are also stored in the Secret." + type: string + enum: + - LegacyRC2 + - LegacyDES + - Modern2023 + literalSubject: + description: "Requested X.509 certificate subject, represented using the LDAP \"String Representation of a Distinguished Name\" [1]. Important: the LDAP string format also specifies the order of the attributes in the subject, this is important when issuing certs for LDAP authentication. Example: `CN=foo,DC=corp,DC=example,DC=com` More info [1]: https://datatracker.ietf.org/doc/html/rfc4514 More info: https://github.com/cert-manager/cert-manager/issues/3203 More info: https://github.com/cert-manager/cert-manager/issues/4424 \n Cannot be set if the `subject` or `commonName` field is set. This is an Alpha Feature and is only enabled with the `--feature-gates=LiteralCertificateSubject=true` option set on both the controller and webhook components." + type: string + nameConstraints: + description: "x.509 certificate NameConstraint extension which MUST NOT be used in a non-CA certificate. More Info: https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.10 \n This is an Alpha Feature and is only enabled with the `--feature-gates=NameConstraints=true` option set on both the controller and webhook components." + type: object + properties: + critical: + description: if true then the name constraints are marked critical. + type: boolean + excluded: + description: Excluded contains the constraints which must be disallowed. Any name matching a restriction in the excluded field is invalid regardless of information appearing in the permitted + type: object + properties: + dnsDomains: + description: DNSDomains is a list of DNS domains that are permitted or excluded. + type: array + items: + type: string + emailAddresses: + description: EmailAddresses is a list of Email Addresses that are permitted or excluded. + type: array + items: + type: string + ipRanges: + description: IPRanges is a list of IP Ranges that are permitted or excluded. This should be a valid CIDR notation. + type: array + items: + type: string + uriDomains: + description: URIDomains is a list of URI domains that are permitted or excluded. + type: array + items: + type: string + permitted: + description: Permitted contains the constraints in which the names must be located. + type: object + properties: + dnsDomains: + description: DNSDomains is a list of DNS domains that are permitted or excluded. + type: array + items: + type: string + emailAddresses: + description: EmailAddresses is a list of Email Addresses that are permitted or excluded. + type: array + items: + type: string + ipRanges: + description: IPRanges is a list of IP Ranges that are permitted or excluded. This should be a valid CIDR notation. + type: array + items: + type: string + uriDomains: + description: URIDomains is a list of URI domains that are permitted or excluded. + type: array + items: + type: string + otherNames: + description: '`otherNames` is an escape hatch for SAN that allows any type. We currently restrict the support to string like otherNames, cf RFC 5280 p 37 Any UTF8 String valued otherName can be passed with by setting the keys oid: x.x.x.x and UTF8Value: somevalue for `otherName`. Most commonly this would be UPN set with oid: 1.3.6.1.4.1.311.20.2.3 You should ensure that any OID passed is valid for the UTF8String type as we do not explicitly validate this.' + type: array + items: + type: object + properties: + oid: + description: OID is the object identifier for the otherName SAN. The object identifier must be expressed as a dotted string, for example, "1.2.840.113556.1.4.221". + type: string + utf8Value: + description: utf8Value is the string value of the otherName SAN. The utf8Value accepts any valid UTF8 string to set as value for the otherName SAN. + type: string + privateKey: + description: Private key options. These include the key algorithm and size, the used encoding and the rotation policy. + type: object + properties: + algorithm: + description: "Algorithm is the private key algorithm of the corresponding private key for this certificate. \n If provided, allowed values are either `RSA`, `ECDSA` or `Ed25519`. If `algorithm` is specified and `size` is not provided, key size of 2048 will be used for `RSA` key algorithm and key size of 256 will be used for `ECDSA` key algorithm. key size is ignored when using the `Ed25519` key algorithm." + type: string + enum: + - RSA + - ECDSA + - Ed25519 + encoding: + description: "The private key cryptography standards (PKCS) encoding for this certificate's private key to be encoded in. \n If provided, allowed values are `PKCS1` and `PKCS8` standing for PKCS#1 and PKCS#8, respectively. Defaults to `PKCS1` if not specified." + type: string + enum: + - PKCS1 + - PKCS8 + rotationPolicy: + description: "RotationPolicy controls how private keys should be regenerated when a re-issuance is being processed. \n If set to `Never`, a private key will only be generated if one does not already exist in the target `spec.secretName`. If one does exists but it does not have the correct algorithm or size, a warning will be raised to await user intervention. If set to `Always`, a private key matching the specified requirements will be generated whenever a re-issuance occurs. Default is `Never` for backward compatibility." + type: string + enum: + - Never + - Always + size: + description: "Size is the key bit size of the corresponding private key for this certificate. \n If `algorithm` is set to `RSA`, valid values are `2048`, `4096` or `8192`, and will default to `2048` if not specified. If `algorithm` is set to `ECDSA`, valid values are `256`, `384` or `521`, and will default to `256` if not specified. If `algorithm` is set to `Ed25519`, Size is ignored. No other values are allowed." + type: integer + renewBefore: + description: "How long before the currently issued certificate's expiry cert-manager should renew the certificate. For example, if a certificate is valid for 60 minutes, and `renewBefore=10m`, cert-manager will begin to attempt to renew the certificate 50 minutes after it was issued (i.e. when there are 10 minutes remaining until the certificate is no longer valid). \n NOTE: The actual lifetime of the issued certificate is used to determine the renewal time. If an issuer returns a certificate with a different lifetime than the one requested, cert-manager will use the lifetime of the issued certificate. \n If unset, this defaults to 1/3 of the issued certificate's lifetime. Minimum accepted value is 5 minutes. Value must be in units accepted by Go time.ParseDuration https://golang.org/pkg/time/#ParseDuration." + type: string + revisionHistoryLimit: + description: "The maximum number of CertificateRequest revisions that are maintained in the Certificate's history. Each revision represents a single `CertificateRequest` created by this Certificate, either when it was created, renewed, or Spec was changed. Revisions will be removed by oldest first if the number of revisions exceeds this number. \n If set, revisionHistoryLimit must be a value of `1` or greater. If unset (`nil`), revisions will not be garbage collected. Default value is `nil`." + type: integer + format: int32 + secretName: + description: Name of the Secret resource that will be automatically created and managed by this Certificate resource. It will be populated with a private key and certificate, signed by the denoted issuer. The Secret resource lives in the same namespace as the Certificate resource. + type: string + secretTemplate: + description: Defines annotations and labels to be copied to the Certificate's Secret. Labels and annotations on the Secret will be changed as they appear on the SecretTemplate when added or removed. SecretTemplate annotations are added in conjunction with, and cannot overwrite, the base set of annotations cert-manager sets on the Certificate's Secret. + type: object + properties: + annotations: + description: Annotations is a key value map to be copied to the target Kubernetes Secret. + type: object + additionalProperties: + type: string + labels: + description: Labels is a key value map to be copied to the target Kubernetes Secret. + type: object + additionalProperties: + type: string + subject: + description: "Requested set of X509 certificate subject attributes. More info: https://datatracker.ietf.org/doc/html/rfc5280#section-4.1.2.6 \n The common name attribute is specified separately in the `commonName` field. Cannot be set if the `literalSubject` field is set." + type: object + properties: + countries: + description: Countries to be used on the Certificate. + type: array + items: + type: string + localities: + description: Cities to be used on the Certificate. + type: array + items: + type: string + organizationalUnits: + description: Organizational Units to be used on the Certificate. + type: array + items: + type: string + organizations: + description: Organizations to be used on the Certificate. + type: array + items: + type: string + postalCodes: + description: Postal codes to be used on the Certificate. + type: array + items: + type: string + provinces: + description: State/Provinces to be used on the Certificate. + type: array + items: + type: string + serialNumber: + description: Serial number to be used on the Certificate. + type: string + streetAddresses: + description: Street addresses to be used on the Certificate. + type: array + items: + type: string + uris: + description: Requested URI subject alternative names. + type: array + items: + type: string + usages: + description: "Requested key usages and extended key usages. These usages are used to set the `usages` field on the created CertificateRequest resources. If `encodeUsagesInRequest` is unset or set to `true`, the usages will additionally be encoded in the `request` field which contains the CSR blob. \n If unset, defaults to `digital signature` and `key encipherment`." + type: array + items: + description: "KeyUsage specifies valid usage contexts for keys. See: https://tools.ietf.org/html/rfc5280#section-4.2.1.3 https://tools.ietf.org/html/rfc5280#section-4.2.1.12 \n Valid KeyUsage values are as follows: \"signing\", \"digital signature\", \"content commitment\", \"key encipherment\", \"key agreement\", \"data encipherment\", \"cert sign\", \"crl sign\", \"encipher only\", \"decipher only\", \"any\", \"server auth\", \"client auth\", \"code signing\", \"email protection\", \"s/mime\", \"ipsec end system\", \"ipsec tunnel\", \"ipsec user\", \"timestamping\", \"ocsp signing\", \"microsoft sgc\", \"netscape sgc\"" + type: string + enum: + - signing + - digital signature + - content commitment + - key encipherment + - key agreement + - data encipherment + - cert sign + - crl sign + - encipher only + - decipher only + - any + - server auth + - client auth + - code signing + - email protection + - s/mime + - ipsec end system + - ipsec tunnel + - ipsec user + - timestamping + - ocsp signing + - microsoft sgc + - netscape sgc + status: + description: 'Status of the Certificate. This is set and managed automatically. Read-only. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status' + type: object + properties: + conditions: + description: List of status conditions to indicate the status of certificates. Known condition types are `Ready` and `Issuing`. + type: array + items: + description: CertificateCondition contains condition information for an Certificate. + type: object + required: + - status + - type + properties: + lastTransitionTime: + description: LastTransitionTime is the timestamp corresponding to the last status change of this condition. + type: string + format: date-time + message: + description: Message is a human readable description of the details of the last transition, complementing reason. + type: string + observedGeneration: + description: If set, this represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.condition[x].observedGeneration is 9, the condition is out of date with respect to the current state of the Certificate. + type: integer + format: int64 + reason: + description: Reason is a brief machine readable explanation for the condition's last transition. + type: string + status: + description: Status of the condition, one of (`True`, `False`, `Unknown`). + type: string + enum: + - "True" + - "False" + - Unknown + type: + description: Type of the condition, known values are (`Ready`, `Issuing`). + type: string + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map + failedIssuanceAttempts: + description: The number of continuous failed issuance attempts up till now. This field gets removed (if set) on a successful issuance and gets set to 1 if unset and an issuance has failed. If an issuance has failed, the delay till the next issuance will be calculated using formula time.Hour * 2 ^ (failedIssuanceAttempts - 1). + type: integer + lastFailureTime: + description: LastFailureTime is set only if the lastest issuance for this Certificate failed and contains the time of the failure. If an issuance has failed, the delay till the next issuance will be calculated using formula time.Hour * 2 ^ (failedIssuanceAttempts - 1). If the latest issuance has succeeded this field will be unset. + type: string + format: date-time + nextPrivateKeySecretName: + description: The name of the Secret resource containing the private key to be used for the next certificate iteration. The keymanager controller will automatically set this field if the `Issuing` condition is set to `True`. It will automatically unset this field when the Issuing condition is not set or False. + type: string + notAfter: + description: The expiration time of the certificate stored in the secret named by this resource in `spec.secretName`. + type: string + format: date-time + notBefore: + description: The time after which the certificate stored in the secret named by this resource in `spec.secretName` is valid. + type: string + format: date-time + renewalTime: + description: RenewalTime is the time at which the certificate will be next renewed. If not set, no upcoming renewal is scheduled. + type: string + format: date-time + revision: + description: "The current 'revision' of the certificate as issued. \n When a CertificateRequest resource is created, it will have the `cert-manager.io/certificate-revision` set to one greater than the current value of this field. \n Upon issuance, this field will be set to the value of the annotation on the CertificateRequest resource used to issue the certificate. \n Persisting the value on the CertificateRequest resource allows the certificates controller to know whether a request is part of an old issuance or if it is part of the ongoing revision's issuance by checking if the revision value in the annotation is greater than this field." + type: integer + served: true + storage: true +--- +# Source: cert-manager/templates/crds.yaml +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: challenges.acme.cert-manager.io + labels: + app: 'cert-manager' + app.kubernetes.io/name: 'cert-manager' + app.kubernetes.io/instance: 'cert-manager' + # Generated labels + app.kubernetes.io/version: "v1.14.1" +spec: + group: acme.cert-manager.io + names: + kind: Challenge + listKind: ChallengeList + plural: challenges + singular: challenge + categories: + - cert-manager + - cert-manager-acme + scope: Namespaced + versions: + - additionalPrinterColumns: + - jsonPath: .status.state + name: State + type: string + - jsonPath: .spec.dnsName + name: Domain + type: string + - jsonPath: .status.reason + name: Reason + priority: 1 + type: string + - description: CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC. + jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1 + schema: + openAPIV3Schema: + description: Challenge is a type to represent a Challenge request with an ACME server + type: object + required: + - metadata + - spec + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + type: object + required: + - authorizationURL + - dnsName + - issuerRef + - key + - solver + - token + - type + - url + properties: + authorizationURL: + description: The URL to the ACME Authorization resource that this challenge is a part of. + type: string + dnsName: + description: dnsName is the identifier that this challenge is for, e.g. example.com. If the requested DNSName is a 'wildcard', this field MUST be set to the non-wildcard domain, e.g. for `*.example.com`, it must be `example.com`. + type: string + issuerRef: + description: References a properly configured ACME-type Issuer which should be used to create this Challenge. If the Issuer does not exist, processing will be retried. If the Issuer is not an 'ACME' Issuer, an error will be returned and the Challenge will be marked as failed. + type: object + required: + - name + properties: + group: + description: Group of the resource being referred to. + type: string + kind: + description: Kind of the resource being referred to. + type: string + name: + description: Name of the resource being referred to. + type: string + key: + description: 'The ACME challenge key for this challenge For HTTP01 challenges, this is the value that must be responded with to complete the HTTP01 challenge in the format: `.`. For DNS01 challenges, this is the base64 encoded SHA256 sum of the `.` text that must be set as the TXT record content.' + type: string + solver: + description: Contains the domain solving configuration that should be used to solve this challenge resource. + type: object + properties: + dns01: + description: Configures cert-manager to attempt to complete authorizations by performing the DNS01 challenge flow. + type: object + properties: + acmeDNS: + description: Use the 'ACME DNS' (https://github.com/joohoi/acme-dns) API to manage DNS01 challenge records. + type: object + required: + - accountSecretRef + - host + properties: + accountSecretRef: + description: A reference to a specific 'key' within a Secret resource. In some instances, `key` is a required field. + type: object + required: + - name + properties: + key: + description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. + type: string + name: + description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + host: + type: string + akamai: + description: Use the Akamai DNS zone management API to manage DNS01 challenge records. + type: object + required: + - accessTokenSecretRef + - clientSecretSecretRef + - clientTokenSecretRef + - serviceConsumerDomain + properties: + accessTokenSecretRef: + description: A reference to a specific 'key' within a Secret resource. In some instances, `key` is a required field. + type: object + required: + - name + properties: + key: + description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. + type: string + name: + description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + clientSecretSecretRef: + description: A reference to a specific 'key' within a Secret resource. In some instances, `key` is a required field. + type: object + required: + - name + properties: + key: + description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. + type: string + name: + description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + clientTokenSecretRef: + description: A reference to a specific 'key' within a Secret resource. In some instances, `key` is a required field. + type: object + required: + - name + properties: + key: + description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. + type: string + name: + description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + serviceConsumerDomain: + type: string + azureDNS: + description: Use the Microsoft Azure DNS API to manage DNS01 challenge records. + type: object + required: + - resourceGroupName + - subscriptionID + properties: + clientID: + description: 'Auth: Azure Service Principal: The ClientID of the Azure Service Principal used to authenticate with Azure DNS. If set, ClientSecret and TenantID must also be set.' + type: string + clientSecretSecretRef: + description: 'Auth: Azure Service Principal: A reference to a Secret containing the password associated with the Service Principal. If set, ClientID and TenantID must also be set.' + type: object + required: + - name + properties: + key: + description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. + type: string + name: + description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + environment: + description: name of the Azure environment (default AzurePublicCloud) + type: string + enum: + - AzurePublicCloud + - AzureChinaCloud + - AzureGermanCloud + - AzureUSGovernmentCloud + hostedZoneName: + description: name of the DNS zone that should be used + type: string + managedIdentity: + description: 'Auth: Azure Workload Identity or Azure Managed Service Identity: Settings to enable Azure Workload Identity or Azure Managed Service Identity If set, ClientID, ClientSecret and TenantID must not be set.' + type: object + properties: + clientID: + description: client ID of the managed identity, can not be used at the same time as resourceID + type: string + resourceID: + description: resource ID of the managed identity, can not be used at the same time as clientID Cannot be used for Azure Managed Service Identity + type: string + resourceGroupName: + description: resource group the DNS zone is located in + type: string + subscriptionID: + description: ID of the Azure subscription + type: string + tenantID: + description: 'Auth: Azure Service Principal: The TenantID of the Azure Service Principal used to authenticate with Azure DNS. If set, ClientID and ClientSecret must also be set.' + type: string + cloudDNS: + description: Use the Google Cloud DNS API to manage DNS01 challenge records. + type: object + required: + - project + properties: + hostedZoneName: + description: HostedZoneName is an optional field that tells cert-manager in which Cloud DNS zone the challenge record has to be created. If left empty cert-manager will automatically choose a zone. + type: string + project: + type: string + serviceAccountSecretRef: + description: A reference to a specific 'key' within a Secret resource. In some instances, `key` is a required field. + type: object + required: + - name + properties: + key: + description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. + type: string + name: + description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + cloudflare: + description: Use the Cloudflare API to manage DNS01 challenge records. + type: object + properties: + apiKeySecretRef: + description: 'API key to use to authenticate with Cloudflare. Note: using an API token to authenticate is now the recommended method as it allows greater control of permissions.' + type: object + required: + - name + properties: + key: + description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. + type: string + name: + description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + apiTokenSecretRef: + description: API token used to authenticate with Cloudflare. + type: object + required: + - name + properties: + key: + description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. + type: string + name: + description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + email: + description: Email of the account, only required when using API key based authentication. + type: string + cnameStrategy: + description: CNAMEStrategy configures how the DNS01 provider should handle CNAME records when found in DNS zones. + type: string + enum: + - None + - Follow + digitalocean: + description: Use the DigitalOcean DNS API to manage DNS01 challenge records. + type: object + required: + - tokenSecretRef + properties: + tokenSecretRef: + description: A reference to a specific 'key' within a Secret resource. In some instances, `key` is a required field. + type: object + required: + - name + properties: + key: + description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. + type: string + name: + description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + rfc2136: + description: Use RFC2136 ("Dynamic Updates in the Domain Name System") (https://datatracker.ietf.org/doc/rfc2136/) to manage DNS01 challenge records. + type: object + required: + - nameserver + properties: + nameserver: + description: The IP address or hostname of an authoritative DNS server supporting RFC2136 in the form host:port. If the host is an IPv6 address it must be enclosed in square brackets (e.g [2001:db8::1]) ; port is optional. This field is required. + type: string + tsigAlgorithm: + description: 'The TSIG Algorithm configured in the DNS supporting RFC2136. Used only when ``tsigSecretSecretRef`` and ``tsigKeyName`` are defined. Supported values are (case-insensitive): ``HMACMD5`` (default), ``HMACSHA1``, ``HMACSHA256`` or ``HMACSHA512``.' + type: string + tsigKeyName: + description: The TSIG Key name configured in the DNS. If ``tsigSecretSecretRef`` is defined, this field is required. + type: string + tsigSecretSecretRef: + description: The name of the secret containing the TSIG value. If ``tsigKeyName`` is defined, this field is required. + type: object + required: + - name + properties: + key: + description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. + type: string + name: + description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + route53: + description: Use the AWS Route53 API to manage DNS01 challenge records. + type: object + required: + - region + properties: + accessKeyID: + description: 'The AccessKeyID is used for authentication. Cannot be set when SecretAccessKeyID is set. If neither the Access Key nor Key ID are set, we fall-back to using env vars, shared credentials file or AWS Instance metadata, see: https://docs.aws.amazon.com/sdk-for-go/v1/developer-guide/configuring-sdk.html#specifying-credentials' + type: string + accessKeyIDSecretRef: + description: 'The SecretAccessKey is used for authentication. If set, pull the AWS access key ID from a key within a Kubernetes Secret. Cannot be set when AccessKeyID is set. If neither the Access Key nor Key ID are set, we fall-back to using env vars, shared credentials file or AWS Instance metadata, see: https://docs.aws.amazon.com/sdk-for-go/v1/developer-guide/configuring-sdk.html#specifying-credentials' + type: object + required: + - name + properties: + key: + description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. + type: string + name: + description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + hostedZoneID: + description: If set, the provider will manage only this zone in Route53 and will not do an lookup using the route53:ListHostedZonesByName api call. + type: string + region: + description: Always set the region when using AccessKeyID and SecretAccessKey + type: string + role: + description: Role is a Role ARN which the Route53 provider will assume using either the explicit credentials AccessKeyID/SecretAccessKey or the inferred credentials from environment variables, shared credentials file or AWS Instance metadata + type: string + secretAccessKeySecretRef: + description: 'The SecretAccessKey is used for authentication. If neither the Access Key nor Key ID are set, we fall-back to using env vars, shared credentials file or AWS Instance metadata, see: https://docs.aws.amazon.com/sdk-for-go/v1/developer-guide/configuring-sdk.html#specifying-credentials' + type: object + required: + - name + properties: + key: + description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. + type: string + name: + description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + webhook: + description: Configure an external webhook based DNS01 challenge solver to manage DNS01 challenge records. + type: object + required: + - groupName + - solverName + properties: + config: + description: Additional configuration that should be passed to the webhook apiserver when challenges are processed. This can contain arbitrary JSON data. Secret values should not be specified in this stanza. If secret values are needed (e.g. credentials for a DNS service), you should use a SecretKeySelector to reference a Secret resource. For details on the schema of this field, consult the webhook provider implementation's documentation. + x-kubernetes-preserve-unknown-fields: true + groupName: + description: The API group name that should be used when POSTing ChallengePayload resources to the webhook apiserver. This should be the same as the GroupName specified in the webhook provider implementation. + type: string + solverName: + description: The name of the solver to use, as defined in the webhook provider implementation. This will typically be the name of the provider, e.g. 'cloudflare'. + type: string + http01: + description: Configures cert-manager to attempt to complete authorizations by performing the HTTP01 challenge flow. It is not possible to obtain certificates for wildcard domain names (e.g. `*.example.com`) using the HTTP01 challenge mechanism. + type: object + properties: + gatewayHTTPRoute: + description: The Gateway API is a sig-network community API that models service networking in Kubernetes (https://gateway-api.sigs.k8s.io/). The Gateway solver will create HTTPRoutes with the specified labels in the same namespace as the challenge. This solver is experimental, and fields / behaviour may change in the future. + type: object + properties: + labels: + description: Custom labels that will be applied to HTTPRoutes created by cert-manager while solving HTTP-01 challenges. + type: object + additionalProperties: + type: string + parentRefs: + description: 'When solving an HTTP-01 challenge, cert-manager creates an HTTPRoute. cert-manager needs to know which parentRefs should be used when creating the HTTPRoute. Usually, the parentRef references a Gateway. See: https://gateway-api.sigs.k8s.io/api-types/httproute/#attaching-to-gateways' + type: array + items: + description: "ParentReference identifies an API object (usually a Gateway) that can be considered a parent of this resource (usually a route). There are two kinds of parent resources with \"Core\" support: \n * Gateway (Gateway conformance profile) * Service (Mesh conformance profile, experimental, ClusterIP Services only) \n This API may be extended in the future to support additional kinds of parent resources. \n The API object must be valid in the cluster; the Group and Kind must be registered in the cluster for this reference to be valid." + type: object + required: + - name + properties: + group: + description: "Group is the group of the referent. When unspecified, \"gateway.networking.k8s.io\" is inferred. To set the core API group (such as for a \"Service\" kind referent), Group must be explicitly set to \"\" (empty string). \n Support: Core" + type: string + default: gateway.networking.k8s.io + maxLength: 253 + pattern: ^$|^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ + kind: + description: "Kind is kind of the referent. \n There are two kinds of parent resources with \"Core\" support: \n * Gateway (Gateway conformance profile) * Service (Mesh conformance profile, experimental, ClusterIP Services only) \n Support for other resources is Implementation-Specific." + type: string + default: Gateway + maxLength: 63 + minLength: 1 + pattern: ^[a-zA-Z]([-a-zA-Z0-9]*[a-zA-Z0-9])?$ + name: + description: "Name is the name of the referent. \n Support: Core" + type: string + maxLength: 253 + minLength: 1 + namespace: + description: "Namespace is the namespace of the referent. When unspecified, this refers to the local namespace of the Route. \n Note that there are specific rules for ParentRefs which cross namespace boundaries. Cross-namespace references are only valid if they are explicitly allowed by something in the namespace they are referring to. For example: Gateway has the AllowedRoutes field, and ReferenceGrant provides a generic way to enable any other kind of cross-namespace reference. \n ParentRefs from a Route to a Service in the same namespace are \"producer\" routes, which apply default routing rules to inbound connections from any namespace to the Service. \n ParentRefs from a Route to a Service in a different namespace are \"consumer\" routes, and these routing rules are only applied to outbound connections originating from the same namespace as the Route, for which the intended destination of the connections are a Service targeted as a ParentRef of the Route. \n Support: Core" + type: string + maxLength: 63 + minLength: 1 + pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$ + port: + description: "Port is the network port this Route targets. It can be interpreted differently based on the type of parent resource. \n When the parent resource is a Gateway, this targets all listeners listening on the specified port that also support this kind of Route(and select this Route). It's not recommended to set `Port` unless the networking behaviors specified in a Route must apply to a specific port as opposed to a listener(s) whose port(s) may be changed. When both Port and SectionName are specified, the name and port of the selected listener must match both specified values. \n When the parent resource is a Service, this targets a specific port in the Service spec. When both Port (experimental) and SectionName are specified, the name and port of the selected port must match both specified values. \n Implementations MAY choose to support other parent resources. Implementations supporting other types of parent resources MUST clearly document how/if Port is interpreted. \n For the purpose of status, an attachment is considered successful as long as the parent resource accepts it partially. For example, Gateway listeners can restrict which Routes can attach to them by Route kind, namespace, or hostname. If 1 of 2 Gateway listeners accept attachment from the referencing Route, the Route MUST be considered successfully attached. If no Gateway listeners accept attachment from this Route, the Route MUST be considered detached from the Gateway. \n Support: Extended \n " + type: integer + format: int32 + maximum: 65535 + minimum: 1 + sectionName: + description: "SectionName is the name of a section within the target resource. In the following resources, SectionName is interpreted as the following: \n * Gateway: Listener Name. When both Port (experimental) and SectionName are specified, the name and port of the selected listener must match both specified values. * Service: Port Name. When both Port (experimental) and SectionName are specified, the name and port of the selected listener must match both specified values. Note that attaching Routes to Services as Parents is part of experimental Mesh support and is not supported for any other purpose. \n Implementations MAY choose to support attaching Routes to other resources. If that is the case, they MUST clearly document how SectionName is interpreted. \n When unspecified (empty string), this will reference the entire resource. For the purpose of status, an attachment is considered successful if at least one section in the parent resource accepts it. For example, Gateway listeners can restrict which Routes can attach to them by Route kind, namespace, or hostname. If 1 of 2 Gateway listeners accept attachment from the referencing Route, the Route MUST be considered successfully attached. If no Gateway listeners accept attachment from this Route, the Route MUST be considered detached from the Gateway. \n Support: Core" + type: string + maxLength: 253 + minLength: 1 + pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ + serviceType: + description: Optional service type for Kubernetes solver service. Supported values are NodePort or ClusterIP. If unset, defaults to NodePort. + type: string + ingress: + description: The ingress based HTTP01 challenge solver will solve challenges by creating or modifying Ingress resources in order to route requests for '/.well-known/acme-challenge/XYZ' to 'challenge solver' pods that are provisioned by cert-manager for each Challenge to be completed. + type: object + properties: + class: + description: This field configures the annotation `kubernetes.io/ingress.class` when creating Ingress resources to solve ACME challenges that use this challenge solver. Only one of `class`, `name` or `ingressClassName` may be specified. + type: string + ingressClassName: + description: This field configures the field `ingressClassName` on the created Ingress resources used to solve ACME challenges that use this challenge solver. This is the recommended way of configuring the ingress class. Only one of `class`, `name` or `ingressClassName` may be specified. + type: string + ingressTemplate: + description: Optional ingress template used to configure the ACME challenge solver ingress used for HTTP01 challenges. + type: object + properties: + metadata: + description: ObjectMeta overrides for the ingress used to solve HTTP01 challenges. Only the 'labels' and 'annotations' fields may be set. If labels or annotations overlap with in-built values, the values here will override the in-built values. + type: object + properties: + annotations: + description: Annotations that should be added to the created ACME HTTP01 solver ingress. + type: object + additionalProperties: + type: string + labels: + description: Labels that should be added to the created ACME HTTP01 solver ingress. + type: object + additionalProperties: + type: string + name: + description: The name of the ingress resource that should have ACME challenge solving routes inserted into it in order to solve HTTP01 challenges. This is typically used in conjunction with ingress controllers like ingress-gce, which maintains a 1:1 mapping between external IPs and ingress resources. Only one of `class`, `name` or `ingressClassName` may be specified. + type: string + podTemplate: + description: Optional pod template used to configure the ACME challenge solver pods used for HTTP01 challenges. + type: object + properties: + metadata: + description: ObjectMeta overrides for the pod used to solve HTTP01 challenges. Only the 'labels' and 'annotations' fields may be set. If labels or annotations overlap with in-built values, the values here will override the in-built values. + type: object + properties: + annotations: + description: Annotations that should be added to the create ACME HTTP01 solver pods. + type: object + additionalProperties: + type: string + labels: + description: Labels that should be added to the created ACME HTTP01 solver pods. + type: object + additionalProperties: + type: string + spec: + description: PodSpec defines overrides for the HTTP01 challenge solver pod. Check ACMEChallengeSolverHTTP01IngressPodSpec to find out currently supported fields. All other fields will be ignored. + type: object + properties: + affinity: + description: If specified, the pod's scheduling constraints + type: object + properties: + nodeAffinity: + description: Describes node affinity scheduling rules for the pod. + type: object + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node matches the corresponding matchExpressions; the node(s) with the highest sum are the most preferred. + type: array + items: + description: An empty preferred scheduling term matches all objects with implicit weight 0 (i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op). + type: object + required: + - preference + - weight + properties: + preference: + description: A node selector term, associated with the corresponding weight. + type: object + properties: + matchExpressions: + description: A list of node selector requirements by node's labels. + type: array + items: + description: A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + type: object + required: + - key + - operator + properties: + key: + description: The label key that the selector applies to. + type: string + operator: + description: Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + type: string + values: + description: An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. + type: array + items: + type: string + matchFields: + description: A list of node selector requirements by node's fields. + type: array + items: + description: A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + type: object + required: + - key + - operator + properties: + key: + description: The label key that the selector applies to. + type: string + operator: + description: Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + type: string + values: + description: An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. + type: array + items: + type: string + x-kubernetes-map-type: atomic + weight: + description: Weight associated with matching the corresponding nodeSelectorTerm, in the range 1-100. + type: integer + format: int32 + requiredDuringSchedulingIgnoredDuringExecution: + description: If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to an update), the system may or may not try to eventually evict the pod from its node. + type: object + required: + - nodeSelectorTerms + properties: + nodeSelectorTerms: + description: Required. A list of node selector terms. The terms are ORed. + type: array + items: + description: A null or empty node selector term matches no objects. The requirements of them are ANDed. The TopologySelectorTerm type implements a subset of the NodeSelectorTerm. + type: object + properties: + matchExpressions: + description: A list of node selector requirements by node's labels. + type: array + items: + description: A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + type: object + required: + - key + - operator + properties: + key: + description: The label key that the selector applies to. + type: string + operator: + description: Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + type: string + values: + description: An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. + type: array + items: + type: string + matchFields: + description: A list of node selector requirements by node's fields. + type: array + items: + description: A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + type: object + required: + - key + - operator + properties: + key: + description: The label key that the selector applies to. + type: string + operator: + description: Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + type: string + values: + description: An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. + type: array + items: + type: string + x-kubernetes-map-type: atomic + x-kubernetes-map-type: atomic + podAffinity: + description: Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s)). + type: object + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred. + type: array + items: + description: The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s) + type: object + required: + - podAffinityTerm + - weight + properties: + podAffinityTerm: + description: Required. A pod affinity term, associated with the corresponding weight. + type: object + required: + - topologyKey + properties: + labelSelector: + description: A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. + type: object + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. The requirements are ANDed. + type: array + items: + description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + type: object + required: + - key + - operator + properties: + key: + description: key is the label key that the selector applies to. + type: string + operator: + description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + type: array + items: + type: string + matchLabels: + description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + additionalProperties: + type: string + x-kubernetes-map-type: atomic + matchLabelKeys: + description: MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + type: array + items: + type: string + x-kubernetes-list-type: atomic + mismatchLabelKeys: + description: MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + type: array + items: + type: string + x-kubernetes-list-type: atomic + namespaceSelector: + description: A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. + type: object + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. The requirements are ANDed. + type: array + items: + description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + type: object + required: + - key + - operator + properties: + key: + description: key is the label key that the selector applies to. + type: string + operator: + description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + type: array + items: + type: string + matchLabels: + description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + additionalProperties: + type: string + x-kubernetes-map-type: atomic + namespaces: + description: namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace". + type: array + items: + type: string + topologyKey: + description: This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. + type: string + weight: + description: weight associated with matching the corresponding podAffinityTerm, in the range 1-100. + type: integer + format: int32 + requiredDuringSchedulingIgnoredDuringExecution: + description: If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied. + type: array + items: + description: Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running + type: object + required: + - topologyKey + properties: + labelSelector: + description: A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. + type: object + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. The requirements are ANDed. + type: array + items: + description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + type: object + required: + - key + - operator + properties: + key: + description: key is the label key that the selector applies to. + type: string + operator: + description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + type: array + items: + type: string + matchLabels: + description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + additionalProperties: + type: string + x-kubernetes-map-type: atomic + matchLabelKeys: + description: MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + type: array + items: + type: string + x-kubernetes-list-type: atomic + mismatchLabelKeys: + description: MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + type: array + items: + type: string + x-kubernetes-list-type: atomic + namespaceSelector: + description: A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. + type: object + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. The requirements are ANDed. + type: array + items: + description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + type: object + required: + - key + - operator + properties: + key: + description: key is the label key that the selector applies to. + type: string + operator: + description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + type: array + items: + type: string + matchLabels: + description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + additionalProperties: + type: string + x-kubernetes-map-type: atomic + namespaces: + description: namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace". + type: array + items: + type: string + topologyKey: + description: This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. + type: string + podAntiAffinity: + description: Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s)). + type: object + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule pods to nodes that satisfy the anti-affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling anti-affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred. + type: array + items: + description: The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s) + type: object + required: + - podAffinityTerm + - weight + properties: + podAffinityTerm: + description: Required. A pod affinity term, associated with the corresponding weight. + type: object + required: + - topologyKey + properties: + labelSelector: + description: A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. + type: object + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. The requirements are ANDed. + type: array + items: + description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + type: object + required: + - key + - operator + properties: + key: + description: key is the label key that the selector applies to. + type: string + operator: + description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + type: array + items: + type: string + matchLabels: + description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + additionalProperties: + type: string + x-kubernetes-map-type: atomic + matchLabelKeys: + description: MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + type: array + items: + type: string + x-kubernetes-list-type: atomic + mismatchLabelKeys: + description: MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + type: array + items: + type: string + x-kubernetes-list-type: atomic + namespaceSelector: + description: A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. + type: object + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. The requirements are ANDed. + type: array + items: + description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + type: object + required: + - key + - operator + properties: + key: + description: key is the label key that the selector applies to. + type: string + operator: + description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + type: array + items: + type: string + matchLabels: + description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + additionalProperties: + type: string + x-kubernetes-map-type: atomic + namespaces: + description: namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace". + type: array + items: + type: string + topologyKey: + description: This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. + type: string + weight: + description: weight associated with matching the corresponding podAffinityTerm, in the range 1-100. + type: integer + format: int32 + requiredDuringSchedulingIgnoredDuringExecution: + description: If the anti-affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the anti-affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied. + type: array + items: + description: Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running + type: object + required: + - topologyKey + properties: + labelSelector: + description: A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. + type: object + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. The requirements are ANDed. + type: array + items: + description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + type: object + required: + - key + - operator + properties: + key: + description: key is the label key that the selector applies to. + type: string + operator: + description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + type: array + items: + type: string + matchLabels: + description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + additionalProperties: + type: string + x-kubernetes-map-type: atomic + matchLabelKeys: + description: MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + type: array + items: + type: string + x-kubernetes-list-type: atomic + mismatchLabelKeys: + description: MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + type: array + items: + type: string + x-kubernetes-list-type: atomic + namespaceSelector: + description: A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. + type: object + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. The requirements are ANDed. + type: array + items: + description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + type: object + required: + - key + - operator + properties: + key: + description: key is the label key that the selector applies to. + type: string + operator: + description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + type: array + items: + type: string + matchLabels: + description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + additionalProperties: + type: string + x-kubernetes-map-type: atomic + namespaces: + description: namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace". + type: array + items: + type: string + topologyKey: + description: This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. + type: string + imagePullSecrets: + description: If specified, the pod's imagePullSecrets + type: array + items: + description: LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. + type: object + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + x-kubernetes-map-type: atomic + nodeSelector: + description: 'NodeSelector is a selector which must be true for the pod to fit on a node. Selector which must match a node''s labels for the pod to be scheduled on that node. More info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/' + type: object + additionalProperties: + type: string + priorityClassName: + description: If specified, the pod's priorityClassName. + type: string + serviceAccountName: + description: If specified, the pod's service account + type: string + tolerations: + description: If specified, the pod's tolerations. + type: array + items: + description: The pod this Toleration is attached to tolerates any taint that matches the triple using the matching operator . + type: object + properties: + effect: + description: Effect indicates the taint effect to match. Empty means match all taint effects. When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. + type: string + key: + description: Key is the taint key that the toleration applies to. Empty means match all taint keys. If the key is empty, operator must be Exists; this combination means to match all values and all keys. + type: string + operator: + description: Operator represents a key's relationship to the value. Valid operators are Exists and Equal. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category. + type: string + tolerationSeconds: + description: TolerationSeconds represents the period of time the toleration (which must be of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, it is not set, which means tolerate the taint forever (do not evict). Zero and negative values will be treated as 0 (evict immediately) by the system. + type: integer + format: int64 + value: + description: Value is the taint value the toleration matches to. If the operator is Exists, the value should be empty, otherwise just a regular string. + type: string + serviceType: + description: Optional service type for Kubernetes solver service. Supported values are NodePort or ClusterIP. If unset, defaults to NodePort. + type: string + selector: + description: Selector selects a set of DNSNames on the Certificate resource that should be solved using this challenge solver. If not specified, the solver will be treated as the 'default' solver with the lowest priority, i.e. if any other solver has a more specific match, it will be used instead. + type: object + properties: + dnsNames: + description: List of DNSNames that this solver will be used to solve. If specified and a match is found, a dnsNames selector will take precedence over a dnsZones selector. If multiple solvers match with the same dnsNames value, the solver with the most matching labels in matchLabels will be selected. If neither has more matches, the solver defined earlier in the list will be selected. + type: array + items: + type: string + dnsZones: + description: List of DNSZones that this solver will be used to solve. The most specific DNS zone match specified here will take precedence over other DNS zone matches, so a solver specifying sys.example.com will be selected over one specifying example.com for the domain www.sys.example.com. If multiple solvers match with the same dnsZones value, the solver with the most matching labels in matchLabels will be selected. If neither has more matches, the solver defined earlier in the list will be selected. + type: array + items: + type: string + matchLabels: + description: A label selector that is used to refine the set of certificate's that this challenge solver will apply to. + type: object + additionalProperties: + type: string + token: + description: The ACME challenge token for this challenge. This is the raw value returned from the ACME server. + type: string + type: + description: The type of ACME challenge this resource represents. One of "HTTP-01" or "DNS-01". + type: string + enum: + - HTTP-01 + - DNS-01 + url: + description: The URL of the ACME Challenge resource for this challenge. This can be used to lookup details about the status of this challenge. + type: string + wildcard: + description: wildcard will be true if this challenge is for a wildcard identifier, for example '*.example.com'. + type: boolean + status: + type: object + properties: + presented: + description: presented will be set to true if the challenge values for this challenge are currently 'presented'. This *does not* imply the self check is passing. Only that the values have been 'submitted' for the appropriate challenge mechanism (i.e. the DNS01 TXT record has been presented, or the HTTP01 configuration has been configured). + type: boolean + processing: + description: Used to denote whether this challenge should be processed or not. This field will only be set to true by the 'scheduling' component. It will only be set to false by the 'challenges' controller, after the challenge has reached a final state or timed out. If this field is set to false, the challenge controller will not take any more action. + type: boolean + reason: + description: Contains human readable information on why the Challenge is in the current state. + type: string + state: + description: Contains the current 'state' of the challenge. If not set, the state of the challenge is unknown. + type: string + enum: + - valid + - ready + - pending + - processing + - invalid + - expired + - errored + served: true + storage: true + subresources: + status: {} +--- +# Source: cert-manager/templates/crds.yaml +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: clusterissuers.cert-manager.io + labels: + app: 'cert-manager' + app.kubernetes.io/name: 'cert-manager' + app.kubernetes.io/instance: "cert-manager" + # Generated labels + app.kubernetes.io/version: "v1.14.1" +spec: + group: cert-manager.io + names: + kind: ClusterIssuer + listKind: ClusterIssuerList + plural: clusterissuers + singular: clusterissuer + categories: + - cert-manager + scope: Cluster + versions: + - name: v1 + subresources: + status: {} + additionalPrinterColumns: + - jsonPath: .status.conditions[?(@.type=="Ready")].status + name: Ready + type: string + - jsonPath: .status.conditions[?(@.type=="Ready")].message + name: Status + priority: 1 + type: string + - jsonPath: .metadata.creationTimestamp + description: CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC. + name: Age + type: date + schema: + openAPIV3Schema: + description: A ClusterIssuer represents a certificate issuing authority which can be referenced as part of `issuerRef` fields. It is similar to an Issuer, however it is cluster-scoped and therefore can be referenced by resources that exist in *any* namespace, not just the same namespace as the referent. + type: object + required: + - spec + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: Desired state of the ClusterIssuer resource. + type: object + properties: + acme: + description: ACME configures this issuer to communicate with a RFC8555 (ACME) server to obtain signed x509 certificates. + type: object + required: + - privateKeySecretRef + - server + properties: + caBundle: + description: Base64-encoded bundle of PEM CAs which can be used to validate the certificate chain presented by the ACME server. Mutually exclusive with SkipTLSVerify; prefer using CABundle to prevent various kinds of security vulnerabilities. If CABundle and SkipTLSVerify are unset, the system certificate bundle inside the container is used to validate the TLS connection. + type: string + format: byte + disableAccountKeyGeneration: + description: Enables or disables generating a new ACME account key. If true, the Issuer resource will *not* request a new account but will expect the account key to be supplied via an existing secret. If false, the cert-manager system will generate a new ACME account key for the Issuer. Defaults to false. + type: boolean + email: + description: Email is the email address to be associated with the ACME account. This field is optional, but it is strongly recommended to be set. It will be used to contact you in case of issues with your account or certificates, including expiry notification emails. This field may be updated after the account is initially registered. + type: string + enableDurationFeature: + description: Enables requesting a Not After date on certificates that matches the duration of the certificate. This is not supported by all ACME servers like Let's Encrypt. If set to true when the ACME server does not support it it will create an error on the Order. Defaults to false. + type: boolean + externalAccountBinding: + description: ExternalAccountBinding is a reference to a CA external account of the ACME server. If set, upon registration cert-manager will attempt to associate the given external account credentials with the registered ACME account. + type: object + required: + - keyID + - keySecretRef + properties: + keyAlgorithm: + description: 'Deprecated: keyAlgorithm field exists for historical compatibility reasons and should not be used. The algorithm is now hardcoded to HS256 in golang/x/crypto/acme.' + type: string + enum: + - HS256 + - HS384 + - HS512 + keyID: + description: keyID is the ID of the CA key that the External Account is bound to. + type: string + keySecretRef: + description: keySecretRef is a Secret Key Selector referencing a data item in a Kubernetes Secret which holds the symmetric MAC key of the External Account Binding. The `key` is the index string that is paired with the key data in the Secret and should not be confused with the key data itself, or indeed with the External Account Binding keyID above. The secret key stored in the Secret **must** be un-padded, base64 URL encoded data. + type: object + required: + - name + properties: + key: + description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. + type: string + name: + description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + preferredChain: + description: 'PreferredChain is the chain to use if the ACME server outputs multiple. PreferredChain is no guarantee that this one gets delivered by the ACME endpoint. For example, for Let''s Encrypt''s DST crosssign you would use: "DST Root CA X3" or "ISRG Root X1" for the newer Let''s Encrypt root CA. This value picks the first certificate bundle in the ACME alternative chains that has a certificate with this value as its issuer''s CN' + type: string + maxLength: 64 + privateKeySecretRef: + description: PrivateKey is the name of a Kubernetes Secret resource that will be used to store the automatically generated ACME account private key. Optionally, a `key` may be specified to select a specific entry within the named Secret resource. If `key` is not specified, a default of `tls.key` will be used. + type: object + required: + - name + properties: + key: + description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. + type: string + name: + description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + server: + description: 'Server is the URL used to access the ACME server''s ''directory'' endpoint. For example, for Let''s Encrypt''s staging endpoint, you would use: "https://acme-staging-v02.api.letsencrypt.org/directory". Only ACME v2 endpoints (i.e. RFC 8555) are supported.' + type: string + skipTLSVerify: + description: 'INSECURE: Enables or disables validation of the ACME server TLS certificate. If true, requests to the ACME server will not have the TLS certificate chain validated. Mutually exclusive with CABundle; prefer using CABundle to prevent various kinds of security vulnerabilities. Only enable this option in development environments. If CABundle and SkipTLSVerify are unset, the system certificate bundle inside the container is used to validate the TLS connection. Defaults to false.' + type: boolean + solvers: + description: 'Solvers is a list of challenge solvers that will be used to solve ACME challenges for the matching domains. Solver configurations must be provided in order to obtain certificates from an ACME server. For more information, see: https://cert-manager.io/docs/configuration/acme/' + type: array + items: + description: An ACMEChallengeSolver describes how to solve ACME challenges for the issuer it is part of. A selector may be provided to use different solving strategies for different DNS names. Only one of HTTP01 or DNS01 must be provided. + type: object + properties: + dns01: + description: Configures cert-manager to attempt to complete authorizations by performing the DNS01 challenge flow. + type: object + properties: + acmeDNS: + description: Use the 'ACME DNS' (https://github.com/joohoi/acme-dns) API to manage DNS01 challenge records. + type: object + required: + - accountSecretRef + - host + properties: + accountSecretRef: + description: A reference to a specific 'key' within a Secret resource. In some instances, `key` is a required field. + type: object + required: + - name + properties: + key: + description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. + type: string + name: + description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + host: + type: string + akamai: + description: Use the Akamai DNS zone management API to manage DNS01 challenge records. + type: object + required: + - accessTokenSecretRef + - clientSecretSecretRef + - clientTokenSecretRef + - serviceConsumerDomain + properties: + accessTokenSecretRef: + description: A reference to a specific 'key' within a Secret resource. In some instances, `key` is a required field. + type: object + required: + - name + properties: + key: + description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. + type: string + name: + description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + clientSecretSecretRef: + description: A reference to a specific 'key' within a Secret resource. In some instances, `key` is a required field. + type: object + required: + - name + properties: + key: + description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. + type: string + name: + description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + clientTokenSecretRef: + description: A reference to a specific 'key' within a Secret resource. In some instances, `key` is a required field. + type: object + required: + - name + properties: + key: + description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. + type: string + name: + description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + serviceConsumerDomain: + type: string + azureDNS: + description: Use the Microsoft Azure DNS API to manage DNS01 challenge records. + type: object + required: + - resourceGroupName + - subscriptionID + properties: + clientID: + description: 'Auth: Azure Service Principal: The ClientID of the Azure Service Principal used to authenticate with Azure DNS. If set, ClientSecret and TenantID must also be set.' + type: string + clientSecretSecretRef: + description: 'Auth: Azure Service Principal: A reference to a Secret containing the password associated with the Service Principal. If set, ClientID and TenantID must also be set.' + type: object + required: + - name + properties: + key: + description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. + type: string + name: + description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + environment: + description: name of the Azure environment (default AzurePublicCloud) + type: string + enum: + - AzurePublicCloud + - AzureChinaCloud + - AzureGermanCloud + - AzureUSGovernmentCloud + hostedZoneName: + description: name of the DNS zone that should be used + type: string + managedIdentity: + description: 'Auth: Azure Workload Identity or Azure Managed Service Identity: Settings to enable Azure Workload Identity or Azure Managed Service Identity If set, ClientID, ClientSecret and TenantID must not be set.' + type: object + properties: + clientID: + description: client ID of the managed identity, can not be used at the same time as resourceID + type: string + resourceID: + description: resource ID of the managed identity, can not be used at the same time as clientID Cannot be used for Azure Managed Service Identity + type: string + resourceGroupName: + description: resource group the DNS zone is located in + type: string + subscriptionID: + description: ID of the Azure subscription + type: string + tenantID: + description: 'Auth: Azure Service Principal: The TenantID of the Azure Service Principal used to authenticate with Azure DNS. If set, ClientID and ClientSecret must also be set.' + type: string + cloudDNS: + description: Use the Google Cloud DNS API to manage DNS01 challenge records. + type: object + required: + - project + properties: + hostedZoneName: + description: HostedZoneName is an optional field that tells cert-manager in which Cloud DNS zone the challenge record has to be created. If left empty cert-manager will automatically choose a zone. + type: string + project: + type: string + serviceAccountSecretRef: + description: A reference to a specific 'key' within a Secret resource. In some instances, `key` is a required field. + type: object + required: + - name + properties: + key: + description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. + type: string + name: + description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + cloudflare: + description: Use the Cloudflare API to manage DNS01 challenge records. + type: object + properties: + apiKeySecretRef: + description: 'API key to use to authenticate with Cloudflare. Note: using an API token to authenticate is now the recommended method as it allows greater control of permissions.' + type: object + required: + - name + properties: + key: + description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. + type: string + name: + description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + apiTokenSecretRef: + description: API token used to authenticate with Cloudflare. + type: object + required: + - name + properties: + key: + description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. + type: string + name: + description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + email: + description: Email of the account, only required when using API key based authentication. + type: string + cnameStrategy: + description: CNAMEStrategy configures how the DNS01 provider should handle CNAME records when found in DNS zones. + type: string + enum: + - None + - Follow + digitalocean: + description: Use the DigitalOcean DNS API to manage DNS01 challenge records. + type: object + required: + - tokenSecretRef + properties: + tokenSecretRef: + description: A reference to a specific 'key' within a Secret resource. In some instances, `key` is a required field. + type: object + required: + - name + properties: + key: + description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. + type: string + name: + description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + rfc2136: + description: Use RFC2136 ("Dynamic Updates in the Domain Name System") (https://datatracker.ietf.org/doc/rfc2136/) to manage DNS01 challenge records. + type: object + required: + - nameserver + properties: + nameserver: + description: The IP address or hostname of an authoritative DNS server supporting RFC2136 in the form host:port. If the host is an IPv6 address it must be enclosed in square brackets (e.g [2001:db8::1]) ; port is optional. This field is required. + type: string + tsigAlgorithm: + description: 'The TSIG Algorithm configured in the DNS supporting RFC2136. Used only when ``tsigSecretSecretRef`` and ``tsigKeyName`` are defined. Supported values are (case-insensitive): ``HMACMD5`` (default), ``HMACSHA1``, ``HMACSHA256`` or ``HMACSHA512``.' + type: string + tsigKeyName: + description: The TSIG Key name configured in the DNS. If ``tsigSecretSecretRef`` is defined, this field is required. + type: string + tsigSecretSecretRef: + description: The name of the secret containing the TSIG value. If ``tsigKeyName`` is defined, this field is required. + type: object + required: + - name + properties: + key: + description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. + type: string + name: + description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + route53: + description: Use the AWS Route53 API to manage DNS01 challenge records. + type: object + required: + - region + properties: + accessKeyID: + description: 'The AccessKeyID is used for authentication. Cannot be set when SecretAccessKeyID is set. If neither the Access Key nor Key ID are set, we fall-back to using env vars, shared credentials file or AWS Instance metadata, see: https://docs.aws.amazon.com/sdk-for-go/v1/developer-guide/configuring-sdk.html#specifying-credentials' + type: string + accessKeyIDSecretRef: + description: 'The SecretAccessKey is used for authentication. If set, pull the AWS access key ID from a key within a Kubernetes Secret. Cannot be set when AccessKeyID is set. If neither the Access Key nor Key ID are set, we fall-back to using env vars, shared credentials file or AWS Instance metadata, see: https://docs.aws.amazon.com/sdk-for-go/v1/developer-guide/configuring-sdk.html#specifying-credentials' + type: object + required: + - name + properties: + key: + description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. + type: string + name: + description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + hostedZoneID: + description: If set, the provider will manage only this zone in Route53 and will not do an lookup using the route53:ListHostedZonesByName api call. + type: string + region: + description: Always set the region when using AccessKeyID and SecretAccessKey + type: string + role: + description: Role is a Role ARN which the Route53 provider will assume using either the explicit credentials AccessKeyID/SecretAccessKey or the inferred credentials from environment variables, shared credentials file or AWS Instance metadata + type: string + secretAccessKeySecretRef: + description: 'The SecretAccessKey is used for authentication. If neither the Access Key nor Key ID are set, we fall-back to using env vars, shared credentials file or AWS Instance metadata, see: https://docs.aws.amazon.com/sdk-for-go/v1/developer-guide/configuring-sdk.html#specifying-credentials' + type: object + required: + - name + properties: + key: + description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. + type: string + name: + description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + webhook: + description: Configure an external webhook based DNS01 challenge solver to manage DNS01 challenge records. + type: object + required: + - groupName + - solverName + properties: + config: + description: Additional configuration that should be passed to the webhook apiserver when challenges are processed. This can contain arbitrary JSON data. Secret values should not be specified in this stanza. If secret values are needed (e.g. credentials for a DNS service), you should use a SecretKeySelector to reference a Secret resource. For details on the schema of this field, consult the webhook provider implementation's documentation. + x-kubernetes-preserve-unknown-fields: true + groupName: + description: The API group name that should be used when POSTing ChallengePayload resources to the webhook apiserver. This should be the same as the GroupName specified in the webhook provider implementation. + type: string + solverName: + description: The name of the solver to use, as defined in the webhook provider implementation. This will typically be the name of the provider, e.g. 'cloudflare'. + type: string + http01: + description: Configures cert-manager to attempt to complete authorizations by performing the HTTP01 challenge flow. It is not possible to obtain certificates for wildcard domain names (e.g. `*.example.com`) using the HTTP01 challenge mechanism. + type: object + properties: + gatewayHTTPRoute: + description: The Gateway API is a sig-network community API that models service networking in Kubernetes (https://gateway-api.sigs.k8s.io/). The Gateway solver will create HTTPRoutes with the specified labels in the same namespace as the challenge. This solver is experimental, and fields / behaviour may change in the future. + type: object + properties: + labels: + description: Custom labels that will be applied to HTTPRoutes created by cert-manager while solving HTTP-01 challenges. + type: object + additionalProperties: + type: string + parentRefs: + description: 'When solving an HTTP-01 challenge, cert-manager creates an HTTPRoute. cert-manager needs to know which parentRefs should be used when creating the HTTPRoute. Usually, the parentRef references a Gateway. See: https://gateway-api.sigs.k8s.io/api-types/httproute/#attaching-to-gateways' + type: array + items: + description: "ParentReference identifies an API object (usually a Gateway) that can be considered a parent of this resource (usually a route). There are two kinds of parent resources with \"Core\" support: \n * Gateway (Gateway conformance profile) * Service (Mesh conformance profile, experimental, ClusterIP Services only) \n This API may be extended in the future to support additional kinds of parent resources. \n The API object must be valid in the cluster; the Group and Kind must be registered in the cluster for this reference to be valid." + type: object + required: + - name + properties: + group: + description: "Group is the group of the referent. When unspecified, \"gateway.networking.k8s.io\" is inferred. To set the core API group (such as for a \"Service\" kind referent), Group must be explicitly set to \"\" (empty string). \n Support: Core" + type: string + default: gateway.networking.k8s.io + maxLength: 253 + pattern: ^$|^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ + kind: + description: "Kind is kind of the referent. \n There are two kinds of parent resources with \"Core\" support: \n * Gateway (Gateway conformance profile) * Service (Mesh conformance profile, experimental, ClusterIP Services only) \n Support for other resources is Implementation-Specific." + type: string + default: Gateway + maxLength: 63 + minLength: 1 + pattern: ^[a-zA-Z]([-a-zA-Z0-9]*[a-zA-Z0-9])?$ + name: + description: "Name is the name of the referent. \n Support: Core" + type: string + maxLength: 253 + minLength: 1 + namespace: + description: "Namespace is the namespace of the referent. When unspecified, this refers to the local namespace of the Route. \n Note that there are specific rules for ParentRefs which cross namespace boundaries. Cross-namespace references are only valid if they are explicitly allowed by something in the namespace they are referring to. For example: Gateway has the AllowedRoutes field, and ReferenceGrant provides a generic way to enable any other kind of cross-namespace reference. \n ParentRefs from a Route to a Service in the same namespace are \"producer\" routes, which apply default routing rules to inbound connections from any namespace to the Service. \n ParentRefs from a Route to a Service in a different namespace are \"consumer\" routes, and these routing rules are only applied to outbound connections originating from the same namespace as the Route, for which the intended destination of the connections are a Service targeted as a ParentRef of the Route. \n Support: Core" + type: string + maxLength: 63 + minLength: 1 + pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$ + port: + description: "Port is the network port this Route targets. It can be interpreted differently based on the type of parent resource. \n When the parent resource is a Gateway, this targets all listeners listening on the specified port that also support this kind of Route(and select this Route). It's not recommended to set `Port` unless the networking behaviors specified in a Route must apply to a specific port as opposed to a listener(s) whose port(s) may be changed. When both Port and SectionName are specified, the name and port of the selected listener must match both specified values. \n When the parent resource is a Service, this targets a specific port in the Service spec. When both Port (experimental) and SectionName are specified, the name and port of the selected port must match both specified values. \n Implementations MAY choose to support other parent resources. Implementations supporting other types of parent resources MUST clearly document how/if Port is interpreted. \n For the purpose of status, an attachment is considered successful as long as the parent resource accepts it partially. For example, Gateway listeners can restrict which Routes can attach to them by Route kind, namespace, or hostname. If 1 of 2 Gateway listeners accept attachment from the referencing Route, the Route MUST be considered successfully attached. If no Gateway listeners accept attachment from this Route, the Route MUST be considered detached from the Gateway. \n Support: Extended \n " + type: integer + format: int32 + maximum: 65535 + minimum: 1 + sectionName: + description: "SectionName is the name of a section within the target resource. In the following resources, SectionName is interpreted as the following: \n * Gateway: Listener Name. When both Port (experimental) and SectionName are specified, the name and port of the selected listener must match both specified values. * Service: Port Name. When both Port (experimental) and SectionName are specified, the name and port of the selected listener must match both specified values. Note that attaching Routes to Services as Parents is part of experimental Mesh support and is not supported for any other purpose. \n Implementations MAY choose to support attaching Routes to other resources. If that is the case, they MUST clearly document how SectionName is interpreted. \n When unspecified (empty string), this will reference the entire resource. For the purpose of status, an attachment is considered successful if at least one section in the parent resource accepts it. For example, Gateway listeners can restrict which Routes can attach to them by Route kind, namespace, or hostname. If 1 of 2 Gateway listeners accept attachment from the referencing Route, the Route MUST be considered successfully attached. If no Gateway listeners accept attachment from this Route, the Route MUST be considered detached from the Gateway. \n Support: Core" + type: string + maxLength: 253 + minLength: 1 + pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ + serviceType: + description: Optional service type for Kubernetes solver service. Supported values are NodePort or ClusterIP. If unset, defaults to NodePort. + type: string + ingress: + description: The ingress based HTTP01 challenge solver will solve challenges by creating or modifying Ingress resources in order to route requests for '/.well-known/acme-challenge/XYZ' to 'challenge solver' pods that are provisioned by cert-manager for each Challenge to be completed. + type: object + properties: + class: + description: This field configures the annotation `kubernetes.io/ingress.class` when creating Ingress resources to solve ACME challenges that use this challenge solver. Only one of `class`, `name` or `ingressClassName` may be specified. + type: string + ingressClassName: + description: This field configures the field `ingressClassName` on the created Ingress resources used to solve ACME challenges that use this challenge solver. This is the recommended way of configuring the ingress class. Only one of `class`, `name` or `ingressClassName` may be specified. + type: string + ingressTemplate: + description: Optional ingress template used to configure the ACME challenge solver ingress used for HTTP01 challenges. + type: object + properties: + metadata: + description: ObjectMeta overrides for the ingress used to solve HTTP01 challenges. Only the 'labels' and 'annotations' fields may be set. If labels or annotations overlap with in-built values, the values here will override the in-built values. + type: object + properties: + annotations: + description: Annotations that should be added to the created ACME HTTP01 solver ingress. + type: object + additionalProperties: + type: string + labels: + description: Labels that should be added to the created ACME HTTP01 solver ingress. + type: object + additionalProperties: + type: string + name: + description: The name of the ingress resource that should have ACME challenge solving routes inserted into it in order to solve HTTP01 challenges. This is typically used in conjunction with ingress controllers like ingress-gce, which maintains a 1:1 mapping between external IPs and ingress resources. Only one of `class`, `name` or `ingressClassName` may be specified. + type: string + podTemplate: + description: Optional pod template used to configure the ACME challenge solver pods used for HTTP01 challenges. + type: object + properties: + metadata: + description: ObjectMeta overrides for the pod used to solve HTTP01 challenges. Only the 'labels' and 'annotations' fields may be set. If labels or annotations overlap with in-built values, the values here will override the in-built values. + type: object + properties: + annotations: + description: Annotations that should be added to the create ACME HTTP01 solver pods. + type: object + additionalProperties: + type: string + labels: + description: Labels that should be added to the created ACME HTTP01 solver pods. + type: object + additionalProperties: + type: string + spec: + description: PodSpec defines overrides for the HTTP01 challenge solver pod. Check ACMEChallengeSolverHTTP01IngressPodSpec to find out currently supported fields. All other fields will be ignored. + type: object + properties: + affinity: + description: If specified, the pod's scheduling constraints + type: object + properties: + nodeAffinity: + description: Describes node affinity scheduling rules for the pod. + type: object + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node matches the corresponding matchExpressions; the node(s) with the highest sum are the most preferred. + type: array + items: + description: An empty preferred scheduling term matches all objects with implicit weight 0 (i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op). + type: object + required: + - preference + - weight + properties: + preference: + description: A node selector term, associated with the corresponding weight. + type: object + properties: + matchExpressions: + description: A list of node selector requirements by node's labels. + type: array + items: + description: A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + type: object + required: + - key + - operator + properties: + key: + description: The label key that the selector applies to. + type: string + operator: + description: Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + type: string + values: + description: An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. + type: array + items: + type: string + matchFields: + description: A list of node selector requirements by node's fields. + type: array + items: + description: A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + type: object + required: + - key + - operator + properties: + key: + description: The label key that the selector applies to. + type: string + operator: + description: Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + type: string + values: + description: An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. + type: array + items: + type: string + x-kubernetes-map-type: atomic + weight: + description: Weight associated with matching the corresponding nodeSelectorTerm, in the range 1-100. + type: integer + format: int32 + requiredDuringSchedulingIgnoredDuringExecution: + description: If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to an update), the system may or may not try to eventually evict the pod from its node. + type: object + required: + - nodeSelectorTerms + properties: + nodeSelectorTerms: + description: Required. A list of node selector terms. The terms are ORed. + type: array + items: + description: A null or empty node selector term matches no objects. The requirements of them are ANDed. The TopologySelectorTerm type implements a subset of the NodeSelectorTerm. + type: object + properties: + matchExpressions: + description: A list of node selector requirements by node's labels. + type: array + items: + description: A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + type: object + required: + - key + - operator + properties: + key: + description: The label key that the selector applies to. + type: string + operator: + description: Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + type: string + values: + description: An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. + type: array + items: + type: string + matchFields: + description: A list of node selector requirements by node's fields. + type: array + items: + description: A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + type: object + required: + - key + - operator + properties: + key: + description: The label key that the selector applies to. + type: string + operator: + description: Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + type: string + values: + description: An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. + type: array + items: + type: string + x-kubernetes-map-type: atomic + x-kubernetes-map-type: atomic + podAffinity: + description: Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s)). + type: object + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred. + type: array + items: + description: The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s) + type: object + required: + - podAffinityTerm + - weight + properties: + podAffinityTerm: + description: Required. A pod affinity term, associated with the corresponding weight. + type: object + required: + - topologyKey + properties: + labelSelector: + description: A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. + type: object + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. The requirements are ANDed. + type: array + items: + description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + type: object + required: + - key + - operator + properties: + key: + description: key is the label key that the selector applies to. + type: string + operator: + description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + type: array + items: + type: string + matchLabels: + description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + additionalProperties: + type: string + x-kubernetes-map-type: atomic + matchLabelKeys: + description: MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + type: array + items: + type: string + x-kubernetes-list-type: atomic + mismatchLabelKeys: + description: MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + type: array + items: + type: string + x-kubernetes-list-type: atomic + namespaceSelector: + description: A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. + type: object + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. The requirements are ANDed. + type: array + items: + description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + type: object + required: + - key + - operator + properties: + key: + description: key is the label key that the selector applies to. + type: string + operator: + description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + type: array + items: + type: string + matchLabels: + description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + additionalProperties: + type: string + x-kubernetes-map-type: atomic + namespaces: + description: namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace". + type: array + items: + type: string + topologyKey: + description: This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. + type: string + weight: + description: weight associated with matching the corresponding podAffinityTerm, in the range 1-100. + type: integer + format: int32 + requiredDuringSchedulingIgnoredDuringExecution: + description: If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied. + type: array + items: + description: Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running + type: object + required: + - topologyKey + properties: + labelSelector: + description: A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. + type: object + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. The requirements are ANDed. + type: array + items: + description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + type: object + required: + - key + - operator + properties: + key: + description: key is the label key that the selector applies to. + type: string + operator: + description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + type: array + items: + type: string + matchLabels: + description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + additionalProperties: + type: string + x-kubernetes-map-type: atomic + matchLabelKeys: + description: MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + type: array + items: + type: string + x-kubernetes-list-type: atomic + mismatchLabelKeys: + description: MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + type: array + items: + type: string + x-kubernetes-list-type: atomic + namespaceSelector: + description: A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. + type: object + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. The requirements are ANDed. + type: array + items: + description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + type: object + required: + - key + - operator + properties: + key: + description: key is the label key that the selector applies to. + type: string + operator: + description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + type: array + items: + type: string + matchLabels: + description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + additionalProperties: + type: string + x-kubernetes-map-type: atomic + namespaces: + description: namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace". + type: array + items: + type: string + topologyKey: + description: This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. + type: string + podAntiAffinity: + description: Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s)). + type: object + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule pods to nodes that satisfy the anti-affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling anti-affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred. + type: array + items: + description: The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s) + type: object + required: + - podAffinityTerm + - weight + properties: + podAffinityTerm: + description: Required. A pod affinity term, associated with the corresponding weight. + type: object + required: + - topologyKey + properties: + labelSelector: + description: A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. + type: object + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. The requirements are ANDed. + type: array + items: + description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + type: object + required: + - key + - operator + properties: + key: + description: key is the label key that the selector applies to. + type: string + operator: + description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + type: array + items: + type: string + matchLabels: + description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + additionalProperties: + type: string + x-kubernetes-map-type: atomic + matchLabelKeys: + description: MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + type: array + items: + type: string + x-kubernetes-list-type: atomic + mismatchLabelKeys: + description: MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + type: array + items: + type: string + x-kubernetes-list-type: atomic + namespaceSelector: + description: A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. + type: object + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. The requirements are ANDed. + type: array + items: + description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + type: object + required: + - key + - operator + properties: + key: + description: key is the label key that the selector applies to. + type: string + operator: + description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + type: array + items: + type: string + matchLabels: + description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + additionalProperties: + type: string + x-kubernetes-map-type: atomic + namespaces: + description: namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace". + type: array + items: + type: string + topologyKey: + description: This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. + type: string + weight: + description: weight associated with matching the corresponding podAffinityTerm, in the range 1-100. + type: integer + format: int32 + requiredDuringSchedulingIgnoredDuringExecution: + description: If the anti-affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the anti-affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied. + type: array + items: + description: Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running + type: object + required: + - topologyKey + properties: + labelSelector: + description: A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. + type: object + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. The requirements are ANDed. + type: array + items: + description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + type: object + required: + - key + - operator + properties: + key: + description: key is the label key that the selector applies to. + type: string + operator: + description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + type: array + items: + type: string + matchLabels: + description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + additionalProperties: + type: string + x-kubernetes-map-type: atomic + matchLabelKeys: + description: MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + type: array + items: + type: string + x-kubernetes-list-type: atomic + mismatchLabelKeys: + description: MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + type: array + items: + type: string + x-kubernetes-list-type: atomic + namespaceSelector: + description: A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. + type: object + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. The requirements are ANDed. + type: array + items: + description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + type: object + required: + - key + - operator + properties: + key: + description: key is the label key that the selector applies to. + type: string + operator: + description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + type: array + items: + type: string + matchLabels: + description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + additionalProperties: + type: string + x-kubernetes-map-type: atomic + namespaces: + description: namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace". + type: array + items: + type: string + topologyKey: + description: This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. + type: string + imagePullSecrets: + description: If specified, the pod's imagePullSecrets + type: array + items: + description: LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. + type: object + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + x-kubernetes-map-type: atomic + nodeSelector: + description: 'NodeSelector is a selector which must be true for the pod to fit on a node. Selector which must match a node''s labels for the pod to be scheduled on that node. More info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/' + type: object + additionalProperties: + type: string + priorityClassName: + description: If specified, the pod's priorityClassName. + type: string + serviceAccountName: + description: If specified, the pod's service account + type: string + tolerations: + description: If specified, the pod's tolerations. + type: array + items: + description: The pod this Toleration is attached to tolerates any taint that matches the triple using the matching operator . + type: object + properties: + effect: + description: Effect indicates the taint effect to match. Empty means match all taint effects. When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. + type: string + key: + description: Key is the taint key that the toleration applies to. Empty means match all taint keys. If the key is empty, operator must be Exists; this combination means to match all values and all keys. + type: string + operator: + description: Operator represents a key's relationship to the value. Valid operators are Exists and Equal. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category. + type: string + tolerationSeconds: + description: TolerationSeconds represents the period of time the toleration (which must be of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, it is not set, which means tolerate the taint forever (do not evict). Zero and negative values will be treated as 0 (evict immediately) by the system. + type: integer + format: int64 + value: + description: Value is the taint value the toleration matches to. If the operator is Exists, the value should be empty, otherwise just a regular string. + type: string + serviceType: + description: Optional service type for Kubernetes solver service. Supported values are NodePort or ClusterIP. If unset, defaults to NodePort. + type: string + selector: + description: Selector selects a set of DNSNames on the Certificate resource that should be solved using this challenge solver. If not specified, the solver will be treated as the 'default' solver with the lowest priority, i.e. if any other solver has a more specific match, it will be used instead. + type: object + properties: + dnsNames: + description: List of DNSNames that this solver will be used to solve. If specified and a match is found, a dnsNames selector will take precedence over a dnsZones selector. If multiple solvers match with the same dnsNames value, the solver with the most matching labels in matchLabels will be selected. If neither has more matches, the solver defined earlier in the list will be selected. + type: array + items: + type: string + dnsZones: + description: List of DNSZones that this solver will be used to solve. The most specific DNS zone match specified here will take precedence over other DNS zone matches, so a solver specifying sys.example.com will be selected over one specifying example.com for the domain www.sys.example.com. If multiple solvers match with the same dnsZones value, the solver with the most matching labels in matchLabels will be selected. If neither has more matches, the solver defined earlier in the list will be selected. + type: array + items: + type: string + matchLabels: + description: A label selector that is used to refine the set of certificate's that this challenge solver will apply to. + type: object + additionalProperties: + type: string + ca: + description: CA configures this issuer to sign certificates using a signing CA keypair stored in a Secret resource. This is used to build internal PKIs that are managed by cert-manager. + type: object + required: + - secretName + properties: + crlDistributionPoints: + description: The CRL distribution points is an X.509 v3 certificate extension which identifies the location of the CRL from which the revocation of this certificate can be checked. If not set, certificates will be issued without distribution points set. + type: array + items: + type: string + issuingCertificateURLs: + description: IssuingCertificateURLs is a list of URLs which this issuer should embed into certificates it creates. See https://www.rfc-editor.org/rfc/rfc5280#section-4.2.2.1 for more details. As an example, such a URL might be "http://ca.domain.com/ca.crt". + type: array + items: + type: string + ocspServers: + description: The OCSP server list is an X.509 v3 extension that defines a list of URLs of OCSP responders. The OCSP responders can be queried for the revocation status of an issued certificate. If not set, the certificate will be issued with no OCSP servers set. For example, an OCSP server URL could be "http://ocsp.int-x3.letsencrypt.org". + type: array + items: + type: string + secretName: + description: SecretName is the name of the secret used to sign Certificates issued by this Issuer. + type: string + selfSigned: + description: SelfSigned configures this issuer to 'self sign' certificates using the private key used to create the CertificateRequest object. + type: object + properties: + crlDistributionPoints: + description: The CRL distribution points is an X.509 v3 certificate extension which identifies the location of the CRL from which the revocation of this certificate can be checked. If not set certificate will be issued without CDP. Values are strings. + type: array + items: + type: string + vault: + description: Vault configures this issuer to sign certificates using a HashiCorp Vault PKI backend. + type: object + required: + - auth + - path + - server + properties: + auth: + description: Auth configures how cert-manager authenticates with the Vault server. + type: object + properties: + appRole: + description: AppRole authenticates with Vault using the App Role auth mechanism, with the role and secret stored in a Kubernetes Secret resource. + type: object + required: + - path + - roleId + - secretRef + properties: + path: + description: 'Path where the App Role authentication backend is mounted in Vault, e.g: "approle"' + type: string + roleId: + description: RoleID configured in the App Role authentication backend when setting up the authentication backend in Vault. + type: string + secretRef: + description: Reference to a key in a Secret that contains the App Role secret used to authenticate with Vault. The `key` field must be specified and denotes which entry within the Secret resource is used as the app role secret. + type: object + required: + - name + properties: + key: + description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. + type: string + name: + description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + kubernetes: + description: Kubernetes authenticates with Vault by passing the ServiceAccount token stored in the named Secret resource to the Vault server. + type: object + required: + - role + properties: + mountPath: + description: The Vault mountPath here is the mount path to use when authenticating with Vault. For example, setting a value to `/v1/auth/foo`, will use the path `/v1/auth/foo/login` to authenticate with Vault. If unspecified, the default value "/v1/auth/kubernetes" will be used. + type: string + role: + description: A required field containing the Vault Role to assume. A Role binds a Kubernetes ServiceAccount with a set of Vault policies. + type: string + secretRef: + description: The required Secret field containing a Kubernetes ServiceAccount JWT used for authenticating with Vault. Use of 'ambient credentials' is not supported. + type: object + required: + - name + properties: + key: + description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. + type: string + name: + description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + serviceAccountRef: + description: A reference to a service account that will be used to request a bound token (also known as "projected token"). Compared to using "secretRef", using this field means that you don't rely on statically bound tokens. To use this field, you must configure an RBAC rule to let cert-manager request a token. + type: object + required: + - name + properties: + name: + description: Name of the ServiceAccount used to request a token. + type: string + tokenSecretRef: + description: TokenSecretRef authenticates with Vault by presenting a token. + type: object + required: + - name + properties: + key: + description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. + type: string + name: + description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + caBundle: + description: Base64-encoded bundle of PEM CAs which will be used to validate the certificate chain presented by Vault. Only used if using HTTPS to connect to Vault and ignored for HTTP connections. Mutually exclusive with CABundleSecretRef. If neither CABundle nor CABundleSecretRef are defined, the certificate bundle in the cert-manager controller container is used to validate the TLS connection. + type: string + format: byte + caBundleSecretRef: + description: Reference to a Secret containing a bundle of PEM-encoded CAs to use when verifying the certificate chain presented by Vault when using HTTPS. Mutually exclusive with CABundle. If neither CABundle nor CABundleSecretRef are defined, the certificate bundle in the cert-manager controller container is used to validate the TLS connection. If no key for the Secret is specified, cert-manager will default to 'ca.crt'. + type: object + required: + - name + properties: + key: + description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. + type: string + name: + description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Name of the vault namespace. Namespaces is a set of features within Vault Enterprise that allows Vault environments to support Secure Multi-tenancy. e.g: "ns1" More about namespaces can be found here https://www.vaultproject.io/docs/enterprise/namespaces' + type: string + path: + description: 'Path is the mount path of the Vault PKI backend''s `sign` endpoint, e.g: "my_pki_mount/sign/my-role-name".' + type: string + server: + description: 'Server is the connection address for the Vault server, e.g: "https://vault.example.com:8200".' + type: string + venafi: + description: Venafi configures this issuer to sign certificates using a Venafi TPP or Venafi Cloud policy zone. + type: object + required: + - zone + properties: + cloud: + description: Cloud specifies the Venafi cloud configuration settings. Only one of TPP or Cloud may be specified. + type: object + required: + - apiTokenSecretRef + properties: + apiTokenSecretRef: + description: APITokenSecretRef is a secret key selector for the Venafi Cloud API token. + type: object + required: + - name + properties: + key: + description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. + type: string + name: + description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + url: + description: URL is the base URL for Venafi Cloud. Defaults to "https://api.venafi.cloud/v1". + type: string + tpp: + description: TPP specifies Trust Protection Platform configuration settings. Only one of TPP or Cloud may be specified. + type: object + required: + - credentialsRef + - url + properties: + caBundle: + description: Base64-encoded bundle of PEM CAs which will be used to validate the certificate chain presented by the TPP server. Only used if using HTTPS; ignored for HTTP. If undefined, the certificate bundle in the cert-manager controller container is used to validate the chain. + type: string + format: byte + credentialsRef: + description: CredentialsRef is a reference to a Secret containing the username and password for the TPP server. The secret must contain two keys, 'username' and 'password'. + type: object + required: + - name + properties: + name: + description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + url: + description: 'URL is the base URL for the vedsdk endpoint of the Venafi TPP instance, for example: "https://tpp.example.com/vedsdk".' + type: string + zone: + description: Zone is the Venafi Policy Zone to use for this issuer. All requests made to the Venafi platform will be restricted by the named zone policy. This field is required. + type: string + status: + description: Status of the ClusterIssuer. This is set and managed automatically. + type: object + properties: + acme: + description: ACME specific status options. This field should only be set if the Issuer is configured to use an ACME server to issue certificates. + type: object + properties: + lastPrivateKeyHash: + description: LastPrivateKeyHash is a hash of the private key associated with the latest registered ACME account, in order to track changes made to registered account associated with the Issuer + type: string + lastRegisteredEmail: + description: LastRegisteredEmail is the email associated with the latest registered ACME account, in order to track changes made to registered account associated with the Issuer + type: string + uri: + description: URI is the unique account identifier, which can also be used to retrieve account details from the CA + type: string + conditions: + description: List of status conditions to indicate the status of a CertificateRequest. Known condition types are `Ready`. + type: array + items: + description: IssuerCondition contains condition information for an Issuer. + type: object + required: + - status + - type + properties: + lastTransitionTime: + description: LastTransitionTime is the timestamp corresponding to the last status change of this condition. + type: string + format: date-time + message: + description: Message is a human readable description of the details of the last transition, complementing reason. + type: string + observedGeneration: + description: If set, this represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.condition[x].observedGeneration is 9, the condition is out of date with respect to the current state of the Issuer. + type: integer + format: int64 + reason: + description: Reason is a brief machine readable explanation for the condition's last transition. + type: string + status: + description: Status of the condition, one of (`True`, `False`, `Unknown`). + type: string + enum: + - "True" + - "False" + - Unknown + type: + description: Type of the condition, known values are (`Ready`). + type: string + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map + served: true + storage: true +--- +# Source: cert-manager/templates/crds.yaml +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: issuers.cert-manager.io + labels: + app: 'cert-manager' + app.kubernetes.io/name: 'cert-manager' + app.kubernetes.io/instance: "cert-manager" + # Generated labels + app.kubernetes.io/version: "v1.14.1" +spec: + group: cert-manager.io + names: + kind: Issuer + listKind: IssuerList + plural: issuers + singular: issuer + categories: + - cert-manager + scope: Namespaced + versions: + - name: v1 + subresources: + status: {} + additionalPrinterColumns: + - jsonPath: .status.conditions[?(@.type=="Ready")].status + name: Ready + type: string + - jsonPath: .status.conditions[?(@.type=="Ready")].message + name: Status + priority: 1 + type: string + - jsonPath: .metadata.creationTimestamp + description: CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC. + name: Age + type: date + schema: + openAPIV3Schema: + description: An Issuer represents a certificate issuing authority which can be referenced as part of `issuerRef` fields. It is scoped to a single namespace and can therefore only be referenced by resources within the same namespace. + type: object + required: + - spec + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: Desired state of the Issuer resource. + type: object + properties: + acme: + description: ACME configures this issuer to communicate with a RFC8555 (ACME) server to obtain signed x509 certificates. + type: object + required: + - privateKeySecretRef + - server + properties: + caBundle: + description: Base64-encoded bundle of PEM CAs which can be used to validate the certificate chain presented by the ACME server. Mutually exclusive with SkipTLSVerify; prefer using CABundle to prevent various kinds of security vulnerabilities. If CABundle and SkipTLSVerify are unset, the system certificate bundle inside the container is used to validate the TLS connection. + type: string + format: byte + disableAccountKeyGeneration: + description: Enables or disables generating a new ACME account key. If true, the Issuer resource will *not* request a new account but will expect the account key to be supplied via an existing secret. If false, the cert-manager system will generate a new ACME account key for the Issuer. Defaults to false. + type: boolean + email: + description: Email is the email address to be associated with the ACME account. This field is optional, but it is strongly recommended to be set. It will be used to contact you in case of issues with your account or certificates, including expiry notification emails. This field may be updated after the account is initially registered. + type: string + enableDurationFeature: + description: Enables requesting a Not After date on certificates that matches the duration of the certificate. This is not supported by all ACME servers like Let's Encrypt. If set to true when the ACME server does not support it it will create an error on the Order. Defaults to false. + type: boolean + externalAccountBinding: + description: ExternalAccountBinding is a reference to a CA external account of the ACME server. If set, upon registration cert-manager will attempt to associate the given external account credentials with the registered ACME account. + type: object + required: + - keyID + - keySecretRef + properties: + keyAlgorithm: + description: 'Deprecated: keyAlgorithm field exists for historical compatibility reasons and should not be used. The algorithm is now hardcoded to HS256 in golang/x/crypto/acme.' + type: string + enum: + - HS256 + - HS384 + - HS512 + keyID: + description: keyID is the ID of the CA key that the External Account is bound to. + type: string + keySecretRef: + description: keySecretRef is a Secret Key Selector referencing a data item in a Kubernetes Secret which holds the symmetric MAC key of the External Account Binding. The `key` is the index string that is paired with the key data in the Secret and should not be confused with the key data itself, or indeed with the External Account Binding keyID above. The secret key stored in the Secret **must** be un-padded, base64 URL encoded data. + type: object + required: + - name + properties: + key: + description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. + type: string + name: + description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + preferredChain: + description: 'PreferredChain is the chain to use if the ACME server outputs multiple. PreferredChain is no guarantee that this one gets delivered by the ACME endpoint. For example, for Let''s Encrypt''s DST crosssign you would use: "DST Root CA X3" or "ISRG Root X1" for the newer Let''s Encrypt root CA. This value picks the first certificate bundle in the ACME alternative chains that has a certificate with this value as its issuer''s CN' + type: string + maxLength: 64 + privateKeySecretRef: + description: PrivateKey is the name of a Kubernetes Secret resource that will be used to store the automatically generated ACME account private key. Optionally, a `key` may be specified to select a specific entry within the named Secret resource. If `key` is not specified, a default of `tls.key` will be used. + type: object + required: + - name + properties: + key: + description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. + type: string + name: + description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + server: + description: 'Server is the URL used to access the ACME server''s ''directory'' endpoint. For example, for Let''s Encrypt''s staging endpoint, you would use: "https://acme-staging-v02.api.letsencrypt.org/directory". Only ACME v2 endpoints (i.e. RFC 8555) are supported.' + type: string + skipTLSVerify: + description: 'INSECURE: Enables or disables validation of the ACME server TLS certificate. If true, requests to the ACME server will not have the TLS certificate chain validated. Mutually exclusive with CABundle; prefer using CABundle to prevent various kinds of security vulnerabilities. Only enable this option in development environments. If CABundle and SkipTLSVerify are unset, the system certificate bundle inside the container is used to validate the TLS connection. Defaults to false.' + type: boolean + solvers: + description: 'Solvers is a list of challenge solvers that will be used to solve ACME challenges for the matching domains. Solver configurations must be provided in order to obtain certificates from an ACME server. For more information, see: https://cert-manager.io/docs/configuration/acme/' + type: array + items: + description: An ACMEChallengeSolver describes how to solve ACME challenges for the issuer it is part of. A selector may be provided to use different solving strategies for different DNS names. Only one of HTTP01 or DNS01 must be provided. + type: object + properties: + dns01: + description: Configures cert-manager to attempt to complete authorizations by performing the DNS01 challenge flow. + type: object + properties: + acmeDNS: + description: Use the 'ACME DNS' (https://github.com/joohoi/acme-dns) API to manage DNS01 challenge records. + type: object + required: + - accountSecretRef + - host + properties: + accountSecretRef: + description: A reference to a specific 'key' within a Secret resource. In some instances, `key` is a required field. + type: object + required: + - name + properties: + key: + description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. + type: string + name: + description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + host: + type: string + akamai: + description: Use the Akamai DNS zone management API to manage DNS01 challenge records. + type: object + required: + - accessTokenSecretRef + - clientSecretSecretRef + - clientTokenSecretRef + - serviceConsumerDomain + properties: + accessTokenSecretRef: + description: A reference to a specific 'key' within a Secret resource. In some instances, `key` is a required field. + type: object + required: + - name + properties: + key: + description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. + type: string + name: + description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + clientSecretSecretRef: + description: A reference to a specific 'key' within a Secret resource. In some instances, `key` is a required field. + type: object + required: + - name + properties: + key: + description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. + type: string + name: + description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + clientTokenSecretRef: + description: A reference to a specific 'key' within a Secret resource. In some instances, `key` is a required field. + type: object + required: + - name + properties: + key: + description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. + type: string + name: + description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + serviceConsumerDomain: + type: string + azureDNS: + description: Use the Microsoft Azure DNS API to manage DNS01 challenge records. + type: object + required: + - resourceGroupName + - subscriptionID + properties: + clientID: + description: 'Auth: Azure Service Principal: The ClientID of the Azure Service Principal used to authenticate with Azure DNS. If set, ClientSecret and TenantID must also be set.' + type: string + clientSecretSecretRef: + description: 'Auth: Azure Service Principal: A reference to a Secret containing the password associated with the Service Principal. If set, ClientID and TenantID must also be set.' + type: object + required: + - name + properties: + key: + description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. + type: string + name: + description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + environment: + description: name of the Azure environment (default AzurePublicCloud) + type: string + enum: + - AzurePublicCloud + - AzureChinaCloud + - AzureGermanCloud + - AzureUSGovernmentCloud + hostedZoneName: + description: name of the DNS zone that should be used + type: string + managedIdentity: + description: 'Auth: Azure Workload Identity or Azure Managed Service Identity: Settings to enable Azure Workload Identity or Azure Managed Service Identity If set, ClientID, ClientSecret and TenantID must not be set.' + type: object + properties: + clientID: + description: client ID of the managed identity, can not be used at the same time as resourceID + type: string + resourceID: + description: resource ID of the managed identity, can not be used at the same time as clientID Cannot be used for Azure Managed Service Identity + type: string + resourceGroupName: + description: resource group the DNS zone is located in + type: string + subscriptionID: + description: ID of the Azure subscription + type: string + tenantID: + description: 'Auth: Azure Service Principal: The TenantID of the Azure Service Principal used to authenticate with Azure DNS. If set, ClientID and ClientSecret must also be set.' + type: string + cloudDNS: + description: Use the Google Cloud DNS API to manage DNS01 challenge records. + type: object + required: + - project + properties: + hostedZoneName: + description: HostedZoneName is an optional field that tells cert-manager in which Cloud DNS zone the challenge record has to be created. If left empty cert-manager will automatically choose a zone. + type: string + project: + type: string + serviceAccountSecretRef: + description: A reference to a specific 'key' within a Secret resource. In some instances, `key` is a required field. + type: object + required: + - name + properties: + key: + description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. + type: string + name: + description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + cloudflare: + description: Use the Cloudflare API to manage DNS01 challenge records. + type: object + properties: + apiKeySecretRef: + description: 'API key to use to authenticate with Cloudflare. Note: using an API token to authenticate is now the recommended method as it allows greater control of permissions.' + type: object + required: + - name + properties: + key: + description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. + type: string + name: + description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + apiTokenSecretRef: + description: API token used to authenticate with Cloudflare. + type: object + required: + - name + properties: + key: + description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. + type: string + name: + description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + email: + description: Email of the account, only required when using API key based authentication. + type: string + cnameStrategy: + description: CNAMEStrategy configures how the DNS01 provider should handle CNAME records when found in DNS zones. + type: string + enum: + - None + - Follow + digitalocean: + description: Use the DigitalOcean DNS API to manage DNS01 challenge records. + type: object + required: + - tokenSecretRef + properties: + tokenSecretRef: + description: A reference to a specific 'key' within a Secret resource. In some instances, `key` is a required field. + type: object + required: + - name + properties: + key: + description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. + type: string + name: + description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + rfc2136: + description: Use RFC2136 ("Dynamic Updates in the Domain Name System") (https://datatracker.ietf.org/doc/rfc2136/) to manage DNS01 challenge records. + type: object + required: + - nameserver + properties: + nameserver: + description: The IP address or hostname of an authoritative DNS server supporting RFC2136 in the form host:port. If the host is an IPv6 address it must be enclosed in square brackets (e.g [2001:db8::1]) ; port is optional. This field is required. + type: string + tsigAlgorithm: + description: 'The TSIG Algorithm configured in the DNS supporting RFC2136. Used only when ``tsigSecretSecretRef`` and ``tsigKeyName`` are defined. Supported values are (case-insensitive): ``HMACMD5`` (default), ``HMACSHA1``, ``HMACSHA256`` or ``HMACSHA512``.' + type: string + tsigKeyName: + description: The TSIG Key name configured in the DNS. If ``tsigSecretSecretRef`` is defined, this field is required. + type: string + tsigSecretSecretRef: + description: The name of the secret containing the TSIG value. If ``tsigKeyName`` is defined, this field is required. + type: object + required: + - name + properties: + key: + description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. + type: string + name: + description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + route53: + description: Use the AWS Route53 API to manage DNS01 challenge records. + type: object + required: + - region + properties: + accessKeyID: + description: 'The AccessKeyID is used for authentication. Cannot be set when SecretAccessKeyID is set. If neither the Access Key nor Key ID are set, we fall-back to using env vars, shared credentials file or AWS Instance metadata, see: https://docs.aws.amazon.com/sdk-for-go/v1/developer-guide/configuring-sdk.html#specifying-credentials' + type: string + accessKeyIDSecretRef: + description: 'The SecretAccessKey is used for authentication. If set, pull the AWS access key ID from a key within a Kubernetes Secret. Cannot be set when AccessKeyID is set. If neither the Access Key nor Key ID are set, we fall-back to using env vars, shared credentials file or AWS Instance metadata, see: https://docs.aws.amazon.com/sdk-for-go/v1/developer-guide/configuring-sdk.html#specifying-credentials' + type: object + required: + - name + properties: + key: + description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. + type: string + name: + description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + hostedZoneID: + description: If set, the provider will manage only this zone in Route53 and will not do an lookup using the route53:ListHostedZonesByName api call. + type: string + region: + description: Always set the region when using AccessKeyID and SecretAccessKey + type: string + role: + description: Role is a Role ARN which the Route53 provider will assume using either the explicit credentials AccessKeyID/SecretAccessKey or the inferred credentials from environment variables, shared credentials file or AWS Instance metadata + type: string + secretAccessKeySecretRef: + description: 'The SecretAccessKey is used for authentication. If neither the Access Key nor Key ID are set, we fall-back to using env vars, shared credentials file or AWS Instance metadata, see: https://docs.aws.amazon.com/sdk-for-go/v1/developer-guide/configuring-sdk.html#specifying-credentials' + type: object + required: + - name + properties: + key: + description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. + type: string + name: + description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + webhook: + description: Configure an external webhook based DNS01 challenge solver to manage DNS01 challenge records. + type: object + required: + - groupName + - solverName + properties: + config: + description: Additional configuration that should be passed to the webhook apiserver when challenges are processed. This can contain arbitrary JSON data. Secret values should not be specified in this stanza. If secret values are needed (e.g. credentials for a DNS service), you should use a SecretKeySelector to reference a Secret resource. For details on the schema of this field, consult the webhook provider implementation's documentation. + x-kubernetes-preserve-unknown-fields: true + groupName: + description: The API group name that should be used when POSTing ChallengePayload resources to the webhook apiserver. This should be the same as the GroupName specified in the webhook provider implementation. + type: string + solverName: + description: The name of the solver to use, as defined in the webhook provider implementation. This will typically be the name of the provider, e.g. 'cloudflare'. + type: string + http01: + description: Configures cert-manager to attempt to complete authorizations by performing the HTTP01 challenge flow. It is not possible to obtain certificates for wildcard domain names (e.g. `*.example.com`) using the HTTP01 challenge mechanism. + type: object + properties: + gatewayHTTPRoute: + description: The Gateway API is a sig-network community API that models service networking in Kubernetes (https://gateway-api.sigs.k8s.io/). The Gateway solver will create HTTPRoutes with the specified labels in the same namespace as the challenge. This solver is experimental, and fields / behaviour may change in the future. + type: object + properties: + labels: + description: Custom labels that will be applied to HTTPRoutes created by cert-manager while solving HTTP-01 challenges. + type: object + additionalProperties: + type: string + parentRefs: + description: 'When solving an HTTP-01 challenge, cert-manager creates an HTTPRoute. cert-manager needs to know which parentRefs should be used when creating the HTTPRoute. Usually, the parentRef references a Gateway. See: https://gateway-api.sigs.k8s.io/api-types/httproute/#attaching-to-gateways' + type: array + items: + description: "ParentReference identifies an API object (usually a Gateway) that can be considered a parent of this resource (usually a route). There are two kinds of parent resources with \"Core\" support: \n * Gateway (Gateway conformance profile) * Service (Mesh conformance profile, experimental, ClusterIP Services only) \n This API may be extended in the future to support additional kinds of parent resources. \n The API object must be valid in the cluster; the Group and Kind must be registered in the cluster for this reference to be valid." + type: object + required: + - name + properties: + group: + description: "Group is the group of the referent. When unspecified, \"gateway.networking.k8s.io\" is inferred. To set the core API group (such as for a \"Service\" kind referent), Group must be explicitly set to \"\" (empty string). \n Support: Core" + type: string + default: gateway.networking.k8s.io + maxLength: 253 + pattern: ^$|^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ + kind: + description: "Kind is kind of the referent. \n There are two kinds of parent resources with \"Core\" support: \n * Gateway (Gateway conformance profile) * Service (Mesh conformance profile, experimental, ClusterIP Services only) \n Support for other resources is Implementation-Specific." + type: string + default: Gateway + maxLength: 63 + minLength: 1 + pattern: ^[a-zA-Z]([-a-zA-Z0-9]*[a-zA-Z0-9])?$ + name: + description: "Name is the name of the referent. \n Support: Core" + type: string + maxLength: 253 + minLength: 1 + namespace: + description: "Namespace is the namespace of the referent. When unspecified, this refers to the local namespace of the Route. \n Note that there are specific rules for ParentRefs which cross namespace boundaries. Cross-namespace references are only valid if they are explicitly allowed by something in the namespace they are referring to. For example: Gateway has the AllowedRoutes field, and ReferenceGrant provides a generic way to enable any other kind of cross-namespace reference. \n ParentRefs from a Route to a Service in the same namespace are \"producer\" routes, which apply default routing rules to inbound connections from any namespace to the Service. \n ParentRefs from a Route to a Service in a different namespace are \"consumer\" routes, and these routing rules are only applied to outbound connections originating from the same namespace as the Route, for which the intended destination of the connections are a Service targeted as a ParentRef of the Route. \n Support: Core" + type: string + maxLength: 63 + minLength: 1 + pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$ + port: + description: "Port is the network port this Route targets. It can be interpreted differently based on the type of parent resource. \n When the parent resource is a Gateway, this targets all listeners listening on the specified port that also support this kind of Route(and select this Route). It's not recommended to set `Port` unless the networking behaviors specified in a Route must apply to a specific port as opposed to a listener(s) whose port(s) may be changed. When both Port and SectionName are specified, the name and port of the selected listener must match both specified values. \n When the parent resource is a Service, this targets a specific port in the Service spec. When both Port (experimental) and SectionName are specified, the name and port of the selected port must match both specified values. \n Implementations MAY choose to support other parent resources. Implementations supporting other types of parent resources MUST clearly document how/if Port is interpreted. \n For the purpose of status, an attachment is considered successful as long as the parent resource accepts it partially. For example, Gateway listeners can restrict which Routes can attach to them by Route kind, namespace, or hostname. If 1 of 2 Gateway listeners accept attachment from the referencing Route, the Route MUST be considered successfully attached. If no Gateway listeners accept attachment from this Route, the Route MUST be considered detached from the Gateway. \n Support: Extended \n " + type: integer + format: int32 + maximum: 65535 + minimum: 1 + sectionName: + description: "SectionName is the name of a section within the target resource. In the following resources, SectionName is interpreted as the following: \n * Gateway: Listener Name. When both Port (experimental) and SectionName are specified, the name and port of the selected listener must match both specified values. * Service: Port Name. When both Port (experimental) and SectionName are specified, the name and port of the selected listener must match both specified values. Note that attaching Routes to Services as Parents is part of experimental Mesh support and is not supported for any other purpose. \n Implementations MAY choose to support attaching Routes to other resources. If that is the case, they MUST clearly document how SectionName is interpreted. \n When unspecified (empty string), this will reference the entire resource. For the purpose of status, an attachment is considered successful if at least one section in the parent resource accepts it. For example, Gateway listeners can restrict which Routes can attach to them by Route kind, namespace, or hostname. If 1 of 2 Gateway listeners accept attachment from the referencing Route, the Route MUST be considered successfully attached. If no Gateway listeners accept attachment from this Route, the Route MUST be considered detached from the Gateway. \n Support: Core" + type: string + maxLength: 253 + minLength: 1 + pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ + serviceType: + description: Optional service type for Kubernetes solver service. Supported values are NodePort or ClusterIP. If unset, defaults to NodePort. + type: string + ingress: + description: The ingress based HTTP01 challenge solver will solve challenges by creating or modifying Ingress resources in order to route requests for '/.well-known/acme-challenge/XYZ' to 'challenge solver' pods that are provisioned by cert-manager for each Challenge to be completed. + type: object + properties: + class: + description: This field configures the annotation `kubernetes.io/ingress.class` when creating Ingress resources to solve ACME challenges that use this challenge solver. Only one of `class`, `name` or `ingressClassName` may be specified. + type: string + ingressClassName: + description: This field configures the field `ingressClassName` on the created Ingress resources used to solve ACME challenges that use this challenge solver. This is the recommended way of configuring the ingress class. Only one of `class`, `name` or `ingressClassName` may be specified. + type: string + ingressTemplate: + description: Optional ingress template used to configure the ACME challenge solver ingress used for HTTP01 challenges. + type: object + properties: + metadata: + description: ObjectMeta overrides for the ingress used to solve HTTP01 challenges. Only the 'labels' and 'annotations' fields may be set. If labels or annotations overlap with in-built values, the values here will override the in-built values. + type: object + properties: + annotations: + description: Annotations that should be added to the created ACME HTTP01 solver ingress. + type: object + additionalProperties: + type: string + labels: + description: Labels that should be added to the created ACME HTTP01 solver ingress. + type: object + additionalProperties: + type: string + name: + description: The name of the ingress resource that should have ACME challenge solving routes inserted into it in order to solve HTTP01 challenges. This is typically used in conjunction with ingress controllers like ingress-gce, which maintains a 1:1 mapping between external IPs and ingress resources. Only one of `class`, `name` or `ingressClassName` may be specified. + type: string + podTemplate: + description: Optional pod template used to configure the ACME challenge solver pods used for HTTP01 challenges. + type: object + properties: + metadata: + description: ObjectMeta overrides for the pod used to solve HTTP01 challenges. Only the 'labels' and 'annotations' fields may be set. If labels or annotations overlap with in-built values, the values here will override the in-built values. + type: object + properties: + annotations: + description: Annotations that should be added to the create ACME HTTP01 solver pods. + type: object + additionalProperties: + type: string + labels: + description: Labels that should be added to the created ACME HTTP01 solver pods. + type: object + additionalProperties: + type: string + spec: + description: PodSpec defines overrides for the HTTP01 challenge solver pod. Check ACMEChallengeSolverHTTP01IngressPodSpec to find out currently supported fields. All other fields will be ignored. + type: object + properties: + affinity: + description: If specified, the pod's scheduling constraints + type: object + properties: + nodeAffinity: + description: Describes node affinity scheduling rules for the pod. + type: object + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node matches the corresponding matchExpressions; the node(s) with the highest sum are the most preferred. + type: array + items: + description: An empty preferred scheduling term matches all objects with implicit weight 0 (i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op). + type: object + required: + - preference + - weight + properties: + preference: + description: A node selector term, associated with the corresponding weight. + type: object + properties: + matchExpressions: + description: A list of node selector requirements by node's labels. + type: array + items: + description: A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + type: object + required: + - key + - operator + properties: + key: + description: The label key that the selector applies to. + type: string + operator: + description: Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + type: string + values: + description: An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. + type: array + items: + type: string + matchFields: + description: A list of node selector requirements by node's fields. + type: array + items: + description: A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + type: object + required: + - key + - operator + properties: + key: + description: The label key that the selector applies to. + type: string + operator: + description: Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + type: string + values: + description: An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. + type: array + items: + type: string + x-kubernetes-map-type: atomic + weight: + description: Weight associated with matching the corresponding nodeSelectorTerm, in the range 1-100. + type: integer + format: int32 + requiredDuringSchedulingIgnoredDuringExecution: + description: If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to an update), the system may or may not try to eventually evict the pod from its node. + type: object + required: + - nodeSelectorTerms + properties: + nodeSelectorTerms: + description: Required. A list of node selector terms. The terms are ORed. + type: array + items: + description: A null or empty node selector term matches no objects. The requirements of them are ANDed. The TopologySelectorTerm type implements a subset of the NodeSelectorTerm. + type: object + properties: + matchExpressions: + description: A list of node selector requirements by node's labels. + type: array + items: + description: A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + type: object + required: + - key + - operator + properties: + key: + description: The label key that the selector applies to. + type: string + operator: + description: Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + type: string + values: + description: An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. + type: array + items: + type: string + matchFields: + description: A list of node selector requirements by node's fields. + type: array + items: + description: A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + type: object + required: + - key + - operator + properties: + key: + description: The label key that the selector applies to. + type: string + operator: + description: Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + type: string + values: + description: An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. + type: array + items: + type: string + x-kubernetes-map-type: atomic + x-kubernetes-map-type: atomic + podAffinity: + description: Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s)). + type: object + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred. + type: array + items: + description: The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s) + type: object + required: + - podAffinityTerm + - weight + properties: + podAffinityTerm: + description: Required. A pod affinity term, associated with the corresponding weight. + type: object + required: + - topologyKey + properties: + labelSelector: + description: A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. + type: object + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. The requirements are ANDed. + type: array + items: + description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + type: object + required: + - key + - operator + properties: + key: + description: key is the label key that the selector applies to. + type: string + operator: + description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + type: array + items: + type: string + matchLabels: + description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + additionalProperties: + type: string + x-kubernetes-map-type: atomic + matchLabelKeys: + description: MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + type: array + items: + type: string + x-kubernetes-list-type: atomic + mismatchLabelKeys: + description: MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + type: array + items: + type: string + x-kubernetes-list-type: atomic + namespaceSelector: + description: A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. + type: object + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. The requirements are ANDed. + type: array + items: + description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + type: object + required: + - key + - operator + properties: + key: + description: key is the label key that the selector applies to. + type: string + operator: + description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + type: array + items: + type: string + matchLabels: + description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + additionalProperties: + type: string + x-kubernetes-map-type: atomic + namespaces: + description: namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace". + type: array + items: + type: string + topologyKey: + description: This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. + type: string + weight: + description: weight associated with matching the corresponding podAffinityTerm, in the range 1-100. + type: integer + format: int32 + requiredDuringSchedulingIgnoredDuringExecution: + description: If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied. + type: array + items: + description: Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running + type: object + required: + - topologyKey + properties: + labelSelector: + description: A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. + type: object + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. The requirements are ANDed. + type: array + items: + description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + type: object + required: + - key + - operator + properties: + key: + description: key is the label key that the selector applies to. + type: string + operator: + description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + type: array + items: + type: string + matchLabels: + description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + additionalProperties: + type: string + x-kubernetes-map-type: atomic + matchLabelKeys: + description: MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + type: array + items: + type: string + x-kubernetes-list-type: atomic + mismatchLabelKeys: + description: MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + type: array + items: + type: string + x-kubernetes-list-type: atomic + namespaceSelector: + description: A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. + type: object + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. The requirements are ANDed. + type: array + items: + description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + type: object + required: + - key + - operator + properties: + key: + description: key is the label key that the selector applies to. + type: string + operator: + description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + type: array + items: + type: string + matchLabels: + description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + additionalProperties: + type: string + x-kubernetes-map-type: atomic + namespaces: + description: namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace". + type: array + items: + type: string + topologyKey: + description: This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. + type: string + podAntiAffinity: + description: Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s)). + type: object + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule pods to nodes that satisfy the anti-affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling anti-affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred. + type: array + items: + description: The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s) + type: object + required: + - podAffinityTerm + - weight + properties: + podAffinityTerm: + description: Required. A pod affinity term, associated with the corresponding weight. + type: object + required: + - topologyKey + properties: + labelSelector: + description: A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. + type: object + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. The requirements are ANDed. + type: array + items: + description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + type: object + required: + - key + - operator + properties: + key: + description: key is the label key that the selector applies to. + type: string + operator: + description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + type: array + items: + type: string + matchLabels: + description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + additionalProperties: + type: string + x-kubernetes-map-type: atomic + matchLabelKeys: + description: MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + type: array + items: + type: string + x-kubernetes-list-type: atomic + mismatchLabelKeys: + description: MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + type: array + items: + type: string + x-kubernetes-list-type: atomic + namespaceSelector: + description: A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. + type: object + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. The requirements are ANDed. + type: array + items: + description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + type: object + required: + - key + - operator + properties: + key: + description: key is the label key that the selector applies to. + type: string + operator: + description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + type: array + items: + type: string + matchLabels: + description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + additionalProperties: + type: string + x-kubernetes-map-type: atomic + namespaces: + description: namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace". + type: array + items: + type: string + topologyKey: + description: This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. + type: string + weight: + description: weight associated with matching the corresponding podAffinityTerm, in the range 1-100. + type: integer + format: int32 + requiredDuringSchedulingIgnoredDuringExecution: + description: If the anti-affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the anti-affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied. + type: array + items: + description: Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running + type: object + required: + - topologyKey + properties: + labelSelector: + description: A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. + type: object + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. The requirements are ANDed. + type: array + items: + description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + type: object + required: + - key + - operator + properties: + key: + description: key is the label key that the selector applies to. + type: string + operator: + description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + type: array + items: + type: string + matchLabels: + description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + additionalProperties: + type: string + x-kubernetes-map-type: atomic + matchLabelKeys: + description: MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + type: array + items: + type: string + x-kubernetes-list-type: atomic + mismatchLabelKeys: + description: MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + type: array + items: + type: string + x-kubernetes-list-type: atomic + namespaceSelector: + description: A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. + type: object + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. The requirements are ANDed. + type: array + items: + description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + type: object + required: + - key + - operator + properties: + key: + description: key is the label key that the selector applies to. + type: string + operator: + description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + type: array + items: + type: string + matchLabels: + description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + additionalProperties: + type: string + x-kubernetes-map-type: atomic + namespaces: + description: namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace". + type: array + items: + type: string + topologyKey: + description: This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. + type: string + imagePullSecrets: + description: If specified, the pod's imagePullSecrets + type: array + items: + description: LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. + type: object + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + x-kubernetes-map-type: atomic + nodeSelector: + description: 'NodeSelector is a selector which must be true for the pod to fit on a node. Selector which must match a node''s labels for the pod to be scheduled on that node. More info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/' + type: object + additionalProperties: + type: string + priorityClassName: + description: If specified, the pod's priorityClassName. + type: string + serviceAccountName: + description: If specified, the pod's service account + type: string + tolerations: + description: If specified, the pod's tolerations. + type: array + items: + description: The pod this Toleration is attached to tolerates any taint that matches the triple using the matching operator . + type: object + properties: + effect: + description: Effect indicates the taint effect to match. Empty means match all taint effects. When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. + type: string + key: + description: Key is the taint key that the toleration applies to. Empty means match all taint keys. If the key is empty, operator must be Exists; this combination means to match all values and all keys. + type: string + operator: + description: Operator represents a key's relationship to the value. Valid operators are Exists and Equal. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category. + type: string + tolerationSeconds: + description: TolerationSeconds represents the period of time the toleration (which must be of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, it is not set, which means tolerate the taint forever (do not evict). Zero and negative values will be treated as 0 (evict immediately) by the system. + type: integer + format: int64 + value: + description: Value is the taint value the toleration matches to. If the operator is Exists, the value should be empty, otherwise just a regular string. + type: string + serviceType: + description: Optional service type for Kubernetes solver service. Supported values are NodePort or ClusterIP. If unset, defaults to NodePort. + type: string + selector: + description: Selector selects a set of DNSNames on the Certificate resource that should be solved using this challenge solver. If not specified, the solver will be treated as the 'default' solver with the lowest priority, i.e. if any other solver has a more specific match, it will be used instead. + type: object + properties: + dnsNames: + description: List of DNSNames that this solver will be used to solve. If specified and a match is found, a dnsNames selector will take precedence over a dnsZones selector. If multiple solvers match with the same dnsNames value, the solver with the most matching labels in matchLabels will be selected. If neither has more matches, the solver defined earlier in the list will be selected. + type: array + items: + type: string + dnsZones: + description: List of DNSZones that this solver will be used to solve. The most specific DNS zone match specified here will take precedence over other DNS zone matches, so a solver specifying sys.example.com will be selected over one specifying example.com for the domain www.sys.example.com. If multiple solvers match with the same dnsZones value, the solver with the most matching labels in matchLabels will be selected. If neither has more matches, the solver defined earlier in the list will be selected. + type: array + items: + type: string + matchLabels: + description: A label selector that is used to refine the set of certificate's that this challenge solver will apply to. + type: object + additionalProperties: + type: string + ca: + description: CA configures this issuer to sign certificates using a signing CA keypair stored in a Secret resource. This is used to build internal PKIs that are managed by cert-manager. + type: object + required: + - secretName + properties: + crlDistributionPoints: + description: The CRL distribution points is an X.509 v3 certificate extension which identifies the location of the CRL from which the revocation of this certificate can be checked. If not set, certificates will be issued without distribution points set. + type: array + items: + type: string + issuingCertificateURLs: + description: IssuingCertificateURLs is a list of URLs which this issuer should embed into certificates it creates. See https://www.rfc-editor.org/rfc/rfc5280#section-4.2.2.1 for more details. As an example, such a URL might be "http://ca.domain.com/ca.crt". + type: array + items: + type: string + ocspServers: + description: The OCSP server list is an X.509 v3 extension that defines a list of URLs of OCSP responders. The OCSP responders can be queried for the revocation status of an issued certificate. If not set, the certificate will be issued with no OCSP servers set. For example, an OCSP server URL could be "http://ocsp.int-x3.letsencrypt.org". + type: array + items: + type: string + secretName: + description: SecretName is the name of the secret used to sign Certificates issued by this Issuer. + type: string + selfSigned: + description: SelfSigned configures this issuer to 'self sign' certificates using the private key used to create the CertificateRequest object. + type: object + properties: + crlDistributionPoints: + description: The CRL distribution points is an X.509 v3 certificate extension which identifies the location of the CRL from which the revocation of this certificate can be checked. If not set certificate will be issued without CDP. Values are strings. + type: array + items: + type: string + vault: + description: Vault configures this issuer to sign certificates using a HashiCorp Vault PKI backend. + type: object + required: + - auth + - path + - server + properties: + auth: + description: Auth configures how cert-manager authenticates with the Vault server. + type: object + properties: + appRole: + description: AppRole authenticates with Vault using the App Role auth mechanism, with the role and secret stored in a Kubernetes Secret resource. + type: object + required: + - path + - roleId + - secretRef + properties: + path: + description: 'Path where the App Role authentication backend is mounted in Vault, e.g: "approle"' + type: string + roleId: + description: RoleID configured in the App Role authentication backend when setting up the authentication backend in Vault. + type: string + secretRef: + description: Reference to a key in a Secret that contains the App Role secret used to authenticate with Vault. The `key` field must be specified and denotes which entry within the Secret resource is used as the app role secret. + type: object + required: + - name + properties: + key: + description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. + type: string + name: + description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + kubernetes: + description: Kubernetes authenticates with Vault by passing the ServiceAccount token stored in the named Secret resource to the Vault server. + type: object + required: + - role + properties: + mountPath: + description: The Vault mountPath here is the mount path to use when authenticating with Vault. For example, setting a value to `/v1/auth/foo`, will use the path `/v1/auth/foo/login` to authenticate with Vault. If unspecified, the default value "/v1/auth/kubernetes" will be used. + type: string + role: + description: A required field containing the Vault Role to assume. A Role binds a Kubernetes ServiceAccount with a set of Vault policies. + type: string + secretRef: + description: The required Secret field containing a Kubernetes ServiceAccount JWT used for authenticating with Vault. Use of 'ambient credentials' is not supported. + type: object + required: + - name + properties: + key: + description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. + type: string + name: + description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + serviceAccountRef: + description: A reference to a service account that will be used to request a bound token (also known as "projected token"). Compared to using "secretRef", using this field means that you don't rely on statically bound tokens. To use this field, you must configure an RBAC rule to let cert-manager request a token. + type: object + required: + - name + properties: + name: + description: Name of the ServiceAccount used to request a token. + type: string + tokenSecretRef: + description: TokenSecretRef authenticates with Vault by presenting a token. + type: object + required: + - name + properties: + key: + description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. + type: string + name: + description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + caBundle: + description: Base64-encoded bundle of PEM CAs which will be used to validate the certificate chain presented by Vault. Only used if using HTTPS to connect to Vault and ignored for HTTP connections. Mutually exclusive with CABundleSecretRef. If neither CABundle nor CABundleSecretRef are defined, the certificate bundle in the cert-manager controller container is used to validate the TLS connection. + type: string + format: byte + caBundleSecretRef: + description: Reference to a Secret containing a bundle of PEM-encoded CAs to use when verifying the certificate chain presented by Vault when using HTTPS. Mutually exclusive with CABundle. If neither CABundle nor CABundleSecretRef are defined, the certificate bundle in the cert-manager controller container is used to validate the TLS connection. If no key for the Secret is specified, cert-manager will default to 'ca.crt'. + type: object + required: + - name + properties: + key: + description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. + type: string + name: + description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Name of the vault namespace. Namespaces is a set of features within Vault Enterprise that allows Vault environments to support Secure Multi-tenancy. e.g: "ns1" More about namespaces can be found here https://www.vaultproject.io/docs/enterprise/namespaces' + type: string + path: + description: 'Path is the mount path of the Vault PKI backend''s `sign` endpoint, e.g: "my_pki_mount/sign/my-role-name".' + type: string + server: + description: 'Server is the connection address for the Vault server, e.g: "https://vault.example.com:8200".' + type: string + venafi: + description: Venafi configures this issuer to sign certificates using a Venafi TPP or Venafi Cloud policy zone. + type: object + required: + - zone + properties: + cloud: + description: Cloud specifies the Venafi cloud configuration settings. Only one of TPP or Cloud may be specified. + type: object + required: + - apiTokenSecretRef + properties: + apiTokenSecretRef: + description: APITokenSecretRef is a secret key selector for the Venafi Cloud API token. + type: object + required: + - name + properties: + key: + description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. + type: string + name: + description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + url: + description: URL is the base URL for Venafi Cloud. Defaults to "https://api.venafi.cloud/v1". + type: string + tpp: + description: TPP specifies Trust Protection Platform configuration settings. Only one of TPP or Cloud may be specified. + type: object + required: + - credentialsRef + - url + properties: + caBundle: + description: Base64-encoded bundle of PEM CAs which will be used to validate the certificate chain presented by the TPP server. Only used if using HTTPS; ignored for HTTP. If undefined, the certificate bundle in the cert-manager controller container is used to validate the chain. + type: string + format: byte + credentialsRef: + description: CredentialsRef is a reference to a Secret containing the username and password for the TPP server. The secret must contain two keys, 'username' and 'password'. + type: object + required: + - name + properties: + name: + description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + url: + description: 'URL is the base URL for the vedsdk endpoint of the Venafi TPP instance, for example: "https://tpp.example.com/vedsdk".' + type: string + zone: + description: Zone is the Venafi Policy Zone to use for this issuer. All requests made to the Venafi platform will be restricted by the named zone policy. This field is required. + type: string + status: + description: Status of the Issuer. This is set and managed automatically. + type: object + properties: + acme: + description: ACME specific status options. This field should only be set if the Issuer is configured to use an ACME server to issue certificates. + type: object + properties: + lastPrivateKeyHash: + description: LastPrivateKeyHash is a hash of the private key associated with the latest registered ACME account, in order to track changes made to registered account associated with the Issuer + type: string + lastRegisteredEmail: + description: LastRegisteredEmail is the email associated with the latest registered ACME account, in order to track changes made to registered account associated with the Issuer + type: string + uri: + description: URI is the unique account identifier, which can also be used to retrieve account details from the CA + type: string + conditions: + description: List of status conditions to indicate the status of a CertificateRequest. Known condition types are `Ready`. + type: array + items: + description: IssuerCondition contains condition information for an Issuer. + type: object + required: + - status + - type + properties: + lastTransitionTime: + description: LastTransitionTime is the timestamp corresponding to the last status change of this condition. + type: string + format: date-time + message: + description: Message is a human readable description of the details of the last transition, complementing reason. + type: string + observedGeneration: + description: If set, this represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.condition[x].observedGeneration is 9, the condition is out of date with respect to the current state of the Issuer. + type: integer + format: int64 + reason: + description: Reason is a brief machine readable explanation for the condition's last transition. + type: string + status: + description: Status of the condition, one of (`True`, `False`, `Unknown`). + type: string + enum: + - "True" + - "False" + - Unknown + type: + description: Type of the condition, known values are (`Ready`). + type: string + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map + served: true + storage: true +--- +# Source: cert-manager/templates/crds.yaml +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: orders.acme.cert-manager.io + labels: + app: 'cert-manager' + app.kubernetes.io/name: 'cert-manager' + app.kubernetes.io/instance: 'cert-manager' + # Generated labels + app.kubernetes.io/version: "v1.14.1" +spec: + group: acme.cert-manager.io + names: + kind: Order + listKind: OrderList + plural: orders + singular: order + categories: + - cert-manager + - cert-manager-acme + scope: Namespaced + versions: + - name: v1 + subresources: + status: {} + additionalPrinterColumns: + - jsonPath: .status.state + name: State + type: string + - jsonPath: .spec.issuerRef.name + name: Issuer + priority: 1 + type: string + - jsonPath: .status.reason + name: Reason + priority: 1 + type: string + - jsonPath: .metadata.creationTimestamp + description: CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC. + name: Age + type: date + schema: + openAPIV3Schema: + description: Order is a type to represent an Order with an ACME server + type: object + required: + - metadata + - spec + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + type: object + required: + - issuerRef + - request + properties: + commonName: + description: CommonName is the common name as specified on the DER encoded CSR. If specified, this value must also be present in `dnsNames` or `ipAddresses`. This field must match the corresponding field on the DER encoded CSR. + type: string + dnsNames: + description: DNSNames is a list of DNS names that should be included as part of the Order validation process. This field must match the corresponding field on the DER encoded CSR. + type: array + items: + type: string + duration: + description: Duration is the duration for the not after date for the requested certificate. this is set on order creation as pe the ACME spec. + type: string + ipAddresses: + description: IPAddresses is a list of IP addresses that should be included as part of the Order validation process. This field must match the corresponding field on the DER encoded CSR. + type: array + items: + type: string + issuerRef: + description: IssuerRef references a properly configured ACME-type Issuer which should be used to create this Order. If the Issuer does not exist, processing will be retried. If the Issuer is not an 'ACME' Issuer, an error will be returned and the Order will be marked as failed. + type: object + required: + - name + properties: + group: + description: Group of the resource being referred to. + type: string + kind: + description: Kind of the resource being referred to. + type: string + name: + description: Name of the resource being referred to. + type: string + request: + description: Certificate signing request bytes in DER encoding. This will be used when finalizing the order. This field must be set on the order. + type: string + format: byte + status: + type: object + properties: + authorizations: + description: Authorizations contains data returned from the ACME server on what authorizations must be completed in order to validate the DNS names specified on the Order. + type: array + items: + description: ACMEAuthorization contains data returned from the ACME server on an authorization that must be completed in order validate a DNS name on an ACME Order resource. + type: object + required: + - url + properties: + challenges: + description: Challenges specifies the challenge types offered by the ACME server. One of these challenge types will be selected when validating the DNS name and an appropriate Challenge resource will be created to perform the ACME challenge process. + type: array + items: + description: Challenge specifies a challenge offered by the ACME server for an Order. An appropriate Challenge resource can be created to perform the ACME challenge process. + type: object + required: + - token + - type + - url + properties: + token: + description: Token is the token that must be presented for this challenge. This is used to compute the 'key' that must also be presented. + type: string + type: + description: Type is the type of challenge being offered, e.g. 'http-01', 'dns-01', 'tls-sni-01', etc. This is the raw value retrieved from the ACME server. Only 'http-01' and 'dns-01' are supported by cert-manager, other values will be ignored. + type: string + url: + description: URL is the URL of this challenge. It can be used to retrieve additional metadata about the Challenge from the ACME server. + type: string + identifier: + description: Identifier is the DNS name to be validated as part of this authorization + type: string + initialState: + description: InitialState is the initial state of the ACME authorization when first fetched from the ACME server. If an Authorization is already 'valid', the Order controller will not create a Challenge resource for the authorization. This will occur when working with an ACME server that enables 'authz reuse' (such as Let's Encrypt's production endpoint). If not set and 'identifier' is set, the state is assumed to be pending and a Challenge will be created. + type: string + enum: + - valid + - ready + - pending + - processing + - invalid + - expired + - errored + url: + description: URL is the URL of the Authorization that must be completed + type: string + wildcard: + description: Wildcard will be true if this authorization is for a wildcard DNS name. If this is true, the identifier will be the *non-wildcard* version of the DNS name. For example, if '*.example.com' is the DNS name being validated, this field will be 'true' and the 'identifier' field will be 'example.com'. + type: boolean + certificate: + description: Certificate is a copy of the PEM encoded certificate for this Order. This field will be populated after the order has been successfully finalized with the ACME server, and the order has transitioned to the 'valid' state. + type: string + format: byte + failureTime: + description: FailureTime stores the time that this order failed. This is used to influence garbage collection and back-off. + type: string + format: date-time + finalizeURL: + description: FinalizeURL of the Order. This is used to obtain certificates for this order once it has been completed. + type: string + reason: + description: Reason optionally provides more information about a why the order is in the current state. + type: string + state: + description: State contains the current state of this Order resource. States 'success' and 'expired' are 'final' + type: string + enum: + - valid + - ready + - pending + - processing + - invalid + - expired + - errored + url: + description: URL of the Order. This will initially be empty when the resource is first created. The Order controller will populate this field when the Order is first processed. This field will be immutable after it is initially set. + type: string + served: true + storage: true +--- +# Source: cert-manager/templates/cainjector-serviceaccount.yaml +apiVersion: v1 +kind: ServiceAccount +automountServiceAccountToken: true +metadata: + name: cert-manager-cainjector + namespace: cert-manager + labels: + app: cainjector + app.kubernetes.io/name: cainjector + app.kubernetes.io/instance: cert-manager + app.kubernetes.io/component: "cainjector" + app.kubernetes.io/version: "v1.14.1" +--- +# Source: cert-manager/templates/serviceaccount.yaml +apiVersion: v1 +kind: ServiceAccount +automountServiceAccountToken: true +metadata: + name: cert-manager + namespace: cert-manager + labels: + app: cert-manager + app.kubernetes.io/name: cert-manager + app.kubernetes.io/instance: cert-manager + app.kubernetes.io/component: "controller" + app.kubernetes.io/version: "v1.14.1" +--- +# Source: cert-manager/templates/webhook-serviceaccount.yaml +apiVersion: v1 +kind: ServiceAccount +automountServiceAccountToken: true +metadata: + name: cert-manager-webhook + namespace: cert-manager + labels: + app: webhook + app.kubernetes.io/name: webhook + app.kubernetes.io/instance: cert-manager + app.kubernetes.io/component: "webhook" + app.kubernetes.io/version: "v1.14.1" +--- +# Source: cert-manager/templates/cainjector-rbac.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: cert-manager-cainjector + labels: + app: cainjector + app.kubernetes.io/name: cainjector + app.kubernetes.io/instance: cert-manager + app.kubernetes.io/component: "cainjector" + app.kubernetes.io/version: "v1.14.1" +rules: + - apiGroups: ["cert-manager.io"] + resources: ["certificates"] + verbs: ["get", "list", "watch"] + - apiGroups: [""] + resources: ["secrets"] + verbs: ["get", "list", "watch"] + - apiGroups: [""] + resources: ["events"] + verbs: ["get", "create", "update", "patch"] + - apiGroups: ["admissionregistration.k8s.io"] + resources: ["validatingwebhookconfigurations", "mutatingwebhookconfigurations"] + verbs: ["get", "list", "watch", "update", "patch"] + - apiGroups: ["apiregistration.k8s.io"] + resources: ["apiservices"] + verbs: ["get", "list", "watch", "update", "patch"] + - apiGroups: ["apiextensions.k8s.io"] + resources: ["customresourcedefinitions"] + verbs: ["get", "list", "watch", "update", "patch"] +--- +# Source: cert-manager/templates/rbac.yaml +# Issuer controller role +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: cert-manager-controller-issuers + labels: + app: cert-manager + app.kubernetes.io/name: cert-manager + app.kubernetes.io/instance: cert-manager + app.kubernetes.io/component: "controller" + app.kubernetes.io/version: "v1.14.1" +rules: + - apiGroups: ["cert-manager.io"] + resources: ["issuers", "issuers/status"] + verbs: ["update", "patch"] + - apiGroups: ["cert-manager.io"] + resources: ["issuers"] + verbs: ["get", "list", "watch"] + - apiGroups: [""] + resources: ["secrets"] + verbs: ["get", "list", "watch", "create", "update", "delete"] + - apiGroups: [""] + resources: ["events"] + verbs: ["create", "patch"] +--- +# Source: cert-manager/templates/rbac.yaml +# ClusterIssuer controller role +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: cert-manager-controller-clusterissuers + labels: + app: cert-manager + app.kubernetes.io/name: cert-manager + app.kubernetes.io/instance: cert-manager + app.kubernetes.io/component: "controller" + app.kubernetes.io/version: "v1.14.1" +rules: + - apiGroups: ["cert-manager.io"] + resources: ["clusterissuers", "clusterissuers/status"] + verbs: ["update", "patch"] + - apiGroups: ["cert-manager.io"] + resources: ["clusterissuers"] + verbs: ["get", "list", "watch"] + - apiGroups: [""] + resources: ["secrets"] + verbs: ["get", "list", "watch", "create", "update", "delete"] + - apiGroups: [""] + resources: ["events"] + verbs: ["create", "patch"] +--- +# Source: cert-manager/templates/rbac.yaml +# Certificates controller role +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: cert-manager-controller-certificates + labels: + app: cert-manager + app.kubernetes.io/name: cert-manager + app.kubernetes.io/instance: cert-manager + app.kubernetes.io/component: "controller" + app.kubernetes.io/version: "v1.14.1" +rules: + - apiGroups: ["cert-manager.io"] + resources: ["certificates", "certificates/status", "certificaterequests", "certificaterequests/status"] + verbs: ["update", "patch"] + - apiGroups: ["cert-manager.io"] + resources: ["certificates", "certificaterequests", "clusterissuers", "issuers"] + verbs: ["get", "list", "watch"] + # We require these rules to support users with the OwnerReferencesPermissionEnforcement + # admission controller enabled: + # https://kubernetes.io/docs/reference/access-authn-authz/admission-controllers/#ownerreferencespermissionenforcement + - apiGroups: ["cert-manager.io"] + resources: ["certificates/finalizers", "certificaterequests/finalizers"] + verbs: ["update"] + - apiGroups: ["acme.cert-manager.io"] + resources: ["orders"] + verbs: ["create", "delete", "get", "list", "watch"] + - apiGroups: [""] + resources: ["secrets"] + verbs: ["get", "list", "watch", "create", "update", "delete", "patch"] + - apiGroups: [""] + resources: ["events"] + verbs: ["create", "patch"] +--- +# Source: cert-manager/templates/rbac.yaml +# Orders controller role +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: cert-manager-controller-orders + labels: + app: cert-manager + app.kubernetes.io/name: cert-manager + app.kubernetes.io/instance: cert-manager + app.kubernetes.io/component: "controller" + app.kubernetes.io/version: "v1.14.1" +rules: + - apiGroups: ["acme.cert-manager.io"] + resources: ["orders", "orders/status"] + verbs: ["update", "patch"] + - apiGroups: ["acme.cert-manager.io"] + resources: ["orders", "challenges"] + verbs: ["get", "list", "watch"] + - apiGroups: ["cert-manager.io"] + resources: ["clusterissuers", "issuers"] + verbs: ["get", "list", "watch"] + - apiGroups: ["acme.cert-manager.io"] + resources: ["challenges"] + verbs: ["create", "delete"] + # We require these rules to support users with the OwnerReferencesPermissionEnforcement + # admission controller enabled: + # https://kubernetes.io/docs/reference/access-authn-authz/admission-controllers/#ownerreferencespermissionenforcement + - apiGroups: ["acme.cert-manager.io"] + resources: ["orders/finalizers"] + verbs: ["update"] + - apiGroups: [""] + resources: ["secrets"] + verbs: ["get", "list", "watch"] + - apiGroups: [""] + resources: ["events"] + verbs: ["create", "patch"] +--- +# Source: cert-manager/templates/rbac.yaml +# Challenges controller role +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: cert-manager-controller-challenges + labels: + app: cert-manager + app.kubernetes.io/name: cert-manager + app.kubernetes.io/instance: cert-manager + app.kubernetes.io/component: "controller" + app.kubernetes.io/version: "v1.14.1" +rules: + # Use to update challenge resource status + - apiGroups: ["acme.cert-manager.io"] + resources: ["challenges", "challenges/status"] + verbs: ["update", "patch"] + # Used to watch challenge resources + - apiGroups: ["acme.cert-manager.io"] + resources: ["challenges"] + verbs: ["get", "list", "watch"] + # Used to watch challenges, issuer and clusterissuer resources + - apiGroups: ["cert-manager.io"] + resources: ["issuers", "clusterissuers"] + verbs: ["get", "list", "watch"] + # Need to be able to retrieve ACME account private key to complete challenges + - apiGroups: [""] + resources: ["secrets"] + verbs: ["get", "list", "watch"] + # Used to create events + - apiGroups: [""] + resources: ["events"] + verbs: ["create", "patch"] + # HTTP01 rules + - apiGroups: [""] + resources: ["pods", "services"] + verbs: ["get", "list", "watch", "create", "delete"] + - apiGroups: ["networking.k8s.io"] + resources: ["ingresses"] + verbs: ["get", "list", "watch", "create", "delete", "update"] + - apiGroups: [ "gateway.networking.k8s.io" ] + resources: [ "httproutes" ] + verbs: ["get", "list", "watch", "create", "delete", "update"] + # We require the ability to specify a custom hostname when we are creating + # new ingress resources. + # See: https://github.com/openshift/origin/blob/21f191775636f9acadb44fa42beeb4f75b255532/pkg/route/apiserver/admission/ingress_admission.go#L84-L148 + - apiGroups: ["route.openshift.io"] + resources: ["routes/custom-host"] + verbs: ["create"] + # We require these rules to support users with the OwnerReferencesPermissionEnforcement + # admission controller enabled: + # https://kubernetes.io/docs/reference/access-authn-authz/admission-controllers/#ownerreferencespermissionenforcement + - apiGroups: ["acme.cert-manager.io"] + resources: ["challenges/finalizers"] + verbs: ["update"] + # DNS01 rules (duplicated above) + - apiGroups: [""] + resources: ["secrets"] + verbs: ["get", "list", "watch"] +--- +# Source: cert-manager/templates/rbac.yaml +# ingress-shim controller role +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: cert-manager-controller-ingress-shim + labels: + app: cert-manager + app.kubernetes.io/name: cert-manager + app.kubernetes.io/instance: cert-manager + app.kubernetes.io/component: "controller" + app.kubernetes.io/version: "v1.14.1" +rules: + - apiGroups: ["cert-manager.io"] + resources: ["certificates", "certificaterequests"] + verbs: ["create", "update", "delete"] + - apiGroups: ["cert-manager.io"] + resources: ["certificates", "certificaterequests", "issuers", "clusterissuers"] + verbs: ["get", "list", "watch"] + - apiGroups: ["networking.k8s.io"] + resources: ["ingresses"] + verbs: ["get", "list", "watch"] + # We require these rules to support users with the OwnerReferencesPermissionEnforcement + # admission controller enabled: + # https://kubernetes.io/docs/reference/access-authn-authz/admission-controllers/#ownerreferencespermissionenforcement + - apiGroups: ["networking.k8s.io"] + resources: ["ingresses/finalizers"] + verbs: ["update"] + - apiGroups: ["gateway.networking.k8s.io"] + resources: ["gateways", "httproutes"] + verbs: ["get", "list", "watch"] + - apiGroups: ["gateway.networking.k8s.io"] + resources: ["gateways/finalizers", "httproutes/finalizers"] + verbs: ["update"] + - apiGroups: [""] + resources: ["events"] + verbs: ["create", "patch"] +--- +# Source: cert-manager/templates/rbac.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: cert-manager-cluster-view + labels: + app: cert-manager + app.kubernetes.io/name: cert-manager + app.kubernetes.io/instance: cert-manager + app.kubernetes.io/component: "controller" + app.kubernetes.io/version: "v1.14.1" + rbac.authorization.k8s.io/aggregate-to-cluster-reader: "true" +rules: + - apiGroups: ["cert-manager.io"] + resources: ["clusterissuers"] + verbs: ["get", "list", "watch"] +--- +# Source: cert-manager/templates/rbac.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: cert-manager-view + labels: + app: cert-manager + app.kubernetes.io/name: cert-manager + app.kubernetes.io/instance: cert-manager + app.kubernetes.io/component: "controller" + app.kubernetes.io/version: "v1.14.1" + rbac.authorization.k8s.io/aggregate-to-view: "true" + rbac.authorization.k8s.io/aggregate-to-edit: "true" + rbac.authorization.k8s.io/aggregate-to-admin: "true" + rbac.authorization.k8s.io/aggregate-to-cluster-reader: "true" +rules: + - apiGroups: ["cert-manager.io"] + resources: ["certificates", "certificaterequests", "issuers"] + verbs: ["get", "list", "watch"] + - apiGroups: ["acme.cert-manager.io"] + resources: ["challenges", "orders"] + verbs: ["get", "list", "watch"] +--- +# Source: cert-manager/templates/rbac.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: cert-manager-edit + labels: + app: cert-manager + app.kubernetes.io/name: cert-manager + app.kubernetes.io/instance: cert-manager + app.kubernetes.io/component: "controller" + app.kubernetes.io/version: "v1.14.1" + rbac.authorization.k8s.io/aggregate-to-edit: "true" + rbac.authorization.k8s.io/aggregate-to-admin: "true" +rules: + - apiGroups: ["cert-manager.io"] + resources: ["certificates", "certificaterequests", "issuers"] + verbs: ["create", "delete", "deletecollection", "patch", "update"] + - apiGroups: ["cert-manager.io"] + resources: ["certificates/status"] + verbs: ["update"] + - apiGroups: ["acme.cert-manager.io"] + resources: ["challenges", "orders"] + verbs: ["create", "delete", "deletecollection", "patch", "update"] +--- +# Source: cert-manager/templates/rbac.yaml +# Permission to approve CertificateRequests referencing cert-manager.io Issuers and ClusterIssuers +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: cert-manager-controller-approve:cert-manager-io + labels: + app: cert-manager + app.kubernetes.io/name: cert-manager + app.kubernetes.io/instance: cert-manager + app.kubernetes.io/component: "cert-manager" + app.kubernetes.io/version: "v1.14.1" +rules: + - apiGroups: ["cert-manager.io"] + resources: ["signers"] + verbs: ["approve"] + resourceNames: ["issuers.cert-manager.io/*", "clusterissuers.cert-manager.io/*"] +--- +# Source: cert-manager/templates/rbac.yaml +# Permission to: +# - Update and sign CertificatSigningeRequests referencing cert-manager.io Issuers and ClusterIssuers +# - Perform SubjectAccessReviews to test whether users are able to reference Namespaced Issuers +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: cert-manager-controller-certificatesigningrequests + labels: + app: cert-manager + app.kubernetes.io/name: cert-manager + app.kubernetes.io/instance: cert-manager + app.kubernetes.io/component: "cert-manager" + app.kubernetes.io/version: "v1.14.1" +rules: + - apiGroups: ["certificates.k8s.io"] + resources: ["certificatesigningrequests"] + verbs: ["get", "list", "watch", "update"] + - apiGroups: ["certificates.k8s.io"] + resources: ["certificatesigningrequests/status"] + verbs: ["update", "patch"] + - apiGroups: ["certificates.k8s.io"] + resources: ["signers"] + resourceNames: ["issuers.cert-manager.io/*", "clusterissuers.cert-manager.io/*"] + verbs: ["sign"] + - apiGroups: ["authorization.k8s.io"] + resources: ["subjectaccessreviews"] + verbs: ["create"] +--- +# Source: cert-manager/templates/webhook-rbac.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: cert-manager-webhook:subjectaccessreviews + labels: + app: webhook + app.kubernetes.io/name: webhook + app.kubernetes.io/instance: cert-manager + app.kubernetes.io/component: "webhook" + app.kubernetes.io/version: "v1.14.1" +rules: +- apiGroups: ["authorization.k8s.io"] + resources: ["subjectaccessreviews"] + verbs: ["create"] +--- +# Source: cert-manager/templates/cainjector-rbac.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: cert-manager-cainjector + labels: + app: cainjector + app.kubernetes.io/name: cainjector + app.kubernetes.io/instance: cert-manager + app.kubernetes.io/component: "cainjector" + app.kubernetes.io/version: "v1.14.1" +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: cert-manager-cainjector +subjects: + - name: cert-manager-cainjector + namespace: cert-manager + kind: ServiceAccount +--- +# Source: cert-manager/templates/rbac.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: cert-manager-controller-issuers + labels: + app: cert-manager + app.kubernetes.io/name: cert-manager + app.kubernetes.io/instance: cert-manager + app.kubernetes.io/component: "controller" + app.kubernetes.io/version: "v1.14.1" +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: cert-manager-controller-issuers +subjects: + - name: cert-manager + namespace: cert-manager + kind: ServiceAccount +--- +# Source: cert-manager/templates/rbac.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: cert-manager-controller-clusterissuers + labels: + app: cert-manager + app.kubernetes.io/name: cert-manager + app.kubernetes.io/instance: cert-manager + app.kubernetes.io/component: "controller" + app.kubernetes.io/version: "v1.14.1" +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: cert-manager-controller-clusterissuers +subjects: + - name: cert-manager + namespace: cert-manager + kind: ServiceAccount +--- +# Source: cert-manager/templates/rbac.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: cert-manager-controller-certificates + labels: + app: cert-manager + app.kubernetes.io/name: cert-manager + app.kubernetes.io/instance: cert-manager + app.kubernetes.io/component: "controller" + app.kubernetes.io/version: "v1.14.1" +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: cert-manager-controller-certificates +subjects: + - name: cert-manager + namespace: cert-manager + kind: ServiceAccount +--- +# Source: cert-manager/templates/rbac.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: cert-manager-controller-orders + labels: + app: cert-manager + app.kubernetes.io/name: cert-manager + app.kubernetes.io/instance: cert-manager + app.kubernetes.io/component: "controller" + app.kubernetes.io/version: "v1.14.1" +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: cert-manager-controller-orders +subjects: + - name: cert-manager + namespace: cert-manager + kind: ServiceAccount +--- +# Source: cert-manager/templates/rbac.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: cert-manager-controller-challenges + labels: + app: cert-manager + app.kubernetes.io/name: cert-manager + app.kubernetes.io/instance: cert-manager + app.kubernetes.io/component: "controller" + app.kubernetes.io/version: "v1.14.1" +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: cert-manager-controller-challenges +subjects: + - name: cert-manager + namespace: cert-manager + kind: ServiceAccount +--- +# Source: cert-manager/templates/rbac.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: cert-manager-controller-ingress-shim + labels: + app: cert-manager + app.kubernetes.io/name: cert-manager + app.kubernetes.io/instance: cert-manager + app.kubernetes.io/component: "controller" + app.kubernetes.io/version: "v1.14.1" +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: cert-manager-controller-ingress-shim +subjects: + - name: cert-manager + namespace: cert-manager + kind: ServiceAccount +--- +# Source: cert-manager/templates/rbac.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: cert-manager-controller-approve:cert-manager-io + labels: + app: cert-manager + app.kubernetes.io/name: cert-manager + app.kubernetes.io/instance: cert-manager + app.kubernetes.io/component: "cert-manager" + app.kubernetes.io/version: "v1.14.1" +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: cert-manager-controller-approve:cert-manager-io +subjects: + - name: cert-manager + namespace: cert-manager + kind: ServiceAccount +--- +# Source: cert-manager/templates/rbac.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: cert-manager-controller-certificatesigningrequests + labels: + app: cert-manager + app.kubernetes.io/name: cert-manager + app.kubernetes.io/instance: cert-manager + app.kubernetes.io/component: "cert-manager" + app.kubernetes.io/version: "v1.14.1" +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: cert-manager-controller-certificatesigningrequests +subjects: + - name: cert-manager + namespace: cert-manager + kind: ServiceAccount +--- +# Source: cert-manager/templates/webhook-rbac.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: cert-manager-webhook:subjectaccessreviews + labels: + app: webhook + app.kubernetes.io/name: webhook + app.kubernetes.io/instance: cert-manager + app.kubernetes.io/component: "webhook" + app.kubernetes.io/version: "v1.14.1" +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: cert-manager-webhook:subjectaccessreviews +subjects: +- apiGroup: "" + kind: ServiceAccount + name: cert-manager-webhook + namespace: cert-manager +--- +# Source: cert-manager/templates/cainjector-rbac.yaml +# leader election rules +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: cert-manager-cainjector:leaderelection + namespace: kube-system + labels: + app: cainjector + app.kubernetes.io/name: cainjector + app.kubernetes.io/instance: cert-manager + app.kubernetes.io/component: "cainjector" + app.kubernetes.io/version: "v1.14.1" +rules: + # Used for leader election by the controller + # cert-manager-cainjector-leader-election is used by the CertificateBased injector controller + # see cmd/cainjector/start.go#L113 + # cert-manager-cainjector-leader-election-core is used by the SecretBased injector controller + # see cmd/cainjector/start.go#L137 + - apiGroups: ["coordination.k8s.io"] + resources: ["leases"] + resourceNames: ["cert-manager-cainjector-leader-election", "cert-manager-cainjector-leader-election-core"] + verbs: ["get", "update", "patch"] + - apiGroups: ["coordination.k8s.io"] + resources: ["leases"] + verbs: ["create"] +--- +# Source: cert-manager/templates/rbac.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: cert-manager:leaderelection + namespace: kube-system + labels: + app: cert-manager + app.kubernetes.io/name: cert-manager + app.kubernetes.io/instance: cert-manager + app.kubernetes.io/component: "controller" + app.kubernetes.io/version: "v1.14.1" +rules: + - apiGroups: ["coordination.k8s.io"] + resources: ["leases"] + resourceNames: ["cert-manager-controller"] + verbs: ["get", "update", "patch"] + - apiGroups: ["coordination.k8s.io"] + resources: ["leases"] + verbs: ["create"] +--- +# Source: cert-manager/templates/webhook-rbac.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: cert-manager-webhook:dynamic-serving + namespace: cert-manager + labels: + app: webhook + app.kubernetes.io/name: webhook + app.kubernetes.io/instance: cert-manager + app.kubernetes.io/component: "webhook" + app.kubernetes.io/version: "v1.14.1" +rules: +- apiGroups: [""] + resources: ["secrets"] + resourceNames: + - 'cert-manager-webhook-ca' + verbs: ["get", "list", "watch", "update"] +# It's not possible to grant CREATE permission on a single resourceName. +- apiGroups: [""] + resources: ["secrets"] + verbs: ["create"] +--- +# Source: cert-manager/templates/cainjector-rbac.yaml +# grant cert-manager permission to manage the leaderelection configmap in the +# leader election namespace +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: cert-manager-cainjector:leaderelection + namespace: kube-system + labels: + app: cainjector + app.kubernetes.io/name: cainjector + app.kubernetes.io/instance: cert-manager + app.kubernetes.io/component: "cainjector" + app.kubernetes.io/version: "v1.14.1" +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: cert-manager-cainjector:leaderelection +subjects: + - kind: ServiceAccount + name: cert-manager-cainjector + namespace: cert-manager +--- +# Source: cert-manager/templates/rbac.yaml +# grant cert-manager permission to manage the leaderelection configmap in the +# leader election namespace +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: cert-manager:leaderelection + namespace: kube-system + labels: + app: cert-manager + app.kubernetes.io/name: cert-manager + app.kubernetes.io/instance: cert-manager + app.kubernetes.io/component: "controller" + app.kubernetes.io/version: "v1.14.1" +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: cert-manager:leaderelection +subjects: + - apiGroup: "" + kind: ServiceAccount + name: cert-manager + namespace: cert-manager +--- +# Source: cert-manager/templates/webhook-rbac.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: cert-manager-webhook:dynamic-serving + namespace: cert-manager + labels: + app: webhook + app.kubernetes.io/name: webhook + app.kubernetes.io/instance: cert-manager + app.kubernetes.io/component: "webhook" + app.kubernetes.io/version: "v1.14.1" +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: cert-manager-webhook:dynamic-serving +subjects: +- apiGroup: "" + kind: ServiceAccount + name: cert-manager-webhook + namespace: cert-manager +--- +# Source: cert-manager/templates/service.yaml +apiVersion: v1 +kind: Service +metadata: + name: cert-manager + namespace: cert-manager + labels: + app: cert-manager + app.kubernetes.io/name: cert-manager + app.kubernetes.io/instance: cert-manager + app.kubernetes.io/component: "controller" + app.kubernetes.io/version: "v1.14.1" +spec: + type: ClusterIP + ports: + - protocol: TCP + port: 9402 + name: tcp-prometheus-servicemonitor + targetPort: 9402 + selector: + app.kubernetes.io/name: cert-manager + app.kubernetes.io/instance: cert-manager + app.kubernetes.io/component: "controller" +--- +# Source: cert-manager/templates/webhook-service.yaml +apiVersion: v1 +kind: Service +metadata: + name: cert-manager-webhook + namespace: cert-manager + labels: + app: webhook + app.kubernetes.io/name: webhook + app.kubernetes.io/instance: cert-manager + app.kubernetes.io/component: "webhook" + app.kubernetes.io/version: "v1.14.1" +spec: + type: ClusterIP + ports: + - name: https + port: 443 + protocol: TCP + targetPort: "https" + selector: + app.kubernetes.io/name: webhook + app.kubernetes.io/instance: cert-manager + app.kubernetes.io/component: "webhook" +--- +# Source: cert-manager/templates/cainjector-deployment.yaml +apiVersion: apps/v1 +kind: Deployment +metadata: + name: cert-manager-cainjector + namespace: cert-manager + labels: + app: cainjector + app.kubernetes.io/name: cainjector + app.kubernetes.io/instance: cert-manager + app.kubernetes.io/component: "cainjector" + app.kubernetes.io/version: "v1.14.1" +spec: + replicas: 1 + revisionHistoryLimit: + selector: + matchLabels: + app.kubernetes.io/name: cainjector + app.kubernetes.io/instance: cert-manager + app.kubernetes.io/component: "cainjector" + template: + metadata: + labels: + app: cainjector + app.kubernetes.io/name: cainjector + app.kubernetes.io/instance: cert-manager + app.kubernetes.io/component: "cainjector" + app.kubernetes.io/version: "v1.14.1" + spec: + serviceAccountName: cert-manager-cainjector + enableServiceLinks: false + securityContext: + runAsNonRoot: true + seccompProfile: + type: RuntimeDefault + containers: + - name: cert-manager-cainjector + image: "quay.io/jetstack/cert-manager-cainjector:v1.14.1" + imagePullPolicy: IfNotPresent + args: + - --v=2 + - --leader-election-namespace=kube-system + env: + - name: POD_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + readOnlyRootFilesystem: true + nodeSelector: + kubernetes.io/os: linux +--- +# Source: cert-manager/templates/deployment.yaml +apiVersion: apps/v1 +kind: Deployment +metadata: + name: cert-manager + namespace: cert-manager + labels: + app: cert-manager + app.kubernetes.io/name: cert-manager + app.kubernetes.io/instance: cert-manager + app.kubernetes.io/component: "controller" + app.kubernetes.io/version: "v1.14.1" +spec: + replicas: 1 + revisionHistoryLimit: + selector: + matchLabels: + app.kubernetes.io/name: cert-manager + app.kubernetes.io/instance: cert-manager + app.kubernetes.io/component: "controller" + template: + metadata: + labels: + app: cert-manager + app.kubernetes.io/name: cert-manager + app.kubernetes.io/instance: cert-manager + app.kubernetes.io/component: "controller" + app.kubernetes.io/version: "v1.14.1" + annotations: + prometheus.io/path: "/metrics" + prometheus.io/scrape: 'true' + prometheus.io/port: '9402' + spec: + serviceAccountName: cert-manager + enableServiceLinks: false + securityContext: + runAsNonRoot: true + seccompProfile: + type: RuntimeDefault + containers: + - name: cert-manager-controller + image: "quay.io/jetstack/cert-manager-controller:v1.14.1" + imagePullPolicy: IfNotPresent + args: + - --v=2 + - --cluster-resource-namespace=$(POD_NAMESPACE) + - --leader-election-namespace=kube-system + - --acme-http01-solver-image=quay.io/jetstack/cert-manager-acmesolver:v1.14.1 + - --max-concurrent-challenges=60 + ports: + - containerPort: 9402 + name: http-metrics + protocol: TCP + - containerPort: 9403 + name: http-healthz + protocol: TCP + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + readOnlyRootFilesystem: true + env: + - name: POD_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + # LivenessProbe settings are based on those used for the Kubernetes + # controller-manager. See: + # https://github.com/kubernetes/kubernetes/blob/806b30170c61a38fedd54cc9ede4cd6275a1ad3b/cmd/kubeadm/app/util/staticpod/utils.go#L241-L245 + livenessProbe: + httpGet: + port: http-healthz + path: /livez + scheme: HTTP + initialDelaySeconds: 10 + periodSeconds: 10 + timeoutSeconds: 15 + successThreshold: 1 + failureThreshold: 8 + nodeSelector: + kubernetes.io/os: linux +--- +# Source: cert-manager/templates/webhook-deployment.yaml +apiVersion: apps/v1 +kind: Deployment +metadata: + name: cert-manager-webhook + namespace: cert-manager + labels: + app: webhook + app.kubernetes.io/name: webhook + app.kubernetes.io/instance: cert-manager + app.kubernetes.io/component: "webhook" + app.kubernetes.io/version: "v1.14.1" +spec: + replicas: 1 + revisionHistoryLimit: + selector: + matchLabels: + app.kubernetes.io/name: webhook + app.kubernetes.io/instance: cert-manager + app.kubernetes.io/component: "webhook" + template: + metadata: + labels: + app: webhook + app.kubernetes.io/name: webhook + app.kubernetes.io/instance: cert-manager + app.kubernetes.io/component: "webhook" + app.kubernetes.io/version: "v1.14.1" + spec: + serviceAccountName: cert-manager-webhook + enableServiceLinks: false + securityContext: + runAsNonRoot: true + seccompProfile: + type: RuntimeDefault + containers: + - name: cert-manager-webhook + image: "quay.io/jetstack/cert-manager-webhook:v1.14.1" + imagePullPolicy: IfNotPresent + args: + - --v=2 + - --secure-port=10250 + - --dynamic-serving-ca-secret-namespace=$(POD_NAMESPACE) + - --dynamic-serving-ca-secret-name=cert-manager-webhook-ca + - --dynamic-serving-dns-names=cert-manager-webhook + - --dynamic-serving-dns-names=cert-manager-webhook.$(POD_NAMESPACE) + - --dynamic-serving-dns-names=cert-manager-webhook.$(POD_NAMESPACE).svc + + ports: + - name: https + protocol: TCP + containerPort: 10250 + - name: healthcheck + protocol: TCP + containerPort: 6080 + livenessProbe: + httpGet: + path: /livez + port: 6080 + scheme: HTTP + initialDelaySeconds: 60 + periodSeconds: 10 + timeoutSeconds: 1 + successThreshold: 1 + failureThreshold: 3 + readinessProbe: + httpGet: + path: /healthz + port: 6080 + scheme: HTTP + initialDelaySeconds: 5 + periodSeconds: 5 + timeoutSeconds: 1 + successThreshold: 1 + failureThreshold: 3 + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + readOnlyRootFilesystem: true + env: + - name: POD_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + nodeSelector: + kubernetes.io/os: linux +--- +# Source: cert-manager/templates/webhook-mutating-webhook.yaml +apiVersion: admissionregistration.k8s.io/v1 +kind: MutatingWebhookConfiguration +metadata: + name: cert-manager-webhook + labels: + app: webhook + app.kubernetes.io/name: webhook + app.kubernetes.io/instance: cert-manager + app.kubernetes.io/component: "webhook" + app.kubernetes.io/version: "v1.14.1" + annotations: + cert-manager.io/inject-ca-from-secret: "cert-manager/cert-manager-webhook-ca" +webhooks: + - name: webhook.cert-manager.io + rules: + - apiGroups: + - "cert-manager.io" + apiVersions: + - "v1" + operations: + - CREATE + resources: + - "certificaterequests" + admissionReviewVersions: ["v1"] + # This webhook only accepts v1 cert-manager resources. + # Equivalent matchPolicy ensures that non-v1 resource requests are sent to + # this webhook (after the resources have been converted to v1). + matchPolicy: Equivalent + timeoutSeconds: 30 + failurePolicy: Fail + # Only include 'sideEffects' field in Kubernetes 1.12+ + sideEffects: None + clientConfig: + service: + name: cert-manager-webhook + namespace: cert-manager + path: /mutate +--- +# Source: cert-manager/templates/webhook-validating-webhook.yaml +apiVersion: admissionregistration.k8s.io/v1 +kind: ValidatingWebhookConfiguration +metadata: + name: cert-manager-webhook + labels: + app: webhook + app.kubernetes.io/name: webhook + app.kubernetes.io/instance: cert-manager + app.kubernetes.io/component: "webhook" + app.kubernetes.io/version: "v1.14.1" + annotations: + cert-manager.io/inject-ca-from-secret: "cert-manager/cert-manager-webhook-ca" +webhooks: + - name: webhook.cert-manager.io + namespaceSelector: + matchExpressions: + - key: cert-manager.io/disable-validation + operator: NotIn + values: + - "true" + rules: + - apiGroups: + - "cert-manager.io" + - "acme.cert-manager.io" + apiVersions: + - "v1" + operations: + - CREATE + - UPDATE + resources: + - "*/*" + admissionReviewVersions: ["v1"] + # This webhook only accepts v1 cert-manager resources. + # Equivalent matchPolicy ensures that non-v1 resource requests are sent to + # this webhook (after the resources have been converted to v1). + matchPolicy: Equivalent + timeoutSeconds: 30 + failurePolicy: Fail + sideEffects: None + clientConfig: + service: + name: cert-manager-webhook + namespace: cert-manager + path: /validate diff --git a/data/argoproj-labs_argocd-operator/context.json b/data/argoproj-labs_argocd-operator/context.json new file mode 100644 index 0000000000..901aba7abb --- /dev/null +++ b/data/argoproj-labs_argocd-operator/context.json @@ -0,0 +1,12851 @@ +{ + "crd": { + "body": { + "apiVersion": "apiextensions.k8s.io/v1", + "kind": "CustomResourceDefinition", + "metadata": { + "annotations": { + "cert-manager.io/inject-ca-from": "argocd-operator-system/argocd-operator-serving-cert", + "controller-gen.kubebuilder.io/version": "v0.6.1" + }, + "creationTimestamp": "2024-03-09T02:51:18Z", + "generation": 2, + "name": "argocds.argoproj.io", + "resourceVersion": "865", + "uid": "21c74bde-d44e-4d85-a53b-59112c417964" + }, + "spec": { + "conversion": { + "strategy": "Webhook", + "webhook": { + "clientConfig": { + "caBundle": "LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSURSRENDQWl5Z0F3SUJBZ0lSQVBQZE1qVzZUbU9RRUdCa09aUE9rVjB3RFFZSktvWklodmNOQVFFTEJRQXcKQURBZUZ3MHlOREF6TURrd01qVXhNVGhhRncweU5EQTJNRGN3TWpVeE1UaGFNQUF3Z2dFaU1BMEdDU3FHU0liMwpEUUVCQVFVQUE0SUJEd0F3Z2dFS0FvSUJBUUNqUFo0QW5RTnp2K1pBOGFjNEJ6NUR5bzUzd0pZMzE3OW14UXgyCkhqc2doeXMyNjdva3pMVGl2RFlZS3BYekZkY3dYTHArTFRPUk43allQaGFrTlZTckt1dFRGdXpDNDNLcCtHK1YKQVdERTVwWE5PRzdVanJMUjA3bzVSSm5YVHJRK0g2dVRJWkRvZmpkbEdudU15Z0RFZ0dIWVZVYldnaWswQ3dKdwpSdVJzNS91aDZnalZEMUNZOXRQQk1xb1dOZFc0MVRvVEs3NStYTXdpaklYTWl2aFpuTlhnRjBBTmU4NHkyNFVOCm5oS0VMM0VLM1B5eW5TOXpoVjI4UGRTNFlydkN0dTFxeU92NUFRbnYvYzZ3L1pmRWNSdENDdWFlYWZ6bk5OMVAKUHlQQ3pTaEpmNGRwWXpTYTZxWFM5WGNhSVNXdVZleTlJOWdESEx2bFNuRjEvL2pmQWdNQkFBR2pnYmd3Z2JVdwpEZ1lEVlIwUEFRSC9CQVFEQWdXZ01Bd0dBMVVkRXdFQi93UUNNQUF3Z1pRR0ExVWRFUUVCL3dTQmlUQ0Job0k2CllYSm5iMk5rTFc5d1pYSmhkRzl5TFhkbFltaHZiMnN0YzJWeWRtbGpaUzVoY21kdlkyUXRiM0JsY21GMGIzSXQKYzNsemRHVnRMbk4yWTRKSVlYSm5iMk5rTFc5d1pYSmhkRzl5TFhkbFltaHZiMnN0YzJWeWRtbGpaUzVoY21kdgpZMlF0YjNCbGNtRjBiM0l0YzNsemRHVnRMbk4yWXk1amJIVnpkR1Z5TG14dlkyRnNNQTBHQ1NxR1NJYjNEUUVCCkN3VUFBNElCQVFDUzNkOStHcWU0T3pxSHlCM1NGWDNjM3ZSYk5mUXR0cmxpZUVkaDI1aXBTN2NJSEpiMkJ5QW8KMVZISGhIbm9yNXZLVGVaUEJXTmw0T1ZxUWJzeEluZW8yOHR0TjFFbzVORzFIazgrQXVKa2ZRL2VnT2c0TVN6MQpvaVQ3NlQxZndGL210c2NpdHNpelFoN3luV0NEempSWEg5UU9Wb3dwRnBpejFDdXM0RzIvbHVEYzRlSFNDd01NCnhPSEsxZk1JU2tZbjd4akl0RzVKaVN6a3RWZzVvK0FRRmg1TGJ4SkZuMGRoM29TRzVUTFVDczFuM3M1eU5ndGwKcW8veFRHQnM0eFdkckNPVnRiMmdhUnh0SzFxeE5SMStsS3lRL2JZYWdZZ3phc0dvc2hKOU1yWXFycG5TbjJPegozVTh5bTNBRk9XQWt6V1J6bHZnZVJBVDhCeDBFNTI0dwotLS0tLUVORCBDRVJUSUZJQ0FURS0tLS0tCg==", + "service": { + "name": "argocd-operator-webhook-service", + "namespace": "argocd-operator-system", + "path": "/convert", + "port": 443 + } + }, + "conversionReviewVersions": [ + "v1alpha1", + "v1beta1" + ] + } + }, + "group": "argoproj.io", + "names": { + "kind": "ArgoCD", + "listKind": "ArgoCDList", + "plural": "argocds", + "singular": "argocd" + }, + "scope": "Namespaced", + "versions": [ + { + "deprecated": true, + "deprecationWarning": "ArgoCD v1alpha1 version is deprecated and will be converted to v1beta1 automatically. Moving forward, please use v1beta1 as the ArgoCD API version.", + "name": "v1alpha1", + "schema": { + "openAPIV3Schema": { + "description": "ArgoCD is the Schema for the argocds API", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", + "type": "string" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "type": "object" + }, + "spec": { + "description": "ArgoCDSpec defines the desired state of ArgoCD", + "properties": { + "applicationInstanceLabelKey": { + "description": "ApplicationInstanceLabelKey is the key name where Argo CD injects the app name as a tracking label.", + "type": "string" + }, + "applicationSet": { + "description": "ArgoCDApplicationSet defines whether the Argo CD ApplicationSet controller should be installed.", + "properties": { + "env": { + "description": "Env lets you specify environment for applicationSet controller pods", + "items": { + "description": "EnvVar represents an environment variable present in a Container.", + "properties": { + "name": { + "description": "Name of the environment variable. Must be a C_IDENTIFIER.", + "type": "string" + }, + "value": { + "description": "Variable references $(VAR_NAME) are expanded using the previously defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to \"\".", + "type": "string" + }, + "valueFrom": { + "description": "Source for the environment variable's value. Cannot be used if value is not empty.", + "properties": { + "configMapKeyRef": { + "description": "Selects a key of a ConfigMap.", + "properties": { + "key": { + "description": "The key to select.", + "type": "string" + }, + "name": { + "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?", + "type": "string" + }, + "optional": { + "description": "Specify whether the ConfigMap or its key must be defined", + "type": "boolean" + } + }, + "required": [ + "key" + ], + "type": "object" + }, + "fieldRef": { + "description": "Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs.", + "properties": { + "apiVersion": { + "description": "Version of the schema the FieldPath is written in terms of, defaults to \"v1\".", + "type": "string" + }, + "fieldPath": { + "description": "Path of the field to select in the specified API version.", + "type": "string" + } + }, + "required": [ + "fieldPath" + ], + "type": "object" + }, + "resourceFieldRef": { + "description": "Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported.", + "properties": { + "containerName": { + "description": "Container name: required for volumes, optional for env vars", + "type": "string" + }, + "divisor": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "description": "Specifies the output format of the exposed resources, defaults to \"1\"", + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "resource": { + "description": "Required: resource to select", + "type": "string" + } + }, + "required": [ + "resource" + ], + "type": "object" + }, + "secretKeyRef": { + "description": "Selects a key of a secret in the pod's namespace", + "properties": { + "key": { + "description": "The key of the secret to select from. Must be a valid secret key.", + "type": "string" + }, + "name": { + "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?", + "type": "string" + }, + "optional": { + "description": "Specify whether the Secret or its key must be defined", + "type": "boolean" + } + }, + "required": [ + "key" + ], + "type": "object" + } + }, + "type": "object" + } + }, + "required": [ + "name" + ], + "type": "object" + }, + "type": "array" + }, + "extraCommandArgs": { + "description": "ExtraCommandArgs allows users to pass command line arguments to ApplicationSet controller. They get added to default command line arguments provided by the operator. Please note that the command line arguments provided as part of ExtraCommandArgs will not overwrite the default command line arguments.", + "items": { + "type": "string" + }, + "type": "array" + }, + "image": { + "description": "Image is the Argo CD ApplicationSet image (optional)", + "type": "string" + }, + "logLevel": { + "description": "LogLevel describes the log level that should be used by the ApplicationSet controller. Defaults to ArgoCDDefaultLogLevel if not set. Valid options are debug,info, error, and warn.", + "type": "string" + }, + "resources": { + "description": "Resources defines the Compute Resources required by the container for ApplicationSet.", + "properties": { + "claims": { + "description": "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers.", + "items": { + "description": "ResourceClaim references one entry in PodSpec.ResourceClaims.", + "properties": { + "name": { + "description": "Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container.", + "type": "string" + } + }, + "required": [ + "name" + ], + "type": "object" + }, + "type": "array", + "x-kubernetes-list-map-keys": [ + "name" + ], + "x-kubernetes-list-type": "map" + }, + "limits": { + "additionalProperties": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "description": "Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/", + "type": "object" + }, + "requests": { + "additionalProperties": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "description": "Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/", + "type": "object" + } + }, + "type": "object" + }, + "version": { + "description": "Version is the Argo CD ApplicationSet image tag. (optional)", + "type": "string" + }, + "webhookServer": { + "description": "WebhookServerSpec defines the options for the ApplicationSet Webhook Server component.", + "properties": { + "host": { + "description": "Host is the hostname to use for Ingress/Route resources.", + "type": "string" + }, + "ingress": { + "description": "Ingress defines the desired state for an Ingress for the Application set webhook component.", + "properties": { + "annotations": { + "additionalProperties": { + "type": "string" + }, + "description": "Annotations is the map of annotations to apply to the Ingress.", + "type": "object" + }, + "enabled": { + "description": "Enabled will toggle the creation of the Ingress.", + "type": "boolean" + }, + "ingressClassName": { + "description": "IngressClassName for the Ingress resource.", + "type": "string" + }, + "path": { + "description": "Path used for the Ingress resource.", + "type": "string" + }, + "tls": { + "description": "TLS configuration. Currently the Ingress only supports a single TLS port, 443. If multiple members of this list specify different hosts, they will be multiplexed on the same port according to the hostname specified through the SNI TLS extension, if the ingress controller fulfilling the ingress supports SNI.", + "items": { + "description": "IngressTLS describes the transport layer security associated with an ingress.", + "properties": { + "hosts": { + "description": "hosts is a list of hosts included in the TLS certificate. The values in this list must match the name/s used in the tlsSecret. Defaults to the wildcard host setting for the loadbalancer controller fulfilling this Ingress, if left unspecified.", + "items": { + "type": "string" + }, + "type": "array", + "x-kubernetes-list-type": "atomic" + }, + "secretName": { + "description": "secretName is the name of the secret used to terminate TLS traffic on port 443. Field is left optional to allow TLS routing based on SNI hostname alone. If the SNI host in a listener conflicts with the \"Host\" header field used by an IngressRule, the SNI host is used for termination and value of the \"Host\" header is used for routing.", + "type": "string" + } + }, + "type": "object" + }, + "type": "array" + } + }, + "required": [ + "enabled" + ], + "type": "object" + }, + "route": { + "description": "Route defines the desired state for an OpenShift Route for the Application set webhook component.", + "properties": { + "annotations": { + "additionalProperties": { + "type": "string" + }, + "description": "Annotations is the map of annotations to use for the Route resource.", + "type": "object" + }, + "enabled": { + "description": "Enabled will toggle the creation of the OpenShift Route.", + "type": "boolean" + }, + "labels": { + "additionalProperties": { + "type": "string" + }, + "description": "Labels is the map of labels to use for the Route resource", + "type": "object" + }, + "path": { + "description": "Path the router watches for, to route traffic for to the service.", + "type": "string" + }, + "tls": { + "description": "TLS provides the ability to configure certificates and termination for the Route.", + "properties": { + "caCertificate": { + "description": "caCertificate provides the cert authority certificate contents", + "type": "string" + }, + "certificate": { + "description": "certificate provides certificate contents", + "type": "string" + }, + "destinationCACertificate": { + "description": "destinationCACertificate provides the contents of the ca certificate of the final destination. When using reencrypt termination this file should be provided in order to have routers use it for health checks on the secure connection. If this field is not specified, the router may provide its own destination CA and perform hostname validation using the short service name (service.namespace.svc), which allows infrastructure generated certificates to automatically verify.", + "type": "string" + }, + "insecureEdgeTerminationPolicy": { + "description": "insecureEdgeTerminationPolicy indicates the desired behavior for insecure connections to a route. While each router may make its own decisions on which ports to expose, this is normally port 80. \n * Allow - traffic is sent to the server on the insecure port (default) * Disable - no traffic is allowed on the insecure port. * Redirect - clients are redirected to the secure port.", + "type": "string" + }, + "key": { + "description": "key provides key file contents", + "type": "string" + }, + "termination": { + "description": "termination indicates termination type.", + "type": "string" + } + }, + "required": [ + "termination" + ], + "type": "object" + }, + "wildcardPolicy": { + "description": "WildcardPolicy if any for the route. Currently only 'Subdomain' or 'None' is allowed.", + "type": "string" + } + }, + "required": [ + "enabled" + ], + "type": "object" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "banner": { + "description": "Banner defines an additional banner to be displayed in Argo CD UI", + "properties": { + "content": { + "description": "Content defines the banner message content to display", + "type": "string" + }, + "url": { + "description": "URL defines an optional URL to be used as banner message link", + "type": "string" + } + }, + "required": [ + "content" + ], + "type": "object" + }, + "configManagementPlugins": { + "description": "ConfigManagementPlugins is used to specify additional config management plugins.", + "type": "string" + }, + "controller": { + "description": "Controller defines the Application Controller options for ArgoCD.", + "properties": { + "appSync": { + "description": "AppSync is used to control the sync frequency, by default the ArgoCD controller polls Git every 3m. \n Set this to a duration, e.g. 10m or 600s to control the synchronisation frequency.", + "type": "string" + }, + "env": { + "description": "Env lets you specify environment for application controller pods", + "items": { + "description": "EnvVar represents an environment variable present in a Container.", + "properties": { + "name": { + "description": "Name of the environment variable. Must be a C_IDENTIFIER.", + "type": "string" + }, + "value": { + "description": "Variable references $(VAR_NAME) are expanded using the previously defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to \"\".", + "type": "string" + }, + "valueFrom": { + "description": "Source for the environment variable's value. Cannot be used if value is not empty.", + "properties": { + "configMapKeyRef": { + "description": "Selects a key of a ConfigMap.", + "properties": { + "key": { + "description": "The key to select.", + "type": "string" + }, + "name": { + "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?", + "type": "string" + }, + "optional": { + "description": "Specify whether the ConfigMap or its key must be defined", + "type": "boolean" + } + }, + "required": [ + "key" + ], + "type": "object" + }, + "fieldRef": { + "description": "Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs.", + "properties": { + "apiVersion": { + "description": "Version of the schema the FieldPath is written in terms of, defaults to \"v1\".", + "type": "string" + }, + "fieldPath": { + "description": "Path of the field to select in the specified API version.", + "type": "string" + } + }, + "required": [ + "fieldPath" + ], + "type": "object" + }, + "resourceFieldRef": { + "description": "Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported.", + "properties": { + "containerName": { + "description": "Container name: required for volumes, optional for env vars", + "type": "string" + }, + "divisor": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "description": "Specifies the output format of the exposed resources, defaults to \"1\"", + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "resource": { + "description": "Required: resource to select", + "type": "string" + } + }, + "required": [ + "resource" + ], + "type": "object" + }, + "secretKeyRef": { + "description": "Selects a key of a secret in the pod's namespace", + "properties": { + "key": { + "description": "The key of the secret to select from. Must be a valid secret key.", + "type": "string" + }, + "name": { + "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?", + "type": "string" + }, + "optional": { + "description": "Specify whether the Secret or its key must be defined", + "type": "boolean" + } + }, + "required": [ + "key" + ], + "type": "object" + } + }, + "type": "object" + } + }, + "required": [ + "name" + ], + "type": "object" + }, + "type": "array" + }, + "logFormat": { + "description": "LogFormat refers to the log format used by the Application Controller component. Defaults to ArgoCDDefaultLogFormat if not configured. Valid options are text or json.", + "type": "string" + }, + "logLevel": { + "description": "LogLevel refers to the log level used by the Application Controller component. Defaults to ArgoCDDefaultLogLevel if not configured. Valid options are debug, info, error, and warn.", + "type": "string" + }, + "parallelismLimit": { + "description": "ParallelismLimit defines the limit for parallel kubectl operations", + "format": "int32", + "type": "integer" + }, + "processors": { + "description": "Processors contains the options for the Application Controller processors.", + "properties": { + "operation": { + "description": "Operation is the number of application operation processors.", + "format": "int32", + "type": "integer" + }, + "status": { + "description": "Status is the number of application status processors.", + "format": "int32", + "type": "integer" + } + }, + "type": "object" + }, + "resources": { + "description": "Resources defines the Compute Resources required by the container for the Application Controller.", + "properties": { + "claims": { + "description": "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers.", + "items": { + "description": "ResourceClaim references one entry in PodSpec.ResourceClaims.", + "properties": { + "name": { + "description": "Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container.", + "type": "string" + } + }, + "required": [ + "name" + ], + "type": "object" + }, + "type": "array", + "x-kubernetes-list-map-keys": [ + "name" + ], + "x-kubernetes-list-type": "map" + }, + "limits": { + "additionalProperties": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "description": "Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/", + "type": "object" + }, + "requests": { + "additionalProperties": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "description": "Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/", + "type": "object" + } + }, + "type": "object" + }, + "sharding": { + "description": "Sharding contains the options for the Application Controller sharding configuration.", + "properties": { + "clustersPerShard": { + "description": "ClustersPerShard defines the maximum number of clusters managed by each argocd shard", + "format": "int32", + "minimum": 1, + "type": "integer" + }, + "dynamicScalingEnabled": { + "description": "DynamicScalingEnabled defines whether dynamic scaling should be enabled for Application Controller component", + "type": "boolean" + }, + "enabled": { + "description": "Enabled defines whether sharding should be enabled on the Application Controller component.", + "type": "boolean" + }, + "maxShards": { + "description": "MaxShards defines the maximum number of shards at any given point", + "format": "int32", + "type": "integer" + }, + "minShards": { + "description": "MinShards defines the minimum number of shards at any given point", + "format": "int32", + "minimum": 1, + "type": "integer" + }, + "replicas": { + "description": "Replicas defines the number of replicas to run in the Application controller shard.", + "format": "int32", + "type": "integer" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "dex": { + "description": "Deprecated field. Support dropped in v1beta1 version. Dex defines the Dex server options for ArgoCD.", + "properties": { + "config": { + "description": "Config is the dex connector configuration.", + "type": "string" + }, + "groups": { + "description": "Optional list of required groups a user must be a member of", + "items": { + "type": "string" + }, + "type": "array" + }, + "image": { + "description": "Image is the Dex container image.", + "type": "string" + }, + "openShiftOAuth": { + "description": "OpenShiftOAuth enables OpenShift OAuth authentication for the Dex server.", + "type": "boolean" + }, + "resources": { + "description": "Resources defines the Compute Resources required by the container for Dex.", + "properties": { + "claims": { + "description": "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers.", + "items": { + "description": "ResourceClaim references one entry in PodSpec.ResourceClaims.", + "properties": { + "name": { + "description": "Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container.", + "type": "string" + } + }, + "required": [ + "name" + ], + "type": "object" + }, + "type": "array", + "x-kubernetes-list-map-keys": [ + "name" + ], + "x-kubernetes-list-type": "map" + }, + "limits": { + "additionalProperties": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "description": "Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/", + "type": "object" + }, + "requests": { + "additionalProperties": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "description": "Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/", + "type": "object" + } + }, + "type": "object" + }, + "version": { + "description": "Version is the Dex container image tag.", + "type": "string" + } + }, + "type": "object" + }, + "disableAdmin": { + "description": "DisableAdmin will disable the admin user.", + "type": "boolean" + }, + "extraConfig": { + "additionalProperties": { + "type": "string" + }, + "description": "ExtraConfig can be used to add fields to Argo CD configmap that are not supported by Argo CD CRD. \n Note: ExtraConfig takes precedence over Argo CD CRD. For example, A user sets `argocd.Spec.DisableAdmin` = true and also `a.Spec.ExtraConfig[\"admin.enabled\"]` = true. In this case, operator updates Argo CD Configmap as follows -> argocd-cm.Data[\"admin.enabled\"] = true.", + "type": "object" + }, + "gaAnonymizeUsers": { + "description": "GAAnonymizeUsers toggles user IDs being hashed before sending to google analytics.", + "type": "boolean" + }, + "gaTrackingID": { + "description": "GATrackingID is the google analytics tracking ID to use.", + "type": "string" + }, + "grafana": { + "description": "Grafana defines the Grafana server options for ArgoCD.", + "properties": { + "enabled": { + "description": "Enabled will toggle Grafana support globally for ArgoCD.", + "type": "boolean" + }, + "host": { + "description": "Host is the hostname to use for Ingress/Route resources.", + "type": "string" + }, + "image": { + "description": "Image is the Grafana container image.", + "type": "string" + }, + "ingress": { + "description": "Ingress defines the desired state for an Ingress for the Grafana component.", + "properties": { + "annotations": { + "additionalProperties": { + "type": "string" + }, + "description": "Annotations is the map of annotations to apply to the Ingress.", + "type": "object" + }, + "enabled": { + "description": "Enabled will toggle the creation of the Ingress.", + "type": "boolean" + }, + "ingressClassName": { + "description": "IngressClassName for the Ingress resource.", + "type": "string" + }, + "path": { + "description": "Path used for the Ingress resource.", + "type": "string" + }, + "tls": { + "description": "TLS configuration. Currently the Ingress only supports a single TLS port, 443. If multiple members of this list specify different hosts, they will be multiplexed on the same port according to the hostname specified through the SNI TLS extension, if the ingress controller fulfilling the ingress supports SNI.", + "items": { + "description": "IngressTLS describes the transport layer security associated with an ingress.", + "properties": { + "hosts": { + "description": "hosts is a list of hosts included in the TLS certificate. The values in this list must match the name/s used in the tlsSecret. Defaults to the wildcard host setting for the loadbalancer controller fulfilling this Ingress, if left unspecified.", + "items": { + "type": "string" + }, + "type": "array", + "x-kubernetes-list-type": "atomic" + }, + "secretName": { + "description": "secretName is the name of the secret used to terminate TLS traffic on port 443. Field is left optional to allow TLS routing based on SNI hostname alone. If the SNI host in a listener conflicts with the \"Host\" header field used by an IngressRule, the SNI host is used for termination and value of the \"Host\" header is used for routing.", + "type": "string" + } + }, + "type": "object" + }, + "type": "array" + } + }, + "required": [ + "enabled" + ], + "type": "object" + }, + "resources": { + "description": "Resources defines the Compute Resources required by the container for Grafana.", + "properties": { + "claims": { + "description": "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers.", + "items": { + "description": "ResourceClaim references one entry in PodSpec.ResourceClaims.", + "properties": { + "name": { + "description": "Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container.", + "type": "string" + } + }, + "required": [ + "name" + ], + "type": "object" + }, + "type": "array", + "x-kubernetes-list-map-keys": [ + "name" + ], + "x-kubernetes-list-type": "map" + }, + "limits": { + "additionalProperties": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "description": "Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/", + "type": "object" + }, + "requests": { + "additionalProperties": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "description": "Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/", + "type": "object" + } + }, + "type": "object" + }, + "route": { + "description": "Route defines the desired state for an OpenShift Route for the Grafana component.", + "properties": { + "annotations": { + "additionalProperties": { + "type": "string" + }, + "description": "Annotations is the map of annotations to use for the Route resource.", + "type": "object" + }, + "enabled": { + "description": "Enabled will toggle the creation of the OpenShift Route.", + "type": "boolean" + }, + "labels": { + "additionalProperties": { + "type": "string" + }, + "description": "Labels is the map of labels to use for the Route resource", + "type": "object" + }, + "path": { + "description": "Path the router watches for, to route traffic for to the service.", + "type": "string" + }, + "tls": { + "description": "TLS provides the ability to configure certificates and termination for the Route.", + "properties": { + "caCertificate": { + "description": "caCertificate provides the cert authority certificate contents", + "type": "string" + }, + "certificate": { + "description": "certificate provides certificate contents", + "type": "string" + }, + "destinationCACertificate": { + "description": "destinationCACertificate provides the contents of the ca certificate of the final destination. When using reencrypt termination this file should be provided in order to have routers use it for health checks on the secure connection. If this field is not specified, the router may provide its own destination CA and perform hostname validation using the short service name (service.namespace.svc), which allows infrastructure generated certificates to automatically verify.", + "type": "string" + }, + "insecureEdgeTerminationPolicy": { + "description": "insecureEdgeTerminationPolicy indicates the desired behavior for insecure connections to a route. While each router may make its own decisions on which ports to expose, this is normally port 80. \n * Allow - traffic is sent to the server on the insecure port (default) * Disable - no traffic is allowed on the insecure port. * Redirect - clients are redirected to the secure port.", + "type": "string" + }, + "key": { + "description": "key provides key file contents", + "type": "string" + }, + "termination": { + "description": "termination indicates termination type.", + "type": "string" + } + }, + "required": [ + "termination" + ], + "type": "object" + }, + "wildcardPolicy": { + "description": "WildcardPolicy if any for the route. Currently only 'Subdomain' or 'None' is allowed.", + "type": "string" + } + }, + "required": [ + "enabled" + ], + "type": "object" + }, + "size": { + "description": "Size is the replica count for the Grafana Deployment.", + "format": "int32", + "type": "integer" + }, + "version": { + "description": "Version is the Grafana container image tag.", + "type": "string" + } + }, + "required": [ + "enabled" + ], + "type": "object" + }, + "ha": { + "description": "HA options for High Availability support for the Redis component.", + "properties": { + "enabled": { + "description": "Enabled will toggle HA support globally for Argo CD.", + "type": "boolean" + }, + "redisProxyImage": { + "description": "RedisProxyImage is the Redis HAProxy container image.", + "type": "string" + }, + "redisProxyVersion": { + "description": "RedisProxyVersion is the Redis HAProxy container image tag.", + "type": "string" + }, + "resources": { + "description": "Resources defines the Compute Resources required by the container for HA.", + "properties": { + "claims": { + "description": "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers.", + "items": { + "description": "ResourceClaim references one entry in PodSpec.ResourceClaims.", + "properties": { + "name": { + "description": "Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container.", + "type": "string" + } + }, + "required": [ + "name" + ], + "type": "object" + }, + "type": "array", + "x-kubernetes-list-map-keys": [ + "name" + ], + "x-kubernetes-list-type": "map" + }, + "limits": { + "additionalProperties": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "description": "Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/", + "type": "object" + }, + "requests": { + "additionalProperties": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "description": "Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/", + "type": "object" + } + }, + "type": "object" + } + }, + "required": [ + "enabled" + ], + "type": "object" + }, + "helpChatText": { + "description": "HelpChatText is the text for getting chat help, defaults to \"Chat now!\"", + "type": "string" + }, + "helpChatURL": { + "description": "HelpChatURL is the URL for getting chat help, this will typically be your Slack channel for support.", + "type": "string" + }, + "image": { + "description": "Image is the ArgoCD container image for all ArgoCD components.", + "type": "string" + }, + "import": { + "description": "Import is the import/restore options for ArgoCD.", + "properties": { + "name": { + "description": "Name of an ArgoCDExport from which to import data.", + "type": "string" + }, + "namespace": { + "description": "Namespace for the ArgoCDExport, defaults to the same namespace as the ArgoCD.", + "type": "string" + } + }, + "required": [ + "name" + ], + "type": "object" + }, + "initialRepositories": { + "description": "InitialRepositories to configure Argo CD with upon creation of the cluster.", + "type": "string" + }, + "initialSSHKnownHosts": { + "description": "InitialSSHKnownHosts defines the SSH known hosts data upon creation of the cluster for connecting Git repositories via SSH.", + "properties": { + "excludedefaulthosts": { + "description": "ExcludeDefaultHosts describes whether you would like to include the default list of SSH Known Hosts provided by ArgoCD.", + "type": "boolean" + }, + "keys": { + "description": "Keys describes a custom set of SSH Known Hosts that you would like to have included in your ArgoCD server.", + "type": "string" + } + }, + "type": "object" + }, + "kustomizeBuildOptions": { + "description": "KustomizeBuildOptions is used to specify build options/parameters to use with `kustomize build`.", + "type": "string" + }, + "kustomizeVersions": { + "description": "KustomizeVersions is a listing of configured versions of Kustomize to be made available within ArgoCD.", + "items": { + "description": "KustomizeVersionSpec is used to specify information about a kustomize version to be used within ArgoCD.", + "properties": { + "path": { + "description": "Path is the path to a configured kustomize version on the filesystem of your repo server.", + "type": "string" + }, + "version": { + "description": "Version is a configured kustomize version in the format of vX.Y.Z", + "type": "string" + } + }, + "type": "object" + }, + "type": "array" + }, + "monitoring": { + "description": "Monitoring defines whether workload status monitoring configuration for this instance.", + "properties": { + "enabled": { + "description": "Enabled defines whether workload status monitoring is enabled for this instance or not", + "type": "boolean" + } + }, + "required": [ + "enabled" + ], + "type": "object" + }, + "nodePlacement": { + "description": "NodePlacement defines NodeSelectors and Taints for Argo CD workloads", + "properties": { + "nodeSelector": { + "additionalProperties": { + "type": "string" + }, + "description": "NodeSelector is a field of PodSpec, it is a map of key value pairs used for node selection", + "type": "object" + }, + "tolerations": { + "description": "Tolerations allow the pods to schedule onto nodes with matching taints", + "items": { + "description": "The pod this Toleration is attached to tolerates any taint that matches the triple using the matching operator .", + "properties": { + "effect": { + "description": "Effect indicates the taint effect to match. Empty means match all taint effects. When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute.", + "type": "string" + }, + "key": { + "description": "Key is the taint key that the toleration applies to. Empty means match all taint keys. If the key is empty, operator must be Exists; this combination means to match all values and all keys.", + "type": "string" + }, + "operator": { + "description": "Operator represents a key's relationship to the value. Valid operators are Exists and Equal. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category.", + "type": "string" + }, + "tolerationSeconds": { + "description": "TolerationSeconds represents the period of time the toleration (which must be of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, it is not set, which means tolerate the taint forever (do not evict). Zero and negative values will be treated as 0 (evict immediately) by the system.", + "format": "int64", + "type": "integer" + }, + "value": { + "description": "Value is the taint value the toleration matches to. If the operator is Exists, the value should be empty, otherwise just a regular string.", + "type": "string" + } + }, + "type": "object" + }, + "type": "array" + } + }, + "type": "object" + }, + "notifications": { + "description": "Notifications defines whether the Argo CD Notifications controller should be installed.", + "properties": { + "enabled": { + "description": "Enabled defines whether argocd-notifications controller should be deployed or not", + "type": "boolean" + }, + "env": { + "description": "Env let you specify environment variables for Notifications pods", + "items": { + "description": "EnvVar represents an environment variable present in a Container.", + "properties": { + "name": { + "description": "Name of the environment variable. Must be a C_IDENTIFIER.", + "type": "string" + }, + "value": { + "description": "Variable references $(VAR_NAME) are expanded using the previously defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to \"\".", + "type": "string" + }, + "valueFrom": { + "description": "Source for the environment variable's value. Cannot be used if value is not empty.", + "properties": { + "configMapKeyRef": { + "description": "Selects a key of a ConfigMap.", + "properties": { + "key": { + "description": "The key to select.", + "type": "string" + }, + "name": { + "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?", + "type": "string" + }, + "optional": { + "description": "Specify whether the ConfigMap or its key must be defined", + "type": "boolean" + } + }, + "required": [ + "key" + ], + "type": "object" + }, + "fieldRef": { + "description": "Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs.", + "properties": { + "apiVersion": { + "description": "Version of the schema the FieldPath is written in terms of, defaults to \"v1\".", + "type": "string" + }, + "fieldPath": { + "description": "Path of the field to select in the specified API version.", + "type": "string" + } + }, + "required": [ + "fieldPath" + ], + "type": "object" + }, + "resourceFieldRef": { + "description": "Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported.", + "properties": { + "containerName": { + "description": "Container name: required for volumes, optional for env vars", + "type": "string" + }, + "divisor": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "description": "Specifies the output format of the exposed resources, defaults to \"1\"", + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "resource": { + "description": "Required: resource to select", + "type": "string" + } + }, + "required": [ + "resource" + ], + "type": "object" + }, + "secretKeyRef": { + "description": "Selects a key of a secret in the pod's namespace", + "properties": { + "key": { + "description": "The key of the secret to select from. Must be a valid secret key.", + "type": "string" + }, + "name": { + "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?", + "type": "string" + }, + "optional": { + "description": "Specify whether the Secret or its key must be defined", + "type": "boolean" + } + }, + "required": [ + "key" + ], + "type": "object" + } + }, + "type": "object" + } + }, + "required": [ + "name" + ], + "type": "object" + }, + "type": "array" + }, + "image": { + "description": "Image is the Argo CD Notifications image (optional)", + "type": "string" + }, + "logLevel": { + "description": "LogLevel describes the log level that should be used by the argocd-notifications. Defaults to ArgoCDDefaultLogLevel if not set. Valid options are debug,info, error, and warn.", + "type": "string" + }, + "replicas": { + "description": "Replicas defines the number of replicas to run for notifications-controller", + "format": "int32", + "type": "integer" + }, + "resources": { + "description": "Resources defines the Compute Resources required by the container for Argo CD Notifications.", + "properties": { + "claims": { + "description": "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers.", + "items": { + "description": "ResourceClaim references one entry in PodSpec.ResourceClaims.", + "properties": { + "name": { + "description": "Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container.", + "type": "string" + } + }, + "required": [ + "name" + ], + "type": "object" + }, + "type": "array", + "x-kubernetes-list-map-keys": [ + "name" + ], + "x-kubernetes-list-type": "map" + }, + "limits": { + "additionalProperties": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "description": "Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/", + "type": "object" + }, + "requests": { + "additionalProperties": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "description": "Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/", + "type": "object" + } + }, + "type": "object" + }, + "version": { + "description": "Version is the Argo CD Notifications image tag. (optional)", + "type": "string" + } + }, + "required": [ + "enabled" + ], + "type": "object" + }, + "oidcConfig": { + "description": "OIDCConfig is the OIDC configuration as an alternative to dex.", + "type": "string" + }, + "prometheus": { + "description": "Prometheus defines the Prometheus server options for ArgoCD.", + "properties": { + "enabled": { + "description": "Enabled will toggle Prometheus support globally for ArgoCD.", + "type": "boolean" + }, + "host": { + "description": "Host is the hostname to use for Ingress/Route resources.", + "type": "string" + }, + "ingress": { + "description": "Ingress defines the desired state for an Ingress for the Prometheus component.", + "properties": { + "annotations": { + "additionalProperties": { + "type": "string" + }, + "description": "Annotations is the map of annotations to apply to the Ingress.", + "type": "object" + }, + "enabled": { + "description": "Enabled will toggle the creation of the Ingress.", + "type": "boolean" + }, + "ingressClassName": { + "description": "IngressClassName for the Ingress resource.", + "type": "string" + }, + "path": { + "description": "Path used for the Ingress resource.", + "type": "string" + }, + "tls": { + "description": "TLS configuration. Currently the Ingress only supports a single TLS port, 443. If multiple members of this list specify different hosts, they will be multiplexed on the same port according to the hostname specified through the SNI TLS extension, if the ingress controller fulfilling the ingress supports SNI.", + "items": { + "description": "IngressTLS describes the transport layer security associated with an ingress.", + "properties": { + "hosts": { + "description": "hosts is a list of hosts included in the TLS certificate. The values in this list must match the name/s used in the tlsSecret. Defaults to the wildcard host setting for the loadbalancer controller fulfilling this Ingress, if left unspecified.", + "items": { + "type": "string" + }, + "type": "array", + "x-kubernetes-list-type": "atomic" + }, + "secretName": { + "description": "secretName is the name of the secret used to terminate TLS traffic on port 443. Field is left optional to allow TLS routing based on SNI hostname alone. If the SNI host in a listener conflicts with the \"Host\" header field used by an IngressRule, the SNI host is used for termination and value of the \"Host\" header is used for routing.", + "type": "string" + } + }, + "type": "object" + }, + "type": "array" + } + }, + "required": [ + "enabled" + ], + "type": "object" + }, + "route": { + "description": "Route defines the desired state for an OpenShift Route for the Prometheus component.", + "properties": { + "annotations": { + "additionalProperties": { + "type": "string" + }, + "description": "Annotations is the map of annotations to use for the Route resource.", + "type": "object" + }, + "enabled": { + "description": "Enabled will toggle the creation of the OpenShift Route.", + "type": "boolean" + }, + "labels": { + "additionalProperties": { + "type": "string" + }, + "description": "Labels is the map of labels to use for the Route resource", + "type": "object" + }, + "path": { + "description": "Path the router watches for, to route traffic for to the service.", + "type": "string" + }, + "tls": { + "description": "TLS provides the ability to configure certificates and termination for the Route.", + "properties": { + "caCertificate": { + "description": "caCertificate provides the cert authority certificate contents", + "type": "string" + }, + "certificate": { + "description": "certificate provides certificate contents", + "type": "string" + }, + "destinationCACertificate": { + "description": "destinationCACertificate provides the contents of the ca certificate of the final destination. When using reencrypt termination this file should be provided in order to have routers use it for health checks on the secure connection. If this field is not specified, the router may provide its own destination CA and perform hostname validation using the short service name (service.namespace.svc), which allows infrastructure generated certificates to automatically verify.", + "type": "string" + }, + "insecureEdgeTerminationPolicy": { + "description": "insecureEdgeTerminationPolicy indicates the desired behavior for insecure connections to a route. While each router may make its own decisions on which ports to expose, this is normally port 80. \n * Allow - traffic is sent to the server on the insecure port (default) * Disable - no traffic is allowed on the insecure port. * Redirect - clients are redirected to the secure port.", + "type": "string" + }, + "key": { + "description": "key provides key file contents", + "type": "string" + }, + "termination": { + "description": "termination indicates termination type.", + "type": "string" + } + }, + "required": [ + "termination" + ], + "type": "object" + }, + "wildcardPolicy": { + "description": "WildcardPolicy if any for the route. Currently only 'Subdomain' or 'None' is allowed.", + "type": "string" + } + }, + "required": [ + "enabled" + ], + "type": "object" + }, + "size": { + "description": "Size is the replica count for the Prometheus StatefulSet.", + "format": "int32", + "type": "integer" + } + }, + "required": [ + "enabled" + ], + "type": "object" + }, + "rbac": { + "description": "RBAC defines the RBAC configuration for Argo CD.", + "properties": { + "defaultPolicy": { + "description": "DefaultPolicy is the name of the default role which Argo CD will falls back to, when authorizing API requests (optional). If omitted or empty, users may be still be able to login, but will see no apps, projects, etc...", + "type": "string" + }, + "policy": { + "description": "Policy is CSV containing user-defined RBAC policies and role definitions. Policy rules are in the form: p, subject, resource, action, object, effect Role definitions and bindings are in the form: g, subject, inherited-subject See https://github.com/argoproj/argo-cd/blob/master/docs/operator-manual/rbac.md for additional information.", + "type": "string" + }, + "policyMatcherMode": { + "description": "PolicyMatcherMode configures the matchers function mode for casbin. There are two options for this, 'glob' for glob matcher or 'regex' for regex matcher.", + "type": "string" + }, + "scopes": { + "description": "Scopes controls which OIDC scopes to examine during rbac enforcement (in addition to `sub` scope). If omitted, defaults to: '[groups]'.", + "type": "string" + } + }, + "type": "object" + }, + "redis": { + "description": "Redis defines the Redis server options for ArgoCD.", + "properties": { + "autotls": { + "description": "AutoTLS specifies the method to use for automatic TLS configuration for the redis server The value specified here can currently be: - openshift - Use the OpenShift service CA to request TLS config", + "type": "string" + }, + "disableTLSVerification": { + "description": "DisableTLSVerification defines whether redis server API should be accessed using strict TLS validation", + "type": "boolean" + }, + "image": { + "description": "Image is the Redis container image.", + "type": "string" + }, + "resources": { + "description": "Resources defines the Compute Resources required by the container for Redis.", + "properties": { + "claims": { + "description": "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers.", + "items": { + "description": "ResourceClaim references one entry in PodSpec.ResourceClaims.", + "properties": { + "name": { + "description": "Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container.", + "type": "string" + } + }, + "required": [ + "name" + ], + "type": "object" + }, + "type": "array", + "x-kubernetes-list-map-keys": [ + "name" + ], + "x-kubernetes-list-type": "map" + }, + "limits": { + "additionalProperties": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "description": "Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/", + "type": "object" + }, + "requests": { + "additionalProperties": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "description": "Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/", + "type": "object" + } + }, + "type": "object" + }, + "version": { + "description": "Version is the Redis container image tag.", + "type": "string" + } + }, + "type": "object" + }, + "repo": { + "description": "Repo defines the repo server options for Argo CD.", + "properties": { + "autotls": { + "description": "AutoTLS specifies the method to use for automatic TLS configuration for the repo server The value specified here can currently be: - openshift - Use the OpenShift service CA to request TLS config", + "type": "string" + }, + "env": { + "description": "Env lets you specify environment for repo server pods", + "items": { + "description": "EnvVar represents an environment variable present in a Container.", + "properties": { + "name": { + "description": "Name of the environment variable. Must be a C_IDENTIFIER.", + "type": "string" + }, + "value": { + "description": "Variable references $(VAR_NAME) are expanded using the previously defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to \"\".", + "type": "string" + }, + "valueFrom": { + "description": "Source for the environment variable's value. Cannot be used if value is not empty.", + "properties": { + "configMapKeyRef": { + "description": "Selects a key of a ConfigMap.", + "properties": { + "key": { + "description": "The key to select.", + "type": "string" + }, + "name": { + "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?", + "type": "string" + }, + "optional": { + "description": "Specify whether the ConfigMap or its key must be defined", + "type": "boolean" + } + }, + "required": [ + "key" + ], + "type": "object" + }, + "fieldRef": { + "description": "Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs.", + "properties": { + "apiVersion": { + "description": "Version of the schema the FieldPath is written in terms of, defaults to \"v1\".", + "type": "string" + }, + "fieldPath": { + "description": "Path of the field to select in the specified API version.", + "type": "string" + } + }, + "required": [ + "fieldPath" + ], + "type": "object" + }, + "resourceFieldRef": { + "description": "Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported.", + "properties": { + "containerName": { + "description": "Container name: required for volumes, optional for env vars", + "type": "string" + }, + "divisor": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "description": "Specifies the output format of the exposed resources, defaults to \"1\"", + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "resource": { + "description": "Required: resource to select", + "type": "string" + } + }, + "required": [ + "resource" + ], + "type": "object" + }, + "secretKeyRef": { + "description": "Selects a key of a secret in the pod's namespace", + "properties": { + "key": { + "description": "The key of the secret to select from. Must be a valid secret key.", + "type": "string" + }, + "name": { + "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?", + "type": "string" + }, + "optional": { + "description": "Specify whether the Secret or its key must be defined", + "type": "boolean" + } + }, + "required": [ + "key" + ], + "type": "object" + } + }, + "type": "object" + } + }, + "required": [ + "name" + ], + "type": "object" + }, + "type": "array" + }, + "execTimeout": { + "description": "ExecTimeout specifies the timeout in seconds for tool execution", + "type": "integer" + }, + "extraRepoCommandArgs": { + "description": "Extra Command arguments allows users to pass command line arguments to repo server workload. They get added to default command line arguments provided by the operator. Please note that the command line arguments provided as part of ExtraRepoCommandArgs will not overwrite the default command line arguments.", + "items": { + "type": "string" + }, + "type": "array" + }, + "image": { + "description": "Image is the ArgoCD Repo Server container image.", + "type": "string" + }, + "initContainers": { + "description": "InitContainers defines the list of initialization containers for the repo server deployment", + "items": { + "description": "A single application container that you want to run within a pod.", + "properties": { + "args": { + "description": "Arguments to the entrypoint. The container image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell", + "items": { + "type": "string" + }, + "type": "array" + }, + "command": { + "description": "Entrypoint array. Not executed within a shell. The container image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell", + "items": { + "type": "string" + }, + "type": "array" + }, + "env": { + "description": "List of environment variables to set in the container. Cannot be updated.", + "items": { + "description": "EnvVar represents an environment variable present in a Container.", + "properties": { + "name": { + "description": "Name of the environment variable. Must be a C_IDENTIFIER.", + "type": "string" + }, + "value": { + "description": "Variable references $(VAR_NAME) are expanded using the previously defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to \"\".", + "type": "string" + }, + "valueFrom": { + "description": "Source for the environment variable's value. Cannot be used if value is not empty.", + "properties": { + "configMapKeyRef": { + "description": "Selects a key of a ConfigMap.", + "properties": { + "key": { + "description": "The key to select.", + "type": "string" + }, + "name": { + "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?", + "type": "string" + }, + "optional": { + "description": "Specify whether the ConfigMap or its key must be defined", + "type": "boolean" + } + }, + "required": [ + "key" + ], + "type": "object" + }, + "fieldRef": { + "description": "Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs.", + "properties": { + "apiVersion": { + "description": "Version of the schema the FieldPath is written in terms of, defaults to \"v1\".", + "type": "string" + }, + "fieldPath": { + "description": "Path of the field to select in the specified API version.", + "type": "string" + } + }, + "required": [ + "fieldPath" + ], + "type": "object" + }, + "resourceFieldRef": { + "description": "Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported.", + "properties": { + "containerName": { + "description": "Container name: required for volumes, optional for env vars", + "type": "string" + }, + "divisor": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "description": "Specifies the output format of the exposed resources, defaults to \"1\"", + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "resource": { + "description": "Required: resource to select", + "type": "string" + } + }, + "required": [ + "resource" + ], + "type": "object" + }, + "secretKeyRef": { + "description": "Selects a key of a secret in the pod's namespace", + "properties": { + "key": { + "description": "The key of the secret to select from. Must be a valid secret key.", + "type": "string" + }, + "name": { + "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?", + "type": "string" + }, + "optional": { + "description": "Specify whether the Secret or its key must be defined", + "type": "boolean" + } + }, + "required": [ + "key" + ], + "type": "object" + } + }, + "type": "object" + } + }, + "required": [ + "name" + ], + "type": "object" + }, + "type": "array" + }, + "envFrom": { + "description": "List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated.", + "items": { + "description": "EnvFromSource represents the source of a set of ConfigMaps", + "properties": { + "configMapRef": { + "description": "The ConfigMap to select from", + "properties": { + "name": { + "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?", + "type": "string" + }, + "optional": { + "description": "Specify whether the ConfigMap must be defined", + "type": "boolean" + } + }, + "type": "object" + }, + "prefix": { + "description": "An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER.", + "type": "string" + }, + "secretRef": { + "description": "The Secret to select from", + "properties": { + "name": { + "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?", + "type": "string" + }, + "optional": { + "description": "Specify whether the Secret must be defined", + "type": "boolean" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "type": "array" + }, + "image": { + "description": "Container image name. More info: https://kubernetes.io/docs/concepts/containers/images This field is optional to allow higher level config management to default or override container images in workload controllers like Deployments and StatefulSets.", + "type": "string" + }, + "imagePullPolicy": { + "description": "Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images", + "type": "string" + }, + "lifecycle": { + "description": "Actions that the management system should take in response to container lifecycle events. Cannot be updated.", + "properties": { + "postStart": { + "description": "PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks", + "properties": { + "exec": { + "description": "Exec specifies the action to take.", + "properties": { + "command": { + "description": "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + }, + "httpGet": { + "description": "HTTPGet specifies the http request to perform.", + "properties": { + "host": { + "description": "Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead.", + "type": "string" + }, + "httpHeaders": { + "description": "Custom headers to set in the request. HTTP allows repeated headers.", + "items": { + "description": "HTTPHeader describes a custom header to be used in HTTP probes", + "properties": { + "name": { + "description": "The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.", + "type": "string" + }, + "value": { + "description": "The header field value", + "type": "string" + } + }, + "required": [ + "name", + "value" + ], + "type": "object" + }, + "type": "array" + }, + "path": { + "description": "Path to access on the HTTP server.", + "type": "string" + }, + "port": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "description": "Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.", + "x-kubernetes-int-or-string": true + }, + "scheme": { + "description": "Scheme to use for connecting to the host. Defaults to HTTP.", + "type": "string" + } + }, + "required": [ + "port" + ], + "type": "object" + }, + "tcpSocket": { + "description": "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified.", + "properties": { + "host": { + "description": "Optional: Host name to connect to, defaults to the pod IP.", + "type": "string" + }, + "port": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "description": "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.", + "x-kubernetes-int-or-string": true + } + }, + "required": [ + "port" + ], + "type": "object" + } + }, + "type": "object" + }, + "preStop": { + "description": "PreStop is called immediately before a container is terminated due to an API request or management event such as liveness/startup probe failure, preemption, resource contention, etc. The handler is not called if the container crashes or exits. The Pod's termination grace period countdown begins before the PreStop hook is executed. Regardless of the outcome of the handler, the container will eventually terminate within the Pod's termination grace period (unless delayed by finalizers). Other management of the container blocks until the hook completes or until the termination grace period is reached. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks", + "properties": { + "exec": { + "description": "Exec specifies the action to take.", + "properties": { + "command": { + "description": "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + }, + "httpGet": { + "description": "HTTPGet specifies the http request to perform.", + "properties": { + "host": { + "description": "Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead.", + "type": "string" + }, + "httpHeaders": { + "description": "Custom headers to set in the request. HTTP allows repeated headers.", + "items": { + "description": "HTTPHeader describes a custom header to be used in HTTP probes", + "properties": { + "name": { + "description": "The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.", + "type": "string" + }, + "value": { + "description": "The header field value", + "type": "string" + } + }, + "required": [ + "name", + "value" + ], + "type": "object" + }, + "type": "array" + }, + "path": { + "description": "Path to access on the HTTP server.", + "type": "string" + }, + "port": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "description": "Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.", + "x-kubernetes-int-or-string": true + }, + "scheme": { + "description": "Scheme to use for connecting to the host. Defaults to HTTP.", + "type": "string" + } + }, + "required": [ + "port" + ], + "type": "object" + }, + "tcpSocket": { + "description": "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified.", + "properties": { + "host": { + "description": "Optional: Host name to connect to, defaults to the pod IP.", + "type": "string" + }, + "port": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "description": "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.", + "x-kubernetes-int-or-string": true + } + }, + "required": [ + "port" + ], + "type": "object" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "livenessProbe": { + "description": "Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes", + "properties": { + "exec": { + "description": "Exec specifies the action to take.", + "properties": { + "command": { + "description": "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + }, + "failureThreshold": { + "description": "Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.", + "format": "int32", + "type": "integer" + }, + "grpc": { + "description": "GRPC specifies an action involving a GRPC port.", + "properties": { + "port": { + "description": "Port number of the gRPC service. Number must be in the range 1 to 65535.", + "format": "int32", + "type": "integer" + }, + "service": { + "description": "Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). \n If this is not specified, the default behavior is defined by gRPC.", + "type": "string" + } + }, + "required": [ + "port" + ], + "type": "object" + }, + "httpGet": { + "description": "HTTPGet specifies the http request to perform.", + "properties": { + "host": { + "description": "Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead.", + "type": "string" + }, + "httpHeaders": { + "description": "Custom headers to set in the request. HTTP allows repeated headers.", + "items": { + "description": "HTTPHeader describes a custom header to be used in HTTP probes", + "properties": { + "name": { + "description": "The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.", + "type": "string" + }, + "value": { + "description": "The header field value", + "type": "string" + } + }, + "required": [ + "name", + "value" + ], + "type": "object" + }, + "type": "array" + }, + "path": { + "description": "Path to access on the HTTP server.", + "type": "string" + }, + "port": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "description": "Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.", + "x-kubernetes-int-or-string": true + }, + "scheme": { + "description": "Scheme to use for connecting to the host. Defaults to HTTP.", + "type": "string" + } + }, + "required": [ + "port" + ], + "type": "object" + }, + "initialDelaySeconds": { + "description": "Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes", + "format": "int32", + "type": "integer" + }, + "periodSeconds": { + "description": "How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1.", + "format": "int32", + "type": "integer" + }, + "successThreshold": { + "description": "Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1.", + "format": "int32", + "type": "integer" + }, + "tcpSocket": { + "description": "TCPSocket specifies an action involving a TCP port.", + "properties": { + "host": { + "description": "Optional: Host name to connect to, defaults to the pod IP.", + "type": "string" + }, + "port": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "description": "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.", + "x-kubernetes-int-or-string": true + } + }, + "required": [ + "port" + ], + "type": "object" + }, + "terminationGracePeriodSeconds": { + "description": "Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset.", + "format": "int64", + "type": "integer" + }, + "timeoutSeconds": { + "description": "Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes", + "format": "int32", + "type": "integer" + } + }, + "type": "object" + }, + "name": { + "description": "Name of the container specified as a DNS_LABEL. Each container in a pod must have a unique name (DNS_LABEL). Cannot be updated.", + "type": "string" + }, + "ports": { + "description": "List of ports to expose from the container. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default \"0.0.0.0\" address inside a container will be accessible from the network. Modifying this array with strategic merge patch may corrupt the data. For more information See https://github.com/kubernetes/kubernetes/issues/108255. Cannot be updated.", + "items": { + "description": "ContainerPort represents a network port in a single container.", + "properties": { + "containerPort": { + "description": "Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536.", + "format": "int32", + "type": "integer" + }, + "hostIP": { + "description": "What host IP to bind the external port to.", + "type": "string" + }, + "hostPort": { + "description": "Number of port to expose on the host. If specified, this must be a valid port number, 0 < x < 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this.", + "format": "int32", + "type": "integer" + }, + "name": { + "description": "If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services.", + "type": "string" + }, + "protocol": { + "default": "TCP", + "description": "Protocol for port. Must be UDP, TCP, or SCTP. Defaults to \"TCP\".", + "type": "string" + } + }, + "required": [ + "containerPort" + ], + "type": "object" + }, + "type": "array", + "x-kubernetes-list-map-keys": [ + "containerPort", + "protocol" + ], + "x-kubernetes-list-type": "map" + }, + "readinessProbe": { + "description": "Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes", + "properties": { + "exec": { + "description": "Exec specifies the action to take.", + "properties": { + "command": { + "description": "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + }, + "failureThreshold": { + "description": "Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.", + "format": "int32", + "type": "integer" + }, + "grpc": { + "description": "GRPC specifies an action involving a GRPC port.", + "properties": { + "port": { + "description": "Port number of the gRPC service. Number must be in the range 1 to 65535.", + "format": "int32", + "type": "integer" + }, + "service": { + "description": "Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). \n If this is not specified, the default behavior is defined by gRPC.", + "type": "string" + } + }, + "required": [ + "port" + ], + "type": "object" + }, + "httpGet": { + "description": "HTTPGet specifies the http request to perform.", + "properties": { + "host": { + "description": "Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead.", + "type": "string" + }, + "httpHeaders": { + "description": "Custom headers to set in the request. HTTP allows repeated headers.", + "items": { + "description": "HTTPHeader describes a custom header to be used in HTTP probes", + "properties": { + "name": { + "description": "The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.", + "type": "string" + }, + "value": { + "description": "The header field value", + "type": "string" + } + }, + "required": [ + "name", + "value" + ], + "type": "object" + }, + "type": "array" + }, + "path": { + "description": "Path to access on the HTTP server.", + "type": "string" + }, + "port": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "description": "Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.", + "x-kubernetes-int-or-string": true + }, + "scheme": { + "description": "Scheme to use for connecting to the host. Defaults to HTTP.", + "type": "string" + } + }, + "required": [ + "port" + ], + "type": "object" + }, + "initialDelaySeconds": { + "description": "Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes", + "format": "int32", + "type": "integer" + }, + "periodSeconds": { + "description": "How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1.", + "format": "int32", + "type": "integer" + }, + "successThreshold": { + "description": "Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1.", + "format": "int32", + "type": "integer" + }, + "tcpSocket": { + "description": "TCPSocket specifies an action involving a TCP port.", + "properties": { + "host": { + "description": "Optional: Host name to connect to, defaults to the pod IP.", + "type": "string" + }, + "port": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "description": "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.", + "x-kubernetes-int-or-string": true + } + }, + "required": [ + "port" + ], + "type": "object" + }, + "terminationGracePeriodSeconds": { + "description": "Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset.", + "format": "int64", + "type": "integer" + }, + "timeoutSeconds": { + "description": "Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes", + "format": "int32", + "type": "integer" + } + }, + "type": "object" + }, + "resizePolicy": { + "description": "Resources resize policy for the container.", + "items": { + "description": "ContainerResizePolicy represents resource resize policy for the container.", + "properties": { + "resourceName": { + "description": "Name of the resource to which this resource resize policy applies. Supported values: cpu, memory.", + "type": "string" + }, + "restartPolicy": { + "description": "Restart policy to apply when specified resource is resized. If not specified, it defaults to NotRequired.", + "type": "string" + } + }, + "required": [ + "resourceName", + "restartPolicy" + ], + "type": "object" + }, + "type": "array", + "x-kubernetes-list-type": "atomic" + }, + "resources": { + "description": "Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/", + "properties": { + "claims": { + "description": "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers.", + "items": { + "description": "ResourceClaim references one entry in PodSpec.ResourceClaims.", + "properties": { + "name": { + "description": "Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container.", + "type": "string" + } + }, + "required": [ + "name" + ], + "type": "object" + }, + "type": "array", + "x-kubernetes-list-map-keys": [ + "name" + ], + "x-kubernetes-list-type": "map" + }, + "limits": { + "additionalProperties": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "description": "Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/", + "type": "object" + }, + "requests": { + "additionalProperties": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "description": "Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/", + "type": "object" + } + }, + "type": "object" + }, + "restartPolicy": { + "description": "RestartPolicy defines the restart behavior of individual containers in a pod. This field may only be set for init containers, and the only allowed value is \"Always\". For non-init containers or when this field is not specified, the restart behavior is defined by the Pod's restart policy and the container type. Setting the RestartPolicy as \"Always\" for the init container will have the following effect: this init container will be continually restarted on exit until all regular containers have terminated. Once all regular containers have completed, all init containers with restartPolicy \"Always\" will be shut down. This lifecycle differs from normal init containers and is often referred to as a \"sidecar\" container. Although this init container still starts in the init container sequence, it does not wait for the container to complete before proceeding to the next init container. Instead, the next init container starts immediately after this init container is started, or after any startupProbe has successfully completed.", + "type": "string" + }, + "securityContext": { + "description": "SecurityContext defines the security options the container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/", + "properties": { + "allowPrivilegeEscalation": { + "description": "AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN Note that this field cannot be set when spec.os.name is windows.", + "type": "boolean" + }, + "capabilities": { + "description": "The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. Note that this field cannot be set when spec.os.name is windows.", + "properties": { + "add": { + "description": "Added capabilities", + "items": { + "description": "Capability represent POSIX capabilities type", + "type": "string" + }, + "type": "array" + }, + "drop": { + "description": "Removed capabilities", + "items": { + "description": "Capability represent POSIX capabilities type", + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + }, + "privileged": { + "description": "Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. Note that this field cannot be set when spec.os.name is windows.", + "type": "boolean" + }, + "procMount": { + "description": "procMount denotes the type of proc mount to use for the containers. The default is DefaultProcMount which uses the container runtime defaults for readonly paths and masked paths. This requires the ProcMountType feature flag to be enabled. Note that this field cannot be set when spec.os.name is windows.", + "type": "string" + }, + "readOnlyRootFilesystem": { + "description": "Whether this container has a read-only root filesystem. Default is false. Note that this field cannot be set when spec.os.name is windows.", + "type": "boolean" + }, + "runAsGroup": { + "description": "The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows.", + "format": "int64", + "type": "integer" + }, + "runAsNonRoot": { + "description": "Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.", + "type": "boolean" + }, + "runAsUser": { + "description": "The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows.", + "format": "int64", + "type": "integer" + }, + "seLinuxOptions": { + "description": "The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows.", + "properties": { + "level": { + "description": "Level is SELinux level label that applies to the container.", + "type": "string" + }, + "role": { + "description": "Role is a SELinux role label that applies to the container.", + "type": "string" + }, + "type": { + "description": "Type is a SELinux type label that applies to the container.", + "type": "string" + }, + "user": { + "description": "User is a SELinux user label that applies to the container.", + "type": "string" + } + }, + "type": "object" + }, + "seccompProfile": { + "description": "The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows.", + "properties": { + "localhostProfile": { + "description": "localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must be set if type is \"Localhost\". Must NOT be set for any other type.", + "type": "string" + }, + "type": { + "description": "type indicates which kind of seccomp profile will be applied. Valid options are: \n Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied.", + "type": "string" + } + }, + "required": [ + "type" + ], + "type": "object" + }, + "windowsOptions": { + "description": "The Windows specific settings applied to all containers. If unspecified, the options from the PodSecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is linux.", + "properties": { + "gmsaCredentialSpec": { + "description": "GMSACredentialSpec is where the GMSA admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the GMSA credential spec named by the GMSACredentialSpecName field.", + "type": "string" + }, + "gmsaCredentialSpecName": { + "description": "GMSACredentialSpecName is the name of the GMSA credential spec to use.", + "type": "string" + }, + "hostProcess": { + "description": "HostProcess determines if a container should be run as a 'Host Process' container. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.", + "type": "boolean" + }, + "runAsUserName": { + "description": "The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.", + "type": "string" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "startupProbe": { + "description": "StartupProbe indicates that the Pod has successfully initialized. If specified, no other probes are executed until this completes successfully. If this probe fails, the Pod will be restarted, just as if the livenessProbe failed. This can be used to provide different probe parameters at the beginning of a Pod's lifecycle, when it might take a long time to load data or warm a cache, than during steady-state operation. This cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes", + "properties": { + "exec": { + "description": "Exec specifies the action to take.", + "properties": { + "command": { + "description": "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + }, + "failureThreshold": { + "description": "Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.", + "format": "int32", + "type": "integer" + }, + "grpc": { + "description": "GRPC specifies an action involving a GRPC port.", + "properties": { + "port": { + "description": "Port number of the gRPC service. Number must be in the range 1 to 65535.", + "format": "int32", + "type": "integer" + }, + "service": { + "description": "Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). \n If this is not specified, the default behavior is defined by gRPC.", + "type": "string" + } + }, + "required": [ + "port" + ], + "type": "object" + }, + "httpGet": { + "description": "HTTPGet specifies the http request to perform.", + "properties": { + "host": { + "description": "Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead.", + "type": "string" + }, + "httpHeaders": { + "description": "Custom headers to set in the request. HTTP allows repeated headers.", + "items": { + "description": "HTTPHeader describes a custom header to be used in HTTP probes", + "properties": { + "name": { + "description": "The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.", + "type": "string" + }, + "value": { + "description": "The header field value", + "type": "string" + } + }, + "required": [ + "name", + "value" + ], + "type": "object" + }, + "type": "array" + }, + "path": { + "description": "Path to access on the HTTP server.", + "type": "string" + }, + "port": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "description": "Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.", + "x-kubernetes-int-or-string": true + }, + "scheme": { + "description": "Scheme to use for connecting to the host. Defaults to HTTP.", + "type": "string" + } + }, + "required": [ + "port" + ], + "type": "object" + }, + "initialDelaySeconds": { + "description": "Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes", + "format": "int32", + "type": "integer" + }, + "periodSeconds": { + "description": "How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1.", + "format": "int32", + "type": "integer" + }, + "successThreshold": { + "description": "Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1.", + "format": "int32", + "type": "integer" + }, + "tcpSocket": { + "description": "TCPSocket specifies an action involving a TCP port.", + "properties": { + "host": { + "description": "Optional: Host name to connect to, defaults to the pod IP.", + "type": "string" + }, + "port": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "description": "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.", + "x-kubernetes-int-or-string": true + } + }, + "required": [ + "port" + ], + "type": "object" + }, + "terminationGracePeriodSeconds": { + "description": "Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset.", + "format": "int64", + "type": "integer" + }, + "timeoutSeconds": { + "description": "Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes", + "format": "int32", + "type": "integer" + } + }, + "type": "object" + }, + "stdin": { + "description": "Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false.", + "type": "boolean" + }, + "stdinOnce": { + "description": "Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false", + "type": "boolean" + }, + "terminationMessagePath": { + "description": "Optional: Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated.", + "type": "string" + }, + "terminationMessagePolicy": { + "description": "Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated.", + "type": "string" + }, + "tty": { + "description": "Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. Default is false.", + "type": "boolean" + }, + "volumeDevices": { + "description": "volumeDevices is the list of block devices to be used by the container.", + "items": { + "description": "volumeDevice describes a mapping of a raw block device within a container.", + "properties": { + "devicePath": { + "description": "devicePath is the path inside of the container that the device will be mapped to.", + "type": "string" + }, + "name": { + "description": "name must match the name of a persistentVolumeClaim in the pod", + "type": "string" + } + }, + "required": [ + "devicePath", + "name" + ], + "type": "object" + }, + "type": "array" + }, + "volumeMounts": { + "description": "Pod volumes to mount into the container's filesystem. Cannot be updated.", + "items": { + "description": "VolumeMount describes a mounting of a Volume within a container.", + "properties": { + "mountPath": { + "description": "Path within the container at which the volume should be mounted. Must not contain ':'.", + "type": "string" + }, + "mountPropagation": { + "description": "mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationNone is used. This field is beta in 1.10.", + "type": "string" + }, + "name": { + "description": "This must match the Name of a Volume.", + "type": "string" + }, + "readOnly": { + "description": "Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false.", + "type": "boolean" + }, + "subPath": { + "description": "Path within the volume from which the container's volume should be mounted. Defaults to \"\" (volume's root).", + "type": "string" + }, + "subPathExpr": { + "description": "Expanded path within the volume from which the container's volume should be mounted. Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. Defaults to \"\" (volume's root). SubPathExpr and SubPath are mutually exclusive.", + "type": "string" + } + }, + "required": [ + "mountPath", + "name" + ], + "type": "object" + }, + "type": "array" + }, + "workingDir": { + "description": "Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated.", + "type": "string" + } + }, + "required": [ + "name" + ], + "type": "object" + }, + "type": "array" + }, + "logFormat": { + "description": "LogFormat describes the log format that should be used by the Repo Server. Defaults to ArgoCDDefaultLogFormat if not configured. Valid options are text or json.", + "type": "string" + }, + "logLevel": { + "description": "LogLevel describes the log level that should be used by the Repo Server. Defaults to ArgoCDDefaultLogLevel if not set. Valid options are debug, info, error, and warn.", + "type": "string" + }, + "mountsatoken": { + "description": "MountSAToken describes whether you would like to have the Repo server mount the service account token", + "type": "boolean" + }, + "replicas": { + "description": "Replicas defines the number of replicas for argocd-repo-server. Value should be greater than or equal to 0. Default is nil.", + "format": "int32", + "type": "integer" + }, + "resources": { + "description": "Resources defines the Compute Resources required by the container for Redis.", + "properties": { + "claims": { + "description": "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers.", + "items": { + "description": "ResourceClaim references one entry in PodSpec.ResourceClaims.", + "properties": { + "name": { + "description": "Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container.", + "type": "string" + } + }, + "required": [ + "name" + ], + "type": "object" + }, + "type": "array", + "x-kubernetes-list-map-keys": [ + "name" + ], + "x-kubernetes-list-type": "map" + }, + "limits": { + "additionalProperties": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "description": "Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/", + "type": "object" + }, + "requests": { + "additionalProperties": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "description": "Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/", + "type": "object" + } + }, + "type": "object" + }, + "serviceaccount": { + "description": "ServiceAccount defines the ServiceAccount user that you would like the Repo server to use", + "type": "string" + }, + "sidecarContainers": { + "description": "SidecarContainers defines the list of sidecar containers for the repo server deployment", + "items": { + "description": "A single application container that you want to run within a pod.", + "properties": { + "args": { + "description": "Arguments to the entrypoint. The container image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell", + "items": { + "type": "string" + }, + "type": "array" + }, + "command": { + "description": "Entrypoint array. Not executed within a shell. The container image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell", + "items": { + "type": "string" + }, + "type": "array" + }, + "env": { + "description": "List of environment variables to set in the container. Cannot be updated.", + "items": { + "description": "EnvVar represents an environment variable present in a Container.", + "properties": { + "name": { + "description": "Name of the environment variable. Must be a C_IDENTIFIER.", + "type": "string" + }, + "value": { + "description": "Variable references $(VAR_NAME) are expanded using the previously defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to \"\".", + "type": "string" + }, + "valueFrom": { + "description": "Source for the environment variable's value. Cannot be used if value is not empty.", + "properties": { + "configMapKeyRef": { + "description": "Selects a key of a ConfigMap.", + "properties": { + "key": { + "description": "The key to select.", + "type": "string" + }, + "name": { + "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?", + "type": "string" + }, + "optional": { + "description": "Specify whether the ConfigMap or its key must be defined", + "type": "boolean" + } + }, + "required": [ + "key" + ], + "type": "object" + }, + "fieldRef": { + "description": "Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs.", + "properties": { + "apiVersion": { + "description": "Version of the schema the FieldPath is written in terms of, defaults to \"v1\".", + "type": "string" + }, + "fieldPath": { + "description": "Path of the field to select in the specified API version.", + "type": "string" + } + }, + "required": [ + "fieldPath" + ], + "type": "object" + }, + "resourceFieldRef": { + "description": "Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported.", + "properties": { + "containerName": { + "description": "Container name: required for volumes, optional for env vars", + "type": "string" + }, + "divisor": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "description": "Specifies the output format of the exposed resources, defaults to \"1\"", + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "resource": { + "description": "Required: resource to select", + "type": "string" + } + }, + "required": [ + "resource" + ], + "type": "object" + }, + "secretKeyRef": { + "description": "Selects a key of a secret in the pod's namespace", + "properties": { + "key": { + "description": "The key of the secret to select from. Must be a valid secret key.", + "type": "string" + }, + "name": { + "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?", + "type": "string" + }, + "optional": { + "description": "Specify whether the Secret or its key must be defined", + "type": "boolean" + } + }, + "required": [ + "key" + ], + "type": "object" + } + }, + "type": "object" + } + }, + "required": [ + "name" + ], + "type": "object" + }, + "type": "array" + }, + "envFrom": { + "description": "List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated.", + "items": { + "description": "EnvFromSource represents the source of a set of ConfigMaps", + "properties": { + "configMapRef": { + "description": "The ConfigMap to select from", + "properties": { + "name": { + "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?", + "type": "string" + }, + "optional": { + "description": "Specify whether the ConfigMap must be defined", + "type": "boolean" + } + }, + "type": "object" + }, + "prefix": { + "description": "An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER.", + "type": "string" + }, + "secretRef": { + "description": "The Secret to select from", + "properties": { + "name": { + "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?", + "type": "string" + }, + "optional": { + "description": "Specify whether the Secret must be defined", + "type": "boolean" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "type": "array" + }, + "image": { + "description": "Container image name. More info: https://kubernetes.io/docs/concepts/containers/images This field is optional to allow higher level config management to default or override container images in workload controllers like Deployments and StatefulSets.", + "type": "string" + }, + "imagePullPolicy": { + "description": "Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images", + "type": "string" + }, + "lifecycle": { + "description": "Actions that the management system should take in response to container lifecycle events. Cannot be updated.", + "properties": { + "postStart": { + "description": "PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks", + "properties": { + "exec": { + "description": "Exec specifies the action to take.", + "properties": { + "command": { + "description": "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + }, + "httpGet": { + "description": "HTTPGet specifies the http request to perform.", + "properties": { + "host": { + "description": "Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead.", + "type": "string" + }, + "httpHeaders": { + "description": "Custom headers to set in the request. HTTP allows repeated headers.", + "items": { + "description": "HTTPHeader describes a custom header to be used in HTTP probes", + "properties": { + "name": { + "description": "The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.", + "type": "string" + }, + "value": { + "description": "The header field value", + "type": "string" + } + }, + "required": [ + "name", + "value" + ], + "type": "object" + }, + "type": "array" + }, + "path": { + "description": "Path to access on the HTTP server.", + "type": "string" + }, + "port": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "description": "Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.", + "x-kubernetes-int-or-string": true + }, + "scheme": { + "description": "Scheme to use for connecting to the host. Defaults to HTTP.", + "type": "string" + } + }, + "required": [ + "port" + ], + "type": "object" + }, + "tcpSocket": { + "description": "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified.", + "properties": { + "host": { + "description": "Optional: Host name to connect to, defaults to the pod IP.", + "type": "string" + }, + "port": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "description": "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.", + "x-kubernetes-int-or-string": true + } + }, + "required": [ + "port" + ], + "type": "object" + } + }, + "type": "object" + }, + "preStop": { + "description": "PreStop is called immediately before a container is terminated due to an API request or management event such as liveness/startup probe failure, preemption, resource contention, etc. The handler is not called if the container crashes or exits. The Pod's termination grace period countdown begins before the PreStop hook is executed. Regardless of the outcome of the handler, the container will eventually terminate within the Pod's termination grace period (unless delayed by finalizers). Other management of the container blocks until the hook completes or until the termination grace period is reached. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks", + "properties": { + "exec": { + "description": "Exec specifies the action to take.", + "properties": { + "command": { + "description": "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + }, + "httpGet": { + "description": "HTTPGet specifies the http request to perform.", + "properties": { + "host": { + "description": "Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead.", + "type": "string" + }, + "httpHeaders": { + "description": "Custom headers to set in the request. HTTP allows repeated headers.", + "items": { + "description": "HTTPHeader describes a custom header to be used in HTTP probes", + "properties": { + "name": { + "description": "The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.", + "type": "string" + }, + "value": { + "description": "The header field value", + "type": "string" + } + }, + "required": [ + "name", + "value" + ], + "type": "object" + }, + "type": "array" + }, + "path": { + "description": "Path to access on the HTTP server.", + "type": "string" + }, + "port": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "description": "Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.", + "x-kubernetes-int-or-string": true + }, + "scheme": { + "description": "Scheme to use for connecting to the host. Defaults to HTTP.", + "type": "string" + } + }, + "required": [ + "port" + ], + "type": "object" + }, + "tcpSocket": { + "description": "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified.", + "properties": { + "host": { + "description": "Optional: Host name to connect to, defaults to the pod IP.", + "type": "string" + }, + "port": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "description": "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.", + "x-kubernetes-int-or-string": true + } + }, + "required": [ + "port" + ], + "type": "object" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "livenessProbe": { + "description": "Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes", + "properties": { + "exec": { + "description": "Exec specifies the action to take.", + "properties": { + "command": { + "description": "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + }, + "failureThreshold": { + "description": "Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.", + "format": "int32", + "type": "integer" + }, + "grpc": { + "description": "GRPC specifies an action involving a GRPC port.", + "properties": { + "port": { + "description": "Port number of the gRPC service. Number must be in the range 1 to 65535.", + "format": "int32", + "type": "integer" + }, + "service": { + "description": "Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). \n If this is not specified, the default behavior is defined by gRPC.", + "type": "string" + } + }, + "required": [ + "port" + ], + "type": "object" + }, + "httpGet": { + "description": "HTTPGet specifies the http request to perform.", + "properties": { + "host": { + "description": "Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead.", + "type": "string" + }, + "httpHeaders": { + "description": "Custom headers to set in the request. HTTP allows repeated headers.", + "items": { + "description": "HTTPHeader describes a custom header to be used in HTTP probes", + "properties": { + "name": { + "description": "The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.", + "type": "string" + }, + "value": { + "description": "The header field value", + "type": "string" + } + }, + "required": [ + "name", + "value" + ], + "type": "object" + }, + "type": "array" + }, + "path": { + "description": "Path to access on the HTTP server.", + "type": "string" + }, + "port": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "description": "Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.", + "x-kubernetes-int-or-string": true + }, + "scheme": { + "description": "Scheme to use for connecting to the host. Defaults to HTTP.", + "type": "string" + } + }, + "required": [ + "port" + ], + "type": "object" + }, + "initialDelaySeconds": { + "description": "Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes", + "format": "int32", + "type": "integer" + }, + "periodSeconds": { + "description": "How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1.", + "format": "int32", + "type": "integer" + }, + "successThreshold": { + "description": "Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1.", + "format": "int32", + "type": "integer" + }, + "tcpSocket": { + "description": "TCPSocket specifies an action involving a TCP port.", + "properties": { + "host": { + "description": "Optional: Host name to connect to, defaults to the pod IP.", + "type": "string" + }, + "port": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "description": "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.", + "x-kubernetes-int-or-string": true + } + }, + "required": [ + "port" + ], + "type": "object" + }, + "terminationGracePeriodSeconds": { + "description": "Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset.", + "format": "int64", + "type": "integer" + }, + "timeoutSeconds": { + "description": "Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes", + "format": "int32", + "type": "integer" + } + }, + "type": "object" + }, + "name": { + "description": "Name of the container specified as a DNS_LABEL. Each container in a pod must have a unique name (DNS_LABEL). Cannot be updated.", + "type": "string" + }, + "ports": { + "description": "List of ports to expose from the container. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default \"0.0.0.0\" address inside a container will be accessible from the network. Modifying this array with strategic merge patch may corrupt the data. For more information See https://github.com/kubernetes/kubernetes/issues/108255. Cannot be updated.", + "items": { + "description": "ContainerPort represents a network port in a single container.", + "properties": { + "containerPort": { + "description": "Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536.", + "format": "int32", + "type": "integer" + }, + "hostIP": { + "description": "What host IP to bind the external port to.", + "type": "string" + }, + "hostPort": { + "description": "Number of port to expose on the host. If specified, this must be a valid port number, 0 < x < 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this.", + "format": "int32", + "type": "integer" + }, + "name": { + "description": "If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services.", + "type": "string" + }, + "protocol": { + "default": "TCP", + "description": "Protocol for port. Must be UDP, TCP, or SCTP. Defaults to \"TCP\".", + "type": "string" + } + }, + "required": [ + "containerPort" + ], + "type": "object" + }, + "type": "array", + "x-kubernetes-list-map-keys": [ + "containerPort", + "protocol" + ], + "x-kubernetes-list-type": "map" + }, + "readinessProbe": { + "description": "Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes", + "properties": { + "exec": { + "description": "Exec specifies the action to take.", + "properties": { + "command": { + "description": "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + }, + "failureThreshold": { + "description": "Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.", + "format": "int32", + "type": "integer" + }, + "grpc": { + "description": "GRPC specifies an action involving a GRPC port.", + "properties": { + "port": { + "description": "Port number of the gRPC service. Number must be in the range 1 to 65535.", + "format": "int32", + "type": "integer" + }, + "service": { + "description": "Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). \n If this is not specified, the default behavior is defined by gRPC.", + "type": "string" + } + }, + "required": [ + "port" + ], + "type": "object" + }, + "httpGet": { + "description": "HTTPGet specifies the http request to perform.", + "properties": { + "host": { + "description": "Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead.", + "type": "string" + }, + "httpHeaders": { + "description": "Custom headers to set in the request. HTTP allows repeated headers.", + "items": { + "description": "HTTPHeader describes a custom header to be used in HTTP probes", + "properties": { + "name": { + "description": "The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.", + "type": "string" + }, + "value": { + "description": "The header field value", + "type": "string" + } + }, + "required": [ + "name", + "value" + ], + "type": "object" + }, + "type": "array" + }, + "path": { + "description": "Path to access on the HTTP server.", + "type": "string" + }, + "port": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "description": "Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.", + "x-kubernetes-int-or-string": true + }, + "scheme": { + "description": "Scheme to use for connecting to the host. Defaults to HTTP.", + "type": "string" + } + }, + "required": [ + "port" + ], + "type": "object" + }, + "initialDelaySeconds": { + "description": "Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes", + "format": "int32", + "type": "integer" + }, + "periodSeconds": { + "description": "How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1.", + "format": "int32", + "type": "integer" + }, + "successThreshold": { + "description": "Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1.", + "format": "int32", + "type": "integer" + }, + "tcpSocket": { + "description": "TCPSocket specifies an action involving a TCP port.", + "properties": { + "host": { + "description": "Optional: Host name to connect to, defaults to the pod IP.", + "type": "string" + }, + "port": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "description": "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.", + "x-kubernetes-int-or-string": true + } + }, + "required": [ + "port" + ], + "type": "object" + }, + "terminationGracePeriodSeconds": { + "description": "Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset.", + "format": "int64", + "type": "integer" + }, + "timeoutSeconds": { + "description": "Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes", + "format": "int32", + "type": "integer" + } + }, + "type": "object" + }, + "resizePolicy": { + "description": "Resources resize policy for the container.", + "items": { + "description": "ContainerResizePolicy represents resource resize policy for the container.", + "properties": { + "resourceName": { + "description": "Name of the resource to which this resource resize policy applies. Supported values: cpu, memory.", + "type": "string" + }, + "restartPolicy": { + "description": "Restart policy to apply when specified resource is resized. If not specified, it defaults to NotRequired.", + "type": "string" + } + }, + "required": [ + "resourceName", + "restartPolicy" + ], + "type": "object" + }, + "type": "array", + "x-kubernetes-list-type": "atomic" + }, + "resources": { + "description": "Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/", + "properties": { + "claims": { + "description": "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers.", + "items": { + "description": "ResourceClaim references one entry in PodSpec.ResourceClaims.", + "properties": { + "name": { + "description": "Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container.", + "type": "string" + } + }, + "required": [ + "name" + ], + "type": "object" + }, + "type": "array", + "x-kubernetes-list-map-keys": [ + "name" + ], + "x-kubernetes-list-type": "map" + }, + "limits": { + "additionalProperties": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "description": "Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/", + "type": "object" + }, + "requests": { + "additionalProperties": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "description": "Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/", + "type": "object" + } + }, + "type": "object" + }, + "restartPolicy": { + "description": "RestartPolicy defines the restart behavior of individual containers in a pod. This field may only be set for init containers, and the only allowed value is \"Always\". For non-init containers or when this field is not specified, the restart behavior is defined by the Pod's restart policy and the container type. Setting the RestartPolicy as \"Always\" for the init container will have the following effect: this init container will be continually restarted on exit until all regular containers have terminated. Once all regular containers have completed, all init containers with restartPolicy \"Always\" will be shut down. This lifecycle differs from normal init containers and is often referred to as a \"sidecar\" container. Although this init container still starts in the init container sequence, it does not wait for the container to complete before proceeding to the next init container. Instead, the next init container starts immediately after this init container is started, or after any startupProbe has successfully completed.", + "type": "string" + }, + "securityContext": { + "description": "SecurityContext defines the security options the container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/", + "properties": { + "allowPrivilegeEscalation": { + "description": "AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN Note that this field cannot be set when spec.os.name is windows.", + "type": "boolean" + }, + "capabilities": { + "description": "The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. Note that this field cannot be set when spec.os.name is windows.", + "properties": { + "add": { + "description": "Added capabilities", + "items": { + "description": "Capability represent POSIX capabilities type", + "type": "string" + }, + "type": "array" + }, + "drop": { + "description": "Removed capabilities", + "items": { + "description": "Capability represent POSIX capabilities type", + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + }, + "privileged": { + "description": "Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. Note that this field cannot be set when spec.os.name is windows.", + "type": "boolean" + }, + "procMount": { + "description": "procMount denotes the type of proc mount to use for the containers. The default is DefaultProcMount which uses the container runtime defaults for readonly paths and masked paths. This requires the ProcMountType feature flag to be enabled. Note that this field cannot be set when spec.os.name is windows.", + "type": "string" + }, + "readOnlyRootFilesystem": { + "description": "Whether this container has a read-only root filesystem. Default is false. Note that this field cannot be set when spec.os.name is windows.", + "type": "boolean" + }, + "runAsGroup": { + "description": "The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows.", + "format": "int64", + "type": "integer" + }, + "runAsNonRoot": { + "description": "Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.", + "type": "boolean" + }, + "runAsUser": { + "description": "The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows.", + "format": "int64", + "type": "integer" + }, + "seLinuxOptions": { + "description": "The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows.", + "properties": { + "level": { + "description": "Level is SELinux level label that applies to the container.", + "type": "string" + }, + "role": { + "description": "Role is a SELinux role label that applies to the container.", + "type": "string" + }, + "type": { + "description": "Type is a SELinux type label that applies to the container.", + "type": "string" + }, + "user": { + "description": "User is a SELinux user label that applies to the container.", + "type": "string" + } + }, + "type": "object" + }, + "seccompProfile": { + "description": "The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows.", + "properties": { + "localhostProfile": { + "description": "localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must be set if type is \"Localhost\". Must NOT be set for any other type.", + "type": "string" + }, + "type": { + "description": "type indicates which kind of seccomp profile will be applied. Valid options are: \n Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied.", + "type": "string" + } + }, + "required": [ + "type" + ], + "type": "object" + }, + "windowsOptions": { + "description": "The Windows specific settings applied to all containers. If unspecified, the options from the PodSecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is linux.", + "properties": { + "gmsaCredentialSpec": { + "description": "GMSACredentialSpec is where the GMSA admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the GMSA credential spec named by the GMSACredentialSpecName field.", + "type": "string" + }, + "gmsaCredentialSpecName": { + "description": "GMSACredentialSpecName is the name of the GMSA credential spec to use.", + "type": "string" + }, + "hostProcess": { + "description": "HostProcess determines if a container should be run as a 'Host Process' container. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.", + "type": "boolean" + }, + "runAsUserName": { + "description": "The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.", + "type": "string" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "startupProbe": { + "description": "StartupProbe indicates that the Pod has successfully initialized. If specified, no other probes are executed until this completes successfully. If this probe fails, the Pod will be restarted, just as if the livenessProbe failed. This can be used to provide different probe parameters at the beginning of a Pod's lifecycle, when it might take a long time to load data or warm a cache, than during steady-state operation. This cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes", + "properties": { + "exec": { + "description": "Exec specifies the action to take.", + "properties": { + "command": { + "description": "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + }, + "failureThreshold": { + "description": "Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.", + "format": "int32", + "type": "integer" + }, + "grpc": { + "description": "GRPC specifies an action involving a GRPC port.", + "properties": { + "port": { + "description": "Port number of the gRPC service. Number must be in the range 1 to 65535.", + "format": "int32", + "type": "integer" + }, + "service": { + "description": "Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). \n If this is not specified, the default behavior is defined by gRPC.", + "type": "string" + } + }, + "required": [ + "port" + ], + "type": "object" + }, + "httpGet": { + "description": "HTTPGet specifies the http request to perform.", + "properties": { + "host": { + "description": "Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead.", + "type": "string" + }, + "httpHeaders": { + "description": "Custom headers to set in the request. HTTP allows repeated headers.", + "items": { + "description": "HTTPHeader describes a custom header to be used in HTTP probes", + "properties": { + "name": { + "description": "The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.", + "type": "string" + }, + "value": { + "description": "The header field value", + "type": "string" + } + }, + "required": [ + "name", + "value" + ], + "type": "object" + }, + "type": "array" + }, + "path": { + "description": "Path to access on the HTTP server.", + "type": "string" + }, + "port": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "description": "Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.", + "x-kubernetes-int-or-string": true + }, + "scheme": { + "description": "Scheme to use for connecting to the host. Defaults to HTTP.", + "type": "string" + } + }, + "required": [ + "port" + ], + "type": "object" + }, + "initialDelaySeconds": { + "description": "Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes", + "format": "int32", + "type": "integer" + }, + "periodSeconds": { + "description": "How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1.", + "format": "int32", + "type": "integer" + }, + "successThreshold": { + "description": "Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1.", + "format": "int32", + "type": "integer" + }, + "tcpSocket": { + "description": "TCPSocket specifies an action involving a TCP port.", + "properties": { + "host": { + "description": "Optional: Host name to connect to, defaults to the pod IP.", + "type": "string" + }, + "port": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "description": "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.", + "x-kubernetes-int-or-string": true + } + }, + "required": [ + "port" + ], + "type": "object" + }, + "terminationGracePeriodSeconds": { + "description": "Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset.", + "format": "int64", + "type": "integer" + }, + "timeoutSeconds": { + "description": "Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes", + "format": "int32", + "type": "integer" + } + }, + "type": "object" + }, + "stdin": { + "description": "Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false.", + "type": "boolean" + }, + "stdinOnce": { + "description": "Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false", + "type": "boolean" + }, + "terminationMessagePath": { + "description": "Optional: Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated.", + "type": "string" + }, + "terminationMessagePolicy": { + "description": "Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated.", + "type": "string" + }, + "tty": { + "description": "Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. Default is false.", + "type": "boolean" + }, + "volumeDevices": { + "description": "volumeDevices is the list of block devices to be used by the container.", + "items": { + "description": "volumeDevice describes a mapping of a raw block device within a container.", + "properties": { + "devicePath": { + "description": "devicePath is the path inside of the container that the device will be mapped to.", + "type": "string" + }, + "name": { + "description": "name must match the name of a persistentVolumeClaim in the pod", + "type": "string" + } + }, + "required": [ + "devicePath", + "name" + ], + "type": "object" + }, + "type": "array" + }, + "volumeMounts": { + "description": "Pod volumes to mount into the container's filesystem. Cannot be updated.", + "items": { + "description": "VolumeMount describes a mounting of a Volume within a container.", + "properties": { + "mountPath": { + "description": "Path within the container at which the volume should be mounted. Must not contain ':'.", + "type": "string" + }, + "mountPropagation": { + "description": "mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationNone is used. This field is beta in 1.10.", + "type": "string" + }, + "name": { + "description": "This must match the Name of a Volume.", + "type": "string" + }, + "readOnly": { + "description": "Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false.", + "type": "boolean" + }, + "subPath": { + "description": "Path within the volume from which the container's volume should be mounted. Defaults to \"\" (volume's root).", + "type": "string" + }, + "subPathExpr": { + "description": "Expanded path within the volume from which the container's volume should be mounted. Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. Defaults to \"\" (volume's root). SubPathExpr and SubPath are mutually exclusive.", + "type": "string" + } + }, + "required": [ + "mountPath", + "name" + ], + "type": "object" + }, + "type": "array" + }, + "workingDir": { + "description": "Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated.", + "type": "string" + } + }, + "required": [ + "name" + ], + "type": "object" + }, + "type": "array" + }, + "verifytls": { + "description": "VerifyTLS defines whether repo server API should be accessed using strict TLS validation", + "type": "boolean" + }, + "version": { + "description": "Version is the ArgoCD Repo Server container image tag.", + "type": "string" + }, + "volumeMounts": { + "description": "VolumeMounts adds volumeMounts to the repo server container", + "items": { + "description": "VolumeMount describes a mounting of a Volume within a container.", + "properties": { + "mountPath": { + "description": "Path within the container at which the volume should be mounted. Must not contain ':'.", + "type": "string" + }, + "mountPropagation": { + "description": "mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationNone is used. This field is beta in 1.10.", + "type": "string" + }, + "name": { + "description": "This must match the Name of a Volume.", + "type": "string" + }, + "readOnly": { + "description": "Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false.", + "type": "boolean" + }, + "subPath": { + "description": "Path within the volume from which the container's volume should be mounted. Defaults to \"\" (volume's root).", + "type": "string" + }, + "subPathExpr": { + "description": "Expanded path within the volume from which the container's volume should be mounted. Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. Defaults to \"\" (volume's root). SubPathExpr and SubPath are mutually exclusive.", + "type": "string" + } + }, + "required": [ + "mountPath", + "name" + ], + "type": "object" + }, + "type": "array" + }, + "volumes": { + "description": "Volumes adds volumes to the repo server deployment", + "items": { + "description": "Volume represents a named volume in a pod that may be accessed by any container in the pod.", + "properties": { + "awsElasticBlockStore": { + "description": "awsElasticBlockStore represents an AWS Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore", + "properties": { + "fsType": { + "description": "fsType is the filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore TODO: how do we prevent errors in the filesystem from compromising the machine", + "type": "string" + }, + "partition": { + "description": "partition is the partition in the volume that you want to mount. If omitted, the default is to mount by volume name. Examples: For volume /dev/sda1, you specify the partition as \"1\". Similarly, the volume partition for /dev/sda is \"0\" (or you can leave the property empty).", + "format": "int32", + "type": "integer" + }, + "readOnly": { + "description": "readOnly value true will force the readOnly setting in VolumeMounts. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore", + "type": "boolean" + }, + "volumeID": { + "description": "volumeID is unique ID of the persistent disk resource in AWS (Amazon EBS volume). More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore", + "type": "string" + } + }, + "required": [ + "volumeID" + ], + "type": "object" + }, + "azureDisk": { + "description": "azureDisk represents an Azure Data Disk mount on the host and bind mount to the pod.", + "properties": { + "cachingMode": { + "description": "cachingMode is the Host Caching mode: None, Read Only, Read Write.", + "type": "string" + }, + "diskName": { + "description": "diskName is the Name of the data disk in the blob storage", + "type": "string" + }, + "diskURI": { + "description": "diskURI is the URI of data disk in the blob storage", + "type": "string" + }, + "fsType": { + "description": "fsType is Filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.", + "type": "string" + }, + "kind": { + "description": "kind expected values are Shared: multiple blob disks per storage account Dedicated: single blob disk per storage account Managed: azure managed data disk (only in managed availability set). defaults to shared", + "type": "string" + }, + "readOnly": { + "description": "readOnly Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts.", + "type": "boolean" + } + }, + "required": [ + "diskName", + "diskURI" + ], + "type": "object" + }, + "azureFile": { + "description": "azureFile represents an Azure File Service mount on the host and bind mount to the pod.", + "properties": { + "readOnly": { + "description": "readOnly defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts.", + "type": "boolean" + }, + "secretName": { + "description": "secretName is the name of secret that contains Azure Storage Account Name and Key", + "type": "string" + }, + "shareName": { + "description": "shareName is the azure share Name", + "type": "string" + } + }, + "required": [ + "secretName", + "shareName" + ], + "type": "object" + }, + "cephfs": { + "description": "cephFS represents a Ceph FS mount on the host that shares a pod's lifetime", + "properties": { + "monitors": { + "description": "monitors is Required: Monitors is a collection of Ceph monitors More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it", + "items": { + "type": "string" + }, + "type": "array" + }, + "path": { + "description": "path is Optional: Used as the mounted root, rather than the full Ceph tree, default is /", + "type": "string" + }, + "readOnly": { + "description": "readOnly is Optional: Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it", + "type": "boolean" + }, + "secretFile": { + "description": "secretFile is Optional: SecretFile is the path to key ring for User, default is /etc/ceph/user.secret More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it", + "type": "string" + }, + "secretRef": { + "description": "secretRef is Optional: SecretRef is reference to the authentication secret for User, default is empty. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it", + "properties": { + "name": { + "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?", + "type": "string" + } + }, + "type": "object" + }, + "user": { + "description": "user is optional: User is the rados user name, default is admin More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it", + "type": "string" + } + }, + "required": [ + "monitors" + ], + "type": "object" + }, + "cinder": { + "description": "cinder represents a cinder volume attached and mounted on kubelets host machine. More info: https://examples.k8s.io/mysql-cinder-pd/README.md", + "properties": { + "fsType": { + "description": "fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Examples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified. More info: https://examples.k8s.io/mysql-cinder-pd/README.md", + "type": "string" + }, + "readOnly": { + "description": "readOnly defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts. More info: https://examples.k8s.io/mysql-cinder-pd/README.md", + "type": "boolean" + }, + "secretRef": { + "description": "secretRef is optional: points to a secret object containing parameters used to connect to OpenStack.", + "properties": { + "name": { + "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?", + "type": "string" + } + }, + "type": "object" + }, + "volumeID": { + "description": "volumeID used to identify the volume in cinder. More info: https://examples.k8s.io/mysql-cinder-pd/README.md", + "type": "string" + } + }, + "required": [ + "volumeID" + ], + "type": "object" + }, + "configMap": { + "description": "configMap represents a configMap that should populate this volume", + "properties": { + "defaultMode": { + "description": "defaultMode is optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.", + "format": "int32", + "type": "integer" + }, + "items": { + "description": "items if unspecified, each key-value pair in the Data field of the referenced ConfigMap will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the ConfigMap, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'.", + "items": { + "description": "Maps a string key to a path within a volume.", + "properties": { + "key": { + "description": "key is the key to project.", + "type": "string" + }, + "mode": { + "description": "mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.", + "format": "int32", + "type": "integer" + }, + "path": { + "description": "path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'.", + "type": "string" + } + }, + "required": [ + "key", + "path" + ], + "type": "object" + }, + "type": "array" + }, + "name": { + "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?", + "type": "string" + }, + "optional": { + "description": "optional specify whether the ConfigMap or its keys must be defined", + "type": "boolean" + } + }, + "type": "object" + }, + "csi": { + "description": "csi (Container Storage Interface) represents ephemeral storage that is handled by certain external CSI drivers (Beta feature).", + "properties": { + "driver": { + "description": "driver is the name of the CSI driver that handles this volume. Consult with your admin for the correct name as registered in the cluster.", + "type": "string" + }, + "fsType": { + "description": "fsType to mount. Ex. \"ext4\", \"xfs\", \"ntfs\". If not provided, the empty value is passed to the associated CSI driver which will determine the default filesystem to apply.", + "type": "string" + }, + "nodePublishSecretRef": { + "description": "nodePublishSecretRef is a reference to the secret object containing sensitive information to pass to the CSI driver to complete the CSI NodePublishVolume and NodeUnpublishVolume calls. This field is optional, and may be empty if no secret is required. If the secret object contains more than one secret, all secret references are passed.", + "properties": { + "name": { + "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?", + "type": "string" + } + }, + "type": "object" + }, + "readOnly": { + "description": "readOnly specifies a read-only configuration for the volume. Defaults to false (read/write).", + "type": "boolean" + }, + "volumeAttributes": { + "additionalProperties": { + "type": "string" + }, + "description": "volumeAttributes stores driver-specific properties that are passed to the CSI driver. Consult your driver's documentation for supported values.", + "type": "object" + } + }, + "required": [ + "driver" + ], + "type": "object" + }, + "downwardAPI": { + "description": "downwardAPI represents downward API about the pod that should populate this volume", + "properties": { + "defaultMode": { + "description": "Optional: mode bits to use on created files by default. Must be a Optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.", + "format": "int32", + "type": "integer" + }, + "items": { + "description": "Items is a list of downward API volume file", + "items": { + "description": "DownwardAPIVolumeFile represents information to create the file containing the pod field", + "properties": { + "fieldRef": { + "description": "Required: Selects a field of the pod: only annotations, labels, name and namespace are supported.", + "properties": { + "apiVersion": { + "description": "Version of the schema the FieldPath is written in terms of, defaults to \"v1\".", + "type": "string" + }, + "fieldPath": { + "description": "Path of the field to select in the specified API version.", + "type": "string" + } + }, + "required": [ + "fieldPath" + ], + "type": "object" + }, + "mode": { + "description": "Optional: mode bits used to set permissions on this file, must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.", + "format": "int32", + "type": "integer" + }, + "path": { + "description": "Required: Path is the relative path name of the file to be created. Must not be absolute or contain the '..' path. Must be utf-8 encoded. The first item of the relative path must not start with '..'", + "type": "string" + }, + "resourceFieldRef": { + "description": "Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported.", + "properties": { + "containerName": { + "description": "Container name: required for volumes, optional for env vars", + "type": "string" + }, + "divisor": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "description": "Specifies the output format of the exposed resources, defaults to \"1\"", + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "resource": { + "description": "Required: resource to select", + "type": "string" + } + }, + "required": [ + "resource" + ], + "type": "object" + } + }, + "required": [ + "path" + ], + "type": "object" + }, + "type": "array" + } + }, + "type": "object" + }, + "emptyDir": { + "description": "emptyDir represents a temporary directory that shares a pod's lifetime. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir", + "properties": { + "medium": { + "description": "medium represents what type of storage medium should back this directory. The default is \"\" which means to use the node's default medium. Must be an empty string (default) or Memory. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir", + "type": "string" + }, + "sizeLimit": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "description": "sizeLimit is the total amount of local storage required for this EmptyDir volume. The size limit is also applicable for memory medium. The maximum usage on memory medium EmptyDir would be the minimum value between the SizeLimit specified here and the sum of memory limits of all containers in a pod. The default is nil which means that the limit is undefined. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir", + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + } + }, + "type": "object" + }, + "ephemeral": { + "description": "ephemeral represents a volume that is handled by a cluster storage driver. The volume's lifecycle is tied to the pod that defines it - it will be created before the pod starts, and deleted when the pod is removed. \n Use this if: a) the volume is only needed while the pod runs, b) features of normal volumes like restoring from snapshot or capacity tracking are needed, c) the storage driver is specified through a storage class, and d) the storage driver supports dynamic volume provisioning through a PersistentVolumeClaim (see EphemeralVolumeSource for more information on the connection between this volume type and PersistentVolumeClaim). \n Use PersistentVolumeClaim or one of the vendor-specific APIs for volumes that persist for longer than the lifecycle of an individual pod. \n Use CSI for light-weight local ephemeral volumes if the CSI driver is meant to be used that way - see the documentation of the driver for more information. \n A pod can use both types of ephemeral volumes and persistent volumes at the same time.", + "properties": { + "volumeClaimTemplate": { + "description": "Will be used to create a stand-alone PVC to provision the volume. The pod in which this EphemeralVolumeSource is embedded will be the owner of the PVC, i.e. the PVC will be deleted together with the pod. The name of the PVC will be `-` where `` is the name from the `PodSpec.Volumes` array entry. Pod validation will reject the pod if the concatenated name is not valid for a PVC (for example, too long). \n An existing PVC with that name that is not owned by the pod will *not* be used for the pod to avoid using an unrelated volume by mistake. Starting the pod is then blocked until the unrelated PVC is removed. If such a pre-created PVC is meant to be used by the pod, the PVC has to updated with an owner reference to the pod once the pod exists. Normally this should not be necessary, but it may be useful when manually reconstructing a broken cluster. \n This field is read-only and no changes will be made by Kubernetes to the PVC after it has been created. \n Required, must not be nil.", + "properties": { + "metadata": { + "description": "May contain labels and annotations that will be copied into the PVC when creating it. No other fields are allowed and will be rejected during validation.", + "type": "object" + }, + "spec": { + "description": "The specification for the PersistentVolumeClaim. The entire content is copied unchanged into the PVC that gets created from this template. The same fields as in a PersistentVolumeClaim are also valid here.", + "properties": { + "accessModes": { + "description": "accessModes contains the desired access modes the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1", + "items": { + "type": "string" + }, + "type": "array" + }, + "dataSource": { + "description": "dataSource field can be used to specify either: * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) * An existing PVC (PersistentVolumeClaim) If the provisioner or an external controller can support the specified data source, it will create a new volume based on the contents of the specified data source. When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. If the namespace is specified, then dataSourceRef will not be copied to dataSource.", + "properties": { + "apiGroup": { + "description": "APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required.", + "type": "string" + }, + "kind": { + "description": "Kind is the type of resource being referenced", + "type": "string" + }, + "name": { + "description": "Name is the name of resource being referenced", + "type": "string" + } + }, + "required": [ + "kind", + "name" + ], + "type": "object" + }, + "dataSourceRef": { + "description": "dataSourceRef specifies the object from which to populate the volume with data, if a non-empty volume is desired. This may be any object from a non-empty API group (non core object) or a PersistentVolumeClaim object. When this field is specified, volume binding will only succeed if the type of the specified object matches some installed volume populator or dynamic provisioner. This field will replace the functionality of the dataSource field and as such if both fields are non-empty, they must have the same value. For backwards compatibility, when namespace isn't specified in dataSourceRef, both fields (dataSource and dataSourceRef) will be set to the same value automatically if one of them is empty and the other is non-empty. When namespace is specified in dataSourceRef, dataSource isn't set to the same value and must be empty. There are three important differences between dataSource and dataSourceRef: * While dataSource only allows two specific types of objects, dataSourceRef allows any non-core object, as well as PersistentVolumeClaim objects. * While dataSource ignores disallowed values (dropping them), dataSourceRef preserves all values, and generates an error if a disallowed value is specified. * While dataSource only allows local objects, dataSourceRef allows objects in any namespaces. (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled.", + "properties": { + "apiGroup": { + "description": "APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required.", + "type": "string" + }, + "kind": { + "description": "Kind is the type of resource being referenced", + "type": "string" + }, + "name": { + "description": "Name is the name of resource being referenced", + "type": "string" + }, + "namespace": { + "description": "Namespace is the namespace of resource being referenced Note that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details. (Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled.", + "type": "string" + } + }, + "required": [ + "kind", + "name" + ], + "type": "object" + }, + "resources": { + "description": "resources represents the minimum resources the volume should have. If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements that are lower than previous value but must still be higher than capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources", + "properties": { + "claims": { + "description": "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers.", + "items": { + "description": "ResourceClaim references one entry in PodSpec.ResourceClaims.", + "properties": { + "name": { + "description": "Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container.", + "type": "string" + } + }, + "required": [ + "name" + ], + "type": "object" + }, + "type": "array", + "x-kubernetes-list-map-keys": [ + "name" + ], + "x-kubernetes-list-type": "map" + }, + "limits": { + "additionalProperties": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "description": "Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/", + "type": "object" + }, + "requests": { + "additionalProperties": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "description": "Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/", + "type": "object" + } + }, + "type": "object" + }, + "selector": { + "description": "selector is a label query over volumes to consider for binding.", + "properties": { + "matchExpressions": { + "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", + "items": { + "description": "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.", + "properties": { + "key": { + "description": "key is the label key that the selector applies to.", + "type": "string" + }, + "operator": { + "description": "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.", + "type": "string" + }, + "values": { + "description": "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array" + }, + "matchLabels": { + "additionalProperties": { + "type": "string" + }, + "description": "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", + "type": "object" + } + }, + "type": "object" + }, + "storageClassName": { + "description": "storageClassName is the name of the StorageClass required by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1", + "type": "string" + }, + "volumeMode": { + "description": "volumeMode defines what type of volume is required by the claim. Value of Filesystem is implied when not included in claim spec.", + "type": "string" + }, + "volumeName": { + "description": "volumeName is the binding reference to the PersistentVolume backing this claim.", + "type": "string" + } + }, + "type": "object" + } + }, + "required": [ + "spec" + ], + "type": "object" + } + }, + "type": "object" + }, + "fc": { + "description": "fc represents a Fibre Channel resource that is attached to a kubelet's host machine and then exposed to the pod.", + "properties": { + "fsType": { + "description": "fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified. TODO: how do we prevent errors in the filesystem from compromising the machine", + "type": "string" + }, + "lun": { + "description": "lun is Optional: FC target lun number", + "format": "int32", + "type": "integer" + }, + "readOnly": { + "description": "readOnly is Optional: Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts.", + "type": "boolean" + }, + "targetWWNs": { + "description": "targetWWNs is Optional: FC target worldwide names (WWNs)", + "items": { + "type": "string" + }, + "type": "array" + }, + "wwids": { + "description": "wwids Optional: FC volume world wide identifiers (wwids) Either wwids or combination of targetWWNs and lun must be set, but not both simultaneously.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + }, + "flexVolume": { + "description": "flexVolume represents a generic volume resource that is provisioned/attached using an exec based plugin.", + "properties": { + "driver": { + "description": "driver is the name of the driver to use for this volume.", + "type": "string" + }, + "fsType": { + "description": "fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. \"ext4\", \"xfs\", \"ntfs\". The default filesystem depends on FlexVolume script.", + "type": "string" + }, + "options": { + "additionalProperties": { + "type": "string" + }, + "description": "options is Optional: this field holds extra command options if any.", + "type": "object" + }, + "readOnly": { + "description": "readOnly is Optional: defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts.", + "type": "boolean" + }, + "secretRef": { + "description": "secretRef is Optional: secretRef is reference to the secret object containing sensitive information to pass to the plugin scripts. This may be empty if no secret object is specified. If the secret object contains more than one secret, all secrets are passed to the plugin scripts.", + "properties": { + "name": { + "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?", + "type": "string" + } + }, + "type": "object" + } + }, + "required": [ + "driver" + ], + "type": "object" + }, + "flocker": { + "description": "flocker represents a Flocker volume attached to a kubelet's host machine. This depends on the Flocker control service being running", + "properties": { + "datasetName": { + "description": "datasetName is Name of the dataset stored as metadata -> name on the dataset for Flocker should be considered as deprecated", + "type": "string" + }, + "datasetUUID": { + "description": "datasetUUID is the UUID of the dataset. This is unique identifier of a Flocker dataset", + "type": "string" + } + }, + "type": "object" + }, + "gcePersistentDisk": { + "description": "gcePersistentDisk represents a GCE Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk", + "properties": { + "fsType": { + "description": "fsType is filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk TODO: how do we prevent errors in the filesystem from compromising the machine", + "type": "string" + }, + "partition": { + "description": "partition is the partition in the volume that you want to mount. If omitted, the default is to mount by volume name. Examples: For volume /dev/sda1, you specify the partition as \"1\". Similarly, the volume partition for /dev/sda is \"0\" (or you can leave the property empty). More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk", + "format": "int32", + "type": "integer" + }, + "pdName": { + "description": "pdName is unique name of the PD resource in GCE. Used to identify the disk in GCE. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk", + "type": "string" + }, + "readOnly": { + "description": "readOnly here will force the ReadOnly setting in VolumeMounts. Defaults to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk", + "type": "boolean" + } + }, + "required": [ + "pdName" + ], + "type": "object" + }, + "gitRepo": { + "description": "gitRepo represents a git repository at a particular revision. DEPRECATED: GitRepo is deprecated. To provision a container with a git repo, mount an EmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir into the Pod's container.", + "properties": { + "directory": { + "description": "directory is the target directory name. Must not contain or start with '..'. If '.' is supplied, the volume directory will be the git repository. Otherwise, if specified, the volume will contain the git repository in the subdirectory with the given name.", + "type": "string" + }, + "repository": { + "description": "repository is the URL", + "type": "string" + }, + "revision": { + "description": "revision is the commit hash for the specified revision.", + "type": "string" + } + }, + "required": [ + "repository" + ], + "type": "object" + }, + "glusterfs": { + "description": "glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime. More info: https://examples.k8s.io/volumes/glusterfs/README.md", + "properties": { + "endpoints": { + "description": "endpoints is the endpoint name that details Glusterfs topology. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod", + "type": "string" + }, + "path": { + "description": "path is the Glusterfs volume path. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod", + "type": "string" + }, + "readOnly": { + "description": "readOnly here will force the Glusterfs volume to be mounted with read-only permissions. Defaults to false. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod", + "type": "boolean" + } + }, + "required": [ + "endpoints", + "path" + ], + "type": "object" + }, + "hostPath": { + "description": "hostPath represents a pre-existing file or directory on the host machine that is directly exposed to the container. This is generally used for system agents or other privileged things that are allowed to see the host machine. Most containers will NOT need this. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath --- TODO(jonesdl) We need to restrict who can use host directory mounts and who can/can not mount host directories as read/write.", + "properties": { + "path": { + "description": "path of the directory on the host. If the path is a symlink, it will follow the link to the real path. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath", + "type": "string" + }, + "type": { + "description": "type for HostPath Volume Defaults to \"\" More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath", + "type": "string" + } + }, + "required": [ + "path" + ], + "type": "object" + }, + "iscsi": { + "description": "iscsi represents an ISCSI Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://examples.k8s.io/volumes/iscsi/README.md", + "properties": { + "chapAuthDiscovery": { + "description": "chapAuthDiscovery defines whether support iSCSI Discovery CHAP authentication", + "type": "boolean" + }, + "chapAuthSession": { + "description": "chapAuthSession defines whether support iSCSI Session CHAP authentication", + "type": "boolean" + }, + "fsType": { + "description": "fsType is the filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi TODO: how do we prevent errors in the filesystem from compromising the machine", + "type": "string" + }, + "initiatorName": { + "description": "initiatorName is the custom iSCSI Initiator Name. If initiatorName is specified with iscsiInterface simultaneously, new iSCSI interface : will be created for the connection.", + "type": "string" + }, + "iqn": { + "description": "iqn is the target iSCSI Qualified Name.", + "type": "string" + }, + "iscsiInterface": { + "description": "iscsiInterface is the interface Name that uses an iSCSI transport. Defaults to 'default' (tcp).", + "type": "string" + }, + "lun": { + "description": "lun represents iSCSI Target Lun number.", + "format": "int32", + "type": "integer" + }, + "portals": { + "description": "portals is the iSCSI Target Portal List. The portal is either an IP or ip_addr:port if the port is other than default (typically TCP ports 860 and 3260).", + "items": { + "type": "string" + }, + "type": "array" + }, + "readOnly": { + "description": "readOnly here will force the ReadOnly setting in VolumeMounts. Defaults to false.", + "type": "boolean" + }, + "secretRef": { + "description": "secretRef is the CHAP Secret for iSCSI target and initiator authentication", + "properties": { + "name": { + "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?", + "type": "string" + } + }, + "type": "object" + }, + "targetPortal": { + "description": "targetPortal is iSCSI Target Portal. The Portal is either an IP or ip_addr:port if the port is other than default (typically TCP ports 860 and 3260).", + "type": "string" + } + }, + "required": [ + "iqn", + "lun", + "targetPortal" + ], + "type": "object" + }, + "name": { + "description": "name of the volume. Must be a DNS_LABEL and unique within the pod. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names", + "type": "string" + }, + "nfs": { + "description": "nfs represents an NFS mount on the host that shares a pod's lifetime More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs", + "properties": { + "path": { + "description": "path that is exported by the NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs", + "type": "string" + }, + "readOnly": { + "description": "readOnly here will force the NFS export to be mounted with read-only permissions. Defaults to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs", + "type": "boolean" + }, + "server": { + "description": "server is the hostname or IP address of the NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs", + "type": "string" + } + }, + "required": [ + "path", + "server" + ], + "type": "object" + }, + "persistentVolumeClaim": { + "description": "persistentVolumeClaimVolumeSource represents a reference to a PersistentVolumeClaim in the same namespace. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims", + "properties": { + "claimName": { + "description": "claimName is the name of a PersistentVolumeClaim in the same namespace as the pod using this volume. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims", + "type": "string" + }, + "readOnly": { + "description": "readOnly Will force the ReadOnly setting in VolumeMounts. Default false.", + "type": "boolean" + } + }, + "required": [ + "claimName" + ], + "type": "object" + }, + "photonPersistentDisk": { + "description": "photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine", + "properties": { + "fsType": { + "description": "fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.", + "type": "string" + }, + "pdID": { + "description": "pdID is the ID that identifies Photon Controller persistent disk", + "type": "string" + } + }, + "required": [ + "pdID" + ], + "type": "object" + }, + "portworxVolume": { + "description": "portworxVolume represents a portworx volume attached and mounted on kubelets host machine", + "properties": { + "fsType": { + "description": "fSType represents the filesystem type to mount Must be a filesystem type supported by the host operating system. Ex. \"ext4\", \"xfs\". Implicitly inferred to be \"ext4\" if unspecified.", + "type": "string" + }, + "readOnly": { + "description": "readOnly defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts.", + "type": "boolean" + }, + "volumeID": { + "description": "volumeID uniquely identifies a Portworx volume", + "type": "string" + } + }, + "required": [ + "volumeID" + ], + "type": "object" + }, + "projected": { + "description": "projected items for all in one resources secrets, configmaps, and downward API", + "properties": { + "defaultMode": { + "description": "defaultMode are the mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.", + "format": "int32", + "type": "integer" + }, + "sources": { + "description": "sources is the list of volume projections", + "items": { + "description": "Projection that may be projected along with other supported volume types", + "properties": { + "configMap": { + "description": "configMap information about the configMap data to project", + "properties": { + "items": { + "description": "items if unspecified, each key-value pair in the Data field of the referenced ConfigMap will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the ConfigMap, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'.", + "items": { + "description": "Maps a string key to a path within a volume.", + "properties": { + "key": { + "description": "key is the key to project.", + "type": "string" + }, + "mode": { + "description": "mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.", + "format": "int32", + "type": "integer" + }, + "path": { + "description": "path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'.", + "type": "string" + } + }, + "required": [ + "key", + "path" + ], + "type": "object" + }, + "type": "array" + }, + "name": { + "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?", + "type": "string" + }, + "optional": { + "description": "optional specify whether the ConfigMap or its keys must be defined", + "type": "boolean" + } + }, + "type": "object" + }, + "downwardAPI": { + "description": "downwardAPI information about the downwardAPI data to project", + "properties": { + "items": { + "description": "Items is a list of DownwardAPIVolume file", + "items": { + "description": "DownwardAPIVolumeFile represents information to create the file containing the pod field", + "properties": { + "fieldRef": { + "description": "Required: Selects a field of the pod: only annotations, labels, name and namespace are supported.", + "properties": { + "apiVersion": { + "description": "Version of the schema the FieldPath is written in terms of, defaults to \"v1\".", + "type": "string" + }, + "fieldPath": { + "description": "Path of the field to select in the specified API version.", + "type": "string" + } + }, + "required": [ + "fieldPath" + ], + "type": "object" + }, + "mode": { + "description": "Optional: mode bits used to set permissions on this file, must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.", + "format": "int32", + "type": "integer" + }, + "path": { + "description": "Required: Path is the relative path name of the file to be created. Must not be absolute or contain the '..' path. Must be utf-8 encoded. The first item of the relative path must not start with '..'", + "type": "string" + }, + "resourceFieldRef": { + "description": "Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported.", + "properties": { + "containerName": { + "description": "Container name: required for volumes, optional for env vars", + "type": "string" + }, + "divisor": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "description": "Specifies the output format of the exposed resources, defaults to \"1\"", + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "resource": { + "description": "Required: resource to select", + "type": "string" + } + }, + "required": [ + "resource" + ], + "type": "object" + } + }, + "required": [ + "path" + ], + "type": "object" + }, + "type": "array" + } + }, + "type": "object" + }, + "secret": { + "description": "secret information about the secret data to project", + "properties": { + "items": { + "description": "items if unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'.", + "items": { + "description": "Maps a string key to a path within a volume.", + "properties": { + "key": { + "description": "key is the key to project.", + "type": "string" + }, + "mode": { + "description": "mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.", + "format": "int32", + "type": "integer" + }, + "path": { + "description": "path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'.", + "type": "string" + } + }, + "required": [ + "key", + "path" + ], + "type": "object" + }, + "type": "array" + }, + "name": { + "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?", + "type": "string" + }, + "optional": { + "description": "optional field specify whether the Secret or its key must be defined", + "type": "boolean" + } + }, + "type": "object" + }, + "serviceAccountToken": { + "description": "serviceAccountToken is information about the serviceAccountToken data to project", + "properties": { + "audience": { + "description": "audience is the intended audience of the token. A recipient of a token must identify itself with an identifier specified in the audience of the token, and otherwise should reject the token. The audience defaults to the identifier of the apiserver.", + "type": "string" + }, + "expirationSeconds": { + "description": "expirationSeconds is the requested duration of validity of the service account token. As the token approaches expiration, the kubelet volume plugin will proactively rotate the service account token. The kubelet will start trying to rotate the token if the token is older than 80 percent of its time to live or if the token is older than 24 hours.Defaults to 1 hour and must be at least 10 minutes.", + "format": "int64", + "type": "integer" + }, + "path": { + "description": "path is the path relative to the mount point of the file to project the token into.", + "type": "string" + } + }, + "required": [ + "path" + ], + "type": "object" + } + }, + "type": "object" + }, + "type": "array" + } + }, + "type": "object" + }, + "quobyte": { + "description": "quobyte represents a Quobyte mount on the host that shares a pod's lifetime", + "properties": { + "group": { + "description": "group to map volume access to Default is no group", + "type": "string" + }, + "readOnly": { + "description": "readOnly here will force the Quobyte volume to be mounted with read-only permissions. Defaults to false.", + "type": "boolean" + }, + "registry": { + "description": "registry represents a single or multiple Quobyte Registry services specified as a string as host:port pair (multiple entries are separated with commas) which acts as the central registry for volumes", + "type": "string" + }, + "tenant": { + "description": "tenant owning the given Quobyte volume in the Backend Used with dynamically provisioned Quobyte volumes, value is set by the plugin", + "type": "string" + }, + "user": { + "description": "user to map volume access to Defaults to serivceaccount user", + "type": "string" + }, + "volume": { + "description": "volume is a string that references an already created Quobyte volume by name.", + "type": "string" + } + }, + "required": [ + "registry", + "volume" + ], + "type": "object" + }, + "rbd": { + "description": "rbd represents a Rados Block Device mount on the host that shares a pod's lifetime. More info: https://examples.k8s.io/volumes/rbd/README.md", + "properties": { + "fsType": { + "description": "fsType is the filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#rbd TODO: how do we prevent errors in the filesystem from compromising the machine", + "type": "string" + }, + "image": { + "description": "image is the rados image name. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it", + "type": "string" + }, + "keyring": { + "description": "keyring is the path to key ring for RBDUser. Default is /etc/ceph/keyring. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it", + "type": "string" + }, + "monitors": { + "description": "monitors is a collection of Ceph monitors. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it", + "items": { + "type": "string" + }, + "type": "array" + }, + "pool": { + "description": "pool is the rados pool name. Default is rbd. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it", + "type": "string" + }, + "readOnly": { + "description": "readOnly here will force the ReadOnly setting in VolumeMounts. Defaults to false. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it", + "type": "boolean" + }, + "secretRef": { + "description": "secretRef is name of the authentication secret for RBDUser. If provided overrides keyring. Default is nil. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it", + "properties": { + "name": { + "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?", + "type": "string" + } + }, + "type": "object" + }, + "user": { + "description": "user is the rados user name. Default is admin. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it", + "type": "string" + } + }, + "required": [ + "image", + "monitors" + ], + "type": "object" + }, + "scaleIO": { + "description": "scaleIO represents a ScaleIO persistent volume attached and mounted on Kubernetes nodes.", + "properties": { + "fsType": { + "description": "fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. \"ext4\", \"xfs\", \"ntfs\". Default is \"xfs\".", + "type": "string" + }, + "gateway": { + "description": "gateway is the host address of the ScaleIO API Gateway.", + "type": "string" + }, + "protectionDomain": { + "description": "protectionDomain is the name of the ScaleIO Protection Domain for the configured storage.", + "type": "string" + }, + "readOnly": { + "description": "readOnly Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts.", + "type": "boolean" + }, + "secretRef": { + "description": "secretRef references to the secret for ScaleIO user and other sensitive information. If this is not provided, Login operation will fail.", + "properties": { + "name": { + "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?", + "type": "string" + } + }, + "type": "object" + }, + "sslEnabled": { + "description": "sslEnabled Flag enable/disable SSL communication with Gateway, default false", + "type": "boolean" + }, + "storageMode": { + "description": "storageMode indicates whether the storage for a volume should be ThickProvisioned or ThinProvisioned. Default is ThinProvisioned.", + "type": "string" + }, + "storagePool": { + "description": "storagePool is the ScaleIO Storage Pool associated with the protection domain.", + "type": "string" + }, + "system": { + "description": "system is the name of the storage system as configured in ScaleIO.", + "type": "string" + }, + "volumeName": { + "description": "volumeName is the name of a volume already created in the ScaleIO system that is associated with this volume source.", + "type": "string" + } + }, + "required": [ + "gateway", + "secretRef", + "system" + ], + "type": "object" + }, + "secret": { + "description": "secret represents a secret that should populate this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret", + "properties": { + "defaultMode": { + "description": "defaultMode is Optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.", + "format": "int32", + "type": "integer" + }, + "items": { + "description": "items If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'.", + "items": { + "description": "Maps a string key to a path within a volume.", + "properties": { + "key": { + "description": "key is the key to project.", + "type": "string" + }, + "mode": { + "description": "mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.", + "format": "int32", + "type": "integer" + }, + "path": { + "description": "path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'.", + "type": "string" + } + }, + "required": [ + "key", + "path" + ], + "type": "object" + }, + "type": "array" + }, + "optional": { + "description": "optional field specify whether the Secret or its keys must be defined", + "type": "boolean" + }, + "secretName": { + "description": "secretName is the name of the secret in the pod's namespace to use. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret", + "type": "string" + } + }, + "type": "object" + }, + "storageos": { + "description": "storageOS represents a StorageOS volume attached and mounted on Kubernetes nodes.", + "properties": { + "fsType": { + "description": "fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.", + "type": "string" + }, + "readOnly": { + "description": "readOnly defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts.", + "type": "boolean" + }, + "secretRef": { + "description": "secretRef specifies the secret to use for obtaining the StorageOS API credentials. If not specified, default values will be attempted.", + "properties": { + "name": { + "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?", + "type": "string" + } + }, + "type": "object" + }, + "volumeName": { + "description": "volumeName is the human-readable name of the StorageOS volume. Volume names are only unique within a namespace.", + "type": "string" + }, + "volumeNamespace": { + "description": "volumeNamespace specifies the scope of the volume within StorageOS. If no namespace is specified then the Pod's namespace will be used. This allows the Kubernetes name scoping to be mirrored within StorageOS for tighter integration. Set VolumeName to any name to override the default behaviour. Set to \"default\" if you are not using namespaces within StorageOS. Namespaces that do not pre-exist within StorageOS will be created.", + "type": "string" + } + }, + "type": "object" + }, + "vsphereVolume": { + "description": "vsphereVolume represents a vSphere volume attached and mounted on kubelets host machine", + "properties": { + "fsType": { + "description": "fsType is filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.", + "type": "string" + }, + "storagePolicyID": { + "description": "storagePolicyID is the storage Policy Based Management (SPBM) profile ID associated with the StoragePolicyName.", + "type": "string" + }, + "storagePolicyName": { + "description": "storagePolicyName is the storage Policy Based Management (SPBM) profile name.", + "type": "string" + }, + "volumePath": { + "description": "volumePath is the path that identifies vSphere volume vmdk", + "type": "string" + } + }, + "required": [ + "volumePath" + ], + "type": "object" + } + }, + "required": [ + "name" + ], + "type": "object" + }, + "type": "array" + } + }, + "type": "object" + }, + "repositoryCredentials": { + "description": "RepositoryCredentials are the Git pull credentials to configure Argo CD with upon creation of the cluster.", + "type": "string" + }, + "resourceActions": { + "description": "ResourceActions customizes resource action behavior.", + "items": { + "description": "Resource Customization for custom action", + "properties": { + "action": { + "type": "string" + }, + "group": { + "type": "string" + }, + "kind": { + "type": "string" + } + }, + "type": "object" + }, + "type": "array" + }, + "resourceCustomizations": { + "description": "Deprecated field. Support dropped in v1beta1 version. ResourceCustomizations customizes resource behavior. Keys are in the form: group/Kind. Please note that this is being deprecated in favor of ResourceHealthChecks, ResourceIgnoreDifferences, and ResourceActions.", + "type": "string" + }, + "resourceExclusions": { + "description": "ResourceExclusions is used to completely ignore entire classes of resource group/kinds.", + "type": "string" + }, + "resourceHealthChecks": { + "description": "ResourceHealthChecks customizes resource health check behavior.", + "items": { + "description": "Resource Customization for custom health check", + "properties": { + "check": { + "type": "string" + }, + "group": { + "type": "string" + }, + "kind": { + "type": "string" + } + }, + "type": "object" + }, + "type": "array" + }, + "resourceIgnoreDifferences": { + "description": "ResourceIgnoreDifferences customizes resource ignore difference behavior.", + "properties": { + "all": { + "properties": { + "jqPathExpressions": { + "items": { + "type": "string" + }, + "type": "array" + }, + "jsonPointers": { + "items": { + "type": "string" + }, + "type": "array" + }, + "managedFieldsManagers": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + }, + "resourceIdentifiers": { + "items": { + "description": "Resource Customization fields for ignore difference", + "properties": { + "customization": { + "properties": { + "jqPathExpressions": { + "items": { + "type": "string" + }, + "type": "array" + }, + "jsonPointers": { + "items": { + "type": "string" + }, + "type": "array" + }, + "managedFieldsManagers": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + }, + "group": { + "type": "string" + }, + "kind": { + "type": "string" + } + }, + "type": "object" + }, + "type": "array" + } + }, + "type": "object" + }, + "resourceInclusions": { + "description": "ResourceInclusions is used to only include specific group/kinds in the reconciliation process.", + "type": "string" + }, + "resourceTrackingMethod": { + "description": "ResourceTrackingMethod defines how Argo CD should track resources that it manages", + "type": "string" + }, + "server": { + "description": "Server defines the options for the ArgoCD Server component.", + "properties": { + "autoscale": { + "description": "Autoscale defines the autoscale options for the Argo CD Server component.", + "properties": { + "enabled": { + "description": "Enabled will toggle autoscaling support for the Argo CD Server component.", + "type": "boolean" + }, + "hpa": { + "description": "HPA defines the HorizontalPodAutoscaler options for the Argo CD Server component.", + "properties": { + "maxReplicas": { + "description": "maxReplicas is the upper limit for the number of pods that can be set by the autoscaler; cannot be smaller than MinReplicas.", + "format": "int32", + "type": "integer" + }, + "minReplicas": { + "description": "minReplicas is the lower limit for the number of replicas to which the autoscaler can scale down. It defaults to 1 pod. minReplicas is allowed to be 0 if the alpha feature gate HPAScaleToZero is enabled and at least one Object or External metric is configured. Scaling is active as long as at least one metric value is available.", + "format": "int32", + "type": "integer" + }, + "scaleTargetRef": { + "description": "reference to scaled resource; horizontal pod autoscaler will learn the current resource consumption and will set the desired number of pods by using its Scale subresource.", + "properties": { + "apiVersion": { + "description": "apiVersion is the API version of the referent", + "type": "string" + }, + "kind": { + "description": "kind is the kind of the referent; More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", + "type": "string" + }, + "name": { + "description": "name is the name of the referent; More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names", + "type": "string" + } + }, + "required": [ + "kind", + "name" + ], + "type": "object" + }, + "targetCPUUtilizationPercentage": { + "description": "targetCPUUtilizationPercentage is the target average CPU utilization (represented as a percentage of requested CPU) over all the pods; if not specified the default autoscaling policy will be used.", + "format": "int32", + "type": "integer" + } + }, + "required": [ + "maxReplicas", + "scaleTargetRef" + ], + "type": "object" + } + }, + "required": [ + "enabled" + ], + "type": "object" + }, + "env": { + "description": "Env lets you specify environment for API server pods", + "items": { + "description": "EnvVar represents an environment variable present in a Container.", + "properties": { + "name": { + "description": "Name of the environment variable. Must be a C_IDENTIFIER.", + "type": "string" + }, + "value": { + "description": "Variable references $(VAR_NAME) are expanded using the previously defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to \"\".", + "type": "string" + }, + "valueFrom": { + "description": "Source for the environment variable's value. Cannot be used if value is not empty.", + "properties": { + "configMapKeyRef": { + "description": "Selects a key of a ConfigMap.", + "properties": { + "key": { + "description": "The key to select.", + "type": "string" + }, + "name": { + "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?", + "type": "string" + }, + "optional": { + "description": "Specify whether the ConfigMap or its key must be defined", + "type": "boolean" + } + }, + "required": [ + "key" + ], + "type": "object" + }, + "fieldRef": { + "description": "Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs.", + "properties": { + "apiVersion": { + "description": "Version of the schema the FieldPath is written in terms of, defaults to \"v1\".", + "type": "string" + }, + "fieldPath": { + "description": "Path of the field to select in the specified API version.", + "type": "string" + } + }, + "required": [ + "fieldPath" + ], + "type": "object" + }, + "resourceFieldRef": { + "description": "Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported.", + "properties": { + "containerName": { + "description": "Container name: required for volumes, optional for env vars", + "type": "string" + }, + "divisor": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "description": "Specifies the output format of the exposed resources, defaults to \"1\"", + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "resource": { + "description": "Required: resource to select", + "type": "string" + } + }, + "required": [ + "resource" + ], + "type": "object" + }, + "secretKeyRef": { + "description": "Selects a key of a secret in the pod's namespace", + "properties": { + "key": { + "description": "The key of the secret to select from. Must be a valid secret key.", + "type": "string" + }, + "name": { + "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?", + "type": "string" + }, + "optional": { + "description": "Specify whether the Secret or its key must be defined", + "type": "boolean" + } + }, + "required": [ + "key" + ], + "type": "object" + } + }, + "type": "object" + } + }, + "required": [ + "name" + ], + "type": "object" + }, + "type": "array" + }, + "extraCommandArgs": { + "description": "Extra Command arguments that would append to the Argo CD server command. ExtraCommandArgs will not be added, if one of these commands is already part of the server command with same or different value.", + "items": { + "type": "string" + }, + "type": "array" + }, + "grpc": { + "description": "GRPC defines the state for the Argo CD Server GRPC options.", + "properties": { + "host": { + "description": "Host is the hostname to use for Ingress/Route resources.", + "type": "string" + }, + "ingress": { + "description": "Ingress defines the desired state for the Argo CD Server GRPC Ingress.", + "properties": { + "annotations": { + "additionalProperties": { + "type": "string" + }, + "description": "Annotations is the map of annotations to apply to the Ingress.", + "type": "object" + }, + "enabled": { + "description": "Enabled will toggle the creation of the Ingress.", + "type": "boolean" + }, + "ingressClassName": { + "description": "IngressClassName for the Ingress resource.", + "type": "string" + }, + "path": { + "description": "Path used for the Ingress resource.", + "type": "string" + }, + "tls": { + "description": "TLS configuration. Currently the Ingress only supports a single TLS port, 443. If multiple members of this list specify different hosts, they will be multiplexed on the same port according to the hostname specified through the SNI TLS extension, if the ingress controller fulfilling the ingress supports SNI.", + "items": { + "description": "IngressTLS describes the transport layer security associated with an ingress.", + "properties": { + "hosts": { + "description": "hosts is a list of hosts included in the TLS certificate. The values in this list must match the name/s used in the tlsSecret. Defaults to the wildcard host setting for the loadbalancer controller fulfilling this Ingress, if left unspecified.", + "items": { + "type": "string" + }, + "type": "array", + "x-kubernetes-list-type": "atomic" + }, + "secretName": { + "description": "secretName is the name of the secret used to terminate TLS traffic on port 443. Field is left optional to allow TLS routing based on SNI hostname alone. If the SNI host in a listener conflicts with the \"Host\" header field used by an IngressRule, the SNI host is used for termination and value of the \"Host\" header is used for routing.", + "type": "string" + } + }, + "type": "object" + }, + "type": "array" + } + }, + "required": [ + "enabled" + ], + "type": "object" + } + }, + "type": "object" + }, + "host": { + "description": "Host is the hostname to use for Ingress/Route resources.", + "type": "string" + }, + "ingress": { + "description": "Ingress defines the desired state for an Ingress for the Argo CD Server component.", + "properties": { + "annotations": { + "additionalProperties": { + "type": "string" + }, + "description": "Annotations is the map of annotations to apply to the Ingress.", + "type": "object" + }, + "enabled": { + "description": "Enabled will toggle the creation of the Ingress.", + "type": "boolean" + }, + "ingressClassName": { + "description": "IngressClassName for the Ingress resource.", + "type": "string" + }, + "path": { + "description": "Path used for the Ingress resource.", + "type": "string" + }, + "tls": { + "description": "TLS configuration. Currently the Ingress only supports a single TLS port, 443. If multiple members of this list specify different hosts, they will be multiplexed on the same port according to the hostname specified through the SNI TLS extension, if the ingress controller fulfilling the ingress supports SNI.", + "items": { + "description": "IngressTLS describes the transport layer security associated with an ingress.", + "properties": { + "hosts": { + "description": "hosts is a list of hosts included in the TLS certificate. The values in this list must match the name/s used in the tlsSecret. Defaults to the wildcard host setting for the loadbalancer controller fulfilling this Ingress, if left unspecified.", + "items": { + "type": "string" + }, + "type": "array", + "x-kubernetes-list-type": "atomic" + }, + "secretName": { + "description": "secretName is the name of the secret used to terminate TLS traffic on port 443. Field is left optional to allow TLS routing based on SNI hostname alone. If the SNI host in a listener conflicts with the \"Host\" header field used by an IngressRule, the SNI host is used for termination and value of the \"Host\" header is used for routing.", + "type": "string" + } + }, + "type": "object" + }, + "type": "array" + } + }, + "required": [ + "enabled" + ], + "type": "object" + }, + "insecure": { + "description": "Insecure toggles the insecure flag.", + "type": "boolean" + }, + "logFormat": { + "description": "LogFormat refers to the log level to be used by the ArgoCD Server component. Defaults to ArgoCDDefaultLogFormat if not configured. Valid options are text or json.", + "type": "string" + }, + "logLevel": { + "description": "LogLevel refers to the log level to be used by the ArgoCD Server component. Defaults to ArgoCDDefaultLogLevel if not set. Valid options are debug, info, error, and warn.", + "type": "string" + }, + "replicas": { + "description": "Replicas defines the number of replicas for argocd-server. Default is nil. Value should be greater than or equal to 0. Value will be ignored if Autoscaler is enabled.", + "format": "int32", + "type": "integer" + }, + "resources": { + "description": "Resources defines the Compute Resources required by the container for the Argo CD server component.", + "properties": { + "claims": { + "description": "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers.", + "items": { + "description": "ResourceClaim references one entry in PodSpec.ResourceClaims.", + "properties": { + "name": { + "description": "Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container.", + "type": "string" + } + }, + "required": [ + "name" + ], + "type": "object" + }, + "type": "array", + "x-kubernetes-list-map-keys": [ + "name" + ], + "x-kubernetes-list-type": "map" + }, + "limits": { + "additionalProperties": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "description": "Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/", + "type": "object" + }, + "requests": { + "additionalProperties": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "description": "Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/", + "type": "object" + } + }, + "type": "object" + }, + "route": { + "description": "Route defines the desired state for an OpenShift Route for the Argo CD Server component.", + "properties": { + "annotations": { + "additionalProperties": { + "type": "string" + }, + "description": "Annotations is the map of annotations to use for the Route resource.", + "type": "object" + }, + "enabled": { + "description": "Enabled will toggle the creation of the OpenShift Route.", + "type": "boolean" + }, + "labels": { + "additionalProperties": { + "type": "string" + }, + "description": "Labels is the map of labels to use for the Route resource", + "type": "object" + }, + "path": { + "description": "Path the router watches for, to route traffic for to the service.", + "type": "string" + }, + "tls": { + "description": "TLS provides the ability to configure certificates and termination for the Route.", + "properties": { + "caCertificate": { + "description": "caCertificate provides the cert authority certificate contents", + "type": "string" + }, + "certificate": { + "description": "certificate provides certificate contents", + "type": "string" + }, + "destinationCACertificate": { + "description": "destinationCACertificate provides the contents of the ca certificate of the final destination. When using reencrypt termination this file should be provided in order to have routers use it for health checks on the secure connection. If this field is not specified, the router may provide its own destination CA and perform hostname validation using the short service name (service.namespace.svc), which allows infrastructure generated certificates to automatically verify.", + "type": "string" + }, + "insecureEdgeTerminationPolicy": { + "description": "insecureEdgeTerminationPolicy indicates the desired behavior for insecure connections to a route. While each router may make its own decisions on which ports to expose, this is normally port 80. \n * Allow - traffic is sent to the server on the insecure port (default) * Disable - no traffic is allowed on the insecure port. * Redirect - clients are redirected to the secure port.", + "type": "string" + }, + "key": { + "description": "key provides key file contents", + "type": "string" + }, + "termination": { + "description": "termination indicates termination type.", + "type": "string" + } + }, + "required": [ + "termination" + ], + "type": "object" + }, + "wildcardPolicy": { + "description": "WildcardPolicy if any for the route. Currently only 'Subdomain' or 'None' is allowed.", + "type": "string" + } + }, + "required": [ + "enabled" + ], + "type": "object" + }, + "service": { + "description": "Service defines the options for the Service backing the ArgoCD Server component.", + "properties": { + "type": { + "description": "Type is the ServiceType to use for the Service resource.", + "type": "string" + } + }, + "required": [ + "type" + ], + "type": "object" + } + }, + "type": "object" + }, + "sourceNamespaces": { + "description": "SourceNamespaces defines the namespaces application resources are allowed to be created in", + "items": { + "type": "string" + }, + "type": "array" + }, + "sso": { + "description": "SSO defines the Single Sign-on configuration for Argo CD", + "properties": { + "dex": { + "description": "Dex contains the configuration for Argo CD dex authentication", + "properties": { + "config": { + "description": "Config is the dex connector configuration.", + "type": "string" + }, + "groups": { + "description": "Optional list of required groups a user must be a member of", + "items": { + "type": "string" + }, + "type": "array" + }, + "image": { + "description": "Image is the Dex container image.", + "type": "string" + }, + "openShiftOAuth": { + "description": "OpenShiftOAuth enables OpenShift OAuth authentication for the Dex server.", + "type": "boolean" + }, + "resources": { + "description": "Resources defines the Compute Resources required by the container for Dex.", + "properties": { + "claims": { + "description": "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers.", + "items": { + "description": "ResourceClaim references one entry in PodSpec.ResourceClaims.", + "properties": { + "name": { + "description": "Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container.", + "type": "string" + } + }, + "required": [ + "name" + ], + "type": "object" + }, + "type": "array", + "x-kubernetes-list-map-keys": [ + "name" + ], + "x-kubernetes-list-type": "map" + }, + "limits": { + "additionalProperties": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "description": "Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/", + "type": "object" + }, + "requests": { + "additionalProperties": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "description": "Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/", + "type": "object" + } + }, + "type": "object" + }, + "version": { + "description": "Version is the Dex container image tag.", + "type": "string" + } + }, + "type": "object" + }, + "image": { + "description": "Deprecated field. Support dropped in v1beta1 version. Image is the SSO container image.", + "type": "string" + }, + "keycloak": { + "description": "Keycloak contains the configuration for Argo CD keycloak authentication", + "properties": { + "image": { + "description": "Image is the Keycloak container image.", + "type": "string" + }, + "resources": { + "description": "Resources defines the Compute Resources required by the container for Keycloak.", + "properties": { + "claims": { + "description": "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers.", + "items": { + "description": "ResourceClaim references one entry in PodSpec.ResourceClaims.", + "properties": { + "name": { + "description": "Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container.", + "type": "string" + } + }, + "required": [ + "name" + ], + "type": "object" + }, + "type": "array", + "x-kubernetes-list-map-keys": [ + "name" + ], + "x-kubernetes-list-type": "map" + }, + "limits": { + "additionalProperties": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "description": "Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/", + "type": "object" + }, + "requests": { + "additionalProperties": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "description": "Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/", + "type": "object" + } + }, + "type": "object" + }, + "rootCA": { + "description": "Custom root CA certificate for communicating with the Keycloak OIDC provider", + "type": "string" + }, + "verifyTLS": { + "description": "VerifyTLS set to false disables strict TLS validation.", + "type": "boolean" + }, + "version": { + "description": "Version is the Keycloak container image tag.", + "type": "string" + } + }, + "type": "object" + }, + "provider": { + "description": "Provider installs and configures the given SSO Provider with Argo CD.", + "type": "string" + }, + "resources": { + "description": "Deprecated field. Support dropped in v1beta1 version. Resources defines the Compute Resources required by the container for SSO.", + "properties": { + "claims": { + "description": "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers.", + "items": { + "description": "ResourceClaim references one entry in PodSpec.ResourceClaims.", + "properties": { + "name": { + "description": "Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container.", + "type": "string" + } + }, + "required": [ + "name" + ], + "type": "object" + }, + "type": "array", + "x-kubernetes-list-map-keys": [ + "name" + ], + "x-kubernetes-list-type": "map" + }, + "limits": { + "additionalProperties": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "description": "Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/", + "type": "object" + }, + "requests": { + "additionalProperties": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "description": "Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/", + "type": "object" + } + }, + "type": "object" + }, + "verifyTLS": { + "description": "Deprecated field. Support dropped in v1beta1 version. VerifyTLS set to false disables strict TLS validation.", + "type": "boolean" + }, + "version": { + "description": "Deprecated field. Support dropped in v1beta1 version. Version is the SSO container image tag.", + "type": "string" + } + }, + "type": "object" + }, + "statusBadgeEnabled": { + "description": "StatusBadgeEnabled toggles application status badge feature.", + "type": "boolean" + }, + "tls": { + "description": "TLS defines the TLS options for ArgoCD.", + "properties": { + "ca": { + "description": "CA defines the CA options.", + "properties": { + "configMapName": { + "description": "ConfigMapName is the name of the ConfigMap containing the CA Certificate.", + "type": "string" + }, + "secretName": { + "description": "SecretName is the name of the Secret containing the CA Certificate and Key.", + "type": "string" + } + }, + "type": "object" + }, + "initialCerts": { + "additionalProperties": { + "type": "string" + }, + "description": "InitialCerts defines custom TLS certificates upon creation of the cluster for connecting Git repositories via HTTPS.", + "type": "object" + } + }, + "type": "object" + }, + "usersAnonymousEnabled": { + "description": "UsersAnonymousEnabled toggles anonymous user access. The anonymous users get default role permissions specified argocd-rbac-cm.", + "type": "boolean" + }, + "version": { + "description": "Version is the tag to use with the ArgoCD container image for all ArgoCD components.", + "type": "string" + } + }, + "type": "object" + }, + "status": { + "description": "ArgoCDStatus defines the observed state of ArgoCD", + "properties": { + "applicationController": { + "description": "ApplicationController is a simple, high-level summary of where the Argo CD application controller component is in its lifecycle. There are four possible ApplicationController values: Pending: The Argo CD application controller component has been accepted by the Kubernetes system, but one or more of the required resources have not been created. Running: All of the required Pods for the Argo CD application controller component are in a Ready state. Failed: At least one of the Argo CD application controller component Pods had a failure. Unknown: The state of the Argo CD application controller component could not be obtained.", + "type": "string" + }, + "applicationSetController": { + "description": "ApplicationSetController is a simple, high-level summary of where the Argo CD applicationSet controller component is in its lifecycle. There are four possible ApplicationSetController values: Pending: The Argo CD applicationSet controller component has been accepted by the Kubernetes system, but one or more of the required resources have not been created. Running: All of the required Pods for the Argo CD applicationSet controller component are in a Ready state. Failed: At least one of the Argo CD applicationSet controller component Pods had a failure. Unknown: The state of the Argo CD applicationSet controller component could not be obtained.", + "type": "string" + }, + "host": { + "description": "Host is the hostname of the Ingress.", + "type": "string" + }, + "notificationsController": { + "description": "NotificationsController is a simple, high-level summary of where the Argo CD notifications controller component is in its lifecycle. There are four possible NotificationsController values: Pending: The Argo CD notifications controller component has been accepted by the Kubernetes system, but one or more of the required resources have not been created. Running: All of the required Pods for the Argo CD notifications controller component are in a Ready state. Failed: At least one of the Argo CD notifications controller component Pods had a failure. Unknown: The state of the Argo CD notifications controller component could not be obtained.", + "type": "string" + }, + "phase": { + "description": "Phase is a simple, high-level summary of where the ArgoCD is in its lifecycle. There are four possible phase values: Pending: The ArgoCD has been accepted by the Kubernetes system, but one or more of the required resources have not been created. Available: All of the resources for the ArgoCD are ready. Failed: At least one resource has experienced a failure. Unknown: The state of the ArgoCD phase could not be obtained.", + "type": "string" + }, + "redis": { + "description": "Redis is a simple, high-level summary of where the Argo CD Redis component is in its lifecycle. There are four possible redis values: Pending: The Argo CD Redis component has been accepted by the Kubernetes system, but one or more of the required resources have not been created. Running: All of the required Pods for the Argo CD Redis component are in a Ready state. Failed: At least one of the Argo CD Redis component Pods had a failure. Unknown: The state of the Argo CD Redis component could not be obtained.", + "type": "string" + }, + "redisTLSChecksum": { + "description": "RedisTLSChecksum contains the SHA256 checksum of the latest known state of tls.crt and tls.key in the argocd-operator-redis-tls secret.", + "type": "string" + }, + "repo": { + "description": "Repo is a simple, high-level summary of where the Argo CD Repo component is in its lifecycle. There are four possible repo values: Pending: The Argo CD Repo component has been accepted by the Kubernetes system, but one or more of the required resources have not been created. Running: All of the required Pods for the Argo CD Repo component are in a Ready state. Failed: At least one of the Argo CD Repo component Pods had a failure. Unknown: The state of the Argo CD Repo component could not be obtained.", + "type": "string" + }, + "repoTLSChecksum": { + "description": "RepoTLSChecksum contains the SHA256 checksum of the latest known state of tls.crt and tls.key in the argocd-repo-server-tls secret.", + "type": "string" + }, + "server": { + "description": "Server is a simple, high-level summary of where the Argo CD server component is in its lifecycle. There are four possible server values: Pending: The Argo CD server component has been accepted by the Kubernetes system, but one or more of the required resources have not been created. Running: All of the required Pods for the Argo CD server component are in a Ready state. Failed: At least one of the Argo CD server component Pods had a failure. Unknown: The state of the Argo CD server component could not be obtained.", + "type": "string" + }, + "sso": { + "description": "SSO is a simple, high-level summary of where the Argo CD SSO(Dex/Keycloak) component is in its lifecycle. There are four possible sso values: Pending: The Argo CD SSO component has been accepted by the Kubernetes system, but one or more of the required resources have not been created. Running: All of the required Pods for the Argo CD SSO component are in a Ready state. Failed: At least one of the Argo CD SSO component Pods had a failure. Unknown: The state of the Argo CD SSO component could not be obtained.", + "type": "string" + } + }, + "type": "object" + } + }, + "type": "object" + } + }, + "served": true, + "storage": false, + "subresources": { + "status": {} + } + }, + { + "name": "v1beta1", + "schema": { + "openAPIV3Schema": { + "description": "ArgoCD is the Schema for the argocds API", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", + "type": "string" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "type": "object" + }, + "spec": { + "description": "ArgoCDSpec defines the desired state of ArgoCD", + "properties": { + "applicationInstanceLabelKey": { + "description": "ApplicationInstanceLabelKey is the key name where Argo CD injects the app name as a tracking label.", + "type": "string" + }, + "applicationSet": { + "description": "ArgoCDApplicationSet defines whether the Argo CD ApplicationSet controller should be installed.", + "properties": { + "env": { + "description": "Env lets you specify environment for applicationSet controller pods", + "items": { + "description": "EnvVar represents an environment variable present in a Container.", + "properties": { + "name": { + "description": "Name of the environment variable. Must be a C_IDENTIFIER.", + "type": "string" + }, + "value": { + "description": "Variable references $(VAR_NAME) are expanded using the previously defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to \"\".", + "type": "string" + }, + "valueFrom": { + "description": "Source for the environment variable's value. Cannot be used if value is not empty.", + "properties": { + "configMapKeyRef": { + "description": "Selects a key of a ConfigMap.", + "properties": { + "key": { + "description": "The key to select.", + "type": "string" + }, + "name": { + "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?", + "type": "string" + }, + "optional": { + "description": "Specify whether the ConfigMap or its key must be defined", + "type": "boolean" + } + }, + "required": [ + "key" + ], + "type": "object" + }, + "fieldRef": { + "description": "Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs.", + "properties": { + "apiVersion": { + "description": "Version of the schema the FieldPath is written in terms of, defaults to \"v1\".", + "type": "string" + }, + "fieldPath": { + "description": "Path of the field to select in the specified API version.", + "type": "string" + } + }, + "required": [ + "fieldPath" + ], + "type": "object" + }, + "resourceFieldRef": { + "description": "Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported.", + "properties": { + "containerName": { + "description": "Container name: required for volumes, optional for env vars", + "type": "string" + }, + "divisor": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "description": "Specifies the output format of the exposed resources, defaults to \"1\"", + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "resource": { + "description": "Required: resource to select", + "type": "string" + } + }, + "required": [ + "resource" + ], + "type": "object" + }, + "secretKeyRef": { + "description": "Selects a key of a secret in the pod's namespace", + "properties": { + "key": { + "description": "The key of the secret to select from. Must be a valid secret key.", + "type": "string" + }, + "name": { + "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?", + "type": "string" + }, + "optional": { + "description": "Specify whether the Secret or its key must be defined", + "type": "boolean" + } + }, + "required": [ + "key" + ], + "type": "object" + } + }, + "type": "object" + } + }, + "required": [ + "name" + ], + "type": "object" + }, + "type": "array" + }, + "extraCommandArgs": { + "description": "ExtraCommandArgs allows users to pass command line arguments to ApplicationSet controller. They get added to default command line arguments provided by the operator. Please note that the command line arguments provided as part of ExtraCommandArgs will not overwrite the default command line arguments.", + "items": { + "type": "string" + }, + "type": "array" + }, + "image": { + "description": "Image is the Argo CD ApplicationSet image (optional)", + "type": "string" + }, + "logLevel": { + "description": "LogLevel describes the log level that should be used by the ApplicationSet controller. Defaults to ArgoCDDefaultLogLevel if not set. Valid options are debug,info, error, and warn.", + "type": "string" + }, + "resources": { + "description": "Resources defines the Compute Resources required by the container for ApplicationSet.", + "properties": { + "claims": { + "description": "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers.", + "items": { + "description": "ResourceClaim references one entry in PodSpec.ResourceClaims.", + "properties": { + "name": { + "description": "Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container.", + "type": "string" + } + }, + "required": [ + "name" + ], + "type": "object" + }, + "type": "array", + "x-kubernetes-list-map-keys": [ + "name" + ], + "x-kubernetes-list-type": "map" + }, + "limits": { + "additionalProperties": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "description": "Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/", + "type": "object" + }, + "requests": { + "additionalProperties": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "description": "Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/", + "type": "object" + } + }, + "type": "object" + }, + "scmRootCAConfigMap": { + "description": "SCMRootCAConfigMap is the name of the config map that stores the Gitlab SCM Provider's TLS certificate which will be mounted on the ApplicationSet Controller (optional).", + "type": "string" + }, + "version": { + "description": "Version is the Argo CD ApplicationSet image tag. (optional)", + "type": "string" + }, + "webhookServer": { + "description": "WebhookServerSpec defines the options for the ApplicationSet Webhook Server component.", + "properties": { + "host": { + "description": "Host is the hostname to use for Ingress/Route resources.", + "type": "string" + }, + "ingress": { + "description": "Ingress defines the desired state for an Ingress for the Application set webhook component.", + "properties": { + "annotations": { + "additionalProperties": { + "type": "string" + }, + "description": "Annotations is the map of annotations to apply to the Ingress.", + "type": "object" + }, + "enabled": { + "description": "Enabled will toggle the creation of the Ingress.", + "type": "boolean" + }, + "ingressClassName": { + "description": "IngressClassName for the Ingress resource.", + "type": "string" + }, + "path": { + "description": "Path used for the Ingress resource.", + "type": "string" + }, + "tls": { + "description": "TLS configuration. Currently the Ingress only supports a single TLS port, 443. If multiple members of this list specify different hosts, they will be multiplexed on the same port according to the hostname specified through the SNI TLS extension, if the ingress controller fulfilling the ingress supports SNI.", + "items": { + "description": "IngressTLS describes the transport layer security associated with an ingress.", + "properties": { + "hosts": { + "description": "hosts is a list of hosts included in the TLS certificate. The values in this list must match the name/s used in the tlsSecret. Defaults to the wildcard host setting for the loadbalancer controller fulfilling this Ingress, if left unspecified.", + "items": { + "type": "string" + }, + "type": "array", + "x-kubernetes-list-type": "atomic" + }, + "secretName": { + "description": "secretName is the name of the secret used to terminate TLS traffic on port 443. Field is left optional to allow TLS routing based on SNI hostname alone. If the SNI host in a listener conflicts with the \"Host\" header field used by an IngressRule, the SNI host is used for termination and value of the \"Host\" header is used for routing.", + "type": "string" + } + }, + "type": "object" + }, + "type": "array" + } + }, + "required": [ + "enabled" + ], + "type": "object" + }, + "route": { + "description": "Route defines the desired state for an OpenShift Route for the Application set webhook component.", + "properties": { + "annotations": { + "additionalProperties": { + "type": "string" + }, + "description": "Annotations is the map of annotations to use for the Route resource.", + "type": "object" + }, + "enabled": { + "description": "Enabled will toggle the creation of the OpenShift Route.", + "type": "boolean" + }, + "labels": { + "additionalProperties": { + "type": "string" + }, + "description": "Labels is the map of labels to use for the Route resource", + "type": "object" + }, + "path": { + "description": "Path the router watches for, to route traffic for to the service.", + "type": "string" + }, + "tls": { + "description": "TLS provides the ability to configure certificates and termination for the Route.", + "properties": { + "caCertificate": { + "description": "caCertificate provides the cert authority certificate contents", + "type": "string" + }, + "certificate": { + "description": "certificate provides certificate contents", + "type": "string" + }, + "destinationCACertificate": { + "description": "destinationCACertificate provides the contents of the ca certificate of the final destination. When using reencrypt termination this file should be provided in order to have routers use it for health checks on the secure connection. If this field is not specified, the router may provide its own destination CA and perform hostname validation using the short service name (service.namespace.svc), which allows infrastructure generated certificates to automatically verify.", + "type": "string" + }, + "insecureEdgeTerminationPolicy": { + "description": "insecureEdgeTerminationPolicy indicates the desired behavior for insecure connections to a route. While each router may make its own decisions on which ports to expose, this is normally port 80. \n * Allow - traffic is sent to the server on the insecure port (default) * Disable - no traffic is allowed on the insecure port. * Redirect - clients are redirected to the secure port.", + "type": "string" + }, + "key": { + "description": "key provides key file contents", + "type": "string" + }, + "termination": { + "description": "termination indicates termination type.", + "type": "string" + } + }, + "required": [ + "termination" + ], + "type": "object" + }, + "wildcardPolicy": { + "description": "WildcardPolicy if any for the route. Currently only 'Subdomain' or 'None' is allowed.", + "type": "string" + } + }, + "required": [ + "enabled" + ], + "type": "object" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "banner": { + "description": "Banner defines an additional banner to be displayed in Argo CD UI", + "properties": { + "content": { + "description": "Content defines the banner message content to display", + "type": "string" + }, + "url": { + "description": "URL defines an optional URL to be used as banner message link", + "type": "string" + } + }, + "required": [ + "content" + ], + "type": "object" + }, + "configManagementPlugins": { + "description": "ConfigManagementPlugins is used to specify additional config management plugins.", + "type": "string" + }, + "controller": { + "description": "Controller defines the Application Controller options for ArgoCD.", + "properties": { + "appSync": { + "description": "AppSync is used to control the sync frequency, by default the ArgoCD controller polls Git every 3m. \n Set this to a duration, e.g. 10m or 600s to control the synchronisation frequency.", + "type": "string" + }, + "env": { + "description": "Env lets you specify environment for application controller pods", + "items": { + "description": "EnvVar represents an environment variable present in a Container.", + "properties": { + "name": { + "description": "Name of the environment variable. Must be a C_IDENTIFIER.", + "type": "string" + }, + "value": { + "description": "Variable references $(VAR_NAME) are expanded using the previously defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to \"\".", + "type": "string" + }, + "valueFrom": { + "description": "Source for the environment variable's value. Cannot be used if value is not empty.", + "properties": { + "configMapKeyRef": { + "description": "Selects a key of a ConfigMap.", + "properties": { + "key": { + "description": "The key to select.", + "type": "string" + }, + "name": { + "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?", + "type": "string" + }, + "optional": { + "description": "Specify whether the ConfigMap or its key must be defined", + "type": "boolean" + } + }, + "required": [ + "key" + ], + "type": "object" + }, + "fieldRef": { + "description": "Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs.", + "properties": { + "apiVersion": { + "description": "Version of the schema the FieldPath is written in terms of, defaults to \"v1\".", + "type": "string" + }, + "fieldPath": { + "description": "Path of the field to select in the specified API version.", + "type": "string" + } + }, + "required": [ + "fieldPath" + ], + "type": "object" + }, + "resourceFieldRef": { + "description": "Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported.", + "properties": { + "containerName": { + "description": "Container name: required for volumes, optional for env vars", + "type": "string" + }, + "divisor": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "description": "Specifies the output format of the exposed resources, defaults to \"1\"", + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "resource": { + "description": "Required: resource to select", + "type": "string" + } + }, + "required": [ + "resource" + ], + "type": "object" + }, + "secretKeyRef": { + "description": "Selects a key of a secret in the pod's namespace", + "properties": { + "key": { + "description": "The key of the secret to select from. Must be a valid secret key.", + "type": "string" + }, + "name": { + "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?", + "type": "string" + }, + "optional": { + "description": "Specify whether the Secret or its key must be defined", + "type": "boolean" + } + }, + "required": [ + "key" + ], + "type": "object" + } + }, + "type": "object" + } + }, + "required": [ + "name" + ], + "type": "object" + }, + "type": "array" + }, + "logFormat": { + "description": "LogFormat refers to the log format used by the Application Controller component. Defaults to ArgoCDDefaultLogFormat if not configured. Valid options are text or json.", + "type": "string" + }, + "logLevel": { + "description": "LogLevel refers to the log level used by the Application Controller component. Defaults to ArgoCDDefaultLogLevel if not configured. Valid options are debug, info, error, and warn.", + "type": "string" + }, + "parallelismLimit": { + "description": "ParallelismLimit defines the limit for parallel kubectl operations", + "format": "int32", + "type": "integer" + }, + "processors": { + "description": "Processors contains the options for the Application Controller processors.", + "properties": { + "operation": { + "description": "Operation is the number of application operation processors.", + "format": "int32", + "type": "integer" + }, + "status": { + "description": "Status is the number of application status processors.", + "format": "int32", + "type": "integer" + } + }, + "type": "object" + }, + "resources": { + "description": "Resources defines the Compute Resources required by the container for the Application Controller.", + "properties": { + "claims": { + "description": "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers.", + "items": { + "description": "ResourceClaim references one entry in PodSpec.ResourceClaims.", + "properties": { + "name": { + "description": "Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container.", + "type": "string" + } + }, + "required": [ + "name" + ], + "type": "object" + }, + "type": "array", + "x-kubernetes-list-map-keys": [ + "name" + ], + "x-kubernetes-list-type": "map" + }, + "limits": { + "additionalProperties": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "description": "Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/", + "type": "object" + }, + "requests": { + "additionalProperties": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "description": "Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/", + "type": "object" + } + }, + "type": "object" + }, + "sharding": { + "description": "Sharding contains the options for the Application Controller sharding configuration.", + "properties": { + "clustersPerShard": { + "description": "ClustersPerShard defines the maximum number of clusters managed by each argocd shard", + "format": "int32", + "minimum": 1, + "type": "integer" + }, + "dynamicScalingEnabled": { + "description": "DynamicScalingEnabled defines whether dynamic scaling should be enabled for Application Controller component", + "type": "boolean" + }, + "enabled": { + "description": "Enabled defines whether sharding should be enabled on the Application Controller component.", + "type": "boolean" + }, + "maxShards": { + "description": "MaxShards defines the maximum number of shards at any given point", + "format": "int32", + "type": "integer" + }, + "minShards": { + "description": "MinShards defines the minimum number of shards at any given point", + "format": "int32", + "minimum": 1, + "type": "integer" + }, + "replicas": { + "description": "Replicas defines the number of replicas to run in the Application controller shard.", + "format": "int32", + "type": "integer" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "disableAdmin": { + "description": "DisableAdmin will disable the admin user.", + "type": "boolean" + }, + "extraConfig": { + "additionalProperties": { + "type": "string" + }, + "description": "ExtraConfig can be used to add fields to Argo CD configmap that are not supported by Argo CD CRD. \n Note: ExtraConfig takes precedence over Argo CD CRD. For example, A user sets `argocd.Spec.DisableAdmin` = true and also `a.Spec.ExtraConfig[\"admin.enabled\"]` = true. In this case, operator updates Argo CD Configmap as follows -> argocd-cm.Data[\"admin.enabled\"] = true.", + "type": "object" + }, + "gaAnonymizeUsers": { + "description": "GAAnonymizeUsers toggles user IDs being hashed before sending to google analytics.", + "type": "boolean" + }, + "gaTrackingID": { + "description": "GATrackingID is the google analytics tracking ID to use.", + "type": "string" + }, + "grafana": { + "description": "Grafana defines the Grafana server options for ArgoCD.", + "properties": { + "enabled": { + "description": "Enabled will toggle Grafana support globally for ArgoCD.", + "type": "boolean" + }, + "host": { + "description": "Host is the hostname to use for Ingress/Route resources.", + "type": "string" + }, + "image": { + "description": "Image is the Grafana container image.", + "type": "string" + }, + "ingress": { + "description": "Ingress defines the desired state for an Ingress for the Grafana component.", + "properties": { + "annotations": { + "additionalProperties": { + "type": "string" + }, + "description": "Annotations is the map of annotations to apply to the Ingress.", + "type": "object" + }, + "enabled": { + "description": "Enabled will toggle the creation of the Ingress.", + "type": "boolean" + }, + "ingressClassName": { + "description": "IngressClassName for the Ingress resource.", + "type": "string" + }, + "path": { + "description": "Path used for the Ingress resource.", + "type": "string" + }, + "tls": { + "description": "TLS configuration. Currently the Ingress only supports a single TLS port, 443. If multiple members of this list specify different hosts, they will be multiplexed on the same port according to the hostname specified through the SNI TLS extension, if the ingress controller fulfilling the ingress supports SNI.", + "items": { + "description": "IngressTLS describes the transport layer security associated with an ingress.", + "properties": { + "hosts": { + "description": "hosts is a list of hosts included in the TLS certificate. The values in this list must match the name/s used in the tlsSecret. Defaults to the wildcard host setting for the loadbalancer controller fulfilling this Ingress, if left unspecified.", + "items": { + "type": "string" + }, + "type": "array", + "x-kubernetes-list-type": "atomic" + }, + "secretName": { + "description": "secretName is the name of the secret used to terminate TLS traffic on port 443. Field is left optional to allow TLS routing based on SNI hostname alone. If the SNI host in a listener conflicts with the \"Host\" header field used by an IngressRule, the SNI host is used for termination and value of the \"Host\" header is used for routing.", + "type": "string" + } + }, + "type": "object" + }, + "type": "array" + } + }, + "required": [ + "enabled" + ], + "type": "object" + }, + "resources": { + "description": "Resources defines the Compute Resources required by the container for Grafana.", + "properties": { + "claims": { + "description": "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers.", + "items": { + "description": "ResourceClaim references one entry in PodSpec.ResourceClaims.", + "properties": { + "name": { + "description": "Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container.", + "type": "string" + } + }, + "required": [ + "name" + ], + "type": "object" + }, + "type": "array", + "x-kubernetes-list-map-keys": [ + "name" + ], + "x-kubernetes-list-type": "map" + }, + "limits": { + "additionalProperties": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "description": "Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/", + "type": "object" + }, + "requests": { + "additionalProperties": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "description": "Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/", + "type": "object" + } + }, + "type": "object" + }, + "route": { + "description": "Route defines the desired state for an OpenShift Route for the Grafana component.", + "properties": { + "annotations": { + "additionalProperties": { + "type": "string" + }, + "description": "Annotations is the map of annotations to use for the Route resource.", + "type": "object" + }, + "enabled": { + "description": "Enabled will toggle the creation of the OpenShift Route.", + "type": "boolean" + }, + "labels": { + "additionalProperties": { + "type": "string" + }, + "description": "Labels is the map of labels to use for the Route resource", + "type": "object" + }, + "path": { + "description": "Path the router watches for, to route traffic for to the service.", + "type": "string" + }, + "tls": { + "description": "TLS provides the ability to configure certificates and termination for the Route.", + "properties": { + "caCertificate": { + "description": "caCertificate provides the cert authority certificate contents", + "type": "string" + }, + "certificate": { + "description": "certificate provides certificate contents", + "type": "string" + }, + "destinationCACertificate": { + "description": "destinationCACertificate provides the contents of the ca certificate of the final destination. When using reencrypt termination this file should be provided in order to have routers use it for health checks on the secure connection. If this field is not specified, the router may provide its own destination CA and perform hostname validation using the short service name (service.namespace.svc), which allows infrastructure generated certificates to automatically verify.", + "type": "string" + }, + "insecureEdgeTerminationPolicy": { + "description": "insecureEdgeTerminationPolicy indicates the desired behavior for insecure connections to a route. While each router may make its own decisions on which ports to expose, this is normally port 80. \n * Allow - traffic is sent to the server on the insecure port (default) * Disable - no traffic is allowed on the insecure port. * Redirect - clients are redirected to the secure port.", + "type": "string" + }, + "key": { + "description": "key provides key file contents", + "type": "string" + }, + "termination": { + "description": "termination indicates termination type.", + "type": "string" + } + }, + "required": [ + "termination" + ], + "type": "object" + }, + "wildcardPolicy": { + "description": "WildcardPolicy if any for the route. Currently only 'Subdomain' or 'None' is allowed.", + "type": "string" + } + }, + "required": [ + "enabled" + ], + "type": "object" + }, + "size": { + "description": "Size is the replica count for the Grafana Deployment.", + "format": "int32", + "type": "integer" + }, + "version": { + "description": "Version is the Grafana container image tag.", + "type": "string" + } + }, + "required": [ + "enabled" + ], + "type": "object" + }, + "ha": { + "description": "HA options for High Availability support for the Redis component.", + "properties": { + "enabled": { + "description": "Enabled will toggle HA support globally for Argo CD.", + "type": "boolean" + }, + "redisProxyImage": { + "description": "RedisProxyImage is the Redis HAProxy container image.", + "type": "string" + }, + "redisProxyVersion": { + "description": "RedisProxyVersion is the Redis HAProxy container image tag.", + "type": "string" + }, + "resources": { + "description": "Resources defines the Compute Resources required by the container for HA.", + "properties": { + "claims": { + "description": "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers.", + "items": { + "description": "ResourceClaim references one entry in PodSpec.ResourceClaims.", + "properties": { + "name": { + "description": "Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container.", + "type": "string" + } + }, + "required": [ + "name" + ], + "type": "object" + }, + "type": "array", + "x-kubernetes-list-map-keys": [ + "name" + ], + "x-kubernetes-list-type": "map" + }, + "limits": { + "additionalProperties": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "description": "Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/", + "type": "object" + }, + "requests": { + "additionalProperties": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "description": "Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/", + "type": "object" + } + }, + "type": "object" + } + }, + "required": [ + "enabled" + ], + "type": "object" + }, + "helpChatText": { + "description": "HelpChatText is the text for getting chat help, defaults to \"Chat now!\"", + "type": "string" + }, + "helpChatURL": { + "description": "HelpChatURL is the URL for getting chat help, this will typically be your Slack channel for support.", + "type": "string" + }, + "image": { + "description": "Image is the ArgoCD container image for all ArgoCD components.", + "type": "string" + }, + "import": { + "description": "Import is the import/restore options for ArgoCD.", + "properties": { + "name": { + "description": "Name of an ArgoCDExport from which to import data.", + "type": "string" + }, + "namespace": { + "description": "Namespace for the ArgoCDExport, defaults to the same namespace as the ArgoCD.", + "type": "string" + } + }, + "required": [ + "name" + ], + "type": "object" + }, + "initialRepositories": { + "description": "InitialRepositories to configure Argo CD with upon creation of the cluster.", + "type": "string" + }, + "initialSSHKnownHosts": { + "description": "InitialSSHKnownHosts defines the SSH known hosts data upon creation of the cluster for connecting Git repositories via SSH.", + "properties": { + "excludedefaulthosts": { + "description": "ExcludeDefaultHosts describes whether you would like to include the default list of SSH Known Hosts provided by ArgoCD.", + "type": "boolean" + }, + "keys": { + "description": "Keys describes a custom set of SSH Known Hosts that you would like to have included in your ArgoCD server.", + "type": "string" + } + }, + "type": "object" + }, + "kustomizeBuildOptions": { + "description": "KustomizeBuildOptions is used to specify build options/parameters to use with `kustomize build`.", + "type": "string" + }, + "kustomizeVersions": { + "description": "KustomizeVersions is a listing of configured versions of Kustomize to be made available within ArgoCD.", + "items": { + "description": "KustomizeVersionSpec is used to specify information about a kustomize version to be used within ArgoCD.", + "properties": { + "path": { + "description": "Path is the path to a configured kustomize version on the filesystem of your repo server.", + "type": "string" + }, + "version": { + "description": "Version is a configured kustomize version in the format of vX.Y.Z", + "type": "string" + } + }, + "type": "object" + }, + "type": "array" + }, + "monitoring": { + "description": "Monitoring defines whether workload status monitoring configuration for this instance.", + "properties": { + "enabled": { + "description": "Enabled defines whether workload status monitoring is enabled for this instance or not", + "type": "boolean" + } + }, + "required": [ + "enabled" + ], + "type": "object" + }, + "nodePlacement": { + "description": "NodePlacement defines NodeSelectors and Taints for Argo CD workloads", + "properties": { + "nodeSelector": { + "additionalProperties": { + "type": "string" + }, + "description": "NodeSelector is a field of PodSpec, it is a map of key value pairs used for node selection", + "type": "object" + }, + "tolerations": { + "description": "Tolerations allow the pods to schedule onto nodes with matching taints", + "items": { + "description": "The pod this Toleration is attached to tolerates any taint that matches the triple using the matching operator .", + "properties": { + "effect": { + "description": "Effect indicates the taint effect to match. Empty means match all taint effects. When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute.", + "type": "string" + }, + "key": { + "description": "Key is the taint key that the toleration applies to. Empty means match all taint keys. If the key is empty, operator must be Exists; this combination means to match all values and all keys.", + "type": "string" + }, + "operator": { + "description": "Operator represents a key's relationship to the value. Valid operators are Exists and Equal. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category.", + "type": "string" + }, + "tolerationSeconds": { + "description": "TolerationSeconds represents the period of time the toleration (which must be of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, it is not set, which means tolerate the taint forever (do not evict). Zero and negative values will be treated as 0 (evict immediately) by the system.", + "format": "int64", + "type": "integer" + }, + "value": { + "description": "Value is the taint value the toleration matches to. If the operator is Exists, the value should be empty, otherwise just a regular string.", + "type": "string" + } + }, + "type": "object" + }, + "type": "array" + } + }, + "type": "object" + }, + "notifications": { + "description": "Notifications defines whether the Argo CD Notifications controller should be installed.", + "properties": { + "enabled": { + "description": "Enabled defines whether argocd-notifications controller should be deployed or not", + "type": "boolean" + }, + "env": { + "description": "Env let you specify environment variables for Notifications pods", + "items": { + "description": "EnvVar represents an environment variable present in a Container.", + "properties": { + "name": { + "description": "Name of the environment variable. Must be a C_IDENTIFIER.", + "type": "string" + }, + "value": { + "description": "Variable references $(VAR_NAME) are expanded using the previously defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to \"\".", + "type": "string" + }, + "valueFrom": { + "description": "Source for the environment variable's value. Cannot be used if value is not empty.", + "properties": { + "configMapKeyRef": { + "description": "Selects a key of a ConfigMap.", + "properties": { + "key": { + "description": "The key to select.", + "type": "string" + }, + "name": { + "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?", + "type": "string" + }, + "optional": { + "description": "Specify whether the ConfigMap or its key must be defined", + "type": "boolean" + } + }, + "required": [ + "key" + ], + "type": "object" + }, + "fieldRef": { + "description": "Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs.", + "properties": { + "apiVersion": { + "description": "Version of the schema the FieldPath is written in terms of, defaults to \"v1\".", + "type": "string" + }, + "fieldPath": { + "description": "Path of the field to select in the specified API version.", + "type": "string" + } + }, + "required": [ + "fieldPath" + ], + "type": "object" + }, + "resourceFieldRef": { + "description": "Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported.", + "properties": { + "containerName": { + "description": "Container name: required for volumes, optional for env vars", + "type": "string" + }, + "divisor": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "description": "Specifies the output format of the exposed resources, defaults to \"1\"", + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "resource": { + "description": "Required: resource to select", + "type": "string" + } + }, + "required": [ + "resource" + ], + "type": "object" + }, + "secretKeyRef": { + "description": "Selects a key of a secret in the pod's namespace", + "properties": { + "key": { + "description": "The key of the secret to select from. Must be a valid secret key.", + "type": "string" + }, + "name": { + "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?", + "type": "string" + }, + "optional": { + "description": "Specify whether the Secret or its key must be defined", + "type": "boolean" + } + }, + "required": [ + "key" + ], + "type": "object" + } + }, + "type": "object" + } + }, + "required": [ + "name" + ], + "type": "object" + }, + "type": "array" + }, + "image": { + "description": "Image is the Argo CD Notifications image (optional)", + "type": "string" + }, + "logLevel": { + "description": "LogLevel describes the log level that should be used by the argocd-notifications. Defaults to ArgoCDDefaultLogLevel if not set. Valid options are debug,info, error, and warn.", + "type": "string" + }, + "replicas": { + "description": "Replicas defines the number of replicas to run for notifications-controller", + "format": "int32", + "type": "integer" + }, + "resources": { + "description": "Resources defines the Compute Resources required by the container for Argo CD Notifications.", + "properties": { + "claims": { + "description": "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers.", + "items": { + "description": "ResourceClaim references one entry in PodSpec.ResourceClaims.", + "properties": { + "name": { + "description": "Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container.", + "type": "string" + } + }, + "required": [ + "name" + ], + "type": "object" + }, + "type": "array", + "x-kubernetes-list-map-keys": [ + "name" + ], + "x-kubernetes-list-type": "map" + }, + "limits": { + "additionalProperties": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "description": "Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/", + "type": "object" + }, + "requests": { + "additionalProperties": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "description": "Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/", + "type": "object" + } + }, + "type": "object" + }, + "version": { + "description": "Version is the Argo CD Notifications image tag. (optional)", + "type": "string" + } + }, + "required": [ + "enabled" + ], + "type": "object" + }, + "oidcConfig": { + "description": "OIDCConfig is the OIDC configuration as an alternative to dex.", + "type": "string" + }, + "prometheus": { + "description": "Prometheus defines the Prometheus server options for ArgoCD.", + "properties": { + "enabled": { + "description": "Enabled will toggle Prometheus support globally for ArgoCD.", + "type": "boolean" + }, + "host": { + "description": "Host is the hostname to use for Ingress/Route resources.", + "type": "string" + }, + "ingress": { + "description": "Ingress defines the desired state for an Ingress for the Prometheus component.", + "properties": { + "annotations": { + "additionalProperties": { + "type": "string" + }, + "description": "Annotations is the map of annotations to apply to the Ingress.", + "type": "object" + }, + "enabled": { + "description": "Enabled will toggle the creation of the Ingress.", + "type": "boolean" + }, + "ingressClassName": { + "description": "IngressClassName for the Ingress resource.", + "type": "string" + }, + "path": { + "description": "Path used for the Ingress resource.", + "type": "string" + }, + "tls": { + "description": "TLS configuration. Currently the Ingress only supports a single TLS port, 443. If multiple members of this list specify different hosts, they will be multiplexed on the same port according to the hostname specified through the SNI TLS extension, if the ingress controller fulfilling the ingress supports SNI.", + "items": { + "description": "IngressTLS describes the transport layer security associated with an ingress.", + "properties": { + "hosts": { + "description": "hosts is a list of hosts included in the TLS certificate. The values in this list must match the name/s used in the tlsSecret. Defaults to the wildcard host setting for the loadbalancer controller fulfilling this Ingress, if left unspecified.", + "items": { + "type": "string" + }, + "type": "array", + "x-kubernetes-list-type": "atomic" + }, + "secretName": { + "description": "secretName is the name of the secret used to terminate TLS traffic on port 443. Field is left optional to allow TLS routing based on SNI hostname alone. If the SNI host in a listener conflicts with the \"Host\" header field used by an IngressRule, the SNI host is used for termination and value of the \"Host\" header is used for routing.", + "type": "string" + } + }, + "type": "object" + }, + "type": "array" + } + }, + "required": [ + "enabled" + ], + "type": "object" + }, + "route": { + "description": "Route defines the desired state for an OpenShift Route for the Prometheus component.", + "properties": { + "annotations": { + "additionalProperties": { + "type": "string" + }, + "description": "Annotations is the map of annotations to use for the Route resource.", + "type": "object" + }, + "enabled": { + "description": "Enabled will toggle the creation of the OpenShift Route.", + "type": "boolean" + }, + "labels": { + "additionalProperties": { + "type": "string" + }, + "description": "Labels is the map of labels to use for the Route resource", + "type": "object" + }, + "path": { + "description": "Path the router watches for, to route traffic for to the service.", + "type": "string" + }, + "tls": { + "description": "TLS provides the ability to configure certificates and termination for the Route.", + "properties": { + "caCertificate": { + "description": "caCertificate provides the cert authority certificate contents", + "type": "string" + }, + "certificate": { + "description": "certificate provides certificate contents", + "type": "string" + }, + "destinationCACertificate": { + "description": "destinationCACertificate provides the contents of the ca certificate of the final destination. When using reencrypt termination this file should be provided in order to have routers use it for health checks on the secure connection. If this field is not specified, the router may provide its own destination CA and perform hostname validation using the short service name (service.namespace.svc), which allows infrastructure generated certificates to automatically verify.", + "type": "string" + }, + "insecureEdgeTerminationPolicy": { + "description": "insecureEdgeTerminationPolicy indicates the desired behavior for insecure connections to a route. While each router may make its own decisions on which ports to expose, this is normally port 80. \n * Allow - traffic is sent to the server on the insecure port (default) * Disable - no traffic is allowed on the insecure port. * Redirect - clients are redirected to the secure port.", + "type": "string" + }, + "key": { + "description": "key provides key file contents", + "type": "string" + }, + "termination": { + "description": "termination indicates termination type.", + "type": "string" + } + }, + "required": [ + "termination" + ], + "type": "object" + }, + "wildcardPolicy": { + "description": "WildcardPolicy if any for the route. Currently only 'Subdomain' or 'None' is allowed.", + "type": "string" + } + }, + "required": [ + "enabled" + ], + "type": "object" + }, + "size": { + "description": "Size is the replica count for the Prometheus StatefulSet.", + "format": "int32", + "type": "integer" + } + }, + "required": [ + "enabled" + ], + "type": "object" + }, + "rbac": { + "description": "RBAC defines the RBAC configuration for Argo CD.", + "properties": { + "defaultPolicy": { + "description": "DefaultPolicy is the name of the default role which Argo CD will falls back to, when authorizing API requests (optional). If omitted or empty, users may be still be able to login, but will see no apps, projects, etc...", + "type": "string" + }, + "policy": { + "description": "Policy is CSV containing user-defined RBAC policies and role definitions. Policy rules are in the form: p, subject, resource, action, object, effect Role definitions and bindings are in the form: g, subject, inherited-subject See https://github.com/argoproj/argo-cd/blob/master/docs/operator-manual/rbac.md for additional information.", + "type": "string" + }, + "policyMatcherMode": { + "description": "PolicyMatcherMode configures the matchers function mode for casbin. There are two options for this, 'glob' for glob matcher or 'regex' for regex matcher.", + "type": "string" + }, + "scopes": { + "description": "Scopes controls which OIDC scopes to examine during rbac enforcement (in addition to `sub` scope). If omitted, defaults to: '[groups]'.", + "type": "string" + } + }, + "type": "object" + }, + "redis": { + "description": "Redis defines the Redis server options for ArgoCD.", + "properties": { + "autotls": { + "description": "AutoTLS specifies the method to use for automatic TLS configuration for the redis server The value specified here can currently be: - openshift - Use the OpenShift service CA to request TLS config", + "type": "string" + }, + "disableTLSVerification": { + "description": "DisableTLSVerification defines whether redis server API should be accessed using strict TLS validation", + "type": "boolean" + }, + "image": { + "description": "Image is the Redis container image.", + "type": "string" + }, + "resources": { + "description": "Resources defines the Compute Resources required by the container for Redis.", + "properties": { + "claims": { + "description": "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers.", + "items": { + "description": "ResourceClaim references one entry in PodSpec.ResourceClaims.", + "properties": { + "name": { + "description": "Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container.", + "type": "string" + } + }, + "required": [ + "name" + ], + "type": "object" + }, + "type": "array", + "x-kubernetes-list-map-keys": [ + "name" + ], + "x-kubernetes-list-type": "map" + }, + "limits": { + "additionalProperties": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "description": "Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/", + "type": "object" + }, + "requests": { + "additionalProperties": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "description": "Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/", + "type": "object" + } + }, + "type": "object" + }, + "version": { + "description": "Version is the Redis container image tag.", + "type": "string" + } + }, + "type": "object" + }, + "repo": { + "description": "Repo defines the repo server options for Argo CD.", + "properties": { + "autotls": { + "description": "AutoTLS specifies the method to use for automatic TLS configuration for the repo server The value specified here can currently be: - openshift - Use the OpenShift service CA to request TLS config", + "type": "string" + }, + "env": { + "description": "Env lets you specify environment for repo server pods", + "items": { + "description": "EnvVar represents an environment variable present in a Container.", + "properties": { + "name": { + "description": "Name of the environment variable. Must be a C_IDENTIFIER.", + "type": "string" + }, + "value": { + "description": "Variable references $(VAR_NAME) are expanded using the previously defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to \"\".", + "type": "string" + }, + "valueFrom": { + "description": "Source for the environment variable's value. Cannot be used if value is not empty.", + "properties": { + "configMapKeyRef": { + "description": "Selects a key of a ConfigMap.", + "properties": { + "key": { + "description": "The key to select.", + "type": "string" + }, + "name": { + "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?", + "type": "string" + }, + "optional": { + "description": "Specify whether the ConfigMap or its key must be defined", + "type": "boolean" + } + }, + "required": [ + "key" + ], + "type": "object" + }, + "fieldRef": { + "description": "Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs.", + "properties": { + "apiVersion": { + "description": "Version of the schema the FieldPath is written in terms of, defaults to \"v1\".", + "type": "string" + }, + "fieldPath": { + "description": "Path of the field to select in the specified API version.", + "type": "string" + } + }, + "required": [ + "fieldPath" + ], + "type": "object" + }, + "resourceFieldRef": { + "description": "Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported.", + "properties": { + "containerName": { + "description": "Container name: required for volumes, optional for env vars", + "type": "string" + }, + "divisor": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "description": "Specifies the output format of the exposed resources, defaults to \"1\"", + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "resource": { + "description": "Required: resource to select", + "type": "string" + } + }, + "required": [ + "resource" + ], + "type": "object" + }, + "secretKeyRef": { + "description": "Selects a key of a secret in the pod's namespace", + "properties": { + "key": { + "description": "The key of the secret to select from. Must be a valid secret key.", + "type": "string" + }, + "name": { + "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?", + "type": "string" + }, + "optional": { + "description": "Specify whether the Secret or its key must be defined", + "type": "boolean" + } + }, + "required": [ + "key" + ], + "type": "object" + } + }, + "type": "object" + } + }, + "required": [ + "name" + ], + "type": "object" + }, + "type": "array" + }, + "execTimeout": { + "description": "ExecTimeout specifies the timeout in seconds for tool execution", + "type": "integer" + }, + "extraRepoCommandArgs": { + "description": "Extra Command arguments allows users to pass command line arguments to repo server workload. They get added to default command line arguments provided by the operator. Please note that the command line arguments provided as part of ExtraRepoCommandArgs will not overwrite the default command line arguments.", + "items": { + "type": "string" + }, + "type": "array" + }, + "image": { + "description": "Image is the ArgoCD Repo Server container image.", + "type": "string" + }, + "initContainers": { + "description": "InitContainers defines the list of initialization containers for the repo server deployment", + "items": { + "description": "A single application container that you want to run within a pod.", + "properties": { + "args": { + "description": "Arguments to the entrypoint. The container image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell", + "items": { + "type": "string" + }, + "type": "array" + }, + "command": { + "description": "Entrypoint array. Not executed within a shell. The container image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell", + "items": { + "type": "string" + }, + "type": "array" + }, + "env": { + "description": "List of environment variables to set in the container. Cannot be updated.", + "items": { + "description": "EnvVar represents an environment variable present in a Container.", + "properties": { + "name": { + "description": "Name of the environment variable. Must be a C_IDENTIFIER.", + "type": "string" + }, + "value": { + "description": "Variable references $(VAR_NAME) are expanded using the previously defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to \"\".", + "type": "string" + }, + "valueFrom": { + "description": "Source for the environment variable's value. Cannot be used if value is not empty.", + "properties": { + "configMapKeyRef": { + "description": "Selects a key of a ConfigMap.", + "properties": { + "key": { + "description": "The key to select.", + "type": "string" + }, + "name": { + "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?", + "type": "string" + }, + "optional": { + "description": "Specify whether the ConfigMap or its key must be defined", + "type": "boolean" + } + }, + "required": [ + "key" + ], + "type": "object" + }, + "fieldRef": { + "description": "Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs.", + "properties": { + "apiVersion": { + "description": "Version of the schema the FieldPath is written in terms of, defaults to \"v1\".", + "type": "string" + }, + "fieldPath": { + "description": "Path of the field to select in the specified API version.", + "type": "string" + } + }, + "required": [ + "fieldPath" + ], + "type": "object" + }, + "resourceFieldRef": { + "description": "Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported.", + "properties": { + "containerName": { + "description": "Container name: required for volumes, optional for env vars", + "type": "string" + }, + "divisor": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "description": "Specifies the output format of the exposed resources, defaults to \"1\"", + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "resource": { + "description": "Required: resource to select", + "type": "string" + } + }, + "required": [ + "resource" + ], + "type": "object" + }, + "secretKeyRef": { + "description": "Selects a key of a secret in the pod's namespace", + "properties": { + "key": { + "description": "The key of the secret to select from. Must be a valid secret key.", + "type": "string" + }, + "name": { + "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?", + "type": "string" + }, + "optional": { + "description": "Specify whether the Secret or its key must be defined", + "type": "boolean" + } + }, + "required": [ + "key" + ], + "type": "object" + } + }, + "type": "object" + } + }, + "required": [ + "name" + ], + "type": "object" + }, + "type": "array" + }, + "envFrom": { + "description": "List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated.", + "items": { + "description": "EnvFromSource represents the source of a set of ConfigMaps", + "properties": { + "configMapRef": { + "description": "The ConfigMap to select from", + "properties": { + "name": { + "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?", + "type": "string" + }, + "optional": { + "description": "Specify whether the ConfigMap must be defined", + "type": "boolean" + } + }, + "type": "object" + }, + "prefix": { + "description": "An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER.", + "type": "string" + }, + "secretRef": { + "description": "The Secret to select from", + "properties": { + "name": { + "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?", + "type": "string" + }, + "optional": { + "description": "Specify whether the Secret must be defined", + "type": "boolean" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "type": "array" + }, + "image": { + "description": "Container image name. More info: https://kubernetes.io/docs/concepts/containers/images This field is optional to allow higher level config management to default or override container images in workload controllers like Deployments and StatefulSets.", + "type": "string" + }, + "imagePullPolicy": { + "description": "Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images", + "type": "string" + }, + "lifecycle": { + "description": "Actions that the management system should take in response to container lifecycle events. Cannot be updated.", + "properties": { + "postStart": { + "description": "PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks", + "properties": { + "exec": { + "description": "Exec specifies the action to take.", + "properties": { + "command": { + "description": "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + }, + "httpGet": { + "description": "HTTPGet specifies the http request to perform.", + "properties": { + "host": { + "description": "Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead.", + "type": "string" + }, + "httpHeaders": { + "description": "Custom headers to set in the request. HTTP allows repeated headers.", + "items": { + "description": "HTTPHeader describes a custom header to be used in HTTP probes", + "properties": { + "name": { + "description": "The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.", + "type": "string" + }, + "value": { + "description": "The header field value", + "type": "string" + } + }, + "required": [ + "name", + "value" + ], + "type": "object" + }, + "type": "array" + }, + "path": { + "description": "Path to access on the HTTP server.", + "type": "string" + }, + "port": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "description": "Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.", + "x-kubernetes-int-or-string": true + }, + "scheme": { + "description": "Scheme to use for connecting to the host. Defaults to HTTP.", + "type": "string" + } + }, + "required": [ + "port" + ], + "type": "object" + }, + "tcpSocket": { + "description": "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified.", + "properties": { + "host": { + "description": "Optional: Host name to connect to, defaults to the pod IP.", + "type": "string" + }, + "port": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "description": "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.", + "x-kubernetes-int-or-string": true + } + }, + "required": [ + "port" + ], + "type": "object" + } + }, + "type": "object" + }, + "preStop": { + "description": "PreStop is called immediately before a container is terminated due to an API request or management event such as liveness/startup probe failure, preemption, resource contention, etc. The handler is not called if the container crashes or exits. The Pod's termination grace period countdown begins before the PreStop hook is executed. Regardless of the outcome of the handler, the container will eventually terminate within the Pod's termination grace period (unless delayed by finalizers). Other management of the container blocks until the hook completes or until the termination grace period is reached. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks", + "properties": { + "exec": { + "description": "Exec specifies the action to take.", + "properties": { + "command": { + "description": "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + }, + "httpGet": { + "description": "HTTPGet specifies the http request to perform.", + "properties": { + "host": { + "description": "Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead.", + "type": "string" + }, + "httpHeaders": { + "description": "Custom headers to set in the request. HTTP allows repeated headers.", + "items": { + "description": "HTTPHeader describes a custom header to be used in HTTP probes", + "properties": { + "name": { + "description": "The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.", + "type": "string" + }, + "value": { + "description": "The header field value", + "type": "string" + } + }, + "required": [ + "name", + "value" + ], + "type": "object" + }, + "type": "array" + }, + "path": { + "description": "Path to access on the HTTP server.", + "type": "string" + }, + "port": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "description": "Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.", + "x-kubernetes-int-or-string": true + }, + "scheme": { + "description": "Scheme to use for connecting to the host. Defaults to HTTP.", + "type": "string" + } + }, + "required": [ + "port" + ], + "type": "object" + }, + "tcpSocket": { + "description": "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified.", + "properties": { + "host": { + "description": "Optional: Host name to connect to, defaults to the pod IP.", + "type": "string" + }, + "port": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "description": "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.", + "x-kubernetes-int-or-string": true + } + }, + "required": [ + "port" + ], + "type": "object" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "livenessProbe": { + "description": "Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes", + "properties": { + "exec": { + "description": "Exec specifies the action to take.", + "properties": { + "command": { + "description": "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + }, + "failureThreshold": { + "description": "Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.", + "format": "int32", + "type": "integer" + }, + "grpc": { + "description": "GRPC specifies an action involving a GRPC port.", + "properties": { + "port": { + "description": "Port number of the gRPC service. Number must be in the range 1 to 65535.", + "format": "int32", + "type": "integer" + }, + "service": { + "description": "Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). \n If this is not specified, the default behavior is defined by gRPC.", + "type": "string" + } + }, + "required": [ + "port" + ], + "type": "object" + }, + "httpGet": { + "description": "HTTPGet specifies the http request to perform.", + "properties": { + "host": { + "description": "Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead.", + "type": "string" + }, + "httpHeaders": { + "description": "Custom headers to set in the request. HTTP allows repeated headers.", + "items": { + "description": "HTTPHeader describes a custom header to be used in HTTP probes", + "properties": { + "name": { + "description": "The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.", + "type": "string" + }, + "value": { + "description": "The header field value", + "type": "string" + } + }, + "required": [ + "name", + "value" + ], + "type": "object" + }, + "type": "array" + }, + "path": { + "description": "Path to access on the HTTP server.", + "type": "string" + }, + "port": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "description": "Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.", + "x-kubernetes-int-or-string": true + }, + "scheme": { + "description": "Scheme to use for connecting to the host. Defaults to HTTP.", + "type": "string" + } + }, + "required": [ + "port" + ], + "type": "object" + }, + "initialDelaySeconds": { + "description": "Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes", + "format": "int32", + "type": "integer" + }, + "periodSeconds": { + "description": "How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1.", + "format": "int32", + "type": "integer" + }, + "successThreshold": { + "description": "Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1.", + "format": "int32", + "type": "integer" + }, + "tcpSocket": { + "description": "TCPSocket specifies an action involving a TCP port.", + "properties": { + "host": { + "description": "Optional: Host name to connect to, defaults to the pod IP.", + "type": "string" + }, + "port": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "description": "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.", + "x-kubernetes-int-or-string": true + } + }, + "required": [ + "port" + ], + "type": "object" + }, + "terminationGracePeriodSeconds": { + "description": "Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset.", + "format": "int64", + "type": "integer" + }, + "timeoutSeconds": { + "description": "Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes", + "format": "int32", + "type": "integer" + } + }, + "type": "object" + }, + "name": { + "description": "Name of the container specified as a DNS_LABEL. Each container in a pod must have a unique name (DNS_LABEL). Cannot be updated.", + "type": "string" + }, + "ports": { + "description": "List of ports to expose from the container. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default \"0.0.0.0\" address inside a container will be accessible from the network. Modifying this array with strategic merge patch may corrupt the data. For more information See https://github.com/kubernetes/kubernetes/issues/108255. Cannot be updated.", + "items": { + "description": "ContainerPort represents a network port in a single container.", + "properties": { + "containerPort": { + "description": "Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536.", + "format": "int32", + "type": "integer" + }, + "hostIP": { + "description": "What host IP to bind the external port to.", + "type": "string" + }, + "hostPort": { + "description": "Number of port to expose on the host. If specified, this must be a valid port number, 0 < x < 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this.", + "format": "int32", + "type": "integer" + }, + "name": { + "description": "If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services.", + "type": "string" + }, + "protocol": { + "default": "TCP", + "description": "Protocol for port. Must be UDP, TCP, or SCTP. Defaults to \"TCP\".", + "type": "string" + } + }, + "required": [ + "containerPort" + ], + "type": "object" + }, + "type": "array", + "x-kubernetes-list-map-keys": [ + "containerPort", + "protocol" + ], + "x-kubernetes-list-type": "map" + }, + "readinessProbe": { + "description": "Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes", + "properties": { + "exec": { + "description": "Exec specifies the action to take.", + "properties": { + "command": { + "description": "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + }, + "failureThreshold": { + "description": "Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.", + "format": "int32", + "type": "integer" + }, + "grpc": { + "description": "GRPC specifies an action involving a GRPC port.", + "properties": { + "port": { + "description": "Port number of the gRPC service. Number must be in the range 1 to 65535.", + "format": "int32", + "type": "integer" + }, + "service": { + "description": "Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). \n If this is not specified, the default behavior is defined by gRPC.", + "type": "string" + } + }, + "required": [ + "port" + ], + "type": "object" + }, + "httpGet": { + "description": "HTTPGet specifies the http request to perform.", + "properties": { + "host": { + "description": "Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead.", + "type": "string" + }, + "httpHeaders": { + "description": "Custom headers to set in the request. HTTP allows repeated headers.", + "items": { + "description": "HTTPHeader describes a custom header to be used in HTTP probes", + "properties": { + "name": { + "description": "The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.", + "type": "string" + }, + "value": { + "description": "The header field value", + "type": "string" + } + }, + "required": [ + "name", + "value" + ], + "type": "object" + }, + "type": "array" + }, + "path": { + "description": "Path to access on the HTTP server.", + "type": "string" + }, + "port": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "description": "Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.", + "x-kubernetes-int-or-string": true + }, + "scheme": { + "description": "Scheme to use for connecting to the host. Defaults to HTTP.", + "type": "string" + } + }, + "required": [ + "port" + ], + "type": "object" + }, + "initialDelaySeconds": { + "description": "Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes", + "format": "int32", + "type": "integer" + }, + "periodSeconds": { + "description": "How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1.", + "format": "int32", + "type": "integer" + }, + "successThreshold": { + "description": "Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1.", + "format": "int32", + "type": "integer" + }, + "tcpSocket": { + "description": "TCPSocket specifies an action involving a TCP port.", + "properties": { + "host": { + "description": "Optional: Host name to connect to, defaults to the pod IP.", + "type": "string" + }, + "port": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "description": "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.", + "x-kubernetes-int-or-string": true + } + }, + "required": [ + "port" + ], + "type": "object" + }, + "terminationGracePeriodSeconds": { + "description": "Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset.", + "format": "int64", + "type": "integer" + }, + "timeoutSeconds": { + "description": "Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes", + "format": "int32", + "type": "integer" + } + }, + "type": "object" + }, + "resizePolicy": { + "description": "Resources resize policy for the container.", + "items": { + "description": "ContainerResizePolicy represents resource resize policy for the container.", + "properties": { + "resourceName": { + "description": "Name of the resource to which this resource resize policy applies. Supported values: cpu, memory.", + "type": "string" + }, + "restartPolicy": { + "description": "Restart policy to apply when specified resource is resized. If not specified, it defaults to NotRequired.", + "type": "string" + } + }, + "required": [ + "resourceName", + "restartPolicy" + ], + "type": "object" + }, + "type": "array", + "x-kubernetes-list-type": "atomic" + }, + "resources": { + "description": "Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/", + "properties": { + "claims": { + "description": "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers.", + "items": { + "description": "ResourceClaim references one entry in PodSpec.ResourceClaims.", + "properties": { + "name": { + "description": "Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container.", + "type": "string" + } + }, + "required": [ + "name" + ], + "type": "object" + }, + "type": "array", + "x-kubernetes-list-map-keys": [ + "name" + ], + "x-kubernetes-list-type": "map" + }, + "limits": { + "additionalProperties": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "description": "Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/", + "type": "object" + }, + "requests": { + "additionalProperties": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "description": "Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/", + "type": "object" + } + }, + "type": "object" + }, + "restartPolicy": { + "description": "RestartPolicy defines the restart behavior of individual containers in a pod. This field may only be set for init containers, and the only allowed value is \"Always\". For non-init containers or when this field is not specified, the restart behavior is defined by the Pod's restart policy and the container type. Setting the RestartPolicy as \"Always\" for the init container will have the following effect: this init container will be continually restarted on exit until all regular containers have terminated. Once all regular containers have completed, all init containers with restartPolicy \"Always\" will be shut down. This lifecycle differs from normal init containers and is often referred to as a \"sidecar\" container. Although this init container still starts in the init container sequence, it does not wait for the container to complete before proceeding to the next init container. Instead, the next init container starts immediately after this init container is started, or after any startupProbe has successfully completed.", + "type": "string" + }, + "securityContext": { + "description": "SecurityContext defines the security options the container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/", + "properties": { + "allowPrivilegeEscalation": { + "description": "AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN Note that this field cannot be set when spec.os.name is windows.", + "type": "boolean" + }, + "capabilities": { + "description": "The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. Note that this field cannot be set when spec.os.name is windows.", + "properties": { + "add": { + "description": "Added capabilities", + "items": { + "description": "Capability represent POSIX capabilities type", + "type": "string" + }, + "type": "array" + }, + "drop": { + "description": "Removed capabilities", + "items": { + "description": "Capability represent POSIX capabilities type", + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + }, + "privileged": { + "description": "Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. Note that this field cannot be set when spec.os.name is windows.", + "type": "boolean" + }, + "procMount": { + "description": "procMount denotes the type of proc mount to use for the containers. The default is DefaultProcMount which uses the container runtime defaults for readonly paths and masked paths. This requires the ProcMountType feature flag to be enabled. Note that this field cannot be set when spec.os.name is windows.", + "type": "string" + }, + "readOnlyRootFilesystem": { + "description": "Whether this container has a read-only root filesystem. Default is false. Note that this field cannot be set when spec.os.name is windows.", + "type": "boolean" + }, + "runAsGroup": { + "description": "The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows.", + "format": "int64", + "type": "integer" + }, + "runAsNonRoot": { + "description": "Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.", + "type": "boolean" + }, + "runAsUser": { + "description": "The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows.", + "format": "int64", + "type": "integer" + }, + "seLinuxOptions": { + "description": "The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows.", + "properties": { + "level": { + "description": "Level is SELinux level label that applies to the container.", + "type": "string" + }, + "role": { + "description": "Role is a SELinux role label that applies to the container.", + "type": "string" + }, + "type": { + "description": "Type is a SELinux type label that applies to the container.", + "type": "string" + }, + "user": { + "description": "User is a SELinux user label that applies to the container.", + "type": "string" + } + }, + "type": "object" + }, + "seccompProfile": { + "description": "The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows.", + "properties": { + "localhostProfile": { + "description": "localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must be set if type is \"Localhost\". Must NOT be set for any other type.", + "type": "string" + }, + "type": { + "description": "type indicates which kind of seccomp profile will be applied. Valid options are: \n Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied.", + "type": "string" + } + }, + "required": [ + "type" + ], + "type": "object" + }, + "windowsOptions": { + "description": "The Windows specific settings applied to all containers. If unspecified, the options from the PodSecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is linux.", + "properties": { + "gmsaCredentialSpec": { + "description": "GMSACredentialSpec is where the GMSA admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the GMSA credential spec named by the GMSACredentialSpecName field.", + "type": "string" + }, + "gmsaCredentialSpecName": { + "description": "GMSACredentialSpecName is the name of the GMSA credential spec to use.", + "type": "string" + }, + "hostProcess": { + "description": "HostProcess determines if a container should be run as a 'Host Process' container. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.", + "type": "boolean" + }, + "runAsUserName": { + "description": "The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.", + "type": "string" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "startupProbe": { + "description": "StartupProbe indicates that the Pod has successfully initialized. If specified, no other probes are executed until this completes successfully. If this probe fails, the Pod will be restarted, just as if the livenessProbe failed. This can be used to provide different probe parameters at the beginning of a Pod's lifecycle, when it might take a long time to load data or warm a cache, than during steady-state operation. This cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes", + "properties": { + "exec": { + "description": "Exec specifies the action to take.", + "properties": { + "command": { + "description": "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + }, + "failureThreshold": { + "description": "Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.", + "format": "int32", + "type": "integer" + }, + "grpc": { + "description": "GRPC specifies an action involving a GRPC port.", + "properties": { + "port": { + "description": "Port number of the gRPC service. Number must be in the range 1 to 65535.", + "format": "int32", + "type": "integer" + }, + "service": { + "description": "Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). \n If this is not specified, the default behavior is defined by gRPC.", + "type": "string" + } + }, + "required": [ + "port" + ], + "type": "object" + }, + "httpGet": { + "description": "HTTPGet specifies the http request to perform.", + "properties": { + "host": { + "description": "Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead.", + "type": "string" + }, + "httpHeaders": { + "description": "Custom headers to set in the request. HTTP allows repeated headers.", + "items": { + "description": "HTTPHeader describes a custom header to be used in HTTP probes", + "properties": { + "name": { + "description": "The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.", + "type": "string" + }, + "value": { + "description": "The header field value", + "type": "string" + } + }, + "required": [ + "name", + "value" + ], + "type": "object" + }, + "type": "array" + }, + "path": { + "description": "Path to access on the HTTP server.", + "type": "string" + }, + "port": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "description": "Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.", + "x-kubernetes-int-or-string": true + }, + "scheme": { + "description": "Scheme to use for connecting to the host. Defaults to HTTP.", + "type": "string" + } + }, + "required": [ + "port" + ], + "type": "object" + }, + "initialDelaySeconds": { + "description": "Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes", + "format": "int32", + "type": "integer" + }, + "periodSeconds": { + "description": "How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1.", + "format": "int32", + "type": "integer" + }, + "successThreshold": { + "description": "Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1.", + "format": "int32", + "type": "integer" + }, + "tcpSocket": { + "description": "TCPSocket specifies an action involving a TCP port.", + "properties": { + "host": { + "description": "Optional: Host name to connect to, defaults to the pod IP.", + "type": "string" + }, + "port": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "description": "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.", + "x-kubernetes-int-or-string": true + } + }, + "required": [ + "port" + ], + "type": "object" + }, + "terminationGracePeriodSeconds": { + "description": "Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset.", + "format": "int64", + "type": "integer" + }, + "timeoutSeconds": { + "description": "Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes", + "format": "int32", + "type": "integer" + } + }, + "type": "object" + }, + "stdin": { + "description": "Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false.", + "type": "boolean" + }, + "stdinOnce": { + "description": "Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false", + "type": "boolean" + }, + "terminationMessagePath": { + "description": "Optional: Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated.", + "type": "string" + }, + "terminationMessagePolicy": { + "description": "Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated.", + "type": "string" + }, + "tty": { + "description": "Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. Default is false.", + "type": "boolean" + }, + "volumeDevices": { + "description": "volumeDevices is the list of block devices to be used by the container.", + "items": { + "description": "volumeDevice describes a mapping of a raw block device within a container.", + "properties": { + "devicePath": { + "description": "devicePath is the path inside of the container that the device will be mapped to.", + "type": "string" + }, + "name": { + "description": "name must match the name of a persistentVolumeClaim in the pod", + "type": "string" + } + }, + "required": [ + "devicePath", + "name" + ], + "type": "object" + }, + "type": "array" + }, + "volumeMounts": { + "description": "Pod volumes to mount into the container's filesystem. Cannot be updated.", + "items": { + "description": "VolumeMount describes a mounting of a Volume within a container.", + "properties": { + "mountPath": { + "description": "Path within the container at which the volume should be mounted. Must not contain ':'.", + "type": "string" + }, + "mountPropagation": { + "description": "mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationNone is used. This field is beta in 1.10.", + "type": "string" + }, + "name": { + "description": "This must match the Name of a Volume.", + "type": "string" + }, + "readOnly": { + "description": "Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false.", + "type": "boolean" + }, + "subPath": { + "description": "Path within the volume from which the container's volume should be mounted. Defaults to \"\" (volume's root).", + "type": "string" + }, + "subPathExpr": { + "description": "Expanded path within the volume from which the container's volume should be mounted. Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. Defaults to \"\" (volume's root). SubPathExpr and SubPath are mutually exclusive.", + "type": "string" + } + }, + "required": [ + "mountPath", + "name" + ], + "type": "object" + }, + "type": "array" + }, + "workingDir": { + "description": "Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated.", + "type": "string" + } + }, + "required": [ + "name" + ], + "type": "object" + }, + "type": "array" + }, + "logFormat": { + "description": "LogFormat describes the log format that should be used by the Repo Server. Defaults to ArgoCDDefaultLogFormat if not configured. Valid options are text or json.", + "type": "string" + }, + "logLevel": { + "description": "LogLevel describes the log level that should be used by the Repo Server. Defaults to ArgoCDDefaultLogLevel if not set. Valid options are debug, info, error, and warn.", + "type": "string" + }, + "mountsatoken": { + "description": "MountSAToken describes whether you would like to have the Repo server mount the service account token", + "type": "boolean" + }, + "replicas": { + "description": "Replicas defines the number of replicas for argocd-repo-server. Value should be greater than or equal to 0. Default is nil.", + "format": "int32", + "type": "integer" + }, + "resources": { + "description": "Resources defines the Compute Resources required by the container for Redis.", + "properties": { + "claims": { + "description": "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers.", + "items": { + "description": "ResourceClaim references one entry in PodSpec.ResourceClaims.", + "properties": { + "name": { + "description": "Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container.", + "type": "string" + } + }, + "required": [ + "name" + ], + "type": "object" + }, + "type": "array", + "x-kubernetes-list-map-keys": [ + "name" + ], + "x-kubernetes-list-type": "map" + }, + "limits": { + "additionalProperties": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "description": "Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/", + "type": "object" + }, + "requests": { + "additionalProperties": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "description": "Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/", + "type": "object" + } + }, + "type": "object" + }, + "serviceaccount": { + "description": "ServiceAccount defines the ServiceAccount user that you would like the Repo server to use", + "type": "string" + }, + "sidecarContainers": { + "description": "SidecarContainers defines the list of sidecar containers for the repo server deployment", + "items": { + "description": "A single application container that you want to run within a pod.", + "properties": { + "args": { + "description": "Arguments to the entrypoint. The container image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell", + "items": { + "type": "string" + }, + "type": "array" + }, + "command": { + "description": "Entrypoint array. Not executed within a shell. The container image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell", + "items": { + "type": "string" + }, + "type": "array" + }, + "env": { + "description": "List of environment variables to set in the container. Cannot be updated.", + "items": { + "description": "EnvVar represents an environment variable present in a Container.", + "properties": { + "name": { + "description": "Name of the environment variable. Must be a C_IDENTIFIER.", + "type": "string" + }, + "value": { + "description": "Variable references $(VAR_NAME) are expanded using the previously defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to \"\".", + "type": "string" + }, + "valueFrom": { + "description": "Source for the environment variable's value. Cannot be used if value is not empty.", + "properties": { + "configMapKeyRef": { + "description": "Selects a key of a ConfigMap.", + "properties": { + "key": { + "description": "The key to select.", + "type": "string" + }, + "name": { + "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?", + "type": "string" + }, + "optional": { + "description": "Specify whether the ConfigMap or its key must be defined", + "type": "boolean" + } + }, + "required": [ + "key" + ], + "type": "object" + }, + "fieldRef": { + "description": "Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs.", + "properties": { + "apiVersion": { + "description": "Version of the schema the FieldPath is written in terms of, defaults to \"v1\".", + "type": "string" + }, + "fieldPath": { + "description": "Path of the field to select in the specified API version.", + "type": "string" + } + }, + "required": [ + "fieldPath" + ], + "type": "object" + }, + "resourceFieldRef": { + "description": "Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported.", + "properties": { + "containerName": { + "description": "Container name: required for volumes, optional for env vars", + "type": "string" + }, + "divisor": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "description": "Specifies the output format of the exposed resources, defaults to \"1\"", + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "resource": { + "description": "Required: resource to select", + "type": "string" + } + }, + "required": [ + "resource" + ], + "type": "object" + }, + "secretKeyRef": { + "description": "Selects a key of a secret in the pod's namespace", + "properties": { + "key": { + "description": "The key of the secret to select from. Must be a valid secret key.", + "type": "string" + }, + "name": { + "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?", + "type": "string" + }, + "optional": { + "description": "Specify whether the Secret or its key must be defined", + "type": "boolean" + } + }, + "required": [ + "key" + ], + "type": "object" + } + }, + "type": "object" + } + }, + "required": [ + "name" + ], + "type": "object" + }, + "type": "array" + }, + "envFrom": { + "description": "List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated.", + "items": { + "description": "EnvFromSource represents the source of a set of ConfigMaps", + "properties": { + "configMapRef": { + "description": "The ConfigMap to select from", + "properties": { + "name": { + "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?", + "type": "string" + }, + "optional": { + "description": "Specify whether the ConfigMap must be defined", + "type": "boolean" + } + }, + "type": "object" + }, + "prefix": { + "description": "An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER.", + "type": "string" + }, + "secretRef": { + "description": "The Secret to select from", + "properties": { + "name": { + "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?", + "type": "string" + }, + "optional": { + "description": "Specify whether the Secret must be defined", + "type": "boolean" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "type": "array" + }, + "image": { + "description": "Container image name. More info: https://kubernetes.io/docs/concepts/containers/images This field is optional to allow higher level config management to default or override container images in workload controllers like Deployments and StatefulSets.", + "type": "string" + }, + "imagePullPolicy": { + "description": "Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images", + "type": "string" + }, + "lifecycle": { + "description": "Actions that the management system should take in response to container lifecycle events. Cannot be updated.", + "properties": { + "postStart": { + "description": "PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks", + "properties": { + "exec": { + "description": "Exec specifies the action to take.", + "properties": { + "command": { + "description": "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + }, + "httpGet": { + "description": "HTTPGet specifies the http request to perform.", + "properties": { + "host": { + "description": "Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead.", + "type": "string" + }, + "httpHeaders": { + "description": "Custom headers to set in the request. HTTP allows repeated headers.", + "items": { + "description": "HTTPHeader describes a custom header to be used in HTTP probes", + "properties": { + "name": { + "description": "The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.", + "type": "string" + }, + "value": { + "description": "The header field value", + "type": "string" + } + }, + "required": [ + "name", + "value" + ], + "type": "object" + }, + "type": "array" + }, + "path": { + "description": "Path to access on the HTTP server.", + "type": "string" + }, + "port": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "description": "Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.", + "x-kubernetes-int-or-string": true + }, + "scheme": { + "description": "Scheme to use for connecting to the host. Defaults to HTTP.", + "type": "string" + } + }, + "required": [ + "port" + ], + "type": "object" + }, + "tcpSocket": { + "description": "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified.", + "properties": { + "host": { + "description": "Optional: Host name to connect to, defaults to the pod IP.", + "type": "string" + }, + "port": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "description": "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.", + "x-kubernetes-int-or-string": true + } + }, + "required": [ + "port" + ], + "type": "object" + } + }, + "type": "object" + }, + "preStop": { + "description": "PreStop is called immediately before a container is terminated due to an API request or management event such as liveness/startup probe failure, preemption, resource contention, etc. The handler is not called if the container crashes or exits. The Pod's termination grace period countdown begins before the PreStop hook is executed. Regardless of the outcome of the handler, the container will eventually terminate within the Pod's termination grace period (unless delayed by finalizers). Other management of the container blocks until the hook completes or until the termination grace period is reached. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks", + "properties": { + "exec": { + "description": "Exec specifies the action to take.", + "properties": { + "command": { + "description": "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + }, + "httpGet": { + "description": "HTTPGet specifies the http request to perform.", + "properties": { + "host": { + "description": "Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead.", + "type": "string" + }, + "httpHeaders": { + "description": "Custom headers to set in the request. HTTP allows repeated headers.", + "items": { + "description": "HTTPHeader describes a custom header to be used in HTTP probes", + "properties": { + "name": { + "description": "The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.", + "type": "string" + }, + "value": { + "description": "The header field value", + "type": "string" + } + }, + "required": [ + "name", + "value" + ], + "type": "object" + }, + "type": "array" + }, + "path": { + "description": "Path to access on the HTTP server.", + "type": "string" + }, + "port": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "description": "Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.", + "x-kubernetes-int-or-string": true + }, + "scheme": { + "description": "Scheme to use for connecting to the host. Defaults to HTTP.", + "type": "string" + } + }, + "required": [ + "port" + ], + "type": "object" + }, + "tcpSocket": { + "description": "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified.", + "properties": { + "host": { + "description": "Optional: Host name to connect to, defaults to the pod IP.", + "type": "string" + }, + "port": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "description": "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.", + "x-kubernetes-int-or-string": true + } + }, + "required": [ + "port" + ], + "type": "object" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "livenessProbe": { + "description": "Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes", + "properties": { + "exec": { + "description": "Exec specifies the action to take.", + "properties": { + "command": { + "description": "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + }, + "failureThreshold": { + "description": "Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.", + "format": "int32", + "type": "integer" + }, + "grpc": { + "description": "GRPC specifies an action involving a GRPC port.", + "properties": { + "port": { + "description": "Port number of the gRPC service. Number must be in the range 1 to 65535.", + "format": "int32", + "type": "integer" + }, + "service": { + "description": "Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). \n If this is not specified, the default behavior is defined by gRPC.", + "type": "string" + } + }, + "required": [ + "port" + ], + "type": "object" + }, + "httpGet": { + "description": "HTTPGet specifies the http request to perform.", + "properties": { + "host": { + "description": "Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead.", + "type": "string" + }, + "httpHeaders": { + "description": "Custom headers to set in the request. HTTP allows repeated headers.", + "items": { + "description": "HTTPHeader describes a custom header to be used in HTTP probes", + "properties": { + "name": { + "description": "The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.", + "type": "string" + }, + "value": { + "description": "The header field value", + "type": "string" + } + }, + "required": [ + "name", + "value" + ], + "type": "object" + }, + "type": "array" + }, + "path": { + "description": "Path to access on the HTTP server.", + "type": "string" + }, + "port": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "description": "Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.", + "x-kubernetes-int-or-string": true + }, + "scheme": { + "description": "Scheme to use for connecting to the host. Defaults to HTTP.", + "type": "string" + } + }, + "required": [ + "port" + ], + "type": "object" + }, + "initialDelaySeconds": { + "description": "Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes", + "format": "int32", + "type": "integer" + }, + "periodSeconds": { + "description": "How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1.", + "format": "int32", + "type": "integer" + }, + "successThreshold": { + "description": "Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1.", + "format": "int32", + "type": "integer" + }, + "tcpSocket": { + "description": "TCPSocket specifies an action involving a TCP port.", + "properties": { + "host": { + "description": "Optional: Host name to connect to, defaults to the pod IP.", + "type": "string" + }, + "port": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "description": "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.", + "x-kubernetes-int-or-string": true + } + }, + "required": [ + "port" + ], + "type": "object" + }, + "terminationGracePeriodSeconds": { + "description": "Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset.", + "format": "int64", + "type": "integer" + }, + "timeoutSeconds": { + "description": "Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes", + "format": "int32", + "type": "integer" + } + }, + "type": "object" + }, + "name": { + "description": "Name of the container specified as a DNS_LABEL. Each container in a pod must have a unique name (DNS_LABEL). Cannot be updated.", + "type": "string" + }, + "ports": { + "description": "List of ports to expose from the container. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default \"0.0.0.0\" address inside a container will be accessible from the network. Modifying this array with strategic merge patch may corrupt the data. For more information See https://github.com/kubernetes/kubernetes/issues/108255. Cannot be updated.", + "items": { + "description": "ContainerPort represents a network port in a single container.", + "properties": { + "containerPort": { + "description": "Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536.", + "format": "int32", + "type": "integer" + }, + "hostIP": { + "description": "What host IP to bind the external port to.", + "type": "string" + }, + "hostPort": { + "description": "Number of port to expose on the host. If specified, this must be a valid port number, 0 < x < 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this.", + "format": "int32", + "type": "integer" + }, + "name": { + "description": "If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services.", + "type": "string" + }, + "protocol": { + "default": "TCP", + "description": "Protocol for port. Must be UDP, TCP, or SCTP. Defaults to \"TCP\".", + "type": "string" + } + }, + "required": [ + "containerPort" + ], + "type": "object" + }, + "type": "array", + "x-kubernetes-list-map-keys": [ + "containerPort", + "protocol" + ], + "x-kubernetes-list-type": "map" + }, + "readinessProbe": { + "description": "Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes", + "properties": { + "exec": { + "description": "Exec specifies the action to take.", + "properties": { + "command": { + "description": "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + }, + "failureThreshold": { + "description": "Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.", + "format": "int32", + "type": "integer" + }, + "grpc": { + "description": "GRPC specifies an action involving a GRPC port.", + "properties": { + "port": { + "description": "Port number of the gRPC service. Number must be in the range 1 to 65535.", + "format": "int32", + "type": "integer" + }, + "service": { + "description": "Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). \n If this is not specified, the default behavior is defined by gRPC.", + "type": "string" + } + }, + "required": [ + "port" + ], + "type": "object" + }, + "httpGet": { + "description": "HTTPGet specifies the http request to perform.", + "properties": { + "host": { + "description": "Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead.", + "type": "string" + }, + "httpHeaders": { + "description": "Custom headers to set in the request. HTTP allows repeated headers.", + "items": { + "description": "HTTPHeader describes a custom header to be used in HTTP probes", + "properties": { + "name": { + "description": "The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.", + "type": "string" + }, + "value": { + "description": "The header field value", + "type": "string" + } + }, + "required": [ + "name", + "value" + ], + "type": "object" + }, + "type": "array" + }, + "path": { + "description": "Path to access on the HTTP server.", + "type": "string" + }, + "port": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "description": "Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.", + "x-kubernetes-int-or-string": true + }, + "scheme": { + "description": "Scheme to use for connecting to the host. Defaults to HTTP.", + "type": "string" + } + }, + "required": [ + "port" + ], + "type": "object" + }, + "initialDelaySeconds": { + "description": "Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes", + "format": "int32", + "type": "integer" + }, + "periodSeconds": { + "description": "How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1.", + "format": "int32", + "type": "integer" + }, + "successThreshold": { + "description": "Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1.", + "format": "int32", + "type": "integer" + }, + "tcpSocket": { + "description": "TCPSocket specifies an action involving a TCP port.", + "properties": { + "host": { + "description": "Optional: Host name to connect to, defaults to the pod IP.", + "type": "string" + }, + "port": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "description": "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.", + "x-kubernetes-int-or-string": true + } + }, + "required": [ + "port" + ], + "type": "object" + }, + "terminationGracePeriodSeconds": { + "description": "Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset.", + "format": "int64", + "type": "integer" + }, + "timeoutSeconds": { + "description": "Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes", + "format": "int32", + "type": "integer" + } + }, + "type": "object" + }, + "resizePolicy": { + "description": "Resources resize policy for the container.", + "items": { + "description": "ContainerResizePolicy represents resource resize policy for the container.", + "properties": { + "resourceName": { + "description": "Name of the resource to which this resource resize policy applies. Supported values: cpu, memory.", + "type": "string" + }, + "restartPolicy": { + "description": "Restart policy to apply when specified resource is resized. If not specified, it defaults to NotRequired.", + "type": "string" + } + }, + "required": [ + "resourceName", + "restartPolicy" + ], + "type": "object" + }, + "type": "array", + "x-kubernetes-list-type": "atomic" + }, + "resources": { + "description": "Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/", + "properties": { + "claims": { + "description": "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers.", + "items": { + "description": "ResourceClaim references one entry in PodSpec.ResourceClaims.", + "properties": { + "name": { + "description": "Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container.", + "type": "string" + } + }, + "required": [ + "name" + ], + "type": "object" + }, + "type": "array", + "x-kubernetes-list-map-keys": [ + "name" + ], + "x-kubernetes-list-type": "map" + }, + "limits": { + "additionalProperties": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "description": "Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/", + "type": "object" + }, + "requests": { + "additionalProperties": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "description": "Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/", + "type": "object" + } + }, + "type": "object" + }, + "restartPolicy": { + "description": "RestartPolicy defines the restart behavior of individual containers in a pod. This field may only be set for init containers, and the only allowed value is \"Always\". For non-init containers or when this field is not specified, the restart behavior is defined by the Pod's restart policy and the container type. Setting the RestartPolicy as \"Always\" for the init container will have the following effect: this init container will be continually restarted on exit until all regular containers have terminated. Once all regular containers have completed, all init containers with restartPolicy \"Always\" will be shut down. This lifecycle differs from normal init containers and is often referred to as a \"sidecar\" container. Although this init container still starts in the init container sequence, it does not wait for the container to complete before proceeding to the next init container. Instead, the next init container starts immediately after this init container is started, or after any startupProbe has successfully completed.", + "type": "string" + }, + "securityContext": { + "description": "SecurityContext defines the security options the container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/", + "properties": { + "allowPrivilegeEscalation": { + "description": "AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN Note that this field cannot be set when spec.os.name is windows.", + "type": "boolean" + }, + "capabilities": { + "description": "The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. Note that this field cannot be set when spec.os.name is windows.", + "properties": { + "add": { + "description": "Added capabilities", + "items": { + "description": "Capability represent POSIX capabilities type", + "type": "string" + }, + "type": "array" + }, + "drop": { + "description": "Removed capabilities", + "items": { + "description": "Capability represent POSIX capabilities type", + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + }, + "privileged": { + "description": "Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. Note that this field cannot be set when spec.os.name is windows.", + "type": "boolean" + }, + "procMount": { + "description": "procMount denotes the type of proc mount to use for the containers. The default is DefaultProcMount which uses the container runtime defaults for readonly paths and masked paths. This requires the ProcMountType feature flag to be enabled. Note that this field cannot be set when spec.os.name is windows.", + "type": "string" + }, + "readOnlyRootFilesystem": { + "description": "Whether this container has a read-only root filesystem. Default is false. Note that this field cannot be set when spec.os.name is windows.", + "type": "boolean" + }, + "runAsGroup": { + "description": "The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows.", + "format": "int64", + "type": "integer" + }, + "runAsNonRoot": { + "description": "Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.", + "type": "boolean" + }, + "runAsUser": { + "description": "The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows.", + "format": "int64", + "type": "integer" + }, + "seLinuxOptions": { + "description": "The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows.", + "properties": { + "level": { + "description": "Level is SELinux level label that applies to the container.", + "type": "string" + }, + "role": { + "description": "Role is a SELinux role label that applies to the container.", + "type": "string" + }, + "type": { + "description": "Type is a SELinux type label that applies to the container.", + "type": "string" + }, + "user": { + "description": "User is a SELinux user label that applies to the container.", + "type": "string" + } + }, + "type": "object" + }, + "seccompProfile": { + "description": "The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows.", + "properties": { + "localhostProfile": { + "description": "localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must be set if type is \"Localhost\". Must NOT be set for any other type.", + "type": "string" + }, + "type": { + "description": "type indicates which kind of seccomp profile will be applied. Valid options are: \n Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied.", + "type": "string" + } + }, + "required": [ + "type" + ], + "type": "object" + }, + "windowsOptions": { + "description": "The Windows specific settings applied to all containers. If unspecified, the options from the PodSecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is linux.", + "properties": { + "gmsaCredentialSpec": { + "description": "GMSACredentialSpec is where the GMSA admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the GMSA credential spec named by the GMSACredentialSpecName field.", + "type": "string" + }, + "gmsaCredentialSpecName": { + "description": "GMSACredentialSpecName is the name of the GMSA credential spec to use.", + "type": "string" + }, + "hostProcess": { + "description": "HostProcess determines if a container should be run as a 'Host Process' container. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.", + "type": "boolean" + }, + "runAsUserName": { + "description": "The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.", + "type": "string" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "startupProbe": { + "description": "StartupProbe indicates that the Pod has successfully initialized. If specified, no other probes are executed until this completes successfully. If this probe fails, the Pod will be restarted, just as if the livenessProbe failed. This can be used to provide different probe parameters at the beginning of a Pod's lifecycle, when it might take a long time to load data or warm a cache, than during steady-state operation. This cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes", + "properties": { + "exec": { + "description": "Exec specifies the action to take.", + "properties": { + "command": { + "description": "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + }, + "failureThreshold": { + "description": "Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.", + "format": "int32", + "type": "integer" + }, + "grpc": { + "description": "GRPC specifies an action involving a GRPC port.", + "properties": { + "port": { + "description": "Port number of the gRPC service. Number must be in the range 1 to 65535.", + "format": "int32", + "type": "integer" + }, + "service": { + "description": "Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). \n If this is not specified, the default behavior is defined by gRPC.", + "type": "string" + } + }, + "required": [ + "port" + ], + "type": "object" + }, + "httpGet": { + "description": "HTTPGet specifies the http request to perform.", + "properties": { + "host": { + "description": "Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead.", + "type": "string" + }, + "httpHeaders": { + "description": "Custom headers to set in the request. HTTP allows repeated headers.", + "items": { + "description": "HTTPHeader describes a custom header to be used in HTTP probes", + "properties": { + "name": { + "description": "The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.", + "type": "string" + }, + "value": { + "description": "The header field value", + "type": "string" + } + }, + "required": [ + "name", + "value" + ], + "type": "object" + }, + "type": "array" + }, + "path": { + "description": "Path to access on the HTTP server.", + "type": "string" + }, + "port": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "description": "Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.", + "x-kubernetes-int-or-string": true + }, + "scheme": { + "description": "Scheme to use for connecting to the host. Defaults to HTTP.", + "type": "string" + } + }, + "required": [ + "port" + ], + "type": "object" + }, + "initialDelaySeconds": { + "description": "Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes", + "format": "int32", + "type": "integer" + }, + "periodSeconds": { + "description": "How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1.", + "format": "int32", + "type": "integer" + }, + "successThreshold": { + "description": "Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1.", + "format": "int32", + "type": "integer" + }, + "tcpSocket": { + "description": "TCPSocket specifies an action involving a TCP port.", + "properties": { + "host": { + "description": "Optional: Host name to connect to, defaults to the pod IP.", + "type": "string" + }, + "port": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "description": "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.", + "x-kubernetes-int-or-string": true + } + }, + "required": [ + "port" + ], + "type": "object" + }, + "terminationGracePeriodSeconds": { + "description": "Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset.", + "format": "int64", + "type": "integer" + }, + "timeoutSeconds": { + "description": "Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes", + "format": "int32", + "type": "integer" + } + }, + "type": "object" + }, + "stdin": { + "description": "Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false.", + "type": "boolean" + }, + "stdinOnce": { + "description": "Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false", + "type": "boolean" + }, + "terminationMessagePath": { + "description": "Optional: Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated.", + "type": "string" + }, + "terminationMessagePolicy": { + "description": "Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated.", + "type": "string" + }, + "tty": { + "description": "Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. Default is false.", + "type": "boolean" + }, + "volumeDevices": { + "description": "volumeDevices is the list of block devices to be used by the container.", + "items": { + "description": "volumeDevice describes a mapping of a raw block device within a container.", + "properties": { + "devicePath": { + "description": "devicePath is the path inside of the container that the device will be mapped to.", + "type": "string" + }, + "name": { + "description": "name must match the name of a persistentVolumeClaim in the pod", + "type": "string" + } + }, + "required": [ + "devicePath", + "name" + ], + "type": "object" + }, + "type": "array" + }, + "volumeMounts": { + "description": "Pod volumes to mount into the container's filesystem. Cannot be updated.", + "items": { + "description": "VolumeMount describes a mounting of a Volume within a container.", + "properties": { + "mountPath": { + "description": "Path within the container at which the volume should be mounted. Must not contain ':'.", + "type": "string" + }, + "mountPropagation": { + "description": "mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationNone is used. This field is beta in 1.10.", + "type": "string" + }, + "name": { + "description": "This must match the Name of a Volume.", + "type": "string" + }, + "readOnly": { + "description": "Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false.", + "type": "boolean" + }, + "subPath": { + "description": "Path within the volume from which the container's volume should be mounted. Defaults to \"\" (volume's root).", + "type": "string" + }, + "subPathExpr": { + "description": "Expanded path within the volume from which the container's volume should be mounted. Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. Defaults to \"\" (volume's root). SubPathExpr and SubPath are mutually exclusive.", + "type": "string" + } + }, + "required": [ + "mountPath", + "name" + ], + "type": "object" + }, + "type": "array" + }, + "workingDir": { + "description": "Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated.", + "type": "string" + } + }, + "required": [ + "name" + ], + "type": "object" + }, + "type": "array" + }, + "verifytls": { + "description": "VerifyTLS defines whether repo server API should be accessed using strict TLS validation", + "type": "boolean" + }, + "version": { + "description": "Version is the ArgoCD Repo Server container image tag.", + "type": "string" + }, + "volumeMounts": { + "description": "VolumeMounts adds volumeMounts to the repo server container", + "items": { + "description": "VolumeMount describes a mounting of a Volume within a container.", + "properties": { + "mountPath": { + "description": "Path within the container at which the volume should be mounted. Must not contain ':'.", + "type": "string" + }, + "mountPropagation": { + "description": "mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationNone is used. This field is beta in 1.10.", + "type": "string" + }, + "name": { + "description": "This must match the Name of a Volume.", + "type": "string" + }, + "readOnly": { + "description": "Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false.", + "type": "boolean" + }, + "subPath": { + "description": "Path within the volume from which the container's volume should be mounted. Defaults to \"\" (volume's root).", + "type": "string" + }, + "subPathExpr": { + "description": "Expanded path within the volume from which the container's volume should be mounted. Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. Defaults to \"\" (volume's root). SubPathExpr and SubPath are mutually exclusive.", + "type": "string" + } + }, + "required": [ + "mountPath", + "name" + ], + "type": "object" + }, + "type": "array" + }, + "volumes": { + "description": "Volumes adds volumes to the repo server deployment", + "items": { + "description": "Volume represents a named volume in a pod that may be accessed by any container in the pod.", + "properties": { + "awsElasticBlockStore": { + "description": "awsElasticBlockStore represents an AWS Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore", + "properties": { + "fsType": { + "description": "fsType is the filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore TODO: how do we prevent errors in the filesystem from compromising the machine", + "type": "string" + }, + "partition": { + "description": "partition is the partition in the volume that you want to mount. If omitted, the default is to mount by volume name. Examples: For volume /dev/sda1, you specify the partition as \"1\". Similarly, the volume partition for /dev/sda is \"0\" (or you can leave the property empty).", + "format": "int32", + "type": "integer" + }, + "readOnly": { + "description": "readOnly value true will force the readOnly setting in VolumeMounts. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore", + "type": "boolean" + }, + "volumeID": { + "description": "volumeID is unique ID of the persistent disk resource in AWS (Amazon EBS volume). More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore", + "type": "string" + } + }, + "required": [ + "volumeID" + ], + "type": "object" + }, + "azureDisk": { + "description": "azureDisk represents an Azure Data Disk mount on the host and bind mount to the pod.", + "properties": { + "cachingMode": { + "description": "cachingMode is the Host Caching mode: None, Read Only, Read Write.", + "type": "string" + }, + "diskName": { + "description": "diskName is the Name of the data disk in the blob storage", + "type": "string" + }, + "diskURI": { + "description": "diskURI is the URI of data disk in the blob storage", + "type": "string" + }, + "fsType": { + "description": "fsType is Filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.", + "type": "string" + }, + "kind": { + "description": "kind expected values are Shared: multiple blob disks per storage account Dedicated: single blob disk per storage account Managed: azure managed data disk (only in managed availability set). defaults to shared", + "type": "string" + }, + "readOnly": { + "description": "readOnly Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts.", + "type": "boolean" + } + }, + "required": [ + "diskName", + "diskURI" + ], + "type": "object" + }, + "azureFile": { + "description": "azureFile represents an Azure File Service mount on the host and bind mount to the pod.", + "properties": { + "readOnly": { + "description": "readOnly defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts.", + "type": "boolean" + }, + "secretName": { + "description": "secretName is the name of secret that contains Azure Storage Account Name and Key", + "type": "string" + }, + "shareName": { + "description": "shareName is the azure share Name", + "type": "string" + } + }, + "required": [ + "secretName", + "shareName" + ], + "type": "object" + }, + "cephfs": { + "description": "cephFS represents a Ceph FS mount on the host that shares a pod's lifetime", + "properties": { + "monitors": { + "description": "monitors is Required: Monitors is a collection of Ceph monitors More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it", + "items": { + "type": "string" + }, + "type": "array" + }, + "path": { + "description": "path is Optional: Used as the mounted root, rather than the full Ceph tree, default is /", + "type": "string" + }, + "readOnly": { + "description": "readOnly is Optional: Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it", + "type": "boolean" + }, + "secretFile": { + "description": "secretFile is Optional: SecretFile is the path to key ring for User, default is /etc/ceph/user.secret More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it", + "type": "string" + }, + "secretRef": { + "description": "secretRef is Optional: SecretRef is reference to the authentication secret for User, default is empty. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it", + "properties": { + "name": { + "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?", + "type": "string" + } + }, + "type": "object" + }, + "user": { + "description": "user is optional: User is the rados user name, default is admin More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it", + "type": "string" + } + }, + "required": [ + "monitors" + ], + "type": "object" + }, + "cinder": { + "description": "cinder represents a cinder volume attached and mounted on kubelets host machine. More info: https://examples.k8s.io/mysql-cinder-pd/README.md", + "properties": { + "fsType": { + "description": "fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Examples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified. More info: https://examples.k8s.io/mysql-cinder-pd/README.md", + "type": "string" + }, + "readOnly": { + "description": "readOnly defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts. More info: https://examples.k8s.io/mysql-cinder-pd/README.md", + "type": "boolean" + }, + "secretRef": { + "description": "secretRef is optional: points to a secret object containing parameters used to connect to OpenStack.", + "properties": { + "name": { + "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?", + "type": "string" + } + }, + "type": "object" + }, + "volumeID": { + "description": "volumeID used to identify the volume in cinder. More info: https://examples.k8s.io/mysql-cinder-pd/README.md", + "type": "string" + } + }, + "required": [ + "volumeID" + ], + "type": "object" + }, + "configMap": { + "description": "configMap represents a configMap that should populate this volume", + "properties": { + "defaultMode": { + "description": "defaultMode is optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.", + "format": "int32", + "type": "integer" + }, + "items": { + "description": "items if unspecified, each key-value pair in the Data field of the referenced ConfigMap will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the ConfigMap, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'.", + "items": { + "description": "Maps a string key to a path within a volume.", + "properties": { + "key": { + "description": "key is the key to project.", + "type": "string" + }, + "mode": { + "description": "mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.", + "format": "int32", + "type": "integer" + }, + "path": { + "description": "path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'.", + "type": "string" + } + }, + "required": [ + "key", + "path" + ], + "type": "object" + }, + "type": "array" + }, + "name": { + "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?", + "type": "string" + }, + "optional": { + "description": "optional specify whether the ConfigMap or its keys must be defined", + "type": "boolean" + } + }, + "type": "object" + }, + "csi": { + "description": "csi (Container Storage Interface) represents ephemeral storage that is handled by certain external CSI drivers (Beta feature).", + "properties": { + "driver": { + "description": "driver is the name of the CSI driver that handles this volume. Consult with your admin for the correct name as registered in the cluster.", + "type": "string" + }, + "fsType": { + "description": "fsType to mount. Ex. \"ext4\", \"xfs\", \"ntfs\". If not provided, the empty value is passed to the associated CSI driver which will determine the default filesystem to apply.", + "type": "string" + }, + "nodePublishSecretRef": { + "description": "nodePublishSecretRef is a reference to the secret object containing sensitive information to pass to the CSI driver to complete the CSI NodePublishVolume and NodeUnpublishVolume calls. This field is optional, and may be empty if no secret is required. If the secret object contains more than one secret, all secret references are passed.", + "properties": { + "name": { + "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?", + "type": "string" + } + }, + "type": "object" + }, + "readOnly": { + "description": "readOnly specifies a read-only configuration for the volume. Defaults to false (read/write).", + "type": "boolean" + }, + "volumeAttributes": { + "additionalProperties": { + "type": "string" + }, + "description": "volumeAttributes stores driver-specific properties that are passed to the CSI driver. Consult your driver's documentation for supported values.", + "type": "object" + } + }, + "required": [ + "driver" + ], + "type": "object" + }, + "downwardAPI": { + "description": "downwardAPI represents downward API about the pod that should populate this volume", + "properties": { + "defaultMode": { + "description": "Optional: mode bits to use on created files by default. Must be a Optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.", + "format": "int32", + "type": "integer" + }, + "items": { + "description": "Items is a list of downward API volume file", + "items": { + "description": "DownwardAPIVolumeFile represents information to create the file containing the pod field", + "properties": { + "fieldRef": { + "description": "Required: Selects a field of the pod: only annotations, labels, name and namespace are supported.", + "properties": { + "apiVersion": { + "description": "Version of the schema the FieldPath is written in terms of, defaults to \"v1\".", + "type": "string" + }, + "fieldPath": { + "description": "Path of the field to select in the specified API version.", + "type": "string" + } + }, + "required": [ + "fieldPath" + ], + "type": "object" + }, + "mode": { + "description": "Optional: mode bits used to set permissions on this file, must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.", + "format": "int32", + "type": "integer" + }, + "path": { + "description": "Required: Path is the relative path name of the file to be created. Must not be absolute or contain the '..' path. Must be utf-8 encoded. The first item of the relative path must not start with '..'", + "type": "string" + }, + "resourceFieldRef": { + "description": "Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported.", + "properties": { + "containerName": { + "description": "Container name: required for volumes, optional for env vars", + "type": "string" + }, + "divisor": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "description": "Specifies the output format of the exposed resources, defaults to \"1\"", + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "resource": { + "description": "Required: resource to select", + "type": "string" + } + }, + "required": [ + "resource" + ], + "type": "object" + } + }, + "required": [ + "path" + ], + "type": "object" + }, + "type": "array" + } + }, + "type": "object" + }, + "emptyDir": { + "description": "emptyDir represents a temporary directory that shares a pod's lifetime. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir", + "properties": { + "medium": { + "description": "medium represents what type of storage medium should back this directory. The default is \"\" which means to use the node's default medium. Must be an empty string (default) or Memory. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir", + "type": "string" + }, + "sizeLimit": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "description": "sizeLimit is the total amount of local storage required for this EmptyDir volume. The size limit is also applicable for memory medium. The maximum usage on memory medium EmptyDir would be the minimum value between the SizeLimit specified here and the sum of memory limits of all containers in a pod. The default is nil which means that the limit is undefined. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir", + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + } + }, + "type": "object" + }, + "ephemeral": { + "description": "ephemeral represents a volume that is handled by a cluster storage driver. The volume's lifecycle is tied to the pod that defines it - it will be created before the pod starts, and deleted when the pod is removed. \n Use this if: a) the volume is only needed while the pod runs, b) features of normal volumes like restoring from snapshot or capacity tracking are needed, c) the storage driver is specified through a storage class, and d) the storage driver supports dynamic volume provisioning through a PersistentVolumeClaim (see EphemeralVolumeSource for more information on the connection between this volume type and PersistentVolumeClaim). \n Use PersistentVolumeClaim or one of the vendor-specific APIs for volumes that persist for longer than the lifecycle of an individual pod. \n Use CSI for light-weight local ephemeral volumes if the CSI driver is meant to be used that way - see the documentation of the driver for more information. \n A pod can use both types of ephemeral volumes and persistent volumes at the same time.", + "properties": { + "volumeClaimTemplate": { + "description": "Will be used to create a stand-alone PVC to provision the volume. The pod in which this EphemeralVolumeSource is embedded will be the owner of the PVC, i.e. the PVC will be deleted together with the pod. The name of the PVC will be `-` where `` is the name from the `PodSpec.Volumes` array entry. Pod validation will reject the pod if the concatenated name is not valid for a PVC (for example, too long). \n An existing PVC with that name that is not owned by the pod will *not* be used for the pod to avoid using an unrelated volume by mistake. Starting the pod is then blocked until the unrelated PVC is removed. If such a pre-created PVC is meant to be used by the pod, the PVC has to updated with an owner reference to the pod once the pod exists. Normally this should not be necessary, but it may be useful when manually reconstructing a broken cluster. \n This field is read-only and no changes will be made by Kubernetes to the PVC after it has been created. \n Required, must not be nil.", + "properties": { + "metadata": { + "description": "May contain labels and annotations that will be copied into the PVC when creating it. No other fields are allowed and will be rejected during validation.", + "type": "object" + }, + "spec": { + "description": "The specification for the PersistentVolumeClaim. The entire content is copied unchanged into the PVC that gets created from this template. The same fields as in a PersistentVolumeClaim are also valid here.", + "properties": { + "accessModes": { + "description": "accessModes contains the desired access modes the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1", + "items": { + "type": "string" + }, + "type": "array" + }, + "dataSource": { + "description": "dataSource field can be used to specify either: * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) * An existing PVC (PersistentVolumeClaim) If the provisioner or an external controller can support the specified data source, it will create a new volume based on the contents of the specified data source. When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. If the namespace is specified, then dataSourceRef will not be copied to dataSource.", + "properties": { + "apiGroup": { + "description": "APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required.", + "type": "string" + }, + "kind": { + "description": "Kind is the type of resource being referenced", + "type": "string" + }, + "name": { + "description": "Name is the name of resource being referenced", + "type": "string" + } + }, + "required": [ + "kind", + "name" + ], + "type": "object" + }, + "dataSourceRef": { + "description": "dataSourceRef specifies the object from which to populate the volume with data, if a non-empty volume is desired. This may be any object from a non-empty API group (non core object) or a PersistentVolumeClaim object. When this field is specified, volume binding will only succeed if the type of the specified object matches some installed volume populator or dynamic provisioner. This field will replace the functionality of the dataSource field and as such if both fields are non-empty, they must have the same value. For backwards compatibility, when namespace isn't specified in dataSourceRef, both fields (dataSource and dataSourceRef) will be set to the same value automatically if one of them is empty and the other is non-empty. When namespace is specified in dataSourceRef, dataSource isn't set to the same value and must be empty. There are three important differences between dataSource and dataSourceRef: * While dataSource only allows two specific types of objects, dataSourceRef allows any non-core object, as well as PersistentVolumeClaim objects. * While dataSource ignores disallowed values (dropping them), dataSourceRef preserves all values, and generates an error if a disallowed value is specified. * While dataSource only allows local objects, dataSourceRef allows objects in any namespaces. (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled.", + "properties": { + "apiGroup": { + "description": "APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required.", + "type": "string" + }, + "kind": { + "description": "Kind is the type of resource being referenced", + "type": "string" + }, + "name": { + "description": "Name is the name of resource being referenced", + "type": "string" + }, + "namespace": { + "description": "Namespace is the namespace of resource being referenced Note that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details. (Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled.", + "type": "string" + } + }, + "required": [ + "kind", + "name" + ], + "type": "object" + }, + "resources": { + "description": "resources represents the minimum resources the volume should have. If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements that are lower than previous value but must still be higher than capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources", + "properties": { + "claims": { + "description": "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers.", + "items": { + "description": "ResourceClaim references one entry in PodSpec.ResourceClaims.", + "properties": { + "name": { + "description": "Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container.", + "type": "string" + } + }, + "required": [ + "name" + ], + "type": "object" + }, + "type": "array", + "x-kubernetes-list-map-keys": [ + "name" + ], + "x-kubernetes-list-type": "map" + }, + "limits": { + "additionalProperties": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "description": "Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/", + "type": "object" + }, + "requests": { + "additionalProperties": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "description": "Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/", + "type": "object" + } + }, + "type": "object" + }, + "selector": { + "description": "selector is a label query over volumes to consider for binding.", + "properties": { + "matchExpressions": { + "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", + "items": { + "description": "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.", + "properties": { + "key": { + "description": "key is the label key that the selector applies to.", + "type": "string" + }, + "operator": { + "description": "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.", + "type": "string" + }, + "values": { + "description": "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array" + }, + "matchLabels": { + "additionalProperties": { + "type": "string" + }, + "description": "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", + "type": "object" + } + }, + "type": "object" + }, + "storageClassName": { + "description": "storageClassName is the name of the StorageClass required by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1", + "type": "string" + }, + "volumeMode": { + "description": "volumeMode defines what type of volume is required by the claim. Value of Filesystem is implied when not included in claim spec.", + "type": "string" + }, + "volumeName": { + "description": "volumeName is the binding reference to the PersistentVolume backing this claim.", + "type": "string" + } + }, + "type": "object" + } + }, + "required": [ + "spec" + ], + "type": "object" + } + }, + "type": "object" + }, + "fc": { + "description": "fc represents a Fibre Channel resource that is attached to a kubelet's host machine and then exposed to the pod.", + "properties": { + "fsType": { + "description": "fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified. TODO: how do we prevent errors in the filesystem from compromising the machine", + "type": "string" + }, + "lun": { + "description": "lun is Optional: FC target lun number", + "format": "int32", + "type": "integer" + }, + "readOnly": { + "description": "readOnly is Optional: Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts.", + "type": "boolean" + }, + "targetWWNs": { + "description": "targetWWNs is Optional: FC target worldwide names (WWNs)", + "items": { + "type": "string" + }, + "type": "array" + }, + "wwids": { + "description": "wwids Optional: FC volume world wide identifiers (wwids) Either wwids or combination of targetWWNs and lun must be set, but not both simultaneously.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + }, + "flexVolume": { + "description": "flexVolume represents a generic volume resource that is provisioned/attached using an exec based plugin.", + "properties": { + "driver": { + "description": "driver is the name of the driver to use for this volume.", + "type": "string" + }, + "fsType": { + "description": "fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. \"ext4\", \"xfs\", \"ntfs\". The default filesystem depends on FlexVolume script.", + "type": "string" + }, + "options": { + "additionalProperties": { + "type": "string" + }, + "description": "options is Optional: this field holds extra command options if any.", + "type": "object" + }, + "readOnly": { + "description": "readOnly is Optional: defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts.", + "type": "boolean" + }, + "secretRef": { + "description": "secretRef is Optional: secretRef is reference to the secret object containing sensitive information to pass to the plugin scripts. This may be empty if no secret object is specified. If the secret object contains more than one secret, all secrets are passed to the plugin scripts.", + "properties": { + "name": { + "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?", + "type": "string" + } + }, + "type": "object" + } + }, + "required": [ + "driver" + ], + "type": "object" + }, + "flocker": { + "description": "flocker represents a Flocker volume attached to a kubelet's host machine. This depends on the Flocker control service being running", + "properties": { + "datasetName": { + "description": "datasetName is Name of the dataset stored as metadata -> name on the dataset for Flocker should be considered as deprecated", + "type": "string" + }, + "datasetUUID": { + "description": "datasetUUID is the UUID of the dataset. This is unique identifier of a Flocker dataset", + "type": "string" + } + }, + "type": "object" + }, + "gcePersistentDisk": { + "description": "gcePersistentDisk represents a GCE Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk", + "properties": { + "fsType": { + "description": "fsType is filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk TODO: how do we prevent errors in the filesystem from compromising the machine", + "type": "string" + }, + "partition": { + "description": "partition is the partition in the volume that you want to mount. If omitted, the default is to mount by volume name. Examples: For volume /dev/sda1, you specify the partition as \"1\". Similarly, the volume partition for /dev/sda is \"0\" (or you can leave the property empty). More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk", + "format": "int32", + "type": "integer" + }, + "pdName": { + "description": "pdName is unique name of the PD resource in GCE. Used to identify the disk in GCE. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk", + "type": "string" + }, + "readOnly": { + "description": "readOnly here will force the ReadOnly setting in VolumeMounts. Defaults to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk", + "type": "boolean" + } + }, + "required": [ + "pdName" + ], + "type": "object" + }, + "gitRepo": { + "description": "gitRepo represents a git repository at a particular revision. DEPRECATED: GitRepo is deprecated. To provision a container with a git repo, mount an EmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir into the Pod's container.", + "properties": { + "directory": { + "description": "directory is the target directory name. Must not contain or start with '..'. If '.' is supplied, the volume directory will be the git repository. Otherwise, if specified, the volume will contain the git repository in the subdirectory with the given name.", + "type": "string" + }, + "repository": { + "description": "repository is the URL", + "type": "string" + }, + "revision": { + "description": "revision is the commit hash for the specified revision.", + "type": "string" + } + }, + "required": [ + "repository" + ], + "type": "object" + }, + "glusterfs": { + "description": "glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime. More info: https://examples.k8s.io/volumes/glusterfs/README.md", + "properties": { + "endpoints": { + "description": "endpoints is the endpoint name that details Glusterfs topology. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod", + "type": "string" + }, + "path": { + "description": "path is the Glusterfs volume path. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod", + "type": "string" + }, + "readOnly": { + "description": "readOnly here will force the Glusterfs volume to be mounted with read-only permissions. Defaults to false. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod", + "type": "boolean" + } + }, + "required": [ + "endpoints", + "path" + ], + "type": "object" + }, + "hostPath": { + "description": "hostPath represents a pre-existing file or directory on the host machine that is directly exposed to the container. This is generally used for system agents or other privileged things that are allowed to see the host machine. Most containers will NOT need this. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath --- TODO(jonesdl) We need to restrict who can use host directory mounts and who can/can not mount host directories as read/write.", + "properties": { + "path": { + "description": "path of the directory on the host. If the path is a symlink, it will follow the link to the real path. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath", + "type": "string" + }, + "type": { + "description": "type for HostPath Volume Defaults to \"\" More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath", + "type": "string" + } + }, + "required": [ + "path" + ], + "type": "object" + }, + "iscsi": { + "description": "iscsi represents an ISCSI Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://examples.k8s.io/volumes/iscsi/README.md", + "properties": { + "chapAuthDiscovery": { + "description": "chapAuthDiscovery defines whether support iSCSI Discovery CHAP authentication", + "type": "boolean" + }, + "chapAuthSession": { + "description": "chapAuthSession defines whether support iSCSI Session CHAP authentication", + "type": "boolean" + }, + "fsType": { + "description": "fsType is the filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi TODO: how do we prevent errors in the filesystem from compromising the machine", + "type": "string" + }, + "initiatorName": { + "description": "initiatorName is the custom iSCSI Initiator Name. If initiatorName is specified with iscsiInterface simultaneously, new iSCSI interface : will be created for the connection.", + "type": "string" + }, + "iqn": { + "description": "iqn is the target iSCSI Qualified Name.", + "type": "string" + }, + "iscsiInterface": { + "description": "iscsiInterface is the interface Name that uses an iSCSI transport. Defaults to 'default' (tcp).", + "type": "string" + }, + "lun": { + "description": "lun represents iSCSI Target Lun number.", + "format": "int32", + "type": "integer" + }, + "portals": { + "description": "portals is the iSCSI Target Portal List. The portal is either an IP or ip_addr:port if the port is other than default (typically TCP ports 860 and 3260).", + "items": { + "type": "string" + }, + "type": "array" + }, + "readOnly": { + "description": "readOnly here will force the ReadOnly setting in VolumeMounts. Defaults to false.", + "type": "boolean" + }, + "secretRef": { + "description": "secretRef is the CHAP Secret for iSCSI target and initiator authentication", + "properties": { + "name": { + "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?", + "type": "string" + } + }, + "type": "object" + }, + "targetPortal": { + "description": "targetPortal is iSCSI Target Portal. The Portal is either an IP or ip_addr:port if the port is other than default (typically TCP ports 860 and 3260).", + "type": "string" + } + }, + "required": [ + "iqn", + "lun", + "targetPortal" + ], + "type": "object" + }, + "name": { + "description": "name of the volume. Must be a DNS_LABEL and unique within the pod. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names", + "type": "string" + }, + "nfs": { + "description": "nfs represents an NFS mount on the host that shares a pod's lifetime More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs", + "properties": { + "path": { + "description": "path that is exported by the NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs", + "type": "string" + }, + "readOnly": { + "description": "readOnly here will force the NFS export to be mounted with read-only permissions. Defaults to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs", + "type": "boolean" + }, + "server": { + "description": "server is the hostname or IP address of the NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs", + "type": "string" + } + }, + "required": [ + "path", + "server" + ], + "type": "object" + }, + "persistentVolumeClaim": { + "description": "persistentVolumeClaimVolumeSource represents a reference to a PersistentVolumeClaim in the same namespace. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims", + "properties": { + "claimName": { + "description": "claimName is the name of a PersistentVolumeClaim in the same namespace as the pod using this volume. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims", + "type": "string" + }, + "readOnly": { + "description": "readOnly Will force the ReadOnly setting in VolumeMounts. Default false.", + "type": "boolean" + } + }, + "required": [ + "claimName" + ], + "type": "object" + }, + "photonPersistentDisk": { + "description": "photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine", + "properties": { + "fsType": { + "description": "fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.", + "type": "string" + }, + "pdID": { + "description": "pdID is the ID that identifies Photon Controller persistent disk", + "type": "string" + } + }, + "required": [ + "pdID" + ], + "type": "object" + }, + "portworxVolume": { + "description": "portworxVolume represents a portworx volume attached and mounted on kubelets host machine", + "properties": { + "fsType": { + "description": "fSType represents the filesystem type to mount Must be a filesystem type supported by the host operating system. Ex. \"ext4\", \"xfs\". Implicitly inferred to be \"ext4\" if unspecified.", + "type": "string" + }, + "readOnly": { + "description": "readOnly defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts.", + "type": "boolean" + }, + "volumeID": { + "description": "volumeID uniquely identifies a Portworx volume", + "type": "string" + } + }, + "required": [ + "volumeID" + ], + "type": "object" + }, + "projected": { + "description": "projected items for all in one resources secrets, configmaps, and downward API", + "properties": { + "defaultMode": { + "description": "defaultMode are the mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.", + "format": "int32", + "type": "integer" + }, + "sources": { + "description": "sources is the list of volume projections", + "items": { + "description": "Projection that may be projected along with other supported volume types", + "properties": { + "configMap": { + "description": "configMap information about the configMap data to project", + "properties": { + "items": { + "description": "items if unspecified, each key-value pair in the Data field of the referenced ConfigMap will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the ConfigMap, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'.", + "items": { + "description": "Maps a string key to a path within a volume.", + "properties": { + "key": { + "description": "key is the key to project.", + "type": "string" + }, + "mode": { + "description": "mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.", + "format": "int32", + "type": "integer" + }, + "path": { + "description": "path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'.", + "type": "string" + } + }, + "required": [ + "key", + "path" + ], + "type": "object" + }, + "type": "array" + }, + "name": { + "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?", + "type": "string" + }, + "optional": { + "description": "optional specify whether the ConfigMap or its keys must be defined", + "type": "boolean" + } + }, + "type": "object" + }, + "downwardAPI": { + "description": "downwardAPI information about the downwardAPI data to project", + "properties": { + "items": { + "description": "Items is a list of DownwardAPIVolume file", + "items": { + "description": "DownwardAPIVolumeFile represents information to create the file containing the pod field", + "properties": { + "fieldRef": { + "description": "Required: Selects a field of the pod: only annotations, labels, name and namespace are supported.", + "properties": { + "apiVersion": { + "description": "Version of the schema the FieldPath is written in terms of, defaults to \"v1\".", + "type": "string" + }, + "fieldPath": { + "description": "Path of the field to select in the specified API version.", + "type": "string" + } + }, + "required": [ + "fieldPath" + ], + "type": "object" + }, + "mode": { + "description": "Optional: mode bits used to set permissions on this file, must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.", + "format": "int32", + "type": "integer" + }, + "path": { + "description": "Required: Path is the relative path name of the file to be created. Must not be absolute or contain the '..' path. Must be utf-8 encoded. The first item of the relative path must not start with '..'", + "type": "string" + }, + "resourceFieldRef": { + "description": "Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported.", + "properties": { + "containerName": { + "description": "Container name: required for volumes, optional for env vars", + "type": "string" + }, + "divisor": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "description": "Specifies the output format of the exposed resources, defaults to \"1\"", + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "resource": { + "description": "Required: resource to select", + "type": "string" + } + }, + "required": [ + "resource" + ], + "type": "object" + } + }, + "required": [ + "path" + ], + "type": "object" + }, + "type": "array" + } + }, + "type": "object" + }, + "secret": { + "description": "secret information about the secret data to project", + "properties": { + "items": { + "description": "items if unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'.", + "items": { + "description": "Maps a string key to a path within a volume.", + "properties": { + "key": { + "description": "key is the key to project.", + "type": "string" + }, + "mode": { + "description": "mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.", + "format": "int32", + "type": "integer" + }, + "path": { + "description": "path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'.", + "type": "string" + } + }, + "required": [ + "key", + "path" + ], + "type": "object" + }, + "type": "array" + }, + "name": { + "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?", + "type": "string" + }, + "optional": { + "description": "optional field specify whether the Secret or its key must be defined", + "type": "boolean" + } + }, + "type": "object" + }, + "serviceAccountToken": { + "description": "serviceAccountToken is information about the serviceAccountToken data to project", + "properties": { + "audience": { + "description": "audience is the intended audience of the token. A recipient of a token must identify itself with an identifier specified in the audience of the token, and otherwise should reject the token. The audience defaults to the identifier of the apiserver.", + "type": "string" + }, + "expirationSeconds": { + "description": "expirationSeconds is the requested duration of validity of the service account token. As the token approaches expiration, the kubelet volume plugin will proactively rotate the service account token. The kubelet will start trying to rotate the token if the token is older than 80 percent of its time to live or if the token is older than 24 hours.Defaults to 1 hour and must be at least 10 minutes.", + "format": "int64", + "type": "integer" + }, + "path": { + "description": "path is the path relative to the mount point of the file to project the token into.", + "type": "string" + } + }, + "required": [ + "path" + ], + "type": "object" + } + }, + "type": "object" + }, + "type": "array" + } + }, + "type": "object" + }, + "quobyte": { + "description": "quobyte represents a Quobyte mount on the host that shares a pod's lifetime", + "properties": { + "group": { + "description": "group to map volume access to Default is no group", + "type": "string" + }, + "readOnly": { + "description": "readOnly here will force the Quobyte volume to be mounted with read-only permissions. Defaults to false.", + "type": "boolean" + }, + "registry": { + "description": "registry represents a single or multiple Quobyte Registry services specified as a string as host:port pair (multiple entries are separated with commas) which acts as the central registry for volumes", + "type": "string" + }, + "tenant": { + "description": "tenant owning the given Quobyte volume in the Backend Used with dynamically provisioned Quobyte volumes, value is set by the plugin", + "type": "string" + }, + "user": { + "description": "user to map volume access to Defaults to serivceaccount user", + "type": "string" + }, + "volume": { + "description": "volume is a string that references an already created Quobyte volume by name.", + "type": "string" + } + }, + "required": [ + "registry", + "volume" + ], + "type": "object" + }, + "rbd": { + "description": "rbd represents a Rados Block Device mount on the host that shares a pod's lifetime. More info: https://examples.k8s.io/volumes/rbd/README.md", + "properties": { + "fsType": { + "description": "fsType is the filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#rbd TODO: how do we prevent errors in the filesystem from compromising the machine", + "type": "string" + }, + "image": { + "description": "image is the rados image name. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it", + "type": "string" + }, + "keyring": { + "description": "keyring is the path to key ring for RBDUser. Default is /etc/ceph/keyring. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it", + "type": "string" + }, + "monitors": { + "description": "monitors is a collection of Ceph monitors. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it", + "items": { + "type": "string" + }, + "type": "array" + }, + "pool": { + "description": "pool is the rados pool name. Default is rbd. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it", + "type": "string" + }, + "readOnly": { + "description": "readOnly here will force the ReadOnly setting in VolumeMounts. Defaults to false. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it", + "type": "boolean" + }, + "secretRef": { + "description": "secretRef is name of the authentication secret for RBDUser. If provided overrides keyring. Default is nil. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it", + "properties": { + "name": { + "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?", + "type": "string" + } + }, + "type": "object" + }, + "user": { + "description": "user is the rados user name. Default is admin. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it", + "type": "string" + } + }, + "required": [ + "image", + "monitors" + ], + "type": "object" + }, + "scaleIO": { + "description": "scaleIO represents a ScaleIO persistent volume attached and mounted on Kubernetes nodes.", + "properties": { + "fsType": { + "description": "fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. \"ext4\", \"xfs\", \"ntfs\". Default is \"xfs\".", + "type": "string" + }, + "gateway": { + "description": "gateway is the host address of the ScaleIO API Gateway.", + "type": "string" + }, + "protectionDomain": { + "description": "protectionDomain is the name of the ScaleIO Protection Domain for the configured storage.", + "type": "string" + }, + "readOnly": { + "description": "readOnly Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts.", + "type": "boolean" + }, + "secretRef": { + "description": "secretRef references to the secret for ScaleIO user and other sensitive information. If this is not provided, Login operation will fail.", + "properties": { + "name": { + "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?", + "type": "string" + } + }, + "type": "object" + }, + "sslEnabled": { + "description": "sslEnabled Flag enable/disable SSL communication with Gateway, default false", + "type": "boolean" + }, + "storageMode": { + "description": "storageMode indicates whether the storage for a volume should be ThickProvisioned or ThinProvisioned. Default is ThinProvisioned.", + "type": "string" + }, + "storagePool": { + "description": "storagePool is the ScaleIO Storage Pool associated with the protection domain.", + "type": "string" + }, + "system": { + "description": "system is the name of the storage system as configured in ScaleIO.", + "type": "string" + }, + "volumeName": { + "description": "volumeName is the name of a volume already created in the ScaleIO system that is associated with this volume source.", + "type": "string" + } + }, + "required": [ + "gateway", + "secretRef", + "system" + ], + "type": "object" + }, + "secret": { + "description": "secret represents a secret that should populate this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret", + "properties": { + "defaultMode": { + "description": "defaultMode is Optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.", + "format": "int32", + "type": "integer" + }, + "items": { + "description": "items If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'.", + "items": { + "description": "Maps a string key to a path within a volume.", + "properties": { + "key": { + "description": "key is the key to project.", + "type": "string" + }, + "mode": { + "description": "mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.", + "format": "int32", + "type": "integer" + }, + "path": { + "description": "path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'.", + "type": "string" + } + }, + "required": [ + "key", + "path" + ], + "type": "object" + }, + "type": "array" + }, + "optional": { + "description": "optional field specify whether the Secret or its keys must be defined", + "type": "boolean" + }, + "secretName": { + "description": "secretName is the name of the secret in the pod's namespace to use. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret", + "type": "string" + } + }, + "type": "object" + }, + "storageos": { + "description": "storageOS represents a StorageOS volume attached and mounted on Kubernetes nodes.", + "properties": { + "fsType": { + "description": "fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.", + "type": "string" + }, + "readOnly": { + "description": "readOnly defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts.", + "type": "boolean" + }, + "secretRef": { + "description": "secretRef specifies the secret to use for obtaining the StorageOS API credentials. If not specified, default values will be attempted.", + "properties": { + "name": { + "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?", + "type": "string" + } + }, + "type": "object" + }, + "volumeName": { + "description": "volumeName is the human-readable name of the StorageOS volume. Volume names are only unique within a namespace.", + "type": "string" + }, + "volumeNamespace": { + "description": "volumeNamespace specifies the scope of the volume within StorageOS. If no namespace is specified then the Pod's namespace will be used. This allows the Kubernetes name scoping to be mirrored within StorageOS for tighter integration. Set VolumeName to any name to override the default behaviour. Set to \"default\" if you are not using namespaces within StorageOS. Namespaces that do not pre-exist within StorageOS will be created.", + "type": "string" + } + }, + "type": "object" + }, + "vsphereVolume": { + "description": "vsphereVolume represents a vSphere volume attached and mounted on kubelets host machine", + "properties": { + "fsType": { + "description": "fsType is filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.", + "type": "string" + }, + "storagePolicyID": { + "description": "storagePolicyID is the storage Policy Based Management (SPBM) profile ID associated with the StoragePolicyName.", + "type": "string" + }, + "storagePolicyName": { + "description": "storagePolicyName is the storage Policy Based Management (SPBM) profile name.", + "type": "string" + }, + "volumePath": { + "description": "volumePath is the path that identifies vSphere volume vmdk", + "type": "string" + } + }, + "required": [ + "volumePath" + ], + "type": "object" + } + }, + "required": [ + "name" + ], + "type": "object" + }, + "type": "array" + } + }, + "type": "object" + }, + "repositoryCredentials": { + "description": "RepositoryCredentials are the Git pull credentials to configure Argo CD with upon creation of the cluster.", + "type": "string" + }, + "resourceActions": { + "description": "ResourceActions customizes resource action behavior.", + "items": { + "description": "Resource Customization for custom action", + "properties": { + "action": { + "type": "string" + }, + "group": { + "type": "string" + }, + "kind": { + "type": "string" + } + }, + "type": "object" + }, + "type": "array" + }, + "resourceExclusions": { + "description": "ResourceExclusions is used to completely ignore entire classes of resource group/kinds.", + "type": "string" + }, + "resourceHealthChecks": { + "description": "ResourceHealthChecks customizes resource health check behavior.", + "items": { + "description": "Resource Customization for custom health check", + "properties": { + "check": { + "type": "string" + }, + "group": { + "type": "string" + }, + "kind": { + "type": "string" + } + }, + "type": "object" + }, + "type": "array" + }, + "resourceIgnoreDifferences": { + "description": "ResourceIgnoreDifferences customizes resource ignore difference behavior.", + "properties": { + "all": { + "properties": { + "jqPathExpressions": { + "items": { + "type": "string" + }, + "type": "array" + }, + "jsonPointers": { + "items": { + "type": "string" + }, + "type": "array" + }, + "managedFieldsManagers": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + }, + "resourceIdentifiers": { + "items": { + "description": "Resource Customization fields for ignore difference", + "properties": { + "customization": { + "properties": { + "jqPathExpressions": { + "items": { + "type": "string" + }, + "type": "array" + }, + "jsonPointers": { + "items": { + "type": "string" + }, + "type": "array" + }, + "managedFieldsManagers": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + }, + "group": { + "type": "string" + }, + "kind": { + "type": "string" + } + }, + "type": "object" + }, + "type": "array" + } + }, + "type": "object" + }, + "resourceInclusions": { + "description": "ResourceInclusions is used to only include specific group/kinds in the reconciliation process.", + "type": "string" + }, + "resourceTrackingMethod": { + "description": "ResourceTrackingMethod defines how Argo CD should track resources that it manages", + "type": "string" + }, + "server": { + "description": "Server defines the options for the ArgoCD Server component.", + "properties": { + "autoscale": { + "description": "Autoscale defines the autoscale options for the Argo CD Server component.", + "properties": { + "enabled": { + "description": "Enabled will toggle autoscaling support for the Argo CD Server component.", + "type": "boolean" + }, + "hpa": { + "description": "HPA defines the HorizontalPodAutoscaler options for the Argo CD Server component.", + "properties": { + "maxReplicas": { + "description": "maxReplicas is the upper limit for the number of pods that can be set by the autoscaler; cannot be smaller than MinReplicas.", + "format": "int32", + "type": "integer" + }, + "minReplicas": { + "description": "minReplicas is the lower limit for the number of replicas to which the autoscaler can scale down. It defaults to 1 pod. minReplicas is allowed to be 0 if the alpha feature gate HPAScaleToZero is enabled and at least one Object or External metric is configured. Scaling is active as long as at least one metric value is available.", + "format": "int32", + "type": "integer" + }, + "scaleTargetRef": { + "description": "reference to scaled resource; horizontal pod autoscaler will learn the current resource consumption and will set the desired number of pods by using its Scale subresource.", + "properties": { + "apiVersion": { + "description": "apiVersion is the API version of the referent", + "type": "string" + }, + "kind": { + "description": "kind is the kind of the referent; More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", + "type": "string" + }, + "name": { + "description": "name is the name of the referent; More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names", + "type": "string" + } + }, + "required": [ + "kind", + "name" + ], + "type": "object" + }, + "targetCPUUtilizationPercentage": { + "description": "targetCPUUtilizationPercentage is the target average CPU utilization (represented as a percentage of requested CPU) over all the pods; if not specified the default autoscaling policy will be used.", + "format": "int32", + "type": "integer" + } + }, + "required": [ + "maxReplicas", + "scaleTargetRef" + ], + "type": "object" + } + }, + "required": [ + "enabled" + ], + "type": "object" + }, + "env": { + "description": "Env lets you specify environment for API server pods", + "items": { + "description": "EnvVar represents an environment variable present in a Container.", + "properties": { + "name": { + "description": "Name of the environment variable. Must be a C_IDENTIFIER.", + "type": "string" + }, + "value": { + "description": "Variable references $(VAR_NAME) are expanded using the previously defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to \"\".", + "type": "string" + }, + "valueFrom": { + "description": "Source for the environment variable's value. Cannot be used if value is not empty.", + "properties": { + "configMapKeyRef": { + "description": "Selects a key of a ConfigMap.", + "properties": { + "key": { + "description": "The key to select.", + "type": "string" + }, + "name": { + "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?", + "type": "string" + }, + "optional": { + "description": "Specify whether the ConfigMap or its key must be defined", + "type": "boolean" + } + }, + "required": [ + "key" + ], + "type": "object" + }, + "fieldRef": { + "description": "Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs.", + "properties": { + "apiVersion": { + "description": "Version of the schema the FieldPath is written in terms of, defaults to \"v1\".", + "type": "string" + }, + "fieldPath": { + "description": "Path of the field to select in the specified API version.", + "type": "string" + } + }, + "required": [ + "fieldPath" + ], + "type": "object" + }, + "resourceFieldRef": { + "description": "Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported.", + "properties": { + "containerName": { + "description": "Container name: required for volumes, optional for env vars", + "type": "string" + }, + "divisor": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "description": "Specifies the output format of the exposed resources, defaults to \"1\"", + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "resource": { + "description": "Required: resource to select", + "type": "string" + } + }, + "required": [ + "resource" + ], + "type": "object" + }, + "secretKeyRef": { + "description": "Selects a key of a secret in the pod's namespace", + "properties": { + "key": { + "description": "The key of the secret to select from. Must be a valid secret key.", + "type": "string" + }, + "name": { + "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?", + "type": "string" + }, + "optional": { + "description": "Specify whether the Secret or its key must be defined", + "type": "boolean" + } + }, + "required": [ + "key" + ], + "type": "object" + } + }, + "type": "object" + } + }, + "required": [ + "name" + ], + "type": "object" + }, + "type": "array" + }, + "extraCommandArgs": { + "description": "Extra Command arguments that would append to the Argo CD server command. ExtraCommandArgs will not be added, if one of these commands is already part of the server command with same or different value.", + "items": { + "type": "string" + }, + "type": "array" + }, + "grpc": { + "description": "GRPC defines the state for the Argo CD Server GRPC options.", + "properties": { + "host": { + "description": "Host is the hostname to use for Ingress/Route resources.", + "type": "string" + }, + "ingress": { + "description": "Ingress defines the desired state for the Argo CD Server GRPC Ingress.", + "properties": { + "annotations": { + "additionalProperties": { + "type": "string" + }, + "description": "Annotations is the map of annotations to apply to the Ingress.", + "type": "object" + }, + "enabled": { + "description": "Enabled will toggle the creation of the Ingress.", + "type": "boolean" + }, + "ingressClassName": { + "description": "IngressClassName for the Ingress resource.", + "type": "string" + }, + "path": { + "description": "Path used for the Ingress resource.", + "type": "string" + }, + "tls": { + "description": "TLS configuration. Currently the Ingress only supports a single TLS port, 443. If multiple members of this list specify different hosts, they will be multiplexed on the same port according to the hostname specified through the SNI TLS extension, if the ingress controller fulfilling the ingress supports SNI.", + "items": { + "description": "IngressTLS describes the transport layer security associated with an ingress.", + "properties": { + "hosts": { + "description": "hosts is a list of hosts included in the TLS certificate. The values in this list must match the name/s used in the tlsSecret. Defaults to the wildcard host setting for the loadbalancer controller fulfilling this Ingress, if left unspecified.", + "items": { + "type": "string" + }, + "type": "array", + "x-kubernetes-list-type": "atomic" + }, + "secretName": { + "description": "secretName is the name of the secret used to terminate TLS traffic on port 443. Field is left optional to allow TLS routing based on SNI hostname alone. If the SNI host in a listener conflicts with the \"Host\" header field used by an IngressRule, the SNI host is used for termination and value of the \"Host\" header is used for routing.", + "type": "string" + } + }, + "type": "object" + }, + "type": "array" + } + }, + "required": [ + "enabled" + ], + "type": "object" + } + }, + "type": "object" + }, + "host": { + "description": "Host is the hostname to use for Ingress/Route resources.", + "type": "string" + }, + "ingress": { + "description": "Ingress defines the desired state for an Ingress for the Argo CD Server component.", + "properties": { + "annotations": { + "additionalProperties": { + "type": "string" + }, + "description": "Annotations is the map of annotations to apply to the Ingress.", + "type": "object" + }, + "enabled": { + "description": "Enabled will toggle the creation of the Ingress.", + "type": "boolean" + }, + "ingressClassName": { + "description": "IngressClassName for the Ingress resource.", + "type": "string" + }, + "path": { + "description": "Path used for the Ingress resource.", + "type": "string" + }, + "tls": { + "description": "TLS configuration. Currently the Ingress only supports a single TLS port, 443. If multiple members of this list specify different hosts, they will be multiplexed on the same port according to the hostname specified through the SNI TLS extension, if the ingress controller fulfilling the ingress supports SNI.", + "items": { + "description": "IngressTLS describes the transport layer security associated with an ingress.", + "properties": { + "hosts": { + "description": "hosts is a list of hosts included in the TLS certificate. The values in this list must match the name/s used in the tlsSecret. Defaults to the wildcard host setting for the loadbalancer controller fulfilling this Ingress, if left unspecified.", + "items": { + "type": "string" + }, + "type": "array", + "x-kubernetes-list-type": "atomic" + }, + "secretName": { + "description": "secretName is the name of the secret used to terminate TLS traffic on port 443. Field is left optional to allow TLS routing based on SNI hostname alone. If the SNI host in a listener conflicts with the \"Host\" header field used by an IngressRule, the SNI host is used for termination and value of the \"Host\" header is used for routing.", + "type": "string" + } + }, + "type": "object" + }, + "type": "array" + } + }, + "required": [ + "enabled" + ], + "type": "object" + }, + "insecure": { + "description": "Insecure toggles the insecure flag.", + "type": "boolean" + }, + "logFormat": { + "description": "LogFormat refers to the log level to be used by the ArgoCD Server component. Defaults to ArgoCDDefaultLogFormat if not configured. Valid options are text or json.", + "type": "string" + }, + "logLevel": { + "description": "LogLevel refers to the log level to be used by the ArgoCD Server component. Defaults to ArgoCDDefaultLogLevel if not set. Valid options are debug, info, error, and warn.", + "type": "string" + }, + "replicas": { + "description": "Replicas defines the number of replicas for argocd-server. Default is nil. Value should be greater than or equal to 0. Value will be ignored if Autoscaler is enabled.", + "format": "int32", + "type": "integer" + }, + "resources": { + "description": "Resources defines the Compute Resources required by the container for the Argo CD server component.", + "properties": { + "claims": { + "description": "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers.", + "items": { + "description": "ResourceClaim references one entry in PodSpec.ResourceClaims.", + "properties": { + "name": { + "description": "Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container.", + "type": "string" + } + }, + "required": [ + "name" + ], + "type": "object" + }, + "type": "array", + "x-kubernetes-list-map-keys": [ + "name" + ], + "x-kubernetes-list-type": "map" + }, + "limits": { + "additionalProperties": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "description": "Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/", + "type": "object" + }, + "requests": { + "additionalProperties": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "description": "Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/", + "type": "object" + } + }, + "type": "object" + }, + "route": { + "description": "Route defines the desired state for an OpenShift Route for the Argo CD Server component.", + "properties": { + "annotations": { + "additionalProperties": { + "type": "string" + }, + "description": "Annotations is the map of annotations to use for the Route resource.", + "type": "object" + }, + "enabled": { + "description": "Enabled will toggle the creation of the OpenShift Route.", + "type": "boolean" + }, + "labels": { + "additionalProperties": { + "type": "string" + }, + "description": "Labels is the map of labels to use for the Route resource", + "type": "object" + }, + "path": { + "description": "Path the router watches for, to route traffic for to the service.", + "type": "string" + }, + "tls": { + "description": "TLS provides the ability to configure certificates and termination for the Route.", + "properties": { + "caCertificate": { + "description": "caCertificate provides the cert authority certificate contents", + "type": "string" + }, + "certificate": { + "description": "certificate provides certificate contents", + "type": "string" + }, + "destinationCACertificate": { + "description": "destinationCACertificate provides the contents of the ca certificate of the final destination. When using reencrypt termination this file should be provided in order to have routers use it for health checks on the secure connection. If this field is not specified, the router may provide its own destination CA and perform hostname validation using the short service name (service.namespace.svc), which allows infrastructure generated certificates to automatically verify.", + "type": "string" + }, + "insecureEdgeTerminationPolicy": { + "description": "insecureEdgeTerminationPolicy indicates the desired behavior for insecure connections to a route. While each router may make its own decisions on which ports to expose, this is normally port 80. \n * Allow - traffic is sent to the server on the insecure port (default) * Disable - no traffic is allowed on the insecure port. * Redirect - clients are redirected to the secure port.", + "type": "string" + }, + "key": { + "description": "key provides key file contents", + "type": "string" + }, + "termination": { + "description": "termination indicates termination type.", + "type": "string" + } + }, + "required": [ + "termination" + ], + "type": "object" + }, + "wildcardPolicy": { + "description": "WildcardPolicy if any for the route. Currently only 'Subdomain' or 'None' is allowed.", + "type": "string" + } + }, + "required": [ + "enabled" + ], + "type": "object" + }, + "service": { + "description": "Service defines the options for the Service backing the ArgoCD Server component.", + "properties": { + "type": { + "description": "Type is the ServiceType to use for the Service resource.", + "type": "string" + } + }, + "required": [ + "type" + ], + "type": "object" + } + }, + "type": "object" + }, + "sourceNamespaces": { + "description": "SourceNamespaces defines the namespaces application resources are allowed to be created in", + "items": { + "type": "string" + }, + "type": "array" + }, + "sso": { + "description": "SSO defines the Single Sign-on configuration for Argo CD", + "properties": { + "dex": { + "description": "Dex contains the configuration for Argo CD dex authentication", + "properties": { + "config": { + "description": "Config is the dex connector configuration.", + "type": "string" + }, + "groups": { + "description": "Optional list of required groups a user must be a member of", + "items": { + "type": "string" + }, + "type": "array" + }, + "image": { + "description": "Image is the Dex container image.", + "type": "string" + }, + "openShiftOAuth": { + "description": "OpenShiftOAuth enables OpenShift OAuth authentication for the Dex server.", + "type": "boolean" + }, + "resources": { + "description": "Resources defines the Compute Resources required by the container for Dex.", + "properties": { + "claims": { + "description": "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers.", + "items": { + "description": "ResourceClaim references one entry in PodSpec.ResourceClaims.", + "properties": { + "name": { + "description": "Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container.", + "type": "string" + } + }, + "required": [ + "name" + ], + "type": "object" + }, + "type": "array", + "x-kubernetes-list-map-keys": [ + "name" + ], + "x-kubernetes-list-type": "map" + }, + "limits": { + "additionalProperties": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "description": "Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/", + "type": "object" + }, + "requests": { + "additionalProperties": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "description": "Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/", + "type": "object" + } + }, + "type": "object" + }, + "version": { + "description": "Version is the Dex container image tag.", + "type": "string" + } + }, + "type": "object" + }, + "keycloak": { + "description": "Keycloak contains the configuration for Argo CD keycloak authentication", + "properties": { + "image": { + "description": "Image is the Keycloak container image.", + "type": "string" + }, + "resources": { + "description": "Resources defines the Compute Resources required by the container for Keycloak.", + "properties": { + "claims": { + "description": "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers.", + "items": { + "description": "ResourceClaim references one entry in PodSpec.ResourceClaims.", + "properties": { + "name": { + "description": "Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container.", + "type": "string" + } + }, + "required": [ + "name" + ], + "type": "object" + }, + "type": "array", + "x-kubernetes-list-map-keys": [ + "name" + ], + "x-kubernetes-list-type": "map" + }, + "limits": { + "additionalProperties": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "description": "Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/", + "type": "object" + }, + "requests": { + "additionalProperties": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "description": "Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/", + "type": "object" + } + }, + "type": "object" + }, + "rootCA": { + "description": "Custom root CA certificate for communicating with the Keycloak OIDC provider", + "type": "string" + }, + "verifyTLS": { + "description": "VerifyTLS set to false disables strict TLS validation.", + "type": "boolean" + }, + "version": { + "description": "Version is the Keycloak container image tag.", + "type": "string" + } + }, + "type": "object" + }, + "provider": { + "description": "Provider installs and configures the given SSO Provider with Argo CD.", + "type": "string" + } + }, + "type": "object" + }, + "statusBadgeEnabled": { + "description": "StatusBadgeEnabled toggles application status badge feature.", + "type": "boolean" + }, + "tls": { + "description": "TLS defines the TLS options for ArgoCD.", + "properties": { + "ca": { + "description": "CA defines the CA options.", + "properties": { + "configMapName": { + "description": "ConfigMapName is the name of the ConfigMap containing the CA Certificate.", + "type": "string" + }, + "secretName": { + "description": "SecretName is the name of the Secret containing the CA Certificate and Key.", + "type": "string" + } + }, + "type": "object" + }, + "initialCerts": { + "additionalProperties": { + "type": "string" + }, + "description": "InitialCerts defines custom TLS certificates upon creation of the cluster for connecting Git repositories via HTTPS.", + "type": "object" + } + }, + "type": "object" + }, + "usersAnonymousEnabled": { + "description": "UsersAnonymousEnabled toggles anonymous user access. The anonymous users get default role permissions specified argocd-rbac-cm.", + "type": "boolean" + }, + "version": { + "description": "Version is the tag to use with the ArgoCD container image for all ArgoCD components.", + "type": "string" + } + }, + "type": "object" + }, + "status": { + "description": "ArgoCDStatus defines the observed state of ArgoCD", + "properties": { + "applicationController": { + "description": "ApplicationController is a simple, high-level summary of where the Argo CD application controller component is in its lifecycle. There are four possible ApplicationController values: Pending: The Argo CD application controller component has been accepted by the Kubernetes system, but one or more of the required resources have not been created. Running: All of the required Pods for the Argo CD application controller component are in a Ready state. Failed: At least one of the Argo CD application controller component Pods had a failure. Unknown: The state of the Argo CD application controller component could not be obtained.", + "type": "string" + }, + "applicationSetController": { + "description": "ApplicationSetController is a simple, high-level summary of where the Argo CD applicationSet controller component is in its lifecycle. There are four possible ApplicationSetController values: Pending: The Argo CD applicationSet controller component has been accepted by the Kubernetes system, but one or more of the required resources have not been created. Running: All of the required Pods for the Argo CD applicationSet controller component are in a Ready state. Failed: At least one of the Argo CD applicationSet controller component Pods had a failure. Unknown: The state of the Argo CD applicationSet controller component could not be obtained.", + "type": "string" + }, + "host": { + "description": "Host is the hostname of the Ingress.", + "type": "string" + }, + "notificationsController": { + "description": "NotificationsController is a simple, high-level summary of where the Argo CD notifications controller component is in its lifecycle. There are four possible NotificationsController values: Pending: The Argo CD notifications controller component has been accepted by the Kubernetes system, but one or more of the required resources have not been created. Running: All of the required Pods for the Argo CD notifications controller component are in a Ready state. Failed: At least one of the Argo CD notifications controller component Pods had a failure. Unknown: The state of the Argo CD notifications controller component could not be obtained.", + "type": "string" + }, + "phase": { + "description": "Phase is a simple, high-level summary of where the ArgoCD is in its lifecycle. There are four possible phase values: Pending: The ArgoCD has been accepted by the Kubernetes system, but one or more of the required resources have not been created. Available: All of the resources for the ArgoCD are ready. Failed: At least one resource has experienced a failure. Unknown: The state of the ArgoCD phase could not be obtained.", + "type": "string" + }, + "redis": { + "description": "Redis is a simple, high-level summary of where the Argo CD Redis component is in its lifecycle. There are four possible redis values: Pending: The Argo CD Redis component has been accepted by the Kubernetes system, but one or more of the required resources have not been created. Running: All of the required Pods for the Argo CD Redis component are in a Ready state. Failed: At least one of the Argo CD Redis component Pods had a failure. Unknown: The state of the Argo CD Redis component could not be obtained.", + "type": "string" + }, + "redisTLSChecksum": { + "description": "RedisTLSChecksum contains the SHA256 checksum of the latest known state of tls.crt and tls.key in the argocd-operator-redis-tls secret.", + "type": "string" + }, + "repo": { + "description": "Repo is a simple, high-level summary of where the Argo CD Repo component is in its lifecycle. There are four possible repo values: Pending: The Argo CD Repo component has been accepted by the Kubernetes system, but one or more of the required resources have not been created. Running: All of the required Pods for the Argo CD Repo component are in a Ready state. Failed: At least one of the Argo CD Repo component Pods had a failure. Unknown: The state of the Argo CD Repo component could not be obtained.", + "type": "string" + }, + "repoTLSChecksum": { + "description": "RepoTLSChecksum contains the SHA256 checksum of the latest known state of tls.crt and tls.key in the argocd-repo-server-tls secret.", + "type": "string" + }, + "server": { + "description": "Server is a simple, high-level summary of where the Argo CD server component is in its lifecycle. There are four possible server values: Pending: The Argo CD server component has been accepted by the Kubernetes system, but one or more of the required resources have not been created. Running: All of the required Pods for the Argo CD server component are in a Ready state. Failed: At least one of the Argo CD server component Pods had a failure. Unknown: The state of the Argo CD server component could not be obtained.", + "type": "string" + }, + "sso": { + "description": "SSO is a simple, high-level summary of where the Argo CD SSO(Dex/Keycloak) component is in its lifecycle. There are four possible sso values: Pending: The Argo CD SSO component has been accepted by the Kubernetes system, but one or more of the required resources have not been created. Running: All of the required Pods for the Argo CD SSO component are in a Ready state. Failed: At least one of the Argo CD SSO component Pods had a failure. Unknown: The state of the Argo CD SSO component could not be obtained.", + "type": "string" + } + }, + "type": "object" + } + }, + "type": "object" + } + }, + "served": true, + "storage": true, + "subresources": { + "status": {} + } + } + ] + }, + "status": { + "acceptedNames": { + "kind": "ArgoCD", + "listKind": "ArgoCDList", + "plural": "argocds", + "singular": "argocd" + }, + "conditions": [ + { + "lastTransitionTime": "2024-03-09T02:51:18Z", + "message": "no conflicts found", + "reason": "NoConflicts", + "status": "True", + "type": "NamesAccepted" + }, + { + "lastTransitionTime": "2024-03-09T02:51:18Z", + "message": "the initial names have been accepted", + "reason": "InitialNamesAccepted", + "status": "True", + "type": "Established" + } + ], + "storedVersions": [ + "v1beta1" + ] + } + }, + "group": "argoproj.io", + "plural": "argocds", + "version": "v1alpha1" + }, + "learnrun_time": 187.30937242507935, + "namespace": "argocd-operator-system", + "preload_images": [ + "quay.io/argoprojlabs/argocd-operator:v0.8.0", + "quay.io/jetstack/cert-manager-webhook:v1.14.1", + "quay.io/jetstack/cert-manager-controller:v1.14.1", + "quay.io/jetstack/cert-manager-cainjector:v1.14.1" + ], + "static_analysis_time": 1.0013580322265625e-05 +} \ No newline at end of file From 0f3f629adf590897be8154d42a7a31d17ddbca74 Mon Sep 17 00:00:00 2001 From: Ziyue Pan Date: Mon, 11 Mar 2024 00:36:46 +0800 Subject: [PATCH 26/38] remove duplicate kubectl `--context` option (#352) --- acto/deploy.py | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/acto/deploy.py b/acto/deploy.py index c0158b9422..a2debb4dfe 100644 --- a/acto/deploy.py +++ b/acto/deploy.py @@ -81,8 +81,7 @@ def deploy(self, # Run the steps in the deploy config one by one for step in self._deploy_config.steps: if step.apply: - args = ["apply", "--server-side", "-f", step.apply.file, - "--context", context_name] + args = ["apply", "--server-side", "-f", step.apply.file] # Use the namespace from the argument if the namespace is delegated # If the namespace from the config is explicitly specified, From f1f3abd121a23bace3270aff0002cca7df2bd75b Mon Sep 17 00:00:00 2001 From: Srikar Vanavasam Date: Sun, 10 Mar 2024 15:16:29 -0500 Subject: [PATCH 27/38] port OT-CONTAINER-KIT_redis-operator (#350) --- .../context.json | 9444 +++++++++++++++++ .../redis-config.json | 19 + .../redis-cr.yaml | 21 + .../redis-operator.yaml | 234 + 4 files changed, 9718 insertions(+) create mode 100644 data/OT-CONTAINER-KIT_redis-operator/context.json create mode 100644 data/OT-CONTAINER-KIT_redis-operator/redis-config.json create mode 100644 data/OT-CONTAINER-KIT_redis-operator/redis-cr.yaml create mode 100644 data/OT-CONTAINER-KIT_redis-operator/redis-operator.yaml diff --git a/data/OT-CONTAINER-KIT_redis-operator/context.json b/data/OT-CONTAINER-KIT_redis-operator/context.json new file mode 100644 index 0000000000..142b0a4cfd --- /dev/null +++ b/data/OT-CONTAINER-KIT_redis-operator/context.json @@ -0,0 +1,9444 @@ +{ + "crd": { + "body": { + "apiVersion": "apiextensions.k8s.io/v1", + "kind": "CustomResourceDefinition", + "metadata": { + "annotations": { + "controller-gen.kubebuilder.io/version": "v0.4.1" + }, + "creationTimestamp": "2024-02-22T16:26:26Z", + "generation": 1, + "name": "redisclusters.redis.redis.opstreelabs.in", + "resourceVersion": "698", + "uid": "a2f18e6a-043a-4fa2-959f-74ab07427fe8" + }, + "spec": { + "conversion": { + "strategy": "None" + }, + "group": "redis.redis.opstreelabs.in", + "names": { + "kind": "RedisCluster", + "listKind": "RedisClusterList", + "plural": "redisclusters", + "singular": "rediscluster" + }, + "scope": "Namespaced", + "versions": [ + { + "additionalPrinterColumns": [ + { + "description": "Current cluster node count", + "jsonPath": ".spec.clusterSize", + "name": "ClusterSize", + "type": "integer" + }, + { + "description": "Overridden Leader replica count", + "jsonPath": ".spec.redisLeader.CommonAttributes.Replicas", + "name": "LeaderReplicas", + "type": "integer" + }, + { + "description": "Overridden Follower replica count", + "jsonPath": ".spec.redisFollower.CommonAttributes.Replicas", + "name": "FollowerReplicas", + "type": "integer" + }, + { + "description": "Age of Cluster", + "jsonPath": ".metadata.creationTimestamp", + "name": "Age", + "type": "date" + } + ], + "name": "v1beta1", + "schema": { + "openAPIV3Schema": { + "description": "RedisCluster is the Schema for the redisclusters API", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", + "type": "string" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "type": "object" + }, + "spec": { + "description": "RedisClusterSpec defines the desired state of RedisCluster", + "properties": { + "TLS": { + "description": "TLS Configuration for redis instances", + "properties": { + "ca": { + "type": "string" + }, + "cert": { + "type": "string" + }, + "key": { + "type": "string" + }, + "secret": { + "description": "Reference to secret which contains the certificates", + "properties": { + "defaultMode": { + "description": "defaultMode is Optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.", + "format": "int32", + "type": "integer" + }, + "items": { + "description": "items If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'.", + "items": { + "description": "Maps a string key to a path within a volume.", + "properties": { + "key": { + "description": "key is the key to project.", + "type": "string" + }, + "mode": { + "description": "mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.", + "format": "int32", + "type": "integer" + }, + "path": { + "description": "path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'.", + "type": "string" + } + }, + "required": [ + "key", + "path" + ], + "type": "object" + }, + "type": "array" + }, + "optional": { + "description": "optional field specify whether the Secret or its keys must be defined", + "type": "boolean" + }, + "secretName": { + "description": "secretName is the name of the secret in the pod's namespace to use. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret", + "type": "string" + } + }, + "type": "object" + } + }, + "required": [ + "secret" + ], + "type": "object" + }, + "clusterSize": { + "format": "int32", + "type": "integer" + }, + "clusterVersion": { + "default": "v7", + "type": "string" + }, + "kubernetesConfig": { + "description": "KubernetesConfig will be the JSON struct for Basic Redis Config", + "properties": { + "ignoreAnnotations": { + "items": { + "type": "string" + }, + "type": "array" + }, + "image": { + "type": "string" + }, + "imagePullPolicy": { + "description": "PullPolicy describes a policy for if/when to pull a container image", + "type": "string" + }, + "imagePullSecrets": { + "items": { + "description": "LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace.", + "properties": { + "name": { + "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?", + "type": "string" + } + }, + "type": "object" + }, + "type": "array" + }, + "redisSecret": { + "description": "ExistingPasswordSecret is the struct to access the existing secret", + "properties": { + "key": { + "type": "string" + }, + "name": { + "type": "string" + } + }, + "type": "object" + }, + "resources": { + "description": "ResourceRequirements describes the compute resource requirements.", + "properties": { + "claims": { + "description": "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers.", + "items": { + "description": "ResourceClaim references one entry in PodSpec.ResourceClaims.", + "properties": { + "name": { + "description": "Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container.", + "type": "string" + } + }, + "required": [ + "name" + ], + "type": "object" + }, + "type": "array", + "x-kubernetes-list-map-keys": [ + "name" + ], + "x-kubernetes-list-type": "map" + }, + "limits": { + "additionalProperties": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "description": "Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/", + "type": "object" + }, + "requests": { + "additionalProperties": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "description": "Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/", + "type": "object" + } + }, + "type": "object" + }, + "service": { + "description": "ServiceConfig define the type of service to be created and its annotations", + "properties": { + "annotations": { + "additionalProperties": { + "type": "string" + }, + "type": "object" + }, + "serviceType": { + "enum": [ + "LoadBalancer", + "NodePort", + "ClusterIP" + ], + "type": "string" + } + }, + "type": "object" + }, + "updateStrategy": { + "description": "StatefulSetUpdateStrategy indicates the strategy that the StatefulSet controller will use to perform updates. It includes any additional parameters necessary to perform the update for the indicated strategy.", + "properties": { + "rollingUpdate": { + "description": "RollingUpdate is used to communicate parameters when Type is RollingUpdateStatefulSetStrategyType.", + "properties": { + "maxUnavailable": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "description": "The maximum number of pods that can be unavailable during the update. Value can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%). Absolute number is calculated from percentage by rounding up. This can not be 0. Defaults to 1. This field is alpha-level and is only honored by servers that enable the MaxUnavailableStatefulSet feature. The field applies to all pods in the range 0 to Replicas-1. That means if there is any unavailable pod in the range 0 to Replicas-1, it will be counted towards MaxUnavailable.", + "x-kubernetes-int-or-string": true + }, + "partition": { + "description": "Partition indicates the ordinal at which the StatefulSet should be partitioned for updates. During a rolling update, all pods from ordinal Replicas-1 to Partition are updated. All pods from ordinal Partition-1 to 0 remain untouched. This is helpful in being able to do a canary based deployment. The default value is 0.", + "format": "int32", + "type": "integer" + } + }, + "type": "object" + }, + "type": { + "description": "Type indicates the type of the StatefulSetUpdateStrategy. Default is RollingUpdate.", + "type": "string" + } + }, + "type": "object" + } + }, + "required": [ + "image" + ], + "type": "object" + }, + "persistenceEnabled": { + "type": "boolean" + }, + "priorityClassName": { + "type": "string" + }, + "redisExporter": { + "description": "RedisExporter interface will have the information for redis exporter related stuff", + "properties": { + "enabled": { + "type": "boolean" + }, + "env": { + "items": { + "description": "EnvVar represents an environment variable present in a Container.", + "properties": { + "name": { + "description": "Name of the environment variable. Must be a C_IDENTIFIER.", + "type": "string" + }, + "value": { + "description": "Variable references $(VAR_NAME) are expanded using the previously defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to \"\".", + "type": "string" + }, + "valueFrom": { + "description": "Source for the environment variable's value. Cannot be used if value is not empty.", + "properties": { + "configMapKeyRef": { + "description": "Selects a key of a ConfigMap.", + "properties": { + "key": { + "description": "The key to select.", + "type": "string" + }, + "name": { + "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?", + "type": "string" + }, + "optional": { + "description": "Specify whether the ConfigMap or its key must be defined", + "type": "boolean" + } + }, + "required": [ + "key" + ], + "type": "object" + }, + "fieldRef": { + "description": "Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs.", + "properties": { + "apiVersion": { + "description": "Version of the schema the FieldPath is written in terms of, defaults to \"v1\".", + "type": "string" + }, + "fieldPath": { + "description": "Path of the field to select in the specified API version.", + "type": "string" + } + }, + "required": [ + "fieldPath" + ], + "type": "object" + }, + "resourceFieldRef": { + "description": "Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported.", + "properties": { + "containerName": { + "description": "Container name: required for volumes, optional for env vars", + "type": "string" + }, + "divisor": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "description": "Specifies the output format of the exposed resources, defaults to \"1\"", + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "resource": { + "description": "Required: resource to select", + "type": "string" + } + }, + "required": [ + "resource" + ], + "type": "object" + }, + "secretKeyRef": { + "description": "Selects a key of a secret in the pod's namespace", + "properties": { + "key": { + "description": "The key of the secret to select from. Must be a valid secret key.", + "type": "string" + }, + "name": { + "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?", + "type": "string" + }, + "optional": { + "description": "Specify whether the Secret or its key must be defined", + "type": "boolean" + } + }, + "required": [ + "key" + ], + "type": "object" + } + }, + "type": "object" + } + }, + "required": [ + "name" + ], + "type": "object" + }, + "type": "array" + }, + "image": { + "type": "string" + }, + "imagePullPolicy": { + "description": "PullPolicy describes a policy for if/when to pull a container image", + "type": "string" + }, + "port": { + "default": 9121, + "type": "integer" + }, + "resources": { + "description": "ResourceRequirements describes the compute resource requirements.", + "properties": { + "claims": { + "description": "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers.", + "items": { + "description": "ResourceClaim references one entry in PodSpec.ResourceClaims.", + "properties": { + "name": { + "description": "Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container.", + "type": "string" + } + }, + "required": [ + "name" + ], + "type": "object" + }, + "type": "array", + "x-kubernetes-list-map-keys": [ + "name" + ], + "x-kubernetes-list-type": "map" + }, + "limits": { + "additionalProperties": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "description": "Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/", + "type": "object" + }, + "requests": { + "additionalProperties": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "description": "Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/", + "type": "object" + } + }, + "type": "object" + } + }, + "required": [ + "image" + ], + "type": "object" + }, + "redisFollower": { + "default": { + "livenessProbe": { + "failureThreshold": 3, + "initialDelaySeconds": 1, + "periodSeconds": 10, + "successThreshold": 1, + "timeoutSeconds": 1 + }, + "readinessProbe": { + "failureThreshold": 3, + "initialDelaySeconds": 1, + "periodSeconds": 10, + "successThreshold": 1, + "timeoutSeconds": 1 + } + }, + "description": "RedisFollower interface will have the redis follower configuration", + "properties": { + "affinity": { + "description": "Affinity is a group of affinity scheduling rules.", + "properties": { + "nodeAffinity": { + "description": "Describes node affinity scheduling rules for the pod.", + "properties": { + "preferredDuringSchedulingIgnoredDuringExecution": { + "description": "The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding \"weight\" to the sum if the node matches the corresponding matchExpressions; the node(s) with the highest sum are the most preferred.", + "items": { + "description": "An empty preferred scheduling term matches all objects with implicit weight 0 (i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op).", + "properties": { + "preference": { + "description": "A node selector term, associated with the corresponding weight.", + "properties": { + "matchExpressions": { + "description": "A list of node selector requirements by node's labels.", + "items": { + "description": "A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values.", + "properties": { + "key": { + "description": "The label key that the selector applies to.", + "type": "string" + }, + "operator": { + "description": "Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.", + "type": "string" + }, + "values": { + "description": "An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array" + }, + "matchFields": { + "description": "A list of node selector requirements by node's fields.", + "items": { + "description": "A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values.", + "properties": { + "key": { + "description": "The label key that the selector applies to.", + "type": "string" + }, + "operator": { + "description": "Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.", + "type": "string" + }, + "values": { + "description": "An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array" + } + }, + "type": "object" + }, + "weight": { + "description": "Weight associated with matching the corresponding nodeSelectorTerm, in the range 1-100.", + "format": "int32", + "type": "integer" + } + }, + "required": [ + "preference", + "weight" + ], + "type": "object" + }, + "type": "array" + }, + "requiredDuringSchedulingIgnoredDuringExecution": { + "description": "If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to an update), the system may or may not try to eventually evict the pod from its node.", + "properties": { + "nodeSelectorTerms": { + "description": "Required. A list of node selector terms. The terms are ORed.", + "items": { + "description": "A null or empty node selector term matches no objects. The requirements of them are ANDed. The TopologySelectorTerm type implements a subset of the NodeSelectorTerm.", + "properties": { + "matchExpressions": { + "description": "A list of node selector requirements by node's labels.", + "items": { + "description": "A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values.", + "properties": { + "key": { + "description": "The label key that the selector applies to.", + "type": "string" + }, + "operator": { + "description": "Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.", + "type": "string" + }, + "values": { + "description": "An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array" + }, + "matchFields": { + "description": "A list of node selector requirements by node's fields.", + "items": { + "description": "A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values.", + "properties": { + "key": { + "description": "The label key that the selector applies to.", + "type": "string" + }, + "operator": { + "description": "Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.", + "type": "string" + }, + "values": { + "description": "An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array" + } + }, + "type": "object" + }, + "type": "array" + } + }, + "required": [ + "nodeSelectorTerms" + ], + "type": "object" + } + }, + "type": "object" + }, + "podAffinity": { + "description": "Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s)).", + "properties": { + "preferredDuringSchedulingIgnoredDuringExecution": { + "description": "The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding \"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred.", + "items": { + "description": "The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s)", + "properties": { + "podAffinityTerm": { + "description": "Required. A pod affinity term, associated with the corresponding weight.", + "properties": { + "labelSelector": { + "description": "A label query over a set of resources, in this case pods.", + "properties": { + "matchExpressions": { + "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", + "items": { + "description": "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.", + "properties": { + "key": { + "description": "key is the label key that the selector applies to.", + "type": "string" + }, + "operator": { + "description": "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.", + "type": "string" + }, + "values": { + "description": "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array" + }, + "matchLabels": { + "additionalProperties": { + "type": "string" + }, + "description": "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", + "type": "object" + } + }, + "type": "object" + }, + "namespaceSelector": { + "description": "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means \"this pod's namespace\". An empty selector ({}) matches all namespaces.", + "properties": { + "matchExpressions": { + "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", + "items": { + "description": "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.", + "properties": { + "key": { + "description": "key is the label key that the selector applies to.", + "type": "string" + }, + "operator": { + "description": "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.", + "type": "string" + }, + "values": { + "description": "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array" + }, + "matchLabels": { + "additionalProperties": { + "type": "string" + }, + "description": "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", + "type": "object" + } + }, + "type": "object" + }, + "namespaces": { + "description": "namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means \"this pod's namespace\".", + "items": { + "type": "string" + }, + "type": "array" + }, + "topologyKey": { + "description": "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed.", + "type": "string" + } + }, + "required": [ + "topologyKey" + ], + "type": "object" + }, + "weight": { + "description": "weight associated with matching the corresponding podAffinityTerm, in the range 1-100.", + "format": "int32", + "type": "integer" + } + }, + "required": [ + "podAffinityTerm", + "weight" + ], + "type": "object" + }, + "type": "array" + }, + "requiredDuringSchedulingIgnoredDuringExecution": { + "description": "If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied.", + "items": { + "description": "Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running", + "properties": { + "labelSelector": { + "description": "A label query over a set of resources, in this case pods.", + "properties": { + "matchExpressions": { + "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", + "items": { + "description": "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.", + "properties": { + "key": { + "description": "key is the label key that the selector applies to.", + "type": "string" + }, + "operator": { + "description": "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.", + "type": "string" + }, + "values": { + "description": "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array" + }, + "matchLabels": { + "additionalProperties": { + "type": "string" + }, + "description": "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", + "type": "object" + } + }, + "type": "object" + }, + "namespaceSelector": { + "description": "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means \"this pod's namespace\". An empty selector ({}) matches all namespaces.", + "properties": { + "matchExpressions": { + "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", + "items": { + "description": "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.", + "properties": { + "key": { + "description": "key is the label key that the selector applies to.", + "type": "string" + }, + "operator": { + "description": "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.", + "type": "string" + }, + "values": { + "description": "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array" + }, + "matchLabels": { + "additionalProperties": { + "type": "string" + }, + "description": "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", + "type": "object" + } + }, + "type": "object" + }, + "namespaces": { + "description": "namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means \"this pod's namespace\".", + "items": { + "type": "string" + }, + "type": "array" + }, + "topologyKey": { + "description": "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed.", + "type": "string" + } + }, + "required": [ + "topologyKey" + ], + "type": "object" + }, + "type": "array" + } + }, + "type": "object" + }, + "podAntiAffinity": { + "description": "Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s)).", + "properties": { + "preferredDuringSchedulingIgnoredDuringExecution": { + "description": "The scheduler will prefer to schedule pods to nodes that satisfy the anti-affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling anti-affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding \"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred.", + "items": { + "description": "The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s)", + "properties": { + "podAffinityTerm": { + "description": "Required. A pod affinity term, associated with the corresponding weight.", + "properties": { + "labelSelector": { + "description": "A label query over a set of resources, in this case pods.", + "properties": { + "matchExpressions": { + "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", + "items": { + "description": "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.", + "properties": { + "key": { + "description": "key is the label key that the selector applies to.", + "type": "string" + }, + "operator": { + "description": "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.", + "type": "string" + }, + "values": { + "description": "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array" + }, + "matchLabels": { + "additionalProperties": { + "type": "string" + }, + "description": "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", + "type": "object" + } + }, + "type": "object" + }, + "namespaceSelector": { + "description": "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means \"this pod's namespace\". An empty selector ({}) matches all namespaces.", + "properties": { + "matchExpressions": { + "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", + "items": { + "description": "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.", + "properties": { + "key": { + "description": "key is the label key that the selector applies to.", + "type": "string" + }, + "operator": { + "description": "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.", + "type": "string" + }, + "values": { + "description": "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array" + }, + "matchLabels": { + "additionalProperties": { + "type": "string" + }, + "description": "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", + "type": "object" + } + }, + "type": "object" + }, + "namespaces": { + "description": "namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means \"this pod's namespace\".", + "items": { + "type": "string" + }, + "type": "array" + }, + "topologyKey": { + "description": "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed.", + "type": "string" + } + }, + "required": [ + "topologyKey" + ], + "type": "object" + }, + "weight": { + "description": "weight associated with matching the corresponding podAffinityTerm, in the range 1-100.", + "format": "int32", + "type": "integer" + } + }, + "required": [ + "podAffinityTerm", + "weight" + ], + "type": "object" + }, + "type": "array" + }, + "requiredDuringSchedulingIgnoredDuringExecution": { + "description": "If the anti-affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the anti-affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied.", + "items": { + "description": "Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running", + "properties": { + "labelSelector": { + "description": "A label query over a set of resources, in this case pods.", + "properties": { + "matchExpressions": { + "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", + "items": { + "description": "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.", + "properties": { + "key": { + "description": "key is the label key that the selector applies to.", + "type": "string" + }, + "operator": { + "description": "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.", + "type": "string" + }, + "values": { + "description": "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array" + }, + "matchLabels": { + "additionalProperties": { + "type": "string" + }, + "description": "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", + "type": "object" + } + }, + "type": "object" + }, + "namespaceSelector": { + "description": "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means \"this pod's namespace\". An empty selector ({}) matches all namespaces.", + "properties": { + "matchExpressions": { + "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", + "items": { + "description": "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.", + "properties": { + "key": { + "description": "key is the label key that the selector applies to.", + "type": "string" + }, + "operator": { + "description": "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.", + "type": "string" + }, + "values": { + "description": "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array" + }, + "matchLabels": { + "additionalProperties": { + "type": "string" + }, + "description": "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", + "type": "object" + } + }, + "type": "object" + }, + "namespaces": { + "description": "namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means \"this pod's namespace\".", + "items": { + "type": "string" + }, + "type": "array" + }, + "topologyKey": { + "description": "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed.", + "type": "string" + } + }, + "required": [ + "topologyKey" + ], + "type": "object" + }, + "type": "array" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "livenessProbe": { + "default": { + "failureThreshold": 3, + "initialDelaySeconds": 1, + "periodSeconds": 10, + "successThreshold": 1, + "timeoutSeconds": 1 + }, + "description": "Probe is a interface for ReadinessProbe and LivenessProbe", + "properties": { + "failureThreshold": { + "default": 3, + "format": "int32", + "minimum": 1, + "type": "integer" + }, + "initialDelaySeconds": { + "default": 1, + "format": "int32", + "minimum": 1, + "type": "integer" + }, + "periodSeconds": { + "default": 10, + "format": "int32", + "minimum": 1, + "type": "integer" + }, + "successThreshold": { + "default": 1, + "format": "int32", + "minimum": 1, + "type": "integer" + }, + "timeoutSeconds": { + "default": 1, + "format": "int32", + "minimum": 1, + "type": "integer" + } + }, + "type": "object" + }, + "nodeSelector": { + "additionalProperties": { + "type": "string" + }, + "type": "object" + }, + "pdb": { + "description": "RedisPodDisruptionBudget configure a PodDisruptionBudget on the resource (leader/follower)", + "properties": { + "enabled": { + "type": "boolean" + }, + "maxUnavailable": { + "format": "int32", + "type": "integer" + }, + "minAvailable": { + "format": "int32", + "type": "integer" + } + }, + "type": "object" + }, + "readinessProbe": { + "default": { + "failureThreshold": 3, + "initialDelaySeconds": 1, + "periodSeconds": 10, + "successThreshold": 1, + "timeoutSeconds": 1 + }, + "description": "Probe is a interface for ReadinessProbe and LivenessProbe", + "properties": { + "failureThreshold": { + "default": 3, + "format": "int32", + "minimum": 1, + "type": "integer" + }, + "initialDelaySeconds": { + "default": 1, + "format": "int32", + "minimum": 1, + "type": "integer" + }, + "periodSeconds": { + "default": 10, + "format": "int32", + "minimum": 1, + "type": "integer" + }, + "successThreshold": { + "default": 1, + "format": "int32", + "minimum": 1, + "type": "integer" + }, + "timeoutSeconds": { + "default": 1, + "format": "int32", + "minimum": 1, + "type": "integer" + } + }, + "type": "object" + }, + "redisConfig": { + "description": "RedisConfig defines the external configuration of Redis", + "properties": { + "additionalRedisConfig": { + "type": "string" + } + }, + "type": "object" + }, + "replicas": { + "format": "int32", + "type": "integer" + }, + "tolerations": { + "items": { + "description": "The pod this Toleration is attached to tolerates any taint that matches the triple using the matching operator .", + "properties": { + "effect": { + "description": "Effect indicates the taint effect to match. Empty means match all taint effects. When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute.", + "type": "string" + }, + "key": { + "description": "Key is the taint key that the toleration applies to. Empty means match all taint keys. If the key is empty, operator must be Exists; this combination means to match all values and all keys.", + "type": "string" + }, + "operator": { + "description": "Operator represents a key's relationship to the value. Valid operators are Exists and Equal. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category.", + "type": "string" + }, + "tolerationSeconds": { + "description": "TolerationSeconds represents the period of time the toleration (which must be of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, it is not set, which means tolerate the taint forever (do not evict). Zero and negative values will be treated as 0 (evict immediately) by the system.", + "format": "int64", + "type": "integer" + }, + "value": { + "description": "Value is the taint value the toleration matches to. If the operator is Exists, the value should be empty, otherwise just a regular string.", + "type": "string" + } + }, + "type": "object" + }, + "type": "array" + } + }, + "type": "object" + }, + "redisLeader": { + "default": { + "livenessProbe": { + "failureThreshold": 3, + "initialDelaySeconds": 1, + "periodSeconds": 10, + "successThreshold": 1, + "timeoutSeconds": 1 + }, + "readinessProbe": { + "failureThreshold": 3, + "initialDelaySeconds": 1, + "periodSeconds": 10, + "successThreshold": 1, + "timeoutSeconds": 1 + } + }, + "description": "RedisLeader interface will have the redis leader configuration", + "properties": { + "affinity": { + "description": "Affinity is a group of affinity scheduling rules.", + "properties": { + "nodeAffinity": { + "description": "Describes node affinity scheduling rules for the pod.", + "properties": { + "preferredDuringSchedulingIgnoredDuringExecution": { + "description": "The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding \"weight\" to the sum if the node matches the corresponding matchExpressions; the node(s) with the highest sum are the most preferred.", + "items": { + "description": "An empty preferred scheduling term matches all objects with implicit weight 0 (i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op).", + "properties": { + "preference": { + "description": "A node selector term, associated with the corresponding weight.", + "properties": { + "matchExpressions": { + "description": "A list of node selector requirements by node's labels.", + "items": { + "description": "A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values.", + "properties": { + "key": { + "description": "The label key that the selector applies to.", + "type": "string" + }, + "operator": { + "description": "Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.", + "type": "string" + }, + "values": { + "description": "An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array" + }, + "matchFields": { + "description": "A list of node selector requirements by node's fields.", + "items": { + "description": "A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values.", + "properties": { + "key": { + "description": "The label key that the selector applies to.", + "type": "string" + }, + "operator": { + "description": "Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.", + "type": "string" + }, + "values": { + "description": "An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array" + } + }, + "type": "object" + }, + "weight": { + "description": "Weight associated with matching the corresponding nodeSelectorTerm, in the range 1-100.", + "format": "int32", + "type": "integer" + } + }, + "required": [ + "preference", + "weight" + ], + "type": "object" + }, + "type": "array" + }, + "requiredDuringSchedulingIgnoredDuringExecution": { + "description": "If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to an update), the system may or may not try to eventually evict the pod from its node.", + "properties": { + "nodeSelectorTerms": { + "description": "Required. A list of node selector terms. The terms are ORed.", + "items": { + "description": "A null or empty node selector term matches no objects. The requirements of them are ANDed. The TopologySelectorTerm type implements a subset of the NodeSelectorTerm.", + "properties": { + "matchExpressions": { + "description": "A list of node selector requirements by node's labels.", + "items": { + "description": "A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values.", + "properties": { + "key": { + "description": "The label key that the selector applies to.", + "type": "string" + }, + "operator": { + "description": "Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.", + "type": "string" + }, + "values": { + "description": "An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array" + }, + "matchFields": { + "description": "A list of node selector requirements by node's fields.", + "items": { + "description": "A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values.", + "properties": { + "key": { + "description": "The label key that the selector applies to.", + "type": "string" + }, + "operator": { + "description": "Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.", + "type": "string" + }, + "values": { + "description": "An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array" + } + }, + "type": "object" + }, + "type": "array" + } + }, + "required": [ + "nodeSelectorTerms" + ], + "type": "object" + } + }, + "type": "object" + }, + "podAffinity": { + "description": "Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s)).", + "properties": { + "preferredDuringSchedulingIgnoredDuringExecution": { + "description": "The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding \"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred.", + "items": { + "description": "The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s)", + "properties": { + "podAffinityTerm": { + "description": "Required. A pod affinity term, associated with the corresponding weight.", + "properties": { + "labelSelector": { + "description": "A label query over a set of resources, in this case pods.", + "properties": { + "matchExpressions": { + "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", + "items": { + "description": "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.", + "properties": { + "key": { + "description": "key is the label key that the selector applies to.", + "type": "string" + }, + "operator": { + "description": "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.", + "type": "string" + }, + "values": { + "description": "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array" + }, + "matchLabels": { + "additionalProperties": { + "type": "string" + }, + "description": "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", + "type": "object" + } + }, + "type": "object" + }, + "namespaceSelector": { + "description": "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means \"this pod's namespace\". An empty selector ({}) matches all namespaces.", + "properties": { + "matchExpressions": { + "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", + "items": { + "description": "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.", + "properties": { + "key": { + "description": "key is the label key that the selector applies to.", + "type": "string" + }, + "operator": { + "description": "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.", + "type": "string" + }, + "values": { + "description": "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array" + }, + "matchLabels": { + "additionalProperties": { + "type": "string" + }, + "description": "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", + "type": "object" + } + }, + "type": "object" + }, + "namespaces": { + "description": "namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means \"this pod's namespace\".", + "items": { + "type": "string" + }, + "type": "array" + }, + "topologyKey": { + "description": "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed.", + "type": "string" + } + }, + "required": [ + "topologyKey" + ], + "type": "object" + }, + "weight": { + "description": "weight associated with matching the corresponding podAffinityTerm, in the range 1-100.", + "format": "int32", + "type": "integer" + } + }, + "required": [ + "podAffinityTerm", + "weight" + ], + "type": "object" + }, + "type": "array" + }, + "requiredDuringSchedulingIgnoredDuringExecution": { + "description": "If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied.", + "items": { + "description": "Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running", + "properties": { + "labelSelector": { + "description": "A label query over a set of resources, in this case pods.", + "properties": { + "matchExpressions": { + "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", + "items": { + "description": "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.", + "properties": { + "key": { + "description": "key is the label key that the selector applies to.", + "type": "string" + }, + "operator": { + "description": "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.", + "type": "string" + }, + "values": { + "description": "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array" + }, + "matchLabels": { + "additionalProperties": { + "type": "string" + }, + "description": "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", + "type": "object" + } + }, + "type": "object" + }, + "namespaceSelector": { + "description": "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means \"this pod's namespace\". An empty selector ({}) matches all namespaces.", + "properties": { + "matchExpressions": { + "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", + "items": { + "description": "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.", + "properties": { + "key": { + "description": "key is the label key that the selector applies to.", + "type": "string" + }, + "operator": { + "description": "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.", + "type": "string" + }, + "values": { + "description": "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array" + }, + "matchLabels": { + "additionalProperties": { + "type": "string" + }, + "description": "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", + "type": "object" + } + }, + "type": "object" + }, + "namespaces": { + "description": "namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means \"this pod's namespace\".", + "items": { + "type": "string" + }, + "type": "array" + }, + "topologyKey": { + "description": "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed.", + "type": "string" + } + }, + "required": [ + "topologyKey" + ], + "type": "object" + }, + "type": "array" + } + }, + "type": "object" + }, + "podAntiAffinity": { + "description": "Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s)).", + "properties": { + "preferredDuringSchedulingIgnoredDuringExecution": { + "description": "The scheduler will prefer to schedule pods to nodes that satisfy the anti-affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling anti-affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding \"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred.", + "items": { + "description": "The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s)", + "properties": { + "podAffinityTerm": { + "description": "Required. A pod affinity term, associated with the corresponding weight.", + "properties": { + "labelSelector": { + "description": "A label query over a set of resources, in this case pods.", + "properties": { + "matchExpressions": { + "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", + "items": { + "description": "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.", + "properties": { + "key": { + "description": "key is the label key that the selector applies to.", + "type": "string" + }, + "operator": { + "description": "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.", + "type": "string" + }, + "values": { + "description": "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array" + }, + "matchLabels": { + "additionalProperties": { + "type": "string" + }, + "description": "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", + "type": "object" + } + }, + "type": "object" + }, + "namespaceSelector": { + "description": "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means \"this pod's namespace\". An empty selector ({}) matches all namespaces.", + "properties": { + "matchExpressions": { + "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", + "items": { + "description": "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.", + "properties": { + "key": { + "description": "key is the label key that the selector applies to.", + "type": "string" + }, + "operator": { + "description": "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.", + "type": "string" + }, + "values": { + "description": "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array" + }, + "matchLabels": { + "additionalProperties": { + "type": "string" + }, + "description": "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", + "type": "object" + } + }, + "type": "object" + }, + "namespaces": { + "description": "namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means \"this pod's namespace\".", + "items": { + "type": "string" + }, + "type": "array" + }, + "topologyKey": { + "description": "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed.", + "type": "string" + } + }, + "required": [ + "topologyKey" + ], + "type": "object" + }, + "weight": { + "description": "weight associated with matching the corresponding podAffinityTerm, in the range 1-100.", + "format": "int32", + "type": "integer" + } + }, + "required": [ + "podAffinityTerm", + "weight" + ], + "type": "object" + }, + "type": "array" + }, + "requiredDuringSchedulingIgnoredDuringExecution": { + "description": "If the anti-affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the anti-affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied.", + "items": { + "description": "Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running", + "properties": { + "labelSelector": { + "description": "A label query over a set of resources, in this case pods.", + "properties": { + "matchExpressions": { + "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", + "items": { + "description": "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.", + "properties": { + "key": { + "description": "key is the label key that the selector applies to.", + "type": "string" + }, + "operator": { + "description": "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.", + "type": "string" + }, + "values": { + "description": "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array" + }, + "matchLabels": { + "additionalProperties": { + "type": "string" + }, + "description": "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", + "type": "object" + } + }, + "type": "object" + }, + "namespaceSelector": { + "description": "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means \"this pod's namespace\". An empty selector ({}) matches all namespaces.", + "properties": { + "matchExpressions": { + "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", + "items": { + "description": "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.", + "properties": { + "key": { + "description": "key is the label key that the selector applies to.", + "type": "string" + }, + "operator": { + "description": "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.", + "type": "string" + }, + "values": { + "description": "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array" + }, + "matchLabels": { + "additionalProperties": { + "type": "string" + }, + "description": "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", + "type": "object" + } + }, + "type": "object" + }, + "namespaces": { + "description": "namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means \"this pod's namespace\".", + "items": { + "type": "string" + }, + "type": "array" + }, + "topologyKey": { + "description": "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed.", + "type": "string" + } + }, + "required": [ + "topologyKey" + ], + "type": "object" + }, + "type": "array" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "livenessProbe": { + "default": { + "failureThreshold": 3, + "initialDelaySeconds": 1, + "periodSeconds": 10, + "successThreshold": 1, + "timeoutSeconds": 1 + }, + "description": "Probe is a interface for ReadinessProbe and LivenessProbe", + "properties": { + "failureThreshold": { + "default": 3, + "format": "int32", + "minimum": 1, + "type": "integer" + }, + "initialDelaySeconds": { + "default": 1, + "format": "int32", + "minimum": 1, + "type": "integer" + }, + "periodSeconds": { + "default": 10, + "format": "int32", + "minimum": 1, + "type": "integer" + }, + "successThreshold": { + "default": 1, + "format": "int32", + "minimum": 1, + "type": "integer" + }, + "timeoutSeconds": { + "default": 1, + "format": "int32", + "minimum": 1, + "type": "integer" + } + }, + "type": "object" + }, + "nodeSelector": { + "additionalProperties": { + "type": "string" + }, + "type": "object" + }, + "pdb": { + "description": "RedisPodDisruptionBudget configure a PodDisruptionBudget on the resource (leader/follower)", + "properties": { + "enabled": { + "type": "boolean" + }, + "maxUnavailable": { + "format": "int32", + "type": "integer" + }, + "minAvailable": { + "format": "int32", + "type": "integer" + } + }, + "type": "object" + }, + "readinessProbe": { + "default": { + "failureThreshold": 3, + "initialDelaySeconds": 1, + "periodSeconds": 10, + "successThreshold": 1, + "timeoutSeconds": 1 + }, + "description": "Probe is a interface for ReadinessProbe and LivenessProbe", + "properties": { + "failureThreshold": { + "default": 3, + "format": "int32", + "minimum": 1, + "type": "integer" + }, + "initialDelaySeconds": { + "default": 1, + "format": "int32", + "minimum": 1, + "type": "integer" + }, + "periodSeconds": { + "default": 10, + "format": "int32", + "minimum": 1, + "type": "integer" + }, + "successThreshold": { + "default": 1, + "format": "int32", + "minimum": 1, + "type": "integer" + }, + "timeoutSeconds": { + "default": 1, + "format": "int32", + "minimum": 1, + "type": "integer" + } + }, + "type": "object" + }, + "redisConfig": { + "description": "RedisConfig defines the external configuration of Redis", + "properties": { + "additionalRedisConfig": { + "type": "string" + } + }, + "type": "object" + }, + "replicas": { + "format": "int32", + "type": "integer" + }, + "tolerations": { + "items": { + "description": "The pod this Toleration is attached to tolerates any taint that matches the triple using the matching operator .", + "properties": { + "effect": { + "description": "Effect indicates the taint effect to match. Empty means match all taint effects. When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute.", + "type": "string" + }, + "key": { + "description": "Key is the taint key that the toleration applies to. Empty means match all taint keys. If the key is empty, operator must be Exists; this combination means to match all values and all keys.", + "type": "string" + }, + "operator": { + "description": "Operator represents a key's relationship to the value. Valid operators are Exists and Equal. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category.", + "type": "string" + }, + "tolerationSeconds": { + "description": "TolerationSeconds represents the period of time the toleration (which must be of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, it is not set, which means tolerate the taint forever (do not evict). Zero and negative values will be treated as 0 (evict immediately) by the system.", + "format": "int64", + "type": "integer" + }, + "value": { + "description": "Value is the taint value the toleration matches to. If the operator is Exists, the value should be empty, otherwise just a regular string.", + "type": "string" + } + }, + "type": "object" + }, + "type": "array" + } + }, + "type": "object" + }, + "resources": { + "description": "ResourceRequirements describes the compute resource requirements.", + "properties": { + "claims": { + "description": "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers.", + "items": { + "description": "ResourceClaim references one entry in PodSpec.ResourceClaims.", + "properties": { + "name": { + "description": "Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container.", + "type": "string" + } + }, + "required": [ + "name" + ], + "type": "object" + }, + "type": "array", + "x-kubernetes-list-map-keys": [ + "name" + ], + "x-kubernetes-list-type": "map" + }, + "limits": { + "additionalProperties": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "description": "Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/", + "type": "object" + }, + "requests": { + "additionalProperties": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "description": "Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/", + "type": "object" + } + }, + "type": "object" + }, + "securityContext": { + "description": "PodSecurityContext holds pod-level security attributes and common container settings. Some fields are also present in container.securityContext. Field values of container.securityContext take precedence over field values of PodSecurityContext.", + "properties": { + "fsGroup": { + "description": "A special supplemental group that applies to all containers in a pod. Some volume types allow the Kubelet to change the ownership of that volume to be owned by the pod: \n 1. The owning GID will be the FSGroup 2. The setgid bit is set (new files created in the volume will be owned by FSGroup) 3. The permission bits are OR'd with rw-rw---- \n If unset, the Kubelet will not modify the ownership and permissions of any volume. Note that this field cannot be set when spec.os.name is windows.", + "format": "int64", + "type": "integer" + }, + "fsGroupChangePolicy": { + "description": "fsGroupChangePolicy defines behavior of changing ownership and permission of the volume before being exposed inside Pod. This field will only apply to volume types which support fsGroup based ownership(and permissions). It will have no effect on ephemeral volume types such as: secret, configmaps and emptydir. Valid values are \"OnRootMismatch\" and \"Always\". If not specified, \"Always\" is used. Note that this field cannot be set when spec.os.name is windows.", + "type": "string" + }, + "runAsGroup": { + "description": "The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container. Note that this field cannot be set when spec.os.name is windows.", + "format": "int64", + "type": "integer" + }, + "runAsNonRoot": { + "description": "Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.", + "type": "boolean" + }, + "runAsUser": { + "description": "The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container. Note that this field cannot be set when spec.os.name is windows.", + "format": "int64", + "type": "integer" + }, + "seLinuxOptions": { + "description": "The SELinux context to be applied to all containers. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container. Note that this field cannot be set when spec.os.name is windows.", + "properties": { + "level": { + "description": "Level is SELinux level label that applies to the container.", + "type": "string" + }, + "role": { + "description": "Role is a SELinux role label that applies to the container.", + "type": "string" + }, + "type": { + "description": "Type is a SELinux type label that applies to the container.", + "type": "string" + }, + "user": { + "description": "User is a SELinux user label that applies to the container.", + "type": "string" + } + }, + "type": "object" + }, + "seccompProfile": { + "description": "The seccomp options to use by the containers in this pod. Note that this field cannot be set when spec.os.name is windows.", + "properties": { + "localhostProfile": { + "description": "localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must be set if type is \"Localhost\". Must NOT be set for any other type.", + "type": "string" + }, + "type": { + "description": "type indicates which kind of seccomp profile will be applied. Valid options are: \n Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied.", + "type": "string" + } + }, + "required": [ + "type" + ], + "type": "object" + }, + "supplementalGroups": { + "description": "A list of groups applied to the first process run in each container, in addition to the container's primary GID, the fsGroup (if specified), and group memberships defined in the container image for the uid of the container process. If unspecified, no additional groups are added to any container. Note that group memberships defined in the container image for the uid of the container process are still effective, even if they are not included in this list. Note that this field cannot be set when spec.os.name is windows.", + "items": { + "format": "int64", + "type": "integer" + }, + "type": "array" + }, + "sysctls": { + "description": "Sysctls hold a list of namespaced sysctls used for the pod. Pods with unsupported sysctls (by the container runtime) might fail to launch. Note that this field cannot be set when spec.os.name is windows.", + "items": { + "description": "Sysctl defines a kernel parameter to be set", + "properties": { + "name": { + "description": "Name of a property to set", + "type": "string" + }, + "value": { + "description": "Value of a property to set", + "type": "string" + } + }, + "required": [ + "name", + "value" + ], + "type": "object" + }, + "type": "array" + }, + "windowsOptions": { + "description": "The Windows specific settings applied to all containers. If unspecified, the options within a container's SecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is linux.", + "properties": { + "gmsaCredentialSpec": { + "description": "GMSACredentialSpec is where the GMSA admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the GMSA credential spec named by the GMSACredentialSpecName field.", + "type": "string" + }, + "gmsaCredentialSpecName": { + "description": "GMSACredentialSpecName is the name of the GMSA credential spec to use.", + "type": "string" + }, + "hostProcess": { + "description": "HostProcess determines if a container should be run as a 'Host Process' container. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.", + "type": "boolean" + }, + "runAsUserName": { + "description": "The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.", + "type": "string" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "serviceAccountName": { + "type": "string" + }, + "sidecars": { + "items": { + "description": "Sidecar for each Redis pods", + "properties": { + "env": { + "items": { + "description": "EnvVar represents an environment variable present in a Container.", + "properties": { + "name": { + "description": "Name of the environment variable. Must be a C_IDENTIFIER.", + "type": "string" + }, + "value": { + "description": "Variable references $(VAR_NAME) are expanded using the previously defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to \"\".", + "type": "string" + }, + "valueFrom": { + "description": "Source for the environment variable's value. Cannot be used if value is not empty.", + "properties": { + "configMapKeyRef": { + "description": "Selects a key of a ConfigMap.", + "properties": { + "key": { + "description": "The key to select.", + "type": "string" + }, + "name": { + "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?", + "type": "string" + }, + "optional": { + "description": "Specify whether the ConfigMap or its key must be defined", + "type": "boolean" + } + }, + "required": [ + "key" + ], + "type": "object" + }, + "fieldRef": { + "description": "Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs.", + "properties": { + "apiVersion": { + "description": "Version of the schema the FieldPath is written in terms of, defaults to \"v1\".", + "type": "string" + }, + "fieldPath": { + "description": "Path of the field to select in the specified API version.", + "type": "string" + } + }, + "required": [ + "fieldPath" + ], + "type": "object" + }, + "resourceFieldRef": { + "description": "Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported.", + "properties": { + "containerName": { + "description": "Container name: required for volumes, optional for env vars", + "type": "string" + }, + "divisor": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "description": "Specifies the output format of the exposed resources, defaults to \"1\"", + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "resource": { + "description": "Required: resource to select", + "type": "string" + } + }, + "required": [ + "resource" + ], + "type": "object" + }, + "secretKeyRef": { + "description": "Selects a key of a secret in the pod's namespace", + "properties": { + "key": { + "description": "The key of the secret to select from. Must be a valid secret key.", + "type": "string" + }, + "name": { + "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?", + "type": "string" + }, + "optional": { + "description": "Specify whether the Secret or its key must be defined", + "type": "boolean" + } + }, + "required": [ + "key" + ], + "type": "object" + } + }, + "type": "object" + } + }, + "required": [ + "name" + ], + "type": "object" + }, + "type": "array" + }, + "image": { + "type": "string" + }, + "imagePullPolicy": { + "description": "PullPolicy describes a policy for if/when to pull a container image", + "type": "string" + }, + "name": { + "type": "string" + }, + "resources": { + "description": "ResourceRequirements describes the compute resource requirements.", + "properties": { + "claims": { + "description": "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers.", + "items": { + "description": "ResourceClaim references one entry in PodSpec.ResourceClaims.", + "properties": { + "name": { + "description": "Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container.", + "type": "string" + } + }, + "required": [ + "name" + ], + "type": "object" + }, + "type": "array", + "x-kubernetes-list-map-keys": [ + "name" + ], + "x-kubernetes-list-type": "map" + }, + "limits": { + "additionalProperties": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "description": "Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/", + "type": "object" + }, + "requests": { + "additionalProperties": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "description": "Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/", + "type": "object" + } + }, + "type": "object" + } + }, + "required": [ + "image", + "name" + ], + "type": "object" + }, + "type": "array" + }, + "storage": { + "description": "Storage is the inteface to add pvc and pv support in redis", + "properties": { + "keepAfterDelete": { + "type": "boolean" + }, + "volumeClaimTemplate": { + "description": "PersistentVolumeClaim is a user's request for and claim to a persistent volume", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", + "type": "string" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "description": "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata", + "type": "object" + }, + "spec": { + "description": "spec defines the desired characteristics of a volume requested by a pod author. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims", + "properties": { + "accessModes": { + "description": "accessModes contains the desired access modes the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1", + "items": { + "type": "string" + }, + "type": "array" + }, + "dataSource": { + "description": "dataSource field can be used to specify either: * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) * An existing PVC (PersistentVolumeClaim) If the provisioner or an external controller can support the specified data source, it will create a new volume based on the contents of the specified data source. When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. If the namespace is specified, then dataSourceRef will not be copied to dataSource.", + "properties": { + "apiGroup": { + "description": "APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required.", + "type": "string" + }, + "kind": { + "description": "Kind is the type of resource being referenced", + "type": "string" + }, + "name": { + "description": "Name is the name of resource being referenced", + "type": "string" + } + }, + "required": [ + "kind", + "name" + ], + "type": "object" + }, + "dataSourceRef": { + "description": "dataSourceRef specifies the object from which to populate the volume with data, if a non-empty volume is desired. This may be any object from a non-empty API group (non core object) or a PersistentVolumeClaim object. When this field is specified, volume binding will only succeed if the type of the specified object matches some installed volume populator or dynamic provisioner. This field will replace the functionality of the dataSource field and as such if both fields are non-empty, they must have the same value. For backwards compatibility, when namespace isn't specified in dataSourceRef, both fields (dataSource and dataSourceRef) will be set to the same value automatically if one of them is empty and the other is non-empty. When namespace is specified in dataSourceRef, dataSource isn't set to the same value and must be empty. There are three important differences between dataSource and dataSourceRef: * While dataSource only allows two specific types of objects, dataSourceRef allows any non-core object, as well as PersistentVolumeClaim objects. * While dataSource ignores disallowed values (dropping them), dataSourceRef preserves all values, and generates an error if a disallowed value is specified. * While dataSource only allows local objects, dataSourceRef allows objects in any namespaces. (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled.", + "properties": { + "apiGroup": { + "description": "APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required.", + "type": "string" + }, + "kind": { + "description": "Kind is the type of resource being referenced", + "type": "string" + }, + "name": { + "description": "Name is the name of resource being referenced", + "type": "string" + }, + "namespace": { + "description": "Namespace is the namespace of resource being referenced Note that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details. (Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled.", + "type": "string" + } + }, + "required": [ + "kind", + "name" + ], + "type": "object" + }, + "resources": { + "description": "resources represents the minimum resources the volume should have. If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements that are lower than previous value but must still be higher than capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources", + "properties": { + "claims": { + "description": "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers.", + "items": { + "description": "ResourceClaim references one entry in PodSpec.ResourceClaims.", + "properties": { + "name": { + "description": "Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container.", + "type": "string" + } + }, + "required": [ + "name" + ], + "type": "object" + }, + "type": "array", + "x-kubernetes-list-map-keys": [ + "name" + ], + "x-kubernetes-list-type": "map" + }, + "limits": { + "additionalProperties": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "description": "Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/", + "type": "object" + }, + "requests": { + "additionalProperties": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "description": "Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/", + "type": "object" + } + }, + "type": "object" + }, + "selector": { + "description": "selector is a label query over volumes to consider for binding.", + "properties": { + "matchExpressions": { + "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", + "items": { + "description": "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.", + "properties": { + "key": { + "description": "key is the label key that the selector applies to.", + "type": "string" + }, + "operator": { + "description": "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.", + "type": "string" + }, + "values": { + "description": "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array" + }, + "matchLabels": { + "additionalProperties": { + "type": "string" + }, + "description": "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", + "type": "object" + } + }, + "type": "object" + }, + "storageClassName": { + "description": "storageClassName is the name of the StorageClass required by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1", + "type": "string" + }, + "volumeMode": { + "description": "volumeMode defines what type of volume is required by the claim. Value of Filesystem is implied when not included in claim spec.", + "type": "string" + }, + "volumeName": { + "description": "volumeName is the binding reference to the PersistentVolume backing this claim.", + "type": "string" + } + }, + "type": "object" + }, + "status": { + "description": "status represents the current information/status of a persistent volume claim. Read-only. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims", + "properties": { + "accessModes": { + "description": "accessModes contains the actual access modes the volume backing the PVC has. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1", + "items": { + "type": "string" + }, + "type": "array" + }, + "allocatedResourceStatuses": { + "additionalProperties": { + "description": "When a controller receives persistentvolume claim update with ClaimResourceStatus for a resource that it does not recognizes, then it should ignore that update and let other controllers handle it.", + "type": "string" + }, + "description": "allocatedResourceStatuses stores status of resource being resized for the given PVC. Key names follow standard Kubernetes label syntax. Valid values are either: \t* Un-prefixed keys: \t\t- storage - the capacity of the volume. \t* Custom resources must use implementation-defined prefixed names such as \"example.com/my-custom-resource\" Apart from above values - keys that are unprefixed or have kubernetes.io prefix are considered reserved and hence may not be used. \n ClaimResourceStatus can be in any of following states: \t- ControllerResizeInProgress: \t\tState set when resize controller starts resizing the volume in control-plane. \t- ControllerResizeFailed: \t\tState set when resize has failed in resize controller with a terminal error. \t- NodeResizePending: \t\tState set when resize controller has finished resizing the volume but further resizing of \t\tvolume is needed on the node. \t- NodeResizeInProgress: \t\tState set when kubelet starts resizing the volume. \t- NodeResizeFailed: \t\tState set when resizing has failed in kubelet with a terminal error. Transient errors don't set \t\tNodeResizeFailed. For example: if expanding a PVC for more capacity - this field can be one of the following states: \t- pvc.status.allocatedResourceStatus['storage'] = \"ControllerResizeInProgress\" - pvc.status.allocatedResourceStatus['storage'] = \"ControllerResizeFailed\" - pvc.status.allocatedResourceStatus['storage'] = \"NodeResizePending\" - pvc.status.allocatedResourceStatus['storage'] = \"NodeResizeInProgress\" - pvc.status.allocatedResourceStatus['storage'] = \"NodeResizeFailed\" When this field is not set, it means that no resize operation is in progress for the given PVC. \n A controller that receives PVC update with previously unknown resourceName or ClaimResourceStatus should ignore the update for the purpose it was designed. For example - a controller that only is responsible for resizing capacity of the volume, should ignore PVC updates that change other valid resources associated with PVC. \n This is an alpha field and requires enabling RecoverVolumeExpansionFailure feature.", + "type": "object", + "x-kubernetes-map-type": "granular" + }, + "allocatedResources": { + "additionalProperties": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "description": "allocatedResources tracks the resources allocated to a PVC including its capacity. Key names follow standard Kubernetes label syntax. Valid values are either: \t* Un-prefixed keys: \t\t- storage - the capacity of the volume. \t* Custom resources must use implementation-defined prefixed names such as \"example.com/my-custom-resource\" Apart from above values - keys that are unprefixed or have kubernetes.io prefix are considered reserved and hence may not be used. \n Capacity reported here may be larger than the actual capacity when a volume expansion operation is requested. For storage quota, the larger value from allocatedResources and PVC.spec.resources is used. If allocatedResources is not set, PVC.spec.resources alone is used for quota calculation. If a volume expansion capacity request is lowered, allocatedResources is only lowered if there are no expansion operations in progress and if the actual volume capacity is equal or lower than the requested capacity. \n A controller that receives PVC update with previously unknown resourceName should ignore the update for the purpose it was designed. For example - a controller that only is responsible for resizing capacity of the volume, should ignore PVC updates that change other valid resources associated with PVC. \n This is an alpha field and requires enabling RecoverVolumeExpansionFailure feature.", + "type": "object" + }, + "capacity": { + "additionalProperties": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "description": "capacity represents the actual resources of the underlying volume.", + "type": "object" + }, + "conditions": { + "description": "conditions is the current Condition of persistent volume claim. If underlying persistent volume is being resized then the Condition will be set to 'ResizeStarted'.", + "items": { + "description": "PersistentVolumeClaimCondition contains details about state of pvc", + "properties": { + "lastProbeTime": { + "description": "lastProbeTime is the time we probed the condition.", + "format": "date-time", + "type": "string" + }, + "lastTransitionTime": { + "description": "lastTransitionTime is the time the condition transitioned from one status to another.", + "format": "date-time", + "type": "string" + }, + "message": { + "description": "message is the human-readable message indicating details about last transition.", + "type": "string" + }, + "reason": { + "description": "reason is a unique, this should be a short, machine understandable string that gives the reason for condition's last transition. If it reports \"ResizeStarted\" that means the underlying persistent volume is being resized.", + "type": "string" + }, + "status": { + "type": "string" + }, + "type": { + "description": "PersistentVolumeClaimConditionType is a valid value of PersistentVolumeClaimCondition.Type", + "type": "string" + } + }, + "required": [ + "status", + "type" + ], + "type": "object" + }, + "type": "array" + }, + "phase": { + "description": "phase represents the current phase of PersistentVolumeClaim.", + "type": "string" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "volumeMount": { + "description": "Additional Volume is provided by user that is mounted on the pods", + "properties": { + "mountPath": { + "items": { + "description": "VolumeMount describes a mounting of a Volume within a container.", + "properties": { + "mountPath": { + "description": "Path within the container at which the volume should be mounted. Must not contain ':'.", + "type": "string" + }, + "mountPropagation": { + "description": "mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationNone is used. This field is beta in 1.10.", + "type": "string" + }, + "name": { + "description": "This must match the Name of a Volume.", + "type": "string" + }, + "readOnly": { + "description": "Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false.", + "type": "boolean" + }, + "subPath": { + "description": "Path within the volume from which the container's volume should be mounted. Defaults to \"\" (volume's root).", + "type": "string" + }, + "subPathExpr": { + "description": "Expanded path within the volume from which the container's volume should be mounted. Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. Defaults to \"\" (volume's root). SubPathExpr and SubPath are mutually exclusive.", + "type": "string" + } + }, + "required": [ + "mountPath", + "name" + ], + "type": "object" + }, + "type": "array" + }, + "volume": { + "items": { + "description": "Volume represents a named volume in a pod that may be accessed by any container in the pod.", + "properties": { + "awsElasticBlockStore": { + "description": "awsElasticBlockStore represents an AWS Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore", + "properties": { + "fsType": { + "description": "fsType is the filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore TODO: how do we prevent errors in the filesystem from compromising the machine", + "type": "string" + }, + "partition": { + "description": "partition is the partition in the volume that you want to mount. If omitted, the default is to mount by volume name. Examples: For volume /dev/sda1, you specify the partition as \"1\". Similarly, the volume partition for /dev/sda is \"0\" (or you can leave the property empty).", + "format": "int32", + "type": "integer" + }, + "readOnly": { + "description": "readOnly value true will force the readOnly setting in VolumeMounts. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore", + "type": "boolean" + }, + "volumeID": { + "description": "volumeID is unique ID of the persistent disk resource in AWS (Amazon EBS volume). More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore", + "type": "string" + } + }, + "required": [ + "volumeID" + ], + "type": "object" + }, + "azureDisk": { + "description": "azureDisk represents an Azure Data Disk mount on the host and bind mount to the pod.", + "properties": { + "cachingMode": { + "description": "cachingMode is the Host Caching mode: None, Read Only, Read Write.", + "type": "string" + }, + "diskName": { + "description": "diskName is the Name of the data disk in the blob storage", + "type": "string" + }, + "diskURI": { + "description": "diskURI is the URI of data disk in the blob storage", + "type": "string" + }, + "fsType": { + "description": "fsType is Filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.", + "type": "string" + }, + "kind": { + "description": "kind expected values are Shared: multiple blob disks per storage account Dedicated: single blob disk per storage account Managed: azure managed data disk (only in managed availability set). defaults to shared", + "type": "string" + }, + "readOnly": { + "description": "readOnly Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts.", + "type": "boolean" + } + }, + "required": [ + "diskName", + "diskURI" + ], + "type": "object" + }, + "azureFile": { + "description": "azureFile represents an Azure File Service mount on the host and bind mount to the pod.", + "properties": { + "readOnly": { + "description": "readOnly defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts.", + "type": "boolean" + }, + "secretName": { + "description": "secretName is the name of secret that contains Azure Storage Account Name and Key", + "type": "string" + }, + "shareName": { + "description": "shareName is the azure share Name", + "type": "string" + } + }, + "required": [ + "secretName", + "shareName" + ], + "type": "object" + }, + "cephfs": { + "description": "cephFS represents a Ceph FS mount on the host that shares a pod's lifetime", + "properties": { + "monitors": { + "description": "monitors is Required: Monitors is a collection of Ceph monitors More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it", + "items": { + "type": "string" + }, + "type": "array" + }, + "path": { + "description": "path is Optional: Used as the mounted root, rather than the full Ceph tree, default is /", + "type": "string" + }, + "readOnly": { + "description": "readOnly is Optional: Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it", + "type": "boolean" + }, + "secretFile": { + "description": "secretFile is Optional: SecretFile is the path to key ring for User, default is /etc/ceph/user.secret More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it", + "type": "string" + }, + "secretRef": { + "description": "secretRef is Optional: SecretRef is reference to the authentication secret for User, default is empty. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it", + "properties": { + "name": { + "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?", + "type": "string" + } + }, + "type": "object" + }, + "user": { + "description": "user is optional: User is the rados user name, default is admin More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it", + "type": "string" + } + }, + "required": [ + "monitors" + ], + "type": "object" + }, + "cinder": { + "description": "cinder represents a cinder volume attached and mounted on kubelets host machine. More info: https://examples.k8s.io/mysql-cinder-pd/README.md", + "properties": { + "fsType": { + "description": "fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Examples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified. More info: https://examples.k8s.io/mysql-cinder-pd/README.md", + "type": "string" + }, + "readOnly": { + "description": "readOnly defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts. More info: https://examples.k8s.io/mysql-cinder-pd/README.md", + "type": "boolean" + }, + "secretRef": { + "description": "secretRef is optional: points to a secret object containing parameters used to connect to OpenStack.", + "properties": { + "name": { + "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?", + "type": "string" + } + }, + "type": "object" + }, + "volumeID": { + "description": "volumeID used to identify the volume in cinder. More info: https://examples.k8s.io/mysql-cinder-pd/README.md", + "type": "string" + } + }, + "required": [ + "volumeID" + ], + "type": "object" + }, + "configMap": { + "description": "configMap represents a configMap that should populate this volume", + "properties": { + "defaultMode": { + "description": "defaultMode is optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.", + "format": "int32", + "type": "integer" + }, + "items": { + "description": "items if unspecified, each key-value pair in the Data field of the referenced ConfigMap will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the ConfigMap, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'.", + "items": { + "description": "Maps a string key to a path within a volume.", + "properties": { + "key": { + "description": "key is the key to project.", + "type": "string" + }, + "mode": { + "description": "mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.", + "format": "int32", + "type": "integer" + }, + "path": { + "description": "path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'.", + "type": "string" + } + }, + "required": [ + "key", + "path" + ], + "type": "object" + }, + "type": "array" + }, + "name": { + "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?", + "type": "string" + }, + "optional": { + "description": "optional specify whether the ConfigMap or its keys must be defined", + "type": "boolean" + } + }, + "type": "object" + }, + "csi": { + "description": "csi (Container Storage Interface) represents ephemeral storage that is handled by certain external CSI drivers (Beta feature).", + "properties": { + "driver": { + "description": "driver is the name of the CSI driver that handles this volume. Consult with your admin for the correct name as registered in the cluster.", + "type": "string" + }, + "fsType": { + "description": "fsType to mount. Ex. \"ext4\", \"xfs\", \"ntfs\". If not provided, the empty value is passed to the associated CSI driver which will determine the default filesystem to apply.", + "type": "string" + }, + "nodePublishSecretRef": { + "description": "nodePublishSecretRef is a reference to the secret object containing sensitive information to pass to the CSI driver to complete the CSI NodePublishVolume and NodeUnpublishVolume calls. This field is optional, and may be empty if no secret is required. If the secret object contains more than one secret, all secret references are passed.", + "properties": { + "name": { + "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?", + "type": "string" + } + }, + "type": "object" + }, + "readOnly": { + "description": "readOnly specifies a read-only configuration for the volume. Defaults to false (read/write).", + "type": "boolean" + }, + "volumeAttributes": { + "additionalProperties": { + "type": "string" + }, + "description": "volumeAttributes stores driver-specific properties that are passed to the CSI driver. Consult your driver's documentation for supported values.", + "type": "object" + } + }, + "required": [ + "driver" + ], + "type": "object" + }, + "downwardAPI": { + "description": "downwardAPI represents downward API about the pod that should populate this volume", + "properties": { + "defaultMode": { + "description": "Optional: mode bits to use on created files by default. Must be a Optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.", + "format": "int32", + "type": "integer" + }, + "items": { + "description": "Items is a list of downward API volume file", + "items": { + "description": "DownwardAPIVolumeFile represents information to create the file containing the pod field", + "properties": { + "fieldRef": { + "description": "Required: Selects a field of the pod: only annotations, labels, name and namespace are supported.", + "properties": { + "apiVersion": { + "description": "Version of the schema the FieldPath is written in terms of, defaults to \"v1\".", + "type": "string" + }, + "fieldPath": { + "description": "Path of the field to select in the specified API version.", + "type": "string" + } + }, + "required": [ + "fieldPath" + ], + "type": "object" + }, + "mode": { + "description": "Optional: mode bits used to set permissions on this file, must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.", + "format": "int32", + "type": "integer" + }, + "path": { + "description": "Required: Path is the relative path name of the file to be created. Must not be absolute or contain the '..' path. Must be utf-8 encoded. The first item of the relative path must not start with '..'", + "type": "string" + }, + "resourceFieldRef": { + "description": "Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported.", + "properties": { + "containerName": { + "description": "Container name: required for volumes, optional for env vars", + "type": "string" + }, + "divisor": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "description": "Specifies the output format of the exposed resources, defaults to \"1\"", + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "resource": { + "description": "Required: resource to select", + "type": "string" + } + }, + "required": [ + "resource" + ], + "type": "object" + } + }, + "required": [ + "path" + ], + "type": "object" + }, + "type": "array" + } + }, + "type": "object" + }, + "emptyDir": { + "description": "emptyDir represents a temporary directory that shares a pod's lifetime. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir", + "properties": { + "medium": { + "description": "medium represents what type of storage medium should back this directory. The default is \"\" which means to use the node's default medium. Must be an empty string (default) or Memory. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir", + "type": "string" + }, + "sizeLimit": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "description": "sizeLimit is the total amount of local storage required for this EmptyDir volume. The size limit is also applicable for memory medium. The maximum usage on memory medium EmptyDir would be the minimum value between the SizeLimit specified here and the sum of memory limits of all containers in a pod. The default is nil which means that the limit is undefined. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir", + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + } + }, + "type": "object" + }, + "ephemeral": { + "description": "ephemeral represents a volume that is handled by a cluster storage driver. The volume's lifecycle is tied to the pod that defines it - it will be created before the pod starts, and deleted when the pod is removed. \n Use this if: a) the volume is only needed while the pod runs, b) features of normal volumes like restoring from snapshot or capacity tracking are needed, c) the storage driver is specified through a storage class, and d) the storage driver supports dynamic volume provisioning through a PersistentVolumeClaim (see EphemeralVolumeSource for more information on the connection between this volume type and PersistentVolumeClaim). \n Use PersistentVolumeClaim or one of the vendor-specific APIs for volumes that persist for longer than the lifecycle of an individual pod. \n Use CSI for light-weight local ephemeral volumes if the CSI driver is meant to be used that way - see the documentation of the driver for more information. \n A pod can use both types of ephemeral volumes and persistent volumes at the same time.", + "properties": { + "volumeClaimTemplate": { + "description": "Will be used to create a stand-alone PVC to provision the volume. The pod in which this EphemeralVolumeSource is embedded will be the owner of the PVC, i.e. the PVC will be deleted together with the pod. The name of the PVC will be `-` where `` is the name from the `PodSpec.Volumes` array entry. Pod validation will reject the pod if the concatenated name is not valid for a PVC (for example, too long). \n An existing PVC with that name that is not owned by the pod will *not* be used for the pod to avoid using an unrelated volume by mistake. Starting the pod is then blocked until the unrelated PVC is removed. If such a pre-created PVC is meant to be used by the pod, the PVC has to updated with an owner reference to the pod once the pod exists. Normally this should not be necessary, but it may be useful when manually reconstructing a broken cluster. \n This field is read-only and no changes will be made by Kubernetes to the PVC after it has been created. \n Required, must not be nil.", + "properties": { + "metadata": { + "description": "May contain labels and annotations that will be copied into the PVC when creating it. No other fields are allowed and will be rejected during validation.", + "type": "object" + }, + "spec": { + "description": "The specification for the PersistentVolumeClaim. The entire content is copied unchanged into the PVC that gets created from this template. The same fields as in a PersistentVolumeClaim are also valid here.", + "properties": { + "accessModes": { + "description": "accessModes contains the desired access modes the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1", + "items": { + "type": "string" + }, + "type": "array" + }, + "dataSource": { + "description": "dataSource field can be used to specify either: * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) * An existing PVC (PersistentVolumeClaim) If the provisioner or an external controller can support the specified data source, it will create a new volume based on the contents of the specified data source. When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. If the namespace is specified, then dataSourceRef will not be copied to dataSource.", + "properties": { + "apiGroup": { + "description": "APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required.", + "type": "string" + }, + "kind": { + "description": "Kind is the type of resource being referenced", + "type": "string" + }, + "name": { + "description": "Name is the name of resource being referenced", + "type": "string" + } + }, + "required": [ + "kind", + "name" + ], + "type": "object" + }, + "dataSourceRef": { + "description": "dataSourceRef specifies the object from which to populate the volume with data, if a non-empty volume is desired. This may be any object from a non-empty API group (non core object) or a PersistentVolumeClaim object. When this field is specified, volume binding will only succeed if the type of the specified object matches some installed volume populator or dynamic provisioner. This field will replace the functionality of the dataSource field and as such if both fields are non-empty, they must have the same value. For backwards compatibility, when namespace isn't specified in dataSourceRef, both fields (dataSource and dataSourceRef) will be set to the same value automatically if one of them is empty and the other is non-empty. When namespace is specified in dataSourceRef, dataSource isn't set to the same value and must be empty. There are three important differences between dataSource and dataSourceRef: * While dataSource only allows two specific types of objects, dataSourceRef allows any non-core object, as well as PersistentVolumeClaim objects. * While dataSource ignores disallowed values (dropping them), dataSourceRef preserves all values, and generates an error if a disallowed value is specified. * While dataSource only allows local objects, dataSourceRef allows objects in any namespaces. (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled.", + "properties": { + "apiGroup": { + "description": "APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required.", + "type": "string" + }, + "kind": { + "description": "Kind is the type of resource being referenced", + "type": "string" + }, + "name": { + "description": "Name is the name of resource being referenced", + "type": "string" + }, + "namespace": { + "description": "Namespace is the namespace of resource being referenced Note that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details. (Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled.", + "type": "string" + } + }, + "required": [ + "kind", + "name" + ], + "type": "object" + }, + "resources": { + "description": "resources represents the minimum resources the volume should have. If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements that are lower than previous value but must still be higher than capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources", + "properties": { + "claims": { + "description": "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers.", + "items": { + "description": "ResourceClaim references one entry in PodSpec.ResourceClaims.", + "properties": { + "name": { + "description": "Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container.", + "type": "string" + } + }, + "required": [ + "name" + ], + "type": "object" + }, + "type": "array", + "x-kubernetes-list-map-keys": [ + "name" + ], + "x-kubernetes-list-type": "map" + }, + "limits": { + "additionalProperties": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "description": "Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/", + "type": "object" + }, + "requests": { + "additionalProperties": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "description": "Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/", + "type": "object" + } + }, + "type": "object" + }, + "selector": { + "description": "selector is a label query over volumes to consider for binding.", + "properties": { + "matchExpressions": { + "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", + "items": { + "description": "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.", + "properties": { + "key": { + "description": "key is the label key that the selector applies to.", + "type": "string" + }, + "operator": { + "description": "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.", + "type": "string" + }, + "values": { + "description": "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array" + }, + "matchLabels": { + "additionalProperties": { + "type": "string" + }, + "description": "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", + "type": "object" + } + }, + "type": "object" + }, + "storageClassName": { + "description": "storageClassName is the name of the StorageClass required by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1", + "type": "string" + }, + "volumeMode": { + "description": "volumeMode defines what type of volume is required by the claim. Value of Filesystem is implied when not included in claim spec.", + "type": "string" + }, + "volumeName": { + "description": "volumeName is the binding reference to the PersistentVolume backing this claim.", + "type": "string" + } + }, + "type": "object" + } + }, + "required": [ + "spec" + ], + "type": "object" + } + }, + "type": "object" + }, + "fc": { + "description": "fc represents a Fibre Channel resource that is attached to a kubelet's host machine and then exposed to the pod.", + "properties": { + "fsType": { + "description": "fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified. TODO: how do we prevent errors in the filesystem from compromising the machine", + "type": "string" + }, + "lun": { + "description": "lun is Optional: FC target lun number", + "format": "int32", + "type": "integer" + }, + "readOnly": { + "description": "readOnly is Optional: Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts.", + "type": "boolean" + }, + "targetWWNs": { + "description": "targetWWNs is Optional: FC target worldwide names (WWNs)", + "items": { + "type": "string" + }, + "type": "array" + }, + "wwids": { + "description": "wwids Optional: FC volume world wide identifiers (wwids) Either wwids or combination of targetWWNs and lun must be set, but not both simultaneously.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + }, + "flexVolume": { + "description": "flexVolume represents a generic volume resource that is provisioned/attached using an exec based plugin.", + "properties": { + "driver": { + "description": "driver is the name of the driver to use for this volume.", + "type": "string" + }, + "fsType": { + "description": "fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. \"ext4\", \"xfs\", \"ntfs\". The default filesystem depends on FlexVolume script.", + "type": "string" + }, + "options": { + "additionalProperties": { + "type": "string" + }, + "description": "options is Optional: this field holds extra command options if any.", + "type": "object" + }, + "readOnly": { + "description": "readOnly is Optional: defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts.", + "type": "boolean" + }, + "secretRef": { + "description": "secretRef is Optional: secretRef is reference to the secret object containing sensitive information to pass to the plugin scripts. This may be empty if no secret object is specified. If the secret object contains more than one secret, all secrets are passed to the plugin scripts.", + "properties": { + "name": { + "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?", + "type": "string" + } + }, + "type": "object" + } + }, + "required": [ + "driver" + ], + "type": "object" + }, + "flocker": { + "description": "flocker represents a Flocker volume attached to a kubelet's host machine. This depends on the Flocker control service being running", + "properties": { + "datasetName": { + "description": "datasetName is Name of the dataset stored as metadata -> name on the dataset for Flocker should be considered as deprecated", + "type": "string" + }, + "datasetUUID": { + "description": "datasetUUID is the UUID of the dataset. This is unique identifier of a Flocker dataset", + "type": "string" + } + }, + "type": "object" + }, + "gcePersistentDisk": { + "description": "gcePersistentDisk represents a GCE Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk", + "properties": { + "fsType": { + "description": "fsType is filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk TODO: how do we prevent errors in the filesystem from compromising the machine", + "type": "string" + }, + "partition": { + "description": "partition is the partition in the volume that you want to mount. If omitted, the default is to mount by volume name. Examples: For volume /dev/sda1, you specify the partition as \"1\". Similarly, the volume partition for /dev/sda is \"0\" (or you can leave the property empty). More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk", + "format": "int32", + "type": "integer" + }, + "pdName": { + "description": "pdName is unique name of the PD resource in GCE. Used to identify the disk in GCE. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk", + "type": "string" + }, + "readOnly": { + "description": "readOnly here will force the ReadOnly setting in VolumeMounts. Defaults to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk", + "type": "boolean" + } + }, + "required": [ + "pdName" + ], + "type": "object" + }, + "gitRepo": { + "description": "gitRepo represents a git repository at a particular revision. DEPRECATED: GitRepo is deprecated. To provision a container with a git repo, mount an EmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir into the Pod's container.", + "properties": { + "directory": { + "description": "directory is the target directory name. Must not contain or start with '..'. If '.' is supplied, the volume directory will be the git repository. Otherwise, if specified, the volume will contain the git repository in the subdirectory with the given name.", + "type": "string" + }, + "repository": { + "description": "repository is the URL", + "type": "string" + }, + "revision": { + "description": "revision is the commit hash for the specified revision.", + "type": "string" + } + }, + "required": [ + "repository" + ], + "type": "object" + }, + "glusterfs": { + "description": "glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime. More info: https://examples.k8s.io/volumes/glusterfs/README.md", + "properties": { + "endpoints": { + "description": "endpoints is the endpoint name that details Glusterfs topology. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod", + "type": "string" + }, + "path": { + "description": "path is the Glusterfs volume path. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod", + "type": "string" + }, + "readOnly": { + "description": "readOnly here will force the Glusterfs volume to be mounted with read-only permissions. Defaults to false. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod", + "type": "boolean" + } + }, + "required": [ + "endpoints", + "path" + ], + "type": "object" + }, + "hostPath": { + "description": "hostPath represents a pre-existing file or directory on the host machine that is directly exposed to the container. This is generally used for system agents or other privileged things that are allowed to see the host machine. Most containers will NOT need this. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath --- TODO(jonesdl) We need to restrict who can use host directory mounts and who can/can not mount host directories as read/write.", + "properties": { + "path": { + "description": "path of the directory on the host. If the path is a symlink, it will follow the link to the real path. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath", + "type": "string" + }, + "type": { + "description": "type for HostPath Volume Defaults to \"\" More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath", + "type": "string" + } + }, + "required": [ + "path" + ], + "type": "object" + }, + "iscsi": { + "description": "iscsi represents an ISCSI Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://examples.k8s.io/volumes/iscsi/README.md", + "properties": { + "chapAuthDiscovery": { + "description": "chapAuthDiscovery defines whether support iSCSI Discovery CHAP authentication", + "type": "boolean" + }, + "chapAuthSession": { + "description": "chapAuthSession defines whether support iSCSI Session CHAP authentication", + "type": "boolean" + }, + "fsType": { + "description": "fsType is the filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi TODO: how do we prevent errors in the filesystem from compromising the machine", + "type": "string" + }, + "initiatorName": { + "description": "initiatorName is the custom iSCSI Initiator Name. If initiatorName is specified with iscsiInterface simultaneously, new iSCSI interface : will be created for the connection.", + "type": "string" + }, + "iqn": { + "description": "iqn is the target iSCSI Qualified Name.", + "type": "string" + }, + "iscsiInterface": { + "description": "iscsiInterface is the interface Name that uses an iSCSI transport. Defaults to 'default' (tcp).", + "type": "string" + }, + "lun": { + "description": "lun represents iSCSI Target Lun number.", + "format": "int32", + "type": "integer" + }, + "portals": { + "description": "portals is the iSCSI Target Portal List. The portal is either an IP or ip_addr:port if the port is other than default (typically TCP ports 860 and 3260).", + "items": { + "type": "string" + }, + "type": "array" + }, + "readOnly": { + "description": "readOnly here will force the ReadOnly setting in VolumeMounts. Defaults to false.", + "type": "boolean" + }, + "secretRef": { + "description": "secretRef is the CHAP Secret for iSCSI target and initiator authentication", + "properties": { + "name": { + "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?", + "type": "string" + } + }, + "type": "object" + }, + "targetPortal": { + "description": "targetPortal is iSCSI Target Portal. The Portal is either an IP or ip_addr:port if the port is other than default (typically TCP ports 860 and 3260).", + "type": "string" + } + }, + "required": [ + "iqn", + "lun", + "targetPortal" + ], + "type": "object" + }, + "name": { + "description": "name of the volume. Must be a DNS_LABEL and unique within the pod. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names", + "type": "string" + }, + "nfs": { + "description": "nfs represents an NFS mount on the host that shares a pod's lifetime More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs", + "properties": { + "path": { + "description": "path that is exported by the NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs", + "type": "string" + }, + "readOnly": { + "description": "readOnly here will force the NFS export to be mounted with read-only permissions. Defaults to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs", + "type": "boolean" + }, + "server": { + "description": "server is the hostname or IP address of the NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs", + "type": "string" + } + }, + "required": [ + "path", + "server" + ], + "type": "object" + }, + "persistentVolumeClaim": { + "description": "persistentVolumeClaimVolumeSource represents a reference to a PersistentVolumeClaim in the same namespace. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims", + "properties": { + "claimName": { + "description": "claimName is the name of a PersistentVolumeClaim in the same namespace as the pod using this volume. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims", + "type": "string" + }, + "readOnly": { + "description": "readOnly Will force the ReadOnly setting in VolumeMounts. Default false.", + "type": "boolean" + } + }, + "required": [ + "claimName" + ], + "type": "object" + }, + "photonPersistentDisk": { + "description": "photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine", + "properties": { + "fsType": { + "description": "fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.", + "type": "string" + }, + "pdID": { + "description": "pdID is the ID that identifies Photon Controller persistent disk", + "type": "string" + } + }, + "required": [ + "pdID" + ], + "type": "object" + }, + "portworxVolume": { + "description": "portworxVolume represents a portworx volume attached and mounted on kubelets host machine", + "properties": { + "fsType": { + "description": "fSType represents the filesystem type to mount Must be a filesystem type supported by the host operating system. Ex. \"ext4\", \"xfs\". Implicitly inferred to be \"ext4\" if unspecified.", + "type": "string" + }, + "readOnly": { + "description": "readOnly defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts.", + "type": "boolean" + }, + "volumeID": { + "description": "volumeID uniquely identifies a Portworx volume", + "type": "string" + } + }, + "required": [ + "volumeID" + ], + "type": "object" + }, + "projected": { + "description": "projected items for all in one resources secrets, configmaps, and downward API", + "properties": { + "defaultMode": { + "description": "defaultMode are the mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.", + "format": "int32", + "type": "integer" + }, + "sources": { + "description": "sources is the list of volume projections", + "items": { + "description": "Projection that may be projected along with other supported volume types", + "properties": { + "configMap": { + "description": "configMap information about the configMap data to project", + "properties": { + "items": { + "description": "items if unspecified, each key-value pair in the Data field of the referenced ConfigMap will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the ConfigMap, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'.", + "items": { + "description": "Maps a string key to a path within a volume.", + "properties": { + "key": { + "description": "key is the key to project.", + "type": "string" + }, + "mode": { + "description": "mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.", + "format": "int32", + "type": "integer" + }, + "path": { + "description": "path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'.", + "type": "string" + } + }, + "required": [ + "key", + "path" + ], + "type": "object" + }, + "type": "array" + }, + "name": { + "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?", + "type": "string" + }, + "optional": { + "description": "optional specify whether the ConfigMap or its keys must be defined", + "type": "boolean" + } + }, + "type": "object" + }, + "downwardAPI": { + "description": "downwardAPI information about the downwardAPI data to project", + "properties": { + "items": { + "description": "Items is a list of DownwardAPIVolume file", + "items": { + "description": "DownwardAPIVolumeFile represents information to create the file containing the pod field", + "properties": { + "fieldRef": { + "description": "Required: Selects a field of the pod: only annotations, labels, name and namespace are supported.", + "properties": { + "apiVersion": { + "description": "Version of the schema the FieldPath is written in terms of, defaults to \"v1\".", + "type": "string" + }, + "fieldPath": { + "description": "Path of the field to select in the specified API version.", + "type": "string" + } + }, + "required": [ + "fieldPath" + ], + "type": "object" + }, + "mode": { + "description": "Optional: mode bits used to set permissions on this file, must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.", + "format": "int32", + "type": "integer" + }, + "path": { + "description": "Required: Path is the relative path name of the file to be created. Must not be absolute or contain the '..' path. Must be utf-8 encoded. The first item of the relative path must not start with '..'", + "type": "string" + }, + "resourceFieldRef": { + "description": "Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported.", + "properties": { + "containerName": { + "description": "Container name: required for volumes, optional for env vars", + "type": "string" + }, + "divisor": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "description": "Specifies the output format of the exposed resources, defaults to \"1\"", + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "resource": { + "description": "Required: resource to select", + "type": "string" + } + }, + "required": [ + "resource" + ], + "type": "object" + } + }, + "required": [ + "path" + ], + "type": "object" + }, + "type": "array" + } + }, + "type": "object" + }, + "secret": { + "description": "secret information about the secret data to project", + "properties": { + "items": { + "description": "items if unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'.", + "items": { + "description": "Maps a string key to a path within a volume.", + "properties": { + "key": { + "description": "key is the key to project.", + "type": "string" + }, + "mode": { + "description": "mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.", + "format": "int32", + "type": "integer" + }, + "path": { + "description": "path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'.", + "type": "string" + } + }, + "required": [ + "key", + "path" + ], + "type": "object" + }, + "type": "array" + }, + "name": { + "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?", + "type": "string" + }, + "optional": { + "description": "optional field specify whether the Secret or its key must be defined", + "type": "boolean" + } + }, + "type": "object" + }, + "serviceAccountToken": { + "description": "serviceAccountToken is information about the serviceAccountToken data to project", + "properties": { + "audience": { + "description": "audience is the intended audience of the token. A recipient of a token must identify itself with an identifier specified in the audience of the token, and otherwise should reject the token. The audience defaults to the identifier of the apiserver.", + "type": "string" + }, + "expirationSeconds": { + "description": "expirationSeconds is the requested duration of validity of the service account token. As the token approaches expiration, the kubelet volume plugin will proactively rotate the service account token. The kubelet will start trying to rotate the token if the token is older than 80 percent of its time to live or if the token is older than 24 hours.Defaults to 1 hour and must be at least 10 minutes.", + "format": "int64", + "type": "integer" + }, + "path": { + "description": "path is the path relative to the mount point of the file to project the token into.", + "type": "string" + } + }, + "required": [ + "path" + ], + "type": "object" + } + }, + "type": "object" + }, + "type": "array" + } + }, + "type": "object" + }, + "quobyte": { + "description": "quobyte represents a Quobyte mount on the host that shares a pod's lifetime", + "properties": { + "group": { + "description": "group to map volume access to Default is no group", + "type": "string" + }, + "readOnly": { + "description": "readOnly here will force the Quobyte volume to be mounted with read-only permissions. Defaults to false.", + "type": "boolean" + }, + "registry": { + "description": "registry represents a single or multiple Quobyte Registry services specified as a string as host:port pair (multiple entries are separated with commas) which acts as the central registry for volumes", + "type": "string" + }, + "tenant": { + "description": "tenant owning the given Quobyte volume in the Backend Used with dynamically provisioned Quobyte volumes, value is set by the plugin", + "type": "string" + }, + "user": { + "description": "user to map volume access to Defaults to serivceaccount user", + "type": "string" + }, + "volume": { + "description": "volume is a string that references an already created Quobyte volume by name.", + "type": "string" + } + }, + "required": [ + "registry", + "volume" + ], + "type": "object" + }, + "rbd": { + "description": "rbd represents a Rados Block Device mount on the host that shares a pod's lifetime. More info: https://examples.k8s.io/volumes/rbd/README.md", + "properties": { + "fsType": { + "description": "fsType is the filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#rbd TODO: how do we prevent errors in the filesystem from compromising the machine", + "type": "string" + }, + "image": { + "description": "image is the rados image name. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it", + "type": "string" + }, + "keyring": { + "description": "keyring is the path to key ring for RBDUser. Default is /etc/ceph/keyring. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it", + "type": "string" + }, + "monitors": { + "description": "monitors is a collection of Ceph monitors. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it", + "items": { + "type": "string" + }, + "type": "array" + }, + "pool": { + "description": "pool is the rados pool name. Default is rbd. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it", + "type": "string" + }, + "readOnly": { + "description": "readOnly here will force the ReadOnly setting in VolumeMounts. Defaults to false. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it", + "type": "boolean" + }, + "secretRef": { + "description": "secretRef is name of the authentication secret for RBDUser. If provided overrides keyring. Default is nil. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it", + "properties": { + "name": { + "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?", + "type": "string" + } + }, + "type": "object" + }, + "user": { + "description": "user is the rados user name. Default is admin. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it", + "type": "string" + } + }, + "required": [ + "image", + "monitors" + ], + "type": "object" + }, + "scaleIO": { + "description": "scaleIO represents a ScaleIO persistent volume attached and mounted on Kubernetes nodes.", + "properties": { + "fsType": { + "description": "fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. \"ext4\", \"xfs\", \"ntfs\". Default is \"xfs\".", + "type": "string" + }, + "gateway": { + "description": "gateway is the host address of the ScaleIO API Gateway.", + "type": "string" + }, + "protectionDomain": { + "description": "protectionDomain is the name of the ScaleIO Protection Domain for the configured storage.", + "type": "string" + }, + "readOnly": { + "description": "readOnly Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts.", + "type": "boolean" + }, + "secretRef": { + "description": "secretRef references to the secret for ScaleIO user and other sensitive information. If this is not provided, Login operation will fail.", + "properties": { + "name": { + "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?", + "type": "string" + } + }, + "type": "object" + }, + "sslEnabled": { + "description": "sslEnabled Flag enable/disable SSL communication with Gateway, default false", + "type": "boolean" + }, + "storageMode": { + "description": "storageMode indicates whether the storage for a volume should be ThickProvisioned or ThinProvisioned. Default is ThinProvisioned.", + "type": "string" + }, + "storagePool": { + "description": "storagePool is the ScaleIO Storage Pool associated with the protection domain.", + "type": "string" + }, + "system": { + "description": "system is the name of the storage system as configured in ScaleIO.", + "type": "string" + }, + "volumeName": { + "description": "volumeName is the name of a volume already created in the ScaleIO system that is associated with this volume source.", + "type": "string" + } + }, + "required": [ + "gateway", + "secretRef", + "system" + ], + "type": "object" + }, + "secret": { + "description": "secret represents a secret that should populate this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret", + "properties": { + "defaultMode": { + "description": "defaultMode is Optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.", + "format": "int32", + "type": "integer" + }, + "items": { + "description": "items If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'.", + "items": { + "description": "Maps a string key to a path within a volume.", + "properties": { + "key": { + "description": "key is the key to project.", + "type": "string" + }, + "mode": { + "description": "mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.", + "format": "int32", + "type": "integer" + }, + "path": { + "description": "path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'.", + "type": "string" + } + }, + "required": [ + "key", + "path" + ], + "type": "object" + }, + "type": "array" + }, + "optional": { + "description": "optional field specify whether the Secret or its keys must be defined", + "type": "boolean" + }, + "secretName": { + "description": "secretName is the name of the secret in the pod's namespace to use. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret", + "type": "string" + } + }, + "type": "object" + }, + "storageos": { + "description": "storageOS represents a StorageOS volume attached and mounted on Kubernetes nodes.", + "properties": { + "fsType": { + "description": "fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.", + "type": "string" + }, + "readOnly": { + "description": "readOnly defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts.", + "type": "boolean" + }, + "secretRef": { + "description": "secretRef specifies the secret to use for obtaining the StorageOS API credentials. If not specified, default values will be attempted.", + "properties": { + "name": { + "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?", + "type": "string" + } + }, + "type": "object" + }, + "volumeName": { + "description": "volumeName is the human-readable name of the StorageOS volume. Volume names are only unique within a namespace.", + "type": "string" + }, + "volumeNamespace": { + "description": "volumeNamespace specifies the scope of the volume within StorageOS. If no namespace is specified then the Pod's namespace will be used. This allows the Kubernetes name scoping to be mirrored within StorageOS for tighter integration. Set VolumeName to any name to override the default behaviour. Set to \"default\" if you are not using namespaces within StorageOS. Namespaces that do not pre-exist within StorageOS will be created.", + "type": "string" + } + }, + "type": "object" + }, + "vsphereVolume": { + "description": "vsphereVolume represents a vSphere volume attached and mounted on kubelets host machine", + "properties": { + "fsType": { + "description": "fsType is filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.", + "type": "string" + }, + "storagePolicyID": { + "description": "storagePolicyID is the storage Policy Based Management (SPBM) profile ID associated with the StoragePolicyName.", + "type": "string" + }, + "storagePolicyName": { + "description": "storagePolicyName is the storage Policy Based Management (SPBM) profile name.", + "type": "string" + }, + "volumePath": { + "description": "volumePath is the path that identifies vSphere volume vmdk", + "type": "string" + } + }, + "required": [ + "volumePath" + ], + "type": "object" + } + }, + "required": [ + "name" + ], + "type": "object" + }, + "type": "array" + } + }, + "type": "object" + } + }, + "type": "object" + } + }, + "required": [ + "clusterSize", + "kubernetesConfig" + ], + "type": "object" + }, + "status": { + "description": "RedisClusterStatus defines the observed state of RedisCluster", + "type": "object" + } + }, + "required": [ + "spec" + ], + "type": "object" + } + }, + "served": true, + "storage": false, + "subresources": { + "status": {} + } + }, + { + "additionalPrinterColumns": [ + { + "description": "Current cluster node count", + "jsonPath": ".spec.clusterSize", + "name": "ClusterSize", + "type": "integer" + }, + { + "description": "Number of ready leader replicas", + "jsonPath": ".status.readyLeaderReplicas", + "name": "ReadyLeaderReplicas", + "type": "integer" + }, + { + "description": "Number of ready follower replicas", + "jsonPath": ".status.readyFollowerReplicas", + "name": "ReadyFollowerReplicas", + "type": "integer" + }, + { + "description": "The current state of the Redis Cluster", + "jsonPath": ".status.state", + "name": "State", + "priority": 1, + "type": "string" + }, + { + "description": "Age of Cluster", + "jsonPath": ".metadata.creationTimestamp", + "name": "Age", + "priority": 1, + "type": "date" + }, + { + "description": "The reason for the current state", + "jsonPath": ".status.reason", + "name": "Reason", + "priority": 1, + "type": "string" + } + ], + "name": "v1beta2", + "schema": { + "openAPIV3Schema": { + "description": "RedisCluster is the Schema for the redisclusters API", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", + "type": "string" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "type": "object" + }, + "spec": { + "description": "RedisClusterSpec defines the desired state of RedisCluster", + "properties": { + "TLS": { + "description": "TLS Configuration for redis instances", + "properties": { + "ca": { + "type": "string" + }, + "cert": { + "type": "string" + }, + "key": { + "type": "string" + }, + "secret": { + "description": "Reference to secret which contains the certificates", + "properties": { + "defaultMode": { + "description": "defaultMode is Optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.", + "format": "int32", + "type": "integer" + }, + "items": { + "description": "items If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'.", + "items": { + "description": "Maps a string key to a path within a volume.", + "properties": { + "key": { + "description": "key is the key to project.", + "type": "string" + }, + "mode": { + "description": "mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.", + "format": "int32", + "type": "integer" + }, + "path": { + "description": "path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'.", + "type": "string" + } + }, + "required": [ + "key", + "path" + ], + "type": "object" + }, + "type": "array" + }, + "optional": { + "description": "optional field specify whether the Secret or its keys must be defined", + "type": "boolean" + }, + "secretName": { + "description": "secretName is the name of the secret in the pod's namespace to use. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret", + "type": "string" + } + }, + "type": "object" + } + }, + "required": [ + "secret" + ], + "type": "object" + }, + "acl": { + "properties": { + "secret": { + "description": "Adapts a Secret into a volume. \n The contents of the target Secret's Data field will be presented in a volume as files using the keys in the Data field as the file names. Secret volumes support ownership management and SELinux relabeling.", + "properties": { + "defaultMode": { + "description": "defaultMode is Optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.", + "format": "int32", + "type": "integer" + }, + "items": { + "description": "items If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'.", + "items": { + "description": "Maps a string key to a path within a volume.", + "properties": { + "key": { + "description": "key is the key to project.", + "type": "string" + }, + "mode": { + "description": "mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.", + "format": "int32", + "type": "integer" + }, + "path": { + "description": "path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'.", + "type": "string" + } + }, + "required": [ + "key", + "path" + ], + "type": "object" + }, + "type": "array" + }, + "optional": { + "description": "optional field specify whether the Secret or its keys must be defined", + "type": "boolean" + }, + "secretName": { + "description": "secretName is the name of the secret in the pod's namespace to use. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret", + "type": "string" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "clusterSize": { + "format": "int32", + "type": "integer" + }, + "clusterVersion": { + "default": "v7", + "type": "string" + }, + "env": { + "items": { + "description": "EnvVar represents an environment variable present in a Container.", + "properties": { + "name": { + "description": "Name of the environment variable. Must be a C_IDENTIFIER.", + "type": "string" + }, + "value": { + "description": "Variable references $(VAR_NAME) are expanded using the previously defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to \"\".", + "type": "string" + }, + "valueFrom": { + "description": "Source for the environment variable's value. Cannot be used if value is not empty.", + "properties": { + "configMapKeyRef": { + "description": "Selects a key of a ConfigMap.", + "properties": { + "key": { + "description": "The key to select.", + "type": "string" + }, + "name": { + "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?", + "type": "string" + }, + "optional": { + "description": "Specify whether the ConfigMap or its key must be defined", + "type": "boolean" + } + }, + "required": [ + "key" + ], + "type": "object" + }, + "fieldRef": { + "description": "Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs.", + "properties": { + "apiVersion": { + "description": "Version of the schema the FieldPath is written in terms of, defaults to \"v1\".", + "type": "string" + }, + "fieldPath": { + "description": "Path of the field to select in the specified API version.", + "type": "string" + } + }, + "required": [ + "fieldPath" + ], + "type": "object" + }, + "resourceFieldRef": { + "description": "Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported.", + "properties": { + "containerName": { + "description": "Container name: required for volumes, optional for env vars", + "type": "string" + }, + "divisor": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "description": "Specifies the output format of the exposed resources, defaults to \"1\"", + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "resource": { + "description": "Required: resource to select", + "type": "string" + } + }, + "required": [ + "resource" + ], + "type": "object" + }, + "secretKeyRef": { + "description": "Selects a key of a secret in the pod's namespace", + "properties": { + "key": { + "description": "The key of the secret to select from. Must be a valid secret key.", + "type": "string" + }, + "name": { + "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?", + "type": "string" + }, + "optional": { + "description": "Specify whether the Secret or its key must be defined", + "type": "boolean" + } + }, + "required": [ + "key" + ], + "type": "object" + } + }, + "type": "object" + } + }, + "required": [ + "name" + ], + "type": "object" + }, + "type": "array" + }, + "hostNetwork": { + "type": "boolean" + }, + "initContainer": { + "description": "InitContainer for each Redis pods", + "properties": { + "args": { + "items": { + "type": "string" + }, + "type": "array" + }, + "command": { + "items": { + "type": "string" + }, + "type": "array" + }, + "enabled": { + "type": "boolean" + }, + "env": { + "items": { + "description": "EnvVar represents an environment variable present in a Container.", + "properties": { + "name": { + "description": "Name of the environment variable. Must be a C_IDENTIFIER.", + "type": "string" + }, + "value": { + "description": "Variable references $(VAR_NAME) are expanded using the previously defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to \"\".", + "type": "string" + }, + "valueFrom": { + "description": "Source for the environment variable's value. Cannot be used if value is not empty.", + "properties": { + "configMapKeyRef": { + "description": "Selects a key of a ConfigMap.", + "properties": { + "key": { + "description": "The key to select.", + "type": "string" + }, + "name": { + "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?", + "type": "string" + }, + "optional": { + "description": "Specify whether the ConfigMap or its key must be defined", + "type": "boolean" + } + }, + "required": [ + "key" + ], + "type": "object" + }, + "fieldRef": { + "description": "Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs.", + "properties": { + "apiVersion": { + "description": "Version of the schema the FieldPath is written in terms of, defaults to \"v1\".", + "type": "string" + }, + "fieldPath": { + "description": "Path of the field to select in the specified API version.", + "type": "string" + } + }, + "required": [ + "fieldPath" + ], + "type": "object" + }, + "resourceFieldRef": { + "description": "Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported.", + "properties": { + "containerName": { + "description": "Container name: required for volumes, optional for env vars", + "type": "string" + }, + "divisor": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "description": "Specifies the output format of the exposed resources, defaults to \"1\"", + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "resource": { + "description": "Required: resource to select", + "type": "string" + } + }, + "required": [ + "resource" + ], + "type": "object" + }, + "secretKeyRef": { + "description": "Selects a key of a secret in the pod's namespace", + "properties": { + "key": { + "description": "The key of the secret to select from. Must be a valid secret key.", + "type": "string" + }, + "name": { + "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?", + "type": "string" + }, + "optional": { + "description": "Specify whether the Secret or its key must be defined", + "type": "boolean" + } + }, + "required": [ + "key" + ], + "type": "object" + } + }, + "type": "object" + } + }, + "required": [ + "name" + ], + "type": "object" + }, + "type": "array" + }, + "image": { + "type": "string" + }, + "imagePullPolicy": { + "description": "PullPolicy describes a policy for if/when to pull a container image", + "type": "string" + }, + "resources": { + "description": "ResourceRequirements describes the compute resource requirements.", + "properties": { + "claims": { + "description": "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers.", + "items": { + "description": "ResourceClaim references one entry in PodSpec.ResourceClaims.", + "properties": { + "name": { + "description": "Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container.", + "type": "string" + } + }, + "required": [ + "name" + ], + "type": "object" + }, + "type": "array", + "x-kubernetes-list-map-keys": [ + "name" + ], + "x-kubernetes-list-type": "map" + }, + "limits": { + "additionalProperties": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "description": "Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/", + "type": "object" + }, + "requests": { + "additionalProperties": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "description": "Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/", + "type": "object" + } + }, + "type": "object" + } + }, + "required": [ + "image" + ], + "type": "object" + }, + "kubernetesConfig": { + "description": "KubernetesConfig will be the JSON struct for Basic Redis Config", + "properties": { + "ignoreAnnotations": { + "items": { + "type": "string" + }, + "type": "array" + }, + "image": { + "type": "string" + }, + "imagePullPolicy": { + "description": "PullPolicy describes a policy for if/when to pull a container image", + "type": "string" + }, + "imagePullSecrets": { + "items": { + "description": "LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace.", + "properties": { + "name": { + "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?", + "type": "string" + } + }, + "type": "object" + }, + "type": "array" + }, + "redisSecret": { + "description": "ExistingPasswordSecret is the struct to access the existing secret", + "properties": { + "key": { + "type": "string" + }, + "name": { + "type": "string" + } + }, + "type": "object" + }, + "resources": { + "description": "ResourceRequirements describes the compute resource requirements.", + "properties": { + "claims": { + "description": "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers.", + "items": { + "description": "ResourceClaim references one entry in PodSpec.ResourceClaims.", + "properties": { + "name": { + "description": "Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container.", + "type": "string" + } + }, + "required": [ + "name" + ], + "type": "object" + }, + "type": "array", + "x-kubernetes-list-map-keys": [ + "name" + ], + "x-kubernetes-list-type": "map" + }, + "limits": { + "additionalProperties": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "description": "Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/", + "type": "object" + }, + "requests": { + "additionalProperties": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "description": "Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/", + "type": "object" + } + }, + "type": "object" + }, + "service": { + "description": "ServiceConfig define the type of service to be created and its annotations", + "properties": { + "annotations": { + "additionalProperties": { + "type": "string" + }, + "type": "object" + }, + "serviceType": { + "enum": [ + "LoadBalancer", + "NodePort", + "ClusterIP" + ], + "type": "string" + } + }, + "type": "object" + }, + "updateStrategy": { + "description": "StatefulSetUpdateStrategy indicates the strategy that the StatefulSet controller will use to perform updates. It includes any additional parameters necessary to perform the update for the indicated strategy.", + "properties": { + "rollingUpdate": { + "description": "RollingUpdate is used to communicate parameters when Type is RollingUpdateStatefulSetStrategyType.", + "properties": { + "maxUnavailable": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "description": "The maximum number of pods that can be unavailable during the update. Value can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%). Absolute number is calculated from percentage by rounding up. This can not be 0. Defaults to 1. This field is alpha-level and is only honored by servers that enable the MaxUnavailableStatefulSet feature. The field applies to all pods in the range 0 to Replicas-1. That means if there is any unavailable pod in the range 0 to Replicas-1, it will be counted towards MaxUnavailable.", + "x-kubernetes-int-or-string": true + }, + "partition": { + "description": "Partition indicates the ordinal at which the StatefulSet should be partitioned for updates. During a rolling update, all pods from ordinal Replicas-1 to Partition are updated. All pods from ordinal Partition-1 to 0 remain untouched. This is helpful in being able to do a canary based deployment. The default value is 0.", + "format": "int32", + "type": "integer" + } + }, + "type": "object" + }, + "type": { + "description": "Type indicates the type of the StatefulSetUpdateStrategy. Default is RollingUpdate.", + "type": "string" + } + }, + "type": "object" + } + }, + "required": [ + "image" + ], + "type": "object" + }, + "persistenceEnabled": { + "type": "boolean" + }, + "podSecurityContext": { + "description": "PodSecurityContext holds pod-level security attributes and common container settings. Some fields are also present in container.securityContext. Field values of container.securityContext take precedence over field values of PodSecurityContext.", + "properties": { + "fsGroup": { + "description": "A special supplemental group that applies to all containers in a pod. Some volume types allow the Kubelet to change the ownership of that volume to be owned by the pod: \n 1. The owning GID will be the FSGroup 2. The setgid bit is set (new files created in the volume will be owned by FSGroup) 3. The permission bits are OR'd with rw-rw---- \n If unset, the Kubelet will not modify the ownership and permissions of any volume. Note that this field cannot be set when spec.os.name is windows.", + "format": "int64", + "type": "integer" + }, + "fsGroupChangePolicy": { + "description": "fsGroupChangePolicy defines behavior of changing ownership and permission of the volume before being exposed inside Pod. This field will only apply to volume types which support fsGroup based ownership(and permissions). It will have no effect on ephemeral volume types such as: secret, configmaps and emptydir. Valid values are \"OnRootMismatch\" and \"Always\". If not specified, \"Always\" is used. Note that this field cannot be set when spec.os.name is windows.", + "type": "string" + }, + "runAsGroup": { + "description": "The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container. Note that this field cannot be set when spec.os.name is windows.", + "format": "int64", + "type": "integer" + }, + "runAsNonRoot": { + "description": "Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.", + "type": "boolean" + }, + "runAsUser": { + "description": "The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container. Note that this field cannot be set when spec.os.name is windows.", + "format": "int64", + "type": "integer" + }, + "seLinuxOptions": { + "description": "The SELinux context to be applied to all containers. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container. Note that this field cannot be set when spec.os.name is windows.", + "properties": { + "level": { + "description": "Level is SELinux level label that applies to the container.", + "type": "string" + }, + "role": { + "description": "Role is a SELinux role label that applies to the container.", + "type": "string" + }, + "type": { + "description": "Type is a SELinux type label that applies to the container.", + "type": "string" + }, + "user": { + "description": "User is a SELinux user label that applies to the container.", + "type": "string" + } + }, + "type": "object" + }, + "seccompProfile": { + "description": "The seccomp options to use by the containers in this pod. Note that this field cannot be set when spec.os.name is windows.", + "properties": { + "localhostProfile": { + "description": "localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must be set if type is \"Localhost\". Must NOT be set for any other type.", + "type": "string" + }, + "type": { + "description": "type indicates which kind of seccomp profile will be applied. Valid options are: \n Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied.", + "type": "string" + } + }, + "required": [ + "type" + ], + "type": "object" + }, + "supplementalGroups": { + "description": "A list of groups applied to the first process run in each container, in addition to the container's primary GID, the fsGroup (if specified), and group memberships defined in the container image for the uid of the container process. If unspecified, no additional groups are added to any container. Note that group memberships defined in the container image for the uid of the container process are still effective, even if they are not included in this list. Note that this field cannot be set when spec.os.name is windows.", + "items": { + "format": "int64", + "type": "integer" + }, + "type": "array" + }, + "sysctls": { + "description": "Sysctls hold a list of namespaced sysctls used for the pod. Pods with unsupported sysctls (by the container runtime) might fail to launch. Note that this field cannot be set when spec.os.name is windows.", + "items": { + "description": "Sysctl defines a kernel parameter to be set", + "properties": { + "name": { + "description": "Name of a property to set", + "type": "string" + }, + "value": { + "description": "Value of a property to set", + "type": "string" + } + }, + "required": [ + "name", + "value" + ], + "type": "object" + }, + "type": "array" + }, + "windowsOptions": { + "description": "The Windows specific settings applied to all containers. If unspecified, the options within a container's SecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is linux.", + "properties": { + "gmsaCredentialSpec": { + "description": "GMSACredentialSpec is where the GMSA admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the GMSA credential spec named by the GMSACredentialSpecName field.", + "type": "string" + }, + "gmsaCredentialSpecName": { + "description": "GMSACredentialSpecName is the name of the GMSA credential spec to use.", + "type": "string" + }, + "hostProcess": { + "description": "HostProcess determines if a container should be run as a 'Host Process' container. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.", + "type": "boolean" + }, + "runAsUserName": { + "description": "The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.", + "type": "string" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "port": { + "default": 6379, + "type": "integer" + }, + "priorityClassName": { + "type": "string" + }, + "redisExporter": { + "description": "RedisExporter interface will have the information for redis exporter related stuff", + "properties": { + "enabled": { + "type": "boolean" + }, + "env": { + "items": { + "description": "EnvVar represents an environment variable present in a Container.", + "properties": { + "name": { + "description": "Name of the environment variable. Must be a C_IDENTIFIER.", + "type": "string" + }, + "value": { + "description": "Variable references $(VAR_NAME) are expanded using the previously defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to \"\".", + "type": "string" + }, + "valueFrom": { + "description": "Source for the environment variable's value. Cannot be used if value is not empty.", + "properties": { + "configMapKeyRef": { + "description": "Selects a key of a ConfigMap.", + "properties": { + "key": { + "description": "The key to select.", + "type": "string" + }, + "name": { + "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?", + "type": "string" + }, + "optional": { + "description": "Specify whether the ConfigMap or its key must be defined", + "type": "boolean" + } + }, + "required": [ + "key" + ], + "type": "object" + }, + "fieldRef": { + "description": "Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs.", + "properties": { + "apiVersion": { + "description": "Version of the schema the FieldPath is written in terms of, defaults to \"v1\".", + "type": "string" + }, + "fieldPath": { + "description": "Path of the field to select in the specified API version.", + "type": "string" + } + }, + "required": [ + "fieldPath" + ], + "type": "object" + }, + "resourceFieldRef": { + "description": "Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported.", + "properties": { + "containerName": { + "description": "Container name: required for volumes, optional for env vars", + "type": "string" + }, + "divisor": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "description": "Specifies the output format of the exposed resources, defaults to \"1\"", + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "resource": { + "description": "Required: resource to select", + "type": "string" + } + }, + "required": [ + "resource" + ], + "type": "object" + }, + "secretKeyRef": { + "description": "Selects a key of a secret in the pod's namespace", + "properties": { + "key": { + "description": "The key of the secret to select from. Must be a valid secret key.", + "type": "string" + }, + "name": { + "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?", + "type": "string" + }, + "optional": { + "description": "Specify whether the Secret or its key must be defined", + "type": "boolean" + } + }, + "required": [ + "key" + ], + "type": "object" + } + }, + "type": "object" + } + }, + "required": [ + "name" + ], + "type": "object" + }, + "type": "array" + }, + "image": { + "type": "string" + }, + "imagePullPolicy": { + "description": "PullPolicy describes a policy for if/when to pull a container image", + "type": "string" + }, + "port": { + "default": 9121, + "type": "integer" + }, + "resources": { + "description": "ResourceRequirements describes the compute resource requirements.", + "properties": { + "claims": { + "description": "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers.", + "items": { + "description": "ResourceClaim references one entry in PodSpec.ResourceClaims.", + "properties": { + "name": { + "description": "Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container.", + "type": "string" + } + }, + "required": [ + "name" + ], + "type": "object" + }, + "type": "array", + "x-kubernetes-list-map-keys": [ + "name" + ], + "x-kubernetes-list-type": "map" + }, + "limits": { + "additionalProperties": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "description": "Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/", + "type": "object" + }, + "requests": { + "additionalProperties": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "description": "Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/", + "type": "object" + } + }, + "type": "object" + } + }, + "required": [ + "image" + ], + "type": "object" + }, + "redisFollower": { + "default": { + "livenessProbe": { + "failureThreshold": 3, + "initialDelaySeconds": 1, + "periodSeconds": 10, + "successThreshold": 1, + "timeoutSeconds": 1 + }, + "readinessProbe": { + "failureThreshold": 3, + "initialDelaySeconds": 1, + "periodSeconds": 10, + "successThreshold": 1, + "timeoutSeconds": 1 + } + }, + "description": "RedisFollower interface will have the redis follower configuration", + "properties": { + "affinity": { + "description": "Affinity is a group of affinity scheduling rules.", + "properties": { + "nodeAffinity": { + "description": "Describes node affinity scheduling rules for the pod.", + "properties": { + "preferredDuringSchedulingIgnoredDuringExecution": { + "description": "The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding \"weight\" to the sum if the node matches the corresponding matchExpressions; the node(s) with the highest sum are the most preferred.", + "items": { + "description": "An empty preferred scheduling term matches all objects with implicit weight 0 (i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op).", + "properties": { + "preference": { + "description": "A node selector term, associated with the corresponding weight.", + "properties": { + "matchExpressions": { + "description": "A list of node selector requirements by node's labels.", + "items": { + "description": "A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values.", + "properties": { + "key": { + "description": "The label key that the selector applies to.", + "type": "string" + }, + "operator": { + "description": "Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.", + "type": "string" + }, + "values": { + "description": "An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array" + }, + "matchFields": { + "description": "A list of node selector requirements by node's fields.", + "items": { + "description": "A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values.", + "properties": { + "key": { + "description": "The label key that the selector applies to.", + "type": "string" + }, + "operator": { + "description": "Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.", + "type": "string" + }, + "values": { + "description": "An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array" + } + }, + "type": "object" + }, + "weight": { + "description": "Weight associated with matching the corresponding nodeSelectorTerm, in the range 1-100.", + "format": "int32", + "type": "integer" + } + }, + "required": [ + "preference", + "weight" + ], + "type": "object" + }, + "type": "array" + }, + "requiredDuringSchedulingIgnoredDuringExecution": { + "description": "If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to an update), the system may or may not try to eventually evict the pod from its node.", + "properties": { + "nodeSelectorTerms": { + "description": "Required. A list of node selector terms. The terms are ORed.", + "items": { + "description": "A null or empty node selector term matches no objects. The requirements of them are ANDed. The TopologySelectorTerm type implements a subset of the NodeSelectorTerm.", + "properties": { + "matchExpressions": { + "description": "A list of node selector requirements by node's labels.", + "items": { + "description": "A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values.", + "properties": { + "key": { + "description": "The label key that the selector applies to.", + "type": "string" + }, + "operator": { + "description": "Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.", + "type": "string" + }, + "values": { + "description": "An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array" + }, + "matchFields": { + "description": "A list of node selector requirements by node's fields.", + "items": { + "description": "A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values.", + "properties": { + "key": { + "description": "The label key that the selector applies to.", + "type": "string" + }, + "operator": { + "description": "Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.", + "type": "string" + }, + "values": { + "description": "An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array" + } + }, + "type": "object" + }, + "type": "array" + } + }, + "required": [ + "nodeSelectorTerms" + ], + "type": "object" + } + }, + "type": "object" + }, + "podAffinity": { + "description": "Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s)).", + "properties": { + "preferredDuringSchedulingIgnoredDuringExecution": { + "description": "The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding \"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred.", + "items": { + "description": "The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s)", + "properties": { + "podAffinityTerm": { + "description": "Required. A pod affinity term, associated with the corresponding weight.", + "properties": { + "labelSelector": { + "description": "A label query over a set of resources, in this case pods.", + "properties": { + "matchExpressions": { + "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", + "items": { + "description": "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.", + "properties": { + "key": { + "description": "key is the label key that the selector applies to.", + "type": "string" + }, + "operator": { + "description": "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.", + "type": "string" + }, + "values": { + "description": "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array" + }, + "matchLabels": { + "additionalProperties": { + "type": "string" + }, + "description": "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", + "type": "object" + } + }, + "type": "object" + }, + "namespaceSelector": { + "description": "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means \"this pod's namespace\". An empty selector ({}) matches all namespaces.", + "properties": { + "matchExpressions": { + "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", + "items": { + "description": "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.", + "properties": { + "key": { + "description": "key is the label key that the selector applies to.", + "type": "string" + }, + "operator": { + "description": "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.", + "type": "string" + }, + "values": { + "description": "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array" + }, + "matchLabels": { + "additionalProperties": { + "type": "string" + }, + "description": "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", + "type": "object" + } + }, + "type": "object" + }, + "namespaces": { + "description": "namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means \"this pod's namespace\".", + "items": { + "type": "string" + }, + "type": "array" + }, + "topologyKey": { + "description": "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed.", + "type": "string" + } + }, + "required": [ + "topologyKey" + ], + "type": "object" + }, + "weight": { + "description": "weight associated with matching the corresponding podAffinityTerm, in the range 1-100.", + "format": "int32", + "type": "integer" + } + }, + "required": [ + "podAffinityTerm", + "weight" + ], + "type": "object" + }, + "type": "array" + }, + "requiredDuringSchedulingIgnoredDuringExecution": { + "description": "If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied.", + "items": { + "description": "Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running", + "properties": { + "labelSelector": { + "description": "A label query over a set of resources, in this case pods.", + "properties": { + "matchExpressions": { + "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", + "items": { + "description": "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.", + "properties": { + "key": { + "description": "key is the label key that the selector applies to.", + "type": "string" + }, + "operator": { + "description": "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.", + "type": "string" + }, + "values": { + "description": "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array" + }, + "matchLabels": { + "additionalProperties": { + "type": "string" + }, + "description": "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", + "type": "object" + } + }, + "type": "object" + }, + "namespaceSelector": { + "description": "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means \"this pod's namespace\". An empty selector ({}) matches all namespaces.", + "properties": { + "matchExpressions": { + "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", + "items": { + "description": "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.", + "properties": { + "key": { + "description": "key is the label key that the selector applies to.", + "type": "string" + }, + "operator": { + "description": "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.", + "type": "string" + }, + "values": { + "description": "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array" + }, + "matchLabels": { + "additionalProperties": { + "type": "string" + }, + "description": "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", + "type": "object" + } + }, + "type": "object" + }, + "namespaces": { + "description": "namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means \"this pod's namespace\".", + "items": { + "type": "string" + }, + "type": "array" + }, + "topologyKey": { + "description": "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed.", + "type": "string" + } + }, + "required": [ + "topologyKey" + ], + "type": "object" + }, + "type": "array" + } + }, + "type": "object" + }, + "podAntiAffinity": { + "description": "Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s)).", + "properties": { + "preferredDuringSchedulingIgnoredDuringExecution": { + "description": "The scheduler will prefer to schedule pods to nodes that satisfy the anti-affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling anti-affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding \"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred.", + "items": { + "description": "The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s)", + "properties": { + "podAffinityTerm": { + "description": "Required. A pod affinity term, associated with the corresponding weight.", + "properties": { + "labelSelector": { + "description": "A label query over a set of resources, in this case pods.", + "properties": { + "matchExpressions": { + "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", + "items": { + "description": "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.", + "properties": { + "key": { + "description": "key is the label key that the selector applies to.", + "type": "string" + }, + "operator": { + "description": "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.", + "type": "string" + }, + "values": { + "description": "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array" + }, + "matchLabels": { + "additionalProperties": { + "type": "string" + }, + "description": "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", + "type": "object" + } + }, + "type": "object" + }, + "namespaceSelector": { + "description": "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means \"this pod's namespace\". An empty selector ({}) matches all namespaces.", + "properties": { + "matchExpressions": { + "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", + "items": { + "description": "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.", + "properties": { + "key": { + "description": "key is the label key that the selector applies to.", + "type": "string" + }, + "operator": { + "description": "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.", + "type": "string" + }, + "values": { + "description": "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array" + }, + "matchLabels": { + "additionalProperties": { + "type": "string" + }, + "description": "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", + "type": "object" + } + }, + "type": "object" + }, + "namespaces": { + "description": "namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means \"this pod's namespace\".", + "items": { + "type": "string" + }, + "type": "array" + }, + "topologyKey": { + "description": "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed.", + "type": "string" + } + }, + "required": [ + "topologyKey" + ], + "type": "object" + }, + "weight": { + "description": "weight associated with matching the corresponding podAffinityTerm, in the range 1-100.", + "format": "int32", + "type": "integer" + } + }, + "required": [ + "podAffinityTerm", + "weight" + ], + "type": "object" + }, + "type": "array" + }, + "requiredDuringSchedulingIgnoredDuringExecution": { + "description": "If the anti-affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the anti-affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied.", + "items": { + "description": "Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running", + "properties": { + "labelSelector": { + "description": "A label query over a set of resources, in this case pods.", + "properties": { + "matchExpressions": { + "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", + "items": { + "description": "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.", + "properties": { + "key": { + "description": "key is the label key that the selector applies to.", + "type": "string" + }, + "operator": { + "description": "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.", + "type": "string" + }, + "values": { + "description": "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array" + }, + "matchLabels": { + "additionalProperties": { + "type": "string" + }, + "description": "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", + "type": "object" + } + }, + "type": "object" + }, + "namespaceSelector": { + "description": "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means \"this pod's namespace\". An empty selector ({}) matches all namespaces.", + "properties": { + "matchExpressions": { + "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", + "items": { + "description": "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.", + "properties": { + "key": { + "description": "key is the label key that the selector applies to.", + "type": "string" + }, + "operator": { + "description": "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.", + "type": "string" + }, + "values": { + "description": "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array" + }, + "matchLabels": { + "additionalProperties": { + "type": "string" + }, + "description": "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", + "type": "object" + } + }, + "type": "object" + }, + "namespaces": { + "description": "namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means \"this pod's namespace\".", + "items": { + "type": "string" + }, + "type": "array" + }, + "topologyKey": { + "description": "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed.", + "type": "string" + } + }, + "required": [ + "topologyKey" + ], + "type": "object" + }, + "type": "array" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "livenessProbe": { + "default": { + "failureThreshold": 3, + "initialDelaySeconds": 1, + "periodSeconds": 10, + "successThreshold": 1, + "timeoutSeconds": 1 + }, + "description": "Probe is a interface for ReadinessProbe and LivenessProbe", + "properties": { + "failureThreshold": { + "default": 3, + "format": "int32", + "minimum": 1, + "type": "integer" + }, + "initialDelaySeconds": { + "default": 1, + "format": "int32", + "minimum": 1, + "type": "integer" + }, + "periodSeconds": { + "default": 10, + "format": "int32", + "minimum": 1, + "type": "integer" + }, + "successThreshold": { + "default": 1, + "format": "int32", + "minimum": 1, + "type": "integer" + }, + "timeoutSeconds": { + "default": 1, + "format": "int32", + "minimum": 1, + "type": "integer" + } + }, + "type": "object" + }, + "nodeSelector": { + "additionalProperties": { + "type": "string" + }, + "type": "object" + }, + "pdb": { + "description": "RedisPodDisruptionBudget configure a PodDisruptionBudget on the resource (leader/follower)", + "properties": { + "enabled": { + "type": "boolean" + }, + "maxUnavailable": { + "format": "int32", + "type": "integer" + }, + "minAvailable": { + "format": "int32", + "type": "integer" + } + }, + "type": "object" + }, + "readinessProbe": { + "default": { + "failureThreshold": 3, + "initialDelaySeconds": 1, + "periodSeconds": 10, + "successThreshold": 1, + "timeoutSeconds": 1 + }, + "description": "Probe is a interface for ReadinessProbe and LivenessProbe", + "properties": { + "failureThreshold": { + "default": 3, + "format": "int32", + "minimum": 1, + "type": "integer" + }, + "initialDelaySeconds": { + "default": 1, + "format": "int32", + "minimum": 1, + "type": "integer" + }, + "periodSeconds": { + "default": 10, + "format": "int32", + "minimum": 1, + "type": "integer" + }, + "successThreshold": { + "default": 1, + "format": "int32", + "minimum": 1, + "type": "integer" + }, + "timeoutSeconds": { + "default": 1, + "format": "int32", + "minimum": 1, + "type": "integer" + } + }, + "type": "object" + }, + "redisConfig": { + "description": "RedisConfig defines the external configuration of Redis", + "properties": { + "additionalRedisConfig": { + "type": "string" + } + }, + "type": "object" + }, + "replicas": { + "format": "int32", + "type": "integer" + }, + "securityContext": { + "description": "SecurityContext holds security configuration that will be applied to a container. Some fields are present in both SecurityContext and PodSecurityContext. When both are set, the values in SecurityContext take precedence.", + "properties": { + "allowPrivilegeEscalation": { + "description": "AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN Note that this field cannot be set when spec.os.name is windows.", + "type": "boolean" + }, + "capabilities": { + "description": "The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. Note that this field cannot be set when spec.os.name is windows.", + "properties": { + "add": { + "description": "Added capabilities", + "items": { + "description": "Capability represent POSIX capabilities type", + "type": "string" + }, + "type": "array" + }, + "drop": { + "description": "Removed capabilities", + "items": { + "description": "Capability represent POSIX capabilities type", + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + }, + "privileged": { + "description": "Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. Note that this field cannot be set when spec.os.name is windows.", + "type": "boolean" + }, + "procMount": { + "description": "procMount denotes the type of proc mount to use for the containers. The default is DefaultProcMount which uses the container runtime defaults for readonly paths and masked paths. This requires the ProcMountType feature flag to be enabled. Note that this field cannot be set when spec.os.name is windows.", + "type": "string" + }, + "readOnlyRootFilesystem": { + "description": "Whether this container has a read-only root filesystem. Default is false. Note that this field cannot be set when spec.os.name is windows.", + "type": "boolean" + }, + "runAsGroup": { + "description": "The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows.", + "format": "int64", + "type": "integer" + }, + "runAsNonRoot": { + "description": "Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.", + "type": "boolean" + }, + "runAsUser": { + "description": "The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows.", + "format": "int64", + "type": "integer" + }, + "seLinuxOptions": { + "description": "The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows.", + "properties": { + "level": { + "description": "Level is SELinux level label that applies to the container.", + "type": "string" + }, + "role": { + "description": "Role is a SELinux role label that applies to the container.", + "type": "string" + }, + "type": { + "description": "Type is a SELinux type label that applies to the container.", + "type": "string" + }, + "user": { + "description": "User is a SELinux user label that applies to the container.", + "type": "string" + } + }, + "type": "object" + }, + "seccompProfile": { + "description": "The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows.", + "properties": { + "localhostProfile": { + "description": "localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must be set if type is \"Localhost\". Must NOT be set for any other type.", + "type": "string" + }, + "type": { + "description": "type indicates which kind of seccomp profile will be applied. Valid options are: \n Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied.", + "type": "string" + } + }, + "required": [ + "type" + ], + "type": "object" + }, + "windowsOptions": { + "description": "The Windows specific settings applied to all containers. If unspecified, the options from the PodSecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is linux.", + "properties": { + "gmsaCredentialSpec": { + "description": "GMSACredentialSpec is where the GMSA admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the GMSA credential spec named by the GMSACredentialSpecName field.", + "type": "string" + }, + "gmsaCredentialSpecName": { + "description": "GMSACredentialSpecName is the name of the GMSA credential spec to use.", + "type": "string" + }, + "hostProcess": { + "description": "HostProcess determines if a container should be run as a 'Host Process' container. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.", + "type": "boolean" + }, + "runAsUserName": { + "description": "The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.", + "type": "string" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "terminationGracePeriodSeconds": { + "format": "int64", + "type": "integer" + }, + "tolerations": { + "items": { + "description": "The pod this Toleration is attached to tolerates any taint that matches the triple using the matching operator .", + "properties": { + "effect": { + "description": "Effect indicates the taint effect to match. Empty means match all taint effects. When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute.", + "type": "string" + }, + "key": { + "description": "Key is the taint key that the toleration applies to. Empty means match all taint keys. If the key is empty, operator must be Exists; this combination means to match all values and all keys.", + "type": "string" + }, + "operator": { + "description": "Operator represents a key's relationship to the value. Valid operators are Exists and Equal. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category.", + "type": "string" + }, + "tolerationSeconds": { + "description": "TolerationSeconds represents the period of time the toleration (which must be of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, it is not set, which means tolerate the taint forever (do not evict). Zero and negative values will be treated as 0 (evict immediately) by the system.", + "format": "int64", + "type": "integer" + }, + "value": { + "description": "Value is the taint value the toleration matches to. If the operator is Exists, the value should be empty, otherwise just a regular string.", + "type": "string" + } + }, + "type": "object" + }, + "type": "array" + } + }, + "type": "object" + }, + "redisLeader": { + "default": { + "livenessProbe": { + "failureThreshold": 3, + "initialDelaySeconds": 1, + "periodSeconds": 10, + "successThreshold": 1, + "timeoutSeconds": 1 + }, + "readinessProbe": { + "failureThreshold": 3, + "initialDelaySeconds": 1, + "periodSeconds": 10, + "successThreshold": 1, + "timeoutSeconds": 1 + } + }, + "description": "RedisLeader interface will have the redis leader configuration", + "properties": { + "affinity": { + "description": "Affinity is a group of affinity scheduling rules.", + "properties": { + "nodeAffinity": { + "description": "Describes node affinity scheduling rules for the pod.", + "properties": { + "preferredDuringSchedulingIgnoredDuringExecution": { + "description": "The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding \"weight\" to the sum if the node matches the corresponding matchExpressions; the node(s) with the highest sum are the most preferred.", + "items": { + "description": "An empty preferred scheduling term matches all objects with implicit weight 0 (i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op).", + "properties": { + "preference": { + "description": "A node selector term, associated with the corresponding weight.", + "properties": { + "matchExpressions": { + "description": "A list of node selector requirements by node's labels.", + "items": { + "description": "A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values.", + "properties": { + "key": { + "description": "The label key that the selector applies to.", + "type": "string" + }, + "operator": { + "description": "Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.", + "type": "string" + }, + "values": { + "description": "An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array" + }, + "matchFields": { + "description": "A list of node selector requirements by node's fields.", + "items": { + "description": "A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values.", + "properties": { + "key": { + "description": "The label key that the selector applies to.", + "type": "string" + }, + "operator": { + "description": "Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.", + "type": "string" + }, + "values": { + "description": "An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array" + } + }, + "type": "object" + }, + "weight": { + "description": "Weight associated with matching the corresponding nodeSelectorTerm, in the range 1-100.", + "format": "int32", + "type": "integer" + } + }, + "required": [ + "preference", + "weight" + ], + "type": "object" + }, + "type": "array" + }, + "requiredDuringSchedulingIgnoredDuringExecution": { + "description": "If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to an update), the system may or may not try to eventually evict the pod from its node.", + "properties": { + "nodeSelectorTerms": { + "description": "Required. A list of node selector terms. The terms are ORed.", + "items": { + "description": "A null or empty node selector term matches no objects. The requirements of them are ANDed. The TopologySelectorTerm type implements a subset of the NodeSelectorTerm.", + "properties": { + "matchExpressions": { + "description": "A list of node selector requirements by node's labels.", + "items": { + "description": "A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values.", + "properties": { + "key": { + "description": "The label key that the selector applies to.", + "type": "string" + }, + "operator": { + "description": "Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.", + "type": "string" + }, + "values": { + "description": "An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array" + }, + "matchFields": { + "description": "A list of node selector requirements by node's fields.", + "items": { + "description": "A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values.", + "properties": { + "key": { + "description": "The label key that the selector applies to.", + "type": "string" + }, + "operator": { + "description": "Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.", + "type": "string" + }, + "values": { + "description": "An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array" + } + }, + "type": "object" + }, + "type": "array" + } + }, + "required": [ + "nodeSelectorTerms" + ], + "type": "object" + } + }, + "type": "object" + }, + "podAffinity": { + "description": "Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s)).", + "properties": { + "preferredDuringSchedulingIgnoredDuringExecution": { + "description": "The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding \"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred.", + "items": { + "description": "The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s)", + "properties": { + "podAffinityTerm": { + "description": "Required. A pod affinity term, associated with the corresponding weight.", + "properties": { + "labelSelector": { + "description": "A label query over a set of resources, in this case pods.", + "properties": { + "matchExpressions": { + "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", + "items": { + "description": "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.", + "properties": { + "key": { + "description": "key is the label key that the selector applies to.", + "type": "string" + }, + "operator": { + "description": "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.", + "type": "string" + }, + "values": { + "description": "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array" + }, + "matchLabels": { + "additionalProperties": { + "type": "string" + }, + "description": "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", + "type": "object" + } + }, + "type": "object" + }, + "namespaceSelector": { + "description": "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means \"this pod's namespace\". An empty selector ({}) matches all namespaces.", + "properties": { + "matchExpressions": { + "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", + "items": { + "description": "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.", + "properties": { + "key": { + "description": "key is the label key that the selector applies to.", + "type": "string" + }, + "operator": { + "description": "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.", + "type": "string" + }, + "values": { + "description": "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array" + }, + "matchLabels": { + "additionalProperties": { + "type": "string" + }, + "description": "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", + "type": "object" + } + }, + "type": "object" + }, + "namespaces": { + "description": "namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means \"this pod's namespace\".", + "items": { + "type": "string" + }, + "type": "array" + }, + "topologyKey": { + "description": "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed.", + "type": "string" + } + }, + "required": [ + "topologyKey" + ], + "type": "object" + }, + "weight": { + "description": "weight associated with matching the corresponding podAffinityTerm, in the range 1-100.", + "format": "int32", + "type": "integer" + } + }, + "required": [ + "podAffinityTerm", + "weight" + ], + "type": "object" + }, + "type": "array" + }, + "requiredDuringSchedulingIgnoredDuringExecution": { + "description": "If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied.", + "items": { + "description": "Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running", + "properties": { + "labelSelector": { + "description": "A label query over a set of resources, in this case pods.", + "properties": { + "matchExpressions": { + "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", + "items": { + "description": "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.", + "properties": { + "key": { + "description": "key is the label key that the selector applies to.", + "type": "string" + }, + "operator": { + "description": "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.", + "type": "string" + }, + "values": { + "description": "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array" + }, + "matchLabels": { + "additionalProperties": { + "type": "string" + }, + "description": "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", + "type": "object" + } + }, + "type": "object" + }, + "namespaceSelector": { + "description": "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means \"this pod's namespace\". An empty selector ({}) matches all namespaces.", + "properties": { + "matchExpressions": { + "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", + "items": { + "description": "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.", + "properties": { + "key": { + "description": "key is the label key that the selector applies to.", + "type": "string" + }, + "operator": { + "description": "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.", + "type": "string" + }, + "values": { + "description": "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array" + }, + "matchLabels": { + "additionalProperties": { + "type": "string" + }, + "description": "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", + "type": "object" + } + }, + "type": "object" + }, + "namespaces": { + "description": "namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means \"this pod's namespace\".", + "items": { + "type": "string" + }, + "type": "array" + }, + "topologyKey": { + "description": "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed.", + "type": "string" + } + }, + "required": [ + "topologyKey" + ], + "type": "object" + }, + "type": "array" + } + }, + "type": "object" + }, + "podAntiAffinity": { + "description": "Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s)).", + "properties": { + "preferredDuringSchedulingIgnoredDuringExecution": { + "description": "The scheduler will prefer to schedule pods to nodes that satisfy the anti-affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling anti-affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding \"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred.", + "items": { + "description": "The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s)", + "properties": { + "podAffinityTerm": { + "description": "Required. A pod affinity term, associated with the corresponding weight.", + "properties": { + "labelSelector": { + "description": "A label query over a set of resources, in this case pods.", + "properties": { + "matchExpressions": { + "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", + "items": { + "description": "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.", + "properties": { + "key": { + "description": "key is the label key that the selector applies to.", + "type": "string" + }, + "operator": { + "description": "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.", + "type": "string" + }, + "values": { + "description": "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array" + }, + "matchLabels": { + "additionalProperties": { + "type": "string" + }, + "description": "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", + "type": "object" + } + }, + "type": "object" + }, + "namespaceSelector": { + "description": "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means \"this pod's namespace\". An empty selector ({}) matches all namespaces.", + "properties": { + "matchExpressions": { + "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", + "items": { + "description": "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.", + "properties": { + "key": { + "description": "key is the label key that the selector applies to.", + "type": "string" + }, + "operator": { + "description": "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.", + "type": "string" + }, + "values": { + "description": "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array" + }, + "matchLabels": { + "additionalProperties": { + "type": "string" + }, + "description": "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", + "type": "object" + } + }, + "type": "object" + }, + "namespaces": { + "description": "namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means \"this pod's namespace\".", + "items": { + "type": "string" + }, + "type": "array" + }, + "topologyKey": { + "description": "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed.", + "type": "string" + } + }, + "required": [ + "topologyKey" + ], + "type": "object" + }, + "weight": { + "description": "weight associated with matching the corresponding podAffinityTerm, in the range 1-100.", + "format": "int32", + "type": "integer" + } + }, + "required": [ + "podAffinityTerm", + "weight" + ], + "type": "object" + }, + "type": "array" + }, + "requiredDuringSchedulingIgnoredDuringExecution": { + "description": "If the anti-affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the anti-affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied.", + "items": { + "description": "Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running", + "properties": { + "labelSelector": { + "description": "A label query over a set of resources, in this case pods.", + "properties": { + "matchExpressions": { + "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", + "items": { + "description": "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.", + "properties": { + "key": { + "description": "key is the label key that the selector applies to.", + "type": "string" + }, + "operator": { + "description": "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.", + "type": "string" + }, + "values": { + "description": "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array" + }, + "matchLabels": { + "additionalProperties": { + "type": "string" + }, + "description": "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", + "type": "object" + } + }, + "type": "object" + }, + "namespaceSelector": { + "description": "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means \"this pod's namespace\". An empty selector ({}) matches all namespaces.", + "properties": { + "matchExpressions": { + "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", + "items": { + "description": "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.", + "properties": { + "key": { + "description": "key is the label key that the selector applies to.", + "type": "string" + }, + "operator": { + "description": "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.", + "type": "string" + }, + "values": { + "description": "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array" + }, + "matchLabels": { + "additionalProperties": { + "type": "string" + }, + "description": "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", + "type": "object" + } + }, + "type": "object" + }, + "namespaces": { + "description": "namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means \"this pod's namespace\".", + "items": { + "type": "string" + }, + "type": "array" + }, + "topologyKey": { + "description": "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed.", + "type": "string" + } + }, + "required": [ + "topologyKey" + ], + "type": "object" + }, + "type": "array" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "livenessProbe": { + "default": { + "failureThreshold": 3, + "initialDelaySeconds": 1, + "periodSeconds": 10, + "successThreshold": 1, + "timeoutSeconds": 1 + }, + "description": "Probe is a interface for ReadinessProbe and LivenessProbe", + "properties": { + "failureThreshold": { + "default": 3, + "format": "int32", + "minimum": 1, + "type": "integer" + }, + "initialDelaySeconds": { + "default": 1, + "format": "int32", + "minimum": 1, + "type": "integer" + }, + "periodSeconds": { + "default": 10, + "format": "int32", + "minimum": 1, + "type": "integer" + }, + "successThreshold": { + "default": 1, + "format": "int32", + "minimum": 1, + "type": "integer" + }, + "timeoutSeconds": { + "default": 1, + "format": "int32", + "minimum": 1, + "type": "integer" + } + }, + "type": "object" + }, + "nodeSelector": { + "additionalProperties": { + "type": "string" + }, + "type": "object" + }, + "pdb": { + "description": "RedisPodDisruptionBudget configure a PodDisruptionBudget on the resource (leader/follower)", + "properties": { + "enabled": { + "type": "boolean" + }, + "maxUnavailable": { + "format": "int32", + "type": "integer" + }, + "minAvailable": { + "format": "int32", + "type": "integer" + } + }, + "type": "object" + }, + "readinessProbe": { + "default": { + "failureThreshold": 3, + "initialDelaySeconds": 1, + "periodSeconds": 10, + "successThreshold": 1, + "timeoutSeconds": 1 + }, + "description": "Probe is a interface for ReadinessProbe and LivenessProbe", + "properties": { + "failureThreshold": { + "default": 3, + "format": "int32", + "minimum": 1, + "type": "integer" + }, + "initialDelaySeconds": { + "default": 1, + "format": "int32", + "minimum": 1, + "type": "integer" + }, + "periodSeconds": { + "default": 10, + "format": "int32", + "minimum": 1, + "type": "integer" + }, + "successThreshold": { + "default": 1, + "format": "int32", + "minimum": 1, + "type": "integer" + }, + "timeoutSeconds": { + "default": 1, + "format": "int32", + "minimum": 1, + "type": "integer" + } + }, + "type": "object" + }, + "redisConfig": { + "description": "RedisConfig defines the external configuration of Redis", + "properties": { + "additionalRedisConfig": { + "type": "string" + } + }, + "type": "object" + }, + "replicas": { + "format": "int32", + "type": "integer" + }, + "securityContext": { + "description": "SecurityContext holds security configuration that will be applied to a container. Some fields are present in both SecurityContext and PodSecurityContext. When both are set, the values in SecurityContext take precedence.", + "properties": { + "allowPrivilegeEscalation": { + "description": "AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN Note that this field cannot be set when spec.os.name is windows.", + "type": "boolean" + }, + "capabilities": { + "description": "The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. Note that this field cannot be set when spec.os.name is windows.", + "properties": { + "add": { + "description": "Added capabilities", + "items": { + "description": "Capability represent POSIX capabilities type", + "type": "string" + }, + "type": "array" + }, + "drop": { + "description": "Removed capabilities", + "items": { + "description": "Capability represent POSIX capabilities type", + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + }, + "privileged": { + "description": "Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. Note that this field cannot be set when spec.os.name is windows.", + "type": "boolean" + }, + "procMount": { + "description": "procMount denotes the type of proc mount to use for the containers. The default is DefaultProcMount which uses the container runtime defaults for readonly paths and masked paths. This requires the ProcMountType feature flag to be enabled. Note that this field cannot be set when spec.os.name is windows.", + "type": "string" + }, + "readOnlyRootFilesystem": { + "description": "Whether this container has a read-only root filesystem. Default is false. Note that this field cannot be set when spec.os.name is windows.", + "type": "boolean" + }, + "runAsGroup": { + "description": "The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows.", + "format": "int64", + "type": "integer" + }, + "runAsNonRoot": { + "description": "Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.", + "type": "boolean" + }, + "runAsUser": { + "description": "The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows.", + "format": "int64", + "type": "integer" + }, + "seLinuxOptions": { + "description": "The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows.", + "properties": { + "level": { + "description": "Level is SELinux level label that applies to the container.", + "type": "string" + }, + "role": { + "description": "Role is a SELinux role label that applies to the container.", + "type": "string" + }, + "type": { + "description": "Type is a SELinux type label that applies to the container.", + "type": "string" + }, + "user": { + "description": "User is a SELinux user label that applies to the container.", + "type": "string" + } + }, + "type": "object" + }, + "seccompProfile": { + "description": "The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows.", + "properties": { + "localhostProfile": { + "description": "localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must be set if type is \"Localhost\". Must NOT be set for any other type.", + "type": "string" + }, + "type": { + "description": "type indicates which kind of seccomp profile will be applied. Valid options are: \n Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied.", + "type": "string" + } + }, + "required": [ + "type" + ], + "type": "object" + }, + "windowsOptions": { + "description": "The Windows specific settings applied to all containers. If unspecified, the options from the PodSecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is linux.", + "properties": { + "gmsaCredentialSpec": { + "description": "GMSACredentialSpec is where the GMSA admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the GMSA credential spec named by the GMSACredentialSpecName field.", + "type": "string" + }, + "gmsaCredentialSpecName": { + "description": "GMSACredentialSpecName is the name of the GMSA credential spec to use.", + "type": "string" + }, + "hostProcess": { + "description": "HostProcess determines if a container should be run as a 'Host Process' container. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.", + "type": "boolean" + }, + "runAsUserName": { + "description": "The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.", + "type": "string" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "terminationGracePeriodSeconds": { + "format": "int64", + "type": "integer" + }, + "tolerations": { + "items": { + "description": "The pod this Toleration is attached to tolerates any taint that matches the triple using the matching operator .", + "properties": { + "effect": { + "description": "Effect indicates the taint effect to match. Empty means match all taint effects. When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute.", + "type": "string" + }, + "key": { + "description": "Key is the taint key that the toleration applies to. Empty means match all taint keys. If the key is empty, operator must be Exists; this combination means to match all values and all keys.", + "type": "string" + }, + "operator": { + "description": "Operator represents a key's relationship to the value. Valid operators are Exists and Equal. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category.", + "type": "string" + }, + "tolerationSeconds": { + "description": "TolerationSeconds represents the period of time the toleration (which must be of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, it is not set, which means tolerate the taint forever (do not evict). Zero and negative values will be treated as 0 (evict immediately) by the system.", + "format": "int64", + "type": "integer" + }, + "value": { + "description": "Value is the taint value the toleration matches to. If the operator is Exists, the value should be empty, otherwise just a regular string.", + "type": "string" + } + }, + "type": "object" + }, + "type": "array" + } + }, + "type": "object" + }, + "resources": { + "description": "ResourceRequirements describes the compute resource requirements.", + "properties": { + "claims": { + "description": "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers.", + "items": { + "description": "ResourceClaim references one entry in PodSpec.ResourceClaims.", + "properties": { + "name": { + "description": "Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container.", + "type": "string" + } + }, + "required": [ + "name" + ], + "type": "object" + }, + "type": "array", + "x-kubernetes-list-map-keys": [ + "name" + ], + "x-kubernetes-list-type": "map" + }, + "limits": { + "additionalProperties": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "description": "Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/", + "type": "object" + }, + "requests": { + "additionalProperties": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "description": "Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/", + "type": "object" + } + }, + "type": "object" + }, + "serviceAccountName": { + "type": "string" + }, + "sidecars": { + "items": { + "description": "Sidecar for each Redis pods", + "properties": { + "command": { + "items": { + "type": "string" + }, + "type": "array" + }, + "env": { + "items": { + "description": "EnvVar represents an environment variable present in a Container.", + "properties": { + "name": { + "description": "Name of the environment variable. Must be a C_IDENTIFIER.", + "type": "string" + }, + "value": { + "description": "Variable references $(VAR_NAME) are expanded using the previously defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to \"\".", + "type": "string" + }, + "valueFrom": { + "description": "Source for the environment variable's value. Cannot be used if value is not empty.", + "properties": { + "configMapKeyRef": { + "description": "Selects a key of a ConfigMap.", + "properties": { + "key": { + "description": "The key to select.", + "type": "string" + }, + "name": { + "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?", + "type": "string" + }, + "optional": { + "description": "Specify whether the ConfigMap or its key must be defined", + "type": "boolean" + } + }, + "required": [ + "key" + ], + "type": "object" + }, + "fieldRef": { + "description": "Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs.", + "properties": { + "apiVersion": { + "description": "Version of the schema the FieldPath is written in terms of, defaults to \"v1\".", + "type": "string" + }, + "fieldPath": { + "description": "Path of the field to select in the specified API version.", + "type": "string" + } + }, + "required": [ + "fieldPath" + ], + "type": "object" + }, + "resourceFieldRef": { + "description": "Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported.", + "properties": { + "containerName": { + "description": "Container name: required for volumes, optional for env vars", + "type": "string" + }, + "divisor": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "description": "Specifies the output format of the exposed resources, defaults to \"1\"", + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "resource": { + "description": "Required: resource to select", + "type": "string" + } + }, + "required": [ + "resource" + ], + "type": "object" + }, + "secretKeyRef": { + "description": "Selects a key of a secret in the pod's namespace", + "properties": { + "key": { + "description": "The key of the secret to select from. Must be a valid secret key.", + "type": "string" + }, + "name": { + "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?", + "type": "string" + }, + "optional": { + "description": "Specify whether the Secret or its key must be defined", + "type": "boolean" + } + }, + "required": [ + "key" + ], + "type": "object" + } + }, + "type": "object" + } + }, + "required": [ + "name" + ], + "type": "object" + }, + "type": "array" + }, + "image": { + "type": "string" + }, + "imagePullPolicy": { + "description": "PullPolicy describes a policy for if/when to pull a container image", + "type": "string" + }, + "mountPath": { + "items": { + "description": "VolumeMount describes a mounting of a Volume within a container.", + "properties": { + "mountPath": { + "description": "Path within the container at which the volume should be mounted. Must not contain ':'.", + "type": "string" + }, + "mountPropagation": { + "description": "mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationNone is used. This field is beta in 1.10.", + "type": "string" + }, + "name": { + "description": "This must match the Name of a Volume.", + "type": "string" + }, + "readOnly": { + "description": "Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false.", + "type": "boolean" + }, + "subPath": { + "description": "Path within the volume from which the container's volume should be mounted. Defaults to \"\" (volume's root).", + "type": "string" + }, + "subPathExpr": { + "description": "Expanded path within the volume from which the container's volume should be mounted. Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. Defaults to \"\" (volume's root). SubPathExpr and SubPath are mutually exclusive.", + "type": "string" + } + }, + "required": [ + "mountPath", + "name" + ], + "type": "object" + }, + "type": "array" + }, + "name": { + "type": "string" + }, + "ports": { + "items": { + "description": "ContainerPort represents a network port in a single container.", + "properties": { + "containerPort": { + "description": "Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536.", + "format": "int32", + "type": "integer" + }, + "hostIP": { + "description": "What host IP to bind the external port to.", + "type": "string" + }, + "hostPort": { + "description": "Number of port to expose on the host. If specified, this must be a valid port number, 0 < x < 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this.", + "format": "int32", + "type": "integer" + }, + "name": { + "description": "If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services.", + "type": "string" + }, + "protocol": { + "default": "TCP", + "description": "Protocol for port. Must be UDP, TCP, or SCTP. Defaults to \"TCP\".", + "type": "string" + } + }, + "required": [ + "containerPort" + ], + "type": "object" + }, + "type": "array" + }, + "resources": { + "description": "ResourceRequirements describes the compute resource requirements.", + "properties": { + "claims": { + "description": "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers.", + "items": { + "description": "ResourceClaim references one entry in PodSpec.ResourceClaims.", + "properties": { + "name": { + "description": "Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container.", + "type": "string" + } + }, + "required": [ + "name" + ], + "type": "object" + }, + "type": "array", + "x-kubernetes-list-map-keys": [ + "name" + ], + "x-kubernetes-list-type": "map" + }, + "limits": { + "additionalProperties": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "description": "Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/", + "type": "object" + }, + "requests": { + "additionalProperties": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "description": "Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/", + "type": "object" + } + }, + "type": "object" + } + }, + "required": [ + "image", + "name" + ], + "type": "object" + }, + "type": "array" + }, + "storage": { + "description": "Node-conf needs to be added only in redis cluster", + "properties": { + "keepAfterDelete": { + "type": "boolean" + }, + "nodeConfVolume": { + "default": false, + "type": "boolean" + }, + "nodeConfVolumeClaimTemplate": { + "description": "PersistentVolumeClaim is a user's request for and claim to a persistent volume", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", + "type": "string" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "description": "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata", + "type": "object" + }, + "spec": { + "description": "spec defines the desired characteristics of a volume requested by a pod author. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims", + "properties": { + "accessModes": { + "description": "accessModes contains the desired access modes the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1", + "items": { + "type": "string" + }, + "type": "array" + }, + "dataSource": { + "description": "dataSource field can be used to specify either: * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) * An existing PVC (PersistentVolumeClaim) If the provisioner or an external controller can support the specified data source, it will create a new volume based on the contents of the specified data source. When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. If the namespace is specified, then dataSourceRef will not be copied to dataSource.", + "properties": { + "apiGroup": { + "description": "APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required.", + "type": "string" + }, + "kind": { + "description": "Kind is the type of resource being referenced", + "type": "string" + }, + "name": { + "description": "Name is the name of resource being referenced", + "type": "string" + } + }, + "required": [ + "kind", + "name" + ], + "type": "object" + }, + "dataSourceRef": { + "description": "dataSourceRef specifies the object from which to populate the volume with data, if a non-empty volume is desired. This may be any object from a non-empty API group (non core object) or a PersistentVolumeClaim object. When this field is specified, volume binding will only succeed if the type of the specified object matches some installed volume populator or dynamic provisioner. This field will replace the functionality of the dataSource field and as such if both fields are non-empty, they must have the same value. For backwards compatibility, when namespace isn't specified in dataSourceRef, both fields (dataSource and dataSourceRef) will be set to the same value automatically if one of them is empty and the other is non-empty. When namespace is specified in dataSourceRef, dataSource isn't set to the same value and must be empty. There are three important differences between dataSource and dataSourceRef: * While dataSource only allows two specific types of objects, dataSourceRef allows any non-core object, as well as PersistentVolumeClaim objects. * While dataSource ignores disallowed values (dropping them), dataSourceRef preserves all values, and generates an error if a disallowed value is specified. * While dataSource only allows local objects, dataSourceRef allows objects in any namespaces. (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled.", + "properties": { + "apiGroup": { + "description": "APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required.", + "type": "string" + }, + "kind": { + "description": "Kind is the type of resource being referenced", + "type": "string" + }, + "name": { + "description": "Name is the name of resource being referenced", + "type": "string" + }, + "namespace": { + "description": "Namespace is the namespace of resource being referenced Note that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details. (Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled.", + "type": "string" + } + }, + "required": [ + "kind", + "name" + ], + "type": "object" + }, + "resources": { + "description": "resources represents the minimum resources the volume should have. If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements that are lower than previous value but must still be higher than capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources", + "properties": { + "claims": { + "description": "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers.", + "items": { + "description": "ResourceClaim references one entry in PodSpec.ResourceClaims.", + "properties": { + "name": { + "description": "Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container.", + "type": "string" + } + }, + "required": [ + "name" + ], + "type": "object" + }, + "type": "array", + "x-kubernetes-list-map-keys": [ + "name" + ], + "x-kubernetes-list-type": "map" + }, + "limits": { + "additionalProperties": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "description": "Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/", + "type": "object" + }, + "requests": { + "additionalProperties": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "description": "Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/", + "type": "object" + } + }, + "type": "object" + }, + "selector": { + "description": "selector is a label query over volumes to consider for binding.", + "properties": { + "matchExpressions": { + "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", + "items": { + "description": "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.", + "properties": { + "key": { + "description": "key is the label key that the selector applies to.", + "type": "string" + }, + "operator": { + "description": "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.", + "type": "string" + }, + "values": { + "description": "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array" + }, + "matchLabels": { + "additionalProperties": { + "type": "string" + }, + "description": "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", + "type": "object" + } + }, + "type": "object" + }, + "storageClassName": { + "description": "storageClassName is the name of the StorageClass required by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1", + "type": "string" + }, + "volumeMode": { + "description": "volumeMode defines what type of volume is required by the claim. Value of Filesystem is implied when not included in claim spec.", + "type": "string" + }, + "volumeName": { + "description": "volumeName is the binding reference to the PersistentVolume backing this claim.", + "type": "string" + } + }, + "type": "object" + }, + "status": { + "description": "status represents the current information/status of a persistent volume claim. Read-only. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims", + "properties": { + "accessModes": { + "description": "accessModes contains the actual access modes the volume backing the PVC has. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1", + "items": { + "type": "string" + }, + "type": "array" + }, + "allocatedResourceStatuses": { + "additionalProperties": { + "description": "When a controller receives persistentvolume claim update with ClaimResourceStatus for a resource that it does not recognizes, then it should ignore that update and let other controllers handle it.", + "type": "string" + }, + "description": "allocatedResourceStatuses stores status of resource being resized for the given PVC. Key names follow standard Kubernetes label syntax. Valid values are either: \t* Un-prefixed keys: \t\t- storage - the capacity of the volume. \t* Custom resources must use implementation-defined prefixed names such as \"example.com/my-custom-resource\" Apart from above values - keys that are unprefixed or have kubernetes.io prefix are considered reserved and hence may not be used. \n ClaimResourceStatus can be in any of following states: \t- ControllerResizeInProgress: \t\tState set when resize controller starts resizing the volume in control-plane. \t- ControllerResizeFailed: \t\tState set when resize has failed in resize controller with a terminal error. \t- NodeResizePending: \t\tState set when resize controller has finished resizing the volume but further resizing of \t\tvolume is needed on the node. \t- NodeResizeInProgress: \t\tState set when kubelet starts resizing the volume. \t- NodeResizeFailed: \t\tState set when resizing has failed in kubelet with a terminal error. Transient errors don't set \t\tNodeResizeFailed. For example: if expanding a PVC for more capacity - this field can be one of the following states: \t- pvc.status.allocatedResourceStatus['storage'] = \"ControllerResizeInProgress\" - pvc.status.allocatedResourceStatus['storage'] = \"ControllerResizeFailed\" - pvc.status.allocatedResourceStatus['storage'] = \"NodeResizePending\" - pvc.status.allocatedResourceStatus['storage'] = \"NodeResizeInProgress\" - pvc.status.allocatedResourceStatus['storage'] = \"NodeResizeFailed\" When this field is not set, it means that no resize operation is in progress for the given PVC. \n A controller that receives PVC update with previously unknown resourceName or ClaimResourceStatus should ignore the update for the purpose it was designed. For example - a controller that only is responsible for resizing capacity of the volume, should ignore PVC updates that change other valid resources associated with PVC. \n This is an alpha field and requires enabling RecoverVolumeExpansionFailure feature.", + "type": "object", + "x-kubernetes-map-type": "granular" + }, + "allocatedResources": { + "additionalProperties": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "description": "allocatedResources tracks the resources allocated to a PVC including its capacity. Key names follow standard Kubernetes label syntax. Valid values are either: \t* Un-prefixed keys: \t\t- storage - the capacity of the volume. \t* Custom resources must use implementation-defined prefixed names such as \"example.com/my-custom-resource\" Apart from above values - keys that are unprefixed or have kubernetes.io prefix are considered reserved and hence may not be used. \n Capacity reported here may be larger than the actual capacity when a volume expansion operation is requested. For storage quota, the larger value from allocatedResources and PVC.spec.resources is used. If allocatedResources is not set, PVC.spec.resources alone is used for quota calculation. If a volume expansion capacity request is lowered, allocatedResources is only lowered if there are no expansion operations in progress and if the actual volume capacity is equal or lower than the requested capacity. \n A controller that receives PVC update with previously unknown resourceName should ignore the update for the purpose it was designed. For example - a controller that only is responsible for resizing capacity of the volume, should ignore PVC updates that change other valid resources associated with PVC. \n This is an alpha field and requires enabling RecoverVolumeExpansionFailure feature.", + "type": "object" + }, + "capacity": { + "additionalProperties": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "description": "capacity represents the actual resources of the underlying volume.", + "type": "object" + }, + "conditions": { + "description": "conditions is the current Condition of persistent volume claim. If underlying persistent volume is being resized then the Condition will be set to 'ResizeStarted'.", + "items": { + "description": "PersistentVolumeClaimCondition contains details about state of pvc", + "properties": { + "lastProbeTime": { + "description": "lastProbeTime is the time we probed the condition.", + "format": "date-time", + "type": "string" + }, + "lastTransitionTime": { + "description": "lastTransitionTime is the time the condition transitioned from one status to another.", + "format": "date-time", + "type": "string" + }, + "message": { + "description": "message is the human-readable message indicating details about last transition.", + "type": "string" + }, + "reason": { + "description": "reason is a unique, this should be a short, machine understandable string that gives the reason for condition's last transition. If it reports \"ResizeStarted\" that means the underlying persistent volume is being resized.", + "type": "string" + }, + "status": { + "type": "string" + }, + "type": { + "description": "PersistentVolumeClaimConditionType is a valid value of PersistentVolumeClaimCondition.Type", + "type": "string" + } + }, + "required": [ + "status", + "type" + ], + "type": "object" + }, + "type": "array" + }, + "phase": { + "description": "phase represents the current phase of PersistentVolumeClaim.", + "type": "string" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "volumeClaimTemplate": { + "description": "PersistentVolumeClaim is a user's request for and claim to a persistent volume", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", + "type": "string" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "description": "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata", + "type": "object" + }, + "spec": { + "description": "spec defines the desired characteristics of a volume requested by a pod author. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims", + "properties": { + "accessModes": { + "description": "accessModes contains the desired access modes the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1", + "items": { + "type": "string" + }, + "type": "array" + }, + "dataSource": { + "description": "dataSource field can be used to specify either: * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) * An existing PVC (PersistentVolumeClaim) If the provisioner or an external controller can support the specified data source, it will create a new volume based on the contents of the specified data source. When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. If the namespace is specified, then dataSourceRef will not be copied to dataSource.", + "properties": { + "apiGroup": { + "description": "APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required.", + "type": "string" + }, + "kind": { + "description": "Kind is the type of resource being referenced", + "type": "string" + }, + "name": { + "description": "Name is the name of resource being referenced", + "type": "string" + } + }, + "required": [ + "kind", + "name" + ], + "type": "object" + }, + "dataSourceRef": { + "description": "dataSourceRef specifies the object from which to populate the volume with data, if a non-empty volume is desired. This may be any object from a non-empty API group (non core object) or a PersistentVolumeClaim object. When this field is specified, volume binding will only succeed if the type of the specified object matches some installed volume populator or dynamic provisioner. This field will replace the functionality of the dataSource field and as such if both fields are non-empty, they must have the same value. For backwards compatibility, when namespace isn't specified in dataSourceRef, both fields (dataSource and dataSourceRef) will be set to the same value automatically if one of them is empty and the other is non-empty. When namespace is specified in dataSourceRef, dataSource isn't set to the same value and must be empty. There are three important differences between dataSource and dataSourceRef: * While dataSource only allows two specific types of objects, dataSourceRef allows any non-core object, as well as PersistentVolumeClaim objects. * While dataSource ignores disallowed values (dropping them), dataSourceRef preserves all values, and generates an error if a disallowed value is specified. * While dataSource only allows local objects, dataSourceRef allows objects in any namespaces. (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled.", + "properties": { + "apiGroup": { + "description": "APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required.", + "type": "string" + }, + "kind": { + "description": "Kind is the type of resource being referenced", + "type": "string" + }, + "name": { + "description": "Name is the name of resource being referenced", + "type": "string" + }, + "namespace": { + "description": "Namespace is the namespace of resource being referenced Note that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details. (Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled.", + "type": "string" + } + }, + "required": [ + "kind", + "name" + ], + "type": "object" + }, + "resources": { + "description": "resources represents the minimum resources the volume should have. If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements that are lower than previous value but must still be higher than capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources", + "properties": { + "claims": { + "description": "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers.", + "items": { + "description": "ResourceClaim references one entry in PodSpec.ResourceClaims.", + "properties": { + "name": { + "description": "Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container.", + "type": "string" + } + }, + "required": [ + "name" + ], + "type": "object" + }, + "type": "array", + "x-kubernetes-list-map-keys": [ + "name" + ], + "x-kubernetes-list-type": "map" + }, + "limits": { + "additionalProperties": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "description": "Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/", + "type": "object" + }, + "requests": { + "additionalProperties": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "description": "Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/", + "type": "object" + } + }, + "type": "object" + }, + "selector": { + "description": "selector is a label query over volumes to consider for binding.", + "properties": { + "matchExpressions": { + "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", + "items": { + "description": "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.", + "properties": { + "key": { + "description": "key is the label key that the selector applies to.", + "type": "string" + }, + "operator": { + "description": "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.", + "type": "string" + }, + "values": { + "description": "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array" + }, + "matchLabels": { + "additionalProperties": { + "type": "string" + }, + "description": "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", + "type": "object" + } + }, + "type": "object" + }, + "storageClassName": { + "description": "storageClassName is the name of the StorageClass required by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1", + "type": "string" + }, + "volumeMode": { + "description": "volumeMode defines what type of volume is required by the claim. Value of Filesystem is implied when not included in claim spec.", + "type": "string" + }, + "volumeName": { + "description": "volumeName is the binding reference to the PersistentVolume backing this claim.", + "type": "string" + } + }, + "type": "object" + }, + "status": { + "description": "status represents the current information/status of a persistent volume claim. Read-only. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims", + "properties": { + "accessModes": { + "description": "accessModes contains the actual access modes the volume backing the PVC has. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1", + "items": { + "type": "string" + }, + "type": "array" + }, + "allocatedResourceStatuses": { + "additionalProperties": { + "description": "When a controller receives persistentvolume claim update with ClaimResourceStatus for a resource that it does not recognizes, then it should ignore that update and let other controllers handle it.", + "type": "string" + }, + "description": "allocatedResourceStatuses stores status of resource being resized for the given PVC. Key names follow standard Kubernetes label syntax. Valid values are either: \t* Un-prefixed keys: \t\t- storage - the capacity of the volume. \t* Custom resources must use implementation-defined prefixed names such as \"example.com/my-custom-resource\" Apart from above values - keys that are unprefixed or have kubernetes.io prefix are considered reserved and hence may not be used. \n ClaimResourceStatus can be in any of following states: \t- ControllerResizeInProgress: \t\tState set when resize controller starts resizing the volume in control-plane. \t- ControllerResizeFailed: \t\tState set when resize has failed in resize controller with a terminal error. \t- NodeResizePending: \t\tState set when resize controller has finished resizing the volume but further resizing of \t\tvolume is needed on the node. \t- NodeResizeInProgress: \t\tState set when kubelet starts resizing the volume. \t- NodeResizeFailed: \t\tState set when resizing has failed in kubelet with a terminal error. Transient errors don't set \t\tNodeResizeFailed. For example: if expanding a PVC for more capacity - this field can be one of the following states: \t- pvc.status.allocatedResourceStatus['storage'] = \"ControllerResizeInProgress\" - pvc.status.allocatedResourceStatus['storage'] = \"ControllerResizeFailed\" - pvc.status.allocatedResourceStatus['storage'] = \"NodeResizePending\" - pvc.status.allocatedResourceStatus['storage'] = \"NodeResizeInProgress\" - pvc.status.allocatedResourceStatus['storage'] = \"NodeResizeFailed\" When this field is not set, it means that no resize operation is in progress for the given PVC. \n A controller that receives PVC update with previously unknown resourceName or ClaimResourceStatus should ignore the update for the purpose it was designed. For example - a controller that only is responsible for resizing capacity of the volume, should ignore PVC updates that change other valid resources associated with PVC. \n This is an alpha field and requires enabling RecoverVolumeExpansionFailure feature.", + "type": "object", + "x-kubernetes-map-type": "granular" + }, + "allocatedResources": { + "additionalProperties": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "description": "allocatedResources tracks the resources allocated to a PVC including its capacity. Key names follow standard Kubernetes label syntax. Valid values are either: \t* Un-prefixed keys: \t\t- storage - the capacity of the volume. \t* Custom resources must use implementation-defined prefixed names such as \"example.com/my-custom-resource\" Apart from above values - keys that are unprefixed or have kubernetes.io prefix are considered reserved and hence may not be used. \n Capacity reported here may be larger than the actual capacity when a volume expansion operation is requested. For storage quota, the larger value from allocatedResources and PVC.spec.resources is used. If allocatedResources is not set, PVC.spec.resources alone is used for quota calculation. If a volume expansion capacity request is lowered, allocatedResources is only lowered if there are no expansion operations in progress and if the actual volume capacity is equal or lower than the requested capacity. \n A controller that receives PVC update with previously unknown resourceName should ignore the update for the purpose it was designed. For example - a controller that only is responsible for resizing capacity of the volume, should ignore PVC updates that change other valid resources associated with PVC. \n This is an alpha field and requires enabling RecoverVolumeExpansionFailure feature.", + "type": "object" + }, + "capacity": { + "additionalProperties": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "description": "capacity represents the actual resources of the underlying volume.", + "type": "object" + }, + "conditions": { + "description": "conditions is the current Condition of persistent volume claim. If underlying persistent volume is being resized then the Condition will be set to 'ResizeStarted'.", + "items": { + "description": "PersistentVolumeClaimCondition contains details about state of pvc", + "properties": { + "lastProbeTime": { + "description": "lastProbeTime is the time we probed the condition.", + "format": "date-time", + "type": "string" + }, + "lastTransitionTime": { + "description": "lastTransitionTime is the time the condition transitioned from one status to another.", + "format": "date-time", + "type": "string" + }, + "message": { + "description": "message is the human-readable message indicating details about last transition.", + "type": "string" + }, + "reason": { + "description": "reason is a unique, this should be a short, machine understandable string that gives the reason for condition's last transition. If it reports \"ResizeStarted\" that means the underlying persistent volume is being resized.", + "type": "string" + }, + "status": { + "type": "string" + }, + "type": { + "description": "PersistentVolumeClaimConditionType is a valid value of PersistentVolumeClaimCondition.Type", + "type": "string" + } + }, + "required": [ + "status", + "type" + ], + "type": "object" + }, + "type": "array" + }, + "phase": { + "description": "phase represents the current phase of PersistentVolumeClaim.", + "type": "string" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "volumeMount": { + "description": "Additional Volume is provided by user that is mounted on the pods", + "properties": { + "mountPath": { + "items": { + "description": "VolumeMount describes a mounting of a Volume within a container.", + "properties": { + "mountPath": { + "description": "Path within the container at which the volume should be mounted. Must not contain ':'.", + "type": "string" + }, + "mountPropagation": { + "description": "mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationNone is used. This field is beta in 1.10.", + "type": "string" + }, + "name": { + "description": "This must match the Name of a Volume.", + "type": "string" + }, + "readOnly": { + "description": "Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false.", + "type": "boolean" + }, + "subPath": { + "description": "Path within the volume from which the container's volume should be mounted. Defaults to \"\" (volume's root).", + "type": "string" + }, + "subPathExpr": { + "description": "Expanded path within the volume from which the container's volume should be mounted. Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. Defaults to \"\" (volume's root). SubPathExpr and SubPath are mutually exclusive.", + "type": "string" + } + }, + "required": [ + "mountPath", + "name" + ], + "type": "object" + }, + "type": "array" + }, + "volume": { + "items": { + "description": "Volume represents a named volume in a pod that may be accessed by any container in the pod.", + "properties": { + "awsElasticBlockStore": { + "description": "awsElasticBlockStore represents an AWS Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore", + "properties": { + "fsType": { + "description": "fsType is the filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore TODO: how do we prevent errors in the filesystem from compromising the machine", + "type": "string" + }, + "partition": { + "description": "partition is the partition in the volume that you want to mount. If omitted, the default is to mount by volume name. Examples: For volume /dev/sda1, you specify the partition as \"1\". Similarly, the volume partition for /dev/sda is \"0\" (or you can leave the property empty).", + "format": "int32", + "type": "integer" + }, + "readOnly": { + "description": "readOnly value true will force the readOnly setting in VolumeMounts. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore", + "type": "boolean" + }, + "volumeID": { + "description": "volumeID is unique ID of the persistent disk resource in AWS (Amazon EBS volume). More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore", + "type": "string" + } + }, + "required": [ + "volumeID" + ], + "type": "object" + }, + "azureDisk": { + "description": "azureDisk represents an Azure Data Disk mount on the host and bind mount to the pod.", + "properties": { + "cachingMode": { + "description": "cachingMode is the Host Caching mode: None, Read Only, Read Write.", + "type": "string" + }, + "diskName": { + "description": "diskName is the Name of the data disk in the blob storage", + "type": "string" + }, + "diskURI": { + "description": "diskURI is the URI of data disk in the blob storage", + "type": "string" + }, + "fsType": { + "description": "fsType is Filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.", + "type": "string" + }, + "kind": { + "description": "kind expected values are Shared: multiple blob disks per storage account Dedicated: single blob disk per storage account Managed: azure managed data disk (only in managed availability set). defaults to shared", + "type": "string" + }, + "readOnly": { + "description": "readOnly Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts.", + "type": "boolean" + } + }, + "required": [ + "diskName", + "diskURI" + ], + "type": "object" + }, + "azureFile": { + "description": "azureFile represents an Azure File Service mount on the host and bind mount to the pod.", + "properties": { + "readOnly": { + "description": "readOnly defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts.", + "type": "boolean" + }, + "secretName": { + "description": "secretName is the name of secret that contains Azure Storage Account Name and Key", + "type": "string" + }, + "shareName": { + "description": "shareName is the azure share Name", + "type": "string" + } + }, + "required": [ + "secretName", + "shareName" + ], + "type": "object" + }, + "cephfs": { + "description": "cephFS represents a Ceph FS mount on the host that shares a pod's lifetime", + "properties": { + "monitors": { + "description": "monitors is Required: Monitors is a collection of Ceph monitors More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it", + "items": { + "type": "string" + }, + "type": "array" + }, + "path": { + "description": "path is Optional: Used as the mounted root, rather than the full Ceph tree, default is /", + "type": "string" + }, + "readOnly": { + "description": "readOnly is Optional: Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it", + "type": "boolean" + }, + "secretFile": { + "description": "secretFile is Optional: SecretFile is the path to key ring for User, default is /etc/ceph/user.secret More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it", + "type": "string" + }, + "secretRef": { + "description": "secretRef is Optional: SecretRef is reference to the authentication secret for User, default is empty. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it", + "properties": { + "name": { + "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?", + "type": "string" + } + }, + "type": "object" + }, + "user": { + "description": "user is optional: User is the rados user name, default is admin More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it", + "type": "string" + } + }, + "required": [ + "monitors" + ], + "type": "object" + }, + "cinder": { + "description": "cinder represents a cinder volume attached and mounted on kubelets host machine. More info: https://examples.k8s.io/mysql-cinder-pd/README.md", + "properties": { + "fsType": { + "description": "fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Examples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified. More info: https://examples.k8s.io/mysql-cinder-pd/README.md", + "type": "string" + }, + "readOnly": { + "description": "readOnly defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts. More info: https://examples.k8s.io/mysql-cinder-pd/README.md", + "type": "boolean" + }, + "secretRef": { + "description": "secretRef is optional: points to a secret object containing parameters used to connect to OpenStack.", + "properties": { + "name": { + "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?", + "type": "string" + } + }, + "type": "object" + }, + "volumeID": { + "description": "volumeID used to identify the volume in cinder. More info: https://examples.k8s.io/mysql-cinder-pd/README.md", + "type": "string" + } + }, + "required": [ + "volumeID" + ], + "type": "object" + }, + "configMap": { + "description": "configMap represents a configMap that should populate this volume", + "properties": { + "defaultMode": { + "description": "defaultMode is optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.", + "format": "int32", + "type": "integer" + }, + "items": { + "description": "items if unspecified, each key-value pair in the Data field of the referenced ConfigMap will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the ConfigMap, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'.", + "items": { + "description": "Maps a string key to a path within a volume.", + "properties": { + "key": { + "description": "key is the key to project.", + "type": "string" + }, + "mode": { + "description": "mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.", + "format": "int32", + "type": "integer" + }, + "path": { + "description": "path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'.", + "type": "string" + } + }, + "required": [ + "key", + "path" + ], + "type": "object" + }, + "type": "array" + }, + "name": { + "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?", + "type": "string" + }, + "optional": { + "description": "optional specify whether the ConfigMap or its keys must be defined", + "type": "boolean" + } + }, + "type": "object" + }, + "csi": { + "description": "csi (Container Storage Interface) represents ephemeral storage that is handled by certain external CSI drivers (Beta feature).", + "properties": { + "driver": { + "description": "driver is the name of the CSI driver that handles this volume. Consult with your admin for the correct name as registered in the cluster.", + "type": "string" + }, + "fsType": { + "description": "fsType to mount. Ex. \"ext4\", \"xfs\", \"ntfs\". If not provided, the empty value is passed to the associated CSI driver which will determine the default filesystem to apply.", + "type": "string" + }, + "nodePublishSecretRef": { + "description": "nodePublishSecretRef is a reference to the secret object containing sensitive information to pass to the CSI driver to complete the CSI NodePublishVolume and NodeUnpublishVolume calls. This field is optional, and may be empty if no secret is required. If the secret object contains more than one secret, all secret references are passed.", + "properties": { + "name": { + "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?", + "type": "string" + } + }, + "type": "object" + }, + "readOnly": { + "description": "readOnly specifies a read-only configuration for the volume. Defaults to false (read/write).", + "type": "boolean" + }, + "volumeAttributes": { + "additionalProperties": { + "type": "string" + }, + "description": "volumeAttributes stores driver-specific properties that are passed to the CSI driver. Consult your driver's documentation for supported values.", + "type": "object" + } + }, + "required": [ + "driver" + ], + "type": "object" + }, + "downwardAPI": { + "description": "downwardAPI represents downward API about the pod that should populate this volume", + "properties": { + "defaultMode": { + "description": "Optional: mode bits to use on created files by default. Must be a Optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.", + "format": "int32", + "type": "integer" + }, + "items": { + "description": "Items is a list of downward API volume file", + "items": { + "description": "DownwardAPIVolumeFile represents information to create the file containing the pod field", + "properties": { + "fieldRef": { + "description": "Required: Selects a field of the pod: only annotations, labels, name and namespace are supported.", + "properties": { + "apiVersion": { + "description": "Version of the schema the FieldPath is written in terms of, defaults to \"v1\".", + "type": "string" + }, + "fieldPath": { + "description": "Path of the field to select in the specified API version.", + "type": "string" + } + }, + "required": [ + "fieldPath" + ], + "type": "object" + }, + "mode": { + "description": "Optional: mode bits used to set permissions on this file, must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.", + "format": "int32", + "type": "integer" + }, + "path": { + "description": "Required: Path is the relative path name of the file to be created. Must not be absolute or contain the '..' path. Must be utf-8 encoded. The first item of the relative path must not start with '..'", + "type": "string" + }, + "resourceFieldRef": { + "description": "Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported.", + "properties": { + "containerName": { + "description": "Container name: required for volumes, optional for env vars", + "type": "string" + }, + "divisor": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "description": "Specifies the output format of the exposed resources, defaults to \"1\"", + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "resource": { + "description": "Required: resource to select", + "type": "string" + } + }, + "required": [ + "resource" + ], + "type": "object" + } + }, + "required": [ + "path" + ], + "type": "object" + }, + "type": "array" + } + }, + "type": "object" + }, + "emptyDir": { + "description": "emptyDir represents a temporary directory that shares a pod's lifetime. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir", + "properties": { + "medium": { + "description": "medium represents what type of storage medium should back this directory. The default is \"\" which means to use the node's default medium. Must be an empty string (default) or Memory. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir", + "type": "string" + }, + "sizeLimit": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "description": "sizeLimit is the total amount of local storage required for this EmptyDir volume. The size limit is also applicable for memory medium. The maximum usage on memory medium EmptyDir would be the minimum value between the SizeLimit specified here and the sum of memory limits of all containers in a pod. The default is nil which means that the limit is undefined. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir", + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + } + }, + "type": "object" + }, + "ephemeral": { + "description": "ephemeral represents a volume that is handled by a cluster storage driver. The volume's lifecycle is tied to the pod that defines it - it will be created before the pod starts, and deleted when the pod is removed. \n Use this if: a) the volume is only needed while the pod runs, b) features of normal volumes like restoring from snapshot or capacity tracking are needed, c) the storage driver is specified through a storage class, and d) the storage driver supports dynamic volume provisioning through a PersistentVolumeClaim (see EphemeralVolumeSource for more information on the connection between this volume type and PersistentVolumeClaim). \n Use PersistentVolumeClaim or one of the vendor-specific APIs for volumes that persist for longer than the lifecycle of an individual pod. \n Use CSI for light-weight local ephemeral volumes if the CSI driver is meant to be used that way - see the documentation of the driver for more information. \n A pod can use both types of ephemeral volumes and persistent volumes at the same time.", + "properties": { + "volumeClaimTemplate": { + "description": "Will be used to create a stand-alone PVC to provision the volume. The pod in which this EphemeralVolumeSource is embedded will be the owner of the PVC, i.e. the PVC will be deleted together with the pod. The name of the PVC will be `-` where `` is the name from the `PodSpec.Volumes` array entry. Pod validation will reject the pod if the concatenated name is not valid for a PVC (for example, too long). \n An existing PVC with that name that is not owned by the pod will *not* be used for the pod to avoid using an unrelated volume by mistake. Starting the pod is then blocked until the unrelated PVC is removed. If such a pre-created PVC is meant to be used by the pod, the PVC has to updated with an owner reference to the pod once the pod exists. Normally this should not be necessary, but it may be useful when manually reconstructing a broken cluster. \n This field is read-only and no changes will be made by Kubernetes to the PVC after it has been created. \n Required, must not be nil.", + "properties": { + "metadata": { + "description": "May contain labels and annotations that will be copied into the PVC when creating it. No other fields are allowed and will be rejected during validation.", + "type": "object" + }, + "spec": { + "description": "The specification for the PersistentVolumeClaim. The entire content is copied unchanged into the PVC that gets created from this template. The same fields as in a PersistentVolumeClaim are also valid here.", + "properties": { + "accessModes": { + "description": "accessModes contains the desired access modes the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1", + "items": { + "type": "string" + }, + "type": "array" + }, + "dataSource": { + "description": "dataSource field can be used to specify either: * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) * An existing PVC (PersistentVolumeClaim) If the provisioner or an external controller can support the specified data source, it will create a new volume based on the contents of the specified data source. When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. If the namespace is specified, then dataSourceRef will not be copied to dataSource.", + "properties": { + "apiGroup": { + "description": "APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required.", + "type": "string" + }, + "kind": { + "description": "Kind is the type of resource being referenced", + "type": "string" + }, + "name": { + "description": "Name is the name of resource being referenced", + "type": "string" + } + }, + "required": [ + "kind", + "name" + ], + "type": "object" + }, + "dataSourceRef": { + "description": "dataSourceRef specifies the object from which to populate the volume with data, if a non-empty volume is desired. This may be any object from a non-empty API group (non core object) or a PersistentVolumeClaim object. When this field is specified, volume binding will only succeed if the type of the specified object matches some installed volume populator or dynamic provisioner. This field will replace the functionality of the dataSource field and as such if both fields are non-empty, they must have the same value. For backwards compatibility, when namespace isn't specified in dataSourceRef, both fields (dataSource and dataSourceRef) will be set to the same value automatically if one of them is empty and the other is non-empty. When namespace is specified in dataSourceRef, dataSource isn't set to the same value and must be empty. There are three important differences between dataSource and dataSourceRef: * While dataSource only allows two specific types of objects, dataSourceRef allows any non-core object, as well as PersistentVolumeClaim objects. * While dataSource ignores disallowed values (dropping them), dataSourceRef preserves all values, and generates an error if a disallowed value is specified. * While dataSource only allows local objects, dataSourceRef allows objects in any namespaces. (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled.", + "properties": { + "apiGroup": { + "description": "APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required.", + "type": "string" + }, + "kind": { + "description": "Kind is the type of resource being referenced", + "type": "string" + }, + "name": { + "description": "Name is the name of resource being referenced", + "type": "string" + }, + "namespace": { + "description": "Namespace is the namespace of resource being referenced Note that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details. (Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled.", + "type": "string" + } + }, + "required": [ + "kind", + "name" + ], + "type": "object" + }, + "resources": { + "description": "resources represents the minimum resources the volume should have. If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements that are lower than previous value but must still be higher than capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources", + "properties": { + "claims": { + "description": "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers.", + "items": { + "description": "ResourceClaim references one entry in PodSpec.ResourceClaims.", + "properties": { + "name": { + "description": "Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container.", + "type": "string" + } + }, + "required": [ + "name" + ], + "type": "object" + }, + "type": "array", + "x-kubernetes-list-map-keys": [ + "name" + ], + "x-kubernetes-list-type": "map" + }, + "limits": { + "additionalProperties": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "description": "Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/", + "type": "object" + }, + "requests": { + "additionalProperties": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "description": "Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/", + "type": "object" + } + }, + "type": "object" + }, + "selector": { + "description": "selector is a label query over volumes to consider for binding.", + "properties": { + "matchExpressions": { + "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", + "items": { + "description": "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.", + "properties": { + "key": { + "description": "key is the label key that the selector applies to.", + "type": "string" + }, + "operator": { + "description": "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.", + "type": "string" + }, + "values": { + "description": "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array" + }, + "matchLabels": { + "additionalProperties": { + "type": "string" + }, + "description": "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", + "type": "object" + } + }, + "type": "object" + }, + "storageClassName": { + "description": "storageClassName is the name of the StorageClass required by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1", + "type": "string" + }, + "volumeMode": { + "description": "volumeMode defines what type of volume is required by the claim. Value of Filesystem is implied when not included in claim spec.", + "type": "string" + }, + "volumeName": { + "description": "volumeName is the binding reference to the PersistentVolume backing this claim.", + "type": "string" + } + }, + "type": "object" + } + }, + "required": [ + "spec" + ], + "type": "object" + } + }, + "type": "object" + }, + "fc": { + "description": "fc represents a Fibre Channel resource that is attached to a kubelet's host machine and then exposed to the pod.", + "properties": { + "fsType": { + "description": "fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified. TODO: how do we prevent errors in the filesystem from compromising the machine", + "type": "string" + }, + "lun": { + "description": "lun is Optional: FC target lun number", + "format": "int32", + "type": "integer" + }, + "readOnly": { + "description": "readOnly is Optional: Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts.", + "type": "boolean" + }, + "targetWWNs": { + "description": "targetWWNs is Optional: FC target worldwide names (WWNs)", + "items": { + "type": "string" + }, + "type": "array" + }, + "wwids": { + "description": "wwids Optional: FC volume world wide identifiers (wwids) Either wwids or combination of targetWWNs and lun must be set, but not both simultaneously.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + }, + "flexVolume": { + "description": "flexVolume represents a generic volume resource that is provisioned/attached using an exec based plugin.", + "properties": { + "driver": { + "description": "driver is the name of the driver to use for this volume.", + "type": "string" + }, + "fsType": { + "description": "fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. \"ext4\", \"xfs\", \"ntfs\". The default filesystem depends on FlexVolume script.", + "type": "string" + }, + "options": { + "additionalProperties": { + "type": "string" + }, + "description": "options is Optional: this field holds extra command options if any.", + "type": "object" + }, + "readOnly": { + "description": "readOnly is Optional: defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts.", + "type": "boolean" + }, + "secretRef": { + "description": "secretRef is Optional: secretRef is reference to the secret object containing sensitive information to pass to the plugin scripts. This may be empty if no secret object is specified. If the secret object contains more than one secret, all secrets are passed to the plugin scripts.", + "properties": { + "name": { + "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?", + "type": "string" + } + }, + "type": "object" + } + }, + "required": [ + "driver" + ], + "type": "object" + }, + "flocker": { + "description": "flocker represents a Flocker volume attached to a kubelet's host machine. This depends on the Flocker control service being running", + "properties": { + "datasetName": { + "description": "datasetName is Name of the dataset stored as metadata -> name on the dataset for Flocker should be considered as deprecated", + "type": "string" + }, + "datasetUUID": { + "description": "datasetUUID is the UUID of the dataset. This is unique identifier of a Flocker dataset", + "type": "string" + } + }, + "type": "object" + }, + "gcePersistentDisk": { + "description": "gcePersistentDisk represents a GCE Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk", + "properties": { + "fsType": { + "description": "fsType is filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk TODO: how do we prevent errors in the filesystem from compromising the machine", + "type": "string" + }, + "partition": { + "description": "partition is the partition in the volume that you want to mount. If omitted, the default is to mount by volume name. Examples: For volume /dev/sda1, you specify the partition as \"1\". Similarly, the volume partition for /dev/sda is \"0\" (or you can leave the property empty). More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk", + "format": "int32", + "type": "integer" + }, + "pdName": { + "description": "pdName is unique name of the PD resource in GCE. Used to identify the disk in GCE. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk", + "type": "string" + }, + "readOnly": { + "description": "readOnly here will force the ReadOnly setting in VolumeMounts. Defaults to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk", + "type": "boolean" + } + }, + "required": [ + "pdName" + ], + "type": "object" + }, + "gitRepo": { + "description": "gitRepo represents a git repository at a particular revision. DEPRECATED: GitRepo is deprecated. To provision a container with a git repo, mount an EmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir into the Pod's container.", + "properties": { + "directory": { + "description": "directory is the target directory name. Must not contain or start with '..'. If '.' is supplied, the volume directory will be the git repository. Otherwise, if specified, the volume will contain the git repository in the subdirectory with the given name.", + "type": "string" + }, + "repository": { + "description": "repository is the URL", + "type": "string" + }, + "revision": { + "description": "revision is the commit hash for the specified revision.", + "type": "string" + } + }, + "required": [ + "repository" + ], + "type": "object" + }, + "glusterfs": { + "description": "glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime. More info: https://examples.k8s.io/volumes/glusterfs/README.md", + "properties": { + "endpoints": { + "description": "endpoints is the endpoint name that details Glusterfs topology. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod", + "type": "string" + }, + "path": { + "description": "path is the Glusterfs volume path. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod", + "type": "string" + }, + "readOnly": { + "description": "readOnly here will force the Glusterfs volume to be mounted with read-only permissions. Defaults to false. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod", + "type": "boolean" + } + }, + "required": [ + "endpoints", + "path" + ], + "type": "object" + }, + "hostPath": { + "description": "hostPath represents a pre-existing file or directory on the host machine that is directly exposed to the container. This is generally used for system agents or other privileged things that are allowed to see the host machine. Most containers will NOT need this. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath --- TODO(jonesdl) We need to restrict who can use host directory mounts and who can/can not mount host directories as read/write.", + "properties": { + "path": { + "description": "path of the directory on the host. If the path is a symlink, it will follow the link to the real path. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath", + "type": "string" + }, + "type": { + "description": "type for HostPath Volume Defaults to \"\" More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath", + "type": "string" + } + }, + "required": [ + "path" + ], + "type": "object" + }, + "iscsi": { + "description": "iscsi represents an ISCSI Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://examples.k8s.io/volumes/iscsi/README.md", + "properties": { + "chapAuthDiscovery": { + "description": "chapAuthDiscovery defines whether support iSCSI Discovery CHAP authentication", + "type": "boolean" + }, + "chapAuthSession": { + "description": "chapAuthSession defines whether support iSCSI Session CHAP authentication", + "type": "boolean" + }, + "fsType": { + "description": "fsType is the filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi TODO: how do we prevent errors in the filesystem from compromising the machine", + "type": "string" + }, + "initiatorName": { + "description": "initiatorName is the custom iSCSI Initiator Name. If initiatorName is specified with iscsiInterface simultaneously, new iSCSI interface : will be created for the connection.", + "type": "string" + }, + "iqn": { + "description": "iqn is the target iSCSI Qualified Name.", + "type": "string" + }, + "iscsiInterface": { + "description": "iscsiInterface is the interface Name that uses an iSCSI transport. Defaults to 'default' (tcp).", + "type": "string" + }, + "lun": { + "description": "lun represents iSCSI Target Lun number.", + "format": "int32", + "type": "integer" + }, + "portals": { + "description": "portals is the iSCSI Target Portal List. The portal is either an IP or ip_addr:port if the port is other than default (typically TCP ports 860 and 3260).", + "items": { + "type": "string" + }, + "type": "array" + }, + "readOnly": { + "description": "readOnly here will force the ReadOnly setting in VolumeMounts. Defaults to false.", + "type": "boolean" + }, + "secretRef": { + "description": "secretRef is the CHAP Secret for iSCSI target and initiator authentication", + "properties": { + "name": { + "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?", + "type": "string" + } + }, + "type": "object" + }, + "targetPortal": { + "description": "targetPortal is iSCSI Target Portal. The Portal is either an IP or ip_addr:port if the port is other than default (typically TCP ports 860 and 3260).", + "type": "string" + } + }, + "required": [ + "iqn", + "lun", + "targetPortal" + ], + "type": "object" + }, + "name": { + "description": "name of the volume. Must be a DNS_LABEL and unique within the pod. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names", + "type": "string" + }, + "nfs": { + "description": "nfs represents an NFS mount on the host that shares a pod's lifetime More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs", + "properties": { + "path": { + "description": "path that is exported by the NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs", + "type": "string" + }, + "readOnly": { + "description": "readOnly here will force the NFS export to be mounted with read-only permissions. Defaults to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs", + "type": "boolean" + }, + "server": { + "description": "server is the hostname or IP address of the NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs", + "type": "string" + } + }, + "required": [ + "path", + "server" + ], + "type": "object" + }, + "persistentVolumeClaim": { + "description": "persistentVolumeClaimVolumeSource represents a reference to a PersistentVolumeClaim in the same namespace. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims", + "properties": { + "claimName": { + "description": "claimName is the name of a PersistentVolumeClaim in the same namespace as the pod using this volume. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims", + "type": "string" + }, + "readOnly": { + "description": "readOnly Will force the ReadOnly setting in VolumeMounts. Default false.", + "type": "boolean" + } + }, + "required": [ + "claimName" + ], + "type": "object" + }, + "photonPersistentDisk": { + "description": "photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine", + "properties": { + "fsType": { + "description": "fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.", + "type": "string" + }, + "pdID": { + "description": "pdID is the ID that identifies Photon Controller persistent disk", + "type": "string" + } + }, + "required": [ + "pdID" + ], + "type": "object" + }, + "portworxVolume": { + "description": "portworxVolume represents a portworx volume attached and mounted on kubelets host machine", + "properties": { + "fsType": { + "description": "fSType represents the filesystem type to mount Must be a filesystem type supported by the host operating system. Ex. \"ext4\", \"xfs\". Implicitly inferred to be \"ext4\" if unspecified.", + "type": "string" + }, + "readOnly": { + "description": "readOnly defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts.", + "type": "boolean" + }, + "volumeID": { + "description": "volumeID uniquely identifies a Portworx volume", + "type": "string" + } + }, + "required": [ + "volumeID" + ], + "type": "object" + }, + "projected": { + "description": "projected items for all in one resources secrets, configmaps, and downward API", + "properties": { + "defaultMode": { + "description": "defaultMode are the mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.", + "format": "int32", + "type": "integer" + }, + "sources": { + "description": "sources is the list of volume projections", + "items": { + "description": "Projection that may be projected along with other supported volume types", + "properties": { + "configMap": { + "description": "configMap information about the configMap data to project", + "properties": { + "items": { + "description": "items if unspecified, each key-value pair in the Data field of the referenced ConfigMap will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the ConfigMap, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'.", + "items": { + "description": "Maps a string key to a path within a volume.", + "properties": { + "key": { + "description": "key is the key to project.", + "type": "string" + }, + "mode": { + "description": "mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.", + "format": "int32", + "type": "integer" + }, + "path": { + "description": "path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'.", + "type": "string" + } + }, + "required": [ + "key", + "path" + ], + "type": "object" + }, + "type": "array" + }, + "name": { + "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?", + "type": "string" + }, + "optional": { + "description": "optional specify whether the ConfigMap or its keys must be defined", + "type": "boolean" + } + }, + "type": "object" + }, + "downwardAPI": { + "description": "downwardAPI information about the downwardAPI data to project", + "properties": { + "items": { + "description": "Items is a list of DownwardAPIVolume file", + "items": { + "description": "DownwardAPIVolumeFile represents information to create the file containing the pod field", + "properties": { + "fieldRef": { + "description": "Required: Selects a field of the pod: only annotations, labels, name and namespace are supported.", + "properties": { + "apiVersion": { + "description": "Version of the schema the FieldPath is written in terms of, defaults to \"v1\".", + "type": "string" + }, + "fieldPath": { + "description": "Path of the field to select in the specified API version.", + "type": "string" + } + }, + "required": [ + "fieldPath" + ], + "type": "object" + }, + "mode": { + "description": "Optional: mode bits used to set permissions on this file, must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.", + "format": "int32", + "type": "integer" + }, + "path": { + "description": "Required: Path is the relative path name of the file to be created. Must not be absolute or contain the '..' path. Must be utf-8 encoded. The first item of the relative path must not start with '..'", + "type": "string" + }, + "resourceFieldRef": { + "description": "Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported.", + "properties": { + "containerName": { + "description": "Container name: required for volumes, optional for env vars", + "type": "string" + }, + "divisor": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "description": "Specifies the output format of the exposed resources, defaults to \"1\"", + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "resource": { + "description": "Required: resource to select", + "type": "string" + } + }, + "required": [ + "resource" + ], + "type": "object" + } + }, + "required": [ + "path" + ], + "type": "object" + }, + "type": "array" + } + }, + "type": "object" + }, + "secret": { + "description": "secret information about the secret data to project", + "properties": { + "items": { + "description": "items if unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'.", + "items": { + "description": "Maps a string key to a path within a volume.", + "properties": { + "key": { + "description": "key is the key to project.", + "type": "string" + }, + "mode": { + "description": "mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.", + "format": "int32", + "type": "integer" + }, + "path": { + "description": "path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'.", + "type": "string" + } + }, + "required": [ + "key", + "path" + ], + "type": "object" + }, + "type": "array" + }, + "name": { + "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?", + "type": "string" + }, + "optional": { + "description": "optional field specify whether the Secret or its key must be defined", + "type": "boolean" + } + }, + "type": "object" + }, + "serviceAccountToken": { + "description": "serviceAccountToken is information about the serviceAccountToken data to project", + "properties": { + "audience": { + "description": "audience is the intended audience of the token. A recipient of a token must identify itself with an identifier specified in the audience of the token, and otherwise should reject the token. The audience defaults to the identifier of the apiserver.", + "type": "string" + }, + "expirationSeconds": { + "description": "expirationSeconds is the requested duration of validity of the service account token. As the token approaches expiration, the kubelet volume plugin will proactively rotate the service account token. The kubelet will start trying to rotate the token if the token is older than 80 percent of its time to live or if the token is older than 24 hours.Defaults to 1 hour and must be at least 10 minutes.", + "format": "int64", + "type": "integer" + }, + "path": { + "description": "path is the path relative to the mount point of the file to project the token into.", + "type": "string" + } + }, + "required": [ + "path" + ], + "type": "object" + } + }, + "type": "object" + }, + "type": "array" + } + }, + "type": "object" + }, + "quobyte": { + "description": "quobyte represents a Quobyte mount on the host that shares a pod's lifetime", + "properties": { + "group": { + "description": "group to map volume access to Default is no group", + "type": "string" + }, + "readOnly": { + "description": "readOnly here will force the Quobyte volume to be mounted with read-only permissions. Defaults to false.", + "type": "boolean" + }, + "registry": { + "description": "registry represents a single or multiple Quobyte Registry services specified as a string as host:port pair (multiple entries are separated with commas) which acts as the central registry for volumes", + "type": "string" + }, + "tenant": { + "description": "tenant owning the given Quobyte volume in the Backend Used with dynamically provisioned Quobyte volumes, value is set by the plugin", + "type": "string" + }, + "user": { + "description": "user to map volume access to Defaults to serivceaccount user", + "type": "string" + }, + "volume": { + "description": "volume is a string that references an already created Quobyte volume by name.", + "type": "string" + } + }, + "required": [ + "registry", + "volume" + ], + "type": "object" + }, + "rbd": { + "description": "rbd represents a Rados Block Device mount on the host that shares a pod's lifetime. More info: https://examples.k8s.io/volumes/rbd/README.md", + "properties": { + "fsType": { + "description": "fsType is the filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#rbd TODO: how do we prevent errors in the filesystem from compromising the machine", + "type": "string" + }, + "image": { + "description": "image is the rados image name. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it", + "type": "string" + }, + "keyring": { + "description": "keyring is the path to key ring for RBDUser. Default is /etc/ceph/keyring. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it", + "type": "string" + }, + "monitors": { + "description": "monitors is a collection of Ceph monitors. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it", + "items": { + "type": "string" + }, + "type": "array" + }, + "pool": { + "description": "pool is the rados pool name. Default is rbd. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it", + "type": "string" + }, + "readOnly": { + "description": "readOnly here will force the ReadOnly setting in VolumeMounts. Defaults to false. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it", + "type": "boolean" + }, + "secretRef": { + "description": "secretRef is name of the authentication secret for RBDUser. If provided overrides keyring. Default is nil. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it", + "properties": { + "name": { + "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?", + "type": "string" + } + }, + "type": "object" + }, + "user": { + "description": "user is the rados user name. Default is admin. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it", + "type": "string" + } + }, + "required": [ + "image", + "monitors" + ], + "type": "object" + }, + "scaleIO": { + "description": "scaleIO represents a ScaleIO persistent volume attached and mounted on Kubernetes nodes.", + "properties": { + "fsType": { + "description": "fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. \"ext4\", \"xfs\", \"ntfs\". Default is \"xfs\".", + "type": "string" + }, + "gateway": { + "description": "gateway is the host address of the ScaleIO API Gateway.", + "type": "string" + }, + "protectionDomain": { + "description": "protectionDomain is the name of the ScaleIO Protection Domain for the configured storage.", + "type": "string" + }, + "readOnly": { + "description": "readOnly Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts.", + "type": "boolean" + }, + "secretRef": { + "description": "secretRef references to the secret for ScaleIO user and other sensitive information. If this is not provided, Login operation will fail.", + "properties": { + "name": { + "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?", + "type": "string" + } + }, + "type": "object" + }, + "sslEnabled": { + "description": "sslEnabled Flag enable/disable SSL communication with Gateway, default false", + "type": "boolean" + }, + "storageMode": { + "description": "storageMode indicates whether the storage for a volume should be ThickProvisioned or ThinProvisioned. Default is ThinProvisioned.", + "type": "string" + }, + "storagePool": { + "description": "storagePool is the ScaleIO Storage Pool associated with the protection domain.", + "type": "string" + }, + "system": { + "description": "system is the name of the storage system as configured in ScaleIO.", + "type": "string" + }, + "volumeName": { + "description": "volumeName is the name of a volume already created in the ScaleIO system that is associated with this volume source.", + "type": "string" + } + }, + "required": [ + "gateway", + "secretRef", + "system" + ], + "type": "object" + }, + "secret": { + "description": "secret represents a secret that should populate this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret", + "properties": { + "defaultMode": { + "description": "defaultMode is Optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.", + "format": "int32", + "type": "integer" + }, + "items": { + "description": "items If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'.", + "items": { + "description": "Maps a string key to a path within a volume.", + "properties": { + "key": { + "description": "key is the key to project.", + "type": "string" + }, + "mode": { + "description": "mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.", + "format": "int32", + "type": "integer" + }, + "path": { + "description": "path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'.", + "type": "string" + } + }, + "required": [ + "key", + "path" + ], + "type": "object" + }, + "type": "array" + }, + "optional": { + "description": "optional field specify whether the Secret or its keys must be defined", + "type": "boolean" + }, + "secretName": { + "description": "secretName is the name of the secret in the pod's namespace to use. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret", + "type": "string" + } + }, + "type": "object" + }, + "storageos": { + "description": "storageOS represents a StorageOS volume attached and mounted on Kubernetes nodes.", + "properties": { + "fsType": { + "description": "fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.", + "type": "string" + }, + "readOnly": { + "description": "readOnly defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts.", + "type": "boolean" + }, + "secretRef": { + "description": "secretRef specifies the secret to use for obtaining the StorageOS API credentials. If not specified, default values will be attempted.", + "properties": { + "name": { + "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?", + "type": "string" + } + }, + "type": "object" + }, + "volumeName": { + "description": "volumeName is the human-readable name of the StorageOS volume. Volume names are only unique within a namespace.", + "type": "string" + }, + "volumeNamespace": { + "description": "volumeNamespace specifies the scope of the volume within StorageOS. If no namespace is specified then the Pod's namespace will be used. This allows the Kubernetes name scoping to be mirrored within StorageOS for tighter integration. Set VolumeName to any name to override the default behaviour. Set to \"default\" if you are not using namespaces within StorageOS. Namespaces that do not pre-exist within StorageOS will be created.", + "type": "string" + } + }, + "type": "object" + }, + "vsphereVolume": { + "description": "vsphereVolume represents a vSphere volume attached and mounted on kubelets host machine", + "properties": { + "fsType": { + "description": "fsType is filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.", + "type": "string" + }, + "storagePolicyID": { + "description": "storagePolicyID is the storage Policy Based Management (SPBM) profile ID associated with the StoragePolicyName.", + "type": "string" + }, + "storagePolicyName": { + "description": "storagePolicyName is the storage Policy Based Management (SPBM) profile name.", + "type": "string" + }, + "volumePath": { + "description": "volumePath is the path that identifies vSphere volume vmdk", + "type": "string" + } + }, + "required": [ + "volumePath" + ], + "type": "object" + } + }, + "required": [ + "name" + ], + "type": "object" + }, + "type": "array" + } + }, + "type": "object" + } + }, + "type": "object" + } + }, + "required": [ + "clusterSize", + "kubernetesConfig" + ], + "type": "object" + }, + "status": { + "description": "RedisClusterStatus defines the observed state of RedisCluster", + "properties": { + "readyFollowerReplicas": { + "default": 0, + "format": "int32", + "type": "integer" + }, + "readyLeaderReplicas": { + "default": 0, + "format": "int32", + "type": "integer" + }, + "reason": { + "type": "string" + }, + "state": { + "type": "string" + } + }, + "type": "object" + } + }, + "required": [ + "spec" + ], + "type": "object" + } + }, + "served": true, + "storage": true, + "subresources": { + "status": {} + } + } + ] + }, + "status": { + "acceptedNames": { + "kind": "RedisCluster", + "listKind": "RedisClusterList", + "plural": "redisclusters", + "singular": "rediscluster" + }, + "conditions": [ + { + "lastTransitionTime": "2024-02-22T16:26:26Z", + "message": "no conflicts found", + "reason": "NoConflicts", + "status": "True", + "type": "NamesAccepted" + }, + { + "lastTransitionTime": "2024-02-22T16:26:26Z", + "message": "the initial names have been accepted", + "reason": "InitialNamesAccepted", + "status": "True", + "type": "Established" + } + ], + "storedVersions": [ + "v1beta2" + ] + } + }, + "group": "redis.redis.opstreelabs.in", + "plural": "redisclusters", + "version": "v1beta1" + }, + "learnrun_time": 195.57281374931335, + "namespace": "ot-operators", + "preload_images": [ + "quay.io/opstree/redis-operator:v0.15.1", + "quay.io/opstree/redis:latest" + ], + "static_analysis_time": 2.002716064453125e-05 +} \ No newline at end of file diff --git a/data/OT-CONTAINER-KIT_redis-operator/redis-config.json b/data/OT-CONTAINER-KIT_redis-operator/redis-config.json new file mode 100644 index 0000000000..c2517d02d9 --- /dev/null +++ b/data/OT-CONTAINER-KIT_redis-operator/redis-config.json @@ -0,0 +1,19 @@ +{ + "deploy": { + "steps": [ + { + "apply": { + "file": "data/OT-CONTAINER-KIT/redis-operator.yaml", + "operator": true + } + }, + { + "apply": { + "file": "https://raw.githubusercontent.com/OT-CONTAINER-KIT/redis-operator/master/config/crd/bases/redis.redis.opstreelabs.in_redisclusters.yaml" + } + } + ] + }, + "crd_name": "redisclusters.redis.redis.opstreelabs.in", + "seed_custom_resource": "data/OT-CONTAINER-KIT/rredis-cr.yaml" +} diff --git a/data/OT-CONTAINER-KIT_redis-operator/redis-cr.yaml b/data/OT-CONTAINER-KIT_redis-operator/redis-cr.yaml new file mode 100644 index 0000000000..e6d46e026e --- /dev/null +++ b/data/OT-CONTAINER-KIT_redis-operator/redis-cr.yaml @@ -0,0 +1,21 @@ +apiVersion: redis.redis.opstreelabs.in/v1beta2 +kind: RedisCluster +metadata: + name: test-cluster +spec: + clusterSize: 3 + clusterVersion: v7 + podSecurityContext: + runAsUser: 1000 + fsGroup: 1000 + persistenceEnabled: true + kubernetesConfig: + image: quay.io/opstree/redis:latest + imagePullPolicy: "IfNotPresent" + storage: + volumeClaimTemplate: + spec: + accessModes: ["ReadWriteOnce"] + resources: + requests: + storage: 1Gi diff --git a/data/OT-CONTAINER-KIT_redis-operator/redis-operator.yaml b/data/OT-CONTAINER-KIT_redis-operator/redis-operator.yaml new file mode 100644 index 0000000000..19fcdaeda5 --- /dev/null +++ b/data/OT-CONTAINER-KIT_redis-operator/redis-operator.yaml @@ -0,0 +1,234 @@ +--- +# Source: redis-operator/templates/service-account.yaml +apiVersion: v1 +kind: ServiceAccount +metadata: + name: redis-operator + namespace: ot-operators + labels: + app.kubernetes.io/name : redis-operator + helm.sh/chart : redis-operator-0.15.9 + app.kubernetes.io/managed-by : Helm + app.kubernetes.io/instance : redis-operator + app.kubernetes.io/version : 0.15.1 + app.kubernetes.io/component: service-account + app.kubernetes.io/part-of : redis-operator +--- +# Source: redis-operator/templates/role.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: redis-operator + labels: + app.kubernetes.io/name : redis-operator + helm.sh/chart : redis-operator-0.15.9 + app.kubernetes.io/managed-by : Helm + app.kubernetes.io/instance : redis-operator + app.kubernetes.io/version : 0.15.1 + app.kubernetes.io/component: role + app.kubernetes.io/part-of : redis-operator +rules: +- apiGroups: + - redis.redis.opstreelabs.in + resources: + - rediss + - redisclusters + - redisreplications + - redis + - rediscluster + - redissentinel + - redissentinels + - redisreplication + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- nonResourceURLs: + - '*' + verbs: + - get +- apiGroups: + - "apiextensions.k8s.io" + resources: + - "customresourcedefinitions" + verbs: + - "get" + - "list" + - "watch" +- apiGroups: + - redis.redis.opstreelabs.in + resources: + - redis/finalizers + - rediscluster/finalizers + - redisclusters/finalizers + - redissentinel/finalizers + - redissentinels/finalizers + - redisreplication/finalizers + - redisreplications/finalizers + verbs: + - update +- apiGroups: + - redis.redis.opstreelabs.in + resources: + - redis/status + - rediscluster/status + - redisclusters/status + - redissentinel/status + - redissentinels/status + - redisreplication/status + - redisreplications/status + verbs: + - get + - patch + - update +- apiGroups: + - "" + resources: + - secrets + - pods/exec + - pods + - services + - configmaps + - events + - persistentvolumeclaims + - namespace + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - apps + resources: + - statefulsets + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - "coordination.k8s.io" + resources: + - leases + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - "policy" + resources: + - poddisruptionbudgets + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +--- +# Source: redis-operator/templates/role-binding.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: redis-operator + labels: + app.kubernetes.io/name : redis-operator + helm.sh/chart : redis-operator-0.15.9 + app.kubernetes.io/managed-by : Helm + app.kubernetes.io/instance : redis-operator + app.kubernetes.io/version : 0.15.1 + app.kubernetes.io/component: role-binding + app.kubernetes.io/part-of : redis-operator +subjects: +- kind: ServiceAccount + name: redis-operator + namespace: ot-operators +roleRef: + kind: ClusterRole + name: redis-operator + apiGroup: rbac.authorization.k8s.io +--- +# Source: redis-operator/templates/service.yaml +apiVersion: v1 +kind: Service +metadata: + labels: + app.kubernetes.io/name : redis-operator + helm.sh/chart : redis-operator-0.15.9 + app.kubernetes.io/managed-by : Helm + app.kubernetes.io/instance : redis-operator + app.kubernetes.io/version : 0.15.1 + app.kubernetes.io/component: webhook + app.kubernetes.io/part-of : redis-operator + name: webhook-service + namespace: ot-operators +spec: + ports: + - port: 443 + protocol: TCP + targetPort: 9443 + selector: + name: redis-operator +--- +# Source: redis-operator/templates/operator-deployment.yaml +apiVersion: apps/v1 +kind: Deployment +metadata: + name: redis-operator + namespace: ot-operators + labels: + app.kubernetes.io/name: redis-operator + helm.sh/chart: redis-operator-0.15.9 + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/instance: redis-operator + app.kubernetes.io/version: 0.15.1 + app.kubernetes.io/component: operator + app.kubernetes.io/part-of: redis-operator +spec: + replicas: 1 + selector: + matchLabels: + name: redis-operator + template: + metadata: + annotations: + cert-manager.io/inject-ca-from: ot-operators/serving-cert + labels: + name: redis-operator + spec: + containers: + - name: "redis-operator" + image: "quay.io/opstree/redis-operator:v0.15.1" + imagePullPolicy: Always + command: + - /manager + args: + - --leader-elect + env: + - name: ENABLE_WEBHOOKS + value: "false" + resources: + limits: + cpu: 500m + memory: 500Mi + requests: + cpu: 500m + memory: 500Mi + serviceAccountName: "redis-operator" + serviceAccount: "redis-operator" + From aa1b9cb8869446bbeb3668ec9b1d9e452bd959b6 Mon Sep 17 00:00:00 2001 From: Erdao <66999583+TwinIsland@users.noreply.github.com> Date: Sun, 10 Mar 2024 15:16:57 -0500 Subject: [PATCH 28/38] add action runner controller data (#349) --- ...ctions-runner-controller-cert-manager.yaml | 5388 +++ .../actions-runner-controller-config.json | 27 + .../actions-runner-controller-cr.yaml | 9 + .../actions-runner-controller.yaml | 34079 ++++++++++++++++ .../context.json | 7510 ++++ 5 files changed, 47013 insertions(+) create mode 100644 data/actions_actions-runner-controller/actions-runner-controller-cert-manager.yaml create mode 100644 data/actions_actions-runner-controller/actions-runner-controller-config.json create mode 100644 data/actions_actions-runner-controller/actions-runner-controller-cr.yaml create mode 100644 data/actions_actions-runner-controller/actions-runner-controller.yaml create mode 100644 data/actions_actions-runner-controller/context.json diff --git a/data/actions_actions-runner-controller/actions-runner-controller-cert-manager.yaml b/data/actions_actions-runner-controller/actions-runner-controller-cert-manager.yaml new file mode 100644 index 0000000000..d4018e7445 --- /dev/null +++ b/data/actions_actions-runner-controller/actions-runner-controller-cert-manager.yaml @@ -0,0 +1,5388 @@ +# Copyright 2021 The cert-manager Authors. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +kind: Namespace +metadata: + name: cert-manager +--- +# Source: cert-manager/templates/crd-templates.yaml +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: certificaterequests.cert-manager.io + labels: + app: 'cert-manager' + app.kubernetes.io/name: 'cert-manager' + app.kubernetes.io/instance: 'cert-manager' + # Generated labels + app.kubernetes.io/version: "v1.8.2" +spec: + group: cert-manager.io + names: + kind: CertificateRequest + listKind: CertificateRequestList + plural: certificaterequests + shortNames: + - cr + - crs + singular: certificaterequest + categories: + - cert-manager + scope: Namespaced + versions: + - name: v1 + subresources: + status: {} + additionalPrinterColumns: + - jsonPath: .status.conditions[?(@.type=="Approved")].status + name: Approved + type: string + - jsonPath: .status.conditions[?(@.type=="Denied")].status + name: Denied + type: string + - jsonPath: .status.conditions[?(@.type=="Ready")].status + name: Ready + type: string + - jsonPath: .spec.issuerRef.name + name: Issuer + type: string + - jsonPath: .spec.username + name: Requestor + type: string + - jsonPath: .status.conditions[?(@.type=="Ready")].message + name: Status + priority: 1 + type: string + - jsonPath: .metadata.creationTimestamp + description: CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC. + name: Age + type: date + schema: + openAPIV3Schema: + description: "A CertificateRequest is used to request a signed certificate from one of the configured issuers. \n All fields within the CertificateRequest's `spec` are immutable after creation. A CertificateRequest will either succeed or fail, as denoted by its `status.state` field. \n A CertificateRequest is a one-shot resource, meaning it represents a single point in time request for a certificate and cannot be re-used." + type: object + required: + - spec + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: Desired state of the CertificateRequest resource. + type: object + required: + - issuerRef + - request + properties: + duration: + description: The requested 'duration' (i.e. lifetime) of the Certificate. This option may be ignored/overridden by some issuer types. + type: string + extra: + description: Extra contains extra attributes of the user that created the CertificateRequest. Populated by the cert-manager webhook on creation and immutable. + type: object + additionalProperties: + type: array + items: + type: string + groups: + description: Groups contains group membership of the user that created the CertificateRequest. Populated by the cert-manager webhook on creation and immutable. + type: array + items: + type: string + x-kubernetes-list-type: atomic + isCA: + description: IsCA will request to mark the certificate as valid for certificate signing when submitting to the issuer. This will automatically add the `cert sign` usage to the list of `usages`. + type: boolean + issuerRef: + description: IssuerRef is a reference to the issuer for this CertificateRequest. If the `kind` field is not set, or set to `Issuer`, an Issuer resource with the given name in the same namespace as the CertificateRequest will be used. If the `kind` field is set to `ClusterIssuer`, a ClusterIssuer with the provided name will be used. The `name` field in this stanza is required at all times. The group field refers to the API group of the issuer which defaults to `cert-manager.io` if empty. + type: object + required: + - name + properties: + group: + description: Group of the resource being referred to. + type: string + kind: + description: Kind of the resource being referred to. + type: string + name: + description: Name of the resource being referred to. + type: string + request: + description: The PEM-encoded x509 certificate signing request to be submitted to the CA for signing. + type: string + format: byte + uid: + description: UID contains the uid of the user that created the CertificateRequest. Populated by the cert-manager webhook on creation and immutable. + type: string + usages: + description: Usages is the set of x509 usages that are requested for the certificate. If usages are set they SHOULD be encoded inside the CSR spec Defaults to `digital signature` and `key encipherment` if not specified. + type: array + items: + description: 'KeyUsage specifies valid usage contexts for keys. See: https://tools.ietf.org/html/rfc5280#section-4.2.1.3 https://tools.ietf.org/html/rfc5280#section-4.2.1.12 Valid KeyUsage values are as follows: "signing", "digital signature", "content commitment", "key encipherment", "key agreement", "data encipherment", "cert sign", "crl sign", "encipher only", "decipher only", "any", "server auth", "client auth", "code signing", "email protection", "s/mime", "ipsec end system", "ipsec tunnel", "ipsec user", "timestamping", "ocsp signing", "microsoft sgc", "netscape sgc"' + type: string + enum: + - signing + - digital signature + - content commitment + - key encipherment + - key agreement + - data encipherment + - cert sign + - crl sign + - encipher only + - decipher only + - any + - server auth + - client auth + - code signing + - email protection + - s/mime + - ipsec end system + - ipsec tunnel + - ipsec user + - timestamping + - ocsp signing + - microsoft sgc + - netscape sgc + username: + description: Username contains the name of the user that created the CertificateRequest. Populated by the cert-manager webhook on creation and immutable. + type: string + status: + description: Status of the CertificateRequest. This is set and managed automatically. + type: object + properties: + ca: + description: The PEM encoded x509 certificate of the signer, also known as the CA (Certificate Authority). This is set on a best-effort basis by different issuers. If not set, the CA is assumed to be unknown/not available. + type: string + format: byte + certificate: + description: The PEM encoded x509 certificate resulting from the certificate signing request. If not set, the CertificateRequest has either not been completed or has failed. More information on failure can be found by checking the `conditions` field. + type: string + format: byte + conditions: + description: List of status conditions to indicate the status of a CertificateRequest. Known condition types are `Ready` and `InvalidRequest`. + type: array + items: + description: CertificateRequestCondition contains condition information for a CertificateRequest. + type: object + required: + - status + - type + properties: + lastTransitionTime: + description: LastTransitionTime is the timestamp corresponding to the last status change of this condition. + type: string + format: date-time + message: + description: Message is a human readable description of the details of the last transition, complementing reason. + type: string + reason: + description: Reason is a brief machine readable explanation for the condition's last transition. + type: string + status: + description: Status of the condition, one of (`True`, `False`, `Unknown`). + type: string + enum: + - "True" + - "False" + - Unknown + type: + description: Type of the condition, known values are (`Ready`, `InvalidRequest`, `Approved`, `Denied`). + type: string + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map + failureTime: + description: FailureTime stores the time that this CertificateRequest failed. This is used to influence garbage collection and back-off. + type: string + format: date-time + served: true + storage: true +--- +# Source: cert-manager/templates/crd-templates.yaml +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: certificates.cert-manager.io + labels: + app: 'cert-manager' + app.kubernetes.io/name: 'cert-manager' + app.kubernetes.io/instance: 'cert-manager' + # Generated labels + app.kubernetes.io/version: "v1.8.2" +spec: + group: cert-manager.io + names: + kind: Certificate + listKind: CertificateList + plural: certificates + shortNames: + - cert + - certs + singular: certificate + categories: + - cert-manager + scope: Namespaced + versions: + - name: v1 + subresources: + status: {} + additionalPrinterColumns: + - jsonPath: .status.conditions[?(@.type=="Ready")].status + name: Ready + type: string + - jsonPath: .spec.secretName + name: Secret + type: string + - jsonPath: .spec.issuerRef.name + name: Issuer + priority: 1 + type: string + - jsonPath: .status.conditions[?(@.type=="Ready")].message + name: Status + priority: 1 + type: string + - jsonPath: .metadata.creationTimestamp + description: CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC. + name: Age + type: date + schema: + openAPIV3Schema: + description: "A Certificate resource should be created to ensure an up to date and signed x509 certificate is stored in the Kubernetes Secret resource named in `spec.secretName`. \n The stored certificate will be renewed before it expires (as configured by `spec.renewBefore`)." + type: object + required: + - spec + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: Desired state of the Certificate resource. + type: object + required: + - issuerRef + - secretName + properties: + additionalOutputFormats: + description: AdditionalOutputFormats defines extra output formats of the private key and signed certificate chain to be written to this Certificate's target Secret. This is an Alpha Feature and is only enabled with the `--feature-gates=AdditionalCertificateOutputFormats=true` option on both the controller and webhook components. + type: array + items: + description: CertificateAdditionalOutputFormat defines an additional output format of a Certificate resource. These contain supplementary data formats of the signed certificate chain and paired private key. + type: object + required: + - type + properties: + type: + description: Type is the name of the format type that should be written to the Certificate's target Secret. + type: string + enum: + - DER + - CombinedPEM + commonName: + description: 'CommonName is a common name to be used on the Certificate. The CommonName should have a length of 64 characters or fewer to avoid generating invalid CSRs. This value is ignored by TLS clients when any subject alt name is set. This is x509 behaviour: https://tools.ietf.org/html/rfc6125#section-6.4.4' + type: string + dnsNames: + description: DNSNames is a list of DNS subjectAltNames to be set on the Certificate. + type: array + items: + type: string + duration: + description: The requested 'duration' (i.e. lifetime) of the Certificate. This option may be ignored/overridden by some issuer types. If unset this defaults to 90 days. Certificate will be renewed either 2/3 through its duration or `renewBefore` period before its expiry, whichever is later. Minimum accepted duration is 1 hour. Value must be in units accepted by Go time.ParseDuration https://golang.org/pkg/time/#ParseDuration + type: string + emailAddresses: + description: EmailAddresses is a list of email subjectAltNames to be set on the Certificate. + type: array + items: + type: string + encodeUsagesInRequest: + description: EncodeUsagesInRequest controls whether key usages should be present in the CertificateRequest + type: boolean + ipAddresses: + description: IPAddresses is a list of IP address subjectAltNames to be set on the Certificate. + type: array + items: + type: string + isCA: + description: IsCA will mark this Certificate as valid for certificate signing. This will automatically add the `cert sign` usage to the list of `usages`. + type: boolean + issuerRef: + description: IssuerRef is a reference to the issuer for this certificate. If the `kind` field is not set, or set to `Issuer`, an Issuer resource with the given name in the same namespace as the Certificate will be used. If the `kind` field is set to `ClusterIssuer`, a ClusterIssuer with the provided name will be used. The `name` field in this stanza is required at all times. + type: object + required: + - name + properties: + group: + description: Group of the resource being referred to. + type: string + kind: + description: Kind of the resource being referred to. + type: string + name: + description: Name of the resource being referred to. + type: string + keystores: + description: Keystores configures additional keystore output formats stored in the `secretName` Secret resource. + type: object + properties: + jks: + description: JKS configures options for storing a JKS keystore in the `spec.secretName` Secret resource. + type: object + required: + - create + - passwordSecretRef + properties: + create: + description: Create enables JKS keystore creation for the Certificate. If true, a file named `keystore.jks` will be created in the target Secret resource, encrypted using the password stored in `passwordSecretRef`. The keystore file will only be updated upon re-issuance. A file named `truststore.jks` will also be created in the target Secret resource, encrypted using the password stored in `passwordSecretRef` containing the issuing Certificate Authority + type: boolean + passwordSecretRef: + description: PasswordSecretRef is a reference to a key in a Secret resource containing the password used to encrypt the JKS keystore. + type: object + required: + - name + properties: + key: + description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. + type: string + name: + description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + pkcs12: + description: PKCS12 configures options for storing a PKCS12 keystore in the `spec.secretName` Secret resource. + type: object + required: + - create + - passwordSecretRef + properties: + create: + description: Create enables PKCS12 keystore creation for the Certificate. If true, a file named `keystore.p12` will be created in the target Secret resource, encrypted using the password stored in `passwordSecretRef`. The keystore file will only be updated upon re-issuance. A file named `truststore.p12` will also be created in the target Secret resource, encrypted using the password stored in `passwordSecretRef` containing the issuing Certificate Authority + type: boolean + passwordSecretRef: + description: PasswordSecretRef is a reference to a key in a Secret resource containing the password used to encrypt the PKCS12 keystore. + type: object + required: + - name + properties: + key: + description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. + type: string + name: + description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + privateKey: + description: Options to control private keys used for the Certificate. + type: object + properties: + algorithm: + description: Algorithm is the private key algorithm of the corresponding private key for this certificate. If provided, allowed values are either `RSA`,`Ed25519` or `ECDSA` If `algorithm` is specified and `size` is not provided, key size of 256 will be used for `ECDSA` key algorithm and key size of 2048 will be used for `RSA` key algorithm. key size is ignored when using the `Ed25519` key algorithm. + type: string + enum: + - RSA + - ECDSA + - Ed25519 + encoding: + description: The private key cryptography standards (PKCS) encoding for this certificate's private key to be encoded in. If provided, allowed values are `PKCS1` and `PKCS8` standing for PKCS#1 and PKCS#8, respectively. Defaults to `PKCS1` if not specified. + type: string + enum: + - PKCS1 + - PKCS8 + rotationPolicy: + description: RotationPolicy controls how private keys should be regenerated when a re-issuance is being processed. If set to Never, a private key will only be generated if one does not already exist in the target `spec.secretName`. If one does exists but it does not have the correct algorithm or size, a warning will be raised to await user intervention. If set to Always, a private key matching the specified requirements will be generated whenever a re-issuance occurs. Default is 'Never' for backward compatibility. + type: string + enum: + - Never + - Always + size: + description: Size is the key bit size of the corresponding private key for this certificate. If `algorithm` is set to `RSA`, valid values are `2048`, `4096` or `8192`, and will default to `2048` if not specified. If `algorithm` is set to `ECDSA`, valid values are `256`, `384` or `521`, and will default to `256` if not specified. If `algorithm` is set to `Ed25519`, Size is ignored. No other values are allowed. + type: integer + renewBefore: + description: How long before the currently issued certificate's expiry cert-manager should renew the certificate. The default is 2/3 of the issued certificate's duration. Minimum accepted value is 5 minutes. Value must be in units accepted by Go time.ParseDuration https://golang.org/pkg/time/#ParseDuration + type: string + revisionHistoryLimit: + description: revisionHistoryLimit is the maximum number of CertificateRequest revisions that are maintained in the Certificate's history. Each revision represents a single `CertificateRequest` created by this Certificate, either when it was created, renewed, or Spec was changed. Revisions will be removed by oldest first if the number of revisions exceeds this number. If set, revisionHistoryLimit must be a value of `1` or greater. If unset (`nil`), revisions will not be garbage collected. Default value is `nil`. + type: integer + format: int32 + secretName: + description: SecretName is the name of the secret resource that will be automatically created and managed by this Certificate resource. It will be populated with a private key and certificate, signed by the denoted issuer. + type: string + secretTemplate: + description: SecretTemplate defines annotations and labels to be copied to the Certificate's Secret. Labels and annotations on the Secret will be changed as they appear on the SecretTemplate when added or removed. SecretTemplate annotations are added in conjunction with, and cannot overwrite, the base set of annotations cert-manager sets on the Certificate's Secret. + type: object + properties: + annotations: + description: Annotations is a key value map to be copied to the target Kubernetes Secret. + type: object + additionalProperties: + type: string + labels: + description: Labels is a key value map to be copied to the target Kubernetes Secret. + type: object + additionalProperties: + type: string + subject: + description: Full X509 name specification (https://golang.org/pkg/crypto/x509/pkix/#Name). + type: object + properties: + countries: + description: Countries to be used on the Certificate. + type: array + items: + type: string + localities: + description: Cities to be used on the Certificate. + type: array + items: + type: string + organizationalUnits: + description: Organizational Units to be used on the Certificate. + type: array + items: + type: string + organizations: + description: Organizations to be used on the Certificate. + type: array + items: + type: string + postalCodes: + description: Postal codes to be used on the Certificate. + type: array + items: + type: string + provinces: + description: State/Provinces to be used on the Certificate. + type: array + items: + type: string + serialNumber: + description: Serial number to be used on the Certificate. + type: string + streetAddresses: + description: Street addresses to be used on the Certificate. + type: array + items: + type: string + uris: + description: URIs is a list of URI subjectAltNames to be set on the Certificate. + type: array + items: + type: string + usages: + description: Usages is the set of x509 usages that are requested for the certificate. Defaults to `digital signature` and `key encipherment` if not specified. + type: array + items: + description: 'KeyUsage specifies valid usage contexts for keys. See: https://tools.ietf.org/html/rfc5280#section-4.2.1.3 https://tools.ietf.org/html/rfc5280#section-4.2.1.12 Valid KeyUsage values are as follows: "signing", "digital signature", "content commitment", "key encipherment", "key agreement", "data encipherment", "cert sign", "crl sign", "encipher only", "decipher only", "any", "server auth", "client auth", "code signing", "email protection", "s/mime", "ipsec end system", "ipsec tunnel", "ipsec user", "timestamping", "ocsp signing", "microsoft sgc", "netscape sgc"' + type: string + enum: + - signing + - digital signature + - content commitment + - key encipherment + - key agreement + - data encipherment + - cert sign + - crl sign + - encipher only + - decipher only + - any + - server auth + - client auth + - code signing + - email protection + - s/mime + - ipsec end system + - ipsec tunnel + - ipsec user + - timestamping + - ocsp signing + - microsoft sgc + - netscape sgc + status: + description: Status of the Certificate. This is set and managed automatically. + type: object + properties: + conditions: + description: List of status conditions to indicate the status of certificates. Known condition types are `Ready` and `Issuing`. + type: array + items: + description: CertificateCondition contains condition information for an Certificate. + type: object + required: + - status + - type + properties: + lastTransitionTime: + description: LastTransitionTime is the timestamp corresponding to the last status change of this condition. + type: string + format: date-time + message: + description: Message is a human readable description of the details of the last transition, complementing reason. + type: string + observedGeneration: + description: If set, this represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.condition[x].observedGeneration is 9, the condition is out of date with respect to the current state of the Certificate. + type: integer + format: int64 + reason: + description: Reason is a brief machine readable explanation for the condition's last transition. + type: string + status: + description: Status of the condition, one of (`True`, `False`, `Unknown`). + type: string + enum: + - "True" + - "False" + - Unknown + type: + description: Type of the condition, known values are (`Ready`, `Issuing`). + type: string + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map + failedIssuanceAttempts: + description: The number of continuous failed issuance attempts up till now. This field gets removed (if set) on a successful issuance and gets set to 1 if unset and an issuance has failed. If an issuance has failed, the delay till the next issuance will be calculated using formula time.Hour * 2 ^ (failedIssuanceAttempts - 1). + type: integer + lastFailureTime: + description: LastFailureTime is the time as recorded by the Certificate controller of the most recent failure to complete a CertificateRequest for this Certificate resource. If set, cert-manager will not re-request another Certificate until 1 hour has elapsed from this time. + type: string + format: date-time + nextPrivateKeySecretName: + description: The name of the Secret resource containing the private key to be used for the next certificate iteration. The keymanager controller will automatically set this field if the `Issuing` condition is set to `True`. It will automatically unset this field when the Issuing condition is not set or False. + type: string + notAfter: + description: The expiration time of the certificate stored in the secret named by this resource in `spec.secretName`. + type: string + format: date-time + notBefore: + description: The time after which the certificate stored in the secret named by this resource in spec.secretName is valid. + type: string + format: date-time + renewalTime: + description: RenewalTime is the time at which the certificate will be next renewed. If not set, no upcoming renewal is scheduled. + type: string + format: date-time + revision: + description: "The current 'revision' of the certificate as issued. \n When a CertificateRequest resource is created, it will have the `cert-manager.io/certificate-revision` set to one greater than the current value of this field. \n Upon issuance, this field will be set to the value of the annotation on the CertificateRequest resource used to issue the certificate. \n Persisting the value on the CertificateRequest resource allows the certificates controller to know whether a request is part of an old issuance or if it is part of the ongoing revision's issuance by checking if the revision value in the annotation is greater than this field." + type: integer + served: true + storage: true +--- +# Source: cert-manager/templates/crd-templates.yaml +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: challenges.acme.cert-manager.io + labels: + app: 'cert-manager' + app.kubernetes.io/name: 'cert-manager' + app.kubernetes.io/instance: 'cert-manager' + # Generated labels + app.kubernetes.io/version: "v1.8.2" +spec: + group: acme.cert-manager.io + names: + kind: Challenge + listKind: ChallengeList + plural: challenges + singular: challenge + categories: + - cert-manager + - cert-manager-acme + scope: Namespaced + versions: + - additionalPrinterColumns: + - jsonPath: .status.state + name: State + type: string + - jsonPath: .spec.dnsName + name: Domain + type: string + - jsonPath: .status.reason + name: Reason + priority: 1 + type: string + - description: CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC. + jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1 + schema: + openAPIV3Schema: + description: Challenge is a type to represent a Challenge request with an ACME server + type: object + required: + - metadata + - spec + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + type: object + required: + - authorizationURL + - dnsName + - issuerRef + - key + - solver + - token + - type + - url + properties: + authorizationURL: + description: The URL to the ACME Authorization resource that this challenge is a part of. + type: string + dnsName: + description: dnsName is the identifier that this challenge is for, e.g. example.com. If the requested DNSName is a 'wildcard', this field MUST be set to the non-wildcard domain, e.g. for `*.example.com`, it must be `example.com`. + type: string + issuerRef: + description: References a properly configured ACME-type Issuer which should be used to create this Challenge. If the Issuer does not exist, processing will be retried. If the Issuer is not an 'ACME' Issuer, an error will be returned and the Challenge will be marked as failed. + type: object + required: + - name + properties: + group: + description: Group of the resource being referred to. + type: string + kind: + description: Kind of the resource being referred to. + type: string + name: + description: Name of the resource being referred to. + type: string + key: + description: 'The ACME challenge key for this challenge For HTTP01 challenges, this is the value that must be responded with to complete the HTTP01 challenge in the format: `.`. For DNS01 challenges, this is the base64 encoded SHA256 sum of the `.` text that must be set as the TXT record content.' + type: string + solver: + description: Contains the domain solving configuration that should be used to solve this challenge resource. + type: object + properties: + dns01: + description: Configures cert-manager to attempt to complete authorizations by performing the DNS01 challenge flow. + type: object + properties: + acmeDNS: + description: Use the 'ACME DNS' (https://github.com/joohoi/acme-dns) API to manage DNS01 challenge records. + type: object + required: + - accountSecretRef + - host + properties: + accountSecretRef: + description: A reference to a specific 'key' within a Secret resource. In some instances, `key` is a required field. + type: object + required: + - name + properties: + key: + description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. + type: string + name: + description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + host: + type: string + akamai: + description: Use the Akamai DNS zone management API to manage DNS01 challenge records. + type: object + required: + - accessTokenSecretRef + - clientSecretSecretRef + - clientTokenSecretRef + - serviceConsumerDomain + properties: + accessTokenSecretRef: + description: A reference to a specific 'key' within a Secret resource. In some instances, `key` is a required field. + type: object + required: + - name + properties: + key: + description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. + type: string + name: + description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + clientSecretSecretRef: + description: A reference to a specific 'key' within a Secret resource. In some instances, `key` is a required field. + type: object + required: + - name + properties: + key: + description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. + type: string + name: + description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + clientTokenSecretRef: + description: A reference to a specific 'key' within a Secret resource. In some instances, `key` is a required field. + type: object + required: + - name + properties: + key: + description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. + type: string + name: + description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + serviceConsumerDomain: + type: string + azureDNS: + description: Use the Microsoft Azure DNS API to manage DNS01 challenge records. + type: object + required: + - resourceGroupName + - subscriptionID + properties: + clientID: + description: if both this and ClientSecret are left unset MSI will be used + type: string + clientSecretSecretRef: + description: if both this and ClientID are left unset MSI will be used + type: object + required: + - name + properties: + key: + description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. + type: string + name: + description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + environment: + description: name of the Azure environment (default AzurePublicCloud) + type: string + enum: + - AzurePublicCloud + - AzureChinaCloud + - AzureGermanCloud + - AzureUSGovernmentCloud + hostedZoneName: + description: name of the DNS zone that should be used + type: string + managedIdentity: + description: managed identity configuration, can not be used at the same time as clientID, clientSecretSecretRef or tenantID + type: object + properties: + clientID: + description: client ID of the managed identity, can not be used at the same time as resourceID + type: string + resourceID: + description: resource ID of the managed identity, can not be used at the same time as clientID + type: string + resourceGroupName: + description: resource group the DNS zone is located in + type: string + subscriptionID: + description: ID of the Azure subscription + type: string + tenantID: + description: when specifying ClientID and ClientSecret then this field is also needed + type: string + cloudDNS: + description: Use the Google Cloud DNS API to manage DNS01 challenge records. + type: object + required: + - project + properties: + hostedZoneName: + description: HostedZoneName is an optional field that tells cert-manager in which Cloud DNS zone the challenge record has to be created. If left empty cert-manager will automatically choose a zone. + type: string + project: + type: string + serviceAccountSecretRef: + description: A reference to a specific 'key' within a Secret resource. In some instances, `key` is a required field. + type: object + required: + - name + properties: + key: + description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. + type: string + name: + description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + cloudflare: + description: Use the Cloudflare API to manage DNS01 challenge records. + type: object + properties: + apiKeySecretRef: + description: 'API key to use to authenticate with Cloudflare. Note: using an API token to authenticate is now the recommended method as it allows greater control of permissions.' + type: object + required: + - name + properties: + key: + description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. + type: string + name: + description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + apiTokenSecretRef: + description: API token used to authenticate with Cloudflare. + type: object + required: + - name + properties: + key: + description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. + type: string + name: + description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + email: + description: Email of the account, only required when using API key based authentication. + type: string + cnameStrategy: + description: CNAMEStrategy configures how the DNS01 provider should handle CNAME records when found in DNS zones. + type: string + enum: + - None + - Follow + digitalocean: + description: Use the DigitalOcean DNS API to manage DNS01 challenge records. + type: object + required: + - tokenSecretRef + properties: + tokenSecretRef: + description: A reference to a specific 'key' within a Secret resource. In some instances, `key` is a required field. + type: object + required: + - name + properties: + key: + description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. + type: string + name: + description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + rfc2136: + description: Use RFC2136 ("Dynamic Updates in the Domain Name System") (https://datatracker.ietf.org/doc/rfc2136/) to manage DNS01 challenge records. + type: object + required: + - nameserver + properties: + nameserver: + description: The IP address or hostname of an authoritative DNS server supporting RFC2136 in the form host:port. If the host is an IPv6 address it must be enclosed in square brackets (e.g [2001:db8::1]) ; port is optional. This field is required. + type: string + tsigAlgorithm: + description: 'The TSIG Algorithm configured in the DNS supporting RFC2136. Used only when ``tsigSecretSecretRef`` and ``tsigKeyName`` are defined. Supported values are (case-insensitive): ``HMACMD5`` (default), ``HMACSHA1``, ``HMACSHA256`` or ``HMACSHA512``.' + type: string + tsigKeyName: + description: The TSIG Key name configured in the DNS. If ``tsigSecretSecretRef`` is defined, this field is required. + type: string + tsigSecretSecretRef: + description: The name of the secret containing the TSIG value. If ``tsigKeyName`` is defined, this field is required. + type: object + required: + - name + properties: + key: + description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. + type: string + name: + description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + route53: + description: Use the AWS Route53 API to manage DNS01 challenge records. + type: object + required: + - region + properties: + accessKeyID: + description: 'The AccessKeyID is used for authentication. If not set we fall-back to using env vars, shared credentials file or AWS Instance metadata see: https://docs.aws.amazon.com/sdk-for-go/v1/developer-guide/configuring-sdk.html#specifying-credentials' + type: string + hostedZoneID: + description: If set, the provider will manage only this zone in Route53 and will not do an lookup using the route53:ListHostedZonesByName api call. + type: string + region: + description: Always set the region when using AccessKeyID and SecretAccessKey + type: string + role: + description: Role is a Role ARN which the Route53 provider will assume using either the explicit credentials AccessKeyID/SecretAccessKey or the inferred credentials from environment variables, shared credentials file or AWS Instance metadata + type: string + secretAccessKeySecretRef: + description: The SecretAccessKey is used for authentication. If not set we fall-back to using env vars, shared credentials file or AWS Instance metadata https://docs.aws.amazon.com/sdk-for-go/v1/developer-guide/configuring-sdk.html#specifying-credentials + type: object + required: + - name + properties: + key: + description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. + type: string + name: + description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + webhook: + description: Configure an external webhook based DNS01 challenge solver to manage DNS01 challenge records. + type: object + required: + - groupName + - solverName + properties: + config: + description: Additional configuration that should be passed to the webhook apiserver when challenges are processed. This can contain arbitrary JSON data. Secret values should not be specified in this stanza. If secret values are needed (e.g. credentials for a DNS service), you should use a SecretKeySelector to reference a Secret resource. For details on the schema of this field, consult the webhook provider implementation's documentation. + x-kubernetes-preserve-unknown-fields: true + groupName: + description: The API group name that should be used when POSTing ChallengePayload resources to the webhook apiserver. This should be the same as the GroupName specified in the webhook provider implementation. + type: string + solverName: + description: The name of the solver to use, as defined in the webhook provider implementation. This will typically be the name of the provider, e.g. 'cloudflare'. + type: string + http01: + description: Configures cert-manager to attempt to complete authorizations by performing the HTTP01 challenge flow. It is not possible to obtain certificates for wildcard domain names (e.g. `*.example.com`) using the HTTP01 challenge mechanism. + type: object + properties: + gatewayHTTPRoute: + description: The Gateway API is a sig-network community API that models service networking in Kubernetes (https://gateway-api.sigs.k8s.io/). The Gateway solver will create HTTPRoutes with the specified labels in the same namespace as the challenge. This solver is experimental, and fields / behaviour may change in the future. + type: object + properties: + labels: + description: Custom labels that will be applied to HTTPRoutes created by cert-manager while solving HTTP-01 challenges. + type: object + additionalProperties: + type: string + parentRefs: + description: 'When solving an HTTP-01 challenge, cert-manager creates an HTTPRoute. cert-manager needs to know which parentRefs should be used when creating the HTTPRoute. Usually, the parentRef references a Gateway. See: https://gateway-api.sigs.k8s.io/v1alpha2/api-types/httproute/#attaching-to-gateways' + type: array + items: + description: "ParentRef identifies an API object (usually a Gateway) that can be considered a parent of this resource (usually a route). The only kind of parent resource with \"Core\" support is Gateway. This API may be extended in the future to support additional kinds of parent resources, such as HTTPRoute. \n The API object must be valid in the cluster; the Group and Kind must be registered in the cluster for this reference to be valid. \n References to objects with invalid Group and Kind are not valid, and must be rejected by the implementation, with appropriate Conditions set on the containing object." + type: object + required: + - name + properties: + group: + description: "Group is the group of the referent. \n Support: Core" + type: string + default: gateway.networking.k8s.io + maxLength: 253 + pattern: ^$|^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ + kind: + description: "Kind is kind of the referent. \n Support: Core (Gateway) Support: Custom (Other Resources)" + type: string + default: Gateway + maxLength: 63 + minLength: 1 + pattern: ^[a-zA-Z]([-a-zA-Z0-9]*[a-zA-Z0-9])?$ + name: + description: "Name is the name of the referent. \n Support: Core" + type: string + maxLength: 253 + minLength: 1 + namespace: + description: "Namespace is the namespace of the referent. When unspecified (or empty string), this refers to the local namespace of the Route. \n Support: Core" + type: string + maxLength: 63 + minLength: 1 + pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$ + sectionName: + description: "SectionName is the name of a section within the target resource. In the following resources, SectionName is interpreted as the following: \n * Gateway: Listener Name \n Implementations MAY choose to support attaching Routes to other resources. If that is the case, they MUST clearly document how SectionName is interpreted. \n When unspecified (empty string), this will reference the entire resource. For the purpose of status, an attachment is considered successful if at least one section in the parent resource accepts it. For example, Gateway listeners can restrict which Routes can attach to them by Route kind, namespace, or hostname. If 1 of 2 Gateway listeners accept attachment from the referencing Route, the Route MUST be considered successfully attached. If no Gateway listeners accept attachment from this Route, the Route MUST be considered detached from the Gateway. \n Support: Core" + type: string + maxLength: 253 + minLength: 1 + pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ + serviceType: + description: Optional service type for Kubernetes solver service. Supported values are NodePort or ClusterIP. If unset, defaults to NodePort. + type: string + ingress: + description: The ingress based HTTP01 challenge solver will solve challenges by creating or modifying Ingress resources in order to route requests for '/.well-known/acme-challenge/XYZ' to 'challenge solver' pods that are provisioned by cert-manager for each Challenge to be completed. + type: object + properties: + class: + description: The ingress class to use when creating Ingress resources to solve ACME challenges that use this challenge solver. Only one of 'class' or 'name' may be specified. + type: string + ingressTemplate: + description: Optional ingress template used to configure the ACME challenge solver ingress used for HTTP01 challenges. + type: object + properties: + metadata: + description: ObjectMeta overrides for the ingress used to solve HTTP01 challenges. Only the 'labels' and 'annotations' fields may be set. If labels or annotations overlap with in-built values, the values here will override the in-built values. + type: object + properties: + annotations: + description: Annotations that should be added to the created ACME HTTP01 solver ingress. + type: object + additionalProperties: + type: string + labels: + description: Labels that should be added to the created ACME HTTP01 solver ingress. + type: object + additionalProperties: + type: string + name: + description: The name of the ingress resource that should have ACME challenge solving routes inserted into it in order to solve HTTP01 challenges. This is typically used in conjunction with ingress controllers like ingress-gce, which maintains a 1:1 mapping between external IPs and ingress resources. + type: string + podTemplate: + description: Optional pod template used to configure the ACME challenge solver pods used for HTTP01 challenges. + type: object + properties: + metadata: + description: ObjectMeta overrides for the pod used to solve HTTP01 challenges. Only the 'labels' and 'annotations' fields may be set. If labels or annotations overlap with in-built values, the values here will override the in-built values. + type: object + properties: + annotations: + description: Annotations that should be added to the create ACME HTTP01 solver pods. + type: object + additionalProperties: + type: string + labels: + description: Labels that should be added to the created ACME HTTP01 solver pods. + type: object + additionalProperties: + type: string + spec: + description: PodSpec defines overrides for the HTTP01 challenge solver pod. Only the 'priorityClassName', 'nodeSelector', 'affinity', 'serviceAccountName' and 'tolerations' fields are supported currently. All other fields will be ignored. + type: object + properties: + affinity: + description: If specified, the pod's scheduling constraints + type: object + properties: + nodeAffinity: + description: Describes node affinity scheduling rules for the pod. + type: object + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node matches the corresponding matchExpressions; the node(s) with the highest sum are the most preferred. + type: array + items: + description: An empty preferred scheduling term matches all objects with implicit weight 0 (i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op). + type: object + required: + - preference + - weight + properties: + preference: + description: A node selector term, associated with the corresponding weight. + type: object + properties: + matchExpressions: + description: A list of node selector requirements by node's labels. + type: array + items: + description: A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + type: object + required: + - key + - operator + properties: + key: + description: The label key that the selector applies to. + type: string + operator: + description: Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + type: string + values: + description: An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. + type: array + items: + type: string + matchFields: + description: A list of node selector requirements by node's fields. + type: array + items: + description: A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + type: object + required: + - key + - operator + properties: + key: + description: The label key that the selector applies to. + type: string + operator: + description: Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + type: string + values: + description: An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. + type: array + items: + type: string + weight: + description: Weight associated with matching the corresponding nodeSelectorTerm, in the range 1-100. + type: integer + format: int32 + requiredDuringSchedulingIgnoredDuringExecution: + description: If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to an update), the system may or may not try to eventually evict the pod from its node. + type: object + required: + - nodeSelectorTerms + properties: + nodeSelectorTerms: + description: Required. A list of node selector terms. The terms are ORed. + type: array + items: + description: A null or empty node selector term matches no objects. The requirements of them are ANDed. The TopologySelectorTerm type implements a subset of the NodeSelectorTerm. + type: object + properties: + matchExpressions: + description: A list of node selector requirements by node's labels. + type: array + items: + description: A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + type: object + required: + - key + - operator + properties: + key: + description: The label key that the selector applies to. + type: string + operator: + description: Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + type: string + values: + description: An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. + type: array + items: + type: string + matchFields: + description: A list of node selector requirements by node's fields. + type: array + items: + description: A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + type: object + required: + - key + - operator + properties: + key: + description: The label key that the selector applies to. + type: string + operator: + description: Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + type: string + values: + description: An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. + type: array + items: + type: string + podAffinity: + description: Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s)). + type: object + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred. + type: array + items: + description: The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s) + type: object + required: + - podAffinityTerm + - weight + properties: + podAffinityTerm: + description: Required. A pod affinity term, associated with the corresponding weight. + type: object + required: + - topologyKey + properties: + labelSelector: + description: A label query over a set of resources, in this case pods. + type: object + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. The requirements are ANDed. + type: array + items: + description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + type: object + required: + - key + - operator + properties: + key: + description: key is the label key that the selector applies to. + type: string + operator: + description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + type: array + items: + type: string + matchLabels: + description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + additionalProperties: + type: string + namespaceSelector: + description: A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. This field is beta-level and is only honored when PodAffinityNamespaceSelector feature is enabled. + type: object + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. The requirements are ANDed. + type: array + items: + description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + type: object + required: + - key + - operator + properties: + key: + description: key is the label key that the selector applies to. + type: string + operator: + description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + type: array + items: + type: string + matchLabels: + description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + additionalProperties: + type: string + namespaces: + description: namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace" + type: array + items: + type: string + topologyKey: + description: This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. + type: string + weight: + description: weight associated with matching the corresponding podAffinityTerm, in the range 1-100. + type: integer + format: int32 + requiredDuringSchedulingIgnoredDuringExecution: + description: If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied. + type: array + items: + description: Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running + type: object + required: + - topologyKey + properties: + labelSelector: + description: A label query over a set of resources, in this case pods. + type: object + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. The requirements are ANDed. + type: array + items: + description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + type: object + required: + - key + - operator + properties: + key: + description: key is the label key that the selector applies to. + type: string + operator: + description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + type: array + items: + type: string + matchLabels: + description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + additionalProperties: + type: string + namespaceSelector: + description: A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. This field is beta-level and is only honored when PodAffinityNamespaceSelector feature is enabled. + type: object + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. The requirements are ANDed. + type: array + items: + description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + type: object + required: + - key + - operator + properties: + key: + description: key is the label key that the selector applies to. + type: string + operator: + description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + type: array + items: + type: string + matchLabels: + description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + additionalProperties: + type: string + namespaces: + description: namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace" + type: array + items: + type: string + topologyKey: + description: This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. + type: string + podAntiAffinity: + description: Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s)). + type: object + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule pods to nodes that satisfy the anti-affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling anti-affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred. + type: array + items: + description: The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s) + type: object + required: + - podAffinityTerm + - weight + properties: + podAffinityTerm: + description: Required. A pod affinity term, associated with the corresponding weight. + type: object + required: + - topologyKey + properties: + labelSelector: + description: A label query over a set of resources, in this case pods. + type: object + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. The requirements are ANDed. + type: array + items: + description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + type: object + required: + - key + - operator + properties: + key: + description: key is the label key that the selector applies to. + type: string + operator: + description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + type: array + items: + type: string + matchLabels: + description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + additionalProperties: + type: string + namespaceSelector: + description: A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. This field is beta-level and is only honored when PodAffinityNamespaceSelector feature is enabled. + type: object + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. The requirements are ANDed. + type: array + items: + description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + type: object + required: + - key + - operator + properties: + key: + description: key is the label key that the selector applies to. + type: string + operator: + description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + type: array + items: + type: string + matchLabels: + description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + additionalProperties: + type: string + namespaces: + description: namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace" + type: array + items: + type: string + topologyKey: + description: This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. + type: string + weight: + description: weight associated with matching the corresponding podAffinityTerm, in the range 1-100. + type: integer + format: int32 + requiredDuringSchedulingIgnoredDuringExecution: + description: If the anti-affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the anti-affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied. + type: array + items: + description: Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running + type: object + required: + - topologyKey + properties: + labelSelector: + description: A label query over a set of resources, in this case pods. + type: object + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. The requirements are ANDed. + type: array + items: + description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + type: object + required: + - key + - operator + properties: + key: + description: key is the label key that the selector applies to. + type: string + operator: + description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + type: array + items: + type: string + matchLabels: + description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + additionalProperties: + type: string + namespaceSelector: + description: A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. This field is beta-level and is only honored when PodAffinityNamespaceSelector feature is enabled. + type: object + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. The requirements are ANDed. + type: array + items: + description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + type: object + required: + - key + - operator + properties: + key: + description: key is the label key that the selector applies to. + type: string + operator: + description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + type: array + items: + type: string + matchLabels: + description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + additionalProperties: + type: string + namespaces: + description: namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace" + type: array + items: + type: string + topologyKey: + description: This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. + type: string + nodeSelector: + description: 'NodeSelector is a selector which must be true for the pod to fit on a node. Selector which must match a node''s labels for the pod to be scheduled on that node. More info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/' + type: object + additionalProperties: + type: string + priorityClassName: + description: If specified, the pod's priorityClassName. + type: string + serviceAccountName: + description: If specified, the pod's service account + type: string + tolerations: + description: If specified, the pod's tolerations. + type: array + items: + description: The pod this Toleration is attached to tolerates any taint that matches the triple using the matching operator . + type: object + properties: + effect: + description: Effect indicates the taint effect to match. Empty means match all taint effects. When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. + type: string + key: + description: Key is the taint key that the toleration applies to. Empty means match all taint keys. If the key is empty, operator must be Exists; this combination means to match all values and all keys. + type: string + operator: + description: Operator represents a key's relationship to the value. Valid operators are Exists and Equal. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category. + type: string + tolerationSeconds: + description: TolerationSeconds represents the period of time the toleration (which must be of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, it is not set, which means tolerate the taint forever (do not evict). Zero and negative values will be treated as 0 (evict immediately) by the system. + type: integer + format: int64 + value: + description: Value is the taint value the toleration matches to. If the operator is Exists, the value should be empty, otherwise just a regular string. + type: string + serviceType: + description: Optional service type for Kubernetes solver service. Supported values are NodePort or ClusterIP. If unset, defaults to NodePort. + type: string + selector: + description: Selector selects a set of DNSNames on the Certificate resource that should be solved using this challenge solver. If not specified, the solver will be treated as the 'default' solver with the lowest priority, i.e. if any other solver has a more specific match, it will be used instead. + type: object + properties: + dnsNames: + description: List of DNSNames that this solver will be used to solve. If specified and a match is found, a dnsNames selector will take precedence over a dnsZones selector. If multiple solvers match with the same dnsNames value, the solver with the most matching labels in matchLabels will be selected. If neither has more matches, the solver defined earlier in the list will be selected. + type: array + items: + type: string + dnsZones: + description: List of DNSZones that this solver will be used to solve. The most specific DNS zone match specified here will take precedence over other DNS zone matches, so a solver specifying sys.example.com will be selected over one specifying example.com for the domain www.sys.example.com. If multiple solvers match with the same dnsZones value, the solver with the most matching labels in matchLabels will be selected. If neither has more matches, the solver defined earlier in the list will be selected. + type: array + items: + type: string + matchLabels: + description: A label selector that is used to refine the set of certificate's that this challenge solver will apply to. + type: object + additionalProperties: + type: string + token: + description: The ACME challenge token for this challenge. This is the raw value returned from the ACME server. + type: string + type: + description: The type of ACME challenge this resource represents. One of "HTTP-01" or "DNS-01". + type: string + enum: + - HTTP-01 + - DNS-01 + url: + description: The URL of the ACME Challenge resource for this challenge. This can be used to lookup details about the status of this challenge. + type: string + wildcard: + description: wildcard will be true if this challenge is for a wildcard identifier, for example '*.example.com'. + type: boolean + status: + type: object + properties: + presented: + description: presented will be set to true if the challenge values for this challenge are currently 'presented'. This *does not* imply the self check is passing. Only that the values have been 'submitted' for the appropriate challenge mechanism (i.e. the DNS01 TXT record has been presented, or the HTTP01 configuration has been configured). + type: boolean + processing: + description: Used to denote whether this challenge should be processed or not. This field will only be set to true by the 'scheduling' component. It will only be set to false by the 'challenges' controller, after the challenge has reached a final state or timed out. If this field is set to false, the challenge controller will not take any more action. + type: boolean + reason: + description: Contains human readable information on why the Challenge is in the current state. + type: string + state: + description: Contains the current 'state' of the challenge. If not set, the state of the challenge is unknown. + type: string + enum: + - valid + - ready + - pending + - processing + - invalid + - expired + - errored + served: true + storage: true + subresources: + status: {} +--- +# Source: cert-manager/templates/crd-templates.yaml +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: clusterissuers.cert-manager.io + labels: + app: 'cert-manager' + app.kubernetes.io/name: 'cert-manager' + app.kubernetes.io/instance: 'cert-manager' + # Generated labels + app.kubernetes.io/version: "v1.8.2" +spec: + group: cert-manager.io + names: + kind: ClusterIssuer + listKind: ClusterIssuerList + plural: clusterissuers + singular: clusterissuer + categories: + - cert-manager + scope: Cluster + versions: + - name: v1 + subresources: + status: {} + additionalPrinterColumns: + - jsonPath: .status.conditions[?(@.type=="Ready")].status + name: Ready + type: string + - jsonPath: .status.conditions[?(@.type=="Ready")].message + name: Status + priority: 1 + type: string + - jsonPath: .metadata.creationTimestamp + description: CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC. + name: Age + type: date + schema: + openAPIV3Schema: + description: A ClusterIssuer represents a certificate issuing authority which can be referenced as part of `issuerRef` fields. It is similar to an Issuer, however it is cluster-scoped and therefore can be referenced by resources that exist in *any* namespace, not just the same namespace as the referent. + type: object + required: + - spec + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: Desired state of the ClusterIssuer resource. + type: object + properties: + acme: + description: ACME configures this issuer to communicate with a RFC8555 (ACME) server to obtain signed x509 certificates. + type: object + required: + - privateKeySecretRef + - server + properties: + disableAccountKeyGeneration: + description: Enables or disables generating a new ACME account key. If true, the Issuer resource will *not* request a new account but will expect the account key to be supplied via an existing secret. If false, the cert-manager system will generate a new ACME account key for the Issuer. Defaults to false. + type: boolean + email: + description: Email is the email address to be associated with the ACME account. This field is optional, but it is strongly recommended to be set. It will be used to contact you in case of issues with your account or certificates, including expiry notification emails. This field may be updated after the account is initially registered. + type: string + enableDurationFeature: + description: Enables requesting a Not After date on certificates that matches the duration of the certificate. This is not supported by all ACME servers like Let's Encrypt. If set to true when the ACME server does not support it it will create an error on the Order. Defaults to false. + type: boolean + externalAccountBinding: + description: ExternalAccountBinding is a reference to a CA external account of the ACME server. If set, upon registration cert-manager will attempt to associate the given external account credentials with the registered ACME account. + type: object + required: + - keyID + - keySecretRef + properties: + keyAlgorithm: + description: 'Deprecated: keyAlgorithm field exists for historical compatibility reasons and should not be used. The algorithm is now hardcoded to HS256 in golang/x/crypto/acme.' + type: string + enum: + - HS256 + - HS384 + - HS512 + keyID: + description: keyID is the ID of the CA key that the External Account is bound to. + type: string + keySecretRef: + description: keySecretRef is a Secret Key Selector referencing a data item in a Kubernetes Secret which holds the symmetric MAC key of the External Account Binding. The `key` is the index string that is paired with the key data in the Secret and should not be confused with the key data itself, or indeed with the External Account Binding keyID above. The secret key stored in the Secret **must** be un-padded, base64 URL encoded data. + type: object + required: + - name + properties: + key: + description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. + type: string + name: + description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + preferredChain: + description: 'PreferredChain is the chain to use if the ACME server outputs multiple. PreferredChain is no guarantee that this one gets delivered by the ACME endpoint. For example, for Let''s Encrypt''s DST crosssign you would use: "DST Root CA X3" or "ISRG Root X1" for the newer Let''s Encrypt root CA. This value picks the first certificate bundle in the ACME alternative chains that has a certificate with this value as its issuer''s CN' + type: string + maxLength: 64 + privateKeySecretRef: + description: PrivateKey is the name of a Kubernetes Secret resource that will be used to store the automatically generated ACME account private key. Optionally, a `key` may be specified to select a specific entry within the named Secret resource. If `key` is not specified, a default of `tls.key` will be used. + type: object + required: + - name + properties: + key: + description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. + type: string + name: + description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + server: + description: 'Server is the URL used to access the ACME server''s ''directory'' endpoint. For example, for Let''s Encrypt''s staging endpoint, you would use: "https://acme-staging-v02.api.letsencrypt.org/directory". Only ACME v2 endpoints (i.e. RFC 8555) are supported.' + type: string + skipTLSVerify: + description: Enables or disables validation of the ACME server TLS certificate. If true, requests to the ACME server will not have their TLS certificate validated (i.e. insecure connections will be allowed). Only enable this option in development environments. The cert-manager system installed roots will be used to verify connections to the ACME server if this is false. Defaults to false. + type: boolean + solvers: + description: 'Solvers is a list of challenge solvers that will be used to solve ACME challenges for the matching domains. Solver configurations must be provided in order to obtain certificates from an ACME server. For more information, see: https://cert-manager.io/docs/configuration/acme/' + type: array + items: + description: An ACMEChallengeSolver describes how to solve ACME challenges for the issuer it is part of. A selector may be provided to use different solving strategies for different DNS names. Only one of HTTP01 or DNS01 must be provided. + type: object + properties: + dns01: + description: Configures cert-manager to attempt to complete authorizations by performing the DNS01 challenge flow. + type: object + properties: + acmeDNS: + description: Use the 'ACME DNS' (https://github.com/joohoi/acme-dns) API to manage DNS01 challenge records. + type: object + required: + - accountSecretRef + - host + properties: + accountSecretRef: + description: A reference to a specific 'key' within a Secret resource. In some instances, `key` is a required field. + type: object + required: + - name + properties: + key: + description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. + type: string + name: + description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + host: + type: string + akamai: + description: Use the Akamai DNS zone management API to manage DNS01 challenge records. + type: object + required: + - accessTokenSecretRef + - clientSecretSecretRef + - clientTokenSecretRef + - serviceConsumerDomain + properties: + accessTokenSecretRef: + description: A reference to a specific 'key' within a Secret resource. In some instances, `key` is a required field. + type: object + required: + - name + properties: + key: + description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. + type: string + name: + description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + clientSecretSecretRef: + description: A reference to a specific 'key' within a Secret resource. In some instances, `key` is a required field. + type: object + required: + - name + properties: + key: + description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. + type: string + name: + description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + clientTokenSecretRef: + description: A reference to a specific 'key' within a Secret resource. In some instances, `key` is a required field. + type: object + required: + - name + properties: + key: + description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. + type: string + name: + description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + serviceConsumerDomain: + type: string + azureDNS: + description: Use the Microsoft Azure DNS API to manage DNS01 challenge records. + type: object + required: + - resourceGroupName + - subscriptionID + properties: + clientID: + description: if both this and ClientSecret are left unset MSI will be used + type: string + clientSecretSecretRef: + description: if both this and ClientID are left unset MSI will be used + type: object + required: + - name + properties: + key: + description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. + type: string + name: + description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + environment: + description: name of the Azure environment (default AzurePublicCloud) + type: string + enum: + - AzurePublicCloud + - AzureChinaCloud + - AzureGermanCloud + - AzureUSGovernmentCloud + hostedZoneName: + description: name of the DNS zone that should be used + type: string + managedIdentity: + description: managed identity configuration, can not be used at the same time as clientID, clientSecretSecretRef or tenantID + type: object + properties: + clientID: + description: client ID of the managed identity, can not be used at the same time as resourceID + type: string + resourceID: + description: resource ID of the managed identity, can not be used at the same time as clientID + type: string + resourceGroupName: + description: resource group the DNS zone is located in + type: string + subscriptionID: + description: ID of the Azure subscription + type: string + tenantID: + description: when specifying ClientID and ClientSecret then this field is also needed + type: string + cloudDNS: + description: Use the Google Cloud DNS API to manage DNS01 challenge records. + type: object + required: + - project + properties: + hostedZoneName: + description: HostedZoneName is an optional field that tells cert-manager in which Cloud DNS zone the challenge record has to be created. If left empty cert-manager will automatically choose a zone. + type: string + project: + type: string + serviceAccountSecretRef: + description: A reference to a specific 'key' within a Secret resource. In some instances, `key` is a required field. + type: object + required: + - name + properties: + key: + description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. + type: string + name: + description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + cloudflare: + description: Use the Cloudflare API to manage DNS01 challenge records. + type: object + properties: + apiKeySecretRef: + description: 'API key to use to authenticate with Cloudflare. Note: using an API token to authenticate is now the recommended method as it allows greater control of permissions.' + type: object + required: + - name + properties: + key: + description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. + type: string + name: + description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + apiTokenSecretRef: + description: API token used to authenticate with Cloudflare. + type: object + required: + - name + properties: + key: + description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. + type: string + name: + description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + email: + description: Email of the account, only required when using API key based authentication. + type: string + cnameStrategy: + description: CNAMEStrategy configures how the DNS01 provider should handle CNAME records when found in DNS zones. + type: string + enum: + - None + - Follow + digitalocean: + description: Use the DigitalOcean DNS API to manage DNS01 challenge records. + type: object + required: + - tokenSecretRef + properties: + tokenSecretRef: + description: A reference to a specific 'key' within a Secret resource. In some instances, `key` is a required field. + type: object + required: + - name + properties: + key: + description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. + type: string + name: + description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + rfc2136: + description: Use RFC2136 ("Dynamic Updates in the Domain Name System") (https://datatracker.ietf.org/doc/rfc2136/) to manage DNS01 challenge records. + type: object + required: + - nameserver + properties: + nameserver: + description: The IP address or hostname of an authoritative DNS server supporting RFC2136 in the form host:port. If the host is an IPv6 address it must be enclosed in square brackets (e.g [2001:db8::1]) ; port is optional. This field is required. + type: string + tsigAlgorithm: + description: 'The TSIG Algorithm configured in the DNS supporting RFC2136. Used only when ``tsigSecretSecretRef`` and ``tsigKeyName`` are defined. Supported values are (case-insensitive): ``HMACMD5`` (default), ``HMACSHA1``, ``HMACSHA256`` or ``HMACSHA512``.' + type: string + tsigKeyName: + description: The TSIG Key name configured in the DNS. If ``tsigSecretSecretRef`` is defined, this field is required. + type: string + tsigSecretSecretRef: + description: The name of the secret containing the TSIG value. If ``tsigKeyName`` is defined, this field is required. + type: object + required: + - name + properties: + key: + description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. + type: string + name: + description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + route53: + description: Use the AWS Route53 API to manage DNS01 challenge records. + type: object + required: + - region + properties: + accessKeyID: + description: 'The AccessKeyID is used for authentication. If not set we fall-back to using env vars, shared credentials file or AWS Instance metadata see: https://docs.aws.amazon.com/sdk-for-go/v1/developer-guide/configuring-sdk.html#specifying-credentials' + type: string + hostedZoneID: + description: If set, the provider will manage only this zone in Route53 and will not do an lookup using the route53:ListHostedZonesByName api call. + type: string + region: + description: Always set the region when using AccessKeyID and SecretAccessKey + type: string + role: + description: Role is a Role ARN which the Route53 provider will assume using either the explicit credentials AccessKeyID/SecretAccessKey or the inferred credentials from environment variables, shared credentials file or AWS Instance metadata + type: string + secretAccessKeySecretRef: + description: The SecretAccessKey is used for authentication. If not set we fall-back to using env vars, shared credentials file or AWS Instance metadata https://docs.aws.amazon.com/sdk-for-go/v1/developer-guide/configuring-sdk.html#specifying-credentials + type: object + required: + - name + properties: + key: + description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. + type: string + name: + description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + webhook: + description: Configure an external webhook based DNS01 challenge solver to manage DNS01 challenge records. + type: object + required: + - groupName + - solverName + properties: + config: + description: Additional configuration that should be passed to the webhook apiserver when challenges are processed. This can contain arbitrary JSON data. Secret values should not be specified in this stanza. If secret values are needed (e.g. credentials for a DNS service), you should use a SecretKeySelector to reference a Secret resource. For details on the schema of this field, consult the webhook provider implementation's documentation. + x-kubernetes-preserve-unknown-fields: true + groupName: + description: The API group name that should be used when POSTing ChallengePayload resources to the webhook apiserver. This should be the same as the GroupName specified in the webhook provider implementation. + type: string + solverName: + description: The name of the solver to use, as defined in the webhook provider implementation. This will typically be the name of the provider, e.g. 'cloudflare'. + type: string + http01: + description: Configures cert-manager to attempt to complete authorizations by performing the HTTP01 challenge flow. It is not possible to obtain certificates for wildcard domain names (e.g. `*.example.com`) using the HTTP01 challenge mechanism. + type: object + properties: + gatewayHTTPRoute: + description: The Gateway API is a sig-network community API that models service networking in Kubernetes (https://gateway-api.sigs.k8s.io/). The Gateway solver will create HTTPRoutes with the specified labels in the same namespace as the challenge. This solver is experimental, and fields / behaviour may change in the future. + type: object + properties: + labels: + description: Custom labels that will be applied to HTTPRoutes created by cert-manager while solving HTTP-01 challenges. + type: object + additionalProperties: + type: string + parentRefs: + description: 'When solving an HTTP-01 challenge, cert-manager creates an HTTPRoute. cert-manager needs to know which parentRefs should be used when creating the HTTPRoute. Usually, the parentRef references a Gateway. See: https://gateway-api.sigs.k8s.io/v1alpha2/api-types/httproute/#attaching-to-gateways' + type: array + items: + description: "ParentRef identifies an API object (usually a Gateway) that can be considered a parent of this resource (usually a route). The only kind of parent resource with \"Core\" support is Gateway. This API may be extended in the future to support additional kinds of parent resources, such as HTTPRoute. \n The API object must be valid in the cluster; the Group and Kind must be registered in the cluster for this reference to be valid. \n References to objects with invalid Group and Kind are not valid, and must be rejected by the implementation, with appropriate Conditions set on the containing object." + type: object + required: + - name + properties: + group: + description: "Group is the group of the referent. \n Support: Core" + type: string + default: gateway.networking.k8s.io + maxLength: 253 + pattern: ^$|^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ + kind: + description: "Kind is kind of the referent. \n Support: Core (Gateway) Support: Custom (Other Resources)" + type: string + default: Gateway + maxLength: 63 + minLength: 1 + pattern: ^[a-zA-Z]([-a-zA-Z0-9]*[a-zA-Z0-9])?$ + name: + description: "Name is the name of the referent. \n Support: Core" + type: string + maxLength: 253 + minLength: 1 + namespace: + description: "Namespace is the namespace of the referent. When unspecified (or empty string), this refers to the local namespace of the Route. \n Support: Core" + type: string + maxLength: 63 + minLength: 1 + pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$ + sectionName: + description: "SectionName is the name of a section within the target resource. In the following resources, SectionName is interpreted as the following: \n * Gateway: Listener Name \n Implementations MAY choose to support attaching Routes to other resources. If that is the case, they MUST clearly document how SectionName is interpreted. \n When unspecified (empty string), this will reference the entire resource. For the purpose of status, an attachment is considered successful if at least one section in the parent resource accepts it. For example, Gateway listeners can restrict which Routes can attach to them by Route kind, namespace, or hostname. If 1 of 2 Gateway listeners accept attachment from the referencing Route, the Route MUST be considered successfully attached. If no Gateway listeners accept attachment from this Route, the Route MUST be considered detached from the Gateway. \n Support: Core" + type: string + maxLength: 253 + minLength: 1 + pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ + serviceType: + description: Optional service type for Kubernetes solver service. Supported values are NodePort or ClusterIP. If unset, defaults to NodePort. + type: string + ingress: + description: The ingress based HTTP01 challenge solver will solve challenges by creating or modifying Ingress resources in order to route requests for '/.well-known/acme-challenge/XYZ' to 'challenge solver' pods that are provisioned by cert-manager for each Challenge to be completed. + type: object + properties: + class: + description: The ingress class to use when creating Ingress resources to solve ACME challenges that use this challenge solver. Only one of 'class' or 'name' may be specified. + type: string + ingressTemplate: + description: Optional ingress template used to configure the ACME challenge solver ingress used for HTTP01 challenges. + type: object + properties: + metadata: + description: ObjectMeta overrides for the ingress used to solve HTTP01 challenges. Only the 'labels' and 'annotations' fields may be set. If labels or annotations overlap with in-built values, the values here will override the in-built values. + type: object + properties: + annotations: + description: Annotations that should be added to the created ACME HTTP01 solver ingress. + type: object + additionalProperties: + type: string + labels: + description: Labels that should be added to the created ACME HTTP01 solver ingress. + type: object + additionalProperties: + type: string + name: + description: The name of the ingress resource that should have ACME challenge solving routes inserted into it in order to solve HTTP01 challenges. This is typically used in conjunction with ingress controllers like ingress-gce, which maintains a 1:1 mapping between external IPs and ingress resources. + type: string + podTemplate: + description: Optional pod template used to configure the ACME challenge solver pods used for HTTP01 challenges. + type: object + properties: + metadata: + description: ObjectMeta overrides for the pod used to solve HTTP01 challenges. Only the 'labels' and 'annotations' fields may be set. If labels or annotations overlap with in-built values, the values here will override the in-built values. + type: object + properties: + annotations: + description: Annotations that should be added to the create ACME HTTP01 solver pods. + type: object + additionalProperties: + type: string + labels: + description: Labels that should be added to the created ACME HTTP01 solver pods. + type: object + additionalProperties: + type: string + spec: + description: PodSpec defines overrides for the HTTP01 challenge solver pod. Only the 'priorityClassName', 'nodeSelector', 'affinity', 'serviceAccountName' and 'tolerations' fields are supported currently. All other fields will be ignored. + type: object + properties: + affinity: + description: If specified, the pod's scheduling constraints + type: object + properties: + nodeAffinity: + description: Describes node affinity scheduling rules for the pod. + type: object + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node matches the corresponding matchExpressions; the node(s) with the highest sum are the most preferred. + type: array + items: + description: An empty preferred scheduling term matches all objects with implicit weight 0 (i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op). + type: object + required: + - preference + - weight + properties: + preference: + description: A node selector term, associated with the corresponding weight. + type: object + properties: + matchExpressions: + description: A list of node selector requirements by node's labels. + type: array + items: + description: A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + type: object + required: + - key + - operator + properties: + key: + description: The label key that the selector applies to. + type: string + operator: + description: Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + type: string + values: + description: An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. + type: array + items: + type: string + matchFields: + description: A list of node selector requirements by node's fields. + type: array + items: + description: A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + type: object + required: + - key + - operator + properties: + key: + description: The label key that the selector applies to. + type: string + operator: + description: Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + type: string + values: + description: An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. + type: array + items: + type: string + weight: + description: Weight associated with matching the corresponding nodeSelectorTerm, in the range 1-100. + type: integer + format: int32 + requiredDuringSchedulingIgnoredDuringExecution: + description: If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to an update), the system may or may not try to eventually evict the pod from its node. + type: object + required: + - nodeSelectorTerms + properties: + nodeSelectorTerms: + description: Required. A list of node selector terms. The terms are ORed. + type: array + items: + description: A null or empty node selector term matches no objects. The requirements of them are ANDed. The TopologySelectorTerm type implements a subset of the NodeSelectorTerm. + type: object + properties: + matchExpressions: + description: A list of node selector requirements by node's labels. + type: array + items: + description: A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + type: object + required: + - key + - operator + properties: + key: + description: The label key that the selector applies to. + type: string + operator: + description: Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + type: string + values: + description: An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. + type: array + items: + type: string + matchFields: + description: A list of node selector requirements by node's fields. + type: array + items: + description: A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + type: object + required: + - key + - operator + properties: + key: + description: The label key that the selector applies to. + type: string + operator: + description: Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + type: string + values: + description: An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. + type: array + items: + type: string + podAffinity: + description: Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s)). + type: object + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred. + type: array + items: + description: The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s) + type: object + required: + - podAffinityTerm + - weight + properties: + podAffinityTerm: + description: Required. A pod affinity term, associated with the corresponding weight. + type: object + required: + - topologyKey + properties: + labelSelector: + description: A label query over a set of resources, in this case pods. + type: object + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. The requirements are ANDed. + type: array + items: + description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + type: object + required: + - key + - operator + properties: + key: + description: key is the label key that the selector applies to. + type: string + operator: + description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + type: array + items: + type: string + matchLabels: + description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + additionalProperties: + type: string + namespaceSelector: + description: A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. This field is beta-level and is only honored when PodAffinityNamespaceSelector feature is enabled. + type: object + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. The requirements are ANDed. + type: array + items: + description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + type: object + required: + - key + - operator + properties: + key: + description: key is the label key that the selector applies to. + type: string + operator: + description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + type: array + items: + type: string + matchLabels: + description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + additionalProperties: + type: string + namespaces: + description: namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace" + type: array + items: + type: string + topologyKey: + description: This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. + type: string + weight: + description: weight associated with matching the corresponding podAffinityTerm, in the range 1-100. + type: integer + format: int32 + requiredDuringSchedulingIgnoredDuringExecution: + description: If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied. + type: array + items: + description: Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running + type: object + required: + - topologyKey + properties: + labelSelector: + description: A label query over a set of resources, in this case pods. + type: object + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. The requirements are ANDed. + type: array + items: + description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + type: object + required: + - key + - operator + properties: + key: + description: key is the label key that the selector applies to. + type: string + operator: + description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + type: array + items: + type: string + matchLabels: + description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + additionalProperties: + type: string + namespaceSelector: + description: A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. This field is beta-level and is only honored when PodAffinityNamespaceSelector feature is enabled. + type: object + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. The requirements are ANDed. + type: array + items: + description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + type: object + required: + - key + - operator + properties: + key: + description: key is the label key that the selector applies to. + type: string + operator: + description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + type: array + items: + type: string + matchLabels: + description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + additionalProperties: + type: string + namespaces: + description: namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace" + type: array + items: + type: string + topologyKey: + description: This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. + type: string + podAntiAffinity: + description: Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s)). + type: object + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule pods to nodes that satisfy the anti-affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling anti-affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred. + type: array + items: + description: The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s) + type: object + required: + - podAffinityTerm + - weight + properties: + podAffinityTerm: + description: Required. A pod affinity term, associated with the corresponding weight. + type: object + required: + - topologyKey + properties: + labelSelector: + description: A label query over a set of resources, in this case pods. + type: object + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. The requirements are ANDed. + type: array + items: + description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + type: object + required: + - key + - operator + properties: + key: + description: key is the label key that the selector applies to. + type: string + operator: + description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + type: array + items: + type: string + matchLabels: + description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + additionalProperties: + type: string + namespaceSelector: + description: A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. This field is beta-level and is only honored when PodAffinityNamespaceSelector feature is enabled. + type: object + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. The requirements are ANDed. + type: array + items: + description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + type: object + required: + - key + - operator + properties: + key: + description: key is the label key that the selector applies to. + type: string + operator: + description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + type: array + items: + type: string + matchLabels: + description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + additionalProperties: + type: string + namespaces: + description: namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace" + type: array + items: + type: string + topologyKey: + description: This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. + type: string + weight: + description: weight associated with matching the corresponding podAffinityTerm, in the range 1-100. + type: integer + format: int32 + requiredDuringSchedulingIgnoredDuringExecution: + description: If the anti-affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the anti-affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied. + type: array + items: + description: Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running + type: object + required: + - topologyKey + properties: + labelSelector: + description: A label query over a set of resources, in this case pods. + type: object + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. The requirements are ANDed. + type: array + items: + description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + type: object + required: + - key + - operator + properties: + key: + description: key is the label key that the selector applies to. + type: string + operator: + description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + type: array + items: + type: string + matchLabels: + description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + additionalProperties: + type: string + namespaceSelector: + description: A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. This field is beta-level and is only honored when PodAffinityNamespaceSelector feature is enabled. + type: object + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. The requirements are ANDed. + type: array + items: + description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + type: object + required: + - key + - operator + properties: + key: + description: key is the label key that the selector applies to. + type: string + operator: + description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + type: array + items: + type: string + matchLabels: + description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + additionalProperties: + type: string + namespaces: + description: namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace" + type: array + items: + type: string + topologyKey: + description: This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. + type: string + nodeSelector: + description: 'NodeSelector is a selector which must be true for the pod to fit on a node. Selector which must match a node''s labels for the pod to be scheduled on that node. More info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/' + type: object + additionalProperties: + type: string + priorityClassName: + description: If specified, the pod's priorityClassName. + type: string + serviceAccountName: + description: If specified, the pod's service account + type: string + tolerations: + description: If specified, the pod's tolerations. + type: array + items: + description: The pod this Toleration is attached to tolerates any taint that matches the triple using the matching operator . + type: object + properties: + effect: + description: Effect indicates the taint effect to match. Empty means match all taint effects. When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. + type: string + key: + description: Key is the taint key that the toleration applies to. Empty means match all taint keys. If the key is empty, operator must be Exists; this combination means to match all values and all keys. + type: string + operator: + description: Operator represents a key's relationship to the value. Valid operators are Exists and Equal. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category. + type: string + tolerationSeconds: + description: TolerationSeconds represents the period of time the toleration (which must be of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, it is not set, which means tolerate the taint forever (do not evict). Zero and negative values will be treated as 0 (evict immediately) by the system. + type: integer + format: int64 + value: + description: Value is the taint value the toleration matches to. If the operator is Exists, the value should be empty, otherwise just a regular string. + type: string + serviceType: + description: Optional service type for Kubernetes solver service. Supported values are NodePort or ClusterIP. If unset, defaults to NodePort. + type: string + selector: + description: Selector selects a set of DNSNames on the Certificate resource that should be solved using this challenge solver. If not specified, the solver will be treated as the 'default' solver with the lowest priority, i.e. if any other solver has a more specific match, it will be used instead. + type: object + properties: + dnsNames: + description: List of DNSNames that this solver will be used to solve. If specified and a match is found, a dnsNames selector will take precedence over a dnsZones selector. If multiple solvers match with the same dnsNames value, the solver with the most matching labels in matchLabels will be selected. If neither has more matches, the solver defined earlier in the list will be selected. + type: array + items: + type: string + dnsZones: + description: List of DNSZones that this solver will be used to solve. The most specific DNS zone match specified here will take precedence over other DNS zone matches, so a solver specifying sys.example.com will be selected over one specifying example.com for the domain www.sys.example.com. If multiple solvers match with the same dnsZones value, the solver with the most matching labels in matchLabels will be selected. If neither has more matches, the solver defined earlier in the list will be selected. + type: array + items: + type: string + matchLabels: + description: A label selector that is used to refine the set of certificate's that this challenge solver will apply to. + type: object + additionalProperties: + type: string + ca: + description: CA configures this issuer to sign certificates using a signing CA keypair stored in a Secret resource. This is used to build internal PKIs that are managed by cert-manager. + type: object + required: + - secretName + properties: + crlDistributionPoints: + description: The CRL distribution points is an X.509 v3 certificate extension which identifies the location of the CRL from which the revocation of this certificate can be checked. If not set, certificates will be issued without distribution points set. + type: array + items: + type: string + ocspServers: + description: The OCSP server list is an X.509 v3 extension that defines a list of URLs of OCSP responders. The OCSP responders can be queried for the revocation status of an issued certificate. If not set, the certificate will be issued with no OCSP servers set. For example, an OCSP server URL could be "http://ocsp.int-x3.letsencrypt.org". + type: array + items: + type: string + secretName: + description: SecretName is the name of the secret used to sign Certificates issued by this Issuer. + type: string + selfSigned: + description: SelfSigned configures this issuer to 'self sign' certificates using the private key used to create the CertificateRequest object. + type: object + properties: + crlDistributionPoints: + description: The CRL distribution points is an X.509 v3 certificate extension which identifies the location of the CRL from which the revocation of this certificate can be checked. If not set certificate will be issued without CDP. Values are strings. + type: array + items: + type: string + vault: + description: Vault configures this issuer to sign certificates using a HashiCorp Vault PKI backend. + type: object + required: + - auth + - path + - server + properties: + auth: + description: Auth configures how cert-manager authenticates with the Vault server. + type: object + properties: + appRole: + description: AppRole authenticates with Vault using the App Role auth mechanism, with the role and secret stored in a Kubernetes Secret resource. + type: object + required: + - path + - roleId + - secretRef + properties: + path: + description: 'Path where the App Role authentication backend is mounted in Vault, e.g: "approle"' + type: string + roleId: + description: RoleID configured in the App Role authentication backend when setting up the authentication backend in Vault. + type: string + secretRef: + description: Reference to a key in a Secret that contains the App Role secret used to authenticate with Vault. The `key` field must be specified and denotes which entry within the Secret resource is used as the app role secret. + type: object + required: + - name + properties: + key: + description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. + type: string + name: + description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + kubernetes: + description: Kubernetes authenticates with Vault by passing the ServiceAccount token stored in the named Secret resource to the Vault server. + type: object + required: + - role + - secretRef + properties: + mountPath: + description: The Vault mountPath here is the mount path to use when authenticating with Vault. For example, setting a value to `/v1/auth/foo`, will use the path `/v1/auth/foo/login` to authenticate with Vault. If unspecified, the default value "/v1/auth/kubernetes" will be used. + type: string + role: + description: A required field containing the Vault Role to assume. A Role binds a Kubernetes ServiceAccount with a set of Vault policies. + type: string + secretRef: + description: The required Secret field containing a Kubernetes ServiceAccount JWT used for authenticating with Vault. Use of 'ambient credentials' is not supported. + type: object + required: + - name + properties: + key: + description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. + type: string + name: + description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + tokenSecretRef: + description: TokenSecretRef authenticates with Vault by presenting a token. + type: object + required: + - name + properties: + key: + description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. + type: string + name: + description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + caBundle: + description: PEM-encoded CA bundle (base64-encoded) used to validate Vault server certificate. Only used if the Server URL is using HTTPS protocol. This parameter is ignored for plain HTTP protocol connection. If not set the system root certificates are used to validate the TLS connection. + type: string + format: byte + namespace: + description: 'Name of the vault namespace. Namespaces is a set of features within Vault Enterprise that allows Vault environments to support Secure Multi-tenancy. e.g: "ns1" More about namespaces can be found here https://www.vaultproject.io/docs/enterprise/namespaces' + type: string + path: + description: 'Path is the mount path of the Vault PKI backend''s `sign` endpoint, e.g: "my_pki_mount/sign/my-role-name".' + type: string + server: + description: 'Server is the connection address for the Vault server, e.g: "https://vault.example.com:8200".' + type: string + venafi: + description: Venafi configures this issuer to sign certificates using a Venafi TPP or Venafi Cloud policy zone. + type: object + required: + - zone + properties: + cloud: + description: Cloud specifies the Venafi cloud configuration settings. Only one of TPP or Cloud may be specified. + type: object + required: + - apiTokenSecretRef + properties: + apiTokenSecretRef: + description: APITokenSecretRef is a secret key selector for the Venafi Cloud API token. + type: object + required: + - name + properties: + key: + description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. + type: string + name: + description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + url: + description: URL is the base URL for Venafi Cloud. Defaults to "https://api.venafi.cloud/v1". + type: string + tpp: + description: TPP specifies Trust Protection Platform configuration settings. Only one of TPP or Cloud may be specified. + type: object + required: + - credentialsRef + - url + properties: + caBundle: + description: CABundle is a PEM encoded TLS certificate to use to verify connections to the TPP instance. If specified, system roots will not be used and the issuing CA for the TPP instance must be verifiable using the provided root. If not specified, the connection will be verified using the cert-manager system root certificates. + type: string + format: byte + credentialsRef: + description: CredentialsRef is a reference to a Secret containing the username and password for the TPP server. The secret must contain two keys, 'username' and 'password'. + type: object + required: + - name + properties: + name: + description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + url: + description: 'URL is the base URL for the vedsdk endpoint of the Venafi TPP instance, for example: "https://tpp.example.com/vedsdk".' + type: string + zone: + description: Zone is the Venafi Policy Zone to use for this issuer. All requests made to the Venafi platform will be restricted by the named zone policy. This field is required. + type: string + status: + description: Status of the ClusterIssuer. This is set and managed automatically. + type: object + properties: + acme: + description: ACME specific status options. This field should only be set if the Issuer is configured to use an ACME server to issue certificates. + type: object + properties: + lastRegisteredEmail: + description: LastRegisteredEmail is the email associated with the latest registered ACME account, in order to track changes made to registered account associated with the Issuer + type: string + uri: + description: URI is the unique account identifier, which can also be used to retrieve account details from the CA + type: string + conditions: + description: List of status conditions to indicate the status of a CertificateRequest. Known condition types are `Ready`. + type: array + items: + description: IssuerCondition contains condition information for an Issuer. + type: object + required: + - status + - type + properties: + lastTransitionTime: + description: LastTransitionTime is the timestamp corresponding to the last status change of this condition. + type: string + format: date-time + message: + description: Message is a human readable description of the details of the last transition, complementing reason. + type: string + observedGeneration: + description: If set, this represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.condition[x].observedGeneration is 9, the condition is out of date with respect to the current state of the Issuer. + type: integer + format: int64 + reason: + description: Reason is a brief machine readable explanation for the condition's last transition. + type: string + status: + description: Status of the condition, one of (`True`, `False`, `Unknown`). + type: string + enum: + - "True" + - "False" + - Unknown + type: + description: Type of the condition, known values are (`Ready`). + type: string + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map + served: true + storage: true +--- +# Source: cert-manager/templates/crd-templates.yaml +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: issuers.cert-manager.io + annotations: + cert-manager.io/inject-ca-from-secret: 'cert-manager/cert-manager-webhook-ca' + labels: + app: 'cert-manager' + app.kubernetes.io/name: 'cert-manager' + app.kubernetes.io/instance: 'cert-manager' + # Generated labels + app.kubernetes.io/version: "v1.8.2" +spec: + group: cert-manager.io + names: + kind: Issuer + listKind: IssuerList + plural: issuers + singular: issuer + categories: + - cert-manager + scope: Namespaced + versions: + - name: v1 + subresources: + status: {} + additionalPrinterColumns: + - jsonPath: .status.conditions[?(@.type=="Ready")].status + name: Ready + type: string + - jsonPath: .status.conditions[?(@.type=="Ready")].message + name: Status + priority: 1 + type: string + - jsonPath: .metadata.creationTimestamp + description: CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC. + name: Age + type: date + schema: + openAPIV3Schema: + description: An Issuer represents a certificate issuing authority which can be referenced as part of `issuerRef` fields. It is scoped to a single namespace and can therefore only be referenced by resources within the same namespace. + type: object + required: + - spec + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: Desired state of the Issuer resource. + type: object + properties: + acme: + description: ACME configures this issuer to communicate with a RFC8555 (ACME) server to obtain signed x509 certificates. + type: object + required: + - privateKeySecretRef + - server + properties: + disableAccountKeyGeneration: + description: Enables or disables generating a new ACME account key. If true, the Issuer resource will *not* request a new account but will expect the account key to be supplied via an existing secret. If false, the cert-manager system will generate a new ACME account key for the Issuer. Defaults to false. + type: boolean + email: + description: Email is the email address to be associated with the ACME account. This field is optional, but it is strongly recommended to be set. It will be used to contact you in case of issues with your account or certificates, including expiry notification emails. This field may be updated after the account is initially registered. + type: string + enableDurationFeature: + description: Enables requesting a Not After date on certificates that matches the duration of the certificate. This is not supported by all ACME servers like Let's Encrypt. If set to true when the ACME server does not support it it will create an error on the Order. Defaults to false. + type: boolean + externalAccountBinding: + description: ExternalAccountBinding is a reference to a CA external account of the ACME server. If set, upon registration cert-manager will attempt to associate the given external account credentials with the registered ACME account. + type: object + required: + - keyID + - keySecretRef + properties: + keyAlgorithm: + description: 'Deprecated: keyAlgorithm field exists for historical compatibility reasons and should not be used. The algorithm is now hardcoded to HS256 in golang/x/crypto/acme.' + type: string + enum: + - HS256 + - HS384 + - HS512 + keyID: + description: keyID is the ID of the CA key that the External Account is bound to. + type: string + keySecretRef: + description: keySecretRef is a Secret Key Selector referencing a data item in a Kubernetes Secret which holds the symmetric MAC key of the External Account Binding. The `key` is the index string that is paired with the key data in the Secret and should not be confused with the key data itself, or indeed with the External Account Binding keyID above. The secret key stored in the Secret **must** be un-padded, base64 URL encoded data. + type: object + required: + - name + properties: + key: + description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. + type: string + name: + description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + preferredChain: + description: 'PreferredChain is the chain to use if the ACME server outputs multiple. PreferredChain is no guarantee that this one gets delivered by the ACME endpoint. For example, for Let''s Encrypt''s DST crosssign you would use: "DST Root CA X3" or "ISRG Root X1" for the newer Let''s Encrypt root CA. This value picks the first certificate bundle in the ACME alternative chains that has a certificate with this value as its issuer''s CN' + type: string + maxLength: 64 + privateKeySecretRef: + description: PrivateKey is the name of a Kubernetes Secret resource that will be used to store the automatically generated ACME account private key. Optionally, a `key` may be specified to select a specific entry within the named Secret resource. If `key` is not specified, a default of `tls.key` will be used. + type: object + required: + - name + properties: + key: + description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. + type: string + name: + description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + server: + description: 'Server is the URL used to access the ACME server''s ''directory'' endpoint. For example, for Let''s Encrypt''s staging endpoint, you would use: "https://acme-staging-v02.api.letsencrypt.org/directory". Only ACME v2 endpoints (i.e. RFC 8555) are supported.' + type: string + skipTLSVerify: + description: Enables or disables validation of the ACME server TLS certificate. If true, requests to the ACME server will not have their TLS certificate validated (i.e. insecure connections will be allowed). Only enable this option in development environments. The cert-manager system installed roots will be used to verify connections to the ACME server if this is false. Defaults to false. + type: boolean + solvers: + description: 'Solvers is a list of challenge solvers that will be used to solve ACME challenges for the matching domains. Solver configurations must be provided in order to obtain certificates from an ACME server. For more information, see: https://cert-manager.io/docs/configuration/acme/' + type: array + items: + description: An ACMEChallengeSolver describes how to solve ACME challenges for the issuer it is part of. A selector may be provided to use different solving strategies for different DNS names. Only one of HTTP01 or DNS01 must be provided. + type: object + properties: + dns01: + description: Configures cert-manager to attempt to complete authorizations by performing the DNS01 challenge flow. + type: object + properties: + acmeDNS: + description: Use the 'ACME DNS' (https://github.com/joohoi/acme-dns) API to manage DNS01 challenge records. + type: object + required: + - accountSecretRef + - host + properties: + accountSecretRef: + description: A reference to a specific 'key' within a Secret resource. In some instances, `key` is a required field. + type: object + required: + - name + properties: + key: + description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. + type: string + name: + description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + host: + type: string + akamai: + description: Use the Akamai DNS zone management API to manage DNS01 challenge records. + type: object + required: + - accessTokenSecretRef + - clientSecretSecretRef + - clientTokenSecretRef + - serviceConsumerDomain + properties: + accessTokenSecretRef: + description: A reference to a specific 'key' within a Secret resource. In some instances, `key` is a required field. + type: object + required: + - name + properties: + key: + description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. + type: string + name: + description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + clientSecretSecretRef: + description: A reference to a specific 'key' within a Secret resource. In some instances, `key` is a required field. + type: object + required: + - name + properties: + key: + description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. + type: string + name: + description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + clientTokenSecretRef: + description: A reference to a specific 'key' within a Secret resource. In some instances, `key` is a required field. + type: object + required: + - name + properties: + key: + description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. + type: string + name: + description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + serviceConsumerDomain: + type: string + azureDNS: + description: Use the Microsoft Azure DNS API to manage DNS01 challenge records. + type: object + required: + - resourceGroupName + - subscriptionID + properties: + clientID: + description: if both this and ClientSecret are left unset MSI will be used + type: string + clientSecretSecretRef: + description: if both this and ClientID are left unset MSI will be used + type: object + required: + - name + properties: + key: + description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. + type: string + name: + description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + environment: + description: name of the Azure environment (default AzurePublicCloud) + type: string + enum: + - AzurePublicCloud + - AzureChinaCloud + - AzureGermanCloud + - AzureUSGovernmentCloud + hostedZoneName: + description: name of the DNS zone that should be used + type: string + managedIdentity: + description: managed identity configuration, can not be used at the same time as clientID, clientSecretSecretRef or tenantID + type: object + properties: + clientID: + description: client ID of the managed identity, can not be used at the same time as resourceID + type: string + resourceID: + description: resource ID of the managed identity, can not be used at the same time as clientID + type: string + resourceGroupName: + description: resource group the DNS zone is located in + type: string + subscriptionID: + description: ID of the Azure subscription + type: string + tenantID: + description: when specifying ClientID and ClientSecret then this field is also needed + type: string + cloudDNS: + description: Use the Google Cloud DNS API to manage DNS01 challenge records. + type: object + required: + - project + properties: + hostedZoneName: + description: HostedZoneName is an optional field that tells cert-manager in which Cloud DNS zone the challenge record has to be created. If left empty cert-manager will automatically choose a zone. + type: string + project: + type: string + serviceAccountSecretRef: + description: A reference to a specific 'key' within a Secret resource. In some instances, `key` is a required field. + type: object + required: + - name + properties: + key: + description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. + type: string + name: + description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + cloudflare: + description: Use the Cloudflare API to manage DNS01 challenge records. + type: object + properties: + apiKeySecretRef: + description: 'API key to use to authenticate with Cloudflare. Note: using an API token to authenticate is now the recommended method as it allows greater control of permissions.' + type: object + required: + - name + properties: + key: + description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. + type: string + name: + description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + apiTokenSecretRef: + description: API token used to authenticate with Cloudflare. + type: object + required: + - name + properties: + key: + description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. + type: string + name: + description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + email: + description: Email of the account, only required when using API key based authentication. + type: string + cnameStrategy: + description: CNAMEStrategy configures how the DNS01 provider should handle CNAME records when found in DNS zones. + type: string + enum: + - None + - Follow + digitalocean: + description: Use the DigitalOcean DNS API to manage DNS01 challenge records. + type: object + required: + - tokenSecretRef + properties: + tokenSecretRef: + description: A reference to a specific 'key' within a Secret resource. In some instances, `key` is a required field. + type: object + required: + - name + properties: + key: + description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. + type: string + name: + description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + rfc2136: + description: Use RFC2136 ("Dynamic Updates in the Domain Name System") (https://datatracker.ietf.org/doc/rfc2136/) to manage DNS01 challenge records. + type: object + required: + - nameserver + properties: + nameserver: + description: The IP address or hostname of an authoritative DNS server supporting RFC2136 in the form host:port. If the host is an IPv6 address it must be enclosed in square brackets (e.g [2001:db8::1]) ; port is optional. This field is required. + type: string + tsigAlgorithm: + description: 'The TSIG Algorithm configured in the DNS supporting RFC2136. Used only when ``tsigSecretSecretRef`` and ``tsigKeyName`` are defined. Supported values are (case-insensitive): ``HMACMD5`` (default), ``HMACSHA1``, ``HMACSHA256`` or ``HMACSHA512``.' + type: string + tsigKeyName: + description: The TSIG Key name configured in the DNS. If ``tsigSecretSecretRef`` is defined, this field is required. + type: string + tsigSecretSecretRef: + description: The name of the secret containing the TSIG value. If ``tsigKeyName`` is defined, this field is required. + type: object + required: + - name + properties: + key: + description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. + type: string + name: + description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + route53: + description: Use the AWS Route53 API to manage DNS01 challenge records. + type: object + required: + - region + properties: + accessKeyID: + description: 'The AccessKeyID is used for authentication. If not set we fall-back to using env vars, shared credentials file or AWS Instance metadata see: https://docs.aws.amazon.com/sdk-for-go/v1/developer-guide/configuring-sdk.html#specifying-credentials' + type: string + hostedZoneID: + description: If set, the provider will manage only this zone in Route53 and will not do an lookup using the route53:ListHostedZonesByName api call. + type: string + region: + description: Always set the region when using AccessKeyID and SecretAccessKey + type: string + role: + description: Role is a Role ARN which the Route53 provider will assume using either the explicit credentials AccessKeyID/SecretAccessKey or the inferred credentials from environment variables, shared credentials file or AWS Instance metadata + type: string + secretAccessKeySecretRef: + description: The SecretAccessKey is used for authentication. If not set we fall-back to using env vars, shared credentials file or AWS Instance metadata https://docs.aws.amazon.com/sdk-for-go/v1/developer-guide/configuring-sdk.html#specifying-credentials + type: object + required: + - name + properties: + key: + description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. + type: string + name: + description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + webhook: + description: Configure an external webhook based DNS01 challenge solver to manage DNS01 challenge records. + type: object + required: + - groupName + - solverName + properties: + config: + description: Additional configuration that should be passed to the webhook apiserver when challenges are processed. This can contain arbitrary JSON data. Secret values should not be specified in this stanza. If secret values are needed (e.g. credentials for a DNS service), you should use a SecretKeySelector to reference a Secret resource. For details on the schema of this field, consult the webhook provider implementation's documentation. + x-kubernetes-preserve-unknown-fields: true + groupName: + description: The API group name that should be used when POSTing ChallengePayload resources to the webhook apiserver. This should be the same as the GroupName specified in the webhook provider implementation. + type: string + solverName: + description: The name of the solver to use, as defined in the webhook provider implementation. This will typically be the name of the provider, e.g. 'cloudflare'. + type: string + http01: + description: Configures cert-manager to attempt to complete authorizations by performing the HTTP01 challenge flow. It is not possible to obtain certificates for wildcard domain names (e.g. `*.example.com`) using the HTTP01 challenge mechanism. + type: object + properties: + gatewayHTTPRoute: + description: The Gateway API is a sig-network community API that models service networking in Kubernetes (https://gateway-api.sigs.k8s.io/). The Gateway solver will create HTTPRoutes with the specified labels in the same namespace as the challenge. This solver is experimental, and fields / behaviour may change in the future. + type: object + properties: + labels: + description: Custom labels that will be applied to HTTPRoutes created by cert-manager while solving HTTP-01 challenges. + type: object + additionalProperties: + type: string + parentRefs: + description: 'When solving an HTTP-01 challenge, cert-manager creates an HTTPRoute. cert-manager needs to know which parentRefs should be used when creating the HTTPRoute. Usually, the parentRef references a Gateway. See: https://gateway-api.sigs.k8s.io/v1alpha2/api-types/httproute/#attaching-to-gateways' + type: array + items: + description: "ParentRef identifies an API object (usually a Gateway) that can be considered a parent of this resource (usually a route). The only kind of parent resource with \"Core\" support is Gateway. This API may be extended in the future to support additional kinds of parent resources, such as HTTPRoute. \n The API object must be valid in the cluster; the Group and Kind must be registered in the cluster for this reference to be valid. \n References to objects with invalid Group and Kind are not valid, and must be rejected by the implementation, with appropriate Conditions set on the containing object." + type: object + required: + - name + properties: + group: + description: "Group is the group of the referent. \n Support: Core" + type: string + default: gateway.networking.k8s.io + maxLength: 253 + pattern: ^$|^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ + kind: + description: "Kind is kind of the referent. \n Support: Core (Gateway) Support: Custom (Other Resources)" + type: string + default: Gateway + maxLength: 63 + minLength: 1 + pattern: ^[a-zA-Z]([-a-zA-Z0-9]*[a-zA-Z0-9])?$ + name: + description: "Name is the name of the referent. \n Support: Core" + type: string + maxLength: 253 + minLength: 1 + namespace: + description: "Namespace is the namespace of the referent. When unspecified (or empty string), this refers to the local namespace of the Route. \n Support: Core" + type: string + maxLength: 63 + minLength: 1 + pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$ + sectionName: + description: "SectionName is the name of a section within the target resource. In the following resources, SectionName is interpreted as the following: \n * Gateway: Listener Name \n Implementations MAY choose to support attaching Routes to other resources. If that is the case, they MUST clearly document how SectionName is interpreted. \n When unspecified (empty string), this will reference the entire resource. For the purpose of status, an attachment is considered successful if at least one section in the parent resource accepts it. For example, Gateway listeners can restrict which Routes can attach to them by Route kind, namespace, or hostname. If 1 of 2 Gateway listeners accept attachment from the referencing Route, the Route MUST be considered successfully attached. If no Gateway listeners accept attachment from this Route, the Route MUST be considered detached from the Gateway. \n Support: Core" + type: string + maxLength: 253 + minLength: 1 + pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ + serviceType: + description: Optional service type for Kubernetes solver service. Supported values are NodePort or ClusterIP. If unset, defaults to NodePort. + type: string + ingress: + description: The ingress based HTTP01 challenge solver will solve challenges by creating or modifying Ingress resources in order to route requests for '/.well-known/acme-challenge/XYZ' to 'challenge solver' pods that are provisioned by cert-manager for each Challenge to be completed. + type: object + properties: + class: + description: The ingress class to use when creating Ingress resources to solve ACME challenges that use this challenge solver. Only one of 'class' or 'name' may be specified. + type: string + ingressTemplate: + description: Optional ingress template used to configure the ACME challenge solver ingress used for HTTP01 challenges. + type: object + properties: + metadata: + description: ObjectMeta overrides for the ingress used to solve HTTP01 challenges. Only the 'labels' and 'annotations' fields may be set. If labels or annotations overlap with in-built values, the values here will override the in-built values. + type: object + properties: + annotations: + description: Annotations that should be added to the created ACME HTTP01 solver ingress. + type: object + additionalProperties: + type: string + labels: + description: Labels that should be added to the created ACME HTTP01 solver ingress. + type: object + additionalProperties: + type: string + name: + description: The name of the ingress resource that should have ACME challenge solving routes inserted into it in order to solve HTTP01 challenges. This is typically used in conjunction with ingress controllers like ingress-gce, which maintains a 1:1 mapping between external IPs and ingress resources. + type: string + podTemplate: + description: Optional pod template used to configure the ACME challenge solver pods used for HTTP01 challenges. + type: object + properties: + metadata: + description: ObjectMeta overrides for the pod used to solve HTTP01 challenges. Only the 'labels' and 'annotations' fields may be set. If labels or annotations overlap with in-built values, the values here will override the in-built values. + type: object + properties: + annotations: + description: Annotations that should be added to the create ACME HTTP01 solver pods. + type: object + additionalProperties: + type: string + labels: + description: Labels that should be added to the created ACME HTTP01 solver pods. + type: object + additionalProperties: + type: string + spec: + description: PodSpec defines overrides for the HTTP01 challenge solver pod. Only the 'priorityClassName', 'nodeSelector', 'affinity', 'serviceAccountName' and 'tolerations' fields are supported currently. All other fields will be ignored. + type: object + properties: + affinity: + description: If specified, the pod's scheduling constraints + type: object + properties: + nodeAffinity: + description: Describes node affinity scheduling rules for the pod. + type: object + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node matches the corresponding matchExpressions; the node(s) with the highest sum are the most preferred. + type: array + items: + description: An empty preferred scheduling term matches all objects with implicit weight 0 (i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op). + type: object + required: + - preference + - weight + properties: + preference: + description: A node selector term, associated with the corresponding weight. + type: object + properties: + matchExpressions: + description: A list of node selector requirements by node's labels. + type: array + items: + description: A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + type: object + required: + - key + - operator + properties: + key: + description: The label key that the selector applies to. + type: string + operator: + description: Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + type: string + values: + description: An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. + type: array + items: + type: string + matchFields: + description: A list of node selector requirements by node's fields. + type: array + items: + description: A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + type: object + required: + - key + - operator + properties: + key: + description: The label key that the selector applies to. + type: string + operator: + description: Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + type: string + values: + description: An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. + type: array + items: + type: string + weight: + description: Weight associated with matching the corresponding nodeSelectorTerm, in the range 1-100. + type: integer + format: int32 + requiredDuringSchedulingIgnoredDuringExecution: + description: If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to an update), the system may or may not try to eventually evict the pod from its node. + type: object + required: + - nodeSelectorTerms + properties: + nodeSelectorTerms: + description: Required. A list of node selector terms. The terms are ORed. + type: array + items: + description: A null or empty node selector term matches no objects. The requirements of them are ANDed. The TopologySelectorTerm type implements a subset of the NodeSelectorTerm. + type: object + properties: + matchExpressions: + description: A list of node selector requirements by node's labels. + type: array + items: + description: A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + type: object + required: + - key + - operator + properties: + key: + description: The label key that the selector applies to. + type: string + operator: + description: Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + type: string + values: + description: An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. + type: array + items: + type: string + matchFields: + description: A list of node selector requirements by node's fields. + type: array + items: + description: A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + type: object + required: + - key + - operator + properties: + key: + description: The label key that the selector applies to. + type: string + operator: + description: Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + type: string + values: + description: An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. + type: array + items: + type: string + podAffinity: + description: Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s)). + type: object + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred. + type: array + items: + description: The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s) + type: object + required: + - podAffinityTerm + - weight + properties: + podAffinityTerm: + description: Required. A pod affinity term, associated with the corresponding weight. + type: object + required: + - topologyKey + properties: + labelSelector: + description: A label query over a set of resources, in this case pods. + type: object + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. The requirements are ANDed. + type: array + items: + description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + type: object + required: + - key + - operator + properties: + key: + description: key is the label key that the selector applies to. + type: string + operator: + description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + type: array + items: + type: string + matchLabels: + description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + additionalProperties: + type: string + namespaceSelector: + description: A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. This field is beta-level and is only honored when PodAffinityNamespaceSelector feature is enabled. + type: object + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. The requirements are ANDed. + type: array + items: + description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + type: object + required: + - key + - operator + properties: + key: + description: key is the label key that the selector applies to. + type: string + operator: + description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + type: array + items: + type: string + matchLabels: + description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + additionalProperties: + type: string + namespaces: + description: namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace" + type: array + items: + type: string + topologyKey: + description: This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. + type: string + weight: + description: weight associated with matching the corresponding podAffinityTerm, in the range 1-100. + type: integer + format: int32 + requiredDuringSchedulingIgnoredDuringExecution: + description: If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied. + type: array + items: + description: Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running + type: object + required: + - topologyKey + properties: + labelSelector: + description: A label query over a set of resources, in this case pods. + type: object + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. The requirements are ANDed. + type: array + items: + description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + type: object + required: + - key + - operator + properties: + key: + description: key is the label key that the selector applies to. + type: string + operator: + description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + type: array + items: + type: string + matchLabels: + description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + additionalProperties: + type: string + namespaceSelector: + description: A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. This field is beta-level and is only honored when PodAffinityNamespaceSelector feature is enabled. + type: object + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. The requirements are ANDed. + type: array + items: + description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + type: object + required: + - key + - operator + properties: + key: + description: key is the label key that the selector applies to. + type: string + operator: + description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + type: array + items: + type: string + matchLabels: + description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + additionalProperties: + type: string + namespaces: + description: namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace" + type: array + items: + type: string + topologyKey: + description: This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. + type: string + podAntiAffinity: + description: Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s)). + type: object + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule pods to nodes that satisfy the anti-affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling anti-affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred. + type: array + items: + description: The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s) + type: object + required: + - podAffinityTerm + - weight + properties: + podAffinityTerm: + description: Required. A pod affinity term, associated with the corresponding weight. + type: object + required: + - topologyKey + properties: + labelSelector: + description: A label query over a set of resources, in this case pods. + type: object + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. The requirements are ANDed. + type: array + items: + description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + type: object + required: + - key + - operator + properties: + key: + description: key is the label key that the selector applies to. + type: string + operator: + description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + type: array + items: + type: string + matchLabels: + description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + additionalProperties: + type: string + namespaceSelector: + description: A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. This field is beta-level and is only honored when PodAffinityNamespaceSelector feature is enabled. + type: object + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. The requirements are ANDed. + type: array + items: + description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + type: object + required: + - key + - operator + properties: + key: + description: key is the label key that the selector applies to. + type: string + operator: + description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + type: array + items: + type: string + matchLabels: + description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + additionalProperties: + type: string + namespaces: + description: namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace" + type: array + items: + type: string + topologyKey: + description: This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. + type: string + weight: + description: weight associated with matching the corresponding podAffinityTerm, in the range 1-100. + type: integer + format: int32 + requiredDuringSchedulingIgnoredDuringExecution: + description: If the anti-affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the anti-affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied. + type: array + items: + description: Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running + type: object + required: + - topologyKey + properties: + labelSelector: + description: A label query over a set of resources, in this case pods. + type: object + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. The requirements are ANDed. + type: array + items: + description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + type: object + required: + - key + - operator + properties: + key: + description: key is the label key that the selector applies to. + type: string + operator: + description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + type: array + items: + type: string + matchLabels: + description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + additionalProperties: + type: string + namespaceSelector: + description: A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. This field is beta-level and is only honored when PodAffinityNamespaceSelector feature is enabled. + type: object + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. The requirements are ANDed. + type: array + items: + description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + type: object + required: + - key + - operator + properties: + key: + description: key is the label key that the selector applies to. + type: string + operator: + description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + type: array + items: + type: string + matchLabels: + description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + additionalProperties: + type: string + namespaces: + description: namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace" + type: array + items: + type: string + topologyKey: + description: This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. + type: string + nodeSelector: + description: 'NodeSelector is a selector which must be true for the pod to fit on a node. Selector which must match a node''s labels for the pod to be scheduled on that node. More info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/' + type: object + additionalProperties: + type: string + priorityClassName: + description: If specified, the pod's priorityClassName. + type: string + serviceAccountName: + description: If specified, the pod's service account + type: string + tolerations: + description: If specified, the pod's tolerations. + type: array + items: + description: The pod this Toleration is attached to tolerates any taint that matches the triple using the matching operator . + type: object + properties: + effect: + description: Effect indicates the taint effect to match. Empty means match all taint effects. When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. + type: string + key: + description: Key is the taint key that the toleration applies to. Empty means match all taint keys. If the key is empty, operator must be Exists; this combination means to match all values and all keys. + type: string + operator: + description: Operator represents a key's relationship to the value. Valid operators are Exists and Equal. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category. + type: string + tolerationSeconds: + description: TolerationSeconds represents the period of time the toleration (which must be of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, it is not set, which means tolerate the taint forever (do not evict). Zero and negative values will be treated as 0 (evict immediately) by the system. + type: integer + format: int64 + value: + description: Value is the taint value the toleration matches to. If the operator is Exists, the value should be empty, otherwise just a regular string. + type: string + serviceType: + description: Optional service type for Kubernetes solver service. Supported values are NodePort or ClusterIP. If unset, defaults to NodePort. + type: string + selector: + description: Selector selects a set of DNSNames on the Certificate resource that should be solved using this challenge solver. If not specified, the solver will be treated as the 'default' solver with the lowest priority, i.e. if any other solver has a more specific match, it will be used instead. + type: object + properties: + dnsNames: + description: List of DNSNames that this solver will be used to solve. If specified and a match is found, a dnsNames selector will take precedence over a dnsZones selector. If multiple solvers match with the same dnsNames value, the solver with the most matching labels in matchLabels will be selected. If neither has more matches, the solver defined earlier in the list will be selected. + type: array + items: + type: string + dnsZones: + description: List of DNSZones that this solver will be used to solve. The most specific DNS zone match specified here will take precedence over other DNS zone matches, so a solver specifying sys.example.com will be selected over one specifying example.com for the domain www.sys.example.com. If multiple solvers match with the same dnsZones value, the solver with the most matching labels in matchLabels will be selected. If neither has more matches, the solver defined earlier in the list will be selected. + type: array + items: + type: string + matchLabels: + description: A label selector that is used to refine the set of certificate's that this challenge solver will apply to. + type: object + additionalProperties: + type: string + ca: + description: CA configures this issuer to sign certificates using a signing CA keypair stored in a Secret resource. This is used to build internal PKIs that are managed by cert-manager. + type: object + required: + - secretName + properties: + crlDistributionPoints: + description: The CRL distribution points is an X.509 v3 certificate extension which identifies the location of the CRL from which the revocation of this certificate can be checked. If not set, certificates will be issued without distribution points set. + type: array + items: + type: string + ocspServers: + description: The OCSP server list is an X.509 v3 extension that defines a list of URLs of OCSP responders. The OCSP responders can be queried for the revocation status of an issued certificate. If not set, the certificate will be issued with no OCSP servers set. For example, an OCSP server URL could be "http://ocsp.int-x3.letsencrypt.org". + type: array + items: + type: string + secretName: + description: SecretName is the name of the secret used to sign Certificates issued by this Issuer. + type: string + selfSigned: + description: SelfSigned configures this issuer to 'self sign' certificates using the private key used to create the CertificateRequest object. + type: object + properties: + crlDistributionPoints: + description: The CRL distribution points is an X.509 v3 certificate extension which identifies the location of the CRL from which the revocation of this certificate can be checked. If not set certificate will be issued without CDP. Values are strings. + type: array + items: + type: string + vault: + description: Vault configures this issuer to sign certificates using a HashiCorp Vault PKI backend. + type: object + required: + - auth + - path + - server + properties: + auth: + description: Auth configures how cert-manager authenticates with the Vault server. + type: object + properties: + appRole: + description: AppRole authenticates with Vault using the App Role auth mechanism, with the role and secret stored in a Kubernetes Secret resource. + type: object + required: + - path + - roleId + - secretRef + properties: + path: + description: 'Path where the App Role authentication backend is mounted in Vault, e.g: "approle"' + type: string + roleId: + description: RoleID configured in the App Role authentication backend when setting up the authentication backend in Vault. + type: string + secretRef: + description: Reference to a key in a Secret that contains the App Role secret used to authenticate with Vault. The `key` field must be specified and denotes which entry within the Secret resource is used as the app role secret. + type: object + required: + - name + properties: + key: + description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. + type: string + name: + description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + kubernetes: + description: Kubernetes authenticates with Vault by passing the ServiceAccount token stored in the named Secret resource to the Vault server. + type: object + required: + - role + - secretRef + properties: + mountPath: + description: The Vault mountPath here is the mount path to use when authenticating with Vault. For example, setting a value to `/v1/auth/foo`, will use the path `/v1/auth/foo/login` to authenticate with Vault. If unspecified, the default value "/v1/auth/kubernetes" will be used. + type: string + role: + description: A required field containing the Vault Role to assume. A Role binds a Kubernetes ServiceAccount with a set of Vault policies. + type: string + secretRef: + description: The required Secret field containing a Kubernetes ServiceAccount JWT used for authenticating with Vault. Use of 'ambient credentials' is not supported. + type: object + required: + - name + properties: + key: + description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. + type: string + name: + description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + tokenSecretRef: + description: TokenSecretRef authenticates with Vault by presenting a token. + type: object + required: + - name + properties: + key: + description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. + type: string + name: + description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + caBundle: + description: PEM-encoded CA bundle (base64-encoded) used to validate Vault server certificate. Only used if the Server URL is using HTTPS protocol. This parameter is ignored for plain HTTP protocol connection. If not set the system root certificates are used to validate the TLS connection. + type: string + format: byte + namespace: + description: 'Name of the vault namespace. Namespaces is a set of features within Vault Enterprise that allows Vault environments to support Secure Multi-tenancy. e.g: "ns1" More about namespaces can be found here https://www.vaultproject.io/docs/enterprise/namespaces' + type: string + path: + description: 'Path is the mount path of the Vault PKI backend''s `sign` endpoint, e.g: "my_pki_mount/sign/my-role-name".' + type: string + server: + description: 'Server is the connection address for the Vault server, e.g: "https://vault.example.com:8200".' + type: string + venafi: + description: Venafi configures this issuer to sign certificates using a Venafi TPP or Venafi Cloud policy zone. + type: object + required: + - zone + properties: + cloud: + description: Cloud specifies the Venafi cloud configuration settings. Only one of TPP or Cloud may be specified. + type: object + required: + - apiTokenSecretRef + properties: + apiTokenSecretRef: + description: APITokenSecretRef is a secret key selector for the Venafi Cloud API token. + type: object + required: + - name + properties: + key: + description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. + type: string + name: + description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + url: + description: URL is the base URL for Venafi Cloud. Defaults to "https://api.venafi.cloud/v1". + type: string + tpp: + description: TPP specifies Trust Protection Platform configuration settings. Only one of TPP or Cloud may be specified. + type: object + required: + - credentialsRef + - url + properties: + caBundle: + description: CABundle is a PEM encoded TLS certificate to use to verify connections to the TPP instance. If specified, system roots will not be used and the issuing CA for the TPP instance must be verifiable using the provided root. If not specified, the connection will be verified using the cert-manager system root certificates. + type: string + format: byte + credentialsRef: + description: CredentialsRef is a reference to a Secret containing the username and password for the TPP server. The secret must contain two keys, 'username' and 'password'. + type: object + required: + - name + properties: + name: + description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + url: + description: 'URL is the base URL for the vedsdk endpoint of the Venafi TPP instance, for example: "https://tpp.example.com/vedsdk".' + type: string + zone: + description: Zone is the Venafi Policy Zone to use for this issuer. All requests made to the Venafi platform will be restricted by the named zone policy. This field is required. + type: string + status: + description: Status of the Issuer. This is set and managed automatically. + type: object + properties: + acme: + description: ACME specific status options. This field should only be set if the Issuer is configured to use an ACME server to issue certificates. + type: object + properties: + lastRegisteredEmail: + description: LastRegisteredEmail is the email associated with the latest registered ACME account, in order to track changes made to registered account associated with the Issuer + type: string + uri: + description: URI is the unique account identifier, which can also be used to retrieve account details from the CA + type: string + conditions: + description: List of status conditions to indicate the status of a CertificateRequest. Known condition types are `Ready`. + type: array + items: + description: IssuerCondition contains condition information for an Issuer. + type: object + required: + - status + - type + properties: + lastTransitionTime: + description: LastTransitionTime is the timestamp corresponding to the last status change of this condition. + type: string + format: date-time + message: + description: Message is a human readable description of the details of the last transition, complementing reason. + type: string + observedGeneration: + description: If set, this represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.condition[x].observedGeneration is 9, the condition is out of date with respect to the current state of the Issuer. + type: integer + format: int64 + reason: + description: Reason is a brief machine readable explanation for the condition's last transition. + type: string + status: + description: Status of the condition, one of (`True`, `False`, `Unknown`). + type: string + enum: + - "True" + - "False" + - Unknown + type: + description: Type of the condition, known values are (`Ready`). + type: string + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map + served: true + storage: true +--- +# Source: cert-manager/templates/crd-templates.yaml +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: orders.acme.cert-manager.io + annotations: + cert-manager.io/inject-ca-from-secret: 'cert-manager/cert-manager-webhook-ca' + labels: + app: 'cert-manager' + app.kubernetes.io/name: 'cert-manager' + app.kubernetes.io/instance: 'cert-manager' + # Generated labels + app.kubernetes.io/version: "v1.8.2" +spec: + group: acme.cert-manager.io + names: + kind: Order + listKind: OrderList + plural: orders + singular: order + categories: + - cert-manager + - cert-manager-acme + scope: Namespaced + versions: + - name: v1 + subresources: + status: {} + additionalPrinterColumns: + - jsonPath: .status.state + name: State + type: string + - jsonPath: .spec.issuerRef.name + name: Issuer + priority: 1 + type: string + - jsonPath: .status.reason + name: Reason + priority: 1 + type: string + - jsonPath: .metadata.creationTimestamp + description: CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC. + name: Age + type: date + schema: + openAPIV3Schema: + description: Order is a type to represent an Order with an ACME server + type: object + required: + - metadata + - spec + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + type: object + required: + - issuerRef + - request + properties: + commonName: + description: CommonName is the common name as specified on the DER encoded CSR. If specified, this value must also be present in `dnsNames` or `ipAddresses`. This field must match the corresponding field on the DER encoded CSR. + type: string + dnsNames: + description: DNSNames is a list of DNS names that should be included as part of the Order validation process. This field must match the corresponding field on the DER encoded CSR. + type: array + items: + type: string + duration: + description: Duration is the duration for the not after date for the requested certificate. this is set on order creation as pe the ACME spec. + type: string + ipAddresses: + description: IPAddresses is a list of IP addresses that should be included as part of the Order validation process. This field must match the corresponding field on the DER encoded CSR. + type: array + items: + type: string + issuerRef: + description: IssuerRef references a properly configured ACME-type Issuer which should be used to create this Order. If the Issuer does not exist, processing will be retried. If the Issuer is not an 'ACME' Issuer, an error will be returned and the Order will be marked as failed. + type: object + required: + - name + properties: + group: + description: Group of the resource being referred to. + type: string + kind: + description: Kind of the resource being referred to. + type: string + name: + description: Name of the resource being referred to. + type: string + request: + description: Certificate signing request bytes in DER encoding. This will be used when finalizing the order. This field must be set on the order. + type: string + format: byte + status: + type: object + properties: + authorizations: + description: Authorizations contains data returned from the ACME server on what authorizations must be completed in order to validate the DNS names specified on the Order. + type: array + items: + description: ACMEAuthorization contains data returned from the ACME server on an authorization that must be completed in order validate a DNS name on an ACME Order resource. + type: object + required: + - url + properties: + challenges: + description: Challenges specifies the challenge types offered by the ACME server. One of these challenge types will be selected when validating the DNS name and an appropriate Challenge resource will be created to perform the ACME challenge process. + type: array + items: + description: Challenge specifies a challenge offered by the ACME server for an Order. An appropriate Challenge resource can be created to perform the ACME challenge process. + type: object + required: + - token + - type + - url + properties: + token: + description: Token is the token that must be presented for this challenge. This is used to compute the 'key' that must also be presented. + type: string + type: + description: Type is the type of challenge being offered, e.g. 'http-01', 'dns-01', 'tls-sni-01', etc. This is the raw value retrieved from the ACME server. Only 'http-01' and 'dns-01' are supported by cert-manager, other values will be ignored. + type: string + url: + description: URL is the URL of this challenge. It can be used to retrieve additional metadata about the Challenge from the ACME server. + type: string + identifier: + description: Identifier is the DNS name to be validated as part of this authorization + type: string + initialState: + description: InitialState is the initial state of the ACME authorization when first fetched from the ACME server. If an Authorization is already 'valid', the Order controller will not create a Challenge resource for the authorization. This will occur when working with an ACME server that enables 'authz reuse' (such as Let's Encrypt's production endpoint). If not set and 'identifier' is set, the state is assumed to be pending and a Challenge will be created. + type: string + enum: + - valid + - ready + - pending + - processing + - invalid + - expired + - errored + url: + description: URL is the URL of the Authorization that must be completed + type: string + wildcard: + description: Wildcard will be true if this authorization is for a wildcard DNS name. If this is true, the identifier will be the *non-wildcard* version of the DNS name. For example, if '*.example.com' is the DNS name being validated, this field will be 'true' and the 'identifier' field will be 'example.com'. + type: boolean + certificate: + description: Certificate is a copy of the PEM encoded certificate for this Order. This field will be populated after the order has been successfully finalized with the ACME server, and the order has transitioned to the 'valid' state. + type: string + format: byte + failureTime: + description: FailureTime stores the time that this order failed. This is used to influence garbage collection and back-off. + type: string + format: date-time + finalizeURL: + description: FinalizeURL of the Order. This is used to obtain certificates for this order once it has been completed. + type: string + reason: + description: Reason optionally provides more information about a why the order is in the current state. + type: string + state: + description: State contains the current state of this Order resource. States 'success' and 'expired' are 'final' + type: string + enum: + - valid + - ready + - pending + - processing + - invalid + - expired + - errored + url: + description: URL of the Order. This will initially be empty when the resource is first created. The Order controller will populate this field when the Order is first processed. This field will be immutable after it is initially set. + type: string + served: true + storage: true +--- +# Source: cert-manager/templates/cainjector-serviceaccount.yaml +apiVersion: v1 +kind: ServiceAccount +automountServiceAccountToken: true +metadata: + name: cert-manager-cainjector + namespace: "cert-manager" + labels: + app: cainjector + app.kubernetes.io/name: cainjector + app.kubernetes.io/instance: cert-manager + app.kubernetes.io/component: "cainjector" + app.kubernetes.io/version: "v1.8.2" +--- +# Source: cert-manager/templates/serviceaccount.yaml +apiVersion: v1 +kind: ServiceAccount +automountServiceAccountToken: true +metadata: + name: cert-manager + namespace: "cert-manager" + labels: + app: cert-manager + app.kubernetes.io/name: cert-manager + app.kubernetes.io/instance: cert-manager + app.kubernetes.io/component: "controller" + app.kubernetes.io/version: "v1.8.2" +--- +# Source: cert-manager/templates/webhook-serviceaccount.yaml +apiVersion: v1 +kind: ServiceAccount +automountServiceAccountToken: true +metadata: + name: cert-manager-webhook + namespace: "cert-manager" + labels: + app: webhook + app.kubernetes.io/name: webhook + app.kubernetes.io/instance: cert-manager + app.kubernetes.io/component: "webhook" + app.kubernetes.io/version: "v1.8.2" +--- +# Source: cert-manager/templates/webhook-config.yaml +apiVersion: v1 +kind: ConfigMap +metadata: + name: cert-manager-webhook + namespace: "cert-manager" + labels: + app: webhook + app.kubernetes.io/name: webhook + app.kubernetes.io/instance: cert-manager + app.kubernetes.io/component: "webhook" +data: +--- +# Source: cert-manager/templates/cainjector-rbac.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: cert-manager-cainjector + labels: + app: cainjector + app.kubernetes.io/name: cainjector + app.kubernetes.io/instance: cert-manager + app.kubernetes.io/component: "cainjector" + app.kubernetes.io/version: "v1.8.2" +rules: + - apiGroups: ["cert-manager.io"] + resources: ["certificates"] + verbs: ["get", "list", "watch"] + - apiGroups: [""] + resources: ["secrets"] + verbs: ["get", "list", "watch"] + - apiGroups: [""] + resources: ["events"] + verbs: ["get", "create", "update", "patch"] + - apiGroups: ["admissionregistration.k8s.io"] + resources: ["validatingwebhookconfigurations", "mutatingwebhookconfigurations"] + verbs: ["get", "list", "watch", "update"] + - apiGroups: ["apiregistration.k8s.io"] + resources: ["apiservices"] + verbs: ["get", "list", "watch", "update"] + - apiGroups: ["apiextensions.k8s.io"] + resources: ["customresourcedefinitions"] + verbs: ["get", "list", "watch", "update"] +--- +# Source: cert-manager/templates/rbac.yaml +# Issuer controller role +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: cert-manager-controller-issuers + labels: + app: cert-manager + app.kubernetes.io/name: cert-manager + app.kubernetes.io/instance: cert-manager + app.kubernetes.io/component: "controller" + app.kubernetes.io/version: "v1.8.2" +rules: + - apiGroups: ["cert-manager.io"] + resources: ["issuers", "issuers/status"] + verbs: ["update", "patch"] + - apiGroups: ["cert-manager.io"] + resources: ["issuers"] + verbs: ["get", "list", "watch"] + - apiGroups: [""] + resources: ["secrets"] + verbs: ["get", "list", "watch", "create", "update", "delete"] + - apiGroups: [""] + resources: ["events"] + verbs: ["create", "patch"] +--- +# Source: cert-manager/templates/rbac.yaml +# ClusterIssuer controller role +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: cert-manager-controller-clusterissuers + labels: + app: cert-manager + app.kubernetes.io/name: cert-manager + app.kubernetes.io/instance: cert-manager + app.kubernetes.io/component: "controller" + app.kubernetes.io/version: "v1.8.2" +rules: + - apiGroups: ["cert-manager.io"] + resources: ["clusterissuers", "clusterissuers/status"] + verbs: ["update", "patch"] + - apiGroups: ["cert-manager.io"] + resources: ["clusterissuers"] + verbs: ["get", "list", "watch"] + - apiGroups: [""] + resources: ["secrets"] + verbs: ["get", "list", "watch", "create", "update", "delete"] + - apiGroups: [""] + resources: ["events"] + verbs: ["create", "patch"] +--- +# Source: cert-manager/templates/rbac.yaml +# Certificates controller role +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: cert-manager-controller-certificates + labels: + app: cert-manager + app.kubernetes.io/name: cert-manager + app.kubernetes.io/instance: cert-manager + app.kubernetes.io/component: "controller" + app.kubernetes.io/version: "v1.8.2" +rules: + - apiGroups: ["cert-manager.io"] + resources: ["certificates", "certificates/status", "certificaterequests", "certificaterequests/status"] + verbs: ["update", "patch"] + - apiGroups: ["cert-manager.io"] + resources: ["certificates", "certificaterequests", "clusterissuers", "issuers"] + verbs: ["get", "list", "watch"] + # We require these rules to support users with the OwnerReferencesPermissionEnforcement + # admission controller enabled: + # https://kubernetes.io/docs/reference/access-authn-authz/admission-controllers/#ownerreferencespermissionenforcement + - apiGroups: ["cert-manager.io"] + resources: ["certificates/finalizers", "certificaterequests/finalizers"] + verbs: ["update"] + - apiGroups: ["acme.cert-manager.io"] + resources: ["orders"] + verbs: ["create", "delete", "get", "list", "watch"] + - apiGroups: [""] + resources: ["secrets"] + verbs: ["get", "list", "watch", "create", "update", "delete", "patch"] + - apiGroups: [""] + resources: ["events"] + verbs: ["create", "patch"] +--- +# Source: cert-manager/templates/rbac.yaml +# Orders controller role +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: cert-manager-controller-orders + labels: + app: cert-manager + app.kubernetes.io/name: cert-manager + app.kubernetes.io/instance: cert-manager + app.kubernetes.io/component: "controller" + app.kubernetes.io/version: "v1.8.2" +rules: + - apiGroups: ["acme.cert-manager.io"] + resources: ["orders", "orders/status"] + verbs: ["update", "patch"] + - apiGroups: ["acme.cert-manager.io"] + resources: ["orders", "challenges"] + verbs: ["get", "list", "watch"] + - apiGroups: ["cert-manager.io"] + resources: ["clusterissuers", "issuers"] + verbs: ["get", "list", "watch"] + - apiGroups: ["acme.cert-manager.io"] + resources: ["challenges"] + verbs: ["create", "delete"] + # We require these rules to support users with the OwnerReferencesPermissionEnforcement + # admission controller enabled: + # https://kubernetes.io/docs/reference/access-authn-authz/admission-controllers/#ownerreferencespermissionenforcement + - apiGroups: ["acme.cert-manager.io"] + resources: ["orders/finalizers"] + verbs: ["update"] + - apiGroups: [""] + resources: ["secrets"] + verbs: ["get", "list", "watch"] + - apiGroups: [""] + resources: ["events"] + verbs: ["create", "patch"] +--- +# Source: cert-manager/templates/rbac.yaml +# Challenges controller role +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: cert-manager-controller-challenges + labels: + app: cert-manager + app.kubernetes.io/name: cert-manager + app.kubernetes.io/instance: cert-manager + app.kubernetes.io/component: "controller" + app.kubernetes.io/version: "v1.8.2" +rules: + # Use to update challenge resource status + - apiGroups: ["acme.cert-manager.io"] + resources: ["challenges", "challenges/status"] + verbs: ["update", "patch"] + # Used to watch challenge resources + - apiGroups: ["acme.cert-manager.io"] + resources: ["challenges"] + verbs: ["get", "list", "watch"] + # Used to watch challenges, issuer and clusterissuer resources + - apiGroups: ["cert-manager.io"] + resources: ["issuers", "clusterissuers"] + verbs: ["get", "list", "watch"] + # Need to be able to retrieve ACME account private key to complete challenges + - apiGroups: [""] + resources: ["secrets"] + verbs: ["get", "list", "watch"] + # Used to create events + - apiGroups: [""] + resources: ["events"] + verbs: ["create", "patch"] + # HTTP01 rules + - apiGroups: [""] + resources: ["pods", "services"] + verbs: ["get", "list", "watch", "create", "delete"] + - apiGroups: ["networking.k8s.io"] + resources: ["ingresses"] + verbs: ["get", "list", "watch", "create", "delete", "update"] + - apiGroups: [ "gateway.networking.k8s.io" ] + resources: [ "httproutes" ] + verbs: ["get", "list", "watch", "create", "delete", "update"] + # We require the ability to specify a custom hostname when we are creating + # new ingress resources. + # See: https://github.com/openshift/origin/blob/21f191775636f9acadb44fa42beeb4f75b255532/pkg/route/apiserver/admission/ingress_admission.go#L84-L148 + - apiGroups: ["route.openshift.io"] + resources: ["routes/custom-host"] + verbs: ["create"] + # We require these rules to support users with the OwnerReferencesPermissionEnforcement + # admission controller enabled: + # https://kubernetes.io/docs/reference/access-authn-authz/admission-controllers/#ownerreferencespermissionenforcement + - apiGroups: ["acme.cert-manager.io"] + resources: ["challenges/finalizers"] + verbs: ["update"] + # DNS01 rules (duplicated above) + - apiGroups: [""] + resources: ["secrets"] + verbs: ["get", "list", "watch"] +--- +# Source: cert-manager/templates/rbac.yaml +# ingress-shim controller role +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: cert-manager-controller-ingress-shim + labels: + app: cert-manager + app.kubernetes.io/name: cert-manager + app.kubernetes.io/instance: cert-manager + app.kubernetes.io/component: "controller" + app.kubernetes.io/version: "v1.8.2" +rules: + - apiGroups: ["cert-manager.io"] + resources: ["certificates", "certificaterequests"] + verbs: ["create", "update", "delete"] + - apiGroups: ["cert-manager.io"] + resources: ["certificates", "certificaterequests", "issuers", "clusterissuers"] + verbs: ["get", "list", "watch"] + - apiGroups: ["networking.k8s.io"] + resources: ["ingresses"] + verbs: ["get", "list", "watch"] + # We require these rules to support users with the OwnerReferencesPermissionEnforcement + # admission controller enabled: + # https://kubernetes.io/docs/reference/access-authn-authz/admission-controllers/#ownerreferencespermissionenforcement + - apiGroups: ["networking.k8s.io"] + resources: ["ingresses/finalizers"] + verbs: ["update"] + - apiGroups: ["gateway.networking.k8s.io"] + resources: ["gateways", "httproutes"] + verbs: ["get", "list", "watch"] + - apiGroups: ["gateway.networking.k8s.io"] + resources: ["gateways/finalizers", "httproutes/finalizers"] + verbs: ["update"] + - apiGroups: [""] + resources: ["events"] + verbs: ["create", "patch"] +--- +# Source: cert-manager/templates/rbac.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: cert-manager-view + labels: + app: cert-manager + app.kubernetes.io/name: cert-manager + app.kubernetes.io/instance: cert-manager + app.kubernetes.io/component: "controller" + app.kubernetes.io/version: "v1.8.2" + rbac.authorization.k8s.io/aggregate-to-view: "true" + rbac.authorization.k8s.io/aggregate-to-edit: "true" + rbac.authorization.k8s.io/aggregate-to-admin: "true" +rules: + - apiGroups: ["cert-manager.io"] + resources: ["certificates", "certificaterequests", "issuers"] + verbs: ["get", "list", "watch"] + - apiGroups: ["acme.cert-manager.io"] + resources: ["challenges", "orders"] + verbs: ["get", "list", "watch"] +--- +# Source: cert-manager/templates/rbac.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: cert-manager-edit + labels: + app: cert-manager + app.kubernetes.io/name: cert-manager + app.kubernetes.io/instance: cert-manager + app.kubernetes.io/component: "controller" + app.kubernetes.io/version: "v1.8.2" + rbac.authorization.k8s.io/aggregate-to-edit: "true" + rbac.authorization.k8s.io/aggregate-to-admin: "true" +rules: + - apiGroups: ["cert-manager.io"] + resources: ["certificates", "certificaterequests", "issuers"] + verbs: ["create", "delete", "deletecollection", "patch", "update"] + - apiGroups: ["cert-manager.io"] + resources: ["certificates/status"] + verbs: ["update"] + - apiGroups: ["acme.cert-manager.io"] + resources: ["challenges", "orders"] + verbs: ["create", "delete", "deletecollection", "patch", "update"] +--- +# Source: cert-manager/templates/rbac.yaml +# Permission to approve CertificateRequests referencing cert-manager.io Issuers and ClusterIssuers +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: cert-manager-controller-approve:cert-manager-io + labels: + app: cert-manager + app.kubernetes.io/name: cert-manager + app.kubernetes.io/instance: cert-manager + app.kubernetes.io/component: "cert-manager" + app.kubernetes.io/version: "v1.8.2" +rules: + - apiGroups: ["cert-manager.io"] + resources: ["signers"] + verbs: ["approve"] + resourceNames: ["issuers.cert-manager.io/*", "clusterissuers.cert-manager.io/*"] +--- +# Source: cert-manager/templates/rbac.yaml +# Permission to: +# - Update and sign CertificatSigningeRequests referencing cert-manager.io Issuers and ClusterIssuers +# - Perform SubjectAccessReviews to test whether users are able to reference Namespaced Issuers +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: cert-manager-controller-certificatesigningrequests + labels: + app: cert-manager + app.kubernetes.io/name: cert-manager + app.kubernetes.io/instance: cert-manager + app.kubernetes.io/component: "cert-manager" + app.kubernetes.io/version: "v1.8.2" +rules: + - apiGroups: ["certificates.k8s.io"] + resources: ["certificatesigningrequests"] + verbs: ["get", "list", "watch", "update"] + - apiGroups: ["certificates.k8s.io"] + resources: ["certificatesigningrequests/status"] + verbs: ["update", "patch"] + - apiGroups: ["certificates.k8s.io"] + resources: ["signers"] + resourceNames: ["issuers.cert-manager.io/*", "clusterissuers.cert-manager.io/*"] + verbs: ["sign"] + - apiGroups: ["authorization.k8s.io"] + resources: ["subjectaccessreviews"] + verbs: ["create"] +--- +# Source: cert-manager/templates/webhook-rbac.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: cert-manager-webhook:subjectaccessreviews + labels: + app: webhook + app.kubernetes.io/name: webhook + app.kubernetes.io/instance: cert-manager + app.kubernetes.io/component: "webhook" + app.kubernetes.io/version: "v1.8.2" +rules: +- apiGroups: ["authorization.k8s.io"] + resources: ["subjectaccessreviews"] + verbs: ["create"] +--- +# Source: cert-manager/templates/cainjector-rbac.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: cert-manager-cainjector + labels: + app: cainjector + app.kubernetes.io/name: cainjector + app.kubernetes.io/instance: cert-manager + app.kubernetes.io/component: "cainjector" + app.kubernetes.io/version: "v1.8.2" +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: cert-manager-cainjector +subjects: + - name: cert-manager-cainjector + namespace: "cert-manager" + kind: ServiceAccount +--- +# Source: cert-manager/templates/rbac.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: cert-manager-controller-issuers + labels: + app: cert-manager + app.kubernetes.io/name: cert-manager + app.kubernetes.io/instance: cert-manager + app.kubernetes.io/component: "controller" + app.kubernetes.io/version: "v1.8.2" +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: cert-manager-controller-issuers +subjects: + - name: cert-manager + namespace: "cert-manager" + kind: ServiceAccount +--- +# Source: cert-manager/templates/rbac.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: cert-manager-controller-clusterissuers + labels: + app: cert-manager + app.kubernetes.io/name: cert-manager + app.kubernetes.io/instance: cert-manager + app.kubernetes.io/component: "controller" + app.kubernetes.io/version: "v1.8.2" +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: cert-manager-controller-clusterissuers +subjects: + - name: cert-manager + namespace: "cert-manager" + kind: ServiceAccount +--- +# Source: cert-manager/templates/rbac.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: cert-manager-controller-certificates + labels: + app: cert-manager + app.kubernetes.io/name: cert-manager + app.kubernetes.io/instance: cert-manager + app.kubernetes.io/component: "controller" + app.kubernetes.io/version: "v1.8.2" +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: cert-manager-controller-certificates +subjects: + - name: cert-manager + namespace: "cert-manager" + kind: ServiceAccount +--- +# Source: cert-manager/templates/rbac.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: cert-manager-controller-orders + labels: + app: cert-manager + app.kubernetes.io/name: cert-manager + app.kubernetes.io/instance: cert-manager + app.kubernetes.io/component: "controller" + app.kubernetes.io/version: "v1.8.2" +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: cert-manager-controller-orders +subjects: + - name: cert-manager + namespace: "cert-manager" + kind: ServiceAccount +--- +# Source: cert-manager/templates/rbac.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: cert-manager-controller-challenges + labels: + app: cert-manager + app.kubernetes.io/name: cert-manager + app.kubernetes.io/instance: cert-manager + app.kubernetes.io/component: "controller" + app.kubernetes.io/version: "v1.8.2" +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: cert-manager-controller-challenges +subjects: + - name: cert-manager + namespace: "cert-manager" + kind: ServiceAccount +--- +# Source: cert-manager/templates/rbac.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: cert-manager-controller-ingress-shim + labels: + app: cert-manager + app.kubernetes.io/name: cert-manager + app.kubernetes.io/instance: cert-manager + app.kubernetes.io/component: "controller" + app.kubernetes.io/version: "v1.8.2" +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: cert-manager-controller-ingress-shim +subjects: + - name: cert-manager + namespace: "cert-manager" + kind: ServiceAccount +--- +# Source: cert-manager/templates/rbac.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: cert-manager-controller-approve:cert-manager-io + labels: + app: cert-manager + app.kubernetes.io/name: cert-manager + app.kubernetes.io/instance: cert-manager + app.kubernetes.io/component: "cert-manager" + app.kubernetes.io/version: "v1.8.2" +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: cert-manager-controller-approve:cert-manager-io +subjects: + - name: cert-manager + namespace: "cert-manager" + kind: ServiceAccount +--- +# Source: cert-manager/templates/rbac.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: cert-manager-controller-certificatesigningrequests + labels: + app: cert-manager + app.kubernetes.io/name: cert-manager + app.kubernetes.io/instance: cert-manager + app.kubernetes.io/component: "cert-manager" + app.kubernetes.io/version: "v1.8.2" +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: cert-manager-controller-certificatesigningrequests +subjects: + - name: cert-manager + namespace: "cert-manager" + kind: ServiceAccount +--- +# Source: cert-manager/templates/webhook-rbac.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: cert-manager-webhook:subjectaccessreviews + labels: + app: webhook + app.kubernetes.io/name: webhook + app.kubernetes.io/instance: cert-manager + app.kubernetes.io/component: "webhook" + app.kubernetes.io/version: "v1.8.2" +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: cert-manager-webhook:subjectaccessreviews +subjects: +- apiGroup: "" + kind: ServiceAccount + name: cert-manager-webhook + namespace: cert-manager +--- +# Source: cert-manager/templates/cainjector-rbac.yaml +# leader election rules +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: cert-manager-cainjector:leaderelection + namespace: kube-system + labels: + app: cainjector + app.kubernetes.io/name: cainjector + app.kubernetes.io/instance: cert-manager + app.kubernetes.io/component: "cainjector" + app.kubernetes.io/version: "v1.8.2" +rules: + # Used for leader election by the controller + # cert-manager-cainjector-leader-election is used by the CertificateBased injector controller + # see cmd/cainjector/start.go#L113 + # cert-manager-cainjector-leader-election-core is used by the SecretBased injector controller + # see cmd/cainjector/start.go#L137 + - apiGroups: ["coordination.k8s.io"] + resources: ["leases"] + resourceNames: ["cert-manager-cainjector-leader-election", "cert-manager-cainjector-leader-election-core"] + verbs: ["get", "update", "patch"] + - apiGroups: ["coordination.k8s.io"] + resources: ["leases"] + verbs: ["create"] +--- +# Source: cert-manager/templates/rbac.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: cert-manager:leaderelection + namespace: kube-system + labels: + app: cert-manager + app.kubernetes.io/name: cert-manager + app.kubernetes.io/instance: cert-manager + app.kubernetes.io/component: "controller" + app.kubernetes.io/version: "v1.8.2" +rules: + - apiGroups: ["coordination.k8s.io"] + resources: ["leases"] + resourceNames: ["cert-manager-controller"] + verbs: ["get", "update", "patch"] + - apiGroups: ["coordination.k8s.io"] + resources: ["leases"] + verbs: ["create"] +--- +# Source: cert-manager/templates/webhook-rbac.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: cert-manager-webhook:dynamic-serving + namespace: "cert-manager" + labels: + app: webhook + app.kubernetes.io/name: webhook + app.kubernetes.io/instance: cert-manager + app.kubernetes.io/component: "webhook" + app.kubernetes.io/version: "v1.8.2" +rules: +- apiGroups: [""] + resources: ["secrets"] + resourceNames: + - 'cert-manager-webhook-ca' + verbs: ["get", "list", "watch", "update"] +# It's not possible to grant CREATE permission on a single resourceName. +- apiGroups: [""] + resources: ["secrets"] + verbs: ["create"] +--- +# Source: cert-manager/templates/cainjector-rbac.yaml +# grant cert-manager permission to manage the leaderelection configmap in the +# leader election namespace +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: cert-manager-cainjector:leaderelection + namespace: kube-system + labels: + app: cainjector + app.kubernetes.io/name: cainjector + app.kubernetes.io/instance: cert-manager + app.kubernetes.io/component: "cainjector" + app.kubernetes.io/version: "v1.8.2" +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: cert-manager-cainjector:leaderelection +subjects: + - kind: ServiceAccount + name: cert-manager-cainjector + namespace: cert-manager +--- +# Source: cert-manager/templates/rbac.yaml +# grant cert-manager permission to manage the leaderelection configmap in the +# leader election namespace +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: cert-manager:leaderelection + namespace: kube-system + labels: + app: cert-manager + app.kubernetes.io/name: cert-manager + app.kubernetes.io/instance: cert-manager + app.kubernetes.io/component: "controller" + app.kubernetes.io/version: "v1.8.2" +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: cert-manager:leaderelection +subjects: + - apiGroup: "" + kind: ServiceAccount + name: cert-manager + namespace: cert-manager +--- +# Source: cert-manager/templates/webhook-rbac.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: cert-manager-webhook:dynamic-serving + namespace: "cert-manager" + labels: + app: webhook + app.kubernetes.io/name: webhook + app.kubernetes.io/instance: cert-manager + app.kubernetes.io/component: "webhook" + app.kubernetes.io/version: "v1.8.2" +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: cert-manager-webhook:dynamic-serving +subjects: +- apiGroup: "" + kind: ServiceAccount + name: cert-manager-webhook + namespace: cert-manager +--- +# Source: cert-manager/templates/service.yaml +apiVersion: v1 +kind: Service +metadata: + name: cert-manager + namespace: "cert-manager" + labels: + app: cert-manager + app.kubernetes.io/name: cert-manager + app.kubernetes.io/instance: cert-manager + app.kubernetes.io/component: "controller" + app.kubernetes.io/version: "v1.8.2" +spec: + type: ClusterIP + ports: + - protocol: TCP + port: 9402 + name: tcp-prometheus-servicemonitor + targetPort: 9402 + selector: + app.kubernetes.io/name: cert-manager + app.kubernetes.io/instance: cert-manager + app.kubernetes.io/component: "controller" +--- +# Source: cert-manager/templates/webhook-service.yaml +apiVersion: v1 +kind: Service +metadata: + name: cert-manager-webhook + namespace: "cert-manager" + labels: + app: webhook + app.kubernetes.io/name: webhook + app.kubernetes.io/instance: cert-manager + app.kubernetes.io/component: "webhook" + app.kubernetes.io/version: "v1.8.2" +spec: + type: ClusterIP + ports: + - name: https + port: 443 + protocol: TCP + targetPort: "https" + selector: + app.kubernetes.io/name: webhook + app.kubernetes.io/instance: cert-manager + app.kubernetes.io/component: "webhook" +--- +# Source: cert-manager/templates/cainjector-deployment.yaml +apiVersion: apps/v1 +kind: Deployment +metadata: + name: cert-manager-cainjector + namespace: "cert-manager" + labels: + app: cainjector + app.kubernetes.io/name: cainjector + app.kubernetes.io/instance: cert-manager + app.kubernetes.io/component: "cainjector" + app.kubernetes.io/version: "v1.8.2" +spec: + replicas: 1 + selector: + matchLabels: + app.kubernetes.io/name: cainjector + app.kubernetes.io/instance: cert-manager + app.kubernetes.io/component: "cainjector" + template: + metadata: + labels: + app: cainjector + app.kubernetes.io/name: cainjector + app.kubernetes.io/instance: cert-manager + app.kubernetes.io/component: "cainjector" + app.kubernetes.io/version: "v1.8.2" + spec: + serviceAccountName: cert-manager-cainjector + securityContext: + runAsNonRoot: true + containers: + - name: cert-manager + image: "quay.io/jetstack/cert-manager-cainjector:v1.8.2" + imagePullPolicy: IfNotPresent + args: + - --v=2 + - --leader-election-namespace=kube-system + env: + - name: POD_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + securityContext: + allowPrivilegeEscalation: false + nodeSelector: + kubernetes.io/os: linux +--- +# Source: cert-manager/templates/deployment.yaml +apiVersion: apps/v1 +kind: Deployment +metadata: + name: cert-manager + namespace: "cert-manager" + labels: + app: cert-manager + app.kubernetes.io/name: cert-manager + app.kubernetes.io/instance: cert-manager + app.kubernetes.io/component: "controller" + app.kubernetes.io/version: "v1.8.2" +spec: + replicas: 1 + selector: + matchLabels: + app.kubernetes.io/name: cert-manager + app.kubernetes.io/instance: cert-manager + app.kubernetes.io/component: "controller" + template: + metadata: + labels: + app: cert-manager + app.kubernetes.io/name: cert-manager + app.kubernetes.io/instance: cert-manager + app.kubernetes.io/component: "controller" + app.kubernetes.io/version: "v1.8.2" + annotations: + prometheus.io/path: "/metrics" + prometheus.io/scrape: 'true' + prometheus.io/port: '9402' + spec: + serviceAccountName: cert-manager + securityContext: + + runAsNonRoot: true + containers: + - name: cert-manager + image: "quay.io/jetstack/cert-manager-controller:v1.8.2" + imagePullPolicy: IfNotPresent + args: + - --v=2 + - --cluster-resource-namespace=$(POD_NAMESPACE) + - --leader-election-namespace=kube-system + ports: + - containerPort: 9402 + name: http-metrics + protocol: TCP + securityContext: + allowPrivilegeEscalation: false + env: + - name: POD_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + nodeSelector: + kubernetes.io/os: linux +--- +# Source: cert-manager/templates/webhook-deployment.yaml +apiVersion: apps/v1 +kind: Deployment +metadata: + name: cert-manager-webhook + namespace: "cert-manager" + labels: + app: webhook + app.kubernetes.io/name: webhook + app.kubernetes.io/instance: cert-manager + app.kubernetes.io/component: "webhook" + app.kubernetes.io/version: "v1.8.2" +spec: + replicas: 1 + selector: + matchLabels: + app.kubernetes.io/name: webhook + app.kubernetes.io/instance: cert-manager + app.kubernetes.io/component: "webhook" + template: + metadata: + labels: + app: webhook + app.kubernetes.io/name: webhook + app.kubernetes.io/instance: cert-manager + app.kubernetes.io/component: "webhook" + app.kubernetes.io/version: "v1.8.2" + spec: + serviceAccountName: cert-manager-webhook + securityContext: + runAsNonRoot: true + containers: + - name: cert-manager + image: "quay.io/jetstack/cert-manager-webhook:v1.8.2" + imagePullPolicy: IfNotPresent + args: + - --v=2 + - --secure-port=10250 + - --dynamic-serving-ca-secret-namespace=$(POD_NAMESPACE) + - --dynamic-serving-ca-secret-name=cert-manager-webhook-ca + - --dynamic-serving-dns-names=cert-manager-webhook,cert-manager-webhook.cert-manager,cert-manager-webhook.cert-manager.svc + ports: + - name: https + protocol: TCP + containerPort: 10250 + livenessProbe: + httpGet: + path: /livez + port: 6080 + scheme: HTTP + initialDelaySeconds: 60 + periodSeconds: 10 + timeoutSeconds: 1 + successThreshold: 1 + failureThreshold: 3 + readinessProbe: + httpGet: + path: /healthz + port: 6080 + scheme: HTTP + initialDelaySeconds: 5 + periodSeconds: 5 + timeoutSeconds: 1 + successThreshold: 1 + failureThreshold: 3 + securityContext: + allowPrivilegeEscalation: false + env: + - name: POD_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + nodeSelector: + kubernetes.io/os: linux +--- +# Source: cert-manager/templates/webhook-mutating-webhook.yaml +apiVersion: admissionregistration.k8s.io/v1 +kind: MutatingWebhookConfiguration +metadata: + name: cert-manager-webhook + labels: + app: webhook + app.kubernetes.io/name: webhook + app.kubernetes.io/instance: cert-manager + app.kubernetes.io/component: "webhook" + app.kubernetes.io/version: "v1.8.2" + annotations: + cert-manager.io/inject-ca-from-secret: "cert-manager/cert-manager-webhook-ca" +webhooks: + - name: webhook.cert-manager.io + rules: + - apiGroups: + - "cert-manager.io" + - "acme.cert-manager.io" + apiVersions: + - "v1" + operations: + - CREATE + - UPDATE + resources: + - "*/*" + admissionReviewVersions: ["v1"] + # This webhook only accepts v1 cert-manager resources. + # Equivalent matchPolicy ensures that non-v1 resource requests are sent to + # this webhook (after the resources have been converted to v1). + matchPolicy: Equivalent + timeoutSeconds: 10 + failurePolicy: Fail + # Only include 'sideEffects' field in Kubernetes 1.12+ + sideEffects: None + clientConfig: + service: + name: cert-manager-webhook + namespace: "cert-manager" + path: /mutate +--- +# Source: cert-manager/templates/webhook-validating-webhook.yaml +apiVersion: admissionregistration.k8s.io/v1 +kind: ValidatingWebhookConfiguration +metadata: + name: cert-manager-webhook + labels: + app: webhook + app.kubernetes.io/name: webhook + app.kubernetes.io/instance: cert-manager + app.kubernetes.io/component: "webhook" + app.kubernetes.io/version: "v1.8.2" + annotations: + cert-manager.io/inject-ca-from-secret: "cert-manager/cert-manager-webhook-ca" +webhooks: + - name: webhook.cert-manager.io + namespaceSelector: + matchExpressions: + - key: "cert-manager.io/disable-validation" + operator: "NotIn" + values: + - "true" + - key: "name" + operator: "NotIn" + values: + - cert-manager + rules: + - apiGroups: + - "cert-manager.io" + - "acme.cert-manager.io" + apiVersions: + - "v1" + operations: + - CREATE + - UPDATE + resources: + - "*/*" + admissionReviewVersions: ["v1"] + # This webhook only accepts v1 cert-manager resources. + # Equivalent matchPolicy ensures that non-v1 resource requests are sent to + # this webhook (after the resources have been converted to v1). + matchPolicy: Equivalent + timeoutSeconds: 10 + failurePolicy: Fail + sideEffects: None + clientConfig: + service: + name: cert-manager-webhook + namespace: "cert-manager" + path: /validate diff --git a/data/actions_actions-runner-controller/actions-runner-controller-config.json b/data/actions_actions-runner-controller/actions-runner-controller-config.json new file mode 100644 index 0000000000..035e5013cc --- /dev/null +++ b/data/actions_actions-runner-controller/actions-runner-controller-config.json @@ -0,0 +1,27 @@ +{ + "deploy": { + "steps": [ + { + "apply": { + "file": "data/arc/actions-runner-controller-cert-manager.yaml", + "namespace": null + } + }, + { + "wait": { + "duration": 10 + } + }, + { + "apply": { + "file": "data/arc/actions-runner-controller.yaml", + "operator": true, + "namespace": "actions-runner-system", + "operator_container_name": "manager" + } + } + ] + }, + "crd_name": "runnerdeployments.actions.summerwind.dev", + "seed_custom_resource": "data/arc/actions-runner-controller-cr.yaml" +} diff --git a/data/actions_actions-runner-controller/actions-runner-controller-cr.yaml b/data/actions_actions-runner-controller/actions-runner-controller-cr.yaml new file mode 100644 index 0000000000..d845b168ec --- /dev/null +++ b/data/actions_actions-runner-controller/actions-runner-controller-cr.yaml @@ -0,0 +1,9 @@ +apiVersion: actions.summerwind.dev/v1alpha1 +kind: RunnerDeployment +metadata: + name: test-cluster +spec: + replicas: 1 + template: + spec: + repository: mumoshu/actions-runner-controller-ci diff --git a/data/actions_actions-runner-controller/actions-runner-controller.yaml b/data/actions_actions-runner-controller/actions-runner-controller.yaml new file mode 100644 index 0000000000..2aab76943f --- /dev/null +++ b/data/actions_actions-runner-controller/actions-runner-controller.yaml @@ -0,0 +1,34079 @@ +apiVersion: v1 +kind: Namespace +metadata: + labels: + control-plane: controller-manager + name: actions-runner-system +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.7.0 + creationTimestamp: null + name: horizontalrunnerautoscalers.actions.summerwind.dev +spec: + group: actions.summerwind.dev + names: + kind: HorizontalRunnerAutoscaler + listKind: HorizontalRunnerAutoscalerList + plural: horizontalrunnerautoscalers + shortNames: + - hra + singular: horizontalrunnerautoscaler + preserveUnknownFields: false + scope: Namespaced + versions: + - additionalPrinterColumns: + - jsonPath: .spec.minReplicas + name: Min + type: number + - jsonPath: .spec.maxReplicas + name: Max + type: number + - jsonPath: .status.desiredReplicas + name: Desired + type: number + - jsonPath: .status.scheduledOverridesSummary + name: Schedule + type: string + name: v1alpha1 + schema: + openAPIV3Schema: + description: HorizontalRunnerAutoscaler is the Schema for the horizontalrunnerautoscaler + API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: HorizontalRunnerAutoscalerSpec defines the desired state + of HorizontalRunnerAutoscaler + properties: + capacityReservations: + items: + description: CapacityReservation specifies the number of replicas + temporarily added to the scale target until ExpirationTime. + properties: + effectiveTime: + format: date-time + type: string + expirationTime: + format: date-time + type: string + name: + type: string + replicas: + type: integer + type: object + type: array + maxReplicas: + description: MaxReplicas is the maximum number of replicas the deployment + is allowed to scale + type: integer + metrics: + description: Metrics is the collection of various metric targets to + calculate desired number of runners + items: + properties: + repositoryNames: + description: RepositoryNames is the list of repository names + to be used for calculating the metric. For example, a repository + name is the REPO part of `github.com/USER/REPO`. + items: + type: string + type: array + scaleDownAdjustment: + description: ScaleDownAdjustment is the number of runners removed + on scale-down. You can only specify either ScaleDownFactor + or ScaleDownAdjustment. + type: integer + scaleDownFactor: + description: ScaleDownFactor is the multiplicative factor applied + to the current number of runners used to determine how many + pods should be removed. + type: string + scaleDownThreshold: + description: ScaleDownThreshold is the percentage of busy runners + less than which will trigger the hpa to scale the runners + down. + type: string + scaleUpAdjustment: + description: ScaleUpAdjustment is the number of runners added + on scale-up. You can only specify either ScaleUpFactor or + ScaleUpAdjustment. + type: integer + scaleUpFactor: + description: ScaleUpFactor is the multiplicative factor applied + to the current number of runners used to determine how many + pods should be added. + type: string + scaleUpThreshold: + description: ScaleUpThreshold is the percentage of busy runners + greater than which will trigger the hpa to scale runners up. + type: string + type: + description: Type is the type of metric to be used for autoscaling. + The only supported Type is TotalNumberOfQueuedAndInProgressWorkflowRuns + type: string + type: object + type: array + minReplicas: + description: MinReplicas is the minimum number of replicas the deployment + is allowed to scale + type: integer + scaleDownDelaySecondsAfterScaleOut: + description: ScaleDownDelaySecondsAfterScaleUp is the approximate + delay for a scale down followed by a scale up Used to prevent flapping + (down->up->down->... loop) + type: integer + scaleTargetRef: + description: ScaleTargetRef sis the reference to scaled resource like + RunnerDeployment + properties: + kind: + description: Kind is the type of resource being referenced + enum: + - RunnerDeployment + - RunnerSet + type: string + name: + description: Name is the name of resource being referenced + type: string + type: object + scaleUpTriggers: + description: "ScaleUpTriggers is an experimental feature to increase + the desired replicas by 1 on each webhook requested received by + the webhookBasedAutoscaler. \n This feature requires you to also + enable and deploy the webhookBasedAutoscaler onto your cluster. + \n Note that the added runners remain until the next sync period + at least, and they may or may not be used by GitHub Actions depending + on the timing. They are intended to be used to gain \"resource slack\" + immediately after you receive a webhook from GitHub, so that you + can loosely expect MinReplicas runners to be always available." + items: + properties: + amount: + type: integer + duration: + type: string + githubEvent: + properties: + checkRun: + description: https://docs.github.com/en/actions/reference/events-that-trigger-workflows#check_run + properties: + names: + description: Names is a list of GitHub Actions glob + patterns. Any check_run event whose name matches one + of patterns in the list can trigger autoscaling. Note + that check_run name seem to equal to the job name + you've defined in your actions workflow yaml file. + So it is very likely that you can utilize this to + trigger depending on the job. + items: + type: string + type: array + repositories: + description: Repositories is a list of GitHub repositories. + Any check_run event whose repository matches one of + repositories in the list can trigger autoscaling. + items: + type: string + type: array + status: + type: string + types: + items: + type: string + type: array + type: object + pullRequest: + description: https://docs.github.com/en/actions/reference/events-that-trigger-workflows#pull_request + properties: + branches: + items: + type: string + type: array + types: + items: + type: string + type: array + type: object + push: + description: PushSpec is the condition for triggering scale-up + on push event Also see https://docs.github.com/en/actions/reference/events-that-trigger-workflows#push + type: object + type: object + type: object + type: array + scheduledOverrides: + description: ScheduledOverrides is the list of ScheduledOverride. + It can be used to override a few fields of HorizontalRunnerAutoscalerSpec + on schedule. The earlier a scheduled override is, the higher it + is prioritized. + items: + description: ScheduledOverride can be used to override a few fields + of HorizontalRunnerAutoscalerSpec on schedule. A schedule can + optionally be recurring, so that the correspoding override happens + every day, week, month, or year. + properties: + endTime: + description: EndTime is the time at which the first override + ends. + format: date-time + type: string + minReplicas: + description: MinReplicas is the number of runners while overriding. + If omitted, it doesn't override minReplicas. + minimum: 0 + nullable: true + type: integer + recurrenceRule: + properties: + frequency: + description: Frequency is the name of a predefined interval + of each recurrence. The valid values are "Daily", "Weekly", + "Monthly", and "Yearly". If empty, the corresponding override + happens only once. + enum: + - Daily + - Weekly + - Monthly + - Yearly + type: string + untilTime: + description: UntilTime is the time of the final recurrence. + If empty, the schedule recurs forever. + format: date-time + type: string + type: object + startTime: + description: StartTime is the time at which the first override + starts. + format: date-time + type: string + required: + - endTime + - startTime + type: object + type: array + type: object + status: + properties: + cacheEntries: + items: + properties: + expirationTime: + format: date-time + type: string + key: + type: string + value: + type: integer + type: object + type: array + desiredReplicas: + description: DesiredReplicas is the total number of desired, non-terminated + and latest pods to be set for the primary RunnerSet This doesn't + include outdated pods while upgrading the deployment and replacing + the runnerset. + type: integer + lastSuccessfulScaleOutTime: + format: date-time + nullable: true + type: string + observedGeneration: + description: ObservedGeneration is the most recent generation observed + for the target. It corresponds to e.g. RunnerDeployment's generation, + which is updated on mutation by the API Server. + format: int64 + type: integer + scheduledOverridesSummary: + description: ScheduledOverridesSummary is the summary of active and + upcoming scheduled overrides to be shown in e.g. a column of a `kubectl + get hra` output for observability. + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.7.0 + creationTimestamp: null + name: runnerdeployments.actions.summerwind.dev +spec: + group: actions.summerwind.dev + names: + kind: RunnerDeployment + listKind: RunnerDeploymentList + plural: runnerdeployments + shortNames: + - rdeploy + singular: runnerdeployment + preserveUnknownFields: false + scope: Namespaced + versions: + - additionalPrinterColumns: + - jsonPath: .spec.replicas + name: Desired + type: number + - jsonPath: .status.replicas + name: Current + type: number + - jsonPath: .status.updatedReplicas + name: Up-To-Date + type: number + - jsonPath: .status.availableReplicas + name: Available + type: number + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1alpha1 + schema: + openAPIV3Schema: + description: RunnerDeployment is the Schema for the runnerdeployments API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: RunnerDeploymentSpec defines the desired state of RunnerDeployment + properties: + effectiveTime: + description: EffectiveTime is the time the upstream controller requested + to sync Replicas. It is usually populated by the webhook-based autoscaler + via HRA. The value is inherited to RunnerRepicaSet(s) and used to + prevent ephemeral runners from unnecessarily recreated. + format: date-time + nullable: true + type: string + replicas: + nullable: true + type: integer + selector: + description: A label selector is a label query over a set of resources. + The result of matchLabels and matchExpressions are ANDed. An empty + label selector matches all objects. A null label selector matches + no objects. + nullable: true + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. + The requirements are ANDed. + items: + description: A label selector requirement is a selector that + contains values, a key, and an operator that relates the key + and values. + properties: + key: + description: key is the label key that the selector applies + to. + type: string + operator: + description: operator represents a key's relationship to + a set of values. Valid operators are In, NotIn, Exists + and DoesNotExist. + type: string + values: + description: values is an array of string values. If the + operator is In or NotIn, the values array must be non-empty. + If the operator is Exists or DoesNotExist, the values + array must be empty. This array is replaced during a strategic + merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} pairs. A single + {key,value} in the matchLabels map is equivalent to an element + of matchExpressions, whose key field is "key", the operator + is "In", and the values array contains only "value". The requirements + are ANDed. + type: object + type: object + template: + properties: + metadata: + properties: + annotations: + additionalProperties: + type: string + type: object + finalizers: + items: + type: string + type: array + labels: + additionalProperties: + type: string + type: object + name: + type: string + namespace: + type: string + type: object + spec: + description: RunnerSpec defines the desired state of Runner + properties: + affinity: + description: Affinity is a group of affinity scheduling rules. + properties: + nodeAffinity: + description: Describes node affinity scheduling rules + for the pod. + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule + pods to nodes that satisfy the affinity expressions + specified by this field, but it may choose a node + that violates one or more of the expressions. The + node that is most preferred is the one with the + greatest sum of weights, i.e. for each node that + meets all of the scheduling requirements (resource + request, requiredDuringScheduling affinity expressions, + etc.), compute a sum by iterating through the elements + of this field and adding "weight" to the sum if + the node matches the corresponding matchExpressions; + the node(s) with the highest sum are the most preferred. + items: + description: An empty preferred scheduling term + matches all objects with implicit weight 0 (i.e. + it's a no-op). A null preferred scheduling term + matches no objects (i.e. is also a no-op). + properties: + preference: + description: A node selector term, associated + with the corresponding weight. + properties: + matchExpressions: + description: A list of node selector requirements + by node's labels. + items: + description: A node selector requirement + is a selector that contains values, + a key, and an operator that relates + the key and values. + properties: + key: + description: The label key that the + selector applies to. + type: string + operator: + description: Represents a key's relationship + to a set of values. Valid operators + are In, NotIn, Exists, DoesNotExist. + Gt, and Lt. + type: string + values: + description: An array of string values. + If the operator is In or NotIn, + the values array must be non-empty. + If the operator is Exists or DoesNotExist, + the values array must be empty. + If the operator is Gt or Lt, the + values array must have a single + element, which will be interpreted + as an integer. This array is replaced + during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchFields: + description: A list of node selector requirements + by node's fields. + items: + description: A node selector requirement + is a selector that contains values, + a key, and an operator that relates + the key and values. + properties: + key: + description: The label key that the + selector applies to. + type: string + operator: + description: Represents a key's relationship + to a set of values. Valid operators + are In, NotIn, Exists, DoesNotExist. + Gt, and Lt. + type: string + values: + description: An array of string values. + If the operator is In or NotIn, + the values array must be non-empty. + If the operator is Exists or DoesNotExist, + the values array must be empty. + If the operator is Gt or Lt, the + values array must have a single + element, which will be interpreted + as an integer. This array is replaced + during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + type: object + weight: + description: Weight associated with matching + the corresponding nodeSelectorTerm, in the + range 1-100. + format: int32 + type: integer + required: + - preference + - weight + type: object + type: array + requiredDuringSchedulingIgnoredDuringExecution: + description: If the affinity requirements specified + by this field are not met at scheduling time, the + pod will not be scheduled onto the node. If the + affinity requirements specified by this field cease + to be met at some point during pod execution (e.g. + due to an update), the system may or may not try + to eventually evict the pod from its node. + properties: + nodeSelectorTerms: + description: Required. A list of node selector + terms. The terms are ORed. + items: + description: A null or empty node selector term + matches no objects. The requirements of them + are ANDed. The TopologySelectorTerm type implements + a subset of the NodeSelectorTerm. + properties: + matchExpressions: + description: A list of node selector requirements + by node's labels. + items: + description: A node selector requirement + is a selector that contains values, + a key, and an operator that relates + the key and values. + properties: + key: + description: The label key that the + selector applies to. + type: string + operator: + description: Represents a key's relationship + to a set of values. Valid operators + are In, NotIn, Exists, DoesNotExist. + Gt, and Lt. + type: string + values: + description: An array of string values. + If the operator is In or NotIn, + the values array must be non-empty. + If the operator is Exists or DoesNotExist, + the values array must be empty. + If the operator is Gt or Lt, the + values array must have a single + element, which will be interpreted + as an integer. This array is replaced + during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchFields: + description: A list of node selector requirements + by node's fields. + items: + description: A node selector requirement + is a selector that contains values, + a key, and an operator that relates + the key and values. + properties: + key: + description: The label key that the + selector applies to. + type: string + operator: + description: Represents a key's relationship + to a set of values. Valid operators + are In, NotIn, Exists, DoesNotExist. + Gt, and Lt. + type: string + values: + description: An array of string values. + If the operator is In or NotIn, + the values array must be non-empty. + If the operator is Exists or DoesNotExist, + the values array must be empty. + If the operator is Gt or Lt, the + values array must have a single + element, which will be interpreted + as an integer. This array is replaced + during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + type: object + type: array + required: + - nodeSelectorTerms + type: object + type: object + podAffinity: + description: Describes pod affinity scheduling rules (e.g. + co-locate this pod in the same node, zone, etc. as some + other pod(s)). + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule + pods to nodes that satisfy the affinity expressions + specified by this field, but it may choose a node + that violates one or more of the expressions. The + node that is most preferred is the one with the + greatest sum of weights, i.e. for each node that + meets all of the scheduling requirements (resource + request, requiredDuringScheduling affinity expressions, + etc.), compute a sum by iterating through the elements + of this field and adding "weight" to the sum if + the node has pods which matches the corresponding + podAffinityTerm; the node(s) with the highest sum + are the most preferred. + items: + description: The weights of all of the matched WeightedPodAffinityTerm + fields are added per-node to find the most preferred + node(s) + properties: + podAffinityTerm: + description: Required. A pod affinity term, + associated with the corresponding weight. + properties: + labelSelector: + description: A label query over a set of + resources, in this case pods. + properties: + matchExpressions: + description: matchExpressions is a list + of label selector requirements. The + requirements are ANDed. + items: + description: A label selector requirement + is a selector that contains values, + a key, and an operator that relates + the key and values. + properties: + key: + description: key is the label + key that the selector applies + to. + type: string + operator: + description: operator represents + a key's relationship to a set + of values. Valid operators are + In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array + of string values. If the operator + is In or NotIn, the values array + must be non-empty. If the operator + is Exists or DoesNotExist, the + values array must be empty. + This array is replaced during + a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of + {key,value} pairs. A single {key,value} + in the matchLabels map is equivalent + to an element of matchExpressions, + whose key field is "key", the operator + is "In", and the values array contains + only "value". The requirements are + ANDed. + type: object + type: object + namespaceSelector: + description: A label query over the set + of namespaces that the term applies to. + The term is applied to the union of the + namespaces selected by this field and + the ones listed in the namespaces field. + null selector and null or empty namespaces + list means "this pod's namespace". An + empty selector ({}) matches all namespaces. + This field is beta-level and is only honored + when PodAffinityNamespaceSelector feature + is enabled. + properties: + matchExpressions: + description: matchExpressions is a list + of label selector requirements. The + requirements are ANDed. + items: + description: A label selector requirement + is a selector that contains values, + a key, and an operator that relates + the key and values. + properties: + key: + description: key is the label + key that the selector applies + to. + type: string + operator: + description: operator represents + a key's relationship to a set + of values. Valid operators are + In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array + of string values. If the operator + is In or NotIn, the values array + must be non-empty. If the operator + is Exists or DoesNotExist, the + values array must be empty. + This array is replaced during + a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of + {key,value} pairs. A single {key,value} + in the matchLabels map is equivalent + to an element of matchExpressions, + whose key field is "key", the operator + is "In", and the values array contains + only "value". The requirements are + ANDed. + type: object + type: object + namespaces: + description: namespaces specifies a static + list of namespace names that the term + applies to. The term is applied to the + union of the namespaces listed in this + field and the ones selected by namespaceSelector. + null or empty namespaces list and null + namespaceSelector means "this pod's namespace" + items: + type: string + type: array + topologyKey: + description: This pod should be co-located + (affinity) or not co-located (anti-affinity) + with the pods matching the labelSelector + in the specified namespaces, where co-located + is defined as running on a node whose + value of the label with key topologyKey + matches that of any node on which any + of the selected pods is running. Empty + topologyKey is not allowed. + type: string + required: + - topologyKey + type: object + weight: + description: weight associated with matching + the corresponding podAffinityTerm, in the + range 1-100. + format: int32 + type: integer + required: + - podAffinityTerm + - weight + type: object + type: array + requiredDuringSchedulingIgnoredDuringExecution: + description: If the affinity requirements specified + by this field are not met at scheduling time, the + pod will not be scheduled onto the node. If the + affinity requirements specified by this field cease + to be met at some point during pod execution (e.g. + due to a pod label update), the system may or may + not try to eventually evict the pod from its node. + When there are multiple elements, the lists of nodes + corresponding to each podAffinityTerm are intersected, + i.e. all terms must be satisfied. + items: + description: Defines a set of pods (namely those + matching the labelSelector relative to the given + namespace(s)) that this pod should be co-located + (affinity) or not co-located (anti-affinity) with, + where co-located is defined as running on a node + whose value of the label with key + matches that of any node on which a pod of the + set of pods is running + properties: + labelSelector: + description: A label query over a set of resources, + in this case pods. + properties: + matchExpressions: + description: matchExpressions is a list + of label selector requirements. The requirements + are ANDed. + items: + description: A label selector requirement + is a selector that contains values, + a key, and an operator that relates + the key and values. + properties: + key: + description: key is the label key + that the selector applies to. + type: string + operator: + description: operator represents a + key's relationship to a set of values. + Valid operators are In, NotIn, Exists + and DoesNotExist. + type: string + values: + description: values is an array of + string values. If the operator is + In or NotIn, the values array must + be non-empty. If the operator is + Exists or DoesNotExist, the values + array must be empty. This array + is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator + is "In", and the values array contains + only "value". The requirements are ANDed. + type: object + type: object + namespaceSelector: + description: A label query over the set of namespaces + that the term applies to. The term is applied + to the union of the namespaces selected by + this field and the ones listed in the namespaces + field. null selector and null or empty namespaces + list means "this pod's namespace". An empty + selector ({}) matches all namespaces. This + field is beta-level and is only honored when + PodAffinityNamespaceSelector feature is enabled. + properties: + matchExpressions: + description: matchExpressions is a list + of label selector requirements. The requirements + are ANDed. + items: + description: A label selector requirement + is a selector that contains values, + a key, and an operator that relates + the key and values. + properties: + key: + description: key is the label key + that the selector applies to. + type: string + operator: + description: operator represents a + key's relationship to a set of values. + Valid operators are In, NotIn, Exists + and DoesNotExist. + type: string + values: + description: values is an array of + string values. If the operator is + In or NotIn, the values array must + be non-empty. If the operator is + Exists or DoesNotExist, the values + array must be empty. This array + is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator + is "In", and the values array contains + only "value". The requirements are ANDed. + type: object + type: object + namespaces: + description: namespaces specifies a static list + of namespace names that the term applies to. + The term is applied to the union of the namespaces + listed in this field and the ones selected + by namespaceSelector. null or empty namespaces + list and null namespaceSelector means "this + pod's namespace" + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) + or not co-located (anti-affinity) with the + pods matching the labelSelector in the specified + namespaces, where co-located is defined as + running on a node whose value of the label + with key topologyKey matches that of any node + on which any of the selected pods is running. + Empty topologyKey is not allowed. + type: string + required: + - topologyKey + type: object + type: array + type: object + podAntiAffinity: + description: Describes pod anti-affinity scheduling rules + (e.g. avoid putting this pod in the same node, zone, + etc. as some other pod(s)). + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule + pods to nodes that satisfy the anti-affinity expressions + specified by this field, but it may choose a node + that violates one or more of the expressions. The + node that is most preferred is the one with the + greatest sum of weights, i.e. for each node that + meets all of the scheduling requirements (resource + request, requiredDuringScheduling anti-affinity + expressions, etc.), compute a sum by iterating through + the elements of this field and adding "weight" to + the sum if the node has pods which matches the corresponding + podAffinityTerm; the node(s) with the highest sum + are the most preferred. + items: + description: The weights of all of the matched WeightedPodAffinityTerm + fields are added per-node to find the most preferred + node(s) + properties: + podAffinityTerm: + description: Required. A pod affinity term, + associated with the corresponding weight. + properties: + labelSelector: + description: A label query over a set of + resources, in this case pods. + properties: + matchExpressions: + description: matchExpressions is a list + of label selector requirements. The + requirements are ANDed. + items: + description: A label selector requirement + is a selector that contains values, + a key, and an operator that relates + the key and values. + properties: + key: + description: key is the label + key that the selector applies + to. + type: string + operator: + description: operator represents + a key's relationship to a set + of values. Valid operators are + In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array + of string values. If the operator + is In or NotIn, the values array + must be non-empty. If the operator + is Exists or DoesNotExist, the + values array must be empty. + This array is replaced during + a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of + {key,value} pairs. A single {key,value} + in the matchLabels map is equivalent + to an element of matchExpressions, + whose key field is "key", the operator + is "In", and the values array contains + only "value". The requirements are + ANDed. + type: object + type: object + namespaceSelector: + description: A label query over the set + of namespaces that the term applies to. + The term is applied to the union of the + namespaces selected by this field and + the ones listed in the namespaces field. + null selector and null or empty namespaces + list means "this pod's namespace". An + empty selector ({}) matches all namespaces. + This field is beta-level and is only honored + when PodAffinityNamespaceSelector feature + is enabled. + properties: + matchExpressions: + description: matchExpressions is a list + of label selector requirements. The + requirements are ANDed. + items: + description: A label selector requirement + is a selector that contains values, + a key, and an operator that relates + the key and values. + properties: + key: + description: key is the label + key that the selector applies + to. + type: string + operator: + description: operator represents + a key's relationship to a set + of values. Valid operators are + In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array + of string values. If the operator + is In or NotIn, the values array + must be non-empty. If the operator + is Exists or DoesNotExist, the + values array must be empty. + This array is replaced during + a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of + {key,value} pairs. A single {key,value} + in the matchLabels map is equivalent + to an element of matchExpressions, + whose key field is "key", the operator + is "In", and the values array contains + only "value". The requirements are + ANDed. + type: object + type: object + namespaces: + description: namespaces specifies a static + list of namespace names that the term + applies to. The term is applied to the + union of the namespaces listed in this + field and the ones selected by namespaceSelector. + null or empty namespaces list and null + namespaceSelector means "this pod's namespace" + items: + type: string + type: array + topologyKey: + description: This pod should be co-located + (affinity) or not co-located (anti-affinity) + with the pods matching the labelSelector + in the specified namespaces, where co-located + is defined as running on a node whose + value of the label with key topologyKey + matches that of any node on which any + of the selected pods is running. Empty + topologyKey is not allowed. + type: string + required: + - topologyKey + type: object + weight: + description: weight associated with matching + the corresponding podAffinityTerm, in the + range 1-100. + format: int32 + type: integer + required: + - podAffinityTerm + - weight + type: object + type: array + requiredDuringSchedulingIgnoredDuringExecution: + description: If the anti-affinity requirements specified + by this field are not met at scheduling time, the + pod will not be scheduled onto the node. If the + anti-affinity requirements specified by this field + cease to be met at some point during pod execution + (e.g. due to a pod label update), the system may + or may not try to eventually evict the pod from + its node. When there are multiple elements, the + lists of nodes corresponding to each podAffinityTerm + are intersected, i.e. all terms must be satisfied. + items: + description: Defines a set of pods (namely those + matching the labelSelector relative to the given + namespace(s)) that this pod should be co-located + (affinity) or not co-located (anti-affinity) with, + where co-located is defined as running on a node + whose value of the label with key + matches that of any node on which a pod of the + set of pods is running + properties: + labelSelector: + description: A label query over a set of resources, + in this case pods. + properties: + matchExpressions: + description: matchExpressions is a list + of label selector requirements. The requirements + are ANDed. + items: + description: A label selector requirement + is a selector that contains values, + a key, and an operator that relates + the key and values. + properties: + key: + description: key is the label key + that the selector applies to. + type: string + operator: + description: operator represents a + key's relationship to a set of values. + Valid operators are In, NotIn, Exists + and DoesNotExist. + type: string + values: + description: values is an array of + string values. If the operator is + In or NotIn, the values array must + be non-empty. If the operator is + Exists or DoesNotExist, the values + array must be empty. This array + is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator + is "In", and the values array contains + only "value". The requirements are ANDed. + type: object + type: object + namespaceSelector: + description: A label query over the set of namespaces + that the term applies to. The term is applied + to the union of the namespaces selected by + this field and the ones listed in the namespaces + field. null selector and null or empty namespaces + list means "this pod's namespace". An empty + selector ({}) matches all namespaces. This + field is beta-level and is only honored when + PodAffinityNamespaceSelector feature is enabled. + properties: + matchExpressions: + description: matchExpressions is a list + of label selector requirements. The requirements + are ANDed. + items: + description: A label selector requirement + is a selector that contains values, + a key, and an operator that relates + the key and values. + properties: + key: + description: key is the label key + that the selector applies to. + type: string + operator: + description: operator represents a + key's relationship to a set of values. + Valid operators are In, NotIn, Exists + and DoesNotExist. + type: string + values: + description: values is an array of + string values. If the operator is + In or NotIn, the values array must + be non-empty. If the operator is + Exists or DoesNotExist, the values + array must be empty. This array + is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator + is "In", and the values array contains + only "value". The requirements are ANDed. + type: object + type: object + namespaces: + description: namespaces specifies a static list + of namespace names that the term applies to. + The term is applied to the union of the namespaces + listed in this field and the ones selected + by namespaceSelector. null or empty namespaces + list and null namespaceSelector means "this + pod's namespace" + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) + or not co-located (anti-affinity) with the + pods matching the labelSelector in the specified + namespaces, where co-located is defined as + running on a node whose value of the label + with key topologyKey matches that of any node + on which any of the selected pods is running. + Empty topologyKey is not allowed. + type: string + required: + - topologyKey + type: object + type: array + type: object + type: object + automountServiceAccountToken: + type: boolean + containers: + items: + description: A single application container that you want + to run within a pod. + properties: + args: + description: 'Arguments to the entrypoint. The docker + image''s CMD is used if this is not provided. Variable + references $(VAR_NAME) are expanded using the container''s + environment. If a variable cannot be resolved, the + reference in the input string will be unchanged. Double + $$ are reduced to a single $, which allows for escaping + the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce + the string literal "$(VAR_NAME)". Escaped references + will never be expanded, regardless of whether the + variable exists or not. Cannot be updated. More info: + https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' + items: + type: string + type: array + command: + description: 'Entrypoint array. Not executed within + a shell. The docker image''s ENTRYPOINT is used if + this is not provided. Variable references $(VAR_NAME) + are expanded using the container''s environment. If + a variable cannot be resolved, the reference in the + input string will be unchanged. Double $$ are reduced + to a single $, which allows for escaping the $(VAR_NAME) + syntax: i.e. "$$(VAR_NAME)" will produce the string + literal "$(VAR_NAME)". Escaped references will never + be expanded, regardless of whether the variable exists + or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' + items: + type: string + type: array + env: + description: List of environment variables to set in + the container. Cannot be updated. + items: + description: EnvVar represents an environment variable + present in a Container. + properties: + name: + description: Name of the environment variable. + Must be a C_IDENTIFIER. + type: string + value: + description: 'Variable references $(VAR_NAME) + are expanded using the previously defined environment + variables in the container and any service environment + variables. If a variable cannot be resolved, + the reference in the input string will be unchanged. + Double $$ are reduced to a single $, which allows + for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" + will produce the string literal "$(VAR_NAME)". + Escaped references will never be expanded, regardless + of whether the variable exists or not. Defaults + to "".' + type: string + valueFrom: + description: Source for the environment variable's + value. Cannot be used if value is not empty. + properties: + configMapKeyRef: + description: Selects a key of a ConfigMap. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the ConfigMap + or its key must be defined + type: boolean + required: + - key + type: object + fieldRef: + description: 'Selects a field of the pod: + supports metadata.name, metadata.namespace, + `metadata.labels['''']`, `metadata.annotations['''']`, + spec.nodeName, spec.serviceAccountName, + status.hostIP, status.podIP, status.podIPs.' + properties: + apiVersion: + description: Version of the schema the + FieldPath is written in terms of, defaults + to "v1". + type: string + fieldPath: + description: Path of the field to select + in the specified API version. + type: string + required: + - fieldPath + type: object + resourceFieldRef: + description: 'Selects a resource of the container: + only resources limits and requests (limits.cpu, + limits.memory, limits.ephemeral-storage, + requests.cpu, requests.memory and requests.ephemeral-storage) + are currently supported.' + properties: + containerName: + description: 'Container name: required + for volumes, optional for env vars' + type: string + divisor: + anyOf: + - type: integer + - type: string + description: Specifies the output format + of the exposed resources, defaults to + "1" + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + description: 'Required: resource to select' + type: string + required: + - resource + type: object + secretKeyRef: + description: Selects a key of a secret in + the pod's namespace + properties: + key: + description: The key of the secret to + select from. Must be a valid secret + key. + type: string + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + required: + - key + type: object + type: object + required: + - name + type: object + type: array + envFrom: + description: List of sources to populate environment + variables in the container. The keys defined within + a source must be a C_IDENTIFIER. All invalid keys + will be reported as an event when the container is + starting. When a key exists in multiple sources, the + value associated with the last source will take precedence. + Values defined by an Env with a duplicate key will + take precedence. Cannot be updated. + items: + description: EnvFromSource represents the source of + a set of ConfigMaps + properties: + configMapRef: + description: The ConfigMap to select from + properties: + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the ConfigMap + must be defined + type: boolean + type: object + prefix: + description: An optional identifier to prepend + to each key in the ConfigMap. Must be a C_IDENTIFIER. + type: string + secretRef: + description: The Secret to select from + properties: + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret must + be defined + type: boolean + type: object + type: object + type: array + image: + description: 'Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images + This field is optional to allow higher level config + management to default or override container images + in workload controllers like Deployments and StatefulSets.' + type: string + imagePullPolicy: + description: 'Image pull policy. One of Always, Never, + IfNotPresent. Defaults to Always if :latest tag is + specified, or IfNotPresent otherwise. Cannot be updated. + More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' + type: string + lifecycle: + description: Actions that the management system should + take in response to container lifecycle events. Cannot + be updated. + properties: + postStart: + description: 'PostStart is called immediately after + a container is created. If the handler fails, + the container is terminated and restarted according + to its restart policy. Other management of the + container blocks until the hook completes. More + info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' + properties: + exec: + description: Exec specifies the action to take. + properties: + command: + description: Command is the command line + to execute inside the container, the working + directory for the command is root ('/') + in the container's filesystem. The command + is simply exec'd, it is not run inside + a shell, so traditional shell instructions + ('|', etc) won't work. To use a shell, + you need to explicitly call out to that + shell. Exit status of 0 is treated as + live/healthy and non-zero is unhealthy. + items: + type: string + type: array + type: object + httpGet: + description: HTTPGet specifies the http request + to perform. + properties: + host: + description: Host name to connect to, defaults + to the pod IP. You probably want to set + "Host" in httpHeaders instead. + type: string + httpHeaders: + description: Custom headers to set in the + request. HTTP allows repeated headers. + items: + description: HTTPHeader describes a custom + header to be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP + server. + type: string + port: + anyOf: + - type: integer + - type: string + description: Name or number of the port + to access on the container. Number must + be in the range 1 to 65535. Name must + be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: Scheme to use for connecting + to the host. Defaults to HTTP. + type: string + required: + - port + type: object + tcpSocket: + description: Deprecated. TCPSocket is NOT supported + as a LifecycleHandler and kept for the backward + compatibility. There are no validation of + this field and lifecycle hooks will fail in + runtime when tcp handler is specified. + properties: + host: + description: 'Optional: Host name to connect + to, defaults to the pod IP.' + type: string + port: + anyOf: + - type: integer + - type: string + description: Number or name of the port + to access on the container. Number must + be in the range 1 to 65535. Name must + be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + type: object + preStop: + description: 'PreStop is called immediately before + a container is terminated due to an API request + or management event such as liveness/startup probe + failure, preemption, resource contention, etc. + The handler is not called if the container crashes + or exits. The Pod''s termination grace period + countdown begins before the PreStop hook is executed. + Regardless of the outcome of the handler, the + container will eventually terminate within the + Pod''s termination grace period (unless delayed + by finalizers). Other management of the container + blocks until the hook completes or until the termination + grace period is reached. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' + properties: + exec: + description: Exec specifies the action to take. + properties: + command: + description: Command is the command line + to execute inside the container, the working + directory for the command is root ('/') + in the container's filesystem. The command + is simply exec'd, it is not run inside + a shell, so traditional shell instructions + ('|', etc) won't work. To use a shell, + you need to explicitly call out to that + shell. Exit status of 0 is treated as + live/healthy and non-zero is unhealthy. + items: + type: string + type: array + type: object + httpGet: + description: HTTPGet specifies the http request + to perform. + properties: + host: + description: Host name to connect to, defaults + to the pod IP. You probably want to set + "Host" in httpHeaders instead. + type: string + httpHeaders: + description: Custom headers to set in the + request. HTTP allows repeated headers. + items: + description: HTTPHeader describes a custom + header to be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP + server. + type: string + port: + anyOf: + - type: integer + - type: string + description: Name or number of the port + to access on the container. Number must + be in the range 1 to 65535. Name must + be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: Scheme to use for connecting + to the host. Defaults to HTTP. + type: string + required: + - port + type: object + tcpSocket: + description: Deprecated. TCPSocket is NOT supported + as a LifecycleHandler and kept for the backward + compatibility. There are no validation of + this field and lifecycle hooks will fail in + runtime when tcp handler is specified. + properties: + host: + description: 'Optional: Host name to connect + to, defaults to the pod IP.' + type: string + port: + anyOf: + - type: integer + - type: string + description: Number or name of the port + to access on the container. Number must + be in the range 1 to 65535. Name must + be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + type: object + type: object + livenessProbe: + description: 'Periodic probe of container liveness. + Container will be restarted if the probe fails. Cannot + be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + properties: + exec: + description: Exec specifies the action to take. + properties: + command: + description: Command is the command line to + execute inside the container, the working + directory for the command is root ('/') in + the container's filesystem. The command is + simply exec'd, it is not run inside a shell, + so traditional shell instructions ('|', etc) + won't work. To use a shell, you need to explicitly + call out to that shell. Exit status of 0 is + treated as live/healthy and non-zero is unhealthy. + items: + type: string + type: array + type: object + failureThreshold: + description: Minimum consecutive failures for the + probe to be considered failed after having succeeded. + Defaults to 3. Minimum value is 1. + format: int32 + type: integer + grpc: + description: GRPC specifies an action involving + a GRPC port. This is an alpha field and requires + enabling GRPCContainerProbe feature gate. + properties: + port: + description: Port number of the gRPC service. + Number must be in the range 1 to 65535. + format: int32 + type: integer + service: + description: "Service is the name of the service + to place in the gRPC HealthCheckRequest (see + https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + \n If this is not specified, the default behavior + is defined by gRPC." + type: string + required: + - port + type: object + httpGet: + description: HTTPGet specifies the http request + to perform. + properties: + host: + description: Host name to connect to, defaults + to the pod IP. You probably want to set "Host" + in httpHeaders instead. + type: string + httpHeaders: + description: Custom headers to set in the request. + HTTP allows repeated headers. + items: + description: HTTPHeader describes a custom + header to be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: integer + - type: string + description: Name or number of the port to access + on the container. Number must be in the range + 1 to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: Scheme to use for connecting to + the host. Defaults to HTTP. + type: string + required: + - port + type: object + initialDelaySeconds: + description: 'Number of seconds after the container + has started before liveness probes are initiated. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + periodSeconds: + description: How often (in seconds) to perform the + probe. Default to 10 seconds. Minimum value is + 1. + format: int32 + type: integer + successThreshold: + description: Minimum consecutive successes for the + probe to be considered successful after having + failed. Defaults to 1. Must be 1 for liveness + and startup. Minimum value is 1. + format: int32 + type: integer + tcpSocket: + description: TCPSocket specifies an action involving + a TCP port. + properties: + host: + description: 'Optional: Host name to connect + to, defaults to the pod IP.' + type: string + port: + anyOf: + - type: integer + - type: string + description: Number or name of the port to access + on the container. Number must be in the range + 1 to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + terminationGracePeriodSeconds: + description: Optional duration in seconds the pod + needs to terminate gracefully upon probe failure. + The grace period is the duration in seconds after + the processes running in the pod are sent a termination + signal and the time when the processes are forcibly + halted with a kill signal. Set this value longer + than the expected cleanup time for your process. + If this value is nil, the pod's terminationGracePeriodSeconds + will be used. Otherwise, this value overrides + the value provided by the pod spec. Value must + be non-negative integer. The value zero indicates + stop immediately via the kill signal (no opportunity + to shut down). This is a beta field and requires + enabling ProbeTerminationGracePeriod feature gate. + Minimum value is 1. spec.terminationGracePeriodSeconds + is used if unset. + format: int64 + type: integer + timeoutSeconds: + description: 'Number of seconds after which the + probe times out. Defaults to 1 second. Minimum + value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + type: object + name: + description: Name of the container specified as a DNS_LABEL. + Each container in a pod must have a unique name (DNS_LABEL). + Cannot be updated. + type: string + ports: + description: List of ports to expose from the container. + Exposing a port here gives the system additional information + about the network connections a container uses, but + is primarily informational. Not specifying a port + here DOES NOT prevent that port from being exposed. + Any port which is listening on the default "0.0.0.0" + address inside a container will be accessible from + the network. Cannot be updated. + items: + description: ContainerPort represents a network port + in a single container. + properties: + containerPort: + description: Number of port to expose on the pod's + IP address. This must be a valid port number, + 0 < x < 65536. + format: int32 + type: integer + hostIP: + description: What host IP to bind the external + port to. + type: string + hostPort: + description: Number of port to expose on the host. + If specified, this must be a valid port number, + 0 < x < 65536. If HostNetwork is specified, + this must match ContainerPort. Most containers + do not need this. + format: int32 + type: integer + name: + description: If specified, this must be an IANA_SVC_NAME + and unique within the pod. Each named port in + a pod must have a unique name. Name for the + port that can be referred to by services. + type: string + protocol: + default: TCP + description: Protocol for port. Must be UDP, TCP, + or SCTP. Defaults to "TCP". + type: string + required: + - containerPort + type: object + type: array + x-kubernetes-list-map-keys: + - containerPort + - protocol + x-kubernetes-list-type: map + readinessProbe: + description: 'Periodic probe of container service readiness. + Container will be removed from service endpoints if + the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + properties: + exec: + description: Exec specifies the action to take. + properties: + command: + description: Command is the command line to + execute inside the container, the working + directory for the command is root ('/') in + the container's filesystem. The command is + simply exec'd, it is not run inside a shell, + so traditional shell instructions ('|', etc) + won't work. To use a shell, you need to explicitly + call out to that shell. Exit status of 0 is + treated as live/healthy and non-zero is unhealthy. + items: + type: string + type: array + type: object + failureThreshold: + description: Minimum consecutive failures for the + probe to be considered failed after having succeeded. + Defaults to 3. Minimum value is 1. + format: int32 + type: integer + grpc: + description: GRPC specifies an action involving + a GRPC port. This is an alpha field and requires + enabling GRPCContainerProbe feature gate. + properties: + port: + description: Port number of the gRPC service. + Number must be in the range 1 to 65535. + format: int32 + type: integer + service: + description: "Service is the name of the service + to place in the gRPC HealthCheckRequest (see + https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + \n If this is not specified, the default behavior + is defined by gRPC." + type: string + required: + - port + type: object + httpGet: + description: HTTPGet specifies the http request + to perform. + properties: + host: + description: Host name to connect to, defaults + to the pod IP. You probably want to set "Host" + in httpHeaders instead. + type: string + httpHeaders: + description: Custom headers to set in the request. + HTTP allows repeated headers. + items: + description: HTTPHeader describes a custom + header to be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: integer + - type: string + description: Name or number of the port to access + on the container. Number must be in the range + 1 to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: Scheme to use for connecting to + the host. Defaults to HTTP. + type: string + required: + - port + type: object + initialDelaySeconds: + description: 'Number of seconds after the container + has started before liveness probes are initiated. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + periodSeconds: + description: How often (in seconds) to perform the + probe. Default to 10 seconds. Minimum value is + 1. + format: int32 + type: integer + successThreshold: + description: Minimum consecutive successes for the + probe to be considered successful after having + failed. Defaults to 1. Must be 1 for liveness + and startup. Minimum value is 1. + format: int32 + type: integer + tcpSocket: + description: TCPSocket specifies an action involving + a TCP port. + properties: + host: + description: 'Optional: Host name to connect + to, defaults to the pod IP.' + type: string + port: + anyOf: + - type: integer + - type: string + description: Number or name of the port to access + on the container. Number must be in the range + 1 to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + terminationGracePeriodSeconds: + description: Optional duration in seconds the pod + needs to terminate gracefully upon probe failure. + The grace period is the duration in seconds after + the processes running in the pod are sent a termination + signal and the time when the processes are forcibly + halted with a kill signal. Set this value longer + than the expected cleanup time for your process. + If this value is nil, the pod's terminationGracePeriodSeconds + will be used. Otherwise, this value overrides + the value provided by the pod spec. Value must + be non-negative integer. The value zero indicates + stop immediately via the kill signal (no opportunity + to shut down). This is a beta field and requires + enabling ProbeTerminationGracePeriod feature gate. + Minimum value is 1. spec.terminationGracePeriodSeconds + is used if unset. + format: int64 + type: integer + timeoutSeconds: + description: 'Number of seconds after which the + probe times out. Defaults to 1 second. Minimum + value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + type: object + resources: + description: 'Compute Resources required by this container. + Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + properties: + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum amount + of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum amount + of compute resources required. If Requests is + omitted for a container, it defaults to Limits + if that is explicitly specified, otherwise to + an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + type: object + securityContext: + description: 'SecurityContext defines the security options + the container should be run with. If set, the fields + of SecurityContext override the equivalent fields + of PodSecurityContext. More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/' + properties: + allowPrivilegeEscalation: + description: 'AllowPrivilegeEscalation controls + whether a process can gain more privileges than + its parent process. This bool directly controls + if the no_new_privs flag will be set on the container + process. AllowPrivilegeEscalation is true always + when the container is: 1) run as Privileged 2) + has CAP_SYS_ADMIN Note that this field cannot + be set when spec.os.name is windows.' + type: boolean + capabilities: + description: The capabilities to add/drop when running + containers. Defaults to the default set of capabilities + granted by the container runtime. Note that this + field cannot be set when spec.os.name is windows. + properties: + add: + description: Added capabilities + items: + description: Capability represent POSIX capabilities + type + type: string + type: array + drop: + description: Removed capabilities + items: + description: Capability represent POSIX capabilities + type + type: string + type: array + type: object + privileged: + description: Run container in privileged mode. Processes + in privileged containers are essentially equivalent + to root on the host. Defaults to false. Note that + this field cannot be set when spec.os.name is + windows. + type: boolean + procMount: + description: procMount denotes the type of proc + mount to use for the containers. The default is + DefaultProcMount which uses the container runtime + defaults for readonly paths and masked paths. + This requires the ProcMountType feature flag to + be enabled. Note that this field cannot be set + when spec.os.name is windows. + type: string + readOnlyRootFilesystem: + description: Whether this container has a read-only + root filesystem. Default is false. Note that this + field cannot be set when spec.os.name is windows. + type: boolean + runAsGroup: + description: The GID to run the entrypoint of the + container process. Uses runtime default if unset. + May also be set in PodSecurityContext. If set + in both SecurityContext and PodSecurityContext, + the value specified in SecurityContext takes precedence. + Note that this field cannot be set when spec.os.name + is windows. + format: int64 + type: integer + runAsNonRoot: + description: Indicates that the container must run + as a non-root user. If true, the Kubelet will + validate the image at runtime to ensure that it + does not run as UID 0 (root) and fail to start + the container if it does. If unset or false, no + such validation will be performed. May also be + set in PodSecurityContext. If set in both SecurityContext + and PodSecurityContext, the value specified in + SecurityContext takes precedence. + type: boolean + runAsUser: + description: The UID to run the entrypoint of the + container process. Defaults to user specified + in image metadata if unspecified. May also be + set in PodSecurityContext. If set in both SecurityContext + and PodSecurityContext, the value specified in + SecurityContext takes precedence. Note that this + field cannot be set when spec.os.name is windows. + format: int64 + type: integer + seLinuxOptions: + description: The SELinux context to be applied to + the container. If unspecified, the container runtime + will allocate a random SELinux context for each + container. May also be set in PodSecurityContext. If + set in both SecurityContext and PodSecurityContext, + the value specified in SecurityContext takes precedence. + Note that this field cannot be set when spec.os.name + is windows. + properties: + level: + description: Level is SELinux level label that + applies to the container. + type: string + role: + description: Role is a SELinux role label that + applies to the container. + type: string + type: + description: Type is a SELinux type label that + applies to the container. + type: string + user: + description: User is a SELinux user label that + applies to the container. + type: string + type: object + seccompProfile: + description: The seccomp options to use by this + container. If seccomp options are provided at + both the pod & container level, the container + options override the pod options. Note that this + field cannot be set when spec.os.name is windows. + properties: + localhostProfile: + description: localhostProfile indicates a profile + defined in a file on the node should be used. + The profile must be preconfigured on the node + to work. Must be a descending path, relative + to the kubelet's configured seccomp profile + location. Must only be set if type is "Localhost". + type: string + type: + description: "type indicates which kind of seccomp + profile will be applied. Valid options are: + \n Localhost - a profile defined in a file + on the node should be used. RuntimeDefault + - the container runtime default profile should + be used. Unconfined - no profile should be + applied." + type: string + required: + - type + type: object + windowsOptions: + description: The Windows specific settings applied + to all containers. If unspecified, the options + from the PodSecurityContext will be used. If set + in both SecurityContext and PodSecurityContext, + the value specified in SecurityContext takes precedence. + Note that this field cannot be set when spec.os.name + is linux. + properties: + gmsaCredentialSpec: + description: GMSACredentialSpec is where the + GMSA admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) + inlines the contents of the GMSA credential + spec named by the GMSACredentialSpecName field. + type: string + gmsaCredentialSpecName: + description: GMSACredentialSpecName is the name + of the GMSA credential spec to use. + type: string + hostProcess: + description: HostProcess determines if a container + should be run as a 'Host Process' container. + This field is alpha-level and will only be + honored by components that enable the WindowsHostProcessContainers + feature flag. Setting this field without the + feature flag will result in errors when validating + the Pod. All of a Pod's containers must have + the same effective HostProcess value (it is + not allowed to have a mix of HostProcess containers + and non-HostProcess containers). In addition, + if HostProcess is true then HostNetwork must + also be set to true. + type: boolean + runAsUserName: + description: The UserName in Windows to run + the entrypoint of the container process. Defaults + to the user specified in image metadata if + unspecified. May also be set in PodSecurityContext. + If set in both SecurityContext and PodSecurityContext, + the value specified in SecurityContext takes + precedence. + type: string + type: object + type: object + startupProbe: + description: 'StartupProbe indicates that the Pod has + successfully initialized. If specified, no other probes + are executed until this completes successfully. If + this probe fails, the Pod will be restarted, just + as if the livenessProbe failed. This can be used to + provide different probe parameters at the beginning + of a Pod''s lifecycle, when it might take a long time + to load data or warm a cache, than during steady-state + operation. This cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + properties: + exec: + description: Exec specifies the action to take. + properties: + command: + description: Command is the command line to + execute inside the container, the working + directory for the command is root ('/') in + the container's filesystem. The command is + simply exec'd, it is not run inside a shell, + so traditional shell instructions ('|', etc) + won't work. To use a shell, you need to explicitly + call out to that shell. Exit status of 0 is + treated as live/healthy and non-zero is unhealthy. + items: + type: string + type: array + type: object + failureThreshold: + description: Minimum consecutive failures for the + probe to be considered failed after having succeeded. + Defaults to 3. Minimum value is 1. + format: int32 + type: integer + grpc: + description: GRPC specifies an action involving + a GRPC port. This is an alpha field and requires + enabling GRPCContainerProbe feature gate. + properties: + port: + description: Port number of the gRPC service. + Number must be in the range 1 to 65535. + format: int32 + type: integer + service: + description: "Service is the name of the service + to place in the gRPC HealthCheckRequest (see + https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + \n If this is not specified, the default behavior + is defined by gRPC." + type: string + required: + - port + type: object + httpGet: + description: HTTPGet specifies the http request + to perform. + properties: + host: + description: Host name to connect to, defaults + to the pod IP. You probably want to set "Host" + in httpHeaders instead. + type: string + httpHeaders: + description: Custom headers to set in the request. + HTTP allows repeated headers. + items: + description: HTTPHeader describes a custom + header to be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: integer + - type: string + description: Name or number of the port to access + on the container. Number must be in the range + 1 to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: Scheme to use for connecting to + the host. Defaults to HTTP. + type: string + required: + - port + type: object + initialDelaySeconds: + description: 'Number of seconds after the container + has started before liveness probes are initiated. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + periodSeconds: + description: How often (in seconds) to perform the + probe. Default to 10 seconds. Minimum value is + 1. + format: int32 + type: integer + successThreshold: + description: Minimum consecutive successes for the + probe to be considered successful after having + failed. Defaults to 1. Must be 1 for liveness + and startup. Minimum value is 1. + format: int32 + type: integer + tcpSocket: + description: TCPSocket specifies an action involving + a TCP port. + properties: + host: + description: 'Optional: Host name to connect + to, defaults to the pod IP.' + type: string + port: + anyOf: + - type: integer + - type: string + description: Number or name of the port to access + on the container. Number must be in the range + 1 to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + terminationGracePeriodSeconds: + description: Optional duration in seconds the pod + needs to terminate gracefully upon probe failure. + The grace period is the duration in seconds after + the processes running in the pod are sent a termination + signal and the time when the processes are forcibly + halted with a kill signal. Set this value longer + than the expected cleanup time for your process. + If this value is nil, the pod's terminationGracePeriodSeconds + will be used. Otherwise, this value overrides + the value provided by the pod spec. Value must + be non-negative integer. The value zero indicates + stop immediately via the kill signal (no opportunity + to shut down). This is a beta field and requires + enabling ProbeTerminationGracePeriod feature gate. + Minimum value is 1. spec.terminationGracePeriodSeconds + is used if unset. + format: int64 + type: integer + timeoutSeconds: + description: 'Number of seconds after which the + probe times out. Defaults to 1 second. Minimum + value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + type: object + stdin: + description: Whether this container should allocate + a buffer for stdin in the container runtime. If this + is not set, reads from stdin in the container will + always result in EOF. Default is false. + type: boolean + stdinOnce: + description: Whether the container runtime should close + the stdin channel after it has been opened by a single + attach. When stdin is true the stdin stream will remain + open across multiple attach sessions. If stdinOnce + is set to true, stdin is opened on container start, + is empty until the first client attaches to stdin, + and then remains open and accepts data until the client + disconnects, at which time stdin is closed and remains + closed until the container is restarted. If this flag + is false, a container processes that reads from stdin + will never receive an EOF. Default is false + type: boolean + terminationMessagePath: + description: 'Optional: Path at which the file to which + the container''s termination message will be written + is mounted into the container''s filesystem. Message + written is intended to be brief final status, such + as an assertion failure message. Will be truncated + by the node if greater than 4096 bytes. The total + message length across all containers will be limited + to 12kb. Defaults to /dev/termination-log. Cannot + be updated.' + type: string + terminationMessagePolicy: + description: Indicate how the termination message should + be populated. File will use the contents of terminationMessagePath + to populate the container status message on both success + and failure. FallbackToLogsOnError will use the last + chunk of container log output if the termination message + file is empty and the container exited with an error. + The log output is limited to 2048 bytes or 80 lines, + whichever is smaller. Defaults to File. Cannot be + updated. + type: string + tty: + description: Whether this container should allocate + a TTY for itself, also requires 'stdin' to be true. + Default is false. + type: boolean + volumeDevices: + description: volumeDevices is the list of block devices + to be used by the container. + items: + description: volumeDevice describes a mapping of a + raw block device within a container. + properties: + devicePath: + description: devicePath is the path inside of + the container that the device will be mapped + to. + type: string + name: + description: name must match the name of a persistentVolumeClaim + in the pod + type: string + required: + - devicePath + - name + type: object + type: array + volumeMounts: + description: Pod volumes to mount into the container's + filesystem. Cannot be updated. + items: + description: VolumeMount describes a mounting of a + Volume within a container. + properties: + mountPath: + description: Path within the container at which + the volume should be mounted. Must not contain + ':'. + type: string + mountPropagation: + description: mountPropagation determines how mounts + are propagated from the host to container and + the other way around. When not set, MountPropagationNone + is used. This field is beta in 1.10. + type: string + name: + description: This must match the Name of a Volume. + type: string + readOnly: + description: Mounted read-only if true, read-write + otherwise (false or unspecified). Defaults to + false. + type: boolean + subPath: + description: Path within the volume from which + the container's volume should be mounted. Defaults + to "" (volume's root). + type: string + subPathExpr: + description: Expanded path within the volume from + which the container's volume should be mounted. + Behaves similarly to SubPath but environment + variable references $(VAR_NAME) are expanded + using the container's environment. Defaults + to "" (volume's root). SubPathExpr and SubPath + are mutually exclusive. + type: string + required: + - mountPath + - name + type: object + type: array + workingDir: + description: Container's working directory. If not specified, + the container runtime's default will be used, which + might be configured in the container image. Cannot + be updated. + type: string + required: + - name + type: object + type: array + dnsConfig: + items: + description: PodDNSConfig defines the DNS parameters of + a pod in addition to those generated from DNSPolicy. + properties: + nameservers: + description: A list of DNS name server IP addresses. + This will be appended to the base nameservers generated + from DNSPolicy. Duplicated nameservers will be removed. + items: + type: string + type: array + options: + description: A list of DNS resolver options. This will + be merged with the base options generated from DNSPolicy. + Duplicated entries will be removed. Resolution options + given in Options will override those that appear in + the base DNSPolicy. + items: + description: PodDNSConfigOption defines DNS resolver + options of a pod. + properties: + name: + description: Required. + type: string + value: + type: string + type: object + type: array + searches: + description: A list of DNS search domains for host-name + lookup. This will be appended to the base search paths + generated from DNSPolicy. Duplicated search paths + will be removed. + items: + type: string + type: array + type: object + type: array + dockerEnabled: + type: boolean + dockerEnv: + items: + description: EnvVar represents an environment variable present + in a Container. + properties: + name: + description: Name of the environment variable. Must + be a C_IDENTIFIER. + type: string + value: + description: 'Variable references $(VAR_NAME) are expanded + using the previously defined environment variables + in the container and any service environment variables. + If a variable cannot be resolved, the reference in + the input string will be unchanged. Double $$ are + reduced to a single $, which allows for escaping the + $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce + the string literal "$(VAR_NAME)". Escaped references + will never be expanded, regardless of whether the + variable exists or not. Defaults to "".' + type: string + valueFrom: + description: Source for the environment variable's value. + Cannot be used if value is not empty. + properties: + configMapKeyRef: + description: Selects a key of a ConfigMap. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the ConfigMap or + its key must be defined + type: boolean + required: + - key + type: object + fieldRef: + description: 'Selects a field of the pod: supports + metadata.name, metadata.namespace, `metadata.labels['''']`, + `metadata.annotations['''']`, spec.nodeName, + spec.serviceAccountName, status.hostIP, status.podIP, + status.podIPs.' + properties: + apiVersion: + description: Version of the schema the FieldPath + is written in terms of, defaults to "v1". + type: string + fieldPath: + description: Path of the field to select in + the specified API version. + type: string + required: + - fieldPath + type: object + resourceFieldRef: + description: 'Selects a resource of the container: + only resources limits and requests (limits.cpu, + limits.memory, limits.ephemeral-storage, requests.cpu, + requests.memory and requests.ephemeral-storage) + are currently supported.' + properties: + containerName: + description: 'Container name: required for volumes, + optional for env vars' + type: string + divisor: + anyOf: + - type: integer + - type: string + description: Specifies the output format of + the exposed resources, defaults to "1" + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + description: 'Required: resource to select' + type: string + required: + - resource + type: object + secretKeyRef: + description: Selects a key of a secret in the pod's + namespace + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret or its + key must be defined + type: boolean + required: + - key + type: object + type: object + required: + - name + type: object + type: array + dockerMTU: + format: int64 + type: integer + dockerRegistryMirror: + type: string + dockerVolumeMounts: + items: + description: VolumeMount describes a mounting of a Volume + within a container. + properties: + mountPath: + description: Path within the container at which the + volume should be mounted. Must not contain ':'. + type: string + mountPropagation: + description: mountPropagation determines how mounts + are propagated from the host to container and the + other way around. When not set, MountPropagationNone + is used. This field is beta in 1.10. + type: string + name: + description: This must match the Name of a Volume. + type: string + readOnly: + description: Mounted read-only if true, read-write otherwise + (false or unspecified). Defaults to false. + type: boolean + subPath: + description: Path within the volume from which the container's + volume should be mounted. Defaults to "" (volume's + root). + type: string + subPathExpr: + description: Expanded path within the volume from which + the container's volume should be mounted. Behaves + similarly to SubPath but environment variable references + $(VAR_NAME) are expanded using the container's environment. + Defaults to "" (volume's root). SubPathExpr and SubPath + are mutually exclusive. + type: string + required: + - mountPath + - name + type: object + type: array + dockerdContainerResources: + description: ResourceRequirements describes the compute resource + requirements. + properties: + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum amount of compute + resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum amount of + compute resources required. If Requests is omitted for + a container, it defaults to Limits if that is explicitly + specified, otherwise to an implementation-defined value. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + type: object + dockerdWithinRunnerContainer: + type: boolean + enableServiceLinks: + type: boolean + enterprise: + pattern: ^[^/]+$ + type: string + env: + items: + description: EnvVar represents an environment variable present + in a Container. + properties: + name: + description: Name of the environment variable. Must + be a C_IDENTIFIER. + type: string + value: + description: 'Variable references $(VAR_NAME) are expanded + using the previously defined environment variables + in the container and any service environment variables. + If a variable cannot be resolved, the reference in + the input string will be unchanged. Double $$ are + reduced to a single $, which allows for escaping the + $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce + the string literal "$(VAR_NAME)". Escaped references + will never be expanded, regardless of whether the + variable exists or not. Defaults to "".' + type: string + valueFrom: + description: Source for the environment variable's value. + Cannot be used if value is not empty. + properties: + configMapKeyRef: + description: Selects a key of a ConfigMap. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the ConfigMap or + its key must be defined + type: boolean + required: + - key + type: object + fieldRef: + description: 'Selects a field of the pod: supports + metadata.name, metadata.namespace, `metadata.labels['''']`, + `metadata.annotations['''']`, spec.nodeName, + spec.serviceAccountName, status.hostIP, status.podIP, + status.podIPs.' + properties: + apiVersion: + description: Version of the schema the FieldPath + is written in terms of, defaults to "v1". + type: string + fieldPath: + description: Path of the field to select in + the specified API version. + type: string + required: + - fieldPath + type: object + resourceFieldRef: + description: 'Selects a resource of the container: + only resources limits and requests (limits.cpu, + limits.memory, limits.ephemeral-storage, requests.cpu, + requests.memory and requests.ephemeral-storage) + are currently supported.' + properties: + containerName: + description: 'Container name: required for volumes, + optional for env vars' + type: string + divisor: + anyOf: + - type: integer + - type: string + description: Specifies the output format of + the exposed resources, defaults to "1" + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + description: 'Required: resource to select' + type: string + required: + - resource + type: object + secretKeyRef: + description: Selects a key of a secret in the pod's + namespace + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret or its + key must be defined + type: boolean + required: + - key + type: object + type: object + required: + - name + type: object + type: array + envFrom: + items: + description: EnvFromSource represents the source of a set + of ConfigMaps + properties: + configMapRef: + description: The ConfigMap to select from + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether the ConfigMap must + be defined + type: boolean + type: object + prefix: + description: An optional identifier to prepend to each + key in the ConfigMap. Must be a C_IDENTIFIER. + type: string + secretRef: + description: The Secret to select from + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether the Secret must be + defined + type: boolean + type: object + type: object + type: array + ephemeral: + type: boolean + ephemeralContainers: + items: + description: "An EphemeralContainer is a temporary container + that you may add to an existing Pod for user-initiated + activities such as debugging. Ephemeral containers have + no resource or scheduling guarantees, and they will not + be restarted when they exit or when a Pod is removed or + restarted. The kubelet may evict a Pod if an ephemeral + container causes the Pod to exceed its resource allocation. + \n To add an ephemeral container, use the ephemeralcontainers + subresource of an existing Pod. Ephemeral containers may + not be removed or restarted. \n This is a beta feature + available on clusters that haven't disabled the EphemeralContainers + feature gate." + properties: + args: + description: 'Arguments to the entrypoint. The docker + image''s CMD is used if this is not provided. Variable + references $(VAR_NAME) are expanded using the container''s + environment. If a variable cannot be resolved, the + reference in the input string will be unchanged. Double + $$ are reduced to a single $, which allows for escaping + the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce + the string literal "$(VAR_NAME)". Escaped references + will never be expanded, regardless of whether the + variable exists or not. Cannot be updated. More info: + https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' + items: + type: string + type: array + command: + description: 'Entrypoint array. Not executed within + a shell. The docker image''s ENTRYPOINT is used if + this is not provided. Variable references $(VAR_NAME) + are expanded using the container''s environment. If + a variable cannot be resolved, the reference in the + input string will be unchanged. Double $$ are reduced + to a single $, which allows for escaping the $(VAR_NAME) + syntax: i.e. "$$(VAR_NAME)" will produce the string + literal "$(VAR_NAME)". Escaped references will never + be expanded, regardless of whether the variable exists + or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' + items: + type: string + type: array + env: + description: List of environment variables to set in + the container. Cannot be updated. + items: + description: EnvVar represents an environment variable + present in a Container. + properties: + name: + description: Name of the environment variable. + Must be a C_IDENTIFIER. + type: string + value: + description: 'Variable references $(VAR_NAME) + are expanded using the previously defined environment + variables in the container and any service environment + variables. If a variable cannot be resolved, + the reference in the input string will be unchanged. + Double $$ are reduced to a single $, which allows + for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" + will produce the string literal "$(VAR_NAME)". + Escaped references will never be expanded, regardless + of whether the variable exists or not. Defaults + to "".' + type: string + valueFrom: + description: Source for the environment variable's + value. Cannot be used if value is not empty. + properties: + configMapKeyRef: + description: Selects a key of a ConfigMap. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the ConfigMap + or its key must be defined + type: boolean + required: + - key + type: object + fieldRef: + description: 'Selects a field of the pod: + supports metadata.name, metadata.namespace, + `metadata.labels['''']`, `metadata.annotations['''']`, + spec.nodeName, spec.serviceAccountName, + status.hostIP, status.podIP, status.podIPs.' + properties: + apiVersion: + description: Version of the schema the + FieldPath is written in terms of, defaults + to "v1". + type: string + fieldPath: + description: Path of the field to select + in the specified API version. + type: string + required: + - fieldPath + type: object + resourceFieldRef: + description: 'Selects a resource of the container: + only resources limits and requests (limits.cpu, + limits.memory, limits.ephemeral-storage, + requests.cpu, requests.memory and requests.ephemeral-storage) + are currently supported.' + properties: + containerName: + description: 'Container name: required + for volumes, optional for env vars' + type: string + divisor: + anyOf: + - type: integer + - type: string + description: Specifies the output format + of the exposed resources, defaults to + "1" + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + description: 'Required: resource to select' + type: string + required: + - resource + type: object + secretKeyRef: + description: Selects a key of a secret in + the pod's namespace + properties: + key: + description: The key of the secret to + select from. Must be a valid secret + key. + type: string + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + required: + - key + type: object + type: object + required: + - name + type: object + type: array + envFrom: + description: List of sources to populate environment + variables in the container. The keys defined within + a source must be a C_IDENTIFIER. All invalid keys + will be reported as an event when the container is + starting. When a key exists in multiple sources, the + value associated with the last source will take precedence. + Values defined by an Env with a duplicate key will + take precedence. Cannot be updated. + items: + description: EnvFromSource represents the source of + a set of ConfigMaps + properties: + configMapRef: + description: The ConfigMap to select from + properties: + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the ConfigMap + must be defined + type: boolean + type: object + prefix: + description: An optional identifier to prepend + to each key in the ConfigMap. Must be a C_IDENTIFIER. + type: string + secretRef: + description: The Secret to select from + properties: + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret must + be defined + type: boolean + type: object + type: object + type: array + image: + description: 'Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images' + type: string + imagePullPolicy: + description: 'Image pull policy. One of Always, Never, + IfNotPresent. Defaults to Always if :latest tag is + specified, or IfNotPresent otherwise. Cannot be updated. + More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' + type: string + lifecycle: + description: Lifecycle is not allowed for ephemeral + containers. + properties: + postStart: + description: 'PostStart is called immediately after + a container is created. If the handler fails, + the container is terminated and restarted according + to its restart policy. Other management of the + container blocks until the hook completes. More + info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' + properties: + exec: + description: Exec specifies the action to take. + properties: + command: + description: Command is the command line + to execute inside the container, the working + directory for the command is root ('/') + in the container's filesystem. The command + is simply exec'd, it is not run inside + a shell, so traditional shell instructions + ('|', etc) won't work. To use a shell, + you need to explicitly call out to that + shell. Exit status of 0 is treated as + live/healthy and non-zero is unhealthy. + items: + type: string + type: array + type: object + httpGet: + description: HTTPGet specifies the http request + to perform. + properties: + host: + description: Host name to connect to, defaults + to the pod IP. You probably want to set + "Host" in httpHeaders instead. + type: string + httpHeaders: + description: Custom headers to set in the + request. HTTP allows repeated headers. + items: + description: HTTPHeader describes a custom + header to be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP + server. + type: string + port: + anyOf: + - type: integer + - type: string + description: Name or number of the port + to access on the container. Number must + be in the range 1 to 65535. Name must + be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: Scheme to use for connecting + to the host. Defaults to HTTP. + type: string + required: + - port + type: object + tcpSocket: + description: Deprecated. TCPSocket is NOT supported + as a LifecycleHandler and kept for the backward + compatibility. There are no validation of + this field and lifecycle hooks will fail in + runtime when tcp handler is specified. + properties: + host: + description: 'Optional: Host name to connect + to, defaults to the pod IP.' + type: string + port: + anyOf: + - type: integer + - type: string + description: Number or name of the port + to access on the container. Number must + be in the range 1 to 65535. Name must + be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + type: object + preStop: + description: 'PreStop is called immediately before + a container is terminated due to an API request + or management event such as liveness/startup probe + failure, preemption, resource contention, etc. + The handler is not called if the container crashes + or exits. The Pod''s termination grace period + countdown begins before the PreStop hook is executed. + Regardless of the outcome of the handler, the + container will eventually terminate within the + Pod''s termination grace period (unless delayed + by finalizers). Other management of the container + blocks until the hook completes or until the termination + grace period is reached. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' + properties: + exec: + description: Exec specifies the action to take. + properties: + command: + description: Command is the command line + to execute inside the container, the working + directory for the command is root ('/') + in the container's filesystem. The command + is simply exec'd, it is not run inside + a shell, so traditional shell instructions + ('|', etc) won't work. To use a shell, + you need to explicitly call out to that + shell. Exit status of 0 is treated as + live/healthy and non-zero is unhealthy. + items: + type: string + type: array + type: object + httpGet: + description: HTTPGet specifies the http request + to perform. + properties: + host: + description: Host name to connect to, defaults + to the pod IP. You probably want to set + "Host" in httpHeaders instead. + type: string + httpHeaders: + description: Custom headers to set in the + request. HTTP allows repeated headers. + items: + description: HTTPHeader describes a custom + header to be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP + server. + type: string + port: + anyOf: + - type: integer + - type: string + description: Name or number of the port + to access on the container. Number must + be in the range 1 to 65535. Name must + be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: Scheme to use for connecting + to the host. Defaults to HTTP. + type: string + required: + - port + type: object + tcpSocket: + description: Deprecated. TCPSocket is NOT supported + as a LifecycleHandler and kept for the backward + compatibility. There are no validation of + this field and lifecycle hooks will fail in + runtime when tcp handler is specified. + properties: + host: + description: 'Optional: Host name to connect + to, defaults to the pod IP.' + type: string + port: + anyOf: + - type: integer + - type: string + description: Number or name of the port + to access on the container. Number must + be in the range 1 to 65535. Name must + be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + type: object + type: object + livenessProbe: + description: Probes are not allowed for ephemeral containers. + properties: + exec: + description: Exec specifies the action to take. + properties: + command: + description: Command is the command line to + execute inside the container, the working + directory for the command is root ('/') in + the container's filesystem. The command is + simply exec'd, it is not run inside a shell, + so traditional shell instructions ('|', etc) + won't work. To use a shell, you need to explicitly + call out to that shell. Exit status of 0 is + treated as live/healthy and non-zero is unhealthy. + items: + type: string + type: array + type: object + failureThreshold: + description: Minimum consecutive failures for the + probe to be considered failed after having succeeded. + Defaults to 3. Minimum value is 1. + format: int32 + type: integer + grpc: + description: GRPC specifies an action involving + a GRPC port. This is an alpha field and requires + enabling GRPCContainerProbe feature gate. + properties: + port: + description: Port number of the gRPC service. + Number must be in the range 1 to 65535. + format: int32 + type: integer + service: + description: "Service is the name of the service + to place in the gRPC HealthCheckRequest (see + https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + \n If this is not specified, the default behavior + is defined by gRPC." + type: string + required: + - port + type: object + httpGet: + description: HTTPGet specifies the http request + to perform. + properties: + host: + description: Host name to connect to, defaults + to the pod IP. You probably want to set "Host" + in httpHeaders instead. + type: string + httpHeaders: + description: Custom headers to set in the request. + HTTP allows repeated headers. + items: + description: HTTPHeader describes a custom + header to be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: integer + - type: string + description: Name or number of the port to access + on the container. Number must be in the range + 1 to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: Scheme to use for connecting to + the host. Defaults to HTTP. + type: string + required: + - port + type: object + initialDelaySeconds: + description: 'Number of seconds after the container + has started before liveness probes are initiated. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + periodSeconds: + description: How often (in seconds) to perform the + probe. Default to 10 seconds. Minimum value is + 1. + format: int32 + type: integer + successThreshold: + description: Minimum consecutive successes for the + probe to be considered successful after having + failed. Defaults to 1. Must be 1 for liveness + and startup. Minimum value is 1. + format: int32 + type: integer + tcpSocket: + description: TCPSocket specifies an action involving + a TCP port. + properties: + host: + description: 'Optional: Host name to connect + to, defaults to the pod IP.' + type: string + port: + anyOf: + - type: integer + - type: string + description: Number or name of the port to access + on the container. Number must be in the range + 1 to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + terminationGracePeriodSeconds: + description: Optional duration in seconds the pod + needs to terminate gracefully upon probe failure. + The grace period is the duration in seconds after + the processes running in the pod are sent a termination + signal and the time when the processes are forcibly + halted with a kill signal. Set this value longer + than the expected cleanup time for your process. + If this value is nil, the pod's terminationGracePeriodSeconds + will be used. Otherwise, this value overrides + the value provided by the pod spec. Value must + be non-negative integer. The value zero indicates + stop immediately via the kill signal (no opportunity + to shut down). This is a beta field and requires + enabling ProbeTerminationGracePeriod feature gate. + Minimum value is 1. spec.terminationGracePeriodSeconds + is used if unset. + format: int64 + type: integer + timeoutSeconds: + description: 'Number of seconds after which the + probe times out. Defaults to 1 second. Minimum + value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + type: object + name: + description: Name of the ephemeral container specified + as a DNS_LABEL. This name must be unique among all + containers, init containers and ephemeral containers. + type: string + ports: + description: Ports are not allowed for ephemeral containers. + items: + description: ContainerPort represents a network port + in a single container. + properties: + containerPort: + description: Number of port to expose on the pod's + IP address. This must be a valid port number, + 0 < x < 65536. + format: int32 + type: integer + hostIP: + description: What host IP to bind the external + port to. + type: string + hostPort: + description: Number of port to expose on the host. + If specified, this must be a valid port number, + 0 < x < 65536. If HostNetwork is specified, + this must match ContainerPort. Most containers + do not need this. + format: int32 + type: integer + name: + description: If specified, this must be an IANA_SVC_NAME + and unique within the pod. Each named port in + a pod must have a unique name. Name for the + port that can be referred to by services. + type: string + protocol: + default: TCP + description: Protocol for port. Must be UDP, TCP, + or SCTP. Defaults to "TCP". + type: string + required: + - containerPort + type: object + type: array + x-kubernetes-list-map-keys: + - containerPort + - protocol + x-kubernetes-list-type: map + readinessProbe: + description: Probes are not allowed for ephemeral containers. + properties: + exec: + description: Exec specifies the action to take. + properties: + command: + description: Command is the command line to + execute inside the container, the working + directory for the command is root ('/') in + the container's filesystem. The command is + simply exec'd, it is not run inside a shell, + so traditional shell instructions ('|', etc) + won't work. To use a shell, you need to explicitly + call out to that shell. Exit status of 0 is + treated as live/healthy and non-zero is unhealthy. + items: + type: string + type: array + type: object + failureThreshold: + description: Minimum consecutive failures for the + probe to be considered failed after having succeeded. + Defaults to 3. Minimum value is 1. + format: int32 + type: integer + grpc: + description: GRPC specifies an action involving + a GRPC port. This is an alpha field and requires + enabling GRPCContainerProbe feature gate. + properties: + port: + description: Port number of the gRPC service. + Number must be in the range 1 to 65535. + format: int32 + type: integer + service: + description: "Service is the name of the service + to place in the gRPC HealthCheckRequest (see + https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + \n If this is not specified, the default behavior + is defined by gRPC." + type: string + required: + - port + type: object + httpGet: + description: HTTPGet specifies the http request + to perform. + properties: + host: + description: Host name to connect to, defaults + to the pod IP. You probably want to set "Host" + in httpHeaders instead. + type: string + httpHeaders: + description: Custom headers to set in the request. + HTTP allows repeated headers. + items: + description: HTTPHeader describes a custom + header to be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: integer + - type: string + description: Name or number of the port to access + on the container. Number must be in the range + 1 to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: Scheme to use for connecting to + the host. Defaults to HTTP. + type: string + required: + - port + type: object + initialDelaySeconds: + description: 'Number of seconds after the container + has started before liveness probes are initiated. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + periodSeconds: + description: How often (in seconds) to perform the + probe. Default to 10 seconds. Minimum value is + 1. + format: int32 + type: integer + successThreshold: + description: Minimum consecutive successes for the + probe to be considered successful after having + failed. Defaults to 1. Must be 1 for liveness + and startup. Minimum value is 1. + format: int32 + type: integer + tcpSocket: + description: TCPSocket specifies an action involving + a TCP port. + properties: + host: + description: 'Optional: Host name to connect + to, defaults to the pod IP.' + type: string + port: + anyOf: + - type: integer + - type: string + description: Number or name of the port to access + on the container. Number must be in the range + 1 to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + terminationGracePeriodSeconds: + description: Optional duration in seconds the pod + needs to terminate gracefully upon probe failure. + The grace period is the duration in seconds after + the processes running in the pod are sent a termination + signal and the time when the processes are forcibly + halted with a kill signal. Set this value longer + than the expected cleanup time for your process. + If this value is nil, the pod's terminationGracePeriodSeconds + will be used. Otherwise, this value overrides + the value provided by the pod spec. Value must + be non-negative integer. The value zero indicates + stop immediately via the kill signal (no opportunity + to shut down). This is a beta field and requires + enabling ProbeTerminationGracePeriod feature gate. + Minimum value is 1. spec.terminationGracePeriodSeconds + is used if unset. + format: int64 + type: integer + timeoutSeconds: + description: 'Number of seconds after which the + probe times out. Defaults to 1 second. Minimum + value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + type: object + resources: + description: Resources are not allowed for ephemeral + containers. Ephemeral containers use spare resources + already allocated to the pod. + properties: + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum amount + of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum amount + of compute resources required. If Requests is + omitted for a container, it defaults to Limits + if that is explicitly specified, otherwise to + an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + type: object + securityContext: + description: 'Optional: SecurityContext defines the + security options the ephemeral container should be + run with. If set, the fields of SecurityContext override + the equivalent fields of PodSecurityContext.' + properties: + allowPrivilegeEscalation: + description: 'AllowPrivilegeEscalation controls + whether a process can gain more privileges than + its parent process. This bool directly controls + if the no_new_privs flag will be set on the container + process. AllowPrivilegeEscalation is true always + when the container is: 1) run as Privileged 2) + has CAP_SYS_ADMIN Note that this field cannot + be set when spec.os.name is windows.' + type: boolean + capabilities: + description: The capabilities to add/drop when running + containers. Defaults to the default set of capabilities + granted by the container runtime. Note that this + field cannot be set when spec.os.name is windows. + properties: + add: + description: Added capabilities + items: + description: Capability represent POSIX capabilities + type + type: string + type: array + drop: + description: Removed capabilities + items: + description: Capability represent POSIX capabilities + type + type: string + type: array + type: object + privileged: + description: Run container in privileged mode. Processes + in privileged containers are essentially equivalent + to root on the host. Defaults to false. Note that + this field cannot be set when spec.os.name is + windows. + type: boolean + procMount: + description: procMount denotes the type of proc + mount to use for the containers. The default is + DefaultProcMount which uses the container runtime + defaults for readonly paths and masked paths. + This requires the ProcMountType feature flag to + be enabled. Note that this field cannot be set + when spec.os.name is windows. + type: string + readOnlyRootFilesystem: + description: Whether this container has a read-only + root filesystem. Default is false. Note that this + field cannot be set when spec.os.name is windows. + type: boolean + runAsGroup: + description: The GID to run the entrypoint of the + container process. Uses runtime default if unset. + May also be set in PodSecurityContext. If set + in both SecurityContext and PodSecurityContext, + the value specified in SecurityContext takes precedence. + Note that this field cannot be set when spec.os.name + is windows. + format: int64 + type: integer + runAsNonRoot: + description: Indicates that the container must run + as a non-root user. If true, the Kubelet will + validate the image at runtime to ensure that it + does not run as UID 0 (root) and fail to start + the container if it does. If unset or false, no + such validation will be performed. May also be + set in PodSecurityContext. If set in both SecurityContext + and PodSecurityContext, the value specified in + SecurityContext takes precedence. + type: boolean + runAsUser: + description: The UID to run the entrypoint of the + container process. Defaults to user specified + in image metadata if unspecified. May also be + set in PodSecurityContext. If set in both SecurityContext + and PodSecurityContext, the value specified in + SecurityContext takes precedence. Note that this + field cannot be set when spec.os.name is windows. + format: int64 + type: integer + seLinuxOptions: + description: The SELinux context to be applied to + the container. If unspecified, the container runtime + will allocate a random SELinux context for each + container. May also be set in PodSecurityContext. If + set in both SecurityContext and PodSecurityContext, + the value specified in SecurityContext takes precedence. + Note that this field cannot be set when spec.os.name + is windows. + properties: + level: + description: Level is SELinux level label that + applies to the container. + type: string + role: + description: Role is a SELinux role label that + applies to the container. + type: string + type: + description: Type is a SELinux type label that + applies to the container. + type: string + user: + description: User is a SELinux user label that + applies to the container. + type: string + type: object + seccompProfile: + description: The seccomp options to use by this + container. If seccomp options are provided at + both the pod & container level, the container + options override the pod options. Note that this + field cannot be set when spec.os.name is windows. + properties: + localhostProfile: + description: localhostProfile indicates a profile + defined in a file on the node should be used. + The profile must be preconfigured on the node + to work. Must be a descending path, relative + to the kubelet's configured seccomp profile + location. Must only be set if type is "Localhost". + type: string + type: + description: "type indicates which kind of seccomp + profile will be applied. Valid options are: + \n Localhost - a profile defined in a file + on the node should be used. RuntimeDefault + - the container runtime default profile should + be used. Unconfined - no profile should be + applied." + type: string + required: + - type + type: object + windowsOptions: + description: The Windows specific settings applied + to all containers. If unspecified, the options + from the PodSecurityContext will be used. If set + in both SecurityContext and PodSecurityContext, + the value specified in SecurityContext takes precedence. + Note that this field cannot be set when spec.os.name + is linux. + properties: + gmsaCredentialSpec: + description: GMSACredentialSpec is where the + GMSA admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) + inlines the contents of the GMSA credential + spec named by the GMSACredentialSpecName field. + type: string + gmsaCredentialSpecName: + description: GMSACredentialSpecName is the name + of the GMSA credential spec to use. + type: string + hostProcess: + description: HostProcess determines if a container + should be run as a 'Host Process' container. + This field is alpha-level and will only be + honored by components that enable the WindowsHostProcessContainers + feature flag. Setting this field without the + feature flag will result in errors when validating + the Pod. All of a Pod's containers must have + the same effective HostProcess value (it is + not allowed to have a mix of HostProcess containers + and non-HostProcess containers). In addition, + if HostProcess is true then HostNetwork must + also be set to true. + type: boolean + runAsUserName: + description: The UserName in Windows to run + the entrypoint of the container process. Defaults + to the user specified in image metadata if + unspecified. May also be set in PodSecurityContext. + If set in both SecurityContext and PodSecurityContext, + the value specified in SecurityContext takes + precedence. + type: string + type: object + type: object + startupProbe: + description: Probes are not allowed for ephemeral containers. + properties: + exec: + description: Exec specifies the action to take. + properties: + command: + description: Command is the command line to + execute inside the container, the working + directory for the command is root ('/') in + the container's filesystem. The command is + simply exec'd, it is not run inside a shell, + so traditional shell instructions ('|', etc) + won't work. To use a shell, you need to explicitly + call out to that shell. Exit status of 0 is + treated as live/healthy and non-zero is unhealthy. + items: + type: string + type: array + type: object + failureThreshold: + description: Minimum consecutive failures for the + probe to be considered failed after having succeeded. + Defaults to 3. Minimum value is 1. + format: int32 + type: integer + grpc: + description: GRPC specifies an action involving + a GRPC port. This is an alpha field and requires + enabling GRPCContainerProbe feature gate. + properties: + port: + description: Port number of the gRPC service. + Number must be in the range 1 to 65535. + format: int32 + type: integer + service: + description: "Service is the name of the service + to place in the gRPC HealthCheckRequest (see + https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + \n If this is not specified, the default behavior + is defined by gRPC." + type: string + required: + - port + type: object + httpGet: + description: HTTPGet specifies the http request + to perform. + properties: + host: + description: Host name to connect to, defaults + to the pod IP. You probably want to set "Host" + in httpHeaders instead. + type: string + httpHeaders: + description: Custom headers to set in the request. + HTTP allows repeated headers. + items: + description: HTTPHeader describes a custom + header to be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: integer + - type: string + description: Name or number of the port to access + on the container. Number must be in the range + 1 to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: Scheme to use for connecting to + the host. Defaults to HTTP. + type: string + required: + - port + type: object + initialDelaySeconds: + description: 'Number of seconds after the container + has started before liveness probes are initiated. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + periodSeconds: + description: How often (in seconds) to perform the + probe. Default to 10 seconds. Minimum value is + 1. + format: int32 + type: integer + successThreshold: + description: Minimum consecutive successes for the + probe to be considered successful after having + failed. Defaults to 1. Must be 1 for liveness + and startup. Minimum value is 1. + format: int32 + type: integer + tcpSocket: + description: TCPSocket specifies an action involving + a TCP port. + properties: + host: + description: 'Optional: Host name to connect + to, defaults to the pod IP.' + type: string + port: + anyOf: + - type: integer + - type: string + description: Number or name of the port to access + on the container. Number must be in the range + 1 to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + terminationGracePeriodSeconds: + description: Optional duration in seconds the pod + needs to terminate gracefully upon probe failure. + The grace period is the duration in seconds after + the processes running in the pod are sent a termination + signal and the time when the processes are forcibly + halted with a kill signal. Set this value longer + than the expected cleanup time for your process. + If this value is nil, the pod's terminationGracePeriodSeconds + will be used. Otherwise, this value overrides + the value provided by the pod spec. Value must + be non-negative integer. The value zero indicates + stop immediately via the kill signal (no opportunity + to shut down). This is a beta field and requires + enabling ProbeTerminationGracePeriod feature gate. + Minimum value is 1. spec.terminationGracePeriodSeconds + is used if unset. + format: int64 + type: integer + timeoutSeconds: + description: 'Number of seconds after which the + probe times out. Defaults to 1 second. Minimum + value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + type: object + stdin: + description: Whether this container should allocate + a buffer for stdin in the container runtime. If this + is not set, reads from stdin in the container will + always result in EOF. Default is false. + type: boolean + stdinOnce: + description: Whether the container runtime should close + the stdin channel after it has been opened by a single + attach. When stdin is true the stdin stream will remain + open across multiple attach sessions. If stdinOnce + is set to true, stdin is opened on container start, + is empty until the first client attaches to stdin, + and then remains open and accepts data until the client + disconnects, at which time stdin is closed and remains + closed until the container is restarted. If this flag + is false, a container processes that reads from stdin + will never receive an EOF. Default is false + type: boolean + targetContainerName: + description: "If set, the name of the container from + PodSpec that this ephemeral container targets. The + ephemeral container will be run in the namespaces + (IPC, PID, etc) of this container. If not set then + the ephemeral container uses the namespaces configured + in the Pod spec. \n The container runtime must implement + support for this feature. If the runtime does not + support namespace targeting then the result of setting + this field is undefined." + type: string + terminationMessagePath: + description: 'Optional: Path at which the file to which + the container''s termination message will be written + is mounted into the container''s filesystem. Message + written is intended to be brief final status, such + as an assertion failure message. Will be truncated + by the node if greater than 4096 bytes. The total + message length across all containers will be limited + to 12kb. Defaults to /dev/termination-log. Cannot + be updated.' + type: string + terminationMessagePolicy: + description: Indicate how the termination message should + be populated. File will use the contents of terminationMessagePath + to populate the container status message on both success + and failure. FallbackToLogsOnError will use the last + chunk of container log output if the termination message + file is empty and the container exited with an error. + The log output is limited to 2048 bytes or 80 lines, + whichever is smaller. Defaults to File. Cannot be + updated. + type: string + tty: + description: Whether this container should allocate + a TTY for itself, also requires 'stdin' to be true. + Default is false. + type: boolean + volumeDevices: + description: volumeDevices is the list of block devices + to be used by the container. + items: + description: volumeDevice describes a mapping of a + raw block device within a container. + properties: + devicePath: + description: devicePath is the path inside of + the container that the device will be mapped + to. + type: string + name: + description: name must match the name of a persistentVolumeClaim + in the pod + type: string + required: + - devicePath + - name + type: object + type: array + volumeMounts: + description: Pod volumes to mount into the container's + filesystem. Subpath mounts are not allowed for ephemeral + containers. Cannot be updated. + items: + description: VolumeMount describes a mounting of a + Volume within a container. + properties: + mountPath: + description: Path within the container at which + the volume should be mounted. Must not contain + ':'. + type: string + mountPropagation: + description: mountPropagation determines how mounts + are propagated from the host to container and + the other way around. When not set, MountPropagationNone + is used. This field is beta in 1.10. + type: string + name: + description: This must match the Name of a Volume. + type: string + readOnly: + description: Mounted read-only if true, read-write + otherwise (false or unspecified). Defaults to + false. + type: boolean + subPath: + description: Path within the volume from which + the container's volume should be mounted. Defaults + to "" (volume's root). + type: string + subPathExpr: + description: Expanded path within the volume from + which the container's volume should be mounted. + Behaves similarly to SubPath but environment + variable references $(VAR_NAME) are expanded + using the container's environment. Defaults + to "" (volume's root). SubPathExpr and SubPath + are mutually exclusive. + type: string + required: + - mountPath + - name + type: object + type: array + workingDir: + description: Container's working directory. If not specified, + the container runtime's default will be used, which + might be configured in the container image. Cannot + be updated. + type: string + required: + - name + type: object + type: array + group: + type: string + hostAliases: + items: + description: HostAlias holds the mapping between IP and + hostnames that will be injected as an entry in the pod's + hosts file. + properties: + hostnames: + description: Hostnames for the above IP address. + items: + type: string + type: array + ip: + description: IP address of the host file entry. + type: string + type: object + type: array + image: + type: string + imagePullPolicy: + description: PullPolicy describes a policy for if/when to + pull a container image + type: string + imagePullSecrets: + items: + description: LocalObjectReference contains enough information + to let you locate the referenced object inside the same + namespace. + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + type: object + type: array + initContainers: + items: + description: A single application container that you want + to run within a pod. + properties: + args: + description: 'Arguments to the entrypoint. The docker + image''s CMD is used if this is not provided. Variable + references $(VAR_NAME) are expanded using the container''s + environment. If a variable cannot be resolved, the + reference in the input string will be unchanged. Double + $$ are reduced to a single $, which allows for escaping + the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce + the string literal "$(VAR_NAME)". Escaped references + will never be expanded, regardless of whether the + variable exists or not. Cannot be updated. More info: + https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' + items: + type: string + type: array + command: + description: 'Entrypoint array. Not executed within + a shell. The docker image''s ENTRYPOINT is used if + this is not provided. Variable references $(VAR_NAME) + are expanded using the container''s environment. If + a variable cannot be resolved, the reference in the + input string will be unchanged. Double $$ are reduced + to a single $, which allows for escaping the $(VAR_NAME) + syntax: i.e. "$$(VAR_NAME)" will produce the string + literal "$(VAR_NAME)". Escaped references will never + be expanded, regardless of whether the variable exists + or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' + items: + type: string + type: array + env: + description: List of environment variables to set in + the container. Cannot be updated. + items: + description: EnvVar represents an environment variable + present in a Container. + properties: + name: + description: Name of the environment variable. + Must be a C_IDENTIFIER. + type: string + value: + description: 'Variable references $(VAR_NAME) + are expanded using the previously defined environment + variables in the container and any service environment + variables. If a variable cannot be resolved, + the reference in the input string will be unchanged. + Double $$ are reduced to a single $, which allows + for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" + will produce the string literal "$(VAR_NAME)". + Escaped references will never be expanded, regardless + of whether the variable exists or not. Defaults + to "".' + type: string + valueFrom: + description: Source for the environment variable's + value. Cannot be used if value is not empty. + properties: + configMapKeyRef: + description: Selects a key of a ConfigMap. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the ConfigMap + or its key must be defined + type: boolean + required: + - key + type: object + fieldRef: + description: 'Selects a field of the pod: + supports metadata.name, metadata.namespace, + `metadata.labels['''']`, `metadata.annotations['''']`, + spec.nodeName, spec.serviceAccountName, + status.hostIP, status.podIP, status.podIPs.' + properties: + apiVersion: + description: Version of the schema the + FieldPath is written in terms of, defaults + to "v1". + type: string + fieldPath: + description: Path of the field to select + in the specified API version. + type: string + required: + - fieldPath + type: object + resourceFieldRef: + description: 'Selects a resource of the container: + only resources limits and requests (limits.cpu, + limits.memory, limits.ephemeral-storage, + requests.cpu, requests.memory and requests.ephemeral-storage) + are currently supported.' + properties: + containerName: + description: 'Container name: required + for volumes, optional for env vars' + type: string + divisor: + anyOf: + - type: integer + - type: string + description: Specifies the output format + of the exposed resources, defaults to + "1" + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + description: 'Required: resource to select' + type: string + required: + - resource + type: object + secretKeyRef: + description: Selects a key of a secret in + the pod's namespace + properties: + key: + description: The key of the secret to + select from. Must be a valid secret + key. + type: string + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + required: + - key + type: object + type: object + required: + - name + type: object + type: array + envFrom: + description: List of sources to populate environment + variables in the container. The keys defined within + a source must be a C_IDENTIFIER. All invalid keys + will be reported as an event when the container is + starting. When a key exists in multiple sources, the + value associated with the last source will take precedence. + Values defined by an Env with a duplicate key will + take precedence. Cannot be updated. + items: + description: EnvFromSource represents the source of + a set of ConfigMaps + properties: + configMapRef: + description: The ConfigMap to select from + properties: + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the ConfigMap + must be defined + type: boolean + type: object + prefix: + description: An optional identifier to prepend + to each key in the ConfigMap. Must be a C_IDENTIFIER. + type: string + secretRef: + description: The Secret to select from + properties: + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret must + be defined + type: boolean + type: object + type: object + type: array + image: + description: 'Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images + This field is optional to allow higher level config + management to default or override container images + in workload controllers like Deployments and StatefulSets.' + type: string + imagePullPolicy: + description: 'Image pull policy. One of Always, Never, + IfNotPresent. Defaults to Always if :latest tag is + specified, or IfNotPresent otherwise. Cannot be updated. + More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' + type: string + lifecycle: + description: Actions that the management system should + take in response to container lifecycle events. Cannot + be updated. + properties: + postStart: + description: 'PostStart is called immediately after + a container is created. If the handler fails, + the container is terminated and restarted according + to its restart policy. Other management of the + container blocks until the hook completes. More + info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' + properties: + exec: + description: Exec specifies the action to take. + properties: + command: + description: Command is the command line + to execute inside the container, the working + directory for the command is root ('/') + in the container's filesystem. The command + is simply exec'd, it is not run inside + a shell, so traditional shell instructions + ('|', etc) won't work. To use a shell, + you need to explicitly call out to that + shell. Exit status of 0 is treated as + live/healthy and non-zero is unhealthy. + items: + type: string + type: array + type: object + httpGet: + description: HTTPGet specifies the http request + to perform. + properties: + host: + description: Host name to connect to, defaults + to the pod IP. You probably want to set + "Host" in httpHeaders instead. + type: string + httpHeaders: + description: Custom headers to set in the + request. HTTP allows repeated headers. + items: + description: HTTPHeader describes a custom + header to be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP + server. + type: string + port: + anyOf: + - type: integer + - type: string + description: Name or number of the port + to access on the container. Number must + be in the range 1 to 65535. Name must + be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: Scheme to use for connecting + to the host. Defaults to HTTP. + type: string + required: + - port + type: object + tcpSocket: + description: Deprecated. TCPSocket is NOT supported + as a LifecycleHandler and kept for the backward + compatibility. There are no validation of + this field and lifecycle hooks will fail in + runtime when tcp handler is specified. + properties: + host: + description: 'Optional: Host name to connect + to, defaults to the pod IP.' + type: string + port: + anyOf: + - type: integer + - type: string + description: Number or name of the port + to access on the container. Number must + be in the range 1 to 65535. Name must + be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + type: object + preStop: + description: 'PreStop is called immediately before + a container is terminated due to an API request + or management event such as liveness/startup probe + failure, preemption, resource contention, etc. + The handler is not called if the container crashes + or exits. The Pod''s termination grace period + countdown begins before the PreStop hook is executed. + Regardless of the outcome of the handler, the + container will eventually terminate within the + Pod''s termination grace period (unless delayed + by finalizers). Other management of the container + blocks until the hook completes or until the termination + grace period is reached. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' + properties: + exec: + description: Exec specifies the action to take. + properties: + command: + description: Command is the command line + to execute inside the container, the working + directory for the command is root ('/') + in the container's filesystem. The command + is simply exec'd, it is not run inside + a shell, so traditional shell instructions + ('|', etc) won't work. To use a shell, + you need to explicitly call out to that + shell. Exit status of 0 is treated as + live/healthy and non-zero is unhealthy. + items: + type: string + type: array + type: object + httpGet: + description: HTTPGet specifies the http request + to perform. + properties: + host: + description: Host name to connect to, defaults + to the pod IP. You probably want to set + "Host" in httpHeaders instead. + type: string + httpHeaders: + description: Custom headers to set in the + request. HTTP allows repeated headers. + items: + description: HTTPHeader describes a custom + header to be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP + server. + type: string + port: + anyOf: + - type: integer + - type: string + description: Name or number of the port + to access on the container. Number must + be in the range 1 to 65535. Name must + be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: Scheme to use for connecting + to the host. Defaults to HTTP. + type: string + required: + - port + type: object + tcpSocket: + description: Deprecated. TCPSocket is NOT supported + as a LifecycleHandler and kept for the backward + compatibility. There are no validation of + this field and lifecycle hooks will fail in + runtime when tcp handler is specified. + properties: + host: + description: 'Optional: Host name to connect + to, defaults to the pod IP.' + type: string + port: + anyOf: + - type: integer + - type: string + description: Number or name of the port + to access on the container. Number must + be in the range 1 to 65535. Name must + be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + type: object + type: object + livenessProbe: + description: 'Periodic probe of container liveness. + Container will be restarted if the probe fails. Cannot + be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + properties: + exec: + description: Exec specifies the action to take. + properties: + command: + description: Command is the command line to + execute inside the container, the working + directory for the command is root ('/') in + the container's filesystem. The command is + simply exec'd, it is not run inside a shell, + so traditional shell instructions ('|', etc) + won't work. To use a shell, you need to explicitly + call out to that shell. Exit status of 0 is + treated as live/healthy and non-zero is unhealthy. + items: + type: string + type: array + type: object + failureThreshold: + description: Minimum consecutive failures for the + probe to be considered failed after having succeeded. + Defaults to 3. Minimum value is 1. + format: int32 + type: integer + grpc: + description: GRPC specifies an action involving + a GRPC port. This is an alpha field and requires + enabling GRPCContainerProbe feature gate. + properties: + port: + description: Port number of the gRPC service. + Number must be in the range 1 to 65535. + format: int32 + type: integer + service: + description: "Service is the name of the service + to place in the gRPC HealthCheckRequest (see + https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + \n If this is not specified, the default behavior + is defined by gRPC." + type: string + required: + - port + type: object + httpGet: + description: HTTPGet specifies the http request + to perform. + properties: + host: + description: Host name to connect to, defaults + to the pod IP. You probably want to set "Host" + in httpHeaders instead. + type: string + httpHeaders: + description: Custom headers to set in the request. + HTTP allows repeated headers. + items: + description: HTTPHeader describes a custom + header to be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: integer + - type: string + description: Name or number of the port to access + on the container. Number must be in the range + 1 to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: Scheme to use for connecting to + the host. Defaults to HTTP. + type: string + required: + - port + type: object + initialDelaySeconds: + description: 'Number of seconds after the container + has started before liveness probes are initiated. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + periodSeconds: + description: How often (in seconds) to perform the + probe. Default to 10 seconds. Minimum value is + 1. + format: int32 + type: integer + successThreshold: + description: Minimum consecutive successes for the + probe to be considered successful after having + failed. Defaults to 1. Must be 1 for liveness + and startup. Minimum value is 1. + format: int32 + type: integer + tcpSocket: + description: TCPSocket specifies an action involving + a TCP port. + properties: + host: + description: 'Optional: Host name to connect + to, defaults to the pod IP.' + type: string + port: + anyOf: + - type: integer + - type: string + description: Number or name of the port to access + on the container. Number must be in the range + 1 to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + terminationGracePeriodSeconds: + description: Optional duration in seconds the pod + needs to terminate gracefully upon probe failure. + The grace period is the duration in seconds after + the processes running in the pod are sent a termination + signal and the time when the processes are forcibly + halted with a kill signal. Set this value longer + than the expected cleanup time for your process. + If this value is nil, the pod's terminationGracePeriodSeconds + will be used. Otherwise, this value overrides + the value provided by the pod spec. Value must + be non-negative integer. The value zero indicates + stop immediately via the kill signal (no opportunity + to shut down). This is a beta field and requires + enabling ProbeTerminationGracePeriod feature gate. + Minimum value is 1. spec.terminationGracePeriodSeconds + is used if unset. + format: int64 + type: integer + timeoutSeconds: + description: 'Number of seconds after which the + probe times out. Defaults to 1 second. Minimum + value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + type: object + name: + description: Name of the container specified as a DNS_LABEL. + Each container in a pod must have a unique name (DNS_LABEL). + Cannot be updated. + type: string + ports: + description: List of ports to expose from the container. + Exposing a port here gives the system additional information + about the network connections a container uses, but + is primarily informational. Not specifying a port + here DOES NOT prevent that port from being exposed. + Any port which is listening on the default "0.0.0.0" + address inside a container will be accessible from + the network. Cannot be updated. + items: + description: ContainerPort represents a network port + in a single container. + properties: + containerPort: + description: Number of port to expose on the pod's + IP address. This must be a valid port number, + 0 < x < 65536. + format: int32 + type: integer + hostIP: + description: What host IP to bind the external + port to. + type: string + hostPort: + description: Number of port to expose on the host. + If specified, this must be a valid port number, + 0 < x < 65536. If HostNetwork is specified, + this must match ContainerPort. Most containers + do not need this. + format: int32 + type: integer + name: + description: If specified, this must be an IANA_SVC_NAME + and unique within the pod. Each named port in + a pod must have a unique name. Name for the + port that can be referred to by services. + type: string + protocol: + default: TCP + description: Protocol for port. Must be UDP, TCP, + or SCTP. Defaults to "TCP". + type: string + required: + - containerPort + type: object + type: array + x-kubernetes-list-map-keys: + - containerPort + - protocol + x-kubernetes-list-type: map + readinessProbe: + description: 'Periodic probe of container service readiness. + Container will be removed from service endpoints if + the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + properties: + exec: + description: Exec specifies the action to take. + properties: + command: + description: Command is the command line to + execute inside the container, the working + directory for the command is root ('/') in + the container's filesystem. The command is + simply exec'd, it is not run inside a shell, + so traditional shell instructions ('|', etc) + won't work. To use a shell, you need to explicitly + call out to that shell. Exit status of 0 is + treated as live/healthy and non-zero is unhealthy. + items: + type: string + type: array + type: object + failureThreshold: + description: Minimum consecutive failures for the + probe to be considered failed after having succeeded. + Defaults to 3. Minimum value is 1. + format: int32 + type: integer + grpc: + description: GRPC specifies an action involving + a GRPC port. This is an alpha field and requires + enabling GRPCContainerProbe feature gate. + properties: + port: + description: Port number of the gRPC service. + Number must be in the range 1 to 65535. + format: int32 + type: integer + service: + description: "Service is the name of the service + to place in the gRPC HealthCheckRequest (see + https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + \n If this is not specified, the default behavior + is defined by gRPC." + type: string + required: + - port + type: object + httpGet: + description: HTTPGet specifies the http request + to perform. + properties: + host: + description: Host name to connect to, defaults + to the pod IP. You probably want to set "Host" + in httpHeaders instead. + type: string + httpHeaders: + description: Custom headers to set in the request. + HTTP allows repeated headers. + items: + description: HTTPHeader describes a custom + header to be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: integer + - type: string + description: Name or number of the port to access + on the container. Number must be in the range + 1 to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: Scheme to use for connecting to + the host. Defaults to HTTP. + type: string + required: + - port + type: object + initialDelaySeconds: + description: 'Number of seconds after the container + has started before liveness probes are initiated. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + periodSeconds: + description: How often (in seconds) to perform the + probe. Default to 10 seconds. Minimum value is + 1. + format: int32 + type: integer + successThreshold: + description: Minimum consecutive successes for the + probe to be considered successful after having + failed. Defaults to 1. Must be 1 for liveness + and startup. Minimum value is 1. + format: int32 + type: integer + tcpSocket: + description: TCPSocket specifies an action involving + a TCP port. + properties: + host: + description: 'Optional: Host name to connect + to, defaults to the pod IP.' + type: string + port: + anyOf: + - type: integer + - type: string + description: Number or name of the port to access + on the container. Number must be in the range + 1 to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + terminationGracePeriodSeconds: + description: Optional duration in seconds the pod + needs to terminate gracefully upon probe failure. + The grace period is the duration in seconds after + the processes running in the pod are sent a termination + signal and the time when the processes are forcibly + halted with a kill signal. Set this value longer + than the expected cleanup time for your process. + If this value is nil, the pod's terminationGracePeriodSeconds + will be used. Otherwise, this value overrides + the value provided by the pod spec. Value must + be non-negative integer. The value zero indicates + stop immediately via the kill signal (no opportunity + to shut down). This is a beta field and requires + enabling ProbeTerminationGracePeriod feature gate. + Minimum value is 1. spec.terminationGracePeriodSeconds + is used if unset. + format: int64 + type: integer + timeoutSeconds: + description: 'Number of seconds after which the + probe times out. Defaults to 1 second. Minimum + value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + type: object + resources: + description: 'Compute Resources required by this container. + Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + properties: + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum amount + of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum amount + of compute resources required. If Requests is + omitted for a container, it defaults to Limits + if that is explicitly specified, otherwise to + an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + type: object + securityContext: + description: 'SecurityContext defines the security options + the container should be run with. If set, the fields + of SecurityContext override the equivalent fields + of PodSecurityContext. More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/' + properties: + allowPrivilegeEscalation: + description: 'AllowPrivilegeEscalation controls + whether a process can gain more privileges than + its parent process. This bool directly controls + if the no_new_privs flag will be set on the container + process. AllowPrivilegeEscalation is true always + when the container is: 1) run as Privileged 2) + has CAP_SYS_ADMIN Note that this field cannot + be set when spec.os.name is windows.' + type: boolean + capabilities: + description: The capabilities to add/drop when running + containers. Defaults to the default set of capabilities + granted by the container runtime. Note that this + field cannot be set when spec.os.name is windows. + properties: + add: + description: Added capabilities + items: + description: Capability represent POSIX capabilities + type + type: string + type: array + drop: + description: Removed capabilities + items: + description: Capability represent POSIX capabilities + type + type: string + type: array + type: object + privileged: + description: Run container in privileged mode. Processes + in privileged containers are essentially equivalent + to root on the host. Defaults to false. Note that + this field cannot be set when spec.os.name is + windows. + type: boolean + procMount: + description: procMount denotes the type of proc + mount to use for the containers. The default is + DefaultProcMount which uses the container runtime + defaults for readonly paths and masked paths. + This requires the ProcMountType feature flag to + be enabled. Note that this field cannot be set + when spec.os.name is windows. + type: string + readOnlyRootFilesystem: + description: Whether this container has a read-only + root filesystem. Default is false. Note that this + field cannot be set when spec.os.name is windows. + type: boolean + runAsGroup: + description: The GID to run the entrypoint of the + container process. Uses runtime default if unset. + May also be set in PodSecurityContext. If set + in both SecurityContext and PodSecurityContext, + the value specified in SecurityContext takes precedence. + Note that this field cannot be set when spec.os.name + is windows. + format: int64 + type: integer + runAsNonRoot: + description: Indicates that the container must run + as a non-root user. If true, the Kubelet will + validate the image at runtime to ensure that it + does not run as UID 0 (root) and fail to start + the container if it does. If unset or false, no + such validation will be performed. May also be + set in PodSecurityContext. If set in both SecurityContext + and PodSecurityContext, the value specified in + SecurityContext takes precedence. + type: boolean + runAsUser: + description: The UID to run the entrypoint of the + container process. Defaults to user specified + in image metadata if unspecified. May also be + set in PodSecurityContext. If set in both SecurityContext + and PodSecurityContext, the value specified in + SecurityContext takes precedence. Note that this + field cannot be set when spec.os.name is windows. + format: int64 + type: integer + seLinuxOptions: + description: The SELinux context to be applied to + the container. If unspecified, the container runtime + will allocate a random SELinux context for each + container. May also be set in PodSecurityContext. If + set in both SecurityContext and PodSecurityContext, + the value specified in SecurityContext takes precedence. + Note that this field cannot be set when spec.os.name + is windows. + properties: + level: + description: Level is SELinux level label that + applies to the container. + type: string + role: + description: Role is a SELinux role label that + applies to the container. + type: string + type: + description: Type is a SELinux type label that + applies to the container. + type: string + user: + description: User is a SELinux user label that + applies to the container. + type: string + type: object + seccompProfile: + description: The seccomp options to use by this + container. If seccomp options are provided at + both the pod & container level, the container + options override the pod options. Note that this + field cannot be set when spec.os.name is windows. + properties: + localhostProfile: + description: localhostProfile indicates a profile + defined in a file on the node should be used. + The profile must be preconfigured on the node + to work. Must be a descending path, relative + to the kubelet's configured seccomp profile + location. Must only be set if type is "Localhost". + type: string + type: + description: "type indicates which kind of seccomp + profile will be applied. Valid options are: + \n Localhost - a profile defined in a file + on the node should be used. RuntimeDefault + - the container runtime default profile should + be used. Unconfined - no profile should be + applied." + type: string + required: + - type + type: object + windowsOptions: + description: The Windows specific settings applied + to all containers. If unspecified, the options + from the PodSecurityContext will be used. If set + in both SecurityContext and PodSecurityContext, + the value specified in SecurityContext takes precedence. + Note that this field cannot be set when spec.os.name + is linux. + properties: + gmsaCredentialSpec: + description: GMSACredentialSpec is where the + GMSA admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) + inlines the contents of the GMSA credential + spec named by the GMSACredentialSpecName field. + type: string + gmsaCredentialSpecName: + description: GMSACredentialSpecName is the name + of the GMSA credential spec to use. + type: string + hostProcess: + description: HostProcess determines if a container + should be run as a 'Host Process' container. + This field is alpha-level and will only be + honored by components that enable the WindowsHostProcessContainers + feature flag. Setting this field without the + feature flag will result in errors when validating + the Pod. All of a Pod's containers must have + the same effective HostProcess value (it is + not allowed to have a mix of HostProcess containers + and non-HostProcess containers). In addition, + if HostProcess is true then HostNetwork must + also be set to true. + type: boolean + runAsUserName: + description: The UserName in Windows to run + the entrypoint of the container process. Defaults + to the user specified in image metadata if + unspecified. May also be set in PodSecurityContext. + If set in both SecurityContext and PodSecurityContext, + the value specified in SecurityContext takes + precedence. + type: string + type: object + type: object + startupProbe: + description: 'StartupProbe indicates that the Pod has + successfully initialized. If specified, no other probes + are executed until this completes successfully. If + this probe fails, the Pod will be restarted, just + as if the livenessProbe failed. This can be used to + provide different probe parameters at the beginning + of a Pod''s lifecycle, when it might take a long time + to load data or warm a cache, than during steady-state + operation. This cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + properties: + exec: + description: Exec specifies the action to take. + properties: + command: + description: Command is the command line to + execute inside the container, the working + directory for the command is root ('/') in + the container's filesystem. The command is + simply exec'd, it is not run inside a shell, + so traditional shell instructions ('|', etc) + won't work. To use a shell, you need to explicitly + call out to that shell. Exit status of 0 is + treated as live/healthy and non-zero is unhealthy. + items: + type: string + type: array + type: object + failureThreshold: + description: Minimum consecutive failures for the + probe to be considered failed after having succeeded. + Defaults to 3. Minimum value is 1. + format: int32 + type: integer + grpc: + description: GRPC specifies an action involving + a GRPC port. This is an alpha field and requires + enabling GRPCContainerProbe feature gate. + properties: + port: + description: Port number of the gRPC service. + Number must be in the range 1 to 65535. + format: int32 + type: integer + service: + description: "Service is the name of the service + to place in the gRPC HealthCheckRequest (see + https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + \n If this is not specified, the default behavior + is defined by gRPC." + type: string + required: + - port + type: object + httpGet: + description: HTTPGet specifies the http request + to perform. + properties: + host: + description: Host name to connect to, defaults + to the pod IP. You probably want to set "Host" + in httpHeaders instead. + type: string + httpHeaders: + description: Custom headers to set in the request. + HTTP allows repeated headers. + items: + description: HTTPHeader describes a custom + header to be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: integer + - type: string + description: Name or number of the port to access + on the container. Number must be in the range + 1 to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: Scheme to use for connecting to + the host. Defaults to HTTP. + type: string + required: + - port + type: object + initialDelaySeconds: + description: 'Number of seconds after the container + has started before liveness probes are initiated. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + periodSeconds: + description: How often (in seconds) to perform the + probe. Default to 10 seconds. Minimum value is + 1. + format: int32 + type: integer + successThreshold: + description: Minimum consecutive successes for the + probe to be considered successful after having + failed. Defaults to 1. Must be 1 for liveness + and startup. Minimum value is 1. + format: int32 + type: integer + tcpSocket: + description: TCPSocket specifies an action involving + a TCP port. + properties: + host: + description: 'Optional: Host name to connect + to, defaults to the pod IP.' + type: string + port: + anyOf: + - type: integer + - type: string + description: Number or name of the port to access + on the container. Number must be in the range + 1 to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + terminationGracePeriodSeconds: + description: Optional duration in seconds the pod + needs to terminate gracefully upon probe failure. + The grace period is the duration in seconds after + the processes running in the pod are sent a termination + signal and the time when the processes are forcibly + halted with a kill signal. Set this value longer + than the expected cleanup time for your process. + If this value is nil, the pod's terminationGracePeriodSeconds + will be used. Otherwise, this value overrides + the value provided by the pod spec. Value must + be non-negative integer. The value zero indicates + stop immediately via the kill signal (no opportunity + to shut down). This is a beta field and requires + enabling ProbeTerminationGracePeriod feature gate. + Minimum value is 1. spec.terminationGracePeriodSeconds + is used if unset. + format: int64 + type: integer + timeoutSeconds: + description: 'Number of seconds after which the + probe times out. Defaults to 1 second. Minimum + value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + type: object + stdin: + description: Whether this container should allocate + a buffer for stdin in the container runtime. If this + is not set, reads from stdin in the container will + always result in EOF. Default is false. + type: boolean + stdinOnce: + description: Whether the container runtime should close + the stdin channel after it has been opened by a single + attach. When stdin is true the stdin stream will remain + open across multiple attach sessions. If stdinOnce + is set to true, stdin is opened on container start, + is empty until the first client attaches to stdin, + and then remains open and accepts data until the client + disconnects, at which time stdin is closed and remains + closed until the container is restarted. If this flag + is false, a container processes that reads from stdin + will never receive an EOF. Default is false + type: boolean + terminationMessagePath: + description: 'Optional: Path at which the file to which + the container''s termination message will be written + is mounted into the container''s filesystem. Message + written is intended to be brief final status, such + as an assertion failure message. Will be truncated + by the node if greater than 4096 bytes. The total + message length across all containers will be limited + to 12kb. Defaults to /dev/termination-log. Cannot + be updated.' + type: string + terminationMessagePolicy: + description: Indicate how the termination message should + be populated. File will use the contents of terminationMessagePath + to populate the container status message on both success + and failure. FallbackToLogsOnError will use the last + chunk of container log output if the termination message + file is empty and the container exited with an error. + The log output is limited to 2048 bytes or 80 lines, + whichever is smaller. Defaults to File. Cannot be + updated. + type: string + tty: + description: Whether this container should allocate + a TTY for itself, also requires 'stdin' to be true. + Default is false. + type: boolean + volumeDevices: + description: volumeDevices is the list of block devices + to be used by the container. + items: + description: volumeDevice describes a mapping of a + raw block device within a container. + properties: + devicePath: + description: devicePath is the path inside of + the container that the device will be mapped + to. + type: string + name: + description: name must match the name of a persistentVolumeClaim + in the pod + type: string + required: + - devicePath + - name + type: object + type: array + volumeMounts: + description: Pod volumes to mount into the container's + filesystem. Cannot be updated. + items: + description: VolumeMount describes a mounting of a + Volume within a container. + properties: + mountPath: + description: Path within the container at which + the volume should be mounted. Must not contain + ':'. + type: string + mountPropagation: + description: mountPropagation determines how mounts + are propagated from the host to container and + the other way around. When not set, MountPropagationNone + is used. This field is beta in 1.10. + type: string + name: + description: This must match the Name of a Volume. + type: string + readOnly: + description: Mounted read-only if true, read-write + otherwise (false or unspecified). Defaults to + false. + type: boolean + subPath: + description: Path within the volume from which + the container's volume should be mounted. Defaults + to "" (volume's root). + type: string + subPathExpr: + description: Expanded path within the volume from + which the container's volume should be mounted. + Behaves similarly to SubPath but environment + variable references $(VAR_NAME) are expanded + using the container's environment. Defaults + to "" (volume's root). SubPathExpr and SubPath + are mutually exclusive. + type: string + required: + - mountPath + - name + type: object + type: array + workingDir: + description: Container's working directory. If not specified, + the container runtime's default will be used, which + might be configured in the container image. Cannot + be updated. + type: string + required: + - name + type: object + type: array + labels: + items: + type: string + type: array + nodeSelector: + additionalProperties: + type: string + type: object + organization: + pattern: ^[^/]+$ + type: string + repository: + pattern: ^[^/]+/[^/]+$ + type: string + resources: + description: ResourceRequirements describes the compute resource + requirements. + properties: + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum amount of compute + resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum amount of + compute resources required. If Requests is omitted for + a container, it defaults to Limits if that is explicitly + specified, otherwise to an implementation-defined value. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + type: object + runtimeClassName: + description: 'RuntimeClassName is the container runtime configuration + that containers should run under. More info: https://kubernetes.io/docs/concepts/containers/runtime-class' + type: string + securityContext: + description: PodSecurityContext holds pod-level security attributes + and common container settings. Some fields are also present + in container.securityContext. Field values of container.securityContext + take precedence over field values of PodSecurityContext. + properties: + fsGroup: + description: "A special supplemental group that applies + to all containers in a pod. Some volume types allow + the Kubelet to change the ownership of that volume to + be owned by the pod: \n 1. The owning GID will be the + FSGroup 2. The setgid bit is set (new files created + in the volume will be owned by FSGroup) 3. The permission + bits are OR'd with rw-rw---- \n If unset, the Kubelet + will not modify the ownership and permissions of any + volume. Note that this field cannot be set when spec.os.name + is windows." + format: int64 + type: integer + fsGroupChangePolicy: + description: 'fsGroupChangePolicy defines behavior of + changing ownership and permission of the volume before + being exposed inside Pod. This field will only apply + to volume types which support fsGroup based ownership(and + permissions). It will have no effect on ephemeral volume + types such as: secret, configmaps and emptydir. Valid + values are "OnRootMismatch" and "Always". If not specified, + "Always" is used. Note that this field cannot be set + when spec.os.name is windows.' + type: string + runAsGroup: + description: The GID to run the entrypoint of the container + process. Uses runtime default if unset. May also be + set in SecurityContext. If set in both SecurityContext + and PodSecurityContext, the value specified in SecurityContext + takes precedence for that container. Note that this + field cannot be set when spec.os.name is windows. + format: int64 + type: integer + runAsNonRoot: + description: Indicates that the container must run as + a non-root user. If true, the Kubelet will validate + the image at runtime to ensure that it does not run + as UID 0 (root) and fail to start the container if it + does. If unset or false, no such validation will be + performed. May also be set in SecurityContext. If set + in both SecurityContext and PodSecurityContext, the + value specified in SecurityContext takes precedence. + type: boolean + runAsUser: + description: The UID to run the entrypoint of the container + process. Defaults to user specified in image metadata + if unspecified. May also be set in SecurityContext. If + set in both SecurityContext and PodSecurityContext, + the value specified in SecurityContext takes precedence + for that container. Note that this field cannot be set + when spec.os.name is windows. + format: int64 + type: integer + seLinuxOptions: + description: The SELinux context to be applied to all + containers. If unspecified, the container runtime will + allocate a random SELinux context for each container. May + also be set in SecurityContext. If set in both SecurityContext + and PodSecurityContext, the value specified in SecurityContext + takes precedence for that container. Note that this + field cannot be set when spec.os.name is windows. + properties: + level: + description: Level is SELinux level label that applies + to the container. + type: string + role: + description: Role is a SELinux role label that applies + to the container. + type: string + type: + description: Type is a SELinux type label that applies + to the container. + type: string + user: + description: User is a SELinux user label that applies + to the container. + type: string + type: object + seccompProfile: + description: The seccomp options to use by the containers + in this pod. Note that this field cannot be set when + spec.os.name is windows. + properties: + localhostProfile: + description: localhostProfile indicates a profile + defined in a file on the node should be used. The + profile must be preconfigured on the node to work. + Must be a descending path, relative to the kubelet's + configured seccomp profile location. Must only be + set if type is "Localhost". + type: string + type: + description: "type indicates which kind of seccomp + profile will be applied. Valid options are: \n Localhost + - a profile defined in a file on the node should + be used. RuntimeDefault - the container runtime + default profile should be used. Unconfined - no + profile should be applied." + type: string + required: + - type + type: object + supplementalGroups: + description: A list of groups applied to the first process + run in each container, in addition to the container's + primary GID. If unspecified, no groups will be added + to any container. Note that this field cannot be set + when spec.os.name is windows. + items: + format: int64 + type: integer + type: array + sysctls: + description: Sysctls hold a list of namespaced sysctls + used for the pod. Pods with unsupported sysctls (by + the container runtime) might fail to launch. Note that + this field cannot be set when spec.os.name is windows. + items: + description: Sysctl defines a kernel parameter to be + set + properties: + name: + description: Name of a property to set + type: string + value: + description: Value of a property to set + type: string + required: + - name + - value + type: object + type: array + windowsOptions: + description: The Windows specific settings applied to + all containers. If unspecified, the options within a + container's SecurityContext will be used. If set in + both SecurityContext and PodSecurityContext, the value + specified in SecurityContext takes precedence. Note + that this field cannot be set when spec.os.name is linux. + properties: + gmsaCredentialSpec: + description: GMSACredentialSpec is where the GMSA + admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) + inlines the contents of the GMSA credential spec + named by the GMSACredentialSpecName field. + type: string + gmsaCredentialSpecName: + description: GMSACredentialSpecName is the name of + the GMSA credential spec to use. + type: string + hostProcess: + description: HostProcess determines if a container + should be run as a 'Host Process' container. This + field is alpha-level and will only be honored by + components that enable the WindowsHostProcessContainers + feature flag. Setting this field without the feature + flag will result in errors when validating the Pod. + All of a Pod's containers must have the same effective + HostProcess value (it is not allowed to have a mix + of HostProcess containers and non-HostProcess containers). In + addition, if HostProcess is true then HostNetwork + must also be set to true. + type: boolean + runAsUserName: + description: The UserName in Windows to run the entrypoint + of the container process. Defaults to the user specified + in image metadata if unspecified. May also be set + in PodSecurityContext. If set in both SecurityContext + and PodSecurityContext, the value specified in SecurityContext + takes precedence. + type: string + type: object + type: object + serviceAccountName: + type: string + sidecarContainers: + items: + description: A single application container that you want + to run within a pod. + properties: + args: + description: 'Arguments to the entrypoint. The docker + image''s CMD is used if this is not provided. Variable + references $(VAR_NAME) are expanded using the container''s + environment. If a variable cannot be resolved, the + reference in the input string will be unchanged. Double + $$ are reduced to a single $, which allows for escaping + the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce + the string literal "$(VAR_NAME)". Escaped references + will never be expanded, regardless of whether the + variable exists or not. Cannot be updated. More info: + https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' + items: + type: string + type: array + command: + description: 'Entrypoint array. Not executed within + a shell. The docker image''s ENTRYPOINT is used if + this is not provided. Variable references $(VAR_NAME) + are expanded using the container''s environment. If + a variable cannot be resolved, the reference in the + input string will be unchanged. Double $$ are reduced + to a single $, which allows for escaping the $(VAR_NAME) + syntax: i.e. "$$(VAR_NAME)" will produce the string + literal "$(VAR_NAME)". Escaped references will never + be expanded, regardless of whether the variable exists + or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' + items: + type: string + type: array + env: + description: List of environment variables to set in + the container. Cannot be updated. + items: + description: EnvVar represents an environment variable + present in a Container. + properties: + name: + description: Name of the environment variable. + Must be a C_IDENTIFIER. + type: string + value: + description: 'Variable references $(VAR_NAME) + are expanded using the previously defined environment + variables in the container and any service environment + variables. If a variable cannot be resolved, + the reference in the input string will be unchanged. + Double $$ are reduced to a single $, which allows + for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" + will produce the string literal "$(VAR_NAME)". + Escaped references will never be expanded, regardless + of whether the variable exists or not. Defaults + to "".' + type: string + valueFrom: + description: Source for the environment variable's + value. Cannot be used if value is not empty. + properties: + configMapKeyRef: + description: Selects a key of a ConfigMap. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the ConfigMap + or its key must be defined + type: boolean + required: + - key + type: object + fieldRef: + description: 'Selects a field of the pod: + supports metadata.name, metadata.namespace, + `metadata.labels['''']`, `metadata.annotations['''']`, + spec.nodeName, spec.serviceAccountName, + status.hostIP, status.podIP, status.podIPs.' + properties: + apiVersion: + description: Version of the schema the + FieldPath is written in terms of, defaults + to "v1". + type: string + fieldPath: + description: Path of the field to select + in the specified API version. + type: string + required: + - fieldPath + type: object + resourceFieldRef: + description: 'Selects a resource of the container: + only resources limits and requests (limits.cpu, + limits.memory, limits.ephemeral-storage, + requests.cpu, requests.memory and requests.ephemeral-storage) + are currently supported.' + properties: + containerName: + description: 'Container name: required + for volumes, optional for env vars' + type: string + divisor: + anyOf: + - type: integer + - type: string + description: Specifies the output format + of the exposed resources, defaults to + "1" + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + description: 'Required: resource to select' + type: string + required: + - resource + type: object + secretKeyRef: + description: Selects a key of a secret in + the pod's namespace + properties: + key: + description: The key of the secret to + select from. Must be a valid secret + key. + type: string + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + required: + - key + type: object + type: object + required: + - name + type: object + type: array + envFrom: + description: List of sources to populate environment + variables in the container. The keys defined within + a source must be a C_IDENTIFIER. All invalid keys + will be reported as an event when the container is + starting. When a key exists in multiple sources, the + value associated with the last source will take precedence. + Values defined by an Env with a duplicate key will + take precedence. Cannot be updated. + items: + description: EnvFromSource represents the source of + a set of ConfigMaps + properties: + configMapRef: + description: The ConfigMap to select from + properties: + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the ConfigMap + must be defined + type: boolean + type: object + prefix: + description: An optional identifier to prepend + to each key in the ConfigMap. Must be a C_IDENTIFIER. + type: string + secretRef: + description: The Secret to select from + properties: + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret must + be defined + type: boolean + type: object + type: object + type: array + image: + description: 'Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images + This field is optional to allow higher level config + management to default or override container images + in workload controllers like Deployments and StatefulSets.' + type: string + imagePullPolicy: + description: 'Image pull policy. One of Always, Never, + IfNotPresent. Defaults to Always if :latest tag is + specified, or IfNotPresent otherwise. Cannot be updated. + More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' + type: string + lifecycle: + description: Actions that the management system should + take in response to container lifecycle events. Cannot + be updated. + properties: + postStart: + description: 'PostStart is called immediately after + a container is created. If the handler fails, + the container is terminated and restarted according + to its restart policy. Other management of the + container blocks until the hook completes. More + info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' + properties: + exec: + description: Exec specifies the action to take. + properties: + command: + description: Command is the command line + to execute inside the container, the working + directory for the command is root ('/') + in the container's filesystem. The command + is simply exec'd, it is not run inside + a shell, so traditional shell instructions + ('|', etc) won't work. To use a shell, + you need to explicitly call out to that + shell. Exit status of 0 is treated as + live/healthy and non-zero is unhealthy. + items: + type: string + type: array + type: object + httpGet: + description: HTTPGet specifies the http request + to perform. + properties: + host: + description: Host name to connect to, defaults + to the pod IP. You probably want to set + "Host" in httpHeaders instead. + type: string + httpHeaders: + description: Custom headers to set in the + request. HTTP allows repeated headers. + items: + description: HTTPHeader describes a custom + header to be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP + server. + type: string + port: + anyOf: + - type: integer + - type: string + description: Name or number of the port + to access on the container. Number must + be in the range 1 to 65535. Name must + be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: Scheme to use for connecting + to the host. Defaults to HTTP. + type: string + required: + - port + type: object + tcpSocket: + description: Deprecated. TCPSocket is NOT supported + as a LifecycleHandler and kept for the backward + compatibility. There are no validation of + this field and lifecycle hooks will fail in + runtime when tcp handler is specified. + properties: + host: + description: 'Optional: Host name to connect + to, defaults to the pod IP.' + type: string + port: + anyOf: + - type: integer + - type: string + description: Number or name of the port + to access on the container. Number must + be in the range 1 to 65535. Name must + be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + type: object + preStop: + description: 'PreStop is called immediately before + a container is terminated due to an API request + or management event such as liveness/startup probe + failure, preemption, resource contention, etc. + The handler is not called if the container crashes + or exits. The Pod''s termination grace period + countdown begins before the PreStop hook is executed. + Regardless of the outcome of the handler, the + container will eventually terminate within the + Pod''s termination grace period (unless delayed + by finalizers). Other management of the container + blocks until the hook completes or until the termination + grace period is reached. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' + properties: + exec: + description: Exec specifies the action to take. + properties: + command: + description: Command is the command line + to execute inside the container, the working + directory for the command is root ('/') + in the container's filesystem. The command + is simply exec'd, it is not run inside + a shell, so traditional shell instructions + ('|', etc) won't work. To use a shell, + you need to explicitly call out to that + shell. Exit status of 0 is treated as + live/healthy and non-zero is unhealthy. + items: + type: string + type: array + type: object + httpGet: + description: HTTPGet specifies the http request + to perform. + properties: + host: + description: Host name to connect to, defaults + to the pod IP. You probably want to set + "Host" in httpHeaders instead. + type: string + httpHeaders: + description: Custom headers to set in the + request. HTTP allows repeated headers. + items: + description: HTTPHeader describes a custom + header to be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP + server. + type: string + port: + anyOf: + - type: integer + - type: string + description: Name or number of the port + to access on the container. Number must + be in the range 1 to 65535. Name must + be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: Scheme to use for connecting + to the host. Defaults to HTTP. + type: string + required: + - port + type: object + tcpSocket: + description: Deprecated. TCPSocket is NOT supported + as a LifecycleHandler and kept for the backward + compatibility. There are no validation of + this field and lifecycle hooks will fail in + runtime when tcp handler is specified. + properties: + host: + description: 'Optional: Host name to connect + to, defaults to the pod IP.' + type: string + port: + anyOf: + - type: integer + - type: string + description: Number or name of the port + to access on the container. Number must + be in the range 1 to 65535. Name must + be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + type: object + type: object + livenessProbe: + description: 'Periodic probe of container liveness. + Container will be restarted if the probe fails. Cannot + be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + properties: + exec: + description: Exec specifies the action to take. + properties: + command: + description: Command is the command line to + execute inside the container, the working + directory for the command is root ('/') in + the container's filesystem. The command is + simply exec'd, it is not run inside a shell, + so traditional shell instructions ('|', etc) + won't work. To use a shell, you need to explicitly + call out to that shell. Exit status of 0 is + treated as live/healthy and non-zero is unhealthy. + items: + type: string + type: array + type: object + failureThreshold: + description: Minimum consecutive failures for the + probe to be considered failed after having succeeded. + Defaults to 3. Minimum value is 1. + format: int32 + type: integer + grpc: + description: GRPC specifies an action involving + a GRPC port. This is an alpha field and requires + enabling GRPCContainerProbe feature gate. + properties: + port: + description: Port number of the gRPC service. + Number must be in the range 1 to 65535. + format: int32 + type: integer + service: + description: "Service is the name of the service + to place in the gRPC HealthCheckRequest (see + https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + \n If this is not specified, the default behavior + is defined by gRPC." + type: string + required: + - port + type: object + httpGet: + description: HTTPGet specifies the http request + to perform. + properties: + host: + description: Host name to connect to, defaults + to the pod IP. You probably want to set "Host" + in httpHeaders instead. + type: string + httpHeaders: + description: Custom headers to set in the request. + HTTP allows repeated headers. + items: + description: HTTPHeader describes a custom + header to be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: integer + - type: string + description: Name or number of the port to access + on the container. Number must be in the range + 1 to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: Scheme to use for connecting to + the host. Defaults to HTTP. + type: string + required: + - port + type: object + initialDelaySeconds: + description: 'Number of seconds after the container + has started before liveness probes are initiated. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + periodSeconds: + description: How often (in seconds) to perform the + probe. Default to 10 seconds. Minimum value is + 1. + format: int32 + type: integer + successThreshold: + description: Minimum consecutive successes for the + probe to be considered successful after having + failed. Defaults to 1. Must be 1 for liveness + and startup. Minimum value is 1. + format: int32 + type: integer + tcpSocket: + description: TCPSocket specifies an action involving + a TCP port. + properties: + host: + description: 'Optional: Host name to connect + to, defaults to the pod IP.' + type: string + port: + anyOf: + - type: integer + - type: string + description: Number or name of the port to access + on the container. Number must be in the range + 1 to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + terminationGracePeriodSeconds: + description: Optional duration in seconds the pod + needs to terminate gracefully upon probe failure. + The grace period is the duration in seconds after + the processes running in the pod are sent a termination + signal and the time when the processes are forcibly + halted with a kill signal. Set this value longer + than the expected cleanup time for your process. + If this value is nil, the pod's terminationGracePeriodSeconds + will be used. Otherwise, this value overrides + the value provided by the pod spec. Value must + be non-negative integer. The value zero indicates + stop immediately via the kill signal (no opportunity + to shut down). This is a beta field and requires + enabling ProbeTerminationGracePeriod feature gate. + Minimum value is 1. spec.terminationGracePeriodSeconds + is used if unset. + format: int64 + type: integer + timeoutSeconds: + description: 'Number of seconds after which the + probe times out. Defaults to 1 second. Minimum + value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + type: object + name: + description: Name of the container specified as a DNS_LABEL. + Each container in a pod must have a unique name (DNS_LABEL). + Cannot be updated. + type: string + ports: + description: List of ports to expose from the container. + Exposing a port here gives the system additional information + about the network connections a container uses, but + is primarily informational. Not specifying a port + here DOES NOT prevent that port from being exposed. + Any port which is listening on the default "0.0.0.0" + address inside a container will be accessible from + the network. Cannot be updated. + items: + description: ContainerPort represents a network port + in a single container. + properties: + containerPort: + description: Number of port to expose on the pod's + IP address. This must be a valid port number, + 0 < x < 65536. + format: int32 + type: integer + hostIP: + description: What host IP to bind the external + port to. + type: string + hostPort: + description: Number of port to expose on the host. + If specified, this must be a valid port number, + 0 < x < 65536. If HostNetwork is specified, + this must match ContainerPort. Most containers + do not need this. + format: int32 + type: integer + name: + description: If specified, this must be an IANA_SVC_NAME + and unique within the pod. Each named port in + a pod must have a unique name. Name for the + port that can be referred to by services. + type: string + protocol: + default: TCP + description: Protocol for port. Must be UDP, TCP, + or SCTP. Defaults to "TCP". + type: string + required: + - containerPort + type: object + type: array + x-kubernetes-list-map-keys: + - containerPort + - protocol + x-kubernetes-list-type: map + readinessProbe: + description: 'Periodic probe of container service readiness. + Container will be removed from service endpoints if + the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + properties: + exec: + description: Exec specifies the action to take. + properties: + command: + description: Command is the command line to + execute inside the container, the working + directory for the command is root ('/') in + the container's filesystem. The command is + simply exec'd, it is not run inside a shell, + so traditional shell instructions ('|', etc) + won't work. To use a shell, you need to explicitly + call out to that shell. Exit status of 0 is + treated as live/healthy and non-zero is unhealthy. + items: + type: string + type: array + type: object + failureThreshold: + description: Minimum consecutive failures for the + probe to be considered failed after having succeeded. + Defaults to 3. Minimum value is 1. + format: int32 + type: integer + grpc: + description: GRPC specifies an action involving + a GRPC port. This is an alpha field and requires + enabling GRPCContainerProbe feature gate. + properties: + port: + description: Port number of the gRPC service. + Number must be in the range 1 to 65535. + format: int32 + type: integer + service: + description: "Service is the name of the service + to place in the gRPC HealthCheckRequest (see + https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + \n If this is not specified, the default behavior + is defined by gRPC." + type: string + required: + - port + type: object + httpGet: + description: HTTPGet specifies the http request + to perform. + properties: + host: + description: Host name to connect to, defaults + to the pod IP. You probably want to set "Host" + in httpHeaders instead. + type: string + httpHeaders: + description: Custom headers to set in the request. + HTTP allows repeated headers. + items: + description: HTTPHeader describes a custom + header to be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: integer + - type: string + description: Name or number of the port to access + on the container. Number must be in the range + 1 to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: Scheme to use for connecting to + the host. Defaults to HTTP. + type: string + required: + - port + type: object + initialDelaySeconds: + description: 'Number of seconds after the container + has started before liveness probes are initiated. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + periodSeconds: + description: How often (in seconds) to perform the + probe. Default to 10 seconds. Minimum value is + 1. + format: int32 + type: integer + successThreshold: + description: Minimum consecutive successes for the + probe to be considered successful after having + failed. Defaults to 1. Must be 1 for liveness + and startup. Minimum value is 1. + format: int32 + type: integer + tcpSocket: + description: TCPSocket specifies an action involving + a TCP port. + properties: + host: + description: 'Optional: Host name to connect + to, defaults to the pod IP.' + type: string + port: + anyOf: + - type: integer + - type: string + description: Number or name of the port to access + on the container. Number must be in the range + 1 to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + terminationGracePeriodSeconds: + description: Optional duration in seconds the pod + needs to terminate gracefully upon probe failure. + The grace period is the duration in seconds after + the processes running in the pod are sent a termination + signal and the time when the processes are forcibly + halted with a kill signal. Set this value longer + than the expected cleanup time for your process. + If this value is nil, the pod's terminationGracePeriodSeconds + will be used. Otherwise, this value overrides + the value provided by the pod spec. Value must + be non-negative integer. The value zero indicates + stop immediately via the kill signal (no opportunity + to shut down). This is a beta field and requires + enabling ProbeTerminationGracePeriod feature gate. + Minimum value is 1. spec.terminationGracePeriodSeconds + is used if unset. + format: int64 + type: integer + timeoutSeconds: + description: 'Number of seconds after which the + probe times out. Defaults to 1 second. Minimum + value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + type: object + resources: + description: 'Compute Resources required by this container. + Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + properties: + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum amount + of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum amount + of compute resources required. If Requests is + omitted for a container, it defaults to Limits + if that is explicitly specified, otherwise to + an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + type: object + securityContext: + description: 'SecurityContext defines the security options + the container should be run with. If set, the fields + of SecurityContext override the equivalent fields + of PodSecurityContext. More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/' + properties: + allowPrivilegeEscalation: + description: 'AllowPrivilegeEscalation controls + whether a process can gain more privileges than + its parent process. This bool directly controls + if the no_new_privs flag will be set on the container + process. AllowPrivilegeEscalation is true always + when the container is: 1) run as Privileged 2) + has CAP_SYS_ADMIN Note that this field cannot + be set when spec.os.name is windows.' + type: boolean + capabilities: + description: The capabilities to add/drop when running + containers. Defaults to the default set of capabilities + granted by the container runtime. Note that this + field cannot be set when spec.os.name is windows. + properties: + add: + description: Added capabilities + items: + description: Capability represent POSIX capabilities + type + type: string + type: array + drop: + description: Removed capabilities + items: + description: Capability represent POSIX capabilities + type + type: string + type: array + type: object + privileged: + description: Run container in privileged mode. Processes + in privileged containers are essentially equivalent + to root on the host. Defaults to false. Note that + this field cannot be set when spec.os.name is + windows. + type: boolean + procMount: + description: procMount denotes the type of proc + mount to use for the containers. The default is + DefaultProcMount which uses the container runtime + defaults for readonly paths and masked paths. + This requires the ProcMountType feature flag to + be enabled. Note that this field cannot be set + when spec.os.name is windows. + type: string + readOnlyRootFilesystem: + description: Whether this container has a read-only + root filesystem. Default is false. Note that this + field cannot be set when spec.os.name is windows. + type: boolean + runAsGroup: + description: The GID to run the entrypoint of the + container process. Uses runtime default if unset. + May also be set in PodSecurityContext. If set + in both SecurityContext and PodSecurityContext, + the value specified in SecurityContext takes precedence. + Note that this field cannot be set when spec.os.name + is windows. + format: int64 + type: integer + runAsNonRoot: + description: Indicates that the container must run + as a non-root user. If true, the Kubelet will + validate the image at runtime to ensure that it + does not run as UID 0 (root) and fail to start + the container if it does. If unset or false, no + such validation will be performed. May also be + set in PodSecurityContext. If set in both SecurityContext + and PodSecurityContext, the value specified in + SecurityContext takes precedence. + type: boolean + runAsUser: + description: The UID to run the entrypoint of the + container process. Defaults to user specified + in image metadata if unspecified. May also be + set in PodSecurityContext. If set in both SecurityContext + and PodSecurityContext, the value specified in + SecurityContext takes precedence. Note that this + field cannot be set when spec.os.name is windows. + format: int64 + type: integer + seLinuxOptions: + description: The SELinux context to be applied to + the container. If unspecified, the container runtime + will allocate a random SELinux context for each + container. May also be set in PodSecurityContext. If + set in both SecurityContext and PodSecurityContext, + the value specified in SecurityContext takes precedence. + Note that this field cannot be set when spec.os.name + is windows. + properties: + level: + description: Level is SELinux level label that + applies to the container. + type: string + role: + description: Role is a SELinux role label that + applies to the container. + type: string + type: + description: Type is a SELinux type label that + applies to the container. + type: string + user: + description: User is a SELinux user label that + applies to the container. + type: string + type: object + seccompProfile: + description: The seccomp options to use by this + container. If seccomp options are provided at + both the pod & container level, the container + options override the pod options. Note that this + field cannot be set when spec.os.name is windows. + properties: + localhostProfile: + description: localhostProfile indicates a profile + defined in a file on the node should be used. + The profile must be preconfigured on the node + to work. Must be a descending path, relative + to the kubelet's configured seccomp profile + location. Must only be set if type is "Localhost". + type: string + type: + description: "type indicates which kind of seccomp + profile will be applied. Valid options are: + \n Localhost - a profile defined in a file + on the node should be used. RuntimeDefault + - the container runtime default profile should + be used. Unconfined - no profile should be + applied." + type: string + required: + - type + type: object + windowsOptions: + description: The Windows specific settings applied + to all containers. If unspecified, the options + from the PodSecurityContext will be used. If set + in both SecurityContext and PodSecurityContext, + the value specified in SecurityContext takes precedence. + Note that this field cannot be set when spec.os.name + is linux. + properties: + gmsaCredentialSpec: + description: GMSACredentialSpec is where the + GMSA admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) + inlines the contents of the GMSA credential + spec named by the GMSACredentialSpecName field. + type: string + gmsaCredentialSpecName: + description: GMSACredentialSpecName is the name + of the GMSA credential spec to use. + type: string + hostProcess: + description: HostProcess determines if a container + should be run as a 'Host Process' container. + This field is alpha-level and will only be + honored by components that enable the WindowsHostProcessContainers + feature flag. Setting this field without the + feature flag will result in errors when validating + the Pod. All of a Pod's containers must have + the same effective HostProcess value (it is + not allowed to have a mix of HostProcess containers + and non-HostProcess containers). In addition, + if HostProcess is true then HostNetwork must + also be set to true. + type: boolean + runAsUserName: + description: The UserName in Windows to run + the entrypoint of the container process. Defaults + to the user specified in image metadata if + unspecified. May also be set in PodSecurityContext. + If set in both SecurityContext and PodSecurityContext, + the value specified in SecurityContext takes + precedence. + type: string + type: object + type: object + startupProbe: + description: 'StartupProbe indicates that the Pod has + successfully initialized. If specified, no other probes + are executed until this completes successfully. If + this probe fails, the Pod will be restarted, just + as if the livenessProbe failed. This can be used to + provide different probe parameters at the beginning + of a Pod''s lifecycle, when it might take a long time + to load data or warm a cache, than during steady-state + operation. This cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + properties: + exec: + description: Exec specifies the action to take. + properties: + command: + description: Command is the command line to + execute inside the container, the working + directory for the command is root ('/') in + the container's filesystem. The command is + simply exec'd, it is not run inside a shell, + so traditional shell instructions ('|', etc) + won't work. To use a shell, you need to explicitly + call out to that shell. Exit status of 0 is + treated as live/healthy and non-zero is unhealthy. + items: + type: string + type: array + type: object + failureThreshold: + description: Minimum consecutive failures for the + probe to be considered failed after having succeeded. + Defaults to 3. Minimum value is 1. + format: int32 + type: integer + grpc: + description: GRPC specifies an action involving + a GRPC port. This is an alpha field and requires + enabling GRPCContainerProbe feature gate. + properties: + port: + description: Port number of the gRPC service. + Number must be in the range 1 to 65535. + format: int32 + type: integer + service: + description: "Service is the name of the service + to place in the gRPC HealthCheckRequest (see + https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + \n If this is not specified, the default behavior + is defined by gRPC." + type: string + required: + - port + type: object + httpGet: + description: HTTPGet specifies the http request + to perform. + properties: + host: + description: Host name to connect to, defaults + to the pod IP. You probably want to set "Host" + in httpHeaders instead. + type: string + httpHeaders: + description: Custom headers to set in the request. + HTTP allows repeated headers. + items: + description: HTTPHeader describes a custom + header to be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: integer + - type: string + description: Name or number of the port to access + on the container. Number must be in the range + 1 to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: Scheme to use for connecting to + the host. Defaults to HTTP. + type: string + required: + - port + type: object + initialDelaySeconds: + description: 'Number of seconds after the container + has started before liveness probes are initiated. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + periodSeconds: + description: How often (in seconds) to perform the + probe. Default to 10 seconds. Minimum value is + 1. + format: int32 + type: integer + successThreshold: + description: Minimum consecutive successes for the + probe to be considered successful after having + failed. Defaults to 1. Must be 1 for liveness + and startup. Minimum value is 1. + format: int32 + type: integer + tcpSocket: + description: TCPSocket specifies an action involving + a TCP port. + properties: + host: + description: 'Optional: Host name to connect + to, defaults to the pod IP.' + type: string + port: + anyOf: + - type: integer + - type: string + description: Number or name of the port to access + on the container. Number must be in the range + 1 to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + terminationGracePeriodSeconds: + description: Optional duration in seconds the pod + needs to terminate gracefully upon probe failure. + The grace period is the duration in seconds after + the processes running in the pod are sent a termination + signal and the time when the processes are forcibly + halted with a kill signal. Set this value longer + than the expected cleanup time for your process. + If this value is nil, the pod's terminationGracePeriodSeconds + will be used. Otherwise, this value overrides + the value provided by the pod spec. Value must + be non-negative integer. The value zero indicates + stop immediately via the kill signal (no opportunity + to shut down). This is a beta field and requires + enabling ProbeTerminationGracePeriod feature gate. + Minimum value is 1. spec.terminationGracePeriodSeconds + is used if unset. + format: int64 + type: integer + timeoutSeconds: + description: 'Number of seconds after which the + probe times out. Defaults to 1 second. Minimum + value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + type: object + stdin: + description: Whether this container should allocate + a buffer for stdin in the container runtime. If this + is not set, reads from stdin in the container will + always result in EOF. Default is false. + type: boolean + stdinOnce: + description: Whether the container runtime should close + the stdin channel after it has been opened by a single + attach. When stdin is true the stdin stream will remain + open across multiple attach sessions. If stdinOnce + is set to true, stdin is opened on container start, + is empty until the first client attaches to stdin, + and then remains open and accepts data until the client + disconnects, at which time stdin is closed and remains + closed until the container is restarted. If this flag + is false, a container processes that reads from stdin + will never receive an EOF. Default is false + type: boolean + terminationMessagePath: + description: 'Optional: Path at which the file to which + the container''s termination message will be written + is mounted into the container''s filesystem. Message + written is intended to be brief final status, such + as an assertion failure message. Will be truncated + by the node if greater than 4096 bytes. The total + message length across all containers will be limited + to 12kb. Defaults to /dev/termination-log. Cannot + be updated.' + type: string + terminationMessagePolicy: + description: Indicate how the termination message should + be populated. File will use the contents of terminationMessagePath + to populate the container status message on both success + and failure. FallbackToLogsOnError will use the last + chunk of container log output if the termination message + file is empty and the container exited with an error. + The log output is limited to 2048 bytes or 80 lines, + whichever is smaller. Defaults to File. Cannot be + updated. + type: string + tty: + description: Whether this container should allocate + a TTY for itself, also requires 'stdin' to be true. + Default is false. + type: boolean + volumeDevices: + description: volumeDevices is the list of block devices + to be used by the container. + items: + description: volumeDevice describes a mapping of a + raw block device within a container. + properties: + devicePath: + description: devicePath is the path inside of + the container that the device will be mapped + to. + type: string + name: + description: name must match the name of a persistentVolumeClaim + in the pod + type: string + required: + - devicePath + - name + type: object + type: array + volumeMounts: + description: Pod volumes to mount into the container's + filesystem. Cannot be updated. + items: + description: VolumeMount describes a mounting of a + Volume within a container. + properties: + mountPath: + description: Path within the container at which + the volume should be mounted. Must not contain + ':'. + type: string + mountPropagation: + description: mountPropagation determines how mounts + are propagated from the host to container and + the other way around. When not set, MountPropagationNone + is used. This field is beta in 1.10. + type: string + name: + description: This must match the Name of a Volume. + type: string + readOnly: + description: Mounted read-only if true, read-write + otherwise (false or unspecified). Defaults to + false. + type: boolean + subPath: + description: Path within the volume from which + the container's volume should be mounted. Defaults + to "" (volume's root). + type: string + subPathExpr: + description: Expanded path within the volume from + which the container's volume should be mounted. + Behaves similarly to SubPath but environment + variable references $(VAR_NAME) are expanded + using the container's environment. Defaults + to "" (volume's root). SubPathExpr and SubPath + are mutually exclusive. + type: string + required: + - mountPath + - name + type: object + type: array + workingDir: + description: Container's working directory. If not specified, + the container runtime's default will be used, which + might be configured in the container image. Cannot + be updated. + type: string + required: + - name + type: object + type: array + terminationGracePeriodSeconds: + format: int64 + type: integer + tolerations: + items: + description: The pod this Toleration is attached to tolerates + any taint that matches the triple using + the matching operator . + properties: + effect: + description: Effect indicates the taint effect to match. + Empty means match all taint effects. When specified, + allowed values are NoSchedule, PreferNoSchedule and + NoExecute. + type: string + key: + description: Key is the taint key that the toleration + applies to. Empty means match all taint keys. If the + key is empty, operator must be Exists; this combination + means to match all values and all keys. + type: string + operator: + description: Operator represents a key's relationship + to the value. Valid operators are Exists and Equal. + Defaults to Equal. Exists is equivalent to wildcard + for value, so that a pod can tolerate all taints of + a particular category. + type: string + tolerationSeconds: + description: TolerationSeconds represents the period + of time the toleration (which must be of effect NoExecute, + otherwise this field is ignored) tolerates the taint. + By default, it is not set, which means tolerate the + taint forever (do not evict). Zero and negative values + will be treated as 0 (evict immediately) by the system. + format: int64 + type: integer + value: + description: Value is the taint value the toleration + matches to. If the operator is Exists, the value should + be empty, otherwise just a regular string. + type: string + type: object + type: array + topologySpreadConstraint: + items: + description: TopologySpreadConstraint specifies how to spread + matching pods among the given topology. + properties: + labelSelector: + description: LabelSelector is used to find matching + pods. Pods that match this label selector are counted + to determine the number of pods in their corresponding + topology domain. + properties: + matchExpressions: + description: matchExpressions is a list of label + selector requirements. The requirements are ANDed. + items: + description: A label selector requirement is a + selector that contains values, a key, and an + operator that relates the key and values. + properties: + key: + description: key is the label key that the + selector applies to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are + In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. If the + operator is Exists or DoesNotExist, the + values array must be empty. This array is + replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is "In", + and the values array contains only "value". The + requirements are ANDed. + type: object + type: object + maxSkew: + description: 'MaxSkew describes the degree to which + pods may be unevenly distributed. When `whenUnsatisfiable=DoNotSchedule`, + it is the maximum permitted difference between the + number of matching pods in the target topology and + the global minimum. For example, in a 3-zone cluster, + MaxSkew is set to 1, and pods with the same labelSelector + spread as 1/1/0: | zone1 | zone2 | zone3 | | P | P | | + - if MaxSkew is 1, incoming pod can only be scheduled + to zone3 to become 1/1/1; scheduling it onto zone1(zone2) + would make the ActualSkew(2-0) on zone1(zone2) violate + MaxSkew(1). - if MaxSkew is 2, incoming pod can be + scheduled onto any zone. When `whenUnsatisfiable=ScheduleAnyway`, + it is used to give higher precedence to topologies + that satisfy it. It''s a required field. Default value + is 1 and 0 is not allowed.' + format: int32 + type: integer + topologyKey: + description: TopologyKey is the key of node labels. + Nodes that have a label with this key and identical + values are considered to be in the same topology. + We consider each as a "bucket", and try + to put balanced number of pods into each bucket. It's + a required field. + type: string + whenUnsatisfiable: + description: 'WhenUnsatisfiable indicates how to deal + with a pod if it doesn''t satisfy the spread constraint. + - DoNotSchedule (default) tells the scheduler not + to schedule it. - ScheduleAnyway tells the scheduler + to schedule the pod in any location, but giving + higher precedence to topologies that would help reduce + the skew. A constraint is considered "Unsatisfiable" + for an incoming pod if and only if every possible + node assignment for that pod would violate "MaxSkew" + on some topology. For example, in a 3-zone cluster, + MaxSkew is set to 1, and pods with the same labelSelector + spread as 3/1/1: | zone1 | zone2 | zone3 | | P P P + | P | P | If WhenUnsatisfiable is set to DoNotSchedule, + incoming pod can only be scheduled to zone2(zone3) + to become 3/2/1(3/1/2) as ActualSkew(2-1) on zone2(zone3) + satisfies MaxSkew(1). In other words, the cluster + can still be imbalanced, but scheduler won''t make + it *more* imbalanced. It''s a required field.' + type: string + required: + - maxSkew + - topologyKey + - whenUnsatisfiable + type: object + type: array + volumeMounts: + items: + description: VolumeMount describes a mounting of a Volume + within a container. + properties: + mountPath: + description: Path within the container at which the + volume should be mounted. Must not contain ':'. + type: string + mountPropagation: + description: mountPropagation determines how mounts + are propagated from the host to container and the + other way around. When not set, MountPropagationNone + is used. This field is beta in 1.10. + type: string + name: + description: This must match the Name of a Volume. + type: string + readOnly: + description: Mounted read-only if true, read-write otherwise + (false or unspecified). Defaults to false. + type: boolean + subPath: + description: Path within the volume from which the container's + volume should be mounted. Defaults to "" (volume's + root). + type: string + subPathExpr: + description: Expanded path within the volume from which + the container's volume should be mounted. Behaves + similarly to SubPath but environment variable references + $(VAR_NAME) are expanded using the container's environment. + Defaults to "" (volume's root). SubPathExpr and SubPath + are mutually exclusive. + type: string + required: + - mountPath + - name + type: object + type: array + volumeSizeLimit: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + volumeStorageMedium: + type: string + volumes: + items: + description: Volume represents a named volume in a pod that + may be accessed by any container in the pod. + properties: + awsElasticBlockStore: + description: 'AWSElasticBlockStore represents an AWS + Disk resource that is attached to a kubelet''s host + machine and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' + properties: + fsType: + description: 'Filesystem type of the volume that + you want to mount. Tip: Ensure that the filesystem + type is supported by the host operating system. + Examples: "ext4", "xfs", "ntfs". Implicitly inferred + to be "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore + TODO: how do we prevent errors in the filesystem + from compromising the machine' + type: string + partition: + description: 'The partition in the volume that you + want to mount. If omitted, the default is to mount + by volume name. Examples: For volume /dev/sda1, + you specify the partition as "1". Similarly, the + volume partition for /dev/sda is "0" (or you can + leave the property empty).' + format: int32 + type: integer + readOnly: + description: 'Specify "true" to force and set the + ReadOnly property in VolumeMounts to "true". If + omitted, the default is "false". More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' + type: boolean + volumeID: + description: 'Unique ID of the persistent disk resource + in AWS (Amazon EBS volume). More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' + type: string + required: + - volumeID + type: object + azureDisk: + description: AzureDisk represents an Azure Data Disk + mount on the host and bind mount to the pod. + properties: + cachingMode: + description: 'Host Caching mode: None, Read Only, + Read Write.' + type: string + diskName: + description: The Name of the data disk in the blob + storage + type: string + diskURI: + description: The URI the data disk in the blob storage + type: string + fsType: + description: Filesystem type to mount. Must be a + filesystem type supported by the host operating + system. Ex. "ext4", "xfs", "ntfs". Implicitly + inferred to be "ext4" if unspecified. + type: string + kind: + description: 'Expected values Shared: multiple blob + disks per storage account Dedicated: single blob + disk per storage account Managed: azure managed + data disk (only in managed availability set). + defaults to shared' + type: string + readOnly: + description: Defaults to false (read/write). ReadOnly + here will force the ReadOnly setting in VolumeMounts. + type: boolean + required: + - diskName + - diskURI + type: object + azureFile: + description: AzureFile represents an Azure File Service + mount on the host and bind mount to the pod. + properties: + readOnly: + description: Defaults to false (read/write). ReadOnly + here will force the ReadOnly setting in VolumeMounts. + type: boolean + secretName: + description: the name of secret that contains Azure + Storage Account Name and Key + type: string + shareName: + description: Share Name + type: string + required: + - secretName + - shareName + type: object + cephfs: + description: CephFS represents a Ceph FS mount on the + host that shares a pod's lifetime + properties: + monitors: + description: 'Required: Monitors is a collection + of Ceph monitors More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' + items: + type: string + type: array + path: + description: 'Optional: Used as the mounted root, + rather than the full Ceph tree, default is /' + type: string + readOnly: + description: 'Optional: Defaults to false (read/write). + ReadOnly here will force the ReadOnly setting + in VolumeMounts. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' + type: boolean + secretFile: + description: 'Optional: SecretFile is the path to + key ring for User, default is /etc/ceph/user.secret + More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' + type: string + secretRef: + description: 'Optional: SecretRef is reference to + the authentication secret for User, default is + empty. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' + properties: + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + type: object + user: + description: 'Optional: User is the rados user name, + default is admin More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' + type: string + required: + - monitors + type: object + cinder: + description: 'Cinder represents a cinder volume attached + and mounted on kubelets host machine. More info: https://examples.k8s.io/mysql-cinder-pd/README.md' + properties: + fsType: + description: 'Filesystem type to mount. Must be + a filesystem type supported by the host operating + system. Examples: "ext4", "xfs", "ntfs". Implicitly + inferred to be "ext4" if unspecified. More info: + https://examples.k8s.io/mysql-cinder-pd/README.md' + type: string + readOnly: + description: 'Optional: Defaults to false (read/write). + ReadOnly here will force the ReadOnly setting + in VolumeMounts. More info: https://examples.k8s.io/mysql-cinder-pd/README.md' + type: boolean + secretRef: + description: 'Optional: points to a secret object + containing parameters used to connect to OpenStack.' + properties: + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + type: object + volumeID: + description: 'volume id used to identify the volume + in cinder. More info: https://examples.k8s.io/mysql-cinder-pd/README.md' + type: string + required: + - volumeID + type: object + configMap: + description: ConfigMap represents a configMap that should + populate this volume + properties: + defaultMode: + description: 'Optional: mode bits used to set permissions + on created files by default. Must be an octal + value between 0000 and 0777 or a decimal value + between 0 and 511. YAML accepts both octal and + decimal values, JSON requires decimal values for + mode bits. Defaults to 0644. Directories within + the path are not affected by this setting. This + might be in conflict with other options that affect + the file mode, like fsGroup, and the result can + be other mode bits set.' + format: int32 + type: integer + items: + description: If unspecified, each key-value pair + in the Data field of the referenced ConfigMap + will be projected into the volume as a file whose + name is the key and content is the value. If specified, + the listed keys will be projected into the specified + paths, and unlisted keys will not be present. + If a key is specified which is not present in + the ConfigMap, the volume setup will error unless + it is marked optional. Paths must be relative + and may not contain the '..' path or start with + '..'. + items: + description: Maps a string key to a path within + a volume. + properties: + key: + description: The key to project. + type: string + mode: + description: 'Optional: mode bits used to + set permissions on this file. Must be an + octal value between 0000 and 0777 or a decimal + value between 0 and 511. YAML accepts both + octal and decimal values, JSON requires + decimal values for mode bits. If not specified, + the volume defaultMode will be used. This + might be in conflict with other options + that affect the file mode, like fsGroup, + and the result can be other mode bits set.' + format: int32 + type: integer + path: + description: The relative path of the file + to map the key to. May not be an absolute + path. May not contain the path element '..'. + May not start with the string '..'. + type: string + required: + - key + - path + type: object + type: array + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether the ConfigMap or its + keys must be defined + type: boolean + type: object + csi: + description: CSI (Container Storage Interface) represents + ephemeral storage that is handled by certain external + CSI drivers (Beta feature). + properties: + driver: + description: Driver is the name of the CSI driver + that handles this volume. Consult with your admin + for the correct name as registered in the cluster. + type: string + fsType: + description: Filesystem type to mount. Ex. "ext4", + "xfs", "ntfs". If not provided, the empty value + is passed to the associated CSI driver which will + determine the default filesystem to apply. + type: string + nodePublishSecretRef: + description: NodePublishSecretRef is a reference + to the secret object containing sensitive information + to pass to the CSI driver to complete the CSI + NodePublishVolume and NodeUnpublishVolume calls. + This field is optional, and may be empty if no + secret is required. If the secret object contains + more than one secret, all secret references are + passed. + properties: + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + type: object + readOnly: + description: Specifies a read-only configuration + for the volume. Defaults to false (read/write). + type: boolean + volumeAttributes: + additionalProperties: + type: string + description: VolumeAttributes stores driver-specific + properties that are passed to the CSI driver. + Consult your driver's documentation for supported + values. + type: object + required: + - driver + type: object + downwardAPI: + description: DownwardAPI represents downward API about + the pod that should populate this volume + properties: + defaultMode: + description: 'Optional: mode bits to use on created + files by default. Must be a Optional: mode bits + used to set permissions on created files by default. + Must be an octal value between 0000 and 0777 or + a decimal value between 0 and 511. YAML accepts + both octal and decimal values, JSON requires decimal + values for mode bits. Defaults to 0644. Directories + within the path are not affected by this setting. + This might be in conflict with other options that + affect the file mode, like fsGroup, and the result + can be other mode bits set.' + format: int32 + type: integer + items: + description: Items is a list of downward API volume + file + items: + description: DownwardAPIVolumeFile represents + information to create the file containing the + pod field + properties: + fieldRef: + description: 'Required: Selects a field of + the pod: only annotations, labels, name + and namespace are supported.' + properties: + apiVersion: + description: Version of the schema the + FieldPath is written in terms of, defaults + to "v1". + type: string + fieldPath: + description: Path of the field to select + in the specified API version. + type: string + required: + - fieldPath + type: object + mode: + description: 'Optional: mode bits used to + set permissions on this file, must be an + octal value between 0000 and 0777 or a decimal + value between 0 and 511. YAML accepts both + octal and decimal values, JSON requires + decimal values for mode bits. If not specified, + the volume defaultMode will be used. This + might be in conflict with other options + that affect the file mode, like fsGroup, + and the result can be other mode bits set.' + format: int32 + type: integer + path: + description: 'Required: Path is the relative + path name of the file to be created. Must + not be absolute or contain the ''..'' path. + Must be utf-8 encoded. The first item of + the relative path must not start with ''..''' + type: string + resourceFieldRef: + description: 'Selects a resource of the container: + only resources limits and requests (limits.cpu, + limits.memory, requests.cpu and requests.memory) + are currently supported.' + properties: + containerName: + description: 'Container name: required + for volumes, optional for env vars' + type: string + divisor: + anyOf: + - type: integer + - type: string + description: Specifies the output format + of the exposed resources, defaults to + "1" + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + description: 'Required: resource to select' + type: string + required: + - resource + type: object + required: + - path + type: object + type: array + type: object + emptyDir: + description: 'EmptyDir represents a temporary directory + that shares a pod''s lifetime. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' + properties: + medium: + description: 'What type of storage medium should + back this directory. The default is "" which means + to use the node''s default medium. Must be an + empty string (default) or Memory. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' + type: string + sizeLimit: + anyOf: + - type: integer + - type: string + description: 'Total amount of local storage required + for this EmptyDir volume. The size limit is also + applicable for memory medium. The maximum usage + on memory medium EmptyDir would be the minimum + value between the SizeLimit specified here and + the sum of memory limits of all containers in + a pod. The default is nil which means that the + limit is undefined. More info: http://kubernetes.io/docs/user-guide/volumes#emptydir' + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + ephemeral: + description: "Ephemeral represents a volume that is + handled by a cluster storage driver. The volume's + lifecycle is tied to the pod that defines it - it + will be created before the pod starts, and deleted + when the pod is removed. \n Use this if: a) the volume + is only needed while the pod runs, b) features of + normal volumes like restoring from snapshot or capacity + \ tracking are needed, c) the storage driver is + specified through a storage class, and d) the storage + driver supports dynamic volume provisioning through + \ a PersistentVolumeClaim (see EphemeralVolumeSource + for more information on the connection between + this volume type and PersistentVolumeClaim). \n + Use PersistentVolumeClaim or one of the vendor-specific + APIs for volumes that persist for longer than the + lifecycle of an individual pod. \n Use CSI for light-weight + local ephemeral volumes if the CSI driver is meant + to be used that way - see the documentation of the + driver for more information. \n A pod can use both + types of ephemeral volumes and persistent volumes + at the same time." + properties: + volumeClaimTemplate: + description: "Will be used to create a stand-alone + PVC to provision the volume. The pod in which + this EphemeralVolumeSource is embedded will be + the owner of the PVC, i.e. the PVC will be deleted + together with the pod. The name of the PVC will + be `-` where `` + is the name from the `PodSpec.Volumes` array entry. + Pod validation will reject the pod if the concatenated + name is not valid for a PVC (for example, too + long). \n An existing PVC with that name that + is not owned by the pod will *not* be used for + the pod to avoid using an unrelated volume by + mistake. Starting the pod is then blocked until + the unrelated PVC is removed. If such a pre-created + PVC is meant to be used by the pod, the PVC has + to updated with an owner reference to the pod + once the pod exists. Normally this should not + be necessary, but it may be useful when manually + reconstructing a broken cluster. \n This field + is read-only and no changes will be made by Kubernetes + to the PVC after it has been created. \n Required, + must not be nil." + properties: + metadata: + description: May contain labels and annotations + that will be copied into the PVC when creating + it. No other fields are allowed and will be + rejected during validation. + properties: + annotations: + additionalProperties: + type: string + type: object + finalizers: + items: + type: string + type: array + labels: + additionalProperties: + type: string + type: object + name: + type: string + namespace: + type: string + type: object + spec: + description: The specification for the PersistentVolumeClaim. + The entire content is copied unchanged into + the PVC that gets created from this template. + The same fields as in a PersistentVolumeClaim + are also valid here. + properties: + accessModes: + description: 'AccessModes contains the desired + access modes the volume should have. More + info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1' + items: + type: string + type: array + dataSource: + description: 'This field can be used to + specify either: * An existing VolumeSnapshot + object (snapshot.storage.k8s.io/VolumeSnapshot) + * An existing PVC (PersistentVolumeClaim) + If the provisioner or an external controller + can support the specified data source, + it will create a new volume based on the + contents of the specified data source. + If the AnyVolumeDataSource feature gate + is enabled, this field will always have + the same contents as the DataSourceRef + field.' + properties: + apiGroup: + description: APIGroup is the group for + the resource being referenced. If + APIGroup is not specified, the specified + Kind must be in the core API group. + For any other third-party types, APIGroup + is required. + type: string + kind: + description: Kind is the type of resource + being referenced + type: string + name: + description: Name is the name of resource + being referenced + type: string + required: + - kind + - name + type: object + dataSourceRef: + description: 'Specifies the object from + which to populate the volume with data, + if a non-empty volume is desired. This + may be any local object from a non-empty + API group (non core object) or a PersistentVolumeClaim + object. When this field is specified, + volume binding will only succeed if the + type of the specified object matches some + installed volume populator or dynamic + provisioner. This field will replace the + functionality of the DataSource field + and as such if both fields are non-empty, + they must have the same value. For backwards + compatibility, both fields (DataSource + and DataSourceRef) will be set to the + same value automatically if one of them + is empty and the other is non-empty. There + are two important differences between + DataSource and DataSourceRef: * While + DataSource only allows two specific types + of objects, DataSourceRef allows any + non-core object, as well as PersistentVolumeClaim + objects. * While DataSource ignores disallowed + values (dropping them), DataSourceRef preserves + all values, and generates an error if + a disallowed value is specified. (Alpha) + Using this field requires the AnyVolumeDataSource + feature gate to be enabled.' + properties: + apiGroup: + description: APIGroup is the group for + the resource being referenced. If + APIGroup is not specified, the specified + Kind must be in the core API group. + For any other third-party types, APIGroup + is required. + type: string + kind: + description: Kind is the type of resource + being referenced + type: string + name: + description: Name is the name of resource + being referenced + type: string + required: + - kind + - name + type: object + resources: + description: 'Resources represents the minimum + resources the volume should have. If RecoverVolumeExpansionFailure + feature is enabled users are allowed to + specify resource requirements that are + lower than previous value but must still + be higher than capacity recorded in the + status field of the claim. More info: + https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources' + properties: + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum + amount of compute resources allowed. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the + minimum amount of compute resources + required. If Requests is omitted for + a container, it defaults to Limits + if that is explicitly specified, otherwise + to an implementation-defined value. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + type: object + selector: + description: A label query over volumes + to consider for binding. + properties: + matchExpressions: + description: matchExpressions is a list + of label selector requirements. The + requirements are ANDed. + items: + description: A label selector requirement + is a selector that contains values, + a key, and an operator that relates + the key and values. + properties: + key: + description: key is the label + key that the selector applies + to. + type: string + operator: + description: operator represents + a key's relationship to a set + of values. Valid operators are + In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array + of string values. If the operator + is In or NotIn, the values array + must be non-empty. If the operator + is Exists or DoesNotExist, the + values array must be empty. + This array is replaced during + a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of + {key,value} pairs. A single {key,value} + in the matchLabels map is equivalent + to an element of matchExpressions, + whose key field is "key", the operator + is "In", and the values array contains + only "value". The requirements are + ANDed. + type: object + type: object + storageClassName: + description: 'Name of the StorageClass required + by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1' + type: string + volumeMode: + description: volumeMode defines what type + of volume is required by the claim. Value + of Filesystem is implied when not included + in claim spec. + type: string + volumeName: + description: VolumeName is the binding reference + to the PersistentVolume backing this claim. + type: string + type: object + required: + - spec + type: object + type: object + fc: + description: FC represents a Fibre Channel resource + that is attached to a kubelet's host machine and then + exposed to the pod. + properties: + fsType: + description: 'Filesystem type to mount. Must be + a filesystem type supported by the host operating + system. Ex. "ext4", "xfs", "ntfs". Implicitly + inferred to be "ext4" if unspecified. TODO: how + do we prevent errors in the filesystem from compromising + the machine' + type: string + lun: + description: 'Optional: FC target lun number' + format: int32 + type: integer + readOnly: + description: 'Optional: Defaults to false (read/write). + ReadOnly here will force the ReadOnly setting + in VolumeMounts.' + type: boolean + targetWWNs: + description: 'Optional: FC target worldwide names + (WWNs)' + items: + type: string + type: array + wwids: + description: 'Optional: FC volume world wide identifiers + (wwids) Either wwids or combination of targetWWNs + and lun must be set, but not both simultaneously.' + items: + type: string + type: array + type: object + flexVolume: + description: FlexVolume represents a generic volume + resource that is provisioned/attached using an exec + based plugin. + properties: + driver: + description: Driver is the name of the driver to + use for this volume. + type: string + fsType: + description: Filesystem type to mount. Must be a + filesystem type supported by the host operating + system. Ex. "ext4", "xfs", "ntfs". The default + filesystem depends on FlexVolume script. + type: string + options: + additionalProperties: + type: string + description: 'Optional: Extra command options if + any.' + type: object + readOnly: + description: 'Optional: Defaults to false (read/write). + ReadOnly here will force the ReadOnly setting + in VolumeMounts.' + type: boolean + secretRef: + description: 'Optional: SecretRef is reference to + the secret object containing sensitive information + to pass to the plugin scripts. This may be empty + if no secret object is specified. If the secret + object contains more than one secret, all secrets + are passed to the plugin scripts.' + properties: + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + type: object + required: + - driver + type: object + flocker: + description: Flocker represents a Flocker volume attached + to a kubelet's host machine. This depends on the Flocker + control service being running + properties: + datasetName: + description: Name of the dataset stored as metadata + -> name on the dataset for Flocker should be considered + as deprecated + type: string + datasetUUID: + description: UUID of the dataset. This is unique + identifier of a Flocker dataset + type: string + type: object + gcePersistentDisk: + description: 'GCEPersistentDisk represents a GCE Disk + resource that is attached to a kubelet''s host machine + and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' + properties: + fsType: + description: 'Filesystem type of the volume that + you want to mount. Tip: Ensure that the filesystem + type is supported by the host operating system. + Examples: "ext4", "xfs", "ntfs". Implicitly inferred + to be "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk + TODO: how do we prevent errors in the filesystem + from compromising the machine' + type: string + partition: + description: 'The partition in the volume that you + want to mount. If omitted, the default is to mount + by volume name. Examples: For volume /dev/sda1, + you specify the partition as "1". Similarly, the + volume partition for /dev/sda is "0" (or you can + leave the property empty). More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' + format: int32 + type: integer + pdName: + description: 'Unique name of the PD resource in + GCE. Used to identify the disk in GCE. More info: + https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' + type: string + readOnly: + description: 'ReadOnly here will force the ReadOnly + setting in VolumeMounts. Defaults to false. More + info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' + type: boolean + required: + - pdName + type: object + gitRepo: + description: 'GitRepo represents a git repository at + a particular revision. DEPRECATED: GitRepo is deprecated. + To provision a container with a git repo, mount an + EmptyDir into an InitContainer that clones the repo + using git, then mount the EmptyDir into the Pod''s + container.' + properties: + directory: + description: Target directory name. Must not contain + or start with '..'. If '.' is supplied, the volume + directory will be the git repository. Otherwise, + if specified, the volume will contain the git + repository in the subdirectory with the given + name. + type: string + repository: + description: Repository URL + type: string + revision: + description: Commit hash for the specified revision. + type: string + required: + - repository + type: object + glusterfs: + description: 'Glusterfs represents a Glusterfs mount + on the host that shares a pod''s lifetime. More info: + https://examples.k8s.io/volumes/glusterfs/README.md' + properties: + endpoints: + description: 'EndpointsName is the endpoint name + that details Glusterfs topology. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' + type: string + path: + description: 'Path is the Glusterfs volume path. + More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' + type: string + readOnly: + description: 'ReadOnly here will force the Glusterfs + volume to be mounted with read-only permissions. + Defaults to false. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' + type: boolean + required: + - endpoints + - path + type: object + hostPath: + description: 'HostPath represents a pre-existing file + or directory on the host machine that is directly + exposed to the container. This is generally used for + system agents or other privileged things that are + allowed to see the host machine. Most containers will + NOT need this. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath + --- TODO(jonesdl) We need to restrict who can use + host directory mounts and who can/can not mount host + directories as read/write.' + properties: + path: + description: 'Path of the directory on the host. + If the path is a symlink, it will follow the link + to the real path. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath' + type: string + type: + description: 'Type for HostPath Volume Defaults + to "" More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath' + type: string + required: + - path + type: object + iscsi: + description: 'ISCSI represents an ISCSI Disk resource + that is attached to a kubelet''s host machine and + then exposed to the pod. More info: https://examples.k8s.io/volumes/iscsi/README.md' + properties: + chapAuthDiscovery: + description: whether support iSCSI Discovery CHAP + authentication + type: boolean + chapAuthSession: + description: whether support iSCSI Session CHAP + authentication + type: boolean + fsType: + description: 'Filesystem type of the volume that + you want to mount. Tip: Ensure that the filesystem + type is supported by the host operating system. + Examples: "ext4", "xfs", "ntfs". Implicitly inferred + to be "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi + TODO: how do we prevent errors in the filesystem + from compromising the machine' + type: string + initiatorName: + description: Custom iSCSI Initiator Name. If initiatorName + is specified with iscsiInterface simultaneously, + new iSCSI interface : + will be created for the connection. + type: string + iqn: + description: Target iSCSI Qualified Name. + type: string + iscsiInterface: + description: iSCSI Interface Name that uses an iSCSI + transport. Defaults to 'default' (tcp). + type: string + lun: + description: iSCSI Target Lun number. + format: int32 + type: integer + portals: + description: iSCSI Target Portal List. The portal + is either an IP or ip_addr:port if the port is + other than default (typically TCP ports 860 and + 3260). + items: + type: string + type: array + readOnly: + description: ReadOnly here will force the ReadOnly + setting in VolumeMounts. Defaults to false. + type: boolean + secretRef: + description: CHAP Secret for iSCSI target and initiator + authentication + properties: + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + type: object + targetPortal: + description: iSCSI Target Portal. The Portal is + either an IP or ip_addr:port if the port is other + than default (typically TCP ports 860 and 3260). + type: string + required: + - iqn + - lun + - targetPortal + type: object + name: + description: 'Volume''s name. Must be a DNS_LABEL and + unique within the pod. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + nfs: + description: 'NFS represents an NFS mount on the host + that shares a pod''s lifetime More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' + properties: + path: + description: 'Path that is exported by the NFS server. + More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' + type: string + readOnly: + description: 'ReadOnly here will force the NFS export + to be mounted with read-only permissions. Defaults + to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' + type: boolean + server: + description: 'Server is the hostname or IP address + of the NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' + type: string + required: + - path + - server + type: object + persistentVolumeClaim: + description: 'PersistentVolumeClaimVolumeSource represents + a reference to a PersistentVolumeClaim in the same + namespace. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' + properties: + claimName: + description: 'ClaimName is the name of a PersistentVolumeClaim + in the same namespace as the pod using this volume. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' + type: string + readOnly: + description: Will force the ReadOnly setting in + VolumeMounts. Default false. + type: boolean + required: + - claimName + type: object + photonPersistentDisk: + description: PhotonPersistentDisk represents a PhotonController + persistent disk attached and mounted on kubelets host + machine + properties: + fsType: + description: Filesystem type to mount. Must be a + filesystem type supported by the host operating + system. Ex. "ext4", "xfs", "ntfs". Implicitly + inferred to be "ext4" if unspecified. + type: string + pdID: + description: ID that identifies Photon Controller + persistent disk + type: string + required: + - pdID + type: object + portworxVolume: + description: PortworxVolume represents a portworx volume + attached and mounted on kubelets host machine + properties: + fsType: + description: FSType represents the filesystem type + to mount Must be a filesystem type supported by + the host operating system. Ex. "ext4", "xfs". + Implicitly inferred to be "ext4" if unspecified. + type: string + readOnly: + description: Defaults to false (read/write). ReadOnly + here will force the ReadOnly setting in VolumeMounts. + type: boolean + volumeID: + description: VolumeID uniquely identifies a Portworx + volume + type: string + required: + - volumeID + type: object + projected: + description: Items for all in one resources secrets, + configmaps, and downward API + properties: + defaultMode: + description: Mode bits used to set permissions on + created files by default. Must be an octal value + between 0000 and 0777 or a decimal value between + 0 and 511. YAML accepts both octal and decimal + values, JSON requires decimal values for mode + bits. Directories within the path are not affected + by this setting. This might be in conflict with + other options that affect the file mode, like + fsGroup, and the result can be other mode bits + set. + format: int32 + type: integer + sources: + description: list of volume projections + items: + description: Projection that may be projected + along with other supported volume types + properties: + configMap: + description: information about the configMap + data to project + properties: + items: + description: If unspecified, each key-value + pair in the Data field of the referenced + ConfigMap will be projected into the + volume as a file whose name is the key + and content is the value. If specified, + the listed keys will be projected into + the specified paths, and unlisted keys + will not be present. If a key is specified + which is not present in the ConfigMap, + the volume setup will error unless it + is marked optional. Paths must be relative + and may not contain the '..' path or + start with '..'. + items: + description: Maps a string key to a + path within a volume. + properties: + key: + description: The key to project. + type: string + mode: + description: 'Optional: mode bits + used to set permissions on this + file. Must be an octal value between + 0000 and 0777 or a decimal value + between 0 and 511. YAML accepts + both octal and decimal values, + JSON requires decimal values for + mode bits. If not specified, the + volume defaultMode will be used. + This might be in conflict with + other options that affect the + file mode, like fsGroup, and the + result can be other mode bits + set.' + format: int32 + type: integer + path: + description: The relative path of + the file to map the key to. May + not be an absolute path. May not + contain the path element '..'. + May not start with the string + '..'. + type: string + required: + - key + - path + type: object + type: array + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the ConfigMap + or its keys must be defined + type: boolean + type: object + downwardAPI: + description: information about the downwardAPI + data to project + properties: + items: + description: Items is a list of DownwardAPIVolume + file + items: + description: DownwardAPIVolumeFile represents + information to create the file containing + the pod field + properties: + fieldRef: + description: 'Required: Selects + a field of the pod: only annotations, + labels, name and namespace are + supported.' + properties: + apiVersion: + description: Version of the + schema the FieldPath is written + in terms of, defaults to "v1". + type: string + fieldPath: + description: Path of the field + to select in the specified + API version. + type: string + required: + - fieldPath + type: object + mode: + description: 'Optional: mode bits + used to set permissions on this + file, must be an octal value between + 0000 and 0777 or a decimal value + between 0 and 511. YAML accepts + both octal and decimal values, + JSON requires decimal values for + mode bits. If not specified, the + volume defaultMode will be used. + This might be in conflict with + other options that affect the + file mode, like fsGroup, and the + result can be other mode bits + set.' + format: int32 + type: integer + path: + description: 'Required: Path is the + relative path name of the file + to be created. Must not be absolute + or contain the ''..'' path. Must + be utf-8 encoded. The first item + of the relative path must not + start with ''..''' + type: string + resourceFieldRef: + description: 'Selects a resource + of the container: only resources + limits and requests (limits.cpu, + limits.memory, requests.cpu and + requests.memory) are currently + supported.' + properties: + containerName: + description: 'Container name: + required for volumes, optional + for env vars' + type: string + divisor: + anyOf: + - type: integer + - type: string + description: Specifies the output + format of the exposed resources, + defaults to "1" + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + description: 'Required: resource + to select' + type: string + required: + - resource + type: object + required: + - path + type: object + type: array + type: object + secret: + description: information about the secret + data to project + properties: + items: + description: If unspecified, each key-value + pair in the Data field of the referenced + Secret will be projected into the volume + as a file whose name is the key and + content is the value. If specified, + the listed keys will be projected into + the specified paths, and unlisted keys + will not be present. If a key is specified + which is not present in the Secret, + the volume setup will error unless it + is marked optional. Paths must be relative + and may not contain the '..' path or + start with '..'. + items: + description: Maps a string key to a + path within a volume. + properties: + key: + description: The key to project. + type: string + mode: + description: 'Optional: mode bits + used to set permissions on this + file. Must be an octal value between + 0000 and 0777 or a decimal value + between 0 and 511. YAML accepts + both octal and decimal values, + JSON requires decimal values for + mode bits. If not specified, the + volume defaultMode will be used. + This might be in conflict with + other options that affect the + file mode, like fsGroup, and the + result can be other mode bits + set.' + format: int32 + type: integer + path: + description: The relative path of + the file to map the key to. May + not be an absolute path. May not + contain the path element '..'. + May not start with the string + '..'. + type: string + required: + - key + - path + type: object + type: array + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + type: object + serviceAccountToken: + description: information about the serviceAccountToken + data to project + properties: + audience: + description: Audience is the intended + audience of the token. A recipient of + a token must identify itself with an + identifier specified in the audience + of the token, and otherwise should reject + the token. The audience defaults to + the identifier of the apiserver. + type: string + expirationSeconds: + description: ExpirationSeconds is the + requested duration of validity of the + service account token. As the token + approaches expiration, the kubelet volume + plugin will proactively rotate the service + account token. The kubelet will start + trying to rotate the token if the token + is older than 80 percent of its time + to live or if the token is older than + 24 hours.Defaults to 1 hour and must + be at least 10 minutes. + format: int64 + type: integer + path: + description: Path is the path relative + to the mount point of the file to project + the token into. + type: string + required: + - path + type: object + type: object + type: array + type: object + quobyte: + description: Quobyte represents a Quobyte mount on the + host that shares a pod's lifetime + properties: + group: + description: Group to map volume access to Default + is no group + type: string + readOnly: + description: ReadOnly here will force the Quobyte + volume to be mounted with read-only permissions. + Defaults to false. + type: boolean + registry: + description: Registry represents a single or multiple + Quobyte Registry services specified as a string + as host:port pair (multiple entries are separated + with commas) which acts as the central registry + for volumes + type: string + tenant: + description: Tenant owning the given Quobyte volume + in the Backend Used with dynamically provisioned + Quobyte volumes, value is set by the plugin + type: string + user: + description: User to map volume access to Defaults + to serivceaccount user + type: string + volume: + description: Volume is a string that references + an already created Quobyte volume by name. + type: string + required: + - registry + - volume + type: object + rbd: + description: 'RBD represents a Rados Block Device mount + on the host that shares a pod''s lifetime. More info: + https://examples.k8s.io/volumes/rbd/README.md' + properties: + fsType: + description: 'Filesystem type of the volume that + you want to mount. Tip: Ensure that the filesystem + type is supported by the host operating system. + Examples: "ext4", "xfs", "ntfs". Implicitly inferred + to be "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#rbd + TODO: how do we prevent errors in the filesystem + from compromising the machine' + type: string + image: + description: 'The rados image name. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' + type: string + keyring: + description: 'Keyring is the path to key ring for + RBDUser. Default is /etc/ceph/keyring. More info: + https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' + type: string + monitors: + description: 'A collection of Ceph monitors. More + info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' + items: + type: string + type: array + pool: + description: 'The rados pool name. Default is rbd. + More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' + type: string + readOnly: + description: 'ReadOnly here will force the ReadOnly + setting in VolumeMounts. Defaults to false. More + info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' + type: boolean + secretRef: + description: 'SecretRef is name of the authentication + secret for RBDUser. If provided overrides keyring. + Default is nil. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' + properties: + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + type: object + user: + description: 'The rados user name. Default is admin. + More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' + type: string + required: + - image + - monitors + type: object + scaleIO: + description: ScaleIO represents a ScaleIO persistent + volume attached and mounted on Kubernetes nodes. + properties: + fsType: + description: Filesystem type to mount. Must be a + filesystem type supported by the host operating + system. Ex. "ext4", "xfs", "ntfs". Default is + "xfs". + type: string + gateway: + description: The host address of the ScaleIO API + Gateway. + type: string + protectionDomain: + description: The name of the ScaleIO Protection + Domain for the configured storage. + type: string + readOnly: + description: Defaults to false (read/write). ReadOnly + here will force the ReadOnly setting in VolumeMounts. + type: boolean + secretRef: + description: SecretRef references to the secret + for ScaleIO user and other sensitive information. + If this is not provided, Login operation will + fail. + properties: + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + type: object + sslEnabled: + description: Flag to enable/disable SSL communication + with Gateway, default false + type: boolean + storageMode: + description: Indicates whether the storage for a + volume should be ThickProvisioned or ThinProvisioned. + Default is ThinProvisioned. + type: string + storagePool: + description: The ScaleIO Storage Pool associated + with the protection domain. + type: string + system: + description: The name of the storage system as configured + in ScaleIO. + type: string + volumeName: + description: The name of a volume already created + in the ScaleIO system that is associated with + this volume source. + type: string + required: + - gateway + - secretRef + - system + type: object + secret: + description: 'Secret represents a secret that should + populate this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' + properties: + defaultMode: + description: 'Optional: mode bits used to set permissions + on created files by default. Must be an octal + value between 0000 and 0777 or a decimal value + between 0 and 511. YAML accepts both octal and + decimal values, JSON requires decimal values for + mode bits. Defaults to 0644. Directories within + the path are not affected by this setting. This + might be in conflict with other options that affect + the file mode, like fsGroup, and the result can + be other mode bits set.' + format: int32 + type: integer + items: + description: If unspecified, each key-value pair + in the Data field of the referenced Secret will + be projected into the volume as a file whose name + is the key and content is the value. If specified, + the listed keys will be projected into the specified + paths, and unlisted keys will not be present. + If a key is specified which is not present in + the Secret, the volume setup will error unless + it is marked optional. Paths must be relative + and may not contain the '..' path or start with + '..'. + items: + description: Maps a string key to a path within + a volume. + properties: + key: + description: The key to project. + type: string + mode: + description: 'Optional: mode bits used to + set permissions on this file. Must be an + octal value between 0000 and 0777 or a decimal + value between 0 and 511. YAML accepts both + octal and decimal values, JSON requires + decimal values for mode bits. If not specified, + the volume defaultMode will be used. This + might be in conflict with other options + that affect the file mode, like fsGroup, + and the result can be other mode bits set.' + format: int32 + type: integer + path: + description: The relative path of the file + to map the key to. May not be an absolute + path. May not contain the path element '..'. + May not start with the string '..'. + type: string + required: + - key + - path + type: object + type: array + optional: + description: Specify whether the Secret or its keys + must be defined + type: boolean + secretName: + description: 'Name of the secret in the pod''s namespace + to use. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' + type: string + type: object + storageos: + description: StorageOS represents a StorageOS volume + attached and mounted on Kubernetes nodes. + properties: + fsType: + description: Filesystem type to mount. Must be a + filesystem type supported by the host operating + system. Ex. "ext4", "xfs", "ntfs". Implicitly + inferred to be "ext4" if unspecified. + type: string + readOnly: + description: Defaults to false (read/write). ReadOnly + here will force the ReadOnly setting in VolumeMounts. + type: boolean + secretRef: + description: SecretRef specifies the secret to use + for obtaining the StorageOS API credentials. If + not specified, default values will be attempted. + properties: + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + type: object + volumeName: + description: VolumeName is the human-readable name + of the StorageOS volume. Volume names are only + unique within a namespace. + type: string + volumeNamespace: + description: VolumeNamespace specifies the scope + of the volume within StorageOS. If no namespace + is specified then the Pod's namespace will be + used. This allows the Kubernetes name scoping + to be mirrored within StorageOS for tighter integration. + Set VolumeName to any name to override the default + behaviour. Set to "default" if you are not using + namespaces within StorageOS. Namespaces that do + not pre-exist within StorageOS will be created. + type: string + type: object + vsphereVolume: + description: VsphereVolume represents a vSphere volume + attached and mounted on kubelets host machine + properties: + fsType: + description: Filesystem type to mount. Must be a + filesystem type supported by the host operating + system. Ex. "ext4", "xfs", "ntfs". Implicitly + inferred to be "ext4" if unspecified. + type: string + storagePolicyID: + description: Storage Policy Based Management (SPBM) + profile ID associated with the StoragePolicyName. + type: string + storagePolicyName: + description: Storage Policy Based Management (SPBM) + profile name. + type: string + volumePath: + description: Path that identifies vSphere volume + vmdk + type: string + required: + - volumePath + type: object + required: + - name + type: object + type: array + workDir: + type: string + type: object + type: object + required: + - template + type: object + status: + properties: + availableReplicas: + description: AvailableReplicas is the total number of available runners + which have been successfully registered to GitHub and still running. + This corresponds to the sum of status.availableReplicas of all the + runner replica sets. + type: integer + desiredReplicas: + description: DesiredReplicas is the total number of desired, non-terminated + and latest pods to be set for the primary RunnerSet This doesn't + include outdated pods while upgrading the deployment and replacing + the runnerset. + type: integer + readyReplicas: + description: ReadyReplicas is the total number of available runners + which have been successfully registered to GitHub and still running. + This corresponds to the sum of status.readyReplicas of all the runner + replica sets. + type: integer + replicas: + description: Replicas is the total number of replicas + type: integer + updatedReplicas: + description: ReadyReplicas is the total number of available runners + which have been successfully registered to GitHub and still running. + This corresponds to status.replicas of the runner replica set that + has the desired template hash. + type: integer + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.7.0 + creationTimestamp: null + name: runnerreplicasets.actions.summerwind.dev +spec: + group: actions.summerwind.dev + names: + kind: RunnerReplicaSet + listKind: RunnerReplicaSetList + plural: runnerreplicasets + shortNames: + - rrs + singular: runnerreplicaset + preserveUnknownFields: false + scope: Namespaced + versions: + - additionalPrinterColumns: + - jsonPath: .spec.replicas + name: Desired + type: number + - jsonPath: .status.replicas + name: Current + type: number + - jsonPath: .status.readyReplicas + name: Ready + type: number + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1alpha1 + schema: + openAPIV3Schema: + description: RunnerReplicaSet is the Schema for the runnerreplicasets API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: RunnerReplicaSetSpec defines the desired state of RunnerReplicaSet + properties: + effectiveTime: + description: EffectiveTime is the time the upstream controller requested + to sync Replicas. It is usually populated by the webhook-based autoscaler + via HRA and RunnerDeployment. The value is used to prevent runnerreplicaset + controller from unnecessarily recreating ephemeral runners based + on potentially outdated Replicas value. + format: date-time + nullable: true + type: string + replicas: + nullable: true + type: integer + selector: + description: A label selector is a label query over a set of resources. + The result of matchLabels and matchExpressions are ANDed. An empty + label selector matches all objects. A null label selector matches + no objects. + nullable: true + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. + The requirements are ANDed. + items: + description: A label selector requirement is a selector that + contains values, a key, and an operator that relates the key + and values. + properties: + key: + description: key is the label key that the selector applies + to. + type: string + operator: + description: operator represents a key's relationship to + a set of values. Valid operators are In, NotIn, Exists + and DoesNotExist. + type: string + values: + description: values is an array of string values. If the + operator is In or NotIn, the values array must be non-empty. + If the operator is Exists or DoesNotExist, the values + array must be empty. This array is replaced during a strategic + merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} pairs. A single + {key,value} in the matchLabels map is equivalent to an element + of matchExpressions, whose key field is "key", the operator + is "In", and the values array contains only "value". The requirements + are ANDed. + type: object + type: object + template: + properties: + metadata: + properties: + annotations: + additionalProperties: + type: string + type: object + finalizers: + items: + type: string + type: array + labels: + additionalProperties: + type: string + type: object + name: + type: string + namespace: + type: string + type: object + spec: + description: RunnerSpec defines the desired state of Runner + properties: + affinity: + description: Affinity is a group of affinity scheduling rules. + properties: + nodeAffinity: + description: Describes node affinity scheduling rules + for the pod. + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule + pods to nodes that satisfy the affinity expressions + specified by this field, but it may choose a node + that violates one or more of the expressions. The + node that is most preferred is the one with the + greatest sum of weights, i.e. for each node that + meets all of the scheduling requirements (resource + request, requiredDuringScheduling affinity expressions, + etc.), compute a sum by iterating through the elements + of this field and adding "weight" to the sum if + the node matches the corresponding matchExpressions; + the node(s) with the highest sum are the most preferred. + items: + description: An empty preferred scheduling term + matches all objects with implicit weight 0 (i.e. + it's a no-op). A null preferred scheduling term + matches no objects (i.e. is also a no-op). + properties: + preference: + description: A node selector term, associated + with the corresponding weight. + properties: + matchExpressions: + description: A list of node selector requirements + by node's labels. + items: + description: A node selector requirement + is a selector that contains values, + a key, and an operator that relates + the key and values. + properties: + key: + description: The label key that the + selector applies to. + type: string + operator: + description: Represents a key's relationship + to a set of values. Valid operators + are In, NotIn, Exists, DoesNotExist. + Gt, and Lt. + type: string + values: + description: An array of string values. + If the operator is In or NotIn, + the values array must be non-empty. + If the operator is Exists or DoesNotExist, + the values array must be empty. + If the operator is Gt or Lt, the + values array must have a single + element, which will be interpreted + as an integer. This array is replaced + during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchFields: + description: A list of node selector requirements + by node's fields. + items: + description: A node selector requirement + is a selector that contains values, + a key, and an operator that relates + the key and values. + properties: + key: + description: The label key that the + selector applies to. + type: string + operator: + description: Represents a key's relationship + to a set of values. Valid operators + are In, NotIn, Exists, DoesNotExist. + Gt, and Lt. + type: string + values: + description: An array of string values. + If the operator is In or NotIn, + the values array must be non-empty. + If the operator is Exists or DoesNotExist, + the values array must be empty. + If the operator is Gt or Lt, the + values array must have a single + element, which will be interpreted + as an integer. This array is replaced + during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + type: object + weight: + description: Weight associated with matching + the corresponding nodeSelectorTerm, in the + range 1-100. + format: int32 + type: integer + required: + - preference + - weight + type: object + type: array + requiredDuringSchedulingIgnoredDuringExecution: + description: If the affinity requirements specified + by this field are not met at scheduling time, the + pod will not be scheduled onto the node. If the + affinity requirements specified by this field cease + to be met at some point during pod execution (e.g. + due to an update), the system may or may not try + to eventually evict the pod from its node. + properties: + nodeSelectorTerms: + description: Required. A list of node selector + terms. The terms are ORed. + items: + description: A null or empty node selector term + matches no objects. The requirements of them + are ANDed. The TopologySelectorTerm type implements + a subset of the NodeSelectorTerm. + properties: + matchExpressions: + description: A list of node selector requirements + by node's labels. + items: + description: A node selector requirement + is a selector that contains values, + a key, and an operator that relates + the key and values. + properties: + key: + description: The label key that the + selector applies to. + type: string + operator: + description: Represents a key's relationship + to a set of values. Valid operators + are In, NotIn, Exists, DoesNotExist. + Gt, and Lt. + type: string + values: + description: An array of string values. + If the operator is In or NotIn, + the values array must be non-empty. + If the operator is Exists or DoesNotExist, + the values array must be empty. + If the operator is Gt or Lt, the + values array must have a single + element, which will be interpreted + as an integer. This array is replaced + during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchFields: + description: A list of node selector requirements + by node's fields. + items: + description: A node selector requirement + is a selector that contains values, + a key, and an operator that relates + the key and values. + properties: + key: + description: The label key that the + selector applies to. + type: string + operator: + description: Represents a key's relationship + to a set of values. Valid operators + are In, NotIn, Exists, DoesNotExist. + Gt, and Lt. + type: string + values: + description: An array of string values. + If the operator is In or NotIn, + the values array must be non-empty. + If the operator is Exists or DoesNotExist, + the values array must be empty. + If the operator is Gt or Lt, the + values array must have a single + element, which will be interpreted + as an integer. This array is replaced + during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + type: object + type: array + required: + - nodeSelectorTerms + type: object + type: object + podAffinity: + description: Describes pod affinity scheduling rules (e.g. + co-locate this pod in the same node, zone, etc. as some + other pod(s)). + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule + pods to nodes that satisfy the affinity expressions + specified by this field, but it may choose a node + that violates one or more of the expressions. The + node that is most preferred is the one with the + greatest sum of weights, i.e. for each node that + meets all of the scheduling requirements (resource + request, requiredDuringScheduling affinity expressions, + etc.), compute a sum by iterating through the elements + of this field and adding "weight" to the sum if + the node has pods which matches the corresponding + podAffinityTerm; the node(s) with the highest sum + are the most preferred. + items: + description: The weights of all of the matched WeightedPodAffinityTerm + fields are added per-node to find the most preferred + node(s) + properties: + podAffinityTerm: + description: Required. A pod affinity term, + associated with the corresponding weight. + properties: + labelSelector: + description: A label query over a set of + resources, in this case pods. + properties: + matchExpressions: + description: matchExpressions is a list + of label selector requirements. The + requirements are ANDed. + items: + description: A label selector requirement + is a selector that contains values, + a key, and an operator that relates + the key and values. + properties: + key: + description: key is the label + key that the selector applies + to. + type: string + operator: + description: operator represents + a key's relationship to a set + of values. Valid operators are + In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array + of string values. If the operator + is In or NotIn, the values array + must be non-empty. If the operator + is Exists or DoesNotExist, the + values array must be empty. + This array is replaced during + a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of + {key,value} pairs. A single {key,value} + in the matchLabels map is equivalent + to an element of matchExpressions, + whose key field is "key", the operator + is "In", and the values array contains + only "value". The requirements are + ANDed. + type: object + type: object + namespaceSelector: + description: A label query over the set + of namespaces that the term applies to. + The term is applied to the union of the + namespaces selected by this field and + the ones listed in the namespaces field. + null selector and null or empty namespaces + list means "this pod's namespace". An + empty selector ({}) matches all namespaces. + This field is beta-level and is only honored + when PodAffinityNamespaceSelector feature + is enabled. + properties: + matchExpressions: + description: matchExpressions is a list + of label selector requirements. The + requirements are ANDed. + items: + description: A label selector requirement + is a selector that contains values, + a key, and an operator that relates + the key and values. + properties: + key: + description: key is the label + key that the selector applies + to. + type: string + operator: + description: operator represents + a key's relationship to a set + of values. Valid operators are + In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array + of string values. If the operator + is In or NotIn, the values array + must be non-empty. If the operator + is Exists or DoesNotExist, the + values array must be empty. + This array is replaced during + a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of + {key,value} pairs. A single {key,value} + in the matchLabels map is equivalent + to an element of matchExpressions, + whose key field is "key", the operator + is "In", and the values array contains + only "value". The requirements are + ANDed. + type: object + type: object + namespaces: + description: namespaces specifies a static + list of namespace names that the term + applies to. The term is applied to the + union of the namespaces listed in this + field and the ones selected by namespaceSelector. + null or empty namespaces list and null + namespaceSelector means "this pod's namespace" + items: + type: string + type: array + topologyKey: + description: This pod should be co-located + (affinity) or not co-located (anti-affinity) + with the pods matching the labelSelector + in the specified namespaces, where co-located + is defined as running on a node whose + value of the label with key topologyKey + matches that of any node on which any + of the selected pods is running. Empty + topologyKey is not allowed. + type: string + required: + - topologyKey + type: object + weight: + description: weight associated with matching + the corresponding podAffinityTerm, in the + range 1-100. + format: int32 + type: integer + required: + - podAffinityTerm + - weight + type: object + type: array + requiredDuringSchedulingIgnoredDuringExecution: + description: If the affinity requirements specified + by this field are not met at scheduling time, the + pod will not be scheduled onto the node. If the + affinity requirements specified by this field cease + to be met at some point during pod execution (e.g. + due to a pod label update), the system may or may + not try to eventually evict the pod from its node. + When there are multiple elements, the lists of nodes + corresponding to each podAffinityTerm are intersected, + i.e. all terms must be satisfied. + items: + description: Defines a set of pods (namely those + matching the labelSelector relative to the given + namespace(s)) that this pod should be co-located + (affinity) or not co-located (anti-affinity) with, + where co-located is defined as running on a node + whose value of the label with key + matches that of any node on which a pod of the + set of pods is running + properties: + labelSelector: + description: A label query over a set of resources, + in this case pods. + properties: + matchExpressions: + description: matchExpressions is a list + of label selector requirements. The requirements + are ANDed. + items: + description: A label selector requirement + is a selector that contains values, + a key, and an operator that relates + the key and values. + properties: + key: + description: key is the label key + that the selector applies to. + type: string + operator: + description: operator represents a + key's relationship to a set of values. + Valid operators are In, NotIn, Exists + and DoesNotExist. + type: string + values: + description: values is an array of + string values. If the operator is + In or NotIn, the values array must + be non-empty. If the operator is + Exists or DoesNotExist, the values + array must be empty. This array + is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator + is "In", and the values array contains + only "value". The requirements are ANDed. + type: object + type: object + namespaceSelector: + description: A label query over the set of namespaces + that the term applies to. The term is applied + to the union of the namespaces selected by + this field and the ones listed in the namespaces + field. null selector and null or empty namespaces + list means "this pod's namespace". An empty + selector ({}) matches all namespaces. This + field is beta-level and is only honored when + PodAffinityNamespaceSelector feature is enabled. + properties: + matchExpressions: + description: matchExpressions is a list + of label selector requirements. The requirements + are ANDed. + items: + description: A label selector requirement + is a selector that contains values, + a key, and an operator that relates + the key and values. + properties: + key: + description: key is the label key + that the selector applies to. + type: string + operator: + description: operator represents a + key's relationship to a set of values. + Valid operators are In, NotIn, Exists + and DoesNotExist. + type: string + values: + description: values is an array of + string values. If the operator is + In or NotIn, the values array must + be non-empty. If the operator is + Exists or DoesNotExist, the values + array must be empty. This array + is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator + is "In", and the values array contains + only "value". The requirements are ANDed. + type: object + type: object + namespaces: + description: namespaces specifies a static list + of namespace names that the term applies to. + The term is applied to the union of the namespaces + listed in this field and the ones selected + by namespaceSelector. null or empty namespaces + list and null namespaceSelector means "this + pod's namespace" + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) + or not co-located (anti-affinity) with the + pods matching the labelSelector in the specified + namespaces, where co-located is defined as + running on a node whose value of the label + with key topologyKey matches that of any node + on which any of the selected pods is running. + Empty topologyKey is not allowed. + type: string + required: + - topologyKey + type: object + type: array + type: object + podAntiAffinity: + description: Describes pod anti-affinity scheduling rules + (e.g. avoid putting this pod in the same node, zone, + etc. as some other pod(s)). + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule + pods to nodes that satisfy the anti-affinity expressions + specified by this field, but it may choose a node + that violates one or more of the expressions. The + node that is most preferred is the one with the + greatest sum of weights, i.e. for each node that + meets all of the scheduling requirements (resource + request, requiredDuringScheduling anti-affinity + expressions, etc.), compute a sum by iterating through + the elements of this field and adding "weight" to + the sum if the node has pods which matches the corresponding + podAffinityTerm; the node(s) with the highest sum + are the most preferred. + items: + description: The weights of all of the matched WeightedPodAffinityTerm + fields are added per-node to find the most preferred + node(s) + properties: + podAffinityTerm: + description: Required. A pod affinity term, + associated with the corresponding weight. + properties: + labelSelector: + description: A label query over a set of + resources, in this case pods. + properties: + matchExpressions: + description: matchExpressions is a list + of label selector requirements. The + requirements are ANDed. + items: + description: A label selector requirement + is a selector that contains values, + a key, and an operator that relates + the key and values. + properties: + key: + description: key is the label + key that the selector applies + to. + type: string + operator: + description: operator represents + a key's relationship to a set + of values. Valid operators are + In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array + of string values. If the operator + is In or NotIn, the values array + must be non-empty. If the operator + is Exists or DoesNotExist, the + values array must be empty. + This array is replaced during + a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of + {key,value} pairs. A single {key,value} + in the matchLabels map is equivalent + to an element of matchExpressions, + whose key field is "key", the operator + is "In", and the values array contains + only "value". The requirements are + ANDed. + type: object + type: object + namespaceSelector: + description: A label query over the set + of namespaces that the term applies to. + The term is applied to the union of the + namespaces selected by this field and + the ones listed in the namespaces field. + null selector and null or empty namespaces + list means "this pod's namespace". An + empty selector ({}) matches all namespaces. + This field is beta-level and is only honored + when PodAffinityNamespaceSelector feature + is enabled. + properties: + matchExpressions: + description: matchExpressions is a list + of label selector requirements. The + requirements are ANDed. + items: + description: A label selector requirement + is a selector that contains values, + a key, and an operator that relates + the key and values. + properties: + key: + description: key is the label + key that the selector applies + to. + type: string + operator: + description: operator represents + a key's relationship to a set + of values. Valid operators are + In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array + of string values. If the operator + is In or NotIn, the values array + must be non-empty. If the operator + is Exists or DoesNotExist, the + values array must be empty. + This array is replaced during + a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of + {key,value} pairs. A single {key,value} + in the matchLabels map is equivalent + to an element of matchExpressions, + whose key field is "key", the operator + is "In", and the values array contains + only "value". The requirements are + ANDed. + type: object + type: object + namespaces: + description: namespaces specifies a static + list of namespace names that the term + applies to. The term is applied to the + union of the namespaces listed in this + field and the ones selected by namespaceSelector. + null or empty namespaces list and null + namespaceSelector means "this pod's namespace" + items: + type: string + type: array + topologyKey: + description: This pod should be co-located + (affinity) or not co-located (anti-affinity) + with the pods matching the labelSelector + in the specified namespaces, where co-located + is defined as running on a node whose + value of the label with key topologyKey + matches that of any node on which any + of the selected pods is running. Empty + topologyKey is not allowed. + type: string + required: + - topologyKey + type: object + weight: + description: weight associated with matching + the corresponding podAffinityTerm, in the + range 1-100. + format: int32 + type: integer + required: + - podAffinityTerm + - weight + type: object + type: array + requiredDuringSchedulingIgnoredDuringExecution: + description: If the anti-affinity requirements specified + by this field are not met at scheduling time, the + pod will not be scheduled onto the node. If the + anti-affinity requirements specified by this field + cease to be met at some point during pod execution + (e.g. due to a pod label update), the system may + or may not try to eventually evict the pod from + its node. When there are multiple elements, the + lists of nodes corresponding to each podAffinityTerm + are intersected, i.e. all terms must be satisfied. + items: + description: Defines a set of pods (namely those + matching the labelSelector relative to the given + namespace(s)) that this pod should be co-located + (affinity) or not co-located (anti-affinity) with, + where co-located is defined as running on a node + whose value of the label with key + matches that of any node on which a pod of the + set of pods is running + properties: + labelSelector: + description: A label query over a set of resources, + in this case pods. + properties: + matchExpressions: + description: matchExpressions is a list + of label selector requirements. The requirements + are ANDed. + items: + description: A label selector requirement + is a selector that contains values, + a key, and an operator that relates + the key and values. + properties: + key: + description: key is the label key + that the selector applies to. + type: string + operator: + description: operator represents a + key's relationship to a set of values. + Valid operators are In, NotIn, Exists + and DoesNotExist. + type: string + values: + description: values is an array of + string values. If the operator is + In or NotIn, the values array must + be non-empty. If the operator is + Exists or DoesNotExist, the values + array must be empty. This array + is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator + is "In", and the values array contains + only "value". The requirements are ANDed. + type: object + type: object + namespaceSelector: + description: A label query over the set of namespaces + that the term applies to. The term is applied + to the union of the namespaces selected by + this field and the ones listed in the namespaces + field. null selector and null or empty namespaces + list means "this pod's namespace". An empty + selector ({}) matches all namespaces. This + field is beta-level and is only honored when + PodAffinityNamespaceSelector feature is enabled. + properties: + matchExpressions: + description: matchExpressions is a list + of label selector requirements. The requirements + are ANDed. + items: + description: A label selector requirement + is a selector that contains values, + a key, and an operator that relates + the key and values. + properties: + key: + description: key is the label key + that the selector applies to. + type: string + operator: + description: operator represents a + key's relationship to a set of values. + Valid operators are In, NotIn, Exists + and DoesNotExist. + type: string + values: + description: values is an array of + string values. If the operator is + In or NotIn, the values array must + be non-empty. If the operator is + Exists or DoesNotExist, the values + array must be empty. This array + is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator + is "In", and the values array contains + only "value". The requirements are ANDed. + type: object + type: object + namespaces: + description: namespaces specifies a static list + of namespace names that the term applies to. + The term is applied to the union of the namespaces + listed in this field and the ones selected + by namespaceSelector. null or empty namespaces + list and null namespaceSelector means "this + pod's namespace" + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) + or not co-located (anti-affinity) with the + pods matching the labelSelector in the specified + namespaces, where co-located is defined as + running on a node whose value of the label + with key topologyKey matches that of any node + on which any of the selected pods is running. + Empty topologyKey is not allowed. + type: string + required: + - topologyKey + type: object + type: array + type: object + type: object + automountServiceAccountToken: + type: boolean + containers: + items: + description: A single application container that you want + to run within a pod. + properties: + args: + description: 'Arguments to the entrypoint. The docker + image''s CMD is used if this is not provided. Variable + references $(VAR_NAME) are expanded using the container''s + environment. If a variable cannot be resolved, the + reference in the input string will be unchanged. Double + $$ are reduced to a single $, which allows for escaping + the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce + the string literal "$(VAR_NAME)". Escaped references + will never be expanded, regardless of whether the + variable exists or not. Cannot be updated. More info: + https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' + items: + type: string + type: array + command: + description: 'Entrypoint array. Not executed within + a shell. The docker image''s ENTRYPOINT is used if + this is not provided. Variable references $(VAR_NAME) + are expanded using the container''s environment. If + a variable cannot be resolved, the reference in the + input string will be unchanged. Double $$ are reduced + to a single $, which allows for escaping the $(VAR_NAME) + syntax: i.e. "$$(VAR_NAME)" will produce the string + literal "$(VAR_NAME)". Escaped references will never + be expanded, regardless of whether the variable exists + or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' + items: + type: string + type: array + env: + description: List of environment variables to set in + the container. Cannot be updated. + items: + description: EnvVar represents an environment variable + present in a Container. + properties: + name: + description: Name of the environment variable. + Must be a C_IDENTIFIER. + type: string + value: + description: 'Variable references $(VAR_NAME) + are expanded using the previously defined environment + variables in the container and any service environment + variables. If a variable cannot be resolved, + the reference in the input string will be unchanged. + Double $$ are reduced to a single $, which allows + for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" + will produce the string literal "$(VAR_NAME)". + Escaped references will never be expanded, regardless + of whether the variable exists or not. Defaults + to "".' + type: string + valueFrom: + description: Source for the environment variable's + value. Cannot be used if value is not empty. + properties: + configMapKeyRef: + description: Selects a key of a ConfigMap. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the ConfigMap + or its key must be defined + type: boolean + required: + - key + type: object + fieldRef: + description: 'Selects a field of the pod: + supports metadata.name, metadata.namespace, + `metadata.labels['''']`, `metadata.annotations['''']`, + spec.nodeName, spec.serviceAccountName, + status.hostIP, status.podIP, status.podIPs.' + properties: + apiVersion: + description: Version of the schema the + FieldPath is written in terms of, defaults + to "v1". + type: string + fieldPath: + description: Path of the field to select + in the specified API version. + type: string + required: + - fieldPath + type: object + resourceFieldRef: + description: 'Selects a resource of the container: + only resources limits and requests (limits.cpu, + limits.memory, limits.ephemeral-storage, + requests.cpu, requests.memory and requests.ephemeral-storage) + are currently supported.' + properties: + containerName: + description: 'Container name: required + for volumes, optional for env vars' + type: string + divisor: + anyOf: + - type: integer + - type: string + description: Specifies the output format + of the exposed resources, defaults to + "1" + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + description: 'Required: resource to select' + type: string + required: + - resource + type: object + secretKeyRef: + description: Selects a key of a secret in + the pod's namespace + properties: + key: + description: The key of the secret to + select from. Must be a valid secret + key. + type: string + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + required: + - key + type: object + type: object + required: + - name + type: object + type: array + envFrom: + description: List of sources to populate environment + variables in the container. The keys defined within + a source must be a C_IDENTIFIER. All invalid keys + will be reported as an event when the container is + starting. When a key exists in multiple sources, the + value associated with the last source will take precedence. + Values defined by an Env with a duplicate key will + take precedence. Cannot be updated. + items: + description: EnvFromSource represents the source of + a set of ConfigMaps + properties: + configMapRef: + description: The ConfigMap to select from + properties: + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the ConfigMap + must be defined + type: boolean + type: object + prefix: + description: An optional identifier to prepend + to each key in the ConfigMap. Must be a C_IDENTIFIER. + type: string + secretRef: + description: The Secret to select from + properties: + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret must + be defined + type: boolean + type: object + type: object + type: array + image: + description: 'Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images + This field is optional to allow higher level config + management to default or override container images + in workload controllers like Deployments and StatefulSets.' + type: string + imagePullPolicy: + description: 'Image pull policy. One of Always, Never, + IfNotPresent. Defaults to Always if :latest tag is + specified, or IfNotPresent otherwise. Cannot be updated. + More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' + type: string + lifecycle: + description: Actions that the management system should + take in response to container lifecycle events. Cannot + be updated. + properties: + postStart: + description: 'PostStart is called immediately after + a container is created. If the handler fails, + the container is terminated and restarted according + to its restart policy. Other management of the + container blocks until the hook completes. More + info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' + properties: + exec: + description: Exec specifies the action to take. + properties: + command: + description: Command is the command line + to execute inside the container, the working + directory for the command is root ('/') + in the container's filesystem. The command + is simply exec'd, it is not run inside + a shell, so traditional shell instructions + ('|', etc) won't work. To use a shell, + you need to explicitly call out to that + shell. Exit status of 0 is treated as + live/healthy and non-zero is unhealthy. + items: + type: string + type: array + type: object + httpGet: + description: HTTPGet specifies the http request + to perform. + properties: + host: + description: Host name to connect to, defaults + to the pod IP. You probably want to set + "Host" in httpHeaders instead. + type: string + httpHeaders: + description: Custom headers to set in the + request. HTTP allows repeated headers. + items: + description: HTTPHeader describes a custom + header to be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP + server. + type: string + port: + anyOf: + - type: integer + - type: string + description: Name or number of the port + to access on the container. Number must + be in the range 1 to 65535. Name must + be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: Scheme to use for connecting + to the host. Defaults to HTTP. + type: string + required: + - port + type: object + tcpSocket: + description: Deprecated. TCPSocket is NOT supported + as a LifecycleHandler and kept for the backward + compatibility. There are no validation of + this field and lifecycle hooks will fail in + runtime when tcp handler is specified. + properties: + host: + description: 'Optional: Host name to connect + to, defaults to the pod IP.' + type: string + port: + anyOf: + - type: integer + - type: string + description: Number or name of the port + to access on the container. Number must + be in the range 1 to 65535. Name must + be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + type: object + preStop: + description: 'PreStop is called immediately before + a container is terminated due to an API request + or management event such as liveness/startup probe + failure, preemption, resource contention, etc. + The handler is not called if the container crashes + or exits. The Pod''s termination grace period + countdown begins before the PreStop hook is executed. + Regardless of the outcome of the handler, the + container will eventually terminate within the + Pod''s termination grace period (unless delayed + by finalizers). Other management of the container + blocks until the hook completes or until the termination + grace period is reached. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' + properties: + exec: + description: Exec specifies the action to take. + properties: + command: + description: Command is the command line + to execute inside the container, the working + directory for the command is root ('/') + in the container's filesystem. The command + is simply exec'd, it is not run inside + a shell, so traditional shell instructions + ('|', etc) won't work. To use a shell, + you need to explicitly call out to that + shell. Exit status of 0 is treated as + live/healthy and non-zero is unhealthy. + items: + type: string + type: array + type: object + httpGet: + description: HTTPGet specifies the http request + to perform. + properties: + host: + description: Host name to connect to, defaults + to the pod IP. You probably want to set + "Host" in httpHeaders instead. + type: string + httpHeaders: + description: Custom headers to set in the + request. HTTP allows repeated headers. + items: + description: HTTPHeader describes a custom + header to be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP + server. + type: string + port: + anyOf: + - type: integer + - type: string + description: Name or number of the port + to access on the container. Number must + be in the range 1 to 65535. Name must + be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: Scheme to use for connecting + to the host. Defaults to HTTP. + type: string + required: + - port + type: object + tcpSocket: + description: Deprecated. TCPSocket is NOT supported + as a LifecycleHandler and kept for the backward + compatibility. There are no validation of + this field and lifecycle hooks will fail in + runtime when tcp handler is specified. + properties: + host: + description: 'Optional: Host name to connect + to, defaults to the pod IP.' + type: string + port: + anyOf: + - type: integer + - type: string + description: Number or name of the port + to access on the container. Number must + be in the range 1 to 65535. Name must + be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + type: object + type: object + livenessProbe: + description: 'Periodic probe of container liveness. + Container will be restarted if the probe fails. Cannot + be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + properties: + exec: + description: Exec specifies the action to take. + properties: + command: + description: Command is the command line to + execute inside the container, the working + directory for the command is root ('/') in + the container's filesystem. The command is + simply exec'd, it is not run inside a shell, + so traditional shell instructions ('|', etc) + won't work. To use a shell, you need to explicitly + call out to that shell. Exit status of 0 is + treated as live/healthy and non-zero is unhealthy. + items: + type: string + type: array + type: object + failureThreshold: + description: Minimum consecutive failures for the + probe to be considered failed after having succeeded. + Defaults to 3. Minimum value is 1. + format: int32 + type: integer + grpc: + description: GRPC specifies an action involving + a GRPC port. This is an alpha field and requires + enabling GRPCContainerProbe feature gate. + properties: + port: + description: Port number of the gRPC service. + Number must be in the range 1 to 65535. + format: int32 + type: integer + service: + description: "Service is the name of the service + to place in the gRPC HealthCheckRequest (see + https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + \n If this is not specified, the default behavior + is defined by gRPC." + type: string + required: + - port + type: object + httpGet: + description: HTTPGet specifies the http request + to perform. + properties: + host: + description: Host name to connect to, defaults + to the pod IP. You probably want to set "Host" + in httpHeaders instead. + type: string + httpHeaders: + description: Custom headers to set in the request. + HTTP allows repeated headers. + items: + description: HTTPHeader describes a custom + header to be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: integer + - type: string + description: Name or number of the port to access + on the container. Number must be in the range + 1 to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: Scheme to use for connecting to + the host. Defaults to HTTP. + type: string + required: + - port + type: object + initialDelaySeconds: + description: 'Number of seconds after the container + has started before liveness probes are initiated. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + periodSeconds: + description: How often (in seconds) to perform the + probe. Default to 10 seconds. Minimum value is + 1. + format: int32 + type: integer + successThreshold: + description: Minimum consecutive successes for the + probe to be considered successful after having + failed. Defaults to 1. Must be 1 for liveness + and startup. Minimum value is 1. + format: int32 + type: integer + tcpSocket: + description: TCPSocket specifies an action involving + a TCP port. + properties: + host: + description: 'Optional: Host name to connect + to, defaults to the pod IP.' + type: string + port: + anyOf: + - type: integer + - type: string + description: Number or name of the port to access + on the container. Number must be in the range + 1 to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + terminationGracePeriodSeconds: + description: Optional duration in seconds the pod + needs to terminate gracefully upon probe failure. + The grace period is the duration in seconds after + the processes running in the pod are sent a termination + signal and the time when the processes are forcibly + halted with a kill signal. Set this value longer + than the expected cleanup time for your process. + If this value is nil, the pod's terminationGracePeriodSeconds + will be used. Otherwise, this value overrides + the value provided by the pod spec. Value must + be non-negative integer. The value zero indicates + stop immediately via the kill signal (no opportunity + to shut down). This is a beta field and requires + enabling ProbeTerminationGracePeriod feature gate. + Minimum value is 1. spec.terminationGracePeriodSeconds + is used if unset. + format: int64 + type: integer + timeoutSeconds: + description: 'Number of seconds after which the + probe times out. Defaults to 1 second. Minimum + value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + type: object + name: + description: Name of the container specified as a DNS_LABEL. + Each container in a pod must have a unique name (DNS_LABEL). + Cannot be updated. + type: string + ports: + description: List of ports to expose from the container. + Exposing a port here gives the system additional information + about the network connections a container uses, but + is primarily informational. Not specifying a port + here DOES NOT prevent that port from being exposed. + Any port which is listening on the default "0.0.0.0" + address inside a container will be accessible from + the network. Cannot be updated. + items: + description: ContainerPort represents a network port + in a single container. + properties: + containerPort: + description: Number of port to expose on the pod's + IP address. This must be a valid port number, + 0 < x < 65536. + format: int32 + type: integer + hostIP: + description: What host IP to bind the external + port to. + type: string + hostPort: + description: Number of port to expose on the host. + If specified, this must be a valid port number, + 0 < x < 65536. If HostNetwork is specified, + this must match ContainerPort. Most containers + do not need this. + format: int32 + type: integer + name: + description: If specified, this must be an IANA_SVC_NAME + and unique within the pod. Each named port in + a pod must have a unique name. Name for the + port that can be referred to by services. + type: string + protocol: + default: TCP + description: Protocol for port. Must be UDP, TCP, + or SCTP. Defaults to "TCP". + type: string + required: + - containerPort + type: object + type: array + x-kubernetes-list-map-keys: + - containerPort + - protocol + x-kubernetes-list-type: map + readinessProbe: + description: 'Periodic probe of container service readiness. + Container will be removed from service endpoints if + the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + properties: + exec: + description: Exec specifies the action to take. + properties: + command: + description: Command is the command line to + execute inside the container, the working + directory for the command is root ('/') in + the container's filesystem. The command is + simply exec'd, it is not run inside a shell, + so traditional shell instructions ('|', etc) + won't work. To use a shell, you need to explicitly + call out to that shell. Exit status of 0 is + treated as live/healthy and non-zero is unhealthy. + items: + type: string + type: array + type: object + failureThreshold: + description: Minimum consecutive failures for the + probe to be considered failed after having succeeded. + Defaults to 3. Minimum value is 1. + format: int32 + type: integer + grpc: + description: GRPC specifies an action involving + a GRPC port. This is an alpha field and requires + enabling GRPCContainerProbe feature gate. + properties: + port: + description: Port number of the gRPC service. + Number must be in the range 1 to 65535. + format: int32 + type: integer + service: + description: "Service is the name of the service + to place in the gRPC HealthCheckRequest (see + https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + \n If this is not specified, the default behavior + is defined by gRPC." + type: string + required: + - port + type: object + httpGet: + description: HTTPGet specifies the http request + to perform. + properties: + host: + description: Host name to connect to, defaults + to the pod IP. You probably want to set "Host" + in httpHeaders instead. + type: string + httpHeaders: + description: Custom headers to set in the request. + HTTP allows repeated headers. + items: + description: HTTPHeader describes a custom + header to be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: integer + - type: string + description: Name or number of the port to access + on the container. Number must be in the range + 1 to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: Scheme to use for connecting to + the host. Defaults to HTTP. + type: string + required: + - port + type: object + initialDelaySeconds: + description: 'Number of seconds after the container + has started before liveness probes are initiated. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + periodSeconds: + description: How often (in seconds) to perform the + probe. Default to 10 seconds. Minimum value is + 1. + format: int32 + type: integer + successThreshold: + description: Minimum consecutive successes for the + probe to be considered successful after having + failed. Defaults to 1. Must be 1 for liveness + and startup. Minimum value is 1. + format: int32 + type: integer + tcpSocket: + description: TCPSocket specifies an action involving + a TCP port. + properties: + host: + description: 'Optional: Host name to connect + to, defaults to the pod IP.' + type: string + port: + anyOf: + - type: integer + - type: string + description: Number or name of the port to access + on the container. Number must be in the range + 1 to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + terminationGracePeriodSeconds: + description: Optional duration in seconds the pod + needs to terminate gracefully upon probe failure. + The grace period is the duration in seconds after + the processes running in the pod are sent a termination + signal and the time when the processes are forcibly + halted with a kill signal. Set this value longer + than the expected cleanup time for your process. + If this value is nil, the pod's terminationGracePeriodSeconds + will be used. Otherwise, this value overrides + the value provided by the pod spec. Value must + be non-negative integer. The value zero indicates + stop immediately via the kill signal (no opportunity + to shut down). This is a beta field and requires + enabling ProbeTerminationGracePeriod feature gate. + Minimum value is 1. spec.terminationGracePeriodSeconds + is used if unset. + format: int64 + type: integer + timeoutSeconds: + description: 'Number of seconds after which the + probe times out. Defaults to 1 second. Minimum + value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + type: object + resources: + description: 'Compute Resources required by this container. + Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + properties: + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum amount + of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum amount + of compute resources required. If Requests is + omitted for a container, it defaults to Limits + if that is explicitly specified, otherwise to + an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + type: object + securityContext: + description: 'SecurityContext defines the security options + the container should be run with. If set, the fields + of SecurityContext override the equivalent fields + of PodSecurityContext. More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/' + properties: + allowPrivilegeEscalation: + description: 'AllowPrivilegeEscalation controls + whether a process can gain more privileges than + its parent process. This bool directly controls + if the no_new_privs flag will be set on the container + process. AllowPrivilegeEscalation is true always + when the container is: 1) run as Privileged 2) + has CAP_SYS_ADMIN Note that this field cannot + be set when spec.os.name is windows.' + type: boolean + capabilities: + description: The capabilities to add/drop when running + containers. Defaults to the default set of capabilities + granted by the container runtime. Note that this + field cannot be set when spec.os.name is windows. + properties: + add: + description: Added capabilities + items: + description: Capability represent POSIX capabilities + type + type: string + type: array + drop: + description: Removed capabilities + items: + description: Capability represent POSIX capabilities + type + type: string + type: array + type: object + privileged: + description: Run container in privileged mode. Processes + in privileged containers are essentially equivalent + to root on the host. Defaults to false. Note that + this field cannot be set when spec.os.name is + windows. + type: boolean + procMount: + description: procMount denotes the type of proc + mount to use for the containers. The default is + DefaultProcMount which uses the container runtime + defaults for readonly paths and masked paths. + This requires the ProcMountType feature flag to + be enabled. Note that this field cannot be set + when spec.os.name is windows. + type: string + readOnlyRootFilesystem: + description: Whether this container has a read-only + root filesystem. Default is false. Note that this + field cannot be set when spec.os.name is windows. + type: boolean + runAsGroup: + description: The GID to run the entrypoint of the + container process. Uses runtime default if unset. + May also be set in PodSecurityContext. If set + in both SecurityContext and PodSecurityContext, + the value specified in SecurityContext takes precedence. + Note that this field cannot be set when spec.os.name + is windows. + format: int64 + type: integer + runAsNonRoot: + description: Indicates that the container must run + as a non-root user. If true, the Kubelet will + validate the image at runtime to ensure that it + does not run as UID 0 (root) and fail to start + the container if it does. If unset or false, no + such validation will be performed. May also be + set in PodSecurityContext. If set in both SecurityContext + and PodSecurityContext, the value specified in + SecurityContext takes precedence. + type: boolean + runAsUser: + description: The UID to run the entrypoint of the + container process. Defaults to user specified + in image metadata if unspecified. May also be + set in PodSecurityContext. If set in both SecurityContext + and PodSecurityContext, the value specified in + SecurityContext takes precedence. Note that this + field cannot be set when spec.os.name is windows. + format: int64 + type: integer + seLinuxOptions: + description: The SELinux context to be applied to + the container. If unspecified, the container runtime + will allocate a random SELinux context for each + container. May also be set in PodSecurityContext. If + set in both SecurityContext and PodSecurityContext, + the value specified in SecurityContext takes precedence. + Note that this field cannot be set when spec.os.name + is windows. + properties: + level: + description: Level is SELinux level label that + applies to the container. + type: string + role: + description: Role is a SELinux role label that + applies to the container. + type: string + type: + description: Type is a SELinux type label that + applies to the container. + type: string + user: + description: User is a SELinux user label that + applies to the container. + type: string + type: object + seccompProfile: + description: The seccomp options to use by this + container. If seccomp options are provided at + both the pod & container level, the container + options override the pod options. Note that this + field cannot be set when spec.os.name is windows. + properties: + localhostProfile: + description: localhostProfile indicates a profile + defined in a file on the node should be used. + The profile must be preconfigured on the node + to work. Must be a descending path, relative + to the kubelet's configured seccomp profile + location. Must only be set if type is "Localhost". + type: string + type: + description: "type indicates which kind of seccomp + profile will be applied. Valid options are: + \n Localhost - a profile defined in a file + on the node should be used. RuntimeDefault + - the container runtime default profile should + be used. Unconfined - no profile should be + applied." + type: string + required: + - type + type: object + windowsOptions: + description: The Windows specific settings applied + to all containers. If unspecified, the options + from the PodSecurityContext will be used. If set + in both SecurityContext and PodSecurityContext, + the value specified in SecurityContext takes precedence. + Note that this field cannot be set when spec.os.name + is linux. + properties: + gmsaCredentialSpec: + description: GMSACredentialSpec is where the + GMSA admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) + inlines the contents of the GMSA credential + spec named by the GMSACredentialSpecName field. + type: string + gmsaCredentialSpecName: + description: GMSACredentialSpecName is the name + of the GMSA credential spec to use. + type: string + hostProcess: + description: HostProcess determines if a container + should be run as a 'Host Process' container. + This field is alpha-level and will only be + honored by components that enable the WindowsHostProcessContainers + feature flag. Setting this field without the + feature flag will result in errors when validating + the Pod. All of a Pod's containers must have + the same effective HostProcess value (it is + not allowed to have a mix of HostProcess containers + and non-HostProcess containers). In addition, + if HostProcess is true then HostNetwork must + also be set to true. + type: boolean + runAsUserName: + description: The UserName in Windows to run + the entrypoint of the container process. Defaults + to the user specified in image metadata if + unspecified. May also be set in PodSecurityContext. + If set in both SecurityContext and PodSecurityContext, + the value specified in SecurityContext takes + precedence. + type: string + type: object + type: object + startupProbe: + description: 'StartupProbe indicates that the Pod has + successfully initialized. If specified, no other probes + are executed until this completes successfully. If + this probe fails, the Pod will be restarted, just + as if the livenessProbe failed. This can be used to + provide different probe parameters at the beginning + of a Pod''s lifecycle, when it might take a long time + to load data or warm a cache, than during steady-state + operation. This cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + properties: + exec: + description: Exec specifies the action to take. + properties: + command: + description: Command is the command line to + execute inside the container, the working + directory for the command is root ('/') in + the container's filesystem. The command is + simply exec'd, it is not run inside a shell, + so traditional shell instructions ('|', etc) + won't work. To use a shell, you need to explicitly + call out to that shell. Exit status of 0 is + treated as live/healthy and non-zero is unhealthy. + items: + type: string + type: array + type: object + failureThreshold: + description: Minimum consecutive failures for the + probe to be considered failed after having succeeded. + Defaults to 3. Minimum value is 1. + format: int32 + type: integer + grpc: + description: GRPC specifies an action involving + a GRPC port. This is an alpha field and requires + enabling GRPCContainerProbe feature gate. + properties: + port: + description: Port number of the gRPC service. + Number must be in the range 1 to 65535. + format: int32 + type: integer + service: + description: "Service is the name of the service + to place in the gRPC HealthCheckRequest (see + https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + \n If this is not specified, the default behavior + is defined by gRPC." + type: string + required: + - port + type: object + httpGet: + description: HTTPGet specifies the http request + to perform. + properties: + host: + description: Host name to connect to, defaults + to the pod IP. You probably want to set "Host" + in httpHeaders instead. + type: string + httpHeaders: + description: Custom headers to set in the request. + HTTP allows repeated headers. + items: + description: HTTPHeader describes a custom + header to be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: integer + - type: string + description: Name or number of the port to access + on the container. Number must be in the range + 1 to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: Scheme to use for connecting to + the host. Defaults to HTTP. + type: string + required: + - port + type: object + initialDelaySeconds: + description: 'Number of seconds after the container + has started before liveness probes are initiated. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + periodSeconds: + description: How often (in seconds) to perform the + probe. Default to 10 seconds. Minimum value is + 1. + format: int32 + type: integer + successThreshold: + description: Minimum consecutive successes for the + probe to be considered successful after having + failed. Defaults to 1. Must be 1 for liveness + and startup. Minimum value is 1. + format: int32 + type: integer + tcpSocket: + description: TCPSocket specifies an action involving + a TCP port. + properties: + host: + description: 'Optional: Host name to connect + to, defaults to the pod IP.' + type: string + port: + anyOf: + - type: integer + - type: string + description: Number or name of the port to access + on the container. Number must be in the range + 1 to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + terminationGracePeriodSeconds: + description: Optional duration in seconds the pod + needs to terminate gracefully upon probe failure. + The grace period is the duration in seconds after + the processes running in the pod are sent a termination + signal and the time when the processes are forcibly + halted with a kill signal. Set this value longer + than the expected cleanup time for your process. + If this value is nil, the pod's terminationGracePeriodSeconds + will be used. Otherwise, this value overrides + the value provided by the pod spec. Value must + be non-negative integer. The value zero indicates + stop immediately via the kill signal (no opportunity + to shut down). This is a beta field and requires + enabling ProbeTerminationGracePeriod feature gate. + Minimum value is 1. spec.terminationGracePeriodSeconds + is used if unset. + format: int64 + type: integer + timeoutSeconds: + description: 'Number of seconds after which the + probe times out. Defaults to 1 second. Minimum + value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + type: object + stdin: + description: Whether this container should allocate + a buffer for stdin in the container runtime. If this + is not set, reads from stdin in the container will + always result in EOF. Default is false. + type: boolean + stdinOnce: + description: Whether the container runtime should close + the stdin channel after it has been opened by a single + attach. When stdin is true the stdin stream will remain + open across multiple attach sessions. If stdinOnce + is set to true, stdin is opened on container start, + is empty until the first client attaches to stdin, + and then remains open and accepts data until the client + disconnects, at which time stdin is closed and remains + closed until the container is restarted. If this flag + is false, a container processes that reads from stdin + will never receive an EOF. Default is false + type: boolean + terminationMessagePath: + description: 'Optional: Path at which the file to which + the container''s termination message will be written + is mounted into the container''s filesystem. Message + written is intended to be brief final status, such + as an assertion failure message. Will be truncated + by the node if greater than 4096 bytes. The total + message length across all containers will be limited + to 12kb. Defaults to /dev/termination-log. Cannot + be updated.' + type: string + terminationMessagePolicy: + description: Indicate how the termination message should + be populated. File will use the contents of terminationMessagePath + to populate the container status message on both success + and failure. FallbackToLogsOnError will use the last + chunk of container log output if the termination message + file is empty and the container exited with an error. + The log output is limited to 2048 bytes or 80 lines, + whichever is smaller. Defaults to File. Cannot be + updated. + type: string + tty: + description: Whether this container should allocate + a TTY for itself, also requires 'stdin' to be true. + Default is false. + type: boolean + volumeDevices: + description: volumeDevices is the list of block devices + to be used by the container. + items: + description: volumeDevice describes a mapping of a + raw block device within a container. + properties: + devicePath: + description: devicePath is the path inside of + the container that the device will be mapped + to. + type: string + name: + description: name must match the name of a persistentVolumeClaim + in the pod + type: string + required: + - devicePath + - name + type: object + type: array + volumeMounts: + description: Pod volumes to mount into the container's + filesystem. Cannot be updated. + items: + description: VolumeMount describes a mounting of a + Volume within a container. + properties: + mountPath: + description: Path within the container at which + the volume should be mounted. Must not contain + ':'. + type: string + mountPropagation: + description: mountPropagation determines how mounts + are propagated from the host to container and + the other way around. When not set, MountPropagationNone + is used. This field is beta in 1.10. + type: string + name: + description: This must match the Name of a Volume. + type: string + readOnly: + description: Mounted read-only if true, read-write + otherwise (false or unspecified). Defaults to + false. + type: boolean + subPath: + description: Path within the volume from which + the container's volume should be mounted. Defaults + to "" (volume's root). + type: string + subPathExpr: + description: Expanded path within the volume from + which the container's volume should be mounted. + Behaves similarly to SubPath but environment + variable references $(VAR_NAME) are expanded + using the container's environment. Defaults + to "" (volume's root). SubPathExpr and SubPath + are mutually exclusive. + type: string + required: + - mountPath + - name + type: object + type: array + workingDir: + description: Container's working directory. If not specified, + the container runtime's default will be used, which + might be configured in the container image. Cannot + be updated. + type: string + required: + - name + type: object + type: array + dnsConfig: + items: + description: PodDNSConfig defines the DNS parameters of + a pod in addition to those generated from DNSPolicy. + properties: + nameservers: + description: A list of DNS name server IP addresses. + This will be appended to the base nameservers generated + from DNSPolicy. Duplicated nameservers will be removed. + items: + type: string + type: array + options: + description: A list of DNS resolver options. This will + be merged with the base options generated from DNSPolicy. + Duplicated entries will be removed. Resolution options + given in Options will override those that appear in + the base DNSPolicy. + items: + description: PodDNSConfigOption defines DNS resolver + options of a pod. + properties: + name: + description: Required. + type: string + value: + type: string + type: object + type: array + searches: + description: A list of DNS search domains for host-name + lookup. This will be appended to the base search paths + generated from DNSPolicy. Duplicated search paths + will be removed. + items: + type: string + type: array + type: object + type: array + dockerEnabled: + type: boolean + dockerEnv: + items: + description: EnvVar represents an environment variable present + in a Container. + properties: + name: + description: Name of the environment variable. Must + be a C_IDENTIFIER. + type: string + value: + description: 'Variable references $(VAR_NAME) are expanded + using the previously defined environment variables + in the container and any service environment variables. + If a variable cannot be resolved, the reference in + the input string will be unchanged. Double $$ are + reduced to a single $, which allows for escaping the + $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce + the string literal "$(VAR_NAME)". Escaped references + will never be expanded, regardless of whether the + variable exists or not. Defaults to "".' + type: string + valueFrom: + description: Source for the environment variable's value. + Cannot be used if value is not empty. + properties: + configMapKeyRef: + description: Selects a key of a ConfigMap. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the ConfigMap or + its key must be defined + type: boolean + required: + - key + type: object + fieldRef: + description: 'Selects a field of the pod: supports + metadata.name, metadata.namespace, `metadata.labels['''']`, + `metadata.annotations['''']`, spec.nodeName, + spec.serviceAccountName, status.hostIP, status.podIP, + status.podIPs.' + properties: + apiVersion: + description: Version of the schema the FieldPath + is written in terms of, defaults to "v1". + type: string + fieldPath: + description: Path of the field to select in + the specified API version. + type: string + required: + - fieldPath + type: object + resourceFieldRef: + description: 'Selects a resource of the container: + only resources limits and requests (limits.cpu, + limits.memory, limits.ephemeral-storage, requests.cpu, + requests.memory and requests.ephemeral-storage) + are currently supported.' + properties: + containerName: + description: 'Container name: required for volumes, + optional for env vars' + type: string + divisor: + anyOf: + - type: integer + - type: string + description: Specifies the output format of + the exposed resources, defaults to "1" + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + description: 'Required: resource to select' + type: string + required: + - resource + type: object + secretKeyRef: + description: Selects a key of a secret in the pod's + namespace + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret or its + key must be defined + type: boolean + required: + - key + type: object + type: object + required: + - name + type: object + type: array + dockerMTU: + format: int64 + type: integer + dockerRegistryMirror: + type: string + dockerVolumeMounts: + items: + description: VolumeMount describes a mounting of a Volume + within a container. + properties: + mountPath: + description: Path within the container at which the + volume should be mounted. Must not contain ':'. + type: string + mountPropagation: + description: mountPropagation determines how mounts + are propagated from the host to container and the + other way around. When not set, MountPropagationNone + is used. This field is beta in 1.10. + type: string + name: + description: This must match the Name of a Volume. + type: string + readOnly: + description: Mounted read-only if true, read-write otherwise + (false or unspecified). Defaults to false. + type: boolean + subPath: + description: Path within the volume from which the container's + volume should be mounted. Defaults to "" (volume's + root). + type: string + subPathExpr: + description: Expanded path within the volume from which + the container's volume should be mounted. Behaves + similarly to SubPath but environment variable references + $(VAR_NAME) are expanded using the container's environment. + Defaults to "" (volume's root). SubPathExpr and SubPath + are mutually exclusive. + type: string + required: + - mountPath + - name + type: object + type: array + dockerdContainerResources: + description: ResourceRequirements describes the compute resource + requirements. + properties: + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum amount of compute + resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum amount of + compute resources required. If Requests is omitted for + a container, it defaults to Limits if that is explicitly + specified, otherwise to an implementation-defined value. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + type: object + dockerdWithinRunnerContainer: + type: boolean + enableServiceLinks: + type: boolean + enterprise: + pattern: ^[^/]+$ + type: string + env: + items: + description: EnvVar represents an environment variable present + in a Container. + properties: + name: + description: Name of the environment variable. Must + be a C_IDENTIFIER. + type: string + value: + description: 'Variable references $(VAR_NAME) are expanded + using the previously defined environment variables + in the container and any service environment variables. + If a variable cannot be resolved, the reference in + the input string will be unchanged. Double $$ are + reduced to a single $, which allows for escaping the + $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce + the string literal "$(VAR_NAME)". Escaped references + will never be expanded, regardless of whether the + variable exists or not. Defaults to "".' + type: string + valueFrom: + description: Source for the environment variable's value. + Cannot be used if value is not empty. + properties: + configMapKeyRef: + description: Selects a key of a ConfigMap. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the ConfigMap or + its key must be defined + type: boolean + required: + - key + type: object + fieldRef: + description: 'Selects a field of the pod: supports + metadata.name, metadata.namespace, `metadata.labels['''']`, + `metadata.annotations['''']`, spec.nodeName, + spec.serviceAccountName, status.hostIP, status.podIP, + status.podIPs.' + properties: + apiVersion: + description: Version of the schema the FieldPath + is written in terms of, defaults to "v1". + type: string + fieldPath: + description: Path of the field to select in + the specified API version. + type: string + required: + - fieldPath + type: object + resourceFieldRef: + description: 'Selects a resource of the container: + only resources limits and requests (limits.cpu, + limits.memory, limits.ephemeral-storage, requests.cpu, + requests.memory and requests.ephemeral-storage) + are currently supported.' + properties: + containerName: + description: 'Container name: required for volumes, + optional for env vars' + type: string + divisor: + anyOf: + - type: integer + - type: string + description: Specifies the output format of + the exposed resources, defaults to "1" + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + description: 'Required: resource to select' + type: string + required: + - resource + type: object + secretKeyRef: + description: Selects a key of a secret in the pod's + namespace + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret or its + key must be defined + type: boolean + required: + - key + type: object + type: object + required: + - name + type: object + type: array + envFrom: + items: + description: EnvFromSource represents the source of a set + of ConfigMaps + properties: + configMapRef: + description: The ConfigMap to select from + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether the ConfigMap must + be defined + type: boolean + type: object + prefix: + description: An optional identifier to prepend to each + key in the ConfigMap. Must be a C_IDENTIFIER. + type: string + secretRef: + description: The Secret to select from + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether the Secret must be + defined + type: boolean + type: object + type: object + type: array + ephemeral: + type: boolean + ephemeralContainers: + items: + description: "An EphemeralContainer is a temporary container + that you may add to an existing Pod for user-initiated + activities such as debugging. Ephemeral containers have + no resource or scheduling guarantees, and they will not + be restarted when they exit or when a Pod is removed or + restarted. The kubelet may evict a Pod if an ephemeral + container causes the Pod to exceed its resource allocation. + \n To add an ephemeral container, use the ephemeralcontainers + subresource of an existing Pod. Ephemeral containers may + not be removed or restarted. \n This is a beta feature + available on clusters that haven't disabled the EphemeralContainers + feature gate." + properties: + args: + description: 'Arguments to the entrypoint. The docker + image''s CMD is used if this is not provided. Variable + references $(VAR_NAME) are expanded using the container''s + environment. If a variable cannot be resolved, the + reference in the input string will be unchanged. Double + $$ are reduced to a single $, which allows for escaping + the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce + the string literal "$(VAR_NAME)". Escaped references + will never be expanded, regardless of whether the + variable exists or not. Cannot be updated. More info: + https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' + items: + type: string + type: array + command: + description: 'Entrypoint array. Not executed within + a shell. The docker image''s ENTRYPOINT is used if + this is not provided. Variable references $(VAR_NAME) + are expanded using the container''s environment. If + a variable cannot be resolved, the reference in the + input string will be unchanged. Double $$ are reduced + to a single $, which allows for escaping the $(VAR_NAME) + syntax: i.e. "$$(VAR_NAME)" will produce the string + literal "$(VAR_NAME)". Escaped references will never + be expanded, regardless of whether the variable exists + or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' + items: + type: string + type: array + env: + description: List of environment variables to set in + the container. Cannot be updated. + items: + description: EnvVar represents an environment variable + present in a Container. + properties: + name: + description: Name of the environment variable. + Must be a C_IDENTIFIER. + type: string + value: + description: 'Variable references $(VAR_NAME) + are expanded using the previously defined environment + variables in the container and any service environment + variables. If a variable cannot be resolved, + the reference in the input string will be unchanged. + Double $$ are reduced to a single $, which allows + for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" + will produce the string literal "$(VAR_NAME)". + Escaped references will never be expanded, regardless + of whether the variable exists or not. Defaults + to "".' + type: string + valueFrom: + description: Source for the environment variable's + value. Cannot be used if value is not empty. + properties: + configMapKeyRef: + description: Selects a key of a ConfigMap. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the ConfigMap + or its key must be defined + type: boolean + required: + - key + type: object + fieldRef: + description: 'Selects a field of the pod: + supports metadata.name, metadata.namespace, + `metadata.labels['''']`, `metadata.annotations['''']`, + spec.nodeName, spec.serviceAccountName, + status.hostIP, status.podIP, status.podIPs.' + properties: + apiVersion: + description: Version of the schema the + FieldPath is written in terms of, defaults + to "v1". + type: string + fieldPath: + description: Path of the field to select + in the specified API version. + type: string + required: + - fieldPath + type: object + resourceFieldRef: + description: 'Selects a resource of the container: + only resources limits and requests (limits.cpu, + limits.memory, limits.ephemeral-storage, + requests.cpu, requests.memory and requests.ephemeral-storage) + are currently supported.' + properties: + containerName: + description: 'Container name: required + for volumes, optional for env vars' + type: string + divisor: + anyOf: + - type: integer + - type: string + description: Specifies the output format + of the exposed resources, defaults to + "1" + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + description: 'Required: resource to select' + type: string + required: + - resource + type: object + secretKeyRef: + description: Selects a key of a secret in + the pod's namespace + properties: + key: + description: The key of the secret to + select from. Must be a valid secret + key. + type: string + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + required: + - key + type: object + type: object + required: + - name + type: object + type: array + envFrom: + description: List of sources to populate environment + variables in the container. The keys defined within + a source must be a C_IDENTIFIER. All invalid keys + will be reported as an event when the container is + starting. When a key exists in multiple sources, the + value associated with the last source will take precedence. + Values defined by an Env with a duplicate key will + take precedence. Cannot be updated. + items: + description: EnvFromSource represents the source of + a set of ConfigMaps + properties: + configMapRef: + description: The ConfigMap to select from + properties: + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the ConfigMap + must be defined + type: boolean + type: object + prefix: + description: An optional identifier to prepend + to each key in the ConfigMap. Must be a C_IDENTIFIER. + type: string + secretRef: + description: The Secret to select from + properties: + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret must + be defined + type: boolean + type: object + type: object + type: array + image: + description: 'Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images' + type: string + imagePullPolicy: + description: 'Image pull policy. One of Always, Never, + IfNotPresent. Defaults to Always if :latest tag is + specified, or IfNotPresent otherwise. Cannot be updated. + More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' + type: string + lifecycle: + description: Lifecycle is not allowed for ephemeral + containers. + properties: + postStart: + description: 'PostStart is called immediately after + a container is created. If the handler fails, + the container is terminated and restarted according + to its restart policy. Other management of the + container blocks until the hook completes. More + info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' + properties: + exec: + description: Exec specifies the action to take. + properties: + command: + description: Command is the command line + to execute inside the container, the working + directory for the command is root ('/') + in the container's filesystem. The command + is simply exec'd, it is not run inside + a shell, so traditional shell instructions + ('|', etc) won't work. To use a shell, + you need to explicitly call out to that + shell. Exit status of 0 is treated as + live/healthy and non-zero is unhealthy. + items: + type: string + type: array + type: object + httpGet: + description: HTTPGet specifies the http request + to perform. + properties: + host: + description: Host name to connect to, defaults + to the pod IP. You probably want to set + "Host" in httpHeaders instead. + type: string + httpHeaders: + description: Custom headers to set in the + request. HTTP allows repeated headers. + items: + description: HTTPHeader describes a custom + header to be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP + server. + type: string + port: + anyOf: + - type: integer + - type: string + description: Name or number of the port + to access on the container. Number must + be in the range 1 to 65535. Name must + be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: Scheme to use for connecting + to the host. Defaults to HTTP. + type: string + required: + - port + type: object + tcpSocket: + description: Deprecated. TCPSocket is NOT supported + as a LifecycleHandler and kept for the backward + compatibility. There are no validation of + this field and lifecycle hooks will fail in + runtime when tcp handler is specified. + properties: + host: + description: 'Optional: Host name to connect + to, defaults to the pod IP.' + type: string + port: + anyOf: + - type: integer + - type: string + description: Number or name of the port + to access on the container. Number must + be in the range 1 to 65535. Name must + be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + type: object + preStop: + description: 'PreStop is called immediately before + a container is terminated due to an API request + or management event such as liveness/startup probe + failure, preemption, resource contention, etc. + The handler is not called if the container crashes + or exits. The Pod''s termination grace period + countdown begins before the PreStop hook is executed. + Regardless of the outcome of the handler, the + container will eventually terminate within the + Pod''s termination grace period (unless delayed + by finalizers). Other management of the container + blocks until the hook completes or until the termination + grace period is reached. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' + properties: + exec: + description: Exec specifies the action to take. + properties: + command: + description: Command is the command line + to execute inside the container, the working + directory for the command is root ('/') + in the container's filesystem. The command + is simply exec'd, it is not run inside + a shell, so traditional shell instructions + ('|', etc) won't work. To use a shell, + you need to explicitly call out to that + shell. Exit status of 0 is treated as + live/healthy and non-zero is unhealthy. + items: + type: string + type: array + type: object + httpGet: + description: HTTPGet specifies the http request + to perform. + properties: + host: + description: Host name to connect to, defaults + to the pod IP. You probably want to set + "Host" in httpHeaders instead. + type: string + httpHeaders: + description: Custom headers to set in the + request. HTTP allows repeated headers. + items: + description: HTTPHeader describes a custom + header to be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP + server. + type: string + port: + anyOf: + - type: integer + - type: string + description: Name or number of the port + to access on the container. Number must + be in the range 1 to 65535. Name must + be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: Scheme to use for connecting + to the host. Defaults to HTTP. + type: string + required: + - port + type: object + tcpSocket: + description: Deprecated. TCPSocket is NOT supported + as a LifecycleHandler and kept for the backward + compatibility. There are no validation of + this field and lifecycle hooks will fail in + runtime when tcp handler is specified. + properties: + host: + description: 'Optional: Host name to connect + to, defaults to the pod IP.' + type: string + port: + anyOf: + - type: integer + - type: string + description: Number or name of the port + to access on the container. Number must + be in the range 1 to 65535. Name must + be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + type: object + type: object + livenessProbe: + description: Probes are not allowed for ephemeral containers. + properties: + exec: + description: Exec specifies the action to take. + properties: + command: + description: Command is the command line to + execute inside the container, the working + directory for the command is root ('/') in + the container's filesystem. The command is + simply exec'd, it is not run inside a shell, + so traditional shell instructions ('|', etc) + won't work. To use a shell, you need to explicitly + call out to that shell. Exit status of 0 is + treated as live/healthy and non-zero is unhealthy. + items: + type: string + type: array + type: object + failureThreshold: + description: Minimum consecutive failures for the + probe to be considered failed after having succeeded. + Defaults to 3. Minimum value is 1. + format: int32 + type: integer + grpc: + description: GRPC specifies an action involving + a GRPC port. This is an alpha field and requires + enabling GRPCContainerProbe feature gate. + properties: + port: + description: Port number of the gRPC service. + Number must be in the range 1 to 65535. + format: int32 + type: integer + service: + description: "Service is the name of the service + to place in the gRPC HealthCheckRequest (see + https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + \n If this is not specified, the default behavior + is defined by gRPC." + type: string + required: + - port + type: object + httpGet: + description: HTTPGet specifies the http request + to perform. + properties: + host: + description: Host name to connect to, defaults + to the pod IP. You probably want to set "Host" + in httpHeaders instead. + type: string + httpHeaders: + description: Custom headers to set in the request. + HTTP allows repeated headers. + items: + description: HTTPHeader describes a custom + header to be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: integer + - type: string + description: Name or number of the port to access + on the container. Number must be in the range + 1 to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: Scheme to use for connecting to + the host. Defaults to HTTP. + type: string + required: + - port + type: object + initialDelaySeconds: + description: 'Number of seconds after the container + has started before liveness probes are initiated. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + periodSeconds: + description: How often (in seconds) to perform the + probe. Default to 10 seconds. Minimum value is + 1. + format: int32 + type: integer + successThreshold: + description: Minimum consecutive successes for the + probe to be considered successful after having + failed. Defaults to 1. Must be 1 for liveness + and startup. Minimum value is 1. + format: int32 + type: integer + tcpSocket: + description: TCPSocket specifies an action involving + a TCP port. + properties: + host: + description: 'Optional: Host name to connect + to, defaults to the pod IP.' + type: string + port: + anyOf: + - type: integer + - type: string + description: Number or name of the port to access + on the container. Number must be in the range + 1 to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + terminationGracePeriodSeconds: + description: Optional duration in seconds the pod + needs to terminate gracefully upon probe failure. + The grace period is the duration in seconds after + the processes running in the pod are sent a termination + signal and the time when the processes are forcibly + halted with a kill signal. Set this value longer + than the expected cleanup time for your process. + If this value is nil, the pod's terminationGracePeriodSeconds + will be used. Otherwise, this value overrides + the value provided by the pod spec. Value must + be non-negative integer. The value zero indicates + stop immediately via the kill signal (no opportunity + to shut down). This is a beta field and requires + enabling ProbeTerminationGracePeriod feature gate. + Minimum value is 1. spec.terminationGracePeriodSeconds + is used if unset. + format: int64 + type: integer + timeoutSeconds: + description: 'Number of seconds after which the + probe times out. Defaults to 1 second. Minimum + value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + type: object + name: + description: Name of the ephemeral container specified + as a DNS_LABEL. This name must be unique among all + containers, init containers and ephemeral containers. + type: string + ports: + description: Ports are not allowed for ephemeral containers. + items: + description: ContainerPort represents a network port + in a single container. + properties: + containerPort: + description: Number of port to expose on the pod's + IP address. This must be a valid port number, + 0 < x < 65536. + format: int32 + type: integer + hostIP: + description: What host IP to bind the external + port to. + type: string + hostPort: + description: Number of port to expose on the host. + If specified, this must be a valid port number, + 0 < x < 65536. If HostNetwork is specified, + this must match ContainerPort. Most containers + do not need this. + format: int32 + type: integer + name: + description: If specified, this must be an IANA_SVC_NAME + and unique within the pod. Each named port in + a pod must have a unique name. Name for the + port that can be referred to by services. + type: string + protocol: + default: TCP + description: Protocol for port. Must be UDP, TCP, + or SCTP. Defaults to "TCP". + type: string + required: + - containerPort + type: object + type: array + x-kubernetes-list-map-keys: + - containerPort + - protocol + x-kubernetes-list-type: map + readinessProbe: + description: Probes are not allowed for ephemeral containers. + properties: + exec: + description: Exec specifies the action to take. + properties: + command: + description: Command is the command line to + execute inside the container, the working + directory for the command is root ('/') in + the container's filesystem. The command is + simply exec'd, it is not run inside a shell, + so traditional shell instructions ('|', etc) + won't work. To use a shell, you need to explicitly + call out to that shell. Exit status of 0 is + treated as live/healthy and non-zero is unhealthy. + items: + type: string + type: array + type: object + failureThreshold: + description: Minimum consecutive failures for the + probe to be considered failed after having succeeded. + Defaults to 3. Minimum value is 1. + format: int32 + type: integer + grpc: + description: GRPC specifies an action involving + a GRPC port. This is an alpha field and requires + enabling GRPCContainerProbe feature gate. + properties: + port: + description: Port number of the gRPC service. + Number must be in the range 1 to 65535. + format: int32 + type: integer + service: + description: "Service is the name of the service + to place in the gRPC HealthCheckRequest (see + https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + \n If this is not specified, the default behavior + is defined by gRPC." + type: string + required: + - port + type: object + httpGet: + description: HTTPGet specifies the http request + to perform. + properties: + host: + description: Host name to connect to, defaults + to the pod IP. You probably want to set "Host" + in httpHeaders instead. + type: string + httpHeaders: + description: Custom headers to set in the request. + HTTP allows repeated headers. + items: + description: HTTPHeader describes a custom + header to be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: integer + - type: string + description: Name or number of the port to access + on the container. Number must be in the range + 1 to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: Scheme to use for connecting to + the host. Defaults to HTTP. + type: string + required: + - port + type: object + initialDelaySeconds: + description: 'Number of seconds after the container + has started before liveness probes are initiated. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + periodSeconds: + description: How often (in seconds) to perform the + probe. Default to 10 seconds. Minimum value is + 1. + format: int32 + type: integer + successThreshold: + description: Minimum consecutive successes for the + probe to be considered successful after having + failed. Defaults to 1. Must be 1 for liveness + and startup. Minimum value is 1. + format: int32 + type: integer + tcpSocket: + description: TCPSocket specifies an action involving + a TCP port. + properties: + host: + description: 'Optional: Host name to connect + to, defaults to the pod IP.' + type: string + port: + anyOf: + - type: integer + - type: string + description: Number or name of the port to access + on the container. Number must be in the range + 1 to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + terminationGracePeriodSeconds: + description: Optional duration in seconds the pod + needs to terminate gracefully upon probe failure. + The grace period is the duration in seconds after + the processes running in the pod are sent a termination + signal and the time when the processes are forcibly + halted with a kill signal. Set this value longer + than the expected cleanup time for your process. + If this value is nil, the pod's terminationGracePeriodSeconds + will be used. Otherwise, this value overrides + the value provided by the pod spec. Value must + be non-negative integer. The value zero indicates + stop immediately via the kill signal (no opportunity + to shut down). This is a beta field and requires + enabling ProbeTerminationGracePeriod feature gate. + Minimum value is 1. spec.terminationGracePeriodSeconds + is used if unset. + format: int64 + type: integer + timeoutSeconds: + description: 'Number of seconds after which the + probe times out. Defaults to 1 second. Minimum + value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + type: object + resources: + description: Resources are not allowed for ephemeral + containers. Ephemeral containers use spare resources + already allocated to the pod. + properties: + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum amount + of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum amount + of compute resources required. If Requests is + omitted for a container, it defaults to Limits + if that is explicitly specified, otherwise to + an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + type: object + securityContext: + description: 'Optional: SecurityContext defines the + security options the ephemeral container should be + run with. If set, the fields of SecurityContext override + the equivalent fields of PodSecurityContext.' + properties: + allowPrivilegeEscalation: + description: 'AllowPrivilegeEscalation controls + whether a process can gain more privileges than + its parent process. This bool directly controls + if the no_new_privs flag will be set on the container + process. AllowPrivilegeEscalation is true always + when the container is: 1) run as Privileged 2) + has CAP_SYS_ADMIN Note that this field cannot + be set when spec.os.name is windows.' + type: boolean + capabilities: + description: The capabilities to add/drop when running + containers. Defaults to the default set of capabilities + granted by the container runtime. Note that this + field cannot be set when spec.os.name is windows. + properties: + add: + description: Added capabilities + items: + description: Capability represent POSIX capabilities + type + type: string + type: array + drop: + description: Removed capabilities + items: + description: Capability represent POSIX capabilities + type + type: string + type: array + type: object + privileged: + description: Run container in privileged mode. Processes + in privileged containers are essentially equivalent + to root on the host. Defaults to false. Note that + this field cannot be set when spec.os.name is + windows. + type: boolean + procMount: + description: procMount denotes the type of proc + mount to use for the containers. The default is + DefaultProcMount which uses the container runtime + defaults for readonly paths and masked paths. + This requires the ProcMountType feature flag to + be enabled. Note that this field cannot be set + when spec.os.name is windows. + type: string + readOnlyRootFilesystem: + description: Whether this container has a read-only + root filesystem. Default is false. Note that this + field cannot be set when spec.os.name is windows. + type: boolean + runAsGroup: + description: The GID to run the entrypoint of the + container process. Uses runtime default if unset. + May also be set in PodSecurityContext. If set + in both SecurityContext and PodSecurityContext, + the value specified in SecurityContext takes precedence. + Note that this field cannot be set when spec.os.name + is windows. + format: int64 + type: integer + runAsNonRoot: + description: Indicates that the container must run + as a non-root user. If true, the Kubelet will + validate the image at runtime to ensure that it + does not run as UID 0 (root) and fail to start + the container if it does. If unset or false, no + such validation will be performed. May also be + set in PodSecurityContext. If set in both SecurityContext + and PodSecurityContext, the value specified in + SecurityContext takes precedence. + type: boolean + runAsUser: + description: The UID to run the entrypoint of the + container process. Defaults to user specified + in image metadata if unspecified. May also be + set in PodSecurityContext. If set in both SecurityContext + and PodSecurityContext, the value specified in + SecurityContext takes precedence. Note that this + field cannot be set when spec.os.name is windows. + format: int64 + type: integer + seLinuxOptions: + description: The SELinux context to be applied to + the container. If unspecified, the container runtime + will allocate a random SELinux context for each + container. May also be set in PodSecurityContext. If + set in both SecurityContext and PodSecurityContext, + the value specified in SecurityContext takes precedence. + Note that this field cannot be set when spec.os.name + is windows. + properties: + level: + description: Level is SELinux level label that + applies to the container. + type: string + role: + description: Role is a SELinux role label that + applies to the container. + type: string + type: + description: Type is a SELinux type label that + applies to the container. + type: string + user: + description: User is a SELinux user label that + applies to the container. + type: string + type: object + seccompProfile: + description: The seccomp options to use by this + container. If seccomp options are provided at + both the pod & container level, the container + options override the pod options. Note that this + field cannot be set when spec.os.name is windows. + properties: + localhostProfile: + description: localhostProfile indicates a profile + defined in a file on the node should be used. + The profile must be preconfigured on the node + to work. Must be a descending path, relative + to the kubelet's configured seccomp profile + location. Must only be set if type is "Localhost". + type: string + type: + description: "type indicates which kind of seccomp + profile will be applied. Valid options are: + \n Localhost - a profile defined in a file + on the node should be used. RuntimeDefault + - the container runtime default profile should + be used. Unconfined - no profile should be + applied." + type: string + required: + - type + type: object + windowsOptions: + description: The Windows specific settings applied + to all containers. If unspecified, the options + from the PodSecurityContext will be used. If set + in both SecurityContext and PodSecurityContext, + the value specified in SecurityContext takes precedence. + Note that this field cannot be set when spec.os.name + is linux. + properties: + gmsaCredentialSpec: + description: GMSACredentialSpec is where the + GMSA admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) + inlines the contents of the GMSA credential + spec named by the GMSACredentialSpecName field. + type: string + gmsaCredentialSpecName: + description: GMSACredentialSpecName is the name + of the GMSA credential spec to use. + type: string + hostProcess: + description: HostProcess determines if a container + should be run as a 'Host Process' container. + This field is alpha-level and will only be + honored by components that enable the WindowsHostProcessContainers + feature flag. Setting this field without the + feature flag will result in errors when validating + the Pod. All of a Pod's containers must have + the same effective HostProcess value (it is + not allowed to have a mix of HostProcess containers + and non-HostProcess containers). In addition, + if HostProcess is true then HostNetwork must + also be set to true. + type: boolean + runAsUserName: + description: The UserName in Windows to run + the entrypoint of the container process. Defaults + to the user specified in image metadata if + unspecified. May also be set in PodSecurityContext. + If set in both SecurityContext and PodSecurityContext, + the value specified in SecurityContext takes + precedence. + type: string + type: object + type: object + startupProbe: + description: Probes are not allowed for ephemeral containers. + properties: + exec: + description: Exec specifies the action to take. + properties: + command: + description: Command is the command line to + execute inside the container, the working + directory for the command is root ('/') in + the container's filesystem. The command is + simply exec'd, it is not run inside a shell, + so traditional shell instructions ('|', etc) + won't work. To use a shell, you need to explicitly + call out to that shell. Exit status of 0 is + treated as live/healthy and non-zero is unhealthy. + items: + type: string + type: array + type: object + failureThreshold: + description: Minimum consecutive failures for the + probe to be considered failed after having succeeded. + Defaults to 3. Minimum value is 1. + format: int32 + type: integer + grpc: + description: GRPC specifies an action involving + a GRPC port. This is an alpha field and requires + enabling GRPCContainerProbe feature gate. + properties: + port: + description: Port number of the gRPC service. + Number must be in the range 1 to 65535. + format: int32 + type: integer + service: + description: "Service is the name of the service + to place in the gRPC HealthCheckRequest (see + https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + \n If this is not specified, the default behavior + is defined by gRPC." + type: string + required: + - port + type: object + httpGet: + description: HTTPGet specifies the http request + to perform. + properties: + host: + description: Host name to connect to, defaults + to the pod IP. You probably want to set "Host" + in httpHeaders instead. + type: string + httpHeaders: + description: Custom headers to set in the request. + HTTP allows repeated headers. + items: + description: HTTPHeader describes a custom + header to be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: integer + - type: string + description: Name or number of the port to access + on the container. Number must be in the range + 1 to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: Scheme to use for connecting to + the host. Defaults to HTTP. + type: string + required: + - port + type: object + initialDelaySeconds: + description: 'Number of seconds after the container + has started before liveness probes are initiated. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + periodSeconds: + description: How often (in seconds) to perform the + probe. Default to 10 seconds. Minimum value is + 1. + format: int32 + type: integer + successThreshold: + description: Minimum consecutive successes for the + probe to be considered successful after having + failed. Defaults to 1. Must be 1 for liveness + and startup. Minimum value is 1. + format: int32 + type: integer + tcpSocket: + description: TCPSocket specifies an action involving + a TCP port. + properties: + host: + description: 'Optional: Host name to connect + to, defaults to the pod IP.' + type: string + port: + anyOf: + - type: integer + - type: string + description: Number or name of the port to access + on the container. Number must be in the range + 1 to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + terminationGracePeriodSeconds: + description: Optional duration in seconds the pod + needs to terminate gracefully upon probe failure. + The grace period is the duration in seconds after + the processes running in the pod are sent a termination + signal and the time when the processes are forcibly + halted with a kill signal. Set this value longer + than the expected cleanup time for your process. + If this value is nil, the pod's terminationGracePeriodSeconds + will be used. Otherwise, this value overrides + the value provided by the pod spec. Value must + be non-negative integer. The value zero indicates + stop immediately via the kill signal (no opportunity + to shut down). This is a beta field and requires + enabling ProbeTerminationGracePeriod feature gate. + Minimum value is 1. spec.terminationGracePeriodSeconds + is used if unset. + format: int64 + type: integer + timeoutSeconds: + description: 'Number of seconds after which the + probe times out. Defaults to 1 second. Minimum + value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + type: object + stdin: + description: Whether this container should allocate + a buffer for stdin in the container runtime. If this + is not set, reads from stdin in the container will + always result in EOF. Default is false. + type: boolean + stdinOnce: + description: Whether the container runtime should close + the stdin channel after it has been opened by a single + attach. When stdin is true the stdin stream will remain + open across multiple attach sessions. If stdinOnce + is set to true, stdin is opened on container start, + is empty until the first client attaches to stdin, + and then remains open and accepts data until the client + disconnects, at which time stdin is closed and remains + closed until the container is restarted. If this flag + is false, a container processes that reads from stdin + will never receive an EOF. Default is false + type: boolean + targetContainerName: + description: "If set, the name of the container from + PodSpec that this ephemeral container targets. The + ephemeral container will be run in the namespaces + (IPC, PID, etc) of this container. If not set then + the ephemeral container uses the namespaces configured + in the Pod spec. \n The container runtime must implement + support for this feature. If the runtime does not + support namespace targeting then the result of setting + this field is undefined." + type: string + terminationMessagePath: + description: 'Optional: Path at which the file to which + the container''s termination message will be written + is mounted into the container''s filesystem. Message + written is intended to be brief final status, such + as an assertion failure message. Will be truncated + by the node if greater than 4096 bytes. The total + message length across all containers will be limited + to 12kb. Defaults to /dev/termination-log. Cannot + be updated.' + type: string + terminationMessagePolicy: + description: Indicate how the termination message should + be populated. File will use the contents of terminationMessagePath + to populate the container status message on both success + and failure. FallbackToLogsOnError will use the last + chunk of container log output if the termination message + file is empty and the container exited with an error. + The log output is limited to 2048 bytes or 80 lines, + whichever is smaller. Defaults to File. Cannot be + updated. + type: string + tty: + description: Whether this container should allocate + a TTY for itself, also requires 'stdin' to be true. + Default is false. + type: boolean + volumeDevices: + description: volumeDevices is the list of block devices + to be used by the container. + items: + description: volumeDevice describes a mapping of a + raw block device within a container. + properties: + devicePath: + description: devicePath is the path inside of + the container that the device will be mapped + to. + type: string + name: + description: name must match the name of a persistentVolumeClaim + in the pod + type: string + required: + - devicePath + - name + type: object + type: array + volumeMounts: + description: Pod volumes to mount into the container's + filesystem. Subpath mounts are not allowed for ephemeral + containers. Cannot be updated. + items: + description: VolumeMount describes a mounting of a + Volume within a container. + properties: + mountPath: + description: Path within the container at which + the volume should be mounted. Must not contain + ':'. + type: string + mountPropagation: + description: mountPropagation determines how mounts + are propagated from the host to container and + the other way around. When not set, MountPropagationNone + is used. This field is beta in 1.10. + type: string + name: + description: This must match the Name of a Volume. + type: string + readOnly: + description: Mounted read-only if true, read-write + otherwise (false or unspecified). Defaults to + false. + type: boolean + subPath: + description: Path within the volume from which + the container's volume should be mounted. Defaults + to "" (volume's root). + type: string + subPathExpr: + description: Expanded path within the volume from + which the container's volume should be mounted. + Behaves similarly to SubPath but environment + variable references $(VAR_NAME) are expanded + using the container's environment. Defaults + to "" (volume's root). SubPathExpr and SubPath + are mutually exclusive. + type: string + required: + - mountPath + - name + type: object + type: array + workingDir: + description: Container's working directory. If not specified, + the container runtime's default will be used, which + might be configured in the container image. Cannot + be updated. + type: string + required: + - name + type: object + type: array + group: + type: string + hostAliases: + items: + description: HostAlias holds the mapping between IP and + hostnames that will be injected as an entry in the pod's + hosts file. + properties: + hostnames: + description: Hostnames for the above IP address. + items: + type: string + type: array + ip: + description: IP address of the host file entry. + type: string + type: object + type: array + image: + type: string + imagePullPolicy: + description: PullPolicy describes a policy for if/when to + pull a container image + type: string + imagePullSecrets: + items: + description: LocalObjectReference contains enough information + to let you locate the referenced object inside the same + namespace. + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + type: object + type: array + initContainers: + items: + description: A single application container that you want + to run within a pod. + properties: + args: + description: 'Arguments to the entrypoint. The docker + image''s CMD is used if this is not provided. Variable + references $(VAR_NAME) are expanded using the container''s + environment. If a variable cannot be resolved, the + reference in the input string will be unchanged. Double + $$ are reduced to a single $, which allows for escaping + the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce + the string literal "$(VAR_NAME)". Escaped references + will never be expanded, regardless of whether the + variable exists or not. Cannot be updated. More info: + https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' + items: + type: string + type: array + command: + description: 'Entrypoint array. Not executed within + a shell. The docker image''s ENTRYPOINT is used if + this is not provided. Variable references $(VAR_NAME) + are expanded using the container''s environment. If + a variable cannot be resolved, the reference in the + input string will be unchanged. Double $$ are reduced + to a single $, which allows for escaping the $(VAR_NAME) + syntax: i.e. "$$(VAR_NAME)" will produce the string + literal "$(VAR_NAME)". Escaped references will never + be expanded, regardless of whether the variable exists + or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' + items: + type: string + type: array + env: + description: List of environment variables to set in + the container. Cannot be updated. + items: + description: EnvVar represents an environment variable + present in a Container. + properties: + name: + description: Name of the environment variable. + Must be a C_IDENTIFIER. + type: string + value: + description: 'Variable references $(VAR_NAME) + are expanded using the previously defined environment + variables in the container and any service environment + variables. If a variable cannot be resolved, + the reference in the input string will be unchanged. + Double $$ are reduced to a single $, which allows + for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" + will produce the string literal "$(VAR_NAME)". + Escaped references will never be expanded, regardless + of whether the variable exists or not. Defaults + to "".' + type: string + valueFrom: + description: Source for the environment variable's + value. Cannot be used if value is not empty. + properties: + configMapKeyRef: + description: Selects a key of a ConfigMap. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the ConfigMap + or its key must be defined + type: boolean + required: + - key + type: object + fieldRef: + description: 'Selects a field of the pod: + supports metadata.name, metadata.namespace, + `metadata.labels['''']`, `metadata.annotations['''']`, + spec.nodeName, spec.serviceAccountName, + status.hostIP, status.podIP, status.podIPs.' + properties: + apiVersion: + description: Version of the schema the + FieldPath is written in terms of, defaults + to "v1". + type: string + fieldPath: + description: Path of the field to select + in the specified API version. + type: string + required: + - fieldPath + type: object + resourceFieldRef: + description: 'Selects a resource of the container: + only resources limits and requests (limits.cpu, + limits.memory, limits.ephemeral-storage, + requests.cpu, requests.memory and requests.ephemeral-storage) + are currently supported.' + properties: + containerName: + description: 'Container name: required + for volumes, optional for env vars' + type: string + divisor: + anyOf: + - type: integer + - type: string + description: Specifies the output format + of the exposed resources, defaults to + "1" + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + description: 'Required: resource to select' + type: string + required: + - resource + type: object + secretKeyRef: + description: Selects a key of a secret in + the pod's namespace + properties: + key: + description: The key of the secret to + select from. Must be a valid secret + key. + type: string + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + required: + - key + type: object + type: object + required: + - name + type: object + type: array + envFrom: + description: List of sources to populate environment + variables in the container. The keys defined within + a source must be a C_IDENTIFIER. All invalid keys + will be reported as an event when the container is + starting. When a key exists in multiple sources, the + value associated with the last source will take precedence. + Values defined by an Env with a duplicate key will + take precedence. Cannot be updated. + items: + description: EnvFromSource represents the source of + a set of ConfigMaps + properties: + configMapRef: + description: The ConfigMap to select from + properties: + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the ConfigMap + must be defined + type: boolean + type: object + prefix: + description: An optional identifier to prepend + to each key in the ConfigMap. Must be a C_IDENTIFIER. + type: string + secretRef: + description: The Secret to select from + properties: + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret must + be defined + type: boolean + type: object + type: object + type: array + image: + description: 'Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images + This field is optional to allow higher level config + management to default or override container images + in workload controllers like Deployments and StatefulSets.' + type: string + imagePullPolicy: + description: 'Image pull policy. One of Always, Never, + IfNotPresent. Defaults to Always if :latest tag is + specified, or IfNotPresent otherwise. Cannot be updated. + More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' + type: string + lifecycle: + description: Actions that the management system should + take in response to container lifecycle events. Cannot + be updated. + properties: + postStart: + description: 'PostStart is called immediately after + a container is created. If the handler fails, + the container is terminated and restarted according + to its restart policy. Other management of the + container blocks until the hook completes. More + info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' + properties: + exec: + description: Exec specifies the action to take. + properties: + command: + description: Command is the command line + to execute inside the container, the working + directory for the command is root ('/') + in the container's filesystem. The command + is simply exec'd, it is not run inside + a shell, so traditional shell instructions + ('|', etc) won't work. To use a shell, + you need to explicitly call out to that + shell. Exit status of 0 is treated as + live/healthy and non-zero is unhealthy. + items: + type: string + type: array + type: object + httpGet: + description: HTTPGet specifies the http request + to perform. + properties: + host: + description: Host name to connect to, defaults + to the pod IP. You probably want to set + "Host" in httpHeaders instead. + type: string + httpHeaders: + description: Custom headers to set in the + request. HTTP allows repeated headers. + items: + description: HTTPHeader describes a custom + header to be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP + server. + type: string + port: + anyOf: + - type: integer + - type: string + description: Name or number of the port + to access on the container. Number must + be in the range 1 to 65535. Name must + be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: Scheme to use for connecting + to the host. Defaults to HTTP. + type: string + required: + - port + type: object + tcpSocket: + description: Deprecated. TCPSocket is NOT supported + as a LifecycleHandler and kept for the backward + compatibility. There are no validation of + this field and lifecycle hooks will fail in + runtime when tcp handler is specified. + properties: + host: + description: 'Optional: Host name to connect + to, defaults to the pod IP.' + type: string + port: + anyOf: + - type: integer + - type: string + description: Number or name of the port + to access on the container. Number must + be in the range 1 to 65535. Name must + be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + type: object + preStop: + description: 'PreStop is called immediately before + a container is terminated due to an API request + or management event such as liveness/startup probe + failure, preemption, resource contention, etc. + The handler is not called if the container crashes + or exits. The Pod''s termination grace period + countdown begins before the PreStop hook is executed. + Regardless of the outcome of the handler, the + container will eventually terminate within the + Pod''s termination grace period (unless delayed + by finalizers). Other management of the container + blocks until the hook completes or until the termination + grace period is reached. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' + properties: + exec: + description: Exec specifies the action to take. + properties: + command: + description: Command is the command line + to execute inside the container, the working + directory for the command is root ('/') + in the container's filesystem. The command + is simply exec'd, it is not run inside + a shell, so traditional shell instructions + ('|', etc) won't work. To use a shell, + you need to explicitly call out to that + shell. Exit status of 0 is treated as + live/healthy and non-zero is unhealthy. + items: + type: string + type: array + type: object + httpGet: + description: HTTPGet specifies the http request + to perform. + properties: + host: + description: Host name to connect to, defaults + to the pod IP. You probably want to set + "Host" in httpHeaders instead. + type: string + httpHeaders: + description: Custom headers to set in the + request. HTTP allows repeated headers. + items: + description: HTTPHeader describes a custom + header to be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP + server. + type: string + port: + anyOf: + - type: integer + - type: string + description: Name or number of the port + to access on the container. Number must + be in the range 1 to 65535. Name must + be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: Scheme to use for connecting + to the host. Defaults to HTTP. + type: string + required: + - port + type: object + tcpSocket: + description: Deprecated. TCPSocket is NOT supported + as a LifecycleHandler and kept for the backward + compatibility. There are no validation of + this field and lifecycle hooks will fail in + runtime when tcp handler is specified. + properties: + host: + description: 'Optional: Host name to connect + to, defaults to the pod IP.' + type: string + port: + anyOf: + - type: integer + - type: string + description: Number or name of the port + to access on the container. Number must + be in the range 1 to 65535. Name must + be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + type: object + type: object + livenessProbe: + description: 'Periodic probe of container liveness. + Container will be restarted if the probe fails. Cannot + be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + properties: + exec: + description: Exec specifies the action to take. + properties: + command: + description: Command is the command line to + execute inside the container, the working + directory for the command is root ('/') in + the container's filesystem. The command is + simply exec'd, it is not run inside a shell, + so traditional shell instructions ('|', etc) + won't work. To use a shell, you need to explicitly + call out to that shell. Exit status of 0 is + treated as live/healthy and non-zero is unhealthy. + items: + type: string + type: array + type: object + failureThreshold: + description: Minimum consecutive failures for the + probe to be considered failed after having succeeded. + Defaults to 3. Minimum value is 1. + format: int32 + type: integer + grpc: + description: GRPC specifies an action involving + a GRPC port. This is an alpha field and requires + enabling GRPCContainerProbe feature gate. + properties: + port: + description: Port number of the gRPC service. + Number must be in the range 1 to 65535. + format: int32 + type: integer + service: + description: "Service is the name of the service + to place in the gRPC HealthCheckRequest (see + https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + \n If this is not specified, the default behavior + is defined by gRPC." + type: string + required: + - port + type: object + httpGet: + description: HTTPGet specifies the http request + to perform. + properties: + host: + description: Host name to connect to, defaults + to the pod IP. You probably want to set "Host" + in httpHeaders instead. + type: string + httpHeaders: + description: Custom headers to set in the request. + HTTP allows repeated headers. + items: + description: HTTPHeader describes a custom + header to be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: integer + - type: string + description: Name or number of the port to access + on the container. Number must be in the range + 1 to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: Scheme to use for connecting to + the host. Defaults to HTTP. + type: string + required: + - port + type: object + initialDelaySeconds: + description: 'Number of seconds after the container + has started before liveness probes are initiated. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + periodSeconds: + description: How often (in seconds) to perform the + probe. Default to 10 seconds. Minimum value is + 1. + format: int32 + type: integer + successThreshold: + description: Minimum consecutive successes for the + probe to be considered successful after having + failed. Defaults to 1. Must be 1 for liveness + and startup. Minimum value is 1. + format: int32 + type: integer + tcpSocket: + description: TCPSocket specifies an action involving + a TCP port. + properties: + host: + description: 'Optional: Host name to connect + to, defaults to the pod IP.' + type: string + port: + anyOf: + - type: integer + - type: string + description: Number or name of the port to access + on the container. Number must be in the range + 1 to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + terminationGracePeriodSeconds: + description: Optional duration in seconds the pod + needs to terminate gracefully upon probe failure. + The grace period is the duration in seconds after + the processes running in the pod are sent a termination + signal and the time when the processes are forcibly + halted with a kill signal. Set this value longer + than the expected cleanup time for your process. + If this value is nil, the pod's terminationGracePeriodSeconds + will be used. Otherwise, this value overrides + the value provided by the pod spec. Value must + be non-negative integer. The value zero indicates + stop immediately via the kill signal (no opportunity + to shut down). This is a beta field and requires + enabling ProbeTerminationGracePeriod feature gate. + Minimum value is 1. spec.terminationGracePeriodSeconds + is used if unset. + format: int64 + type: integer + timeoutSeconds: + description: 'Number of seconds after which the + probe times out. Defaults to 1 second. Minimum + value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + type: object + name: + description: Name of the container specified as a DNS_LABEL. + Each container in a pod must have a unique name (DNS_LABEL). + Cannot be updated. + type: string + ports: + description: List of ports to expose from the container. + Exposing a port here gives the system additional information + about the network connections a container uses, but + is primarily informational. Not specifying a port + here DOES NOT prevent that port from being exposed. + Any port which is listening on the default "0.0.0.0" + address inside a container will be accessible from + the network. Cannot be updated. + items: + description: ContainerPort represents a network port + in a single container. + properties: + containerPort: + description: Number of port to expose on the pod's + IP address. This must be a valid port number, + 0 < x < 65536. + format: int32 + type: integer + hostIP: + description: What host IP to bind the external + port to. + type: string + hostPort: + description: Number of port to expose on the host. + If specified, this must be a valid port number, + 0 < x < 65536. If HostNetwork is specified, + this must match ContainerPort. Most containers + do not need this. + format: int32 + type: integer + name: + description: If specified, this must be an IANA_SVC_NAME + and unique within the pod. Each named port in + a pod must have a unique name. Name for the + port that can be referred to by services. + type: string + protocol: + default: TCP + description: Protocol for port. Must be UDP, TCP, + or SCTP. Defaults to "TCP". + type: string + required: + - containerPort + type: object + type: array + x-kubernetes-list-map-keys: + - containerPort + - protocol + x-kubernetes-list-type: map + readinessProbe: + description: 'Periodic probe of container service readiness. + Container will be removed from service endpoints if + the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + properties: + exec: + description: Exec specifies the action to take. + properties: + command: + description: Command is the command line to + execute inside the container, the working + directory for the command is root ('/') in + the container's filesystem. The command is + simply exec'd, it is not run inside a shell, + so traditional shell instructions ('|', etc) + won't work. To use a shell, you need to explicitly + call out to that shell. Exit status of 0 is + treated as live/healthy and non-zero is unhealthy. + items: + type: string + type: array + type: object + failureThreshold: + description: Minimum consecutive failures for the + probe to be considered failed after having succeeded. + Defaults to 3. Minimum value is 1. + format: int32 + type: integer + grpc: + description: GRPC specifies an action involving + a GRPC port. This is an alpha field and requires + enabling GRPCContainerProbe feature gate. + properties: + port: + description: Port number of the gRPC service. + Number must be in the range 1 to 65535. + format: int32 + type: integer + service: + description: "Service is the name of the service + to place in the gRPC HealthCheckRequest (see + https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + \n If this is not specified, the default behavior + is defined by gRPC." + type: string + required: + - port + type: object + httpGet: + description: HTTPGet specifies the http request + to perform. + properties: + host: + description: Host name to connect to, defaults + to the pod IP. You probably want to set "Host" + in httpHeaders instead. + type: string + httpHeaders: + description: Custom headers to set in the request. + HTTP allows repeated headers. + items: + description: HTTPHeader describes a custom + header to be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: integer + - type: string + description: Name or number of the port to access + on the container. Number must be in the range + 1 to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: Scheme to use for connecting to + the host. Defaults to HTTP. + type: string + required: + - port + type: object + initialDelaySeconds: + description: 'Number of seconds after the container + has started before liveness probes are initiated. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + periodSeconds: + description: How often (in seconds) to perform the + probe. Default to 10 seconds. Minimum value is + 1. + format: int32 + type: integer + successThreshold: + description: Minimum consecutive successes for the + probe to be considered successful after having + failed. Defaults to 1. Must be 1 for liveness + and startup. Minimum value is 1. + format: int32 + type: integer + tcpSocket: + description: TCPSocket specifies an action involving + a TCP port. + properties: + host: + description: 'Optional: Host name to connect + to, defaults to the pod IP.' + type: string + port: + anyOf: + - type: integer + - type: string + description: Number or name of the port to access + on the container. Number must be in the range + 1 to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + terminationGracePeriodSeconds: + description: Optional duration in seconds the pod + needs to terminate gracefully upon probe failure. + The grace period is the duration in seconds after + the processes running in the pod are sent a termination + signal and the time when the processes are forcibly + halted with a kill signal. Set this value longer + than the expected cleanup time for your process. + If this value is nil, the pod's terminationGracePeriodSeconds + will be used. Otherwise, this value overrides + the value provided by the pod spec. Value must + be non-negative integer. The value zero indicates + stop immediately via the kill signal (no opportunity + to shut down). This is a beta field and requires + enabling ProbeTerminationGracePeriod feature gate. + Minimum value is 1. spec.terminationGracePeriodSeconds + is used if unset. + format: int64 + type: integer + timeoutSeconds: + description: 'Number of seconds after which the + probe times out. Defaults to 1 second. Minimum + value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + type: object + resources: + description: 'Compute Resources required by this container. + Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + properties: + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum amount + of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum amount + of compute resources required. If Requests is + omitted for a container, it defaults to Limits + if that is explicitly specified, otherwise to + an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + type: object + securityContext: + description: 'SecurityContext defines the security options + the container should be run with. If set, the fields + of SecurityContext override the equivalent fields + of PodSecurityContext. More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/' + properties: + allowPrivilegeEscalation: + description: 'AllowPrivilegeEscalation controls + whether a process can gain more privileges than + its parent process. This bool directly controls + if the no_new_privs flag will be set on the container + process. AllowPrivilegeEscalation is true always + when the container is: 1) run as Privileged 2) + has CAP_SYS_ADMIN Note that this field cannot + be set when spec.os.name is windows.' + type: boolean + capabilities: + description: The capabilities to add/drop when running + containers. Defaults to the default set of capabilities + granted by the container runtime. Note that this + field cannot be set when spec.os.name is windows. + properties: + add: + description: Added capabilities + items: + description: Capability represent POSIX capabilities + type + type: string + type: array + drop: + description: Removed capabilities + items: + description: Capability represent POSIX capabilities + type + type: string + type: array + type: object + privileged: + description: Run container in privileged mode. Processes + in privileged containers are essentially equivalent + to root on the host. Defaults to false. Note that + this field cannot be set when spec.os.name is + windows. + type: boolean + procMount: + description: procMount denotes the type of proc + mount to use for the containers. The default is + DefaultProcMount which uses the container runtime + defaults for readonly paths and masked paths. + This requires the ProcMountType feature flag to + be enabled. Note that this field cannot be set + when spec.os.name is windows. + type: string + readOnlyRootFilesystem: + description: Whether this container has a read-only + root filesystem. Default is false. Note that this + field cannot be set when spec.os.name is windows. + type: boolean + runAsGroup: + description: The GID to run the entrypoint of the + container process. Uses runtime default if unset. + May also be set in PodSecurityContext. If set + in both SecurityContext and PodSecurityContext, + the value specified in SecurityContext takes precedence. + Note that this field cannot be set when spec.os.name + is windows. + format: int64 + type: integer + runAsNonRoot: + description: Indicates that the container must run + as a non-root user. If true, the Kubelet will + validate the image at runtime to ensure that it + does not run as UID 0 (root) and fail to start + the container if it does. If unset or false, no + such validation will be performed. May also be + set in PodSecurityContext. If set in both SecurityContext + and PodSecurityContext, the value specified in + SecurityContext takes precedence. + type: boolean + runAsUser: + description: The UID to run the entrypoint of the + container process. Defaults to user specified + in image metadata if unspecified. May also be + set in PodSecurityContext. If set in both SecurityContext + and PodSecurityContext, the value specified in + SecurityContext takes precedence. Note that this + field cannot be set when spec.os.name is windows. + format: int64 + type: integer + seLinuxOptions: + description: The SELinux context to be applied to + the container. If unspecified, the container runtime + will allocate a random SELinux context for each + container. May also be set in PodSecurityContext. If + set in both SecurityContext and PodSecurityContext, + the value specified in SecurityContext takes precedence. + Note that this field cannot be set when spec.os.name + is windows. + properties: + level: + description: Level is SELinux level label that + applies to the container. + type: string + role: + description: Role is a SELinux role label that + applies to the container. + type: string + type: + description: Type is a SELinux type label that + applies to the container. + type: string + user: + description: User is a SELinux user label that + applies to the container. + type: string + type: object + seccompProfile: + description: The seccomp options to use by this + container. If seccomp options are provided at + both the pod & container level, the container + options override the pod options. Note that this + field cannot be set when spec.os.name is windows. + properties: + localhostProfile: + description: localhostProfile indicates a profile + defined in a file on the node should be used. + The profile must be preconfigured on the node + to work. Must be a descending path, relative + to the kubelet's configured seccomp profile + location. Must only be set if type is "Localhost". + type: string + type: + description: "type indicates which kind of seccomp + profile will be applied. Valid options are: + \n Localhost - a profile defined in a file + on the node should be used. RuntimeDefault + - the container runtime default profile should + be used. Unconfined - no profile should be + applied." + type: string + required: + - type + type: object + windowsOptions: + description: The Windows specific settings applied + to all containers. If unspecified, the options + from the PodSecurityContext will be used. If set + in both SecurityContext and PodSecurityContext, + the value specified in SecurityContext takes precedence. + Note that this field cannot be set when spec.os.name + is linux. + properties: + gmsaCredentialSpec: + description: GMSACredentialSpec is where the + GMSA admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) + inlines the contents of the GMSA credential + spec named by the GMSACredentialSpecName field. + type: string + gmsaCredentialSpecName: + description: GMSACredentialSpecName is the name + of the GMSA credential spec to use. + type: string + hostProcess: + description: HostProcess determines if a container + should be run as a 'Host Process' container. + This field is alpha-level and will only be + honored by components that enable the WindowsHostProcessContainers + feature flag. Setting this field without the + feature flag will result in errors when validating + the Pod. All of a Pod's containers must have + the same effective HostProcess value (it is + not allowed to have a mix of HostProcess containers + and non-HostProcess containers). In addition, + if HostProcess is true then HostNetwork must + also be set to true. + type: boolean + runAsUserName: + description: The UserName in Windows to run + the entrypoint of the container process. Defaults + to the user specified in image metadata if + unspecified. May also be set in PodSecurityContext. + If set in both SecurityContext and PodSecurityContext, + the value specified in SecurityContext takes + precedence. + type: string + type: object + type: object + startupProbe: + description: 'StartupProbe indicates that the Pod has + successfully initialized. If specified, no other probes + are executed until this completes successfully. If + this probe fails, the Pod will be restarted, just + as if the livenessProbe failed. This can be used to + provide different probe parameters at the beginning + of a Pod''s lifecycle, when it might take a long time + to load data or warm a cache, than during steady-state + operation. This cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + properties: + exec: + description: Exec specifies the action to take. + properties: + command: + description: Command is the command line to + execute inside the container, the working + directory for the command is root ('/') in + the container's filesystem. The command is + simply exec'd, it is not run inside a shell, + so traditional shell instructions ('|', etc) + won't work. To use a shell, you need to explicitly + call out to that shell. Exit status of 0 is + treated as live/healthy and non-zero is unhealthy. + items: + type: string + type: array + type: object + failureThreshold: + description: Minimum consecutive failures for the + probe to be considered failed after having succeeded. + Defaults to 3. Minimum value is 1. + format: int32 + type: integer + grpc: + description: GRPC specifies an action involving + a GRPC port. This is an alpha field and requires + enabling GRPCContainerProbe feature gate. + properties: + port: + description: Port number of the gRPC service. + Number must be in the range 1 to 65535. + format: int32 + type: integer + service: + description: "Service is the name of the service + to place in the gRPC HealthCheckRequest (see + https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + \n If this is not specified, the default behavior + is defined by gRPC." + type: string + required: + - port + type: object + httpGet: + description: HTTPGet specifies the http request + to perform. + properties: + host: + description: Host name to connect to, defaults + to the pod IP. You probably want to set "Host" + in httpHeaders instead. + type: string + httpHeaders: + description: Custom headers to set in the request. + HTTP allows repeated headers. + items: + description: HTTPHeader describes a custom + header to be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: integer + - type: string + description: Name or number of the port to access + on the container. Number must be in the range + 1 to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: Scheme to use for connecting to + the host. Defaults to HTTP. + type: string + required: + - port + type: object + initialDelaySeconds: + description: 'Number of seconds after the container + has started before liveness probes are initiated. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + periodSeconds: + description: How often (in seconds) to perform the + probe. Default to 10 seconds. Minimum value is + 1. + format: int32 + type: integer + successThreshold: + description: Minimum consecutive successes for the + probe to be considered successful after having + failed. Defaults to 1. Must be 1 for liveness + and startup. Minimum value is 1. + format: int32 + type: integer + tcpSocket: + description: TCPSocket specifies an action involving + a TCP port. + properties: + host: + description: 'Optional: Host name to connect + to, defaults to the pod IP.' + type: string + port: + anyOf: + - type: integer + - type: string + description: Number or name of the port to access + on the container. Number must be in the range + 1 to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + terminationGracePeriodSeconds: + description: Optional duration in seconds the pod + needs to terminate gracefully upon probe failure. + The grace period is the duration in seconds after + the processes running in the pod are sent a termination + signal and the time when the processes are forcibly + halted with a kill signal. Set this value longer + than the expected cleanup time for your process. + If this value is nil, the pod's terminationGracePeriodSeconds + will be used. Otherwise, this value overrides + the value provided by the pod spec. Value must + be non-negative integer. The value zero indicates + stop immediately via the kill signal (no opportunity + to shut down). This is a beta field and requires + enabling ProbeTerminationGracePeriod feature gate. + Minimum value is 1. spec.terminationGracePeriodSeconds + is used if unset. + format: int64 + type: integer + timeoutSeconds: + description: 'Number of seconds after which the + probe times out. Defaults to 1 second. Minimum + value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + type: object + stdin: + description: Whether this container should allocate + a buffer for stdin in the container runtime. If this + is not set, reads from stdin in the container will + always result in EOF. Default is false. + type: boolean + stdinOnce: + description: Whether the container runtime should close + the stdin channel after it has been opened by a single + attach. When stdin is true the stdin stream will remain + open across multiple attach sessions. If stdinOnce + is set to true, stdin is opened on container start, + is empty until the first client attaches to stdin, + and then remains open and accepts data until the client + disconnects, at which time stdin is closed and remains + closed until the container is restarted. If this flag + is false, a container processes that reads from stdin + will never receive an EOF. Default is false + type: boolean + terminationMessagePath: + description: 'Optional: Path at which the file to which + the container''s termination message will be written + is mounted into the container''s filesystem. Message + written is intended to be brief final status, such + as an assertion failure message. Will be truncated + by the node if greater than 4096 bytes. The total + message length across all containers will be limited + to 12kb. Defaults to /dev/termination-log. Cannot + be updated.' + type: string + terminationMessagePolicy: + description: Indicate how the termination message should + be populated. File will use the contents of terminationMessagePath + to populate the container status message on both success + and failure. FallbackToLogsOnError will use the last + chunk of container log output if the termination message + file is empty and the container exited with an error. + The log output is limited to 2048 bytes or 80 lines, + whichever is smaller. Defaults to File. Cannot be + updated. + type: string + tty: + description: Whether this container should allocate + a TTY for itself, also requires 'stdin' to be true. + Default is false. + type: boolean + volumeDevices: + description: volumeDevices is the list of block devices + to be used by the container. + items: + description: volumeDevice describes a mapping of a + raw block device within a container. + properties: + devicePath: + description: devicePath is the path inside of + the container that the device will be mapped + to. + type: string + name: + description: name must match the name of a persistentVolumeClaim + in the pod + type: string + required: + - devicePath + - name + type: object + type: array + volumeMounts: + description: Pod volumes to mount into the container's + filesystem. Cannot be updated. + items: + description: VolumeMount describes a mounting of a + Volume within a container. + properties: + mountPath: + description: Path within the container at which + the volume should be mounted. Must not contain + ':'. + type: string + mountPropagation: + description: mountPropagation determines how mounts + are propagated from the host to container and + the other way around. When not set, MountPropagationNone + is used. This field is beta in 1.10. + type: string + name: + description: This must match the Name of a Volume. + type: string + readOnly: + description: Mounted read-only if true, read-write + otherwise (false or unspecified). Defaults to + false. + type: boolean + subPath: + description: Path within the volume from which + the container's volume should be mounted. Defaults + to "" (volume's root). + type: string + subPathExpr: + description: Expanded path within the volume from + which the container's volume should be mounted. + Behaves similarly to SubPath but environment + variable references $(VAR_NAME) are expanded + using the container's environment. Defaults + to "" (volume's root). SubPathExpr and SubPath + are mutually exclusive. + type: string + required: + - mountPath + - name + type: object + type: array + workingDir: + description: Container's working directory. If not specified, + the container runtime's default will be used, which + might be configured in the container image. Cannot + be updated. + type: string + required: + - name + type: object + type: array + labels: + items: + type: string + type: array + nodeSelector: + additionalProperties: + type: string + type: object + organization: + pattern: ^[^/]+$ + type: string + repository: + pattern: ^[^/]+/[^/]+$ + type: string + resources: + description: ResourceRequirements describes the compute resource + requirements. + properties: + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum amount of compute + resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum amount of + compute resources required. If Requests is omitted for + a container, it defaults to Limits if that is explicitly + specified, otherwise to an implementation-defined value. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + type: object + runtimeClassName: + description: 'RuntimeClassName is the container runtime configuration + that containers should run under. More info: https://kubernetes.io/docs/concepts/containers/runtime-class' + type: string + securityContext: + description: PodSecurityContext holds pod-level security attributes + and common container settings. Some fields are also present + in container.securityContext. Field values of container.securityContext + take precedence over field values of PodSecurityContext. + properties: + fsGroup: + description: "A special supplemental group that applies + to all containers in a pod. Some volume types allow + the Kubelet to change the ownership of that volume to + be owned by the pod: \n 1. The owning GID will be the + FSGroup 2. The setgid bit is set (new files created + in the volume will be owned by FSGroup) 3. The permission + bits are OR'd with rw-rw---- \n If unset, the Kubelet + will not modify the ownership and permissions of any + volume. Note that this field cannot be set when spec.os.name + is windows." + format: int64 + type: integer + fsGroupChangePolicy: + description: 'fsGroupChangePolicy defines behavior of + changing ownership and permission of the volume before + being exposed inside Pod. This field will only apply + to volume types which support fsGroup based ownership(and + permissions). It will have no effect on ephemeral volume + types such as: secret, configmaps and emptydir. Valid + values are "OnRootMismatch" and "Always". If not specified, + "Always" is used. Note that this field cannot be set + when spec.os.name is windows.' + type: string + runAsGroup: + description: The GID to run the entrypoint of the container + process. Uses runtime default if unset. May also be + set in SecurityContext. If set in both SecurityContext + and PodSecurityContext, the value specified in SecurityContext + takes precedence for that container. Note that this + field cannot be set when spec.os.name is windows. + format: int64 + type: integer + runAsNonRoot: + description: Indicates that the container must run as + a non-root user. If true, the Kubelet will validate + the image at runtime to ensure that it does not run + as UID 0 (root) and fail to start the container if it + does. If unset or false, no such validation will be + performed. May also be set in SecurityContext. If set + in both SecurityContext and PodSecurityContext, the + value specified in SecurityContext takes precedence. + type: boolean + runAsUser: + description: The UID to run the entrypoint of the container + process. Defaults to user specified in image metadata + if unspecified. May also be set in SecurityContext. If + set in both SecurityContext and PodSecurityContext, + the value specified in SecurityContext takes precedence + for that container. Note that this field cannot be set + when spec.os.name is windows. + format: int64 + type: integer + seLinuxOptions: + description: The SELinux context to be applied to all + containers. If unspecified, the container runtime will + allocate a random SELinux context for each container. May + also be set in SecurityContext. If set in both SecurityContext + and PodSecurityContext, the value specified in SecurityContext + takes precedence for that container. Note that this + field cannot be set when spec.os.name is windows. + properties: + level: + description: Level is SELinux level label that applies + to the container. + type: string + role: + description: Role is a SELinux role label that applies + to the container. + type: string + type: + description: Type is a SELinux type label that applies + to the container. + type: string + user: + description: User is a SELinux user label that applies + to the container. + type: string + type: object + seccompProfile: + description: The seccomp options to use by the containers + in this pod. Note that this field cannot be set when + spec.os.name is windows. + properties: + localhostProfile: + description: localhostProfile indicates a profile + defined in a file on the node should be used. The + profile must be preconfigured on the node to work. + Must be a descending path, relative to the kubelet's + configured seccomp profile location. Must only be + set if type is "Localhost". + type: string + type: + description: "type indicates which kind of seccomp + profile will be applied. Valid options are: \n Localhost + - a profile defined in a file on the node should + be used. RuntimeDefault - the container runtime + default profile should be used. Unconfined - no + profile should be applied." + type: string + required: + - type + type: object + supplementalGroups: + description: A list of groups applied to the first process + run in each container, in addition to the container's + primary GID. If unspecified, no groups will be added + to any container. Note that this field cannot be set + when spec.os.name is windows. + items: + format: int64 + type: integer + type: array + sysctls: + description: Sysctls hold a list of namespaced sysctls + used for the pod. Pods with unsupported sysctls (by + the container runtime) might fail to launch. Note that + this field cannot be set when spec.os.name is windows. + items: + description: Sysctl defines a kernel parameter to be + set + properties: + name: + description: Name of a property to set + type: string + value: + description: Value of a property to set + type: string + required: + - name + - value + type: object + type: array + windowsOptions: + description: The Windows specific settings applied to + all containers. If unspecified, the options within a + container's SecurityContext will be used. If set in + both SecurityContext and PodSecurityContext, the value + specified in SecurityContext takes precedence. Note + that this field cannot be set when spec.os.name is linux. + properties: + gmsaCredentialSpec: + description: GMSACredentialSpec is where the GMSA + admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) + inlines the contents of the GMSA credential spec + named by the GMSACredentialSpecName field. + type: string + gmsaCredentialSpecName: + description: GMSACredentialSpecName is the name of + the GMSA credential spec to use. + type: string + hostProcess: + description: HostProcess determines if a container + should be run as a 'Host Process' container. This + field is alpha-level and will only be honored by + components that enable the WindowsHostProcessContainers + feature flag. Setting this field without the feature + flag will result in errors when validating the Pod. + All of a Pod's containers must have the same effective + HostProcess value (it is not allowed to have a mix + of HostProcess containers and non-HostProcess containers). In + addition, if HostProcess is true then HostNetwork + must also be set to true. + type: boolean + runAsUserName: + description: The UserName in Windows to run the entrypoint + of the container process. Defaults to the user specified + in image metadata if unspecified. May also be set + in PodSecurityContext. If set in both SecurityContext + and PodSecurityContext, the value specified in SecurityContext + takes precedence. + type: string + type: object + type: object + serviceAccountName: + type: string + sidecarContainers: + items: + description: A single application container that you want + to run within a pod. + properties: + args: + description: 'Arguments to the entrypoint. The docker + image''s CMD is used if this is not provided. Variable + references $(VAR_NAME) are expanded using the container''s + environment. If a variable cannot be resolved, the + reference in the input string will be unchanged. Double + $$ are reduced to a single $, which allows for escaping + the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce + the string literal "$(VAR_NAME)". Escaped references + will never be expanded, regardless of whether the + variable exists or not. Cannot be updated. More info: + https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' + items: + type: string + type: array + command: + description: 'Entrypoint array. Not executed within + a shell. The docker image''s ENTRYPOINT is used if + this is not provided. Variable references $(VAR_NAME) + are expanded using the container''s environment. If + a variable cannot be resolved, the reference in the + input string will be unchanged. Double $$ are reduced + to a single $, which allows for escaping the $(VAR_NAME) + syntax: i.e. "$$(VAR_NAME)" will produce the string + literal "$(VAR_NAME)". Escaped references will never + be expanded, regardless of whether the variable exists + or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' + items: + type: string + type: array + env: + description: List of environment variables to set in + the container. Cannot be updated. + items: + description: EnvVar represents an environment variable + present in a Container. + properties: + name: + description: Name of the environment variable. + Must be a C_IDENTIFIER. + type: string + value: + description: 'Variable references $(VAR_NAME) + are expanded using the previously defined environment + variables in the container and any service environment + variables. If a variable cannot be resolved, + the reference in the input string will be unchanged. + Double $$ are reduced to a single $, which allows + for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" + will produce the string literal "$(VAR_NAME)". + Escaped references will never be expanded, regardless + of whether the variable exists or not. Defaults + to "".' + type: string + valueFrom: + description: Source for the environment variable's + value. Cannot be used if value is not empty. + properties: + configMapKeyRef: + description: Selects a key of a ConfigMap. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the ConfigMap + or its key must be defined + type: boolean + required: + - key + type: object + fieldRef: + description: 'Selects a field of the pod: + supports metadata.name, metadata.namespace, + `metadata.labels['''']`, `metadata.annotations['''']`, + spec.nodeName, spec.serviceAccountName, + status.hostIP, status.podIP, status.podIPs.' + properties: + apiVersion: + description: Version of the schema the + FieldPath is written in terms of, defaults + to "v1". + type: string + fieldPath: + description: Path of the field to select + in the specified API version. + type: string + required: + - fieldPath + type: object + resourceFieldRef: + description: 'Selects a resource of the container: + only resources limits and requests (limits.cpu, + limits.memory, limits.ephemeral-storage, + requests.cpu, requests.memory and requests.ephemeral-storage) + are currently supported.' + properties: + containerName: + description: 'Container name: required + for volumes, optional for env vars' + type: string + divisor: + anyOf: + - type: integer + - type: string + description: Specifies the output format + of the exposed resources, defaults to + "1" + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + description: 'Required: resource to select' + type: string + required: + - resource + type: object + secretKeyRef: + description: Selects a key of a secret in + the pod's namespace + properties: + key: + description: The key of the secret to + select from. Must be a valid secret + key. + type: string + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + required: + - key + type: object + type: object + required: + - name + type: object + type: array + envFrom: + description: List of sources to populate environment + variables in the container. The keys defined within + a source must be a C_IDENTIFIER. All invalid keys + will be reported as an event when the container is + starting. When a key exists in multiple sources, the + value associated with the last source will take precedence. + Values defined by an Env with a duplicate key will + take precedence. Cannot be updated. + items: + description: EnvFromSource represents the source of + a set of ConfigMaps + properties: + configMapRef: + description: The ConfigMap to select from + properties: + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the ConfigMap + must be defined + type: boolean + type: object + prefix: + description: An optional identifier to prepend + to each key in the ConfigMap. Must be a C_IDENTIFIER. + type: string + secretRef: + description: The Secret to select from + properties: + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret must + be defined + type: boolean + type: object + type: object + type: array + image: + description: 'Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images + This field is optional to allow higher level config + management to default or override container images + in workload controllers like Deployments and StatefulSets.' + type: string + imagePullPolicy: + description: 'Image pull policy. One of Always, Never, + IfNotPresent. Defaults to Always if :latest tag is + specified, or IfNotPresent otherwise. Cannot be updated. + More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' + type: string + lifecycle: + description: Actions that the management system should + take in response to container lifecycle events. Cannot + be updated. + properties: + postStart: + description: 'PostStart is called immediately after + a container is created. If the handler fails, + the container is terminated and restarted according + to its restart policy. Other management of the + container blocks until the hook completes. More + info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' + properties: + exec: + description: Exec specifies the action to take. + properties: + command: + description: Command is the command line + to execute inside the container, the working + directory for the command is root ('/') + in the container's filesystem. The command + is simply exec'd, it is not run inside + a shell, so traditional shell instructions + ('|', etc) won't work. To use a shell, + you need to explicitly call out to that + shell. Exit status of 0 is treated as + live/healthy and non-zero is unhealthy. + items: + type: string + type: array + type: object + httpGet: + description: HTTPGet specifies the http request + to perform. + properties: + host: + description: Host name to connect to, defaults + to the pod IP. You probably want to set + "Host" in httpHeaders instead. + type: string + httpHeaders: + description: Custom headers to set in the + request. HTTP allows repeated headers. + items: + description: HTTPHeader describes a custom + header to be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP + server. + type: string + port: + anyOf: + - type: integer + - type: string + description: Name or number of the port + to access on the container. Number must + be in the range 1 to 65535. Name must + be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: Scheme to use for connecting + to the host. Defaults to HTTP. + type: string + required: + - port + type: object + tcpSocket: + description: Deprecated. TCPSocket is NOT supported + as a LifecycleHandler and kept for the backward + compatibility. There are no validation of + this field and lifecycle hooks will fail in + runtime when tcp handler is specified. + properties: + host: + description: 'Optional: Host name to connect + to, defaults to the pod IP.' + type: string + port: + anyOf: + - type: integer + - type: string + description: Number or name of the port + to access on the container. Number must + be in the range 1 to 65535. Name must + be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + type: object + preStop: + description: 'PreStop is called immediately before + a container is terminated due to an API request + or management event such as liveness/startup probe + failure, preemption, resource contention, etc. + The handler is not called if the container crashes + or exits. The Pod''s termination grace period + countdown begins before the PreStop hook is executed. + Regardless of the outcome of the handler, the + container will eventually terminate within the + Pod''s termination grace period (unless delayed + by finalizers). Other management of the container + blocks until the hook completes or until the termination + grace period is reached. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' + properties: + exec: + description: Exec specifies the action to take. + properties: + command: + description: Command is the command line + to execute inside the container, the working + directory for the command is root ('/') + in the container's filesystem. The command + is simply exec'd, it is not run inside + a shell, so traditional shell instructions + ('|', etc) won't work. To use a shell, + you need to explicitly call out to that + shell. Exit status of 0 is treated as + live/healthy and non-zero is unhealthy. + items: + type: string + type: array + type: object + httpGet: + description: HTTPGet specifies the http request + to perform. + properties: + host: + description: Host name to connect to, defaults + to the pod IP. You probably want to set + "Host" in httpHeaders instead. + type: string + httpHeaders: + description: Custom headers to set in the + request. HTTP allows repeated headers. + items: + description: HTTPHeader describes a custom + header to be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP + server. + type: string + port: + anyOf: + - type: integer + - type: string + description: Name or number of the port + to access on the container. Number must + be in the range 1 to 65535. Name must + be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: Scheme to use for connecting + to the host. Defaults to HTTP. + type: string + required: + - port + type: object + tcpSocket: + description: Deprecated. TCPSocket is NOT supported + as a LifecycleHandler and kept for the backward + compatibility. There are no validation of + this field and lifecycle hooks will fail in + runtime when tcp handler is specified. + properties: + host: + description: 'Optional: Host name to connect + to, defaults to the pod IP.' + type: string + port: + anyOf: + - type: integer + - type: string + description: Number or name of the port + to access on the container. Number must + be in the range 1 to 65535. Name must + be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + type: object + type: object + livenessProbe: + description: 'Periodic probe of container liveness. + Container will be restarted if the probe fails. Cannot + be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + properties: + exec: + description: Exec specifies the action to take. + properties: + command: + description: Command is the command line to + execute inside the container, the working + directory for the command is root ('/') in + the container's filesystem. The command is + simply exec'd, it is not run inside a shell, + so traditional shell instructions ('|', etc) + won't work. To use a shell, you need to explicitly + call out to that shell. Exit status of 0 is + treated as live/healthy and non-zero is unhealthy. + items: + type: string + type: array + type: object + failureThreshold: + description: Minimum consecutive failures for the + probe to be considered failed after having succeeded. + Defaults to 3. Minimum value is 1. + format: int32 + type: integer + grpc: + description: GRPC specifies an action involving + a GRPC port. This is an alpha field and requires + enabling GRPCContainerProbe feature gate. + properties: + port: + description: Port number of the gRPC service. + Number must be in the range 1 to 65535. + format: int32 + type: integer + service: + description: "Service is the name of the service + to place in the gRPC HealthCheckRequest (see + https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + \n If this is not specified, the default behavior + is defined by gRPC." + type: string + required: + - port + type: object + httpGet: + description: HTTPGet specifies the http request + to perform. + properties: + host: + description: Host name to connect to, defaults + to the pod IP. You probably want to set "Host" + in httpHeaders instead. + type: string + httpHeaders: + description: Custom headers to set in the request. + HTTP allows repeated headers. + items: + description: HTTPHeader describes a custom + header to be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: integer + - type: string + description: Name or number of the port to access + on the container. Number must be in the range + 1 to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: Scheme to use for connecting to + the host. Defaults to HTTP. + type: string + required: + - port + type: object + initialDelaySeconds: + description: 'Number of seconds after the container + has started before liveness probes are initiated. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + periodSeconds: + description: How often (in seconds) to perform the + probe. Default to 10 seconds. Minimum value is + 1. + format: int32 + type: integer + successThreshold: + description: Minimum consecutive successes for the + probe to be considered successful after having + failed. Defaults to 1. Must be 1 for liveness + and startup. Minimum value is 1. + format: int32 + type: integer + tcpSocket: + description: TCPSocket specifies an action involving + a TCP port. + properties: + host: + description: 'Optional: Host name to connect + to, defaults to the pod IP.' + type: string + port: + anyOf: + - type: integer + - type: string + description: Number or name of the port to access + on the container. Number must be in the range + 1 to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + terminationGracePeriodSeconds: + description: Optional duration in seconds the pod + needs to terminate gracefully upon probe failure. + The grace period is the duration in seconds after + the processes running in the pod are sent a termination + signal and the time when the processes are forcibly + halted with a kill signal. Set this value longer + than the expected cleanup time for your process. + If this value is nil, the pod's terminationGracePeriodSeconds + will be used. Otherwise, this value overrides + the value provided by the pod spec. Value must + be non-negative integer. The value zero indicates + stop immediately via the kill signal (no opportunity + to shut down). This is a beta field and requires + enabling ProbeTerminationGracePeriod feature gate. + Minimum value is 1. spec.terminationGracePeriodSeconds + is used if unset. + format: int64 + type: integer + timeoutSeconds: + description: 'Number of seconds after which the + probe times out. Defaults to 1 second. Minimum + value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + type: object + name: + description: Name of the container specified as a DNS_LABEL. + Each container in a pod must have a unique name (DNS_LABEL). + Cannot be updated. + type: string + ports: + description: List of ports to expose from the container. + Exposing a port here gives the system additional information + about the network connections a container uses, but + is primarily informational. Not specifying a port + here DOES NOT prevent that port from being exposed. + Any port which is listening on the default "0.0.0.0" + address inside a container will be accessible from + the network. Cannot be updated. + items: + description: ContainerPort represents a network port + in a single container. + properties: + containerPort: + description: Number of port to expose on the pod's + IP address. This must be a valid port number, + 0 < x < 65536. + format: int32 + type: integer + hostIP: + description: What host IP to bind the external + port to. + type: string + hostPort: + description: Number of port to expose on the host. + If specified, this must be a valid port number, + 0 < x < 65536. If HostNetwork is specified, + this must match ContainerPort. Most containers + do not need this. + format: int32 + type: integer + name: + description: If specified, this must be an IANA_SVC_NAME + and unique within the pod. Each named port in + a pod must have a unique name. Name for the + port that can be referred to by services. + type: string + protocol: + default: TCP + description: Protocol for port. Must be UDP, TCP, + or SCTP. Defaults to "TCP". + type: string + required: + - containerPort + type: object + type: array + x-kubernetes-list-map-keys: + - containerPort + - protocol + x-kubernetes-list-type: map + readinessProbe: + description: 'Periodic probe of container service readiness. + Container will be removed from service endpoints if + the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + properties: + exec: + description: Exec specifies the action to take. + properties: + command: + description: Command is the command line to + execute inside the container, the working + directory for the command is root ('/') in + the container's filesystem. The command is + simply exec'd, it is not run inside a shell, + so traditional shell instructions ('|', etc) + won't work. To use a shell, you need to explicitly + call out to that shell. Exit status of 0 is + treated as live/healthy and non-zero is unhealthy. + items: + type: string + type: array + type: object + failureThreshold: + description: Minimum consecutive failures for the + probe to be considered failed after having succeeded. + Defaults to 3. Minimum value is 1. + format: int32 + type: integer + grpc: + description: GRPC specifies an action involving + a GRPC port. This is an alpha field and requires + enabling GRPCContainerProbe feature gate. + properties: + port: + description: Port number of the gRPC service. + Number must be in the range 1 to 65535. + format: int32 + type: integer + service: + description: "Service is the name of the service + to place in the gRPC HealthCheckRequest (see + https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + \n If this is not specified, the default behavior + is defined by gRPC." + type: string + required: + - port + type: object + httpGet: + description: HTTPGet specifies the http request + to perform. + properties: + host: + description: Host name to connect to, defaults + to the pod IP. You probably want to set "Host" + in httpHeaders instead. + type: string + httpHeaders: + description: Custom headers to set in the request. + HTTP allows repeated headers. + items: + description: HTTPHeader describes a custom + header to be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: integer + - type: string + description: Name or number of the port to access + on the container. Number must be in the range + 1 to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: Scheme to use for connecting to + the host. Defaults to HTTP. + type: string + required: + - port + type: object + initialDelaySeconds: + description: 'Number of seconds after the container + has started before liveness probes are initiated. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + periodSeconds: + description: How often (in seconds) to perform the + probe. Default to 10 seconds. Minimum value is + 1. + format: int32 + type: integer + successThreshold: + description: Minimum consecutive successes for the + probe to be considered successful after having + failed. Defaults to 1. Must be 1 for liveness + and startup. Minimum value is 1. + format: int32 + type: integer + tcpSocket: + description: TCPSocket specifies an action involving + a TCP port. + properties: + host: + description: 'Optional: Host name to connect + to, defaults to the pod IP.' + type: string + port: + anyOf: + - type: integer + - type: string + description: Number or name of the port to access + on the container. Number must be in the range + 1 to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + terminationGracePeriodSeconds: + description: Optional duration in seconds the pod + needs to terminate gracefully upon probe failure. + The grace period is the duration in seconds after + the processes running in the pod are sent a termination + signal and the time when the processes are forcibly + halted with a kill signal. Set this value longer + than the expected cleanup time for your process. + If this value is nil, the pod's terminationGracePeriodSeconds + will be used. Otherwise, this value overrides + the value provided by the pod spec. Value must + be non-negative integer. The value zero indicates + stop immediately via the kill signal (no opportunity + to shut down). This is a beta field and requires + enabling ProbeTerminationGracePeriod feature gate. + Minimum value is 1. spec.terminationGracePeriodSeconds + is used if unset. + format: int64 + type: integer + timeoutSeconds: + description: 'Number of seconds after which the + probe times out. Defaults to 1 second. Minimum + value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + type: object + resources: + description: 'Compute Resources required by this container. + Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + properties: + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum amount + of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum amount + of compute resources required. If Requests is + omitted for a container, it defaults to Limits + if that is explicitly specified, otherwise to + an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + type: object + securityContext: + description: 'SecurityContext defines the security options + the container should be run with. If set, the fields + of SecurityContext override the equivalent fields + of PodSecurityContext. More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/' + properties: + allowPrivilegeEscalation: + description: 'AllowPrivilegeEscalation controls + whether a process can gain more privileges than + its parent process. This bool directly controls + if the no_new_privs flag will be set on the container + process. AllowPrivilegeEscalation is true always + when the container is: 1) run as Privileged 2) + has CAP_SYS_ADMIN Note that this field cannot + be set when spec.os.name is windows.' + type: boolean + capabilities: + description: The capabilities to add/drop when running + containers. Defaults to the default set of capabilities + granted by the container runtime. Note that this + field cannot be set when spec.os.name is windows. + properties: + add: + description: Added capabilities + items: + description: Capability represent POSIX capabilities + type + type: string + type: array + drop: + description: Removed capabilities + items: + description: Capability represent POSIX capabilities + type + type: string + type: array + type: object + privileged: + description: Run container in privileged mode. Processes + in privileged containers are essentially equivalent + to root on the host. Defaults to false. Note that + this field cannot be set when spec.os.name is + windows. + type: boolean + procMount: + description: procMount denotes the type of proc + mount to use for the containers. The default is + DefaultProcMount which uses the container runtime + defaults for readonly paths and masked paths. + This requires the ProcMountType feature flag to + be enabled. Note that this field cannot be set + when spec.os.name is windows. + type: string + readOnlyRootFilesystem: + description: Whether this container has a read-only + root filesystem. Default is false. Note that this + field cannot be set when spec.os.name is windows. + type: boolean + runAsGroup: + description: The GID to run the entrypoint of the + container process. Uses runtime default if unset. + May also be set in PodSecurityContext. If set + in both SecurityContext and PodSecurityContext, + the value specified in SecurityContext takes precedence. + Note that this field cannot be set when spec.os.name + is windows. + format: int64 + type: integer + runAsNonRoot: + description: Indicates that the container must run + as a non-root user. If true, the Kubelet will + validate the image at runtime to ensure that it + does not run as UID 0 (root) and fail to start + the container if it does. If unset or false, no + such validation will be performed. May also be + set in PodSecurityContext. If set in both SecurityContext + and PodSecurityContext, the value specified in + SecurityContext takes precedence. + type: boolean + runAsUser: + description: The UID to run the entrypoint of the + container process. Defaults to user specified + in image metadata if unspecified. May also be + set in PodSecurityContext. If set in both SecurityContext + and PodSecurityContext, the value specified in + SecurityContext takes precedence. Note that this + field cannot be set when spec.os.name is windows. + format: int64 + type: integer + seLinuxOptions: + description: The SELinux context to be applied to + the container. If unspecified, the container runtime + will allocate a random SELinux context for each + container. May also be set in PodSecurityContext. If + set in both SecurityContext and PodSecurityContext, + the value specified in SecurityContext takes precedence. + Note that this field cannot be set when spec.os.name + is windows. + properties: + level: + description: Level is SELinux level label that + applies to the container. + type: string + role: + description: Role is a SELinux role label that + applies to the container. + type: string + type: + description: Type is a SELinux type label that + applies to the container. + type: string + user: + description: User is a SELinux user label that + applies to the container. + type: string + type: object + seccompProfile: + description: The seccomp options to use by this + container. If seccomp options are provided at + both the pod & container level, the container + options override the pod options. Note that this + field cannot be set when spec.os.name is windows. + properties: + localhostProfile: + description: localhostProfile indicates a profile + defined in a file on the node should be used. + The profile must be preconfigured on the node + to work. Must be a descending path, relative + to the kubelet's configured seccomp profile + location. Must only be set if type is "Localhost". + type: string + type: + description: "type indicates which kind of seccomp + profile will be applied. Valid options are: + \n Localhost - a profile defined in a file + on the node should be used. RuntimeDefault + - the container runtime default profile should + be used. Unconfined - no profile should be + applied." + type: string + required: + - type + type: object + windowsOptions: + description: The Windows specific settings applied + to all containers. If unspecified, the options + from the PodSecurityContext will be used. If set + in both SecurityContext and PodSecurityContext, + the value specified in SecurityContext takes precedence. + Note that this field cannot be set when spec.os.name + is linux. + properties: + gmsaCredentialSpec: + description: GMSACredentialSpec is where the + GMSA admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) + inlines the contents of the GMSA credential + spec named by the GMSACredentialSpecName field. + type: string + gmsaCredentialSpecName: + description: GMSACredentialSpecName is the name + of the GMSA credential spec to use. + type: string + hostProcess: + description: HostProcess determines if a container + should be run as a 'Host Process' container. + This field is alpha-level and will only be + honored by components that enable the WindowsHostProcessContainers + feature flag. Setting this field without the + feature flag will result in errors when validating + the Pod. All of a Pod's containers must have + the same effective HostProcess value (it is + not allowed to have a mix of HostProcess containers + and non-HostProcess containers). In addition, + if HostProcess is true then HostNetwork must + also be set to true. + type: boolean + runAsUserName: + description: The UserName in Windows to run + the entrypoint of the container process. Defaults + to the user specified in image metadata if + unspecified. May also be set in PodSecurityContext. + If set in both SecurityContext and PodSecurityContext, + the value specified in SecurityContext takes + precedence. + type: string + type: object + type: object + startupProbe: + description: 'StartupProbe indicates that the Pod has + successfully initialized. If specified, no other probes + are executed until this completes successfully. If + this probe fails, the Pod will be restarted, just + as if the livenessProbe failed. This can be used to + provide different probe parameters at the beginning + of a Pod''s lifecycle, when it might take a long time + to load data or warm a cache, than during steady-state + operation. This cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + properties: + exec: + description: Exec specifies the action to take. + properties: + command: + description: Command is the command line to + execute inside the container, the working + directory for the command is root ('/') in + the container's filesystem. The command is + simply exec'd, it is not run inside a shell, + so traditional shell instructions ('|', etc) + won't work. To use a shell, you need to explicitly + call out to that shell. Exit status of 0 is + treated as live/healthy and non-zero is unhealthy. + items: + type: string + type: array + type: object + failureThreshold: + description: Minimum consecutive failures for the + probe to be considered failed after having succeeded. + Defaults to 3. Minimum value is 1. + format: int32 + type: integer + grpc: + description: GRPC specifies an action involving + a GRPC port. This is an alpha field and requires + enabling GRPCContainerProbe feature gate. + properties: + port: + description: Port number of the gRPC service. + Number must be in the range 1 to 65535. + format: int32 + type: integer + service: + description: "Service is the name of the service + to place in the gRPC HealthCheckRequest (see + https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + \n If this is not specified, the default behavior + is defined by gRPC." + type: string + required: + - port + type: object + httpGet: + description: HTTPGet specifies the http request + to perform. + properties: + host: + description: Host name to connect to, defaults + to the pod IP. You probably want to set "Host" + in httpHeaders instead. + type: string + httpHeaders: + description: Custom headers to set in the request. + HTTP allows repeated headers. + items: + description: HTTPHeader describes a custom + header to be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: integer + - type: string + description: Name or number of the port to access + on the container. Number must be in the range + 1 to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: Scheme to use for connecting to + the host. Defaults to HTTP. + type: string + required: + - port + type: object + initialDelaySeconds: + description: 'Number of seconds after the container + has started before liveness probes are initiated. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + periodSeconds: + description: How often (in seconds) to perform the + probe. Default to 10 seconds. Minimum value is + 1. + format: int32 + type: integer + successThreshold: + description: Minimum consecutive successes for the + probe to be considered successful after having + failed. Defaults to 1. Must be 1 for liveness + and startup. Minimum value is 1. + format: int32 + type: integer + tcpSocket: + description: TCPSocket specifies an action involving + a TCP port. + properties: + host: + description: 'Optional: Host name to connect + to, defaults to the pod IP.' + type: string + port: + anyOf: + - type: integer + - type: string + description: Number or name of the port to access + on the container. Number must be in the range + 1 to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + terminationGracePeriodSeconds: + description: Optional duration in seconds the pod + needs to terminate gracefully upon probe failure. + The grace period is the duration in seconds after + the processes running in the pod are sent a termination + signal and the time when the processes are forcibly + halted with a kill signal. Set this value longer + than the expected cleanup time for your process. + If this value is nil, the pod's terminationGracePeriodSeconds + will be used. Otherwise, this value overrides + the value provided by the pod spec. Value must + be non-negative integer. The value zero indicates + stop immediately via the kill signal (no opportunity + to shut down). This is a beta field and requires + enabling ProbeTerminationGracePeriod feature gate. + Minimum value is 1. spec.terminationGracePeriodSeconds + is used if unset. + format: int64 + type: integer + timeoutSeconds: + description: 'Number of seconds after which the + probe times out. Defaults to 1 second. Minimum + value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + type: object + stdin: + description: Whether this container should allocate + a buffer for stdin in the container runtime. If this + is not set, reads from stdin in the container will + always result in EOF. Default is false. + type: boolean + stdinOnce: + description: Whether the container runtime should close + the stdin channel after it has been opened by a single + attach. When stdin is true the stdin stream will remain + open across multiple attach sessions. If stdinOnce + is set to true, stdin is opened on container start, + is empty until the first client attaches to stdin, + and then remains open and accepts data until the client + disconnects, at which time stdin is closed and remains + closed until the container is restarted. If this flag + is false, a container processes that reads from stdin + will never receive an EOF. Default is false + type: boolean + terminationMessagePath: + description: 'Optional: Path at which the file to which + the container''s termination message will be written + is mounted into the container''s filesystem. Message + written is intended to be brief final status, such + as an assertion failure message. Will be truncated + by the node if greater than 4096 bytes. The total + message length across all containers will be limited + to 12kb. Defaults to /dev/termination-log. Cannot + be updated.' + type: string + terminationMessagePolicy: + description: Indicate how the termination message should + be populated. File will use the contents of terminationMessagePath + to populate the container status message on both success + and failure. FallbackToLogsOnError will use the last + chunk of container log output if the termination message + file is empty and the container exited with an error. + The log output is limited to 2048 bytes or 80 lines, + whichever is smaller. Defaults to File. Cannot be + updated. + type: string + tty: + description: Whether this container should allocate + a TTY for itself, also requires 'stdin' to be true. + Default is false. + type: boolean + volumeDevices: + description: volumeDevices is the list of block devices + to be used by the container. + items: + description: volumeDevice describes a mapping of a + raw block device within a container. + properties: + devicePath: + description: devicePath is the path inside of + the container that the device will be mapped + to. + type: string + name: + description: name must match the name of a persistentVolumeClaim + in the pod + type: string + required: + - devicePath + - name + type: object + type: array + volumeMounts: + description: Pod volumes to mount into the container's + filesystem. Cannot be updated. + items: + description: VolumeMount describes a mounting of a + Volume within a container. + properties: + mountPath: + description: Path within the container at which + the volume should be mounted. Must not contain + ':'. + type: string + mountPropagation: + description: mountPropagation determines how mounts + are propagated from the host to container and + the other way around. When not set, MountPropagationNone + is used. This field is beta in 1.10. + type: string + name: + description: This must match the Name of a Volume. + type: string + readOnly: + description: Mounted read-only if true, read-write + otherwise (false or unspecified). Defaults to + false. + type: boolean + subPath: + description: Path within the volume from which + the container's volume should be mounted. Defaults + to "" (volume's root). + type: string + subPathExpr: + description: Expanded path within the volume from + which the container's volume should be mounted. + Behaves similarly to SubPath but environment + variable references $(VAR_NAME) are expanded + using the container's environment. Defaults + to "" (volume's root). SubPathExpr and SubPath + are mutually exclusive. + type: string + required: + - mountPath + - name + type: object + type: array + workingDir: + description: Container's working directory. If not specified, + the container runtime's default will be used, which + might be configured in the container image. Cannot + be updated. + type: string + required: + - name + type: object + type: array + terminationGracePeriodSeconds: + format: int64 + type: integer + tolerations: + items: + description: The pod this Toleration is attached to tolerates + any taint that matches the triple using + the matching operator . + properties: + effect: + description: Effect indicates the taint effect to match. + Empty means match all taint effects. When specified, + allowed values are NoSchedule, PreferNoSchedule and + NoExecute. + type: string + key: + description: Key is the taint key that the toleration + applies to. Empty means match all taint keys. If the + key is empty, operator must be Exists; this combination + means to match all values and all keys. + type: string + operator: + description: Operator represents a key's relationship + to the value. Valid operators are Exists and Equal. + Defaults to Equal. Exists is equivalent to wildcard + for value, so that a pod can tolerate all taints of + a particular category. + type: string + tolerationSeconds: + description: TolerationSeconds represents the period + of time the toleration (which must be of effect NoExecute, + otherwise this field is ignored) tolerates the taint. + By default, it is not set, which means tolerate the + taint forever (do not evict). Zero and negative values + will be treated as 0 (evict immediately) by the system. + format: int64 + type: integer + value: + description: Value is the taint value the toleration + matches to. If the operator is Exists, the value should + be empty, otherwise just a regular string. + type: string + type: object + type: array + topologySpreadConstraint: + items: + description: TopologySpreadConstraint specifies how to spread + matching pods among the given topology. + properties: + labelSelector: + description: LabelSelector is used to find matching + pods. Pods that match this label selector are counted + to determine the number of pods in their corresponding + topology domain. + properties: + matchExpressions: + description: matchExpressions is a list of label + selector requirements. The requirements are ANDed. + items: + description: A label selector requirement is a + selector that contains values, a key, and an + operator that relates the key and values. + properties: + key: + description: key is the label key that the + selector applies to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are + In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. If the + operator is Exists or DoesNotExist, the + values array must be empty. This array is + replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is "In", + and the values array contains only "value". The + requirements are ANDed. + type: object + type: object + maxSkew: + description: 'MaxSkew describes the degree to which + pods may be unevenly distributed. When `whenUnsatisfiable=DoNotSchedule`, + it is the maximum permitted difference between the + number of matching pods in the target topology and + the global minimum. For example, in a 3-zone cluster, + MaxSkew is set to 1, and pods with the same labelSelector + spread as 1/1/0: | zone1 | zone2 | zone3 | | P | P | | + - if MaxSkew is 1, incoming pod can only be scheduled + to zone3 to become 1/1/1; scheduling it onto zone1(zone2) + would make the ActualSkew(2-0) on zone1(zone2) violate + MaxSkew(1). - if MaxSkew is 2, incoming pod can be + scheduled onto any zone. When `whenUnsatisfiable=ScheduleAnyway`, + it is used to give higher precedence to topologies + that satisfy it. It''s a required field. Default value + is 1 and 0 is not allowed.' + format: int32 + type: integer + topologyKey: + description: TopologyKey is the key of node labels. + Nodes that have a label with this key and identical + values are considered to be in the same topology. + We consider each as a "bucket", and try + to put balanced number of pods into each bucket. It's + a required field. + type: string + whenUnsatisfiable: + description: 'WhenUnsatisfiable indicates how to deal + with a pod if it doesn''t satisfy the spread constraint. + - DoNotSchedule (default) tells the scheduler not + to schedule it. - ScheduleAnyway tells the scheduler + to schedule the pod in any location, but giving + higher precedence to topologies that would help reduce + the skew. A constraint is considered "Unsatisfiable" + for an incoming pod if and only if every possible + node assignment for that pod would violate "MaxSkew" + on some topology. For example, in a 3-zone cluster, + MaxSkew is set to 1, and pods with the same labelSelector + spread as 3/1/1: | zone1 | zone2 | zone3 | | P P P + | P | P | If WhenUnsatisfiable is set to DoNotSchedule, + incoming pod can only be scheduled to zone2(zone3) + to become 3/2/1(3/1/2) as ActualSkew(2-1) on zone2(zone3) + satisfies MaxSkew(1). In other words, the cluster + can still be imbalanced, but scheduler won''t make + it *more* imbalanced. It''s a required field.' + type: string + required: + - maxSkew + - topologyKey + - whenUnsatisfiable + type: object + type: array + volumeMounts: + items: + description: VolumeMount describes a mounting of a Volume + within a container. + properties: + mountPath: + description: Path within the container at which the + volume should be mounted. Must not contain ':'. + type: string + mountPropagation: + description: mountPropagation determines how mounts + are propagated from the host to container and the + other way around. When not set, MountPropagationNone + is used. This field is beta in 1.10. + type: string + name: + description: This must match the Name of a Volume. + type: string + readOnly: + description: Mounted read-only if true, read-write otherwise + (false or unspecified). Defaults to false. + type: boolean + subPath: + description: Path within the volume from which the container's + volume should be mounted. Defaults to "" (volume's + root). + type: string + subPathExpr: + description: Expanded path within the volume from which + the container's volume should be mounted. Behaves + similarly to SubPath but environment variable references + $(VAR_NAME) are expanded using the container's environment. + Defaults to "" (volume's root). SubPathExpr and SubPath + are mutually exclusive. + type: string + required: + - mountPath + - name + type: object + type: array + volumeSizeLimit: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + volumeStorageMedium: + type: string + volumes: + items: + description: Volume represents a named volume in a pod that + may be accessed by any container in the pod. + properties: + awsElasticBlockStore: + description: 'AWSElasticBlockStore represents an AWS + Disk resource that is attached to a kubelet''s host + machine and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' + properties: + fsType: + description: 'Filesystem type of the volume that + you want to mount. Tip: Ensure that the filesystem + type is supported by the host operating system. + Examples: "ext4", "xfs", "ntfs". Implicitly inferred + to be "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore + TODO: how do we prevent errors in the filesystem + from compromising the machine' + type: string + partition: + description: 'The partition in the volume that you + want to mount. If omitted, the default is to mount + by volume name. Examples: For volume /dev/sda1, + you specify the partition as "1". Similarly, the + volume partition for /dev/sda is "0" (or you can + leave the property empty).' + format: int32 + type: integer + readOnly: + description: 'Specify "true" to force and set the + ReadOnly property in VolumeMounts to "true". If + omitted, the default is "false". More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' + type: boolean + volumeID: + description: 'Unique ID of the persistent disk resource + in AWS (Amazon EBS volume). More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' + type: string + required: + - volumeID + type: object + azureDisk: + description: AzureDisk represents an Azure Data Disk + mount on the host and bind mount to the pod. + properties: + cachingMode: + description: 'Host Caching mode: None, Read Only, + Read Write.' + type: string + diskName: + description: The Name of the data disk in the blob + storage + type: string + diskURI: + description: The URI the data disk in the blob storage + type: string + fsType: + description: Filesystem type to mount. Must be a + filesystem type supported by the host operating + system. Ex. "ext4", "xfs", "ntfs". Implicitly + inferred to be "ext4" if unspecified. + type: string + kind: + description: 'Expected values Shared: multiple blob + disks per storage account Dedicated: single blob + disk per storage account Managed: azure managed + data disk (only in managed availability set). + defaults to shared' + type: string + readOnly: + description: Defaults to false (read/write). ReadOnly + here will force the ReadOnly setting in VolumeMounts. + type: boolean + required: + - diskName + - diskURI + type: object + azureFile: + description: AzureFile represents an Azure File Service + mount on the host and bind mount to the pod. + properties: + readOnly: + description: Defaults to false (read/write). ReadOnly + here will force the ReadOnly setting in VolumeMounts. + type: boolean + secretName: + description: the name of secret that contains Azure + Storage Account Name and Key + type: string + shareName: + description: Share Name + type: string + required: + - secretName + - shareName + type: object + cephfs: + description: CephFS represents a Ceph FS mount on the + host that shares a pod's lifetime + properties: + monitors: + description: 'Required: Monitors is a collection + of Ceph monitors More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' + items: + type: string + type: array + path: + description: 'Optional: Used as the mounted root, + rather than the full Ceph tree, default is /' + type: string + readOnly: + description: 'Optional: Defaults to false (read/write). + ReadOnly here will force the ReadOnly setting + in VolumeMounts. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' + type: boolean + secretFile: + description: 'Optional: SecretFile is the path to + key ring for User, default is /etc/ceph/user.secret + More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' + type: string + secretRef: + description: 'Optional: SecretRef is reference to + the authentication secret for User, default is + empty. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' + properties: + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + type: object + user: + description: 'Optional: User is the rados user name, + default is admin More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' + type: string + required: + - monitors + type: object + cinder: + description: 'Cinder represents a cinder volume attached + and mounted on kubelets host machine. More info: https://examples.k8s.io/mysql-cinder-pd/README.md' + properties: + fsType: + description: 'Filesystem type to mount. Must be + a filesystem type supported by the host operating + system. Examples: "ext4", "xfs", "ntfs". Implicitly + inferred to be "ext4" if unspecified. More info: + https://examples.k8s.io/mysql-cinder-pd/README.md' + type: string + readOnly: + description: 'Optional: Defaults to false (read/write). + ReadOnly here will force the ReadOnly setting + in VolumeMounts. More info: https://examples.k8s.io/mysql-cinder-pd/README.md' + type: boolean + secretRef: + description: 'Optional: points to a secret object + containing parameters used to connect to OpenStack.' + properties: + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + type: object + volumeID: + description: 'volume id used to identify the volume + in cinder. More info: https://examples.k8s.io/mysql-cinder-pd/README.md' + type: string + required: + - volumeID + type: object + configMap: + description: ConfigMap represents a configMap that should + populate this volume + properties: + defaultMode: + description: 'Optional: mode bits used to set permissions + on created files by default. Must be an octal + value between 0000 and 0777 or a decimal value + between 0 and 511. YAML accepts both octal and + decimal values, JSON requires decimal values for + mode bits. Defaults to 0644. Directories within + the path are not affected by this setting. This + might be in conflict with other options that affect + the file mode, like fsGroup, and the result can + be other mode bits set.' + format: int32 + type: integer + items: + description: If unspecified, each key-value pair + in the Data field of the referenced ConfigMap + will be projected into the volume as a file whose + name is the key and content is the value. If specified, + the listed keys will be projected into the specified + paths, and unlisted keys will not be present. + If a key is specified which is not present in + the ConfigMap, the volume setup will error unless + it is marked optional. Paths must be relative + and may not contain the '..' path or start with + '..'. + items: + description: Maps a string key to a path within + a volume. + properties: + key: + description: The key to project. + type: string + mode: + description: 'Optional: mode bits used to + set permissions on this file. Must be an + octal value between 0000 and 0777 or a decimal + value between 0 and 511. YAML accepts both + octal and decimal values, JSON requires + decimal values for mode bits. If not specified, + the volume defaultMode will be used. This + might be in conflict with other options + that affect the file mode, like fsGroup, + and the result can be other mode bits set.' + format: int32 + type: integer + path: + description: The relative path of the file + to map the key to. May not be an absolute + path. May not contain the path element '..'. + May not start with the string '..'. + type: string + required: + - key + - path + type: object + type: array + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether the ConfigMap or its + keys must be defined + type: boolean + type: object + csi: + description: CSI (Container Storage Interface) represents + ephemeral storage that is handled by certain external + CSI drivers (Beta feature). + properties: + driver: + description: Driver is the name of the CSI driver + that handles this volume. Consult with your admin + for the correct name as registered in the cluster. + type: string + fsType: + description: Filesystem type to mount. Ex. "ext4", + "xfs", "ntfs". If not provided, the empty value + is passed to the associated CSI driver which will + determine the default filesystem to apply. + type: string + nodePublishSecretRef: + description: NodePublishSecretRef is a reference + to the secret object containing sensitive information + to pass to the CSI driver to complete the CSI + NodePublishVolume and NodeUnpublishVolume calls. + This field is optional, and may be empty if no + secret is required. If the secret object contains + more than one secret, all secret references are + passed. + properties: + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + type: object + readOnly: + description: Specifies a read-only configuration + for the volume. Defaults to false (read/write). + type: boolean + volumeAttributes: + additionalProperties: + type: string + description: VolumeAttributes stores driver-specific + properties that are passed to the CSI driver. + Consult your driver's documentation for supported + values. + type: object + required: + - driver + type: object + downwardAPI: + description: DownwardAPI represents downward API about + the pod that should populate this volume + properties: + defaultMode: + description: 'Optional: mode bits to use on created + files by default. Must be a Optional: mode bits + used to set permissions on created files by default. + Must be an octal value between 0000 and 0777 or + a decimal value between 0 and 511. YAML accepts + both octal and decimal values, JSON requires decimal + values for mode bits. Defaults to 0644. Directories + within the path are not affected by this setting. + This might be in conflict with other options that + affect the file mode, like fsGroup, and the result + can be other mode bits set.' + format: int32 + type: integer + items: + description: Items is a list of downward API volume + file + items: + description: DownwardAPIVolumeFile represents + information to create the file containing the + pod field + properties: + fieldRef: + description: 'Required: Selects a field of + the pod: only annotations, labels, name + and namespace are supported.' + properties: + apiVersion: + description: Version of the schema the + FieldPath is written in terms of, defaults + to "v1". + type: string + fieldPath: + description: Path of the field to select + in the specified API version. + type: string + required: + - fieldPath + type: object + mode: + description: 'Optional: mode bits used to + set permissions on this file, must be an + octal value between 0000 and 0777 or a decimal + value between 0 and 511. YAML accepts both + octal and decimal values, JSON requires + decimal values for mode bits. If not specified, + the volume defaultMode will be used. This + might be in conflict with other options + that affect the file mode, like fsGroup, + and the result can be other mode bits set.' + format: int32 + type: integer + path: + description: 'Required: Path is the relative + path name of the file to be created. Must + not be absolute or contain the ''..'' path. + Must be utf-8 encoded. The first item of + the relative path must not start with ''..''' + type: string + resourceFieldRef: + description: 'Selects a resource of the container: + only resources limits and requests (limits.cpu, + limits.memory, requests.cpu and requests.memory) + are currently supported.' + properties: + containerName: + description: 'Container name: required + for volumes, optional for env vars' + type: string + divisor: + anyOf: + - type: integer + - type: string + description: Specifies the output format + of the exposed resources, defaults to + "1" + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + description: 'Required: resource to select' + type: string + required: + - resource + type: object + required: + - path + type: object + type: array + type: object + emptyDir: + description: 'EmptyDir represents a temporary directory + that shares a pod''s lifetime. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' + properties: + medium: + description: 'What type of storage medium should + back this directory. The default is "" which means + to use the node''s default medium. Must be an + empty string (default) or Memory. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' + type: string + sizeLimit: + anyOf: + - type: integer + - type: string + description: 'Total amount of local storage required + for this EmptyDir volume. The size limit is also + applicable for memory medium. The maximum usage + on memory medium EmptyDir would be the minimum + value between the SizeLimit specified here and + the sum of memory limits of all containers in + a pod. The default is nil which means that the + limit is undefined. More info: http://kubernetes.io/docs/user-guide/volumes#emptydir' + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + ephemeral: + description: "Ephemeral represents a volume that is + handled by a cluster storage driver. The volume's + lifecycle is tied to the pod that defines it - it + will be created before the pod starts, and deleted + when the pod is removed. \n Use this if: a) the volume + is only needed while the pod runs, b) features of + normal volumes like restoring from snapshot or capacity + \ tracking are needed, c) the storage driver is + specified through a storage class, and d) the storage + driver supports dynamic volume provisioning through + \ a PersistentVolumeClaim (see EphemeralVolumeSource + for more information on the connection between + this volume type and PersistentVolumeClaim). \n + Use PersistentVolumeClaim or one of the vendor-specific + APIs for volumes that persist for longer than the + lifecycle of an individual pod. \n Use CSI for light-weight + local ephemeral volumes if the CSI driver is meant + to be used that way - see the documentation of the + driver for more information. \n A pod can use both + types of ephemeral volumes and persistent volumes + at the same time." + properties: + volumeClaimTemplate: + description: "Will be used to create a stand-alone + PVC to provision the volume. The pod in which + this EphemeralVolumeSource is embedded will be + the owner of the PVC, i.e. the PVC will be deleted + together with the pod. The name of the PVC will + be `-` where `` + is the name from the `PodSpec.Volumes` array entry. + Pod validation will reject the pod if the concatenated + name is not valid for a PVC (for example, too + long). \n An existing PVC with that name that + is not owned by the pod will *not* be used for + the pod to avoid using an unrelated volume by + mistake. Starting the pod is then blocked until + the unrelated PVC is removed. If such a pre-created + PVC is meant to be used by the pod, the PVC has + to updated with an owner reference to the pod + once the pod exists. Normally this should not + be necessary, but it may be useful when manually + reconstructing a broken cluster. \n This field + is read-only and no changes will be made by Kubernetes + to the PVC after it has been created. \n Required, + must not be nil." + properties: + metadata: + description: May contain labels and annotations + that will be copied into the PVC when creating + it. No other fields are allowed and will be + rejected during validation. + properties: + annotations: + additionalProperties: + type: string + type: object + finalizers: + items: + type: string + type: array + labels: + additionalProperties: + type: string + type: object + name: + type: string + namespace: + type: string + type: object + spec: + description: The specification for the PersistentVolumeClaim. + The entire content is copied unchanged into + the PVC that gets created from this template. + The same fields as in a PersistentVolumeClaim + are also valid here. + properties: + accessModes: + description: 'AccessModes contains the desired + access modes the volume should have. More + info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1' + items: + type: string + type: array + dataSource: + description: 'This field can be used to + specify either: * An existing VolumeSnapshot + object (snapshot.storage.k8s.io/VolumeSnapshot) + * An existing PVC (PersistentVolumeClaim) + If the provisioner or an external controller + can support the specified data source, + it will create a new volume based on the + contents of the specified data source. + If the AnyVolumeDataSource feature gate + is enabled, this field will always have + the same contents as the DataSourceRef + field.' + properties: + apiGroup: + description: APIGroup is the group for + the resource being referenced. If + APIGroup is not specified, the specified + Kind must be in the core API group. + For any other third-party types, APIGroup + is required. + type: string + kind: + description: Kind is the type of resource + being referenced + type: string + name: + description: Name is the name of resource + being referenced + type: string + required: + - kind + - name + type: object + dataSourceRef: + description: 'Specifies the object from + which to populate the volume with data, + if a non-empty volume is desired. This + may be any local object from a non-empty + API group (non core object) or a PersistentVolumeClaim + object. When this field is specified, + volume binding will only succeed if the + type of the specified object matches some + installed volume populator or dynamic + provisioner. This field will replace the + functionality of the DataSource field + and as such if both fields are non-empty, + they must have the same value. For backwards + compatibility, both fields (DataSource + and DataSourceRef) will be set to the + same value automatically if one of them + is empty and the other is non-empty. There + are two important differences between + DataSource and DataSourceRef: * While + DataSource only allows two specific types + of objects, DataSourceRef allows any + non-core object, as well as PersistentVolumeClaim + objects. * While DataSource ignores disallowed + values (dropping them), DataSourceRef preserves + all values, and generates an error if + a disallowed value is specified. (Alpha) + Using this field requires the AnyVolumeDataSource + feature gate to be enabled.' + properties: + apiGroup: + description: APIGroup is the group for + the resource being referenced. If + APIGroup is not specified, the specified + Kind must be in the core API group. + For any other third-party types, APIGroup + is required. + type: string + kind: + description: Kind is the type of resource + being referenced + type: string + name: + description: Name is the name of resource + being referenced + type: string + required: + - kind + - name + type: object + resources: + description: 'Resources represents the minimum + resources the volume should have. If RecoverVolumeExpansionFailure + feature is enabled users are allowed to + specify resource requirements that are + lower than previous value but must still + be higher than capacity recorded in the + status field of the claim. More info: + https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources' + properties: + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum + amount of compute resources allowed. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the + minimum amount of compute resources + required. If Requests is omitted for + a container, it defaults to Limits + if that is explicitly specified, otherwise + to an implementation-defined value. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + type: object + selector: + description: A label query over volumes + to consider for binding. + properties: + matchExpressions: + description: matchExpressions is a list + of label selector requirements. The + requirements are ANDed. + items: + description: A label selector requirement + is a selector that contains values, + a key, and an operator that relates + the key and values. + properties: + key: + description: key is the label + key that the selector applies + to. + type: string + operator: + description: operator represents + a key's relationship to a set + of values. Valid operators are + In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array + of string values. If the operator + is In or NotIn, the values array + must be non-empty. If the operator + is Exists or DoesNotExist, the + values array must be empty. + This array is replaced during + a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of + {key,value} pairs. A single {key,value} + in the matchLabels map is equivalent + to an element of matchExpressions, + whose key field is "key", the operator + is "In", and the values array contains + only "value". The requirements are + ANDed. + type: object + type: object + storageClassName: + description: 'Name of the StorageClass required + by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1' + type: string + volumeMode: + description: volumeMode defines what type + of volume is required by the claim. Value + of Filesystem is implied when not included + in claim spec. + type: string + volumeName: + description: VolumeName is the binding reference + to the PersistentVolume backing this claim. + type: string + type: object + required: + - spec + type: object + type: object + fc: + description: FC represents a Fibre Channel resource + that is attached to a kubelet's host machine and then + exposed to the pod. + properties: + fsType: + description: 'Filesystem type to mount. Must be + a filesystem type supported by the host operating + system. Ex. "ext4", "xfs", "ntfs". Implicitly + inferred to be "ext4" if unspecified. TODO: how + do we prevent errors in the filesystem from compromising + the machine' + type: string + lun: + description: 'Optional: FC target lun number' + format: int32 + type: integer + readOnly: + description: 'Optional: Defaults to false (read/write). + ReadOnly here will force the ReadOnly setting + in VolumeMounts.' + type: boolean + targetWWNs: + description: 'Optional: FC target worldwide names + (WWNs)' + items: + type: string + type: array + wwids: + description: 'Optional: FC volume world wide identifiers + (wwids) Either wwids or combination of targetWWNs + and lun must be set, but not both simultaneously.' + items: + type: string + type: array + type: object + flexVolume: + description: FlexVolume represents a generic volume + resource that is provisioned/attached using an exec + based plugin. + properties: + driver: + description: Driver is the name of the driver to + use for this volume. + type: string + fsType: + description: Filesystem type to mount. Must be a + filesystem type supported by the host operating + system. Ex. "ext4", "xfs", "ntfs". The default + filesystem depends on FlexVolume script. + type: string + options: + additionalProperties: + type: string + description: 'Optional: Extra command options if + any.' + type: object + readOnly: + description: 'Optional: Defaults to false (read/write). + ReadOnly here will force the ReadOnly setting + in VolumeMounts.' + type: boolean + secretRef: + description: 'Optional: SecretRef is reference to + the secret object containing sensitive information + to pass to the plugin scripts. This may be empty + if no secret object is specified. If the secret + object contains more than one secret, all secrets + are passed to the plugin scripts.' + properties: + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + type: object + required: + - driver + type: object + flocker: + description: Flocker represents a Flocker volume attached + to a kubelet's host machine. This depends on the Flocker + control service being running + properties: + datasetName: + description: Name of the dataset stored as metadata + -> name on the dataset for Flocker should be considered + as deprecated + type: string + datasetUUID: + description: UUID of the dataset. This is unique + identifier of a Flocker dataset + type: string + type: object + gcePersistentDisk: + description: 'GCEPersistentDisk represents a GCE Disk + resource that is attached to a kubelet''s host machine + and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' + properties: + fsType: + description: 'Filesystem type of the volume that + you want to mount. Tip: Ensure that the filesystem + type is supported by the host operating system. + Examples: "ext4", "xfs", "ntfs". Implicitly inferred + to be "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk + TODO: how do we prevent errors in the filesystem + from compromising the machine' + type: string + partition: + description: 'The partition in the volume that you + want to mount. If omitted, the default is to mount + by volume name. Examples: For volume /dev/sda1, + you specify the partition as "1". Similarly, the + volume partition for /dev/sda is "0" (or you can + leave the property empty). More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' + format: int32 + type: integer + pdName: + description: 'Unique name of the PD resource in + GCE. Used to identify the disk in GCE. More info: + https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' + type: string + readOnly: + description: 'ReadOnly here will force the ReadOnly + setting in VolumeMounts. Defaults to false. More + info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' + type: boolean + required: + - pdName + type: object + gitRepo: + description: 'GitRepo represents a git repository at + a particular revision. DEPRECATED: GitRepo is deprecated. + To provision a container with a git repo, mount an + EmptyDir into an InitContainer that clones the repo + using git, then mount the EmptyDir into the Pod''s + container.' + properties: + directory: + description: Target directory name. Must not contain + or start with '..'. If '.' is supplied, the volume + directory will be the git repository. Otherwise, + if specified, the volume will contain the git + repository in the subdirectory with the given + name. + type: string + repository: + description: Repository URL + type: string + revision: + description: Commit hash for the specified revision. + type: string + required: + - repository + type: object + glusterfs: + description: 'Glusterfs represents a Glusterfs mount + on the host that shares a pod''s lifetime. More info: + https://examples.k8s.io/volumes/glusterfs/README.md' + properties: + endpoints: + description: 'EndpointsName is the endpoint name + that details Glusterfs topology. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' + type: string + path: + description: 'Path is the Glusterfs volume path. + More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' + type: string + readOnly: + description: 'ReadOnly here will force the Glusterfs + volume to be mounted with read-only permissions. + Defaults to false. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' + type: boolean + required: + - endpoints + - path + type: object + hostPath: + description: 'HostPath represents a pre-existing file + or directory on the host machine that is directly + exposed to the container. This is generally used for + system agents or other privileged things that are + allowed to see the host machine. Most containers will + NOT need this. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath + --- TODO(jonesdl) We need to restrict who can use + host directory mounts and who can/can not mount host + directories as read/write.' + properties: + path: + description: 'Path of the directory on the host. + If the path is a symlink, it will follow the link + to the real path. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath' + type: string + type: + description: 'Type for HostPath Volume Defaults + to "" More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath' + type: string + required: + - path + type: object + iscsi: + description: 'ISCSI represents an ISCSI Disk resource + that is attached to a kubelet''s host machine and + then exposed to the pod. More info: https://examples.k8s.io/volumes/iscsi/README.md' + properties: + chapAuthDiscovery: + description: whether support iSCSI Discovery CHAP + authentication + type: boolean + chapAuthSession: + description: whether support iSCSI Session CHAP + authentication + type: boolean + fsType: + description: 'Filesystem type of the volume that + you want to mount. Tip: Ensure that the filesystem + type is supported by the host operating system. + Examples: "ext4", "xfs", "ntfs". Implicitly inferred + to be "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi + TODO: how do we prevent errors in the filesystem + from compromising the machine' + type: string + initiatorName: + description: Custom iSCSI Initiator Name. If initiatorName + is specified with iscsiInterface simultaneously, + new iSCSI interface : + will be created for the connection. + type: string + iqn: + description: Target iSCSI Qualified Name. + type: string + iscsiInterface: + description: iSCSI Interface Name that uses an iSCSI + transport. Defaults to 'default' (tcp). + type: string + lun: + description: iSCSI Target Lun number. + format: int32 + type: integer + portals: + description: iSCSI Target Portal List. The portal + is either an IP or ip_addr:port if the port is + other than default (typically TCP ports 860 and + 3260). + items: + type: string + type: array + readOnly: + description: ReadOnly here will force the ReadOnly + setting in VolumeMounts. Defaults to false. + type: boolean + secretRef: + description: CHAP Secret for iSCSI target and initiator + authentication + properties: + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + type: object + targetPortal: + description: iSCSI Target Portal. The Portal is + either an IP or ip_addr:port if the port is other + than default (typically TCP ports 860 and 3260). + type: string + required: + - iqn + - lun + - targetPortal + type: object + name: + description: 'Volume''s name. Must be a DNS_LABEL and + unique within the pod. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + nfs: + description: 'NFS represents an NFS mount on the host + that shares a pod''s lifetime More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' + properties: + path: + description: 'Path that is exported by the NFS server. + More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' + type: string + readOnly: + description: 'ReadOnly here will force the NFS export + to be mounted with read-only permissions. Defaults + to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' + type: boolean + server: + description: 'Server is the hostname or IP address + of the NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' + type: string + required: + - path + - server + type: object + persistentVolumeClaim: + description: 'PersistentVolumeClaimVolumeSource represents + a reference to a PersistentVolumeClaim in the same + namespace. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' + properties: + claimName: + description: 'ClaimName is the name of a PersistentVolumeClaim + in the same namespace as the pod using this volume. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' + type: string + readOnly: + description: Will force the ReadOnly setting in + VolumeMounts. Default false. + type: boolean + required: + - claimName + type: object + photonPersistentDisk: + description: PhotonPersistentDisk represents a PhotonController + persistent disk attached and mounted on kubelets host + machine + properties: + fsType: + description: Filesystem type to mount. Must be a + filesystem type supported by the host operating + system. Ex. "ext4", "xfs", "ntfs". Implicitly + inferred to be "ext4" if unspecified. + type: string + pdID: + description: ID that identifies Photon Controller + persistent disk + type: string + required: + - pdID + type: object + portworxVolume: + description: PortworxVolume represents a portworx volume + attached and mounted on kubelets host machine + properties: + fsType: + description: FSType represents the filesystem type + to mount Must be a filesystem type supported by + the host operating system. Ex. "ext4", "xfs". + Implicitly inferred to be "ext4" if unspecified. + type: string + readOnly: + description: Defaults to false (read/write). ReadOnly + here will force the ReadOnly setting in VolumeMounts. + type: boolean + volumeID: + description: VolumeID uniquely identifies a Portworx + volume + type: string + required: + - volumeID + type: object + projected: + description: Items for all in one resources secrets, + configmaps, and downward API + properties: + defaultMode: + description: Mode bits used to set permissions on + created files by default. Must be an octal value + between 0000 and 0777 or a decimal value between + 0 and 511. YAML accepts both octal and decimal + values, JSON requires decimal values for mode + bits. Directories within the path are not affected + by this setting. This might be in conflict with + other options that affect the file mode, like + fsGroup, and the result can be other mode bits + set. + format: int32 + type: integer + sources: + description: list of volume projections + items: + description: Projection that may be projected + along with other supported volume types + properties: + configMap: + description: information about the configMap + data to project + properties: + items: + description: If unspecified, each key-value + pair in the Data field of the referenced + ConfigMap will be projected into the + volume as a file whose name is the key + and content is the value. If specified, + the listed keys will be projected into + the specified paths, and unlisted keys + will not be present. If a key is specified + which is not present in the ConfigMap, + the volume setup will error unless it + is marked optional. Paths must be relative + and may not contain the '..' path or + start with '..'. + items: + description: Maps a string key to a + path within a volume. + properties: + key: + description: The key to project. + type: string + mode: + description: 'Optional: mode bits + used to set permissions on this + file. Must be an octal value between + 0000 and 0777 or a decimal value + between 0 and 511. YAML accepts + both octal and decimal values, + JSON requires decimal values for + mode bits. If not specified, the + volume defaultMode will be used. + This might be in conflict with + other options that affect the + file mode, like fsGroup, and the + result can be other mode bits + set.' + format: int32 + type: integer + path: + description: The relative path of + the file to map the key to. May + not be an absolute path. May not + contain the path element '..'. + May not start with the string + '..'. + type: string + required: + - key + - path + type: object + type: array + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the ConfigMap + or its keys must be defined + type: boolean + type: object + downwardAPI: + description: information about the downwardAPI + data to project + properties: + items: + description: Items is a list of DownwardAPIVolume + file + items: + description: DownwardAPIVolumeFile represents + information to create the file containing + the pod field + properties: + fieldRef: + description: 'Required: Selects + a field of the pod: only annotations, + labels, name and namespace are + supported.' + properties: + apiVersion: + description: Version of the + schema the FieldPath is written + in terms of, defaults to "v1". + type: string + fieldPath: + description: Path of the field + to select in the specified + API version. + type: string + required: + - fieldPath + type: object + mode: + description: 'Optional: mode bits + used to set permissions on this + file, must be an octal value between + 0000 and 0777 or a decimal value + between 0 and 511. YAML accepts + both octal and decimal values, + JSON requires decimal values for + mode bits. If not specified, the + volume defaultMode will be used. + This might be in conflict with + other options that affect the + file mode, like fsGroup, and the + result can be other mode bits + set.' + format: int32 + type: integer + path: + description: 'Required: Path is the + relative path name of the file + to be created. Must not be absolute + or contain the ''..'' path. Must + be utf-8 encoded. The first item + of the relative path must not + start with ''..''' + type: string + resourceFieldRef: + description: 'Selects a resource + of the container: only resources + limits and requests (limits.cpu, + limits.memory, requests.cpu and + requests.memory) are currently + supported.' + properties: + containerName: + description: 'Container name: + required for volumes, optional + for env vars' + type: string + divisor: + anyOf: + - type: integer + - type: string + description: Specifies the output + format of the exposed resources, + defaults to "1" + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + description: 'Required: resource + to select' + type: string + required: + - resource + type: object + required: + - path + type: object + type: array + type: object + secret: + description: information about the secret + data to project + properties: + items: + description: If unspecified, each key-value + pair in the Data field of the referenced + Secret will be projected into the volume + as a file whose name is the key and + content is the value. If specified, + the listed keys will be projected into + the specified paths, and unlisted keys + will not be present. If a key is specified + which is not present in the Secret, + the volume setup will error unless it + is marked optional. Paths must be relative + and may not contain the '..' path or + start with '..'. + items: + description: Maps a string key to a + path within a volume. + properties: + key: + description: The key to project. + type: string + mode: + description: 'Optional: mode bits + used to set permissions on this + file. Must be an octal value between + 0000 and 0777 or a decimal value + between 0 and 511. YAML accepts + both octal and decimal values, + JSON requires decimal values for + mode bits. If not specified, the + volume defaultMode will be used. + This might be in conflict with + other options that affect the + file mode, like fsGroup, and the + result can be other mode bits + set.' + format: int32 + type: integer + path: + description: The relative path of + the file to map the key to. May + not be an absolute path. May not + contain the path element '..'. + May not start with the string + '..'. + type: string + required: + - key + - path + type: object + type: array + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + type: object + serviceAccountToken: + description: information about the serviceAccountToken + data to project + properties: + audience: + description: Audience is the intended + audience of the token. A recipient of + a token must identify itself with an + identifier specified in the audience + of the token, and otherwise should reject + the token. The audience defaults to + the identifier of the apiserver. + type: string + expirationSeconds: + description: ExpirationSeconds is the + requested duration of validity of the + service account token. As the token + approaches expiration, the kubelet volume + plugin will proactively rotate the service + account token. The kubelet will start + trying to rotate the token if the token + is older than 80 percent of its time + to live or if the token is older than + 24 hours.Defaults to 1 hour and must + be at least 10 minutes. + format: int64 + type: integer + path: + description: Path is the path relative + to the mount point of the file to project + the token into. + type: string + required: + - path + type: object + type: object + type: array + type: object + quobyte: + description: Quobyte represents a Quobyte mount on the + host that shares a pod's lifetime + properties: + group: + description: Group to map volume access to Default + is no group + type: string + readOnly: + description: ReadOnly here will force the Quobyte + volume to be mounted with read-only permissions. + Defaults to false. + type: boolean + registry: + description: Registry represents a single or multiple + Quobyte Registry services specified as a string + as host:port pair (multiple entries are separated + with commas) which acts as the central registry + for volumes + type: string + tenant: + description: Tenant owning the given Quobyte volume + in the Backend Used with dynamically provisioned + Quobyte volumes, value is set by the plugin + type: string + user: + description: User to map volume access to Defaults + to serivceaccount user + type: string + volume: + description: Volume is a string that references + an already created Quobyte volume by name. + type: string + required: + - registry + - volume + type: object + rbd: + description: 'RBD represents a Rados Block Device mount + on the host that shares a pod''s lifetime. More info: + https://examples.k8s.io/volumes/rbd/README.md' + properties: + fsType: + description: 'Filesystem type of the volume that + you want to mount. Tip: Ensure that the filesystem + type is supported by the host operating system. + Examples: "ext4", "xfs", "ntfs". Implicitly inferred + to be "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#rbd + TODO: how do we prevent errors in the filesystem + from compromising the machine' + type: string + image: + description: 'The rados image name. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' + type: string + keyring: + description: 'Keyring is the path to key ring for + RBDUser. Default is /etc/ceph/keyring. More info: + https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' + type: string + monitors: + description: 'A collection of Ceph monitors. More + info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' + items: + type: string + type: array + pool: + description: 'The rados pool name. Default is rbd. + More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' + type: string + readOnly: + description: 'ReadOnly here will force the ReadOnly + setting in VolumeMounts. Defaults to false. More + info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' + type: boolean + secretRef: + description: 'SecretRef is name of the authentication + secret for RBDUser. If provided overrides keyring. + Default is nil. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' + properties: + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + type: object + user: + description: 'The rados user name. Default is admin. + More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' + type: string + required: + - image + - monitors + type: object + scaleIO: + description: ScaleIO represents a ScaleIO persistent + volume attached and mounted on Kubernetes nodes. + properties: + fsType: + description: Filesystem type to mount. Must be a + filesystem type supported by the host operating + system. Ex. "ext4", "xfs", "ntfs". Default is + "xfs". + type: string + gateway: + description: The host address of the ScaleIO API + Gateway. + type: string + protectionDomain: + description: The name of the ScaleIO Protection + Domain for the configured storage. + type: string + readOnly: + description: Defaults to false (read/write). ReadOnly + here will force the ReadOnly setting in VolumeMounts. + type: boolean + secretRef: + description: SecretRef references to the secret + for ScaleIO user and other sensitive information. + If this is not provided, Login operation will + fail. + properties: + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + type: object + sslEnabled: + description: Flag to enable/disable SSL communication + with Gateway, default false + type: boolean + storageMode: + description: Indicates whether the storage for a + volume should be ThickProvisioned or ThinProvisioned. + Default is ThinProvisioned. + type: string + storagePool: + description: The ScaleIO Storage Pool associated + with the protection domain. + type: string + system: + description: The name of the storage system as configured + in ScaleIO. + type: string + volumeName: + description: The name of a volume already created + in the ScaleIO system that is associated with + this volume source. + type: string + required: + - gateway + - secretRef + - system + type: object + secret: + description: 'Secret represents a secret that should + populate this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' + properties: + defaultMode: + description: 'Optional: mode bits used to set permissions + on created files by default. Must be an octal + value between 0000 and 0777 or a decimal value + between 0 and 511. YAML accepts both octal and + decimal values, JSON requires decimal values for + mode bits. Defaults to 0644. Directories within + the path are not affected by this setting. This + might be in conflict with other options that affect + the file mode, like fsGroup, and the result can + be other mode bits set.' + format: int32 + type: integer + items: + description: If unspecified, each key-value pair + in the Data field of the referenced Secret will + be projected into the volume as a file whose name + is the key and content is the value. If specified, + the listed keys will be projected into the specified + paths, and unlisted keys will not be present. + If a key is specified which is not present in + the Secret, the volume setup will error unless + it is marked optional. Paths must be relative + and may not contain the '..' path or start with + '..'. + items: + description: Maps a string key to a path within + a volume. + properties: + key: + description: The key to project. + type: string + mode: + description: 'Optional: mode bits used to + set permissions on this file. Must be an + octal value between 0000 and 0777 or a decimal + value between 0 and 511. YAML accepts both + octal and decimal values, JSON requires + decimal values for mode bits. If not specified, + the volume defaultMode will be used. This + might be in conflict with other options + that affect the file mode, like fsGroup, + and the result can be other mode bits set.' + format: int32 + type: integer + path: + description: The relative path of the file + to map the key to. May not be an absolute + path. May not contain the path element '..'. + May not start with the string '..'. + type: string + required: + - key + - path + type: object + type: array + optional: + description: Specify whether the Secret or its keys + must be defined + type: boolean + secretName: + description: 'Name of the secret in the pod''s namespace + to use. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' + type: string + type: object + storageos: + description: StorageOS represents a StorageOS volume + attached and mounted on Kubernetes nodes. + properties: + fsType: + description: Filesystem type to mount. Must be a + filesystem type supported by the host operating + system. Ex. "ext4", "xfs", "ntfs". Implicitly + inferred to be "ext4" if unspecified. + type: string + readOnly: + description: Defaults to false (read/write). ReadOnly + here will force the ReadOnly setting in VolumeMounts. + type: boolean + secretRef: + description: SecretRef specifies the secret to use + for obtaining the StorageOS API credentials. If + not specified, default values will be attempted. + properties: + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + type: object + volumeName: + description: VolumeName is the human-readable name + of the StorageOS volume. Volume names are only + unique within a namespace. + type: string + volumeNamespace: + description: VolumeNamespace specifies the scope + of the volume within StorageOS. If no namespace + is specified then the Pod's namespace will be + used. This allows the Kubernetes name scoping + to be mirrored within StorageOS for tighter integration. + Set VolumeName to any name to override the default + behaviour. Set to "default" if you are not using + namespaces within StorageOS. Namespaces that do + not pre-exist within StorageOS will be created. + type: string + type: object + vsphereVolume: + description: VsphereVolume represents a vSphere volume + attached and mounted on kubelets host machine + properties: + fsType: + description: Filesystem type to mount. Must be a + filesystem type supported by the host operating + system. Ex. "ext4", "xfs", "ntfs". Implicitly + inferred to be "ext4" if unspecified. + type: string + storagePolicyID: + description: Storage Policy Based Management (SPBM) + profile ID associated with the StoragePolicyName. + type: string + storagePolicyName: + description: Storage Policy Based Management (SPBM) + profile name. + type: string + volumePath: + description: Path that identifies vSphere volume + vmdk + type: string + required: + - volumePath + type: object + required: + - name + type: object + type: array + workDir: + type: string + type: object + type: object + required: + - template + type: object + status: + properties: + availableReplicas: + description: AvailableReplicas is the number of runners that are created + and Runnning. This is currently same as ReadyReplicas but perserved + for future use. + type: integer + readyReplicas: + description: ReadyReplicas is the number of runners that are created + and Runnning. + type: integer + replicas: + description: Replicas is the number of runners that are created and + still being managed by this runner replica set. + type: integer + required: + - availableReplicas + - readyReplicas + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.7.0 + creationTimestamp: null + name: runners.actions.summerwind.dev +spec: + group: actions.summerwind.dev + names: + kind: Runner + listKind: RunnerList + plural: runners + singular: runner + preserveUnknownFields: false + scope: Namespaced + versions: + - additionalPrinterColumns: + - jsonPath: .spec.enterprise + name: Enterprise + type: string + - jsonPath: .spec.organization + name: Organization + type: string + - jsonPath: .spec.repository + name: Repository + type: string + - jsonPath: .spec.labels + name: Labels + type: string + - jsonPath: .status.phase + name: Status + type: string + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1alpha1 + schema: + openAPIV3Schema: + description: Runner is the Schema for the runners API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: RunnerSpec defines the desired state of Runner + properties: + affinity: + description: Affinity is a group of affinity scheduling rules. + properties: + nodeAffinity: + description: Describes node affinity scheduling rules for the + pod. + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule pods to + nodes that satisfy the affinity expressions specified by + this field, but it may choose a node that violates one or + more of the expressions. The node that is most preferred + is the one with the greatest sum of weights, i.e. for each + node that meets all of the scheduling requirements (resource + request, requiredDuringScheduling affinity expressions, + etc.), compute a sum by iterating through the elements of + this field and adding "weight" to the sum if the node matches + the corresponding matchExpressions; the node(s) with the + highest sum are the most preferred. + items: + description: An empty preferred scheduling term matches + all objects with implicit weight 0 (i.e. it's a no-op). + A null preferred scheduling term matches no objects (i.e. + is also a no-op). + properties: + preference: + description: A node selector term, associated with the + corresponding weight. + properties: + matchExpressions: + description: A list of node selector requirements + by node's labels. + items: + description: A node selector requirement is a + selector that contains values, a key, and an + operator that relates the key and values. + properties: + key: + description: The label key that the selector + applies to. + type: string + operator: + description: Represents a key's relationship + to a set of values. Valid operators are + In, NotIn, Exists, DoesNotExist. Gt, and + Lt. + type: string + values: + description: An array of string values. If + the operator is In or NotIn, the values + array must be non-empty. If the operator + is Exists or DoesNotExist, the values array + must be empty. If the operator is Gt or + Lt, the values array must have a single + element, which will be interpreted as an + integer. This array is replaced during a + strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchFields: + description: A list of node selector requirements + by node's fields. + items: + description: A node selector requirement is a + selector that contains values, a key, and an + operator that relates the key and values. + properties: + key: + description: The label key that the selector + applies to. + type: string + operator: + description: Represents a key's relationship + to a set of values. Valid operators are + In, NotIn, Exists, DoesNotExist. Gt, and + Lt. + type: string + values: + description: An array of string values. If + the operator is In or NotIn, the values + array must be non-empty. If the operator + is Exists or DoesNotExist, the values array + must be empty. If the operator is Gt or + Lt, the values array must have a single + element, which will be interpreted as an + integer. This array is replaced during a + strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + type: object + weight: + description: Weight associated with matching the corresponding + nodeSelectorTerm, in the range 1-100. + format: int32 + type: integer + required: + - preference + - weight + type: object + type: array + requiredDuringSchedulingIgnoredDuringExecution: + description: If the affinity requirements specified by this + field are not met at scheduling time, the pod will not be + scheduled onto the node. If the affinity requirements specified + by this field cease to be met at some point during pod execution + (e.g. due to an update), the system may or may not try to + eventually evict the pod from its node. + properties: + nodeSelectorTerms: + description: Required. A list of node selector terms. + The terms are ORed. + items: + description: A null or empty node selector term matches + no objects. The requirements of them are ANDed. The + TopologySelectorTerm type implements a subset of the + NodeSelectorTerm. + properties: + matchExpressions: + description: A list of node selector requirements + by node's labels. + items: + description: A node selector requirement is a + selector that contains values, a key, and an + operator that relates the key and values. + properties: + key: + description: The label key that the selector + applies to. + type: string + operator: + description: Represents a key's relationship + to a set of values. Valid operators are + In, NotIn, Exists, DoesNotExist. Gt, and + Lt. + type: string + values: + description: An array of string values. If + the operator is In or NotIn, the values + array must be non-empty. If the operator + is Exists or DoesNotExist, the values array + must be empty. If the operator is Gt or + Lt, the values array must have a single + element, which will be interpreted as an + integer. This array is replaced during a + strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchFields: + description: A list of node selector requirements + by node's fields. + items: + description: A node selector requirement is a + selector that contains values, a key, and an + operator that relates the key and values. + properties: + key: + description: The label key that the selector + applies to. + type: string + operator: + description: Represents a key's relationship + to a set of values. Valid operators are + In, NotIn, Exists, DoesNotExist. Gt, and + Lt. + type: string + values: + description: An array of string values. If + the operator is In or NotIn, the values + array must be non-empty. If the operator + is Exists or DoesNotExist, the values array + must be empty. If the operator is Gt or + Lt, the values array must have a single + element, which will be interpreted as an + integer. This array is replaced during a + strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + type: object + type: array + required: + - nodeSelectorTerms + type: object + type: object + podAffinity: + description: Describes pod affinity scheduling rules (e.g. co-locate + this pod in the same node, zone, etc. as some other pod(s)). + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule pods to + nodes that satisfy the affinity expressions specified by + this field, but it may choose a node that violates one or + more of the expressions. The node that is most preferred + is the one with the greatest sum of weights, i.e. for each + node that meets all of the scheduling requirements (resource + request, requiredDuringScheduling affinity expressions, + etc.), compute a sum by iterating through the elements of + this field and adding "weight" to the sum if the node has + pods which matches the corresponding podAffinityTerm; the + node(s) with the highest sum are the most preferred. + items: + description: The weights of all of the matched WeightedPodAffinityTerm + fields are added per-node to find the most preferred node(s) + properties: + podAffinityTerm: + description: Required. A pod affinity term, associated + with the corresponding weight. + properties: + labelSelector: + description: A label query over a set of resources, + in this case pods. + properties: + matchExpressions: + description: matchExpressions is a list of label + selector requirements. The requirements are + ANDed. + items: + description: A label selector requirement + is a selector that contains values, a key, + and an operator that relates the key and + values. + properties: + key: + description: key is the label key that + the selector applies to. + type: string + operator: + description: operator represents a key's + relationship to a set of values. Valid + operators are In, NotIn, Exists and + DoesNotExist. + type: string + values: + description: values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. + If the operator is Exists or DoesNotExist, + the values array must be empty. This + array is replaced during a strategic + merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is + "In", and the values array contains only "value". + The requirements are ANDed. + type: object + type: object + namespaceSelector: + description: A label query over the set of namespaces + that the term applies to. The term is applied + to the union of the namespaces selected by this + field and the ones listed in the namespaces field. + null selector and null or empty namespaces list + means "this pod's namespace". An empty selector + ({}) matches all namespaces. This field is beta-level + and is only honored when PodAffinityNamespaceSelector + feature is enabled. + properties: + matchExpressions: + description: matchExpressions is a list of label + selector requirements. The requirements are + ANDed. + items: + description: A label selector requirement + is a selector that contains values, a key, + and an operator that relates the key and + values. + properties: + key: + description: key is the label key that + the selector applies to. + type: string + operator: + description: operator represents a key's + relationship to a set of values. Valid + operators are In, NotIn, Exists and + DoesNotExist. + type: string + values: + description: values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. + If the operator is Exists or DoesNotExist, + the values array must be empty. This + array is replaced during a strategic + merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is + "In", and the values array contains only "value". + The requirements are ANDed. + type: object + type: object + namespaces: + description: namespaces specifies a static list + of namespace names that the term applies to. The + term is applied to the union of the namespaces + listed in this field and the ones selected by + namespaceSelector. null or empty namespaces list + and null namespaceSelector means "this pod's namespace" + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) + or not co-located (anti-affinity) with the pods + matching the labelSelector in the specified namespaces, + where co-located is defined as running on a node + whose value of the label with key topologyKey + matches that of any node on which any of the selected + pods is running. Empty topologyKey is not allowed. + type: string + required: + - topologyKey + type: object + weight: + description: weight associated with matching the corresponding + podAffinityTerm, in the range 1-100. + format: int32 + type: integer + required: + - podAffinityTerm + - weight + type: object + type: array + requiredDuringSchedulingIgnoredDuringExecution: + description: If the affinity requirements specified by this + field are not met at scheduling time, the pod will not be + scheduled onto the node. If the affinity requirements specified + by this field cease to be met at some point during pod execution + (e.g. due to a pod label update), the system may or may + not try to eventually evict the pod from its node. When + there are multiple elements, the lists of nodes corresponding + to each podAffinityTerm are intersected, i.e. all terms + must be satisfied. + items: + description: Defines a set of pods (namely those matching + the labelSelector relative to the given namespace(s)) + that this pod should be co-located (affinity) or not co-located + (anti-affinity) with, where co-located is defined as running + on a node whose value of the label with key + matches that of any node on which a pod of the set of + pods is running + properties: + labelSelector: + description: A label query over a set of resources, + in this case pods. + properties: + matchExpressions: + description: matchExpressions is a list of label + selector requirements. The requirements are ANDed. + items: + description: A label selector requirement is a + selector that contains values, a key, and an + operator that relates the key and values. + properties: + key: + description: key is the label key that the + selector applies to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are + In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. If the + operator is Exists or DoesNotExist, the + values array must be empty. This array is + replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is "In", + and the values array contains only "value". The + requirements are ANDed. + type: object + type: object + namespaceSelector: + description: A label query over the set of namespaces + that the term applies to. The term is applied to the + union of the namespaces selected by this field and + the ones listed in the namespaces field. null selector + and null or empty namespaces list means "this pod's + namespace". An empty selector ({}) matches all namespaces. + This field is beta-level and is only honored when + PodAffinityNamespaceSelector feature is enabled. + properties: + matchExpressions: + description: matchExpressions is a list of label + selector requirements. The requirements are ANDed. + items: + description: A label selector requirement is a + selector that contains values, a key, and an + operator that relates the key and values. + properties: + key: + description: key is the label key that the + selector applies to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are + In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. If the + operator is Exists or DoesNotExist, the + values array must be empty. This array is + replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is "In", + and the values array contains only "value". The + requirements are ANDed. + type: object + type: object + namespaces: + description: namespaces specifies a static list of namespace + names that the term applies to. The term is applied + to the union of the namespaces listed in this field + and the ones selected by namespaceSelector. null or + empty namespaces list and null namespaceSelector means + "this pod's namespace" + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) + or not co-located (anti-affinity) with the pods matching + the labelSelector in the specified namespaces, where + co-located is defined as running on a node whose value + of the label with key topologyKey matches that of + any node on which any of the selected pods is running. + Empty topologyKey is not allowed. + type: string + required: + - topologyKey + type: object + type: array + type: object + podAntiAffinity: + description: Describes pod anti-affinity scheduling rules (e.g. + avoid putting this pod in the same node, zone, etc. as some + other pod(s)). + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule pods to + nodes that satisfy the anti-affinity expressions specified + by this field, but it may choose a node that violates one + or more of the expressions. The node that is most preferred + is the one with the greatest sum of weights, i.e. for each + node that meets all of the scheduling requirements (resource + request, requiredDuringScheduling anti-affinity expressions, + etc.), compute a sum by iterating through the elements of + this field and adding "weight" to the sum if the node has + pods which matches the corresponding podAffinityTerm; the + node(s) with the highest sum are the most preferred. + items: + description: The weights of all of the matched WeightedPodAffinityTerm + fields are added per-node to find the most preferred node(s) + properties: + podAffinityTerm: + description: Required. A pod affinity term, associated + with the corresponding weight. + properties: + labelSelector: + description: A label query over a set of resources, + in this case pods. + properties: + matchExpressions: + description: matchExpressions is a list of label + selector requirements. The requirements are + ANDed. + items: + description: A label selector requirement + is a selector that contains values, a key, + and an operator that relates the key and + values. + properties: + key: + description: key is the label key that + the selector applies to. + type: string + operator: + description: operator represents a key's + relationship to a set of values. Valid + operators are In, NotIn, Exists and + DoesNotExist. + type: string + values: + description: values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. + If the operator is Exists or DoesNotExist, + the values array must be empty. This + array is replaced during a strategic + merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is + "In", and the values array contains only "value". + The requirements are ANDed. + type: object + type: object + namespaceSelector: + description: A label query over the set of namespaces + that the term applies to. The term is applied + to the union of the namespaces selected by this + field and the ones listed in the namespaces field. + null selector and null or empty namespaces list + means "this pod's namespace". An empty selector + ({}) matches all namespaces. This field is beta-level + and is only honored when PodAffinityNamespaceSelector + feature is enabled. + properties: + matchExpressions: + description: matchExpressions is a list of label + selector requirements. The requirements are + ANDed. + items: + description: A label selector requirement + is a selector that contains values, a key, + and an operator that relates the key and + values. + properties: + key: + description: key is the label key that + the selector applies to. + type: string + operator: + description: operator represents a key's + relationship to a set of values. Valid + operators are In, NotIn, Exists and + DoesNotExist. + type: string + values: + description: values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. + If the operator is Exists or DoesNotExist, + the values array must be empty. This + array is replaced during a strategic + merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is + "In", and the values array contains only "value". + The requirements are ANDed. + type: object + type: object + namespaces: + description: namespaces specifies a static list + of namespace names that the term applies to. The + term is applied to the union of the namespaces + listed in this field and the ones selected by + namespaceSelector. null or empty namespaces list + and null namespaceSelector means "this pod's namespace" + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) + or not co-located (anti-affinity) with the pods + matching the labelSelector in the specified namespaces, + where co-located is defined as running on a node + whose value of the label with key topologyKey + matches that of any node on which any of the selected + pods is running. Empty topologyKey is not allowed. + type: string + required: + - topologyKey + type: object + weight: + description: weight associated with matching the corresponding + podAffinityTerm, in the range 1-100. + format: int32 + type: integer + required: + - podAffinityTerm + - weight + type: object + type: array + requiredDuringSchedulingIgnoredDuringExecution: + description: If the anti-affinity requirements specified by + this field are not met at scheduling time, the pod will + not be scheduled onto the node. If the anti-affinity requirements + specified by this field cease to be met at some point during + pod execution (e.g. due to a pod label update), the system + may or may not try to eventually evict the pod from its + node. When there are multiple elements, the lists of nodes + corresponding to each podAffinityTerm are intersected, i.e. + all terms must be satisfied. + items: + description: Defines a set of pods (namely those matching + the labelSelector relative to the given namespace(s)) + that this pod should be co-located (affinity) or not co-located + (anti-affinity) with, where co-located is defined as running + on a node whose value of the label with key + matches that of any node on which a pod of the set of + pods is running + properties: + labelSelector: + description: A label query over a set of resources, + in this case pods. + properties: + matchExpressions: + description: matchExpressions is a list of label + selector requirements. The requirements are ANDed. + items: + description: A label selector requirement is a + selector that contains values, a key, and an + operator that relates the key and values. + properties: + key: + description: key is the label key that the + selector applies to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are + In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. If the + operator is Exists or DoesNotExist, the + values array must be empty. This array is + replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is "In", + and the values array contains only "value". The + requirements are ANDed. + type: object + type: object + namespaceSelector: + description: A label query over the set of namespaces + that the term applies to. The term is applied to the + union of the namespaces selected by this field and + the ones listed in the namespaces field. null selector + and null or empty namespaces list means "this pod's + namespace". An empty selector ({}) matches all namespaces. + This field is beta-level and is only honored when + PodAffinityNamespaceSelector feature is enabled. + properties: + matchExpressions: + description: matchExpressions is a list of label + selector requirements. The requirements are ANDed. + items: + description: A label selector requirement is a + selector that contains values, a key, and an + operator that relates the key and values. + properties: + key: + description: key is the label key that the + selector applies to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are + In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. If the + operator is Exists or DoesNotExist, the + values array must be empty. This array is + replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is "In", + and the values array contains only "value". The + requirements are ANDed. + type: object + type: object + namespaces: + description: namespaces specifies a static list of namespace + names that the term applies to. The term is applied + to the union of the namespaces listed in this field + and the ones selected by namespaceSelector. null or + empty namespaces list and null namespaceSelector means + "this pod's namespace" + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) + or not co-located (anti-affinity) with the pods matching + the labelSelector in the specified namespaces, where + co-located is defined as running on a node whose value + of the label with key topologyKey matches that of + any node on which any of the selected pods is running. + Empty topologyKey is not allowed. + type: string + required: + - topologyKey + type: object + type: array + type: object + type: object + automountServiceAccountToken: + type: boolean + containers: + items: + description: A single application container that you want to run + within a pod. + properties: + args: + description: 'Arguments to the entrypoint. The docker image''s + CMD is used if this is not provided. Variable references $(VAR_NAME) + are expanded using the container''s environment. If a variable + cannot be resolved, the reference in the input string will + be unchanged. Double $$ are reduced to a single $, which allows + for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will + produce the string literal "$(VAR_NAME)". Escaped references + will never be expanded, regardless of whether the variable + exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' + items: + type: string + type: array + command: + description: 'Entrypoint array. Not executed within a shell. + The docker image''s ENTRYPOINT is used if this is not provided. + Variable references $(VAR_NAME) are expanded using the container''s + environment. If a variable cannot be resolved, the reference + in the input string will be unchanged. Double $$ are reduced + to a single $, which allows for escaping the $(VAR_NAME) syntax: + i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". + Escaped references will never be expanded, regardless of whether + the variable exists or not. Cannot be updated. More info: + https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' + items: + type: string + type: array + env: + description: List of environment variables to set in the container. + Cannot be updated. + items: + description: EnvVar represents an environment variable present + in a Container. + properties: + name: + description: Name of the environment variable. Must be + a C_IDENTIFIER. + type: string + value: + description: 'Variable references $(VAR_NAME) are expanded + using the previously defined environment variables in + the container and any service environment variables. + If a variable cannot be resolved, the reference in the + input string will be unchanged. Double $$ are reduced + to a single $, which allows for escaping the $(VAR_NAME) + syntax: i.e. "$$(VAR_NAME)" will produce the string + literal "$(VAR_NAME)". Escaped references will never + be expanded, regardless of whether the variable exists + or not. Defaults to "".' + type: string + valueFrom: + description: Source for the environment variable's value. + Cannot be used if value is not empty. + properties: + configMapKeyRef: + description: Selects a key of a ConfigMap. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether the ConfigMap or + its key must be defined + type: boolean + required: + - key + type: object + fieldRef: + description: 'Selects a field of the pod: supports + metadata.name, metadata.namespace, `metadata.labels['''']`, + `metadata.annotations['''']`, spec.nodeName, + spec.serviceAccountName, status.hostIP, status.podIP, + status.podIPs.' + properties: + apiVersion: + description: Version of the schema the FieldPath + is written in terms of, defaults to "v1". + type: string + fieldPath: + description: Path of the field to select in the + specified API version. + type: string + required: + - fieldPath + type: object + resourceFieldRef: + description: 'Selects a resource of the container: + only resources limits and requests (limits.cpu, + limits.memory, limits.ephemeral-storage, requests.cpu, + requests.memory and requests.ephemeral-storage) + are currently supported.' + properties: + containerName: + description: 'Container name: required for volumes, + optional for env vars' + type: string + divisor: + anyOf: + - type: integer + - type: string + description: Specifies the output format of the + exposed resources, defaults to "1" + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + description: 'Required: resource to select' + type: string + required: + - resource + type: object + secretKeyRef: + description: Selects a key of a secret in the pod's + namespace + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether the Secret or its + key must be defined + type: boolean + required: + - key + type: object + type: object + required: + - name + type: object + type: array + envFrom: + description: List of sources to populate environment variables + in the container. The keys defined within a source must be + a C_IDENTIFIER. All invalid keys will be reported as an event + when the container is starting. When a key exists in multiple + sources, the value associated with the last source will take + precedence. Values defined by an Env with a duplicate key + will take precedence. Cannot be updated. + items: + description: EnvFromSource represents the source of a set + of ConfigMaps + properties: + configMapRef: + description: The ConfigMap to select from + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether the ConfigMap must be + defined + type: boolean + type: object + prefix: + description: An optional identifier to prepend to each + key in the ConfigMap. Must be a C_IDENTIFIER. + type: string + secretRef: + description: The Secret to select from + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether the Secret must be defined + type: boolean + type: object + type: object + type: array + image: + description: 'Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images + This field is optional to allow higher level config management + to default or override container images in workload controllers + like Deployments and StatefulSets.' + type: string + imagePullPolicy: + description: 'Image pull policy. One of Always, Never, IfNotPresent. + Defaults to Always if :latest tag is specified, or IfNotPresent + otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' + type: string + lifecycle: + description: Actions that the management system should take + in response to container lifecycle events. Cannot be updated. + properties: + postStart: + description: 'PostStart is called immediately after a container + is created. If the handler fails, the container is terminated + and restarted according to its restart policy. Other management + of the container blocks until the hook completes. More + info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' + properties: + exec: + description: Exec specifies the action to take. + properties: + command: + description: Command is the command line to execute + inside the container, the working directory for + the command is root ('/') in the container's + filesystem. The command is simply exec'd, it is + not run inside a shell, so traditional shell instructions + ('|', etc) won't work. To use a shell, you need + to explicitly call out to that shell. Exit status + of 0 is treated as live/healthy and non-zero is + unhealthy. + items: + type: string + type: array + type: object + httpGet: + description: HTTPGet specifies the http request to perform. + properties: + host: + description: Host name to connect to, defaults to + the pod IP. You probably want to set "Host" in + httpHeaders instead. + type: string + httpHeaders: + description: Custom headers to set in the request. + HTTP allows repeated headers. + items: + description: HTTPHeader describes a custom header + to be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: integer + - type: string + description: Name or number of the port to access + on the container. Number must be in the range + 1 to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: Scheme to use for connecting to the + host. Defaults to HTTP. + type: string + required: + - port + type: object + tcpSocket: + description: Deprecated. TCPSocket is NOT supported + as a LifecycleHandler and kept for the backward compatibility. + There are no validation of this field and lifecycle + hooks will fail in runtime when tcp handler is specified. + properties: + host: + description: 'Optional: Host name to connect to, + defaults to the pod IP.' + type: string + port: + anyOf: + - type: integer + - type: string + description: Number or name of the port to access + on the container. Number must be in the range + 1 to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + type: object + preStop: + description: 'PreStop is called immediately before a container + is terminated due to an API request or management event + such as liveness/startup probe failure, preemption, resource + contention, etc. The handler is not called if the container + crashes or exits. The Pod''s termination grace period + countdown begins before the PreStop hook is executed. + Regardless of the outcome of the handler, the container + will eventually terminate within the Pod''s termination + grace period (unless delayed by finalizers). Other management + of the container blocks until the hook completes or until + the termination grace period is reached. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' + properties: + exec: + description: Exec specifies the action to take. + properties: + command: + description: Command is the command line to execute + inside the container, the working directory for + the command is root ('/') in the container's + filesystem. The command is simply exec'd, it is + not run inside a shell, so traditional shell instructions + ('|', etc) won't work. To use a shell, you need + to explicitly call out to that shell. Exit status + of 0 is treated as live/healthy and non-zero is + unhealthy. + items: + type: string + type: array + type: object + httpGet: + description: HTTPGet specifies the http request to perform. + properties: + host: + description: Host name to connect to, defaults to + the pod IP. You probably want to set "Host" in + httpHeaders instead. + type: string + httpHeaders: + description: Custom headers to set in the request. + HTTP allows repeated headers. + items: + description: HTTPHeader describes a custom header + to be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: integer + - type: string + description: Name or number of the port to access + on the container. Number must be in the range + 1 to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: Scheme to use for connecting to the + host. Defaults to HTTP. + type: string + required: + - port + type: object + tcpSocket: + description: Deprecated. TCPSocket is NOT supported + as a LifecycleHandler and kept for the backward compatibility. + There are no validation of this field and lifecycle + hooks will fail in runtime when tcp handler is specified. + properties: + host: + description: 'Optional: Host name to connect to, + defaults to the pod IP.' + type: string + port: + anyOf: + - type: integer + - type: string + description: Number or name of the port to access + on the container. Number must be in the range + 1 to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + type: object + type: object + livenessProbe: + description: 'Periodic probe of container liveness. Container + will be restarted if the probe fails. Cannot be updated. More + info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + properties: + exec: + description: Exec specifies the action to take. + properties: + command: + description: Command is the command line to execute + inside the container, the working directory for the + command is root ('/') in the container's filesystem. + The command is simply exec'd, it is not run inside + a shell, so traditional shell instructions ('|', etc) + won't work. To use a shell, you need to explicitly + call out to that shell. Exit status of 0 is treated + as live/healthy and non-zero is unhealthy. + items: + type: string + type: array + type: object + failureThreshold: + description: Minimum consecutive failures for the probe + to be considered failed after having succeeded. Defaults + to 3. Minimum value is 1. + format: int32 + type: integer + grpc: + description: GRPC specifies an action involving a GRPC port. + This is an alpha field and requires enabling GRPCContainerProbe + feature gate. + properties: + port: + description: Port number of the gRPC service. Number + must be in the range 1 to 65535. + format: int32 + type: integer + service: + description: "Service is the name of the service to + place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + \n If this is not specified, the default behavior + is defined by gRPC." + type: string + required: + - port + type: object + httpGet: + description: HTTPGet specifies the http request to perform. + properties: + host: + description: Host name to connect to, defaults to the + pod IP. You probably want to set "Host" in httpHeaders + instead. + type: string + httpHeaders: + description: Custom headers to set in the request. HTTP + allows repeated headers. + items: + description: HTTPHeader describes a custom header + to be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: integer + - type: string + description: Name or number of the port to access on + the container. Number must be in the range 1 to 65535. + Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: Scheme to use for connecting to the host. + Defaults to HTTP. + type: string + required: + - port + type: object + initialDelaySeconds: + description: 'Number of seconds after the container has + started before liveness probes are initiated. More info: + https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + periodSeconds: + description: How often (in seconds) to perform the probe. + Default to 10 seconds. Minimum value is 1. + format: int32 + type: integer + successThreshold: + description: Minimum consecutive successes for the probe + to be considered successful after having failed. Defaults + to 1. Must be 1 for liveness and startup. Minimum value + is 1. + format: int32 + type: integer + tcpSocket: + description: TCPSocket specifies an action involving a TCP + port. + properties: + host: + description: 'Optional: Host name to connect to, defaults + to the pod IP.' + type: string + port: + anyOf: + - type: integer + - type: string + description: Number or name of the port to access on + the container. Number must be in the range 1 to 65535. + Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + terminationGracePeriodSeconds: + description: Optional duration in seconds the pod needs + to terminate gracefully upon probe failure. The grace + period is the duration in seconds after the processes + running in the pod are sent a termination signal and the + time when the processes are forcibly halted with a kill + signal. Set this value longer than the expected cleanup + time for your process. If this value is nil, the pod's + terminationGracePeriodSeconds will be used. Otherwise, + this value overrides the value provided by the pod spec. + Value must be non-negative integer. The value zero indicates + stop immediately via the kill signal (no opportunity to + shut down). This is a beta field and requires enabling + ProbeTerminationGracePeriod feature gate. Minimum value + is 1. spec.terminationGracePeriodSeconds is used if unset. + format: int64 + type: integer + timeoutSeconds: + description: 'Number of seconds after which the probe times + out. Defaults to 1 second. Minimum value is 1. More info: + https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + type: object + name: + description: Name of the container specified as a DNS_LABEL. + Each container in a pod must have a unique name (DNS_LABEL). + Cannot be updated. + type: string + ports: + description: List of ports to expose from the container. Exposing + a port here gives the system additional information about + the network connections a container uses, but is primarily + informational. Not specifying a port here DOES NOT prevent + that port from being exposed. Any port which is listening + on the default "0.0.0.0" address inside a container will be + accessible from the network. Cannot be updated. + items: + description: ContainerPort represents a network port in a + single container. + properties: + containerPort: + description: Number of port to expose on the pod's IP + address. This must be a valid port number, 0 < x < 65536. + format: int32 + type: integer + hostIP: + description: What host IP to bind the external port to. + type: string + hostPort: + description: Number of port to expose on the host. If + specified, this must be a valid port number, 0 < x < + 65536. If HostNetwork is specified, this must match + ContainerPort. Most containers do not need this. + format: int32 + type: integer + name: + description: If specified, this must be an IANA_SVC_NAME + and unique within the pod. Each named port in a pod + must have a unique name. Name for the port that can + be referred to by services. + type: string + protocol: + default: TCP + description: Protocol for port. Must be UDP, TCP, or SCTP. + Defaults to "TCP". + type: string + required: + - containerPort + type: object + type: array + x-kubernetes-list-map-keys: + - containerPort + - protocol + x-kubernetes-list-type: map + readinessProbe: + description: 'Periodic probe of container service readiness. + Container will be removed from service endpoints if the probe + fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + properties: + exec: + description: Exec specifies the action to take. + properties: + command: + description: Command is the command line to execute + inside the container, the working directory for the + command is root ('/') in the container's filesystem. + The command is simply exec'd, it is not run inside + a shell, so traditional shell instructions ('|', etc) + won't work. To use a shell, you need to explicitly + call out to that shell. Exit status of 0 is treated + as live/healthy and non-zero is unhealthy. + items: + type: string + type: array + type: object + failureThreshold: + description: Minimum consecutive failures for the probe + to be considered failed after having succeeded. Defaults + to 3. Minimum value is 1. + format: int32 + type: integer + grpc: + description: GRPC specifies an action involving a GRPC port. + This is an alpha field and requires enabling GRPCContainerProbe + feature gate. + properties: + port: + description: Port number of the gRPC service. Number + must be in the range 1 to 65535. + format: int32 + type: integer + service: + description: "Service is the name of the service to + place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + \n If this is not specified, the default behavior + is defined by gRPC." + type: string + required: + - port + type: object + httpGet: + description: HTTPGet specifies the http request to perform. + properties: + host: + description: Host name to connect to, defaults to the + pod IP. You probably want to set "Host" in httpHeaders + instead. + type: string + httpHeaders: + description: Custom headers to set in the request. HTTP + allows repeated headers. + items: + description: HTTPHeader describes a custom header + to be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: integer + - type: string + description: Name or number of the port to access on + the container. Number must be in the range 1 to 65535. + Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: Scheme to use for connecting to the host. + Defaults to HTTP. + type: string + required: + - port + type: object + initialDelaySeconds: + description: 'Number of seconds after the container has + started before liveness probes are initiated. More info: + https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + periodSeconds: + description: How often (in seconds) to perform the probe. + Default to 10 seconds. Minimum value is 1. + format: int32 + type: integer + successThreshold: + description: Minimum consecutive successes for the probe + to be considered successful after having failed. Defaults + to 1. Must be 1 for liveness and startup. Minimum value + is 1. + format: int32 + type: integer + tcpSocket: + description: TCPSocket specifies an action involving a TCP + port. + properties: + host: + description: 'Optional: Host name to connect to, defaults + to the pod IP.' + type: string + port: + anyOf: + - type: integer + - type: string + description: Number or name of the port to access on + the container. Number must be in the range 1 to 65535. + Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + terminationGracePeriodSeconds: + description: Optional duration in seconds the pod needs + to terminate gracefully upon probe failure. The grace + period is the duration in seconds after the processes + running in the pod are sent a termination signal and the + time when the processes are forcibly halted with a kill + signal. Set this value longer than the expected cleanup + time for your process. If this value is nil, the pod's + terminationGracePeriodSeconds will be used. Otherwise, + this value overrides the value provided by the pod spec. + Value must be non-negative integer. The value zero indicates + stop immediately via the kill signal (no opportunity to + shut down). This is a beta field and requires enabling + ProbeTerminationGracePeriod feature gate. Minimum value + is 1. spec.terminationGracePeriodSeconds is used if unset. + format: int64 + type: integer + timeoutSeconds: + description: 'Number of seconds after which the probe times + out. Defaults to 1 second. Minimum value is 1. More info: + https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + type: object + resources: + description: 'Compute Resources required by this container. + Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + properties: + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum amount of compute + resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum amount of compute + resources required. If Requests is omitted for a container, + it defaults to Limits if that is explicitly specified, + otherwise to an implementation-defined value. More info: + https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + type: object + securityContext: + description: 'SecurityContext defines the security options the + container should be run with. If set, the fields of SecurityContext + override the equivalent fields of PodSecurityContext. More + info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/' + properties: + allowPrivilegeEscalation: + description: 'AllowPrivilegeEscalation controls whether + a process can gain more privileges than its parent process. + This bool directly controls if the no_new_privs flag will + be set on the container process. AllowPrivilegeEscalation + is true always when the container is: 1) run as Privileged + 2) has CAP_SYS_ADMIN Note that this field cannot be set + when spec.os.name is windows.' + type: boolean + capabilities: + description: The capabilities to add/drop when running containers. + Defaults to the default set of capabilities granted by + the container runtime. Note that this field cannot be + set when spec.os.name is windows. + properties: + add: + description: Added capabilities + items: + description: Capability represent POSIX capabilities + type + type: string + type: array + drop: + description: Removed capabilities + items: + description: Capability represent POSIX capabilities + type + type: string + type: array + type: object + privileged: + description: Run container in privileged mode. Processes + in privileged containers are essentially equivalent to + root on the host. Defaults to false. Note that this field + cannot be set when spec.os.name is windows. + type: boolean + procMount: + description: procMount denotes the type of proc mount to + use for the containers. The default is DefaultProcMount + which uses the container runtime defaults for readonly + paths and masked paths. This requires the ProcMountType + feature flag to be enabled. Note that this field cannot + be set when spec.os.name is windows. + type: string + readOnlyRootFilesystem: + description: Whether this container has a read-only root + filesystem. Default is false. Note that this field cannot + be set when spec.os.name is windows. + type: boolean + runAsGroup: + description: The GID to run the entrypoint of the container + process. Uses runtime default if unset. May also be set + in PodSecurityContext. If set in both SecurityContext + and PodSecurityContext, the value specified in SecurityContext + takes precedence. Note that this field cannot be set when + spec.os.name is windows. + format: int64 + type: integer + runAsNonRoot: + description: Indicates that the container must run as a + non-root user. If true, the Kubelet will validate the + image at runtime to ensure that it does not run as UID + 0 (root) and fail to start the container if it does. If + unset or false, no such validation will be performed. + May also be set in PodSecurityContext. If set in both + SecurityContext and PodSecurityContext, the value specified + in SecurityContext takes precedence. + type: boolean + runAsUser: + description: The UID to run the entrypoint of the container + process. Defaults to user specified in image metadata + if unspecified. May also be set in PodSecurityContext. If + set in both SecurityContext and PodSecurityContext, the + value specified in SecurityContext takes precedence. Note + that this field cannot be set when spec.os.name is windows. + format: int64 + type: integer + seLinuxOptions: + description: The SELinux context to be applied to the container. + If unspecified, the container runtime will allocate a + random SELinux context for each container. May also be + set in PodSecurityContext. If set in both SecurityContext + and PodSecurityContext, the value specified in SecurityContext + takes precedence. Note that this field cannot be set when + spec.os.name is windows. + properties: + level: + description: Level is SELinux level label that applies + to the container. + type: string + role: + description: Role is a SELinux role label that applies + to the container. + type: string + type: + description: Type is a SELinux type label that applies + to the container. + type: string + user: + description: User is a SELinux user label that applies + to the container. + type: string + type: object + seccompProfile: + description: The seccomp options to use by this container. + If seccomp options are provided at both the pod & container + level, the container options override the pod options. + Note that this field cannot be set when spec.os.name is + windows. + properties: + localhostProfile: + description: localhostProfile indicates a profile defined + in a file on the node should be used. The profile + must be preconfigured on the node to work. Must be + a descending path, relative to the kubelet's configured + seccomp profile location. Must only be set if type + is "Localhost". + type: string + type: + description: "type indicates which kind of seccomp profile + will be applied. Valid options are: \n Localhost - + a profile defined in a file on the node should be + used. RuntimeDefault - the container runtime default + profile should be used. Unconfined - no profile should + be applied." + type: string + required: + - type + type: object + windowsOptions: + description: The Windows specific settings applied to all + containers. If unspecified, the options from the PodSecurityContext + will be used. If set in both SecurityContext and PodSecurityContext, + the value specified in SecurityContext takes precedence. + Note that this field cannot be set when spec.os.name is + linux. + properties: + gmsaCredentialSpec: + description: GMSACredentialSpec is where the GMSA admission + webhook (https://github.com/kubernetes-sigs/windows-gmsa) + inlines the contents of the GMSA credential spec named + by the GMSACredentialSpecName field. + type: string + gmsaCredentialSpecName: + description: GMSACredentialSpecName is the name of the + GMSA credential spec to use. + type: string + hostProcess: + description: HostProcess determines if a container should + be run as a 'Host Process' container. This field is + alpha-level and will only be honored by components + that enable the WindowsHostProcessContainers feature + flag. Setting this field without the feature flag + will result in errors when validating the Pod. All + of a Pod's containers must have the same effective + HostProcess value (it is not allowed to have a mix + of HostProcess containers and non-HostProcess containers). In + addition, if HostProcess is true then HostNetwork + must also be set to true. + type: boolean + runAsUserName: + description: The UserName in Windows to run the entrypoint + of the container process. Defaults to the user specified + in image metadata if unspecified. May also be set + in PodSecurityContext. If set in both SecurityContext + and PodSecurityContext, the value specified in SecurityContext + takes precedence. + type: string + type: object + type: object + startupProbe: + description: 'StartupProbe indicates that the Pod has successfully + initialized. If specified, no other probes are executed until + this completes successfully. If this probe fails, the Pod + will be restarted, just as if the livenessProbe failed. This + can be used to provide different probe parameters at the beginning + of a Pod''s lifecycle, when it might take a long time to load + data or warm a cache, than during steady-state operation. + This cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + properties: + exec: + description: Exec specifies the action to take. + properties: + command: + description: Command is the command line to execute + inside the container, the working directory for the + command is root ('/') in the container's filesystem. + The command is simply exec'd, it is not run inside + a shell, so traditional shell instructions ('|', etc) + won't work. To use a shell, you need to explicitly + call out to that shell. Exit status of 0 is treated + as live/healthy and non-zero is unhealthy. + items: + type: string + type: array + type: object + failureThreshold: + description: Minimum consecutive failures for the probe + to be considered failed after having succeeded. Defaults + to 3. Minimum value is 1. + format: int32 + type: integer + grpc: + description: GRPC specifies an action involving a GRPC port. + This is an alpha field and requires enabling GRPCContainerProbe + feature gate. + properties: + port: + description: Port number of the gRPC service. Number + must be in the range 1 to 65535. + format: int32 + type: integer + service: + description: "Service is the name of the service to + place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + \n If this is not specified, the default behavior + is defined by gRPC." + type: string + required: + - port + type: object + httpGet: + description: HTTPGet specifies the http request to perform. + properties: + host: + description: Host name to connect to, defaults to the + pod IP. You probably want to set "Host" in httpHeaders + instead. + type: string + httpHeaders: + description: Custom headers to set in the request. HTTP + allows repeated headers. + items: + description: HTTPHeader describes a custom header + to be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: integer + - type: string + description: Name or number of the port to access on + the container. Number must be in the range 1 to 65535. + Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: Scheme to use for connecting to the host. + Defaults to HTTP. + type: string + required: + - port + type: object + initialDelaySeconds: + description: 'Number of seconds after the container has + started before liveness probes are initiated. More info: + https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + periodSeconds: + description: How often (in seconds) to perform the probe. + Default to 10 seconds. Minimum value is 1. + format: int32 + type: integer + successThreshold: + description: Minimum consecutive successes for the probe + to be considered successful after having failed. Defaults + to 1. Must be 1 for liveness and startup. Minimum value + is 1. + format: int32 + type: integer + tcpSocket: + description: TCPSocket specifies an action involving a TCP + port. + properties: + host: + description: 'Optional: Host name to connect to, defaults + to the pod IP.' + type: string + port: + anyOf: + - type: integer + - type: string + description: Number or name of the port to access on + the container. Number must be in the range 1 to 65535. + Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + terminationGracePeriodSeconds: + description: Optional duration in seconds the pod needs + to terminate gracefully upon probe failure. The grace + period is the duration in seconds after the processes + running in the pod are sent a termination signal and the + time when the processes are forcibly halted with a kill + signal. Set this value longer than the expected cleanup + time for your process. If this value is nil, the pod's + terminationGracePeriodSeconds will be used. Otherwise, + this value overrides the value provided by the pod spec. + Value must be non-negative integer. The value zero indicates + stop immediately via the kill signal (no opportunity to + shut down). This is a beta field and requires enabling + ProbeTerminationGracePeriod feature gate. Minimum value + is 1. spec.terminationGracePeriodSeconds is used if unset. + format: int64 + type: integer + timeoutSeconds: + description: 'Number of seconds after which the probe times + out. Defaults to 1 second. Minimum value is 1. More info: + https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + type: object + stdin: + description: Whether this container should allocate a buffer + for stdin in the container runtime. If this is not set, reads + from stdin in the container will always result in EOF. Default + is false. + type: boolean + stdinOnce: + description: Whether the container runtime should close the + stdin channel after it has been opened by a single attach. + When stdin is true the stdin stream will remain open across + multiple attach sessions. If stdinOnce is set to true, stdin + is opened on container start, is empty until the first client + attaches to stdin, and then remains open and accepts data + until the client disconnects, at which time stdin is closed + and remains closed until the container is restarted. If this + flag is false, a container processes that reads from stdin + will never receive an EOF. Default is false + type: boolean + terminationMessagePath: + description: 'Optional: Path at which the file to which the + container''s termination message will be written is mounted + into the container''s filesystem. Message written is intended + to be brief final status, such as an assertion failure message. + Will be truncated by the node if greater than 4096 bytes. + The total message length across all containers will be limited + to 12kb. Defaults to /dev/termination-log. Cannot be updated.' + type: string + terminationMessagePolicy: + description: Indicate how the termination message should be + populated. File will use the contents of terminationMessagePath + to populate the container status message on both success and + failure. FallbackToLogsOnError will use the last chunk of + container log output if the termination message file is empty + and the container exited with an error. The log output is + limited to 2048 bytes or 80 lines, whichever is smaller. Defaults + to File. Cannot be updated. + type: string + tty: + description: Whether this container should allocate a TTY for + itself, also requires 'stdin' to be true. Default is false. + type: boolean + volumeDevices: + description: volumeDevices is the list of block devices to be + used by the container. + items: + description: volumeDevice describes a mapping of a raw block + device within a container. + properties: + devicePath: + description: devicePath is the path inside of the container + that the device will be mapped to. + type: string + name: + description: name must match the name of a persistentVolumeClaim + in the pod + type: string + required: + - devicePath + - name + type: object + type: array + volumeMounts: + description: Pod volumes to mount into the container's filesystem. + Cannot be updated. + items: + description: VolumeMount describes a mounting of a Volume + within a container. + properties: + mountPath: + description: Path within the container at which the volume + should be mounted. Must not contain ':'. + type: string + mountPropagation: + description: mountPropagation determines how mounts are + propagated from the host to container and the other + way around. When not set, MountPropagationNone is used. + This field is beta in 1.10. + type: string + name: + description: This must match the Name of a Volume. + type: string + readOnly: + description: Mounted read-only if true, read-write otherwise + (false or unspecified). Defaults to false. + type: boolean + subPath: + description: Path within the volume from which the container's + volume should be mounted. Defaults to "" (volume's root). + type: string + subPathExpr: + description: Expanded path within the volume from which + the container's volume should be mounted. Behaves similarly + to SubPath but environment variable references $(VAR_NAME) + are expanded using the container's environment. Defaults + to "" (volume's root). SubPathExpr and SubPath are mutually + exclusive. + type: string + required: + - mountPath + - name + type: object + type: array + workingDir: + description: Container's working directory. If not specified, + the container runtime's default will be used, which might + be configured in the container image. Cannot be updated. + type: string + required: + - name + type: object + type: array + dnsConfig: + items: + description: PodDNSConfig defines the DNS parameters of a pod in + addition to those generated from DNSPolicy. + properties: + nameservers: + description: A list of DNS name server IP addresses. This will + be appended to the base nameservers generated from DNSPolicy. + Duplicated nameservers will be removed. + items: + type: string + type: array + options: + description: A list of DNS resolver options. This will be merged + with the base options generated from DNSPolicy. Duplicated + entries will be removed. Resolution options given in Options + will override those that appear in the base DNSPolicy. + items: + description: PodDNSConfigOption defines DNS resolver options + of a pod. + properties: + name: + description: Required. + type: string + value: + type: string + type: object + type: array + searches: + description: A list of DNS search domains for host-name lookup. + This will be appended to the base search paths generated from + DNSPolicy. Duplicated search paths will be removed. + items: + type: string + type: array + type: object + type: array + dockerEnabled: + type: boolean + dockerEnv: + items: + description: EnvVar represents an environment variable present in + a Container. + properties: + name: + description: Name of the environment variable. Must be a C_IDENTIFIER. + type: string + value: + description: 'Variable references $(VAR_NAME) are expanded using + the previously defined environment variables in the container + and any service environment variables. If a variable cannot + be resolved, the reference in the input string will be unchanged. + Double $$ are reduced to a single $, which allows for escaping + the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce the + string literal "$(VAR_NAME)". Escaped references will never + be expanded, regardless of whether the variable exists or + not. Defaults to "".' + type: string + valueFrom: + description: Source for the environment variable's value. Cannot + be used if value is not empty. + properties: + configMapKeyRef: + description: Selects a key of a ConfigMap. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + optional: + description: Specify whether the ConfigMap or its key + must be defined + type: boolean + required: + - key + type: object + fieldRef: + description: 'Selects a field of the pod: supports metadata.name, + metadata.namespace, `metadata.labels['''']`, `metadata.annotations['''']`, + spec.nodeName, spec.serviceAccountName, status.hostIP, + status.podIP, status.podIPs.' + properties: + apiVersion: + description: Version of the schema the FieldPath is + written in terms of, defaults to "v1". + type: string + fieldPath: + description: Path of the field to select in the specified + API version. + type: string + required: + - fieldPath + type: object + resourceFieldRef: + description: 'Selects a resource of the container: only + resources limits and requests (limits.cpu, limits.memory, + limits.ephemeral-storage, requests.cpu, requests.memory + and requests.ephemeral-storage) are currently supported.' + properties: + containerName: + description: 'Container name: required for volumes, + optional for env vars' + type: string + divisor: + anyOf: + - type: integer + - type: string + description: Specifies the output format of the exposed + resources, defaults to "1" + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + description: 'Required: resource to select' + type: string + required: + - resource + type: object + secretKeyRef: + description: Selects a key of a secret in the pod's namespace + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + type: object + required: + - name + type: object + type: array + dockerMTU: + format: int64 + type: integer + dockerRegistryMirror: + type: string + dockerVolumeMounts: + items: + description: VolumeMount describes a mounting of a Volume within + a container. + properties: + mountPath: + description: Path within the container at which the volume should + be mounted. Must not contain ':'. + type: string + mountPropagation: + description: mountPropagation determines how mounts are propagated + from the host to container and the other way around. When + not set, MountPropagationNone is used. This field is beta + in 1.10. + type: string + name: + description: This must match the Name of a Volume. + type: string + readOnly: + description: Mounted read-only if true, read-write otherwise + (false or unspecified). Defaults to false. + type: boolean + subPath: + description: Path within the volume from which the container's + volume should be mounted. Defaults to "" (volume's root). + type: string + subPathExpr: + description: Expanded path within the volume from which the + container's volume should be mounted. Behaves similarly to + SubPath but environment variable references $(VAR_NAME) are + expanded using the container's environment. Defaults to "" + (volume's root). SubPathExpr and SubPath are mutually exclusive. + type: string + required: + - mountPath + - name + type: object + type: array + dockerdContainerResources: + description: ResourceRequirements describes the compute resource requirements. + properties: + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum amount of compute resources + allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum amount of compute + resources required. If Requests is omitted for a container, + it defaults to Limits if that is explicitly specified, otherwise + to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + type: object + dockerdWithinRunnerContainer: + type: boolean + enableServiceLinks: + type: boolean + enterprise: + pattern: ^[^/]+$ + type: string + env: + items: + description: EnvVar represents an environment variable present in + a Container. + properties: + name: + description: Name of the environment variable. Must be a C_IDENTIFIER. + type: string + value: + description: 'Variable references $(VAR_NAME) are expanded using + the previously defined environment variables in the container + and any service environment variables. If a variable cannot + be resolved, the reference in the input string will be unchanged. + Double $$ are reduced to a single $, which allows for escaping + the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce the + string literal "$(VAR_NAME)". Escaped references will never + be expanded, regardless of whether the variable exists or + not. Defaults to "".' + type: string + valueFrom: + description: Source for the environment variable's value. Cannot + be used if value is not empty. + properties: + configMapKeyRef: + description: Selects a key of a ConfigMap. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + optional: + description: Specify whether the ConfigMap or its key + must be defined + type: boolean + required: + - key + type: object + fieldRef: + description: 'Selects a field of the pod: supports metadata.name, + metadata.namespace, `metadata.labels['''']`, `metadata.annotations['''']`, + spec.nodeName, spec.serviceAccountName, status.hostIP, + status.podIP, status.podIPs.' + properties: + apiVersion: + description: Version of the schema the FieldPath is + written in terms of, defaults to "v1". + type: string + fieldPath: + description: Path of the field to select in the specified + API version. + type: string + required: + - fieldPath + type: object + resourceFieldRef: + description: 'Selects a resource of the container: only + resources limits and requests (limits.cpu, limits.memory, + limits.ephemeral-storage, requests.cpu, requests.memory + and requests.ephemeral-storage) are currently supported.' + properties: + containerName: + description: 'Container name: required for volumes, + optional for env vars' + type: string + divisor: + anyOf: + - type: integer + - type: string + description: Specifies the output format of the exposed + resources, defaults to "1" + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + description: 'Required: resource to select' + type: string + required: + - resource + type: object + secretKeyRef: + description: Selects a key of a secret in the pod's namespace + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + type: object + required: + - name + type: object + type: array + envFrom: + items: + description: EnvFromSource represents the source of a set of ConfigMaps + properties: + configMapRef: + description: The ConfigMap to select from + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + optional: + description: Specify whether the ConfigMap must be defined + type: boolean + type: object + prefix: + description: An optional identifier to prepend to each key in + the ConfigMap. Must be a C_IDENTIFIER. + type: string + secretRef: + description: The Secret to select from + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + optional: + description: Specify whether the Secret must be defined + type: boolean + type: object + type: object + type: array + ephemeral: + type: boolean + ephemeralContainers: + items: + description: "An EphemeralContainer is a temporary container that + you may add to an existing Pod for user-initiated activities such + as debugging. Ephemeral containers have no resource or scheduling + guarantees, and they will not be restarted when they exit or when + a Pod is removed or restarted. The kubelet may evict a Pod if + an ephemeral container causes the Pod to exceed its resource allocation. + \n To add an ephemeral container, use the ephemeralcontainers + subresource of an existing Pod. Ephemeral containers may not be + removed or restarted. \n This is a beta feature available on clusters + that haven't disabled the EphemeralContainers feature gate." + properties: + args: + description: 'Arguments to the entrypoint. The docker image''s + CMD is used if this is not provided. Variable references $(VAR_NAME) + are expanded using the container''s environment. If a variable + cannot be resolved, the reference in the input string will + be unchanged. Double $$ are reduced to a single $, which allows + for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will + produce the string literal "$(VAR_NAME)". Escaped references + will never be expanded, regardless of whether the variable + exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' + items: + type: string + type: array + command: + description: 'Entrypoint array. Not executed within a shell. + The docker image''s ENTRYPOINT is used if this is not provided. + Variable references $(VAR_NAME) are expanded using the container''s + environment. If a variable cannot be resolved, the reference + in the input string will be unchanged. Double $$ are reduced + to a single $, which allows for escaping the $(VAR_NAME) syntax: + i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". + Escaped references will never be expanded, regardless of whether + the variable exists or not. Cannot be updated. More info: + https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' + items: + type: string + type: array + env: + description: List of environment variables to set in the container. + Cannot be updated. + items: + description: EnvVar represents an environment variable present + in a Container. + properties: + name: + description: Name of the environment variable. Must be + a C_IDENTIFIER. + type: string + value: + description: 'Variable references $(VAR_NAME) are expanded + using the previously defined environment variables in + the container and any service environment variables. + If a variable cannot be resolved, the reference in the + input string will be unchanged. Double $$ are reduced + to a single $, which allows for escaping the $(VAR_NAME) + syntax: i.e. "$$(VAR_NAME)" will produce the string + literal "$(VAR_NAME)". Escaped references will never + be expanded, regardless of whether the variable exists + or not. Defaults to "".' + type: string + valueFrom: + description: Source for the environment variable's value. + Cannot be used if value is not empty. + properties: + configMapKeyRef: + description: Selects a key of a ConfigMap. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether the ConfigMap or + its key must be defined + type: boolean + required: + - key + type: object + fieldRef: + description: 'Selects a field of the pod: supports + metadata.name, metadata.namespace, `metadata.labels['''']`, + `metadata.annotations['''']`, spec.nodeName, + spec.serviceAccountName, status.hostIP, status.podIP, + status.podIPs.' + properties: + apiVersion: + description: Version of the schema the FieldPath + is written in terms of, defaults to "v1". + type: string + fieldPath: + description: Path of the field to select in the + specified API version. + type: string + required: + - fieldPath + type: object + resourceFieldRef: + description: 'Selects a resource of the container: + only resources limits and requests (limits.cpu, + limits.memory, limits.ephemeral-storage, requests.cpu, + requests.memory and requests.ephemeral-storage) + are currently supported.' + properties: + containerName: + description: 'Container name: required for volumes, + optional for env vars' + type: string + divisor: + anyOf: + - type: integer + - type: string + description: Specifies the output format of the + exposed resources, defaults to "1" + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + description: 'Required: resource to select' + type: string + required: + - resource + type: object + secretKeyRef: + description: Selects a key of a secret in the pod's + namespace + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether the Secret or its + key must be defined + type: boolean + required: + - key + type: object + type: object + required: + - name + type: object + type: array + envFrom: + description: List of sources to populate environment variables + in the container. The keys defined within a source must be + a C_IDENTIFIER. All invalid keys will be reported as an event + when the container is starting. When a key exists in multiple + sources, the value associated with the last source will take + precedence. Values defined by an Env with a duplicate key + will take precedence. Cannot be updated. + items: + description: EnvFromSource represents the source of a set + of ConfigMaps + properties: + configMapRef: + description: The ConfigMap to select from + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether the ConfigMap must be + defined + type: boolean + type: object + prefix: + description: An optional identifier to prepend to each + key in the ConfigMap. Must be a C_IDENTIFIER. + type: string + secretRef: + description: The Secret to select from + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether the Secret must be defined + type: boolean + type: object + type: object + type: array + image: + description: 'Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images' + type: string + imagePullPolicy: + description: 'Image pull policy. One of Always, Never, IfNotPresent. + Defaults to Always if :latest tag is specified, or IfNotPresent + otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' + type: string + lifecycle: + description: Lifecycle is not allowed for ephemeral containers. + properties: + postStart: + description: 'PostStart is called immediately after a container + is created. If the handler fails, the container is terminated + and restarted according to its restart policy. Other management + of the container blocks until the hook completes. More + info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' + properties: + exec: + description: Exec specifies the action to take. + properties: + command: + description: Command is the command line to execute + inside the container, the working directory for + the command is root ('/') in the container's + filesystem. The command is simply exec'd, it is + not run inside a shell, so traditional shell instructions + ('|', etc) won't work. To use a shell, you need + to explicitly call out to that shell. Exit status + of 0 is treated as live/healthy and non-zero is + unhealthy. + items: + type: string + type: array + type: object + httpGet: + description: HTTPGet specifies the http request to perform. + properties: + host: + description: Host name to connect to, defaults to + the pod IP. You probably want to set "Host" in + httpHeaders instead. + type: string + httpHeaders: + description: Custom headers to set in the request. + HTTP allows repeated headers. + items: + description: HTTPHeader describes a custom header + to be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: integer + - type: string + description: Name or number of the port to access + on the container. Number must be in the range + 1 to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: Scheme to use for connecting to the + host. Defaults to HTTP. + type: string + required: + - port + type: object + tcpSocket: + description: Deprecated. TCPSocket is NOT supported + as a LifecycleHandler and kept for the backward compatibility. + There are no validation of this field and lifecycle + hooks will fail in runtime when tcp handler is specified. + properties: + host: + description: 'Optional: Host name to connect to, + defaults to the pod IP.' + type: string + port: + anyOf: + - type: integer + - type: string + description: Number or name of the port to access + on the container. Number must be in the range + 1 to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + type: object + preStop: + description: 'PreStop is called immediately before a container + is terminated due to an API request or management event + such as liveness/startup probe failure, preemption, resource + contention, etc. The handler is not called if the container + crashes or exits. The Pod''s termination grace period + countdown begins before the PreStop hook is executed. + Regardless of the outcome of the handler, the container + will eventually terminate within the Pod''s termination + grace period (unless delayed by finalizers). Other management + of the container blocks until the hook completes or until + the termination grace period is reached. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' + properties: + exec: + description: Exec specifies the action to take. + properties: + command: + description: Command is the command line to execute + inside the container, the working directory for + the command is root ('/') in the container's + filesystem. The command is simply exec'd, it is + not run inside a shell, so traditional shell instructions + ('|', etc) won't work. To use a shell, you need + to explicitly call out to that shell. Exit status + of 0 is treated as live/healthy and non-zero is + unhealthy. + items: + type: string + type: array + type: object + httpGet: + description: HTTPGet specifies the http request to perform. + properties: + host: + description: Host name to connect to, defaults to + the pod IP. You probably want to set "Host" in + httpHeaders instead. + type: string + httpHeaders: + description: Custom headers to set in the request. + HTTP allows repeated headers. + items: + description: HTTPHeader describes a custom header + to be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: integer + - type: string + description: Name or number of the port to access + on the container. Number must be in the range + 1 to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: Scheme to use for connecting to the + host. Defaults to HTTP. + type: string + required: + - port + type: object + tcpSocket: + description: Deprecated. TCPSocket is NOT supported + as a LifecycleHandler and kept for the backward compatibility. + There are no validation of this field and lifecycle + hooks will fail in runtime when tcp handler is specified. + properties: + host: + description: 'Optional: Host name to connect to, + defaults to the pod IP.' + type: string + port: + anyOf: + - type: integer + - type: string + description: Number or name of the port to access + on the container. Number must be in the range + 1 to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + type: object + type: object + livenessProbe: + description: Probes are not allowed for ephemeral containers. + properties: + exec: + description: Exec specifies the action to take. + properties: + command: + description: Command is the command line to execute + inside the container, the working directory for the + command is root ('/') in the container's filesystem. + The command is simply exec'd, it is not run inside + a shell, so traditional shell instructions ('|', etc) + won't work. To use a shell, you need to explicitly + call out to that shell. Exit status of 0 is treated + as live/healthy and non-zero is unhealthy. + items: + type: string + type: array + type: object + failureThreshold: + description: Minimum consecutive failures for the probe + to be considered failed after having succeeded. Defaults + to 3. Minimum value is 1. + format: int32 + type: integer + grpc: + description: GRPC specifies an action involving a GRPC port. + This is an alpha field and requires enabling GRPCContainerProbe + feature gate. + properties: + port: + description: Port number of the gRPC service. Number + must be in the range 1 to 65535. + format: int32 + type: integer + service: + description: "Service is the name of the service to + place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + \n If this is not specified, the default behavior + is defined by gRPC." + type: string + required: + - port + type: object + httpGet: + description: HTTPGet specifies the http request to perform. + properties: + host: + description: Host name to connect to, defaults to the + pod IP. You probably want to set "Host" in httpHeaders + instead. + type: string + httpHeaders: + description: Custom headers to set in the request. HTTP + allows repeated headers. + items: + description: HTTPHeader describes a custom header + to be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: integer + - type: string + description: Name or number of the port to access on + the container. Number must be in the range 1 to 65535. + Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: Scheme to use for connecting to the host. + Defaults to HTTP. + type: string + required: + - port + type: object + initialDelaySeconds: + description: 'Number of seconds after the container has + started before liveness probes are initiated. More info: + https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + periodSeconds: + description: How often (in seconds) to perform the probe. + Default to 10 seconds. Minimum value is 1. + format: int32 + type: integer + successThreshold: + description: Minimum consecutive successes for the probe + to be considered successful after having failed. Defaults + to 1. Must be 1 for liveness and startup. Minimum value + is 1. + format: int32 + type: integer + tcpSocket: + description: TCPSocket specifies an action involving a TCP + port. + properties: + host: + description: 'Optional: Host name to connect to, defaults + to the pod IP.' + type: string + port: + anyOf: + - type: integer + - type: string + description: Number or name of the port to access on + the container. Number must be in the range 1 to 65535. + Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + terminationGracePeriodSeconds: + description: Optional duration in seconds the pod needs + to terminate gracefully upon probe failure. The grace + period is the duration in seconds after the processes + running in the pod are sent a termination signal and the + time when the processes are forcibly halted with a kill + signal. Set this value longer than the expected cleanup + time for your process. If this value is nil, the pod's + terminationGracePeriodSeconds will be used. Otherwise, + this value overrides the value provided by the pod spec. + Value must be non-negative integer. The value zero indicates + stop immediately via the kill signal (no opportunity to + shut down). This is a beta field and requires enabling + ProbeTerminationGracePeriod feature gate. Minimum value + is 1. spec.terminationGracePeriodSeconds is used if unset. + format: int64 + type: integer + timeoutSeconds: + description: 'Number of seconds after which the probe times + out. Defaults to 1 second. Minimum value is 1. More info: + https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + type: object + name: + description: Name of the ephemeral container specified as a + DNS_LABEL. This name must be unique among all containers, + init containers and ephemeral containers. + type: string + ports: + description: Ports are not allowed for ephemeral containers. + items: + description: ContainerPort represents a network port in a + single container. + properties: + containerPort: + description: Number of port to expose on the pod's IP + address. This must be a valid port number, 0 < x < 65536. + format: int32 + type: integer + hostIP: + description: What host IP to bind the external port to. + type: string + hostPort: + description: Number of port to expose on the host. If + specified, this must be a valid port number, 0 < x < + 65536. If HostNetwork is specified, this must match + ContainerPort. Most containers do not need this. + format: int32 + type: integer + name: + description: If specified, this must be an IANA_SVC_NAME + and unique within the pod. Each named port in a pod + must have a unique name. Name for the port that can + be referred to by services. + type: string + protocol: + default: TCP + description: Protocol for port. Must be UDP, TCP, or SCTP. + Defaults to "TCP". + type: string + required: + - containerPort + type: object + type: array + x-kubernetes-list-map-keys: + - containerPort + - protocol + x-kubernetes-list-type: map + readinessProbe: + description: Probes are not allowed for ephemeral containers. + properties: + exec: + description: Exec specifies the action to take. + properties: + command: + description: Command is the command line to execute + inside the container, the working directory for the + command is root ('/') in the container's filesystem. + The command is simply exec'd, it is not run inside + a shell, so traditional shell instructions ('|', etc) + won't work. To use a shell, you need to explicitly + call out to that shell. Exit status of 0 is treated + as live/healthy and non-zero is unhealthy. + items: + type: string + type: array + type: object + failureThreshold: + description: Minimum consecutive failures for the probe + to be considered failed after having succeeded. Defaults + to 3. Minimum value is 1. + format: int32 + type: integer + grpc: + description: GRPC specifies an action involving a GRPC port. + This is an alpha field and requires enabling GRPCContainerProbe + feature gate. + properties: + port: + description: Port number of the gRPC service. Number + must be in the range 1 to 65535. + format: int32 + type: integer + service: + description: "Service is the name of the service to + place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + \n If this is not specified, the default behavior + is defined by gRPC." + type: string + required: + - port + type: object + httpGet: + description: HTTPGet specifies the http request to perform. + properties: + host: + description: Host name to connect to, defaults to the + pod IP. You probably want to set "Host" in httpHeaders + instead. + type: string + httpHeaders: + description: Custom headers to set in the request. HTTP + allows repeated headers. + items: + description: HTTPHeader describes a custom header + to be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: integer + - type: string + description: Name or number of the port to access on + the container. Number must be in the range 1 to 65535. + Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: Scheme to use for connecting to the host. + Defaults to HTTP. + type: string + required: + - port + type: object + initialDelaySeconds: + description: 'Number of seconds after the container has + started before liveness probes are initiated. More info: + https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + periodSeconds: + description: How often (in seconds) to perform the probe. + Default to 10 seconds. Minimum value is 1. + format: int32 + type: integer + successThreshold: + description: Minimum consecutive successes for the probe + to be considered successful after having failed. Defaults + to 1. Must be 1 for liveness and startup. Minimum value + is 1. + format: int32 + type: integer + tcpSocket: + description: TCPSocket specifies an action involving a TCP + port. + properties: + host: + description: 'Optional: Host name to connect to, defaults + to the pod IP.' + type: string + port: + anyOf: + - type: integer + - type: string + description: Number or name of the port to access on + the container. Number must be in the range 1 to 65535. + Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + terminationGracePeriodSeconds: + description: Optional duration in seconds the pod needs + to terminate gracefully upon probe failure. The grace + period is the duration in seconds after the processes + running in the pod are sent a termination signal and the + time when the processes are forcibly halted with a kill + signal. Set this value longer than the expected cleanup + time for your process. If this value is nil, the pod's + terminationGracePeriodSeconds will be used. Otherwise, + this value overrides the value provided by the pod spec. + Value must be non-negative integer. The value zero indicates + stop immediately via the kill signal (no opportunity to + shut down). This is a beta field and requires enabling + ProbeTerminationGracePeriod feature gate. Minimum value + is 1. spec.terminationGracePeriodSeconds is used if unset. + format: int64 + type: integer + timeoutSeconds: + description: 'Number of seconds after which the probe times + out. Defaults to 1 second. Minimum value is 1. More info: + https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + type: object + resources: + description: Resources are not allowed for ephemeral containers. + Ephemeral containers use spare resources already allocated + to the pod. + properties: + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum amount of compute + resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum amount of compute + resources required. If Requests is omitted for a container, + it defaults to Limits if that is explicitly specified, + otherwise to an implementation-defined value. More info: + https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + type: object + securityContext: + description: 'Optional: SecurityContext defines the security + options the ephemeral container should be run with. If set, + the fields of SecurityContext override the equivalent fields + of PodSecurityContext.' + properties: + allowPrivilegeEscalation: + description: 'AllowPrivilegeEscalation controls whether + a process can gain more privileges than its parent process. + This bool directly controls if the no_new_privs flag will + be set on the container process. AllowPrivilegeEscalation + is true always when the container is: 1) run as Privileged + 2) has CAP_SYS_ADMIN Note that this field cannot be set + when spec.os.name is windows.' + type: boolean + capabilities: + description: The capabilities to add/drop when running containers. + Defaults to the default set of capabilities granted by + the container runtime. Note that this field cannot be + set when spec.os.name is windows. + properties: + add: + description: Added capabilities + items: + description: Capability represent POSIX capabilities + type + type: string + type: array + drop: + description: Removed capabilities + items: + description: Capability represent POSIX capabilities + type + type: string + type: array + type: object + privileged: + description: Run container in privileged mode. Processes + in privileged containers are essentially equivalent to + root on the host. Defaults to false. Note that this field + cannot be set when spec.os.name is windows. + type: boolean + procMount: + description: procMount denotes the type of proc mount to + use for the containers. The default is DefaultProcMount + which uses the container runtime defaults for readonly + paths and masked paths. This requires the ProcMountType + feature flag to be enabled. Note that this field cannot + be set when spec.os.name is windows. + type: string + readOnlyRootFilesystem: + description: Whether this container has a read-only root + filesystem. Default is false. Note that this field cannot + be set when spec.os.name is windows. + type: boolean + runAsGroup: + description: The GID to run the entrypoint of the container + process. Uses runtime default if unset. May also be set + in PodSecurityContext. If set in both SecurityContext + and PodSecurityContext, the value specified in SecurityContext + takes precedence. Note that this field cannot be set when + spec.os.name is windows. + format: int64 + type: integer + runAsNonRoot: + description: Indicates that the container must run as a + non-root user. If true, the Kubelet will validate the + image at runtime to ensure that it does not run as UID + 0 (root) and fail to start the container if it does. If + unset or false, no such validation will be performed. + May also be set in PodSecurityContext. If set in both + SecurityContext and PodSecurityContext, the value specified + in SecurityContext takes precedence. + type: boolean + runAsUser: + description: The UID to run the entrypoint of the container + process. Defaults to user specified in image metadata + if unspecified. May also be set in PodSecurityContext. If + set in both SecurityContext and PodSecurityContext, the + value specified in SecurityContext takes precedence. Note + that this field cannot be set when spec.os.name is windows. + format: int64 + type: integer + seLinuxOptions: + description: The SELinux context to be applied to the container. + If unspecified, the container runtime will allocate a + random SELinux context for each container. May also be + set in PodSecurityContext. If set in both SecurityContext + and PodSecurityContext, the value specified in SecurityContext + takes precedence. Note that this field cannot be set when + spec.os.name is windows. + properties: + level: + description: Level is SELinux level label that applies + to the container. + type: string + role: + description: Role is a SELinux role label that applies + to the container. + type: string + type: + description: Type is a SELinux type label that applies + to the container. + type: string + user: + description: User is a SELinux user label that applies + to the container. + type: string + type: object + seccompProfile: + description: The seccomp options to use by this container. + If seccomp options are provided at both the pod & container + level, the container options override the pod options. + Note that this field cannot be set when spec.os.name is + windows. + properties: + localhostProfile: + description: localhostProfile indicates a profile defined + in a file on the node should be used. The profile + must be preconfigured on the node to work. Must be + a descending path, relative to the kubelet's configured + seccomp profile location. Must only be set if type + is "Localhost". + type: string + type: + description: "type indicates which kind of seccomp profile + will be applied. Valid options are: \n Localhost - + a profile defined in a file on the node should be + used. RuntimeDefault - the container runtime default + profile should be used. Unconfined - no profile should + be applied." + type: string + required: + - type + type: object + windowsOptions: + description: The Windows specific settings applied to all + containers. If unspecified, the options from the PodSecurityContext + will be used. If set in both SecurityContext and PodSecurityContext, + the value specified in SecurityContext takes precedence. + Note that this field cannot be set when spec.os.name is + linux. + properties: + gmsaCredentialSpec: + description: GMSACredentialSpec is where the GMSA admission + webhook (https://github.com/kubernetes-sigs/windows-gmsa) + inlines the contents of the GMSA credential spec named + by the GMSACredentialSpecName field. + type: string + gmsaCredentialSpecName: + description: GMSACredentialSpecName is the name of the + GMSA credential spec to use. + type: string + hostProcess: + description: HostProcess determines if a container should + be run as a 'Host Process' container. This field is + alpha-level and will only be honored by components + that enable the WindowsHostProcessContainers feature + flag. Setting this field without the feature flag + will result in errors when validating the Pod. All + of a Pod's containers must have the same effective + HostProcess value (it is not allowed to have a mix + of HostProcess containers and non-HostProcess containers). In + addition, if HostProcess is true then HostNetwork + must also be set to true. + type: boolean + runAsUserName: + description: The UserName in Windows to run the entrypoint + of the container process. Defaults to the user specified + in image metadata if unspecified. May also be set + in PodSecurityContext. If set in both SecurityContext + and PodSecurityContext, the value specified in SecurityContext + takes precedence. + type: string + type: object + type: object + startupProbe: + description: Probes are not allowed for ephemeral containers. + properties: + exec: + description: Exec specifies the action to take. + properties: + command: + description: Command is the command line to execute + inside the container, the working directory for the + command is root ('/') in the container's filesystem. + The command is simply exec'd, it is not run inside + a shell, so traditional shell instructions ('|', etc) + won't work. To use a shell, you need to explicitly + call out to that shell. Exit status of 0 is treated + as live/healthy and non-zero is unhealthy. + items: + type: string + type: array + type: object + failureThreshold: + description: Minimum consecutive failures for the probe + to be considered failed after having succeeded. Defaults + to 3. Minimum value is 1. + format: int32 + type: integer + grpc: + description: GRPC specifies an action involving a GRPC port. + This is an alpha field and requires enabling GRPCContainerProbe + feature gate. + properties: + port: + description: Port number of the gRPC service. Number + must be in the range 1 to 65535. + format: int32 + type: integer + service: + description: "Service is the name of the service to + place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + \n If this is not specified, the default behavior + is defined by gRPC." + type: string + required: + - port + type: object + httpGet: + description: HTTPGet specifies the http request to perform. + properties: + host: + description: Host name to connect to, defaults to the + pod IP. You probably want to set "Host" in httpHeaders + instead. + type: string + httpHeaders: + description: Custom headers to set in the request. HTTP + allows repeated headers. + items: + description: HTTPHeader describes a custom header + to be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: integer + - type: string + description: Name or number of the port to access on + the container. Number must be in the range 1 to 65535. + Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: Scheme to use for connecting to the host. + Defaults to HTTP. + type: string + required: + - port + type: object + initialDelaySeconds: + description: 'Number of seconds after the container has + started before liveness probes are initiated. More info: + https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + periodSeconds: + description: How often (in seconds) to perform the probe. + Default to 10 seconds. Minimum value is 1. + format: int32 + type: integer + successThreshold: + description: Minimum consecutive successes for the probe + to be considered successful after having failed. Defaults + to 1. Must be 1 for liveness and startup. Minimum value + is 1. + format: int32 + type: integer + tcpSocket: + description: TCPSocket specifies an action involving a TCP + port. + properties: + host: + description: 'Optional: Host name to connect to, defaults + to the pod IP.' + type: string + port: + anyOf: + - type: integer + - type: string + description: Number or name of the port to access on + the container. Number must be in the range 1 to 65535. + Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + terminationGracePeriodSeconds: + description: Optional duration in seconds the pod needs + to terminate gracefully upon probe failure. The grace + period is the duration in seconds after the processes + running in the pod are sent a termination signal and the + time when the processes are forcibly halted with a kill + signal. Set this value longer than the expected cleanup + time for your process. If this value is nil, the pod's + terminationGracePeriodSeconds will be used. Otherwise, + this value overrides the value provided by the pod spec. + Value must be non-negative integer. The value zero indicates + stop immediately via the kill signal (no opportunity to + shut down). This is a beta field and requires enabling + ProbeTerminationGracePeriod feature gate. Minimum value + is 1. spec.terminationGracePeriodSeconds is used if unset. + format: int64 + type: integer + timeoutSeconds: + description: 'Number of seconds after which the probe times + out. Defaults to 1 second. Minimum value is 1. More info: + https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + type: object + stdin: + description: Whether this container should allocate a buffer + for stdin in the container runtime. If this is not set, reads + from stdin in the container will always result in EOF. Default + is false. + type: boolean + stdinOnce: + description: Whether the container runtime should close the + stdin channel after it has been opened by a single attach. + When stdin is true the stdin stream will remain open across + multiple attach sessions. If stdinOnce is set to true, stdin + is opened on container start, is empty until the first client + attaches to stdin, and then remains open and accepts data + until the client disconnects, at which time stdin is closed + and remains closed until the container is restarted. If this + flag is false, a container processes that reads from stdin + will never receive an EOF. Default is false + type: boolean + targetContainerName: + description: "If set, the name of the container from PodSpec + that this ephemeral container targets. The ephemeral container + will be run in the namespaces (IPC, PID, etc) of this container. + If not set then the ephemeral container uses the namespaces + configured in the Pod spec. \n The container runtime must + implement support for this feature. If the runtime does not + support namespace targeting then the result of setting this + field is undefined." + type: string + terminationMessagePath: + description: 'Optional: Path at which the file to which the + container''s termination message will be written is mounted + into the container''s filesystem. Message written is intended + to be brief final status, such as an assertion failure message. + Will be truncated by the node if greater than 4096 bytes. + The total message length across all containers will be limited + to 12kb. Defaults to /dev/termination-log. Cannot be updated.' + type: string + terminationMessagePolicy: + description: Indicate how the termination message should be + populated. File will use the contents of terminationMessagePath + to populate the container status message on both success and + failure. FallbackToLogsOnError will use the last chunk of + container log output if the termination message file is empty + and the container exited with an error. The log output is + limited to 2048 bytes or 80 lines, whichever is smaller. Defaults + to File. Cannot be updated. + type: string + tty: + description: Whether this container should allocate a TTY for + itself, also requires 'stdin' to be true. Default is false. + type: boolean + volumeDevices: + description: volumeDevices is the list of block devices to be + used by the container. + items: + description: volumeDevice describes a mapping of a raw block + device within a container. + properties: + devicePath: + description: devicePath is the path inside of the container + that the device will be mapped to. + type: string + name: + description: name must match the name of a persistentVolumeClaim + in the pod + type: string + required: + - devicePath + - name + type: object + type: array + volumeMounts: + description: Pod volumes to mount into the container's filesystem. + Subpath mounts are not allowed for ephemeral containers. Cannot + be updated. + items: + description: VolumeMount describes a mounting of a Volume + within a container. + properties: + mountPath: + description: Path within the container at which the volume + should be mounted. Must not contain ':'. + type: string + mountPropagation: + description: mountPropagation determines how mounts are + propagated from the host to container and the other + way around. When not set, MountPropagationNone is used. + This field is beta in 1.10. + type: string + name: + description: This must match the Name of a Volume. + type: string + readOnly: + description: Mounted read-only if true, read-write otherwise + (false or unspecified). Defaults to false. + type: boolean + subPath: + description: Path within the volume from which the container's + volume should be mounted. Defaults to "" (volume's root). + type: string + subPathExpr: + description: Expanded path within the volume from which + the container's volume should be mounted. Behaves similarly + to SubPath but environment variable references $(VAR_NAME) + are expanded using the container's environment. Defaults + to "" (volume's root). SubPathExpr and SubPath are mutually + exclusive. + type: string + required: + - mountPath + - name + type: object + type: array + workingDir: + description: Container's working directory. If not specified, + the container runtime's default will be used, which might + be configured in the container image. Cannot be updated. + type: string + required: + - name + type: object + type: array + group: + type: string + hostAliases: + items: + description: HostAlias holds the mapping between IP and hostnames + that will be injected as an entry in the pod's hosts file. + properties: + hostnames: + description: Hostnames for the above IP address. + items: + type: string + type: array + ip: + description: IP address of the host file entry. + type: string + type: object + type: array + image: + type: string + imagePullPolicy: + description: PullPolicy describes a policy for if/when to pull a container + image + type: string + imagePullSecrets: + items: + description: LocalObjectReference contains enough information to + let you locate the referenced object inside the same namespace. + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + type: object + type: array + initContainers: + items: + description: A single application container that you want to run + within a pod. + properties: + args: + description: 'Arguments to the entrypoint. The docker image''s + CMD is used if this is not provided. Variable references $(VAR_NAME) + are expanded using the container''s environment. If a variable + cannot be resolved, the reference in the input string will + be unchanged. Double $$ are reduced to a single $, which allows + for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will + produce the string literal "$(VAR_NAME)". Escaped references + will never be expanded, regardless of whether the variable + exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' + items: + type: string + type: array + command: + description: 'Entrypoint array. Not executed within a shell. + The docker image''s ENTRYPOINT is used if this is not provided. + Variable references $(VAR_NAME) are expanded using the container''s + environment. If a variable cannot be resolved, the reference + in the input string will be unchanged. Double $$ are reduced + to a single $, which allows for escaping the $(VAR_NAME) syntax: + i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". + Escaped references will never be expanded, regardless of whether + the variable exists or not. Cannot be updated. More info: + https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' + items: + type: string + type: array + env: + description: List of environment variables to set in the container. + Cannot be updated. + items: + description: EnvVar represents an environment variable present + in a Container. + properties: + name: + description: Name of the environment variable. Must be + a C_IDENTIFIER. + type: string + value: + description: 'Variable references $(VAR_NAME) are expanded + using the previously defined environment variables in + the container and any service environment variables. + If a variable cannot be resolved, the reference in the + input string will be unchanged. Double $$ are reduced + to a single $, which allows for escaping the $(VAR_NAME) + syntax: i.e. "$$(VAR_NAME)" will produce the string + literal "$(VAR_NAME)". Escaped references will never + be expanded, regardless of whether the variable exists + or not. Defaults to "".' + type: string + valueFrom: + description: Source for the environment variable's value. + Cannot be used if value is not empty. + properties: + configMapKeyRef: + description: Selects a key of a ConfigMap. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether the ConfigMap or + its key must be defined + type: boolean + required: + - key + type: object + fieldRef: + description: 'Selects a field of the pod: supports + metadata.name, metadata.namespace, `metadata.labels['''']`, + `metadata.annotations['''']`, spec.nodeName, + spec.serviceAccountName, status.hostIP, status.podIP, + status.podIPs.' + properties: + apiVersion: + description: Version of the schema the FieldPath + is written in terms of, defaults to "v1". + type: string + fieldPath: + description: Path of the field to select in the + specified API version. + type: string + required: + - fieldPath + type: object + resourceFieldRef: + description: 'Selects a resource of the container: + only resources limits and requests (limits.cpu, + limits.memory, limits.ephemeral-storage, requests.cpu, + requests.memory and requests.ephemeral-storage) + are currently supported.' + properties: + containerName: + description: 'Container name: required for volumes, + optional for env vars' + type: string + divisor: + anyOf: + - type: integer + - type: string + description: Specifies the output format of the + exposed resources, defaults to "1" + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + description: 'Required: resource to select' + type: string + required: + - resource + type: object + secretKeyRef: + description: Selects a key of a secret in the pod's + namespace + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether the Secret or its + key must be defined + type: boolean + required: + - key + type: object + type: object + required: + - name + type: object + type: array + envFrom: + description: List of sources to populate environment variables + in the container. The keys defined within a source must be + a C_IDENTIFIER. All invalid keys will be reported as an event + when the container is starting. When a key exists in multiple + sources, the value associated with the last source will take + precedence. Values defined by an Env with a duplicate key + will take precedence. Cannot be updated. + items: + description: EnvFromSource represents the source of a set + of ConfigMaps + properties: + configMapRef: + description: The ConfigMap to select from + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether the ConfigMap must be + defined + type: boolean + type: object + prefix: + description: An optional identifier to prepend to each + key in the ConfigMap. Must be a C_IDENTIFIER. + type: string + secretRef: + description: The Secret to select from + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether the Secret must be defined + type: boolean + type: object + type: object + type: array + image: + description: 'Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images + This field is optional to allow higher level config management + to default or override container images in workload controllers + like Deployments and StatefulSets.' + type: string + imagePullPolicy: + description: 'Image pull policy. One of Always, Never, IfNotPresent. + Defaults to Always if :latest tag is specified, or IfNotPresent + otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' + type: string + lifecycle: + description: Actions that the management system should take + in response to container lifecycle events. Cannot be updated. + properties: + postStart: + description: 'PostStart is called immediately after a container + is created. If the handler fails, the container is terminated + and restarted according to its restart policy. Other management + of the container blocks until the hook completes. More + info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' + properties: + exec: + description: Exec specifies the action to take. + properties: + command: + description: Command is the command line to execute + inside the container, the working directory for + the command is root ('/') in the container's + filesystem. The command is simply exec'd, it is + not run inside a shell, so traditional shell instructions + ('|', etc) won't work. To use a shell, you need + to explicitly call out to that shell. Exit status + of 0 is treated as live/healthy and non-zero is + unhealthy. + items: + type: string + type: array + type: object + httpGet: + description: HTTPGet specifies the http request to perform. + properties: + host: + description: Host name to connect to, defaults to + the pod IP. You probably want to set "Host" in + httpHeaders instead. + type: string + httpHeaders: + description: Custom headers to set in the request. + HTTP allows repeated headers. + items: + description: HTTPHeader describes a custom header + to be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: integer + - type: string + description: Name or number of the port to access + on the container. Number must be in the range + 1 to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: Scheme to use for connecting to the + host. Defaults to HTTP. + type: string + required: + - port + type: object + tcpSocket: + description: Deprecated. TCPSocket is NOT supported + as a LifecycleHandler and kept for the backward compatibility. + There are no validation of this field and lifecycle + hooks will fail in runtime when tcp handler is specified. + properties: + host: + description: 'Optional: Host name to connect to, + defaults to the pod IP.' + type: string + port: + anyOf: + - type: integer + - type: string + description: Number or name of the port to access + on the container. Number must be in the range + 1 to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + type: object + preStop: + description: 'PreStop is called immediately before a container + is terminated due to an API request or management event + such as liveness/startup probe failure, preemption, resource + contention, etc. The handler is not called if the container + crashes or exits. The Pod''s termination grace period + countdown begins before the PreStop hook is executed. + Regardless of the outcome of the handler, the container + will eventually terminate within the Pod''s termination + grace period (unless delayed by finalizers). Other management + of the container blocks until the hook completes or until + the termination grace period is reached. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' + properties: + exec: + description: Exec specifies the action to take. + properties: + command: + description: Command is the command line to execute + inside the container, the working directory for + the command is root ('/') in the container's + filesystem. The command is simply exec'd, it is + not run inside a shell, so traditional shell instructions + ('|', etc) won't work. To use a shell, you need + to explicitly call out to that shell. Exit status + of 0 is treated as live/healthy and non-zero is + unhealthy. + items: + type: string + type: array + type: object + httpGet: + description: HTTPGet specifies the http request to perform. + properties: + host: + description: Host name to connect to, defaults to + the pod IP. You probably want to set "Host" in + httpHeaders instead. + type: string + httpHeaders: + description: Custom headers to set in the request. + HTTP allows repeated headers. + items: + description: HTTPHeader describes a custom header + to be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: integer + - type: string + description: Name or number of the port to access + on the container. Number must be in the range + 1 to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: Scheme to use for connecting to the + host. Defaults to HTTP. + type: string + required: + - port + type: object + tcpSocket: + description: Deprecated. TCPSocket is NOT supported + as a LifecycleHandler and kept for the backward compatibility. + There are no validation of this field and lifecycle + hooks will fail in runtime when tcp handler is specified. + properties: + host: + description: 'Optional: Host name to connect to, + defaults to the pod IP.' + type: string + port: + anyOf: + - type: integer + - type: string + description: Number or name of the port to access + on the container. Number must be in the range + 1 to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + type: object + type: object + livenessProbe: + description: 'Periodic probe of container liveness. Container + will be restarted if the probe fails. Cannot be updated. More + info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + properties: + exec: + description: Exec specifies the action to take. + properties: + command: + description: Command is the command line to execute + inside the container, the working directory for the + command is root ('/') in the container's filesystem. + The command is simply exec'd, it is not run inside + a shell, so traditional shell instructions ('|', etc) + won't work. To use a shell, you need to explicitly + call out to that shell. Exit status of 0 is treated + as live/healthy and non-zero is unhealthy. + items: + type: string + type: array + type: object + failureThreshold: + description: Minimum consecutive failures for the probe + to be considered failed after having succeeded. Defaults + to 3. Minimum value is 1. + format: int32 + type: integer + grpc: + description: GRPC specifies an action involving a GRPC port. + This is an alpha field and requires enabling GRPCContainerProbe + feature gate. + properties: + port: + description: Port number of the gRPC service. Number + must be in the range 1 to 65535. + format: int32 + type: integer + service: + description: "Service is the name of the service to + place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + \n If this is not specified, the default behavior + is defined by gRPC." + type: string + required: + - port + type: object + httpGet: + description: HTTPGet specifies the http request to perform. + properties: + host: + description: Host name to connect to, defaults to the + pod IP. You probably want to set "Host" in httpHeaders + instead. + type: string + httpHeaders: + description: Custom headers to set in the request. HTTP + allows repeated headers. + items: + description: HTTPHeader describes a custom header + to be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: integer + - type: string + description: Name or number of the port to access on + the container. Number must be in the range 1 to 65535. + Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: Scheme to use for connecting to the host. + Defaults to HTTP. + type: string + required: + - port + type: object + initialDelaySeconds: + description: 'Number of seconds after the container has + started before liveness probes are initiated. More info: + https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + periodSeconds: + description: How often (in seconds) to perform the probe. + Default to 10 seconds. Minimum value is 1. + format: int32 + type: integer + successThreshold: + description: Minimum consecutive successes for the probe + to be considered successful after having failed. Defaults + to 1. Must be 1 for liveness and startup. Minimum value + is 1. + format: int32 + type: integer + tcpSocket: + description: TCPSocket specifies an action involving a TCP + port. + properties: + host: + description: 'Optional: Host name to connect to, defaults + to the pod IP.' + type: string + port: + anyOf: + - type: integer + - type: string + description: Number or name of the port to access on + the container. Number must be in the range 1 to 65535. + Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + terminationGracePeriodSeconds: + description: Optional duration in seconds the pod needs + to terminate gracefully upon probe failure. The grace + period is the duration in seconds after the processes + running in the pod are sent a termination signal and the + time when the processes are forcibly halted with a kill + signal. Set this value longer than the expected cleanup + time for your process. If this value is nil, the pod's + terminationGracePeriodSeconds will be used. Otherwise, + this value overrides the value provided by the pod spec. + Value must be non-negative integer. The value zero indicates + stop immediately via the kill signal (no opportunity to + shut down). This is a beta field and requires enabling + ProbeTerminationGracePeriod feature gate. Minimum value + is 1. spec.terminationGracePeriodSeconds is used if unset. + format: int64 + type: integer + timeoutSeconds: + description: 'Number of seconds after which the probe times + out. Defaults to 1 second. Minimum value is 1. More info: + https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + type: object + name: + description: Name of the container specified as a DNS_LABEL. + Each container in a pod must have a unique name (DNS_LABEL). + Cannot be updated. + type: string + ports: + description: List of ports to expose from the container. Exposing + a port here gives the system additional information about + the network connections a container uses, but is primarily + informational. Not specifying a port here DOES NOT prevent + that port from being exposed. Any port which is listening + on the default "0.0.0.0" address inside a container will be + accessible from the network. Cannot be updated. + items: + description: ContainerPort represents a network port in a + single container. + properties: + containerPort: + description: Number of port to expose on the pod's IP + address. This must be a valid port number, 0 < x < 65536. + format: int32 + type: integer + hostIP: + description: What host IP to bind the external port to. + type: string + hostPort: + description: Number of port to expose on the host. If + specified, this must be a valid port number, 0 < x < + 65536. If HostNetwork is specified, this must match + ContainerPort. Most containers do not need this. + format: int32 + type: integer + name: + description: If specified, this must be an IANA_SVC_NAME + and unique within the pod. Each named port in a pod + must have a unique name. Name for the port that can + be referred to by services. + type: string + protocol: + default: TCP + description: Protocol for port. Must be UDP, TCP, or SCTP. + Defaults to "TCP". + type: string + required: + - containerPort + type: object + type: array + x-kubernetes-list-map-keys: + - containerPort + - protocol + x-kubernetes-list-type: map + readinessProbe: + description: 'Periodic probe of container service readiness. + Container will be removed from service endpoints if the probe + fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + properties: + exec: + description: Exec specifies the action to take. + properties: + command: + description: Command is the command line to execute + inside the container, the working directory for the + command is root ('/') in the container's filesystem. + The command is simply exec'd, it is not run inside + a shell, so traditional shell instructions ('|', etc) + won't work. To use a shell, you need to explicitly + call out to that shell. Exit status of 0 is treated + as live/healthy and non-zero is unhealthy. + items: + type: string + type: array + type: object + failureThreshold: + description: Minimum consecutive failures for the probe + to be considered failed after having succeeded. Defaults + to 3. Minimum value is 1. + format: int32 + type: integer + grpc: + description: GRPC specifies an action involving a GRPC port. + This is an alpha field and requires enabling GRPCContainerProbe + feature gate. + properties: + port: + description: Port number of the gRPC service. Number + must be in the range 1 to 65535. + format: int32 + type: integer + service: + description: "Service is the name of the service to + place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + \n If this is not specified, the default behavior + is defined by gRPC." + type: string + required: + - port + type: object + httpGet: + description: HTTPGet specifies the http request to perform. + properties: + host: + description: Host name to connect to, defaults to the + pod IP. You probably want to set "Host" in httpHeaders + instead. + type: string + httpHeaders: + description: Custom headers to set in the request. HTTP + allows repeated headers. + items: + description: HTTPHeader describes a custom header + to be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: integer + - type: string + description: Name or number of the port to access on + the container. Number must be in the range 1 to 65535. + Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: Scheme to use for connecting to the host. + Defaults to HTTP. + type: string + required: + - port + type: object + initialDelaySeconds: + description: 'Number of seconds after the container has + started before liveness probes are initiated. More info: + https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + periodSeconds: + description: How often (in seconds) to perform the probe. + Default to 10 seconds. Minimum value is 1. + format: int32 + type: integer + successThreshold: + description: Minimum consecutive successes for the probe + to be considered successful after having failed. Defaults + to 1. Must be 1 for liveness and startup. Minimum value + is 1. + format: int32 + type: integer + tcpSocket: + description: TCPSocket specifies an action involving a TCP + port. + properties: + host: + description: 'Optional: Host name to connect to, defaults + to the pod IP.' + type: string + port: + anyOf: + - type: integer + - type: string + description: Number or name of the port to access on + the container. Number must be in the range 1 to 65535. + Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + terminationGracePeriodSeconds: + description: Optional duration in seconds the pod needs + to terminate gracefully upon probe failure. The grace + period is the duration in seconds after the processes + running in the pod are sent a termination signal and the + time when the processes are forcibly halted with a kill + signal. Set this value longer than the expected cleanup + time for your process. If this value is nil, the pod's + terminationGracePeriodSeconds will be used. Otherwise, + this value overrides the value provided by the pod spec. + Value must be non-negative integer. The value zero indicates + stop immediately via the kill signal (no opportunity to + shut down). This is a beta field and requires enabling + ProbeTerminationGracePeriod feature gate. Minimum value + is 1. spec.terminationGracePeriodSeconds is used if unset. + format: int64 + type: integer + timeoutSeconds: + description: 'Number of seconds after which the probe times + out. Defaults to 1 second. Minimum value is 1. More info: + https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + type: object + resources: + description: 'Compute Resources required by this container. + Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + properties: + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum amount of compute + resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum amount of compute + resources required. If Requests is omitted for a container, + it defaults to Limits if that is explicitly specified, + otherwise to an implementation-defined value. More info: + https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + type: object + securityContext: + description: 'SecurityContext defines the security options the + container should be run with. If set, the fields of SecurityContext + override the equivalent fields of PodSecurityContext. More + info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/' + properties: + allowPrivilegeEscalation: + description: 'AllowPrivilegeEscalation controls whether + a process can gain more privileges than its parent process. + This bool directly controls if the no_new_privs flag will + be set on the container process. AllowPrivilegeEscalation + is true always when the container is: 1) run as Privileged + 2) has CAP_SYS_ADMIN Note that this field cannot be set + when spec.os.name is windows.' + type: boolean + capabilities: + description: The capabilities to add/drop when running containers. + Defaults to the default set of capabilities granted by + the container runtime. Note that this field cannot be + set when spec.os.name is windows. + properties: + add: + description: Added capabilities + items: + description: Capability represent POSIX capabilities + type + type: string + type: array + drop: + description: Removed capabilities + items: + description: Capability represent POSIX capabilities + type + type: string + type: array + type: object + privileged: + description: Run container in privileged mode. Processes + in privileged containers are essentially equivalent to + root on the host. Defaults to false. Note that this field + cannot be set when spec.os.name is windows. + type: boolean + procMount: + description: procMount denotes the type of proc mount to + use for the containers. The default is DefaultProcMount + which uses the container runtime defaults for readonly + paths and masked paths. This requires the ProcMountType + feature flag to be enabled. Note that this field cannot + be set when spec.os.name is windows. + type: string + readOnlyRootFilesystem: + description: Whether this container has a read-only root + filesystem. Default is false. Note that this field cannot + be set when spec.os.name is windows. + type: boolean + runAsGroup: + description: The GID to run the entrypoint of the container + process. Uses runtime default if unset. May also be set + in PodSecurityContext. If set in both SecurityContext + and PodSecurityContext, the value specified in SecurityContext + takes precedence. Note that this field cannot be set when + spec.os.name is windows. + format: int64 + type: integer + runAsNonRoot: + description: Indicates that the container must run as a + non-root user. If true, the Kubelet will validate the + image at runtime to ensure that it does not run as UID + 0 (root) and fail to start the container if it does. If + unset or false, no such validation will be performed. + May also be set in PodSecurityContext. If set in both + SecurityContext and PodSecurityContext, the value specified + in SecurityContext takes precedence. + type: boolean + runAsUser: + description: The UID to run the entrypoint of the container + process. Defaults to user specified in image metadata + if unspecified. May also be set in PodSecurityContext. If + set in both SecurityContext and PodSecurityContext, the + value specified in SecurityContext takes precedence. Note + that this field cannot be set when spec.os.name is windows. + format: int64 + type: integer + seLinuxOptions: + description: The SELinux context to be applied to the container. + If unspecified, the container runtime will allocate a + random SELinux context for each container. May also be + set in PodSecurityContext. If set in both SecurityContext + and PodSecurityContext, the value specified in SecurityContext + takes precedence. Note that this field cannot be set when + spec.os.name is windows. + properties: + level: + description: Level is SELinux level label that applies + to the container. + type: string + role: + description: Role is a SELinux role label that applies + to the container. + type: string + type: + description: Type is a SELinux type label that applies + to the container. + type: string + user: + description: User is a SELinux user label that applies + to the container. + type: string + type: object + seccompProfile: + description: The seccomp options to use by this container. + If seccomp options are provided at both the pod & container + level, the container options override the pod options. + Note that this field cannot be set when spec.os.name is + windows. + properties: + localhostProfile: + description: localhostProfile indicates a profile defined + in a file on the node should be used. The profile + must be preconfigured on the node to work. Must be + a descending path, relative to the kubelet's configured + seccomp profile location. Must only be set if type + is "Localhost". + type: string + type: + description: "type indicates which kind of seccomp profile + will be applied. Valid options are: \n Localhost - + a profile defined in a file on the node should be + used. RuntimeDefault - the container runtime default + profile should be used. Unconfined - no profile should + be applied." + type: string + required: + - type + type: object + windowsOptions: + description: The Windows specific settings applied to all + containers. If unspecified, the options from the PodSecurityContext + will be used. If set in both SecurityContext and PodSecurityContext, + the value specified in SecurityContext takes precedence. + Note that this field cannot be set when spec.os.name is + linux. + properties: + gmsaCredentialSpec: + description: GMSACredentialSpec is where the GMSA admission + webhook (https://github.com/kubernetes-sigs/windows-gmsa) + inlines the contents of the GMSA credential spec named + by the GMSACredentialSpecName field. + type: string + gmsaCredentialSpecName: + description: GMSACredentialSpecName is the name of the + GMSA credential spec to use. + type: string + hostProcess: + description: HostProcess determines if a container should + be run as a 'Host Process' container. This field is + alpha-level and will only be honored by components + that enable the WindowsHostProcessContainers feature + flag. Setting this field without the feature flag + will result in errors when validating the Pod. All + of a Pod's containers must have the same effective + HostProcess value (it is not allowed to have a mix + of HostProcess containers and non-HostProcess containers). In + addition, if HostProcess is true then HostNetwork + must also be set to true. + type: boolean + runAsUserName: + description: The UserName in Windows to run the entrypoint + of the container process. Defaults to the user specified + in image metadata if unspecified. May also be set + in PodSecurityContext. If set in both SecurityContext + and PodSecurityContext, the value specified in SecurityContext + takes precedence. + type: string + type: object + type: object + startupProbe: + description: 'StartupProbe indicates that the Pod has successfully + initialized. If specified, no other probes are executed until + this completes successfully. If this probe fails, the Pod + will be restarted, just as if the livenessProbe failed. This + can be used to provide different probe parameters at the beginning + of a Pod''s lifecycle, when it might take a long time to load + data or warm a cache, than during steady-state operation. + This cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + properties: + exec: + description: Exec specifies the action to take. + properties: + command: + description: Command is the command line to execute + inside the container, the working directory for the + command is root ('/') in the container's filesystem. + The command is simply exec'd, it is not run inside + a shell, so traditional shell instructions ('|', etc) + won't work. To use a shell, you need to explicitly + call out to that shell. Exit status of 0 is treated + as live/healthy and non-zero is unhealthy. + items: + type: string + type: array + type: object + failureThreshold: + description: Minimum consecutive failures for the probe + to be considered failed after having succeeded. Defaults + to 3. Minimum value is 1. + format: int32 + type: integer + grpc: + description: GRPC specifies an action involving a GRPC port. + This is an alpha field and requires enabling GRPCContainerProbe + feature gate. + properties: + port: + description: Port number of the gRPC service. Number + must be in the range 1 to 65535. + format: int32 + type: integer + service: + description: "Service is the name of the service to + place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + \n If this is not specified, the default behavior + is defined by gRPC." + type: string + required: + - port + type: object + httpGet: + description: HTTPGet specifies the http request to perform. + properties: + host: + description: Host name to connect to, defaults to the + pod IP. You probably want to set "Host" in httpHeaders + instead. + type: string + httpHeaders: + description: Custom headers to set in the request. HTTP + allows repeated headers. + items: + description: HTTPHeader describes a custom header + to be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: integer + - type: string + description: Name or number of the port to access on + the container. Number must be in the range 1 to 65535. + Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: Scheme to use for connecting to the host. + Defaults to HTTP. + type: string + required: + - port + type: object + initialDelaySeconds: + description: 'Number of seconds after the container has + started before liveness probes are initiated. More info: + https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + periodSeconds: + description: How often (in seconds) to perform the probe. + Default to 10 seconds. Minimum value is 1. + format: int32 + type: integer + successThreshold: + description: Minimum consecutive successes for the probe + to be considered successful after having failed. Defaults + to 1. Must be 1 for liveness and startup. Minimum value + is 1. + format: int32 + type: integer + tcpSocket: + description: TCPSocket specifies an action involving a TCP + port. + properties: + host: + description: 'Optional: Host name to connect to, defaults + to the pod IP.' + type: string + port: + anyOf: + - type: integer + - type: string + description: Number or name of the port to access on + the container. Number must be in the range 1 to 65535. + Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + terminationGracePeriodSeconds: + description: Optional duration in seconds the pod needs + to terminate gracefully upon probe failure. The grace + period is the duration in seconds after the processes + running in the pod are sent a termination signal and the + time when the processes are forcibly halted with a kill + signal. Set this value longer than the expected cleanup + time for your process. If this value is nil, the pod's + terminationGracePeriodSeconds will be used. Otherwise, + this value overrides the value provided by the pod spec. + Value must be non-negative integer. The value zero indicates + stop immediately via the kill signal (no opportunity to + shut down). This is a beta field and requires enabling + ProbeTerminationGracePeriod feature gate. Minimum value + is 1. spec.terminationGracePeriodSeconds is used if unset. + format: int64 + type: integer + timeoutSeconds: + description: 'Number of seconds after which the probe times + out. Defaults to 1 second. Minimum value is 1. More info: + https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + type: object + stdin: + description: Whether this container should allocate a buffer + for stdin in the container runtime. If this is not set, reads + from stdin in the container will always result in EOF. Default + is false. + type: boolean + stdinOnce: + description: Whether the container runtime should close the + stdin channel after it has been opened by a single attach. + When stdin is true the stdin stream will remain open across + multiple attach sessions. If stdinOnce is set to true, stdin + is opened on container start, is empty until the first client + attaches to stdin, and then remains open and accepts data + until the client disconnects, at which time stdin is closed + and remains closed until the container is restarted. If this + flag is false, a container processes that reads from stdin + will never receive an EOF. Default is false + type: boolean + terminationMessagePath: + description: 'Optional: Path at which the file to which the + container''s termination message will be written is mounted + into the container''s filesystem. Message written is intended + to be brief final status, such as an assertion failure message. + Will be truncated by the node if greater than 4096 bytes. + The total message length across all containers will be limited + to 12kb. Defaults to /dev/termination-log. Cannot be updated.' + type: string + terminationMessagePolicy: + description: Indicate how the termination message should be + populated. File will use the contents of terminationMessagePath + to populate the container status message on both success and + failure. FallbackToLogsOnError will use the last chunk of + container log output if the termination message file is empty + and the container exited with an error. The log output is + limited to 2048 bytes or 80 lines, whichever is smaller. Defaults + to File. Cannot be updated. + type: string + tty: + description: Whether this container should allocate a TTY for + itself, also requires 'stdin' to be true. Default is false. + type: boolean + volumeDevices: + description: volumeDevices is the list of block devices to be + used by the container. + items: + description: volumeDevice describes a mapping of a raw block + device within a container. + properties: + devicePath: + description: devicePath is the path inside of the container + that the device will be mapped to. + type: string + name: + description: name must match the name of a persistentVolumeClaim + in the pod + type: string + required: + - devicePath + - name + type: object + type: array + volumeMounts: + description: Pod volumes to mount into the container's filesystem. + Cannot be updated. + items: + description: VolumeMount describes a mounting of a Volume + within a container. + properties: + mountPath: + description: Path within the container at which the volume + should be mounted. Must not contain ':'. + type: string + mountPropagation: + description: mountPropagation determines how mounts are + propagated from the host to container and the other + way around. When not set, MountPropagationNone is used. + This field is beta in 1.10. + type: string + name: + description: This must match the Name of a Volume. + type: string + readOnly: + description: Mounted read-only if true, read-write otherwise + (false or unspecified). Defaults to false. + type: boolean + subPath: + description: Path within the volume from which the container's + volume should be mounted. Defaults to "" (volume's root). + type: string + subPathExpr: + description: Expanded path within the volume from which + the container's volume should be mounted. Behaves similarly + to SubPath but environment variable references $(VAR_NAME) + are expanded using the container's environment. Defaults + to "" (volume's root). SubPathExpr and SubPath are mutually + exclusive. + type: string + required: + - mountPath + - name + type: object + type: array + workingDir: + description: Container's working directory. If not specified, + the container runtime's default will be used, which might + be configured in the container image. Cannot be updated. + type: string + required: + - name + type: object + type: array + labels: + items: + type: string + type: array + nodeSelector: + additionalProperties: + type: string + type: object + organization: + pattern: ^[^/]+$ + type: string + repository: + pattern: ^[^/]+/[^/]+$ + type: string + resources: + description: ResourceRequirements describes the compute resource requirements. + properties: + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum amount of compute resources + allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum amount of compute + resources required. If Requests is omitted for a container, + it defaults to Limits if that is explicitly specified, otherwise + to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + type: object + runtimeClassName: + description: 'RuntimeClassName is the container runtime configuration + that containers should run under. More info: https://kubernetes.io/docs/concepts/containers/runtime-class' + type: string + securityContext: + description: PodSecurityContext holds pod-level security attributes + and common container settings. Some fields are also present in container.securityContext. Field + values of container.securityContext take precedence over field values + of PodSecurityContext. + properties: + fsGroup: + description: "A special supplemental group that applies to all + containers in a pod. Some volume types allow the Kubelet to + change the ownership of that volume to be owned by the pod: + \n 1. The owning GID will be the FSGroup 2. The setgid bit is + set (new files created in the volume will be owned by FSGroup) + 3. The permission bits are OR'd with rw-rw---- \n If unset, + the Kubelet will not modify the ownership and permissions of + any volume. Note that this field cannot be set when spec.os.name + is windows." + format: int64 + type: integer + fsGroupChangePolicy: + description: 'fsGroupChangePolicy defines behavior of changing + ownership and permission of the volume before being exposed + inside Pod. This field will only apply to volume types which + support fsGroup based ownership(and permissions). It will have + no effect on ephemeral volume types such as: secret, configmaps + and emptydir. Valid values are "OnRootMismatch" and "Always". + If not specified, "Always" is used. Note that this field cannot + be set when spec.os.name is windows.' + type: string + runAsGroup: + description: The GID to run the entrypoint of the container process. + Uses runtime default if unset. May also be set in SecurityContext. If + set in both SecurityContext and PodSecurityContext, the value + specified in SecurityContext takes precedence for that container. + Note that this field cannot be set when spec.os.name is windows. + format: int64 + type: integer + runAsNonRoot: + description: Indicates that the container must run as a non-root + user. If true, the Kubelet will validate the image at runtime + to ensure that it does not run as UID 0 (root) and fail to start + the container if it does. If unset or false, no such validation + will be performed. May also be set in SecurityContext. If set + in both SecurityContext and PodSecurityContext, the value specified + in SecurityContext takes precedence. + type: boolean + runAsUser: + description: The UID to run the entrypoint of the container process. + Defaults to user specified in image metadata if unspecified. + May also be set in SecurityContext. If set in both SecurityContext + and PodSecurityContext, the value specified in SecurityContext + takes precedence for that container. Note that this field cannot + be set when spec.os.name is windows. + format: int64 + type: integer + seLinuxOptions: + description: The SELinux context to be applied to all containers. + If unspecified, the container runtime will allocate a random + SELinux context for each container. May also be set in SecurityContext. If + set in both SecurityContext and PodSecurityContext, the value + specified in SecurityContext takes precedence for that container. + Note that this field cannot be set when spec.os.name is windows. + properties: + level: + description: Level is SELinux level label that applies to + the container. + type: string + role: + description: Role is a SELinux role label that applies to + the container. + type: string + type: + description: Type is a SELinux type label that applies to + the container. + type: string + user: + description: User is a SELinux user label that applies to + the container. + type: string + type: object + seccompProfile: + description: The seccomp options to use by the containers in this + pod. Note that this field cannot be set when spec.os.name is + windows. + properties: + localhostProfile: + description: localhostProfile indicates a profile defined + in a file on the node should be used. The profile must be + preconfigured on the node to work. Must be a descending + path, relative to the kubelet's configured seccomp profile + location. Must only be set if type is "Localhost". + type: string + type: + description: "type indicates which kind of seccomp profile + will be applied. Valid options are: \n Localhost - a profile + defined in a file on the node should be used. RuntimeDefault + - the container runtime default profile should be used. + Unconfined - no profile should be applied." + type: string + required: + - type + type: object + supplementalGroups: + description: A list of groups applied to the first process run + in each container, in addition to the container's primary GID. If + unspecified, no groups will be added to any container. Note + that this field cannot be set when spec.os.name is windows. + items: + format: int64 + type: integer + type: array + sysctls: + description: Sysctls hold a list of namespaced sysctls used for + the pod. Pods with unsupported sysctls (by the container runtime) + might fail to launch. Note that this field cannot be set when + spec.os.name is windows. + items: + description: Sysctl defines a kernel parameter to be set + properties: + name: + description: Name of a property to set + type: string + value: + description: Value of a property to set + type: string + required: + - name + - value + type: object + type: array + windowsOptions: + description: The Windows specific settings applied to all containers. + If unspecified, the options within a container's SecurityContext + will be used. If set in both SecurityContext and PodSecurityContext, + the value specified in SecurityContext takes precedence. Note + that this field cannot be set when spec.os.name is linux. + properties: + gmsaCredentialSpec: + description: GMSACredentialSpec is where the GMSA admission + webhook (https://github.com/kubernetes-sigs/windows-gmsa) + inlines the contents of the GMSA credential spec named by + the GMSACredentialSpecName field. + type: string + gmsaCredentialSpecName: + description: GMSACredentialSpecName is the name of the GMSA + credential spec to use. + type: string + hostProcess: + description: HostProcess determines if a container should + be run as a 'Host Process' container. This field is alpha-level + and will only be honored by components that enable the WindowsHostProcessContainers + feature flag. Setting this field without the feature flag + will result in errors when validating the Pod. All of a + Pod's containers must have the same effective HostProcess + value (it is not allowed to have a mix of HostProcess containers + and non-HostProcess containers). In addition, if HostProcess + is true then HostNetwork must also be set to true. + type: boolean + runAsUserName: + description: The UserName in Windows to run the entrypoint + of the container process. Defaults to the user specified + in image metadata if unspecified. May also be set in PodSecurityContext. + If set in both SecurityContext and PodSecurityContext, the + value specified in SecurityContext takes precedence. + type: string + type: object + type: object + serviceAccountName: + type: string + sidecarContainers: + items: + description: A single application container that you want to run + within a pod. + properties: + args: + description: 'Arguments to the entrypoint. The docker image''s + CMD is used if this is not provided. Variable references $(VAR_NAME) + are expanded using the container''s environment. If a variable + cannot be resolved, the reference in the input string will + be unchanged. Double $$ are reduced to a single $, which allows + for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will + produce the string literal "$(VAR_NAME)". Escaped references + will never be expanded, regardless of whether the variable + exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' + items: + type: string + type: array + command: + description: 'Entrypoint array. Not executed within a shell. + The docker image''s ENTRYPOINT is used if this is not provided. + Variable references $(VAR_NAME) are expanded using the container''s + environment. If a variable cannot be resolved, the reference + in the input string will be unchanged. Double $$ are reduced + to a single $, which allows for escaping the $(VAR_NAME) syntax: + i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". + Escaped references will never be expanded, regardless of whether + the variable exists or not. Cannot be updated. More info: + https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' + items: + type: string + type: array + env: + description: List of environment variables to set in the container. + Cannot be updated. + items: + description: EnvVar represents an environment variable present + in a Container. + properties: + name: + description: Name of the environment variable. Must be + a C_IDENTIFIER. + type: string + value: + description: 'Variable references $(VAR_NAME) are expanded + using the previously defined environment variables in + the container and any service environment variables. + If a variable cannot be resolved, the reference in the + input string will be unchanged. Double $$ are reduced + to a single $, which allows for escaping the $(VAR_NAME) + syntax: i.e. "$$(VAR_NAME)" will produce the string + literal "$(VAR_NAME)". Escaped references will never + be expanded, regardless of whether the variable exists + or not. Defaults to "".' + type: string + valueFrom: + description: Source for the environment variable's value. + Cannot be used if value is not empty. + properties: + configMapKeyRef: + description: Selects a key of a ConfigMap. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether the ConfigMap or + its key must be defined + type: boolean + required: + - key + type: object + fieldRef: + description: 'Selects a field of the pod: supports + metadata.name, metadata.namespace, `metadata.labels['''']`, + `metadata.annotations['''']`, spec.nodeName, + spec.serviceAccountName, status.hostIP, status.podIP, + status.podIPs.' + properties: + apiVersion: + description: Version of the schema the FieldPath + is written in terms of, defaults to "v1". + type: string + fieldPath: + description: Path of the field to select in the + specified API version. + type: string + required: + - fieldPath + type: object + resourceFieldRef: + description: 'Selects a resource of the container: + only resources limits and requests (limits.cpu, + limits.memory, limits.ephemeral-storage, requests.cpu, + requests.memory and requests.ephemeral-storage) + are currently supported.' + properties: + containerName: + description: 'Container name: required for volumes, + optional for env vars' + type: string + divisor: + anyOf: + - type: integer + - type: string + description: Specifies the output format of the + exposed resources, defaults to "1" + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + description: 'Required: resource to select' + type: string + required: + - resource + type: object + secretKeyRef: + description: Selects a key of a secret in the pod's + namespace + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether the Secret or its + key must be defined + type: boolean + required: + - key + type: object + type: object + required: + - name + type: object + type: array + envFrom: + description: List of sources to populate environment variables + in the container. The keys defined within a source must be + a C_IDENTIFIER. All invalid keys will be reported as an event + when the container is starting. When a key exists in multiple + sources, the value associated with the last source will take + precedence. Values defined by an Env with a duplicate key + will take precedence. Cannot be updated. + items: + description: EnvFromSource represents the source of a set + of ConfigMaps + properties: + configMapRef: + description: The ConfigMap to select from + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether the ConfigMap must be + defined + type: boolean + type: object + prefix: + description: An optional identifier to prepend to each + key in the ConfigMap. Must be a C_IDENTIFIER. + type: string + secretRef: + description: The Secret to select from + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether the Secret must be defined + type: boolean + type: object + type: object + type: array + image: + description: 'Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images + This field is optional to allow higher level config management + to default or override container images in workload controllers + like Deployments and StatefulSets.' + type: string + imagePullPolicy: + description: 'Image pull policy. One of Always, Never, IfNotPresent. + Defaults to Always if :latest tag is specified, or IfNotPresent + otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' + type: string + lifecycle: + description: Actions that the management system should take + in response to container lifecycle events. Cannot be updated. + properties: + postStart: + description: 'PostStart is called immediately after a container + is created. If the handler fails, the container is terminated + and restarted according to its restart policy. Other management + of the container blocks until the hook completes. More + info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' + properties: + exec: + description: Exec specifies the action to take. + properties: + command: + description: Command is the command line to execute + inside the container, the working directory for + the command is root ('/') in the container's + filesystem. The command is simply exec'd, it is + not run inside a shell, so traditional shell instructions + ('|', etc) won't work. To use a shell, you need + to explicitly call out to that shell. Exit status + of 0 is treated as live/healthy and non-zero is + unhealthy. + items: + type: string + type: array + type: object + httpGet: + description: HTTPGet specifies the http request to perform. + properties: + host: + description: Host name to connect to, defaults to + the pod IP. You probably want to set "Host" in + httpHeaders instead. + type: string + httpHeaders: + description: Custom headers to set in the request. + HTTP allows repeated headers. + items: + description: HTTPHeader describes a custom header + to be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: integer + - type: string + description: Name or number of the port to access + on the container. Number must be in the range + 1 to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: Scheme to use for connecting to the + host. Defaults to HTTP. + type: string + required: + - port + type: object + tcpSocket: + description: Deprecated. TCPSocket is NOT supported + as a LifecycleHandler and kept for the backward compatibility. + There are no validation of this field and lifecycle + hooks will fail in runtime when tcp handler is specified. + properties: + host: + description: 'Optional: Host name to connect to, + defaults to the pod IP.' + type: string + port: + anyOf: + - type: integer + - type: string + description: Number or name of the port to access + on the container. Number must be in the range + 1 to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + type: object + preStop: + description: 'PreStop is called immediately before a container + is terminated due to an API request or management event + such as liveness/startup probe failure, preemption, resource + contention, etc. The handler is not called if the container + crashes or exits. The Pod''s termination grace period + countdown begins before the PreStop hook is executed. + Regardless of the outcome of the handler, the container + will eventually terminate within the Pod''s termination + grace period (unless delayed by finalizers). Other management + of the container blocks until the hook completes or until + the termination grace period is reached. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' + properties: + exec: + description: Exec specifies the action to take. + properties: + command: + description: Command is the command line to execute + inside the container, the working directory for + the command is root ('/') in the container's + filesystem. The command is simply exec'd, it is + not run inside a shell, so traditional shell instructions + ('|', etc) won't work. To use a shell, you need + to explicitly call out to that shell. Exit status + of 0 is treated as live/healthy and non-zero is + unhealthy. + items: + type: string + type: array + type: object + httpGet: + description: HTTPGet specifies the http request to perform. + properties: + host: + description: Host name to connect to, defaults to + the pod IP. You probably want to set "Host" in + httpHeaders instead. + type: string + httpHeaders: + description: Custom headers to set in the request. + HTTP allows repeated headers. + items: + description: HTTPHeader describes a custom header + to be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: integer + - type: string + description: Name or number of the port to access + on the container. Number must be in the range + 1 to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: Scheme to use for connecting to the + host. Defaults to HTTP. + type: string + required: + - port + type: object + tcpSocket: + description: Deprecated. TCPSocket is NOT supported + as a LifecycleHandler and kept for the backward compatibility. + There are no validation of this field and lifecycle + hooks will fail in runtime when tcp handler is specified. + properties: + host: + description: 'Optional: Host name to connect to, + defaults to the pod IP.' + type: string + port: + anyOf: + - type: integer + - type: string + description: Number or name of the port to access + on the container. Number must be in the range + 1 to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + type: object + type: object + livenessProbe: + description: 'Periodic probe of container liveness. Container + will be restarted if the probe fails. Cannot be updated. More + info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + properties: + exec: + description: Exec specifies the action to take. + properties: + command: + description: Command is the command line to execute + inside the container, the working directory for the + command is root ('/') in the container's filesystem. + The command is simply exec'd, it is not run inside + a shell, so traditional shell instructions ('|', etc) + won't work. To use a shell, you need to explicitly + call out to that shell. Exit status of 0 is treated + as live/healthy and non-zero is unhealthy. + items: + type: string + type: array + type: object + failureThreshold: + description: Minimum consecutive failures for the probe + to be considered failed after having succeeded. Defaults + to 3. Minimum value is 1. + format: int32 + type: integer + grpc: + description: GRPC specifies an action involving a GRPC port. + This is an alpha field and requires enabling GRPCContainerProbe + feature gate. + properties: + port: + description: Port number of the gRPC service. Number + must be in the range 1 to 65535. + format: int32 + type: integer + service: + description: "Service is the name of the service to + place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + \n If this is not specified, the default behavior + is defined by gRPC." + type: string + required: + - port + type: object + httpGet: + description: HTTPGet specifies the http request to perform. + properties: + host: + description: Host name to connect to, defaults to the + pod IP. You probably want to set "Host" in httpHeaders + instead. + type: string + httpHeaders: + description: Custom headers to set in the request. HTTP + allows repeated headers. + items: + description: HTTPHeader describes a custom header + to be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: integer + - type: string + description: Name or number of the port to access on + the container. Number must be in the range 1 to 65535. + Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: Scheme to use for connecting to the host. + Defaults to HTTP. + type: string + required: + - port + type: object + initialDelaySeconds: + description: 'Number of seconds after the container has + started before liveness probes are initiated. More info: + https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + periodSeconds: + description: How often (in seconds) to perform the probe. + Default to 10 seconds. Minimum value is 1. + format: int32 + type: integer + successThreshold: + description: Minimum consecutive successes for the probe + to be considered successful after having failed. Defaults + to 1. Must be 1 for liveness and startup. Minimum value + is 1. + format: int32 + type: integer + tcpSocket: + description: TCPSocket specifies an action involving a TCP + port. + properties: + host: + description: 'Optional: Host name to connect to, defaults + to the pod IP.' + type: string + port: + anyOf: + - type: integer + - type: string + description: Number or name of the port to access on + the container. Number must be in the range 1 to 65535. + Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + terminationGracePeriodSeconds: + description: Optional duration in seconds the pod needs + to terminate gracefully upon probe failure. The grace + period is the duration in seconds after the processes + running in the pod are sent a termination signal and the + time when the processes are forcibly halted with a kill + signal. Set this value longer than the expected cleanup + time for your process. If this value is nil, the pod's + terminationGracePeriodSeconds will be used. Otherwise, + this value overrides the value provided by the pod spec. + Value must be non-negative integer. The value zero indicates + stop immediately via the kill signal (no opportunity to + shut down). This is a beta field and requires enabling + ProbeTerminationGracePeriod feature gate. Minimum value + is 1. spec.terminationGracePeriodSeconds is used if unset. + format: int64 + type: integer + timeoutSeconds: + description: 'Number of seconds after which the probe times + out. Defaults to 1 second. Minimum value is 1. More info: + https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + type: object + name: + description: Name of the container specified as a DNS_LABEL. + Each container in a pod must have a unique name (DNS_LABEL). + Cannot be updated. + type: string + ports: + description: List of ports to expose from the container. Exposing + a port here gives the system additional information about + the network connections a container uses, but is primarily + informational. Not specifying a port here DOES NOT prevent + that port from being exposed. Any port which is listening + on the default "0.0.0.0" address inside a container will be + accessible from the network. Cannot be updated. + items: + description: ContainerPort represents a network port in a + single container. + properties: + containerPort: + description: Number of port to expose on the pod's IP + address. This must be a valid port number, 0 < x < 65536. + format: int32 + type: integer + hostIP: + description: What host IP to bind the external port to. + type: string + hostPort: + description: Number of port to expose on the host. If + specified, this must be a valid port number, 0 < x < + 65536. If HostNetwork is specified, this must match + ContainerPort. Most containers do not need this. + format: int32 + type: integer + name: + description: If specified, this must be an IANA_SVC_NAME + and unique within the pod. Each named port in a pod + must have a unique name. Name for the port that can + be referred to by services. + type: string + protocol: + default: TCP + description: Protocol for port. Must be UDP, TCP, or SCTP. + Defaults to "TCP". + type: string + required: + - containerPort + type: object + type: array + x-kubernetes-list-map-keys: + - containerPort + - protocol + x-kubernetes-list-type: map + readinessProbe: + description: 'Periodic probe of container service readiness. + Container will be removed from service endpoints if the probe + fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + properties: + exec: + description: Exec specifies the action to take. + properties: + command: + description: Command is the command line to execute + inside the container, the working directory for the + command is root ('/') in the container's filesystem. + The command is simply exec'd, it is not run inside + a shell, so traditional shell instructions ('|', etc) + won't work. To use a shell, you need to explicitly + call out to that shell. Exit status of 0 is treated + as live/healthy and non-zero is unhealthy. + items: + type: string + type: array + type: object + failureThreshold: + description: Minimum consecutive failures for the probe + to be considered failed after having succeeded. Defaults + to 3. Minimum value is 1. + format: int32 + type: integer + grpc: + description: GRPC specifies an action involving a GRPC port. + This is an alpha field and requires enabling GRPCContainerProbe + feature gate. + properties: + port: + description: Port number of the gRPC service. Number + must be in the range 1 to 65535. + format: int32 + type: integer + service: + description: "Service is the name of the service to + place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + \n If this is not specified, the default behavior + is defined by gRPC." + type: string + required: + - port + type: object + httpGet: + description: HTTPGet specifies the http request to perform. + properties: + host: + description: Host name to connect to, defaults to the + pod IP. You probably want to set "Host" in httpHeaders + instead. + type: string + httpHeaders: + description: Custom headers to set in the request. HTTP + allows repeated headers. + items: + description: HTTPHeader describes a custom header + to be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: integer + - type: string + description: Name or number of the port to access on + the container. Number must be in the range 1 to 65535. + Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: Scheme to use for connecting to the host. + Defaults to HTTP. + type: string + required: + - port + type: object + initialDelaySeconds: + description: 'Number of seconds after the container has + started before liveness probes are initiated. More info: + https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + periodSeconds: + description: How often (in seconds) to perform the probe. + Default to 10 seconds. Minimum value is 1. + format: int32 + type: integer + successThreshold: + description: Minimum consecutive successes for the probe + to be considered successful after having failed. Defaults + to 1. Must be 1 for liveness and startup. Minimum value + is 1. + format: int32 + type: integer + tcpSocket: + description: TCPSocket specifies an action involving a TCP + port. + properties: + host: + description: 'Optional: Host name to connect to, defaults + to the pod IP.' + type: string + port: + anyOf: + - type: integer + - type: string + description: Number or name of the port to access on + the container. Number must be in the range 1 to 65535. + Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + terminationGracePeriodSeconds: + description: Optional duration in seconds the pod needs + to terminate gracefully upon probe failure. The grace + period is the duration in seconds after the processes + running in the pod are sent a termination signal and the + time when the processes are forcibly halted with a kill + signal. Set this value longer than the expected cleanup + time for your process. If this value is nil, the pod's + terminationGracePeriodSeconds will be used. Otherwise, + this value overrides the value provided by the pod spec. + Value must be non-negative integer. The value zero indicates + stop immediately via the kill signal (no opportunity to + shut down). This is a beta field and requires enabling + ProbeTerminationGracePeriod feature gate. Minimum value + is 1. spec.terminationGracePeriodSeconds is used if unset. + format: int64 + type: integer + timeoutSeconds: + description: 'Number of seconds after which the probe times + out. Defaults to 1 second. Minimum value is 1. More info: + https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + type: object + resources: + description: 'Compute Resources required by this container. + Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + properties: + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum amount of compute + resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum amount of compute + resources required. If Requests is omitted for a container, + it defaults to Limits if that is explicitly specified, + otherwise to an implementation-defined value. More info: + https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + type: object + securityContext: + description: 'SecurityContext defines the security options the + container should be run with. If set, the fields of SecurityContext + override the equivalent fields of PodSecurityContext. More + info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/' + properties: + allowPrivilegeEscalation: + description: 'AllowPrivilegeEscalation controls whether + a process can gain more privileges than its parent process. + This bool directly controls if the no_new_privs flag will + be set on the container process. AllowPrivilegeEscalation + is true always when the container is: 1) run as Privileged + 2) has CAP_SYS_ADMIN Note that this field cannot be set + when spec.os.name is windows.' + type: boolean + capabilities: + description: The capabilities to add/drop when running containers. + Defaults to the default set of capabilities granted by + the container runtime. Note that this field cannot be + set when spec.os.name is windows. + properties: + add: + description: Added capabilities + items: + description: Capability represent POSIX capabilities + type + type: string + type: array + drop: + description: Removed capabilities + items: + description: Capability represent POSIX capabilities + type + type: string + type: array + type: object + privileged: + description: Run container in privileged mode. Processes + in privileged containers are essentially equivalent to + root on the host. Defaults to false. Note that this field + cannot be set when spec.os.name is windows. + type: boolean + procMount: + description: procMount denotes the type of proc mount to + use for the containers. The default is DefaultProcMount + which uses the container runtime defaults for readonly + paths and masked paths. This requires the ProcMountType + feature flag to be enabled. Note that this field cannot + be set when spec.os.name is windows. + type: string + readOnlyRootFilesystem: + description: Whether this container has a read-only root + filesystem. Default is false. Note that this field cannot + be set when spec.os.name is windows. + type: boolean + runAsGroup: + description: The GID to run the entrypoint of the container + process. Uses runtime default if unset. May also be set + in PodSecurityContext. If set in both SecurityContext + and PodSecurityContext, the value specified in SecurityContext + takes precedence. Note that this field cannot be set when + spec.os.name is windows. + format: int64 + type: integer + runAsNonRoot: + description: Indicates that the container must run as a + non-root user. If true, the Kubelet will validate the + image at runtime to ensure that it does not run as UID + 0 (root) and fail to start the container if it does. If + unset or false, no such validation will be performed. + May also be set in PodSecurityContext. If set in both + SecurityContext and PodSecurityContext, the value specified + in SecurityContext takes precedence. + type: boolean + runAsUser: + description: The UID to run the entrypoint of the container + process. Defaults to user specified in image metadata + if unspecified. May also be set in PodSecurityContext. If + set in both SecurityContext and PodSecurityContext, the + value specified in SecurityContext takes precedence. Note + that this field cannot be set when spec.os.name is windows. + format: int64 + type: integer + seLinuxOptions: + description: The SELinux context to be applied to the container. + If unspecified, the container runtime will allocate a + random SELinux context for each container. May also be + set in PodSecurityContext. If set in both SecurityContext + and PodSecurityContext, the value specified in SecurityContext + takes precedence. Note that this field cannot be set when + spec.os.name is windows. + properties: + level: + description: Level is SELinux level label that applies + to the container. + type: string + role: + description: Role is a SELinux role label that applies + to the container. + type: string + type: + description: Type is a SELinux type label that applies + to the container. + type: string + user: + description: User is a SELinux user label that applies + to the container. + type: string + type: object + seccompProfile: + description: The seccomp options to use by this container. + If seccomp options are provided at both the pod & container + level, the container options override the pod options. + Note that this field cannot be set when spec.os.name is + windows. + properties: + localhostProfile: + description: localhostProfile indicates a profile defined + in a file on the node should be used. The profile + must be preconfigured on the node to work. Must be + a descending path, relative to the kubelet's configured + seccomp profile location. Must only be set if type + is "Localhost". + type: string + type: + description: "type indicates which kind of seccomp profile + will be applied. Valid options are: \n Localhost - + a profile defined in a file on the node should be + used. RuntimeDefault - the container runtime default + profile should be used. Unconfined - no profile should + be applied." + type: string + required: + - type + type: object + windowsOptions: + description: The Windows specific settings applied to all + containers. If unspecified, the options from the PodSecurityContext + will be used. If set in both SecurityContext and PodSecurityContext, + the value specified in SecurityContext takes precedence. + Note that this field cannot be set when spec.os.name is + linux. + properties: + gmsaCredentialSpec: + description: GMSACredentialSpec is where the GMSA admission + webhook (https://github.com/kubernetes-sigs/windows-gmsa) + inlines the contents of the GMSA credential spec named + by the GMSACredentialSpecName field. + type: string + gmsaCredentialSpecName: + description: GMSACredentialSpecName is the name of the + GMSA credential spec to use. + type: string + hostProcess: + description: HostProcess determines if a container should + be run as a 'Host Process' container. This field is + alpha-level and will only be honored by components + that enable the WindowsHostProcessContainers feature + flag. Setting this field without the feature flag + will result in errors when validating the Pod. All + of a Pod's containers must have the same effective + HostProcess value (it is not allowed to have a mix + of HostProcess containers and non-HostProcess containers). In + addition, if HostProcess is true then HostNetwork + must also be set to true. + type: boolean + runAsUserName: + description: The UserName in Windows to run the entrypoint + of the container process. Defaults to the user specified + in image metadata if unspecified. May also be set + in PodSecurityContext. If set in both SecurityContext + and PodSecurityContext, the value specified in SecurityContext + takes precedence. + type: string + type: object + type: object + startupProbe: + description: 'StartupProbe indicates that the Pod has successfully + initialized. If specified, no other probes are executed until + this completes successfully. If this probe fails, the Pod + will be restarted, just as if the livenessProbe failed. This + can be used to provide different probe parameters at the beginning + of a Pod''s lifecycle, when it might take a long time to load + data or warm a cache, than during steady-state operation. + This cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + properties: + exec: + description: Exec specifies the action to take. + properties: + command: + description: Command is the command line to execute + inside the container, the working directory for the + command is root ('/') in the container's filesystem. + The command is simply exec'd, it is not run inside + a shell, so traditional shell instructions ('|', etc) + won't work. To use a shell, you need to explicitly + call out to that shell. Exit status of 0 is treated + as live/healthy and non-zero is unhealthy. + items: + type: string + type: array + type: object + failureThreshold: + description: Minimum consecutive failures for the probe + to be considered failed after having succeeded. Defaults + to 3. Minimum value is 1. + format: int32 + type: integer + grpc: + description: GRPC specifies an action involving a GRPC port. + This is an alpha field and requires enabling GRPCContainerProbe + feature gate. + properties: + port: + description: Port number of the gRPC service. Number + must be in the range 1 to 65535. + format: int32 + type: integer + service: + description: "Service is the name of the service to + place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + \n If this is not specified, the default behavior + is defined by gRPC." + type: string + required: + - port + type: object + httpGet: + description: HTTPGet specifies the http request to perform. + properties: + host: + description: Host name to connect to, defaults to the + pod IP. You probably want to set "Host" in httpHeaders + instead. + type: string + httpHeaders: + description: Custom headers to set in the request. HTTP + allows repeated headers. + items: + description: HTTPHeader describes a custom header + to be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: integer + - type: string + description: Name or number of the port to access on + the container. Number must be in the range 1 to 65535. + Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: Scheme to use for connecting to the host. + Defaults to HTTP. + type: string + required: + - port + type: object + initialDelaySeconds: + description: 'Number of seconds after the container has + started before liveness probes are initiated. More info: + https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + periodSeconds: + description: How often (in seconds) to perform the probe. + Default to 10 seconds. Minimum value is 1. + format: int32 + type: integer + successThreshold: + description: Minimum consecutive successes for the probe + to be considered successful after having failed. Defaults + to 1. Must be 1 for liveness and startup. Minimum value + is 1. + format: int32 + type: integer + tcpSocket: + description: TCPSocket specifies an action involving a TCP + port. + properties: + host: + description: 'Optional: Host name to connect to, defaults + to the pod IP.' + type: string + port: + anyOf: + - type: integer + - type: string + description: Number or name of the port to access on + the container. Number must be in the range 1 to 65535. + Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + terminationGracePeriodSeconds: + description: Optional duration in seconds the pod needs + to terminate gracefully upon probe failure. The grace + period is the duration in seconds after the processes + running in the pod are sent a termination signal and the + time when the processes are forcibly halted with a kill + signal. Set this value longer than the expected cleanup + time for your process. If this value is nil, the pod's + terminationGracePeriodSeconds will be used. Otherwise, + this value overrides the value provided by the pod spec. + Value must be non-negative integer. The value zero indicates + stop immediately via the kill signal (no opportunity to + shut down). This is a beta field and requires enabling + ProbeTerminationGracePeriod feature gate. Minimum value + is 1. spec.terminationGracePeriodSeconds is used if unset. + format: int64 + type: integer + timeoutSeconds: + description: 'Number of seconds after which the probe times + out. Defaults to 1 second. Minimum value is 1. More info: + https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + type: object + stdin: + description: Whether this container should allocate a buffer + for stdin in the container runtime. If this is not set, reads + from stdin in the container will always result in EOF. Default + is false. + type: boolean + stdinOnce: + description: Whether the container runtime should close the + stdin channel after it has been opened by a single attach. + When stdin is true the stdin stream will remain open across + multiple attach sessions. If stdinOnce is set to true, stdin + is opened on container start, is empty until the first client + attaches to stdin, and then remains open and accepts data + until the client disconnects, at which time stdin is closed + and remains closed until the container is restarted. If this + flag is false, a container processes that reads from stdin + will never receive an EOF. Default is false + type: boolean + terminationMessagePath: + description: 'Optional: Path at which the file to which the + container''s termination message will be written is mounted + into the container''s filesystem. Message written is intended + to be brief final status, such as an assertion failure message. + Will be truncated by the node if greater than 4096 bytes. + The total message length across all containers will be limited + to 12kb. Defaults to /dev/termination-log. Cannot be updated.' + type: string + terminationMessagePolicy: + description: Indicate how the termination message should be + populated. File will use the contents of terminationMessagePath + to populate the container status message on both success and + failure. FallbackToLogsOnError will use the last chunk of + container log output if the termination message file is empty + and the container exited with an error. The log output is + limited to 2048 bytes or 80 lines, whichever is smaller. Defaults + to File. Cannot be updated. + type: string + tty: + description: Whether this container should allocate a TTY for + itself, also requires 'stdin' to be true. Default is false. + type: boolean + volumeDevices: + description: volumeDevices is the list of block devices to be + used by the container. + items: + description: volumeDevice describes a mapping of a raw block + device within a container. + properties: + devicePath: + description: devicePath is the path inside of the container + that the device will be mapped to. + type: string + name: + description: name must match the name of a persistentVolumeClaim + in the pod + type: string + required: + - devicePath + - name + type: object + type: array + volumeMounts: + description: Pod volumes to mount into the container's filesystem. + Cannot be updated. + items: + description: VolumeMount describes a mounting of a Volume + within a container. + properties: + mountPath: + description: Path within the container at which the volume + should be mounted. Must not contain ':'. + type: string + mountPropagation: + description: mountPropagation determines how mounts are + propagated from the host to container and the other + way around. When not set, MountPropagationNone is used. + This field is beta in 1.10. + type: string + name: + description: This must match the Name of a Volume. + type: string + readOnly: + description: Mounted read-only if true, read-write otherwise + (false or unspecified). Defaults to false. + type: boolean + subPath: + description: Path within the volume from which the container's + volume should be mounted. Defaults to "" (volume's root). + type: string + subPathExpr: + description: Expanded path within the volume from which + the container's volume should be mounted. Behaves similarly + to SubPath but environment variable references $(VAR_NAME) + are expanded using the container's environment. Defaults + to "" (volume's root). SubPathExpr and SubPath are mutually + exclusive. + type: string + required: + - mountPath + - name + type: object + type: array + workingDir: + description: Container's working directory. If not specified, + the container runtime's default will be used, which might + be configured in the container image. Cannot be updated. + type: string + required: + - name + type: object + type: array + terminationGracePeriodSeconds: + format: int64 + type: integer + tolerations: + items: + description: The pod this Toleration is attached to tolerates any + taint that matches the triple using the matching + operator . + properties: + effect: + description: Effect indicates the taint effect to match. Empty + means match all taint effects. When specified, allowed values + are NoSchedule, PreferNoSchedule and NoExecute. + type: string + key: + description: Key is the taint key that the toleration applies + to. Empty means match all taint keys. If the key is empty, + operator must be Exists; this combination means to match all + values and all keys. + type: string + operator: + description: Operator represents a key's relationship to the + value. Valid operators are Exists and Equal. Defaults to Equal. + Exists is equivalent to wildcard for value, so that a pod + can tolerate all taints of a particular category. + type: string + tolerationSeconds: + description: TolerationSeconds represents the period of time + the toleration (which must be of effect NoExecute, otherwise + this field is ignored) tolerates the taint. By default, it + is not set, which means tolerate the taint forever (do not + evict). Zero and negative values will be treated as 0 (evict + immediately) by the system. + format: int64 + type: integer + value: + description: Value is the taint value the toleration matches + to. If the operator is Exists, the value should be empty, + otherwise just a regular string. + type: string + type: object + type: array + topologySpreadConstraint: + items: + description: TopologySpreadConstraint specifies how to spread matching + pods among the given topology. + properties: + labelSelector: + description: LabelSelector is used to find matching pods. Pods + that match this label selector are counted to determine the + number of pods in their corresponding topology domain. + properties: + matchExpressions: + description: matchExpressions is a list of label selector + requirements. The requirements are ANDed. + items: + description: A label selector requirement is a selector + that contains values, a key, and an operator that relates + the key and values. + properties: + key: + description: key is the label key that the selector + applies to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are In, NotIn, + Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. + If the operator is In or NotIn, the values array + must be non-empty. If the operator is Exists or + DoesNotExist, the values array must be empty. This + array is replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} pairs. + A single {key,value} in the matchLabels map is equivalent + to an element of matchExpressions, whose key field is + "key", the operator is "In", and the values array contains + only "value". The requirements are ANDed. + type: object + type: object + maxSkew: + description: 'MaxSkew describes the degree to which pods may + be unevenly distributed. When `whenUnsatisfiable=DoNotSchedule`, + it is the maximum permitted difference between the number + of matching pods in the target topology and the global minimum. + For example, in a 3-zone cluster, MaxSkew is set to 1, and + pods with the same labelSelector spread as 1/1/0: | zone1 + | zone2 | zone3 | | P | P | | - if MaxSkew is + 1, incoming pod can only be scheduled to zone3 to become 1/1/1; + scheduling it onto zone1(zone2) would make the ActualSkew(2-0) + on zone1(zone2) violate MaxSkew(1). - if MaxSkew is 2, incoming + pod can be scheduled onto any zone. When `whenUnsatisfiable=ScheduleAnyway`, + it is used to give higher precedence to topologies that satisfy + it. It''s a required field. Default value is 1 and 0 is not + allowed.' + format: int32 + type: integer + topologyKey: + description: TopologyKey is the key of node labels. Nodes that + have a label with this key and identical values are considered + to be in the same topology. We consider each + as a "bucket", and try to put balanced number of pods into + each bucket. It's a required field. + type: string + whenUnsatisfiable: + description: 'WhenUnsatisfiable indicates how to deal with a + pod if it doesn''t satisfy the spread constraint. - DoNotSchedule + (default) tells the scheduler not to schedule it. - ScheduleAnyway + tells the scheduler to schedule the pod in any location, but + giving higher precedence to topologies that would help reduce + the skew. A constraint is considered "Unsatisfiable" for + an incoming pod if and only if every possible node assignment + for that pod would violate "MaxSkew" on some topology. For + example, in a 3-zone cluster, MaxSkew is set to 1, and pods + with the same labelSelector spread as 3/1/1: | zone1 | zone2 + | zone3 | | P P P | P | P | If WhenUnsatisfiable is + set to DoNotSchedule, incoming pod can only be scheduled to + zone2(zone3) to become 3/2/1(3/1/2) as ActualSkew(2-1) on + zone2(zone3) satisfies MaxSkew(1). In other words, the cluster + can still be imbalanced, but scheduler won''t make it *more* + imbalanced. It''s a required field.' + type: string + required: + - maxSkew + - topologyKey + - whenUnsatisfiable + type: object + type: array + volumeMounts: + items: + description: VolumeMount describes a mounting of a Volume within + a container. + properties: + mountPath: + description: Path within the container at which the volume should + be mounted. Must not contain ':'. + type: string + mountPropagation: + description: mountPropagation determines how mounts are propagated + from the host to container and the other way around. When + not set, MountPropagationNone is used. This field is beta + in 1.10. + type: string + name: + description: This must match the Name of a Volume. + type: string + readOnly: + description: Mounted read-only if true, read-write otherwise + (false or unspecified). Defaults to false. + type: boolean + subPath: + description: Path within the volume from which the container's + volume should be mounted. Defaults to "" (volume's root). + type: string + subPathExpr: + description: Expanded path within the volume from which the + container's volume should be mounted. Behaves similarly to + SubPath but environment variable references $(VAR_NAME) are + expanded using the container's environment. Defaults to "" + (volume's root). SubPathExpr and SubPath are mutually exclusive. + type: string + required: + - mountPath + - name + type: object + type: array + volumeSizeLimit: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + volumeStorageMedium: + type: string + volumes: + items: + description: Volume represents a named volume in a pod that may + be accessed by any container in the pod. + properties: + awsElasticBlockStore: + description: 'AWSElasticBlockStore represents an AWS Disk resource + that is attached to a kubelet''s host machine and then exposed + to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' + properties: + fsType: + description: 'Filesystem type of the volume that you want + to mount. Tip: Ensure that the filesystem type is supported + by the host operating system. Examples: "ext4", "xfs", + "ntfs". Implicitly inferred to be "ext4" if unspecified. + More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore + TODO: how do we prevent errors in the filesystem from + compromising the machine' + type: string + partition: + description: 'The partition in the volume that you want + to mount. If omitted, the default is to mount by volume + name. Examples: For volume /dev/sda1, you specify the + partition as "1". Similarly, the volume partition for + /dev/sda is "0" (or you can leave the property empty).' + format: int32 + type: integer + readOnly: + description: 'Specify "true" to force and set the ReadOnly + property in VolumeMounts to "true". If omitted, the default + is "false". More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' + type: boolean + volumeID: + description: 'Unique ID of the persistent disk resource + in AWS (Amazon EBS volume). More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' + type: string + required: + - volumeID + type: object + azureDisk: + description: AzureDisk represents an Azure Data Disk mount on + the host and bind mount to the pod. + properties: + cachingMode: + description: 'Host Caching mode: None, Read Only, Read Write.' + type: string + diskName: + description: The Name of the data disk in the blob storage + type: string + diskURI: + description: The URI the data disk in the blob storage + type: string + fsType: + description: Filesystem type to mount. Must be a filesystem + type supported by the host operating system. Ex. "ext4", + "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. + type: string + kind: + description: 'Expected values Shared: multiple blob disks + per storage account Dedicated: single blob disk per storage + account Managed: azure managed data disk (only in managed + availability set). defaults to shared' + type: string + readOnly: + description: Defaults to false (read/write). ReadOnly here + will force the ReadOnly setting in VolumeMounts. + type: boolean + required: + - diskName + - diskURI + type: object + azureFile: + description: AzureFile represents an Azure File Service mount + on the host and bind mount to the pod. + properties: + readOnly: + description: Defaults to false (read/write). ReadOnly here + will force the ReadOnly setting in VolumeMounts. + type: boolean + secretName: + description: the name of secret that contains Azure Storage + Account Name and Key + type: string + shareName: + description: Share Name + type: string + required: + - secretName + - shareName + type: object + cephfs: + description: CephFS represents a Ceph FS mount on the host that + shares a pod's lifetime + properties: + monitors: + description: 'Required: Monitors is a collection of Ceph + monitors More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' + items: + type: string + type: array + path: + description: 'Optional: Used as the mounted root, rather + than the full Ceph tree, default is /' + type: string + readOnly: + description: 'Optional: Defaults to false (read/write). + ReadOnly here will force the ReadOnly setting in VolumeMounts. + More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' + type: boolean + secretFile: + description: 'Optional: SecretFile is the path to key ring + for User, default is /etc/ceph/user.secret More info: + https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' + type: string + secretRef: + description: 'Optional: SecretRef is reference to the authentication + secret for User, default is empty. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + type: object + user: + description: 'Optional: User is the rados user name, default + is admin More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' + type: string + required: + - monitors + type: object + cinder: + description: 'Cinder represents a cinder volume attached and + mounted on kubelets host machine. More info: https://examples.k8s.io/mysql-cinder-pd/README.md' + properties: + fsType: + description: 'Filesystem type to mount. Must be a filesystem + type supported by the host operating system. Examples: + "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" + if unspecified. More info: https://examples.k8s.io/mysql-cinder-pd/README.md' + type: string + readOnly: + description: 'Optional: Defaults to false (read/write). + ReadOnly here will force the ReadOnly setting in VolumeMounts. + More info: https://examples.k8s.io/mysql-cinder-pd/README.md' + type: boolean + secretRef: + description: 'Optional: points to a secret object containing + parameters used to connect to OpenStack.' + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + type: object + volumeID: + description: 'volume id used to identify the volume in cinder. + More info: https://examples.k8s.io/mysql-cinder-pd/README.md' + type: string + required: + - volumeID + type: object + configMap: + description: ConfigMap represents a configMap that should populate + this volume + properties: + defaultMode: + description: 'Optional: mode bits used to set permissions + on created files by default. Must be an octal value between + 0000 and 0777 or a decimal value between 0 and 511. YAML + accepts both octal and decimal values, JSON requires decimal + values for mode bits. Defaults to 0644. Directories within + the path are not affected by this setting. This might + be in conflict with other options that affect the file + mode, like fsGroup, and the result can be other mode bits + set.' + format: int32 + type: integer + items: + description: If unspecified, each key-value pair in the + Data field of the referenced ConfigMap will be projected + into the volume as a file whose name is the key and content + is the value. If specified, the listed keys will be projected + into the specified paths, and unlisted keys will not be + present. If a key is specified which is not present in + the ConfigMap, the volume setup will error unless it is + marked optional. Paths must be relative and may not contain + the '..' path or start with '..'. + items: + description: Maps a string key to a path within a volume. + properties: + key: + description: The key to project. + type: string + mode: + description: 'Optional: mode bits used to set permissions + on this file. Must be an octal value between 0000 + and 0777 or a decimal value between 0 and 511. YAML + accepts both octal and decimal values, JSON requires + decimal values for mode bits. If not specified, + the volume defaultMode will be used. This might + be in conflict with other options that affect the + file mode, like fsGroup, and the result can be other + mode bits set.' + format: int32 + type: integer + path: + description: The relative path of the file to map + the key to. May not be an absolute path. May not + contain the path element '..'. May not start with + the string '..'. + type: string + required: + - key + - path + type: object + type: array + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + optional: + description: Specify whether the ConfigMap or its keys must + be defined + type: boolean + type: object + csi: + description: CSI (Container Storage Interface) represents ephemeral + storage that is handled by certain external CSI drivers (Beta + feature). + properties: + driver: + description: Driver is the name of the CSI driver that handles + this volume. Consult with your admin for the correct name + as registered in the cluster. + type: string + fsType: + description: Filesystem type to mount. Ex. "ext4", "xfs", + "ntfs". If not provided, the empty value is passed to + the associated CSI driver which will determine the default + filesystem to apply. + type: string + nodePublishSecretRef: + description: NodePublishSecretRef is a reference to the + secret object containing sensitive information to pass + to the CSI driver to complete the CSI NodePublishVolume + and NodeUnpublishVolume calls. This field is optional, + and may be empty if no secret is required. If the secret + object contains more than one secret, all secret references + are passed. + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + type: object + readOnly: + description: Specifies a read-only configuration for the + volume. Defaults to false (read/write). + type: boolean + volumeAttributes: + additionalProperties: + type: string + description: VolumeAttributes stores driver-specific properties + that are passed to the CSI driver. Consult your driver's + documentation for supported values. + type: object + required: + - driver + type: object + downwardAPI: + description: DownwardAPI represents downward API about the pod + that should populate this volume + properties: + defaultMode: + description: 'Optional: mode bits to use on created files + by default. Must be a Optional: mode bits used to set + permissions on created files by default. Must be an octal + value between 0000 and 0777 or a decimal value between + 0 and 511. YAML accepts both octal and decimal values, + JSON requires decimal values for mode bits. Defaults to + 0644. Directories within the path are not affected by + this setting. This might be in conflict with other options + that affect the file mode, like fsGroup, and the result + can be other mode bits set.' + format: int32 + type: integer + items: + description: Items is a list of downward API volume file + items: + description: DownwardAPIVolumeFile represents information + to create the file containing the pod field + properties: + fieldRef: + description: 'Required: Selects a field of the pod: + only annotations, labels, name and namespace are + supported.' + properties: + apiVersion: + description: Version of the schema the FieldPath + is written in terms of, defaults to "v1". + type: string + fieldPath: + description: Path of the field to select in the + specified API version. + type: string + required: + - fieldPath + type: object + mode: + description: 'Optional: mode bits used to set permissions + on this file, must be an octal value between 0000 + and 0777 or a decimal value between 0 and 511. YAML + accepts both octal and decimal values, JSON requires + decimal values for mode bits. If not specified, + the volume defaultMode will be used. This might + be in conflict with other options that affect the + file mode, like fsGroup, and the result can be other + mode bits set.' + format: int32 + type: integer + path: + description: 'Required: Path is the relative path + name of the file to be created. Must not be absolute + or contain the ''..'' path. Must be utf-8 encoded. + The first item of the relative path must not start + with ''..''' + type: string + resourceFieldRef: + description: 'Selects a resource of the container: + only resources limits and requests (limits.cpu, + limits.memory, requests.cpu and requests.memory) + are currently supported.' + properties: + containerName: + description: 'Container name: required for volumes, + optional for env vars' + type: string + divisor: + anyOf: + - type: integer + - type: string + description: Specifies the output format of the + exposed resources, defaults to "1" + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + description: 'Required: resource to select' + type: string + required: + - resource + type: object + required: + - path + type: object + type: array + type: object + emptyDir: + description: 'EmptyDir represents a temporary directory that + shares a pod''s lifetime. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' + properties: + medium: + description: 'What type of storage medium should back this + directory. The default is "" which means to use the node''s + default medium. Must be an empty string (default) or Memory. + More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' + type: string + sizeLimit: + anyOf: + - type: integer + - type: string + description: 'Total amount of local storage required for + this EmptyDir volume. The size limit is also applicable + for memory medium. The maximum usage on memory medium + EmptyDir would be the minimum value between the SizeLimit + specified here and the sum of memory limits of all containers + in a pod. The default is nil which means that the limit + is undefined. More info: http://kubernetes.io/docs/user-guide/volumes#emptydir' + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + ephemeral: + description: "Ephemeral represents a volume that is handled + by a cluster storage driver. The volume's lifecycle is tied + to the pod that defines it - it will be created before the + pod starts, and deleted when the pod is removed. \n Use this + if: a) the volume is only needed while the pod runs, b) features + of normal volumes like restoring from snapshot or capacity + \ tracking are needed, c) the storage driver is specified + through a storage class, and d) the storage driver supports + dynamic volume provisioning through a PersistentVolumeClaim + (see EphemeralVolumeSource for more information on the + connection between this volume type and PersistentVolumeClaim). + \n Use PersistentVolumeClaim or one of the vendor-specific + APIs for volumes that persist for longer than the lifecycle + of an individual pod. \n Use CSI for light-weight local ephemeral + volumes if the CSI driver is meant to be used that way - see + the documentation of the driver for more information. \n A + pod can use both types of ephemeral volumes and persistent + volumes at the same time." + properties: + volumeClaimTemplate: + description: "Will be used to create a stand-alone PVC to + provision the volume. The pod in which this EphemeralVolumeSource + is embedded will be the owner of the PVC, i.e. the PVC + will be deleted together with the pod. The name of the + PVC will be `-` where `` is the name from the `PodSpec.Volumes` array entry. + Pod validation will reject the pod if the concatenated + name is not valid for a PVC (for example, too long). \n + An existing PVC with that name that is not owned by the + pod will *not* be used for the pod to avoid using an unrelated + volume by mistake. Starting the pod is then blocked until + the unrelated PVC is removed. If such a pre-created PVC + is meant to be used by the pod, the PVC has to updated + with an owner reference to the pod once the pod exists. + Normally this should not be necessary, but it may be useful + when manually reconstructing a broken cluster. \n This + field is read-only and no changes will be made by Kubernetes + to the PVC after it has been created. \n Required, must + not be nil." + properties: + metadata: + description: May contain labels and annotations that + will be copied into the PVC when creating it. No other + fields are allowed and will be rejected during validation. + properties: + annotations: + additionalProperties: + type: string + type: object + finalizers: + items: + type: string + type: array + labels: + additionalProperties: + type: string + type: object + name: + type: string + namespace: + type: string + type: object + spec: + description: The specification for the PersistentVolumeClaim. + The entire content is copied unchanged into the PVC + that gets created from this template. The same fields + as in a PersistentVolumeClaim are also valid here. + properties: + accessModes: + description: 'AccessModes contains the desired access + modes the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1' + items: + type: string + type: array + dataSource: + description: 'This field can be used to specify + either: * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) + * An existing PVC (PersistentVolumeClaim) If the + provisioner or an external controller can support + the specified data source, it will create a new + volume based on the contents of the specified + data source. If the AnyVolumeDataSource feature + gate is enabled, this field will always have the + same contents as the DataSourceRef field.' + properties: + apiGroup: + description: APIGroup is the group for the resource + being referenced. If APIGroup is not specified, + the specified Kind must be in the core API + group. For any other third-party types, APIGroup + is required. + type: string + kind: + description: Kind is the type of resource being + referenced + type: string + name: + description: Name is the name of resource being + referenced + type: string + required: + - kind + - name + type: object + dataSourceRef: + description: 'Specifies the object from which to + populate the volume with data, if a non-empty + volume is desired. This may be any local object + from a non-empty API group (non core object) or + a PersistentVolumeClaim object. When this field + is specified, volume binding will only succeed + if the type of the specified object matches some + installed volume populator or dynamic provisioner. + This field will replace the functionality of the + DataSource field and as such if both fields are + non-empty, they must have the same value. For + backwards compatibility, both fields (DataSource + and DataSourceRef) will be set to the same value + automatically if one of them is empty and the + other is non-empty. There are two important differences + between DataSource and DataSourceRef: * While + DataSource only allows two specific types of objects, + DataSourceRef allows any non-core object, as + well as PersistentVolumeClaim objects. * While + DataSource ignores disallowed values (dropping + them), DataSourceRef preserves all values, and + generates an error if a disallowed value is specified. + (Alpha) Using this field requires the AnyVolumeDataSource + feature gate to be enabled.' + properties: + apiGroup: + description: APIGroup is the group for the resource + being referenced. If APIGroup is not specified, + the specified Kind must be in the core API + group. For any other third-party types, APIGroup + is required. + type: string + kind: + description: Kind is the type of resource being + referenced + type: string + name: + description: Name is the name of resource being + referenced + type: string + required: + - kind + - name + type: object + resources: + description: 'Resources represents the minimum resources + the volume should have. If RecoverVolumeExpansionFailure + feature is enabled users are allowed to specify + resource requirements that are lower than previous + value but must still be higher than capacity recorded + in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources' + properties: + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum amount + of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum + amount of compute resources required. If Requests + is omitted for a container, it defaults to + Limits if that is explicitly specified, otherwise + to an implementation-defined value. More info: + https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + type: object + selector: + description: A label query over volumes to consider + for binding. + properties: + matchExpressions: + description: matchExpressions is a list of label + selector requirements. The requirements are + ANDed. + items: + description: A label selector requirement + is a selector that contains values, a key, + and an operator that relates the key and + values. + properties: + key: + description: key is the label key that + the selector applies to. + type: string + operator: + description: operator represents a key's + relationship to a set of values. Valid + operators are In, NotIn, Exists and + DoesNotExist. + type: string + values: + description: values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. + If the operator is Exists or DoesNotExist, + the values array must be empty. This + array is replaced during a strategic + merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is + "In", and the values array contains only "value". + The requirements are ANDed. + type: object + type: object + storageClassName: + description: 'Name of the StorageClass required + by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1' + type: string + volumeMode: + description: volumeMode defines what type of volume + is required by the claim. Value of Filesystem + is implied when not included in claim spec. + type: string + volumeName: + description: VolumeName is the binding reference + to the PersistentVolume backing this claim. + type: string + type: object + required: + - spec + type: object + type: object + fc: + description: FC represents a Fibre Channel resource that is + attached to a kubelet's host machine and then exposed to the + pod. + properties: + fsType: + description: 'Filesystem type to mount. Must be a filesystem + type supported by the host operating system. Ex. "ext4", + "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. + TODO: how do we prevent errors in the filesystem from + compromising the machine' + type: string + lun: + description: 'Optional: FC target lun number' + format: int32 + type: integer + readOnly: + description: 'Optional: Defaults to false (read/write). + ReadOnly here will force the ReadOnly setting in VolumeMounts.' + type: boolean + targetWWNs: + description: 'Optional: FC target worldwide names (WWNs)' + items: + type: string + type: array + wwids: + description: 'Optional: FC volume world wide identifiers + (wwids) Either wwids or combination of targetWWNs and + lun must be set, but not both simultaneously.' + items: + type: string + type: array + type: object + flexVolume: + description: FlexVolume represents a generic volume resource + that is provisioned/attached using an exec based plugin. + properties: + driver: + description: Driver is the name of the driver to use for + this volume. + type: string + fsType: + description: Filesystem type to mount. Must be a filesystem + type supported by the host operating system. Ex. "ext4", + "xfs", "ntfs". The default filesystem depends on FlexVolume + script. + type: string + options: + additionalProperties: + type: string + description: 'Optional: Extra command options if any.' + type: object + readOnly: + description: 'Optional: Defaults to false (read/write). + ReadOnly here will force the ReadOnly setting in VolumeMounts.' + type: boolean + secretRef: + description: 'Optional: SecretRef is reference to the secret + object containing sensitive information to pass to the + plugin scripts. This may be empty if no secret object + is specified. If the secret object contains more than + one secret, all secrets are passed to the plugin scripts.' + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + type: object + required: + - driver + type: object + flocker: + description: Flocker represents a Flocker volume attached to + a kubelet's host machine. This depends on the Flocker control + service being running + properties: + datasetName: + description: Name of the dataset stored as metadata -> name + on the dataset for Flocker should be considered as deprecated + type: string + datasetUUID: + description: UUID of the dataset. This is unique identifier + of a Flocker dataset + type: string + type: object + gcePersistentDisk: + description: 'GCEPersistentDisk represents a GCE Disk resource + that is attached to a kubelet''s host machine and then exposed + to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' + properties: + fsType: + description: 'Filesystem type of the volume that you want + to mount. Tip: Ensure that the filesystem type is supported + by the host operating system. Examples: "ext4", "xfs", + "ntfs". Implicitly inferred to be "ext4" if unspecified. + More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk + TODO: how do we prevent errors in the filesystem from + compromising the machine' + type: string + partition: + description: 'The partition in the volume that you want + to mount. If omitted, the default is to mount by volume + name. Examples: For volume /dev/sda1, you specify the + partition as "1". Similarly, the volume partition for + /dev/sda is "0" (or you can leave the property empty). + More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' + format: int32 + type: integer + pdName: + description: 'Unique name of the PD resource in GCE. Used + to identify the disk in GCE. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' + type: string + readOnly: + description: 'ReadOnly here will force the ReadOnly setting + in VolumeMounts. Defaults to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' + type: boolean + required: + - pdName + type: object + gitRepo: + description: 'GitRepo represents a git repository at a particular + revision. DEPRECATED: GitRepo is deprecated. To provision + a container with a git repo, mount an EmptyDir into an InitContainer + that clones the repo using git, then mount the EmptyDir into + the Pod''s container.' + properties: + directory: + description: Target directory name. Must not contain or + start with '..'. If '.' is supplied, the volume directory + will be the git repository. Otherwise, if specified, + the volume will contain the git repository in the subdirectory + with the given name. + type: string + repository: + description: Repository URL + type: string + revision: + description: Commit hash for the specified revision. + type: string + required: + - repository + type: object + glusterfs: + description: 'Glusterfs represents a Glusterfs mount on the + host that shares a pod''s lifetime. More info: https://examples.k8s.io/volumes/glusterfs/README.md' + properties: + endpoints: + description: 'EndpointsName is the endpoint name that details + Glusterfs topology. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' + type: string + path: + description: 'Path is the Glusterfs volume path. More info: + https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' + type: string + readOnly: + description: 'ReadOnly here will force the Glusterfs volume + to be mounted with read-only permissions. Defaults to + false. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' + type: boolean + required: + - endpoints + - path + type: object + hostPath: + description: 'HostPath represents a pre-existing file or directory + on the host machine that is directly exposed to the container. + This is generally used for system agents or other privileged + things that are allowed to see the host machine. Most containers + will NOT need this. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath + --- TODO(jonesdl) We need to restrict who can use host directory + mounts and who can/can not mount host directories as read/write.' + properties: + path: + description: 'Path of the directory on the host. If the + path is a symlink, it will follow the link to the real + path. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath' + type: string + type: + description: 'Type for HostPath Volume Defaults to "" More + info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath' + type: string + required: + - path + type: object + iscsi: + description: 'ISCSI represents an ISCSI Disk resource that is + attached to a kubelet''s host machine and then exposed to + the pod. More info: https://examples.k8s.io/volumes/iscsi/README.md' + properties: + chapAuthDiscovery: + description: whether support iSCSI Discovery CHAP authentication + type: boolean + chapAuthSession: + description: whether support iSCSI Session CHAP authentication + type: boolean + fsType: + description: 'Filesystem type of the volume that you want + to mount. Tip: Ensure that the filesystem type is supported + by the host operating system. Examples: "ext4", "xfs", + "ntfs". Implicitly inferred to be "ext4" if unspecified. + More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi + TODO: how do we prevent errors in the filesystem from + compromising the machine' + type: string + initiatorName: + description: Custom iSCSI Initiator Name. If initiatorName + is specified with iscsiInterface simultaneously, new iSCSI + interface : will be created + for the connection. + type: string + iqn: + description: Target iSCSI Qualified Name. + type: string + iscsiInterface: + description: iSCSI Interface Name that uses an iSCSI transport. + Defaults to 'default' (tcp). + type: string + lun: + description: iSCSI Target Lun number. + format: int32 + type: integer + portals: + description: iSCSI Target Portal List. The portal is either + an IP or ip_addr:port if the port is other than default + (typically TCP ports 860 and 3260). + items: + type: string + type: array + readOnly: + description: ReadOnly here will force the ReadOnly setting + in VolumeMounts. Defaults to false. + type: boolean + secretRef: + description: CHAP Secret for iSCSI target and initiator + authentication + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + type: object + targetPortal: + description: iSCSI Target Portal. The Portal is either an + IP or ip_addr:port if the port is other than default (typically + TCP ports 860 and 3260). + type: string + required: + - iqn + - lun + - targetPortal + type: object + name: + description: 'Volume''s name. Must be a DNS_LABEL and unique + within the pod. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + nfs: + description: 'NFS represents an NFS mount on the host that shares + a pod''s lifetime More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' + properties: + path: + description: 'Path that is exported by the NFS server. More + info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' + type: string + readOnly: + description: 'ReadOnly here will force the NFS export to + be mounted with read-only permissions. Defaults to false. + More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' + type: boolean + server: + description: 'Server is the hostname or IP address of the + NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' + type: string + required: + - path + - server + type: object + persistentVolumeClaim: + description: 'PersistentVolumeClaimVolumeSource represents a + reference to a PersistentVolumeClaim in the same namespace. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' + properties: + claimName: + description: 'ClaimName is the name of a PersistentVolumeClaim + in the same namespace as the pod using this volume. More + info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' + type: string + readOnly: + description: Will force the ReadOnly setting in VolumeMounts. + Default false. + type: boolean + required: + - claimName + type: object + photonPersistentDisk: + description: PhotonPersistentDisk represents a PhotonController + persistent disk attached and mounted on kubelets host machine + properties: + fsType: + description: Filesystem type to mount. Must be a filesystem + type supported by the host operating system. Ex. "ext4", + "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. + type: string + pdID: + description: ID that identifies Photon Controller persistent + disk + type: string + required: + - pdID + type: object + portworxVolume: + description: PortworxVolume represents a portworx volume attached + and mounted on kubelets host machine + properties: + fsType: + description: FSType represents the filesystem type to mount + Must be a filesystem type supported by the host operating + system. Ex. "ext4", "xfs". Implicitly inferred to be "ext4" + if unspecified. + type: string + readOnly: + description: Defaults to false (read/write). ReadOnly here + will force the ReadOnly setting in VolumeMounts. + type: boolean + volumeID: + description: VolumeID uniquely identifies a Portworx volume + type: string + required: + - volumeID + type: object + projected: + description: Items for all in one resources secrets, configmaps, + and downward API + properties: + defaultMode: + description: Mode bits used to set permissions on created + files by default. Must be an octal value between 0000 + and 0777 or a decimal value between 0 and 511. YAML accepts + both octal and decimal values, JSON requires decimal values + for mode bits. Directories within the path are not affected + by this setting. This might be in conflict with other + options that affect the file mode, like fsGroup, and the + result can be other mode bits set. + format: int32 + type: integer + sources: + description: list of volume projections + items: + description: Projection that may be projected along with + other supported volume types + properties: + configMap: + description: information about the configMap data + to project + properties: + items: + description: If unspecified, each key-value pair + in the Data field of the referenced ConfigMap + will be projected into the volume as a file + whose name is the key and content is the value. + If specified, the listed keys will be projected + into the specified paths, and unlisted keys + will not be present. If a key is specified which + is not present in the ConfigMap, the volume + setup will error unless it is marked optional. + Paths must be relative and may not contain the + '..' path or start with '..'. + items: + description: Maps a string key to a path within + a volume. + properties: + key: + description: The key to project. + type: string + mode: + description: 'Optional: mode bits used to + set permissions on this file. Must be + an octal value between 0000 and 0777 or + a decimal value between 0 and 511. YAML + accepts both octal and decimal values, + JSON requires decimal values for mode + bits. If not specified, the volume defaultMode + will be used. This might be in conflict + with other options that affect the file + mode, like fsGroup, and the result can + be other mode bits set.' + format: int32 + type: integer + path: + description: The relative path of the file + to map the key to. May not be an absolute + path. May not contain the path element + '..'. May not start with the string '..'. + type: string + required: + - key + - path + type: object + type: array + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether the ConfigMap or + its keys must be defined + type: boolean + type: object + downwardAPI: + description: information about the downwardAPI data + to project + properties: + items: + description: Items is a list of DownwardAPIVolume + file + items: + description: DownwardAPIVolumeFile represents + information to create the file containing + the pod field + properties: + fieldRef: + description: 'Required: Selects a field + of the pod: only annotations, labels, + name and namespace are supported.' + properties: + apiVersion: + description: Version of the schema the + FieldPath is written in terms of, + defaults to "v1". + type: string + fieldPath: + description: Path of the field to select + in the specified API version. + type: string + required: + - fieldPath + type: object + mode: + description: 'Optional: mode bits used to + set permissions on this file, must be + an octal value between 0000 and 0777 or + a decimal value between 0 and 511. YAML + accepts both octal and decimal values, + JSON requires decimal values for mode + bits. If not specified, the volume defaultMode + will be used. This might be in conflict + with other options that affect the file + mode, like fsGroup, and the result can + be other mode bits set.' + format: int32 + type: integer + path: + description: 'Required: Path is the relative + path name of the file to be created. Must + not be absolute or contain the ''..'' + path. Must be utf-8 encoded. The first + item of the relative path must not start + with ''..''' + type: string + resourceFieldRef: + description: 'Selects a resource of the + container: only resources limits and requests + (limits.cpu, limits.memory, requests.cpu + and requests.memory) are currently supported.' + properties: + containerName: + description: 'Container name: required + for volumes, optional for env vars' + type: string + divisor: + anyOf: + - type: integer + - type: string + description: Specifies the output format + of the exposed resources, defaults + to "1" + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + description: 'Required: resource to + select' + type: string + required: + - resource + type: object + required: + - path + type: object + type: array + type: object + secret: + description: information about the secret data to + project + properties: + items: + description: If unspecified, each key-value pair + in the Data field of the referenced Secret will + be projected into the volume as a file whose + name is the key and content is the value. If + specified, the listed keys will be projected + into the specified paths, and unlisted keys + will not be present. If a key is specified which + is not present in the Secret, the volume setup + will error unless it is marked optional. Paths + must be relative and may not contain the '..' + path or start with '..'. + items: + description: Maps a string key to a path within + a volume. + properties: + key: + description: The key to project. + type: string + mode: + description: 'Optional: mode bits used to + set permissions on this file. Must be + an octal value between 0000 and 0777 or + a decimal value between 0 and 511. YAML + accepts both octal and decimal values, + JSON requires decimal values for mode + bits. If not specified, the volume defaultMode + will be used. This might be in conflict + with other options that affect the file + mode, like fsGroup, and the result can + be other mode bits set.' + format: int32 + type: integer + path: + description: The relative path of the file + to map the key to. May not be an absolute + path. May not contain the path element + '..'. May not start with the string '..'. + type: string + required: + - key + - path + type: object + type: array + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether the Secret or its + key must be defined + type: boolean + type: object + serviceAccountToken: + description: information about the serviceAccountToken + data to project + properties: + audience: + description: Audience is the intended audience + of the token. A recipient of a token must identify + itself with an identifier specified in the audience + of the token, and otherwise should reject the + token. The audience defaults to the identifier + of the apiserver. + type: string + expirationSeconds: + description: ExpirationSeconds is the requested + duration of validity of the service account + token. As the token approaches expiration, the + kubelet volume plugin will proactively rotate + the service account token. The kubelet will + start trying to rotate the token if the token + is older than 80 percent of its time to live + or if the token is older than 24 hours.Defaults + to 1 hour and must be at least 10 minutes. + format: int64 + type: integer + path: + description: Path is the path relative to the + mount point of the file to project the token + into. + type: string + required: + - path + type: object + type: object + type: array + type: object + quobyte: + description: Quobyte represents a Quobyte mount on the host + that shares a pod's lifetime + properties: + group: + description: Group to map volume access to Default is no + group + type: string + readOnly: + description: ReadOnly here will force the Quobyte volume + to be mounted with read-only permissions. Defaults to + false. + type: boolean + registry: + description: Registry represents a single or multiple Quobyte + Registry services specified as a string as host:port pair + (multiple entries are separated with commas) which acts + as the central registry for volumes + type: string + tenant: + description: Tenant owning the given Quobyte volume in the + Backend Used with dynamically provisioned Quobyte volumes, + value is set by the plugin + type: string + user: + description: User to map volume access to Defaults to serivceaccount + user + type: string + volume: + description: Volume is a string that references an already + created Quobyte volume by name. + type: string + required: + - registry + - volume + type: object + rbd: + description: 'RBD represents a Rados Block Device mount on the + host that shares a pod''s lifetime. More info: https://examples.k8s.io/volumes/rbd/README.md' + properties: + fsType: + description: 'Filesystem type of the volume that you want + to mount. Tip: Ensure that the filesystem type is supported + by the host operating system. Examples: "ext4", "xfs", + "ntfs". Implicitly inferred to be "ext4" if unspecified. + More info: https://kubernetes.io/docs/concepts/storage/volumes#rbd + TODO: how do we prevent errors in the filesystem from + compromising the machine' + type: string + image: + description: 'The rados image name. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' + type: string + keyring: + description: 'Keyring is the path to key ring for RBDUser. + Default is /etc/ceph/keyring. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' + type: string + monitors: + description: 'A collection of Ceph monitors. More info: + https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' + items: + type: string + type: array + pool: + description: 'The rados pool name. Default is rbd. More + info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' + type: string + readOnly: + description: 'ReadOnly here will force the ReadOnly setting + in VolumeMounts. Defaults to false. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' + type: boolean + secretRef: + description: 'SecretRef is name of the authentication secret + for RBDUser. If provided overrides keyring. Default is + nil. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + type: object + user: + description: 'The rados user name. Default is admin. More + info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' + type: string + required: + - image + - monitors + type: object + scaleIO: + description: ScaleIO represents a ScaleIO persistent volume + attached and mounted on Kubernetes nodes. + properties: + fsType: + description: Filesystem type to mount. Must be a filesystem + type supported by the host operating system. Ex. "ext4", + "xfs", "ntfs". Default is "xfs". + type: string + gateway: + description: The host address of the ScaleIO API Gateway. + type: string + protectionDomain: + description: The name of the ScaleIO Protection Domain for + the configured storage. + type: string + readOnly: + description: Defaults to false (read/write). ReadOnly here + will force the ReadOnly setting in VolumeMounts. + type: boolean + secretRef: + description: SecretRef references to the secret for ScaleIO + user and other sensitive information. If this is not provided, + Login operation will fail. + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + type: object + sslEnabled: + description: Flag to enable/disable SSL communication with + Gateway, default false + type: boolean + storageMode: + description: Indicates whether the storage for a volume + should be ThickProvisioned or ThinProvisioned. Default + is ThinProvisioned. + type: string + storagePool: + description: The ScaleIO Storage Pool associated with the + protection domain. + type: string + system: + description: The name of the storage system as configured + in ScaleIO. + type: string + volumeName: + description: The name of a volume already created in the + ScaleIO system that is associated with this volume source. + type: string + required: + - gateway + - secretRef + - system + type: object + secret: + description: 'Secret represents a secret that should populate + this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' + properties: + defaultMode: + description: 'Optional: mode bits used to set permissions + on created files by default. Must be an octal value between + 0000 and 0777 or a decimal value between 0 and 511. YAML + accepts both octal and decimal values, JSON requires decimal + values for mode bits. Defaults to 0644. Directories within + the path are not affected by this setting. This might + be in conflict with other options that affect the file + mode, like fsGroup, and the result can be other mode bits + set.' + format: int32 + type: integer + items: + description: If unspecified, each key-value pair in the + Data field of the referenced Secret will be projected + into the volume as a file whose name is the key and content + is the value. If specified, the listed keys will be projected + into the specified paths, and unlisted keys will not be + present. If a key is specified which is not present in + the Secret, the volume setup will error unless it is marked + optional. Paths must be relative and may not contain the + '..' path or start with '..'. + items: + description: Maps a string key to a path within a volume. + properties: + key: + description: The key to project. + type: string + mode: + description: 'Optional: mode bits used to set permissions + on this file. Must be an octal value between 0000 + and 0777 or a decimal value between 0 and 511. YAML + accepts both octal and decimal values, JSON requires + decimal values for mode bits. If not specified, + the volume defaultMode will be used. This might + be in conflict with other options that affect the + file mode, like fsGroup, and the result can be other + mode bits set.' + format: int32 + type: integer + path: + description: The relative path of the file to map + the key to. May not be an absolute path. May not + contain the path element '..'. May not start with + the string '..'. + type: string + required: + - key + - path + type: object + type: array + optional: + description: Specify whether the Secret or its keys must + be defined + type: boolean + secretName: + description: 'Name of the secret in the pod''s namespace + to use. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' + type: string + type: object + storageos: + description: StorageOS represents a StorageOS volume attached + and mounted on Kubernetes nodes. + properties: + fsType: + description: Filesystem type to mount. Must be a filesystem + type supported by the host operating system. Ex. "ext4", + "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. + type: string + readOnly: + description: Defaults to false (read/write). ReadOnly here + will force the ReadOnly setting in VolumeMounts. + type: boolean + secretRef: + description: SecretRef specifies the secret to use for obtaining + the StorageOS API credentials. If not specified, default + values will be attempted. + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + type: object + volumeName: + description: VolumeName is the human-readable name of the + StorageOS volume. Volume names are only unique within + a namespace. + type: string + volumeNamespace: + description: VolumeNamespace specifies the scope of the + volume within StorageOS. If no namespace is specified + then the Pod's namespace will be used. This allows the + Kubernetes name scoping to be mirrored within StorageOS + for tighter integration. Set VolumeName to any name to + override the default behaviour. Set to "default" if you + are not using namespaces within StorageOS. Namespaces + that do not pre-exist within StorageOS will be created. + type: string + type: object + vsphereVolume: + description: VsphereVolume represents a vSphere volume attached + and mounted on kubelets host machine + properties: + fsType: + description: Filesystem type to mount. Must be a filesystem + type supported by the host operating system. Ex. "ext4", + "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. + type: string + storagePolicyID: + description: Storage Policy Based Management (SPBM) profile + ID associated with the StoragePolicyName. + type: string + storagePolicyName: + description: Storage Policy Based Management (SPBM) profile + name. + type: string + volumePath: + description: Path that identifies vSphere volume vmdk + type: string + required: + - volumePath + type: object + required: + - name + type: object + type: array + workDir: + type: string + type: object + status: + description: RunnerStatus defines the observed state of Runner + properties: + lastRegistrationCheckTime: + format: date-time + nullable: true + type: string + message: + type: string + phase: + type: string + reason: + type: string + registration: + description: RunnerStatusRegistration contains runner registration + status + properties: + enterprise: + type: string + expiresAt: + format: date-time + type: string + labels: + items: + type: string + type: array + organization: + type: string + repository: + type: string + token: + type: string + required: + - expiresAt + - token + type: object + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.7.0 + creationTimestamp: null + name: runnersets.actions.summerwind.dev +spec: + group: actions.summerwind.dev + names: + kind: RunnerSet + listKind: RunnerSetList + plural: runnersets + singular: runnerset + preserveUnknownFields: false + scope: Namespaced + versions: + - additionalPrinterColumns: + - jsonPath: .spec.replicas + name: Desired + type: number + - jsonPath: .status.replicas + name: Current + type: number + - jsonPath: .status.updatedReplicas + name: Up-To-Date + type: number + - jsonPath: .status.availableReplicas + name: Available + type: number + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1alpha1 + schema: + openAPIV3Schema: + description: RunnerSet is the Schema for the runnersets API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: RunnerSetSpec defines the desired state of RunnerSet + properties: + dockerEnabled: + type: boolean + dockerMTU: + format: int64 + type: integer + dockerRegistryMirror: + type: string + dockerdWithinRunnerContainer: + type: boolean + effectiveTime: + description: EffectiveTime is the time the upstream controller requested + to sync Replicas. It is usually populated by the webhook-based autoscaler + via HRA. It is used to prevent ephemeral runners from unnecessarily + recreated. + format: date-time + nullable: true + type: string + enterprise: + pattern: ^[^/]+$ + type: string + ephemeral: + type: boolean + group: + type: string + image: + type: string + labels: + items: + type: string + type: array + minReadySeconds: + description: Minimum number of seconds for which a newly created pod + should be ready without any of its container crashing for it to + be considered available. Defaults to 0 (pod will be considered available + as soon as it is ready) This is an alpha field and requires enabling + StatefulSetMinReadySeconds feature gate. + format: int32 + type: integer + organization: + pattern: ^[^/]+$ + type: string + persistentVolumeClaimRetentionPolicy: + description: persistentVolumeClaimRetentionPolicy describes the lifecycle + of persistent volume claims created from volumeClaimTemplates. By + default, all persistent volume claims are created as needed and + retained until manually deleted. This policy allows the lifecycle + to be altered, for example by deleting persistent volume claims + when their stateful set is deleted, or when their pod is scaled + down. This requires the StatefulSetAutoDeletePVC feature gate to + be enabled, which is alpha. +optional + properties: + whenDeleted: + description: WhenDeleted specifies what happens to PVCs created + from StatefulSet VolumeClaimTemplates when the StatefulSet is + deleted. The default policy of `Retain` causes PVCs to not be + affected by StatefulSet deletion. The `Delete` policy causes + those PVCs to be deleted. + type: string + whenScaled: + description: WhenScaled specifies what happens to PVCs created + from StatefulSet VolumeClaimTemplates when the StatefulSet is + scaled down. The default policy of `Retain` causes PVCs to not + be affected by a scaledown. The `Delete` policy causes the associated + PVCs for any excess pods above the replica count to be deleted. + type: string + type: object + podManagementPolicy: + description: podManagementPolicy controls how pods are created during + initial scale up, when replacing pods on nodes, or when scaling + down. The default policy is `OrderedReady`, where pods are created + in increasing order (pod-0, then pod-1, etc) and the controller + will wait until each pod is ready before continuing. When scaling + down, the pods are removed in the opposite order. The alternative + policy is `Parallel` which will create pods in parallel to match + the desired scale without waiting, and on scale down will delete + all pods at once. + type: string + replicas: + description: 'replicas is the desired number of replicas of the given + Template. These are replicas in the sense that they are instantiations + of the same Template, but individual replicas also have a consistent + identity. If unspecified, defaults to 1. TODO: Consider a rename + of this field.' + format: int32 + type: integer + repository: + pattern: ^[^/]+/[^/]+$ + type: string + revisionHistoryLimit: + description: revisionHistoryLimit is the maximum number of revisions + that will be maintained in the StatefulSet's revision history. The + revision history consists of all revisions not represented by a + currently applied StatefulSetSpec version. The default value is + 10. + format: int32 + type: integer + selector: + description: 'selector is a label query over pods that should match + the replica count. It must match the pod template''s labels. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#label-selectors' + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. + The requirements are ANDed. + items: + description: A label selector requirement is a selector that + contains values, a key, and an operator that relates the key + and values. + properties: + key: + description: key is the label key that the selector applies + to. + type: string + operator: + description: operator represents a key's relationship to + a set of values. Valid operators are In, NotIn, Exists + and DoesNotExist. + type: string + values: + description: values is an array of string values. If the + operator is In or NotIn, the values array must be non-empty. + If the operator is Exists or DoesNotExist, the values + array must be empty. This array is replaced during a strategic + merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} pairs. A single + {key,value} in the matchLabels map is equivalent to an element + of matchExpressions, whose key field is "key", the operator + is "In", and the values array contains only "value". The requirements + are ANDed. + type: object + type: object + serviceName: + description: 'serviceName is the name of the service that governs + this StatefulSet. This service must exist before the StatefulSet, + and is responsible for the network identity of the set. Pods get + DNS/hostnames that follow the pattern: pod-specific-string.serviceName.default.svc.cluster.local + where "pod-specific-string" is managed by the StatefulSet controller.' + type: string + template: + description: template is the object that describes the pod that will + be created if insufficient replicas are detected. Each pod stamped + out by the StatefulSet will fulfill this Template, but have a unique + identity from the rest of the StatefulSet. + properties: + metadata: + description: 'Standard object''s metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata' + properties: + annotations: + additionalProperties: + type: string + type: object + finalizers: + items: + type: string + type: array + labels: + additionalProperties: + type: string + type: object + name: + type: string + namespace: + type: string + type: object + spec: + description: 'Specification of the desired behavior of the pod. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status' + properties: + activeDeadlineSeconds: + description: Optional duration in seconds the pod may be active + on the node relative to StartTime before the system will + actively try to mark it failed and kill associated containers. + Value must be a positive integer. + format: int64 + type: integer + affinity: + description: If specified, the pod's scheduling constraints + properties: + nodeAffinity: + description: Describes node affinity scheduling rules + for the pod. + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule + pods to nodes that satisfy the affinity expressions + specified by this field, but it may choose a node + that violates one or more of the expressions. The + node that is most preferred is the one with the + greatest sum of weights, i.e. for each node that + meets all of the scheduling requirements (resource + request, requiredDuringScheduling affinity expressions, + etc.), compute a sum by iterating through the elements + of this field and adding "weight" to the sum if + the node matches the corresponding matchExpressions; + the node(s) with the highest sum are the most preferred. + items: + description: An empty preferred scheduling term + matches all objects with implicit weight 0 (i.e. + it's a no-op). A null preferred scheduling term + matches no objects (i.e. is also a no-op). + properties: + preference: + description: A node selector term, associated + with the corresponding weight. + properties: + matchExpressions: + description: A list of node selector requirements + by node's labels. + items: + description: A node selector requirement + is a selector that contains values, + a key, and an operator that relates + the key and values. + properties: + key: + description: The label key that the + selector applies to. + type: string + operator: + description: Represents a key's relationship + to a set of values. Valid operators + are In, NotIn, Exists, DoesNotExist. + Gt, and Lt. + type: string + values: + description: An array of string values. + If the operator is In or NotIn, + the values array must be non-empty. + If the operator is Exists or DoesNotExist, + the values array must be empty. + If the operator is Gt or Lt, the + values array must have a single + element, which will be interpreted + as an integer. This array is replaced + during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchFields: + description: A list of node selector requirements + by node's fields. + items: + description: A node selector requirement + is a selector that contains values, + a key, and an operator that relates + the key and values. + properties: + key: + description: The label key that the + selector applies to. + type: string + operator: + description: Represents a key's relationship + to a set of values. Valid operators + are In, NotIn, Exists, DoesNotExist. + Gt, and Lt. + type: string + values: + description: An array of string values. + If the operator is In or NotIn, + the values array must be non-empty. + If the operator is Exists or DoesNotExist, + the values array must be empty. + If the operator is Gt or Lt, the + values array must have a single + element, which will be interpreted + as an integer. This array is replaced + during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + type: object + weight: + description: Weight associated with matching + the corresponding nodeSelectorTerm, in the + range 1-100. + format: int32 + type: integer + required: + - preference + - weight + type: object + type: array + requiredDuringSchedulingIgnoredDuringExecution: + description: If the affinity requirements specified + by this field are not met at scheduling time, the + pod will not be scheduled onto the node. If the + affinity requirements specified by this field cease + to be met at some point during pod execution (e.g. + due to an update), the system may or may not try + to eventually evict the pod from its node. + properties: + nodeSelectorTerms: + description: Required. A list of node selector + terms. The terms are ORed. + items: + description: A null or empty node selector term + matches no objects. The requirements of them + are ANDed. The TopologySelectorTerm type implements + a subset of the NodeSelectorTerm. + properties: + matchExpressions: + description: A list of node selector requirements + by node's labels. + items: + description: A node selector requirement + is a selector that contains values, + a key, and an operator that relates + the key and values. + properties: + key: + description: The label key that the + selector applies to. + type: string + operator: + description: Represents a key's relationship + to a set of values. Valid operators + are In, NotIn, Exists, DoesNotExist. + Gt, and Lt. + type: string + values: + description: An array of string values. + If the operator is In or NotIn, + the values array must be non-empty. + If the operator is Exists or DoesNotExist, + the values array must be empty. + If the operator is Gt or Lt, the + values array must have a single + element, which will be interpreted + as an integer. This array is replaced + during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchFields: + description: A list of node selector requirements + by node's fields. + items: + description: A node selector requirement + is a selector that contains values, + a key, and an operator that relates + the key and values. + properties: + key: + description: The label key that the + selector applies to. + type: string + operator: + description: Represents a key's relationship + to a set of values. Valid operators + are In, NotIn, Exists, DoesNotExist. + Gt, and Lt. + type: string + values: + description: An array of string values. + If the operator is In or NotIn, + the values array must be non-empty. + If the operator is Exists or DoesNotExist, + the values array must be empty. + If the operator is Gt or Lt, the + values array must have a single + element, which will be interpreted + as an integer. This array is replaced + during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + type: object + type: array + required: + - nodeSelectorTerms + type: object + type: object + podAffinity: + description: Describes pod affinity scheduling rules (e.g. + co-locate this pod in the same node, zone, etc. as some + other pod(s)). + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule + pods to nodes that satisfy the affinity expressions + specified by this field, but it may choose a node + that violates one or more of the expressions. The + node that is most preferred is the one with the + greatest sum of weights, i.e. for each node that + meets all of the scheduling requirements (resource + request, requiredDuringScheduling affinity expressions, + etc.), compute a sum by iterating through the elements + of this field and adding "weight" to the sum if + the node has pods which matches the corresponding + podAffinityTerm; the node(s) with the highest sum + are the most preferred. + items: + description: The weights of all of the matched WeightedPodAffinityTerm + fields are added per-node to find the most preferred + node(s) + properties: + podAffinityTerm: + description: Required. A pod affinity term, + associated with the corresponding weight. + properties: + labelSelector: + description: A label query over a set of + resources, in this case pods. + properties: + matchExpressions: + description: matchExpressions is a list + of label selector requirements. The + requirements are ANDed. + items: + description: A label selector requirement + is a selector that contains values, + a key, and an operator that relates + the key and values. + properties: + key: + description: key is the label + key that the selector applies + to. + type: string + operator: + description: operator represents + a key's relationship to a set + of values. Valid operators are + In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array + of string values. If the operator + is In or NotIn, the values array + must be non-empty. If the operator + is Exists or DoesNotExist, the + values array must be empty. + This array is replaced during + a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of + {key,value} pairs. A single {key,value} + in the matchLabels map is equivalent + to an element of matchExpressions, + whose key field is "key", the operator + is "In", and the values array contains + only "value". The requirements are + ANDed. + type: object + type: object + namespaceSelector: + description: A label query over the set + of namespaces that the term applies to. + The term is applied to the union of the + namespaces selected by this field and + the ones listed in the namespaces field. + null selector and null or empty namespaces + list means "this pod's namespace". An + empty selector ({}) matches all namespaces. + This field is beta-level and is only honored + when PodAffinityNamespaceSelector feature + is enabled. + properties: + matchExpressions: + description: matchExpressions is a list + of label selector requirements. The + requirements are ANDed. + items: + description: A label selector requirement + is a selector that contains values, + a key, and an operator that relates + the key and values. + properties: + key: + description: key is the label + key that the selector applies + to. + type: string + operator: + description: operator represents + a key's relationship to a set + of values. Valid operators are + In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array + of string values. If the operator + is In or NotIn, the values array + must be non-empty. If the operator + is Exists or DoesNotExist, the + values array must be empty. + This array is replaced during + a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of + {key,value} pairs. A single {key,value} + in the matchLabels map is equivalent + to an element of matchExpressions, + whose key field is "key", the operator + is "In", and the values array contains + only "value". The requirements are + ANDed. + type: object + type: object + namespaces: + description: namespaces specifies a static + list of namespace names that the term + applies to. The term is applied to the + union of the namespaces listed in this + field and the ones selected by namespaceSelector. + null or empty namespaces list and null + namespaceSelector means "this pod's namespace" + items: + type: string + type: array + topologyKey: + description: This pod should be co-located + (affinity) or not co-located (anti-affinity) + with the pods matching the labelSelector + in the specified namespaces, where co-located + is defined as running on a node whose + value of the label with key topologyKey + matches that of any node on which any + of the selected pods is running. Empty + topologyKey is not allowed. + type: string + required: + - topologyKey + type: object + weight: + description: weight associated with matching + the corresponding podAffinityTerm, in the + range 1-100. + format: int32 + type: integer + required: + - podAffinityTerm + - weight + type: object + type: array + requiredDuringSchedulingIgnoredDuringExecution: + description: If the affinity requirements specified + by this field are not met at scheduling time, the + pod will not be scheduled onto the node. If the + affinity requirements specified by this field cease + to be met at some point during pod execution (e.g. + due to a pod label update), the system may or may + not try to eventually evict the pod from its node. + When there are multiple elements, the lists of nodes + corresponding to each podAffinityTerm are intersected, + i.e. all terms must be satisfied. + items: + description: Defines a set of pods (namely those + matching the labelSelector relative to the given + namespace(s)) that this pod should be co-located + (affinity) or not co-located (anti-affinity) with, + where co-located is defined as running on a node + whose value of the label with key + matches that of any node on which a pod of the + set of pods is running + properties: + labelSelector: + description: A label query over a set of resources, + in this case pods. + properties: + matchExpressions: + description: matchExpressions is a list + of label selector requirements. The requirements + are ANDed. + items: + description: A label selector requirement + is a selector that contains values, + a key, and an operator that relates + the key and values. + properties: + key: + description: key is the label key + that the selector applies to. + type: string + operator: + description: operator represents a + key's relationship to a set of values. + Valid operators are In, NotIn, Exists + and DoesNotExist. + type: string + values: + description: values is an array of + string values. If the operator is + In or NotIn, the values array must + be non-empty. If the operator is + Exists or DoesNotExist, the values + array must be empty. This array + is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator + is "In", and the values array contains + only "value". The requirements are ANDed. + type: object + type: object + namespaceSelector: + description: A label query over the set of namespaces + that the term applies to. The term is applied + to the union of the namespaces selected by + this field and the ones listed in the namespaces + field. null selector and null or empty namespaces + list means "this pod's namespace". An empty + selector ({}) matches all namespaces. This + field is beta-level and is only honored when + PodAffinityNamespaceSelector feature is enabled. + properties: + matchExpressions: + description: matchExpressions is a list + of label selector requirements. The requirements + are ANDed. + items: + description: A label selector requirement + is a selector that contains values, + a key, and an operator that relates + the key and values. + properties: + key: + description: key is the label key + that the selector applies to. + type: string + operator: + description: operator represents a + key's relationship to a set of values. + Valid operators are In, NotIn, Exists + and DoesNotExist. + type: string + values: + description: values is an array of + string values. If the operator is + In or NotIn, the values array must + be non-empty. If the operator is + Exists or DoesNotExist, the values + array must be empty. This array + is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator + is "In", and the values array contains + only "value". The requirements are ANDed. + type: object + type: object + namespaces: + description: namespaces specifies a static list + of namespace names that the term applies to. + The term is applied to the union of the namespaces + listed in this field and the ones selected + by namespaceSelector. null or empty namespaces + list and null namespaceSelector means "this + pod's namespace" + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) + or not co-located (anti-affinity) with the + pods matching the labelSelector in the specified + namespaces, where co-located is defined as + running on a node whose value of the label + with key topologyKey matches that of any node + on which any of the selected pods is running. + Empty topologyKey is not allowed. + type: string + required: + - topologyKey + type: object + type: array + type: object + podAntiAffinity: + description: Describes pod anti-affinity scheduling rules + (e.g. avoid putting this pod in the same node, zone, + etc. as some other pod(s)). + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule + pods to nodes that satisfy the anti-affinity expressions + specified by this field, but it may choose a node + that violates one or more of the expressions. The + node that is most preferred is the one with the + greatest sum of weights, i.e. for each node that + meets all of the scheduling requirements (resource + request, requiredDuringScheduling anti-affinity + expressions, etc.), compute a sum by iterating through + the elements of this field and adding "weight" to + the sum if the node has pods which matches the corresponding + podAffinityTerm; the node(s) with the highest sum + are the most preferred. + items: + description: The weights of all of the matched WeightedPodAffinityTerm + fields are added per-node to find the most preferred + node(s) + properties: + podAffinityTerm: + description: Required. A pod affinity term, + associated with the corresponding weight. + properties: + labelSelector: + description: A label query over a set of + resources, in this case pods. + properties: + matchExpressions: + description: matchExpressions is a list + of label selector requirements. The + requirements are ANDed. + items: + description: A label selector requirement + is a selector that contains values, + a key, and an operator that relates + the key and values. + properties: + key: + description: key is the label + key that the selector applies + to. + type: string + operator: + description: operator represents + a key's relationship to a set + of values. Valid operators are + In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array + of string values. If the operator + is In or NotIn, the values array + must be non-empty. If the operator + is Exists or DoesNotExist, the + values array must be empty. + This array is replaced during + a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of + {key,value} pairs. A single {key,value} + in the matchLabels map is equivalent + to an element of matchExpressions, + whose key field is "key", the operator + is "In", and the values array contains + only "value". The requirements are + ANDed. + type: object + type: object + namespaceSelector: + description: A label query over the set + of namespaces that the term applies to. + The term is applied to the union of the + namespaces selected by this field and + the ones listed in the namespaces field. + null selector and null or empty namespaces + list means "this pod's namespace". An + empty selector ({}) matches all namespaces. + This field is beta-level and is only honored + when PodAffinityNamespaceSelector feature + is enabled. + properties: + matchExpressions: + description: matchExpressions is a list + of label selector requirements. The + requirements are ANDed. + items: + description: A label selector requirement + is a selector that contains values, + a key, and an operator that relates + the key and values. + properties: + key: + description: key is the label + key that the selector applies + to. + type: string + operator: + description: operator represents + a key's relationship to a set + of values. Valid operators are + In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array + of string values. If the operator + is In or NotIn, the values array + must be non-empty. If the operator + is Exists or DoesNotExist, the + values array must be empty. + This array is replaced during + a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of + {key,value} pairs. A single {key,value} + in the matchLabels map is equivalent + to an element of matchExpressions, + whose key field is "key", the operator + is "In", and the values array contains + only "value". The requirements are + ANDed. + type: object + type: object + namespaces: + description: namespaces specifies a static + list of namespace names that the term + applies to. The term is applied to the + union of the namespaces listed in this + field and the ones selected by namespaceSelector. + null or empty namespaces list and null + namespaceSelector means "this pod's namespace" + items: + type: string + type: array + topologyKey: + description: This pod should be co-located + (affinity) or not co-located (anti-affinity) + with the pods matching the labelSelector + in the specified namespaces, where co-located + is defined as running on a node whose + value of the label with key topologyKey + matches that of any node on which any + of the selected pods is running. Empty + topologyKey is not allowed. + type: string + required: + - topologyKey + type: object + weight: + description: weight associated with matching + the corresponding podAffinityTerm, in the + range 1-100. + format: int32 + type: integer + required: + - podAffinityTerm + - weight + type: object + type: array + requiredDuringSchedulingIgnoredDuringExecution: + description: If the anti-affinity requirements specified + by this field are not met at scheduling time, the + pod will not be scheduled onto the node. If the + anti-affinity requirements specified by this field + cease to be met at some point during pod execution + (e.g. due to a pod label update), the system may + or may not try to eventually evict the pod from + its node. When there are multiple elements, the + lists of nodes corresponding to each podAffinityTerm + are intersected, i.e. all terms must be satisfied. + items: + description: Defines a set of pods (namely those + matching the labelSelector relative to the given + namespace(s)) that this pod should be co-located + (affinity) or not co-located (anti-affinity) with, + where co-located is defined as running on a node + whose value of the label with key + matches that of any node on which a pod of the + set of pods is running + properties: + labelSelector: + description: A label query over a set of resources, + in this case pods. + properties: + matchExpressions: + description: matchExpressions is a list + of label selector requirements. The requirements + are ANDed. + items: + description: A label selector requirement + is a selector that contains values, + a key, and an operator that relates + the key and values. + properties: + key: + description: key is the label key + that the selector applies to. + type: string + operator: + description: operator represents a + key's relationship to a set of values. + Valid operators are In, NotIn, Exists + and DoesNotExist. + type: string + values: + description: values is an array of + string values. If the operator is + In or NotIn, the values array must + be non-empty. If the operator is + Exists or DoesNotExist, the values + array must be empty. This array + is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator + is "In", and the values array contains + only "value". The requirements are ANDed. + type: object + type: object + namespaceSelector: + description: A label query over the set of namespaces + that the term applies to. The term is applied + to the union of the namespaces selected by + this field and the ones listed in the namespaces + field. null selector and null or empty namespaces + list means "this pod's namespace". An empty + selector ({}) matches all namespaces. This + field is beta-level and is only honored when + PodAffinityNamespaceSelector feature is enabled. + properties: + matchExpressions: + description: matchExpressions is a list + of label selector requirements. The requirements + are ANDed. + items: + description: A label selector requirement + is a selector that contains values, + a key, and an operator that relates + the key and values. + properties: + key: + description: key is the label key + that the selector applies to. + type: string + operator: + description: operator represents a + key's relationship to a set of values. + Valid operators are In, NotIn, Exists + and DoesNotExist. + type: string + values: + description: values is an array of + string values. If the operator is + In or NotIn, the values array must + be non-empty. If the operator is + Exists or DoesNotExist, the values + array must be empty. This array + is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator + is "In", and the values array contains + only "value". The requirements are ANDed. + type: object + type: object + namespaces: + description: namespaces specifies a static list + of namespace names that the term applies to. + The term is applied to the union of the namespaces + listed in this field and the ones selected + by namespaceSelector. null or empty namespaces + list and null namespaceSelector means "this + pod's namespace" + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) + or not co-located (anti-affinity) with the + pods matching the labelSelector in the specified + namespaces, where co-located is defined as + running on a node whose value of the label + with key topologyKey matches that of any node + on which any of the selected pods is running. + Empty topologyKey is not allowed. + type: string + required: + - topologyKey + type: object + type: array + type: object + type: object + automountServiceAccountToken: + description: AutomountServiceAccountToken indicates whether + a service account token should be automatically mounted. + type: boolean + containers: + description: List of containers belonging to the pod. Containers + cannot currently be added or removed. There must be at least + one container in a Pod. Cannot be updated. + items: + description: A single application container that you want + to run within a pod. + properties: + args: + description: 'Arguments to the entrypoint. The docker + image''s CMD is used if this is not provided. Variable + references $(VAR_NAME) are expanded using the container''s + environment. If a variable cannot be resolved, the + reference in the input string will be unchanged. Double + $$ are reduced to a single $, which allows for escaping + the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce + the string literal "$(VAR_NAME)". Escaped references + will never be expanded, regardless of whether the + variable exists or not. Cannot be updated. More info: + https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' + items: + type: string + type: array + command: + description: 'Entrypoint array. Not executed within + a shell. The docker image''s ENTRYPOINT is used if + this is not provided. Variable references $(VAR_NAME) + are expanded using the container''s environment. If + a variable cannot be resolved, the reference in the + input string will be unchanged. Double $$ are reduced + to a single $, which allows for escaping the $(VAR_NAME) + syntax: i.e. "$$(VAR_NAME)" will produce the string + literal "$(VAR_NAME)". Escaped references will never + be expanded, regardless of whether the variable exists + or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' + items: + type: string + type: array + env: + description: List of environment variables to set in + the container. Cannot be updated. + items: + description: EnvVar represents an environment variable + present in a Container. + properties: + name: + description: Name of the environment variable. + Must be a C_IDENTIFIER. + type: string + value: + description: 'Variable references $(VAR_NAME) + are expanded using the previously defined environment + variables in the container and any service environment + variables. If a variable cannot be resolved, + the reference in the input string will be unchanged. + Double $$ are reduced to a single $, which allows + for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" + will produce the string literal "$(VAR_NAME)". + Escaped references will never be expanded, regardless + of whether the variable exists or not. Defaults + to "".' + type: string + valueFrom: + description: Source for the environment variable's + value. Cannot be used if value is not empty. + properties: + configMapKeyRef: + description: Selects a key of a ConfigMap. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the ConfigMap + or its key must be defined + type: boolean + required: + - key + type: object + fieldRef: + description: 'Selects a field of the pod: + supports metadata.name, metadata.namespace, + `metadata.labels['''']`, `metadata.annotations['''']`, + spec.nodeName, spec.serviceAccountName, + status.hostIP, status.podIP, status.podIPs.' + properties: + apiVersion: + description: Version of the schema the + FieldPath is written in terms of, defaults + to "v1". + type: string + fieldPath: + description: Path of the field to select + in the specified API version. + type: string + required: + - fieldPath + type: object + resourceFieldRef: + description: 'Selects a resource of the container: + only resources limits and requests (limits.cpu, + limits.memory, limits.ephemeral-storage, + requests.cpu, requests.memory and requests.ephemeral-storage) + are currently supported.' + properties: + containerName: + description: 'Container name: required + for volumes, optional for env vars' + type: string + divisor: + anyOf: + - type: integer + - type: string + description: Specifies the output format + of the exposed resources, defaults to + "1" + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + description: 'Required: resource to select' + type: string + required: + - resource + type: object + secretKeyRef: + description: Selects a key of a secret in + the pod's namespace + properties: + key: + description: The key of the secret to + select from. Must be a valid secret + key. + type: string + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + required: + - key + type: object + type: object + required: + - name + type: object + type: array + envFrom: + description: List of sources to populate environment + variables in the container. The keys defined within + a source must be a C_IDENTIFIER. All invalid keys + will be reported as an event when the container is + starting. When a key exists in multiple sources, the + value associated with the last source will take precedence. + Values defined by an Env with a duplicate key will + take precedence. Cannot be updated. + items: + description: EnvFromSource represents the source of + a set of ConfigMaps + properties: + configMapRef: + description: The ConfigMap to select from + properties: + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the ConfigMap + must be defined + type: boolean + type: object + prefix: + description: An optional identifier to prepend + to each key in the ConfigMap. Must be a C_IDENTIFIER. + type: string + secretRef: + description: The Secret to select from + properties: + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret must + be defined + type: boolean + type: object + type: object + type: array + image: + description: 'Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images + This field is optional to allow higher level config + management to default or override container images + in workload controllers like Deployments and StatefulSets.' + type: string + imagePullPolicy: + description: 'Image pull policy. One of Always, Never, + IfNotPresent. Defaults to Always if :latest tag is + specified, or IfNotPresent otherwise. Cannot be updated. + More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' + type: string + lifecycle: + description: Actions that the management system should + take in response to container lifecycle events. Cannot + be updated. + properties: + postStart: + description: 'PostStart is called immediately after + a container is created. If the handler fails, + the container is terminated and restarted according + to its restart policy. Other management of the + container blocks until the hook completes. More + info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' + properties: + exec: + description: Exec specifies the action to take. + properties: + command: + description: Command is the command line + to execute inside the container, the working + directory for the command is root ('/') + in the container's filesystem. The command + is simply exec'd, it is not run inside + a shell, so traditional shell instructions + ('|', etc) won't work. To use a shell, + you need to explicitly call out to that + shell. Exit status of 0 is treated as + live/healthy and non-zero is unhealthy. + items: + type: string + type: array + type: object + httpGet: + description: HTTPGet specifies the http request + to perform. + properties: + host: + description: Host name to connect to, defaults + to the pod IP. You probably want to set + "Host" in httpHeaders instead. + type: string + httpHeaders: + description: Custom headers to set in the + request. HTTP allows repeated headers. + items: + description: HTTPHeader describes a custom + header to be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP + server. + type: string + port: + anyOf: + - type: integer + - type: string + description: Name or number of the port + to access on the container. Number must + be in the range 1 to 65535. Name must + be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: Scheme to use for connecting + to the host. Defaults to HTTP. + type: string + required: + - port + type: object + tcpSocket: + description: Deprecated. TCPSocket is NOT supported + as a LifecycleHandler and kept for the backward + compatibility. There are no validation of + this field and lifecycle hooks will fail in + runtime when tcp handler is specified. + properties: + host: + description: 'Optional: Host name to connect + to, defaults to the pod IP.' + type: string + port: + anyOf: + - type: integer + - type: string + description: Number or name of the port + to access on the container. Number must + be in the range 1 to 65535. Name must + be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + type: object + preStop: + description: 'PreStop is called immediately before + a container is terminated due to an API request + or management event such as liveness/startup probe + failure, preemption, resource contention, etc. + The handler is not called if the container crashes + or exits. The Pod''s termination grace period + countdown begins before the PreStop hook is executed. + Regardless of the outcome of the handler, the + container will eventually terminate within the + Pod''s termination grace period (unless delayed + by finalizers). Other management of the container + blocks until the hook completes or until the termination + grace period is reached. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' + properties: + exec: + description: Exec specifies the action to take. + properties: + command: + description: Command is the command line + to execute inside the container, the working + directory for the command is root ('/') + in the container's filesystem. The command + is simply exec'd, it is not run inside + a shell, so traditional shell instructions + ('|', etc) won't work. To use a shell, + you need to explicitly call out to that + shell. Exit status of 0 is treated as + live/healthy and non-zero is unhealthy. + items: + type: string + type: array + type: object + httpGet: + description: HTTPGet specifies the http request + to perform. + properties: + host: + description: Host name to connect to, defaults + to the pod IP. You probably want to set + "Host" in httpHeaders instead. + type: string + httpHeaders: + description: Custom headers to set in the + request. HTTP allows repeated headers. + items: + description: HTTPHeader describes a custom + header to be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP + server. + type: string + port: + anyOf: + - type: integer + - type: string + description: Name or number of the port + to access on the container. Number must + be in the range 1 to 65535. Name must + be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: Scheme to use for connecting + to the host. Defaults to HTTP. + type: string + required: + - port + type: object + tcpSocket: + description: Deprecated. TCPSocket is NOT supported + as a LifecycleHandler and kept for the backward + compatibility. There are no validation of + this field and lifecycle hooks will fail in + runtime when tcp handler is specified. + properties: + host: + description: 'Optional: Host name to connect + to, defaults to the pod IP.' + type: string + port: + anyOf: + - type: integer + - type: string + description: Number or name of the port + to access on the container. Number must + be in the range 1 to 65535. Name must + be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + type: object + type: object + livenessProbe: + description: 'Periodic probe of container liveness. + Container will be restarted if the probe fails. Cannot + be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + properties: + exec: + description: Exec specifies the action to take. + properties: + command: + description: Command is the command line to + execute inside the container, the working + directory for the command is root ('/') in + the container's filesystem. The command is + simply exec'd, it is not run inside a shell, + so traditional shell instructions ('|', etc) + won't work. To use a shell, you need to explicitly + call out to that shell. Exit status of 0 is + treated as live/healthy and non-zero is unhealthy. + items: + type: string + type: array + type: object + failureThreshold: + description: Minimum consecutive failures for the + probe to be considered failed after having succeeded. + Defaults to 3. Minimum value is 1. + format: int32 + type: integer + grpc: + description: GRPC specifies an action involving + a GRPC port. This is an alpha field and requires + enabling GRPCContainerProbe feature gate. + properties: + port: + description: Port number of the gRPC service. + Number must be in the range 1 to 65535. + format: int32 + type: integer + service: + description: "Service is the name of the service + to place in the gRPC HealthCheckRequest (see + https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + \n If this is not specified, the default behavior + is defined by gRPC." + type: string + required: + - port + type: object + httpGet: + description: HTTPGet specifies the http request + to perform. + properties: + host: + description: Host name to connect to, defaults + to the pod IP. You probably want to set "Host" + in httpHeaders instead. + type: string + httpHeaders: + description: Custom headers to set in the request. + HTTP allows repeated headers. + items: + description: HTTPHeader describes a custom + header to be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: integer + - type: string + description: Name or number of the port to access + on the container. Number must be in the range + 1 to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: Scheme to use for connecting to + the host. Defaults to HTTP. + type: string + required: + - port + type: object + initialDelaySeconds: + description: 'Number of seconds after the container + has started before liveness probes are initiated. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + periodSeconds: + description: How often (in seconds) to perform the + probe. Default to 10 seconds. Minimum value is + 1. + format: int32 + type: integer + successThreshold: + description: Minimum consecutive successes for the + probe to be considered successful after having + failed. Defaults to 1. Must be 1 for liveness + and startup. Minimum value is 1. + format: int32 + type: integer + tcpSocket: + description: TCPSocket specifies an action involving + a TCP port. + properties: + host: + description: 'Optional: Host name to connect + to, defaults to the pod IP.' + type: string + port: + anyOf: + - type: integer + - type: string + description: Number or name of the port to access + on the container. Number must be in the range + 1 to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + terminationGracePeriodSeconds: + description: Optional duration in seconds the pod + needs to terminate gracefully upon probe failure. + The grace period is the duration in seconds after + the processes running in the pod are sent a termination + signal and the time when the processes are forcibly + halted with a kill signal. Set this value longer + than the expected cleanup time for your process. + If this value is nil, the pod's terminationGracePeriodSeconds + will be used. Otherwise, this value overrides + the value provided by the pod spec. Value must + be non-negative integer. The value zero indicates + stop immediately via the kill signal (no opportunity + to shut down). This is a beta field and requires + enabling ProbeTerminationGracePeriod feature gate. + Minimum value is 1. spec.terminationGracePeriodSeconds + is used if unset. + format: int64 + type: integer + timeoutSeconds: + description: 'Number of seconds after which the + probe times out. Defaults to 1 second. Minimum + value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + type: object + name: + description: Name of the container specified as a DNS_LABEL. + Each container in a pod must have a unique name (DNS_LABEL). + Cannot be updated. + type: string + ports: + description: List of ports to expose from the container. + Exposing a port here gives the system additional information + about the network connections a container uses, but + is primarily informational. Not specifying a port + here DOES NOT prevent that port from being exposed. + Any port which is listening on the default "0.0.0.0" + address inside a container will be accessible from + the network. Cannot be updated. + items: + description: ContainerPort represents a network port + in a single container. + properties: + containerPort: + description: Number of port to expose on the pod's + IP address. This must be a valid port number, + 0 < x < 65536. + format: int32 + type: integer + hostIP: + description: What host IP to bind the external + port to. + type: string + hostPort: + description: Number of port to expose on the host. + If specified, this must be a valid port number, + 0 < x < 65536. If HostNetwork is specified, + this must match ContainerPort. Most containers + do not need this. + format: int32 + type: integer + name: + description: If specified, this must be an IANA_SVC_NAME + and unique within the pod. Each named port in + a pod must have a unique name. Name for the + port that can be referred to by services. + type: string + protocol: + default: TCP + description: Protocol for port. Must be UDP, TCP, + or SCTP. Defaults to "TCP". + type: string + required: + - containerPort + type: object + type: array + x-kubernetes-list-map-keys: + - containerPort + - protocol + x-kubernetes-list-type: map + readinessProbe: + description: 'Periodic probe of container service readiness. + Container will be removed from service endpoints if + the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + properties: + exec: + description: Exec specifies the action to take. + properties: + command: + description: Command is the command line to + execute inside the container, the working + directory for the command is root ('/') in + the container's filesystem. The command is + simply exec'd, it is not run inside a shell, + so traditional shell instructions ('|', etc) + won't work. To use a shell, you need to explicitly + call out to that shell. Exit status of 0 is + treated as live/healthy and non-zero is unhealthy. + items: + type: string + type: array + type: object + failureThreshold: + description: Minimum consecutive failures for the + probe to be considered failed after having succeeded. + Defaults to 3. Minimum value is 1. + format: int32 + type: integer + grpc: + description: GRPC specifies an action involving + a GRPC port. This is an alpha field and requires + enabling GRPCContainerProbe feature gate. + properties: + port: + description: Port number of the gRPC service. + Number must be in the range 1 to 65535. + format: int32 + type: integer + service: + description: "Service is the name of the service + to place in the gRPC HealthCheckRequest (see + https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + \n If this is not specified, the default behavior + is defined by gRPC." + type: string + required: + - port + type: object + httpGet: + description: HTTPGet specifies the http request + to perform. + properties: + host: + description: Host name to connect to, defaults + to the pod IP. You probably want to set "Host" + in httpHeaders instead. + type: string + httpHeaders: + description: Custom headers to set in the request. + HTTP allows repeated headers. + items: + description: HTTPHeader describes a custom + header to be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: integer + - type: string + description: Name or number of the port to access + on the container. Number must be in the range + 1 to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: Scheme to use for connecting to + the host. Defaults to HTTP. + type: string + required: + - port + type: object + initialDelaySeconds: + description: 'Number of seconds after the container + has started before liveness probes are initiated. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + periodSeconds: + description: How often (in seconds) to perform the + probe. Default to 10 seconds. Minimum value is + 1. + format: int32 + type: integer + successThreshold: + description: Minimum consecutive successes for the + probe to be considered successful after having + failed. Defaults to 1. Must be 1 for liveness + and startup. Minimum value is 1. + format: int32 + type: integer + tcpSocket: + description: TCPSocket specifies an action involving + a TCP port. + properties: + host: + description: 'Optional: Host name to connect + to, defaults to the pod IP.' + type: string + port: + anyOf: + - type: integer + - type: string + description: Number or name of the port to access + on the container. Number must be in the range + 1 to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + terminationGracePeriodSeconds: + description: Optional duration in seconds the pod + needs to terminate gracefully upon probe failure. + The grace period is the duration in seconds after + the processes running in the pod are sent a termination + signal and the time when the processes are forcibly + halted with a kill signal. Set this value longer + than the expected cleanup time for your process. + If this value is nil, the pod's terminationGracePeriodSeconds + will be used. Otherwise, this value overrides + the value provided by the pod spec. Value must + be non-negative integer. The value zero indicates + stop immediately via the kill signal (no opportunity + to shut down). This is a beta field and requires + enabling ProbeTerminationGracePeriod feature gate. + Minimum value is 1. spec.terminationGracePeriodSeconds + is used if unset. + format: int64 + type: integer + timeoutSeconds: + description: 'Number of seconds after which the + probe times out. Defaults to 1 second. Minimum + value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + type: object + resources: + description: 'Compute Resources required by this container. + Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + properties: + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum amount + of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum amount + of compute resources required. If Requests is + omitted for a container, it defaults to Limits + if that is explicitly specified, otherwise to + an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + type: object + securityContext: + description: 'SecurityContext defines the security options + the container should be run with. If set, the fields + of SecurityContext override the equivalent fields + of PodSecurityContext. More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/' + properties: + allowPrivilegeEscalation: + description: 'AllowPrivilegeEscalation controls + whether a process can gain more privileges than + its parent process. This bool directly controls + if the no_new_privs flag will be set on the container + process. AllowPrivilegeEscalation is true always + when the container is: 1) run as Privileged 2) + has CAP_SYS_ADMIN Note that this field cannot + be set when spec.os.name is windows.' + type: boolean + capabilities: + description: The capabilities to add/drop when running + containers. Defaults to the default set of capabilities + granted by the container runtime. Note that this + field cannot be set when spec.os.name is windows. + properties: + add: + description: Added capabilities + items: + description: Capability represent POSIX capabilities + type + type: string + type: array + drop: + description: Removed capabilities + items: + description: Capability represent POSIX capabilities + type + type: string + type: array + type: object + privileged: + description: Run container in privileged mode. Processes + in privileged containers are essentially equivalent + to root on the host. Defaults to false. Note that + this field cannot be set when spec.os.name is + windows. + type: boolean + procMount: + description: procMount denotes the type of proc + mount to use for the containers. The default is + DefaultProcMount which uses the container runtime + defaults for readonly paths and masked paths. + This requires the ProcMountType feature flag to + be enabled. Note that this field cannot be set + when spec.os.name is windows. + type: string + readOnlyRootFilesystem: + description: Whether this container has a read-only + root filesystem. Default is false. Note that this + field cannot be set when spec.os.name is windows. + type: boolean + runAsGroup: + description: The GID to run the entrypoint of the + container process. Uses runtime default if unset. + May also be set in PodSecurityContext. If set + in both SecurityContext and PodSecurityContext, + the value specified in SecurityContext takes precedence. + Note that this field cannot be set when spec.os.name + is windows. + format: int64 + type: integer + runAsNonRoot: + description: Indicates that the container must run + as a non-root user. If true, the Kubelet will + validate the image at runtime to ensure that it + does not run as UID 0 (root) and fail to start + the container if it does. If unset or false, no + such validation will be performed. May also be + set in PodSecurityContext. If set in both SecurityContext + and PodSecurityContext, the value specified in + SecurityContext takes precedence. + type: boolean + runAsUser: + description: The UID to run the entrypoint of the + container process. Defaults to user specified + in image metadata if unspecified. May also be + set in PodSecurityContext. If set in both SecurityContext + and PodSecurityContext, the value specified in + SecurityContext takes precedence. Note that this + field cannot be set when spec.os.name is windows. + format: int64 + type: integer + seLinuxOptions: + description: The SELinux context to be applied to + the container. If unspecified, the container runtime + will allocate a random SELinux context for each + container. May also be set in PodSecurityContext. If + set in both SecurityContext and PodSecurityContext, + the value specified in SecurityContext takes precedence. + Note that this field cannot be set when spec.os.name + is windows. + properties: + level: + description: Level is SELinux level label that + applies to the container. + type: string + role: + description: Role is a SELinux role label that + applies to the container. + type: string + type: + description: Type is a SELinux type label that + applies to the container. + type: string + user: + description: User is a SELinux user label that + applies to the container. + type: string + type: object + seccompProfile: + description: The seccomp options to use by this + container. If seccomp options are provided at + both the pod & container level, the container + options override the pod options. Note that this + field cannot be set when spec.os.name is windows. + properties: + localhostProfile: + description: localhostProfile indicates a profile + defined in a file on the node should be used. + The profile must be preconfigured on the node + to work. Must be a descending path, relative + to the kubelet's configured seccomp profile + location. Must only be set if type is "Localhost". + type: string + type: + description: "type indicates which kind of seccomp + profile will be applied. Valid options are: + \n Localhost - a profile defined in a file + on the node should be used. RuntimeDefault + - the container runtime default profile should + be used. Unconfined - no profile should be + applied." + type: string + required: + - type + type: object + windowsOptions: + description: The Windows specific settings applied + to all containers. If unspecified, the options + from the PodSecurityContext will be used. If set + in both SecurityContext and PodSecurityContext, + the value specified in SecurityContext takes precedence. + Note that this field cannot be set when spec.os.name + is linux. + properties: + gmsaCredentialSpec: + description: GMSACredentialSpec is where the + GMSA admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) + inlines the contents of the GMSA credential + spec named by the GMSACredentialSpecName field. + type: string + gmsaCredentialSpecName: + description: GMSACredentialSpecName is the name + of the GMSA credential spec to use. + type: string + hostProcess: + description: HostProcess determines if a container + should be run as a 'Host Process' container. + This field is alpha-level and will only be + honored by components that enable the WindowsHostProcessContainers + feature flag. Setting this field without the + feature flag will result in errors when validating + the Pod. All of a Pod's containers must have + the same effective HostProcess value (it is + not allowed to have a mix of HostProcess containers + and non-HostProcess containers). In addition, + if HostProcess is true then HostNetwork must + also be set to true. + type: boolean + runAsUserName: + description: The UserName in Windows to run + the entrypoint of the container process. Defaults + to the user specified in image metadata if + unspecified. May also be set in PodSecurityContext. + If set in both SecurityContext and PodSecurityContext, + the value specified in SecurityContext takes + precedence. + type: string + type: object + type: object + startupProbe: + description: 'StartupProbe indicates that the Pod has + successfully initialized. If specified, no other probes + are executed until this completes successfully. If + this probe fails, the Pod will be restarted, just + as if the livenessProbe failed. This can be used to + provide different probe parameters at the beginning + of a Pod''s lifecycle, when it might take a long time + to load data or warm a cache, than during steady-state + operation. This cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + properties: + exec: + description: Exec specifies the action to take. + properties: + command: + description: Command is the command line to + execute inside the container, the working + directory for the command is root ('/') in + the container's filesystem. The command is + simply exec'd, it is not run inside a shell, + so traditional shell instructions ('|', etc) + won't work. To use a shell, you need to explicitly + call out to that shell. Exit status of 0 is + treated as live/healthy and non-zero is unhealthy. + items: + type: string + type: array + type: object + failureThreshold: + description: Minimum consecutive failures for the + probe to be considered failed after having succeeded. + Defaults to 3. Minimum value is 1. + format: int32 + type: integer + grpc: + description: GRPC specifies an action involving + a GRPC port. This is an alpha field and requires + enabling GRPCContainerProbe feature gate. + properties: + port: + description: Port number of the gRPC service. + Number must be in the range 1 to 65535. + format: int32 + type: integer + service: + description: "Service is the name of the service + to place in the gRPC HealthCheckRequest (see + https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + \n If this is not specified, the default behavior + is defined by gRPC." + type: string + required: + - port + type: object + httpGet: + description: HTTPGet specifies the http request + to perform. + properties: + host: + description: Host name to connect to, defaults + to the pod IP. You probably want to set "Host" + in httpHeaders instead. + type: string + httpHeaders: + description: Custom headers to set in the request. + HTTP allows repeated headers. + items: + description: HTTPHeader describes a custom + header to be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: integer + - type: string + description: Name or number of the port to access + on the container. Number must be in the range + 1 to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: Scheme to use for connecting to + the host. Defaults to HTTP. + type: string + required: + - port + type: object + initialDelaySeconds: + description: 'Number of seconds after the container + has started before liveness probes are initiated. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + periodSeconds: + description: How often (in seconds) to perform the + probe. Default to 10 seconds. Minimum value is + 1. + format: int32 + type: integer + successThreshold: + description: Minimum consecutive successes for the + probe to be considered successful after having + failed. Defaults to 1. Must be 1 for liveness + and startup. Minimum value is 1. + format: int32 + type: integer + tcpSocket: + description: TCPSocket specifies an action involving + a TCP port. + properties: + host: + description: 'Optional: Host name to connect + to, defaults to the pod IP.' + type: string + port: + anyOf: + - type: integer + - type: string + description: Number or name of the port to access + on the container. Number must be in the range + 1 to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + terminationGracePeriodSeconds: + description: Optional duration in seconds the pod + needs to terminate gracefully upon probe failure. + The grace period is the duration in seconds after + the processes running in the pod are sent a termination + signal and the time when the processes are forcibly + halted with a kill signal. Set this value longer + than the expected cleanup time for your process. + If this value is nil, the pod's terminationGracePeriodSeconds + will be used. Otherwise, this value overrides + the value provided by the pod spec. Value must + be non-negative integer. The value zero indicates + stop immediately via the kill signal (no opportunity + to shut down). This is a beta field and requires + enabling ProbeTerminationGracePeriod feature gate. + Minimum value is 1. spec.terminationGracePeriodSeconds + is used if unset. + format: int64 + type: integer + timeoutSeconds: + description: 'Number of seconds after which the + probe times out. Defaults to 1 second. Minimum + value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + type: object + stdin: + description: Whether this container should allocate + a buffer for stdin in the container runtime. If this + is not set, reads from stdin in the container will + always result in EOF. Default is false. + type: boolean + stdinOnce: + description: Whether the container runtime should close + the stdin channel after it has been opened by a single + attach. When stdin is true the stdin stream will remain + open across multiple attach sessions. If stdinOnce + is set to true, stdin is opened on container start, + is empty until the first client attaches to stdin, + and then remains open and accepts data until the client + disconnects, at which time stdin is closed and remains + closed until the container is restarted. If this flag + is false, a container processes that reads from stdin + will never receive an EOF. Default is false + type: boolean + terminationMessagePath: + description: 'Optional: Path at which the file to which + the container''s termination message will be written + is mounted into the container''s filesystem. Message + written is intended to be brief final status, such + as an assertion failure message. Will be truncated + by the node if greater than 4096 bytes. The total + message length across all containers will be limited + to 12kb. Defaults to /dev/termination-log. Cannot + be updated.' + type: string + terminationMessagePolicy: + description: Indicate how the termination message should + be populated. File will use the contents of terminationMessagePath + to populate the container status message on both success + and failure. FallbackToLogsOnError will use the last + chunk of container log output if the termination message + file is empty and the container exited with an error. + The log output is limited to 2048 bytes or 80 lines, + whichever is smaller. Defaults to File. Cannot be + updated. + type: string + tty: + description: Whether this container should allocate + a TTY for itself, also requires 'stdin' to be true. + Default is false. + type: boolean + volumeDevices: + description: volumeDevices is the list of block devices + to be used by the container. + items: + description: volumeDevice describes a mapping of a + raw block device within a container. + properties: + devicePath: + description: devicePath is the path inside of + the container that the device will be mapped + to. + type: string + name: + description: name must match the name of a persistentVolumeClaim + in the pod + type: string + required: + - devicePath + - name + type: object + type: array + volumeMounts: + description: Pod volumes to mount into the container's + filesystem. Cannot be updated. + items: + description: VolumeMount describes a mounting of a + Volume within a container. + properties: + mountPath: + description: Path within the container at which + the volume should be mounted. Must not contain + ':'. + type: string + mountPropagation: + description: mountPropagation determines how mounts + are propagated from the host to container and + the other way around. When not set, MountPropagationNone + is used. This field is beta in 1.10. + type: string + name: + description: This must match the Name of a Volume. + type: string + readOnly: + description: Mounted read-only if true, read-write + otherwise (false or unspecified). Defaults to + false. + type: boolean + subPath: + description: Path within the volume from which + the container's volume should be mounted. Defaults + to "" (volume's root). + type: string + subPathExpr: + description: Expanded path within the volume from + which the container's volume should be mounted. + Behaves similarly to SubPath but environment + variable references $(VAR_NAME) are expanded + using the container's environment. Defaults + to "" (volume's root). SubPathExpr and SubPath + are mutually exclusive. + type: string + required: + - mountPath + - name + type: object + type: array + workingDir: + description: Container's working directory. If not specified, + the container runtime's default will be used, which + might be configured in the container image. Cannot + be updated. + type: string + required: + - name + type: object + type: array + dnsConfig: + description: Specifies the DNS parameters of a pod. Parameters + specified here will be merged to the generated DNS configuration + based on DNSPolicy. + properties: + nameservers: + description: A list of DNS name server IP addresses. This + will be appended to the base nameservers generated from + DNSPolicy. Duplicated nameservers will be removed. + items: + type: string + type: array + options: + description: A list of DNS resolver options. This will + be merged with the base options generated from DNSPolicy. + Duplicated entries will be removed. Resolution options + given in Options will override those that appear in + the base DNSPolicy. + items: + description: PodDNSConfigOption defines DNS resolver + options of a pod. + properties: + name: + description: Required. + type: string + value: + type: string + type: object + type: array + searches: + description: A list of DNS search domains for host-name + lookup. This will be appended to the base search paths + generated from DNSPolicy. Duplicated search paths will + be removed. + items: + type: string + type: array + type: object + dnsPolicy: + description: Set DNS policy for the pod. Defaults to "ClusterFirst". + Valid values are 'ClusterFirstWithHostNet', 'ClusterFirst', + 'Default' or 'None'. DNS parameters given in DNSConfig will + be merged with the policy selected with DNSPolicy. To have + DNS options set along with hostNetwork, you have to specify + DNS policy explicitly to 'ClusterFirstWithHostNet'. + type: string + enableServiceLinks: + description: 'EnableServiceLinks indicates whether information + about services should be injected into pod''s environment + variables, matching the syntax of Docker links. Optional: + Defaults to true.' + type: boolean + ephemeralContainers: + description: List of ephemeral containers run in this pod. + Ephemeral containers may be run in an existing pod to perform + user-initiated actions such as debugging. This list cannot + be specified when creating a pod, and it cannot be modified + by updating the pod spec. In order to add an ephemeral container + to an existing pod, use the pod's ephemeralcontainers subresource. + This field is beta-level and available on clusters that + haven't disabled the EphemeralContainers feature gate. + items: + description: "An EphemeralContainer is a temporary container + that you may add to an existing Pod for user-initiated + activities such as debugging. Ephemeral containers have + no resource or scheduling guarantees, and they will not + be restarted when they exit or when a Pod is removed or + restarted. The kubelet may evict a Pod if an ephemeral + container causes the Pod to exceed its resource allocation. + \n To add an ephemeral container, use the ephemeralcontainers + subresource of an existing Pod. Ephemeral containers may + not be removed or restarted. \n This is a beta feature + available on clusters that haven't disabled the EphemeralContainers + feature gate." + properties: + args: + description: 'Arguments to the entrypoint. The docker + image''s CMD is used if this is not provided. Variable + references $(VAR_NAME) are expanded using the container''s + environment. If a variable cannot be resolved, the + reference in the input string will be unchanged. Double + $$ are reduced to a single $, which allows for escaping + the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce + the string literal "$(VAR_NAME)". Escaped references + will never be expanded, regardless of whether the + variable exists or not. Cannot be updated. More info: + https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' + items: + type: string + type: array + command: + description: 'Entrypoint array. Not executed within + a shell. The docker image''s ENTRYPOINT is used if + this is not provided. Variable references $(VAR_NAME) + are expanded using the container''s environment. If + a variable cannot be resolved, the reference in the + input string will be unchanged. Double $$ are reduced + to a single $, which allows for escaping the $(VAR_NAME) + syntax: i.e. "$$(VAR_NAME)" will produce the string + literal "$(VAR_NAME)". Escaped references will never + be expanded, regardless of whether the variable exists + or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' + items: + type: string + type: array + env: + description: List of environment variables to set in + the container. Cannot be updated. + items: + description: EnvVar represents an environment variable + present in a Container. + properties: + name: + description: Name of the environment variable. + Must be a C_IDENTIFIER. + type: string + value: + description: 'Variable references $(VAR_NAME) + are expanded using the previously defined environment + variables in the container and any service environment + variables. If a variable cannot be resolved, + the reference in the input string will be unchanged. + Double $$ are reduced to a single $, which allows + for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" + will produce the string literal "$(VAR_NAME)". + Escaped references will never be expanded, regardless + of whether the variable exists or not. Defaults + to "".' + type: string + valueFrom: + description: Source for the environment variable's + value. Cannot be used if value is not empty. + properties: + configMapKeyRef: + description: Selects a key of a ConfigMap. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the ConfigMap + or its key must be defined + type: boolean + required: + - key + type: object + fieldRef: + description: 'Selects a field of the pod: + supports metadata.name, metadata.namespace, + `metadata.labels['''']`, `metadata.annotations['''']`, + spec.nodeName, spec.serviceAccountName, + status.hostIP, status.podIP, status.podIPs.' + properties: + apiVersion: + description: Version of the schema the + FieldPath is written in terms of, defaults + to "v1". + type: string + fieldPath: + description: Path of the field to select + in the specified API version. + type: string + required: + - fieldPath + type: object + resourceFieldRef: + description: 'Selects a resource of the container: + only resources limits and requests (limits.cpu, + limits.memory, limits.ephemeral-storage, + requests.cpu, requests.memory and requests.ephemeral-storage) + are currently supported.' + properties: + containerName: + description: 'Container name: required + for volumes, optional for env vars' + type: string + divisor: + anyOf: + - type: integer + - type: string + description: Specifies the output format + of the exposed resources, defaults to + "1" + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + description: 'Required: resource to select' + type: string + required: + - resource + type: object + secretKeyRef: + description: Selects a key of a secret in + the pod's namespace + properties: + key: + description: The key of the secret to + select from. Must be a valid secret + key. + type: string + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + required: + - key + type: object + type: object + required: + - name + type: object + type: array + envFrom: + description: List of sources to populate environment + variables in the container. The keys defined within + a source must be a C_IDENTIFIER. All invalid keys + will be reported as an event when the container is + starting. When a key exists in multiple sources, the + value associated with the last source will take precedence. + Values defined by an Env with a duplicate key will + take precedence. Cannot be updated. + items: + description: EnvFromSource represents the source of + a set of ConfigMaps + properties: + configMapRef: + description: The ConfigMap to select from + properties: + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the ConfigMap + must be defined + type: boolean + type: object + prefix: + description: An optional identifier to prepend + to each key in the ConfigMap. Must be a C_IDENTIFIER. + type: string + secretRef: + description: The Secret to select from + properties: + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret must + be defined + type: boolean + type: object + type: object + type: array + image: + description: 'Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images' + type: string + imagePullPolicy: + description: 'Image pull policy. One of Always, Never, + IfNotPresent. Defaults to Always if :latest tag is + specified, or IfNotPresent otherwise. Cannot be updated. + More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' + type: string + lifecycle: + description: Lifecycle is not allowed for ephemeral + containers. + properties: + postStart: + description: 'PostStart is called immediately after + a container is created. If the handler fails, + the container is terminated and restarted according + to its restart policy. Other management of the + container blocks until the hook completes. More + info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' + properties: + exec: + description: Exec specifies the action to take. + properties: + command: + description: Command is the command line + to execute inside the container, the working + directory for the command is root ('/') + in the container's filesystem. The command + is simply exec'd, it is not run inside + a shell, so traditional shell instructions + ('|', etc) won't work. To use a shell, + you need to explicitly call out to that + shell. Exit status of 0 is treated as + live/healthy and non-zero is unhealthy. + items: + type: string + type: array + type: object + httpGet: + description: HTTPGet specifies the http request + to perform. + properties: + host: + description: Host name to connect to, defaults + to the pod IP. You probably want to set + "Host" in httpHeaders instead. + type: string + httpHeaders: + description: Custom headers to set in the + request. HTTP allows repeated headers. + items: + description: HTTPHeader describes a custom + header to be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP + server. + type: string + port: + anyOf: + - type: integer + - type: string + description: Name or number of the port + to access on the container. Number must + be in the range 1 to 65535. Name must + be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: Scheme to use for connecting + to the host. Defaults to HTTP. + type: string + required: + - port + type: object + tcpSocket: + description: Deprecated. TCPSocket is NOT supported + as a LifecycleHandler and kept for the backward + compatibility. There are no validation of + this field and lifecycle hooks will fail in + runtime when tcp handler is specified. + properties: + host: + description: 'Optional: Host name to connect + to, defaults to the pod IP.' + type: string + port: + anyOf: + - type: integer + - type: string + description: Number or name of the port + to access on the container. Number must + be in the range 1 to 65535. Name must + be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + type: object + preStop: + description: 'PreStop is called immediately before + a container is terminated due to an API request + or management event such as liveness/startup probe + failure, preemption, resource contention, etc. + The handler is not called if the container crashes + or exits. The Pod''s termination grace period + countdown begins before the PreStop hook is executed. + Regardless of the outcome of the handler, the + container will eventually terminate within the + Pod''s termination grace period (unless delayed + by finalizers). Other management of the container + blocks until the hook completes or until the termination + grace period is reached. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' + properties: + exec: + description: Exec specifies the action to take. + properties: + command: + description: Command is the command line + to execute inside the container, the working + directory for the command is root ('/') + in the container's filesystem. The command + is simply exec'd, it is not run inside + a shell, so traditional shell instructions + ('|', etc) won't work. To use a shell, + you need to explicitly call out to that + shell. Exit status of 0 is treated as + live/healthy and non-zero is unhealthy. + items: + type: string + type: array + type: object + httpGet: + description: HTTPGet specifies the http request + to perform. + properties: + host: + description: Host name to connect to, defaults + to the pod IP. You probably want to set + "Host" in httpHeaders instead. + type: string + httpHeaders: + description: Custom headers to set in the + request. HTTP allows repeated headers. + items: + description: HTTPHeader describes a custom + header to be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP + server. + type: string + port: + anyOf: + - type: integer + - type: string + description: Name or number of the port + to access on the container. Number must + be in the range 1 to 65535. Name must + be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: Scheme to use for connecting + to the host. Defaults to HTTP. + type: string + required: + - port + type: object + tcpSocket: + description: Deprecated. TCPSocket is NOT supported + as a LifecycleHandler and kept for the backward + compatibility. There are no validation of + this field and lifecycle hooks will fail in + runtime when tcp handler is specified. + properties: + host: + description: 'Optional: Host name to connect + to, defaults to the pod IP.' + type: string + port: + anyOf: + - type: integer + - type: string + description: Number or name of the port + to access on the container. Number must + be in the range 1 to 65535. Name must + be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + type: object + type: object + livenessProbe: + description: Probes are not allowed for ephemeral containers. + properties: + exec: + description: Exec specifies the action to take. + properties: + command: + description: Command is the command line to + execute inside the container, the working + directory for the command is root ('/') in + the container's filesystem. The command is + simply exec'd, it is not run inside a shell, + so traditional shell instructions ('|', etc) + won't work. To use a shell, you need to explicitly + call out to that shell. Exit status of 0 is + treated as live/healthy and non-zero is unhealthy. + items: + type: string + type: array + type: object + failureThreshold: + description: Minimum consecutive failures for the + probe to be considered failed after having succeeded. + Defaults to 3. Minimum value is 1. + format: int32 + type: integer + grpc: + description: GRPC specifies an action involving + a GRPC port. This is an alpha field and requires + enabling GRPCContainerProbe feature gate. + properties: + port: + description: Port number of the gRPC service. + Number must be in the range 1 to 65535. + format: int32 + type: integer + service: + description: "Service is the name of the service + to place in the gRPC HealthCheckRequest (see + https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + \n If this is not specified, the default behavior + is defined by gRPC." + type: string + required: + - port + type: object + httpGet: + description: HTTPGet specifies the http request + to perform. + properties: + host: + description: Host name to connect to, defaults + to the pod IP. You probably want to set "Host" + in httpHeaders instead. + type: string + httpHeaders: + description: Custom headers to set in the request. + HTTP allows repeated headers. + items: + description: HTTPHeader describes a custom + header to be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: integer + - type: string + description: Name or number of the port to access + on the container. Number must be in the range + 1 to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: Scheme to use for connecting to + the host. Defaults to HTTP. + type: string + required: + - port + type: object + initialDelaySeconds: + description: 'Number of seconds after the container + has started before liveness probes are initiated. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + periodSeconds: + description: How often (in seconds) to perform the + probe. Default to 10 seconds. Minimum value is + 1. + format: int32 + type: integer + successThreshold: + description: Minimum consecutive successes for the + probe to be considered successful after having + failed. Defaults to 1. Must be 1 for liveness + and startup. Minimum value is 1. + format: int32 + type: integer + tcpSocket: + description: TCPSocket specifies an action involving + a TCP port. + properties: + host: + description: 'Optional: Host name to connect + to, defaults to the pod IP.' + type: string + port: + anyOf: + - type: integer + - type: string + description: Number or name of the port to access + on the container. Number must be in the range + 1 to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + terminationGracePeriodSeconds: + description: Optional duration in seconds the pod + needs to terminate gracefully upon probe failure. + The grace period is the duration in seconds after + the processes running in the pod are sent a termination + signal and the time when the processes are forcibly + halted with a kill signal. Set this value longer + than the expected cleanup time for your process. + If this value is nil, the pod's terminationGracePeriodSeconds + will be used. Otherwise, this value overrides + the value provided by the pod spec. Value must + be non-negative integer. The value zero indicates + stop immediately via the kill signal (no opportunity + to shut down). This is a beta field and requires + enabling ProbeTerminationGracePeriod feature gate. + Minimum value is 1. spec.terminationGracePeriodSeconds + is used if unset. + format: int64 + type: integer + timeoutSeconds: + description: 'Number of seconds after which the + probe times out. Defaults to 1 second. Minimum + value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + type: object + name: + description: Name of the ephemeral container specified + as a DNS_LABEL. This name must be unique among all + containers, init containers and ephemeral containers. + type: string + ports: + description: Ports are not allowed for ephemeral containers. + items: + description: ContainerPort represents a network port + in a single container. + properties: + containerPort: + description: Number of port to expose on the pod's + IP address. This must be a valid port number, + 0 < x < 65536. + format: int32 + type: integer + hostIP: + description: What host IP to bind the external + port to. + type: string + hostPort: + description: Number of port to expose on the host. + If specified, this must be a valid port number, + 0 < x < 65536. If HostNetwork is specified, + this must match ContainerPort. Most containers + do not need this. + format: int32 + type: integer + name: + description: If specified, this must be an IANA_SVC_NAME + and unique within the pod. Each named port in + a pod must have a unique name. Name for the + port that can be referred to by services. + type: string + protocol: + default: TCP + description: Protocol for port. Must be UDP, TCP, + or SCTP. Defaults to "TCP". + type: string + required: + - containerPort + type: object + type: array + x-kubernetes-list-map-keys: + - containerPort + - protocol + x-kubernetes-list-type: map + readinessProbe: + description: Probes are not allowed for ephemeral containers. + properties: + exec: + description: Exec specifies the action to take. + properties: + command: + description: Command is the command line to + execute inside the container, the working + directory for the command is root ('/') in + the container's filesystem. The command is + simply exec'd, it is not run inside a shell, + so traditional shell instructions ('|', etc) + won't work. To use a shell, you need to explicitly + call out to that shell. Exit status of 0 is + treated as live/healthy and non-zero is unhealthy. + items: + type: string + type: array + type: object + failureThreshold: + description: Minimum consecutive failures for the + probe to be considered failed after having succeeded. + Defaults to 3. Minimum value is 1. + format: int32 + type: integer + grpc: + description: GRPC specifies an action involving + a GRPC port. This is an alpha field and requires + enabling GRPCContainerProbe feature gate. + properties: + port: + description: Port number of the gRPC service. + Number must be in the range 1 to 65535. + format: int32 + type: integer + service: + description: "Service is the name of the service + to place in the gRPC HealthCheckRequest (see + https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + \n If this is not specified, the default behavior + is defined by gRPC." + type: string + required: + - port + type: object + httpGet: + description: HTTPGet specifies the http request + to perform. + properties: + host: + description: Host name to connect to, defaults + to the pod IP. You probably want to set "Host" + in httpHeaders instead. + type: string + httpHeaders: + description: Custom headers to set in the request. + HTTP allows repeated headers. + items: + description: HTTPHeader describes a custom + header to be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: integer + - type: string + description: Name or number of the port to access + on the container. Number must be in the range + 1 to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: Scheme to use for connecting to + the host. Defaults to HTTP. + type: string + required: + - port + type: object + initialDelaySeconds: + description: 'Number of seconds after the container + has started before liveness probes are initiated. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + periodSeconds: + description: How often (in seconds) to perform the + probe. Default to 10 seconds. Minimum value is + 1. + format: int32 + type: integer + successThreshold: + description: Minimum consecutive successes for the + probe to be considered successful after having + failed. Defaults to 1. Must be 1 for liveness + and startup. Minimum value is 1. + format: int32 + type: integer + tcpSocket: + description: TCPSocket specifies an action involving + a TCP port. + properties: + host: + description: 'Optional: Host name to connect + to, defaults to the pod IP.' + type: string + port: + anyOf: + - type: integer + - type: string + description: Number or name of the port to access + on the container. Number must be in the range + 1 to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + terminationGracePeriodSeconds: + description: Optional duration in seconds the pod + needs to terminate gracefully upon probe failure. + The grace period is the duration in seconds after + the processes running in the pod are sent a termination + signal and the time when the processes are forcibly + halted with a kill signal. Set this value longer + than the expected cleanup time for your process. + If this value is nil, the pod's terminationGracePeriodSeconds + will be used. Otherwise, this value overrides + the value provided by the pod spec. Value must + be non-negative integer. The value zero indicates + stop immediately via the kill signal (no opportunity + to shut down). This is a beta field and requires + enabling ProbeTerminationGracePeriod feature gate. + Minimum value is 1. spec.terminationGracePeriodSeconds + is used if unset. + format: int64 + type: integer + timeoutSeconds: + description: 'Number of seconds after which the + probe times out. Defaults to 1 second. Minimum + value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + type: object + resources: + description: Resources are not allowed for ephemeral + containers. Ephemeral containers use spare resources + already allocated to the pod. + properties: + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum amount + of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum amount + of compute resources required. If Requests is + omitted for a container, it defaults to Limits + if that is explicitly specified, otherwise to + an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + type: object + securityContext: + description: 'Optional: SecurityContext defines the + security options the ephemeral container should be + run with. If set, the fields of SecurityContext override + the equivalent fields of PodSecurityContext.' + properties: + allowPrivilegeEscalation: + description: 'AllowPrivilegeEscalation controls + whether a process can gain more privileges than + its parent process. This bool directly controls + if the no_new_privs flag will be set on the container + process. AllowPrivilegeEscalation is true always + when the container is: 1) run as Privileged 2) + has CAP_SYS_ADMIN Note that this field cannot + be set when spec.os.name is windows.' + type: boolean + capabilities: + description: The capabilities to add/drop when running + containers. Defaults to the default set of capabilities + granted by the container runtime. Note that this + field cannot be set when spec.os.name is windows. + properties: + add: + description: Added capabilities + items: + description: Capability represent POSIX capabilities + type + type: string + type: array + drop: + description: Removed capabilities + items: + description: Capability represent POSIX capabilities + type + type: string + type: array + type: object + privileged: + description: Run container in privileged mode. Processes + in privileged containers are essentially equivalent + to root on the host. Defaults to false. Note that + this field cannot be set when spec.os.name is + windows. + type: boolean + procMount: + description: procMount denotes the type of proc + mount to use for the containers. The default is + DefaultProcMount which uses the container runtime + defaults for readonly paths and masked paths. + This requires the ProcMountType feature flag to + be enabled. Note that this field cannot be set + when spec.os.name is windows. + type: string + readOnlyRootFilesystem: + description: Whether this container has a read-only + root filesystem. Default is false. Note that this + field cannot be set when spec.os.name is windows. + type: boolean + runAsGroup: + description: The GID to run the entrypoint of the + container process. Uses runtime default if unset. + May also be set in PodSecurityContext. If set + in both SecurityContext and PodSecurityContext, + the value specified in SecurityContext takes precedence. + Note that this field cannot be set when spec.os.name + is windows. + format: int64 + type: integer + runAsNonRoot: + description: Indicates that the container must run + as a non-root user. If true, the Kubelet will + validate the image at runtime to ensure that it + does not run as UID 0 (root) and fail to start + the container if it does. If unset or false, no + such validation will be performed. May also be + set in PodSecurityContext. If set in both SecurityContext + and PodSecurityContext, the value specified in + SecurityContext takes precedence. + type: boolean + runAsUser: + description: The UID to run the entrypoint of the + container process. Defaults to user specified + in image metadata if unspecified. May also be + set in PodSecurityContext. If set in both SecurityContext + and PodSecurityContext, the value specified in + SecurityContext takes precedence. Note that this + field cannot be set when spec.os.name is windows. + format: int64 + type: integer + seLinuxOptions: + description: The SELinux context to be applied to + the container. If unspecified, the container runtime + will allocate a random SELinux context for each + container. May also be set in PodSecurityContext. If + set in both SecurityContext and PodSecurityContext, + the value specified in SecurityContext takes precedence. + Note that this field cannot be set when spec.os.name + is windows. + properties: + level: + description: Level is SELinux level label that + applies to the container. + type: string + role: + description: Role is a SELinux role label that + applies to the container. + type: string + type: + description: Type is a SELinux type label that + applies to the container. + type: string + user: + description: User is a SELinux user label that + applies to the container. + type: string + type: object + seccompProfile: + description: The seccomp options to use by this + container. If seccomp options are provided at + both the pod & container level, the container + options override the pod options. Note that this + field cannot be set when spec.os.name is windows. + properties: + localhostProfile: + description: localhostProfile indicates a profile + defined in a file on the node should be used. + The profile must be preconfigured on the node + to work. Must be a descending path, relative + to the kubelet's configured seccomp profile + location. Must only be set if type is "Localhost". + type: string + type: + description: "type indicates which kind of seccomp + profile will be applied. Valid options are: + \n Localhost - a profile defined in a file + on the node should be used. RuntimeDefault + - the container runtime default profile should + be used. Unconfined - no profile should be + applied." + type: string + required: + - type + type: object + windowsOptions: + description: The Windows specific settings applied + to all containers. If unspecified, the options + from the PodSecurityContext will be used. If set + in both SecurityContext and PodSecurityContext, + the value specified in SecurityContext takes precedence. + Note that this field cannot be set when spec.os.name + is linux. + properties: + gmsaCredentialSpec: + description: GMSACredentialSpec is where the + GMSA admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) + inlines the contents of the GMSA credential + spec named by the GMSACredentialSpecName field. + type: string + gmsaCredentialSpecName: + description: GMSACredentialSpecName is the name + of the GMSA credential spec to use. + type: string + hostProcess: + description: HostProcess determines if a container + should be run as a 'Host Process' container. + This field is alpha-level and will only be + honored by components that enable the WindowsHostProcessContainers + feature flag. Setting this field without the + feature flag will result in errors when validating + the Pod. All of a Pod's containers must have + the same effective HostProcess value (it is + not allowed to have a mix of HostProcess containers + and non-HostProcess containers). In addition, + if HostProcess is true then HostNetwork must + also be set to true. + type: boolean + runAsUserName: + description: The UserName in Windows to run + the entrypoint of the container process. Defaults + to the user specified in image metadata if + unspecified. May also be set in PodSecurityContext. + If set in both SecurityContext and PodSecurityContext, + the value specified in SecurityContext takes + precedence. + type: string + type: object + type: object + startupProbe: + description: Probes are not allowed for ephemeral containers. + properties: + exec: + description: Exec specifies the action to take. + properties: + command: + description: Command is the command line to + execute inside the container, the working + directory for the command is root ('/') in + the container's filesystem. The command is + simply exec'd, it is not run inside a shell, + so traditional shell instructions ('|', etc) + won't work. To use a shell, you need to explicitly + call out to that shell. Exit status of 0 is + treated as live/healthy and non-zero is unhealthy. + items: + type: string + type: array + type: object + failureThreshold: + description: Minimum consecutive failures for the + probe to be considered failed after having succeeded. + Defaults to 3. Minimum value is 1. + format: int32 + type: integer + grpc: + description: GRPC specifies an action involving + a GRPC port. This is an alpha field and requires + enabling GRPCContainerProbe feature gate. + properties: + port: + description: Port number of the gRPC service. + Number must be in the range 1 to 65535. + format: int32 + type: integer + service: + description: "Service is the name of the service + to place in the gRPC HealthCheckRequest (see + https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + \n If this is not specified, the default behavior + is defined by gRPC." + type: string + required: + - port + type: object + httpGet: + description: HTTPGet specifies the http request + to perform. + properties: + host: + description: Host name to connect to, defaults + to the pod IP. You probably want to set "Host" + in httpHeaders instead. + type: string + httpHeaders: + description: Custom headers to set in the request. + HTTP allows repeated headers. + items: + description: HTTPHeader describes a custom + header to be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: integer + - type: string + description: Name or number of the port to access + on the container. Number must be in the range + 1 to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: Scheme to use for connecting to + the host. Defaults to HTTP. + type: string + required: + - port + type: object + initialDelaySeconds: + description: 'Number of seconds after the container + has started before liveness probes are initiated. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + periodSeconds: + description: How often (in seconds) to perform the + probe. Default to 10 seconds. Minimum value is + 1. + format: int32 + type: integer + successThreshold: + description: Minimum consecutive successes for the + probe to be considered successful after having + failed. Defaults to 1. Must be 1 for liveness + and startup. Minimum value is 1. + format: int32 + type: integer + tcpSocket: + description: TCPSocket specifies an action involving + a TCP port. + properties: + host: + description: 'Optional: Host name to connect + to, defaults to the pod IP.' + type: string + port: + anyOf: + - type: integer + - type: string + description: Number or name of the port to access + on the container. Number must be in the range + 1 to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + terminationGracePeriodSeconds: + description: Optional duration in seconds the pod + needs to terminate gracefully upon probe failure. + The grace period is the duration in seconds after + the processes running in the pod are sent a termination + signal and the time when the processes are forcibly + halted with a kill signal. Set this value longer + than the expected cleanup time for your process. + If this value is nil, the pod's terminationGracePeriodSeconds + will be used. Otherwise, this value overrides + the value provided by the pod spec. Value must + be non-negative integer. The value zero indicates + stop immediately via the kill signal (no opportunity + to shut down). This is a beta field and requires + enabling ProbeTerminationGracePeriod feature gate. + Minimum value is 1. spec.terminationGracePeriodSeconds + is used if unset. + format: int64 + type: integer + timeoutSeconds: + description: 'Number of seconds after which the + probe times out. Defaults to 1 second. Minimum + value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + type: object + stdin: + description: Whether this container should allocate + a buffer for stdin in the container runtime. If this + is not set, reads from stdin in the container will + always result in EOF. Default is false. + type: boolean + stdinOnce: + description: Whether the container runtime should close + the stdin channel after it has been opened by a single + attach. When stdin is true the stdin stream will remain + open across multiple attach sessions. If stdinOnce + is set to true, stdin is opened on container start, + is empty until the first client attaches to stdin, + and then remains open and accepts data until the client + disconnects, at which time stdin is closed and remains + closed until the container is restarted. If this flag + is false, a container processes that reads from stdin + will never receive an EOF. Default is false + type: boolean + targetContainerName: + description: "If set, the name of the container from + PodSpec that this ephemeral container targets. The + ephemeral container will be run in the namespaces + (IPC, PID, etc) of this container. If not set then + the ephemeral container uses the namespaces configured + in the Pod spec. \n The container runtime must implement + support for this feature. If the runtime does not + support namespace targeting then the result of setting + this field is undefined." + type: string + terminationMessagePath: + description: 'Optional: Path at which the file to which + the container''s termination message will be written + is mounted into the container''s filesystem. Message + written is intended to be brief final status, such + as an assertion failure message. Will be truncated + by the node if greater than 4096 bytes. The total + message length across all containers will be limited + to 12kb. Defaults to /dev/termination-log. Cannot + be updated.' + type: string + terminationMessagePolicy: + description: Indicate how the termination message should + be populated. File will use the contents of terminationMessagePath + to populate the container status message on both success + and failure. FallbackToLogsOnError will use the last + chunk of container log output if the termination message + file is empty and the container exited with an error. + The log output is limited to 2048 bytes or 80 lines, + whichever is smaller. Defaults to File. Cannot be + updated. + type: string + tty: + description: Whether this container should allocate + a TTY for itself, also requires 'stdin' to be true. + Default is false. + type: boolean + volumeDevices: + description: volumeDevices is the list of block devices + to be used by the container. + items: + description: volumeDevice describes a mapping of a + raw block device within a container. + properties: + devicePath: + description: devicePath is the path inside of + the container that the device will be mapped + to. + type: string + name: + description: name must match the name of a persistentVolumeClaim + in the pod + type: string + required: + - devicePath + - name + type: object + type: array + volumeMounts: + description: Pod volumes to mount into the container's + filesystem. Subpath mounts are not allowed for ephemeral + containers. Cannot be updated. + items: + description: VolumeMount describes a mounting of a + Volume within a container. + properties: + mountPath: + description: Path within the container at which + the volume should be mounted. Must not contain + ':'. + type: string + mountPropagation: + description: mountPropagation determines how mounts + are propagated from the host to container and + the other way around. When not set, MountPropagationNone + is used. This field is beta in 1.10. + type: string + name: + description: This must match the Name of a Volume. + type: string + readOnly: + description: Mounted read-only if true, read-write + otherwise (false or unspecified). Defaults to + false. + type: boolean + subPath: + description: Path within the volume from which + the container's volume should be mounted. Defaults + to "" (volume's root). + type: string + subPathExpr: + description: Expanded path within the volume from + which the container's volume should be mounted. + Behaves similarly to SubPath but environment + variable references $(VAR_NAME) are expanded + using the container's environment. Defaults + to "" (volume's root). SubPathExpr and SubPath + are mutually exclusive. + type: string + required: + - mountPath + - name + type: object + type: array + workingDir: + description: Container's working directory. If not specified, + the container runtime's default will be used, which + might be configured in the container image. Cannot + be updated. + type: string + required: + - name + type: object + type: array + hostAliases: + description: HostAliases is an optional list of hosts and + IPs that will be injected into the pod's hosts file if specified. + This is only valid for non-hostNetwork pods. + items: + description: HostAlias holds the mapping between IP and + hostnames that will be injected as an entry in the pod's + hosts file. + properties: + hostnames: + description: Hostnames for the above IP address. + items: + type: string + type: array + ip: + description: IP address of the host file entry. + type: string + type: object + type: array + hostIPC: + description: 'Use the host''s ipc namespace. Optional: Default + to false.' + type: boolean + hostNetwork: + description: Host networking requested for this pod. Use the + host's network namespace. If this option is set, the ports + that will be used must be specified. Default to false. + type: boolean + hostPID: + description: 'Use the host''s pid namespace. Optional: Default + to false.' + type: boolean + hostname: + description: Specifies the hostname of the Pod If not specified, + the pod's hostname will be set to a system-defined value. + type: string + imagePullSecrets: + description: 'ImagePullSecrets is an optional list of references + to secrets in the same namespace to use for pulling any + of the images used by this PodSpec. If specified, these + secrets will be passed to individual puller implementations + for them to use. For example, in the case of docker, only + DockerConfig type secrets are honored. More info: https://kubernetes.io/docs/concepts/containers/images#specifying-imagepullsecrets-on-a-pod' + items: + description: LocalObjectReference contains enough information + to let you locate the referenced object inside the same + namespace. + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + type: object + type: array + initContainers: + description: 'List of initialization containers belonging + to the pod. Init containers are executed in order prior + to containers being started. If any init container fails, + the pod is considered to have failed and is handled according + to its restartPolicy. The name for an init container or + normal container must be unique among all containers. Init + containers may not have Lifecycle actions, Readiness probes, + Liveness probes, or Startup probes. The resourceRequirements + of an init container are taken into account during scheduling + by finding the highest request/limit for each resource type, + and then using the max of of that value or the sum of the + normal containers. Limits are applied to init containers + in a similar fashion. Init containers cannot currently be + added or removed. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/' + items: + description: A single application container that you want + to run within a pod. + properties: + args: + description: 'Arguments to the entrypoint. The docker + image''s CMD is used if this is not provided. Variable + references $(VAR_NAME) are expanded using the container''s + environment. If a variable cannot be resolved, the + reference in the input string will be unchanged. Double + $$ are reduced to a single $, which allows for escaping + the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce + the string literal "$(VAR_NAME)". Escaped references + will never be expanded, regardless of whether the + variable exists or not. Cannot be updated. More info: + https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' + items: + type: string + type: array + command: + description: 'Entrypoint array. Not executed within + a shell. The docker image''s ENTRYPOINT is used if + this is not provided. Variable references $(VAR_NAME) + are expanded using the container''s environment. If + a variable cannot be resolved, the reference in the + input string will be unchanged. Double $$ are reduced + to a single $, which allows for escaping the $(VAR_NAME) + syntax: i.e. "$$(VAR_NAME)" will produce the string + literal "$(VAR_NAME)". Escaped references will never + be expanded, regardless of whether the variable exists + or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' + items: + type: string + type: array + env: + description: List of environment variables to set in + the container. Cannot be updated. + items: + description: EnvVar represents an environment variable + present in a Container. + properties: + name: + description: Name of the environment variable. + Must be a C_IDENTIFIER. + type: string + value: + description: 'Variable references $(VAR_NAME) + are expanded using the previously defined environment + variables in the container and any service environment + variables. If a variable cannot be resolved, + the reference in the input string will be unchanged. + Double $$ are reduced to a single $, which allows + for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" + will produce the string literal "$(VAR_NAME)". + Escaped references will never be expanded, regardless + of whether the variable exists or not. Defaults + to "".' + type: string + valueFrom: + description: Source for the environment variable's + value. Cannot be used if value is not empty. + properties: + configMapKeyRef: + description: Selects a key of a ConfigMap. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the ConfigMap + or its key must be defined + type: boolean + required: + - key + type: object + fieldRef: + description: 'Selects a field of the pod: + supports metadata.name, metadata.namespace, + `metadata.labels['''']`, `metadata.annotations['''']`, + spec.nodeName, spec.serviceAccountName, + status.hostIP, status.podIP, status.podIPs.' + properties: + apiVersion: + description: Version of the schema the + FieldPath is written in terms of, defaults + to "v1". + type: string + fieldPath: + description: Path of the field to select + in the specified API version. + type: string + required: + - fieldPath + type: object + resourceFieldRef: + description: 'Selects a resource of the container: + only resources limits and requests (limits.cpu, + limits.memory, limits.ephemeral-storage, + requests.cpu, requests.memory and requests.ephemeral-storage) + are currently supported.' + properties: + containerName: + description: 'Container name: required + for volumes, optional for env vars' + type: string + divisor: + anyOf: + - type: integer + - type: string + description: Specifies the output format + of the exposed resources, defaults to + "1" + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + description: 'Required: resource to select' + type: string + required: + - resource + type: object + secretKeyRef: + description: Selects a key of a secret in + the pod's namespace + properties: + key: + description: The key of the secret to + select from. Must be a valid secret + key. + type: string + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + required: + - key + type: object + type: object + required: + - name + type: object + type: array + envFrom: + description: List of sources to populate environment + variables in the container. The keys defined within + a source must be a C_IDENTIFIER. All invalid keys + will be reported as an event when the container is + starting. When a key exists in multiple sources, the + value associated with the last source will take precedence. + Values defined by an Env with a duplicate key will + take precedence. Cannot be updated. + items: + description: EnvFromSource represents the source of + a set of ConfigMaps + properties: + configMapRef: + description: The ConfigMap to select from + properties: + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the ConfigMap + must be defined + type: boolean + type: object + prefix: + description: An optional identifier to prepend + to each key in the ConfigMap. Must be a C_IDENTIFIER. + type: string + secretRef: + description: The Secret to select from + properties: + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret must + be defined + type: boolean + type: object + type: object + type: array + image: + description: 'Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images + This field is optional to allow higher level config + management to default or override container images + in workload controllers like Deployments and StatefulSets.' + type: string + imagePullPolicy: + description: 'Image pull policy. One of Always, Never, + IfNotPresent. Defaults to Always if :latest tag is + specified, or IfNotPresent otherwise. Cannot be updated. + More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' + type: string + lifecycle: + description: Actions that the management system should + take in response to container lifecycle events. Cannot + be updated. + properties: + postStart: + description: 'PostStart is called immediately after + a container is created. If the handler fails, + the container is terminated and restarted according + to its restart policy. Other management of the + container blocks until the hook completes. More + info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' + properties: + exec: + description: Exec specifies the action to take. + properties: + command: + description: Command is the command line + to execute inside the container, the working + directory for the command is root ('/') + in the container's filesystem. The command + is simply exec'd, it is not run inside + a shell, so traditional shell instructions + ('|', etc) won't work. To use a shell, + you need to explicitly call out to that + shell. Exit status of 0 is treated as + live/healthy and non-zero is unhealthy. + items: + type: string + type: array + type: object + httpGet: + description: HTTPGet specifies the http request + to perform. + properties: + host: + description: Host name to connect to, defaults + to the pod IP. You probably want to set + "Host" in httpHeaders instead. + type: string + httpHeaders: + description: Custom headers to set in the + request. HTTP allows repeated headers. + items: + description: HTTPHeader describes a custom + header to be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP + server. + type: string + port: + anyOf: + - type: integer + - type: string + description: Name or number of the port + to access on the container. Number must + be in the range 1 to 65535. Name must + be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: Scheme to use for connecting + to the host. Defaults to HTTP. + type: string + required: + - port + type: object + tcpSocket: + description: Deprecated. TCPSocket is NOT supported + as a LifecycleHandler and kept for the backward + compatibility. There are no validation of + this field and lifecycle hooks will fail in + runtime when tcp handler is specified. + properties: + host: + description: 'Optional: Host name to connect + to, defaults to the pod IP.' + type: string + port: + anyOf: + - type: integer + - type: string + description: Number or name of the port + to access on the container. Number must + be in the range 1 to 65535. Name must + be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + type: object + preStop: + description: 'PreStop is called immediately before + a container is terminated due to an API request + or management event such as liveness/startup probe + failure, preemption, resource contention, etc. + The handler is not called if the container crashes + or exits. The Pod''s termination grace period + countdown begins before the PreStop hook is executed. + Regardless of the outcome of the handler, the + container will eventually terminate within the + Pod''s termination grace period (unless delayed + by finalizers). Other management of the container + blocks until the hook completes or until the termination + grace period is reached. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' + properties: + exec: + description: Exec specifies the action to take. + properties: + command: + description: Command is the command line + to execute inside the container, the working + directory for the command is root ('/') + in the container's filesystem. The command + is simply exec'd, it is not run inside + a shell, so traditional shell instructions + ('|', etc) won't work. To use a shell, + you need to explicitly call out to that + shell. Exit status of 0 is treated as + live/healthy and non-zero is unhealthy. + items: + type: string + type: array + type: object + httpGet: + description: HTTPGet specifies the http request + to perform. + properties: + host: + description: Host name to connect to, defaults + to the pod IP. You probably want to set + "Host" in httpHeaders instead. + type: string + httpHeaders: + description: Custom headers to set in the + request. HTTP allows repeated headers. + items: + description: HTTPHeader describes a custom + header to be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP + server. + type: string + port: + anyOf: + - type: integer + - type: string + description: Name or number of the port + to access on the container. Number must + be in the range 1 to 65535. Name must + be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: Scheme to use for connecting + to the host. Defaults to HTTP. + type: string + required: + - port + type: object + tcpSocket: + description: Deprecated. TCPSocket is NOT supported + as a LifecycleHandler and kept for the backward + compatibility. There are no validation of + this field and lifecycle hooks will fail in + runtime when tcp handler is specified. + properties: + host: + description: 'Optional: Host name to connect + to, defaults to the pod IP.' + type: string + port: + anyOf: + - type: integer + - type: string + description: Number or name of the port + to access on the container. Number must + be in the range 1 to 65535. Name must + be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + type: object + type: object + livenessProbe: + description: 'Periodic probe of container liveness. + Container will be restarted if the probe fails. Cannot + be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + properties: + exec: + description: Exec specifies the action to take. + properties: + command: + description: Command is the command line to + execute inside the container, the working + directory for the command is root ('/') in + the container's filesystem. The command is + simply exec'd, it is not run inside a shell, + so traditional shell instructions ('|', etc) + won't work. To use a shell, you need to explicitly + call out to that shell. Exit status of 0 is + treated as live/healthy and non-zero is unhealthy. + items: + type: string + type: array + type: object + failureThreshold: + description: Minimum consecutive failures for the + probe to be considered failed after having succeeded. + Defaults to 3. Minimum value is 1. + format: int32 + type: integer + grpc: + description: GRPC specifies an action involving + a GRPC port. This is an alpha field and requires + enabling GRPCContainerProbe feature gate. + properties: + port: + description: Port number of the gRPC service. + Number must be in the range 1 to 65535. + format: int32 + type: integer + service: + description: "Service is the name of the service + to place in the gRPC HealthCheckRequest (see + https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + \n If this is not specified, the default behavior + is defined by gRPC." + type: string + required: + - port + type: object + httpGet: + description: HTTPGet specifies the http request + to perform. + properties: + host: + description: Host name to connect to, defaults + to the pod IP. You probably want to set "Host" + in httpHeaders instead. + type: string + httpHeaders: + description: Custom headers to set in the request. + HTTP allows repeated headers. + items: + description: HTTPHeader describes a custom + header to be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: integer + - type: string + description: Name or number of the port to access + on the container. Number must be in the range + 1 to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: Scheme to use for connecting to + the host. Defaults to HTTP. + type: string + required: + - port + type: object + initialDelaySeconds: + description: 'Number of seconds after the container + has started before liveness probes are initiated. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + periodSeconds: + description: How often (in seconds) to perform the + probe. Default to 10 seconds. Minimum value is + 1. + format: int32 + type: integer + successThreshold: + description: Minimum consecutive successes for the + probe to be considered successful after having + failed. Defaults to 1. Must be 1 for liveness + and startup. Minimum value is 1. + format: int32 + type: integer + tcpSocket: + description: TCPSocket specifies an action involving + a TCP port. + properties: + host: + description: 'Optional: Host name to connect + to, defaults to the pod IP.' + type: string + port: + anyOf: + - type: integer + - type: string + description: Number or name of the port to access + on the container. Number must be in the range + 1 to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + terminationGracePeriodSeconds: + description: Optional duration in seconds the pod + needs to terminate gracefully upon probe failure. + The grace period is the duration in seconds after + the processes running in the pod are sent a termination + signal and the time when the processes are forcibly + halted with a kill signal. Set this value longer + than the expected cleanup time for your process. + If this value is nil, the pod's terminationGracePeriodSeconds + will be used. Otherwise, this value overrides + the value provided by the pod spec. Value must + be non-negative integer. The value zero indicates + stop immediately via the kill signal (no opportunity + to shut down). This is a beta field and requires + enabling ProbeTerminationGracePeriod feature gate. + Minimum value is 1. spec.terminationGracePeriodSeconds + is used if unset. + format: int64 + type: integer + timeoutSeconds: + description: 'Number of seconds after which the + probe times out. Defaults to 1 second. Minimum + value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + type: object + name: + description: Name of the container specified as a DNS_LABEL. + Each container in a pod must have a unique name (DNS_LABEL). + Cannot be updated. + type: string + ports: + description: List of ports to expose from the container. + Exposing a port here gives the system additional information + about the network connections a container uses, but + is primarily informational. Not specifying a port + here DOES NOT prevent that port from being exposed. + Any port which is listening on the default "0.0.0.0" + address inside a container will be accessible from + the network. Cannot be updated. + items: + description: ContainerPort represents a network port + in a single container. + properties: + containerPort: + description: Number of port to expose on the pod's + IP address. This must be a valid port number, + 0 < x < 65536. + format: int32 + type: integer + hostIP: + description: What host IP to bind the external + port to. + type: string + hostPort: + description: Number of port to expose on the host. + If specified, this must be a valid port number, + 0 < x < 65536. If HostNetwork is specified, + this must match ContainerPort. Most containers + do not need this. + format: int32 + type: integer + name: + description: If specified, this must be an IANA_SVC_NAME + and unique within the pod. Each named port in + a pod must have a unique name. Name for the + port that can be referred to by services. + type: string + protocol: + default: TCP + description: Protocol for port. Must be UDP, TCP, + or SCTP. Defaults to "TCP". + type: string + required: + - containerPort + type: object + type: array + x-kubernetes-list-map-keys: + - containerPort + - protocol + x-kubernetes-list-type: map + readinessProbe: + description: 'Periodic probe of container service readiness. + Container will be removed from service endpoints if + the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + properties: + exec: + description: Exec specifies the action to take. + properties: + command: + description: Command is the command line to + execute inside the container, the working + directory for the command is root ('/') in + the container's filesystem. The command is + simply exec'd, it is not run inside a shell, + so traditional shell instructions ('|', etc) + won't work. To use a shell, you need to explicitly + call out to that shell. Exit status of 0 is + treated as live/healthy and non-zero is unhealthy. + items: + type: string + type: array + type: object + failureThreshold: + description: Minimum consecutive failures for the + probe to be considered failed after having succeeded. + Defaults to 3. Minimum value is 1. + format: int32 + type: integer + grpc: + description: GRPC specifies an action involving + a GRPC port. This is an alpha field and requires + enabling GRPCContainerProbe feature gate. + properties: + port: + description: Port number of the gRPC service. + Number must be in the range 1 to 65535. + format: int32 + type: integer + service: + description: "Service is the name of the service + to place in the gRPC HealthCheckRequest (see + https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + \n If this is not specified, the default behavior + is defined by gRPC." + type: string + required: + - port + type: object + httpGet: + description: HTTPGet specifies the http request + to perform. + properties: + host: + description: Host name to connect to, defaults + to the pod IP. You probably want to set "Host" + in httpHeaders instead. + type: string + httpHeaders: + description: Custom headers to set in the request. + HTTP allows repeated headers. + items: + description: HTTPHeader describes a custom + header to be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: integer + - type: string + description: Name or number of the port to access + on the container. Number must be in the range + 1 to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: Scheme to use for connecting to + the host. Defaults to HTTP. + type: string + required: + - port + type: object + initialDelaySeconds: + description: 'Number of seconds after the container + has started before liveness probes are initiated. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + periodSeconds: + description: How often (in seconds) to perform the + probe. Default to 10 seconds. Minimum value is + 1. + format: int32 + type: integer + successThreshold: + description: Minimum consecutive successes for the + probe to be considered successful after having + failed. Defaults to 1. Must be 1 for liveness + and startup. Minimum value is 1. + format: int32 + type: integer + tcpSocket: + description: TCPSocket specifies an action involving + a TCP port. + properties: + host: + description: 'Optional: Host name to connect + to, defaults to the pod IP.' + type: string + port: + anyOf: + - type: integer + - type: string + description: Number or name of the port to access + on the container. Number must be in the range + 1 to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + terminationGracePeriodSeconds: + description: Optional duration in seconds the pod + needs to terminate gracefully upon probe failure. + The grace period is the duration in seconds after + the processes running in the pod are sent a termination + signal and the time when the processes are forcibly + halted with a kill signal. Set this value longer + than the expected cleanup time for your process. + If this value is nil, the pod's terminationGracePeriodSeconds + will be used. Otherwise, this value overrides + the value provided by the pod spec. Value must + be non-negative integer. The value zero indicates + stop immediately via the kill signal (no opportunity + to shut down). This is a beta field and requires + enabling ProbeTerminationGracePeriod feature gate. + Minimum value is 1. spec.terminationGracePeriodSeconds + is used if unset. + format: int64 + type: integer + timeoutSeconds: + description: 'Number of seconds after which the + probe times out. Defaults to 1 second. Minimum + value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + type: object + resources: + description: 'Compute Resources required by this container. + Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + properties: + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum amount + of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum amount + of compute resources required. If Requests is + omitted for a container, it defaults to Limits + if that is explicitly specified, otherwise to + an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + type: object + securityContext: + description: 'SecurityContext defines the security options + the container should be run with. If set, the fields + of SecurityContext override the equivalent fields + of PodSecurityContext. More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/' + properties: + allowPrivilegeEscalation: + description: 'AllowPrivilegeEscalation controls + whether a process can gain more privileges than + its parent process. This bool directly controls + if the no_new_privs flag will be set on the container + process. AllowPrivilegeEscalation is true always + when the container is: 1) run as Privileged 2) + has CAP_SYS_ADMIN Note that this field cannot + be set when spec.os.name is windows.' + type: boolean + capabilities: + description: The capabilities to add/drop when running + containers. Defaults to the default set of capabilities + granted by the container runtime. Note that this + field cannot be set when spec.os.name is windows. + properties: + add: + description: Added capabilities + items: + description: Capability represent POSIX capabilities + type + type: string + type: array + drop: + description: Removed capabilities + items: + description: Capability represent POSIX capabilities + type + type: string + type: array + type: object + privileged: + description: Run container in privileged mode. Processes + in privileged containers are essentially equivalent + to root on the host. Defaults to false. Note that + this field cannot be set when spec.os.name is + windows. + type: boolean + procMount: + description: procMount denotes the type of proc + mount to use for the containers. The default is + DefaultProcMount which uses the container runtime + defaults for readonly paths and masked paths. + This requires the ProcMountType feature flag to + be enabled. Note that this field cannot be set + when spec.os.name is windows. + type: string + readOnlyRootFilesystem: + description: Whether this container has a read-only + root filesystem. Default is false. Note that this + field cannot be set when spec.os.name is windows. + type: boolean + runAsGroup: + description: The GID to run the entrypoint of the + container process. Uses runtime default if unset. + May also be set in PodSecurityContext. If set + in both SecurityContext and PodSecurityContext, + the value specified in SecurityContext takes precedence. + Note that this field cannot be set when spec.os.name + is windows. + format: int64 + type: integer + runAsNonRoot: + description: Indicates that the container must run + as a non-root user. If true, the Kubelet will + validate the image at runtime to ensure that it + does not run as UID 0 (root) and fail to start + the container if it does. If unset or false, no + such validation will be performed. May also be + set in PodSecurityContext. If set in both SecurityContext + and PodSecurityContext, the value specified in + SecurityContext takes precedence. + type: boolean + runAsUser: + description: The UID to run the entrypoint of the + container process. Defaults to user specified + in image metadata if unspecified. May also be + set in PodSecurityContext. If set in both SecurityContext + and PodSecurityContext, the value specified in + SecurityContext takes precedence. Note that this + field cannot be set when spec.os.name is windows. + format: int64 + type: integer + seLinuxOptions: + description: The SELinux context to be applied to + the container. If unspecified, the container runtime + will allocate a random SELinux context for each + container. May also be set in PodSecurityContext. If + set in both SecurityContext and PodSecurityContext, + the value specified in SecurityContext takes precedence. + Note that this field cannot be set when spec.os.name + is windows. + properties: + level: + description: Level is SELinux level label that + applies to the container. + type: string + role: + description: Role is a SELinux role label that + applies to the container. + type: string + type: + description: Type is a SELinux type label that + applies to the container. + type: string + user: + description: User is a SELinux user label that + applies to the container. + type: string + type: object + seccompProfile: + description: The seccomp options to use by this + container. If seccomp options are provided at + both the pod & container level, the container + options override the pod options. Note that this + field cannot be set when spec.os.name is windows. + properties: + localhostProfile: + description: localhostProfile indicates a profile + defined in a file on the node should be used. + The profile must be preconfigured on the node + to work. Must be a descending path, relative + to the kubelet's configured seccomp profile + location. Must only be set if type is "Localhost". + type: string + type: + description: "type indicates which kind of seccomp + profile will be applied. Valid options are: + \n Localhost - a profile defined in a file + on the node should be used. RuntimeDefault + - the container runtime default profile should + be used. Unconfined - no profile should be + applied." + type: string + required: + - type + type: object + windowsOptions: + description: The Windows specific settings applied + to all containers. If unspecified, the options + from the PodSecurityContext will be used. If set + in both SecurityContext and PodSecurityContext, + the value specified in SecurityContext takes precedence. + Note that this field cannot be set when spec.os.name + is linux. + properties: + gmsaCredentialSpec: + description: GMSACredentialSpec is where the + GMSA admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) + inlines the contents of the GMSA credential + spec named by the GMSACredentialSpecName field. + type: string + gmsaCredentialSpecName: + description: GMSACredentialSpecName is the name + of the GMSA credential spec to use. + type: string + hostProcess: + description: HostProcess determines if a container + should be run as a 'Host Process' container. + This field is alpha-level and will only be + honored by components that enable the WindowsHostProcessContainers + feature flag. Setting this field without the + feature flag will result in errors when validating + the Pod. All of a Pod's containers must have + the same effective HostProcess value (it is + not allowed to have a mix of HostProcess containers + and non-HostProcess containers). In addition, + if HostProcess is true then HostNetwork must + also be set to true. + type: boolean + runAsUserName: + description: The UserName in Windows to run + the entrypoint of the container process. Defaults + to the user specified in image metadata if + unspecified. May also be set in PodSecurityContext. + If set in both SecurityContext and PodSecurityContext, + the value specified in SecurityContext takes + precedence. + type: string + type: object + type: object + startupProbe: + description: 'StartupProbe indicates that the Pod has + successfully initialized. If specified, no other probes + are executed until this completes successfully. If + this probe fails, the Pod will be restarted, just + as if the livenessProbe failed. This can be used to + provide different probe parameters at the beginning + of a Pod''s lifecycle, when it might take a long time + to load data or warm a cache, than during steady-state + operation. This cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + properties: + exec: + description: Exec specifies the action to take. + properties: + command: + description: Command is the command line to + execute inside the container, the working + directory for the command is root ('/') in + the container's filesystem. The command is + simply exec'd, it is not run inside a shell, + so traditional shell instructions ('|', etc) + won't work. To use a shell, you need to explicitly + call out to that shell. Exit status of 0 is + treated as live/healthy and non-zero is unhealthy. + items: + type: string + type: array + type: object + failureThreshold: + description: Minimum consecutive failures for the + probe to be considered failed after having succeeded. + Defaults to 3. Minimum value is 1. + format: int32 + type: integer + grpc: + description: GRPC specifies an action involving + a GRPC port. This is an alpha field and requires + enabling GRPCContainerProbe feature gate. + properties: + port: + description: Port number of the gRPC service. + Number must be in the range 1 to 65535. + format: int32 + type: integer + service: + description: "Service is the name of the service + to place in the gRPC HealthCheckRequest (see + https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + \n If this is not specified, the default behavior + is defined by gRPC." + type: string + required: + - port + type: object + httpGet: + description: HTTPGet specifies the http request + to perform. + properties: + host: + description: Host name to connect to, defaults + to the pod IP. You probably want to set "Host" + in httpHeaders instead. + type: string + httpHeaders: + description: Custom headers to set in the request. + HTTP allows repeated headers. + items: + description: HTTPHeader describes a custom + header to be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: integer + - type: string + description: Name or number of the port to access + on the container. Number must be in the range + 1 to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: Scheme to use for connecting to + the host. Defaults to HTTP. + type: string + required: + - port + type: object + initialDelaySeconds: + description: 'Number of seconds after the container + has started before liveness probes are initiated. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + periodSeconds: + description: How often (in seconds) to perform the + probe. Default to 10 seconds. Minimum value is + 1. + format: int32 + type: integer + successThreshold: + description: Minimum consecutive successes for the + probe to be considered successful after having + failed. Defaults to 1. Must be 1 for liveness + and startup. Minimum value is 1. + format: int32 + type: integer + tcpSocket: + description: TCPSocket specifies an action involving + a TCP port. + properties: + host: + description: 'Optional: Host name to connect + to, defaults to the pod IP.' + type: string + port: + anyOf: + - type: integer + - type: string + description: Number or name of the port to access + on the container. Number must be in the range + 1 to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + terminationGracePeriodSeconds: + description: Optional duration in seconds the pod + needs to terminate gracefully upon probe failure. + The grace period is the duration in seconds after + the processes running in the pod are sent a termination + signal and the time when the processes are forcibly + halted with a kill signal. Set this value longer + than the expected cleanup time for your process. + If this value is nil, the pod's terminationGracePeriodSeconds + will be used. Otherwise, this value overrides + the value provided by the pod spec. Value must + be non-negative integer. The value zero indicates + stop immediately via the kill signal (no opportunity + to shut down). This is a beta field and requires + enabling ProbeTerminationGracePeriod feature gate. + Minimum value is 1. spec.terminationGracePeriodSeconds + is used if unset. + format: int64 + type: integer + timeoutSeconds: + description: 'Number of seconds after which the + probe times out. Defaults to 1 second. Minimum + value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + type: object + stdin: + description: Whether this container should allocate + a buffer for stdin in the container runtime. If this + is not set, reads from stdin in the container will + always result in EOF. Default is false. + type: boolean + stdinOnce: + description: Whether the container runtime should close + the stdin channel after it has been opened by a single + attach. When stdin is true the stdin stream will remain + open across multiple attach sessions. If stdinOnce + is set to true, stdin is opened on container start, + is empty until the first client attaches to stdin, + and then remains open and accepts data until the client + disconnects, at which time stdin is closed and remains + closed until the container is restarted. If this flag + is false, a container processes that reads from stdin + will never receive an EOF. Default is false + type: boolean + terminationMessagePath: + description: 'Optional: Path at which the file to which + the container''s termination message will be written + is mounted into the container''s filesystem. Message + written is intended to be brief final status, such + as an assertion failure message. Will be truncated + by the node if greater than 4096 bytes. The total + message length across all containers will be limited + to 12kb. Defaults to /dev/termination-log. Cannot + be updated.' + type: string + terminationMessagePolicy: + description: Indicate how the termination message should + be populated. File will use the contents of terminationMessagePath + to populate the container status message on both success + and failure. FallbackToLogsOnError will use the last + chunk of container log output if the termination message + file is empty and the container exited with an error. + The log output is limited to 2048 bytes or 80 lines, + whichever is smaller. Defaults to File. Cannot be + updated. + type: string + tty: + description: Whether this container should allocate + a TTY for itself, also requires 'stdin' to be true. + Default is false. + type: boolean + volumeDevices: + description: volumeDevices is the list of block devices + to be used by the container. + items: + description: volumeDevice describes a mapping of a + raw block device within a container. + properties: + devicePath: + description: devicePath is the path inside of + the container that the device will be mapped + to. + type: string + name: + description: name must match the name of a persistentVolumeClaim + in the pod + type: string + required: + - devicePath + - name + type: object + type: array + volumeMounts: + description: Pod volumes to mount into the container's + filesystem. Cannot be updated. + items: + description: VolumeMount describes a mounting of a + Volume within a container. + properties: + mountPath: + description: Path within the container at which + the volume should be mounted. Must not contain + ':'. + type: string + mountPropagation: + description: mountPropagation determines how mounts + are propagated from the host to container and + the other way around. When not set, MountPropagationNone + is used. This field is beta in 1.10. + type: string + name: + description: This must match the Name of a Volume. + type: string + readOnly: + description: Mounted read-only if true, read-write + otherwise (false or unspecified). Defaults to + false. + type: boolean + subPath: + description: Path within the volume from which + the container's volume should be mounted. Defaults + to "" (volume's root). + type: string + subPathExpr: + description: Expanded path within the volume from + which the container's volume should be mounted. + Behaves similarly to SubPath but environment + variable references $(VAR_NAME) are expanded + using the container's environment. Defaults + to "" (volume's root). SubPathExpr and SubPath + are mutually exclusive. + type: string + required: + - mountPath + - name + type: object + type: array + workingDir: + description: Container's working directory. If not specified, + the container runtime's default will be used, which + might be configured in the container image. Cannot + be updated. + type: string + required: + - name + type: object + type: array + nodeName: + description: NodeName is a request to schedule this pod onto + a specific node. If it is non-empty, the scheduler simply + schedules this pod onto that node, assuming that it fits + resource requirements. + type: string + nodeSelector: + additionalProperties: + type: string + description: 'NodeSelector is a selector which must be true + for the pod to fit on a node. Selector which must match + a node''s labels for the pod to be scheduled on that node. + More info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/' + type: object + x-kubernetes-map-type: atomic + os: + description: "Specifies the OS of the containers in the pod. + Some pod and container fields are restricted if this is + set. \n If the OS field is set to linux, the following fields + must be unset: -securityContext.windowsOptions \n If the + OS field is set to windows, following fields must be unset: + - spec.hostPID - spec.hostIPC - spec.securityContext.seLinuxOptions + - spec.securityContext.seccompProfile - spec.securityContext.fsGroup + - spec.securityContext.fsGroupChangePolicy - spec.securityContext.sysctls + - spec.shareProcessNamespace - spec.securityContext.runAsUser + - spec.securityContext.runAsGroup - spec.securityContext.supplementalGroups + - spec.containers[*].securityContext.seLinuxOptions - spec.containers[*].securityContext.seccompProfile + - spec.containers[*].securityContext.capabilities - spec.containers[*].securityContext.readOnlyRootFilesystem + - spec.containers[*].securityContext.privileged - spec.containers[*].securityContext.allowPrivilegeEscalation + - spec.containers[*].securityContext.procMount - spec.containers[*].securityContext.runAsUser + - spec.containers[*].securityContext.runAsGroup This is + an alpha field and requires the IdentifyPodOS feature" + properties: + name: + description: 'Name is the name of the operating system. + The currently supported values are linux and windows. + Additional value may be defined in future and can be + one of: https://github.com/opencontainers/runtime-spec/blob/master/config.md#platform-specific-configuration + Clients should expect to handle additional values and + treat unrecognized values in this field as os: null' + type: string + required: + - name + type: object + overhead: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Overhead represents the resource overhead associated + with running a pod for a given RuntimeClass. This field + will be autopopulated at admission time by the RuntimeClass + admission controller. If the RuntimeClass admission controller + is enabled, overhead must not be set in Pod create requests. + The RuntimeClass admission controller will reject Pod create + requests which have the overhead already set. If RuntimeClass + is configured and selected in the PodSpec, Overhead will + be set to the value defined in the corresponding RuntimeClass, + otherwise it will remain unset and treated as zero. More + info: https://git.k8s.io/enhancements/keps/sig-node/688-pod-overhead/README.md + This field is beta-level as of Kubernetes v1.18, and is + only honored by servers that enable the PodOverhead feature.' + type: object + preemptionPolicy: + description: PreemptionPolicy is the Policy for preempting + pods with lower priority. One of Never, PreemptLowerPriority. + Defaults to PreemptLowerPriority if unset. This field is + beta-level, gated by the NonPreemptingPriority feature-gate. + type: string + priority: + description: The priority value. Various system components + use this field to find the priority of the pod. When Priority + Admission Controller is enabled, it prevents users from + setting this field. The admission controller populates this + field from PriorityClassName. The higher the value, the + higher the priority. + format: int32 + type: integer + priorityClassName: + description: If specified, indicates the pod's priority. "system-node-critical" + and "system-cluster-critical" are two special keywords which + indicate the highest priorities with the former being the + highest priority. Any other name must be defined by creating + a PriorityClass object with that name. If not specified, + the pod priority will be default or zero if there is no + default. + type: string + readinessGates: + description: 'If specified, all readiness gates will be evaluated + for pod readiness. A pod is ready when all its containers + are ready AND all conditions specified in the readiness + gates have status equal to "True" More info: https://git.k8s.io/enhancements/keps/sig-network/580-pod-readiness-gates' + items: + description: PodReadinessGate contains the reference to + a pod condition + properties: + conditionType: + description: ConditionType refers to a condition in + the pod's condition list with matching type. + type: string + required: + - conditionType + type: object + type: array + restartPolicy: + description: 'Restart policy for all containers within the + pod. One of Always, OnFailure, Never. Default to Always. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#restart-policy' + type: string + runtimeClassName: + description: 'RuntimeClassName refers to a RuntimeClass object + in the node.k8s.io group, which should be used to run this + pod. If no RuntimeClass resource matches the named class, + the pod will not be run. If unset or empty, the "legacy" + RuntimeClass will be used, which is an implicit class with + an empty definition that uses the default runtime handler. + More info: https://git.k8s.io/enhancements/keps/sig-node/585-runtime-class + This is a beta feature as of Kubernetes v1.14.' + type: string + schedulerName: + description: If specified, the pod will be dispatched by specified + scheduler. If not specified, the pod will be dispatched + by default scheduler. + type: string + securityContext: + description: 'SecurityContext holds pod-level security attributes + and common container settings. Optional: Defaults to empty. See + type description for default values of each field.' + properties: + fsGroup: + description: "A special supplemental group that applies + to all containers in a pod. Some volume types allow + the Kubelet to change the ownership of that volume to + be owned by the pod: \n 1. The owning GID will be the + FSGroup 2. The setgid bit is set (new files created + in the volume will be owned by FSGroup) 3. The permission + bits are OR'd with rw-rw---- \n If unset, the Kubelet + will not modify the ownership and permissions of any + volume. Note that this field cannot be set when spec.os.name + is windows." + format: int64 + type: integer + fsGroupChangePolicy: + description: 'fsGroupChangePolicy defines behavior of + changing ownership and permission of the volume before + being exposed inside Pod. This field will only apply + to volume types which support fsGroup based ownership(and + permissions). It will have no effect on ephemeral volume + types such as: secret, configmaps and emptydir. Valid + values are "OnRootMismatch" and "Always". If not specified, + "Always" is used. Note that this field cannot be set + when spec.os.name is windows.' + type: string + runAsGroup: + description: The GID to run the entrypoint of the container + process. Uses runtime default if unset. May also be + set in SecurityContext. If set in both SecurityContext + and PodSecurityContext, the value specified in SecurityContext + takes precedence for that container. Note that this + field cannot be set when spec.os.name is windows. + format: int64 + type: integer + runAsNonRoot: + description: Indicates that the container must run as + a non-root user. If true, the Kubelet will validate + the image at runtime to ensure that it does not run + as UID 0 (root) and fail to start the container if it + does. If unset or false, no such validation will be + performed. May also be set in SecurityContext. If set + in both SecurityContext and PodSecurityContext, the + value specified in SecurityContext takes precedence. + type: boolean + runAsUser: + description: The UID to run the entrypoint of the container + process. Defaults to user specified in image metadata + if unspecified. May also be set in SecurityContext. If + set in both SecurityContext and PodSecurityContext, + the value specified in SecurityContext takes precedence + for that container. Note that this field cannot be set + when spec.os.name is windows. + format: int64 + type: integer + seLinuxOptions: + description: The SELinux context to be applied to all + containers. If unspecified, the container runtime will + allocate a random SELinux context for each container. May + also be set in SecurityContext. If set in both SecurityContext + and PodSecurityContext, the value specified in SecurityContext + takes precedence for that container. Note that this + field cannot be set when spec.os.name is windows. + properties: + level: + description: Level is SELinux level label that applies + to the container. + type: string + role: + description: Role is a SELinux role label that applies + to the container. + type: string + type: + description: Type is a SELinux type label that applies + to the container. + type: string + user: + description: User is a SELinux user label that applies + to the container. + type: string + type: object + seccompProfile: + description: The seccomp options to use by the containers + in this pod. Note that this field cannot be set when + spec.os.name is windows. + properties: + localhostProfile: + description: localhostProfile indicates a profile + defined in a file on the node should be used. The + profile must be preconfigured on the node to work. + Must be a descending path, relative to the kubelet's + configured seccomp profile location. Must only be + set if type is "Localhost". + type: string + type: + description: "type indicates which kind of seccomp + profile will be applied. Valid options are: \n Localhost + - a profile defined in a file on the node should + be used. RuntimeDefault - the container runtime + default profile should be used. Unconfined - no + profile should be applied." + type: string + required: + - type + type: object + supplementalGroups: + description: A list of groups applied to the first process + run in each container, in addition to the container's + primary GID. If unspecified, no groups will be added + to any container. Note that this field cannot be set + when spec.os.name is windows. + items: + format: int64 + type: integer + type: array + sysctls: + description: Sysctls hold a list of namespaced sysctls + used for the pod. Pods with unsupported sysctls (by + the container runtime) might fail to launch. Note that + this field cannot be set when spec.os.name is windows. + items: + description: Sysctl defines a kernel parameter to be + set + properties: + name: + description: Name of a property to set + type: string + value: + description: Value of a property to set + type: string + required: + - name + - value + type: object + type: array + windowsOptions: + description: The Windows specific settings applied to + all containers. If unspecified, the options within a + container's SecurityContext will be used. If set in + both SecurityContext and PodSecurityContext, the value + specified in SecurityContext takes precedence. Note + that this field cannot be set when spec.os.name is linux. + properties: + gmsaCredentialSpec: + description: GMSACredentialSpec is where the GMSA + admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) + inlines the contents of the GMSA credential spec + named by the GMSACredentialSpecName field. + type: string + gmsaCredentialSpecName: + description: GMSACredentialSpecName is the name of + the GMSA credential spec to use. + type: string + hostProcess: + description: HostProcess determines if a container + should be run as a 'Host Process' container. This + field is alpha-level and will only be honored by + components that enable the WindowsHostProcessContainers + feature flag. Setting this field without the feature + flag will result in errors when validating the Pod. + All of a Pod's containers must have the same effective + HostProcess value (it is not allowed to have a mix + of HostProcess containers and non-HostProcess containers). In + addition, if HostProcess is true then HostNetwork + must also be set to true. + type: boolean + runAsUserName: + description: The UserName in Windows to run the entrypoint + of the container process. Defaults to the user specified + in image metadata if unspecified. May also be set + in PodSecurityContext. If set in both SecurityContext + and PodSecurityContext, the value specified in SecurityContext + takes precedence. + type: string + type: object + type: object + serviceAccount: + description: 'DeprecatedServiceAccount is a depreciated alias + for ServiceAccountName. Deprecated: Use serviceAccountName + instead.' + type: string + serviceAccountName: + description: 'ServiceAccountName is the name of the ServiceAccount + to use to run this pod. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/' + type: string + setHostnameAsFQDN: + description: If true the pod's hostname will be configured + as the pod's FQDN, rather than the leaf name (the default). + In Linux containers, this means setting the FQDN in the + hostname field of the kernel (the nodename field of struct + utsname). In Windows containers, this means setting the + registry value of hostname for the registry key HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Services\\Tcpip\\Parameters + to FQDN. If a pod does not have FQDN, this has no effect. + Default to false. + type: boolean + shareProcessNamespace: + description: 'Share a single process namespace between all + of the containers in a pod. When this is set containers + will be able to view and signal processes from other containers + in the same pod, and the first process in each container + will not be assigned PID 1. HostPID and ShareProcessNamespace + cannot both be set. Optional: Default to false.' + type: boolean + subdomain: + description: If specified, the fully qualified Pod hostname + will be "...svc.". If not specified, the pod will not have a domainname + at all. + type: string + terminationGracePeriodSeconds: + description: Optional duration in seconds the pod needs to + terminate gracefully. May be decreased in delete request. + Value must be non-negative integer. The value zero indicates + stop immediately via the kill signal (no opportunity to + shut down). If this value is nil, the default grace period + will be used instead. The grace period is the duration in + seconds after the processes running in the pod are sent + a termination signal and the time when the processes are + forcibly halted with a kill signal. Set this value longer + than the expected cleanup time for your process. Defaults + to 30 seconds. + format: int64 + type: integer + tolerations: + description: If specified, the pod's tolerations. + items: + description: The pod this Toleration is attached to tolerates + any taint that matches the triple using + the matching operator . + properties: + effect: + description: Effect indicates the taint effect to match. + Empty means match all taint effects. When specified, + allowed values are NoSchedule, PreferNoSchedule and + NoExecute. + type: string + key: + description: Key is the taint key that the toleration + applies to. Empty means match all taint keys. If the + key is empty, operator must be Exists; this combination + means to match all values and all keys. + type: string + operator: + description: Operator represents a key's relationship + to the value. Valid operators are Exists and Equal. + Defaults to Equal. Exists is equivalent to wildcard + for value, so that a pod can tolerate all taints of + a particular category. + type: string + tolerationSeconds: + description: TolerationSeconds represents the period + of time the toleration (which must be of effect NoExecute, + otherwise this field is ignored) tolerates the taint. + By default, it is not set, which means tolerate the + taint forever (do not evict). Zero and negative values + will be treated as 0 (evict immediately) by the system. + format: int64 + type: integer + value: + description: Value is the taint value the toleration + matches to. If the operator is Exists, the value should + be empty, otherwise just a regular string. + type: string + type: object + type: array + topologySpreadConstraints: + description: TopologySpreadConstraints describes how a group + of pods ought to spread across topology domains. Scheduler + will schedule pods in a way which abides by the constraints. + All topologySpreadConstraints are ANDed. + items: + description: TopologySpreadConstraint specifies how to spread + matching pods among the given topology. + properties: + labelSelector: + description: LabelSelector is used to find matching + pods. Pods that match this label selector are counted + to determine the number of pods in their corresponding + topology domain. + properties: + matchExpressions: + description: matchExpressions is a list of label + selector requirements. The requirements are ANDed. + items: + description: A label selector requirement is a + selector that contains values, a key, and an + operator that relates the key and values. + properties: + key: + description: key is the label key that the + selector applies to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are + In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. If the + operator is Exists or DoesNotExist, the + values array must be empty. This array is + replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is "In", + and the values array contains only "value". The + requirements are ANDed. + type: object + type: object + maxSkew: + description: 'MaxSkew describes the degree to which + pods may be unevenly distributed. When `whenUnsatisfiable=DoNotSchedule`, + it is the maximum permitted difference between the + number of matching pods in the target topology and + the global minimum. For example, in a 3-zone cluster, + MaxSkew is set to 1, and pods with the same labelSelector + spread as 1/1/0: | zone1 | zone2 | zone3 | | P | P | | + - if MaxSkew is 1, incoming pod can only be scheduled + to zone3 to become 1/1/1; scheduling it onto zone1(zone2) + would make the ActualSkew(2-0) on zone1(zone2) violate + MaxSkew(1). - if MaxSkew is 2, incoming pod can be + scheduled onto any zone. When `whenUnsatisfiable=ScheduleAnyway`, + it is used to give higher precedence to topologies + that satisfy it. It''s a required field. Default value + is 1 and 0 is not allowed.' + format: int32 + type: integer + topologyKey: + description: TopologyKey is the key of node labels. + Nodes that have a label with this key and identical + values are considered to be in the same topology. + We consider each as a "bucket", and try + to put balanced number of pods into each bucket. It's + a required field. + type: string + whenUnsatisfiable: + description: 'WhenUnsatisfiable indicates how to deal + with a pod if it doesn''t satisfy the spread constraint. + - DoNotSchedule (default) tells the scheduler not + to schedule it. - ScheduleAnyway tells the scheduler + to schedule the pod in any location, but giving + higher precedence to topologies that would help reduce + the skew. A constraint is considered "Unsatisfiable" + for an incoming pod if and only if every possible + node assignment for that pod would violate "MaxSkew" + on some topology. For example, in a 3-zone cluster, + MaxSkew is set to 1, and pods with the same labelSelector + spread as 3/1/1: | zone1 | zone2 | zone3 | | P P P + | P | P | If WhenUnsatisfiable is set to DoNotSchedule, + incoming pod can only be scheduled to zone2(zone3) + to become 3/2/1(3/1/2) as ActualSkew(2-1) on zone2(zone3) + satisfies MaxSkew(1). In other words, the cluster + can still be imbalanced, but scheduler won''t make + it *more* imbalanced. It''s a required field.' + type: string + required: + - maxSkew + - topologyKey + - whenUnsatisfiable + type: object + type: array + x-kubernetes-list-map-keys: + - topologyKey + - whenUnsatisfiable + x-kubernetes-list-type: map + volumes: + description: 'List of volumes that can be mounted by containers + belonging to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes' + items: + description: Volume represents a named volume in a pod that + may be accessed by any container in the pod. + properties: + awsElasticBlockStore: + description: 'AWSElasticBlockStore represents an AWS + Disk resource that is attached to a kubelet''s host + machine and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' + properties: + fsType: + description: 'Filesystem type of the volume that + you want to mount. Tip: Ensure that the filesystem + type is supported by the host operating system. + Examples: "ext4", "xfs", "ntfs". Implicitly inferred + to be "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore + TODO: how do we prevent errors in the filesystem + from compromising the machine' + type: string + partition: + description: 'The partition in the volume that you + want to mount. If omitted, the default is to mount + by volume name. Examples: For volume /dev/sda1, + you specify the partition as "1". Similarly, the + volume partition for /dev/sda is "0" (or you can + leave the property empty).' + format: int32 + type: integer + readOnly: + description: 'Specify "true" to force and set the + ReadOnly property in VolumeMounts to "true". If + omitted, the default is "false". More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' + type: boolean + volumeID: + description: 'Unique ID of the persistent disk resource + in AWS (Amazon EBS volume). More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' + type: string + required: + - volumeID + type: object + azureDisk: + description: AzureDisk represents an Azure Data Disk + mount on the host and bind mount to the pod. + properties: + cachingMode: + description: 'Host Caching mode: None, Read Only, + Read Write.' + type: string + diskName: + description: The Name of the data disk in the blob + storage + type: string + diskURI: + description: The URI the data disk in the blob storage + type: string + fsType: + description: Filesystem type to mount. Must be a + filesystem type supported by the host operating + system. Ex. "ext4", "xfs", "ntfs". Implicitly + inferred to be "ext4" if unspecified. + type: string + kind: + description: 'Expected values Shared: multiple blob + disks per storage account Dedicated: single blob + disk per storage account Managed: azure managed + data disk (only in managed availability set). + defaults to shared' + type: string + readOnly: + description: Defaults to false (read/write). ReadOnly + here will force the ReadOnly setting in VolumeMounts. + type: boolean + required: + - diskName + - diskURI + type: object + azureFile: + description: AzureFile represents an Azure File Service + mount on the host and bind mount to the pod. + properties: + readOnly: + description: Defaults to false (read/write). ReadOnly + here will force the ReadOnly setting in VolumeMounts. + type: boolean + secretName: + description: the name of secret that contains Azure + Storage Account Name and Key + type: string + shareName: + description: Share Name + type: string + required: + - secretName + - shareName + type: object + cephfs: + description: CephFS represents a Ceph FS mount on the + host that shares a pod's lifetime + properties: + monitors: + description: 'Required: Monitors is a collection + of Ceph monitors More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' + items: + type: string + type: array + path: + description: 'Optional: Used as the mounted root, + rather than the full Ceph tree, default is /' + type: string + readOnly: + description: 'Optional: Defaults to false (read/write). + ReadOnly here will force the ReadOnly setting + in VolumeMounts. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' + type: boolean + secretFile: + description: 'Optional: SecretFile is the path to + key ring for User, default is /etc/ceph/user.secret + More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' + type: string + secretRef: + description: 'Optional: SecretRef is reference to + the authentication secret for User, default is + empty. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' + properties: + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + type: object + user: + description: 'Optional: User is the rados user name, + default is admin More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' + type: string + required: + - monitors + type: object + cinder: + description: 'Cinder represents a cinder volume attached + and mounted on kubelets host machine. More info: https://examples.k8s.io/mysql-cinder-pd/README.md' + properties: + fsType: + description: 'Filesystem type to mount. Must be + a filesystem type supported by the host operating + system. Examples: "ext4", "xfs", "ntfs". Implicitly + inferred to be "ext4" if unspecified. More info: + https://examples.k8s.io/mysql-cinder-pd/README.md' + type: string + readOnly: + description: 'Optional: Defaults to false (read/write). + ReadOnly here will force the ReadOnly setting + in VolumeMounts. More info: https://examples.k8s.io/mysql-cinder-pd/README.md' + type: boolean + secretRef: + description: 'Optional: points to a secret object + containing parameters used to connect to OpenStack.' + properties: + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + type: object + volumeID: + description: 'volume id used to identify the volume + in cinder. More info: https://examples.k8s.io/mysql-cinder-pd/README.md' + type: string + required: + - volumeID + type: object + configMap: + description: ConfigMap represents a configMap that should + populate this volume + properties: + defaultMode: + description: 'Optional: mode bits used to set permissions + on created files by default. Must be an octal + value between 0000 and 0777 or a decimal value + between 0 and 511. YAML accepts both octal and + decimal values, JSON requires decimal values for + mode bits. Defaults to 0644. Directories within + the path are not affected by this setting. This + might be in conflict with other options that affect + the file mode, like fsGroup, and the result can + be other mode bits set.' + format: int32 + type: integer + items: + description: If unspecified, each key-value pair + in the Data field of the referenced ConfigMap + will be projected into the volume as a file whose + name is the key and content is the value. If specified, + the listed keys will be projected into the specified + paths, and unlisted keys will not be present. + If a key is specified which is not present in + the ConfigMap, the volume setup will error unless + it is marked optional. Paths must be relative + and may not contain the '..' path or start with + '..'. + items: + description: Maps a string key to a path within + a volume. + properties: + key: + description: The key to project. + type: string + mode: + description: 'Optional: mode bits used to + set permissions on this file. Must be an + octal value between 0000 and 0777 or a decimal + value between 0 and 511. YAML accepts both + octal and decimal values, JSON requires + decimal values for mode bits. If not specified, + the volume defaultMode will be used. This + might be in conflict with other options + that affect the file mode, like fsGroup, + and the result can be other mode bits set.' + format: int32 + type: integer + path: + description: The relative path of the file + to map the key to. May not be an absolute + path. May not contain the path element '..'. + May not start with the string '..'. + type: string + required: + - key + - path + type: object + type: array + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether the ConfigMap or its + keys must be defined + type: boolean + type: object + csi: + description: CSI (Container Storage Interface) represents + ephemeral storage that is handled by certain external + CSI drivers (Beta feature). + properties: + driver: + description: Driver is the name of the CSI driver + that handles this volume. Consult with your admin + for the correct name as registered in the cluster. + type: string + fsType: + description: Filesystem type to mount. Ex. "ext4", + "xfs", "ntfs". If not provided, the empty value + is passed to the associated CSI driver which will + determine the default filesystem to apply. + type: string + nodePublishSecretRef: + description: NodePublishSecretRef is a reference + to the secret object containing sensitive information + to pass to the CSI driver to complete the CSI + NodePublishVolume and NodeUnpublishVolume calls. + This field is optional, and may be empty if no + secret is required. If the secret object contains + more than one secret, all secret references are + passed. + properties: + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + type: object + readOnly: + description: Specifies a read-only configuration + for the volume. Defaults to false (read/write). + type: boolean + volumeAttributes: + additionalProperties: + type: string + description: VolumeAttributes stores driver-specific + properties that are passed to the CSI driver. + Consult your driver's documentation for supported + values. + type: object + required: + - driver + type: object + downwardAPI: + description: DownwardAPI represents downward API about + the pod that should populate this volume + properties: + defaultMode: + description: 'Optional: mode bits to use on created + files by default. Must be a Optional: mode bits + used to set permissions on created files by default. + Must be an octal value between 0000 and 0777 or + a decimal value between 0 and 511. YAML accepts + both octal and decimal values, JSON requires decimal + values for mode bits. Defaults to 0644. Directories + within the path are not affected by this setting. + This might be in conflict with other options that + affect the file mode, like fsGroup, and the result + can be other mode bits set.' + format: int32 + type: integer + items: + description: Items is a list of downward API volume + file + items: + description: DownwardAPIVolumeFile represents + information to create the file containing the + pod field + properties: + fieldRef: + description: 'Required: Selects a field of + the pod: only annotations, labels, name + and namespace are supported.' + properties: + apiVersion: + description: Version of the schema the + FieldPath is written in terms of, defaults + to "v1". + type: string + fieldPath: + description: Path of the field to select + in the specified API version. + type: string + required: + - fieldPath + type: object + mode: + description: 'Optional: mode bits used to + set permissions on this file, must be an + octal value between 0000 and 0777 or a decimal + value between 0 and 511. YAML accepts both + octal and decimal values, JSON requires + decimal values for mode bits. If not specified, + the volume defaultMode will be used. This + might be in conflict with other options + that affect the file mode, like fsGroup, + and the result can be other mode bits set.' + format: int32 + type: integer + path: + description: 'Required: Path is the relative + path name of the file to be created. Must + not be absolute or contain the ''..'' path. + Must be utf-8 encoded. The first item of + the relative path must not start with ''..''' + type: string + resourceFieldRef: + description: 'Selects a resource of the container: + only resources limits and requests (limits.cpu, + limits.memory, requests.cpu and requests.memory) + are currently supported.' + properties: + containerName: + description: 'Container name: required + for volumes, optional for env vars' + type: string + divisor: + anyOf: + - type: integer + - type: string + description: Specifies the output format + of the exposed resources, defaults to + "1" + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + description: 'Required: resource to select' + type: string + required: + - resource + type: object + required: + - path + type: object + type: array + type: object + emptyDir: + description: 'EmptyDir represents a temporary directory + that shares a pod''s lifetime. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' + properties: + medium: + description: 'What type of storage medium should + back this directory. The default is "" which means + to use the node''s default medium. Must be an + empty string (default) or Memory. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' + type: string + sizeLimit: + anyOf: + - type: integer + - type: string + description: 'Total amount of local storage required + for this EmptyDir volume. The size limit is also + applicable for memory medium. The maximum usage + on memory medium EmptyDir would be the minimum + value between the SizeLimit specified here and + the sum of memory limits of all containers in + a pod. The default is nil which means that the + limit is undefined. More info: http://kubernetes.io/docs/user-guide/volumes#emptydir' + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + ephemeral: + description: "Ephemeral represents a volume that is + handled by a cluster storage driver. The volume's + lifecycle is tied to the pod that defines it - it + will be created before the pod starts, and deleted + when the pod is removed. \n Use this if: a) the volume + is only needed while the pod runs, b) features of + normal volumes like restoring from snapshot or capacity + \ tracking are needed, c) the storage driver is + specified through a storage class, and d) the storage + driver supports dynamic volume provisioning through + \ a PersistentVolumeClaim (see EphemeralVolumeSource + for more information on the connection between + this volume type and PersistentVolumeClaim). \n + Use PersistentVolumeClaim or one of the vendor-specific + APIs for volumes that persist for longer than the + lifecycle of an individual pod. \n Use CSI for light-weight + local ephemeral volumes if the CSI driver is meant + to be used that way - see the documentation of the + driver for more information. \n A pod can use both + types of ephemeral volumes and persistent volumes + at the same time." + properties: + volumeClaimTemplate: + description: "Will be used to create a stand-alone + PVC to provision the volume. The pod in which + this EphemeralVolumeSource is embedded will be + the owner of the PVC, i.e. the PVC will be deleted + together with the pod. The name of the PVC will + be `-` where `` + is the name from the `PodSpec.Volumes` array entry. + Pod validation will reject the pod if the concatenated + name is not valid for a PVC (for example, too + long). \n An existing PVC with that name that + is not owned by the pod will *not* be used for + the pod to avoid using an unrelated volume by + mistake. Starting the pod is then blocked until + the unrelated PVC is removed. If such a pre-created + PVC is meant to be used by the pod, the PVC has + to updated with an owner reference to the pod + once the pod exists. Normally this should not + be necessary, but it may be useful when manually + reconstructing a broken cluster. \n This field + is read-only and no changes will be made by Kubernetes + to the PVC after it has been created. \n Required, + must not be nil." + properties: + metadata: + description: May contain labels and annotations + that will be copied into the PVC when creating + it. No other fields are allowed and will be + rejected during validation. + properties: + annotations: + additionalProperties: + type: string + type: object + finalizers: + items: + type: string + type: array + labels: + additionalProperties: + type: string + type: object + name: + type: string + namespace: + type: string + type: object + spec: + description: The specification for the PersistentVolumeClaim. + The entire content is copied unchanged into + the PVC that gets created from this template. + The same fields as in a PersistentVolumeClaim + are also valid here. + properties: + accessModes: + description: 'AccessModes contains the desired + access modes the volume should have. More + info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1' + items: + type: string + type: array + dataSource: + description: 'This field can be used to + specify either: * An existing VolumeSnapshot + object (snapshot.storage.k8s.io/VolumeSnapshot) + * An existing PVC (PersistentVolumeClaim) + If the provisioner or an external controller + can support the specified data source, + it will create a new volume based on the + contents of the specified data source. + If the AnyVolumeDataSource feature gate + is enabled, this field will always have + the same contents as the DataSourceRef + field.' + properties: + apiGroup: + description: APIGroup is the group for + the resource being referenced. If + APIGroup is not specified, the specified + Kind must be in the core API group. + For any other third-party types, APIGroup + is required. + type: string + kind: + description: Kind is the type of resource + being referenced + type: string + name: + description: Name is the name of resource + being referenced + type: string + required: + - kind + - name + type: object + dataSourceRef: + description: 'Specifies the object from + which to populate the volume with data, + if a non-empty volume is desired. This + may be any local object from a non-empty + API group (non core object) or a PersistentVolumeClaim + object. When this field is specified, + volume binding will only succeed if the + type of the specified object matches some + installed volume populator or dynamic + provisioner. This field will replace the + functionality of the DataSource field + and as such if both fields are non-empty, + they must have the same value. For backwards + compatibility, both fields (DataSource + and DataSourceRef) will be set to the + same value automatically if one of them + is empty and the other is non-empty. There + are two important differences between + DataSource and DataSourceRef: * While + DataSource only allows two specific types + of objects, DataSourceRef allows any + non-core object, as well as PersistentVolumeClaim + objects. * While DataSource ignores disallowed + values (dropping them), DataSourceRef preserves + all values, and generates an error if + a disallowed value is specified. (Alpha) + Using this field requires the AnyVolumeDataSource + feature gate to be enabled.' + properties: + apiGroup: + description: APIGroup is the group for + the resource being referenced. If + APIGroup is not specified, the specified + Kind must be in the core API group. + For any other third-party types, APIGroup + is required. + type: string + kind: + description: Kind is the type of resource + being referenced + type: string + name: + description: Name is the name of resource + being referenced + type: string + required: + - kind + - name + type: object + resources: + description: 'Resources represents the minimum + resources the volume should have. If RecoverVolumeExpansionFailure + feature is enabled users are allowed to + specify resource requirements that are + lower than previous value but must still + be higher than capacity recorded in the + status field of the claim. More info: + https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources' + properties: + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum + amount of compute resources allowed. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the + minimum amount of compute resources + required. If Requests is omitted for + a container, it defaults to Limits + if that is explicitly specified, otherwise + to an implementation-defined value. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + type: object + selector: + description: A label query over volumes + to consider for binding. + properties: + matchExpressions: + description: matchExpressions is a list + of label selector requirements. The + requirements are ANDed. + items: + description: A label selector requirement + is a selector that contains values, + a key, and an operator that relates + the key and values. + properties: + key: + description: key is the label + key that the selector applies + to. + type: string + operator: + description: operator represents + a key's relationship to a set + of values. Valid operators are + In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array + of string values. If the operator + is In or NotIn, the values array + must be non-empty. If the operator + is Exists or DoesNotExist, the + values array must be empty. + This array is replaced during + a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of + {key,value} pairs. A single {key,value} + in the matchLabels map is equivalent + to an element of matchExpressions, + whose key field is "key", the operator + is "In", and the values array contains + only "value". The requirements are + ANDed. + type: object + type: object + storageClassName: + description: 'Name of the StorageClass required + by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1' + type: string + volumeMode: + description: volumeMode defines what type + of volume is required by the claim. Value + of Filesystem is implied when not included + in claim spec. + type: string + volumeName: + description: VolumeName is the binding reference + to the PersistentVolume backing this claim. + type: string + type: object + required: + - spec + type: object + type: object + fc: + description: FC represents a Fibre Channel resource + that is attached to a kubelet's host machine and then + exposed to the pod. + properties: + fsType: + description: 'Filesystem type to mount. Must be + a filesystem type supported by the host operating + system. Ex. "ext4", "xfs", "ntfs". Implicitly + inferred to be "ext4" if unspecified. TODO: how + do we prevent errors in the filesystem from compromising + the machine' + type: string + lun: + description: 'Optional: FC target lun number' + format: int32 + type: integer + readOnly: + description: 'Optional: Defaults to false (read/write). + ReadOnly here will force the ReadOnly setting + in VolumeMounts.' + type: boolean + targetWWNs: + description: 'Optional: FC target worldwide names + (WWNs)' + items: + type: string + type: array + wwids: + description: 'Optional: FC volume world wide identifiers + (wwids) Either wwids or combination of targetWWNs + and lun must be set, but not both simultaneously.' + items: + type: string + type: array + type: object + flexVolume: + description: FlexVolume represents a generic volume + resource that is provisioned/attached using an exec + based plugin. + properties: + driver: + description: Driver is the name of the driver to + use for this volume. + type: string + fsType: + description: Filesystem type to mount. Must be a + filesystem type supported by the host operating + system. Ex. "ext4", "xfs", "ntfs". The default + filesystem depends on FlexVolume script. + type: string + options: + additionalProperties: + type: string + description: 'Optional: Extra command options if + any.' + type: object + readOnly: + description: 'Optional: Defaults to false (read/write). + ReadOnly here will force the ReadOnly setting + in VolumeMounts.' + type: boolean + secretRef: + description: 'Optional: SecretRef is reference to + the secret object containing sensitive information + to pass to the plugin scripts. This may be empty + if no secret object is specified. If the secret + object contains more than one secret, all secrets + are passed to the plugin scripts.' + properties: + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + type: object + required: + - driver + type: object + flocker: + description: Flocker represents a Flocker volume attached + to a kubelet's host machine. This depends on the Flocker + control service being running + properties: + datasetName: + description: Name of the dataset stored as metadata + -> name on the dataset for Flocker should be considered + as deprecated + type: string + datasetUUID: + description: UUID of the dataset. This is unique + identifier of a Flocker dataset + type: string + type: object + gcePersistentDisk: + description: 'GCEPersistentDisk represents a GCE Disk + resource that is attached to a kubelet''s host machine + and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' + properties: + fsType: + description: 'Filesystem type of the volume that + you want to mount. Tip: Ensure that the filesystem + type is supported by the host operating system. + Examples: "ext4", "xfs", "ntfs". Implicitly inferred + to be "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk + TODO: how do we prevent errors in the filesystem + from compromising the machine' + type: string + partition: + description: 'The partition in the volume that you + want to mount. If omitted, the default is to mount + by volume name. Examples: For volume /dev/sda1, + you specify the partition as "1". Similarly, the + volume partition for /dev/sda is "0" (or you can + leave the property empty). More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' + format: int32 + type: integer + pdName: + description: 'Unique name of the PD resource in + GCE. Used to identify the disk in GCE. More info: + https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' + type: string + readOnly: + description: 'ReadOnly here will force the ReadOnly + setting in VolumeMounts. Defaults to false. More + info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' + type: boolean + required: + - pdName + type: object + gitRepo: + description: 'GitRepo represents a git repository at + a particular revision. DEPRECATED: GitRepo is deprecated. + To provision a container with a git repo, mount an + EmptyDir into an InitContainer that clones the repo + using git, then mount the EmptyDir into the Pod''s + container.' + properties: + directory: + description: Target directory name. Must not contain + or start with '..'. If '.' is supplied, the volume + directory will be the git repository. Otherwise, + if specified, the volume will contain the git + repository in the subdirectory with the given + name. + type: string + repository: + description: Repository URL + type: string + revision: + description: Commit hash for the specified revision. + type: string + required: + - repository + type: object + glusterfs: + description: 'Glusterfs represents a Glusterfs mount + on the host that shares a pod''s lifetime. More info: + https://examples.k8s.io/volumes/glusterfs/README.md' + properties: + endpoints: + description: 'EndpointsName is the endpoint name + that details Glusterfs topology. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' + type: string + path: + description: 'Path is the Glusterfs volume path. + More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' + type: string + readOnly: + description: 'ReadOnly here will force the Glusterfs + volume to be mounted with read-only permissions. + Defaults to false. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' + type: boolean + required: + - endpoints + - path + type: object + hostPath: + description: 'HostPath represents a pre-existing file + or directory on the host machine that is directly + exposed to the container. This is generally used for + system agents or other privileged things that are + allowed to see the host machine. Most containers will + NOT need this. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath + --- TODO(jonesdl) We need to restrict who can use + host directory mounts and who can/can not mount host + directories as read/write.' + properties: + path: + description: 'Path of the directory on the host. + If the path is a symlink, it will follow the link + to the real path. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath' + type: string + type: + description: 'Type for HostPath Volume Defaults + to "" More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath' + type: string + required: + - path + type: object + iscsi: + description: 'ISCSI represents an ISCSI Disk resource + that is attached to a kubelet''s host machine and + then exposed to the pod. More info: https://examples.k8s.io/volumes/iscsi/README.md' + properties: + chapAuthDiscovery: + description: whether support iSCSI Discovery CHAP + authentication + type: boolean + chapAuthSession: + description: whether support iSCSI Session CHAP + authentication + type: boolean + fsType: + description: 'Filesystem type of the volume that + you want to mount. Tip: Ensure that the filesystem + type is supported by the host operating system. + Examples: "ext4", "xfs", "ntfs". Implicitly inferred + to be "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi + TODO: how do we prevent errors in the filesystem + from compromising the machine' + type: string + initiatorName: + description: Custom iSCSI Initiator Name. If initiatorName + is specified with iscsiInterface simultaneously, + new iSCSI interface : + will be created for the connection. + type: string + iqn: + description: Target iSCSI Qualified Name. + type: string + iscsiInterface: + description: iSCSI Interface Name that uses an iSCSI + transport. Defaults to 'default' (tcp). + type: string + lun: + description: iSCSI Target Lun number. + format: int32 + type: integer + portals: + description: iSCSI Target Portal List. The portal + is either an IP or ip_addr:port if the port is + other than default (typically TCP ports 860 and + 3260). + items: + type: string + type: array + readOnly: + description: ReadOnly here will force the ReadOnly + setting in VolumeMounts. Defaults to false. + type: boolean + secretRef: + description: CHAP Secret for iSCSI target and initiator + authentication + properties: + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + type: object + targetPortal: + description: iSCSI Target Portal. The Portal is + either an IP or ip_addr:port if the port is other + than default (typically TCP ports 860 and 3260). + type: string + required: + - iqn + - lun + - targetPortal + type: object + name: + description: 'Volume''s name. Must be a DNS_LABEL and + unique within the pod. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + nfs: + description: 'NFS represents an NFS mount on the host + that shares a pod''s lifetime More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' + properties: + path: + description: 'Path that is exported by the NFS server. + More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' + type: string + readOnly: + description: 'ReadOnly here will force the NFS export + to be mounted with read-only permissions. Defaults + to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' + type: boolean + server: + description: 'Server is the hostname or IP address + of the NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' + type: string + required: + - path + - server + type: object + persistentVolumeClaim: + description: 'PersistentVolumeClaimVolumeSource represents + a reference to a PersistentVolumeClaim in the same + namespace. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' + properties: + claimName: + description: 'ClaimName is the name of a PersistentVolumeClaim + in the same namespace as the pod using this volume. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' + type: string + readOnly: + description: Will force the ReadOnly setting in + VolumeMounts. Default false. + type: boolean + required: + - claimName + type: object + photonPersistentDisk: + description: PhotonPersistentDisk represents a PhotonController + persistent disk attached and mounted on kubelets host + machine + properties: + fsType: + description: Filesystem type to mount. Must be a + filesystem type supported by the host operating + system. Ex. "ext4", "xfs", "ntfs". Implicitly + inferred to be "ext4" if unspecified. + type: string + pdID: + description: ID that identifies Photon Controller + persistent disk + type: string + required: + - pdID + type: object + portworxVolume: + description: PortworxVolume represents a portworx volume + attached and mounted on kubelets host machine + properties: + fsType: + description: FSType represents the filesystem type + to mount Must be a filesystem type supported by + the host operating system. Ex. "ext4", "xfs". + Implicitly inferred to be "ext4" if unspecified. + type: string + readOnly: + description: Defaults to false (read/write). ReadOnly + here will force the ReadOnly setting in VolumeMounts. + type: boolean + volumeID: + description: VolumeID uniquely identifies a Portworx + volume + type: string + required: + - volumeID + type: object + projected: + description: Items for all in one resources secrets, + configmaps, and downward API + properties: + defaultMode: + description: Mode bits used to set permissions on + created files by default. Must be an octal value + between 0000 and 0777 or a decimal value between + 0 and 511. YAML accepts both octal and decimal + values, JSON requires decimal values for mode + bits. Directories within the path are not affected + by this setting. This might be in conflict with + other options that affect the file mode, like + fsGroup, and the result can be other mode bits + set. + format: int32 + type: integer + sources: + description: list of volume projections + items: + description: Projection that may be projected + along with other supported volume types + properties: + configMap: + description: information about the configMap + data to project + properties: + items: + description: If unspecified, each key-value + pair in the Data field of the referenced + ConfigMap will be projected into the + volume as a file whose name is the key + and content is the value. If specified, + the listed keys will be projected into + the specified paths, and unlisted keys + will not be present. If a key is specified + which is not present in the ConfigMap, + the volume setup will error unless it + is marked optional. Paths must be relative + and may not contain the '..' path or + start with '..'. + items: + description: Maps a string key to a + path within a volume. + properties: + key: + description: The key to project. + type: string + mode: + description: 'Optional: mode bits + used to set permissions on this + file. Must be an octal value between + 0000 and 0777 or a decimal value + between 0 and 511. YAML accepts + both octal and decimal values, + JSON requires decimal values for + mode bits. If not specified, the + volume defaultMode will be used. + This might be in conflict with + other options that affect the + file mode, like fsGroup, and the + result can be other mode bits + set.' + format: int32 + type: integer + path: + description: The relative path of + the file to map the key to. May + not be an absolute path. May not + contain the path element '..'. + May not start with the string + '..'. + type: string + required: + - key + - path + type: object + type: array + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the ConfigMap + or its keys must be defined + type: boolean + type: object + downwardAPI: + description: information about the downwardAPI + data to project + properties: + items: + description: Items is a list of DownwardAPIVolume + file + items: + description: DownwardAPIVolumeFile represents + information to create the file containing + the pod field + properties: + fieldRef: + description: 'Required: Selects + a field of the pod: only annotations, + labels, name and namespace are + supported.' + properties: + apiVersion: + description: Version of the + schema the FieldPath is written + in terms of, defaults to "v1". + type: string + fieldPath: + description: Path of the field + to select in the specified + API version. + type: string + required: + - fieldPath + type: object + mode: + description: 'Optional: mode bits + used to set permissions on this + file, must be an octal value between + 0000 and 0777 or a decimal value + between 0 and 511. YAML accepts + both octal and decimal values, + JSON requires decimal values for + mode bits. If not specified, the + volume defaultMode will be used. + This might be in conflict with + other options that affect the + file mode, like fsGroup, and the + result can be other mode bits + set.' + format: int32 + type: integer + path: + description: 'Required: Path is the + relative path name of the file + to be created. Must not be absolute + or contain the ''..'' path. Must + be utf-8 encoded. The first item + of the relative path must not + start with ''..''' + type: string + resourceFieldRef: + description: 'Selects a resource + of the container: only resources + limits and requests (limits.cpu, + limits.memory, requests.cpu and + requests.memory) are currently + supported.' + properties: + containerName: + description: 'Container name: + required for volumes, optional + for env vars' + type: string + divisor: + anyOf: + - type: integer + - type: string + description: Specifies the output + format of the exposed resources, + defaults to "1" + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + description: 'Required: resource + to select' + type: string + required: + - resource + type: object + required: + - path + type: object + type: array + type: object + secret: + description: information about the secret + data to project + properties: + items: + description: If unspecified, each key-value + pair in the Data field of the referenced + Secret will be projected into the volume + as a file whose name is the key and + content is the value. If specified, + the listed keys will be projected into + the specified paths, and unlisted keys + will not be present. If a key is specified + which is not present in the Secret, + the volume setup will error unless it + is marked optional. Paths must be relative + and may not contain the '..' path or + start with '..'. + items: + description: Maps a string key to a + path within a volume. + properties: + key: + description: The key to project. + type: string + mode: + description: 'Optional: mode bits + used to set permissions on this + file. Must be an octal value between + 0000 and 0777 or a decimal value + between 0 and 511. YAML accepts + both octal and decimal values, + JSON requires decimal values for + mode bits. If not specified, the + volume defaultMode will be used. + This might be in conflict with + other options that affect the + file mode, like fsGroup, and the + result can be other mode bits + set.' + format: int32 + type: integer + path: + description: The relative path of + the file to map the key to. May + not be an absolute path. May not + contain the path element '..'. + May not start with the string + '..'. + type: string + required: + - key + - path + type: object + type: array + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + type: object + serviceAccountToken: + description: information about the serviceAccountToken + data to project + properties: + audience: + description: Audience is the intended + audience of the token. A recipient of + a token must identify itself with an + identifier specified in the audience + of the token, and otherwise should reject + the token. The audience defaults to + the identifier of the apiserver. + type: string + expirationSeconds: + description: ExpirationSeconds is the + requested duration of validity of the + service account token. As the token + approaches expiration, the kubelet volume + plugin will proactively rotate the service + account token. The kubelet will start + trying to rotate the token if the token + is older than 80 percent of its time + to live or if the token is older than + 24 hours.Defaults to 1 hour and must + be at least 10 minutes. + format: int64 + type: integer + path: + description: Path is the path relative + to the mount point of the file to project + the token into. + type: string + required: + - path + type: object + type: object + type: array + type: object + quobyte: + description: Quobyte represents a Quobyte mount on the + host that shares a pod's lifetime + properties: + group: + description: Group to map volume access to Default + is no group + type: string + readOnly: + description: ReadOnly here will force the Quobyte + volume to be mounted with read-only permissions. + Defaults to false. + type: boolean + registry: + description: Registry represents a single or multiple + Quobyte Registry services specified as a string + as host:port pair (multiple entries are separated + with commas) which acts as the central registry + for volumes + type: string + tenant: + description: Tenant owning the given Quobyte volume + in the Backend Used with dynamically provisioned + Quobyte volumes, value is set by the plugin + type: string + user: + description: User to map volume access to Defaults + to serivceaccount user + type: string + volume: + description: Volume is a string that references + an already created Quobyte volume by name. + type: string + required: + - registry + - volume + type: object + rbd: + description: 'RBD represents a Rados Block Device mount + on the host that shares a pod''s lifetime. More info: + https://examples.k8s.io/volumes/rbd/README.md' + properties: + fsType: + description: 'Filesystem type of the volume that + you want to mount. Tip: Ensure that the filesystem + type is supported by the host operating system. + Examples: "ext4", "xfs", "ntfs". Implicitly inferred + to be "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#rbd + TODO: how do we prevent errors in the filesystem + from compromising the machine' + type: string + image: + description: 'The rados image name. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' + type: string + keyring: + description: 'Keyring is the path to key ring for + RBDUser. Default is /etc/ceph/keyring. More info: + https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' + type: string + monitors: + description: 'A collection of Ceph monitors. More + info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' + items: + type: string + type: array + pool: + description: 'The rados pool name. Default is rbd. + More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' + type: string + readOnly: + description: 'ReadOnly here will force the ReadOnly + setting in VolumeMounts. Defaults to false. More + info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' + type: boolean + secretRef: + description: 'SecretRef is name of the authentication + secret for RBDUser. If provided overrides keyring. + Default is nil. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' + properties: + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + type: object + user: + description: 'The rados user name. Default is admin. + More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' + type: string + required: + - image + - monitors + type: object + scaleIO: + description: ScaleIO represents a ScaleIO persistent + volume attached and mounted on Kubernetes nodes. + properties: + fsType: + description: Filesystem type to mount. Must be a + filesystem type supported by the host operating + system. Ex. "ext4", "xfs", "ntfs". Default is + "xfs". + type: string + gateway: + description: The host address of the ScaleIO API + Gateway. + type: string + protectionDomain: + description: The name of the ScaleIO Protection + Domain for the configured storage. + type: string + readOnly: + description: Defaults to false (read/write). ReadOnly + here will force the ReadOnly setting in VolumeMounts. + type: boolean + secretRef: + description: SecretRef references to the secret + for ScaleIO user and other sensitive information. + If this is not provided, Login operation will + fail. + properties: + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + type: object + sslEnabled: + description: Flag to enable/disable SSL communication + with Gateway, default false + type: boolean + storageMode: + description: Indicates whether the storage for a + volume should be ThickProvisioned or ThinProvisioned. + Default is ThinProvisioned. + type: string + storagePool: + description: The ScaleIO Storage Pool associated + with the protection domain. + type: string + system: + description: The name of the storage system as configured + in ScaleIO. + type: string + volumeName: + description: The name of a volume already created + in the ScaleIO system that is associated with + this volume source. + type: string + required: + - gateway + - secretRef + - system + type: object + secret: + description: 'Secret represents a secret that should + populate this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' + properties: + defaultMode: + description: 'Optional: mode bits used to set permissions + on created files by default. Must be an octal + value between 0000 and 0777 or a decimal value + between 0 and 511. YAML accepts both octal and + decimal values, JSON requires decimal values for + mode bits. Defaults to 0644. Directories within + the path are not affected by this setting. This + might be in conflict with other options that affect + the file mode, like fsGroup, and the result can + be other mode bits set.' + format: int32 + type: integer + items: + description: If unspecified, each key-value pair + in the Data field of the referenced Secret will + be projected into the volume as a file whose name + is the key and content is the value. If specified, + the listed keys will be projected into the specified + paths, and unlisted keys will not be present. + If a key is specified which is not present in + the Secret, the volume setup will error unless + it is marked optional. Paths must be relative + and may not contain the '..' path or start with + '..'. + items: + description: Maps a string key to a path within + a volume. + properties: + key: + description: The key to project. + type: string + mode: + description: 'Optional: mode bits used to + set permissions on this file. Must be an + octal value between 0000 and 0777 or a decimal + value between 0 and 511. YAML accepts both + octal and decimal values, JSON requires + decimal values for mode bits. If not specified, + the volume defaultMode will be used. This + might be in conflict with other options + that affect the file mode, like fsGroup, + and the result can be other mode bits set.' + format: int32 + type: integer + path: + description: The relative path of the file + to map the key to. May not be an absolute + path. May not contain the path element '..'. + May not start with the string '..'. + type: string + required: + - key + - path + type: object + type: array + optional: + description: Specify whether the Secret or its keys + must be defined + type: boolean + secretName: + description: 'Name of the secret in the pod''s namespace + to use. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' + type: string + type: object + storageos: + description: StorageOS represents a StorageOS volume + attached and mounted on Kubernetes nodes. + properties: + fsType: + description: Filesystem type to mount. Must be a + filesystem type supported by the host operating + system. Ex. "ext4", "xfs", "ntfs". Implicitly + inferred to be "ext4" if unspecified. + type: string + readOnly: + description: Defaults to false (read/write). ReadOnly + here will force the ReadOnly setting in VolumeMounts. + type: boolean + secretRef: + description: SecretRef specifies the secret to use + for obtaining the StorageOS API credentials. If + not specified, default values will be attempted. + properties: + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + type: object + volumeName: + description: VolumeName is the human-readable name + of the StorageOS volume. Volume names are only + unique within a namespace. + type: string + volumeNamespace: + description: VolumeNamespace specifies the scope + of the volume within StorageOS. If no namespace + is specified then the Pod's namespace will be + used. This allows the Kubernetes name scoping + to be mirrored within StorageOS for tighter integration. + Set VolumeName to any name to override the default + behaviour. Set to "default" if you are not using + namespaces within StorageOS. Namespaces that do + not pre-exist within StorageOS will be created. + type: string + type: object + vsphereVolume: + description: VsphereVolume represents a vSphere volume + attached and mounted on kubelets host machine + properties: + fsType: + description: Filesystem type to mount. Must be a + filesystem type supported by the host operating + system. Ex. "ext4", "xfs", "ntfs". Implicitly + inferred to be "ext4" if unspecified. + type: string + storagePolicyID: + description: Storage Policy Based Management (SPBM) + profile ID associated with the StoragePolicyName. + type: string + storagePolicyName: + description: Storage Policy Based Management (SPBM) + profile name. + type: string + volumePath: + description: Path that identifies vSphere volume + vmdk + type: string + required: + - volumePath + type: object + required: + - name + type: object + type: array + required: + - containers + type: object + type: object + updateStrategy: + description: updateStrategy indicates the StatefulSetUpdateStrategy + that will be employed to update Pods in the StatefulSet when a revision + is made to Template. + properties: + rollingUpdate: + description: RollingUpdate is used to communicate parameters when + Type is RollingUpdateStatefulSetStrategyType. + properties: + partition: + description: Partition indicates the ordinal at which the + StatefulSet should be partitioned. Default value is 0. + format: int32 + type: integer + type: object + type: + description: Type indicates the type of the StatefulSetUpdateStrategy. + Default is RollingUpdate. + type: string + type: object + volumeClaimTemplates: + description: 'volumeClaimTemplates is a list of claims that pods are + allowed to reference. The StatefulSet controller is responsible + for mapping network identities to claims in a way that maintains + the identity of a pod. Every claim in this list must have at least + one matching (by name) volumeMount in one container in the template. + A claim in this list takes precedence over any volumes in the template, + with the same name. TODO: Define the behavior if a claim already + exists with the same name.' + items: + description: PersistentVolumeClaim is a user's request for and claim + to a persistent volume + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this + representation of an object. Servers should convert recognized + schemas to the latest internal value, and may reject unrecognized + values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource + this object represents. Servers may infer this from the endpoint + the client submits requests to. Cannot be updated. In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + description: 'Standard object''s metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata' + properties: + annotations: + additionalProperties: + type: string + type: object + finalizers: + items: + type: string + type: array + labels: + additionalProperties: + type: string + type: object + name: + type: string + namespace: + type: string + type: object + spec: + description: 'Spec defines the desired characteristics of a + volume requested by a pod author. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' + properties: + accessModes: + description: 'AccessModes contains the desired access modes + the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1' + items: + type: string + type: array + dataSource: + description: 'This field can be used to specify either: + * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) + * An existing PVC (PersistentVolumeClaim) If the provisioner + or an external controller can support the specified data + source, it will create a new volume based on the contents + of the specified data source. If the AnyVolumeDataSource + feature gate is enabled, this field will always have the + same contents as the DataSourceRef field.' + properties: + apiGroup: + description: APIGroup is the group for the resource + being referenced. If APIGroup is not specified, the + specified Kind must be in the core API group. For + any other third-party types, APIGroup is required. + type: string + kind: + description: Kind is the type of resource being referenced + type: string + name: + description: Name is the name of resource being referenced + type: string + required: + - kind + - name + type: object + dataSourceRef: + description: 'Specifies the object from which to populate + the volume with data, if a non-empty volume is desired. + This may be any local object from a non-empty API group + (non core object) or a PersistentVolumeClaim object. When + this field is specified, volume binding will only succeed + if the type of the specified object matches some installed + volume populator or dynamic provisioner. This field will + replace the functionality of the DataSource field and + as such if both fields are non-empty, they must have the + same value. For backwards compatibility, both fields (DataSource + and DataSourceRef) will be set to the same value automatically + if one of them is empty and the other is non-empty. There + are two important differences between DataSource and DataSourceRef: + * While DataSource only allows two specific types of objects, + DataSourceRef allows any non-core object, as well as + PersistentVolumeClaim objects. * While DataSource ignores + disallowed values (dropping them), DataSourceRef preserves + all values, and generates an error if a disallowed value + is specified. (Alpha) Using this field requires the + AnyVolumeDataSource feature gate to be enabled.' + properties: + apiGroup: + description: APIGroup is the group for the resource + being referenced. If APIGroup is not specified, the + specified Kind must be in the core API group. For + any other third-party types, APIGroup is required. + type: string + kind: + description: Kind is the type of resource being referenced + type: string + name: + description: Name is the name of resource being referenced + type: string + required: + - kind + - name + type: object + resources: + description: 'Resources represents the minimum resources + the volume should have. If RecoverVolumeExpansionFailure + feature is enabled users are allowed to specify resource + requirements that are lower than previous value but must + still be higher than capacity recorded in the status field + of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources' + properties: + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum amount of + compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum amount + of compute resources required. If Requests is omitted + for a container, it defaults to Limits if that is + explicitly specified, otherwise to an implementation-defined + value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + type: object + selector: + description: A label query over volumes to consider for + binding. + properties: + matchExpressions: + description: matchExpressions is a list of label selector + requirements. The requirements are ANDed. + items: + description: A label selector requirement is a selector + that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector + applies to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are In, + NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. + If the operator is In or NotIn, the values array + must be non-empty. If the operator is Exists + or DoesNotExist, the values array must be empty. + This array is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} pairs. + A single {key,value} in the matchLabels map is equivalent + to an element of matchExpressions, whose key field + is "key", the operator is "In", and the values array + contains only "value". The requirements are ANDed. + type: object + type: object + storageClassName: + description: 'Name of the StorageClass required by the claim. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1' + type: string + volumeMode: + description: volumeMode defines what type of volume is required + by the claim. Value of Filesystem is implied when not + included in claim spec. + type: string + volumeName: + description: VolumeName is the binding reference to the + PersistentVolume backing this claim. + type: string + type: object + status: + description: 'Status represents the current information/status + of a persistent volume claim. Read-only. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' + properties: + accessModes: + description: 'AccessModes contains the actual access modes + the volume backing the PVC has. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1' + items: + type: string + type: array + allocatedResources: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: The storage resource within AllocatedResources + tracks the capacity allocated to a PVC. It may be larger + than the actual capacity when a volume expansion operation + is requested. For storage quota, the larger value from + allocatedResources and PVC.spec.resources is used. If + allocatedResources is not set, PVC.spec.resources alone + is used for quota calculation. If a volume expansion capacity + request is lowered, allocatedResources is only lowered + if there are no expansion operations in progress and if + the actual volume capacity is equal or lower than the + requested capacity. This is an alpha field and requires + enabling RecoverVolumeExpansionFailure feature. + type: object + capacity: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: Represents the actual resources of the underlying + volume. + type: object + conditions: + description: Current Condition of persistent volume claim. + If underlying persistent volume is being resized then + the Condition will be set to 'ResizeStarted'. + items: + description: PersistentVolumeClaimCondition contails details + about state of pvc + properties: + lastProbeTime: + description: Last time we probed the condition. + format: date-time + type: string + lastTransitionTime: + description: Last time the condition transitioned + from one status to another. + format: date-time + type: string + message: + description: Human-readable message indicating details + about last transition. + type: string + reason: + description: Unique, this should be a short, machine + understandable string that gives the reason for + condition's last transition. If it reports "ResizeStarted" + that means the underlying persistent volume is being + resized. + type: string + status: + type: string + type: + description: PersistentVolumeClaimConditionType is + a valid value of PersistentVolumeClaimCondition.Type + type: string + required: + - status + - type + type: object + type: array + phase: + description: Phase represents the current phase of PersistentVolumeClaim. + type: string + resizeStatus: + description: ResizeStatus stores status of resize operation. + ResizeStatus is not set by default but when expansion + is complete resizeStatus is set to empty string by resize + controller or kubelet. This is an alpha field and requires + enabling RecoverVolumeExpansionFailure feature. + type: string + type: object + type: object + type: array + volumeSizeLimit: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + volumeStorageMedium: + type: string + workDir: + type: string + required: + - selector + - serviceName + - template + type: object + status: + properties: + availableReplicas: + description: AvailableReplicas is the total number of available runners + which have been successfully registered to GitHub and still running. + This corresponds to the sum of status.availableReplicas of all the + runner replica sets. + type: integer + desiredReplicas: + description: DesiredReplicas is the total number of desired, non-terminated + and latest pods to be set for the primary RunnerSet This doesn't + include outdated pods while upgrading the deployment and replacing + the runnerset. + type: integer + readyReplicas: + description: ReadyReplicas is the total number of available runners + which have been successfully registered to GitHub and still running. + This corresponds to the sum of status.readyReplicas of all the runner + replica sets. + type: integer + replicas: + description: Replicas is the total number of replicas + type: integer + updatedReplicas: + description: ReadyReplicas is the total number of available runners + which have been successfully registered to GitHub and still running. + This corresponds to status.replicas of the runner replica set that + has the desired template hash. + type: integer + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: leader-election-role + namespace: actions-runner-system +rules: +- apiGroups: + - "" + resources: + - configmaps + verbs: + - get + - list + - watch + - create + - update + - patch + - delete +- apiGroups: + - "" + resources: + - configmaps/status + verbs: + - get + - update + - patch +- apiGroups: + - "" + resources: + - events + verbs: + - create +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + creationTimestamp: null + name: manager-role +rules: +- apiGroups: + - actions.summerwind.dev + resources: + - horizontalrunnerautoscalers + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - actions.summerwind.dev + resources: + - horizontalrunnerautoscalers/finalizers + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - actions.summerwind.dev + resources: + - horizontalrunnerautoscalers/status + verbs: + - get + - patch + - update +- apiGroups: + - actions.summerwind.dev + resources: + - runnerdeployments + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - actions.summerwind.dev + resources: + - runnerdeployments/finalizers + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - actions.summerwind.dev + resources: + - runnerdeployments/status + verbs: + - get + - patch + - update +- apiGroups: + - actions.summerwind.dev + resources: + - runnerreplicasets + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - actions.summerwind.dev + resources: + - runnerreplicasets/finalizers + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - actions.summerwind.dev + resources: + - runnerreplicasets/status + verbs: + - get + - patch + - update +- apiGroups: + - actions.summerwind.dev + resources: + - runners + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - actions.summerwind.dev + resources: + - runners/finalizers + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - actions.summerwind.dev + resources: + - runners/status + verbs: + - get + - patch + - update +- apiGroups: + - actions.summerwind.dev + resources: + - runnersets + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - actions.summerwind.dev + resources: + - runnersets/finalizers + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - actions.summerwind.dev + resources: + - runnersets/status + verbs: + - get + - patch + - update +- apiGroups: + - apps + resources: + - statefulsets + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - apps + resources: + - statefulsets/status + verbs: + - get + - patch + - update +- apiGroups: + - coordination.k8s.io + resources: + - leases + verbs: + - create + - get + - list + - update +- apiGroups: + - "" + resources: + - events + verbs: + - create + - patch +- apiGroups: + - "" + resources: + - pods + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - "" + resources: + - pods/finalizers + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: proxy-role +rules: +- apiGroups: + - authentication.k8s.io + resources: + - tokenreviews + verbs: + - create +- apiGroups: + - authorization.k8s.io + resources: + - subjectaccessreviews + verbs: + - create +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: leader-election-rolebinding + namespace: actions-runner-system +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: leader-election-role +subjects: +- kind: ServiceAccount + name: default + namespace: actions-runner-system +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: manager-rolebinding +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: manager-role +subjects: +- kind: ServiceAccount + name: default + namespace: actions-runner-system +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: proxy-rolebinding +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: proxy-role +subjects: +- kind: ServiceAccount + name: default + namespace: actions-runner-system +--- +apiVersion: v1 +kind: Service +metadata: + labels: + control-plane: controller-manager + name: controller-manager-metrics-service + namespace: actions-runner-system +spec: + ports: + - name: https + port: 8443 + targetPort: https + selector: + control-plane: controller-manager +--- +apiVersion: v1 +kind: Service +metadata: + name: webhook-service + namespace: actions-runner-system +spec: + ports: + - port: 443 + targetPort: 9443 + selector: + control-plane: controller-manager +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + labels: + control-plane: controller-manager + name: controller-manager + namespace: actions-runner-system +spec: + replicas: 1 + selector: + matchLabels: + control-plane: controller-manager + template: + metadata: + labels: + control-plane: controller-manager + spec: + containers: + - args: + - --metrics-addr=127.0.0.1:8080 + - --enable-leader-election + - --sync-period=10m + command: + - /manager + env: + - name: GITHUB_TOKEN + valueFrom: + secretKeyRef: + key: github_token + name: controller-manager + optional: true + - name: GITHUB_APP_ID + valueFrom: + secretKeyRef: + key: github_app_id + name: controller-manager + optional: true + - name: GITHUB_APP_INSTALLATION_ID + valueFrom: + secretKeyRef: + key: github_app_installation_id + name: controller-manager + optional: true + - name: GITHUB_APP_PRIVATE_KEY + value: /etc/actions-runner-controller/github_app_private_key + image: summerwind/actions-runner-controller:v0.22.0 + name: manager + ports: + - containerPort: 9443 + name: webhook-server + protocol: TCP + resources: + limits: + cpu: 100m + memory: 100Mi + requests: + cpu: 100m + memory: 20Mi + volumeMounts: + - mountPath: /tmp/k8s-webhook-server/serving-certs + name: cert + readOnly: true + - mountPath: /etc/actions-runner-controller + name: controller-manager + readOnly: true + - args: + - --secure-listen-address=0.0.0.0:8443 + - --upstream=http://127.0.0.1:8080/ + - --logtostderr=true + - --v=10 + image: quay.io/brancz/kube-rbac-proxy:v0.10.0 + name: kube-rbac-proxy + ports: + - containerPort: 8443 + name: https + terminationGracePeriodSeconds: 10 + volumes: + - name: cert + secret: + defaultMode: 420 + secretName: webhook-server-cert + - name: controller-manager + secret: + secretName: controller-manager +--- +apiVersion: cert-manager.io/v1 +kind: Certificate +metadata: + name: serving-cert + namespace: actions-runner-system +spec: + dnsNames: + - webhook-service.actions-runner-system.svc + - webhook-service.actions-runner-system.svc.cluster.local + issuerRef: + kind: Issuer + name: selfsigned-issuer + secretName: webhook-server-cert +--- +apiVersion: cert-manager.io/v1 +kind: Issuer +metadata: + name: selfsigned-issuer + namespace: actions-runner-system +spec: + selfSigned: {} +--- +apiVersion: admissionregistration.k8s.io/v1 +kind: MutatingWebhookConfiguration +metadata: + annotations: + cert-manager.io/inject-ca-from: actions-runner-system/serving-cert + name: mutating-webhook-configuration +webhooks: +- admissionReviewVersions: + - v1beta1 + clientConfig: + service: + name: webhook-service + namespace: actions-runner-system + path: /mutate-actions-summerwind-dev-v1alpha1-runner + failurePolicy: Fail + name: mutate.runner.actions.summerwind.dev + rules: + - apiGroups: + - actions.summerwind.dev + apiVersions: + - v1alpha1 + operations: + - CREATE + - UPDATE + resources: + - runners + sideEffects: None +- admissionReviewVersions: + - v1beta1 + clientConfig: + service: + name: webhook-service + namespace: actions-runner-system + path: /mutate-actions-summerwind-dev-v1alpha1-runnerdeployment + failurePolicy: Fail + name: mutate.runnerdeployment.actions.summerwind.dev + rules: + - apiGroups: + - actions.summerwind.dev + apiVersions: + - v1alpha1 + operations: + - CREATE + - UPDATE + resources: + - runnerdeployments + sideEffects: None +- admissionReviewVersions: + - v1beta1 + clientConfig: + service: + name: webhook-service + namespace: actions-runner-system + path: /mutate-actions-summerwind-dev-v1alpha1-runnerreplicaset + failurePolicy: Fail + name: mutate.runnerreplicaset.actions.summerwind.dev + rules: + - apiGroups: + - actions.summerwind.dev + apiVersions: + - v1alpha1 + operations: + - CREATE + - UPDATE + resources: + - runnerreplicasets + sideEffects: None +- admissionReviewVersions: + - v1beta1 + clientConfig: + service: + name: webhook-service + namespace: actions-runner-system + path: /mutate-runner-set-pod + failurePolicy: Ignore + name: mutate-runner-pod.webhook.actions.summerwind.dev + rules: + - apiGroups: + - "" + apiVersions: + - v1 + operations: + - CREATE + resources: + - pods + sideEffects: None +--- +apiVersion: admissionregistration.k8s.io/v1 +kind: ValidatingWebhookConfiguration +metadata: + annotations: + cert-manager.io/inject-ca-from: actions-runner-system/serving-cert + name: validating-webhook-configuration +webhooks: +- admissionReviewVersions: + - v1beta1 + clientConfig: + service: + name: webhook-service + namespace: actions-runner-system + path: /validate-actions-summerwind-dev-v1alpha1-runner + failurePolicy: Fail + name: validate.runner.actions.summerwind.dev + rules: + - apiGroups: + - actions.summerwind.dev + apiVersions: + - v1alpha1 + operations: + - CREATE + - UPDATE + resources: + - runners + sideEffects: None +- admissionReviewVersions: + - v1beta1 + clientConfig: + service: + name: webhook-service + namespace: actions-runner-system + path: /validate-actions-summerwind-dev-v1alpha1-runnerdeployment + failurePolicy: Fail + name: validate.runnerdeployment.actions.summerwind.dev + rules: + - apiGroups: + - actions.summerwind.dev + apiVersions: + - v1alpha1 + operations: + - CREATE + - UPDATE + resources: + - runnerdeployments + sideEffects: None +- admissionReviewVersions: + - v1beta1 + clientConfig: + service: + name: webhook-service + namespace: actions-runner-system + path: /validate-actions-summerwind-dev-v1alpha1-runnerreplicaset + failurePolicy: Fail + name: validate.runnerreplicaset.actions.summerwind.dev + rules: + - apiGroups: + - actions.summerwind.dev + apiVersions: + - v1alpha1 + operations: + - CREATE + - UPDATE + resources: + - runnerreplicasets + sideEffects: None diff --git a/data/actions_actions-runner-controller/context.json b/data/actions_actions-runner-controller/context.json new file mode 100644 index 0000000000..43119fcae5 --- /dev/null +++ b/data/actions_actions-runner-controller/context.json @@ -0,0 +1,7510 @@ +{ + "crd": { + "body": { + "apiVersion": "apiextensions.k8s.io/v1", + "kind": "CustomResourceDefinition", + "metadata": { + "annotations": { + "controller-gen.kubebuilder.io/version": "v0.7.0" + }, + "creationTimestamp": "2024-02-22T22:30:36Z", + "generation": 1, + "name": "runnerdeployments.actions.summerwind.dev", + "resourceVersion": "834", + "uid": "49dd185a-f176-494c-a1d5-f1635f98e5a2" + }, + "spec": { + "conversion": { + "strategy": "None" + }, + "group": "actions.summerwind.dev", + "names": { + "kind": "RunnerDeployment", + "listKind": "RunnerDeploymentList", + "plural": "runnerdeployments", + "shortNames": [ + "rdeploy" + ], + "singular": "runnerdeployment" + }, + "scope": "Namespaced", + "versions": [ + { + "additionalPrinterColumns": [ + { + "jsonPath": ".spec.replicas", + "name": "Desired", + "type": "number" + }, + { + "jsonPath": ".status.replicas", + "name": "Current", + "type": "number" + }, + { + "jsonPath": ".status.updatedReplicas", + "name": "Up-To-Date", + "type": "number" + }, + { + "jsonPath": ".status.availableReplicas", + "name": "Available", + "type": "number" + }, + { + "jsonPath": ".metadata.creationTimestamp", + "name": "Age", + "type": "date" + } + ], + "name": "v1alpha1", + "schema": { + "openAPIV3Schema": { + "description": "RunnerDeployment is the Schema for the runnerdeployments API", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", + "type": "string" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "type": "object" + }, + "spec": { + "description": "RunnerDeploymentSpec defines the desired state of RunnerDeployment", + "properties": { + "effectiveTime": { + "description": "EffectiveTime is the time the upstream controller requested to sync Replicas. It is usually populated by the webhook-based autoscaler via HRA. The value is inherited to RunnerRepicaSet(s) and used to prevent ephemeral runners from unnecessarily recreated.", + "format": "date-time", + "nullable": true, + "type": "string" + }, + "replicas": { + "nullable": true, + "type": "integer" + }, + "selector": { + "description": "A label selector is a label query over a set of resources. The result of matchLabels and matchExpressions are ANDed. An empty label selector matches all objects. A null label selector matches no objects.", + "nullable": true, + "properties": { + "matchExpressions": { + "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", + "items": { + "description": "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.", + "properties": { + "key": { + "description": "key is the label key that the selector applies to.", + "type": "string" + }, + "operator": { + "description": "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.", + "type": "string" + }, + "values": { + "description": "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array" + }, + "matchLabels": { + "additionalProperties": { + "type": "string" + }, + "description": "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", + "type": "object" + } + }, + "type": "object" + }, + "template": { + "properties": { + "metadata": { + "properties": { + "annotations": { + "additionalProperties": { + "type": "string" + }, + "type": "object" + }, + "finalizers": { + "items": { + "type": "string" + }, + "type": "array" + }, + "labels": { + "additionalProperties": { + "type": "string" + }, + "type": "object" + }, + "name": { + "type": "string" + }, + "namespace": { + "type": "string" + } + }, + "type": "object" + }, + "spec": { + "description": "RunnerSpec defines the desired state of Runner", + "properties": { + "affinity": { + "description": "Affinity is a group of affinity scheduling rules.", + "properties": { + "nodeAffinity": { + "description": "Describes node affinity scheduling rules for the pod.", + "properties": { + "preferredDuringSchedulingIgnoredDuringExecution": { + "description": "The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding \"weight\" to the sum if the node matches the corresponding matchExpressions; the node(s) with the highest sum are the most preferred.", + "items": { + "description": "An empty preferred scheduling term matches all objects with implicit weight 0 (i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op).", + "properties": { + "preference": { + "description": "A node selector term, associated with the corresponding weight.", + "properties": { + "matchExpressions": { + "description": "A list of node selector requirements by node's labels.", + "items": { + "description": "A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values.", + "properties": { + "key": { + "description": "The label key that the selector applies to.", + "type": "string" + }, + "operator": { + "description": "Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.", + "type": "string" + }, + "values": { + "description": "An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array" + }, + "matchFields": { + "description": "A list of node selector requirements by node's fields.", + "items": { + "description": "A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values.", + "properties": { + "key": { + "description": "The label key that the selector applies to.", + "type": "string" + }, + "operator": { + "description": "Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.", + "type": "string" + }, + "values": { + "description": "An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array" + } + }, + "type": "object" + }, + "weight": { + "description": "Weight associated with matching the corresponding nodeSelectorTerm, in the range 1-100.", + "format": "int32", + "type": "integer" + } + }, + "required": [ + "preference", + "weight" + ], + "type": "object" + }, + "type": "array" + }, + "requiredDuringSchedulingIgnoredDuringExecution": { + "description": "If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to an update), the system may or may not try to eventually evict the pod from its node.", + "properties": { + "nodeSelectorTerms": { + "description": "Required. A list of node selector terms. The terms are ORed.", + "items": { + "description": "A null or empty node selector term matches no objects. The requirements of them are ANDed. The TopologySelectorTerm type implements a subset of the NodeSelectorTerm.", + "properties": { + "matchExpressions": { + "description": "A list of node selector requirements by node's labels.", + "items": { + "description": "A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values.", + "properties": { + "key": { + "description": "The label key that the selector applies to.", + "type": "string" + }, + "operator": { + "description": "Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.", + "type": "string" + }, + "values": { + "description": "An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array" + }, + "matchFields": { + "description": "A list of node selector requirements by node's fields.", + "items": { + "description": "A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values.", + "properties": { + "key": { + "description": "The label key that the selector applies to.", + "type": "string" + }, + "operator": { + "description": "Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.", + "type": "string" + }, + "values": { + "description": "An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array" + } + }, + "type": "object" + }, + "type": "array" + } + }, + "required": [ + "nodeSelectorTerms" + ], + "type": "object" + } + }, + "type": "object" + }, + "podAffinity": { + "description": "Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s)).", + "properties": { + "preferredDuringSchedulingIgnoredDuringExecution": { + "description": "The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding \"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred.", + "items": { + "description": "The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s)", + "properties": { + "podAffinityTerm": { + "description": "Required. A pod affinity term, associated with the corresponding weight.", + "properties": { + "labelSelector": { + "description": "A label query over a set of resources, in this case pods.", + "properties": { + "matchExpressions": { + "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", + "items": { + "description": "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.", + "properties": { + "key": { + "description": "key is the label key that the selector applies to.", + "type": "string" + }, + "operator": { + "description": "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.", + "type": "string" + }, + "values": { + "description": "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array" + }, + "matchLabels": { + "additionalProperties": { + "type": "string" + }, + "description": "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", + "type": "object" + } + }, + "type": "object" + }, + "namespaceSelector": { + "description": "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means \"this pod's namespace\". An empty selector ({}) matches all namespaces. This field is beta-level and is only honored when PodAffinityNamespaceSelector feature is enabled.", + "properties": { + "matchExpressions": { + "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", + "items": { + "description": "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.", + "properties": { + "key": { + "description": "key is the label key that the selector applies to.", + "type": "string" + }, + "operator": { + "description": "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.", + "type": "string" + }, + "values": { + "description": "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array" + }, + "matchLabels": { + "additionalProperties": { + "type": "string" + }, + "description": "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", + "type": "object" + } + }, + "type": "object" + }, + "namespaces": { + "description": "namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means \"this pod's namespace\"", + "items": { + "type": "string" + }, + "type": "array" + }, + "topologyKey": { + "description": "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed.", + "type": "string" + } + }, + "required": [ + "topologyKey" + ], + "type": "object" + }, + "weight": { + "description": "weight associated with matching the corresponding podAffinityTerm, in the range 1-100.", + "format": "int32", + "type": "integer" + } + }, + "required": [ + "podAffinityTerm", + "weight" + ], + "type": "object" + }, + "type": "array" + }, + "requiredDuringSchedulingIgnoredDuringExecution": { + "description": "If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied.", + "items": { + "description": "Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running", + "properties": { + "labelSelector": { + "description": "A label query over a set of resources, in this case pods.", + "properties": { + "matchExpressions": { + "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", + "items": { + "description": "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.", + "properties": { + "key": { + "description": "key is the label key that the selector applies to.", + "type": "string" + }, + "operator": { + "description": "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.", + "type": "string" + }, + "values": { + "description": "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array" + }, + "matchLabels": { + "additionalProperties": { + "type": "string" + }, + "description": "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", + "type": "object" + } + }, + "type": "object" + }, + "namespaceSelector": { + "description": "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means \"this pod's namespace\". An empty selector ({}) matches all namespaces. This field is beta-level and is only honored when PodAffinityNamespaceSelector feature is enabled.", + "properties": { + "matchExpressions": { + "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", + "items": { + "description": "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.", + "properties": { + "key": { + "description": "key is the label key that the selector applies to.", + "type": "string" + }, + "operator": { + "description": "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.", + "type": "string" + }, + "values": { + "description": "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array" + }, + "matchLabels": { + "additionalProperties": { + "type": "string" + }, + "description": "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", + "type": "object" + } + }, + "type": "object" + }, + "namespaces": { + "description": "namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means \"this pod's namespace\"", + "items": { + "type": "string" + }, + "type": "array" + }, + "topologyKey": { + "description": "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed.", + "type": "string" + } + }, + "required": [ + "topologyKey" + ], + "type": "object" + }, + "type": "array" + } + }, + "type": "object" + }, + "podAntiAffinity": { + "description": "Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s)).", + "properties": { + "preferredDuringSchedulingIgnoredDuringExecution": { + "description": "The scheduler will prefer to schedule pods to nodes that satisfy the anti-affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling anti-affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding \"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred.", + "items": { + "description": "The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s)", + "properties": { + "podAffinityTerm": { + "description": "Required. A pod affinity term, associated with the corresponding weight.", + "properties": { + "labelSelector": { + "description": "A label query over a set of resources, in this case pods.", + "properties": { + "matchExpressions": { + "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", + "items": { + "description": "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.", + "properties": { + "key": { + "description": "key is the label key that the selector applies to.", + "type": "string" + }, + "operator": { + "description": "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.", + "type": "string" + }, + "values": { + "description": "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array" + }, + "matchLabels": { + "additionalProperties": { + "type": "string" + }, + "description": "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", + "type": "object" + } + }, + "type": "object" + }, + "namespaceSelector": { + "description": "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means \"this pod's namespace\". An empty selector ({}) matches all namespaces. This field is beta-level and is only honored when PodAffinityNamespaceSelector feature is enabled.", + "properties": { + "matchExpressions": { + "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", + "items": { + "description": "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.", + "properties": { + "key": { + "description": "key is the label key that the selector applies to.", + "type": "string" + }, + "operator": { + "description": "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.", + "type": "string" + }, + "values": { + "description": "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array" + }, + "matchLabels": { + "additionalProperties": { + "type": "string" + }, + "description": "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", + "type": "object" + } + }, + "type": "object" + }, + "namespaces": { + "description": "namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means \"this pod's namespace\"", + "items": { + "type": "string" + }, + "type": "array" + }, + "topologyKey": { + "description": "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed.", + "type": "string" + } + }, + "required": [ + "topologyKey" + ], + "type": "object" + }, + "weight": { + "description": "weight associated with matching the corresponding podAffinityTerm, in the range 1-100.", + "format": "int32", + "type": "integer" + } + }, + "required": [ + "podAffinityTerm", + "weight" + ], + "type": "object" + }, + "type": "array" + }, + "requiredDuringSchedulingIgnoredDuringExecution": { + "description": "If the anti-affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the anti-affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied.", + "items": { + "description": "Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running", + "properties": { + "labelSelector": { + "description": "A label query over a set of resources, in this case pods.", + "properties": { + "matchExpressions": { + "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", + "items": { + "description": "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.", + "properties": { + "key": { + "description": "key is the label key that the selector applies to.", + "type": "string" + }, + "operator": { + "description": "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.", + "type": "string" + }, + "values": { + "description": "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array" + }, + "matchLabels": { + "additionalProperties": { + "type": "string" + }, + "description": "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", + "type": "object" + } + }, + "type": "object" + }, + "namespaceSelector": { + "description": "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means \"this pod's namespace\". An empty selector ({}) matches all namespaces. This field is beta-level and is only honored when PodAffinityNamespaceSelector feature is enabled.", + "properties": { + "matchExpressions": { + "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", + "items": { + "description": "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.", + "properties": { + "key": { + "description": "key is the label key that the selector applies to.", + "type": "string" + }, + "operator": { + "description": "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.", + "type": "string" + }, + "values": { + "description": "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array" + }, + "matchLabels": { + "additionalProperties": { + "type": "string" + }, + "description": "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", + "type": "object" + } + }, + "type": "object" + }, + "namespaces": { + "description": "namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means \"this pod's namespace\"", + "items": { + "type": "string" + }, + "type": "array" + }, + "topologyKey": { + "description": "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed.", + "type": "string" + } + }, + "required": [ + "topologyKey" + ], + "type": "object" + }, + "type": "array" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "automountServiceAccountToken": { + "type": "boolean" + }, + "containers": { + "items": { + "description": "A single application container that you want to run within a pod.", + "properties": { + "args": { + "description": "Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell", + "items": { + "type": "string" + }, + "type": "array" + }, + "command": { + "description": "Entrypoint array. Not executed within a shell. The docker image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell", + "items": { + "type": "string" + }, + "type": "array" + }, + "env": { + "description": "List of environment variables to set in the container. Cannot be updated.", + "items": { + "description": "EnvVar represents an environment variable present in a Container.", + "properties": { + "name": { + "description": "Name of the environment variable. Must be a C_IDENTIFIER.", + "type": "string" + }, + "value": { + "description": "Variable references $(VAR_NAME) are expanded using the previously defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to \"\".", + "type": "string" + }, + "valueFrom": { + "description": "Source for the environment variable's value. Cannot be used if value is not empty.", + "properties": { + "configMapKeyRef": { + "description": "Selects a key of a ConfigMap.", + "properties": { + "key": { + "description": "The key to select.", + "type": "string" + }, + "name": { + "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?", + "type": "string" + }, + "optional": { + "description": "Specify whether the ConfigMap or its key must be defined", + "type": "boolean" + } + }, + "required": [ + "key" + ], + "type": "object" + }, + "fieldRef": { + "description": "Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs.", + "properties": { + "apiVersion": { + "description": "Version of the schema the FieldPath is written in terms of, defaults to \"v1\".", + "type": "string" + }, + "fieldPath": { + "description": "Path of the field to select in the specified API version.", + "type": "string" + } + }, + "required": [ + "fieldPath" + ], + "type": "object" + }, + "resourceFieldRef": { + "description": "Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported.", + "properties": { + "containerName": { + "description": "Container name: required for volumes, optional for env vars", + "type": "string" + }, + "divisor": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "description": "Specifies the output format of the exposed resources, defaults to \"1\"", + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "resource": { + "description": "Required: resource to select", + "type": "string" + } + }, + "required": [ + "resource" + ], + "type": "object" + }, + "secretKeyRef": { + "description": "Selects a key of a secret in the pod's namespace", + "properties": { + "key": { + "description": "The key of the secret to select from. Must be a valid secret key.", + "type": "string" + }, + "name": { + "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?", + "type": "string" + }, + "optional": { + "description": "Specify whether the Secret or its key must be defined", + "type": "boolean" + } + }, + "required": [ + "key" + ], + "type": "object" + } + }, + "type": "object" + } + }, + "required": [ + "name" + ], + "type": "object" + }, + "type": "array" + }, + "envFrom": { + "description": "List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated.", + "items": { + "description": "EnvFromSource represents the source of a set of ConfigMaps", + "properties": { + "configMapRef": { + "description": "The ConfigMap to select from", + "properties": { + "name": { + "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?", + "type": "string" + }, + "optional": { + "description": "Specify whether the ConfigMap must be defined", + "type": "boolean" + } + }, + "type": "object" + }, + "prefix": { + "description": "An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER.", + "type": "string" + }, + "secretRef": { + "description": "The Secret to select from", + "properties": { + "name": { + "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?", + "type": "string" + }, + "optional": { + "description": "Specify whether the Secret must be defined", + "type": "boolean" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "type": "array" + }, + "image": { + "description": "Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images This field is optional to allow higher level config management to default or override container images in workload controllers like Deployments and StatefulSets.", + "type": "string" + }, + "imagePullPolicy": { + "description": "Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images", + "type": "string" + }, + "lifecycle": { + "description": "Actions that the management system should take in response to container lifecycle events. Cannot be updated.", + "properties": { + "postStart": { + "description": "PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks", + "properties": { + "exec": { + "description": "Exec specifies the action to take.", + "properties": { + "command": { + "description": "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + }, + "httpGet": { + "description": "HTTPGet specifies the http request to perform.", + "properties": { + "host": { + "description": "Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead.", + "type": "string" + }, + "httpHeaders": { + "description": "Custom headers to set in the request. HTTP allows repeated headers.", + "items": { + "description": "HTTPHeader describes a custom header to be used in HTTP probes", + "properties": { + "name": { + "description": "The header field name", + "type": "string" + }, + "value": { + "description": "The header field value", + "type": "string" + } + }, + "required": [ + "name", + "value" + ], + "type": "object" + }, + "type": "array" + }, + "path": { + "description": "Path to access on the HTTP server.", + "type": "string" + }, + "port": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "description": "Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.", + "x-kubernetes-int-or-string": true + }, + "scheme": { + "description": "Scheme to use for connecting to the host. Defaults to HTTP.", + "type": "string" + } + }, + "required": [ + "port" + ], + "type": "object" + }, + "tcpSocket": { + "description": "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified.", + "properties": { + "host": { + "description": "Optional: Host name to connect to, defaults to the pod IP.", + "type": "string" + }, + "port": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "description": "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.", + "x-kubernetes-int-or-string": true + } + }, + "required": [ + "port" + ], + "type": "object" + } + }, + "type": "object" + }, + "preStop": { + "description": "PreStop is called immediately before a container is terminated due to an API request or management event such as liveness/startup probe failure, preemption, resource contention, etc. The handler is not called if the container crashes or exits. The Pod's termination grace period countdown begins before the PreStop hook is executed. Regardless of the outcome of the handler, the container will eventually terminate within the Pod's termination grace period (unless delayed by finalizers). Other management of the container blocks until the hook completes or until the termination grace period is reached. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks", + "properties": { + "exec": { + "description": "Exec specifies the action to take.", + "properties": { + "command": { + "description": "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + }, + "httpGet": { + "description": "HTTPGet specifies the http request to perform.", + "properties": { + "host": { + "description": "Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead.", + "type": "string" + }, + "httpHeaders": { + "description": "Custom headers to set in the request. HTTP allows repeated headers.", + "items": { + "description": "HTTPHeader describes a custom header to be used in HTTP probes", + "properties": { + "name": { + "description": "The header field name", + "type": "string" + }, + "value": { + "description": "The header field value", + "type": "string" + } + }, + "required": [ + "name", + "value" + ], + "type": "object" + }, + "type": "array" + }, + "path": { + "description": "Path to access on the HTTP server.", + "type": "string" + }, + "port": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "description": "Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.", + "x-kubernetes-int-or-string": true + }, + "scheme": { + "description": "Scheme to use for connecting to the host. Defaults to HTTP.", + "type": "string" + } + }, + "required": [ + "port" + ], + "type": "object" + }, + "tcpSocket": { + "description": "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified.", + "properties": { + "host": { + "description": "Optional: Host name to connect to, defaults to the pod IP.", + "type": "string" + }, + "port": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "description": "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.", + "x-kubernetes-int-or-string": true + } + }, + "required": [ + "port" + ], + "type": "object" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "livenessProbe": { + "description": "Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes", + "properties": { + "exec": { + "description": "Exec specifies the action to take.", + "properties": { + "command": { + "description": "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + }, + "failureThreshold": { + "description": "Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.", + "format": "int32", + "type": "integer" + }, + "grpc": { + "description": "GRPC specifies an action involving a GRPC port. This is an alpha field and requires enabling GRPCContainerProbe feature gate.", + "properties": { + "port": { + "description": "Port number of the gRPC service. Number must be in the range 1 to 65535.", + "format": "int32", + "type": "integer" + }, + "service": { + "description": "Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). \n If this is not specified, the default behavior is defined by gRPC.", + "type": "string" + } + }, + "required": [ + "port" + ], + "type": "object" + }, + "httpGet": { + "description": "HTTPGet specifies the http request to perform.", + "properties": { + "host": { + "description": "Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead.", + "type": "string" + }, + "httpHeaders": { + "description": "Custom headers to set in the request. HTTP allows repeated headers.", + "items": { + "description": "HTTPHeader describes a custom header to be used in HTTP probes", + "properties": { + "name": { + "description": "The header field name", + "type": "string" + }, + "value": { + "description": "The header field value", + "type": "string" + } + }, + "required": [ + "name", + "value" + ], + "type": "object" + }, + "type": "array" + }, + "path": { + "description": "Path to access on the HTTP server.", + "type": "string" + }, + "port": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "description": "Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.", + "x-kubernetes-int-or-string": true + }, + "scheme": { + "description": "Scheme to use for connecting to the host. Defaults to HTTP.", + "type": "string" + } + }, + "required": [ + "port" + ], + "type": "object" + }, + "initialDelaySeconds": { + "description": "Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes", + "format": "int32", + "type": "integer" + }, + "periodSeconds": { + "description": "How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1.", + "format": "int32", + "type": "integer" + }, + "successThreshold": { + "description": "Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1.", + "format": "int32", + "type": "integer" + }, + "tcpSocket": { + "description": "TCPSocket specifies an action involving a TCP port.", + "properties": { + "host": { + "description": "Optional: Host name to connect to, defaults to the pod IP.", + "type": "string" + }, + "port": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "description": "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.", + "x-kubernetes-int-or-string": true + } + }, + "required": [ + "port" + ], + "type": "object" + }, + "terminationGracePeriodSeconds": { + "description": "Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset.", + "format": "int64", + "type": "integer" + }, + "timeoutSeconds": { + "description": "Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes", + "format": "int32", + "type": "integer" + } + }, + "type": "object" + }, + "name": { + "description": "Name of the container specified as a DNS_LABEL. Each container in a pod must have a unique name (DNS_LABEL). Cannot be updated.", + "type": "string" + }, + "ports": { + "description": "List of ports to expose from the container. Exposing a port here gives the system additional information about the network connections a container uses, but is primarily informational. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default \"0.0.0.0\" address inside a container will be accessible from the network. Cannot be updated.", + "items": { + "description": "ContainerPort represents a network port in a single container.", + "properties": { + "containerPort": { + "description": "Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536.", + "format": "int32", + "type": "integer" + }, + "hostIP": { + "description": "What host IP to bind the external port to.", + "type": "string" + }, + "hostPort": { + "description": "Number of port to expose on the host. If specified, this must be a valid port number, 0 < x < 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this.", + "format": "int32", + "type": "integer" + }, + "name": { + "description": "If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services.", + "type": "string" + }, + "protocol": { + "default": "TCP", + "description": "Protocol for port. Must be UDP, TCP, or SCTP. Defaults to \"TCP\".", + "type": "string" + } + }, + "required": [ + "containerPort" + ], + "type": "object" + }, + "type": "array", + "x-kubernetes-list-map-keys": [ + "containerPort", + "protocol" + ], + "x-kubernetes-list-type": "map" + }, + "readinessProbe": { + "description": "Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes", + "properties": { + "exec": { + "description": "Exec specifies the action to take.", + "properties": { + "command": { + "description": "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + }, + "failureThreshold": { + "description": "Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.", + "format": "int32", + "type": "integer" + }, + "grpc": { + "description": "GRPC specifies an action involving a GRPC port. This is an alpha field and requires enabling GRPCContainerProbe feature gate.", + "properties": { + "port": { + "description": "Port number of the gRPC service. Number must be in the range 1 to 65535.", + "format": "int32", + "type": "integer" + }, + "service": { + "description": "Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). \n If this is not specified, the default behavior is defined by gRPC.", + "type": "string" + } + }, + "required": [ + "port" + ], + "type": "object" + }, + "httpGet": { + "description": "HTTPGet specifies the http request to perform.", + "properties": { + "host": { + "description": "Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead.", + "type": "string" + }, + "httpHeaders": { + "description": "Custom headers to set in the request. HTTP allows repeated headers.", + "items": { + "description": "HTTPHeader describes a custom header to be used in HTTP probes", + "properties": { + "name": { + "description": "The header field name", + "type": "string" + }, + "value": { + "description": "The header field value", + "type": "string" + } + }, + "required": [ + "name", + "value" + ], + "type": "object" + }, + "type": "array" + }, + "path": { + "description": "Path to access on the HTTP server.", + "type": "string" + }, + "port": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "description": "Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.", + "x-kubernetes-int-or-string": true + }, + "scheme": { + "description": "Scheme to use for connecting to the host. Defaults to HTTP.", + "type": "string" + } + }, + "required": [ + "port" + ], + "type": "object" + }, + "initialDelaySeconds": { + "description": "Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes", + "format": "int32", + "type": "integer" + }, + "periodSeconds": { + "description": "How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1.", + "format": "int32", + "type": "integer" + }, + "successThreshold": { + "description": "Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1.", + "format": "int32", + "type": "integer" + }, + "tcpSocket": { + "description": "TCPSocket specifies an action involving a TCP port.", + "properties": { + "host": { + "description": "Optional: Host name to connect to, defaults to the pod IP.", + "type": "string" + }, + "port": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "description": "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.", + "x-kubernetes-int-or-string": true + } + }, + "required": [ + "port" + ], + "type": "object" + }, + "terminationGracePeriodSeconds": { + "description": "Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset.", + "format": "int64", + "type": "integer" + }, + "timeoutSeconds": { + "description": "Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes", + "format": "int32", + "type": "integer" + } + }, + "type": "object" + }, + "resources": { + "description": "Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/", + "properties": { + "limits": { + "additionalProperties": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "description": "Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/", + "type": "object" + }, + "requests": { + "additionalProperties": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "description": "Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/", + "type": "object" + } + }, + "type": "object" + }, + "securityContext": { + "description": "SecurityContext defines the security options the container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/", + "properties": { + "allowPrivilegeEscalation": { + "description": "AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN Note that this field cannot be set when spec.os.name is windows.", + "type": "boolean" + }, + "capabilities": { + "description": "The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. Note that this field cannot be set when spec.os.name is windows.", + "properties": { + "add": { + "description": "Added capabilities", + "items": { + "description": "Capability represent POSIX capabilities type", + "type": "string" + }, + "type": "array" + }, + "drop": { + "description": "Removed capabilities", + "items": { + "description": "Capability represent POSIX capabilities type", + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + }, + "privileged": { + "description": "Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. Note that this field cannot be set when spec.os.name is windows.", + "type": "boolean" + }, + "procMount": { + "description": "procMount denotes the type of proc mount to use for the containers. The default is DefaultProcMount which uses the container runtime defaults for readonly paths and masked paths. This requires the ProcMountType feature flag to be enabled. Note that this field cannot be set when spec.os.name is windows.", + "type": "string" + }, + "readOnlyRootFilesystem": { + "description": "Whether this container has a read-only root filesystem. Default is false. Note that this field cannot be set when spec.os.name is windows.", + "type": "boolean" + }, + "runAsGroup": { + "description": "The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows.", + "format": "int64", + "type": "integer" + }, + "runAsNonRoot": { + "description": "Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.", + "type": "boolean" + }, + "runAsUser": { + "description": "The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows.", + "format": "int64", + "type": "integer" + }, + "seLinuxOptions": { + "description": "The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows.", + "properties": { + "level": { + "description": "Level is SELinux level label that applies to the container.", + "type": "string" + }, + "role": { + "description": "Role is a SELinux role label that applies to the container.", + "type": "string" + }, + "type": { + "description": "Type is a SELinux type label that applies to the container.", + "type": "string" + }, + "user": { + "description": "User is a SELinux user label that applies to the container.", + "type": "string" + } + }, + "type": "object" + }, + "seccompProfile": { + "description": "The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows.", + "properties": { + "localhostProfile": { + "description": "localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must only be set if type is \"Localhost\".", + "type": "string" + }, + "type": { + "description": "type indicates which kind of seccomp profile will be applied. Valid options are: \n Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied.", + "type": "string" + } + }, + "required": [ + "type" + ], + "type": "object" + }, + "windowsOptions": { + "description": "The Windows specific settings applied to all containers. If unspecified, the options from the PodSecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is linux.", + "properties": { + "gmsaCredentialSpec": { + "description": "GMSACredentialSpec is where the GMSA admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the GMSA credential spec named by the GMSACredentialSpecName field.", + "type": "string" + }, + "gmsaCredentialSpecName": { + "description": "GMSACredentialSpecName is the name of the GMSA credential spec to use.", + "type": "string" + }, + "hostProcess": { + "description": "HostProcess determines if a container should be run as a 'Host Process' container. This field is alpha-level and will only be honored by components that enable the WindowsHostProcessContainers feature flag. Setting this field without the feature flag will result in errors when validating the Pod. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.", + "type": "boolean" + }, + "runAsUserName": { + "description": "The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.", + "type": "string" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "startupProbe": { + "description": "StartupProbe indicates that the Pod has successfully initialized. If specified, no other probes are executed until this completes successfully. If this probe fails, the Pod will be restarted, just as if the livenessProbe failed. This can be used to provide different probe parameters at the beginning of a Pod's lifecycle, when it might take a long time to load data or warm a cache, than during steady-state operation. This cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes", + "properties": { + "exec": { + "description": "Exec specifies the action to take.", + "properties": { + "command": { + "description": "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + }, + "failureThreshold": { + "description": "Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.", + "format": "int32", + "type": "integer" + }, + "grpc": { + "description": "GRPC specifies an action involving a GRPC port. This is an alpha field and requires enabling GRPCContainerProbe feature gate.", + "properties": { + "port": { + "description": "Port number of the gRPC service. Number must be in the range 1 to 65535.", + "format": "int32", + "type": "integer" + }, + "service": { + "description": "Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). \n If this is not specified, the default behavior is defined by gRPC.", + "type": "string" + } + }, + "required": [ + "port" + ], + "type": "object" + }, + "httpGet": { + "description": "HTTPGet specifies the http request to perform.", + "properties": { + "host": { + "description": "Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead.", + "type": "string" + }, + "httpHeaders": { + "description": "Custom headers to set in the request. HTTP allows repeated headers.", + "items": { + "description": "HTTPHeader describes a custom header to be used in HTTP probes", + "properties": { + "name": { + "description": "The header field name", + "type": "string" + }, + "value": { + "description": "The header field value", + "type": "string" + } + }, + "required": [ + "name", + "value" + ], + "type": "object" + }, + "type": "array" + }, + "path": { + "description": "Path to access on the HTTP server.", + "type": "string" + }, + "port": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "description": "Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.", + "x-kubernetes-int-or-string": true + }, + "scheme": { + "description": "Scheme to use for connecting to the host. Defaults to HTTP.", + "type": "string" + } + }, + "required": [ + "port" + ], + "type": "object" + }, + "initialDelaySeconds": { + "description": "Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes", + "format": "int32", + "type": "integer" + }, + "periodSeconds": { + "description": "How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1.", + "format": "int32", + "type": "integer" + }, + "successThreshold": { + "description": "Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1.", + "format": "int32", + "type": "integer" + }, + "tcpSocket": { + "description": "TCPSocket specifies an action involving a TCP port.", + "properties": { + "host": { + "description": "Optional: Host name to connect to, defaults to the pod IP.", + "type": "string" + }, + "port": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "description": "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.", + "x-kubernetes-int-or-string": true + } + }, + "required": [ + "port" + ], + "type": "object" + }, + "terminationGracePeriodSeconds": { + "description": "Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset.", + "format": "int64", + "type": "integer" + }, + "timeoutSeconds": { + "description": "Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes", + "format": "int32", + "type": "integer" + } + }, + "type": "object" + }, + "stdin": { + "description": "Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false.", + "type": "boolean" + }, + "stdinOnce": { + "description": "Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false", + "type": "boolean" + }, + "terminationMessagePath": { + "description": "Optional: Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated.", + "type": "string" + }, + "terminationMessagePolicy": { + "description": "Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated.", + "type": "string" + }, + "tty": { + "description": "Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. Default is false.", + "type": "boolean" + }, + "volumeDevices": { + "description": "volumeDevices is the list of block devices to be used by the container.", + "items": { + "description": "volumeDevice describes a mapping of a raw block device within a container.", + "properties": { + "devicePath": { + "description": "devicePath is the path inside of the container that the device will be mapped to.", + "type": "string" + }, + "name": { + "description": "name must match the name of a persistentVolumeClaim in the pod", + "type": "string" + } + }, + "required": [ + "devicePath", + "name" + ], + "type": "object" + }, + "type": "array" + }, + "volumeMounts": { + "description": "Pod volumes to mount into the container's filesystem. Cannot be updated.", + "items": { + "description": "VolumeMount describes a mounting of a Volume within a container.", + "properties": { + "mountPath": { + "description": "Path within the container at which the volume should be mounted. Must not contain ':'.", + "type": "string" + }, + "mountPropagation": { + "description": "mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationNone is used. This field is beta in 1.10.", + "type": "string" + }, + "name": { + "description": "This must match the Name of a Volume.", + "type": "string" + }, + "readOnly": { + "description": "Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false.", + "type": "boolean" + }, + "subPath": { + "description": "Path within the volume from which the container's volume should be mounted. Defaults to \"\" (volume's root).", + "type": "string" + }, + "subPathExpr": { + "description": "Expanded path within the volume from which the container's volume should be mounted. Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. Defaults to \"\" (volume's root). SubPathExpr and SubPath are mutually exclusive.", + "type": "string" + } + }, + "required": [ + "mountPath", + "name" + ], + "type": "object" + }, + "type": "array" + }, + "workingDir": { + "description": "Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated.", + "type": "string" + } + }, + "required": [ + "name" + ], + "type": "object" + }, + "type": "array" + }, + "dnsConfig": { + "items": { + "description": "PodDNSConfig defines the DNS parameters of a pod in addition to those generated from DNSPolicy.", + "properties": { + "nameservers": { + "description": "A list of DNS name server IP addresses. This will be appended to the base nameservers generated from DNSPolicy. Duplicated nameservers will be removed.", + "items": { + "type": "string" + }, + "type": "array" + }, + "options": { + "description": "A list of DNS resolver options. This will be merged with the base options generated from DNSPolicy. Duplicated entries will be removed. Resolution options given in Options will override those that appear in the base DNSPolicy.", + "items": { + "description": "PodDNSConfigOption defines DNS resolver options of a pod.", + "properties": { + "name": { + "description": "Required.", + "type": "string" + }, + "value": { + "type": "string" + } + }, + "type": "object" + }, + "type": "array" + }, + "searches": { + "description": "A list of DNS search domains for host-name lookup. This will be appended to the base search paths generated from DNSPolicy. Duplicated search paths will be removed.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + }, + "type": "array" + }, + "dockerEnabled": { + "type": "boolean" + }, + "dockerEnv": { + "items": { + "description": "EnvVar represents an environment variable present in a Container.", + "properties": { + "name": { + "description": "Name of the environment variable. Must be a C_IDENTIFIER.", + "type": "string" + }, + "value": { + "description": "Variable references $(VAR_NAME) are expanded using the previously defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to \"\".", + "type": "string" + }, + "valueFrom": { + "description": "Source for the environment variable's value. Cannot be used if value is not empty.", + "properties": { + "configMapKeyRef": { + "description": "Selects a key of a ConfigMap.", + "properties": { + "key": { + "description": "The key to select.", + "type": "string" + }, + "name": { + "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?", + "type": "string" + }, + "optional": { + "description": "Specify whether the ConfigMap or its key must be defined", + "type": "boolean" + } + }, + "required": [ + "key" + ], + "type": "object" + }, + "fieldRef": { + "description": "Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs.", + "properties": { + "apiVersion": { + "description": "Version of the schema the FieldPath is written in terms of, defaults to \"v1\".", + "type": "string" + }, + "fieldPath": { + "description": "Path of the field to select in the specified API version.", + "type": "string" + } + }, + "required": [ + "fieldPath" + ], + "type": "object" + }, + "resourceFieldRef": { + "description": "Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported.", + "properties": { + "containerName": { + "description": "Container name: required for volumes, optional for env vars", + "type": "string" + }, + "divisor": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "description": "Specifies the output format of the exposed resources, defaults to \"1\"", + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "resource": { + "description": "Required: resource to select", + "type": "string" + } + }, + "required": [ + "resource" + ], + "type": "object" + }, + "secretKeyRef": { + "description": "Selects a key of a secret in the pod's namespace", + "properties": { + "key": { + "description": "The key of the secret to select from. Must be a valid secret key.", + "type": "string" + }, + "name": { + "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?", + "type": "string" + }, + "optional": { + "description": "Specify whether the Secret or its key must be defined", + "type": "boolean" + } + }, + "required": [ + "key" + ], + "type": "object" + } + }, + "type": "object" + } + }, + "required": [ + "name" + ], + "type": "object" + }, + "type": "array" + }, + "dockerMTU": { + "format": "int64", + "type": "integer" + }, + "dockerRegistryMirror": { + "type": "string" + }, + "dockerVolumeMounts": { + "items": { + "description": "VolumeMount describes a mounting of a Volume within a container.", + "properties": { + "mountPath": { + "description": "Path within the container at which the volume should be mounted. Must not contain ':'.", + "type": "string" + }, + "mountPropagation": { + "description": "mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationNone is used. This field is beta in 1.10.", + "type": "string" + }, + "name": { + "description": "This must match the Name of a Volume.", + "type": "string" + }, + "readOnly": { + "description": "Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false.", + "type": "boolean" + }, + "subPath": { + "description": "Path within the volume from which the container's volume should be mounted. Defaults to \"\" (volume's root).", + "type": "string" + }, + "subPathExpr": { + "description": "Expanded path within the volume from which the container's volume should be mounted. Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. Defaults to \"\" (volume's root). SubPathExpr and SubPath are mutually exclusive.", + "type": "string" + } + }, + "required": [ + "mountPath", + "name" + ], + "type": "object" + }, + "type": "array" + }, + "dockerdContainerResources": { + "description": "ResourceRequirements describes the compute resource requirements.", + "properties": { + "limits": { + "additionalProperties": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "description": "Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/", + "type": "object" + }, + "requests": { + "additionalProperties": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "description": "Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/", + "type": "object" + } + }, + "type": "object" + }, + "dockerdWithinRunnerContainer": { + "type": "boolean" + }, + "enableServiceLinks": { + "type": "boolean" + }, + "enterprise": { + "pattern": "^[^/]+$", + "type": "string" + }, + "env": { + "items": { + "description": "EnvVar represents an environment variable present in a Container.", + "properties": { + "name": { + "description": "Name of the environment variable. Must be a C_IDENTIFIER.", + "type": "string" + }, + "value": { + "description": "Variable references $(VAR_NAME) are expanded using the previously defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to \"\".", + "type": "string" + }, + "valueFrom": { + "description": "Source for the environment variable's value. Cannot be used if value is not empty.", + "properties": { + "configMapKeyRef": { + "description": "Selects a key of a ConfigMap.", + "properties": { + "key": { + "description": "The key to select.", + "type": "string" + }, + "name": { + "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?", + "type": "string" + }, + "optional": { + "description": "Specify whether the ConfigMap or its key must be defined", + "type": "boolean" + } + }, + "required": [ + "key" + ], + "type": "object" + }, + "fieldRef": { + "description": "Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs.", + "properties": { + "apiVersion": { + "description": "Version of the schema the FieldPath is written in terms of, defaults to \"v1\".", + "type": "string" + }, + "fieldPath": { + "description": "Path of the field to select in the specified API version.", + "type": "string" + } + }, + "required": [ + "fieldPath" + ], + "type": "object" + }, + "resourceFieldRef": { + "description": "Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported.", + "properties": { + "containerName": { + "description": "Container name: required for volumes, optional for env vars", + "type": "string" + }, + "divisor": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "description": "Specifies the output format of the exposed resources, defaults to \"1\"", + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "resource": { + "description": "Required: resource to select", + "type": "string" + } + }, + "required": [ + "resource" + ], + "type": "object" + }, + "secretKeyRef": { + "description": "Selects a key of a secret in the pod's namespace", + "properties": { + "key": { + "description": "The key of the secret to select from. Must be a valid secret key.", + "type": "string" + }, + "name": { + "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?", + "type": "string" + }, + "optional": { + "description": "Specify whether the Secret or its key must be defined", + "type": "boolean" + } + }, + "required": [ + "key" + ], + "type": "object" + } + }, + "type": "object" + } + }, + "required": [ + "name" + ], + "type": "object" + }, + "type": "array" + }, + "envFrom": { + "items": { + "description": "EnvFromSource represents the source of a set of ConfigMaps", + "properties": { + "configMapRef": { + "description": "The ConfigMap to select from", + "properties": { + "name": { + "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?", + "type": "string" + }, + "optional": { + "description": "Specify whether the ConfigMap must be defined", + "type": "boolean" + } + }, + "type": "object" + }, + "prefix": { + "description": "An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER.", + "type": "string" + }, + "secretRef": { + "description": "The Secret to select from", + "properties": { + "name": { + "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?", + "type": "string" + }, + "optional": { + "description": "Specify whether the Secret must be defined", + "type": "boolean" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "type": "array" + }, + "ephemeral": { + "type": "boolean" + }, + "ephemeralContainers": { + "items": { + "description": "An EphemeralContainer is a temporary container that you may add to an existing Pod for user-initiated activities such as debugging. Ephemeral containers have no resource or scheduling guarantees, and they will not be restarted when they exit or when a Pod is removed or restarted. The kubelet may evict a Pod if an ephemeral container causes the Pod to exceed its resource allocation. \n To add an ephemeral container, use the ephemeralcontainers subresource of an existing Pod. Ephemeral containers may not be removed or restarted. \n This is a beta feature available on clusters that haven't disabled the EphemeralContainers feature gate.", + "properties": { + "args": { + "description": "Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell", + "items": { + "type": "string" + }, + "type": "array" + }, + "command": { + "description": "Entrypoint array. Not executed within a shell. The docker image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell", + "items": { + "type": "string" + }, + "type": "array" + }, + "env": { + "description": "List of environment variables to set in the container. Cannot be updated.", + "items": { + "description": "EnvVar represents an environment variable present in a Container.", + "properties": { + "name": { + "description": "Name of the environment variable. Must be a C_IDENTIFIER.", + "type": "string" + }, + "value": { + "description": "Variable references $(VAR_NAME) are expanded using the previously defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to \"\".", + "type": "string" + }, + "valueFrom": { + "description": "Source for the environment variable's value. Cannot be used if value is not empty.", + "properties": { + "configMapKeyRef": { + "description": "Selects a key of a ConfigMap.", + "properties": { + "key": { + "description": "The key to select.", + "type": "string" + }, + "name": { + "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?", + "type": "string" + }, + "optional": { + "description": "Specify whether the ConfigMap or its key must be defined", + "type": "boolean" + } + }, + "required": [ + "key" + ], + "type": "object" + }, + "fieldRef": { + "description": "Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs.", + "properties": { + "apiVersion": { + "description": "Version of the schema the FieldPath is written in terms of, defaults to \"v1\".", + "type": "string" + }, + "fieldPath": { + "description": "Path of the field to select in the specified API version.", + "type": "string" + } + }, + "required": [ + "fieldPath" + ], + "type": "object" + }, + "resourceFieldRef": { + "description": "Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported.", + "properties": { + "containerName": { + "description": "Container name: required for volumes, optional for env vars", + "type": "string" + }, + "divisor": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "description": "Specifies the output format of the exposed resources, defaults to \"1\"", + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "resource": { + "description": "Required: resource to select", + "type": "string" + } + }, + "required": [ + "resource" + ], + "type": "object" + }, + "secretKeyRef": { + "description": "Selects a key of a secret in the pod's namespace", + "properties": { + "key": { + "description": "The key of the secret to select from. Must be a valid secret key.", + "type": "string" + }, + "name": { + "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?", + "type": "string" + }, + "optional": { + "description": "Specify whether the Secret or its key must be defined", + "type": "boolean" + } + }, + "required": [ + "key" + ], + "type": "object" + } + }, + "type": "object" + } + }, + "required": [ + "name" + ], + "type": "object" + }, + "type": "array" + }, + "envFrom": { + "description": "List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated.", + "items": { + "description": "EnvFromSource represents the source of a set of ConfigMaps", + "properties": { + "configMapRef": { + "description": "The ConfigMap to select from", + "properties": { + "name": { + "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?", + "type": "string" + }, + "optional": { + "description": "Specify whether the ConfigMap must be defined", + "type": "boolean" + } + }, + "type": "object" + }, + "prefix": { + "description": "An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER.", + "type": "string" + }, + "secretRef": { + "description": "The Secret to select from", + "properties": { + "name": { + "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?", + "type": "string" + }, + "optional": { + "description": "Specify whether the Secret must be defined", + "type": "boolean" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "type": "array" + }, + "image": { + "description": "Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images", + "type": "string" + }, + "imagePullPolicy": { + "description": "Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images", + "type": "string" + }, + "lifecycle": { + "description": "Lifecycle is not allowed for ephemeral containers.", + "properties": { + "postStart": { + "description": "PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks", + "properties": { + "exec": { + "description": "Exec specifies the action to take.", + "properties": { + "command": { + "description": "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + }, + "httpGet": { + "description": "HTTPGet specifies the http request to perform.", + "properties": { + "host": { + "description": "Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead.", + "type": "string" + }, + "httpHeaders": { + "description": "Custom headers to set in the request. HTTP allows repeated headers.", + "items": { + "description": "HTTPHeader describes a custom header to be used in HTTP probes", + "properties": { + "name": { + "description": "The header field name", + "type": "string" + }, + "value": { + "description": "The header field value", + "type": "string" + } + }, + "required": [ + "name", + "value" + ], + "type": "object" + }, + "type": "array" + }, + "path": { + "description": "Path to access on the HTTP server.", + "type": "string" + }, + "port": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "description": "Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.", + "x-kubernetes-int-or-string": true + }, + "scheme": { + "description": "Scheme to use for connecting to the host. Defaults to HTTP.", + "type": "string" + } + }, + "required": [ + "port" + ], + "type": "object" + }, + "tcpSocket": { + "description": "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified.", + "properties": { + "host": { + "description": "Optional: Host name to connect to, defaults to the pod IP.", + "type": "string" + }, + "port": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "description": "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.", + "x-kubernetes-int-or-string": true + } + }, + "required": [ + "port" + ], + "type": "object" + } + }, + "type": "object" + }, + "preStop": { + "description": "PreStop is called immediately before a container is terminated due to an API request or management event such as liveness/startup probe failure, preemption, resource contention, etc. The handler is not called if the container crashes or exits. The Pod's termination grace period countdown begins before the PreStop hook is executed. Regardless of the outcome of the handler, the container will eventually terminate within the Pod's termination grace period (unless delayed by finalizers). Other management of the container blocks until the hook completes or until the termination grace period is reached. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks", + "properties": { + "exec": { + "description": "Exec specifies the action to take.", + "properties": { + "command": { + "description": "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + }, + "httpGet": { + "description": "HTTPGet specifies the http request to perform.", + "properties": { + "host": { + "description": "Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead.", + "type": "string" + }, + "httpHeaders": { + "description": "Custom headers to set in the request. HTTP allows repeated headers.", + "items": { + "description": "HTTPHeader describes a custom header to be used in HTTP probes", + "properties": { + "name": { + "description": "The header field name", + "type": "string" + }, + "value": { + "description": "The header field value", + "type": "string" + } + }, + "required": [ + "name", + "value" + ], + "type": "object" + }, + "type": "array" + }, + "path": { + "description": "Path to access on the HTTP server.", + "type": "string" + }, + "port": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "description": "Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.", + "x-kubernetes-int-or-string": true + }, + "scheme": { + "description": "Scheme to use for connecting to the host. Defaults to HTTP.", + "type": "string" + } + }, + "required": [ + "port" + ], + "type": "object" + }, + "tcpSocket": { + "description": "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified.", + "properties": { + "host": { + "description": "Optional: Host name to connect to, defaults to the pod IP.", + "type": "string" + }, + "port": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "description": "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.", + "x-kubernetes-int-or-string": true + } + }, + "required": [ + "port" + ], + "type": "object" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "livenessProbe": { + "description": "Probes are not allowed for ephemeral containers.", + "properties": { + "exec": { + "description": "Exec specifies the action to take.", + "properties": { + "command": { + "description": "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + }, + "failureThreshold": { + "description": "Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.", + "format": "int32", + "type": "integer" + }, + "grpc": { + "description": "GRPC specifies an action involving a GRPC port. This is an alpha field and requires enabling GRPCContainerProbe feature gate.", + "properties": { + "port": { + "description": "Port number of the gRPC service. Number must be in the range 1 to 65535.", + "format": "int32", + "type": "integer" + }, + "service": { + "description": "Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). \n If this is not specified, the default behavior is defined by gRPC.", + "type": "string" + } + }, + "required": [ + "port" + ], + "type": "object" + }, + "httpGet": { + "description": "HTTPGet specifies the http request to perform.", + "properties": { + "host": { + "description": "Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead.", + "type": "string" + }, + "httpHeaders": { + "description": "Custom headers to set in the request. HTTP allows repeated headers.", + "items": { + "description": "HTTPHeader describes a custom header to be used in HTTP probes", + "properties": { + "name": { + "description": "The header field name", + "type": "string" + }, + "value": { + "description": "The header field value", + "type": "string" + } + }, + "required": [ + "name", + "value" + ], + "type": "object" + }, + "type": "array" + }, + "path": { + "description": "Path to access on the HTTP server.", + "type": "string" + }, + "port": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "description": "Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.", + "x-kubernetes-int-or-string": true + }, + "scheme": { + "description": "Scheme to use for connecting to the host. Defaults to HTTP.", + "type": "string" + } + }, + "required": [ + "port" + ], + "type": "object" + }, + "initialDelaySeconds": { + "description": "Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes", + "format": "int32", + "type": "integer" + }, + "periodSeconds": { + "description": "How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1.", + "format": "int32", + "type": "integer" + }, + "successThreshold": { + "description": "Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1.", + "format": "int32", + "type": "integer" + }, + "tcpSocket": { + "description": "TCPSocket specifies an action involving a TCP port.", + "properties": { + "host": { + "description": "Optional: Host name to connect to, defaults to the pod IP.", + "type": "string" + }, + "port": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "description": "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.", + "x-kubernetes-int-or-string": true + } + }, + "required": [ + "port" + ], + "type": "object" + }, + "terminationGracePeriodSeconds": { + "description": "Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset.", + "format": "int64", + "type": "integer" + }, + "timeoutSeconds": { + "description": "Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes", + "format": "int32", + "type": "integer" + } + }, + "type": "object" + }, + "name": { + "description": "Name of the ephemeral container specified as a DNS_LABEL. This name must be unique among all containers, init containers and ephemeral containers.", + "type": "string" + }, + "ports": { + "description": "Ports are not allowed for ephemeral containers.", + "items": { + "description": "ContainerPort represents a network port in a single container.", + "properties": { + "containerPort": { + "description": "Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536.", + "format": "int32", + "type": "integer" + }, + "hostIP": { + "description": "What host IP to bind the external port to.", + "type": "string" + }, + "hostPort": { + "description": "Number of port to expose on the host. If specified, this must be a valid port number, 0 < x < 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this.", + "format": "int32", + "type": "integer" + }, + "name": { + "description": "If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services.", + "type": "string" + }, + "protocol": { + "default": "TCP", + "description": "Protocol for port. Must be UDP, TCP, or SCTP. Defaults to \"TCP\".", + "type": "string" + } + }, + "required": [ + "containerPort" + ], + "type": "object" + }, + "type": "array", + "x-kubernetes-list-map-keys": [ + "containerPort", + "protocol" + ], + "x-kubernetes-list-type": "map" + }, + "readinessProbe": { + "description": "Probes are not allowed for ephemeral containers.", + "properties": { + "exec": { + "description": "Exec specifies the action to take.", + "properties": { + "command": { + "description": "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + }, + "failureThreshold": { + "description": "Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.", + "format": "int32", + "type": "integer" + }, + "grpc": { + "description": "GRPC specifies an action involving a GRPC port. This is an alpha field and requires enabling GRPCContainerProbe feature gate.", + "properties": { + "port": { + "description": "Port number of the gRPC service. Number must be in the range 1 to 65535.", + "format": "int32", + "type": "integer" + }, + "service": { + "description": "Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). \n If this is not specified, the default behavior is defined by gRPC.", + "type": "string" + } + }, + "required": [ + "port" + ], + "type": "object" + }, + "httpGet": { + "description": "HTTPGet specifies the http request to perform.", + "properties": { + "host": { + "description": "Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead.", + "type": "string" + }, + "httpHeaders": { + "description": "Custom headers to set in the request. HTTP allows repeated headers.", + "items": { + "description": "HTTPHeader describes a custom header to be used in HTTP probes", + "properties": { + "name": { + "description": "The header field name", + "type": "string" + }, + "value": { + "description": "The header field value", + "type": "string" + } + }, + "required": [ + "name", + "value" + ], + "type": "object" + }, + "type": "array" + }, + "path": { + "description": "Path to access on the HTTP server.", + "type": "string" + }, + "port": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "description": "Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.", + "x-kubernetes-int-or-string": true + }, + "scheme": { + "description": "Scheme to use for connecting to the host. Defaults to HTTP.", + "type": "string" + } + }, + "required": [ + "port" + ], + "type": "object" + }, + "initialDelaySeconds": { + "description": "Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes", + "format": "int32", + "type": "integer" + }, + "periodSeconds": { + "description": "How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1.", + "format": "int32", + "type": "integer" + }, + "successThreshold": { + "description": "Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1.", + "format": "int32", + "type": "integer" + }, + "tcpSocket": { + "description": "TCPSocket specifies an action involving a TCP port.", + "properties": { + "host": { + "description": "Optional: Host name to connect to, defaults to the pod IP.", + "type": "string" + }, + "port": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "description": "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.", + "x-kubernetes-int-or-string": true + } + }, + "required": [ + "port" + ], + "type": "object" + }, + "terminationGracePeriodSeconds": { + "description": "Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset.", + "format": "int64", + "type": "integer" + }, + "timeoutSeconds": { + "description": "Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes", + "format": "int32", + "type": "integer" + } + }, + "type": "object" + }, + "resources": { + "description": "Resources are not allowed for ephemeral containers. Ephemeral containers use spare resources already allocated to the pod.", + "properties": { + "limits": { + "additionalProperties": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "description": "Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/", + "type": "object" + }, + "requests": { + "additionalProperties": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "description": "Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/", + "type": "object" + } + }, + "type": "object" + }, + "securityContext": { + "description": "Optional: SecurityContext defines the security options the ephemeral container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext.", + "properties": { + "allowPrivilegeEscalation": { + "description": "AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN Note that this field cannot be set when spec.os.name is windows.", + "type": "boolean" + }, + "capabilities": { + "description": "The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. Note that this field cannot be set when spec.os.name is windows.", + "properties": { + "add": { + "description": "Added capabilities", + "items": { + "description": "Capability represent POSIX capabilities type", + "type": "string" + }, + "type": "array" + }, + "drop": { + "description": "Removed capabilities", + "items": { + "description": "Capability represent POSIX capabilities type", + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + }, + "privileged": { + "description": "Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. Note that this field cannot be set when spec.os.name is windows.", + "type": "boolean" + }, + "procMount": { + "description": "procMount denotes the type of proc mount to use for the containers. The default is DefaultProcMount which uses the container runtime defaults for readonly paths and masked paths. This requires the ProcMountType feature flag to be enabled. Note that this field cannot be set when spec.os.name is windows.", + "type": "string" + }, + "readOnlyRootFilesystem": { + "description": "Whether this container has a read-only root filesystem. Default is false. Note that this field cannot be set when spec.os.name is windows.", + "type": "boolean" + }, + "runAsGroup": { + "description": "The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows.", + "format": "int64", + "type": "integer" + }, + "runAsNonRoot": { + "description": "Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.", + "type": "boolean" + }, + "runAsUser": { + "description": "The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows.", + "format": "int64", + "type": "integer" + }, + "seLinuxOptions": { + "description": "The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows.", + "properties": { + "level": { + "description": "Level is SELinux level label that applies to the container.", + "type": "string" + }, + "role": { + "description": "Role is a SELinux role label that applies to the container.", + "type": "string" + }, + "type": { + "description": "Type is a SELinux type label that applies to the container.", + "type": "string" + }, + "user": { + "description": "User is a SELinux user label that applies to the container.", + "type": "string" + } + }, + "type": "object" + }, + "seccompProfile": { + "description": "The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows.", + "properties": { + "localhostProfile": { + "description": "localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must only be set if type is \"Localhost\".", + "type": "string" + }, + "type": { + "description": "type indicates which kind of seccomp profile will be applied. Valid options are: \n Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied.", + "type": "string" + } + }, + "required": [ + "type" + ], + "type": "object" + }, + "windowsOptions": { + "description": "The Windows specific settings applied to all containers. If unspecified, the options from the PodSecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is linux.", + "properties": { + "gmsaCredentialSpec": { + "description": "GMSACredentialSpec is where the GMSA admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the GMSA credential spec named by the GMSACredentialSpecName field.", + "type": "string" + }, + "gmsaCredentialSpecName": { + "description": "GMSACredentialSpecName is the name of the GMSA credential spec to use.", + "type": "string" + }, + "hostProcess": { + "description": "HostProcess determines if a container should be run as a 'Host Process' container. This field is alpha-level and will only be honored by components that enable the WindowsHostProcessContainers feature flag. Setting this field without the feature flag will result in errors when validating the Pod. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.", + "type": "boolean" + }, + "runAsUserName": { + "description": "The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.", + "type": "string" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "startupProbe": { + "description": "Probes are not allowed for ephemeral containers.", + "properties": { + "exec": { + "description": "Exec specifies the action to take.", + "properties": { + "command": { + "description": "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + }, + "failureThreshold": { + "description": "Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.", + "format": "int32", + "type": "integer" + }, + "grpc": { + "description": "GRPC specifies an action involving a GRPC port. This is an alpha field and requires enabling GRPCContainerProbe feature gate.", + "properties": { + "port": { + "description": "Port number of the gRPC service. Number must be in the range 1 to 65535.", + "format": "int32", + "type": "integer" + }, + "service": { + "description": "Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). \n If this is not specified, the default behavior is defined by gRPC.", + "type": "string" + } + }, + "required": [ + "port" + ], + "type": "object" + }, + "httpGet": { + "description": "HTTPGet specifies the http request to perform.", + "properties": { + "host": { + "description": "Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead.", + "type": "string" + }, + "httpHeaders": { + "description": "Custom headers to set in the request. HTTP allows repeated headers.", + "items": { + "description": "HTTPHeader describes a custom header to be used in HTTP probes", + "properties": { + "name": { + "description": "The header field name", + "type": "string" + }, + "value": { + "description": "The header field value", + "type": "string" + } + }, + "required": [ + "name", + "value" + ], + "type": "object" + }, + "type": "array" + }, + "path": { + "description": "Path to access on the HTTP server.", + "type": "string" + }, + "port": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "description": "Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.", + "x-kubernetes-int-or-string": true + }, + "scheme": { + "description": "Scheme to use for connecting to the host. Defaults to HTTP.", + "type": "string" + } + }, + "required": [ + "port" + ], + "type": "object" + }, + "initialDelaySeconds": { + "description": "Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes", + "format": "int32", + "type": "integer" + }, + "periodSeconds": { + "description": "How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1.", + "format": "int32", + "type": "integer" + }, + "successThreshold": { + "description": "Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1.", + "format": "int32", + "type": "integer" + }, + "tcpSocket": { + "description": "TCPSocket specifies an action involving a TCP port.", + "properties": { + "host": { + "description": "Optional: Host name to connect to, defaults to the pod IP.", + "type": "string" + }, + "port": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "description": "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.", + "x-kubernetes-int-or-string": true + } + }, + "required": [ + "port" + ], + "type": "object" + }, + "terminationGracePeriodSeconds": { + "description": "Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset.", + "format": "int64", + "type": "integer" + }, + "timeoutSeconds": { + "description": "Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes", + "format": "int32", + "type": "integer" + } + }, + "type": "object" + }, + "stdin": { + "description": "Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false.", + "type": "boolean" + }, + "stdinOnce": { + "description": "Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false", + "type": "boolean" + }, + "targetContainerName": { + "description": "If set, the name of the container from PodSpec that this ephemeral container targets. The ephemeral container will be run in the namespaces (IPC, PID, etc) of this container. If not set then the ephemeral container uses the namespaces configured in the Pod spec. \n The container runtime must implement support for this feature. If the runtime does not support namespace targeting then the result of setting this field is undefined.", + "type": "string" + }, + "terminationMessagePath": { + "description": "Optional: Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated.", + "type": "string" + }, + "terminationMessagePolicy": { + "description": "Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated.", + "type": "string" + }, + "tty": { + "description": "Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. Default is false.", + "type": "boolean" + }, + "volumeDevices": { + "description": "volumeDevices is the list of block devices to be used by the container.", + "items": { + "description": "volumeDevice describes a mapping of a raw block device within a container.", + "properties": { + "devicePath": { + "description": "devicePath is the path inside of the container that the device will be mapped to.", + "type": "string" + }, + "name": { + "description": "name must match the name of a persistentVolumeClaim in the pod", + "type": "string" + } + }, + "required": [ + "devicePath", + "name" + ], + "type": "object" + }, + "type": "array" + }, + "volumeMounts": { + "description": "Pod volumes to mount into the container's filesystem. Subpath mounts are not allowed for ephemeral containers. Cannot be updated.", + "items": { + "description": "VolumeMount describes a mounting of a Volume within a container.", + "properties": { + "mountPath": { + "description": "Path within the container at which the volume should be mounted. Must not contain ':'.", + "type": "string" + }, + "mountPropagation": { + "description": "mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationNone is used. This field is beta in 1.10.", + "type": "string" + }, + "name": { + "description": "This must match the Name of a Volume.", + "type": "string" + }, + "readOnly": { + "description": "Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false.", + "type": "boolean" + }, + "subPath": { + "description": "Path within the volume from which the container's volume should be mounted. Defaults to \"\" (volume's root).", + "type": "string" + }, + "subPathExpr": { + "description": "Expanded path within the volume from which the container's volume should be mounted. Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. Defaults to \"\" (volume's root). SubPathExpr and SubPath are mutually exclusive.", + "type": "string" + } + }, + "required": [ + "mountPath", + "name" + ], + "type": "object" + }, + "type": "array" + }, + "workingDir": { + "description": "Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated.", + "type": "string" + } + }, + "required": [ + "name" + ], + "type": "object" + }, + "type": "array" + }, + "group": { + "type": "string" + }, + "hostAliases": { + "items": { + "description": "HostAlias holds the mapping between IP and hostnames that will be injected as an entry in the pod's hosts file.", + "properties": { + "hostnames": { + "description": "Hostnames for the above IP address.", + "items": { + "type": "string" + }, + "type": "array" + }, + "ip": { + "description": "IP address of the host file entry.", + "type": "string" + } + }, + "type": "object" + }, + "type": "array" + }, + "image": { + "type": "string" + }, + "imagePullPolicy": { + "description": "PullPolicy describes a policy for if/when to pull a container image", + "type": "string" + }, + "imagePullSecrets": { + "items": { + "description": "LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace.", + "properties": { + "name": { + "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?", + "type": "string" + } + }, + "type": "object" + }, + "type": "array" + }, + "initContainers": { + "items": { + "description": "A single application container that you want to run within a pod.", + "properties": { + "args": { + "description": "Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell", + "items": { + "type": "string" + }, + "type": "array" + }, + "command": { + "description": "Entrypoint array. Not executed within a shell. The docker image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell", + "items": { + "type": "string" + }, + "type": "array" + }, + "env": { + "description": "List of environment variables to set in the container. Cannot be updated.", + "items": { + "description": "EnvVar represents an environment variable present in a Container.", + "properties": { + "name": { + "description": "Name of the environment variable. Must be a C_IDENTIFIER.", + "type": "string" + }, + "value": { + "description": "Variable references $(VAR_NAME) are expanded using the previously defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to \"\".", + "type": "string" + }, + "valueFrom": { + "description": "Source for the environment variable's value. Cannot be used if value is not empty.", + "properties": { + "configMapKeyRef": { + "description": "Selects a key of a ConfigMap.", + "properties": { + "key": { + "description": "The key to select.", + "type": "string" + }, + "name": { + "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?", + "type": "string" + }, + "optional": { + "description": "Specify whether the ConfigMap or its key must be defined", + "type": "boolean" + } + }, + "required": [ + "key" + ], + "type": "object" + }, + "fieldRef": { + "description": "Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs.", + "properties": { + "apiVersion": { + "description": "Version of the schema the FieldPath is written in terms of, defaults to \"v1\".", + "type": "string" + }, + "fieldPath": { + "description": "Path of the field to select in the specified API version.", + "type": "string" + } + }, + "required": [ + "fieldPath" + ], + "type": "object" + }, + "resourceFieldRef": { + "description": "Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported.", + "properties": { + "containerName": { + "description": "Container name: required for volumes, optional for env vars", + "type": "string" + }, + "divisor": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "description": "Specifies the output format of the exposed resources, defaults to \"1\"", + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "resource": { + "description": "Required: resource to select", + "type": "string" + } + }, + "required": [ + "resource" + ], + "type": "object" + }, + "secretKeyRef": { + "description": "Selects a key of a secret in the pod's namespace", + "properties": { + "key": { + "description": "The key of the secret to select from. Must be a valid secret key.", + "type": "string" + }, + "name": { + "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?", + "type": "string" + }, + "optional": { + "description": "Specify whether the Secret or its key must be defined", + "type": "boolean" + } + }, + "required": [ + "key" + ], + "type": "object" + } + }, + "type": "object" + } + }, + "required": [ + "name" + ], + "type": "object" + }, + "type": "array" + }, + "envFrom": { + "description": "List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated.", + "items": { + "description": "EnvFromSource represents the source of a set of ConfigMaps", + "properties": { + "configMapRef": { + "description": "The ConfigMap to select from", + "properties": { + "name": { + "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?", + "type": "string" + }, + "optional": { + "description": "Specify whether the ConfigMap must be defined", + "type": "boolean" + } + }, + "type": "object" + }, + "prefix": { + "description": "An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER.", + "type": "string" + }, + "secretRef": { + "description": "The Secret to select from", + "properties": { + "name": { + "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?", + "type": "string" + }, + "optional": { + "description": "Specify whether the Secret must be defined", + "type": "boolean" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "type": "array" + }, + "image": { + "description": "Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images This field is optional to allow higher level config management to default or override container images in workload controllers like Deployments and StatefulSets.", + "type": "string" + }, + "imagePullPolicy": { + "description": "Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images", + "type": "string" + }, + "lifecycle": { + "description": "Actions that the management system should take in response to container lifecycle events. Cannot be updated.", + "properties": { + "postStart": { + "description": "PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks", + "properties": { + "exec": { + "description": "Exec specifies the action to take.", + "properties": { + "command": { + "description": "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + }, + "httpGet": { + "description": "HTTPGet specifies the http request to perform.", + "properties": { + "host": { + "description": "Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead.", + "type": "string" + }, + "httpHeaders": { + "description": "Custom headers to set in the request. HTTP allows repeated headers.", + "items": { + "description": "HTTPHeader describes a custom header to be used in HTTP probes", + "properties": { + "name": { + "description": "The header field name", + "type": "string" + }, + "value": { + "description": "The header field value", + "type": "string" + } + }, + "required": [ + "name", + "value" + ], + "type": "object" + }, + "type": "array" + }, + "path": { + "description": "Path to access on the HTTP server.", + "type": "string" + }, + "port": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "description": "Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.", + "x-kubernetes-int-or-string": true + }, + "scheme": { + "description": "Scheme to use for connecting to the host. Defaults to HTTP.", + "type": "string" + } + }, + "required": [ + "port" + ], + "type": "object" + }, + "tcpSocket": { + "description": "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified.", + "properties": { + "host": { + "description": "Optional: Host name to connect to, defaults to the pod IP.", + "type": "string" + }, + "port": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "description": "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.", + "x-kubernetes-int-or-string": true + } + }, + "required": [ + "port" + ], + "type": "object" + } + }, + "type": "object" + }, + "preStop": { + "description": "PreStop is called immediately before a container is terminated due to an API request or management event such as liveness/startup probe failure, preemption, resource contention, etc. The handler is not called if the container crashes or exits. The Pod's termination grace period countdown begins before the PreStop hook is executed. Regardless of the outcome of the handler, the container will eventually terminate within the Pod's termination grace period (unless delayed by finalizers). Other management of the container blocks until the hook completes or until the termination grace period is reached. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks", + "properties": { + "exec": { + "description": "Exec specifies the action to take.", + "properties": { + "command": { + "description": "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + }, + "httpGet": { + "description": "HTTPGet specifies the http request to perform.", + "properties": { + "host": { + "description": "Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead.", + "type": "string" + }, + "httpHeaders": { + "description": "Custom headers to set in the request. HTTP allows repeated headers.", + "items": { + "description": "HTTPHeader describes a custom header to be used in HTTP probes", + "properties": { + "name": { + "description": "The header field name", + "type": "string" + }, + "value": { + "description": "The header field value", + "type": "string" + } + }, + "required": [ + "name", + "value" + ], + "type": "object" + }, + "type": "array" + }, + "path": { + "description": "Path to access on the HTTP server.", + "type": "string" + }, + "port": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "description": "Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.", + "x-kubernetes-int-or-string": true + }, + "scheme": { + "description": "Scheme to use for connecting to the host. Defaults to HTTP.", + "type": "string" + } + }, + "required": [ + "port" + ], + "type": "object" + }, + "tcpSocket": { + "description": "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified.", + "properties": { + "host": { + "description": "Optional: Host name to connect to, defaults to the pod IP.", + "type": "string" + }, + "port": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "description": "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.", + "x-kubernetes-int-or-string": true + } + }, + "required": [ + "port" + ], + "type": "object" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "livenessProbe": { + "description": "Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes", + "properties": { + "exec": { + "description": "Exec specifies the action to take.", + "properties": { + "command": { + "description": "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + }, + "failureThreshold": { + "description": "Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.", + "format": "int32", + "type": "integer" + }, + "grpc": { + "description": "GRPC specifies an action involving a GRPC port. This is an alpha field and requires enabling GRPCContainerProbe feature gate.", + "properties": { + "port": { + "description": "Port number of the gRPC service. Number must be in the range 1 to 65535.", + "format": "int32", + "type": "integer" + }, + "service": { + "description": "Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). \n If this is not specified, the default behavior is defined by gRPC.", + "type": "string" + } + }, + "required": [ + "port" + ], + "type": "object" + }, + "httpGet": { + "description": "HTTPGet specifies the http request to perform.", + "properties": { + "host": { + "description": "Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead.", + "type": "string" + }, + "httpHeaders": { + "description": "Custom headers to set in the request. HTTP allows repeated headers.", + "items": { + "description": "HTTPHeader describes a custom header to be used in HTTP probes", + "properties": { + "name": { + "description": "The header field name", + "type": "string" + }, + "value": { + "description": "The header field value", + "type": "string" + } + }, + "required": [ + "name", + "value" + ], + "type": "object" + }, + "type": "array" + }, + "path": { + "description": "Path to access on the HTTP server.", + "type": "string" + }, + "port": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "description": "Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.", + "x-kubernetes-int-or-string": true + }, + "scheme": { + "description": "Scheme to use for connecting to the host. Defaults to HTTP.", + "type": "string" + } + }, + "required": [ + "port" + ], + "type": "object" + }, + "initialDelaySeconds": { + "description": "Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes", + "format": "int32", + "type": "integer" + }, + "periodSeconds": { + "description": "How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1.", + "format": "int32", + "type": "integer" + }, + "successThreshold": { + "description": "Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1.", + "format": "int32", + "type": "integer" + }, + "tcpSocket": { + "description": "TCPSocket specifies an action involving a TCP port.", + "properties": { + "host": { + "description": "Optional: Host name to connect to, defaults to the pod IP.", + "type": "string" + }, + "port": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "description": "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.", + "x-kubernetes-int-or-string": true + } + }, + "required": [ + "port" + ], + "type": "object" + }, + "terminationGracePeriodSeconds": { + "description": "Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset.", + "format": "int64", + "type": "integer" + }, + "timeoutSeconds": { + "description": "Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes", + "format": "int32", + "type": "integer" + } + }, + "type": "object" + }, + "name": { + "description": "Name of the container specified as a DNS_LABEL. Each container in a pod must have a unique name (DNS_LABEL). Cannot be updated.", + "type": "string" + }, + "ports": { + "description": "List of ports to expose from the container. Exposing a port here gives the system additional information about the network connections a container uses, but is primarily informational. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default \"0.0.0.0\" address inside a container will be accessible from the network. Cannot be updated.", + "items": { + "description": "ContainerPort represents a network port in a single container.", + "properties": { + "containerPort": { + "description": "Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536.", + "format": "int32", + "type": "integer" + }, + "hostIP": { + "description": "What host IP to bind the external port to.", + "type": "string" + }, + "hostPort": { + "description": "Number of port to expose on the host. If specified, this must be a valid port number, 0 < x < 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this.", + "format": "int32", + "type": "integer" + }, + "name": { + "description": "If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services.", + "type": "string" + }, + "protocol": { + "default": "TCP", + "description": "Protocol for port. Must be UDP, TCP, or SCTP. Defaults to \"TCP\".", + "type": "string" + } + }, + "required": [ + "containerPort" + ], + "type": "object" + }, + "type": "array", + "x-kubernetes-list-map-keys": [ + "containerPort", + "protocol" + ], + "x-kubernetes-list-type": "map" + }, + "readinessProbe": { + "description": "Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes", + "properties": { + "exec": { + "description": "Exec specifies the action to take.", + "properties": { + "command": { + "description": "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + }, + "failureThreshold": { + "description": "Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.", + "format": "int32", + "type": "integer" + }, + "grpc": { + "description": "GRPC specifies an action involving a GRPC port. This is an alpha field and requires enabling GRPCContainerProbe feature gate.", + "properties": { + "port": { + "description": "Port number of the gRPC service. Number must be in the range 1 to 65535.", + "format": "int32", + "type": "integer" + }, + "service": { + "description": "Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). \n If this is not specified, the default behavior is defined by gRPC.", + "type": "string" + } + }, + "required": [ + "port" + ], + "type": "object" + }, + "httpGet": { + "description": "HTTPGet specifies the http request to perform.", + "properties": { + "host": { + "description": "Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead.", + "type": "string" + }, + "httpHeaders": { + "description": "Custom headers to set in the request. HTTP allows repeated headers.", + "items": { + "description": "HTTPHeader describes a custom header to be used in HTTP probes", + "properties": { + "name": { + "description": "The header field name", + "type": "string" + }, + "value": { + "description": "The header field value", + "type": "string" + } + }, + "required": [ + "name", + "value" + ], + "type": "object" + }, + "type": "array" + }, + "path": { + "description": "Path to access on the HTTP server.", + "type": "string" + }, + "port": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "description": "Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.", + "x-kubernetes-int-or-string": true + }, + "scheme": { + "description": "Scheme to use for connecting to the host. Defaults to HTTP.", + "type": "string" + } + }, + "required": [ + "port" + ], + "type": "object" + }, + "initialDelaySeconds": { + "description": "Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes", + "format": "int32", + "type": "integer" + }, + "periodSeconds": { + "description": "How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1.", + "format": "int32", + "type": "integer" + }, + "successThreshold": { + "description": "Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1.", + "format": "int32", + "type": "integer" + }, + "tcpSocket": { + "description": "TCPSocket specifies an action involving a TCP port.", + "properties": { + "host": { + "description": "Optional: Host name to connect to, defaults to the pod IP.", + "type": "string" + }, + "port": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "description": "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.", + "x-kubernetes-int-or-string": true + } + }, + "required": [ + "port" + ], + "type": "object" + }, + "terminationGracePeriodSeconds": { + "description": "Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset.", + "format": "int64", + "type": "integer" + }, + "timeoutSeconds": { + "description": "Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes", + "format": "int32", + "type": "integer" + } + }, + "type": "object" + }, + "resources": { + "description": "Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/", + "properties": { + "limits": { + "additionalProperties": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "description": "Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/", + "type": "object" + }, + "requests": { + "additionalProperties": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "description": "Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/", + "type": "object" + } + }, + "type": "object" + }, + "securityContext": { + "description": "SecurityContext defines the security options the container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/", + "properties": { + "allowPrivilegeEscalation": { + "description": "AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN Note that this field cannot be set when spec.os.name is windows.", + "type": "boolean" + }, + "capabilities": { + "description": "The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. Note that this field cannot be set when spec.os.name is windows.", + "properties": { + "add": { + "description": "Added capabilities", + "items": { + "description": "Capability represent POSIX capabilities type", + "type": "string" + }, + "type": "array" + }, + "drop": { + "description": "Removed capabilities", + "items": { + "description": "Capability represent POSIX capabilities type", + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + }, + "privileged": { + "description": "Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. Note that this field cannot be set when spec.os.name is windows.", + "type": "boolean" + }, + "procMount": { + "description": "procMount denotes the type of proc mount to use for the containers. The default is DefaultProcMount which uses the container runtime defaults for readonly paths and masked paths. This requires the ProcMountType feature flag to be enabled. Note that this field cannot be set when spec.os.name is windows.", + "type": "string" + }, + "readOnlyRootFilesystem": { + "description": "Whether this container has a read-only root filesystem. Default is false. Note that this field cannot be set when spec.os.name is windows.", + "type": "boolean" + }, + "runAsGroup": { + "description": "The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows.", + "format": "int64", + "type": "integer" + }, + "runAsNonRoot": { + "description": "Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.", + "type": "boolean" + }, + "runAsUser": { + "description": "The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows.", + "format": "int64", + "type": "integer" + }, + "seLinuxOptions": { + "description": "The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows.", + "properties": { + "level": { + "description": "Level is SELinux level label that applies to the container.", + "type": "string" + }, + "role": { + "description": "Role is a SELinux role label that applies to the container.", + "type": "string" + }, + "type": { + "description": "Type is a SELinux type label that applies to the container.", + "type": "string" + }, + "user": { + "description": "User is a SELinux user label that applies to the container.", + "type": "string" + } + }, + "type": "object" + }, + "seccompProfile": { + "description": "The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows.", + "properties": { + "localhostProfile": { + "description": "localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must only be set if type is \"Localhost\".", + "type": "string" + }, + "type": { + "description": "type indicates which kind of seccomp profile will be applied. Valid options are: \n Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied.", + "type": "string" + } + }, + "required": [ + "type" + ], + "type": "object" + }, + "windowsOptions": { + "description": "The Windows specific settings applied to all containers. If unspecified, the options from the PodSecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is linux.", + "properties": { + "gmsaCredentialSpec": { + "description": "GMSACredentialSpec is where the GMSA admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the GMSA credential spec named by the GMSACredentialSpecName field.", + "type": "string" + }, + "gmsaCredentialSpecName": { + "description": "GMSACredentialSpecName is the name of the GMSA credential spec to use.", + "type": "string" + }, + "hostProcess": { + "description": "HostProcess determines if a container should be run as a 'Host Process' container. This field is alpha-level and will only be honored by components that enable the WindowsHostProcessContainers feature flag. Setting this field without the feature flag will result in errors when validating the Pod. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.", + "type": "boolean" + }, + "runAsUserName": { + "description": "The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.", + "type": "string" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "startupProbe": { + "description": "StartupProbe indicates that the Pod has successfully initialized. If specified, no other probes are executed until this completes successfully. If this probe fails, the Pod will be restarted, just as if the livenessProbe failed. This can be used to provide different probe parameters at the beginning of a Pod's lifecycle, when it might take a long time to load data or warm a cache, than during steady-state operation. This cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes", + "properties": { + "exec": { + "description": "Exec specifies the action to take.", + "properties": { + "command": { + "description": "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + }, + "failureThreshold": { + "description": "Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.", + "format": "int32", + "type": "integer" + }, + "grpc": { + "description": "GRPC specifies an action involving a GRPC port. This is an alpha field and requires enabling GRPCContainerProbe feature gate.", + "properties": { + "port": { + "description": "Port number of the gRPC service. Number must be in the range 1 to 65535.", + "format": "int32", + "type": "integer" + }, + "service": { + "description": "Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). \n If this is not specified, the default behavior is defined by gRPC.", + "type": "string" + } + }, + "required": [ + "port" + ], + "type": "object" + }, + "httpGet": { + "description": "HTTPGet specifies the http request to perform.", + "properties": { + "host": { + "description": "Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead.", + "type": "string" + }, + "httpHeaders": { + "description": "Custom headers to set in the request. HTTP allows repeated headers.", + "items": { + "description": "HTTPHeader describes a custom header to be used in HTTP probes", + "properties": { + "name": { + "description": "The header field name", + "type": "string" + }, + "value": { + "description": "The header field value", + "type": "string" + } + }, + "required": [ + "name", + "value" + ], + "type": "object" + }, + "type": "array" + }, + "path": { + "description": "Path to access on the HTTP server.", + "type": "string" + }, + "port": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "description": "Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.", + "x-kubernetes-int-or-string": true + }, + "scheme": { + "description": "Scheme to use for connecting to the host. Defaults to HTTP.", + "type": "string" + } + }, + "required": [ + "port" + ], + "type": "object" + }, + "initialDelaySeconds": { + "description": "Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes", + "format": "int32", + "type": "integer" + }, + "periodSeconds": { + "description": "How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1.", + "format": "int32", + "type": "integer" + }, + "successThreshold": { + "description": "Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1.", + "format": "int32", + "type": "integer" + }, + "tcpSocket": { + "description": "TCPSocket specifies an action involving a TCP port.", + "properties": { + "host": { + "description": "Optional: Host name to connect to, defaults to the pod IP.", + "type": "string" + }, + "port": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "description": "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.", + "x-kubernetes-int-or-string": true + } + }, + "required": [ + "port" + ], + "type": "object" + }, + "terminationGracePeriodSeconds": { + "description": "Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset.", + "format": "int64", + "type": "integer" + }, + "timeoutSeconds": { + "description": "Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes", + "format": "int32", + "type": "integer" + } + }, + "type": "object" + }, + "stdin": { + "description": "Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false.", + "type": "boolean" + }, + "stdinOnce": { + "description": "Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false", + "type": "boolean" + }, + "terminationMessagePath": { + "description": "Optional: Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated.", + "type": "string" + }, + "terminationMessagePolicy": { + "description": "Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated.", + "type": "string" + }, + "tty": { + "description": "Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. Default is false.", + "type": "boolean" + }, + "volumeDevices": { + "description": "volumeDevices is the list of block devices to be used by the container.", + "items": { + "description": "volumeDevice describes a mapping of a raw block device within a container.", + "properties": { + "devicePath": { + "description": "devicePath is the path inside of the container that the device will be mapped to.", + "type": "string" + }, + "name": { + "description": "name must match the name of a persistentVolumeClaim in the pod", + "type": "string" + } + }, + "required": [ + "devicePath", + "name" + ], + "type": "object" + }, + "type": "array" + }, + "volumeMounts": { + "description": "Pod volumes to mount into the container's filesystem. Cannot be updated.", + "items": { + "description": "VolumeMount describes a mounting of a Volume within a container.", + "properties": { + "mountPath": { + "description": "Path within the container at which the volume should be mounted. Must not contain ':'.", + "type": "string" + }, + "mountPropagation": { + "description": "mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationNone is used. This field is beta in 1.10.", + "type": "string" + }, + "name": { + "description": "This must match the Name of a Volume.", + "type": "string" + }, + "readOnly": { + "description": "Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false.", + "type": "boolean" + }, + "subPath": { + "description": "Path within the volume from which the container's volume should be mounted. Defaults to \"\" (volume's root).", + "type": "string" + }, + "subPathExpr": { + "description": "Expanded path within the volume from which the container's volume should be mounted. Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. Defaults to \"\" (volume's root). SubPathExpr and SubPath are mutually exclusive.", + "type": "string" + } + }, + "required": [ + "mountPath", + "name" + ], + "type": "object" + }, + "type": "array" + }, + "workingDir": { + "description": "Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated.", + "type": "string" + } + }, + "required": [ + "name" + ], + "type": "object" + }, + "type": "array" + }, + "labels": { + "items": { + "type": "string" + }, + "type": "array" + }, + "nodeSelector": { + "additionalProperties": { + "type": "string" + }, + "type": "object" + }, + "organization": { + "pattern": "^[^/]+$", + "type": "string" + }, + "repository": { + "pattern": "^[^/]+/[^/]+$", + "type": "string" + }, + "resources": { + "description": "ResourceRequirements describes the compute resource requirements.", + "properties": { + "limits": { + "additionalProperties": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "description": "Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/", + "type": "object" + }, + "requests": { + "additionalProperties": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "description": "Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/", + "type": "object" + } + }, + "type": "object" + }, + "runtimeClassName": { + "description": "RuntimeClassName is the container runtime configuration that containers should run under. More info: https://kubernetes.io/docs/concepts/containers/runtime-class", + "type": "string" + }, + "securityContext": { + "description": "PodSecurityContext holds pod-level security attributes and common container settings. Some fields are also present in container.securityContext. Field values of container.securityContext take precedence over field values of PodSecurityContext.", + "properties": { + "fsGroup": { + "description": "A special supplemental group that applies to all containers in a pod. Some volume types allow the Kubelet to change the ownership of that volume to be owned by the pod: \n 1. The owning GID will be the FSGroup 2. The setgid bit is set (new files created in the volume will be owned by FSGroup) 3. The permission bits are OR'd with rw-rw---- \n If unset, the Kubelet will not modify the ownership and permissions of any volume. Note that this field cannot be set when spec.os.name is windows.", + "format": "int64", + "type": "integer" + }, + "fsGroupChangePolicy": { + "description": "fsGroupChangePolicy defines behavior of changing ownership and permission of the volume before being exposed inside Pod. This field will only apply to volume types which support fsGroup based ownership(and permissions). It will have no effect on ephemeral volume types such as: secret, configmaps and emptydir. Valid values are \"OnRootMismatch\" and \"Always\". If not specified, \"Always\" is used. Note that this field cannot be set when spec.os.name is windows.", + "type": "string" + }, + "runAsGroup": { + "description": "The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container. Note that this field cannot be set when spec.os.name is windows.", + "format": "int64", + "type": "integer" + }, + "runAsNonRoot": { + "description": "Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.", + "type": "boolean" + }, + "runAsUser": { + "description": "The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container. Note that this field cannot be set when spec.os.name is windows.", + "format": "int64", + "type": "integer" + }, + "seLinuxOptions": { + "description": "The SELinux context to be applied to all containers. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container. Note that this field cannot be set when spec.os.name is windows.", + "properties": { + "level": { + "description": "Level is SELinux level label that applies to the container.", + "type": "string" + }, + "role": { + "description": "Role is a SELinux role label that applies to the container.", + "type": "string" + }, + "type": { + "description": "Type is a SELinux type label that applies to the container.", + "type": "string" + }, + "user": { + "description": "User is a SELinux user label that applies to the container.", + "type": "string" + } + }, + "type": "object" + }, + "seccompProfile": { + "description": "The seccomp options to use by the containers in this pod. Note that this field cannot be set when spec.os.name is windows.", + "properties": { + "localhostProfile": { + "description": "localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must only be set if type is \"Localhost\".", + "type": "string" + }, + "type": { + "description": "type indicates which kind of seccomp profile will be applied. Valid options are: \n Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied.", + "type": "string" + } + }, + "required": [ + "type" + ], + "type": "object" + }, + "supplementalGroups": { + "description": "A list of groups applied to the first process run in each container, in addition to the container's primary GID. If unspecified, no groups will be added to any container. Note that this field cannot be set when spec.os.name is windows.", + "items": { + "format": "int64", + "type": "integer" + }, + "type": "array" + }, + "sysctls": { + "description": "Sysctls hold a list of namespaced sysctls used for the pod. Pods with unsupported sysctls (by the container runtime) might fail to launch. Note that this field cannot be set when spec.os.name is windows.", + "items": { + "description": "Sysctl defines a kernel parameter to be set", + "properties": { + "name": { + "description": "Name of a property to set", + "type": "string" + }, + "value": { + "description": "Value of a property to set", + "type": "string" + } + }, + "required": [ + "name", + "value" + ], + "type": "object" + }, + "type": "array" + }, + "windowsOptions": { + "description": "The Windows specific settings applied to all containers. If unspecified, the options within a container's SecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is linux.", + "properties": { + "gmsaCredentialSpec": { + "description": "GMSACredentialSpec is where the GMSA admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the GMSA credential spec named by the GMSACredentialSpecName field.", + "type": "string" + }, + "gmsaCredentialSpecName": { + "description": "GMSACredentialSpecName is the name of the GMSA credential spec to use.", + "type": "string" + }, + "hostProcess": { + "description": "HostProcess determines if a container should be run as a 'Host Process' container. This field is alpha-level and will only be honored by components that enable the WindowsHostProcessContainers feature flag. Setting this field without the feature flag will result in errors when validating the Pod. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.", + "type": "boolean" + }, + "runAsUserName": { + "description": "The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.", + "type": "string" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "serviceAccountName": { + "type": "string" + }, + "sidecarContainers": { + "items": { + "description": "A single application container that you want to run within a pod.", + "properties": { + "args": { + "description": "Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell", + "items": { + "type": "string" + }, + "type": "array" + }, + "command": { + "description": "Entrypoint array. Not executed within a shell. The docker image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell", + "items": { + "type": "string" + }, + "type": "array" + }, + "env": { + "description": "List of environment variables to set in the container. Cannot be updated.", + "items": { + "description": "EnvVar represents an environment variable present in a Container.", + "properties": { + "name": { + "description": "Name of the environment variable. Must be a C_IDENTIFIER.", + "type": "string" + }, + "value": { + "description": "Variable references $(VAR_NAME) are expanded using the previously defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to \"\".", + "type": "string" + }, + "valueFrom": { + "description": "Source for the environment variable's value. Cannot be used if value is not empty.", + "properties": { + "configMapKeyRef": { + "description": "Selects a key of a ConfigMap.", + "properties": { + "key": { + "description": "The key to select.", + "type": "string" + }, + "name": { + "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?", + "type": "string" + }, + "optional": { + "description": "Specify whether the ConfigMap or its key must be defined", + "type": "boolean" + } + }, + "required": [ + "key" + ], + "type": "object" + }, + "fieldRef": { + "description": "Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs.", + "properties": { + "apiVersion": { + "description": "Version of the schema the FieldPath is written in terms of, defaults to \"v1\".", + "type": "string" + }, + "fieldPath": { + "description": "Path of the field to select in the specified API version.", + "type": "string" + } + }, + "required": [ + "fieldPath" + ], + "type": "object" + }, + "resourceFieldRef": { + "description": "Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported.", + "properties": { + "containerName": { + "description": "Container name: required for volumes, optional for env vars", + "type": "string" + }, + "divisor": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "description": "Specifies the output format of the exposed resources, defaults to \"1\"", + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "resource": { + "description": "Required: resource to select", + "type": "string" + } + }, + "required": [ + "resource" + ], + "type": "object" + }, + "secretKeyRef": { + "description": "Selects a key of a secret in the pod's namespace", + "properties": { + "key": { + "description": "The key of the secret to select from. Must be a valid secret key.", + "type": "string" + }, + "name": { + "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?", + "type": "string" + }, + "optional": { + "description": "Specify whether the Secret or its key must be defined", + "type": "boolean" + } + }, + "required": [ + "key" + ], + "type": "object" + } + }, + "type": "object" + } + }, + "required": [ + "name" + ], + "type": "object" + }, + "type": "array" + }, + "envFrom": { + "description": "List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated.", + "items": { + "description": "EnvFromSource represents the source of a set of ConfigMaps", + "properties": { + "configMapRef": { + "description": "The ConfigMap to select from", + "properties": { + "name": { + "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?", + "type": "string" + }, + "optional": { + "description": "Specify whether the ConfigMap must be defined", + "type": "boolean" + } + }, + "type": "object" + }, + "prefix": { + "description": "An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER.", + "type": "string" + }, + "secretRef": { + "description": "The Secret to select from", + "properties": { + "name": { + "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?", + "type": "string" + }, + "optional": { + "description": "Specify whether the Secret must be defined", + "type": "boolean" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "type": "array" + }, + "image": { + "description": "Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images This field is optional to allow higher level config management to default or override container images in workload controllers like Deployments and StatefulSets.", + "type": "string" + }, + "imagePullPolicy": { + "description": "Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images", + "type": "string" + }, + "lifecycle": { + "description": "Actions that the management system should take in response to container lifecycle events. Cannot be updated.", + "properties": { + "postStart": { + "description": "PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks", + "properties": { + "exec": { + "description": "Exec specifies the action to take.", + "properties": { + "command": { + "description": "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + }, + "httpGet": { + "description": "HTTPGet specifies the http request to perform.", + "properties": { + "host": { + "description": "Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead.", + "type": "string" + }, + "httpHeaders": { + "description": "Custom headers to set in the request. HTTP allows repeated headers.", + "items": { + "description": "HTTPHeader describes a custom header to be used in HTTP probes", + "properties": { + "name": { + "description": "The header field name", + "type": "string" + }, + "value": { + "description": "The header field value", + "type": "string" + } + }, + "required": [ + "name", + "value" + ], + "type": "object" + }, + "type": "array" + }, + "path": { + "description": "Path to access on the HTTP server.", + "type": "string" + }, + "port": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "description": "Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.", + "x-kubernetes-int-or-string": true + }, + "scheme": { + "description": "Scheme to use for connecting to the host. Defaults to HTTP.", + "type": "string" + } + }, + "required": [ + "port" + ], + "type": "object" + }, + "tcpSocket": { + "description": "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified.", + "properties": { + "host": { + "description": "Optional: Host name to connect to, defaults to the pod IP.", + "type": "string" + }, + "port": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "description": "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.", + "x-kubernetes-int-or-string": true + } + }, + "required": [ + "port" + ], + "type": "object" + } + }, + "type": "object" + }, + "preStop": { + "description": "PreStop is called immediately before a container is terminated due to an API request or management event such as liveness/startup probe failure, preemption, resource contention, etc. The handler is not called if the container crashes or exits. The Pod's termination grace period countdown begins before the PreStop hook is executed. Regardless of the outcome of the handler, the container will eventually terminate within the Pod's termination grace period (unless delayed by finalizers). Other management of the container blocks until the hook completes or until the termination grace period is reached. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks", + "properties": { + "exec": { + "description": "Exec specifies the action to take.", + "properties": { + "command": { + "description": "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + }, + "httpGet": { + "description": "HTTPGet specifies the http request to perform.", + "properties": { + "host": { + "description": "Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead.", + "type": "string" + }, + "httpHeaders": { + "description": "Custom headers to set in the request. HTTP allows repeated headers.", + "items": { + "description": "HTTPHeader describes a custom header to be used in HTTP probes", + "properties": { + "name": { + "description": "The header field name", + "type": "string" + }, + "value": { + "description": "The header field value", + "type": "string" + } + }, + "required": [ + "name", + "value" + ], + "type": "object" + }, + "type": "array" + }, + "path": { + "description": "Path to access on the HTTP server.", + "type": "string" + }, + "port": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "description": "Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.", + "x-kubernetes-int-or-string": true + }, + "scheme": { + "description": "Scheme to use for connecting to the host. Defaults to HTTP.", + "type": "string" + } + }, + "required": [ + "port" + ], + "type": "object" + }, + "tcpSocket": { + "description": "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified.", + "properties": { + "host": { + "description": "Optional: Host name to connect to, defaults to the pod IP.", + "type": "string" + }, + "port": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "description": "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.", + "x-kubernetes-int-or-string": true + } + }, + "required": [ + "port" + ], + "type": "object" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "livenessProbe": { + "description": "Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes", + "properties": { + "exec": { + "description": "Exec specifies the action to take.", + "properties": { + "command": { + "description": "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + }, + "failureThreshold": { + "description": "Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.", + "format": "int32", + "type": "integer" + }, + "grpc": { + "description": "GRPC specifies an action involving a GRPC port. This is an alpha field and requires enabling GRPCContainerProbe feature gate.", + "properties": { + "port": { + "description": "Port number of the gRPC service. Number must be in the range 1 to 65535.", + "format": "int32", + "type": "integer" + }, + "service": { + "description": "Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). \n If this is not specified, the default behavior is defined by gRPC.", + "type": "string" + } + }, + "required": [ + "port" + ], + "type": "object" + }, + "httpGet": { + "description": "HTTPGet specifies the http request to perform.", + "properties": { + "host": { + "description": "Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead.", + "type": "string" + }, + "httpHeaders": { + "description": "Custom headers to set in the request. HTTP allows repeated headers.", + "items": { + "description": "HTTPHeader describes a custom header to be used in HTTP probes", + "properties": { + "name": { + "description": "The header field name", + "type": "string" + }, + "value": { + "description": "The header field value", + "type": "string" + } + }, + "required": [ + "name", + "value" + ], + "type": "object" + }, + "type": "array" + }, + "path": { + "description": "Path to access on the HTTP server.", + "type": "string" + }, + "port": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "description": "Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.", + "x-kubernetes-int-or-string": true + }, + "scheme": { + "description": "Scheme to use for connecting to the host. Defaults to HTTP.", + "type": "string" + } + }, + "required": [ + "port" + ], + "type": "object" + }, + "initialDelaySeconds": { + "description": "Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes", + "format": "int32", + "type": "integer" + }, + "periodSeconds": { + "description": "How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1.", + "format": "int32", + "type": "integer" + }, + "successThreshold": { + "description": "Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1.", + "format": "int32", + "type": "integer" + }, + "tcpSocket": { + "description": "TCPSocket specifies an action involving a TCP port.", + "properties": { + "host": { + "description": "Optional: Host name to connect to, defaults to the pod IP.", + "type": "string" + }, + "port": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "description": "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.", + "x-kubernetes-int-or-string": true + } + }, + "required": [ + "port" + ], + "type": "object" + }, + "terminationGracePeriodSeconds": { + "description": "Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset.", + "format": "int64", + "type": "integer" + }, + "timeoutSeconds": { + "description": "Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes", + "format": "int32", + "type": "integer" + } + }, + "type": "object" + }, + "name": { + "description": "Name of the container specified as a DNS_LABEL. Each container in a pod must have a unique name (DNS_LABEL). Cannot be updated.", + "type": "string" + }, + "ports": { + "description": "List of ports to expose from the container. Exposing a port here gives the system additional information about the network connections a container uses, but is primarily informational. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default \"0.0.0.0\" address inside a container will be accessible from the network. Cannot be updated.", + "items": { + "description": "ContainerPort represents a network port in a single container.", + "properties": { + "containerPort": { + "description": "Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536.", + "format": "int32", + "type": "integer" + }, + "hostIP": { + "description": "What host IP to bind the external port to.", + "type": "string" + }, + "hostPort": { + "description": "Number of port to expose on the host. If specified, this must be a valid port number, 0 < x < 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this.", + "format": "int32", + "type": "integer" + }, + "name": { + "description": "If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services.", + "type": "string" + }, + "protocol": { + "default": "TCP", + "description": "Protocol for port. Must be UDP, TCP, or SCTP. Defaults to \"TCP\".", + "type": "string" + } + }, + "required": [ + "containerPort" + ], + "type": "object" + }, + "type": "array", + "x-kubernetes-list-map-keys": [ + "containerPort", + "protocol" + ], + "x-kubernetes-list-type": "map" + }, + "readinessProbe": { + "description": "Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes", + "properties": { + "exec": { + "description": "Exec specifies the action to take.", + "properties": { + "command": { + "description": "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + }, + "failureThreshold": { + "description": "Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.", + "format": "int32", + "type": "integer" + }, + "grpc": { + "description": "GRPC specifies an action involving a GRPC port. This is an alpha field and requires enabling GRPCContainerProbe feature gate.", + "properties": { + "port": { + "description": "Port number of the gRPC service. Number must be in the range 1 to 65535.", + "format": "int32", + "type": "integer" + }, + "service": { + "description": "Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). \n If this is not specified, the default behavior is defined by gRPC.", + "type": "string" + } + }, + "required": [ + "port" + ], + "type": "object" + }, + "httpGet": { + "description": "HTTPGet specifies the http request to perform.", + "properties": { + "host": { + "description": "Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead.", + "type": "string" + }, + "httpHeaders": { + "description": "Custom headers to set in the request. HTTP allows repeated headers.", + "items": { + "description": "HTTPHeader describes a custom header to be used in HTTP probes", + "properties": { + "name": { + "description": "The header field name", + "type": "string" + }, + "value": { + "description": "The header field value", + "type": "string" + } + }, + "required": [ + "name", + "value" + ], + "type": "object" + }, + "type": "array" + }, + "path": { + "description": "Path to access on the HTTP server.", + "type": "string" + }, + "port": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "description": "Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.", + "x-kubernetes-int-or-string": true + }, + "scheme": { + "description": "Scheme to use for connecting to the host. Defaults to HTTP.", + "type": "string" + } + }, + "required": [ + "port" + ], + "type": "object" + }, + "initialDelaySeconds": { + "description": "Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes", + "format": "int32", + "type": "integer" + }, + "periodSeconds": { + "description": "How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1.", + "format": "int32", + "type": "integer" + }, + "successThreshold": { + "description": "Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1.", + "format": "int32", + "type": "integer" + }, + "tcpSocket": { + "description": "TCPSocket specifies an action involving a TCP port.", + "properties": { + "host": { + "description": "Optional: Host name to connect to, defaults to the pod IP.", + "type": "string" + }, + "port": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "description": "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.", + "x-kubernetes-int-or-string": true + } + }, + "required": [ + "port" + ], + "type": "object" + }, + "terminationGracePeriodSeconds": { + "description": "Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset.", + "format": "int64", + "type": "integer" + }, + "timeoutSeconds": { + "description": "Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes", + "format": "int32", + "type": "integer" + } + }, + "type": "object" + }, + "resources": { + "description": "Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/", + "properties": { + "limits": { + "additionalProperties": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "description": "Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/", + "type": "object" + }, + "requests": { + "additionalProperties": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "description": "Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/", + "type": "object" + } + }, + "type": "object" + }, + "securityContext": { + "description": "SecurityContext defines the security options the container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/", + "properties": { + "allowPrivilegeEscalation": { + "description": "AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN Note that this field cannot be set when spec.os.name is windows.", + "type": "boolean" + }, + "capabilities": { + "description": "The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. Note that this field cannot be set when spec.os.name is windows.", + "properties": { + "add": { + "description": "Added capabilities", + "items": { + "description": "Capability represent POSIX capabilities type", + "type": "string" + }, + "type": "array" + }, + "drop": { + "description": "Removed capabilities", + "items": { + "description": "Capability represent POSIX capabilities type", + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + }, + "privileged": { + "description": "Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. Note that this field cannot be set when spec.os.name is windows.", + "type": "boolean" + }, + "procMount": { + "description": "procMount denotes the type of proc mount to use for the containers. The default is DefaultProcMount which uses the container runtime defaults for readonly paths and masked paths. This requires the ProcMountType feature flag to be enabled. Note that this field cannot be set when spec.os.name is windows.", + "type": "string" + }, + "readOnlyRootFilesystem": { + "description": "Whether this container has a read-only root filesystem. Default is false. Note that this field cannot be set when spec.os.name is windows.", + "type": "boolean" + }, + "runAsGroup": { + "description": "The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows.", + "format": "int64", + "type": "integer" + }, + "runAsNonRoot": { + "description": "Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.", + "type": "boolean" + }, + "runAsUser": { + "description": "The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows.", + "format": "int64", + "type": "integer" + }, + "seLinuxOptions": { + "description": "The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows.", + "properties": { + "level": { + "description": "Level is SELinux level label that applies to the container.", + "type": "string" + }, + "role": { + "description": "Role is a SELinux role label that applies to the container.", + "type": "string" + }, + "type": { + "description": "Type is a SELinux type label that applies to the container.", + "type": "string" + }, + "user": { + "description": "User is a SELinux user label that applies to the container.", + "type": "string" + } + }, + "type": "object" + }, + "seccompProfile": { + "description": "The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows.", + "properties": { + "localhostProfile": { + "description": "localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must only be set if type is \"Localhost\".", + "type": "string" + }, + "type": { + "description": "type indicates which kind of seccomp profile will be applied. Valid options are: \n Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied.", + "type": "string" + } + }, + "required": [ + "type" + ], + "type": "object" + }, + "windowsOptions": { + "description": "The Windows specific settings applied to all containers. If unspecified, the options from the PodSecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is linux.", + "properties": { + "gmsaCredentialSpec": { + "description": "GMSACredentialSpec is where the GMSA admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the GMSA credential spec named by the GMSACredentialSpecName field.", + "type": "string" + }, + "gmsaCredentialSpecName": { + "description": "GMSACredentialSpecName is the name of the GMSA credential spec to use.", + "type": "string" + }, + "hostProcess": { + "description": "HostProcess determines if a container should be run as a 'Host Process' container. This field is alpha-level and will only be honored by components that enable the WindowsHostProcessContainers feature flag. Setting this field without the feature flag will result in errors when validating the Pod. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.", + "type": "boolean" + }, + "runAsUserName": { + "description": "The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.", + "type": "string" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "startupProbe": { + "description": "StartupProbe indicates that the Pod has successfully initialized. If specified, no other probes are executed until this completes successfully. If this probe fails, the Pod will be restarted, just as if the livenessProbe failed. This can be used to provide different probe parameters at the beginning of a Pod's lifecycle, when it might take a long time to load data or warm a cache, than during steady-state operation. This cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes", + "properties": { + "exec": { + "description": "Exec specifies the action to take.", + "properties": { + "command": { + "description": "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + }, + "failureThreshold": { + "description": "Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.", + "format": "int32", + "type": "integer" + }, + "grpc": { + "description": "GRPC specifies an action involving a GRPC port. This is an alpha field and requires enabling GRPCContainerProbe feature gate.", + "properties": { + "port": { + "description": "Port number of the gRPC service. Number must be in the range 1 to 65535.", + "format": "int32", + "type": "integer" + }, + "service": { + "description": "Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). \n If this is not specified, the default behavior is defined by gRPC.", + "type": "string" + } + }, + "required": [ + "port" + ], + "type": "object" + }, + "httpGet": { + "description": "HTTPGet specifies the http request to perform.", + "properties": { + "host": { + "description": "Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead.", + "type": "string" + }, + "httpHeaders": { + "description": "Custom headers to set in the request. HTTP allows repeated headers.", + "items": { + "description": "HTTPHeader describes a custom header to be used in HTTP probes", + "properties": { + "name": { + "description": "The header field name", + "type": "string" + }, + "value": { + "description": "The header field value", + "type": "string" + } + }, + "required": [ + "name", + "value" + ], + "type": "object" + }, + "type": "array" + }, + "path": { + "description": "Path to access on the HTTP server.", + "type": "string" + }, + "port": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "description": "Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.", + "x-kubernetes-int-or-string": true + }, + "scheme": { + "description": "Scheme to use for connecting to the host. Defaults to HTTP.", + "type": "string" + } + }, + "required": [ + "port" + ], + "type": "object" + }, + "initialDelaySeconds": { + "description": "Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes", + "format": "int32", + "type": "integer" + }, + "periodSeconds": { + "description": "How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1.", + "format": "int32", + "type": "integer" + }, + "successThreshold": { + "description": "Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1.", + "format": "int32", + "type": "integer" + }, + "tcpSocket": { + "description": "TCPSocket specifies an action involving a TCP port.", + "properties": { + "host": { + "description": "Optional: Host name to connect to, defaults to the pod IP.", + "type": "string" + }, + "port": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "description": "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.", + "x-kubernetes-int-or-string": true + } + }, + "required": [ + "port" + ], + "type": "object" + }, + "terminationGracePeriodSeconds": { + "description": "Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset.", + "format": "int64", + "type": "integer" + }, + "timeoutSeconds": { + "description": "Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes", + "format": "int32", + "type": "integer" + } + }, + "type": "object" + }, + "stdin": { + "description": "Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false.", + "type": "boolean" + }, + "stdinOnce": { + "description": "Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false", + "type": "boolean" + }, + "terminationMessagePath": { + "description": "Optional: Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated.", + "type": "string" + }, + "terminationMessagePolicy": { + "description": "Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated.", + "type": "string" + }, + "tty": { + "description": "Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. Default is false.", + "type": "boolean" + }, + "volumeDevices": { + "description": "volumeDevices is the list of block devices to be used by the container.", + "items": { + "description": "volumeDevice describes a mapping of a raw block device within a container.", + "properties": { + "devicePath": { + "description": "devicePath is the path inside of the container that the device will be mapped to.", + "type": "string" + }, + "name": { + "description": "name must match the name of a persistentVolumeClaim in the pod", + "type": "string" + } + }, + "required": [ + "devicePath", + "name" + ], + "type": "object" + }, + "type": "array" + }, + "volumeMounts": { + "description": "Pod volumes to mount into the container's filesystem. Cannot be updated.", + "items": { + "description": "VolumeMount describes a mounting of a Volume within a container.", + "properties": { + "mountPath": { + "description": "Path within the container at which the volume should be mounted. Must not contain ':'.", + "type": "string" + }, + "mountPropagation": { + "description": "mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationNone is used. This field is beta in 1.10.", + "type": "string" + }, + "name": { + "description": "This must match the Name of a Volume.", + "type": "string" + }, + "readOnly": { + "description": "Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false.", + "type": "boolean" + }, + "subPath": { + "description": "Path within the volume from which the container's volume should be mounted. Defaults to \"\" (volume's root).", + "type": "string" + }, + "subPathExpr": { + "description": "Expanded path within the volume from which the container's volume should be mounted. Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. Defaults to \"\" (volume's root). SubPathExpr and SubPath are mutually exclusive.", + "type": "string" + } + }, + "required": [ + "mountPath", + "name" + ], + "type": "object" + }, + "type": "array" + }, + "workingDir": { + "description": "Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated.", + "type": "string" + } + }, + "required": [ + "name" + ], + "type": "object" + }, + "type": "array" + }, + "terminationGracePeriodSeconds": { + "format": "int64", + "type": "integer" + }, + "tolerations": { + "items": { + "description": "The pod this Toleration is attached to tolerates any taint that matches the triple using the matching operator .", + "properties": { + "effect": { + "description": "Effect indicates the taint effect to match. Empty means match all taint effects. When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute.", + "type": "string" + }, + "key": { + "description": "Key is the taint key that the toleration applies to. Empty means match all taint keys. If the key is empty, operator must be Exists; this combination means to match all values and all keys.", + "type": "string" + }, + "operator": { + "description": "Operator represents a key's relationship to the value. Valid operators are Exists and Equal. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category.", + "type": "string" + }, + "tolerationSeconds": { + "description": "TolerationSeconds represents the period of time the toleration (which must be of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, it is not set, which means tolerate the taint forever (do not evict). Zero and negative values will be treated as 0 (evict immediately) by the system.", + "format": "int64", + "type": "integer" + }, + "value": { + "description": "Value is the taint value the toleration matches to. If the operator is Exists, the value should be empty, otherwise just a regular string.", + "type": "string" + } + }, + "type": "object" + }, + "type": "array" + }, + "topologySpreadConstraint": { + "items": { + "description": "TopologySpreadConstraint specifies how to spread matching pods among the given topology.", + "properties": { + "labelSelector": { + "description": "LabelSelector is used to find matching pods. Pods that match this label selector are counted to determine the number of pods in their corresponding topology domain.", + "properties": { + "matchExpressions": { + "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", + "items": { + "description": "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.", + "properties": { + "key": { + "description": "key is the label key that the selector applies to.", + "type": "string" + }, + "operator": { + "description": "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.", + "type": "string" + }, + "values": { + "description": "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array" + }, + "matchLabels": { + "additionalProperties": { + "type": "string" + }, + "description": "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", + "type": "object" + } + }, + "type": "object" + }, + "maxSkew": { + "description": "MaxSkew describes the degree to which pods may be unevenly distributed. When `whenUnsatisfiable=DoNotSchedule`, it is the maximum permitted difference between the number of matching pods in the target topology and the global minimum. For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same labelSelector spread as 1/1/0: | zone1 | zone2 | zone3 | | P | P | | - if MaxSkew is 1, incoming pod can only be scheduled to zone3 to become 1/1/1; scheduling it onto zone1(zone2) would make the ActualSkew(2-0) on zone1(zone2) violate MaxSkew(1). - if MaxSkew is 2, incoming pod can be scheduled onto any zone. When `whenUnsatisfiable=ScheduleAnyway`, it is used to give higher precedence to topologies that satisfy it. It's a required field. Default value is 1 and 0 is not allowed.", + "format": "int32", + "type": "integer" + }, + "topologyKey": { + "description": "TopologyKey is the key of node labels. Nodes that have a label with this key and identical values are considered to be in the same topology. We consider each as a \"bucket\", and try to put balanced number of pods into each bucket. It's a required field.", + "type": "string" + }, + "whenUnsatisfiable": { + "description": "WhenUnsatisfiable indicates how to deal with a pod if it doesn't satisfy the spread constraint. - DoNotSchedule (default) tells the scheduler not to schedule it. - ScheduleAnyway tells the scheduler to schedule the pod in any location, but giving higher precedence to topologies that would help reduce the skew. A constraint is considered \"Unsatisfiable\" for an incoming pod if and only if every possible node assignment for that pod would violate \"MaxSkew\" on some topology. For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same labelSelector spread as 3/1/1: | zone1 | zone2 | zone3 | | P P P | P | P | If WhenUnsatisfiable is set to DoNotSchedule, incoming pod can only be scheduled to zone2(zone3) to become 3/2/1(3/1/2) as ActualSkew(2-1) on zone2(zone3) satisfies MaxSkew(1). In other words, the cluster can still be imbalanced, but scheduler won't make it *more* imbalanced. It's a required field.", + "type": "string" + } + }, + "required": [ + "maxSkew", + "topologyKey", + "whenUnsatisfiable" + ], + "type": "object" + }, + "type": "array" + }, + "volumeMounts": { + "items": { + "description": "VolumeMount describes a mounting of a Volume within a container.", + "properties": { + "mountPath": { + "description": "Path within the container at which the volume should be mounted. Must not contain ':'.", + "type": "string" + }, + "mountPropagation": { + "description": "mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationNone is used. This field is beta in 1.10.", + "type": "string" + }, + "name": { + "description": "This must match the Name of a Volume.", + "type": "string" + }, + "readOnly": { + "description": "Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false.", + "type": "boolean" + }, + "subPath": { + "description": "Path within the volume from which the container's volume should be mounted. Defaults to \"\" (volume's root).", + "type": "string" + }, + "subPathExpr": { + "description": "Expanded path within the volume from which the container's volume should be mounted. Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. Defaults to \"\" (volume's root). SubPathExpr and SubPath are mutually exclusive.", + "type": "string" + } + }, + "required": [ + "mountPath", + "name" + ], + "type": "object" + }, + "type": "array" + }, + "volumeSizeLimit": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "volumeStorageMedium": { + "type": "string" + }, + "volumes": { + "items": { + "description": "Volume represents a named volume in a pod that may be accessed by any container in the pod.", + "properties": { + "awsElasticBlockStore": { + "description": "AWSElasticBlockStore represents an AWS Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore", + "properties": { + "fsType": { + "description": "Filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore TODO: how do we prevent errors in the filesystem from compromising the machine", + "type": "string" + }, + "partition": { + "description": "The partition in the volume that you want to mount. If omitted, the default is to mount by volume name. Examples: For volume /dev/sda1, you specify the partition as \"1\". Similarly, the volume partition for /dev/sda is \"0\" (or you can leave the property empty).", + "format": "int32", + "type": "integer" + }, + "readOnly": { + "description": "Specify \"true\" to force and set the ReadOnly property in VolumeMounts to \"true\". If omitted, the default is \"false\". More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore", + "type": "boolean" + }, + "volumeID": { + "description": "Unique ID of the persistent disk resource in AWS (Amazon EBS volume). More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore", + "type": "string" + } + }, + "required": [ + "volumeID" + ], + "type": "object" + }, + "azureDisk": { + "description": "AzureDisk represents an Azure Data Disk mount on the host and bind mount to the pod.", + "properties": { + "cachingMode": { + "description": "Host Caching mode: None, Read Only, Read Write.", + "type": "string" + }, + "diskName": { + "description": "The Name of the data disk in the blob storage", + "type": "string" + }, + "diskURI": { + "description": "The URI the data disk in the blob storage", + "type": "string" + }, + "fsType": { + "description": "Filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.", + "type": "string" + }, + "kind": { + "description": "Expected values Shared: multiple blob disks per storage account Dedicated: single blob disk per storage account Managed: azure managed data disk (only in managed availability set). defaults to shared", + "type": "string" + }, + "readOnly": { + "description": "Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts.", + "type": "boolean" + } + }, + "required": [ + "diskName", + "diskURI" + ], + "type": "object" + }, + "azureFile": { + "description": "AzureFile represents an Azure File Service mount on the host and bind mount to the pod.", + "properties": { + "readOnly": { + "description": "Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts.", + "type": "boolean" + }, + "secretName": { + "description": "the name of secret that contains Azure Storage Account Name and Key", + "type": "string" + }, + "shareName": { + "description": "Share Name", + "type": "string" + } + }, + "required": [ + "secretName", + "shareName" + ], + "type": "object" + }, + "cephfs": { + "description": "CephFS represents a Ceph FS mount on the host that shares a pod's lifetime", + "properties": { + "monitors": { + "description": "Required: Monitors is a collection of Ceph monitors More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it", + "items": { + "type": "string" + }, + "type": "array" + }, + "path": { + "description": "Optional: Used as the mounted root, rather than the full Ceph tree, default is /", + "type": "string" + }, + "readOnly": { + "description": "Optional: Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it", + "type": "boolean" + }, + "secretFile": { + "description": "Optional: SecretFile is the path to key ring for User, default is /etc/ceph/user.secret More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it", + "type": "string" + }, + "secretRef": { + "description": "Optional: SecretRef is reference to the authentication secret for User, default is empty. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it", + "properties": { + "name": { + "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?", + "type": "string" + } + }, + "type": "object" + }, + "user": { + "description": "Optional: User is the rados user name, default is admin More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it", + "type": "string" + } + }, + "required": [ + "monitors" + ], + "type": "object" + }, + "cinder": { + "description": "Cinder represents a cinder volume attached and mounted on kubelets host machine. More info: https://examples.k8s.io/mysql-cinder-pd/README.md", + "properties": { + "fsType": { + "description": "Filesystem type to mount. Must be a filesystem type supported by the host operating system. Examples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified. More info: https://examples.k8s.io/mysql-cinder-pd/README.md", + "type": "string" + }, + "readOnly": { + "description": "Optional: Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts. More info: https://examples.k8s.io/mysql-cinder-pd/README.md", + "type": "boolean" + }, + "secretRef": { + "description": "Optional: points to a secret object containing parameters used to connect to OpenStack.", + "properties": { + "name": { + "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?", + "type": "string" + } + }, + "type": "object" + }, + "volumeID": { + "description": "volume id used to identify the volume in cinder. More info: https://examples.k8s.io/mysql-cinder-pd/README.md", + "type": "string" + } + }, + "required": [ + "volumeID" + ], + "type": "object" + }, + "configMap": { + "description": "ConfigMap represents a configMap that should populate this volume", + "properties": { + "defaultMode": { + "description": "Optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.", + "format": "int32", + "type": "integer" + }, + "items": { + "description": "If unspecified, each key-value pair in the Data field of the referenced ConfigMap will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the ConfigMap, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'.", + "items": { + "description": "Maps a string key to a path within a volume.", + "properties": { + "key": { + "description": "The key to project.", + "type": "string" + }, + "mode": { + "description": "Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.", + "format": "int32", + "type": "integer" + }, + "path": { + "description": "The relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'.", + "type": "string" + } + }, + "required": [ + "key", + "path" + ], + "type": "object" + }, + "type": "array" + }, + "name": { + "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?", + "type": "string" + }, + "optional": { + "description": "Specify whether the ConfigMap or its keys must be defined", + "type": "boolean" + } + }, + "type": "object" + }, + "csi": { + "description": "CSI (Container Storage Interface) represents ephemeral storage that is handled by certain external CSI drivers (Beta feature).", + "properties": { + "driver": { + "description": "Driver is the name of the CSI driver that handles this volume. Consult with your admin for the correct name as registered in the cluster.", + "type": "string" + }, + "fsType": { + "description": "Filesystem type to mount. Ex. \"ext4\", \"xfs\", \"ntfs\". If not provided, the empty value is passed to the associated CSI driver which will determine the default filesystem to apply.", + "type": "string" + }, + "nodePublishSecretRef": { + "description": "NodePublishSecretRef is a reference to the secret object containing sensitive information to pass to the CSI driver to complete the CSI NodePublishVolume and NodeUnpublishVolume calls. This field is optional, and may be empty if no secret is required. If the secret object contains more than one secret, all secret references are passed.", + "properties": { + "name": { + "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?", + "type": "string" + } + }, + "type": "object" + }, + "readOnly": { + "description": "Specifies a read-only configuration for the volume. Defaults to false (read/write).", + "type": "boolean" + }, + "volumeAttributes": { + "additionalProperties": { + "type": "string" + }, + "description": "VolumeAttributes stores driver-specific properties that are passed to the CSI driver. Consult your driver's documentation for supported values.", + "type": "object" + } + }, + "required": [ + "driver" + ], + "type": "object" + }, + "downwardAPI": { + "description": "DownwardAPI represents downward API about the pod that should populate this volume", + "properties": { + "defaultMode": { + "description": "Optional: mode bits to use on created files by default. Must be a Optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.", + "format": "int32", + "type": "integer" + }, + "items": { + "description": "Items is a list of downward API volume file", + "items": { + "description": "DownwardAPIVolumeFile represents information to create the file containing the pod field", + "properties": { + "fieldRef": { + "description": "Required: Selects a field of the pod: only annotations, labels, name and namespace are supported.", + "properties": { + "apiVersion": { + "description": "Version of the schema the FieldPath is written in terms of, defaults to \"v1\".", + "type": "string" + }, + "fieldPath": { + "description": "Path of the field to select in the specified API version.", + "type": "string" + } + }, + "required": [ + "fieldPath" + ], + "type": "object" + }, + "mode": { + "description": "Optional: mode bits used to set permissions on this file, must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.", + "format": "int32", + "type": "integer" + }, + "path": { + "description": "Required: Path is the relative path name of the file to be created. Must not be absolute or contain the '..' path. Must be utf-8 encoded. The first item of the relative path must not start with '..'", + "type": "string" + }, + "resourceFieldRef": { + "description": "Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported.", + "properties": { + "containerName": { + "description": "Container name: required for volumes, optional for env vars", + "type": "string" + }, + "divisor": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "description": "Specifies the output format of the exposed resources, defaults to \"1\"", + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "resource": { + "description": "Required: resource to select", + "type": "string" + } + }, + "required": [ + "resource" + ], + "type": "object" + } + }, + "required": [ + "path" + ], + "type": "object" + }, + "type": "array" + } + }, + "type": "object" + }, + "emptyDir": { + "description": "EmptyDir represents a temporary directory that shares a pod's lifetime. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir", + "properties": { + "medium": { + "description": "What type of storage medium should back this directory. The default is \"\" which means to use the node's default medium. Must be an empty string (default) or Memory. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir", + "type": "string" + }, + "sizeLimit": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "description": "Total amount of local storage required for this EmptyDir volume. The size limit is also applicable for memory medium. The maximum usage on memory medium EmptyDir would be the minimum value between the SizeLimit specified here and the sum of memory limits of all containers in a pod. The default is nil which means that the limit is undefined. More info: http://kubernetes.io/docs/user-guide/volumes#emptydir", + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + } + }, + "type": "object" + }, + "ephemeral": { + "description": "Ephemeral represents a volume that is handled by a cluster storage driver. The volume's lifecycle is tied to the pod that defines it - it will be created before the pod starts, and deleted when the pod is removed. \n Use this if: a) the volume is only needed while the pod runs, b) features of normal volumes like restoring from snapshot or capacity tracking are needed, c) the storage driver is specified through a storage class, and d) the storage driver supports dynamic volume provisioning through a PersistentVolumeClaim (see EphemeralVolumeSource for more information on the connection between this volume type and PersistentVolumeClaim). \n Use PersistentVolumeClaim or one of the vendor-specific APIs for volumes that persist for longer than the lifecycle of an individual pod. \n Use CSI for light-weight local ephemeral volumes if the CSI driver is meant to be used that way - see the documentation of the driver for more information. \n A pod can use both types of ephemeral volumes and persistent volumes at the same time.", + "properties": { + "volumeClaimTemplate": { + "description": "Will be used to create a stand-alone PVC to provision the volume. The pod in which this EphemeralVolumeSource is embedded will be the owner of the PVC, i.e. the PVC will be deleted together with the pod. The name of the PVC will be `-` where `` is the name from the `PodSpec.Volumes` array entry. Pod validation will reject the pod if the concatenated name is not valid for a PVC (for example, too long). \n An existing PVC with that name that is not owned by the pod will *not* be used for the pod to avoid using an unrelated volume by mistake. Starting the pod is then blocked until the unrelated PVC is removed. If such a pre-created PVC is meant to be used by the pod, the PVC has to updated with an owner reference to the pod once the pod exists. Normally this should not be necessary, but it may be useful when manually reconstructing a broken cluster. \n This field is read-only and no changes will be made by Kubernetes to the PVC after it has been created. \n Required, must not be nil.", + "properties": { + "metadata": { + "description": "May contain labels and annotations that will be copied into the PVC when creating it. No other fields are allowed and will be rejected during validation.", + "properties": { + "annotations": { + "additionalProperties": { + "type": "string" + }, + "type": "object" + }, + "finalizers": { + "items": { + "type": "string" + }, + "type": "array" + }, + "labels": { + "additionalProperties": { + "type": "string" + }, + "type": "object" + }, + "name": { + "type": "string" + }, + "namespace": { + "type": "string" + } + }, + "type": "object" + }, + "spec": { + "description": "The specification for the PersistentVolumeClaim. The entire content is copied unchanged into the PVC that gets created from this template. The same fields as in a PersistentVolumeClaim are also valid here.", + "properties": { + "accessModes": { + "description": "AccessModes contains the desired access modes the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1", + "items": { + "type": "string" + }, + "type": "array" + }, + "dataSource": { + "description": "This field can be used to specify either: * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) * An existing PVC (PersistentVolumeClaim) If the provisioner or an external controller can support the specified data source, it will create a new volume based on the contents of the specified data source. If the AnyVolumeDataSource feature gate is enabled, this field will always have the same contents as the DataSourceRef field.", + "properties": { + "apiGroup": { + "description": "APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required.", + "type": "string" + }, + "kind": { + "description": "Kind is the type of resource being referenced", + "type": "string" + }, + "name": { + "description": "Name is the name of resource being referenced", + "type": "string" + } + }, + "required": [ + "kind", + "name" + ], + "type": "object" + }, + "dataSourceRef": { + "description": "Specifies the object from which to populate the volume with data, if a non-empty volume is desired. This may be any local object from a non-empty API group (non core object) or a PersistentVolumeClaim object. When this field is specified, volume binding will only succeed if the type of the specified object matches some installed volume populator or dynamic provisioner. This field will replace the functionality of the DataSource field and as such if both fields are non-empty, they must have the same value. For backwards compatibility, both fields (DataSource and DataSourceRef) will be set to the same value automatically if one of them is empty and the other is non-empty. There are two important differences between DataSource and DataSourceRef: * While DataSource only allows two specific types of objects, DataSourceRef allows any non-core object, as well as PersistentVolumeClaim objects. * While DataSource ignores disallowed values (dropping them), DataSourceRef preserves all values, and generates an error if a disallowed value is specified. (Alpha) Using this field requires the AnyVolumeDataSource feature gate to be enabled.", + "properties": { + "apiGroup": { + "description": "APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required.", + "type": "string" + }, + "kind": { + "description": "Kind is the type of resource being referenced", + "type": "string" + }, + "name": { + "description": "Name is the name of resource being referenced", + "type": "string" + } + }, + "required": [ + "kind", + "name" + ], + "type": "object" + }, + "resources": { + "description": "Resources represents the minimum resources the volume should have. If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements that are lower than previous value but must still be higher than capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources", + "properties": { + "limits": { + "additionalProperties": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "description": "Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/", + "type": "object" + }, + "requests": { + "additionalProperties": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "description": "Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/", + "type": "object" + } + }, + "type": "object" + }, + "selector": { + "description": "A label query over volumes to consider for binding.", + "properties": { + "matchExpressions": { + "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", + "items": { + "description": "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.", + "properties": { + "key": { + "description": "key is the label key that the selector applies to.", + "type": "string" + }, + "operator": { + "description": "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.", + "type": "string" + }, + "values": { + "description": "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array" + }, + "matchLabels": { + "additionalProperties": { + "type": "string" + }, + "description": "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", + "type": "object" + } + }, + "type": "object" + }, + "storageClassName": { + "description": "Name of the StorageClass required by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1", + "type": "string" + }, + "volumeMode": { + "description": "volumeMode defines what type of volume is required by the claim. Value of Filesystem is implied when not included in claim spec.", + "type": "string" + }, + "volumeName": { + "description": "VolumeName is the binding reference to the PersistentVolume backing this claim.", + "type": "string" + } + }, + "type": "object" + } + }, + "required": [ + "spec" + ], + "type": "object" + } + }, + "type": "object" + }, + "fc": { + "description": "FC represents a Fibre Channel resource that is attached to a kubelet's host machine and then exposed to the pod.", + "properties": { + "fsType": { + "description": "Filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified. TODO: how do we prevent errors in the filesystem from compromising the machine", + "type": "string" + }, + "lun": { + "description": "Optional: FC target lun number", + "format": "int32", + "type": "integer" + }, + "readOnly": { + "description": "Optional: Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts.", + "type": "boolean" + }, + "targetWWNs": { + "description": "Optional: FC target worldwide names (WWNs)", + "items": { + "type": "string" + }, + "type": "array" + }, + "wwids": { + "description": "Optional: FC volume world wide identifiers (wwids) Either wwids or combination of targetWWNs and lun must be set, but not both simultaneously.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + }, + "flexVolume": { + "description": "FlexVolume represents a generic volume resource that is provisioned/attached using an exec based plugin.", + "properties": { + "driver": { + "description": "Driver is the name of the driver to use for this volume.", + "type": "string" + }, + "fsType": { + "description": "Filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. \"ext4\", \"xfs\", \"ntfs\". The default filesystem depends on FlexVolume script.", + "type": "string" + }, + "options": { + "additionalProperties": { + "type": "string" + }, + "description": "Optional: Extra command options if any.", + "type": "object" + }, + "readOnly": { + "description": "Optional: Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts.", + "type": "boolean" + }, + "secretRef": { + "description": "Optional: SecretRef is reference to the secret object containing sensitive information to pass to the plugin scripts. This may be empty if no secret object is specified. If the secret object contains more than one secret, all secrets are passed to the plugin scripts.", + "properties": { + "name": { + "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?", + "type": "string" + } + }, + "type": "object" + } + }, + "required": [ + "driver" + ], + "type": "object" + }, + "flocker": { + "description": "Flocker represents a Flocker volume attached to a kubelet's host machine. This depends on the Flocker control service being running", + "properties": { + "datasetName": { + "description": "Name of the dataset stored as metadata -> name on the dataset for Flocker should be considered as deprecated", + "type": "string" + }, + "datasetUUID": { + "description": "UUID of the dataset. This is unique identifier of a Flocker dataset", + "type": "string" + } + }, + "type": "object" + }, + "gcePersistentDisk": { + "description": "GCEPersistentDisk represents a GCE Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk", + "properties": { + "fsType": { + "description": "Filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk TODO: how do we prevent errors in the filesystem from compromising the machine", + "type": "string" + }, + "partition": { + "description": "The partition in the volume that you want to mount. If omitted, the default is to mount by volume name. Examples: For volume /dev/sda1, you specify the partition as \"1\". Similarly, the volume partition for /dev/sda is \"0\" (or you can leave the property empty). More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk", + "format": "int32", + "type": "integer" + }, + "pdName": { + "description": "Unique name of the PD resource in GCE. Used to identify the disk in GCE. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk", + "type": "string" + }, + "readOnly": { + "description": "ReadOnly here will force the ReadOnly setting in VolumeMounts. Defaults to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk", + "type": "boolean" + } + }, + "required": [ + "pdName" + ], + "type": "object" + }, + "gitRepo": { + "description": "GitRepo represents a git repository at a particular revision. DEPRECATED: GitRepo is deprecated. To provision a container with a git repo, mount an EmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir into the Pod's container.", + "properties": { + "directory": { + "description": "Target directory name. Must not contain or start with '..'. If '.' is supplied, the volume directory will be the git repository. Otherwise, if specified, the volume will contain the git repository in the subdirectory with the given name.", + "type": "string" + }, + "repository": { + "description": "Repository URL", + "type": "string" + }, + "revision": { + "description": "Commit hash for the specified revision.", + "type": "string" + } + }, + "required": [ + "repository" + ], + "type": "object" + }, + "glusterfs": { + "description": "Glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime. More info: https://examples.k8s.io/volumes/glusterfs/README.md", + "properties": { + "endpoints": { + "description": "EndpointsName is the endpoint name that details Glusterfs topology. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod", + "type": "string" + }, + "path": { + "description": "Path is the Glusterfs volume path. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod", + "type": "string" + }, + "readOnly": { + "description": "ReadOnly here will force the Glusterfs volume to be mounted with read-only permissions. Defaults to false. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod", + "type": "boolean" + } + }, + "required": [ + "endpoints", + "path" + ], + "type": "object" + }, + "hostPath": { + "description": "HostPath represents a pre-existing file or directory on the host machine that is directly exposed to the container. This is generally used for system agents or other privileged things that are allowed to see the host machine. Most containers will NOT need this. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath --- TODO(jonesdl) We need to restrict who can use host directory mounts and who can/can not mount host directories as read/write.", + "properties": { + "path": { + "description": "Path of the directory on the host. If the path is a symlink, it will follow the link to the real path. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath", + "type": "string" + }, + "type": { + "description": "Type for HostPath Volume Defaults to \"\" More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath", + "type": "string" + } + }, + "required": [ + "path" + ], + "type": "object" + }, + "iscsi": { + "description": "ISCSI represents an ISCSI Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://examples.k8s.io/volumes/iscsi/README.md", + "properties": { + "chapAuthDiscovery": { + "description": "whether support iSCSI Discovery CHAP authentication", + "type": "boolean" + }, + "chapAuthSession": { + "description": "whether support iSCSI Session CHAP authentication", + "type": "boolean" + }, + "fsType": { + "description": "Filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi TODO: how do we prevent errors in the filesystem from compromising the machine", + "type": "string" + }, + "initiatorName": { + "description": "Custom iSCSI Initiator Name. If initiatorName is specified with iscsiInterface simultaneously, new iSCSI interface : will be created for the connection.", + "type": "string" + }, + "iqn": { + "description": "Target iSCSI Qualified Name.", + "type": "string" + }, + "iscsiInterface": { + "description": "iSCSI Interface Name that uses an iSCSI transport. Defaults to 'default' (tcp).", + "type": "string" + }, + "lun": { + "description": "iSCSI Target Lun number.", + "format": "int32", + "type": "integer" + }, + "portals": { + "description": "iSCSI Target Portal List. The portal is either an IP or ip_addr:port if the port is other than default (typically TCP ports 860 and 3260).", + "items": { + "type": "string" + }, + "type": "array" + }, + "readOnly": { + "description": "ReadOnly here will force the ReadOnly setting in VolumeMounts. Defaults to false.", + "type": "boolean" + }, + "secretRef": { + "description": "CHAP Secret for iSCSI target and initiator authentication", + "properties": { + "name": { + "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?", + "type": "string" + } + }, + "type": "object" + }, + "targetPortal": { + "description": "iSCSI Target Portal. The Portal is either an IP or ip_addr:port if the port is other than default (typically TCP ports 860 and 3260).", + "type": "string" + } + }, + "required": [ + "iqn", + "lun", + "targetPortal" + ], + "type": "object" + }, + "name": { + "description": "Volume's name. Must be a DNS_LABEL and unique within the pod. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names", + "type": "string" + }, + "nfs": { + "description": "NFS represents an NFS mount on the host that shares a pod's lifetime More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs", + "properties": { + "path": { + "description": "Path that is exported by the NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs", + "type": "string" + }, + "readOnly": { + "description": "ReadOnly here will force the NFS export to be mounted with read-only permissions. Defaults to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs", + "type": "boolean" + }, + "server": { + "description": "Server is the hostname or IP address of the NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs", + "type": "string" + } + }, + "required": [ + "path", + "server" + ], + "type": "object" + }, + "persistentVolumeClaim": { + "description": "PersistentVolumeClaimVolumeSource represents a reference to a PersistentVolumeClaim in the same namespace. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims", + "properties": { + "claimName": { + "description": "ClaimName is the name of a PersistentVolumeClaim in the same namespace as the pod using this volume. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims", + "type": "string" + }, + "readOnly": { + "description": "Will force the ReadOnly setting in VolumeMounts. Default false.", + "type": "boolean" + } + }, + "required": [ + "claimName" + ], + "type": "object" + }, + "photonPersistentDisk": { + "description": "PhotonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine", + "properties": { + "fsType": { + "description": "Filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.", + "type": "string" + }, + "pdID": { + "description": "ID that identifies Photon Controller persistent disk", + "type": "string" + } + }, + "required": [ + "pdID" + ], + "type": "object" + }, + "portworxVolume": { + "description": "PortworxVolume represents a portworx volume attached and mounted on kubelets host machine", + "properties": { + "fsType": { + "description": "FSType represents the filesystem type to mount Must be a filesystem type supported by the host operating system. Ex. \"ext4\", \"xfs\". Implicitly inferred to be \"ext4\" if unspecified.", + "type": "string" + }, + "readOnly": { + "description": "Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts.", + "type": "boolean" + }, + "volumeID": { + "description": "VolumeID uniquely identifies a Portworx volume", + "type": "string" + } + }, + "required": [ + "volumeID" + ], + "type": "object" + }, + "projected": { + "description": "Items for all in one resources secrets, configmaps, and downward API", + "properties": { + "defaultMode": { + "description": "Mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.", + "format": "int32", + "type": "integer" + }, + "sources": { + "description": "list of volume projections", + "items": { + "description": "Projection that may be projected along with other supported volume types", + "properties": { + "configMap": { + "description": "information about the configMap data to project", + "properties": { + "items": { + "description": "If unspecified, each key-value pair in the Data field of the referenced ConfigMap will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the ConfigMap, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'.", + "items": { + "description": "Maps a string key to a path within a volume.", + "properties": { + "key": { + "description": "The key to project.", + "type": "string" + }, + "mode": { + "description": "Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.", + "format": "int32", + "type": "integer" + }, + "path": { + "description": "The relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'.", + "type": "string" + } + }, + "required": [ + "key", + "path" + ], + "type": "object" + }, + "type": "array" + }, + "name": { + "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?", + "type": "string" + }, + "optional": { + "description": "Specify whether the ConfigMap or its keys must be defined", + "type": "boolean" + } + }, + "type": "object" + }, + "downwardAPI": { + "description": "information about the downwardAPI data to project", + "properties": { + "items": { + "description": "Items is a list of DownwardAPIVolume file", + "items": { + "description": "DownwardAPIVolumeFile represents information to create the file containing the pod field", + "properties": { + "fieldRef": { + "description": "Required: Selects a field of the pod: only annotations, labels, name and namespace are supported.", + "properties": { + "apiVersion": { + "description": "Version of the schema the FieldPath is written in terms of, defaults to \"v1\".", + "type": "string" + }, + "fieldPath": { + "description": "Path of the field to select in the specified API version.", + "type": "string" + } + }, + "required": [ + "fieldPath" + ], + "type": "object" + }, + "mode": { + "description": "Optional: mode bits used to set permissions on this file, must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.", + "format": "int32", + "type": "integer" + }, + "path": { + "description": "Required: Path is the relative path name of the file to be created. Must not be absolute or contain the '..' path. Must be utf-8 encoded. The first item of the relative path must not start with '..'", + "type": "string" + }, + "resourceFieldRef": { + "description": "Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported.", + "properties": { + "containerName": { + "description": "Container name: required for volumes, optional for env vars", + "type": "string" + }, + "divisor": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "description": "Specifies the output format of the exposed resources, defaults to \"1\"", + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "resource": { + "description": "Required: resource to select", + "type": "string" + } + }, + "required": [ + "resource" + ], + "type": "object" + } + }, + "required": [ + "path" + ], + "type": "object" + }, + "type": "array" + } + }, + "type": "object" + }, + "secret": { + "description": "information about the secret data to project", + "properties": { + "items": { + "description": "If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'.", + "items": { + "description": "Maps a string key to a path within a volume.", + "properties": { + "key": { + "description": "The key to project.", + "type": "string" + }, + "mode": { + "description": "Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.", + "format": "int32", + "type": "integer" + }, + "path": { + "description": "The relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'.", + "type": "string" + } + }, + "required": [ + "key", + "path" + ], + "type": "object" + }, + "type": "array" + }, + "name": { + "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?", + "type": "string" + }, + "optional": { + "description": "Specify whether the Secret or its key must be defined", + "type": "boolean" + } + }, + "type": "object" + }, + "serviceAccountToken": { + "description": "information about the serviceAccountToken data to project", + "properties": { + "audience": { + "description": "Audience is the intended audience of the token. A recipient of a token must identify itself with an identifier specified in the audience of the token, and otherwise should reject the token. The audience defaults to the identifier of the apiserver.", + "type": "string" + }, + "expirationSeconds": { + "description": "ExpirationSeconds is the requested duration of validity of the service account token. As the token approaches expiration, the kubelet volume plugin will proactively rotate the service account token. The kubelet will start trying to rotate the token if the token is older than 80 percent of its time to live or if the token is older than 24 hours.Defaults to 1 hour and must be at least 10 minutes.", + "format": "int64", + "type": "integer" + }, + "path": { + "description": "Path is the path relative to the mount point of the file to project the token into.", + "type": "string" + } + }, + "required": [ + "path" + ], + "type": "object" + } + }, + "type": "object" + }, + "type": "array" + } + }, + "type": "object" + }, + "quobyte": { + "description": "Quobyte represents a Quobyte mount on the host that shares a pod's lifetime", + "properties": { + "group": { + "description": "Group to map volume access to Default is no group", + "type": "string" + }, + "readOnly": { + "description": "ReadOnly here will force the Quobyte volume to be mounted with read-only permissions. Defaults to false.", + "type": "boolean" + }, + "registry": { + "description": "Registry represents a single or multiple Quobyte Registry services specified as a string as host:port pair (multiple entries are separated with commas) which acts as the central registry for volumes", + "type": "string" + }, + "tenant": { + "description": "Tenant owning the given Quobyte volume in the Backend Used with dynamically provisioned Quobyte volumes, value is set by the plugin", + "type": "string" + }, + "user": { + "description": "User to map volume access to Defaults to serivceaccount user", + "type": "string" + }, + "volume": { + "description": "Volume is a string that references an already created Quobyte volume by name.", + "type": "string" + } + }, + "required": [ + "registry", + "volume" + ], + "type": "object" + }, + "rbd": { + "description": "RBD represents a Rados Block Device mount on the host that shares a pod's lifetime. More info: https://examples.k8s.io/volumes/rbd/README.md", + "properties": { + "fsType": { + "description": "Filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#rbd TODO: how do we prevent errors in the filesystem from compromising the machine", + "type": "string" + }, + "image": { + "description": "The rados image name. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it", + "type": "string" + }, + "keyring": { + "description": "Keyring is the path to key ring for RBDUser. Default is /etc/ceph/keyring. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it", + "type": "string" + }, + "monitors": { + "description": "A collection of Ceph monitors. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it", + "items": { + "type": "string" + }, + "type": "array" + }, + "pool": { + "description": "The rados pool name. Default is rbd. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it", + "type": "string" + }, + "readOnly": { + "description": "ReadOnly here will force the ReadOnly setting in VolumeMounts. Defaults to false. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it", + "type": "boolean" + }, + "secretRef": { + "description": "SecretRef is name of the authentication secret for RBDUser. If provided overrides keyring. Default is nil. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it", + "properties": { + "name": { + "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?", + "type": "string" + } + }, + "type": "object" + }, + "user": { + "description": "The rados user name. Default is admin. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it", + "type": "string" + } + }, + "required": [ + "image", + "monitors" + ], + "type": "object" + }, + "scaleIO": { + "description": "ScaleIO represents a ScaleIO persistent volume attached and mounted on Kubernetes nodes.", + "properties": { + "fsType": { + "description": "Filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. \"ext4\", \"xfs\", \"ntfs\". Default is \"xfs\".", + "type": "string" + }, + "gateway": { + "description": "The host address of the ScaleIO API Gateway.", + "type": "string" + }, + "protectionDomain": { + "description": "The name of the ScaleIO Protection Domain for the configured storage.", + "type": "string" + }, + "readOnly": { + "description": "Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts.", + "type": "boolean" + }, + "secretRef": { + "description": "SecretRef references to the secret for ScaleIO user and other sensitive information. If this is not provided, Login operation will fail.", + "properties": { + "name": { + "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?", + "type": "string" + } + }, + "type": "object" + }, + "sslEnabled": { + "description": "Flag to enable/disable SSL communication with Gateway, default false", + "type": "boolean" + }, + "storageMode": { + "description": "Indicates whether the storage for a volume should be ThickProvisioned or ThinProvisioned. Default is ThinProvisioned.", + "type": "string" + }, + "storagePool": { + "description": "The ScaleIO Storage Pool associated with the protection domain.", + "type": "string" + }, + "system": { + "description": "The name of the storage system as configured in ScaleIO.", + "type": "string" + }, + "volumeName": { + "description": "The name of a volume already created in the ScaleIO system that is associated with this volume source.", + "type": "string" + } + }, + "required": [ + "gateway", + "secretRef", + "system" + ], + "type": "object" + }, + "secret": { + "description": "Secret represents a secret that should populate this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret", + "properties": { + "defaultMode": { + "description": "Optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.", + "format": "int32", + "type": "integer" + }, + "items": { + "description": "If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'.", + "items": { + "description": "Maps a string key to a path within a volume.", + "properties": { + "key": { + "description": "The key to project.", + "type": "string" + }, + "mode": { + "description": "Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.", + "format": "int32", + "type": "integer" + }, + "path": { + "description": "The relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'.", + "type": "string" + } + }, + "required": [ + "key", + "path" + ], + "type": "object" + }, + "type": "array" + }, + "optional": { + "description": "Specify whether the Secret or its keys must be defined", + "type": "boolean" + }, + "secretName": { + "description": "Name of the secret in the pod's namespace to use. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret", + "type": "string" + } + }, + "type": "object" + }, + "storageos": { + "description": "StorageOS represents a StorageOS volume attached and mounted on Kubernetes nodes.", + "properties": { + "fsType": { + "description": "Filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.", + "type": "string" + }, + "readOnly": { + "description": "Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts.", + "type": "boolean" + }, + "secretRef": { + "description": "SecretRef specifies the secret to use for obtaining the StorageOS API credentials. If not specified, default values will be attempted.", + "properties": { + "name": { + "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?", + "type": "string" + } + }, + "type": "object" + }, + "volumeName": { + "description": "VolumeName is the human-readable name of the StorageOS volume. Volume names are only unique within a namespace.", + "type": "string" + }, + "volumeNamespace": { + "description": "VolumeNamespace specifies the scope of the volume within StorageOS. If no namespace is specified then the Pod's namespace will be used. This allows the Kubernetes name scoping to be mirrored within StorageOS for tighter integration. Set VolumeName to any name to override the default behaviour. Set to \"default\" if you are not using namespaces within StorageOS. Namespaces that do not pre-exist within StorageOS will be created.", + "type": "string" + } + }, + "type": "object" + }, + "vsphereVolume": { + "description": "VsphereVolume represents a vSphere volume attached and mounted on kubelets host machine", + "properties": { + "fsType": { + "description": "Filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.", + "type": "string" + }, + "storagePolicyID": { + "description": "Storage Policy Based Management (SPBM) profile ID associated with the StoragePolicyName.", + "type": "string" + }, + "storagePolicyName": { + "description": "Storage Policy Based Management (SPBM) profile name.", + "type": "string" + }, + "volumePath": { + "description": "Path that identifies vSphere volume vmdk", + "type": "string" + } + }, + "required": [ + "volumePath" + ], + "type": "object" + } + }, + "required": [ + "name" + ], + "type": "object" + }, + "type": "array" + }, + "workDir": { + "type": "string" + } + }, + "type": "object" + } + }, + "type": "object" + } + }, + "required": [ + "template" + ], + "type": "object" + }, + "status": { + "properties": { + "availableReplicas": { + "description": "AvailableReplicas is the total number of available runners which have been successfully registered to GitHub and still running. This corresponds to the sum of status.availableReplicas of all the runner replica sets.", + "type": "integer" + }, + "desiredReplicas": { + "description": "DesiredReplicas is the total number of desired, non-terminated and latest pods to be set for the primary RunnerSet This doesn't include outdated pods while upgrading the deployment and replacing the runnerset.", + "type": "integer" + }, + "readyReplicas": { + "description": "ReadyReplicas is the total number of available runners which have been successfully registered to GitHub and still running. This corresponds to the sum of status.readyReplicas of all the runner replica sets.", + "type": "integer" + }, + "replicas": { + "description": "Replicas is the total number of replicas", + "type": "integer" + }, + "updatedReplicas": { + "description": "ReadyReplicas is the total number of available runners which have been successfully registered to GitHub and still running. This corresponds to status.replicas of the runner replica set that has the desired template hash.", + "type": "integer" + } + }, + "type": "object" + } + }, + "type": "object" + } + }, + "served": true, + "storage": true, + "subresources": { + "status": {} + } + } + ] + }, + "status": { + "acceptedNames": { + "kind": "RunnerDeployment", + "listKind": "RunnerDeploymentList", + "plural": "runnerdeployments", + "shortNames": [ + "rdeploy" + ], + "singular": "runnerdeployment" + }, + "conditions": [ + { + "lastTransitionTime": "2024-02-22T22:30:36Z", + "message": "no conflicts found", + "reason": "NoConflicts", + "status": "True", + "type": "NamesAccepted" + }, + { + "lastTransitionTime": "2024-02-22T22:30:37Z", + "message": "the initial names have been accepted", + "reason": "InitialNamesAccepted", + "status": "True", + "type": "Established" + } + ], + "storedVersions": [ + "v1alpha1" + ] + } + }, + "group": "actions.summerwind.dev", + "plural": "runnerdeployments", + "version": "v1alpha1" + }, + "learnrun_time": 172.63051390647888, + "namespace": "actions-runner-system", + "preload_images": [ + "quay.io/brancz/kube-rbac-proxy:v0.10.0", + "quay.io/jetstack/cert-manager-controller:v1.8.2", + "quay.io/jetstack/cert-manager-cainjector:v1.8.2", + "docker.io/summerwind/actions-runner-controller:v0.22.0", + "quay.io/jetstack/cert-manager-webhook:v1.8.2" + ], + "static_analysis_time": 8.106231689453125e-06 +} \ No newline at end of file From 400d1ead50a895334b069368d6d432c4c705ac8c Mon Sep 17 00:00:00 2001 From: Leslie H <142967379+SleepyLeslie@users.noreply.github.com> Date: Sun, 10 Mar 2024 20:17:15 +0000 Subject: [PATCH 29/38] Add porting config for cloudnative-pg (#348) --- .../cnpg-1.22.1.yaml | 14423 ++++++++++++++++ .../context.json | 4659 +++++ .../postgresql-config.json | 15 + .../postgresql-cr.yaml | 8 + 4 files changed, 19105 insertions(+) create mode 100644 data/cloudnative-pg_cloudnative_pg/cnpg-1.22.1.yaml create mode 100644 data/cloudnative-pg_cloudnative_pg/context.json create mode 100644 data/cloudnative-pg_cloudnative_pg/postgresql-config.json create mode 100644 data/cloudnative-pg_cloudnative_pg/postgresql-cr.yaml diff --git a/data/cloudnative-pg_cloudnative_pg/cnpg-1.22.1.yaml b/data/cloudnative-pg_cloudnative_pg/cnpg-1.22.1.yaml new file mode 100644 index 0000000000..f29038a3da --- /dev/null +++ b/data/cloudnative-pg_cloudnative_pg/cnpg-1.22.1.yaml @@ -0,0 +1,14423 @@ +apiVersion: v1 +kind: Namespace +metadata: + labels: + app.kubernetes.io/name: cloudnative-pg + name: cnpg-system +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.13.0 + name: backups.postgresql.cnpg.io +spec: + group: postgresql.cnpg.io + names: + kind: Backup + listKind: BackupList + plural: backups + singular: backup + scope: Namespaced + versions: + - additionalPrinterColumns: + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + - jsonPath: .spec.cluster.name + name: Cluster + type: string + - jsonPath: .spec.method + name: Method + type: string + - jsonPath: .status.phase + name: Phase + type: string + - jsonPath: .status.error + name: Error + type: string + name: v1 + schema: + openAPIV3Schema: + description: Backup is the Schema for the backups API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: 'Specification of the desired behavior of the backup. More + info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status' + properties: + cluster: + description: The cluster to backup + properties: + name: + description: Name of the referent. + type: string + required: + - name + type: object + method: + default: barmanObjectStore + description: 'The backup method to be used, possible options are `barmanObjectStore` + and `volumeSnapshot`. Defaults to: `barmanObjectStore`.' + enum: + - barmanObjectStore + - volumeSnapshot + type: string + online: + description: Whether the default type of backup with volume snapshots + is online/hot (`true`, default) or offline/cold (`false`) Overrides + the default setting specified in the cluster field '.spec.backup.volumeSnapshot.online' + type: boolean + onlineConfiguration: + description: Configuration parameters to control the online/hot backup + with volume snapshots Overrides the default settings specified in + the cluster '.backup.volumeSnapshot.onlineConfiguration' stanza + properties: + immediateCheckpoint: + description: Control whether the I/O workload for the backup initial + checkpoint will be limited, according to the `checkpoint_completion_target` + setting on the PostgreSQL server. If set to true, an immediate + checkpoint will be used, meaning PostgreSQL will complete the + checkpoint as soon as possible. `false` by default. + type: boolean + waitForArchive: + default: true + description: If false, the function will return immediately after + the backup is completed, without waiting for WAL to be archived. + This behavior is only useful with backup software that independently + monitors WAL archiving. Otherwise, WAL required to make the + backup consistent might be missing and make the backup useless. + By default, or when this parameter is true, pg_backup_stop will + wait for WAL to be archived when archiving is enabled. On a + standby, this means that it will wait only when archive_mode + = always. If write activity on the primary is low, it may be + useful to run pg_switch_wal on the primary in order to trigger + an immediate segment switch. + type: boolean + type: object + target: + description: The policy to decide which instance should perform this + backup. If empty, it defaults to `cluster.spec.backup.target`. Available + options are empty string, `primary` and `prefer-standby`. `primary` + to have backups run always on primary instances, `prefer-standby` + to have backups run preferably on the most updated standby, if available. + enum: + - primary + - prefer-standby + type: string + required: + - cluster + type: object + status: + description: 'Most recently observed status of the backup. This data may + not be up to date. Populated by the system. Read-only. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status' + properties: + azureCredentials: + description: The credentials to use to upload data to Azure Blob Storage + properties: + connectionString: + description: The connection string to be used + properties: + key: + description: The key to select + type: string + name: + description: Name of the referent. + type: string + required: + - key + - name + type: object + inheritFromAzureAD: + description: Use the Azure AD based authentication without providing + explicitly the keys. + type: boolean + storageAccount: + description: The storage account where to upload data + properties: + key: + description: The key to select + type: string + name: + description: Name of the referent. + type: string + required: + - key + - name + type: object + storageKey: + description: The storage account key to be used in conjunction + with the storage account name + properties: + key: + description: The key to select + type: string + name: + description: Name of the referent. + type: string + required: + - key + - name + type: object + storageSasToken: + description: A shared-access-signature to be used in conjunction + with the storage account name + properties: + key: + description: The key to select + type: string + name: + description: Name of the referent. + type: string + required: + - key + - name + type: object + type: object + backupId: + description: The ID of the Barman backup + type: string + backupLabelFile: + description: Backup label file content as returned by Postgres in + case of online (hot) backups + format: byte + type: string + backupName: + description: The Name of the Barman backup + type: string + beginLSN: + description: The starting xlog + type: string + beginWal: + description: The starting WAL + type: string + commandError: + description: The backup command output in case of error + type: string + commandOutput: + description: Unused. Retained for compatibility with old versions. + type: string + destinationPath: + description: The path where to store the backup (i.e. s3://bucket/path/to/folder) + this path, with different destination folders, will be used for + WALs and for data. This may not be populated in case of errors. + type: string + encryption: + description: Encryption method required to S3 API + type: string + endLSN: + description: The ending xlog + type: string + endWal: + description: The ending WAL + type: string + endpointCA: + description: EndpointCA store the CA bundle of the barman endpoint. + Useful when using self-signed certificates to avoid errors with + certificate issuer and barman-cloud-wal-archive. + properties: + key: + description: The key to select + type: string + name: + description: Name of the referent. + type: string + required: + - key + - name + type: object + endpointURL: + description: Endpoint to be used to upload data to the cloud, overriding + the automatic endpoint discovery + type: string + error: + description: The detected error + type: string + googleCredentials: + description: The credentials to use to upload data to Google Cloud + Storage + properties: + applicationCredentials: + description: The secret containing the Google Cloud Storage JSON + file with the credentials + properties: + key: + description: The key to select + type: string + name: + description: Name of the referent. + type: string + required: + - key + - name + type: object + gkeEnvironment: + description: If set to true, will presume that it's running inside + a GKE environment, default to false. + type: boolean + type: object + instanceID: + description: Information to identify the instance where the backup + has been taken from + properties: + ContainerID: + description: The container ID + type: string + podName: + description: The pod name + type: string + type: object + method: + description: The backup method being used + type: string + online: + description: Whether the backup was online/hot (`true`) or offline/cold + (`false`) + type: boolean + phase: + description: The last backup status + type: string + s3Credentials: + description: The credentials to use to upload data to S3 + properties: + accessKeyId: + description: The reference to the access key id + properties: + key: + description: The key to select + type: string + name: + description: Name of the referent. + type: string + required: + - key + - name + type: object + inheritFromIAMRole: + description: Use the role based authentication without providing + explicitly the keys. + type: boolean + region: + description: The reference to the secret containing the region + name + properties: + key: + description: The key to select + type: string + name: + description: Name of the referent. + type: string + required: + - key + - name + type: object + secretAccessKey: + description: The reference to the secret access key + properties: + key: + description: The key to select + type: string + name: + description: Name of the referent. + type: string + required: + - key + - name + type: object + sessionToken: + description: The references to the session key + properties: + key: + description: The key to select + type: string + name: + description: Name of the referent. + type: string + required: + - key + - name + type: object + type: object + serverName: + description: The server name on S3, the cluster name is used if this + parameter is omitted + type: string + snapshotBackupStatus: + description: Status of the volumeSnapshot backup + properties: + elements: + description: The elements list, populated with the gathered volume + snapshots + items: + description: BackupSnapshotElementStatus is a volume snapshot + that is part of a volume snapshot method backup + properties: + name: + description: Name is the snapshot resource name + type: string + tablespaceName: + description: TablespaceName is the name of the snapshotted + tablespace. Only set when type is PG_TABLESPACE + type: string + type: + description: Type is tho role of the snapshot in the cluster, + such as PG_DATA, PG_WAL and PG_TABLESPACE + type: string + required: + - name + - type + type: object + type: array + type: object + startedAt: + description: When the backup was started + format: date-time + type: string + stoppedAt: + description: When the backup was terminated + format: date-time + type: string + tablespaceMapFile: + description: Tablespace map file content as returned by Postgres in + case of online (hot) backups + format: byte + type: string + type: object + required: + - metadata + - spec + type: object + served: true + storage: true + subresources: + status: {} +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.13.0 + name: clusters.postgresql.cnpg.io +spec: + group: postgresql.cnpg.io + names: + kind: Cluster + listKind: ClusterList + plural: clusters + singular: cluster + scope: Namespaced + versions: + - additionalPrinterColumns: + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + - description: Number of instances + jsonPath: .status.instances + name: Instances + type: integer + - description: Number of ready instances + jsonPath: .status.readyInstances + name: Ready + type: integer + - description: Cluster current status + jsonPath: .status.phase + name: Status + type: string + - description: Primary pod + jsonPath: .status.currentPrimary + name: Primary + type: string + name: v1 + schema: + openAPIV3Schema: + description: Cluster is the Schema for the PostgreSQL API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: 'Specification of the desired behavior of the cluster. More + info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status' + properties: + affinity: + description: Affinity/Anti-affinity rules for Pods + properties: + additionalPodAffinity: + description: AdditionalPodAffinity allows to specify pod affinity + terms to be passed to all the cluster's pods. + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule pods to + nodes that satisfy the affinity expressions specified by + this field, but it may choose a node that violates one or + more of the expressions. The node that is most preferred + is the one with the greatest sum of weights, i.e. for each + node that meets all of the scheduling requirements (resource + request, requiredDuringScheduling affinity expressions, + etc.), compute a sum by iterating through the elements of + this field and adding "weight" to the sum if the node has + pods which matches the corresponding podAffinityTerm; the + node(s) with the highest sum are the most preferred. + items: + description: The weights of all of the matched WeightedPodAffinityTerm + fields are added per-node to find the most preferred node(s) + properties: + podAffinityTerm: + description: Required. A pod affinity term, associated + with the corresponding weight. + properties: + labelSelector: + description: A label query over a set of resources, + in this case pods. + properties: + matchExpressions: + description: matchExpressions is a list of label + selector requirements. The requirements are + ANDed. + items: + description: A label selector requirement + is a selector that contains values, a key, + and an operator that relates the key and + values. + properties: + key: + description: key is the label key that + the selector applies to. + type: string + operator: + description: operator represents a key's + relationship to a set of values. Valid + operators are In, NotIn, Exists and + DoesNotExist. + type: string + values: + description: values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. + If the operator is Exists or DoesNotExist, + the values array must be empty. This + array is replaced during a strategic + merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is + "In", and the values array contains only "value". + The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + namespaceSelector: + description: A label query over the set of namespaces + that the term applies to. The term is applied + to the union of the namespaces selected by this + field and the ones listed in the namespaces field. + null selector and null or empty namespaces list + means "this pod's namespace". An empty selector + ({}) matches all namespaces. + properties: + matchExpressions: + description: matchExpressions is a list of label + selector requirements. The requirements are + ANDed. + items: + description: A label selector requirement + is a selector that contains values, a key, + and an operator that relates the key and + values. + properties: + key: + description: key is the label key that + the selector applies to. + type: string + operator: + description: operator represents a key's + relationship to a set of values. Valid + operators are In, NotIn, Exists and + DoesNotExist. + type: string + values: + description: values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. + If the operator is Exists or DoesNotExist, + the values array must be empty. This + array is replaced during a strategic + merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is + "In", and the values array contains only "value". + The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + namespaces: + description: namespaces specifies a static list + of namespace names that the term applies to. The + term is applied to the union of the namespaces + listed in this field and the ones selected by + namespaceSelector. null or empty namespaces list + and null namespaceSelector means "this pod's namespace". + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) + or not co-located (anti-affinity) with the pods + matching the labelSelector in the specified namespaces, + where co-located is defined as running on a node + whose value of the label with key topologyKey + matches that of any node on which any of the selected + pods is running. Empty topologyKey is not allowed. + type: string + required: + - topologyKey + type: object + weight: + description: weight associated with matching the corresponding + podAffinityTerm, in the range 1-100. + format: int32 + type: integer + required: + - podAffinityTerm + - weight + type: object + type: array + requiredDuringSchedulingIgnoredDuringExecution: + description: If the affinity requirements specified by this + field are not met at scheduling time, the pod will not be + scheduled onto the node. If the affinity requirements specified + by this field cease to be met at some point during pod execution + (e.g. due to a pod label update), the system may or may + not try to eventually evict the pod from its node. When + there are multiple elements, the lists of nodes corresponding + to each podAffinityTerm are intersected, i.e. all terms + must be satisfied. + items: + description: Defines a set of pods (namely those matching + the labelSelector relative to the given namespace(s)) + that this pod should be co-located (affinity) or not co-located + (anti-affinity) with, where co-located is defined as running + on a node whose value of the label with key + matches that of any node on which a pod of the set of + pods is running + properties: + labelSelector: + description: A label query over a set of resources, + in this case pods. + properties: + matchExpressions: + description: matchExpressions is a list of label + selector requirements. The requirements are ANDed. + items: + description: A label selector requirement is a + selector that contains values, a key, and an + operator that relates the key and values. + properties: + key: + description: key is the label key that the + selector applies to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are + In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. If the + operator is Exists or DoesNotExist, the + values array must be empty. This array is + replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is "In", + and the values array contains only "value". The + requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + namespaceSelector: + description: A label query over the set of namespaces + that the term applies to. The term is applied to the + union of the namespaces selected by this field and + the ones listed in the namespaces field. null selector + and null or empty namespaces list means "this pod's + namespace". An empty selector ({}) matches all namespaces. + properties: + matchExpressions: + description: matchExpressions is a list of label + selector requirements. The requirements are ANDed. + items: + description: A label selector requirement is a + selector that contains values, a key, and an + operator that relates the key and values. + properties: + key: + description: key is the label key that the + selector applies to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are + In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. If the + operator is Exists or DoesNotExist, the + values array must be empty. This array is + replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is "In", + and the values array contains only "value". The + requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + namespaces: + description: namespaces specifies a static list of namespace + names that the term applies to. The term is applied + to the union of the namespaces listed in this field + and the ones selected by namespaceSelector. null or + empty namespaces list and null namespaceSelector means + "this pod's namespace". + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) + or not co-located (anti-affinity) with the pods matching + the labelSelector in the specified namespaces, where + co-located is defined as running on a node whose value + of the label with key topologyKey matches that of + any node on which any of the selected pods is running. + Empty topologyKey is not allowed. + type: string + required: + - topologyKey + type: object + type: array + type: object + additionalPodAntiAffinity: + description: AdditionalPodAntiAffinity allows to specify pod anti-affinity + terms to be added to the ones generated by the operator if EnablePodAntiAffinity + is set to true (default) or to be used exclusively if set to + false. + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule pods to + nodes that satisfy the anti-affinity expressions specified + by this field, but it may choose a node that violates one + or more of the expressions. The node that is most preferred + is the one with the greatest sum of weights, i.e. for each + node that meets all of the scheduling requirements (resource + request, requiredDuringScheduling anti-affinity expressions, + etc.), compute a sum by iterating through the elements of + this field and adding "weight" to the sum if the node has + pods which matches the corresponding podAffinityTerm; the + node(s) with the highest sum are the most preferred. + items: + description: The weights of all of the matched WeightedPodAffinityTerm + fields are added per-node to find the most preferred node(s) + properties: + podAffinityTerm: + description: Required. A pod affinity term, associated + with the corresponding weight. + properties: + labelSelector: + description: A label query over a set of resources, + in this case pods. + properties: + matchExpressions: + description: matchExpressions is a list of label + selector requirements. The requirements are + ANDed. + items: + description: A label selector requirement + is a selector that contains values, a key, + and an operator that relates the key and + values. + properties: + key: + description: key is the label key that + the selector applies to. + type: string + operator: + description: operator represents a key's + relationship to a set of values. Valid + operators are In, NotIn, Exists and + DoesNotExist. + type: string + values: + description: values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. + If the operator is Exists or DoesNotExist, + the values array must be empty. This + array is replaced during a strategic + merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is + "In", and the values array contains only "value". + The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + namespaceSelector: + description: A label query over the set of namespaces + that the term applies to. The term is applied + to the union of the namespaces selected by this + field and the ones listed in the namespaces field. + null selector and null or empty namespaces list + means "this pod's namespace". An empty selector + ({}) matches all namespaces. + properties: + matchExpressions: + description: matchExpressions is a list of label + selector requirements. The requirements are + ANDed. + items: + description: A label selector requirement + is a selector that contains values, a key, + and an operator that relates the key and + values. + properties: + key: + description: key is the label key that + the selector applies to. + type: string + operator: + description: operator represents a key's + relationship to a set of values. Valid + operators are In, NotIn, Exists and + DoesNotExist. + type: string + values: + description: values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. + If the operator is Exists or DoesNotExist, + the values array must be empty. This + array is replaced during a strategic + merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is + "In", and the values array contains only "value". + The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + namespaces: + description: namespaces specifies a static list + of namespace names that the term applies to. The + term is applied to the union of the namespaces + listed in this field and the ones selected by + namespaceSelector. null or empty namespaces list + and null namespaceSelector means "this pod's namespace". + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) + or not co-located (anti-affinity) with the pods + matching the labelSelector in the specified namespaces, + where co-located is defined as running on a node + whose value of the label with key topologyKey + matches that of any node on which any of the selected + pods is running. Empty topologyKey is not allowed. + type: string + required: + - topologyKey + type: object + weight: + description: weight associated with matching the corresponding + podAffinityTerm, in the range 1-100. + format: int32 + type: integer + required: + - podAffinityTerm + - weight + type: object + type: array + requiredDuringSchedulingIgnoredDuringExecution: + description: If the anti-affinity requirements specified by + this field are not met at scheduling time, the pod will + not be scheduled onto the node. If the anti-affinity requirements + specified by this field cease to be met at some point during + pod execution (e.g. due to a pod label update), the system + may or may not try to eventually evict the pod from its + node. When there are multiple elements, the lists of nodes + corresponding to each podAffinityTerm are intersected, i.e. + all terms must be satisfied. + items: + description: Defines a set of pods (namely those matching + the labelSelector relative to the given namespace(s)) + that this pod should be co-located (affinity) or not co-located + (anti-affinity) with, where co-located is defined as running + on a node whose value of the label with key + matches that of any node on which a pod of the set of + pods is running + properties: + labelSelector: + description: A label query over a set of resources, + in this case pods. + properties: + matchExpressions: + description: matchExpressions is a list of label + selector requirements. The requirements are ANDed. + items: + description: A label selector requirement is a + selector that contains values, a key, and an + operator that relates the key and values. + properties: + key: + description: key is the label key that the + selector applies to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are + In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. If the + operator is Exists or DoesNotExist, the + values array must be empty. This array is + replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is "In", + and the values array contains only "value". The + requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + namespaceSelector: + description: A label query over the set of namespaces + that the term applies to. The term is applied to the + union of the namespaces selected by this field and + the ones listed in the namespaces field. null selector + and null or empty namespaces list means "this pod's + namespace". An empty selector ({}) matches all namespaces. + properties: + matchExpressions: + description: matchExpressions is a list of label + selector requirements. The requirements are ANDed. + items: + description: A label selector requirement is a + selector that contains values, a key, and an + operator that relates the key and values. + properties: + key: + description: key is the label key that the + selector applies to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are + In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. If the + operator is Exists or DoesNotExist, the + values array must be empty. This array is + replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is "In", + and the values array contains only "value". The + requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + namespaces: + description: namespaces specifies a static list of namespace + names that the term applies to. The term is applied + to the union of the namespaces listed in this field + and the ones selected by namespaceSelector. null or + empty namespaces list and null namespaceSelector means + "this pod's namespace". + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) + or not co-located (anti-affinity) with the pods matching + the labelSelector in the specified namespaces, where + co-located is defined as running on a node whose value + of the label with key topologyKey matches that of + any node on which any of the selected pods is running. + Empty topologyKey is not allowed. + type: string + required: + - topologyKey + type: object + type: array + type: object + enablePodAntiAffinity: + description: Activates anti-affinity for the pods. The operator + will define pods anti-affinity unless this field is explicitly + set to false + type: boolean + nodeAffinity: + description: 'NodeAffinity describes node affinity scheduling + rules for the pod. More info: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#node-affinity' + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule pods to + nodes that satisfy the affinity expressions specified by + this field, but it may choose a node that violates one or + more of the expressions. The node that is most preferred + is the one with the greatest sum of weights, i.e. for each + node that meets all of the scheduling requirements (resource + request, requiredDuringScheduling affinity expressions, + etc.), compute a sum by iterating through the elements of + this field and adding "weight" to the sum if the node matches + the corresponding matchExpressions; the node(s) with the + highest sum are the most preferred. + items: + description: An empty preferred scheduling term matches + all objects with implicit weight 0 (i.e. it's a no-op). + A null preferred scheduling term matches no objects (i.e. + is also a no-op). + properties: + preference: + description: A node selector term, associated with the + corresponding weight. + properties: + matchExpressions: + description: A list of node selector requirements + by node's labels. + items: + description: A node selector requirement is a + selector that contains values, a key, and an + operator that relates the key and values. + properties: + key: + description: The label key that the selector + applies to. + type: string + operator: + description: Represents a key's relationship + to a set of values. Valid operators are + In, NotIn, Exists, DoesNotExist. Gt, and + Lt. + type: string + values: + description: An array of string values. If + the operator is In or NotIn, the values + array must be non-empty. If the operator + is Exists or DoesNotExist, the values array + must be empty. If the operator is Gt or + Lt, the values array must have a single + element, which will be interpreted as an + integer. This array is replaced during a + strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchFields: + description: A list of node selector requirements + by node's fields. + items: + description: A node selector requirement is a + selector that contains values, a key, and an + operator that relates the key and values. + properties: + key: + description: The label key that the selector + applies to. + type: string + operator: + description: Represents a key's relationship + to a set of values. Valid operators are + In, NotIn, Exists, DoesNotExist. Gt, and + Lt. + type: string + values: + description: An array of string values. If + the operator is In or NotIn, the values + array must be non-empty. If the operator + is Exists or DoesNotExist, the values array + must be empty. If the operator is Gt or + Lt, the values array must have a single + element, which will be interpreted as an + integer. This array is replaced during a + strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + type: object + x-kubernetes-map-type: atomic + weight: + description: Weight associated with matching the corresponding + nodeSelectorTerm, in the range 1-100. + format: int32 + type: integer + required: + - preference + - weight + type: object + type: array + requiredDuringSchedulingIgnoredDuringExecution: + description: If the affinity requirements specified by this + field are not met at scheduling time, the pod will not be + scheduled onto the node. If the affinity requirements specified + by this field cease to be met at some point during pod execution + (e.g. due to an update), the system may or may not try to + eventually evict the pod from its node. + properties: + nodeSelectorTerms: + description: Required. A list of node selector terms. + The terms are ORed. + items: + description: A null or empty node selector term matches + no objects. The requirements of them are ANDed. The + TopologySelectorTerm type implements a subset of the + NodeSelectorTerm. + properties: + matchExpressions: + description: A list of node selector requirements + by node's labels. + items: + description: A node selector requirement is a + selector that contains values, a key, and an + operator that relates the key and values. + properties: + key: + description: The label key that the selector + applies to. + type: string + operator: + description: Represents a key's relationship + to a set of values. Valid operators are + In, NotIn, Exists, DoesNotExist. Gt, and + Lt. + type: string + values: + description: An array of string values. If + the operator is In or NotIn, the values + array must be non-empty. If the operator + is Exists or DoesNotExist, the values array + must be empty. If the operator is Gt or + Lt, the values array must have a single + element, which will be interpreted as an + integer. This array is replaced during a + strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchFields: + description: A list of node selector requirements + by node's fields. + items: + description: A node selector requirement is a + selector that contains values, a key, and an + operator that relates the key and values. + properties: + key: + description: The label key that the selector + applies to. + type: string + operator: + description: Represents a key's relationship + to a set of values. Valid operators are + In, NotIn, Exists, DoesNotExist. Gt, and + Lt. + type: string + values: + description: An array of string values. If + the operator is In or NotIn, the values + array must be non-empty. If the operator + is Exists or DoesNotExist, the values array + must be empty. If the operator is Gt or + Lt, the values array must have a single + element, which will be interpreted as an + integer. This array is replaced during a + strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + type: object + x-kubernetes-map-type: atomic + type: array + required: + - nodeSelectorTerms + type: object + x-kubernetes-map-type: atomic + type: object + nodeSelector: + additionalProperties: + type: string + description: 'NodeSelector is map of key-value pairs used to define + the nodes on which the pods can run. More info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/' + type: object + podAntiAffinityType: + description: 'PodAntiAffinityType allows the user to decide whether + pod anti-affinity between cluster instance has to be considered + a strong requirement during scheduling or not. Allowed values + are: "preferred" (default if empty) or "required". Setting it + to "required", could lead to instances remaining pending until + new kubernetes nodes are added if all the existing nodes don''t + match the required pod anti-affinity rule. More info: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#inter-pod-affinity-and-anti-affinity' + type: string + tolerations: + description: 'Tolerations is a list of Tolerations that should + be set for all the pods, in order to allow them to run on tainted + nodes. More info: https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/' + items: + description: The pod this Toleration is attached to tolerates + any taint that matches the triple using + the matching operator . + properties: + effect: + description: Effect indicates the taint effect to match. + Empty means match all taint effects. When specified, allowed + values are NoSchedule, PreferNoSchedule and NoExecute. + type: string + key: + description: Key is the taint key that the toleration applies + to. Empty means match all taint keys. If the key is empty, + operator must be Exists; this combination means to match + all values and all keys. + type: string + operator: + description: Operator represents a key's relationship to + the value. Valid operators are Exists and Equal. Defaults + to Equal. Exists is equivalent to wildcard for value, + so that a pod can tolerate all taints of a particular + category. + type: string + tolerationSeconds: + description: TolerationSeconds represents the period of + time the toleration (which must be of effect NoExecute, + otherwise this field is ignored) tolerates the taint. + By default, it is not set, which means tolerate the taint + forever (do not evict). Zero and negative values will + be treated as 0 (evict immediately) by the system. + format: int64 + type: integer + value: + description: Value is the taint value the toleration matches + to. If the operator is Exists, the value should be empty, + otherwise just a regular string. + type: string + type: object + type: array + topologyKey: + description: TopologyKey to use for anti-affinity configuration. + See k8s documentation for more info on that + type: string + type: object + backup: + description: The configuration to be used for backups + properties: + barmanObjectStore: + description: The configuration for the barman-cloud tool suite + properties: + azureCredentials: + description: The credentials to use to upload data to Azure + Blob Storage + properties: + connectionString: + description: The connection string to be used + properties: + key: + description: The key to select + type: string + name: + description: Name of the referent. + type: string + required: + - key + - name + type: object + inheritFromAzureAD: + description: Use the Azure AD based authentication without + providing explicitly the keys. + type: boolean + storageAccount: + description: The storage account where to upload data + properties: + key: + description: The key to select + type: string + name: + description: Name of the referent. + type: string + required: + - key + - name + type: object + storageKey: + description: The storage account key to be used in conjunction + with the storage account name + properties: + key: + description: The key to select + type: string + name: + description: Name of the referent. + type: string + required: + - key + - name + type: object + storageSasToken: + description: A shared-access-signature to be used in conjunction + with the storage account name + properties: + key: + description: The key to select + type: string + name: + description: Name of the referent. + type: string + required: + - key + - name + type: object + type: object + data: + description: The configuration to be used to backup the data + files When not defined, base backups files will be stored + uncompressed and may be unencrypted in the object store, + according to the bucket default policy. + properties: + compression: + description: Compress a backup file (a tar file per tablespace) + while streaming it to the object store. Available options + are empty string (no compression, default), `gzip`, + `bzip2` or `snappy`. + enum: + - gzip + - bzip2 + - snappy + type: string + encryption: + description: Whenever to force the encryption of files + (if the bucket is not already configured for that). + Allowed options are empty string (use the bucket policy, + default), `AES256` and `aws:kms` + enum: + - AES256 + - aws:kms + type: string + immediateCheckpoint: + description: Control whether the I/O workload for the + backup initial checkpoint will be limited, according + to the `checkpoint_completion_target` setting on the + PostgreSQL server. If set to true, an immediate checkpoint + will be used, meaning PostgreSQL will complete the checkpoint + as soon as possible. `false` by default. + type: boolean + jobs: + description: The number of parallel jobs to be used to + upload the backup, defaults to 2 + format: int32 + minimum: 1 + type: integer + type: object + destinationPath: + description: The path where to store the backup (i.e. s3://bucket/path/to/folder) + this path, with different destination folders, will be used + for WALs and for data + minLength: 1 + type: string + endpointCA: + description: EndpointCA store the CA bundle of the barman + endpoint. Useful when using self-signed certificates to + avoid errors with certificate issuer and barman-cloud-wal-archive + properties: + key: + description: The key to select + type: string + name: + description: Name of the referent. + type: string + required: + - key + - name + type: object + endpointURL: + description: Endpoint to be used to upload data to the cloud, + overriding the automatic endpoint discovery + type: string + googleCredentials: + description: The credentials to use to upload data to Google + Cloud Storage + properties: + applicationCredentials: + description: The secret containing the Google Cloud Storage + JSON file with the credentials + properties: + key: + description: The key to select + type: string + name: + description: Name of the referent. + type: string + required: + - key + - name + type: object + gkeEnvironment: + description: If set to true, will presume that it's running + inside a GKE environment, default to false. + type: boolean + type: object + historyTags: + additionalProperties: + type: string + description: HistoryTags is a list of key value pairs that + will be passed to the Barman --history-tags option. + type: object + s3Credentials: + description: The credentials to use to upload data to S3 + properties: + accessKeyId: + description: The reference to the access key id + properties: + key: + description: The key to select + type: string + name: + description: Name of the referent. + type: string + required: + - key + - name + type: object + inheritFromIAMRole: + description: Use the role based authentication without + providing explicitly the keys. + type: boolean + region: + description: The reference to the secret containing the + region name + properties: + key: + description: The key to select + type: string + name: + description: Name of the referent. + type: string + required: + - key + - name + type: object + secretAccessKey: + description: The reference to the secret access key + properties: + key: + description: The key to select + type: string + name: + description: Name of the referent. + type: string + required: + - key + - name + type: object + sessionToken: + description: The references to the session key + properties: + key: + description: The key to select + type: string + name: + description: Name of the referent. + type: string + required: + - key + - name + type: object + type: object + serverName: + description: The server name on S3, the cluster name is used + if this parameter is omitted + type: string + tags: + additionalProperties: + type: string + description: Tags is a list of key value pairs that will be + passed to the Barman --tags option. + type: object + wal: + description: The configuration for the backup of the WAL stream. + When not defined, WAL files will be stored uncompressed + and may be unencrypted in the object store, according to + the bucket default policy. + properties: + compression: + description: Compress a WAL file before sending it to + the object store. Available options are empty string + (no compression, default), `gzip`, `bzip2` or `snappy`. + enum: + - gzip + - bzip2 + - snappy + type: string + encryption: + description: Whenever to force the encryption of files + (if the bucket is not already configured for that). + Allowed options are empty string (use the bucket policy, + default), `AES256` and `aws:kms` + enum: + - AES256 + - aws:kms + type: string + maxParallel: + description: Number of WAL files to be either archived + in parallel (when the PostgreSQL instance is archiving + to a backup object store) or restored in parallel (when + a PostgreSQL standby is fetching WAL files from a recovery + object store). If not specified, WAL files will be processed + one at a time. It accepts a positive integer as a value + - with 1 being the minimum accepted value. + minimum: 1 + type: integer + type: object + required: + - destinationPath + type: object + retentionPolicy: + description: RetentionPolicy is the retention policy to be used + for backups and WALs (i.e. '60d'). The retention policy is expressed + in the form of `XXu` where `XX` is a positive integer and `u` + is in `[dwm]` - days, weeks, months. It's currently only applicable + when using the BarmanObjectStore method. + pattern: ^[1-9][0-9]*[dwm]$ + type: string + target: + default: prefer-standby + description: The policy to decide which instance should perform + backups. Available options are empty string, which will default + to `prefer-standby` policy, `primary` to have backups run always + on primary instances, `prefer-standby` to have backups run preferably + on the most updated standby, if available. + enum: + - primary + - prefer-standby + type: string + volumeSnapshot: + description: VolumeSnapshot provides the configuration for the + execution of volume snapshot backups. + properties: + annotations: + additionalProperties: + type: string + description: Annotations key-value pairs that will be added + to .metadata.annotations snapshot resources. + type: object + className: + description: ClassName specifies the Snapshot Class to be + used for PG_DATA PersistentVolumeClaim. It is the default + class for the other types if no specific class is present + type: string + labels: + additionalProperties: + type: string + description: Labels are key-value pairs that will be added + to .metadata.labels snapshot resources. + type: object + online: + default: true + description: Whether the default type of backup with volume + snapshots is online/hot (`true`, default) or offline/cold + (`false`) + type: boolean + onlineConfiguration: + default: + immediateCheckpoint: false + waitForArchive: true + description: Configuration parameters to control the online/hot + backup with volume snapshots + properties: + immediateCheckpoint: + description: Control whether the I/O workload for the + backup initial checkpoint will be limited, according + to the `checkpoint_completion_target` setting on the + PostgreSQL server. If set to true, an immediate checkpoint + will be used, meaning PostgreSQL will complete the checkpoint + as soon as possible. `false` by default. + type: boolean + waitForArchive: + default: true + description: If false, the function will return immediately + after the backup is completed, without waiting for WAL + to be archived. This behavior is only useful with backup + software that independently monitors WAL archiving. + Otherwise, WAL required to make the backup consistent + might be missing and make the backup useless. By default, + or when this parameter is true, pg_backup_stop will + wait for WAL to be archived when archiving is enabled. + On a standby, this means that it will wait only when + archive_mode = always. If write activity on the primary + is low, it may be useful to run pg_switch_wal on the + primary in order to trigger an immediate segment switch. + type: boolean + type: object + snapshotOwnerReference: + default: none + description: SnapshotOwnerReference indicates the type of + owner reference the snapshot should have + enum: + - none + - cluster + - backup + type: string + tablespaceClassName: + additionalProperties: + type: string + description: TablespaceClassName specifies the Snapshot Class + to be used for the tablespaces. defaults to the PGDATA Snapshot + Class, if set + type: object + walClassName: + description: WalClassName specifies the Snapshot Class to + be used for the PG_WAL PersistentVolumeClaim. + type: string + type: object + type: object + bootstrap: + description: Instructions to bootstrap this cluster + properties: + initdb: + description: Bootstrap the cluster via initdb + properties: + dataChecksums: + description: 'Whether the `-k` option should be passed to + initdb, enabling checksums on data pages (default: `false`)' + type: boolean + database: + description: 'Name of the database used by the application. + Default: `app`.' + type: string + encoding: + description: The value to be passed as option `--encoding` + for initdb (default:`UTF8`) + type: string + import: + description: Bootstraps the new cluster by importing data + from an existing PostgreSQL instance using logical backup + (`pg_dump` and `pg_restore`) + properties: + databases: + description: The databases to import + items: + type: string + type: array + postImportApplicationSQL: + description: List of SQL queries to be executed as a superuser + in the application database right after is imported + - to be used with extreme care (by default empty). Only + available in microservice type. + items: + type: string + type: array + roles: + description: The roles to import + items: + type: string + type: array + schemaOnly: + description: 'When set to true, only the `pre-data` and + `post-data` sections of `pg_restore` are invoked, avoiding + data import. Default: `false`.' + type: boolean + source: + description: The source of the import + properties: + externalCluster: + description: The name of the externalCluster used + for import + type: string + required: + - externalCluster + type: object + type: + description: The import type. Can be `microservice` or + `monolith`. + enum: + - microservice + - monolith + type: string + required: + - databases + - source + - type + type: object + localeCType: + description: The value to be passed as option `--lc-ctype` + for initdb (default:`C`) + type: string + localeCollate: + description: The value to be passed as option `--lc-collate` + for initdb (default:`C`) + type: string + options: + description: 'The list of options that must be passed to initdb + when creating the cluster. Deprecated: This could lead to + inconsistent configurations, please use the explicit provided + parameters instead. If defined, explicit values will be + ignored.' + items: + type: string + type: array + owner: + description: Name of the owner of the database in the instance + to be used by applications. Defaults to the value of the + `database` key. + type: string + postInitApplicationSQL: + description: List of SQL queries to be executed as a superuser + in the application database right after is created - to + be used with extreme care (by default empty) + items: + type: string + type: array + postInitApplicationSQLRefs: + description: PostInitApplicationSQLRefs points references + to ConfigMaps or Secrets which contain SQL files, the general + implementation order to these references is from all Secrets + to all ConfigMaps, and inside Secrets or ConfigMaps, the + implementation order is same as the order of each array + (by default empty) + properties: + configMapRefs: + description: ConfigMapRefs holds a list of references + to ConfigMaps + items: + description: ConfigMapKeySelector contains enough information + to let you locate the key of a ConfigMap + properties: + key: + description: The key to select + type: string + name: + description: Name of the referent. + type: string + required: + - key + - name + type: object + type: array + secretRefs: + description: SecretRefs holds a list of references to + Secrets + items: + description: SecretKeySelector contains enough information + to let you locate the key of a Secret + properties: + key: + description: The key to select + type: string + name: + description: Name of the referent. + type: string + required: + - key + - name + type: object + type: array + type: object + postInitSQL: + description: List of SQL queries to be executed as a superuser + immediately after the cluster has been created - to be used + with extreme care (by default empty) + items: + type: string + type: array + postInitTemplateSQL: + description: List of SQL queries to be executed as a superuser + in the `template1` after the cluster has been created - + to be used with extreme care (by default empty) + items: + type: string + type: array + secret: + description: Name of the secret containing the initial credentials + for the owner of the user database. If empty a new secret + will be created from scratch + properties: + name: + description: Name of the referent. + type: string + required: + - name + type: object + walSegmentSize: + description: 'The value in megabytes (1 to 1024) to be passed + to the `--wal-segsize` option for initdb (default: empty, + resulting in PostgreSQL default: 16MB)' + maximum: 1024 + minimum: 1 + type: integer + type: object + pg_basebackup: + description: Bootstrap the cluster taking a physical backup of + another compatible PostgreSQL instance + properties: + database: + description: 'Name of the database used by the application. + Default: `app`.' + type: string + owner: + description: Name of the owner of the database in the instance + to be used by applications. Defaults to the value of the + `database` key. + type: string + secret: + description: Name of the secret containing the initial credentials + for the owner of the user database. If empty a new secret + will be created from scratch + properties: + name: + description: Name of the referent. + type: string + required: + - name + type: object + source: + description: The name of the server of which we need to take + a physical backup + minLength: 1 + type: string + required: + - source + type: object + recovery: + description: Bootstrap the cluster from a backup + properties: + backup: + description: The backup object containing the physical base + backup from which to initiate the recovery procedure. Mutually + exclusive with `source` and `volumeSnapshots`. + properties: + endpointCA: + description: EndpointCA store the CA bundle of the barman + endpoint. Useful when using self-signed certificates + to avoid errors with certificate issuer and barman-cloud-wal-archive. + properties: + key: + description: The key to select + type: string + name: + description: Name of the referent. + type: string + required: + - key + - name + type: object + name: + description: Name of the referent. + type: string + required: + - name + type: object + database: + description: 'Name of the database used by the application. + Default: `app`.' + type: string + owner: + description: Name of the owner of the database in the instance + to be used by applications. Defaults to the value of the + `database` key. + type: string + recoveryTarget: + description: 'By default, the recovery process applies all + the available WAL files in the archive (full recovery). + However, you can also end the recovery as soon as a consistent + state is reached or recover to a point-in-time (PITR) by + specifying a `RecoveryTarget` object, as expected by PostgreSQL + (i.e., timestamp, transaction Id, LSN, ...). More info: + https://www.postgresql.org/docs/current/runtime-config-wal.html#RUNTIME-CONFIG-WAL-RECOVERY-TARGET' + properties: + backupID: + description: The ID of the backup from which to start + the recovery process. If empty (default) the operator + will automatically detect the backup based on targetTime + or targetLSN if specified. Otherwise use the latest + available backup in chronological order. + type: string + exclusive: + description: Set the target to be exclusive. If omitted, + defaults to false, so that in Postgres, `recovery_target_inclusive` + will be true + type: boolean + targetImmediate: + description: End recovery as soon as a consistent state + is reached + type: boolean + targetLSN: + description: The target LSN (Log Sequence Number) + type: string + targetName: + description: The target name (to be previously created + with `pg_create_restore_point`) + type: string + targetTLI: + description: The target timeline ("latest" or a positive + integer) + type: string + targetTime: + description: The target time as a timestamp in the RFC3339 + standard + type: string + targetXID: + description: The target transaction ID + type: string + type: object + secret: + description: Name of the secret containing the initial credentials + for the owner of the user database. If empty a new secret + will be created from scratch + properties: + name: + description: Name of the referent. + type: string + required: + - name + type: object + source: + description: The external cluster whose backup we will restore. + This is also used as the name of the folder under which + the backup is stored, so it must be set to the name of the + source cluster Mutually exclusive with `backup`. + type: string + volumeSnapshots: + description: The static PVC data source(s) from which to initiate + the recovery procedure. Currently supporting `VolumeSnapshot` + and `PersistentVolumeClaim` resources that map an existing + PVC group, compatible with CloudNativePG, and taken with + a cold backup copy on a fenced Postgres instance (limitation + which will be removed in the future when online backup will + be implemented). Mutually exclusive with `backup`. + properties: + storage: + description: Configuration of the storage of the instances + properties: + apiGroup: + description: APIGroup is the group for the resource + being referenced. If APIGroup is not specified, + the specified Kind must be in the core API group. + For any other third-party types, APIGroup is required. + type: string + kind: + description: Kind is the type of resource being referenced + type: string + name: + description: Name is the name of resource being referenced + type: string + required: + - kind + - name + type: object + x-kubernetes-map-type: atomic + tablespaceStorage: + additionalProperties: + description: TypedLocalObjectReference contains enough + information to let you locate the typed referenced + object inside the same namespace. + properties: + apiGroup: + description: APIGroup is the group for the resource + being referenced. If APIGroup is not specified, + the specified Kind must be in the core API group. + For any other third-party types, APIGroup is required. + type: string + kind: + description: Kind is the type of resource being + referenced + type: string + name: + description: Name is the name of resource being + referenced + type: string + required: + - kind + - name + type: object + x-kubernetes-map-type: atomic + description: Configuration of the storage for PostgreSQL + tablespaces + type: object + walStorage: + description: Configuration of the storage for PostgreSQL + WAL (Write-Ahead Log) + properties: + apiGroup: + description: APIGroup is the group for the resource + being referenced. If APIGroup is not specified, + the specified Kind must be in the core API group. + For any other third-party types, APIGroup is required. + type: string + kind: + description: Kind is the type of resource being referenced + type: string + name: + description: Name is the name of resource being referenced + type: string + required: + - kind + - name + type: object + x-kubernetes-map-type: atomic + required: + - storage + type: object + type: object + type: object + certificates: + description: The configuration for the CA and related certificates + properties: + clientCASecret: + description: 'The secret containing the Client CA certificate. + If not defined, a new secret will be created with a self-signed + CA and will be used to generate all the client certificates.

Contains:

- `ca.crt`: CA that should + be used to validate the client certificates, used as `ssl_ca_file` + of all the instances.
- `ca.key`: key used to generate + client certificates, if ReplicationTLSSecret is provided, this + can be omitted.
' + type: string + replicationTLSSecret: + description: The secret of type kubernetes.io/tls containing the + client certificate to authenticate as the `streaming_replica` + user. If not defined, ClientCASecret must provide also `ca.key`, + and a new secret will be created using the provided CA. + type: string + serverAltDNSNames: + description: The list of the server alternative DNS names to be + added to the generated server TLS certificates, when required. + items: + type: string + type: array + serverCASecret: + description: 'The secret containing the Server CA certificate. + If not defined, a new secret will be created with a self-signed + CA and will be used to generate the TLS certificate ServerTLSSecret.

Contains:

- `ca.crt`: CA that should + be used to validate the server certificate, used as `sslrootcert` + in client connection strings.
- `ca.key`: key used to + generate Server SSL certs, if ServerTLSSecret is provided, this + can be omitted.
' + type: string + serverTLSSecret: + description: The secret of type kubernetes.io/tls containing the + server TLS certificate and key that will be set as `ssl_cert_file` + and `ssl_key_file` so that clients can connect to postgres securely. + If not defined, ServerCASecret must provide also `ca.key` and + a new secret will be created using the provided CA. + type: string + type: object + description: + description: Description of this PostgreSQL cluster + type: string + enableSuperuserAccess: + default: false + description: When this option is enabled, the operator will use the + `SuperuserSecret` to update the `postgres` user password (if the + secret is not present, the operator will automatically create one). + When this option is disabled, the operator will ignore the `SuperuserSecret` + content, delete it when automatically created, and then blank the + password of the `postgres` user by setting it to `NULL`. Disabled + by default. + type: boolean + env: + description: Env follows the Env format to pass environment variables + to the pods created in the cluster + items: + description: EnvVar represents an environment variable present in + a Container. + properties: + name: + description: Name of the environment variable. Must be a C_IDENTIFIER. + type: string + value: + description: 'Variable references $(VAR_NAME) are expanded using + the previously defined environment variables in the container + and any service environment variables. If a variable cannot + be resolved, the reference in the input string will be unchanged. + Double $$ are reduced to a single $, which allows for escaping + the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce the + string literal "$(VAR_NAME)". Escaped references will never + be expanded, regardless of whether the variable exists or + not. Defaults to "".' + type: string + valueFrom: + description: Source for the environment variable's value. Cannot + be used if value is not empty. + properties: + configMapKeyRef: + description: Selects a key of a ConfigMap. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + optional: + description: Specify whether the ConfigMap or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + fieldRef: + description: 'Selects a field of the pod: supports metadata.name, + metadata.namespace, `metadata.labels['''']`, `metadata.annotations['''']`, + spec.nodeName, spec.serviceAccountName, status.hostIP, + status.podIP, status.podIPs.' + properties: + apiVersion: + description: Version of the schema the FieldPath is + written in terms of, defaults to "v1". + type: string + fieldPath: + description: Path of the field to select in the specified + API version. + type: string + required: + - fieldPath + type: object + x-kubernetes-map-type: atomic + resourceFieldRef: + description: 'Selects a resource of the container: only + resources limits and requests (limits.cpu, limits.memory, + limits.ephemeral-storage, requests.cpu, requests.memory + and requests.ephemeral-storage) are currently supported.' + properties: + containerName: + description: 'Container name: required for volumes, + optional for env vars' + type: string + divisor: + anyOf: + - type: integer + - type: string + description: Specifies the output format of the exposed + resources, defaults to "1" + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + description: 'Required: resource to select' + type: string + required: + - resource + type: object + x-kubernetes-map-type: atomic + secretKeyRef: + description: Selects a key of a secret in the pod's namespace + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + required: + - name + type: object + type: array + envFrom: + description: EnvFrom follows the EnvFrom format to pass environment + variables sources to the pods to be used by Env + items: + description: EnvFromSource represents the source of a set of ConfigMaps + properties: + configMapRef: + description: The ConfigMap to select from + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + optional: + description: Specify whether the ConfigMap must be defined + type: boolean + type: object + x-kubernetes-map-type: atomic + prefix: + description: An optional identifier to prepend to each key in + the ConfigMap. Must be a C_IDENTIFIER. + type: string + secretRef: + description: The Secret to select from + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + optional: + description: Specify whether the Secret must be defined + type: boolean + type: object + x-kubernetes-map-type: atomic + type: object + type: array + ephemeralVolumeSource: + description: EphemeralVolumeSource allows the user to configure the + source of ephemeral volumes. + properties: + volumeClaimTemplate: + description: "Will be used to create a stand-alone PVC to provision + the volume. The pod in which this EphemeralVolumeSource is embedded + will be the owner of the PVC, i.e. the PVC will be deleted together + with the pod. The name of the PVC will be `-` where `` is the name from the `PodSpec.Volumes` + array entry. Pod validation will reject the pod if the concatenated + name is not valid for a PVC (for example, too long). \n An existing + PVC with that name that is not owned by the pod will *not* be + used for the pod to avoid using an unrelated volume by mistake. + Starting the pod is then blocked until the unrelated PVC is + removed. If such a pre-created PVC is meant to be used by the + pod, the PVC has to updated with an owner reference to the pod + once the pod exists. Normally this should not be necessary, + but it may be useful when manually reconstructing a broken cluster. + \n This field is read-only and no changes will be made by Kubernetes + to the PVC after it has been created. \n Required, must not + be nil." + properties: + metadata: + description: May contain labels and annotations that will + be copied into the PVC when creating it. No other fields + are allowed and will be rejected during validation. + type: object + spec: + description: The specification for the PersistentVolumeClaim. + The entire content is copied unchanged into the PVC that + gets created from this template. The same fields as in a + PersistentVolumeClaim are also valid here. + properties: + accessModes: + description: 'accessModes contains the desired access + modes the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1' + items: + type: string + type: array + dataSource: + description: 'dataSource field can be used to specify + either: * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) + * An existing PVC (PersistentVolumeClaim) If the provisioner + or an external controller can support the specified + data source, it will create a new volume based on the + contents of the specified data source. When the AnyVolumeDataSource + feature gate is enabled, dataSource contents will be + copied to dataSourceRef, and dataSourceRef contents + will be copied to dataSource when dataSourceRef.namespace + is not specified. If the namespace is specified, then + dataSourceRef will not be copied to dataSource.' + properties: + apiGroup: + description: APIGroup is the group for the resource + being referenced. If APIGroup is not specified, + the specified Kind must be in the core API group. + For any other third-party types, APIGroup is required. + type: string + kind: + description: Kind is the type of resource being referenced + type: string + name: + description: Name is the name of resource being referenced + type: string + required: + - kind + - name + type: object + x-kubernetes-map-type: atomic + dataSourceRef: + description: 'dataSourceRef specifies the object from + which to populate the volume with data, if a non-empty + volume is desired. This may be any object from a non-empty + API group (non core object) or a PersistentVolumeClaim + object. When this field is specified, volume binding + will only succeed if the type of the specified object + matches some installed volume populator or dynamic provisioner. + This field will replace the functionality of the dataSource + field and as such if both fields are non-empty, they + must have the same value. For backwards compatibility, + when namespace isn''t specified in dataSourceRef, both + fields (dataSource and dataSourceRef) will be set to + the same value automatically if one of them is empty + and the other is non-empty. When namespace is specified + in dataSourceRef, dataSource isn''t set to the same + value and must be empty. There are three important differences + between dataSource and dataSourceRef: * While dataSource + only allows two specific types of objects, dataSourceRef + allows any non-core object, as well as PersistentVolumeClaim + objects. * While dataSource ignores disallowed values + (dropping them), dataSourceRef preserves all values, + and generates an error if a disallowed value is specified. + * While dataSource only allows local objects, dataSourceRef + allows objects in any namespaces. (Beta) Using this + field requires the AnyVolumeDataSource feature gate + to be enabled. (Alpha) Using the namespace field of + dataSourceRef requires the CrossNamespaceVolumeDataSource + feature gate to be enabled.' + properties: + apiGroup: + description: APIGroup is the group for the resource + being referenced. If APIGroup is not specified, + the specified Kind must be in the core API group. + For any other third-party types, APIGroup is required. + type: string + kind: + description: Kind is the type of resource being referenced + type: string + name: + description: Name is the name of resource being referenced + type: string + namespace: + description: Namespace is the namespace of resource + being referenced Note that when a namespace is specified, + a gateway.networking.k8s.io/ReferenceGrant object + is required in the referent namespace to allow that + namespace's owner to accept the reference. See the + ReferenceGrant documentation for details. (Alpha) + This field requires the CrossNamespaceVolumeDataSource + feature gate to be enabled. + type: string + required: + - kind + - name + type: object + resources: + description: 'resources represents the minimum resources + the volume should have. If RecoverVolumeExpansionFailure + feature is enabled users are allowed to specify resource + requirements that are lower than previous value but + must still be higher than capacity recorded in the status + field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources' + properties: + claims: + description: "Claims lists the names of resources, + defined in spec.resourceClaims, that are used by + this container. \n This is an alpha field and requires + enabling the DynamicResourceAllocation feature gate. + \n This field is immutable. It can only be set for + containers." + items: + description: ResourceClaim references one entry + in PodSpec.ResourceClaims. + properties: + name: + description: Name must match the name of one + entry in pod.spec.resourceClaims of the Pod + where this field is used. It makes that resource + available inside a container. + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum amount + of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum amount + of compute resources required. If Requests is omitted + for a container, it defaults to Limits if that is + explicitly specified, otherwise to an implementation-defined + value. Requests cannot exceed Limits. More info: + https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + type: object + selector: + description: selector is a label query over volumes to + consider for binding. + properties: + matchExpressions: + description: matchExpressions is a list of label selector + requirements. The requirements are ANDed. + items: + description: A label selector requirement is a selector + that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector + applies to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are In, + NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. + If the operator is In or NotIn, the values + array must be non-empty. If the operator is + Exists or DoesNotExist, the values array must + be empty. This array is replaced during a + strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} pairs. + A single {key,value} in the matchLabels map is equivalent + to an element of matchExpressions, whose key field + is "key", the operator is "In", and the values array + contains only "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + storageClassName: + description: 'storageClassName is the name of the StorageClass + required by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1' + type: string + volumeMode: + description: volumeMode defines what type of volume is + required by the claim. Value of Filesystem is implied + when not included in claim spec. + type: string + volumeName: + description: volumeName is the binding reference to the + PersistentVolume backing this claim. + type: string + type: object + required: + - spec + type: object + type: object + ephemeralVolumesSizeLimit: + description: EphemeralVolumesSizeLimit allows the user to set the + limits for the ephemeral volumes + properties: + shm: + anyOf: + - type: integer + - type: string + description: Shm is the size limit of the shared memory volume + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + temporaryData: + anyOf: + - type: integer + - type: string + description: TemporaryData is the size limit of the temporary + data volume + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + externalClusters: + description: The list of external clusters which are used in the configuration + items: + description: ExternalCluster represents the connection parameters + to an external cluster which is used in the other sections of + the configuration + properties: + barmanObjectStore: + description: The configuration for the barman-cloud tool suite + properties: + azureCredentials: + description: The credentials to use to upload data to Azure + Blob Storage + properties: + connectionString: + description: The connection string to be used + properties: + key: + description: The key to select + type: string + name: + description: Name of the referent. + type: string + required: + - key + - name + type: object + inheritFromAzureAD: + description: Use the Azure AD based authentication without + providing explicitly the keys. + type: boolean + storageAccount: + description: The storage account where to upload data + properties: + key: + description: The key to select + type: string + name: + description: Name of the referent. + type: string + required: + - key + - name + type: object + storageKey: + description: The storage account key to be used in conjunction + with the storage account name + properties: + key: + description: The key to select + type: string + name: + description: Name of the referent. + type: string + required: + - key + - name + type: object + storageSasToken: + description: A shared-access-signature to be used in + conjunction with the storage account name + properties: + key: + description: The key to select + type: string + name: + description: Name of the referent. + type: string + required: + - key + - name + type: object + type: object + data: + description: The configuration to be used to backup the + data files When not defined, base backups files will be + stored uncompressed and may be unencrypted in the object + store, according to the bucket default policy. + properties: + compression: + description: Compress a backup file (a tar file per + tablespace) while streaming it to the object store. + Available options are empty string (no compression, + default), `gzip`, `bzip2` or `snappy`. + enum: + - gzip + - bzip2 + - snappy + type: string + encryption: + description: Whenever to force the encryption of files + (if the bucket is not already configured for that). + Allowed options are empty string (use the bucket policy, + default), `AES256` and `aws:kms` + enum: + - AES256 + - aws:kms + type: string + immediateCheckpoint: + description: Control whether the I/O workload for the + backup initial checkpoint will be limited, according + to the `checkpoint_completion_target` setting on the + PostgreSQL server. If set to true, an immediate checkpoint + will be used, meaning PostgreSQL will complete the + checkpoint as soon as possible. `false` by default. + type: boolean + jobs: + description: The number of parallel jobs to be used + to upload the backup, defaults to 2 + format: int32 + minimum: 1 + type: integer + type: object + destinationPath: + description: The path where to store the backup (i.e. s3://bucket/path/to/folder) + this path, with different destination folders, will be + used for WALs and for data + minLength: 1 + type: string + endpointCA: + description: EndpointCA store the CA bundle of the barman + endpoint. Useful when using self-signed certificates to + avoid errors with certificate issuer and barman-cloud-wal-archive + properties: + key: + description: The key to select + type: string + name: + description: Name of the referent. + type: string + required: + - key + - name + type: object + endpointURL: + description: Endpoint to be used to upload data to the cloud, + overriding the automatic endpoint discovery + type: string + googleCredentials: + description: The credentials to use to upload data to Google + Cloud Storage + properties: + applicationCredentials: + description: The secret containing the Google Cloud + Storage JSON file with the credentials + properties: + key: + description: The key to select + type: string + name: + description: Name of the referent. + type: string + required: + - key + - name + type: object + gkeEnvironment: + description: If set to true, will presume that it's + running inside a GKE environment, default to false. + type: boolean + type: object + historyTags: + additionalProperties: + type: string + description: HistoryTags is a list of key value pairs that + will be passed to the Barman --history-tags option. + type: object + s3Credentials: + description: The credentials to use to upload data to S3 + properties: + accessKeyId: + description: The reference to the access key id + properties: + key: + description: The key to select + type: string + name: + description: Name of the referent. + type: string + required: + - key + - name + type: object + inheritFromIAMRole: + description: Use the role based authentication without + providing explicitly the keys. + type: boolean + region: + description: The reference to the secret containing + the region name + properties: + key: + description: The key to select + type: string + name: + description: Name of the referent. + type: string + required: + - key + - name + type: object + secretAccessKey: + description: The reference to the secret access key + properties: + key: + description: The key to select + type: string + name: + description: Name of the referent. + type: string + required: + - key + - name + type: object + sessionToken: + description: The references to the session key + properties: + key: + description: The key to select + type: string + name: + description: Name of the referent. + type: string + required: + - key + - name + type: object + type: object + serverName: + description: The server name on S3, the cluster name is + used if this parameter is omitted + type: string + tags: + additionalProperties: + type: string + description: Tags is a list of key value pairs that will + be passed to the Barman --tags option. + type: object + wal: + description: The configuration for the backup of the WAL + stream. When not defined, WAL files will be stored uncompressed + and may be unencrypted in the object store, according + to the bucket default policy. + properties: + compression: + description: Compress a WAL file before sending it to + the object store. Available options are empty string + (no compression, default), `gzip`, `bzip2` or `snappy`. + enum: + - gzip + - bzip2 + - snappy + type: string + encryption: + description: Whenever to force the encryption of files + (if the bucket is not already configured for that). + Allowed options are empty string (use the bucket policy, + default), `AES256` and `aws:kms` + enum: + - AES256 + - aws:kms + type: string + maxParallel: + description: Number of WAL files to be either archived + in parallel (when the PostgreSQL instance is archiving + to a backup object store) or restored in parallel + (when a PostgreSQL standby is fetching WAL files from + a recovery object store). If not specified, WAL files + will be processed one at a time. It accepts a positive + integer as a value - with 1 being the minimum accepted + value. + minimum: 1 + type: integer + type: object + required: + - destinationPath + type: object + connectionParameters: + additionalProperties: + type: string + description: The list of connection parameters, such as dbname, + host, username, etc + type: object + name: + description: The server name, required + type: string + password: + description: The reference to the password to be used to connect + to the server. If a password is provided, CloudNativePG creates + a PostgreSQL passfile at `/controller/external/NAME/pass` + (where "NAME" is the cluster's name). This passfile is automatically + referenced in the connection string when establishing a connection + to the remote PostgreSQL server from the current PostgreSQL + `Cluster`. This ensures secure and efficient password management + for external clusters. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + sslCert: + description: The reference to an SSL certificate to be used + to connect to this instance + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + sslKey: + description: The reference to an SSL private key to be used + to connect to this instance + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + sslRootCert: + description: The reference to an SSL CA public key to be used + to connect to this instance + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + required: + - name + type: object + type: array + failoverDelay: + default: 0 + description: The amount of time (in seconds) to wait before triggering + a failover after the primary PostgreSQL instance in the cluster + was detected to be unhealthy + format: int32 + type: integer + imageName: + description: Name of the container image, supporting both tags (`:`) + and digests for deterministic and repeatable deployments (`:@sha256:`) + type: string + imagePullPolicy: + description: 'Image pull policy. One of `Always`, `Never` or `IfNotPresent`. + If not defined, it defaults to `IfNotPresent`. Cannot be updated. + More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' + type: string + imagePullSecrets: + description: The list of pull secrets to be used to pull the images + items: + description: LocalObjectReference contains enough information to + let you locate a local object with a known type inside the same + namespace + properties: + name: + description: Name of the referent. + type: string + required: + - name + type: object + type: array + inheritedMetadata: + description: Metadata that will be inherited by all objects related + to the Cluster + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object + instances: + default: 1 + description: Number of instances required in the cluster + minimum: 1 + type: integer + logLevel: + default: info + description: 'The instances'' log level, one of the following values: + error, warning, info (default), debug, trace' + enum: + - error + - warning + - info + - debug + - trace + type: string + managed: + description: The configuration that is used by the portions of PostgreSQL + that are managed by the instance manager + properties: + roles: + description: Database roles managed by the `Cluster` + items: + description: "RoleConfiguration is the representation, in Kubernetes, + of a PostgreSQL role with the additional field Ensure specifying + whether to ensure the presence or absence of the role in the + database \n The defaults of the CREATE ROLE command are applied + Reference: https://www.postgresql.org/docs/current/sql-createrole.html" + properties: + bypassrls: + description: Whether a role bypasses every row-level security + (RLS) policy. Default is `false`. + type: boolean + comment: + description: Description of the role + type: string + connectionLimit: + default: -1 + description: If the role can log in, this specifies how + many concurrent connections the role can make. `-1` (the + default) means no limit. + format: int64 + type: integer + createdb: + description: When set to `true`, the role being defined + will be allowed to create new databases. Specifying `false` + (default) will deny a role the ability to create databases. + type: boolean + createrole: + description: Whether the role will be permitted to create, + alter, drop, comment on, change the security label for, + and grant or revoke membership in other roles. Default + is `false`. + type: boolean + disablePassword: + description: DisablePassword indicates that a role's password + should be set to NULL in Postgres + type: boolean + ensure: + default: present + description: Ensure the role is `present` or `absent` - + defaults to "present" + enum: + - present + - absent + type: string + inRoles: + description: List of one or more existing roles to which + this role will be immediately added as a new member. Default + empty. + items: + type: string + type: array + inherit: + default: true + description: Whether a role "inherits" the privileges of + roles it is a member of. Defaults is `true`. + type: boolean + login: + description: Whether the role is allowed to log in. A role + having the `login` attribute can be thought of as a user. + Roles without this attribute are useful for managing database + privileges, but are not users in the usual sense of the + word. Default is `false`. + type: boolean + name: + description: Name of the role + type: string + passwordSecret: + description: Secret containing the password of the role + (if present) If null, the password will be ignored unless + DisablePassword is set + properties: + name: + description: Name of the referent. + type: string + required: + - name + type: object + replication: + description: Whether a role is a replication role. A role + must have this attribute (or be a superuser) in order + to be able to connect to the server in replication mode + (physical or logical replication) and in order to be able + to create or drop replication slots. A role having the + `replication` attribute is a very highly privileged role, + and should only be used on roles actually used for replication. + Default is `false`. + type: boolean + superuser: + description: Whether the role is a `superuser` who can override + all access restrictions within the database - superuser + status is dangerous and should be used only when really + needed. You must yourself be a superuser to create a new + superuser. Defaults is `false`. + type: boolean + validUntil: + description: Date and time after which the role's password + is no longer valid. When omitted, the password will never + expire (default). + format: date-time + type: string + required: + - name + type: object + type: array + type: object + maxSyncReplicas: + default: 0 + description: The target value for the synchronous replication quorum, + that can be decreased if the number of ready standbys is lower than + this. Undefined or 0 disable synchronous replication. + minimum: 0 + type: integer + minSyncReplicas: + default: 0 + description: Minimum number of instances required in synchronous replication + with the primary. Undefined or 0 allow writes to complete when no + standby is available. + minimum: 0 + type: integer + monitoring: + description: The configuration of the monitoring infrastructure of + this cluster + properties: + customQueriesConfigMap: + description: The list of config maps containing the custom queries + items: + description: ConfigMapKeySelector contains enough information + to let you locate the key of a ConfigMap + properties: + key: + description: The key to select + type: string + name: + description: Name of the referent. + type: string + required: + - key + - name + type: object + type: array + customQueriesSecret: + description: The list of secrets containing the custom queries + items: + description: SecretKeySelector contains enough information to + let you locate the key of a Secret + properties: + key: + description: The key to select + type: string + name: + description: Name of the referent. + type: string + required: + - key + - name + type: object + type: array + disableDefaultQueries: + default: false + description: 'Whether the default queries should be injected. + Set it to `true` if you don''t want to inject default queries + into the cluster. Default: false.' + type: boolean + enablePodMonitor: + default: false + description: Enable or disable the `PodMonitor` + type: boolean + podMonitorMetricRelabelings: + description: The list of metric relabelings for the `PodMonitor`. + Applied to samples before ingestion. + items: + description: "RelabelConfig allows dynamic rewriting of the + label set for targets, alerts, scraped samples and remote + write samples. \n More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#relabel_config" + properties: + action: + default: replace + description: "Action to perform based on the regex matching. + \n `Uppercase` and `Lowercase` actions require Prometheus + >= v2.36.0. `DropEqual` and `KeepEqual` actions require + Prometheus >= v2.41.0. \n Default: \"Replace\"" + enum: + - replace + - Replace + - keep + - Keep + - drop + - Drop + - hashmod + - HashMod + - labelmap + - LabelMap + - labeldrop + - LabelDrop + - labelkeep + - LabelKeep + - lowercase + - Lowercase + - uppercase + - Uppercase + - keepequal + - KeepEqual + - dropequal + - DropEqual + type: string + modulus: + description: "Modulus to take of the hash of the source + label values. \n Only applicable when the action is `HashMod`." + format: int64 + type: integer + regex: + description: Regular expression against which the extracted + value is matched. + type: string + replacement: + description: "Replacement value against which a Replace + action is performed if the regular expression matches. + \n Regex capture groups are available." + type: string + separator: + description: Separator is the string between concatenated + SourceLabels. + type: string + sourceLabels: + description: The source labels select values from existing + labels. Their content is concatenated using the configured + Separator and matched against the configured regular expression. + items: + description: LabelName is a valid Prometheus label name + which may only contain ASCII letters, numbers, as well + as underscores. + pattern: ^[a-zA-Z_][a-zA-Z0-9_]*$ + type: string + type: array + targetLabel: + description: "Label to which the resulting string is written + in a replacement. \n It is mandatory for `Replace`, `HashMod`, + `Lowercase`, `Uppercase`, `KeepEqual` and `DropEqual` + actions. \n Regex capture groups are available." + type: string + type: object + type: array + podMonitorRelabelings: + description: The list of relabelings for the `PodMonitor`. Applied + to samples before scraping. + items: + description: "RelabelConfig allows dynamic rewriting of the + label set for targets, alerts, scraped samples and remote + write samples. \n More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#relabel_config" + properties: + action: + default: replace + description: "Action to perform based on the regex matching. + \n `Uppercase` and `Lowercase` actions require Prometheus + >= v2.36.0. `DropEqual` and `KeepEqual` actions require + Prometheus >= v2.41.0. \n Default: \"Replace\"" + enum: + - replace + - Replace + - keep + - Keep + - drop + - Drop + - hashmod + - HashMod + - labelmap + - LabelMap + - labeldrop + - LabelDrop + - labelkeep + - LabelKeep + - lowercase + - Lowercase + - uppercase + - Uppercase + - keepequal + - KeepEqual + - dropequal + - DropEqual + type: string + modulus: + description: "Modulus to take of the hash of the source + label values. \n Only applicable when the action is `HashMod`." + format: int64 + type: integer + regex: + description: Regular expression against which the extracted + value is matched. + type: string + replacement: + description: "Replacement value against which a Replace + action is performed if the regular expression matches. + \n Regex capture groups are available." + type: string + separator: + description: Separator is the string between concatenated + SourceLabels. + type: string + sourceLabels: + description: The source labels select values from existing + labels. Their content is concatenated using the configured + Separator and matched against the configured regular expression. + items: + description: LabelName is a valid Prometheus label name + which may only contain ASCII letters, numbers, as well + as underscores. + pattern: ^[a-zA-Z_][a-zA-Z0-9_]*$ + type: string + type: array + targetLabel: + description: "Label to which the resulting string is written + in a replacement. \n It is mandatory for `Replace`, `HashMod`, + `Lowercase`, `Uppercase`, `KeepEqual` and `DropEqual` + actions. \n Regex capture groups are available." + type: string + type: object + type: array + type: object + nodeMaintenanceWindow: + description: Define a maintenance window for the Kubernetes nodes + properties: + inProgress: + default: false + description: Is there a node maintenance activity in progress? + type: boolean + reusePVC: + default: true + description: Reuse the existing PVC (wait for the node to come + up again) or not (recreate it elsewhere - when `instances` >1) + type: boolean + type: object + postgresGID: + default: 26 + description: The GID of the `postgres` user inside the image, defaults + to `26` + format: int64 + type: integer + postgresUID: + default: 26 + description: The UID of the `postgres` user inside the image, defaults + to `26` + format: int64 + type: integer + postgresql: + description: Configuration of the PostgreSQL server + properties: + enableAlterSystem: + description: If this parameter is true, the user will be able + to invoke `ALTER SYSTEM` on this CloudNativePG Cluster. This + should only be used for debugging and troubleshooting. Defaults + to false. + type: boolean + ldap: + description: Options to specify LDAP configuration + properties: + bindAsAuth: + description: Bind as authentication configuration + properties: + prefix: + description: Prefix for the bind authentication option + type: string + suffix: + description: Suffix for the bind authentication option + type: string + type: object + bindSearchAuth: + description: Bind+Search authentication configuration + properties: + baseDN: + description: Root DN to begin the user search + type: string + bindDN: + description: DN of the user to bind to the directory + type: string + bindPassword: + description: Secret with the password for the user to + bind to the directory + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + searchAttribute: + description: Attribute to match against the username + type: string + searchFilter: + description: Search filter to use when doing the search+bind + authentication + type: string + type: object + port: + description: LDAP server port + type: integer + scheme: + description: LDAP schema to be used, possible options are + `ldap` and `ldaps` + enum: + - ldap + - ldaps + type: string + server: + description: LDAP hostname or IP address + type: string + tls: + description: Set to 'true' to enable LDAP over TLS. 'false' + is default + type: boolean + type: object + parameters: + additionalProperties: + type: string + description: PostgreSQL configuration options (postgresql.conf) + type: object + pg_hba: + description: PostgreSQL Host Based Authentication rules (lines + to be appended to the pg_hba.conf file) + items: + type: string + type: array + pg_ident: + description: PostgreSQL User Name Maps rules (lines to be appended + to the pg_ident.conf file) + items: + type: string + type: array + promotionTimeout: + description: Specifies the maximum number of seconds to wait when + promoting an instance to primary. Default value is 40000000, + greater than one year in seconds, big enough to simulate an + infinite timeout + format: int32 + type: integer + shared_preload_libraries: + description: Lists of shared preload libraries to add to the default + ones + items: + type: string + type: array + syncReplicaElectionConstraint: + description: Requirements to be met by sync replicas. This will + affect how the "synchronous_standby_names" parameter will be + set up. + properties: + enabled: + description: This flag enables the constraints for sync replicas + type: boolean + nodeLabelsAntiAffinity: + description: A list of node labels values to extract and compare + to evaluate if the pods reside in the same topology or not + items: + type: string + type: array + required: + - enabled + type: object + type: object + primaryUpdateMethod: + default: restart + description: 'Method to follow to upgrade the primary server during + a rolling update procedure, after all replicas have been successfully + updated: it can be with a switchover (`switchover`) or in-place + (`restart` - default)' + enum: + - switchover + - restart + type: string + primaryUpdateStrategy: + default: unsupervised + description: 'Deployment strategy to follow to upgrade the primary + server during a rolling update procedure, after all replicas have + been successfully updated: it can be automated (`unsupervised` - + default) or manual (`supervised`)' + enum: + - unsupervised + - supervised + type: string + priorityClassName: + description: Name of the priority class which will be used in every + generated Pod, if the PriorityClass specified does not exist, the + pod will not be able to schedule. Please refer to https://kubernetes.io/docs/concepts/scheduling-eviction/pod-priority-preemption/#priorityclass + for more information + type: string + projectedVolumeTemplate: + description: Template to be used to define projected volumes, projected + volumes will be mounted under `/projected` base folder + properties: + defaultMode: + description: defaultMode are the mode bits used to set permissions + on created files by default. Must be an octal value between + 0000 and 0777 or a decimal value between 0 and 511. YAML accepts + both octal and decimal values, JSON requires decimal values + for mode bits. Directories within the path are not affected + by this setting. This might be in conflict with other options + that affect the file mode, like fsGroup, and the result can + be other mode bits set. + format: int32 + type: integer + sources: + description: sources is the list of volume projections + items: + description: Projection that may be projected along with other + supported volume types + properties: + configMap: + description: configMap information about the configMap data + to project + properties: + items: + description: items if unspecified, each key-value pair + in the Data field of the referenced ConfigMap will + be projected into the volume as a file whose name + is the key and content is the value. If specified, + the listed keys will be projected into the specified + paths, and unlisted keys will not be present. If a + key is specified which is not present in the ConfigMap, + the volume setup will error unless it is marked optional. + Paths must be relative and may not contain the '..' + path or start with '..'. + items: + description: Maps a string key to a path within a + volume. + properties: + key: + description: key is the key to project. + type: string + mode: + description: 'mode is Optional: mode bits used + to set permissions on this file. Must be an + octal value between 0000 and 0777 or a decimal + value between 0 and 511. YAML accepts both octal + and decimal values, JSON requires decimal values + for mode bits. If not specified, the volume + defaultMode will be used. This might be in conflict + with other options that affect the file mode, + like fsGroup, and the result can be other mode + bits set.' + format: int32 + type: integer + path: + description: path is the relative path of the + file to map the key to. May not be an absolute + path. May not contain the path element '..'. + May not start with the string '..'. + type: string + required: + - key + - path + type: object + type: array + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + optional: + description: optional specify whether the ConfigMap + or its keys must be defined + type: boolean + type: object + x-kubernetes-map-type: atomic + downwardAPI: + description: downwardAPI information about the downwardAPI + data to project + properties: + items: + description: Items is a list of DownwardAPIVolume file + items: + description: DownwardAPIVolumeFile represents information + to create the file containing the pod field + properties: + fieldRef: + description: 'Required: Selects a field of the + pod: only annotations, labels, name and namespace + are supported.' + properties: + apiVersion: + description: Version of the schema the FieldPath + is written in terms of, defaults to "v1". + type: string + fieldPath: + description: Path of the field to select in + the specified API version. + type: string + required: + - fieldPath + type: object + x-kubernetes-map-type: atomic + mode: + description: 'Optional: mode bits used to set + permissions on this file, must be an octal value + between 0000 and 0777 or a decimal value between + 0 and 511. YAML accepts both octal and decimal + values, JSON requires decimal values for mode + bits. If not specified, the volume defaultMode + will be used. This might be in conflict with + other options that affect the file mode, like + fsGroup, and the result can be other mode bits + set.' + format: int32 + type: integer + path: + description: 'Required: Path is the relative + path name of the file to be created. Must not + be absolute or contain the ''..'' path. Must + be utf-8 encoded. The first item of the relative + path must not start with ''..''' + type: string + resourceFieldRef: + description: 'Selects a resource of the container: + only resources limits and requests (limits.cpu, + limits.memory, requests.cpu and requests.memory) + are currently supported.' + properties: + containerName: + description: 'Container name: required for + volumes, optional for env vars' + type: string + divisor: + anyOf: + - type: integer + - type: string + description: Specifies the output format of + the exposed resources, defaults to "1" + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + description: 'Required: resource to select' + type: string + required: + - resource + type: object + x-kubernetes-map-type: atomic + required: + - path + type: object + type: array + type: object + secret: + description: secret information about the secret data to + project + properties: + items: + description: items if unspecified, each key-value pair + in the Data field of the referenced Secret will be + projected into the volume as a file whose name is + the key and content is the value. If specified, the + listed keys will be projected into the specified paths, + and unlisted keys will not be present. If a key is + specified which is not present in the Secret, the + volume setup will error unless it is marked optional. + Paths must be relative and may not contain the '..' + path or start with '..'. + items: + description: Maps a string key to a path within a + volume. + properties: + key: + description: key is the key to project. + type: string + mode: + description: 'mode is Optional: mode bits used + to set permissions on this file. Must be an + octal value between 0000 and 0777 or a decimal + value between 0 and 511. YAML accepts both octal + and decimal values, JSON requires decimal values + for mode bits. If not specified, the volume + defaultMode will be used. This might be in conflict + with other options that affect the file mode, + like fsGroup, and the result can be other mode + bits set.' + format: int32 + type: integer + path: + description: path is the relative path of the + file to map the key to. May not be an absolute + path. May not contain the path element '..'. + May not start with the string '..'. + type: string + required: + - key + - path + type: object + type: array + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + optional: + description: optional field specify whether the Secret + or its key must be defined + type: boolean + type: object + x-kubernetes-map-type: atomic + serviceAccountToken: + description: serviceAccountToken is information about the + serviceAccountToken data to project + properties: + audience: + description: audience is the intended audience of the + token. A recipient of a token must identify itself + with an identifier specified in the audience of the + token, and otherwise should reject the token. The + audience defaults to the identifier of the apiserver. + type: string + expirationSeconds: + description: expirationSeconds is the requested duration + of validity of the service account token. As the token + approaches expiration, the kubelet volume plugin will + proactively rotate the service account token. The + kubelet will start trying to rotate the token if the + token is older than 80 percent of its time to live + or if the token is older than 24 hours.Defaults to + 1 hour and must be at least 10 minutes. + format: int64 + type: integer + path: + description: path is the path relative to the mount + point of the file to project the token into. + type: string + required: + - path + type: object + type: object + type: array + type: object + replica: + description: Replica cluster configuration + properties: + enabled: + description: If replica mode is enabled, this cluster will be + a replica of an existing cluster. Replica cluster can be created + from a recovery object store or via streaming through pg_basebackup. + Refer to the Replica clusters page of the documentation for + more information. + type: boolean + source: + description: The name of the external cluster which is the replication + origin + minLength: 1 + type: string + required: + - enabled + - source + type: object + replicationSlots: + default: + highAvailability: + enabled: true + description: Replication slots management configuration + properties: + highAvailability: + default: + enabled: true + description: Replication slots for high availability configuration + properties: + enabled: + default: true + description: If enabled (default), the operator will automatically + manage replication slots on the primary instance and use + them in streaming replication connections with all the standby + instances that are part of the HA cluster. If disabled, + the operator will not take advantage of replication slots + in streaming connections with the replicas. This feature + also controls replication slots in replica cluster, from + the designated primary to its cascading replicas. + type: boolean + slotPrefix: + default: _cnpg_ + description: Prefix for replication slots managed by the operator + for HA. It may only contain lower case letters, numbers, + and the underscore character. This can only be set at creation + time. By default set to `_cnpg_`. + pattern: ^[0-9a-z_]*$ + type: string + type: object + updateInterval: + default: 30 + description: Standby will update the status of the local replication + slots every `updateInterval` seconds (default 30). + minimum: 1 + type: integer + type: object + resources: + description: Resources requirements of every generated Pod. Please + refer to https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + for more information. + properties: + claims: + description: "Claims lists the names of resources, defined in + spec.resourceClaims, that are used by this container. \n This + is an alpha field and requires enabling the DynamicResourceAllocation + feature gate. \n This field is immutable. It can only be set + for containers." + items: + description: ResourceClaim references one entry in PodSpec.ResourceClaims. + properties: + name: + description: Name must match the name of one entry in pod.spec.resourceClaims + of the Pod where this field is used. It makes that resource + available inside a container. + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum amount of compute resources + allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum amount of compute + resources required. If Requests is omitted for a container, + it defaults to Limits if that is explicitly specified, otherwise + to an implementation-defined value. Requests cannot exceed Limits. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + type: object + schedulerName: + description: 'If specified, the pod will be dispatched by specified + Kubernetes scheduler. If not specified, the pod will be dispatched + by the default scheduler. More info: https://kubernetes.io/docs/concepts/scheduling-eviction/kube-scheduler/' + type: string + seccompProfile: + description: 'The SeccompProfile applied to every Pod and Container. + Defaults to: `RuntimeDefault`' + properties: + localhostProfile: + description: localhostProfile indicates a profile defined in a + file on the node should be used. The profile must be preconfigured + on the node to work. Must be a descending path, relative to + the kubelet's configured seccomp profile location. Must be set + if type is "Localhost". Must NOT be set for any other type. + type: string + type: + description: "type indicates which kind of seccomp profile will + be applied. Valid options are: \n Localhost - a profile defined + in a file on the node should be used. RuntimeDefault - the container + runtime default profile should be used. Unconfined - no profile + should be applied." + type: string + required: + - type + type: object + serviceAccountTemplate: + description: Configure the generation of the service account + properties: + metadata: + description: Metadata are the metadata to be used for the generated + service account + properties: + annotations: + additionalProperties: + type: string + description: 'Annotations is an unstructured key value map + stored with a resource that may be set by external tools + to store and retrieve arbitrary metadata. They are not queryable + and should be preserved when modifying objects. More info: + http://kubernetes.io/docs/user-guide/annotations' + type: object + labels: + additionalProperties: + type: string + description: 'Map of string keys and values that can be used + to organize and categorize (scope and select) objects. May + match selectors of replication controllers and services. + More info: http://kubernetes.io/docs/user-guide/labels' + type: object + type: object + required: + - metadata + type: object + smartShutdownTimeout: + default: 180 + description: 'The time in seconds that controls the window of time + reserved for the smart shutdown of Postgres to complete. Make sure + you reserve enough time for the operator to request a fast shutdown + of Postgres (that is: `stopDelay` - `smartShutdownTimeout`).' + format: int32 + type: integer + startDelay: + default: 3600 + description: 'The time in seconds that is allowed for a PostgreSQL + instance to successfully start up (default 3600). The startup probe + failure threshold is derived from this value using the formula: + ceiling(startDelay / 10).' + format: int32 + type: integer + stopDelay: + default: 1800 + description: The time in seconds that is allowed for a PostgreSQL + instance to gracefully shutdown (default 1800) + format: int32 + type: integer + storage: + description: Configuration of the storage of the instances + properties: + pvcTemplate: + description: Template to be used to generate the Persistent Volume + Claim + properties: + accessModes: + description: 'accessModes contains the desired access modes + the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1' + items: + type: string + type: array + dataSource: + description: 'dataSource field can be used to specify either: + * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) + * An existing PVC (PersistentVolumeClaim) If the provisioner + or an external controller can support the specified data + source, it will create a new volume based on the contents + of the specified data source. When the AnyVolumeDataSource + feature gate is enabled, dataSource contents will be copied + to dataSourceRef, and dataSourceRef contents will be copied + to dataSource when dataSourceRef.namespace is not specified. + If the namespace is specified, then dataSourceRef will not + be copied to dataSource.' + properties: + apiGroup: + description: APIGroup is the group for the resource being + referenced. If APIGroup is not specified, the specified + Kind must be in the core API group. For any other third-party + types, APIGroup is required. + type: string + kind: + description: Kind is the type of resource being referenced + type: string + name: + description: Name is the name of resource being referenced + type: string + required: + - kind + - name + type: object + x-kubernetes-map-type: atomic + dataSourceRef: + description: 'dataSourceRef specifies the object from which + to populate the volume with data, if a non-empty volume + is desired. This may be any object from a non-empty API + group (non core object) or a PersistentVolumeClaim object. + When this field is specified, volume binding will only succeed + if the type of the specified object matches some installed + volume populator or dynamic provisioner. This field will + replace the functionality of the dataSource field and as + such if both fields are non-empty, they must have the same + value. For backwards compatibility, when namespace isn''t + specified in dataSourceRef, both fields (dataSource and + dataSourceRef) will be set to the same value automatically + if one of them is empty and the other is non-empty. When + namespace is specified in dataSourceRef, dataSource isn''t + set to the same value and must be empty. There are three + important differences between dataSource and dataSourceRef: + * While dataSource only allows two specific types of objects, + dataSourceRef allows any non-core object, as well as PersistentVolumeClaim + objects. * While dataSource ignores disallowed values (dropping + them), dataSourceRef preserves all values, and generates + an error if a disallowed value is specified. * While dataSource + only allows local objects, dataSourceRef allows objects + in any namespaces. (Beta) Using this field requires the + AnyVolumeDataSource feature gate to be enabled. (Alpha) + Using the namespace field of dataSourceRef requires the + CrossNamespaceVolumeDataSource feature gate to be enabled.' + properties: + apiGroup: + description: APIGroup is the group for the resource being + referenced. If APIGroup is not specified, the specified + Kind must be in the core API group. For any other third-party + types, APIGroup is required. + type: string + kind: + description: Kind is the type of resource being referenced + type: string + name: + description: Name is the name of resource being referenced + type: string + namespace: + description: Namespace is the namespace of resource being + referenced Note that when a namespace is specified, + a gateway.networking.k8s.io/ReferenceGrant object is + required in the referent namespace to allow that namespace's + owner to accept the reference. See the ReferenceGrant + documentation for details. (Alpha) This field requires + the CrossNamespaceVolumeDataSource feature gate to be + enabled. + type: string + required: + - kind + - name + type: object + resources: + description: 'resources represents the minimum resources the + volume should have. If RecoverVolumeExpansionFailure feature + is enabled users are allowed to specify resource requirements + that are lower than previous value but must still be higher + than capacity recorded in the status field of the claim. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources' + properties: + claims: + description: "Claims lists the names of resources, defined + in spec.resourceClaims, that are used by this container. + \n This is an alpha field and requires enabling the + DynamicResourceAllocation feature gate. \n This field + is immutable. It can only be set for containers." + items: + description: ResourceClaim references one entry in PodSpec.ResourceClaims. + properties: + name: + description: Name must match the name of one entry + in pod.spec.resourceClaims of the Pod where this + field is used. It makes that resource available + inside a container. + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum amount of compute + resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum amount of + compute resources required. If Requests is omitted for + a container, it defaults to Limits if that is explicitly + specified, otherwise to an implementation-defined value. + Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + type: object + selector: + description: selector is a label query over volumes to consider + for binding. + properties: + matchExpressions: + description: matchExpressions is a list of label selector + requirements. The requirements are ANDed. + items: + description: A label selector requirement is a selector + that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector + applies to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are In, NotIn, + Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. + If the operator is In or NotIn, the values array + must be non-empty. If the operator is Exists or + DoesNotExist, the values array must be empty. + This array is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} pairs. + A single {key,value} in the matchLabels map is equivalent + to an element of matchExpressions, whose key field is + "key", the operator is "In", and the values array contains + only "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + storageClassName: + description: 'storageClassName is the name of the StorageClass + required by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1' + type: string + volumeMode: + description: volumeMode defines what type of volume is required + by the claim. Value of Filesystem is implied when not included + in claim spec. + type: string + volumeName: + description: volumeName is the binding reference to the PersistentVolume + backing this claim. + type: string + type: object + resizeInUseVolumes: + default: true + description: Resize existent PVCs, defaults to true + type: boolean + size: + description: Size of the storage. Required if not already specified + in the PVC template. Changes to this field are automatically + reapplied to the created PVCs. Size cannot be decreased. + type: string + storageClass: + description: StorageClass to use for PVCs. Applied after evaluating + the PVC template, if available. If not specified, the generated + PVCs will use the default storage class + type: string + type: object + superuserSecret: + description: The secret containing the superuser password. If not + defined a new secret will be created with a randomly generated password + properties: + name: + description: Name of the referent. + type: string + required: + - name + type: object + switchoverDelay: + default: 3600 + description: The time in seconds that is allowed for a primary PostgreSQL + instance to gracefully shutdown during a switchover. Default value + is 3600 seconds (1 hour). + format: int32 + type: integer + tablespaces: + description: The tablespaces configuration + items: + description: TablespaceConfiguration is the configuration of a tablespace, + and includes the storage specification for the tablespace + properties: + name: + description: The name of the tablespace + type: string + owner: + description: Owner is the PostgreSQL user owning the tablespace + properties: + name: + type: string + type: object + storage: + description: The storage configuration for the tablespace + properties: + pvcTemplate: + description: Template to be used to generate the Persistent + Volume Claim + properties: + accessModes: + description: 'accessModes contains the desired access + modes the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1' + items: + type: string + type: array + dataSource: + description: 'dataSource field can be used to specify + either: * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) + * An existing PVC (PersistentVolumeClaim) If the provisioner + or an external controller can support the specified + data source, it will create a new volume based on + the contents of the specified data source. When the + AnyVolumeDataSource feature gate is enabled, dataSource + contents will be copied to dataSourceRef, and dataSourceRef + contents will be copied to dataSource when dataSourceRef.namespace + is not specified. If the namespace is specified, then + dataSourceRef will not be copied to dataSource.' + properties: + apiGroup: + description: APIGroup is the group for the resource + being referenced. If APIGroup is not specified, + the specified Kind must be in the core API group. + For any other third-party types, APIGroup is required. + type: string + kind: + description: Kind is the type of resource being + referenced + type: string + name: + description: Name is the name of resource being + referenced + type: string + required: + - kind + - name + type: object + x-kubernetes-map-type: atomic + dataSourceRef: + description: 'dataSourceRef specifies the object from + which to populate the volume with data, if a non-empty + volume is desired. This may be any object from a non-empty + API group (non core object) or a PersistentVolumeClaim + object. When this field is specified, volume binding + will only succeed if the type of the specified object + matches some installed volume populator or dynamic + provisioner. This field will replace the functionality + of the dataSource field and as such if both fields + are non-empty, they must have the same value. For + backwards compatibility, when namespace isn''t specified + in dataSourceRef, both fields (dataSource and dataSourceRef) + will be set to the same value automatically if one + of them is empty and the other is non-empty. When + namespace is specified in dataSourceRef, dataSource + isn''t set to the same value and must be empty. There + are three important differences between dataSource + and dataSourceRef: * While dataSource only allows + two specific types of objects, dataSourceRef allows + any non-core object, as well as PersistentVolumeClaim + objects. * While dataSource ignores disallowed values + (dropping them), dataSourceRef preserves all values, + and generates an error if a disallowed value is specified. + * While dataSource only allows local objects, dataSourceRef + allows objects in any namespaces. (Beta) Using this + field requires the AnyVolumeDataSource feature gate + to be enabled. (Alpha) Using the namespace field of + dataSourceRef requires the CrossNamespaceVolumeDataSource + feature gate to be enabled.' + properties: + apiGroup: + description: APIGroup is the group for the resource + being referenced. If APIGroup is not specified, + the specified Kind must be in the core API group. + For any other third-party types, APIGroup is required. + type: string + kind: + description: Kind is the type of resource being + referenced + type: string + name: + description: Name is the name of resource being + referenced + type: string + namespace: + description: Namespace is the namespace of resource + being referenced Note that when a namespace is + specified, a gateway.networking.k8s.io/ReferenceGrant + object is required in the referent namespace to + allow that namespace's owner to accept the reference. + See the ReferenceGrant documentation for details. + (Alpha) This field requires the CrossNamespaceVolumeDataSource + feature gate to be enabled. + type: string + required: + - kind + - name + type: object + resources: + description: 'resources represents the minimum resources + the volume should have. If RecoverVolumeExpansionFailure + feature is enabled users are allowed to specify resource + requirements that are lower than previous value but + must still be higher than capacity recorded in the + status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources' + properties: + claims: + description: "Claims lists the names of resources, + defined in spec.resourceClaims, that are used + by this container. \n This is an alpha field and + requires enabling the DynamicResourceAllocation + feature gate. \n This field is immutable. It can + only be set for containers." + items: + description: ResourceClaim references one entry + in PodSpec.ResourceClaims. + properties: + name: + description: Name must match the name of one + entry in pod.spec.resourceClaims of the + Pod where this field is used. It makes that + resource available inside a container. + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum amount + of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum amount + of compute resources required. If Requests is + omitted for a container, it defaults to Limits + if that is explicitly specified, otherwise to + an implementation-defined value. Requests cannot + exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + type: object + selector: + description: selector is a label query over volumes + to consider for binding. + properties: + matchExpressions: + description: matchExpressions is a list of label + selector requirements. The requirements are ANDed. + items: + description: A label selector requirement is a + selector that contains values, a key, and an + operator that relates the key and values. + properties: + key: + description: key is the label key that the + selector applies to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are + In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. If the + operator is Exists or DoesNotExist, the + values array must be empty. This array is + replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is "In", + and the values array contains only "value". The + requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + storageClassName: + description: 'storageClassName is the name of the StorageClass + required by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1' + type: string + volumeMode: + description: volumeMode defines what type of volume + is required by the claim. Value of Filesystem is implied + when not included in claim spec. + type: string + volumeName: + description: volumeName is the binding reference to + the PersistentVolume backing this claim. + type: string + type: object + resizeInUseVolumes: + default: true + description: Resize existent PVCs, defaults to true + type: boolean + size: + description: Size of the storage. Required if not already + specified in the PVC template. Changes to this field are + automatically reapplied to the created PVCs. Size cannot + be decreased. + type: string + storageClass: + description: StorageClass to use for PVCs. Applied after + evaluating the PVC template, if available. If not specified, + the generated PVCs will use the default storage class + type: string + type: object + temporary: + default: false + description: When set to true, the tablespace will be added + as a `temp_tablespaces` entry in PostgreSQL, and will be available + to automatically house temp database objects, or other temporary + files. Please refer to PostgreSQL documentation for more information + on the `temp_tablespaces` GUC. + type: boolean + required: + - name + - storage + type: object + type: array + topologySpreadConstraints: + description: 'TopologySpreadConstraints specifies how to spread matching + pods among the given topology. More info: https://kubernetes.io/docs/concepts/scheduling-eviction/topology-spread-constraints/' + items: + description: TopologySpreadConstraint specifies how to spread matching + pods among the given topology. + properties: + labelSelector: + description: LabelSelector is used to find matching pods. Pods + that match this label selector are counted to determine the + number of pods in their corresponding topology domain. + properties: + matchExpressions: + description: matchExpressions is a list of label selector + requirements. The requirements are ANDed. + items: + description: A label selector requirement is a selector + that contains values, a key, and an operator that relates + the key and values. + properties: + key: + description: key is the label key that the selector + applies to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are In, NotIn, + Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. + If the operator is In or NotIn, the values array + must be non-empty. If the operator is Exists or + DoesNotExist, the values array must be empty. This + array is replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} pairs. + A single {key,value} in the matchLabels map is equivalent + to an element of matchExpressions, whose key field is + "key", the operator is "In", and the values array contains + only "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + matchLabelKeys: + description: "MatchLabelKeys is a set of pod label keys to select + the pods over which spreading will be calculated. The keys + are used to lookup values from the incoming pod labels, those + key-value labels are ANDed with labelSelector to select the + group of existing pods over which spreading will be calculated + for the incoming pod. The same key is forbidden to exist in + both MatchLabelKeys and LabelSelector. MatchLabelKeys cannot + be set when LabelSelector isn't set. Keys that don't exist + in the incoming pod labels will be ignored. A null or empty + list means only match against labelSelector. \n This is a + beta field and requires the MatchLabelKeysInPodTopologySpread + feature gate to be enabled (enabled by default)." + items: + type: string + type: array + x-kubernetes-list-type: atomic + maxSkew: + description: 'MaxSkew describes the degree to which pods may + be unevenly distributed. When `whenUnsatisfiable=DoNotSchedule`, + it is the maximum permitted difference between the number + of matching pods in the target topology and the global minimum. + The global minimum is the minimum number of matching pods + in an eligible domain or zero if the number of eligible domains + is less than MinDomains. For example, in a 3-zone cluster, + MaxSkew is set to 1, and pods with the same labelSelector + spread as 2/2/1: In this case, the global minimum is 1. | + zone1 | zone2 | zone3 | | P P | P P | P | - if MaxSkew + is 1, incoming pod can only be scheduled to zone3 to become + 2/2/2; scheduling it onto zone1(zone2) would make the ActualSkew(3-1) + on zone1(zone2) violate MaxSkew(1). - if MaxSkew is 2, incoming + pod can be scheduled onto any zone. When `whenUnsatisfiable=ScheduleAnyway`, + it is used to give higher precedence to topologies that satisfy + it. It''s a required field. Default value is 1 and 0 is not + allowed.' + format: int32 + type: integer + minDomains: + description: "MinDomains indicates a minimum number of eligible + domains. When the number of eligible domains with matching + topology keys is less than minDomains, Pod Topology Spread + treats \"global minimum\" as 0, and then the calculation of + Skew is performed. And when the number of eligible domains + with matching topology keys equals or greater than minDomains, + this value has no effect on scheduling. As a result, when + the number of eligible domains is less than minDomains, scheduler + won't schedule more than maxSkew Pods to those domains. If + value is nil, the constraint behaves as if MinDomains is equal + to 1. Valid values are integers greater than 0. When value + is not nil, WhenUnsatisfiable must be DoNotSchedule. \n For + example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains + is set to 5 and pods with the same labelSelector spread as + 2/2/2: | zone1 | zone2 | zone3 | | P P | P P | P P | + The number of domains is less than 5(MinDomains), so \"global + minimum\" is treated as 0. In this situation, new pod with + the same labelSelector cannot be scheduled, because computed + skew will be 3(3 - 0) if new Pod is scheduled to any of the + three zones, it will violate MaxSkew. \n This is a beta field + and requires the MinDomainsInPodTopologySpread feature gate + to be enabled (enabled by default)." + format: int32 + type: integer + nodeAffinityPolicy: + description: "NodeAffinityPolicy indicates how we will treat + Pod's nodeAffinity/nodeSelector when calculating pod topology + spread skew. Options are: - Honor: only nodes matching nodeAffinity/nodeSelector + are included in the calculations. - Ignore: nodeAffinity/nodeSelector + are ignored. All nodes are included in the calculations. \n + If this value is nil, the behavior is equivalent to the Honor + policy. This is a beta-level feature default enabled by the + NodeInclusionPolicyInPodTopologySpread feature flag." + type: string + nodeTaintsPolicy: + description: "NodeTaintsPolicy indicates how we will treat node + taints when calculating pod topology spread skew. Options + are: - Honor: nodes without taints, along with tainted nodes + for which the incoming pod has a toleration, are included. + - Ignore: node taints are ignored. All nodes are included. + \n If this value is nil, the behavior is equivalent to the + Ignore policy. This is a beta-level feature default enabled + by the NodeInclusionPolicyInPodTopologySpread feature flag." + type: string + topologyKey: + description: TopologyKey is the key of node labels. Nodes that + have a label with this key and identical values are considered + to be in the same topology. We consider each + as a "bucket", and try to put balanced number of pods into + each bucket. We define a domain as a particular instance of + a topology. Also, we define an eligible domain as a domain + whose nodes meet the requirements of nodeAffinityPolicy and + nodeTaintsPolicy. e.g. If TopologyKey is "kubernetes.io/hostname", + each Node is a domain of that topology. And, if TopologyKey + is "topology.kubernetes.io/zone", each zone is a domain of + that topology. It's a required field. + type: string + whenUnsatisfiable: + description: 'WhenUnsatisfiable indicates how to deal with a + pod if it doesn''t satisfy the spread constraint. - DoNotSchedule + (default) tells the scheduler not to schedule it. - ScheduleAnyway + tells the scheduler to schedule the pod in any location, but + giving higher precedence to topologies that would help reduce + the skew. A constraint is considered "Unsatisfiable" for an + incoming pod if and only if every possible node assignment + for that pod would violate "MaxSkew" on some topology. For + example, in a 3-zone cluster, MaxSkew is set to 1, and pods + with the same labelSelector spread as 3/1/1: | zone1 | zone2 + | zone3 | | P P P | P | P | If WhenUnsatisfiable is + set to DoNotSchedule, incoming pod can only be scheduled to + zone2(zone3) to become 3/2/1(3/1/2) as ActualSkew(2-1) on + zone2(zone3) satisfies MaxSkew(1). In other words, the cluster + can still be imbalanced, but scheduler won''t make it *more* + imbalanced. It''s a required field.' + type: string + required: + - maxSkew + - topologyKey + - whenUnsatisfiable + type: object + type: array + walStorage: + description: Configuration of the storage for PostgreSQL WAL (Write-Ahead + Log) + properties: + pvcTemplate: + description: Template to be used to generate the Persistent Volume + Claim + properties: + accessModes: + description: 'accessModes contains the desired access modes + the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1' + items: + type: string + type: array + dataSource: + description: 'dataSource field can be used to specify either: + * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) + * An existing PVC (PersistentVolumeClaim) If the provisioner + or an external controller can support the specified data + source, it will create a new volume based on the contents + of the specified data source. When the AnyVolumeDataSource + feature gate is enabled, dataSource contents will be copied + to dataSourceRef, and dataSourceRef contents will be copied + to dataSource when dataSourceRef.namespace is not specified. + If the namespace is specified, then dataSourceRef will not + be copied to dataSource.' + properties: + apiGroup: + description: APIGroup is the group for the resource being + referenced. If APIGroup is not specified, the specified + Kind must be in the core API group. For any other third-party + types, APIGroup is required. + type: string + kind: + description: Kind is the type of resource being referenced + type: string + name: + description: Name is the name of resource being referenced + type: string + required: + - kind + - name + type: object + x-kubernetes-map-type: atomic + dataSourceRef: + description: 'dataSourceRef specifies the object from which + to populate the volume with data, if a non-empty volume + is desired. This may be any object from a non-empty API + group (non core object) or a PersistentVolumeClaim object. + When this field is specified, volume binding will only succeed + if the type of the specified object matches some installed + volume populator or dynamic provisioner. This field will + replace the functionality of the dataSource field and as + such if both fields are non-empty, they must have the same + value. For backwards compatibility, when namespace isn''t + specified in dataSourceRef, both fields (dataSource and + dataSourceRef) will be set to the same value automatically + if one of them is empty and the other is non-empty. When + namespace is specified in dataSourceRef, dataSource isn''t + set to the same value and must be empty. There are three + important differences between dataSource and dataSourceRef: + * While dataSource only allows two specific types of objects, + dataSourceRef allows any non-core object, as well as PersistentVolumeClaim + objects. * While dataSource ignores disallowed values (dropping + them), dataSourceRef preserves all values, and generates + an error if a disallowed value is specified. * While dataSource + only allows local objects, dataSourceRef allows objects + in any namespaces. (Beta) Using this field requires the + AnyVolumeDataSource feature gate to be enabled. (Alpha) + Using the namespace field of dataSourceRef requires the + CrossNamespaceVolumeDataSource feature gate to be enabled.' + properties: + apiGroup: + description: APIGroup is the group for the resource being + referenced. If APIGroup is not specified, the specified + Kind must be in the core API group. For any other third-party + types, APIGroup is required. + type: string + kind: + description: Kind is the type of resource being referenced + type: string + name: + description: Name is the name of resource being referenced + type: string + namespace: + description: Namespace is the namespace of resource being + referenced Note that when a namespace is specified, + a gateway.networking.k8s.io/ReferenceGrant object is + required in the referent namespace to allow that namespace's + owner to accept the reference. See the ReferenceGrant + documentation for details. (Alpha) This field requires + the CrossNamespaceVolumeDataSource feature gate to be + enabled. + type: string + required: + - kind + - name + type: object + resources: + description: 'resources represents the minimum resources the + volume should have. If RecoverVolumeExpansionFailure feature + is enabled users are allowed to specify resource requirements + that are lower than previous value but must still be higher + than capacity recorded in the status field of the claim. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources' + properties: + claims: + description: "Claims lists the names of resources, defined + in spec.resourceClaims, that are used by this container. + \n This is an alpha field and requires enabling the + DynamicResourceAllocation feature gate. \n This field + is immutable. It can only be set for containers." + items: + description: ResourceClaim references one entry in PodSpec.ResourceClaims. + properties: + name: + description: Name must match the name of one entry + in pod.spec.resourceClaims of the Pod where this + field is used. It makes that resource available + inside a container. + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum amount of compute + resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum amount of + compute resources required. If Requests is omitted for + a container, it defaults to Limits if that is explicitly + specified, otherwise to an implementation-defined value. + Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + type: object + selector: + description: selector is a label query over volumes to consider + for binding. + properties: + matchExpressions: + description: matchExpressions is a list of label selector + requirements. The requirements are ANDed. + items: + description: A label selector requirement is a selector + that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector + applies to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are In, NotIn, + Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. + If the operator is In or NotIn, the values array + must be non-empty. If the operator is Exists or + DoesNotExist, the values array must be empty. + This array is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} pairs. + A single {key,value} in the matchLabels map is equivalent + to an element of matchExpressions, whose key field is + "key", the operator is "In", and the values array contains + only "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + storageClassName: + description: 'storageClassName is the name of the StorageClass + required by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1' + type: string + volumeMode: + description: volumeMode defines what type of volume is required + by the claim. Value of Filesystem is implied when not included + in claim spec. + type: string + volumeName: + description: volumeName is the binding reference to the PersistentVolume + backing this claim. + type: string + type: object + resizeInUseVolumes: + default: true + description: Resize existent PVCs, defaults to true + type: boolean + size: + description: Size of the storage. Required if not already specified + in the PVC template. Changes to this field are automatically + reapplied to the created PVCs. Size cannot be decreased. + type: string + storageClass: + description: StorageClass to use for PVCs. Applied after evaluating + the PVC template, if available. If not specified, the generated + PVCs will use the default storage class + type: string + type: object + required: + - instances + type: object + status: + description: 'Most recently observed status of the cluster. This data + may not be up to date. Populated by the system. Read-only. More info: + https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status' + properties: + azurePVCUpdateEnabled: + description: AzurePVCUpdateEnabled shows if the PVC online upgrade + is enabled for this cluster + type: boolean + certificates: + description: The configuration for the CA and related certificates, + initialized with defaults. + properties: + clientCASecret: + description: 'The secret containing the Client CA certificate. + If not defined, a new secret will be created with a self-signed + CA and will be used to generate all the client certificates.

Contains:

- `ca.crt`: CA that should + be used to validate the client certificates, used as `ssl_ca_file` + of all the instances.
- `ca.key`: key used to generate + client certificates, if ReplicationTLSSecret is provided, this + can be omitted.
' + type: string + expirations: + additionalProperties: + type: string + description: Expiration dates for all certificates. + type: object + replicationTLSSecret: + description: The secret of type kubernetes.io/tls containing the + client certificate to authenticate as the `streaming_replica` + user. If not defined, ClientCASecret must provide also `ca.key`, + and a new secret will be created using the provided CA. + type: string + serverAltDNSNames: + description: The list of the server alternative DNS names to be + added to the generated server TLS certificates, when required. + items: + type: string + type: array + serverCASecret: + description: 'The secret containing the Server CA certificate. + If not defined, a new secret will be created with a self-signed + CA and will be used to generate the TLS certificate ServerTLSSecret.

Contains:

- `ca.crt`: CA that should + be used to validate the server certificate, used as `sslrootcert` + in client connection strings.
- `ca.key`: key used to + generate Server SSL certs, if ServerTLSSecret is provided, this + can be omitted.
' + type: string + serverTLSSecret: + description: The secret of type kubernetes.io/tls containing the + server TLS certificate and key that will be set as `ssl_cert_file` + and `ssl_key_file` so that clients can connect to postgres securely. + If not defined, ServerCASecret must provide also `ca.key` and + a new secret will be created using the provided CA. + type: string + type: object + cloudNativePGCommitHash: + description: The commit hash number of which this operator running + type: string + cloudNativePGOperatorHash: + description: The hash of the binary of the operator + type: string + conditions: + description: Conditions for cluster object + items: + description: "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + \n type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + properties: + lastTransitionTime: + description: lastTransitionTime is the last time the condition + transitioned from one status to another. This should be when + the underlying condition changed. If that is not known, then + using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: message is a human readable message indicating + details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: observedGeneration represents the .metadata.generation + that the condition was set based upon. For instance, if .metadata.generation + is currently 12, but the .status.conditions[x].observedGeneration + is 9, the condition is out of date with respect to the current + state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: reason contains a programmatic identifier indicating + the reason for the condition's last transition. Producers + of specific condition types may define expected values and + meanings for this field, and whether the values are considered + a guaranteed API. The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: type of condition in CamelCase or in foo.example.com/CamelCase. + --- Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + configMapResourceVersion: + description: The list of resource versions of the configmaps, managed + by the operator. Every change here is done in the interest of the + instance manager, which will refresh the configmap data + properties: + metrics: + additionalProperties: + type: string + description: A map with the versions of all the config maps used + to pass metrics. Map keys are the config map names, map values + are the versions + type: object + type: object + currentPrimary: + description: Current primary instance + type: string + currentPrimaryFailingSinceTimestamp: + description: The timestamp when the primary was detected to be unhealthy + This field is reported when `.spec.failoverDelay` is populated or + during online upgrades + type: string + currentPrimaryTimestamp: + description: The timestamp when the last actual promotion to primary + has occurred + type: string + danglingPVC: + description: List of all the PVCs created by this cluster and still + available which are not attached to a Pod + items: + type: string + type: array + firstRecoverabilityPoint: + description: The first recoverability point, stored as a date in RFC3339 + format. This field is calculated from the content of FirstRecoverabilityPointByMethod + type: string + firstRecoverabilityPointByMethod: + additionalProperties: + format: date-time + type: string + description: The first recoverability point, stored as a date in RFC3339 + format, per backup method type + type: object + healthyPVC: + description: List of all the PVCs not dangling nor initializing + items: + type: string + type: array + initializingPVC: + description: List of all the PVCs that are being initialized by this + cluster + items: + type: string + type: array + instanceNames: + description: List of instance names in the cluster + items: + type: string + type: array + instances: + description: The total number of PVC Groups detected in the cluster. + It may differ from the number of existing instance pods. + type: integer + instancesReportedState: + additionalProperties: + description: InstanceReportedState describes the last reported state + of an instance during a reconciliation loop + properties: + isPrimary: + description: indicates if an instance is the primary one + type: boolean + timeLineID: + description: indicates on which TimelineId the instance is + type: integer + required: + - isPrimary + type: object + description: The reported state of the instances during the last reconciliation + loop + type: object + instancesStatus: + additionalProperties: + items: + type: string + type: array + description: InstancesStatus indicates in which status the instances + are + type: object + jobCount: + description: How many Jobs have been created by this cluster + format: int32 + type: integer + lastFailedBackup: + description: Stored as a date in RFC3339 format + type: string + lastSuccessfulBackup: + description: Last successful backup, stored as a date in RFC3339 format + This field is calculated from the content of LastSuccessfulBackupByMethod + type: string + lastSuccessfulBackupByMethod: + additionalProperties: + format: date-time + type: string + description: Last successful backup, stored as a date in RFC3339 format, + per backup method type + type: object + latestGeneratedNode: + description: ID of the latest generated node (used to avoid node name + clashing) + type: integer + managedRolesStatus: + description: ManagedRolesStatus reports the state of the managed roles + in the cluster + properties: + byStatus: + additionalProperties: + items: + type: string + type: array + description: ByStatus gives the list of roles in each state + type: object + cannotReconcile: + additionalProperties: + items: + type: string + type: array + description: CannotReconcile lists roles that cannot be reconciled + in PostgreSQL, with an explanation of the cause + type: object + passwordStatus: + additionalProperties: + description: PasswordState represents the state of the password + of a managed RoleConfiguration + properties: + resourceVersion: + description: the resource version of the password secret + type: string + transactionID: + description: the last transaction ID to affect the role + definition in PostgreSQL + format: int64 + type: integer + type: object + description: PasswordStatus gives the last transaction id and + password secret version for each managed role + type: object + type: object + onlineUpdateEnabled: + description: OnlineUpdateEnabled shows if the online upgrade is enabled + inside the cluster + type: boolean + phase: + description: Current phase of the cluster + type: string + phaseReason: + description: Reason for the current phase + type: string + poolerIntegrations: + description: The integration needed by poolers referencing the cluster + properties: + pgBouncerIntegration: + description: PgBouncerIntegrationStatus encapsulates the needed + integration for the pgbouncer poolers referencing the cluster + properties: + secrets: + items: + type: string + type: array + type: object + type: object + pvcCount: + description: How many PVCs have been created by this cluster + format: int32 + type: integer + readService: + description: Current list of read pods + type: string + readyInstances: + description: The total number of ready instances in the cluster. It + is equal to the number of ready instance pods. + type: integer + resizingPVC: + description: List of all the PVCs that have ResizingPVC condition. + items: + type: string + type: array + secretsResourceVersion: + description: The list of resource versions of the secrets managed + by the operator. Every change here is done in the interest of the + instance manager, which will refresh the secret data + properties: + applicationSecretVersion: + description: The resource version of the "app" user secret + type: string + barmanEndpointCA: + description: The resource version of the Barman Endpoint CA if + provided + type: string + caSecretVersion: + description: Unused. Retained for compatibility with old versions. + type: string + clientCaSecretVersion: + description: The resource version of the PostgreSQL client-side + CA secret version + type: string + externalClusterSecretVersion: + additionalProperties: + type: string + description: The resource versions of the external cluster secrets + type: object + managedRoleSecretVersion: + additionalProperties: + type: string + description: The resource versions of the managed roles secrets + type: object + metrics: + additionalProperties: + type: string + description: A map with the versions of all the secrets used to + pass metrics. Map keys are the secret names, map values are + the versions + type: object + replicationSecretVersion: + description: The resource version of the "streaming_replica" user + secret + type: string + serverCaSecretVersion: + description: The resource version of the PostgreSQL server-side + CA secret version + type: string + serverSecretVersion: + description: The resource version of the PostgreSQL server-side + secret version + type: string + superuserSecretVersion: + description: The resource version of the "postgres" user secret + type: string + type: object + tablespacesStatus: + description: TablespacesStatus reports the state of the declarative + tablespaces in the cluster + items: + description: TablespaceState represents the state of a tablespace + in a cluster + properties: + error: + description: Error is the reconciliation error, if any + type: string + name: + description: Name is the name of the tablespace + type: string + owner: + description: Owner is the PostgreSQL user owning the tablespace + type: string + state: + description: State is the latest reconciliation state + type: string + required: + - name + - state + type: object + type: array + targetPrimary: + description: Target primary instance, this is different from the previous + one during a switchover or a failover + type: string + targetPrimaryTimestamp: + description: The timestamp when the last request for a new primary + has occurred + type: string + timelineID: + description: The timeline of the Postgres cluster + type: integer + topology: + description: Instances topology. + properties: + instances: + additionalProperties: + additionalProperties: + type: string + description: PodTopologyLabels represent the topology of a Pod. + map[labelName]labelValue + type: object + description: Instances contains the pod topology of the instances + type: object + nodesUsed: + description: NodesUsed represents the count of distinct nodes + accommodating the instances. A value of '1' suggests that all + instances are hosted on a single node, implying the absence + of High Availability (HA). Ideally, this value should be the + same as the number of instances in the Postgres HA cluster, + implying shared nothing architecture on the compute side. + format: int32 + type: integer + successfullyExtracted: + description: SuccessfullyExtracted indicates if the topology data + was extract. It is useful to enact fallback behaviors in synchronous + replica election in case of failures + type: boolean + type: object + unusablePVC: + description: List of all the PVCs that are unusable because another + PVC is missing + items: + type: string + type: array + writeService: + description: Current write pod + type: string + type: object + required: + - metadata + - spec + type: object + served: true + storage: true + subresources: + scale: + specReplicasPath: .spec.instances + statusReplicasPath: .status.instances + status: {} +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.13.0 + name: poolers.postgresql.cnpg.io +spec: + group: postgresql.cnpg.io + names: + kind: Pooler + listKind: PoolerList + plural: poolers + singular: pooler + scope: Namespaced + versions: + - additionalPrinterColumns: + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + - jsonPath: .spec.cluster.name + name: Cluster + type: string + - jsonPath: .spec.type + name: Type + type: string + name: v1 + schema: + openAPIV3Schema: + description: Pooler is the Schema for the poolers API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: 'Specification of the desired behavior of the Pooler. More + info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status' + properties: + cluster: + description: This is the cluster reference on which the Pooler will + work. Pooler name should never match with any cluster name within + the same namespace. + properties: + name: + description: Name of the referent. + type: string + required: + - name + type: object + deploymentStrategy: + description: The deployment strategy to use for pgbouncer to replace + existing pods with new ones + properties: + rollingUpdate: + description: 'Rolling update config params. Present only if DeploymentStrategyType + = RollingUpdate. --- TODO: Update this to follow our convention + for oneOf, whatever we decide it to be.' + properties: + maxSurge: + anyOf: + - type: integer + - type: string + description: 'The maximum number of pods that can be scheduled + above the desired number of pods. Value can be an absolute + number (ex: 5) or a percentage of desired pods (ex: 10%). + This can not be 0 if MaxUnavailable is 0. Absolute number + is calculated from percentage by rounding up. Defaults to + 25%. Example: when this is set to 30%, the new ReplicaSet + can be scaled up immediately when the rolling update starts, + such that the total number of old and new pods do not exceed + 130% of desired pods. Once old pods have been killed, new + ReplicaSet can be scaled up further, ensuring that total + number of pods running at any time during the update is + at most 130% of desired pods.' + x-kubernetes-int-or-string: true + maxUnavailable: + anyOf: + - type: integer + - type: string + description: 'The maximum number of pods that can be unavailable + during the update. Value can be an absolute number (ex: + 5) or a percentage of desired pods (ex: 10%). Absolute number + is calculated from percentage by rounding down. This can + not be 0 if MaxSurge is 0. Defaults to 25%. Example: when + this is set to 30%, the old ReplicaSet can be scaled down + to 70% of desired pods immediately when the rolling update + starts. Once new pods are ready, old ReplicaSet can be scaled + down further, followed by scaling up the new ReplicaSet, + ensuring that the total number of pods available at all + times during the update is at least 70% of desired pods.' + x-kubernetes-int-or-string: true + type: object + type: + description: Type of deployment. Can be "Recreate" or "RollingUpdate". + Default is RollingUpdate. + type: string + type: object + instances: + default: 1 + description: 'The number of replicas we want. Default: 1.' + format: int32 + type: integer + monitoring: + description: The configuration of the monitoring infrastructure of + this pooler. + properties: + enablePodMonitor: + default: false + description: Enable or disable the `PodMonitor` + type: boolean + podMonitorMetricRelabelings: + description: The list of metric relabelings for the `PodMonitor`. + Applied to samples before ingestion. + items: + description: "RelabelConfig allows dynamic rewriting of the + label set for targets, alerts, scraped samples and remote + write samples. \n More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#relabel_config" + properties: + action: + default: replace + description: "Action to perform based on the regex matching. + \n `Uppercase` and `Lowercase` actions require Prometheus + >= v2.36.0. `DropEqual` and `KeepEqual` actions require + Prometheus >= v2.41.0. \n Default: \"Replace\"" + enum: + - replace + - Replace + - keep + - Keep + - drop + - Drop + - hashmod + - HashMod + - labelmap + - LabelMap + - labeldrop + - LabelDrop + - labelkeep + - LabelKeep + - lowercase + - Lowercase + - uppercase + - Uppercase + - keepequal + - KeepEqual + - dropequal + - DropEqual + type: string + modulus: + description: "Modulus to take of the hash of the source + label values. \n Only applicable when the action is `HashMod`." + format: int64 + type: integer + regex: + description: Regular expression against which the extracted + value is matched. + type: string + replacement: + description: "Replacement value against which a Replace + action is performed if the regular expression matches. + \n Regex capture groups are available." + type: string + separator: + description: Separator is the string between concatenated + SourceLabels. + type: string + sourceLabels: + description: The source labels select values from existing + labels. Their content is concatenated using the configured + Separator and matched against the configured regular expression. + items: + description: LabelName is a valid Prometheus label name + which may only contain ASCII letters, numbers, as well + as underscores. + pattern: ^[a-zA-Z_][a-zA-Z0-9_]*$ + type: string + type: array + targetLabel: + description: "Label to which the resulting string is written + in a replacement. \n It is mandatory for `Replace`, `HashMod`, + `Lowercase`, `Uppercase`, `KeepEqual` and `DropEqual` + actions. \n Regex capture groups are available." + type: string + type: object + type: array + podMonitorRelabelings: + description: The list of relabelings for the `PodMonitor`. Applied + to samples before scraping. + items: + description: "RelabelConfig allows dynamic rewriting of the + label set for targets, alerts, scraped samples and remote + write samples. \n More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#relabel_config" + properties: + action: + default: replace + description: "Action to perform based on the regex matching. + \n `Uppercase` and `Lowercase` actions require Prometheus + >= v2.36.0. `DropEqual` and `KeepEqual` actions require + Prometheus >= v2.41.0. \n Default: \"Replace\"" + enum: + - replace + - Replace + - keep + - Keep + - drop + - Drop + - hashmod + - HashMod + - labelmap + - LabelMap + - labeldrop + - LabelDrop + - labelkeep + - LabelKeep + - lowercase + - Lowercase + - uppercase + - Uppercase + - keepequal + - KeepEqual + - dropequal + - DropEqual + type: string + modulus: + description: "Modulus to take of the hash of the source + label values. \n Only applicable when the action is `HashMod`." + format: int64 + type: integer + regex: + description: Regular expression against which the extracted + value is matched. + type: string + replacement: + description: "Replacement value against which a Replace + action is performed if the regular expression matches. + \n Regex capture groups are available." + type: string + separator: + description: Separator is the string between concatenated + SourceLabels. + type: string + sourceLabels: + description: The source labels select values from existing + labels. Their content is concatenated using the configured + Separator and matched against the configured regular expression. + items: + description: LabelName is a valid Prometheus label name + which may only contain ASCII letters, numbers, as well + as underscores. + pattern: ^[a-zA-Z_][a-zA-Z0-9_]*$ + type: string + type: array + targetLabel: + description: "Label to which the resulting string is written + in a replacement. \n It is mandatory for `Replace`, `HashMod`, + `Lowercase`, `Uppercase`, `KeepEqual` and `DropEqual` + actions. \n Regex capture groups are available." + type: string + type: object + type: array + type: object + pgbouncer: + description: The PgBouncer configuration + properties: + authQuery: + description: 'The query that will be used to download the hash + of the password of a certain user. Default: "SELECT usename, + passwd FROM user_search($1)". In case it is specified, also + an AuthQuerySecret has to be specified and no automatic CNPG + Cluster integration will be triggered.' + type: string + authQuerySecret: + description: The credentials of the user that need to be used + for the authentication query. In case it is specified, also + an AuthQuery (e.g. "SELECT usename, passwd FROM pg_shadow WHERE + usename=$1") has to be specified and no automatic CNPG Cluster + integration will be triggered. + properties: + name: + description: Name of the referent. + type: string + required: + - name + type: object + parameters: + additionalProperties: + type: string + description: Additional parameters to be passed to PgBouncer - + please check the CNPG documentation for a list of options you + can configure + type: object + paused: + default: false + description: When set to `true`, PgBouncer will disconnect from + the PostgreSQL server, first waiting for all queries to complete, + and pause all new client connections until this value is set + to `false` (default). Internally, the operator calls PgBouncer's + `PAUSE` and `RESUME` commands. + type: boolean + pg_hba: + description: PostgreSQL Host Based Authentication rules (lines + to be appended to the pg_hba.conf file) + items: + type: string + type: array + poolMode: + default: session + description: 'The pool mode. Default: `session`.' + enum: + - session + - transaction + type: string + type: object + template: + description: The template of the Pod to be created + properties: + metadata: + description: 'Standard object''s metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata' + properties: + annotations: + additionalProperties: + type: string + description: 'Annotations is an unstructured key value map + stored with a resource that may be set by external tools + to store and retrieve arbitrary metadata. They are not queryable + and should be preserved when modifying objects. More info: + http://kubernetes.io/docs/user-guide/annotations' + type: object + labels: + additionalProperties: + type: string + description: 'Map of string keys and values that can be used + to organize and categorize (scope and select) objects. May + match selectors of replication controllers and services. + More info: http://kubernetes.io/docs/user-guide/labels' + type: object + type: object + spec: + description: 'Specification of the desired behavior of the pod. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status' + properties: + activeDeadlineSeconds: + description: Optional duration in seconds the pod may be active + on the node relative to StartTime before the system will + actively try to mark it failed and kill associated containers. + Value must be a positive integer. + format: int64 + type: integer + affinity: + description: If specified, the pod's scheduling constraints + properties: + nodeAffinity: + description: Describes node affinity scheduling rules + for the pod. + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule + pods to nodes that satisfy the affinity expressions + specified by this field, but it may choose a node + that violates one or more of the expressions. The + node that is most preferred is the one with the + greatest sum of weights, i.e. for each node that + meets all of the scheduling requirements (resource + request, requiredDuringScheduling affinity expressions, + etc.), compute a sum by iterating through the elements + of this field and adding "weight" to the sum if + the node matches the corresponding matchExpressions; + the node(s) with the highest sum are the most preferred. + items: + description: An empty preferred scheduling term + matches all objects with implicit weight 0 (i.e. + it's a no-op). A null preferred scheduling term + matches no objects (i.e. is also a no-op). + properties: + preference: + description: A node selector term, associated + with the corresponding weight. + properties: + matchExpressions: + description: A list of node selector requirements + by node's labels. + items: + description: A node selector requirement + is a selector that contains values, + a key, and an operator that relates + the key and values. + properties: + key: + description: The label key that the + selector applies to. + type: string + operator: + description: Represents a key's relationship + to a set of values. Valid operators + are In, NotIn, Exists, DoesNotExist. + Gt, and Lt. + type: string + values: + description: An array of string values. + If the operator is In or NotIn, + the values array must be non-empty. + If the operator is Exists or DoesNotExist, + the values array must be empty. + If the operator is Gt or Lt, the + values array must have a single + element, which will be interpreted + as an integer. This array is replaced + during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchFields: + description: A list of node selector requirements + by node's fields. + items: + description: A node selector requirement + is a selector that contains values, + a key, and an operator that relates + the key and values. + properties: + key: + description: The label key that the + selector applies to. + type: string + operator: + description: Represents a key's relationship + to a set of values. Valid operators + are In, NotIn, Exists, DoesNotExist. + Gt, and Lt. + type: string + values: + description: An array of string values. + If the operator is In or NotIn, + the values array must be non-empty. + If the operator is Exists or DoesNotExist, + the values array must be empty. + If the operator is Gt or Lt, the + values array must have a single + element, which will be interpreted + as an integer. This array is replaced + during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + type: object + x-kubernetes-map-type: atomic + weight: + description: Weight associated with matching + the corresponding nodeSelectorTerm, in the + range 1-100. + format: int32 + type: integer + required: + - preference + - weight + type: object + type: array + requiredDuringSchedulingIgnoredDuringExecution: + description: If the affinity requirements specified + by this field are not met at scheduling time, the + pod will not be scheduled onto the node. If the + affinity requirements specified by this field cease + to be met at some point during pod execution (e.g. + due to an update), the system may or may not try + to eventually evict the pod from its node. + properties: + nodeSelectorTerms: + description: Required. A list of node selector + terms. The terms are ORed. + items: + description: A null or empty node selector term + matches no objects. The requirements of them + are ANDed. The TopologySelectorTerm type implements + a subset of the NodeSelectorTerm. + properties: + matchExpressions: + description: A list of node selector requirements + by node's labels. + items: + description: A node selector requirement + is a selector that contains values, + a key, and an operator that relates + the key and values. + properties: + key: + description: The label key that the + selector applies to. + type: string + operator: + description: Represents a key's relationship + to a set of values. Valid operators + are In, NotIn, Exists, DoesNotExist. + Gt, and Lt. + type: string + values: + description: An array of string values. + If the operator is In or NotIn, + the values array must be non-empty. + If the operator is Exists or DoesNotExist, + the values array must be empty. + If the operator is Gt or Lt, the + values array must have a single + element, which will be interpreted + as an integer. This array is replaced + during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchFields: + description: A list of node selector requirements + by node's fields. + items: + description: A node selector requirement + is a selector that contains values, + a key, and an operator that relates + the key and values. + properties: + key: + description: The label key that the + selector applies to. + type: string + operator: + description: Represents a key's relationship + to a set of values. Valid operators + are In, NotIn, Exists, DoesNotExist. + Gt, and Lt. + type: string + values: + description: An array of string values. + If the operator is In or NotIn, + the values array must be non-empty. + If the operator is Exists or DoesNotExist, + the values array must be empty. + If the operator is Gt or Lt, the + values array must have a single + element, which will be interpreted + as an integer. This array is replaced + during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + type: object + x-kubernetes-map-type: atomic + type: array + required: + - nodeSelectorTerms + type: object + x-kubernetes-map-type: atomic + type: object + podAffinity: + description: Describes pod affinity scheduling rules (e.g. + co-locate this pod in the same node, zone, etc. as some + other pod(s)). + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule + pods to nodes that satisfy the affinity expressions + specified by this field, but it may choose a node + that violates one or more of the expressions. The + node that is most preferred is the one with the + greatest sum of weights, i.e. for each node that + meets all of the scheduling requirements (resource + request, requiredDuringScheduling affinity expressions, + etc.), compute a sum by iterating through the elements + of this field and adding "weight" to the sum if + the node has pods which matches the corresponding + podAffinityTerm; the node(s) with the highest sum + are the most preferred. + items: + description: The weights of all of the matched WeightedPodAffinityTerm + fields are added per-node to find the most preferred + node(s) + properties: + podAffinityTerm: + description: Required. A pod affinity term, + associated with the corresponding weight. + properties: + labelSelector: + description: A label query over a set of + resources, in this case pods. + properties: + matchExpressions: + description: matchExpressions is a list + of label selector requirements. The + requirements are ANDed. + items: + description: A label selector requirement + is a selector that contains values, + a key, and an operator that relates + the key and values. + properties: + key: + description: key is the label + key that the selector applies + to. + type: string + operator: + description: operator represents + a key's relationship to a set + of values. Valid operators are + In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array + of string values. If the operator + is In or NotIn, the values array + must be non-empty. If the operator + is Exists or DoesNotExist, the + values array must be empty. + This array is replaced during + a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of + {key,value} pairs. A single {key,value} + in the matchLabels map is equivalent + to an element of matchExpressions, + whose key field is "key", the operator + is "In", and the values array contains + only "value". The requirements are + ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + namespaceSelector: + description: A label query over the set + of namespaces that the term applies to. + The term is applied to the union of the + namespaces selected by this field and + the ones listed in the namespaces field. + null selector and null or empty namespaces + list means "this pod's namespace". An + empty selector ({}) matches all namespaces. + properties: + matchExpressions: + description: matchExpressions is a list + of label selector requirements. The + requirements are ANDed. + items: + description: A label selector requirement + is a selector that contains values, + a key, and an operator that relates + the key and values. + properties: + key: + description: key is the label + key that the selector applies + to. + type: string + operator: + description: operator represents + a key's relationship to a set + of values. Valid operators are + In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array + of string values. If the operator + is In or NotIn, the values array + must be non-empty. If the operator + is Exists or DoesNotExist, the + values array must be empty. + This array is replaced during + a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of + {key,value} pairs. A single {key,value} + in the matchLabels map is equivalent + to an element of matchExpressions, + whose key field is "key", the operator + is "In", and the values array contains + only "value". The requirements are + ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + namespaces: + description: namespaces specifies a static + list of namespace names that the term + applies to. The term is applied to the + union of the namespaces listed in this + field and the ones selected by namespaceSelector. + null or empty namespaces list and null + namespaceSelector means "this pod's namespace". + items: + type: string + type: array + topologyKey: + description: This pod should be co-located + (affinity) or not co-located (anti-affinity) + with the pods matching the labelSelector + in the specified namespaces, where co-located + is defined as running on a node whose + value of the label with key topologyKey + matches that of any node on which any + of the selected pods is running. Empty + topologyKey is not allowed. + type: string + required: + - topologyKey + type: object + weight: + description: weight associated with matching + the corresponding podAffinityTerm, in the + range 1-100. + format: int32 + type: integer + required: + - podAffinityTerm + - weight + type: object + type: array + requiredDuringSchedulingIgnoredDuringExecution: + description: If the affinity requirements specified + by this field are not met at scheduling time, the + pod will not be scheduled onto the node. If the + affinity requirements specified by this field cease + to be met at some point during pod execution (e.g. + due to a pod label update), the system may or may + not try to eventually evict the pod from its node. + When there are multiple elements, the lists of nodes + corresponding to each podAffinityTerm are intersected, + i.e. all terms must be satisfied. + items: + description: Defines a set of pods (namely those + matching the labelSelector relative to the given + namespace(s)) that this pod should be co-located + (affinity) or not co-located (anti-affinity) with, + where co-located is defined as running on a node + whose value of the label with key + matches that of any node on which a pod of the + set of pods is running + properties: + labelSelector: + description: A label query over a set of resources, + in this case pods. + properties: + matchExpressions: + description: matchExpressions is a list + of label selector requirements. The requirements + are ANDed. + items: + description: A label selector requirement + is a selector that contains values, + a key, and an operator that relates + the key and values. + properties: + key: + description: key is the label key + that the selector applies to. + type: string + operator: + description: operator represents a + key's relationship to a set of values. + Valid operators are In, NotIn, Exists + and DoesNotExist. + type: string + values: + description: values is an array of + string values. If the operator is + In or NotIn, the values array must + be non-empty. If the operator is + Exists or DoesNotExist, the values + array must be empty. This array + is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator + is "In", and the values array contains + only "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + namespaceSelector: + description: A label query over the set of namespaces + that the term applies to. The term is applied + to the union of the namespaces selected by + this field and the ones listed in the namespaces + field. null selector and null or empty namespaces + list means "this pod's namespace". An empty + selector ({}) matches all namespaces. + properties: + matchExpressions: + description: matchExpressions is a list + of label selector requirements. The requirements + are ANDed. + items: + description: A label selector requirement + is a selector that contains values, + a key, and an operator that relates + the key and values. + properties: + key: + description: key is the label key + that the selector applies to. + type: string + operator: + description: operator represents a + key's relationship to a set of values. + Valid operators are In, NotIn, Exists + and DoesNotExist. + type: string + values: + description: values is an array of + string values. If the operator is + In or NotIn, the values array must + be non-empty. If the operator is + Exists or DoesNotExist, the values + array must be empty. This array + is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator + is "In", and the values array contains + only "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + namespaces: + description: namespaces specifies a static list + of namespace names that the term applies to. + The term is applied to the union of the namespaces + listed in this field and the ones selected + by namespaceSelector. null or empty namespaces + list and null namespaceSelector means "this + pod's namespace". + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) + or not co-located (anti-affinity) with the + pods matching the labelSelector in the specified + namespaces, where co-located is defined as + running on a node whose value of the label + with key topologyKey matches that of any node + on which any of the selected pods is running. + Empty topologyKey is not allowed. + type: string + required: + - topologyKey + type: object + type: array + type: object + podAntiAffinity: + description: Describes pod anti-affinity scheduling rules + (e.g. avoid putting this pod in the same node, zone, + etc. as some other pod(s)). + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule + pods to nodes that satisfy the anti-affinity expressions + specified by this field, but it may choose a node + that violates one or more of the expressions. The + node that is most preferred is the one with the + greatest sum of weights, i.e. for each node that + meets all of the scheduling requirements (resource + request, requiredDuringScheduling anti-affinity + expressions, etc.), compute a sum by iterating through + the elements of this field and adding "weight" to + the sum if the node has pods which matches the corresponding + podAffinityTerm; the node(s) with the highest sum + are the most preferred. + items: + description: The weights of all of the matched WeightedPodAffinityTerm + fields are added per-node to find the most preferred + node(s) + properties: + podAffinityTerm: + description: Required. A pod affinity term, + associated with the corresponding weight. + properties: + labelSelector: + description: A label query over a set of + resources, in this case pods. + properties: + matchExpressions: + description: matchExpressions is a list + of label selector requirements. The + requirements are ANDed. + items: + description: A label selector requirement + is a selector that contains values, + a key, and an operator that relates + the key and values. + properties: + key: + description: key is the label + key that the selector applies + to. + type: string + operator: + description: operator represents + a key's relationship to a set + of values. Valid operators are + In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array + of string values. If the operator + is In or NotIn, the values array + must be non-empty. If the operator + is Exists or DoesNotExist, the + values array must be empty. + This array is replaced during + a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of + {key,value} pairs. A single {key,value} + in the matchLabels map is equivalent + to an element of matchExpressions, + whose key field is "key", the operator + is "In", and the values array contains + only "value". The requirements are + ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + namespaceSelector: + description: A label query over the set + of namespaces that the term applies to. + The term is applied to the union of the + namespaces selected by this field and + the ones listed in the namespaces field. + null selector and null or empty namespaces + list means "this pod's namespace". An + empty selector ({}) matches all namespaces. + properties: + matchExpressions: + description: matchExpressions is a list + of label selector requirements. The + requirements are ANDed. + items: + description: A label selector requirement + is a selector that contains values, + a key, and an operator that relates + the key and values. + properties: + key: + description: key is the label + key that the selector applies + to. + type: string + operator: + description: operator represents + a key's relationship to a set + of values. Valid operators are + In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array + of string values. If the operator + is In or NotIn, the values array + must be non-empty. If the operator + is Exists or DoesNotExist, the + values array must be empty. + This array is replaced during + a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of + {key,value} pairs. A single {key,value} + in the matchLabels map is equivalent + to an element of matchExpressions, + whose key field is "key", the operator + is "In", and the values array contains + only "value". The requirements are + ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + namespaces: + description: namespaces specifies a static + list of namespace names that the term + applies to. The term is applied to the + union of the namespaces listed in this + field and the ones selected by namespaceSelector. + null or empty namespaces list and null + namespaceSelector means "this pod's namespace". + items: + type: string + type: array + topologyKey: + description: This pod should be co-located + (affinity) or not co-located (anti-affinity) + with the pods matching the labelSelector + in the specified namespaces, where co-located + is defined as running on a node whose + value of the label with key topologyKey + matches that of any node on which any + of the selected pods is running. Empty + topologyKey is not allowed. + type: string + required: + - topologyKey + type: object + weight: + description: weight associated with matching + the corresponding podAffinityTerm, in the + range 1-100. + format: int32 + type: integer + required: + - podAffinityTerm + - weight + type: object + type: array + requiredDuringSchedulingIgnoredDuringExecution: + description: If the anti-affinity requirements specified + by this field are not met at scheduling time, the + pod will not be scheduled onto the node. If the + anti-affinity requirements specified by this field + cease to be met at some point during pod execution + (e.g. due to a pod label update), the system may + or may not try to eventually evict the pod from + its node. When there are multiple elements, the + lists of nodes corresponding to each podAffinityTerm + are intersected, i.e. all terms must be satisfied. + items: + description: Defines a set of pods (namely those + matching the labelSelector relative to the given + namespace(s)) that this pod should be co-located + (affinity) or not co-located (anti-affinity) with, + where co-located is defined as running on a node + whose value of the label with key + matches that of any node on which a pod of the + set of pods is running + properties: + labelSelector: + description: A label query over a set of resources, + in this case pods. + properties: + matchExpressions: + description: matchExpressions is a list + of label selector requirements. The requirements + are ANDed. + items: + description: A label selector requirement + is a selector that contains values, + a key, and an operator that relates + the key and values. + properties: + key: + description: key is the label key + that the selector applies to. + type: string + operator: + description: operator represents a + key's relationship to a set of values. + Valid operators are In, NotIn, Exists + and DoesNotExist. + type: string + values: + description: values is an array of + string values. If the operator is + In or NotIn, the values array must + be non-empty. If the operator is + Exists or DoesNotExist, the values + array must be empty. This array + is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator + is "In", and the values array contains + only "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + namespaceSelector: + description: A label query over the set of namespaces + that the term applies to. The term is applied + to the union of the namespaces selected by + this field and the ones listed in the namespaces + field. null selector and null or empty namespaces + list means "this pod's namespace". An empty + selector ({}) matches all namespaces. + properties: + matchExpressions: + description: matchExpressions is a list + of label selector requirements. The requirements + are ANDed. + items: + description: A label selector requirement + is a selector that contains values, + a key, and an operator that relates + the key and values. + properties: + key: + description: key is the label key + that the selector applies to. + type: string + operator: + description: operator represents a + key's relationship to a set of values. + Valid operators are In, NotIn, Exists + and DoesNotExist. + type: string + values: + description: values is an array of + string values. If the operator is + In or NotIn, the values array must + be non-empty. If the operator is + Exists or DoesNotExist, the values + array must be empty. This array + is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator + is "In", and the values array contains + only "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + namespaces: + description: namespaces specifies a static list + of namespace names that the term applies to. + The term is applied to the union of the namespaces + listed in this field and the ones selected + by namespaceSelector. null or empty namespaces + list and null namespaceSelector means "this + pod's namespace". + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) + or not co-located (anti-affinity) with the + pods matching the labelSelector in the specified + namespaces, where co-located is defined as + running on a node whose value of the label + with key topologyKey matches that of any node + on which any of the selected pods is running. + Empty topologyKey is not allowed. + type: string + required: + - topologyKey + type: object + type: array + type: object + type: object + automountServiceAccountToken: + description: AutomountServiceAccountToken indicates whether + a service account token should be automatically mounted. + type: boolean + containers: + description: List of containers belonging to the pod. Containers + cannot currently be added or removed. There must be at least + one container in a Pod. Cannot be updated. + items: + description: A single application container that you want + to run within a pod. + properties: + args: + description: 'Arguments to the entrypoint. The container + image''s CMD is used if this is not provided. Variable + references $(VAR_NAME) are expanded using the container''s + environment. If a variable cannot be resolved, the + reference in the input string will be unchanged. Double + $$ are reduced to a single $, which allows for escaping + the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce + the string literal "$(VAR_NAME)". Escaped references + will never be expanded, regardless of whether the + variable exists or not. Cannot be updated. More info: + https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' + items: + type: string + type: array + command: + description: 'Entrypoint array. Not executed within + a shell. The container image''s ENTRYPOINT is used + if this is not provided. Variable references $(VAR_NAME) + are expanded using the container''s environment. If + a variable cannot be resolved, the reference in the + input string will be unchanged. Double $$ are reduced + to a single $, which allows for escaping the $(VAR_NAME) + syntax: i.e. "$$(VAR_NAME)" will produce the string + literal "$(VAR_NAME)". Escaped references will never + be expanded, regardless of whether the variable exists + or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' + items: + type: string + type: array + env: + description: List of environment variables to set in + the container. Cannot be updated. + items: + description: EnvVar represents an environment variable + present in a Container. + properties: + name: + description: Name of the environment variable. + Must be a C_IDENTIFIER. + type: string + value: + description: 'Variable references $(VAR_NAME) + are expanded using the previously defined environment + variables in the container and any service environment + variables. If a variable cannot be resolved, + the reference in the input string will be unchanged. + Double $$ are reduced to a single $, which allows + for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" + will produce the string literal "$(VAR_NAME)". + Escaped references will never be expanded, regardless + of whether the variable exists or not. Defaults + to "".' + type: string + valueFrom: + description: Source for the environment variable's + value. Cannot be used if value is not empty. + properties: + configMapKeyRef: + description: Selects a key of a ConfigMap. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the ConfigMap + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + fieldRef: + description: 'Selects a field of the pod: + supports metadata.name, metadata.namespace, + `metadata.labels['''']`, `metadata.annotations['''']`, + spec.nodeName, spec.serviceAccountName, + status.hostIP, status.podIP, status.podIPs.' + properties: + apiVersion: + description: Version of the schema the + FieldPath is written in terms of, defaults + to "v1". + type: string + fieldPath: + description: Path of the field to select + in the specified API version. + type: string + required: + - fieldPath + type: object + x-kubernetes-map-type: atomic + resourceFieldRef: + description: 'Selects a resource of the container: + only resources limits and requests (limits.cpu, + limits.memory, limits.ephemeral-storage, + requests.cpu, requests.memory and requests.ephemeral-storage) + are currently supported.' + properties: + containerName: + description: 'Container name: required + for volumes, optional for env vars' + type: string + divisor: + anyOf: + - type: integer + - type: string + description: Specifies the output format + of the exposed resources, defaults to + "1" + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + description: 'Required: resource to select' + type: string + required: + - resource + type: object + x-kubernetes-map-type: atomic + secretKeyRef: + description: Selects a key of a secret in + the pod's namespace + properties: + key: + description: The key of the secret to + select from. Must be a valid secret + key. + type: string + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + required: + - name + type: object + type: array + envFrom: + description: List of sources to populate environment + variables in the container. The keys defined within + a source must be a C_IDENTIFIER. All invalid keys + will be reported as an event when the container is + starting. When a key exists in multiple sources, the + value associated with the last source will take precedence. + Values defined by an Env with a duplicate key will + take precedence. Cannot be updated. + items: + description: EnvFromSource represents the source of + a set of ConfigMaps + properties: + configMapRef: + description: The ConfigMap to select from + properties: + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the ConfigMap + must be defined + type: boolean + type: object + x-kubernetes-map-type: atomic + prefix: + description: An optional identifier to prepend + to each key in the ConfigMap. Must be a C_IDENTIFIER. + type: string + secretRef: + description: The Secret to select from + properties: + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret must + be defined + type: boolean + type: object + x-kubernetes-map-type: atomic + type: object + type: array + image: + description: 'Container image name. More info: https://kubernetes.io/docs/concepts/containers/images + This field is optional to allow higher level config + management to default or override container images + in workload controllers like Deployments and StatefulSets.' + type: string + imagePullPolicy: + description: 'Image pull policy. One of Always, Never, + IfNotPresent. Defaults to Always if :latest tag is + specified, or IfNotPresent otherwise. Cannot be updated. + More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' + type: string + lifecycle: + description: Actions that the management system should + take in response to container lifecycle events. Cannot + be updated. + properties: + postStart: + description: 'PostStart is called immediately after + a container is created. If the handler fails, + the container is terminated and restarted according + to its restart policy. Other management of the + container blocks until the hook completes. More + info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' + properties: + exec: + description: Exec specifies the action to take. + properties: + command: + description: Command is the command line + to execute inside the container, the working + directory for the command is root ('/') + in the container's filesystem. The command + is simply exec'd, it is not run inside + a shell, so traditional shell instructions + ('|', etc) won't work. To use a shell, + you need to explicitly call out to that + shell. Exit status of 0 is treated as + live/healthy and non-zero is unhealthy. + items: + type: string + type: array + type: object + httpGet: + description: HTTPGet specifies the http request + to perform. + properties: + host: + description: Host name to connect to, defaults + to the pod IP. You probably want to set + "Host" in httpHeaders instead. + type: string + httpHeaders: + description: Custom headers to set in the + request. HTTP allows repeated headers. + items: + description: HTTPHeader describes a custom + header to be used in HTTP probes + properties: + name: + description: The header field name. + This will be canonicalized upon + output, so case-variant names will + be understood as the same header. + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP + server. + type: string + port: + anyOf: + - type: integer + - type: string + description: Name or number of the port + to access on the container. Number must + be in the range 1 to 65535. Name must + be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: Scheme to use for connecting + to the host. Defaults to HTTP. + type: string + required: + - port + type: object + tcpSocket: + description: Deprecated. TCPSocket is NOT supported + as a LifecycleHandler and kept for the backward + compatibility. There are no validation of + this field and lifecycle hooks will fail in + runtime when tcp handler is specified. + properties: + host: + description: 'Optional: Host name to connect + to, defaults to the pod IP.' + type: string + port: + anyOf: + - type: integer + - type: string + description: Number or name of the port + to access on the container. Number must + be in the range 1 to 65535. Name must + be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + type: object + preStop: + description: 'PreStop is called immediately before + a container is terminated due to an API request + or management event such as liveness/startup probe + failure, preemption, resource contention, etc. + The handler is not called if the container crashes + or exits. The Pod''s termination grace period + countdown begins before the PreStop hook is executed. + Regardless of the outcome of the handler, the + container will eventually terminate within the + Pod''s termination grace period (unless delayed + by finalizers). Other management of the container + blocks until the hook completes or until the termination + grace period is reached. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' + properties: + exec: + description: Exec specifies the action to take. + properties: + command: + description: Command is the command line + to execute inside the container, the working + directory for the command is root ('/') + in the container's filesystem. The command + is simply exec'd, it is not run inside + a shell, so traditional shell instructions + ('|', etc) won't work. To use a shell, + you need to explicitly call out to that + shell. Exit status of 0 is treated as + live/healthy and non-zero is unhealthy. + items: + type: string + type: array + type: object + httpGet: + description: HTTPGet specifies the http request + to perform. + properties: + host: + description: Host name to connect to, defaults + to the pod IP. You probably want to set + "Host" in httpHeaders instead. + type: string + httpHeaders: + description: Custom headers to set in the + request. HTTP allows repeated headers. + items: + description: HTTPHeader describes a custom + header to be used in HTTP probes + properties: + name: + description: The header field name. + This will be canonicalized upon + output, so case-variant names will + be understood as the same header. + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP + server. + type: string + port: + anyOf: + - type: integer + - type: string + description: Name or number of the port + to access on the container. Number must + be in the range 1 to 65535. Name must + be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: Scheme to use for connecting + to the host. Defaults to HTTP. + type: string + required: + - port + type: object + tcpSocket: + description: Deprecated. TCPSocket is NOT supported + as a LifecycleHandler and kept for the backward + compatibility. There are no validation of + this field and lifecycle hooks will fail in + runtime when tcp handler is specified. + properties: + host: + description: 'Optional: Host name to connect + to, defaults to the pod IP.' + type: string + port: + anyOf: + - type: integer + - type: string + description: Number or name of the port + to access on the container. Number must + be in the range 1 to 65535. Name must + be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + type: object + type: object + livenessProbe: + description: 'Periodic probe of container liveness. + Container will be restarted if the probe fails. Cannot + be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + properties: + exec: + description: Exec specifies the action to take. + properties: + command: + description: Command is the command line to + execute inside the container, the working + directory for the command is root ('/') in + the container's filesystem. The command is + simply exec'd, it is not run inside a shell, + so traditional shell instructions ('|', etc) + won't work. To use a shell, you need to explicitly + call out to that shell. Exit status of 0 is + treated as live/healthy and non-zero is unhealthy. + items: + type: string + type: array + type: object + failureThreshold: + description: Minimum consecutive failures for the + probe to be considered failed after having succeeded. + Defaults to 3. Minimum value is 1. + format: int32 + type: integer + grpc: + description: GRPC specifies an action involving + a GRPC port. + properties: + port: + description: Port number of the gRPC service. + Number must be in the range 1 to 65535. + format: int32 + type: integer + service: + description: "Service is the name of the service + to place in the gRPC HealthCheckRequest (see + https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + \n If this is not specified, the default behavior + is defined by gRPC." + type: string + required: + - port + type: object + httpGet: + description: HTTPGet specifies the http request + to perform. + properties: + host: + description: Host name to connect to, defaults + to the pod IP. You probably want to set "Host" + in httpHeaders instead. + type: string + httpHeaders: + description: Custom headers to set in the request. + HTTP allows repeated headers. + items: + description: HTTPHeader describes a custom + header to be used in HTTP probes + properties: + name: + description: The header field name. This + will be canonicalized upon output, so + case-variant names will be understood + as the same header. + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: integer + - type: string + description: Name or number of the port to access + on the container. Number must be in the range + 1 to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: Scheme to use for connecting to + the host. Defaults to HTTP. + type: string + required: + - port + type: object + initialDelaySeconds: + description: 'Number of seconds after the container + has started before liveness probes are initiated. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + periodSeconds: + description: How often (in seconds) to perform the + probe. Default to 10 seconds. Minimum value is + 1. + format: int32 + type: integer + successThreshold: + description: Minimum consecutive successes for the + probe to be considered successful after having + failed. Defaults to 1. Must be 1 for liveness + and startup. Minimum value is 1. + format: int32 + type: integer + tcpSocket: + description: TCPSocket specifies an action involving + a TCP port. + properties: + host: + description: 'Optional: Host name to connect + to, defaults to the pod IP.' + type: string + port: + anyOf: + - type: integer + - type: string + description: Number or name of the port to access + on the container. Number must be in the range + 1 to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + terminationGracePeriodSeconds: + description: Optional duration in seconds the pod + needs to terminate gracefully upon probe failure. + The grace period is the duration in seconds after + the processes running in the pod are sent a termination + signal and the time when the processes are forcibly + halted with a kill signal. Set this value longer + than the expected cleanup time for your process. + If this value is nil, the pod's terminationGracePeriodSeconds + will be used. Otherwise, this value overrides + the value provided by the pod spec. Value must + be non-negative integer. The value zero indicates + stop immediately via the kill signal (no opportunity + to shut down). This is a beta field and requires + enabling ProbeTerminationGracePeriod feature gate. + Minimum value is 1. spec.terminationGracePeriodSeconds + is used if unset. + format: int64 + type: integer + timeoutSeconds: + description: 'Number of seconds after which the + probe times out. Defaults to 1 second. Minimum + value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + type: object + name: + description: Name of the container specified as a DNS_LABEL. + Each container in a pod must have a unique name (DNS_LABEL). + Cannot be updated. + type: string + ports: + description: List of ports to expose from the container. + Not specifying a port here DOES NOT prevent that port + from being exposed. Any port which is listening on + the default "0.0.0.0" address inside a container will + be accessible from the network. Modifying this array + with strategic merge patch may corrupt the data. For + more information See https://github.com/kubernetes/kubernetes/issues/108255. + Cannot be updated. + items: + description: ContainerPort represents a network port + in a single container. + properties: + containerPort: + description: Number of port to expose on the pod's + IP address. This must be a valid port number, + 0 < x < 65536. + format: int32 + type: integer + hostIP: + description: What host IP to bind the external + port to. + type: string + hostPort: + description: Number of port to expose on the host. + If specified, this must be a valid port number, + 0 < x < 65536. If HostNetwork is specified, + this must match ContainerPort. Most containers + do not need this. + format: int32 + type: integer + name: + description: If specified, this must be an IANA_SVC_NAME + and unique within the pod. Each named port in + a pod must have a unique name. Name for the + port that can be referred to by services. + type: string + protocol: + default: TCP + description: Protocol for port. Must be UDP, TCP, + or SCTP. Defaults to "TCP". + type: string + required: + - containerPort + type: object + type: array + x-kubernetes-list-map-keys: + - containerPort + - protocol + x-kubernetes-list-type: map + readinessProbe: + description: 'Periodic probe of container service readiness. + Container will be removed from service endpoints if + the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + properties: + exec: + description: Exec specifies the action to take. + properties: + command: + description: Command is the command line to + execute inside the container, the working + directory for the command is root ('/') in + the container's filesystem. The command is + simply exec'd, it is not run inside a shell, + so traditional shell instructions ('|', etc) + won't work. To use a shell, you need to explicitly + call out to that shell. Exit status of 0 is + treated as live/healthy and non-zero is unhealthy. + items: + type: string + type: array + type: object + failureThreshold: + description: Minimum consecutive failures for the + probe to be considered failed after having succeeded. + Defaults to 3. Minimum value is 1. + format: int32 + type: integer + grpc: + description: GRPC specifies an action involving + a GRPC port. + properties: + port: + description: Port number of the gRPC service. + Number must be in the range 1 to 65535. + format: int32 + type: integer + service: + description: "Service is the name of the service + to place in the gRPC HealthCheckRequest (see + https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + \n If this is not specified, the default behavior + is defined by gRPC." + type: string + required: + - port + type: object + httpGet: + description: HTTPGet specifies the http request + to perform. + properties: + host: + description: Host name to connect to, defaults + to the pod IP. You probably want to set "Host" + in httpHeaders instead. + type: string + httpHeaders: + description: Custom headers to set in the request. + HTTP allows repeated headers. + items: + description: HTTPHeader describes a custom + header to be used in HTTP probes + properties: + name: + description: The header field name. This + will be canonicalized upon output, so + case-variant names will be understood + as the same header. + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: integer + - type: string + description: Name or number of the port to access + on the container. Number must be in the range + 1 to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: Scheme to use for connecting to + the host. Defaults to HTTP. + type: string + required: + - port + type: object + initialDelaySeconds: + description: 'Number of seconds after the container + has started before liveness probes are initiated. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + periodSeconds: + description: How often (in seconds) to perform the + probe. Default to 10 seconds. Minimum value is + 1. + format: int32 + type: integer + successThreshold: + description: Minimum consecutive successes for the + probe to be considered successful after having + failed. Defaults to 1. Must be 1 for liveness + and startup. Minimum value is 1. + format: int32 + type: integer + tcpSocket: + description: TCPSocket specifies an action involving + a TCP port. + properties: + host: + description: 'Optional: Host name to connect + to, defaults to the pod IP.' + type: string + port: + anyOf: + - type: integer + - type: string + description: Number or name of the port to access + on the container. Number must be in the range + 1 to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + terminationGracePeriodSeconds: + description: Optional duration in seconds the pod + needs to terminate gracefully upon probe failure. + The grace period is the duration in seconds after + the processes running in the pod are sent a termination + signal and the time when the processes are forcibly + halted with a kill signal. Set this value longer + than the expected cleanup time for your process. + If this value is nil, the pod's terminationGracePeriodSeconds + will be used. Otherwise, this value overrides + the value provided by the pod spec. Value must + be non-negative integer. The value zero indicates + stop immediately via the kill signal (no opportunity + to shut down). This is a beta field and requires + enabling ProbeTerminationGracePeriod feature gate. + Minimum value is 1. spec.terminationGracePeriodSeconds + is used if unset. + format: int64 + type: integer + timeoutSeconds: + description: 'Number of seconds after which the + probe times out. Defaults to 1 second. Minimum + value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + type: object + resizePolicy: + description: Resources resize policy for the container. + items: + description: ContainerResizePolicy represents resource + resize policy for the container. + properties: + resourceName: + description: 'Name of the resource to which this + resource resize policy applies. Supported values: + cpu, memory.' + type: string + restartPolicy: + description: Restart policy to apply when specified + resource is resized. If not specified, it defaults + to NotRequired. + type: string + required: + - resourceName + - restartPolicy + type: object + type: array + x-kubernetes-list-type: atomic + resources: + description: 'Compute Resources required by this container. + Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + properties: + claims: + description: "Claims lists the names of resources, + defined in spec.resourceClaims, that are used + by this container. \n This is an alpha field and + requires enabling the DynamicResourceAllocation + feature gate. \n This field is immutable. It can + only be set for containers." + items: + description: ResourceClaim references one entry + in PodSpec.ResourceClaims. + properties: + name: + description: Name must match the name of one + entry in pod.spec.resourceClaims of the + Pod where this field is used. It makes that + resource available inside a container. + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum amount + of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum amount + of compute resources required. If Requests is + omitted for a container, it defaults to Limits + if that is explicitly specified, otherwise to + an implementation-defined value. Requests cannot + exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + type: object + restartPolicy: + description: 'RestartPolicy defines the restart behavior + of individual containers in a pod. This field may + only be set for init containers, and the only allowed + value is "Always". For non-init containers or when + this field is not specified, the restart behavior + is defined by the Pod''s restart policy and the container + type. Setting the RestartPolicy as "Always" for the + init container will have the following effect: this + init container will be continually restarted on exit + until all regular containers have terminated. Once + all regular containers have completed, all init containers + with restartPolicy "Always" will be shut down. This + lifecycle differs from normal init containers and + is often referred to as a "sidecar" container. Although + this init container still starts in the init container + sequence, it does not wait for the container to complete + before proceeding to the next init container. Instead, + the next init container starts immediately after this + init container is started, or after any startupProbe + has successfully completed.' + type: string + securityContext: + description: 'SecurityContext defines the security options + the container should be run with. If set, the fields + of SecurityContext override the equivalent fields + of PodSecurityContext. More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/' + properties: + allowPrivilegeEscalation: + description: 'AllowPrivilegeEscalation controls + whether a process can gain more privileges than + its parent process. This bool directly controls + if the no_new_privs flag will be set on the container + process. AllowPrivilegeEscalation is true always + when the container is: 1) run as Privileged 2) + has CAP_SYS_ADMIN Note that this field cannot + be set when spec.os.name is windows.' + type: boolean + capabilities: + description: The capabilities to add/drop when running + containers. Defaults to the default set of capabilities + granted by the container runtime. Note that this + field cannot be set when spec.os.name is windows. + properties: + add: + description: Added capabilities + items: + description: Capability represent POSIX capabilities + type + type: string + type: array + drop: + description: Removed capabilities + items: + description: Capability represent POSIX capabilities + type + type: string + type: array + type: object + privileged: + description: Run container in privileged mode. Processes + in privileged containers are essentially equivalent + to root on the host. Defaults to false. Note that + this field cannot be set when spec.os.name is + windows. + type: boolean + procMount: + description: procMount denotes the type of proc + mount to use for the containers. The default is + DefaultProcMount which uses the container runtime + defaults for readonly paths and masked paths. + This requires the ProcMountType feature flag to + be enabled. Note that this field cannot be set + when spec.os.name is windows. + type: string + readOnlyRootFilesystem: + description: Whether this container has a read-only + root filesystem. Default is false. Note that this + field cannot be set when spec.os.name is windows. + type: boolean + runAsGroup: + description: The GID to run the entrypoint of the + container process. Uses runtime default if unset. + May also be set in PodSecurityContext. If set + in both SecurityContext and PodSecurityContext, + the value specified in SecurityContext takes precedence. + Note that this field cannot be set when spec.os.name + is windows. + format: int64 + type: integer + runAsNonRoot: + description: Indicates that the container must run + as a non-root user. If true, the Kubelet will + validate the image at runtime to ensure that it + does not run as UID 0 (root) and fail to start + the container if it does. If unset or false, no + such validation will be performed. May also be + set in PodSecurityContext. If set in both SecurityContext + and PodSecurityContext, the value specified in + SecurityContext takes precedence. + type: boolean + runAsUser: + description: The UID to run the entrypoint of the + container process. Defaults to user specified + in image metadata if unspecified. May also be + set in PodSecurityContext. If set in both SecurityContext + and PodSecurityContext, the value specified in + SecurityContext takes precedence. Note that this + field cannot be set when spec.os.name is windows. + format: int64 + type: integer + seLinuxOptions: + description: The SELinux context to be applied to + the container. If unspecified, the container runtime + will allocate a random SELinux context for each + container. May also be set in PodSecurityContext. If + set in both SecurityContext and PodSecurityContext, + the value specified in SecurityContext takes precedence. + Note that this field cannot be set when spec.os.name + is windows. + properties: + level: + description: Level is SELinux level label that + applies to the container. + type: string + role: + description: Role is a SELinux role label that + applies to the container. + type: string + type: + description: Type is a SELinux type label that + applies to the container. + type: string + user: + description: User is a SELinux user label that + applies to the container. + type: string + type: object + seccompProfile: + description: The seccomp options to use by this + container. If seccomp options are provided at + both the pod & container level, the container + options override the pod options. Note that this + field cannot be set when spec.os.name is windows. + properties: + localhostProfile: + description: localhostProfile indicates a profile + defined in a file on the node should be used. + The profile must be preconfigured on the node + to work. Must be a descending path, relative + to the kubelet's configured seccomp profile + location. Must be set if type is "Localhost". + Must NOT be set for any other type. + type: string + type: + description: "type indicates which kind of seccomp + profile will be applied. Valid options are: + \n Localhost - a profile defined in a file + on the node should be used. RuntimeDefault + - the container runtime default profile should + be used. Unconfined - no profile should be + applied." + type: string + required: + - type + type: object + windowsOptions: + description: The Windows specific settings applied + to all containers. If unspecified, the options + from the PodSecurityContext will be used. If set + in both SecurityContext and PodSecurityContext, + the value specified in SecurityContext takes precedence. + Note that this field cannot be set when spec.os.name + is linux. + properties: + gmsaCredentialSpec: + description: GMSACredentialSpec is where the + GMSA admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) + inlines the contents of the GMSA credential + spec named by the GMSACredentialSpecName field. + type: string + gmsaCredentialSpecName: + description: GMSACredentialSpecName is the name + of the GMSA credential spec to use. + type: string + hostProcess: + description: HostProcess determines if a container + should be run as a 'Host Process' container. + All of a Pod's containers must have the same + effective HostProcess value (it is not allowed + to have a mix of HostProcess containers and + non-HostProcess containers). In addition, + if HostProcess is true then HostNetwork must + also be set to true. + type: boolean + runAsUserName: + description: The UserName in Windows to run + the entrypoint of the container process. Defaults + to the user specified in image metadata if + unspecified. May also be set in PodSecurityContext. + If set in both SecurityContext and PodSecurityContext, + the value specified in SecurityContext takes + precedence. + type: string + type: object + type: object + startupProbe: + description: 'StartupProbe indicates that the Pod has + successfully initialized. If specified, no other probes + are executed until this completes successfully. If + this probe fails, the Pod will be restarted, just + as if the livenessProbe failed. This can be used to + provide different probe parameters at the beginning + of a Pod''s lifecycle, when it might take a long time + to load data or warm a cache, than during steady-state + operation. This cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + properties: + exec: + description: Exec specifies the action to take. + properties: + command: + description: Command is the command line to + execute inside the container, the working + directory for the command is root ('/') in + the container's filesystem. The command is + simply exec'd, it is not run inside a shell, + so traditional shell instructions ('|', etc) + won't work. To use a shell, you need to explicitly + call out to that shell. Exit status of 0 is + treated as live/healthy and non-zero is unhealthy. + items: + type: string + type: array + type: object + failureThreshold: + description: Minimum consecutive failures for the + probe to be considered failed after having succeeded. + Defaults to 3. Minimum value is 1. + format: int32 + type: integer + grpc: + description: GRPC specifies an action involving + a GRPC port. + properties: + port: + description: Port number of the gRPC service. + Number must be in the range 1 to 65535. + format: int32 + type: integer + service: + description: "Service is the name of the service + to place in the gRPC HealthCheckRequest (see + https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + \n If this is not specified, the default behavior + is defined by gRPC." + type: string + required: + - port + type: object + httpGet: + description: HTTPGet specifies the http request + to perform. + properties: + host: + description: Host name to connect to, defaults + to the pod IP. You probably want to set "Host" + in httpHeaders instead. + type: string + httpHeaders: + description: Custom headers to set in the request. + HTTP allows repeated headers. + items: + description: HTTPHeader describes a custom + header to be used in HTTP probes + properties: + name: + description: The header field name. This + will be canonicalized upon output, so + case-variant names will be understood + as the same header. + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: integer + - type: string + description: Name or number of the port to access + on the container. Number must be in the range + 1 to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: Scheme to use for connecting to + the host. Defaults to HTTP. + type: string + required: + - port + type: object + initialDelaySeconds: + description: 'Number of seconds after the container + has started before liveness probes are initiated. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + periodSeconds: + description: How often (in seconds) to perform the + probe. Default to 10 seconds. Minimum value is + 1. + format: int32 + type: integer + successThreshold: + description: Minimum consecutive successes for the + probe to be considered successful after having + failed. Defaults to 1. Must be 1 for liveness + and startup. Minimum value is 1. + format: int32 + type: integer + tcpSocket: + description: TCPSocket specifies an action involving + a TCP port. + properties: + host: + description: 'Optional: Host name to connect + to, defaults to the pod IP.' + type: string + port: + anyOf: + - type: integer + - type: string + description: Number or name of the port to access + on the container. Number must be in the range + 1 to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + terminationGracePeriodSeconds: + description: Optional duration in seconds the pod + needs to terminate gracefully upon probe failure. + The grace period is the duration in seconds after + the processes running in the pod are sent a termination + signal and the time when the processes are forcibly + halted with a kill signal. Set this value longer + than the expected cleanup time for your process. + If this value is nil, the pod's terminationGracePeriodSeconds + will be used. Otherwise, this value overrides + the value provided by the pod spec. Value must + be non-negative integer. The value zero indicates + stop immediately via the kill signal (no opportunity + to shut down). This is a beta field and requires + enabling ProbeTerminationGracePeriod feature gate. + Minimum value is 1. spec.terminationGracePeriodSeconds + is used if unset. + format: int64 + type: integer + timeoutSeconds: + description: 'Number of seconds after which the + probe times out. Defaults to 1 second. Minimum + value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + type: object + stdin: + description: Whether this container should allocate + a buffer for stdin in the container runtime. If this + is not set, reads from stdin in the container will + always result in EOF. Default is false. + type: boolean + stdinOnce: + description: Whether the container runtime should close + the stdin channel after it has been opened by a single + attach. When stdin is true the stdin stream will remain + open across multiple attach sessions. If stdinOnce + is set to true, stdin is opened on container start, + is empty until the first client attaches to stdin, + and then remains open and accepts data until the client + disconnects, at which time stdin is closed and remains + closed until the container is restarted. If this flag + is false, a container processes that reads from stdin + will never receive an EOF. Default is false + type: boolean + terminationMessagePath: + description: 'Optional: Path at which the file to which + the container''s termination message will be written + is mounted into the container''s filesystem. Message + written is intended to be brief final status, such + as an assertion failure message. Will be truncated + by the node if greater than 4096 bytes. The total + message length across all containers will be limited + to 12kb. Defaults to /dev/termination-log. Cannot + be updated.' + type: string + terminationMessagePolicy: + description: Indicate how the termination message should + be populated. File will use the contents of terminationMessagePath + to populate the container status message on both success + and failure. FallbackToLogsOnError will use the last + chunk of container log output if the termination message + file is empty and the container exited with an error. + The log output is limited to 2048 bytes or 80 lines, + whichever is smaller. Defaults to File. Cannot be + updated. + type: string + tty: + description: Whether this container should allocate + a TTY for itself, also requires 'stdin' to be true. + Default is false. + type: boolean + volumeDevices: + description: volumeDevices is the list of block devices + to be used by the container. + items: + description: volumeDevice describes a mapping of a + raw block device within a container. + properties: + devicePath: + description: devicePath is the path inside of + the container that the device will be mapped + to. + type: string + name: + description: name must match the name of a persistentVolumeClaim + in the pod + type: string + required: + - devicePath + - name + type: object + type: array + volumeMounts: + description: Pod volumes to mount into the container's + filesystem. Cannot be updated. + items: + description: VolumeMount describes a mounting of a + Volume within a container. + properties: + mountPath: + description: Path within the container at which + the volume should be mounted. Must not contain + ':'. + type: string + mountPropagation: + description: mountPropagation determines how mounts + are propagated from the host to container and + the other way around. When not set, MountPropagationNone + is used. This field is beta in 1.10. + type: string + name: + description: This must match the Name of a Volume. + type: string + readOnly: + description: Mounted read-only if true, read-write + otherwise (false or unspecified). Defaults to + false. + type: boolean + subPath: + description: Path within the volume from which + the container's volume should be mounted. Defaults + to "" (volume's root). + type: string + subPathExpr: + description: Expanded path within the volume from + which the container's volume should be mounted. + Behaves similarly to SubPath but environment + variable references $(VAR_NAME) are expanded + using the container's environment. Defaults + to "" (volume's root). SubPathExpr and SubPath + are mutually exclusive. + type: string + required: + - mountPath + - name + type: object + type: array + workingDir: + description: Container's working directory. If not specified, + the container runtime's default will be used, which + might be configured in the container image. Cannot + be updated. + type: string + required: + - name + type: object + type: array + dnsConfig: + description: Specifies the DNS parameters of a pod. Parameters + specified here will be merged to the generated DNS configuration + based on DNSPolicy. + properties: + nameservers: + description: A list of DNS name server IP addresses. This + will be appended to the base nameservers generated from + DNSPolicy. Duplicated nameservers will be removed. + items: + type: string + type: array + options: + description: A list of DNS resolver options. This will + be merged with the base options generated from DNSPolicy. + Duplicated entries will be removed. Resolution options + given in Options will override those that appear in + the base DNSPolicy. + items: + description: PodDNSConfigOption defines DNS resolver + options of a pod. + properties: + name: + description: Required. + type: string + value: + type: string + type: object + type: array + searches: + description: A list of DNS search domains for host-name + lookup. This will be appended to the base search paths + generated from DNSPolicy. Duplicated search paths will + be removed. + items: + type: string + type: array + type: object + dnsPolicy: + description: Set DNS policy for the pod. Defaults to "ClusterFirst". + Valid values are 'ClusterFirstWithHostNet', 'ClusterFirst', + 'Default' or 'None'. DNS parameters given in DNSConfig will + be merged with the policy selected with DNSPolicy. To have + DNS options set along with hostNetwork, you have to specify + DNS policy explicitly to 'ClusterFirstWithHostNet'. + type: string + enableServiceLinks: + description: 'EnableServiceLinks indicates whether information + about services should be injected into pod''s environment + variables, matching the syntax of Docker links. Optional: + Defaults to true.' + type: boolean + ephemeralContainers: + description: List of ephemeral containers run in this pod. + Ephemeral containers may be run in an existing pod to perform + user-initiated actions such as debugging. This list cannot + be specified when creating a pod, and it cannot be modified + by updating the pod spec. In order to add an ephemeral container + to an existing pod, use the pod's ephemeralcontainers subresource. + items: + description: "An EphemeralContainer is a temporary container + that you may add to an existing Pod for user-initiated + activities such as debugging. Ephemeral containers have + no resource or scheduling guarantees, and they will not + be restarted when they exit or when a Pod is removed or + restarted. The kubelet may evict a Pod if an ephemeral + container causes the Pod to exceed its resource allocation. + \n To add an ephemeral container, use the ephemeralcontainers + subresource of an existing Pod. Ephemeral containers may + not be removed or restarted." + properties: + args: + description: 'Arguments to the entrypoint. The image''s + CMD is used if this is not provided. Variable references + $(VAR_NAME) are expanded using the container''s environment. + If a variable cannot be resolved, the reference in + the input string will be unchanged. Double $$ are + reduced to a single $, which allows for escaping the + $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce + the string literal "$(VAR_NAME)". Escaped references + will never be expanded, regardless of whether the + variable exists or not. Cannot be updated. More info: + https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' + items: + type: string + type: array + command: + description: 'Entrypoint array. Not executed within + a shell. The image''s ENTRYPOINT is used if this is + not provided. Variable references $(VAR_NAME) are + expanded using the container''s environment. If a + variable cannot be resolved, the reference in the + input string will be unchanged. Double $$ are reduced + to a single $, which allows for escaping the $(VAR_NAME) + syntax: i.e. "$$(VAR_NAME)" will produce the string + literal "$(VAR_NAME)". Escaped references will never + be expanded, regardless of whether the variable exists + or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' + items: + type: string + type: array + env: + description: List of environment variables to set in + the container. Cannot be updated. + items: + description: EnvVar represents an environment variable + present in a Container. + properties: + name: + description: Name of the environment variable. + Must be a C_IDENTIFIER. + type: string + value: + description: 'Variable references $(VAR_NAME) + are expanded using the previously defined environment + variables in the container and any service environment + variables. If a variable cannot be resolved, + the reference in the input string will be unchanged. + Double $$ are reduced to a single $, which allows + for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" + will produce the string literal "$(VAR_NAME)". + Escaped references will never be expanded, regardless + of whether the variable exists or not. Defaults + to "".' + type: string + valueFrom: + description: Source for the environment variable's + value. Cannot be used if value is not empty. + properties: + configMapKeyRef: + description: Selects a key of a ConfigMap. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the ConfigMap + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + fieldRef: + description: 'Selects a field of the pod: + supports metadata.name, metadata.namespace, + `metadata.labels['''']`, `metadata.annotations['''']`, + spec.nodeName, spec.serviceAccountName, + status.hostIP, status.podIP, status.podIPs.' + properties: + apiVersion: + description: Version of the schema the + FieldPath is written in terms of, defaults + to "v1". + type: string + fieldPath: + description: Path of the field to select + in the specified API version. + type: string + required: + - fieldPath + type: object + x-kubernetes-map-type: atomic + resourceFieldRef: + description: 'Selects a resource of the container: + only resources limits and requests (limits.cpu, + limits.memory, limits.ephemeral-storage, + requests.cpu, requests.memory and requests.ephemeral-storage) + are currently supported.' + properties: + containerName: + description: 'Container name: required + for volumes, optional for env vars' + type: string + divisor: + anyOf: + - type: integer + - type: string + description: Specifies the output format + of the exposed resources, defaults to + "1" + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + description: 'Required: resource to select' + type: string + required: + - resource + type: object + x-kubernetes-map-type: atomic + secretKeyRef: + description: Selects a key of a secret in + the pod's namespace + properties: + key: + description: The key of the secret to + select from. Must be a valid secret + key. + type: string + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + required: + - name + type: object + type: array + envFrom: + description: List of sources to populate environment + variables in the container. The keys defined within + a source must be a C_IDENTIFIER. All invalid keys + will be reported as an event when the container is + starting. When a key exists in multiple sources, the + value associated with the last source will take precedence. + Values defined by an Env with a duplicate key will + take precedence. Cannot be updated. + items: + description: EnvFromSource represents the source of + a set of ConfigMaps + properties: + configMapRef: + description: The ConfigMap to select from + properties: + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the ConfigMap + must be defined + type: boolean + type: object + x-kubernetes-map-type: atomic + prefix: + description: An optional identifier to prepend + to each key in the ConfigMap. Must be a C_IDENTIFIER. + type: string + secretRef: + description: The Secret to select from + properties: + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret must + be defined + type: boolean + type: object + x-kubernetes-map-type: atomic + type: object + type: array + image: + description: 'Container image name. More info: https://kubernetes.io/docs/concepts/containers/images' + type: string + imagePullPolicy: + description: 'Image pull policy. One of Always, Never, + IfNotPresent. Defaults to Always if :latest tag is + specified, or IfNotPresent otherwise. Cannot be updated. + More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' + type: string + lifecycle: + description: Lifecycle is not allowed for ephemeral + containers. + properties: + postStart: + description: 'PostStart is called immediately after + a container is created. If the handler fails, + the container is terminated and restarted according + to its restart policy. Other management of the + container blocks until the hook completes. More + info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' + properties: + exec: + description: Exec specifies the action to take. + properties: + command: + description: Command is the command line + to execute inside the container, the working + directory for the command is root ('/') + in the container's filesystem. The command + is simply exec'd, it is not run inside + a shell, so traditional shell instructions + ('|', etc) won't work. To use a shell, + you need to explicitly call out to that + shell. Exit status of 0 is treated as + live/healthy and non-zero is unhealthy. + items: + type: string + type: array + type: object + httpGet: + description: HTTPGet specifies the http request + to perform. + properties: + host: + description: Host name to connect to, defaults + to the pod IP. You probably want to set + "Host" in httpHeaders instead. + type: string + httpHeaders: + description: Custom headers to set in the + request. HTTP allows repeated headers. + items: + description: HTTPHeader describes a custom + header to be used in HTTP probes + properties: + name: + description: The header field name. + This will be canonicalized upon + output, so case-variant names will + be understood as the same header. + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP + server. + type: string + port: + anyOf: + - type: integer + - type: string + description: Name or number of the port + to access on the container. Number must + be in the range 1 to 65535. Name must + be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: Scheme to use for connecting + to the host. Defaults to HTTP. + type: string + required: + - port + type: object + tcpSocket: + description: Deprecated. TCPSocket is NOT supported + as a LifecycleHandler and kept for the backward + compatibility. There are no validation of + this field and lifecycle hooks will fail in + runtime when tcp handler is specified. + properties: + host: + description: 'Optional: Host name to connect + to, defaults to the pod IP.' + type: string + port: + anyOf: + - type: integer + - type: string + description: Number or name of the port + to access on the container. Number must + be in the range 1 to 65535. Name must + be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + type: object + preStop: + description: 'PreStop is called immediately before + a container is terminated due to an API request + or management event such as liveness/startup probe + failure, preemption, resource contention, etc. + The handler is not called if the container crashes + or exits. The Pod''s termination grace period + countdown begins before the PreStop hook is executed. + Regardless of the outcome of the handler, the + container will eventually terminate within the + Pod''s termination grace period (unless delayed + by finalizers). Other management of the container + blocks until the hook completes or until the termination + grace period is reached. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' + properties: + exec: + description: Exec specifies the action to take. + properties: + command: + description: Command is the command line + to execute inside the container, the working + directory for the command is root ('/') + in the container's filesystem. The command + is simply exec'd, it is not run inside + a shell, so traditional shell instructions + ('|', etc) won't work. To use a shell, + you need to explicitly call out to that + shell. Exit status of 0 is treated as + live/healthy and non-zero is unhealthy. + items: + type: string + type: array + type: object + httpGet: + description: HTTPGet specifies the http request + to perform. + properties: + host: + description: Host name to connect to, defaults + to the pod IP. You probably want to set + "Host" in httpHeaders instead. + type: string + httpHeaders: + description: Custom headers to set in the + request. HTTP allows repeated headers. + items: + description: HTTPHeader describes a custom + header to be used in HTTP probes + properties: + name: + description: The header field name. + This will be canonicalized upon + output, so case-variant names will + be understood as the same header. + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP + server. + type: string + port: + anyOf: + - type: integer + - type: string + description: Name or number of the port + to access on the container. Number must + be in the range 1 to 65535. Name must + be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: Scheme to use for connecting + to the host. Defaults to HTTP. + type: string + required: + - port + type: object + tcpSocket: + description: Deprecated. TCPSocket is NOT supported + as a LifecycleHandler and kept for the backward + compatibility. There are no validation of + this field and lifecycle hooks will fail in + runtime when tcp handler is specified. + properties: + host: + description: 'Optional: Host name to connect + to, defaults to the pod IP.' + type: string + port: + anyOf: + - type: integer + - type: string + description: Number or name of the port + to access on the container. Number must + be in the range 1 to 65535. Name must + be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + type: object + type: object + livenessProbe: + description: Probes are not allowed for ephemeral containers. + properties: + exec: + description: Exec specifies the action to take. + properties: + command: + description: Command is the command line to + execute inside the container, the working + directory for the command is root ('/') in + the container's filesystem. The command is + simply exec'd, it is not run inside a shell, + so traditional shell instructions ('|', etc) + won't work. To use a shell, you need to explicitly + call out to that shell. Exit status of 0 is + treated as live/healthy and non-zero is unhealthy. + items: + type: string + type: array + type: object + failureThreshold: + description: Minimum consecutive failures for the + probe to be considered failed after having succeeded. + Defaults to 3. Minimum value is 1. + format: int32 + type: integer + grpc: + description: GRPC specifies an action involving + a GRPC port. + properties: + port: + description: Port number of the gRPC service. + Number must be in the range 1 to 65535. + format: int32 + type: integer + service: + description: "Service is the name of the service + to place in the gRPC HealthCheckRequest (see + https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + \n If this is not specified, the default behavior + is defined by gRPC." + type: string + required: + - port + type: object + httpGet: + description: HTTPGet specifies the http request + to perform. + properties: + host: + description: Host name to connect to, defaults + to the pod IP. You probably want to set "Host" + in httpHeaders instead. + type: string + httpHeaders: + description: Custom headers to set in the request. + HTTP allows repeated headers. + items: + description: HTTPHeader describes a custom + header to be used in HTTP probes + properties: + name: + description: The header field name. This + will be canonicalized upon output, so + case-variant names will be understood + as the same header. + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: integer + - type: string + description: Name or number of the port to access + on the container. Number must be in the range + 1 to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: Scheme to use for connecting to + the host. Defaults to HTTP. + type: string + required: + - port + type: object + initialDelaySeconds: + description: 'Number of seconds after the container + has started before liveness probes are initiated. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + periodSeconds: + description: How often (in seconds) to perform the + probe. Default to 10 seconds. Minimum value is + 1. + format: int32 + type: integer + successThreshold: + description: Minimum consecutive successes for the + probe to be considered successful after having + failed. Defaults to 1. Must be 1 for liveness + and startup. Minimum value is 1. + format: int32 + type: integer + tcpSocket: + description: TCPSocket specifies an action involving + a TCP port. + properties: + host: + description: 'Optional: Host name to connect + to, defaults to the pod IP.' + type: string + port: + anyOf: + - type: integer + - type: string + description: Number or name of the port to access + on the container. Number must be in the range + 1 to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + terminationGracePeriodSeconds: + description: Optional duration in seconds the pod + needs to terminate gracefully upon probe failure. + The grace period is the duration in seconds after + the processes running in the pod are sent a termination + signal and the time when the processes are forcibly + halted with a kill signal. Set this value longer + than the expected cleanup time for your process. + If this value is nil, the pod's terminationGracePeriodSeconds + will be used. Otherwise, this value overrides + the value provided by the pod spec. Value must + be non-negative integer. The value zero indicates + stop immediately via the kill signal (no opportunity + to shut down). This is a beta field and requires + enabling ProbeTerminationGracePeriod feature gate. + Minimum value is 1. spec.terminationGracePeriodSeconds + is used if unset. + format: int64 + type: integer + timeoutSeconds: + description: 'Number of seconds after which the + probe times out. Defaults to 1 second. Minimum + value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + type: object + name: + description: Name of the ephemeral container specified + as a DNS_LABEL. This name must be unique among all + containers, init containers and ephemeral containers. + type: string + ports: + description: Ports are not allowed for ephemeral containers. + items: + description: ContainerPort represents a network port + in a single container. + properties: + containerPort: + description: Number of port to expose on the pod's + IP address. This must be a valid port number, + 0 < x < 65536. + format: int32 + type: integer + hostIP: + description: What host IP to bind the external + port to. + type: string + hostPort: + description: Number of port to expose on the host. + If specified, this must be a valid port number, + 0 < x < 65536. If HostNetwork is specified, + this must match ContainerPort. Most containers + do not need this. + format: int32 + type: integer + name: + description: If specified, this must be an IANA_SVC_NAME + and unique within the pod. Each named port in + a pod must have a unique name. Name for the + port that can be referred to by services. + type: string + protocol: + default: TCP + description: Protocol for port. Must be UDP, TCP, + or SCTP. Defaults to "TCP". + type: string + required: + - containerPort + type: object + type: array + x-kubernetes-list-map-keys: + - containerPort + - protocol + x-kubernetes-list-type: map + readinessProbe: + description: Probes are not allowed for ephemeral containers. + properties: + exec: + description: Exec specifies the action to take. + properties: + command: + description: Command is the command line to + execute inside the container, the working + directory for the command is root ('/') in + the container's filesystem. The command is + simply exec'd, it is not run inside a shell, + so traditional shell instructions ('|', etc) + won't work. To use a shell, you need to explicitly + call out to that shell. Exit status of 0 is + treated as live/healthy and non-zero is unhealthy. + items: + type: string + type: array + type: object + failureThreshold: + description: Minimum consecutive failures for the + probe to be considered failed after having succeeded. + Defaults to 3. Minimum value is 1. + format: int32 + type: integer + grpc: + description: GRPC specifies an action involving + a GRPC port. + properties: + port: + description: Port number of the gRPC service. + Number must be in the range 1 to 65535. + format: int32 + type: integer + service: + description: "Service is the name of the service + to place in the gRPC HealthCheckRequest (see + https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + \n If this is not specified, the default behavior + is defined by gRPC." + type: string + required: + - port + type: object + httpGet: + description: HTTPGet specifies the http request + to perform. + properties: + host: + description: Host name to connect to, defaults + to the pod IP. You probably want to set "Host" + in httpHeaders instead. + type: string + httpHeaders: + description: Custom headers to set in the request. + HTTP allows repeated headers. + items: + description: HTTPHeader describes a custom + header to be used in HTTP probes + properties: + name: + description: The header field name. This + will be canonicalized upon output, so + case-variant names will be understood + as the same header. + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: integer + - type: string + description: Name or number of the port to access + on the container. Number must be in the range + 1 to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: Scheme to use for connecting to + the host. Defaults to HTTP. + type: string + required: + - port + type: object + initialDelaySeconds: + description: 'Number of seconds after the container + has started before liveness probes are initiated. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + periodSeconds: + description: How often (in seconds) to perform the + probe. Default to 10 seconds. Minimum value is + 1. + format: int32 + type: integer + successThreshold: + description: Minimum consecutive successes for the + probe to be considered successful after having + failed. Defaults to 1. Must be 1 for liveness + and startup. Minimum value is 1. + format: int32 + type: integer + tcpSocket: + description: TCPSocket specifies an action involving + a TCP port. + properties: + host: + description: 'Optional: Host name to connect + to, defaults to the pod IP.' + type: string + port: + anyOf: + - type: integer + - type: string + description: Number or name of the port to access + on the container. Number must be in the range + 1 to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + terminationGracePeriodSeconds: + description: Optional duration in seconds the pod + needs to terminate gracefully upon probe failure. + The grace period is the duration in seconds after + the processes running in the pod are sent a termination + signal and the time when the processes are forcibly + halted with a kill signal. Set this value longer + than the expected cleanup time for your process. + If this value is nil, the pod's terminationGracePeriodSeconds + will be used. Otherwise, this value overrides + the value provided by the pod spec. Value must + be non-negative integer. The value zero indicates + stop immediately via the kill signal (no opportunity + to shut down). This is a beta field and requires + enabling ProbeTerminationGracePeriod feature gate. + Minimum value is 1. spec.terminationGracePeriodSeconds + is used if unset. + format: int64 + type: integer + timeoutSeconds: + description: 'Number of seconds after which the + probe times out. Defaults to 1 second. Minimum + value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + type: object + resizePolicy: + description: Resources resize policy for the container. + items: + description: ContainerResizePolicy represents resource + resize policy for the container. + properties: + resourceName: + description: 'Name of the resource to which this + resource resize policy applies. Supported values: + cpu, memory.' + type: string + restartPolicy: + description: Restart policy to apply when specified + resource is resized. If not specified, it defaults + to NotRequired. + type: string + required: + - resourceName + - restartPolicy + type: object + type: array + x-kubernetes-list-type: atomic + resources: + description: Resources are not allowed for ephemeral + containers. Ephemeral containers use spare resources + already allocated to the pod. + properties: + claims: + description: "Claims lists the names of resources, + defined in spec.resourceClaims, that are used + by this container. \n This is an alpha field and + requires enabling the DynamicResourceAllocation + feature gate. \n This field is immutable. It can + only be set for containers." + items: + description: ResourceClaim references one entry + in PodSpec.ResourceClaims. + properties: + name: + description: Name must match the name of one + entry in pod.spec.resourceClaims of the + Pod where this field is used. It makes that + resource available inside a container. + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum amount + of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum amount + of compute resources required. If Requests is + omitted for a container, it defaults to Limits + if that is explicitly specified, otherwise to + an implementation-defined value. Requests cannot + exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + type: object + restartPolicy: + description: Restart policy for the container to manage + the restart behavior of each container within a pod. + This may only be set for init containers. You cannot + set this field on ephemeral containers. + type: string + securityContext: + description: 'Optional: SecurityContext defines the + security options the ephemeral container should be + run with. If set, the fields of SecurityContext override + the equivalent fields of PodSecurityContext.' + properties: + allowPrivilegeEscalation: + description: 'AllowPrivilegeEscalation controls + whether a process can gain more privileges than + its parent process. This bool directly controls + if the no_new_privs flag will be set on the container + process. AllowPrivilegeEscalation is true always + when the container is: 1) run as Privileged 2) + has CAP_SYS_ADMIN Note that this field cannot + be set when spec.os.name is windows.' + type: boolean + capabilities: + description: The capabilities to add/drop when running + containers. Defaults to the default set of capabilities + granted by the container runtime. Note that this + field cannot be set when spec.os.name is windows. + properties: + add: + description: Added capabilities + items: + description: Capability represent POSIX capabilities + type + type: string + type: array + drop: + description: Removed capabilities + items: + description: Capability represent POSIX capabilities + type + type: string + type: array + type: object + privileged: + description: Run container in privileged mode. Processes + in privileged containers are essentially equivalent + to root on the host. Defaults to false. Note that + this field cannot be set when spec.os.name is + windows. + type: boolean + procMount: + description: procMount denotes the type of proc + mount to use for the containers. The default is + DefaultProcMount which uses the container runtime + defaults for readonly paths and masked paths. + This requires the ProcMountType feature flag to + be enabled. Note that this field cannot be set + when spec.os.name is windows. + type: string + readOnlyRootFilesystem: + description: Whether this container has a read-only + root filesystem. Default is false. Note that this + field cannot be set when spec.os.name is windows. + type: boolean + runAsGroup: + description: The GID to run the entrypoint of the + container process. Uses runtime default if unset. + May also be set in PodSecurityContext. If set + in both SecurityContext and PodSecurityContext, + the value specified in SecurityContext takes precedence. + Note that this field cannot be set when spec.os.name + is windows. + format: int64 + type: integer + runAsNonRoot: + description: Indicates that the container must run + as a non-root user. If true, the Kubelet will + validate the image at runtime to ensure that it + does not run as UID 0 (root) and fail to start + the container if it does. If unset or false, no + such validation will be performed. May also be + set in PodSecurityContext. If set in both SecurityContext + and PodSecurityContext, the value specified in + SecurityContext takes precedence. + type: boolean + runAsUser: + description: The UID to run the entrypoint of the + container process. Defaults to user specified + in image metadata if unspecified. May also be + set in PodSecurityContext. If set in both SecurityContext + and PodSecurityContext, the value specified in + SecurityContext takes precedence. Note that this + field cannot be set when spec.os.name is windows. + format: int64 + type: integer + seLinuxOptions: + description: The SELinux context to be applied to + the container. If unspecified, the container runtime + will allocate a random SELinux context for each + container. May also be set in PodSecurityContext. If + set in both SecurityContext and PodSecurityContext, + the value specified in SecurityContext takes precedence. + Note that this field cannot be set when spec.os.name + is windows. + properties: + level: + description: Level is SELinux level label that + applies to the container. + type: string + role: + description: Role is a SELinux role label that + applies to the container. + type: string + type: + description: Type is a SELinux type label that + applies to the container. + type: string + user: + description: User is a SELinux user label that + applies to the container. + type: string + type: object + seccompProfile: + description: The seccomp options to use by this + container. If seccomp options are provided at + both the pod & container level, the container + options override the pod options. Note that this + field cannot be set when spec.os.name is windows. + properties: + localhostProfile: + description: localhostProfile indicates a profile + defined in a file on the node should be used. + The profile must be preconfigured on the node + to work. Must be a descending path, relative + to the kubelet's configured seccomp profile + location. Must be set if type is "Localhost". + Must NOT be set for any other type. + type: string + type: + description: "type indicates which kind of seccomp + profile will be applied. Valid options are: + \n Localhost - a profile defined in a file + on the node should be used. RuntimeDefault + - the container runtime default profile should + be used. Unconfined - no profile should be + applied." + type: string + required: + - type + type: object + windowsOptions: + description: The Windows specific settings applied + to all containers. If unspecified, the options + from the PodSecurityContext will be used. If set + in both SecurityContext and PodSecurityContext, + the value specified in SecurityContext takes precedence. + Note that this field cannot be set when spec.os.name + is linux. + properties: + gmsaCredentialSpec: + description: GMSACredentialSpec is where the + GMSA admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) + inlines the contents of the GMSA credential + spec named by the GMSACredentialSpecName field. + type: string + gmsaCredentialSpecName: + description: GMSACredentialSpecName is the name + of the GMSA credential spec to use. + type: string + hostProcess: + description: HostProcess determines if a container + should be run as a 'Host Process' container. + All of a Pod's containers must have the same + effective HostProcess value (it is not allowed + to have a mix of HostProcess containers and + non-HostProcess containers). In addition, + if HostProcess is true then HostNetwork must + also be set to true. + type: boolean + runAsUserName: + description: The UserName in Windows to run + the entrypoint of the container process. Defaults + to the user specified in image metadata if + unspecified. May also be set in PodSecurityContext. + If set in both SecurityContext and PodSecurityContext, + the value specified in SecurityContext takes + precedence. + type: string + type: object + type: object + startupProbe: + description: Probes are not allowed for ephemeral containers. + properties: + exec: + description: Exec specifies the action to take. + properties: + command: + description: Command is the command line to + execute inside the container, the working + directory for the command is root ('/') in + the container's filesystem. The command is + simply exec'd, it is not run inside a shell, + so traditional shell instructions ('|', etc) + won't work. To use a shell, you need to explicitly + call out to that shell. Exit status of 0 is + treated as live/healthy and non-zero is unhealthy. + items: + type: string + type: array + type: object + failureThreshold: + description: Minimum consecutive failures for the + probe to be considered failed after having succeeded. + Defaults to 3. Minimum value is 1. + format: int32 + type: integer + grpc: + description: GRPC specifies an action involving + a GRPC port. + properties: + port: + description: Port number of the gRPC service. + Number must be in the range 1 to 65535. + format: int32 + type: integer + service: + description: "Service is the name of the service + to place in the gRPC HealthCheckRequest (see + https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + \n If this is not specified, the default behavior + is defined by gRPC." + type: string + required: + - port + type: object + httpGet: + description: HTTPGet specifies the http request + to perform. + properties: + host: + description: Host name to connect to, defaults + to the pod IP. You probably want to set "Host" + in httpHeaders instead. + type: string + httpHeaders: + description: Custom headers to set in the request. + HTTP allows repeated headers. + items: + description: HTTPHeader describes a custom + header to be used in HTTP probes + properties: + name: + description: The header field name. This + will be canonicalized upon output, so + case-variant names will be understood + as the same header. + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: integer + - type: string + description: Name or number of the port to access + on the container. Number must be in the range + 1 to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: Scheme to use for connecting to + the host. Defaults to HTTP. + type: string + required: + - port + type: object + initialDelaySeconds: + description: 'Number of seconds after the container + has started before liveness probes are initiated. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + periodSeconds: + description: How often (in seconds) to perform the + probe. Default to 10 seconds. Minimum value is + 1. + format: int32 + type: integer + successThreshold: + description: Minimum consecutive successes for the + probe to be considered successful after having + failed. Defaults to 1. Must be 1 for liveness + and startup. Minimum value is 1. + format: int32 + type: integer + tcpSocket: + description: TCPSocket specifies an action involving + a TCP port. + properties: + host: + description: 'Optional: Host name to connect + to, defaults to the pod IP.' + type: string + port: + anyOf: + - type: integer + - type: string + description: Number or name of the port to access + on the container. Number must be in the range + 1 to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + terminationGracePeriodSeconds: + description: Optional duration in seconds the pod + needs to terminate gracefully upon probe failure. + The grace period is the duration in seconds after + the processes running in the pod are sent a termination + signal and the time when the processes are forcibly + halted with a kill signal. Set this value longer + than the expected cleanup time for your process. + If this value is nil, the pod's terminationGracePeriodSeconds + will be used. Otherwise, this value overrides + the value provided by the pod spec. Value must + be non-negative integer. The value zero indicates + stop immediately via the kill signal (no opportunity + to shut down). This is a beta field and requires + enabling ProbeTerminationGracePeriod feature gate. + Minimum value is 1. spec.terminationGracePeriodSeconds + is used if unset. + format: int64 + type: integer + timeoutSeconds: + description: 'Number of seconds after which the + probe times out. Defaults to 1 second. Minimum + value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + type: object + stdin: + description: Whether this container should allocate + a buffer for stdin in the container runtime. If this + is not set, reads from stdin in the container will + always result in EOF. Default is false. + type: boolean + stdinOnce: + description: Whether the container runtime should close + the stdin channel after it has been opened by a single + attach. When stdin is true the stdin stream will remain + open across multiple attach sessions. If stdinOnce + is set to true, stdin is opened on container start, + is empty until the first client attaches to stdin, + and then remains open and accepts data until the client + disconnects, at which time stdin is closed and remains + closed until the container is restarted. If this flag + is false, a container processes that reads from stdin + will never receive an EOF. Default is false + type: boolean + targetContainerName: + description: "If set, the name of the container from + PodSpec that this ephemeral container targets. The + ephemeral container will be run in the namespaces + (IPC, PID, etc) of this container. If not set then + the ephemeral container uses the namespaces configured + in the Pod spec. \n The container runtime must implement + support for this feature. If the runtime does not + support namespace targeting then the result of setting + this field is undefined." + type: string + terminationMessagePath: + description: 'Optional: Path at which the file to which + the container''s termination message will be written + is mounted into the container''s filesystem. Message + written is intended to be brief final status, such + as an assertion failure message. Will be truncated + by the node if greater than 4096 bytes. The total + message length across all containers will be limited + to 12kb. Defaults to /dev/termination-log. Cannot + be updated.' + type: string + terminationMessagePolicy: + description: Indicate how the termination message should + be populated. File will use the contents of terminationMessagePath + to populate the container status message on both success + and failure. FallbackToLogsOnError will use the last + chunk of container log output if the termination message + file is empty and the container exited with an error. + The log output is limited to 2048 bytes or 80 lines, + whichever is smaller. Defaults to File. Cannot be + updated. + type: string + tty: + description: Whether this container should allocate + a TTY for itself, also requires 'stdin' to be true. + Default is false. + type: boolean + volumeDevices: + description: volumeDevices is the list of block devices + to be used by the container. + items: + description: volumeDevice describes a mapping of a + raw block device within a container. + properties: + devicePath: + description: devicePath is the path inside of + the container that the device will be mapped + to. + type: string + name: + description: name must match the name of a persistentVolumeClaim + in the pod + type: string + required: + - devicePath + - name + type: object + type: array + volumeMounts: + description: Pod volumes to mount into the container's + filesystem. Subpath mounts are not allowed for ephemeral + containers. Cannot be updated. + items: + description: VolumeMount describes a mounting of a + Volume within a container. + properties: + mountPath: + description: Path within the container at which + the volume should be mounted. Must not contain + ':'. + type: string + mountPropagation: + description: mountPropagation determines how mounts + are propagated from the host to container and + the other way around. When not set, MountPropagationNone + is used. This field is beta in 1.10. + type: string + name: + description: This must match the Name of a Volume. + type: string + readOnly: + description: Mounted read-only if true, read-write + otherwise (false or unspecified). Defaults to + false. + type: boolean + subPath: + description: Path within the volume from which + the container's volume should be mounted. Defaults + to "" (volume's root). + type: string + subPathExpr: + description: Expanded path within the volume from + which the container's volume should be mounted. + Behaves similarly to SubPath but environment + variable references $(VAR_NAME) are expanded + using the container's environment. Defaults + to "" (volume's root). SubPathExpr and SubPath + are mutually exclusive. + type: string + required: + - mountPath + - name + type: object + type: array + workingDir: + description: Container's working directory. If not specified, + the container runtime's default will be used, which + might be configured in the container image. Cannot + be updated. + type: string + required: + - name + type: object + type: array + hostAliases: + description: HostAliases is an optional list of hosts and + IPs that will be injected into the pod's hosts file if specified. + This is only valid for non-hostNetwork pods. + items: + description: HostAlias holds the mapping between IP and + hostnames that will be injected as an entry in the pod's + hosts file. + properties: + hostnames: + description: Hostnames for the above IP address. + items: + type: string + type: array + ip: + description: IP address of the host file entry. + type: string + type: object + type: array + hostIPC: + description: 'Use the host''s ipc namespace. Optional: Default + to false.' + type: boolean + hostNetwork: + description: Host networking requested for this pod. Use the + host's network namespace. If this option is set, the ports + that will be used must be specified. Default to false. + type: boolean + hostPID: + description: 'Use the host''s pid namespace. Optional: Default + to false.' + type: boolean + hostUsers: + description: 'Use the host''s user namespace. Optional: Default + to true. If set to true or not present, the pod will be + run in the host user namespace, useful for when the pod + needs a feature only available to the host user namespace, + such as loading a kernel module with CAP_SYS_MODULE. When + set to false, a new userns is created for the pod. Setting + false is useful for mitigating container breakout vulnerabilities + even allowing users to run their containers as root without + actually having root privileges on the host. This field + is alpha-level and is only honored by servers that enable + the UserNamespacesSupport feature.' + type: boolean + hostname: + description: Specifies the hostname of the Pod If not specified, + the pod's hostname will be set to a system-defined value. + type: string + imagePullSecrets: + description: 'ImagePullSecrets is an optional list of references + to secrets in the same namespace to use for pulling any + of the images used by this PodSpec. If specified, these + secrets will be passed to individual puller implementations + for them to use. More info: https://kubernetes.io/docs/concepts/containers/images#specifying-imagepullsecrets-on-a-pod' + items: + description: LocalObjectReference contains enough information + to let you locate the referenced object inside the same + namespace. + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + type: object + x-kubernetes-map-type: atomic + type: array + initContainers: + description: 'List of initialization containers belonging + to the pod. Init containers are executed in order prior + to containers being started. If any init container fails, + the pod is considered to have failed and is handled according + to its restartPolicy. The name for an init container or + normal container must be unique among all containers. Init + containers may not have Lifecycle actions, Readiness probes, + Liveness probes, or Startup probes. The resourceRequirements + of an init container are taken into account during scheduling + by finding the highest request/limit for each resource type, + and then using the max of of that value or the sum of the + normal containers. Limits are applied to init containers + in a similar fashion. Init containers cannot currently be + added or removed. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/' + items: + description: A single application container that you want + to run within a pod. + properties: + args: + description: 'Arguments to the entrypoint. The container + image''s CMD is used if this is not provided. Variable + references $(VAR_NAME) are expanded using the container''s + environment. If a variable cannot be resolved, the + reference in the input string will be unchanged. Double + $$ are reduced to a single $, which allows for escaping + the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce + the string literal "$(VAR_NAME)". Escaped references + will never be expanded, regardless of whether the + variable exists or not. Cannot be updated. More info: + https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' + items: + type: string + type: array + command: + description: 'Entrypoint array. Not executed within + a shell. The container image''s ENTRYPOINT is used + if this is not provided. Variable references $(VAR_NAME) + are expanded using the container''s environment. If + a variable cannot be resolved, the reference in the + input string will be unchanged. Double $$ are reduced + to a single $, which allows for escaping the $(VAR_NAME) + syntax: i.e. "$$(VAR_NAME)" will produce the string + literal "$(VAR_NAME)". Escaped references will never + be expanded, regardless of whether the variable exists + or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' + items: + type: string + type: array + env: + description: List of environment variables to set in + the container. Cannot be updated. + items: + description: EnvVar represents an environment variable + present in a Container. + properties: + name: + description: Name of the environment variable. + Must be a C_IDENTIFIER. + type: string + value: + description: 'Variable references $(VAR_NAME) + are expanded using the previously defined environment + variables in the container and any service environment + variables. If a variable cannot be resolved, + the reference in the input string will be unchanged. + Double $$ are reduced to a single $, which allows + for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" + will produce the string literal "$(VAR_NAME)". + Escaped references will never be expanded, regardless + of whether the variable exists or not. Defaults + to "".' + type: string + valueFrom: + description: Source for the environment variable's + value. Cannot be used if value is not empty. + properties: + configMapKeyRef: + description: Selects a key of a ConfigMap. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the ConfigMap + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + fieldRef: + description: 'Selects a field of the pod: + supports metadata.name, metadata.namespace, + `metadata.labels['''']`, `metadata.annotations['''']`, + spec.nodeName, spec.serviceAccountName, + status.hostIP, status.podIP, status.podIPs.' + properties: + apiVersion: + description: Version of the schema the + FieldPath is written in terms of, defaults + to "v1". + type: string + fieldPath: + description: Path of the field to select + in the specified API version. + type: string + required: + - fieldPath + type: object + x-kubernetes-map-type: atomic + resourceFieldRef: + description: 'Selects a resource of the container: + only resources limits and requests (limits.cpu, + limits.memory, limits.ephemeral-storage, + requests.cpu, requests.memory and requests.ephemeral-storage) + are currently supported.' + properties: + containerName: + description: 'Container name: required + for volumes, optional for env vars' + type: string + divisor: + anyOf: + - type: integer + - type: string + description: Specifies the output format + of the exposed resources, defaults to + "1" + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + description: 'Required: resource to select' + type: string + required: + - resource + type: object + x-kubernetes-map-type: atomic + secretKeyRef: + description: Selects a key of a secret in + the pod's namespace + properties: + key: + description: The key of the secret to + select from. Must be a valid secret + key. + type: string + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + required: + - name + type: object + type: array + envFrom: + description: List of sources to populate environment + variables in the container. The keys defined within + a source must be a C_IDENTIFIER. All invalid keys + will be reported as an event when the container is + starting. When a key exists in multiple sources, the + value associated with the last source will take precedence. + Values defined by an Env with a duplicate key will + take precedence. Cannot be updated. + items: + description: EnvFromSource represents the source of + a set of ConfigMaps + properties: + configMapRef: + description: The ConfigMap to select from + properties: + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the ConfigMap + must be defined + type: boolean + type: object + x-kubernetes-map-type: atomic + prefix: + description: An optional identifier to prepend + to each key in the ConfigMap. Must be a C_IDENTIFIER. + type: string + secretRef: + description: The Secret to select from + properties: + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret must + be defined + type: boolean + type: object + x-kubernetes-map-type: atomic + type: object + type: array + image: + description: 'Container image name. More info: https://kubernetes.io/docs/concepts/containers/images + This field is optional to allow higher level config + management to default or override container images + in workload controllers like Deployments and StatefulSets.' + type: string + imagePullPolicy: + description: 'Image pull policy. One of Always, Never, + IfNotPresent. Defaults to Always if :latest tag is + specified, or IfNotPresent otherwise. Cannot be updated. + More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' + type: string + lifecycle: + description: Actions that the management system should + take in response to container lifecycle events. Cannot + be updated. + properties: + postStart: + description: 'PostStart is called immediately after + a container is created. If the handler fails, + the container is terminated and restarted according + to its restart policy. Other management of the + container blocks until the hook completes. More + info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' + properties: + exec: + description: Exec specifies the action to take. + properties: + command: + description: Command is the command line + to execute inside the container, the working + directory for the command is root ('/') + in the container's filesystem. The command + is simply exec'd, it is not run inside + a shell, so traditional shell instructions + ('|', etc) won't work. To use a shell, + you need to explicitly call out to that + shell. Exit status of 0 is treated as + live/healthy and non-zero is unhealthy. + items: + type: string + type: array + type: object + httpGet: + description: HTTPGet specifies the http request + to perform. + properties: + host: + description: Host name to connect to, defaults + to the pod IP. You probably want to set + "Host" in httpHeaders instead. + type: string + httpHeaders: + description: Custom headers to set in the + request. HTTP allows repeated headers. + items: + description: HTTPHeader describes a custom + header to be used in HTTP probes + properties: + name: + description: The header field name. + This will be canonicalized upon + output, so case-variant names will + be understood as the same header. + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP + server. + type: string + port: + anyOf: + - type: integer + - type: string + description: Name or number of the port + to access on the container. Number must + be in the range 1 to 65535. Name must + be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: Scheme to use for connecting + to the host. Defaults to HTTP. + type: string + required: + - port + type: object + tcpSocket: + description: Deprecated. TCPSocket is NOT supported + as a LifecycleHandler and kept for the backward + compatibility. There are no validation of + this field and lifecycle hooks will fail in + runtime when tcp handler is specified. + properties: + host: + description: 'Optional: Host name to connect + to, defaults to the pod IP.' + type: string + port: + anyOf: + - type: integer + - type: string + description: Number or name of the port + to access on the container. Number must + be in the range 1 to 65535. Name must + be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + type: object + preStop: + description: 'PreStop is called immediately before + a container is terminated due to an API request + or management event such as liveness/startup probe + failure, preemption, resource contention, etc. + The handler is not called if the container crashes + or exits. The Pod''s termination grace period + countdown begins before the PreStop hook is executed. + Regardless of the outcome of the handler, the + container will eventually terminate within the + Pod''s termination grace period (unless delayed + by finalizers). Other management of the container + blocks until the hook completes or until the termination + grace period is reached. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' + properties: + exec: + description: Exec specifies the action to take. + properties: + command: + description: Command is the command line + to execute inside the container, the working + directory for the command is root ('/') + in the container's filesystem. The command + is simply exec'd, it is not run inside + a shell, so traditional shell instructions + ('|', etc) won't work. To use a shell, + you need to explicitly call out to that + shell. Exit status of 0 is treated as + live/healthy and non-zero is unhealthy. + items: + type: string + type: array + type: object + httpGet: + description: HTTPGet specifies the http request + to perform. + properties: + host: + description: Host name to connect to, defaults + to the pod IP. You probably want to set + "Host" in httpHeaders instead. + type: string + httpHeaders: + description: Custom headers to set in the + request. HTTP allows repeated headers. + items: + description: HTTPHeader describes a custom + header to be used in HTTP probes + properties: + name: + description: The header field name. + This will be canonicalized upon + output, so case-variant names will + be understood as the same header. + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP + server. + type: string + port: + anyOf: + - type: integer + - type: string + description: Name or number of the port + to access on the container. Number must + be in the range 1 to 65535. Name must + be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: Scheme to use for connecting + to the host. Defaults to HTTP. + type: string + required: + - port + type: object + tcpSocket: + description: Deprecated. TCPSocket is NOT supported + as a LifecycleHandler and kept for the backward + compatibility. There are no validation of + this field and lifecycle hooks will fail in + runtime when tcp handler is specified. + properties: + host: + description: 'Optional: Host name to connect + to, defaults to the pod IP.' + type: string + port: + anyOf: + - type: integer + - type: string + description: Number or name of the port + to access on the container. Number must + be in the range 1 to 65535. Name must + be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + type: object + type: object + livenessProbe: + description: 'Periodic probe of container liveness. + Container will be restarted if the probe fails. Cannot + be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + properties: + exec: + description: Exec specifies the action to take. + properties: + command: + description: Command is the command line to + execute inside the container, the working + directory for the command is root ('/') in + the container's filesystem. The command is + simply exec'd, it is not run inside a shell, + so traditional shell instructions ('|', etc) + won't work. To use a shell, you need to explicitly + call out to that shell. Exit status of 0 is + treated as live/healthy and non-zero is unhealthy. + items: + type: string + type: array + type: object + failureThreshold: + description: Minimum consecutive failures for the + probe to be considered failed after having succeeded. + Defaults to 3. Minimum value is 1. + format: int32 + type: integer + grpc: + description: GRPC specifies an action involving + a GRPC port. + properties: + port: + description: Port number of the gRPC service. + Number must be in the range 1 to 65535. + format: int32 + type: integer + service: + description: "Service is the name of the service + to place in the gRPC HealthCheckRequest (see + https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + \n If this is not specified, the default behavior + is defined by gRPC." + type: string + required: + - port + type: object + httpGet: + description: HTTPGet specifies the http request + to perform. + properties: + host: + description: Host name to connect to, defaults + to the pod IP. You probably want to set "Host" + in httpHeaders instead. + type: string + httpHeaders: + description: Custom headers to set in the request. + HTTP allows repeated headers. + items: + description: HTTPHeader describes a custom + header to be used in HTTP probes + properties: + name: + description: The header field name. This + will be canonicalized upon output, so + case-variant names will be understood + as the same header. + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: integer + - type: string + description: Name or number of the port to access + on the container. Number must be in the range + 1 to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: Scheme to use for connecting to + the host. Defaults to HTTP. + type: string + required: + - port + type: object + initialDelaySeconds: + description: 'Number of seconds after the container + has started before liveness probes are initiated. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + periodSeconds: + description: How often (in seconds) to perform the + probe. Default to 10 seconds. Minimum value is + 1. + format: int32 + type: integer + successThreshold: + description: Minimum consecutive successes for the + probe to be considered successful after having + failed. Defaults to 1. Must be 1 for liveness + and startup. Minimum value is 1. + format: int32 + type: integer + tcpSocket: + description: TCPSocket specifies an action involving + a TCP port. + properties: + host: + description: 'Optional: Host name to connect + to, defaults to the pod IP.' + type: string + port: + anyOf: + - type: integer + - type: string + description: Number or name of the port to access + on the container. Number must be in the range + 1 to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + terminationGracePeriodSeconds: + description: Optional duration in seconds the pod + needs to terminate gracefully upon probe failure. + The grace period is the duration in seconds after + the processes running in the pod are sent a termination + signal and the time when the processes are forcibly + halted with a kill signal. Set this value longer + than the expected cleanup time for your process. + If this value is nil, the pod's terminationGracePeriodSeconds + will be used. Otherwise, this value overrides + the value provided by the pod spec. Value must + be non-negative integer. The value zero indicates + stop immediately via the kill signal (no opportunity + to shut down). This is a beta field and requires + enabling ProbeTerminationGracePeriod feature gate. + Minimum value is 1. spec.terminationGracePeriodSeconds + is used if unset. + format: int64 + type: integer + timeoutSeconds: + description: 'Number of seconds after which the + probe times out. Defaults to 1 second. Minimum + value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + type: object + name: + description: Name of the container specified as a DNS_LABEL. + Each container in a pod must have a unique name (DNS_LABEL). + Cannot be updated. + type: string + ports: + description: List of ports to expose from the container. + Not specifying a port here DOES NOT prevent that port + from being exposed. Any port which is listening on + the default "0.0.0.0" address inside a container will + be accessible from the network. Modifying this array + with strategic merge patch may corrupt the data. For + more information See https://github.com/kubernetes/kubernetes/issues/108255. + Cannot be updated. + items: + description: ContainerPort represents a network port + in a single container. + properties: + containerPort: + description: Number of port to expose on the pod's + IP address. This must be a valid port number, + 0 < x < 65536. + format: int32 + type: integer + hostIP: + description: What host IP to bind the external + port to. + type: string + hostPort: + description: Number of port to expose on the host. + If specified, this must be a valid port number, + 0 < x < 65536. If HostNetwork is specified, + this must match ContainerPort. Most containers + do not need this. + format: int32 + type: integer + name: + description: If specified, this must be an IANA_SVC_NAME + and unique within the pod. Each named port in + a pod must have a unique name. Name for the + port that can be referred to by services. + type: string + protocol: + default: TCP + description: Protocol for port. Must be UDP, TCP, + or SCTP. Defaults to "TCP". + type: string + required: + - containerPort + type: object + type: array + x-kubernetes-list-map-keys: + - containerPort + - protocol + x-kubernetes-list-type: map + readinessProbe: + description: 'Periodic probe of container service readiness. + Container will be removed from service endpoints if + the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + properties: + exec: + description: Exec specifies the action to take. + properties: + command: + description: Command is the command line to + execute inside the container, the working + directory for the command is root ('/') in + the container's filesystem. The command is + simply exec'd, it is not run inside a shell, + so traditional shell instructions ('|', etc) + won't work. To use a shell, you need to explicitly + call out to that shell. Exit status of 0 is + treated as live/healthy and non-zero is unhealthy. + items: + type: string + type: array + type: object + failureThreshold: + description: Minimum consecutive failures for the + probe to be considered failed after having succeeded. + Defaults to 3. Minimum value is 1. + format: int32 + type: integer + grpc: + description: GRPC specifies an action involving + a GRPC port. + properties: + port: + description: Port number of the gRPC service. + Number must be in the range 1 to 65535. + format: int32 + type: integer + service: + description: "Service is the name of the service + to place in the gRPC HealthCheckRequest (see + https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + \n If this is not specified, the default behavior + is defined by gRPC." + type: string + required: + - port + type: object + httpGet: + description: HTTPGet specifies the http request + to perform. + properties: + host: + description: Host name to connect to, defaults + to the pod IP. You probably want to set "Host" + in httpHeaders instead. + type: string + httpHeaders: + description: Custom headers to set in the request. + HTTP allows repeated headers. + items: + description: HTTPHeader describes a custom + header to be used in HTTP probes + properties: + name: + description: The header field name. This + will be canonicalized upon output, so + case-variant names will be understood + as the same header. + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: integer + - type: string + description: Name or number of the port to access + on the container. Number must be in the range + 1 to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: Scheme to use for connecting to + the host. Defaults to HTTP. + type: string + required: + - port + type: object + initialDelaySeconds: + description: 'Number of seconds after the container + has started before liveness probes are initiated. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + periodSeconds: + description: How often (in seconds) to perform the + probe. Default to 10 seconds. Minimum value is + 1. + format: int32 + type: integer + successThreshold: + description: Minimum consecutive successes for the + probe to be considered successful after having + failed. Defaults to 1. Must be 1 for liveness + and startup. Minimum value is 1. + format: int32 + type: integer + tcpSocket: + description: TCPSocket specifies an action involving + a TCP port. + properties: + host: + description: 'Optional: Host name to connect + to, defaults to the pod IP.' + type: string + port: + anyOf: + - type: integer + - type: string + description: Number or name of the port to access + on the container. Number must be in the range + 1 to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + terminationGracePeriodSeconds: + description: Optional duration in seconds the pod + needs to terminate gracefully upon probe failure. + The grace period is the duration in seconds after + the processes running in the pod are sent a termination + signal and the time when the processes are forcibly + halted with a kill signal. Set this value longer + than the expected cleanup time for your process. + If this value is nil, the pod's terminationGracePeriodSeconds + will be used. Otherwise, this value overrides + the value provided by the pod spec. Value must + be non-negative integer. The value zero indicates + stop immediately via the kill signal (no opportunity + to shut down). This is a beta field and requires + enabling ProbeTerminationGracePeriod feature gate. + Minimum value is 1. spec.terminationGracePeriodSeconds + is used if unset. + format: int64 + type: integer + timeoutSeconds: + description: 'Number of seconds after which the + probe times out. Defaults to 1 second. Minimum + value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + type: object + resizePolicy: + description: Resources resize policy for the container. + items: + description: ContainerResizePolicy represents resource + resize policy for the container. + properties: + resourceName: + description: 'Name of the resource to which this + resource resize policy applies. Supported values: + cpu, memory.' + type: string + restartPolicy: + description: Restart policy to apply when specified + resource is resized. If not specified, it defaults + to NotRequired. + type: string + required: + - resourceName + - restartPolicy + type: object + type: array + x-kubernetes-list-type: atomic + resources: + description: 'Compute Resources required by this container. + Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + properties: + claims: + description: "Claims lists the names of resources, + defined in spec.resourceClaims, that are used + by this container. \n This is an alpha field and + requires enabling the DynamicResourceAllocation + feature gate. \n This field is immutable. It can + only be set for containers." + items: + description: ResourceClaim references one entry + in PodSpec.ResourceClaims. + properties: + name: + description: Name must match the name of one + entry in pod.spec.resourceClaims of the + Pod where this field is used. It makes that + resource available inside a container. + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum amount + of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum amount + of compute resources required. If Requests is + omitted for a container, it defaults to Limits + if that is explicitly specified, otherwise to + an implementation-defined value. Requests cannot + exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + type: object + restartPolicy: + description: 'RestartPolicy defines the restart behavior + of individual containers in a pod. This field may + only be set for init containers, and the only allowed + value is "Always". For non-init containers or when + this field is not specified, the restart behavior + is defined by the Pod''s restart policy and the container + type. Setting the RestartPolicy as "Always" for the + init container will have the following effect: this + init container will be continually restarted on exit + until all regular containers have terminated. Once + all regular containers have completed, all init containers + with restartPolicy "Always" will be shut down. This + lifecycle differs from normal init containers and + is often referred to as a "sidecar" container. Although + this init container still starts in the init container + sequence, it does not wait for the container to complete + before proceeding to the next init container. Instead, + the next init container starts immediately after this + init container is started, or after any startupProbe + has successfully completed.' + type: string + securityContext: + description: 'SecurityContext defines the security options + the container should be run with. If set, the fields + of SecurityContext override the equivalent fields + of PodSecurityContext. More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/' + properties: + allowPrivilegeEscalation: + description: 'AllowPrivilegeEscalation controls + whether a process can gain more privileges than + its parent process. This bool directly controls + if the no_new_privs flag will be set on the container + process. AllowPrivilegeEscalation is true always + when the container is: 1) run as Privileged 2) + has CAP_SYS_ADMIN Note that this field cannot + be set when spec.os.name is windows.' + type: boolean + capabilities: + description: The capabilities to add/drop when running + containers. Defaults to the default set of capabilities + granted by the container runtime. Note that this + field cannot be set when spec.os.name is windows. + properties: + add: + description: Added capabilities + items: + description: Capability represent POSIX capabilities + type + type: string + type: array + drop: + description: Removed capabilities + items: + description: Capability represent POSIX capabilities + type + type: string + type: array + type: object + privileged: + description: Run container in privileged mode. Processes + in privileged containers are essentially equivalent + to root on the host. Defaults to false. Note that + this field cannot be set when spec.os.name is + windows. + type: boolean + procMount: + description: procMount denotes the type of proc + mount to use for the containers. The default is + DefaultProcMount which uses the container runtime + defaults for readonly paths and masked paths. + This requires the ProcMountType feature flag to + be enabled. Note that this field cannot be set + when spec.os.name is windows. + type: string + readOnlyRootFilesystem: + description: Whether this container has a read-only + root filesystem. Default is false. Note that this + field cannot be set when spec.os.name is windows. + type: boolean + runAsGroup: + description: The GID to run the entrypoint of the + container process. Uses runtime default if unset. + May also be set in PodSecurityContext. If set + in both SecurityContext and PodSecurityContext, + the value specified in SecurityContext takes precedence. + Note that this field cannot be set when spec.os.name + is windows. + format: int64 + type: integer + runAsNonRoot: + description: Indicates that the container must run + as a non-root user. If true, the Kubelet will + validate the image at runtime to ensure that it + does not run as UID 0 (root) and fail to start + the container if it does. If unset or false, no + such validation will be performed. May also be + set in PodSecurityContext. If set in both SecurityContext + and PodSecurityContext, the value specified in + SecurityContext takes precedence. + type: boolean + runAsUser: + description: The UID to run the entrypoint of the + container process. Defaults to user specified + in image metadata if unspecified. May also be + set in PodSecurityContext. If set in both SecurityContext + and PodSecurityContext, the value specified in + SecurityContext takes precedence. Note that this + field cannot be set when spec.os.name is windows. + format: int64 + type: integer + seLinuxOptions: + description: The SELinux context to be applied to + the container. If unspecified, the container runtime + will allocate a random SELinux context for each + container. May also be set in PodSecurityContext. If + set in both SecurityContext and PodSecurityContext, + the value specified in SecurityContext takes precedence. + Note that this field cannot be set when spec.os.name + is windows. + properties: + level: + description: Level is SELinux level label that + applies to the container. + type: string + role: + description: Role is a SELinux role label that + applies to the container. + type: string + type: + description: Type is a SELinux type label that + applies to the container. + type: string + user: + description: User is a SELinux user label that + applies to the container. + type: string + type: object + seccompProfile: + description: The seccomp options to use by this + container. If seccomp options are provided at + both the pod & container level, the container + options override the pod options. Note that this + field cannot be set when spec.os.name is windows. + properties: + localhostProfile: + description: localhostProfile indicates a profile + defined in a file on the node should be used. + The profile must be preconfigured on the node + to work. Must be a descending path, relative + to the kubelet's configured seccomp profile + location. Must be set if type is "Localhost". + Must NOT be set for any other type. + type: string + type: + description: "type indicates which kind of seccomp + profile will be applied. Valid options are: + \n Localhost - a profile defined in a file + on the node should be used. RuntimeDefault + - the container runtime default profile should + be used. Unconfined - no profile should be + applied." + type: string + required: + - type + type: object + windowsOptions: + description: The Windows specific settings applied + to all containers. If unspecified, the options + from the PodSecurityContext will be used. If set + in both SecurityContext and PodSecurityContext, + the value specified in SecurityContext takes precedence. + Note that this field cannot be set when spec.os.name + is linux. + properties: + gmsaCredentialSpec: + description: GMSACredentialSpec is where the + GMSA admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) + inlines the contents of the GMSA credential + spec named by the GMSACredentialSpecName field. + type: string + gmsaCredentialSpecName: + description: GMSACredentialSpecName is the name + of the GMSA credential spec to use. + type: string + hostProcess: + description: HostProcess determines if a container + should be run as a 'Host Process' container. + All of a Pod's containers must have the same + effective HostProcess value (it is not allowed + to have a mix of HostProcess containers and + non-HostProcess containers). In addition, + if HostProcess is true then HostNetwork must + also be set to true. + type: boolean + runAsUserName: + description: The UserName in Windows to run + the entrypoint of the container process. Defaults + to the user specified in image metadata if + unspecified. May also be set in PodSecurityContext. + If set in both SecurityContext and PodSecurityContext, + the value specified in SecurityContext takes + precedence. + type: string + type: object + type: object + startupProbe: + description: 'StartupProbe indicates that the Pod has + successfully initialized. If specified, no other probes + are executed until this completes successfully. If + this probe fails, the Pod will be restarted, just + as if the livenessProbe failed. This can be used to + provide different probe parameters at the beginning + of a Pod''s lifecycle, when it might take a long time + to load data or warm a cache, than during steady-state + operation. This cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + properties: + exec: + description: Exec specifies the action to take. + properties: + command: + description: Command is the command line to + execute inside the container, the working + directory for the command is root ('/') in + the container's filesystem. The command is + simply exec'd, it is not run inside a shell, + so traditional shell instructions ('|', etc) + won't work. To use a shell, you need to explicitly + call out to that shell. Exit status of 0 is + treated as live/healthy and non-zero is unhealthy. + items: + type: string + type: array + type: object + failureThreshold: + description: Minimum consecutive failures for the + probe to be considered failed after having succeeded. + Defaults to 3. Minimum value is 1. + format: int32 + type: integer + grpc: + description: GRPC specifies an action involving + a GRPC port. + properties: + port: + description: Port number of the gRPC service. + Number must be in the range 1 to 65535. + format: int32 + type: integer + service: + description: "Service is the name of the service + to place in the gRPC HealthCheckRequest (see + https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + \n If this is not specified, the default behavior + is defined by gRPC." + type: string + required: + - port + type: object + httpGet: + description: HTTPGet specifies the http request + to perform. + properties: + host: + description: Host name to connect to, defaults + to the pod IP. You probably want to set "Host" + in httpHeaders instead. + type: string + httpHeaders: + description: Custom headers to set in the request. + HTTP allows repeated headers. + items: + description: HTTPHeader describes a custom + header to be used in HTTP probes + properties: + name: + description: The header field name. This + will be canonicalized upon output, so + case-variant names will be understood + as the same header. + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: integer + - type: string + description: Name or number of the port to access + on the container. Number must be in the range + 1 to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: Scheme to use for connecting to + the host. Defaults to HTTP. + type: string + required: + - port + type: object + initialDelaySeconds: + description: 'Number of seconds after the container + has started before liveness probes are initiated. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + periodSeconds: + description: How often (in seconds) to perform the + probe. Default to 10 seconds. Minimum value is + 1. + format: int32 + type: integer + successThreshold: + description: Minimum consecutive successes for the + probe to be considered successful after having + failed. Defaults to 1. Must be 1 for liveness + and startup. Minimum value is 1. + format: int32 + type: integer + tcpSocket: + description: TCPSocket specifies an action involving + a TCP port. + properties: + host: + description: 'Optional: Host name to connect + to, defaults to the pod IP.' + type: string + port: + anyOf: + - type: integer + - type: string + description: Number or name of the port to access + on the container. Number must be in the range + 1 to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + terminationGracePeriodSeconds: + description: Optional duration in seconds the pod + needs to terminate gracefully upon probe failure. + The grace period is the duration in seconds after + the processes running in the pod are sent a termination + signal and the time when the processes are forcibly + halted with a kill signal. Set this value longer + than the expected cleanup time for your process. + If this value is nil, the pod's terminationGracePeriodSeconds + will be used. Otherwise, this value overrides + the value provided by the pod spec. Value must + be non-negative integer. The value zero indicates + stop immediately via the kill signal (no opportunity + to shut down). This is a beta field and requires + enabling ProbeTerminationGracePeriod feature gate. + Minimum value is 1. spec.terminationGracePeriodSeconds + is used if unset. + format: int64 + type: integer + timeoutSeconds: + description: 'Number of seconds after which the + probe times out. Defaults to 1 second. Minimum + value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + type: object + stdin: + description: Whether this container should allocate + a buffer for stdin in the container runtime. If this + is not set, reads from stdin in the container will + always result in EOF. Default is false. + type: boolean + stdinOnce: + description: Whether the container runtime should close + the stdin channel after it has been opened by a single + attach. When stdin is true the stdin stream will remain + open across multiple attach sessions. If stdinOnce + is set to true, stdin is opened on container start, + is empty until the first client attaches to stdin, + and then remains open and accepts data until the client + disconnects, at which time stdin is closed and remains + closed until the container is restarted. If this flag + is false, a container processes that reads from stdin + will never receive an EOF. Default is false + type: boolean + terminationMessagePath: + description: 'Optional: Path at which the file to which + the container''s termination message will be written + is mounted into the container''s filesystem. Message + written is intended to be brief final status, such + as an assertion failure message. Will be truncated + by the node if greater than 4096 bytes. The total + message length across all containers will be limited + to 12kb. Defaults to /dev/termination-log. Cannot + be updated.' + type: string + terminationMessagePolicy: + description: Indicate how the termination message should + be populated. File will use the contents of terminationMessagePath + to populate the container status message on both success + and failure. FallbackToLogsOnError will use the last + chunk of container log output if the termination message + file is empty and the container exited with an error. + The log output is limited to 2048 bytes or 80 lines, + whichever is smaller. Defaults to File. Cannot be + updated. + type: string + tty: + description: Whether this container should allocate + a TTY for itself, also requires 'stdin' to be true. + Default is false. + type: boolean + volumeDevices: + description: volumeDevices is the list of block devices + to be used by the container. + items: + description: volumeDevice describes a mapping of a + raw block device within a container. + properties: + devicePath: + description: devicePath is the path inside of + the container that the device will be mapped + to. + type: string + name: + description: name must match the name of a persistentVolumeClaim + in the pod + type: string + required: + - devicePath + - name + type: object + type: array + volumeMounts: + description: Pod volumes to mount into the container's + filesystem. Cannot be updated. + items: + description: VolumeMount describes a mounting of a + Volume within a container. + properties: + mountPath: + description: Path within the container at which + the volume should be mounted. Must not contain + ':'. + type: string + mountPropagation: + description: mountPropagation determines how mounts + are propagated from the host to container and + the other way around. When not set, MountPropagationNone + is used. This field is beta in 1.10. + type: string + name: + description: This must match the Name of a Volume. + type: string + readOnly: + description: Mounted read-only if true, read-write + otherwise (false or unspecified). Defaults to + false. + type: boolean + subPath: + description: Path within the volume from which + the container's volume should be mounted. Defaults + to "" (volume's root). + type: string + subPathExpr: + description: Expanded path within the volume from + which the container's volume should be mounted. + Behaves similarly to SubPath but environment + variable references $(VAR_NAME) are expanded + using the container's environment. Defaults + to "" (volume's root). SubPathExpr and SubPath + are mutually exclusive. + type: string + required: + - mountPath + - name + type: object + type: array + workingDir: + description: Container's working directory. If not specified, + the container runtime's default will be used, which + might be configured in the container image. Cannot + be updated. + type: string + required: + - name + type: object + type: array + nodeName: + description: NodeName is a request to schedule this pod onto + a specific node. If it is non-empty, the scheduler simply + schedules this pod onto that node, assuming that it fits + resource requirements. + type: string + nodeSelector: + additionalProperties: + type: string + description: 'NodeSelector is a selector which must be true + for the pod to fit on a node. Selector which must match + a node''s labels for the pod to be scheduled on that node. + More info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/' + type: object + x-kubernetes-map-type: atomic + os: + description: "Specifies the OS of the containers in the pod. + Some pod and container fields are restricted if this is + set. \n If the OS field is set to linux, the following fields + must be unset: -securityContext.windowsOptions \n If the + OS field is set to windows, following fields must be unset: + - spec.hostPID - spec.hostIPC - spec.hostUsers - spec.securityContext.seLinuxOptions + - spec.securityContext.seccompProfile - spec.securityContext.fsGroup + - spec.securityContext.fsGroupChangePolicy - spec.securityContext.sysctls + - spec.shareProcessNamespace - spec.securityContext.runAsUser + - spec.securityContext.runAsGroup - spec.securityContext.supplementalGroups + - spec.containers[*].securityContext.seLinuxOptions - spec.containers[*].securityContext.seccompProfile + - spec.containers[*].securityContext.capabilities - spec.containers[*].securityContext.readOnlyRootFilesystem + - spec.containers[*].securityContext.privileged - spec.containers[*].securityContext.allowPrivilegeEscalation + - spec.containers[*].securityContext.procMount - spec.containers[*].securityContext.runAsUser + - spec.containers[*].securityContext.runAsGroup" + properties: + name: + description: 'Name is the name of the operating system. + The currently supported values are linux and windows. + Additional value may be defined in future and can be + one of: https://github.com/opencontainers/runtime-spec/blob/master/config.md#platform-specific-configuration + Clients should expect to handle additional values and + treat unrecognized values in this field as os: null' + type: string + required: + - name + type: object + overhead: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Overhead represents the resource overhead associated + with running a pod for a given RuntimeClass. This field + will be autopopulated at admission time by the RuntimeClass + admission controller. If the RuntimeClass admission controller + is enabled, overhead must not be set in Pod create requests. + The RuntimeClass admission controller will reject Pod create + requests which have the overhead already set. If RuntimeClass + is configured and selected in the PodSpec, Overhead will + be set to the value defined in the corresponding RuntimeClass, + otherwise it will remain unset and treated as zero. More + info: https://git.k8s.io/enhancements/keps/sig-node/688-pod-overhead/README.md' + type: object + preemptionPolicy: + description: PreemptionPolicy is the Policy for preempting + pods with lower priority. One of Never, PreemptLowerPriority. + Defaults to PreemptLowerPriority if unset. + type: string + priority: + description: The priority value. Various system components + use this field to find the priority of the pod. When Priority + Admission Controller is enabled, it prevents users from + setting this field. The admission controller populates this + field from PriorityClassName. The higher the value, the + higher the priority. + format: int32 + type: integer + priorityClassName: + description: If specified, indicates the pod's priority. "system-node-critical" + and "system-cluster-critical" are two special keywords which + indicate the highest priorities with the former being the + highest priority. Any other name must be defined by creating + a PriorityClass object with that name. If not specified, + the pod priority will be default or zero if there is no + default. + type: string + readinessGates: + description: 'If specified, all readiness gates will be evaluated + for pod readiness. A pod is ready when all its containers + are ready AND all conditions specified in the readiness + gates have status equal to "True" More info: https://git.k8s.io/enhancements/keps/sig-network/580-pod-readiness-gates' + items: + description: PodReadinessGate contains the reference to + a pod condition + properties: + conditionType: + description: ConditionType refers to a condition in + the pod's condition list with matching type. + type: string + required: + - conditionType + type: object + type: array + resourceClaims: + description: "ResourceClaims defines which ResourceClaims + must be allocated and reserved before the Pod is allowed + to start. The resources will be made available to those + containers which consume them by name. \n This is an alpha + field and requires enabling the DynamicResourceAllocation + feature gate. \n This field is immutable." + items: + description: PodResourceClaim references exactly one ResourceClaim + through a ClaimSource. It adds a name to it that uniquely + identifies the ResourceClaim inside the Pod. Containers + that need access to the ResourceClaim reference it with + this name. + properties: + name: + description: Name uniquely identifies this resource + claim inside the pod. This must be a DNS_LABEL. + type: string + source: + description: Source describes where to find the ResourceClaim. + properties: + resourceClaimName: + description: ResourceClaimName is the name of a + ResourceClaim object in the same namespace as + this pod. + type: string + resourceClaimTemplateName: + description: "ResourceClaimTemplateName is the name + of a ResourceClaimTemplate object in the same + namespace as this pod. \n The template will be + used to create a new ResourceClaim, which will + be bound to this pod. When this pod is deleted, + the ResourceClaim will also be deleted. The pod + name and resource name, along with a generated + component, will be used to form a unique name + for the ResourceClaim, which will be recorded + in pod.status.resourceClaimStatuses. \n This field + is immutable and no changes will be made to the + corresponding ResourceClaim by the control plane + after creating the ResourceClaim." + type: string + type: object + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + restartPolicy: + description: 'Restart policy for all containers within the + pod. One of Always, OnFailure, Never. In some contexts, + only a subset of those values may be permitted. Default + to Always. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#restart-policy' + type: string + runtimeClassName: + description: 'RuntimeClassName refers to a RuntimeClass object + in the node.k8s.io group, which should be used to run this + pod. If no RuntimeClass resource matches the named class, + the pod will not be run. If unset or empty, the "legacy" + RuntimeClass will be used, which is an implicit class with + an empty definition that uses the default runtime handler. + More info: https://git.k8s.io/enhancements/keps/sig-node/585-runtime-class' + type: string + schedulerName: + description: If specified, the pod will be dispatched by specified + scheduler. If not specified, the pod will be dispatched + by default scheduler. + type: string + schedulingGates: + description: "SchedulingGates is an opaque list of values + that if specified will block scheduling the pod. If schedulingGates + is not empty, the pod will stay in the SchedulingGated state + and the scheduler will not attempt to schedule the pod. + \n SchedulingGates can only be set at pod creation time, + and be removed only afterwards. \n This is a beta feature + enabled by the PodSchedulingReadiness feature gate." + items: + description: PodSchedulingGate is associated to a Pod to + guard its scheduling. + properties: + name: + description: Name of the scheduling gate. Each scheduling + gate must have a unique name field. + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + securityContext: + description: 'SecurityContext holds pod-level security attributes + and common container settings. Optional: Defaults to empty. See + type description for default values of each field.' + properties: + fsGroup: + description: "A special supplemental group that applies + to all containers in a pod. Some volume types allow + the Kubelet to change the ownership of that volume to + be owned by the pod: \n 1. The owning GID will be the + FSGroup 2. The setgid bit is set (new files created + in the volume will be owned by FSGroup) 3. The permission + bits are OR'd with rw-rw---- \n If unset, the Kubelet + will not modify the ownership and permissions of any + volume. Note that this field cannot be set when spec.os.name + is windows." + format: int64 + type: integer + fsGroupChangePolicy: + description: 'fsGroupChangePolicy defines behavior of + changing ownership and permission of the volume before + being exposed inside Pod. This field will only apply + to volume types which support fsGroup based ownership(and + permissions). It will have no effect on ephemeral volume + types such as: secret, configmaps and emptydir. Valid + values are "OnRootMismatch" and "Always". If not specified, + "Always" is used. Note that this field cannot be set + when spec.os.name is windows.' + type: string + runAsGroup: + description: The GID to run the entrypoint of the container + process. Uses runtime default if unset. May also be + set in SecurityContext. If set in both SecurityContext + and PodSecurityContext, the value specified in SecurityContext + takes precedence for that container. Note that this + field cannot be set when spec.os.name is windows. + format: int64 + type: integer + runAsNonRoot: + description: Indicates that the container must run as + a non-root user. If true, the Kubelet will validate + the image at runtime to ensure that it does not run + as UID 0 (root) and fail to start the container if it + does. If unset or false, no such validation will be + performed. May also be set in SecurityContext. If set + in both SecurityContext and PodSecurityContext, the + value specified in SecurityContext takes precedence. + type: boolean + runAsUser: + description: The UID to run the entrypoint of the container + process. Defaults to user specified in image metadata + if unspecified. May also be set in SecurityContext. If + set in both SecurityContext and PodSecurityContext, + the value specified in SecurityContext takes precedence + for that container. Note that this field cannot be set + when spec.os.name is windows. + format: int64 + type: integer + seLinuxOptions: + description: The SELinux context to be applied to all + containers. If unspecified, the container runtime will + allocate a random SELinux context for each container. May + also be set in SecurityContext. If set in both SecurityContext + and PodSecurityContext, the value specified in SecurityContext + takes precedence for that container. Note that this + field cannot be set when spec.os.name is windows. + properties: + level: + description: Level is SELinux level label that applies + to the container. + type: string + role: + description: Role is a SELinux role label that applies + to the container. + type: string + type: + description: Type is a SELinux type label that applies + to the container. + type: string + user: + description: User is a SELinux user label that applies + to the container. + type: string + type: object + seccompProfile: + description: The seccomp options to use by the containers + in this pod. Note that this field cannot be set when + spec.os.name is windows. + properties: + localhostProfile: + description: localhostProfile indicates a profile + defined in a file on the node should be used. The + profile must be preconfigured on the node to work. + Must be a descending path, relative to the kubelet's + configured seccomp profile location. Must be set + if type is "Localhost". Must NOT be set for any + other type. + type: string + type: + description: "type indicates which kind of seccomp + profile will be applied. Valid options are: \n Localhost + - a profile defined in a file on the node should + be used. RuntimeDefault - the container runtime + default profile should be used. Unconfined - no + profile should be applied." + type: string + required: + - type + type: object + supplementalGroups: + description: A list of groups applied to the first process + run in each container, in addition to the container's + primary GID, the fsGroup (if specified), and group memberships + defined in the container image for the uid of the container + process. If unspecified, no additional groups are added + to any container. Note that group memberships defined + in the container image for the uid of the container + process are still effective, even if they are not included + in this list. Note that this field cannot be set when + spec.os.name is windows. + items: + format: int64 + type: integer + type: array + sysctls: + description: Sysctls hold a list of namespaced sysctls + used for the pod. Pods with unsupported sysctls (by + the container runtime) might fail to launch. Note that + this field cannot be set when spec.os.name is windows. + items: + description: Sysctl defines a kernel parameter to be + set + properties: + name: + description: Name of a property to set + type: string + value: + description: Value of a property to set + type: string + required: + - name + - value + type: object + type: array + windowsOptions: + description: The Windows specific settings applied to + all containers. If unspecified, the options within a + container's SecurityContext will be used. If set in + both SecurityContext and PodSecurityContext, the value + specified in SecurityContext takes precedence. Note + that this field cannot be set when spec.os.name is linux. + properties: + gmsaCredentialSpec: + description: GMSACredentialSpec is where the GMSA + admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) + inlines the contents of the GMSA credential spec + named by the GMSACredentialSpecName field. + type: string + gmsaCredentialSpecName: + description: GMSACredentialSpecName is the name of + the GMSA credential spec to use. + type: string + hostProcess: + description: HostProcess determines if a container + should be run as a 'Host Process' container. All + of a Pod's containers must have the same effective + HostProcess value (it is not allowed to have a mix + of HostProcess containers and non-HostProcess containers). + In addition, if HostProcess is true then HostNetwork + must also be set to true. + type: boolean + runAsUserName: + description: The UserName in Windows to run the entrypoint + of the container process. Defaults to the user specified + in image metadata if unspecified. May also be set + in PodSecurityContext. If set in both SecurityContext + and PodSecurityContext, the value specified in SecurityContext + takes precedence. + type: string + type: object + type: object + serviceAccount: + description: 'DeprecatedServiceAccount is a depreciated alias + for ServiceAccountName. Deprecated: Use serviceAccountName + instead.' + type: string + serviceAccountName: + description: 'ServiceAccountName is the name of the ServiceAccount + to use to run this pod. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/' + type: string + setHostnameAsFQDN: + description: If true the pod's hostname will be configured + as the pod's FQDN, rather than the leaf name (the default). + In Linux containers, this means setting the FQDN in the + hostname field of the kernel (the nodename field of struct + utsname). In Windows containers, this means setting the + registry value of hostname for the registry key HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Services\\Tcpip\\Parameters + to FQDN. If a pod does not have FQDN, this has no effect. + Default to false. + type: boolean + shareProcessNamespace: + description: 'Share a single process namespace between all + of the containers in a pod. When this is set containers + will be able to view and signal processes from other containers + in the same pod, and the first process in each container + will not be assigned PID 1. HostPID and ShareProcessNamespace + cannot both be set. Optional: Default to false.' + type: boolean + subdomain: + description: If specified, the fully qualified Pod hostname + will be "...svc.". If not specified, the pod will not have a domainname + at all. + type: string + terminationGracePeriodSeconds: + description: Optional duration in seconds the pod needs to + terminate gracefully. May be decreased in delete request. + Value must be non-negative integer. The value zero indicates + stop immediately via the kill signal (no opportunity to + shut down). If this value is nil, the default grace period + will be used instead. The grace period is the duration in + seconds after the processes running in the pod are sent + a termination signal and the time when the processes are + forcibly halted with a kill signal. Set this value longer + than the expected cleanup time for your process. Defaults + to 30 seconds. + format: int64 + type: integer + tolerations: + description: If specified, the pod's tolerations. + items: + description: The pod this Toleration is attached to tolerates + any taint that matches the triple using + the matching operator . + properties: + effect: + description: Effect indicates the taint effect to match. + Empty means match all taint effects. When specified, + allowed values are NoSchedule, PreferNoSchedule and + NoExecute. + type: string + key: + description: Key is the taint key that the toleration + applies to. Empty means match all taint keys. If the + key is empty, operator must be Exists; this combination + means to match all values and all keys. + type: string + operator: + description: Operator represents a key's relationship + to the value. Valid operators are Exists and Equal. + Defaults to Equal. Exists is equivalent to wildcard + for value, so that a pod can tolerate all taints of + a particular category. + type: string + tolerationSeconds: + description: TolerationSeconds represents the period + of time the toleration (which must be of effect NoExecute, + otherwise this field is ignored) tolerates the taint. + By default, it is not set, which means tolerate the + taint forever (do not evict). Zero and negative values + will be treated as 0 (evict immediately) by the system. + format: int64 + type: integer + value: + description: Value is the taint value the toleration + matches to. If the operator is Exists, the value should + be empty, otherwise just a regular string. + type: string + type: object + type: array + topologySpreadConstraints: + description: TopologySpreadConstraints describes how a group + of pods ought to spread across topology domains. Scheduler + will schedule pods in a way which abides by the constraints. + All topologySpreadConstraints are ANDed. + items: + description: TopologySpreadConstraint specifies how to spread + matching pods among the given topology. + properties: + labelSelector: + description: LabelSelector is used to find matching + pods. Pods that match this label selector are counted + to determine the number of pods in their corresponding + topology domain. + properties: + matchExpressions: + description: matchExpressions is a list of label + selector requirements. The requirements are ANDed. + items: + description: A label selector requirement is a + selector that contains values, a key, and an + operator that relates the key and values. + properties: + key: + description: key is the label key that the + selector applies to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are + In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. If the + operator is Exists or DoesNotExist, the + values array must be empty. This array is + replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is "In", + and the values array contains only "value". The + requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + matchLabelKeys: + description: "MatchLabelKeys is a set of pod label keys + to select the pods over which spreading will be calculated. + The keys are used to lookup values from the incoming + pod labels, those key-value labels are ANDed with + labelSelector to select the group of existing pods + over which spreading will be calculated for the incoming + pod. The same key is forbidden to exist in both MatchLabelKeys + and LabelSelector. MatchLabelKeys cannot be set when + LabelSelector isn't set. Keys that don't exist in + the incoming pod labels will be ignored. A null or + empty list means only match against labelSelector. + \n This is a beta field and requires the MatchLabelKeysInPodTopologySpread + feature gate to be enabled (enabled by default)." + items: + type: string + type: array + x-kubernetes-list-type: atomic + maxSkew: + description: 'MaxSkew describes the degree to which + pods may be unevenly distributed. When `whenUnsatisfiable=DoNotSchedule`, + it is the maximum permitted difference between the + number of matching pods in the target topology and + the global minimum. The global minimum is the minimum + number of matching pods in an eligible domain or zero + if the number of eligible domains is less than MinDomains. + For example, in a 3-zone cluster, MaxSkew is set to + 1, and pods with the same labelSelector spread as + 2/2/1: In this case, the global minimum is 1. | zone1 + | zone2 | zone3 | | P P | P P | P | - if MaxSkew + is 1, incoming pod can only be scheduled to zone3 + to become 2/2/2; scheduling it onto zone1(zone2) would + make the ActualSkew(3-1) on zone1(zone2) violate MaxSkew(1). + - if MaxSkew is 2, incoming pod can be scheduled onto + any zone. When `whenUnsatisfiable=ScheduleAnyway`, + it is used to give higher precedence to topologies + that satisfy it. It''s a required field. Default value + is 1 and 0 is not allowed.' + format: int32 + type: integer + minDomains: + description: "MinDomains indicates a minimum number + of eligible domains. When the number of eligible domains + with matching topology keys is less than minDomains, + Pod Topology Spread treats \"global minimum\" as 0, + and then the calculation of Skew is performed. And + when the number of eligible domains with matching + topology keys equals or greater than minDomains, this + value has no effect on scheduling. As a result, when + the number of eligible domains is less than minDomains, + scheduler won't schedule more than maxSkew Pods to + those domains. If value is nil, the constraint behaves + as if MinDomains is equal to 1. Valid values are integers + greater than 0. When value is not nil, WhenUnsatisfiable + must be DoNotSchedule. \n For example, in a 3-zone + cluster, MaxSkew is set to 2, MinDomains is set to + 5 and pods with the same labelSelector spread as 2/2/2: + | zone1 | zone2 | zone3 | | P P | P P | P P | + The number of domains is less than 5(MinDomains), + so \"global minimum\" is treated as 0. In this situation, + new pod with the same labelSelector cannot be scheduled, + because computed skew will be 3(3 - 0) if new Pod + is scheduled to any of the three zones, it will violate + MaxSkew. \n This is a beta field and requires the + MinDomainsInPodTopologySpread feature gate to be enabled + (enabled by default)." + format: int32 + type: integer + nodeAffinityPolicy: + description: "NodeAffinityPolicy indicates how we will + treat Pod's nodeAffinity/nodeSelector when calculating + pod topology spread skew. Options are: - Honor: only + nodes matching nodeAffinity/nodeSelector are included + in the calculations. - Ignore: nodeAffinity/nodeSelector + are ignored. All nodes are included in the calculations. + \n If this value is nil, the behavior is equivalent + to the Honor policy. This is a beta-level feature + default enabled by the NodeInclusionPolicyInPodTopologySpread + feature flag." + type: string + nodeTaintsPolicy: + description: "NodeTaintsPolicy indicates how we will + treat node taints when calculating pod topology spread + skew. Options are: - Honor: nodes without taints, + along with tainted nodes for which the incoming pod + has a toleration, are included. - Ignore: node taints + are ignored. All nodes are included. \n If this value + is nil, the behavior is equivalent to the Ignore policy. + This is a beta-level feature default enabled by the + NodeInclusionPolicyInPodTopologySpread feature flag." + type: string + topologyKey: + description: TopologyKey is the key of node labels. + Nodes that have a label with this key and identical + values are considered to be in the same topology. + We consider each as a "bucket", and try + to put balanced number of pods into each bucket. We + define a domain as a particular instance of a topology. + Also, we define an eligible domain as a domain whose + nodes meet the requirements of nodeAffinityPolicy + and nodeTaintsPolicy. e.g. If TopologyKey is "kubernetes.io/hostname", + each Node is a domain of that topology. And, if TopologyKey + is "topology.kubernetes.io/zone", each zone is a domain + of that topology. It's a required field. + type: string + whenUnsatisfiable: + description: 'WhenUnsatisfiable indicates how to deal + with a pod if it doesn''t satisfy the spread constraint. + - DoNotSchedule (default) tells the scheduler not + to schedule it. - ScheduleAnyway tells the scheduler + to schedule the pod in any location, but giving higher + precedence to topologies that would help reduce the + skew. A constraint is considered "Unsatisfiable" for + an incoming pod if and only if every possible node + assignment for that pod would violate "MaxSkew" on + some topology. For example, in a 3-zone cluster, MaxSkew + is set to 1, and pods with the same labelSelector + spread as 3/1/1: | zone1 | zone2 | zone3 | | P P P + | P | P | If WhenUnsatisfiable is set to DoNotSchedule, + incoming pod can only be scheduled to zone2(zone3) + to become 3/2/1(3/1/2) as ActualSkew(2-1) on zone2(zone3) + satisfies MaxSkew(1). In other words, the cluster + can still be imbalanced, but scheduler won''t make + it *more* imbalanced. It''s a required field.' + type: string + required: + - maxSkew + - topologyKey + - whenUnsatisfiable + type: object + type: array + x-kubernetes-list-map-keys: + - topologyKey + - whenUnsatisfiable + x-kubernetes-list-type: map + volumes: + description: 'List of volumes that can be mounted by containers + belonging to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes' + items: + description: Volume represents a named volume in a pod that + may be accessed by any container in the pod. + properties: + awsElasticBlockStore: + description: 'awsElasticBlockStore represents an AWS + Disk resource that is attached to a kubelet''s host + machine and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' + properties: + fsType: + description: 'fsType is the filesystem type of the + volume that you want to mount. Tip: Ensure that + the filesystem type is supported by the host operating + system. Examples: "ext4", "xfs", "ntfs". Implicitly + inferred to be "ext4" if unspecified. More info: + https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore + TODO: how do we prevent errors in the filesystem + from compromising the machine' + type: string + partition: + description: 'partition is the partition in the + volume that you want to mount. If omitted, the + default is to mount by volume name. Examples: + For volume /dev/sda1, you specify the partition + as "1". Similarly, the volume partition for /dev/sda + is "0" (or you can leave the property empty).' + format: int32 + type: integer + readOnly: + description: 'readOnly value true will force the + readOnly setting in VolumeMounts. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' + type: boolean + volumeID: + description: 'volumeID is unique ID of the persistent + disk resource in AWS (Amazon EBS volume). More + info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' + type: string + required: + - volumeID + type: object + azureDisk: + description: azureDisk represents an Azure Data Disk + mount on the host and bind mount to the pod. + properties: + cachingMode: + description: 'cachingMode is the Host Caching mode: + None, Read Only, Read Write.' + type: string + diskName: + description: diskName is the Name of the data disk + in the blob storage + type: string + diskURI: + description: diskURI is the URI of data disk in + the blob storage + type: string + fsType: + description: fsType is Filesystem type to mount. + Must be a filesystem type supported by the host + operating system. Ex. "ext4", "xfs", "ntfs". Implicitly + inferred to be "ext4" if unspecified. + type: string + kind: + description: 'kind expected values are Shared: multiple + blob disks per storage account Dedicated: single + blob disk per storage account Managed: azure + managed data disk (only in managed availability + set). defaults to shared' + type: string + readOnly: + description: readOnly Defaults to false (read/write). + ReadOnly here will force the ReadOnly setting + in VolumeMounts. + type: boolean + required: + - diskName + - diskURI + type: object + azureFile: + description: azureFile represents an Azure File Service + mount on the host and bind mount to the pod. + properties: + readOnly: + description: readOnly defaults to false (read/write). + ReadOnly here will force the ReadOnly setting + in VolumeMounts. + type: boolean + secretName: + description: secretName is the name of secret that + contains Azure Storage Account Name and Key + type: string + shareName: + description: shareName is the azure share Name + type: string + required: + - secretName + - shareName + type: object + cephfs: + description: cephFS represents a Ceph FS mount on the + host that shares a pod's lifetime + properties: + monitors: + description: 'monitors is Required: Monitors is + a collection of Ceph monitors More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' + items: + type: string + type: array + path: + description: 'path is Optional: Used as the mounted + root, rather than the full Ceph tree, default + is /' + type: string + readOnly: + description: 'readOnly is Optional: Defaults to + false (read/write). ReadOnly here will force the + ReadOnly setting in VolumeMounts. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' + type: boolean + secretFile: + description: 'secretFile is Optional: SecretFile + is the path to key ring for User, default is /etc/ceph/user.secret + More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' + type: string + secretRef: + description: 'secretRef is Optional: SecretRef is + reference to the authentication secret for User, + default is empty. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' + properties: + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + type: object + x-kubernetes-map-type: atomic + user: + description: 'user is optional: User is the rados + user name, default is admin More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' + type: string + required: + - monitors + type: object + cinder: + description: 'cinder represents a cinder volume attached + and mounted on kubelets host machine. More info: https://examples.k8s.io/mysql-cinder-pd/README.md' + properties: + fsType: + description: 'fsType is the filesystem type to mount. + Must be a filesystem type supported by the host + operating system. Examples: "ext4", "xfs", "ntfs". + Implicitly inferred to be "ext4" if unspecified. + More info: https://examples.k8s.io/mysql-cinder-pd/README.md' + type: string + readOnly: + description: 'readOnly defaults to false (read/write). + ReadOnly here will force the ReadOnly setting + in VolumeMounts. More info: https://examples.k8s.io/mysql-cinder-pd/README.md' + type: boolean + secretRef: + description: 'secretRef is optional: points to a + secret object containing parameters used to connect + to OpenStack.' + properties: + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + type: object + x-kubernetes-map-type: atomic + volumeID: + description: 'volumeID used to identify the volume + in cinder. More info: https://examples.k8s.io/mysql-cinder-pd/README.md' + type: string + required: + - volumeID + type: object + configMap: + description: configMap represents a configMap that should + populate this volume + properties: + defaultMode: + description: 'defaultMode is optional: mode bits + used to set permissions on created files by default. + Must be an octal value between 0000 and 0777 or + a decimal value between 0 and 511. YAML accepts + both octal and decimal values, JSON requires decimal + values for mode bits. Defaults to 0644. Directories + within the path are not affected by this setting. + This might be in conflict with other options that + affect the file mode, like fsGroup, and the result + can be other mode bits set.' + format: int32 + type: integer + items: + description: items if unspecified, each key-value + pair in the Data field of the referenced ConfigMap + will be projected into the volume as a file whose + name is the key and content is the value. If specified, + the listed keys will be projected into the specified + paths, and unlisted keys will not be present. + If a key is specified which is not present in + the ConfigMap, the volume setup will error unless + it is marked optional. Paths must be relative + and may not contain the '..' path or start with + '..'. + items: + description: Maps a string key to a path within + a volume. + properties: + key: + description: key is the key to project. + type: string + mode: + description: 'mode is Optional: mode bits + used to set permissions on this file. Must + be an octal value between 0000 and 0777 + or a decimal value between 0 and 511. YAML + accepts both octal and decimal values, JSON + requires decimal values for mode bits. If + not specified, the volume defaultMode will + be used. This might be in conflict with + other options that affect the file mode, + like fsGroup, and the result can be other + mode bits set.' + format: int32 + type: integer + path: + description: path is the relative path of + the file to map the key to. May not be an + absolute path. May not contain the path + element '..'. May not start with the string + '..'. + type: string + required: + - key + - path + type: object + type: array + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: optional specify whether the ConfigMap + or its keys must be defined + type: boolean + type: object + x-kubernetes-map-type: atomic + csi: + description: csi (Container Storage Interface) represents + ephemeral storage that is handled by certain external + CSI drivers (Beta feature). + properties: + driver: + description: driver is the name of the CSI driver + that handles this volume. Consult with your admin + for the correct name as registered in the cluster. + type: string + fsType: + description: fsType to mount. Ex. "ext4", "xfs", + "ntfs". If not provided, the empty value is passed + to the associated CSI driver which will determine + the default filesystem to apply. + type: string + nodePublishSecretRef: + description: nodePublishSecretRef is a reference + to the secret object containing sensitive information + to pass to the CSI driver to complete the CSI + NodePublishVolume and NodeUnpublishVolume calls. + This field is optional, and may be empty if no + secret is required. If the secret object contains + more than one secret, all secret references are + passed. + properties: + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + type: object + x-kubernetes-map-type: atomic + readOnly: + description: readOnly specifies a read-only configuration + for the volume. Defaults to false (read/write). + type: boolean + volumeAttributes: + additionalProperties: + type: string + description: volumeAttributes stores driver-specific + properties that are passed to the CSI driver. + Consult your driver's documentation for supported + values. + type: object + required: + - driver + type: object + downwardAPI: + description: downwardAPI represents downward API about + the pod that should populate this volume + properties: + defaultMode: + description: 'Optional: mode bits to use on created + files by default. Must be a Optional: mode bits + used to set permissions on created files by default. + Must be an octal value between 0000 and 0777 or + a decimal value between 0 and 511. YAML accepts + both octal and decimal values, JSON requires decimal + values for mode bits. Defaults to 0644. Directories + within the path are not affected by this setting. + This might be in conflict with other options that + affect the file mode, like fsGroup, and the result + can be other mode bits set.' + format: int32 + type: integer + items: + description: Items is a list of downward API volume + file + items: + description: DownwardAPIVolumeFile represents + information to create the file containing the + pod field + properties: + fieldRef: + description: 'Required: Selects a field of + the pod: only annotations, labels, name + and namespace are supported.' + properties: + apiVersion: + description: Version of the schema the + FieldPath is written in terms of, defaults + to "v1". + type: string + fieldPath: + description: Path of the field to select + in the specified API version. + type: string + required: + - fieldPath + type: object + x-kubernetes-map-type: atomic + mode: + description: 'Optional: mode bits used to + set permissions on this file, must be an + octal value between 0000 and 0777 or a decimal + value between 0 and 511. YAML accepts both + octal and decimal values, JSON requires + decimal values for mode bits. If not specified, + the volume defaultMode will be used. This + might be in conflict with other options + that affect the file mode, like fsGroup, + and the result can be other mode bits set.' + format: int32 + type: integer + path: + description: 'Required: Path is the relative + path name of the file to be created. Must + not be absolute or contain the ''..'' path. + Must be utf-8 encoded. The first item of + the relative path must not start with ''..''' + type: string + resourceFieldRef: + description: 'Selects a resource of the container: + only resources limits and requests (limits.cpu, + limits.memory, requests.cpu and requests.memory) + are currently supported.' + properties: + containerName: + description: 'Container name: required + for volumes, optional for env vars' + type: string + divisor: + anyOf: + - type: integer + - type: string + description: Specifies the output format + of the exposed resources, defaults to + "1" + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + description: 'Required: resource to select' + type: string + required: + - resource + type: object + x-kubernetes-map-type: atomic + required: + - path + type: object + type: array + type: object + emptyDir: + description: 'emptyDir represents a temporary directory + that shares a pod''s lifetime. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' + properties: + medium: + description: 'medium represents what type of storage + medium should back this directory. The default + is "" which means to use the node''s default medium. + Must be an empty string (default) or Memory. More + info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' + type: string + sizeLimit: + anyOf: + - type: integer + - type: string + description: 'sizeLimit is the total amount of local + storage required for this EmptyDir volume. The + size limit is also applicable for memory medium. + The maximum usage on memory medium EmptyDir would + be the minimum value between the SizeLimit specified + here and the sum of memory limits of all containers + in a pod. The default is nil which means that + the limit is undefined. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + ephemeral: + description: "ephemeral represents a volume that is + handled by a cluster storage driver. The volume's + lifecycle is tied to the pod that defines it - it + will be created before the pod starts, and deleted + when the pod is removed. \n Use this if: a) the volume + is only needed while the pod runs, b) features of + normal volumes like restoring from snapshot or capacity + tracking are needed, c) the storage driver is specified + through a storage class, and d) the storage driver + supports dynamic volume provisioning through a PersistentVolumeClaim + (see EphemeralVolumeSource for more information on + the connection between this volume type and PersistentVolumeClaim). + \n Use PersistentVolumeClaim or one of the vendor-specific + APIs for volumes that persist for longer than the + lifecycle of an individual pod. \n Use CSI for light-weight + local ephemeral volumes if the CSI driver is meant + to be used that way - see the documentation of the + driver for more information. \n A pod can use both + types of ephemeral volumes and persistent volumes + at the same time." + properties: + volumeClaimTemplate: + description: "Will be used to create a stand-alone + PVC to provision the volume. The pod in which + this EphemeralVolumeSource is embedded will be + the owner of the PVC, i.e. the PVC will be deleted + together with the pod. The name of the PVC will + be `-` where `` + is the name from the `PodSpec.Volumes` array entry. + Pod validation will reject the pod if the concatenated + name is not valid for a PVC (for example, too + long). \n An existing PVC with that name that + is not owned by the pod will *not* be used for + the pod to avoid using an unrelated volume by + mistake. Starting the pod is then blocked until + the unrelated PVC is removed. If such a pre-created + PVC is meant to be used by the pod, the PVC has + to updated with an owner reference to the pod + once the pod exists. Normally this should not + be necessary, but it may be useful when manually + reconstructing a broken cluster. \n This field + is read-only and no changes will be made by Kubernetes + to the PVC after it has been created. \n Required, + must not be nil." + properties: + metadata: + description: May contain labels and annotations + that will be copied into the PVC when creating + it. No other fields are allowed and will be + rejected during validation. + type: object + spec: + description: The specification for the PersistentVolumeClaim. + The entire content is copied unchanged into + the PVC that gets created from this template. + The same fields as in a PersistentVolumeClaim + are also valid here. + properties: + accessModes: + description: 'accessModes contains the desired + access modes the volume should have. More + info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1' + items: + type: string + type: array + dataSource: + description: 'dataSource field can be used + to specify either: * An existing VolumeSnapshot + object (snapshot.storage.k8s.io/VolumeSnapshot) + * An existing PVC (PersistentVolumeClaim) + If the provisioner or an external controller + can support the specified data source, + it will create a new volume based on the + contents of the specified data source. + When the AnyVolumeDataSource feature gate + is enabled, dataSource contents will be + copied to dataSourceRef, and dataSourceRef + contents will be copied to dataSource + when dataSourceRef.namespace is not specified. + If the namespace is specified, then dataSourceRef + will not be copied to dataSource.' + properties: + apiGroup: + description: APIGroup is the group for + the resource being referenced. If + APIGroup is not specified, the specified + Kind must be in the core API group. + For any other third-party types, APIGroup + is required. + type: string + kind: + description: Kind is the type of resource + being referenced + type: string + name: + description: Name is the name of resource + being referenced + type: string + required: + - kind + - name + type: object + x-kubernetes-map-type: atomic + dataSourceRef: + description: 'dataSourceRef specifies the + object from which to populate the volume + with data, if a non-empty volume is desired. + This may be any object from a non-empty + API group (non core object) or a PersistentVolumeClaim + object. When this field is specified, + volume binding will only succeed if the + type of the specified object matches some + installed volume populator or dynamic + provisioner. This field will replace the + functionality of the dataSource field + and as such if both fields are non-empty, + they must have the same value. For backwards + compatibility, when namespace isn''t specified + in dataSourceRef, both fields (dataSource + and dataSourceRef) will be set to the + same value automatically if one of them + is empty and the other is non-empty. When + namespace is specified in dataSourceRef, + dataSource isn''t set to the same value + and must be empty. There are three important + differences between dataSource and dataSourceRef: + * While dataSource only allows two specific + types of objects, dataSourceRef allows + any non-core object, as well as PersistentVolumeClaim + objects. * While dataSource ignores disallowed + values (dropping them), dataSourceRef + preserves all values, and generates an + error if a disallowed value is specified. + * While dataSource only allows local objects, + dataSourceRef allows objects in any namespaces. + (Beta) Using this field requires the AnyVolumeDataSource + feature gate to be enabled. (Alpha) Using + the namespace field of dataSourceRef requires + the CrossNamespaceVolumeDataSource feature + gate to be enabled.' + properties: + apiGroup: + description: APIGroup is the group for + the resource being referenced. If + APIGroup is not specified, the specified + Kind must be in the core API group. + For any other third-party types, APIGroup + is required. + type: string + kind: + description: Kind is the type of resource + being referenced + type: string + name: + description: Name is the name of resource + being referenced + type: string + namespace: + description: Namespace is the namespace + of resource being referenced Note + that when a namespace is specified, + a gateway.networking.k8s.io/ReferenceGrant + object is required in the referent + namespace to allow that namespace's + owner to accept the reference. See + the ReferenceGrant documentation for + details. (Alpha) This field requires + the CrossNamespaceVolumeDataSource + feature gate to be enabled. + type: string + required: + - kind + - name + type: object + resources: + description: 'resources represents the minimum + resources the volume should have. If RecoverVolumeExpansionFailure + feature is enabled users are allowed to + specify resource requirements that are + lower than previous value but must still + be higher than capacity recorded in the + status field of the claim. More info: + https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources' + properties: + claims: + description: "Claims lists the names + of resources, defined in spec.resourceClaims, + that are used by this container. \n + This is an alpha field and requires + enabling the DynamicResourceAllocation + feature gate. \n This field is immutable. + It can only be set for containers." + items: + description: ResourceClaim references + one entry in PodSpec.ResourceClaims. + properties: + name: + description: Name must match the + name of one entry in pod.spec.resourceClaims + of the Pod where this field + is used. It makes that resource + available inside a container. + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum + amount of compute resources allowed. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the + minimum amount of compute resources + required. If Requests is omitted for + a container, it defaults to Limits + if that is explicitly specified, otherwise + to an implementation-defined value. + Requests cannot exceed Limits. More + info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + type: object + selector: + description: selector is a label query over + volumes to consider for binding. + properties: + matchExpressions: + description: matchExpressions is a list + of label selector requirements. The + requirements are ANDed. + items: + description: A label selector requirement + is a selector that contains values, + a key, and an operator that relates + the key and values. + properties: + key: + description: key is the label + key that the selector applies + to. + type: string + operator: + description: operator represents + a key's relationship to a set + of values. Valid operators are + In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array + of string values. If the operator + is In or NotIn, the values array + must be non-empty. If the operator + is Exists or DoesNotExist, the + values array must be empty. + This array is replaced during + a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of + {key,value} pairs. A single {key,value} + in the matchLabels map is equivalent + to an element of matchExpressions, + whose key field is "key", the operator + is "In", and the values array contains + only "value". The requirements are + ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + storageClassName: + description: 'storageClassName is the name + of the StorageClass required by the claim. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1' + type: string + volumeMode: + description: volumeMode defines what type + of volume is required by the claim. Value + of Filesystem is implied when not included + in claim spec. + type: string + volumeName: + description: volumeName is the binding reference + to the PersistentVolume backing this claim. + type: string + type: object + required: + - spec + type: object + type: object + fc: + description: fc represents a Fibre Channel resource + that is attached to a kubelet's host machine and then + exposed to the pod. + properties: + fsType: + description: 'fsType is the filesystem type to mount. + Must be a filesystem type supported by the host + operating system. Ex. "ext4", "xfs", "ntfs". Implicitly + inferred to be "ext4" if unspecified. TODO: how + do we prevent errors in the filesystem from compromising + the machine' + type: string + lun: + description: 'lun is Optional: FC target lun number' + format: int32 + type: integer + readOnly: + description: 'readOnly is Optional: Defaults to + false (read/write). ReadOnly here will force the + ReadOnly setting in VolumeMounts.' + type: boolean + targetWWNs: + description: 'targetWWNs is Optional: FC target + worldwide names (WWNs)' + items: + type: string + type: array + wwids: + description: 'wwids Optional: FC volume world wide + identifiers (wwids) Either wwids or combination + of targetWWNs and lun must be set, but not both + simultaneously.' + items: + type: string + type: array + type: object + flexVolume: + description: flexVolume represents a generic volume + resource that is provisioned/attached using an exec + based plugin. + properties: + driver: + description: driver is the name of the driver to + use for this volume. + type: string + fsType: + description: fsType is the filesystem type to mount. + Must be a filesystem type supported by the host + operating system. Ex. "ext4", "xfs", "ntfs". The + default filesystem depends on FlexVolume script. + type: string + options: + additionalProperties: + type: string + description: 'options is Optional: this field holds + extra command options if any.' + type: object + readOnly: + description: 'readOnly is Optional: defaults to + false (read/write). ReadOnly here will force the + ReadOnly setting in VolumeMounts.' + type: boolean + secretRef: + description: 'secretRef is Optional: secretRef is + reference to the secret object containing sensitive + information to pass to the plugin scripts. This + may be empty if no secret object is specified. + If the secret object contains more than one secret, + all secrets are passed to the plugin scripts.' + properties: + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + type: object + x-kubernetes-map-type: atomic + required: + - driver + type: object + flocker: + description: flocker represents a Flocker volume attached + to a kubelet's host machine. This depends on the Flocker + control service being running + properties: + datasetName: + description: datasetName is Name of the dataset + stored as metadata -> name on the dataset for + Flocker should be considered as deprecated + type: string + datasetUUID: + description: datasetUUID is the UUID of the dataset. + This is unique identifier of a Flocker dataset + type: string + type: object + gcePersistentDisk: + description: 'gcePersistentDisk represents a GCE Disk + resource that is attached to a kubelet''s host machine + and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' + properties: + fsType: + description: 'fsType is filesystem type of the volume + that you want to mount. Tip: Ensure that the filesystem + type is supported by the host operating system. + Examples: "ext4", "xfs", "ntfs". Implicitly inferred + to be "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk + TODO: how do we prevent errors in the filesystem + from compromising the machine' + type: string + partition: + description: 'partition is the partition in the + volume that you want to mount. If omitted, the + default is to mount by volume name. Examples: + For volume /dev/sda1, you specify the partition + as "1". Similarly, the volume partition for /dev/sda + is "0" (or you can leave the property empty). + More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' + format: int32 + type: integer + pdName: + description: 'pdName is unique name of the PD resource + in GCE. Used to identify the disk in GCE. More + info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' + type: string + readOnly: + description: 'readOnly here will force the ReadOnly + setting in VolumeMounts. Defaults to false. More + info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' + type: boolean + required: + - pdName + type: object + gitRepo: + description: 'gitRepo represents a git repository at + a particular revision. DEPRECATED: GitRepo is deprecated. + To provision a container with a git repo, mount an + EmptyDir into an InitContainer that clones the repo + using git, then mount the EmptyDir into the Pod''s + container.' + properties: + directory: + description: directory is the target directory name. + Must not contain or start with '..'. If '.' is + supplied, the volume directory will be the git + repository. Otherwise, if specified, the volume + will contain the git repository in the subdirectory + with the given name. + type: string + repository: + description: repository is the URL + type: string + revision: + description: revision is the commit hash for the + specified revision. + type: string + required: + - repository + type: object + glusterfs: + description: 'glusterfs represents a Glusterfs mount + on the host that shares a pod''s lifetime. More info: + https://examples.k8s.io/volumes/glusterfs/README.md' + properties: + endpoints: + description: 'endpoints is the endpoint name that + details Glusterfs topology. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' + type: string + path: + description: 'path is the Glusterfs volume path. + More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' + type: string + readOnly: + description: 'readOnly here will force the Glusterfs + volume to be mounted with read-only permissions. + Defaults to false. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' + type: boolean + required: + - endpoints + - path + type: object + hostPath: + description: 'hostPath represents a pre-existing file + or directory on the host machine that is directly + exposed to the container. This is generally used for + system agents or other privileged things that are + allowed to see the host machine. Most containers will + NOT need this. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath + --- TODO(jonesdl) We need to restrict who can use + host directory mounts and who can/can not mount host + directories as read/write.' + properties: + path: + description: 'path of the directory on the host. + If the path is a symlink, it will follow the link + to the real path. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath' + type: string + type: + description: 'type for HostPath Volume Defaults + to "" More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath' + type: string + required: + - path + type: object + iscsi: + description: 'iscsi represents an ISCSI Disk resource + that is attached to a kubelet''s host machine and + then exposed to the pod. More info: https://examples.k8s.io/volumes/iscsi/README.md' + properties: + chapAuthDiscovery: + description: chapAuthDiscovery defines whether support + iSCSI Discovery CHAP authentication + type: boolean + chapAuthSession: + description: chapAuthSession defines whether support + iSCSI Session CHAP authentication + type: boolean + fsType: + description: 'fsType is the filesystem type of the + volume that you want to mount. Tip: Ensure that + the filesystem type is supported by the host operating + system. Examples: "ext4", "xfs", "ntfs". Implicitly + inferred to be "ext4" if unspecified. More info: + https://kubernetes.io/docs/concepts/storage/volumes#iscsi + TODO: how do we prevent errors in the filesystem + from compromising the machine' + type: string + initiatorName: + description: initiatorName is the custom iSCSI Initiator + Name. If initiatorName is specified with iscsiInterface + simultaneously, new iSCSI interface : will be created for the connection. + type: string + iqn: + description: iqn is the target iSCSI Qualified Name. + type: string + iscsiInterface: + description: iscsiInterface is the interface Name + that uses an iSCSI transport. Defaults to 'default' + (tcp). + type: string + lun: + description: lun represents iSCSI Target Lun number. + format: int32 + type: integer + portals: + description: portals is the iSCSI Target Portal + List. The portal is either an IP or ip_addr:port + if the port is other than default (typically TCP + ports 860 and 3260). + items: + type: string + type: array + readOnly: + description: readOnly here will force the ReadOnly + setting in VolumeMounts. Defaults to false. + type: boolean + secretRef: + description: secretRef is the CHAP Secret for iSCSI + target and initiator authentication + properties: + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + type: object + x-kubernetes-map-type: atomic + targetPortal: + description: targetPortal is iSCSI Target Portal. + The Portal is either an IP or ip_addr:port if + the port is other than default (typically TCP + ports 860 and 3260). + type: string + required: + - iqn + - lun + - targetPortal + type: object + name: + description: 'name of the volume. Must be a DNS_LABEL + and unique within the pod. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + nfs: + description: 'nfs represents an NFS mount on the host + that shares a pod''s lifetime More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' + properties: + path: + description: 'path that is exported by the NFS server. + More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' + type: string + readOnly: + description: 'readOnly here will force the NFS export + to be mounted with read-only permissions. Defaults + to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' + type: boolean + server: + description: 'server is the hostname or IP address + of the NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' + type: string + required: + - path + - server + type: object + persistentVolumeClaim: + description: 'persistentVolumeClaimVolumeSource represents + a reference to a PersistentVolumeClaim in the same + namespace. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' + properties: + claimName: + description: 'claimName is the name of a PersistentVolumeClaim + in the same namespace as the pod using this volume. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' + type: string + readOnly: + description: readOnly Will force the ReadOnly setting + in VolumeMounts. Default false. + type: boolean + required: + - claimName + type: object + photonPersistentDisk: + description: photonPersistentDisk represents a PhotonController + persistent disk attached and mounted on kubelets host + machine + properties: + fsType: + description: fsType is the filesystem type to mount. + Must be a filesystem type supported by the host + operating system. Ex. "ext4", "xfs", "ntfs". Implicitly + inferred to be "ext4" if unspecified. + type: string + pdID: + description: pdID is the ID that identifies Photon + Controller persistent disk + type: string + required: + - pdID + type: object + portworxVolume: + description: portworxVolume represents a portworx volume + attached and mounted on kubelets host machine + properties: + fsType: + description: fSType represents the filesystem type + to mount Must be a filesystem type supported by + the host operating system. Ex. "ext4", "xfs". + Implicitly inferred to be "ext4" if unspecified. + type: string + readOnly: + description: readOnly defaults to false (read/write). + ReadOnly here will force the ReadOnly setting + in VolumeMounts. + type: boolean + volumeID: + description: volumeID uniquely identifies a Portworx + volume + type: string + required: + - volumeID + type: object + projected: + description: projected items for all in one resources + secrets, configmaps, and downward API + properties: + defaultMode: + description: defaultMode are the mode bits used + to set permissions on created files by default. + Must be an octal value between 0000 and 0777 or + a decimal value between 0 and 511. YAML accepts + both octal and decimal values, JSON requires decimal + values for mode bits. Directories within the path + are not affected by this setting. This might be + in conflict with other options that affect the + file mode, like fsGroup, and the result can be + other mode bits set. + format: int32 + type: integer + sources: + description: sources is the list of volume projections + items: + description: Projection that may be projected + along with other supported volume types + properties: + configMap: + description: configMap information about the + configMap data to project + properties: + items: + description: items if unspecified, each + key-value pair in the Data field of + the referenced ConfigMap will be projected + into the volume as a file whose name + is the key and content is the value. + If specified, the listed keys will be + projected into the specified paths, + and unlisted keys will not be present. + If a key is specified which is not present + in the ConfigMap, the volume setup will + error unless it is marked optional. + Paths must be relative and may not contain + the '..' path or start with '..'. + items: + description: Maps a string key to a + path within a volume. + properties: + key: + description: key is the key to project. + type: string + mode: + description: 'mode is Optional: + mode bits used to set permissions + on this file. Must be an octal + value between 0000 and 0777 or + a decimal value between 0 and + 511. YAML accepts both octal and + decimal values, JSON requires + decimal values for mode bits. + If not specified, the volume defaultMode + will be used. This might be in + conflict with other options that + affect the file mode, like fsGroup, + and the result can be other mode + bits set.' + format: int32 + type: integer + path: + description: path is the relative + path of the file to map the key + to. May not be an absolute path. + May not contain the path element + '..'. May not start with the string + '..'. + type: string + required: + - key + - path + type: object + type: array + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: optional specify whether + the ConfigMap or its keys must be defined + type: boolean + type: object + x-kubernetes-map-type: atomic + downwardAPI: + description: downwardAPI information about + the downwardAPI data to project + properties: + items: + description: Items is a list of DownwardAPIVolume + file + items: + description: DownwardAPIVolumeFile represents + information to create the file containing + the pod field + properties: + fieldRef: + description: 'Required: Selects + a field of the pod: only annotations, + labels, name and namespace are + supported.' + properties: + apiVersion: + description: Version of the + schema the FieldPath is written + in terms of, defaults to "v1". + type: string + fieldPath: + description: Path of the field + to select in the specified + API version. + type: string + required: + - fieldPath + type: object + x-kubernetes-map-type: atomic + mode: + description: 'Optional: mode bits + used to set permissions on this + file, must be an octal value between + 0000 and 0777 or a decimal value + between 0 and 511. YAML accepts + both octal and decimal values, + JSON requires decimal values for + mode bits. If not specified, the + volume defaultMode will be used. + This might be in conflict with + other options that affect the + file mode, like fsGroup, and the + result can be other mode bits + set.' + format: int32 + type: integer + path: + description: 'Required: Path is the + relative path name of the file + to be created. Must not be absolute + or contain the ''..'' path. Must + be utf-8 encoded. The first item + of the relative path must not + start with ''..''' + type: string + resourceFieldRef: + description: 'Selects a resource + of the container: only resources + limits and requests (limits.cpu, + limits.memory, requests.cpu and + requests.memory) are currently + supported.' + properties: + containerName: + description: 'Container name: + required for volumes, optional + for env vars' + type: string + divisor: + anyOf: + - type: integer + - type: string + description: Specifies the output + format of the exposed resources, + defaults to "1" + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + description: 'Required: resource + to select' + type: string + required: + - resource + type: object + x-kubernetes-map-type: atomic + required: + - path + type: object + type: array + type: object + secret: + description: secret information about the + secret data to project + properties: + items: + description: items if unspecified, each + key-value pair in the Data field of + the referenced Secret will be projected + into the volume as a file whose name + is the key and content is the value. + If specified, the listed keys will be + projected into the specified paths, + and unlisted keys will not be present. + If a key is specified which is not present + in the Secret, the volume setup will + error unless it is marked optional. + Paths must be relative and may not contain + the '..' path or start with '..'. + items: + description: Maps a string key to a + path within a volume. + properties: + key: + description: key is the key to project. + type: string + mode: + description: 'mode is Optional: + mode bits used to set permissions + on this file. Must be an octal + value between 0000 and 0777 or + a decimal value between 0 and + 511. YAML accepts both octal and + decimal values, JSON requires + decimal values for mode bits. + If not specified, the volume defaultMode + will be used. This might be in + conflict with other options that + affect the file mode, like fsGroup, + and the result can be other mode + bits set.' + format: int32 + type: integer + path: + description: path is the relative + path of the file to map the key + to. May not be an absolute path. + May not contain the path element + '..'. May not start with the string + '..'. + type: string + required: + - key + - path + type: object + type: array + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: optional field specify whether + the Secret or its key must be defined + type: boolean + type: object + x-kubernetes-map-type: atomic + serviceAccountToken: + description: serviceAccountToken is information + about the serviceAccountToken data to project + properties: + audience: + description: audience is the intended + audience of the token. A recipient of + a token must identify itself with an + identifier specified in the audience + of the token, and otherwise should reject + the token. The audience defaults to + the identifier of the apiserver. + type: string + expirationSeconds: + description: expirationSeconds is the + requested duration of validity of the + service account token. As the token + approaches expiration, the kubelet volume + plugin will proactively rotate the service + account token. The kubelet will start + trying to rotate the token if the token + is older than 80 percent of its time + to live or if the token is older than + 24 hours.Defaults to 1 hour and must + be at least 10 minutes. + format: int64 + type: integer + path: + description: path is the path relative + to the mount point of the file to project + the token into. + type: string + required: + - path + type: object + type: object + type: array + type: object + quobyte: + description: quobyte represents a Quobyte mount on the + host that shares a pod's lifetime + properties: + group: + description: group to map volume access to Default + is no group + type: string + readOnly: + description: readOnly here will force the Quobyte + volume to be mounted with read-only permissions. + Defaults to false. + type: boolean + registry: + description: registry represents a single or multiple + Quobyte Registry services specified as a string + as host:port pair (multiple entries are separated + with commas) which acts as the central registry + for volumes + type: string + tenant: + description: tenant owning the given Quobyte volume + in the Backend Used with dynamically provisioned + Quobyte volumes, value is set by the plugin + type: string + user: + description: user to map volume access to Defaults + to serivceaccount user + type: string + volume: + description: volume is a string that references + an already created Quobyte volume by name. + type: string + required: + - registry + - volume + type: object + rbd: + description: 'rbd represents a Rados Block Device mount + on the host that shares a pod''s lifetime. More info: + https://examples.k8s.io/volumes/rbd/README.md' + properties: + fsType: + description: 'fsType is the filesystem type of the + volume that you want to mount. Tip: Ensure that + the filesystem type is supported by the host operating + system. Examples: "ext4", "xfs", "ntfs". Implicitly + inferred to be "ext4" if unspecified. More info: + https://kubernetes.io/docs/concepts/storage/volumes#rbd + TODO: how do we prevent errors in the filesystem + from compromising the machine' + type: string + image: + description: 'image is the rados image name. More + info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' + type: string + keyring: + description: 'keyring is the path to key ring for + RBDUser. Default is /etc/ceph/keyring. More info: + https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' + type: string + monitors: + description: 'monitors is a collection of Ceph monitors. + More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' + items: + type: string + type: array + pool: + description: 'pool is the rados pool name. Default + is rbd. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' + type: string + readOnly: + description: 'readOnly here will force the ReadOnly + setting in VolumeMounts. Defaults to false. More + info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' + type: boolean + secretRef: + description: 'secretRef is name of the authentication + secret for RBDUser. If provided overrides keyring. + Default is nil. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' + properties: + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + type: object + x-kubernetes-map-type: atomic + user: + description: 'user is the rados user name. Default + is admin. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' + type: string + required: + - image + - monitors + type: object + scaleIO: + description: scaleIO represents a ScaleIO persistent + volume attached and mounted on Kubernetes nodes. + properties: + fsType: + description: fsType is the filesystem type to mount. + Must be a filesystem type supported by the host + operating system. Ex. "ext4", "xfs", "ntfs". Default + is "xfs". + type: string + gateway: + description: gateway is the host address of the + ScaleIO API Gateway. + type: string + protectionDomain: + description: protectionDomain is the name of the + ScaleIO Protection Domain for the configured storage. + type: string + readOnly: + description: readOnly Defaults to false (read/write). + ReadOnly here will force the ReadOnly setting + in VolumeMounts. + type: boolean + secretRef: + description: secretRef references to the secret + for ScaleIO user and other sensitive information. + If this is not provided, Login operation will + fail. + properties: + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + type: object + x-kubernetes-map-type: atomic + sslEnabled: + description: sslEnabled Flag enable/disable SSL + communication with Gateway, default false + type: boolean + storageMode: + description: storageMode indicates whether the storage + for a volume should be ThickProvisioned or ThinProvisioned. + Default is ThinProvisioned. + type: string + storagePool: + description: storagePool is the ScaleIO Storage + Pool associated with the protection domain. + type: string + system: + description: system is the name of the storage system + as configured in ScaleIO. + type: string + volumeName: + description: volumeName is the name of a volume + already created in the ScaleIO system that is + associated with this volume source. + type: string + required: + - gateway + - secretRef + - system + type: object + secret: + description: 'secret represents a secret that should + populate this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' + properties: + defaultMode: + description: 'defaultMode is Optional: mode bits + used to set permissions on created files by default. + Must be an octal value between 0000 and 0777 or + a decimal value between 0 and 511. YAML accepts + both octal and decimal values, JSON requires decimal + values for mode bits. Defaults to 0644. Directories + within the path are not affected by this setting. + This might be in conflict with other options that + affect the file mode, like fsGroup, and the result + can be other mode bits set.' + format: int32 + type: integer + items: + description: items If unspecified, each key-value + pair in the Data field of the referenced Secret + will be projected into the volume as a file whose + name is the key and content is the value. If specified, + the listed keys will be projected into the specified + paths, and unlisted keys will not be present. + If a key is specified which is not present in + the Secret, the volume setup will error unless + it is marked optional. Paths must be relative + and may not contain the '..' path or start with + '..'. + items: + description: Maps a string key to a path within + a volume. + properties: + key: + description: key is the key to project. + type: string + mode: + description: 'mode is Optional: mode bits + used to set permissions on this file. Must + be an octal value between 0000 and 0777 + or a decimal value between 0 and 511. YAML + accepts both octal and decimal values, JSON + requires decimal values for mode bits. If + not specified, the volume defaultMode will + be used. This might be in conflict with + other options that affect the file mode, + like fsGroup, and the result can be other + mode bits set.' + format: int32 + type: integer + path: + description: path is the relative path of + the file to map the key to. May not be an + absolute path. May not contain the path + element '..'. May not start with the string + '..'. + type: string + required: + - key + - path + type: object + type: array + optional: + description: optional field specify whether the + Secret or its keys must be defined + type: boolean + secretName: + description: 'secretName is the name of the secret + in the pod''s namespace to use. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' + type: string + type: object + storageos: + description: storageOS represents a StorageOS volume + attached and mounted on Kubernetes nodes. + properties: + fsType: + description: fsType is the filesystem type to mount. + Must be a filesystem type supported by the host + operating system. Ex. "ext4", "xfs", "ntfs". Implicitly + inferred to be "ext4" if unspecified. + type: string + readOnly: + description: readOnly defaults to false (read/write). + ReadOnly here will force the ReadOnly setting + in VolumeMounts. + type: boolean + secretRef: + description: secretRef specifies the secret to use + for obtaining the StorageOS API credentials. If + not specified, default values will be attempted. + properties: + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + type: object + x-kubernetes-map-type: atomic + volumeName: + description: volumeName is the human-readable name + of the StorageOS volume. Volume names are only + unique within a namespace. + type: string + volumeNamespace: + description: volumeNamespace specifies the scope + of the volume within StorageOS. If no namespace + is specified then the Pod's namespace will be + used. This allows the Kubernetes name scoping + to be mirrored within StorageOS for tighter integration. + Set VolumeName to any name to override the default + behaviour. Set to "default" if you are not using + namespaces within StorageOS. Namespaces that do + not pre-exist within StorageOS will be created. + type: string + type: object + vsphereVolume: + description: vsphereVolume represents a vSphere volume + attached and mounted on kubelets host machine + properties: + fsType: + description: fsType is filesystem type to mount. + Must be a filesystem type supported by the host + operating system. Ex. "ext4", "xfs", "ntfs". Implicitly + inferred to be "ext4" if unspecified. + type: string + storagePolicyID: + description: storagePolicyID is the storage Policy + Based Management (SPBM) profile ID associated + with the StoragePolicyName. + type: string + storagePolicyName: + description: storagePolicyName is the storage Policy + Based Management (SPBM) profile name. + type: string + volumePath: + description: volumePath is the path that identifies + vSphere volume vmdk + type: string + required: + - volumePath + type: object + required: + - name + type: object + type: array + required: + - containers + type: object + type: object + type: + default: rw + description: 'Type of service to forward traffic to. Default: `rw`.' + enum: + - rw + - ro + type: string + required: + - cluster + - pgbouncer + type: object + status: + description: 'Most recently observed status of the Pooler. This data may + not be up to date. Populated by the system. Read-only. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status' + properties: + instances: + description: The number of pods trying to be scheduled + format: int32 + type: integer + secrets: + description: The resource version of the config object + properties: + clientCA: + description: The client CA secret version + properties: + name: + description: The name of the secret + type: string + version: + description: The ResourceVersion of the secret + type: string + type: object + pgBouncerSecrets: + description: The version of the secrets used by PgBouncer + properties: + authQuery: + description: The auth query secret version + properties: + name: + description: The name of the secret + type: string + version: + description: The ResourceVersion of the secret + type: string + type: object + type: object + serverCA: + description: The server CA secret version + properties: + name: + description: The name of the secret + type: string + version: + description: The ResourceVersion of the secret + type: string + type: object + serverTLS: + description: The server TLS secret version + properties: + name: + description: The name of the secret + type: string + version: + description: The ResourceVersion of the secret + type: string + type: object + type: object + type: object + required: + - metadata + - spec + type: object + served: true + storage: true + subresources: + scale: + specReplicasPath: .spec.instances + statusReplicasPath: .status.instances + status: {} +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.13.0 + name: scheduledbackups.postgresql.cnpg.io +spec: + group: postgresql.cnpg.io + names: + kind: ScheduledBackup + listKind: ScheduledBackupList + plural: scheduledbackups + singular: scheduledbackup + scope: Namespaced + versions: + - additionalPrinterColumns: + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + - jsonPath: .spec.cluster.name + name: Cluster + type: string + - jsonPath: .status.lastScheduleTime + name: Last Backup + type: date + name: v1 + schema: + openAPIV3Schema: + description: ScheduledBackup is the Schema for the scheduledbackups API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: 'Specification of the desired behavior of the ScheduledBackup. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status' + properties: + backupOwnerReference: + default: none + description: 'Indicates which ownerReference should be put inside + the created backup resources.
- none: no owner reference for + created backup objects (same behavior as before the field was introduced)
- self: sets the Scheduled backup object as owner of the backup
- cluster: set the cluster as owner of the backup
' + enum: + - none + - self + - cluster + type: string + cluster: + description: The cluster to backup + properties: + name: + description: Name of the referent. + type: string + required: + - name + type: object + immediate: + description: If the first backup has to be immediately start after + creation or not + type: boolean + method: + default: barmanObjectStore + description: 'The backup method to be used, possible options are `barmanObjectStore` + and `volumeSnapshot`. Defaults to: `barmanObjectStore`.' + enum: + - barmanObjectStore + - volumeSnapshot + type: string + online: + description: Whether the default type of backup with volume snapshots + is online/hot (`true`, default) or offline/cold (`false`) Overrides + the default setting specified in the cluster field '.spec.backup.volumeSnapshot.online' + type: boolean + onlineConfiguration: + description: Configuration parameters to control the online/hot backup + with volume snapshots Overrides the default settings specified in + the cluster '.backup.volumeSnapshot.onlineConfiguration' stanza + properties: + immediateCheckpoint: + description: Control whether the I/O workload for the backup initial + checkpoint will be limited, according to the `checkpoint_completion_target` + setting on the PostgreSQL server. If set to true, an immediate + checkpoint will be used, meaning PostgreSQL will complete the + checkpoint as soon as possible. `false` by default. + type: boolean + waitForArchive: + default: true + description: If false, the function will return immediately after + the backup is completed, without waiting for WAL to be archived. + This behavior is only useful with backup software that independently + monitors WAL archiving. Otherwise, WAL required to make the + backup consistent might be missing and make the backup useless. + By default, or when this parameter is true, pg_backup_stop will + wait for WAL to be archived when archiving is enabled. On a + standby, this means that it will wait only when archive_mode + = always. If write activity on the primary is low, it may be + useful to run pg_switch_wal on the primary in order to trigger + an immediate segment switch. + type: boolean + type: object + schedule: + description: The schedule does not follow the same format used in + Kubernetes CronJobs as it includes an additional seconds specifier, + see https://pkg.go.dev/github.com/robfig/cron#hdr-CRON_Expression_Format + type: string + suspend: + description: If this backup is suspended or not + type: boolean + target: + description: The policy to decide which instance should perform this + backup. If empty, it defaults to `cluster.spec.backup.target`. Available + options are empty string, `primary` and `prefer-standby`. `primary` + to have backups run always on primary instances, `prefer-standby` + to have backups run preferably on the most updated standby, if available. + enum: + - primary + - prefer-standby + type: string + required: + - cluster + - schedule + type: object + status: + description: 'Most recently observed status of the ScheduledBackup. This + data may not be up to date. Populated by the system. Read-only. More + info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status' + properties: + lastCheckTime: + description: The latest time the schedule + format: date-time + type: string + lastScheduleTime: + description: Information when was the last time that backup was successfully + scheduled. + format: date-time + type: string + nextScheduleTime: + description: Next time we will run a backup + format: date-time + type: string + type: object + required: + - metadata + - spec + type: object + served: true + storage: true + subresources: + status: {} +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: cnpg-manager + namespace: cnpg-system +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: cnpg-manager +rules: +- apiGroups: + - "" + resources: + - configmaps + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - "" + resources: + - configmaps/status + verbs: + - get + - patch + - update +- apiGroups: + - "" + resources: + - events + verbs: + - create + - patch +- apiGroups: + - "" + resources: + - namespaces + verbs: + - get + - list + - watch +- apiGroups: + - "" + resources: + - nodes + verbs: + - get + - list + - watch +- apiGroups: + - "" + resources: + - persistentvolumeclaims + verbs: + - create + - delete + - get + - list + - patch + - watch +- apiGroups: + - "" + resources: + - pods + verbs: + - create + - delete + - get + - list + - patch + - watch +- apiGroups: + - "" + resources: + - pods/exec + verbs: + - create + - delete + - get + - list + - patch + - watch +- apiGroups: + - "" + resources: + - pods/status + verbs: + - get +- apiGroups: + - "" + resources: + - secrets + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - "" + resources: + - secrets/status + verbs: + - get + - patch + - update +- apiGroups: + - "" + resources: + - serviceaccounts + verbs: + - create + - get + - list + - patch + - update + - watch +- apiGroups: + - "" + resources: + - services + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - admissionregistration.k8s.io + resources: + - mutatingwebhookconfigurations + verbs: + - get + - list + - patch + - update +- apiGroups: + - admissionregistration.k8s.io + resources: + - validatingwebhookconfigurations + verbs: + - get + - list + - patch + - update +- apiGroups: + - apiextensions.k8s.io + resources: + - customresourcedefinitions + verbs: + - get + - list + - update +- apiGroups: + - apps + resources: + - deployments + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - batch + resources: + - jobs + verbs: + - create + - delete + - get + - list + - patch + - watch +- apiGroups: + - coordination.k8s.io + resources: + - leases + verbs: + - create + - get + - update +- apiGroups: + - monitoring.coreos.com + resources: + - podmonitors + verbs: + - create + - delete + - get + - list + - patch + - watch +- apiGroups: + - policy + resources: + - poddisruptionbudgets + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - postgresql.cnpg.io + resources: + - backups + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - postgresql.cnpg.io + resources: + - backups/status + verbs: + - get + - patch + - update +- apiGroups: + - postgresql.cnpg.io + resources: + - clusters + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - postgresql.cnpg.io + resources: + - clusters/finalizers + verbs: + - update +- apiGroups: + - postgresql.cnpg.io + resources: + - clusters/status + verbs: + - get + - patch + - update + - watch +- apiGroups: + - postgresql.cnpg.io + resources: + - poolers + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - postgresql.cnpg.io + resources: + - poolers/finalizers + verbs: + - update +- apiGroups: + - postgresql.cnpg.io + resources: + - poolers/status + verbs: + - get + - patch + - update + - watch +- apiGroups: + - postgresql.cnpg.io + resources: + - scheduledbackups + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - postgresql.cnpg.io + resources: + - scheduledbackups/status + verbs: + - get + - patch + - update +- apiGroups: + - rbac.authorization.k8s.io + resources: + - rolebindings + verbs: + - create + - get + - list + - patch + - update + - watch +- apiGroups: + - rbac.authorization.k8s.io + resources: + - roles + verbs: + - create + - get + - list + - patch + - update + - watch +- apiGroups: + - snapshot.storage.k8s.io + resources: + - volumesnapshots + verbs: + - create + - get + - list + - patch + - watch +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: cnpg-manager-rolebinding +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: cnpg-manager +subjects: +- kind: ServiceAccount + name: cnpg-manager + namespace: cnpg-system +--- +apiVersion: v1 +data: + queries: | + backends: + query: | + SELECT sa.datname + , sa.usename + , sa.application_name + , states.state + , COALESCE(sa.count, 0) AS total + , COALESCE(sa.max_tx_secs, 0) AS max_tx_duration_seconds + FROM ( VALUES ('active') + , ('idle') + , ('idle in transaction') + , ('idle in transaction (aborted)') + , ('fastpath function call') + , ('disabled') + ) AS states(state) + LEFT JOIN ( + SELECT datname + , state + , usename + , COALESCE(application_name, '') AS application_name + , COUNT(*) + , COALESCE(EXTRACT (EPOCH FROM (max(now() - xact_start))), 0) AS max_tx_secs + FROM pg_catalog.pg_stat_activity + GROUP BY datname, state, usename, application_name + ) sa ON states.state = sa.state + WHERE sa.usename IS NOT NULL + metrics: + - datname: + usage: "LABEL" + description: "Name of the database" + - usename: + usage: "LABEL" + description: "Name of the user" + - application_name: + usage: "LABEL" + description: "Name of the application" + - state: + usage: "LABEL" + description: "State of the backend" + - total: + usage: "GAUGE" + description: "Number of backends" + - max_tx_duration_seconds: + usage: "GAUGE" + description: "Maximum duration of a transaction in seconds" + + backends_waiting: + query: | + SELECT count(*) AS total + FROM pg_catalog.pg_locks blocked_locks + JOIN pg_catalog.pg_locks blocking_locks + ON blocking_locks.locktype = blocked_locks.locktype + AND blocking_locks.database IS NOT DISTINCT FROM blocked_locks.database + AND blocking_locks.relation IS NOT DISTINCT FROM blocked_locks.relation + AND blocking_locks.page IS NOT DISTINCT FROM blocked_locks.page + AND blocking_locks.tuple IS NOT DISTINCT FROM blocked_locks.tuple + AND blocking_locks.virtualxid IS NOT DISTINCT FROM blocked_locks.virtualxid + AND blocking_locks.transactionid IS NOT DISTINCT FROM blocked_locks.transactionid + AND blocking_locks.classid IS NOT DISTINCT FROM blocked_locks.classid + AND blocking_locks.objid IS NOT DISTINCT FROM blocked_locks.objid + AND blocking_locks.objsubid IS NOT DISTINCT FROM blocked_locks.objsubid + AND blocking_locks.pid != blocked_locks.pid + JOIN pg_catalog.pg_stat_activity blocking_activity ON blocking_activity.pid = blocking_locks.pid + WHERE NOT blocked_locks.granted + metrics: + - total: + usage: "GAUGE" + description: "Total number of backends that are currently waiting on other queries" + + pg_database: + query: | + SELECT datname + , pg_catalog.pg_database_size(datname) AS size_bytes + , pg_catalog.age(datfrozenxid) AS xid_age + , pg_catalog.mxid_age(datminmxid) AS mxid_age + FROM pg_catalog.pg_database + metrics: + - datname: + usage: "LABEL" + description: "Name of the database" + - size_bytes: + usage: "GAUGE" + description: "Disk space used by the database" + - xid_age: + usage: "GAUGE" + description: "Number of transactions from the frozen XID to the current one" + - mxid_age: + usage: "GAUGE" + description: "Number of multiple transactions (Multixact) from the frozen XID to the current one" + + pg_postmaster: + query: | + SELECT EXTRACT(EPOCH FROM pg_postmaster_start_time) AS start_time + FROM pg_catalog.pg_postmaster_start_time() + metrics: + - start_time: + usage: "GAUGE" + description: "Time at which postgres started (based on epoch)" + + pg_replication: + query: "SELECT CASE WHEN ( + NOT pg_catalog.pg_is_in_recovery() + OR pg_catalog.pg_last_wal_receive_lsn() = pg_catalog.pg_last_wal_replay_lsn()) + THEN 0 + ELSE GREATEST (0, + EXTRACT(EPOCH FROM (now() - pg_catalog.pg_last_xact_replay_timestamp()))) + END AS lag, + pg_catalog.pg_is_in_recovery() AS in_recovery, + EXISTS (TABLE pg_stat_wal_receiver) AS is_wal_receiver_up, + (SELECT count(*) FROM pg_catalog.pg_stat_replication) AS streaming_replicas" + metrics: + - lag: + usage: "GAUGE" + description: "Replication lag behind primary in seconds" + - in_recovery: + usage: "GAUGE" + description: "Whether the instance is in recovery" + - is_wal_receiver_up: + usage: "GAUGE" + description: "Whether the instance wal_receiver is up" + - streaming_replicas: + usage: "GAUGE" + description: "Number of streaming replicas connected to the instance" + + pg_replication_slots: + query: | + SELECT slot_name, + slot_type, + database, + active, + (CASE pg_catalog.pg_is_in_recovery() + WHEN TRUE THEN pg_catalog.pg_wal_lsn_diff(pg_catalog.pg_last_wal_receive_lsn(), restart_lsn) + ELSE pg_catalog.pg_wal_lsn_diff(pg_catalog.pg_current_wal_lsn(), restart_lsn) + END) as pg_wal_lsn_diff + FROM pg_catalog.pg_replication_slots + WHERE NOT temporary + metrics: + - slot_name: + usage: "LABEL" + description: "Name of the replication slot" + - slot_type: + usage: "LABEL" + description: "Type of the replication slot" + - database: + usage: "LABEL" + description: "Name of the database" + - active: + usage: "GAUGE" + description: "Flag indicating whether the slot is active" + - pg_wal_lsn_diff: + usage: "GAUGE" + description: "Replication lag in bytes" + + pg_stat_archiver: + query: | + SELECT archived_count + , failed_count + , COALESCE(EXTRACT(EPOCH FROM (now() - last_archived_time)), -1) AS seconds_since_last_archival + , COALESCE(EXTRACT(EPOCH FROM (now() - last_failed_time)), -1) AS seconds_since_last_failure + , COALESCE(EXTRACT(EPOCH FROM last_archived_time), -1) AS last_archived_time + , COALESCE(EXTRACT(EPOCH FROM last_failed_time), -1) AS last_failed_time + , COALESCE(CAST(CAST('x'||pg_catalog.right(pg_catalog.split_part(last_archived_wal, '.', 1), 16) AS pg_catalog.bit(64)) AS pg_catalog.int8), -1) AS last_archived_wal_start_lsn + , COALESCE(CAST(CAST('x'||pg_catalog.right(pg_catalog.split_part(last_failed_wal, '.', 1), 16) AS pg_catalog.bit(64)) AS pg_catalog.int8), -1) AS last_failed_wal_start_lsn + , EXTRACT(EPOCH FROM stats_reset) AS stats_reset_time + FROM pg_catalog.pg_stat_archiver + metrics: + - archived_count: + usage: "COUNTER" + description: "Number of WAL files that have been successfully archived" + - failed_count: + usage: "COUNTER" + description: "Number of failed attempts for archiving WAL files" + - seconds_since_last_archival: + usage: "GAUGE" + description: "Seconds since the last successful archival operation" + - seconds_since_last_failure: + usage: "GAUGE" + description: "Seconds since the last failed archival operation" + - last_archived_time: + usage: "GAUGE" + description: "Epoch of the last time WAL archiving succeeded" + - last_failed_time: + usage: "GAUGE" + description: "Epoch of the last time WAL archiving failed" + - last_archived_wal_start_lsn: + usage: "GAUGE" + description: "Archived WAL start LSN" + - last_failed_wal_start_lsn: + usage: "GAUGE" + description: "Last failed WAL LSN" + - stats_reset_time: + usage: "GAUGE" + description: "Time at which these statistics were last reset" + + pg_stat_bgwriter: + query: | + SELECT checkpoints_timed + , checkpoints_req + , checkpoint_write_time + , checkpoint_sync_time + , buffers_checkpoint + , buffers_clean + , maxwritten_clean + , buffers_backend + , buffers_backend_fsync + , buffers_alloc + FROM pg_catalog.pg_stat_bgwriter + metrics: + - checkpoints_timed: + usage: "COUNTER" + description: "Number of scheduled checkpoints that have been performed" + - checkpoints_req: + usage: "COUNTER" + description: "Number of requested checkpoints that have been performed" + - checkpoint_write_time: + usage: "COUNTER" + description: "Total amount of time that has been spent in the portion of checkpoint processing where files are written to disk, in milliseconds" + - checkpoint_sync_time: + usage: "COUNTER" + description: "Total amount of time that has been spent in the portion of checkpoint processing where files are synchronized to disk, in milliseconds" + - buffers_checkpoint: + usage: "COUNTER" + description: "Number of buffers written during checkpoints" + - buffers_clean: + usage: "COUNTER" + description: "Number of buffers written by the background writer" + - maxwritten_clean: + usage: "COUNTER" + description: "Number of times the background writer stopped a cleaning scan because it had written too many buffers" + - buffers_backend: + usage: "COUNTER" + description: "Number of buffers written directly by a backend" + - buffers_backend_fsync: + usage: "COUNTER" + description: "Number of times a backend had to execute its own fsync call (normally the background writer handles those even when the backend does its own write)" + - buffers_alloc: + usage: "COUNTER" + description: "Number of buffers allocated" + + pg_stat_database: + query: | + SELECT datname + , xact_commit + , xact_rollback + , blks_read + , blks_hit + , tup_returned + , tup_fetched + , tup_inserted + , tup_updated + , tup_deleted + , conflicts + , temp_files + , temp_bytes + , deadlocks + , blk_read_time + , blk_write_time + FROM pg_catalog.pg_stat_database + metrics: + - datname: + usage: "LABEL" + description: "Name of this database" + - xact_commit: + usage: "COUNTER" + description: "Number of transactions in this database that have been committed" + - xact_rollback: + usage: "COUNTER" + description: "Number of transactions in this database that have been rolled back" + - blks_read: + usage: "COUNTER" + description: "Number of disk blocks read in this database" + - blks_hit: + usage: "COUNTER" + description: "Number of times disk blocks were found already in the buffer cache, so that a read was not necessary (this only includes hits in the PostgreSQL buffer cache, not the operating system's file system cache)" + - tup_returned: + usage: "COUNTER" + description: "Number of rows returned by queries in this database" + - tup_fetched: + usage: "COUNTER" + description: "Number of rows fetched by queries in this database" + - tup_inserted: + usage: "COUNTER" + description: "Number of rows inserted by queries in this database" + - tup_updated: + usage: "COUNTER" + description: "Number of rows updated by queries in this database" + - tup_deleted: + usage: "COUNTER" + description: "Number of rows deleted by queries in this database" + - conflicts: + usage: "COUNTER" + description: "Number of queries canceled due to conflicts with recovery in this database" + - temp_files: + usage: "COUNTER" + description: "Number of temporary files created by queries in this database" + - temp_bytes: + usage: "COUNTER" + description: "Total amount of data written to temporary files by queries in this database" + - deadlocks: + usage: "COUNTER" + description: "Number of deadlocks detected in this database" + - blk_read_time: + usage: "COUNTER" + description: "Time spent reading data file blocks by backends in this database, in milliseconds" + - blk_write_time: + usage: "COUNTER" + description: "Time spent writing data file blocks by backends in this database, in milliseconds" + + pg_stat_replication: + primary: true + query: | + SELECT usename + , COALESCE(application_name, '') AS application_name + , COALESCE(client_addr::text, '') AS client_addr + , COALESCE(client_port::text, '') AS client_port + , EXTRACT(EPOCH FROM backend_start) AS backend_start + , COALESCE(pg_catalog.age(backend_xmin), 0) AS backend_xmin_age + , pg_catalog.pg_wal_lsn_diff(pg_catalog.pg_current_wal_lsn(), sent_lsn) AS sent_diff_bytes + , pg_catalog.pg_wal_lsn_diff(pg_catalog.pg_current_wal_lsn(), write_lsn) AS write_diff_bytes + , pg_catalog.pg_wal_lsn_diff(pg_catalog.pg_current_wal_lsn(), flush_lsn) AS flush_diff_bytes + , COALESCE(pg_catalog.pg_wal_lsn_diff(pg_catalog.pg_current_wal_lsn(), replay_lsn),0) AS replay_diff_bytes + , COALESCE((EXTRACT(EPOCH FROM write_lag)),0)::float AS write_lag_seconds + , COALESCE((EXTRACT(EPOCH FROM flush_lag)),0)::float AS flush_lag_seconds + , COALESCE((EXTRACT(EPOCH FROM replay_lag)),0)::float AS replay_lag_seconds + FROM pg_catalog.pg_stat_replication + metrics: + - usename: + usage: "LABEL" + description: "Name of the replication user" + - application_name: + usage: "LABEL" + description: "Name of the application" + - client_addr: + usage: "LABEL" + description: "Client IP address" + - client_port: + usage: "LABEL" + description: "Client TCP port" + - backend_start: + usage: "COUNTER" + description: "Time when this process was started" + - backend_xmin_age: + usage: "COUNTER" + description: "The age of this standby's xmin horizon" + - sent_diff_bytes: + usage: "GAUGE" + description: "Difference in bytes from the last write-ahead log location sent on this connection" + - write_diff_bytes: + usage: "GAUGE" + description: "Difference in bytes from the last write-ahead log location written to disk by this standby server" + - flush_diff_bytes: + usage: "GAUGE" + description: "Difference in bytes from the last write-ahead log location flushed to disk by this standby server" + - replay_diff_bytes: + usage: "GAUGE" + description: "Difference in bytes from the last write-ahead log location replayed into the database on this standby server" + - write_lag_seconds: + usage: "GAUGE" + description: "Time elapsed between flushing recent WAL locally and receiving notification that this standby server has written it" + - flush_lag_seconds: + usage: "GAUGE" + description: "Time elapsed between flushing recent WAL locally and receiving notification that this standby server has written and flushed it" + - replay_lag_seconds: + usage: "GAUGE" + description: "Time elapsed between flushing recent WAL locally and receiving notification that this standby server has written, flushed and applied it" + + pg_settings: + query: | + SELECT name, + CASE setting WHEN 'on' THEN '1' WHEN 'off' THEN '0' ELSE setting END AS setting + FROM pg_catalog.pg_settings + WHERE vartype IN ('integer', 'real', 'bool') + ORDER BY 1 + metrics: + - name: + usage: "LABEL" + description: "Name of the setting" + - setting: + usage: "GAUGE" + description: "Setting value" +kind: ConfigMap +metadata: + labels: + cnpg.io/reload: "" + name: cnpg-default-monitoring + namespace: cnpg-system +--- +apiVersion: v1 +kind: Service +metadata: + name: cnpg-webhook-service + namespace: cnpg-system +spec: + ports: + - port: 443 + targetPort: 9443 + selector: + app.kubernetes.io/name: cloudnative-pg +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + labels: + app.kubernetes.io/name: cloudnative-pg + name: cnpg-controller-manager + namespace: cnpg-system +spec: + replicas: 1 + selector: + matchLabels: + app.kubernetes.io/name: cloudnative-pg + template: + metadata: + labels: + app.kubernetes.io/name: cloudnative-pg + spec: + containers: + - args: + - controller + - --leader-elect + - --config-map-name=cnpg-controller-manager-config + - --secret-name=cnpg-controller-manager-config + - --webhook-port=9443 + command: + - /manager + env: + - name: OPERATOR_IMAGE_NAME + value: ghcr.io/cloudnative-pg/cloudnative-pg:1.22.1 + - name: OPERATOR_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: MONITORING_QUERIES_CONFIGMAP + value: cnpg-default-monitoring + image: ghcr.io/cloudnative-pg/cloudnative-pg:1.22.1 + livenessProbe: + httpGet: + path: /readyz + port: 9443 + scheme: HTTPS + name: manager + ports: + - containerPort: 8080 + name: metrics + protocol: TCP + - containerPort: 9443 + name: webhook-server + protocol: TCP + readinessProbe: + httpGet: + path: /readyz + port: 9443 + scheme: HTTPS + resources: + limits: + cpu: 100m + memory: 200Mi + requests: + cpu: 100m + memory: 100Mi + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + readOnlyRootFilesystem: true + runAsGroup: 10001 + runAsUser: 10001 + seccompProfile: + type: RuntimeDefault + volumeMounts: + - mountPath: /controller + name: scratch-data + - mountPath: /run/secrets/cnpg.io/webhook + name: webhook-certificates + securityContext: + runAsNonRoot: true + seccompProfile: + type: RuntimeDefault + serviceAccountName: cnpg-manager + terminationGracePeriodSeconds: 10 + volumes: + - emptyDir: {} + name: scratch-data + - name: webhook-certificates + secret: + defaultMode: 420 + optional: true + secretName: cnpg-webhook-cert +--- +apiVersion: admissionregistration.k8s.io/v1 +kind: MutatingWebhookConfiguration +metadata: + name: cnpg-mutating-webhook-configuration +webhooks: +- admissionReviewVersions: + - v1 + clientConfig: + service: + name: cnpg-webhook-service + namespace: cnpg-system + path: /mutate-postgresql-cnpg-io-v1-backup + failurePolicy: Fail + name: mbackup.cnpg.io + rules: + - apiGroups: + - postgresql.cnpg.io + apiVersions: + - v1 + operations: + - CREATE + - UPDATE + resources: + - backups + sideEffects: None +- admissionReviewVersions: + - v1 + clientConfig: + service: + name: cnpg-webhook-service + namespace: cnpg-system + path: /mutate-postgresql-cnpg-io-v1-cluster + failurePolicy: Fail + name: mcluster.cnpg.io + rules: + - apiGroups: + - postgresql.cnpg.io + apiVersions: + - v1 + operations: + - CREATE + - UPDATE + resources: + - clusters + sideEffects: None +- admissionReviewVersions: + - v1 + clientConfig: + service: + name: cnpg-webhook-service + namespace: cnpg-system + path: /mutate-postgresql-cnpg-io-v1-scheduledbackup + failurePolicy: Fail + name: mscheduledbackup.cnpg.io + rules: + - apiGroups: + - postgresql.cnpg.io + apiVersions: + - v1 + operations: + - CREATE + - UPDATE + resources: + - scheduledbackups + sideEffects: None +--- +apiVersion: admissionregistration.k8s.io/v1 +kind: ValidatingWebhookConfiguration +metadata: + name: cnpg-validating-webhook-configuration +webhooks: +- admissionReviewVersions: + - v1 + clientConfig: + service: + name: cnpg-webhook-service + namespace: cnpg-system + path: /validate-postgresql-cnpg-io-v1-backup + failurePolicy: Fail + name: vbackup.cnpg.io + rules: + - apiGroups: + - postgresql.cnpg.io + apiVersions: + - v1 + operations: + - CREATE + - UPDATE + resources: + - backups + sideEffects: None +- admissionReviewVersions: + - v1 + clientConfig: + service: + name: cnpg-webhook-service + namespace: cnpg-system + path: /validate-postgresql-cnpg-io-v1-cluster + failurePolicy: Fail + name: vcluster.cnpg.io + rules: + - apiGroups: + - postgresql.cnpg.io + apiVersions: + - v1 + operations: + - CREATE + - UPDATE + resources: + - clusters + sideEffects: None +- admissionReviewVersions: + - v1 + clientConfig: + service: + name: cnpg-webhook-service + namespace: cnpg-system + path: /validate-postgresql-cnpg-io-v1-pooler + failurePolicy: Fail + name: vpooler.cnpg.io + rules: + - apiGroups: + - postgresql.cnpg.io + apiVersions: + - v1 + operations: + - CREATE + - UPDATE + resources: + - poolers + sideEffects: None +- admissionReviewVersions: + - v1 + clientConfig: + service: + name: cnpg-webhook-service + namespace: cnpg-system + path: /validate-postgresql-cnpg-io-v1-scheduledbackup + failurePolicy: Fail + name: vscheduledbackup.cnpg.io + rules: + - apiGroups: + - postgresql.cnpg.io + apiVersions: + - v1 + operations: + - CREATE + - UPDATE + resources: + - scheduledbackups + sideEffects: None diff --git a/data/cloudnative-pg_cloudnative_pg/context.json b/data/cloudnative-pg_cloudnative_pg/context.json new file mode 100644 index 0000000000..b449f382e5 --- /dev/null +++ b/data/cloudnative-pg_cloudnative_pg/context.json @@ -0,0 +1,4659 @@ +{ + "crd": { + "body": { + "apiVersion": "apiextensions.k8s.io/v1", + "kind": "CustomResourceDefinition", + "metadata": { + "annotations": { + "controller-gen.kubebuilder.io/version": "v0.13.0" + }, + "creationTimestamp": "2024-02-21T04:22:52Z", + "generation": 1, + "name": "clusters.postgresql.cnpg.io", + "resourceVersion": "621", + "uid": "5145e988-32b8-4d82-b26d-4344fa805399" + }, + "spec": { + "conversion": { + "strategy": "None" + }, + "group": "postgresql.cnpg.io", + "names": { + "kind": "Cluster", + "listKind": "ClusterList", + "plural": "clusters", + "singular": "cluster" + }, + "scope": "Namespaced", + "versions": [ + { + "additionalPrinterColumns": [ + { + "jsonPath": ".metadata.creationTimestamp", + "name": "Age", + "type": "date" + }, + { + "description": "Number of instances", + "jsonPath": ".status.instances", + "name": "Instances", + "type": "integer" + }, + { + "description": "Number of ready instances", + "jsonPath": ".status.readyInstances", + "name": "Ready", + "type": "integer" + }, + { + "description": "Cluster current status", + "jsonPath": ".status.phase", + "name": "Status", + "type": "string" + }, + { + "description": "Primary pod", + "jsonPath": ".status.currentPrimary", + "name": "Primary", + "type": "string" + } + ], + "name": "v1", + "schema": { + "openAPIV3Schema": { + "description": "Cluster is the Schema for the PostgreSQL API", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", + "type": "string" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "type": "object" + }, + "spec": { + "description": "Specification of the desired behavior of the cluster. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status", + "properties": { + "affinity": { + "description": "Affinity/Anti-affinity rules for Pods", + "properties": { + "additionalPodAffinity": { + "description": "AdditionalPodAffinity allows to specify pod affinity terms to be passed to all the cluster's pods.", + "properties": { + "preferredDuringSchedulingIgnoredDuringExecution": { + "description": "The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding \"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred.", + "items": { + "description": "The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s)", + "properties": { + "podAffinityTerm": { + "description": "Required. A pod affinity term, associated with the corresponding weight.", + "properties": { + "labelSelector": { + "description": "A label query over a set of resources, in this case pods.", + "properties": { + "matchExpressions": { + "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", + "items": { + "description": "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.", + "properties": { + "key": { + "description": "key is the label key that the selector applies to.", + "type": "string" + }, + "operator": { + "description": "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.", + "type": "string" + }, + "values": { + "description": "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array" + }, + "matchLabels": { + "additionalProperties": { + "type": "string" + }, + "description": "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", + "type": "object" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "namespaceSelector": { + "description": "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means \"this pod's namespace\". An empty selector ({}) matches all namespaces.", + "properties": { + "matchExpressions": { + "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", + "items": { + "description": "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.", + "properties": { + "key": { + "description": "key is the label key that the selector applies to.", + "type": "string" + }, + "operator": { + "description": "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.", + "type": "string" + }, + "values": { + "description": "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array" + }, + "matchLabels": { + "additionalProperties": { + "type": "string" + }, + "description": "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", + "type": "object" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "namespaces": { + "description": "namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means \"this pod's namespace\".", + "items": { + "type": "string" + }, + "type": "array" + }, + "topologyKey": { + "description": "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed.", + "type": "string" + } + }, + "required": [ + "topologyKey" + ], + "type": "object" + }, + "weight": { + "description": "weight associated with matching the corresponding podAffinityTerm, in the range 1-100.", + "format": "int32", + "type": "integer" + } + }, + "required": [ + "podAffinityTerm", + "weight" + ], + "type": "object" + }, + "type": "array" + }, + "requiredDuringSchedulingIgnoredDuringExecution": { + "description": "If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied.", + "items": { + "description": "Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running", + "properties": { + "labelSelector": { + "description": "A label query over a set of resources, in this case pods.", + "properties": { + "matchExpressions": { + "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", + "items": { + "description": "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.", + "properties": { + "key": { + "description": "key is the label key that the selector applies to.", + "type": "string" + }, + "operator": { + "description": "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.", + "type": "string" + }, + "values": { + "description": "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array" + }, + "matchLabels": { + "additionalProperties": { + "type": "string" + }, + "description": "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", + "type": "object" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "namespaceSelector": { + "description": "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means \"this pod's namespace\". An empty selector ({}) matches all namespaces.", + "properties": { + "matchExpressions": { + "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", + "items": { + "description": "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.", + "properties": { + "key": { + "description": "key is the label key that the selector applies to.", + "type": "string" + }, + "operator": { + "description": "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.", + "type": "string" + }, + "values": { + "description": "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array" + }, + "matchLabels": { + "additionalProperties": { + "type": "string" + }, + "description": "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", + "type": "object" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "namespaces": { + "description": "namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means \"this pod's namespace\".", + "items": { + "type": "string" + }, + "type": "array" + }, + "topologyKey": { + "description": "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed.", + "type": "string" + } + }, + "required": [ + "topologyKey" + ], + "type": "object" + }, + "type": "array" + } + }, + "type": "object" + }, + "additionalPodAntiAffinity": { + "description": "AdditionalPodAntiAffinity allows to specify pod anti-affinity terms to be added to the ones generated by the operator if EnablePodAntiAffinity is set to true (default) or to be used exclusively if set to false.", + "properties": { + "preferredDuringSchedulingIgnoredDuringExecution": { + "description": "The scheduler will prefer to schedule pods to nodes that satisfy the anti-affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling anti-affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding \"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred.", + "items": { + "description": "The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s)", + "properties": { + "podAffinityTerm": { + "description": "Required. A pod affinity term, associated with the corresponding weight.", + "properties": { + "labelSelector": { + "description": "A label query over a set of resources, in this case pods.", + "properties": { + "matchExpressions": { + "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", + "items": { + "description": "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.", + "properties": { + "key": { + "description": "key is the label key that the selector applies to.", + "type": "string" + }, + "operator": { + "description": "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.", + "type": "string" + }, + "values": { + "description": "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array" + }, + "matchLabels": { + "additionalProperties": { + "type": "string" + }, + "description": "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", + "type": "object" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "namespaceSelector": { + "description": "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means \"this pod's namespace\". An empty selector ({}) matches all namespaces.", + "properties": { + "matchExpressions": { + "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", + "items": { + "description": "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.", + "properties": { + "key": { + "description": "key is the label key that the selector applies to.", + "type": "string" + }, + "operator": { + "description": "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.", + "type": "string" + }, + "values": { + "description": "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array" + }, + "matchLabels": { + "additionalProperties": { + "type": "string" + }, + "description": "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", + "type": "object" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "namespaces": { + "description": "namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means \"this pod's namespace\".", + "items": { + "type": "string" + }, + "type": "array" + }, + "topologyKey": { + "description": "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed.", + "type": "string" + } + }, + "required": [ + "topologyKey" + ], + "type": "object" + }, + "weight": { + "description": "weight associated with matching the corresponding podAffinityTerm, in the range 1-100.", + "format": "int32", + "type": "integer" + } + }, + "required": [ + "podAffinityTerm", + "weight" + ], + "type": "object" + }, + "type": "array" + }, + "requiredDuringSchedulingIgnoredDuringExecution": { + "description": "If the anti-affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the anti-affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied.", + "items": { + "description": "Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running", + "properties": { + "labelSelector": { + "description": "A label query over a set of resources, in this case pods.", + "properties": { + "matchExpressions": { + "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", + "items": { + "description": "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.", + "properties": { + "key": { + "description": "key is the label key that the selector applies to.", + "type": "string" + }, + "operator": { + "description": "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.", + "type": "string" + }, + "values": { + "description": "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array" + }, + "matchLabels": { + "additionalProperties": { + "type": "string" + }, + "description": "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", + "type": "object" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "namespaceSelector": { + "description": "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means \"this pod's namespace\". An empty selector ({}) matches all namespaces.", + "properties": { + "matchExpressions": { + "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", + "items": { + "description": "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.", + "properties": { + "key": { + "description": "key is the label key that the selector applies to.", + "type": "string" + }, + "operator": { + "description": "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.", + "type": "string" + }, + "values": { + "description": "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array" + }, + "matchLabels": { + "additionalProperties": { + "type": "string" + }, + "description": "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", + "type": "object" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "namespaces": { + "description": "namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means \"this pod's namespace\".", + "items": { + "type": "string" + }, + "type": "array" + }, + "topologyKey": { + "description": "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed.", + "type": "string" + } + }, + "required": [ + "topologyKey" + ], + "type": "object" + }, + "type": "array" + } + }, + "type": "object" + }, + "enablePodAntiAffinity": { + "description": "Activates anti-affinity for the pods. The operator will define pods anti-affinity unless this field is explicitly set to false", + "type": "boolean" + }, + "nodeAffinity": { + "description": "NodeAffinity describes node affinity scheduling rules for the pod. More info: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#node-affinity", + "properties": { + "preferredDuringSchedulingIgnoredDuringExecution": { + "description": "The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding \"weight\" to the sum if the node matches the corresponding matchExpressions; the node(s) with the highest sum are the most preferred.", + "items": { + "description": "An empty preferred scheduling term matches all objects with implicit weight 0 (i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op).", + "properties": { + "preference": { + "description": "A node selector term, associated with the corresponding weight.", + "properties": { + "matchExpressions": { + "description": "A list of node selector requirements by node's labels.", + "items": { + "description": "A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values.", + "properties": { + "key": { + "description": "The label key that the selector applies to.", + "type": "string" + }, + "operator": { + "description": "Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.", + "type": "string" + }, + "values": { + "description": "An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array" + }, + "matchFields": { + "description": "A list of node selector requirements by node's fields.", + "items": { + "description": "A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values.", + "properties": { + "key": { + "description": "The label key that the selector applies to.", + "type": "string" + }, + "operator": { + "description": "Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.", + "type": "string" + }, + "values": { + "description": "An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "weight": { + "description": "Weight associated with matching the corresponding nodeSelectorTerm, in the range 1-100.", + "format": "int32", + "type": "integer" + } + }, + "required": [ + "preference", + "weight" + ], + "type": "object" + }, + "type": "array" + }, + "requiredDuringSchedulingIgnoredDuringExecution": { + "description": "If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to an update), the system may or may not try to eventually evict the pod from its node.", + "properties": { + "nodeSelectorTerms": { + "description": "Required. A list of node selector terms. The terms are ORed.", + "items": { + "description": "A null or empty node selector term matches no objects. The requirements of them are ANDed. The TopologySelectorTerm type implements a subset of the NodeSelectorTerm.", + "properties": { + "matchExpressions": { + "description": "A list of node selector requirements by node's labels.", + "items": { + "description": "A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values.", + "properties": { + "key": { + "description": "The label key that the selector applies to.", + "type": "string" + }, + "operator": { + "description": "Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.", + "type": "string" + }, + "values": { + "description": "An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array" + }, + "matchFields": { + "description": "A list of node selector requirements by node's fields.", + "items": { + "description": "A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values.", + "properties": { + "key": { + "description": "The label key that the selector applies to.", + "type": "string" + }, + "operator": { + "description": "Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.", + "type": "string" + }, + "values": { + "description": "An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "type": "array" + } + }, + "required": [ + "nodeSelectorTerms" + ], + "type": "object", + "x-kubernetes-map-type": "atomic" + } + }, + "type": "object" + }, + "nodeSelector": { + "additionalProperties": { + "type": "string" + }, + "description": "NodeSelector is map of key-value pairs used to define the nodes on which the pods can run. More info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/", + "type": "object" + }, + "podAntiAffinityType": { + "description": "PodAntiAffinityType allows the user to decide whether pod anti-affinity between cluster instance has to be considered a strong requirement during scheduling or not. Allowed values are: \"preferred\" (default if empty) or \"required\". Setting it to \"required\", could lead to instances remaining pending until new kubernetes nodes are added if all the existing nodes don't match the required pod anti-affinity rule. More info: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#inter-pod-affinity-and-anti-affinity", + "type": "string" + }, + "tolerations": { + "description": "Tolerations is a list of Tolerations that should be set for all the pods, in order to allow them to run on tainted nodes. More info: https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/", + "items": { + "description": "The pod this Toleration is attached to tolerates any taint that matches the triple using the matching operator .", + "properties": { + "effect": { + "description": "Effect indicates the taint effect to match. Empty means match all taint effects. When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute.", + "type": "string" + }, + "key": { + "description": "Key is the taint key that the toleration applies to. Empty means match all taint keys. If the key is empty, operator must be Exists; this combination means to match all values and all keys.", + "type": "string" + }, + "operator": { + "description": "Operator represents a key's relationship to the value. Valid operators are Exists and Equal. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category.", + "type": "string" + }, + "tolerationSeconds": { + "description": "TolerationSeconds represents the period of time the toleration (which must be of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, it is not set, which means tolerate the taint forever (do not evict). Zero and negative values will be treated as 0 (evict immediately) by the system.", + "format": "int64", + "type": "integer" + }, + "value": { + "description": "Value is the taint value the toleration matches to. If the operator is Exists, the value should be empty, otherwise just a regular string.", + "type": "string" + } + }, + "type": "object" + }, + "type": "array" + }, + "topologyKey": { + "description": "TopologyKey to use for anti-affinity configuration. See k8s documentation for more info on that", + "type": "string" + } + }, + "type": "object" + }, + "backup": { + "description": "The configuration to be used for backups", + "properties": { + "barmanObjectStore": { + "description": "The configuration for the barman-cloud tool suite", + "properties": { + "azureCredentials": { + "description": "The credentials to use to upload data to Azure Blob Storage", + "properties": { + "connectionString": { + "description": "The connection string to be used", + "properties": { + "key": { + "description": "The key to select", + "type": "string" + }, + "name": { + "description": "Name of the referent.", + "type": "string" + } + }, + "required": [ + "key", + "name" + ], + "type": "object" + }, + "inheritFromAzureAD": { + "description": "Use the Azure AD based authentication without providing explicitly the keys.", + "type": "boolean" + }, + "storageAccount": { + "description": "The storage account where to upload data", + "properties": { + "key": { + "description": "The key to select", + "type": "string" + }, + "name": { + "description": "Name of the referent.", + "type": "string" + } + }, + "required": [ + "key", + "name" + ], + "type": "object" + }, + "storageKey": { + "description": "The storage account key to be used in conjunction with the storage account name", + "properties": { + "key": { + "description": "The key to select", + "type": "string" + }, + "name": { + "description": "Name of the referent.", + "type": "string" + } + }, + "required": [ + "key", + "name" + ], + "type": "object" + }, + "storageSasToken": { + "description": "A shared-access-signature to be used in conjunction with the storage account name", + "properties": { + "key": { + "description": "The key to select", + "type": "string" + }, + "name": { + "description": "Name of the referent.", + "type": "string" + } + }, + "required": [ + "key", + "name" + ], + "type": "object" + } + }, + "type": "object" + }, + "data": { + "description": "The configuration to be used to backup the data files When not defined, base backups files will be stored uncompressed and may be unencrypted in the object store, according to the bucket default policy.", + "properties": { + "compression": { + "description": "Compress a backup file (a tar file per tablespace) while streaming it to the object store. Available options are empty string (no compression, default), `gzip`, `bzip2` or `snappy`.", + "enum": [ + "gzip", + "bzip2", + "snappy" + ], + "type": "string" + }, + "encryption": { + "description": "Whenever to force the encryption of files (if the bucket is not already configured for that). Allowed options are empty string (use the bucket policy, default), `AES256` and `aws:kms`", + "enum": [ + "AES256", + "aws:kms" + ], + "type": "string" + }, + "immediateCheckpoint": { + "description": "Control whether the I/O workload for the backup initial checkpoint will be limited, according to the `checkpoint_completion_target` setting on the PostgreSQL server. If set to true, an immediate checkpoint will be used, meaning PostgreSQL will complete the checkpoint as soon as possible. `false` by default.", + "type": "boolean" + }, + "jobs": { + "description": "The number of parallel jobs to be used to upload the backup, defaults to 2", + "format": "int32", + "minimum": 1, + "type": "integer" + } + }, + "type": "object" + }, + "destinationPath": { + "description": "The path where to store the backup (i.e. s3://bucket/path/to/folder) this path, with different destination folders, will be used for WALs and for data", + "minLength": 1, + "type": "string" + }, + "endpointCA": { + "description": "EndpointCA store the CA bundle of the barman endpoint. Useful when using self-signed certificates to avoid errors with certificate issuer and barman-cloud-wal-archive", + "properties": { + "key": { + "description": "The key to select", + "type": "string" + }, + "name": { + "description": "Name of the referent.", + "type": "string" + } + }, + "required": [ + "key", + "name" + ], + "type": "object" + }, + "endpointURL": { + "description": "Endpoint to be used to upload data to the cloud, overriding the automatic endpoint discovery", + "type": "string" + }, + "googleCredentials": { + "description": "The credentials to use to upload data to Google Cloud Storage", + "properties": { + "applicationCredentials": { + "description": "The secret containing the Google Cloud Storage JSON file with the credentials", + "properties": { + "key": { + "description": "The key to select", + "type": "string" + }, + "name": { + "description": "Name of the referent.", + "type": "string" + } + }, + "required": [ + "key", + "name" + ], + "type": "object" + }, + "gkeEnvironment": { + "description": "If set to true, will presume that it's running inside a GKE environment, default to false.", + "type": "boolean" + } + }, + "type": "object" + }, + "historyTags": { + "additionalProperties": { + "type": "string" + }, + "description": "HistoryTags is a list of key value pairs that will be passed to the Barman --history-tags option.", + "type": "object" + }, + "s3Credentials": { + "description": "The credentials to use to upload data to S3", + "properties": { + "accessKeyId": { + "description": "The reference to the access key id", + "properties": { + "key": { + "description": "The key to select", + "type": "string" + }, + "name": { + "description": "Name of the referent.", + "type": "string" + } + }, + "required": [ + "key", + "name" + ], + "type": "object" + }, + "inheritFromIAMRole": { + "description": "Use the role based authentication without providing explicitly the keys.", + "type": "boolean" + }, + "region": { + "description": "The reference to the secret containing the region name", + "properties": { + "key": { + "description": "The key to select", + "type": "string" + }, + "name": { + "description": "Name of the referent.", + "type": "string" + } + }, + "required": [ + "key", + "name" + ], + "type": "object" + }, + "secretAccessKey": { + "description": "The reference to the secret access key", + "properties": { + "key": { + "description": "The key to select", + "type": "string" + }, + "name": { + "description": "Name of the referent.", + "type": "string" + } + }, + "required": [ + "key", + "name" + ], + "type": "object" + }, + "sessionToken": { + "description": "The references to the session key", + "properties": { + "key": { + "description": "The key to select", + "type": "string" + }, + "name": { + "description": "Name of the referent.", + "type": "string" + } + }, + "required": [ + "key", + "name" + ], + "type": "object" + } + }, + "type": "object" + }, + "serverName": { + "description": "The server name on S3, the cluster name is used if this parameter is omitted", + "type": "string" + }, + "tags": { + "additionalProperties": { + "type": "string" + }, + "description": "Tags is a list of key value pairs that will be passed to the Barman --tags option.", + "type": "object" + }, + "wal": { + "description": "The configuration for the backup of the WAL stream. When not defined, WAL files will be stored uncompressed and may be unencrypted in the object store, according to the bucket default policy.", + "properties": { + "compression": { + "description": "Compress a WAL file before sending it to the object store. Available options are empty string (no compression, default), `gzip`, `bzip2` or `snappy`.", + "enum": [ + "gzip", + "bzip2", + "snappy" + ], + "type": "string" + }, + "encryption": { + "description": "Whenever to force the encryption of files (if the bucket is not already configured for that). Allowed options are empty string (use the bucket policy, default), `AES256` and `aws:kms`", + "enum": [ + "AES256", + "aws:kms" + ], + "type": "string" + }, + "maxParallel": { + "description": "Number of WAL files to be either archived in parallel (when the PostgreSQL instance is archiving to a backup object store) or restored in parallel (when a PostgreSQL standby is fetching WAL files from a recovery object store). If not specified, WAL files will be processed one at a time. It accepts a positive integer as a value - with 1 being the minimum accepted value.", + "minimum": 1, + "type": "integer" + } + }, + "type": "object" + } + }, + "required": [ + "destinationPath" + ], + "type": "object" + }, + "retentionPolicy": { + "description": "RetentionPolicy is the retention policy to be used for backups and WALs (i.e. '60d'). The retention policy is expressed in the form of `XXu` where `XX` is a positive integer and `u` is in `[dwm]` - days, weeks, months. It's currently only applicable when using the BarmanObjectStore method.", + "pattern": "^[1-9][0-9]*[dwm]$", + "type": "string" + }, + "target": { + "default": "prefer-standby", + "description": "The policy to decide which instance should perform backups. Available options are empty string, which will default to `prefer-standby` policy, `primary` to have backups run always on primary instances, `prefer-standby` to have backups run preferably on the most updated standby, if available.", + "enum": [ + "primary", + "prefer-standby" + ], + "type": "string" + }, + "volumeSnapshot": { + "description": "VolumeSnapshot provides the configuration for the execution of volume snapshot backups.", + "properties": { + "annotations": { + "additionalProperties": { + "type": "string" + }, + "description": "Annotations key-value pairs that will be added to .metadata.annotations snapshot resources.", + "type": "object" + }, + "className": { + "description": "ClassName specifies the Snapshot Class to be used for PG_DATA PersistentVolumeClaim. It is the default class for the other types if no specific class is present", + "type": "string" + }, + "labels": { + "additionalProperties": { + "type": "string" + }, + "description": "Labels are key-value pairs that will be added to .metadata.labels snapshot resources.", + "type": "object" + }, + "online": { + "default": true, + "description": "Whether the default type of backup with volume snapshots is online/hot (`true`, default) or offline/cold (`false`)", + "type": "boolean" + }, + "onlineConfiguration": { + "default": { + "immediateCheckpoint": false, + "waitForArchive": true + }, + "description": "Configuration parameters to control the online/hot backup with volume snapshots", + "properties": { + "immediateCheckpoint": { + "description": "Control whether the I/O workload for the backup initial checkpoint will be limited, according to the `checkpoint_completion_target` setting on the PostgreSQL server. If set to true, an immediate checkpoint will be used, meaning PostgreSQL will complete the checkpoint as soon as possible. `false` by default.", + "type": "boolean" + }, + "waitForArchive": { + "default": true, + "description": "If false, the function will return immediately after the backup is completed, without waiting for WAL to be archived. This behavior is only useful with backup software that independently monitors WAL archiving. Otherwise, WAL required to make the backup consistent might be missing and make the backup useless. By default, or when this parameter is true, pg_backup_stop will wait for WAL to be archived when archiving is enabled. On a standby, this means that it will wait only when archive_mode = always. If write activity on the primary is low, it may be useful to run pg_switch_wal on the primary in order to trigger an immediate segment switch.", + "type": "boolean" + } + }, + "type": "object" + }, + "snapshotOwnerReference": { + "default": "none", + "description": "SnapshotOwnerReference indicates the type of owner reference the snapshot should have", + "enum": [ + "none", + "cluster", + "backup" + ], + "type": "string" + }, + "tablespaceClassName": { + "additionalProperties": { + "type": "string" + }, + "description": "TablespaceClassName specifies the Snapshot Class to be used for the tablespaces. defaults to the PGDATA Snapshot Class, if set", + "type": "object" + }, + "walClassName": { + "description": "WalClassName specifies the Snapshot Class to be used for the PG_WAL PersistentVolumeClaim.", + "type": "string" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "bootstrap": { + "description": "Instructions to bootstrap this cluster", + "properties": { + "initdb": { + "description": "Bootstrap the cluster via initdb", + "properties": { + "dataChecksums": { + "description": "Whether the `-k` option should be passed to initdb, enabling checksums on data pages (default: `false`)", + "type": "boolean" + }, + "database": { + "description": "Name of the database used by the application. Default: `app`.", + "type": "string" + }, + "encoding": { + "description": "The value to be passed as option `--encoding` for initdb (default:`UTF8`)", + "type": "string" + }, + "import": { + "description": "Bootstraps the new cluster by importing data from an existing PostgreSQL instance using logical backup (`pg_dump` and `pg_restore`)", + "properties": { + "databases": { + "description": "The databases to import", + "items": { + "type": "string" + }, + "type": "array" + }, + "postImportApplicationSQL": { + "description": "List of SQL queries to be executed as a superuser in the application database right after is imported - to be used with extreme care (by default empty). Only available in microservice type.", + "items": { + "type": "string" + }, + "type": "array" + }, + "roles": { + "description": "The roles to import", + "items": { + "type": "string" + }, + "type": "array" + }, + "schemaOnly": { + "description": "When set to true, only the `pre-data` and `post-data` sections of `pg_restore` are invoked, avoiding data import. Default: `false`.", + "type": "boolean" + }, + "source": { + "description": "The source of the import", + "properties": { + "externalCluster": { + "description": "The name of the externalCluster used for import", + "type": "string" + } + }, + "required": [ + "externalCluster" + ], + "type": "object" + }, + "type": { + "description": "The import type. Can be `microservice` or `monolith`.", + "enum": [ + "microservice", + "monolith" + ], + "type": "string" + } + }, + "required": [ + "databases", + "source", + "type" + ], + "type": "object" + }, + "localeCType": { + "description": "The value to be passed as option `--lc-ctype` for initdb (default:`C`)", + "type": "string" + }, + "localeCollate": { + "description": "The value to be passed as option `--lc-collate` for initdb (default:`C`)", + "type": "string" + }, + "options": { + "description": "The list of options that must be passed to initdb when creating the cluster. Deprecated: This could lead to inconsistent configurations, please use the explicit provided parameters instead. If defined, explicit values will be ignored.", + "items": { + "type": "string" + }, + "type": "array" + }, + "owner": { + "description": "Name of the owner of the database in the instance to be used by applications. Defaults to the value of the `database` key.", + "type": "string" + }, + "postInitApplicationSQL": { + "description": "List of SQL queries to be executed as a superuser in the application database right after is created - to be used with extreme care (by default empty)", + "items": { + "type": "string" + }, + "type": "array" + }, + "postInitApplicationSQLRefs": { + "description": "PostInitApplicationSQLRefs points references to ConfigMaps or Secrets which contain SQL files, the general implementation order to these references is from all Secrets to all ConfigMaps, and inside Secrets or ConfigMaps, the implementation order is same as the order of each array (by default empty)", + "properties": { + "configMapRefs": { + "description": "ConfigMapRefs holds a list of references to ConfigMaps", + "items": { + "description": "ConfigMapKeySelector contains enough information to let you locate the key of a ConfigMap", + "properties": { + "key": { + "description": "The key to select", + "type": "string" + }, + "name": { + "description": "Name of the referent.", + "type": "string" + } + }, + "required": [ + "key", + "name" + ], + "type": "object" + }, + "type": "array" + }, + "secretRefs": { + "description": "SecretRefs holds a list of references to Secrets", + "items": { + "description": "SecretKeySelector contains enough information to let you locate the key of a Secret", + "properties": { + "key": { + "description": "The key to select", + "type": "string" + }, + "name": { + "description": "Name of the referent.", + "type": "string" + } + }, + "required": [ + "key", + "name" + ], + "type": "object" + }, + "type": "array" + } + }, + "type": "object" + }, + "postInitSQL": { + "description": "List of SQL queries to be executed as a superuser immediately after the cluster has been created - to be used with extreme care (by default empty)", + "items": { + "type": "string" + }, + "type": "array" + }, + "postInitTemplateSQL": { + "description": "List of SQL queries to be executed as a superuser in the `template1` after the cluster has been created - to be used with extreme care (by default empty)", + "items": { + "type": "string" + }, + "type": "array" + }, + "secret": { + "description": "Name of the secret containing the initial credentials for the owner of the user database. If empty a new secret will be created from scratch", + "properties": { + "name": { + "description": "Name of the referent.", + "type": "string" + } + }, + "required": [ + "name" + ], + "type": "object" + }, + "walSegmentSize": { + "description": "The value in megabytes (1 to 1024) to be passed to the `--wal-segsize` option for initdb (default: empty, resulting in PostgreSQL default: 16MB)", + "maximum": 1024, + "minimum": 1, + "type": "integer" + } + }, + "type": "object" + }, + "pg_basebackup": { + "description": "Bootstrap the cluster taking a physical backup of another compatible PostgreSQL instance", + "properties": { + "database": { + "description": "Name of the database used by the application. Default: `app`.", + "type": "string" + }, + "owner": { + "description": "Name of the owner of the database in the instance to be used by applications. Defaults to the value of the `database` key.", + "type": "string" + }, + "secret": { + "description": "Name of the secret containing the initial credentials for the owner of the user database. If empty a new secret will be created from scratch", + "properties": { + "name": { + "description": "Name of the referent.", + "type": "string" + } + }, + "required": [ + "name" + ], + "type": "object" + }, + "source": { + "description": "The name of the server of which we need to take a physical backup", + "minLength": 1, + "type": "string" + } + }, + "required": [ + "source" + ], + "type": "object" + }, + "recovery": { + "description": "Bootstrap the cluster from a backup", + "properties": { + "backup": { + "description": "The backup object containing the physical base backup from which to initiate the recovery procedure. Mutually exclusive with `source` and `volumeSnapshots`.", + "properties": { + "endpointCA": { + "description": "EndpointCA store the CA bundle of the barman endpoint. Useful when using self-signed certificates to avoid errors with certificate issuer and barman-cloud-wal-archive.", + "properties": { + "key": { + "description": "The key to select", + "type": "string" + }, + "name": { + "description": "Name of the referent.", + "type": "string" + } + }, + "required": [ + "key", + "name" + ], + "type": "object" + }, + "name": { + "description": "Name of the referent.", + "type": "string" + } + }, + "required": [ + "name" + ], + "type": "object" + }, + "database": { + "description": "Name of the database used by the application. Default: `app`.", + "type": "string" + }, + "owner": { + "description": "Name of the owner of the database in the instance to be used by applications. Defaults to the value of the `database` key.", + "type": "string" + }, + "recoveryTarget": { + "description": "By default, the recovery process applies all the available WAL files in the archive (full recovery). However, you can also end the recovery as soon as a consistent state is reached or recover to a point-in-time (PITR) by specifying a `RecoveryTarget` object, as expected by PostgreSQL (i.e., timestamp, transaction Id, LSN, ...). More info: https://www.postgresql.org/docs/current/runtime-config-wal.html#RUNTIME-CONFIG-WAL-RECOVERY-TARGET", + "properties": { + "backupID": { + "description": "The ID of the backup from which to start the recovery process. If empty (default) the operator will automatically detect the backup based on targetTime or targetLSN if specified. Otherwise use the latest available backup in chronological order.", + "type": "string" + }, + "exclusive": { + "description": "Set the target to be exclusive. If omitted, defaults to false, so that in Postgres, `recovery_target_inclusive` will be true", + "type": "boolean" + }, + "targetImmediate": { + "description": "End recovery as soon as a consistent state is reached", + "type": "boolean" + }, + "targetLSN": { + "description": "The target LSN (Log Sequence Number)", + "type": "string" + }, + "targetName": { + "description": "The target name (to be previously created with `pg_create_restore_point`)", + "type": "string" + }, + "targetTLI": { + "description": "The target timeline (\"latest\" or a positive integer)", + "type": "string" + }, + "targetTime": { + "description": "The target time as a timestamp in the RFC3339 standard", + "type": "string" + }, + "targetXID": { + "description": "The target transaction ID", + "type": "string" + } + }, + "type": "object" + }, + "secret": { + "description": "Name of the secret containing the initial credentials for the owner of the user database. If empty a new secret will be created from scratch", + "properties": { + "name": { + "description": "Name of the referent.", + "type": "string" + } + }, + "required": [ + "name" + ], + "type": "object" + }, + "source": { + "description": "The external cluster whose backup we will restore. This is also used as the name of the folder under which the backup is stored, so it must be set to the name of the source cluster Mutually exclusive with `backup`.", + "type": "string" + }, + "volumeSnapshots": { + "description": "The static PVC data source(s) from which to initiate the recovery procedure. Currently supporting `VolumeSnapshot` and `PersistentVolumeClaim` resources that map an existing PVC group, compatible with CloudNativePG, and taken with a cold backup copy on a fenced Postgres instance (limitation which will be removed in the future when online backup will be implemented). Mutually exclusive with `backup`.", + "properties": { + "storage": { + "description": "Configuration of the storage of the instances", + "properties": { + "apiGroup": { + "description": "APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required.", + "type": "string" + }, + "kind": { + "description": "Kind is the type of resource being referenced", + "type": "string" + }, + "name": { + "description": "Name is the name of resource being referenced", + "type": "string" + } + }, + "required": [ + "kind", + "name" + ], + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "tablespaceStorage": { + "additionalProperties": { + "description": "TypedLocalObjectReference contains enough information to let you locate the typed referenced object inside the same namespace.", + "properties": { + "apiGroup": { + "description": "APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required.", + "type": "string" + }, + "kind": { + "description": "Kind is the type of resource being referenced", + "type": "string" + }, + "name": { + "description": "Name is the name of resource being referenced", + "type": "string" + } + }, + "required": [ + "kind", + "name" + ], + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "description": "Configuration of the storage for PostgreSQL tablespaces", + "type": "object" + }, + "walStorage": { + "description": "Configuration of the storage for PostgreSQL WAL (Write-Ahead Log)", + "properties": { + "apiGroup": { + "description": "APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required.", + "type": "string" + }, + "kind": { + "description": "Kind is the type of resource being referenced", + "type": "string" + }, + "name": { + "description": "Name is the name of resource being referenced", + "type": "string" + } + }, + "required": [ + "kind", + "name" + ], + "type": "object", + "x-kubernetes-map-type": "atomic" + } + }, + "required": [ + "storage" + ], + "type": "object" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "certificates": { + "description": "The configuration for the CA and related certificates", + "properties": { + "clientCASecret": { + "description": "The secret containing the Client CA certificate. If not defined, a new secret will be created with a self-signed CA and will be used to generate all the client certificates.

Contains:

- `ca.crt`: CA that should be used to validate the client certificates, used as `ssl_ca_file` of all the instances.
- `ca.key`: key used to generate client certificates, if ReplicationTLSSecret is provided, this can be omitted.
", + "type": "string" + }, + "replicationTLSSecret": { + "description": "The secret of type kubernetes.io/tls containing the client certificate to authenticate as the `streaming_replica` user. If not defined, ClientCASecret must provide also `ca.key`, and a new secret will be created using the provided CA.", + "type": "string" + }, + "serverAltDNSNames": { + "description": "The list of the server alternative DNS names to be added to the generated server TLS certificates, when required.", + "items": { + "type": "string" + }, + "type": "array" + }, + "serverCASecret": { + "description": "The secret containing the Server CA certificate. If not defined, a new secret will be created with a self-signed CA and will be used to generate the TLS certificate ServerTLSSecret.

Contains:

- `ca.crt`: CA that should be used to validate the server certificate, used as `sslrootcert` in client connection strings.
- `ca.key`: key used to generate Server SSL certs, if ServerTLSSecret is provided, this can be omitted.
", + "type": "string" + }, + "serverTLSSecret": { + "description": "The secret of type kubernetes.io/tls containing the server TLS certificate and key that will be set as `ssl_cert_file` and `ssl_key_file` so that clients can connect to postgres securely. If not defined, ServerCASecret must provide also `ca.key` and a new secret will be created using the provided CA.", + "type": "string" + } + }, + "type": "object" + }, + "description": { + "description": "Description of this PostgreSQL cluster", + "type": "string" + }, + "enableSuperuserAccess": { + "default": false, + "description": "When this option is enabled, the operator will use the `SuperuserSecret` to update the `postgres` user password (if the secret is not present, the operator will automatically create one). When this option is disabled, the operator will ignore the `SuperuserSecret` content, delete it when automatically created, and then blank the password of the `postgres` user by setting it to `NULL`. Disabled by default.", + "type": "boolean" + }, + "env": { + "description": "Env follows the Env format to pass environment variables to the pods created in the cluster", + "items": { + "description": "EnvVar represents an environment variable present in a Container.", + "properties": { + "name": { + "description": "Name of the environment variable. Must be a C_IDENTIFIER.", + "type": "string" + }, + "value": { + "description": "Variable references $(VAR_NAME) are expanded using the previously defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to \"\".", + "type": "string" + }, + "valueFrom": { + "description": "Source for the environment variable's value. Cannot be used if value is not empty.", + "properties": { + "configMapKeyRef": { + "description": "Selects a key of a ConfigMap.", + "properties": { + "key": { + "description": "The key to select.", + "type": "string" + }, + "name": { + "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?", + "type": "string" + }, + "optional": { + "description": "Specify whether the ConfigMap or its key must be defined", + "type": "boolean" + } + }, + "required": [ + "key" + ], + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "fieldRef": { + "description": "Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs.", + "properties": { + "apiVersion": { + "description": "Version of the schema the FieldPath is written in terms of, defaults to \"v1\".", + "type": "string" + }, + "fieldPath": { + "description": "Path of the field to select in the specified API version.", + "type": "string" + } + }, + "required": [ + "fieldPath" + ], + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "resourceFieldRef": { + "description": "Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported.", + "properties": { + "containerName": { + "description": "Container name: required for volumes, optional for env vars", + "type": "string" + }, + "divisor": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "description": "Specifies the output format of the exposed resources, defaults to \"1\"", + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "resource": { + "description": "Required: resource to select", + "type": "string" + } + }, + "required": [ + "resource" + ], + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "secretKeyRef": { + "description": "Selects a key of a secret in the pod's namespace", + "properties": { + "key": { + "description": "The key of the secret to select from. Must be a valid secret key.", + "type": "string" + }, + "name": { + "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?", + "type": "string" + }, + "optional": { + "description": "Specify whether the Secret or its key must be defined", + "type": "boolean" + } + }, + "required": [ + "key" + ], + "type": "object", + "x-kubernetes-map-type": "atomic" + } + }, + "type": "object" + } + }, + "required": [ + "name" + ], + "type": "object" + }, + "type": "array" + }, + "envFrom": { + "description": "EnvFrom follows the EnvFrom format to pass environment variables sources to the pods to be used by Env", + "items": { + "description": "EnvFromSource represents the source of a set of ConfigMaps", + "properties": { + "configMapRef": { + "description": "The ConfigMap to select from", + "properties": { + "name": { + "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?", + "type": "string" + }, + "optional": { + "description": "Specify whether the ConfigMap must be defined", + "type": "boolean" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "prefix": { + "description": "An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER.", + "type": "string" + }, + "secretRef": { + "description": "The Secret to select from", + "properties": { + "name": { + "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?", + "type": "string" + }, + "optional": { + "description": "Specify whether the Secret must be defined", + "type": "boolean" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + } + }, + "type": "object" + }, + "type": "array" + }, + "ephemeralVolumeSource": { + "description": "EphemeralVolumeSource allows the user to configure the source of ephemeral volumes.", + "properties": { + "volumeClaimTemplate": { + "description": "Will be used to create a stand-alone PVC to provision the volume. The pod in which this EphemeralVolumeSource is embedded will be the owner of the PVC, i.e. the PVC will be deleted together with the pod. The name of the PVC will be `-` where `` is the name from the `PodSpec.Volumes` array entry. Pod validation will reject the pod if the concatenated name is not valid for a PVC (for example, too long). \n An existing PVC with that name that is not owned by the pod will *not* be used for the pod to avoid using an unrelated volume by mistake. Starting the pod is then blocked until the unrelated PVC is removed. If such a pre-created PVC is meant to be used by the pod, the PVC has to updated with an owner reference to the pod once the pod exists. Normally this should not be necessary, but it may be useful when manually reconstructing a broken cluster. \n This field is read-only and no changes will be made by Kubernetes to the PVC after it has been created. \n Required, must not be nil.", + "properties": { + "metadata": { + "description": "May contain labels and annotations that will be copied into the PVC when creating it. No other fields are allowed and will be rejected during validation.", + "type": "object" + }, + "spec": { + "description": "The specification for the PersistentVolumeClaim. The entire content is copied unchanged into the PVC that gets created from this template. The same fields as in a PersistentVolumeClaim are also valid here.", + "properties": { + "accessModes": { + "description": "accessModes contains the desired access modes the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1", + "items": { + "type": "string" + }, + "type": "array" + }, + "dataSource": { + "description": "dataSource field can be used to specify either: * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) * An existing PVC (PersistentVolumeClaim) If the provisioner or an external controller can support the specified data source, it will create a new volume based on the contents of the specified data source. When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. If the namespace is specified, then dataSourceRef will not be copied to dataSource.", + "properties": { + "apiGroup": { + "description": "APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required.", + "type": "string" + }, + "kind": { + "description": "Kind is the type of resource being referenced", + "type": "string" + }, + "name": { + "description": "Name is the name of resource being referenced", + "type": "string" + } + }, + "required": [ + "kind", + "name" + ], + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "dataSourceRef": { + "description": "dataSourceRef specifies the object from which to populate the volume with data, if a non-empty volume is desired. This may be any object from a non-empty API group (non core object) or a PersistentVolumeClaim object. When this field is specified, volume binding will only succeed if the type of the specified object matches some installed volume populator or dynamic provisioner. This field will replace the functionality of the dataSource field and as such if both fields are non-empty, they must have the same value. For backwards compatibility, when namespace isn't specified in dataSourceRef, both fields (dataSource and dataSourceRef) will be set to the same value automatically if one of them is empty and the other is non-empty. When namespace is specified in dataSourceRef, dataSource isn't set to the same value and must be empty. There are three important differences between dataSource and dataSourceRef: * While dataSource only allows two specific types of objects, dataSourceRef allows any non-core object, as well as PersistentVolumeClaim objects. * While dataSource ignores disallowed values (dropping them), dataSourceRef preserves all values, and generates an error if a disallowed value is specified. * While dataSource only allows local objects, dataSourceRef allows objects in any namespaces. (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled.", + "properties": { + "apiGroup": { + "description": "APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required.", + "type": "string" + }, + "kind": { + "description": "Kind is the type of resource being referenced", + "type": "string" + }, + "name": { + "description": "Name is the name of resource being referenced", + "type": "string" + }, + "namespace": { + "description": "Namespace is the namespace of resource being referenced Note that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details. (Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled.", + "type": "string" + } + }, + "required": [ + "kind", + "name" + ], + "type": "object" + }, + "resources": { + "description": "resources represents the minimum resources the volume should have. If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements that are lower than previous value but must still be higher than capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources", + "properties": { + "claims": { + "description": "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers.", + "items": { + "description": "ResourceClaim references one entry in PodSpec.ResourceClaims.", + "properties": { + "name": { + "description": "Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container.", + "type": "string" + } + }, + "required": [ + "name" + ], + "type": "object" + }, + "type": "array", + "x-kubernetes-list-map-keys": [ + "name" + ], + "x-kubernetes-list-type": "map" + }, + "limits": { + "additionalProperties": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "description": "Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/", + "type": "object" + }, + "requests": { + "additionalProperties": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "description": "Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/", + "type": "object" + } + }, + "type": "object" + }, + "selector": { + "description": "selector is a label query over volumes to consider for binding.", + "properties": { + "matchExpressions": { + "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", + "items": { + "description": "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.", + "properties": { + "key": { + "description": "key is the label key that the selector applies to.", + "type": "string" + }, + "operator": { + "description": "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.", + "type": "string" + }, + "values": { + "description": "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array" + }, + "matchLabels": { + "additionalProperties": { + "type": "string" + }, + "description": "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", + "type": "object" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "storageClassName": { + "description": "storageClassName is the name of the StorageClass required by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1", + "type": "string" + }, + "volumeMode": { + "description": "volumeMode defines what type of volume is required by the claim. Value of Filesystem is implied when not included in claim spec.", + "type": "string" + }, + "volumeName": { + "description": "volumeName is the binding reference to the PersistentVolume backing this claim.", + "type": "string" + } + }, + "type": "object" + } + }, + "required": [ + "spec" + ], + "type": "object" + } + }, + "type": "object" + }, + "ephemeralVolumesSizeLimit": { + "description": "EphemeralVolumesSizeLimit allows the user to set the limits for the ephemeral volumes", + "properties": { + "shm": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "description": "Shm is the size limit of the shared memory volume", + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "temporaryData": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "description": "TemporaryData is the size limit of the temporary data volume", + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + } + }, + "type": "object" + }, + "externalClusters": { + "description": "The list of external clusters which are used in the configuration", + "items": { + "description": "ExternalCluster represents the connection parameters to an external cluster which is used in the other sections of the configuration", + "properties": { + "barmanObjectStore": { + "description": "The configuration for the barman-cloud tool suite", + "properties": { + "azureCredentials": { + "description": "The credentials to use to upload data to Azure Blob Storage", + "properties": { + "connectionString": { + "description": "The connection string to be used", + "properties": { + "key": { + "description": "The key to select", + "type": "string" + }, + "name": { + "description": "Name of the referent.", + "type": "string" + } + }, + "required": [ + "key", + "name" + ], + "type": "object" + }, + "inheritFromAzureAD": { + "description": "Use the Azure AD based authentication without providing explicitly the keys.", + "type": "boolean" + }, + "storageAccount": { + "description": "The storage account where to upload data", + "properties": { + "key": { + "description": "The key to select", + "type": "string" + }, + "name": { + "description": "Name of the referent.", + "type": "string" + } + }, + "required": [ + "key", + "name" + ], + "type": "object" + }, + "storageKey": { + "description": "The storage account key to be used in conjunction with the storage account name", + "properties": { + "key": { + "description": "The key to select", + "type": "string" + }, + "name": { + "description": "Name of the referent.", + "type": "string" + } + }, + "required": [ + "key", + "name" + ], + "type": "object" + }, + "storageSasToken": { + "description": "A shared-access-signature to be used in conjunction with the storage account name", + "properties": { + "key": { + "description": "The key to select", + "type": "string" + }, + "name": { + "description": "Name of the referent.", + "type": "string" + } + }, + "required": [ + "key", + "name" + ], + "type": "object" + } + }, + "type": "object" + }, + "data": { + "description": "The configuration to be used to backup the data files When not defined, base backups files will be stored uncompressed and may be unencrypted in the object store, according to the bucket default policy.", + "properties": { + "compression": { + "description": "Compress a backup file (a tar file per tablespace) while streaming it to the object store. Available options are empty string (no compression, default), `gzip`, `bzip2` or `snappy`.", + "enum": [ + "gzip", + "bzip2", + "snappy" + ], + "type": "string" + }, + "encryption": { + "description": "Whenever to force the encryption of files (if the bucket is not already configured for that). Allowed options are empty string (use the bucket policy, default), `AES256` and `aws:kms`", + "enum": [ + "AES256", + "aws:kms" + ], + "type": "string" + }, + "immediateCheckpoint": { + "description": "Control whether the I/O workload for the backup initial checkpoint will be limited, according to the `checkpoint_completion_target` setting on the PostgreSQL server. If set to true, an immediate checkpoint will be used, meaning PostgreSQL will complete the checkpoint as soon as possible. `false` by default.", + "type": "boolean" + }, + "jobs": { + "description": "The number of parallel jobs to be used to upload the backup, defaults to 2", + "format": "int32", + "minimum": 1, + "type": "integer" + } + }, + "type": "object" + }, + "destinationPath": { + "description": "The path where to store the backup (i.e. s3://bucket/path/to/folder) this path, with different destination folders, will be used for WALs and for data", + "minLength": 1, + "type": "string" + }, + "endpointCA": { + "description": "EndpointCA store the CA bundle of the barman endpoint. Useful when using self-signed certificates to avoid errors with certificate issuer and barman-cloud-wal-archive", + "properties": { + "key": { + "description": "The key to select", + "type": "string" + }, + "name": { + "description": "Name of the referent.", + "type": "string" + } + }, + "required": [ + "key", + "name" + ], + "type": "object" + }, + "endpointURL": { + "description": "Endpoint to be used to upload data to the cloud, overriding the automatic endpoint discovery", + "type": "string" + }, + "googleCredentials": { + "description": "The credentials to use to upload data to Google Cloud Storage", + "properties": { + "applicationCredentials": { + "description": "The secret containing the Google Cloud Storage JSON file with the credentials", + "properties": { + "key": { + "description": "The key to select", + "type": "string" + }, + "name": { + "description": "Name of the referent.", + "type": "string" + } + }, + "required": [ + "key", + "name" + ], + "type": "object" + }, + "gkeEnvironment": { + "description": "If set to true, will presume that it's running inside a GKE environment, default to false.", + "type": "boolean" + } + }, + "type": "object" + }, + "historyTags": { + "additionalProperties": { + "type": "string" + }, + "description": "HistoryTags is a list of key value pairs that will be passed to the Barman --history-tags option.", + "type": "object" + }, + "s3Credentials": { + "description": "The credentials to use to upload data to S3", + "properties": { + "accessKeyId": { + "description": "The reference to the access key id", + "properties": { + "key": { + "description": "The key to select", + "type": "string" + }, + "name": { + "description": "Name of the referent.", + "type": "string" + } + }, + "required": [ + "key", + "name" + ], + "type": "object" + }, + "inheritFromIAMRole": { + "description": "Use the role based authentication without providing explicitly the keys.", + "type": "boolean" + }, + "region": { + "description": "The reference to the secret containing the region name", + "properties": { + "key": { + "description": "The key to select", + "type": "string" + }, + "name": { + "description": "Name of the referent.", + "type": "string" + } + }, + "required": [ + "key", + "name" + ], + "type": "object" + }, + "secretAccessKey": { + "description": "The reference to the secret access key", + "properties": { + "key": { + "description": "The key to select", + "type": "string" + }, + "name": { + "description": "Name of the referent.", + "type": "string" + } + }, + "required": [ + "key", + "name" + ], + "type": "object" + }, + "sessionToken": { + "description": "The references to the session key", + "properties": { + "key": { + "description": "The key to select", + "type": "string" + }, + "name": { + "description": "Name of the referent.", + "type": "string" + } + }, + "required": [ + "key", + "name" + ], + "type": "object" + } + }, + "type": "object" + }, + "serverName": { + "description": "The server name on S3, the cluster name is used if this parameter is omitted", + "type": "string" + }, + "tags": { + "additionalProperties": { + "type": "string" + }, + "description": "Tags is a list of key value pairs that will be passed to the Barman --tags option.", + "type": "object" + }, + "wal": { + "description": "The configuration for the backup of the WAL stream. When not defined, WAL files will be stored uncompressed and may be unencrypted in the object store, according to the bucket default policy.", + "properties": { + "compression": { + "description": "Compress a WAL file before sending it to the object store. Available options are empty string (no compression, default), `gzip`, `bzip2` or `snappy`.", + "enum": [ + "gzip", + "bzip2", + "snappy" + ], + "type": "string" + }, + "encryption": { + "description": "Whenever to force the encryption of files (if the bucket is not already configured for that). Allowed options are empty string (use the bucket policy, default), `AES256` and `aws:kms`", + "enum": [ + "AES256", + "aws:kms" + ], + "type": "string" + }, + "maxParallel": { + "description": "Number of WAL files to be either archived in parallel (when the PostgreSQL instance is archiving to a backup object store) or restored in parallel (when a PostgreSQL standby is fetching WAL files from a recovery object store). If not specified, WAL files will be processed one at a time. It accepts a positive integer as a value - with 1 being the minimum accepted value.", + "minimum": 1, + "type": "integer" + } + }, + "type": "object" + } + }, + "required": [ + "destinationPath" + ], + "type": "object" + }, + "connectionParameters": { + "additionalProperties": { + "type": "string" + }, + "description": "The list of connection parameters, such as dbname, host, username, etc", + "type": "object" + }, + "name": { + "description": "The server name, required", + "type": "string" + }, + "password": { + "description": "The reference to the password to be used to connect to the server. If a password is provided, CloudNativePG creates a PostgreSQL passfile at `/controller/external/NAME/pass` (where \"NAME\" is the cluster's name). This passfile is automatically referenced in the connection string when establishing a connection to the remote PostgreSQL server from the current PostgreSQL `Cluster`. This ensures secure and efficient password management for external clusters.", + "properties": { + "key": { + "description": "The key of the secret to select from. Must be a valid secret key.", + "type": "string" + }, + "name": { + "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?", + "type": "string" + }, + "optional": { + "description": "Specify whether the Secret or its key must be defined", + "type": "boolean" + } + }, + "required": [ + "key" + ], + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "sslCert": { + "description": "The reference to an SSL certificate to be used to connect to this instance", + "properties": { + "key": { + "description": "The key of the secret to select from. Must be a valid secret key.", + "type": "string" + }, + "name": { + "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?", + "type": "string" + }, + "optional": { + "description": "Specify whether the Secret or its key must be defined", + "type": "boolean" + } + }, + "required": [ + "key" + ], + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "sslKey": { + "description": "The reference to an SSL private key to be used to connect to this instance", + "properties": { + "key": { + "description": "The key of the secret to select from. Must be a valid secret key.", + "type": "string" + }, + "name": { + "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?", + "type": "string" + }, + "optional": { + "description": "Specify whether the Secret or its key must be defined", + "type": "boolean" + } + }, + "required": [ + "key" + ], + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "sslRootCert": { + "description": "The reference to an SSL CA public key to be used to connect to this instance", + "properties": { + "key": { + "description": "The key of the secret to select from. Must be a valid secret key.", + "type": "string" + }, + "name": { + "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?", + "type": "string" + }, + "optional": { + "description": "Specify whether the Secret or its key must be defined", + "type": "boolean" + } + }, + "required": [ + "key" + ], + "type": "object", + "x-kubernetes-map-type": "atomic" + } + }, + "required": [ + "name" + ], + "type": "object" + }, + "type": "array" + }, + "failoverDelay": { + "default": 0, + "description": "The amount of time (in seconds) to wait before triggering a failover after the primary PostgreSQL instance in the cluster was detected to be unhealthy", + "format": "int32", + "type": "integer" + }, + "imageName": { + "description": "Name of the container image, supporting both tags (`:`) and digests for deterministic and repeatable deployments (`:@sha256:`)", + "type": "string" + }, + "imagePullPolicy": { + "description": "Image pull policy. One of `Always`, `Never` or `IfNotPresent`. If not defined, it defaults to `IfNotPresent`. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images", + "type": "string" + }, + "imagePullSecrets": { + "description": "The list of pull secrets to be used to pull the images", + "items": { + "description": "LocalObjectReference contains enough information to let you locate a local object with a known type inside the same namespace", + "properties": { + "name": { + "description": "Name of the referent.", + "type": "string" + } + }, + "required": [ + "name" + ], + "type": "object" + }, + "type": "array" + }, + "inheritedMetadata": { + "description": "Metadata that will be inherited by all objects related to the Cluster", + "properties": { + "annotations": { + "additionalProperties": { + "type": "string" + }, + "type": "object" + }, + "labels": { + "additionalProperties": { + "type": "string" + }, + "type": "object" + } + }, + "type": "object" + }, + "instances": { + "default": 1, + "description": "Number of instances required in the cluster", + "minimum": 1, + "type": "integer" + }, + "logLevel": { + "default": "info", + "description": "The instances' log level, one of the following values: error, warning, info (default), debug, trace", + "enum": [ + "error", + "warning", + "info", + "debug", + "trace" + ], + "type": "string" + }, + "managed": { + "description": "The configuration that is used by the portions of PostgreSQL that are managed by the instance manager", + "properties": { + "roles": { + "description": "Database roles managed by the `Cluster`", + "items": { + "description": "RoleConfiguration is the representation, in Kubernetes, of a PostgreSQL role with the additional field Ensure specifying whether to ensure the presence or absence of the role in the database \n The defaults of the CREATE ROLE command are applied Reference: https://www.postgresql.org/docs/current/sql-createrole.html", + "properties": { + "bypassrls": { + "description": "Whether a role bypasses every row-level security (RLS) policy. Default is `false`.", + "type": "boolean" + }, + "comment": { + "description": "Description of the role", + "type": "string" + }, + "connectionLimit": { + "default": -1, + "description": "If the role can log in, this specifies how many concurrent connections the role can make. `-1` (the default) means no limit.", + "format": "int64", + "type": "integer" + }, + "createdb": { + "description": "When set to `true`, the role being defined will be allowed to create new databases. Specifying `false` (default) will deny a role the ability to create databases.", + "type": "boolean" + }, + "createrole": { + "description": "Whether the role will be permitted to create, alter, drop, comment on, change the security label for, and grant or revoke membership in other roles. Default is `false`.", + "type": "boolean" + }, + "disablePassword": { + "description": "DisablePassword indicates that a role's password should be set to NULL in Postgres", + "type": "boolean" + }, + "ensure": { + "default": "present", + "description": "Ensure the role is `present` or `absent` - defaults to \"present\"", + "enum": [ + "present", + "absent" + ], + "type": "string" + }, + "inRoles": { + "description": "List of one or more existing roles to which this role will be immediately added as a new member. Default empty.", + "items": { + "type": "string" + }, + "type": "array" + }, + "inherit": { + "default": true, + "description": "Whether a role \"inherits\" the privileges of roles it is a member of. Defaults is `true`.", + "type": "boolean" + }, + "login": { + "description": "Whether the role is allowed to log in. A role having the `login` attribute can be thought of as a user. Roles without this attribute are useful for managing database privileges, but are not users in the usual sense of the word. Default is `false`.", + "type": "boolean" + }, + "name": { + "description": "Name of the role", + "type": "string" + }, + "passwordSecret": { + "description": "Secret containing the password of the role (if present) If null, the password will be ignored unless DisablePassword is set", + "properties": { + "name": { + "description": "Name of the referent.", + "type": "string" + } + }, + "required": [ + "name" + ], + "type": "object" + }, + "replication": { + "description": "Whether a role is a replication role. A role must have this attribute (or be a superuser) in order to be able to connect to the server in replication mode (physical or logical replication) and in order to be able to create or drop replication slots. A role having the `replication` attribute is a very highly privileged role, and should only be used on roles actually used for replication. Default is `false`.", + "type": "boolean" + }, + "superuser": { + "description": "Whether the role is a `superuser` who can override all access restrictions within the database - superuser status is dangerous and should be used only when really needed. You must yourself be a superuser to create a new superuser. Defaults is `false`.", + "type": "boolean" + }, + "validUntil": { + "description": "Date and time after which the role's password is no longer valid. When omitted, the password will never expire (default).", + "format": "date-time", + "type": "string" + } + }, + "required": [ + "name" + ], + "type": "object" + }, + "type": "array" + } + }, + "type": "object" + }, + "maxSyncReplicas": { + "default": 0, + "description": "The target value for the synchronous replication quorum, that can be decreased if the number of ready standbys is lower than this. Undefined or 0 disable synchronous replication.", + "minimum": 0, + "type": "integer" + }, + "minSyncReplicas": { + "default": 0, + "description": "Minimum number of instances required in synchronous replication with the primary. Undefined or 0 allow writes to complete when no standby is available.", + "minimum": 0, + "type": "integer" + }, + "monitoring": { + "description": "The configuration of the monitoring infrastructure of this cluster", + "properties": { + "customQueriesConfigMap": { + "description": "The list of config maps containing the custom queries", + "items": { + "description": "ConfigMapKeySelector contains enough information to let you locate the key of a ConfigMap", + "properties": { + "key": { + "description": "The key to select", + "type": "string" + }, + "name": { + "description": "Name of the referent.", + "type": "string" + } + }, + "required": [ + "key", + "name" + ], + "type": "object" + }, + "type": "array" + }, + "customQueriesSecret": { + "description": "The list of secrets containing the custom queries", + "items": { + "description": "SecretKeySelector contains enough information to let you locate the key of a Secret", + "properties": { + "key": { + "description": "The key to select", + "type": "string" + }, + "name": { + "description": "Name of the referent.", + "type": "string" + } + }, + "required": [ + "key", + "name" + ], + "type": "object" + }, + "type": "array" + }, + "disableDefaultQueries": { + "default": false, + "description": "Whether the default queries should be injected. Set it to `true` if you don't want to inject default queries into the cluster. Default: false.", + "type": "boolean" + }, + "enablePodMonitor": { + "default": false, + "description": "Enable or disable the `PodMonitor`", + "type": "boolean" + }, + "podMonitorMetricRelabelings": { + "description": "The list of metric relabelings for the `PodMonitor`. Applied to samples before ingestion.", + "items": { + "description": "RelabelConfig allows dynamic rewriting of the label set for targets, alerts, scraped samples and remote write samples. \n More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#relabel_config", + "properties": { + "action": { + "default": "replace", + "description": "Action to perform based on the regex matching. \n `Uppercase` and `Lowercase` actions require Prometheus >= v2.36.0. `DropEqual` and `KeepEqual` actions require Prometheus >= v2.41.0. \n Default: \"Replace\"", + "enum": [ + "replace", + "Replace", + "keep", + "Keep", + "drop", + "Drop", + "hashmod", + "HashMod", + "labelmap", + "LabelMap", + "labeldrop", + "LabelDrop", + "labelkeep", + "LabelKeep", + "lowercase", + "Lowercase", + "uppercase", + "Uppercase", + "keepequal", + "KeepEqual", + "dropequal", + "DropEqual" + ], + "type": "string" + }, + "modulus": { + "description": "Modulus to take of the hash of the source label values. \n Only applicable when the action is `HashMod`.", + "format": "int64", + "type": "integer" + }, + "regex": { + "description": "Regular expression against which the extracted value is matched.", + "type": "string" + }, + "replacement": { + "description": "Replacement value against which a Replace action is performed if the regular expression matches. \n Regex capture groups are available.", + "type": "string" + }, + "separator": { + "description": "Separator is the string between concatenated SourceLabels.", + "type": "string" + }, + "sourceLabels": { + "description": "The source labels select values from existing labels. Their content is concatenated using the configured Separator and matched against the configured regular expression.", + "items": { + "description": "LabelName is a valid Prometheus label name which may only contain ASCII letters, numbers, as well as underscores.", + "pattern": "^[a-zA-Z_][a-zA-Z0-9_]*$", + "type": "string" + }, + "type": "array" + }, + "targetLabel": { + "description": "Label to which the resulting string is written in a replacement. \n It is mandatory for `Replace`, `HashMod`, `Lowercase`, `Uppercase`, `KeepEqual` and `DropEqual` actions. \n Regex capture groups are available.", + "type": "string" + } + }, + "type": "object" + }, + "type": "array" + }, + "podMonitorRelabelings": { + "description": "The list of relabelings for the `PodMonitor`. Applied to samples before scraping.", + "items": { + "description": "RelabelConfig allows dynamic rewriting of the label set for targets, alerts, scraped samples and remote write samples. \n More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#relabel_config", + "properties": { + "action": { + "default": "replace", + "description": "Action to perform based on the regex matching. \n `Uppercase` and `Lowercase` actions require Prometheus >= v2.36.0. `DropEqual` and `KeepEqual` actions require Prometheus >= v2.41.0. \n Default: \"Replace\"", + "enum": [ + "replace", + "Replace", + "keep", + "Keep", + "drop", + "Drop", + "hashmod", + "HashMod", + "labelmap", + "LabelMap", + "labeldrop", + "LabelDrop", + "labelkeep", + "LabelKeep", + "lowercase", + "Lowercase", + "uppercase", + "Uppercase", + "keepequal", + "KeepEqual", + "dropequal", + "DropEqual" + ], + "type": "string" + }, + "modulus": { + "description": "Modulus to take of the hash of the source label values. \n Only applicable when the action is `HashMod`.", + "format": "int64", + "type": "integer" + }, + "regex": { + "description": "Regular expression against which the extracted value is matched.", + "type": "string" + }, + "replacement": { + "description": "Replacement value against which a Replace action is performed if the regular expression matches. \n Regex capture groups are available.", + "type": "string" + }, + "separator": { + "description": "Separator is the string between concatenated SourceLabels.", + "type": "string" + }, + "sourceLabels": { + "description": "The source labels select values from existing labels. Their content is concatenated using the configured Separator and matched against the configured regular expression.", + "items": { + "description": "LabelName is a valid Prometheus label name which may only contain ASCII letters, numbers, as well as underscores.", + "pattern": "^[a-zA-Z_][a-zA-Z0-9_]*$", + "type": "string" + }, + "type": "array" + }, + "targetLabel": { + "description": "Label to which the resulting string is written in a replacement. \n It is mandatory for `Replace`, `HashMod`, `Lowercase`, `Uppercase`, `KeepEqual` and `DropEqual` actions. \n Regex capture groups are available.", + "type": "string" + } + }, + "type": "object" + }, + "type": "array" + } + }, + "type": "object" + }, + "nodeMaintenanceWindow": { + "description": "Define a maintenance window for the Kubernetes nodes", + "properties": { + "inProgress": { + "default": false, + "description": "Is there a node maintenance activity in progress?", + "type": "boolean" + }, + "reusePVC": { + "default": true, + "description": "Reuse the existing PVC (wait for the node to come up again) or not (recreate it elsewhere - when `instances` >1)", + "type": "boolean" + } + }, + "type": "object" + }, + "postgresGID": { + "default": 26, + "description": "The GID of the `postgres` user inside the image, defaults to `26`", + "format": "int64", + "type": "integer" + }, + "postgresUID": { + "default": 26, + "description": "The UID of the `postgres` user inside the image, defaults to `26`", + "format": "int64", + "type": "integer" + }, + "postgresql": { + "description": "Configuration of the PostgreSQL server", + "properties": { + "enableAlterSystem": { + "description": "If this parameter is true, the user will be able to invoke `ALTER SYSTEM` on this CloudNativePG Cluster. This should only be used for debugging and troubleshooting. Defaults to false.", + "type": "boolean" + }, + "ldap": { + "description": "Options to specify LDAP configuration", + "properties": { + "bindAsAuth": { + "description": "Bind as authentication configuration", + "properties": { + "prefix": { + "description": "Prefix for the bind authentication option", + "type": "string" + }, + "suffix": { + "description": "Suffix for the bind authentication option", + "type": "string" + } + }, + "type": "object" + }, + "bindSearchAuth": { + "description": "Bind+Search authentication configuration", + "properties": { + "baseDN": { + "description": "Root DN to begin the user search", + "type": "string" + }, + "bindDN": { + "description": "DN of the user to bind to the directory", + "type": "string" + }, + "bindPassword": { + "description": "Secret with the password for the user to bind to the directory", + "properties": { + "key": { + "description": "The key of the secret to select from. Must be a valid secret key.", + "type": "string" + }, + "name": { + "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?", + "type": "string" + }, + "optional": { + "description": "Specify whether the Secret or its key must be defined", + "type": "boolean" + } + }, + "required": [ + "key" + ], + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "searchAttribute": { + "description": "Attribute to match against the username", + "type": "string" + }, + "searchFilter": { + "description": "Search filter to use when doing the search+bind authentication", + "type": "string" + } + }, + "type": "object" + }, + "port": { + "description": "LDAP server port", + "type": "integer" + }, + "scheme": { + "description": "LDAP schema to be used, possible options are `ldap` and `ldaps`", + "enum": [ + "ldap", + "ldaps" + ], + "type": "string" + }, + "server": { + "description": "LDAP hostname or IP address", + "type": "string" + }, + "tls": { + "description": "Set to 'true' to enable LDAP over TLS. 'false' is default", + "type": "boolean" + } + }, + "type": "object" + }, + "parameters": { + "additionalProperties": { + "type": "string" + }, + "description": "PostgreSQL configuration options (postgresql.conf)", + "type": "object" + }, + "pg_hba": { + "description": "PostgreSQL Host Based Authentication rules (lines to be appended to the pg_hba.conf file)", + "items": { + "type": "string" + }, + "type": "array" + }, + "pg_ident": { + "description": "PostgreSQL User Name Maps rules (lines to be appended to the pg_ident.conf file)", + "items": { + "type": "string" + }, + "type": "array" + }, + "promotionTimeout": { + "description": "Specifies the maximum number of seconds to wait when promoting an instance to primary. Default value is 40000000, greater than one year in seconds, big enough to simulate an infinite timeout", + "format": "int32", + "type": "integer" + }, + "shared_preload_libraries": { + "description": "Lists of shared preload libraries to add to the default ones", + "items": { + "type": "string" + }, + "type": "array" + }, + "syncReplicaElectionConstraint": { + "description": "Requirements to be met by sync replicas. This will affect how the \"synchronous_standby_names\" parameter will be set up.", + "properties": { + "enabled": { + "description": "This flag enables the constraints for sync replicas", + "type": "boolean" + }, + "nodeLabelsAntiAffinity": { + "description": "A list of node labels values to extract and compare to evaluate if the pods reside in the same topology or not", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "enabled" + ], + "type": "object" + } + }, + "type": "object" + }, + "primaryUpdateMethod": { + "default": "restart", + "description": "Method to follow to upgrade the primary server during a rolling update procedure, after all replicas have been successfully updated: it can be with a switchover (`switchover`) or in-place (`restart` - default)", + "enum": [ + "switchover", + "restart" + ], + "type": "string" + }, + "primaryUpdateStrategy": { + "default": "unsupervised", + "description": "Deployment strategy to follow to upgrade the primary server during a rolling update procedure, after all replicas have been successfully updated: it can be automated (`unsupervised` - default) or manual (`supervised`)", + "enum": [ + "unsupervised", + "supervised" + ], + "type": "string" + }, + "priorityClassName": { + "description": "Name of the priority class which will be used in every generated Pod, if the PriorityClass specified does not exist, the pod will not be able to schedule. Please refer to https://kubernetes.io/docs/concepts/scheduling-eviction/pod-priority-preemption/#priorityclass for more information", + "type": "string" + }, + "projectedVolumeTemplate": { + "description": "Template to be used to define projected volumes, projected volumes will be mounted under `/projected` base folder", + "properties": { + "defaultMode": { + "description": "defaultMode are the mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.", + "format": "int32", + "type": "integer" + }, + "sources": { + "description": "sources is the list of volume projections", + "items": { + "description": "Projection that may be projected along with other supported volume types", + "properties": { + "configMap": { + "description": "configMap information about the configMap data to project", + "properties": { + "items": { + "description": "items if unspecified, each key-value pair in the Data field of the referenced ConfigMap will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the ConfigMap, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'.", + "items": { + "description": "Maps a string key to a path within a volume.", + "properties": { + "key": { + "description": "key is the key to project.", + "type": "string" + }, + "mode": { + "description": "mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.", + "format": "int32", + "type": "integer" + }, + "path": { + "description": "path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'.", + "type": "string" + } + }, + "required": [ + "key", + "path" + ], + "type": "object" + }, + "type": "array" + }, + "name": { + "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?", + "type": "string" + }, + "optional": { + "description": "optional specify whether the ConfigMap or its keys must be defined", + "type": "boolean" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "downwardAPI": { + "description": "downwardAPI information about the downwardAPI data to project", + "properties": { + "items": { + "description": "Items is a list of DownwardAPIVolume file", + "items": { + "description": "DownwardAPIVolumeFile represents information to create the file containing the pod field", + "properties": { + "fieldRef": { + "description": "Required: Selects a field of the pod: only annotations, labels, name and namespace are supported.", + "properties": { + "apiVersion": { + "description": "Version of the schema the FieldPath is written in terms of, defaults to \"v1\".", + "type": "string" + }, + "fieldPath": { + "description": "Path of the field to select in the specified API version.", + "type": "string" + } + }, + "required": [ + "fieldPath" + ], + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "mode": { + "description": "Optional: mode bits used to set permissions on this file, must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.", + "format": "int32", + "type": "integer" + }, + "path": { + "description": "Required: Path is the relative path name of the file to be created. Must not be absolute or contain the '..' path. Must be utf-8 encoded. The first item of the relative path must not start with '..'", + "type": "string" + }, + "resourceFieldRef": { + "description": "Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported.", + "properties": { + "containerName": { + "description": "Container name: required for volumes, optional for env vars", + "type": "string" + }, + "divisor": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "description": "Specifies the output format of the exposed resources, defaults to \"1\"", + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "resource": { + "description": "Required: resource to select", + "type": "string" + } + }, + "required": [ + "resource" + ], + "type": "object", + "x-kubernetes-map-type": "atomic" + } + }, + "required": [ + "path" + ], + "type": "object" + }, + "type": "array" + } + }, + "type": "object" + }, + "secret": { + "description": "secret information about the secret data to project", + "properties": { + "items": { + "description": "items if unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'.", + "items": { + "description": "Maps a string key to a path within a volume.", + "properties": { + "key": { + "description": "key is the key to project.", + "type": "string" + }, + "mode": { + "description": "mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.", + "format": "int32", + "type": "integer" + }, + "path": { + "description": "path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'.", + "type": "string" + } + }, + "required": [ + "key", + "path" + ], + "type": "object" + }, + "type": "array" + }, + "name": { + "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?", + "type": "string" + }, + "optional": { + "description": "optional field specify whether the Secret or its key must be defined", + "type": "boolean" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "serviceAccountToken": { + "description": "serviceAccountToken is information about the serviceAccountToken data to project", + "properties": { + "audience": { + "description": "audience is the intended audience of the token. A recipient of a token must identify itself with an identifier specified in the audience of the token, and otherwise should reject the token. The audience defaults to the identifier of the apiserver.", + "type": "string" + }, + "expirationSeconds": { + "description": "expirationSeconds is the requested duration of validity of the service account token. As the token approaches expiration, the kubelet volume plugin will proactively rotate the service account token. The kubelet will start trying to rotate the token if the token is older than 80 percent of its time to live or if the token is older than 24 hours.Defaults to 1 hour and must be at least 10 minutes.", + "format": "int64", + "type": "integer" + }, + "path": { + "description": "path is the path relative to the mount point of the file to project the token into.", + "type": "string" + } + }, + "required": [ + "path" + ], + "type": "object" + } + }, + "type": "object" + }, + "type": "array" + } + }, + "type": "object" + }, + "replica": { + "description": "Replica cluster configuration", + "properties": { + "enabled": { + "description": "If replica mode is enabled, this cluster will be a replica of an existing cluster. Replica cluster can be created from a recovery object store or via streaming through pg_basebackup. Refer to the Replica clusters page of the documentation for more information.", + "type": "boolean" + }, + "source": { + "description": "The name of the external cluster which is the replication origin", + "minLength": 1, + "type": "string" + } + }, + "required": [ + "enabled", + "source" + ], + "type": "object" + }, + "replicationSlots": { + "default": { + "highAvailability": { + "enabled": true + } + }, + "description": "Replication slots management configuration", + "properties": { + "highAvailability": { + "default": { + "enabled": true + }, + "description": "Replication slots for high availability configuration", + "properties": { + "enabled": { + "default": true, + "description": "If enabled (default), the operator will automatically manage replication slots on the primary instance and use them in streaming replication connections with all the standby instances that are part of the HA cluster. If disabled, the operator will not take advantage of replication slots in streaming connections with the replicas. This feature also controls replication slots in replica cluster, from the designated primary to its cascading replicas.", + "type": "boolean" + }, + "slotPrefix": { + "default": "_cnpg_", + "description": "Prefix for replication slots managed by the operator for HA. It may only contain lower case letters, numbers, and the underscore character. This can only be set at creation time. By default set to `_cnpg_`.", + "pattern": "^[0-9a-z_]*$", + "type": "string" + } + }, + "type": "object" + }, + "updateInterval": { + "default": 30, + "description": "Standby will update the status of the local replication slots every `updateInterval` seconds (default 30).", + "minimum": 1, + "type": "integer" + } + }, + "type": "object" + }, + "resources": { + "description": "Resources requirements of every generated Pod. Please refer to https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ for more information.", + "properties": { + "claims": { + "description": "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers.", + "items": { + "description": "ResourceClaim references one entry in PodSpec.ResourceClaims.", + "properties": { + "name": { + "description": "Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container.", + "type": "string" + } + }, + "required": [ + "name" + ], + "type": "object" + }, + "type": "array", + "x-kubernetes-list-map-keys": [ + "name" + ], + "x-kubernetes-list-type": "map" + }, + "limits": { + "additionalProperties": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "description": "Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/", + "type": "object" + }, + "requests": { + "additionalProperties": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "description": "Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/", + "type": "object" + } + }, + "type": "object" + }, + "schedulerName": { + "description": "If specified, the pod will be dispatched by specified Kubernetes scheduler. If not specified, the pod will be dispatched by the default scheduler. More info: https://kubernetes.io/docs/concepts/scheduling-eviction/kube-scheduler/", + "type": "string" + }, + "seccompProfile": { + "description": "The SeccompProfile applied to every Pod and Container. Defaults to: `RuntimeDefault`", + "properties": { + "localhostProfile": { + "description": "localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must be set if type is \"Localhost\". Must NOT be set for any other type.", + "type": "string" + }, + "type": { + "description": "type indicates which kind of seccomp profile will be applied. Valid options are: \n Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied.", + "type": "string" + } + }, + "required": [ + "type" + ], + "type": "object" + }, + "serviceAccountTemplate": { + "description": "Configure the generation of the service account", + "properties": { + "metadata": { + "description": "Metadata are the metadata to be used for the generated service account", + "properties": { + "annotations": { + "additionalProperties": { + "type": "string" + }, + "description": "Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations", + "type": "object" + }, + "labels": { + "additionalProperties": { + "type": "string" + }, + "description": "Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and services. More info: http://kubernetes.io/docs/user-guide/labels", + "type": "object" + } + }, + "type": "object" + } + }, + "required": [ + "metadata" + ], + "type": "object" + }, + "smartShutdownTimeout": { + "default": 180, + "description": "The time in seconds that controls the window of time reserved for the smart shutdown of Postgres to complete. Make sure you reserve enough time for the operator to request a fast shutdown of Postgres (that is: `stopDelay` - `smartShutdownTimeout`).", + "format": "int32", + "type": "integer" + }, + "startDelay": { + "default": 3600, + "description": "The time in seconds that is allowed for a PostgreSQL instance to successfully start up (default 3600). The startup probe failure threshold is derived from this value using the formula: ceiling(startDelay / 10).", + "format": "int32", + "type": "integer" + }, + "stopDelay": { + "default": 1800, + "description": "The time in seconds that is allowed for a PostgreSQL instance to gracefully shutdown (default 1800)", + "format": "int32", + "type": "integer" + }, + "storage": { + "description": "Configuration of the storage of the instances", + "properties": { + "pvcTemplate": { + "description": "Template to be used to generate the Persistent Volume Claim", + "properties": { + "accessModes": { + "description": "accessModes contains the desired access modes the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1", + "items": { + "type": "string" + }, + "type": "array" + }, + "dataSource": { + "description": "dataSource field can be used to specify either: * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) * An existing PVC (PersistentVolumeClaim) If the provisioner or an external controller can support the specified data source, it will create a new volume based on the contents of the specified data source. When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. If the namespace is specified, then dataSourceRef will not be copied to dataSource.", + "properties": { + "apiGroup": { + "description": "APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required.", + "type": "string" + }, + "kind": { + "description": "Kind is the type of resource being referenced", + "type": "string" + }, + "name": { + "description": "Name is the name of resource being referenced", + "type": "string" + } + }, + "required": [ + "kind", + "name" + ], + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "dataSourceRef": { + "description": "dataSourceRef specifies the object from which to populate the volume with data, if a non-empty volume is desired. This may be any object from a non-empty API group (non core object) or a PersistentVolumeClaim object. When this field is specified, volume binding will only succeed if the type of the specified object matches some installed volume populator or dynamic provisioner. This field will replace the functionality of the dataSource field and as such if both fields are non-empty, they must have the same value. For backwards compatibility, when namespace isn't specified in dataSourceRef, both fields (dataSource and dataSourceRef) will be set to the same value automatically if one of them is empty and the other is non-empty. When namespace is specified in dataSourceRef, dataSource isn't set to the same value and must be empty. There are three important differences between dataSource and dataSourceRef: * While dataSource only allows two specific types of objects, dataSourceRef allows any non-core object, as well as PersistentVolumeClaim objects. * While dataSource ignores disallowed values (dropping them), dataSourceRef preserves all values, and generates an error if a disallowed value is specified. * While dataSource only allows local objects, dataSourceRef allows objects in any namespaces. (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled.", + "properties": { + "apiGroup": { + "description": "APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required.", + "type": "string" + }, + "kind": { + "description": "Kind is the type of resource being referenced", + "type": "string" + }, + "name": { + "description": "Name is the name of resource being referenced", + "type": "string" + }, + "namespace": { + "description": "Namespace is the namespace of resource being referenced Note that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details. (Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled.", + "type": "string" + } + }, + "required": [ + "kind", + "name" + ], + "type": "object" + }, + "resources": { + "description": "resources represents the minimum resources the volume should have. If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements that are lower than previous value but must still be higher than capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources", + "properties": { + "claims": { + "description": "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers.", + "items": { + "description": "ResourceClaim references one entry in PodSpec.ResourceClaims.", + "properties": { + "name": { + "description": "Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container.", + "type": "string" + } + }, + "required": [ + "name" + ], + "type": "object" + }, + "type": "array", + "x-kubernetes-list-map-keys": [ + "name" + ], + "x-kubernetes-list-type": "map" + }, + "limits": { + "additionalProperties": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "description": "Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/", + "type": "object" + }, + "requests": { + "additionalProperties": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "description": "Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/", + "type": "object" + } + }, + "type": "object" + }, + "selector": { + "description": "selector is a label query over volumes to consider for binding.", + "properties": { + "matchExpressions": { + "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", + "items": { + "description": "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.", + "properties": { + "key": { + "description": "key is the label key that the selector applies to.", + "type": "string" + }, + "operator": { + "description": "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.", + "type": "string" + }, + "values": { + "description": "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array" + }, + "matchLabels": { + "additionalProperties": { + "type": "string" + }, + "description": "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", + "type": "object" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "storageClassName": { + "description": "storageClassName is the name of the StorageClass required by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1", + "type": "string" + }, + "volumeMode": { + "description": "volumeMode defines what type of volume is required by the claim. Value of Filesystem is implied when not included in claim spec.", + "type": "string" + }, + "volumeName": { + "description": "volumeName is the binding reference to the PersistentVolume backing this claim.", + "type": "string" + } + }, + "type": "object" + }, + "resizeInUseVolumes": { + "default": true, + "description": "Resize existent PVCs, defaults to true", + "type": "boolean" + }, + "size": { + "description": "Size of the storage. Required if not already specified in the PVC template. Changes to this field are automatically reapplied to the created PVCs. Size cannot be decreased.", + "type": "string" + }, + "storageClass": { + "description": "StorageClass to use for PVCs. Applied after evaluating the PVC template, if available. If not specified, the generated PVCs will use the default storage class", + "type": "string" + } + }, + "type": "object" + }, + "superuserSecret": { + "description": "The secret containing the superuser password. If not defined a new secret will be created with a randomly generated password", + "properties": { + "name": { + "description": "Name of the referent.", + "type": "string" + } + }, + "required": [ + "name" + ], + "type": "object" + }, + "switchoverDelay": { + "default": 3600, + "description": "The time in seconds that is allowed for a primary PostgreSQL instance to gracefully shutdown during a switchover. Default value is 3600 seconds (1 hour).", + "format": "int32", + "type": "integer" + }, + "tablespaces": { + "description": "The tablespaces configuration", + "items": { + "description": "TablespaceConfiguration is the configuration of a tablespace, and includes the storage specification for the tablespace", + "properties": { + "name": { + "description": "The name of the tablespace", + "type": "string" + }, + "owner": { + "description": "Owner is the PostgreSQL user owning the tablespace", + "properties": { + "name": { + "type": "string" + } + }, + "type": "object" + }, + "storage": { + "description": "The storage configuration for the tablespace", + "properties": { + "pvcTemplate": { + "description": "Template to be used to generate the Persistent Volume Claim", + "properties": { + "accessModes": { + "description": "accessModes contains the desired access modes the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1", + "items": { + "type": "string" + }, + "type": "array" + }, + "dataSource": { + "description": "dataSource field can be used to specify either: * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) * An existing PVC (PersistentVolumeClaim) If the provisioner or an external controller can support the specified data source, it will create a new volume based on the contents of the specified data source. When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. If the namespace is specified, then dataSourceRef will not be copied to dataSource.", + "properties": { + "apiGroup": { + "description": "APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required.", + "type": "string" + }, + "kind": { + "description": "Kind is the type of resource being referenced", + "type": "string" + }, + "name": { + "description": "Name is the name of resource being referenced", + "type": "string" + } + }, + "required": [ + "kind", + "name" + ], + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "dataSourceRef": { + "description": "dataSourceRef specifies the object from which to populate the volume with data, if a non-empty volume is desired. This may be any object from a non-empty API group (non core object) or a PersistentVolumeClaim object. When this field is specified, volume binding will only succeed if the type of the specified object matches some installed volume populator or dynamic provisioner. This field will replace the functionality of the dataSource field and as such if both fields are non-empty, they must have the same value. For backwards compatibility, when namespace isn't specified in dataSourceRef, both fields (dataSource and dataSourceRef) will be set to the same value automatically if one of them is empty and the other is non-empty. When namespace is specified in dataSourceRef, dataSource isn't set to the same value and must be empty. There are three important differences between dataSource and dataSourceRef: * While dataSource only allows two specific types of objects, dataSourceRef allows any non-core object, as well as PersistentVolumeClaim objects. * While dataSource ignores disallowed values (dropping them), dataSourceRef preserves all values, and generates an error if a disallowed value is specified. * While dataSource only allows local objects, dataSourceRef allows objects in any namespaces. (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled.", + "properties": { + "apiGroup": { + "description": "APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required.", + "type": "string" + }, + "kind": { + "description": "Kind is the type of resource being referenced", + "type": "string" + }, + "name": { + "description": "Name is the name of resource being referenced", + "type": "string" + }, + "namespace": { + "description": "Namespace is the namespace of resource being referenced Note that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details. (Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled.", + "type": "string" + } + }, + "required": [ + "kind", + "name" + ], + "type": "object" + }, + "resources": { + "description": "resources represents the minimum resources the volume should have. If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements that are lower than previous value but must still be higher than capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources", + "properties": { + "claims": { + "description": "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers.", + "items": { + "description": "ResourceClaim references one entry in PodSpec.ResourceClaims.", + "properties": { + "name": { + "description": "Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container.", + "type": "string" + } + }, + "required": [ + "name" + ], + "type": "object" + }, + "type": "array", + "x-kubernetes-list-map-keys": [ + "name" + ], + "x-kubernetes-list-type": "map" + }, + "limits": { + "additionalProperties": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "description": "Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/", + "type": "object" + }, + "requests": { + "additionalProperties": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "description": "Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/", + "type": "object" + } + }, + "type": "object" + }, + "selector": { + "description": "selector is a label query over volumes to consider for binding.", + "properties": { + "matchExpressions": { + "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", + "items": { + "description": "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.", + "properties": { + "key": { + "description": "key is the label key that the selector applies to.", + "type": "string" + }, + "operator": { + "description": "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.", + "type": "string" + }, + "values": { + "description": "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array" + }, + "matchLabels": { + "additionalProperties": { + "type": "string" + }, + "description": "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", + "type": "object" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "storageClassName": { + "description": "storageClassName is the name of the StorageClass required by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1", + "type": "string" + }, + "volumeMode": { + "description": "volumeMode defines what type of volume is required by the claim. Value of Filesystem is implied when not included in claim spec.", + "type": "string" + }, + "volumeName": { + "description": "volumeName is the binding reference to the PersistentVolume backing this claim.", + "type": "string" + } + }, + "type": "object" + }, + "resizeInUseVolumes": { + "default": true, + "description": "Resize existent PVCs, defaults to true", + "type": "boolean" + }, + "size": { + "description": "Size of the storage. Required if not already specified in the PVC template. Changes to this field are automatically reapplied to the created PVCs. Size cannot be decreased.", + "type": "string" + }, + "storageClass": { + "description": "StorageClass to use for PVCs. Applied after evaluating the PVC template, if available. If not specified, the generated PVCs will use the default storage class", + "type": "string" + } + }, + "type": "object" + }, + "temporary": { + "default": false, + "description": "When set to true, the tablespace will be added as a `temp_tablespaces` entry in PostgreSQL, and will be available to automatically house temp database objects, or other temporary files. Please refer to PostgreSQL documentation for more information on the `temp_tablespaces` GUC.", + "type": "boolean" + } + }, + "required": [ + "name", + "storage" + ], + "type": "object" + }, + "type": "array" + }, + "topologySpreadConstraints": { + "description": "TopologySpreadConstraints specifies how to spread matching pods among the given topology. More info: https://kubernetes.io/docs/concepts/scheduling-eviction/topology-spread-constraints/", + "items": { + "description": "TopologySpreadConstraint specifies how to spread matching pods among the given topology.", + "properties": { + "labelSelector": { + "description": "LabelSelector is used to find matching pods. Pods that match this label selector are counted to determine the number of pods in their corresponding topology domain.", + "properties": { + "matchExpressions": { + "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", + "items": { + "description": "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.", + "properties": { + "key": { + "description": "key is the label key that the selector applies to.", + "type": "string" + }, + "operator": { + "description": "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.", + "type": "string" + }, + "values": { + "description": "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array" + }, + "matchLabels": { + "additionalProperties": { + "type": "string" + }, + "description": "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", + "type": "object" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "matchLabelKeys": { + "description": "MatchLabelKeys is a set of pod label keys to select the pods over which spreading will be calculated. The keys are used to lookup values from the incoming pod labels, those key-value labels are ANDed with labelSelector to select the group of existing pods over which spreading will be calculated for the incoming pod. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. MatchLabelKeys cannot be set when LabelSelector isn't set. Keys that don't exist in the incoming pod labels will be ignored. A null or empty list means only match against labelSelector. \n This is a beta field and requires the MatchLabelKeysInPodTopologySpread feature gate to be enabled (enabled by default).", + "items": { + "type": "string" + }, + "type": "array", + "x-kubernetes-list-type": "atomic" + }, + "maxSkew": { + "description": "MaxSkew describes the degree to which pods may be unevenly distributed. When `whenUnsatisfiable=DoNotSchedule`, it is the maximum permitted difference between the number of matching pods in the target topology and the global minimum. The global minimum is the minimum number of matching pods in an eligible domain or zero if the number of eligible domains is less than MinDomains. For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same labelSelector spread as 2/2/1: In this case, the global minimum is 1. | zone1 | zone2 | zone3 | | P P | P P | P | - if MaxSkew is 1, incoming pod can only be scheduled to zone3 to become 2/2/2; scheduling it onto zone1(zone2) would make the ActualSkew(3-1) on zone1(zone2) violate MaxSkew(1). - if MaxSkew is 2, incoming pod can be scheduled onto any zone. When `whenUnsatisfiable=ScheduleAnyway`, it is used to give higher precedence to topologies that satisfy it. It's a required field. Default value is 1 and 0 is not allowed.", + "format": "int32", + "type": "integer" + }, + "minDomains": { + "description": "MinDomains indicates a minimum number of eligible domains. When the number of eligible domains with matching topology keys is less than minDomains, Pod Topology Spread treats \"global minimum\" as 0, and then the calculation of Skew is performed. And when the number of eligible domains with matching topology keys equals or greater than minDomains, this value has no effect on scheduling. As a result, when the number of eligible domains is less than minDomains, scheduler won't schedule more than maxSkew Pods to those domains. If value is nil, the constraint behaves as if MinDomains is equal to 1. Valid values are integers greater than 0. When value is not nil, WhenUnsatisfiable must be DoNotSchedule. \n For example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same labelSelector spread as 2/2/2: | zone1 | zone2 | zone3 | | P P | P P | P P | The number of domains is less than 5(MinDomains), so \"global minimum\" is treated as 0. In this situation, new pod with the same labelSelector cannot be scheduled, because computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones, it will violate MaxSkew. \n This is a beta field and requires the MinDomainsInPodTopologySpread feature gate to be enabled (enabled by default).", + "format": "int32", + "type": "integer" + }, + "nodeAffinityPolicy": { + "description": "NodeAffinityPolicy indicates how we will treat Pod's nodeAffinity/nodeSelector when calculating pod topology spread skew. Options are: - Honor: only nodes matching nodeAffinity/nodeSelector are included in the calculations. - Ignore: nodeAffinity/nodeSelector are ignored. All nodes are included in the calculations. \n If this value is nil, the behavior is equivalent to the Honor policy. This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag.", + "type": "string" + }, + "nodeTaintsPolicy": { + "description": "NodeTaintsPolicy indicates how we will treat node taints when calculating pod topology spread skew. Options are: - Honor: nodes without taints, along with tainted nodes for which the incoming pod has a toleration, are included. - Ignore: node taints are ignored. All nodes are included. \n If this value is nil, the behavior is equivalent to the Ignore policy. This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag.", + "type": "string" + }, + "topologyKey": { + "description": "TopologyKey is the key of node labels. Nodes that have a label with this key and identical values are considered to be in the same topology. We consider each as a \"bucket\", and try to put balanced number of pods into each bucket. We define a domain as a particular instance of a topology. Also, we define an eligible domain as a domain whose nodes meet the requirements of nodeAffinityPolicy and nodeTaintsPolicy. e.g. If TopologyKey is \"kubernetes.io/hostname\", each Node is a domain of that topology. And, if TopologyKey is \"topology.kubernetes.io/zone\", each zone is a domain of that topology. It's a required field.", + "type": "string" + }, + "whenUnsatisfiable": { + "description": "WhenUnsatisfiable indicates how to deal with a pod if it doesn't satisfy the spread constraint. - DoNotSchedule (default) tells the scheduler not to schedule it. - ScheduleAnyway tells the scheduler to schedule the pod in any location, but giving higher precedence to topologies that would help reduce the skew. A constraint is considered \"Unsatisfiable\" for an incoming pod if and only if every possible node assignment for that pod would violate \"MaxSkew\" on some topology. For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same labelSelector spread as 3/1/1: | zone1 | zone2 | zone3 | | P P P | P | P | If WhenUnsatisfiable is set to DoNotSchedule, incoming pod can only be scheduled to zone2(zone3) to become 3/2/1(3/1/2) as ActualSkew(2-1) on zone2(zone3) satisfies MaxSkew(1). In other words, the cluster can still be imbalanced, but scheduler won't make it *more* imbalanced. It's a required field.", + "type": "string" + } + }, + "required": [ + "maxSkew", + "topologyKey", + "whenUnsatisfiable" + ], + "type": "object" + }, + "type": "array" + }, + "walStorage": { + "description": "Configuration of the storage for PostgreSQL WAL (Write-Ahead Log)", + "properties": { + "pvcTemplate": { + "description": "Template to be used to generate the Persistent Volume Claim", + "properties": { + "accessModes": { + "description": "accessModes contains the desired access modes the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1", + "items": { + "type": "string" + }, + "type": "array" + }, + "dataSource": { + "description": "dataSource field can be used to specify either: * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) * An existing PVC (PersistentVolumeClaim) If the provisioner or an external controller can support the specified data source, it will create a new volume based on the contents of the specified data source. When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. If the namespace is specified, then dataSourceRef will not be copied to dataSource.", + "properties": { + "apiGroup": { + "description": "APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required.", + "type": "string" + }, + "kind": { + "description": "Kind is the type of resource being referenced", + "type": "string" + }, + "name": { + "description": "Name is the name of resource being referenced", + "type": "string" + } + }, + "required": [ + "kind", + "name" + ], + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "dataSourceRef": { + "description": "dataSourceRef specifies the object from which to populate the volume with data, if a non-empty volume is desired. This may be any object from a non-empty API group (non core object) or a PersistentVolumeClaim object. When this field is specified, volume binding will only succeed if the type of the specified object matches some installed volume populator or dynamic provisioner. This field will replace the functionality of the dataSource field and as such if both fields are non-empty, they must have the same value. For backwards compatibility, when namespace isn't specified in dataSourceRef, both fields (dataSource and dataSourceRef) will be set to the same value automatically if one of them is empty and the other is non-empty. When namespace is specified in dataSourceRef, dataSource isn't set to the same value and must be empty. There are three important differences between dataSource and dataSourceRef: * While dataSource only allows two specific types of objects, dataSourceRef allows any non-core object, as well as PersistentVolumeClaim objects. * While dataSource ignores disallowed values (dropping them), dataSourceRef preserves all values, and generates an error if a disallowed value is specified. * While dataSource only allows local objects, dataSourceRef allows objects in any namespaces. (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled.", + "properties": { + "apiGroup": { + "description": "APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required.", + "type": "string" + }, + "kind": { + "description": "Kind is the type of resource being referenced", + "type": "string" + }, + "name": { + "description": "Name is the name of resource being referenced", + "type": "string" + }, + "namespace": { + "description": "Namespace is the namespace of resource being referenced Note that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details. (Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled.", + "type": "string" + } + }, + "required": [ + "kind", + "name" + ], + "type": "object" + }, + "resources": { + "description": "resources represents the minimum resources the volume should have. If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements that are lower than previous value but must still be higher than capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources", + "properties": { + "claims": { + "description": "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers.", + "items": { + "description": "ResourceClaim references one entry in PodSpec.ResourceClaims.", + "properties": { + "name": { + "description": "Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container.", + "type": "string" + } + }, + "required": [ + "name" + ], + "type": "object" + }, + "type": "array", + "x-kubernetes-list-map-keys": [ + "name" + ], + "x-kubernetes-list-type": "map" + }, + "limits": { + "additionalProperties": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "description": "Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/", + "type": "object" + }, + "requests": { + "additionalProperties": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "description": "Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/", + "type": "object" + } + }, + "type": "object" + }, + "selector": { + "description": "selector is a label query over volumes to consider for binding.", + "properties": { + "matchExpressions": { + "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", + "items": { + "description": "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.", + "properties": { + "key": { + "description": "key is the label key that the selector applies to.", + "type": "string" + }, + "operator": { + "description": "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.", + "type": "string" + }, + "values": { + "description": "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array" + }, + "matchLabels": { + "additionalProperties": { + "type": "string" + }, + "description": "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", + "type": "object" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "storageClassName": { + "description": "storageClassName is the name of the StorageClass required by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1", + "type": "string" + }, + "volumeMode": { + "description": "volumeMode defines what type of volume is required by the claim. Value of Filesystem is implied when not included in claim spec.", + "type": "string" + }, + "volumeName": { + "description": "volumeName is the binding reference to the PersistentVolume backing this claim.", + "type": "string" + } + }, + "type": "object" + }, + "resizeInUseVolumes": { + "default": true, + "description": "Resize existent PVCs, defaults to true", + "type": "boolean" + }, + "size": { + "description": "Size of the storage. Required if not already specified in the PVC template. Changes to this field are automatically reapplied to the created PVCs. Size cannot be decreased.", + "type": "string" + }, + "storageClass": { + "description": "StorageClass to use for PVCs. Applied after evaluating the PVC template, if available. If not specified, the generated PVCs will use the default storage class", + "type": "string" + } + }, + "type": "object" + } + }, + "required": [ + "instances" + ], + "type": "object" + }, + "status": { + "description": "Most recently observed status of the cluster. This data may not be up to date. Populated by the system. Read-only. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status", + "properties": { + "azurePVCUpdateEnabled": { + "description": "AzurePVCUpdateEnabled shows if the PVC online upgrade is enabled for this cluster", + "type": "boolean" + }, + "certificates": { + "description": "The configuration for the CA and related certificates, initialized with defaults.", + "properties": { + "clientCASecret": { + "description": "The secret containing the Client CA certificate. If not defined, a new secret will be created with a self-signed CA and will be used to generate all the client certificates.

Contains:

- `ca.crt`: CA that should be used to validate the client certificates, used as `ssl_ca_file` of all the instances.
- `ca.key`: key used to generate client certificates, if ReplicationTLSSecret is provided, this can be omitted.
", + "type": "string" + }, + "expirations": { + "additionalProperties": { + "type": "string" + }, + "description": "Expiration dates for all certificates.", + "type": "object" + }, + "replicationTLSSecret": { + "description": "The secret of type kubernetes.io/tls containing the client certificate to authenticate as the `streaming_replica` user. If not defined, ClientCASecret must provide also `ca.key`, and a new secret will be created using the provided CA.", + "type": "string" + }, + "serverAltDNSNames": { + "description": "The list of the server alternative DNS names to be added to the generated server TLS certificates, when required.", + "items": { + "type": "string" + }, + "type": "array" + }, + "serverCASecret": { + "description": "The secret containing the Server CA certificate. If not defined, a new secret will be created with a self-signed CA and will be used to generate the TLS certificate ServerTLSSecret.

Contains:

- `ca.crt`: CA that should be used to validate the server certificate, used as `sslrootcert` in client connection strings.
- `ca.key`: key used to generate Server SSL certs, if ServerTLSSecret is provided, this can be omitted.
", + "type": "string" + }, + "serverTLSSecret": { + "description": "The secret of type kubernetes.io/tls containing the server TLS certificate and key that will be set as `ssl_cert_file` and `ssl_key_file` so that clients can connect to postgres securely. If not defined, ServerCASecret must provide also `ca.key` and a new secret will be created using the provided CA.", + "type": "string" + } + }, + "type": "object" + }, + "cloudNativePGCommitHash": { + "description": "The commit hash number of which this operator running", + "type": "string" + }, + "cloudNativePGOperatorHash": { + "description": "The hash of the binary of the operator", + "type": "string" + }, + "conditions": { + "description": "Conditions for cluster object", + "items": { + "description": "Condition contains details for one aspect of the current state of this API Resource. --- This struct is intended for direct use as an array at the field path .status.conditions. For example, \n type FooStatus struct{ // Represents the observations of a foo's current state. // Known .status.conditions.type are: \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge // +listType=map // +listMapKey=type Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }", + "properties": { + "lastTransitionTime": { + "description": "lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable.", + "format": "date-time", + "type": "string" + }, + "message": { + "description": "message is a human readable message indicating details about the transition. This may be an empty string.", + "maxLength": 32768, + "type": "string" + }, + "observedGeneration": { + "description": "observedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance.", + "format": "int64", + "minimum": 0, + "type": "integer" + }, + "reason": { + "description": "reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty.", + "maxLength": 1024, + "minLength": 1, + "pattern": "^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$", + "type": "string" + }, + "status": { + "description": "status of the condition, one of True, False, Unknown.", + "enum": [ + "True", + "False", + "Unknown" + ], + "type": "string" + }, + "type": { + "description": "type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)", + "maxLength": 316, + "pattern": "^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$", + "type": "string" + } + }, + "required": [ + "lastTransitionTime", + "message", + "reason", + "status", + "type" + ], + "type": "object" + }, + "type": "array" + }, + "configMapResourceVersion": { + "description": "The list of resource versions of the configmaps, managed by the operator. Every change here is done in the interest of the instance manager, which will refresh the configmap data", + "properties": { + "metrics": { + "additionalProperties": { + "type": "string" + }, + "description": "A map with the versions of all the config maps used to pass metrics. Map keys are the config map names, map values are the versions", + "type": "object" + } + }, + "type": "object" + }, + "currentPrimary": { + "description": "Current primary instance", + "type": "string" + }, + "currentPrimaryFailingSinceTimestamp": { + "description": "The timestamp when the primary was detected to be unhealthy This field is reported when `.spec.failoverDelay` is populated or during online upgrades", + "type": "string" + }, + "currentPrimaryTimestamp": { + "description": "The timestamp when the last actual promotion to primary has occurred", + "type": "string" + }, + "danglingPVC": { + "description": "List of all the PVCs created by this cluster and still available which are not attached to a Pod", + "items": { + "type": "string" + }, + "type": "array" + }, + "firstRecoverabilityPoint": { + "description": "The first recoverability point, stored as a date in RFC3339 format. This field is calculated from the content of FirstRecoverabilityPointByMethod", + "type": "string" + }, + "firstRecoverabilityPointByMethod": { + "additionalProperties": { + "format": "date-time", + "type": "string" + }, + "description": "The first recoverability point, stored as a date in RFC3339 format, per backup method type", + "type": "object" + }, + "healthyPVC": { + "description": "List of all the PVCs not dangling nor initializing", + "items": { + "type": "string" + }, + "type": "array" + }, + "initializingPVC": { + "description": "List of all the PVCs that are being initialized by this cluster", + "items": { + "type": "string" + }, + "type": "array" + }, + "instanceNames": { + "description": "List of instance names in the cluster", + "items": { + "type": "string" + }, + "type": "array" + }, + "instances": { + "description": "The total number of PVC Groups detected in the cluster. It may differ from the number of existing instance pods.", + "type": "integer" + }, + "instancesReportedState": { + "additionalProperties": { + "description": "InstanceReportedState describes the last reported state of an instance during a reconciliation loop", + "properties": { + "isPrimary": { + "description": "indicates if an instance is the primary one", + "type": "boolean" + }, + "timeLineID": { + "description": "indicates on which TimelineId the instance is", + "type": "integer" + } + }, + "required": [ + "isPrimary" + ], + "type": "object" + }, + "description": "The reported state of the instances during the last reconciliation loop", + "type": "object" + }, + "instancesStatus": { + "additionalProperties": { + "items": { + "type": "string" + }, + "type": "array" + }, + "description": "InstancesStatus indicates in which status the instances are", + "type": "object" + }, + "jobCount": { + "description": "How many Jobs have been created by this cluster", + "format": "int32", + "type": "integer" + }, + "lastFailedBackup": { + "description": "Stored as a date in RFC3339 format", + "type": "string" + }, + "lastSuccessfulBackup": { + "description": "Last successful backup, stored as a date in RFC3339 format This field is calculated from the content of LastSuccessfulBackupByMethod", + "type": "string" + }, + "lastSuccessfulBackupByMethod": { + "additionalProperties": { + "format": "date-time", + "type": "string" + }, + "description": "Last successful backup, stored as a date in RFC3339 format, per backup method type", + "type": "object" + }, + "latestGeneratedNode": { + "description": "ID of the latest generated node (used to avoid node name clashing)", + "type": "integer" + }, + "managedRolesStatus": { + "description": "ManagedRolesStatus reports the state of the managed roles in the cluster", + "properties": { + "byStatus": { + "additionalProperties": { + "items": { + "type": "string" + }, + "type": "array" + }, + "description": "ByStatus gives the list of roles in each state", + "type": "object" + }, + "cannotReconcile": { + "additionalProperties": { + "items": { + "type": "string" + }, + "type": "array" + }, + "description": "CannotReconcile lists roles that cannot be reconciled in PostgreSQL, with an explanation of the cause", + "type": "object" + }, + "passwordStatus": { + "additionalProperties": { + "description": "PasswordState represents the state of the password of a managed RoleConfiguration", + "properties": { + "resourceVersion": { + "description": "the resource version of the password secret", + "type": "string" + }, + "transactionID": { + "description": "the last transaction ID to affect the role definition in PostgreSQL", + "format": "int64", + "type": "integer" + } + }, + "type": "object" + }, + "description": "PasswordStatus gives the last transaction id and password secret version for each managed role", + "type": "object" + } + }, + "type": "object" + }, + "onlineUpdateEnabled": { + "description": "OnlineUpdateEnabled shows if the online upgrade is enabled inside the cluster", + "type": "boolean" + }, + "phase": { + "description": "Current phase of the cluster", + "type": "string" + }, + "phaseReason": { + "description": "Reason for the current phase", + "type": "string" + }, + "poolerIntegrations": { + "description": "The integration needed by poolers referencing the cluster", + "properties": { + "pgBouncerIntegration": { + "description": "PgBouncerIntegrationStatus encapsulates the needed integration for the pgbouncer poolers referencing the cluster", + "properties": { + "secrets": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "pvcCount": { + "description": "How many PVCs have been created by this cluster", + "format": "int32", + "type": "integer" + }, + "readService": { + "description": "Current list of read pods", + "type": "string" + }, + "readyInstances": { + "description": "The total number of ready instances in the cluster. It is equal to the number of ready instance pods.", + "type": "integer" + }, + "resizingPVC": { + "description": "List of all the PVCs that have ResizingPVC condition.", + "items": { + "type": "string" + }, + "type": "array" + }, + "secretsResourceVersion": { + "description": "The list of resource versions of the secrets managed by the operator. Every change here is done in the interest of the instance manager, which will refresh the secret data", + "properties": { + "applicationSecretVersion": { + "description": "The resource version of the \"app\" user secret", + "type": "string" + }, + "barmanEndpointCA": { + "description": "The resource version of the Barman Endpoint CA if provided", + "type": "string" + }, + "caSecretVersion": { + "description": "Unused. Retained for compatibility with old versions.", + "type": "string" + }, + "clientCaSecretVersion": { + "description": "The resource version of the PostgreSQL client-side CA secret version", + "type": "string" + }, + "externalClusterSecretVersion": { + "additionalProperties": { + "type": "string" + }, + "description": "The resource versions of the external cluster secrets", + "type": "object" + }, + "managedRoleSecretVersion": { + "additionalProperties": { + "type": "string" + }, + "description": "The resource versions of the managed roles secrets", + "type": "object" + }, + "metrics": { + "additionalProperties": { + "type": "string" + }, + "description": "A map with the versions of all the secrets used to pass metrics. Map keys are the secret names, map values are the versions", + "type": "object" + }, + "replicationSecretVersion": { + "description": "The resource version of the \"streaming_replica\" user secret", + "type": "string" + }, + "serverCaSecretVersion": { + "description": "The resource version of the PostgreSQL server-side CA secret version", + "type": "string" + }, + "serverSecretVersion": { + "description": "The resource version of the PostgreSQL server-side secret version", + "type": "string" + }, + "superuserSecretVersion": { + "description": "The resource version of the \"postgres\" user secret", + "type": "string" + } + }, + "type": "object" + }, + "tablespacesStatus": { + "description": "TablespacesStatus reports the state of the declarative tablespaces in the cluster", + "items": { + "description": "TablespaceState represents the state of a tablespace in a cluster", + "properties": { + "error": { + "description": "Error is the reconciliation error, if any", + "type": "string" + }, + "name": { + "description": "Name is the name of the tablespace", + "type": "string" + }, + "owner": { + "description": "Owner is the PostgreSQL user owning the tablespace", + "type": "string" + }, + "state": { + "description": "State is the latest reconciliation state", + "type": "string" + } + }, + "required": [ + "name", + "state" + ], + "type": "object" + }, + "type": "array" + }, + "targetPrimary": { + "description": "Target primary instance, this is different from the previous one during a switchover or a failover", + "type": "string" + }, + "targetPrimaryTimestamp": { + "description": "The timestamp when the last request for a new primary has occurred", + "type": "string" + }, + "timelineID": { + "description": "The timeline of the Postgres cluster", + "type": "integer" + }, + "topology": { + "description": "Instances topology.", + "properties": { + "instances": { + "additionalProperties": { + "additionalProperties": { + "type": "string" + }, + "description": "PodTopologyLabels represent the topology of a Pod. map[labelName]labelValue", + "type": "object" + }, + "description": "Instances contains the pod topology of the instances", + "type": "object" + }, + "nodesUsed": { + "description": "NodesUsed represents the count of distinct nodes accommodating the instances. A value of '1' suggests that all instances are hosted on a single node, implying the absence of High Availability (HA). Ideally, this value should be the same as the number of instances in the Postgres HA cluster, implying shared nothing architecture on the compute side.", + "format": "int32", + "type": "integer" + }, + "successfullyExtracted": { + "description": "SuccessfullyExtracted indicates if the topology data was extract. It is useful to enact fallback behaviors in synchronous replica election in case of failures", + "type": "boolean" + } + }, + "type": "object" + }, + "unusablePVC": { + "description": "List of all the PVCs that are unusable because another PVC is missing", + "items": { + "type": "string" + }, + "type": "array" + }, + "writeService": { + "description": "Current write pod", + "type": "string" + } + }, + "type": "object" + } + }, + "required": [ + "metadata", + "spec" + ], + "type": "object" + } + }, + "served": true, + "storage": true, + "subresources": { + "scale": { + "specReplicasPath": ".spec.instances", + "statusReplicasPath": ".status.instances" + }, + "status": {} + } + } + ] + }, + "status": { + "acceptedNames": { + "kind": "Cluster", + "listKind": "ClusterList", + "plural": "clusters", + "singular": "cluster" + }, + "conditions": [ + { + "lastTransitionTime": "2024-02-21T04:22:52Z", + "message": "no conflicts found", + "reason": "NoConflicts", + "status": "True", + "type": "NamesAccepted" + }, + { + "lastTransitionTime": "2024-02-21T04:22:52Z", + "message": "the initial names have been accepted", + "reason": "InitialNamesAccepted", + "status": "True", + "type": "Established" + } + ], + "storedVersions": [ + "v1" + ] + } + }, + "group": "postgresql.cnpg.io", + "plural": "clusters", + "version": "v1" + }, + "learnrun_time": 277.9900703430176, + "namespace": "cnpg-system", + "preload_images": [ + "ghcr.io/cloudnative-pg/postgresql:16.1", + "ghcr.io/cloudnative-pg/cloudnative-pg:1.22.1" + ], + "static_analysis_time": 3.886222839355469e-05 +} \ No newline at end of file diff --git a/data/cloudnative-pg_cloudnative_pg/postgresql-config.json b/data/cloudnative-pg_cloudnative_pg/postgresql-config.json new file mode 100644 index 0000000000..8342807547 --- /dev/null +++ b/data/cloudnative-pg_cloudnative_pg/postgresql-config.json @@ -0,0 +1,15 @@ +{ + "deploy": { + "steps": [ + { + "apply": { + "file": "data/cnpg/cnpg-1.22.1.yaml", + "namespace": null, + "operator": true + } + } + ] + }, + "crd_name": "clusters.postgresql.cnpg.io", + "seed_custom_resource": "data/cnpg/postgresql-cr.yaml" +} diff --git a/data/cloudnative-pg_cloudnative_pg/postgresql-cr.yaml b/data/cloudnative-pg_cloudnative_pg/postgresql-cr.yaml new file mode 100644 index 0000000000..884fabb00e --- /dev/null +++ b/data/cloudnative-pg_cloudnative_pg/postgresql-cr.yaml @@ -0,0 +1,8 @@ +apiVersion: postgresql.cnpg.io/v1 +kind: Cluster +metadata: + name: test-cluster +spec: + instances: 3 + storage: + size: 1Gi From 17cad9dada26503209a83483f911fe897cb5e490 Mon Sep 17 00:00:00 2001 From: Yug Mittal <33040186+mittal1787@users.noreply.github.com> Date: Sun, 10 Mar 2024 16:47:50 -0500 Subject: [PATCH 30/38] Contribute Porting Config for kedacore/keda-olm-operator to Acto (Lab 1) (#345) * Add operator, config, and cr to Acto * Add context.json --------- Co-authored-by: yugm2 --- data/kedacore_keda-olm-operator/context.json | 530 + data/kedacore_keda-olm-operator/operator.yaml | 12749 ++++++++++++++++ .../scaledObjects-config.json | 13 + .../scaledObjects-cr.yaml | 297 + 4 files changed, 13589 insertions(+) create mode 100644 data/kedacore_keda-olm-operator/context.json create mode 100644 data/kedacore_keda-olm-operator/operator.yaml create mode 100644 data/kedacore_keda-olm-operator/scaledObjects-config.json create mode 100644 data/kedacore_keda-olm-operator/scaledObjects-cr.yaml diff --git a/data/kedacore_keda-olm-operator/context.json b/data/kedacore_keda-olm-operator/context.json new file mode 100644 index 0000000000..09d4b504f0 --- /dev/null +++ b/data/kedacore_keda-olm-operator/context.json @@ -0,0 +1,530 @@ +{ + "crd": { + "body": { + "apiVersion": "apiextensions.k8s.io/v1", + "kind": "CustomResourceDefinition", + "metadata": { + "annotations": { + "controller-gen.kubebuilder.io/version": "v0.13.0" + }, + "creationTimestamp": "2024-02-21T19:57:08Z", + "generation": 1, + "labels": { + "app.kubernetes.io/part-of": "keda-olm-operator", + "app.kubernetes.io/version": "main" + }, + "name": "scaledobjects.keda.sh", + "resourceVersion": "689", + "uid": "1bd86044-4985-4a1f-9100-4a0812a96ef7" + }, + "spec": { + "conversion": { + "strategy": "None" + }, + "group": "keda.sh", + "names": { + "kind": "ScaledObject", + "listKind": "ScaledObjectList", + "plural": "scaledobjects", + "shortNames": [ + "so" + ], + "singular": "scaledobject" + }, + "scope": "Namespaced", + "versions": [ + { + "additionalPrinterColumns": [ + { + "jsonPath": ".status.scaleTargetKind", + "name": "ScaleTargetKind", + "type": "string" + }, + { + "jsonPath": ".spec.scaleTargetRef.name", + "name": "ScaleTargetName", + "type": "string" + }, + { + "jsonPath": ".spec.minReplicaCount", + "name": "Min", + "type": "integer" + }, + { + "jsonPath": ".spec.maxReplicaCount", + "name": "Max", + "type": "integer" + }, + { + "jsonPath": ".spec.triggers[*].type", + "name": "Triggers", + "type": "string" + }, + { + "jsonPath": ".spec.triggers[*].authenticationRef.name", + "name": "Authentication", + "type": "string" + }, + { + "jsonPath": ".status.conditions[?(@.type==\"Ready\")].status", + "name": "Ready", + "type": "string" + }, + { + "jsonPath": ".status.conditions[?(@.type==\"Active\")].status", + "name": "Active", + "type": "string" + }, + { + "jsonPath": ".status.conditions[?(@.type==\"Fallback\")].status", + "name": "Fallback", + "type": "string" + }, + { + "jsonPath": ".status.conditions[?(@.type==\"Paused\")].status", + "name": "Paused", + "type": "string" + }, + { + "jsonPath": ".metadata.creationTimestamp", + "name": "Age", + "type": "date" + } + ], + "name": "v1alpha1", + "schema": { + "openAPIV3Schema": { + "description": "ScaledObject is a specification for a ScaledObject resource", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", + "type": "string" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "type": "object" + }, + "spec": { + "description": "ScaledObjectSpec is the spec for a ScaledObject resource", + "properties": { + "advanced": { + "description": "AdvancedConfig specifies advance scaling options", + "properties": { + "horizontalPodAutoscalerConfig": { + "description": "HorizontalPodAutoscalerConfig specifies horizontal scale config", + "properties": { + "behavior": { + "description": "HorizontalPodAutoscalerBehavior configures the scaling behavior of the target in both Up and Down directions (scaleUp and scaleDown fields respectively).", + "properties": { + "scaleDown": { + "description": "scaleDown is scaling policy for scaling Down. If not set, the default value is to allow to scale down to minReplicas pods, with a 300 second stabilization window (i.e., the highest recommendation for the last 300sec is used).", + "properties": { + "policies": { + "description": "policies is a list of potential scaling polices which can be used during scaling. At least one policy must be specified, otherwise the HPAScalingRules will be discarded as invalid", + "items": { + "description": "HPAScalingPolicy is a single policy which must hold true for a specified past interval.", + "properties": { + "periodSeconds": { + "description": "periodSeconds specifies the window of time for which the policy should hold true. PeriodSeconds must be greater than zero and less than or equal to 1800 (30 min).", + "format": "int32", + "type": "integer" + }, + "type": { + "description": "type is used to specify the scaling policy.", + "type": "string" + }, + "value": { + "description": "value contains the amount of change which is permitted by the policy. It must be greater than zero", + "format": "int32", + "type": "integer" + } + }, + "required": [ + "periodSeconds", + "type", + "value" + ], + "type": "object" + }, + "type": "array", + "x-kubernetes-list-type": "atomic" + }, + "selectPolicy": { + "description": "selectPolicy is used to specify which policy should be used. If not set, the default value Max is used.", + "type": "string" + }, + "stabilizationWindowSeconds": { + "description": "stabilizationWindowSeconds is the number of seconds for which past recommendations should be considered while scaling up or scaling down. StabilizationWindowSeconds must be greater than or equal to zero and less than or equal to 3600 (one hour). If not set, use the default values: - For scale up: 0 (i.e. no stabilization is done). - For scale down: 300 (i.e. the stabilization window is 300 seconds long).", + "format": "int32", + "maximum": 3600, + "minimum": 0, + "type": "integer" + } + }, + "type": "object" + }, + "scaleUp": { + "description": "scaleUp is scaling policy for scaling Up. If not set, the default value is the higher of: * increase no more than 4 pods per 60 seconds * double the number of pods per 60 seconds No stabilization is used.", + "properties": { + "policies": { + "description": "policies is a list of potential scaling polices which can be used during scaling. At least one policy must be specified, otherwise the HPAScalingRules will be discarded as invalid", + "items": { + "description": "HPAScalingPolicy is a single policy which must hold true for a specified past interval.", + "properties": { + "periodSeconds": { + "description": "periodSeconds specifies the window of time for which the policy should hold true. PeriodSeconds must be greater than zero and less than or equal to 1800 (30 min).", + "format": "int32", + "type": "integer" + }, + "type": { + "description": "type is used to specify the scaling policy.", + "type": "string" + }, + "value": { + "description": "value contains the amount of change which is permitted by the policy. It must be greater than zero", + "format": "int32", + "type": "integer" + } + }, + "required": [ + "periodSeconds", + "type", + "value" + ], + "type": "object" + }, + "type": "array", + "x-kubernetes-list-type": "atomic" + }, + "selectPolicy": { + "description": "selectPolicy is used to specify which policy should be used. If not set, the default value Max is used.", + "type": "string" + }, + "stabilizationWindowSeconds": { + "description": "stabilizationWindowSeconds is the number of seconds for which past recommendations should be considered while scaling up or scaling down. StabilizationWindowSeconds must be greater than or equal to zero and less than or equal to 3600 (one hour). If not set, use the default values: - For scale up: 0 (i.e. no stabilization is done). - For scale down: 300 (i.e. the stabilization window is 300 seconds long).", + "format": "int32", + "maximum": 3600, + "minimum": 0, + "type": "integer" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "name": { + "type": "string" + } + }, + "type": "object" + }, + "restoreToOriginalReplicaCount": { + "type": "boolean" + }, + "scalingModifiers": { + "description": "ScalingModifiers describes advanced scaling logic options like formula", + "properties": { + "activationTarget": { + "type": "string" + }, + "formula": { + "type": "string" + }, + "metricType": { + "description": "MetricTargetType specifies the type of metric being targeted, and should be either \"Value\", \"AverageValue\", or \"Utilization\"", + "type": "string" + }, + "target": { + "type": "string" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "cooldownPeriod": { + "format": "int32", + "type": "integer" + }, + "fallback": { + "description": "Fallback is the spec for fallback options", + "properties": { + "failureThreshold": { + "format": "int32", + "type": "integer" + }, + "replicas": { + "format": "int32", + "type": "integer" + } + }, + "required": [ + "failureThreshold", + "replicas" + ], + "type": "object" + }, + "idleReplicaCount": { + "format": "int32", + "type": "integer" + }, + "maxReplicaCount": { + "format": "int32", + "type": "integer" + }, + "minReplicaCount": { + "format": "int32", + "type": "integer" + }, + "pollingInterval": { + "format": "int32", + "type": "integer" + }, + "scaleTargetRef": { + "description": "ScaleTarget holds the reference to the scale target Object", + "properties": { + "apiVersion": { + "type": "string" + }, + "envSourceContainerName": { + "type": "string" + }, + "kind": { + "type": "string" + }, + "name": { + "type": "string" + } + }, + "required": [ + "name" + ], + "type": "object" + }, + "triggers": { + "items": { + "description": "ScaleTriggers reference the scaler that will be used", + "properties": { + "authenticationRef": { + "description": "AuthenticationRef points to the TriggerAuthentication or ClusterTriggerAuthentication object that is used to authenticate the scaler with the environment", + "properties": { + "kind": { + "description": "Kind of the resource being referred to. Defaults to TriggerAuthentication.", + "type": "string" + }, + "name": { + "type": "string" + } + }, + "required": [ + "name" + ], + "type": "object" + }, + "metadata": { + "additionalProperties": { + "type": "string" + }, + "type": "object" + }, + "metricType": { + "description": "MetricTargetType specifies the type of metric being targeted, and should be either \"Value\", \"AverageValue\", or \"Utilization\"", + "type": "string" + }, + "name": { + "type": "string" + }, + "type": { + "type": "string" + }, + "useCachedMetrics": { + "type": "boolean" + } + }, + "required": [ + "metadata", + "type" + ], + "type": "object" + }, + "type": "array" + } + }, + "required": [ + "scaleTargetRef", + "triggers" + ], + "type": "object" + }, + "status": { + "description": "ScaledObjectStatus is the status for a ScaledObject resource", + "properties": { + "compositeScalerName": { + "type": "string" + }, + "conditions": { + "description": "Conditions an array representation to store multiple Conditions", + "items": { + "description": "Condition to store the condition state", + "properties": { + "message": { + "description": "A human readable message indicating details about the transition.", + "type": "string" + }, + "reason": { + "description": "The reason for the condition's last transition.", + "type": "string" + }, + "status": { + "description": "Status of the condition, one of True, False, Unknown.", + "type": "string" + }, + "type": { + "description": "Type of condition", + "type": "string" + } + }, + "required": [ + "status", + "type" + ], + "type": "object" + }, + "type": "array" + }, + "externalMetricNames": { + "items": { + "type": "string" + }, + "type": "array" + }, + "health": { + "additionalProperties": { + "description": "HealthStatus is the status for a ScaledObject's health", + "properties": { + "numberOfFailures": { + "format": "int32", + "type": "integer" + }, + "status": { + "description": "HealthStatusType is an indication of whether the health status is happy or failing", + "type": "string" + } + }, + "type": "object" + }, + "type": "object" + }, + "hpaName": { + "type": "string" + }, + "lastActiveTime": { + "format": "date-time", + "type": "string" + }, + "originalReplicaCount": { + "format": "int32", + "type": "integer" + }, + "pausedReplicaCount": { + "format": "int32", + "type": "integer" + }, + "resourceMetricNames": { + "items": { + "type": "string" + }, + "type": "array" + }, + "scaleTargetGVKR": { + "description": "GroupVersionKindResource provides unified structure for schema.GroupVersionKind and Resource", + "properties": { + "group": { + "type": "string" + }, + "kind": { + "type": "string" + }, + "resource": { + "type": "string" + }, + "version": { + "type": "string" + } + }, + "required": [ + "group", + "kind", + "resource", + "version" + ], + "type": "object" + }, + "scaleTargetKind": { + "type": "string" + } + }, + "type": "object" + } + }, + "required": [ + "spec" + ], + "type": "object" + } + }, + "served": true, + "storage": true, + "subresources": { + "status": {} + } + } + ] + }, + "status": { + "acceptedNames": { + "kind": "ScaledObject", + "listKind": "ScaledObjectList", + "plural": "scaledobjects", + "shortNames": [ + "so" + ], + "singular": "scaledobject" + }, + "conditions": [ + { + "lastTransitionTime": "2024-02-21T19:57:16Z", + "message": "no conflicts found", + "reason": "NoConflicts", + "status": "True", + "type": "NamesAccepted" + }, + { + "lastTransitionTime": "2024-02-21T19:57:16Z", + "message": "the initial names have been accepted", + "reason": "InitialNamesAccepted", + "status": "True", + "type": "Established" + } + ], + "storedVersions": [ + "v1alpha1" + ] + } + }, + "group": "keda.sh", + "plural": "scaledobjects", + "version": "v1alpha1" + }, + "learnrun_time": 227.8793454170227, + "namespace": "keda", + "preload_images": [ + "ghcr.io/kedacore/keda-olm-operator:main" + ], + "static_analysis_time": 7.152557373046875e-06 +} \ No newline at end of file diff --git a/data/kedacore_keda-olm-operator/operator.yaml b/data/kedacore_keda-olm-operator/operator.yaml new file mode 100644 index 0000000000..4175d9bfc3 --- /dev/null +++ b/data/kedacore_keda-olm-operator/operator.yaml @@ -0,0 +1,12749 @@ +apiVersion: v1 +kind: Namespace +metadata: + labels: + app.kubernetes.io/part-of: keda-olm-operator + app.kubernetes.io/version: main + name: keda +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.13.0 + labels: + app.kubernetes.io/part-of: keda-olm-operator + app.kubernetes.io/version: main + name: clustertriggerauthentications.keda.sh +spec: + group: keda.sh + names: + kind: ClusterTriggerAuthentication + listKind: ClusterTriggerAuthenticationList + plural: clustertriggerauthentications + shortNames: + - cta + - clustertriggerauth + singular: clustertriggerauthentication + scope: Cluster + versions: + - additionalPrinterColumns: + - jsonPath: .spec.podIdentity.provider + name: PodIdentity + type: string + - jsonPath: .spec.secretTargetRef[*].name + name: Secret + type: string + - jsonPath: .spec.env[*].name + name: Env + type: string + - jsonPath: .spec.hashiCorpVault.address + name: VaultAddress + type: string + - jsonPath: .status.scaledobjects + name: ScaledObjects + priority: 1 + type: string + - jsonPath: .status.scaledjobs + name: ScaledJobs + priority: 1 + type: string + name: v1alpha1 + schema: + openAPIV3Schema: + description: ClusterTriggerAuthentication defines how a trigger can authenticate + globally + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: TriggerAuthenticationSpec defines the various ways to authenticate + properties: + azureKeyVault: + description: AzureKeyVault is used to authenticate using Azure Key + Vault + properties: + cloud: + properties: + activeDirectoryEndpoint: + type: string + keyVaultResourceURL: + type: string + type: + type: string + required: + - type + type: object + credentials: + properties: + clientId: + type: string + clientSecret: + properties: + valueFrom: + properties: + secretKeyRef: + properties: + key: + type: string + name: + type: string + required: + - key + - name + type: object + required: + - secretKeyRef + type: object + required: + - valueFrom + type: object + tenantId: + type: string + required: + - clientId + - clientSecret + - tenantId + type: object + podIdentity: + description: AuthPodIdentity allows users to select the platform native identity mechanism + properties: + identityId: + type: string + provider: + description: PodIdentityProvider contains the list of providers + type: string + required: + - provider + type: object + secrets: + items: + properties: + name: + type: string + parameter: + type: string + version: + type: string + required: + - name + - parameter + type: object + type: array + vaultUri: + type: string + required: + - secrets + - vaultUri + type: object + env: + items: + description: AuthEnvironment is used to authenticate using environment variables in the destination ScaleTarget spec + properties: + containerName: + type: string + name: + type: string + parameter: + type: string + required: + - name + - parameter + type: object + type: array + hashiCorpVault: + description: HashiCorpVault is used to authenticate using Hashicorp Vault + properties: + address: + type: string + authentication: + description: VaultAuthentication contains the list of Hashicorp Vault authentication methods + type: string + credential: + description: Credential defines the Hashicorp Vault credentials depending on the authentication method + properties: + serviceAccount: + type: string + token: + type: string + type: object + mount: + type: string + namespace: + type: string + role: + type: string + secrets: + items: + description: VaultSecret defines the mapping between the path + of the secret in Vault to the parameter + properties: + key: + type: string + parameter: + type: string + path: + type: string + required: + - key + - parameter + - path + type: object + type: array + required: + - address + - authentication + - secrets + type: object + podIdentity: + description: AuthPodIdentity allows users to select the platform native + identity mechanism + properties: + identityId: + type: string + provider: + description: PodIdentityProvider contains the list of providers + type: string + required: + - provider + type: object + secretTargetRef: + items: + description: AuthSecretTargetRef is used to authenticate using a + reference to a secret + properties: + key: + type: string + name: + type: string + parameter: + type: string + required: + - key + - name + - parameter + type: object + type: array + type: object + status: + description: TriggerAuthenticationStatus defines the observed state of + TriggerAuthentication + properties: + scaledjobs: + type: string + scaledobjects: + type: string + type: object + required: + - spec + type: object + served: true + storage: true + subresources: + status: {} +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.13.0 + labels: + app.kubernetes.io/part-of: keda-olm-operator + app.kubernetes.io/version: main + name: kedacontrollers.keda.sh +spec: + group: keda.sh + names: + kind: KedaController + listKind: KedaControllerList + plural: kedacontrollers + singular: kedacontroller + scope: Namespaced + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: KedaController is the Schema for the kedacontrollers API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: KedaControllerSpec defines the desired state of KedaController + properties: + admissionWebhooks: + properties: + affinity: + description: Affinity for pod scheduling https://kubernetes.io/docs/tasks/configure-pod-container/assign-pods-nodes-using-node-affinity/ + properties: + nodeAffinity: + description: Describes node affinity scheduling rules for + the pod. + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule pods + to nodes that satisfy the affinity expressions specified + by this field, but it may choose a node that violates + one or more of the expressions. The node that is most + preferred is the one with the greatest sum of weights, + i.e. for each node that meets all of the scheduling + requirements (resource request, requiredDuringScheduling + affinity expressions, etc.), compute a sum by iterating + through the elements of this field and adding "weight" + to the sum if the node matches the corresponding matchExpressions; + the node(s) with the highest sum are the most preferred. + items: + description: An empty preferred scheduling term matches + all objects with implicit weight 0 (i.e. it's a no-op). + A null preferred scheduling term matches no objects + (i.e. is also a no-op). + properties: + preference: + description: A node selector term, associated with + the corresponding weight. + properties: + matchExpressions: + description: A list of node selector requirements + by node's labels. + items: + description: A node selector requirement is + a selector that contains values, a key, + and an operator that relates the key and + values. + properties: + key: + description: The label key that the selector + applies to. + type: string + operator: + description: Represents a key's relationship + to a set of values. Valid operators + are In, NotIn, Exists, DoesNotExist. + Gt, and Lt. + type: string + values: + description: An array of string values. + If the operator is In or NotIn, the + values array must be non-empty. If the + operator is Exists or DoesNotExist, + the values array must be empty. If the + operator is Gt or Lt, the values array + must have a single element, which will + be interpreted as an integer. This array + is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchFields: + description: A list of node selector requirements + by node's fields. + items: + description: A node selector requirement is + a selector that contains values, a key, + and an operator that relates the key and + values. + properties: + key: + description: The label key that the selector + applies to. + type: string + operator: + description: Represents a key's relationship + to a set of values. Valid operators + are In, NotIn, Exists, DoesNotExist. + Gt, and Lt. + type: string + values: + description: An array of string values. + If the operator is In or NotIn, the + values array must be non-empty. If the + operator is Exists or DoesNotExist, + the values array must be empty. If the + operator is Gt or Lt, the values array + must have a single element, which will + be interpreted as an integer. This array + is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + type: object + x-kubernetes-map-type: atomic + weight: + description: Weight associated with matching the + corresponding nodeSelectorTerm, in the range 1-100. + format: int32 + type: integer + required: + - preference + - weight + type: object + type: array + requiredDuringSchedulingIgnoredDuringExecution: + description: If the affinity requirements specified by + this field are not met at scheduling time, the pod will + not be scheduled onto the node. If the affinity requirements + specified by this field cease to be met at some point + during pod execution (e.g. due to an update), the system + may or may not try to eventually evict the pod from + its node. + properties: + nodeSelectorTerms: + description: Required. A list of node selector terms. + The terms are ORed. + items: + description: A null or empty node selector term + matches no objects. The requirements of them are + ANDed. The TopologySelectorTerm type implements + a subset of the NodeSelectorTerm. + properties: + matchExpressions: + description: A list of node selector requirements + by node's labels. + items: + description: A node selector requirement is + a selector that contains values, a key, + and an operator that relates the key and + values. + properties: + key: + description: The label key that the selector + applies to. + type: string + operator: + description: Represents a key's relationship + to a set of values. Valid operators + are In, NotIn, Exists, DoesNotExist. + Gt, and Lt. + type: string + values: + description: An array of string values. + If the operator is In or NotIn, the + values array must be non-empty. If the + operator is Exists or DoesNotExist, + the values array must be empty. If the + operator is Gt or Lt, the values array + must have a single element, which will + be interpreted as an integer. This array + is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchFields: + description: A list of node selector requirements + by node's fields. + items: + description: A node selector requirement is + a selector that contains values, a key, + and an operator that relates the key and + values. + properties: + key: + description: The label key that the selector + applies to. + type: string + operator: + description: Represents a key's relationship + to a set of values. Valid operators + are In, NotIn, Exists, DoesNotExist. + Gt, and Lt. + type: string + values: + description: An array of string values. + If the operator is In or NotIn, the + values array must be non-empty. If the + operator is Exists or DoesNotExist, + the values array must be empty. If the + operator is Gt or Lt, the values array + must have a single element, which will + be interpreted as an integer. This array + is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + type: object + x-kubernetes-map-type: atomic + type: array + required: + - nodeSelectorTerms + type: object + x-kubernetes-map-type: atomic + type: object + podAffinity: + description: Describes pod affinity scheduling rules (e.g. + co-locate this pod in the same node, zone, etc. as some + other pod(s)). + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule pods + to nodes that satisfy the affinity expressions specified + by this field, but it may choose a node that violates + one or more of the expressions. The node that is most + preferred is the one with the greatest sum of weights, + i.e. for each node that meets all of the scheduling + requirements (resource request, requiredDuringScheduling + affinity expressions, etc.), compute a sum by iterating + through the elements of this field and adding "weight" + to the sum if the node has pods which matches the corresponding + podAffinityTerm; the node(s) with the highest sum are + the most preferred. + items: + description: The weights of all of the matched WeightedPodAffinityTerm + fields are added per-node to find the most preferred + node(s) + properties: + podAffinityTerm: + description: Required. A pod affinity term, associated + with the corresponding weight. + properties: + labelSelector: + description: A label query over a set of resources, + in this case pods. + properties: + matchExpressions: + description: matchExpressions is a list + of label selector requirements. The requirements + are ANDed. + items: + description: A label selector requirement + is a selector that contains values, + a key, and an operator that relates + the key and values. + properties: + key: + description: key is the label key + that the selector applies to. + type: string + operator: + description: operator represents a + key's relationship to a set of values. + Valid operators are In, NotIn, Exists + and DoesNotExist. + type: string + values: + description: values is an array of + string values. If the operator is + In or NotIn, the values array must + be non-empty. If the operator is + Exists or DoesNotExist, the values + array must be empty. This array + is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator + is "In", and the values array contains + only "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + namespaceSelector: + description: A label query over the set of namespaces + that the term applies to. The term is applied + to the union of the namespaces selected by + this field and the ones listed in the namespaces + field. null selector and null or empty namespaces + list means "this pod's namespace". An empty + selector ({}) matches all namespaces. + properties: + matchExpressions: + description: matchExpressions is a list + of label selector requirements. The requirements + are ANDed. + items: + description: A label selector requirement + is a selector that contains values, + a key, and an operator that relates + the key and values. + properties: + key: + description: key is the label key + that the selector applies to. + type: string + operator: + description: operator represents a + key's relationship to a set of values. + Valid operators are In, NotIn, Exists + and DoesNotExist. + type: string + values: + description: values is an array of + string values. If the operator is + In or NotIn, the values array must + be non-empty. If the operator is + Exists or DoesNotExist, the values + array must be empty. This array + is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator + is "In", and the values array contains + only "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + namespaces: + description: namespaces specifies a static list + of namespace names that the term applies to. + The term is applied to the union of the namespaces + listed in this field and the ones selected + by namespaceSelector. null or empty namespaces + list and null namespaceSelector means "this + pod's namespace". + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) + or not co-located (anti-affinity) with the + pods matching the labelSelector in the specified + namespaces, where co-located is defined as + running on a node whose value of the label + with key topologyKey matches that of any node + on which any of the selected pods is running. + Empty topologyKey is not allowed. + type: string + required: + - topologyKey + type: object + weight: + description: weight associated with matching the + corresponding podAffinityTerm, in the range 1-100. + format: int32 + type: integer + required: + - podAffinityTerm + - weight + type: object + type: array + requiredDuringSchedulingIgnoredDuringExecution: + description: If the affinity requirements specified by + this field are not met at scheduling time, the pod will + not be scheduled onto the node. If the affinity requirements + specified by this field cease to be met at some point + during pod execution (e.g. due to a pod label update), + the system may or may not try to eventually evict the + pod from its node. When there are multiple elements, + the lists of nodes corresponding to each podAffinityTerm + are intersected, i.e. all terms must be satisfied. + items: + description: Defines a set of pods (namely those matching + the labelSelector relative to the given namespace(s)) + that this pod should be co-located (affinity) or not + co-located (anti-affinity) with, where co-located + is defined as running on a node whose value of the + label with key matches that of any node + on which a pod of the set of pods is running + properties: + labelSelector: + description: A label query over a set of resources, + in this case pods. + properties: + matchExpressions: + description: matchExpressions is a list of label + selector requirements. The requirements are + ANDed. + items: + description: A label selector requirement + is a selector that contains values, a key, + and an operator that relates the key and + values. + properties: + key: + description: key is the label key that + the selector applies to. + type: string + operator: + description: operator represents a key's + relationship to a set of values. Valid + operators are In, NotIn, Exists and + DoesNotExist. + type: string + values: + description: values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. + If the operator is Exists or DoesNotExist, + the values array must be empty. This + array is replaced during a strategic + merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is + "In", and the values array contains only "value". + The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + namespaceSelector: + description: A label query over the set of namespaces + that the term applies to. The term is applied + to the union of the namespaces selected by this + field and the ones listed in the namespaces field. + null selector and null or empty namespaces list + means "this pod's namespace". An empty selector + ({}) matches all namespaces. + properties: + matchExpressions: + description: matchExpressions is a list of label + selector requirements. The requirements are + ANDed. + items: + description: A label selector requirement + is a selector that contains values, a key, + and an operator that relates the key and + values. + properties: + key: + description: key is the label key that + the selector applies to. + type: string + operator: + description: operator represents a key's + relationship to a set of values. Valid + operators are In, NotIn, Exists and + DoesNotExist. + type: string + values: + description: values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. + If the operator is Exists or DoesNotExist, + the values array must be empty. This + array is replaced during a strategic + merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is + "In", and the values array contains only "value". + The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + namespaces: + description: namespaces specifies a static list + of namespace names that the term applies to. The + term is applied to the union of the namespaces + listed in this field and the ones selected by + namespaceSelector. null or empty namespaces list + and null namespaceSelector means "this pod's namespace". + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) + or not co-located (anti-affinity) with the pods + matching the labelSelector in the specified namespaces, + where co-located is defined as running on a node + whose value of the label with key topologyKey + matches that of any node on which any of the selected + pods is running. Empty topologyKey is not allowed. + type: string + required: + - topologyKey + type: object + type: array + type: object + podAntiAffinity: + description: Describes pod anti-affinity scheduling rules + (e.g. avoid putting this pod in the same node, zone, etc. + as some other pod(s)). + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule pods + to nodes that satisfy the anti-affinity expressions + specified by this field, but it may choose a node that + violates one or more of the expressions. The node that + is most preferred is the one with the greatest sum of + weights, i.e. for each node that meets all of the scheduling + requirements (resource request, requiredDuringScheduling + anti-affinity expressions, etc.), compute a sum by iterating + through the elements of this field and adding "weight" + to the sum if the node has pods which matches the corresponding + podAffinityTerm; the node(s) with the highest sum are + the most preferred. + items: + description: The weights of all of the matched WeightedPodAffinityTerm + fields are added per-node to find the most preferred + node(s) + properties: + podAffinityTerm: + description: Required. A pod affinity term, associated + with the corresponding weight. + properties: + labelSelector: + description: A label query over a set of resources, + in this case pods. + properties: + matchExpressions: + description: matchExpressions is a list + of label selector requirements. The requirements + are ANDed. + items: + description: A label selector requirement + is a selector that contains values, + a key, and an operator that relates + the key and values. + properties: + key: + description: key is the label key + that the selector applies to. + type: string + operator: + description: operator represents a + key's relationship to a set of values. + Valid operators are In, NotIn, Exists + and DoesNotExist. + type: string + values: + description: values is an array of + string values. If the operator is + In or NotIn, the values array must + be non-empty. If the operator is + Exists or DoesNotExist, the values + array must be empty. This array + is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator + is "In", and the values array contains + only "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + namespaceSelector: + description: A label query over the set of namespaces + that the term applies to. The term is applied + to the union of the namespaces selected by + this field and the ones listed in the namespaces + field. null selector and null or empty namespaces + list means "this pod's namespace". An empty + selector ({}) matches all namespaces. + properties: + matchExpressions: + description: matchExpressions is a list + of label selector requirements. The requirements + are ANDed. + items: + description: A label selector requirement + is a selector that contains values, + a key, and an operator that relates + the key and values. + properties: + key: + description: key is the label key + that the selector applies to. + type: string + operator: + description: operator represents a + key's relationship to a set of values. + Valid operators are In, NotIn, Exists + and DoesNotExist. + type: string + values: + description: values is an array of + string values. If the operator is + In or NotIn, the values array must + be non-empty. If the operator is + Exists or DoesNotExist, the values + array must be empty. This array + is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator + is "In", and the values array contains + only "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + namespaces: + description: namespaces specifies a static list + of namespace names that the term applies to. + The term is applied to the union of the namespaces + listed in this field and the ones selected + by namespaceSelector. null or empty namespaces + list and null namespaceSelector means "this + pod's namespace". + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) + or not co-located (anti-affinity) with the + pods matching the labelSelector in the specified + namespaces, where co-located is defined as + running on a node whose value of the label + with key topologyKey matches that of any node + on which any of the selected pods is running. + Empty topologyKey is not allowed. + type: string + required: + - topologyKey + type: object + weight: + description: weight associated with matching the + corresponding podAffinityTerm, in the range 1-100. + format: int32 + type: integer + required: + - podAffinityTerm + - weight + type: object + type: array + requiredDuringSchedulingIgnoredDuringExecution: + description: If the anti-affinity requirements specified + by this field are not met at scheduling time, the pod + will not be scheduled onto the node. If the anti-affinity + requirements specified by this field cease to be met + at some point during pod execution (e.g. due to a pod + label update), the system may or may not try to eventually + evict the pod from its node. When there are multiple + elements, the lists of nodes corresponding to each podAffinityTerm + are intersected, i.e. all terms must be satisfied. + items: + description: Defines a set of pods (namely those matching + the labelSelector relative to the given namespace(s)) + that this pod should be co-located (affinity) or not + co-located (anti-affinity) with, where co-located + is defined as running on a node whose value of the + label with key matches that of any node + on which a pod of the set of pods is running + properties: + labelSelector: + description: A label query over a set of resources, + in this case pods. + properties: + matchExpressions: + description: matchExpressions is a list of label + selector requirements. The requirements are + ANDed. + items: + description: A label selector requirement + is a selector that contains values, a key, + and an operator that relates the key and + values. + properties: + key: + description: key is the label key that + the selector applies to. + type: string + operator: + description: operator represents a key's + relationship to a set of values. Valid + operators are In, NotIn, Exists and + DoesNotExist. + type: string + values: + description: values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. + If the operator is Exists or DoesNotExist, + the values array must be empty. This + array is replaced during a strategic + merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is + "In", and the values array contains only "value". + The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + namespaceSelector: + description: A label query over the set of namespaces + that the term applies to. The term is applied + to the union of the namespaces selected by this + field and the ones listed in the namespaces field. + null selector and null or empty namespaces list + means "this pod's namespace". An empty selector + ({}) matches all namespaces. + properties: + matchExpressions: + description: matchExpressions is a list of label + selector requirements. The requirements are + ANDed. + items: + description: A label selector requirement + is a selector that contains values, a key, + and an operator that relates the key and + values. + properties: + key: + description: key is the label key that + the selector applies to. + type: string + operator: + description: operator represents a key's + relationship to a set of values. Valid + operators are In, NotIn, Exists and + DoesNotExist. + type: string + values: + description: values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. + If the operator is Exists or DoesNotExist, + the values array must be empty. This + array is replaced during a strategic + merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is + "In", and the values array contains only "value". + The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + namespaces: + description: namespaces specifies a static list + of namespace names that the term applies to. The + term is applied to the union of the namespaces + listed in this field and the ones selected by + namespaceSelector. null or empty namespaces list + and null namespaceSelector means "this pod's namespace". + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) + or not co-located (anti-affinity) with the pods + matching the labelSelector in the specified namespaces, + where co-located is defined as running on a node + whose value of the label with key topologyKey + matches that of any node on which any of the selected + pods is running. Empty topologyKey is not allowed. + type: string + required: + - topologyKey + type: object + type: array + type: object + type: object + args: + description: 'Any user-defined arguments with possibility to override + any existing or previously defined arguments. Allowed formats + are ''--argument=value'', ''argument=value'' or just ''value''. + Ex.: ''--v=0'' or ''ENV_ARGUMENT''' + items: + type: string + type: array + deploymentAnnotations: + additionalProperties: + type: string + description: Annotations applied to the Deployment https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/ + type: object + deploymentLabels: + additionalProperties: + type: string + description: Labels applied to the Deployment https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/ + type: object + logEncoder: + description: 'Logging format for Admission Webhooks allowed values + are ''json'' and ''console'' default value: console' + type: string + logLevel: + description: 'Logging level for Admission Webhooks allowed values: + ''debug'', ''info'', ''error'', or an integer value greater + than 0, specified as string default value: info' + type: string + logTimeEncoding: + description: 'Logging time encoding for Admission Webhooks allowed + values are ''epoch'', ''millis'', ''nano'', ''iso8601'', ''rfc3339'' + or ''rfc3339nano'' default value: rfc3339' + type: string + nodeSelector: + additionalProperties: + type: string + description: Node selector for pod scheduling https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/ + type: object + podAnnotations: + additionalProperties: + type: string + description: Annotations applied to the Pod https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/ + type: object + podLabels: + additionalProperties: + type: string + description: Labels applied to the Pod https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/ + type: object + priorityClassName: + description: Pod priority https://kubernetes.io/docs/concepts/configuration/pod-priority-preemption/ + type: string + resources: + description: Manage resource requests & limits https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + properties: + claims: + description: "Claims lists the names of resources, defined + in spec.resourceClaims, that are used by this container. + \n This is an alpha field and requires enabling the DynamicResourceAllocation + feature gate. \n This field is immutable. It can only be + set for containers." + items: + description: ResourceClaim references one entry in PodSpec.ResourceClaims. + properties: + name: + description: Name must match the name of one entry in + pod.spec.resourceClaims of the Pod where this field + is used. It makes that resource available inside a + container. + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum amount of compute + resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum amount of compute + resources required. If Requests is omitted for a container, + it defaults to Limits if that is explicitly specified, otherwise + to an implementation-defined value. Requests cannot exceed + Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + type: object + tolerations: + description: Tolerations for pod scheduling https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/ + items: + description: The pod this Toleration is attached to tolerates + any taint that matches the triple using + the matching operator . + properties: + effect: + description: Effect indicates the taint effect to match. + Empty means match all taint effects. When specified, allowed + values are NoSchedule, PreferNoSchedule and NoExecute. + type: string + key: + description: Key is the taint key that the toleration applies + to. Empty means match all taint keys. If the key is empty, + operator must be Exists; this combination means to match + all values and all keys. + type: string + operator: + description: Operator represents a key's relationship to + the value. Valid operators are Exists and Equal. Defaults + to Equal. Exists is equivalent to wildcard for value, + so that a pod can tolerate all taints of a particular + category. + type: string + tolerationSeconds: + description: TolerationSeconds represents the period of + time the toleration (which must be of effect NoExecute, + otherwise this field is ignored) tolerates the taint. + By default, it is not set, which means tolerate the taint + forever (do not evict). Zero and negative values will + be treated as 0 (evict immediately) by the system. + format: int64 + type: integer + value: + description: Value is the taint value the toleration matches + to. If the operator is Exists, the value should be empty, + otherwise just a regular string. + type: string + type: object + type: array + type: object + metricsServer: + properties: + affinity: + description: Affinity for pod scheduling https://kubernetes.io/docs/tasks/configure-pod-container/assign-pods-nodes-using-node-affinity/ + properties: + nodeAffinity: + description: Describes node affinity scheduling rules for + the pod. + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule pods + to nodes that satisfy the affinity expressions specified + by this field, but it may choose a node that violates + one or more of the expressions. The node that is most + preferred is the one with the greatest sum of weights, + i.e. for each node that meets all of the scheduling + requirements (resource request, requiredDuringScheduling + affinity expressions, etc.), compute a sum by iterating + through the elements of this field and adding "weight" + to the sum if the node matches the corresponding matchExpressions; + the node(s) with the highest sum are the most preferred. + items: + description: An empty preferred scheduling term matches + all objects with implicit weight 0 (i.e. it's a no-op). + A null preferred scheduling term matches no objects + (i.e. is also a no-op). + properties: + preference: + description: A node selector term, associated with + the corresponding weight. + properties: + matchExpressions: + description: A list of node selector requirements + by node's labels. + items: + description: A node selector requirement is + a selector that contains values, a key, + and an operator that relates the key and + values. + properties: + key: + description: The label key that the selector + applies to. + type: string + operator: + description: Represents a key's relationship + to a set of values. Valid operators + are In, NotIn, Exists, DoesNotExist. + Gt, and Lt. + type: string + values: + description: An array of string values. + If the operator is In or NotIn, the + values array must be non-empty. If the + operator is Exists or DoesNotExist, + the values array must be empty. If the + operator is Gt or Lt, the values array + must have a single element, which will + be interpreted as an integer. This array + is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchFields: + description: A list of node selector requirements + by node's fields. + items: + description: A node selector requirement is + a selector that contains values, a key, + and an operator that relates the key and + values. + properties: + key: + description: The label key that the selector + applies to. + type: string + operator: + description: Represents a key's relationship + to a set of values. Valid operators + are In, NotIn, Exists, DoesNotExist. + Gt, and Lt. + type: string + values: + description: An array of string values. + If the operator is In or NotIn, the + values array must be non-empty. If the + operator is Exists or DoesNotExist, + the values array must be empty. If the + operator is Gt or Lt, the values array + must have a single element, which will + be interpreted as an integer. This array + is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + type: object + x-kubernetes-map-type: atomic + weight: + description: Weight associated with matching the + corresponding nodeSelectorTerm, in the range 1-100. + format: int32 + type: integer + required: + - preference + - weight + type: object + type: array + requiredDuringSchedulingIgnoredDuringExecution: + description: If the affinity requirements specified by + this field are not met at scheduling time, the pod will + not be scheduled onto the node. If the affinity requirements + specified by this field cease to be met at some point + during pod execution (e.g. due to an update), the system + may or may not try to eventually evict the pod from + its node. + properties: + nodeSelectorTerms: + description: Required. A list of node selector terms. + The terms are ORed. + items: + description: A null or empty node selector term + matches no objects. The requirements of them are + ANDed. The TopologySelectorTerm type implements + a subset of the NodeSelectorTerm. + properties: + matchExpressions: + description: A list of node selector requirements + by node's labels. + items: + description: A node selector requirement is + a selector that contains values, a key, + and an operator that relates the key and + values. + properties: + key: + description: The label key that the selector + applies to. + type: string + operator: + description: Represents a key's relationship + to a set of values. Valid operators + are In, NotIn, Exists, DoesNotExist. + Gt, and Lt. + type: string + values: + description: An array of string values. + If the operator is In or NotIn, the + values array must be non-empty. If the + operator is Exists or DoesNotExist, + the values array must be empty. If the + operator is Gt or Lt, the values array + must have a single element, which will + be interpreted as an integer. This array + is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchFields: + description: A list of node selector requirements + by node's fields. + items: + description: A node selector requirement is + a selector that contains values, a key, + and an operator that relates the key and + values. + properties: + key: + description: The label key that the selector + applies to. + type: string + operator: + description: Represents a key's relationship + to a set of values. Valid operators + are In, NotIn, Exists, DoesNotExist. + Gt, and Lt. + type: string + values: + description: An array of string values. + If the operator is In or NotIn, the + values array must be non-empty. If the + operator is Exists or DoesNotExist, + the values array must be empty. If the + operator is Gt or Lt, the values array + must have a single element, which will + be interpreted as an integer. This array + is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + type: object + x-kubernetes-map-type: atomic + type: array + required: + - nodeSelectorTerms + type: object + x-kubernetes-map-type: atomic + type: object + podAffinity: + description: Describes pod affinity scheduling rules (e.g. + co-locate this pod in the same node, zone, etc. as some + other pod(s)). + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule pods + to nodes that satisfy the affinity expressions specified + by this field, but it may choose a node that violates + one or more of the expressions. The node that is most + preferred is the one with the greatest sum of weights, + i.e. for each node that meets all of the scheduling + requirements (resource request, requiredDuringScheduling + affinity expressions, etc.), compute a sum by iterating + through the elements of this field and adding "weight" + to the sum if the node has pods which matches the corresponding + podAffinityTerm; the node(s) with the highest sum are + the most preferred. + items: + description: The weights of all of the matched WeightedPodAffinityTerm + fields are added per-node to find the most preferred + node(s) + properties: + podAffinityTerm: + description: Required. A pod affinity term, associated + with the corresponding weight. + properties: + labelSelector: + description: A label query over a set of resources, + in this case pods. + properties: + matchExpressions: + description: matchExpressions is a list + of label selector requirements. The requirements + are ANDed. + items: + description: A label selector requirement + is a selector that contains values, + a key, and an operator that relates + the key and values. + properties: + key: + description: key is the label key + that the selector applies to. + type: string + operator: + description: operator represents a + key's relationship to a set of values. + Valid operators are In, NotIn, Exists + and DoesNotExist. + type: string + values: + description: values is an array of + string values. If the operator is + In or NotIn, the values array must + be non-empty. If the operator is + Exists or DoesNotExist, the values + array must be empty. This array + is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator + is "In", and the values array contains + only "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + namespaceSelector: + description: A label query over the set of namespaces + that the term applies to. The term is applied + to the union of the namespaces selected by + this field and the ones listed in the namespaces + field. null selector and null or empty namespaces + list means "this pod's namespace". An empty + selector ({}) matches all namespaces. + properties: + matchExpressions: + description: matchExpressions is a list + of label selector requirements. The requirements + are ANDed. + items: + description: A label selector requirement + is a selector that contains values, + a key, and an operator that relates + the key and values. + properties: + key: + description: key is the label key + that the selector applies to. + type: string + operator: + description: operator represents a + key's relationship to a set of values. + Valid operators are In, NotIn, Exists + and DoesNotExist. + type: string + values: + description: values is an array of + string values. If the operator is + In or NotIn, the values array must + be non-empty. If the operator is + Exists or DoesNotExist, the values + array must be empty. This array + is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator + is "In", and the values array contains + only "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + namespaces: + description: namespaces specifies a static list + of namespace names that the term applies to. + The term is applied to the union of the namespaces + listed in this field and the ones selected + by namespaceSelector. null or empty namespaces + list and null namespaceSelector means "this + pod's namespace". + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) + or not co-located (anti-affinity) with the + pods matching the labelSelector in the specified + namespaces, where co-located is defined as + running on a node whose value of the label + with key topologyKey matches that of any node + on which any of the selected pods is running. + Empty topologyKey is not allowed. + type: string + required: + - topologyKey + type: object + weight: + description: weight associated with matching the + corresponding podAffinityTerm, in the range 1-100. + format: int32 + type: integer + required: + - podAffinityTerm + - weight + type: object + type: array + requiredDuringSchedulingIgnoredDuringExecution: + description: If the affinity requirements specified by + this field are not met at scheduling time, the pod will + not be scheduled onto the node. If the affinity requirements + specified by this field cease to be met at some point + during pod execution (e.g. due to a pod label update), + the system may or may not try to eventually evict the + pod from its node. When there are multiple elements, + the lists of nodes corresponding to each podAffinityTerm + are intersected, i.e. all terms must be satisfied. + items: + description: Defines a set of pods (namely those matching + the labelSelector relative to the given namespace(s)) + that this pod should be co-located (affinity) or not + co-located (anti-affinity) with, where co-located + is defined as running on a node whose value of the + label with key matches that of any node + on which a pod of the set of pods is running + properties: + labelSelector: + description: A label query over a set of resources, + in this case pods. + properties: + matchExpressions: + description: matchExpressions is a list of label + selector requirements. The requirements are + ANDed. + items: + description: A label selector requirement + is a selector that contains values, a key, + and an operator that relates the key and + values. + properties: + key: + description: key is the label key that + the selector applies to. + type: string + operator: + description: operator represents a key's + relationship to a set of values. Valid + operators are In, NotIn, Exists and + DoesNotExist. + type: string + values: + description: values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. + If the operator is Exists or DoesNotExist, + the values array must be empty. This + array is replaced during a strategic + merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is + "In", and the values array contains only "value". + The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + namespaceSelector: + description: A label query over the set of namespaces + that the term applies to. The term is applied + to the union of the namespaces selected by this + field and the ones listed in the namespaces field. + null selector and null or empty namespaces list + means "this pod's namespace". An empty selector + ({}) matches all namespaces. + properties: + matchExpressions: + description: matchExpressions is a list of label + selector requirements. The requirements are + ANDed. + items: + description: A label selector requirement + is a selector that contains values, a key, + and an operator that relates the key and + values. + properties: + key: + description: key is the label key that + the selector applies to. + type: string + operator: + description: operator represents a key's + relationship to a set of values. Valid + operators are In, NotIn, Exists and + DoesNotExist. + type: string + values: + description: values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. + If the operator is Exists or DoesNotExist, + the values array must be empty. This + array is replaced during a strategic + merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is + "In", and the values array contains only "value". + The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + namespaces: + description: namespaces specifies a static list + of namespace names that the term applies to. The + term is applied to the union of the namespaces + listed in this field and the ones selected by + namespaceSelector. null or empty namespaces list + and null namespaceSelector means "this pod's namespace". + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) + or not co-located (anti-affinity) with the pods + matching the labelSelector in the specified namespaces, + where co-located is defined as running on a node + whose value of the label with key topologyKey + matches that of any node on which any of the selected + pods is running. Empty topologyKey is not allowed. + type: string + required: + - topologyKey + type: object + type: array + type: object + podAntiAffinity: + description: Describes pod anti-affinity scheduling rules + (e.g. avoid putting this pod in the same node, zone, etc. + as some other pod(s)). + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule pods + to nodes that satisfy the anti-affinity expressions + specified by this field, but it may choose a node that + violates one or more of the expressions. The node that + is most preferred is the one with the greatest sum of + weights, i.e. for each node that meets all of the scheduling + requirements (resource request, requiredDuringScheduling + anti-affinity expressions, etc.), compute a sum by iterating + through the elements of this field and adding "weight" + to the sum if the node has pods which matches the corresponding + podAffinityTerm; the node(s) with the highest sum are + the most preferred. + items: + description: The weights of all of the matched WeightedPodAffinityTerm + fields are added per-node to find the most preferred + node(s) + properties: + podAffinityTerm: + description: Required. A pod affinity term, associated + with the corresponding weight. + properties: + labelSelector: + description: A label query over a set of resources, + in this case pods. + properties: + matchExpressions: + description: matchExpressions is a list + of label selector requirements. The requirements + are ANDed. + items: + description: A label selector requirement + is a selector that contains values, + a key, and an operator that relates + the key and values. + properties: + key: + description: key is the label key + that the selector applies to. + type: string + operator: + description: operator represents a + key's relationship to a set of values. + Valid operators are In, NotIn, Exists + and DoesNotExist. + type: string + values: + description: values is an array of + string values. If the operator is + In or NotIn, the values array must + be non-empty. If the operator is + Exists or DoesNotExist, the values + array must be empty. This array + is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator + is "In", and the values array contains + only "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + namespaceSelector: + description: A label query over the set of namespaces + that the term applies to. The term is applied + to the union of the namespaces selected by + this field and the ones listed in the namespaces + field. null selector and null or empty namespaces + list means "this pod's namespace". An empty + selector ({}) matches all namespaces. + properties: + matchExpressions: + description: matchExpressions is a list + of label selector requirements. The requirements + are ANDed. + items: + description: A label selector requirement + is a selector that contains values, + a key, and an operator that relates + the key and values. + properties: + key: + description: key is the label key + that the selector applies to. + type: string + operator: + description: operator represents a + key's relationship to a set of values. + Valid operators are In, NotIn, Exists + and DoesNotExist. + type: string + values: + description: values is an array of + string values. If the operator is + In or NotIn, the values array must + be non-empty. If the operator is + Exists or DoesNotExist, the values + array must be empty. This array + is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator + is "In", and the values array contains + only "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + namespaces: + description: namespaces specifies a static list + of namespace names that the term applies to. + The term is applied to the union of the namespaces + listed in this field and the ones selected + by namespaceSelector. null or empty namespaces + list and null namespaceSelector means "this + pod's namespace". + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) + or not co-located (anti-affinity) with the + pods matching the labelSelector in the specified + namespaces, where co-located is defined as + running on a node whose value of the label + with key topologyKey matches that of any node + on which any of the selected pods is running. + Empty topologyKey is not allowed. + type: string + required: + - topologyKey + type: object + weight: + description: weight associated with matching the + corresponding podAffinityTerm, in the range 1-100. + format: int32 + type: integer + required: + - podAffinityTerm + - weight + type: object + type: array + requiredDuringSchedulingIgnoredDuringExecution: + description: If the anti-affinity requirements specified + by this field are not met at scheduling time, the pod + will not be scheduled onto the node. If the anti-affinity + requirements specified by this field cease to be met + at some point during pod execution (e.g. due to a pod + label update), the system may or may not try to eventually + evict the pod from its node. When there are multiple + elements, the lists of nodes corresponding to each podAffinityTerm + are intersected, i.e. all terms must be satisfied. + items: + description: Defines a set of pods (namely those matching + the labelSelector relative to the given namespace(s)) + that this pod should be co-located (affinity) or not + co-located (anti-affinity) with, where co-located + is defined as running on a node whose value of the + label with key matches that of any node + on which a pod of the set of pods is running + properties: + labelSelector: + description: A label query over a set of resources, + in this case pods. + properties: + matchExpressions: + description: matchExpressions is a list of label + selector requirements. The requirements are + ANDed. + items: + description: A label selector requirement + is a selector that contains values, a key, + and an operator that relates the key and + values. + properties: + key: + description: key is the label key that + the selector applies to. + type: string + operator: + description: operator represents a key's + relationship to a set of values. Valid + operators are In, NotIn, Exists and + DoesNotExist. + type: string + values: + description: values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. + If the operator is Exists or DoesNotExist, + the values array must be empty. This + array is replaced during a strategic + merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is + "In", and the values array contains only "value". + The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + namespaceSelector: + description: A label query over the set of namespaces + that the term applies to. The term is applied + to the union of the namespaces selected by this + field and the ones listed in the namespaces field. + null selector and null or empty namespaces list + means "this pod's namespace". An empty selector + ({}) matches all namespaces. + properties: + matchExpressions: + description: matchExpressions is a list of label + selector requirements. The requirements are + ANDed. + items: + description: A label selector requirement + is a selector that contains values, a key, + and an operator that relates the key and + values. + properties: + key: + description: key is the label key that + the selector applies to. + type: string + operator: + description: operator represents a key's + relationship to a set of values. Valid + operators are In, NotIn, Exists and + DoesNotExist. + type: string + values: + description: values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. + If the operator is Exists or DoesNotExist, + the values array must be empty. This + array is replaced during a strategic + merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is + "In", and the values array contains only "value". + The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + namespaces: + description: namespaces specifies a static list + of namespace names that the term applies to. The + term is applied to the union of the namespaces + listed in this field and the ones selected by + namespaceSelector. null or empty namespaces list + and null namespaceSelector means "this pod's namespace". + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) + or not co-located (anti-affinity) with the pods + matching the labelSelector in the specified namespaces, + where co-located is defined as running on a node + whose value of the label with key topologyKey + matches that of any node on which any of the selected + pods is running. Empty topologyKey is not allowed. + type: string + required: + - topologyKey + type: object + type: array + type: object + type: object + args: + description: 'Any user-defined arguments with possibility to override + any existing or previously defined arguments. Allowed formats + are ''--argument=value'', ''argument=value'' or just ''value''. + Ex.: ''--v=0'' or ''ENV_ARGUMENT''' + items: + type: string + type: array + auditConfig: + description: Audit config for auditing log files. If a user wants + to config other audit flags, he can do so manually with Args + field. + properties: + lifetime: + description: AuditLifetime defines size and life-span of audit + files. + properties: + maxAge: + description: The maximum number of days to retain old + audit log files based on the timestamp encoded in their + filename. + type: string + maxBackup: + description: The maximum number of old audit log files + to retain. Setting a value of 0 will mean there's no + restriction. + type: string + maxSize: + description: The maximum size in megabytes of the audit + log file before it gets rotated. + type: string + type: object + logFormat: + description: 'Logging format of saved audits. Known formats + are "legacy" & "json". default value: json' + type: string + logOutputVolumeClaim: + description: All requests coming to api server will be logged + to this persistent volume claim. Leaving this empty means + logging to stdout. (if Policy is not empty) + type: string + policy: + description: 'Policy which describes audit configuration. + (Required for audit logging) ex: https://kubernetes.io/docs/tasks/debug/debug-cluster/audit/#audit-policy' + properties: + omitManagedFields: + description: OmitManagedFields indicates whether to omit + the managed fields of the request and response bodies + from being written to the API audit log. This is used + as a global default - a value of 'true' will omit the + managed fileds, otherwise the managed fields will be + included in the API audit log. Note that this can also + be specified per rule in which case the value specified + in a rule will override the global default. + type: boolean + omitStages: + description: OmitStages is a list of stages for which + no events are created. Note that this can also be specified + per rule in which case the union of both are omitted. + items: + description: Stage defines the stages in request handling + that audit events may be generated. + type: string + type: array + rules: + description: Rules specify the audit Level a request should + be recorded at. A request may match multiple rules, + in which case the FIRST matching rule is used. The default + audit level is None, but can be overridden by a catch-all + rule at the end of the list. PolicyRules are strictly + ordered. + items: + description: PolicyRule maps requests based off metadata + to an audit Level. Requests must match the rules of + every field (an intersection of rules). + properties: + level: + description: The Level that requests matching this + rule are recorded at. + type: string + namespaces: + description: Namespaces that this rule matches. + The empty string "" matches non-namespaced resources. + An empty list implies every namespace. + items: + type: string + type: array + nonResourceURLs: + description: 'NonResourceURLs is a set of URL paths + that should be audited. *s are allowed, but only + as the full, final step in the path. Examples: + "/metrics" - Log requests for apiserver metrics + "/healthz*" - Log all health checks' + items: + type: string + type: array + omitManagedFields: + description: OmitManagedFields indicates whether + to omit the managed fields of the request and + response bodies from being written to the API + audit log. - a value of 'true' will drop the managed + fields from the API audit log - a value of 'false' + indicates that the managed fileds should be included + in the API audit log Note that the value, if specified, + in this rule will override the global default + If a value is not specified then the global default + specified in Policy.OmitManagedFields will stand. + type: boolean + omitStages: + description: OmitStages is a list of stages for + which no events are created. Note that this can + also be specified policy wide in which case the + union of both are omitted. An empty list means + no restrictions will apply. + items: + description: Stage defines the stages in request + handling that audit events may be generated. + type: string + type: array + resources: + description: Resources that this rule matches. An + empty list implies all kinds in all API groups. + items: + description: GroupResources represents resource + kinds in an API group. + properties: + group: + description: Group is the name of the API + group that contains the resources. The empty + string represents the core API group. + type: string + resourceNames: + description: ResourceNames is a list of resource + instance names that the policy matches. + Using this field requires Resources to be + specified. An empty list implies that every + instance of the resource is matched. + items: + type: string + type: array + resources: + description: "Resources is a list of resources + this rule applies to. \n For example: 'pods' + matches pods. 'pods/log' matches the log + subresource of pods. '*' matches all resources + and their subresources. 'pods/*' matches + all subresources of pods. '*/scale' matches + all scale subresources. \n If wildcard is + present, the validation rule will ensure + resources do not overlap with each other. + \n An empty list implies all resources and + subresources in this API groups apply." + items: + type: string + type: array + type: object + type: array + userGroups: + description: The user groups this rule applies to. + A user is considered matching if it is a member + of any of the UserGroups. An empty list implies + every user group. + items: + type: string + type: array + users: + description: The users (by authenticated user name) + this rule applies to. An empty list implies every + user. + items: + type: string + type: array + verbs: + description: The verbs that match this rule. An + empty list implies every verb. + items: + type: string + type: array + required: + - level + type: object + type: array + type: object + type: object + deploymentAnnotations: + additionalProperties: + type: string + description: Annotations applied to the Deployment https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/ + type: object + deploymentLabels: + additionalProperties: + type: string + description: Labels applied to the Deployment https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/ + type: object + logLevel: + description: 'Logging level for Metrics Server allowed values: + "0" for info, "4" for debug, or an integer value greater than + 0, specified as string default value: "0"' + type: string + nodeSelector: + additionalProperties: + type: string + description: Node selector for pod scheduling https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/ + type: object + podAnnotations: + additionalProperties: + type: string + description: Annotations applied to the Pod https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/ + type: object + podLabels: + additionalProperties: + type: string + description: Labels applied to the Pod https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/ + type: object + priorityClassName: + description: Pod priority https://kubernetes.io/docs/concepts/configuration/pod-priority-preemption/ + type: string + resources: + description: Manage resource requests & limits https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + properties: + claims: + description: "Claims lists the names of resources, defined + in spec.resourceClaims, that are used by this container. + \n This is an alpha field and requires enabling the DynamicResourceAllocation + feature gate. \n This field is immutable. It can only be + set for containers." + items: + description: ResourceClaim references one entry in PodSpec.ResourceClaims. + properties: + name: + description: Name must match the name of one entry in + pod.spec.resourceClaims of the Pod where this field + is used. It makes that resource available inside a + container. + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum amount of compute + resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum amount of compute + resources required. If Requests is omitted for a container, + it defaults to Limits if that is explicitly specified, otherwise + to an implementation-defined value. Requests cannot exceed + Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + type: object + tolerations: + description: Tolerations for pod scheduling https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/ + items: + description: The pod this Toleration is attached to tolerates + any taint that matches the triple using + the matching operator . + properties: + effect: + description: Effect indicates the taint effect to match. + Empty means match all taint effects. When specified, allowed + values are NoSchedule, PreferNoSchedule and NoExecute. + type: string + key: + description: Key is the taint key that the toleration applies + to. Empty means match all taint keys. If the key is empty, + operator must be Exists; this combination means to match + all values and all keys. + type: string + operator: + description: Operator represents a key's relationship to + the value. Valid operators are Exists and Equal. Defaults + to Equal. Exists is equivalent to wildcard for value, + so that a pod can tolerate all taints of a particular + category. + type: string + tolerationSeconds: + description: TolerationSeconds represents the period of + time the toleration (which must be of effect NoExecute, + otherwise this field is ignored) tolerates the taint. + By default, it is not set, which means tolerate the taint + forever (do not evict). Zero and negative values will + be treated as 0 (evict immediately) by the system. + format: int64 + type: integer + value: + description: Value is the taint value the toleration matches + to. If the operator is Exists, the value should be empty, + otherwise just a regular string. + type: string + type: object + type: array + type: object + operator: + properties: + affinity: + description: Affinity for pod scheduling https://kubernetes.io/docs/tasks/configure-pod-container/assign-pods-nodes-using-node-affinity/ + properties: + nodeAffinity: + description: Describes node affinity scheduling rules for + the pod. + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule pods + to nodes that satisfy the affinity expressions specified + by this field, but it may choose a node that violates + one or more of the expressions. The node that is most + preferred is the one with the greatest sum of weights, + i.e. for each node that meets all of the scheduling + requirements (resource request, requiredDuringScheduling + affinity expressions, etc.), compute a sum by iterating + through the elements of this field and adding "weight" + to the sum if the node matches the corresponding matchExpressions; + the node(s) with the highest sum are the most preferred. + items: + description: An empty preferred scheduling term matches + all objects with implicit weight 0 (i.e. it's a no-op). + A null preferred scheduling term matches no objects + (i.e. is also a no-op). + properties: + preference: + description: A node selector term, associated with + the corresponding weight. + properties: + matchExpressions: + description: A list of node selector requirements + by node's labels. + items: + description: A node selector requirement is + a selector that contains values, a key, + and an operator that relates the key and + values. + properties: + key: + description: The label key that the selector + applies to. + type: string + operator: + description: Represents a key's relationship + to a set of values. Valid operators + are In, NotIn, Exists, DoesNotExist. + Gt, and Lt. + type: string + values: + description: An array of string values. + If the operator is In or NotIn, the + values array must be non-empty. If the + operator is Exists or DoesNotExist, + the values array must be empty. If the + operator is Gt or Lt, the values array + must have a single element, which will + be interpreted as an integer. This array + is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchFields: + description: A list of node selector requirements + by node's fields. + items: + description: A node selector requirement is + a selector that contains values, a key, + and an operator that relates the key and + values. + properties: + key: + description: The label key that the selector + applies to. + type: string + operator: + description: Represents a key's relationship + to a set of values. Valid operators + are In, NotIn, Exists, DoesNotExist. + Gt, and Lt. + type: string + values: + description: An array of string values. + If the operator is In or NotIn, the + values array must be non-empty. If the + operator is Exists or DoesNotExist, + the values array must be empty. If the + operator is Gt or Lt, the values array + must have a single element, which will + be interpreted as an integer. This array + is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + type: object + x-kubernetes-map-type: atomic + weight: + description: Weight associated with matching the + corresponding nodeSelectorTerm, in the range 1-100. + format: int32 + type: integer + required: + - preference + - weight + type: object + type: array + requiredDuringSchedulingIgnoredDuringExecution: + description: If the affinity requirements specified by + this field are not met at scheduling time, the pod will + not be scheduled onto the node. If the affinity requirements + specified by this field cease to be met at some point + during pod execution (e.g. due to an update), the system + may or may not try to eventually evict the pod from + its node. + properties: + nodeSelectorTerms: + description: Required. A list of node selector terms. + The terms are ORed. + items: + description: A null or empty node selector term + matches no objects. The requirements of them are + ANDed. The TopologySelectorTerm type implements + a subset of the NodeSelectorTerm. + properties: + matchExpressions: + description: A list of node selector requirements + by node's labels. + items: + description: A node selector requirement is + a selector that contains values, a key, + and an operator that relates the key and + values. + properties: + key: + description: The label key that the selector + applies to. + type: string + operator: + description: Represents a key's relationship + to a set of values. Valid operators + are In, NotIn, Exists, DoesNotExist. + Gt, and Lt. + type: string + values: + description: An array of string values. + If the operator is In or NotIn, the + values array must be non-empty. If the + operator is Exists or DoesNotExist, + the values array must be empty. If the + operator is Gt or Lt, the values array + must have a single element, which will + be interpreted as an integer. This array + is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchFields: + description: A list of node selector requirements + by node's fields. + items: + description: A node selector requirement is + a selector that contains values, a key, + and an operator that relates the key and + values. + properties: + key: + description: The label key that the selector + applies to. + type: string + operator: + description: Represents a key's relationship + to a set of values. Valid operators + are In, NotIn, Exists, DoesNotExist. + Gt, and Lt. + type: string + values: + description: An array of string values. + If the operator is In or NotIn, the + values array must be non-empty. If the + operator is Exists or DoesNotExist, + the values array must be empty. If the + operator is Gt or Lt, the values array + must have a single element, which will + be interpreted as an integer. This array + is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + type: object + x-kubernetes-map-type: atomic + type: array + required: + - nodeSelectorTerms + type: object + x-kubernetes-map-type: atomic + type: object + podAffinity: + description: Describes pod affinity scheduling rules (e.g. + co-locate this pod in the same node, zone, etc. as some + other pod(s)). + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule pods + to nodes that satisfy the affinity expressions specified + by this field, but it may choose a node that violates + one or more of the expressions. The node that is most + preferred is the one with the greatest sum of weights, + i.e. for each node that meets all of the scheduling + requirements (resource request, requiredDuringScheduling + affinity expressions, etc.), compute a sum by iterating + through the elements of this field and adding "weight" + to the sum if the node has pods which matches the corresponding + podAffinityTerm; the node(s) with the highest sum are + the most preferred. + items: + description: The weights of all of the matched WeightedPodAffinityTerm + fields are added per-node to find the most preferred + node(s) + properties: + podAffinityTerm: + description: Required. A pod affinity term, associated + with the corresponding weight. + properties: + labelSelector: + description: A label query over a set of resources, + in this case pods. + properties: + matchExpressions: + description: matchExpressions is a list + of label selector requirements. The requirements + are ANDed. + items: + description: A label selector requirement + is a selector that contains values, + a key, and an operator that relates + the key and values. + properties: + key: + description: key is the label key + that the selector applies to. + type: string + operator: + description: operator represents a + key's relationship to a set of values. + Valid operators are In, NotIn, Exists + and DoesNotExist. + type: string + values: + description: values is an array of + string values. If the operator is + In or NotIn, the values array must + be non-empty. If the operator is + Exists or DoesNotExist, the values + array must be empty. This array + is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator + is "In", and the values array contains + only "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + namespaceSelector: + description: A label query over the set of namespaces + that the term applies to. The term is applied + to the union of the namespaces selected by + this field and the ones listed in the namespaces + field. null selector and null or empty namespaces + list means "this pod's namespace". An empty + selector ({}) matches all namespaces. + properties: + matchExpressions: + description: matchExpressions is a list + of label selector requirements. The requirements + are ANDed. + items: + description: A label selector requirement + is a selector that contains values, + a key, and an operator that relates + the key and values. + properties: + key: + description: key is the label key + that the selector applies to. + type: string + operator: + description: operator represents a + key's relationship to a set of values. + Valid operators are In, NotIn, Exists + and DoesNotExist. + type: string + values: + description: values is an array of + string values. If the operator is + In or NotIn, the values array must + be non-empty. If the operator is + Exists or DoesNotExist, the values + array must be empty. This array + is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator + is "In", and the values array contains + only "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + namespaces: + description: namespaces specifies a static list + of namespace names that the term applies to. + The term is applied to the union of the namespaces + listed in this field and the ones selected + by namespaceSelector. null or empty namespaces + list and null namespaceSelector means "this + pod's namespace". + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) + or not co-located (anti-affinity) with the + pods matching the labelSelector in the specified + namespaces, where co-located is defined as + running on a node whose value of the label + with key topologyKey matches that of any node + on which any of the selected pods is running. + Empty topologyKey is not allowed. + type: string + required: + - topologyKey + type: object + weight: + description: weight associated with matching the + corresponding podAffinityTerm, in the range 1-100. + format: int32 + type: integer + required: + - podAffinityTerm + - weight + type: object + type: array + requiredDuringSchedulingIgnoredDuringExecution: + description: If the affinity requirements specified by + this field are not met at scheduling time, the pod will + not be scheduled onto the node. If the affinity requirements + specified by this field cease to be met at some point + during pod execution (e.g. due to a pod label update), + the system may or may not try to eventually evict the + pod from its node. When there are multiple elements, + the lists of nodes corresponding to each podAffinityTerm + are intersected, i.e. all terms must be satisfied. + items: + description: Defines a set of pods (namely those matching + the labelSelector relative to the given namespace(s)) + that this pod should be co-located (affinity) or not + co-located (anti-affinity) with, where co-located + is defined as running on a node whose value of the + label with key matches that of any node + on which a pod of the set of pods is running + properties: + labelSelector: + description: A label query over a set of resources, + in this case pods. + properties: + matchExpressions: + description: matchExpressions is a list of label + selector requirements. The requirements are + ANDed. + items: + description: A label selector requirement + is a selector that contains values, a key, + and an operator that relates the key and + values. + properties: + key: + description: key is the label key that + the selector applies to. + type: string + operator: + description: operator represents a key's + relationship to a set of values. Valid + operators are In, NotIn, Exists and + DoesNotExist. + type: string + values: + description: values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. + If the operator is Exists or DoesNotExist, + the values array must be empty. This + array is replaced during a strategic + merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is + "In", and the values array contains only "value". + The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + namespaceSelector: + description: A label query over the set of namespaces + that the term applies to. The term is applied + to the union of the namespaces selected by this + field and the ones listed in the namespaces field. + null selector and null or empty namespaces list + means "this pod's namespace". An empty selector + ({}) matches all namespaces. + properties: + matchExpressions: + description: matchExpressions is a list of label + selector requirements. The requirements are + ANDed. + items: + description: A label selector requirement + is a selector that contains values, a key, + and an operator that relates the key and + values. + properties: + key: + description: key is the label key that + the selector applies to. + type: string + operator: + description: operator represents a key's + relationship to a set of values. Valid + operators are In, NotIn, Exists and + DoesNotExist. + type: string + values: + description: values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. + If the operator is Exists or DoesNotExist, + the values array must be empty. This + array is replaced during a strategic + merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is + "In", and the values array contains only "value". + The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + namespaces: + description: namespaces specifies a static list + of namespace names that the term applies to. The + term is applied to the union of the namespaces + listed in this field and the ones selected by + namespaceSelector. null or empty namespaces list + and null namespaceSelector means "this pod's namespace". + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) + or not co-located (anti-affinity) with the pods + matching the labelSelector in the specified namespaces, + where co-located is defined as running on a node + whose value of the label with key topologyKey + matches that of any node on which any of the selected + pods is running. Empty topologyKey is not allowed. + type: string + required: + - topologyKey + type: object + type: array + type: object + podAntiAffinity: + description: Describes pod anti-affinity scheduling rules + (e.g. avoid putting this pod in the same node, zone, etc. + as some other pod(s)). + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule pods + to nodes that satisfy the anti-affinity expressions + specified by this field, but it may choose a node that + violates one or more of the expressions. The node that + is most preferred is the one with the greatest sum of + weights, i.e. for each node that meets all of the scheduling + requirements (resource request, requiredDuringScheduling + anti-affinity expressions, etc.), compute a sum by iterating + through the elements of this field and adding "weight" + to the sum if the node has pods which matches the corresponding + podAffinityTerm; the node(s) with the highest sum are + the most preferred. + items: + description: The weights of all of the matched WeightedPodAffinityTerm + fields are added per-node to find the most preferred + node(s) + properties: + podAffinityTerm: + description: Required. A pod affinity term, associated + with the corresponding weight. + properties: + labelSelector: + description: A label query over a set of resources, + in this case pods. + properties: + matchExpressions: + description: matchExpressions is a list + of label selector requirements. The requirements + are ANDed. + items: + description: A label selector requirement + is a selector that contains values, + a key, and an operator that relates + the key and values. + properties: + key: + description: key is the label key + that the selector applies to. + type: string + operator: + description: operator represents a + key's relationship to a set of values. + Valid operators are In, NotIn, Exists + and DoesNotExist. + type: string + values: + description: values is an array of + string values. If the operator is + In or NotIn, the values array must + be non-empty. If the operator is + Exists or DoesNotExist, the values + array must be empty. This array + is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator + is "In", and the values array contains + only "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + namespaceSelector: + description: A label query over the set of namespaces + that the term applies to. The term is applied + to the union of the namespaces selected by + this field and the ones listed in the namespaces + field. null selector and null or empty namespaces + list means "this pod's namespace". An empty + selector ({}) matches all namespaces. + properties: + matchExpressions: + description: matchExpressions is a list + of label selector requirements. The requirements + are ANDed. + items: + description: A label selector requirement + is a selector that contains values, + a key, and an operator that relates + the key and values. + properties: + key: + description: key is the label key + that the selector applies to. + type: string + operator: + description: operator represents a + key's relationship to a set of values. + Valid operators are In, NotIn, Exists + and DoesNotExist. + type: string + values: + description: values is an array of + string values. If the operator is + In or NotIn, the values array must + be non-empty. If the operator is + Exists or DoesNotExist, the values + array must be empty. This array + is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator + is "In", and the values array contains + only "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + namespaces: + description: namespaces specifies a static list + of namespace names that the term applies to. + The term is applied to the union of the namespaces + listed in this field and the ones selected + by namespaceSelector. null or empty namespaces + list and null namespaceSelector means "this + pod's namespace". + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) + or not co-located (anti-affinity) with the + pods matching the labelSelector in the specified + namespaces, where co-located is defined as + running on a node whose value of the label + with key topologyKey matches that of any node + on which any of the selected pods is running. + Empty topologyKey is not allowed. + type: string + required: + - topologyKey + type: object + weight: + description: weight associated with matching the + corresponding podAffinityTerm, in the range 1-100. + format: int32 + type: integer + required: + - podAffinityTerm + - weight + type: object + type: array + requiredDuringSchedulingIgnoredDuringExecution: + description: If the anti-affinity requirements specified + by this field are not met at scheduling time, the pod + will not be scheduled onto the node. If the anti-affinity + requirements specified by this field cease to be met + at some point during pod execution (e.g. due to a pod + label update), the system may or may not try to eventually + evict the pod from its node. When there are multiple + elements, the lists of nodes corresponding to each podAffinityTerm + are intersected, i.e. all terms must be satisfied. + items: + description: Defines a set of pods (namely those matching + the labelSelector relative to the given namespace(s)) + that this pod should be co-located (affinity) or not + co-located (anti-affinity) with, where co-located + is defined as running on a node whose value of the + label with key matches that of any node + on which a pod of the set of pods is running + properties: + labelSelector: + description: A label query over a set of resources, + in this case pods. + properties: + matchExpressions: + description: matchExpressions is a list of label + selector requirements. The requirements are + ANDed. + items: + description: A label selector requirement + is a selector that contains values, a key, + and an operator that relates the key and + values. + properties: + key: + description: key is the label key that + the selector applies to. + type: string + operator: + description: operator represents a key's + relationship to a set of values. Valid + operators are In, NotIn, Exists and + DoesNotExist. + type: string + values: + description: values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. + If the operator is Exists or DoesNotExist, + the values array must be empty. This + array is replaced during a strategic + merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is + "In", and the values array contains only "value". + The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + namespaceSelector: + description: A label query over the set of namespaces + that the term applies to. The term is applied + to the union of the namespaces selected by this + field and the ones listed in the namespaces field. + null selector and null or empty namespaces list + means "this pod's namespace". An empty selector + ({}) matches all namespaces. + properties: + matchExpressions: + description: matchExpressions is a list of label + selector requirements. The requirements are + ANDed. + items: + description: A label selector requirement + is a selector that contains values, a key, + and an operator that relates the key and + values. + properties: + key: + description: key is the label key that + the selector applies to. + type: string + operator: + description: operator represents a key's + relationship to a set of values. Valid + operators are In, NotIn, Exists and + DoesNotExist. + type: string + values: + description: values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. + If the operator is Exists or DoesNotExist, + the values array must be empty. This + array is replaced during a strategic + merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is + "In", and the values array contains only "value". + The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + namespaces: + description: namespaces specifies a static list + of namespace names that the term applies to. The + term is applied to the union of the namespaces + listed in this field and the ones selected by + namespaceSelector. null or empty namespaces list + and null namespaceSelector means "this pod's namespace". + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) + or not co-located (anti-affinity) with the pods + matching the labelSelector in the specified namespaces, + where co-located is defined as running on a node + whose value of the label with key topologyKey + matches that of any node on which any of the selected + pods is running. Empty topologyKey is not allowed. + type: string + required: + - topologyKey + type: object + type: array + type: object + type: object + args: + description: 'Any user-defined arguments with possibility to override + any existing or previously defined arguments. Allowed formats + are ''--argument=value'', ''argument=value'' or just ''value''. + Ex.: ''--v=0'' or ''ENV_ARGUMENT''' + items: + type: string + type: array + deploymentAnnotations: + additionalProperties: + type: string + description: Annotations applied to the Deployment https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/ + type: object + deploymentLabels: + additionalProperties: + type: string + description: Labels applied to the Deployment https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/ + type: object + logEncoder: + description: 'Logging format for KEDA Controller allowed values + are ''json'' and ''console'' default value: console' + type: string + logLevel: + description: 'Logging level for KEDA Controller allowed values: + ''debug'', ''info'', ''error'', or an integer value greater + than 0, specified as string default value: info' + type: string + logTimeEncoding: + description: 'Logging time encoding for KEDA Controller allowed + values are ''epoch'', ''millis'', ''nano'', ''iso8601'', ''rfc3339'' + or ''rfc3339nano'' default value: rfc3339' + type: string + nodeSelector: + additionalProperties: + type: string + description: Node selector for pod scheduling https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/ + type: object + podAnnotations: + additionalProperties: + type: string + description: Annotations applied to the Pod https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/ + type: object + podLabels: + additionalProperties: + type: string + description: Labels applied to the Pod https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/ + type: object + priorityClassName: + description: Pod priority https://kubernetes.io/docs/concepts/configuration/pod-priority-preemption/ + type: string + resources: + description: Manage resource requests & limits https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + properties: + claims: + description: "Claims lists the names of resources, defined + in spec.resourceClaims, that are used by this container. + \n This is an alpha field and requires enabling the DynamicResourceAllocation + feature gate. \n This field is immutable. It can only be + set for containers." + items: + description: ResourceClaim references one entry in PodSpec.ResourceClaims. + properties: + name: + description: Name must match the name of one entry in + pod.spec.resourceClaims of the Pod where this field + is used. It makes that resource available inside a + container. + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum amount of compute + resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum amount of compute + resources required. If Requests is omitted for a container, + it defaults to Limits if that is explicitly specified, otherwise + to an implementation-defined value. Requests cannot exceed + Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + type: object + tolerations: + description: Tolerations for pod scheduling https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/ + items: + description: The pod this Toleration is attached to tolerates + any taint that matches the triple using + the matching operator . + properties: + effect: + description: Effect indicates the taint effect to match. + Empty means match all taint effects. When specified, allowed + values are NoSchedule, PreferNoSchedule and NoExecute. + type: string + key: + description: Key is the taint key that the toleration applies + to. Empty means match all taint keys. If the key is empty, + operator must be Exists; this combination means to match + all values and all keys. + type: string + operator: + description: Operator represents a key's relationship to + the value. Valid operators are Exists and Equal. Defaults + to Equal. Exists is equivalent to wildcard for value, + so that a pod can tolerate all taints of a particular + category. + type: string + tolerationSeconds: + description: TolerationSeconds represents the period of + time the toleration (which must be of effect NoExecute, + otherwise this field is ignored) tolerates the taint. + By default, it is not set, which means tolerate the taint + forever (do not evict). Zero and negative values will + be treated as 0 (evict immediately) by the system. + format: int64 + type: integer + value: + description: Value is the taint value the toleration matches + to. If the operator is Exists, the value should be empty, + otherwise just a regular string. + type: string + type: object + type: array + type: object + serviceAccount: + properties: + annotations: + additionalProperties: + type: string + description: Annotations applied to the Service Account https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/ + type: object + labels: + additionalProperties: + type: string + description: Labels applied to the Service Account https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/ + type: object + type: object + watchNamespace: + type: string + type: object + status: + description: KedaControllerStatus defines the observed state of KedaController + properties: + configmapdatasum: + type: string + phase: + type: string + reason: + type: string + secretdatasum: + type: string + version: + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.13.0 + labels: + app.kubernetes.io/part-of: keda-olm-operator + app.kubernetes.io/version: main + name: scaledjobs.keda.sh +spec: + group: keda.sh + names: + kind: ScaledJob + listKind: ScaledJobList + plural: scaledjobs + shortNames: + - sj + singular: scaledjob + scope: Namespaced + versions: + - additionalPrinterColumns: + - jsonPath: .spec.minReplicaCount + name: Min + type: integer + - jsonPath: .spec.maxReplicaCount + name: Max + type: integer + - jsonPath: .spec.triggers[*].type + name: Triggers + type: string + - jsonPath: .spec.triggers[*].authenticationRef.name + name: Authentication + type: string + - jsonPath: .status.conditions[?(@.type=="Ready")].status + name: Ready + type: string + - jsonPath: .status.conditions[?(@.type=="Active")].status + name: Active + type: string + - jsonPath: .status.conditions[?(@.type=="Paused")].status + name: Paused + type: string + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1alpha1 + schema: + openAPIV3Schema: + description: ScaledJob is the Schema for the scaledjobs API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: ScaledJobSpec defines the desired state of ScaledJob + properties: + envSourceContainerName: + type: string + failedJobsHistoryLimit: + format: int32 + type: integer + jobTargetRef: + description: JobSpec describes how the job execution will look like. + properties: + activeDeadlineSeconds: + description: Specifies the duration in seconds relative to the + startTime that the job may be continuously active before the + system tries to terminate it; value must be positive integer. + If a Job is suspended (at creation or through an update), this + timer will effectively be stopped and reset when the Job is + resumed again. + format: int64 + type: integer + backoffLimit: + description: Specifies the number of retries before marking this + job failed. Defaults to 6 + format: int32 + type: integer + backoffLimitPerIndex: + description: Specifies the limit for the number of retries within + an index before marking this index as failed. When enabled the + number of failures per index is kept in the pod's batch.kubernetes.io/job-index-failure-count + annotation. It can only be set when Job's completionMode=Indexed, + and the Pod's restart policy is Never. The field is immutable. + This field is alpha-level. It can be used when the `JobBackoffLimitPerIndex` + feature gate is enabled (disabled by default). + format: int32 + type: integer + completionMode: + description: "completionMode specifies how Pod completions are + tracked. It can be `NonIndexed` (default) or `Indexed`. \n `NonIndexed` + means that the Job is considered complete when there have been + .spec.completions successfully completed Pods. Each Pod completion + is homologous to each other. \n `Indexed` means that the Pods + of a Job get an associated completion index from 0 to (.spec.completions + - 1), available in the annotation batch.kubernetes.io/job-completion-index. + The Job is considered complete when there is one successfully + completed Pod for each index. When value is `Indexed`, .spec.completions + must be specified and `.spec.parallelism` must be less than + or equal to 10^5. In addition, The Pod name takes the form `$(job-name)-$(index)-$(random-string)`, + the Pod hostname takes the form `$(job-name)-$(index)`. \n More + completion modes can be added in the future. If the Job controller + observes a mode that it doesn't recognize, which is possible + during upgrades due to version skew, the controller skips updates + for the Job." + type: string + completions: + description: 'Specifies the desired number of successfully finished + pods the job should be run with. Setting to null means that + the success of any pod signals the success of all pods, and + allows parallelism to have any positive value. Setting to 1 + means that parallelism is limited to 1 and the success of that + pod signals the success of the job. More info: https://kubernetes.io/docs/concepts/workloads/controllers/jobs-run-to-completion/' + format: int32 + type: integer + manualSelector: + description: 'manualSelector controls generation of pod labels + and pod selectors. Leave `manualSelector` unset unless you are + certain what you are doing. When false or unset, the system + pick labels unique to this job and appends those labels to the + pod template. When true, the user is responsible for picking + unique labels and specifying the selector. Failure to pick + a unique label may cause this and other jobs to not function + correctly. However, You may see `manualSelector=true` in jobs + that were created with the old `extensions/v1beta1` API. More + info: https://kubernetes.io/docs/concepts/workloads/controllers/jobs-run-to-completion/#specifying-your-own-pod-selector' + type: boolean + maxFailedIndexes: + description: Specifies the maximal number of failed indexes before + marking the Job as failed, when backoffLimitPerIndex is set. + Once the number of failed indexes exceeds this number the entire + Job is marked as Failed and its execution is terminated. When + left as null the job continues execution of all of its indexes + and is marked with the `Complete` Job condition. It can only + be specified when backoffLimitPerIndex is set. It can be null + or up to completions. It is required and must be less than or + equal to 10^4 when is completions greater than 10^5. This field + is alpha-level. It can be used when the `JobBackoffLimitPerIndex` + feature gate is enabled (disabled by default). + format: int32 + type: integer + parallelism: + description: 'Specifies the maximum desired number of pods the + job should run at any given time. The actual number of pods + running in steady state will be less than this number when ((.spec.completions + - .status.successful) < .spec.parallelism), i.e. when the work + left to do is less than max parallelism. More info: https://kubernetes.io/docs/concepts/workloads/controllers/jobs-run-to-completion/' + format: int32 + type: integer + podFailurePolicy: + description: "Specifies the policy of handling failed pods. In + particular, it allows to specify the set of actions and conditions + which need to be satisfied to take the associated action. If + empty, the default behaviour applies - the counter of failed + pods, represented by the jobs's .status.failed field, is incremented + and it is checked against the backoffLimit. This field cannot + be used in combination with restartPolicy=OnFailure. \n This + field is beta-level. It can be used when the `JobPodFailurePolicy` + feature gate is enabled (enabled by default)." + properties: + rules: + description: A list of pod failure policy rules. The rules + are evaluated in order. Once a rule matches a Pod failure, + the remaining of the rules are ignored. When no rule matches + the Pod failure, the default handling applies - the counter + of pod failures is incremented and it is checked against + the backoffLimit. At most 20 elements are allowed. + items: + description: PodFailurePolicyRule describes how a pod failure + is handled when the requirements are met. One of onExitCodes + and onPodConditions, but not both, can be used in each + rule. + properties: + action: + description: "Specifies the action taken on a pod failure + when the requirements are satisfied. Possible values + are: \n - FailJob: indicates that the pod's job is + marked as Failed and all running pods are terminated. + - FailIndex: indicates that the pod's index is marked + as Failed and will not be restarted. This value is + alpha-level. It can be used when the `JobBackoffLimitPerIndex` + feature gate is enabled (disabled by default). - Ignore: + indicates that the counter towards the .backoffLimit + is not incremented and a replacement pod is created. + - Count: indicates that the pod is handled in the + default way - the counter towards the .backoffLimit + is incremented. Additional values are considered to + be added in the future. Clients should react to an + unknown action by skipping the rule." + type: string + onExitCodes: + description: Represents the requirement on the container + exit codes. + properties: + containerName: + description: Restricts the check for exit codes + to the container with the specified name. When + null, the rule applies to all containers. When + specified, it should match one the container or + initContainer names in the pod template. + type: string + operator: + description: "Represents the relationship between + the container exit code(s) and the specified values. + Containers completed with success (exit code 0) + are excluded from the requirement check. Possible + values are: \n - In: the requirement is satisfied + if at least one container exit code (might be + multiple if there are multiple containers not + restricted by the 'containerName' field) is in + the set of specified values. - NotIn: the requirement + is satisfied if at least one container exit code + (might be multiple if there are multiple containers + not restricted by the 'containerName' field) is + not in the set of specified values. Additional + values are considered to be added in the future. + Clients should react to an unknown operator by + assuming the requirement is not satisfied." + type: string + values: + description: Specifies the set of values. Each returned + container exit code (might be multiple in case + of multiple containers) is checked against this + set of values with respect to the operator. The + list of values must be ordered and must not contain + duplicates. Value '0' cannot be used for the In + operator. At least one element is required. At + most 255 elements are allowed. + items: + format: int32 + type: integer + type: array + x-kubernetes-list-type: set + required: + - operator + - values + type: object + onPodConditions: + description: Represents the requirement on the pod conditions. + The requirement is represented as a list of pod condition + patterns. The requirement is satisfied if at least + one pattern matches an actual pod condition. At most + 20 elements are allowed. + items: + description: PodFailurePolicyOnPodConditionsPattern + describes a pattern for matching an actual pod condition + type. + properties: + status: + description: Specifies the required Pod condition + status. To match a pod condition it is required + that the specified status equals the pod condition + status. Defaults to True. + type: string + type: + description: Specifies the required Pod condition + type. To match a pod condition it is required + that specified type equals the pod condition + type. + type: string + required: + - status + - type + type: object + type: array + x-kubernetes-list-type: atomic + required: + - action + type: object + type: array + x-kubernetes-list-type: atomic + required: + - rules + type: object + podReplacementPolicy: + description: "podReplacementPolicy specifies when to create replacement + Pods. Possible values are: - TerminatingOrFailed means that + we recreate pods when they are terminating (has a metadata.deletionTimestamp) + or failed. - Failed means to wait until a previously created + Pod is fully terminated (has phase Failed or Succeeded) before + creating a replacement Pod. \n When using podFailurePolicy, + Failed is the the only allowed value. TerminatingOrFailed and + Failed are allowed values when podFailurePolicy is not in use. + This is an alpha field. Enable JobPodReplacementPolicy to be + able to use this field." + type: string + selector: + description: 'A label query over pods that should match the pod + count. Normally, the system sets this field for you. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#label-selectors' + properties: + matchExpressions: + description: matchExpressions is a list of label selector + requirements. The requirements are ANDed. + items: + description: A label selector requirement is a selector + that contains values, a key, and an operator that relates + the key and values. + properties: + key: + description: key is the label key that the selector + applies to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are In, NotIn, + Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. If + the operator is In or NotIn, the values array must + be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced + during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} pairs. A + single {key,value} in the matchLabels map is equivalent + to an element of matchExpressions, whose key field is "key", + the operator is "In", and the values array contains only + "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + suspend: + description: suspend specifies whether the Job controller should + create Pods or not. If a Job is created with suspend set to + true, no Pods are created by the Job controller. If a Job is + suspended after creation (i.e. the flag goes from false to true), + the Job controller will delete all active Pods associated with + this Job. Users must design their workload to gracefully handle + this. Suspending a Job will reset the StartTime field of the + Job, effectively resetting the ActiveDeadlineSeconds timer too. + Defaults to false. + type: boolean + template: + description: 'Describes the pod that will be created when executing + a job. The only allowed template.spec.restartPolicy values are + "Never" or "OnFailure". More info: https://kubernetes.io/docs/concepts/workloads/controllers/jobs-run-to-completion/' + properties: + metadata: + description: 'Standard object''s metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata' + type: object + x-kubernetes-preserve-unknown-fields: true + spec: + description: 'Specification of the desired behavior of the + pod. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status' + properties: + activeDeadlineSeconds: + description: Optional duration in seconds the pod may + be active on the node relative to StartTime before the + system will actively try to mark it failed and kill + associated containers. Value must be a positive integer. + format: int64 + type: integer + affinity: + description: If specified, the pod's scheduling constraints + properties: + nodeAffinity: + description: Describes node affinity scheduling rules + for the pod. + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule + pods to nodes that satisfy the affinity expressions + specified by this field, but it may choose a + node that violates one or more of the expressions. + The node that is most preferred is the one with + the greatest sum of weights, i.e. for each node + that meets all of the scheduling requirements + (resource request, requiredDuringScheduling + affinity expressions, etc.), compute a sum by + iterating through the elements of this field + and adding "weight" to the sum if the node matches + the corresponding matchExpressions; the node(s) + with the highest sum are the most preferred. + items: + description: An empty preferred scheduling term + matches all objects with implicit weight 0 + (i.e. it's a no-op). A null preferred scheduling + term matches no objects (i.e. is also a no-op). + properties: + preference: + description: A node selector term, associated + with the corresponding weight. + properties: + matchExpressions: + description: A list of node selector + requirements by node's labels. + items: + description: A node selector requirement + is a selector that contains values, + a key, and an operator that relates + the key and values. + properties: + key: + description: The label key that + the selector applies to. + type: string + operator: + description: Represents a key's + relationship to a set of values. + Valid operators are In, NotIn, + Exists, DoesNotExist. Gt, and + Lt. + type: string + values: + description: An array of string + values. If the operator is In + or NotIn, the values array must + be non-empty. If the operator + is Exists or DoesNotExist, the + values array must be empty. + If the operator is Gt or Lt, + the values array must have a + single element, which will be + interpreted as an integer. This + array is replaced during a strategic + merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchFields: + description: A list of node selector + requirements by node's fields. + items: + description: A node selector requirement + is a selector that contains values, + a key, and an operator that relates + the key and values. + properties: + key: + description: The label key that + the selector applies to. + type: string + operator: + description: Represents a key's + relationship to a set of values. + Valid operators are In, NotIn, + Exists, DoesNotExist. Gt, and + Lt. + type: string + values: + description: An array of string + values. If the operator is In + or NotIn, the values array must + be non-empty. If the operator + is Exists or DoesNotExist, the + values array must be empty. + If the operator is Gt or Lt, + the values array must have a + single element, which will be + interpreted as an integer. This + array is replaced during a strategic + merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + type: object + x-kubernetes-map-type: atomic + weight: + description: Weight associated with matching + the corresponding nodeSelectorTerm, in + the range 1-100. + format: int32 + type: integer + required: + - preference + - weight + type: object + type: array + requiredDuringSchedulingIgnoredDuringExecution: + description: If the affinity requirements specified + by this field are not met at scheduling time, + the pod will not be scheduled onto the node. + If the affinity requirements specified by this + field cease to be met at some point during pod + execution (e.g. due to an update), the system + may or may not try to eventually evict the pod + from its node. + properties: + nodeSelectorTerms: + description: Required. A list of node selector + terms. The terms are ORed. + items: + description: A null or empty node selector + term matches no objects. The requirements + of them are ANDed. The TopologySelectorTerm + type implements a subset of the NodeSelectorTerm. + properties: + matchExpressions: + description: A list of node selector + requirements by node's labels. + items: + description: A node selector requirement + is a selector that contains values, + a key, and an operator that relates + the key and values. + properties: + key: + description: The label key that + the selector applies to. + type: string + operator: + description: Represents a key's + relationship to a set of values. + Valid operators are In, NotIn, + Exists, DoesNotExist. Gt, and + Lt. + type: string + values: + description: An array of string + values. If the operator is In + or NotIn, the values array must + be non-empty. If the operator + is Exists or DoesNotExist, the + values array must be empty. + If the operator is Gt or Lt, + the values array must have a + single element, which will be + interpreted as an integer. This + array is replaced during a strategic + merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchFields: + description: A list of node selector + requirements by node's fields. + items: + description: A node selector requirement + is a selector that contains values, + a key, and an operator that relates + the key and values. + properties: + key: + description: The label key that + the selector applies to. + type: string + operator: + description: Represents a key's + relationship to a set of values. + Valid operators are In, NotIn, + Exists, DoesNotExist. Gt, and + Lt. + type: string + values: + description: An array of string + values. If the operator is In + or NotIn, the values array must + be non-empty. If the operator + is Exists or DoesNotExist, the + values array must be empty. + If the operator is Gt or Lt, + the values array must have a + single element, which will be + interpreted as an integer. This + array is replaced during a strategic + merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + type: object + x-kubernetes-map-type: atomic + type: array + required: + - nodeSelectorTerms + type: object + x-kubernetes-map-type: atomic + type: object + podAffinity: + description: Describes pod affinity scheduling rules + (e.g. co-locate this pod in the same node, zone, + etc. as some other pod(s)). + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule + pods to nodes that satisfy the affinity expressions + specified by this field, but it may choose a + node that violates one or more of the expressions. + The node that is most preferred is the one with + the greatest sum of weights, i.e. for each node + that meets all of the scheduling requirements + (resource request, requiredDuringScheduling + affinity expressions, etc.), compute a sum by + iterating through the elements of this field + and adding "weight" to the sum if the node has + pods which matches the corresponding podAffinityTerm; + the node(s) with the highest sum are the most + preferred. + items: + description: The weights of all of the matched + WeightedPodAffinityTerm fields are added per-node + to find the most preferred node(s) + properties: + podAffinityTerm: + description: Required. A pod affinity term, + associated with the corresponding weight. + properties: + labelSelector: + description: A label query over a set + of resources, in this case pods. + properties: + matchExpressions: + description: matchExpressions is + a list of label selector requirements. + The requirements are ANDed. + items: + description: A label selector + requirement is a selector that + contains values, a key, and + an operator that relates the + key and values. + properties: + key: + description: key is the label + key that the selector applies + to. + type: string + operator: + description: operator represents + a key's relationship to + a set of values. Valid operators + are In, NotIn, Exists and + DoesNotExist. + type: string + values: + description: values is an + array of string values. + If the operator is In or + NotIn, the values array + must be non-empty. If the + operator is Exists or DoesNotExist, + the values array must be + empty. This array is replaced + during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map + of {key,value} pairs. A single + {key,value} in the matchLabels + map is equivalent to an element + of matchExpressions, whose key + field is "key", the operator is + "In", and the values array contains + only "value". The requirements + are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + namespaceSelector: + description: A label query over the + set of namespaces that the term applies + to. The term is applied to the union + of the namespaces selected by this + field and the ones listed in the namespaces + field. null selector and null or empty + namespaces list means "this pod's + namespace". An empty selector ({}) + matches all namespaces. + properties: + matchExpressions: + description: matchExpressions is + a list of label selector requirements. + The requirements are ANDed. + items: + description: A label selector + requirement is a selector that + contains values, a key, and + an operator that relates the + key and values. + properties: + key: + description: key is the label + key that the selector applies + to. + type: string + operator: + description: operator represents + a key's relationship to + a set of values. Valid operators + are In, NotIn, Exists and + DoesNotExist. + type: string + values: + description: values is an + array of string values. + If the operator is In or + NotIn, the values array + must be non-empty. If the + operator is Exists or DoesNotExist, + the values array must be + empty. This array is replaced + during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map + of {key,value} pairs. A single + {key,value} in the matchLabels + map is equivalent to an element + of matchExpressions, whose key + field is "key", the operator is + "In", and the values array contains + only "value". The requirements + are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + namespaces: + description: namespaces specifies a + static list of namespace names that + the term applies to. The term is applied + to the union of the namespaces listed + in this field and the ones selected + by namespaceSelector. null or empty + namespaces list and null namespaceSelector + means "this pod's namespace". + items: + type: string + type: array + topologyKey: + description: This pod should be co-located + (affinity) or not co-located (anti-affinity) + with the pods matching the labelSelector + in the specified namespaces, where + co-located is defined as running on + a node whose value of the label with + key topologyKey matches that of any + node on which any of the selected + pods is running. Empty topologyKey + is not allowed. + type: string + required: + - topologyKey + type: object + weight: + description: weight associated with matching + the corresponding podAffinityTerm, in + the range 1-100. + format: int32 + type: integer + required: + - podAffinityTerm + - weight + type: object + type: array + requiredDuringSchedulingIgnoredDuringExecution: + description: If the affinity requirements specified + by this field are not met at scheduling time, + the pod will not be scheduled onto the node. + If the affinity requirements specified by this + field cease to be met at some point during pod + execution (e.g. due to a pod label update), + the system may or may not try to eventually + evict the pod from its node. When there are + multiple elements, the lists of nodes corresponding + to each podAffinityTerm are intersected, i.e. + all terms must be satisfied. + items: + description: Defines a set of pods (namely those + matching the labelSelector relative to the + given namespace(s)) that this pod should be + co-located (affinity) or not co-located (anti-affinity) + with, where co-located is defined as running + on a node whose value of the label with key + matches that of any node on + which a pod of the set of pods is running + properties: + labelSelector: + description: A label query over a set of + resources, in this case pods. + properties: + matchExpressions: + description: matchExpressions is a list + of label selector requirements. The + requirements are ANDed. + items: + description: A label selector requirement + is a selector that contains values, + a key, and an operator that relates + the key and values. + properties: + key: + description: key is the label + key that the selector applies + to. + type: string + operator: + description: operator represents + a key's relationship to a set + of values. Valid operators are + In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array + of string values. If the operator + is In or NotIn, the values array + must be non-empty. If the operator + is Exists or DoesNotExist, the + values array must be empty. + This array is replaced during + a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of + {key,value} pairs. A single {key,value} + in the matchLabels map is equivalent + to an element of matchExpressions, + whose key field is "key", the operator + is "In", and the values array contains + only "value". The requirements are + ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + namespaceSelector: + description: A label query over the set + of namespaces that the term applies to. + The term is applied to the union of the + namespaces selected by this field and + the ones listed in the namespaces field. + null selector and null or empty namespaces + list means "this pod's namespace". An + empty selector ({}) matches all namespaces. + properties: + matchExpressions: + description: matchExpressions is a list + of label selector requirements. The + requirements are ANDed. + items: + description: A label selector requirement + is a selector that contains values, + a key, and an operator that relates + the key and values. + properties: + key: + description: key is the label + key that the selector applies + to. + type: string + operator: + description: operator represents + a key's relationship to a set + of values. Valid operators are + In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array + of string values. If the operator + is In or NotIn, the values array + must be non-empty. If the operator + is Exists or DoesNotExist, the + values array must be empty. + This array is replaced during + a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of + {key,value} pairs. A single {key,value} + in the matchLabels map is equivalent + to an element of matchExpressions, + whose key field is "key", the operator + is "In", and the values array contains + only "value". The requirements are + ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + namespaces: + description: namespaces specifies a static + list of namespace names that the term + applies to. The term is applied to the + union of the namespaces listed in this + field and the ones selected by namespaceSelector. + null or empty namespaces list and null + namespaceSelector means "this pod's namespace". + items: + type: string + type: array + topologyKey: + description: This pod should be co-located + (affinity) or not co-located (anti-affinity) + with the pods matching the labelSelector + in the specified namespaces, where co-located + is defined as running on a node whose + value of the label with key topologyKey + matches that of any node on which any + of the selected pods is running. Empty + topologyKey is not allowed. + type: string + required: + - topologyKey + type: object + type: array + type: object + podAntiAffinity: + description: Describes pod anti-affinity scheduling + rules (e.g. avoid putting this pod in the same node, + zone, etc. as some other pod(s)). + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule + pods to nodes that satisfy the anti-affinity + expressions specified by this field, but it + may choose a node that violates one or more + of the expressions. The node that is most preferred + is the one with the greatest sum of weights, + i.e. for each node that meets all of the scheduling + requirements (resource request, requiredDuringScheduling + anti-affinity expressions, etc.), compute a + sum by iterating through the elements of this + field and adding "weight" to the sum if the + node has pods which matches the corresponding + podAffinityTerm; the node(s) with the highest + sum are the most preferred. + items: + description: The weights of all of the matched + WeightedPodAffinityTerm fields are added per-node + to find the most preferred node(s) + properties: + podAffinityTerm: + description: Required. A pod affinity term, + associated with the corresponding weight. + properties: + labelSelector: + description: A label query over a set + of resources, in this case pods. + properties: + matchExpressions: + description: matchExpressions is + a list of label selector requirements. + The requirements are ANDed. + items: + description: A label selector + requirement is a selector that + contains values, a key, and + an operator that relates the + key and values. + properties: + key: + description: key is the label + key that the selector applies + to. + type: string + operator: + description: operator represents + a key's relationship to + a set of values. Valid operators + are In, NotIn, Exists and + DoesNotExist. + type: string + values: + description: values is an + array of string values. + If the operator is In or + NotIn, the values array + must be non-empty. If the + operator is Exists or DoesNotExist, + the values array must be + empty. This array is replaced + during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map + of {key,value} pairs. A single + {key,value} in the matchLabels + map is equivalent to an element + of matchExpressions, whose key + field is "key", the operator is + "In", and the values array contains + only "value". The requirements + are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + namespaceSelector: + description: A label query over the + set of namespaces that the term applies + to. The term is applied to the union + of the namespaces selected by this + field and the ones listed in the namespaces + field. null selector and null or empty + namespaces list means "this pod's + namespace". An empty selector ({}) + matches all namespaces. + properties: + matchExpressions: + description: matchExpressions is + a list of label selector requirements. + The requirements are ANDed. + items: + description: A label selector + requirement is a selector that + contains values, a key, and + an operator that relates the + key and values. + properties: + key: + description: key is the label + key that the selector applies + to. + type: string + operator: + description: operator represents + a key's relationship to + a set of values. Valid operators + are In, NotIn, Exists and + DoesNotExist. + type: string + values: + description: values is an + array of string values. + If the operator is In or + NotIn, the values array + must be non-empty. If the + operator is Exists or DoesNotExist, + the values array must be + empty. This array is replaced + during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map + of {key,value} pairs. A single + {key,value} in the matchLabels + map is equivalent to an element + of matchExpressions, whose key + field is "key", the operator is + "In", and the values array contains + only "value". The requirements + are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + namespaces: + description: namespaces specifies a + static list of namespace names that + the term applies to. The term is applied + to the union of the namespaces listed + in this field and the ones selected + by namespaceSelector. null or empty + namespaces list and null namespaceSelector + means "this pod's namespace". + items: + type: string + type: array + topologyKey: + description: This pod should be co-located + (affinity) or not co-located (anti-affinity) + with the pods matching the labelSelector + in the specified namespaces, where + co-located is defined as running on + a node whose value of the label with + key topologyKey matches that of any + node on which any of the selected + pods is running. Empty topologyKey + is not allowed. + type: string + required: + - topologyKey + type: object + weight: + description: weight associated with matching + the corresponding podAffinityTerm, in + the range 1-100. + format: int32 + type: integer + required: + - podAffinityTerm + - weight + type: object + type: array + requiredDuringSchedulingIgnoredDuringExecution: + description: If the anti-affinity requirements + specified by this field are not met at scheduling + time, the pod will not be scheduled onto the + node. If the anti-affinity requirements specified + by this field cease to be met at some point + during pod execution (e.g. due to a pod label + update), the system may or may not try to eventually + evict the pod from its node. When there are + multiple elements, the lists of nodes corresponding + to each podAffinityTerm are intersected, i.e. + all terms must be satisfied. + items: + description: Defines a set of pods (namely those + matching the labelSelector relative to the + given namespace(s)) that this pod should be + co-located (affinity) or not co-located (anti-affinity) + with, where co-located is defined as running + on a node whose value of the label with key + matches that of any node on + which a pod of the set of pods is running + properties: + labelSelector: + description: A label query over a set of + resources, in this case pods. + properties: + matchExpressions: + description: matchExpressions is a list + of label selector requirements. The + requirements are ANDed. + items: + description: A label selector requirement + is a selector that contains values, + a key, and an operator that relates + the key and values. + properties: + key: + description: key is the label + key that the selector applies + to. + type: string + operator: + description: operator represents + a key's relationship to a set + of values. Valid operators are + In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array + of string values. If the operator + is In or NotIn, the values array + must be non-empty. If the operator + is Exists or DoesNotExist, the + values array must be empty. + This array is replaced during + a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of + {key,value} pairs. A single {key,value} + in the matchLabels map is equivalent + to an element of matchExpressions, + whose key field is "key", the operator + is "In", and the values array contains + only "value". The requirements are + ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + namespaceSelector: + description: A label query over the set + of namespaces that the term applies to. + The term is applied to the union of the + namespaces selected by this field and + the ones listed in the namespaces field. + null selector and null or empty namespaces + list means "this pod's namespace". An + empty selector ({}) matches all namespaces. + properties: + matchExpressions: + description: matchExpressions is a list + of label selector requirements. The + requirements are ANDed. + items: + description: A label selector requirement + is a selector that contains values, + a key, and an operator that relates + the key and values. + properties: + key: + description: key is the label + key that the selector applies + to. + type: string + operator: + description: operator represents + a key's relationship to a set + of values. Valid operators are + In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array + of string values. If the operator + is In or NotIn, the values array + must be non-empty. If the operator + is Exists or DoesNotExist, the + values array must be empty. + This array is replaced during + a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of + {key,value} pairs. A single {key,value} + in the matchLabels map is equivalent + to an element of matchExpressions, + whose key field is "key", the operator + is "In", and the values array contains + only "value". The requirements are + ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + namespaces: + description: namespaces specifies a static + list of namespace names that the term + applies to. The term is applied to the + union of the namespaces listed in this + field and the ones selected by namespaceSelector. + null or empty namespaces list and null + namespaceSelector means "this pod's namespace". + items: + type: string + type: array + topologyKey: + description: This pod should be co-located + (affinity) or not co-located (anti-affinity) + with the pods matching the labelSelector + in the specified namespaces, where co-located + is defined as running on a node whose + value of the label with key topologyKey + matches that of any node on which any + of the selected pods is running. Empty + topologyKey is not allowed. + type: string + required: + - topologyKey + type: object + type: array + type: object + type: object + automountServiceAccountToken: + description: AutomountServiceAccountToken indicates whether + a service account token should be automatically mounted. + type: boolean + containers: + description: List of containers belonging to the pod. + Containers cannot currently be added or removed. There + must be at least one container in a Pod. Cannot be updated. + items: + description: A single application container that you + want to run within a pod. + properties: + args: + description: 'Arguments to the entrypoint. The container + image''s CMD is used if this is not provided. + Variable references $(VAR_NAME) are expanded using + the container''s environment. If a variable cannot + be resolved, the reference in the input string + will be unchanged. Double $$ are reduced to a + single $, which allows for escaping the $(VAR_NAME) + syntax: i.e. "$$(VAR_NAME)" will produce the string + literal "$(VAR_NAME)". Escaped references will + never be expanded, regardless of whether the variable + exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' + items: + type: string + type: array + command: + description: 'Entrypoint array. Not executed within + a shell. The container image''s ENTRYPOINT is + used if this is not provided. Variable references + $(VAR_NAME) are expanded using the container''s + environment. If a variable cannot be resolved, + the reference in the input string will be unchanged. + Double $$ are reduced to a single $, which allows + for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" + will produce the string literal "$(VAR_NAME)". + Escaped references will never be expanded, regardless + of whether the variable exists or not. Cannot + be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' + items: + type: string + type: array + env: + description: List of environment variables to set + in the container. Cannot be updated. + items: + description: EnvVar represents an environment + variable present in a Container. + properties: + name: + description: Name of the environment variable. + Must be a C_IDENTIFIER. + type: string + value: + description: 'Variable references $(VAR_NAME) + are expanded using the previously defined + environment variables in the container and + any service environment variables. If a + variable cannot be resolved, the reference + in the input string will be unchanged. Double + $$ are reduced to a single $, which allows + for escaping the $(VAR_NAME) syntax: i.e. + "$$(VAR_NAME)" will produce the string literal + "$(VAR_NAME)". Escaped references will never + be expanded, regardless of whether the variable + exists or not. Defaults to "".' + type: string + valueFrom: + description: Source for the environment variable's + value. Cannot be used if value is not empty. + properties: + configMapKeyRef: + description: Selects a key of a ConfigMap. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the ConfigMap + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + fieldRef: + description: 'Selects a field of the pod: + supports metadata.name, metadata.namespace, + `metadata.labels['''']`, `metadata.annotations['''']`, + spec.nodeName, spec.serviceAccountName, + status.hostIP, status.podIP, status.podIPs.' + properties: + apiVersion: + description: Version of the schema + the FieldPath is written in terms + of, defaults to "v1". + type: string + fieldPath: + description: Path of the field to + select in the specified API version. + type: string + required: + - fieldPath + type: object + x-kubernetes-map-type: atomic + resourceFieldRef: + description: 'Selects a resource of the + container: only resources limits and + requests (limits.cpu, limits.memory, + limits.ephemeral-storage, requests.cpu, + requests.memory and requests.ephemeral-storage) + are currently supported.' + properties: + containerName: + description: 'Container name: required + for volumes, optional for env vars' + type: string + divisor: + anyOf: + - type: integer + - type: string + description: Specifies the output + format of the exposed resources, + defaults to "1" + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + description: 'Required: resource to + select' + type: string + required: + - resource + type: object + x-kubernetes-map-type: atomic + secretKeyRef: + description: Selects a key of a secret + in the pod's namespace + properties: + key: + description: The key of the secret + to select from. Must be a valid + secret key. + type: string + name: + description: 'Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + required: + - name + type: object + type: array + envFrom: + description: List of sources to populate environment + variables in the container. The keys defined within + a source must be a C_IDENTIFIER. All invalid keys + will be reported as an event when the container + is starting. When a key exists in multiple sources, + the value associated with the last source will + take precedence. Values defined by an Env with + a duplicate key will take precedence. Cannot be + updated. + items: + description: EnvFromSource represents the source + of a set of ConfigMaps + properties: + configMapRef: + description: The ConfigMap to select from + properties: + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the ConfigMap + must be defined + type: boolean + type: object + x-kubernetes-map-type: atomic + prefix: + description: An optional identifier to prepend + to each key in the ConfigMap. Must be a + C_IDENTIFIER. + type: string + secretRef: + description: The Secret to select from + properties: + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret + must be defined + type: boolean + type: object + x-kubernetes-map-type: atomic + type: object + type: array + image: + description: 'Container image name. More info: https://kubernetes.io/docs/concepts/containers/images + This field is optional to allow higher level config + management to default or override container images + in workload controllers like Deployments and StatefulSets.' + type: string + imagePullPolicy: + description: 'Image pull policy. One of Always, + Never, IfNotPresent. Defaults to Always if :latest + tag is specified, or IfNotPresent otherwise. Cannot + be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' + type: string + lifecycle: + description: Actions that the management system + should take in response to container lifecycle + events. Cannot be updated. + properties: + postStart: + description: 'PostStart is called immediately + after a container is created. If the handler + fails, the container is terminated and restarted + according to its restart policy. Other management + of the container blocks until the hook completes. + More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' + properties: + exec: + description: Exec specifies the action to + take. + properties: + command: + description: Command is the command + line to execute inside the container, + the working directory for the command is + root ('/') in the container's filesystem. + The command is simply exec'd, it is + not run inside a shell, so traditional + shell instructions ('|', etc) won't + work. To use a shell, you need to + explicitly call out to that shell. + Exit status of 0 is treated as live/healthy + and non-zero is unhealthy. + items: + type: string + type: array + type: object + httpGet: + description: HTTPGet specifies the http + request to perform. + properties: + host: + description: Host name to connect to, + defaults to the pod IP. You probably + want to set "Host" in httpHeaders + instead. + type: string + httpHeaders: + description: Custom headers to set in + the request. HTTP allows repeated + headers. + items: + description: HTTPHeader describes + a custom header to be used in HTTP + probes + properties: + name: + description: The header field + name. This will be canonicalized + upon output, so case-variant + names will be understood as + the same header. + type: string + value: + description: The header field + value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP + server. + type: string + port: + anyOf: + - type: integer + - type: string + description: Name or number of the port + to access on the container. Number + must be in the range 1 to 65535. Name + must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: Scheme to use for connecting + to the host. Defaults to HTTP. + type: string + required: + - port + type: object + tcpSocket: + description: Deprecated. TCPSocket is NOT + supported as a LifecycleHandler and kept + for the backward compatibility. There + are no validation of this field and lifecycle + hooks will fail in runtime when tcp handler + is specified. + properties: + host: + description: 'Optional: Host name to + connect to, defaults to the pod IP.' + type: string + port: + anyOf: + - type: integer + - type: string + description: Number or name of the port + to access on the container. Number + must be in the range 1 to 65535. Name + must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + type: object + preStop: + description: 'PreStop is called immediately + before a container is terminated due to an + API request or management event such as liveness/startup + probe failure, preemption, resource contention, + etc. The handler is not called if the container + crashes or exits. The Pod''s termination grace + period countdown begins before the PreStop + hook is executed. Regardless of the outcome + of the handler, the container will eventually + terminate within the Pod''s termination grace + period (unless delayed by finalizers). Other + management of the container blocks until the + hook completes or until the termination grace + period is reached. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' + properties: + exec: + description: Exec specifies the action to + take. + properties: + command: + description: Command is the command + line to execute inside the container, + the working directory for the command is + root ('/') in the container's filesystem. + The command is simply exec'd, it is + not run inside a shell, so traditional + shell instructions ('|', etc) won't + work. To use a shell, you need to + explicitly call out to that shell. + Exit status of 0 is treated as live/healthy + and non-zero is unhealthy. + items: + type: string + type: array + type: object + httpGet: + description: HTTPGet specifies the http + request to perform. + properties: + host: + description: Host name to connect to, + defaults to the pod IP. You probably + want to set "Host" in httpHeaders + instead. + type: string + httpHeaders: + description: Custom headers to set in + the request. HTTP allows repeated + headers. + items: + description: HTTPHeader describes + a custom header to be used in HTTP + probes + properties: + name: + description: The header field + name. This will be canonicalized + upon output, so case-variant + names will be understood as + the same header. + type: string + value: + description: The header field + value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP + server. + type: string + port: + anyOf: + - type: integer + - type: string + description: Name or number of the port + to access on the container. Number + must be in the range 1 to 65535. Name + must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: Scheme to use for connecting + to the host. Defaults to HTTP. + type: string + required: + - port + type: object + tcpSocket: + description: Deprecated. TCPSocket is NOT + supported as a LifecycleHandler and kept + for the backward compatibility. There + are no validation of this field and lifecycle + hooks will fail in runtime when tcp handler + is specified. + properties: + host: + description: 'Optional: Host name to + connect to, defaults to the pod IP.' + type: string + port: + anyOf: + - type: integer + - type: string + description: Number or name of the port + to access on the container. Number + must be in the range 1 to 65535. Name + must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + type: object + type: object + livenessProbe: + description: 'Periodic probe of container liveness. + Container will be restarted if the probe fails. + Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + properties: + exec: + description: Exec specifies the action to take. + properties: + command: + description: Command is the command line + to execute inside the container, the working + directory for the command is root ('/') + in the container's filesystem. The command + is simply exec'd, it is not run inside + a shell, so traditional shell instructions + ('|', etc) won't work. To use a shell, + you need to explicitly call out to that + shell. Exit status of 0 is treated as + live/healthy and non-zero is unhealthy. + items: + type: string + type: array + type: object + failureThreshold: + description: Minimum consecutive failures for + the probe to be considered failed after having + succeeded. Defaults to 3. Minimum value is + 1. + format: int32 + type: integer + grpc: + description: GRPC specifies an action involving + a GRPC port. + properties: + port: + description: Port number of the gRPC service. + Number must be in the range 1 to 65535. + format: int32 + type: integer + service: + description: "Service is the name of the + service to place in the gRPC HealthCheckRequest + (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + \n If this is not specified, the default + behavior is defined by gRPC." + type: string + required: + - port + type: object + httpGet: + description: HTTPGet specifies the http request + to perform. + properties: + host: + description: Host name to connect to, defaults + to the pod IP. You probably want to set + "Host" in httpHeaders instead. + type: string + httpHeaders: + description: Custom headers to set in the + request. HTTP allows repeated headers. + items: + description: HTTPHeader describes a custom + header to be used in HTTP probes + properties: + name: + description: The header field name. + This will be canonicalized upon + output, so case-variant names will + be understood as the same header. + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP + server. + type: string + port: + anyOf: + - type: integer + - type: string + description: Name or number of the port + to access on the container. Number must + be in the range 1 to 65535. Name must + be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: Scheme to use for connecting + to the host. Defaults to HTTP. + type: string + required: + - port + type: object + initialDelaySeconds: + description: 'Number of seconds after the container + has started before liveness probes are initiated. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + periodSeconds: + description: How often (in seconds) to perform + the probe. Default to 10 seconds. Minimum + value is 1. + format: int32 + type: integer + successThreshold: + description: Minimum consecutive successes for + the probe to be considered successful after + having failed. Defaults to 1. Must be 1 for + liveness and startup. Minimum value is 1. + format: int32 + type: integer + tcpSocket: + description: TCPSocket specifies an action involving + a TCP port. + properties: + host: + description: 'Optional: Host name to connect + to, defaults to the pod IP.' + type: string + port: + anyOf: + - type: integer + - type: string + description: Number or name of the port + to access on the container. Number must + be in the range 1 to 65535. Name must + be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + terminationGracePeriodSeconds: + description: Optional duration in seconds the + pod needs to terminate gracefully upon probe + failure. The grace period is the duration + in seconds after the processes running in + the pod are sent a termination signal and + the time when the processes are forcibly halted + with a kill signal. Set this value longer + than the expected cleanup time for your process. + If this value is nil, the pod's terminationGracePeriodSeconds + will be used. Otherwise, this value overrides + the value provided by the pod spec. Value + must be non-negative integer. The value zero + indicates stop immediately via the kill signal + (no opportunity to shut down). This is a beta + field and requires enabling ProbeTerminationGracePeriod + feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds + is used if unset. + format: int64 + type: integer + timeoutSeconds: + description: 'Number of seconds after which + the probe times out. Defaults to 1 second. + Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + type: object + name: + description: Name of the container specified as + a DNS_LABEL. Each container in a pod must have + a unique name (DNS_LABEL). Cannot be updated. + type: string + ports: + description: List of ports to expose from the container. + Not specifying a port here DOES NOT prevent that + port from being exposed. Any port which is listening + on the default "0.0.0.0" address inside a container + will be accessible from the network. Modifying + this array with strategic merge patch may corrupt + the data. For more information See https://github.com/kubernetes/kubernetes/issues/108255. + Cannot be updated. + items: + description: ContainerPort represents a network + port in a single container. + properties: + containerPort: + description: Number of port to expose on the + pod's IP address. This must be a valid port + number, 0 < x < 65536. + format: int32 + type: integer + hostIP: + description: What host IP to bind the external + port to. + type: string + hostPort: + description: Number of port to expose on the + host. If specified, this must be a valid + port number, 0 < x < 65536. If HostNetwork + is specified, this must match ContainerPort. + Most containers do not need this. + format: int32 + type: integer + name: + description: If specified, this must be an + IANA_SVC_NAME and unique within the pod. + Each named port in a pod must have a unique + name. Name for the port that can be referred + to by services. + type: string + protocol: + default: TCP + description: Protocol for port. Must be UDP, + TCP, or SCTP. Defaults to "TCP". + type: string + required: + - containerPort + - protocol + type: object + type: array + x-kubernetes-list-map-keys: + - containerPort + - protocol + x-kubernetes-list-type: map + readinessProbe: + description: 'Periodic probe of container service + readiness. Container will be removed from service + endpoints if the probe fails. Cannot be updated. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + properties: + exec: + description: Exec specifies the action to take. + properties: + command: + description: Command is the command line + to execute inside the container, the working + directory for the command is root ('/') + in the container's filesystem. The command + is simply exec'd, it is not run inside + a shell, so traditional shell instructions + ('|', etc) won't work. To use a shell, + you need to explicitly call out to that + shell. Exit status of 0 is treated as + live/healthy and non-zero is unhealthy. + items: + type: string + type: array + type: object + failureThreshold: + description: Minimum consecutive failures for + the probe to be considered failed after having + succeeded. Defaults to 3. Minimum value is + 1. + format: int32 + type: integer + grpc: + description: GRPC specifies an action involving + a GRPC port. + properties: + port: + description: Port number of the gRPC service. + Number must be in the range 1 to 65535. + format: int32 + type: integer + service: + description: "Service is the name of the + service to place in the gRPC HealthCheckRequest + (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + \n If this is not specified, the default + behavior is defined by gRPC." + type: string + required: + - port + type: object + httpGet: + description: HTTPGet specifies the http request + to perform. + properties: + host: + description: Host name to connect to, defaults + to the pod IP. You probably want to set + "Host" in httpHeaders instead. + type: string + httpHeaders: + description: Custom headers to set in the + request. HTTP allows repeated headers. + items: + description: HTTPHeader describes a custom + header to be used in HTTP probes + properties: + name: + description: The header field name. + This will be canonicalized upon + output, so case-variant names will + be understood as the same header. + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP + server. + type: string + port: + anyOf: + - type: integer + - type: string + description: Name or number of the port + to access on the container. Number must + be in the range 1 to 65535. Name must + be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: Scheme to use for connecting + to the host. Defaults to HTTP. + type: string + required: + - port + type: object + initialDelaySeconds: + description: 'Number of seconds after the container + has started before liveness probes are initiated. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + periodSeconds: + description: How often (in seconds) to perform + the probe. Default to 10 seconds. Minimum + value is 1. + format: int32 + type: integer + successThreshold: + description: Minimum consecutive successes for + the probe to be considered successful after + having failed. Defaults to 1. Must be 1 for + liveness and startup. Minimum value is 1. + format: int32 + type: integer + tcpSocket: + description: TCPSocket specifies an action involving + a TCP port. + properties: + host: + description: 'Optional: Host name to connect + to, defaults to the pod IP.' + type: string + port: + anyOf: + - type: integer + - type: string + description: Number or name of the port + to access on the container. Number must + be in the range 1 to 65535. Name must + be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + terminationGracePeriodSeconds: + description: Optional duration in seconds the + pod needs to terminate gracefully upon probe + failure. The grace period is the duration + in seconds after the processes running in + the pod are sent a termination signal and + the time when the processes are forcibly halted + with a kill signal. Set this value longer + than the expected cleanup time for your process. + If this value is nil, the pod's terminationGracePeriodSeconds + will be used. Otherwise, this value overrides + the value provided by the pod spec. Value + must be non-negative integer. The value zero + indicates stop immediately via the kill signal + (no opportunity to shut down). This is a beta + field and requires enabling ProbeTerminationGracePeriod + feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds + is used if unset. + format: int64 + type: integer + timeoutSeconds: + description: 'Number of seconds after which + the probe times out. Defaults to 1 second. + Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + type: object + resizePolicy: + description: Resources resize policy for the container. + items: + description: ContainerResizePolicy represents + resource resize policy for the container. + properties: + resourceName: + description: 'Name of the resource to which + this resource resize policy applies. Supported + values: cpu, memory.' + type: string + restartPolicy: + description: Restart policy to apply when + specified resource is resized. If not specified, + it defaults to NotRequired. + type: string + required: + - resourceName + - restartPolicy + type: object + type: array + x-kubernetes-list-type: atomic + resources: + description: 'Compute Resources required by this + container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + properties: + claims: + description: "Claims lists the names of resources, + defined in spec.resourceClaims, that are used + by this container. \n This is an alpha field + and requires enabling the DynamicResourceAllocation + feature gate. \n This field is immutable. + It can only be set for containers." + items: + description: ResourceClaim references one + entry in PodSpec.ResourceClaims. + properties: + name: + description: Name must match the name + of one entry in pod.spec.resourceClaims + of the Pod where this field is used. + It makes that resource available inside + a container. + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum amount + of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum + amount of compute resources required. If Requests + is omitted for a container, it defaults to + Limits if that is explicitly specified, otherwise + to an implementation-defined value. Requests + cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + type: object + restartPolicy: + description: 'RestartPolicy defines the restart + behavior of individual containers in a pod. This + field may only be set for init containers, and + the only allowed value is "Always". For non-init + containers or when this field is not specified, + the restart behavior is defined by the Pod''s + restart policy and the container type. Setting + the RestartPolicy as "Always" for the init container + will have the following effect: this init container + will be continually restarted on exit until all + regular containers have terminated. Once all regular + containers have completed, all init containers + with restartPolicy "Always" will be shut down. + This lifecycle differs from normal init containers + and is often referred to as a "sidecar" container. + Although this init container still starts in the + init container sequence, it does not wait for + the container to complete before proceeding to + the next init container. Instead, the next init + container starts immediately after this init container + is started, or after any startupProbe has successfully + completed.' + type: string + securityContext: + description: 'SecurityContext defines the security + options the container should be run with. If set, + the fields of SecurityContext override the equivalent + fields of PodSecurityContext. More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/' + properties: + allowPrivilegeEscalation: + description: 'AllowPrivilegeEscalation controls + whether a process can gain more privileges + than its parent process. This bool directly + controls if the no_new_privs flag will be + set on the container process. AllowPrivilegeEscalation + is true always when the container is: 1) run + as Privileged 2) has CAP_SYS_ADMIN Note that + this field cannot be set when spec.os.name + is windows.' + type: boolean + capabilities: + description: The capabilities to add/drop when + running containers. Defaults to the default + set of capabilities granted by the container + runtime. Note that this field cannot be set + when spec.os.name is windows. + properties: + add: + description: Added capabilities + items: + description: Capability represent POSIX + capabilities type + type: string + type: array + drop: + description: Removed capabilities + items: + description: Capability represent POSIX + capabilities type + type: string + type: array + type: object + privileged: + description: Run container in privileged mode. + Processes in privileged containers are essentially + equivalent to root on the host. Defaults to + false. Note that this field cannot be set + when spec.os.name is windows. + type: boolean + procMount: + description: procMount denotes the type of proc + mount to use for the containers. The default + is DefaultProcMount which uses the container + runtime defaults for readonly paths and masked + paths. This requires the ProcMountType feature + flag to be enabled. Note that this field cannot + be set when spec.os.name is windows. + type: string + readOnlyRootFilesystem: + description: Whether this container has a read-only + root filesystem. Default is false. Note that + this field cannot be set when spec.os.name + is windows. + type: boolean + runAsGroup: + description: The GID to run the entrypoint of + the container process. Uses runtime default + if unset. May also be set in PodSecurityContext. If + set in both SecurityContext and PodSecurityContext, + the value specified in SecurityContext takes + precedence. Note that this field cannot be + set when spec.os.name is windows. + format: int64 + type: integer + runAsNonRoot: + description: Indicates that the container must + run as a non-root user. If true, the Kubelet + will validate the image at runtime to ensure + that it does not run as UID 0 (root) and fail + to start the container if it does. If unset + or false, no such validation will be performed. + May also be set in PodSecurityContext. If + set in both SecurityContext and PodSecurityContext, + the value specified in SecurityContext takes + precedence. + type: boolean + runAsUser: + description: The UID to run the entrypoint of + the container process. Defaults to user specified + in image metadata if unspecified. May also + be set in PodSecurityContext. If set in both + SecurityContext and PodSecurityContext, the + value specified in SecurityContext takes precedence. + Note that this field cannot be set when spec.os.name + is windows. + format: int64 + type: integer + seLinuxOptions: + description: The SELinux context to be applied + to the container. If unspecified, the container + runtime will allocate a random SELinux context + for each container. May also be set in PodSecurityContext. If + set in both SecurityContext and PodSecurityContext, + the value specified in SecurityContext takes + precedence. Note that this field cannot be + set when spec.os.name is windows. + properties: + level: + description: Level is SELinux level label + that applies to the container. + type: string + role: + description: Role is a SELinux role label + that applies to the container. + type: string + type: + description: Type is a SELinux type label + that applies to the container. + type: string + user: + description: User is a SELinux user label + that applies to the container. + type: string + type: object + seccompProfile: + description: The seccomp options to use by this + container. If seccomp options are provided + at both the pod & container level, the container + options override the pod options. Note that + this field cannot be set when spec.os.name + is windows. + properties: + localhostProfile: + description: localhostProfile indicates + a profile defined in a file on the node + should be used. The profile must be preconfigured + on the node to work. Must be a descending + path, relative to the kubelet's configured + seccomp profile location. Must be set + if type is "Localhost". Must NOT be set + for any other type. + type: string + type: + description: "type indicates which kind + of seccomp profile will be applied. Valid + options are: \n Localhost - a profile + defined in a file on the node should be + used. RuntimeDefault - the container runtime + default profile should be used. Unconfined + - no profile should be applied." + type: string + required: + - type + type: object + windowsOptions: + description: The Windows specific settings applied + to all containers. If unspecified, the options + from the PodSecurityContext will be used. + If set in both SecurityContext and PodSecurityContext, + the value specified in SecurityContext takes + precedence. Note that this field cannot be + set when spec.os.name is linux. + properties: + gmsaCredentialSpec: + description: GMSACredentialSpec is where + the GMSA admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) + inlines the contents of the GMSA credential + spec named by the GMSACredentialSpecName + field. + type: string + gmsaCredentialSpecName: + description: GMSACredentialSpecName is the + name of the GMSA credential spec to use. + type: string + hostProcess: + description: HostProcess determines if a + container should be run as a 'Host Process' + container. All of a Pod's containers must + have the same effective HostProcess value + (it is not allowed to have a mix of HostProcess + containers and non-HostProcess containers). + In addition, if HostProcess is true then + HostNetwork must also be set to true. + type: boolean + runAsUserName: + description: The UserName in Windows to + run the entrypoint of the container process. + Defaults to the user specified in image + metadata if unspecified. May also be set + in PodSecurityContext. If set in both + SecurityContext and PodSecurityContext, + the value specified in SecurityContext + takes precedence. + type: string + type: object + type: object + startupProbe: + description: 'StartupProbe indicates that the Pod + has successfully initialized. If specified, no + other probes are executed until this completes + successfully. If this probe fails, the Pod will + be restarted, just as if the livenessProbe failed. + This can be used to provide different probe parameters + at the beginning of a Pod''s lifecycle, when it + might take a long time to load data or warm a + cache, than during steady-state operation. This + cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + properties: + exec: + description: Exec specifies the action to take. + properties: + command: + description: Command is the command line + to execute inside the container, the working + directory for the command is root ('/') + in the container's filesystem. The command + is simply exec'd, it is not run inside + a shell, so traditional shell instructions + ('|', etc) won't work. To use a shell, + you need to explicitly call out to that + shell. Exit status of 0 is treated as + live/healthy and non-zero is unhealthy. + items: + type: string + type: array + type: object + failureThreshold: + description: Minimum consecutive failures for + the probe to be considered failed after having + succeeded. Defaults to 3. Minimum value is + 1. + format: int32 + type: integer + grpc: + description: GRPC specifies an action involving + a GRPC port. + properties: + port: + description: Port number of the gRPC service. + Number must be in the range 1 to 65535. + format: int32 + type: integer + service: + description: "Service is the name of the + service to place in the gRPC HealthCheckRequest + (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + \n If this is not specified, the default + behavior is defined by gRPC." + type: string + required: + - port + type: object + httpGet: + description: HTTPGet specifies the http request + to perform. + properties: + host: + description: Host name to connect to, defaults + to the pod IP. You probably want to set + "Host" in httpHeaders instead. + type: string + httpHeaders: + description: Custom headers to set in the + request. HTTP allows repeated headers. + items: + description: HTTPHeader describes a custom + header to be used in HTTP probes + properties: + name: + description: The header field name. + This will be canonicalized upon + output, so case-variant names will + be understood as the same header. + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP + server. + type: string + port: + anyOf: + - type: integer + - type: string + description: Name or number of the port + to access on the container. Number must + be in the range 1 to 65535. Name must + be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: Scheme to use for connecting + to the host. Defaults to HTTP. + type: string + required: + - port + type: object + initialDelaySeconds: + description: 'Number of seconds after the container + has started before liveness probes are initiated. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + periodSeconds: + description: How often (in seconds) to perform + the probe. Default to 10 seconds. Minimum + value is 1. + format: int32 + type: integer + successThreshold: + description: Minimum consecutive successes for + the probe to be considered successful after + having failed. Defaults to 1. Must be 1 for + liveness and startup. Minimum value is 1. + format: int32 + type: integer + tcpSocket: + description: TCPSocket specifies an action involving + a TCP port. + properties: + host: + description: 'Optional: Host name to connect + to, defaults to the pod IP.' + type: string + port: + anyOf: + - type: integer + - type: string + description: Number or name of the port + to access on the container. Number must + be in the range 1 to 65535. Name must + be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + terminationGracePeriodSeconds: + description: Optional duration in seconds the + pod needs to terminate gracefully upon probe + failure. The grace period is the duration + in seconds after the processes running in + the pod are sent a termination signal and + the time when the processes are forcibly halted + with a kill signal. Set this value longer + than the expected cleanup time for your process. + If this value is nil, the pod's terminationGracePeriodSeconds + will be used. Otherwise, this value overrides + the value provided by the pod spec. Value + must be non-negative integer. The value zero + indicates stop immediately via the kill signal + (no opportunity to shut down). This is a beta + field and requires enabling ProbeTerminationGracePeriod + feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds + is used if unset. + format: int64 + type: integer + timeoutSeconds: + description: 'Number of seconds after which + the probe times out. Defaults to 1 second. + Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + type: object + stdin: + description: Whether this container should allocate + a buffer for stdin in the container runtime. If + this is not set, reads from stdin in the container + will always result in EOF. Default is false. + type: boolean + stdinOnce: + description: Whether the container runtime should + close the stdin channel after it has been opened + by a single attach. When stdin is true the stdin + stream will remain open across multiple attach + sessions. If stdinOnce is set to true, stdin is + opened on container start, is empty until the + first client attaches to stdin, and then remains + open and accepts data until the client disconnects, + at which time stdin is closed and remains closed + until the container is restarted. If this flag + is false, a container processes that reads from + stdin will never receive an EOF. Default is false + type: boolean + terminationMessagePath: + description: 'Optional: Path at which the file to + which the container''s termination message will + be written is mounted into the container''s filesystem. + Message written is intended to be brief final + status, such as an assertion failure message. + Will be truncated by the node if greater than + 4096 bytes. The total message length across all + containers will be limited to 12kb. Defaults to + /dev/termination-log. Cannot be updated.' + type: string + terminationMessagePolicy: + description: Indicate how the termination message + should be populated. File will use the contents + of terminationMessagePath to populate the container + status message on both success and failure. FallbackToLogsOnError + will use the last chunk of container log output + if the termination message file is empty and the + container exited with an error. The log output + is limited to 2048 bytes or 80 lines, whichever + is smaller. Defaults to File. Cannot be updated. + type: string + tty: + description: Whether this container should allocate + a TTY for itself, also requires 'stdin' to be + true. Default is false. + type: boolean + volumeDevices: + description: volumeDevices is the list of block + devices to be used by the container. + items: + description: volumeDevice describes a mapping + of a raw block device within a container. + properties: + devicePath: + description: devicePath is the path inside + of the container that the device will be + mapped to. + type: string + name: + description: name must match the name of a + persistentVolumeClaim in the pod + type: string + required: + - devicePath + - name + type: object + type: array + volumeMounts: + description: Pod volumes to mount into the container's + filesystem. Cannot be updated. + items: + description: VolumeMount describes a mounting + of a Volume within a container. + properties: + mountPath: + description: Path within the container at + which the volume should be mounted. Must + not contain ':'. + type: string + mountPropagation: + description: mountPropagation determines how + mounts are propagated from the host to container + and the other way around. When not set, + MountPropagationNone is used. This field + is beta in 1.10. + type: string + name: + description: This must match the Name of a + Volume. + type: string + readOnly: + description: Mounted read-only if true, read-write + otherwise (false or unspecified). Defaults + to false. + type: boolean + subPath: + description: Path within the volume from which + the container's volume should be mounted. + Defaults to "" (volume's root). + type: string + subPathExpr: + description: Expanded path within the volume + from which the container's volume should + be mounted. Behaves similarly to SubPath + but environment variable references $(VAR_NAME) + are expanded using the container's environment. + Defaults to "" (volume's root). SubPathExpr + and SubPath are mutually exclusive. + type: string + required: + - mountPath + - name + type: object + type: array + workingDir: + description: Container's working directory. If not + specified, the container runtime's default will + be used, which might be configured in the container + image. Cannot be updated. + type: string + required: + - name + type: object + type: array + dnsConfig: + description: Specifies the DNS parameters of a pod. Parameters + specified here will be merged to the generated DNS configuration + based on DNSPolicy. + properties: + nameservers: + description: A list of DNS name server IP addresses. + This will be appended to the base nameservers generated + from DNSPolicy. Duplicated nameservers will be removed. + items: + type: string + type: array + options: + description: A list of DNS resolver options. This + will be merged with the base options generated from + DNSPolicy. Duplicated entries will be removed. Resolution + options given in Options will override those that + appear in the base DNSPolicy. + items: + description: PodDNSConfigOption defines DNS resolver + options of a pod. + properties: + name: + description: Required. + type: string + value: + type: string + type: object + type: array + searches: + description: A list of DNS search domains for host-name + lookup. This will be appended to the base search + paths generated from DNSPolicy. Duplicated search + paths will be removed. + items: + type: string + type: array + type: object + dnsPolicy: + description: Set DNS policy for the pod. Defaults to "ClusterFirst". + Valid values are 'ClusterFirstWithHostNet', 'ClusterFirst', + 'Default' or 'None'. DNS parameters given in DNSConfig + will be merged with the policy selected with DNSPolicy. + To have DNS options set along with hostNetwork, you + have to specify DNS policy explicitly to 'ClusterFirstWithHostNet'. + type: string + enableServiceLinks: + description: 'EnableServiceLinks indicates whether information + about services should be injected into pod''s environment + variables, matching the syntax of Docker links. Optional: + Defaults to true.' + type: boolean + ephemeralContainers: + description: List of ephemeral containers run in this + pod. Ephemeral containers may be run in an existing + pod to perform user-initiated actions such as debugging. + This list cannot be specified when creating a pod, and + it cannot be modified by updating the pod spec. In order + to add an ephemeral container to an existing pod, use + the pod's ephemeralcontainers subresource. + items: + description: "An EphemeralContainer is a temporary container + that you may add to an existing Pod for user-initiated + activities such as debugging. Ephemeral containers + have no resource or scheduling guarantees, and they + will not be restarted when they exit or when a Pod + is removed or restarted. The kubelet may evict a Pod + if an ephemeral container causes the Pod to exceed + its resource allocation. \n To add an ephemeral container, + use the ephemeralcontainers subresource of an existing + Pod. Ephemeral containers may not be removed or restarted." + properties: + args: + description: 'Arguments to the entrypoint. The image''s + CMD is used if this is not provided. Variable + references $(VAR_NAME) are expanded using the + container''s environment. If a variable cannot + be resolved, the reference in the input string + will be unchanged. Double $$ are reduced to a + single $, which allows for escaping the $(VAR_NAME) + syntax: i.e. "$$(VAR_NAME)" will produce the string + literal "$(VAR_NAME)". Escaped references will + never be expanded, regardless of whether the variable + exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' + items: + type: string + type: array + command: + description: 'Entrypoint array. Not executed within + a shell. The image''s ENTRYPOINT is used if this + is not provided. Variable references $(VAR_NAME) + are expanded using the container''s environment. + If a variable cannot be resolved, the reference + in the input string will be unchanged. Double + $$ are reduced to a single $, which allows for + escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" + will produce the string literal "$(VAR_NAME)". + Escaped references will never be expanded, regardless + of whether the variable exists or not. Cannot + be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' + items: + type: string + type: array + env: + description: List of environment variables to set + in the container. Cannot be updated. + items: + description: EnvVar represents an environment + variable present in a Container. + properties: + name: + description: Name of the environment variable. + Must be a C_IDENTIFIER. + type: string + value: + description: 'Variable references $(VAR_NAME) + are expanded using the previously defined + environment variables in the container and + any service environment variables. If a + variable cannot be resolved, the reference + in the input string will be unchanged. Double + $$ are reduced to a single $, which allows + for escaping the $(VAR_NAME) syntax: i.e. + "$$(VAR_NAME)" will produce the string literal + "$(VAR_NAME)". Escaped references will never + be expanded, regardless of whether the variable + exists or not. Defaults to "".' + type: string + valueFrom: + description: Source for the environment variable's + value. Cannot be used if value is not empty. + properties: + configMapKeyRef: + description: Selects a key of a ConfigMap. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the ConfigMap + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + fieldRef: + description: 'Selects a field of the pod: + supports metadata.name, metadata.namespace, + `metadata.labels['''']`, `metadata.annotations['''']`, + spec.nodeName, spec.serviceAccountName, + status.hostIP, status.podIP, status.podIPs.' + properties: + apiVersion: + description: Version of the schema + the FieldPath is written in terms + of, defaults to "v1". + type: string + fieldPath: + description: Path of the field to + select in the specified API version. + type: string + required: + - fieldPath + type: object + x-kubernetes-map-type: atomic + resourceFieldRef: + description: 'Selects a resource of the + container: only resources limits and + requests (limits.cpu, limits.memory, + limits.ephemeral-storage, requests.cpu, + requests.memory and requests.ephemeral-storage) + are currently supported.' + properties: + containerName: + description: 'Container name: required + for volumes, optional for env vars' + type: string + divisor: + anyOf: + - type: integer + - type: string + description: Specifies the output + format of the exposed resources, + defaults to "1" + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + description: 'Required: resource to + select' + type: string + required: + - resource + type: object + x-kubernetes-map-type: atomic + secretKeyRef: + description: Selects a key of a secret + in the pod's namespace + properties: + key: + description: The key of the secret + to select from. Must be a valid + secret key. + type: string + name: + description: 'Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + required: + - name + type: object + type: array + envFrom: + description: List of sources to populate environment + variables in the container. The keys defined within + a source must be a C_IDENTIFIER. All invalid keys + will be reported as an event when the container + is starting. When a key exists in multiple sources, + the value associated with the last source will + take precedence. Values defined by an Env with + a duplicate key will take precedence. Cannot be + updated. + items: + description: EnvFromSource represents the source + of a set of ConfigMaps + properties: + configMapRef: + description: The ConfigMap to select from + properties: + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the ConfigMap + must be defined + type: boolean + type: object + x-kubernetes-map-type: atomic + prefix: + description: An optional identifier to prepend + to each key in the ConfigMap. Must be a + C_IDENTIFIER. + type: string + secretRef: + description: The Secret to select from + properties: + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret + must be defined + type: boolean + type: object + x-kubernetes-map-type: atomic + type: object + type: array + image: + description: 'Container image name. More info: https://kubernetes.io/docs/concepts/containers/images' + type: string + imagePullPolicy: + description: 'Image pull policy. One of Always, + Never, IfNotPresent. Defaults to Always if :latest + tag is specified, or IfNotPresent otherwise. Cannot + be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' + type: string + lifecycle: + description: Lifecycle is not allowed for ephemeral + containers. + properties: + postStart: + description: 'PostStart is called immediately + after a container is created. If the handler + fails, the container is terminated and restarted + according to its restart policy. Other management + of the container blocks until the hook completes. + More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' + properties: + exec: + description: Exec specifies the action to + take. + properties: + command: + description: Command is the command + line to execute inside the container, + the working directory for the command is + root ('/') in the container's filesystem. + The command is simply exec'd, it is + not run inside a shell, so traditional + shell instructions ('|', etc) won't + work. To use a shell, you need to + explicitly call out to that shell. + Exit status of 0 is treated as live/healthy + and non-zero is unhealthy. + items: + type: string + type: array + type: object + httpGet: + description: HTTPGet specifies the http + request to perform. + properties: + host: + description: Host name to connect to, + defaults to the pod IP. You probably + want to set "Host" in httpHeaders + instead. + type: string + httpHeaders: + description: Custom headers to set in + the request. HTTP allows repeated + headers. + items: + description: HTTPHeader describes + a custom header to be used in HTTP + probes + properties: + name: + description: The header field + name. This will be canonicalized + upon output, so case-variant + names will be understood as + the same header. + type: string + value: + description: The header field + value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP + server. + type: string + port: + anyOf: + - type: integer + - type: string + description: Name or number of the port + to access on the container. Number + must be in the range 1 to 65535. Name + must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: Scheme to use for connecting + to the host. Defaults to HTTP. + type: string + required: + - port + type: object + tcpSocket: + description: Deprecated. TCPSocket is NOT + supported as a LifecycleHandler and kept + for the backward compatibility. There + are no validation of this field and lifecycle + hooks will fail in runtime when tcp handler + is specified. + properties: + host: + description: 'Optional: Host name to + connect to, defaults to the pod IP.' + type: string + port: + anyOf: + - type: integer + - type: string + description: Number or name of the port + to access on the container. Number + must be in the range 1 to 65535. Name + must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + type: object + preStop: + description: 'PreStop is called immediately + before a container is terminated due to an + API request or management event such as liveness/startup + probe failure, preemption, resource contention, + etc. The handler is not called if the container + crashes or exits. The Pod''s termination grace + period countdown begins before the PreStop + hook is executed. Regardless of the outcome + of the handler, the container will eventually + terminate within the Pod''s termination grace + period (unless delayed by finalizers). Other + management of the container blocks until the + hook completes or until the termination grace + period is reached. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' + properties: + exec: + description: Exec specifies the action to + take. + properties: + command: + description: Command is the command + line to execute inside the container, + the working directory for the command is + root ('/') in the container's filesystem. + The command is simply exec'd, it is + not run inside a shell, so traditional + shell instructions ('|', etc) won't + work. To use a shell, you need to + explicitly call out to that shell. + Exit status of 0 is treated as live/healthy + and non-zero is unhealthy. + items: + type: string + type: array + type: object + httpGet: + description: HTTPGet specifies the http + request to perform. + properties: + host: + description: Host name to connect to, + defaults to the pod IP. You probably + want to set "Host" in httpHeaders + instead. + type: string + httpHeaders: + description: Custom headers to set in + the request. HTTP allows repeated + headers. + items: + description: HTTPHeader describes + a custom header to be used in HTTP + probes + properties: + name: + description: The header field + name. This will be canonicalized + upon output, so case-variant + names will be understood as + the same header. + type: string + value: + description: The header field + value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP + server. + type: string + port: + anyOf: + - type: integer + - type: string + description: Name or number of the port + to access on the container. Number + must be in the range 1 to 65535. Name + must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: Scheme to use for connecting + to the host. Defaults to HTTP. + type: string + required: + - port + type: object + tcpSocket: + description: Deprecated. TCPSocket is NOT + supported as a LifecycleHandler and kept + for the backward compatibility. There + are no validation of this field and lifecycle + hooks will fail in runtime when tcp handler + is specified. + properties: + host: + description: 'Optional: Host name to + connect to, defaults to the pod IP.' + type: string + port: + anyOf: + - type: integer + - type: string + description: Number or name of the port + to access on the container. Number + must be in the range 1 to 65535. Name + must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + type: object + type: object + livenessProbe: + description: Probes are not allowed for ephemeral + containers. + properties: + exec: + description: Exec specifies the action to take. + properties: + command: + description: Command is the command line + to execute inside the container, the working + directory for the command is root ('/') + in the container's filesystem. The command + is simply exec'd, it is not run inside + a shell, so traditional shell instructions + ('|', etc) won't work. To use a shell, + you need to explicitly call out to that + shell. Exit status of 0 is treated as + live/healthy and non-zero is unhealthy. + items: + type: string + type: array + type: object + failureThreshold: + description: Minimum consecutive failures for + the probe to be considered failed after having + succeeded. Defaults to 3. Minimum value is + 1. + format: int32 + type: integer + grpc: + description: GRPC specifies an action involving + a GRPC port. + properties: + port: + description: Port number of the gRPC service. + Number must be in the range 1 to 65535. + format: int32 + type: integer + service: + description: "Service is the name of the + service to place in the gRPC HealthCheckRequest + (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + \n If this is not specified, the default + behavior is defined by gRPC." + type: string + required: + - port + type: object + httpGet: + description: HTTPGet specifies the http request + to perform. + properties: + host: + description: Host name to connect to, defaults + to the pod IP. You probably want to set + "Host" in httpHeaders instead. + type: string + httpHeaders: + description: Custom headers to set in the + request. HTTP allows repeated headers. + items: + description: HTTPHeader describes a custom + header to be used in HTTP probes + properties: + name: + description: The header field name. + This will be canonicalized upon + output, so case-variant names will + be understood as the same header. + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP + server. + type: string + port: + anyOf: + - type: integer + - type: string + description: Name or number of the port + to access on the container. Number must + be in the range 1 to 65535. Name must + be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: Scheme to use for connecting + to the host. Defaults to HTTP. + type: string + required: + - port + type: object + initialDelaySeconds: + description: 'Number of seconds after the container + has started before liveness probes are initiated. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + periodSeconds: + description: How often (in seconds) to perform + the probe. Default to 10 seconds. Minimum + value is 1. + format: int32 + type: integer + successThreshold: + description: Minimum consecutive successes for + the probe to be considered successful after + having failed. Defaults to 1. Must be 1 for + liveness and startup. Minimum value is 1. + format: int32 + type: integer + tcpSocket: + description: TCPSocket specifies an action involving + a TCP port. + properties: + host: + description: 'Optional: Host name to connect + to, defaults to the pod IP.' + type: string + port: + anyOf: + - type: integer + - type: string + description: Number or name of the port + to access on the container. Number must + be in the range 1 to 65535. Name must + be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + terminationGracePeriodSeconds: + description: Optional duration in seconds the + pod needs to terminate gracefully upon probe + failure. The grace period is the duration + in seconds after the processes running in + the pod are sent a termination signal and + the time when the processes are forcibly halted + with a kill signal. Set this value longer + than the expected cleanup time for your process. + If this value is nil, the pod's terminationGracePeriodSeconds + will be used. Otherwise, this value overrides + the value provided by the pod spec. Value + must be non-negative integer. The value zero + indicates stop immediately via the kill signal + (no opportunity to shut down). This is a beta + field and requires enabling ProbeTerminationGracePeriod + feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds + is used if unset. + format: int64 + type: integer + timeoutSeconds: + description: 'Number of seconds after which + the probe times out. Defaults to 1 second. + Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + type: object + name: + description: Name of the ephemeral container specified + as a DNS_LABEL. This name must be unique among + all containers, init containers and ephemeral + containers. + type: string + ports: + description: Ports are not allowed for ephemeral + containers. + items: + description: ContainerPort represents a network + port in a single container. + properties: + containerPort: + description: Number of port to expose on the + pod's IP address. This must be a valid port + number, 0 < x < 65536. + format: int32 + type: integer + hostIP: + description: What host IP to bind the external + port to. + type: string + hostPort: + description: Number of port to expose on the + host. If specified, this must be a valid + port number, 0 < x < 65536. If HostNetwork + is specified, this must match ContainerPort. + Most containers do not need this. + format: int32 + type: integer + name: + description: If specified, this must be an + IANA_SVC_NAME and unique within the pod. + Each named port in a pod must have a unique + name. Name for the port that can be referred + to by services. + type: string + protocol: + default: TCP + description: Protocol for port. Must be UDP, + TCP, or SCTP. Defaults to "TCP". + type: string + required: + - containerPort + - protocol + type: object + type: array + x-kubernetes-list-map-keys: + - containerPort + - protocol + x-kubernetes-list-type: map + readinessProbe: + description: Probes are not allowed for ephemeral + containers. + properties: + exec: + description: Exec specifies the action to take. + properties: + command: + description: Command is the command line + to execute inside the container, the working + directory for the command is root ('/') + in the container's filesystem. The command + is simply exec'd, it is not run inside + a shell, so traditional shell instructions + ('|', etc) won't work. To use a shell, + you need to explicitly call out to that + shell. Exit status of 0 is treated as + live/healthy and non-zero is unhealthy. + items: + type: string + type: array + type: object + failureThreshold: + description: Minimum consecutive failures for + the probe to be considered failed after having + succeeded. Defaults to 3. Minimum value is + 1. + format: int32 + type: integer + grpc: + description: GRPC specifies an action involving + a GRPC port. + properties: + port: + description: Port number of the gRPC service. + Number must be in the range 1 to 65535. + format: int32 + type: integer + service: + description: "Service is the name of the + service to place in the gRPC HealthCheckRequest + (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + \n If this is not specified, the default + behavior is defined by gRPC." + type: string + required: + - port + type: object + httpGet: + description: HTTPGet specifies the http request + to perform. + properties: + host: + description: Host name to connect to, defaults + to the pod IP. You probably want to set + "Host" in httpHeaders instead. + type: string + httpHeaders: + description: Custom headers to set in the + request. HTTP allows repeated headers. + items: + description: HTTPHeader describes a custom + header to be used in HTTP probes + properties: + name: + description: The header field name. + This will be canonicalized upon + output, so case-variant names will + be understood as the same header. + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP + server. + type: string + port: + anyOf: + - type: integer + - type: string + description: Name or number of the port + to access on the container. Number must + be in the range 1 to 65535. Name must + be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: Scheme to use for connecting + to the host. Defaults to HTTP. + type: string + required: + - port + type: object + initialDelaySeconds: + description: 'Number of seconds after the container + has started before liveness probes are initiated. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + periodSeconds: + description: How often (in seconds) to perform + the probe. Default to 10 seconds. Minimum + value is 1. + format: int32 + type: integer + successThreshold: + description: Minimum consecutive successes for + the probe to be considered successful after + having failed. Defaults to 1. Must be 1 for + liveness and startup. Minimum value is 1. + format: int32 + type: integer + tcpSocket: + description: TCPSocket specifies an action involving + a TCP port. + properties: + host: + description: 'Optional: Host name to connect + to, defaults to the pod IP.' + type: string + port: + anyOf: + - type: integer + - type: string + description: Number or name of the port + to access on the container. Number must + be in the range 1 to 65535. Name must + be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + terminationGracePeriodSeconds: + description: Optional duration in seconds the + pod needs to terminate gracefully upon probe + failure. The grace period is the duration + in seconds after the processes running in + the pod are sent a termination signal and + the time when the processes are forcibly halted + with a kill signal. Set this value longer + than the expected cleanup time for your process. + If this value is nil, the pod's terminationGracePeriodSeconds + will be used. Otherwise, this value overrides + the value provided by the pod spec. Value + must be non-negative integer. The value zero + indicates stop immediately via the kill signal + (no opportunity to shut down). This is a beta + field and requires enabling ProbeTerminationGracePeriod + feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds + is used if unset. + format: int64 + type: integer + timeoutSeconds: + description: 'Number of seconds after which + the probe times out. Defaults to 1 second. + Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + type: object + resizePolicy: + description: Resources resize policy for the container. + items: + description: ContainerResizePolicy represents + resource resize policy for the container. + properties: + resourceName: + description: 'Name of the resource to which + this resource resize policy applies. Supported + values: cpu, memory.' + type: string + restartPolicy: + description: Restart policy to apply when + specified resource is resized. If not specified, + it defaults to NotRequired. + type: string + required: + - resourceName + - restartPolicy + type: object + type: array + x-kubernetes-list-type: atomic + resources: + description: Resources are not allowed for ephemeral + containers. Ephemeral containers use spare resources + already allocated to the pod. + properties: + claims: + description: "Claims lists the names of resources, + defined in spec.resourceClaims, that are used + by this container. \n This is an alpha field + and requires enabling the DynamicResourceAllocation + feature gate. \n This field is immutable. + It can only be set for containers." + items: + description: ResourceClaim references one + entry in PodSpec.ResourceClaims. + properties: + name: + description: Name must match the name + of one entry in pod.spec.resourceClaims + of the Pod where this field is used. + It makes that resource available inside + a container. + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum amount + of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum + amount of compute resources required. If Requests + is omitted for a container, it defaults to + Limits if that is explicitly specified, otherwise + to an implementation-defined value. Requests + cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + type: object + restartPolicy: + description: Restart policy for the container to + manage the restart behavior of each container + within a pod. This may only be set for init containers. + You cannot set this field on ephemeral containers. + type: string + securityContext: + description: 'Optional: SecurityContext defines + the security options the ephemeral container should + be run with. If set, the fields of SecurityContext + override the equivalent fields of PodSecurityContext.' + properties: + allowPrivilegeEscalation: + description: 'AllowPrivilegeEscalation controls + whether a process can gain more privileges + than its parent process. This bool directly + controls if the no_new_privs flag will be + set on the container process. AllowPrivilegeEscalation + is true always when the container is: 1) run + as Privileged 2) has CAP_SYS_ADMIN Note that + this field cannot be set when spec.os.name + is windows.' + type: boolean + capabilities: + description: The capabilities to add/drop when + running containers. Defaults to the default + set of capabilities granted by the container + runtime. Note that this field cannot be set + when spec.os.name is windows. + properties: + add: + description: Added capabilities + items: + description: Capability represent POSIX + capabilities type + type: string + type: array + drop: + description: Removed capabilities + items: + description: Capability represent POSIX + capabilities type + type: string + type: array + type: object + privileged: + description: Run container in privileged mode. + Processes in privileged containers are essentially + equivalent to root on the host. Defaults to + false. Note that this field cannot be set + when spec.os.name is windows. + type: boolean + procMount: + description: procMount denotes the type of proc + mount to use for the containers. The default + is DefaultProcMount which uses the container + runtime defaults for readonly paths and masked + paths. This requires the ProcMountType feature + flag to be enabled. Note that this field cannot + be set when spec.os.name is windows. + type: string + readOnlyRootFilesystem: + description: Whether this container has a read-only + root filesystem. Default is false. Note that + this field cannot be set when spec.os.name + is windows. + type: boolean + runAsGroup: + description: The GID to run the entrypoint of + the container process. Uses runtime default + if unset. May also be set in PodSecurityContext. If + set in both SecurityContext and PodSecurityContext, + the value specified in SecurityContext takes + precedence. Note that this field cannot be + set when spec.os.name is windows. + format: int64 + type: integer + runAsNonRoot: + description: Indicates that the container must + run as a non-root user. If true, the Kubelet + will validate the image at runtime to ensure + that it does not run as UID 0 (root) and fail + to start the container if it does. If unset + or false, no such validation will be performed. + May also be set in PodSecurityContext. If + set in both SecurityContext and PodSecurityContext, + the value specified in SecurityContext takes + precedence. + type: boolean + runAsUser: + description: The UID to run the entrypoint of + the container process. Defaults to user specified + in image metadata if unspecified. May also + be set in PodSecurityContext. If set in both + SecurityContext and PodSecurityContext, the + value specified in SecurityContext takes precedence. + Note that this field cannot be set when spec.os.name + is windows. + format: int64 + type: integer + seLinuxOptions: + description: The SELinux context to be applied + to the container. If unspecified, the container + runtime will allocate a random SELinux context + for each container. May also be set in PodSecurityContext. If + set in both SecurityContext and PodSecurityContext, + the value specified in SecurityContext takes + precedence. Note that this field cannot be + set when spec.os.name is windows. + properties: + level: + description: Level is SELinux level label + that applies to the container. + type: string + role: + description: Role is a SELinux role label + that applies to the container. + type: string + type: + description: Type is a SELinux type label + that applies to the container. + type: string + user: + description: User is a SELinux user label + that applies to the container. + type: string + type: object + seccompProfile: + description: The seccomp options to use by this + container. If seccomp options are provided + at both the pod & container level, the container + options override the pod options. Note that + this field cannot be set when spec.os.name + is windows. + properties: + localhostProfile: + description: localhostProfile indicates + a profile defined in a file on the node + should be used. The profile must be preconfigured + on the node to work. Must be a descending + path, relative to the kubelet's configured + seccomp profile location. Must be set + if type is "Localhost". Must NOT be set + for any other type. + type: string + type: + description: "type indicates which kind + of seccomp profile will be applied. Valid + options are: \n Localhost - a profile + defined in a file on the node should be + used. RuntimeDefault - the container runtime + default profile should be used. Unconfined + - no profile should be applied." + type: string + required: + - type + type: object + windowsOptions: + description: The Windows specific settings applied + to all containers. If unspecified, the options + from the PodSecurityContext will be used. + If set in both SecurityContext and PodSecurityContext, + the value specified in SecurityContext takes + precedence. Note that this field cannot be + set when spec.os.name is linux. + properties: + gmsaCredentialSpec: + description: GMSACredentialSpec is where + the GMSA admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) + inlines the contents of the GMSA credential + spec named by the GMSACredentialSpecName + field. + type: string + gmsaCredentialSpecName: + description: GMSACredentialSpecName is the + name of the GMSA credential spec to use. + type: string + hostProcess: + description: HostProcess determines if a + container should be run as a 'Host Process' + container. All of a Pod's containers must + have the same effective HostProcess value + (it is not allowed to have a mix of HostProcess + containers and non-HostProcess containers). + In addition, if HostProcess is true then + HostNetwork must also be set to true. + type: boolean + runAsUserName: + description: The UserName in Windows to + run the entrypoint of the container process. + Defaults to the user specified in image + metadata if unspecified. May also be set + in PodSecurityContext. If set in both + SecurityContext and PodSecurityContext, + the value specified in SecurityContext + takes precedence. + type: string + type: object + type: object + startupProbe: + description: Probes are not allowed for ephemeral + containers. + properties: + exec: + description: Exec specifies the action to take. + properties: + command: + description: Command is the command line + to execute inside the container, the working + directory for the command is root ('/') + in the container's filesystem. The command + is simply exec'd, it is not run inside + a shell, so traditional shell instructions + ('|', etc) won't work. To use a shell, + you need to explicitly call out to that + shell. Exit status of 0 is treated as + live/healthy and non-zero is unhealthy. + items: + type: string + type: array + type: object + failureThreshold: + description: Minimum consecutive failures for + the probe to be considered failed after having + succeeded. Defaults to 3. Minimum value is + 1. + format: int32 + type: integer + grpc: + description: GRPC specifies an action involving + a GRPC port. + properties: + port: + description: Port number of the gRPC service. + Number must be in the range 1 to 65535. + format: int32 + type: integer + service: + description: "Service is the name of the + service to place in the gRPC HealthCheckRequest + (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + \n If this is not specified, the default + behavior is defined by gRPC." + type: string + required: + - port + type: object + httpGet: + description: HTTPGet specifies the http request + to perform. + properties: + host: + description: Host name to connect to, defaults + to the pod IP. You probably want to set + "Host" in httpHeaders instead. + type: string + httpHeaders: + description: Custom headers to set in the + request. HTTP allows repeated headers. + items: + description: HTTPHeader describes a custom + header to be used in HTTP probes + properties: + name: + description: The header field name. + This will be canonicalized upon + output, so case-variant names will + be understood as the same header. + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP + server. + type: string + port: + anyOf: + - type: integer + - type: string + description: Name or number of the port + to access on the container. Number must + be in the range 1 to 65535. Name must + be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: Scheme to use for connecting + to the host. Defaults to HTTP. + type: string + required: + - port + type: object + initialDelaySeconds: + description: 'Number of seconds after the container + has started before liveness probes are initiated. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + periodSeconds: + description: How often (in seconds) to perform + the probe. Default to 10 seconds. Minimum + value is 1. + format: int32 + type: integer + successThreshold: + description: Minimum consecutive successes for + the probe to be considered successful after + having failed. Defaults to 1. Must be 1 for + liveness and startup. Minimum value is 1. + format: int32 + type: integer + tcpSocket: + description: TCPSocket specifies an action involving + a TCP port. + properties: + host: + description: 'Optional: Host name to connect + to, defaults to the pod IP.' + type: string + port: + anyOf: + - type: integer + - type: string + description: Number or name of the port + to access on the container. Number must + be in the range 1 to 65535. Name must + be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + terminationGracePeriodSeconds: + description: Optional duration in seconds the + pod needs to terminate gracefully upon probe + failure. The grace period is the duration + in seconds after the processes running in + the pod are sent a termination signal and + the time when the processes are forcibly halted + with a kill signal. Set this value longer + than the expected cleanup time for your process. + If this value is nil, the pod's terminationGracePeriodSeconds + will be used. Otherwise, this value overrides + the value provided by the pod spec. Value + must be non-negative integer. The value zero + indicates stop immediately via the kill signal + (no opportunity to shut down). This is a beta + field and requires enabling ProbeTerminationGracePeriod + feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds + is used if unset. + format: int64 + type: integer + timeoutSeconds: + description: 'Number of seconds after which + the probe times out. Defaults to 1 second. + Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + type: object + stdin: + description: Whether this container should allocate + a buffer for stdin in the container runtime. If + this is not set, reads from stdin in the container + will always result in EOF. Default is false. + type: boolean + stdinOnce: + description: Whether the container runtime should + close the stdin channel after it has been opened + by a single attach. When stdin is true the stdin + stream will remain open across multiple attach + sessions. If stdinOnce is set to true, stdin is + opened on container start, is empty until the + first client attaches to stdin, and then remains + open and accepts data until the client disconnects, + at which time stdin is closed and remains closed + until the container is restarted. If this flag + is false, a container processes that reads from + stdin will never receive an EOF. Default is false + type: boolean + targetContainerName: + description: "If set, the name of the container + from PodSpec that this ephemeral container targets. + The ephemeral container will be run in the namespaces + (IPC, PID, etc) of this container. If not set + then the ephemeral container uses the namespaces + configured in the Pod spec. \n The container runtime + must implement support for this feature. If the + runtime does not support namespace targeting then + the result of setting this field is undefined." + type: string + terminationMessagePath: + description: 'Optional: Path at which the file to + which the container''s termination message will + be written is mounted into the container''s filesystem. + Message written is intended to be brief final + status, such as an assertion failure message. + Will be truncated by the node if greater than + 4096 bytes. The total message length across all + containers will be limited to 12kb. Defaults to + /dev/termination-log. Cannot be updated.' + type: string + terminationMessagePolicy: + description: Indicate how the termination message + should be populated. File will use the contents + of terminationMessagePath to populate the container + status message on both success and failure. FallbackToLogsOnError + will use the last chunk of container log output + if the termination message file is empty and the + container exited with an error. The log output + is limited to 2048 bytes or 80 lines, whichever + is smaller. Defaults to File. Cannot be updated. + type: string + tty: + description: Whether this container should allocate + a TTY for itself, also requires 'stdin' to be + true. Default is false. + type: boolean + volumeDevices: + description: volumeDevices is the list of block + devices to be used by the container. + items: + description: volumeDevice describes a mapping + of a raw block device within a container. + properties: + devicePath: + description: devicePath is the path inside + of the container that the device will be + mapped to. + type: string + name: + description: name must match the name of a + persistentVolumeClaim in the pod + type: string + required: + - devicePath + - name + type: object + type: array + volumeMounts: + description: Pod volumes to mount into the container's + filesystem. Subpath mounts are not allowed for + ephemeral containers. Cannot be updated. + items: + description: VolumeMount describes a mounting + of a Volume within a container. + properties: + mountPath: + description: Path within the container at + which the volume should be mounted. Must + not contain ':'. + type: string + mountPropagation: + description: mountPropagation determines how + mounts are propagated from the host to container + and the other way around. When not set, + MountPropagationNone is used. This field + is beta in 1.10. + type: string + name: + description: This must match the Name of a + Volume. + type: string + readOnly: + description: Mounted read-only if true, read-write + otherwise (false or unspecified). Defaults + to false. + type: boolean + subPath: + description: Path within the volume from which + the container's volume should be mounted. + Defaults to "" (volume's root). + type: string + subPathExpr: + description: Expanded path within the volume + from which the container's volume should + be mounted. Behaves similarly to SubPath + but environment variable references $(VAR_NAME) + are expanded using the container's environment. + Defaults to "" (volume's root). SubPathExpr + and SubPath are mutually exclusive. + type: string + required: + - mountPath + - name + type: object + type: array + workingDir: + description: Container's working directory. If not + specified, the container runtime's default will + be used, which might be configured in the container + image. Cannot be updated. + type: string + required: + - name + type: object + type: array + hostAliases: + description: HostAliases is an optional list of hosts + and IPs that will be injected into the pod's hosts file + if specified. This is only valid for non-hostNetwork + pods. + items: + description: HostAlias holds the mapping between IP + and hostnames that will be injected as an entry in + the pod's hosts file. + properties: + hostnames: + description: Hostnames for the above IP address. + items: + type: string + type: array + ip: + description: IP address of the host file entry. + type: string + type: object + type: array + hostIPC: + description: 'Use the host''s ipc namespace. Optional: + Default to false.' + type: boolean + hostNetwork: + description: Host networking requested for this pod. Use + the host's network namespace. If this option is set, + the ports that will be used must be specified. Default + to false. + type: boolean + hostPID: + description: 'Use the host''s pid namespace. Optional: + Default to false.' + type: boolean + hostUsers: + description: 'Use the host''s user namespace. Optional: + Default to true. If set to true or not present, the + pod will be run in the host user namespace, useful for + when the pod needs a feature only available to the host + user namespace, such as loading a kernel module with + CAP_SYS_MODULE. When set to false, a new userns is created + for the pod. Setting false is useful for mitigating + container breakout vulnerabilities even allowing users + to run their containers as root without actually having + root privileges on the host. This field is alpha-level + and is only honored by servers that enable the UserNamespacesSupport + feature.' + type: boolean + hostname: + description: Specifies the hostname of the Pod If not + specified, the pod's hostname will be set to a system-defined + value. + type: string + imagePullSecrets: + description: 'ImagePullSecrets is an optional list of + references to secrets in the same namespace to use for + pulling any of the images used by this PodSpec. If specified, + these secrets will be passed to individual puller implementations + for them to use. More info: https://kubernetes.io/docs/concepts/containers/images#specifying-imagepullsecrets-on-a-pod' + items: + description: LocalObjectReference contains enough information + to let you locate the referenced object inside the + same namespace. + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + type: object + x-kubernetes-map-type: atomic + type: array + initContainers: + description: 'List of initialization containers belonging + to the pod. Init containers are executed in order prior + to containers being started. If any init container fails, + the pod is considered to have failed and is handled + according to its restartPolicy. The name for an init + container or normal container must be unique among all + containers. Init containers may not have Lifecycle actions, + Readiness probes, Liveness probes, or Startup probes. + The resourceRequirements of an init container are taken + into account during scheduling by finding the highest + request/limit for each resource type, and then using + the max of of that value or the sum of the normal containers. + Limits are applied to init containers in a similar fashion. + Init containers cannot currently be added or removed. + Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/' + items: + description: A single application container that you + want to run within a pod. + properties: + args: + description: 'Arguments to the entrypoint. The container + image''s CMD is used if this is not provided. + Variable references $(VAR_NAME) are expanded using + the container''s environment. If a variable cannot + be resolved, the reference in the input string + will be unchanged. Double $$ are reduced to a + single $, which allows for escaping the $(VAR_NAME) + syntax: i.e. "$$(VAR_NAME)" will produce the string + literal "$(VAR_NAME)". Escaped references will + never be expanded, regardless of whether the variable + exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' + items: + type: string + type: array + command: + description: 'Entrypoint array. Not executed within + a shell. The container image''s ENTRYPOINT is + used if this is not provided. Variable references + $(VAR_NAME) are expanded using the container''s + environment. If a variable cannot be resolved, + the reference in the input string will be unchanged. + Double $$ are reduced to a single $, which allows + for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" + will produce the string literal "$(VAR_NAME)". + Escaped references will never be expanded, regardless + of whether the variable exists or not. Cannot + be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' + items: + type: string + type: array + env: + description: List of environment variables to set + in the container. Cannot be updated. + items: + description: EnvVar represents an environment + variable present in a Container. + properties: + name: + description: Name of the environment variable. + Must be a C_IDENTIFIER. + type: string + value: + description: 'Variable references $(VAR_NAME) + are expanded using the previously defined + environment variables in the container and + any service environment variables. If a + variable cannot be resolved, the reference + in the input string will be unchanged. Double + $$ are reduced to a single $, which allows + for escaping the $(VAR_NAME) syntax: i.e. + "$$(VAR_NAME)" will produce the string literal + "$(VAR_NAME)". Escaped references will never + be expanded, regardless of whether the variable + exists or not. Defaults to "".' + type: string + valueFrom: + description: Source for the environment variable's + value. Cannot be used if value is not empty. + properties: + configMapKeyRef: + description: Selects a key of a ConfigMap. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the ConfigMap + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + fieldRef: + description: 'Selects a field of the pod: + supports metadata.name, metadata.namespace, + `metadata.labels['''']`, `metadata.annotations['''']`, + spec.nodeName, spec.serviceAccountName, + status.hostIP, status.podIP, status.podIPs.' + properties: + apiVersion: + description: Version of the schema + the FieldPath is written in terms + of, defaults to "v1". + type: string + fieldPath: + description: Path of the field to + select in the specified API version. + type: string + required: + - fieldPath + type: object + x-kubernetes-map-type: atomic + resourceFieldRef: + description: 'Selects a resource of the + container: only resources limits and + requests (limits.cpu, limits.memory, + limits.ephemeral-storage, requests.cpu, + requests.memory and requests.ephemeral-storage) + are currently supported.' + properties: + containerName: + description: 'Container name: required + for volumes, optional for env vars' + type: string + divisor: + anyOf: + - type: integer + - type: string + description: Specifies the output + format of the exposed resources, + defaults to "1" + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + description: 'Required: resource to + select' + type: string + required: + - resource + type: object + x-kubernetes-map-type: atomic + secretKeyRef: + description: Selects a key of a secret + in the pod's namespace + properties: + key: + description: The key of the secret + to select from. Must be a valid + secret key. + type: string + name: + description: 'Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + required: + - name + type: object + type: array + envFrom: + description: List of sources to populate environment + variables in the container. The keys defined within + a source must be a C_IDENTIFIER. All invalid keys + will be reported as an event when the container + is starting. When a key exists in multiple sources, + the value associated with the last source will + take precedence. Values defined by an Env with + a duplicate key will take precedence. Cannot be + updated. + items: + description: EnvFromSource represents the source + of a set of ConfigMaps + properties: + configMapRef: + description: The ConfigMap to select from + properties: + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the ConfigMap + must be defined + type: boolean + type: object + x-kubernetes-map-type: atomic + prefix: + description: An optional identifier to prepend + to each key in the ConfigMap. Must be a + C_IDENTIFIER. + type: string + secretRef: + description: The Secret to select from + properties: + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret + must be defined + type: boolean + type: object + x-kubernetes-map-type: atomic + type: object + type: array + image: + description: 'Container image name. More info: https://kubernetes.io/docs/concepts/containers/images + This field is optional to allow higher level config + management to default or override container images + in workload controllers like Deployments and StatefulSets.' + type: string + imagePullPolicy: + description: 'Image pull policy. One of Always, + Never, IfNotPresent. Defaults to Always if :latest + tag is specified, or IfNotPresent otherwise. Cannot + be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' + type: string + lifecycle: + description: Actions that the management system + should take in response to container lifecycle + events. Cannot be updated. + properties: + postStart: + description: 'PostStart is called immediately + after a container is created. If the handler + fails, the container is terminated and restarted + according to its restart policy. Other management + of the container blocks until the hook completes. + More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' + properties: + exec: + description: Exec specifies the action to + take. + properties: + command: + description: Command is the command + line to execute inside the container, + the working directory for the command is + root ('/') in the container's filesystem. + The command is simply exec'd, it is + not run inside a shell, so traditional + shell instructions ('|', etc) won't + work. To use a shell, you need to + explicitly call out to that shell. + Exit status of 0 is treated as live/healthy + and non-zero is unhealthy. + items: + type: string + type: array + type: object + httpGet: + description: HTTPGet specifies the http + request to perform. + properties: + host: + description: Host name to connect to, + defaults to the pod IP. You probably + want to set "Host" in httpHeaders + instead. + type: string + httpHeaders: + description: Custom headers to set in + the request. HTTP allows repeated + headers. + items: + description: HTTPHeader describes + a custom header to be used in HTTP + probes + properties: + name: + description: The header field + name. This will be canonicalized + upon output, so case-variant + names will be understood as + the same header. + type: string + value: + description: The header field + value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP + server. + type: string + port: + anyOf: + - type: integer + - type: string + description: Name or number of the port + to access on the container. Number + must be in the range 1 to 65535. Name + must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: Scheme to use for connecting + to the host. Defaults to HTTP. + type: string + required: + - port + type: object + tcpSocket: + description: Deprecated. TCPSocket is NOT + supported as a LifecycleHandler and kept + for the backward compatibility. There + are no validation of this field and lifecycle + hooks will fail in runtime when tcp handler + is specified. + properties: + host: + description: 'Optional: Host name to + connect to, defaults to the pod IP.' + type: string + port: + anyOf: + - type: integer + - type: string + description: Number or name of the port + to access on the container. Number + must be in the range 1 to 65535. Name + must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + type: object + preStop: + description: 'PreStop is called immediately + before a container is terminated due to an + API request or management event such as liveness/startup + probe failure, preemption, resource contention, + etc. The handler is not called if the container + crashes or exits. The Pod''s termination grace + period countdown begins before the PreStop + hook is executed. Regardless of the outcome + of the handler, the container will eventually + terminate within the Pod''s termination grace + period (unless delayed by finalizers). Other + management of the container blocks until the + hook completes or until the termination grace + period is reached. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' + properties: + exec: + description: Exec specifies the action to + take. + properties: + command: + description: Command is the command + line to execute inside the container, + the working directory for the command is + root ('/') in the container's filesystem. + The command is simply exec'd, it is + not run inside a shell, so traditional + shell instructions ('|', etc) won't + work. To use a shell, you need to + explicitly call out to that shell. + Exit status of 0 is treated as live/healthy + and non-zero is unhealthy. + items: + type: string + type: array + type: object + httpGet: + description: HTTPGet specifies the http + request to perform. + properties: + host: + description: Host name to connect to, + defaults to the pod IP. You probably + want to set "Host" in httpHeaders + instead. + type: string + httpHeaders: + description: Custom headers to set in + the request. HTTP allows repeated + headers. + items: + description: HTTPHeader describes + a custom header to be used in HTTP + probes + properties: + name: + description: The header field + name. This will be canonicalized + upon output, so case-variant + names will be understood as + the same header. + type: string + value: + description: The header field + value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP + server. + type: string + port: + anyOf: + - type: integer + - type: string + description: Name or number of the port + to access on the container. Number + must be in the range 1 to 65535. Name + must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: Scheme to use for connecting + to the host. Defaults to HTTP. + type: string + required: + - port + type: object + tcpSocket: + description: Deprecated. TCPSocket is NOT + supported as a LifecycleHandler and kept + for the backward compatibility. There + are no validation of this field and lifecycle + hooks will fail in runtime when tcp handler + is specified. + properties: + host: + description: 'Optional: Host name to + connect to, defaults to the pod IP.' + type: string + port: + anyOf: + - type: integer + - type: string + description: Number or name of the port + to access on the container. Number + must be in the range 1 to 65535. Name + must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + type: object + type: object + livenessProbe: + description: 'Periodic probe of container liveness. + Container will be restarted if the probe fails. + Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + properties: + exec: + description: Exec specifies the action to take. + properties: + command: + description: Command is the command line + to execute inside the container, the working + directory for the command is root ('/') + in the container's filesystem. The command + is simply exec'd, it is not run inside + a shell, so traditional shell instructions + ('|', etc) won't work. To use a shell, + you need to explicitly call out to that + shell. Exit status of 0 is treated as + live/healthy and non-zero is unhealthy. + items: + type: string + type: array + type: object + failureThreshold: + description: Minimum consecutive failures for + the probe to be considered failed after having + succeeded. Defaults to 3. Minimum value is + 1. + format: int32 + type: integer + grpc: + description: GRPC specifies an action involving + a GRPC port. + properties: + port: + description: Port number of the gRPC service. + Number must be in the range 1 to 65535. + format: int32 + type: integer + service: + description: "Service is the name of the + service to place in the gRPC HealthCheckRequest + (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + \n If this is not specified, the default + behavior is defined by gRPC." + type: string + required: + - port + type: object + httpGet: + description: HTTPGet specifies the http request + to perform. + properties: + host: + description: Host name to connect to, defaults + to the pod IP. You probably want to set + "Host" in httpHeaders instead. + type: string + httpHeaders: + description: Custom headers to set in the + request. HTTP allows repeated headers. + items: + description: HTTPHeader describes a custom + header to be used in HTTP probes + properties: + name: + description: The header field name. + This will be canonicalized upon + output, so case-variant names will + be understood as the same header. + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP + server. + type: string + port: + anyOf: + - type: integer + - type: string + description: Name or number of the port + to access on the container. Number must + be in the range 1 to 65535. Name must + be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: Scheme to use for connecting + to the host. Defaults to HTTP. + type: string + required: + - port + type: object + initialDelaySeconds: + description: 'Number of seconds after the container + has started before liveness probes are initiated. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + periodSeconds: + description: How often (in seconds) to perform + the probe. Default to 10 seconds. Minimum + value is 1. + format: int32 + type: integer + successThreshold: + description: Minimum consecutive successes for + the probe to be considered successful after + having failed. Defaults to 1. Must be 1 for + liveness and startup. Minimum value is 1. + format: int32 + type: integer + tcpSocket: + description: TCPSocket specifies an action involving + a TCP port. + properties: + host: + description: 'Optional: Host name to connect + to, defaults to the pod IP.' + type: string + port: + anyOf: + - type: integer + - type: string + description: Number or name of the port + to access on the container. Number must + be in the range 1 to 65535. Name must + be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + terminationGracePeriodSeconds: + description: Optional duration in seconds the + pod needs to terminate gracefully upon probe + failure. The grace period is the duration + in seconds after the processes running in + the pod are sent a termination signal and + the time when the processes are forcibly halted + with a kill signal. Set this value longer + than the expected cleanup time for your process. + If this value is nil, the pod's terminationGracePeriodSeconds + will be used. Otherwise, this value overrides + the value provided by the pod spec. Value + must be non-negative integer. The value zero + indicates stop immediately via the kill signal + (no opportunity to shut down). This is a beta + field and requires enabling ProbeTerminationGracePeriod + feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds + is used if unset. + format: int64 + type: integer + timeoutSeconds: + description: 'Number of seconds after which + the probe times out. Defaults to 1 second. + Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + type: object + name: + description: Name of the container specified as + a DNS_LABEL. Each container in a pod must have + a unique name (DNS_LABEL). Cannot be updated. + type: string + ports: + description: List of ports to expose from the container. + Not specifying a port here DOES NOT prevent that + port from being exposed. Any port which is listening + on the default "0.0.0.0" address inside a container + will be accessible from the network. Modifying + this array with strategic merge patch may corrupt + the data. For more information See https://github.com/kubernetes/kubernetes/issues/108255. + Cannot be updated. + items: + description: ContainerPort represents a network + port in a single container. + properties: + containerPort: + description: Number of port to expose on the + pod's IP address. This must be a valid port + number, 0 < x < 65536. + format: int32 + type: integer + hostIP: + description: What host IP to bind the external + port to. + type: string + hostPort: + description: Number of port to expose on the + host. If specified, this must be a valid + port number, 0 < x < 65536. If HostNetwork + is specified, this must match ContainerPort. + Most containers do not need this. + format: int32 + type: integer + name: + description: If specified, this must be an + IANA_SVC_NAME and unique within the pod. + Each named port in a pod must have a unique + name. Name for the port that can be referred + to by services. + type: string + protocol: + default: TCP + description: Protocol for port. Must be UDP, + TCP, or SCTP. Defaults to "TCP". + type: string + required: + - containerPort + - protocol + type: object + type: array + x-kubernetes-list-map-keys: + - containerPort + - protocol + x-kubernetes-list-type: map + readinessProbe: + description: 'Periodic probe of container service + readiness. Container will be removed from service + endpoints if the probe fails. Cannot be updated. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + properties: + exec: + description: Exec specifies the action to take. + properties: + command: + description: Command is the command line + to execute inside the container, the working + directory for the command is root ('/') + in the container's filesystem. The command + is simply exec'd, it is not run inside + a shell, so traditional shell instructions + ('|', etc) won't work. To use a shell, + you need to explicitly call out to that + shell. Exit status of 0 is treated as + live/healthy and non-zero is unhealthy. + items: + type: string + type: array + type: object + failureThreshold: + description: Minimum consecutive failures for + the probe to be considered failed after having + succeeded. Defaults to 3. Minimum value is + 1. + format: int32 + type: integer + grpc: + description: GRPC specifies an action involving + a GRPC port. + properties: + port: + description: Port number of the gRPC service. + Number must be in the range 1 to 65535. + format: int32 + type: integer + service: + description: "Service is the name of the + service to place in the gRPC HealthCheckRequest + (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + \n If this is not specified, the default + behavior is defined by gRPC." + type: string + required: + - port + type: object + httpGet: + description: HTTPGet specifies the http request + to perform. + properties: + host: + description: Host name to connect to, defaults + to the pod IP. You probably want to set + "Host" in httpHeaders instead. + type: string + httpHeaders: + description: Custom headers to set in the + request. HTTP allows repeated headers. + items: + description: HTTPHeader describes a custom + header to be used in HTTP probes + properties: + name: + description: The header field name. + This will be canonicalized upon + output, so case-variant names will + be understood as the same header. + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP + server. + type: string + port: + anyOf: + - type: integer + - type: string + description: Name or number of the port + to access on the container. Number must + be in the range 1 to 65535. Name must + be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: Scheme to use for connecting + to the host. Defaults to HTTP. + type: string + required: + - port + type: object + initialDelaySeconds: + description: 'Number of seconds after the container + has started before liveness probes are initiated. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + periodSeconds: + description: How often (in seconds) to perform + the probe. Default to 10 seconds. Minimum + value is 1. + format: int32 + type: integer + successThreshold: + description: Minimum consecutive successes for + the probe to be considered successful after + having failed. Defaults to 1. Must be 1 for + liveness and startup. Minimum value is 1. + format: int32 + type: integer + tcpSocket: + description: TCPSocket specifies an action involving + a TCP port. + properties: + host: + description: 'Optional: Host name to connect + to, defaults to the pod IP.' + type: string + port: + anyOf: + - type: integer + - type: string + description: Number or name of the port + to access on the container. Number must + be in the range 1 to 65535. Name must + be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + terminationGracePeriodSeconds: + description: Optional duration in seconds the + pod needs to terminate gracefully upon probe + failure. The grace period is the duration + in seconds after the processes running in + the pod are sent a termination signal and + the time when the processes are forcibly halted + with a kill signal. Set this value longer + than the expected cleanup time for your process. + If this value is nil, the pod's terminationGracePeriodSeconds + will be used. Otherwise, this value overrides + the value provided by the pod spec. Value + must be non-negative integer. The value zero + indicates stop immediately via the kill signal + (no opportunity to shut down). This is a beta + field and requires enabling ProbeTerminationGracePeriod + feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds + is used if unset. + format: int64 + type: integer + timeoutSeconds: + description: 'Number of seconds after which + the probe times out. Defaults to 1 second. + Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + type: object + resizePolicy: + description: Resources resize policy for the container. + items: + description: ContainerResizePolicy represents + resource resize policy for the container. + properties: + resourceName: + description: 'Name of the resource to which + this resource resize policy applies. Supported + values: cpu, memory.' + type: string + restartPolicy: + description: Restart policy to apply when + specified resource is resized. If not specified, + it defaults to NotRequired. + type: string + required: + - resourceName + - restartPolicy + type: object + type: array + x-kubernetes-list-type: atomic + resources: + description: 'Compute Resources required by this + container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + properties: + claims: + description: "Claims lists the names of resources, + defined in spec.resourceClaims, that are used + by this container. \n This is an alpha field + and requires enabling the DynamicResourceAllocation + feature gate. \n This field is immutable. + It can only be set for containers." + items: + description: ResourceClaim references one + entry in PodSpec.ResourceClaims. + properties: + name: + description: Name must match the name + of one entry in pod.spec.resourceClaims + of the Pod where this field is used. + It makes that resource available inside + a container. + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum amount + of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum + amount of compute resources required. If Requests + is omitted for a container, it defaults to + Limits if that is explicitly specified, otherwise + to an implementation-defined value. Requests + cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + type: object + restartPolicy: + description: 'RestartPolicy defines the restart + behavior of individual containers in a pod. This + field may only be set for init containers, and + the only allowed value is "Always". For non-init + containers or when this field is not specified, + the restart behavior is defined by the Pod''s + restart policy and the container type. Setting + the RestartPolicy as "Always" for the init container + will have the following effect: this init container + will be continually restarted on exit until all + regular containers have terminated. Once all regular + containers have completed, all init containers + with restartPolicy "Always" will be shut down. + This lifecycle differs from normal init containers + and is often referred to as a "sidecar" container. + Although this init container still starts in the + init container sequence, it does not wait for + the container to complete before proceeding to + the next init container. Instead, the next init + container starts immediately after this init container + is started, or after any startupProbe has successfully + completed.' + type: string + securityContext: + description: 'SecurityContext defines the security + options the container should be run with. If set, + the fields of SecurityContext override the equivalent + fields of PodSecurityContext. More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/' + properties: + allowPrivilegeEscalation: + description: 'AllowPrivilegeEscalation controls + whether a process can gain more privileges + than its parent process. This bool directly + controls if the no_new_privs flag will be + set on the container process. AllowPrivilegeEscalation + is true always when the container is: 1) run + as Privileged 2) has CAP_SYS_ADMIN Note that + this field cannot be set when spec.os.name + is windows.' + type: boolean + capabilities: + description: The capabilities to add/drop when + running containers. Defaults to the default + set of capabilities granted by the container + runtime. Note that this field cannot be set + when spec.os.name is windows. + properties: + add: + description: Added capabilities + items: + description: Capability represent POSIX + capabilities type + type: string + type: array + drop: + description: Removed capabilities + items: + description: Capability represent POSIX + capabilities type + type: string + type: array + type: object + privileged: + description: Run container in privileged mode. + Processes in privileged containers are essentially + equivalent to root on the host. Defaults to + false. Note that this field cannot be set + when spec.os.name is windows. + type: boolean + procMount: + description: procMount denotes the type of proc + mount to use for the containers. The default + is DefaultProcMount which uses the container + runtime defaults for readonly paths and masked + paths. This requires the ProcMountType feature + flag to be enabled. Note that this field cannot + be set when spec.os.name is windows. + type: string + readOnlyRootFilesystem: + description: Whether this container has a read-only + root filesystem. Default is false. Note that + this field cannot be set when spec.os.name + is windows. + type: boolean + runAsGroup: + description: The GID to run the entrypoint of + the container process. Uses runtime default + if unset. May also be set in PodSecurityContext. If + set in both SecurityContext and PodSecurityContext, + the value specified in SecurityContext takes + precedence. Note that this field cannot be + set when spec.os.name is windows. + format: int64 + type: integer + runAsNonRoot: + description: Indicates that the container must + run as a non-root user. If true, the Kubelet + will validate the image at runtime to ensure + that it does not run as UID 0 (root) and fail + to start the container if it does. If unset + or false, no such validation will be performed. + May also be set in PodSecurityContext. If + set in both SecurityContext and PodSecurityContext, + the value specified in SecurityContext takes + precedence. + type: boolean + runAsUser: + description: The UID to run the entrypoint of + the container process. Defaults to user specified + in image metadata if unspecified. May also + be set in PodSecurityContext. If set in both + SecurityContext and PodSecurityContext, the + value specified in SecurityContext takes precedence. + Note that this field cannot be set when spec.os.name + is windows. + format: int64 + type: integer + seLinuxOptions: + description: The SELinux context to be applied + to the container. If unspecified, the container + runtime will allocate a random SELinux context + for each container. May also be set in PodSecurityContext. If + set in both SecurityContext and PodSecurityContext, + the value specified in SecurityContext takes + precedence. Note that this field cannot be + set when spec.os.name is windows. + properties: + level: + description: Level is SELinux level label + that applies to the container. + type: string + role: + description: Role is a SELinux role label + that applies to the container. + type: string + type: + description: Type is a SELinux type label + that applies to the container. + type: string + user: + description: User is a SELinux user label + that applies to the container. + type: string + type: object + seccompProfile: + description: The seccomp options to use by this + container. If seccomp options are provided + at both the pod & container level, the container + options override the pod options. Note that + this field cannot be set when spec.os.name + is windows. + properties: + localhostProfile: + description: localhostProfile indicates + a profile defined in a file on the node + should be used. The profile must be preconfigured + on the node to work. Must be a descending + path, relative to the kubelet's configured + seccomp profile location. Must be set + if type is "Localhost". Must NOT be set + for any other type. + type: string + type: + description: "type indicates which kind + of seccomp profile will be applied. Valid + options are: \n Localhost - a profile + defined in a file on the node should be + used. RuntimeDefault - the container runtime + default profile should be used. Unconfined + - no profile should be applied." + type: string + required: + - type + type: object + windowsOptions: + description: The Windows specific settings applied + to all containers. If unspecified, the options + from the PodSecurityContext will be used. + If set in both SecurityContext and PodSecurityContext, + the value specified in SecurityContext takes + precedence. Note that this field cannot be + set when spec.os.name is linux. + properties: + gmsaCredentialSpec: + description: GMSACredentialSpec is where + the GMSA admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) + inlines the contents of the GMSA credential + spec named by the GMSACredentialSpecName + field. + type: string + gmsaCredentialSpecName: + description: GMSACredentialSpecName is the + name of the GMSA credential spec to use. + type: string + hostProcess: + description: HostProcess determines if a + container should be run as a 'Host Process' + container. All of a Pod's containers must + have the same effective HostProcess value + (it is not allowed to have a mix of HostProcess + containers and non-HostProcess containers). + In addition, if HostProcess is true then + HostNetwork must also be set to true. + type: boolean + runAsUserName: + description: The UserName in Windows to + run the entrypoint of the container process. + Defaults to the user specified in image + metadata if unspecified. May also be set + in PodSecurityContext. If set in both + SecurityContext and PodSecurityContext, + the value specified in SecurityContext + takes precedence. + type: string + type: object + type: object + startupProbe: + description: 'StartupProbe indicates that the Pod + has successfully initialized. If specified, no + other probes are executed until this completes + successfully. If this probe fails, the Pod will + be restarted, just as if the livenessProbe failed. + This can be used to provide different probe parameters + at the beginning of a Pod''s lifecycle, when it + might take a long time to load data or warm a + cache, than during steady-state operation. This + cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + properties: + exec: + description: Exec specifies the action to take. + properties: + command: + description: Command is the command line + to execute inside the container, the working + directory for the command is root ('/') + in the container's filesystem. The command + is simply exec'd, it is not run inside + a shell, so traditional shell instructions + ('|', etc) won't work. To use a shell, + you need to explicitly call out to that + shell. Exit status of 0 is treated as + live/healthy and non-zero is unhealthy. + items: + type: string + type: array + type: object + failureThreshold: + description: Minimum consecutive failures for + the probe to be considered failed after having + succeeded. Defaults to 3. Minimum value is + 1. + format: int32 + type: integer + grpc: + description: GRPC specifies an action involving + a GRPC port. + properties: + port: + description: Port number of the gRPC service. + Number must be in the range 1 to 65535. + format: int32 + type: integer + service: + description: "Service is the name of the + service to place in the gRPC HealthCheckRequest + (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + \n If this is not specified, the default + behavior is defined by gRPC." + type: string + required: + - port + type: object + httpGet: + description: HTTPGet specifies the http request + to perform. + properties: + host: + description: Host name to connect to, defaults + to the pod IP. You probably want to set + "Host" in httpHeaders instead. + type: string + httpHeaders: + description: Custom headers to set in the + request. HTTP allows repeated headers. + items: + description: HTTPHeader describes a custom + header to be used in HTTP probes + properties: + name: + description: The header field name. + This will be canonicalized upon + output, so case-variant names will + be understood as the same header. + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP + server. + type: string + port: + anyOf: + - type: integer + - type: string + description: Name or number of the port + to access on the container. Number must + be in the range 1 to 65535. Name must + be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: Scheme to use for connecting + to the host. Defaults to HTTP. + type: string + required: + - port + type: object + initialDelaySeconds: + description: 'Number of seconds after the container + has started before liveness probes are initiated. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + periodSeconds: + description: How often (in seconds) to perform + the probe. Default to 10 seconds. Minimum + value is 1. + format: int32 + type: integer + successThreshold: + description: Minimum consecutive successes for + the probe to be considered successful after + having failed. Defaults to 1. Must be 1 for + liveness and startup. Minimum value is 1. + format: int32 + type: integer + tcpSocket: + description: TCPSocket specifies an action involving + a TCP port. + properties: + host: + description: 'Optional: Host name to connect + to, defaults to the pod IP.' + type: string + port: + anyOf: + - type: integer + - type: string + description: Number or name of the port + to access on the container. Number must + be in the range 1 to 65535. Name must + be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + terminationGracePeriodSeconds: + description: Optional duration in seconds the + pod needs to terminate gracefully upon probe + failure. The grace period is the duration + in seconds after the processes running in + the pod are sent a termination signal and + the time when the processes are forcibly halted + with a kill signal. Set this value longer + than the expected cleanup time for your process. + If this value is nil, the pod's terminationGracePeriodSeconds + will be used. Otherwise, this value overrides + the value provided by the pod spec. Value + must be non-negative integer. The value zero + indicates stop immediately via the kill signal + (no opportunity to shut down). This is a beta + field and requires enabling ProbeTerminationGracePeriod + feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds + is used if unset. + format: int64 + type: integer + timeoutSeconds: + description: 'Number of seconds after which + the probe times out. Defaults to 1 second. + Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + type: object + stdin: + description: Whether this container should allocate + a buffer for stdin in the container runtime. If + this is not set, reads from stdin in the container + will always result in EOF. Default is false. + type: boolean + stdinOnce: + description: Whether the container runtime should + close the stdin channel after it has been opened + by a single attach. When stdin is true the stdin + stream will remain open across multiple attach + sessions. If stdinOnce is set to true, stdin is + opened on container start, is empty until the + first client attaches to stdin, and then remains + open and accepts data until the client disconnects, + at which time stdin is closed and remains closed + until the container is restarted. If this flag + is false, a container processes that reads from + stdin will never receive an EOF. Default is false + type: boolean + terminationMessagePath: + description: 'Optional: Path at which the file to + which the container''s termination message will + be written is mounted into the container''s filesystem. + Message written is intended to be brief final + status, such as an assertion failure message. + Will be truncated by the node if greater than + 4096 bytes. The total message length across all + containers will be limited to 12kb. Defaults to + /dev/termination-log. Cannot be updated.' + type: string + terminationMessagePolicy: + description: Indicate how the termination message + should be populated. File will use the contents + of terminationMessagePath to populate the container + status message on both success and failure. FallbackToLogsOnError + will use the last chunk of container log output + if the termination message file is empty and the + container exited with an error. The log output + is limited to 2048 bytes or 80 lines, whichever + is smaller. Defaults to File. Cannot be updated. + type: string + tty: + description: Whether this container should allocate + a TTY for itself, also requires 'stdin' to be + true. Default is false. + type: boolean + volumeDevices: + description: volumeDevices is the list of block + devices to be used by the container. + items: + description: volumeDevice describes a mapping + of a raw block device within a container. + properties: + devicePath: + description: devicePath is the path inside + of the container that the device will be + mapped to. + type: string + name: + description: name must match the name of a + persistentVolumeClaim in the pod + type: string + required: + - devicePath + - name + type: object + type: array + volumeMounts: + description: Pod volumes to mount into the container's + filesystem. Cannot be updated. + items: + description: VolumeMount describes a mounting + of a Volume within a container. + properties: + mountPath: + description: Path within the container at + which the volume should be mounted. Must + not contain ':'. + type: string + mountPropagation: + description: mountPropagation determines how + mounts are propagated from the host to container + and the other way around. When not set, + MountPropagationNone is used. This field + is beta in 1.10. + type: string + name: + description: This must match the Name of a + Volume. + type: string + readOnly: + description: Mounted read-only if true, read-write + otherwise (false or unspecified). Defaults + to false. + type: boolean + subPath: + description: Path within the volume from which + the container's volume should be mounted. + Defaults to "" (volume's root). + type: string + subPathExpr: + description: Expanded path within the volume + from which the container's volume should + be mounted. Behaves similarly to SubPath + but environment variable references $(VAR_NAME) + are expanded using the container's environment. + Defaults to "" (volume's root). SubPathExpr + and SubPath are mutually exclusive. + type: string + required: + - mountPath + - name + type: object + type: array + workingDir: + description: Container's working directory. If not + specified, the container runtime's default will + be used, which might be configured in the container + image. Cannot be updated. + type: string + required: + - name + type: object + type: array + nodeName: + description: NodeName is a request to schedule this pod + onto a specific node. If it is non-empty, the scheduler + simply schedules this pod onto that node, assuming that + it fits resource requirements. + type: string + nodeSelector: + additionalProperties: + type: string + description: 'NodeSelector is a selector which must be + true for the pod to fit on a node. Selector which must + match a node''s labels for the pod to be scheduled on + that node. More info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/' + type: object + x-kubernetes-map-type: atomic + os: + description: "Specifies the OS of the containers in the + pod. Some pod and container fields are restricted if + this is set. \n If the OS field is set to linux, the + following fields must be unset: -securityContext.windowsOptions + \n If the OS field is set to windows, following fields + must be unset: - spec.hostPID - spec.hostIPC - spec.hostUsers + - spec.securityContext.seLinuxOptions - spec.securityContext.seccompProfile + - spec.securityContext.fsGroup - spec.securityContext.fsGroupChangePolicy + - spec.securityContext.sysctls - spec.shareProcessNamespace + - spec.securityContext.runAsUser - spec.securityContext.runAsGroup + - spec.securityContext.supplementalGroups - spec.containers[*].securityContext.seLinuxOptions + - spec.containers[*].securityContext.seccompProfile + - spec.containers[*].securityContext.capabilities - + spec.containers[*].securityContext.readOnlyRootFilesystem + - spec.containers[*].securityContext.privileged - spec.containers[*].securityContext.allowPrivilegeEscalation + - spec.containers[*].securityContext.procMount - spec.containers[*].securityContext.runAsUser + - spec.containers[*].securityContext.runAsGroup" + properties: + name: + description: 'Name is the name of the operating system. + The currently supported values are linux and windows. + Additional value may be defined in future and can + be one of: https://github.com/opencontainers/runtime-spec/blob/master/config.md#platform-specific-configuration + Clients should expect to handle additional values + and treat unrecognized values in this field as os: + null' + type: string + required: + - name + type: object + overhead: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Overhead represents the resource overhead + associated with running a pod for a given RuntimeClass. + This field will be autopopulated at admission time by + the RuntimeClass admission controller. If the RuntimeClass + admission controller is enabled, overhead must not be + set in Pod create requests. The RuntimeClass admission + controller will reject Pod create requests which have + the overhead already set. If RuntimeClass is configured + and selected in the PodSpec, Overhead will be set to + the value defined in the corresponding RuntimeClass, + otherwise it will remain unset and treated as zero. + More info: https://git.k8s.io/enhancements/keps/sig-node/688-pod-overhead/README.md' + type: object + preemptionPolicy: + description: PreemptionPolicy is the Policy for preempting + pods with lower priority. One of Never, PreemptLowerPriority. + Defaults to PreemptLowerPriority if unset. + type: string + priority: + description: The priority value. Various system components + use this field to find the priority of the pod. When + Priority Admission Controller is enabled, it prevents + users from setting this field. The admission controller + populates this field from PriorityClassName. The higher + the value, the higher the priority. + format: int32 + type: integer + priorityClassName: + description: If specified, indicates the pod's priority. + "system-node-critical" and "system-cluster-critical" + are two special keywords which indicate the highest + priorities with the former being the highest priority. + Any other name must be defined by creating a PriorityClass + object with that name. If not specified, the pod priority + will be default or zero if there is no default. + type: string + readinessGates: + description: 'If specified, all readiness gates will be + evaluated for pod readiness. A pod is ready when all + its containers are ready AND all conditions specified + in the readiness gates have status equal to "True" More + info: https://git.k8s.io/enhancements/keps/sig-network/580-pod-readiness-gates' + items: + description: PodReadinessGate contains the reference + to a pod condition + properties: + conditionType: + description: ConditionType refers to a condition + in the pod's condition list with matching type. + type: string + required: + - conditionType + type: object + type: array + resourceClaims: + description: "ResourceClaims defines which ResourceClaims + must be allocated and reserved before the Pod is allowed + to start. The resources will be made available to those + containers which consume them by name. \n This is an + alpha field and requires enabling the DynamicResourceAllocation + feature gate. \n This field is immutable." + items: + description: PodResourceClaim references exactly one + ResourceClaim through a ClaimSource. It adds a name + to it that uniquely identifies the ResourceClaim inside + the Pod. Containers that need access to the ResourceClaim + reference it with this name. + properties: + name: + description: Name uniquely identifies this resource + claim inside the pod. This must be a DNS_LABEL. + type: string + source: + description: Source describes where to find the + ResourceClaim. + properties: + resourceClaimName: + description: ResourceClaimName is the name of + a ResourceClaim object in the same namespace + as this pod. + type: string + resourceClaimTemplateName: + description: "ResourceClaimTemplateName is the + name of a ResourceClaimTemplate object in + the same namespace as this pod. \n The template + will be used to create a new ResourceClaim, + which will be bound to this pod. When this + pod is deleted, the ResourceClaim will also + be deleted. The pod name and resource name, + along with a generated component, will be + used to form a unique name for the ResourceClaim, + which will be recorded in pod.status.resourceClaimStatuses. + \n This field is immutable and no changes + will be made to the corresponding ResourceClaim + by the control plane after creating the ResourceClaim." + type: string + type: object + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + restartPolicy: + description: 'Restart policy for all containers within + the pod. One of Always, OnFailure, Never. In some contexts, + only a subset of those values may be permitted. Default + to Always. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#restart-policy' + type: string + runtimeClassName: + description: 'RuntimeClassName refers to a RuntimeClass + object in the node.k8s.io group, which should be used + to run this pod. If no RuntimeClass resource matches + the named class, the pod will not be run. If unset or + empty, the "legacy" RuntimeClass will be used, which + is an implicit class with an empty definition that uses + the default runtime handler. More info: https://git.k8s.io/enhancements/keps/sig-node/585-runtime-class' + type: string + schedulerName: + description: If specified, the pod will be dispatched + by specified scheduler. If not specified, the pod will + be dispatched by default scheduler. + type: string + schedulingGates: + description: "SchedulingGates is an opaque list of values + that if specified will block scheduling the pod. If + schedulingGates is not empty, the pod will stay in the + SchedulingGated state and the scheduler will not attempt + to schedule the pod. \n SchedulingGates can only be + set at pod creation time, and be removed only afterwards. + \n This is a beta feature enabled by the PodSchedulingReadiness + feature gate." + items: + description: PodSchedulingGate is associated to a Pod + to guard its scheduling. + properties: + name: + description: Name of the scheduling gate. Each scheduling + gate must have a unique name field. + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + securityContext: + description: 'SecurityContext holds pod-level security + attributes and common container settings. Optional: + Defaults to empty. See type description for default + values of each field.' + properties: + fsGroup: + description: "A special supplemental group that applies + to all containers in a pod. Some volume types allow + the Kubelet to change the ownership of that volume + to be owned by the pod: \n 1. The owning GID will + be the FSGroup 2. The setgid bit is set (new files + created in the volume will be owned by FSGroup) + 3. The permission bits are OR'd with rw-rw---- \n + If unset, the Kubelet will not modify the ownership + and permissions of any volume. Note that this field + cannot be set when spec.os.name is windows." + format: int64 + type: integer + fsGroupChangePolicy: + description: 'fsGroupChangePolicy defines behavior + of changing ownership and permission of the volume + before being exposed inside Pod. This field will + only apply to volume types which support fsGroup + based ownership(and permissions). It will have no + effect on ephemeral volume types such as: secret, + configmaps and emptydir. Valid values are "OnRootMismatch" + and "Always". If not specified, "Always" is used. + Note that this field cannot be set when spec.os.name + is windows.' + type: string + runAsGroup: + description: The GID to run the entrypoint of the + container process. Uses runtime default if unset. + May also be set in SecurityContext. If set in both + SecurityContext and PodSecurityContext, the value + specified in SecurityContext takes precedence for + that container. Note that this field cannot be set + when spec.os.name is windows. + format: int64 + type: integer + runAsNonRoot: + description: Indicates that the container must run + as a non-root user. If true, the Kubelet will validate + the image at runtime to ensure that it does not + run as UID 0 (root) and fail to start the container + if it does. If unset or false, no such validation + will be performed. May also be set in SecurityContext. If + set in both SecurityContext and PodSecurityContext, + the value specified in SecurityContext takes precedence. + type: boolean + runAsUser: + description: The UID to run the entrypoint of the + container process. Defaults to user specified in + image metadata if unspecified. May also be set in + SecurityContext. If set in both SecurityContext + and PodSecurityContext, the value specified in SecurityContext + takes precedence for that container. Note that this + field cannot be set when spec.os.name is windows. + format: int64 + type: integer + seLinuxOptions: + description: The SELinux context to be applied to + all containers. If unspecified, the container runtime + will allocate a random SELinux context for each + container. May also be set in SecurityContext. If + set in both SecurityContext and PodSecurityContext, + the value specified in SecurityContext takes precedence + for that container. Note that this field cannot + be set when spec.os.name is windows. + properties: + level: + description: Level is SELinux level label that + applies to the container. + type: string + role: + description: Role is a SELinux role label that + applies to the container. + type: string + type: + description: Type is a SELinux type label that + applies to the container. + type: string + user: + description: User is a SELinux user label that + applies to the container. + type: string + type: object + seccompProfile: + description: The seccomp options to use by the containers + in this pod. Note that this field cannot be set + when spec.os.name is windows. + properties: + localhostProfile: + description: localhostProfile indicates a profile + defined in a file on the node should be used. + The profile must be preconfigured on the node + to work. Must be a descending path, relative + to the kubelet's configured seccomp profile + location. Must be set if type is "Localhost". + Must NOT be set for any other type. + type: string + type: + description: "type indicates which kind of seccomp + profile will be applied. Valid options are: + \n Localhost - a profile defined in a file on + the node should be used. RuntimeDefault - the + container runtime default profile should be + used. Unconfined - no profile should be applied." + type: string + required: + - type + type: object + supplementalGroups: + description: A list of groups applied to the first + process run in each container, in addition to the + container's primary GID, the fsGroup (if specified), + and group memberships defined in the container image + for the uid of the container process. If unspecified, + no additional groups are added to any container. + Note that group memberships defined in the container + image for the uid of the container process are still + effective, even if they are not included in this + list. Note that this field cannot be set when spec.os.name + is windows. + items: + format: int64 + type: integer + type: array + sysctls: + description: Sysctls hold a list of namespaced sysctls + used for the pod. Pods with unsupported sysctls + (by the container runtime) might fail to launch. + Note that this field cannot be set when spec.os.name + is windows. + items: + description: Sysctl defines a kernel parameter to + be set + properties: + name: + description: Name of a property to set + type: string + value: + description: Value of a property to set + type: string + required: + - name + - value + type: object + type: array + windowsOptions: + description: The Windows specific settings applied + to all containers. If unspecified, the options within + a container's SecurityContext will be used. If set + in both SecurityContext and PodSecurityContext, + the value specified in SecurityContext takes precedence. + Note that this field cannot be set when spec.os.name + is linux. + properties: + gmsaCredentialSpec: + description: GMSACredentialSpec is where the GMSA + admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) + inlines the contents of the GMSA credential + spec named by the GMSACredentialSpecName field. + type: string + gmsaCredentialSpecName: + description: GMSACredentialSpecName is the name + of the GMSA credential spec to use. + type: string + hostProcess: + description: HostProcess determines if a container + should be run as a 'Host Process' container. + All of a Pod's containers must have the same + effective HostProcess value (it is not allowed + to have a mix of HostProcess containers and + non-HostProcess containers). In addition, if + HostProcess is true then HostNetwork must also + be set to true. + type: boolean + runAsUserName: + description: The UserName in Windows to run the + entrypoint of the container process. Defaults + to the user specified in image metadata if unspecified. + May also be set in PodSecurityContext. If set + in both SecurityContext and PodSecurityContext, + the value specified in SecurityContext takes + precedence. + type: string + type: object + type: object + serviceAccount: + description: 'DeprecatedServiceAccount is a depreciated + alias for ServiceAccountName. Deprecated: Use serviceAccountName + instead.' + type: string + serviceAccountName: + description: 'ServiceAccountName is the name of the ServiceAccount + to use to run this pod. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/' + type: string + setHostnameAsFQDN: + description: If true the pod's hostname will be configured + as the pod's FQDN, rather than the leaf name (the default). + In Linux containers, this means setting the FQDN in + the hostname field of the kernel (the nodename field + of struct utsname). In Windows containers, this means + setting the registry value of hostname for the registry + key HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Services\\Tcpip\\Parameters + to FQDN. If a pod does not have FQDN, this has no effect. + Default to false. + type: boolean + shareProcessNamespace: + description: 'Share a single process namespace between + all of the containers in a pod. When this is set containers + will be able to view and signal processes from other + containers in the same pod, and the first process in + each container will not be assigned PID 1. HostPID and + ShareProcessNamespace cannot both be set. Optional: + Default to false.' + type: boolean + subdomain: + description: If specified, the fully qualified Pod hostname + will be "...svc.". If not specified, the pod will not have a + domainname at all. + type: string + terminationGracePeriodSeconds: + description: Optional duration in seconds the pod needs + to terminate gracefully. May be decreased in delete + request. Value must be non-negative integer. The value + zero indicates stop immediately via the kill signal + (no opportunity to shut down). If this value is nil, + the default grace period will be used instead. The grace + period is the duration in seconds after the processes + running in the pod are sent a termination signal and + the time when the processes are forcibly halted with + a kill signal. Set this value longer than the expected + cleanup time for your process. Defaults to 30 seconds. + format: int64 + type: integer + tolerations: + description: If specified, the pod's tolerations. + items: + description: The pod this Toleration is attached to + tolerates any taint that matches the triple + using the matching operator . + properties: + effect: + description: Effect indicates the taint effect to + match. Empty means match all taint effects. When + specified, allowed values are NoSchedule, PreferNoSchedule + and NoExecute. + type: string + key: + description: Key is the taint key that the toleration + applies to. Empty means match all taint keys. + If the key is empty, operator must be Exists; + this combination means to match all values and + all keys. + type: string + operator: + description: Operator represents a key's relationship + to the value. Valid operators are Exists and Equal. + Defaults to Equal. Exists is equivalent to wildcard + for value, so that a pod can tolerate all taints + of a particular category. + type: string + tolerationSeconds: + description: TolerationSeconds represents the period + of time the toleration (which must be of effect + NoExecute, otherwise this field is ignored) tolerates + the taint. By default, it is not set, which means + tolerate the taint forever (do not evict). Zero + and negative values will be treated as 0 (evict + immediately) by the system. + format: int64 + type: integer + value: + description: Value is the taint value the toleration + matches to. If the operator is Exists, the value + should be empty, otherwise just a regular string. + type: string + type: object + type: array + topologySpreadConstraints: + description: TopologySpreadConstraints describes how a + group of pods ought to spread across topology domains. + Scheduler will schedule pods in a way which abides by + the constraints. All topologySpreadConstraints are ANDed. + items: + description: TopologySpreadConstraint specifies how + to spread matching pods among the given topology. + properties: + labelSelector: + description: LabelSelector is used to find matching + pods. Pods that match this label selector are + counted to determine the number of pods in their + corresponding topology domain. + properties: + matchExpressions: + description: matchExpressions is a list of label + selector requirements. The requirements are + ANDed. + items: + description: A label selector requirement + is a selector that contains values, a key, + and an operator that relates the key and + values. + properties: + key: + description: key is the label key that + the selector applies to. + type: string + operator: + description: operator represents a key's + relationship to a set of values. Valid + operators are In, NotIn, Exists and + DoesNotExist. + type: string + values: + description: values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. + If the operator is Exists or DoesNotExist, + the values array must be empty. This + array is replaced during a strategic + merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is + "In", and the values array contains only "value". + The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + matchLabelKeys: + description: "MatchLabelKeys is a set of pod label + keys to select the pods over which spreading will + be calculated. The keys are used to lookup values + from the incoming pod labels, those key-value + labels are ANDed with labelSelector to select + the group of existing pods over which spreading + will be calculated for the incoming pod. The same + key is forbidden to exist in both MatchLabelKeys + and LabelSelector. MatchLabelKeys cannot be set + when LabelSelector isn't set. Keys that don't + exist in the incoming pod labels will be ignored. + A null or empty list means only match against + labelSelector. \n This is a beta field and requires + the MatchLabelKeysInPodTopologySpread feature + gate to be enabled (enabled by default)." + items: + type: string + type: array + x-kubernetes-list-type: atomic + maxSkew: + description: 'MaxSkew describes the degree to which + pods may be unevenly distributed. When `whenUnsatisfiable=DoNotSchedule`, + it is the maximum permitted difference between + the number of matching pods in the target topology + and the global minimum. The global minimum is + the minimum number of matching pods in an eligible + domain or zero if the number of eligible domains + is less than MinDomains. For example, in a 3-zone + cluster, MaxSkew is set to 1, and pods with the + same labelSelector spread as 2/2/1: In this case, + the global minimum is 1. | zone1 | zone2 | zone3 + | | P P | P P | P | - if MaxSkew is 1, + incoming pod can only be scheduled to zone3 to + become 2/2/2; scheduling it onto zone1(zone2) + would make the ActualSkew(3-1) on zone1(zone2) + violate MaxSkew(1). - if MaxSkew is 2, incoming + pod can be scheduled onto any zone. When `whenUnsatisfiable=ScheduleAnyway`, + it is used to give higher precedence to topologies + that satisfy it. It''s a required field. Default + value is 1 and 0 is not allowed.' + format: int32 + type: integer + minDomains: + description: "MinDomains indicates a minimum number + of eligible domains. When the number of eligible + domains with matching topology keys is less than + minDomains, Pod Topology Spread treats \"global + minimum\" as 0, and then the calculation of Skew + is performed. And when the number of eligible + domains with matching topology keys equals or + greater than minDomains, this value has no effect + on scheduling. As a result, when the number of + eligible domains is less than minDomains, scheduler + won't schedule more than maxSkew Pods to those + domains. If value is nil, the constraint behaves + as if MinDomains is equal to 1. Valid values are + integers greater than 0. When value is not nil, + WhenUnsatisfiable must be DoNotSchedule. \n For + example, in a 3-zone cluster, MaxSkew is set to + 2, MinDomains is set to 5 and pods with the same + labelSelector spread as 2/2/2: | zone1 | zone2 + | zone3 | | P P | P P | P P | The number + of domains is less than 5(MinDomains), so \"global + minimum\" is treated as 0. In this situation, + new pod with the same labelSelector cannot be + scheduled, because computed skew will be 3(3 - + 0) if new Pod is scheduled to any of the three + zones, it will violate MaxSkew. \n This is a beta + field and requires the MinDomainsInPodTopologySpread + feature gate to be enabled (enabled by default)." + format: int32 + type: integer + nodeAffinityPolicy: + description: "NodeAffinityPolicy indicates how we + will treat Pod's nodeAffinity/nodeSelector when + calculating pod topology spread skew. Options + are: - Honor: only nodes matching nodeAffinity/nodeSelector + are included in the calculations. - Ignore: nodeAffinity/nodeSelector + are ignored. All nodes are included in the calculations. + \n If this value is nil, the behavior is equivalent + to the Honor policy. This is a beta-level feature + default enabled by the NodeInclusionPolicyInPodTopologySpread + feature flag." + type: string + nodeTaintsPolicy: + description: "NodeTaintsPolicy indicates how we + will treat node taints when calculating pod topology + spread skew. Options are: - Honor: nodes without + taints, along with tainted nodes for which the + incoming pod has a toleration, are included. - + Ignore: node taints are ignored. All nodes are + included. \n If this value is nil, the behavior + is equivalent to the Ignore policy. This is a + beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread + feature flag." + type: string + topologyKey: + description: TopologyKey is the key of node labels. + Nodes that have a label with this key and identical + values are considered to be in the same topology. + We consider each as a "bucket", and + try to put balanced number of pods into each bucket. + We define a domain as a particular instance of + a topology. Also, we define an eligible domain + as a domain whose nodes meet the requirements + of nodeAffinityPolicy and nodeTaintsPolicy. e.g. + If TopologyKey is "kubernetes.io/hostname", each + Node is a domain of that topology. And, if TopologyKey + is "topology.kubernetes.io/zone", each zone is + a domain of that topology. It's a required field. + type: string + whenUnsatisfiable: + description: 'WhenUnsatisfiable indicates how to + deal with a pod if it doesn''t satisfy the spread + constraint. - DoNotSchedule (default) tells the + scheduler not to schedule it. - ScheduleAnyway + tells the scheduler to schedule the pod in any + location, but giving higher precedence to topologies + that would help reduce the skew. A constraint + is considered "Unsatisfiable" for an incoming + pod if and only if every possible node assignment + for that pod would violate "MaxSkew" on some topology. + For example, in a 3-zone cluster, MaxSkew is set + to 1, and pods with the same labelSelector spread + as 3/1/1: | zone1 | zone2 | zone3 | | P P P | P | P | + If WhenUnsatisfiable is set to DoNotSchedule, + incoming pod can only be scheduled to zone2(zone3) + to become 3/2/1(3/1/2) as ActualSkew(2-1) on zone2(zone3) + satisfies MaxSkew(1). In other words, the cluster + can still be imbalanced, but scheduler won''t + make it *more* imbalanced. It''s a required field.' + type: string + required: + - maxSkew + - topologyKey + - whenUnsatisfiable + type: object + type: array + x-kubernetes-list-map-keys: + - topologyKey + - whenUnsatisfiable + x-kubernetes-list-type: map + volumes: + description: 'List of volumes that can be mounted by containers + belonging to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes' + items: + description: Volume represents a named volume in a pod + that may be accessed by any container in the pod. + properties: + awsElasticBlockStore: + description: 'awsElasticBlockStore represents an + AWS Disk resource that is attached to a kubelet''s + host machine and then exposed to the pod. More + info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' + properties: + fsType: + description: 'fsType is the filesystem type + of the volume that you want to mount. Tip: + Ensure that the filesystem type is supported + by the host operating system. Examples: "ext4", + "xfs", "ntfs". Implicitly inferred to be "ext4" + if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore + TODO: how do we prevent errors in the filesystem + from compromising the machine' + type: string + partition: + description: 'partition is the partition in + the volume that you want to mount. If omitted, + the default is to mount by volume name. Examples: + For volume /dev/sda1, you specify the partition + as "1". Similarly, the volume partition for + /dev/sda is "0" (or you can leave the property + empty).' + format: int32 + type: integer + readOnly: + description: 'readOnly value true will force + the readOnly setting in VolumeMounts. More + info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' + type: boolean + volumeID: + description: 'volumeID is unique ID of the persistent + disk resource in AWS (Amazon EBS volume). + More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' + type: string + required: + - volumeID + type: object + azureDisk: + description: azureDisk represents an Azure Data + Disk mount on the host and bind mount to the pod. + properties: + cachingMode: + description: 'cachingMode is the Host Caching + mode: None, Read Only, Read Write.' + type: string + diskName: + description: diskName is the Name of the data + disk in the blob storage + type: string + diskURI: + description: diskURI is the URI of data disk + in the blob storage + type: string + fsType: + description: fsType is Filesystem type to mount. + Must be a filesystem type supported by the + host operating system. Ex. "ext4", "xfs", + "ntfs". Implicitly inferred to be "ext4" if + unspecified. + type: string + kind: + description: 'kind expected values are Shared: + multiple blob disks per storage account Dedicated: + single blob disk per storage account Managed: + azure managed data disk (only in managed availability + set). defaults to shared' + type: string + readOnly: + description: readOnly Defaults to false (read/write). + ReadOnly here will force the ReadOnly setting + in VolumeMounts. + type: boolean + required: + - diskName + - diskURI + type: object + azureFile: + description: azureFile represents an Azure File + Service mount on the host and bind mount to the + pod. + properties: + readOnly: + description: readOnly defaults to false (read/write). + ReadOnly here will force the ReadOnly setting + in VolumeMounts. + type: boolean + secretName: + description: secretName is the name of secret + that contains Azure Storage Account Name and + Key + type: string + shareName: + description: shareName is the azure share Name + type: string + required: + - secretName + - shareName + type: object + cephfs: + description: cephFS represents a Ceph FS mount on + the host that shares a pod's lifetime + properties: + monitors: + description: 'monitors is Required: Monitors + is a collection of Ceph monitors More info: + https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' + items: + type: string + type: array + path: + description: 'path is Optional: Used as the + mounted root, rather than the full Ceph tree, + default is /' + type: string + readOnly: + description: 'readOnly is Optional: Defaults + to false (read/write). ReadOnly here will + force the ReadOnly setting in VolumeMounts. + More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' + type: boolean + secretFile: + description: 'secretFile is Optional: SecretFile + is the path to key ring for User, default + is /etc/ceph/user.secret More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' + type: string + secretRef: + description: 'secretRef is Optional: SecretRef + is reference to the authentication secret + for User, default is empty. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' + properties: + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + type: object + x-kubernetes-map-type: atomic + user: + description: 'user is optional: User is the + rados user name, default is admin More info: + https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' + type: string + required: + - monitors + type: object + cinder: + description: 'cinder represents a cinder volume + attached and mounted on kubelets host machine. + More info: https://examples.k8s.io/mysql-cinder-pd/README.md' + properties: + fsType: + description: 'fsType is the filesystem type + to mount. Must be a filesystem type supported + by the host operating system. Examples: "ext4", + "xfs", "ntfs". Implicitly inferred to be "ext4" + if unspecified. More info: https://examples.k8s.io/mysql-cinder-pd/README.md' + type: string + readOnly: + description: 'readOnly defaults to false (read/write). + ReadOnly here will force the ReadOnly setting + in VolumeMounts. More info: https://examples.k8s.io/mysql-cinder-pd/README.md' + type: boolean + secretRef: + description: 'secretRef is optional: points + to a secret object containing parameters used + to connect to OpenStack.' + properties: + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + type: object + x-kubernetes-map-type: atomic + volumeID: + description: 'volumeID used to identify the + volume in cinder. More info: https://examples.k8s.io/mysql-cinder-pd/README.md' + type: string + required: + - volumeID + type: object + configMap: + description: configMap represents a configMap that + should populate this volume + properties: + defaultMode: + description: 'defaultMode is optional: mode + bits used to set permissions on created files + by default. Must be an octal value between + 0000 and 0777 or a decimal value between 0 + and 511. YAML accepts both octal and decimal + values, JSON requires decimal values for mode + bits. Defaults to 0644. Directories within + the path are not affected by this setting. + This might be in conflict with other options + that affect the file mode, like fsGroup, and + the result can be other mode bits set.' + format: int32 + type: integer + items: + description: items if unspecified, each key-value + pair in the Data field of the referenced ConfigMap + will be projected into the volume as a file + whose name is the key and content is the value. + If specified, the listed keys will be projected + into the specified paths, and unlisted keys + will not be present. If a key is specified + which is not present in the ConfigMap, the + volume setup will error unless it is marked + optional. Paths must be relative and may not + contain the '..' path or start with '..'. + items: + description: Maps a string key to a path within + a volume. + properties: + key: + description: key is the key to project. + type: string + mode: + description: 'mode is Optional: mode bits + used to set permissions on this file. + Must be an octal value between 0000 + and 0777 or a decimal value between + 0 and 511. YAML accepts both octal and + decimal values, JSON requires decimal + values for mode bits. If not specified, + the volume defaultMode will be used. + This might be in conflict with other + options that affect the file mode, like + fsGroup, and the result can be other + mode bits set.' + format: int32 + type: integer + path: + description: path is the relative path + of the file to map the key to. May not + be an absolute path. May not contain + the path element '..'. May not start + with the string '..'. + type: string + required: + - key + - path + type: object + type: array + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: optional specify whether the ConfigMap + or its keys must be defined + type: boolean + type: object + x-kubernetes-map-type: atomic + csi: + description: csi (Container Storage Interface) represents + ephemeral storage that is handled by certain external + CSI drivers (Beta feature). + properties: + driver: + description: driver is the name of the CSI driver + that handles this volume. Consult with your + admin for the correct name as registered in + the cluster. + type: string + fsType: + description: fsType to mount. Ex. "ext4", "xfs", + "ntfs". If not provided, the empty value is + passed to the associated CSI driver which + will determine the default filesystem to apply. + type: string + nodePublishSecretRef: + description: nodePublishSecretRef is a reference + to the secret object containing sensitive + information to pass to the CSI driver to complete + the CSI NodePublishVolume and NodeUnpublishVolume + calls. This field is optional, and may be + empty if no secret is required. If the secret + object contains more than one secret, all + secret references are passed. + properties: + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + type: object + x-kubernetes-map-type: atomic + readOnly: + description: readOnly specifies a read-only + configuration for the volume. Defaults to + false (read/write). + type: boolean + volumeAttributes: + additionalProperties: + type: string + description: volumeAttributes stores driver-specific + properties that are passed to the CSI driver. + Consult your driver's documentation for supported + values. + type: object + required: + - driver + type: object + downwardAPI: + description: downwardAPI represents downward API + about the pod that should populate this volume + properties: + defaultMode: + description: 'Optional: mode bits to use on + created files by default. Must be a Optional: + mode bits used to set permissions on created + files by default. Must be an octal value between + 0000 and 0777 or a decimal value between 0 + and 511. YAML accepts both octal and decimal + values, JSON requires decimal values for mode + bits. Defaults to 0644. Directories within + the path are not affected by this setting. + This might be in conflict with other options + that affect the file mode, like fsGroup, and + the result can be other mode bits set.' + format: int32 + type: integer + items: + description: Items is a list of downward API + volume file + items: + description: DownwardAPIVolumeFile represents + information to create the file containing + the pod field + properties: + fieldRef: + description: 'Required: Selects a field + of the pod: only annotations, labels, + name and namespace are supported.' + properties: + apiVersion: + description: Version of the schema + the FieldPath is written in terms + of, defaults to "v1". + type: string + fieldPath: + description: Path of the field to + select in the specified API version. + type: string + required: + - fieldPath + type: object + x-kubernetes-map-type: atomic + mode: + description: 'Optional: mode bits used + to set permissions on this file, must + be an octal value between 0000 and 0777 + or a decimal value between 0 and 511. + YAML accepts both octal and decimal + values, JSON requires decimal values + for mode bits. If not specified, the + volume defaultMode will be used. This + might be in conflict with other options + that affect the file mode, like fsGroup, + and the result can be other mode bits + set.' + format: int32 + type: integer + path: + description: 'Required: Path is the relative + path name of the file to be created. + Must not be absolute or contain the + ''..'' path. Must be utf-8 encoded. + The first item of the relative path + must not start with ''..''' + type: string + resourceFieldRef: + description: 'Selects a resource of the + container: only resources limits and + requests (limits.cpu, limits.memory, + requests.cpu and requests.memory) are + currently supported.' + properties: + containerName: + description: 'Container name: required + for volumes, optional for env vars' + type: string + divisor: + anyOf: + - type: integer + - type: string + description: Specifies the output + format of the exposed resources, + defaults to "1" + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + description: 'Required: resource to + select' + type: string + required: + - resource + type: object + x-kubernetes-map-type: atomic + required: + - path + type: object + type: array + type: object + emptyDir: + description: 'emptyDir represents a temporary directory + that shares a pod''s lifetime. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' + properties: + medium: + description: 'medium represents what type of + storage medium should back this directory. + The default is "" which means to use the node''s + default medium. Must be an empty string (default) + or Memory. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' + type: string + sizeLimit: + anyOf: + - type: integer + - type: string + description: 'sizeLimit is the total amount + of local storage required for this EmptyDir + volume. The size limit is also applicable + for memory medium. The maximum usage on memory + medium EmptyDir would be the minimum value + between the SizeLimit specified here and the + sum of memory limits of all containers in + a pod. The default is nil which means that + the limit is undefined. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + ephemeral: + description: "ephemeral represents a volume that + is handled by a cluster storage driver. The volume's + lifecycle is tied to the pod that defines it - + it will be created before the pod starts, and + deleted when the pod is removed. \n Use this if: + a) the volume is only needed while the pod runs, + b) features of normal volumes like restoring from + snapshot or capacity tracking are needed, c) the + storage driver is specified through a storage + class, and d) the storage driver supports dynamic + volume provisioning through a PersistentVolumeClaim + (see EphemeralVolumeSource for more information + on the connection between this volume type and + PersistentVolumeClaim). \n Use PersistentVolumeClaim + or one of the vendor-specific APIs for volumes + that persist for longer than the lifecycle of + an individual pod. \n Use CSI for light-weight + local ephemeral volumes if the CSI driver is meant + to be used that way - see the documentation of + the driver for more information. \n A pod can + use both types of ephemeral volumes and persistent + volumes at the same time." + properties: + volumeClaimTemplate: + description: "Will be used to create a stand-alone + PVC to provision the volume. The pod in which + this EphemeralVolumeSource is embedded will + be the owner of the PVC, i.e. the PVC will + be deleted together with the pod. The name + of the PVC will be `-` + where `` is the name from the + `PodSpec.Volumes` array entry. Pod validation + will reject the pod if the concatenated name + is not valid for a PVC (for example, too long). + \n An existing PVC with that name that is + not owned by the pod will *not* be used for + the pod to avoid using an unrelated volume + by mistake. Starting the pod is then blocked + until the unrelated PVC is removed. If such + a pre-created PVC is meant to be used by the + pod, the PVC has to updated with an owner + reference to the pod once the pod exists. + Normally this should not be necessary, but + it may be useful when manually reconstructing + a broken cluster. \n This field is read-only + and no changes will be made by Kubernetes + to the PVC after it has been created. \n Required, + must not be nil." + properties: + metadata: + description: May contain labels and annotations + that will be copied into the PVC when + creating it. No other fields are allowed + and will be rejected during validation. + type: object + spec: + description: The specification for the PersistentVolumeClaim. + The entire content is copied unchanged + into the PVC that gets created from this + template. The same fields as in a PersistentVolumeClaim + are also valid here. + properties: + accessModes: + description: 'accessModes contains the + desired access modes the volume should + have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1' + items: + type: string + type: array + dataSource: + description: 'dataSource field can be + used to specify either: * An existing + VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) + * An existing PVC (PersistentVolumeClaim) + If the provisioner or an external + controller can support the specified + data source, it will create a new + volume based on the contents of the + specified data source. When the AnyVolumeDataSource + feature gate is enabled, dataSource + contents will be copied to dataSourceRef, + and dataSourceRef contents will be + copied to dataSource when dataSourceRef.namespace + is not specified. If the namespace + is specified, then dataSourceRef will + not be copied to dataSource.' + properties: + apiGroup: + description: APIGroup is the group + for the resource being referenced. + If APIGroup is not specified, + the specified Kind must be in + the core API group. For any other + third-party types, APIGroup is + required. + type: string + kind: + description: Kind is the type of + resource being referenced + type: string + name: + description: Name is the name of + resource being referenced + type: string + required: + - kind + - name + type: object + x-kubernetes-map-type: atomic + dataSourceRef: + description: 'dataSourceRef specifies + the object from which to populate + the volume with data, if a non-empty + volume is desired. This may be any + object from a non-empty API group + (non core object) or a PersistentVolumeClaim + object. When this field is specified, + volume binding will only succeed if + the type of the specified object matches + some installed volume populator or + dynamic provisioner. This field will + replace the functionality of the dataSource + field and as such if both fields are + non-empty, they must have the same + value. For backwards compatibility, + when namespace isn''t specified in + dataSourceRef, both fields (dataSource + and dataSourceRef) will be set to + the same value automatically if one + of them is empty and the other is + non-empty. When namespace is specified + in dataSourceRef, dataSource isn''t + set to the same value and must be + empty. There are three important differences + between dataSource and dataSourceRef: + * While dataSource only allows two + specific types of objects, dataSourceRef + allows any non-core object, as well + as PersistentVolumeClaim objects. + * While dataSource ignores disallowed + values (dropping them), dataSourceRef + preserves all values, and generates + an error if a disallowed value is + specified. * While dataSource only + allows local objects, dataSourceRef + allows objects in any namespaces. + (Beta) Using this field requires the + AnyVolumeDataSource feature gate to + be enabled. (Alpha) Using the namespace + field of dataSourceRef requires the + CrossNamespaceVolumeDataSource feature + gate to be enabled.' + properties: + apiGroup: + description: APIGroup is the group + for the resource being referenced. + If APIGroup is not specified, + the specified Kind must be in + the core API group. For any other + third-party types, APIGroup is + required. + type: string + kind: + description: Kind is the type of + resource being referenced + type: string + name: + description: Name is the name of + resource being referenced + type: string + namespace: + description: Namespace is the namespace + of resource being referenced Note + that when a namespace is specified, + a gateway.networking.k8s.io/ReferenceGrant + object is required in the referent + namespace to allow that namespace's + owner to accept the reference. + See the ReferenceGrant documentation + for details. (Alpha) This field + requires the CrossNamespaceVolumeDataSource + feature gate to be enabled. + type: string + required: + - kind + - name + type: object + resources: + description: 'resources represents the + minimum resources the volume should + have. If RecoverVolumeExpansionFailure + feature is enabled users are allowed + to specify resource requirements that + are lower than previous value but + must still be higher than capacity + recorded in the status field of the + claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources' + properties: + claims: + description: "Claims lists the names + of resources, defined in spec.resourceClaims, + that are used by this container. + \n This is an alpha field and + requires enabling the DynamicResourceAllocation + feature gate. \n This field is + immutable. It can only be set + for containers." + items: + description: ResourceClaim references + one entry in PodSpec.ResourceClaims. + properties: + name: + description: Name must match + the name of one entry in + pod.spec.resourceClaims + of the Pod where this field + is used. It makes that resource + available inside a container. + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the + maximum amount of compute resources + allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes + the minimum amount of compute + resources required. If Requests + is omitted for a container, it + defaults to Limits if that is + explicitly specified, otherwise + to an implementation-defined value. + Requests cannot exceed Limits. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + type: object + selector: + description: selector is a label query + over volumes to consider for binding. + properties: + matchExpressions: + description: matchExpressions is + a list of label selector requirements. + The requirements are ANDed. + items: + description: A label selector + requirement is a selector that + contains values, a key, and + an operator that relates the + key and values. + properties: + key: + description: key is the label + key that the selector applies + to. + type: string + operator: + description: operator represents + a key's relationship to + a set of values. Valid operators + are In, NotIn, Exists and + DoesNotExist. + type: string + values: + description: values is an + array of string values. + If the operator is In or + NotIn, the values array + must be non-empty. If the + operator is Exists or DoesNotExist, + the values array must be + empty. This array is replaced + during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map + of {key,value} pairs. A single + {key,value} in the matchLabels + map is equivalent to an element + of matchExpressions, whose key + field is "key", the operator is + "In", and the values array contains + only "value". The requirements + are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + storageClassName: + description: 'storageClassName is the + name of the StorageClass required + by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1' + type: string + volumeMode: + description: volumeMode defines what + type of volume is required by the + claim. Value of Filesystem is implied + when not included in claim spec. + type: string + volumeName: + description: volumeName is the binding + reference to the PersistentVolume + backing this claim. + type: string + type: object + required: + - spec + type: object + type: object + fc: + description: fc represents a Fibre Channel resource + that is attached to a kubelet's host machine and + then exposed to the pod. + properties: + fsType: + description: 'fsType is the filesystem type + to mount. Must be a filesystem type supported + by the host operating system. Ex. "ext4", + "xfs", "ntfs". Implicitly inferred to be "ext4" + if unspecified. TODO: how do we prevent errors + in the filesystem from compromising the machine' + type: string + lun: + description: 'lun is Optional: FC target lun + number' + format: int32 + type: integer + readOnly: + description: 'readOnly is Optional: Defaults + to false (read/write). ReadOnly here will + force the ReadOnly setting in VolumeMounts.' + type: boolean + targetWWNs: + description: 'targetWWNs is Optional: FC target + worldwide names (WWNs)' + items: + type: string + type: array + wwids: + description: 'wwids Optional: FC volume world + wide identifiers (wwids) Either wwids or combination + of targetWWNs and lun must be set, but not + both simultaneously.' + items: + type: string + type: array + type: object + flexVolume: + description: flexVolume represents a generic volume + resource that is provisioned/attached using an + exec based plugin. + properties: + driver: + description: driver is the name of the driver + to use for this volume. + type: string + fsType: + description: fsType is the filesystem type to + mount. Must be a filesystem type supported + by the host operating system. Ex. "ext4", + "xfs", "ntfs". The default filesystem depends + on FlexVolume script. + type: string + options: + additionalProperties: + type: string + description: 'options is Optional: this field + holds extra command options if any.' + type: object + readOnly: + description: 'readOnly is Optional: defaults + to false (read/write). ReadOnly here will + force the ReadOnly setting in VolumeMounts.' + type: boolean + secretRef: + description: 'secretRef is Optional: secretRef + is reference to the secret object containing + sensitive information to pass to the plugin + scripts. This may be empty if no secret object + is specified. If the secret object contains + more than one secret, all secrets are passed + to the plugin scripts.' + properties: + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + type: object + x-kubernetes-map-type: atomic + required: + - driver + type: object + flocker: + description: flocker represents a Flocker volume + attached to a kubelet's host machine. This depends + on the Flocker control service being running + properties: + datasetName: + description: datasetName is Name of the dataset + stored as metadata -> name on the dataset + for Flocker should be considered as deprecated + type: string + datasetUUID: + description: datasetUUID is the UUID of the + dataset. This is unique identifier of a Flocker + dataset + type: string + type: object + gcePersistentDisk: + description: 'gcePersistentDisk represents a GCE + Disk resource that is attached to a kubelet''s + host machine and then exposed to the pod. More + info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' + properties: + fsType: + description: 'fsType is filesystem type of the + volume that you want to mount. Tip: Ensure + that the filesystem type is supported by the + host operating system. Examples: "ext4", "xfs", + "ntfs". Implicitly inferred to be "ext4" if + unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk + TODO: how do we prevent errors in the filesystem + from compromising the machine' + type: string + partition: + description: 'partition is the partition in + the volume that you want to mount. If omitted, + the default is to mount by volume name. Examples: + For volume /dev/sda1, you specify the partition + as "1". Similarly, the volume partition for + /dev/sda is "0" (or you can leave the property + empty). More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' + format: int32 + type: integer + pdName: + description: 'pdName is unique name of the PD + resource in GCE. Used to identify the disk + in GCE. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' + type: string + readOnly: + description: 'readOnly here will force the ReadOnly + setting in VolumeMounts. Defaults to false. + More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' + type: boolean + required: + - pdName + type: object + gitRepo: + description: 'gitRepo represents a git repository + at a particular revision. DEPRECATED: GitRepo + is deprecated. To provision a container with a + git repo, mount an EmptyDir into an InitContainer + that clones the repo using git, then mount the + EmptyDir into the Pod''s container.' + properties: + directory: + description: directory is the target directory + name. Must not contain or start with '..'. If + '.' is supplied, the volume directory will + be the git repository. Otherwise, if specified, + the volume will contain the git repository + in the subdirectory with the given name. + type: string + repository: + description: repository is the URL + type: string + revision: + description: revision is the commit hash for + the specified revision. + type: string + required: + - repository + type: object + glusterfs: + description: 'glusterfs represents a Glusterfs mount + on the host that shares a pod''s lifetime. More + info: https://examples.k8s.io/volumes/glusterfs/README.md' + properties: + endpoints: + description: 'endpoints is the endpoint name + that details Glusterfs topology. More info: + https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' + type: string + path: + description: 'path is the Glusterfs volume path. + More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' + type: string + readOnly: + description: 'readOnly here will force the Glusterfs + volume to be mounted with read-only permissions. + Defaults to false. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' + type: boolean + required: + - endpoints + - path + type: object + hostPath: + description: 'hostPath represents a pre-existing + file or directory on the host machine that is + directly exposed to the container. This is generally + used for system agents or other privileged things + that are allowed to see the host machine. Most + containers will NOT need this. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath + --- TODO(jonesdl) We need to restrict who can + use host directory mounts and who can/can not + mount host directories as read/write.' + properties: + path: + description: 'path of the directory on the host. + If the path is a symlink, it will follow the + link to the real path. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath' + type: string + type: + description: 'type for HostPath Volume Defaults + to "" More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath' + type: string + required: + - path + type: object + iscsi: + description: 'iscsi represents an ISCSI Disk resource + that is attached to a kubelet''s host machine + and then exposed to the pod. More info: https://examples.k8s.io/volumes/iscsi/README.md' + properties: + chapAuthDiscovery: + description: chapAuthDiscovery defines whether + support iSCSI Discovery CHAP authentication + type: boolean + chapAuthSession: + description: chapAuthSession defines whether + support iSCSI Session CHAP authentication + type: boolean + fsType: + description: 'fsType is the filesystem type + of the volume that you want to mount. Tip: + Ensure that the filesystem type is supported + by the host operating system. Examples: "ext4", + "xfs", "ntfs". Implicitly inferred to be "ext4" + if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi + TODO: how do we prevent errors in the filesystem + from compromising the machine' + type: string + initiatorName: + description: initiatorName is the custom iSCSI + Initiator Name. If initiatorName is specified + with iscsiInterface simultaneously, new iSCSI + interface : will + be created for the connection. + type: string + iqn: + description: iqn is the target iSCSI Qualified + Name. + type: string + iscsiInterface: + description: iscsiInterface is the interface + Name that uses an iSCSI transport. Defaults + to 'default' (tcp). + type: string + lun: + description: lun represents iSCSI Target Lun + number. + format: int32 + type: integer + portals: + description: portals is the iSCSI Target Portal + List. The portal is either an IP or ip_addr:port + if the port is other than default (typically + TCP ports 860 and 3260). + items: + type: string + type: array + readOnly: + description: readOnly here will force the ReadOnly + setting in VolumeMounts. Defaults to false. + type: boolean + secretRef: + description: secretRef is the CHAP Secret for + iSCSI target and initiator authentication + properties: + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + type: object + x-kubernetes-map-type: atomic + targetPortal: + description: targetPortal is iSCSI Target Portal. + The Portal is either an IP or ip_addr:port + if the port is other than default (typically + TCP ports 860 and 3260). + type: string + required: + - iqn + - lun + - targetPortal + type: object + name: + description: 'name of the volume. Must be a DNS_LABEL + and unique within the pod. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + nfs: + description: 'nfs represents an NFS mount on the + host that shares a pod''s lifetime More info: + https://kubernetes.io/docs/concepts/storage/volumes#nfs' + properties: + path: + description: 'path that is exported by the NFS + server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' + type: string + readOnly: + description: 'readOnly here will force the NFS + export to be mounted with read-only permissions. + Defaults to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' + type: boolean + server: + description: 'server is the hostname or IP address + of the NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' + type: string + required: + - path + - server + type: object + persistentVolumeClaim: + description: 'persistentVolumeClaimVolumeSource + represents a reference to a PersistentVolumeClaim + in the same namespace. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' + properties: + claimName: + description: 'claimName is the name of a PersistentVolumeClaim + in the same namespace as the pod using this + volume. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' + type: string + readOnly: + description: readOnly Will force the ReadOnly + setting in VolumeMounts. Default false. + type: boolean + required: + - claimName + type: object + photonPersistentDisk: + description: photonPersistentDisk represents a PhotonController + persistent disk attached and mounted on kubelets + host machine + properties: + fsType: + description: fsType is the filesystem type to + mount. Must be a filesystem type supported + by the host operating system. Ex. "ext4", + "xfs", "ntfs". Implicitly inferred to be "ext4" + if unspecified. + type: string + pdID: + description: pdID is the ID that identifies + Photon Controller persistent disk + type: string + required: + - pdID + type: object + portworxVolume: + description: portworxVolume represents a portworx + volume attached and mounted on kubelets host machine + properties: + fsType: + description: fSType represents the filesystem + type to mount Must be a filesystem type supported + by the host operating system. Ex. "ext4", + "xfs". Implicitly inferred to be "ext4" if + unspecified. + type: string + readOnly: + description: readOnly defaults to false (read/write). + ReadOnly here will force the ReadOnly setting + in VolumeMounts. + type: boolean + volumeID: + description: volumeID uniquely identifies a + Portworx volume + type: string + required: + - volumeID + type: object + projected: + description: projected items for all in one resources + secrets, configmaps, and downward API + properties: + defaultMode: + description: defaultMode are the mode bits used + to set permissions on created files by default. + Must be an octal value between 0000 and 0777 + or a decimal value between 0 and 511. YAML + accepts both octal and decimal values, JSON + requires decimal values for mode bits. Directories + within the path are not affected by this setting. + This might be in conflict with other options + that affect the file mode, like fsGroup, and + the result can be other mode bits set. + format: int32 + type: integer + sources: + description: sources is the list of volume projections + items: + description: Projection that may be projected + along with other supported volume types + properties: + configMap: + description: configMap information about + the configMap data to project + properties: + items: + description: items if unspecified, + each key-value pair in the Data + field of the referenced ConfigMap + will be projected into the volume + as a file whose name is the key + and content is the value. If specified, + the listed keys will be projected + into the specified paths, and unlisted + keys will not be present. If a key + is specified which is not present + in the ConfigMap, the volume setup + will error unless it is marked optional. + Paths must be relative and may not + contain the '..' path or start with + '..'. + items: + description: Maps a string key to + a path within a volume. + properties: + key: + description: key is the key + to project. + type: string + mode: + description: 'mode is Optional: + mode bits used to set permissions + on this file. Must be an octal + value between 0000 and 0777 + or a decimal value between + 0 and 511. YAML accepts both + octal and decimal values, + JSON requires decimal values + for mode bits. If not specified, + the volume defaultMode will + be used. This might be in + conflict with other options + that affect the file mode, + like fsGroup, and the result + can be other mode bits set.' + format: int32 + type: integer + path: + description: path is the relative + path of the file to map the + key to. May not be an absolute + path. May not contain the + path element '..'. May not + start with the string '..'. + type: string + required: + - key + - path + type: object + type: array + name: + description: 'Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: optional specify whether + the ConfigMap or its keys must be + defined + type: boolean + type: object + x-kubernetes-map-type: atomic + downwardAPI: + description: downwardAPI information about + the downwardAPI data to project + properties: + items: + description: Items is a list of DownwardAPIVolume + file + items: + description: DownwardAPIVolumeFile + represents information to create + the file containing the pod field + properties: + fieldRef: + description: 'Required: Selects + a field of the pod: only annotations, + labels, name and namespace + are supported.' + properties: + apiVersion: + description: Version of + the schema the FieldPath + is written in terms of, + defaults to "v1". + type: string + fieldPath: + description: Path of the + field to select in the + specified API version. + type: string + required: + - fieldPath + type: object + x-kubernetes-map-type: atomic + mode: + description: 'Optional: mode + bits used to set permissions + on this file, must be an octal + value between 0000 and 0777 + or a decimal value between + 0 and 511. YAML accepts both + octal and decimal values, + JSON requires decimal values + for mode bits. If not specified, + the volume defaultMode will + be used. This might be in + conflict with other options + that affect the file mode, + like fsGroup, and the result + can be other mode bits set.' + format: int32 + type: integer + path: + description: 'Required: Path + is the relative path name + of the file to be created. + Must not be absolute or contain + the ''..'' path. Must be utf-8 + encoded. The first item of + the relative path must not + start with ''..''' + type: string + resourceFieldRef: + description: 'Selects a resource + of the container: only resources + limits and requests (limits.cpu, + limits.memory, requests.cpu + and requests.memory) are currently + supported.' + properties: + containerName: + description: 'Container + name: required for volumes, + optional for env vars' + type: string + divisor: + anyOf: + - type: integer + - type: string + description: Specifies the + output format of the exposed + resources, defaults to + "1" + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + description: 'Required: + resource to select' + type: string + required: + - resource + type: object + x-kubernetes-map-type: atomic + required: + - path + type: object + type: array + type: object + secret: + description: secret information about + the secret data to project + properties: + items: + description: items if unspecified, + each key-value pair in the Data + field of the referenced Secret will + be projected into the volume as + a file whose name is the key and + content is the value. If specified, + the listed keys will be projected + into the specified paths, and unlisted + keys will not be present. If a key + is specified which is not present + in the Secret, the volume setup + will error unless it is marked optional. + Paths must be relative and may not + contain the '..' path or start with + '..'. + items: + description: Maps a string key to + a path within a volume. + properties: + key: + description: key is the key + to project. + type: string + mode: + description: 'mode is Optional: + mode bits used to set permissions + on this file. Must be an octal + value between 0000 and 0777 + or a decimal value between + 0 and 511. YAML accepts both + octal and decimal values, + JSON requires decimal values + for mode bits. If not specified, + the volume defaultMode will + be used. This might be in + conflict with other options + that affect the file mode, + like fsGroup, and the result + can be other mode bits set.' + format: int32 + type: integer + path: + description: path is the relative + path of the file to map the + key to. May not be an absolute + path. May not contain the + path element '..'. May not + start with the string '..'. + type: string + required: + - key + - path + type: object + type: array + name: + description: 'Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: optional field specify + whether the Secret or its key must + be defined + type: boolean + type: object + x-kubernetes-map-type: atomic + serviceAccountToken: + description: serviceAccountToken is information + about the serviceAccountToken data to + project + properties: + audience: + description: audience is the intended + audience of the token. A recipient + of a token must identify itself + with an identifier specified in + the audience of the token, and otherwise + should reject the token. The audience + defaults to the identifier of the + apiserver. + type: string + expirationSeconds: + description: expirationSeconds is + the requested duration of validity + of the service account token. As + the token approaches expiration, + the kubelet volume plugin will proactively + rotate the service account token. + The kubelet will start trying to + rotate the token if the token is + older than 80 percent of its time + to live or if the token is older + than 24 hours.Defaults to 1 hour + and must be at least 10 minutes. + format: int64 + type: integer + path: + description: path is the path relative + to the mount point of the file to + project the token into. + type: string + required: + - path + type: object + type: object + type: array + type: object + quobyte: + description: quobyte represents a Quobyte mount + on the host that shares a pod's lifetime + properties: + group: + description: group to map volume access to Default + is no group + type: string + readOnly: + description: readOnly here will force the Quobyte + volume to be mounted with read-only permissions. + Defaults to false. + type: boolean + registry: + description: registry represents a single or + multiple Quobyte Registry services specified + as a string as host:port pair (multiple entries + are separated with commas) which acts as the + central registry for volumes + type: string + tenant: + description: tenant owning the given Quobyte + volume in the Backend Used with dynamically + provisioned Quobyte volumes, value is set + by the plugin + type: string + user: + description: user to map volume access to Defaults + to serivceaccount user + type: string + volume: + description: volume is a string that references + an already created Quobyte volume by name. + type: string + required: + - registry + - volume + type: object + rbd: + description: 'rbd represents a Rados Block Device + mount on the host that shares a pod''s lifetime. + More info: https://examples.k8s.io/volumes/rbd/README.md' + properties: + fsType: + description: 'fsType is the filesystem type + of the volume that you want to mount. Tip: + Ensure that the filesystem type is supported + by the host operating system. Examples: "ext4", + "xfs", "ntfs". Implicitly inferred to be "ext4" + if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#rbd + TODO: how do we prevent errors in the filesystem + from compromising the machine' + type: string + image: + description: 'image is the rados image name. + More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' + type: string + keyring: + description: 'keyring is the path to key ring + for RBDUser. Default is /etc/ceph/keyring. + More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' + type: string + monitors: + description: 'monitors is a collection of Ceph + monitors. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' + items: + type: string + type: array + pool: + description: 'pool is the rados pool name. Default + is rbd. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' + type: string + readOnly: + description: 'readOnly here will force the ReadOnly + setting in VolumeMounts. Defaults to false. + More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' + type: boolean + secretRef: + description: 'secretRef is name of the authentication + secret for RBDUser. If provided overrides + keyring. Default is nil. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' + properties: + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + type: object + x-kubernetes-map-type: atomic + user: + description: 'user is the rados user name. Default + is admin. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' + type: string + required: + - image + - monitors + type: object + scaleIO: + description: scaleIO represents a ScaleIO persistent + volume attached and mounted on Kubernetes nodes. + properties: + fsType: + description: fsType is the filesystem type to + mount. Must be a filesystem type supported + by the host operating system. Ex. "ext4", + "xfs", "ntfs". Default is "xfs". + type: string + gateway: + description: gateway is the host address of + the ScaleIO API Gateway. + type: string + protectionDomain: + description: protectionDomain is the name of + the ScaleIO Protection Domain for the configured + storage. + type: string + readOnly: + description: readOnly Defaults to false (read/write). + ReadOnly here will force the ReadOnly setting + in VolumeMounts. + type: boolean + secretRef: + description: secretRef references to the secret + for ScaleIO user and other sensitive information. + If this is not provided, Login operation will + fail. + properties: + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + type: object + x-kubernetes-map-type: atomic + sslEnabled: + description: sslEnabled Flag enable/disable + SSL communication with Gateway, default false + type: boolean + storageMode: + description: storageMode indicates whether the + storage for a volume should be ThickProvisioned + or ThinProvisioned. Default is ThinProvisioned. + type: string + storagePool: + description: storagePool is the ScaleIO Storage + Pool associated with the protection domain. + type: string + system: + description: system is the name of the storage + system as configured in ScaleIO. + type: string + volumeName: + description: volumeName is the name of a volume + already created in the ScaleIO system that + is associated with this volume source. + type: string + required: + - gateway + - secretRef + - system + type: object + secret: + description: 'secret represents a secret that should + populate this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' + properties: + defaultMode: + description: 'defaultMode is Optional: mode + bits used to set permissions on created files + by default. Must be an octal value between + 0000 and 0777 or a decimal value between 0 + and 511. YAML accepts both octal and decimal + values, JSON requires decimal values for mode + bits. Defaults to 0644. Directories within + the path are not affected by this setting. + This might be in conflict with other options + that affect the file mode, like fsGroup, and + the result can be other mode bits set.' + format: int32 + type: integer + items: + description: items If unspecified, each key-value + pair in the Data field of the referenced Secret + will be projected into the volume as a file + whose name is the key and content is the value. + If specified, the listed keys will be projected + into the specified paths, and unlisted keys + will not be present. If a key is specified + which is not present in the Secret, the volume + setup will error unless it is marked optional. + Paths must be relative and may not contain + the '..' path or start with '..'. + items: + description: Maps a string key to a path within + a volume. + properties: + key: + description: key is the key to project. + type: string + mode: + description: 'mode is Optional: mode bits + used to set permissions on this file. + Must be an octal value between 0000 + and 0777 or a decimal value between + 0 and 511. YAML accepts both octal and + decimal values, JSON requires decimal + values for mode bits. If not specified, + the volume defaultMode will be used. + This might be in conflict with other + options that affect the file mode, like + fsGroup, and the result can be other + mode bits set.' + format: int32 + type: integer + path: + description: path is the relative path + of the file to map the key to. May not + be an absolute path. May not contain + the path element '..'. May not start + with the string '..'. + type: string + required: + - key + - path + type: object + type: array + optional: + description: optional field specify whether + the Secret or its keys must be defined + type: boolean + secretName: + description: 'secretName is the name of the + secret in the pod''s namespace to use. More + info: https://kubernetes.io/docs/concepts/storage/volumes#secret' + type: string + type: object + storageos: + description: storageOS represents a StorageOS volume + attached and mounted on Kubernetes nodes. + properties: + fsType: + description: fsType is the filesystem type to + mount. Must be a filesystem type supported + by the host operating system. Ex. "ext4", + "xfs", "ntfs". Implicitly inferred to be "ext4" + if unspecified. + type: string + readOnly: + description: readOnly defaults to false (read/write). + ReadOnly here will force the ReadOnly setting + in VolumeMounts. + type: boolean + secretRef: + description: secretRef specifies the secret + to use for obtaining the StorageOS API credentials. If + not specified, default values will be attempted. + properties: + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + type: object + x-kubernetes-map-type: atomic + volumeName: + description: volumeName is the human-readable + name of the StorageOS volume. Volume names + are only unique within a namespace. + type: string + volumeNamespace: + description: volumeNamespace specifies the scope + of the volume within StorageOS. If no namespace + is specified then the Pod's namespace will + be used. This allows the Kubernetes name + scoping to be mirrored within StorageOS for + tighter integration. Set VolumeName to any + name to override the default behaviour. Set + to "default" if you are not using namespaces + within StorageOS. Namespaces that do not pre-exist + within StorageOS will be created. + type: string + type: object + vsphereVolume: + description: vsphereVolume represents a vSphere + volume attached and mounted on kubelets host machine + properties: + fsType: + description: fsType is filesystem type to mount. + Must be a filesystem type supported by the + host operating system. Ex. "ext4", "xfs", + "ntfs". Implicitly inferred to be "ext4" if + unspecified. + type: string + storagePolicyID: + description: storagePolicyID is the storage + Policy Based Management (SPBM) profile ID + associated with the StoragePolicyName. + type: string + storagePolicyName: + description: storagePolicyName is the storage + Policy Based Management (SPBM) profile name. + type: string + volumePath: + description: volumePath is the path that identifies + vSphere volume vmdk + type: string + required: + - volumePath + type: object + required: + - name + type: object + type: array + required: + - containers + type: object + type: object + ttlSecondsAfterFinished: + description: ttlSecondsAfterFinished limits the lifetime of a + Job that has finished execution (either Complete or Failed). + If this field is set, ttlSecondsAfterFinished after the Job + finishes, it is eligible to be automatically deleted. When the + Job is being deleted, its lifecycle guarantees (e.g. finalizers) + will be honored. If this field is unset, the Job won't be automatically + deleted. If this field is set to zero, the Job becomes eligible + to be deleted immediately after it finishes. + format: int32 + type: integer + required: + - template + type: object + maxReplicaCount: + format: int32 + type: integer + minReplicaCount: + format: int32 + type: integer + pollingInterval: + format: int32 + type: integer + rollout: + description: Rollout defines the strategy for job rollouts + properties: + propagationPolicy: + type: string + strategy: + type: string + type: object + rolloutStrategy: + type: string + scalingStrategy: + description: ScalingStrategy defines the strategy of Scaling + properties: + customScalingQueueLengthDeduction: + format: int32 + type: integer + customScalingRunningJobPercentage: + type: string + multipleScalersCalculation: + type: string + pendingPodConditions: + items: + type: string + type: array + strategy: + type: string + type: object + successfulJobsHistoryLimit: + format: int32 + type: integer + triggers: + items: + description: ScaleTriggers reference the scaler that will be used + properties: + authenticationRef: + description: AuthenticationRef points to the TriggerAuthentication + or ClusterTriggerAuthentication object that is used to authenticate + the scaler with the environment + properties: + kind: + description: Kind of the resource being referred to. Defaults + to TriggerAuthentication. + type: string + name: + type: string + required: + - name + type: object + metadata: + additionalProperties: + type: string + type: object + name: + type: string + type: + type: string + useCachedMetrics: + type: boolean + required: + - metadata + - type + type: object + type: array + required: + - jobTargetRef + - triggers + type: object + status: + description: ScaledJobStatus defines the observed state of ScaledJob + properties: + Paused: + type: string + conditions: + description: Conditions an array representation to store multiple + Conditions + items: + description: Condition to store the condition state + properties: + message: + description: A human readable message indicating details about + the transition. + type: string + reason: + description: The reason for the condition's last transition. + type: string + status: + description: Status of the condition, one of True, False, Unknown. + type: string + type: + description: Type of condition + type: string + required: + - status + - type + type: object + type: array + lastActiveTime: + format: date-time + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.13.0 + labels: + app.kubernetes.io/part-of: keda-olm-operator + app.kubernetes.io/version: main + name: scaledobjects.keda.sh +spec: + group: keda.sh + names: + kind: ScaledObject + listKind: ScaledObjectList + plural: scaledobjects + shortNames: + - so + singular: scaledobject + scope: Namespaced + versions: + - additionalPrinterColumns: + - jsonPath: .status.scaleTargetKind + name: ScaleTargetKind + type: string + - jsonPath: .spec.scaleTargetRef.name + name: ScaleTargetName + type: string + - jsonPath: .spec.minReplicaCount + name: Min + type: integer + - jsonPath: .spec.maxReplicaCount + name: Max + type: integer + - jsonPath: .spec.triggers[*].type + name: Triggers + type: string + - jsonPath: .spec.triggers[*].authenticationRef.name + name: Authentication + type: string + - jsonPath: .status.conditions[?(@.type=="Ready")].status + name: Ready + type: string + - jsonPath: .status.conditions[?(@.type=="Active")].status + name: Active + type: string + - jsonPath: .status.conditions[?(@.type=="Fallback")].status + name: Fallback + type: string + - jsonPath: .status.conditions[?(@.type=="Paused")].status + name: Paused + type: string + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1alpha1 + schema: + openAPIV3Schema: + description: ScaledObject is a specification for a ScaledObject resource + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: ScaledObjectSpec is the spec for a ScaledObject resource + properties: + advanced: + description: AdvancedConfig specifies advance scaling options + properties: + horizontalPodAutoscalerConfig: + description: HorizontalPodAutoscalerConfig specifies horizontal + scale config + properties: + behavior: + description: HorizontalPodAutoscalerBehavior configures the + scaling behavior of the target in both Up and Down directions + (scaleUp and scaleDown fields respectively). + properties: + scaleDown: + description: scaleDown is scaling policy for scaling Down. + If not set, the default value is to allow to scale down + to minReplicas pods, with a 300 second stabilization + window (i.e., the highest recommendation for the last + 300sec is used). + properties: + policies: + description: policies is a list of potential scaling + polices which can be used during scaling. At least + one policy must be specified, otherwise the HPAScalingRules + will be discarded as invalid + items: + description: HPAScalingPolicy is a single policy + which must hold true for a specified past interval. + properties: + periodSeconds: + description: periodSeconds specifies the window + of time for which the policy should hold true. + PeriodSeconds must be greater than zero and + less than or equal to 1800 (30 min). + format: int32 + type: integer + type: + description: type is used to specify the scaling + policy. + type: string + value: + description: value contains the amount of change + which is permitted by the policy. It must + be greater than zero + format: int32 + type: integer + required: + - periodSeconds + - type + - value + type: object + type: array + x-kubernetes-list-type: atomic + selectPolicy: + description: selectPolicy is used to specify which + policy should be used. If not set, the default value + Max is used. + type: string + stabilizationWindowSeconds: + description: 'stabilizationWindowSeconds is the number + of seconds for which past recommendations should + be considered while scaling up or scaling down. + StabilizationWindowSeconds must be greater than + or equal to zero and less than or equal to 3600 + (one hour). If not set, use the default values: + - For scale up: 0 (i.e. no stabilization is done). + - For scale down: 300 (i.e. the stabilization window + is 300 seconds long).' + format: int32 + maximum: 3600 + minimum: 0 + type: integer + type: object + scaleUp: + description: 'scaleUp is scaling policy for scaling Up. + If not set, the default value is the higher of: * increase + no more than 4 pods per 60 seconds * double the number + of pods per 60 seconds No stabilization is used.' + properties: + policies: + description: policies is a list of potential scaling + polices which can be used during scaling. At least + one policy must be specified, otherwise the HPAScalingRules + will be discarded as invalid + items: + description: HPAScalingPolicy is a single policy + which must hold true for a specified past interval. + properties: + periodSeconds: + description: periodSeconds specifies the window + of time for which the policy should hold true. + PeriodSeconds must be greater than zero and + less than or equal to 1800 (30 min). + format: int32 + type: integer + type: + description: type is used to specify the scaling + policy. + type: string + value: + description: value contains the amount of change + which is permitted by the policy. It must + be greater than zero + format: int32 + type: integer + required: + - periodSeconds + - type + - value + type: object + type: array + x-kubernetes-list-type: atomic + selectPolicy: + description: selectPolicy is used to specify which + policy should be used. If not set, the default value + Max is used. + type: string + stabilizationWindowSeconds: + description: 'stabilizationWindowSeconds is the number + of seconds for which past recommendations should + be considered while scaling up or scaling down. + StabilizationWindowSeconds must be greater than + or equal to zero and less than or equal to 3600 + (one hour). If not set, use the default values: + - For scale up: 0 (i.e. no stabilization is done). + - For scale down: 300 (i.e. the stabilization window + is 300 seconds long).' + format: int32 + maximum: 3600 + minimum: 0 + type: integer + type: object + type: object + name: + type: string + type: object + restoreToOriginalReplicaCount: + type: boolean + scalingModifiers: + description: ScalingModifiers describes advanced scaling logic + options like formula + properties: + activationTarget: + type: string + formula: + type: string + metricType: + description: MetricTargetType specifies the type of metric + being targeted, and should be either "Value", "AverageValue", + or "Utilization" + type: string + target: + type: string + type: object + type: object + cooldownPeriod: + format: int32 + type: integer + fallback: + description: Fallback is the spec for fallback options + properties: + failureThreshold: + format: int32 + type: integer + replicas: + format: int32 + type: integer + required: + - failureThreshold + - replicas + type: object + idleReplicaCount: + format: int32 + type: integer + maxReplicaCount: + format: int32 + type: integer + minReplicaCount: + format: int32 + type: integer + pollingInterval: + format: int32 + type: integer + scaleTargetRef: + description: ScaleTarget holds the reference to the scale target Object + properties: + apiVersion: + type: string + envSourceContainerName: + type: string + kind: + type: string + name: + type: string + required: + - name + type: object + triggers: + items: + description: ScaleTriggers reference the scaler that will be used + properties: + authenticationRef: + description: AuthenticationRef points to the TriggerAuthentication + or ClusterTriggerAuthentication object that is used to authenticate + the scaler with the environment + properties: + kind: + description: Kind of the resource being referred to. Defaults + to TriggerAuthentication. + type: string + name: + type: string + required: + - name + type: object + metadata: + additionalProperties: + type: string + type: object + metricType: + description: MetricTargetType specifies the type of metric being + targeted, and should be either "Value", "AverageValue", or + "Utilization" + type: string + name: + type: string + type: + type: string + useCachedMetrics: + type: boolean + required: + - metadata + - type + type: object + type: array + required: + - scaleTargetRef + - triggers + type: object + status: + description: ScaledObjectStatus is the status for a ScaledObject resource + properties: + compositeScalerName: + type: string + conditions: + description: Conditions an array representation to store multiple + Conditions + items: + description: Condition to store the condition state + properties: + message: + description: A human readable message indicating details about + the transition. + type: string + reason: + description: The reason for the condition's last transition. + type: string + status: + description: Status of the condition, one of True, False, Unknown. + type: string + type: + description: Type of condition + type: string + required: + - status + - type + type: object + type: array + externalMetricNames: + items: + type: string + type: array + health: + additionalProperties: + description: HealthStatus is the status for a ScaledObject's health + properties: + numberOfFailures: + format: int32 + type: integer + status: + description: HealthStatusType is an indication of whether the + health status is happy or failing + type: string + type: object + type: object + hpaName: + type: string + lastActiveTime: + format: date-time + type: string + originalReplicaCount: + format: int32 + type: integer + pausedReplicaCount: + format: int32 + type: integer + resourceMetricNames: + items: + type: string + type: array + scaleTargetGVKR: + description: GroupVersionKindResource provides unified structure for + schema.GroupVersionKind and Resource + properties: + group: + type: string + kind: + type: string + resource: + type: string + version: + type: string + required: + - group + - kind + - resource + - version + type: object + scaleTargetKind: + type: string + type: object + required: + - spec + type: object + served: true + storage: true + subresources: + status: {} +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.13.0 + labels: + app.kubernetes.io/part-of: keda-olm-operator + app.kubernetes.io/version: main + name: triggerauthentications.keda.sh +spec: + group: keda.sh + names: + kind: TriggerAuthentication + listKind: TriggerAuthenticationList + plural: triggerauthentications + shortNames: + - ta + - triggerauth + singular: triggerauthentication + scope: Namespaced + versions: + - additionalPrinterColumns: + - jsonPath: .spec.podIdentity.provider + name: PodIdentity + type: string + - jsonPath: .spec.secretTargetRef[*].name + name: Secret + type: string + - jsonPath: .spec.env[*].name + name: Env + type: string + - jsonPath: .spec.hashiCorpVault.address + name: VaultAddress + type: string + - jsonPath: .status.scaledobjects + name: ScaledObjects + priority: 1 + type: string + - jsonPath: .status.scaledjobs + name: ScaledJobs + priority: 1 + type: string + name: v1alpha1 + schema: + openAPIV3Schema: + description: TriggerAuthentication defines how a trigger can authenticate + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: TriggerAuthenticationSpec defines the various ways to authenticate + properties: + azureKeyVault: + description: AzureKeyVault is used to authenticate using Azure Key + Vault + properties: + cloud: + properties: + activeDirectoryEndpoint: + type: string + keyVaultResourceURL: + type: string + type: + type: string + required: + - type + type: object + credentials: + properties: + clientId: + type: string + clientSecret: + properties: + valueFrom: + properties: + secretKeyRef: + properties: + key: + type: string + name: + type: string + required: + - key + - name + type: object + required: + - secretKeyRef + type: object + required: + - valueFrom + type: object + tenantId: + type: string + required: + - clientId + - clientSecret + - tenantId + type: object + podIdentity: + description: AuthPodIdentity allows users to select the platform + native identity mechanism + properties: + identityId: + type: string + provider: + description: PodIdentityProvider contains the list of providers + type: string + required: + - provider + type: object + secrets: + items: + properties: + name: + type: string + parameter: + type: string + version: + type: string + required: + - name + - parameter + type: object + type: array + vaultUri: + type: string + required: + - secrets + - vaultUri + type: object + env: + items: + description: AuthEnvironment is used to authenticate using environment + variables in the destination ScaleTarget spec + properties: + containerName: + type: string + name: + type: string + parameter: + type: string + required: + - name + - parameter + type: object + type: array + hashiCorpVault: + description: HashiCorpVault is used to authenticate using Hashicorp + Vault + properties: + address: + type: string + authentication: + description: VaultAuthentication contains the list of Hashicorp + Vault authentication methods + type: string + credential: + description: Credential defines the Hashicorp Vault credentials + depending on the authentication method + properties: + serviceAccount: + type: string + token: + type: string + type: object + mount: + type: string + namespace: + type: string + role: + type: string + secrets: + items: + description: VaultSecret defines the mapping between the path + of the secret in Vault to the parameter + properties: + key: + type: string + parameter: + type: string + path: + type: string + required: + - key + - parameter + - path + type: object + type: array + required: + - address + - authentication + - secrets + type: object + podIdentity: + description: AuthPodIdentity allows users to select the platform native + identity mechanism + properties: + identityId: + type: string + provider: + description: PodIdentityProvider contains the list of providers + type: string + required: + - provider + type: object + secretTargetRef: + items: + description: AuthSecretTargetRef is used to authenticate using a + reference to a secret + properties: + key: + type: string + name: + type: string + parameter: + type: string + required: + - key + - name + - parameter + type: object + type: array + type: object + status: + description: TriggerAuthenticationStatus defines the observed state of + TriggerAuthentication + properties: + scaledjobs: + type: string + scaledobjects: + type: string + type: object + required: + - spec + type: object + served: true + storage: true + subresources: + status: {} +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + labels: + app.kubernetes.io/part-of: keda-olm-operator + app.kubernetes.io/version: main + name: keda-olm-operator + namespace: keda +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + labels: + app.kubernetes.io/name: keda-operator + app.kubernetes.io/part-of: keda-olm-operator + app.kubernetes.io/version: main + name: keda-olm-operator +rules: +- apiGroups: + - "" + resources: + - configmaps + - endpoints + - events + - namespaces + - persistentvolumeclaims + - pods + - secrets + - serviceaccounts + - services + - services/finalizers + verbs: + - '*' +- apiGroups: + - admissionregistration.k8s.io + resources: + - validatingwebhookconfigurations + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - apiregistration.k8s.io + resources: + - apiservices + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - apps + resources: + - daemonsets + - deployments + - replicasets + - statefulsets + verbs: + - '*' +- apiGroups: + - apps + resourceNames: + - keda-olm-operator + resources: + - deployments/finalizers + verbs: + - '*' +- apiGroups: + - coordination.k8s.io + resources: + - leases + verbs: + - '*' +- apiGroups: + - keda.sh + resources: + - kedacontrollers + - kedacontrollers/finalizers + - kedacontrollers/status + verbs: + - '*' +- apiGroups: + - monitoring.coreos.com + resources: + - podmonitors + - servicemonitors + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - rbac.authorization.k8s.io + resources: + - clusterrolebindings + - clusterroles + - rolebindings + - roles + verbs: + - '*' +- apiGroups: + - route.openshift.io + resources: + - routes + verbs: + - '*' + - list +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + labels: + app.kubernetes.io/part-of: keda-olm-operator + app.kubernetes.io/version: main + name: keda-olm-operator +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: keda-olm-operator +subjects: +- kind: ServiceAccount + name: keda-olm-operator + namespace: keda +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + labels: + app.kubernetes.io/part-of: keda-olm-operator + app.kubernetes.io/version: main + name: keda-olm-operator + namespace: keda +spec: + replicas: 1 + selector: + matchLabels: + app.kubernetes.io/part-of: keda-olm-operator + app.kubernetes.io/version: main + name: keda-olm-operator + template: + metadata: + labels: + app.kubernetes.io/part-of: keda-olm-operator + app.kubernetes.io/version: main + name: keda-olm-operator + spec: + containers: + - args: + - --leader-elect + - --zap-log-level=info + - --zap-encoder=console + - --zap-time-encoding=rfc3339 + command: + - /manager + env: + - name: WATCH_NAMESPACE + value: keda + image: ghcr.io/kedacore/keda-olm-operator:main + imagePullPolicy: Always + livenessProbe: + httpGet: + path: /healthz + port: 8081 + initialDelaySeconds: 25 + name: keda-olm-operator + ports: + - containerPort: 8080 + name: http + protocol: TCP + readinessProbe: + httpGet: + path: /readyz + port: 8081 + initialDelaySeconds: 20 + resources: + limits: + cpu: 500m + memory: 1000Mi + requests: + cpu: 100m + memory: 100Mi + volumeMounts: + - mountPath: /certs + name: certificates + readOnly: true + serviceAccountName: keda-olm-operator + volumes: + - name: certificates + secret: + optional: true + secretName: kedaorg-certs diff --git a/data/kedacore_keda-olm-operator/scaledObjects-config.json b/data/kedacore_keda-olm-operator/scaledObjects-config.json new file mode 100644 index 0000000000..2d36f13884 --- /dev/null +++ b/data/kedacore_keda-olm-operator/scaledObjects-config.json @@ -0,0 +1,13 @@ +{"deploy": { + "steps": [ + { + "apply": { + "file": "data/kedacore_keda-olm-operator/operator.yaml", + "operator": true + } + } + ] +}, +"crd_name": "scaledobjects.keda.sh", +"seed_custom_resource": "data/kedacore_keda-olm-operator/scaledObjects-cr.yaml" +} \ No newline at end of file diff --git a/data/kedacore_keda-olm-operator/scaledObjects-cr.yaml b/data/kedacore_keda-olm-operator/scaledObjects-cr.yaml new file mode 100644 index 0000000000..a7b26af755 --- /dev/null +++ b/data/kedacore_keda-olm-operator/scaledObjects-cr.yaml @@ -0,0 +1,297 @@ +apiVersion: keda.sh/v1alpha1 +kind: KedaController +metadata: + name: test-cluster + namespace: keda +spec: + ### + # THERE SHOULD BE ONLY ONE INSTANCE OF THIS RESOURCE PER CLUSTER + # with Name set to 'keda' created in namespace 'keda' + ### + + ## Namespace that should be watched by KEDA, + # omit or set empty to watch all namespaces (default setting) + watchNamespace: "" + + ## KEDA Operator related config + operator: + ## Logging level for KEDA Operator + # allowed values: 'debug', 'info', 'error', or an integer value greater than 0, specified as string + # default value: info + logLevel: info + + ## Logging format for KEDA Operator + # allowed values are json and console + # default value: console + logEncoder: console + + ## Logging time encoding for KEDA Controller + # allowed values are `epoch`, `millis`, `nano`, `iso8601`, `rfc3339` or `rfc3339nano` + # default value: rfc3339 + # logTimeEncoding: rfc3339 + + ## Arbitrary arguments + # Define any argument with possibility to override already existing ones + # array of strings (format is either with prefix '--key=value' or just 'value') + # args: [] + + ## Annotations to be added to the KEDA Operator Deployment + # https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/ + # deploymentAnnotations: + # annotationKey: annotationValue + + ## Labels to be added to the KEDA Operator Deployment + # https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/ + # deploymentLabels: + # labelKey: labelValue + + ## Annotations to be added to the KEDA Operator Pod + # https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/ + # podAnnotations: + # annotationKey: annotationValue + + ## Labels to be added to the KEDA Operator Pod + # https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/ + # podLabels: + # labelKey: labelValue + + ## Node selector for pod scheduling for KEDA Operator + # https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/ + # nodeSelector: + # beta.kubernetes.io/os: linux + + ## Tolerations for pod scheduling for KEDA Operator + # https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/ + # tolerations: + # - key: "key1" + # operator: "Equal" + # value: "value1" + # effect: "NoSchedule" + # - key: "key1" + # operator: "Equal" + # value: "value1" + # effect: "NoExecute" + + ## Affinity for pod scheduling for KEDA Operator + # https://kubernetes.io/docs/tasks/configure-pod-container/assign-pods-nodes-using-node-affinity/ + # affinity: + # podAntiAffinity: + # requiredDuringSchedulingIgnoredDuringExecution: + # - labelSelector: + # matchExpressions: + # - key: app + # operator: In + # values: + # - keda-operator + # - keda-operator-metrics-apiserver + # topologyKey: "kubernetes.io/hostname" + + ## Pod priority for KEDA Operator + # https://kubernetes.io/docs/concepts/configuration/pod-priority-preemption/ + # priorityClassName: high-priority + + ## Manage resource requests & limits for KEDA Operator + # https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + # resourcesKedaOperator: + # requests: + # cpu: 100m + # memory: 100Mi + # limits: + # cpu: 1000m + # memory: 1000Mi + + ## KEDA Metrics Server related config + metricsServer: + ## Logging level for Metrics Server + # allowed values: "0" for info, "4" for debug, or an integer value greater than 0, specified as string + # default value: "0" + logLevel: "0" + + ## Arbitrary arguments + # Define any argument with possibility to override already existing ones + # array of strings (format is either with prefix '--key=value' or just 'value') + # args: [] + + ## Audit Config + # https://kubernetes.io/docs/tasks/debug/debug-cluster/audit/#audit-policy + # Define basic arguments for auditing log files. If needed, more complex flags + # can be set via 'Args' field manually. + # Non-empty 'policy' field is mandatory to enable logging. + # If 'logOutputVolumeClaim' is empty the audit log is printed to stdout, + # otherwise it points to the user defined PersistentVolumeClaim resource name. + # auditConfig: + # logFormat: "json" + # logOutputVolumeClaim: "persistentVolumeClaimName" + # policy: + # rules: + # - level: Metadata + # omitStages: "RequestReceived" + # omitManagedFields: false + # lifetime: + # maxAge: "2" + # maxBackup: "1" + # maxSize: "50" + + ## Annotations to be added to the KEDA Metrics Server Deployment + # https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/ + # deploymentAnnotations: + # annotationKey: annotationValue + + ## Labels to be added to the KEDA Metrics Server Deployment + # https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/ + # deploymentLabels: + # labelKey: labelValue + + ## Annotations to be added to the KEDA Metrics Server Pod + # https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/ + # podAnnotations: + # annotationKey: annotationValue + + ## Labels to be added to the KEDA Metrics Server Pod + # https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/ + # podLabels: + # labelKey: labelValue + + ## Node selector for pod scheduling for Metrics Server + # https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/ + # nodeSelector: + # beta.kubernetes.io/os: linux + + ## Tolerations for pod scheduling for KEDA Metrics Server + # https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/ + # tolerations: + # - key: "key1" + # operator: "Equal" + # value: "value1" + # effect: "NoSchedule" + # - key: "key1" + # operator: "Equal" + # value: "value1" + # effect: "NoExecute" + + ## Affinity for pod scheduling for KEDA Metrics Server + # https://kubernetes.io/docs/tasks/configure-pod-container/assign-pods-nodes-using-node-affinity/ + # affinity: + # podAntiAffinity: + # requiredDuringSchedulingIgnoredDuringExecution: + # - labelSelector: + # matchExpressions: + # - key: app + # operator: In + # values: + # - keda-operator + # - keda-operator-metrics-apiserver + # topologyKey: "kubernetes.io/hostname" + + ## Pod priority for KEDA Metrics Server + # https://kubernetes.io/docs/concepts/configuration/pod-priority-preemption/ + # priorityClassName: high-priority + + ## Manage resource requests & limits for KEDA Metrics Server + # https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + # resourcesKedaOperator: + # requests: + # cpu: 100m + # memory: 100Mi + # limits: + # cpu: 1000m + # memory: 1000Mi + + ## KEDA Admission Webhooks related config + admissionWebhooks: + ## Logging level for KEDA Admission Webhooks + # allowed values: 'debug', 'info', 'error', or an integer value greater than 0, specified as string + # default value: info + logLevel: info + + ## Logging format for KEDA Admission Webhooks + # allowed values are json and console + # default value: console + logEncoder: console + + ## Logging time encoding for KEDA Admission Webhooks + # allowed values are `epoch`, `millis`, `nano`, `iso8601`, `rfc3339` or `rfc3339nano` + # default value: rfc3339 + # logTimeEncoding: rfc3339 + + ## Arbitrary arguments + # Define any argument with possibility to override already existing ones. + # Array of strings (format is either with prefix '--key=value' or just 'value') + # args: [] + + ## Annotations to be added to the KEDA Admission Webhooks Deployment + # https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/ + # deploymentAnnotations: + # annotationKey: annotationValue + + ## Labels to be added to the KEDA Admission Webhooks Deployment + # https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/ + # deploymentLabels: + # labelKey: labelValue + + ## Annotations to be added to the KEDA Admission Webhooks Pod + # https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/ + # podAnnotations: + # annotationKey: annotationValue + + ## Labels to be added to the KEDA Admission Webhooks Pod + # https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/ + # podLabels: + # labelKey: labelValue + + ## Node selector for pod scheduling for KEDA Admission Webhooks + # https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/ + # nodeSelector: + # beta.kubernetes.io/os: linux + + ## Tolerations for pod scheduling for KEDA Admission Webhooks + # https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/ + # tolerations: + # - key: "key1" + # operator: "Equal" + # value: "value1" + # effect: "NoSchedule" + # - key: "key1" + # operator: "Equal" + # value: "value1" + # effect: "NoExecute" + + ## Affinity for pod scheduling for KEDA Admission Webhooks + # https://kubernetes.io/docs/tasks/configure-pod-container/assign-pods-nodes-using-node-affinity/ + # affinity: + # podAntiAffinity: + # requiredDuringSchedulingIgnoredDuringExecution: + # - labelSelector: + # matchExpressions: + # - key: app + # operator: In + # values: + # - keda-operator + # - keda-operator-metrics-apiserver + # topologyKey: "kubernetes.io/hostname" + + ## Pod priority for KEDA Admission Webhooks + # https://kubernetes.io/docs/concepts/configuration/pod-priority-preemption/ + # priorityClassName: high-priority + + ## Manage resource requests & limits for KEDA Admission Webhooks + # https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + # resourcesKedaOperator: + # requests: + # cpu: 100m + # memory: 100Mi + # limits: + # cpu: 1000m + # memory: 1000Mi + + ## KEDA ServiceAccount related config + serviceAccount: + ## Annotations to be added to the Service Account + # https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/ + # annotations: + # annotationKey: annotationValue + + ## Labels to be added to the ServiceAccount + # https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/ + # labels: + # labelKey: labelValue From 576dc5c7497a6e1a5cf97ccc8c6324c44cd88f1d Mon Sep 17 00:00:00 2001 From: Chase Block Date: Mon, 11 Mar 2024 15:20:31 -0500 Subject: [PATCH 31/38] Add files for the grafana operator. Also modify log parser. (#344) * Add files for the grafana operator. Also modify log parser. * Rename log parser regex and add grafana's context --- acto/parse_log/parse_log.py | 12 + data/grafana_grafana-operator/config.json | 14 + data/grafana_grafana-operator/context.json | 7482 +++++++++++ .../grafana_grafana-operator/grafanas-cr.yaml | 16 + .../kustomize-cluster_scoped.yaml | 11046 ++++++++++++++++ 5 files changed, 18570 insertions(+) create mode 100644 data/grafana_grafana-operator/config.json create mode 100644 data/grafana_grafana-operator/context.json create mode 100644 data/grafana_grafana-operator/grafanas-cr.yaml create mode 100644 data/grafana_grafana-operator/kustomize-cluster_scoped.yaml diff --git a/acto/parse_log/parse_log.py b/acto/parse_log/parse_log.py index 5baac7ab43..35ba38fc82 100644 --- a/acto/parse_log/parse_log.py +++ b/acto/parse_log/parse_log.py @@ -45,6 +45,14 @@ logrus_regex += r'\s*$' # this is semi-auto generated by copilot, holy moly +# This one is similar to logr_special_regex and logrus_regex, but with some differences +# 2024-03-05T10:07:17Z ERROR GrafanaReconciler reconciler error in stage {"controller": "grafana", "controllerGroup": "grafana.integreatly.org", "controllerKind": "Grafana", "Grafana": {"name":"test-cluster","namespace":"grafana"}, "namespace": "grafana", "name": "test-cluster", "reconcileID": "5aa39e3e-d5d3-47fc-848d-c3d15dfbcc3d", "stage": "deployment", "error": "Deployment.apps \"test-cluster-deployment\" is invalid: [spec.template.spec.containers[0].image: Required value, spec.template.spec.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution[0].topologyKey: Required value: can not be empty, spec.template.spec.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution[0].topologyKey: Invalid value: \"\": name part must be non-empty, spec.template.spec.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution[0].topologyKey: Invalid value: \"\": name part must consist of alphanumeric characters, '-', '_' or '.', and must start and end with an alphanumeric character (e.g. 'MyName', or 'my.name', or '123-abc', regex used for validation is '([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9]')]"} +grafana_logr_regex = r'^\s*' +grafana_logr_regex += r'(\d{4}\-\d{2}\-\d{2}T\d{2}:\d{2}:\d{2}Z)' # Group 1: timestamp +grafana_logr_regex += r'\s+([A-Z]+)' # Group 2: level +grafana_logr_regex += r'\s+(\S+)' # Group 3: Source +grafana_logr_regex += r'\s+(.*?)' # Group 4: Message +grafana_logr_regex += r'\s*$' # Take up any remaining whitespace def parse_log(line: str) -> dict: '''Try to parse the log line with some predefined format @@ -89,6 +97,10 @@ def parse_log(line: str) -> dict: match = re.search(logrus_regex, line) log_line['level'] = match.group(2) log_line['msg'] = match.group(3) + elif re.search(grafana_logr_regex, line) != None: + match = re.search(grafana_logr_regex, line) + log_line['level'] = match.group(2).lower() + log_line['msg'] = match.group(4) else: try: log_line = json.loads(line) diff --git a/data/grafana_grafana-operator/config.json b/data/grafana_grafana-operator/config.json new file mode 100644 index 0000000000..b9186b630b --- /dev/null +++ b/data/grafana_grafana-operator/config.json @@ -0,0 +1,14 @@ +{ + "deploy": { + "steps": [ + { + "apply": { + "file": "data/grafana_grafana-operator/kustomize-cluster_scoped.yaml", + "operator": true + } + } + ] + }, + "crd_name": "grafanas.grafana.integreatly.org", + "seed_custom_resource": "data/grafana_grafana-operator/grafanas-cr.yaml" +} diff --git a/data/grafana_grafana-operator/context.json b/data/grafana_grafana-operator/context.json new file mode 100644 index 0000000000..b87d994faf --- /dev/null +++ b/data/grafana_grafana-operator/context.json @@ -0,0 +1,7482 @@ +{ + "crd": { + "body": { + "apiVersion": "apiextensions.k8s.io/v1", + "kind": "CustomResourceDefinition", + "metadata": { + "annotations": { + "controller-gen.kubebuilder.io/version": "v0.12.0" + }, + "creationTimestamp": "2024-03-04T14:25:28Z", + "generation": 1, + "name": "grafanas.grafana.integreatly.org", + "resourceVersion": "587", + "uid": "bc158928-485e-4b12-886c-e0c2f61ef732" + }, + "spec": { + "conversion": { + "strategy": "None" + }, + "group": "grafana.integreatly.org", + "names": { + "kind": "Grafana", + "listKind": "GrafanaList", + "plural": "grafanas", + "singular": "grafana" + }, + "scope": "Namespaced", + "versions": [ + { + "additionalPrinterColumns": [ + { + "jsonPath": ".status.stage", + "name": "Stage", + "type": "string" + }, + { + "jsonPath": ".status.stageStatus", + "name": "Stage status", + "type": "string" + }, + { + "jsonPath": ".metadata.creationTimestamp", + "name": "Age", + "type": "date" + } + ], + "name": "v1beta1", + "schema": { + "openAPIV3Schema": { + "description": "Grafana is the Schema for the grafanas API", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", + "type": "string" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "type": "object" + }, + "spec": { + "description": "GrafanaSpec defines the desired state of Grafana", + "properties": { + "client": { + "description": "Client defines how the grafana-operator talks to the grafana instance.", + "properties": { + "preferIngress": { + "description": "If the operator should send it's request through the grafana instances ingress object instead of through the service.", + "nullable": true, + "type": "boolean" + }, + "timeout": { + "nullable": true, + "type": "integer" + } + }, + "type": "object" + }, + "config": { + "additionalProperties": { + "additionalProperties": { + "type": "string" + }, + "type": "object" + }, + "description": "Config defines how your grafana ini file should looks like.", + "type": "object", + "x-kubernetes-preserve-unknown-fields": true + }, + "deployment": { + "description": "Deployment sets how the deployment object should look like with your grafana instance, contains a number of defaults.", + "properties": { + "metadata": { + "description": "ObjectMeta contains only a [subset of the fields included in k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.27/#objectmeta-v1-meta).", + "properties": { + "annotations": { + "additionalProperties": { + "type": "string" + }, + "type": "object" + }, + "labels": { + "additionalProperties": { + "type": "string" + }, + "type": "object" + } + }, + "type": "object" + }, + "spec": { + "properties": { + "minReadySeconds": { + "format": "int32", + "type": "integer" + }, + "paused": { + "type": "boolean" + }, + "progressDeadlineSeconds": { + "format": "int32", + "type": "integer" + }, + "replicas": { + "format": "int32", + "type": "integer" + }, + "revisionHistoryLimit": { + "format": "int32", + "type": "integer" + }, + "selector": { + "description": "A label selector is a label query over a set of resources. The result of matchLabels and matchExpressions are ANDed. An empty label selector matches all objects. A null label selector matches no objects.", + "properties": { + "matchExpressions": { + "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", + "items": { + "description": "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.", + "properties": { + "key": { + "description": "key is the label key that the selector applies to.", + "type": "string" + }, + "operator": { + "description": "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.", + "type": "string" + }, + "values": { + "description": "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array" + }, + "matchLabels": { + "additionalProperties": { + "type": "string" + }, + "description": "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", + "type": "object" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "strategy": { + "description": "DeploymentStrategy describes how to replace existing pods with new ones.", + "properties": { + "rollingUpdate": { + "description": "Rolling update config params. Present only if DeploymentStrategyType = RollingUpdate. --- TODO: Update this to follow our convention for oneOf, whatever we decide it to be.", + "properties": { + "maxSurge": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "description": "The maximum number of pods that can be scheduled above the desired number of pods. Value can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%). This can not be 0 if MaxUnavailable is 0. Absolute number is calculated from percentage by rounding up. Defaults to 25%. Example: when this is set to 30%, the new ReplicaSet can be scaled up immediately when the rolling update starts, such that the total number of old and new pods do not exceed 130% of desired pods. Once old pods have been killed, new ReplicaSet can be scaled up further, ensuring that total number of pods running at any time during the update is at most 130% of desired pods.", + "x-kubernetes-int-or-string": true + }, + "maxUnavailable": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "description": "The maximum number of pods that can be unavailable during the update. Value can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%). Absolute number is calculated from percentage by rounding down. This can not be 0 if MaxSurge is 0. Defaults to 25%. Example: when this is set to 30%, the old ReplicaSet can be scaled down to 70% of desired pods immediately when the rolling update starts. Once new pods are ready, old ReplicaSet can be scaled down further, followed by scaling up the new ReplicaSet, ensuring that the total number of pods available at all times during the update is at least 70% of desired pods.", + "x-kubernetes-int-or-string": true + } + }, + "type": "object" + }, + "type": { + "description": "Type of deployment. Can be \"Recreate\" or \"RollingUpdate\". Default is RollingUpdate.", + "type": "string" + } + }, + "type": "object" + }, + "template": { + "properties": { + "metadata": { + "description": "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata", + "properties": { + "annotations": { + "additionalProperties": { + "type": "string" + }, + "type": "object" + }, + "labels": { + "additionalProperties": { + "type": "string" + }, + "type": "object" + } + }, + "type": "object" + }, + "spec": { + "description": "Specification of the desired behavior of the pod. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status", + "properties": { + "activeDeadlineSeconds": { + "format": "int64", + "type": "integer" + }, + "affinity": { + "description": "If specified, the pod's scheduling constraints", + "properties": { + "nodeAffinity": { + "description": "Describes node affinity scheduling rules for the pod.", + "properties": { + "preferredDuringSchedulingIgnoredDuringExecution": { + "description": "The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding \"weight\" to the sum if the node matches the corresponding matchExpressions; the node(s) with the highest sum are the most preferred.", + "items": { + "description": "An empty preferred scheduling term matches all objects with implicit weight 0 (i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op).", + "properties": { + "preference": { + "description": "A node selector term, associated with the corresponding weight.", + "properties": { + "matchExpressions": { + "description": "A list of node selector requirements by node's labels.", + "items": { + "description": "A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values.", + "properties": { + "key": { + "description": "The label key that the selector applies to.", + "type": "string" + }, + "operator": { + "description": "Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.", + "type": "string" + }, + "values": { + "description": "An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array" + }, + "matchFields": { + "description": "A list of node selector requirements by node's fields.", + "items": { + "description": "A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values.", + "properties": { + "key": { + "description": "The label key that the selector applies to.", + "type": "string" + }, + "operator": { + "description": "Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.", + "type": "string" + }, + "values": { + "description": "An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "weight": { + "description": "Weight associated with matching the corresponding nodeSelectorTerm, in the range 1-100.", + "format": "int32", + "type": "integer" + } + }, + "required": [ + "preference", + "weight" + ], + "type": "object" + }, + "type": "array" + }, + "requiredDuringSchedulingIgnoredDuringExecution": { + "description": "If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to an update), the system may or may not try to eventually evict the pod from its node.", + "properties": { + "nodeSelectorTerms": { + "description": "Required. A list of node selector terms. The terms are ORed.", + "items": { + "description": "A null or empty node selector term matches no objects. The requirements of them are ANDed. The TopologySelectorTerm type implements a subset of the NodeSelectorTerm.", + "properties": { + "matchExpressions": { + "description": "A list of node selector requirements by node's labels.", + "items": { + "description": "A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values.", + "properties": { + "key": { + "description": "The label key that the selector applies to.", + "type": "string" + }, + "operator": { + "description": "Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.", + "type": "string" + }, + "values": { + "description": "An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array" + }, + "matchFields": { + "description": "A list of node selector requirements by node's fields.", + "items": { + "description": "A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values.", + "properties": { + "key": { + "description": "The label key that the selector applies to.", + "type": "string" + }, + "operator": { + "description": "Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.", + "type": "string" + }, + "values": { + "description": "An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "type": "array" + } + }, + "required": [ + "nodeSelectorTerms" + ], + "type": "object", + "x-kubernetes-map-type": "atomic" + } + }, + "type": "object" + }, + "podAffinity": { + "description": "Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s)).", + "properties": { + "preferredDuringSchedulingIgnoredDuringExecution": { + "description": "The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding \"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred.", + "items": { + "description": "The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s)", + "properties": { + "podAffinityTerm": { + "description": "Required. A pod affinity term, associated with the corresponding weight.", + "properties": { + "labelSelector": { + "description": "A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods.", + "properties": { + "matchExpressions": { + "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", + "items": { + "description": "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.", + "properties": { + "key": { + "description": "key is the label key that the selector applies to.", + "type": "string" + }, + "operator": { + "description": "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.", + "type": "string" + }, + "values": { + "description": "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array" + }, + "matchLabels": { + "additionalProperties": { + "type": "string" + }, + "description": "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", + "type": "object" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "matchLabelKeys": { + "description": "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.", + "items": { + "type": "string" + }, + "type": "array", + "x-kubernetes-list-type": "atomic" + }, + "mismatchLabelKeys": { + "description": "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.", + "items": { + "type": "string" + }, + "type": "array", + "x-kubernetes-list-type": "atomic" + }, + "namespaceSelector": { + "description": "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means \"this pod's namespace\". An empty selector ({}) matches all namespaces.", + "properties": { + "matchExpressions": { + "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", + "items": { + "description": "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.", + "properties": { + "key": { + "description": "key is the label key that the selector applies to.", + "type": "string" + }, + "operator": { + "description": "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.", + "type": "string" + }, + "values": { + "description": "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array" + }, + "matchLabels": { + "additionalProperties": { + "type": "string" + }, + "description": "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", + "type": "object" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "namespaces": { + "description": "namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means \"this pod's namespace\".", + "items": { + "type": "string" + }, + "type": "array" + }, + "topologyKey": { + "description": "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed.", + "type": "string" + } + }, + "required": [ + "topologyKey" + ], + "type": "object" + }, + "weight": { + "description": "weight associated with matching the corresponding podAffinityTerm, in the range 1-100.", + "format": "int32", + "type": "integer" + } + }, + "required": [ + "podAffinityTerm", + "weight" + ], + "type": "object" + }, + "type": "array" + }, + "requiredDuringSchedulingIgnoredDuringExecution": { + "description": "If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied.", + "items": { + "description": "Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running", + "properties": { + "labelSelector": { + "description": "A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods.", + "properties": { + "matchExpressions": { + "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", + "items": { + "description": "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.", + "properties": { + "key": { + "description": "key is the label key that the selector applies to.", + "type": "string" + }, + "operator": { + "description": "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.", + "type": "string" + }, + "values": { + "description": "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array" + }, + "matchLabels": { + "additionalProperties": { + "type": "string" + }, + "description": "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", + "type": "object" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "matchLabelKeys": { + "description": "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.", + "items": { + "type": "string" + }, + "type": "array", + "x-kubernetes-list-type": "atomic" + }, + "mismatchLabelKeys": { + "description": "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.", + "items": { + "type": "string" + }, + "type": "array", + "x-kubernetes-list-type": "atomic" + }, + "namespaceSelector": { + "description": "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means \"this pod's namespace\". An empty selector ({}) matches all namespaces.", + "properties": { + "matchExpressions": { + "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", + "items": { + "description": "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.", + "properties": { + "key": { + "description": "key is the label key that the selector applies to.", + "type": "string" + }, + "operator": { + "description": "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.", + "type": "string" + }, + "values": { + "description": "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array" + }, + "matchLabels": { + "additionalProperties": { + "type": "string" + }, + "description": "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", + "type": "object" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "namespaces": { + "description": "namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means \"this pod's namespace\".", + "items": { + "type": "string" + }, + "type": "array" + }, + "topologyKey": { + "description": "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed.", + "type": "string" + } + }, + "required": [ + "topologyKey" + ], + "type": "object" + }, + "type": "array" + } + }, + "type": "object" + }, + "podAntiAffinity": { + "description": "Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s)).", + "properties": { + "preferredDuringSchedulingIgnoredDuringExecution": { + "description": "The scheduler will prefer to schedule pods to nodes that satisfy the anti-affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling anti-affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding \"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred.", + "items": { + "description": "The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s)", + "properties": { + "podAffinityTerm": { + "description": "Required. A pod affinity term, associated with the corresponding weight.", + "properties": { + "labelSelector": { + "description": "A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods.", + "properties": { + "matchExpressions": { + "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", + "items": { + "description": "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.", + "properties": { + "key": { + "description": "key is the label key that the selector applies to.", + "type": "string" + }, + "operator": { + "description": "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.", + "type": "string" + }, + "values": { + "description": "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array" + }, + "matchLabels": { + "additionalProperties": { + "type": "string" + }, + "description": "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", + "type": "object" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "matchLabelKeys": { + "description": "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.", + "items": { + "type": "string" + }, + "type": "array", + "x-kubernetes-list-type": "atomic" + }, + "mismatchLabelKeys": { + "description": "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.", + "items": { + "type": "string" + }, + "type": "array", + "x-kubernetes-list-type": "atomic" + }, + "namespaceSelector": { + "description": "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means \"this pod's namespace\". An empty selector ({}) matches all namespaces.", + "properties": { + "matchExpressions": { + "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", + "items": { + "description": "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.", + "properties": { + "key": { + "description": "key is the label key that the selector applies to.", + "type": "string" + }, + "operator": { + "description": "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.", + "type": "string" + }, + "values": { + "description": "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array" + }, + "matchLabels": { + "additionalProperties": { + "type": "string" + }, + "description": "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", + "type": "object" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "namespaces": { + "description": "namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means \"this pod's namespace\".", + "items": { + "type": "string" + }, + "type": "array" + }, + "topologyKey": { + "description": "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed.", + "type": "string" + } + }, + "required": [ + "topologyKey" + ], + "type": "object" + }, + "weight": { + "description": "weight associated with matching the corresponding podAffinityTerm, in the range 1-100.", + "format": "int32", + "type": "integer" + } + }, + "required": [ + "podAffinityTerm", + "weight" + ], + "type": "object" + }, + "type": "array" + }, + "requiredDuringSchedulingIgnoredDuringExecution": { + "description": "If the anti-affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the anti-affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied.", + "items": { + "description": "Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running", + "properties": { + "labelSelector": { + "description": "A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods.", + "properties": { + "matchExpressions": { + "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", + "items": { + "description": "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.", + "properties": { + "key": { + "description": "key is the label key that the selector applies to.", + "type": "string" + }, + "operator": { + "description": "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.", + "type": "string" + }, + "values": { + "description": "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array" + }, + "matchLabels": { + "additionalProperties": { + "type": "string" + }, + "description": "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", + "type": "object" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "matchLabelKeys": { + "description": "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.", + "items": { + "type": "string" + }, + "type": "array", + "x-kubernetes-list-type": "atomic" + }, + "mismatchLabelKeys": { + "description": "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.", + "items": { + "type": "string" + }, + "type": "array", + "x-kubernetes-list-type": "atomic" + }, + "namespaceSelector": { + "description": "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means \"this pod's namespace\". An empty selector ({}) matches all namespaces.", + "properties": { + "matchExpressions": { + "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", + "items": { + "description": "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.", + "properties": { + "key": { + "description": "key is the label key that the selector applies to.", + "type": "string" + }, + "operator": { + "description": "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.", + "type": "string" + }, + "values": { + "description": "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array" + }, + "matchLabels": { + "additionalProperties": { + "type": "string" + }, + "description": "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", + "type": "object" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "namespaces": { + "description": "namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means \"this pod's namespace\".", + "items": { + "type": "string" + }, + "type": "array" + }, + "topologyKey": { + "description": "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed.", + "type": "string" + } + }, + "required": [ + "topologyKey" + ], + "type": "object" + }, + "type": "array" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "automountServiceAccountToken": { + "description": "AutomountServiceAccountToken indicates whether a service account token should be automatically mounted.", + "type": "boolean" + }, + "containers": { + "items": { + "description": "A single application container that you want to run within a pod.", + "properties": { + "args": { + "description": "Arguments to the entrypoint. The container image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell", + "items": { + "type": "string" + }, + "type": "array" + }, + "command": { + "description": "Entrypoint array. Not executed within a shell. The container image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell", + "items": { + "type": "string" + }, + "type": "array" + }, + "env": { + "description": "List of environment variables to set in the container. Cannot be updated.", + "items": { + "description": "EnvVar represents an environment variable present in a Container.", + "properties": { + "name": { + "description": "Name of the environment variable. Must be a C_IDENTIFIER.", + "type": "string" + }, + "value": { + "description": "Variable references $(VAR_NAME) are expanded using the previously defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to \"\".", + "type": "string" + }, + "valueFrom": { + "description": "Source for the environment variable's value. Cannot be used if value is not empty.", + "properties": { + "configMapKeyRef": { + "description": "Selects a key of a ConfigMap.", + "properties": { + "key": { + "description": "The key to select.", + "type": "string" + }, + "name": { + "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?", + "type": "string" + }, + "optional": { + "description": "Specify whether the ConfigMap or its key must be defined", + "type": "boolean" + } + }, + "required": [ + "key" + ], + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "fieldRef": { + "description": "Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs.", + "properties": { + "apiVersion": { + "description": "Version of the schema the FieldPath is written in terms of, defaults to \"v1\".", + "type": "string" + }, + "fieldPath": { + "description": "Path of the field to select in the specified API version.", + "type": "string" + } + }, + "required": [ + "fieldPath" + ], + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "resourceFieldRef": { + "description": "Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported.", + "properties": { + "containerName": { + "description": "Container name: required for volumes, optional for env vars", + "type": "string" + }, + "divisor": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "description": "Specifies the output format of the exposed resources, defaults to \"1\"", + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "resource": { + "description": "Required: resource to select", + "type": "string" + } + }, + "required": [ + "resource" + ], + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "secretKeyRef": { + "description": "Selects a key of a secret in the pod's namespace", + "properties": { + "key": { + "description": "The key of the secret to select from. Must be a valid secret key.", + "type": "string" + }, + "name": { + "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?", + "type": "string" + }, + "optional": { + "description": "Specify whether the Secret or its key must be defined", + "type": "boolean" + } + }, + "required": [ + "key" + ], + "type": "object", + "x-kubernetes-map-type": "atomic" + } + }, + "type": "object" + } + }, + "required": [ + "name" + ], + "type": "object" + }, + "type": "array" + }, + "envFrom": { + "description": "List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated.", + "items": { + "description": "EnvFromSource represents the source of a set of ConfigMaps", + "properties": { + "configMapRef": { + "description": "The ConfigMap to select from", + "properties": { + "name": { + "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?", + "type": "string" + }, + "optional": { + "description": "Specify whether the ConfigMap must be defined", + "type": "boolean" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "prefix": { + "description": "An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER.", + "type": "string" + }, + "secretRef": { + "description": "The Secret to select from", + "properties": { + "name": { + "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?", + "type": "string" + }, + "optional": { + "description": "Specify whether the Secret must be defined", + "type": "boolean" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + } + }, + "type": "object" + }, + "type": "array" + }, + "image": { + "description": "Container image name. More info: https://kubernetes.io/docs/concepts/containers/images This field is optional to allow higher level config management to default or override container images in workload controllers like Deployments and StatefulSets.", + "type": "string" + }, + "imagePullPolicy": { + "description": "Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images", + "type": "string" + }, + "lifecycle": { + "description": "Actions that the management system should take in response to container lifecycle events. Cannot be updated.", + "properties": { + "postStart": { + "description": "PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks", + "properties": { + "exec": { + "description": "Exec specifies the action to take.", + "properties": { + "command": { + "description": "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + }, + "httpGet": { + "description": "HTTPGet specifies the http request to perform.", + "properties": { + "host": { + "description": "Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead.", + "type": "string" + }, + "httpHeaders": { + "description": "Custom headers to set in the request. HTTP allows repeated headers.", + "items": { + "description": "HTTPHeader describes a custom header to be used in HTTP probes", + "properties": { + "name": { + "description": "The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.", + "type": "string" + }, + "value": { + "description": "The header field value", + "type": "string" + } + }, + "required": [ + "name", + "value" + ], + "type": "object" + }, + "type": "array" + }, + "path": { + "description": "Path to access on the HTTP server.", + "type": "string" + }, + "port": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "description": "Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.", + "x-kubernetes-int-or-string": true + }, + "scheme": { + "description": "Scheme to use for connecting to the host. Defaults to HTTP.", + "type": "string" + } + }, + "required": [ + "port" + ], + "type": "object" + }, + "sleep": { + "description": "Sleep represents the duration that the container should sleep before being terminated.", + "properties": { + "seconds": { + "description": "Seconds is the number of seconds to sleep.", + "format": "int64", + "type": "integer" + } + }, + "required": [ + "seconds" + ], + "type": "object" + }, + "tcpSocket": { + "description": "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified.", + "properties": { + "host": { + "description": "Optional: Host name to connect to, defaults to the pod IP.", + "type": "string" + }, + "port": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "description": "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.", + "x-kubernetes-int-or-string": true + } + }, + "required": [ + "port" + ], + "type": "object" + } + }, + "type": "object" + }, + "preStop": { + "description": "PreStop is called immediately before a container is terminated due to an API request or management event such as liveness/startup probe failure, preemption, resource contention, etc. The handler is not called if the container crashes or exits. The Pod's termination grace period countdown begins before the PreStop hook is executed. Regardless of the outcome of the handler, the container will eventually terminate within the Pod's termination grace period (unless delayed by finalizers). Other management of the container blocks until the hook completes or until the termination grace period is reached. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks", + "properties": { + "exec": { + "description": "Exec specifies the action to take.", + "properties": { + "command": { + "description": "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + }, + "httpGet": { + "description": "HTTPGet specifies the http request to perform.", + "properties": { + "host": { + "description": "Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead.", + "type": "string" + }, + "httpHeaders": { + "description": "Custom headers to set in the request. HTTP allows repeated headers.", + "items": { + "description": "HTTPHeader describes a custom header to be used in HTTP probes", + "properties": { + "name": { + "description": "The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.", + "type": "string" + }, + "value": { + "description": "The header field value", + "type": "string" + } + }, + "required": [ + "name", + "value" + ], + "type": "object" + }, + "type": "array" + }, + "path": { + "description": "Path to access on the HTTP server.", + "type": "string" + }, + "port": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "description": "Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.", + "x-kubernetes-int-or-string": true + }, + "scheme": { + "description": "Scheme to use for connecting to the host. Defaults to HTTP.", + "type": "string" + } + }, + "required": [ + "port" + ], + "type": "object" + }, + "sleep": { + "description": "Sleep represents the duration that the container should sleep before being terminated.", + "properties": { + "seconds": { + "description": "Seconds is the number of seconds to sleep.", + "format": "int64", + "type": "integer" + } + }, + "required": [ + "seconds" + ], + "type": "object" + }, + "tcpSocket": { + "description": "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified.", + "properties": { + "host": { + "description": "Optional: Host name to connect to, defaults to the pod IP.", + "type": "string" + }, + "port": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "description": "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.", + "x-kubernetes-int-or-string": true + } + }, + "required": [ + "port" + ], + "type": "object" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "livenessProbe": { + "description": "Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes", + "properties": { + "exec": { + "description": "Exec specifies the action to take.", + "properties": { + "command": { + "description": "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + }, + "failureThreshold": { + "description": "Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.", + "format": "int32", + "type": "integer" + }, + "grpc": { + "description": "GRPC specifies an action involving a GRPC port.", + "properties": { + "port": { + "description": "Port number of the gRPC service. Number must be in the range 1 to 65535.", + "format": "int32", + "type": "integer" + }, + "service": { + "description": "Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). \n If this is not specified, the default behavior is defined by gRPC.", + "type": "string" + } + }, + "required": [ + "port" + ], + "type": "object" + }, + "httpGet": { + "description": "HTTPGet specifies the http request to perform.", + "properties": { + "host": { + "description": "Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead.", + "type": "string" + }, + "httpHeaders": { + "description": "Custom headers to set in the request. HTTP allows repeated headers.", + "items": { + "description": "HTTPHeader describes a custom header to be used in HTTP probes", + "properties": { + "name": { + "description": "The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.", + "type": "string" + }, + "value": { + "description": "The header field value", + "type": "string" + } + }, + "required": [ + "name", + "value" + ], + "type": "object" + }, + "type": "array" + }, + "path": { + "description": "Path to access on the HTTP server.", + "type": "string" + }, + "port": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "description": "Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.", + "x-kubernetes-int-or-string": true + }, + "scheme": { + "description": "Scheme to use for connecting to the host. Defaults to HTTP.", + "type": "string" + } + }, + "required": [ + "port" + ], + "type": "object" + }, + "initialDelaySeconds": { + "description": "Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes", + "format": "int32", + "type": "integer" + }, + "periodSeconds": { + "description": "How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1.", + "format": "int32", + "type": "integer" + }, + "successThreshold": { + "description": "Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1.", + "format": "int32", + "type": "integer" + }, + "tcpSocket": { + "description": "TCPSocket specifies an action involving a TCP port.", + "properties": { + "host": { + "description": "Optional: Host name to connect to, defaults to the pod IP.", + "type": "string" + }, + "port": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "description": "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.", + "x-kubernetes-int-or-string": true + } + }, + "required": [ + "port" + ], + "type": "object" + }, + "terminationGracePeriodSeconds": { + "description": "Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset.", + "format": "int64", + "type": "integer" + }, + "timeoutSeconds": { + "description": "Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes", + "format": "int32", + "type": "integer" + } + }, + "type": "object" + }, + "name": { + "description": "Name of the container specified as a DNS_LABEL. Each container in a pod must have a unique name (DNS_LABEL). Cannot be updated.", + "type": "string" + }, + "ports": { + "description": "List of ports to expose from the container. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default \"0.0.0.0\" address inside a container will be accessible from the network. Modifying this array with strategic merge patch may corrupt the data. For more information See https://github.com/kubernetes/kubernetes/issues/108255. Cannot be updated.", + "items": { + "description": "ContainerPort represents a network port in a single container.", + "properties": { + "containerPort": { + "description": "Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536.", + "format": "int32", + "type": "integer" + }, + "hostIP": { + "description": "What host IP to bind the external port to.", + "type": "string" + }, + "hostPort": { + "description": "Number of port to expose on the host. If specified, this must be a valid port number, 0 < x < 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this.", + "format": "int32", + "type": "integer" + }, + "name": { + "description": "If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services.", + "type": "string" + }, + "protocol": { + "default": "TCP", + "description": "Protocol for port. Must be UDP, TCP, or SCTP. Defaults to \"TCP\".", + "type": "string" + } + }, + "required": [ + "containerPort" + ], + "type": "object" + }, + "type": "array", + "x-kubernetes-list-map-keys": [ + "containerPort", + "protocol" + ], + "x-kubernetes-list-type": "map" + }, + "readinessProbe": { + "description": "Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes", + "properties": { + "exec": { + "description": "Exec specifies the action to take.", + "properties": { + "command": { + "description": "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + }, + "failureThreshold": { + "description": "Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.", + "format": "int32", + "type": "integer" + }, + "grpc": { + "description": "GRPC specifies an action involving a GRPC port.", + "properties": { + "port": { + "description": "Port number of the gRPC service. Number must be in the range 1 to 65535.", + "format": "int32", + "type": "integer" + }, + "service": { + "description": "Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). \n If this is not specified, the default behavior is defined by gRPC.", + "type": "string" + } + }, + "required": [ + "port" + ], + "type": "object" + }, + "httpGet": { + "description": "HTTPGet specifies the http request to perform.", + "properties": { + "host": { + "description": "Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead.", + "type": "string" + }, + "httpHeaders": { + "description": "Custom headers to set in the request. HTTP allows repeated headers.", + "items": { + "description": "HTTPHeader describes a custom header to be used in HTTP probes", + "properties": { + "name": { + "description": "The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.", + "type": "string" + }, + "value": { + "description": "The header field value", + "type": "string" + } + }, + "required": [ + "name", + "value" + ], + "type": "object" + }, + "type": "array" + }, + "path": { + "description": "Path to access on the HTTP server.", + "type": "string" + }, + "port": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "description": "Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.", + "x-kubernetes-int-or-string": true + }, + "scheme": { + "description": "Scheme to use for connecting to the host. Defaults to HTTP.", + "type": "string" + } + }, + "required": [ + "port" + ], + "type": "object" + }, + "initialDelaySeconds": { + "description": "Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes", + "format": "int32", + "type": "integer" + }, + "periodSeconds": { + "description": "How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1.", + "format": "int32", + "type": "integer" + }, + "successThreshold": { + "description": "Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1.", + "format": "int32", + "type": "integer" + }, + "tcpSocket": { + "description": "TCPSocket specifies an action involving a TCP port.", + "properties": { + "host": { + "description": "Optional: Host name to connect to, defaults to the pod IP.", + "type": "string" + }, + "port": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "description": "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.", + "x-kubernetes-int-or-string": true + } + }, + "required": [ + "port" + ], + "type": "object" + }, + "terminationGracePeriodSeconds": { + "description": "Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset.", + "format": "int64", + "type": "integer" + }, + "timeoutSeconds": { + "description": "Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes", + "format": "int32", + "type": "integer" + } + }, + "type": "object" + }, + "resizePolicy": { + "description": "Resources resize policy for the container.", + "items": { + "description": "ContainerResizePolicy represents resource resize policy for the container.", + "properties": { + "resourceName": { + "description": "Name of the resource to which this resource resize policy applies. Supported values: cpu, memory.", + "type": "string" + }, + "restartPolicy": { + "description": "Restart policy to apply when specified resource is resized. If not specified, it defaults to NotRequired.", + "type": "string" + } + }, + "required": [ + "resourceName", + "restartPolicy" + ], + "type": "object" + }, + "type": "array", + "x-kubernetes-list-type": "atomic" + }, + "resources": { + "description": "Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/", + "properties": { + "claims": { + "description": "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers.", + "items": { + "description": "ResourceClaim references one entry in PodSpec.ResourceClaims.", + "properties": { + "name": { + "description": "Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container.", + "type": "string" + } + }, + "required": [ + "name" + ], + "type": "object" + }, + "type": "array", + "x-kubernetes-list-map-keys": [ + "name" + ], + "x-kubernetes-list-type": "map" + }, + "limits": { + "additionalProperties": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "description": "Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/", + "type": "object" + }, + "requests": { + "additionalProperties": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "description": "Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/", + "type": "object" + } + }, + "type": "object" + }, + "restartPolicy": { + "description": "RestartPolicy defines the restart behavior of individual containers in a pod. This field may only be set for init containers, and the only allowed value is \"Always\". For non-init containers or when this field is not specified, the restart behavior is defined by the Pod's restart policy and the container type. Setting the RestartPolicy as \"Always\" for the init container will have the following effect: this init container will be continually restarted on exit until all regular containers have terminated. Once all regular containers have completed, all init containers with restartPolicy \"Always\" will be shut down. This lifecycle differs from normal init containers and is often referred to as a \"sidecar\" container. Although this init container still starts in the init container sequence, it does not wait for the container to complete before proceeding to the next init container. Instead, the next init container starts immediately after this init container is started, or after any startupProbe has successfully completed.", + "type": "string" + }, + "securityContext": { + "description": "SecurityContext defines the security options the container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/", + "properties": { + "allowPrivilegeEscalation": { + "description": "AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN Note that this field cannot be set when spec.os.name is windows.", + "type": "boolean" + }, + "capabilities": { + "description": "The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. Note that this field cannot be set when spec.os.name is windows.", + "properties": { + "add": { + "description": "Added capabilities", + "items": { + "description": "Capability represent POSIX capabilities type", + "type": "string" + }, + "type": "array" + }, + "drop": { + "description": "Removed capabilities", + "items": { + "description": "Capability represent POSIX capabilities type", + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + }, + "privileged": { + "description": "Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. Note that this field cannot be set when spec.os.name is windows.", + "type": "boolean" + }, + "procMount": { + "description": "procMount denotes the type of proc mount to use for the containers. The default is DefaultProcMount which uses the container runtime defaults for readonly paths and masked paths. This requires the ProcMountType feature flag to be enabled. Note that this field cannot be set when spec.os.name is windows.", + "type": "string" + }, + "readOnlyRootFilesystem": { + "description": "Whether this container has a read-only root filesystem. Default is false. Note that this field cannot be set when spec.os.name is windows.", + "type": "boolean" + }, + "runAsGroup": { + "description": "The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows.", + "format": "int64", + "type": "integer" + }, + "runAsNonRoot": { + "description": "Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.", + "type": "boolean" + }, + "runAsUser": { + "description": "The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows.", + "format": "int64", + "type": "integer" + }, + "seLinuxOptions": { + "description": "The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows.", + "properties": { + "level": { + "description": "Level is SELinux level label that applies to the container.", + "type": "string" + }, + "role": { + "description": "Role is a SELinux role label that applies to the container.", + "type": "string" + }, + "type": { + "description": "Type is a SELinux type label that applies to the container.", + "type": "string" + }, + "user": { + "description": "User is a SELinux user label that applies to the container.", + "type": "string" + } + }, + "type": "object" + }, + "seccompProfile": { + "description": "The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows.", + "properties": { + "localhostProfile": { + "description": "localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must be set if type is \"Localhost\". Must NOT be set for any other type.", + "type": "string" + }, + "type": { + "description": "type indicates which kind of seccomp profile will be applied. Valid options are: \n Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied.", + "type": "string" + } + }, + "required": [ + "type" + ], + "type": "object" + }, + "windowsOptions": { + "description": "The Windows specific settings applied to all containers. If unspecified, the options from the PodSecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is linux.", + "properties": { + "gmsaCredentialSpec": { + "description": "GMSACredentialSpec is where the GMSA admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the GMSA credential spec named by the GMSACredentialSpecName field.", + "type": "string" + }, + "gmsaCredentialSpecName": { + "description": "GMSACredentialSpecName is the name of the GMSA credential spec to use.", + "type": "string" + }, + "hostProcess": { + "description": "HostProcess determines if a container should be run as a 'Host Process' container. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.", + "type": "boolean" + }, + "runAsUserName": { + "description": "The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.", + "type": "string" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "startupProbe": { + "description": "StartupProbe indicates that the Pod has successfully initialized. If specified, no other probes are executed until this completes successfully. If this probe fails, the Pod will be restarted, just as if the livenessProbe failed. This can be used to provide different probe parameters at the beginning of a Pod's lifecycle, when it might take a long time to load data or warm a cache, than during steady-state operation. This cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes", + "properties": { + "exec": { + "description": "Exec specifies the action to take.", + "properties": { + "command": { + "description": "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + }, + "failureThreshold": { + "description": "Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.", + "format": "int32", + "type": "integer" + }, + "grpc": { + "description": "GRPC specifies an action involving a GRPC port.", + "properties": { + "port": { + "description": "Port number of the gRPC service. Number must be in the range 1 to 65535.", + "format": "int32", + "type": "integer" + }, + "service": { + "description": "Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). \n If this is not specified, the default behavior is defined by gRPC.", + "type": "string" + } + }, + "required": [ + "port" + ], + "type": "object" + }, + "httpGet": { + "description": "HTTPGet specifies the http request to perform.", + "properties": { + "host": { + "description": "Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead.", + "type": "string" + }, + "httpHeaders": { + "description": "Custom headers to set in the request. HTTP allows repeated headers.", + "items": { + "description": "HTTPHeader describes a custom header to be used in HTTP probes", + "properties": { + "name": { + "description": "The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.", + "type": "string" + }, + "value": { + "description": "The header field value", + "type": "string" + } + }, + "required": [ + "name", + "value" + ], + "type": "object" + }, + "type": "array" + }, + "path": { + "description": "Path to access on the HTTP server.", + "type": "string" + }, + "port": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "description": "Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.", + "x-kubernetes-int-or-string": true + }, + "scheme": { + "description": "Scheme to use for connecting to the host. Defaults to HTTP.", + "type": "string" + } + }, + "required": [ + "port" + ], + "type": "object" + }, + "initialDelaySeconds": { + "description": "Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes", + "format": "int32", + "type": "integer" + }, + "periodSeconds": { + "description": "How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1.", + "format": "int32", + "type": "integer" + }, + "successThreshold": { + "description": "Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1.", + "format": "int32", + "type": "integer" + }, + "tcpSocket": { + "description": "TCPSocket specifies an action involving a TCP port.", + "properties": { + "host": { + "description": "Optional: Host name to connect to, defaults to the pod IP.", + "type": "string" + }, + "port": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "description": "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.", + "x-kubernetes-int-or-string": true + } + }, + "required": [ + "port" + ], + "type": "object" + }, + "terminationGracePeriodSeconds": { + "description": "Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset.", + "format": "int64", + "type": "integer" + }, + "timeoutSeconds": { + "description": "Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes", + "format": "int32", + "type": "integer" + } + }, + "type": "object" + }, + "stdin": { + "description": "Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false.", + "type": "boolean" + }, + "stdinOnce": { + "description": "Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false", + "type": "boolean" + }, + "terminationMessagePath": { + "description": "Optional: Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated.", + "type": "string" + }, + "terminationMessagePolicy": { + "description": "Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated.", + "type": "string" + }, + "tty": { + "description": "Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. Default is false.", + "type": "boolean" + }, + "volumeDevices": { + "description": "volumeDevices is the list of block devices to be used by the container.", + "items": { + "description": "volumeDevice describes a mapping of a raw block device within a container.", + "properties": { + "devicePath": { + "description": "devicePath is the path inside of the container that the device will be mapped to.", + "type": "string" + }, + "name": { + "description": "name must match the name of a persistentVolumeClaim in the pod", + "type": "string" + } + }, + "required": [ + "devicePath", + "name" + ], + "type": "object" + }, + "type": "array" + }, + "volumeMounts": { + "description": "Pod volumes to mount into the container's filesystem. Cannot be updated.", + "items": { + "description": "VolumeMount describes a mounting of a Volume within a container.", + "properties": { + "mountPath": { + "description": "Path within the container at which the volume should be mounted. Must not contain ':'.", + "type": "string" + }, + "mountPropagation": { + "description": "mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationNone is used. This field is beta in 1.10.", + "type": "string" + }, + "name": { + "description": "This must match the Name of a Volume.", + "type": "string" + }, + "readOnly": { + "description": "Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false.", + "type": "boolean" + }, + "subPath": { + "description": "Path within the volume from which the container's volume should be mounted. Defaults to \"\" (volume's root).", + "type": "string" + }, + "subPathExpr": { + "description": "Expanded path within the volume from which the container's volume should be mounted. Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. Defaults to \"\" (volume's root). SubPathExpr and SubPath are mutually exclusive.", + "type": "string" + } + }, + "required": [ + "mountPath", + "name" + ], + "type": "object" + }, + "type": "array" + }, + "workingDir": { + "description": "Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated.", + "type": "string" + } + }, + "required": [ + "name" + ], + "type": "object" + }, + "type": "array" + }, + "dnsConfig": { + "description": "Specifies the DNS parameters of a pod. Parameters specified here will be merged to the generated DNS configuration based on DNSPolicy.", + "properties": { + "nameservers": { + "description": "A list of DNS name server IP addresses. This will be appended to the base nameservers generated from DNSPolicy. Duplicated nameservers will be removed.", + "items": { + "type": "string" + }, + "type": "array" + }, + "options": { + "description": "A list of DNS resolver options. This will be merged with the base options generated from DNSPolicy. Duplicated entries will be removed. Resolution options given in Options will override those that appear in the base DNSPolicy.", + "items": { + "description": "PodDNSConfigOption defines DNS resolver options of a pod.", + "properties": { + "name": { + "description": "Required.", + "type": "string" + }, + "value": { + "type": "string" + } + }, + "type": "object" + }, + "type": "array" + }, + "searches": { + "description": "A list of DNS search domains for host-name lookup. This will be appended to the base search paths generated from DNSPolicy. Duplicated search paths will be removed.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + }, + "dnsPolicy": { + "description": "DNSPolicy defines how a pod's DNS will be configured.", + "type": "string" + }, + "enableServiceLinks": { + "description": "EnableServiceLinks indicates whether information about services should be injected into pod's environment variables, matching the syntax of Docker links. Optional: Defaults to true.", + "type": "boolean" + }, + "ephemeralContainers": { + "items": { + "description": "An EphemeralContainer is a temporary container that you may add to an existing Pod for user-initiated activities such as debugging. Ephemeral containers have no resource or scheduling guarantees, and they will not be restarted when they exit or when a Pod is removed or restarted. The kubelet may evict a Pod if an ephemeral container causes the Pod to exceed its resource allocation. \n To add an ephemeral container, use the ephemeralcontainers subresource of an existing Pod. Ephemeral containers may not be removed or restarted.", + "properties": { + "args": { + "description": "Arguments to the entrypoint. The image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell", + "items": { + "type": "string" + }, + "type": "array" + }, + "command": { + "description": "Entrypoint array. Not executed within a shell. The image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell", + "items": { + "type": "string" + }, + "type": "array" + }, + "env": { + "description": "List of environment variables to set in the container. Cannot be updated.", + "items": { + "description": "EnvVar represents an environment variable present in a Container.", + "properties": { + "name": { + "description": "Name of the environment variable. Must be a C_IDENTIFIER.", + "type": "string" + }, + "value": { + "description": "Variable references $(VAR_NAME) are expanded using the previously defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to \"\".", + "type": "string" + }, + "valueFrom": { + "description": "Source for the environment variable's value. Cannot be used if value is not empty.", + "properties": { + "configMapKeyRef": { + "description": "Selects a key of a ConfigMap.", + "properties": { + "key": { + "description": "The key to select.", + "type": "string" + }, + "name": { + "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?", + "type": "string" + }, + "optional": { + "description": "Specify whether the ConfigMap or its key must be defined", + "type": "boolean" + } + }, + "required": [ + "key" + ], + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "fieldRef": { + "description": "Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs.", + "properties": { + "apiVersion": { + "description": "Version of the schema the FieldPath is written in terms of, defaults to \"v1\".", + "type": "string" + }, + "fieldPath": { + "description": "Path of the field to select in the specified API version.", + "type": "string" + } + }, + "required": [ + "fieldPath" + ], + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "resourceFieldRef": { + "description": "Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported.", + "properties": { + "containerName": { + "description": "Container name: required for volumes, optional for env vars", + "type": "string" + }, + "divisor": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "description": "Specifies the output format of the exposed resources, defaults to \"1\"", + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "resource": { + "description": "Required: resource to select", + "type": "string" + } + }, + "required": [ + "resource" + ], + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "secretKeyRef": { + "description": "Selects a key of a secret in the pod's namespace", + "properties": { + "key": { + "description": "The key of the secret to select from. Must be a valid secret key.", + "type": "string" + }, + "name": { + "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?", + "type": "string" + }, + "optional": { + "description": "Specify whether the Secret or its key must be defined", + "type": "boolean" + } + }, + "required": [ + "key" + ], + "type": "object", + "x-kubernetes-map-type": "atomic" + } + }, + "type": "object" + } + }, + "required": [ + "name" + ], + "type": "object" + }, + "type": "array" + }, + "envFrom": { + "description": "List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated.", + "items": { + "description": "EnvFromSource represents the source of a set of ConfigMaps", + "properties": { + "configMapRef": { + "description": "The ConfigMap to select from", + "properties": { + "name": { + "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?", + "type": "string" + }, + "optional": { + "description": "Specify whether the ConfigMap must be defined", + "type": "boolean" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "prefix": { + "description": "An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER.", + "type": "string" + }, + "secretRef": { + "description": "The Secret to select from", + "properties": { + "name": { + "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?", + "type": "string" + }, + "optional": { + "description": "Specify whether the Secret must be defined", + "type": "boolean" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + } + }, + "type": "object" + }, + "type": "array" + }, + "image": { + "description": "Container image name. More info: https://kubernetes.io/docs/concepts/containers/images", + "type": "string" + }, + "imagePullPolicy": { + "description": "Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images", + "type": "string" + }, + "lifecycle": { + "description": "Lifecycle is not allowed for ephemeral containers.", + "properties": { + "postStart": { + "description": "PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks", + "properties": { + "exec": { + "description": "Exec specifies the action to take.", + "properties": { + "command": { + "description": "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + }, + "httpGet": { + "description": "HTTPGet specifies the http request to perform.", + "properties": { + "host": { + "description": "Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead.", + "type": "string" + }, + "httpHeaders": { + "description": "Custom headers to set in the request. HTTP allows repeated headers.", + "items": { + "description": "HTTPHeader describes a custom header to be used in HTTP probes", + "properties": { + "name": { + "description": "The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.", + "type": "string" + }, + "value": { + "description": "The header field value", + "type": "string" + } + }, + "required": [ + "name", + "value" + ], + "type": "object" + }, + "type": "array" + }, + "path": { + "description": "Path to access on the HTTP server.", + "type": "string" + }, + "port": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "description": "Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.", + "x-kubernetes-int-or-string": true + }, + "scheme": { + "description": "Scheme to use for connecting to the host. Defaults to HTTP.", + "type": "string" + } + }, + "required": [ + "port" + ], + "type": "object" + }, + "sleep": { + "description": "Sleep represents the duration that the container should sleep before being terminated.", + "properties": { + "seconds": { + "description": "Seconds is the number of seconds to sleep.", + "format": "int64", + "type": "integer" + } + }, + "required": [ + "seconds" + ], + "type": "object" + }, + "tcpSocket": { + "description": "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified.", + "properties": { + "host": { + "description": "Optional: Host name to connect to, defaults to the pod IP.", + "type": "string" + }, + "port": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "description": "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.", + "x-kubernetes-int-or-string": true + } + }, + "required": [ + "port" + ], + "type": "object" + } + }, + "type": "object" + }, + "preStop": { + "description": "PreStop is called immediately before a container is terminated due to an API request or management event such as liveness/startup probe failure, preemption, resource contention, etc. The handler is not called if the container crashes or exits. The Pod's termination grace period countdown begins before the PreStop hook is executed. Regardless of the outcome of the handler, the container will eventually terminate within the Pod's termination grace period (unless delayed by finalizers). Other management of the container blocks until the hook completes or until the termination grace period is reached. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks", + "properties": { + "exec": { + "description": "Exec specifies the action to take.", + "properties": { + "command": { + "description": "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + }, + "httpGet": { + "description": "HTTPGet specifies the http request to perform.", + "properties": { + "host": { + "description": "Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead.", + "type": "string" + }, + "httpHeaders": { + "description": "Custom headers to set in the request. HTTP allows repeated headers.", + "items": { + "description": "HTTPHeader describes a custom header to be used in HTTP probes", + "properties": { + "name": { + "description": "The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.", + "type": "string" + }, + "value": { + "description": "The header field value", + "type": "string" + } + }, + "required": [ + "name", + "value" + ], + "type": "object" + }, + "type": "array" + }, + "path": { + "description": "Path to access on the HTTP server.", + "type": "string" + }, + "port": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "description": "Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.", + "x-kubernetes-int-or-string": true + }, + "scheme": { + "description": "Scheme to use for connecting to the host. Defaults to HTTP.", + "type": "string" + } + }, + "required": [ + "port" + ], + "type": "object" + }, + "sleep": { + "description": "Sleep represents the duration that the container should sleep before being terminated.", + "properties": { + "seconds": { + "description": "Seconds is the number of seconds to sleep.", + "format": "int64", + "type": "integer" + } + }, + "required": [ + "seconds" + ], + "type": "object" + }, + "tcpSocket": { + "description": "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified.", + "properties": { + "host": { + "description": "Optional: Host name to connect to, defaults to the pod IP.", + "type": "string" + }, + "port": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "description": "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.", + "x-kubernetes-int-or-string": true + } + }, + "required": [ + "port" + ], + "type": "object" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "livenessProbe": { + "description": "Probes are not allowed for ephemeral containers.", + "properties": { + "exec": { + "description": "Exec specifies the action to take.", + "properties": { + "command": { + "description": "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + }, + "failureThreshold": { + "description": "Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.", + "format": "int32", + "type": "integer" + }, + "grpc": { + "description": "GRPC specifies an action involving a GRPC port.", + "properties": { + "port": { + "description": "Port number of the gRPC service. Number must be in the range 1 to 65535.", + "format": "int32", + "type": "integer" + }, + "service": { + "description": "Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). \n If this is not specified, the default behavior is defined by gRPC.", + "type": "string" + } + }, + "required": [ + "port" + ], + "type": "object" + }, + "httpGet": { + "description": "HTTPGet specifies the http request to perform.", + "properties": { + "host": { + "description": "Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead.", + "type": "string" + }, + "httpHeaders": { + "description": "Custom headers to set in the request. HTTP allows repeated headers.", + "items": { + "description": "HTTPHeader describes a custom header to be used in HTTP probes", + "properties": { + "name": { + "description": "The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.", + "type": "string" + }, + "value": { + "description": "The header field value", + "type": "string" + } + }, + "required": [ + "name", + "value" + ], + "type": "object" + }, + "type": "array" + }, + "path": { + "description": "Path to access on the HTTP server.", + "type": "string" + }, + "port": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "description": "Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.", + "x-kubernetes-int-or-string": true + }, + "scheme": { + "description": "Scheme to use for connecting to the host. Defaults to HTTP.", + "type": "string" + } + }, + "required": [ + "port" + ], + "type": "object" + }, + "initialDelaySeconds": { + "description": "Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes", + "format": "int32", + "type": "integer" + }, + "periodSeconds": { + "description": "How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1.", + "format": "int32", + "type": "integer" + }, + "successThreshold": { + "description": "Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1.", + "format": "int32", + "type": "integer" + }, + "tcpSocket": { + "description": "TCPSocket specifies an action involving a TCP port.", + "properties": { + "host": { + "description": "Optional: Host name to connect to, defaults to the pod IP.", + "type": "string" + }, + "port": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "description": "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.", + "x-kubernetes-int-or-string": true + } + }, + "required": [ + "port" + ], + "type": "object" + }, + "terminationGracePeriodSeconds": { + "description": "Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset.", + "format": "int64", + "type": "integer" + }, + "timeoutSeconds": { + "description": "Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes", + "format": "int32", + "type": "integer" + } + }, + "type": "object" + }, + "name": { + "description": "Name of the ephemeral container specified as a DNS_LABEL. This name must be unique among all containers, init containers and ephemeral containers.", + "type": "string" + }, + "ports": { + "description": "Ports are not allowed for ephemeral containers.", + "items": { + "description": "ContainerPort represents a network port in a single container.", + "properties": { + "containerPort": { + "description": "Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536.", + "format": "int32", + "type": "integer" + }, + "hostIP": { + "description": "What host IP to bind the external port to.", + "type": "string" + }, + "hostPort": { + "description": "Number of port to expose on the host. If specified, this must be a valid port number, 0 < x < 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this.", + "format": "int32", + "type": "integer" + }, + "name": { + "description": "If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services.", + "type": "string" + }, + "protocol": { + "default": "TCP", + "description": "Protocol for port. Must be UDP, TCP, or SCTP. Defaults to \"TCP\".", + "type": "string" + } + }, + "required": [ + "containerPort" + ], + "type": "object" + }, + "type": "array", + "x-kubernetes-list-map-keys": [ + "containerPort", + "protocol" + ], + "x-kubernetes-list-type": "map" + }, + "readinessProbe": { + "description": "Probes are not allowed for ephemeral containers.", + "properties": { + "exec": { + "description": "Exec specifies the action to take.", + "properties": { + "command": { + "description": "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + }, + "failureThreshold": { + "description": "Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.", + "format": "int32", + "type": "integer" + }, + "grpc": { + "description": "GRPC specifies an action involving a GRPC port.", + "properties": { + "port": { + "description": "Port number of the gRPC service. Number must be in the range 1 to 65535.", + "format": "int32", + "type": "integer" + }, + "service": { + "description": "Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). \n If this is not specified, the default behavior is defined by gRPC.", + "type": "string" + } + }, + "required": [ + "port" + ], + "type": "object" + }, + "httpGet": { + "description": "HTTPGet specifies the http request to perform.", + "properties": { + "host": { + "description": "Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead.", + "type": "string" + }, + "httpHeaders": { + "description": "Custom headers to set in the request. HTTP allows repeated headers.", + "items": { + "description": "HTTPHeader describes a custom header to be used in HTTP probes", + "properties": { + "name": { + "description": "The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.", + "type": "string" + }, + "value": { + "description": "The header field value", + "type": "string" + } + }, + "required": [ + "name", + "value" + ], + "type": "object" + }, + "type": "array" + }, + "path": { + "description": "Path to access on the HTTP server.", + "type": "string" + }, + "port": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "description": "Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.", + "x-kubernetes-int-or-string": true + }, + "scheme": { + "description": "Scheme to use for connecting to the host. Defaults to HTTP.", + "type": "string" + } + }, + "required": [ + "port" + ], + "type": "object" + }, + "initialDelaySeconds": { + "description": "Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes", + "format": "int32", + "type": "integer" + }, + "periodSeconds": { + "description": "How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1.", + "format": "int32", + "type": "integer" + }, + "successThreshold": { + "description": "Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1.", + "format": "int32", + "type": "integer" + }, + "tcpSocket": { + "description": "TCPSocket specifies an action involving a TCP port.", + "properties": { + "host": { + "description": "Optional: Host name to connect to, defaults to the pod IP.", + "type": "string" + }, + "port": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "description": "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.", + "x-kubernetes-int-or-string": true + } + }, + "required": [ + "port" + ], + "type": "object" + }, + "terminationGracePeriodSeconds": { + "description": "Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset.", + "format": "int64", + "type": "integer" + }, + "timeoutSeconds": { + "description": "Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes", + "format": "int32", + "type": "integer" + } + }, + "type": "object" + }, + "resizePolicy": { + "description": "Resources resize policy for the container.", + "items": { + "description": "ContainerResizePolicy represents resource resize policy for the container.", + "properties": { + "resourceName": { + "description": "Name of the resource to which this resource resize policy applies. Supported values: cpu, memory.", + "type": "string" + }, + "restartPolicy": { + "description": "Restart policy to apply when specified resource is resized. If not specified, it defaults to NotRequired.", + "type": "string" + } + }, + "required": [ + "resourceName", + "restartPolicy" + ], + "type": "object" + }, + "type": "array", + "x-kubernetes-list-type": "atomic" + }, + "resources": { + "description": "Resources are not allowed for ephemeral containers. Ephemeral containers use spare resources already allocated to the pod.", + "properties": { + "claims": { + "description": "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers.", + "items": { + "description": "ResourceClaim references one entry in PodSpec.ResourceClaims.", + "properties": { + "name": { + "description": "Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container.", + "type": "string" + } + }, + "required": [ + "name" + ], + "type": "object" + }, + "type": "array", + "x-kubernetes-list-map-keys": [ + "name" + ], + "x-kubernetes-list-type": "map" + }, + "limits": { + "additionalProperties": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "description": "Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/", + "type": "object" + }, + "requests": { + "additionalProperties": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "description": "Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/", + "type": "object" + } + }, + "type": "object" + }, + "restartPolicy": { + "description": "Restart policy for the container to manage the restart behavior of each container within a pod. This may only be set for init containers. You cannot set this field on ephemeral containers.", + "type": "string" + }, + "securityContext": { + "description": "Optional: SecurityContext defines the security options the ephemeral container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext.", + "properties": { + "allowPrivilegeEscalation": { + "description": "AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN Note that this field cannot be set when spec.os.name is windows.", + "type": "boolean" + }, + "capabilities": { + "description": "The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. Note that this field cannot be set when spec.os.name is windows.", + "properties": { + "add": { + "description": "Added capabilities", + "items": { + "description": "Capability represent POSIX capabilities type", + "type": "string" + }, + "type": "array" + }, + "drop": { + "description": "Removed capabilities", + "items": { + "description": "Capability represent POSIX capabilities type", + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + }, + "privileged": { + "description": "Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. Note that this field cannot be set when spec.os.name is windows.", + "type": "boolean" + }, + "procMount": { + "description": "procMount denotes the type of proc mount to use for the containers. The default is DefaultProcMount which uses the container runtime defaults for readonly paths and masked paths. This requires the ProcMountType feature flag to be enabled. Note that this field cannot be set when spec.os.name is windows.", + "type": "string" + }, + "readOnlyRootFilesystem": { + "description": "Whether this container has a read-only root filesystem. Default is false. Note that this field cannot be set when spec.os.name is windows.", + "type": "boolean" + }, + "runAsGroup": { + "description": "The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows.", + "format": "int64", + "type": "integer" + }, + "runAsNonRoot": { + "description": "Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.", + "type": "boolean" + }, + "runAsUser": { + "description": "The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows.", + "format": "int64", + "type": "integer" + }, + "seLinuxOptions": { + "description": "The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows.", + "properties": { + "level": { + "description": "Level is SELinux level label that applies to the container.", + "type": "string" + }, + "role": { + "description": "Role is a SELinux role label that applies to the container.", + "type": "string" + }, + "type": { + "description": "Type is a SELinux type label that applies to the container.", + "type": "string" + }, + "user": { + "description": "User is a SELinux user label that applies to the container.", + "type": "string" + } + }, + "type": "object" + }, + "seccompProfile": { + "description": "The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows.", + "properties": { + "localhostProfile": { + "description": "localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must be set if type is \"Localhost\". Must NOT be set for any other type.", + "type": "string" + }, + "type": { + "description": "type indicates which kind of seccomp profile will be applied. Valid options are: \n Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied.", + "type": "string" + } + }, + "required": [ + "type" + ], + "type": "object" + }, + "windowsOptions": { + "description": "The Windows specific settings applied to all containers. If unspecified, the options from the PodSecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is linux.", + "properties": { + "gmsaCredentialSpec": { + "description": "GMSACredentialSpec is where the GMSA admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the GMSA credential spec named by the GMSACredentialSpecName field.", + "type": "string" + }, + "gmsaCredentialSpecName": { + "description": "GMSACredentialSpecName is the name of the GMSA credential spec to use.", + "type": "string" + }, + "hostProcess": { + "description": "HostProcess determines if a container should be run as a 'Host Process' container. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.", + "type": "boolean" + }, + "runAsUserName": { + "description": "The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.", + "type": "string" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "startupProbe": { + "description": "Probes are not allowed for ephemeral containers.", + "properties": { + "exec": { + "description": "Exec specifies the action to take.", + "properties": { + "command": { + "description": "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + }, + "failureThreshold": { + "description": "Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.", + "format": "int32", + "type": "integer" + }, + "grpc": { + "description": "GRPC specifies an action involving a GRPC port.", + "properties": { + "port": { + "description": "Port number of the gRPC service. Number must be in the range 1 to 65535.", + "format": "int32", + "type": "integer" + }, + "service": { + "description": "Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). \n If this is not specified, the default behavior is defined by gRPC.", + "type": "string" + } + }, + "required": [ + "port" + ], + "type": "object" + }, + "httpGet": { + "description": "HTTPGet specifies the http request to perform.", + "properties": { + "host": { + "description": "Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead.", + "type": "string" + }, + "httpHeaders": { + "description": "Custom headers to set in the request. HTTP allows repeated headers.", + "items": { + "description": "HTTPHeader describes a custom header to be used in HTTP probes", + "properties": { + "name": { + "description": "The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.", + "type": "string" + }, + "value": { + "description": "The header field value", + "type": "string" + } + }, + "required": [ + "name", + "value" + ], + "type": "object" + }, + "type": "array" + }, + "path": { + "description": "Path to access on the HTTP server.", + "type": "string" + }, + "port": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "description": "Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.", + "x-kubernetes-int-or-string": true + }, + "scheme": { + "description": "Scheme to use for connecting to the host. Defaults to HTTP.", + "type": "string" + } + }, + "required": [ + "port" + ], + "type": "object" + }, + "initialDelaySeconds": { + "description": "Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes", + "format": "int32", + "type": "integer" + }, + "periodSeconds": { + "description": "How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1.", + "format": "int32", + "type": "integer" + }, + "successThreshold": { + "description": "Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1.", + "format": "int32", + "type": "integer" + }, + "tcpSocket": { + "description": "TCPSocket specifies an action involving a TCP port.", + "properties": { + "host": { + "description": "Optional: Host name to connect to, defaults to the pod IP.", + "type": "string" + }, + "port": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "description": "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.", + "x-kubernetes-int-or-string": true + } + }, + "required": [ + "port" + ], + "type": "object" + }, + "terminationGracePeriodSeconds": { + "description": "Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset.", + "format": "int64", + "type": "integer" + }, + "timeoutSeconds": { + "description": "Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes", + "format": "int32", + "type": "integer" + } + }, + "type": "object" + }, + "stdin": { + "description": "Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false.", + "type": "boolean" + }, + "stdinOnce": { + "description": "Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false", + "type": "boolean" + }, + "targetContainerName": { + "description": "If set, the name of the container from PodSpec that this ephemeral container targets. The ephemeral container will be run in the namespaces (IPC, PID, etc) of this container. If not set then the ephemeral container uses the namespaces configured in the Pod spec. \n The container runtime must implement support for this feature. If the runtime does not support namespace targeting then the result of setting this field is undefined.", + "type": "string" + }, + "terminationMessagePath": { + "description": "Optional: Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated.", + "type": "string" + }, + "terminationMessagePolicy": { + "description": "Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated.", + "type": "string" + }, + "tty": { + "description": "Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. Default is false.", + "type": "boolean" + }, + "volumeDevices": { + "description": "volumeDevices is the list of block devices to be used by the container.", + "items": { + "description": "volumeDevice describes a mapping of a raw block device within a container.", + "properties": { + "devicePath": { + "description": "devicePath is the path inside of the container that the device will be mapped to.", + "type": "string" + }, + "name": { + "description": "name must match the name of a persistentVolumeClaim in the pod", + "type": "string" + } + }, + "required": [ + "devicePath", + "name" + ], + "type": "object" + }, + "type": "array" + }, + "volumeMounts": { + "description": "Pod volumes to mount into the container's filesystem. Subpath mounts are not allowed for ephemeral containers. Cannot be updated.", + "items": { + "description": "VolumeMount describes a mounting of a Volume within a container.", + "properties": { + "mountPath": { + "description": "Path within the container at which the volume should be mounted. Must not contain ':'.", + "type": "string" + }, + "mountPropagation": { + "description": "mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationNone is used. This field is beta in 1.10.", + "type": "string" + }, + "name": { + "description": "This must match the Name of a Volume.", + "type": "string" + }, + "readOnly": { + "description": "Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false.", + "type": "boolean" + }, + "subPath": { + "description": "Path within the volume from which the container's volume should be mounted. Defaults to \"\" (volume's root).", + "type": "string" + }, + "subPathExpr": { + "description": "Expanded path within the volume from which the container's volume should be mounted. Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. Defaults to \"\" (volume's root). SubPathExpr and SubPath are mutually exclusive.", + "type": "string" + } + }, + "required": [ + "mountPath", + "name" + ], + "type": "object" + }, + "type": "array" + }, + "workingDir": { + "description": "Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated.", + "type": "string" + } + }, + "required": [ + "name" + ], + "type": "object" + }, + "type": "array" + }, + "hostAliases": { + "description": "HostAliases is an optional list of hosts and IPs that will be injected into the pod's hosts file if specified. This is only valid for non-hostNetwork pods.", + "items": { + "description": "HostAlias holds the mapping between IP and hostnames that will be injected as an entry in the pod's hosts file.", + "properties": { + "hostnames": { + "description": "Hostnames for the above IP address.", + "items": { + "type": "string" + }, + "type": "array" + }, + "ip": { + "description": "IP address of the host file entry.", + "type": "string" + } + }, + "type": "object" + }, + "type": "array" + }, + "hostIPC": { + "description": "Use the host's ipc namespace. Optional: Default to false.", + "type": "boolean" + }, + "hostNetwork": { + "description": "Host networking requested for this pod. Use the host's network namespace. If this option is set, the ports that will be used must be specified. Default to false.", + "type": "boolean" + }, + "hostPID": { + "description": "Use the host's pid namespace. Optional: Default to false.", + "type": "boolean" + }, + "hostUsers": { + "description": "Use the host's user namespace. Optional: Default to true. If set to true or not present, the pod will be run in the host user namespace, useful for when the pod needs a feature only available to the host user namespace, such as loading a kernel module with CAP_SYS_MODULE. When set to false, a new userns is created for the pod. Setting false is useful for mitigating container breakout vulnerabilities even allowing users to run their containers as root without actually having root privileges on the host. This field is alpha-level and is only honored by servers that enable the UserNamespacesSupport feature.", + "type": "boolean" + }, + "hostname": { + "description": "Specifies the hostname of the Pod If not specified, the pod's hostname will be set to a system-defined value.", + "type": "string" + }, + "imagePullSecrets": { + "description": "ImagePullSecrets is an optional list of references to secrets in the same namespace to use for pulling any of the images used by this PodSpec. If specified, these secrets will be passed to individual puller implementations for them to use. More info: https://kubernetes.io/docs/concepts/containers/images#specifying-imagepullsecrets-on-a-pod", + "items": { + "description": "LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace.", + "properties": { + "name": { + "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?", + "type": "string" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "type": "array" + }, + "initContainers": { + "items": { + "description": "A single application container that you want to run within a pod.", + "properties": { + "args": { + "description": "Arguments to the entrypoint. The container image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell", + "items": { + "type": "string" + }, + "type": "array" + }, + "command": { + "description": "Entrypoint array. Not executed within a shell. The container image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell", + "items": { + "type": "string" + }, + "type": "array" + }, + "env": { + "description": "List of environment variables to set in the container. Cannot be updated.", + "items": { + "description": "EnvVar represents an environment variable present in a Container.", + "properties": { + "name": { + "description": "Name of the environment variable. Must be a C_IDENTIFIER.", + "type": "string" + }, + "value": { + "description": "Variable references $(VAR_NAME) are expanded using the previously defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to \"\".", + "type": "string" + }, + "valueFrom": { + "description": "Source for the environment variable's value. Cannot be used if value is not empty.", + "properties": { + "configMapKeyRef": { + "description": "Selects a key of a ConfigMap.", + "properties": { + "key": { + "description": "The key to select.", + "type": "string" + }, + "name": { + "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?", + "type": "string" + }, + "optional": { + "description": "Specify whether the ConfigMap or its key must be defined", + "type": "boolean" + } + }, + "required": [ + "key" + ], + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "fieldRef": { + "description": "Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs.", + "properties": { + "apiVersion": { + "description": "Version of the schema the FieldPath is written in terms of, defaults to \"v1\".", + "type": "string" + }, + "fieldPath": { + "description": "Path of the field to select in the specified API version.", + "type": "string" + } + }, + "required": [ + "fieldPath" + ], + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "resourceFieldRef": { + "description": "Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported.", + "properties": { + "containerName": { + "description": "Container name: required for volumes, optional for env vars", + "type": "string" + }, + "divisor": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "description": "Specifies the output format of the exposed resources, defaults to \"1\"", + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "resource": { + "description": "Required: resource to select", + "type": "string" + } + }, + "required": [ + "resource" + ], + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "secretKeyRef": { + "description": "Selects a key of a secret in the pod's namespace", + "properties": { + "key": { + "description": "The key of the secret to select from. Must be a valid secret key.", + "type": "string" + }, + "name": { + "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?", + "type": "string" + }, + "optional": { + "description": "Specify whether the Secret or its key must be defined", + "type": "boolean" + } + }, + "required": [ + "key" + ], + "type": "object", + "x-kubernetes-map-type": "atomic" + } + }, + "type": "object" + } + }, + "required": [ + "name" + ], + "type": "object" + }, + "type": "array" + }, + "envFrom": { + "description": "List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated.", + "items": { + "description": "EnvFromSource represents the source of a set of ConfigMaps", + "properties": { + "configMapRef": { + "description": "The ConfigMap to select from", + "properties": { + "name": { + "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?", + "type": "string" + }, + "optional": { + "description": "Specify whether the ConfigMap must be defined", + "type": "boolean" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "prefix": { + "description": "An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER.", + "type": "string" + }, + "secretRef": { + "description": "The Secret to select from", + "properties": { + "name": { + "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?", + "type": "string" + }, + "optional": { + "description": "Specify whether the Secret must be defined", + "type": "boolean" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + } + }, + "type": "object" + }, + "type": "array" + }, + "image": { + "description": "Container image name. More info: https://kubernetes.io/docs/concepts/containers/images This field is optional to allow higher level config management to default or override container images in workload controllers like Deployments and StatefulSets.", + "type": "string" + }, + "imagePullPolicy": { + "description": "Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images", + "type": "string" + }, + "lifecycle": { + "description": "Actions that the management system should take in response to container lifecycle events. Cannot be updated.", + "properties": { + "postStart": { + "description": "PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks", + "properties": { + "exec": { + "description": "Exec specifies the action to take.", + "properties": { + "command": { + "description": "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + }, + "httpGet": { + "description": "HTTPGet specifies the http request to perform.", + "properties": { + "host": { + "description": "Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead.", + "type": "string" + }, + "httpHeaders": { + "description": "Custom headers to set in the request. HTTP allows repeated headers.", + "items": { + "description": "HTTPHeader describes a custom header to be used in HTTP probes", + "properties": { + "name": { + "description": "The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.", + "type": "string" + }, + "value": { + "description": "The header field value", + "type": "string" + } + }, + "required": [ + "name", + "value" + ], + "type": "object" + }, + "type": "array" + }, + "path": { + "description": "Path to access on the HTTP server.", + "type": "string" + }, + "port": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "description": "Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.", + "x-kubernetes-int-or-string": true + }, + "scheme": { + "description": "Scheme to use for connecting to the host. Defaults to HTTP.", + "type": "string" + } + }, + "required": [ + "port" + ], + "type": "object" + }, + "sleep": { + "description": "Sleep represents the duration that the container should sleep before being terminated.", + "properties": { + "seconds": { + "description": "Seconds is the number of seconds to sleep.", + "format": "int64", + "type": "integer" + } + }, + "required": [ + "seconds" + ], + "type": "object" + }, + "tcpSocket": { + "description": "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified.", + "properties": { + "host": { + "description": "Optional: Host name to connect to, defaults to the pod IP.", + "type": "string" + }, + "port": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "description": "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.", + "x-kubernetes-int-or-string": true + } + }, + "required": [ + "port" + ], + "type": "object" + } + }, + "type": "object" + }, + "preStop": { + "description": "PreStop is called immediately before a container is terminated due to an API request or management event such as liveness/startup probe failure, preemption, resource contention, etc. The handler is not called if the container crashes or exits. The Pod's termination grace period countdown begins before the PreStop hook is executed. Regardless of the outcome of the handler, the container will eventually terminate within the Pod's termination grace period (unless delayed by finalizers). Other management of the container blocks until the hook completes or until the termination grace period is reached. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks", + "properties": { + "exec": { + "description": "Exec specifies the action to take.", + "properties": { + "command": { + "description": "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + }, + "httpGet": { + "description": "HTTPGet specifies the http request to perform.", + "properties": { + "host": { + "description": "Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead.", + "type": "string" + }, + "httpHeaders": { + "description": "Custom headers to set in the request. HTTP allows repeated headers.", + "items": { + "description": "HTTPHeader describes a custom header to be used in HTTP probes", + "properties": { + "name": { + "description": "The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.", + "type": "string" + }, + "value": { + "description": "The header field value", + "type": "string" + } + }, + "required": [ + "name", + "value" + ], + "type": "object" + }, + "type": "array" + }, + "path": { + "description": "Path to access on the HTTP server.", + "type": "string" + }, + "port": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "description": "Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.", + "x-kubernetes-int-or-string": true + }, + "scheme": { + "description": "Scheme to use for connecting to the host. Defaults to HTTP.", + "type": "string" + } + }, + "required": [ + "port" + ], + "type": "object" + }, + "sleep": { + "description": "Sleep represents the duration that the container should sleep before being terminated.", + "properties": { + "seconds": { + "description": "Seconds is the number of seconds to sleep.", + "format": "int64", + "type": "integer" + } + }, + "required": [ + "seconds" + ], + "type": "object" + }, + "tcpSocket": { + "description": "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified.", + "properties": { + "host": { + "description": "Optional: Host name to connect to, defaults to the pod IP.", + "type": "string" + }, + "port": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "description": "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.", + "x-kubernetes-int-or-string": true + } + }, + "required": [ + "port" + ], + "type": "object" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "livenessProbe": { + "description": "Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes", + "properties": { + "exec": { + "description": "Exec specifies the action to take.", + "properties": { + "command": { + "description": "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + }, + "failureThreshold": { + "description": "Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.", + "format": "int32", + "type": "integer" + }, + "grpc": { + "description": "GRPC specifies an action involving a GRPC port.", + "properties": { + "port": { + "description": "Port number of the gRPC service. Number must be in the range 1 to 65535.", + "format": "int32", + "type": "integer" + }, + "service": { + "description": "Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). \n If this is not specified, the default behavior is defined by gRPC.", + "type": "string" + } + }, + "required": [ + "port" + ], + "type": "object" + }, + "httpGet": { + "description": "HTTPGet specifies the http request to perform.", + "properties": { + "host": { + "description": "Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead.", + "type": "string" + }, + "httpHeaders": { + "description": "Custom headers to set in the request. HTTP allows repeated headers.", + "items": { + "description": "HTTPHeader describes a custom header to be used in HTTP probes", + "properties": { + "name": { + "description": "The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.", + "type": "string" + }, + "value": { + "description": "The header field value", + "type": "string" + } + }, + "required": [ + "name", + "value" + ], + "type": "object" + }, + "type": "array" + }, + "path": { + "description": "Path to access on the HTTP server.", + "type": "string" + }, + "port": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "description": "Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.", + "x-kubernetes-int-or-string": true + }, + "scheme": { + "description": "Scheme to use for connecting to the host. Defaults to HTTP.", + "type": "string" + } + }, + "required": [ + "port" + ], + "type": "object" + }, + "initialDelaySeconds": { + "description": "Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes", + "format": "int32", + "type": "integer" + }, + "periodSeconds": { + "description": "How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1.", + "format": "int32", + "type": "integer" + }, + "successThreshold": { + "description": "Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1.", + "format": "int32", + "type": "integer" + }, + "tcpSocket": { + "description": "TCPSocket specifies an action involving a TCP port.", + "properties": { + "host": { + "description": "Optional: Host name to connect to, defaults to the pod IP.", + "type": "string" + }, + "port": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "description": "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.", + "x-kubernetes-int-or-string": true + } + }, + "required": [ + "port" + ], + "type": "object" + }, + "terminationGracePeriodSeconds": { + "description": "Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset.", + "format": "int64", + "type": "integer" + }, + "timeoutSeconds": { + "description": "Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes", + "format": "int32", + "type": "integer" + } + }, + "type": "object" + }, + "name": { + "description": "Name of the container specified as a DNS_LABEL. Each container in a pod must have a unique name (DNS_LABEL). Cannot be updated.", + "type": "string" + }, + "ports": { + "description": "List of ports to expose from the container. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default \"0.0.0.0\" address inside a container will be accessible from the network. Modifying this array with strategic merge patch may corrupt the data. For more information See https://github.com/kubernetes/kubernetes/issues/108255. Cannot be updated.", + "items": { + "description": "ContainerPort represents a network port in a single container.", + "properties": { + "containerPort": { + "description": "Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536.", + "format": "int32", + "type": "integer" + }, + "hostIP": { + "description": "What host IP to bind the external port to.", + "type": "string" + }, + "hostPort": { + "description": "Number of port to expose on the host. If specified, this must be a valid port number, 0 < x < 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this.", + "format": "int32", + "type": "integer" + }, + "name": { + "description": "If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services.", + "type": "string" + }, + "protocol": { + "default": "TCP", + "description": "Protocol for port. Must be UDP, TCP, or SCTP. Defaults to \"TCP\".", + "type": "string" + } + }, + "required": [ + "containerPort" + ], + "type": "object" + }, + "type": "array", + "x-kubernetes-list-map-keys": [ + "containerPort", + "protocol" + ], + "x-kubernetes-list-type": "map" + }, + "readinessProbe": { + "description": "Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes", + "properties": { + "exec": { + "description": "Exec specifies the action to take.", + "properties": { + "command": { + "description": "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + }, + "failureThreshold": { + "description": "Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.", + "format": "int32", + "type": "integer" + }, + "grpc": { + "description": "GRPC specifies an action involving a GRPC port.", + "properties": { + "port": { + "description": "Port number of the gRPC service. Number must be in the range 1 to 65535.", + "format": "int32", + "type": "integer" + }, + "service": { + "description": "Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). \n If this is not specified, the default behavior is defined by gRPC.", + "type": "string" + } + }, + "required": [ + "port" + ], + "type": "object" + }, + "httpGet": { + "description": "HTTPGet specifies the http request to perform.", + "properties": { + "host": { + "description": "Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead.", + "type": "string" + }, + "httpHeaders": { + "description": "Custom headers to set in the request. HTTP allows repeated headers.", + "items": { + "description": "HTTPHeader describes a custom header to be used in HTTP probes", + "properties": { + "name": { + "description": "The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.", + "type": "string" + }, + "value": { + "description": "The header field value", + "type": "string" + } + }, + "required": [ + "name", + "value" + ], + "type": "object" + }, + "type": "array" + }, + "path": { + "description": "Path to access on the HTTP server.", + "type": "string" + }, + "port": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "description": "Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.", + "x-kubernetes-int-or-string": true + }, + "scheme": { + "description": "Scheme to use for connecting to the host. Defaults to HTTP.", + "type": "string" + } + }, + "required": [ + "port" + ], + "type": "object" + }, + "initialDelaySeconds": { + "description": "Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes", + "format": "int32", + "type": "integer" + }, + "periodSeconds": { + "description": "How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1.", + "format": "int32", + "type": "integer" + }, + "successThreshold": { + "description": "Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1.", + "format": "int32", + "type": "integer" + }, + "tcpSocket": { + "description": "TCPSocket specifies an action involving a TCP port.", + "properties": { + "host": { + "description": "Optional: Host name to connect to, defaults to the pod IP.", + "type": "string" + }, + "port": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "description": "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.", + "x-kubernetes-int-or-string": true + } + }, + "required": [ + "port" + ], + "type": "object" + }, + "terminationGracePeriodSeconds": { + "description": "Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset.", + "format": "int64", + "type": "integer" + }, + "timeoutSeconds": { + "description": "Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes", + "format": "int32", + "type": "integer" + } + }, + "type": "object" + }, + "resizePolicy": { + "description": "Resources resize policy for the container.", + "items": { + "description": "ContainerResizePolicy represents resource resize policy for the container.", + "properties": { + "resourceName": { + "description": "Name of the resource to which this resource resize policy applies. Supported values: cpu, memory.", + "type": "string" + }, + "restartPolicy": { + "description": "Restart policy to apply when specified resource is resized. If not specified, it defaults to NotRequired.", + "type": "string" + } + }, + "required": [ + "resourceName", + "restartPolicy" + ], + "type": "object" + }, + "type": "array", + "x-kubernetes-list-type": "atomic" + }, + "resources": { + "description": "Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/", + "properties": { + "claims": { + "description": "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers.", + "items": { + "description": "ResourceClaim references one entry in PodSpec.ResourceClaims.", + "properties": { + "name": { + "description": "Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container.", + "type": "string" + } + }, + "required": [ + "name" + ], + "type": "object" + }, + "type": "array", + "x-kubernetes-list-map-keys": [ + "name" + ], + "x-kubernetes-list-type": "map" + }, + "limits": { + "additionalProperties": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "description": "Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/", + "type": "object" + }, + "requests": { + "additionalProperties": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "description": "Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/", + "type": "object" + } + }, + "type": "object" + }, + "restartPolicy": { + "description": "RestartPolicy defines the restart behavior of individual containers in a pod. This field may only be set for init containers, and the only allowed value is \"Always\". For non-init containers or when this field is not specified, the restart behavior is defined by the Pod's restart policy and the container type. Setting the RestartPolicy as \"Always\" for the init container will have the following effect: this init container will be continually restarted on exit until all regular containers have terminated. Once all regular containers have completed, all init containers with restartPolicy \"Always\" will be shut down. This lifecycle differs from normal init containers and is often referred to as a \"sidecar\" container. Although this init container still starts in the init container sequence, it does not wait for the container to complete before proceeding to the next init container. Instead, the next init container starts immediately after this init container is started, or after any startupProbe has successfully completed.", + "type": "string" + }, + "securityContext": { + "description": "SecurityContext defines the security options the container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/", + "properties": { + "allowPrivilegeEscalation": { + "description": "AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN Note that this field cannot be set when spec.os.name is windows.", + "type": "boolean" + }, + "capabilities": { + "description": "The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. Note that this field cannot be set when spec.os.name is windows.", + "properties": { + "add": { + "description": "Added capabilities", + "items": { + "description": "Capability represent POSIX capabilities type", + "type": "string" + }, + "type": "array" + }, + "drop": { + "description": "Removed capabilities", + "items": { + "description": "Capability represent POSIX capabilities type", + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + }, + "privileged": { + "description": "Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. Note that this field cannot be set when spec.os.name is windows.", + "type": "boolean" + }, + "procMount": { + "description": "procMount denotes the type of proc mount to use for the containers. The default is DefaultProcMount which uses the container runtime defaults for readonly paths and masked paths. This requires the ProcMountType feature flag to be enabled. Note that this field cannot be set when spec.os.name is windows.", + "type": "string" + }, + "readOnlyRootFilesystem": { + "description": "Whether this container has a read-only root filesystem. Default is false. Note that this field cannot be set when spec.os.name is windows.", + "type": "boolean" + }, + "runAsGroup": { + "description": "The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows.", + "format": "int64", + "type": "integer" + }, + "runAsNonRoot": { + "description": "Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.", + "type": "boolean" + }, + "runAsUser": { + "description": "The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows.", + "format": "int64", + "type": "integer" + }, + "seLinuxOptions": { + "description": "The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows.", + "properties": { + "level": { + "description": "Level is SELinux level label that applies to the container.", + "type": "string" + }, + "role": { + "description": "Role is a SELinux role label that applies to the container.", + "type": "string" + }, + "type": { + "description": "Type is a SELinux type label that applies to the container.", + "type": "string" + }, + "user": { + "description": "User is a SELinux user label that applies to the container.", + "type": "string" + } + }, + "type": "object" + }, + "seccompProfile": { + "description": "The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows.", + "properties": { + "localhostProfile": { + "description": "localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must be set if type is \"Localhost\". Must NOT be set for any other type.", + "type": "string" + }, + "type": { + "description": "type indicates which kind of seccomp profile will be applied. Valid options are: \n Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied.", + "type": "string" + } + }, + "required": [ + "type" + ], + "type": "object" + }, + "windowsOptions": { + "description": "The Windows specific settings applied to all containers. If unspecified, the options from the PodSecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is linux.", + "properties": { + "gmsaCredentialSpec": { + "description": "GMSACredentialSpec is where the GMSA admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the GMSA credential spec named by the GMSACredentialSpecName field.", + "type": "string" + }, + "gmsaCredentialSpecName": { + "description": "GMSACredentialSpecName is the name of the GMSA credential spec to use.", + "type": "string" + }, + "hostProcess": { + "description": "HostProcess determines if a container should be run as a 'Host Process' container. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.", + "type": "boolean" + }, + "runAsUserName": { + "description": "The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.", + "type": "string" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "startupProbe": { + "description": "StartupProbe indicates that the Pod has successfully initialized. If specified, no other probes are executed until this completes successfully. If this probe fails, the Pod will be restarted, just as if the livenessProbe failed. This can be used to provide different probe parameters at the beginning of a Pod's lifecycle, when it might take a long time to load data or warm a cache, than during steady-state operation. This cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes", + "properties": { + "exec": { + "description": "Exec specifies the action to take.", + "properties": { + "command": { + "description": "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + }, + "failureThreshold": { + "description": "Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.", + "format": "int32", + "type": "integer" + }, + "grpc": { + "description": "GRPC specifies an action involving a GRPC port.", + "properties": { + "port": { + "description": "Port number of the gRPC service. Number must be in the range 1 to 65535.", + "format": "int32", + "type": "integer" + }, + "service": { + "description": "Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). \n If this is not specified, the default behavior is defined by gRPC.", + "type": "string" + } + }, + "required": [ + "port" + ], + "type": "object" + }, + "httpGet": { + "description": "HTTPGet specifies the http request to perform.", + "properties": { + "host": { + "description": "Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead.", + "type": "string" + }, + "httpHeaders": { + "description": "Custom headers to set in the request. HTTP allows repeated headers.", + "items": { + "description": "HTTPHeader describes a custom header to be used in HTTP probes", + "properties": { + "name": { + "description": "The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.", + "type": "string" + }, + "value": { + "description": "The header field value", + "type": "string" + } + }, + "required": [ + "name", + "value" + ], + "type": "object" + }, + "type": "array" + }, + "path": { + "description": "Path to access on the HTTP server.", + "type": "string" + }, + "port": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "description": "Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.", + "x-kubernetes-int-or-string": true + }, + "scheme": { + "description": "Scheme to use for connecting to the host. Defaults to HTTP.", + "type": "string" + } + }, + "required": [ + "port" + ], + "type": "object" + }, + "initialDelaySeconds": { + "description": "Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes", + "format": "int32", + "type": "integer" + }, + "periodSeconds": { + "description": "How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1.", + "format": "int32", + "type": "integer" + }, + "successThreshold": { + "description": "Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1.", + "format": "int32", + "type": "integer" + }, + "tcpSocket": { + "description": "TCPSocket specifies an action involving a TCP port.", + "properties": { + "host": { + "description": "Optional: Host name to connect to, defaults to the pod IP.", + "type": "string" + }, + "port": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "description": "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.", + "x-kubernetes-int-or-string": true + } + }, + "required": [ + "port" + ], + "type": "object" + }, + "terminationGracePeriodSeconds": { + "description": "Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset.", + "format": "int64", + "type": "integer" + }, + "timeoutSeconds": { + "description": "Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes", + "format": "int32", + "type": "integer" + } + }, + "type": "object" + }, + "stdin": { + "description": "Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false.", + "type": "boolean" + }, + "stdinOnce": { + "description": "Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false", + "type": "boolean" + }, + "terminationMessagePath": { + "description": "Optional: Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated.", + "type": "string" + }, + "terminationMessagePolicy": { + "description": "Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated.", + "type": "string" + }, + "tty": { + "description": "Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. Default is false.", + "type": "boolean" + }, + "volumeDevices": { + "description": "volumeDevices is the list of block devices to be used by the container.", + "items": { + "description": "volumeDevice describes a mapping of a raw block device within a container.", + "properties": { + "devicePath": { + "description": "devicePath is the path inside of the container that the device will be mapped to.", + "type": "string" + }, + "name": { + "description": "name must match the name of a persistentVolumeClaim in the pod", + "type": "string" + } + }, + "required": [ + "devicePath", + "name" + ], + "type": "object" + }, + "type": "array" + }, + "volumeMounts": { + "description": "Pod volumes to mount into the container's filesystem. Cannot be updated.", + "items": { + "description": "VolumeMount describes a mounting of a Volume within a container.", + "properties": { + "mountPath": { + "description": "Path within the container at which the volume should be mounted. Must not contain ':'.", + "type": "string" + }, + "mountPropagation": { + "description": "mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationNone is used. This field is beta in 1.10.", + "type": "string" + }, + "name": { + "description": "This must match the Name of a Volume.", + "type": "string" + }, + "readOnly": { + "description": "Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false.", + "type": "boolean" + }, + "subPath": { + "description": "Path within the volume from which the container's volume should be mounted. Defaults to \"\" (volume's root).", + "type": "string" + }, + "subPathExpr": { + "description": "Expanded path within the volume from which the container's volume should be mounted. Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. Defaults to \"\" (volume's root). SubPathExpr and SubPath are mutually exclusive.", + "type": "string" + } + }, + "required": [ + "mountPath", + "name" + ], + "type": "object" + }, + "type": "array" + }, + "workingDir": { + "description": "Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated.", + "type": "string" + } + }, + "required": [ + "name" + ], + "type": "object" + }, + "type": "array" + }, + "nodeName": { + "description": "NodeName is a request to schedule this pod onto a specific node. If it is non-empty, the scheduler simply schedules this pod onto that node, assuming that it fits resource requirements.", + "type": "string" + }, + "nodeSelector": { + "additionalProperties": { + "type": "string" + }, + "description": "NodeSelector is a selector which must be true for the pod to fit on a node. Selector which must match a node's labels for the pod to be scheduled on that node. More info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/", + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "os": { + "description": "Specifies the OS of the containers in the pod. Some pod and container fields are restricted if this is set. \n If the OS field is set to linux, the following fields must be unset: -securityContext.windowsOptions \n If the OS field is set to windows, following fields must be unset: - spec.hostPID - spec.hostIPC - spec.hostUsers - spec.securityContext.seLinuxOptions - spec.securityContext.seccompProfile - spec.securityContext.fsGroup - spec.securityContext.fsGroupChangePolicy - spec.securityContext.sysctls - spec.shareProcessNamespace - spec.securityContext.runAsUser - spec.securityContext.runAsGroup - spec.securityContext.supplementalGroups - spec.containers[*].securityContext.seLinuxOptions - spec.containers[*].securityContext.seccompProfile - spec.containers[*].securityContext.capabilities - spec.containers[*].securityContext.readOnlyRootFilesystem - spec.containers[*].securityContext.privileged - spec.containers[*].securityContext.allowPrivilegeEscalation - spec.containers[*].securityContext.procMount - spec.containers[*].securityContext.runAsUser - spec.containers[*].securityContext.runAsGroup", + "properties": { + "name": { + "description": "Name is the name of the operating system. The currently supported values are linux and windows. Additional value may be defined in future and can be one of: https://github.com/opencontainers/runtime-spec/blob/master/config.md#platform-specific-configuration Clients should expect to handle additional values and treat unrecognized values in this field as os: null", + "type": "string" + } + }, + "required": [ + "name" + ], + "type": "object" + }, + "overhead": { + "additionalProperties": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "description": "Overhead represents the resource overhead associated with running a pod for a given RuntimeClass. This field will be autopopulated at admission time by the RuntimeClass admission controller. If the RuntimeClass admission controller is enabled, overhead must not be set in Pod create requests. The RuntimeClass admission controller will reject Pod create requests which have the overhead already set. If RuntimeClass is configured and selected in the PodSpec, Overhead will be set to the value defined in the corresponding RuntimeClass, otherwise it will remain unset and treated as zero. More info: https://git.k8s.io/enhancements/keps/sig-node/688-pod-overhead/README.md", + "type": "object" + }, + "preemptionPolicy": { + "description": "PreemptionPolicy is the Policy for preempting pods with lower priority. One of Never, PreemptLowerPriority. Defaults to PreemptLowerPriority if unset.", + "type": "string" + }, + "priority": { + "description": "The priority value. Various system components use this field to find the priority of the pod. When Priority Admission Controller is enabled, it prevents users from setting this field. The admission controller populates this field from PriorityClassName. The higher the value, the higher the priority.", + "format": "int32", + "type": "integer" + }, + "priorityClassName": { + "description": "If specified, indicates the pod's priority. \"system-node-critical\" and \"system-cluster-critical\" are two special keywords which indicate the highest priorities with the former being the highest priority. Any other name must be defined by creating a PriorityClass object with that name. If not specified, the pod priority will be default or zero if there is no default.", + "type": "string" + }, + "readinessGates": { + "description": "If specified, all readiness gates will be evaluated for pod readiness. A pod is ready when all its containers are ready AND all conditions specified in the readiness gates have status equal to \"True\" More info: https://git.k8s.io/enhancements/keps/sig-network/580-pod-readiness-gates", + "items": { + "description": "PodReadinessGate contains the reference to a pod condition", + "properties": { + "conditionType": { + "description": "ConditionType refers to a condition in the pod's condition list with matching type.", + "type": "string" + } + }, + "required": [ + "conditionType" + ], + "type": "object" + }, + "type": "array" + }, + "restartPolicy": { + "description": "RestartPolicy describes how the container should be restarted. Only one of the following restart policies may be specified. If none of the following policies is specified, the default one is RestartPolicyAlways.", + "type": "string" + }, + "runtimeClassName": { + "description": "RuntimeClassName refers to a RuntimeClass object in the node.k8s.io group, which should be used to run this pod. If no RuntimeClass resource matches the named class, the pod will not be run. If unset or empty, the \"legacy\" RuntimeClass will be used, which is an implicit class with an empty definition that uses the default runtime handler. More info: https://git.k8s.io/enhancements/keps/sig-node/585-runtime-class", + "type": "string" + }, + "schedulerName": { + "description": "If specified, the pod will be dispatched by specified scheduler. If not specified, the pod will be dispatched by default scheduler.", + "type": "string" + }, + "securityContext": { + "description": "SecurityContext holds pod-level security attributes and common container settings. Optional: Defaults to empty. See type description for default values of each field.", + "properties": { + "fsGroup": { + "description": "A special supplemental group that applies to all containers in a pod. Some volume types allow the Kubelet to change the ownership of that volume to be owned by the pod: \n 1. The owning GID will be the FSGroup 2. The setgid bit is set (new files created in the volume will be owned by FSGroup) 3. The permission bits are OR'd with rw-rw---- \n If unset, the Kubelet will not modify the ownership and permissions of any volume. Note that this field cannot be set when spec.os.name is windows.", + "format": "int64", + "type": "integer" + }, + "fsGroupChangePolicy": { + "description": "fsGroupChangePolicy defines behavior of changing ownership and permission of the volume before being exposed inside Pod. This field will only apply to volume types which support fsGroup based ownership(and permissions). It will have no effect on ephemeral volume types such as: secret, configmaps and emptydir. Valid values are \"OnRootMismatch\" and \"Always\". If not specified, \"Always\" is used. Note that this field cannot be set when spec.os.name is windows.", + "type": "string" + }, + "runAsGroup": { + "description": "The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container. Note that this field cannot be set when spec.os.name is windows.", + "format": "int64", + "type": "integer" + }, + "runAsNonRoot": { + "description": "Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.", + "type": "boolean" + }, + "runAsUser": { + "description": "The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container. Note that this field cannot be set when spec.os.name is windows.", + "format": "int64", + "type": "integer" + }, + "seLinuxOptions": { + "description": "The SELinux context to be applied to all containers. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container. Note that this field cannot be set when spec.os.name is windows.", + "properties": { + "level": { + "description": "Level is SELinux level label that applies to the container.", + "type": "string" + }, + "role": { + "description": "Role is a SELinux role label that applies to the container.", + "type": "string" + }, + "type": { + "description": "Type is a SELinux type label that applies to the container.", + "type": "string" + }, + "user": { + "description": "User is a SELinux user label that applies to the container.", + "type": "string" + } + }, + "type": "object" + }, + "seccompProfile": { + "description": "The seccomp options to use by the containers in this pod. Note that this field cannot be set when spec.os.name is windows.", + "properties": { + "localhostProfile": { + "description": "localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must be set if type is \"Localhost\". Must NOT be set for any other type.", + "type": "string" + }, + "type": { + "description": "type indicates which kind of seccomp profile will be applied. Valid options are: \n Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied.", + "type": "string" + } + }, + "required": [ + "type" + ], + "type": "object" + }, + "supplementalGroups": { + "description": "A list of groups applied to the first process run in each container, in addition to the container's primary GID, the fsGroup (if specified), and group memberships defined in the container image for the uid of the container process. If unspecified, no additional groups are added to any container. Note that group memberships defined in the container image for the uid of the container process are still effective, even if they are not included in this list. Note that this field cannot be set when spec.os.name is windows.", + "items": { + "format": "int64", + "type": "integer" + }, + "type": "array" + }, + "sysctls": { + "description": "Sysctls hold a list of namespaced sysctls used for the pod. Pods with unsupported sysctls (by the container runtime) might fail to launch. Note that this field cannot be set when spec.os.name is windows.", + "items": { + "description": "Sysctl defines a kernel parameter to be set", + "properties": { + "name": { + "description": "Name of a property to set", + "type": "string" + }, + "value": { + "description": "Value of a property to set", + "type": "string" + } + }, + "required": [ + "name", + "value" + ], + "type": "object" + }, + "type": "array" + }, + "windowsOptions": { + "description": "The Windows specific settings applied to all containers. If unspecified, the options within a container's SecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is linux.", + "properties": { + "gmsaCredentialSpec": { + "description": "GMSACredentialSpec is where the GMSA admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the GMSA credential spec named by the GMSACredentialSpecName field.", + "type": "string" + }, + "gmsaCredentialSpecName": { + "description": "GMSACredentialSpecName is the name of the GMSA credential spec to use.", + "type": "string" + }, + "hostProcess": { + "description": "HostProcess determines if a container should be run as a 'Host Process' container. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.", + "type": "boolean" + }, + "runAsUserName": { + "description": "The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.", + "type": "string" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "serviceAccount": { + "description": "DeprecatedServiceAccount is a depreciated alias for ServiceAccountName. Deprecated: Use serviceAccountName instead.", + "type": "string" + }, + "serviceAccountName": { + "description": "ServiceAccountName is the name of the ServiceAccount to use to run this pod. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/", + "type": "string" + }, + "setHostnameAsFQDN": { + "description": "If true the pod's hostname will be configured as the pod's FQDN, rather than the leaf name (the default). In Linux containers, this means setting the FQDN in the hostname field of the kernel (the nodename field of struct utsname). In Windows containers, this means setting the registry value of hostname for the registry key HKEY_LOCAL_MACHINE\\\\SYSTEM\\\\CurrentControlSet\\\\Services\\\\Tcpip\\\\Parameters to FQDN. If a pod does not have FQDN, this has no effect. Default to false.", + "type": "boolean" + }, + "shareProcessNamespace": { + "description": "Share a single process namespace between all of the containers in a pod. When this is set containers will be able to view and signal processes from other containers in the same pod, and the first process in each container will not be assigned PID 1. HostPID and ShareProcessNamespace cannot both be set. Optional: Default to false.", + "type": "boolean" + }, + "subdomain": { + "description": "If specified, the fully qualified Pod hostname will be \"...svc.\". If not specified, the pod will not have a domainname at all.", + "type": "string" + }, + "terminationGracePeriodSeconds": { + "format": "int64", + "type": "integer" + }, + "tolerations": { + "description": "If specified, the pod's tolerations.", + "items": { + "description": "The pod this Toleration is attached to tolerates any taint that matches the triple using the matching operator .", + "properties": { + "effect": { + "description": "Effect indicates the taint effect to match. Empty means match all taint effects. When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute.", + "type": "string" + }, + "key": { + "description": "Key is the taint key that the toleration applies to. Empty means match all taint keys. If the key is empty, operator must be Exists; this combination means to match all values and all keys.", + "type": "string" + }, + "operator": { + "description": "Operator represents a key's relationship to the value. Valid operators are Exists and Equal. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category.", + "type": "string" + }, + "tolerationSeconds": { + "description": "TolerationSeconds represents the period of time the toleration (which must be of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, it is not set, which means tolerate the taint forever (do not evict). Zero and negative values will be treated as 0 (evict immediately) by the system.", + "format": "int64", + "type": "integer" + }, + "value": { + "description": "Value is the taint value the toleration matches to. If the operator is Exists, the value should be empty, otherwise just a regular string.", + "type": "string" + } + }, + "type": "object" + }, + "type": "array" + }, + "topologySpreadConstraints": { + "description": "TopologySpreadConstraints describes how a group of pods ought to spread across topology domains. Scheduler will schedule pods in a way which abides by the constraints. All topologySpreadConstraints are ANDed.", + "items": { + "description": "TopologySpreadConstraint specifies how to spread matching pods among the given topology.", + "properties": { + "labelSelector": { + "description": "LabelSelector is used to find matching pods. Pods that match this label selector are counted to determine the number of pods in their corresponding topology domain.", + "properties": { + "matchExpressions": { + "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", + "items": { + "description": "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.", + "properties": { + "key": { + "description": "key is the label key that the selector applies to.", + "type": "string" + }, + "operator": { + "description": "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.", + "type": "string" + }, + "values": { + "description": "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array" + }, + "matchLabels": { + "additionalProperties": { + "type": "string" + }, + "description": "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", + "type": "object" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "matchLabelKeys": { + "description": "MatchLabelKeys is a set of pod label keys to select the pods over which spreading will be calculated. The keys are used to lookup values from the incoming pod labels, those key-value labels are ANDed with labelSelector to select the group of existing pods over which spreading will be calculated for the incoming pod. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. MatchLabelKeys cannot be set when LabelSelector isn't set. Keys that don't exist in the incoming pod labels will be ignored. A null or empty list means only match against labelSelector. \n This is a beta field and requires the MatchLabelKeysInPodTopologySpread feature gate to be enabled (enabled by default).", + "items": { + "type": "string" + }, + "type": "array", + "x-kubernetes-list-type": "atomic" + }, + "maxSkew": { + "description": "MaxSkew describes the degree to which pods may be unevenly distributed. When `whenUnsatisfiable=DoNotSchedule`, it is the maximum permitted difference between the number of matching pods in the target topology and the global minimum. The global minimum is the minimum number of matching pods in an eligible domain or zero if the number of eligible domains is less than MinDomains. For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same labelSelector spread as 2/2/1: In this case, the global minimum is 1. | zone1 | zone2 | zone3 | | P P | P P | P | - if MaxSkew is 1, incoming pod can only be scheduled to zone3 to become 2/2/2; scheduling it onto zone1(zone2) would make the ActualSkew(3-1) on zone1(zone2) violate MaxSkew(1). - if MaxSkew is 2, incoming pod can be scheduled onto any zone. When `whenUnsatisfiable=ScheduleAnyway`, it is used to give higher precedence to topologies that satisfy it. It's a required field. Default value is 1 and 0 is not allowed.", + "format": "int32", + "type": "integer" + }, + "minDomains": { + "description": "MinDomains indicates a minimum number of eligible domains. When the number of eligible domains with matching topology keys is less than minDomains, Pod Topology Spread treats \"global minimum\" as 0, and then the calculation of Skew is performed. And when the number of eligible domains with matching topology keys equals or greater than minDomains, this value has no effect on scheduling. As a result, when the number of eligible domains is less than minDomains, scheduler won't schedule more than maxSkew Pods to those domains. If value is nil, the constraint behaves as if MinDomains is equal to 1. Valid values are integers greater than 0. When value is not nil, WhenUnsatisfiable must be DoNotSchedule. \n For example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same labelSelector spread as 2/2/2: | zone1 | zone2 | zone3 | | P P | P P | P P | The number of domains is less than 5(MinDomains), so \"global minimum\" is treated as 0. In this situation, new pod with the same labelSelector cannot be scheduled, because computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones, it will violate MaxSkew. \n This is a beta field and requires the MinDomainsInPodTopologySpread feature gate to be enabled (enabled by default).", + "format": "int32", + "type": "integer" + }, + "nodeAffinityPolicy": { + "description": "NodeAffinityPolicy indicates how we will treat Pod's nodeAffinity/nodeSelector when calculating pod topology spread skew. Options are: - Honor: only nodes matching nodeAffinity/nodeSelector are included in the calculations. - Ignore: nodeAffinity/nodeSelector are ignored. All nodes are included in the calculations. \n If this value is nil, the behavior is equivalent to the Honor policy. This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag.", + "type": "string" + }, + "nodeTaintsPolicy": { + "description": "NodeTaintsPolicy indicates how we will treat node taints when calculating pod topology spread skew. Options are: - Honor: nodes without taints, along with tainted nodes for which the incoming pod has a toleration, are included. - Ignore: node taints are ignored. All nodes are included. \n If this value is nil, the behavior is equivalent to the Ignore policy. This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag.", + "type": "string" + }, + "topologyKey": { + "description": "TopologyKey is the key of node labels. Nodes that have a label with this key and identical values are considered to be in the same topology. We consider each as a \"bucket\", and try to put balanced number of pods into each bucket. We define a domain as a particular instance of a topology. Also, we define an eligible domain as a domain whose nodes meet the requirements of nodeAffinityPolicy and nodeTaintsPolicy. e.g. If TopologyKey is \"kubernetes.io/hostname\", each Node is a domain of that topology. And, if TopologyKey is \"topology.kubernetes.io/zone\", each zone is a domain of that topology. It's a required field.", + "type": "string" + }, + "whenUnsatisfiable": { + "description": "WhenUnsatisfiable indicates how to deal with a pod if it doesn't satisfy the spread constraint. - DoNotSchedule (default) tells the scheduler not to schedule it. - ScheduleAnyway tells the scheduler to schedule the pod in any location, but giving higher precedence to topologies that would help reduce the skew. A constraint is considered \"Unsatisfiable\" for an incoming pod if and only if every possible node assignment for that pod would violate \"MaxSkew\" on some topology. For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same labelSelector spread as 3/1/1: | zone1 | zone2 | zone3 | | P P P | P | P | If WhenUnsatisfiable is set to DoNotSchedule, incoming pod can only be scheduled to zone2(zone3) to become 3/2/1(3/1/2) as ActualSkew(2-1) on zone2(zone3) satisfies MaxSkew(1). In other words, the cluster can still be imbalanced, but scheduler won't make it *more* imbalanced. It's a required field.", + "type": "string" + } + }, + "required": [ + "maxSkew", + "topologyKey", + "whenUnsatisfiable" + ], + "type": "object" + }, + "type": "array", + "x-kubernetes-list-map-keys": [ + "topologyKey", + "whenUnsatisfiable" + ], + "x-kubernetes-list-type": "map" + }, + "volumes": { + "items": { + "description": "Volume represents a named volume in a pod that may be accessed by any container in the pod.", + "properties": { + "awsElasticBlockStore": { + "description": "awsElasticBlockStore represents an AWS Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore", + "properties": { + "fsType": { + "description": "fsType is the filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore TODO: how do we prevent errors in the filesystem from compromising the machine", + "type": "string" + }, + "partition": { + "description": "partition is the partition in the volume that you want to mount. If omitted, the default is to mount by volume name. Examples: For volume /dev/sda1, you specify the partition as \"1\". Similarly, the volume partition for /dev/sda is \"0\" (or you can leave the property empty).", + "format": "int32", + "type": "integer" + }, + "readOnly": { + "description": "readOnly value true will force the readOnly setting in VolumeMounts. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore", + "type": "boolean" + }, + "volumeID": { + "description": "volumeID is unique ID of the persistent disk resource in AWS (Amazon EBS volume). More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore", + "type": "string" + } + }, + "required": [ + "volumeID" + ], + "type": "object" + }, + "azureDisk": { + "description": "azureDisk represents an Azure Data Disk mount on the host and bind mount to the pod.", + "properties": { + "cachingMode": { + "description": "cachingMode is the Host Caching mode: None, Read Only, Read Write.", + "type": "string" + }, + "diskName": { + "description": "diskName is the Name of the data disk in the blob storage", + "type": "string" + }, + "diskURI": { + "description": "diskURI is the URI of data disk in the blob storage", + "type": "string" + }, + "fsType": { + "description": "fsType is Filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.", + "type": "string" + }, + "kind": { + "description": "kind expected values are Shared: multiple blob disks per storage account Dedicated: single blob disk per storage account Managed: azure managed data disk (only in managed availability set). defaults to shared", + "type": "string" + }, + "readOnly": { + "description": "readOnly Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts.", + "type": "boolean" + } + }, + "required": [ + "diskName", + "diskURI" + ], + "type": "object" + }, + "azureFile": { + "description": "azureFile represents an Azure File Service mount on the host and bind mount to the pod.", + "properties": { + "readOnly": { + "description": "readOnly defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts.", + "type": "boolean" + }, + "secretName": { + "description": "secretName is the name of secret that contains Azure Storage Account Name and Key", + "type": "string" + }, + "shareName": { + "description": "shareName is the azure share Name", + "type": "string" + } + }, + "required": [ + "secretName", + "shareName" + ], + "type": "object" + }, + "cephfs": { + "description": "cephFS represents a Ceph FS mount on the host that shares a pod's lifetime", + "properties": { + "monitors": { + "description": "monitors is Required: Monitors is a collection of Ceph monitors More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it", + "items": { + "type": "string" + }, + "type": "array" + }, + "path": { + "description": "path is Optional: Used as the mounted root, rather than the full Ceph tree, default is /", + "type": "string" + }, + "readOnly": { + "description": "readOnly is Optional: Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it", + "type": "boolean" + }, + "secretFile": { + "description": "secretFile is Optional: SecretFile is the path to key ring for User, default is /etc/ceph/user.secret More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it", + "type": "string" + }, + "secretRef": { + "description": "secretRef is Optional: SecretRef is reference to the authentication secret for User, default is empty. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it", + "properties": { + "name": { + "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?", + "type": "string" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "user": { + "description": "user is optional: User is the rados user name, default is admin More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it", + "type": "string" + } + }, + "required": [ + "monitors" + ], + "type": "object" + }, + "cinder": { + "description": "cinder represents a cinder volume attached and mounted on kubelets host machine. More info: https://examples.k8s.io/mysql-cinder-pd/README.md", + "properties": { + "fsType": { + "description": "fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Examples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified. More info: https://examples.k8s.io/mysql-cinder-pd/README.md", + "type": "string" + }, + "readOnly": { + "description": "readOnly defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts. More info: https://examples.k8s.io/mysql-cinder-pd/README.md", + "type": "boolean" + }, + "secretRef": { + "description": "secretRef is optional: points to a secret object containing parameters used to connect to OpenStack.", + "properties": { + "name": { + "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?", + "type": "string" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "volumeID": { + "description": "volumeID used to identify the volume in cinder. More info: https://examples.k8s.io/mysql-cinder-pd/README.md", + "type": "string" + } + }, + "required": [ + "volumeID" + ], + "type": "object" + }, + "configMap": { + "description": "configMap represents a configMap that should populate this volume", + "properties": { + "defaultMode": { + "description": "defaultMode is optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.", + "format": "int32", + "type": "integer" + }, + "items": { + "description": "items if unspecified, each key-value pair in the Data field of the referenced ConfigMap will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the ConfigMap, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'.", + "items": { + "description": "Maps a string key to a path within a volume.", + "properties": { + "key": { + "description": "key is the key to project.", + "type": "string" + }, + "mode": { + "description": "mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.", + "format": "int32", + "type": "integer" + }, + "path": { + "description": "path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'.", + "type": "string" + } + }, + "required": [ + "key", + "path" + ], + "type": "object" + }, + "type": "array" + }, + "name": { + "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?", + "type": "string" + }, + "optional": { + "description": "optional specify whether the ConfigMap or its keys must be defined", + "type": "boolean" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "csi": { + "description": "csi (Container Storage Interface) represents ephemeral storage that is handled by certain external CSI drivers (Beta feature).", + "properties": { + "driver": { + "description": "driver is the name of the CSI driver that handles this volume. Consult with your admin for the correct name as registered in the cluster.", + "type": "string" + }, + "fsType": { + "description": "fsType to mount. Ex. \"ext4\", \"xfs\", \"ntfs\". If not provided, the empty value is passed to the associated CSI driver which will determine the default filesystem to apply.", + "type": "string" + }, + "nodePublishSecretRef": { + "description": "nodePublishSecretRef is a reference to the secret object containing sensitive information to pass to the CSI driver to complete the CSI NodePublishVolume and NodeUnpublishVolume calls. This field is optional, and may be empty if no secret is required. If the secret object contains more than one secret, all secret references are passed.", + "properties": { + "name": { + "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?", + "type": "string" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "readOnly": { + "description": "readOnly specifies a read-only configuration for the volume. Defaults to false (read/write).", + "type": "boolean" + }, + "volumeAttributes": { + "additionalProperties": { + "type": "string" + }, + "description": "volumeAttributes stores driver-specific properties that are passed to the CSI driver. Consult your driver's documentation for supported values.", + "type": "object" + } + }, + "required": [ + "driver" + ], + "type": "object" + }, + "downwardAPI": { + "description": "downwardAPI represents downward API about the pod that should populate this volume", + "properties": { + "defaultMode": { + "description": "Optional: mode bits to use on created files by default. Must be a Optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.", + "format": "int32", + "type": "integer" + }, + "items": { + "description": "Items is a list of downward API volume file", + "items": { + "description": "DownwardAPIVolumeFile represents information to create the file containing the pod field", + "properties": { + "fieldRef": { + "description": "Required: Selects a field of the pod: only annotations, labels, name and namespace are supported.", + "properties": { + "apiVersion": { + "description": "Version of the schema the FieldPath is written in terms of, defaults to \"v1\".", + "type": "string" + }, + "fieldPath": { + "description": "Path of the field to select in the specified API version.", + "type": "string" + } + }, + "required": [ + "fieldPath" + ], + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "mode": { + "description": "Optional: mode bits used to set permissions on this file, must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.", + "format": "int32", + "type": "integer" + }, + "path": { + "description": "Required: Path is the relative path name of the file to be created. Must not be absolute or contain the '..' path. Must be utf-8 encoded. The first item of the relative path must not start with '..'", + "type": "string" + }, + "resourceFieldRef": { + "description": "Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported.", + "properties": { + "containerName": { + "description": "Container name: required for volumes, optional for env vars", + "type": "string" + }, + "divisor": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "description": "Specifies the output format of the exposed resources, defaults to \"1\"", + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "resource": { + "description": "Required: resource to select", + "type": "string" + } + }, + "required": [ + "resource" + ], + "type": "object", + "x-kubernetes-map-type": "atomic" + } + }, + "required": [ + "path" + ], + "type": "object" + }, + "type": "array" + } + }, + "type": "object" + }, + "emptyDir": { + "description": "emptyDir represents a temporary directory that shares a pod's lifetime. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir", + "properties": { + "medium": { + "description": "medium represents what type of storage medium should back this directory. The default is \"\" which means to use the node's default medium. Must be an empty string (default) or Memory. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir", + "type": "string" + }, + "sizeLimit": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "description": "sizeLimit is the total amount of local storage required for this EmptyDir volume. The size limit is also applicable for memory medium. The maximum usage on memory medium EmptyDir would be the minimum value between the SizeLimit specified here and the sum of memory limits of all containers in a pod. The default is nil which means that the limit is undefined. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir", + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + } + }, + "type": "object" + }, + "ephemeral": { + "description": "ephemeral represents a volume that is handled by a cluster storage driver. The volume's lifecycle is tied to the pod that defines it - it will be created before the pod starts, and deleted when the pod is removed. \n Use this if: a) the volume is only needed while the pod runs, b) features of normal volumes like restoring from snapshot or capacity tracking are needed, c) the storage driver is specified through a storage class, and d) the storage driver supports dynamic volume provisioning through a PersistentVolumeClaim (see EphemeralVolumeSource for more information on the connection between this volume type and PersistentVolumeClaim). \n Use PersistentVolumeClaim or one of the vendor-specific APIs for volumes that persist for longer than the lifecycle of an individual pod. \n Use CSI for light-weight local ephemeral volumes if the CSI driver is meant to be used that way - see the documentation of the driver for more information. \n A pod can use both types of ephemeral volumes and persistent volumes at the same time.", + "properties": { + "volumeClaimTemplate": { + "description": "Will be used to create a stand-alone PVC to provision the volume. The pod in which this EphemeralVolumeSource is embedded will be the owner of the PVC, i.e. the PVC will be deleted together with the pod. The name of the PVC will be `-` where `` is the name from the `PodSpec.Volumes` array entry. Pod validation will reject the pod if the concatenated name is not valid for a PVC (for example, too long). \n An existing PVC with that name that is not owned by the pod will *not* be used for the pod to avoid using an unrelated volume by mistake. Starting the pod is then blocked until the unrelated PVC is removed. If such a pre-created PVC is meant to be used by the pod, the PVC has to updated with an owner reference to the pod once the pod exists. Normally this should not be necessary, but it may be useful when manually reconstructing a broken cluster. \n This field is read-only and no changes will be made by Kubernetes to the PVC after it has been created. \n Required, must not be nil.", + "properties": { + "metadata": { + "description": "May contain labels and annotations that will be copied into the PVC when creating it. No other fields are allowed and will be rejected during validation.", + "type": "object" + }, + "spec": { + "description": "The specification for the PersistentVolumeClaim. The entire content is copied unchanged into the PVC that gets created from this template. The same fields as in a PersistentVolumeClaim are also valid here.", + "properties": { + "accessModes": { + "description": "accessModes contains the desired access modes the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1", + "items": { + "type": "string" + }, + "type": "array" + }, + "dataSource": { + "description": "dataSource field can be used to specify either: * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) * An existing PVC (PersistentVolumeClaim) If the provisioner or an external controller can support the specified data source, it will create a new volume based on the contents of the specified data source. When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. If the namespace is specified, then dataSourceRef will not be copied to dataSource.", + "properties": { + "apiGroup": { + "description": "APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required.", + "type": "string" + }, + "kind": { + "description": "Kind is the type of resource being referenced", + "type": "string" + }, + "name": { + "description": "Name is the name of resource being referenced", + "type": "string" + } + }, + "required": [ + "kind", + "name" + ], + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "dataSourceRef": { + "description": "dataSourceRef specifies the object from which to populate the volume with data, if a non-empty volume is desired. This may be any object from a non-empty API group (non core object) or a PersistentVolumeClaim object. When this field is specified, volume binding will only succeed if the type of the specified object matches some installed volume populator or dynamic provisioner. This field will replace the functionality of the dataSource field and as such if both fields are non-empty, they must have the same value. For backwards compatibility, when namespace isn't specified in dataSourceRef, both fields (dataSource and dataSourceRef) will be set to the same value automatically if one of them is empty and the other is non-empty. When namespace is specified in dataSourceRef, dataSource isn't set to the same value and must be empty. There are three important differences between dataSource and dataSourceRef: * While dataSource only allows two specific types of objects, dataSourceRef allows any non-core object, as well as PersistentVolumeClaim objects. * While dataSource ignores disallowed values (dropping them), dataSourceRef preserves all values, and generates an error if a disallowed value is specified. * While dataSource only allows local objects, dataSourceRef allows objects in any namespaces. (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled.", + "properties": { + "apiGroup": { + "description": "APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required.", + "type": "string" + }, + "kind": { + "description": "Kind is the type of resource being referenced", + "type": "string" + }, + "name": { + "description": "Name is the name of resource being referenced", + "type": "string" + }, + "namespace": { + "description": "Namespace is the namespace of resource being referenced Note that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details. (Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled.", + "type": "string" + } + }, + "required": [ + "kind", + "name" + ], + "type": "object" + }, + "resources": { + "description": "resources represents the minimum resources the volume should have. If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements that are lower than previous value but must still be higher than capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources", + "properties": { + "limits": { + "additionalProperties": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "description": "Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/", + "type": "object" + }, + "requests": { + "additionalProperties": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "description": "Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/", + "type": "object" + } + }, + "type": "object" + }, + "selector": { + "description": "selector is a label query over volumes to consider for binding.", + "properties": { + "matchExpressions": { + "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", + "items": { + "description": "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.", + "properties": { + "key": { + "description": "key is the label key that the selector applies to.", + "type": "string" + }, + "operator": { + "description": "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.", + "type": "string" + }, + "values": { + "description": "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array" + }, + "matchLabels": { + "additionalProperties": { + "type": "string" + }, + "description": "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", + "type": "object" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "storageClassName": { + "description": "storageClassName is the name of the StorageClass required by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1", + "type": "string" + }, + "volumeAttributesClassName": { + "description": "volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. If specified, the CSI driver will create or update the volume with the attributes defined in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName, it can be changed after the claim is created. An empty string value means that no VolumeAttributesClass will be applied to the claim but it's not allowed to reset this field to empty string once it is set. If unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass will be set by the persistentvolume controller if it exists. If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource exists. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#volumeattributesclass (Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled.", + "type": "string" + }, + "volumeMode": { + "description": "volumeMode defines what type of volume is required by the claim. Value of Filesystem is implied when not included in claim spec.", + "type": "string" + }, + "volumeName": { + "description": "volumeName is the binding reference to the PersistentVolume backing this claim.", + "type": "string" + } + }, + "type": "object" + } + }, + "required": [ + "spec" + ], + "type": "object" + } + }, + "type": "object" + }, + "fc": { + "description": "fc represents a Fibre Channel resource that is attached to a kubelet's host machine and then exposed to the pod.", + "properties": { + "fsType": { + "description": "fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified. TODO: how do we prevent errors in the filesystem from compromising the machine", + "type": "string" + }, + "lun": { + "description": "lun is Optional: FC target lun number", + "format": "int32", + "type": "integer" + }, + "readOnly": { + "description": "readOnly is Optional: Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts.", + "type": "boolean" + }, + "targetWWNs": { + "description": "targetWWNs is Optional: FC target worldwide names (WWNs)", + "items": { + "type": "string" + }, + "type": "array" + }, + "wwids": { + "description": "wwids Optional: FC volume world wide identifiers (wwids) Either wwids or combination of targetWWNs and lun must be set, but not both simultaneously.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + }, + "flexVolume": { + "description": "flexVolume represents a generic volume resource that is provisioned/attached using an exec based plugin.", + "properties": { + "driver": { + "description": "driver is the name of the driver to use for this volume.", + "type": "string" + }, + "fsType": { + "description": "fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. \"ext4\", \"xfs\", \"ntfs\". The default filesystem depends on FlexVolume script.", + "type": "string" + }, + "options": { + "additionalProperties": { + "type": "string" + }, + "description": "options is Optional: this field holds extra command options if any.", + "type": "object" + }, + "readOnly": { + "description": "readOnly is Optional: defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts.", + "type": "boolean" + }, + "secretRef": { + "description": "secretRef is Optional: secretRef is reference to the secret object containing sensitive information to pass to the plugin scripts. This may be empty if no secret object is specified. If the secret object contains more than one secret, all secrets are passed to the plugin scripts.", + "properties": { + "name": { + "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?", + "type": "string" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + } + }, + "required": [ + "driver" + ], + "type": "object" + }, + "flocker": { + "description": "flocker represents a Flocker volume attached to a kubelet's host machine. This depends on the Flocker control service being running", + "properties": { + "datasetName": { + "description": "datasetName is Name of the dataset stored as metadata -> name on the dataset for Flocker should be considered as deprecated", + "type": "string" + }, + "datasetUUID": { + "description": "datasetUUID is the UUID of the dataset. This is unique identifier of a Flocker dataset", + "type": "string" + } + }, + "type": "object" + }, + "gcePersistentDisk": { + "description": "gcePersistentDisk represents a GCE Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk", + "properties": { + "fsType": { + "description": "fsType is filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk TODO: how do we prevent errors in the filesystem from compromising the machine", + "type": "string" + }, + "partition": { + "description": "partition is the partition in the volume that you want to mount. If omitted, the default is to mount by volume name. Examples: For volume /dev/sda1, you specify the partition as \"1\". Similarly, the volume partition for /dev/sda is \"0\" (or you can leave the property empty). More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk", + "format": "int32", + "type": "integer" + }, + "pdName": { + "description": "pdName is unique name of the PD resource in GCE. Used to identify the disk in GCE. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk", + "type": "string" + }, + "readOnly": { + "description": "readOnly here will force the ReadOnly setting in VolumeMounts. Defaults to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk", + "type": "boolean" + } + }, + "required": [ + "pdName" + ], + "type": "object" + }, + "gitRepo": { + "description": "gitRepo represents a git repository at a particular revision. DEPRECATED: GitRepo is deprecated. To provision a container with a git repo, mount an EmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir into the Pod's container.", + "properties": { + "directory": { + "description": "directory is the target directory name. Must not contain or start with '..'. If '.' is supplied, the volume directory will be the git repository. Otherwise, if specified, the volume will contain the git repository in the subdirectory with the given name.", + "type": "string" + }, + "repository": { + "description": "repository is the URL", + "type": "string" + }, + "revision": { + "description": "revision is the commit hash for the specified revision.", + "type": "string" + } + }, + "required": [ + "repository" + ], + "type": "object" + }, + "glusterfs": { + "description": "glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime. More info: https://examples.k8s.io/volumes/glusterfs/README.md", + "properties": { + "endpoints": { + "description": "endpoints is the endpoint name that details Glusterfs topology. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod", + "type": "string" + }, + "path": { + "description": "path is the Glusterfs volume path. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod", + "type": "string" + }, + "readOnly": { + "description": "readOnly here will force the Glusterfs volume to be mounted with read-only permissions. Defaults to false. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod", + "type": "boolean" + } + }, + "required": [ + "endpoints", + "path" + ], + "type": "object" + }, + "hostPath": { + "description": "hostPath represents a pre-existing file or directory on the host machine that is directly exposed to the container. This is generally used for system agents or other privileged things that are allowed to see the host machine. Most containers will NOT need this. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath --- TODO(jonesdl) We need to restrict who can use host directory mounts and who can/can not mount host directories as read/write.", + "properties": { + "path": { + "description": "path of the directory on the host. If the path is a symlink, it will follow the link to the real path. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath", + "type": "string" + }, + "type": { + "description": "type for HostPath Volume Defaults to \"\" More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath", + "type": "string" + } + }, + "required": [ + "path" + ], + "type": "object" + }, + "iscsi": { + "description": "iscsi represents an ISCSI Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://examples.k8s.io/volumes/iscsi/README.md", + "properties": { + "chapAuthDiscovery": { + "description": "chapAuthDiscovery defines whether support iSCSI Discovery CHAP authentication", + "type": "boolean" + }, + "chapAuthSession": { + "description": "chapAuthSession defines whether support iSCSI Session CHAP authentication", + "type": "boolean" + }, + "fsType": { + "description": "fsType is the filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi TODO: how do we prevent errors in the filesystem from compromising the machine", + "type": "string" + }, + "initiatorName": { + "description": "initiatorName is the custom iSCSI Initiator Name. If initiatorName is specified with iscsiInterface simultaneously, new iSCSI interface : will be created for the connection.", + "type": "string" + }, + "iqn": { + "description": "iqn is the target iSCSI Qualified Name.", + "type": "string" + }, + "iscsiInterface": { + "description": "iscsiInterface is the interface Name that uses an iSCSI transport. Defaults to 'default' (tcp).", + "type": "string" + }, + "lun": { + "description": "lun represents iSCSI Target Lun number.", + "format": "int32", + "type": "integer" + }, + "portals": { + "description": "portals is the iSCSI Target Portal List. The portal is either an IP or ip_addr:port if the port is other than default (typically TCP ports 860 and 3260).", + "items": { + "type": "string" + }, + "type": "array" + }, + "readOnly": { + "description": "readOnly here will force the ReadOnly setting in VolumeMounts. Defaults to false.", + "type": "boolean" + }, + "secretRef": { + "description": "secretRef is the CHAP Secret for iSCSI target and initiator authentication", + "properties": { + "name": { + "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?", + "type": "string" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "targetPortal": { + "description": "targetPortal is iSCSI Target Portal. The Portal is either an IP or ip_addr:port if the port is other than default (typically TCP ports 860 and 3260).", + "type": "string" + } + }, + "required": [ + "iqn", + "lun", + "targetPortal" + ], + "type": "object" + }, + "name": { + "description": "name of the volume. Must be a DNS_LABEL and unique within the pod. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names", + "type": "string" + }, + "nfs": { + "description": "nfs represents an NFS mount on the host that shares a pod's lifetime More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs", + "properties": { + "path": { + "description": "path that is exported by the NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs", + "type": "string" + }, + "readOnly": { + "description": "readOnly here will force the NFS export to be mounted with read-only permissions. Defaults to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs", + "type": "boolean" + }, + "server": { + "description": "server is the hostname or IP address of the NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs", + "type": "string" + } + }, + "required": [ + "path", + "server" + ], + "type": "object" + }, + "persistentVolumeClaim": { + "description": "persistentVolumeClaimVolumeSource represents a reference to a PersistentVolumeClaim in the same namespace. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims", + "properties": { + "claimName": { + "description": "claimName is the name of a PersistentVolumeClaim in the same namespace as the pod using this volume. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims", + "type": "string" + }, + "readOnly": { + "description": "readOnly Will force the ReadOnly setting in VolumeMounts. Default false.", + "type": "boolean" + } + }, + "required": [ + "claimName" + ], + "type": "object" + }, + "photonPersistentDisk": { + "description": "photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine", + "properties": { + "fsType": { + "description": "fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.", + "type": "string" + }, + "pdID": { + "description": "pdID is the ID that identifies Photon Controller persistent disk", + "type": "string" + } + }, + "required": [ + "pdID" + ], + "type": "object" + }, + "portworxVolume": { + "description": "portworxVolume represents a portworx volume attached and mounted on kubelets host machine", + "properties": { + "fsType": { + "description": "fSType represents the filesystem type to mount Must be a filesystem type supported by the host operating system. Ex. \"ext4\", \"xfs\". Implicitly inferred to be \"ext4\" if unspecified.", + "type": "string" + }, + "readOnly": { + "description": "readOnly defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts.", + "type": "boolean" + }, + "volumeID": { + "description": "volumeID uniquely identifies a Portworx volume", + "type": "string" + } + }, + "required": [ + "volumeID" + ], + "type": "object" + }, + "projected": { + "description": "projected items for all in one resources secrets, configmaps, and downward API", + "properties": { + "defaultMode": { + "description": "defaultMode are the mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.", + "format": "int32", + "type": "integer" + }, + "sources": { + "description": "sources is the list of volume projections", + "items": { + "description": "Projection that may be projected along with other supported volume types", + "properties": { + "clusterTrustBundle": { + "description": "ClusterTrustBundle allows a pod to access the `.spec.trustBundle` field of ClusterTrustBundle objects in an auto-updating file. \n Alpha, gated by the ClusterTrustBundleProjection feature gate. \n ClusterTrustBundle objects can either be selected by name, or by the combination of signer name and a label selector. \n Kubelet performs aggressive normalization of the PEM contents written into the pod filesystem. Esoteric PEM features such as inter-block comments and block headers are stripped. Certificates are deduplicated. The ordering of certificates within the file is arbitrary, and Kubelet may change the order over time.", + "properties": { + "labelSelector": { + "description": "Select all ClusterTrustBundles that match this label selector. Only has effect if signerName is set. Mutually-exclusive with name. If unset, interpreted as \"match nothing\". If set but empty, interpreted as \"match everything\".", + "properties": { + "matchExpressions": { + "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", + "items": { + "description": "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.", + "properties": { + "key": { + "description": "key is the label key that the selector applies to.", + "type": "string" + }, + "operator": { + "description": "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.", + "type": "string" + }, + "values": { + "description": "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array" + }, + "matchLabels": { + "additionalProperties": { + "type": "string" + }, + "description": "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", + "type": "object" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "name": { + "description": "Select a single ClusterTrustBundle by object name. Mutually-exclusive with signerName and labelSelector.", + "type": "string" + }, + "optional": { + "description": "If true, don't block pod startup if the referenced ClusterTrustBundle(s) aren't available. If using name, then the named ClusterTrustBundle is allowed not to exist. If using signerName, then the combination of signerName and labelSelector is allowed to match zero ClusterTrustBundles.", + "type": "boolean" + }, + "path": { + "description": "Relative path from the volume root to write the bundle.", + "type": "string" + }, + "signerName": { + "description": "Select all ClusterTrustBundles that match this signer name. Mutually-exclusive with name. The contents of all selected ClusterTrustBundles will be unified and deduplicated.", + "type": "string" + } + }, + "required": [ + "path" + ], + "type": "object" + }, + "configMap": { + "description": "configMap information about the configMap data to project", + "properties": { + "items": { + "description": "items if unspecified, each key-value pair in the Data field of the referenced ConfigMap will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the ConfigMap, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'.", + "items": { + "description": "Maps a string key to a path within a volume.", + "properties": { + "key": { + "description": "key is the key to project.", + "type": "string" + }, + "mode": { + "description": "mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.", + "format": "int32", + "type": "integer" + }, + "path": { + "description": "path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'.", + "type": "string" + } + }, + "required": [ + "key", + "path" + ], + "type": "object" + }, + "type": "array" + }, + "name": { + "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?", + "type": "string" + }, + "optional": { + "description": "optional specify whether the ConfigMap or its keys must be defined", + "type": "boolean" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "downwardAPI": { + "description": "downwardAPI information about the downwardAPI data to project", + "properties": { + "items": { + "description": "Items is a list of DownwardAPIVolume file", + "items": { + "description": "DownwardAPIVolumeFile represents information to create the file containing the pod field", + "properties": { + "fieldRef": { + "description": "Required: Selects a field of the pod: only annotations, labels, name and namespace are supported.", + "properties": { + "apiVersion": { + "description": "Version of the schema the FieldPath is written in terms of, defaults to \"v1\".", + "type": "string" + }, + "fieldPath": { + "description": "Path of the field to select in the specified API version.", + "type": "string" + } + }, + "required": [ + "fieldPath" + ], + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "mode": { + "description": "Optional: mode bits used to set permissions on this file, must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.", + "format": "int32", + "type": "integer" + }, + "path": { + "description": "Required: Path is the relative path name of the file to be created. Must not be absolute or contain the '..' path. Must be utf-8 encoded. The first item of the relative path must not start with '..'", + "type": "string" + }, + "resourceFieldRef": { + "description": "Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported.", + "properties": { + "containerName": { + "description": "Container name: required for volumes, optional for env vars", + "type": "string" + }, + "divisor": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "description": "Specifies the output format of the exposed resources, defaults to \"1\"", + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "resource": { + "description": "Required: resource to select", + "type": "string" + } + }, + "required": [ + "resource" + ], + "type": "object", + "x-kubernetes-map-type": "atomic" + } + }, + "required": [ + "path" + ], + "type": "object" + }, + "type": "array" + } + }, + "type": "object" + }, + "secret": { + "description": "secret information about the secret data to project", + "properties": { + "items": { + "description": "items if unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'.", + "items": { + "description": "Maps a string key to a path within a volume.", + "properties": { + "key": { + "description": "key is the key to project.", + "type": "string" + }, + "mode": { + "description": "mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.", + "format": "int32", + "type": "integer" + }, + "path": { + "description": "path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'.", + "type": "string" + } + }, + "required": [ + "key", + "path" + ], + "type": "object" + }, + "type": "array" + }, + "name": { + "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?", + "type": "string" + }, + "optional": { + "description": "optional field specify whether the Secret or its key must be defined", + "type": "boolean" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "serviceAccountToken": { + "description": "serviceAccountToken is information about the serviceAccountToken data to project", + "properties": { + "audience": { + "description": "audience is the intended audience of the token. A recipient of a token must identify itself with an identifier specified in the audience of the token, and otherwise should reject the token. The audience defaults to the identifier of the apiserver.", + "type": "string" + }, + "expirationSeconds": { + "description": "expirationSeconds is the requested duration of validity of the service account token. As the token approaches expiration, the kubelet volume plugin will proactively rotate the service account token. The kubelet will start trying to rotate the token if the token is older than 80 percent of its time to live or if the token is older than 24 hours.Defaults to 1 hour and must be at least 10 minutes.", + "format": "int64", + "type": "integer" + }, + "path": { + "description": "path is the path relative to the mount point of the file to project the token into.", + "type": "string" + } + }, + "required": [ + "path" + ], + "type": "object" + } + }, + "type": "object" + }, + "type": "array" + } + }, + "type": "object" + }, + "quobyte": { + "description": "quobyte represents a Quobyte mount on the host that shares a pod's lifetime", + "properties": { + "group": { + "description": "group to map volume access to Default is no group", + "type": "string" + }, + "readOnly": { + "description": "readOnly here will force the Quobyte volume to be mounted with read-only permissions. Defaults to false.", + "type": "boolean" + }, + "registry": { + "description": "registry represents a single or multiple Quobyte Registry services specified as a string as host:port pair (multiple entries are separated with commas) which acts as the central registry for volumes", + "type": "string" + }, + "tenant": { + "description": "tenant owning the given Quobyte volume in the Backend Used with dynamically provisioned Quobyte volumes, value is set by the plugin", + "type": "string" + }, + "user": { + "description": "user to map volume access to Defaults to serivceaccount user", + "type": "string" + }, + "volume": { + "description": "volume is a string that references an already created Quobyte volume by name.", + "type": "string" + } + }, + "required": [ + "registry", + "volume" + ], + "type": "object" + }, + "rbd": { + "description": "rbd represents a Rados Block Device mount on the host that shares a pod's lifetime. More info: https://examples.k8s.io/volumes/rbd/README.md", + "properties": { + "fsType": { + "description": "fsType is the filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#rbd TODO: how do we prevent errors in the filesystem from compromising the machine", + "type": "string" + }, + "image": { + "description": "image is the rados image name. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it", + "type": "string" + }, + "keyring": { + "description": "keyring is the path to key ring for RBDUser. Default is /etc/ceph/keyring. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it", + "type": "string" + }, + "monitors": { + "description": "monitors is a collection of Ceph monitors. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it", + "items": { + "type": "string" + }, + "type": "array" + }, + "pool": { + "description": "pool is the rados pool name. Default is rbd. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it", + "type": "string" + }, + "readOnly": { + "description": "readOnly here will force the ReadOnly setting in VolumeMounts. Defaults to false. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it", + "type": "boolean" + }, + "secretRef": { + "description": "secretRef is name of the authentication secret for RBDUser. If provided overrides keyring. Default is nil. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it", + "properties": { + "name": { + "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?", + "type": "string" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "user": { + "description": "user is the rados user name. Default is admin. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it", + "type": "string" + } + }, + "required": [ + "image", + "monitors" + ], + "type": "object" + }, + "scaleIO": { + "description": "scaleIO represents a ScaleIO persistent volume attached and mounted on Kubernetes nodes.", + "properties": { + "fsType": { + "description": "fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. \"ext4\", \"xfs\", \"ntfs\". Default is \"xfs\".", + "type": "string" + }, + "gateway": { + "description": "gateway is the host address of the ScaleIO API Gateway.", + "type": "string" + }, + "protectionDomain": { + "description": "protectionDomain is the name of the ScaleIO Protection Domain for the configured storage.", + "type": "string" + }, + "readOnly": { + "description": "readOnly Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts.", + "type": "boolean" + }, + "secretRef": { + "description": "secretRef references to the secret for ScaleIO user and other sensitive information. If this is not provided, Login operation will fail.", + "properties": { + "name": { + "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?", + "type": "string" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "sslEnabled": { + "description": "sslEnabled Flag enable/disable SSL communication with Gateway, default false", + "type": "boolean" + }, + "storageMode": { + "description": "storageMode indicates whether the storage for a volume should be ThickProvisioned or ThinProvisioned. Default is ThinProvisioned.", + "type": "string" + }, + "storagePool": { + "description": "storagePool is the ScaleIO Storage Pool associated with the protection domain.", + "type": "string" + }, + "system": { + "description": "system is the name of the storage system as configured in ScaleIO.", + "type": "string" + }, + "volumeName": { + "description": "volumeName is the name of a volume already created in the ScaleIO system that is associated with this volume source.", + "type": "string" + } + }, + "required": [ + "gateway", + "secretRef", + "system" + ], + "type": "object" + }, + "secret": { + "description": "secret represents a secret that should populate this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret", + "properties": { + "defaultMode": { + "description": "defaultMode is Optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.", + "format": "int32", + "type": "integer" + }, + "items": { + "description": "items If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'.", + "items": { + "description": "Maps a string key to a path within a volume.", + "properties": { + "key": { + "description": "key is the key to project.", + "type": "string" + }, + "mode": { + "description": "mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.", + "format": "int32", + "type": "integer" + }, + "path": { + "description": "path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'.", + "type": "string" + } + }, + "required": [ + "key", + "path" + ], + "type": "object" + }, + "type": "array" + }, + "optional": { + "description": "optional field specify whether the Secret or its keys must be defined", + "type": "boolean" + }, + "secretName": { + "description": "secretName is the name of the secret in the pod's namespace to use. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret", + "type": "string" + } + }, + "type": "object" + }, + "storageos": { + "description": "storageOS represents a StorageOS volume attached and mounted on Kubernetes nodes.", + "properties": { + "fsType": { + "description": "fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.", + "type": "string" + }, + "readOnly": { + "description": "readOnly defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts.", + "type": "boolean" + }, + "secretRef": { + "description": "secretRef specifies the secret to use for obtaining the StorageOS API credentials. If not specified, default values will be attempted.", + "properties": { + "name": { + "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?", + "type": "string" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "volumeName": { + "description": "volumeName is the human-readable name of the StorageOS volume. Volume names are only unique within a namespace.", + "type": "string" + }, + "volumeNamespace": { + "description": "volumeNamespace specifies the scope of the volume within StorageOS. If no namespace is specified then the Pod's namespace will be used. This allows the Kubernetes name scoping to be mirrored within StorageOS for tighter integration. Set VolumeName to any name to override the default behaviour. Set to \"default\" if you are not using namespaces within StorageOS. Namespaces that do not pre-exist within StorageOS will be created.", + "type": "string" + } + }, + "type": "object" + }, + "vsphereVolume": { + "description": "vsphereVolume represents a vSphere volume attached and mounted on kubelets host machine", + "properties": { + "fsType": { + "description": "fsType is filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.", + "type": "string" + }, + "storagePolicyID": { + "description": "storagePolicyID is the storage Policy Based Management (SPBM) profile ID associated with the StoragePolicyName.", + "type": "string" + }, + "storagePolicyName": { + "description": "storagePolicyName is the storage Policy Based Management (SPBM) profile name.", + "type": "string" + }, + "volumePath": { + "description": "volumePath is the path that identifies vSphere volume vmdk", + "type": "string" + } + }, + "required": [ + "volumePath" + ], + "type": "object" + } + }, + "required": [ + "name" + ], + "type": "object" + }, + "type": "array" + } + }, + "type": "object" + } + }, + "type": "object" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "external": { + "description": "External enables you to configure external grafana instances that is not managed by the operator.", + "properties": { + "adminPassword": { + "description": "AdminPassword key to talk to the external grafana instance.", + "properties": { + "key": { + "description": "The key of the secret to select from. Must be a valid secret key.", + "type": "string" + }, + "name": { + "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?", + "type": "string" + }, + "optional": { + "description": "Specify whether the Secret or its key must be defined", + "type": "boolean" + } + }, + "required": [ + "key" + ], + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "adminUser": { + "description": "AdminUser key to talk to the external grafana instance.", + "properties": { + "key": { + "description": "The key of the secret to select from. Must be a valid secret key.", + "type": "string" + }, + "name": { + "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?", + "type": "string" + }, + "optional": { + "description": "Specify whether the Secret or its key must be defined", + "type": "boolean" + } + }, + "required": [ + "key" + ], + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "apiKey": { + "description": "The API key to talk to the external grafana instance, you need to define ether apiKey or adminUser/adminPassword.", + "properties": { + "key": { + "description": "The key of the secret to select from. Must be a valid secret key.", + "type": "string" + }, + "name": { + "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?", + "type": "string" + }, + "optional": { + "description": "Specify whether the Secret or its key must be defined", + "type": "boolean" + } + }, + "required": [ + "key" + ], + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "url": { + "description": "URL of the external grafana instance you want to manage.", + "type": "string" + } + }, + "required": [ + "url" + ], + "type": "object" + }, + "ingress": { + "description": "Ingress sets how the ingress object should look like with your grafana instance.", + "properties": { + "metadata": { + "description": "ObjectMeta contains only a [subset of the fields included in k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.27/#objectmeta-v1-meta).", + "properties": { + "annotations": { + "additionalProperties": { + "type": "string" + }, + "type": "object" + }, + "labels": { + "additionalProperties": { + "type": "string" + }, + "type": "object" + } + }, + "type": "object" + }, + "spec": { + "description": "IngressSpec describes the Ingress the user wishes to exist.", + "properties": { + "defaultBackend": { + "description": "defaultBackend is the backend that should handle requests that don't match any rule. If Rules are not specified, DefaultBackend must be specified. If DefaultBackend is not set, the handling of requests that do not match any of the rules will be up to the Ingress controller.", + "properties": { + "resource": { + "description": "resource is an ObjectRef to another Kubernetes resource in the namespace of the Ingress object. If resource is specified, a service.Name and service.Port must not be specified. This is a mutually exclusive setting with \"Service\".", + "properties": { + "apiGroup": { + "description": "APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required.", + "type": "string" + }, + "kind": { + "description": "Kind is the type of resource being referenced", + "type": "string" + }, + "name": { + "description": "Name is the name of resource being referenced", + "type": "string" + } + }, + "required": [ + "kind", + "name" + ], + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "service": { + "description": "service references a service as a backend. This is a mutually exclusive setting with \"Resource\".", + "properties": { + "name": { + "description": "name is the referenced service. The service must exist in the same namespace as the Ingress object.", + "type": "string" + }, + "port": { + "description": "port of the referenced service. A port name or port number is required for a IngressServiceBackend.", + "properties": { + "name": { + "description": "name is the name of the port on the Service. This is a mutually exclusive setting with \"Number\".", + "type": "string" + }, + "number": { + "description": "number is the numerical port number (e.g. 80) on the Service. This is a mutually exclusive setting with \"Name\".", + "format": "int32", + "type": "integer" + } + }, + "type": "object" + } + }, + "required": [ + "name" + ], + "type": "object" + } + }, + "type": "object" + }, + "ingressClassName": { + "description": "ingressClassName is the name of an IngressClass cluster resource. Ingress controller implementations use this field to know whether they should be serving this Ingress resource, by a transitive connection (controller -> IngressClass -> Ingress resource). Although the `kubernetes.io/ingress.class` annotation (simple constant name) was never formally defined, it was widely supported by Ingress controllers to create a direct binding between Ingress controller and Ingress resources. Newly created Ingress resources should prefer using the field. However, even though the annotation is officially deprecated, for backwards compatibility reasons, ingress controllers should still honor that annotation if present.", + "type": "string" + }, + "rules": { + "description": "rules is a list of host rules used to configure the Ingress. If unspecified, or no rule matches, all traffic is sent to the default backend.", + "items": { + "description": "IngressRule represents the rules mapping the paths under a specified host to the related backend services. Incoming requests are first evaluated for a host match, then routed to the backend associated with the matching IngressRuleValue.", + "properties": { + "host": { + "description": "host is the fully qualified domain name of a network host, as defined by RFC 3986. Note the following deviations from the \"host\" part of the URI as defined in RFC 3986: 1. IPs are not allowed. Currently an IngressRuleValue can only apply to the IP in the Spec of the parent Ingress. 2. The `:` delimiter is not respected because ports are not allowed. Currently the port of an Ingress is implicitly :80 for http and :443 for https. Both these may change in the future. Incoming requests are matched against the host before the IngressRuleValue. If the host is unspecified, the Ingress routes all traffic based on the specified IngressRuleValue. \n host can be \"precise\" which is a domain name without the terminating dot of a network host (e.g. \"foo.bar.com\") or \"wildcard\", which is a domain name prefixed with a single wildcard label (e.g. \"*.foo.com\"). The wildcard character '*' must appear by itself as the first DNS label and matches only a single label. You cannot have a wildcard label by itself (e.g. Host == \"*\"). Requests will be matched against the Host field in the following way: 1. If host is precise, the request matches this rule if the http host header is equal to Host. 2. If host is a wildcard, then the request matches this rule if the http host header is to equal to the suffix (removing the first label) of the wildcard rule.", + "type": "string" + }, + "http": { + "description": "HTTPIngressRuleValue is a list of http selectors pointing to backends. In the example: http:///? -> backend where where parts of the url correspond to RFC 3986, this resource will be used to match against everything after the last '/' and before the first '?' or '#'.", + "properties": { + "paths": { + "description": "paths is a collection of paths that map requests to backends.", + "items": { + "description": "HTTPIngressPath associates a path with a backend. Incoming urls matching the path are forwarded to the backend.", + "properties": { + "backend": { + "description": "backend defines the referenced service endpoint to which the traffic will be forwarded to.", + "properties": { + "resource": { + "description": "resource is an ObjectRef to another Kubernetes resource in the namespace of the Ingress object. If resource is specified, a service.Name and service.Port must not be specified. This is a mutually exclusive setting with \"Service\".", + "properties": { + "apiGroup": { + "description": "APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required.", + "type": "string" + }, + "kind": { + "description": "Kind is the type of resource being referenced", + "type": "string" + }, + "name": { + "description": "Name is the name of resource being referenced", + "type": "string" + } + }, + "required": [ + "kind", + "name" + ], + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "service": { + "description": "service references a service as a backend. This is a mutually exclusive setting with \"Resource\".", + "properties": { + "name": { + "description": "name is the referenced service. The service must exist in the same namespace as the Ingress object.", + "type": "string" + }, + "port": { + "description": "port of the referenced service. A port name or port number is required for a IngressServiceBackend.", + "properties": { + "name": { + "description": "name is the name of the port on the Service. This is a mutually exclusive setting with \"Number\".", + "type": "string" + }, + "number": { + "description": "number is the numerical port number (e.g. 80) on the Service. This is a mutually exclusive setting with \"Name\".", + "format": "int32", + "type": "integer" + } + }, + "type": "object" + } + }, + "required": [ + "name" + ], + "type": "object" + } + }, + "type": "object" + }, + "path": { + "description": "path is matched against the path of an incoming request. Currently it can contain characters disallowed from the conventional \"path\" part of a URL as defined by RFC 3986. Paths must begin with a '/' and must be present when using PathType with value \"Exact\" or \"Prefix\".", + "type": "string" + }, + "pathType": { + "description": "pathType determines the interpretation of the path matching. PathType can be one of the following values: * Exact: Matches the URL path exactly. * Prefix: Matches based on a URL path prefix split by '/'. Matching is done on a path element by element basis. A path element refers is the list of labels in the path split by the '/' separator. A request is a match for path p if every p is an element-wise prefix of p of the request path. Note that if the last element of the path is a substring of the last element in request path, it is not a match (e.g. /foo/bar matches /foo/bar/baz, but does not match /foo/barbaz). * ImplementationSpecific: Interpretation of the Path matching is up to the IngressClass. Implementations can treat this as a separate PathType or treat it identically to Prefix or Exact path types. Implementations are required to support all path types.", + "type": "string" + } + }, + "required": [ + "backend", + "pathType" + ], + "type": "object" + }, + "type": "array", + "x-kubernetes-list-type": "atomic" + } + }, + "required": [ + "paths" + ], + "type": "object" + } + }, + "type": "object" + }, + "type": "array", + "x-kubernetes-list-type": "atomic" + }, + "tls": { + "description": "tls represents the TLS configuration. Currently the Ingress only supports a single TLS port, 443. If multiple members of this list specify different hosts, they will be multiplexed on the same port according to the hostname specified through the SNI TLS extension, if the ingress controller fulfilling the ingress supports SNI.", + "items": { + "description": "IngressTLS describes the transport layer security associated with an ingress.", + "properties": { + "hosts": { + "description": "hosts is a list of hosts included in the TLS certificate. The values in this list must match the name/s used in the tlsSecret. Defaults to the wildcard host setting for the loadbalancer controller fulfilling this Ingress, if left unspecified.", + "items": { + "type": "string" + }, + "type": "array", + "x-kubernetes-list-type": "atomic" + }, + "secretName": { + "description": "secretName is the name of the secret used to terminate TLS traffic on port 443. Field is left optional to allow TLS routing based on SNI hostname alone. If the SNI host in a listener conflicts with the \"Host\" header field used by an IngressRule, the SNI host is used for termination and value of the \"Host\" header is used for routing.", + "type": "string" + } + }, + "type": "object" + }, + "type": "array", + "x-kubernetes-list-type": "atomic" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "jsonnet": { + "properties": { + "libraryLabelSelector": { + "description": "A label selector is a label query over a set of resources. The result of matchLabels and matchExpressions are ANDed. An empty label selector matches all objects. A null label selector matches no objects.", + "properties": { + "matchExpressions": { + "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", + "items": { + "description": "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.", + "properties": { + "key": { + "description": "key is the label key that the selector applies to.", + "type": "string" + }, + "operator": { + "description": "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.", + "type": "string" + }, + "values": { + "description": "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array" + }, + "matchLabels": { + "additionalProperties": { + "type": "string" + }, + "description": "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", + "type": "object" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + } + }, + "type": "object" + }, + "persistentVolumeClaim": { + "description": "PersistentVolumeClaim creates a PVC if you need to attach one to your grafana instance.", + "properties": { + "metadata": { + "description": "ObjectMeta contains only a [subset of the fields included in k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.27/#objectmeta-v1-meta).", + "properties": { + "annotations": { + "additionalProperties": { + "type": "string" + }, + "type": "object" + }, + "labels": { + "additionalProperties": { + "type": "string" + }, + "type": "object" + } + }, + "type": "object" + }, + "spec": { + "properties": { + "accessModes": { + "items": { + "type": "string" + }, + "type": "array" + }, + "dataSource": { + "description": "TypedLocalObjectReference contains enough information to let you locate the typed referenced object inside the same namespace.", + "properties": { + "apiGroup": { + "description": "APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required.", + "type": "string" + }, + "kind": { + "description": "Kind is the type of resource being referenced", + "type": "string" + }, + "name": { + "description": "Name is the name of resource being referenced", + "type": "string" + } + }, + "required": [ + "kind", + "name" + ], + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "dataSourceRef": { + "description": "TypedLocalObjectReference contains enough information to let you locate the typed referenced object inside the same namespace.", + "properties": { + "apiGroup": { + "description": "APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required.", + "type": "string" + }, + "kind": { + "description": "Kind is the type of resource being referenced", + "type": "string" + }, + "name": { + "description": "Name is the name of resource being referenced", + "type": "string" + } + }, + "required": [ + "kind", + "name" + ], + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "resources": { + "description": "ResourceRequirements describes the compute resource requirements.", + "properties": { + "claims": { + "description": "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers.", + "items": { + "description": "ResourceClaim references one entry in PodSpec.ResourceClaims.", + "properties": { + "name": { + "description": "Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container.", + "type": "string" + } + }, + "required": [ + "name" + ], + "type": "object" + }, + "type": "array", + "x-kubernetes-list-map-keys": [ + "name" + ], + "x-kubernetes-list-type": "map" + }, + "limits": { + "additionalProperties": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "description": "Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/", + "type": "object" + }, + "requests": { + "additionalProperties": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "description": "Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/", + "type": "object" + } + }, + "type": "object" + }, + "selector": { + "description": "A label selector is a label query over a set of resources. The result of matchLabels and matchExpressions are ANDed. An empty label selector matches all objects. A null label selector matches no objects.", + "properties": { + "matchExpressions": { + "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", + "items": { + "description": "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.", + "properties": { + "key": { + "description": "key is the label key that the selector applies to.", + "type": "string" + }, + "operator": { + "description": "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.", + "type": "string" + }, + "values": { + "description": "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array" + }, + "matchLabels": { + "additionalProperties": { + "type": "string" + }, + "description": "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", + "type": "object" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "storageClassName": { + "type": "string" + }, + "volumeMode": { + "description": "PersistentVolumeMode describes how a volume is intended to be consumed, either Block or Filesystem.", + "type": "string" + }, + "volumeName": { + "description": "VolumeName is the binding reference to the PersistentVolume backing this claim.", + "type": "string" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "preferences": { + "description": "Preferences holds the Grafana Preferences settings", + "properties": { + "homeDashboardUid": { + "type": "string" + } + }, + "type": "object" + }, + "route": { + "description": "Route sets how the ingress object should look like with your grafana instance, this only works in Openshift.", + "properties": { + "metadata": { + "description": "ObjectMeta contains only a [subset of the fields included in k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.27/#objectmeta-v1-meta).", + "properties": { + "annotations": { + "additionalProperties": { + "type": "string" + }, + "type": "object" + }, + "labels": { + "additionalProperties": { + "type": "string" + }, + "type": "object" + } + }, + "type": "object" + }, + "spec": { + "properties": { + "alternateBackends": { + "items": { + "description": "RouteTargetReference specifies the target that resolve into endpoints. Only the 'Service' kind is allowed. Use 'weight' field to emphasize one over others.", + "properties": { + "kind": { + "description": "The kind of target that the route is referring to. Currently, only 'Service' is allowed", + "type": "string" + }, + "name": { + "description": "name of the service/target that is being referred to. e.g. name of the service", + "type": "string" + }, + "weight": { + "description": "weight as an integer between 0 and 256, default 100, that specifies the target's relative weight against other target reference objects. 0 suppresses requests to this backend.", + "format": "int32", + "type": "integer" + } + }, + "required": [ + "kind", + "name", + "weight" + ], + "type": "object" + }, + "type": "array" + }, + "host": { + "type": "string" + }, + "path": { + "type": "string" + }, + "port": { + "description": "RoutePort defines a port mapping from a router to an endpoint in the service endpoints.", + "properties": { + "targetPort": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "description": "The target port on pods selected by the service this route points to. If this is a string, it will be looked up as a named port in the target endpoints port list. Required", + "x-kubernetes-int-or-string": true + } + }, + "required": [ + "targetPort" + ], + "type": "object" + }, + "tls": { + "description": "TLSConfig defines config used to secure a route and provide termination", + "properties": { + "caCertificate": { + "description": "caCertificate provides the cert authority certificate contents", + "type": "string" + }, + "certificate": { + "description": "certificate provides certificate contents", + "type": "string" + }, + "destinationCACertificate": { + "description": "destinationCACertificate provides the contents of the ca certificate of the final destination. When using reencrypt termination this file should be provided in order to have routers use it for health checks on the secure connection. If this field is not specified, the router may provide its own destination CA and perform hostname validation using the short service name (service.namespace.svc), which allows infrastructure generated certificates to automatically verify.", + "type": "string" + }, + "insecureEdgeTerminationPolicy": { + "description": "insecureEdgeTerminationPolicy indicates the desired behavior for insecure connections to a route. While each router may make its own decisions on which ports to expose, this is normally port 80. \n * Allow - traffic is sent to the server on the insecure port (default) * Disable - no traffic is allowed on the insecure port. * Redirect - clients are redirected to the secure port.", + "type": "string" + }, + "key": { + "description": "key provides key file contents", + "type": "string" + }, + "termination": { + "description": "termination indicates termination type.", + "type": "string" + } + }, + "required": [ + "termination" + ], + "type": "object" + }, + "to": { + "description": "RouteTargetReference specifies the target that resolve into endpoints. Only the 'Service' kind is allowed. Use 'weight' field to emphasize one over others.", + "properties": { + "kind": { + "description": "The kind of target that the route is referring to. Currently, only 'Service' is allowed", + "type": "string" + }, + "name": { + "description": "name of the service/target that is being referred to. e.g. name of the service", + "type": "string" + }, + "weight": { + "description": "weight as an integer between 0 and 256, default 100, that specifies the target's relative weight against other target reference objects. 0 suppresses requests to this backend.", + "format": "int32", + "type": "integer" + } + }, + "required": [ + "kind", + "name", + "weight" + ], + "type": "object" + }, + "wildcardPolicy": { + "description": "WildcardPolicyType indicates the type of wildcard support needed by routes.", + "type": "string" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "service": { + "description": "Service sets how the service object should look like with your grafana instance, contains a number of defaults.", + "properties": { + "metadata": { + "description": "ObjectMeta contains only a [subset of the fields included in k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.27/#objectmeta-v1-meta).", + "properties": { + "annotations": { + "additionalProperties": { + "type": "string" + }, + "type": "object" + }, + "labels": { + "additionalProperties": { + "type": "string" + }, + "type": "object" + } + }, + "type": "object" + }, + "spec": { + "description": "ServiceSpec describes the attributes that a user creates on a service.", + "properties": { + "allocateLoadBalancerNodePorts": { + "description": "allocateLoadBalancerNodePorts defines if NodePorts will be automatically allocated for services with type LoadBalancer. Default is \"true\". It may be set to \"false\" if the cluster load-balancer does not rely on NodePorts. If the caller requests specific NodePorts (by specifying a value), those requests will be respected, regardless of this field. This field may only be set for services with type LoadBalancer and will be cleared if the type is changed to any other type.", + "type": "boolean" + }, + "clusterIP": { + "description": "clusterIP is the IP address of the service and is usually assigned randomly. If an address is specified manually, is in-range (as per system configuration), and is not in use, it will be allocated to the service; otherwise creation of the service will fail. This field may not be changed through updates unless the type field is also being changed to ExternalName (which requires this field to be blank) or the type field is being changed from ExternalName (in which case this field may optionally be specified, as describe above). Valid values are \"None\", empty string (\"\"), or a valid IP address. Setting this to \"None\" makes a \"headless service\" (no virtual IP), which is useful when direct endpoint connections are preferred and proxying is not required. Only applies to types ClusterIP, NodePort, and LoadBalancer. If this field is specified when creating a Service of type ExternalName, creation will fail. This field will be wiped when updating a Service to type ExternalName. More info: https://kubernetes.io/docs/concepts/services-networking/service/#virtual-ips-and-service-proxies", + "type": "string" + }, + "clusterIPs": { + "description": "ClusterIPs is a list of IP addresses assigned to this service, and are usually assigned randomly. If an address is specified manually, is in-range (as per system configuration), and is not in use, it will be allocated to the service; otherwise creation of the service will fail. This field may not be changed through updates unless the type field is also being changed to ExternalName (which requires this field to be empty) or the type field is being changed from ExternalName (in which case this field may optionally be specified, as describe above). Valid values are \"None\", empty string (\"\"), or a valid IP address. Setting this to \"None\" makes a \"headless service\" (no virtual IP), which is useful when direct endpoint connections are preferred and proxying is not required. Only applies to types ClusterIP, NodePort, and LoadBalancer. If this field is specified when creating a Service of type ExternalName, creation will fail. This field will be wiped when updating a Service to type ExternalName. If this field is not specified, it will be initialized from the clusterIP field. If this field is specified, clients must ensure that clusterIPs[0] and clusterIP have the same value. \n This field may hold a maximum of two entries (dual-stack IPs, in either order). These IPs must correspond to the values of the ipFamilies field. Both clusterIPs and ipFamilies are governed by the ipFamilyPolicy field. More info: https://kubernetes.io/docs/concepts/services-networking/service/#virtual-ips-and-service-proxies", + "items": { + "type": "string" + }, + "type": "array", + "x-kubernetes-list-type": "atomic" + }, + "externalIPs": { + "description": "externalIPs is a list of IP addresses for which nodes in the cluster will also accept traffic for this service. These IPs are not managed by Kubernetes. The user is responsible for ensuring that traffic arrives at a node with this IP. A common example is external load-balancers that are not part of the Kubernetes system.", + "items": { + "type": "string" + }, + "type": "array" + }, + "externalName": { + "description": "externalName is the external reference that discovery mechanisms will return as an alias for this service (e.g. a DNS CNAME record). No proxying will be involved. Must be a lowercase RFC-1123 hostname (https://tools.ietf.org/html/rfc1123) and requires `type` to be \"ExternalName\".", + "type": "string" + }, + "externalTrafficPolicy": { + "description": "externalTrafficPolicy describes how nodes distribute service traffic they receive on one of the Service's \"externally-facing\" addresses (NodePorts, ExternalIPs, and LoadBalancer IPs). If set to \"Local\", the proxy will configure the service in a way that assumes that external load balancers will take care of balancing the service traffic between nodes, and so each node will deliver traffic only to the node-local endpoints of the service, without masquerading the client source IP. (Traffic mistakenly sent to a node with no endpoints will be dropped.) The default value, \"Cluster\", uses the standard behavior of routing to all endpoints evenly (possibly modified by topology and other features). Note that traffic sent to an External IP or LoadBalancer IP from within the cluster will always get \"Cluster\" semantics, but clients sending to a NodePort from within the cluster may need to take traffic policy into account when picking a node.", + "type": "string" + }, + "healthCheckNodePort": { + "description": "healthCheckNodePort specifies the healthcheck nodePort for the service. This only applies when type is set to LoadBalancer and externalTrafficPolicy is set to Local. If a value is specified, is in-range, and is not in use, it will be used. If not specified, a value will be automatically allocated. External systems (e.g. load-balancers) can use this port to determine if a given node holds endpoints for this service or not. If this field is specified when creating a Service which does not need it, creation will fail. This field will be wiped when updating a Service to no longer need it (e.g. changing type). This field cannot be updated once set.", + "format": "int32", + "type": "integer" + }, + "internalTrafficPolicy": { + "description": "InternalTrafficPolicy describes how nodes distribute service traffic they receive on the ClusterIP. If set to \"Local\", the proxy will assume that pods only want to talk to endpoints of the service on the same node as the pod, dropping the traffic if there are no local endpoints. The default value, \"Cluster\", uses the standard behavior of routing to all endpoints evenly (possibly modified by topology and other features).", + "type": "string" + }, + "ipFamilies": { + "description": "IPFamilies is a list of IP families (e.g. IPv4, IPv6) assigned to this service. This field is usually assigned automatically based on cluster configuration and the ipFamilyPolicy field. If this field is specified manually, the requested family is available in the cluster, and ipFamilyPolicy allows it, it will be used; otherwise creation of the service will fail. This field is conditionally mutable: it allows for adding or removing a secondary IP family, but it does not allow changing the primary IP family of the Service. Valid values are \"IPv4\" and \"IPv6\". This field only applies to Services of types ClusterIP, NodePort, and LoadBalancer, and does apply to \"headless\" services. This field will be wiped when updating a Service to type ExternalName. \n This field may hold a maximum of two entries (dual-stack families, in either order). These families must correspond to the values of the clusterIPs field, if specified. Both clusterIPs and ipFamilies are governed by the ipFamilyPolicy field.", + "items": { + "description": "IPFamily represents the IP Family (IPv4 or IPv6). This type is used to express the family of an IP expressed by a type (e.g. service.spec.ipFamilies).", + "type": "string" + }, + "type": "array", + "x-kubernetes-list-type": "atomic" + }, + "ipFamilyPolicy": { + "description": "IPFamilyPolicy represents the dual-stack-ness requested or required by this Service. If there is no value provided, then this field will be set to SingleStack. Services can be \"SingleStack\" (a single IP family), \"PreferDualStack\" (two IP families on dual-stack configured clusters or a single IP family on single-stack clusters), or \"RequireDualStack\" (two IP families on dual-stack configured clusters, otherwise fail). The ipFamilies and clusterIPs fields depend on the value of this field. This field will be wiped when updating a service to type ExternalName.", + "type": "string" + }, + "loadBalancerClass": { + "description": "loadBalancerClass is the class of the load balancer implementation this Service belongs to. If specified, the value of this field must be a label-style identifier, with an optional prefix, e.g. \"internal-vip\" or \"example.com/internal-vip\". Unprefixed names are reserved for end-users. This field can only be set when the Service type is 'LoadBalancer'. If not set, the default load balancer implementation is used, today this is typically done through the cloud provider integration, but should apply for any default implementation. If set, it is assumed that a load balancer implementation is watching for Services with a matching class. Any default load balancer implementation (e.g. cloud providers) should ignore Services that set this field. This field can only be set when creating or updating a Service to type 'LoadBalancer'. Once set, it can not be changed. This field will be wiped when a service is updated to a non 'LoadBalancer' type.", + "type": "string" + }, + "loadBalancerIP": { + "description": "Only applies to Service Type: LoadBalancer. This feature depends on whether the underlying cloud-provider supports specifying the loadBalancerIP when a load balancer is created. This field will be ignored if the cloud-provider does not support the feature. Deprecated: This field was under-specified and its meaning varies across implementations. Using it is non-portable and it may not support dual-stack. Users are encouraged to use implementation-specific annotations when available.", + "type": "string" + }, + "loadBalancerSourceRanges": { + "description": "If specified and supported by the platform, this will restrict traffic through the cloud-provider load-balancer will be restricted to the specified client IPs. This field will be ignored if the cloud-provider does not support the feature.\" More info: https://kubernetes.io/docs/tasks/access-application-cluster/create-external-load-balancer/", + "items": { + "type": "string" + }, + "type": "array" + }, + "ports": { + "description": "The list of ports that are exposed by this service. More info: https://kubernetes.io/docs/concepts/services-networking/service/#virtual-ips-and-service-proxies", + "items": { + "description": "ServicePort contains information on service's port.", + "properties": { + "appProtocol": { + "description": "The application protocol for this port. This is used as a hint for implementations to offer richer behavior for protocols that they understand. This field follows standard Kubernetes label syntax. Valid values are either: \n * Un-prefixed protocol names - reserved for IANA standard service names (as per RFC-6335 and https://www.iana.org/assignments/service-names). \n * Kubernetes-defined prefixed names: * 'kubernetes.io/h2c' - HTTP/2 prior knowledge over cleartext as described in https://www.rfc-editor.org/rfc/rfc9113.html#name-starting-http-2-with-prior- * 'kubernetes.io/ws' - WebSocket over cleartext as described in https://www.rfc-editor.org/rfc/rfc6455 * 'kubernetes.io/wss' - WebSocket over TLS as described in https://www.rfc-editor.org/rfc/rfc6455 \n * Other protocols should use implementation-defined prefixed names such as mycompany.com/my-custom-protocol.", + "type": "string" + }, + "name": { + "description": "The name of this port within the service. This must be a DNS_LABEL. All ports within a ServiceSpec must have unique names. When considering the endpoints for a Service, this must match the 'name' field in the EndpointPort. Optional if only one ServicePort is defined on this service.", + "type": "string" + }, + "nodePort": { + "description": "The port on each node on which this service is exposed when type is NodePort or LoadBalancer. Usually assigned by the system. If a value is specified, in-range, and not in use it will be used, otherwise the operation will fail. If not specified, a port will be allocated if this Service requires one. If this field is specified when creating a Service which does not need it, creation will fail. This field will be wiped when updating a Service to no longer need it (e.g. changing type from NodePort to ClusterIP). More info: https://kubernetes.io/docs/concepts/services-networking/service/#type-nodeport", + "format": "int32", + "type": "integer" + }, + "port": { + "description": "The port that will be exposed by this service.", + "format": "int32", + "type": "integer" + }, + "protocol": { + "default": "TCP", + "description": "The IP protocol for this port. Supports \"TCP\", \"UDP\", and \"SCTP\". Default is TCP.", + "type": "string" + }, + "targetPort": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "description": "Number or name of the port to access on the pods targeted by the service. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. If this is a string, it will be looked up as a named port in the target Pod's container ports. If this is not specified, the value of the 'port' field is used (an identity map). This field is ignored for services with clusterIP=None, and should be omitted or set equal to the 'port' field. More info: https://kubernetes.io/docs/concepts/services-networking/service/#defining-a-service", + "x-kubernetes-int-or-string": true + } + }, + "required": [ + "port" + ], + "type": "object" + }, + "type": "array", + "x-kubernetes-list-map-keys": [ + "port", + "protocol" + ], + "x-kubernetes-list-type": "map" + }, + "publishNotReadyAddresses": { + "description": "publishNotReadyAddresses indicates that any agent which deals with endpoints for this Service should disregard any indications of ready/not-ready. The primary use case for setting this field is for a StatefulSet's Headless Service to propagate SRV DNS records for its Pods for the purpose of peer discovery. The Kubernetes controllers that generate Endpoints and EndpointSlice resources for Services interpret this to mean that all endpoints are considered \"ready\" even if the Pods themselves are not. Agents which consume only Kubernetes generated endpoints through the Endpoints or EndpointSlice resources can safely assume this behavior.", + "type": "boolean" + }, + "selector": { + "additionalProperties": { + "type": "string" + }, + "description": "Route service traffic to pods with label keys and values matching this selector. If empty or not present, the service is assumed to have an external process managing its endpoints, which Kubernetes will not modify. Only applies to types ClusterIP, NodePort, and LoadBalancer. Ignored if type is ExternalName. More info: https://kubernetes.io/docs/concepts/services-networking/service/", + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "sessionAffinity": { + "description": "Supports \"ClientIP\" and \"None\". Used to maintain session affinity. Enable client IP based session affinity. Must be ClientIP or None. Defaults to None. More info: https://kubernetes.io/docs/concepts/services-networking/service/#virtual-ips-and-service-proxies", + "type": "string" + }, + "sessionAffinityConfig": { + "description": "sessionAffinityConfig contains the configurations of session affinity.", + "properties": { + "clientIP": { + "description": "clientIP contains the configurations of Client IP based session affinity.", + "properties": { + "timeoutSeconds": { + "description": "timeoutSeconds specifies the seconds of ClientIP type session sticky time. The value must be >0 && <=86400(for 1 day) if ServiceAffinity == \"ClientIP\". Default value is 10800(for 3 hours).", + "format": "int32", + "type": "integer" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "type": { + "description": "type determines how the Service is exposed. Defaults to ClusterIP. Valid options are ExternalName, ClusterIP, NodePort, and LoadBalancer. \"ClusterIP\" allocates a cluster-internal IP address for load-balancing to endpoints. Endpoints are determined by the selector or if that is not specified, by manual construction of an Endpoints object or EndpointSlice objects. If clusterIP is \"None\", no virtual IP is allocated and the endpoints are published as a set of endpoints rather than a virtual IP. \"NodePort\" builds on ClusterIP and allocates a port on every node which routes to the same endpoints as the clusterIP. \"LoadBalancer\" builds on NodePort and creates an external load-balancer (if supported in the current cloud) which routes to the same endpoints as the clusterIP. \"ExternalName\" aliases this service to the specified externalName. Several other fields do not apply to ExternalName services. More info: https://kubernetes.io/docs/concepts/services-networking/service/#publishing-services-service-types", + "type": "string" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "serviceAccount": { + "description": "ServiceAccount sets how the ServiceAccount object should look like with your grafana instance, contains a number of defaults.", + "properties": { + "automountServiceAccountToken": { + "type": "boolean" + }, + "imagePullSecrets": { + "items": { + "description": "LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace.", + "properties": { + "name": { + "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?", + "type": "string" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "type": "array" + }, + "metadata": { + "description": "ObjectMeta contains only a [subset of the fields included in k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.27/#objectmeta-v1-meta).", + "properties": { + "annotations": { + "additionalProperties": { + "type": "string" + }, + "type": "object" + }, + "labels": { + "additionalProperties": { + "type": "string" + }, + "type": "object" + } + }, + "type": "object" + }, + "secrets": { + "items": { + "description": "ObjectReference contains enough information to let you inspect or modify the referred object. --- New uses of this type are discouraged because of difficulty describing its usage when embedded in APIs. 1. Ignored fields. It includes many fields which are not generally honored. For instance, ResourceVersion and FieldPath are both very rarely valid in actual usage. 2. Invalid usage help. It is impossible to add specific help for individual usage. In most embedded usages, there are particular restrictions like, \"must refer only to types A and B\" or \"UID not honored\" or \"name must be restricted\". Those cannot be well described when embedded. 3. Inconsistent validation. Because the usages are different, the validation rules are different by usage, which makes it hard for users to predict what will happen. 4. The fields are both imprecise and overly precise. Kind is not a precise mapping to a URL. This can produce ambiguity during interpretation and require a REST mapping. In most cases, the dependency is on the group,resource tuple and the version of the actual struct is irrelevant. 5. We cannot easily change it. Because this type is embedded in many locations, updates to this type will affect numerous schemas. Don't make new APIs embed an underspecified API type they do not control. \n Instead of using this type, create a locally provided and used type that is well-focused on your reference. For example, ServiceReferences for admission registration: https://github.com/kubernetes/api/blob/release-1.17/admissionregistration/v1/types.go#L533 .", + "properties": { + "apiVersion": { + "description": "API version of the referent.", + "type": "string" + }, + "fieldPath": { + "description": "If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: \"spec.containers{name}\" (where \"name\" refers to the name of the container that triggered the event) or if no container name is specified \"spec.containers[2]\" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. TODO: this design is not final and this field is subject to change in the future.", + "type": "string" + }, + "kind": { + "description": "Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", + "type": "string" + }, + "name": { + "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names", + "type": "string" + }, + "namespace": { + "description": "Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/", + "type": "string" + }, + "resourceVersion": { + "description": "Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency", + "type": "string" + }, + "uid": { + "description": "UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids", + "type": "string" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "type": "array" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "status": { + "description": "GrafanaStatus defines the observed state of Grafana", + "properties": { + "adminUrl": { + "type": "string" + }, + "dashboards": { + "items": { + "type": "string" + }, + "type": "array" + }, + "datasources": { + "items": { + "type": "string" + }, + "type": "array" + }, + "folders": { + "items": { + "type": "string" + }, + "type": "array" + }, + "lastMessage": { + "type": "string" + }, + "stage": { + "type": "string" + }, + "stageStatus": { + "type": "string" + } + }, + "type": "object" + } + }, + "type": "object" + } + }, + "served": true, + "storage": true, + "subresources": { + "status": {} + } + } + ] + }, + "status": { + "acceptedNames": { + "kind": "Grafana", + "listKind": "GrafanaList", + "plural": "grafanas", + "singular": "grafana" + }, + "conditions": [ + { + "lastTransitionTime": "2024-03-04T14:25:29Z", + "message": "no conflicts found", + "reason": "NoConflicts", + "status": "True", + "type": "NamesAccepted" + }, + { + "lastTransitionTime": "2024-03-04T14:25:29Z", + "message": "the initial names have been accepted", + "reason": "InitialNamesAccepted", + "status": "True", + "type": "Established" + } + ], + "storedVersions": [ + "v1beta1" + ] + } + }, + "group": "grafana.integreatly.org", + "plural": "grafanas", + "version": "v1beta1" + }, + "learnrun_time": 189.47216844558716, + "namespace": "grafana", + "preload_images": [ + "ghcr.io/grafana/grafana-operator:v5.6.3", + "docker.io/grafana/grafana:9.1.6" + ], + "static_analysis_time": 7.62939453125e-06 +} \ No newline at end of file diff --git a/data/grafana_grafana-operator/grafanas-cr.yaml b/data/grafana_grafana-operator/grafanas-cr.yaml new file mode 100644 index 0000000000..fae6f2d4e2 --- /dev/null +++ b/data/grafana_grafana-operator/grafanas-cr.yaml @@ -0,0 +1,16 @@ +apiVersion: grafana.integreatly.org/v1beta1 +kind: Grafana +metadata: + name: test-cluster + labels: + dashboards: "grafana" + folders: "grafana" +spec: + config: + security: + admin_user: root + admin_password: start + log: + mode: "console" + auth: + disable_login_form: "false" diff --git a/data/grafana_grafana-operator/kustomize-cluster_scoped.yaml b/data/grafana_grafana-operator/kustomize-cluster_scoped.yaml new file mode 100644 index 0000000000..c8a2b005db --- /dev/null +++ b/data/grafana_grafana-operator/kustomize-cluster_scoped.yaml @@ -0,0 +1,11046 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: grafana +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.12.0 + name: grafanadashboards.grafana.integreatly.org +spec: + group: grafana.integreatly.org + names: + kind: GrafanaDashboard + listKind: GrafanaDashboardList + plural: grafanadashboards + singular: grafanadashboard + scope: Namespaced + versions: + - additionalPrinterColumns: + - jsonPath: .status.NoMatchingInstances + name: No matching instances + type: boolean + - format: date-time + jsonPath: .status.lastResync + name: Last resync + type: date + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1beta1 + schema: + openAPIV3Schema: + description: GrafanaDashboard is the Schema for the grafanadashboards API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: GrafanaDashboardSpec defines the desired state of GrafanaDashboard + properties: + allowCrossNamespaceImport: + description: allow to import this resources from an operator in a + different namespace + type: boolean + configMapRef: + description: dashboard from configmap + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + optional: + description: Specify whether the ConfigMap or its key must be + defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + contentCacheDuration: + description: Cache duration for dashboards fetched from URLs + type: string + datasources: + description: maps required data sources to existing ones + items: + properties: + datasourceName: + type: string + inputName: + type: string + required: + - datasourceName + - inputName + type: object + type: array + envFrom: + description: environments variables from secrets or config maps + items: + properties: + configMapKeyRef: + description: Selects a key of a ConfigMap. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + optional: + description: Specify whether the ConfigMap or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secretKeyRef: + description: Selects a key of a Secret. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + type: array + envs: + description: environments variables as a map + items: + properties: + name: + type: string + value: + description: Inline evn value + type: string + valueFrom: + description: Reference on value source, might be the reference + on a secret or config map + properties: + configMapKeyRef: + description: Selects a key of a ConfigMap. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + optional: + description: Specify whether the ConfigMap or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secretKeyRef: + description: Selects a key of a Secret. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + required: + - name + type: object + type: array + folder: + description: folder assignment for dashboard + type: string + grafanaCom: + description: grafana.com/dashboards + properties: + id: + type: integer + revision: + type: integer + required: + - id + type: object + gzipJson: + description: GzipJson the dashboard's JSON compressed with Gzip. Base64-encoded + when in YAML. + format: byte + type: string + instanceSelector: + description: selects Grafanas for import + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. + The requirements are ANDed. + items: + description: A label selector requirement is a selector that + contains values, a key, and an operator that relates the key + and values. + properties: + key: + description: key is the label key that the selector applies + to. + type: string + operator: + description: operator represents a key's relationship to + a set of values. Valid operators are In, NotIn, Exists + and DoesNotExist. + type: string + values: + description: values is an array of string values. If the + operator is In or NotIn, the values array must be non-empty. + If the operator is Exists or DoesNotExist, the values + array must be empty. This array is replaced during a strategic + merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} pairs. A single + {key,value} in the matchLabels map is equivalent to an element + of matchExpressions, whose key field is "key", the operator + is "In", and the values array contains only "value". The requirements + are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + json: + description: dashboard json + type: string + jsonnet: + description: Jsonnet + type: string + jsonnetLib: + description: Jsonnet project build + properties: + fileName: + type: string + gzipJsonnetProject: + format: byte + type: string + jPath: + items: + type: string + type: array + required: + - fileName + - gzipJsonnetProject + type: object + plugins: + description: plugins + items: + properties: + name: + type: string + version: + type: string + required: + - name + - version + type: object + type: array + resyncPeriod: + description: how often the dashboard is refreshed, defaults to 5m + if not set + type: string + url: + description: dashboard url + type: string + required: + - instanceSelector + type: object + status: + description: GrafanaDashboardStatus defines the observed state of GrafanaDashboard + properties: + NoMatchingInstances: + description: The dashboard instanceSelector can't find matching grafana + instances + type: boolean + contentCache: + format: byte + type: string + contentTimestamp: + format: date-time + type: string + contentUrl: + type: string + hash: + type: string + lastResync: + description: Last time the dashboard was resynced + format: date-time + type: string + uid: + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.12.0 + name: grafanadatasources.grafana.integreatly.org +spec: + group: grafana.integreatly.org + names: + kind: GrafanaDatasource + listKind: GrafanaDatasourceList + plural: grafanadatasources + singular: grafanadatasource + scope: Namespaced + versions: + - additionalPrinterColumns: + - jsonPath: .status.NoMatchingInstances + name: No matching instances + type: boolean + - format: date-time + jsonPath: .status.lastResync + name: Last resync + type: date + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1beta1 + schema: + openAPIV3Schema: + description: GrafanaDatasource is the Schema for the grafanadatasources API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: GrafanaDatasourceSpec defines the desired state of GrafanaDatasource + properties: + allowCrossNamespaceImport: + description: allow to import this resources from an operator in a + different namespace + type: boolean + datasource: + properties: + access: + type: string + basicAuth: + type: boolean + basicAuthUser: + type: string + database: + type: string + editable: + type: boolean + isDefault: + type: boolean + jsonData: + type: object + x-kubernetes-preserve-unknown-fields: true + name: + type: string + orgId: + format: int64 + type: integer + secureJsonData: + type: object + x-kubernetes-preserve-unknown-fields: true + type: + type: string + uid: + type: string + url: + type: string + user: + type: string + type: object + instanceSelector: + description: selects Grafana instances for import + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. + The requirements are ANDed. + items: + description: A label selector requirement is a selector that + contains values, a key, and an operator that relates the key + and values. + properties: + key: + description: key is the label key that the selector applies + to. + type: string + operator: + description: operator represents a key's relationship to + a set of values. Valid operators are In, NotIn, Exists + and DoesNotExist. + type: string + values: + description: values is an array of string values. If the + operator is In or NotIn, the values array must be non-empty. + If the operator is Exists or DoesNotExist, the values + array must be empty. This array is replaced during a strategic + merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} pairs. A single + {key,value} in the matchLabels map is equivalent to an element + of matchExpressions, whose key field is "key", the operator + is "In", and the values array contains only "value". The requirements + are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + plugins: + description: plugins + items: + properties: + name: + type: string + version: + type: string + required: + - name + - version + type: object + type: array + resyncPeriod: + description: how often the datasource is refreshed, defaults to 5m + if not set + type: string + valuesFrom: + description: environments variables from secrets or config maps + items: + properties: + targetPath: + type: string + valueFrom: + properties: + configMapKeyRef: + description: Selects a key of a ConfigMap. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + optional: + description: Specify whether the ConfigMap or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secretKeyRef: + description: Selects a key of a Secret. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + required: + - targetPath + - valueFrom + type: object + type: array + required: + - datasource + - instanceSelector + type: object + status: + description: GrafanaDatasourceStatus defines the observed state of GrafanaDatasource + properties: + NoMatchingInstances: + description: The datasource instanceSelector can't find matching grafana + instances + type: boolean + hash: + type: string + lastMessage: + type: string + lastResync: + description: Last time the datasource was resynced + format: date-time + type: string + uid: + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.12.0 + name: grafanafolders.grafana.integreatly.org +spec: + group: grafana.integreatly.org + names: + kind: GrafanaFolder + listKind: GrafanaFolderList + plural: grafanafolders + singular: grafanafolder + scope: Namespaced + versions: + - additionalPrinterColumns: + - jsonPath: .status.NoMatchingInstances + name: No matching instances + type: boolean + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1beta1 + schema: + openAPIV3Schema: + description: GrafanaFolder is the Schema for the grafanafolders API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: GrafanaFolderSpec defines the desired state of GrafanaFolder + properties: + allowCrossNamespaceImport: + description: allow to import this resources from an operator in a + different namespace + type: boolean + instanceSelector: + description: selects Grafanas for import + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. + The requirements are ANDed. + items: + description: A label selector requirement is a selector that + contains values, a key, and an operator that relates the key + and values. + properties: + key: + description: key is the label key that the selector applies + to. + type: string + operator: + description: operator represents a key's relationship to + a set of values. Valid operators are In, NotIn, Exists + and DoesNotExist. + type: string + values: + description: values is an array of string values. If the + operator is In or NotIn, the values array must be non-empty. + If the operator is Exists or DoesNotExist, the values + array must be empty. This array is replaced during a strategic + merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} pairs. A single + {key,value} in the matchLabels map is equivalent to an element + of matchExpressions, whose key field is "key", the operator + is "In", and the values array contains only "value". The requirements + are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + permissions: + description: raw json with folder permissions + type: string + resyncPeriod: + description: how often the folder is synced, defaults to 5m if not + set + type: string + title: + type: string + required: + - instanceSelector + type: object + status: + description: GrafanaFolderStatus defines the observed state of GrafanaFolder + properties: + NoMatchingInstances: + description: The folder instanceSelector can't find matching grafana + instances + type: boolean + hash: + description: 'INSERT ADDITIONAL STATUS FIELD - define observed state + of cluster Important: Run "make" to regenerate code after modifying + this file' + type: string + lastResync: + description: Last time the folder was resynced + format: date-time + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.12.0 + name: grafanas.grafana.integreatly.org +spec: + group: grafana.integreatly.org + names: + kind: Grafana + listKind: GrafanaList + plural: grafanas + singular: grafana + scope: Namespaced + versions: + - additionalPrinterColumns: + - jsonPath: .status.stage + name: Stage + type: string + - jsonPath: .status.stageStatus + name: Stage status + type: string + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1beta1 + schema: + openAPIV3Schema: + description: Grafana is the Schema for the grafanas API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: GrafanaSpec defines the desired state of Grafana + properties: + client: + description: Client defines how the grafana-operator talks to the + grafana instance. + properties: + preferIngress: + description: If the operator should send it's request through + the grafana instances ingress object instead of through the + service. + nullable: true + type: boolean + timeout: + nullable: true + type: integer + type: object + config: + additionalProperties: + additionalProperties: + type: string + type: object + description: Config defines how your grafana ini file should looks + like. + type: object + x-kubernetes-preserve-unknown-fields: true + deployment: + description: Deployment sets how the deployment object should look + like with your grafana instance, contains a number of defaults. + properties: + metadata: + description: ObjectMeta contains only a [subset of the fields + included in k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.27/#objectmeta-v1-meta). + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object + spec: + properties: + minReadySeconds: + format: int32 + type: integer + paused: + type: boolean + progressDeadlineSeconds: + format: int32 + type: integer + replicas: + format: int32 + type: integer + revisionHistoryLimit: + format: int32 + type: integer + selector: + description: A label selector is a label query over a set + of resources. The result of matchLabels and matchExpressions + are ANDed. An empty label selector matches all objects. + A null label selector matches no objects. + properties: + matchExpressions: + description: matchExpressions is a list of label selector + requirements. The requirements are ANDed. + items: + description: A label selector requirement is a selector + that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector + applies to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are In, NotIn, + Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. + If the operator is In or NotIn, the values array + must be non-empty. If the operator is Exists or + DoesNotExist, the values array must be empty. + This array is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} pairs. + A single {key,value} in the matchLabels map is equivalent + to an element of matchExpressions, whose key field is + "key", the operator is "In", and the values array contains + only "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + strategy: + description: DeploymentStrategy describes how to replace existing + pods with new ones. + properties: + rollingUpdate: + description: 'Rolling update config params. Present only + if DeploymentStrategyType = RollingUpdate. --- TODO: + Update this to follow our convention for oneOf, whatever + we decide it to be.' + properties: + maxSurge: + anyOf: + - type: integer + - type: string + description: 'The maximum number of pods that can + be scheduled above the desired number of pods. Value + can be an absolute number (ex: 5) or a percentage + of desired pods (ex: 10%). This can not be 0 if + MaxUnavailable is 0. Absolute number is calculated + from percentage by rounding up. Defaults to 25%. + Example: when this is set to 30%, the new ReplicaSet + can be scaled up immediately when the rolling update + starts, such that the total number of old and new + pods do not exceed 130% of desired pods. Once old + pods have been killed, new ReplicaSet can be scaled + up further, ensuring that total number of pods running + at any time during the update is at most 130% of + desired pods.' + x-kubernetes-int-or-string: true + maxUnavailable: + anyOf: + - type: integer + - type: string + description: 'The maximum number of pods that can + be unavailable during the update. Value can be an + absolute number (ex: 5) or a percentage of desired + pods (ex: 10%). Absolute number is calculated from + percentage by rounding down. This can not be 0 if + MaxSurge is 0. Defaults to 25%. Example: when this + is set to 30%, the old ReplicaSet can be scaled + down to 70% of desired pods immediately when the + rolling update starts. Once new pods are ready, + old ReplicaSet can be scaled down further, followed + by scaling up the new ReplicaSet, ensuring that + the total number of pods available at all times + during the update is at least 70% of desired pods.' + x-kubernetes-int-or-string: true + type: object + type: + description: Type of deployment. Can be "Recreate" or + "RollingUpdate". Default is RollingUpdate. + type: string + type: object + template: + properties: + metadata: + description: 'Standard object''s metadata. More info: + https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata' + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object + spec: + description: 'Specification of the desired behavior of + the pod. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status' + properties: + activeDeadlineSeconds: + format: int64 + type: integer + affinity: + description: If specified, the pod's scheduling constraints + properties: + nodeAffinity: + description: Describes node affinity scheduling + rules for the pod. + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to + schedule pods to nodes that satisfy the + affinity expressions specified by this field, + but it may choose a node that violates one + or more of the expressions. The node that + is most preferred is the one with the greatest + sum of weights, i.e. for each node that + meets all of the scheduling requirements + (resource request, requiredDuringScheduling + affinity expressions, etc.), compute a sum + by iterating through the elements of this + field and adding "weight" to the sum if + the node matches the corresponding matchExpressions; + the node(s) with the highest sum are the + most preferred. + items: + description: An empty preferred scheduling + term matches all objects with implicit + weight 0 (i.e. it's a no-op). A null preferred + scheduling term matches no objects (i.e. + is also a no-op). + properties: + preference: + description: A node selector term, associated + with the corresponding weight. + properties: + matchExpressions: + description: A list of node selector + requirements by node's labels. + items: + description: A node selector requirement + is a selector that contains + values, a key, and an operator + that relates the key and values. + properties: + key: + description: The label key + that the selector applies + to. + type: string + operator: + description: Represents a + key's relationship to a + set of values. Valid operators + are In, NotIn, Exists, DoesNotExist. + Gt, and Lt. + type: string + values: + description: An array of string + values. If the operator + is In or NotIn, the values + array must be non-empty. + If the operator is Exists + or DoesNotExist, the values + array must be empty. If + the operator is Gt or Lt, + the values array must have + a single element, which + will be interpreted as an + integer. This array is replaced + during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchFields: + description: A list of node selector + requirements by node's fields. + items: + description: A node selector requirement + is a selector that contains + values, a key, and an operator + that relates the key and values. + properties: + key: + description: The label key + that the selector applies + to. + type: string + operator: + description: Represents a + key's relationship to a + set of values. Valid operators + are In, NotIn, Exists, DoesNotExist. + Gt, and Lt. + type: string + values: + description: An array of string + values. If the operator + is In or NotIn, the values + array must be non-empty. + If the operator is Exists + or DoesNotExist, the values + array must be empty. If + the operator is Gt or Lt, + the values array must have + a single element, which + will be interpreted as an + integer. This array is replaced + during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + type: object + x-kubernetes-map-type: atomic + weight: + description: Weight associated with + matching the corresponding nodeSelectorTerm, + in the range 1-100. + format: int32 + type: integer + required: + - preference + - weight + type: object + type: array + requiredDuringSchedulingIgnoredDuringExecution: + description: If the affinity requirements + specified by this field are not met at scheduling + time, the pod will not be scheduled onto + the node. If the affinity requirements specified + by this field cease to be met at some point + during pod execution (e.g. due to an update), + the system may or may not try to eventually + evict the pod from its node. + properties: + nodeSelectorTerms: + description: Required. A list of node + selector terms. The terms are ORed. + items: + description: A null or empty node selector + term matches no objects. The requirements + of them are ANDed. The TopologySelectorTerm + type implements a subset of the NodeSelectorTerm. + properties: + matchExpressions: + description: A list of node selector + requirements by node's labels. + items: + description: A node selector requirement + is a selector that contains + values, a key, and an operator + that relates the key and values. + properties: + key: + description: The label key + that the selector applies + to. + type: string + operator: + description: Represents a + key's relationship to a + set of values. Valid operators + are In, NotIn, Exists, DoesNotExist. + Gt, and Lt. + type: string + values: + description: An array of string + values. If the operator + is In or NotIn, the values + array must be non-empty. + If the operator is Exists + or DoesNotExist, the values + array must be empty. If + the operator is Gt or Lt, + the values array must have + a single element, which + will be interpreted as an + integer. This array is replaced + during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchFields: + description: A list of node selector + requirements by node's fields. + items: + description: A node selector requirement + is a selector that contains + values, a key, and an operator + that relates the key and values. + properties: + key: + description: The label key + that the selector applies + to. + type: string + operator: + description: Represents a + key's relationship to a + set of values. Valid operators + are In, NotIn, Exists, DoesNotExist. + Gt, and Lt. + type: string + values: + description: An array of string + values. If the operator + is In or NotIn, the values + array must be non-empty. + If the operator is Exists + or DoesNotExist, the values + array must be empty. If + the operator is Gt or Lt, + the values array must have + a single element, which + will be interpreted as an + integer. This array is replaced + during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + type: object + x-kubernetes-map-type: atomic + type: array + required: + - nodeSelectorTerms + type: object + x-kubernetes-map-type: atomic + type: object + podAffinity: + description: Describes pod affinity scheduling + rules (e.g. co-locate this pod in the same node, + zone, etc. as some other pod(s)). + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to + schedule pods to nodes that satisfy the + affinity expressions specified by this field, + but it may choose a node that violates one + or more of the expressions. The node that + is most preferred is the one with the greatest + sum of weights, i.e. for each node that + meets all of the scheduling requirements + (resource request, requiredDuringScheduling + affinity expressions, etc.), compute a sum + by iterating through the elements of this + field and adding "weight" to the sum if + the node has pods which matches the corresponding + podAffinityTerm; the node(s) with the highest + sum are the most preferred. + items: + description: The weights of all of the matched + WeightedPodAffinityTerm fields are added + per-node to find the most preferred node(s) + properties: + podAffinityTerm: + description: Required. A pod affinity + term, associated with the corresponding + weight. + properties: + labelSelector: + description: A label query over + a set of resources, in this case + pods. If it's null, this PodAffinityTerm + matches with no Pods. + properties: + matchExpressions: + description: matchExpressions + is a list of label selector + requirements. The requirements + are ANDed. + items: + description: A label selector + requirement is a selector + that contains values, a + key, and an operator that + relates the key and values. + properties: + key: + description: key is the + label key that the selector + applies to. + type: string + operator: + description: operator + represents a key's relationship + to a set of values. + Valid operators are + In, NotIn, Exists and + DoesNotExist. + type: string + values: + description: values is + an array of string values. + If the operator is In + or NotIn, the values + array must be non-empty. + If the operator is Exists + or DoesNotExist, the + values array must be + empty. This array is + replaced during a strategic + merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is + a map of {key,value} pairs. + A single {key,value} in the + matchLabels map is equivalent + to an element of matchExpressions, + whose key field is "key", + the operator is "In", and + the values array contains + only "value". The requirements + are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + matchLabelKeys: + description: MatchLabelKeys is a + set of pod label keys to select + which pods will be taken into + consideration. The keys are used + to lookup values from the incoming + pod labels, those key-value labels + are merged with `LabelSelector` + as `key in (value)` to select + the group of existing pods which + pods will be taken into consideration + for the incoming pod's pod (anti) + affinity. Keys that don't exist + in the incoming pod labels will + be ignored. The default value + is empty. The same key is forbidden + to exist in both MatchLabelKeys + and LabelSelector. Also, MatchLabelKeys + cannot be set when LabelSelector + isn't set. This is an alpha field + and requires enabling MatchLabelKeysInPodAffinity + feature gate. + items: + type: string + type: array + x-kubernetes-list-type: atomic + mismatchLabelKeys: + description: MismatchLabelKeys is + a set of pod label keys to select + which pods will be taken into + consideration. The keys are used + to lookup values from the incoming + pod labels, those key-value labels + are merged with `LabelSelector` + as `key notin (value)` to select + the group of existing pods which + pods will be taken into consideration + for the incoming pod's pod (anti) + affinity. Keys that don't exist + in the incoming pod labels will + be ignored. The default value + is empty. The same key is forbidden + to exist in both MismatchLabelKeys + and LabelSelector. Also, MismatchLabelKeys + cannot be set when LabelSelector + isn't set. This is an alpha field + and requires enabling MatchLabelKeysInPodAffinity + feature gate. + items: + type: string + type: array + x-kubernetes-list-type: atomic + namespaceSelector: + description: A label query over + the set of namespaces that the + term applies to. The term is applied + to the union of the namespaces + selected by this field and the + ones listed in the namespaces + field. null selector and null + or empty namespaces list means + "this pod's namespace". An empty + selector ({}) matches all namespaces. + properties: + matchExpressions: + description: matchExpressions + is a list of label selector + requirements. The requirements + are ANDed. + items: + description: A label selector + requirement is a selector + that contains values, a + key, and an operator that + relates the key and values. + properties: + key: + description: key is the + label key that the selector + applies to. + type: string + operator: + description: operator + represents a key's relationship + to a set of values. + Valid operators are + In, NotIn, Exists and + DoesNotExist. + type: string + values: + description: values is + an array of string values. + If the operator is In + or NotIn, the values + array must be non-empty. + If the operator is Exists + or DoesNotExist, the + values array must be + empty. This array is + replaced during a strategic + merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is + a map of {key,value} pairs. + A single {key,value} in the + matchLabels map is equivalent + to an element of matchExpressions, + whose key field is "key", + the operator is "In", and + the values array contains + only "value". The requirements + are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + namespaces: + description: namespaces specifies + a static list of namespace names + that the term applies to. The + term is applied to the union of + the namespaces listed in this + field and the ones selected by + namespaceSelector. null or empty + namespaces list and null namespaceSelector + means "this pod's namespace". + items: + type: string + type: array + topologyKey: + description: This pod should be + co-located (affinity) or not co-located + (anti-affinity) with the pods + matching the labelSelector in + the specified namespaces, where + co-located is defined as running + on a node whose value of the label + with key topologyKey matches that + of any node on which any of the + selected pods is running. Empty + topologyKey is not allowed. + type: string + required: + - topologyKey + type: object + weight: + description: weight associated with + matching the corresponding podAffinityTerm, + in the range 1-100. + format: int32 + type: integer + required: + - podAffinityTerm + - weight + type: object + type: array + requiredDuringSchedulingIgnoredDuringExecution: + description: If the affinity requirements + specified by this field are not met at scheduling + time, the pod will not be scheduled onto + the node. If the affinity requirements specified + by this field cease to be met at some point + during pod execution (e.g. due to a pod + label update), the system may or may not + try to eventually evict the pod from its + node. When there are multiple elements, + the lists of nodes corresponding to each + podAffinityTerm are intersected, i.e. all + terms must be satisfied. + items: + description: Defines a set of pods (namely + those matching the labelSelector relative + to the given namespace(s)) that this pod + should be co-located (affinity) or not + co-located (anti-affinity) with, where + co-located is defined as running on a + node whose value of the label with key + matches that of any node + on which a pod of the set of pods is running + properties: + labelSelector: + description: A label query over a set + of resources, in this case pods. If + it's null, this PodAffinityTerm matches + with no Pods. + properties: + matchExpressions: + description: matchExpressions is + a list of label selector requirements. + The requirements are ANDed. + items: + description: A label selector + requirement is a selector that + contains values, a key, and + an operator that relates the + key and values. + properties: + key: + description: key is the label + key that the selector applies + to. + type: string + operator: + description: operator represents + a key's relationship to + a set of values. Valid operators + are In, NotIn, Exists and + DoesNotExist. + type: string + values: + description: values is an + array of string values. + If the operator is In or + NotIn, the values array + must be non-empty. If the + operator is Exists or DoesNotExist, + the values array must be + empty. This array is replaced + during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map + of {key,value} pairs. A single + {key,value} in the matchLabels + map is equivalent to an element + of matchExpressions, whose key + field is "key", the operator is + "In", and the values array contains + only "value". The requirements + are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + matchLabelKeys: + description: MatchLabelKeys is a set + of pod label keys to select which + pods will be taken into consideration. + The keys are used to lookup values + from the incoming pod labels, those + key-value labels are merged with `LabelSelector` + as `key in (value)` to select the + group of existing pods which pods + will be taken into consideration for + the incoming pod's pod (anti) affinity. + Keys that don't exist in the incoming + pod labels will be ignored. The default + value is empty. The same key is forbidden + to exist in both MatchLabelKeys and + LabelSelector. Also, MatchLabelKeys + cannot be set when LabelSelector isn't + set. This is an alpha field and requires + enabling MatchLabelKeysInPodAffinity + feature gate. + items: + type: string + type: array + x-kubernetes-list-type: atomic + mismatchLabelKeys: + description: MismatchLabelKeys is a + set of pod label keys to select which + pods will be taken into consideration. + The keys are used to lookup values + from the incoming pod labels, those + key-value labels are merged with `LabelSelector` + as `key notin (value)` to select the + group of existing pods which pods + will be taken into consideration for + the incoming pod's pod (anti) affinity. + Keys that don't exist in the incoming + pod labels will be ignored. The default + value is empty. The same key is forbidden + to exist in both MismatchLabelKeys + and LabelSelector. Also, MismatchLabelKeys + cannot be set when LabelSelector isn't + set. This is an alpha field and requires + enabling MatchLabelKeysInPodAffinity + feature gate. + items: + type: string + type: array + x-kubernetes-list-type: atomic + namespaceSelector: + description: A label query over the + set of namespaces that the term applies + to. The term is applied to the union + of the namespaces selected by this + field and the ones listed in the namespaces + field. null selector and null or empty + namespaces list means "this pod's + namespace". An empty selector ({}) + matches all namespaces. + properties: + matchExpressions: + description: matchExpressions is + a list of label selector requirements. + The requirements are ANDed. + items: + description: A label selector + requirement is a selector that + contains values, a key, and + an operator that relates the + key and values. + properties: + key: + description: key is the label + key that the selector applies + to. + type: string + operator: + description: operator represents + a key's relationship to + a set of values. Valid operators + are In, NotIn, Exists and + DoesNotExist. + type: string + values: + description: values is an + array of string values. + If the operator is In or + NotIn, the values array + must be non-empty. If the + operator is Exists or DoesNotExist, + the values array must be + empty. This array is replaced + during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map + of {key,value} pairs. A single + {key,value} in the matchLabels + map is equivalent to an element + of matchExpressions, whose key + field is "key", the operator is + "In", and the values array contains + only "value". The requirements + are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + namespaces: + description: namespaces specifies a + static list of namespace names that + the term applies to. The term is applied + to the union of the namespaces listed + in this field and the ones selected + by namespaceSelector. null or empty + namespaces list and null namespaceSelector + means "this pod's namespace". + items: + type: string + type: array + topologyKey: + description: This pod should be co-located + (affinity) or not co-located (anti-affinity) + with the pods matching the labelSelector + in the specified namespaces, where + co-located is defined as running on + a node whose value of the label with + key topologyKey matches that of any + node on which any of the selected + pods is running. Empty topologyKey + is not allowed. + type: string + required: + - topologyKey + type: object + type: array + type: object + podAntiAffinity: + description: Describes pod anti-affinity scheduling + rules (e.g. avoid putting this pod in the same + node, zone, etc. as some other pod(s)). + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to + schedule pods to nodes that satisfy the + anti-affinity expressions specified by this + field, but it may choose a node that violates + one or more of the expressions. The node + that is most preferred is the one with the + greatest sum of weights, i.e. for each node + that meets all of the scheduling requirements + (resource request, requiredDuringScheduling + anti-affinity expressions, etc.), compute + a sum by iterating through the elements + of this field and adding "weight" to the + sum if the node has pods which matches the + corresponding podAffinityTerm; the node(s) + with the highest sum are the most preferred. + items: + description: The weights of all of the matched + WeightedPodAffinityTerm fields are added + per-node to find the most preferred node(s) + properties: + podAffinityTerm: + description: Required. A pod affinity + term, associated with the corresponding + weight. + properties: + labelSelector: + description: A label query over + a set of resources, in this case + pods. If it's null, this PodAffinityTerm + matches with no Pods. + properties: + matchExpressions: + description: matchExpressions + is a list of label selector + requirements. The requirements + are ANDed. + items: + description: A label selector + requirement is a selector + that contains values, a + key, and an operator that + relates the key and values. + properties: + key: + description: key is the + label key that the selector + applies to. + type: string + operator: + description: operator + represents a key's relationship + to a set of values. + Valid operators are + In, NotIn, Exists and + DoesNotExist. + type: string + values: + description: values is + an array of string values. + If the operator is In + or NotIn, the values + array must be non-empty. + If the operator is Exists + or DoesNotExist, the + values array must be + empty. This array is + replaced during a strategic + merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is + a map of {key,value} pairs. + A single {key,value} in the + matchLabels map is equivalent + to an element of matchExpressions, + whose key field is "key", + the operator is "In", and + the values array contains + only "value". The requirements + are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + matchLabelKeys: + description: MatchLabelKeys is a + set of pod label keys to select + which pods will be taken into + consideration. The keys are used + to lookup values from the incoming + pod labels, those key-value labels + are merged with `LabelSelector` + as `key in (value)` to select + the group of existing pods which + pods will be taken into consideration + for the incoming pod's pod (anti) + affinity. Keys that don't exist + in the incoming pod labels will + be ignored. The default value + is empty. The same key is forbidden + to exist in both MatchLabelKeys + and LabelSelector. Also, MatchLabelKeys + cannot be set when LabelSelector + isn't set. This is an alpha field + and requires enabling MatchLabelKeysInPodAffinity + feature gate. + items: + type: string + type: array + x-kubernetes-list-type: atomic + mismatchLabelKeys: + description: MismatchLabelKeys is + a set of pod label keys to select + which pods will be taken into + consideration. The keys are used + to lookup values from the incoming + pod labels, those key-value labels + are merged with `LabelSelector` + as `key notin (value)` to select + the group of existing pods which + pods will be taken into consideration + for the incoming pod's pod (anti) + affinity. Keys that don't exist + in the incoming pod labels will + be ignored. The default value + is empty. The same key is forbidden + to exist in both MismatchLabelKeys + and LabelSelector. Also, MismatchLabelKeys + cannot be set when LabelSelector + isn't set. This is an alpha field + and requires enabling MatchLabelKeysInPodAffinity + feature gate. + items: + type: string + type: array + x-kubernetes-list-type: atomic + namespaceSelector: + description: A label query over + the set of namespaces that the + term applies to. The term is applied + to the union of the namespaces + selected by this field and the + ones listed in the namespaces + field. null selector and null + or empty namespaces list means + "this pod's namespace". An empty + selector ({}) matches all namespaces. + properties: + matchExpressions: + description: matchExpressions + is a list of label selector + requirements. The requirements + are ANDed. + items: + description: A label selector + requirement is a selector + that contains values, a + key, and an operator that + relates the key and values. + properties: + key: + description: key is the + label key that the selector + applies to. + type: string + operator: + description: operator + represents a key's relationship + to a set of values. + Valid operators are + In, NotIn, Exists and + DoesNotExist. + type: string + values: + description: values is + an array of string values. + If the operator is In + or NotIn, the values + array must be non-empty. + If the operator is Exists + or DoesNotExist, the + values array must be + empty. This array is + replaced during a strategic + merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is + a map of {key,value} pairs. + A single {key,value} in the + matchLabels map is equivalent + to an element of matchExpressions, + whose key field is "key", + the operator is "In", and + the values array contains + only "value". The requirements + are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + namespaces: + description: namespaces specifies + a static list of namespace names + that the term applies to. The + term is applied to the union of + the namespaces listed in this + field and the ones selected by + namespaceSelector. null or empty + namespaces list and null namespaceSelector + means "this pod's namespace". + items: + type: string + type: array + topologyKey: + description: This pod should be + co-located (affinity) or not co-located + (anti-affinity) with the pods + matching the labelSelector in + the specified namespaces, where + co-located is defined as running + on a node whose value of the label + with key topologyKey matches that + of any node on which any of the + selected pods is running. Empty + topologyKey is not allowed. + type: string + required: + - topologyKey + type: object + weight: + description: weight associated with + matching the corresponding podAffinityTerm, + in the range 1-100. + format: int32 + type: integer + required: + - podAffinityTerm + - weight + type: object + type: array + requiredDuringSchedulingIgnoredDuringExecution: + description: If the anti-affinity requirements + specified by this field are not met at scheduling + time, the pod will not be scheduled onto + the node. If the anti-affinity requirements + specified by this field cease to be met + at some point during pod execution (e.g. + due to a pod label update), the system may + or may not try to eventually evict the pod + from its node. When there are multiple elements, + the lists of nodes corresponding to each + podAffinityTerm are intersected, i.e. all + terms must be satisfied. + items: + description: Defines a set of pods (namely + those matching the labelSelector relative + to the given namespace(s)) that this pod + should be co-located (affinity) or not + co-located (anti-affinity) with, where + co-located is defined as running on a + node whose value of the label with key + matches that of any node + on which a pod of the set of pods is running + properties: + labelSelector: + description: A label query over a set + of resources, in this case pods. If + it's null, this PodAffinityTerm matches + with no Pods. + properties: + matchExpressions: + description: matchExpressions is + a list of label selector requirements. + The requirements are ANDed. + items: + description: A label selector + requirement is a selector that + contains values, a key, and + an operator that relates the + key and values. + properties: + key: + description: key is the label + key that the selector applies + to. + type: string + operator: + description: operator represents + a key's relationship to + a set of values. Valid operators + are In, NotIn, Exists and + DoesNotExist. + type: string + values: + description: values is an + array of string values. + If the operator is In or + NotIn, the values array + must be non-empty. If the + operator is Exists or DoesNotExist, + the values array must be + empty. This array is replaced + during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map + of {key,value} pairs. A single + {key,value} in the matchLabels + map is equivalent to an element + of matchExpressions, whose key + field is "key", the operator is + "In", and the values array contains + only "value". The requirements + are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + matchLabelKeys: + description: MatchLabelKeys is a set + of pod label keys to select which + pods will be taken into consideration. + The keys are used to lookup values + from the incoming pod labels, those + key-value labels are merged with `LabelSelector` + as `key in (value)` to select the + group of existing pods which pods + will be taken into consideration for + the incoming pod's pod (anti) affinity. + Keys that don't exist in the incoming + pod labels will be ignored. The default + value is empty. The same key is forbidden + to exist in both MatchLabelKeys and + LabelSelector. Also, MatchLabelKeys + cannot be set when LabelSelector isn't + set. This is an alpha field and requires + enabling MatchLabelKeysInPodAffinity + feature gate. + items: + type: string + type: array + x-kubernetes-list-type: atomic + mismatchLabelKeys: + description: MismatchLabelKeys is a + set of pod label keys to select which + pods will be taken into consideration. + The keys are used to lookup values + from the incoming pod labels, those + key-value labels are merged with `LabelSelector` + as `key notin (value)` to select the + group of existing pods which pods + will be taken into consideration for + the incoming pod's pod (anti) affinity. + Keys that don't exist in the incoming + pod labels will be ignored. The default + value is empty. The same key is forbidden + to exist in both MismatchLabelKeys + and LabelSelector. Also, MismatchLabelKeys + cannot be set when LabelSelector isn't + set. This is an alpha field and requires + enabling MatchLabelKeysInPodAffinity + feature gate. + items: + type: string + type: array + x-kubernetes-list-type: atomic + namespaceSelector: + description: A label query over the + set of namespaces that the term applies + to. The term is applied to the union + of the namespaces selected by this + field and the ones listed in the namespaces + field. null selector and null or empty + namespaces list means "this pod's + namespace". An empty selector ({}) + matches all namespaces. + properties: + matchExpressions: + description: matchExpressions is + a list of label selector requirements. + The requirements are ANDed. + items: + description: A label selector + requirement is a selector that + contains values, a key, and + an operator that relates the + key and values. + properties: + key: + description: key is the label + key that the selector applies + to. + type: string + operator: + description: operator represents + a key's relationship to + a set of values. Valid operators + are In, NotIn, Exists and + DoesNotExist. + type: string + values: + description: values is an + array of string values. + If the operator is In or + NotIn, the values array + must be non-empty. If the + operator is Exists or DoesNotExist, + the values array must be + empty. This array is replaced + during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map + of {key,value} pairs. A single + {key,value} in the matchLabels + map is equivalent to an element + of matchExpressions, whose key + field is "key", the operator is + "In", and the values array contains + only "value". The requirements + are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + namespaces: + description: namespaces specifies a + static list of namespace names that + the term applies to. The term is applied + to the union of the namespaces listed + in this field and the ones selected + by namespaceSelector. null or empty + namespaces list and null namespaceSelector + means "this pod's namespace". + items: + type: string + type: array + topologyKey: + description: This pod should be co-located + (affinity) or not co-located (anti-affinity) + with the pods matching the labelSelector + in the specified namespaces, where + co-located is defined as running on + a node whose value of the label with + key topologyKey matches that of any + node on which any of the selected + pods is running. Empty topologyKey + is not allowed. + type: string + required: + - topologyKey + type: object + type: array + type: object + type: object + automountServiceAccountToken: + description: AutomountServiceAccountToken indicates + whether a service account token should be automatically + mounted. + type: boolean + containers: + items: + description: A single application container that + you want to run within a pod. + properties: + args: + description: 'Arguments to the entrypoint. The + container image''s CMD is used if this is + not provided. Variable references $(VAR_NAME) + are expanded using the container''s environment. + If a variable cannot be resolved, the reference + in the input string will be unchanged. Double + $$ are reduced to a single $, which allows + for escaping the $(VAR_NAME) syntax: i.e. + "$$(VAR_NAME)" will produce the string literal + "$(VAR_NAME)". Escaped references will never + be expanded, regardless of whether the variable + exists or not. Cannot be updated. More info: + https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' + items: + type: string + type: array + command: + description: 'Entrypoint array. Not executed + within a shell. The container image''s ENTRYPOINT + is used if this is not provided. Variable + references $(VAR_NAME) are expanded using + the container''s environment. If a variable + cannot be resolved, the reference in the input + string will be unchanged. Double $$ are reduced + to a single $, which allows for escaping the + $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will + produce the string literal "$(VAR_NAME)". + Escaped references will never be expanded, + regardless of whether the variable exists + or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' + items: + type: string + type: array + env: + description: List of environment variables to + set in the container. Cannot be updated. + items: + description: EnvVar represents an environment + variable present in a Container. + properties: + name: + description: Name of the environment variable. + Must be a C_IDENTIFIER. + type: string + value: + description: 'Variable references $(VAR_NAME) + are expanded using the previously defined + environment variables in the container + and any service environment variables. + If a variable cannot be resolved, the + reference in the input string will be + unchanged. Double $$ are reduced to + a single $, which allows for escaping + the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" + will produce the string literal "$(VAR_NAME)". + Escaped references will never be expanded, + regardless of whether the variable exists + or not. Defaults to "".' + type: string + valueFrom: + description: Source for the environment + variable's value. Cannot be used if + value is not empty. + properties: + configMapKeyRef: + description: Selects a key of a ConfigMap. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. + apiVersion, kind, uid?' + type: string + optional: + description: Specify whether the + ConfigMap or its key must be + defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + fieldRef: + description: 'Selects a field of the + pod: supports metadata.name, metadata.namespace, + `metadata.labels['''']`, `metadata.annotations['''']`, + spec.nodeName, spec.serviceAccountName, + status.hostIP, status.podIP, status.podIPs.' + properties: + apiVersion: + description: Version of the schema + the FieldPath is written in + terms of, defaults to "v1". + type: string + fieldPath: + description: Path of the field + to select in the specified API + version. + type: string + required: + - fieldPath + type: object + x-kubernetes-map-type: atomic + resourceFieldRef: + description: 'Selects a resource of + the container: only resources limits + and requests (limits.cpu, limits.memory, + limits.ephemeral-storage, requests.cpu, + requests.memory and requests.ephemeral-storage) + are currently supported.' + properties: + containerName: + description: 'Container name: + required for volumes, optional + for env vars' + type: string + divisor: + anyOf: + - type: integer + - type: string + description: Specifies the output + format of the exposed resources, + defaults to "1" + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + description: 'Required: resource + to select' + type: string + required: + - resource + type: object + x-kubernetes-map-type: atomic + secretKeyRef: + description: Selects a key of a secret + in the pod's namespace + properties: + key: + description: The key of the secret + to select from. Must be a valid + secret key. + type: string + name: + description: 'Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. + apiVersion, kind, uid?' + type: string + optional: + description: Specify whether the + Secret or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + required: + - name + type: object + type: array + envFrom: + description: List of sources to populate environment + variables in the container. The keys defined + within a source must be a C_IDENTIFIER. All + invalid keys will be reported as an event + when the container is starting. When a key + exists in multiple sources, the value associated + with the last source will take precedence. + Values defined by an Env with a duplicate + key will take precedence. Cannot be updated. + items: + description: EnvFromSource represents the + source of a set of ConfigMaps + properties: + configMapRef: + description: The ConfigMap to select from + properties: + name: + description: 'Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the ConfigMap + must be defined + type: boolean + type: object + x-kubernetes-map-type: atomic + prefix: + description: An optional identifier to + prepend to each key in the ConfigMap. + Must be a C_IDENTIFIER. + type: string + secretRef: + description: The Secret to select from + properties: + name: + description: 'Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret + must be defined + type: boolean + type: object + x-kubernetes-map-type: atomic + type: object + type: array + image: + description: 'Container image name. More info: + https://kubernetes.io/docs/concepts/containers/images + This field is optional to allow higher level + config management to default or override container + images in workload controllers like Deployments + and StatefulSets.' + type: string + imagePullPolicy: + description: 'Image pull policy. One of Always, + Never, IfNotPresent. Defaults to Always if + :latest tag is specified, or IfNotPresent + otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' + type: string + lifecycle: + description: Actions that the management system + should take in response to container lifecycle + events. Cannot be updated. + properties: + postStart: + description: 'PostStart is called immediately + after a container is created. If the handler + fails, the container is terminated and + restarted according to its restart policy. + Other management of the container blocks + until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' + properties: + exec: + description: Exec specifies the action + to take. + properties: + command: + description: Command is the command + line to execute inside the container, + the working directory for the + command is root ('/') in the + container's filesystem. The command + is simply exec'd, it is not run + inside a shell, so traditional + shell instructions ('|', etc) + won't work. To use a shell, you + need to explicitly call out to + that shell. Exit status of 0 is + treated as live/healthy and non-zero + is unhealthy. + items: + type: string + type: array + type: object + httpGet: + description: HTTPGet specifies the http + request to perform. + properties: + host: + description: Host name to connect + to, defaults to the pod IP. You + probably want to set "Host" in + httpHeaders instead. + type: string + httpHeaders: + description: Custom headers to set + in the request. HTTP allows repeated + headers. + items: + description: HTTPHeader describes + a custom header to be used in + HTTP probes + properties: + name: + description: The header field + name. This will be canonicalized + upon output, so case-variant + names will be understood + as the same header. + type: string + value: + description: The header field + value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the + HTTP server. + type: string + port: + anyOf: + - type: integer + - type: string + description: Name or number of the + port to access on the container. + Number must be in the range 1 + to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: Scheme to use for connecting + to the host. Defaults to HTTP. + type: string + required: + - port + type: object + sleep: + description: Sleep represents the duration + that the container should sleep before + being terminated. + properties: + seconds: + description: Seconds is the number + of seconds to sleep. + format: int64 + type: integer + required: + - seconds + type: object + tcpSocket: + description: Deprecated. TCPSocket is + NOT supported as a LifecycleHandler + and kept for the backward compatibility. + There are no validation of this field + and lifecycle hooks will fail in runtime + when tcp handler is specified. + properties: + host: + description: 'Optional: Host name + to connect to, defaults to the + pod IP.' + type: string + port: + anyOf: + - type: integer + - type: string + description: Number or name of the + port to access on the container. + Number must be in the range 1 + to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + type: object + preStop: + description: 'PreStop is called immediately + before a container is terminated due to + an API request or management event such + as liveness/startup probe failure, preemption, + resource contention, etc. The handler + is not called if the container crashes + or exits. The Pod''s termination grace + period countdown begins before the PreStop + hook is executed. Regardless of the outcome + of the handler, the container will eventually + terminate within the Pod''s termination + grace period (unless delayed by finalizers). + Other management of the container blocks + until the hook completes or until the + termination grace period is reached. More + info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' + properties: + exec: + description: Exec specifies the action + to take. + properties: + command: + description: Command is the command + line to execute inside the container, + the working directory for the + command is root ('/') in the + container's filesystem. The command + is simply exec'd, it is not run + inside a shell, so traditional + shell instructions ('|', etc) + won't work. To use a shell, you + need to explicitly call out to + that shell. Exit status of 0 is + treated as live/healthy and non-zero + is unhealthy. + items: + type: string + type: array + type: object + httpGet: + description: HTTPGet specifies the http + request to perform. + properties: + host: + description: Host name to connect + to, defaults to the pod IP. You + probably want to set "Host" in + httpHeaders instead. + type: string + httpHeaders: + description: Custom headers to set + in the request. HTTP allows repeated + headers. + items: + description: HTTPHeader describes + a custom header to be used in + HTTP probes + properties: + name: + description: The header field + name. This will be canonicalized + upon output, so case-variant + names will be understood + as the same header. + type: string + value: + description: The header field + value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the + HTTP server. + type: string + port: + anyOf: + - type: integer + - type: string + description: Name or number of the + port to access on the container. + Number must be in the range 1 + to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: Scheme to use for connecting + to the host. Defaults to HTTP. + type: string + required: + - port + type: object + sleep: + description: Sleep represents the duration + that the container should sleep before + being terminated. + properties: + seconds: + description: Seconds is the number + of seconds to sleep. + format: int64 + type: integer + required: + - seconds + type: object + tcpSocket: + description: Deprecated. TCPSocket is + NOT supported as a LifecycleHandler + and kept for the backward compatibility. + There are no validation of this field + and lifecycle hooks will fail in runtime + when tcp handler is specified. + properties: + host: + description: 'Optional: Host name + to connect to, defaults to the + pod IP.' + type: string + port: + anyOf: + - type: integer + - type: string + description: Number or name of the + port to access on the container. + Number must be in the range 1 + to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + type: object + type: object + livenessProbe: + description: 'Periodic probe of container liveness. + Container will be restarted if the probe fails. + Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + properties: + exec: + description: Exec specifies the action to + take. + properties: + command: + description: Command is the command + line to execute inside the container, + the working directory for the command is + root ('/') in the container's filesystem. + The command is simply exec'd, it is + not run inside a shell, so traditional + shell instructions ('|', etc) won't + work. To use a shell, you need to + explicitly call out to that shell. + Exit status of 0 is treated as live/healthy + and non-zero is unhealthy. + items: + type: string + type: array + type: object + failureThreshold: + description: Minimum consecutive failures + for the probe to be considered failed + after having succeeded. Defaults to 3. + Minimum value is 1. + format: int32 + type: integer + grpc: + description: GRPC specifies an action involving + a GRPC port. + properties: + port: + description: Port number of the gRPC + service. Number must be in the range + 1 to 65535. + format: int32 + type: integer + service: + description: "Service is the name of + the service to place in the gRPC HealthCheckRequest + (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + \n If this is not specified, the default + behavior is defined by gRPC." + type: string + required: + - port + type: object + httpGet: + description: HTTPGet specifies the http + request to perform. + properties: + host: + description: Host name to connect to, + defaults to the pod IP. You probably + want to set "Host" in httpHeaders + instead. + type: string + httpHeaders: + description: Custom headers to set in + the request. HTTP allows repeated + headers. + items: + description: HTTPHeader describes + a custom header to be used in HTTP + probes + properties: + name: + description: The header field + name. This will be canonicalized + upon output, so case-variant + names will be understood as + the same header. + type: string + value: + description: The header field + value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP + server. + type: string + port: + anyOf: + - type: integer + - type: string + description: Name or number of the port + to access on the container. Number + must be in the range 1 to 65535. Name + must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: Scheme to use for connecting + to the host. Defaults to HTTP. + type: string + required: + - port + type: object + initialDelaySeconds: + description: 'Number of seconds after the + container has started before liveness + probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + periodSeconds: + description: How often (in seconds) to perform + the probe. Default to 10 seconds. Minimum + value is 1. + format: int32 + type: integer + successThreshold: + description: Minimum consecutive successes + for the probe to be considered successful + after having failed. Defaults to 1. Must + be 1 for liveness and startup. Minimum + value is 1. + format: int32 + type: integer + tcpSocket: + description: TCPSocket specifies an action + involving a TCP port. + properties: + host: + description: 'Optional: Host name to + connect to, defaults to the pod IP.' + type: string + port: + anyOf: + - type: integer + - type: string + description: Number or name of the port + to access on the container. Number + must be in the range 1 to 65535. Name + must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + terminationGracePeriodSeconds: + description: Optional duration in seconds + the pod needs to terminate gracefully + upon probe failure. The grace period is + the duration in seconds after the processes + running in the pod are sent a termination + signal and the time when the processes + are forcibly halted with a kill signal. + Set this value longer than the expected + cleanup time for your process. If this + value is nil, the pod's terminationGracePeriodSeconds + will be used. Otherwise, this value overrides + the value provided by the pod spec. Value + must be non-negative integer. The value + zero indicates stop immediately via the + kill signal (no opportunity to shut down). + This is a beta field and requires enabling + ProbeTerminationGracePeriod feature gate. + Minimum value is 1. spec.terminationGracePeriodSeconds + is used if unset. + format: int64 + type: integer + timeoutSeconds: + description: 'Number of seconds after which + the probe times out. Defaults to 1 second. + Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + type: object + name: + description: Name of the container specified + as a DNS_LABEL. Each container in a pod must + have a unique name (DNS_LABEL). Cannot be + updated. + type: string + ports: + description: List of ports to expose from the + container. Not specifying a port here DOES + NOT prevent that port from being exposed. + Any port which is listening on the default + "0.0.0.0" address inside a container will + be accessible from the network. Modifying + this array with strategic merge patch may + corrupt the data. For more information See + https://github.com/kubernetes/kubernetes/issues/108255. + Cannot be updated. + items: + description: ContainerPort represents a network + port in a single container. + properties: + containerPort: + description: Number of port to expose + on the pod's IP address. This must be + a valid port number, 0 < x < 65536. + format: int32 + type: integer + hostIP: + description: What host IP to bind the + external port to. + type: string + hostPort: + description: Number of port to expose + on the host. If specified, this must + be a valid port number, 0 < x < 65536. + If HostNetwork is specified, this must + match ContainerPort. Most containers + do not need this. + format: int32 + type: integer + name: + description: If specified, this must be + an IANA_SVC_NAME and unique within the + pod. Each named port in a pod must have + a unique name. Name for the port that + can be referred to by services. + type: string + protocol: + default: TCP + description: Protocol for port. Must be + UDP, TCP, or SCTP. Defaults to "TCP". + type: string + required: + - containerPort + type: object + type: array + x-kubernetes-list-map-keys: + - containerPort + - protocol + x-kubernetes-list-type: map + readinessProbe: + description: 'Periodic probe of container service + readiness. Container will be removed from + service endpoints if the probe fails. Cannot + be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + properties: + exec: + description: Exec specifies the action to + take. + properties: + command: + description: Command is the command + line to execute inside the container, + the working directory for the command is + root ('/') in the container's filesystem. + The command is simply exec'd, it is + not run inside a shell, so traditional + shell instructions ('|', etc) won't + work. To use a shell, you need to + explicitly call out to that shell. + Exit status of 0 is treated as live/healthy + and non-zero is unhealthy. + items: + type: string + type: array + type: object + failureThreshold: + description: Minimum consecutive failures + for the probe to be considered failed + after having succeeded. Defaults to 3. + Minimum value is 1. + format: int32 + type: integer + grpc: + description: GRPC specifies an action involving + a GRPC port. + properties: + port: + description: Port number of the gRPC + service. Number must be in the range + 1 to 65535. + format: int32 + type: integer + service: + description: "Service is the name of + the service to place in the gRPC HealthCheckRequest + (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + \n If this is not specified, the default + behavior is defined by gRPC." + type: string + required: + - port + type: object + httpGet: + description: HTTPGet specifies the http + request to perform. + properties: + host: + description: Host name to connect to, + defaults to the pod IP. You probably + want to set "Host" in httpHeaders + instead. + type: string + httpHeaders: + description: Custom headers to set in + the request. HTTP allows repeated + headers. + items: + description: HTTPHeader describes + a custom header to be used in HTTP + probes + properties: + name: + description: The header field + name. This will be canonicalized + upon output, so case-variant + names will be understood as + the same header. + type: string + value: + description: The header field + value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP + server. + type: string + port: + anyOf: + - type: integer + - type: string + description: Name or number of the port + to access on the container. Number + must be in the range 1 to 65535. Name + must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: Scheme to use for connecting + to the host. Defaults to HTTP. + type: string + required: + - port + type: object + initialDelaySeconds: + description: 'Number of seconds after the + container has started before liveness + probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + periodSeconds: + description: How often (in seconds) to perform + the probe. Default to 10 seconds. Minimum + value is 1. + format: int32 + type: integer + successThreshold: + description: Minimum consecutive successes + for the probe to be considered successful + after having failed. Defaults to 1. Must + be 1 for liveness and startup. Minimum + value is 1. + format: int32 + type: integer + tcpSocket: + description: TCPSocket specifies an action + involving a TCP port. + properties: + host: + description: 'Optional: Host name to + connect to, defaults to the pod IP.' + type: string + port: + anyOf: + - type: integer + - type: string + description: Number or name of the port + to access on the container. Number + must be in the range 1 to 65535. Name + must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + terminationGracePeriodSeconds: + description: Optional duration in seconds + the pod needs to terminate gracefully + upon probe failure. The grace period is + the duration in seconds after the processes + running in the pod are sent a termination + signal and the time when the processes + are forcibly halted with a kill signal. + Set this value longer than the expected + cleanup time for your process. If this + value is nil, the pod's terminationGracePeriodSeconds + will be used. Otherwise, this value overrides + the value provided by the pod spec. Value + must be non-negative integer. The value + zero indicates stop immediately via the + kill signal (no opportunity to shut down). + This is a beta field and requires enabling + ProbeTerminationGracePeriod feature gate. + Minimum value is 1. spec.terminationGracePeriodSeconds + is used if unset. + format: int64 + type: integer + timeoutSeconds: + description: 'Number of seconds after which + the probe times out. Defaults to 1 second. + Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + type: object + resizePolicy: + description: Resources resize policy for the + container. + items: + description: ContainerResizePolicy represents + resource resize policy for the container. + properties: + resourceName: + description: 'Name of the resource to + which this resource resize policy applies. + Supported values: cpu, memory.' + type: string + restartPolicy: + description: Restart policy to apply when + specified resource is resized. If not + specified, it defaults to NotRequired. + type: string + required: + - resourceName + - restartPolicy + type: object + type: array + x-kubernetes-list-type: atomic + resources: + description: 'Compute Resources required by + this container. Cannot be updated. More info: + https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + properties: + claims: + description: "Claims lists the names of + resources, defined in spec.resourceClaims, + that are used by this container. \n This + is an alpha field and requires enabling + the DynamicResourceAllocation feature + gate. \n This field is immutable. It can + only be set for containers." + items: + description: ResourceClaim references + one entry in PodSpec.ResourceClaims. + properties: + name: + description: Name must match the name + of one entry in pod.spec.resourceClaims + of the Pod where this field is used. + It makes that resource available + inside a container. + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum + amount of compute resources allowed. More + info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum + amount of compute resources required. + If Requests is omitted for a container, + it defaults to Limits if that is explicitly + specified, otherwise to an implementation-defined + value. Requests cannot exceed Limits. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + type: object + restartPolicy: + description: 'RestartPolicy defines the restart + behavior of individual containers in a pod. + This field may only be set for init containers, + and the only allowed value is "Always". For + non-init containers or when this field is + not specified, the restart behavior is defined + by the Pod''s restart policy and the container + type. Setting the RestartPolicy as "Always" + for the init container will have the following + effect: this init container will be continually + restarted on exit until all regular containers + have terminated. Once all regular containers + have completed, all init containers with restartPolicy + "Always" will be shut down. This lifecycle + differs from normal init containers and is + often referred to as a "sidecar" container. + Although this init container still starts + in the init container sequence, it does not + wait for the container to complete before + proceeding to the next init container. Instead, + the next init container starts immediately + after this init container is started, or after + any startupProbe has successfully completed.' + type: string + securityContext: + description: 'SecurityContext defines the security + options the container should be run with. + If set, the fields of SecurityContext override + the equivalent fields of PodSecurityContext. + More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/' + properties: + allowPrivilegeEscalation: + description: 'AllowPrivilegeEscalation controls + whether a process can gain more privileges + than its parent process. This bool directly + controls if the no_new_privs flag will + be set on the container process. AllowPrivilegeEscalation + is true always when the container is: + 1) run as Privileged 2) has CAP_SYS_ADMIN + Note that this field cannot be set when + spec.os.name is windows.' + type: boolean + capabilities: + description: The capabilities to add/drop + when running containers. Defaults to the + default set of capabilities granted by + the container runtime. Note that this + field cannot be set when spec.os.name + is windows. + properties: + add: + description: Added capabilities + items: + description: Capability represent + POSIX capabilities type + type: string + type: array + drop: + description: Removed capabilities + items: + description: Capability represent + POSIX capabilities type + type: string + type: array + type: object + privileged: + description: Run container in privileged + mode. Processes in privileged containers + are essentially equivalent to root on + the host. Defaults to false. Note that + this field cannot be set when spec.os.name + is windows. + type: boolean + procMount: + description: procMount denotes the type + of proc mount to use for the containers. + The default is DefaultProcMount which + uses the container runtime defaults for + readonly paths and masked paths. This + requires the ProcMountType feature flag + to be enabled. Note that this field cannot + be set when spec.os.name is windows. + type: string + readOnlyRootFilesystem: + description: Whether this container has + a read-only root filesystem. Default is + false. Note that this field cannot be + set when spec.os.name is windows. + type: boolean + runAsGroup: + description: The GID to run the entrypoint + of the container process. Uses runtime + default if unset. May also be set in PodSecurityContext. If + set in both SecurityContext and PodSecurityContext, + the value specified in SecurityContext + takes precedence. Note that this field + cannot be set when spec.os.name is windows. + format: int64 + type: integer + runAsNonRoot: + description: Indicates that the container + must run as a non-root user. If true, + the Kubelet will validate the image at + runtime to ensure that it does not run + as UID 0 (root) and fail to start the + container if it does. If unset or false, + no such validation will be performed. + May also be set in PodSecurityContext. If + set in both SecurityContext and PodSecurityContext, + the value specified in SecurityContext + takes precedence. + type: boolean + runAsUser: + description: The UID to run the entrypoint + of the container process. Defaults to + user specified in image metadata if unspecified. + May also be set in PodSecurityContext. If + set in both SecurityContext and PodSecurityContext, + the value specified in SecurityContext + takes precedence. Note that this field + cannot be set when spec.os.name is windows. + format: int64 + type: integer + seLinuxOptions: + description: The SELinux context to be applied + to the container. If unspecified, the + container runtime will allocate a random + SELinux context for each container. May + also be set in PodSecurityContext. If + set in both SecurityContext and PodSecurityContext, + the value specified in SecurityContext + takes precedence. Note that this field + cannot be set when spec.os.name is windows. + properties: + level: + description: Level is SELinux level + label that applies to the container. + type: string + role: + description: Role is a SELinux role + label that applies to the container. + type: string + type: + description: Type is a SELinux type + label that applies to the container. + type: string + user: + description: User is a SELinux user + label that applies to the container. + type: string + type: object + seccompProfile: + description: The seccomp options to use + by this container. If seccomp options + are provided at both the pod & container + level, the container options override + the pod options. Note that this field + cannot be set when spec.os.name is windows. + properties: + localhostProfile: + description: localhostProfile indicates + a profile defined in a file on the + node should be used. The profile must + be preconfigured on the node to work. + Must be a descending path, relative + to the kubelet's configured seccomp + profile location. Must be set if type + is "Localhost". Must NOT be set for + any other type. + type: string + type: + description: "type indicates which kind + of seccomp profile will be applied. + Valid options are: \n Localhost - + a profile defined in a file on the + node should be used. RuntimeDefault + - the container runtime default profile + should be used. Unconfined - no profile + should be applied." + type: string + required: + - type + type: object + windowsOptions: + description: The Windows specific settings + applied to all containers. If unspecified, + the options from the PodSecurityContext + will be used. If set in both SecurityContext + and PodSecurityContext, the value specified + in SecurityContext takes precedence. Note + that this field cannot be set when spec.os.name + is linux. + properties: + gmsaCredentialSpec: + description: GMSACredentialSpec is where + the GMSA admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) + inlines the contents of the GMSA credential + spec named by the GMSACredentialSpecName + field. + type: string + gmsaCredentialSpecName: + description: GMSACredentialSpecName + is the name of the GMSA credential + spec to use. + type: string + hostProcess: + description: HostProcess determines + if a container should be run as a + 'Host Process' container. All of a + Pod's containers must have the same + effective HostProcess value (it is + not allowed to have a mix of HostProcess + containers and non-HostProcess containers). + In addition, if HostProcess is true + then HostNetwork must also be set + to true. + type: boolean + runAsUserName: + description: The UserName in Windows + to run the entrypoint of the container + process. Defaults to the user specified + in image metadata if unspecified. + May also be set in PodSecurityContext. + If set in both SecurityContext and + PodSecurityContext, the value specified + in SecurityContext takes precedence. + type: string + type: object + type: object + startupProbe: + description: 'StartupProbe indicates that the + Pod has successfully initialized. If specified, + no other probes are executed until this completes + successfully. If this probe fails, the Pod + will be restarted, just as if the livenessProbe + failed. This can be used to provide different + probe parameters at the beginning of a Pod''s + lifecycle, when it might take a long time + to load data or warm a cache, than during + steady-state operation. This cannot be updated. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + properties: + exec: + description: Exec specifies the action to + take. + properties: + command: + description: Command is the command + line to execute inside the container, + the working directory for the command is + root ('/') in the container's filesystem. + The command is simply exec'd, it is + not run inside a shell, so traditional + shell instructions ('|', etc) won't + work. To use a shell, you need to + explicitly call out to that shell. + Exit status of 0 is treated as live/healthy + and non-zero is unhealthy. + items: + type: string + type: array + type: object + failureThreshold: + description: Minimum consecutive failures + for the probe to be considered failed + after having succeeded. Defaults to 3. + Minimum value is 1. + format: int32 + type: integer + grpc: + description: GRPC specifies an action involving + a GRPC port. + properties: + port: + description: Port number of the gRPC + service. Number must be in the range + 1 to 65535. + format: int32 + type: integer + service: + description: "Service is the name of + the service to place in the gRPC HealthCheckRequest + (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + \n If this is not specified, the default + behavior is defined by gRPC." + type: string + required: + - port + type: object + httpGet: + description: HTTPGet specifies the http + request to perform. + properties: + host: + description: Host name to connect to, + defaults to the pod IP. You probably + want to set "Host" in httpHeaders + instead. + type: string + httpHeaders: + description: Custom headers to set in + the request. HTTP allows repeated + headers. + items: + description: HTTPHeader describes + a custom header to be used in HTTP + probes + properties: + name: + description: The header field + name. This will be canonicalized + upon output, so case-variant + names will be understood as + the same header. + type: string + value: + description: The header field + value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP + server. + type: string + port: + anyOf: + - type: integer + - type: string + description: Name or number of the port + to access on the container. Number + must be in the range 1 to 65535. Name + must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: Scheme to use for connecting + to the host. Defaults to HTTP. + type: string + required: + - port + type: object + initialDelaySeconds: + description: 'Number of seconds after the + container has started before liveness + probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + periodSeconds: + description: How often (in seconds) to perform + the probe. Default to 10 seconds. Minimum + value is 1. + format: int32 + type: integer + successThreshold: + description: Minimum consecutive successes + for the probe to be considered successful + after having failed. Defaults to 1. Must + be 1 for liveness and startup. Minimum + value is 1. + format: int32 + type: integer + tcpSocket: + description: TCPSocket specifies an action + involving a TCP port. + properties: + host: + description: 'Optional: Host name to + connect to, defaults to the pod IP.' + type: string + port: + anyOf: + - type: integer + - type: string + description: Number or name of the port + to access on the container. Number + must be in the range 1 to 65535. Name + must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + terminationGracePeriodSeconds: + description: Optional duration in seconds + the pod needs to terminate gracefully + upon probe failure. The grace period is + the duration in seconds after the processes + running in the pod are sent a termination + signal and the time when the processes + are forcibly halted with a kill signal. + Set this value longer than the expected + cleanup time for your process. If this + value is nil, the pod's terminationGracePeriodSeconds + will be used. Otherwise, this value overrides + the value provided by the pod spec. Value + must be non-negative integer. The value + zero indicates stop immediately via the + kill signal (no opportunity to shut down). + This is a beta field and requires enabling + ProbeTerminationGracePeriod feature gate. + Minimum value is 1. spec.terminationGracePeriodSeconds + is used if unset. + format: int64 + type: integer + timeoutSeconds: + description: 'Number of seconds after which + the probe times out. Defaults to 1 second. + Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + type: object + stdin: + description: Whether this container should allocate + a buffer for stdin in the container runtime. + If this is not set, reads from stdin in the + container will always result in EOF. Default + is false. + type: boolean + stdinOnce: + description: Whether the container runtime should + close the stdin channel after it has been + opened by a single attach. When stdin is true + the stdin stream will remain open across multiple + attach sessions. If stdinOnce is set to true, + stdin is opened on container start, is empty + until the first client attaches to stdin, + and then remains open and accepts data until + the client disconnects, at which time stdin + is closed and remains closed until the container + is restarted. If this flag is false, a container + processes that reads from stdin will never + receive an EOF. Default is false + type: boolean + terminationMessagePath: + description: 'Optional: Path at which the file + to which the container''s termination message + will be written is mounted into the container''s + filesystem. Message written is intended to + be brief final status, such as an assertion + failure message. Will be truncated by the + node if greater than 4096 bytes. The total + message length across all containers will + be limited to 12kb. Defaults to /dev/termination-log. + Cannot be updated.' + type: string + terminationMessagePolicy: + description: Indicate how the termination message + should be populated. File will use the contents + of terminationMessagePath to populate the + container status message on both success and + failure. FallbackToLogsOnError will use the + last chunk of container log output if the + termination message file is empty and the + container exited with an error. The log output + is limited to 2048 bytes or 80 lines, whichever + is smaller. Defaults to File. Cannot be updated. + type: string + tty: + description: Whether this container should allocate + a TTY for itself, also requires 'stdin' to + be true. Default is false. + type: boolean + volumeDevices: + description: volumeDevices is the list of block + devices to be used by the container. + items: + description: volumeDevice describes a mapping + of a raw block device within a container. + properties: + devicePath: + description: devicePath is the path inside + of the container that the device will + be mapped to. + type: string + name: + description: name must match the name + of a persistentVolumeClaim in the pod + type: string + required: + - devicePath + - name + type: object + type: array + volumeMounts: + description: Pod volumes to mount into the container's + filesystem. Cannot be updated. + items: + description: VolumeMount describes a mounting + of a Volume within a container. + properties: + mountPath: + description: Path within the container + at which the volume should be mounted. Must + not contain ':'. + type: string + mountPropagation: + description: mountPropagation determines + how mounts are propagated from the host + to container and the other way around. + When not set, MountPropagationNone is + used. This field is beta in 1.10. + type: string + name: + description: This must match the Name + of a Volume. + type: string + readOnly: + description: Mounted read-only if true, + read-write otherwise (false or unspecified). + Defaults to false. + type: boolean + subPath: + description: Path within the volume from + which the container's volume should + be mounted. Defaults to "" (volume's + root). + type: string + subPathExpr: + description: Expanded path within the + volume from which the container's volume + should be mounted. Behaves similarly + to SubPath but environment variable + references $(VAR_NAME) are expanded + using the container's environment. Defaults + to "" (volume's root). SubPathExpr and + SubPath are mutually exclusive. + type: string + required: + - mountPath + - name + type: object + type: array + workingDir: + description: Container's working directory. + If not specified, the container runtime's + default will be used, which might be configured + in the container image. Cannot be updated. + type: string + required: + - name + type: object + type: array + dnsConfig: + description: Specifies the DNS parameters of a pod. + Parameters specified here will be merged to the + generated DNS configuration based on DNSPolicy. + properties: + nameservers: + description: A list of DNS name server IP addresses. + This will be appended to the base nameservers + generated from DNSPolicy. Duplicated nameservers + will be removed. + items: + type: string + type: array + options: + description: A list of DNS resolver options. This + will be merged with the base options generated + from DNSPolicy. Duplicated entries will be removed. + Resolution options given in Options will override + those that appear in the base DNSPolicy. + items: + description: PodDNSConfigOption defines DNS + resolver options of a pod. + properties: + name: + description: Required. + type: string + value: + type: string + type: object + type: array + searches: + description: A list of DNS search domains for + host-name lookup. This will be appended to the + base search paths generated from DNSPolicy. + Duplicated search paths will be removed. + items: + type: string + type: array + type: object + dnsPolicy: + description: DNSPolicy defines how a pod's DNS will + be configured. + type: string + enableServiceLinks: + description: 'EnableServiceLinks indicates whether + information about services should be injected into + pod''s environment variables, matching the syntax + of Docker links. Optional: Defaults to true.' + type: boolean + ephemeralContainers: + items: + description: "An EphemeralContainer is a temporary + container that you may add to an existing Pod + for user-initiated activities such as debugging. + Ephemeral containers have no resource or scheduling + guarantees, and they will not be restarted when + they exit or when a Pod is removed or restarted. + The kubelet may evict a Pod if an ephemeral container + causes the Pod to exceed its resource allocation. + \n To add an ephemeral container, use the ephemeralcontainers + subresource of an existing Pod. Ephemeral containers + may not be removed or restarted." + properties: + args: + description: 'Arguments to the entrypoint. The + image''s CMD is used if this is not provided. + Variable references $(VAR_NAME) are expanded + using the container''s environment. If a variable + cannot be resolved, the reference in the input + string will be unchanged. Double $$ are reduced + to a single $, which allows for escaping the + $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will + produce the string literal "$(VAR_NAME)". + Escaped references will never be expanded, + regardless of whether the variable exists + or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' + items: + type: string + type: array + command: + description: 'Entrypoint array. Not executed + within a shell. The image''s ENTRYPOINT is + used if this is not provided. Variable references + $(VAR_NAME) are expanded using the container''s + environment. If a variable cannot be resolved, + the reference in the input string will be + unchanged. Double $$ are reduced to a single + $, which allows for escaping the $(VAR_NAME) + syntax: i.e. "$$(VAR_NAME)" will produce the + string literal "$(VAR_NAME)". Escaped references + will never be expanded, regardless of whether + the variable exists or not. Cannot be updated. + More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' + items: + type: string + type: array + env: + description: List of environment variables to + set in the container. Cannot be updated. + items: + description: EnvVar represents an environment + variable present in a Container. + properties: + name: + description: Name of the environment variable. + Must be a C_IDENTIFIER. + type: string + value: + description: 'Variable references $(VAR_NAME) + are expanded using the previously defined + environment variables in the container + and any service environment variables. + If a variable cannot be resolved, the + reference in the input string will be + unchanged. Double $$ are reduced to + a single $, which allows for escaping + the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" + will produce the string literal "$(VAR_NAME)". + Escaped references will never be expanded, + regardless of whether the variable exists + or not. Defaults to "".' + type: string + valueFrom: + description: Source for the environment + variable's value. Cannot be used if + value is not empty. + properties: + configMapKeyRef: + description: Selects a key of a ConfigMap. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. + apiVersion, kind, uid?' + type: string + optional: + description: Specify whether the + ConfigMap or its key must be + defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + fieldRef: + description: 'Selects a field of the + pod: supports metadata.name, metadata.namespace, + `metadata.labels['''']`, `metadata.annotations['''']`, + spec.nodeName, spec.serviceAccountName, + status.hostIP, status.podIP, status.podIPs.' + properties: + apiVersion: + description: Version of the schema + the FieldPath is written in + terms of, defaults to "v1". + type: string + fieldPath: + description: Path of the field + to select in the specified API + version. + type: string + required: + - fieldPath + type: object + x-kubernetes-map-type: atomic + resourceFieldRef: + description: 'Selects a resource of + the container: only resources limits + and requests (limits.cpu, limits.memory, + limits.ephemeral-storage, requests.cpu, + requests.memory and requests.ephemeral-storage) + are currently supported.' + properties: + containerName: + description: 'Container name: + required for volumes, optional + for env vars' + type: string + divisor: + anyOf: + - type: integer + - type: string + description: Specifies the output + format of the exposed resources, + defaults to "1" + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + description: 'Required: resource + to select' + type: string + required: + - resource + type: object + x-kubernetes-map-type: atomic + secretKeyRef: + description: Selects a key of a secret + in the pod's namespace + properties: + key: + description: The key of the secret + to select from. Must be a valid + secret key. + type: string + name: + description: 'Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. + apiVersion, kind, uid?' + type: string + optional: + description: Specify whether the + Secret or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + required: + - name + type: object + type: array + envFrom: + description: List of sources to populate environment + variables in the container. The keys defined + within a source must be a C_IDENTIFIER. All + invalid keys will be reported as an event + when the container is starting. When a key + exists in multiple sources, the value associated + with the last source will take precedence. + Values defined by an Env with a duplicate + key will take precedence. Cannot be updated. + items: + description: EnvFromSource represents the + source of a set of ConfigMaps + properties: + configMapRef: + description: The ConfigMap to select from + properties: + name: + description: 'Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the ConfigMap + must be defined + type: boolean + type: object + x-kubernetes-map-type: atomic + prefix: + description: An optional identifier to + prepend to each key in the ConfigMap. + Must be a C_IDENTIFIER. + type: string + secretRef: + description: The Secret to select from + properties: + name: + description: 'Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret + must be defined + type: boolean + type: object + x-kubernetes-map-type: atomic + type: object + type: array + image: + description: 'Container image name. More info: + https://kubernetes.io/docs/concepts/containers/images' + type: string + imagePullPolicy: + description: 'Image pull policy. One of Always, + Never, IfNotPresent. Defaults to Always if + :latest tag is specified, or IfNotPresent + otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' + type: string + lifecycle: + description: Lifecycle is not allowed for ephemeral + containers. + properties: + postStart: + description: 'PostStart is called immediately + after a container is created. If the handler + fails, the container is terminated and + restarted according to its restart policy. + Other management of the container blocks + until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' + properties: + exec: + description: Exec specifies the action + to take. + properties: + command: + description: Command is the command + line to execute inside the container, + the working directory for the + command is root ('/') in the + container's filesystem. The command + is simply exec'd, it is not run + inside a shell, so traditional + shell instructions ('|', etc) + won't work. To use a shell, you + need to explicitly call out to + that shell. Exit status of 0 is + treated as live/healthy and non-zero + is unhealthy. + items: + type: string + type: array + type: object + httpGet: + description: HTTPGet specifies the http + request to perform. + properties: + host: + description: Host name to connect + to, defaults to the pod IP. You + probably want to set "Host" in + httpHeaders instead. + type: string + httpHeaders: + description: Custom headers to set + in the request. HTTP allows repeated + headers. + items: + description: HTTPHeader describes + a custom header to be used in + HTTP probes + properties: + name: + description: The header field + name. This will be canonicalized + upon output, so case-variant + names will be understood + as the same header. + type: string + value: + description: The header field + value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the + HTTP server. + type: string + port: + anyOf: + - type: integer + - type: string + description: Name or number of the + port to access on the container. + Number must be in the range 1 + to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: Scheme to use for connecting + to the host. Defaults to HTTP. + type: string + required: + - port + type: object + sleep: + description: Sleep represents the duration + that the container should sleep before + being terminated. + properties: + seconds: + description: Seconds is the number + of seconds to sleep. + format: int64 + type: integer + required: + - seconds + type: object + tcpSocket: + description: Deprecated. TCPSocket is + NOT supported as a LifecycleHandler + and kept for the backward compatibility. + There are no validation of this field + and lifecycle hooks will fail in runtime + when tcp handler is specified. + properties: + host: + description: 'Optional: Host name + to connect to, defaults to the + pod IP.' + type: string + port: + anyOf: + - type: integer + - type: string + description: Number or name of the + port to access on the container. + Number must be in the range 1 + to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + type: object + preStop: + description: 'PreStop is called immediately + before a container is terminated due to + an API request or management event such + as liveness/startup probe failure, preemption, + resource contention, etc. The handler + is not called if the container crashes + or exits. The Pod''s termination grace + period countdown begins before the PreStop + hook is executed. Regardless of the outcome + of the handler, the container will eventually + terminate within the Pod''s termination + grace period (unless delayed by finalizers). + Other management of the container blocks + until the hook completes or until the + termination grace period is reached. More + info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' + properties: + exec: + description: Exec specifies the action + to take. + properties: + command: + description: Command is the command + line to execute inside the container, + the working directory for the + command is root ('/') in the + container's filesystem. The command + is simply exec'd, it is not run + inside a shell, so traditional + shell instructions ('|', etc) + won't work. To use a shell, you + need to explicitly call out to + that shell. Exit status of 0 is + treated as live/healthy and non-zero + is unhealthy. + items: + type: string + type: array + type: object + httpGet: + description: HTTPGet specifies the http + request to perform. + properties: + host: + description: Host name to connect + to, defaults to the pod IP. You + probably want to set "Host" in + httpHeaders instead. + type: string + httpHeaders: + description: Custom headers to set + in the request. HTTP allows repeated + headers. + items: + description: HTTPHeader describes + a custom header to be used in + HTTP probes + properties: + name: + description: The header field + name. This will be canonicalized + upon output, so case-variant + names will be understood + as the same header. + type: string + value: + description: The header field + value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the + HTTP server. + type: string + port: + anyOf: + - type: integer + - type: string + description: Name or number of the + port to access on the container. + Number must be in the range 1 + to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: Scheme to use for connecting + to the host. Defaults to HTTP. + type: string + required: + - port + type: object + sleep: + description: Sleep represents the duration + that the container should sleep before + being terminated. + properties: + seconds: + description: Seconds is the number + of seconds to sleep. + format: int64 + type: integer + required: + - seconds + type: object + tcpSocket: + description: Deprecated. TCPSocket is + NOT supported as a LifecycleHandler + and kept for the backward compatibility. + There are no validation of this field + and lifecycle hooks will fail in runtime + when tcp handler is specified. + properties: + host: + description: 'Optional: Host name + to connect to, defaults to the + pod IP.' + type: string + port: + anyOf: + - type: integer + - type: string + description: Number or name of the + port to access on the container. + Number must be in the range 1 + to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + type: object + type: object + livenessProbe: + description: Probes are not allowed for ephemeral + containers. + properties: + exec: + description: Exec specifies the action to + take. + properties: + command: + description: Command is the command + line to execute inside the container, + the working directory for the command is + root ('/') in the container's filesystem. + The command is simply exec'd, it is + not run inside a shell, so traditional + shell instructions ('|', etc) won't + work. To use a shell, you need to + explicitly call out to that shell. + Exit status of 0 is treated as live/healthy + and non-zero is unhealthy. + items: + type: string + type: array + type: object + failureThreshold: + description: Minimum consecutive failures + for the probe to be considered failed + after having succeeded. Defaults to 3. + Minimum value is 1. + format: int32 + type: integer + grpc: + description: GRPC specifies an action involving + a GRPC port. + properties: + port: + description: Port number of the gRPC + service. Number must be in the range + 1 to 65535. + format: int32 + type: integer + service: + description: "Service is the name of + the service to place in the gRPC HealthCheckRequest + (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + \n If this is not specified, the default + behavior is defined by gRPC." + type: string + required: + - port + type: object + httpGet: + description: HTTPGet specifies the http + request to perform. + properties: + host: + description: Host name to connect to, + defaults to the pod IP. You probably + want to set "Host" in httpHeaders + instead. + type: string + httpHeaders: + description: Custom headers to set in + the request. HTTP allows repeated + headers. + items: + description: HTTPHeader describes + a custom header to be used in HTTP + probes + properties: + name: + description: The header field + name. This will be canonicalized + upon output, so case-variant + names will be understood as + the same header. + type: string + value: + description: The header field + value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP + server. + type: string + port: + anyOf: + - type: integer + - type: string + description: Name or number of the port + to access on the container. Number + must be in the range 1 to 65535. Name + must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: Scheme to use for connecting + to the host. Defaults to HTTP. + type: string + required: + - port + type: object + initialDelaySeconds: + description: 'Number of seconds after the + container has started before liveness + probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + periodSeconds: + description: How often (in seconds) to perform + the probe. Default to 10 seconds. Minimum + value is 1. + format: int32 + type: integer + successThreshold: + description: Minimum consecutive successes + for the probe to be considered successful + after having failed. Defaults to 1. Must + be 1 for liveness and startup. Minimum + value is 1. + format: int32 + type: integer + tcpSocket: + description: TCPSocket specifies an action + involving a TCP port. + properties: + host: + description: 'Optional: Host name to + connect to, defaults to the pod IP.' + type: string + port: + anyOf: + - type: integer + - type: string + description: Number or name of the port + to access on the container. Number + must be in the range 1 to 65535. Name + must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + terminationGracePeriodSeconds: + description: Optional duration in seconds + the pod needs to terminate gracefully + upon probe failure. The grace period is + the duration in seconds after the processes + running in the pod are sent a termination + signal and the time when the processes + are forcibly halted with a kill signal. + Set this value longer than the expected + cleanup time for your process. If this + value is nil, the pod's terminationGracePeriodSeconds + will be used. Otherwise, this value overrides + the value provided by the pod spec. Value + must be non-negative integer. The value + zero indicates stop immediately via the + kill signal (no opportunity to shut down). + This is a beta field and requires enabling + ProbeTerminationGracePeriod feature gate. + Minimum value is 1. spec.terminationGracePeriodSeconds + is used if unset. + format: int64 + type: integer + timeoutSeconds: + description: 'Number of seconds after which + the probe times out. Defaults to 1 second. + Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + type: object + name: + description: Name of the ephemeral container + specified as a DNS_LABEL. This name must be + unique among all containers, init containers + and ephemeral containers. + type: string + ports: + description: Ports are not allowed for ephemeral + containers. + items: + description: ContainerPort represents a network + port in a single container. + properties: + containerPort: + description: Number of port to expose + on the pod's IP address. This must be + a valid port number, 0 < x < 65536. + format: int32 + type: integer + hostIP: + description: What host IP to bind the + external port to. + type: string + hostPort: + description: Number of port to expose + on the host. If specified, this must + be a valid port number, 0 < x < 65536. + If HostNetwork is specified, this must + match ContainerPort. Most containers + do not need this. + format: int32 + type: integer + name: + description: If specified, this must be + an IANA_SVC_NAME and unique within the + pod. Each named port in a pod must have + a unique name. Name for the port that + can be referred to by services. + type: string + protocol: + default: TCP + description: Protocol for port. Must be + UDP, TCP, or SCTP. Defaults to "TCP". + type: string + required: + - containerPort + type: object + type: array + x-kubernetes-list-map-keys: + - containerPort + - protocol + x-kubernetes-list-type: map + readinessProbe: + description: Probes are not allowed for ephemeral + containers. + properties: + exec: + description: Exec specifies the action to + take. + properties: + command: + description: Command is the command + line to execute inside the container, + the working directory for the command is + root ('/') in the container's filesystem. + The command is simply exec'd, it is + not run inside a shell, so traditional + shell instructions ('|', etc) won't + work. To use a shell, you need to + explicitly call out to that shell. + Exit status of 0 is treated as live/healthy + and non-zero is unhealthy. + items: + type: string + type: array + type: object + failureThreshold: + description: Minimum consecutive failures + for the probe to be considered failed + after having succeeded. Defaults to 3. + Minimum value is 1. + format: int32 + type: integer + grpc: + description: GRPC specifies an action involving + a GRPC port. + properties: + port: + description: Port number of the gRPC + service. Number must be in the range + 1 to 65535. + format: int32 + type: integer + service: + description: "Service is the name of + the service to place in the gRPC HealthCheckRequest + (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + \n If this is not specified, the default + behavior is defined by gRPC." + type: string + required: + - port + type: object + httpGet: + description: HTTPGet specifies the http + request to perform. + properties: + host: + description: Host name to connect to, + defaults to the pod IP. You probably + want to set "Host" in httpHeaders + instead. + type: string + httpHeaders: + description: Custom headers to set in + the request. HTTP allows repeated + headers. + items: + description: HTTPHeader describes + a custom header to be used in HTTP + probes + properties: + name: + description: The header field + name. This will be canonicalized + upon output, so case-variant + names will be understood as + the same header. + type: string + value: + description: The header field + value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP + server. + type: string + port: + anyOf: + - type: integer + - type: string + description: Name or number of the port + to access on the container. Number + must be in the range 1 to 65535. Name + must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: Scheme to use for connecting + to the host. Defaults to HTTP. + type: string + required: + - port + type: object + initialDelaySeconds: + description: 'Number of seconds after the + container has started before liveness + probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + periodSeconds: + description: How often (in seconds) to perform + the probe. Default to 10 seconds. Minimum + value is 1. + format: int32 + type: integer + successThreshold: + description: Minimum consecutive successes + for the probe to be considered successful + after having failed. Defaults to 1. Must + be 1 for liveness and startup. Minimum + value is 1. + format: int32 + type: integer + tcpSocket: + description: TCPSocket specifies an action + involving a TCP port. + properties: + host: + description: 'Optional: Host name to + connect to, defaults to the pod IP.' + type: string + port: + anyOf: + - type: integer + - type: string + description: Number or name of the port + to access on the container. Number + must be in the range 1 to 65535. Name + must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + terminationGracePeriodSeconds: + description: Optional duration in seconds + the pod needs to terminate gracefully + upon probe failure. The grace period is + the duration in seconds after the processes + running in the pod are sent a termination + signal and the time when the processes + are forcibly halted with a kill signal. + Set this value longer than the expected + cleanup time for your process. If this + value is nil, the pod's terminationGracePeriodSeconds + will be used. Otherwise, this value overrides + the value provided by the pod spec. Value + must be non-negative integer. The value + zero indicates stop immediately via the + kill signal (no opportunity to shut down). + This is a beta field and requires enabling + ProbeTerminationGracePeriod feature gate. + Minimum value is 1. spec.terminationGracePeriodSeconds + is used if unset. + format: int64 + type: integer + timeoutSeconds: + description: 'Number of seconds after which + the probe times out. Defaults to 1 second. + Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + type: object + resizePolicy: + description: Resources resize policy for the + container. + items: + description: ContainerResizePolicy represents + resource resize policy for the container. + properties: + resourceName: + description: 'Name of the resource to + which this resource resize policy applies. + Supported values: cpu, memory.' + type: string + restartPolicy: + description: Restart policy to apply when + specified resource is resized. If not + specified, it defaults to NotRequired. + type: string + required: + - resourceName + - restartPolicy + type: object + type: array + x-kubernetes-list-type: atomic + resources: + description: Resources are not allowed for ephemeral + containers. Ephemeral containers use spare + resources already allocated to the pod. + properties: + claims: + description: "Claims lists the names of + resources, defined in spec.resourceClaims, + that are used by this container. \n This + is an alpha field and requires enabling + the DynamicResourceAllocation feature + gate. \n This field is immutable. It can + only be set for containers." + items: + description: ResourceClaim references + one entry in PodSpec.ResourceClaims. + properties: + name: + description: Name must match the name + of one entry in pod.spec.resourceClaims + of the Pod where this field is used. + It makes that resource available + inside a container. + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum + amount of compute resources allowed. More + info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum + amount of compute resources required. + If Requests is omitted for a container, + it defaults to Limits if that is explicitly + specified, otherwise to an implementation-defined + value. Requests cannot exceed Limits. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + type: object + restartPolicy: + description: Restart policy for the container + to manage the restart behavior of each container + within a pod. This may only be set for init + containers. You cannot set this field on ephemeral + containers. + type: string + securityContext: + description: 'Optional: SecurityContext defines + the security options the ephemeral container + should be run with. If set, the fields of + SecurityContext override the equivalent fields + of PodSecurityContext.' + properties: + allowPrivilegeEscalation: + description: 'AllowPrivilegeEscalation controls + whether a process can gain more privileges + than its parent process. This bool directly + controls if the no_new_privs flag will + be set on the container process. AllowPrivilegeEscalation + is true always when the container is: + 1) run as Privileged 2) has CAP_SYS_ADMIN + Note that this field cannot be set when + spec.os.name is windows.' + type: boolean + capabilities: + description: The capabilities to add/drop + when running containers. Defaults to the + default set of capabilities granted by + the container runtime. Note that this + field cannot be set when spec.os.name + is windows. + properties: + add: + description: Added capabilities + items: + description: Capability represent + POSIX capabilities type + type: string + type: array + drop: + description: Removed capabilities + items: + description: Capability represent + POSIX capabilities type + type: string + type: array + type: object + privileged: + description: Run container in privileged + mode. Processes in privileged containers + are essentially equivalent to root on + the host. Defaults to false. Note that + this field cannot be set when spec.os.name + is windows. + type: boolean + procMount: + description: procMount denotes the type + of proc mount to use for the containers. + The default is DefaultProcMount which + uses the container runtime defaults for + readonly paths and masked paths. This + requires the ProcMountType feature flag + to be enabled. Note that this field cannot + be set when spec.os.name is windows. + type: string + readOnlyRootFilesystem: + description: Whether this container has + a read-only root filesystem. Default is + false. Note that this field cannot be + set when spec.os.name is windows. + type: boolean + runAsGroup: + description: The GID to run the entrypoint + of the container process. Uses runtime + default if unset. May also be set in PodSecurityContext. If + set in both SecurityContext and PodSecurityContext, + the value specified in SecurityContext + takes precedence. Note that this field + cannot be set when spec.os.name is windows. + format: int64 + type: integer + runAsNonRoot: + description: Indicates that the container + must run as a non-root user. If true, + the Kubelet will validate the image at + runtime to ensure that it does not run + as UID 0 (root) and fail to start the + container if it does. If unset or false, + no such validation will be performed. + May also be set in PodSecurityContext. If + set in both SecurityContext and PodSecurityContext, + the value specified in SecurityContext + takes precedence. + type: boolean + runAsUser: + description: The UID to run the entrypoint + of the container process. Defaults to + user specified in image metadata if unspecified. + May also be set in PodSecurityContext. If + set in both SecurityContext and PodSecurityContext, + the value specified in SecurityContext + takes precedence. Note that this field + cannot be set when spec.os.name is windows. + format: int64 + type: integer + seLinuxOptions: + description: The SELinux context to be applied + to the container. If unspecified, the + container runtime will allocate a random + SELinux context for each container. May + also be set in PodSecurityContext. If + set in both SecurityContext and PodSecurityContext, + the value specified in SecurityContext + takes precedence. Note that this field + cannot be set when spec.os.name is windows. + properties: + level: + description: Level is SELinux level + label that applies to the container. + type: string + role: + description: Role is a SELinux role + label that applies to the container. + type: string + type: + description: Type is a SELinux type + label that applies to the container. + type: string + user: + description: User is a SELinux user + label that applies to the container. + type: string + type: object + seccompProfile: + description: The seccomp options to use + by this container. If seccomp options + are provided at both the pod & container + level, the container options override + the pod options. Note that this field + cannot be set when spec.os.name is windows. + properties: + localhostProfile: + description: localhostProfile indicates + a profile defined in a file on the + node should be used. The profile must + be preconfigured on the node to work. + Must be a descending path, relative + to the kubelet's configured seccomp + profile location. Must be set if type + is "Localhost". Must NOT be set for + any other type. + type: string + type: + description: "type indicates which kind + of seccomp profile will be applied. + Valid options are: \n Localhost - + a profile defined in a file on the + node should be used. RuntimeDefault + - the container runtime default profile + should be used. Unconfined - no profile + should be applied." + type: string + required: + - type + type: object + windowsOptions: + description: The Windows specific settings + applied to all containers. If unspecified, + the options from the PodSecurityContext + will be used. If set in both SecurityContext + and PodSecurityContext, the value specified + in SecurityContext takes precedence. Note + that this field cannot be set when spec.os.name + is linux. + properties: + gmsaCredentialSpec: + description: GMSACredentialSpec is where + the GMSA admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) + inlines the contents of the GMSA credential + spec named by the GMSACredentialSpecName + field. + type: string + gmsaCredentialSpecName: + description: GMSACredentialSpecName + is the name of the GMSA credential + spec to use. + type: string + hostProcess: + description: HostProcess determines + if a container should be run as a + 'Host Process' container. All of a + Pod's containers must have the same + effective HostProcess value (it is + not allowed to have a mix of HostProcess + containers and non-HostProcess containers). + In addition, if HostProcess is true + then HostNetwork must also be set + to true. + type: boolean + runAsUserName: + description: The UserName in Windows + to run the entrypoint of the container + process. Defaults to the user specified + in image metadata if unspecified. + May also be set in PodSecurityContext. + If set in both SecurityContext and + PodSecurityContext, the value specified + in SecurityContext takes precedence. + type: string + type: object + type: object + startupProbe: + description: Probes are not allowed for ephemeral + containers. + properties: + exec: + description: Exec specifies the action to + take. + properties: + command: + description: Command is the command + line to execute inside the container, + the working directory for the command is + root ('/') in the container's filesystem. + The command is simply exec'd, it is + not run inside a shell, so traditional + shell instructions ('|', etc) won't + work. To use a shell, you need to + explicitly call out to that shell. + Exit status of 0 is treated as live/healthy + and non-zero is unhealthy. + items: + type: string + type: array + type: object + failureThreshold: + description: Minimum consecutive failures + for the probe to be considered failed + after having succeeded. Defaults to 3. + Minimum value is 1. + format: int32 + type: integer + grpc: + description: GRPC specifies an action involving + a GRPC port. + properties: + port: + description: Port number of the gRPC + service. Number must be in the range + 1 to 65535. + format: int32 + type: integer + service: + description: "Service is the name of + the service to place in the gRPC HealthCheckRequest + (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + \n If this is not specified, the default + behavior is defined by gRPC." + type: string + required: + - port + type: object + httpGet: + description: HTTPGet specifies the http + request to perform. + properties: + host: + description: Host name to connect to, + defaults to the pod IP. You probably + want to set "Host" in httpHeaders + instead. + type: string + httpHeaders: + description: Custom headers to set in + the request. HTTP allows repeated + headers. + items: + description: HTTPHeader describes + a custom header to be used in HTTP + probes + properties: + name: + description: The header field + name. This will be canonicalized + upon output, so case-variant + names will be understood as + the same header. + type: string + value: + description: The header field + value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP + server. + type: string + port: + anyOf: + - type: integer + - type: string + description: Name or number of the port + to access on the container. Number + must be in the range 1 to 65535. Name + must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: Scheme to use for connecting + to the host. Defaults to HTTP. + type: string + required: + - port + type: object + initialDelaySeconds: + description: 'Number of seconds after the + container has started before liveness + probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + periodSeconds: + description: How often (in seconds) to perform + the probe. Default to 10 seconds. Minimum + value is 1. + format: int32 + type: integer + successThreshold: + description: Minimum consecutive successes + for the probe to be considered successful + after having failed. Defaults to 1. Must + be 1 for liveness and startup. Minimum + value is 1. + format: int32 + type: integer + tcpSocket: + description: TCPSocket specifies an action + involving a TCP port. + properties: + host: + description: 'Optional: Host name to + connect to, defaults to the pod IP.' + type: string + port: + anyOf: + - type: integer + - type: string + description: Number or name of the port + to access on the container. Number + must be in the range 1 to 65535. Name + must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + terminationGracePeriodSeconds: + description: Optional duration in seconds + the pod needs to terminate gracefully + upon probe failure. The grace period is + the duration in seconds after the processes + running in the pod are sent a termination + signal and the time when the processes + are forcibly halted with a kill signal. + Set this value longer than the expected + cleanup time for your process. If this + value is nil, the pod's terminationGracePeriodSeconds + will be used. Otherwise, this value overrides + the value provided by the pod spec. Value + must be non-negative integer. The value + zero indicates stop immediately via the + kill signal (no opportunity to shut down). + This is a beta field and requires enabling + ProbeTerminationGracePeriod feature gate. + Minimum value is 1. spec.terminationGracePeriodSeconds + is used if unset. + format: int64 + type: integer + timeoutSeconds: + description: 'Number of seconds after which + the probe times out. Defaults to 1 second. + Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + type: object + stdin: + description: Whether this container should allocate + a buffer for stdin in the container runtime. + If this is not set, reads from stdin in the + container will always result in EOF. Default + is false. + type: boolean + stdinOnce: + description: Whether the container runtime should + close the stdin channel after it has been + opened by a single attach. When stdin is true + the stdin stream will remain open across multiple + attach sessions. If stdinOnce is set to true, + stdin is opened on container start, is empty + until the first client attaches to stdin, + and then remains open and accepts data until + the client disconnects, at which time stdin + is closed and remains closed until the container + is restarted. If this flag is false, a container + processes that reads from stdin will never + receive an EOF. Default is false + type: boolean + targetContainerName: + description: "If set, the name of the container + from PodSpec that this ephemeral container + targets. The ephemeral container will be run + in the namespaces (IPC, PID, etc) of this + container. If not set then the ephemeral container + uses the namespaces configured in the Pod + spec. \n The container runtime must implement + support for this feature. If the runtime does + not support namespace targeting then the result + of setting this field is undefined." + type: string + terminationMessagePath: + description: 'Optional: Path at which the file + to which the container''s termination message + will be written is mounted into the container''s + filesystem. Message written is intended to + be brief final status, such as an assertion + failure message. Will be truncated by the + node if greater than 4096 bytes. The total + message length across all containers will + be limited to 12kb. Defaults to /dev/termination-log. + Cannot be updated.' + type: string + terminationMessagePolicy: + description: Indicate how the termination message + should be populated. File will use the contents + of terminationMessagePath to populate the + container status message on both success and + failure. FallbackToLogsOnError will use the + last chunk of container log output if the + termination message file is empty and the + container exited with an error. The log output + is limited to 2048 bytes or 80 lines, whichever + is smaller. Defaults to File. Cannot be updated. + type: string + tty: + description: Whether this container should allocate + a TTY for itself, also requires 'stdin' to + be true. Default is false. + type: boolean + volumeDevices: + description: volumeDevices is the list of block + devices to be used by the container. + items: + description: volumeDevice describes a mapping + of a raw block device within a container. + properties: + devicePath: + description: devicePath is the path inside + of the container that the device will + be mapped to. + type: string + name: + description: name must match the name + of a persistentVolumeClaim in the pod + type: string + required: + - devicePath + - name + type: object + type: array + volumeMounts: + description: Pod volumes to mount into the container's + filesystem. Subpath mounts are not allowed + for ephemeral containers. Cannot be updated. + items: + description: VolumeMount describes a mounting + of a Volume within a container. + properties: + mountPath: + description: Path within the container + at which the volume should be mounted. Must + not contain ':'. + type: string + mountPropagation: + description: mountPropagation determines + how mounts are propagated from the host + to container and the other way around. + When not set, MountPropagationNone is + used. This field is beta in 1.10. + type: string + name: + description: This must match the Name + of a Volume. + type: string + readOnly: + description: Mounted read-only if true, + read-write otherwise (false or unspecified). + Defaults to false. + type: boolean + subPath: + description: Path within the volume from + which the container's volume should + be mounted. Defaults to "" (volume's + root). + type: string + subPathExpr: + description: Expanded path within the + volume from which the container's volume + should be mounted. Behaves similarly + to SubPath but environment variable + references $(VAR_NAME) are expanded + using the container's environment. Defaults + to "" (volume's root). SubPathExpr and + SubPath are mutually exclusive. + type: string + required: + - mountPath + - name + type: object + type: array + workingDir: + description: Container's working directory. + If not specified, the container runtime's + default will be used, which might be configured + in the container image. Cannot be updated. + type: string + required: + - name + type: object + type: array + hostAliases: + description: HostAliases is an optional list of hosts + and IPs that will be injected into the pod's hosts + file if specified. This is only valid for non-hostNetwork + pods. + items: + description: HostAlias holds the mapping between + IP and hostnames that will be injected as an entry + in the pod's hosts file. + properties: + hostnames: + description: Hostnames for the above IP address. + items: + type: string + type: array + ip: + description: IP address of the host file entry. + type: string + type: object + type: array + hostIPC: + description: 'Use the host''s ipc namespace. Optional: + Default to false.' + type: boolean + hostNetwork: + description: Host networking requested for this pod. + Use the host's network namespace. If this option + is set, the ports that will be used must be specified. + Default to false. + type: boolean + hostPID: + description: 'Use the host''s pid namespace. Optional: + Default to false.' + type: boolean + hostUsers: + description: 'Use the host''s user namespace. Optional: + Default to true. If set to true or not present, + the pod will be run in the host user namespace, + useful for when the pod needs a feature only available + to the host user namespace, such as loading a kernel + module with CAP_SYS_MODULE. When set to false, a + new userns is created for the pod. Setting false + is useful for mitigating container breakout vulnerabilities + even allowing users to run their containers as root + without actually having root privileges on the host. + This field is alpha-level and is only honored by + servers that enable the UserNamespacesSupport feature.' + type: boolean + hostname: + description: Specifies the hostname of the Pod If + not specified, the pod's hostname will be set to + a system-defined value. + type: string + imagePullSecrets: + description: 'ImagePullSecrets is an optional list + of references to secrets in the same namespace to + use for pulling any of the images used by this PodSpec. + If specified, these secrets will be passed to individual + puller implementations for them to use. More info: + https://kubernetes.io/docs/concepts/containers/images#specifying-imagepullsecrets-on-a-pod' + items: + description: LocalObjectReference contains enough + information to let you locate the referenced object + inside the same namespace. + properties: + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + type: object + x-kubernetes-map-type: atomic + type: array + initContainers: + items: + description: A single application container that + you want to run within a pod. + properties: + args: + description: 'Arguments to the entrypoint. The + container image''s CMD is used if this is + not provided. Variable references $(VAR_NAME) + are expanded using the container''s environment. + If a variable cannot be resolved, the reference + in the input string will be unchanged. Double + $$ are reduced to a single $, which allows + for escaping the $(VAR_NAME) syntax: i.e. + "$$(VAR_NAME)" will produce the string literal + "$(VAR_NAME)". Escaped references will never + be expanded, regardless of whether the variable + exists or not. Cannot be updated. More info: + https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' + items: + type: string + type: array + command: + description: 'Entrypoint array. Not executed + within a shell. The container image''s ENTRYPOINT + is used if this is not provided. Variable + references $(VAR_NAME) are expanded using + the container''s environment. If a variable + cannot be resolved, the reference in the input + string will be unchanged. Double $$ are reduced + to a single $, which allows for escaping the + $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will + produce the string literal "$(VAR_NAME)". + Escaped references will never be expanded, + regardless of whether the variable exists + or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' + items: + type: string + type: array + env: + description: List of environment variables to + set in the container. Cannot be updated. + items: + description: EnvVar represents an environment + variable present in a Container. + properties: + name: + description: Name of the environment variable. + Must be a C_IDENTIFIER. + type: string + value: + description: 'Variable references $(VAR_NAME) + are expanded using the previously defined + environment variables in the container + and any service environment variables. + If a variable cannot be resolved, the + reference in the input string will be + unchanged. Double $$ are reduced to + a single $, which allows for escaping + the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" + will produce the string literal "$(VAR_NAME)". + Escaped references will never be expanded, + regardless of whether the variable exists + or not. Defaults to "".' + type: string + valueFrom: + description: Source for the environment + variable's value. Cannot be used if + value is not empty. + properties: + configMapKeyRef: + description: Selects a key of a ConfigMap. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. + apiVersion, kind, uid?' + type: string + optional: + description: Specify whether the + ConfigMap or its key must be + defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + fieldRef: + description: 'Selects a field of the + pod: supports metadata.name, metadata.namespace, + `metadata.labels['''']`, `metadata.annotations['''']`, + spec.nodeName, spec.serviceAccountName, + status.hostIP, status.podIP, status.podIPs.' + properties: + apiVersion: + description: Version of the schema + the FieldPath is written in + terms of, defaults to "v1". + type: string + fieldPath: + description: Path of the field + to select in the specified API + version. + type: string + required: + - fieldPath + type: object + x-kubernetes-map-type: atomic + resourceFieldRef: + description: 'Selects a resource of + the container: only resources limits + and requests (limits.cpu, limits.memory, + limits.ephemeral-storage, requests.cpu, + requests.memory and requests.ephemeral-storage) + are currently supported.' + properties: + containerName: + description: 'Container name: + required for volumes, optional + for env vars' + type: string + divisor: + anyOf: + - type: integer + - type: string + description: Specifies the output + format of the exposed resources, + defaults to "1" + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + description: 'Required: resource + to select' + type: string + required: + - resource + type: object + x-kubernetes-map-type: atomic + secretKeyRef: + description: Selects a key of a secret + in the pod's namespace + properties: + key: + description: The key of the secret + to select from. Must be a valid + secret key. + type: string + name: + description: 'Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. + apiVersion, kind, uid?' + type: string + optional: + description: Specify whether the + Secret or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + required: + - name + type: object + type: array + envFrom: + description: List of sources to populate environment + variables in the container. The keys defined + within a source must be a C_IDENTIFIER. All + invalid keys will be reported as an event + when the container is starting. When a key + exists in multiple sources, the value associated + with the last source will take precedence. + Values defined by an Env with a duplicate + key will take precedence. Cannot be updated. + items: + description: EnvFromSource represents the + source of a set of ConfigMaps + properties: + configMapRef: + description: The ConfigMap to select from + properties: + name: + description: 'Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the ConfigMap + must be defined + type: boolean + type: object + x-kubernetes-map-type: atomic + prefix: + description: An optional identifier to + prepend to each key in the ConfigMap. + Must be a C_IDENTIFIER. + type: string + secretRef: + description: The Secret to select from + properties: + name: + description: 'Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret + must be defined + type: boolean + type: object + x-kubernetes-map-type: atomic + type: object + type: array + image: + description: 'Container image name. More info: + https://kubernetes.io/docs/concepts/containers/images + This field is optional to allow higher level + config management to default or override container + images in workload controllers like Deployments + and StatefulSets.' + type: string + imagePullPolicy: + description: 'Image pull policy. One of Always, + Never, IfNotPresent. Defaults to Always if + :latest tag is specified, or IfNotPresent + otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' + type: string + lifecycle: + description: Actions that the management system + should take in response to container lifecycle + events. Cannot be updated. + properties: + postStart: + description: 'PostStart is called immediately + after a container is created. If the handler + fails, the container is terminated and + restarted according to its restart policy. + Other management of the container blocks + until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' + properties: + exec: + description: Exec specifies the action + to take. + properties: + command: + description: Command is the command + line to execute inside the container, + the working directory for the + command is root ('/') in the + container's filesystem. The command + is simply exec'd, it is not run + inside a shell, so traditional + shell instructions ('|', etc) + won't work. To use a shell, you + need to explicitly call out to + that shell. Exit status of 0 is + treated as live/healthy and non-zero + is unhealthy. + items: + type: string + type: array + type: object + httpGet: + description: HTTPGet specifies the http + request to perform. + properties: + host: + description: Host name to connect + to, defaults to the pod IP. You + probably want to set "Host" in + httpHeaders instead. + type: string + httpHeaders: + description: Custom headers to set + in the request. HTTP allows repeated + headers. + items: + description: HTTPHeader describes + a custom header to be used in + HTTP probes + properties: + name: + description: The header field + name. This will be canonicalized + upon output, so case-variant + names will be understood + as the same header. + type: string + value: + description: The header field + value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the + HTTP server. + type: string + port: + anyOf: + - type: integer + - type: string + description: Name or number of the + port to access on the container. + Number must be in the range 1 + to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: Scheme to use for connecting + to the host. Defaults to HTTP. + type: string + required: + - port + type: object + sleep: + description: Sleep represents the duration + that the container should sleep before + being terminated. + properties: + seconds: + description: Seconds is the number + of seconds to sleep. + format: int64 + type: integer + required: + - seconds + type: object + tcpSocket: + description: Deprecated. TCPSocket is + NOT supported as a LifecycleHandler + and kept for the backward compatibility. + There are no validation of this field + and lifecycle hooks will fail in runtime + when tcp handler is specified. + properties: + host: + description: 'Optional: Host name + to connect to, defaults to the + pod IP.' + type: string + port: + anyOf: + - type: integer + - type: string + description: Number or name of the + port to access on the container. + Number must be in the range 1 + to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + type: object + preStop: + description: 'PreStop is called immediately + before a container is terminated due to + an API request or management event such + as liveness/startup probe failure, preemption, + resource contention, etc. The handler + is not called if the container crashes + or exits. The Pod''s termination grace + period countdown begins before the PreStop + hook is executed. Regardless of the outcome + of the handler, the container will eventually + terminate within the Pod''s termination + grace period (unless delayed by finalizers). + Other management of the container blocks + until the hook completes or until the + termination grace period is reached. More + info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' + properties: + exec: + description: Exec specifies the action + to take. + properties: + command: + description: Command is the command + line to execute inside the container, + the working directory for the + command is root ('/') in the + container's filesystem. The command + is simply exec'd, it is not run + inside a shell, so traditional + shell instructions ('|', etc) + won't work. To use a shell, you + need to explicitly call out to + that shell. Exit status of 0 is + treated as live/healthy and non-zero + is unhealthy. + items: + type: string + type: array + type: object + httpGet: + description: HTTPGet specifies the http + request to perform. + properties: + host: + description: Host name to connect + to, defaults to the pod IP. You + probably want to set "Host" in + httpHeaders instead. + type: string + httpHeaders: + description: Custom headers to set + in the request. HTTP allows repeated + headers. + items: + description: HTTPHeader describes + a custom header to be used in + HTTP probes + properties: + name: + description: The header field + name. This will be canonicalized + upon output, so case-variant + names will be understood + as the same header. + type: string + value: + description: The header field + value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the + HTTP server. + type: string + port: + anyOf: + - type: integer + - type: string + description: Name or number of the + port to access on the container. + Number must be in the range 1 + to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: Scheme to use for connecting + to the host. Defaults to HTTP. + type: string + required: + - port + type: object + sleep: + description: Sleep represents the duration + that the container should sleep before + being terminated. + properties: + seconds: + description: Seconds is the number + of seconds to sleep. + format: int64 + type: integer + required: + - seconds + type: object + tcpSocket: + description: Deprecated. TCPSocket is + NOT supported as a LifecycleHandler + and kept for the backward compatibility. + There are no validation of this field + and lifecycle hooks will fail in runtime + when tcp handler is specified. + properties: + host: + description: 'Optional: Host name + to connect to, defaults to the + pod IP.' + type: string + port: + anyOf: + - type: integer + - type: string + description: Number or name of the + port to access on the container. + Number must be in the range 1 + to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + type: object + type: object + livenessProbe: + description: 'Periodic probe of container liveness. + Container will be restarted if the probe fails. + Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + properties: + exec: + description: Exec specifies the action to + take. + properties: + command: + description: Command is the command + line to execute inside the container, + the working directory for the command is + root ('/') in the container's filesystem. + The command is simply exec'd, it is + not run inside a shell, so traditional + shell instructions ('|', etc) won't + work. To use a shell, you need to + explicitly call out to that shell. + Exit status of 0 is treated as live/healthy + and non-zero is unhealthy. + items: + type: string + type: array + type: object + failureThreshold: + description: Minimum consecutive failures + for the probe to be considered failed + after having succeeded. Defaults to 3. + Minimum value is 1. + format: int32 + type: integer + grpc: + description: GRPC specifies an action involving + a GRPC port. + properties: + port: + description: Port number of the gRPC + service. Number must be in the range + 1 to 65535. + format: int32 + type: integer + service: + description: "Service is the name of + the service to place in the gRPC HealthCheckRequest + (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + \n If this is not specified, the default + behavior is defined by gRPC." + type: string + required: + - port + type: object + httpGet: + description: HTTPGet specifies the http + request to perform. + properties: + host: + description: Host name to connect to, + defaults to the pod IP. You probably + want to set "Host" in httpHeaders + instead. + type: string + httpHeaders: + description: Custom headers to set in + the request. HTTP allows repeated + headers. + items: + description: HTTPHeader describes + a custom header to be used in HTTP + probes + properties: + name: + description: The header field + name. This will be canonicalized + upon output, so case-variant + names will be understood as + the same header. + type: string + value: + description: The header field + value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP + server. + type: string + port: + anyOf: + - type: integer + - type: string + description: Name or number of the port + to access on the container. Number + must be in the range 1 to 65535. Name + must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: Scheme to use for connecting + to the host. Defaults to HTTP. + type: string + required: + - port + type: object + initialDelaySeconds: + description: 'Number of seconds after the + container has started before liveness + probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + periodSeconds: + description: How often (in seconds) to perform + the probe. Default to 10 seconds. Minimum + value is 1. + format: int32 + type: integer + successThreshold: + description: Minimum consecutive successes + for the probe to be considered successful + after having failed. Defaults to 1. Must + be 1 for liveness and startup. Minimum + value is 1. + format: int32 + type: integer + tcpSocket: + description: TCPSocket specifies an action + involving a TCP port. + properties: + host: + description: 'Optional: Host name to + connect to, defaults to the pod IP.' + type: string + port: + anyOf: + - type: integer + - type: string + description: Number or name of the port + to access on the container. Number + must be in the range 1 to 65535. Name + must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + terminationGracePeriodSeconds: + description: Optional duration in seconds + the pod needs to terminate gracefully + upon probe failure. The grace period is + the duration in seconds after the processes + running in the pod are sent a termination + signal and the time when the processes + are forcibly halted with a kill signal. + Set this value longer than the expected + cleanup time for your process. If this + value is nil, the pod's terminationGracePeriodSeconds + will be used. Otherwise, this value overrides + the value provided by the pod spec. Value + must be non-negative integer. The value + zero indicates stop immediately via the + kill signal (no opportunity to shut down). + This is a beta field and requires enabling + ProbeTerminationGracePeriod feature gate. + Minimum value is 1. spec.terminationGracePeriodSeconds + is used if unset. + format: int64 + type: integer + timeoutSeconds: + description: 'Number of seconds after which + the probe times out. Defaults to 1 second. + Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + type: object + name: + description: Name of the container specified + as a DNS_LABEL. Each container in a pod must + have a unique name (DNS_LABEL). Cannot be + updated. + type: string + ports: + description: List of ports to expose from the + container. Not specifying a port here DOES + NOT prevent that port from being exposed. + Any port which is listening on the default + "0.0.0.0" address inside a container will + be accessible from the network. Modifying + this array with strategic merge patch may + corrupt the data. For more information See + https://github.com/kubernetes/kubernetes/issues/108255. + Cannot be updated. + items: + description: ContainerPort represents a network + port in a single container. + properties: + containerPort: + description: Number of port to expose + on the pod's IP address. This must be + a valid port number, 0 < x < 65536. + format: int32 + type: integer + hostIP: + description: What host IP to bind the + external port to. + type: string + hostPort: + description: Number of port to expose + on the host. If specified, this must + be a valid port number, 0 < x < 65536. + If HostNetwork is specified, this must + match ContainerPort. Most containers + do not need this. + format: int32 + type: integer + name: + description: If specified, this must be + an IANA_SVC_NAME and unique within the + pod. Each named port in a pod must have + a unique name. Name for the port that + can be referred to by services. + type: string + protocol: + default: TCP + description: Protocol for port. Must be + UDP, TCP, or SCTP. Defaults to "TCP". + type: string + required: + - containerPort + type: object + type: array + x-kubernetes-list-map-keys: + - containerPort + - protocol + x-kubernetes-list-type: map + readinessProbe: + description: 'Periodic probe of container service + readiness. Container will be removed from + service endpoints if the probe fails. Cannot + be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + properties: + exec: + description: Exec specifies the action to + take. + properties: + command: + description: Command is the command + line to execute inside the container, + the working directory for the command is + root ('/') in the container's filesystem. + The command is simply exec'd, it is + not run inside a shell, so traditional + shell instructions ('|', etc) won't + work. To use a shell, you need to + explicitly call out to that shell. + Exit status of 0 is treated as live/healthy + and non-zero is unhealthy. + items: + type: string + type: array + type: object + failureThreshold: + description: Minimum consecutive failures + for the probe to be considered failed + after having succeeded. Defaults to 3. + Minimum value is 1. + format: int32 + type: integer + grpc: + description: GRPC specifies an action involving + a GRPC port. + properties: + port: + description: Port number of the gRPC + service. Number must be in the range + 1 to 65535. + format: int32 + type: integer + service: + description: "Service is the name of + the service to place in the gRPC HealthCheckRequest + (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + \n If this is not specified, the default + behavior is defined by gRPC." + type: string + required: + - port + type: object + httpGet: + description: HTTPGet specifies the http + request to perform. + properties: + host: + description: Host name to connect to, + defaults to the pod IP. You probably + want to set "Host" in httpHeaders + instead. + type: string + httpHeaders: + description: Custom headers to set in + the request. HTTP allows repeated + headers. + items: + description: HTTPHeader describes + a custom header to be used in HTTP + probes + properties: + name: + description: The header field + name. This will be canonicalized + upon output, so case-variant + names will be understood as + the same header. + type: string + value: + description: The header field + value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP + server. + type: string + port: + anyOf: + - type: integer + - type: string + description: Name or number of the port + to access on the container. Number + must be in the range 1 to 65535. Name + must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: Scheme to use for connecting + to the host. Defaults to HTTP. + type: string + required: + - port + type: object + initialDelaySeconds: + description: 'Number of seconds after the + container has started before liveness + probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + periodSeconds: + description: How often (in seconds) to perform + the probe. Default to 10 seconds. Minimum + value is 1. + format: int32 + type: integer + successThreshold: + description: Minimum consecutive successes + for the probe to be considered successful + after having failed. Defaults to 1. Must + be 1 for liveness and startup. Minimum + value is 1. + format: int32 + type: integer + tcpSocket: + description: TCPSocket specifies an action + involving a TCP port. + properties: + host: + description: 'Optional: Host name to + connect to, defaults to the pod IP.' + type: string + port: + anyOf: + - type: integer + - type: string + description: Number or name of the port + to access on the container. Number + must be in the range 1 to 65535. Name + must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + terminationGracePeriodSeconds: + description: Optional duration in seconds + the pod needs to terminate gracefully + upon probe failure. The grace period is + the duration in seconds after the processes + running in the pod are sent a termination + signal and the time when the processes + are forcibly halted with a kill signal. + Set this value longer than the expected + cleanup time for your process. If this + value is nil, the pod's terminationGracePeriodSeconds + will be used. Otherwise, this value overrides + the value provided by the pod spec. Value + must be non-negative integer. The value + zero indicates stop immediately via the + kill signal (no opportunity to shut down). + This is a beta field and requires enabling + ProbeTerminationGracePeriod feature gate. + Minimum value is 1. spec.terminationGracePeriodSeconds + is used if unset. + format: int64 + type: integer + timeoutSeconds: + description: 'Number of seconds after which + the probe times out. Defaults to 1 second. + Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + type: object + resizePolicy: + description: Resources resize policy for the + container. + items: + description: ContainerResizePolicy represents + resource resize policy for the container. + properties: + resourceName: + description: 'Name of the resource to + which this resource resize policy applies. + Supported values: cpu, memory.' + type: string + restartPolicy: + description: Restart policy to apply when + specified resource is resized. If not + specified, it defaults to NotRequired. + type: string + required: + - resourceName + - restartPolicy + type: object + type: array + x-kubernetes-list-type: atomic + resources: + description: 'Compute Resources required by + this container. Cannot be updated. More info: + https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + properties: + claims: + description: "Claims lists the names of + resources, defined in spec.resourceClaims, + that are used by this container. \n This + is an alpha field and requires enabling + the DynamicResourceAllocation feature + gate. \n This field is immutable. It can + only be set for containers." + items: + description: ResourceClaim references + one entry in PodSpec.ResourceClaims. + properties: + name: + description: Name must match the name + of one entry in pod.spec.resourceClaims + of the Pod where this field is used. + It makes that resource available + inside a container. + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum + amount of compute resources allowed. More + info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum + amount of compute resources required. + If Requests is omitted for a container, + it defaults to Limits if that is explicitly + specified, otherwise to an implementation-defined + value. Requests cannot exceed Limits. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + type: object + restartPolicy: + description: 'RestartPolicy defines the restart + behavior of individual containers in a pod. + This field may only be set for init containers, + and the only allowed value is "Always". For + non-init containers or when this field is + not specified, the restart behavior is defined + by the Pod''s restart policy and the container + type. Setting the RestartPolicy as "Always" + for the init container will have the following + effect: this init container will be continually + restarted on exit until all regular containers + have terminated. Once all regular containers + have completed, all init containers with restartPolicy + "Always" will be shut down. This lifecycle + differs from normal init containers and is + often referred to as a "sidecar" container. + Although this init container still starts + in the init container sequence, it does not + wait for the container to complete before + proceeding to the next init container. Instead, + the next init container starts immediately + after this init container is started, or after + any startupProbe has successfully completed.' + type: string + securityContext: + description: 'SecurityContext defines the security + options the container should be run with. + If set, the fields of SecurityContext override + the equivalent fields of PodSecurityContext. + More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/' + properties: + allowPrivilegeEscalation: + description: 'AllowPrivilegeEscalation controls + whether a process can gain more privileges + than its parent process. This bool directly + controls if the no_new_privs flag will + be set on the container process. AllowPrivilegeEscalation + is true always when the container is: + 1) run as Privileged 2) has CAP_SYS_ADMIN + Note that this field cannot be set when + spec.os.name is windows.' + type: boolean + capabilities: + description: The capabilities to add/drop + when running containers. Defaults to the + default set of capabilities granted by + the container runtime. Note that this + field cannot be set when spec.os.name + is windows. + properties: + add: + description: Added capabilities + items: + description: Capability represent + POSIX capabilities type + type: string + type: array + drop: + description: Removed capabilities + items: + description: Capability represent + POSIX capabilities type + type: string + type: array + type: object + privileged: + description: Run container in privileged + mode. Processes in privileged containers + are essentially equivalent to root on + the host. Defaults to false. Note that + this field cannot be set when spec.os.name + is windows. + type: boolean + procMount: + description: procMount denotes the type + of proc mount to use for the containers. + The default is DefaultProcMount which + uses the container runtime defaults for + readonly paths and masked paths. This + requires the ProcMountType feature flag + to be enabled. Note that this field cannot + be set when spec.os.name is windows. + type: string + readOnlyRootFilesystem: + description: Whether this container has + a read-only root filesystem. Default is + false. Note that this field cannot be + set when spec.os.name is windows. + type: boolean + runAsGroup: + description: The GID to run the entrypoint + of the container process. Uses runtime + default if unset. May also be set in PodSecurityContext. If + set in both SecurityContext and PodSecurityContext, + the value specified in SecurityContext + takes precedence. Note that this field + cannot be set when spec.os.name is windows. + format: int64 + type: integer + runAsNonRoot: + description: Indicates that the container + must run as a non-root user. If true, + the Kubelet will validate the image at + runtime to ensure that it does not run + as UID 0 (root) and fail to start the + container if it does. If unset or false, + no such validation will be performed. + May also be set in PodSecurityContext. If + set in both SecurityContext and PodSecurityContext, + the value specified in SecurityContext + takes precedence. + type: boolean + runAsUser: + description: The UID to run the entrypoint + of the container process. Defaults to + user specified in image metadata if unspecified. + May also be set in PodSecurityContext. If + set in both SecurityContext and PodSecurityContext, + the value specified in SecurityContext + takes precedence. Note that this field + cannot be set when spec.os.name is windows. + format: int64 + type: integer + seLinuxOptions: + description: The SELinux context to be applied + to the container. If unspecified, the + container runtime will allocate a random + SELinux context for each container. May + also be set in PodSecurityContext. If + set in both SecurityContext and PodSecurityContext, + the value specified in SecurityContext + takes precedence. Note that this field + cannot be set when spec.os.name is windows. + properties: + level: + description: Level is SELinux level + label that applies to the container. + type: string + role: + description: Role is a SELinux role + label that applies to the container. + type: string + type: + description: Type is a SELinux type + label that applies to the container. + type: string + user: + description: User is a SELinux user + label that applies to the container. + type: string + type: object + seccompProfile: + description: The seccomp options to use + by this container. If seccomp options + are provided at both the pod & container + level, the container options override + the pod options. Note that this field + cannot be set when spec.os.name is windows. + properties: + localhostProfile: + description: localhostProfile indicates + a profile defined in a file on the + node should be used. The profile must + be preconfigured on the node to work. + Must be a descending path, relative + to the kubelet's configured seccomp + profile location. Must be set if type + is "Localhost". Must NOT be set for + any other type. + type: string + type: + description: "type indicates which kind + of seccomp profile will be applied. + Valid options are: \n Localhost - + a profile defined in a file on the + node should be used. RuntimeDefault + - the container runtime default profile + should be used. Unconfined - no profile + should be applied." + type: string + required: + - type + type: object + windowsOptions: + description: The Windows specific settings + applied to all containers. If unspecified, + the options from the PodSecurityContext + will be used. If set in both SecurityContext + and PodSecurityContext, the value specified + in SecurityContext takes precedence. Note + that this field cannot be set when spec.os.name + is linux. + properties: + gmsaCredentialSpec: + description: GMSACredentialSpec is where + the GMSA admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) + inlines the contents of the GMSA credential + spec named by the GMSACredentialSpecName + field. + type: string + gmsaCredentialSpecName: + description: GMSACredentialSpecName + is the name of the GMSA credential + spec to use. + type: string + hostProcess: + description: HostProcess determines + if a container should be run as a + 'Host Process' container. All of a + Pod's containers must have the same + effective HostProcess value (it is + not allowed to have a mix of HostProcess + containers and non-HostProcess containers). + In addition, if HostProcess is true + then HostNetwork must also be set + to true. + type: boolean + runAsUserName: + description: The UserName in Windows + to run the entrypoint of the container + process. Defaults to the user specified + in image metadata if unspecified. + May also be set in PodSecurityContext. + If set in both SecurityContext and + PodSecurityContext, the value specified + in SecurityContext takes precedence. + type: string + type: object + type: object + startupProbe: + description: 'StartupProbe indicates that the + Pod has successfully initialized. If specified, + no other probes are executed until this completes + successfully. If this probe fails, the Pod + will be restarted, just as if the livenessProbe + failed. This can be used to provide different + probe parameters at the beginning of a Pod''s + lifecycle, when it might take a long time + to load data or warm a cache, than during + steady-state operation. This cannot be updated. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + properties: + exec: + description: Exec specifies the action to + take. + properties: + command: + description: Command is the command + line to execute inside the container, + the working directory for the command is + root ('/') in the container's filesystem. + The command is simply exec'd, it is + not run inside a shell, so traditional + shell instructions ('|', etc) won't + work. To use a shell, you need to + explicitly call out to that shell. + Exit status of 0 is treated as live/healthy + and non-zero is unhealthy. + items: + type: string + type: array + type: object + failureThreshold: + description: Minimum consecutive failures + for the probe to be considered failed + after having succeeded. Defaults to 3. + Minimum value is 1. + format: int32 + type: integer + grpc: + description: GRPC specifies an action involving + a GRPC port. + properties: + port: + description: Port number of the gRPC + service. Number must be in the range + 1 to 65535. + format: int32 + type: integer + service: + description: "Service is the name of + the service to place in the gRPC HealthCheckRequest + (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + \n If this is not specified, the default + behavior is defined by gRPC." + type: string + required: + - port + type: object + httpGet: + description: HTTPGet specifies the http + request to perform. + properties: + host: + description: Host name to connect to, + defaults to the pod IP. You probably + want to set "Host" in httpHeaders + instead. + type: string + httpHeaders: + description: Custom headers to set in + the request. HTTP allows repeated + headers. + items: + description: HTTPHeader describes + a custom header to be used in HTTP + probes + properties: + name: + description: The header field + name. This will be canonicalized + upon output, so case-variant + names will be understood as + the same header. + type: string + value: + description: The header field + value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP + server. + type: string + port: + anyOf: + - type: integer + - type: string + description: Name or number of the port + to access on the container. Number + must be in the range 1 to 65535. Name + must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: Scheme to use for connecting + to the host. Defaults to HTTP. + type: string + required: + - port + type: object + initialDelaySeconds: + description: 'Number of seconds after the + container has started before liveness + probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + periodSeconds: + description: How often (in seconds) to perform + the probe. Default to 10 seconds. Minimum + value is 1. + format: int32 + type: integer + successThreshold: + description: Minimum consecutive successes + for the probe to be considered successful + after having failed. Defaults to 1. Must + be 1 for liveness and startup. Minimum + value is 1. + format: int32 + type: integer + tcpSocket: + description: TCPSocket specifies an action + involving a TCP port. + properties: + host: + description: 'Optional: Host name to + connect to, defaults to the pod IP.' + type: string + port: + anyOf: + - type: integer + - type: string + description: Number or name of the port + to access on the container. Number + must be in the range 1 to 65535. Name + must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + terminationGracePeriodSeconds: + description: Optional duration in seconds + the pod needs to terminate gracefully + upon probe failure. The grace period is + the duration in seconds after the processes + running in the pod are sent a termination + signal and the time when the processes + are forcibly halted with a kill signal. + Set this value longer than the expected + cleanup time for your process. If this + value is nil, the pod's terminationGracePeriodSeconds + will be used. Otherwise, this value overrides + the value provided by the pod spec. Value + must be non-negative integer. The value + zero indicates stop immediately via the + kill signal (no opportunity to shut down). + This is a beta field and requires enabling + ProbeTerminationGracePeriod feature gate. + Minimum value is 1. spec.terminationGracePeriodSeconds + is used if unset. + format: int64 + type: integer + timeoutSeconds: + description: 'Number of seconds after which + the probe times out. Defaults to 1 second. + Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + type: object + stdin: + description: Whether this container should allocate + a buffer for stdin in the container runtime. + If this is not set, reads from stdin in the + container will always result in EOF. Default + is false. + type: boolean + stdinOnce: + description: Whether the container runtime should + close the stdin channel after it has been + opened by a single attach. When stdin is true + the stdin stream will remain open across multiple + attach sessions. If stdinOnce is set to true, + stdin is opened on container start, is empty + until the first client attaches to stdin, + and then remains open and accepts data until + the client disconnects, at which time stdin + is closed and remains closed until the container + is restarted. If this flag is false, a container + processes that reads from stdin will never + receive an EOF. Default is false + type: boolean + terminationMessagePath: + description: 'Optional: Path at which the file + to which the container''s termination message + will be written is mounted into the container''s + filesystem. Message written is intended to + be brief final status, such as an assertion + failure message. Will be truncated by the + node if greater than 4096 bytes. The total + message length across all containers will + be limited to 12kb. Defaults to /dev/termination-log. + Cannot be updated.' + type: string + terminationMessagePolicy: + description: Indicate how the termination message + should be populated. File will use the contents + of terminationMessagePath to populate the + container status message on both success and + failure. FallbackToLogsOnError will use the + last chunk of container log output if the + termination message file is empty and the + container exited with an error. The log output + is limited to 2048 bytes or 80 lines, whichever + is smaller. Defaults to File. Cannot be updated. + type: string + tty: + description: Whether this container should allocate + a TTY for itself, also requires 'stdin' to + be true. Default is false. + type: boolean + volumeDevices: + description: volumeDevices is the list of block + devices to be used by the container. + items: + description: volumeDevice describes a mapping + of a raw block device within a container. + properties: + devicePath: + description: devicePath is the path inside + of the container that the device will + be mapped to. + type: string + name: + description: name must match the name + of a persistentVolumeClaim in the pod + type: string + required: + - devicePath + - name + type: object + type: array + volumeMounts: + description: Pod volumes to mount into the container's + filesystem. Cannot be updated. + items: + description: VolumeMount describes a mounting + of a Volume within a container. + properties: + mountPath: + description: Path within the container + at which the volume should be mounted. Must + not contain ':'. + type: string + mountPropagation: + description: mountPropagation determines + how mounts are propagated from the host + to container and the other way around. + When not set, MountPropagationNone is + used. This field is beta in 1.10. + type: string + name: + description: This must match the Name + of a Volume. + type: string + readOnly: + description: Mounted read-only if true, + read-write otherwise (false or unspecified). + Defaults to false. + type: boolean + subPath: + description: Path within the volume from + which the container's volume should + be mounted. Defaults to "" (volume's + root). + type: string + subPathExpr: + description: Expanded path within the + volume from which the container's volume + should be mounted. Behaves similarly + to SubPath but environment variable + references $(VAR_NAME) are expanded + using the container's environment. Defaults + to "" (volume's root). SubPathExpr and + SubPath are mutually exclusive. + type: string + required: + - mountPath + - name + type: object + type: array + workingDir: + description: Container's working directory. + If not specified, the container runtime's + default will be used, which might be configured + in the container image. Cannot be updated. + type: string + required: + - name + type: object + type: array + nodeName: + description: NodeName is a request to schedule this + pod onto a specific node. If it is non-empty, the + scheduler simply schedules this pod onto that node, + assuming that it fits resource requirements. + type: string + nodeSelector: + additionalProperties: + type: string + description: 'NodeSelector is a selector which must + be true for the pod to fit on a node. Selector which + must match a node''s labels for the pod to be scheduled + on that node. More info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/' + type: object + x-kubernetes-map-type: atomic + os: + description: "Specifies the OS of the containers in + the pod. Some pod and container fields are restricted + if this is set. \n If the OS field is set to linux, + the following fields must be unset: -securityContext.windowsOptions + \n If the OS field is set to windows, following + fields must be unset: - spec.hostPID - spec.hostIPC + - spec.hostUsers - spec.securityContext.seLinuxOptions + - spec.securityContext.seccompProfile - spec.securityContext.fsGroup + - spec.securityContext.fsGroupChangePolicy - spec.securityContext.sysctls + - spec.shareProcessNamespace - spec.securityContext.runAsUser + - spec.securityContext.runAsGroup - spec.securityContext.supplementalGroups + - spec.containers[*].securityContext.seLinuxOptions + - spec.containers[*].securityContext.seccompProfile + - spec.containers[*].securityContext.capabilities + - spec.containers[*].securityContext.readOnlyRootFilesystem + - spec.containers[*].securityContext.privileged + - spec.containers[*].securityContext.allowPrivilegeEscalation + - spec.containers[*].securityContext.procMount - + spec.containers[*].securityContext.runAsUser - spec.containers[*].securityContext.runAsGroup" + properties: + name: + description: 'Name is the name of the operating + system. The currently supported values are linux + and windows. Additional value may be defined + in future and can be one of: https://github.com/opencontainers/runtime-spec/blob/master/config.md#platform-specific-configuration + Clients should expect to handle additional values + and treat unrecognized values in this field + as os: null' + type: string + required: + - name + type: object + overhead: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Overhead represents the resource overhead + associated with running a pod for a given RuntimeClass. + This field will be autopopulated at admission time + by the RuntimeClass admission controller. If the + RuntimeClass admission controller is enabled, overhead + must not be set in Pod create requests. The RuntimeClass + admission controller will reject Pod create requests + which have the overhead already set. If RuntimeClass + is configured and selected in the PodSpec, Overhead + will be set to the value defined in the corresponding + RuntimeClass, otherwise it will remain unset and + treated as zero. More info: https://git.k8s.io/enhancements/keps/sig-node/688-pod-overhead/README.md' + type: object + preemptionPolicy: + description: PreemptionPolicy is the Policy for preempting + pods with lower priority. One of Never, PreemptLowerPriority. + Defaults to PreemptLowerPriority if unset. + type: string + priority: + description: The priority value. Various system components + use this field to find the priority of the pod. + When Priority Admission Controller is enabled, it + prevents users from setting this field. The admission + controller populates this field from PriorityClassName. + The higher the value, the higher the priority. + format: int32 + type: integer + priorityClassName: + description: If specified, indicates the pod's priority. + "system-node-critical" and "system-cluster-critical" + are two special keywords which indicate the highest + priorities with the former being the highest priority. + Any other name must be defined by creating a PriorityClass + object with that name. If not specified, the pod + priority will be default or zero if there is no + default. + type: string + readinessGates: + description: 'If specified, all readiness gates will + be evaluated for pod readiness. A pod is ready when + all its containers are ready AND all conditions + specified in the readiness gates have status equal + to "True" More info: https://git.k8s.io/enhancements/keps/sig-network/580-pod-readiness-gates' + items: + description: PodReadinessGate contains the reference + to a pod condition + properties: + conditionType: + description: ConditionType refers to a condition + in the pod's condition list with matching + type. + type: string + required: + - conditionType + type: object + type: array + restartPolicy: + description: RestartPolicy describes how the container + should be restarted. Only one of the following restart + policies may be specified. If none of the following + policies is specified, the default one is RestartPolicyAlways. + type: string + runtimeClassName: + description: 'RuntimeClassName refers to a RuntimeClass + object in the node.k8s.io group, which should be + used to run this pod. If no RuntimeClass resource + matches the named class, the pod will not be run. + If unset or empty, the "legacy" RuntimeClass will + be used, which is an implicit class with an empty + definition that uses the default runtime handler. + More info: https://git.k8s.io/enhancements/keps/sig-node/585-runtime-class' + type: string + schedulerName: + description: If specified, the pod will be dispatched + by specified scheduler. If not specified, the pod + will be dispatched by default scheduler. + type: string + securityContext: + description: 'SecurityContext holds pod-level security + attributes and common container settings. Optional: + Defaults to empty. See type description for default + values of each field.' + properties: + fsGroup: + description: "A special supplemental group that + applies to all containers in a pod. Some volume + types allow the Kubelet to change the ownership + of that volume to be owned by the pod: \n 1. + The owning GID will be the FSGroup 2. The setgid + bit is set (new files created in the volume + will be owned by FSGroup) 3. The permission + bits are OR'd with rw-rw---- \n If unset, the + Kubelet will not modify the ownership and permissions + of any volume. Note that this field cannot be + set when spec.os.name is windows." + format: int64 + type: integer + fsGroupChangePolicy: + description: 'fsGroupChangePolicy defines behavior + of changing ownership and permission of the + volume before being exposed inside Pod. This + field will only apply to volume types which + support fsGroup based ownership(and permissions). + It will have no effect on ephemeral volume types + such as: secret, configmaps and emptydir. Valid + values are "OnRootMismatch" and "Always". If + not specified, "Always" is used. Note that this + field cannot be set when spec.os.name is windows.' + type: string + runAsGroup: + description: The GID to run the entrypoint of + the container process. Uses runtime default + if unset. May also be set in SecurityContext. If + set in both SecurityContext and PodSecurityContext, + the value specified in SecurityContext takes + precedence for that container. Note that this + field cannot be set when spec.os.name is windows. + format: int64 + type: integer + runAsNonRoot: + description: Indicates that the container must + run as a non-root user. If true, the Kubelet + will validate the image at runtime to ensure + that it does not run as UID 0 (root) and fail + to start the container if it does. If unset + or false, no such validation will be performed. + May also be set in SecurityContext. If set + in both SecurityContext and PodSecurityContext, + the value specified in SecurityContext takes + precedence. + type: boolean + runAsUser: + description: The UID to run the entrypoint of + the container process. Defaults to user specified + in image metadata if unspecified. May also be + set in SecurityContext. If set in both SecurityContext + and PodSecurityContext, the value specified + in SecurityContext takes precedence for that + container. Note that this field cannot be set + when spec.os.name is windows. + format: int64 + type: integer + seLinuxOptions: + description: The SELinux context to be applied + to all containers. If unspecified, the container + runtime will allocate a random SELinux context + for each container. May also be set in SecurityContext. If + set in both SecurityContext and PodSecurityContext, + the value specified in SecurityContext takes + precedence for that container. Note that this + field cannot be set when spec.os.name is windows. + properties: + level: + description: Level is SELinux level label + that applies to the container. + type: string + role: + description: Role is a SELinux role label + that applies to the container. + type: string + type: + description: Type is a SELinux type label + that applies to the container. + type: string + user: + description: User is a SELinux user label + that applies to the container. + type: string + type: object + seccompProfile: + description: The seccomp options to use by the + containers in this pod. Note that this field + cannot be set when spec.os.name is windows. + properties: + localhostProfile: + description: localhostProfile indicates a + profile defined in a file on the node should + be used. The profile must be preconfigured + on the node to work. Must be a descending + path, relative to the kubelet's configured + seccomp profile location. Must be set if + type is "Localhost". Must NOT be set for + any other type. + type: string + type: + description: "type indicates which kind of + seccomp profile will be applied. Valid options + are: \n Localhost - a profile defined in + a file on the node should be used. RuntimeDefault + - the container runtime default profile + should be used. Unconfined - no profile + should be applied." + type: string + required: + - type + type: object + supplementalGroups: + description: A list of groups applied to the first + process run in each container, in addition to + the container's primary GID, the fsGroup (if + specified), and group memberships defined in + the container image for the uid of the container + process. If unspecified, no additional groups + are added to any container. Note that group + memberships defined in the container image for + the uid of the container process are still effective, + even if they are not included in this list. + Note that this field cannot be set when spec.os.name + is windows. + items: + format: int64 + type: integer + type: array + sysctls: + description: Sysctls hold a list of namespaced + sysctls used for the pod. Pods with unsupported + sysctls (by the container runtime) might fail + to launch. Note that this field cannot be set + when spec.os.name is windows. + items: + description: Sysctl defines a kernel parameter + to be set + properties: + name: + description: Name of a property to set + type: string + value: + description: Value of a property to set + type: string + required: + - name + - value + type: object + type: array + windowsOptions: + description: The Windows specific settings applied + to all containers. If unspecified, the options + within a container's SecurityContext will be + used. If set in both SecurityContext and PodSecurityContext, + the value specified in SecurityContext takes + precedence. Note that this field cannot be set + when spec.os.name is linux. + properties: + gmsaCredentialSpec: + description: GMSACredentialSpec is where the + GMSA admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) + inlines the contents of the GMSA credential + spec named by the GMSACredentialSpecName + field. + type: string + gmsaCredentialSpecName: + description: GMSACredentialSpecName is the + name of the GMSA credential spec to use. + type: string + hostProcess: + description: HostProcess determines if a container + should be run as a 'Host Process' container. + All of a Pod's containers must have the + same effective HostProcess value (it is + not allowed to have a mix of HostProcess + containers and non-HostProcess containers). + In addition, if HostProcess is true then + HostNetwork must also be set to true. + type: boolean + runAsUserName: + description: The UserName in Windows to run + the entrypoint of the container process. + Defaults to the user specified in image + metadata if unspecified. May also be set + in PodSecurityContext. If set in both SecurityContext + and PodSecurityContext, the value specified + in SecurityContext takes precedence. + type: string + type: object + type: object + serviceAccount: + description: 'DeprecatedServiceAccount is a depreciated + alias for ServiceAccountName. Deprecated: Use serviceAccountName + instead.' + type: string + serviceAccountName: + description: 'ServiceAccountName is the name of the + ServiceAccount to use to run this pod. More info: + https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/' + type: string + setHostnameAsFQDN: + description: If true the pod's hostname will be configured + as the pod's FQDN, rather than the leaf name (the + default). In Linux containers, this means setting + the FQDN in the hostname field of the kernel (the + nodename field of struct utsname). In Windows containers, + this means setting the registry value of hostname + for the registry key HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Services\\Tcpip\\Parameters + to FQDN. If a pod does not have FQDN, this has no + effect. Default to false. + type: boolean + shareProcessNamespace: + description: 'Share a single process namespace between + all of the containers in a pod. When this is set + containers will be able to view and signal processes + from other containers in the same pod, and the first + process in each container will not be assigned PID + 1. HostPID and ShareProcessNamespace cannot both + be set. Optional: Default to false.' + type: boolean + subdomain: + description: If specified, the fully qualified Pod + hostname will be "...svc.". If not specified, the pod will not have + a domainname at all. + type: string + terminationGracePeriodSeconds: + format: int64 + type: integer + tolerations: + description: If specified, the pod's tolerations. + items: + description: The pod this Toleration is attached + to tolerates any taint that matches the triple + using the matching operator + . + properties: + effect: + description: Effect indicates the taint effect + to match. Empty means match all taint effects. + When specified, allowed values are NoSchedule, + PreferNoSchedule and NoExecute. + type: string + key: + description: Key is the taint key that the toleration + applies to. Empty means match all taint keys. + If the key is empty, operator must be Exists; + this combination means to match all values + and all keys. + type: string + operator: + description: Operator represents a key's relationship + to the value. Valid operators are Exists and + Equal. Defaults to Equal. Exists is equivalent + to wildcard for value, so that a pod can tolerate + all taints of a particular category. + type: string + tolerationSeconds: + description: TolerationSeconds represents the + period of time the toleration (which must + be of effect NoExecute, otherwise this field + is ignored) tolerates the taint. By default, + it is not set, which means tolerate the taint + forever (do not evict). Zero and negative + values will be treated as 0 (evict immediately) + by the system. + format: int64 + type: integer + value: + description: Value is the taint value the toleration + matches to. If the operator is Exists, the + value should be empty, otherwise just a regular + string. + type: string + type: object + type: array + topologySpreadConstraints: + description: TopologySpreadConstraints describes how + a group of pods ought to spread across topology + domains. Scheduler will schedule pods in a way which + abides by the constraints. All topologySpreadConstraints + are ANDed. + items: + description: TopologySpreadConstraint specifies + how to spread matching pods among the given topology. + properties: + labelSelector: + description: LabelSelector is used to find matching + pods. Pods that match this label selector + are counted to determine the number of pods + in their corresponding topology domain. + properties: + matchExpressions: + description: matchExpressions is a list + of label selector requirements. The requirements + are ANDed. + items: + description: A label selector requirement + is a selector that contains values, + a key, and an operator that relates + the key and values. + properties: + key: + description: key is the label key + that the selector applies to. + type: string + operator: + description: operator represents a + key's relationship to a set of values. + Valid operators are In, NotIn, Exists + and DoesNotExist. + type: string + values: + description: values is an array of + string values. If the operator is + In or NotIn, the values array must + be non-empty. If the operator is + Exists or DoesNotExist, the values + array must be empty. This array + is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator + is "In", and the values array contains + only "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + matchLabelKeys: + description: "MatchLabelKeys is a set of pod + label keys to select the pods over which spreading + will be calculated. The keys are used to lookup + values from the incoming pod labels, those + key-value labels are ANDed with labelSelector + to select the group of existing pods over + which spreading will be calculated for the + incoming pod. The same key is forbidden to + exist in both MatchLabelKeys and LabelSelector. + MatchLabelKeys cannot be set when LabelSelector + isn't set. Keys that don't exist in the incoming + pod labels will be ignored. A null or empty + list means only match against labelSelector. + \n This is a beta field and requires the MatchLabelKeysInPodTopologySpread + feature gate to be enabled (enabled by default)." + items: + type: string + type: array + x-kubernetes-list-type: atomic + maxSkew: + description: 'MaxSkew describes the degree to + which pods may be unevenly distributed. When + `whenUnsatisfiable=DoNotSchedule`, it is the + maximum permitted difference between the number + of matching pods in the target topology and + the global minimum. The global minimum is + the minimum number of matching pods in an + eligible domain or zero if the number of eligible + domains is less than MinDomains. For example, + in a 3-zone cluster, MaxSkew is set to 1, + and pods with the same labelSelector spread + as 2/2/1: In this case, the global minimum + is 1. | zone1 | zone2 | zone3 | | P P | P + P | P | - if MaxSkew is 1, incoming pod + can only be scheduled to zone3 to become 2/2/2; + scheduling it onto zone1(zone2) would make + the ActualSkew(3-1) on zone1(zone2) violate + MaxSkew(1). - if MaxSkew is 2, incoming pod + can be scheduled onto any zone. When `whenUnsatisfiable=ScheduleAnyway`, + it is used to give higher precedence to topologies + that satisfy it. It''s a required field. Default + value is 1 and 0 is not allowed.' + format: int32 + type: integer + minDomains: + description: "MinDomains indicates a minimum + number of eligible domains. When the number + of eligible domains with matching topology + keys is less than minDomains, Pod Topology + Spread treats \"global minimum\" as 0, and + then the calculation of Skew is performed. + And when the number of eligible domains with + matching topology keys equals or greater than + minDomains, this value has no effect on scheduling. + As a result, when the number of eligible domains + is less than minDomains, scheduler won't schedule + more than maxSkew Pods to those domains. If + value is nil, the constraint behaves as if + MinDomains is equal to 1. Valid values are + integers greater than 0. When value is not + nil, WhenUnsatisfiable must be DoNotSchedule. + \n For example, in a 3-zone cluster, MaxSkew + is set to 2, MinDomains is set to 5 and pods + with the same labelSelector spread as 2/2/2: + | zone1 | zone2 | zone3 | | P P | P P | + \ P P | The number of domains is less than + 5(MinDomains), so \"global minimum\" is treated + as 0. In this situation, new pod with the + same labelSelector cannot be scheduled, because + computed skew will be 3(3 - 0) if new Pod + is scheduled to any of the three zones, it + will violate MaxSkew. \n This is a beta field + and requires the MinDomainsInPodTopologySpread + feature gate to be enabled (enabled by default)." + format: int32 + type: integer + nodeAffinityPolicy: + description: "NodeAffinityPolicy indicates how + we will treat Pod's nodeAffinity/nodeSelector + when calculating pod topology spread skew. + Options are: - Honor: only nodes matching + nodeAffinity/nodeSelector are included in + the calculations. - Ignore: nodeAffinity/nodeSelector + are ignored. All nodes are included in the + calculations. \n If this value is nil, the + behavior is equivalent to the Honor policy. + This is a beta-level feature default enabled + by the NodeInclusionPolicyInPodTopologySpread + feature flag." + type: string + nodeTaintsPolicy: + description: "NodeTaintsPolicy indicates how + we will treat node taints when calculating + pod topology spread skew. Options are: - Honor: + nodes without taints, along with tainted nodes + for which the incoming pod has a toleration, + are included. - Ignore: node taints are ignored. + All nodes are included. \n If this value is + nil, the behavior is equivalent to the Ignore + policy. This is a beta-level feature default + enabled by the NodeInclusionPolicyInPodTopologySpread + feature flag." + type: string + topologyKey: + description: TopologyKey is the key of node + labels. Nodes that have a label with this + key and identical values are considered to + be in the same topology. We consider each + as a "bucket", and try to put + balanced number of pods into each bucket. + We define a domain as a particular instance + of a topology. Also, we define an eligible + domain as a domain whose nodes meet the requirements + of nodeAffinityPolicy and nodeTaintsPolicy. + e.g. If TopologyKey is "kubernetes.io/hostname", + each Node is a domain of that topology. And, + if TopologyKey is "topology.kubernetes.io/zone", + each zone is a domain of that topology. It's + a required field. + type: string + whenUnsatisfiable: + description: 'WhenUnsatisfiable indicates how + to deal with a pod if it doesn''t satisfy + the spread constraint. - DoNotSchedule (default) + tells the scheduler not to schedule it. - + ScheduleAnyway tells the scheduler to schedule + the pod in any location, but giving higher + precedence to topologies that would help reduce + the skew. A constraint is considered "Unsatisfiable" + for an incoming pod if and only if every possible + node assignment for that pod would violate + "MaxSkew" on some topology. For example, in + a 3-zone cluster, MaxSkew is set to 1, and + pods with the same labelSelector spread as + 3/1/1: | zone1 | zone2 | zone3 | | P P P | P | P | + If WhenUnsatisfiable is set to DoNotSchedule, + incoming pod can only be scheduled to zone2(zone3) + to become 3/2/1(3/1/2) as ActualSkew(2-1) + on zone2(zone3) satisfies MaxSkew(1). In other + words, the cluster can still be imbalanced, + but scheduler won''t make it *more* imbalanced. + It''s a required field.' + type: string + required: + - maxSkew + - topologyKey + - whenUnsatisfiable + type: object + type: array + x-kubernetes-list-map-keys: + - topologyKey + - whenUnsatisfiable + x-kubernetes-list-type: map + volumes: + items: + description: Volume represents a named volume in + a pod that may be accessed by any container in + the pod. + properties: + awsElasticBlockStore: + description: 'awsElasticBlockStore represents + an AWS Disk resource that is attached to a + kubelet''s host machine and then exposed to + the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' + properties: + fsType: + description: 'fsType is the filesystem type + of the volume that you want to mount. + Tip: Ensure that the filesystem type is + supported by the host operating system. + Examples: "ext4", "xfs", "ntfs". Implicitly + inferred to be "ext4" if unspecified. + More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore + TODO: how do we prevent errors in the + filesystem from compromising the machine' + type: string + partition: + description: 'partition is the partition + in the volume that you want to mount. + If omitted, the default is to mount by + volume name. Examples: For volume /dev/sda1, + you specify the partition as "1". Similarly, + the volume partition for /dev/sda is "0" + (or you can leave the property empty).' + format: int32 + type: integer + readOnly: + description: 'readOnly value true will force + the readOnly setting in VolumeMounts. + More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' + type: boolean + volumeID: + description: 'volumeID is unique ID of the + persistent disk resource in AWS (Amazon + EBS volume). More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' + type: string + required: + - volumeID + type: object + azureDisk: + description: azureDisk represents an Azure Data + Disk mount on the host and bind mount to the + pod. + properties: + cachingMode: + description: 'cachingMode is the Host Caching + mode: None, Read Only, Read Write.' + type: string + diskName: + description: diskName is the Name of the + data disk in the blob storage + type: string + diskURI: + description: diskURI is the URI of data + disk in the blob storage + type: string + fsType: + description: fsType is Filesystem type to + mount. Must be a filesystem type supported + by the host operating system. Ex. "ext4", + "xfs", "ntfs". Implicitly inferred to + be "ext4" if unspecified. + type: string + kind: + description: 'kind expected values are Shared: + multiple blob disks per storage account Dedicated: + single blob disk per storage account Managed: + azure managed data disk (only in managed + availability set). defaults to shared' + type: string + readOnly: + description: readOnly Defaults to false + (read/write). ReadOnly here will force + the ReadOnly setting in VolumeMounts. + type: boolean + required: + - diskName + - diskURI + type: object + azureFile: + description: azureFile represents an Azure File + Service mount on the host and bind mount to + the pod. + properties: + readOnly: + description: readOnly defaults to false + (read/write). ReadOnly here will force + the ReadOnly setting in VolumeMounts. + type: boolean + secretName: + description: secretName is the name of + secret that contains Azure Storage Account + Name and Key + type: string + shareName: + description: shareName is the azure share + Name + type: string + required: + - secretName + - shareName + type: object + cephfs: + description: cephFS represents a Ceph FS mount + on the host that shares a pod's lifetime + properties: + monitors: + description: 'monitors is Required: Monitors + is a collection of Ceph monitors More + info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' + items: + type: string + type: array + path: + description: 'path is Optional: Used as + the mounted root, rather than the full + Ceph tree, default is /' + type: string + readOnly: + description: 'readOnly is Optional: Defaults + to false (read/write). ReadOnly here will + force the ReadOnly setting in VolumeMounts. + More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' + type: boolean + secretFile: + description: 'secretFile is Optional: SecretFile + is the path to key ring for User, default + is /etc/ceph/user.secret More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' + type: string + secretRef: + description: 'secretRef is Optional: SecretRef + is reference to the authentication secret + for User, default is empty. More info: + https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' + properties: + name: + description: 'Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + type: object + x-kubernetes-map-type: atomic + user: + description: 'user is optional: User is + the rados user name, default is admin + More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' + type: string + required: + - monitors + type: object + cinder: + description: 'cinder represents a cinder volume + attached and mounted on kubelets host machine. + More info: https://examples.k8s.io/mysql-cinder-pd/README.md' + properties: + fsType: + description: 'fsType is the filesystem type + to mount. Must be a filesystem type supported + by the host operating system. Examples: + "ext4", "xfs", "ntfs". Implicitly inferred + to be "ext4" if unspecified. More info: + https://examples.k8s.io/mysql-cinder-pd/README.md' + type: string + readOnly: + description: 'readOnly defaults to false + (read/write). ReadOnly here will force + the ReadOnly setting in VolumeMounts. + More info: https://examples.k8s.io/mysql-cinder-pd/README.md' + type: boolean + secretRef: + description: 'secretRef is optional: points + to a secret object containing parameters + used to connect to OpenStack.' + properties: + name: + description: 'Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + type: object + x-kubernetes-map-type: atomic + volumeID: + description: 'volumeID used to identify + the volume in cinder. More info: https://examples.k8s.io/mysql-cinder-pd/README.md' + type: string + required: + - volumeID + type: object + configMap: + description: configMap represents a configMap + that should populate this volume + properties: + defaultMode: + description: 'defaultMode is optional: mode + bits used to set permissions on created + files by default. Must be an octal value + between 0000 and 0777 or a decimal value + between 0 and 511. YAML accepts both octal + and decimal values, JSON requires decimal + values for mode bits. Defaults to 0644. + Directories within the path are not affected + by this setting. This might be in conflict + with other options that affect the file + mode, like fsGroup, and the result can + be other mode bits set.' + format: int32 + type: integer + items: + description: items if unspecified, each + key-value pair in the Data field of the + referenced ConfigMap will be projected + into the volume as a file whose name is + the key and content is the value. If specified, + the listed keys will be projected into + the specified paths, and unlisted keys + will not be present. If a key is specified + which is not present in the ConfigMap, + the volume setup will error unless it + is marked optional. Paths must be relative + and may not contain the '..' path or start + with '..'. + items: + description: Maps a string key to a path + within a volume. + properties: + key: + description: key is the key to project. + type: string + mode: + description: 'mode is Optional: mode + bits used to set permissions on + this file. Must be an octal value + between 0000 and 0777 or a decimal + value between 0 and 511. YAML accepts + both octal and decimal values, JSON + requires decimal values for mode + bits. If not specified, the volume + defaultMode will be used. This might + be in conflict with other options + that affect the file mode, like + fsGroup, and the result can be other + mode bits set.' + format: int32 + type: integer + path: + description: path is the relative + path of the file to map the key + to. May not be an absolute path. + May not contain the path element + '..'. May not start with the string + '..'. + type: string + required: + - key + - path + type: object + type: array + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: optional specify whether the + ConfigMap or its keys must be defined + type: boolean + type: object + x-kubernetes-map-type: atomic + csi: + description: csi (Container Storage Interface) + represents ephemeral storage that is handled + by certain external CSI drivers (Beta feature). + properties: + driver: + description: driver is the name of the CSI + driver that handles this volume. Consult + with your admin for the correct name as + registered in the cluster. + type: string + fsType: + description: fsType to mount. Ex. "ext4", + "xfs", "ntfs". If not provided, the empty + value is passed to the associated CSI + driver which will determine the default + filesystem to apply. + type: string + nodePublishSecretRef: + description: nodePublishSecretRef is a reference + to the secret object containing sensitive + information to pass to the CSI driver + to complete the CSI NodePublishVolume + and NodeUnpublishVolume calls. This field + is optional, and may be empty if no secret + is required. If the secret object contains + more than one secret, all secret references + are passed. + properties: + name: + description: 'Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + type: object + x-kubernetes-map-type: atomic + readOnly: + description: readOnly specifies a read-only + configuration for the volume. Defaults + to false (read/write). + type: boolean + volumeAttributes: + additionalProperties: + type: string + description: volumeAttributes stores driver-specific + properties that are passed to the CSI + driver. Consult your driver's documentation + for supported values. + type: object + required: + - driver + type: object + downwardAPI: + description: downwardAPI represents downward + API about the pod that should populate this + volume + properties: + defaultMode: + description: 'Optional: mode bits to use + on created files by default. Must be a + Optional: mode bits used to set permissions + on created files by default. Must be an + octal value between 0000 and 0777 or a + decimal value between 0 and 511. YAML + accepts both octal and decimal values, + JSON requires decimal values for mode + bits. Defaults to 0644. Directories within + the path are not affected by this setting. + This might be in conflict with other options + that affect the file mode, like fsGroup, + and the result can be other mode bits + set.' + format: int32 + type: integer + items: + description: Items is a list of downward + API volume file + items: + description: DownwardAPIVolumeFile represents + information to create the file containing + the pod field + properties: + fieldRef: + description: 'Required: Selects a + field of the pod: only annotations, + labels, name and namespace are supported.' + properties: + apiVersion: + description: Version of the schema + the FieldPath is written in + terms of, defaults to "v1". + type: string + fieldPath: + description: Path of the field + to select in the specified API + version. + type: string + required: + - fieldPath + type: object + x-kubernetes-map-type: atomic + mode: + description: 'Optional: mode bits + used to set permissions on this + file, must be an octal value between + 0000 and 0777 or a decimal value + between 0 and 511. YAML accepts + both octal and decimal values, JSON + requires decimal values for mode + bits. If not specified, the volume + defaultMode will be used. This might + be in conflict with other options + that affect the file mode, like + fsGroup, and the result can be other + mode bits set.' + format: int32 + type: integer + path: + description: 'Required: Path is the + relative path name of the file to + be created. Must not be absolute + or contain the ''..'' path. Must + be utf-8 encoded. The first item + of the relative path must not start + with ''..''' + type: string + resourceFieldRef: + description: 'Selects a resource of + the container: only resources limits + and requests (limits.cpu, limits.memory, + requests.cpu and requests.memory) + are currently supported.' + properties: + containerName: + description: 'Container name: + required for volumes, optional + for env vars' + type: string + divisor: + anyOf: + - type: integer + - type: string + description: Specifies the output + format of the exposed resources, + defaults to "1" + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + description: 'Required: resource + to select' + type: string + required: + - resource + type: object + x-kubernetes-map-type: atomic + required: + - path + type: object + type: array + type: object + emptyDir: + description: 'emptyDir represents a temporary + directory that shares a pod''s lifetime. More + info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' + properties: + medium: + description: 'medium represents what type + of storage medium should back this directory. + The default is "" which means to use the + node''s default medium. Must be an empty + string (default) or Memory. More info: + https://kubernetes.io/docs/concepts/storage/volumes#emptydir' + type: string + sizeLimit: + anyOf: + - type: integer + - type: string + description: 'sizeLimit is the total amount + of local storage required for this EmptyDir + volume. The size limit is also applicable + for memory medium. The maximum usage on + memory medium EmptyDir would be the minimum + value between the SizeLimit specified + here and the sum of memory limits of all + containers in a pod. The default is nil + which means that the limit is undefined. + More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + ephemeral: + description: "ephemeral represents a volume + that is handled by a cluster storage driver. + The volume's lifecycle is tied to the pod + that defines it - it will be created before + the pod starts, and deleted when the pod is + removed. \n Use this if: a) the volume is + only needed while the pod runs, b) features + of normal volumes like restoring from snapshot + or capacity tracking are needed, c) the storage + driver is specified through a storage class, + and d) the storage driver supports dynamic + volume provisioning through a PersistentVolumeClaim + (see EphemeralVolumeSource for more information + on the connection between this volume type + and PersistentVolumeClaim). \n Use PersistentVolumeClaim + or one of the vendor-specific APIs for volumes + that persist for longer than the lifecycle + of an individual pod. \n Use CSI for light-weight + local ephemeral volumes if the CSI driver + is meant to be used that way - see the documentation + of the driver for more information. \n A pod + can use both types of ephemeral volumes and + persistent volumes at the same time." + properties: + volumeClaimTemplate: + description: "Will be used to create a stand-alone + PVC to provision the volume. The pod in + which this EphemeralVolumeSource is embedded + will be the owner of the PVC, i.e. the + PVC will be deleted together with the + pod. The name of the PVC will be `-` where `` + is the name from the `PodSpec.Volumes` + array entry. Pod validation will reject + the pod if the concatenated name is not + valid for a PVC (for example, too long). + \n An existing PVC with that name that + is not owned by the pod will *not* be + used for the pod to avoid using an unrelated + volume by mistake. Starting the pod is + then blocked until the unrelated PVC is + removed. If such a pre-created PVC is + meant to be used by the pod, the PVC has + to updated with an owner reference to + the pod once the pod exists. Normally + this should not be necessary, but it may + be useful when manually reconstructing + a broken cluster. \n This field is read-only + and no changes will be made by Kubernetes + to the PVC after it has been created. + \n Required, must not be nil." + properties: + metadata: + description: May contain labels and + annotations that will be copied into + the PVC when creating it. No other + fields are allowed and will be rejected + during validation. + type: object + spec: + description: The specification for the + PersistentVolumeClaim. The entire + content is copied unchanged into the + PVC that gets created from this template. + The same fields as in a PersistentVolumeClaim + are also valid here. + properties: + accessModes: + description: 'accessModes contains + the desired access modes the volume + should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1' + items: + type: string + type: array + dataSource: + description: 'dataSource field can + be used to specify either: * An + existing VolumeSnapshot object + (snapshot.storage.k8s.io/VolumeSnapshot) + * An existing PVC (PersistentVolumeClaim) + If the provisioner or an external + controller can support the specified + data source, it will create a + new volume based on the contents + of the specified data source. + When the AnyVolumeDataSource feature + gate is enabled, dataSource contents + will be copied to dataSourceRef, + and dataSourceRef contents will + be copied to dataSource when dataSourceRef.namespace + is not specified. If the namespace + is specified, then dataSourceRef + will not be copied to dataSource.' + properties: + apiGroup: + description: APIGroup is the + group for the resource being + referenced. If APIGroup is + not specified, the specified + Kind must be in the core API + group. For any other third-party + types, APIGroup is required. + type: string + kind: + description: Kind is the type + of resource being referenced + type: string + name: + description: Name is the name + of resource being referenced + type: string + required: + - kind + - name + type: object + x-kubernetes-map-type: atomic + dataSourceRef: + description: 'dataSourceRef specifies + the object from which to populate + the volume with data, if a non-empty + volume is desired. This may be + any object from a non-empty API + group (non core object) or a PersistentVolumeClaim + object. When this field is specified, + volume binding will only succeed + if the type of the specified object + matches some installed volume + populator or dynamic provisioner. + This field will replace the functionality + of the dataSource field and as + such if both fields are non-empty, + they must have the same value. + For backwards compatibility, when + namespace isn''t specified in + dataSourceRef, both fields (dataSource + and dataSourceRef) will be set + to the same value automatically + if one of them is empty and the + other is non-empty. When namespace + is specified in dataSourceRef, + dataSource isn''t set to the same + value and must be empty. There + are three important differences + between dataSource and dataSourceRef: + * While dataSource only allows + two specific types of objects, + dataSourceRef allows any non-core + object, as well as PersistentVolumeClaim + objects. * While dataSource ignores + disallowed values (dropping them), + dataSourceRef preserves all values, + and generates an error if a disallowed + value is specified. * While dataSource + only allows local objects, dataSourceRef + allows objects in any namespaces. + (Beta) Using this field requires + the AnyVolumeDataSource feature + gate to be enabled. (Alpha) Using + the namespace field of dataSourceRef + requires the CrossNamespaceVolumeDataSource + feature gate to be enabled.' + properties: + apiGroup: + description: APIGroup is the + group for the resource being + referenced. If APIGroup is + not specified, the specified + Kind must be in the core API + group. For any other third-party + types, APIGroup is required. + type: string + kind: + description: Kind is the type + of resource being referenced + type: string + name: + description: Name is the name + of resource being referenced + type: string + namespace: + description: Namespace is the + namespace of resource being + referenced Note that when + a namespace is specified, + a gateway.networking.k8s.io/ReferenceGrant + object is required in the + referent namespace to allow + that namespace's owner to + accept the reference. See + the ReferenceGrant documentation + for details. (Alpha) This + field requires the CrossNamespaceVolumeDataSource + feature gate to be enabled. + type: string + required: + - kind + - name + type: object + resources: + description: 'resources represents + the minimum resources the volume + should have. If RecoverVolumeExpansionFailure + feature is enabled users are allowed + to specify resource requirements + that are lower than previous value + but must still be higher than + capacity recorded in the status + field of the claim. More info: + https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources' + properties: + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes + the maximum amount of compute + resources allowed. More info: + https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes + the minimum amount of compute + resources required. If Requests + is omitted for a container, + it defaults to Limits if that + is explicitly specified, otherwise + to an implementation-defined + value. Requests cannot exceed + Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + type: object + selector: + description: selector is a label + query over volumes to consider + for binding. + properties: + matchExpressions: + description: matchExpressions + is a list of label selector + requirements. The requirements + are ANDed. + items: + description: A label selector + requirement is a selector + that contains values, a + key, and an operator that + relates the key and values. + properties: + key: + description: key is the + label key that the selector + applies to. + type: string + operator: + description: operator + represents a key's relationship + to a set of values. + Valid operators are + In, NotIn, Exists and + DoesNotExist. + type: string + values: + description: values is + an array of string values. + If the operator is In + or NotIn, the values + array must be non-empty. + If the operator is Exists + or DoesNotExist, the + values array must be + empty. This array is + replaced during a strategic + merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is + a map of {key,value} pairs. + A single {key,value} in the + matchLabels map is equivalent + to an element of matchExpressions, + whose key field is "key", + the operator is "In", and + the values array contains + only "value". The requirements + are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + storageClassName: + description: 'storageClassName is + the name of the StorageClass required + by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1' + type: string + volumeAttributesClassName: + description: 'volumeAttributesClassName + may be used to set the VolumeAttributesClass + used by this claim. If specified, + the CSI driver will create or + update the volume with the attributes + defined in the corresponding VolumeAttributesClass. + This has a different purpose than + storageClassName, it can be changed + after the claim is created. An + empty string value means that + no VolumeAttributesClass will + be applied to the claim but it''s + not allowed to reset this field + to empty string once it is set. + If unspecified and the PersistentVolumeClaim + is unbound, the default VolumeAttributesClass + will be set by the persistentvolume + controller if it exists. If the + resource referred to by volumeAttributesClass + does not exist, this PersistentVolumeClaim + will be set to a Pending state, + as reflected by the modifyVolumeStatus + field, until such as a resource + exists. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#volumeattributesclass + (Alpha) Using this field requires + the VolumeAttributesClass feature + gate to be enabled.' + type: string + volumeMode: + description: volumeMode defines + what type of volume is required + by the claim. Value of Filesystem + is implied when not included in + claim spec. + type: string + volumeName: + description: volumeName is the binding + reference to the PersistentVolume + backing this claim. + type: string + type: object + required: + - spec + type: object + type: object + fc: + description: fc represents a Fibre Channel resource + that is attached to a kubelet's host machine + and then exposed to the pod. + properties: + fsType: + description: 'fsType is the filesystem type + to mount. Must be a filesystem type supported + by the host operating system. Ex. "ext4", + "xfs", "ntfs". Implicitly inferred to + be "ext4" if unspecified. TODO: how do + we prevent errors in the filesystem from + compromising the machine' + type: string + lun: + description: 'lun is Optional: FC target + lun number' + format: int32 + type: integer + readOnly: + description: 'readOnly is Optional: Defaults + to false (read/write). ReadOnly here will + force the ReadOnly setting in VolumeMounts.' + type: boolean + targetWWNs: + description: 'targetWWNs is Optional: FC + target worldwide names (WWNs)' + items: + type: string + type: array + wwids: + description: 'wwids Optional: FC volume + world wide identifiers (wwids) Either + wwids or combination of targetWWNs and + lun must be set, but not both simultaneously.' + items: + type: string + type: array + type: object + flexVolume: + description: flexVolume represents a generic + volume resource that is provisioned/attached + using an exec based plugin. + properties: + driver: + description: driver is the name of the driver + to use for this volume. + type: string + fsType: + description: fsType is the filesystem type + to mount. Must be a filesystem type supported + by the host operating system. Ex. "ext4", + "xfs", "ntfs". The default filesystem + depends on FlexVolume script. + type: string + options: + additionalProperties: + type: string + description: 'options is Optional: this + field holds extra command options if any.' + type: object + readOnly: + description: 'readOnly is Optional: defaults + to false (read/write). ReadOnly here will + force the ReadOnly setting in VolumeMounts.' + type: boolean + secretRef: + description: 'secretRef is Optional: secretRef + is reference to the secret object containing + sensitive information to pass to the plugin + scripts. This may be empty if no secret + object is specified. If the secret object + contains more than one secret, all secrets + are passed to the plugin scripts.' + properties: + name: + description: 'Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + type: object + x-kubernetes-map-type: atomic + required: + - driver + type: object + flocker: + description: flocker represents a Flocker volume + attached to a kubelet's host machine. This + depends on the Flocker control service being + running + properties: + datasetName: + description: datasetName is Name of the + dataset stored as metadata -> name on + the dataset for Flocker should be considered + as deprecated + type: string + datasetUUID: + description: datasetUUID is the UUID of + the dataset. This is unique identifier + of a Flocker dataset + type: string + type: object + gcePersistentDisk: + description: 'gcePersistentDisk represents a + GCE Disk resource that is attached to a kubelet''s + host machine and then exposed to the pod. + More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' + properties: + fsType: + description: 'fsType is filesystem type + of the volume that you want to mount. + Tip: Ensure that the filesystem type is + supported by the host operating system. + Examples: "ext4", "xfs", "ntfs". Implicitly + inferred to be "ext4" if unspecified. + More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk + TODO: how do we prevent errors in the + filesystem from compromising the machine' + type: string + partition: + description: 'partition is the partition + in the volume that you want to mount. + If omitted, the default is to mount by + volume name. Examples: For volume /dev/sda1, + you specify the partition as "1". Similarly, + the volume partition for /dev/sda is "0" + (or you can leave the property empty). + More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' + format: int32 + type: integer + pdName: + description: 'pdName is unique name of the + PD resource in GCE. Used to identify the + disk in GCE. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' + type: string + readOnly: + description: 'readOnly here will force the + ReadOnly setting in VolumeMounts. Defaults + to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' + type: boolean + required: + - pdName + type: object + gitRepo: + description: 'gitRepo represents a git repository + at a particular revision. DEPRECATED: GitRepo + is deprecated. To provision a container with + a git repo, mount an EmptyDir into an InitContainer + that clones the repo using git, then mount + the EmptyDir into the Pod''s container.' + properties: + directory: + description: directory is the target directory + name. Must not contain or start with '..'. If + '.' is supplied, the volume directory + will be the git repository. Otherwise, + if specified, the volume will contain + the git repository in the subdirectory + with the given name. + type: string + repository: + description: repository is the URL + type: string + revision: + description: revision is the commit hash + for the specified revision. + type: string + required: + - repository + type: object + glusterfs: + description: 'glusterfs represents a Glusterfs + mount on the host that shares a pod''s lifetime. + More info: https://examples.k8s.io/volumes/glusterfs/README.md' + properties: + endpoints: + description: 'endpoints is the endpoint + name that details Glusterfs topology. + More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' + type: string + path: + description: 'path is the Glusterfs volume + path. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' + type: string + readOnly: + description: 'readOnly here will force the + Glusterfs volume to be mounted with read-only + permissions. Defaults to false. More info: + https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' + type: boolean + required: + - endpoints + - path + type: object + hostPath: + description: 'hostPath represents a pre-existing + file or directory on the host machine that + is directly exposed to the container. This + is generally used for system agents or other + privileged things that are allowed to see + the host machine. Most containers will NOT + need this. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath + --- TODO(jonesdl) We need to restrict who + can use host directory mounts and who can/can + not mount host directories as read/write.' + properties: + path: + description: 'path of the directory on the + host. If the path is a symlink, it will + follow the link to the real path. More + info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath' + type: string + type: + description: 'type for HostPath Volume Defaults + to "" More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath' + type: string + required: + - path + type: object + iscsi: + description: 'iscsi represents an ISCSI Disk + resource that is attached to a kubelet''s + host machine and then exposed to the pod. + More info: https://examples.k8s.io/volumes/iscsi/README.md' + properties: + chapAuthDiscovery: + description: chapAuthDiscovery defines whether + support iSCSI Discovery CHAP authentication + type: boolean + chapAuthSession: + description: chapAuthSession defines whether + support iSCSI Session CHAP authentication + type: boolean + fsType: + description: 'fsType is the filesystem type + of the volume that you want to mount. + Tip: Ensure that the filesystem type is + supported by the host operating system. + Examples: "ext4", "xfs", "ntfs". Implicitly + inferred to be "ext4" if unspecified. + More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi + TODO: how do we prevent errors in the + filesystem from compromising the machine' + type: string + initiatorName: + description: initiatorName is the custom + iSCSI Initiator Name. If initiatorName + is specified with iscsiInterface simultaneously, + new iSCSI interface : will be created for the connection. + type: string + iqn: + description: iqn is the target iSCSI Qualified + Name. + type: string + iscsiInterface: + description: iscsiInterface is the interface + Name that uses an iSCSI transport. Defaults + to 'default' (tcp). + type: string + lun: + description: lun represents iSCSI Target + Lun number. + format: int32 + type: integer + portals: + description: portals is the iSCSI Target + Portal List. The portal is either an IP + or ip_addr:port if the port is other than + default (typically TCP ports 860 and 3260). + items: + type: string + type: array + readOnly: + description: readOnly here will force the + ReadOnly setting in VolumeMounts. Defaults + to false. + type: boolean + secretRef: + description: secretRef is the CHAP Secret + for iSCSI target and initiator authentication + properties: + name: + description: 'Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + type: object + x-kubernetes-map-type: atomic + targetPortal: + description: targetPortal is iSCSI Target + Portal. The Portal is either an IP or + ip_addr:port if the port is other than + default (typically TCP ports 860 and 3260). + type: string + required: + - iqn + - lun + - targetPortal + type: object + name: + description: 'name of the volume. Must be a + DNS_LABEL and unique within the pod. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + nfs: + description: 'nfs represents an NFS mount on + the host that shares a pod''s lifetime More + info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' + properties: + path: + description: 'path that is exported by the + NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' + type: string + readOnly: + description: 'readOnly here will force the + NFS export to be mounted with read-only + permissions. Defaults to false. More info: + https://kubernetes.io/docs/concepts/storage/volumes#nfs' + type: boolean + server: + description: 'server is the hostname or + IP address of the NFS server. More info: + https://kubernetes.io/docs/concepts/storage/volumes#nfs' + type: string + required: + - path + - server + type: object + persistentVolumeClaim: + description: 'persistentVolumeClaimVolumeSource + represents a reference to a PersistentVolumeClaim + in the same namespace. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' + properties: + claimName: + description: 'claimName is the name of a + PersistentVolumeClaim in the same namespace + as the pod using this volume. More info: + https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' + type: string + readOnly: + description: readOnly Will force the ReadOnly + setting in VolumeMounts. Default false. + type: boolean + required: + - claimName + type: object + photonPersistentDisk: + description: photonPersistentDisk represents + a PhotonController persistent disk attached + and mounted on kubelets host machine + properties: + fsType: + description: fsType is the filesystem type + to mount. Must be a filesystem type supported + by the host operating system. Ex. "ext4", + "xfs", "ntfs". Implicitly inferred to + be "ext4" if unspecified. + type: string + pdID: + description: pdID is the ID that identifies + Photon Controller persistent disk + type: string + required: + - pdID + type: object + portworxVolume: + description: portworxVolume represents a portworx + volume attached and mounted on kubelets host + machine + properties: + fsType: + description: fSType represents the filesystem + type to mount Must be a filesystem type + supported by the host operating system. + Ex. "ext4", "xfs". Implicitly inferred + to be "ext4" if unspecified. + type: string + readOnly: + description: readOnly defaults to false + (read/write). ReadOnly here will force + the ReadOnly setting in VolumeMounts. + type: boolean + volumeID: + description: volumeID uniquely identifies + a Portworx volume + type: string + required: + - volumeID + type: object + projected: + description: projected items for all in one + resources secrets, configmaps, and downward + API + properties: + defaultMode: + description: defaultMode are the mode bits + used to set permissions on created files + by default. Must be an octal value between + 0000 and 0777 or a decimal value between + 0 and 511. YAML accepts both octal and + decimal values, JSON requires decimal + values for mode bits. Directories within + the path are not affected by this setting. + This might be in conflict with other options + that affect the file mode, like fsGroup, + and the result can be other mode bits + set. + format: int32 + type: integer + sources: + description: sources is the list of volume + projections + items: + description: Projection that may be projected + along with other supported volume types + properties: + clusterTrustBundle: + description: "ClusterTrustBundle allows + a pod to access the `.spec.trustBundle` + field of ClusterTrustBundle objects + in an auto-updating file. \n Alpha, + gated by the ClusterTrustBundleProjection + feature gate. \n ClusterTrustBundle + objects can either be selected by + name, or by the combination of signer + name and a label selector. \n Kubelet + performs aggressive normalization + of the PEM contents written into + the pod filesystem. Esoteric PEM + features such as inter-block comments + and block headers are stripped. + \ Certificates are deduplicated. + The ordering of certificates within + the file is arbitrary, and Kubelet + may change the order over time." + properties: + labelSelector: + description: Select all ClusterTrustBundles + that match this label selector. Only + has effect if signerName is + set. Mutually-exclusive with + name. If unset, interpreted + as "match nothing". If set + but empty, interpreted as "match + everything". + properties: + matchExpressions: + description: matchExpressions + is a list of label selector + requirements. The requirements + are ANDed. + items: + description: A label selector + requirement is a selector + that contains values, + a key, and an operator + that relates the key and + values. + properties: + key: + description: key is + the label key that + the selector applies + to. + type: string + operator: + description: operator + represents a key's + relationship to a + set of values. Valid + operators are In, + NotIn, Exists and + DoesNotExist. + type: string + values: + description: values + is an array of string + values. If the operator + is In or NotIn, the + values array must + be non-empty. If the + operator is Exists + or DoesNotExist, the + values array must + be empty. This array + is replaced during + a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is + a map of {key,value} pairs. + A single {key,value} in + the matchLabels map is equivalent + to an element of matchExpressions, + whose key field is "key", + the operator is "In", and + the values array contains + only "value". The requirements + are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + name: + description: Select a single ClusterTrustBundle + by object name. Mutually-exclusive + with signerName and labelSelector. + type: string + optional: + description: If true, don't block + pod startup if the referenced + ClusterTrustBundle(s) aren't + available. If using name, then + the named ClusterTrustBundle + is allowed not to exist. If + using signerName, then the combination + of signerName and labelSelector + is allowed to match zero ClusterTrustBundles. + type: boolean + path: + description: Relative path from + the volume root to write the + bundle. + type: string + signerName: + description: Select all ClusterTrustBundles + that match this signer name. + Mutually-exclusive with name. The + contents of all selected ClusterTrustBundles + will be unified and deduplicated. + type: string + required: + - path + type: object + configMap: + description: configMap information + about the configMap data to project + properties: + items: + description: items if unspecified, + each key-value pair in the Data + field of the referenced ConfigMap + will be projected into the volume + as a file whose name is the + key and content is the value. + If specified, the listed keys + will be projected into the specified + paths, and unlisted keys will + not be present. If a key is + specified which is not present + in the ConfigMap, the volume + setup will error unless it is + marked optional. Paths must + be relative and may not contain + the '..' path or start with + '..'. + items: + description: Maps a string key + to a path within a volume. + properties: + key: + description: key is the + key to project. + type: string + mode: + description: 'mode is Optional: + mode bits used to set + permissions on this file. + Must be an octal value + between 0000 and 0777 + or a decimal value between + 0 and 511. YAML accepts + both octal and decimal + values, JSON requires + decimal values for mode + bits. If not specified, + the volume defaultMode + will be used. This might + be in conflict with other + options that affect the + file mode, like fsGroup, + and the result can be + other mode bits set.' + format: int32 + type: integer + path: + description: path is the + relative path of the file + to map the key to. May + not be an absolute path. + May not contain the path + element '..'. May not + start with the string + '..'. + type: string + required: + - key + - path + type: object + type: array + name: + description: 'Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. + apiVersion, kind, uid?' + type: string + optional: + description: optional specify + whether the ConfigMap or its + keys must be defined + type: boolean + type: object + x-kubernetes-map-type: atomic + downwardAPI: + description: downwardAPI information + about the downwardAPI data to project + properties: + items: + description: Items is a list of + DownwardAPIVolume file + items: + description: DownwardAPIVolumeFile + represents information to + create the file containing + the pod field + properties: + fieldRef: + description: 'Required: + Selects a field of the + pod: only annotations, + labels, name and namespace + are supported.' + properties: + apiVersion: + description: Version + of the schema the + FieldPath is written + in terms of, defaults + to "v1". + type: string + fieldPath: + description: Path of + the field to select + in the specified API + version. + type: string + required: + - fieldPath + type: object + x-kubernetes-map-type: atomic + mode: + description: 'Optional: + mode bits used to set + permissions on this file, + must be an octal value + between 0000 and 0777 + or a decimal value between + 0 and 511. YAML accepts + both octal and decimal + values, JSON requires + decimal values for mode + bits. If not specified, + the volume defaultMode + will be used. This might + be in conflict with other + options that affect the + file mode, like fsGroup, + and the result can be + other mode bits set.' + format: int32 + type: integer + path: + description: 'Required: + Path is the relative + path name of the file + to be created. Must not + be absolute or contain + the ''..'' path. Must + be utf-8 encoded. The + first item of the relative + path must not start with + ''..''' + type: string + resourceFieldRef: + description: 'Selects a + resource of the container: + only resources limits + and requests (limits.cpu, + limits.memory, requests.cpu + and requests.memory) are + currently supported.' + properties: + containerName: + description: 'Container + name: required for + volumes, optional + for env vars' + type: string + divisor: + anyOf: + - type: integer + - type: string + description: Specifies + the output format + of the exposed resources, + defaults to "1" + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + description: 'Required: + resource to select' + type: string + required: + - resource + type: object + x-kubernetes-map-type: atomic + required: + - path + type: object + type: array + type: object + secret: + description: secret information about + the secret data to project + properties: + items: + description: items if unspecified, + each key-value pair in the Data + field of the referenced Secret + will be projected into the volume + as a file whose name is the + key and content is the value. + If specified, the listed keys + will be projected into the specified + paths, and unlisted keys will + not be present. If a key is + specified which is not present + in the Secret, the volume setup + will error unless it is marked + optional. Paths must be relative + and may not contain the '..' + path or start with '..'. + items: + description: Maps a string key + to a path within a volume. + properties: + key: + description: key is the + key to project. + type: string + mode: + description: 'mode is Optional: + mode bits used to set + permissions on this file. + Must be an octal value + between 0000 and 0777 + or a decimal value between + 0 and 511. YAML accepts + both octal and decimal + values, JSON requires + decimal values for mode + bits. If not specified, + the volume defaultMode + will be used. This might + be in conflict with other + options that affect the + file mode, like fsGroup, + and the result can be + other mode bits set.' + format: int32 + type: integer + path: + description: path is the + relative path of the file + to map the key to. May + not be an absolute path. + May not contain the path + element '..'. May not + start with the string + '..'. + type: string + required: + - key + - path + type: object + type: array + name: + description: 'Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. + apiVersion, kind, uid?' + type: string + optional: + description: optional field specify + whether the Secret or its key + must be defined + type: boolean + type: object + x-kubernetes-map-type: atomic + serviceAccountToken: + description: serviceAccountToken is + information about the serviceAccountToken + data to project + properties: + audience: + description: audience is the intended + audience of the token. A recipient + of a token must identify itself + with an identifier specified + in the audience of the token, + and otherwise should reject + the token. The audience defaults + to the identifier of the apiserver. + type: string + expirationSeconds: + description: expirationSeconds + is the requested duration of + validity of the service account + token. As the token approaches + expiration, the kubelet volume + plugin will proactively rotate + the service account token. The + kubelet will start trying to + rotate the token if the token + is older than 80 percent of + its time to live or if the token + is older than 24 hours.Defaults + to 1 hour and must be at least + 10 minutes. + format: int64 + type: integer + path: + description: path is the path + relative to the mount point + of the file to project the token + into. + type: string + required: + - path + type: object + type: object + type: array + type: object + quobyte: + description: quobyte represents a Quobyte mount + on the host that shares a pod's lifetime + properties: + group: + description: group to map volume access + to Default is no group + type: string + readOnly: + description: readOnly here will force the + Quobyte volume to be mounted with read-only + permissions. Defaults to false. + type: boolean + registry: + description: registry represents a single + or multiple Quobyte Registry services + specified as a string as host:port pair + (multiple entries are separated with commas) + which acts as the central registry for + volumes + type: string + tenant: + description: tenant owning the given Quobyte + volume in the Backend Used with dynamically + provisioned Quobyte volumes, value is + set by the plugin + type: string + user: + description: user to map volume access to + Defaults to serivceaccount user + type: string + volume: + description: volume is a string that references + an already created Quobyte volume by name. + type: string + required: + - registry + - volume + type: object + rbd: + description: 'rbd represents a Rados Block Device + mount on the host that shares a pod''s lifetime. + More info: https://examples.k8s.io/volumes/rbd/README.md' + properties: + fsType: + description: 'fsType is the filesystem type + of the volume that you want to mount. + Tip: Ensure that the filesystem type is + supported by the host operating system. + Examples: "ext4", "xfs", "ntfs". Implicitly + inferred to be "ext4" if unspecified. + More info: https://kubernetes.io/docs/concepts/storage/volumes#rbd + TODO: how do we prevent errors in the + filesystem from compromising the machine' + type: string + image: + description: 'image is the rados image name. + More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' + type: string + keyring: + description: 'keyring is the path to key + ring for RBDUser. Default is /etc/ceph/keyring. + More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' + type: string + monitors: + description: 'monitors is a collection of + Ceph monitors. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' + items: + type: string + type: array + pool: + description: 'pool is the rados pool name. + Default is rbd. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' + type: string + readOnly: + description: 'readOnly here will force the + ReadOnly setting in VolumeMounts. Defaults + to false. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' + type: boolean + secretRef: + description: 'secretRef is name of the authentication + secret for RBDUser. If provided overrides + keyring. Default is nil. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' + properties: + name: + description: 'Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + type: object + x-kubernetes-map-type: atomic + user: + description: 'user is the rados user name. + Default is admin. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' + type: string + required: + - image + - monitors + type: object + scaleIO: + description: scaleIO represents a ScaleIO persistent + volume attached and mounted on Kubernetes + nodes. + properties: + fsType: + description: fsType is the filesystem type + to mount. Must be a filesystem type supported + by the host operating system. Ex. "ext4", + "xfs", "ntfs". Default is "xfs". + type: string + gateway: + description: gateway is the host address + of the ScaleIO API Gateway. + type: string + protectionDomain: + description: protectionDomain is the name + of the ScaleIO Protection Domain for the + configured storage. + type: string + readOnly: + description: readOnly Defaults to false + (read/write). ReadOnly here will force + the ReadOnly setting in VolumeMounts. + type: boolean + secretRef: + description: secretRef references to the + secret for ScaleIO user and other sensitive + information. If this is not provided, + Login operation will fail. + properties: + name: + description: 'Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + type: object + x-kubernetes-map-type: atomic + sslEnabled: + description: sslEnabled Flag enable/disable + SSL communication with Gateway, default + false + type: boolean + storageMode: + description: storageMode indicates whether + the storage for a volume should be ThickProvisioned + or ThinProvisioned. Default is ThinProvisioned. + type: string + storagePool: + description: storagePool is the ScaleIO + Storage Pool associated with the protection + domain. + type: string + system: + description: system is the name of the storage + system as configured in ScaleIO. + type: string + volumeName: + description: volumeName is the name of a + volume already created in the ScaleIO + system that is associated with this volume + source. + type: string + required: + - gateway + - secretRef + - system + type: object + secret: + description: 'secret represents a secret that + should populate this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' + properties: + defaultMode: + description: 'defaultMode is Optional: mode + bits used to set permissions on created + files by default. Must be an octal value + between 0000 and 0777 or a decimal value + between 0 and 511. YAML accepts both octal + and decimal values, JSON requires decimal + values for mode bits. Defaults to 0644. + Directories within the path are not affected + by this setting. This might be in conflict + with other options that affect the file + mode, like fsGroup, and the result can + be other mode bits set.' + format: int32 + type: integer + items: + description: items If unspecified, each + key-value pair in the Data field of the + referenced Secret will be projected into + the volume as a file whose name is the + key and content is the value. If specified, + the listed keys will be projected into + the specified paths, and unlisted keys + will not be present. If a key is specified + which is not present in the Secret, the + volume setup will error unless it is marked + optional. Paths must be relative and may + not contain the '..' path or start with + '..'. + items: + description: Maps a string key to a path + within a volume. + properties: + key: + description: key is the key to project. + type: string + mode: + description: 'mode is Optional: mode + bits used to set permissions on + this file. Must be an octal value + between 0000 and 0777 or a decimal + value between 0 and 511. YAML accepts + both octal and decimal values, JSON + requires decimal values for mode + bits. If not specified, the volume + defaultMode will be used. This might + be in conflict with other options + that affect the file mode, like + fsGroup, and the result can be other + mode bits set.' + format: int32 + type: integer + path: + description: path is the relative + path of the file to map the key + to. May not be an absolute path. + May not contain the path element + '..'. May not start with the string + '..'. + type: string + required: + - key + - path + type: object + type: array + optional: + description: optional field specify whether + the Secret or its keys must be defined + type: boolean + secretName: + description: 'secretName is the name of + the secret in the pod''s namespace to + use. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' + type: string + type: object + storageos: + description: storageOS represents a StorageOS + volume attached and mounted on Kubernetes + nodes. + properties: + fsType: + description: fsType is the filesystem type + to mount. Must be a filesystem type supported + by the host operating system. Ex. "ext4", + "xfs", "ntfs". Implicitly inferred to + be "ext4" if unspecified. + type: string + readOnly: + description: readOnly defaults to false + (read/write). ReadOnly here will force + the ReadOnly setting in VolumeMounts. + type: boolean + secretRef: + description: secretRef specifies the secret + to use for obtaining the StorageOS API + credentials. If not specified, default + values will be attempted. + properties: + name: + description: 'Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + type: object + x-kubernetes-map-type: atomic + volumeName: + description: volumeName is the human-readable + name of the StorageOS volume. Volume + names are only unique within a namespace. + type: string + volumeNamespace: + description: volumeNamespace specifies the + scope of the volume within StorageOS. If + no namespace is specified then the Pod's + namespace will be used. This allows the + Kubernetes name scoping to be mirrored + within StorageOS for tighter integration. + Set VolumeName to any name to override + the default behaviour. Set to "default" + if you are not using namespaces within + StorageOS. Namespaces that do not pre-exist + within StorageOS will be created. + type: string + type: object + vsphereVolume: + description: vsphereVolume represents a vSphere + volume attached and mounted on kubelets host + machine + properties: + fsType: + description: fsType is filesystem type to + mount. Must be a filesystem type supported + by the host operating system. Ex. "ext4", + "xfs", "ntfs". Implicitly inferred to + be "ext4" if unspecified. + type: string + storagePolicyID: + description: storagePolicyID is the storage + Policy Based Management (SPBM) profile + ID associated with the StoragePolicyName. + type: string + storagePolicyName: + description: storagePolicyName is the storage + Policy Based Management (SPBM) profile + name. + type: string + volumePath: + description: volumePath is the path that + identifies vSphere volume vmdk + type: string + required: + - volumePath + type: object + required: + - name + type: object + type: array + type: object + type: object + type: object + type: object + external: + description: External enables you to configure external grafana instances + that is not managed by the operator. + properties: + adminPassword: + description: AdminPassword key to talk to the external grafana + instance. + properties: + key: + description: The key of the secret to select from. Must be + a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + optional: + description: Specify whether the Secret or its key must be + defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + adminUser: + description: AdminUser key to talk to the external grafana instance. + properties: + key: + description: The key of the secret to select from. Must be + a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + optional: + description: Specify whether the Secret or its key must be + defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + apiKey: + description: The API key to talk to the external grafana instance, + you need to define ether apiKey or adminUser/adminPassword. + properties: + key: + description: The key of the secret to select from. Must be + a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + optional: + description: Specify whether the Secret or its key must be + defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + url: + description: URL of the external grafana instance you want to + manage. + type: string + required: + - url + type: object + ingress: + description: Ingress sets how the ingress object should look like + with your grafana instance. + properties: + metadata: + description: ObjectMeta contains only a [subset of the fields + included in k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.27/#objectmeta-v1-meta). + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object + spec: + description: IngressSpec describes the Ingress the user wishes + to exist. + properties: + defaultBackend: + description: defaultBackend is the backend that should handle + requests that don't match any rule. If Rules are not specified, + DefaultBackend must be specified. If DefaultBackend is not + set, the handling of requests that do not match any of the + rules will be up to the Ingress controller. + properties: + resource: + description: resource is an ObjectRef to another Kubernetes + resource in the namespace of the Ingress object. If + resource is specified, a service.Name and service.Port + must not be specified. This is a mutually exclusive + setting with "Service". + properties: + apiGroup: + description: APIGroup is the group for the resource + being referenced. If APIGroup is not specified, + the specified Kind must be in the core API group. + For any other third-party types, APIGroup is required. + type: string + kind: + description: Kind is the type of resource being referenced + type: string + name: + description: Name is the name of resource being referenced + type: string + required: + - kind + - name + type: object + x-kubernetes-map-type: atomic + service: + description: service references a service as a backend. + This is a mutually exclusive setting with "Resource". + properties: + name: + description: name is the referenced service. The service + must exist in the same namespace as the Ingress + object. + type: string + port: + description: port of the referenced service. A port + name or port number is required for a IngressServiceBackend. + properties: + name: + description: name is the name of the port on the + Service. This is a mutually exclusive setting + with "Number". + type: string + number: + description: number is the numerical port number + (e.g. 80) on the Service. This is a mutually + exclusive setting with "Name". + format: int32 + type: integer + type: object + required: + - name + type: object + type: object + ingressClassName: + description: ingressClassName is the name of an IngressClass + cluster resource. Ingress controller implementations use + this field to know whether they should be serving this Ingress + resource, by a transitive connection (controller -> IngressClass + -> Ingress resource). Although the `kubernetes.io/ingress.class` + annotation (simple constant name) was never formally defined, + it was widely supported by Ingress controllers to create + a direct binding between Ingress controller and Ingress + resources. Newly created Ingress resources should prefer + using the field. However, even though the annotation is + officially deprecated, for backwards compatibility reasons, + ingress controllers should still honor that annotation if + present. + type: string + rules: + description: rules is a list of host rules used to configure + the Ingress. If unspecified, or no rule matches, all traffic + is sent to the default backend. + items: + description: IngressRule represents the rules mapping the + paths under a specified host to the related backend services. + Incoming requests are first evaluated for a host match, + then routed to the backend associated with the matching + IngressRuleValue. + properties: + host: + description: "host is the fully qualified domain name + of a network host, as defined by RFC 3986. Note the + following deviations from the \"host\" part of the + URI as defined in RFC 3986: 1. IPs are not allowed. + Currently an IngressRuleValue can only apply to the + IP in the Spec of the parent Ingress. 2. The `:` delimiter + is not respected because ports are not allowed. Currently + the port of an Ingress is implicitly :80 for http + and :443 for https. Both these may change in the future. + Incoming requests are matched against the host before + the IngressRuleValue. If the host is unspecified, + the Ingress routes all traffic based on the specified + IngressRuleValue. \n host can be \"precise\" which + is a domain name without the terminating dot of a + network host (e.g. \"foo.bar.com\") or \"wildcard\", + which is a domain name prefixed with a single wildcard + label (e.g. \"*.foo.com\"). The wildcard character + '*' must appear by itself as the first DNS label and + matches only a single label. You cannot have a wildcard + label by itself (e.g. Host == \"*\"). Requests will + be matched against the Host field in the following + way: 1. If host is precise, the request matches this + rule if the http host header is equal to Host. 2. + If host is a wildcard, then the request matches this + rule if the http host header is to equal to the suffix + (removing the first label) of the wildcard rule." + type: string + http: + description: 'HTTPIngressRuleValue is a list of http + selectors pointing to backends. In the example: http:///? + -> backend where where parts of the url correspond + to RFC 3986, this resource will be used to match against + everything after the last ''/'' and before the first + ''?'' or ''#''.' + properties: + paths: + description: paths is a collection of paths that + map requests to backends. + items: + description: HTTPIngressPath associates a path + with a backend. Incoming urls matching the path + are forwarded to the backend. + properties: + backend: + description: backend defines the referenced + service endpoint to which the traffic will + be forwarded to. + properties: + resource: + description: resource is an ObjectRef + to another Kubernetes resource in the + namespace of the Ingress object. If + resource is specified, a service.Name + and service.Port must not be specified. + This is a mutually exclusive setting + with "Service". + properties: + apiGroup: + description: APIGroup is the group + for the resource being referenced. + If APIGroup is not specified, the + specified Kind must be in the core + API group. For any other third-party + types, APIGroup is required. + type: string + kind: + description: Kind is the type of resource + being referenced + type: string + name: + description: Name is the name of resource + being referenced + type: string + required: + - kind + - name + type: object + x-kubernetes-map-type: atomic + service: + description: service references a service + as a backend. This is a mutually exclusive + setting with "Resource". + properties: + name: + description: name is the referenced + service. The service must exist + in the same namespace as the Ingress + object. + type: string + port: + description: port of the referenced + service. A port name or port number + is required for a IngressServiceBackend. + properties: + name: + description: name is the name + of the port on the Service. + This is a mutually exclusive + setting with "Number". + type: string + number: + description: number is the numerical + port number (e.g. 80) on the + Service. This is a mutually + exclusive setting with "Name". + format: int32 + type: integer + type: object + required: + - name + type: object + type: object + path: + description: path is matched against the path + of an incoming request. Currently it can + contain characters disallowed from the conventional + "path" part of a URL as defined by RFC 3986. + Paths must begin with a '/' and must be + present when using PathType with value "Exact" + or "Prefix". + type: string + pathType: + description: 'pathType determines the interpretation + of the path matching. PathType can be one + of the following values: * Exact: Matches + the URL path exactly. * Prefix: Matches + based on a URL path prefix split by ''/''. + Matching is done on a path element by element + basis. A path element refers is the list + of labels in the path split by the ''/'' + separator. A request is a match for path + p if every p is an element-wise prefix of + p of the request path. Note that if the + last element of the path is a substring + of the last element in request path, it + is not a match (e.g. /foo/bar matches /foo/bar/baz, + but does not match /foo/barbaz). * ImplementationSpecific: + Interpretation of the Path matching is up + to the IngressClass. Implementations can + treat this as a separate PathType or treat + it identically to Prefix or Exact path types. + Implementations are required to support + all path types.' + type: string + required: + - backend + - pathType + type: object + type: array + x-kubernetes-list-type: atomic + required: + - paths + type: object + type: object + type: array + x-kubernetes-list-type: atomic + tls: + description: tls represents the TLS configuration. Currently + the Ingress only supports a single TLS port, 443. If multiple + members of this list specify different hosts, they will + be multiplexed on the same port according to the hostname + specified through the SNI TLS extension, if the ingress + controller fulfilling the ingress supports SNI. + items: + description: IngressTLS describes the transport layer security + associated with an ingress. + properties: + hosts: + description: hosts is a list of hosts included in the + TLS certificate. The values in this list must match + the name/s used in the tlsSecret. Defaults to the + wildcard host setting for the loadbalancer controller + fulfilling this Ingress, if left unspecified. + items: + type: string + type: array + x-kubernetes-list-type: atomic + secretName: + description: secretName is the name of the secret used + to terminate TLS traffic on port 443. Field is left + optional to allow TLS routing based on SNI hostname + alone. If the SNI host in a listener conflicts with + the "Host" header field used by an IngressRule, the + SNI host is used for termination and value of the + "Host" header is used for routing. + type: string + type: object + type: array + x-kubernetes-list-type: atomic + type: object + type: object + jsonnet: + properties: + libraryLabelSelector: + description: A label selector is a label query over a set of resources. + The result of matchLabels and matchExpressions are ANDed. An + empty label selector matches all objects. A null label selector + matches no objects. + properties: + matchExpressions: + description: matchExpressions is a list of label selector + requirements. The requirements are ANDed. + items: + description: A label selector requirement is a selector + that contains values, a key, and an operator that relates + the key and values. + properties: + key: + description: key is the label key that the selector + applies to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are In, NotIn, + Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. If + the operator is In or NotIn, the values array must + be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced + during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} pairs. A + single {key,value} in the matchLabels map is equivalent + to an element of matchExpressions, whose key field is "key", + the operator is "In", and the values array contains only + "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + type: object + persistentVolumeClaim: + description: PersistentVolumeClaim creates a PVC if you need to attach + one to your grafana instance. + properties: + metadata: + description: ObjectMeta contains only a [subset of the fields + included in k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.27/#objectmeta-v1-meta). + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object + spec: + properties: + accessModes: + items: + type: string + type: array + dataSource: + description: TypedLocalObjectReference contains enough information + to let you locate the typed referenced object inside the + same namespace. + properties: + apiGroup: + description: APIGroup is the group for the resource being + referenced. If APIGroup is not specified, the specified + Kind must be in the core API group. For any other third-party + types, APIGroup is required. + type: string + kind: + description: Kind is the type of resource being referenced + type: string + name: + description: Name is the name of resource being referenced + type: string + required: + - kind + - name + type: object + x-kubernetes-map-type: atomic + dataSourceRef: + description: TypedLocalObjectReference contains enough information + to let you locate the typed referenced object inside the + same namespace. + properties: + apiGroup: + description: APIGroup is the group for the resource being + referenced. If APIGroup is not specified, the specified + Kind must be in the core API group. For any other third-party + types, APIGroup is required. + type: string + kind: + description: Kind is the type of resource being referenced + type: string + name: + description: Name is the name of resource being referenced + type: string + required: + - kind + - name + type: object + x-kubernetes-map-type: atomic + resources: + description: ResourceRequirements describes the compute resource + requirements. + properties: + claims: + description: "Claims lists the names of resources, defined + in spec.resourceClaims, that are used by this container. + \n This is an alpha field and requires enabling the + DynamicResourceAllocation feature gate. \n This field + is immutable. It can only be set for containers." + items: + description: ResourceClaim references one entry in PodSpec.ResourceClaims. + properties: + name: + description: Name must match the name of one entry + in pod.spec.resourceClaims of the Pod where this + field is used. It makes that resource available + inside a container. + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum amount of compute + resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum amount of + compute resources required. If Requests is omitted for + a container, it defaults to Limits if that is explicitly + specified, otherwise to an implementation-defined value. + Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + type: object + selector: + description: A label selector is a label query over a set + of resources. The result of matchLabels and matchExpressions + are ANDed. An empty label selector matches all objects. + A null label selector matches no objects. + properties: + matchExpressions: + description: matchExpressions is a list of label selector + requirements. The requirements are ANDed. + items: + description: A label selector requirement is a selector + that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector + applies to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are In, NotIn, + Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. + If the operator is In or NotIn, the values array + must be non-empty. If the operator is Exists or + DoesNotExist, the values array must be empty. + This array is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} pairs. + A single {key,value} in the matchLabels map is equivalent + to an element of matchExpressions, whose key field is + "key", the operator is "In", and the values array contains + only "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + storageClassName: + type: string + volumeMode: + description: PersistentVolumeMode describes how a volume is + intended to be consumed, either Block or Filesystem. + type: string + volumeName: + description: VolumeName is the binding reference to the PersistentVolume + backing this claim. + type: string + type: object + type: object + preferences: + description: Preferences holds the Grafana Preferences settings + properties: + homeDashboardUid: + type: string + type: object + route: + description: Route sets how the ingress object should look like with + your grafana instance, this only works in Openshift. + properties: + metadata: + description: ObjectMeta contains only a [subset of the fields + included in k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.27/#objectmeta-v1-meta). + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object + spec: + properties: + alternateBackends: + items: + description: RouteTargetReference specifies the target that + resolve into endpoints. Only the 'Service' kind is allowed. + Use 'weight' field to emphasize one over others. + properties: + kind: + description: The kind of target that the route is referring + to. Currently, only 'Service' is allowed + type: string + name: + description: name of the service/target that is being + referred to. e.g. name of the service + type: string + weight: + description: weight as an integer between 0 and 256, + default 100, that specifies the target's relative + weight against other target reference objects. 0 suppresses + requests to this backend. + format: int32 + type: integer + required: + - kind + - name + - weight + type: object + type: array + host: + type: string + path: + type: string + port: + description: RoutePort defines a port mapping from a router + to an endpoint in the service endpoints. + properties: + targetPort: + anyOf: + - type: integer + - type: string + description: The target port on pods selected by the service + this route points to. If this is a string, it will be + looked up as a named port in the target endpoints port + list. Required + x-kubernetes-int-or-string: true + required: + - targetPort + type: object + tls: + description: TLSConfig defines config used to secure a route + and provide termination + properties: + caCertificate: + description: caCertificate provides the cert authority + certificate contents + type: string + certificate: + description: certificate provides certificate contents + type: string + destinationCACertificate: + description: destinationCACertificate provides the contents + of the ca certificate of the final destination. When + using reencrypt termination this file should be provided + in order to have routers use it for health checks on + the secure connection. If this field is not specified, + the router may provide its own destination CA and perform + hostname validation using the short service name (service.namespace.svc), + which allows infrastructure generated certificates to + automatically verify. + type: string + insecureEdgeTerminationPolicy: + description: "insecureEdgeTerminationPolicy indicates + the desired behavior for insecure connections to a route. + While each router may make its own decisions on which + ports to expose, this is normally port 80. \n * Allow + - traffic is sent to the server on the insecure port + (default) * Disable - no traffic is allowed on the insecure + port. * Redirect - clients are redirected to the secure + port." + type: string + key: + description: key provides key file contents + type: string + termination: + description: termination indicates termination type. + type: string + required: + - termination + type: object + to: + description: RouteTargetReference specifies the target that + resolve into endpoints. Only the 'Service' kind is allowed. + Use 'weight' field to emphasize one over others. + properties: + kind: + description: The kind of target that the route is referring + to. Currently, only 'Service' is allowed + type: string + name: + description: name of the service/target that is being + referred to. e.g. name of the service + type: string + weight: + description: weight as an integer between 0 and 256, default + 100, that specifies the target's relative weight against + other target reference objects. 0 suppresses requests + to this backend. + format: int32 + type: integer + required: + - kind + - name + - weight + type: object + wildcardPolicy: + description: WildcardPolicyType indicates the type of wildcard + support needed by routes. + type: string + type: object + type: object + service: + description: Service sets how the service object should look like + with your grafana instance, contains a number of defaults. + properties: + metadata: + description: ObjectMeta contains only a [subset of the fields + included in k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.27/#objectmeta-v1-meta). + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object + spec: + description: ServiceSpec describes the attributes that a user + creates on a service. + properties: + allocateLoadBalancerNodePorts: + description: allocateLoadBalancerNodePorts defines if NodePorts + will be automatically allocated for services with type LoadBalancer. Default + is "true". It may be set to "false" if the cluster load-balancer + does not rely on NodePorts. If the caller requests specific + NodePorts (by specifying a value), those requests will be + respected, regardless of this field. This field may only + be set for services with type LoadBalancer and will be cleared + if the type is changed to any other type. + type: boolean + clusterIP: + description: 'clusterIP is the IP address of the service and + is usually assigned randomly. If an address is specified + manually, is in-range (as per system configuration), and + is not in use, it will be allocated to the service; otherwise + creation of the service will fail. This field may not be + changed through updates unless the type field is also being + changed to ExternalName (which requires this field to be + blank) or the type field is being changed from ExternalName + (in which case this field may optionally be specified, as + describe above). Valid values are "None", empty string + (""), or a valid IP address. Setting this to "None" makes + a "headless service" (no virtual IP), which is useful when + direct endpoint connections are preferred and proxying is + not required. Only applies to types ClusterIP, NodePort, + and LoadBalancer. If this field is specified when creating + a Service of type ExternalName, creation will fail. This + field will be wiped when updating a Service to type ExternalName. + More info: https://kubernetes.io/docs/concepts/services-networking/service/#virtual-ips-and-service-proxies' + type: string + clusterIPs: + description: "ClusterIPs is a list of IP addresses assigned + to this service, and are usually assigned randomly. If + an address is specified manually, is in-range (as per system + configuration), and is not in use, it will be allocated + to the service; otherwise creation of the service will fail. + This field may not be changed through updates unless the + type field is also being changed to ExternalName (which + requires this field to be empty) or the type field is being + changed from ExternalName (in which case this field may + optionally be specified, as describe above). Valid values + are \"None\", empty string (\"\"), or a valid IP address. + \ Setting this to \"None\" makes a \"headless service\" + (no virtual IP), which is useful when direct endpoint connections + are preferred and proxying is not required. Only applies + to types ClusterIP, NodePort, and LoadBalancer. If this + field is specified when creating a Service of type ExternalName, + creation will fail. This field will be wiped when updating + a Service to type ExternalName. If this field is not specified, + it will be initialized from the clusterIP field. If this + field is specified, clients must ensure that clusterIPs[0] + and clusterIP have the same value. \n This field may hold + a maximum of two entries (dual-stack IPs, in either order). + These IPs must correspond to the values of the ipFamilies + field. Both clusterIPs and ipFamilies are governed by the + ipFamilyPolicy field. More info: https://kubernetes.io/docs/concepts/services-networking/service/#virtual-ips-and-service-proxies" + items: + type: string + type: array + x-kubernetes-list-type: atomic + externalIPs: + description: externalIPs is a list of IP addresses for which + nodes in the cluster will also accept traffic for this service. These + IPs are not managed by Kubernetes. The user is responsible + for ensuring that traffic arrives at a node with this IP. A + common example is external load-balancers that are not part + of the Kubernetes system. + items: + type: string + type: array + externalName: + description: externalName is the external reference that discovery + mechanisms will return as an alias for this service (e.g. + a DNS CNAME record). No proxying will be involved. Must + be a lowercase RFC-1123 hostname (https://tools.ietf.org/html/rfc1123) + and requires `type` to be "ExternalName". + type: string + externalTrafficPolicy: + description: externalTrafficPolicy describes how nodes distribute + service traffic they receive on one of the Service's "externally-facing" + addresses (NodePorts, ExternalIPs, and LoadBalancer IPs). + If set to "Local", the proxy will configure the service + in a way that assumes that external load balancers will + take care of balancing the service traffic between nodes, + and so each node will deliver traffic only to the node-local + endpoints of the service, without masquerading the client + source IP. (Traffic mistakenly sent to a node with no endpoints + will be dropped.) The default value, "Cluster", uses the + standard behavior of routing to all endpoints evenly (possibly + modified by topology and other features). Note that traffic + sent to an External IP or LoadBalancer IP from within the + cluster will always get "Cluster" semantics, but clients + sending to a NodePort from within the cluster may need to + take traffic policy into account when picking a node. + type: string + healthCheckNodePort: + description: healthCheckNodePort specifies the healthcheck + nodePort for the service. This only applies when type is + set to LoadBalancer and externalTrafficPolicy is set to + Local. If a value is specified, is in-range, and is not + in use, it will be used. If not specified, a value will + be automatically allocated. External systems (e.g. load-balancers) + can use this port to determine if a given node holds endpoints + for this service or not. If this field is specified when + creating a Service which does not need it, creation will + fail. This field will be wiped when updating a Service to + no longer need it (e.g. changing type). This field cannot + be updated once set. + format: int32 + type: integer + internalTrafficPolicy: + description: InternalTrafficPolicy describes how nodes distribute + service traffic they receive on the ClusterIP. If set to + "Local", the proxy will assume that pods only want to talk + to endpoints of the service on the same node as the pod, + dropping the traffic if there are no local endpoints. The + default value, "Cluster", uses the standard behavior of + routing to all endpoints evenly (possibly modified by topology + and other features). + type: string + ipFamilies: + description: "IPFamilies is a list of IP families (e.g. IPv4, + IPv6) assigned to this service. This field is usually assigned + automatically based on cluster configuration and the ipFamilyPolicy + field. If this field is specified manually, the requested + family is available in the cluster, and ipFamilyPolicy allows + it, it will be used; otherwise creation of the service will + fail. This field is conditionally mutable: it allows for + adding or removing a secondary IP family, but it does not + allow changing the primary IP family of the Service. Valid + values are \"IPv4\" and \"IPv6\". This field only applies + to Services of types ClusterIP, NodePort, and LoadBalancer, + and does apply to \"headless\" services. This field will + be wiped when updating a Service to type ExternalName. \n + This field may hold a maximum of two entries (dual-stack + families, in either order). These families must correspond + to the values of the clusterIPs field, if specified. Both + clusterIPs and ipFamilies are governed by the ipFamilyPolicy + field." + items: + description: IPFamily represents the IP Family (IPv4 or + IPv6). This type is used to express the family of an IP + expressed by a type (e.g. service.spec.ipFamilies). + type: string + type: array + x-kubernetes-list-type: atomic + ipFamilyPolicy: + description: IPFamilyPolicy represents the dual-stack-ness + requested or required by this Service. If there is no value + provided, then this field will be set to SingleStack. Services + can be "SingleStack" (a single IP family), "PreferDualStack" + (two IP families on dual-stack configured clusters or a + single IP family on single-stack clusters), or "RequireDualStack" + (two IP families on dual-stack configured clusters, otherwise + fail). The ipFamilies and clusterIPs fields depend on the + value of this field. This field will be wiped when updating + a service to type ExternalName. + type: string + loadBalancerClass: + description: loadBalancerClass is the class of the load balancer + implementation this Service belongs to. If specified, the + value of this field must be a label-style identifier, with + an optional prefix, e.g. "internal-vip" or "example.com/internal-vip". + Unprefixed names are reserved for end-users. This field + can only be set when the Service type is 'LoadBalancer'. + If not set, the default load balancer implementation is + used, today this is typically done through the cloud provider + integration, but should apply for any default implementation. + If set, it is assumed that a load balancer implementation + is watching for Services with a matching class. Any default + load balancer implementation (e.g. cloud providers) should + ignore Services that set this field. This field can only + be set when creating or updating a Service to type 'LoadBalancer'. + Once set, it can not be changed. This field will be wiped + when a service is updated to a non 'LoadBalancer' type. + type: string + loadBalancerIP: + description: 'Only applies to Service Type: LoadBalancer. + This feature depends on whether the underlying cloud-provider + supports specifying the loadBalancerIP when a load balancer + is created. This field will be ignored if the cloud-provider + does not support the feature. Deprecated: This field was + under-specified and its meaning varies across implementations. + Using it is non-portable and it may not support dual-stack. + Users are encouraged to use implementation-specific annotations + when available.' + type: string + loadBalancerSourceRanges: + description: 'If specified and supported by the platform, + this will restrict traffic through the cloud-provider load-balancer + will be restricted to the specified client IPs. This field + will be ignored if the cloud-provider does not support the + feature." More info: https://kubernetes.io/docs/tasks/access-application-cluster/create-external-load-balancer/' + items: + type: string + type: array + ports: + description: 'The list of ports that are exposed by this service. + More info: https://kubernetes.io/docs/concepts/services-networking/service/#virtual-ips-and-service-proxies' + items: + description: ServicePort contains information on service's + port. + properties: + appProtocol: + description: "The application protocol for this port. + This is used as a hint for implementations to offer + richer behavior for protocols that they understand. + This field follows standard Kubernetes label syntax. + Valid values are either: \n * Un-prefixed protocol + names - reserved for IANA standard service names (as + per RFC-6335 and https://www.iana.org/assignments/service-names). + \n * Kubernetes-defined prefixed names: * 'kubernetes.io/h2c' + - HTTP/2 prior knowledge over cleartext as described + in https://www.rfc-editor.org/rfc/rfc9113.html#name-starting-http-2-with-prior- + * 'kubernetes.io/ws' - WebSocket over cleartext as + described in https://www.rfc-editor.org/rfc/rfc6455 + * 'kubernetes.io/wss' - WebSocket over TLS as described + in https://www.rfc-editor.org/rfc/rfc6455 \n * Other + protocols should use implementation-defined prefixed + names such as mycompany.com/my-custom-protocol." + type: string + name: + description: The name of this port within the service. + This must be a DNS_LABEL. All ports within a ServiceSpec + must have unique names. When considering the endpoints + for a Service, this must match the 'name' field in + the EndpointPort. Optional if only one ServicePort + is defined on this service. + type: string + nodePort: + description: 'The port on each node on which this service + is exposed when type is NodePort or LoadBalancer. Usually + assigned by the system. If a value is specified, in-range, + and not in use it will be used, otherwise the operation + will fail. If not specified, a port will be allocated + if this Service requires one. If this field is specified + when creating a Service which does not need it, creation + will fail. This field will be wiped when updating + a Service to no longer need it (e.g. changing type + from NodePort to ClusterIP). More info: https://kubernetes.io/docs/concepts/services-networking/service/#type-nodeport' + format: int32 + type: integer + port: + description: The port that will be exposed by this service. + format: int32 + type: integer + protocol: + default: TCP + description: The IP protocol for this port. Supports + "TCP", "UDP", and "SCTP". Default is TCP. + type: string + targetPort: + anyOf: + - type: integer + - type: string + description: 'Number or name of the port to access on + the pods targeted by the service. Number must be in + the range 1 to 65535. Name must be an IANA_SVC_NAME. + If this is a string, it will be looked up as a named + port in the target Pod''s container ports. If this + is not specified, the value of the ''port'' field + is used (an identity map). This field is ignored for + services with clusterIP=None, and should be omitted + or set equal to the ''port'' field. More info: https://kubernetes.io/docs/concepts/services-networking/service/#defining-a-service' + x-kubernetes-int-or-string: true + required: + - port + type: object + type: array + x-kubernetes-list-map-keys: + - port + - protocol + x-kubernetes-list-type: map + publishNotReadyAddresses: + description: publishNotReadyAddresses indicates that any agent + which deals with endpoints for this Service should disregard + any indications of ready/not-ready. The primary use case + for setting this field is for a StatefulSet's Headless Service + to propagate SRV DNS records for its Pods for the purpose + of peer discovery. The Kubernetes controllers that generate + Endpoints and EndpointSlice resources for Services interpret + this to mean that all endpoints are considered "ready" even + if the Pods themselves are not. Agents which consume only + Kubernetes generated endpoints through the Endpoints or + EndpointSlice resources can safely assume this behavior. + type: boolean + selector: + additionalProperties: + type: string + description: 'Route service traffic to pods with label keys + and values matching this selector. If empty or not present, + the service is assumed to have an external process managing + its endpoints, which Kubernetes will not modify. Only applies + to types ClusterIP, NodePort, and LoadBalancer. Ignored + if type is ExternalName. More info: https://kubernetes.io/docs/concepts/services-networking/service/' + type: object + x-kubernetes-map-type: atomic + sessionAffinity: + description: 'Supports "ClientIP" and "None". Used to maintain + session affinity. Enable client IP based session affinity. + Must be ClientIP or None. Defaults to None. More info: https://kubernetes.io/docs/concepts/services-networking/service/#virtual-ips-and-service-proxies' + type: string + sessionAffinityConfig: + description: sessionAffinityConfig contains the configurations + of session affinity. + properties: + clientIP: + description: clientIP contains the configurations of Client + IP based session affinity. + properties: + timeoutSeconds: + description: timeoutSeconds specifies the seconds + of ClientIP type session sticky time. The value + must be >0 && <=86400(for 1 day) if ServiceAffinity + == "ClientIP". Default value is 10800(for 3 hours). + format: int32 + type: integer + type: object + type: object + type: + description: 'type determines how the Service is exposed. + Defaults to ClusterIP. Valid options are ExternalName, ClusterIP, + NodePort, and LoadBalancer. "ClusterIP" allocates a cluster-internal + IP address for load-balancing to endpoints. Endpoints are + determined by the selector or if that is not specified, + by manual construction of an Endpoints object or EndpointSlice + objects. If clusterIP is "None", no virtual IP is allocated + and the endpoints are published as a set of endpoints rather + than a virtual IP. "NodePort" builds on ClusterIP and allocates + a port on every node which routes to the same endpoints + as the clusterIP. "LoadBalancer" builds on NodePort and + creates an external load-balancer (if supported in the current + cloud) which routes to the same endpoints as the clusterIP. + "ExternalName" aliases this service to the specified externalName. + Several other fields do not apply to ExternalName services. + More info: https://kubernetes.io/docs/concepts/services-networking/service/#publishing-services-service-types' + type: string + type: object + type: object + serviceAccount: + description: ServiceAccount sets how the ServiceAccount object should + look like with your grafana instance, contains a number of defaults. + properties: + automountServiceAccountToken: + type: boolean + imagePullSecrets: + items: + description: LocalObjectReference contains enough information + to let you locate the referenced object inside the same namespace. + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + type: object + x-kubernetes-map-type: atomic + type: array + metadata: + description: ObjectMeta contains only a [subset of the fields + included in k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.27/#objectmeta-v1-meta). + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object + secrets: + items: + description: "ObjectReference contains enough information to + let you inspect or modify the referred object. --- New uses + of this type are discouraged because of difficulty describing + its usage when embedded in APIs. 1. Ignored fields. It includes + many fields which are not generally honored. For instance, + ResourceVersion and FieldPath are both very rarely valid in + actual usage. 2. Invalid usage help. It is impossible to + add specific help for individual usage. In most embedded + usages, there are particular restrictions like, \"must refer + only to types A and B\" or \"UID not honored\" or \"name must + be restricted\". Those cannot be well described when embedded. + 3. Inconsistent validation. Because the usages are different, + the validation rules are different by usage, which makes it + hard for users to predict what will happen. 4. The fields + are both imprecise and overly precise. Kind is not a precise + mapping to a URL. This can produce ambiguity during interpretation + and require a REST mapping. In most cases, the dependency + is on the group,resource tuple and the version of the actual + struct is irrelevant. 5. We cannot easily change it. Because + this type is embedded in many locations, updates to this type + will affect numerous schemas. Don't make new APIs embed an + underspecified API type they do not control. \n Instead of + using this type, create a locally provided and used type that + is well-focused on your reference. For example, ServiceReferences + for admission registration: https://github.com/kubernetes/api/blob/release-1.17/admissionregistration/v1/types.go#L533 + ." + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: 'If referring to a piece of an object instead + of an entire object, this string should contain a valid + JSON/Go field access statement, such as desiredState.manifest.containers[2]. + For example, if the object reference is to a container + within a pod, this would take on a value like: "spec.containers{name}" + (where "name" refers to the name of the container that + triggered the event) or if no container name is specified + "spec.containers[2]" (container with index 2 in this pod). + This syntax is chosen only to have some well-defined way + of referencing a part of an object. TODO: this design + is not final and this field is subject to change in the + future.' + type: string + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + resourceVersion: + description: 'Specific resourceVersion to which this reference + is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + type: string + type: object + x-kubernetes-map-type: atomic + type: array + type: object + type: object + status: + description: GrafanaStatus defines the observed state of Grafana + properties: + adminUrl: + type: string + dashboards: + items: + type: string + type: array + datasources: + items: + type: string + type: array + folders: + items: + type: string + type: array + lastMessage: + type: string + stage: + type: string + stageStatus: + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} +--- +apiVersion: v1 +automountServiceAccountToken: true +kind: ServiceAccount +metadata: + name: grafana-operator-controller-manager + namespace: grafana +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: grafana-operator-permissions +rules: +- apiGroups: + - "" + resources: + - configmaps + verbs: + - get + - list + - watch + - create + - update + - patch + - delete +- apiGroups: + - coordination.k8s.io + resources: + - leases + verbs: + - get + - list + - watch + - create + - update + - patch + - delete +- apiGroups: + - "" + resources: + - events + verbs: + - create + - patch +- apiGroups: + - "" + resources: + - configmaps + - persistentvolumeclaims + - secrets + - serviceaccounts + - services + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - "" + resources: + - events + verbs: + - create + - get + - list + - patch + - watch +- apiGroups: + - apps + resources: + - deployments + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - grafana.integreatly.org + resources: + - grafanadashboards + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - grafana.integreatly.org + resources: + - grafanadashboards/finalizers + verbs: + - update +- apiGroups: + - grafana.integreatly.org + resources: + - grafanadashboards/status + verbs: + - get + - patch + - update +- apiGroups: + - grafana.integreatly.org + resources: + - grafanadatasources + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - grafana.integreatly.org + resources: + - grafanadatasources/finalizers + verbs: + - update +- apiGroups: + - grafana.integreatly.org + resources: + - grafanadatasources/status + verbs: + - get + - patch + - update +- apiGroups: + - grafana.integreatly.org + resources: + - grafanafolders + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - grafana.integreatly.org + resources: + - grafanafolders/finalizers + verbs: + - update +- apiGroups: + - grafana.integreatly.org + resources: + - grafanafolders/status + verbs: + - get + - patch + - update +- apiGroups: + - grafana.integreatly.org + resources: + - grafanas + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - grafana.integreatly.org + resources: + - grafanas/finalizers + verbs: + - update +- apiGroups: + - grafana.integreatly.org + resources: + - grafanas/status + verbs: + - get + - patch + - update +- apiGroups: + - networking.k8s.io + resources: + - ingresses + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - route.openshift.io + resources: + - routes + - routes/custom-host + verbs: + - create + - delete + - get + - list + - update + - watch +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: grafana-operator-permissions +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: grafana-operator-permissions +subjects: +- kind: ServiceAccount + name: grafana-operator-controller-manager + namespace: grafana +--- +apiVersion: v1 +kind: Service +metadata: + labels: + app.kubernetes.io/name: grafana-operator + name: grafana-operator-metrics-service + namespace: grafana +spec: + ports: + - name: metrics + port: 9090 + protocol: TCP + targetPort: metrics + selector: + app.kubernetes.io/name: grafana-operator + type: ClusterIP +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + labels: + app.kubernetes.io/name: grafana-operator + name: grafana-operator-controller-manager + namespace: grafana +spec: + replicas: 1 + selector: + matchLabels: + app.kubernetes.io/name: grafana-operator + strategy: {} + template: + metadata: + labels: + app.kubernetes.io/name: grafana-operator + spec: + containers: + - args: + - --health-probe-bind-address=:8081 + - --metrics-bind-address=0.0.0.0:9090 + - --leader-elect + image: ghcr.io/grafana/grafana-operator:v5.6.3 + imagePullPolicy: Always + livenessProbe: + httpGet: + path: /healthz + port: 8081 + initialDelaySeconds: 15 + periodSeconds: 20 + name: manager + ports: + - containerPort: 9090 + name: metrics + protocol: TCP + readinessProbe: + httpGet: + path: /readyz + port: 8081 + initialDelaySeconds: 5 + periodSeconds: 10 + resources: + limits: + cpu: 200m + memory: 256Mi + requests: + cpu: 100m + memory: 20Mi + securityContext: + allowPrivilegeEscalation: false + volumeMounts: + - mountPath: /tmp/dashboards + name: dashboards-dir + securityContext: + runAsNonRoot: true + serviceAccountName: grafana-operator-controller-manager + terminationGracePeriodSeconds: 10 + volumes: + - emptyDir: {} + name: dashboards-dir From 5847c007fb2454e95d0f617090031aa8b699d290 Mon Sep 17 00:00:00 2001 From: Wentao Zhang <35722712+whentojump@users.noreply.github.com> Date: Fri, 15 Mar 2024 12:53:20 -0500 Subject: [PATCH 32/38] Fix make clean (#359) --- Makefile | 2 +- acto/k8s_util/lib/Makefile | 4 ++-- ssa/Makefile | 2 +- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/Makefile b/Makefile index 31f987b8d7..8dc5a69cd8 100644 --- a/Makefile +++ b/Makefile @@ -4,4 +4,4 @@ lib: clean: (cd acto/k8s_util/lib && make clean) - (cd ssa && make) \ No newline at end of file + (cd ssa && make clean) diff --git a/acto/k8s_util/lib/Makefile b/acto/k8s_util/lib/Makefile index 0244bb462d..ecf1efc6d0 100644 --- a/acto/k8s_util/lib/Makefile +++ b/acto/k8s_util/lib/Makefile @@ -3,5 +3,5 @@ k8sutil: gcc test.c -o test ./k8sutil.so clean: - rm ./k8sutil.so - rm ./test \ No newline at end of file + rm -f ./k8sutil.so + rm -f ./test diff --git a/ssa/Makefile b/ssa/Makefile index 19bdcc7e47..72b9566b42 100644 --- a/ssa/Makefile +++ b/ssa/Makefile @@ -4,4 +4,4 @@ analysis: go build -buildmode=c-shared -o libanalysis.so ssa.go clean: - rm ./analysis.so \ No newline at end of file + rm -f ./analysis.so From e86aa4aa9e7e8112c47271825b350239d335fb59 Mon Sep 17 00:00:00 2001 From: manvik-uiuc <143151501+manvik-uiuc@users.noreply.github.com> Date: Fri, 15 Mar 2024 12:56:44 -0500 Subject: [PATCH 33/38] Druid Porting Config to Acto (#353) * Create config.json * adding datainfra_druid-operator porting configurations --------- Co-authored-by: Manvik Nanda --- .../druid-operator-config.json | 28 + .../druid-operator-context.json | 10214 +++++++++++++ ...ruid-operator-druid.apache.org_druids.yaml | 12163 ++++++++++++++++ .../druid-operator-tiny-cluster-zk.yaml | 71 + .../druid-operator-tiny-cluster.yaml | 370 + 5 files changed, 22846 insertions(+) create mode 100644 data/dataInfra_druid-operator/druid-operator-config.json create mode 100755 data/dataInfra_druid-operator/druid-operator-context.json create mode 100644 data/dataInfra_druid-operator/druid-operator-druid.apache.org_druids.yaml create mode 100644 data/dataInfra_druid-operator/druid-operator-tiny-cluster-zk.yaml create mode 100644 data/dataInfra_druid-operator/druid-operator-tiny-cluster.yaml diff --git a/data/dataInfra_druid-operator/druid-operator-config.json b/data/dataInfra_druid-operator/druid-operator-config.json new file mode 100644 index 0000000000..e7baf082d4 --- /dev/null +++ b/data/dataInfra_druid-operator/druid-operator-config.json @@ -0,0 +1,28 @@ +{ + "deploy":{ + "steps":[ + { + "apply": { + "file": "/users/Manvik/workdir/acto/data/druid-operator/examples/tiny-cluster-zk.yaml", + "namespace": "druid-operator-system" + } + }, + { + "wait": { + "duration": 25 + } + }, + { + "apply": { + "file": "/users/Manvik/workdir/acto/data/druid-operator/manifest.yaml", + "namespace": "druid-operator-system", + "operator": true, + "operator_container_name": "manager" + } + } + ] + }, + "crd_name": "druids.druid.apache.org", + "seed_custom_resource": "/users/Manvik/workdir/acto/data/druid-operator/examples/tiny-cluster.yaml", + "example_dir": "/users/Manvik/workdir/acto/data/druid-operator/examples" +} diff --git a/data/dataInfra_druid-operator/druid-operator-context.json b/data/dataInfra_druid-operator/druid-operator-context.json new file mode 100755 index 0000000000..446b95a472 --- /dev/null +++ b/data/dataInfra_druid-operator/druid-operator-context.json @@ -0,0 +1,10214 @@ +{ + "crd": { + "body": { + "apiVersion": "apiextensions.k8s.io/v1", + "kind": "CustomResourceDefinition", + "metadata": { + "annotations": { + "controller-gen.kubebuilder.io/version": "v0.11.2" + }, + "creationTimestamp": "2024-02-22T22:25:04Z", + "generation": 1, + "name": "druids.druid.apache.org", + "resourceVersion": "746", + "uid": "5457c277-8186-4cbc-9e4a-a999b626a052" + }, + "spec": { + "conversion": { + "strategy": "None" + }, + "group": "druid.apache.org", + "names": { + "kind": "Druid", + "listKind": "DruidList", + "plural": "druids", + "singular": "druid" + }, + "scope": "Namespaced", + "versions": [ + { + "name": "v1alpha1", + "schema": { + "openAPIV3Schema": { + "description": "Druid is the Schema for the druids API.", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", + "type": "string" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "type": "object" + }, + "spec": { + "description": "DruidSpec defines the desired state of the Druid cluster.", + "properties": { + "additionalContainer": { + "description": "AdditionalContainer defines additional sidecar containers to be deployed with the `Druid` pods.", + "items": { + "description": "AdditionalContainer defines additional sidecar containers to be deployed with the `Druid` pods. (will be part of Kubernetes native in the future: https://github.com/kubernetes/enhancements/blob/master/keps/sig-node/753-sidecar-containers/README.md#summary).", + "properties": { + "args": { + "description": "Args Arguments to call the command.", + "items": { + "type": "string" + }, + "type": "array" + }, + "command": { + "description": "Command command for the additional container.", + "items": { + "type": "string" + }, + "type": "array" + }, + "containerName": { + "description": "ContainerName name of the additional container.", + "type": "string" + }, + "env": { + "description": "Env Environment variables for the additional container.", + "items": { + "description": "EnvVar represents an environment variable present in a Container.", + "properties": { + "name": { + "description": "Name of the environment variable. Must be a C_IDENTIFIER.", + "type": "string" + }, + "value": { + "description": "Variable references $(VAR_NAME) are expanded using the previously defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to \"\".", + "type": "string" + }, + "valueFrom": { + "description": "Source for the environment variable's value. Cannot be used if value is not empty.", + "properties": { + "configMapKeyRef": { + "description": "Selects a key of a ConfigMap.", + "properties": { + "key": { + "description": "The key to select.", + "type": "string" + }, + "name": { + "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?", + "type": "string" + }, + "optional": { + "description": "Specify whether the ConfigMap or its key must be defined", + "type": "boolean" + } + }, + "required": [ + "key" + ], + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "fieldRef": { + "description": "Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs.", + "properties": { + "apiVersion": { + "description": "Version of the schema the FieldPath is written in terms of, defaults to \"v1\".", + "type": "string" + }, + "fieldPath": { + "description": "Path of the field to select in the specified API version.", + "type": "string" + } + }, + "required": [ + "fieldPath" + ], + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "resourceFieldRef": { + "description": "Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported.", + "properties": { + "containerName": { + "description": "Container name: required for volumes, optional for env vars", + "type": "string" + }, + "divisor": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "description": "Specifies the output format of the exposed resources, defaults to \"1\"", + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "resource": { + "description": "Required: resource to select", + "type": "string" + } + }, + "required": [ + "resource" + ], + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "secretKeyRef": { + "description": "Selects a key of a secret in the pod's namespace", + "properties": { + "key": { + "description": "The key of the secret to select from. Must be a valid secret key.", + "type": "string" + }, + "name": { + "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?", + "type": "string" + }, + "optional": { + "description": "Specify whether the Secret or its key must be defined", + "type": "boolean" + } + }, + "required": [ + "key" + ], + "type": "object", + "x-kubernetes-map-type": "atomic" + } + }, + "type": "object" + } + }, + "required": [ + "name" + ], + "type": "object" + }, + "type": "array" + }, + "envFrom": { + "description": "EnvFrom Extra environment variables from remote source (ConfigMaps, Secrets...).", + "items": { + "description": "EnvFromSource represents the source of a set of ConfigMaps", + "properties": { + "configMapRef": { + "description": "The ConfigMap to select from", + "properties": { + "name": { + "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?", + "type": "string" + }, + "optional": { + "description": "Specify whether the ConfigMap must be defined", + "type": "boolean" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "prefix": { + "description": "An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER.", + "type": "string" + }, + "secretRef": { + "description": "The Secret to select from", + "properties": { + "name": { + "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?", + "type": "string" + }, + "optional": { + "description": "Specify whether the Secret must be defined", + "type": "boolean" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + } + }, + "type": "object" + }, + "type": "array" + }, + "image": { + "description": "Image Image of the additional container.", + "type": "string" + }, + "imagePullPolicy": { + "description": "ImagePullPolicy If not present, will be taken from top level spec.", + "type": "string" + }, + "resources": { + "description": "Resources Kubernetes Native `resources` specification.", + "properties": { + "claims": { + "description": "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers.", + "items": { + "description": "ResourceClaim references one entry in PodSpec.ResourceClaims.", + "properties": { + "name": { + "description": "Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container.", + "type": "string" + } + }, + "required": [ + "name" + ], + "type": "object" + }, + "type": "array", + "x-kubernetes-list-map-keys": [ + "name" + ], + "x-kubernetes-list-type": "map" + }, + "limits": { + "additionalProperties": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "description": "Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/", + "type": "object" + }, + "requests": { + "additionalProperties": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "description": "Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/", + "type": "object" + } + }, + "type": "object" + }, + "runAsInit": { + "description": "RunAsInit indicate whether this should be an init container.", + "type": "boolean" + }, + "securityContext": { + "description": "ContainerSecurityContext If not present, will be taken from top level pod.", + "properties": { + "allowPrivilegeEscalation": { + "description": "AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN Note that this field cannot be set when spec.os.name is windows.", + "type": "boolean" + }, + "capabilities": { + "description": "The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. Note that this field cannot be set when spec.os.name is windows.", + "properties": { + "add": { + "description": "Added capabilities", + "items": { + "description": "Capability represent POSIX capabilities type", + "type": "string" + }, + "type": "array" + }, + "drop": { + "description": "Removed capabilities", + "items": { + "description": "Capability represent POSIX capabilities type", + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + }, + "privileged": { + "description": "Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. Note that this field cannot be set when spec.os.name is windows.", + "type": "boolean" + }, + "procMount": { + "description": "procMount denotes the type of proc mount to use for the containers. The default is DefaultProcMount which uses the container runtime defaults for readonly paths and masked paths. This requires the ProcMountType feature flag to be enabled. Note that this field cannot be set when spec.os.name is windows.", + "type": "string" + }, + "readOnlyRootFilesystem": { + "description": "Whether this container has a read-only root filesystem. Default is false. Note that this field cannot be set when spec.os.name is windows.", + "type": "boolean" + }, + "runAsGroup": { + "description": "The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows.", + "format": "int64", + "type": "integer" + }, + "runAsNonRoot": { + "description": "Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.", + "type": "boolean" + }, + "runAsUser": { + "description": "The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows.", + "format": "int64", + "type": "integer" + }, + "seLinuxOptions": { + "description": "The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows.", + "properties": { + "level": { + "description": "Level is SELinux level label that applies to the container.", + "type": "string" + }, + "role": { + "description": "Role is a SELinux role label that applies to the container.", + "type": "string" + }, + "type": { + "description": "Type is a SELinux type label that applies to the container.", + "type": "string" + }, + "user": { + "description": "User is a SELinux user label that applies to the container.", + "type": "string" + } + }, + "type": "object" + }, + "seccompProfile": { + "description": "The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows.", + "properties": { + "localhostProfile": { + "description": "localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must only be set if type is \"Localhost\".", + "type": "string" + }, + "type": { + "description": "type indicates which kind of seccomp profile will be applied. Valid options are: \n Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied.", + "type": "string" + } + }, + "required": [ + "type" + ], + "type": "object" + }, + "windowsOptions": { + "description": "The Windows specific settings applied to all containers. If unspecified, the options from the PodSecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is linux.", + "properties": { + "gmsaCredentialSpec": { + "description": "GMSACredentialSpec is where the GMSA admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the GMSA credential spec named by the GMSACredentialSpecName field.", + "type": "string" + }, + "gmsaCredentialSpecName": { + "description": "GMSACredentialSpecName is the name of the GMSA credential spec to use.", + "type": "string" + }, + "hostProcess": { + "description": "HostProcess determines if a container should be run as a 'Host Process' container. This field is alpha-level and will only be honored by components that enable the WindowsHostProcessContainers feature flag. Setting this field without the feature flag will result in errors when validating the Pod. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.", + "type": "boolean" + }, + "runAsUserName": { + "description": "The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.", + "type": "string" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "volumeMounts": { + "description": "VolumeMounts Kubernetes Native `VolumeMount` specification.", + "items": { + "description": "VolumeMount describes a mounting of a Volume within a container.", + "properties": { + "mountPath": { + "description": "Path within the container at which the volume should be mounted. Must not contain ':'.", + "type": "string" + }, + "mountPropagation": { + "description": "mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationNone is used. This field is beta in 1.10.", + "type": "string" + }, + "name": { + "description": "This must match the Name of a Volume.", + "type": "string" + }, + "readOnly": { + "description": "Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false.", + "type": "boolean" + }, + "subPath": { + "description": "Path within the volume from which the container's volume should be mounted. Defaults to \"\" (volume's root).", + "type": "string" + }, + "subPathExpr": { + "description": "Expanded path within the volume from which the container's volume should be mounted. Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. Defaults to \"\" (volume's root). SubPathExpr and SubPath are mutually exclusive.", + "type": "string" + } + }, + "required": [ + "mountPath", + "name" + ], + "type": "object" + }, + "type": "array" + } + }, + "required": [ + "command", + "containerName", + "image" + ], + "type": "object" + }, + "type": "array" + }, + "affinity": { + "description": "Affinity Kubernetes native `affinity` specification.", + "properties": { + "nodeAffinity": { + "description": "Describes node affinity scheduling rules for the pod.", + "properties": { + "preferredDuringSchedulingIgnoredDuringExecution": { + "description": "The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding \"weight\" to the sum if the node matches the corresponding matchExpressions; the node(s) with the highest sum are the most preferred.", + "items": { + "description": "An empty preferred scheduling term matches all objects with implicit weight 0 (i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op).", + "properties": { + "preference": { + "description": "A node selector term, associated with the corresponding weight.", + "properties": { + "matchExpressions": { + "description": "A list of node selector requirements by node's labels.", + "items": { + "description": "A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values.", + "properties": { + "key": { + "description": "The label key that the selector applies to.", + "type": "string" + }, + "operator": { + "description": "Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.", + "type": "string" + }, + "values": { + "description": "An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array" + }, + "matchFields": { + "description": "A list of node selector requirements by node's fields.", + "items": { + "description": "A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values.", + "properties": { + "key": { + "description": "The label key that the selector applies to.", + "type": "string" + }, + "operator": { + "description": "Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.", + "type": "string" + }, + "values": { + "description": "An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "weight": { + "description": "Weight associated with matching the corresponding nodeSelectorTerm, in the range 1-100.", + "format": "int32", + "type": "integer" + } + }, + "required": [ + "preference", + "weight" + ], + "type": "object" + }, + "type": "array" + }, + "requiredDuringSchedulingIgnoredDuringExecution": { + "description": "If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to an update), the system may or may not try to eventually evict the pod from its node.", + "properties": { + "nodeSelectorTerms": { + "description": "Required. A list of node selector terms. The terms are ORed.", + "items": { + "description": "A null or empty node selector term matches no objects. The requirements of them are ANDed. The TopologySelectorTerm type implements a subset of the NodeSelectorTerm.", + "properties": { + "matchExpressions": { + "description": "A list of node selector requirements by node's labels.", + "items": { + "description": "A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values.", + "properties": { + "key": { + "description": "The label key that the selector applies to.", + "type": "string" + }, + "operator": { + "description": "Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.", + "type": "string" + }, + "values": { + "description": "An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array" + }, + "matchFields": { + "description": "A list of node selector requirements by node's fields.", + "items": { + "description": "A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values.", + "properties": { + "key": { + "description": "The label key that the selector applies to.", + "type": "string" + }, + "operator": { + "description": "Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.", + "type": "string" + }, + "values": { + "description": "An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "type": "array" + } + }, + "required": [ + "nodeSelectorTerms" + ], + "type": "object", + "x-kubernetes-map-type": "atomic" + } + }, + "type": "object" + }, + "podAffinity": { + "description": "Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s)).", + "properties": { + "preferredDuringSchedulingIgnoredDuringExecution": { + "description": "The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding \"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred.", + "items": { + "description": "The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s)", + "properties": { + "podAffinityTerm": { + "description": "Required. A pod affinity term, associated with the corresponding weight.", + "properties": { + "labelSelector": { + "description": "A label query over a set of resources, in this case pods.", + "properties": { + "matchExpressions": { + "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", + "items": { + "description": "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.", + "properties": { + "key": { + "description": "key is the label key that the selector applies to.", + "type": "string" + }, + "operator": { + "description": "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.", + "type": "string" + }, + "values": { + "description": "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array" + }, + "matchLabels": { + "additionalProperties": { + "type": "string" + }, + "description": "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", + "type": "object" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "namespaceSelector": { + "description": "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means \"this pod's namespace\". An empty selector ({}) matches all namespaces.", + "properties": { + "matchExpressions": { + "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", + "items": { + "description": "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.", + "properties": { + "key": { + "description": "key is the label key that the selector applies to.", + "type": "string" + }, + "operator": { + "description": "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.", + "type": "string" + }, + "values": { + "description": "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array" + }, + "matchLabels": { + "additionalProperties": { + "type": "string" + }, + "description": "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", + "type": "object" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "namespaces": { + "description": "namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means \"this pod's namespace\".", + "items": { + "type": "string" + }, + "type": "array" + }, + "topologyKey": { + "description": "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed.", + "type": "string" + } + }, + "required": [ + "topologyKey" + ], + "type": "object" + }, + "weight": { + "description": "weight associated with matching the corresponding podAffinityTerm, in the range 1-100.", + "format": "int32", + "type": "integer" + } + }, + "required": [ + "podAffinityTerm", + "weight" + ], + "type": "object" + }, + "type": "array" + }, + "requiredDuringSchedulingIgnoredDuringExecution": { + "description": "If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied.", + "items": { + "description": "Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running", + "properties": { + "labelSelector": { + "description": "A label query over a set of resources, in this case pods.", + "properties": { + "matchExpressions": { + "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", + "items": { + "description": "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.", + "properties": { + "key": { + "description": "key is the label key that the selector applies to.", + "type": "string" + }, + "operator": { + "description": "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.", + "type": "string" + }, + "values": { + "description": "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array" + }, + "matchLabels": { + "additionalProperties": { + "type": "string" + }, + "description": "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", + "type": "object" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "namespaceSelector": { + "description": "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means \"this pod's namespace\". An empty selector ({}) matches all namespaces.", + "properties": { + "matchExpressions": { + "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", + "items": { + "description": "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.", + "properties": { + "key": { + "description": "key is the label key that the selector applies to.", + "type": "string" + }, + "operator": { + "description": "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.", + "type": "string" + }, + "values": { + "description": "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array" + }, + "matchLabels": { + "additionalProperties": { + "type": "string" + }, + "description": "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", + "type": "object" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "namespaces": { + "description": "namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means \"this pod's namespace\".", + "items": { + "type": "string" + }, + "type": "array" + }, + "topologyKey": { + "description": "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed.", + "type": "string" + } + }, + "required": [ + "topologyKey" + ], + "type": "object" + }, + "type": "array" + } + }, + "type": "object" + }, + "podAntiAffinity": { + "description": "Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s)).", + "properties": { + "preferredDuringSchedulingIgnoredDuringExecution": { + "description": "The scheduler will prefer to schedule pods to nodes that satisfy the anti-affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling anti-affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding \"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred.", + "items": { + "description": "The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s)", + "properties": { + "podAffinityTerm": { + "description": "Required. A pod affinity term, associated with the corresponding weight.", + "properties": { + "labelSelector": { + "description": "A label query over a set of resources, in this case pods.", + "properties": { + "matchExpressions": { + "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", + "items": { + "description": "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.", + "properties": { + "key": { + "description": "key is the label key that the selector applies to.", + "type": "string" + }, + "operator": { + "description": "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.", + "type": "string" + }, + "values": { + "description": "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array" + }, + "matchLabels": { + "additionalProperties": { + "type": "string" + }, + "description": "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", + "type": "object" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "namespaceSelector": { + "description": "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means \"this pod's namespace\". An empty selector ({}) matches all namespaces.", + "properties": { + "matchExpressions": { + "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", + "items": { + "description": "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.", + "properties": { + "key": { + "description": "key is the label key that the selector applies to.", + "type": "string" + }, + "operator": { + "description": "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.", + "type": "string" + }, + "values": { + "description": "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array" + }, + "matchLabels": { + "additionalProperties": { + "type": "string" + }, + "description": "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", + "type": "object" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "namespaces": { + "description": "namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means \"this pod's namespace\".", + "items": { + "type": "string" + }, + "type": "array" + }, + "topologyKey": { + "description": "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed.", + "type": "string" + } + }, + "required": [ + "topologyKey" + ], + "type": "object" + }, + "weight": { + "description": "weight associated with matching the corresponding podAffinityTerm, in the range 1-100.", + "format": "int32", + "type": "integer" + } + }, + "required": [ + "podAffinityTerm", + "weight" + ], + "type": "object" + }, + "type": "array" + }, + "requiredDuringSchedulingIgnoredDuringExecution": { + "description": "If the anti-affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the anti-affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied.", + "items": { + "description": "Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running", + "properties": { + "labelSelector": { + "description": "A label query over a set of resources, in this case pods.", + "properties": { + "matchExpressions": { + "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", + "items": { + "description": "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.", + "properties": { + "key": { + "description": "key is the label key that the selector applies to.", + "type": "string" + }, + "operator": { + "description": "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.", + "type": "string" + }, + "values": { + "description": "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array" + }, + "matchLabels": { + "additionalProperties": { + "type": "string" + }, + "description": "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", + "type": "object" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "namespaceSelector": { + "description": "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means \"this pod's namespace\". An empty selector ({}) matches all namespaces.", + "properties": { + "matchExpressions": { + "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", + "items": { + "description": "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.", + "properties": { + "key": { + "description": "key is the label key that the selector applies to.", + "type": "string" + }, + "operator": { + "description": "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.", + "type": "string" + }, + "values": { + "description": "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array" + }, + "matchLabels": { + "additionalProperties": { + "type": "string" + }, + "description": "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", + "type": "object" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "namespaces": { + "description": "namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means \"this pod's namespace\".", + "items": { + "type": "string" + }, + "type": "array" + }, + "topologyKey": { + "description": "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed.", + "type": "string" + } + }, + "required": [ + "topologyKey" + ], + "type": "object" + }, + "type": "array" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "common.runtime.properties": { + "description": "CommonRuntimeProperties Content fo the `common.runtime.properties` configuration file.", + "type": "string" + }, + "commonConfigMountPath": { + "default": "/opt/druid/conf/druid/cluster/_common", + "description": "CommonConfigMountPath In-container directory to mount the Druid common configuration", + "type": "string" + }, + "containerSecurityContext": { + "description": "ContainerSecurityContext", + "properties": { + "allowPrivilegeEscalation": { + "description": "AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN Note that this field cannot be set when spec.os.name is windows.", + "type": "boolean" + }, + "capabilities": { + "description": "The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. Note that this field cannot be set when spec.os.name is windows.", + "properties": { + "add": { + "description": "Added capabilities", + "items": { + "description": "Capability represent POSIX capabilities type", + "type": "string" + }, + "type": "array" + }, + "drop": { + "description": "Removed capabilities", + "items": { + "description": "Capability represent POSIX capabilities type", + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + }, + "privileged": { + "description": "Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. Note that this field cannot be set when spec.os.name is windows.", + "type": "boolean" + }, + "procMount": { + "description": "procMount denotes the type of proc mount to use for the containers. The default is DefaultProcMount which uses the container runtime defaults for readonly paths and masked paths. This requires the ProcMountType feature flag to be enabled. Note that this field cannot be set when spec.os.name is windows.", + "type": "string" + }, + "readOnlyRootFilesystem": { + "description": "Whether this container has a read-only root filesystem. Default is false. Note that this field cannot be set when spec.os.name is windows.", + "type": "boolean" + }, + "runAsGroup": { + "description": "The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows.", + "format": "int64", + "type": "integer" + }, + "runAsNonRoot": { + "description": "Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.", + "type": "boolean" + }, + "runAsUser": { + "description": "The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows.", + "format": "int64", + "type": "integer" + }, + "seLinuxOptions": { + "description": "The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows.", + "properties": { + "level": { + "description": "Level is SELinux level label that applies to the container.", + "type": "string" + }, + "role": { + "description": "Role is a SELinux role label that applies to the container.", + "type": "string" + }, + "type": { + "description": "Type is a SELinux type label that applies to the container.", + "type": "string" + }, + "user": { + "description": "User is a SELinux user label that applies to the container.", + "type": "string" + } + }, + "type": "object" + }, + "seccompProfile": { + "description": "The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows.", + "properties": { + "localhostProfile": { + "description": "localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must only be set if type is \"Localhost\".", + "type": "string" + }, + "type": { + "description": "type indicates which kind of seccomp profile will be applied. Valid options are: \n Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied.", + "type": "string" + } + }, + "required": [ + "type" + ], + "type": "object" + }, + "windowsOptions": { + "description": "The Windows specific settings applied to all containers. If unspecified, the options from the PodSecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is linux.", + "properties": { + "gmsaCredentialSpec": { + "description": "GMSACredentialSpec is where the GMSA admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the GMSA credential spec named by the GMSACredentialSpecName field.", + "type": "string" + }, + "gmsaCredentialSpecName": { + "description": "GMSACredentialSpecName is the name of the GMSA credential spec to use.", + "type": "string" + }, + "hostProcess": { + "description": "HostProcess determines if a container should be run as a 'Host Process' container. This field is alpha-level and will only be honored by components that enable the WindowsHostProcessContainers feature flag. Setting this field without the feature flag will result in errors when validating the Pod. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.", + "type": "boolean" + }, + "runAsUserName": { + "description": "The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.", + "type": "string" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "core-site.xml": { + "description": "CoreSite Contents of `core-site.xml`.", + "type": "string" + }, + "deepStorage": { + "description": "DeepStorage IGNORED (Future API): In order to make Druid dependency setup extensible from within Druid operator.", + "properties": { + "spec": { + "description": "RawMessage is a raw encoded JSON value. It implements Marshaler and Unmarshaler and can be used to delay JSON decoding or precompute a JSON encoding.", + "format": "byte", + "type": "string" + }, + "type": { + "type": "string" + } + }, + "required": [ + "spec", + "type" + ], + "type": "object" + }, + "defaultProbes": { + "default": true, + "description": "DefaultProbes If set to true this will add default probes (liveness / readiness / startup) for all druid components but it won't override existing probes", + "type": "boolean" + }, + "deleteOrphanPvc": { + "default": true, + "description": "DeleteOrphanPvc Orphaned (unmounted PVCs) shall be cleaned up by the operator.", + "type": "boolean" + }, + "disablePVCDeletionFinalizer": { + "default": false, + "description": "DisablePVCDeletionFinalizer Whether PVCs shall be deleted on the deletion of the Druid cluster.", + "type": "boolean" + }, + "env": { + "description": "Env Environment variables for druid containers.", + "items": { + "description": "EnvVar represents an environment variable present in a Container.", + "properties": { + "name": { + "description": "Name of the environment variable. Must be a C_IDENTIFIER.", + "type": "string" + }, + "value": { + "description": "Variable references $(VAR_NAME) are expanded using the previously defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to \"\".", + "type": "string" + }, + "valueFrom": { + "description": "Source for the environment variable's value. Cannot be used if value is not empty.", + "properties": { + "configMapKeyRef": { + "description": "Selects a key of a ConfigMap.", + "properties": { + "key": { + "description": "The key to select.", + "type": "string" + }, + "name": { + "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?", + "type": "string" + }, + "optional": { + "description": "Specify whether the ConfigMap or its key must be defined", + "type": "boolean" + } + }, + "required": [ + "key" + ], + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "fieldRef": { + "description": "Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs.", + "properties": { + "apiVersion": { + "description": "Version of the schema the FieldPath is written in terms of, defaults to \"v1\".", + "type": "string" + }, + "fieldPath": { + "description": "Path of the field to select in the specified API version.", + "type": "string" + } + }, + "required": [ + "fieldPath" + ], + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "resourceFieldRef": { + "description": "Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported.", + "properties": { + "containerName": { + "description": "Container name: required for volumes, optional for env vars", + "type": "string" + }, + "divisor": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "description": "Specifies the output format of the exposed resources, defaults to \"1\"", + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "resource": { + "description": "Required: resource to select", + "type": "string" + } + }, + "required": [ + "resource" + ], + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "secretKeyRef": { + "description": "Selects a key of a secret in the pod's namespace", + "properties": { + "key": { + "description": "The key of the secret to select from. Must be a valid secret key.", + "type": "string" + }, + "name": { + "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?", + "type": "string" + }, + "optional": { + "description": "Specify whether the Secret or its key must be defined", + "type": "boolean" + } + }, + "required": [ + "key" + ], + "type": "object", + "x-kubernetes-map-type": "atomic" + } + }, + "type": "object" + } + }, + "required": [ + "name" + ], + "type": "object" + }, + "type": "array" + }, + "envFrom": { + "description": "EnvFrom Extra environment variables from remote source (ConfigMaps, Secrets...).", + "items": { + "description": "EnvFromSource represents the source of a set of ConfigMaps", + "properties": { + "configMapRef": { + "description": "The ConfigMap to select from", + "properties": { + "name": { + "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?", + "type": "string" + }, + "optional": { + "description": "Specify whether the ConfigMap must be defined", + "type": "boolean" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "prefix": { + "description": "An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER.", + "type": "string" + }, + "secretRef": { + "description": "The Secret to select from", + "properties": { + "name": { + "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?", + "type": "string" + }, + "optional": { + "description": "Specify whether the Secret must be defined", + "type": "boolean" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + } + }, + "type": "object" + }, + "type": "array" + }, + "extraCommonConfig": { + "description": "ExtraCommonConfig References to ConfigMaps holding more configuration files to mount to the common configuration path.", + "items": { + "description": "ObjectReference contains enough information to let you inspect or modify the referred object. --- New uses of this type are discouraged because of difficulty describing its usage when embedded in APIs. 1. Ignored fields. It includes many fields which are not generally honored. For instance, ResourceVersion and FieldPath are both very rarely valid in actual usage. 2. Invalid usage help. It is impossible to add specific help for individual usage. In most embedded usages, there are particular restrictions like, \"must refer only to types A and B\" or \"UID not honored\" or \"name must be restricted\". Those cannot be well described when embedded. 3. Inconsistent validation. Because the usages are different, the validation rules are different by usage, which makes it hard for users to predict what will happen. 4. The fields are both imprecise and overly precise. Kind is not a precise mapping to a URL. This can produce ambiguity during interpretation and require a REST mapping. In most cases, the dependency is on the group,resource tuple and the version of the actual struct is irrelevant. 5. We cannot easily change it. Because this type is embedded in many locations, updates to this type will affect numerous schemas. Don't make new APIs embed an underspecified API type they do not control. \n Instead of using this type, create a locally provided and used type that is well-focused on your reference. For example, ServiceReferences for admission registration: https://github.com/kubernetes/api/blob/release-1.17/admissionregistration/v1/types.go#L533 .", + "properties": { + "apiVersion": { + "description": "API version of the referent.", + "type": "string" + }, + "fieldPath": { + "description": "If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: \"spec.containers{name}\" (where \"name\" refers to the name of the container that triggered the event) or if no container name is specified \"spec.containers[2]\" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. TODO: this design is not final and this field is subject to change in the future.", + "type": "string" + }, + "kind": { + "description": "Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", + "type": "string" + }, + "name": { + "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names", + "type": "string" + }, + "namespace": { + "description": "Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/", + "type": "string" + }, + "resourceVersion": { + "description": "Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency", + "type": "string" + }, + "uid": { + "description": "UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids", + "type": "string" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "type": "array" + }, + "forceDeleteStsPodOnError": { + "default": true, + "description": "ForceDeleteStsPodOnError Delete the StatefulSet's pods if the StatefulSet is set to ordered ready. issue: https://github.com/kubernetes/kubernetes/issues/67250 doc: https://kubernetes.io/docs/concepts/workloads/controllers/statefulset/#forced-rollback", + "type": "boolean" + }, + "hdfs-site.xml": { + "description": "HdfsSite Contents of `hdfs-site.xml`.", + "type": "string" + }, + "ignored": { + "default": false, + "description": "Ignored is now deprecated API. In order to avoid reconciliation of objects use the `druid.apache.org/ignored: \"true\"` annotation.", + "type": "boolean" + }, + "image": { + "description": "Image Required here or at the NodeSpec level.", + "type": "string" + }, + "imagePullPolicy": { + "default": "IfNotPresent", + "description": "ImagePullPolicy", + "type": "string" + }, + "imagePullSecrets": { + "description": "ImagePullSecrets", + "items": { + "description": "LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace.", + "properties": { + "name": { + "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?", + "type": "string" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "type": "array" + }, + "jvm.options": { + "description": "JvmOptions Contents of the shared `jvm.options` configuration file for druid JVM processes.", + "type": "string" + }, + "livenessProbe": { + "description": "LivenessProbe Port is set to `druid.port` if not specified with httpGet handler.", + "properties": { + "exec": { + "description": "Exec specifies the action to take.", + "properties": { + "command": { + "description": "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + }, + "failureThreshold": { + "description": "Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.", + "format": "int32", + "type": "integer" + }, + "grpc": { + "description": "GRPC specifies an action involving a GRPC port.", + "properties": { + "port": { + "description": "Port number of the gRPC service. Number must be in the range 1 to 65535.", + "format": "int32", + "type": "integer" + }, + "service": { + "description": "Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). \n If this is not specified, the default behavior is defined by gRPC.", + "type": "string" + } + }, + "required": [ + "port" + ], + "type": "object" + }, + "httpGet": { + "description": "HTTPGet specifies the http request to perform.", + "properties": { + "host": { + "description": "Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead.", + "type": "string" + }, + "httpHeaders": { + "description": "Custom headers to set in the request. HTTP allows repeated headers.", + "items": { + "description": "HTTPHeader describes a custom header to be used in HTTP probes", + "properties": { + "name": { + "description": "The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.", + "type": "string" + }, + "value": { + "description": "The header field value", + "type": "string" + } + }, + "required": [ + "name", + "value" + ], + "type": "object" + }, + "type": "array" + }, + "path": { + "description": "Path to access on the HTTP server.", + "type": "string" + }, + "port": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "description": "Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.", + "x-kubernetes-int-or-string": true + }, + "scheme": { + "description": "Scheme to use for connecting to the host. Defaults to HTTP.", + "type": "string" + } + }, + "required": [ + "port" + ], + "type": "object" + }, + "initialDelaySeconds": { + "description": "Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes", + "format": "int32", + "type": "integer" + }, + "periodSeconds": { + "description": "How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1.", + "format": "int32", + "type": "integer" + }, + "successThreshold": { + "description": "Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1.", + "format": "int32", + "type": "integer" + }, + "tcpSocket": { + "description": "TCPSocket specifies an action involving a TCP port.", + "properties": { + "host": { + "description": "Optional: Host name to connect to, defaults to the pod IP.", + "type": "string" + }, + "port": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "description": "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.", + "x-kubernetes-int-or-string": true + } + }, + "required": [ + "port" + ], + "type": "object" + }, + "terminationGracePeriodSeconds": { + "description": "Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset.", + "format": "int64", + "type": "integer" + }, + "timeoutSeconds": { + "description": "Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes", + "format": "int32", + "type": "integer" + } + }, + "type": "object" + }, + "log4j.config": { + "description": "Log4jConfig contents `log4j.config` configuration file.", + "type": "string" + }, + "metadataStore": { + "description": "MetadataStore IGNORED (Future API): In order to make Druid dependency setup extensible from within Druid operator.", + "properties": { + "spec": { + "description": "RawMessage is a raw encoded JSON value. It implements Marshaler and Unmarshaler and can be used to delay JSON decoding or precompute a JSON encoding.", + "format": "byte", + "type": "string" + }, + "type": { + "type": "string" + } + }, + "required": [ + "spec", + "type" + ], + "type": "object" + }, + "metricDimensions.json": { + "description": "DimensionsMapPath Custom Dimension Map Path for statsd emitter. stastd documentation is described in the following documentation: https://druid.apache.org/docs/latest/development/extensions-contrib/statsd.html", + "type": "string" + }, + "nodeSelector": { + "additionalProperties": { + "type": "string" + }, + "description": "NodeSelector Kubernetes native `nodeSelector` specification.", + "type": "object" + }, + "nodes": { + "additionalProperties": { + "description": "DruidNodeSpec Specification of `Druid` Node type and its configurations. The key in following map can be arbitrary string that helps you identify resources for a specific nodeSpec. It is used in the Kubernetes resources' names, so it must be compliant with restrictions placed on Kubernetes resource names: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/", + "properties": { + "additionalContainer": { + "description": "Operator deploys the sidecar container based on these properties.", + "items": { + "description": "AdditionalContainer defines additional sidecar containers to be deployed with the `Druid` pods. (will be part of Kubernetes native in the future: https://github.com/kubernetes/enhancements/blob/master/keps/sig-node/753-sidecar-containers/README.md#summary).", + "properties": { + "args": { + "description": "Args Arguments to call the command.", + "items": { + "type": "string" + }, + "type": "array" + }, + "command": { + "description": "Command command for the additional container.", + "items": { + "type": "string" + }, + "type": "array" + }, + "containerName": { + "description": "ContainerName name of the additional container.", + "type": "string" + }, + "env": { + "description": "Env Environment variables for the additional container.", + "items": { + "description": "EnvVar represents an environment variable present in a Container.", + "properties": { + "name": { + "description": "Name of the environment variable. Must be a C_IDENTIFIER.", + "type": "string" + }, + "value": { + "description": "Variable references $(VAR_NAME) are expanded using the previously defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to \"\".", + "type": "string" + }, + "valueFrom": { + "description": "Source for the environment variable's value. Cannot be used if value is not empty.", + "properties": { + "configMapKeyRef": { + "description": "Selects a key of a ConfigMap.", + "properties": { + "key": { + "description": "The key to select.", + "type": "string" + }, + "name": { + "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?", + "type": "string" + }, + "optional": { + "description": "Specify whether the ConfigMap or its key must be defined", + "type": "boolean" + } + }, + "required": [ + "key" + ], + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "fieldRef": { + "description": "Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs.", + "properties": { + "apiVersion": { + "description": "Version of the schema the FieldPath is written in terms of, defaults to \"v1\".", + "type": "string" + }, + "fieldPath": { + "description": "Path of the field to select in the specified API version.", + "type": "string" + } + }, + "required": [ + "fieldPath" + ], + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "resourceFieldRef": { + "description": "Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported.", + "properties": { + "containerName": { + "description": "Container name: required for volumes, optional for env vars", + "type": "string" + }, + "divisor": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "description": "Specifies the output format of the exposed resources, defaults to \"1\"", + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "resource": { + "description": "Required: resource to select", + "type": "string" + } + }, + "required": [ + "resource" + ], + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "secretKeyRef": { + "description": "Selects a key of a secret in the pod's namespace", + "properties": { + "key": { + "description": "The key of the secret to select from. Must be a valid secret key.", + "type": "string" + }, + "name": { + "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?", + "type": "string" + }, + "optional": { + "description": "Specify whether the Secret or its key must be defined", + "type": "boolean" + } + }, + "required": [ + "key" + ], + "type": "object", + "x-kubernetes-map-type": "atomic" + } + }, + "type": "object" + } + }, + "required": [ + "name" + ], + "type": "object" + }, + "type": "array" + }, + "envFrom": { + "description": "EnvFrom Extra environment variables from remote source (ConfigMaps, Secrets...).", + "items": { + "description": "EnvFromSource represents the source of a set of ConfigMaps", + "properties": { + "configMapRef": { + "description": "The ConfigMap to select from", + "properties": { + "name": { + "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?", + "type": "string" + }, + "optional": { + "description": "Specify whether the ConfigMap must be defined", + "type": "boolean" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "prefix": { + "description": "An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER.", + "type": "string" + }, + "secretRef": { + "description": "The Secret to select from", + "properties": { + "name": { + "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?", + "type": "string" + }, + "optional": { + "description": "Specify whether the Secret must be defined", + "type": "boolean" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + } + }, + "type": "object" + }, + "type": "array" + }, + "image": { + "description": "Image Image of the additional container.", + "type": "string" + }, + "imagePullPolicy": { + "description": "ImagePullPolicy If not present, will be taken from top level spec.", + "type": "string" + }, + "resources": { + "description": "Resources Kubernetes Native `resources` specification.", + "properties": { + "claims": { + "description": "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers.", + "items": { + "description": "ResourceClaim references one entry in PodSpec.ResourceClaims.", + "properties": { + "name": { + "description": "Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container.", + "type": "string" + } + }, + "required": [ + "name" + ], + "type": "object" + }, + "type": "array", + "x-kubernetes-list-map-keys": [ + "name" + ], + "x-kubernetes-list-type": "map" + }, + "limits": { + "additionalProperties": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "description": "Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/", + "type": "object" + }, + "requests": { + "additionalProperties": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "description": "Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/", + "type": "object" + } + }, + "type": "object" + }, + "runAsInit": { + "description": "RunAsInit indicate whether this should be an init container.", + "type": "boolean" + }, + "securityContext": { + "description": "ContainerSecurityContext If not present, will be taken from top level pod.", + "properties": { + "allowPrivilegeEscalation": { + "description": "AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN Note that this field cannot be set when spec.os.name is windows.", + "type": "boolean" + }, + "capabilities": { + "description": "The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. Note that this field cannot be set when spec.os.name is windows.", + "properties": { + "add": { + "description": "Added capabilities", + "items": { + "description": "Capability represent POSIX capabilities type", + "type": "string" + }, + "type": "array" + }, + "drop": { + "description": "Removed capabilities", + "items": { + "description": "Capability represent POSIX capabilities type", + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + }, + "privileged": { + "description": "Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. Note that this field cannot be set when spec.os.name is windows.", + "type": "boolean" + }, + "procMount": { + "description": "procMount denotes the type of proc mount to use for the containers. The default is DefaultProcMount which uses the container runtime defaults for readonly paths and masked paths. This requires the ProcMountType feature flag to be enabled. Note that this field cannot be set when spec.os.name is windows.", + "type": "string" + }, + "readOnlyRootFilesystem": { + "description": "Whether this container has a read-only root filesystem. Default is false. Note that this field cannot be set when spec.os.name is windows.", + "type": "boolean" + }, + "runAsGroup": { + "description": "The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows.", + "format": "int64", + "type": "integer" + }, + "runAsNonRoot": { + "description": "Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.", + "type": "boolean" + }, + "runAsUser": { + "description": "The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows.", + "format": "int64", + "type": "integer" + }, + "seLinuxOptions": { + "description": "The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows.", + "properties": { + "level": { + "description": "Level is SELinux level label that applies to the container.", + "type": "string" + }, + "role": { + "description": "Role is a SELinux role label that applies to the container.", + "type": "string" + }, + "type": { + "description": "Type is a SELinux type label that applies to the container.", + "type": "string" + }, + "user": { + "description": "User is a SELinux user label that applies to the container.", + "type": "string" + } + }, + "type": "object" + }, + "seccompProfile": { + "description": "The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows.", + "properties": { + "localhostProfile": { + "description": "localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must only be set if type is \"Localhost\".", + "type": "string" + }, + "type": { + "description": "type indicates which kind of seccomp profile will be applied. Valid options are: \n Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied.", + "type": "string" + } + }, + "required": [ + "type" + ], + "type": "object" + }, + "windowsOptions": { + "description": "The Windows specific settings applied to all containers. If unspecified, the options from the PodSecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is linux.", + "properties": { + "gmsaCredentialSpec": { + "description": "GMSACredentialSpec is where the GMSA admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the GMSA credential spec named by the GMSACredentialSpecName field.", + "type": "string" + }, + "gmsaCredentialSpecName": { + "description": "GMSACredentialSpecName is the name of the GMSA credential spec to use.", + "type": "string" + }, + "hostProcess": { + "description": "HostProcess determines if a container should be run as a 'Host Process' container. This field is alpha-level and will only be honored by components that enable the WindowsHostProcessContainers feature flag. Setting this field without the feature flag will result in errors when validating the Pod. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.", + "type": "boolean" + }, + "runAsUserName": { + "description": "The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.", + "type": "string" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "volumeMounts": { + "description": "VolumeMounts Kubernetes Native `VolumeMount` specification.", + "items": { + "description": "VolumeMount describes a mounting of a Volume within a container.", + "properties": { + "mountPath": { + "description": "Path within the container at which the volume should be mounted. Must not contain ':'.", + "type": "string" + }, + "mountPropagation": { + "description": "mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationNone is used. This field is beta in 1.10.", + "type": "string" + }, + "name": { + "description": "This must match the Name of a Volume.", + "type": "string" + }, + "readOnly": { + "description": "Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false.", + "type": "boolean" + }, + "subPath": { + "description": "Path within the volume from which the container's volume should be mounted. Defaults to \"\" (volume's root).", + "type": "string" + }, + "subPathExpr": { + "description": "Expanded path within the volume from which the container's volume should be mounted. Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. Defaults to \"\" (volume's root). SubPathExpr and SubPath are mutually exclusive.", + "type": "string" + } + }, + "required": [ + "mountPath", + "name" + ], + "type": "object" + }, + "type": "array" + } + }, + "required": [ + "command", + "containerName", + "image" + ], + "type": "object" + }, + "type": "array" + }, + "affinity": { + "description": "Affinity Kubernetes native `affinity` specification.", + "properties": { + "nodeAffinity": { + "description": "Describes node affinity scheduling rules for the pod.", + "properties": { + "preferredDuringSchedulingIgnoredDuringExecution": { + "description": "The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding \"weight\" to the sum if the node matches the corresponding matchExpressions; the node(s) with the highest sum are the most preferred.", + "items": { + "description": "An empty preferred scheduling term matches all objects with implicit weight 0 (i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op).", + "properties": { + "preference": { + "description": "A node selector term, associated with the corresponding weight.", + "properties": { + "matchExpressions": { + "description": "A list of node selector requirements by node's labels.", + "items": { + "description": "A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values.", + "properties": { + "key": { + "description": "The label key that the selector applies to.", + "type": "string" + }, + "operator": { + "description": "Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.", + "type": "string" + }, + "values": { + "description": "An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array" + }, + "matchFields": { + "description": "A list of node selector requirements by node's fields.", + "items": { + "description": "A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values.", + "properties": { + "key": { + "description": "The label key that the selector applies to.", + "type": "string" + }, + "operator": { + "description": "Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.", + "type": "string" + }, + "values": { + "description": "An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "weight": { + "description": "Weight associated with matching the corresponding nodeSelectorTerm, in the range 1-100.", + "format": "int32", + "type": "integer" + } + }, + "required": [ + "preference", + "weight" + ], + "type": "object" + }, + "type": "array" + }, + "requiredDuringSchedulingIgnoredDuringExecution": { + "description": "If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to an update), the system may or may not try to eventually evict the pod from its node.", + "properties": { + "nodeSelectorTerms": { + "description": "Required. A list of node selector terms. The terms are ORed.", + "items": { + "description": "A null or empty node selector term matches no objects. The requirements of them are ANDed. The TopologySelectorTerm type implements a subset of the NodeSelectorTerm.", + "properties": { + "matchExpressions": { + "description": "A list of node selector requirements by node's labels.", + "items": { + "description": "A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values.", + "properties": { + "key": { + "description": "The label key that the selector applies to.", + "type": "string" + }, + "operator": { + "description": "Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.", + "type": "string" + }, + "values": { + "description": "An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array" + }, + "matchFields": { + "description": "A list of node selector requirements by node's fields.", + "items": { + "description": "A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values.", + "properties": { + "key": { + "description": "The label key that the selector applies to.", + "type": "string" + }, + "operator": { + "description": "Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.", + "type": "string" + }, + "values": { + "description": "An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "type": "array" + } + }, + "required": [ + "nodeSelectorTerms" + ], + "type": "object", + "x-kubernetes-map-type": "atomic" + } + }, + "type": "object" + }, + "podAffinity": { + "description": "Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s)).", + "properties": { + "preferredDuringSchedulingIgnoredDuringExecution": { + "description": "The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding \"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred.", + "items": { + "description": "The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s)", + "properties": { + "podAffinityTerm": { + "description": "Required. A pod affinity term, associated with the corresponding weight.", + "properties": { + "labelSelector": { + "description": "A label query over a set of resources, in this case pods.", + "properties": { + "matchExpressions": { + "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", + "items": { + "description": "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.", + "properties": { + "key": { + "description": "key is the label key that the selector applies to.", + "type": "string" + }, + "operator": { + "description": "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.", + "type": "string" + }, + "values": { + "description": "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array" + }, + "matchLabels": { + "additionalProperties": { + "type": "string" + }, + "description": "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", + "type": "object" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "namespaceSelector": { + "description": "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means \"this pod's namespace\". An empty selector ({}) matches all namespaces.", + "properties": { + "matchExpressions": { + "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", + "items": { + "description": "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.", + "properties": { + "key": { + "description": "key is the label key that the selector applies to.", + "type": "string" + }, + "operator": { + "description": "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.", + "type": "string" + }, + "values": { + "description": "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array" + }, + "matchLabels": { + "additionalProperties": { + "type": "string" + }, + "description": "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", + "type": "object" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "namespaces": { + "description": "namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means \"this pod's namespace\".", + "items": { + "type": "string" + }, + "type": "array" + }, + "topologyKey": { + "description": "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed.", + "type": "string" + } + }, + "required": [ + "topologyKey" + ], + "type": "object" + }, + "weight": { + "description": "weight associated with matching the corresponding podAffinityTerm, in the range 1-100.", + "format": "int32", + "type": "integer" + } + }, + "required": [ + "podAffinityTerm", + "weight" + ], + "type": "object" + }, + "type": "array" + }, + "requiredDuringSchedulingIgnoredDuringExecution": { + "description": "If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied.", + "items": { + "description": "Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running", + "properties": { + "labelSelector": { + "description": "A label query over a set of resources, in this case pods.", + "properties": { + "matchExpressions": { + "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", + "items": { + "description": "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.", + "properties": { + "key": { + "description": "key is the label key that the selector applies to.", + "type": "string" + }, + "operator": { + "description": "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.", + "type": "string" + }, + "values": { + "description": "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array" + }, + "matchLabels": { + "additionalProperties": { + "type": "string" + }, + "description": "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", + "type": "object" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "namespaceSelector": { + "description": "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means \"this pod's namespace\". An empty selector ({}) matches all namespaces.", + "properties": { + "matchExpressions": { + "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", + "items": { + "description": "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.", + "properties": { + "key": { + "description": "key is the label key that the selector applies to.", + "type": "string" + }, + "operator": { + "description": "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.", + "type": "string" + }, + "values": { + "description": "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array" + }, + "matchLabels": { + "additionalProperties": { + "type": "string" + }, + "description": "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", + "type": "object" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "namespaces": { + "description": "namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means \"this pod's namespace\".", + "items": { + "type": "string" + }, + "type": "array" + }, + "topologyKey": { + "description": "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed.", + "type": "string" + } + }, + "required": [ + "topologyKey" + ], + "type": "object" + }, + "type": "array" + } + }, + "type": "object" + }, + "podAntiAffinity": { + "description": "Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s)).", + "properties": { + "preferredDuringSchedulingIgnoredDuringExecution": { + "description": "The scheduler will prefer to schedule pods to nodes that satisfy the anti-affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling anti-affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding \"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred.", + "items": { + "description": "The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s)", + "properties": { + "podAffinityTerm": { + "description": "Required. A pod affinity term, associated with the corresponding weight.", + "properties": { + "labelSelector": { + "description": "A label query over a set of resources, in this case pods.", + "properties": { + "matchExpressions": { + "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", + "items": { + "description": "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.", + "properties": { + "key": { + "description": "key is the label key that the selector applies to.", + "type": "string" + }, + "operator": { + "description": "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.", + "type": "string" + }, + "values": { + "description": "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array" + }, + "matchLabels": { + "additionalProperties": { + "type": "string" + }, + "description": "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", + "type": "object" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "namespaceSelector": { + "description": "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means \"this pod's namespace\". An empty selector ({}) matches all namespaces.", + "properties": { + "matchExpressions": { + "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", + "items": { + "description": "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.", + "properties": { + "key": { + "description": "key is the label key that the selector applies to.", + "type": "string" + }, + "operator": { + "description": "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.", + "type": "string" + }, + "values": { + "description": "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array" + }, + "matchLabels": { + "additionalProperties": { + "type": "string" + }, + "description": "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", + "type": "object" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "namespaces": { + "description": "namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means \"this pod's namespace\".", + "items": { + "type": "string" + }, + "type": "array" + }, + "topologyKey": { + "description": "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed.", + "type": "string" + } + }, + "required": [ + "topologyKey" + ], + "type": "object" + }, + "weight": { + "description": "weight associated with matching the corresponding podAffinityTerm, in the range 1-100.", + "format": "int32", + "type": "integer" + } + }, + "required": [ + "podAffinityTerm", + "weight" + ], + "type": "object" + }, + "type": "array" + }, + "requiredDuringSchedulingIgnoredDuringExecution": { + "description": "If the anti-affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the anti-affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied.", + "items": { + "description": "Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running", + "properties": { + "labelSelector": { + "description": "A label query over a set of resources, in this case pods.", + "properties": { + "matchExpressions": { + "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", + "items": { + "description": "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.", + "properties": { + "key": { + "description": "key is the label key that the selector applies to.", + "type": "string" + }, + "operator": { + "description": "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.", + "type": "string" + }, + "values": { + "description": "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array" + }, + "matchLabels": { + "additionalProperties": { + "type": "string" + }, + "description": "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", + "type": "object" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "namespaceSelector": { + "description": "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means \"this pod's namespace\". An empty selector ({}) matches all namespaces.", + "properties": { + "matchExpressions": { + "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", + "items": { + "description": "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.", + "properties": { + "key": { + "description": "key is the label key that the selector applies to.", + "type": "string" + }, + "operator": { + "description": "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.", + "type": "string" + }, + "values": { + "description": "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array" + }, + "matchLabels": { + "additionalProperties": { + "type": "string" + }, + "description": "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", + "type": "object" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "namespaces": { + "description": "namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means \"this pod's namespace\".", + "items": { + "type": "string" + }, + "type": "array" + }, + "topologyKey": { + "description": "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed.", + "type": "string" + } + }, + "required": [ + "topologyKey" + ], + "type": "object" + }, + "type": "array" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "containerSecurityContext": { + "description": "ContainerSecurityContext", + "properties": { + "allowPrivilegeEscalation": { + "description": "AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN Note that this field cannot be set when spec.os.name is windows.", + "type": "boolean" + }, + "capabilities": { + "description": "The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. Note that this field cannot be set when spec.os.name is windows.", + "properties": { + "add": { + "description": "Added capabilities", + "items": { + "description": "Capability represent POSIX capabilities type", + "type": "string" + }, + "type": "array" + }, + "drop": { + "description": "Removed capabilities", + "items": { + "description": "Capability represent POSIX capabilities type", + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + }, + "privileged": { + "description": "Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. Note that this field cannot be set when spec.os.name is windows.", + "type": "boolean" + }, + "procMount": { + "description": "procMount denotes the type of proc mount to use for the containers. The default is DefaultProcMount which uses the container runtime defaults for readonly paths and masked paths. This requires the ProcMountType feature flag to be enabled. Note that this field cannot be set when spec.os.name is windows.", + "type": "string" + }, + "readOnlyRootFilesystem": { + "description": "Whether this container has a read-only root filesystem. Default is false. Note that this field cannot be set when spec.os.name is windows.", + "type": "boolean" + }, + "runAsGroup": { + "description": "The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows.", + "format": "int64", + "type": "integer" + }, + "runAsNonRoot": { + "description": "Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.", + "type": "boolean" + }, + "runAsUser": { + "description": "The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows.", + "format": "int64", + "type": "integer" + }, + "seLinuxOptions": { + "description": "The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows.", + "properties": { + "level": { + "description": "Level is SELinux level label that applies to the container.", + "type": "string" + }, + "role": { + "description": "Role is a SELinux role label that applies to the container.", + "type": "string" + }, + "type": { + "description": "Type is a SELinux type label that applies to the container.", + "type": "string" + }, + "user": { + "description": "User is a SELinux user label that applies to the container.", + "type": "string" + } + }, + "type": "object" + }, + "seccompProfile": { + "description": "The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows.", + "properties": { + "localhostProfile": { + "description": "localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must only be set if type is \"Localhost\".", + "type": "string" + }, + "type": { + "description": "type indicates which kind of seccomp profile will be applied. Valid options are: \n Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied.", + "type": "string" + } + }, + "required": [ + "type" + ], + "type": "object" + }, + "windowsOptions": { + "description": "The Windows specific settings applied to all containers. If unspecified, the options from the PodSecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is linux.", + "properties": { + "gmsaCredentialSpec": { + "description": "GMSACredentialSpec is where the GMSA admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the GMSA credential spec named by the GMSACredentialSpecName field.", + "type": "string" + }, + "gmsaCredentialSpecName": { + "description": "GMSACredentialSpecName is the name of the GMSA credential spec to use.", + "type": "string" + }, + "hostProcess": { + "description": "HostProcess determines if a container should be run as a 'Host Process' container. This field is alpha-level and will only be honored by components that enable the WindowsHostProcessContainers feature flag. Setting this field without the feature flag will result in errors when validating the Pod. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.", + "type": "boolean" + }, + "runAsUserName": { + "description": "The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.", + "type": "string" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "druid.port": { + "description": "DruidPort Used by the `Druid` process.", + "format": "int32", + "type": "integer" + }, + "env": { + "description": "Env Environment variables for druid containers.", + "items": { + "description": "EnvVar represents an environment variable present in a Container.", + "properties": { + "name": { + "description": "Name of the environment variable. Must be a C_IDENTIFIER.", + "type": "string" + }, + "value": { + "description": "Variable references $(VAR_NAME) are expanded using the previously defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to \"\".", + "type": "string" + }, + "valueFrom": { + "description": "Source for the environment variable's value. Cannot be used if value is not empty.", + "properties": { + "configMapKeyRef": { + "description": "Selects a key of a ConfigMap.", + "properties": { + "key": { + "description": "The key to select.", + "type": "string" + }, + "name": { + "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?", + "type": "string" + }, + "optional": { + "description": "Specify whether the ConfigMap or its key must be defined", + "type": "boolean" + } + }, + "required": [ + "key" + ], + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "fieldRef": { + "description": "Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs.", + "properties": { + "apiVersion": { + "description": "Version of the schema the FieldPath is written in terms of, defaults to \"v1\".", + "type": "string" + }, + "fieldPath": { + "description": "Path of the field to select in the specified API version.", + "type": "string" + } + }, + "required": [ + "fieldPath" + ], + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "resourceFieldRef": { + "description": "Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported.", + "properties": { + "containerName": { + "description": "Container name: required for volumes, optional for env vars", + "type": "string" + }, + "divisor": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "description": "Specifies the output format of the exposed resources, defaults to \"1\"", + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "resource": { + "description": "Required: resource to select", + "type": "string" + } + }, + "required": [ + "resource" + ], + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "secretKeyRef": { + "description": "Selects a key of a secret in the pod's namespace", + "properties": { + "key": { + "description": "The key of the secret to select from. Must be a valid secret key.", + "type": "string" + }, + "name": { + "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?", + "type": "string" + }, + "optional": { + "description": "Specify whether the Secret or its key must be defined", + "type": "boolean" + } + }, + "required": [ + "key" + ], + "type": "object", + "x-kubernetes-map-type": "atomic" + } + }, + "type": "object" + } + }, + "required": [ + "name" + ], + "type": "object" + }, + "type": "array" + }, + "envFrom": { + "description": "EnvFrom Extra environment variables from remote source (ConfigMaps, Secrets...).", + "items": { + "description": "EnvFromSource represents the source of a set of ConfigMaps", + "properties": { + "configMapRef": { + "description": "The ConfigMap to select from", + "properties": { + "name": { + "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?", + "type": "string" + }, + "optional": { + "description": "Specify whether the ConfigMap must be defined", + "type": "boolean" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "prefix": { + "description": "An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER.", + "type": "string" + }, + "secretRef": { + "description": "The Secret to select from", + "properties": { + "name": { + "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?", + "type": "string" + }, + "optional": { + "description": "Specify whether the Secret must be defined", + "type": "boolean" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + } + }, + "type": "object" + }, + "type": "array" + }, + "extra.jvm.options": { + "description": "ExtraJvmOptions Appends extra jvm options to the `JvmOptions` field.", + "type": "string" + }, + "hpAutoscaler": { + "description": "HPAutoScaler Kubernetes Native `HorizontalPodAutoscaler` specification.", + "properties": { + "behavior": { + "description": "behavior configures the scaling behavior of the target in both Up and Down directions (scaleUp and scaleDown fields respectively). If not set, the default HPAScalingRules for scale up and scale down are used.", + "properties": { + "scaleDown": { + "description": "scaleDown is scaling policy for scaling Down. If not set, the default value is to allow to scale down to minReplicas pods, with a 300 second stabilization window (i.e., the highest recommendation for the last 300sec is used).", + "properties": { + "policies": { + "description": "policies is a list of potential scaling polices which can be used during scaling. At least one policy must be specified, otherwise the HPAScalingRules will be discarded as invalid", + "items": { + "description": "HPAScalingPolicy is a single policy which must hold true for a specified past interval.", + "properties": { + "periodSeconds": { + "description": "periodSeconds specifies the window of time for which the policy should hold true. PeriodSeconds must be greater than zero and less than or equal to 1800 (30 min).", + "format": "int32", + "type": "integer" + }, + "type": { + "description": "type is used to specify the scaling policy.", + "type": "string" + }, + "value": { + "description": "value contains the amount of change which is permitted by the policy. It must be greater than zero", + "format": "int32", + "type": "integer" + } + }, + "required": [ + "periodSeconds", + "type", + "value" + ], + "type": "object" + }, + "type": "array", + "x-kubernetes-list-type": "atomic" + }, + "selectPolicy": { + "description": "selectPolicy is used to specify which policy should be used. If not set, the default value Max is used.", + "type": "string" + }, + "stabilizationWindowSeconds": { + "description": "stabilizationWindowSeconds is the number of seconds for which past recommendations should be considered while scaling up or scaling down. StabilizationWindowSeconds must be greater than or equal to zero and less than or equal to 3600 (one hour). If not set, use the default values: - For scale up: 0 (i.e. no stabilization is done). - For scale down: 300 (i.e. the stabilization window is 300 seconds long).", + "format": "int32", + "type": "integer" + } + }, + "type": "object" + }, + "scaleUp": { + "description": "scaleUp is scaling policy for scaling Up. If not set, the default value is the higher of: * increase no more than 4 pods per 60 seconds * double the number of pods per 60 seconds No stabilization is used.", + "properties": { + "policies": { + "description": "policies is a list of potential scaling polices which can be used during scaling. At least one policy must be specified, otherwise the HPAScalingRules will be discarded as invalid", + "items": { + "description": "HPAScalingPolicy is a single policy which must hold true for a specified past interval.", + "properties": { + "periodSeconds": { + "description": "periodSeconds specifies the window of time for which the policy should hold true. PeriodSeconds must be greater than zero and less than or equal to 1800 (30 min).", + "format": "int32", + "type": "integer" + }, + "type": { + "description": "type is used to specify the scaling policy.", + "type": "string" + }, + "value": { + "description": "value contains the amount of change which is permitted by the policy. It must be greater than zero", + "format": "int32", + "type": "integer" + } + }, + "required": [ + "periodSeconds", + "type", + "value" + ], + "type": "object" + }, + "type": "array", + "x-kubernetes-list-type": "atomic" + }, + "selectPolicy": { + "description": "selectPolicy is used to specify which policy should be used. If not set, the default value Max is used.", + "type": "string" + }, + "stabilizationWindowSeconds": { + "description": "stabilizationWindowSeconds is the number of seconds for which past recommendations should be considered while scaling up or scaling down. StabilizationWindowSeconds must be greater than or equal to zero and less than or equal to 3600 (one hour). If not set, use the default values: - For scale up: 0 (i.e. no stabilization is done). - For scale down: 300 (i.e. the stabilization window is 300 seconds long).", + "format": "int32", + "type": "integer" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "maxReplicas": { + "description": "maxReplicas is the upper limit for the number of replicas to which the autoscaler can scale up. It cannot be less that minReplicas.", + "format": "int32", + "type": "integer" + }, + "metrics": { + "description": "metrics contains the specifications for which to use to calculate the desired replica count (the maximum replica count across all metrics will be used). The desired replica count is calculated multiplying the ratio between the target value and the current value by the current number of pods. Ergo, metrics used must decrease as the pod count is increased, and vice-versa. See the individual metric source types for more information about how each type of metric must respond. If not set, the default metric will be set to 80% average CPU utilization.", + "items": { + "description": "MetricSpec specifies how to scale based on a single metric (only `type` and one other matching field should be set at once).", + "properties": { + "containerResource": { + "description": "containerResource refers to a resource metric (such as those specified in requests and limits) known to Kubernetes describing a single container in each pod of the current scale target (e.g. CPU or memory). Such metrics are built in to Kubernetes, and have special scaling options on top of those available to normal per-pod metrics using the \"pods\" source. This is an alpha feature and can be enabled by the HPAContainerMetrics feature flag.", + "properties": { + "container": { + "description": "container is the name of the container in the pods of the scaling target", + "type": "string" + }, + "name": { + "description": "name is the name of the resource in question.", + "type": "string" + }, + "target": { + "description": "target specifies the target value for the given metric", + "properties": { + "averageUtilization": { + "description": "averageUtilization is the target value of the average of the resource metric across all relevant pods, represented as a percentage of the requested value of the resource for the pods. Currently only valid for Resource metric source type", + "format": "int32", + "type": "integer" + }, + "averageValue": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "description": "averageValue is the target value of the average of the metric across all relevant pods (as a quantity)", + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "type": { + "description": "type represents whether the metric type is Utilization, Value, or AverageValue", + "type": "string" + }, + "value": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "description": "value is the target value of the metric (as a quantity).", + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + } + }, + "required": [ + "type" + ], + "type": "object" + } + }, + "required": [ + "container", + "name", + "target" + ], + "type": "object" + }, + "external": { + "description": "external refers to a global metric that is not associated with any Kubernetes object. It allows autoscaling based on information coming from components running outside of cluster (for example length of queue in cloud messaging service, or QPS from loadbalancer running outside of cluster).", + "properties": { + "metric": { + "description": "metric identifies the target metric by name and selector", + "properties": { + "name": { + "description": "name is the name of the given metric", + "type": "string" + }, + "selector": { + "description": "selector is the string-encoded form of a standard kubernetes label selector for the given metric When set, it is passed as an additional parameter to the metrics server for more specific metrics scoping. When unset, just the metricName will be used to gather metrics.", + "properties": { + "matchExpressions": { + "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", + "items": { + "description": "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.", + "properties": { + "key": { + "description": "key is the label key that the selector applies to.", + "type": "string" + }, + "operator": { + "description": "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.", + "type": "string" + }, + "values": { + "description": "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array" + }, + "matchLabels": { + "additionalProperties": { + "type": "string" + }, + "description": "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", + "type": "object" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + } + }, + "required": [ + "name" + ], + "type": "object" + }, + "target": { + "description": "target specifies the target value for the given metric", + "properties": { + "averageUtilization": { + "description": "averageUtilization is the target value of the average of the resource metric across all relevant pods, represented as a percentage of the requested value of the resource for the pods. Currently only valid for Resource metric source type", + "format": "int32", + "type": "integer" + }, + "averageValue": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "description": "averageValue is the target value of the average of the metric across all relevant pods (as a quantity)", + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "type": { + "description": "type represents whether the metric type is Utilization, Value, or AverageValue", + "type": "string" + }, + "value": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "description": "value is the target value of the metric (as a quantity).", + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + } + }, + "required": [ + "type" + ], + "type": "object" + } + }, + "required": [ + "metric", + "target" + ], + "type": "object" + }, + "object": { + "description": "object refers to a metric describing a single kubernetes object (for example, hits-per-second on an Ingress object).", + "properties": { + "describedObject": { + "description": "describedObject specifies the descriptions of a object,such as kind,name apiVersion", + "properties": { + "apiVersion": { + "description": "apiVersion is the API version of the referent", + "type": "string" + }, + "kind": { + "description": "kind is the kind of the referent; More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", + "type": "string" + }, + "name": { + "description": "name is the name of the referent; More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names", + "type": "string" + } + }, + "required": [ + "kind", + "name" + ], + "type": "object" + }, + "metric": { + "description": "metric identifies the target metric by name and selector", + "properties": { + "name": { + "description": "name is the name of the given metric", + "type": "string" + }, + "selector": { + "description": "selector is the string-encoded form of a standard kubernetes label selector for the given metric When set, it is passed as an additional parameter to the metrics server for more specific metrics scoping. When unset, just the metricName will be used to gather metrics.", + "properties": { + "matchExpressions": { + "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", + "items": { + "description": "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.", + "properties": { + "key": { + "description": "key is the label key that the selector applies to.", + "type": "string" + }, + "operator": { + "description": "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.", + "type": "string" + }, + "values": { + "description": "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array" + }, + "matchLabels": { + "additionalProperties": { + "type": "string" + }, + "description": "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", + "type": "object" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + } + }, + "required": [ + "name" + ], + "type": "object" + }, + "target": { + "description": "target specifies the target value for the given metric", + "properties": { + "averageUtilization": { + "description": "averageUtilization is the target value of the average of the resource metric across all relevant pods, represented as a percentage of the requested value of the resource for the pods. Currently only valid for Resource metric source type", + "format": "int32", + "type": "integer" + }, + "averageValue": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "description": "averageValue is the target value of the average of the metric across all relevant pods (as a quantity)", + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "type": { + "description": "type represents whether the metric type is Utilization, Value, or AverageValue", + "type": "string" + }, + "value": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "description": "value is the target value of the metric (as a quantity).", + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + } + }, + "required": [ + "type" + ], + "type": "object" + } + }, + "required": [ + "describedObject", + "metric", + "target" + ], + "type": "object" + }, + "pods": { + "description": "pods refers to a metric describing each pod in the current scale target (for example, transactions-processed-per-second). The values will be averaged together before being compared to the target value.", + "properties": { + "metric": { + "description": "metric identifies the target metric by name and selector", + "properties": { + "name": { + "description": "name is the name of the given metric", + "type": "string" + }, + "selector": { + "description": "selector is the string-encoded form of a standard kubernetes label selector for the given metric When set, it is passed as an additional parameter to the metrics server for more specific metrics scoping. When unset, just the metricName will be used to gather metrics.", + "properties": { + "matchExpressions": { + "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", + "items": { + "description": "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.", + "properties": { + "key": { + "description": "key is the label key that the selector applies to.", + "type": "string" + }, + "operator": { + "description": "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.", + "type": "string" + }, + "values": { + "description": "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array" + }, + "matchLabels": { + "additionalProperties": { + "type": "string" + }, + "description": "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", + "type": "object" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + } + }, + "required": [ + "name" + ], + "type": "object" + }, + "target": { + "description": "target specifies the target value for the given metric", + "properties": { + "averageUtilization": { + "description": "averageUtilization is the target value of the average of the resource metric across all relevant pods, represented as a percentage of the requested value of the resource for the pods. Currently only valid for Resource metric source type", + "format": "int32", + "type": "integer" + }, + "averageValue": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "description": "averageValue is the target value of the average of the metric across all relevant pods (as a quantity)", + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "type": { + "description": "type represents whether the metric type is Utilization, Value, or AverageValue", + "type": "string" + }, + "value": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "description": "value is the target value of the metric (as a quantity).", + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + } + }, + "required": [ + "type" + ], + "type": "object" + } + }, + "required": [ + "metric", + "target" + ], + "type": "object" + }, + "resource": { + "description": "resource refers to a resource metric (such as those specified in requests and limits) known to Kubernetes describing each pod in the current scale target (e.g. CPU or memory). Such metrics are built in to Kubernetes, and have special scaling options on top of those available to normal per-pod metrics using the \"pods\" source.", + "properties": { + "name": { + "description": "name is the name of the resource in question.", + "type": "string" + }, + "target": { + "description": "target specifies the target value for the given metric", + "properties": { + "averageUtilization": { + "description": "averageUtilization is the target value of the average of the resource metric across all relevant pods, represented as a percentage of the requested value of the resource for the pods. Currently only valid for Resource metric source type", + "format": "int32", + "type": "integer" + }, + "averageValue": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "description": "averageValue is the target value of the average of the metric across all relevant pods (as a quantity)", + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "type": { + "description": "type represents whether the metric type is Utilization, Value, or AverageValue", + "type": "string" + }, + "value": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "description": "value is the target value of the metric (as a quantity).", + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + } + }, + "required": [ + "type" + ], + "type": "object" + } + }, + "required": [ + "name", + "target" + ], + "type": "object" + }, + "type": { + "description": "type is the type of metric source. It should be one of \"ContainerResource\", \"External\", \"Object\", \"Pods\" or \"Resource\", each mapping to a matching field in the object. Note: \"ContainerResource\" type is available on when the feature-gate HPAContainerMetrics is enabled", + "type": "string" + } + }, + "required": [ + "type" + ], + "type": "object" + }, + "type": "array", + "x-kubernetes-list-type": "atomic" + }, + "minReplicas": { + "description": "minReplicas is the lower limit for the number of replicas to which the autoscaler can scale down. It defaults to 1 pod. minReplicas is allowed to be 0 if the alpha feature gate HPAScaleToZero is enabled and at least one Object or External metric is configured. Scaling is active as long as at least one metric value is available.", + "format": "int32", + "type": "integer" + }, + "scaleTargetRef": { + "description": "scaleTargetRef points to the target resource to scale, and is used to the pods for which metrics should be collected, as well as to actually change the replica count.", + "properties": { + "apiVersion": { + "description": "apiVersion is the API version of the referent", + "type": "string" + }, + "kind": { + "description": "kind is the kind of the referent; More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", + "type": "string" + }, + "name": { + "description": "name is the name of the referent; More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names", + "type": "string" + } + }, + "required": [ + "kind", + "name" + ], + "type": "object" + } + }, + "required": [ + "maxReplicas", + "scaleTargetRef" + ], + "type": "object" + }, + "image": { + "description": "Image Overrides image from top level, Required if no image specified at top level.", + "type": "string" + }, + "imagePullPolicy": { + "description": "ImagePullPolicy Overrides `imagePullPolicy` from top level.", + "type": "string" + }, + "imagePullSecrets": { + "description": "ImagePullSecrets Overrides `imagePullSecrets` from top level.", + "items": { + "description": "LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace.", + "properties": { + "name": { + "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?", + "type": "string" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "type": "array" + }, + "ingress": { + "description": "Ingress Kubernetes Native `Ingress` specification.", + "properties": { + "defaultBackend": { + "description": "defaultBackend is the backend that should handle requests that don't match any rule. If Rules are not specified, DefaultBackend must be specified. If DefaultBackend is not set, the handling of requests that do not match any of the rules will be up to the Ingress controller.", + "properties": { + "resource": { + "description": "resource is an ObjectRef to another Kubernetes resource in the namespace of the Ingress object. If resource is specified, a service.Name and service.Port must not be specified. This is a mutually exclusive setting with \"Service\".", + "properties": { + "apiGroup": { + "description": "APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required.", + "type": "string" + }, + "kind": { + "description": "Kind is the type of resource being referenced", + "type": "string" + }, + "name": { + "description": "Name is the name of resource being referenced", + "type": "string" + } + }, + "required": [ + "kind", + "name" + ], + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "service": { + "description": "service references a service as a backend. This is a mutually exclusive setting with \"Resource\".", + "properties": { + "name": { + "description": "name is the referenced service. The service must exist in the same namespace as the Ingress object.", + "type": "string" + }, + "port": { + "description": "port of the referenced service. A port name or port number is required for a IngressServiceBackend.", + "properties": { + "name": { + "description": "name is the name of the port on the Service. This is a mutually exclusive setting with \"Number\".", + "type": "string" + }, + "number": { + "description": "number is the numerical port number (e.g. 80) on the Service. This is a mutually exclusive setting with \"Name\".", + "format": "int32", + "type": "integer" + } + }, + "type": "object" + } + }, + "required": [ + "name" + ], + "type": "object" + } + }, + "type": "object" + }, + "ingressClassName": { + "description": "ingressClassName is the name of an IngressClass cluster resource. Ingress controller implementations use this field to know whether they should be serving this Ingress resource, by a transitive connection (controller -> IngressClass -> Ingress resource). Although the `kubernetes.io/ingress.class` annotation (simple constant name) was never formally defined, it was widely supported by Ingress controllers to create a direct binding between Ingress controller and Ingress resources. Newly created Ingress resources should prefer using the field. However, even though the annotation is officially deprecated, for backwards compatibility reasons, ingress controllers should still honor that annotation if present.", + "type": "string" + }, + "rules": { + "description": "rules is a list of host rules used to configure the Ingress. If unspecified, or no rule matches, all traffic is sent to the default backend.", + "items": { + "description": "IngressRule represents the rules mapping the paths under a specified host to the related backend services. Incoming requests are first evaluated for a host match, then routed to the backend associated with the matching IngressRuleValue.", + "properties": { + "host": { + "description": "host is the fully qualified domain name of a network host, as defined by RFC 3986. Note the following deviations from the \"host\" part of the URI as defined in RFC 3986: 1. IPs are not allowed. Currently an IngressRuleValue can only apply to the IP in the Spec of the parent Ingress. 2. The `:` delimiter is not respected because ports are not allowed. Currently the port of an Ingress is implicitly :80 for http and :443 for https. Both these may change in the future. Incoming requests are matched against the host before the IngressRuleValue. If the host is unspecified, the Ingress routes all traffic based on the specified IngressRuleValue. \n host can be \"precise\" which is a domain name without the terminating dot of a network host (e.g. \"foo.bar.com\") or \"wildcard\", which is a domain name prefixed with a single wildcard label (e.g. \"*.foo.com\"). The wildcard character '*' must appear by itself as the first DNS label and matches only a single label. You cannot have a wildcard label by itself (e.g. Host == \"*\"). Requests will be matched against the Host field in the following way: 1. If host is precise, the request matches this rule if the http host header is equal to Host. 2. If host is a wildcard, then the request matches this rule if the http host header is to equal to the suffix (removing the first label) of the wildcard rule.", + "type": "string" + }, + "http": { + "description": "HTTPIngressRuleValue is a list of http selectors pointing to backends. In the example: http:///? -> backend where where parts of the url correspond to RFC 3986, this resource will be used to match against everything after the last '/' and before the first '?' or '#'.", + "properties": { + "paths": { + "description": "paths is a collection of paths that map requests to backends.", + "items": { + "description": "HTTPIngressPath associates a path with a backend. Incoming urls matching the path are forwarded to the backend.", + "properties": { + "backend": { + "description": "backend defines the referenced service endpoint to which the traffic will be forwarded to.", + "properties": { + "resource": { + "description": "resource is an ObjectRef to another Kubernetes resource in the namespace of the Ingress object. If resource is specified, a service.Name and service.Port must not be specified. This is a mutually exclusive setting with \"Service\".", + "properties": { + "apiGroup": { + "description": "APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required.", + "type": "string" + }, + "kind": { + "description": "Kind is the type of resource being referenced", + "type": "string" + }, + "name": { + "description": "Name is the name of resource being referenced", + "type": "string" + } + }, + "required": [ + "kind", + "name" + ], + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "service": { + "description": "service references a service as a backend. This is a mutually exclusive setting with \"Resource\".", + "properties": { + "name": { + "description": "name is the referenced service. The service must exist in the same namespace as the Ingress object.", + "type": "string" + }, + "port": { + "description": "port of the referenced service. A port name or port number is required for a IngressServiceBackend.", + "properties": { + "name": { + "description": "name is the name of the port on the Service. This is a mutually exclusive setting with \"Number\".", + "type": "string" + }, + "number": { + "description": "number is the numerical port number (e.g. 80) on the Service. This is a mutually exclusive setting with \"Name\".", + "format": "int32", + "type": "integer" + } + }, + "type": "object" + } + }, + "required": [ + "name" + ], + "type": "object" + } + }, + "type": "object" + }, + "path": { + "description": "path is matched against the path of an incoming request. Currently it can contain characters disallowed from the conventional \"path\" part of a URL as defined by RFC 3986. Paths must begin with a '/' and must be present when using PathType with value \"Exact\" or \"Prefix\".", + "type": "string" + }, + "pathType": { + "description": "pathType determines the interpretation of the path matching. PathType can be one of the following values: * Exact: Matches the URL path exactly. * Prefix: Matches based on a URL path prefix split by '/'. Matching is done on a path element by element basis. A path element refers is the list of labels in the path split by the '/' separator. A request is a match for path p if every p is an element-wise prefix of p of the request path. Note that if the last element of the path is a substring of the last element in request path, it is not a match (e.g. /foo/bar matches /foo/bar/baz, but does not match /foo/barbaz). * ImplementationSpecific: Interpretation of the Path matching is up to the IngressClass. Implementations can treat this as a separate PathType or treat it identically to Prefix or Exact path types. Implementations are required to support all path types.", + "type": "string" + } + }, + "required": [ + "backend", + "pathType" + ], + "type": "object" + }, + "type": "array", + "x-kubernetes-list-type": "atomic" + } + }, + "required": [ + "paths" + ], + "type": "object" + } + }, + "type": "object" + }, + "type": "array", + "x-kubernetes-list-type": "atomic" + }, + "tls": { + "description": "tls represents the TLS configuration. Currently the Ingress only supports a single TLS port, 443. If multiple members of this list specify different hosts, they will be multiplexed on the same port according to the hostname specified through the SNI TLS extension, if the ingress controller fulfilling the ingress supports SNI.", + "items": { + "description": "IngressTLS describes the transport layer security associated with an ingress.", + "properties": { + "hosts": { + "description": "hosts is a list of hosts included in the TLS certificate. The values in this list must match the name/s used in the tlsSecret. Defaults to the wildcard host setting for the loadbalancer controller fulfilling this Ingress, if left unspecified.", + "items": { + "type": "string" + }, + "type": "array", + "x-kubernetes-list-type": "atomic" + }, + "secretName": { + "description": "secretName is the name of the secret used to terminate TLS traffic on port 443. Field is left optional to allow TLS routing based on SNI hostname alone. If the SNI host in a listener conflicts with the \"Host\" header field used by an IngressRule, the SNI host is used for termination and value of the \"Host\" header is used for routing.", + "type": "string" + } + }, + "type": "object" + }, + "type": "array", + "x-kubernetes-list-type": "atomic" + } + }, + "type": "object" + }, + "ingressAnnotations": { + "additionalProperties": { + "type": "string" + }, + "description": "IngressAnnotations `Ingress` annotations to be populated in ingress spec.", + "type": "object" + }, + "jvm.options": { + "description": "JvmOptions overrides `JvmOptions` at top level.", + "type": "string" + }, + "kind": { + "default": "StatefulSet", + "description": "Kind Can be StatefulSet or Deployment. Note: volumeClaimTemplates are ignored when kind=Deployment", + "type": "string" + }, + "lifecycle": { + "description": "Lifecycle", + "properties": { + "postStart": { + "description": "PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks", + "properties": { + "exec": { + "description": "Exec specifies the action to take.", + "properties": { + "command": { + "description": "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + }, + "httpGet": { + "description": "HTTPGet specifies the http request to perform.", + "properties": { + "host": { + "description": "Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead.", + "type": "string" + }, + "httpHeaders": { + "description": "Custom headers to set in the request. HTTP allows repeated headers.", + "items": { + "description": "HTTPHeader describes a custom header to be used in HTTP probes", + "properties": { + "name": { + "description": "The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.", + "type": "string" + }, + "value": { + "description": "The header field value", + "type": "string" + } + }, + "required": [ + "name", + "value" + ], + "type": "object" + }, + "type": "array" + }, + "path": { + "description": "Path to access on the HTTP server.", + "type": "string" + }, + "port": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "description": "Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.", + "x-kubernetes-int-or-string": true + }, + "scheme": { + "description": "Scheme to use for connecting to the host. Defaults to HTTP.", + "type": "string" + } + }, + "required": [ + "port" + ], + "type": "object" + }, + "tcpSocket": { + "description": "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified.", + "properties": { + "host": { + "description": "Optional: Host name to connect to, defaults to the pod IP.", + "type": "string" + }, + "port": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "description": "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.", + "x-kubernetes-int-or-string": true + } + }, + "required": [ + "port" + ], + "type": "object" + } + }, + "type": "object" + }, + "preStop": { + "description": "PreStop is called immediately before a container is terminated due to an API request or management event such as liveness/startup probe failure, preemption, resource contention, etc. The handler is not called if the container crashes or exits. The Pod's termination grace period countdown begins before the PreStop hook is executed. Regardless of the outcome of the handler, the container will eventually terminate within the Pod's termination grace period (unless delayed by finalizers). Other management of the container blocks until the hook completes or until the termination grace period is reached. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks", + "properties": { + "exec": { + "description": "Exec specifies the action to take.", + "properties": { + "command": { + "description": "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + }, + "httpGet": { + "description": "HTTPGet specifies the http request to perform.", + "properties": { + "host": { + "description": "Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead.", + "type": "string" + }, + "httpHeaders": { + "description": "Custom headers to set in the request. HTTP allows repeated headers.", + "items": { + "description": "HTTPHeader describes a custom header to be used in HTTP probes", + "properties": { + "name": { + "description": "The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.", + "type": "string" + }, + "value": { + "description": "The header field value", + "type": "string" + } + }, + "required": [ + "name", + "value" + ], + "type": "object" + }, + "type": "array" + }, + "path": { + "description": "Path to access on the HTTP server.", + "type": "string" + }, + "port": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "description": "Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.", + "x-kubernetes-int-or-string": true + }, + "scheme": { + "description": "Scheme to use for connecting to the host. Defaults to HTTP.", + "type": "string" + } + }, + "required": [ + "port" + ], + "type": "object" + }, + "tcpSocket": { + "description": "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified.", + "properties": { + "host": { + "description": "Optional: Host name to connect to, defaults to the pod IP.", + "type": "string" + }, + "port": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "description": "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.", + "x-kubernetes-int-or-string": true + } + }, + "required": [ + "port" + ], + "type": "object" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "livenessProbe": { + "description": "LivenessProbe Port is set to `druid.port` if not specified with httpGet handler.", + "properties": { + "exec": { + "description": "Exec specifies the action to take.", + "properties": { + "command": { + "description": "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + }, + "failureThreshold": { + "description": "Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.", + "format": "int32", + "type": "integer" + }, + "grpc": { + "description": "GRPC specifies an action involving a GRPC port.", + "properties": { + "port": { + "description": "Port number of the gRPC service. Number must be in the range 1 to 65535.", + "format": "int32", + "type": "integer" + }, + "service": { + "description": "Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). \n If this is not specified, the default behavior is defined by gRPC.", + "type": "string" + } + }, + "required": [ + "port" + ], + "type": "object" + }, + "httpGet": { + "description": "HTTPGet specifies the http request to perform.", + "properties": { + "host": { + "description": "Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead.", + "type": "string" + }, + "httpHeaders": { + "description": "Custom headers to set in the request. HTTP allows repeated headers.", + "items": { + "description": "HTTPHeader describes a custom header to be used in HTTP probes", + "properties": { + "name": { + "description": "The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.", + "type": "string" + }, + "value": { + "description": "The header field value", + "type": "string" + } + }, + "required": [ + "name", + "value" + ], + "type": "object" + }, + "type": "array" + }, + "path": { + "description": "Path to access on the HTTP server.", + "type": "string" + }, + "port": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "description": "Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.", + "x-kubernetes-int-or-string": true + }, + "scheme": { + "description": "Scheme to use for connecting to the host. Defaults to HTTP.", + "type": "string" + } + }, + "required": [ + "port" + ], + "type": "object" + }, + "initialDelaySeconds": { + "description": "Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes", + "format": "int32", + "type": "integer" + }, + "periodSeconds": { + "description": "How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1.", + "format": "int32", + "type": "integer" + }, + "successThreshold": { + "description": "Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1.", + "format": "int32", + "type": "integer" + }, + "tcpSocket": { + "description": "TCPSocket specifies an action involving a TCP port.", + "properties": { + "host": { + "description": "Optional: Host name to connect to, defaults to the pod IP.", + "type": "string" + }, + "port": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "description": "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.", + "x-kubernetes-int-or-string": true + } + }, + "required": [ + "port" + ], + "type": "object" + }, + "terminationGracePeriodSeconds": { + "description": "Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset.", + "format": "int64", + "type": "integer" + }, + "timeoutSeconds": { + "description": "Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes", + "format": "int32", + "type": "integer" + } + }, + "type": "object" + }, + "log4j.config": { + "description": "Log4jConfig Overrides `Log4jConfig` at top level.", + "type": "string" + }, + "maxSurge": { + "description": "MaxSurge For Deployment object only. Set to 25% by default.", + "format": "int32", + "type": "integer" + }, + "maxUnavailable": { + "description": "MaxUnavailable For deployment object only. Set to 25% by default", + "format": "int32", + "type": "integer" + }, + "nodeConfigMountPath": { + "description": "NodeConfigMountPath in-container directory to mount with runtime.properties, jvm.config, log4j2.xml files.", + "type": "string" + }, + "nodeSelector": { + "additionalProperties": { + "type": "string" + }, + "description": "NodeSelector Kubernetes native `nodeSelector` specification.", + "type": "object" + }, + "nodeType": { + "description": "NodeDruid `Druid` node type.", + "enum": [ + "historical", + "overlord", + "middleManager", + "indexer", + "broker", + "coordinator", + "router" + ], + "type": "string" + }, + "persistentVolumeClaim": { + "description": "VolumeClaimTemplates Kubernetes Native `VolumeClaimTemplate` specification.", + "items": { + "description": "PersistentVolumeClaim is a user's request for and claim to a persistent volume", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", + "type": "string" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "description": "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata", + "properties": { + "annotations": { + "additionalProperties": { + "type": "string" + }, + "type": "object" + }, + "finalizers": { + "items": { + "type": "string" + }, + "type": "array" + }, + "labels": { + "additionalProperties": { + "type": "string" + }, + "type": "object" + }, + "name": { + "type": "string" + }, + "namespace": { + "type": "string" + } + }, + "type": "object" + }, + "spec": { + "description": "spec defines the desired characteristics of a volume requested by a pod author. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims", + "properties": { + "accessModes": { + "description": "accessModes contains the desired access modes the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1", + "items": { + "type": "string" + }, + "type": "array" + }, + "dataSource": { + "description": "dataSource field can be used to specify either: * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) * An existing PVC (PersistentVolumeClaim) If the provisioner or an external controller can support the specified data source, it will create a new volume based on the contents of the specified data source. When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. If the namespace is specified, then dataSourceRef will not be copied to dataSource.", + "properties": { + "apiGroup": { + "description": "APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required.", + "type": "string" + }, + "kind": { + "description": "Kind is the type of resource being referenced", + "type": "string" + }, + "name": { + "description": "Name is the name of resource being referenced", + "type": "string" + } + }, + "required": [ + "kind", + "name" + ], + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "dataSourceRef": { + "description": "dataSourceRef specifies the object from which to populate the volume with data, if a non-empty volume is desired. This may be any object from a non-empty API group (non core object) or a PersistentVolumeClaim object. When this field is specified, volume binding will only succeed if the type of the specified object matches some installed volume populator or dynamic provisioner. This field will replace the functionality of the dataSource field and as such if both fields are non-empty, they must have the same value. For backwards compatibility, when namespace isn't specified in dataSourceRef, both fields (dataSource and dataSourceRef) will be set to the same value automatically if one of them is empty and the other is non-empty. When namespace is specified in dataSourceRef, dataSource isn't set to the same value and must be empty. There are three important differences between dataSource and dataSourceRef: * While dataSource only allows two specific types of objects, dataSourceRef allows any non-core object, as well as PersistentVolumeClaim objects. * While dataSource ignores disallowed values (dropping them), dataSourceRef preserves all values, and generates an error if a disallowed value is specified. * While dataSource only allows local objects, dataSourceRef allows objects in any namespaces. (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled.", + "properties": { + "apiGroup": { + "description": "APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required.", + "type": "string" + }, + "kind": { + "description": "Kind is the type of resource being referenced", + "type": "string" + }, + "name": { + "description": "Name is the name of resource being referenced", + "type": "string" + }, + "namespace": { + "description": "Namespace is the namespace of resource being referenced Note that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details. (Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled.", + "type": "string" + } + }, + "required": [ + "kind", + "name" + ], + "type": "object" + }, + "resources": { + "description": "resources represents the minimum resources the volume should have. If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements that are lower than previous value but must still be higher than capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources", + "properties": { + "claims": { + "description": "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers.", + "items": { + "description": "ResourceClaim references one entry in PodSpec.ResourceClaims.", + "properties": { + "name": { + "description": "Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container.", + "type": "string" + } + }, + "required": [ + "name" + ], + "type": "object" + }, + "type": "array", + "x-kubernetes-list-map-keys": [ + "name" + ], + "x-kubernetes-list-type": "map" + }, + "limits": { + "additionalProperties": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "description": "Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/", + "type": "object" + }, + "requests": { + "additionalProperties": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "description": "Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/", + "type": "object" + } + }, + "type": "object" + }, + "selector": { + "description": "selector is a label query over volumes to consider for binding.", + "properties": { + "matchExpressions": { + "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", + "items": { + "description": "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.", + "properties": { + "key": { + "description": "key is the label key that the selector applies to.", + "type": "string" + }, + "operator": { + "description": "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.", + "type": "string" + }, + "values": { + "description": "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array" + }, + "matchLabels": { + "additionalProperties": { + "type": "string" + }, + "description": "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", + "type": "object" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "storageClassName": { + "description": "storageClassName is the name of the StorageClass required by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1", + "type": "string" + }, + "volumeMode": { + "description": "volumeMode defines what type of volume is required by the claim. Value of Filesystem is implied when not included in claim spec.", + "type": "string" + }, + "volumeName": { + "description": "volumeName is the binding reference to the PersistentVolume backing this claim.", + "type": "string" + } + }, + "type": "object" + }, + "status": { + "description": "status represents the current information/status of a persistent volume claim. Read-only. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims", + "properties": { + "accessModes": { + "description": "accessModes contains the actual access modes the volume backing the PVC has. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1", + "items": { + "type": "string" + }, + "type": "array" + }, + "allocatedResources": { + "additionalProperties": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "description": "allocatedResources is the storage resource within AllocatedResources tracks the capacity allocated to a PVC. It may be larger than the actual capacity when a volume expansion operation is requested. For storage quota, the larger value from allocatedResources and PVC.spec.resources is used. If allocatedResources is not set, PVC.spec.resources alone is used for quota calculation. If a volume expansion capacity request is lowered, allocatedResources is only lowered if there are no expansion operations in progress and if the actual volume capacity is equal or lower than the requested capacity. This is an alpha field and requires enabling RecoverVolumeExpansionFailure feature.", + "type": "object" + }, + "capacity": { + "additionalProperties": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "description": "capacity represents the actual resources of the underlying volume.", + "type": "object" + }, + "conditions": { + "description": "conditions is the current Condition of persistent volume claim. If underlying persistent volume is being resized then the Condition will be set to 'ResizeStarted'.", + "items": { + "description": "PersistentVolumeClaimCondition contains details about state of pvc", + "properties": { + "lastProbeTime": { + "description": "lastProbeTime is the time we probed the condition.", + "format": "date-time", + "type": "string" + }, + "lastTransitionTime": { + "description": "lastTransitionTime is the time the condition transitioned from one status to another.", + "format": "date-time", + "type": "string" + }, + "message": { + "description": "message is the human-readable message indicating details about last transition.", + "type": "string" + }, + "reason": { + "description": "reason is a unique, this should be a short, machine understandable string that gives the reason for condition's last transition. If it reports \"ResizeStarted\" that means the underlying persistent volume is being resized.", + "type": "string" + }, + "status": { + "type": "string" + }, + "type": { + "description": "PersistentVolumeClaimConditionType is a valid value of PersistentVolumeClaimCondition.Type", + "type": "string" + } + }, + "required": [ + "status", + "type" + ], + "type": "object" + }, + "type": "array" + }, + "phase": { + "description": "phase represents the current phase of PersistentVolumeClaim.", + "type": "string" + }, + "resizeStatus": { + "description": "resizeStatus stores status of resize operation. ResizeStatus is not set by default but when expansion is complete resizeStatus is set to empty string by resize controller or kubelet. This is an alpha field and requires enabling RecoverVolumeExpansionFailure feature.", + "type": "string" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "type": "array" + }, + "podAnnotations": { + "additionalProperties": { + "type": "string" + }, + "description": "PodAnnotations Custom annotation to be populated in the workload's pods.", + "type": "object" + }, + "podDisruptionBudgetSpec": { + "description": "PodDisruptionBudgetSpec Kubernetes native `podDisruptionBudget` specification.", + "properties": { + "maxUnavailable": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "description": "An eviction is allowed if at most \"maxUnavailable\" pods selected by \"selector\" are unavailable after the eviction, i.e. even in absence of the evicted pod. For example, one can prevent all voluntary evictions by specifying 0. This is a mutually exclusive setting with \"minAvailable\".", + "x-kubernetes-int-or-string": true + }, + "minAvailable": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "description": "An eviction is allowed if at least \"minAvailable\" pods selected by \"selector\" will still be available after the eviction, i.e. even in the absence of the evicted pod. So for example you can prevent all voluntary evictions by specifying \"100%\".", + "x-kubernetes-int-or-string": true + }, + "selector": { + "description": "Label query over pods whose evictions are managed by the disruption budget. A null selector will match no pods, while an empty ({}) selector will select all pods within the namespace.", + "properties": { + "matchExpressions": { + "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", + "items": { + "description": "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.", + "properties": { + "key": { + "description": "key is the label key that the selector applies to.", + "type": "string" + }, + "operator": { + "description": "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.", + "type": "string" + }, + "values": { + "description": "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array" + }, + "matchLabels": { + "additionalProperties": { + "type": "string" + }, + "description": "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", + "type": "object" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "unhealthyPodEvictionPolicy": { + "description": "UnhealthyPodEvictionPolicy defines the criteria for when unhealthy pods should be considered for eviction. Current implementation considers healthy pods, as pods that have status.conditions item with type=\"Ready\",status=\"True\". \n Valid policies are IfHealthyBudget and AlwaysAllow. If no policy is specified, the default behavior will be used, which corresponds to the IfHealthyBudget policy. \n IfHealthyBudget policy means that running pods (status.phase=\"Running\"), but not yet healthy can be evicted only if the guarded application is not disrupted (status.currentHealthy is at least equal to status.desiredHealthy). Healthy pods will be subject to the PDB for eviction. \n AlwaysAllow policy means that all running pods (status.phase=\"Running\"), but not yet healthy are considered disrupted and can be evicted regardless of whether the criteria in a PDB is met. This means perspective running pods of a disrupted application might not get a chance to become healthy. Healthy pods will be subject to the PDB for eviction. \n Additional policies may be added in the future. Clients making eviction decisions should disallow eviction of unhealthy pods if they encounter an unrecognized policy in this field. \n This field is beta-level. The eviction API uses this field when the feature gate PDBUnhealthyPodEvictionPolicy is enabled (enabled by default).", + "type": "string" + } + }, + "type": "object" + }, + "podLabels": { + "additionalProperties": { + "type": "string" + }, + "description": "PodLabels Custom labels to be populated in the workload's pods.", + "type": "object" + }, + "podManagementPolicy": { + "default": "Parallel", + "description": "PodManagementPolicy", + "type": "string" + }, + "ports": { + "description": "Ports Extra ports to be added to pod spec.", + "items": { + "description": "ContainerPort represents a network port in a single container.", + "properties": { + "containerPort": { + "description": "Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536.", + "format": "int32", + "type": "integer" + }, + "hostIP": { + "description": "What host IP to bind the external port to.", + "type": "string" + }, + "hostPort": { + "description": "Number of port to expose on the host. If specified, this must be a valid port number, 0 < x < 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this.", + "format": "int32", + "type": "integer" + }, + "name": { + "description": "If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services.", + "type": "string" + }, + "protocol": { + "default": "TCP", + "description": "Protocol for port. Must be UDP, TCP, or SCTP. Defaults to \"TCP\".", + "type": "string" + } + }, + "required": [ + "containerPort" + ], + "type": "object" + }, + "type": "array" + }, + "priorityClassName": { + "description": "PriorityClassName Kubernetes native `priorityClassName` specification.", + "type": "string" + }, + "readinessProbe": { + "description": "ReadinessProbe Port is set to `druid.port` if not specified with httpGet handler.", + "properties": { + "exec": { + "description": "Exec specifies the action to take.", + "properties": { + "command": { + "description": "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + }, + "failureThreshold": { + "description": "Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.", + "format": "int32", + "type": "integer" + }, + "grpc": { + "description": "GRPC specifies an action involving a GRPC port.", + "properties": { + "port": { + "description": "Port number of the gRPC service. Number must be in the range 1 to 65535.", + "format": "int32", + "type": "integer" + }, + "service": { + "description": "Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). \n If this is not specified, the default behavior is defined by gRPC.", + "type": "string" + } + }, + "required": [ + "port" + ], + "type": "object" + }, + "httpGet": { + "description": "HTTPGet specifies the http request to perform.", + "properties": { + "host": { + "description": "Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead.", + "type": "string" + }, + "httpHeaders": { + "description": "Custom headers to set in the request. HTTP allows repeated headers.", + "items": { + "description": "HTTPHeader describes a custom header to be used in HTTP probes", + "properties": { + "name": { + "description": "The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.", + "type": "string" + }, + "value": { + "description": "The header field value", + "type": "string" + } + }, + "required": [ + "name", + "value" + ], + "type": "object" + }, + "type": "array" + }, + "path": { + "description": "Path to access on the HTTP server.", + "type": "string" + }, + "port": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "description": "Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.", + "x-kubernetes-int-or-string": true + }, + "scheme": { + "description": "Scheme to use for connecting to the host. Defaults to HTTP.", + "type": "string" + } + }, + "required": [ + "port" + ], + "type": "object" + }, + "initialDelaySeconds": { + "description": "Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes", + "format": "int32", + "type": "integer" + }, + "periodSeconds": { + "description": "How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1.", + "format": "int32", + "type": "integer" + }, + "successThreshold": { + "description": "Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1.", + "format": "int32", + "type": "integer" + }, + "tcpSocket": { + "description": "TCPSocket specifies an action involving a TCP port.", + "properties": { + "host": { + "description": "Optional: Host name to connect to, defaults to the pod IP.", + "type": "string" + }, + "port": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "description": "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.", + "x-kubernetes-int-or-string": true + } + }, + "required": [ + "port" + ], + "type": "object" + }, + "terminationGracePeriodSeconds": { + "description": "Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset.", + "format": "int64", + "type": "integer" + }, + "timeoutSeconds": { + "description": "Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes", + "format": "int32", + "type": "integer" + } + }, + "type": "object" + }, + "replicas": { + "description": "Replicas replica of the workload", + "format": "int32", + "minimum": 0, + "type": "integer" + }, + "resources": { + "description": "Resources Kubernetes Native `resources` specification.", + "properties": { + "claims": { + "description": "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers.", + "items": { + "description": "ResourceClaim references one entry in PodSpec.ResourceClaims.", + "properties": { + "name": { + "description": "Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container.", + "type": "string" + } + }, + "required": [ + "name" + ], + "type": "object" + }, + "type": "array", + "x-kubernetes-list-map-keys": [ + "name" + ], + "x-kubernetes-list-type": "map" + }, + "limits": { + "additionalProperties": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "description": "Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/", + "type": "object" + }, + "requests": { + "additionalProperties": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "description": "Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/", + "type": "object" + } + }, + "type": "object" + }, + "runtime.properties": { + "description": "RuntimeProperties Additional runtime configuration for the specific workload.", + "type": "string" + }, + "securityContext": { + "description": "PodSecurityContext Overrides `securityContext` at top level.", + "properties": { + "fsGroup": { + "description": "A special supplemental group that applies to all containers in a pod. Some volume types allow the Kubelet to change the ownership of that volume to be owned by the pod: \n 1. The owning GID will be the FSGroup 2. The setgid bit is set (new files created in the volume will be owned by FSGroup) 3. The permission bits are OR'd with rw-rw---- \n If unset, the Kubelet will not modify the ownership and permissions of any volume. Note that this field cannot be set when spec.os.name is windows.", + "format": "int64", + "type": "integer" + }, + "fsGroupChangePolicy": { + "description": "fsGroupChangePolicy defines behavior of changing ownership and permission of the volume before being exposed inside Pod. This field will only apply to volume types which support fsGroup based ownership(and permissions). It will have no effect on ephemeral volume types such as: secret, configmaps and emptydir. Valid values are \"OnRootMismatch\" and \"Always\". If not specified, \"Always\" is used. Note that this field cannot be set when spec.os.name is windows.", + "type": "string" + }, + "runAsGroup": { + "description": "The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container. Note that this field cannot be set when spec.os.name is windows.", + "format": "int64", + "type": "integer" + }, + "runAsNonRoot": { + "description": "Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.", + "type": "boolean" + }, + "runAsUser": { + "description": "The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container. Note that this field cannot be set when spec.os.name is windows.", + "format": "int64", + "type": "integer" + }, + "seLinuxOptions": { + "description": "The SELinux context to be applied to all containers. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container. Note that this field cannot be set when spec.os.name is windows.", + "properties": { + "level": { + "description": "Level is SELinux level label that applies to the container.", + "type": "string" + }, + "role": { + "description": "Role is a SELinux role label that applies to the container.", + "type": "string" + }, + "type": { + "description": "Type is a SELinux type label that applies to the container.", + "type": "string" + }, + "user": { + "description": "User is a SELinux user label that applies to the container.", + "type": "string" + } + }, + "type": "object" + }, + "seccompProfile": { + "description": "The seccomp options to use by the containers in this pod. Note that this field cannot be set when spec.os.name is windows.", + "properties": { + "localhostProfile": { + "description": "localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must only be set if type is \"Localhost\".", + "type": "string" + }, + "type": { + "description": "type indicates which kind of seccomp profile will be applied. Valid options are: \n Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied.", + "type": "string" + } + }, + "required": [ + "type" + ], + "type": "object" + }, + "supplementalGroups": { + "description": "A list of groups applied to the first process run in each container, in addition to the container's primary GID, the fsGroup (if specified), and group memberships defined in the container image for the uid of the container process. If unspecified, no additional groups are added to any container. Note that group memberships defined in the container image for the uid of the container process are still effective, even if they are not included in this list. Note that this field cannot be set when spec.os.name is windows.", + "items": { + "format": "int64", + "type": "integer" + }, + "type": "array" + }, + "sysctls": { + "description": "Sysctls hold a list of namespaced sysctls used for the pod. Pods with unsupported sysctls (by the container runtime) might fail to launch. Note that this field cannot be set when spec.os.name is windows.", + "items": { + "description": "Sysctl defines a kernel parameter to be set", + "properties": { + "name": { + "description": "Name of a property to set", + "type": "string" + }, + "value": { + "description": "Value of a property to set", + "type": "string" + } + }, + "required": [ + "name", + "value" + ], + "type": "object" + }, + "type": "array" + }, + "windowsOptions": { + "description": "The Windows specific settings applied to all containers. If unspecified, the options within a container's SecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is linux.", + "properties": { + "gmsaCredentialSpec": { + "description": "GMSACredentialSpec is where the GMSA admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the GMSA credential spec named by the GMSACredentialSpecName field.", + "type": "string" + }, + "gmsaCredentialSpecName": { + "description": "GMSACredentialSpecName is the name of the GMSA credential spec to use.", + "type": "string" + }, + "hostProcess": { + "description": "HostProcess determines if a container should be run as a 'Host Process' container. This field is alpha-level and will only be honored by components that enable the WindowsHostProcessContainers feature flag. Setting this field without the feature flag will result in errors when validating the Pod. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.", + "type": "boolean" + }, + "runAsUserName": { + "description": "The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.", + "type": "string" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "services": { + "description": "Services Overrides services at top level.", + "items": { + "description": "Service is a named abstraction of software service (for example, mysql) consisting of local port (for example 3306) that the proxy listens on, and the selector that determines which pods will answer requests sent through the proxy.", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", + "type": "string" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "description": "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata", + "properties": { + "annotations": { + "additionalProperties": { + "type": "string" + }, + "type": "object" + }, + "finalizers": { + "items": { + "type": "string" + }, + "type": "array" + }, + "labels": { + "additionalProperties": { + "type": "string" + }, + "type": "object" + }, + "name": { + "type": "string" + }, + "namespace": { + "type": "string" + } + }, + "type": "object" + }, + "spec": { + "description": "Spec defines the behavior of a service. https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status", + "properties": { + "allocateLoadBalancerNodePorts": { + "description": "allocateLoadBalancerNodePorts defines if NodePorts will be automatically allocated for services with type LoadBalancer. Default is \"true\". It may be set to \"false\" if the cluster load-balancer does not rely on NodePorts. If the caller requests specific NodePorts (by specifying a value), those requests will be respected, regardless of this field. This field may only be set for services with type LoadBalancer and will be cleared if the type is changed to any other type.", + "type": "boolean" + }, + "clusterIP": { + "description": "clusterIP is the IP address of the service and is usually assigned randomly. If an address is specified manually, is in-range (as per system configuration), and is not in use, it will be allocated to the service; otherwise creation of the service will fail. This field may not be changed through updates unless the type field is also being changed to ExternalName (which requires this field to be blank) or the type field is being changed from ExternalName (in which case this field may optionally be specified, as describe above). Valid values are \"None\", empty string (\"\"), or a valid IP address. Setting this to \"None\" makes a \"headless service\" (no virtual IP), which is useful when direct endpoint connections are preferred and proxying is not required. Only applies to types ClusterIP, NodePort, and LoadBalancer. If this field is specified when creating a Service of type ExternalName, creation will fail. This field will be wiped when updating a Service to type ExternalName. More info: https://kubernetes.io/docs/concepts/services-networking/service/#virtual-ips-and-service-proxies", + "type": "string" + }, + "clusterIPs": { + "description": "ClusterIPs is a list of IP addresses assigned to this service, and are usually assigned randomly. If an address is specified manually, is in-range (as per system configuration), and is not in use, it will be allocated to the service; otherwise creation of the service will fail. This field may not be changed through updates unless the type field is also being changed to ExternalName (which requires this field to be empty) or the type field is being changed from ExternalName (in which case this field may optionally be specified, as describe above). Valid values are \"None\", empty string (\"\"), or a valid IP address. Setting this to \"None\" makes a \"headless service\" (no virtual IP), which is useful when direct endpoint connections are preferred and proxying is not required. Only applies to types ClusterIP, NodePort, and LoadBalancer. If this field is specified when creating a Service of type ExternalName, creation will fail. This field will be wiped when updating a Service to type ExternalName. If this field is not specified, it will be initialized from the clusterIP field. If this field is specified, clients must ensure that clusterIPs[0] and clusterIP have the same value. \n This field may hold a maximum of two entries (dual-stack IPs, in either order). These IPs must correspond to the values of the ipFamilies field. Both clusterIPs and ipFamilies are governed by the ipFamilyPolicy field. More info: https://kubernetes.io/docs/concepts/services-networking/service/#virtual-ips-and-service-proxies", + "items": { + "type": "string" + }, + "type": "array", + "x-kubernetes-list-type": "atomic" + }, + "externalIPs": { + "description": "externalIPs is a list of IP addresses for which nodes in the cluster will also accept traffic for this service. These IPs are not managed by Kubernetes. The user is responsible for ensuring that traffic arrives at a node with this IP. A common example is external load-balancers that are not part of the Kubernetes system.", + "items": { + "type": "string" + }, + "type": "array" + }, + "externalName": { + "description": "externalName is the external reference that discovery mechanisms will return as an alias for this service (e.g. a DNS CNAME record). No proxying will be involved. Must be a lowercase RFC-1123 hostname (https://tools.ietf.org/html/rfc1123) and requires `type` to be \"ExternalName\".", + "type": "string" + }, + "externalTrafficPolicy": { + "description": "externalTrafficPolicy describes how nodes distribute service traffic they receive on one of the Service's \"externally-facing\" addresses (NodePorts, ExternalIPs, and LoadBalancer IPs). If set to \"Local\", the proxy will configure the service in a way that assumes that external load balancers will take care of balancing the service traffic between nodes, and so each node will deliver traffic only to the node-local endpoints of the service, without masquerading the client source IP. (Traffic mistakenly sent to a node with no endpoints will be dropped.) The default value, \"Cluster\", uses the standard behavior of routing to all endpoints evenly (possibly modified by topology and other features). Note that traffic sent to an External IP or LoadBalancer IP from within the cluster will always get \"Cluster\" semantics, but clients sending to a NodePort from within the cluster may need to take traffic policy into account when picking a node.", + "type": "string" + }, + "healthCheckNodePort": { + "description": "healthCheckNodePort specifies the healthcheck nodePort for the service. This only applies when type is set to LoadBalancer and externalTrafficPolicy is set to Local. If a value is specified, is in-range, and is not in use, it will be used. If not specified, a value will be automatically allocated. External systems (e.g. load-balancers) can use this port to determine if a given node holds endpoints for this service or not. If this field is specified when creating a Service which does not need it, creation will fail. This field will be wiped when updating a Service to no longer need it (e.g. changing type). This field cannot be updated once set.", + "format": "int32", + "type": "integer" + }, + "internalTrafficPolicy": { + "description": "InternalTrafficPolicy describes how nodes distribute service traffic they receive on the ClusterIP. If set to \"Local\", the proxy will assume that pods only want to talk to endpoints of the service on the same node as the pod, dropping the traffic if there are no local endpoints. The default value, \"Cluster\", uses the standard behavior of routing to all endpoints evenly (possibly modified by topology and other features).", + "type": "string" + }, + "ipFamilies": { + "description": "IPFamilies is a list of IP families (e.g. IPv4, IPv6) assigned to this service. This field is usually assigned automatically based on cluster configuration and the ipFamilyPolicy field. If this field is specified manually, the requested family is available in the cluster, and ipFamilyPolicy allows it, it will be used; otherwise creation of the service will fail. This field is conditionally mutable: it allows for adding or removing a secondary IP family, but it does not allow changing the primary IP family of the Service. Valid values are \"IPv4\" and \"IPv6\". This field only applies to Services of types ClusterIP, NodePort, and LoadBalancer, and does apply to \"headless\" services. This field will be wiped when updating a Service to type ExternalName. \n This field may hold a maximum of two entries (dual-stack families, in either order). These families must correspond to the values of the clusterIPs field, if specified. Both clusterIPs and ipFamilies are governed by the ipFamilyPolicy field.", + "items": { + "description": "IPFamily represents the IP Family (IPv4 or IPv6). This type is used to express the family of an IP expressed by a type (e.g. service.spec.ipFamilies).", + "type": "string" + }, + "type": "array", + "x-kubernetes-list-type": "atomic" + }, + "ipFamilyPolicy": { + "description": "IPFamilyPolicy represents the dual-stack-ness requested or required by this Service. If there is no value provided, then this field will be set to SingleStack. Services can be \"SingleStack\" (a single IP family), \"PreferDualStack\" (two IP families on dual-stack configured clusters or a single IP family on single-stack clusters), or \"RequireDualStack\" (two IP families on dual-stack configured clusters, otherwise fail). The ipFamilies and clusterIPs fields depend on the value of this field. This field will be wiped when updating a service to type ExternalName.", + "type": "string" + }, + "loadBalancerClass": { + "description": "loadBalancerClass is the class of the load balancer implementation this Service belongs to. If specified, the value of this field must be a label-style identifier, with an optional prefix, e.g. \"internal-vip\" or \"example.com/internal-vip\". Unprefixed names are reserved for end-users. This field can only be set when the Service type is 'LoadBalancer'. If not set, the default load balancer implementation is used, today this is typically done through the cloud provider integration, but should apply for any default implementation. If set, it is assumed that a load balancer implementation is watching for Services with a matching class. Any default load balancer implementation (e.g. cloud providers) should ignore Services that set this field. This field can only be set when creating or updating a Service to type 'LoadBalancer'. Once set, it can not be changed. This field will be wiped when a service is updated to a non 'LoadBalancer' type.", + "type": "string" + }, + "loadBalancerIP": { + "description": "Only applies to Service Type: LoadBalancer. This feature depends on whether the underlying cloud-provider supports specifying the loadBalancerIP when a load balancer is created. This field will be ignored if the cloud-provider does not support the feature. Deprecated: This field was under-specified and its meaning varies across implementations, and it cannot support dual-stack. As of Kubernetes v1.24, users are encouraged to use implementation-specific annotations when available. This field may be removed in a future API version.", + "type": "string" + }, + "loadBalancerSourceRanges": { + "description": "If specified and supported by the platform, this will restrict traffic through the cloud-provider load-balancer will be restricted to the specified client IPs. This field will be ignored if the cloud-provider does not support the feature.\" More info: https://kubernetes.io/docs/tasks/access-application-cluster/create-external-load-balancer/", + "items": { + "type": "string" + }, + "type": "array" + }, + "ports": { + "description": "The list of ports that are exposed by this service. More info: https://kubernetes.io/docs/concepts/services-networking/service/#virtual-ips-and-service-proxies", + "items": { + "description": "ServicePort contains information on service's port.", + "properties": { + "appProtocol": { + "description": "The application protocol for this port. This field follows standard Kubernetes label syntax. Un-prefixed names are reserved for IANA standard service names (as per RFC-6335 and https://www.iana.org/assignments/service-names). Non-standard protocols should use prefixed names such as mycompany.com/my-custom-protocol.", + "type": "string" + }, + "name": { + "description": "The name of this port within the service. This must be a DNS_LABEL. All ports within a ServiceSpec must have unique names. When considering the endpoints for a Service, this must match the 'name' field in the EndpointPort. Optional if only one ServicePort is defined on this service.", + "type": "string" + }, + "nodePort": { + "description": "The port on each node on which this service is exposed when type is NodePort or LoadBalancer. Usually assigned by the system. If a value is specified, in-range, and not in use it will be used, otherwise the operation will fail. If not specified, a port will be allocated if this Service requires one. If this field is specified when creating a Service which does not need it, creation will fail. This field will be wiped when updating a Service to no longer need it (e.g. changing type from NodePort to ClusterIP). More info: https://kubernetes.io/docs/concepts/services-networking/service/#type-nodeport", + "format": "int32", + "type": "integer" + }, + "port": { + "description": "The port that will be exposed by this service.", + "format": "int32", + "type": "integer" + }, + "protocol": { + "default": "TCP", + "description": "The IP protocol for this port. Supports \"TCP\", \"UDP\", and \"SCTP\". Default is TCP.", + "type": "string" + }, + "targetPort": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "description": "Number or name of the port to access on the pods targeted by the service. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. If this is a string, it will be looked up as a named port in the target Pod's container ports. If this is not specified, the value of the 'port' field is used (an identity map). This field is ignored for services with clusterIP=None, and should be omitted or set equal to the 'port' field. More info: https://kubernetes.io/docs/concepts/services-networking/service/#defining-a-service", + "x-kubernetes-int-or-string": true + } + }, + "required": [ + "port" + ], + "type": "object" + }, + "type": "array", + "x-kubernetes-list-map-keys": [ + "port", + "protocol" + ], + "x-kubernetes-list-type": "map" + }, + "publishNotReadyAddresses": { + "description": "publishNotReadyAddresses indicates that any agent which deals with endpoints for this Service should disregard any indications of ready/not-ready. The primary use case for setting this field is for a StatefulSet's Headless Service to propagate SRV DNS records for its Pods for the purpose of peer discovery. The Kubernetes controllers that generate Endpoints and EndpointSlice resources for Services interpret this to mean that all endpoints are considered \"ready\" even if the Pods themselves are not. Agents which consume only Kubernetes generated endpoints through the Endpoints or EndpointSlice resources can safely assume this behavior.", + "type": "boolean" + }, + "selector": { + "additionalProperties": { + "type": "string" + }, + "description": "Route service traffic to pods with label keys and values matching this selector. If empty or not present, the service is assumed to have an external process managing its endpoints, which Kubernetes will not modify. Only applies to types ClusterIP, NodePort, and LoadBalancer. Ignored if type is ExternalName. More info: https://kubernetes.io/docs/concepts/services-networking/service/", + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "sessionAffinity": { + "description": "Supports \"ClientIP\" and \"None\". Used to maintain session affinity. Enable client IP based session affinity. Must be ClientIP or None. Defaults to None. More info: https://kubernetes.io/docs/concepts/services-networking/service/#virtual-ips-and-service-proxies", + "type": "string" + }, + "sessionAffinityConfig": { + "description": "sessionAffinityConfig contains the configurations of session affinity.", + "properties": { + "clientIP": { + "description": "clientIP contains the configurations of Client IP based session affinity.", + "properties": { + "timeoutSeconds": { + "description": "timeoutSeconds specifies the seconds of ClientIP type session sticky time. The value must be >0 && <=86400(for 1 day) if ServiceAffinity == \"ClientIP\". Default value is 10800(for 3 hours).", + "format": "int32", + "type": "integer" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "type": { + "description": "type determines how the Service is exposed. Defaults to ClusterIP. Valid options are ExternalName, ClusterIP, NodePort, and LoadBalancer. \"ClusterIP\" allocates a cluster-internal IP address for load-balancing to endpoints. Endpoints are determined by the selector or if that is not specified, by manual construction of an Endpoints object or EndpointSlice objects. If clusterIP is \"None\", no virtual IP is allocated and the endpoints are published as a set of endpoints rather than a virtual IP. \"NodePort\" builds on ClusterIP and allocates a port on every node which routes to the same endpoints as the clusterIP. \"LoadBalancer\" builds on NodePort and creates an external load-balancer (if supported in the current cloud) which routes to the same endpoints as the clusterIP. \"ExternalName\" aliases this service to the specified externalName. Several other fields do not apply to ExternalName services. More info: https://kubernetes.io/docs/concepts/services-networking/service/#publishing-services-service-types", + "type": "string" + } + }, + "type": "object" + }, + "status": { + "description": "Most recently observed status of the service. Populated by the system. Read-only. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status", + "properties": { + "conditions": { + "description": "Current service state", + "items": { + "description": "Condition contains details for one aspect of the current state of this API Resource. --- This struct is intended for direct use as an array at the field path .status.conditions. For example, \n type FooStatus struct{ // Represents the observations of a foo's current state. // Known .status.conditions.type are: \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge // +listType=map // +listMapKey=type Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }", + "properties": { + "lastTransitionTime": { + "description": "lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable.", + "format": "date-time", + "type": "string" + }, + "message": { + "description": "message is a human readable message indicating details about the transition. This may be an empty string.", + "maxLength": 32768, + "type": "string" + }, + "observedGeneration": { + "description": "observedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance.", + "format": "int64", + "minimum": 0, + "type": "integer" + }, + "reason": { + "description": "reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty.", + "maxLength": 1024, + "minLength": 1, + "pattern": "^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$", + "type": "string" + }, + "status": { + "description": "status of the condition, one of True, False, Unknown.", + "enum": [ + "True", + "False", + "Unknown" + ], + "type": "string" + }, + "type": { + "description": "type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)", + "maxLength": 316, + "pattern": "^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$", + "type": "string" + } + }, + "required": [ + "lastTransitionTime", + "message", + "reason", + "status", + "type" + ], + "type": "object" + }, + "type": "array", + "x-kubernetes-list-map-keys": [ + "type" + ], + "x-kubernetes-list-type": "map" + }, + "loadBalancer": { + "description": "LoadBalancer contains the current status of the load-balancer, if one is present.", + "properties": { + "ingress": { + "description": "Ingress is a list containing ingress points for the load-balancer. Traffic intended for the service should be sent to these ingress points.", + "items": { + "description": "LoadBalancerIngress represents the status of a load-balancer ingress point: traffic intended for the service should be sent to an ingress point.", + "properties": { + "hostname": { + "description": "Hostname is set for load-balancer ingress points that are DNS based (typically AWS load-balancers)", + "type": "string" + }, + "ip": { + "description": "IP is set for load-balancer ingress points that are IP based (typically GCE or OpenStack load-balancers)", + "type": "string" + }, + "ports": { + "description": "Ports is a list of records of service ports If used, every port defined in the service should have an entry in it", + "items": { + "properties": { + "error": { + "description": "Error is to record the problem with the service port The format of the error shall comply with the following rules: - built-in error values shall be specified in this file and those shall use CamelCase names - cloud provider specific error values must have names that comply with the format foo.example.com/CamelCase. --- The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)", + "maxLength": 316, + "pattern": "^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$", + "type": "string" + }, + "port": { + "description": "Port is the port number of the service port of which status is recorded here", + "format": "int32", + "type": "integer" + }, + "protocol": { + "default": "TCP", + "description": "Protocol is the protocol of the service port of which status is recorded here The supported values are: \"TCP\", \"UDP\", \"SCTP\"", + "type": "string" + } + }, + "required": [ + "port", + "protocol" + ], + "type": "object" + }, + "type": "array", + "x-kubernetes-list-type": "atomic" + } + }, + "type": "object" + }, + "type": "array" + } + }, + "type": "object" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "type": "array" + }, + "startUpProbe": { + "description": "StartUpProbe", + "properties": { + "exec": { + "description": "Exec specifies the action to take.", + "properties": { + "command": { + "description": "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + }, + "failureThreshold": { + "description": "Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.", + "format": "int32", + "type": "integer" + }, + "grpc": { + "description": "GRPC specifies an action involving a GRPC port.", + "properties": { + "port": { + "description": "Port number of the gRPC service. Number must be in the range 1 to 65535.", + "format": "int32", + "type": "integer" + }, + "service": { + "description": "Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). \n If this is not specified, the default behavior is defined by gRPC.", + "type": "string" + } + }, + "required": [ + "port" + ], + "type": "object" + }, + "httpGet": { + "description": "HTTPGet specifies the http request to perform.", + "properties": { + "host": { + "description": "Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead.", + "type": "string" + }, + "httpHeaders": { + "description": "Custom headers to set in the request. HTTP allows repeated headers.", + "items": { + "description": "HTTPHeader describes a custom header to be used in HTTP probes", + "properties": { + "name": { + "description": "The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.", + "type": "string" + }, + "value": { + "description": "The header field value", + "type": "string" + } + }, + "required": [ + "name", + "value" + ], + "type": "object" + }, + "type": "array" + }, + "path": { + "description": "Path to access on the HTTP server.", + "type": "string" + }, + "port": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "description": "Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.", + "x-kubernetes-int-or-string": true + }, + "scheme": { + "description": "Scheme to use for connecting to the host. Defaults to HTTP.", + "type": "string" + } + }, + "required": [ + "port" + ], + "type": "object" + }, + "initialDelaySeconds": { + "description": "Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes", + "format": "int32", + "type": "integer" + }, + "periodSeconds": { + "description": "How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1.", + "format": "int32", + "type": "integer" + }, + "successThreshold": { + "description": "Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1.", + "format": "int32", + "type": "integer" + }, + "tcpSocket": { + "description": "TCPSocket specifies an action involving a TCP port.", + "properties": { + "host": { + "description": "Optional: Host name to connect to, defaults to the pod IP.", + "type": "string" + }, + "port": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "description": "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.", + "x-kubernetes-int-or-string": true + } + }, + "required": [ + "port" + ], + "type": "object" + }, + "terminationGracePeriodSeconds": { + "description": "Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset.", + "format": "int64", + "type": "integer" + }, + "timeoutSeconds": { + "description": "Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes", + "format": "int32", + "type": "integer" + } + }, + "type": "object" + }, + "terminationGracePeriodSeconds": { + "description": "TerminationGracePeriodSeconds", + "format": "int64", + "type": "integer" + }, + "tolerations": { + "description": "Tolerations Kubernetes native `tolerations` specification.", + "items": { + "description": "The pod this Toleration is attached to tolerates any taint that matches the triple using the matching operator .", + "properties": { + "effect": { + "description": "Effect indicates the taint effect to match. Empty means match all taint effects. When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute.", + "type": "string" + }, + "key": { + "description": "Key is the taint key that the toleration applies to. Empty means match all taint keys. If the key is empty, operator must be Exists; this combination means to match all values and all keys.", + "type": "string" + }, + "operator": { + "description": "Operator represents a key's relationship to the value. Valid operators are Exists and Equal. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category.", + "type": "string" + }, + "tolerationSeconds": { + "description": "TolerationSeconds represents the period of time the toleration (which must be of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, it is not set, which means tolerate the taint forever (do not evict). Zero and negative values will be treated as 0 (evict immediately) by the system.", + "format": "int64", + "type": "integer" + }, + "value": { + "description": "Value is the taint value the toleration matches to. If the operator is Exists, the value should be empty, otherwise just a regular string.", + "type": "string" + } + }, + "type": "object" + }, + "type": "array" + }, + "topologySpreadConstraints": { + "description": "TopologySpreadConstraints Kubernetes Native `topologySpreadConstraints` specification.", + "items": { + "description": "TopologySpreadConstraint specifies how to spread matching pods among the given topology.", + "properties": { + "labelSelector": { + "description": "LabelSelector is used to find matching pods. Pods that match this label selector are counted to determine the number of pods in their corresponding topology domain.", + "properties": { + "matchExpressions": { + "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", + "items": { + "description": "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.", + "properties": { + "key": { + "description": "key is the label key that the selector applies to.", + "type": "string" + }, + "operator": { + "description": "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.", + "type": "string" + }, + "values": { + "description": "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array" + }, + "matchLabels": { + "additionalProperties": { + "type": "string" + }, + "description": "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", + "type": "object" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "matchLabelKeys": { + "description": "MatchLabelKeys is a set of pod label keys to select the pods over which spreading will be calculated. The keys are used to lookup values from the incoming pod labels, those key-value labels are ANDed with labelSelector to select the group of existing pods over which spreading will be calculated for the incoming pod. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. MatchLabelKeys cannot be set when LabelSelector isn't set. Keys that don't exist in the incoming pod labels will be ignored. A null or empty list means only match against labelSelector. \n This is a beta field and requires the MatchLabelKeysInPodTopologySpread feature gate to be enabled (enabled by default).", + "items": { + "type": "string" + }, + "type": "array", + "x-kubernetes-list-type": "atomic" + }, + "maxSkew": { + "description": "MaxSkew describes the degree to which pods may be unevenly distributed. When `whenUnsatisfiable=DoNotSchedule`, it is the maximum permitted difference between the number of matching pods in the target topology and the global minimum. The global minimum is the minimum number of matching pods in an eligible domain or zero if the number of eligible domains is less than MinDomains. For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same labelSelector spread as 2/2/1: In this case, the global minimum is 1. | zone1 | zone2 | zone3 | | P P | P P | P | - if MaxSkew is 1, incoming pod can only be scheduled to zone3 to become 2/2/2; scheduling it onto zone1(zone2) would make the ActualSkew(3-1) on zone1(zone2) violate MaxSkew(1). - if MaxSkew is 2, incoming pod can be scheduled onto any zone. When `whenUnsatisfiable=ScheduleAnyway`, it is used to give higher precedence to topologies that satisfy it. It's a required field. Default value is 1 and 0 is not allowed.", + "format": "int32", + "type": "integer" + }, + "minDomains": { + "description": "MinDomains indicates a minimum number of eligible domains. When the number of eligible domains with matching topology keys is less than minDomains, Pod Topology Spread treats \"global minimum\" as 0, and then the calculation of Skew is performed. And when the number of eligible domains with matching topology keys equals or greater than minDomains, this value has no effect on scheduling. As a result, when the number of eligible domains is less than minDomains, scheduler won't schedule more than maxSkew Pods to those domains. If value is nil, the constraint behaves as if MinDomains is equal to 1. Valid values are integers greater than 0. When value is not nil, WhenUnsatisfiable must be DoNotSchedule. \n For example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same labelSelector spread as 2/2/2: | zone1 | zone2 | zone3 | | P P | P P | P P | The number of domains is less than 5(MinDomains), so \"global minimum\" is treated as 0. In this situation, new pod with the same labelSelector cannot be scheduled, because computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones, it will violate MaxSkew. \n This is a beta field and requires the MinDomainsInPodTopologySpread feature gate to be enabled (enabled by default).", + "format": "int32", + "type": "integer" + }, + "nodeAffinityPolicy": { + "description": "NodeAffinityPolicy indicates how we will treat Pod's nodeAffinity/nodeSelector when calculating pod topology spread skew. Options are: - Honor: only nodes matching nodeAffinity/nodeSelector are included in the calculations. - Ignore: nodeAffinity/nodeSelector are ignored. All nodes are included in the calculations. \n If this value is nil, the behavior is equivalent to the Honor policy. This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag.", + "type": "string" + }, + "nodeTaintsPolicy": { + "description": "NodeTaintsPolicy indicates how we will treat node taints when calculating pod topology spread skew. Options are: - Honor: nodes without taints, along with tainted nodes for which the incoming pod has a toleration, are included. - Ignore: node taints are ignored. All nodes are included. \n If this value is nil, the behavior is equivalent to the Ignore policy. This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag.", + "type": "string" + }, + "topologyKey": { + "description": "TopologyKey is the key of node labels. Nodes that have a label with this key and identical values are considered to be in the same topology. We consider each as a \"bucket\", and try to put balanced number of pods into each bucket. We define a domain as a particular instance of a topology. Also, we define an eligible domain as a domain whose nodes meet the requirements of nodeAffinityPolicy and nodeTaintsPolicy. e.g. If TopologyKey is \"kubernetes.io/hostname\", each Node is a domain of that topology. And, if TopologyKey is \"topology.kubernetes.io/zone\", each zone is a domain of that topology. It's a required field.", + "type": "string" + }, + "whenUnsatisfiable": { + "description": "WhenUnsatisfiable indicates how to deal with a pod if it doesn't satisfy the spread constraint. - DoNotSchedule (default) tells the scheduler not to schedule it. - ScheduleAnyway tells the scheduler to schedule the pod in any location, but giving higher precedence to topologies that would help reduce the skew. A constraint is considered \"Unsatisfiable\" for an incoming pod if and only if every possible node assignment for that pod would violate \"MaxSkew\" on some topology. For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same labelSelector spread as 3/1/1: | zone1 | zone2 | zone3 | | P P P | P | P | If WhenUnsatisfiable is set to DoNotSchedule, incoming pod can only be scheduled to zone2(zone3) to become 3/2/1(3/1/2) as ActualSkew(2-1) on zone2(zone3) satisfies MaxSkew(1). In other words, the cluster can still be imbalanced, but scheduler won't make it *more* imbalanced. It's a required field.", + "type": "string" + } + }, + "required": [ + "maxSkew", + "topologyKey", + "whenUnsatisfiable" + ], + "type": "object" + }, + "type": "array" + }, + "updateStrategy": { + "description": "UpdateStrategy", + "properties": { + "rollingUpdate": { + "description": "RollingUpdate is used to communicate parameters when Type is RollingUpdateStatefulSetStrategyType.", + "properties": { + "maxUnavailable": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "description": "The maximum number of pods that can be unavailable during the update. Value can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%). Absolute number is calculated from percentage by rounding up. This can not be 0. Defaults to 1. This field is alpha-level and is only honored by servers that enable the MaxUnavailableStatefulSet feature. The field applies to all pods in the range 0 to Replicas-1. That means if there is any unavailable pod in the range 0 to Replicas-1, it will be counted towards MaxUnavailable.", + "x-kubernetes-int-or-string": true + }, + "partition": { + "description": "Partition indicates the ordinal at which the StatefulSet should be partitioned for updates. During a rolling update, all pods from ordinal Replicas-1 to Partition are updated. All pods from ordinal Partition-1 to 0 remain untouched. This is helpful in being able to do a canary based deployment. The default value is 0.", + "format": "int32", + "type": "integer" + } + }, + "type": "object" + }, + "type": { + "description": "Type indicates the type of the StatefulSetUpdateStrategy. Default is RollingUpdate.", + "type": "string" + } + }, + "type": "object" + }, + "volumeClaimTemplates": { + "description": "VolumeClaimTemplates Kubernetes Native `volumeClaimTemplates` specification.", + "items": { + "description": "PersistentVolumeClaim is a user's request for and claim to a persistent volume", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", + "type": "string" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "description": "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata", + "properties": { + "annotations": { + "additionalProperties": { + "type": "string" + }, + "type": "object" + }, + "finalizers": { + "items": { + "type": "string" + }, + "type": "array" + }, + "labels": { + "additionalProperties": { + "type": "string" + }, + "type": "object" + }, + "name": { + "type": "string" + }, + "namespace": { + "type": "string" + } + }, + "type": "object" + }, + "spec": { + "description": "spec defines the desired characteristics of a volume requested by a pod author. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims", + "properties": { + "accessModes": { + "description": "accessModes contains the desired access modes the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1", + "items": { + "type": "string" + }, + "type": "array" + }, + "dataSource": { + "description": "dataSource field can be used to specify either: * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) * An existing PVC (PersistentVolumeClaim) If the provisioner or an external controller can support the specified data source, it will create a new volume based on the contents of the specified data source. When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. If the namespace is specified, then dataSourceRef will not be copied to dataSource.", + "properties": { + "apiGroup": { + "description": "APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required.", + "type": "string" + }, + "kind": { + "description": "Kind is the type of resource being referenced", + "type": "string" + }, + "name": { + "description": "Name is the name of resource being referenced", + "type": "string" + } + }, + "required": [ + "kind", + "name" + ], + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "dataSourceRef": { + "description": "dataSourceRef specifies the object from which to populate the volume with data, if a non-empty volume is desired. This may be any object from a non-empty API group (non core object) or a PersistentVolumeClaim object. When this field is specified, volume binding will only succeed if the type of the specified object matches some installed volume populator or dynamic provisioner. This field will replace the functionality of the dataSource field and as such if both fields are non-empty, they must have the same value. For backwards compatibility, when namespace isn't specified in dataSourceRef, both fields (dataSource and dataSourceRef) will be set to the same value automatically if one of them is empty and the other is non-empty. When namespace is specified in dataSourceRef, dataSource isn't set to the same value and must be empty. There are three important differences between dataSource and dataSourceRef: * While dataSource only allows two specific types of objects, dataSourceRef allows any non-core object, as well as PersistentVolumeClaim objects. * While dataSource ignores disallowed values (dropping them), dataSourceRef preserves all values, and generates an error if a disallowed value is specified. * While dataSource only allows local objects, dataSourceRef allows objects in any namespaces. (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled.", + "properties": { + "apiGroup": { + "description": "APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required.", + "type": "string" + }, + "kind": { + "description": "Kind is the type of resource being referenced", + "type": "string" + }, + "name": { + "description": "Name is the name of resource being referenced", + "type": "string" + }, + "namespace": { + "description": "Namespace is the namespace of resource being referenced Note that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details. (Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled.", + "type": "string" + } + }, + "required": [ + "kind", + "name" + ], + "type": "object" + }, + "resources": { + "description": "resources represents the minimum resources the volume should have. If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements that are lower than previous value but must still be higher than capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources", + "properties": { + "claims": { + "description": "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers.", + "items": { + "description": "ResourceClaim references one entry in PodSpec.ResourceClaims.", + "properties": { + "name": { + "description": "Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container.", + "type": "string" + } + }, + "required": [ + "name" + ], + "type": "object" + }, + "type": "array", + "x-kubernetes-list-map-keys": [ + "name" + ], + "x-kubernetes-list-type": "map" + }, + "limits": { + "additionalProperties": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "description": "Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/", + "type": "object" + }, + "requests": { + "additionalProperties": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "description": "Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/", + "type": "object" + } + }, + "type": "object" + }, + "selector": { + "description": "selector is a label query over volumes to consider for binding.", + "properties": { + "matchExpressions": { + "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", + "items": { + "description": "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.", + "properties": { + "key": { + "description": "key is the label key that the selector applies to.", + "type": "string" + }, + "operator": { + "description": "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.", + "type": "string" + }, + "values": { + "description": "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array" + }, + "matchLabels": { + "additionalProperties": { + "type": "string" + }, + "description": "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", + "type": "object" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "storageClassName": { + "description": "storageClassName is the name of the StorageClass required by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1", + "type": "string" + }, + "volumeMode": { + "description": "volumeMode defines what type of volume is required by the claim. Value of Filesystem is implied when not included in claim spec.", + "type": "string" + }, + "volumeName": { + "description": "volumeName is the binding reference to the PersistentVolume backing this claim.", + "type": "string" + } + }, + "type": "object" + }, + "status": { + "description": "status represents the current information/status of a persistent volume claim. Read-only. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims", + "properties": { + "accessModes": { + "description": "accessModes contains the actual access modes the volume backing the PVC has. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1", + "items": { + "type": "string" + }, + "type": "array" + }, + "allocatedResources": { + "additionalProperties": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "description": "allocatedResources is the storage resource within AllocatedResources tracks the capacity allocated to a PVC. It may be larger than the actual capacity when a volume expansion operation is requested. For storage quota, the larger value from allocatedResources and PVC.spec.resources is used. If allocatedResources is not set, PVC.spec.resources alone is used for quota calculation. If a volume expansion capacity request is lowered, allocatedResources is only lowered if there are no expansion operations in progress and if the actual volume capacity is equal or lower than the requested capacity. This is an alpha field and requires enabling RecoverVolumeExpansionFailure feature.", + "type": "object" + }, + "capacity": { + "additionalProperties": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "description": "capacity represents the actual resources of the underlying volume.", + "type": "object" + }, + "conditions": { + "description": "conditions is the current Condition of persistent volume claim. If underlying persistent volume is being resized then the Condition will be set to 'ResizeStarted'.", + "items": { + "description": "PersistentVolumeClaimCondition contains details about state of pvc", + "properties": { + "lastProbeTime": { + "description": "lastProbeTime is the time we probed the condition.", + "format": "date-time", + "type": "string" + }, + "lastTransitionTime": { + "description": "lastTransitionTime is the time the condition transitioned from one status to another.", + "format": "date-time", + "type": "string" + }, + "message": { + "description": "message is the human-readable message indicating details about last transition.", + "type": "string" + }, + "reason": { + "description": "reason is a unique, this should be a short, machine understandable string that gives the reason for condition's last transition. If it reports \"ResizeStarted\" that means the underlying persistent volume is being resized.", + "type": "string" + }, + "status": { + "type": "string" + }, + "type": { + "description": "PersistentVolumeClaimConditionType is a valid value of PersistentVolumeClaimCondition.Type", + "type": "string" + } + }, + "required": [ + "status", + "type" + ], + "type": "object" + }, + "type": "array" + }, + "phase": { + "description": "phase represents the current phase of PersistentVolumeClaim.", + "type": "string" + }, + "resizeStatus": { + "description": "resizeStatus stores status of resize operation. ResizeStatus is not set by default but when expansion is complete resizeStatus is set to empty string by resize controller or kubelet. This is an alpha field and requires enabling RecoverVolumeExpansionFailure feature.", + "type": "string" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "type": "array" + }, + "volumeMounts": { + "description": "VolumeMounts Kubernetes Native `volumeMounts` specification.", + "items": { + "description": "VolumeMount describes a mounting of a Volume within a container.", + "properties": { + "mountPath": { + "description": "Path within the container at which the volume should be mounted. Must not contain ':'.", + "type": "string" + }, + "mountPropagation": { + "description": "mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationNone is used. This field is beta in 1.10.", + "type": "string" + }, + "name": { + "description": "This must match the Name of a Volume.", + "type": "string" + }, + "readOnly": { + "description": "Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false.", + "type": "boolean" + }, + "subPath": { + "description": "Path within the volume from which the container's volume should be mounted. Defaults to \"\" (volume's root).", + "type": "string" + }, + "subPathExpr": { + "description": "Expanded path within the volume from which the container's volume should be mounted. Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. Defaults to \"\" (volume's root). SubPathExpr and SubPath are mutually exclusive.", + "type": "string" + } + }, + "required": [ + "mountPath", + "name" + ], + "type": "object" + }, + "type": "array" + }, + "volumes": { + "description": "Volumes Kubernetes Native `volumes` specification.", + "items": { + "description": "Volume represents a named volume in a pod that may be accessed by any container in the pod.", + "properties": { + "awsElasticBlockStore": { + "description": "awsElasticBlockStore represents an AWS Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore", + "properties": { + "fsType": { + "description": "fsType is the filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore TODO: how do we prevent errors in the filesystem from compromising the machine", + "type": "string" + }, + "partition": { + "description": "partition is the partition in the volume that you want to mount. If omitted, the default is to mount by volume name. Examples: For volume /dev/sda1, you specify the partition as \"1\". Similarly, the volume partition for /dev/sda is \"0\" (or you can leave the property empty).", + "format": "int32", + "type": "integer" + }, + "readOnly": { + "description": "readOnly value true will force the readOnly setting in VolumeMounts. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore", + "type": "boolean" + }, + "volumeID": { + "description": "volumeID is unique ID of the persistent disk resource in AWS (Amazon EBS volume). More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore", + "type": "string" + } + }, + "required": [ + "volumeID" + ], + "type": "object" + }, + "azureDisk": { + "description": "azureDisk represents an Azure Data Disk mount on the host and bind mount to the pod.", + "properties": { + "cachingMode": { + "description": "cachingMode is the Host Caching mode: None, Read Only, Read Write.", + "type": "string" + }, + "diskName": { + "description": "diskName is the Name of the data disk in the blob storage", + "type": "string" + }, + "diskURI": { + "description": "diskURI is the URI of data disk in the blob storage", + "type": "string" + }, + "fsType": { + "description": "fsType is Filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.", + "type": "string" + }, + "kind": { + "description": "kind expected values are Shared: multiple blob disks per storage account Dedicated: single blob disk per storage account Managed: azure managed data disk (only in managed availability set). defaults to shared", + "type": "string" + }, + "readOnly": { + "description": "readOnly Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts.", + "type": "boolean" + } + }, + "required": [ + "diskName", + "diskURI" + ], + "type": "object" + }, + "azureFile": { + "description": "azureFile represents an Azure File Service mount on the host and bind mount to the pod.", + "properties": { + "readOnly": { + "description": "readOnly defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts.", + "type": "boolean" + }, + "secretName": { + "description": "secretName is the name of secret that contains Azure Storage Account Name and Key", + "type": "string" + }, + "shareName": { + "description": "shareName is the azure share Name", + "type": "string" + } + }, + "required": [ + "secretName", + "shareName" + ], + "type": "object" + }, + "cephfs": { + "description": "cephFS represents a Ceph FS mount on the host that shares a pod's lifetime", + "properties": { + "monitors": { + "description": "monitors is Required: Monitors is a collection of Ceph monitors More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it", + "items": { + "type": "string" + }, + "type": "array" + }, + "path": { + "description": "path is Optional: Used as the mounted root, rather than the full Ceph tree, default is /", + "type": "string" + }, + "readOnly": { + "description": "readOnly is Optional: Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it", + "type": "boolean" + }, + "secretFile": { + "description": "secretFile is Optional: SecretFile is the path to key ring for User, default is /etc/ceph/user.secret More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it", + "type": "string" + }, + "secretRef": { + "description": "secretRef is Optional: SecretRef is reference to the authentication secret for User, default is empty. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it", + "properties": { + "name": { + "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?", + "type": "string" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "user": { + "description": "user is optional: User is the rados user name, default is admin More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it", + "type": "string" + } + }, + "required": [ + "monitors" + ], + "type": "object" + }, + "cinder": { + "description": "cinder represents a cinder volume attached and mounted on kubelets host machine. More info: https://examples.k8s.io/mysql-cinder-pd/README.md", + "properties": { + "fsType": { + "description": "fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Examples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified. More info: https://examples.k8s.io/mysql-cinder-pd/README.md", + "type": "string" + }, + "readOnly": { + "description": "readOnly defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts. More info: https://examples.k8s.io/mysql-cinder-pd/README.md", + "type": "boolean" + }, + "secretRef": { + "description": "secretRef is optional: points to a secret object containing parameters used to connect to OpenStack.", + "properties": { + "name": { + "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?", + "type": "string" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "volumeID": { + "description": "volumeID used to identify the volume in cinder. More info: https://examples.k8s.io/mysql-cinder-pd/README.md", + "type": "string" + } + }, + "required": [ + "volumeID" + ], + "type": "object" + }, + "configMap": { + "description": "configMap represents a configMap that should populate this volume", + "properties": { + "defaultMode": { + "description": "defaultMode is optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.", + "format": "int32", + "type": "integer" + }, + "items": { + "description": "items if unspecified, each key-value pair in the Data field of the referenced ConfigMap will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the ConfigMap, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'.", + "items": { + "description": "Maps a string key to a path within a volume.", + "properties": { + "key": { + "description": "key is the key to project.", + "type": "string" + }, + "mode": { + "description": "mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.", + "format": "int32", + "type": "integer" + }, + "path": { + "description": "path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'.", + "type": "string" + } + }, + "required": [ + "key", + "path" + ], + "type": "object" + }, + "type": "array" + }, + "name": { + "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?", + "type": "string" + }, + "optional": { + "description": "optional specify whether the ConfigMap or its keys must be defined", + "type": "boolean" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "csi": { + "description": "csi (Container Storage Interface) represents ephemeral storage that is handled by certain external CSI drivers (Beta feature).", + "properties": { + "driver": { + "description": "driver is the name of the CSI driver that handles this volume. Consult with your admin for the correct name as registered in the cluster.", + "type": "string" + }, + "fsType": { + "description": "fsType to mount. Ex. \"ext4\", \"xfs\", \"ntfs\". If not provided, the empty value is passed to the associated CSI driver which will determine the default filesystem to apply.", + "type": "string" + }, + "nodePublishSecretRef": { + "description": "nodePublishSecretRef is a reference to the secret object containing sensitive information to pass to the CSI driver to complete the CSI NodePublishVolume and NodeUnpublishVolume calls. This field is optional, and may be empty if no secret is required. If the secret object contains more than one secret, all secret references are passed.", + "properties": { + "name": { + "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?", + "type": "string" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "readOnly": { + "description": "readOnly specifies a read-only configuration for the volume. Defaults to false (read/write).", + "type": "boolean" + }, + "volumeAttributes": { + "additionalProperties": { + "type": "string" + }, + "description": "volumeAttributes stores driver-specific properties that are passed to the CSI driver. Consult your driver's documentation for supported values.", + "type": "object" + } + }, + "required": [ + "driver" + ], + "type": "object" + }, + "downwardAPI": { + "description": "downwardAPI represents downward API about the pod that should populate this volume", + "properties": { + "defaultMode": { + "description": "Optional: mode bits to use on created files by default. Must be a Optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.", + "format": "int32", + "type": "integer" + }, + "items": { + "description": "Items is a list of downward API volume file", + "items": { + "description": "DownwardAPIVolumeFile represents information to create the file containing the pod field", + "properties": { + "fieldRef": { + "description": "Required: Selects a field of the pod: only annotations, labels, name and namespace are supported.", + "properties": { + "apiVersion": { + "description": "Version of the schema the FieldPath is written in terms of, defaults to \"v1\".", + "type": "string" + }, + "fieldPath": { + "description": "Path of the field to select in the specified API version.", + "type": "string" + } + }, + "required": [ + "fieldPath" + ], + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "mode": { + "description": "Optional: mode bits used to set permissions on this file, must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.", + "format": "int32", + "type": "integer" + }, + "path": { + "description": "Required: Path is the relative path name of the file to be created. Must not be absolute or contain the '..' path. Must be utf-8 encoded. The first item of the relative path must not start with '..'", + "type": "string" + }, + "resourceFieldRef": { + "description": "Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported.", + "properties": { + "containerName": { + "description": "Container name: required for volumes, optional for env vars", + "type": "string" + }, + "divisor": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "description": "Specifies the output format of the exposed resources, defaults to \"1\"", + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "resource": { + "description": "Required: resource to select", + "type": "string" + } + }, + "required": [ + "resource" + ], + "type": "object", + "x-kubernetes-map-type": "atomic" + } + }, + "required": [ + "path" + ], + "type": "object" + }, + "type": "array" + } + }, + "type": "object" + }, + "emptyDir": { + "description": "emptyDir represents a temporary directory that shares a pod's lifetime. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir", + "properties": { + "medium": { + "description": "medium represents what type of storage medium should back this directory. The default is \"\" which means to use the node's default medium. Must be an empty string (default) or Memory. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir", + "type": "string" + }, + "sizeLimit": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "description": "sizeLimit is the total amount of local storage required for this EmptyDir volume. The size limit is also applicable for memory medium. The maximum usage on memory medium EmptyDir would be the minimum value between the SizeLimit specified here and the sum of memory limits of all containers in a pod. The default is nil which means that the limit is undefined. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir", + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + } + }, + "type": "object" + }, + "ephemeral": { + "description": "ephemeral represents a volume that is handled by a cluster storage driver. The volume's lifecycle is tied to the pod that defines it - it will be created before the pod starts, and deleted when the pod is removed. \n Use this if: a) the volume is only needed while the pod runs, b) features of normal volumes like restoring from snapshot or capacity tracking are needed, c) the storage driver is specified through a storage class, and d) the storage driver supports dynamic volume provisioning through a PersistentVolumeClaim (see EphemeralVolumeSource for more information on the connection between this volume type and PersistentVolumeClaim). \n Use PersistentVolumeClaim or one of the vendor-specific APIs for volumes that persist for longer than the lifecycle of an individual pod. \n Use CSI for light-weight local ephemeral volumes if the CSI driver is meant to be used that way - see the documentation of the driver for more information. \n A pod can use both types of ephemeral volumes and persistent volumes at the same time.", + "properties": { + "volumeClaimTemplate": { + "description": "Will be used to create a stand-alone PVC to provision the volume. The pod in which this EphemeralVolumeSource is embedded will be the owner of the PVC, i.e. the PVC will be deleted together with the pod. The name of the PVC will be `-` where `` is the name from the `PodSpec.Volumes` array entry. Pod validation will reject the pod if the concatenated name is not valid for a PVC (for example, too long). \n An existing PVC with that name that is not owned by the pod will *not* be used for the pod to avoid using an unrelated volume by mistake. Starting the pod is then blocked until the unrelated PVC is removed. If such a pre-created PVC is meant to be used by the pod, the PVC has to updated with an owner reference to the pod once the pod exists. Normally this should not be necessary, but it may be useful when manually reconstructing a broken cluster. \n This field is read-only and no changes will be made by Kubernetes to the PVC after it has been created. \n Required, must not be nil.", + "properties": { + "metadata": { + "description": "May contain labels and annotations that will be copied into the PVC when creating it. No other fields are allowed and will be rejected during validation.", + "properties": { + "annotations": { + "additionalProperties": { + "type": "string" + }, + "type": "object" + }, + "finalizers": { + "items": { + "type": "string" + }, + "type": "array" + }, + "labels": { + "additionalProperties": { + "type": "string" + }, + "type": "object" + }, + "name": { + "type": "string" + }, + "namespace": { + "type": "string" + } + }, + "type": "object" + }, + "spec": { + "description": "The specification for the PersistentVolumeClaim. The entire content is copied unchanged into the PVC that gets created from this template. The same fields as in a PersistentVolumeClaim are also valid here.", + "properties": { + "accessModes": { + "description": "accessModes contains the desired access modes the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1", + "items": { + "type": "string" + }, + "type": "array" + }, + "dataSource": { + "description": "dataSource field can be used to specify either: * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) * An existing PVC (PersistentVolumeClaim) If the provisioner or an external controller can support the specified data source, it will create a new volume based on the contents of the specified data source. When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. If the namespace is specified, then dataSourceRef will not be copied to dataSource.", + "properties": { + "apiGroup": { + "description": "APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required.", + "type": "string" + }, + "kind": { + "description": "Kind is the type of resource being referenced", + "type": "string" + }, + "name": { + "description": "Name is the name of resource being referenced", + "type": "string" + } + }, + "required": [ + "kind", + "name" + ], + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "dataSourceRef": { + "description": "dataSourceRef specifies the object from which to populate the volume with data, if a non-empty volume is desired. This may be any object from a non-empty API group (non core object) or a PersistentVolumeClaim object. When this field is specified, volume binding will only succeed if the type of the specified object matches some installed volume populator or dynamic provisioner. This field will replace the functionality of the dataSource field and as such if both fields are non-empty, they must have the same value. For backwards compatibility, when namespace isn't specified in dataSourceRef, both fields (dataSource and dataSourceRef) will be set to the same value automatically if one of them is empty and the other is non-empty. When namespace is specified in dataSourceRef, dataSource isn't set to the same value and must be empty. There are three important differences between dataSource and dataSourceRef: * While dataSource only allows two specific types of objects, dataSourceRef allows any non-core object, as well as PersistentVolumeClaim objects. * While dataSource ignores disallowed values (dropping them), dataSourceRef preserves all values, and generates an error if a disallowed value is specified. * While dataSource only allows local objects, dataSourceRef allows objects in any namespaces. (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled.", + "properties": { + "apiGroup": { + "description": "APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required.", + "type": "string" + }, + "kind": { + "description": "Kind is the type of resource being referenced", + "type": "string" + }, + "name": { + "description": "Name is the name of resource being referenced", + "type": "string" + }, + "namespace": { + "description": "Namespace is the namespace of resource being referenced Note that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details. (Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled.", + "type": "string" + } + }, + "required": [ + "kind", + "name" + ], + "type": "object" + }, + "resources": { + "description": "resources represents the minimum resources the volume should have. If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements that are lower than previous value but must still be higher than capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources", + "properties": { + "claims": { + "description": "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers.", + "items": { + "description": "ResourceClaim references one entry in PodSpec.ResourceClaims.", + "properties": { + "name": { + "description": "Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container.", + "type": "string" + } + }, + "required": [ + "name" + ], + "type": "object" + }, + "type": "array", + "x-kubernetes-list-map-keys": [ + "name" + ], + "x-kubernetes-list-type": "map" + }, + "limits": { + "additionalProperties": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "description": "Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/", + "type": "object" + }, + "requests": { + "additionalProperties": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "description": "Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/", + "type": "object" + } + }, + "type": "object" + }, + "selector": { + "description": "selector is a label query over volumes to consider for binding.", + "properties": { + "matchExpressions": { + "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", + "items": { + "description": "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.", + "properties": { + "key": { + "description": "key is the label key that the selector applies to.", + "type": "string" + }, + "operator": { + "description": "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.", + "type": "string" + }, + "values": { + "description": "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array" + }, + "matchLabels": { + "additionalProperties": { + "type": "string" + }, + "description": "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", + "type": "object" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "storageClassName": { + "description": "storageClassName is the name of the StorageClass required by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1", + "type": "string" + }, + "volumeMode": { + "description": "volumeMode defines what type of volume is required by the claim. Value of Filesystem is implied when not included in claim spec.", + "type": "string" + }, + "volumeName": { + "description": "volumeName is the binding reference to the PersistentVolume backing this claim.", + "type": "string" + } + }, + "type": "object" + } + }, + "required": [ + "spec" + ], + "type": "object" + } + }, + "type": "object" + }, + "fc": { + "description": "fc represents a Fibre Channel resource that is attached to a kubelet's host machine and then exposed to the pod.", + "properties": { + "fsType": { + "description": "fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified. TODO: how do we prevent errors in the filesystem from compromising the machine", + "type": "string" + }, + "lun": { + "description": "lun is Optional: FC target lun number", + "format": "int32", + "type": "integer" + }, + "readOnly": { + "description": "readOnly is Optional: Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts.", + "type": "boolean" + }, + "targetWWNs": { + "description": "targetWWNs is Optional: FC target worldwide names (WWNs)", + "items": { + "type": "string" + }, + "type": "array" + }, + "wwids": { + "description": "wwids Optional: FC volume world wide identifiers (wwids) Either wwids or combination of targetWWNs and lun must be set, but not both simultaneously.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + }, + "flexVolume": { + "description": "flexVolume represents a generic volume resource that is provisioned/attached using an exec based plugin.", + "properties": { + "driver": { + "description": "driver is the name of the driver to use for this volume.", + "type": "string" + }, + "fsType": { + "description": "fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. \"ext4\", \"xfs\", \"ntfs\". The default filesystem depends on FlexVolume script.", + "type": "string" + }, + "options": { + "additionalProperties": { + "type": "string" + }, + "description": "options is Optional: this field holds extra command options if any.", + "type": "object" + }, + "readOnly": { + "description": "readOnly is Optional: defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts.", + "type": "boolean" + }, + "secretRef": { + "description": "secretRef is Optional: secretRef is reference to the secret object containing sensitive information to pass to the plugin scripts. This may be empty if no secret object is specified. If the secret object contains more than one secret, all secrets are passed to the plugin scripts.", + "properties": { + "name": { + "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?", + "type": "string" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + } + }, + "required": [ + "driver" + ], + "type": "object" + }, + "flocker": { + "description": "flocker represents a Flocker volume attached to a kubelet's host machine. This depends on the Flocker control service being running", + "properties": { + "datasetName": { + "description": "datasetName is Name of the dataset stored as metadata -> name on the dataset for Flocker should be considered as deprecated", + "type": "string" + }, + "datasetUUID": { + "description": "datasetUUID is the UUID of the dataset. This is unique identifier of a Flocker dataset", + "type": "string" + } + }, + "type": "object" + }, + "gcePersistentDisk": { + "description": "gcePersistentDisk represents a GCE Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk", + "properties": { + "fsType": { + "description": "fsType is filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk TODO: how do we prevent errors in the filesystem from compromising the machine", + "type": "string" + }, + "partition": { + "description": "partition is the partition in the volume that you want to mount. If omitted, the default is to mount by volume name. Examples: For volume /dev/sda1, you specify the partition as \"1\". Similarly, the volume partition for /dev/sda is \"0\" (or you can leave the property empty). More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk", + "format": "int32", + "type": "integer" + }, + "pdName": { + "description": "pdName is unique name of the PD resource in GCE. Used to identify the disk in GCE. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk", + "type": "string" + }, + "readOnly": { + "description": "readOnly here will force the ReadOnly setting in VolumeMounts. Defaults to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk", + "type": "boolean" + } + }, + "required": [ + "pdName" + ], + "type": "object" + }, + "gitRepo": { + "description": "gitRepo represents a git repository at a particular revision. DEPRECATED: GitRepo is deprecated. To provision a container with a git repo, mount an EmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir into the Pod's container.", + "properties": { + "directory": { + "description": "directory is the target directory name. Must not contain or start with '..'. If '.' is supplied, the volume directory will be the git repository. Otherwise, if specified, the volume will contain the git repository in the subdirectory with the given name.", + "type": "string" + }, + "repository": { + "description": "repository is the URL", + "type": "string" + }, + "revision": { + "description": "revision is the commit hash for the specified revision.", + "type": "string" + } + }, + "required": [ + "repository" + ], + "type": "object" + }, + "glusterfs": { + "description": "glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime. More info: https://examples.k8s.io/volumes/glusterfs/README.md", + "properties": { + "endpoints": { + "description": "endpoints is the endpoint name that details Glusterfs topology. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod", + "type": "string" + }, + "path": { + "description": "path is the Glusterfs volume path. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod", + "type": "string" + }, + "readOnly": { + "description": "readOnly here will force the Glusterfs volume to be mounted with read-only permissions. Defaults to false. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod", + "type": "boolean" + } + }, + "required": [ + "endpoints", + "path" + ], + "type": "object" + }, + "hostPath": { + "description": "hostPath represents a pre-existing file or directory on the host machine that is directly exposed to the container. This is generally used for system agents or other privileged things that are allowed to see the host machine. Most containers will NOT need this. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath --- TODO(jonesdl) We need to restrict who can use host directory mounts and who can/can not mount host directories as read/write.", + "properties": { + "path": { + "description": "path of the directory on the host. If the path is a symlink, it will follow the link to the real path. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath", + "type": "string" + }, + "type": { + "description": "type for HostPath Volume Defaults to \"\" More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath", + "type": "string" + } + }, + "required": [ + "path" + ], + "type": "object" + }, + "iscsi": { + "description": "iscsi represents an ISCSI Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://examples.k8s.io/volumes/iscsi/README.md", + "properties": { + "chapAuthDiscovery": { + "description": "chapAuthDiscovery defines whether support iSCSI Discovery CHAP authentication", + "type": "boolean" + }, + "chapAuthSession": { + "description": "chapAuthSession defines whether support iSCSI Session CHAP authentication", + "type": "boolean" + }, + "fsType": { + "description": "fsType is the filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi TODO: how do we prevent errors in the filesystem from compromising the machine", + "type": "string" + }, + "initiatorName": { + "description": "initiatorName is the custom iSCSI Initiator Name. If initiatorName is specified with iscsiInterface simultaneously, new iSCSI interface : will be created for the connection.", + "type": "string" + }, + "iqn": { + "description": "iqn is the target iSCSI Qualified Name.", + "type": "string" + }, + "iscsiInterface": { + "description": "iscsiInterface is the interface Name that uses an iSCSI transport. Defaults to 'default' (tcp).", + "type": "string" + }, + "lun": { + "description": "lun represents iSCSI Target Lun number.", + "format": "int32", + "type": "integer" + }, + "portals": { + "description": "portals is the iSCSI Target Portal List. The portal is either an IP or ip_addr:port if the port is other than default (typically TCP ports 860 and 3260).", + "items": { + "type": "string" + }, + "type": "array" + }, + "readOnly": { + "description": "readOnly here will force the ReadOnly setting in VolumeMounts. Defaults to false.", + "type": "boolean" + }, + "secretRef": { + "description": "secretRef is the CHAP Secret for iSCSI target and initiator authentication", + "properties": { + "name": { + "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?", + "type": "string" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "targetPortal": { + "description": "targetPortal is iSCSI Target Portal. The Portal is either an IP or ip_addr:port if the port is other than default (typically TCP ports 860 and 3260).", + "type": "string" + } + }, + "required": [ + "iqn", + "lun", + "targetPortal" + ], + "type": "object" + }, + "name": { + "description": "name of the volume. Must be a DNS_LABEL and unique within the pod. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names", + "type": "string" + }, + "nfs": { + "description": "nfs represents an NFS mount on the host that shares a pod's lifetime More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs", + "properties": { + "path": { + "description": "path that is exported by the NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs", + "type": "string" + }, + "readOnly": { + "description": "readOnly here will force the NFS export to be mounted with read-only permissions. Defaults to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs", + "type": "boolean" + }, + "server": { + "description": "server is the hostname or IP address of the NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs", + "type": "string" + } + }, + "required": [ + "path", + "server" + ], + "type": "object" + }, + "persistentVolumeClaim": { + "description": "persistentVolumeClaimVolumeSource represents a reference to a PersistentVolumeClaim in the same namespace. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims", + "properties": { + "claimName": { + "description": "claimName is the name of a PersistentVolumeClaim in the same namespace as the pod using this volume. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims", + "type": "string" + }, + "readOnly": { + "description": "readOnly Will force the ReadOnly setting in VolumeMounts. Default false.", + "type": "boolean" + } + }, + "required": [ + "claimName" + ], + "type": "object" + }, + "photonPersistentDisk": { + "description": "photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine", + "properties": { + "fsType": { + "description": "fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.", + "type": "string" + }, + "pdID": { + "description": "pdID is the ID that identifies Photon Controller persistent disk", + "type": "string" + } + }, + "required": [ + "pdID" + ], + "type": "object" + }, + "portworxVolume": { + "description": "portworxVolume represents a portworx volume attached and mounted on kubelets host machine", + "properties": { + "fsType": { + "description": "fSType represents the filesystem type to mount Must be a filesystem type supported by the host operating system. Ex. \"ext4\", \"xfs\". Implicitly inferred to be \"ext4\" if unspecified.", + "type": "string" + }, + "readOnly": { + "description": "readOnly defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts.", + "type": "boolean" + }, + "volumeID": { + "description": "volumeID uniquely identifies a Portworx volume", + "type": "string" + } + }, + "required": [ + "volumeID" + ], + "type": "object" + }, + "projected": { + "description": "projected items for all in one resources secrets, configmaps, and downward API", + "properties": { + "defaultMode": { + "description": "defaultMode are the mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.", + "format": "int32", + "type": "integer" + }, + "sources": { + "description": "sources is the list of volume projections", + "items": { + "description": "Projection that may be projected along with other supported volume types", + "properties": { + "configMap": { + "description": "configMap information about the configMap data to project", + "properties": { + "items": { + "description": "items if unspecified, each key-value pair in the Data field of the referenced ConfigMap will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the ConfigMap, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'.", + "items": { + "description": "Maps a string key to a path within a volume.", + "properties": { + "key": { + "description": "key is the key to project.", + "type": "string" + }, + "mode": { + "description": "mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.", + "format": "int32", + "type": "integer" + }, + "path": { + "description": "path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'.", + "type": "string" + } + }, + "required": [ + "key", + "path" + ], + "type": "object" + }, + "type": "array" + }, + "name": { + "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?", + "type": "string" + }, + "optional": { + "description": "optional specify whether the ConfigMap or its keys must be defined", + "type": "boolean" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "downwardAPI": { + "description": "downwardAPI information about the downwardAPI data to project", + "properties": { + "items": { + "description": "Items is a list of DownwardAPIVolume file", + "items": { + "description": "DownwardAPIVolumeFile represents information to create the file containing the pod field", + "properties": { + "fieldRef": { + "description": "Required: Selects a field of the pod: only annotations, labels, name and namespace are supported.", + "properties": { + "apiVersion": { + "description": "Version of the schema the FieldPath is written in terms of, defaults to \"v1\".", + "type": "string" + }, + "fieldPath": { + "description": "Path of the field to select in the specified API version.", + "type": "string" + } + }, + "required": [ + "fieldPath" + ], + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "mode": { + "description": "Optional: mode bits used to set permissions on this file, must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.", + "format": "int32", + "type": "integer" + }, + "path": { + "description": "Required: Path is the relative path name of the file to be created. Must not be absolute or contain the '..' path. Must be utf-8 encoded. The first item of the relative path must not start with '..'", + "type": "string" + }, + "resourceFieldRef": { + "description": "Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported.", + "properties": { + "containerName": { + "description": "Container name: required for volumes, optional for env vars", + "type": "string" + }, + "divisor": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "description": "Specifies the output format of the exposed resources, defaults to \"1\"", + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "resource": { + "description": "Required: resource to select", + "type": "string" + } + }, + "required": [ + "resource" + ], + "type": "object", + "x-kubernetes-map-type": "atomic" + } + }, + "required": [ + "path" + ], + "type": "object" + }, + "type": "array" + } + }, + "type": "object" + }, + "secret": { + "description": "secret information about the secret data to project", + "properties": { + "items": { + "description": "items if unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'.", + "items": { + "description": "Maps a string key to a path within a volume.", + "properties": { + "key": { + "description": "key is the key to project.", + "type": "string" + }, + "mode": { + "description": "mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.", + "format": "int32", + "type": "integer" + }, + "path": { + "description": "path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'.", + "type": "string" + } + }, + "required": [ + "key", + "path" + ], + "type": "object" + }, + "type": "array" + }, + "name": { + "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?", + "type": "string" + }, + "optional": { + "description": "optional field specify whether the Secret or its key must be defined", + "type": "boolean" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "serviceAccountToken": { + "description": "serviceAccountToken is information about the serviceAccountToken data to project", + "properties": { + "audience": { + "description": "audience is the intended audience of the token. A recipient of a token must identify itself with an identifier specified in the audience of the token, and otherwise should reject the token. The audience defaults to the identifier of the apiserver.", + "type": "string" + }, + "expirationSeconds": { + "description": "expirationSeconds is the requested duration of validity of the service account token. As the token approaches expiration, the kubelet volume plugin will proactively rotate the service account token. The kubelet will start trying to rotate the token if the token is older than 80 percent of its time to live or if the token is older than 24 hours.Defaults to 1 hour and must be at least 10 minutes.", + "format": "int64", + "type": "integer" + }, + "path": { + "description": "path is the path relative to the mount point of the file to project the token into.", + "type": "string" + } + }, + "required": [ + "path" + ], + "type": "object" + } + }, + "type": "object" + }, + "type": "array" + } + }, + "type": "object" + }, + "quobyte": { + "description": "quobyte represents a Quobyte mount on the host that shares a pod's lifetime", + "properties": { + "group": { + "description": "group to map volume access to Default is no group", + "type": "string" + }, + "readOnly": { + "description": "readOnly here will force the Quobyte volume to be mounted with read-only permissions. Defaults to false.", + "type": "boolean" + }, + "registry": { + "description": "registry represents a single or multiple Quobyte Registry services specified as a string as host:port pair (multiple entries are separated with commas) which acts as the central registry for volumes", + "type": "string" + }, + "tenant": { + "description": "tenant owning the given Quobyte volume in the Backend Used with dynamically provisioned Quobyte volumes, value is set by the plugin", + "type": "string" + }, + "user": { + "description": "user to map volume access to Defaults to serivceaccount user", + "type": "string" + }, + "volume": { + "description": "volume is a string that references an already created Quobyte volume by name.", + "type": "string" + } + }, + "required": [ + "registry", + "volume" + ], + "type": "object" + }, + "rbd": { + "description": "rbd represents a Rados Block Device mount on the host that shares a pod's lifetime. More info: https://examples.k8s.io/volumes/rbd/README.md", + "properties": { + "fsType": { + "description": "fsType is the filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#rbd TODO: how do we prevent errors in the filesystem from compromising the machine", + "type": "string" + }, + "image": { + "description": "image is the rados image name. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it", + "type": "string" + }, + "keyring": { + "description": "keyring is the path to key ring for RBDUser. Default is /etc/ceph/keyring. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it", + "type": "string" + }, + "monitors": { + "description": "monitors is a collection of Ceph monitors. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it", + "items": { + "type": "string" + }, + "type": "array" + }, + "pool": { + "description": "pool is the rados pool name. Default is rbd. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it", + "type": "string" + }, + "readOnly": { + "description": "readOnly here will force the ReadOnly setting in VolumeMounts. Defaults to false. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it", + "type": "boolean" + }, + "secretRef": { + "description": "secretRef is name of the authentication secret for RBDUser. If provided overrides keyring. Default is nil. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it", + "properties": { + "name": { + "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?", + "type": "string" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "user": { + "description": "user is the rados user name. Default is admin. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it", + "type": "string" + } + }, + "required": [ + "image", + "monitors" + ], + "type": "object" + }, + "scaleIO": { + "description": "scaleIO represents a ScaleIO persistent volume attached and mounted on Kubernetes nodes.", + "properties": { + "fsType": { + "description": "fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. \"ext4\", \"xfs\", \"ntfs\". Default is \"xfs\".", + "type": "string" + }, + "gateway": { + "description": "gateway is the host address of the ScaleIO API Gateway.", + "type": "string" + }, + "protectionDomain": { + "description": "protectionDomain is the name of the ScaleIO Protection Domain for the configured storage.", + "type": "string" + }, + "readOnly": { + "description": "readOnly Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts.", + "type": "boolean" + }, + "secretRef": { + "description": "secretRef references to the secret for ScaleIO user and other sensitive information. If this is not provided, Login operation will fail.", + "properties": { + "name": { + "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?", + "type": "string" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "sslEnabled": { + "description": "sslEnabled Flag enable/disable SSL communication with Gateway, default false", + "type": "boolean" + }, + "storageMode": { + "description": "storageMode indicates whether the storage for a volume should be ThickProvisioned or ThinProvisioned. Default is ThinProvisioned.", + "type": "string" + }, + "storagePool": { + "description": "storagePool is the ScaleIO Storage Pool associated with the protection domain.", + "type": "string" + }, + "system": { + "description": "system is the name of the storage system as configured in ScaleIO.", + "type": "string" + }, + "volumeName": { + "description": "volumeName is the name of a volume already created in the ScaleIO system that is associated with this volume source.", + "type": "string" + } + }, + "required": [ + "gateway", + "secretRef", + "system" + ], + "type": "object" + }, + "secret": { + "description": "secret represents a secret that should populate this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret", + "properties": { + "defaultMode": { + "description": "defaultMode is Optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.", + "format": "int32", + "type": "integer" + }, + "items": { + "description": "items If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'.", + "items": { + "description": "Maps a string key to a path within a volume.", + "properties": { + "key": { + "description": "key is the key to project.", + "type": "string" + }, + "mode": { + "description": "mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.", + "format": "int32", + "type": "integer" + }, + "path": { + "description": "path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'.", + "type": "string" + } + }, + "required": [ + "key", + "path" + ], + "type": "object" + }, + "type": "array" + }, + "optional": { + "description": "optional field specify whether the Secret or its keys must be defined", + "type": "boolean" + }, + "secretName": { + "description": "secretName is the name of the secret in the pod's namespace to use. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret", + "type": "string" + } + }, + "type": "object" + }, + "storageos": { + "description": "storageOS represents a StorageOS volume attached and mounted on Kubernetes nodes.", + "properties": { + "fsType": { + "description": "fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.", + "type": "string" + }, + "readOnly": { + "description": "readOnly defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts.", + "type": "boolean" + }, + "secretRef": { + "description": "secretRef specifies the secret to use for obtaining the StorageOS API credentials. If not specified, default values will be attempted.", + "properties": { + "name": { + "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?", + "type": "string" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "volumeName": { + "description": "volumeName is the human-readable name of the StorageOS volume. Volume names are only unique within a namespace.", + "type": "string" + }, + "volumeNamespace": { + "description": "volumeNamespace specifies the scope of the volume within StorageOS. If no namespace is specified then the Pod's namespace will be used. This allows the Kubernetes name scoping to be mirrored within StorageOS for tighter integration. Set VolumeName to any name to override the default behaviour. Set to \"default\" if you are not using namespaces within StorageOS. Namespaces that do not pre-exist within StorageOS will be created.", + "type": "string" + } + }, + "type": "object" + }, + "vsphereVolume": { + "description": "vsphereVolume represents a vSphere volume attached and mounted on kubelets host machine", + "properties": { + "fsType": { + "description": "fsType is filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.", + "type": "string" + }, + "storagePolicyID": { + "description": "storagePolicyID is the storage Policy Based Management (SPBM) profile ID associated with the StoragePolicyName.", + "type": "string" + }, + "storagePolicyName": { + "description": "storagePolicyName is the storage Policy Based Management (SPBM) profile name.", + "type": "string" + }, + "volumePath": { + "description": "volumePath is the path that identifies vSphere volume vmdk", + "type": "string" + } + }, + "required": [ + "volumePath" + ], + "type": "object" + } + }, + "required": [ + "name" + ], + "type": "object" + }, + "type": "array" + } + }, + "required": [ + "druid.port", + "nodeConfigMountPath", + "nodeType", + "runtime.properties" + ], + "type": "object" + }, + "description": "Nodes a list of `Druid` Node types and their configurations. `DruidSpec` is used to create Kubernetes workload specs. Many of the fields above can be overridden at the specific `NodeSpec` level.", + "type": "object" + }, + "podAnnotations": { + "additionalProperties": { + "type": "string" + }, + "description": "PodAnnotations Custom annotations to be populated in `Druid` pods.", + "type": "object" + }, + "podLabels": { + "additionalProperties": { + "type": "string" + }, + "description": "PodLabels Custom labels to be populated in `Druid` pods.", + "type": "object" + }, + "podManagementPolicy": { + "default": "Parallel", + "description": "PodManagementPolicy", + "type": "string" + }, + "priorityClassName": { + "description": "PriorityClassName Kubernetes native `priorityClassName` specification.", + "type": "string" + }, + "readinessProbe": { + "description": "ReadinessProbe Port is set to `druid.port` if not specified with httpGet handler.", + "properties": { + "exec": { + "description": "Exec specifies the action to take.", + "properties": { + "command": { + "description": "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + }, + "failureThreshold": { + "description": "Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.", + "format": "int32", + "type": "integer" + }, + "grpc": { + "description": "GRPC specifies an action involving a GRPC port.", + "properties": { + "port": { + "description": "Port number of the gRPC service. Number must be in the range 1 to 65535.", + "format": "int32", + "type": "integer" + }, + "service": { + "description": "Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). \n If this is not specified, the default behavior is defined by gRPC.", + "type": "string" + } + }, + "required": [ + "port" + ], + "type": "object" + }, + "httpGet": { + "description": "HTTPGet specifies the http request to perform.", + "properties": { + "host": { + "description": "Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead.", + "type": "string" + }, + "httpHeaders": { + "description": "Custom headers to set in the request. HTTP allows repeated headers.", + "items": { + "description": "HTTPHeader describes a custom header to be used in HTTP probes", + "properties": { + "name": { + "description": "The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.", + "type": "string" + }, + "value": { + "description": "The header field value", + "type": "string" + } + }, + "required": [ + "name", + "value" + ], + "type": "object" + }, + "type": "array" + }, + "path": { + "description": "Path to access on the HTTP server.", + "type": "string" + }, + "port": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "description": "Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.", + "x-kubernetes-int-or-string": true + }, + "scheme": { + "description": "Scheme to use for connecting to the host. Defaults to HTTP.", + "type": "string" + } + }, + "required": [ + "port" + ], + "type": "object" + }, + "initialDelaySeconds": { + "description": "Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes", + "format": "int32", + "type": "integer" + }, + "periodSeconds": { + "description": "How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1.", + "format": "int32", + "type": "integer" + }, + "successThreshold": { + "description": "Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1.", + "format": "int32", + "type": "integer" + }, + "tcpSocket": { + "description": "TCPSocket specifies an action involving a TCP port.", + "properties": { + "host": { + "description": "Optional: Host name to connect to, defaults to the pod IP.", + "type": "string" + }, + "port": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "description": "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.", + "x-kubernetes-int-or-string": true + } + }, + "required": [ + "port" + ], + "type": "object" + }, + "terminationGracePeriodSeconds": { + "description": "Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset.", + "format": "int64", + "type": "integer" + }, + "timeoutSeconds": { + "description": "Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes", + "format": "int32", + "type": "integer" + } + }, + "type": "object" + }, + "rollingDeploy": { + "default": true, + "description": "RollingDeploy Whether to deploy the components in a rolling update as described in the documentation: https://druid.apache.org/docs/latest/operations/rolling-updates.html If set to true then operator checks the rollout status of previous version workloads before updating the next. This will be done only for update actions.", + "type": "boolean" + }, + "scalePvcSts": { + "default": false, + "description": "ScalePvcSts When enabled, operator will allow volume expansion of StatefulSet's PVCs.", + "type": "boolean" + }, + "securityContext": { + "description": "PodSecurityContext", + "properties": { + "fsGroup": { + "description": "A special supplemental group that applies to all containers in a pod. Some volume types allow the Kubelet to change the ownership of that volume to be owned by the pod: \n 1. The owning GID will be the FSGroup 2. The setgid bit is set (new files created in the volume will be owned by FSGroup) 3. The permission bits are OR'd with rw-rw---- \n If unset, the Kubelet will not modify the ownership and permissions of any volume. Note that this field cannot be set when spec.os.name is windows.", + "format": "int64", + "type": "integer" + }, + "fsGroupChangePolicy": { + "description": "fsGroupChangePolicy defines behavior of changing ownership and permission of the volume before being exposed inside Pod. This field will only apply to volume types which support fsGroup based ownership(and permissions). It will have no effect on ephemeral volume types such as: secret, configmaps and emptydir. Valid values are \"OnRootMismatch\" and \"Always\". If not specified, \"Always\" is used. Note that this field cannot be set when spec.os.name is windows.", + "type": "string" + }, + "runAsGroup": { + "description": "The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container. Note that this field cannot be set when spec.os.name is windows.", + "format": "int64", + "type": "integer" + }, + "runAsNonRoot": { + "description": "Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.", + "type": "boolean" + }, + "runAsUser": { + "description": "The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container. Note that this field cannot be set when spec.os.name is windows.", + "format": "int64", + "type": "integer" + }, + "seLinuxOptions": { + "description": "The SELinux context to be applied to all containers. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container. Note that this field cannot be set when spec.os.name is windows.", + "properties": { + "level": { + "description": "Level is SELinux level label that applies to the container.", + "type": "string" + }, + "role": { + "description": "Role is a SELinux role label that applies to the container.", + "type": "string" + }, + "type": { + "description": "Type is a SELinux type label that applies to the container.", + "type": "string" + }, + "user": { + "description": "User is a SELinux user label that applies to the container.", + "type": "string" + } + }, + "type": "object" + }, + "seccompProfile": { + "description": "The seccomp options to use by the containers in this pod. Note that this field cannot be set when spec.os.name is windows.", + "properties": { + "localhostProfile": { + "description": "localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must only be set if type is \"Localhost\".", + "type": "string" + }, + "type": { + "description": "type indicates which kind of seccomp profile will be applied. Valid options are: \n Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied.", + "type": "string" + } + }, + "required": [ + "type" + ], + "type": "object" + }, + "supplementalGroups": { + "description": "A list of groups applied to the first process run in each container, in addition to the container's primary GID, the fsGroup (if specified), and group memberships defined in the container image for the uid of the container process. If unspecified, no additional groups are added to any container. Note that group memberships defined in the container image for the uid of the container process are still effective, even if they are not included in this list. Note that this field cannot be set when spec.os.name is windows.", + "items": { + "format": "int64", + "type": "integer" + }, + "type": "array" + }, + "sysctls": { + "description": "Sysctls hold a list of namespaced sysctls used for the pod. Pods with unsupported sysctls (by the container runtime) might fail to launch. Note that this field cannot be set when spec.os.name is windows.", + "items": { + "description": "Sysctl defines a kernel parameter to be set", + "properties": { + "name": { + "description": "Name of a property to set", + "type": "string" + }, + "value": { + "description": "Value of a property to set", + "type": "string" + } + }, + "required": [ + "name", + "value" + ], + "type": "object" + }, + "type": "array" + }, + "windowsOptions": { + "description": "The Windows specific settings applied to all containers. If unspecified, the options within a container's SecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is linux.", + "properties": { + "gmsaCredentialSpec": { + "description": "GMSACredentialSpec is where the GMSA admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the GMSA credential spec named by the GMSACredentialSpecName field.", + "type": "string" + }, + "gmsaCredentialSpecName": { + "description": "GMSACredentialSpecName is the name of the GMSA credential spec to use.", + "type": "string" + }, + "hostProcess": { + "description": "HostProcess determines if a container should be run as a 'Host Process' container. This field is alpha-level and will only be honored by components that enable the WindowsHostProcessContainers feature flag. Setting this field without the feature flag will result in errors when validating the Pod. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.", + "type": "boolean" + }, + "runAsUserName": { + "description": "The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.", + "type": "string" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "serviceAccount": { + "description": "ServiceAccount", + "type": "string" + }, + "services": { + "description": "Services Kubernetes services to be created for each workload.", + "items": { + "description": "Service is a named abstraction of software service (for example, mysql) consisting of local port (for example 3306) that the proxy listens on, and the selector that determines which pods will answer requests sent through the proxy.", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", + "type": "string" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "description": "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata", + "properties": { + "annotations": { + "additionalProperties": { + "type": "string" + }, + "type": "object" + }, + "finalizers": { + "items": { + "type": "string" + }, + "type": "array" + }, + "labels": { + "additionalProperties": { + "type": "string" + }, + "type": "object" + }, + "name": { + "type": "string" + }, + "namespace": { + "type": "string" + } + }, + "type": "object" + }, + "spec": { + "description": "Spec defines the behavior of a service. https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status", + "properties": { + "allocateLoadBalancerNodePorts": { + "description": "allocateLoadBalancerNodePorts defines if NodePorts will be automatically allocated for services with type LoadBalancer. Default is \"true\". It may be set to \"false\" if the cluster load-balancer does not rely on NodePorts. If the caller requests specific NodePorts (by specifying a value), those requests will be respected, regardless of this field. This field may only be set for services with type LoadBalancer and will be cleared if the type is changed to any other type.", + "type": "boolean" + }, + "clusterIP": { + "description": "clusterIP is the IP address of the service and is usually assigned randomly. If an address is specified manually, is in-range (as per system configuration), and is not in use, it will be allocated to the service; otherwise creation of the service will fail. This field may not be changed through updates unless the type field is also being changed to ExternalName (which requires this field to be blank) or the type field is being changed from ExternalName (in which case this field may optionally be specified, as describe above). Valid values are \"None\", empty string (\"\"), or a valid IP address. Setting this to \"None\" makes a \"headless service\" (no virtual IP), which is useful when direct endpoint connections are preferred and proxying is not required. Only applies to types ClusterIP, NodePort, and LoadBalancer. If this field is specified when creating a Service of type ExternalName, creation will fail. This field will be wiped when updating a Service to type ExternalName. More info: https://kubernetes.io/docs/concepts/services-networking/service/#virtual-ips-and-service-proxies", + "type": "string" + }, + "clusterIPs": { + "description": "ClusterIPs is a list of IP addresses assigned to this service, and are usually assigned randomly. If an address is specified manually, is in-range (as per system configuration), and is not in use, it will be allocated to the service; otherwise creation of the service will fail. This field may not be changed through updates unless the type field is also being changed to ExternalName (which requires this field to be empty) or the type field is being changed from ExternalName (in which case this field may optionally be specified, as describe above). Valid values are \"None\", empty string (\"\"), or a valid IP address. Setting this to \"None\" makes a \"headless service\" (no virtual IP), which is useful when direct endpoint connections are preferred and proxying is not required. Only applies to types ClusterIP, NodePort, and LoadBalancer. If this field is specified when creating a Service of type ExternalName, creation will fail. This field will be wiped when updating a Service to type ExternalName. If this field is not specified, it will be initialized from the clusterIP field. If this field is specified, clients must ensure that clusterIPs[0] and clusterIP have the same value. \n This field may hold a maximum of two entries (dual-stack IPs, in either order). These IPs must correspond to the values of the ipFamilies field. Both clusterIPs and ipFamilies are governed by the ipFamilyPolicy field. More info: https://kubernetes.io/docs/concepts/services-networking/service/#virtual-ips-and-service-proxies", + "items": { + "type": "string" + }, + "type": "array", + "x-kubernetes-list-type": "atomic" + }, + "externalIPs": { + "description": "externalIPs is a list of IP addresses for which nodes in the cluster will also accept traffic for this service. These IPs are not managed by Kubernetes. The user is responsible for ensuring that traffic arrives at a node with this IP. A common example is external load-balancers that are not part of the Kubernetes system.", + "items": { + "type": "string" + }, + "type": "array" + }, + "externalName": { + "description": "externalName is the external reference that discovery mechanisms will return as an alias for this service (e.g. a DNS CNAME record). No proxying will be involved. Must be a lowercase RFC-1123 hostname (https://tools.ietf.org/html/rfc1123) and requires `type` to be \"ExternalName\".", + "type": "string" + }, + "externalTrafficPolicy": { + "description": "externalTrafficPolicy describes how nodes distribute service traffic they receive on one of the Service's \"externally-facing\" addresses (NodePorts, ExternalIPs, and LoadBalancer IPs). If set to \"Local\", the proxy will configure the service in a way that assumes that external load balancers will take care of balancing the service traffic between nodes, and so each node will deliver traffic only to the node-local endpoints of the service, without masquerading the client source IP. (Traffic mistakenly sent to a node with no endpoints will be dropped.) The default value, \"Cluster\", uses the standard behavior of routing to all endpoints evenly (possibly modified by topology and other features). Note that traffic sent to an External IP or LoadBalancer IP from within the cluster will always get \"Cluster\" semantics, but clients sending to a NodePort from within the cluster may need to take traffic policy into account when picking a node.", + "type": "string" + }, + "healthCheckNodePort": { + "description": "healthCheckNodePort specifies the healthcheck nodePort for the service. This only applies when type is set to LoadBalancer and externalTrafficPolicy is set to Local. If a value is specified, is in-range, and is not in use, it will be used. If not specified, a value will be automatically allocated. External systems (e.g. load-balancers) can use this port to determine if a given node holds endpoints for this service or not. If this field is specified when creating a Service which does not need it, creation will fail. This field will be wiped when updating a Service to no longer need it (e.g. changing type). This field cannot be updated once set.", + "format": "int32", + "type": "integer" + }, + "internalTrafficPolicy": { + "description": "InternalTrafficPolicy describes how nodes distribute service traffic they receive on the ClusterIP. If set to \"Local\", the proxy will assume that pods only want to talk to endpoints of the service on the same node as the pod, dropping the traffic if there are no local endpoints. The default value, \"Cluster\", uses the standard behavior of routing to all endpoints evenly (possibly modified by topology and other features).", + "type": "string" + }, + "ipFamilies": { + "description": "IPFamilies is a list of IP families (e.g. IPv4, IPv6) assigned to this service. This field is usually assigned automatically based on cluster configuration and the ipFamilyPolicy field. If this field is specified manually, the requested family is available in the cluster, and ipFamilyPolicy allows it, it will be used; otherwise creation of the service will fail. This field is conditionally mutable: it allows for adding or removing a secondary IP family, but it does not allow changing the primary IP family of the Service. Valid values are \"IPv4\" and \"IPv6\". This field only applies to Services of types ClusterIP, NodePort, and LoadBalancer, and does apply to \"headless\" services. This field will be wiped when updating a Service to type ExternalName. \n This field may hold a maximum of two entries (dual-stack families, in either order). These families must correspond to the values of the clusterIPs field, if specified. Both clusterIPs and ipFamilies are governed by the ipFamilyPolicy field.", + "items": { + "description": "IPFamily represents the IP Family (IPv4 or IPv6). This type is used to express the family of an IP expressed by a type (e.g. service.spec.ipFamilies).", + "type": "string" + }, + "type": "array", + "x-kubernetes-list-type": "atomic" + }, + "ipFamilyPolicy": { + "description": "IPFamilyPolicy represents the dual-stack-ness requested or required by this Service. If there is no value provided, then this field will be set to SingleStack. Services can be \"SingleStack\" (a single IP family), \"PreferDualStack\" (two IP families on dual-stack configured clusters or a single IP family on single-stack clusters), or \"RequireDualStack\" (two IP families on dual-stack configured clusters, otherwise fail). The ipFamilies and clusterIPs fields depend on the value of this field. This field will be wiped when updating a service to type ExternalName.", + "type": "string" + }, + "loadBalancerClass": { + "description": "loadBalancerClass is the class of the load balancer implementation this Service belongs to. If specified, the value of this field must be a label-style identifier, with an optional prefix, e.g. \"internal-vip\" or \"example.com/internal-vip\". Unprefixed names are reserved for end-users. This field can only be set when the Service type is 'LoadBalancer'. If not set, the default load balancer implementation is used, today this is typically done through the cloud provider integration, but should apply for any default implementation. If set, it is assumed that a load balancer implementation is watching for Services with a matching class. Any default load balancer implementation (e.g. cloud providers) should ignore Services that set this field. This field can only be set when creating or updating a Service to type 'LoadBalancer'. Once set, it can not be changed. This field will be wiped when a service is updated to a non 'LoadBalancer' type.", + "type": "string" + }, + "loadBalancerIP": { + "description": "Only applies to Service Type: LoadBalancer. This feature depends on whether the underlying cloud-provider supports specifying the loadBalancerIP when a load balancer is created. This field will be ignored if the cloud-provider does not support the feature. Deprecated: This field was under-specified and its meaning varies across implementations, and it cannot support dual-stack. As of Kubernetes v1.24, users are encouraged to use implementation-specific annotations when available. This field may be removed in a future API version.", + "type": "string" + }, + "loadBalancerSourceRanges": { + "description": "If specified and supported by the platform, this will restrict traffic through the cloud-provider load-balancer will be restricted to the specified client IPs. This field will be ignored if the cloud-provider does not support the feature.\" More info: https://kubernetes.io/docs/tasks/access-application-cluster/create-external-load-balancer/", + "items": { + "type": "string" + }, + "type": "array" + }, + "ports": { + "description": "The list of ports that are exposed by this service. More info: https://kubernetes.io/docs/concepts/services-networking/service/#virtual-ips-and-service-proxies", + "items": { + "description": "ServicePort contains information on service's port.", + "properties": { + "appProtocol": { + "description": "The application protocol for this port. This field follows standard Kubernetes label syntax. Un-prefixed names are reserved for IANA standard service names (as per RFC-6335 and https://www.iana.org/assignments/service-names). Non-standard protocols should use prefixed names such as mycompany.com/my-custom-protocol.", + "type": "string" + }, + "name": { + "description": "The name of this port within the service. This must be a DNS_LABEL. All ports within a ServiceSpec must have unique names. When considering the endpoints for a Service, this must match the 'name' field in the EndpointPort. Optional if only one ServicePort is defined on this service.", + "type": "string" + }, + "nodePort": { + "description": "The port on each node on which this service is exposed when type is NodePort or LoadBalancer. Usually assigned by the system. If a value is specified, in-range, and not in use it will be used, otherwise the operation will fail. If not specified, a port will be allocated if this Service requires one. If this field is specified when creating a Service which does not need it, creation will fail. This field will be wiped when updating a Service to no longer need it (e.g. changing type from NodePort to ClusterIP). More info: https://kubernetes.io/docs/concepts/services-networking/service/#type-nodeport", + "format": "int32", + "type": "integer" + }, + "port": { + "description": "The port that will be exposed by this service.", + "format": "int32", + "type": "integer" + }, + "protocol": { + "default": "TCP", + "description": "The IP protocol for this port. Supports \"TCP\", \"UDP\", and \"SCTP\". Default is TCP.", + "type": "string" + }, + "targetPort": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "description": "Number or name of the port to access on the pods targeted by the service. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. If this is a string, it will be looked up as a named port in the target Pod's container ports. If this is not specified, the value of the 'port' field is used (an identity map). This field is ignored for services with clusterIP=None, and should be omitted or set equal to the 'port' field. More info: https://kubernetes.io/docs/concepts/services-networking/service/#defining-a-service", + "x-kubernetes-int-or-string": true + } + }, + "required": [ + "port" + ], + "type": "object" + }, + "type": "array", + "x-kubernetes-list-map-keys": [ + "port", + "protocol" + ], + "x-kubernetes-list-type": "map" + }, + "publishNotReadyAddresses": { + "description": "publishNotReadyAddresses indicates that any agent which deals with endpoints for this Service should disregard any indications of ready/not-ready. The primary use case for setting this field is for a StatefulSet's Headless Service to propagate SRV DNS records for its Pods for the purpose of peer discovery. The Kubernetes controllers that generate Endpoints and EndpointSlice resources for Services interpret this to mean that all endpoints are considered \"ready\" even if the Pods themselves are not. Agents which consume only Kubernetes generated endpoints through the Endpoints or EndpointSlice resources can safely assume this behavior.", + "type": "boolean" + }, + "selector": { + "additionalProperties": { + "type": "string" + }, + "description": "Route service traffic to pods with label keys and values matching this selector. If empty or not present, the service is assumed to have an external process managing its endpoints, which Kubernetes will not modify. Only applies to types ClusterIP, NodePort, and LoadBalancer. Ignored if type is ExternalName. More info: https://kubernetes.io/docs/concepts/services-networking/service/", + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "sessionAffinity": { + "description": "Supports \"ClientIP\" and \"None\". Used to maintain session affinity. Enable client IP based session affinity. Must be ClientIP or None. Defaults to None. More info: https://kubernetes.io/docs/concepts/services-networking/service/#virtual-ips-and-service-proxies", + "type": "string" + }, + "sessionAffinityConfig": { + "description": "sessionAffinityConfig contains the configurations of session affinity.", + "properties": { + "clientIP": { + "description": "clientIP contains the configurations of Client IP based session affinity.", + "properties": { + "timeoutSeconds": { + "description": "timeoutSeconds specifies the seconds of ClientIP type session sticky time. The value must be >0 && <=86400(for 1 day) if ServiceAffinity == \"ClientIP\". Default value is 10800(for 3 hours).", + "format": "int32", + "type": "integer" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "type": { + "description": "type determines how the Service is exposed. Defaults to ClusterIP. Valid options are ExternalName, ClusterIP, NodePort, and LoadBalancer. \"ClusterIP\" allocates a cluster-internal IP address for load-balancing to endpoints. Endpoints are determined by the selector or if that is not specified, by manual construction of an Endpoints object or EndpointSlice objects. If clusterIP is \"None\", no virtual IP is allocated and the endpoints are published as a set of endpoints rather than a virtual IP. \"NodePort\" builds on ClusterIP and allocates a port on every node which routes to the same endpoints as the clusterIP. \"LoadBalancer\" builds on NodePort and creates an external load-balancer (if supported in the current cloud) which routes to the same endpoints as the clusterIP. \"ExternalName\" aliases this service to the specified externalName. Several other fields do not apply to ExternalName services. More info: https://kubernetes.io/docs/concepts/services-networking/service/#publishing-services-service-types", + "type": "string" + } + }, + "type": "object" + }, + "status": { + "description": "Most recently observed status of the service. Populated by the system. Read-only. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status", + "properties": { + "conditions": { + "description": "Current service state", + "items": { + "description": "Condition contains details for one aspect of the current state of this API Resource. --- This struct is intended for direct use as an array at the field path .status.conditions. For example, \n type FooStatus struct{ // Represents the observations of a foo's current state. // Known .status.conditions.type are: \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge // +listType=map // +listMapKey=type Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }", + "properties": { + "lastTransitionTime": { + "description": "lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable.", + "format": "date-time", + "type": "string" + }, + "message": { + "description": "message is a human readable message indicating details about the transition. This may be an empty string.", + "maxLength": 32768, + "type": "string" + }, + "observedGeneration": { + "description": "observedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance.", + "format": "int64", + "minimum": 0, + "type": "integer" + }, + "reason": { + "description": "reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty.", + "maxLength": 1024, + "minLength": 1, + "pattern": "^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$", + "type": "string" + }, + "status": { + "description": "status of the condition, one of True, False, Unknown.", + "enum": [ + "True", + "False", + "Unknown" + ], + "type": "string" + }, + "type": { + "description": "type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)", + "maxLength": 316, + "pattern": "^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$", + "type": "string" + } + }, + "required": [ + "lastTransitionTime", + "message", + "reason", + "status", + "type" + ], + "type": "object" + }, + "type": "array", + "x-kubernetes-list-map-keys": [ + "type" + ], + "x-kubernetes-list-type": "map" + }, + "loadBalancer": { + "description": "LoadBalancer contains the current status of the load-balancer, if one is present.", + "properties": { + "ingress": { + "description": "Ingress is a list containing ingress points for the load-balancer. Traffic intended for the service should be sent to these ingress points.", + "items": { + "description": "LoadBalancerIngress represents the status of a load-balancer ingress point: traffic intended for the service should be sent to an ingress point.", + "properties": { + "hostname": { + "description": "Hostname is set for load-balancer ingress points that are DNS based (typically AWS load-balancers)", + "type": "string" + }, + "ip": { + "description": "IP is set for load-balancer ingress points that are IP based (typically GCE or OpenStack load-balancers)", + "type": "string" + }, + "ports": { + "description": "Ports is a list of records of service ports If used, every port defined in the service should have an entry in it", + "items": { + "properties": { + "error": { + "description": "Error is to record the problem with the service port The format of the error shall comply with the following rules: - built-in error values shall be specified in this file and those shall use CamelCase names - cloud provider specific error values must have names that comply with the format foo.example.com/CamelCase. --- The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)", + "maxLength": 316, + "pattern": "^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$", + "type": "string" + }, + "port": { + "description": "Port is the port number of the service port of which status is recorded here", + "format": "int32", + "type": "integer" + }, + "protocol": { + "default": "TCP", + "description": "Protocol is the protocol of the service port of which status is recorded here The supported values are: \"TCP\", \"UDP\", \"SCTP\"", + "type": "string" + } + }, + "required": [ + "port", + "protocol" + ], + "type": "object" + }, + "type": "array", + "x-kubernetes-list-type": "atomic" + } + }, + "type": "object" + }, + "type": "array" + } + }, + "type": "object" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "type": "array" + }, + "startScript": { + "default": "/druid.sh", + "description": "StartScript Path to Druid's start script to be run on start.", + "type": "string" + }, + "startUpProbe": { + "description": "StartUpProbe", + "properties": { + "exec": { + "description": "Exec specifies the action to take.", + "properties": { + "command": { + "description": "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + }, + "failureThreshold": { + "description": "Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.", + "format": "int32", + "type": "integer" + }, + "grpc": { + "description": "GRPC specifies an action involving a GRPC port.", + "properties": { + "port": { + "description": "Port number of the gRPC service. Number must be in the range 1 to 65535.", + "format": "int32", + "type": "integer" + }, + "service": { + "description": "Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). \n If this is not specified, the default behavior is defined by gRPC.", + "type": "string" + } + }, + "required": [ + "port" + ], + "type": "object" + }, + "httpGet": { + "description": "HTTPGet specifies the http request to perform.", + "properties": { + "host": { + "description": "Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead.", + "type": "string" + }, + "httpHeaders": { + "description": "Custom headers to set in the request. HTTP allows repeated headers.", + "items": { + "description": "HTTPHeader describes a custom header to be used in HTTP probes", + "properties": { + "name": { + "description": "The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.", + "type": "string" + }, + "value": { + "description": "The header field value", + "type": "string" + } + }, + "required": [ + "name", + "value" + ], + "type": "object" + }, + "type": "array" + }, + "path": { + "description": "Path to access on the HTTP server.", + "type": "string" + }, + "port": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "description": "Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.", + "x-kubernetes-int-or-string": true + }, + "scheme": { + "description": "Scheme to use for connecting to the host. Defaults to HTTP.", + "type": "string" + } + }, + "required": [ + "port" + ], + "type": "object" + }, + "initialDelaySeconds": { + "description": "Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes", + "format": "int32", + "type": "integer" + }, + "periodSeconds": { + "description": "How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1.", + "format": "int32", + "type": "integer" + }, + "successThreshold": { + "description": "Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1.", + "format": "int32", + "type": "integer" + }, + "tcpSocket": { + "description": "TCPSocket specifies an action involving a TCP port.", + "properties": { + "host": { + "description": "Optional: Host name to connect to, defaults to the pod IP.", + "type": "string" + }, + "port": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "description": "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.", + "x-kubernetes-int-or-string": true + } + }, + "required": [ + "port" + ], + "type": "object" + }, + "terminationGracePeriodSeconds": { + "description": "Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset.", + "format": "int64", + "type": "integer" + }, + "timeoutSeconds": { + "description": "Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes", + "format": "int32", + "type": "integer" + } + }, + "type": "object" + }, + "tolerations": { + "description": "Tolerations Kubernetes native `tolerations` specification.", + "items": { + "description": "The pod this Toleration is attached to tolerates any taint that matches the triple using the matching operator .", + "properties": { + "effect": { + "description": "Effect indicates the taint effect to match. Empty means match all taint effects. When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute.", + "type": "string" + }, + "key": { + "description": "Key is the taint key that the toleration applies to. Empty means match all taint keys. If the key is empty, operator must be Exists; this combination means to match all values and all keys.", + "type": "string" + }, + "operator": { + "description": "Operator represents a key's relationship to the value. Valid operators are Exists and Equal. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category.", + "type": "string" + }, + "tolerationSeconds": { + "description": "TolerationSeconds represents the period of time the toleration (which must be of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, it is not set, which means tolerate the taint forever (do not evict). Zero and negative values will be treated as 0 (evict immediately) by the system.", + "format": "int64", + "type": "integer" + }, + "value": { + "description": "Value is the taint value the toleration matches to. If the operator is Exists, the value should be empty, otherwise just a regular string.", + "type": "string" + } + }, + "type": "object" + }, + "type": "array" + }, + "updateStrategy": { + "description": "UpdateStrategy", + "properties": { + "rollingUpdate": { + "description": "RollingUpdate is used to communicate parameters when Type is RollingUpdateStatefulSetStrategyType.", + "properties": { + "maxUnavailable": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "description": "The maximum number of pods that can be unavailable during the update. Value can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%). Absolute number is calculated from percentage by rounding up. This can not be 0. Defaults to 1. This field is alpha-level and is only honored by servers that enable the MaxUnavailableStatefulSet feature. The field applies to all pods in the range 0 to Replicas-1. That means if there is any unavailable pod in the range 0 to Replicas-1, it will be counted towards MaxUnavailable.", + "x-kubernetes-int-or-string": true + }, + "partition": { + "description": "Partition indicates the ordinal at which the StatefulSet should be partitioned for updates. During a rolling update, all pods from ordinal Replicas-1 to Partition are updated. All pods from ordinal Partition-1 to 0 remain untouched. This is helpful in being able to do a canary based deployment. The default value is 0.", + "format": "int32", + "type": "integer" + } + }, + "type": "object" + }, + "type": { + "description": "Type indicates the type of the StatefulSetUpdateStrategy. Default is RollingUpdate.", + "type": "string" + } + }, + "type": "object" + }, + "volumeClaimTemplates": { + "description": "VolumeClaimTemplates Kubernetes Native `VolumeClaimTemplate` specification.", + "items": { + "description": "PersistentVolumeClaim is a user's request for and claim to a persistent volume", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", + "type": "string" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "description": "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata", + "properties": { + "annotations": { + "additionalProperties": { + "type": "string" + }, + "type": "object" + }, + "finalizers": { + "items": { + "type": "string" + }, + "type": "array" + }, + "labels": { + "additionalProperties": { + "type": "string" + }, + "type": "object" + }, + "name": { + "type": "string" + }, + "namespace": { + "type": "string" + } + }, + "type": "object" + }, + "spec": { + "description": "spec defines the desired characteristics of a volume requested by a pod author. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims", + "properties": { + "accessModes": { + "description": "accessModes contains the desired access modes the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1", + "items": { + "type": "string" + }, + "type": "array" + }, + "dataSource": { + "description": "dataSource field can be used to specify either: * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) * An existing PVC (PersistentVolumeClaim) If the provisioner or an external controller can support the specified data source, it will create a new volume based on the contents of the specified data source. When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. If the namespace is specified, then dataSourceRef will not be copied to dataSource.", + "properties": { + "apiGroup": { + "description": "APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required.", + "type": "string" + }, + "kind": { + "description": "Kind is the type of resource being referenced", + "type": "string" + }, + "name": { + "description": "Name is the name of resource being referenced", + "type": "string" + } + }, + "required": [ + "kind", + "name" + ], + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "dataSourceRef": { + "description": "dataSourceRef specifies the object from which to populate the volume with data, if a non-empty volume is desired. This may be any object from a non-empty API group (non core object) or a PersistentVolumeClaim object. When this field is specified, volume binding will only succeed if the type of the specified object matches some installed volume populator or dynamic provisioner. This field will replace the functionality of the dataSource field and as such if both fields are non-empty, they must have the same value. For backwards compatibility, when namespace isn't specified in dataSourceRef, both fields (dataSource and dataSourceRef) will be set to the same value automatically if one of them is empty and the other is non-empty. When namespace is specified in dataSourceRef, dataSource isn't set to the same value and must be empty. There are three important differences between dataSource and dataSourceRef: * While dataSource only allows two specific types of objects, dataSourceRef allows any non-core object, as well as PersistentVolumeClaim objects. * While dataSource ignores disallowed values (dropping them), dataSourceRef preserves all values, and generates an error if a disallowed value is specified. * While dataSource only allows local objects, dataSourceRef allows objects in any namespaces. (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled.", + "properties": { + "apiGroup": { + "description": "APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required.", + "type": "string" + }, + "kind": { + "description": "Kind is the type of resource being referenced", + "type": "string" + }, + "name": { + "description": "Name is the name of resource being referenced", + "type": "string" + }, + "namespace": { + "description": "Namespace is the namespace of resource being referenced Note that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details. (Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled.", + "type": "string" + } + }, + "required": [ + "kind", + "name" + ], + "type": "object" + }, + "resources": { + "description": "resources represents the minimum resources the volume should have. If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements that are lower than previous value but must still be higher than capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources", + "properties": { + "claims": { + "description": "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers.", + "items": { + "description": "ResourceClaim references one entry in PodSpec.ResourceClaims.", + "properties": { + "name": { + "description": "Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container.", + "type": "string" + } + }, + "required": [ + "name" + ], + "type": "object" + }, + "type": "array", + "x-kubernetes-list-map-keys": [ + "name" + ], + "x-kubernetes-list-type": "map" + }, + "limits": { + "additionalProperties": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "description": "Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/", + "type": "object" + }, + "requests": { + "additionalProperties": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "description": "Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/", + "type": "object" + } + }, + "type": "object" + }, + "selector": { + "description": "selector is a label query over volumes to consider for binding.", + "properties": { + "matchExpressions": { + "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", + "items": { + "description": "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.", + "properties": { + "key": { + "description": "key is the label key that the selector applies to.", + "type": "string" + }, + "operator": { + "description": "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.", + "type": "string" + }, + "values": { + "description": "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array" + }, + "matchLabels": { + "additionalProperties": { + "type": "string" + }, + "description": "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", + "type": "object" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "storageClassName": { + "description": "storageClassName is the name of the StorageClass required by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1", + "type": "string" + }, + "volumeMode": { + "description": "volumeMode defines what type of volume is required by the claim. Value of Filesystem is implied when not included in claim spec.", + "type": "string" + }, + "volumeName": { + "description": "volumeName is the binding reference to the PersistentVolume backing this claim.", + "type": "string" + } + }, + "type": "object" + }, + "status": { + "description": "status represents the current information/status of a persistent volume claim. Read-only. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims", + "properties": { + "accessModes": { + "description": "accessModes contains the actual access modes the volume backing the PVC has. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1", + "items": { + "type": "string" + }, + "type": "array" + }, + "allocatedResources": { + "additionalProperties": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "description": "allocatedResources is the storage resource within AllocatedResources tracks the capacity allocated to a PVC. It may be larger than the actual capacity when a volume expansion operation is requested. For storage quota, the larger value from allocatedResources and PVC.spec.resources is used. If allocatedResources is not set, PVC.spec.resources alone is used for quota calculation. If a volume expansion capacity request is lowered, allocatedResources is only lowered if there are no expansion operations in progress and if the actual volume capacity is equal or lower than the requested capacity. This is an alpha field and requires enabling RecoverVolumeExpansionFailure feature.", + "type": "object" + }, + "capacity": { + "additionalProperties": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "description": "capacity represents the actual resources of the underlying volume.", + "type": "object" + }, + "conditions": { + "description": "conditions is the current Condition of persistent volume claim. If underlying persistent volume is being resized then the Condition will be set to 'ResizeStarted'.", + "items": { + "description": "PersistentVolumeClaimCondition contains details about state of pvc", + "properties": { + "lastProbeTime": { + "description": "lastProbeTime is the time we probed the condition.", + "format": "date-time", + "type": "string" + }, + "lastTransitionTime": { + "description": "lastTransitionTime is the time the condition transitioned from one status to another.", + "format": "date-time", + "type": "string" + }, + "message": { + "description": "message is the human-readable message indicating details about last transition.", + "type": "string" + }, + "reason": { + "description": "reason is a unique, this should be a short, machine understandable string that gives the reason for condition's last transition. If it reports \"ResizeStarted\" that means the underlying persistent volume is being resized.", + "type": "string" + }, + "status": { + "type": "string" + }, + "type": { + "description": "PersistentVolumeClaimConditionType is a valid value of PersistentVolumeClaimCondition.Type", + "type": "string" + } + }, + "required": [ + "status", + "type" + ], + "type": "object" + }, + "type": "array" + }, + "phase": { + "description": "phase represents the current phase of PersistentVolumeClaim.", + "type": "string" + }, + "resizeStatus": { + "description": "resizeStatus stores status of resize operation. ResizeStatus is not set by default but when expansion is complete resizeStatus is set to empty string by resize controller or kubelet. This is an alpha field and requires enabling RecoverVolumeExpansionFailure feature.", + "type": "string" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "type": "array" + }, + "volumeMounts": { + "description": "VolumeMounts Kubernetes Native `VolumeMount` specification.", + "items": { + "description": "VolumeMount describes a mounting of a Volume within a container.", + "properties": { + "mountPath": { + "description": "Path within the container at which the volume should be mounted. Must not contain ':'.", + "type": "string" + }, + "mountPropagation": { + "description": "mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationNone is used. This field is beta in 1.10.", + "type": "string" + }, + "name": { + "description": "This must match the Name of a Volume.", + "type": "string" + }, + "readOnly": { + "description": "Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false.", + "type": "boolean" + }, + "subPath": { + "description": "Path within the volume from which the container's volume should be mounted. Defaults to \"\" (volume's root).", + "type": "string" + }, + "subPathExpr": { + "description": "Expanded path within the volume from which the container's volume should be mounted. Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. Defaults to \"\" (volume's root). SubPathExpr and SubPath are mutually exclusive.", + "type": "string" + } + }, + "required": [ + "mountPath", + "name" + ], + "type": "object" + }, + "type": "array" + }, + "volumes": { + "description": "Volumes Kubernetes Native `Volumes` specification.", + "items": { + "description": "Volume represents a named volume in a pod that may be accessed by any container in the pod.", + "properties": { + "awsElasticBlockStore": { + "description": "awsElasticBlockStore represents an AWS Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore", + "properties": { + "fsType": { + "description": "fsType is the filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore TODO: how do we prevent errors in the filesystem from compromising the machine", + "type": "string" + }, + "partition": { + "description": "partition is the partition in the volume that you want to mount. If omitted, the default is to mount by volume name. Examples: For volume /dev/sda1, you specify the partition as \"1\". Similarly, the volume partition for /dev/sda is \"0\" (or you can leave the property empty).", + "format": "int32", + "type": "integer" + }, + "readOnly": { + "description": "readOnly value true will force the readOnly setting in VolumeMounts. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore", + "type": "boolean" + }, + "volumeID": { + "description": "volumeID is unique ID of the persistent disk resource in AWS (Amazon EBS volume). More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore", + "type": "string" + } + }, + "required": [ + "volumeID" + ], + "type": "object" + }, + "azureDisk": { + "description": "azureDisk represents an Azure Data Disk mount on the host and bind mount to the pod.", + "properties": { + "cachingMode": { + "description": "cachingMode is the Host Caching mode: None, Read Only, Read Write.", + "type": "string" + }, + "diskName": { + "description": "diskName is the Name of the data disk in the blob storage", + "type": "string" + }, + "diskURI": { + "description": "diskURI is the URI of data disk in the blob storage", + "type": "string" + }, + "fsType": { + "description": "fsType is Filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.", + "type": "string" + }, + "kind": { + "description": "kind expected values are Shared: multiple blob disks per storage account Dedicated: single blob disk per storage account Managed: azure managed data disk (only in managed availability set). defaults to shared", + "type": "string" + }, + "readOnly": { + "description": "readOnly Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts.", + "type": "boolean" + } + }, + "required": [ + "diskName", + "diskURI" + ], + "type": "object" + }, + "azureFile": { + "description": "azureFile represents an Azure File Service mount on the host and bind mount to the pod.", + "properties": { + "readOnly": { + "description": "readOnly defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts.", + "type": "boolean" + }, + "secretName": { + "description": "secretName is the name of secret that contains Azure Storage Account Name and Key", + "type": "string" + }, + "shareName": { + "description": "shareName is the azure share Name", + "type": "string" + } + }, + "required": [ + "secretName", + "shareName" + ], + "type": "object" + }, + "cephfs": { + "description": "cephFS represents a Ceph FS mount on the host that shares a pod's lifetime", + "properties": { + "monitors": { + "description": "monitors is Required: Monitors is a collection of Ceph monitors More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it", + "items": { + "type": "string" + }, + "type": "array" + }, + "path": { + "description": "path is Optional: Used as the mounted root, rather than the full Ceph tree, default is /", + "type": "string" + }, + "readOnly": { + "description": "readOnly is Optional: Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it", + "type": "boolean" + }, + "secretFile": { + "description": "secretFile is Optional: SecretFile is the path to key ring for User, default is /etc/ceph/user.secret More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it", + "type": "string" + }, + "secretRef": { + "description": "secretRef is Optional: SecretRef is reference to the authentication secret for User, default is empty. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it", + "properties": { + "name": { + "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?", + "type": "string" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "user": { + "description": "user is optional: User is the rados user name, default is admin More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it", + "type": "string" + } + }, + "required": [ + "monitors" + ], + "type": "object" + }, + "cinder": { + "description": "cinder represents a cinder volume attached and mounted on kubelets host machine. More info: https://examples.k8s.io/mysql-cinder-pd/README.md", + "properties": { + "fsType": { + "description": "fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Examples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified. More info: https://examples.k8s.io/mysql-cinder-pd/README.md", + "type": "string" + }, + "readOnly": { + "description": "readOnly defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts. More info: https://examples.k8s.io/mysql-cinder-pd/README.md", + "type": "boolean" + }, + "secretRef": { + "description": "secretRef is optional: points to a secret object containing parameters used to connect to OpenStack.", + "properties": { + "name": { + "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?", + "type": "string" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "volumeID": { + "description": "volumeID used to identify the volume in cinder. More info: https://examples.k8s.io/mysql-cinder-pd/README.md", + "type": "string" + } + }, + "required": [ + "volumeID" + ], + "type": "object" + }, + "configMap": { + "description": "configMap represents a configMap that should populate this volume", + "properties": { + "defaultMode": { + "description": "defaultMode is optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.", + "format": "int32", + "type": "integer" + }, + "items": { + "description": "items if unspecified, each key-value pair in the Data field of the referenced ConfigMap will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the ConfigMap, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'.", + "items": { + "description": "Maps a string key to a path within a volume.", + "properties": { + "key": { + "description": "key is the key to project.", + "type": "string" + }, + "mode": { + "description": "mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.", + "format": "int32", + "type": "integer" + }, + "path": { + "description": "path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'.", + "type": "string" + } + }, + "required": [ + "key", + "path" + ], + "type": "object" + }, + "type": "array" + }, + "name": { + "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?", + "type": "string" + }, + "optional": { + "description": "optional specify whether the ConfigMap or its keys must be defined", + "type": "boolean" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "csi": { + "description": "csi (Container Storage Interface) represents ephemeral storage that is handled by certain external CSI drivers (Beta feature).", + "properties": { + "driver": { + "description": "driver is the name of the CSI driver that handles this volume. Consult with your admin for the correct name as registered in the cluster.", + "type": "string" + }, + "fsType": { + "description": "fsType to mount. Ex. \"ext4\", \"xfs\", \"ntfs\". If not provided, the empty value is passed to the associated CSI driver which will determine the default filesystem to apply.", + "type": "string" + }, + "nodePublishSecretRef": { + "description": "nodePublishSecretRef is a reference to the secret object containing sensitive information to pass to the CSI driver to complete the CSI NodePublishVolume and NodeUnpublishVolume calls. This field is optional, and may be empty if no secret is required. If the secret object contains more than one secret, all secret references are passed.", + "properties": { + "name": { + "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?", + "type": "string" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "readOnly": { + "description": "readOnly specifies a read-only configuration for the volume. Defaults to false (read/write).", + "type": "boolean" + }, + "volumeAttributes": { + "additionalProperties": { + "type": "string" + }, + "description": "volumeAttributes stores driver-specific properties that are passed to the CSI driver. Consult your driver's documentation for supported values.", + "type": "object" + } + }, + "required": [ + "driver" + ], + "type": "object" + }, + "downwardAPI": { + "description": "downwardAPI represents downward API about the pod that should populate this volume", + "properties": { + "defaultMode": { + "description": "Optional: mode bits to use on created files by default. Must be a Optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.", + "format": "int32", + "type": "integer" + }, + "items": { + "description": "Items is a list of downward API volume file", + "items": { + "description": "DownwardAPIVolumeFile represents information to create the file containing the pod field", + "properties": { + "fieldRef": { + "description": "Required: Selects a field of the pod: only annotations, labels, name and namespace are supported.", + "properties": { + "apiVersion": { + "description": "Version of the schema the FieldPath is written in terms of, defaults to \"v1\".", + "type": "string" + }, + "fieldPath": { + "description": "Path of the field to select in the specified API version.", + "type": "string" + } + }, + "required": [ + "fieldPath" + ], + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "mode": { + "description": "Optional: mode bits used to set permissions on this file, must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.", + "format": "int32", + "type": "integer" + }, + "path": { + "description": "Required: Path is the relative path name of the file to be created. Must not be absolute or contain the '..' path. Must be utf-8 encoded. The first item of the relative path must not start with '..'", + "type": "string" + }, + "resourceFieldRef": { + "description": "Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported.", + "properties": { + "containerName": { + "description": "Container name: required for volumes, optional for env vars", + "type": "string" + }, + "divisor": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "description": "Specifies the output format of the exposed resources, defaults to \"1\"", + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "resource": { + "description": "Required: resource to select", + "type": "string" + } + }, + "required": [ + "resource" + ], + "type": "object", + "x-kubernetes-map-type": "atomic" + } + }, + "required": [ + "path" + ], + "type": "object" + }, + "type": "array" + } + }, + "type": "object" + }, + "emptyDir": { + "description": "emptyDir represents a temporary directory that shares a pod's lifetime. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir", + "properties": { + "medium": { + "description": "medium represents what type of storage medium should back this directory. The default is \"\" which means to use the node's default medium. Must be an empty string (default) or Memory. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir", + "type": "string" + }, + "sizeLimit": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "description": "sizeLimit is the total amount of local storage required for this EmptyDir volume. The size limit is also applicable for memory medium. The maximum usage on memory medium EmptyDir would be the minimum value between the SizeLimit specified here and the sum of memory limits of all containers in a pod. The default is nil which means that the limit is undefined. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir", + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + } + }, + "type": "object" + }, + "ephemeral": { + "description": "ephemeral represents a volume that is handled by a cluster storage driver. The volume's lifecycle is tied to the pod that defines it - it will be created before the pod starts, and deleted when the pod is removed. \n Use this if: a) the volume is only needed while the pod runs, b) features of normal volumes like restoring from snapshot or capacity tracking are needed, c) the storage driver is specified through a storage class, and d) the storage driver supports dynamic volume provisioning through a PersistentVolumeClaim (see EphemeralVolumeSource for more information on the connection between this volume type and PersistentVolumeClaim). \n Use PersistentVolumeClaim or one of the vendor-specific APIs for volumes that persist for longer than the lifecycle of an individual pod. \n Use CSI for light-weight local ephemeral volumes if the CSI driver is meant to be used that way - see the documentation of the driver for more information. \n A pod can use both types of ephemeral volumes and persistent volumes at the same time.", + "properties": { + "volumeClaimTemplate": { + "description": "Will be used to create a stand-alone PVC to provision the volume. The pod in which this EphemeralVolumeSource is embedded will be the owner of the PVC, i.e. the PVC will be deleted together with the pod. The name of the PVC will be `-` where `` is the name from the `PodSpec.Volumes` array entry. Pod validation will reject the pod if the concatenated name is not valid for a PVC (for example, too long). \n An existing PVC with that name that is not owned by the pod will *not* be used for the pod to avoid using an unrelated volume by mistake. Starting the pod is then blocked until the unrelated PVC is removed. If such a pre-created PVC is meant to be used by the pod, the PVC has to updated with an owner reference to the pod once the pod exists. Normally this should not be necessary, but it may be useful when manually reconstructing a broken cluster. \n This field is read-only and no changes will be made by Kubernetes to the PVC after it has been created. \n Required, must not be nil.", + "properties": { + "metadata": { + "description": "May contain labels and annotations that will be copied into the PVC when creating it. No other fields are allowed and will be rejected during validation.", + "properties": { + "annotations": { + "additionalProperties": { + "type": "string" + }, + "type": "object" + }, + "finalizers": { + "items": { + "type": "string" + }, + "type": "array" + }, + "labels": { + "additionalProperties": { + "type": "string" + }, + "type": "object" + }, + "name": { + "type": "string" + }, + "namespace": { + "type": "string" + } + }, + "type": "object" + }, + "spec": { + "description": "The specification for the PersistentVolumeClaim. The entire content is copied unchanged into the PVC that gets created from this template. The same fields as in a PersistentVolumeClaim are also valid here.", + "properties": { + "accessModes": { + "description": "accessModes contains the desired access modes the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1", + "items": { + "type": "string" + }, + "type": "array" + }, + "dataSource": { + "description": "dataSource field can be used to specify either: * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) * An existing PVC (PersistentVolumeClaim) If the provisioner or an external controller can support the specified data source, it will create a new volume based on the contents of the specified data source. When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. If the namespace is specified, then dataSourceRef will not be copied to dataSource.", + "properties": { + "apiGroup": { + "description": "APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required.", + "type": "string" + }, + "kind": { + "description": "Kind is the type of resource being referenced", + "type": "string" + }, + "name": { + "description": "Name is the name of resource being referenced", + "type": "string" + } + }, + "required": [ + "kind", + "name" + ], + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "dataSourceRef": { + "description": "dataSourceRef specifies the object from which to populate the volume with data, if a non-empty volume is desired. This may be any object from a non-empty API group (non core object) or a PersistentVolumeClaim object. When this field is specified, volume binding will only succeed if the type of the specified object matches some installed volume populator or dynamic provisioner. This field will replace the functionality of the dataSource field and as such if both fields are non-empty, they must have the same value. For backwards compatibility, when namespace isn't specified in dataSourceRef, both fields (dataSource and dataSourceRef) will be set to the same value automatically if one of them is empty and the other is non-empty. When namespace is specified in dataSourceRef, dataSource isn't set to the same value and must be empty. There are three important differences between dataSource and dataSourceRef: * While dataSource only allows two specific types of objects, dataSourceRef allows any non-core object, as well as PersistentVolumeClaim objects. * While dataSource ignores disallowed values (dropping them), dataSourceRef preserves all values, and generates an error if a disallowed value is specified. * While dataSource only allows local objects, dataSourceRef allows objects in any namespaces. (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled.", + "properties": { + "apiGroup": { + "description": "APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required.", + "type": "string" + }, + "kind": { + "description": "Kind is the type of resource being referenced", + "type": "string" + }, + "name": { + "description": "Name is the name of resource being referenced", + "type": "string" + }, + "namespace": { + "description": "Namespace is the namespace of resource being referenced Note that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details. (Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled.", + "type": "string" + } + }, + "required": [ + "kind", + "name" + ], + "type": "object" + }, + "resources": { + "description": "resources represents the minimum resources the volume should have. If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements that are lower than previous value but must still be higher than capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources", + "properties": { + "claims": { + "description": "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers.", + "items": { + "description": "ResourceClaim references one entry in PodSpec.ResourceClaims.", + "properties": { + "name": { + "description": "Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container.", + "type": "string" + } + }, + "required": [ + "name" + ], + "type": "object" + }, + "type": "array", + "x-kubernetes-list-map-keys": [ + "name" + ], + "x-kubernetes-list-type": "map" + }, + "limits": { + "additionalProperties": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "description": "Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/", + "type": "object" + }, + "requests": { + "additionalProperties": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "description": "Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/", + "type": "object" + } + }, + "type": "object" + }, + "selector": { + "description": "selector is a label query over volumes to consider for binding.", + "properties": { + "matchExpressions": { + "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", + "items": { + "description": "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.", + "properties": { + "key": { + "description": "key is the label key that the selector applies to.", + "type": "string" + }, + "operator": { + "description": "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.", + "type": "string" + }, + "values": { + "description": "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array" + }, + "matchLabels": { + "additionalProperties": { + "type": "string" + }, + "description": "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", + "type": "object" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "storageClassName": { + "description": "storageClassName is the name of the StorageClass required by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1", + "type": "string" + }, + "volumeMode": { + "description": "volumeMode defines what type of volume is required by the claim. Value of Filesystem is implied when not included in claim spec.", + "type": "string" + }, + "volumeName": { + "description": "volumeName is the binding reference to the PersistentVolume backing this claim.", + "type": "string" + } + }, + "type": "object" + } + }, + "required": [ + "spec" + ], + "type": "object" + } + }, + "type": "object" + }, + "fc": { + "description": "fc represents a Fibre Channel resource that is attached to a kubelet's host machine and then exposed to the pod.", + "properties": { + "fsType": { + "description": "fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified. TODO: how do we prevent errors in the filesystem from compromising the machine", + "type": "string" + }, + "lun": { + "description": "lun is Optional: FC target lun number", + "format": "int32", + "type": "integer" + }, + "readOnly": { + "description": "readOnly is Optional: Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts.", + "type": "boolean" + }, + "targetWWNs": { + "description": "targetWWNs is Optional: FC target worldwide names (WWNs)", + "items": { + "type": "string" + }, + "type": "array" + }, + "wwids": { + "description": "wwids Optional: FC volume world wide identifiers (wwids) Either wwids or combination of targetWWNs and lun must be set, but not both simultaneously.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + }, + "flexVolume": { + "description": "flexVolume represents a generic volume resource that is provisioned/attached using an exec based plugin.", + "properties": { + "driver": { + "description": "driver is the name of the driver to use for this volume.", + "type": "string" + }, + "fsType": { + "description": "fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. \"ext4\", \"xfs\", \"ntfs\". The default filesystem depends on FlexVolume script.", + "type": "string" + }, + "options": { + "additionalProperties": { + "type": "string" + }, + "description": "options is Optional: this field holds extra command options if any.", + "type": "object" + }, + "readOnly": { + "description": "readOnly is Optional: defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts.", + "type": "boolean" + }, + "secretRef": { + "description": "secretRef is Optional: secretRef is reference to the secret object containing sensitive information to pass to the plugin scripts. This may be empty if no secret object is specified. If the secret object contains more than one secret, all secrets are passed to the plugin scripts.", + "properties": { + "name": { + "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?", + "type": "string" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + } + }, + "required": [ + "driver" + ], + "type": "object" + }, + "flocker": { + "description": "flocker represents a Flocker volume attached to a kubelet's host machine. This depends on the Flocker control service being running", + "properties": { + "datasetName": { + "description": "datasetName is Name of the dataset stored as metadata -> name on the dataset for Flocker should be considered as deprecated", + "type": "string" + }, + "datasetUUID": { + "description": "datasetUUID is the UUID of the dataset. This is unique identifier of a Flocker dataset", + "type": "string" + } + }, + "type": "object" + }, + "gcePersistentDisk": { + "description": "gcePersistentDisk represents a GCE Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk", + "properties": { + "fsType": { + "description": "fsType is filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk TODO: how do we prevent errors in the filesystem from compromising the machine", + "type": "string" + }, + "partition": { + "description": "partition is the partition in the volume that you want to mount. If omitted, the default is to mount by volume name. Examples: For volume /dev/sda1, you specify the partition as \"1\". Similarly, the volume partition for /dev/sda is \"0\" (or you can leave the property empty). More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk", + "format": "int32", + "type": "integer" + }, + "pdName": { + "description": "pdName is unique name of the PD resource in GCE. Used to identify the disk in GCE. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk", + "type": "string" + }, + "readOnly": { + "description": "readOnly here will force the ReadOnly setting in VolumeMounts. Defaults to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk", + "type": "boolean" + } + }, + "required": [ + "pdName" + ], + "type": "object" + }, + "gitRepo": { + "description": "gitRepo represents a git repository at a particular revision. DEPRECATED: GitRepo is deprecated. To provision a container with a git repo, mount an EmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir into the Pod's container.", + "properties": { + "directory": { + "description": "directory is the target directory name. Must not contain or start with '..'. If '.' is supplied, the volume directory will be the git repository. Otherwise, if specified, the volume will contain the git repository in the subdirectory with the given name.", + "type": "string" + }, + "repository": { + "description": "repository is the URL", + "type": "string" + }, + "revision": { + "description": "revision is the commit hash for the specified revision.", + "type": "string" + } + }, + "required": [ + "repository" + ], + "type": "object" + }, + "glusterfs": { + "description": "glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime. More info: https://examples.k8s.io/volumes/glusterfs/README.md", + "properties": { + "endpoints": { + "description": "endpoints is the endpoint name that details Glusterfs topology. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod", + "type": "string" + }, + "path": { + "description": "path is the Glusterfs volume path. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod", + "type": "string" + }, + "readOnly": { + "description": "readOnly here will force the Glusterfs volume to be mounted with read-only permissions. Defaults to false. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod", + "type": "boolean" + } + }, + "required": [ + "endpoints", + "path" + ], + "type": "object" + }, + "hostPath": { + "description": "hostPath represents a pre-existing file or directory on the host machine that is directly exposed to the container. This is generally used for system agents or other privileged things that are allowed to see the host machine. Most containers will NOT need this. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath --- TODO(jonesdl) We need to restrict who can use host directory mounts and who can/can not mount host directories as read/write.", + "properties": { + "path": { + "description": "path of the directory on the host. If the path is a symlink, it will follow the link to the real path. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath", + "type": "string" + }, + "type": { + "description": "type for HostPath Volume Defaults to \"\" More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath", + "type": "string" + } + }, + "required": [ + "path" + ], + "type": "object" + }, + "iscsi": { + "description": "iscsi represents an ISCSI Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://examples.k8s.io/volumes/iscsi/README.md", + "properties": { + "chapAuthDiscovery": { + "description": "chapAuthDiscovery defines whether support iSCSI Discovery CHAP authentication", + "type": "boolean" + }, + "chapAuthSession": { + "description": "chapAuthSession defines whether support iSCSI Session CHAP authentication", + "type": "boolean" + }, + "fsType": { + "description": "fsType is the filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi TODO: how do we prevent errors in the filesystem from compromising the machine", + "type": "string" + }, + "initiatorName": { + "description": "initiatorName is the custom iSCSI Initiator Name. If initiatorName is specified with iscsiInterface simultaneously, new iSCSI interface : will be created for the connection.", + "type": "string" + }, + "iqn": { + "description": "iqn is the target iSCSI Qualified Name.", + "type": "string" + }, + "iscsiInterface": { + "description": "iscsiInterface is the interface Name that uses an iSCSI transport. Defaults to 'default' (tcp).", + "type": "string" + }, + "lun": { + "description": "lun represents iSCSI Target Lun number.", + "format": "int32", + "type": "integer" + }, + "portals": { + "description": "portals is the iSCSI Target Portal List. The portal is either an IP or ip_addr:port if the port is other than default (typically TCP ports 860 and 3260).", + "items": { + "type": "string" + }, + "type": "array" + }, + "readOnly": { + "description": "readOnly here will force the ReadOnly setting in VolumeMounts. Defaults to false.", + "type": "boolean" + }, + "secretRef": { + "description": "secretRef is the CHAP Secret for iSCSI target and initiator authentication", + "properties": { + "name": { + "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?", + "type": "string" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "targetPortal": { + "description": "targetPortal is iSCSI Target Portal. The Portal is either an IP or ip_addr:port if the port is other than default (typically TCP ports 860 and 3260).", + "type": "string" + } + }, + "required": [ + "iqn", + "lun", + "targetPortal" + ], + "type": "object" + }, + "name": { + "description": "name of the volume. Must be a DNS_LABEL and unique within the pod. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names", + "type": "string" + }, + "nfs": { + "description": "nfs represents an NFS mount on the host that shares a pod's lifetime More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs", + "properties": { + "path": { + "description": "path that is exported by the NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs", + "type": "string" + }, + "readOnly": { + "description": "readOnly here will force the NFS export to be mounted with read-only permissions. Defaults to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs", + "type": "boolean" + }, + "server": { + "description": "server is the hostname or IP address of the NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs", + "type": "string" + } + }, + "required": [ + "path", + "server" + ], + "type": "object" + }, + "persistentVolumeClaim": { + "description": "persistentVolumeClaimVolumeSource represents a reference to a PersistentVolumeClaim in the same namespace. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims", + "properties": { + "claimName": { + "description": "claimName is the name of a PersistentVolumeClaim in the same namespace as the pod using this volume. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims", + "type": "string" + }, + "readOnly": { + "description": "readOnly Will force the ReadOnly setting in VolumeMounts. Default false.", + "type": "boolean" + } + }, + "required": [ + "claimName" + ], + "type": "object" + }, + "photonPersistentDisk": { + "description": "photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine", + "properties": { + "fsType": { + "description": "fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.", + "type": "string" + }, + "pdID": { + "description": "pdID is the ID that identifies Photon Controller persistent disk", + "type": "string" + } + }, + "required": [ + "pdID" + ], + "type": "object" + }, + "portworxVolume": { + "description": "portworxVolume represents a portworx volume attached and mounted on kubelets host machine", + "properties": { + "fsType": { + "description": "fSType represents the filesystem type to mount Must be a filesystem type supported by the host operating system. Ex. \"ext4\", \"xfs\". Implicitly inferred to be \"ext4\" if unspecified.", + "type": "string" + }, + "readOnly": { + "description": "readOnly defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts.", + "type": "boolean" + }, + "volumeID": { + "description": "volumeID uniquely identifies a Portworx volume", + "type": "string" + } + }, + "required": [ + "volumeID" + ], + "type": "object" + }, + "projected": { + "description": "projected items for all in one resources secrets, configmaps, and downward API", + "properties": { + "defaultMode": { + "description": "defaultMode are the mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.", + "format": "int32", + "type": "integer" + }, + "sources": { + "description": "sources is the list of volume projections", + "items": { + "description": "Projection that may be projected along with other supported volume types", + "properties": { + "configMap": { + "description": "configMap information about the configMap data to project", + "properties": { + "items": { + "description": "items if unspecified, each key-value pair in the Data field of the referenced ConfigMap will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the ConfigMap, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'.", + "items": { + "description": "Maps a string key to a path within a volume.", + "properties": { + "key": { + "description": "key is the key to project.", + "type": "string" + }, + "mode": { + "description": "mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.", + "format": "int32", + "type": "integer" + }, + "path": { + "description": "path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'.", + "type": "string" + } + }, + "required": [ + "key", + "path" + ], + "type": "object" + }, + "type": "array" + }, + "name": { + "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?", + "type": "string" + }, + "optional": { + "description": "optional specify whether the ConfigMap or its keys must be defined", + "type": "boolean" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "downwardAPI": { + "description": "downwardAPI information about the downwardAPI data to project", + "properties": { + "items": { + "description": "Items is a list of DownwardAPIVolume file", + "items": { + "description": "DownwardAPIVolumeFile represents information to create the file containing the pod field", + "properties": { + "fieldRef": { + "description": "Required: Selects a field of the pod: only annotations, labels, name and namespace are supported.", + "properties": { + "apiVersion": { + "description": "Version of the schema the FieldPath is written in terms of, defaults to \"v1\".", + "type": "string" + }, + "fieldPath": { + "description": "Path of the field to select in the specified API version.", + "type": "string" + } + }, + "required": [ + "fieldPath" + ], + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "mode": { + "description": "Optional: mode bits used to set permissions on this file, must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.", + "format": "int32", + "type": "integer" + }, + "path": { + "description": "Required: Path is the relative path name of the file to be created. Must not be absolute or contain the '..' path. Must be utf-8 encoded. The first item of the relative path must not start with '..'", + "type": "string" + }, + "resourceFieldRef": { + "description": "Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported.", + "properties": { + "containerName": { + "description": "Container name: required for volumes, optional for env vars", + "type": "string" + }, + "divisor": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "description": "Specifies the output format of the exposed resources, defaults to \"1\"", + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "resource": { + "description": "Required: resource to select", + "type": "string" + } + }, + "required": [ + "resource" + ], + "type": "object", + "x-kubernetes-map-type": "atomic" + } + }, + "required": [ + "path" + ], + "type": "object" + }, + "type": "array" + } + }, + "type": "object" + }, + "secret": { + "description": "secret information about the secret data to project", + "properties": { + "items": { + "description": "items if unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'.", + "items": { + "description": "Maps a string key to a path within a volume.", + "properties": { + "key": { + "description": "key is the key to project.", + "type": "string" + }, + "mode": { + "description": "mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.", + "format": "int32", + "type": "integer" + }, + "path": { + "description": "path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'.", + "type": "string" + } + }, + "required": [ + "key", + "path" + ], + "type": "object" + }, + "type": "array" + }, + "name": { + "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?", + "type": "string" + }, + "optional": { + "description": "optional field specify whether the Secret or its key must be defined", + "type": "boolean" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "serviceAccountToken": { + "description": "serviceAccountToken is information about the serviceAccountToken data to project", + "properties": { + "audience": { + "description": "audience is the intended audience of the token. A recipient of a token must identify itself with an identifier specified in the audience of the token, and otherwise should reject the token. The audience defaults to the identifier of the apiserver.", + "type": "string" + }, + "expirationSeconds": { + "description": "expirationSeconds is the requested duration of validity of the service account token. As the token approaches expiration, the kubelet volume plugin will proactively rotate the service account token. The kubelet will start trying to rotate the token if the token is older than 80 percent of its time to live or if the token is older than 24 hours.Defaults to 1 hour and must be at least 10 minutes.", + "format": "int64", + "type": "integer" + }, + "path": { + "description": "path is the path relative to the mount point of the file to project the token into.", + "type": "string" + } + }, + "required": [ + "path" + ], + "type": "object" + } + }, + "type": "object" + }, + "type": "array" + } + }, + "type": "object" + }, + "quobyte": { + "description": "quobyte represents a Quobyte mount on the host that shares a pod's lifetime", + "properties": { + "group": { + "description": "group to map volume access to Default is no group", + "type": "string" + }, + "readOnly": { + "description": "readOnly here will force the Quobyte volume to be mounted with read-only permissions. Defaults to false.", + "type": "boolean" + }, + "registry": { + "description": "registry represents a single or multiple Quobyte Registry services specified as a string as host:port pair (multiple entries are separated with commas) which acts as the central registry for volumes", + "type": "string" + }, + "tenant": { + "description": "tenant owning the given Quobyte volume in the Backend Used with dynamically provisioned Quobyte volumes, value is set by the plugin", + "type": "string" + }, + "user": { + "description": "user to map volume access to Defaults to serivceaccount user", + "type": "string" + }, + "volume": { + "description": "volume is a string that references an already created Quobyte volume by name.", + "type": "string" + } + }, + "required": [ + "registry", + "volume" + ], + "type": "object" + }, + "rbd": { + "description": "rbd represents a Rados Block Device mount on the host that shares a pod's lifetime. More info: https://examples.k8s.io/volumes/rbd/README.md", + "properties": { + "fsType": { + "description": "fsType is the filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#rbd TODO: how do we prevent errors in the filesystem from compromising the machine", + "type": "string" + }, + "image": { + "description": "image is the rados image name. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it", + "type": "string" + }, + "keyring": { + "description": "keyring is the path to key ring for RBDUser. Default is /etc/ceph/keyring. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it", + "type": "string" + }, + "monitors": { + "description": "monitors is a collection of Ceph monitors. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it", + "items": { + "type": "string" + }, + "type": "array" + }, + "pool": { + "description": "pool is the rados pool name. Default is rbd. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it", + "type": "string" + }, + "readOnly": { + "description": "readOnly here will force the ReadOnly setting in VolumeMounts. Defaults to false. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it", + "type": "boolean" + }, + "secretRef": { + "description": "secretRef is name of the authentication secret for RBDUser. If provided overrides keyring. Default is nil. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it", + "properties": { + "name": { + "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?", + "type": "string" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "user": { + "description": "user is the rados user name. Default is admin. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it", + "type": "string" + } + }, + "required": [ + "image", + "monitors" + ], + "type": "object" + }, + "scaleIO": { + "description": "scaleIO represents a ScaleIO persistent volume attached and mounted on Kubernetes nodes.", + "properties": { + "fsType": { + "description": "fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. \"ext4\", \"xfs\", \"ntfs\". Default is \"xfs\".", + "type": "string" + }, + "gateway": { + "description": "gateway is the host address of the ScaleIO API Gateway.", + "type": "string" + }, + "protectionDomain": { + "description": "protectionDomain is the name of the ScaleIO Protection Domain for the configured storage.", + "type": "string" + }, + "readOnly": { + "description": "readOnly Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts.", + "type": "boolean" + }, + "secretRef": { + "description": "secretRef references to the secret for ScaleIO user and other sensitive information. If this is not provided, Login operation will fail.", + "properties": { + "name": { + "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?", + "type": "string" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "sslEnabled": { + "description": "sslEnabled Flag enable/disable SSL communication with Gateway, default false", + "type": "boolean" + }, + "storageMode": { + "description": "storageMode indicates whether the storage for a volume should be ThickProvisioned or ThinProvisioned. Default is ThinProvisioned.", + "type": "string" + }, + "storagePool": { + "description": "storagePool is the ScaleIO Storage Pool associated with the protection domain.", + "type": "string" + }, + "system": { + "description": "system is the name of the storage system as configured in ScaleIO.", + "type": "string" + }, + "volumeName": { + "description": "volumeName is the name of a volume already created in the ScaleIO system that is associated with this volume source.", + "type": "string" + } + }, + "required": [ + "gateway", + "secretRef", + "system" + ], + "type": "object" + }, + "secret": { + "description": "secret represents a secret that should populate this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret", + "properties": { + "defaultMode": { + "description": "defaultMode is Optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.", + "format": "int32", + "type": "integer" + }, + "items": { + "description": "items If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'.", + "items": { + "description": "Maps a string key to a path within a volume.", + "properties": { + "key": { + "description": "key is the key to project.", + "type": "string" + }, + "mode": { + "description": "mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.", + "format": "int32", + "type": "integer" + }, + "path": { + "description": "path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'.", + "type": "string" + } + }, + "required": [ + "key", + "path" + ], + "type": "object" + }, + "type": "array" + }, + "optional": { + "description": "optional field specify whether the Secret or its keys must be defined", + "type": "boolean" + }, + "secretName": { + "description": "secretName is the name of the secret in the pod's namespace to use. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret", + "type": "string" + } + }, + "type": "object" + }, + "storageos": { + "description": "storageOS represents a StorageOS volume attached and mounted on Kubernetes nodes.", + "properties": { + "fsType": { + "description": "fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.", + "type": "string" + }, + "readOnly": { + "description": "readOnly defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts.", + "type": "boolean" + }, + "secretRef": { + "description": "secretRef specifies the secret to use for obtaining the StorageOS API credentials. If not specified, default values will be attempted.", + "properties": { + "name": { + "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?", + "type": "string" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "volumeName": { + "description": "volumeName is the human-readable name of the StorageOS volume. Volume names are only unique within a namespace.", + "type": "string" + }, + "volumeNamespace": { + "description": "volumeNamespace specifies the scope of the volume within StorageOS. If no namespace is specified then the Pod's namespace will be used. This allows the Kubernetes name scoping to be mirrored within StorageOS for tighter integration. Set VolumeName to any name to override the default behaviour. Set to \"default\" if you are not using namespaces within StorageOS. Namespaces that do not pre-exist within StorageOS will be created.", + "type": "string" + } + }, + "type": "object" + }, + "vsphereVolume": { + "description": "vsphereVolume represents a vSphere volume attached and mounted on kubelets host machine", + "properties": { + "fsType": { + "description": "fsType is filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.", + "type": "string" + }, + "storagePolicyID": { + "description": "storagePolicyID is the storage Policy Based Management (SPBM) profile ID associated with the StoragePolicyName.", + "type": "string" + }, + "storagePolicyName": { + "description": "storagePolicyName is the storage Policy Based Management (SPBM) profile name.", + "type": "string" + }, + "volumePath": { + "description": "volumePath is the path that identifies vSphere volume vmdk", + "type": "string" + } + }, + "required": [ + "volumePath" + ], + "type": "object" + } + }, + "required": [ + "name" + ], + "type": "object" + }, + "type": "array" + }, + "zookeeper": { + "description": "Zookeeper IGNORED (Future API): In order to make Druid dependency setup extensible from within Druid operator.", + "properties": { + "spec": { + "description": "RawMessage is a raw encoded JSON value. It implements Marshaler and Unmarshaler and can be used to delay JSON decoding or precompute a JSON encoding.", + "format": "byte", + "type": "string" + }, + "type": { + "type": "string" + } + }, + "required": [ + "spec", + "type" + ], + "type": "object" + } + }, + "required": [ + "common.runtime.properties", + "nodes" + ], + "type": "object" + }, + "status": { + "description": "DruidClusterStatus Defines the observed state of Druid.", + "properties": { + "configMaps": { + "items": { + "type": "string" + }, + "type": "array" + }, + "deployments": { + "items": { + "type": "string" + }, + "type": "array" + }, + "druidNodeStatus": { + "description": "INSERT ADDITIONAL STATUS FIELD - define observed state of cluster Important: Run \"make\" to regenerate code after modifying this file", + "properties": { + "druidNode": { + "type": "string" + }, + "druidNodeConditionStatus": { + "type": "string" + }, + "druidNodeConditionType": { + "type": "string" + }, + "reason": { + "type": "string" + } + }, + "type": "object" + }, + "hpAutoscalers": { + "items": { + "type": "string" + }, + "type": "array" + }, + "ingress": { + "items": { + "type": "string" + }, + "type": "array" + }, + "persistentVolumeClaims": { + "items": { + "type": "string" + }, + "type": "array" + }, + "podDisruptionBudgets": { + "items": { + "type": "string" + }, + "type": "array" + }, + "pods": { + "items": { + "type": "string" + }, + "type": "array" + }, + "services": { + "items": { + "type": "string" + }, + "type": "array" + }, + "statefulSets": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + } + }, + "required": [ + "spec" + ], + "type": "object" + } + }, + "served": true, + "storage": true, + "subresources": { + "status": {} + } + } + ] + }, + "status": { + "acceptedNames": { + "kind": "Druid", + "listKind": "DruidList", + "plural": "druids", + "singular": "druid" + }, + "conditions": [ + { + "lastTransitionTime": "2024-02-22T22:25:04Z", + "message": "no conflicts found", + "reason": "NoConflicts", + "status": "True", + "type": "NamesAccepted" + }, + { + "lastTransitionTime": "2024-02-22T22:25:05Z", + "message": "the initial names have been accepted", + "reason": "InitialNamesAccepted", + "status": "True", + "type": "Established" + } + ], + "storedVersions": [ + "v1alpha1" + ] + } + }, + "group": "druid.apache.org", + "plural": "druids", + "version": "v1alpha1" + }, + "learnrun_time": 373.00891065597534, + "namespace": "druid-operator-system", + "preload_images": [ + "docker.io/library/zookeeper:3.7.0", + "docker.io/datainfrahq/druid-operator:v1.2.3", + "gcr.io/kubebuilder/kube-rbac-proxy:v0.13.1", + "docker.io/apache/druid:25.0.0" + ], + "static_analysis_time": 1.1682510375976562e-05 +} \ No newline at end of file diff --git a/data/dataInfra_druid-operator/druid-operator-druid.apache.org_druids.yaml b/data/dataInfra_druid-operator/druid-operator-druid.apache.org_druids.yaml new file mode 100644 index 0000000000..d3c73c7dec --- /dev/null +++ b/data/dataInfra_druid-operator/druid-operator-druid.apache.org_druids.yaml @@ -0,0 +1,12163 @@ +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.11.2 + creationTimestamp: null + name: druids.druid.apache.org +spec: + group: druid.apache.org + names: + kind: Druid + listKind: DruidList + plural: druids + singular: druid + scope: Namespaced + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: Druid is the Schema for the druids API. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: DruidSpec defines the desired state of the Druid cluster. + properties: + additionalContainer: + description: AdditionalContainer defines additional sidecar containers + to be deployed with the `Druid` pods. + items: + description: 'AdditionalContainer defines additional sidecar containers + to be deployed with the `Druid` pods. (will be part of Kubernetes + native in the future: https://github.com/kubernetes/enhancements/blob/master/keps/sig-node/753-sidecar-containers/README.md#summary).' + properties: + args: + description: Args Arguments to call the command. + items: + type: string + type: array + command: + description: Command command for the additional container. + items: + type: string + type: array + containerName: + description: ContainerName name of the additional container. + type: string + env: + description: Env Environment variables for the additional container. + items: + description: EnvVar represents an environment variable present + in a Container. + properties: + name: + description: Name of the environment variable. Must be + a C_IDENTIFIER. + type: string + value: + description: 'Variable references $(VAR_NAME) are expanded + using the previously defined environment variables in + the container and any service environment variables. + If a variable cannot be resolved, the reference in the + input string will be unchanged. Double $$ are reduced + to a single $, which allows for escaping the $(VAR_NAME) + syntax: i.e. "$$(VAR_NAME)" will produce the string + literal "$(VAR_NAME)". Escaped references will never + be expanded, regardless of whether the variable exists + or not. Defaults to "".' + type: string + valueFrom: + description: Source for the environment variable's value. + Cannot be used if value is not empty. + properties: + configMapKeyRef: + description: Selects a key of a ConfigMap. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether the ConfigMap or + its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + fieldRef: + description: 'Selects a field of the pod: supports + metadata.name, metadata.namespace, `metadata.labels['''']`, + `metadata.annotations['''']`, spec.nodeName, + spec.serviceAccountName, status.hostIP, status.podIP, + status.podIPs.' + properties: + apiVersion: + description: Version of the schema the FieldPath + is written in terms of, defaults to "v1". + type: string + fieldPath: + description: Path of the field to select in the + specified API version. + type: string + required: + - fieldPath + type: object + x-kubernetes-map-type: atomic + resourceFieldRef: + description: 'Selects a resource of the container: + only resources limits and requests (limits.cpu, + limits.memory, limits.ephemeral-storage, requests.cpu, + requests.memory and requests.ephemeral-storage) + are currently supported.' + properties: + containerName: + description: 'Container name: required for volumes, + optional for env vars' + type: string + divisor: + anyOf: + - type: integer + - type: string + description: Specifies the output format of the + exposed resources, defaults to "1" + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + description: 'Required: resource to select' + type: string + required: + - resource + type: object + x-kubernetes-map-type: atomic + secretKeyRef: + description: Selects a key of a secret in the pod's + namespace + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether the Secret or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + required: + - name + type: object + type: array + envFrom: + description: EnvFrom Extra environment variables from remote + source (ConfigMaps, Secrets...). + items: + description: EnvFromSource represents the source of a set + of ConfigMaps + properties: + configMapRef: + description: The ConfigMap to select from + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether the ConfigMap must be + defined + type: boolean + type: object + x-kubernetes-map-type: atomic + prefix: + description: An optional identifier to prepend to each + key in the ConfigMap. Must be a C_IDENTIFIER. + type: string + secretRef: + description: The Secret to select from + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether the Secret must be defined + type: boolean + type: object + x-kubernetes-map-type: atomic + type: object + type: array + image: + description: Image Image of the additional container. + type: string + imagePullPolicy: + description: ImagePullPolicy If not present, will be taken from + top level spec. + type: string + resources: + description: Resources Kubernetes Native `resources` specification. + properties: + claims: + description: "Claims lists the names of resources, defined + in spec.resourceClaims, that are used by this container. + \n This is an alpha field and requires enabling the DynamicResourceAllocation + feature gate. \n This field is immutable. It can only + be set for containers." + items: + description: ResourceClaim references one entry in PodSpec.ResourceClaims. + properties: + name: + description: Name must match the name of one entry + in pod.spec.resourceClaims of the Pod where this + field is used. It makes that resource available + inside a container. + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum amount of compute + resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum amount of compute + resources required. If Requests is omitted for a container, + it defaults to Limits if that is explicitly specified, + otherwise to an implementation-defined value. More info: + https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + type: object + runAsInit: + description: RunAsInit indicate whether this should be an init + container. + type: boolean + securityContext: + description: ContainerSecurityContext If not present, will be + taken from top level pod. + properties: + allowPrivilegeEscalation: + description: 'AllowPrivilegeEscalation controls whether + a process can gain more privileges than its parent process. + This bool directly controls if the no_new_privs flag will + be set on the container process. AllowPrivilegeEscalation + is true always when the container is: 1) run as Privileged + 2) has CAP_SYS_ADMIN Note that this field cannot be set + when spec.os.name is windows.' + type: boolean + capabilities: + description: The capabilities to add/drop when running containers. + Defaults to the default set of capabilities granted by + the container runtime. Note that this field cannot be + set when spec.os.name is windows. + properties: + add: + description: Added capabilities + items: + description: Capability represent POSIX capabilities + type + type: string + type: array + drop: + description: Removed capabilities + items: + description: Capability represent POSIX capabilities + type + type: string + type: array + type: object + privileged: + description: Run container in privileged mode. Processes + in privileged containers are essentially equivalent to + root on the host. Defaults to false. Note that this field + cannot be set when spec.os.name is windows. + type: boolean + procMount: + description: procMount denotes the type of proc mount to + use for the containers. The default is DefaultProcMount + which uses the container runtime defaults for readonly + paths and masked paths. This requires the ProcMountType + feature flag to be enabled. Note that this field cannot + be set when spec.os.name is windows. + type: string + readOnlyRootFilesystem: + description: Whether this container has a read-only root + filesystem. Default is false. Note that this field cannot + be set when spec.os.name is windows. + type: boolean + runAsGroup: + description: The GID to run the entrypoint of the container + process. Uses runtime default if unset. May also be set + in PodSecurityContext. If set in both SecurityContext + and PodSecurityContext, the value specified in SecurityContext + takes precedence. Note that this field cannot be set when + spec.os.name is windows. + format: int64 + type: integer + runAsNonRoot: + description: Indicates that the container must run as a + non-root user. If true, the Kubelet will validate the + image at runtime to ensure that it does not run as UID + 0 (root) and fail to start the container if it does. If + unset or false, no such validation will be performed. + May also be set in PodSecurityContext. If set in both + SecurityContext and PodSecurityContext, the value specified + in SecurityContext takes precedence. + type: boolean + runAsUser: + description: The UID to run the entrypoint of the container + process. Defaults to user specified in image metadata + if unspecified. May also be set in PodSecurityContext. If + set in both SecurityContext and PodSecurityContext, the + value specified in SecurityContext takes precedence. Note + that this field cannot be set when spec.os.name is windows. + format: int64 + type: integer + seLinuxOptions: + description: The SELinux context to be applied to the container. + If unspecified, the container runtime will allocate a + random SELinux context for each container. May also be + set in PodSecurityContext. If set in both SecurityContext + and PodSecurityContext, the value specified in SecurityContext + takes precedence. Note that this field cannot be set when + spec.os.name is windows. + properties: + level: + description: Level is SELinux level label that applies + to the container. + type: string + role: + description: Role is a SELinux role label that applies + to the container. + type: string + type: + description: Type is a SELinux type label that applies + to the container. + type: string + user: + description: User is a SELinux user label that applies + to the container. + type: string + type: object + seccompProfile: + description: The seccomp options to use by this container. + If seccomp options are provided at both the pod & container + level, the container options override the pod options. + Note that this field cannot be set when spec.os.name is + windows. + properties: + localhostProfile: + description: localhostProfile indicates a profile defined + in a file on the node should be used. The profile + must be preconfigured on the node to work. Must be + a descending path, relative to the kubelet's configured + seccomp profile location. Must only be set if type + is "Localhost". + type: string + type: + description: "type indicates which kind of seccomp profile + will be applied. Valid options are: \n Localhost - + a profile defined in a file on the node should be + used. RuntimeDefault - the container runtime default + profile should be used. Unconfined - no profile should + be applied." + type: string + required: + - type + type: object + windowsOptions: + description: The Windows specific settings applied to all + containers. If unspecified, the options from the PodSecurityContext + will be used. If set in both SecurityContext and PodSecurityContext, + the value specified in SecurityContext takes precedence. + Note that this field cannot be set when spec.os.name is + linux. + properties: + gmsaCredentialSpec: + description: GMSACredentialSpec is where the GMSA admission + webhook (https://github.com/kubernetes-sigs/windows-gmsa) + inlines the contents of the GMSA credential spec named + by the GMSACredentialSpecName field. + type: string + gmsaCredentialSpecName: + description: GMSACredentialSpecName is the name of the + GMSA credential spec to use. + type: string + hostProcess: + description: HostProcess determines if a container should + be run as a 'Host Process' container. This field is + alpha-level and will only be honored by components + that enable the WindowsHostProcessContainers feature + flag. Setting this field without the feature flag + will result in errors when validating the Pod. All + of a Pod's containers must have the same effective + HostProcess value (it is not allowed to have a mix + of HostProcess containers and non-HostProcess containers). In + addition, if HostProcess is true then HostNetwork + must also be set to true. + type: boolean + runAsUserName: + description: The UserName in Windows to run the entrypoint + of the container process. Defaults to the user specified + in image metadata if unspecified. May also be set + in PodSecurityContext. If set in both SecurityContext + and PodSecurityContext, the value specified in SecurityContext + takes precedence. + type: string + type: object + type: object + volumeMounts: + description: VolumeMounts Kubernetes Native `VolumeMount` specification. + items: + description: VolumeMount describes a mounting of a Volume + within a container. + properties: + mountPath: + description: Path within the container at which the volume + should be mounted. Must not contain ':'. + type: string + mountPropagation: + description: mountPropagation determines how mounts are + propagated from the host to container and the other + way around. When not set, MountPropagationNone is used. + This field is beta in 1.10. + type: string + name: + description: This must match the Name of a Volume. + type: string + readOnly: + description: Mounted read-only if true, read-write otherwise + (false or unspecified). Defaults to false. + type: boolean + subPath: + description: Path within the volume from which the container's + volume should be mounted. Defaults to "" (volume's root). + type: string + subPathExpr: + description: Expanded path within the volume from which + the container's volume should be mounted. Behaves similarly + to SubPath but environment variable references $(VAR_NAME) + are expanded using the container's environment. Defaults + to "" (volume's root). SubPathExpr and SubPath are mutually + exclusive. + type: string + required: + - mountPath + - name + type: object + type: array + required: + - command + - containerName + - image + type: object + type: array + affinity: + description: Affinity Kubernetes native `affinity` specification. + properties: + nodeAffinity: + description: Describes node affinity scheduling rules for the + pod. + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule pods to + nodes that satisfy the affinity expressions specified by + this field, but it may choose a node that violates one or + more of the expressions. The node that is most preferred + is the one with the greatest sum of weights, i.e. for each + node that meets all of the scheduling requirements (resource + request, requiredDuringScheduling affinity expressions, + etc.), compute a sum by iterating through the elements of + this field and adding "weight" to the sum if the node matches + the corresponding matchExpressions; the node(s) with the + highest sum are the most preferred. + items: + description: An empty preferred scheduling term matches + all objects with implicit weight 0 (i.e. it's a no-op). + A null preferred scheduling term matches no objects (i.e. + is also a no-op). + properties: + preference: + description: A node selector term, associated with the + corresponding weight. + properties: + matchExpressions: + description: A list of node selector requirements + by node's labels. + items: + description: A node selector requirement is a + selector that contains values, a key, and an + operator that relates the key and values. + properties: + key: + description: The label key that the selector + applies to. + type: string + operator: + description: Represents a key's relationship + to a set of values. Valid operators are + In, NotIn, Exists, DoesNotExist. Gt, and + Lt. + type: string + values: + description: An array of string values. If + the operator is In or NotIn, the values + array must be non-empty. If the operator + is Exists or DoesNotExist, the values array + must be empty. If the operator is Gt or + Lt, the values array must have a single + element, which will be interpreted as an + integer. This array is replaced during a + strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchFields: + description: A list of node selector requirements + by node's fields. + items: + description: A node selector requirement is a + selector that contains values, a key, and an + operator that relates the key and values. + properties: + key: + description: The label key that the selector + applies to. + type: string + operator: + description: Represents a key's relationship + to a set of values. Valid operators are + In, NotIn, Exists, DoesNotExist. Gt, and + Lt. + type: string + values: + description: An array of string values. If + the operator is In or NotIn, the values + array must be non-empty. If the operator + is Exists or DoesNotExist, the values array + must be empty. If the operator is Gt or + Lt, the values array must have a single + element, which will be interpreted as an + integer. This array is replaced during a + strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + type: object + x-kubernetes-map-type: atomic + weight: + description: Weight associated with matching the corresponding + nodeSelectorTerm, in the range 1-100. + format: int32 + type: integer + required: + - preference + - weight + type: object + type: array + requiredDuringSchedulingIgnoredDuringExecution: + description: If the affinity requirements specified by this + field are not met at scheduling time, the pod will not be + scheduled onto the node. If the affinity requirements specified + by this field cease to be met at some point during pod execution + (e.g. due to an update), the system may or may not try to + eventually evict the pod from its node. + properties: + nodeSelectorTerms: + description: Required. A list of node selector terms. + The terms are ORed. + items: + description: A null or empty node selector term matches + no objects. The requirements of them are ANDed. The + TopologySelectorTerm type implements a subset of the + NodeSelectorTerm. + properties: + matchExpressions: + description: A list of node selector requirements + by node's labels. + items: + description: A node selector requirement is a + selector that contains values, a key, and an + operator that relates the key and values. + properties: + key: + description: The label key that the selector + applies to. + type: string + operator: + description: Represents a key's relationship + to a set of values. Valid operators are + In, NotIn, Exists, DoesNotExist. Gt, and + Lt. + type: string + values: + description: An array of string values. If + the operator is In or NotIn, the values + array must be non-empty. If the operator + is Exists or DoesNotExist, the values array + must be empty. If the operator is Gt or + Lt, the values array must have a single + element, which will be interpreted as an + integer. This array is replaced during a + strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchFields: + description: A list of node selector requirements + by node's fields. + items: + description: A node selector requirement is a + selector that contains values, a key, and an + operator that relates the key and values. + properties: + key: + description: The label key that the selector + applies to. + type: string + operator: + description: Represents a key's relationship + to a set of values. Valid operators are + In, NotIn, Exists, DoesNotExist. Gt, and + Lt. + type: string + values: + description: An array of string values. If + the operator is In or NotIn, the values + array must be non-empty. If the operator + is Exists or DoesNotExist, the values array + must be empty. If the operator is Gt or + Lt, the values array must have a single + element, which will be interpreted as an + integer. This array is replaced during a + strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + type: object + x-kubernetes-map-type: atomic + type: array + required: + - nodeSelectorTerms + type: object + x-kubernetes-map-type: atomic + type: object + podAffinity: + description: Describes pod affinity scheduling rules (e.g. co-locate + this pod in the same node, zone, etc. as some other pod(s)). + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule pods to + nodes that satisfy the affinity expressions specified by + this field, but it may choose a node that violates one or + more of the expressions. The node that is most preferred + is the one with the greatest sum of weights, i.e. for each + node that meets all of the scheduling requirements (resource + request, requiredDuringScheduling affinity expressions, + etc.), compute a sum by iterating through the elements of + this field and adding "weight" to the sum if the node has + pods which matches the corresponding podAffinityTerm; the + node(s) with the highest sum are the most preferred. + items: + description: The weights of all of the matched WeightedPodAffinityTerm + fields are added per-node to find the most preferred node(s) + properties: + podAffinityTerm: + description: Required. A pod affinity term, associated + with the corresponding weight. + properties: + labelSelector: + description: A label query over a set of resources, + in this case pods. + properties: + matchExpressions: + description: matchExpressions is a list of label + selector requirements. The requirements are + ANDed. + items: + description: A label selector requirement + is a selector that contains values, a key, + and an operator that relates the key and + values. + properties: + key: + description: key is the label key that + the selector applies to. + type: string + operator: + description: operator represents a key's + relationship to a set of values. Valid + operators are In, NotIn, Exists and + DoesNotExist. + type: string + values: + description: values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. + If the operator is Exists or DoesNotExist, + the values array must be empty. This + array is replaced during a strategic + merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is + "In", and the values array contains only "value". + The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + namespaceSelector: + description: A label query over the set of namespaces + that the term applies to. The term is applied + to the union of the namespaces selected by this + field and the ones listed in the namespaces field. + null selector and null or empty namespaces list + means "this pod's namespace". An empty selector + ({}) matches all namespaces. + properties: + matchExpressions: + description: matchExpressions is a list of label + selector requirements. The requirements are + ANDed. + items: + description: A label selector requirement + is a selector that contains values, a key, + and an operator that relates the key and + values. + properties: + key: + description: key is the label key that + the selector applies to. + type: string + operator: + description: operator represents a key's + relationship to a set of values. Valid + operators are In, NotIn, Exists and + DoesNotExist. + type: string + values: + description: values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. + If the operator is Exists or DoesNotExist, + the values array must be empty. This + array is replaced during a strategic + merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is + "In", and the values array contains only "value". + The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + namespaces: + description: namespaces specifies a static list + of namespace names that the term applies to. The + term is applied to the union of the namespaces + listed in this field and the ones selected by + namespaceSelector. null or empty namespaces list + and null namespaceSelector means "this pod's namespace". + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) + or not co-located (anti-affinity) with the pods + matching the labelSelector in the specified namespaces, + where co-located is defined as running on a node + whose value of the label with key topologyKey + matches that of any node on which any of the selected + pods is running. Empty topologyKey is not allowed. + type: string + required: + - topologyKey + type: object + weight: + description: weight associated with matching the corresponding + podAffinityTerm, in the range 1-100. + format: int32 + type: integer + required: + - podAffinityTerm + - weight + type: object + type: array + requiredDuringSchedulingIgnoredDuringExecution: + description: If the affinity requirements specified by this + field are not met at scheduling time, the pod will not be + scheduled onto the node. If the affinity requirements specified + by this field cease to be met at some point during pod execution + (e.g. due to a pod label update), the system may or may + not try to eventually evict the pod from its node. When + there are multiple elements, the lists of nodes corresponding + to each podAffinityTerm are intersected, i.e. all terms + must be satisfied. + items: + description: Defines a set of pods (namely those matching + the labelSelector relative to the given namespace(s)) + that this pod should be co-located (affinity) or not co-located + (anti-affinity) with, where co-located is defined as running + on a node whose value of the label with key + matches that of any node on which a pod of the set of + pods is running + properties: + labelSelector: + description: A label query over a set of resources, + in this case pods. + properties: + matchExpressions: + description: matchExpressions is a list of label + selector requirements. The requirements are ANDed. + items: + description: A label selector requirement is a + selector that contains values, a key, and an + operator that relates the key and values. + properties: + key: + description: key is the label key that the + selector applies to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are + In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. If the + operator is Exists or DoesNotExist, the + values array must be empty. This array is + replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is "In", + and the values array contains only "value". The + requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + namespaceSelector: + description: A label query over the set of namespaces + that the term applies to. The term is applied to the + union of the namespaces selected by this field and + the ones listed in the namespaces field. null selector + and null or empty namespaces list means "this pod's + namespace". An empty selector ({}) matches all namespaces. + properties: + matchExpressions: + description: matchExpressions is a list of label + selector requirements. The requirements are ANDed. + items: + description: A label selector requirement is a + selector that contains values, a key, and an + operator that relates the key and values. + properties: + key: + description: key is the label key that the + selector applies to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are + In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. If the + operator is Exists or DoesNotExist, the + values array must be empty. This array is + replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is "In", + and the values array contains only "value". The + requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + namespaces: + description: namespaces specifies a static list of namespace + names that the term applies to. The term is applied + to the union of the namespaces listed in this field + and the ones selected by namespaceSelector. null or + empty namespaces list and null namespaceSelector means + "this pod's namespace". + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) + or not co-located (anti-affinity) with the pods matching + the labelSelector in the specified namespaces, where + co-located is defined as running on a node whose value + of the label with key topologyKey matches that of + any node on which any of the selected pods is running. + Empty topologyKey is not allowed. + type: string + required: + - topologyKey + type: object + type: array + type: object + podAntiAffinity: + description: Describes pod anti-affinity scheduling rules (e.g. + avoid putting this pod in the same node, zone, etc. as some + other pod(s)). + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule pods to + nodes that satisfy the anti-affinity expressions specified + by this field, but it may choose a node that violates one + or more of the expressions. The node that is most preferred + is the one with the greatest sum of weights, i.e. for each + node that meets all of the scheduling requirements (resource + request, requiredDuringScheduling anti-affinity expressions, + etc.), compute a sum by iterating through the elements of + this field and adding "weight" to the sum if the node has + pods which matches the corresponding podAffinityTerm; the + node(s) with the highest sum are the most preferred. + items: + description: The weights of all of the matched WeightedPodAffinityTerm + fields are added per-node to find the most preferred node(s) + properties: + podAffinityTerm: + description: Required. A pod affinity term, associated + with the corresponding weight. + properties: + labelSelector: + description: A label query over a set of resources, + in this case pods. + properties: + matchExpressions: + description: matchExpressions is a list of label + selector requirements. The requirements are + ANDed. + items: + description: A label selector requirement + is a selector that contains values, a key, + and an operator that relates the key and + values. + properties: + key: + description: key is the label key that + the selector applies to. + type: string + operator: + description: operator represents a key's + relationship to a set of values. Valid + operators are In, NotIn, Exists and + DoesNotExist. + type: string + values: + description: values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. + If the operator is Exists or DoesNotExist, + the values array must be empty. This + array is replaced during a strategic + merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is + "In", and the values array contains only "value". + The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + namespaceSelector: + description: A label query over the set of namespaces + that the term applies to. The term is applied + to the union of the namespaces selected by this + field and the ones listed in the namespaces field. + null selector and null or empty namespaces list + means "this pod's namespace". An empty selector + ({}) matches all namespaces. + properties: + matchExpressions: + description: matchExpressions is a list of label + selector requirements. The requirements are + ANDed. + items: + description: A label selector requirement + is a selector that contains values, a key, + and an operator that relates the key and + values. + properties: + key: + description: key is the label key that + the selector applies to. + type: string + operator: + description: operator represents a key's + relationship to a set of values. Valid + operators are In, NotIn, Exists and + DoesNotExist. + type: string + values: + description: values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. + If the operator is Exists or DoesNotExist, + the values array must be empty. This + array is replaced during a strategic + merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is + "In", and the values array contains only "value". + The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + namespaces: + description: namespaces specifies a static list + of namespace names that the term applies to. The + term is applied to the union of the namespaces + listed in this field and the ones selected by + namespaceSelector. null or empty namespaces list + and null namespaceSelector means "this pod's namespace". + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) + or not co-located (anti-affinity) with the pods + matching the labelSelector in the specified namespaces, + where co-located is defined as running on a node + whose value of the label with key topologyKey + matches that of any node on which any of the selected + pods is running. Empty topologyKey is not allowed. + type: string + required: + - topologyKey + type: object + weight: + description: weight associated with matching the corresponding + podAffinityTerm, in the range 1-100. + format: int32 + type: integer + required: + - podAffinityTerm + - weight + type: object + type: array + requiredDuringSchedulingIgnoredDuringExecution: + description: If the anti-affinity requirements specified by + this field are not met at scheduling time, the pod will + not be scheduled onto the node. If the anti-affinity requirements + specified by this field cease to be met at some point during + pod execution (e.g. due to a pod label update), the system + may or may not try to eventually evict the pod from its + node. When there are multiple elements, the lists of nodes + corresponding to each podAffinityTerm are intersected, i.e. + all terms must be satisfied. + items: + description: Defines a set of pods (namely those matching + the labelSelector relative to the given namespace(s)) + that this pod should be co-located (affinity) or not co-located + (anti-affinity) with, where co-located is defined as running + on a node whose value of the label with key + matches that of any node on which a pod of the set of + pods is running + properties: + labelSelector: + description: A label query over a set of resources, + in this case pods. + properties: + matchExpressions: + description: matchExpressions is a list of label + selector requirements. The requirements are ANDed. + items: + description: A label selector requirement is a + selector that contains values, a key, and an + operator that relates the key and values. + properties: + key: + description: key is the label key that the + selector applies to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are + In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. If the + operator is Exists or DoesNotExist, the + values array must be empty. This array is + replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is "In", + and the values array contains only "value". The + requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + namespaceSelector: + description: A label query over the set of namespaces + that the term applies to. The term is applied to the + union of the namespaces selected by this field and + the ones listed in the namespaces field. null selector + and null or empty namespaces list means "this pod's + namespace". An empty selector ({}) matches all namespaces. + properties: + matchExpressions: + description: matchExpressions is a list of label + selector requirements. The requirements are ANDed. + items: + description: A label selector requirement is a + selector that contains values, a key, and an + operator that relates the key and values. + properties: + key: + description: key is the label key that the + selector applies to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are + In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. If the + operator is Exists or DoesNotExist, the + values array must be empty. This array is + replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is "In", + and the values array contains only "value". The + requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + namespaces: + description: namespaces specifies a static list of namespace + names that the term applies to. The term is applied + to the union of the namespaces listed in this field + and the ones selected by namespaceSelector. null or + empty namespaces list and null namespaceSelector means + "this pod's namespace". + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) + or not co-located (anti-affinity) with the pods matching + the labelSelector in the specified namespaces, where + co-located is defined as running on a node whose value + of the label with key topologyKey matches that of + any node on which any of the selected pods is running. + Empty topologyKey is not allowed. + type: string + required: + - topologyKey + type: object + type: array + type: object + type: object + common.runtime.properties: + description: CommonRuntimeProperties Content fo the `common.runtime.properties` + configuration file. + type: string + commonConfigMountPath: + default: /opt/druid/conf/druid/cluster/_common + description: CommonConfigMountPath In-container directory to mount + the Druid common configuration + type: string + containerSecurityContext: + description: ContainerSecurityContext + properties: + allowPrivilegeEscalation: + description: 'AllowPrivilegeEscalation controls whether a process + can gain more privileges than its parent process. This bool + directly controls if the no_new_privs flag will be set on the + container process. AllowPrivilegeEscalation is true always when + the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN + Note that this field cannot be set when spec.os.name is windows.' + type: boolean + capabilities: + description: The capabilities to add/drop when running containers. + Defaults to the default set of capabilities granted by the container + runtime. Note that this field cannot be set when spec.os.name + is windows. + properties: + add: + description: Added capabilities + items: + description: Capability represent POSIX capabilities type + type: string + type: array + drop: + description: Removed capabilities + items: + description: Capability represent POSIX capabilities type + type: string + type: array + type: object + privileged: + description: Run container in privileged mode. Processes in privileged + containers are essentially equivalent to root on the host. Defaults + to false. Note that this field cannot be set when spec.os.name + is windows. + type: boolean + procMount: + description: procMount denotes the type of proc mount to use for + the containers. The default is DefaultProcMount which uses the + container runtime defaults for readonly paths and masked paths. + This requires the ProcMountType feature flag to be enabled. + Note that this field cannot be set when spec.os.name is windows. + type: string + readOnlyRootFilesystem: + description: Whether this container has a read-only root filesystem. + Default is false. Note that this field cannot be set when spec.os.name + is windows. + type: boolean + runAsGroup: + description: The GID to run the entrypoint of the container process. + Uses runtime default if unset. May also be set in PodSecurityContext. If + set in both SecurityContext and PodSecurityContext, the value + specified in SecurityContext takes precedence. Note that this + field cannot be set when spec.os.name is windows. + format: int64 + type: integer + runAsNonRoot: + description: Indicates that the container must run as a non-root + user. If true, the Kubelet will validate the image at runtime + to ensure that it does not run as UID 0 (root) and fail to start + the container if it does. If unset or false, no such validation + will be performed. May also be set in PodSecurityContext. If + set in both SecurityContext and PodSecurityContext, the value + specified in SecurityContext takes precedence. + type: boolean + runAsUser: + description: The UID to run the entrypoint of the container process. + Defaults to user specified in image metadata if unspecified. + May also be set in PodSecurityContext. If set in both SecurityContext + and PodSecurityContext, the value specified in SecurityContext + takes precedence. Note that this field cannot be set when spec.os.name + is windows. + format: int64 + type: integer + seLinuxOptions: + description: The SELinux context to be applied to the container. + If unspecified, the container runtime will allocate a random + SELinux context for each container. May also be set in PodSecurityContext. If + set in both SecurityContext and PodSecurityContext, the value + specified in SecurityContext takes precedence. Note that this + field cannot be set when spec.os.name is windows. + properties: + level: + description: Level is SELinux level label that applies to + the container. + type: string + role: + description: Role is a SELinux role label that applies to + the container. + type: string + type: + description: Type is a SELinux type label that applies to + the container. + type: string + user: + description: User is a SELinux user label that applies to + the container. + type: string + type: object + seccompProfile: + description: The seccomp options to use by this container. If + seccomp options are provided at both the pod & container level, + the container options override the pod options. Note that this + field cannot be set when spec.os.name is windows. + properties: + localhostProfile: + description: localhostProfile indicates a profile defined + in a file on the node should be used. The profile must be + preconfigured on the node to work. Must be a descending + path, relative to the kubelet's configured seccomp profile + location. Must only be set if type is "Localhost". + type: string + type: + description: "type indicates which kind of seccomp profile + will be applied. Valid options are: \n Localhost - a profile + defined in a file on the node should be used. RuntimeDefault + - the container runtime default profile should be used. + Unconfined - no profile should be applied." + type: string + required: + - type + type: object + windowsOptions: + description: The Windows specific settings applied to all containers. + If unspecified, the options from the PodSecurityContext will + be used. If set in both SecurityContext and PodSecurityContext, + the value specified in SecurityContext takes precedence. Note + that this field cannot be set when spec.os.name is linux. + properties: + gmsaCredentialSpec: + description: GMSACredentialSpec is where the GMSA admission + webhook (https://github.com/kubernetes-sigs/windows-gmsa) + inlines the contents of the GMSA credential spec named by + the GMSACredentialSpecName field. + type: string + gmsaCredentialSpecName: + description: GMSACredentialSpecName is the name of the GMSA + credential spec to use. + type: string + hostProcess: + description: HostProcess determines if a container should + be run as a 'Host Process' container. This field is alpha-level + and will only be honored by components that enable the WindowsHostProcessContainers + feature flag. Setting this field without the feature flag + will result in errors when validating the Pod. All of a + Pod's containers must have the same effective HostProcess + value (it is not allowed to have a mix of HostProcess containers + and non-HostProcess containers). In addition, if HostProcess + is true then HostNetwork must also be set to true. + type: boolean + runAsUserName: + description: The UserName in Windows to run the entrypoint + of the container process. Defaults to the user specified + in image metadata if unspecified. May also be set in PodSecurityContext. + If set in both SecurityContext and PodSecurityContext, the + value specified in SecurityContext takes precedence. + type: string + type: object + type: object + core-site.xml: + description: CoreSite Contents of `core-site.xml`. + type: string + deepStorage: + description: 'DeepStorage IGNORED (Future API): In order to make Druid + dependency setup extensible from within Druid operator.' + properties: + spec: + description: RawMessage is a raw encoded JSON value. It implements + Marshaler and Unmarshaler and can be used to delay JSON decoding + or precompute a JSON encoding. + format: byte + type: string + type: + type: string + required: + - spec + - type + type: object + defaultProbes: + default: true + description: DefaultProbes If set to true this will add default probes + (liveness / readiness / startup) for all druid components but it + won't override existing probes + type: boolean + deleteOrphanPvc: + default: true + description: DeleteOrphanPvc Orphaned (unmounted PVCs) shall be cleaned + up by the operator. + type: boolean + disablePVCDeletionFinalizer: + default: false + description: DisablePVCDeletionFinalizer Whether PVCs shall be deleted + on the deletion of the Druid cluster. + type: boolean + env: + description: Env Environment variables for druid containers. + items: + description: EnvVar represents an environment variable present in + a Container. + properties: + name: + description: Name of the environment variable. Must be a C_IDENTIFIER. + type: string + value: + description: 'Variable references $(VAR_NAME) are expanded using + the previously defined environment variables in the container + and any service environment variables. If a variable cannot + be resolved, the reference in the input string will be unchanged. + Double $$ are reduced to a single $, which allows for escaping + the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce the + string literal "$(VAR_NAME)". Escaped references will never + be expanded, regardless of whether the variable exists or + not. Defaults to "".' + type: string + valueFrom: + description: Source for the environment variable's value. Cannot + be used if value is not empty. + properties: + configMapKeyRef: + description: Selects a key of a ConfigMap. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + optional: + description: Specify whether the ConfigMap or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + fieldRef: + description: 'Selects a field of the pod: supports metadata.name, + metadata.namespace, `metadata.labels['''']`, `metadata.annotations['''']`, + spec.nodeName, spec.serviceAccountName, status.hostIP, + status.podIP, status.podIPs.' + properties: + apiVersion: + description: Version of the schema the FieldPath is + written in terms of, defaults to "v1". + type: string + fieldPath: + description: Path of the field to select in the specified + API version. + type: string + required: + - fieldPath + type: object + x-kubernetes-map-type: atomic + resourceFieldRef: + description: 'Selects a resource of the container: only + resources limits and requests (limits.cpu, limits.memory, + limits.ephemeral-storage, requests.cpu, requests.memory + and requests.ephemeral-storage) are currently supported.' + properties: + containerName: + description: 'Container name: required for volumes, + optional for env vars' + type: string + divisor: + anyOf: + - type: integer + - type: string + description: Specifies the output format of the exposed + resources, defaults to "1" + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + description: 'Required: resource to select' + type: string + required: + - resource + type: object + x-kubernetes-map-type: atomic + secretKeyRef: + description: Selects a key of a secret in the pod's namespace + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + required: + - name + type: object + type: array + envFrom: + description: EnvFrom Extra environment variables from remote source + (ConfigMaps, Secrets...). + items: + description: EnvFromSource represents the source of a set of ConfigMaps + properties: + configMapRef: + description: The ConfigMap to select from + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + optional: + description: Specify whether the ConfigMap must be defined + type: boolean + type: object + x-kubernetes-map-type: atomic + prefix: + description: An optional identifier to prepend to each key in + the ConfigMap. Must be a C_IDENTIFIER. + type: string + secretRef: + description: The Secret to select from + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + optional: + description: Specify whether the Secret must be defined + type: boolean + type: object + x-kubernetes-map-type: atomic + type: object + type: array + extraCommonConfig: + description: ExtraCommonConfig References to ConfigMaps holding more + configuration files to mount to the common configuration path. + items: + description: "ObjectReference contains enough information to let + you inspect or modify the referred object. --- New uses of this + type are discouraged because of difficulty describing its usage + when embedded in APIs. 1. Ignored fields. It includes many fields + which are not generally honored. For instance, ResourceVersion + and FieldPath are both very rarely valid in actual usage. 2. Invalid + usage help. It is impossible to add specific help for individual + usage. In most embedded usages, there are particular restrictions + like, \"must refer only to types A and B\" or \"UID not honored\" + or \"name must be restricted\". Those cannot be well described + when embedded. 3. Inconsistent validation. Because the usages + are different, the validation rules are different by usage, which + makes it hard for users to predict what will happen. 4. The fields + are both imprecise and overly precise. Kind is not a precise + mapping to a URL. This can produce ambiguity during interpretation + and require a REST mapping. In most cases, the dependency is + on the group,resource tuple and the version of the actual struct + is irrelevant. 5. We cannot easily change it. Because this type + is embedded in many locations, updates to this type will affect + numerous schemas. Don't make new APIs embed an underspecified + API type they do not control. \n Instead of using this type, create + a locally provided and used type that is well-focused on your + reference. For example, ServiceReferences for admission registration: + https://github.com/kubernetes/api/blob/release-1.17/admissionregistration/v1/types.go#L533 + ." + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: 'If referring to a piece of an object instead of + an entire object, this string should contain a valid JSON/Go + field access statement, such as desiredState.manifest.containers[2]. + For example, if the object reference is to a container within + a pod, this would take on a value like: "spec.containers{name}" + (where "name" refers to the name of the container that triggered + the event) or if no container name is specified "spec.containers[2]" + (container with index 2 in this pod). This syntax is chosen + only to have some well-defined way of referencing a part of + an object. TODO: this design is not final and this field is + subject to change in the future.' + type: string + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + resourceVersion: + description: 'Specific resourceVersion to which this reference + is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + type: string + type: object + x-kubernetes-map-type: atomic + type: array + forceDeleteStsPodOnError: + default: true + description: 'ForceDeleteStsPodOnError Delete the StatefulSet''s pods + if the StatefulSet is set to ordered ready. issue: https://github.com/kubernetes/kubernetes/issues/67250 + doc: https://kubernetes.io/docs/concepts/workloads/controllers/statefulset/#forced-rollback' + type: boolean + hdfs-site.xml: + description: HdfsSite Contents of `hdfs-site.xml`. + type: string + ignored: + default: false + description: 'Ignored is now deprecated API. In order to avoid reconciliation + of objects use the `druid.apache.org/ignored: "true"` annotation.' + type: boolean + image: + description: Image Required here or at the NodeSpec level. + type: string + imagePullPolicy: + default: IfNotPresent + description: ImagePullPolicy + type: string + imagePullSecrets: + description: ImagePullSecrets + items: + description: LocalObjectReference contains enough information to + let you locate the referenced object inside the same namespace. + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + type: object + x-kubernetes-map-type: atomic + type: array + jvm.options: + description: JvmOptions Contents of the shared `jvm.options` configuration + file for druid JVM processes. + type: string + livenessProbe: + description: LivenessProbe Port is set to `druid.port` if not specified + with httpGet handler. + properties: + exec: + description: Exec specifies the action to take. + properties: + command: + description: Command is the command line to execute inside + the container, the working directory for the command is + root ('/') in the container's filesystem. The command is + simply exec'd, it is not run inside a shell, so traditional + shell instructions ('|', etc) won't work. To use a shell, + you need to explicitly call out to that shell. Exit status + of 0 is treated as live/healthy and non-zero is unhealthy. + items: + type: string + type: array + type: object + failureThreshold: + description: Minimum consecutive failures for the probe to be + considered failed after having succeeded. Defaults to 3. Minimum + value is 1. + format: int32 + type: integer + grpc: + description: GRPC specifies an action involving a GRPC port. This + is a beta field and requires enabling GRPCContainerProbe feature + gate. + properties: + port: + description: Port number of the gRPC service. Number must + be in the range 1 to 65535. + format: int32 + type: integer + service: + description: "Service is the name of the service to place + in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + \n If this is not specified, the default behavior is defined + by gRPC." + type: string + required: + - port + type: object + httpGet: + description: HTTPGet specifies the http request to perform. + properties: + host: + description: Host name to connect to, defaults to the pod + IP. You probably want to set "Host" in httpHeaders instead. + type: string + httpHeaders: + description: Custom headers to set in the request. HTTP allows + repeated headers. + items: + description: HTTPHeader describes a custom header to be + used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: integer + - type: string + description: Name or number of the port to access on the container. + Number must be in the range 1 to 65535. Name must be an + IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: Scheme to use for connecting to the host. Defaults + to HTTP. + type: string + required: + - port + type: object + initialDelaySeconds: + description: 'Number of seconds after the container has started + before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + periodSeconds: + description: How often (in seconds) to perform the probe. Default + to 10 seconds. Minimum value is 1. + format: int32 + type: integer + successThreshold: + description: Minimum consecutive successes for the probe to be + considered successful after having failed. Defaults to 1. Must + be 1 for liveness and startup. Minimum value is 1. + format: int32 + type: integer + tcpSocket: + description: TCPSocket specifies an action involving a TCP port. + properties: + host: + description: 'Optional: Host name to connect to, defaults + to the pod IP.' + type: string + port: + anyOf: + - type: integer + - type: string + description: Number or name of the port to access on the container. + Number must be in the range 1 to 65535. Name must be an + IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + terminationGracePeriodSeconds: + description: Optional duration in seconds the pod needs to terminate + gracefully upon probe failure. The grace period is the duration + in seconds after the processes running in the pod are sent a + termination signal and the time when the processes are forcibly + halted with a kill signal. Set this value longer than the expected + cleanup time for your process. If this value is nil, the pod's + terminationGracePeriodSeconds will be used. Otherwise, this + value overrides the value provided by the pod spec. Value must + be non-negative integer. The value zero indicates stop immediately + via the kill signal (no opportunity to shut down). This is a + beta field and requires enabling ProbeTerminationGracePeriod + feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds + is used if unset. + format: int64 + type: integer + timeoutSeconds: + description: 'Number of seconds after which the probe times out. + Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + type: object + log4j.config: + description: Log4jConfig contents `log4j.config` configuration file. + type: string + metadataStore: + description: 'MetadataStore IGNORED (Future API): In order to make + Druid dependency setup extensible from within Druid operator.' + properties: + spec: + description: RawMessage is a raw encoded JSON value. It implements + Marshaler and Unmarshaler and can be used to delay JSON decoding + or precompute a JSON encoding. + format: byte + type: string + type: + type: string + required: + - spec + - type + type: object + metricDimensions.json: + description: 'DimensionsMapPath Custom Dimension Map Path for statsd + emitter. stastd documentation is described in the following documentation: + https://druid.apache.org/docs/latest/development/extensions-contrib/statsd.html' + type: string + nodeSelector: + additionalProperties: + type: string + description: NodeSelector Kubernetes native `nodeSelector` specification. + type: object + nodes: + additionalProperties: + description: 'DruidNodeSpec Specification of `Druid` Node type and + its configurations. The key in following map can be arbitrary + string that helps you identify resources for a specific nodeSpec. + It is used in the Kubernetes resources'' names, so it must be + compliant with restrictions placed on Kubernetes resource names: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/' + properties: + additionalContainer: + description: Operator deploys the sidecar container based on + these properties. + items: + description: 'AdditionalContainer defines additional sidecar + containers to be deployed with the `Druid` pods. (will be + part of Kubernetes native in the future: https://github.com/kubernetes/enhancements/blob/master/keps/sig-node/753-sidecar-containers/README.md#summary).' + properties: + args: + description: Args Arguments to call the command. + items: + type: string + type: array + command: + description: Command command for the additional container. + items: + type: string + type: array + containerName: + description: ContainerName name of the additional container. + type: string + env: + description: Env Environment variables for the additional + container. + items: + description: EnvVar represents an environment variable + present in a Container. + properties: + name: + description: Name of the environment variable. Must + be a C_IDENTIFIER. + type: string + value: + description: 'Variable references $(VAR_NAME) are + expanded using the previously defined environment + variables in the container and any service environment + variables. If a variable cannot be resolved, the + reference in the input string will be unchanged. + Double $$ are reduced to a single $, which allows + for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" + will produce the string literal "$(VAR_NAME)". + Escaped references will never be expanded, regardless + of whether the variable exists or not. Defaults + to "".' + type: string + valueFrom: + description: Source for the environment variable's + value. Cannot be used if value is not empty. + properties: + configMapKeyRef: + description: Selects a key of a ConfigMap. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the ConfigMap + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + fieldRef: + description: 'Selects a field of the pod: supports + metadata.name, metadata.namespace, `metadata.labels['''']`, + `metadata.annotations['''']`, spec.nodeName, + spec.serviceAccountName, status.hostIP, status.podIP, + status.podIPs.' + properties: + apiVersion: + description: Version of the schema the FieldPath + is written in terms of, defaults to "v1". + type: string + fieldPath: + description: Path of the field to select + in the specified API version. + type: string + required: + - fieldPath + type: object + x-kubernetes-map-type: atomic + resourceFieldRef: + description: 'Selects a resource of the container: + only resources limits and requests (limits.cpu, + limits.memory, limits.ephemeral-storage, requests.cpu, + requests.memory and requests.ephemeral-storage) + are currently supported.' + properties: + containerName: + description: 'Container name: required for + volumes, optional for env vars' + type: string + divisor: + anyOf: + - type: integer + - type: string + description: Specifies the output format + of the exposed resources, defaults to + "1" + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + description: 'Required: resource to select' + type: string + required: + - resource + type: object + x-kubernetes-map-type: atomic + secretKeyRef: + description: Selects a key of a secret in the + pod's namespace + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + required: + - name + type: object + type: array + envFrom: + description: EnvFrom Extra environment variables from + remote source (ConfigMaps, Secrets...). + items: + description: EnvFromSource represents the source of + a set of ConfigMaps + properties: + configMapRef: + description: The ConfigMap to select from + properties: + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the ConfigMap must + be defined + type: boolean + type: object + x-kubernetes-map-type: atomic + prefix: + description: An optional identifier to prepend to + each key in the ConfigMap. Must be a C_IDENTIFIER. + type: string + secretRef: + description: The Secret to select from + properties: + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret must + be defined + type: boolean + type: object + x-kubernetes-map-type: atomic + type: object + type: array + image: + description: Image Image of the additional container. + type: string + imagePullPolicy: + description: ImagePullPolicy If not present, will be taken + from top level spec. + type: string + resources: + description: Resources Kubernetes Native `resources` specification. + properties: + claims: + description: "Claims lists the names of resources, + defined in spec.resourceClaims, that are used by + this container. \n This is an alpha field and requires + enabling the DynamicResourceAllocation feature gate. + \n This field is immutable. It can only be set for + containers." + items: + description: ResourceClaim references one entry + in PodSpec.ResourceClaims. + properties: + name: + description: Name must match the name of one + entry in pod.spec.resourceClaims of the Pod + where this field is used. It makes that resource + available inside a container. + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum amount + of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum amount + of compute resources required. If Requests is omitted + for a container, it defaults to Limits if that is + explicitly specified, otherwise to an implementation-defined + value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + type: object + runAsInit: + description: RunAsInit indicate whether this should be + an init container. + type: boolean + securityContext: + description: ContainerSecurityContext If not present, + will be taken from top level pod. + properties: + allowPrivilegeEscalation: + description: 'AllowPrivilegeEscalation controls whether + a process can gain more privileges than its parent + process. This bool directly controls if the no_new_privs + flag will be set on the container process. AllowPrivilegeEscalation + is true always when the container is: 1) run as + Privileged 2) has CAP_SYS_ADMIN Note that this field + cannot be set when spec.os.name is windows.' + type: boolean + capabilities: + description: The capabilities to add/drop when running + containers. Defaults to the default set of capabilities + granted by the container runtime. Note that this + field cannot be set when spec.os.name is windows. + properties: + add: + description: Added capabilities + items: + description: Capability represent POSIX capabilities + type + type: string + type: array + drop: + description: Removed capabilities + items: + description: Capability represent POSIX capabilities + type + type: string + type: array + type: object + privileged: + description: Run container in privileged mode. Processes + in privileged containers are essentially equivalent + to root on the host. Defaults to false. Note that + this field cannot be set when spec.os.name is windows. + type: boolean + procMount: + description: procMount denotes the type of proc mount + to use for the containers. The default is DefaultProcMount + which uses the container runtime defaults for readonly + paths and masked paths. This requires the ProcMountType + feature flag to be enabled. Note that this field + cannot be set when spec.os.name is windows. + type: string + readOnlyRootFilesystem: + description: Whether this container has a read-only + root filesystem. Default is false. Note that this + field cannot be set when spec.os.name is windows. + type: boolean + runAsGroup: + description: The GID to run the entrypoint of the + container process. Uses runtime default if unset. + May also be set in PodSecurityContext. If set in + both SecurityContext and PodSecurityContext, the + value specified in SecurityContext takes precedence. + Note that this field cannot be set when spec.os.name + is windows. + format: int64 + type: integer + runAsNonRoot: + description: Indicates that the container must run + as a non-root user. If true, the Kubelet will validate + the image at runtime to ensure that it does not + run as UID 0 (root) and fail to start the container + if it does. If unset or false, no such validation + will be performed. May also be set in PodSecurityContext. If + set in both SecurityContext and PodSecurityContext, + the value specified in SecurityContext takes precedence. + type: boolean + runAsUser: + description: The UID to run the entrypoint of the + container process. Defaults to user specified in + image metadata if unspecified. May also be set in + PodSecurityContext. If set in both SecurityContext + and PodSecurityContext, the value specified in SecurityContext + takes precedence. Note that this field cannot be + set when spec.os.name is windows. + format: int64 + type: integer + seLinuxOptions: + description: The SELinux context to be applied to + the container. If unspecified, the container runtime + will allocate a random SELinux context for each + container. May also be set in PodSecurityContext. If + set in both SecurityContext and PodSecurityContext, + the value specified in SecurityContext takes precedence. + Note that this field cannot be set when spec.os.name + is windows. + properties: + level: + description: Level is SELinux level label that + applies to the container. + type: string + role: + description: Role is a SELinux role label that + applies to the container. + type: string + type: + description: Type is a SELinux type label that + applies to the container. + type: string + user: + description: User is a SELinux user label that + applies to the container. + type: string + type: object + seccompProfile: + description: The seccomp options to use by this container. + If seccomp options are provided at both the pod + & container level, the container options override + the pod options. Note that this field cannot be + set when spec.os.name is windows. + properties: + localhostProfile: + description: localhostProfile indicates a profile + defined in a file on the node should be used. + The profile must be preconfigured on the node + to work. Must be a descending path, relative + to the kubelet's configured seccomp profile + location. Must only be set if type is "Localhost". + type: string + type: + description: "type indicates which kind of seccomp + profile will be applied. Valid options are: + \n Localhost - a profile defined in a file on + the node should be used. RuntimeDefault - the + container runtime default profile should be + used. Unconfined - no profile should be applied." + type: string + required: + - type + type: object + windowsOptions: + description: The Windows specific settings applied + to all containers. If unspecified, the options from + the PodSecurityContext will be used. If set in both + SecurityContext and PodSecurityContext, the value + specified in SecurityContext takes precedence. Note + that this field cannot be set when spec.os.name + is linux. + properties: + gmsaCredentialSpec: + description: GMSACredentialSpec is where the GMSA + admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) + inlines the contents of the GMSA credential + spec named by the GMSACredentialSpecName field. + type: string + gmsaCredentialSpecName: + description: GMSACredentialSpecName is the name + of the GMSA credential spec to use. + type: string + hostProcess: + description: HostProcess determines if a container + should be run as a 'Host Process' container. + This field is alpha-level and will only be honored + by components that enable the WindowsHostProcessContainers + feature flag. Setting this field without the + feature flag will result in errors when validating + the Pod. All of a Pod's containers must have + the same effective HostProcess value (it is + not allowed to have a mix of HostProcess containers + and non-HostProcess containers). In addition, + if HostProcess is true then HostNetwork must + also be set to true. + type: boolean + runAsUserName: + description: The UserName in Windows to run the + entrypoint of the container process. Defaults + to the user specified in image metadata if unspecified. + May also be set in PodSecurityContext. If set + in both SecurityContext and PodSecurityContext, + the value specified in SecurityContext takes + precedence. + type: string + type: object + type: object + volumeMounts: + description: VolumeMounts Kubernetes Native `VolumeMount` + specification. + items: + description: VolumeMount describes a mounting of a Volume + within a container. + properties: + mountPath: + description: Path within the container at which + the volume should be mounted. Must not contain + ':'. + type: string + mountPropagation: + description: mountPropagation determines how mounts + are propagated from the host to container and + the other way around. When not set, MountPropagationNone + is used. This field is beta in 1.10. + type: string + name: + description: This must match the Name of a Volume. + type: string + readOnly: + description: Mounted read-only if true, read-write + otherwise (false or unspecified). Defaults to + false. + type: boolean + subPath: + description: Path within the volume from which the + container's volume should be mounted. Defaults + to "" (volume's root). + type: string + subPathExpr: + description: Expanded path within the volume from + which the container's volume should be mounted. + Behaves similarly to SubPath but environment variable + references $(VAR_NAME) are expanded using the + container's environment. Defaults to "" (volume's + root). SubPathExpr and SubPath are mutually exclusive. + type: string + required: + - mountPath + - name + type: object + type: array + required: + - command + - containerName + - image + type: object + type: array + affinity: + description: Affinity Kubernetes native `affinity` specification. + properties: + nodeAffinity: + description: Describes node affinity scheduling rules for + the pod. + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule pods + to nodes that satisfy the affinity expressions specified + by this field, but it may choose a node that violates + one or more of the expressions. The node that is most + preferred is the one with the greatest sum of weights, + i.e. for each node that meets all of the scheduling + requirements (resource request, requiredDuringScheduling + affinity expressions, etc.), compute a sum by iterating + through the elements of this field and adding "weight" + to the sum if the node matches the corresponding matchExpressions; + the node(s) with the highest sum are the most preferred. + items: + description: An empty preferred scheduling term matches + all objects with implicit weight 0 (i.e. it's a + no-op). A null preferred scheduling term matches + no objects (i.e. is also a no-op). + properties: + preference: + description: A node selector term, associated + with the corresponding weight. + properties: + matchExpressions: + description: A list of node selector requirements + by node's labels. + items: + description: A node selector requirement + is a selector that contains values, a + key, and an operator that relates the + key and values. + properties: + key: + description: The label key that the + selector applies to. + type: string + operator: + description: Represents a key's relationship + to a set of values. Valid operators + are In, NotIn, Exists, DoesNotExist. + Gt, and Lt. + type: string + values: + description: An array of string values. + If the operator is In or NotIn, the + values array must be non-empty. If + the operator is Exists or DoesNotExist, + the values array must be empty. If + the operator is Gt or Lt, the values + array must have a single element, + which will be interpreted as an integer. + This array is replaced during a strategic + merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchFields: + description: A list of node selector requirements + by node's fields. + items: + description: A node selector requirement + is a selector that contains values, a + key, and an operator that relates the + key and values. + properties: + key: + description: The label key that the + selector applies to. + type: string + operator: + description: Represents a key's relationship + to a set of values. Valid operators + are In, NotIn, Exists, DoesNotExist. + Gt, and Lt. + type: string + values: + description: An array of string values. + If the operator is In or NotIn, the + values array must be non-empty. If + the operator is Exists or DoesNotExist, + the values array must be empty. If + the operator is Gt or Lt, the values + array must have a single element, + which will be interpreted as an integer. + This array is replaced during a strategic + merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + type: object + x-kubernetes-map-type: atomic + weight: + description: Weight associated with matching the + corresponding nodeSelectorTerm, in the range + 1-100. + format: int32 + type: integer + required: + - preference + - weight + type: object + type: array + requiredDuringSchedulingIgnoredDuringExecution: + description: If the affinity requirements specified + by this field are not met at scheduling time, the + pod will not be scheduled onto the node. If the affinity + requirements specified by this field cease to be met + at some point during pod execution (e.g. due to an + update), the system may or may not try to eventually + evict the pod from its node. + properties: + nodeSelectorTerms: + description: Required. A list of node selector terms. + The terms are ORed. + items: + description: A null or empty node selector term + matches no objects. The requirements of them + are ANDed. The TopologySelectorTerm type implements + a subset of the NodeSelectorTerm. + properties: + matchExpressions: + description: A list of node selector requirements + by node's labels. + items: + description: A node selector requirement + is a selector that contains values, a + key, and an operator that relates the + key and values. + properties: + key: + description: The label key that the + selector applies to. + type: string + operator: + description: Represents a key's relationship + to a set of values. Valid operators + are In, NotIn, Exists, DoesNotExist. + Gt, and Lt. + type: string + values: + description: An array of string values. + If the operator is In or NotIn, the + values array must be non-empty. If + the operator is Exists or DoesNotExist, + the values array must be empty. If + the operator is Gt or Lt, the values + array must have a single element, + which will be interpreted as an integer. + This array is replaced during a strategic + merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchFields: + description: A list of node selector requirements + by node's fields. + items: + description: A node selector requirement + is a selector that contains values, a + key, and an operator that relates the + key and values. + properties: + key: + description: The label key that the + selector applies to. + type: string + operator: + description: Represents a key's relationship + to a set of values. Valid operators + are In, NotIn, Exists, DoesNotExist. + Gt, and Lt. + type: string + values: + description: An array of string values. + If the operator is In or NotIn, the + values array must be non-empty. If + the operator is Exists or DoesNotExist, + the values array must be empty. If + the operator is Gt or Lt, the values + array must have a single element, + which will be interpreted as an integer. + This array is replaced during a strategic + merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + type: object + x-kubernetes-map-type: atomic + type: array + required: + - nodeSelectorTerms + type: object + x-kubernetes-map-type: atomic + type: object + podAffinity: + description: Describes pod affinity scheduling rules (e.g. + co-locate this pod in the same node, zone, etc. as some + other pod(s)). + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule pods + to nodes that satisfy the affinity expressions specified + by this field, but it may choose a node that violates + one or more of the expressions. The node that is most + preferred is the one with the greatest sum of weights, + i.e. for each node that meets all of the scheduling + requirements (resource request, requiredDuringScheduling + affinity expressions, etc.), compute a sum by iterating + through the elements of this field and adding "weight" + to the sum if the node has pods which matches the + corresponding podAffinityTerm; the node(s) with the + highest sum are the most preferred. + items: + description: The weights of all of the matched WeightedPodAffinityTerm + fields are added per-node to find the most preferred + node(s) + properties: + podAffinityTerm: + description: Required. A pod affinity term, associated + with the corresponding weight. + properties: + labelSelector: + description: A label query over a set of resources, + in this case pods. + properties: + matchExpressions: + description: matchExpressions is a list + of label selector requirements. The + requirements are ANDed. + items: + description: A label selector requirement + is a selector that contains values, + a key, and an operator that relates + the key and values. + properties: + key: + description: key is the label key + that the selector applies to. + type: string + operator: + description: operator represents + a key's relationship to a set + of values. Valid operators are + In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array + of string values. If the operator + is In or NotIn, the values array + must be non-empty. If the operator + is Exists or DoesNotExist, the + values array must be empty. This + array is replaced during a strategic + merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator + is "In", and the values array contains + only "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + namespaceSelector: + description: A label query over the set of + namespaces that the term applies to. The + term is applied to the union of the namespaces + selected by this field and the ones listed + in the namespaces field. null selector and + null or empty namespaces list means "this + pod's namespace". An empty selector ({}) + matches all namespaces. + properties: + matchExpressions: + description: matchExpressions is a list + of label selector requirements. The + requirements are ANDed. + items: + description: A label selector requirement + is a selector that contains values, + a key, and an operator that relates + the key and values. + properties: + key: + description: key is the label key + that the selector applies to. + type: string + operator: + description: operator represents + a key's relationship to a set + of values. Valid operators are + In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array + of string values. If the operator + is In or NotIn, the values array + must be non-empty. If the operator + is Exists or DoesNotExist, the + values array must be empty. This + array is replaced during a strategic + merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator + is "In", and the values array contains + only "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + namespaces: + description: namespaces specifies a static + list of namespace names that the term applies + to. The term is applied to the union of + the namespaces listed in this field and + the ones selected by namespaceSelector. + null or empty namespaces list and null namespaceSelector + means "this pod's namespace". + items: + type: string + type: array + topologyKey: + description: This pod should be co-located + (affinity) or not co-located (anti-affinity) + with the pods matching the labelSelector + in the specified namespaces, where co-located + is defined as running on a node whose value + of the label with key topologyKey matches + that of any node on which any of the selected + pods is running. Empty topologyKey is not + allowed. + type: string + required: + - topologyKey + type: object + weight: + description: weight associated with matching the + corresponding podAffinityTerm, in the range + 1-100. + format: int32 + type: integer + required: + - podAffinityTerm + - weight + type: object + type: array + requiredDuringSchedulingIgnoredDuringExecution: + description: If the affinity requirements specified + by this field are not met at scheduling time, the + pod will not be scheduled onto the node. If the affinity + requirements specified by this field cease to be met + at some point during pod execution (e.g. due to a + pod label update), the system may or may not try to + eventually evict the pod from its node. When there + are multiple elements, the lists of nodes corresponding + to each podAffinityTerm are intersected, i.e. all + terms must be satisfied. + items: + description: Defines a set of pods (namely those matching + the labelSelector relative to the given namespace(s)) + that this pod should be co-located (affinity) or + not co-located (anti-affinity) with, where co-located + is defined as running on a node whose value of the + label with key matches that of any + node on which a pod of the set of pods is running + properties: + labelSelector: + description: A label query over a set of resources, + in this case pods. + properties: + matchExpressions: + description: matchExpressions is a list of + label selector requirements. The requirements + are ANDed. + items: + description: A label selector requirement + is a selector that contains values, a + key, and an operator that relates the + key and values. + properties: + key: + description: key is the label key that + the selector applies to. + type: string + operator: + description: operator represents a key's + relationship to a set of values. Valid + operators are In, NotIn, Exists and + DoesNotExist. + type: string + values: + description: values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. + If the operator is Exists or DoesNotExist, + the values array must be empty. This + array is replaced during a strategic + merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is + "In", and the values array contains only + "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + namespaceSelector: + description: A label query over the set of namespaces + that the term applies to. The term is applied + to the union of the namespaces selected by this + field and the ones listed in the namespaces + field. null selector and null or empty namespaces + list means "this pod's namespace". An empty + selector ({}) matches all namespaces. + properties: + matchExpressions: + description: matchExpressions is a list of + label selector requirements. The requirements + are ANDed. + items: + description: A label selector requirement + is a selector that contains values, a + key, and an operator that relates the + key and values. + properties: + key: + description: key is the label key that + the selector applies to. + type: string + operator: + description: operator represents a key's + relationship to a set of values. Valid + operators are In, NotIn, Exists and + DoesNotExist. + type: string + values: + description: values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. + If the operator is Exists or DoesNotExist, + the values array must be empty. This + array is replaced during a strategic + merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is + "In", and the values array contains only + "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + namespaces: + description: namespaces specifies a static list + of namespace names that the term applies to. + The term is applied to the union of the namespaces + listed in this field and the ones selected by + namespaceSelector. null or empty namespaces + list and null namespaceSelector means "this + pod's namespace". + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) + or not co-located (anti-affinity) with the pods + matching the labelSelector in the specified + namespaces, where co-located is defined as running + on a node whose value of the label with key + topologyKey matches that of any node on which + any of the selected pods is running. Empty topologyKey + is not allowed. + type: string + required: + - topologyKey + type: object + type: array + type: object + podAntiAffinity: + description: Describes pod anti-affinity scheduling rules + (e.g. avoid putting this pod in the same node, zone, etc. + as some other pod(s)). + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule pods + to nodes that satisfy the anti-affinity expressions + specified by this field, but it may choose a node + that violates one or more of the expressions. The + node that is most preferred is the one with the greatest + sum of weights, i.e. for each node that meets all + of the scheduling requirements (resource request, + requiredDuringScheduling anti-affinity expressions, + etc.), compute a sum by iterating through the elements + of this field and adding "weight" to the sum if the + node has pods which matches the corresponding podAffinityTerm; + the node(s) with the highest sum are the most preferred. + items: + description: The weights of all of the matched WeightedPodAffinityTerm + fields are added per-node to find the most preferred + node(s) + properties: + podAffinityTerm: + description: Required. A pod affinity term, associated + with the corresponding weight. + properties: + labelSelector: + description: A label query over a set of resources, + in this case pods. + properties: + matchExpressions: + description: matchExpressions is a list + of label selector requirements. The + requirements are ANDed. + items: + description: A label selector requirement + is a selector that contains values, + a key, and an operator that relates + the key and values. + properties: + key: + description: key is the label key + that the selector applies to. + type: string + operator: + description: operator represents + a key's relationship to a set + of values. Valid operators are + In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array + of string values. If the operator + is In or NotIn, the values array + must be non-empty. If the operator + is Exists or DoesNotExist, the + values array must be empty. This + array is replaced during a strategic + merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator + is "In", and the values array contains + only "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + namespaceSelector: + description: A label query over the set of + namespaces that the term applies to. The + term is applied to the union of the namespaces + selected by this field and the ones listed + in the namespaces field. null selector and + null or empty namespaces list means "this + pod's namespace". An empty selector ({}) + matches all namespaces. + properties: + matchExpressions: + description: matchExpressions is a list + of label selector requirements. The + requirements are ANDed. + items: + description: A label selector requirement + is a selector that contains values, + a key, and an operator that relates + the key and values. + properties: + key: + description: key is the label key + that the selector applies to. + type: string + operator: + description: operator represents + a key's relationship to a set + of values. Valid operators are + In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array + of string values. If the operator + is In or NotIn, the values array + must be non-empty. If the operator + is Exists or DoesNotExist, the + values array must be empty. This + array is replaced during a strategic + merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator + is "In", and the values array contains + only "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + namespaces: + description: namespaces specifies a static + list of namespace names that the term applies + to. The term is applied to the union of + the namespaces listed in this field and + the ones selected by namespaceSelector. + null or empty namespaces list and null namespaceSelector + means "this pod's namespace". + items: + type: string + type: array + topologyKey: + description: This pod should be co-located + (affinity) or not co-located (anti-affinity) + with the pods matching the labelSelector + in the specified namespaces, where co-located + is defined as running on a node whose value + of the label with key topologyKey matches + that of any node on which any of the selected + pods is running. Empty topologyKey is not + allowed. + type: string + required: + - topologyKey + type: object + weight: + description: weight associated with matching the + corresponding podAffinityTerm, in the range + 1-100. + format: int32 + type: integer + required: + - podAffinityTerm + - weight + type: object + type: array + requiredDuringSchedulingIgnoredDuringExecution: + description: If the anti-affinity requirements specified + by this field are not met at scheduling time, the + pod will not be scheduled onto the node. If the anti-affinity + requirements specified by this field cease to be met + at some point during pod execution (e.g. due to a + pod label update), the system may or may not try to + eventually evict the pod from its node. When there + are multiple elements, the lists of nodes corresponding + to each podAffinityTerm are intersected, i.e. all + terms must be satisfied. + items: + description: Defines a set of pods (namely those matching + the labelSelector relative to the given namespace(s)) + that this pod should be co-located (affinity) or + not co-located (anti-affinity) with, where co-located + is defined as running on a node whose value of the + label with key matches that of any + node on which a pod of the set of pods is running + properties: + labelSelector: + description: A label query over a set of resources, + in this case pods. + properties: + matchExpressions: + description: matchExpressions is a list of + label selector requirements. The requirements + are ANDed. + items: + description: A label selector requirement + is a selector that contains values, a + key, and an operator that relates the + key and values. + properties: + key: + description: key is the label key that + the selector applies to. + type: string + operator: + description: operator represents a key's + relationship to a set of values. Valid + operators are In, NotIn, Exists and + DoesNotExist. + type: string + values: + description: values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. + If the operator is Exists or DoesNotExist, + the values array must be empty. This + array is replaced during a strategic + merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is + "In", and the values array contains only + "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + namespaceSelector: + description: A label query over the set of namespaces + that the term applies to. The term is applied + to the union of the namespaces selected by this + field and the ones listed in the namespaces + field. null selector and null or empty namespaces + list means "this pod's namespace". An empty + selector ({}) matches all namespaces. + properties: + matchExpressions: + description: matchExpressions is a list of + label selector requirements. The requirements + are ANDed. + items: + description: A label selector requirement + is a selector that contains values, a + key, and an operator that relates the + key and values. + properties: + key: + description: key is the label key that + the selector applies to. + type: string + operator: + description: operator represents a key's + relationship to a set of values. Valid + operators are In, NotIn, Exists and + DoesNotExist. + type: string + values: + description: values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. + If the operator is Exists or DoesNotExist, + the values array must be empty. This + array is replaced during a strategic + merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is + "In", and the values array contains only + "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + namespaces: + description: namespaces specifies a static list + of namespace names that the term applies to. + The term is applied to the union of the namespaces + listed in this field and the ones selected by + namespaceSelector. null or empty namespaces + list and null namespaceSelector means "this + pod's namespace". + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) + or not co-located (anti-affinity) with the pods + matching the labelSelector in the specified + namespaces, where co-located is defined as running + on a node whose value of the label with key + topologyKey matches that of any node on which + any of the selected pods is running. Empty topologyKey + is not allowed. + type: string + required: + - topologyKey + type: object + type: array + type: object + type: object + containerSecurityContext: + description: ContainerSecurityContext + properties: + allowPrivilegeEscalation: + description: 'AllowPrivilegeEscalation controls whether + a process can gain more privileges than its parent process. + This bool directly controls if the no_new_privs flag will + be set on the container process. AllowPrivilegeEscalation + is true always when the container is: 1) run as Privileged + 2) has CAP_SYS_ADMIN Note that this field cannot be set + when spec.os.name is windows.' + type: boolean + capabilities: + description: The capabilities to add/drop when running containers. + Defaults to the default set of capabilities granted by + the container runtime. Note that this field cannot be + set when spec.os.name is windows. + properties: + add: + description: Added capabilities + items: + description: Capability represent POSIX capabilities + type + type: string + type: array + drop: + description: Removed capabilities + items: + description: Capability represent POSIX capabilities + type + type: string + type: array + type: object + privileged: + description: Run container in privileged mode. Processes + in privileged containers are essentially equivalent to + root on the host. Defaults to false. Note that this field + cannot be set when spec.os.name is windows. + type: boolean + procMount: + description: procMount denotes the type of proc mount to + use for the containers. The default is DefaultProcMount + which uses the container runtime defaults for readonly + paths and masked paths. This requires the ProcMountType + feature flag to be enabled. Note that this field cannot + be set when spec.os.name is windows. + type: string + readOnlyRootFilesystem: + description: Whether this container has a read-only root + filesystem. Default is false. Note that this field cannot + be set when spec.os.name is windows. + type: boolean + runAsGroup: + description: The GID to run the entrypoint of the container + process. Uses runtime default if unset. May also be set + in PodSecurityContext. If set in both SecurityContext + and PodSecurityContext, the value specified in SecurityContext + takes precedence. Note that this field cannot be set when + spec.os.name is windows. + format: int64 + type: integer + runAsNonRoot: + description: Indicates that the container must run as a + non-root user. If true, the Kubelet will validate the + image at runtime to ensure that it does not run as UID + 0 (root) and fail to start the container if it does. If + unset or false, no such validation will be performed. + May also be set in PodSecurityContext. If set in both + SecurityContext and PodSecurityContext, the value specified + in SecurityContext takes precedence. + type: boolean + runAsUser: + description: The UID to run the entrypoint of the container + process. Defaults to user specified in image metadata + if unspecified. May also be set in PodSecurityContext. If + set in both SecurityContext and PodSecurityContext, the + value specified in SecurityContext takes precedence. Note + that this field cannot be set when spec.os.name is windows. + format: int64 + type: integer + seLinuxOptions: + description: The SELinux context to be applied to the container. + If unspecified, the container runtime will allocate a + random SELinux context for each container. May also be + set in PodSecurityContext. If set in both SecurityContext + and PodSecurityContext, the value specified in SecurityContext + takes precedence. Note that this field cannot be set when + spec.os.name is windows. + properties: + level: + description: Level is SELinux level label that applies + to the container. + type: string + role: + description: Role is a SELinux role label that applies + to the container. + type: string + type: + description: Type is a SELinux type label that applies + to the container. + type: string + user: + description: User is a SELinux user label that applies + to the container. + type: string + type: object + seccompProfile: + description: The seccomp options to use by this container. + If seccomp options are provided at both the pod & container + level, the container options override the pod options. + Note that this field cannot be set when spec.os.name is + windows. + properties: + localhostProfile: + description: localhostProfile indicates a profile defined + in a file on the node should be used. The profile + must be preconfigured on the node to work. Must be + a descending path, relative to the kubelet's configured + seccomp profile location. Must only be set if type + is "Localhost". + type: string + type: + description: "type indicates which kind of seccomp profile + will be applied. Valid options are: \n Localhost - + a profile defined in a file on the node should be + used. RuntimeDefault - the container runtime default + profile should be used. Unconfined - no profile should + be applied." + type: string + required: + - type + type: object + windowsOptions: + description: The Windows specific settings applied to all + containers. If unspecified, the options from the PodSecurityContext + will be used. If set in both SecurityContext and PodSecurityContext, + the value specified in SecurityContext takes precedence. + Note that this field cannot be set when spec.os.name is + linux. + properties: + gmsaCredentialSpec: + description: GMSACredentialSpec is where the GMSA admission + webhook (https://github.com/kubernetes-sigs/windows-gmsa) + inlines the contents of the GMSA credential spec named + by the GMSACredentialSpecName field. + type: string + gmsaCredentialSpecName: + description: GMSACredentialSpecName is the name of the + GMSA credential spec to use. + type: string + hostProcess: + description: HostProcess determines if a container should + be run as a 'Host Process' container. This field is + alpha-level and will only be honored by components + that enable the WindowsHostProcessContainers feature + flag. Setting this field without the feature flag + will result in errors when validating the Pod. All + of a Pod's containers must have the same effective + HostProcess value (it is not allowed to have a mix + of HostProcess containers and non-HostProcess containers). In + addition, if HostProcess is true then HostNetwork + must also be set to true. + type: boolean + runAsUserName: + description: The UserName in Windows to run the entrypoint + of the container process. Defaults to the user specified + in image metadata if unspecified. May also be set + in PodSecurityContext. If set in both SecurityContext + and PodSecurityContext, the value specified in SecurityContext + takes precedence. + type: string + type: object + type: object + druid.port: + description: DruidPort Used by the `Druid` process. + format: int32 + type: integer + env: + description: Env Environment variables for druid containers. + items: + description: EnvVar represents an environment variable present + in a Container. + properties: + name: + description: Name of the environment variable. Must be + a C_IDENTIFIER. + type: string + value: + description: 'Variable references $(VAR_NAME) are expanded + using the previously defined environment variables in + the container and any service environment variables. + If a variable cannot be resolved, the reference in the + input string will be unchanged. Double $$ are reduced + to a single $, which allows for escaping the $(VAR_NAME) + syntax: i.e. "$$(VAR_NAME)" will produce the string + literal "$(VAR_NAME)". Escaped references will never + be expanded, regardless of whether the variable exists + or not. Defaults to "".' + type: string + valueFrom: + description: Source for the environment variable's value. + Cannot be used if value is not empty. + properties: + configMapKeyRef: + description: Selects a key of a ConfigMap. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether the ConfigMap or + its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + fieldRef: + description: 'Selects a field of the pod: supports + metadata.name, metadata.namespace, `metadata.labels['''']`, + `metadata.annotations['''']`, spec.nodeName, + spec.serviceAccountName, status.hostIP, status.podIP, + status.podIPs.' + properties: + apiVersion: + description: Version of the schema the FieldPath + is written in terms of, defaults to "v1". + type: string + fieldPath: + description: Path of the field to select in the + specified API version. + type: string + required: + - fieldPath + type: object + x-kubernetes-map-type: atomic + resourceFieldRef: + description: 'Selects a resource of the container: + only resources limits and requests (limits.cpu, + limits.memory, limits.ephemeral-storage, requests.cpu, + requests.memory and requests.ephemeral-storage) + are currently supported.' + properties: + containerName: + description: 'Container name: required for volumes, + optional for env vars' + type: string + divisor: + anyOf: + - type: integer + - type: string + description: Specifies the output format of the + exposed resources, defaults to "1" + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + description: 'Required: resource to select' + type: string + required: + - resource + type: object + x-kubernetes-map-type: atomic + secretKeyRef: + description: Selects a key of a secret in the pod's + namespace + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether the Secret or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + required: + - name + type: object + type: array + envFrom: + description: EnvFrom Extra environment variables from remote + source (ConfigMaps, Secrets...). + items: + description: EnvFromSource represents the source of a set + of ConfigMaps + properties: + configMapRef: + description: The ConfigMap to select from + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether the ConfigMap must be + defined + type: boolean + type: object + x-kubernetes-map-type: atomic + prefix: + description: An optional identifier to prepend to each + key in the ConfigMap. Must be a C_IDENTIFIER. + type: string + secretRef: + description: The Secret to select from + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether the Secret must be defined + type: boolean + type: object + x-kubernetes-map-type: atomic + type: object + type: array + extra.jvm.options: + description: ExtraJvmOptions Appends extra jvm options to the + `JvmOptions` field. + type: string + hpAutoscaler: + description: HPAutoScaler Kubernetes Native `HorizontalPodAutoscaler` + specification. + properties: + behavior: + description: behavior configures the scaling behavior of + the target in both Up and Down directions (scaleUp and + scaleDown fields respectively). If not set, the default + HPAScalingRules for scale up and scale down are used. + properties: + scaleDown: + description: scaleDown is scaling policy for scaling + Down. If not set, the default value is to allow to + scale down to minReplicas pods, with a 300 second + stabilization window (i.e., the highest recommendation + for the last 300sec is used). + properties: + policies: + description: policies is a list of potential scaling + polices which can be used during scaling. At least + one policy must be specified, otherwise the HPAScalingRules + will be discarded as invalid + items: + description: HPAScalingPolicy is a single policy + which must hold true for a specified past interval. + properties: + periodSeconds: + description: PeriodSeconds specifies the window + of time for which the policy should hold + true. PeriodSeconds must be greater than + zero and less than or equal to 1800 (30 + min). + format: int32 + type: integer + type: + description: Type is used to specify the scaling + policy. + type: string + value: + description: Value contains the amount of + change which is permitted by the policy. + It must be greater than zero + format: int32 + type: integer + required: + - periodSeconds + - type + - value + type: object + type: array + x-kubernetes-list-type: atomic + selectPolicy: + description: selectPolicy is used to specify which + policy should be used. If not set, the default + value Max is used. + type: string + stabilizationWindowSeconds: + description: 'StabilizationWindowSeconds is the + number of seconds for which past recommendations + should be considered while scaling up or scaling + down. StabilizationWindowSeconds must be greater + than or equal to zero and less than or equal to + 3600 (one hour). If not set, use the default values: + - For scale up: 0 (i.e. no stabilization is done). + - For scale down: 300 (i.e. the stabilization + window is 300 seconds long).' + format: int32 + type: integer + type: object + scaleUp: + description: 'scaleUp is scaling policy for scaling + Up. If not set, the default value is the higher of: + * increase no more than 4 pods per 60 seconds * double + the number of pods per 60 seconds No stabilization + is used.' + properties: + policies: + description: policies is a list of potential scaling + polices which can be used during scaling. At least + one policy must be specified, otherwise the HPAScalingRules + will be discarded as invalid + items: + description: HPAScalingPolicy is a single policy + which must hold true for a specified past interval. + properties: + periodSeconds: + description: PeriodSeconds specifies the window + of time for which the policy should hold + true. PeriodSeconds must be greater than + zero and less than or equal to 1800 (30 + min). + format: int32 + type: integer + type: + description: Type is used to specify the scaling + policy. + type: string + value: + description: Value contains the amount of + change which is permitted by the policy. + It must be greater than zero + format: int32 + type: integer + required: + - periodSeconds + - type + - value + type: object + type: array + x-kubernetes-list-type: atomic + selectPolicy: + description: selectPolicy is used to specify which + policy should be used. If not set, the default + value Max is used. + type: string + stabilizationWindowSeconds: + description: 'StabilizationWindowSeconds is the + number of seconds for which past recommendations + should be considered while scaling up or scaling + down. StabilizationWindowSeconds must be greater + than or equal to zero and less than or equal to + 3600 (one hour). If not set, use the default values: + - For scale up: 0 (i.e. no stabilization is done). + - For scale down: 300 (i.e. the stabilization + window is 300 seconds long).' + format: int32 + type: integer + type: object + type: object + maxReplicas: + description: maxReplicas is the upper limit for the number + of replicas to which the autoscaler can scale up. It cannot + be less that minReplicas. + format: int32 + type: integer + metrics: + description: metrics contains the specifications for which + to use to calculate the desired replica count (the maximum + replica count across all metrics will be used). The desired + replica count is calculated multiplying the ratio between + the target value and the current value by the current + number of pods. Ergo, metrics used must decrease as the + pod count is increased, and vice-versa. See the individual + metric source types for more information about how each + type of metric must respond. If not set, the default metric + will be set to 80% average CPU utilization. + items: + description: MetricSpec specifies how to scale based on + a single metric (only `type` and one other matching + field should be set at once). + properties: + containerResource: + description: containerResource refers to a resource + metric (such as those specified in requests and + limits) known to Kubernetes describing a single + container in each pod of the current scale target + (e.g. CPU or memory). Such metrics are built in + to Kubernetes, and have special scaling options + on top of those available to normal per-pod metrics + using the "pods" source. This is an alpha feature + and can be enabled by the HPAContainerMetrics feature + flag. + properties: + container: + description: container is the name of the container + in the pods of the scaling target + type: string + name: + description: name is the name of the resource + in question. + type: string + target: + description: target specifies the target value + for the given metric + properties: + averageUtilization: + description: averageUtilization is the target + value of the average of the resource metric + across all relevant pods, represented as + a percentage of the requested value of the + resource for the pods. Currently only valid + for Resource metric source type + format: int32 + type: integer + averageValue: + anyOf: + - type: integer + - type: string + description: averageValue is the target value + of the average of the metric across all + relevant pods (as a quantity) + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: + description: type represents whether the metric + type is Utilization, Value, or AverageValue + type: string + value: + anyOf: + - type: integer + - type: string + description: value is the target value of + the metric (as a quantity). + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + required: + - type + type: object + required: + - container + - name + - target + type: object + external: + description: external refers to a global metric that + is not associated with any Kubernetes object. It + allows autoscaling based on information coming from + components running outside of cluster (for example + length of queue in cloud messaging service, or QPS + from loadbalancer running outside of cluster). + properties: + metric: + description: metric identifies the target metric + by name and selector + properties: + name: + description: name is the name of the given + metric + type: string + selector: + description: selector is the string-encoded + form of a standard kubernetes label selector + for the given metric When set, it is passed + as an additional parameter to the metrics + server for more specific metrics scoping. + When unset, just the metricName will be + used to gather metrics. + properties: + matchExpressions: + description: matchExpressions is a list + of label selector requirements. The + requirements are ANDed. + items: + description: A label selector requirement + is a selector that contains values, + a key, and an operator that relates + the key and values. + properties: + key: + description: key is the label key + that the selector applies to. + type: string + operator: + description: operator represents + a key's relationship to a set + of values. Valid operators are + In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array + of string values. If the operator + is In or NotIn, the values array + must be non-empty. If the operator + is Exists or DoesNotExist, the + values array must be empty. This + array is replaced during a strategic + merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator + is "In", and the values array contains + only "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + required: + - name + type: object + target: + description: target specifies the target value + for the given metric + properties: + averageUtilization: + description: averageUtilization is the target + value of the average of the resource metric + across all relevant pods, represented as + a percentage of the requested value of the + resource for the pods. Currently only valid + for Resource metric source type + format: int32 + type: integer + averageValue: + anyOf: + - type: integer + - type: string + description: averageValue is the target value + of the average of the metric across all + relevant pods (as a quantity) + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: + description: type represents whether the metric + type is Utilization, Value, or AverageValue + type: string + value: + anyOf: + - type: integer + - type: string + description: value is the target value of + the metric (as a quantity). + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + required: + - type + type: object + required: + - metric + - target + type: object + object: + description: object refers to a metric describing + a single kubernetes object (for example, hits-per-second + on an Ingress object). + properties: + describedObject: + description: describedObject specifies the descriptions + of a object,such as kind,name apiVersion + properties: + apiVersion: + description: API version of the referent + type: string + kind: + description: 'Kind of the referent; More info: + https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent; More info: + http://kubernetes.io/docs/user-guide/identifiers#names' + type: string + required: + - kind + - name + type: object + metric: + description: metric identifies the target metric + by name and selector + properties: + name: + description: name is the name of the given + metric + type: string + selector: + description: selector is the string-encoded + form of a standard kubernetes label selector + for the given metric When set, it is passed + as an additional parameter to the metrics + server for more specific metrics scoping. + When unset, just the metricName will be + used to gather metrics. + properties: + matchExpressions: + description: matchExpressions is a list + of label selector requirements. The + requirements are ANDed. + items: + description: A label selector requirement + is a selector that contains values, + a key, and an operator that relates + the key and values. + properties: + key: + description: key is the label key + that the selector applies to. + type: string + operator: + description: operator represents + a key's relationship to a set + of values. Valid operators are + In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array + of string values. If the operator + is In or NotIn, the values array + must be non-empty. If the operator + is Exists or DoesNotExist, the + values array must be empty. This + array is replaced during a strategic + merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator + is "In", and the values array contains + only "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + required: + - name + type: object + target: + description: target specifies the target value + for the given metric + properties: + averageUtilization: + description: averageUtilization is the target + value of the average of the resource metric + across all relevant pods, represented as + a percentage of the requested value of the + resource for the pods. Currently only valid + for Resource metric source type + format: int32 + type: integer + averageValue: + anyOf: + - type: integer + - type: string + description: averageValue is the target value + of the average of the metric across all + relevant pods (as a quantity) + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: + description: type represents whether the metric + type is Utilization, Value, or AverageValue + type: string + value: + anyOf: + - type: integer + - type: string + description: value is the target value of + the metric (as a quantity). + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + required: + - type + type: object + required: + - describedObject + - metric + - target + type: object + pods: + description: pods refers to a metric describing each + pod in the current scale target (for example, transactions-processed-per-second). The + values will be averaged together before being compared + to the target value. + properties: + metric: + description: metric identifies the target metric + by name and selector + properties: + name: + description: name is the name of the given + metric + type: string + selector: + description: selector is the string-encoded + form of a standard kubernetes label selector + for the given metric When set, it is passed + as an additional parameter to the metrics + server for more specific metrics scoping. + When unset, just the metricName will be + used to gather metrics. + properties: + matchExpressions: + description: matchExpressions is a list + of label selector requirements. The + requirements are ANDed. + items: + description: A label selector requirement + is a selector that contains values, + a key, and an operator that relates + the key and values. + properties: + key: + description: key is the label key + that the selector applies to. + type: string + operator: + description: operator represents + a key's relationship to a set + of values. Valid operators are + In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array + of string values. If the operator + is In or NotIn, the values array + must be non-empty. If the operator + is Exists or DoesNotExist, the + values array must be empty. This + array is replaced during a strategic + merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator + is "In", and the values array contains + only "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + required: + - name + type: object + target: + description: target specifies the target value + for the given metric + properties: + averageUtilization: + description: averageUtilization is the target + value of the average of the resource metric + across all relevant pods, represented as + a percentage of the requested value of the + resource for the pods. Currently only valid + for Resource metric source type + format: int32 + type: integer + averageValue: + anyOf: + - type: integer + - type: string + description: averageValue is the target value + of the average of the metric across all + relevant pods (as a quantity) + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: + description: type represents whether the metric + type is Utilization, Value, or AverageValue + type: string + value: + anyOf: + - type: integer + - type: string + description: value is the target value of + the metric (as a quantity). + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + required: + - type + type: object + required: + - metric + - target + type: object + resource: + description: resource refers to a resource metric + (such as those specified in requests and limits) + known to Kubernetes describing each pod in the current + scale target (e.g. CPU or memory). Such metrics + are built in to Kubernetes, and have special scaling + options on top of those available to normal per-pod + metrics using the "pods" source. + properties: + name: + description: name is the name of the resource + in question. + type: string + target: + description: target specifies the target value + for the given metric + properties: + averageUtilization: + description: averageUtilization is the target + value of the average of the resource metric + across all relevant pods, represented as + a percentage of the requested value of the + resource for the pods. Currently only valid + for Resource metric source type + format: int32 + type: integer + averageValue: + anyOf: + - type: integer + - type: string + description: averageValue is the target value + of the average of the metric across all + relevant pods (as a quantity) + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: + description: type represents whether the metric + type is Utilization, Value, or AverageValue + type: string + value: + anyOf: + - type: integer + - type: string + description: value is the target value of + the metric (as a quantity). + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + required: + - type + type: object + required: + - name + - target + type: object + type: + description: 'type is the type of metric source. It + should be one of "ContainerResource", "External", + "Object", "Pods" or "Resource", each mapping to + a matching field in the object. Note: "ContainerResource" + type is available on when the feature-gate HPAContainerMetrics + is enabled' + type: string + required: + - type + type: object + type: array + x-kubernetes-list-type: atomic + minReplicas: + description: minReplicas is the lower limit for the number + of replicas to which the autoscaler can scale down. It + defaults to 1 pod. minReplicas is allowed to be 0 if + the alpha feature gate HPAScaleToZero is enabled and at + least one Object or External metric is configured. Scaling + is active as long as at least one metric value is available. + format: int32 + type: integer + scaleTargetRef: + description: scaleTargetRef points to the target resource + to scale, and is used to the pods for which metrics should + be collected, as well as to actually change the replica + count. + properties: + apiVersion: + description: API version of the referent + type: string + kind: + description: 'Kind of the referent; More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent; More info: http://kubernetes.io/docs/user-guide/identifiers#names' + type: string + required: + - kind + - name + type: object + required: + - maxReplicas + - scaleTargetRef + type: object + image: + description: Image Overrides image from top level, Required + if no image specified at top level. + type: string + imagePullPolicy: + description: ImagePullPolicy Overrides `imagePullPolicy` from + top level. + type: string + imagePullSecrets: + description: ImagePullSecrets Overrides `imagePullSecrets` from + top level. + items: + description: LocalObjectReference contains enough information + to let you locate the referenced object inside the same + namespace. + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + type: object + x-kubernetes-map-type: atomic + type: array + ingress: + description: Ingress Kubernetes Native `Ingress` specification. + properties: + defaultBackend: + description: DefaultBackend is the backend that should handle + requests that don't match any rule. If Rules are not specified, + DefaultBackend must be specified. If DefaultBackend is + not set, the handling of requests that do not match any + of the rules will be up to the Ingress controller. + properties: + resource: + description: Resource is an ObjectRef to another Kubernetes + resource in the namespace of the Ingress object. If + resource is specified, a service.Name and service.Port + must not be specified. This is a mutually exclusive + setting with "Service". + properties: + apiGroup: + description: APIGroup is the group for the resource + being referenced. If APIGroup is not specified, + the specified Kind must be in the core API group. + For any other third-party types, APIGroup is required. + type: string + kind: + description: Kind is the type of resource being + referenced + type: string + name: + description: Name is the name of resource being + referenced + type: string + required: + - kind + - name + type: object + x-kubernetes-map-type: atomic + service: + description: Service references a Service as a Backend. + This is a mutually exclusive setting with "Resource". + properties: + name: + description: Name is the referenced service. The + service must exist in the same namespace as the + Ingress object. + type: string + port: + description: Port of the referenced service. A port + name or port number is required for a IngressServiceBackend. + properties: + name: + description: Name is the name of the port on + the Service. This is a mutually exclusive + setting with "Number". + type: string + number: + description: Number is the numerical port number + (e.g. 80) on the Service. This is a mutually + exclusive setting with "Name". + format: int32 + type: integer + type: object + required: + - name + type: object + type: object + ingressClassName: + description: IngressClassName is the name of an IngressClass + cluster resource. Ingress controller implementations use + this field to know whether they should be serving this + Ingress resource, by a transitive connection (controller + -> IngressClass -> Ingress resource). Although the `kubernetes.io/ingress.class` + annotation (simple constant name) was never formally defined, + it was widely supported by Ingress controllers to create + a direct binding between Ingress controller and Ingress + resources. Newly created Ingress resources should prefer + using the field. However, even though the annotation is + officially deprecated, for backwards compatibility reasons, + ingress controllers should still honor that annotation + if present. + type: string + rules: + description: A list of host rules used to configure the + Ingress. If unspecified, or no rule matches, all traffic + is sent to the default backend. + items: + description: IngressRule represents the rules mapping + the paths under a specified host to the related backend + services. Incoming requests are first evaluated for + a host match, then routed to the backend associated + with the matching IngressRuleValue. + properties: + host: + description: "Host is the fully qualified domain name + of a network host, as defined by RFC 3986. Note + the following deviations from the \"host\" part + of the URI as defined in RFC 3986: 1. IPs are not + allowed. Currently an IngressRuleValue can only + apply to the IP in the Spec of the parent Ingress. + 2. The `:` delimiter is not respected because ports + are not allowed. Currently the port of an Ingress + is implicitly :80 for http and :443 for https. Both + these may change in the future. Incoming requests + are matched against the host before the IngressRuleValue. + If the host is unspecified, the Ingress routes all + traffic based on the specified IngressRuleValue. + \n Host can be \"precise\" which is a domain name + without the terminating dot of a network host (e.g. + \"foo.bar.com\") or \"wildcard\", which is a domain + name prefixed with a single wildcard label (e.g. + \"*.foo.com\"). The wildcard character '*' must + appear by itself as the first DNS label and matches + only a single label. You cannot have a wildcard + label by itself (e.g. Host == \"*\"). Requests will + be matched against the Host field in the following + way: 1. If Host is precise, the request matches + this rule if the http host header is equal to Host. + 2. If Host is a wildcard, then the request matches + this rule if the http host header is to equal to + the suffix (removing the first label) of the wildcard + rule." + type: string + http: + description: 'HTTPIngressRuleValue is a list of http + selectors pointing to backends. In the example: + http:///? -> backend where + where parts of the url correspond to RFC 3986, this + resource will be used to match against everything + after the last ''/'' and before the first ''?'' + or ''#''.' + properties: + paths: + description: A collection of paths that map requests + to backends. + items: + description: HTTPIngressPath associates a path + with a backend. Incoming urls matching the + path are forwarded to the backend. + properties: + backend: + description: Backend defines the referenced + service endpoint to which the traffic + will be forwarded to. + properties: + resource: + description: Resource is an ObjectRef + to another Kubernetes resource in + the namespace of the Ingress object. + If resource is specified, a service.Name + and service.Port must not be specified. + This is a mutually exclusive setting + with "Service". + properties: + apiGroup: + description: APIGroup is the group + for the resource being referenced. + If APIGroup is not specified, + the specified Kind must be in + the core API group. For any other + third-party types, APIGroup is + required. + type: string + kind: + description: Kind is the type of + resource being referenced + type: string + name: + description: Name is the name of + resource being referenced + type: string + required: + - kind + - name + type: object + x-kubernetes-map-type: atomic + service: + description: Service references a Service + as a Backend. This is a mutually exclusive + setting with "Resource". + properties: + name: + description: Name is the referenced + service. The service must exist + in the same namespace as the Ingress + object. + type: string + port: + description: Port of the referenced + service. A port name or port number + is required for a IngressServiceBackend. + properties: + name: + description: Name is the name + of the port on the Service. + This is a mutually exclusive + setting with "Number". + type: string + number: + description: Number is the numerical + port number (e.g. 80) on the + Service. This is a mutually + exclusive setting with "Name". + format: int32 + type: integer + type: object + required: + - name + type: object + type: object + path: + description: Path is matched against the + path of an incoming request. Currently + it can contain characters disallowed from + the conventional "path" part of a URL + as defined by RFC 3986. Paths must begin + with a '/' and must be present when using + PathType with value "Exact" or "Prefix". + type: string + pathType: + description: 'PathType determines the interpretation + of the Path matching. PathType can be + one of the following values: * Exact: + Matches the URL path exactly. * Prefix: + Matches based on a URL path prefix split + by ''/''. Matching is done on a path element + by element basis. A path element refers + is the list of labels in the path split + by the ''/'' separator. A request is a + match for path p if every p is an element-wise + prefix of p of the request path. Note + that if the last element of the path is + a substring of the last element in request + path, it is not a match (e.g. /foo/bar + matches /foo/bar/baz, but does not match + /foo/barbaz). * ImplementationSpecific: + Interpretation of the Path matching is + up to the IngressClass. Implementations + can treat this as a separate PathType + or treat it identically to Prefix or Exact + path types. Implementations are required + to support all path types.' + type: string + required: + - backend + - pathType + type: object + type: array + x-kubernetes-list-type: atomic + required: + - paths + type: object + type: object + type: array + x-kubernetes-list-type: atomic + tls: + description: TLS configuration. Currently the Ingress only + supports a single TLS port, 443. If multiple members of + this list specify different hosts, they will be multiplexed + on the same port according to the hostname specified through + the SNI TLS extension, if the ingress controller fulfilling + the ingress supports SNI. + items: + description: IngressTLS describes the transport layer + security associated with an Ingress. + properties: + hosts: + description: Hosts are a list of hosts included in + the TLS certificate. The values in this list must + match the name/s used in the tlsSecret. Defaults + to the wildcard host setting for the loadbalancer + controller fulfilling this Ingress, if left unspecified. + items: + type: string + type: array + x-kubernetes-list-type: atomic + secretName: + description: SecretName is the name of the secret + used to terminate TLS traffic on port 443. Field + is left optional to allow TLS routing based on SNI + hostname alone. If the SNI host in a listener conflicts + with the "Host" header field used by an IngressRule, + the SNI host is used for termination and value of + the Host header is used for routing. + type: string + type: object + type: array + x-kubernetes-list-type: atomic + type: object + ingressAnnotations: + additionalProperties: + type: string + description: IngressAnnotations `Ingress` annotations to be + populated in ingress spec. + type: object + jvm.options: + description: JvmOptions overrides `JvmOptions` at top level. + type: string + kind: + default: StatefulSet + description: 'Kind Can be StatefulSet or Deployment. Note: volumeClaimTemplates + are ignored when kind=Deployment' + type: string + lifecycle: + description: Lifecycle + properties: + postStart: + description: 'PostStart is called immediately after a container + is created. If the handler fails, the container is terminated + and restarted according to its restart policy. Other management + of the container blocks until the hook completes. More + info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' + properties: + exec: + description: Exec specifies the action to take. + properties: + command: + description: Command is the command line to execute + inside the container, the working directory for + the command is root ('/') in the container's + filesystem. The command is simply exec'd, it is + not run inside a shell, so traditional shell instructions + ('|', etc) won't work. To use a shell, you need + to explicitly call out to that shell. Exit status + of 0 is treated as live/healthy and non-zero is + unhealthy. + items: + type: string + type: array + type: object + httpGet: + description: HTTPGet specifies the http request to perform. + properties: + host: + description: Host name to connect to, defaults to + the pod IP. You probably want to set "Host" in + httpHeaders instead. + type: string + httpHeaders: + description: Custom headers to set in the request. + HTTP allows repeated headers. + items: + description: HTTPHeader describes a custom header + to be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: integer + - type: string + description: Name or number of the port to access + on the container. Number must be in the range + 1 to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: Scheme to use for connecting to the + host. Defaults to HTTP. + type: string + required: + - port + type: object + tcpSocket: + description: Deprecated. TCPSocket is NOT supported + as a LifecycleHandler and kept for the backward compatibility. + There are no validation of this field and lifecycle + hooks will fail in runtime when tcp handler is specified. + properties: + host: + description: 'Optional: Host name to connect to, + defaults to the pod IP.' + type: string + port: + anyOf: + - type: integer + - type: string + description: Number or name of the port to access + on the container. Number must be in the range + 1 to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + type: object + preStop: + description: 'PreStop is called immediately before a container + is terminated due to an API request or management event + such as liveness/startup probe failure, preemption, resource + contention, etc. The handler is not called if the container + crashes or exits. The Pod''s termination grace period + countdown begins before the PreStop hook is executed. + Regardless of the outcome of the handler, the container + will eventually terminate within the Pod''s termination + grace period (unless delayed by finalizers). Other management + of the container blocks until the hook completes or until + the termination grace period is reached. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' + properties: + exec: + description: Exec specifies the action to take. + properties: + command: + description: Command is the command line to execute + inside the container, the working directory for + the command is root ('/') in the container's + filesystem. The command is simply exec'd, it is + not run inside a shell, so traditional shell instructions + ('|', etc) won't work. To use a shell, you need + to explicitly call out to that shell. Exit status + of 0 is treated as live/healthy and non-zero is + unhealthy. + items: + type: string + type: array + type: object + httpGet: + description: HTTPGet specifies the http request to perform. + properties: + host: + description: Host name to connect to, defaults to + the pod IP. You probably want to set "Host" in + httpHeaders instead. + type: string + httpHeaders: + description: Custom headers to set in the request. + HTTP allows repeated headers. + items: + description: HTTPHeader describes a custom header + to be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: integer + - type: string + description: Name or number of the port to access + on the container. Number must be in the range + 1 to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: Scheme to use for connecting to the + host. Defaults to HTTP. + type: string + required: + - port + type: object + tcpSocket: + description: Deprecated. TCPSocket is NOT supported + as a LifecycleHandler and kept for the backward compatibility. + There are no validation of this field and lifecycle + hooks will fail in runtime when tcp handler is specified. + properties: + host: + description: 'Optional: Host name to connect to, + defaults to the pod IP.' + type: string + port: + anyOf: + - type: integer + - type: string + description: Number or name of the port to access + on the container. Number must be in the range + 1 to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + type: object + type: object + livenessProbe: + description: LivenessProbe Port is set to `druid.port` if not + specified with httpGet handler. + properties: + exec: + description: Exec specifies the action to take. + properties: + command: + description: Command is the command line to execute + inside the container, the working directory for the + command is root ('/') in the container's filesystem. + The command is simply exec'd, it is not run inside + a shell, so traditional shell instructions ('|', etc) + won't work. To use a shell, you need to explicitly + call out to that shell. Exit status of 0 is treated + as live/healthy and non-zero is unhealthy. + items: + type: string + type: array + type: object + failureThreshold: + description: Minimum consecutive failures for the probe + to be considered failed after having succeeded. Defaults + to 3. Minimum value is 1. + format: int32 + type: integer + grpc: + description: GRPC specifies an action involving a GRPC port. + This is a beta field and requires enabling GRPCContainerProbe + feature gate. + properties: + port: + description: Port number of the gRPC service. Number + must be in the range 1 to 65535. + format: int32 + type: integer + service: + description: "Service is the name of the service to + place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + \n If this is not specified, the default behavior + is defined by gRPC." + type: string + required: + - port + type: object + httpGet: + description: HTTPGet specifies the http request to perform. + properties: + host: + description: Host name to connect to, defaults to the + pod IP. You probably want to set "Host" in httpHeaders + instead. + type: string + httpHeaders: + description: Custom headers to set in the request. HTTP + allows repeated headers. + items: + description: HTTPHeader describes a custom header + to be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: integer + - type: string + description: Name or number of the port to access on + the container. Number must be in the range 1 to 65535. + Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: Scheme to use for connecting to the host. + Defaults to HTTP. + type: string + required: + - port + type: object + initialDelaySeconds: + description: 'Number of seconds after the container has + started before liveness probes are initiated. More info: + https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + periodSeconds: + description: How often (in seconds) to perform the probe. + Default to 10 seconds. Minimum value is 1. + format: int32 + type: integer + successThreshold: + description: Minimum consecutive successes for the probe + to be considered successful after having failed. Defaults + to 1. Must be 1 for liveness and startup. Minimum value + is 1. + format: int32 + type: integer + tcpSocket: + description: TCPSocket specifies an action involving a TCP + port. + properties: + host: + description: 'Optional: Host name to connect to, defaults + to the pod IP.' + type: string + port: + anyOf: + - type: integer + - type: string + description: Number or name of the port to access on + the container. Number must be in the range 1 to 65535. + Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + terminationGracePeriodSeconds: + description: Optional duration in seconds the pod needs + to terminate gracefully upon probe failure. The grace + period is the duration in seconds after the processes + running in the pod are sent a termination signal and the + time when the processes are forcibly halted with a kill + signal. Set this value longer than the expected cleanup + time for your process. If this value is nil, the pod's + terminationGracePeriodSeconds will be used. Otherwise, + this value overrides the value provided by the pod spec. + Value must be non-negative integer. The value zero indicates + stop immediately via the kill signal (no opportunity to + shut down). This is a beta field and requires enabling + ProbeTerminationGracePeriod feature gate. Minimum value + is 1. spec.terminationGracePeriodSeconds is used if unset. + format: int64 + type: integer + timeoutSeconds: + description: 'Number of seconds after which the probe times + out. Defaults to 1 second. Minimum value is 1. More info: + https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + type: object + log4j.config: + description: Log4jConfig Overrides `Log4jConfig` at top level. + type: string + maxSurge: + description: MaxSurge For Deployment object only. Set to 25% + by default. + format: int32 + type: integer + maxUnavailable: + description: MaxUnavailable For deployment object only. Set + to 25% by default + format: int32 + type: integer + nodeConfigMountPath: + description: NodeConfigMountPath in-container directory to mount + with runtime.properties, jvm.config, log4j2.xml files. + type: string + nodeSelector: + additionalProperties: + type: string + description: NodeSelector Kubernetes native `nodeSelector` specification. + type: object + nodeType: + description: NodeDruid `Druid` node type. + enum: + - historical + - overlord + - middleManager + - indexer + - broker + - coordinator + - router + type: string + persistentVolumeClaim: + description: VolumeClaimTemplates Kubernetes Native `VolumeClaimTemplate` + specification. + items: + description: PersistentVolumeClaim is a user's request for + and claim to a persistent volume + properties: + apiVersion: + description: 'APIVersion defines the versioned schema + of this representation of an object. Servers should + convert recognized schemas to the latest internal value, + and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the + REST resource this object represents. Servers may infer + this from the endpoint the client submits requests to. + Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + description: 'Standard object''s metadata. More info: + https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata' + properties: + annotations: + additionalProperties: + type: string + type: object + finalizers: + items: + type: string + type: array + labels: + additionalProperties: + type: string + type: object + name: + type: string + namespace: + type: string + type: object + spec: + description: 'spec defines the desired characteristics + of a volume requested by a pod author. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' + properties: + accessModes: + description: 'accessModes contains the desired access + modes the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1' + items: + type: string + type: array + dataSource: + description: 'dataSource field can be used to specify + either: * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) + * An existing PVC (PersistentVolumeClaim) If the + provisioner or an external controller can support + the specified data source, it will create a new + volume based on the contents of the specified data + source. When the AnyVolumeDataSource feature gate + is enabled, dataSource contents will be copied to + dataSourceRef, and dataSourceRef contents will be + copied to dataSource when dataSourceRef.namespace + is not specified. If the namespace is specified, + then dataSourceRef will not be copied to dataSource.' + properties: + apiGroup: + description: APIGroup is the group for the resource + being referenced. If APIGroup is not specified, + the specified Kind must be in the core API group. + For any other third-party types, APIGroup is + required. + type: string + kind: + description: Kind is the type of resource being + referenced + type: string + name: + description: Name is the name of resource being + referenced + type: string + required: + - kind + - name + type: object + x-kubernetes-map-type: atomic + dataSourceRef: + description: 'dataSourceRef specifies the object from + which to populate the volume with data, if a non-empty + volume is desired. This may be any object from a + non-empty API group (non core object) or a PersistentVolumeClaim + object. When this field is specified, volume binding + will only succeed if the type of the specified object + matches some installed volume populator or dynamic + provisioner. This field will replace the functionality + of the dataSource field and as such if both fields + are non-empty, they must have the same value. For + backwards compatibility, when namespace isn''t specified + in dataSourceRef, both fields (dataSource and dataSourceRef) + will be set to the same value automatically if one + of them is empty and the other is non-empty. When + namespace is specified in dataSourceRef, dataSource + isn''t set to the same value and must be empty. + There are three important differences between dataSource + and dataSourceRef: * While dataSource only allows + two specific types of objects, dataSourceRef allows + any non-core object, as well as PersistentVolumeClaim + objects. * While dataSource ignores disallowed values + (dropping them), dataSourceRef preserves all values, + and generates an error if a disallowed value is + specified. * While dataSource only allows local + objects, dataSourceRef allows objects in any namespaces. + (Beta) Using this field requires the AnyVolumeDataSource + feature gate to be enabled. (Alpha) Using the namespace + field of dataSourceRef requires the CrossNamespaceVolumeDataSource + feature gate to be enabled.' + properties: + apiGroup: + description: APIGroup is the group for the resource + being referenced. If APIGroup is not specified, + the specified Kind must be in the core API group. + For any other third-party types, APIGroup is + required. + type: string + kind: + description: Kind is the type of resource being + referenced + type: string + name: + description: Name is the name of resource being + referenced + type: string + namespace: + description: Namespace is the namespace of resource + being referenced Note that when a namespace + is specified, a gateway.networking.k8s.io/ReferenceGrant + object is required in the referent namespace + to allow that namespace's owner to accept the + reference. See the ReferenceGrant documentation + for details. (Alpha) This field requires the + CrossNamespaceVolumeDataSource feature gate + to be enabled. + type: string + required: + - kind + - name + type: object + resources: + description: 'resources represents the minimum resources + the volume should have. If RecoverVolumeExpansionFailure + feature is enabled users are allowed to specify + resource requirements that are lower than previous + value but must still be higher than capacity recorded + in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources' + properties: + claims: + description: "Claims lists the names of resources, + defined in spec.resourceClaims, that are used + by this container. \n This is an alpha field + and requires enabling the DynamicResourceAllocation + feature gate. \n This field is immutable. It + can only be set for containers." + items: + description: ResourceClaim references one entry + in PodSpec.ResourceClaims. + properties: + name: + description: Name must match the name of + one entry in pod.spec.resourceClaims of + the Pod where this field is used. It makes + that resource available inside a container. + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum amount + of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum amount + of compute resources required. If Requests is + omitted for a container, it defaults to Limits + if that is explicitly specified, otherwise to + an implementation-defined value. More info: + https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + type: object + selector: + description: selector is a label query over volumes + to consider for binding. + properties: + matchExpressions: + description: matchExpressions is a list of label + selector requirements. The requirements are + ANDed. + items: + description: A label selector requirement is + a selector that contains values, a key, and + an operator that relates the key and values. + properties: + key: + description: key is the label key that the + selector applies to. + type: string + operator: + description: operator represents a key's + relationship to a set of values. Valid + operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. If + the operator is Exists or DoesNotExist, + the values array must be empty. This array + is replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is "In", + and the values array contains only "value". + The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + storageClassName: + description: 'storageClassName is the name of the + StorageClass required by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1' + type: string + volumeMode: + description: volumeMode defines what type of volume + is required by the claim. Value of Filesystem is + implied when not included in claim spec. + type: string + volumeName: + description: volumeName is the binding reference to + the PersistentVolume backing this claim. + type: string + type: object + status: + description: 'status represents the current information/status + of a persistent volume claim. Read-only. More info: + https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' + properties: + accessModes: + description: 'accessModes contains the actual access + modes the volume backing the PVC has. More info: + https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1' + items: + type: string + type: array + allocatedResources: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: allocatedResources is the storage resource + within AllocatedResources tracks the capacity allocated + to a PVC. It may be larger than the actual capacity + when a volume expansion operation is requested. + For storage quota, the larger value from allocatedResources + and PVC.spec.resources is used. If allocatedResources + is not set, PVC.spec.resources alone is used for + quota calculation. If a volume expansion capacity + request is lowered, allocatedResources is only lowered + if there are no expansion operations in progress + and if the actual volume capacity is equal or lower + than the requested capacity. This is an alpha field + and requires enabling RecoverVolumeExpansionFailure + feature. + type: object + capacity: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: capacity represents the actual resources + of the underlying volume. + type: object + conditions: + description: conditions is the current Condition of + persistent volume claim. If underlying persistent + volume is being resized then the Condition will + be set to 'ResizeStarted'. + items: + description: PersistentVolumeClaimCondition contails + details about state of pvc + properties: + lastProbeTime: + description: lastProbeTime is the time we probed + the condition. + format: date-time + type: string + lastTransitionTime: + description: lastTransitionTime is the time + the condition transitioned from one status + to another. + format: date-time + type: string + message: + description: message is the human-readable message + indicating details about last transition. + type: string + reason: + description: reason is a unique, this should + be a short, machine understandable string + that gives the reason for condition's last + transition. If it reports "ResizeStarted" + that means the underlying persistent volume + is being resized. + type: string + status: + type: string + type: + description: PersistentVolumeClaimConditionType + is a valid value of PersistentVolumeClaimCondition.Type + type: string + required: + - status + - type + type: object + type: array + phase: + description: phase represents the current phase of + PersistentVolumeClaim. + type: string + resizeStatus: + description: resizeStatus stores status of resize + operation. ResizeStatus is not set by default but + when expansion is complete resizeStatus is set to + empty string by resize controller or kubelet. This + is an alpha field and requires enabling RecoverVolumeExpansionFailure + feature. + type: string + type: object + type: object + type: array + podAnnotations: + additionalProperties: + type: string + description: PodAnnotations Custom annotation to be populated + in the workload's pods. + type: object + podDisruptionBudgetSpec: + description: PodDisruptionBudgetSpec Kubernetes native `podDisruptionBudget` + specification. + properties: + maxUnavailable: + anyOf: + - type: integer + - type: string + description: An eviction is allowed if at most "maxUnavailable" + pods selected by "selector" are unavailable after the + eviction, i.e. even in absence of the evicted pod. For + example, one can prevent all voluntary evictions by specifying + 0. This is a mutually exclusive setting with "minAvailable". + x-kubernetes-int-or-string: true + minAvailable: + anyOf: + - type: integer + - type: string + description: An eviction is allowed if at least "minAvailable" + pods selected by "selector" will still be available after + the eviction, i.e. even in the absence of the evicted + pod. So for example you can prevent all voluntary evictions + by specifying "100%". + x-kubernetes-int-or-string: true + selector: + description: Label query over pods whose evictions are managed + by the disruption budget. A null selector will match no + pods, while an empty ({}) selector will select all pods + within the namespace. + properties: + matchExpressions: + description: matchExpressions is a list of label selector + requirements. The requirements are ANDed. + items: + description: A label selector requirement is a selector + that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector + applies to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are In, + NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. + If the operator is In or NotIn, the values array + must be non-empty. If the operator is Exists + or DoesNotExist, the values array must be empty. + This array is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} pairs. + A single {key,value} in the matchLabels map is equivalent + to an element of matchExpressions, whose key field + is "key", the operator is "In", and the values array + contains only "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + unhealthyPodEvictionPolicy: + description: "UnhealthyPodEvictionPolicy defines the criteria + for when unhealthy pods should be considered for eviction. + Current implementation considers healthy pods, as pods + that have status.conditions item with type=\"Ready\",status=\"True\". + \n Valid policies are IfHealthyBudget and AlwaysAllow. + If no policy is specified, the default behavior will be + used, which corresponds to the IfHealthyBudget policy. + \n IfHealthyBudget policy means that running pods (status.phase=\"Running\"), + but not yet healthy can be evicted only if the guarded + application is not disrupted (status.currentHealthy is + at least equal to status.desiredHealthy). Healthy pods + will be subject to the PDB for eviction. \n AlwaysAllow + policy means that all running pods (status.phase=\"Running\"), + but not yet healthy are considered disrupted and can be + evicted regardless of whether the criteria in a PDB is + met. This means perspective running pods of a disrupted + application might not get a chance to become healthy. + Healthy pods will be subject to the PDB for eviction. + \n Additional policies may be added in the future. Clients + making eviction decisions should disallow eviction of + unhealthy pods if they encounter an unrecognized policy + in this field. \n This field is alpha-level. The eviction + API uses this field when the feature gate PDBUnhealthyPodEvictionPolicy + is enabled (disabled by default)." + type: string + type: object + podLabels: + additionalProperties: + type: string + description: PodLabels Custom labels to be populated in the + workload's pods. + type: object + podManagementPolicy: + default: Parallel + description: PodManagementPolicy + type: string + ports: + description: Ports Extra ports to be added to pod spec. + items: + description: ContainerPort represents a network port in a + single container. + properties: + containerPort: + description: Number of port to expose on the pod's IP + address. This must be a valid port number, 0 < x < 65536. + format: int32 + type: integer + hostIP: + description: What host IP to bind the external port to. + type: string + hostPort: + description: Number of port to expose on the host. If + specified, this must be a valid port number, 0 < x < + 65536. If HostNetwork is specified, this must match + ContainerPort. Most containers do not need this. + format: int32 + type: integer + name: + description: If specified, this must be an IANA_SVC_NAME + and unique within the pod. Each named port in a pod + must have a unique name. Name for the port that can + be referred to by services. + type: string + protocol: + default: TCP + description: Protocol for port. Must be UDP, TCP, or SCTP. + Defaults to "TCP". + type: string + required: + - containerPort + type: object + type: array + priorityClassName: + description: PriorityClassName Kubernetes native `priorityClassName` + specification. + type: string + readinessProbe: + description: ReadinessProbe Port is set to `druid.port` if not + specified with httpGet handler. + properties: + exec: + description: Exec specifies the action to take. + properties: + command: + description: Command is the command line to execute + inside the container, the working directory for the + command is root ('/') in the container's filesystem. + The command is simply exec'd, it is not run inside + a shell, so traditional shell instructions ('|', etc) + won't work. To use a shell, you need to explicitly + call out to that shell. Exit status of 0 is treated + as live/healthy and non-zero is unhealthy. + items: + type: string + type: array + type: object + failureThreshold: + description: Minimum consecutive failures for the probe + to be considered failed after having succeeded. Defaults + to 3. Minimum value is 1. + format: int32 + type: integer + grpc: + description: GRPC specifies an action involving a GRPC port. + This is a beta field and requires enabling GRPCContainerProbe + feature gate. + properties: + port: + description: Port number of the gRPC service. Number + must be in the range 1 to 65535. + format: int32 + type: integer + service: + description: "Service is the name of the service to + place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + \n If this is not specified, the default behavior + is defined by gRPC." + type: string + required: + - port + type: object + httpGet: + description: HTTPGet specifies the http request to perform. + properties: + host: + description: Host name to connect to, defaults to the + pod IP. You probably want to set "Host" in httpHeaders + instead. + type: string + httpHeaders: + description: Custom headers to set in the request. HTTP + allows repeated headers. + items: + description: HTTPHeader describes a custom header + to be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: integer + - type: string + description: Name or number of the port to access on + the container. Number must be in the range 1 to 65535. + Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: Scheme to use for connecting to the host. + Defaults to HTTP. + type: string + required: + - port + type: object + initialDelaySeconds: + description: 'Number of seconds after the container has + started before liveness probes are initiated. More info: + https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + periodSeconds: + description: How often (in seconds) to perform the probe. + Default to 10 seconds. Minimum value is 1. + format: int32 + type: integer + successThreshold: + description: Minimum consecutive successes for the probe + to be considered successful after having failed. Defaults + to 1. Must be 1 for liveness and startup. Minimum value + is 1. + format: int32 + type: integer + tcpSocket: + description: TCPSocket specifies an action involving a TCP + port. + properties: + host: + description: 'Optional: Host name to connect to, defaults + to the pod IP.' + type: string + port: + anyOf: + - type: integer + - type: string + description: Number or name of the port to access on + the container. Number must be in the range 1 to 65535. + Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + terminationGracePeriodSeconds: + description: Optional duration in seconds the pod needs + to terminate gracefully upon probe failure. The grace + period is the duration in seconds after the processes + running in the pod are sent a termination signal and the + time when the processes are forcibly halted with a kill + signal. Set this value longer than the expected cleanup + time for your process. If this value is nil, the pod's + terminationGracePeriodSeconds will be used. Otherwise, + this value overrides the value provided by the pod spec. + Value must be non-negative integer. The value zero indicates + stop immediately via the kill signal (no opportunity to + shut down). This is a beta field and requires enabling + ProbeTerminationGracePeriod feature gate. Minimum value + is 1. spec.terminationGracePeriodSeconds is used if unset. + format: int64 + type: integer + timeoutSeconds: + description: 'Number of seconds after which the probe times + out. Defaults to 1 second. Minimum value is 1. More info: + https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + type: object + replicas: + description: Replicas replica of the workload + format: int32 + minimum: 0 + type: integer + resources: + description: Resources Kubernetes Native `resources` specification. + properties: + claims: + description: "Claims lists the names of resources, defined + in spec.resourceClaims, that are used by this container. + \n This is an alpha field and requires enabling the DynamicResourceAllocation + feature gate. \n This field is immutable. It can only + be set for containers." + items: + description: ResourceClaim references one entry in PodSpec.ResourceClaims. + properties: + name: + description: Name must match the name of one entry + in pod.spec.resourceClaims of the Pod where this + field is used. It makes that resource available + inside a container. + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum amount of compute + resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum amount of compute + resources required. If Requests is omitted for a container, + it defaults to Limits if that is explicitly specified, + otherwise to an implementation-defined value. More info: + https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + type: object + runtime.properties: + description: RuntimeProperties Additional runtime configuration + for the specific workload. + type: string + securityContext: + description: PodSecurityContext Overrides `securityContext` + at top level. + properties: + fsGroup: + description: "A special supplemental group that applies + to all containers in a pod. Some volume types allow the + Kubelet to change the ownership of that volume to be owned + by the pod: \n 1. The owning GID will be the FSGroup 2. + The setgid bit is set (new files created in the volume + will be owned by FSGroup) 3. The permission bits are OR'd + with rw-rw---- \n If unset, the Kubelet will not modify + the ownership and permissions of any volume. Note that + this field cannot be set when spec.os.name is windows." + format: int64 + type: integer + fsGroupChangePolicy: + description: 'fsGroupChangePolicy defines behavior of changing + ownership and permission of the volume before being exposed + inside Pod. This field will only apply to volume types + which support fsGroup based ownership(and permissions). + It will have no effect on ephemeral volume types such + as: secret, configmaps and emptydir. Valid values are + "OnRootMismatch" and "Always". If not specified, "Always" + is used. Note that this field cannot be set when spec.os.name + is windows.' + type: string + runAsGroup: + description: The GID to run the entrypoint of the container + process. Uses runtime default if unset. May also be set + in SecurityContext. If set in both SecurityContext and + PodSecurityContext, the value specified in SecurityContext + takes precedence for that container. Note that this field + cannot be set when spec.os.name is windows. + format: int64 + type: integer + runAsNonRoot: + description: Indicates that the container must run as a + non-root user. If true, the Kubelet will validate the + image at runtime to ensure that it does not run as UID + 0 (root) and fail to start the container if it does. If + unset or false, no such validation will be performed. + May also be set in SecurityContext. If set in both SecurityContext + and PodSecurityContext, the value specified in SecurityContext + takes precedence. + type: boolean + runAsUser: + description: The UID to run the entrypoint of the container + process. Defaults to user specified in image metadata + if unspecified. May also be set in SecurityContext. If + set in both SecurityContext and PodSecurityContext, the + value specified in SecurityContext takes precedence for + that container. Note that this field cannot be set when + spec.os.name is windows. + format: int64 + type: integer + seLinuxOptions: + description: The SELinux context to be applied to all containers. + If unspecified, the container runtime will allocate a + random SELinux context for each container. May also be + set in SecurityContext. If set in both SecurityContext + and PodSecurityContext, the value specified in SecurityContext + takes precedence for that container. Note that this field + cannot be set when spec.os.name is windows. + properties: + level: + description: Level is SELinux level label that applies + to the container. + type: string + role: + description: Role is a SELinux role label that applies + to the container. + type: string + type: + description: Type is a SELinux type label that applies + to the container. + type: string + user: + description: User is a SELinux user label that applies + to the container. + type: string + type: object + seccompProfile: + description: The seccomp options to use by the containers + in this pod. Note that this field cannot be set when spec.os.name + is windows. + properties: + localhostProfile: + description: localhostProfile indicates a profile defined + in a file on the node should be used. The profile + must be preconfigured on the node to work. Must be + a descending path, relative to the kubelet's configured + seccomp profile location. Must only be set if type + is "Localhost". + type: string + type: + description: "type indicates which kind of seccomp profile + will be applied. Valid options are: \n Localhost - + a profile defined in a file on the node should be + used. RuntimeDefault - the container runtime default + profile should be used. Unconfined - no profile should + be applied." + type: string + required: + - type + type: object + supplementalGroups: + description: A list of groups applied to the first process + run in each container, in addition to the container's + primary GID, the fsGroup (if specified), and group memberships + defined in the container image for the uid of the container + process. If unspecified, no additional groups are added + to any container. Note that group memberships defined + in the container image for the uid of the container process + are still effective, even if they are not included in + this list. Note that this field cannot be set when spec.os.name + is windows. + items: + format: int64 + type: integer + type: array + sysctls: + description: Sysctls hold a list of namespaced sysctls used + for the pod. Pods with unsupported sysctls (by the container + runtime) might fail to launch. Note that this field cannot + be set when spec.os.name is windows. + items: + description: Sysctl defines a kernel parameter to be set + properties: + name: + description: Name of a property to set + type: string + value: + description: Value of a property to set + type: string + required: + - name + - value + type: object + type: array + windowsOptions: + description: The Windows specific settings applied to all + containers. If unspecified, the options within a container's + SecurityContext will be used. If set in both SecurityContext + and PodSecurityContext, the value specified in SecurityContext + takes precedence. Note that this field cannot be set when + spec.os.name is linux. + properties: + gmsaCredentialSpec: + description: GMSACredentialSpec is where the GMSA admission + webhook (https://github.com/kubernetes-sigs/windows-gmsa) + inlines the contents of the GMSA credential spec named + by the GMSACredentialSpecName field. + type: string + gmsaCredentialSpecName: + description: GMSACredentialSpecName is the name of the + GMSA credential spec to use. + type: string + hostProcess: + description: HostProcess determines if a container should + be run as a 'Host Process' container. This field is + alpha-level and will only be honored by components + that enable the WindowsHostProcessContainers feature + flag. Setting this field without the feature flag + will result in errors when validating the Pod. All + of a Pod's containers must have the same effective + HostProcess value (it is not allowed to have a mix + of HostProcess containers and non-HostProcess containers). In + addition, if HostProcess is true then HostNetwork + must also be set to true. + type: boolean + runAsUserName: + description: The UserName in Windows to run the entrypoint + of the container process. Defaults to the user specified + in image metadata if unspecified. May also be set + in PodSecurityContext. If set in both SecurityContext + and PodSecurityContext, the value specified in SecurityContext + takes precedence. + type: string + type: object + type: object + services: + description: Services Overrides services at top level. + items: + description: Service is a named abstraction of software service + (for example, mysql) consisting of local port (for example + 3306) that the proxy listens on, and the selector that determines + which pods will answer requests sent through the proxy. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema + of this representation of an object. Servers should + convert recognized schemas to the latest internal value, + and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the + REST resource this object represents. Servers may infer + this from the endpoint the client submits requests to. + Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + description: 'Standard object''s metadata. More info: + https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata' + properties: + annotations: + additionalProperties: + type: string + type: object + finalizers: + items: + type: string + type: array + labels: + additionalProperties: + type: string + type: object + name: + type: string + namespace: + type: string + type: object + spec: + description: Spec defines the behavior of a service. https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status + properties: + allocateLoadBalancerNodePorts: + description: allocateLoadBalancerNodePorts defines + if NodePorts will be automatically allocated for + services with type LoadBalancer. Default is "true". + It may be set to "false" if the cluster load-balancer + does not rely on NodePorts. If the caller requests + specific NodePorts (by specifying a value), those + requests will be respected, regardless of this field. + This field may only be set for services with type + LoadBalancer and will be cleared if the type is + changed to any other type. + type: boolean + clusterIP: + description: 'clusterIP is the IP address of the service + and is usually assigned randomly. If an address + is specified manually, is in-range (as per system + configuration), and is not in use, it will be allocated + to the service; otherwise creation of the service + will fail. This field may not be changed through + updates unless the type field is also being changed + to ExternalName (which requires this field to be + blank) or the type field is being changed from ExternalName + (in which case this field may optionally be specified, + as describe above). Valid values are "None", empty + string (""), or a valid IP address. Setting this + to "None" makes a "headless service" (no virtual + IP), which is useful when direct endpoint connections + are preferred and proxying is not required. Only + applies to types ClusterIP, NodePort, and LoadBalancer. + If this field is specified when creating a Service + of type ExternalName, creation will fail. This field + will be wiped when updating a Service to type ExternalName. + More info: https://kubernetes.io/docs/concepts/services-networking/service/#virtual-ips-and-service-proxies' + type: string + clusterIPs: + description: "ClusterIPs is a list of IP addresses + assigned to this service, and are usually assigned + randomly. If an address is specified manually, + is in-range (as per system configuration), and is + not in use, it will be allocated to the service; + otherwise creation of the service will fail. This + field may not be changed through updates unless + the type field is also being changed to ExternalName + (which requires this field to be empty) or the type + field is being changed from ExternalName (in which + case this field may optionally be specified, as + describe above). Valid values are \"None\", empty + string (\"\"), or a valid IP address. Setting this + to \"None\" makes a \"headless service\" (no virtual + IP), which is useful when direct endpoint connections + are preferred and proxying is not required. Only + applies to types ClusterIP, NodePort, and LoadBalancer. + If this field is specified when creating a Service + of type ExternalName, creation will fail. This field + will be wiped when updating a Service to type ExternalName. + \ If this field is not specified, it will be initialized + from the clusterIP field. If this field is specified, + clients must ensure that clusterIPs[0] and clusterIP + have the same value. \n This field may hold a maximum + of two entries (dual-stack IPs, in either order). + These IPs must correspond to the values of the ipFamilies + field. Both clusterIPs and ipFamilies are governed + by the ipFamilyPolicy field. More info: https://kubernetes.io/docs/concepts/services-networking/service/#virtual-ips-and-service-proxies" + items: + type: string + type: array + x-kubernetes-list-type: atomic + externalIPs: + description: externalIPs is a list of IP addresses + for which nodes in the cluster will also accept + traffic for this service. These IPs are not managed + by Kubernetes. The user is responsible for ensuring + that traffic arrives at a node with this IP. A + common example is external load-balancers that are + not part of the Kubernetes system. + items: + type: string + type: array + externalName: + description: externalName is the external reference + that discovery mechanisms will return as an alias + for this service (e.g. a DNS CNAME record). No proxying + will be involved. Must be a lowercase RFC-1123 + hostname (https://tools.ietf.org/html/rfc1123) and + requires `type` to be "ExternalName". + type: string + externalTrafficPolicy: + description: externalTrafficPolicy describes how nodes + distribute service traffic they receive on one of + the Service's "externally-facing" addresses (NodePorts, + ExternalIPs, and LoadBalancer IPs). If set to "Local", + the proxy will configure the service in a way that + assumes that external load balancers will take care + of balancing the service traffic between nodes, + and so each node will deliver traffic only to the + node-local endpoints of the service, without masquerading + the client source IP. (Traffic mistakenly sent to + a node with no endpoints will be dropped.) The default + value, "Cluster", uses the standard behavior of + routing to all endpoints evenly (possibly modified + by topology and other features). Note that traffic + sent to an External IP or LoadBalancer IP from within + the cluster will always get "Cluster" semantics, + but clients sending to a NodePort from within the + cluster may need to take traffic policy into account + when picking a node. + type: string + healthCheckNodePort: + description: healthCheckNodePort specifies the healthcheck + nodePort for the service. This only applies when + type is set to LoadBalancer and externalTrafficPolicy + is set to Local. If a value is specified, is in-range, + and is not in use, it will be used. If not specified, + a value will be automatically allocated. External + systems (e.g. load-balancers) can use this port + to determine if a given node holds endpoints for + this service or not. If this field is specified + when creating a Service which does not need it, + creation will fail. This field will be wiped when + updating a Service to no longer need it (e.g. changing + type). This field cannot be updated once set. + format: int32 + type: integer + internalTrafficPolicy: + description: InternalTrafficPolicy describes how nodes + distribute service traffic they receive on the ClusterIP. + If set to "Local", the proxy will assume that pods + only want to talk to endpoints of the service on + the same node as the pod, dropping the traffic if + there are no local endpoints. The default value, + "Cluster", uses the standard behavior of routing + to all endpoints evenly (possibly modified by topology + and other features). + type: string + ipFamilies: + description: "IPFamilies is a list of IP families + (e.g. IPv4, IPv6) assigned to this service. This + field is usually assigned automatically based on + cluster configuration and the ipFamilyPolicy field. + If this field is specified manually, the requested + family is available in the cluster, and ipFamilyPolicy + allows it, it will be used; otherwise creation of + the service will fail. This field is conditionally + mutable: it allows for adding or removing a secondary + IP family, but it does not allow changing the primary + IP family of the Service. Valid values are \"IPv4\" + and \"IPv6\". This field only applies to Services + of types ClusterIP, NodePort, and LoadBalancer, + and does apply to \"headless\" services. This field + will be wiped when updating a Service to type ExternalName. + \n This field may hold a maximum of two entries + (dual-stack families, in either order). These families + must correspond to the values of the clusterIPs + field, if specified. Both clusterIPs and ipFamilies + are governed by the ipFamilyPolicy field." + items: + description: IPFamily represents the IP Family (IPv4 + or IPv6). This type is used to express the family + of an IP expressed by a type (e.g. service.spec.ipFamilies). + type: string + type: array + x-kubernetes-list-type: atomic + ipFamilyPolicy: + description: IPFamilyPolicy represents the dual-stack-ness + requested or required by this Service. If there + is no value provided, then this field will be set + to SingleStack. Services can be "SingleStack" (a + single IP family), "PreferDualStack" (two IP families + on dual-stack configured clusters or a single IP + family on single-stack clusters), or "RequireDualStack" + (two IP families on dual-stack configured clusters, + otherwise fail). The ipFamilies and clusterIPs fields + depend on the value of this field. This field will + be wiped when updating a service to type ExternalName. + type: string + loadBalancerClass: + description: loadBalancerClass is the class of the + load balancer implementation this Service belongs + to. If specified, the value of this field must be + a label-style identifier, with an optional prefix, + e.g. "internal-vip" or "example.com/internal-vip". + Unprefixed names are reserved for end-users. This + field can only be set when the Service type is 'LoadBalancer'. + If not set, the default load balancer implementation + is used, today this is typically done through the + cloud provider integration, but should apply for + any default implementation. If set, it is assumed + that a load balancer implementation is watching + for Services with a matching class. Any default + load balancer implementation (e.g. cloud providers) + should ignore Services that set this field. This + field can only be set when creating or updating + a Service to type 'LoadBalancer'. Once set, it can + not be changed. This field will be wiped when a + service is updated to a non 'LoadBalancer' type. + type: string + loadBalancerIP: + description: 'Only applies to Service Type: LoadBalancer. + This feature depends on whether the underlying cloud-provider + supports specifying the loadBalancerIP when a load + balancer is created. This field will be ignored + if the cloud-provider does not support the feature. + Deprecated: This field was under-specified and its + meaning varies across implementations, and it cannot + support dual-stack. As of Kubernetes v1.24, users + are encouraged to use implementation-specific annotations + when available. This field may be removed in a future + API version.' + type: string + loadBalancerSourceRanges: + description: 'If specified and supported by the platform, + this will restrict traffic through the cloud-provider + load-balancer will be restricted to the specified + client IPs. This field will be ignored if the cloud-provider + does not support the feature." More info: https://kubernetes.io/docs/tasks/access-application-cluster/create-external-load-balancer/' + items: + type: string + type: array + ports: + description: 'The list of ports that are exposed by + this service. More info: https://kubernetes.io/docs/concepts/services-networking/service/#virtual-ips-and-service-proxies' + items: + description: ServicePort contains information on + service's port. + properties: + appProtocol: + description: The application protocol for this + port. This field follows standard Kubernetes + label syntax. Un-prefixed names are reserved + for IANA standard service names (as per RFC-6335 + and https://www.iana.org/assignments/service-names). + Non-standard protocols should use prefixed + names such as mycompany.com/my-custom-protocol. + type: string + name: + description: The name of this port within the + service. This must be a DNS_LABEL. All ports + within a ServiceSpec must have unique names. + When considering the endpoints for a Service, + this must match the 'name' field in the EndpointPort. + Optional if only one ServicePort is defined + on this service. + type: string + nodePort: + description: 'The port on each node on which + this service is exposed when type is NodePort + or LoadBalancer. Usually assigned by the + system. If a value is specified, in-range, + and not in use it will be used, otherwise + the operation will fail. If not specified, + a port will be allocated if this Service requires + one. If this field is specified when creating + a Service which does not need it, creation + will fail. This field will be wiped when updating + a Service to no longer need it (e.g. changing + type from NodePort to ClusterIP). More info: + https://kubernetes.io/docs/concepts/services-networking/service/#type-nodeport' + format: int32 + type: integer + port: + description: The port that will be exposed by + this service. + format: int32 + type: integer + protocol: + default: TCP + description: The IP protocol for this port. + Supports "TCP", "UDP", and "SCTP". Default + is TCP. + type: string + targetPort: + anyOf: + - type: integer + - type: string + description: 'Number or name of the port to + access on the pods targeted by the service. + Number must be in the range 1 to 65535. Name + must be an IANA_SVC_NAME. If this is a string, + it will be looked up as a named port in the + target Pod''s container ports. If this is + not specified, the value of the ''port'' field + is used (an identity map). This field is ignored + for services with clusterIP=None, and should + be omitted or set equal to the ''port'' field. + More info: https://kubernetes.io/docs/concepts/services-networking/service/#defining-a-service' + x-kubernetes-int-or-string: true + required: + - port + type: object + type: array + x-kubernetes-list-map-keys: + - port + - protocol + x-kubernetes-list-type: map + publishNotReadyAddresses: + description: publishNotReadyAddresses indicates that + any agent which deals with endpoints for this Service + should disregard any indications of ready/not-ready. + The primary use case for setting this field is for + a StatefulSet's Headless Service to propagate SRV + DNS records for its Pods for the purpose of peer + discovery. The Kubernetes controllers that generate + Endpoints and EndpointSlice resources for Services + interpret this to mean that all endpoints are considered + "ready" even if the Pods themselves are not. Agents + which consume only Kubernetes generated endpoints + through the Endpoints or EndpointSlice resources + can safely assume this behavior. + type: boolean + selector: + additionalProperties: + type: string + description: 'Route service traffic to pods with label + keys and values matching this selector. If empty + or not present, the service is assumed to have an + external process managing its endpoints, which Kubernetes + will not modify. Only applies to types ClusterIP, + NodePort, and LoadBalancer. Ignored if type is ExternalName. + More info: https://kubernetes.io/docs/concepts/services-networking/service/' + type: object + x-kubernetes-map-type: atomic + sessionAffinity: + description: 'Supports "ClientIP" and "None". Used + to maintain session affinity. Enable client IP based + session affinity. Must be ClientIP or None. Defaults + to None. More info: https://kubernetes.io/docs/concepts/services-networking/service/#virtual-ips-and-service-proxies' + type: string + sessionAffinityConfig: + description: sessionAffinityConfig contains the configurations + of session affinity. + properties: + clientIP: + description: clientIP contains the configurations + of Client IP based session affinity. + properties: + timeoutSeconds: + description: timeoutSeconds specifies the + seconds of ClientIP type session sticky + time. The value must be >0 && <=86400(for + 1 day) if ServiceAffinity == "ClientIP". + Default value is 10800(for 3 hours). + format: int32 + type: integer + type: object + type: object + type: + description: 'type determines how the Service is exposed. + Defaults to ClusterIP. Valid options are ExternalName, + ClusterIP, NodePort, and LoadBalancer. "ClusterIP" + allocates a cluster-internal IP address for load-balancing + to endpoints. Endpoints are determined by the selector + or if that is not specified, by manual construction + of an Endpoints object or EndpointSlice objects. + If clusterIP is "None", no virtual IP is allocated + and the endpoints are published as a set of endpoints + rather than a virtual IP. "NodePort" builds on ClusterIP + and allocates a port on every node which routes + to the same endpoints as the clusterIP. "LoadBalancer" + builds on NodePort and creates an external load-balancer + (if supported in the current cloud) which routes + to the same endpoints as the clusterIP. "ExternalName" + aliases this service to the specified externalName. + Several other fields do not apply to ExternalName + services. More info: https://kubernetes.io/docs/concepts/services-networking/service/#publishing-services-service-types' + type: string + type: object + status: + description: 'Most recently observed status of the service. + Populated by the system. Read-only. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status' + properties: + conditions: + description: Current service state + items: + description: "Condition contains details for one + aspect of the current state of this API Resource. + --- This struct is intended for direct use as + an array at the field path .status.conditions. + \ For example, \n type FooStatus struct{ // Represents + the observations of a foo's current state. // + Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type + // +patchStrategy=merge // +listType=map // +listMapKey=type + Conditions []metav1.Condition `json:\"conditions,omitempty\" + patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // + other fields }" + properties: + lastTransitionTime: + description: lastTransitionTime is the last + time the condition transitioned from one status + to another. This should be when the underlying + condition changed. If that is not known, + then using the time when the API field changed + is acceptable. + format: date-time + type: string + message: + description: message is a human readable message + indicating details about the transition. This + may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: observedGeneration represents the + .metadata.generation that the condition was + set based upon. For instance, if .metadata.generation + is currently 12, but the .status.conditions[x].observedGeneration + is 9, the condition is out of date with respect + to the current state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: reason contains a programmatic + identifier indicating the reason for the condition's + last transition. Producers of specific condition + types may define expected values and meanings + for this field, and whether the values are + considered a guaranteed API. The value should + be a CamelCase string. This field may not + be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of + True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: type of condition in CamelCase + or in foo.example.com/CamelCase. --- Many + .condition.type values are consistent across + resources like Available, but because arbitrary + conditions can be useful (see .node.status.conditions), + the ability to deconflict is important. The + regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map + loadBalancer: + description: LoadBalancer contains the current status + of the load-balancer, if one is present. + properties: + ingress: + description: Ingress is a list containing ingress + points for the load-balancer. Traffic intended + for the service should be sent to these ingress + points. + items: + description: 'LoadBalancerIngress represents + the status of a load-balancer ingress point: + traffic intended for the service should be + sent to an ingress point.' + properties: + hostname: + description: Hostname is set for load-balancer + ingress points that are DNS based (typically + AWS load-balancers) + type: string + ip: + description: IP is set for load-balancer + ingress points that are IP based (typically + GCE or OpenStack load-balancers) + type: string + ports: + description: Ports is a list of records + of service ports If used, every port defined + in the service should have an entry in + it + items: + properties: + error: + description: 'Error is to record the + problem with the service port The + format of the error shall comply + with the following rules: - built-in + error values shall be specified + in this file and those shall use + CamelCase names - cloud provider + specific error values must have + names that comply with the format + foo.example.com/CamelCase. --- The + regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)' + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + port: + description: Port is the port number + of the service port of which status + is recorded here + format: int32 + type: integer + protocol: + default: TCP + description: 'Protocol is the protocol + of the service port of which status + is recorded here The supported values + are: "TCP", "UDP", "SCTP"' + type: string + required: + - port + - protocol + type: object + type: array + x-kubernetes-list-type: atomic + type: object + type: array + type: object + type: object + type: object + type: array + startUpProbe: + description: StartUpProbe + properties: + exec: + description: Exec specifies the action to take. + properties: + command: + description: Command is the command line to execute + inside the container, the working directory for the + command is root ('/') in the container's filesystem. + The command is simply exec'd, it is not run inside + a shell, so traditional shell instructions ('|', etc) + won't work. To use a shell, you need to explicitly + call out to that shell. Exit status of 0 is treated + as live/healthy and non-zero is unhealthy. + items: + type: string + type: array + type: object + failureThreshold: + description: Minimum consecutive failures for the probe + to be considered failed after having succeeded. Defaults + to 3. Minimum value is 1. + format: int32 + type: integer + grpc: + description: GRPC specifies an action involving a GRPC port. + This is a beta field and requires enabling GRPCContainerProbe + feature gate. + properties: + port: + description: Port number of the gRPC service. Number + must be in the range 1 to 65535. + format: int32 + type: integer + service: + description: "Service is the name of the service to + place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + \n If this is not specified, the default behavior + is defined by gRPC." + type: string + required: + - port + type: object + httpGet: + description: HTTPGet specifies the http request to perform. + properties: + host: + description: Host name to connect to, defaults to the + pod IP. You probably want to set "Host" in httpHeaders + instead. + type: string + httpHeaders: + description: Custom headers to set in the request. HTTP + allows repeated headers. + items: + description: HTTPHeader describes a custom header + to be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: integer + - type: string + description: Name or number of the port to access on + the container. Number must be in the range 1 to 65535. + Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: Scheme to use for connecting to the host. + Defaults to HTTP. + type: string + required: + - port + type: object + initialDelaySeconds: + description: 'Number of seconds after the container has + started before liveness probes are initiated. More info: + https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + periodSeconds: + description: How often (in seconds) to perform the probe. + Default to 10 seconds. Minimum value is 1. + format: int32 + type: integer + successThreshold: + description: Minimum consecutive successes for the probe + to be considered successful after having failed. Defaults + to 1. Must be 1 for liveness and startup. Minimum value + is 1. + format: int32 + type: integer + tcpSocket: + description: TCPSocket specifies an action involving a TCP + port. + properties: + host: + description: 'Optional: Host name to connect to, defaults + to the pod IP.' + type: string + port: + anyOf: + - type: integer + - type: string + description: Number or name of the port to access on + the container. Number must be in the range 1 to 65535. + Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + terminationGracePeriodSeconds: + description: Optional duration in seconds the pod needs + to terminate gracefully upon probe failure. The grace + period is the duration in seconds after the processes + running in the pod are sent a termination signal and the + time when the processes are forcibly halted with a kill + signal. Set this value longer than the expected cleanup + time for your process. If this value is nil, the pod's + terminationGracePeriodSeconds will be used. Otherwise, + this value overrides the value provided by the pod spec. + Value must be non-negative integer. The value zero indicates + stop immediately via the kill signal (no opportunity to + shut down). This is a beta field and requires enabling + ProbeTerminationGracePeriod feature gate. Minimum value + is 1. spec.terminationGracePeriodSeconds is used if unset. + format: int64 + type: integer + timeoutSeconds: + description: 'Number of seconds after which the probe times + out. Defaults to 1 second. Minimum value is 1. More info: + https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + type: object + terminationGracePeriodSeconds: + description: TerminationGracePeriodSeconds + format: int64 + type: integer + tolerations: + description: Tolerations Kubernetes native `tolerations` specification. + items: + description: The pod this Toleration is attached to tolerates + any taint that matches the triple using + the matching operator . + properties: + effect: + description: Effect indicates the taint effect to match. + Empty means match all taint effects. When specified, + allowed values are NoSchedule, PreferNoSchedule and + NoExecute. + type: string + key: + description: Key is the taint key that the toleration + applies to. Empty means match all taint keys. If the + key is empty, operator must be Exists; this combination + means to match all values and all keys. + type: string + operator: + description: Operator represents a key's relationship + to the value. Valid operators are Exists and Equal. + Defaults to Equal. Exists is equivalent to wildcard + for value, so that a pod can tolerate all taints of + a particular category. + type: string + tolerationSeconds: + description: TolerationSeconds represents the period of + time the toleration (which must be of effect NoExecute, + otherwise this field is ignored) tolerates the taint. + By default, it is not set, which means tolerate the + taint forever (do not evict). Zero and negative values + will be treated as 0 (evict immediately) by the system. + format: int64 + type: integer + value: + description: Value is the taint value the toleration matches + to. If the operator is Exists, the value should be empty, + otherwise just a regular string. + type: string + type: object + type: array + topologySpreadConstraints: + description: TopologySpreadConstraints Kubernetes Native `topologySpreadConstraints` + specification. + items: + description: TopologySpreadConstraint specifies how to spread + matching pods among the given topology. + properties: + labelSelector: + description: LabelSelector is used to find matching pods. + Pods that match this label selector are counted to determine + the number of pods in their corresponding topology domain. + properties: + matchExpressions: + description: matchExpressions is a list of label selector + requirements. The requirements are ANDed. + items: + description: A label selector requirement is a selector + that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector + applies to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are In, + NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. + If the operator is In or NotIn, the values + array must be non-empty. If the operator is + Exists or DoesNotExist, the values array must + be empty. This array is replaced during a + strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} pairs. + A single {key,value} in the matchLabels map is equivalent + to an element of matchExpressions, whose key field + is "key", the operator is "In", and the values array + contains only "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + matchLabelKeys: + description: MatchLabelKeys is a set of pod label keys + to select the pods over which spreading will be calculated. + The keys are used to lookup values from the incoming + pod labels, those key-value labels are ANDed with labelSelector + to select the group of existing pods over which spreading + will be calculated for the incoming pod. Keys that don't + exist in the incoming pod labels will be ignored. A + null or empty list means only match against labelSelector. + items: + type: string + type: array + x-kubernetes-list-type: atomic + maxSkew: + description: 'MaxSkew describes the degree to which pods + may be unevenly distributed. When `whenUnsatisfiable=DoNotSchedule`, + it is the maximum permitted difference between the number + of matching pods in the target topology and the global + minimum. The global minimum is the minimum number of + matching pods in an eligible domain or zero if the number + of eligible domains is less than MinDomains. For example, + in a 3-zone cluster, MaxSkew is set to 1, and pods with + the same labelSelector spread as 2/2/1: In this case, + the global minimum is 1. | zone1 | zone2 | zone3 | | P + P | P P | P | - if MaxSkew is 1, incoming pod + can only be scheduled to zone3 to become 2/2/2; scheduling + it onto zone1(zone2) would make the ActualSkew(3-1) + on zone1(zone2) violate MaxSkew(1). - if MaxSkew is + 2, incoming pod can be scheduled onto any zone. When + `whenUnsatisfiable=ScheduleAnyway`, it is used to give + higher precedence to topologies that satisfy it. It''s + a required field. Default value is 1 and 0 is not allowed.' + format: int32 + type: integer + minDomains: + description: "MinDomains indicates a minimum number of + eligible domains. When the number of eligible domains + with matching topology keys is less than minDomains, + Pod Topology Spread treats \"global minimum\" as 0, + and then the calculation of Skew is performed. And when + the number of eligible domains with matching topology + keys equals or greater than minDomains, this value has + no effect on scheduling. As a result, when the number + of eligible domains is less than minDomains, scheduler + won't schedule more than maxSkew Pods to those domains. + If value is nil, the constraint behaves as if MinDomains + is equal to 1. Valid values are integers greater than + 0. When value is not nil, WhenUnsatisfiable must be + DoNotSchedule. \n For example, in a 3-zone cluster, + MaxSkew is set to 2, MinDomains is set to 5 and pods + with the same labelSelector spread as 2/2/2: | zone1 + | zone2 | zone3 | | P P | P P | P P | The number + of domains is less than 5(MinDomains), so \"global minimum\" + is treated as 0. In this situation, new pod with the + same labelSelector cannot be scheduled, because computed + skew will be 3(3 - 0) if new Pod is scheduled to any + of the three zones, it will violate MaxSkew. \n This + is a beta field and requires the MinDomainsInPodTopologySpread + feature gate to be enabled (enabled by default)." + format: int32 + type: integer + nodeAffinityPolicy: + description: "NodeAffinityPolicy indicates how we will + treat Pod's nodeAffinity/nodeSelector when calculating + pod topology spread skew. Options are: - Honor: only + nodes matching nodeAffinity/nodeSelector are included + in the calculations. - Ignore: nodeAffinity/nodeSelector + are ignored. All nodes are included in the calculations. + \n If this value is nil, the behavior is equivalent + to the Honor policy. This is a beta-level feature default + enabled by the NodeInclusionPolicyInPodTopologySpread + feature flag." + type: string + nodeTaintsPolicy: + description: "NodeTaintsPolicy indicates how we will treat + node taints when calculating pod topology spread skew. + Options are: - Honor: nodes without taints, along with + tainted nodes for which the incoming pod has a toleration, + are included. - Ignore: node taints are ignored. All + nodes are included. \n If this value is nil, the behavior + is equivalent to the Ignore policy. This is a beta-level + feature default enabled by the NodeInclusionPolicyInPodTopologySpread + feature flag." + type: string + topologyKey: + description: TopologyKey is the key of node labels. Nodes + that have a label with this key and identical values + are considered to be in the same topology. We consider + each as a "bucket", and try to put balanced + number of pods into each bucket. We define a domain + as a particular instance of a topology. Also, we define + an eligible domain as a domain whose nodes meet the + requirements of nodeAffinityPolicy and nodeTaintsPolicy. + e.g. If TopologyKey is "kubernetes.io/hostname", each + Node is a domain of that topology. And, if TopologyKey + is "topology.kubernetes.io/zone", each zone is a domain + of that topology. It's a required field. + type: string + whenUnsatisfiable: + description: 'WhenUnsatisfiable indicates how to deal + with a pod if it doesn''t satisfy the spread constraint. + - DoNotSchedule (default) tells the scheduler not to + schedule it. - ScheduleAnyway tells the scheduler to + schedule the pod in any location, but giving higher + precedence to topologies that would help reduce the + skew. A constraint is considered "Unsatisfiable" for + an incoming pod if and only if every possible node assignment + for that pod would violate "MaxSkew" on some topology. + For example, in a 3-zone cluster, MaxSkew is set to + 1, and pods with the same labelSelector spread as 3/1/1: + | zone1 | zone2 | zone3 | | P P P | P | P | + If WhenUnsatisfiable is set to DoNotSchedule, incoming + pod can only be scheduled to zone2(zone3) to become + 3/2/1(3/1/2) as ActualSkew(2-1) on zone2(zone3) satisfies + MaxSkew(1). In other words, the cluster can still be + imbalanced, but scheduler won''t make it *more* imbalanced. + It''s a required field.' + type: string + required: + - maxSkew + - topologyKey + - whenUnsatisfiable + type: object + type: array + updateStrategy: + description: UpdateStrategy + properties: + rollingUpdate: + description: RollingUpdate is used to communicate parameters + when Type is RollingUpdateStatefulSetStrategyType. + properties: + maxUnavailable: + anyOf: + - type: integer + - type: string + description: 'The maximum number of pods that can be + unavailable during the update. Value can be an absolute + number (ex: 5) or a percentage of desired pods (ex: + 10%). Absolute number is calculated from percentage + by rounding up. This can not be 0. Defaults to 1. + This field is alpha-level and is only honored by servers + that enable the MaxUnavailableStatefulSet feature. + The field applies to all pods in the range 0 to Replicas-1. + That means if there is any unavailable pod in the + range 0 to Replicas-1, it will be counted towards + MaxUnavailable.' + x-kubernetes-int-or-string: true + partition: + description: Partition indicates the ordinal at which + the StatefulSet should be partitioned for updates. + During a rolling update, all pods from ordinal Replicas-1 + to Partition are updated. All pods from ordinal Partition-1 + to 0 remain untouched. This is helpful in being able + to do a canary based deployment. The default value + is 0. + format: int32 + type: integer + type: object + type: + description: Type indicates the type of the StatefulSetUpdateStrategy. + Default is RollingUpdate. + type: string + type: object + volumeClaimTemplates: + description: VolumeClaimTemplates Kubernetes Native `volumeClaimTemplates` + specification. + items: + description: PersistentVolumeClaim is a user's request for + and claim to a persistent volume + properties: + apiVersion: + description: 'APIVersion defines the versioned schema + of this representation of an object. Servers should + convert recognized schemas to the latest internal value, + and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the + REST resource this object represents. Servers may infer + this from the endpoint the client submits requests to. + Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + description: 'Standard object''s metadata. More info: + https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata' + properties: + annotations: + additionalProperties: + type: string + type: object + finalizers: + items: + type: string + type: array + labels: + additionalProperties: + type: string + type: object + name: + type: string + namespace: + type: string + type: object + spec: + description: 'spec defines the desired characteristics + of a volume requested by a pod author. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' + properties: + accessModes: + description: 'accessModes contains the desired access + modes the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1' + items: + type: string + type: array + dataSource: + description: 'dataSource field can be used to specify + either: * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) + * An existing PVC (PersistentVolumeClaim) If the + provisioner or an external controller can support + the specified data source, it will create a new + volume based on the contents of the specified data + source. When the AnyVolumeDataSource feature gate + is enabled, dataSource contents will be copied to + dataSourceRef, and dataSourceRef contents will be + copied to dataSource when dataSourceRef.namespace + is not specified. If the namespace is specified, + then dataSourceRef will not be copied to dataSource.' + properties: + apiGroup: + description: APIGroup is the group for the resource + being referenced. If APIGroup is not specified, + the specified Kind must be in the core API group. + For any other third-party types, APIGroup is + required. + type: string + kind: + description: Kind is the type of resource being + referenced + type: string + name: + description: Name is the name of resource being + referenced + type: string + required: + - kind + - name + type: object + x-kubernetes-map-type: atomic + dataSourceRef: + description: 'dataSourceRef specifies the object from + which to populate the volume with data, if a non-empty + volume is desired. This may be any object from a + non-empty API group (non core object) or a PersistentVolumeClaim + object. When this field is specified, volume binding + will only succeed if the type of the specified object + matches some installed volume populator or dynamic + provisioner. This field will replace the functionality + of the dataSource field and as such if both fields + are non-empty, they must have the same value. For + backwards compatibility, when namespace isn''t specified + in dataSourceRef, both fields (dataSource and dataSourceRef) + will be set to the same value automatically if one + of them is empty and the other is non-empty. When + namespace is specified in dataSourceRef, dataSource + isn''t set to the same value and must be empty. + There are three important differences between dataSource + and dataSourceRef: * While dataSource only allows + two specific types of objects, dataSourceRef allows + any non-core object, as well as PersistentVolumeClaim + objects. * While dataSource ignores disallowed values + (dropping them), dataSourceRef preserves all values, + and generates an error if a disallowed value is + specified. * While dataSource only allows local + objects, dataSourceRef allows objects in any namespaces. + (Beta) Using this field requires the AnyVolumeDataSource + feature gate to be enabled. (Alpha) Using the namespace + field of dataSourceRef requires the CrossNamespaceVolumeDataSource + feature gate to be enabled.' + properties: + apiGroup: + description: APIGroup is the group for the resource + being referenced. If APIGroup is not specified, + the specified Kind must be in the core API group. + For any other third-party types, APIGroup is + required. + type: string + kind: + description: Kind is the type of resource being + referenced + type: string + name: + description: Name is the name of resource being + referenced + type: string + namespace: + description: Namespace is the namespace of resource + being referenced Note that when a namespace + is specified, a gateway.networking.k8s.io/ReferenceGrant + object is required in the referent namespace + to allow that namespace's owner to accept the + reference. See the ReferenceGrant documentation + for details. (Alpha) This field requires the + CrossNamespaceVolumeDataSource feature gate + to be enabled. + type: string + required: + - kind + - name + type: object + resources: + description: 'resources represents the minimum resources + the volume should have. If RecoverVolumeExpansionFailure + feature is enabled users are allowed to specify + resource requirements that are lower than previous + value but must still be higher than capacity recorded + in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources' + properties: + claims: + description: "Claims lists the names of resources, + defined in spec.resourceClaims, that are used + by this container. \n This is an alpha field + and requires enabling the DynamicResourceAllocation + feature gate. \n This field is immutable. It + can only be set for containers." + items: + description: ResourceClaim references one entry + in PodSpec.ResourceClaims. + properties: + name: + description: Name must match the name of + one entry in pod.spec.resourceClaims of + the Pod where this field is used. It makes + that resource available inside a container. + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum amount + of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum amount + of compute resources required. If Requests is + omitted for a container, it defaults to Limits + if that is explicitly specified, otherwise to + an implementation-defined value. More info: + https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + type: object + selector: + description: selector is a label query over volumes + to consider for binding. + properties: + matchExpressions: + description: matchExpressions is a list of label + selector requirements. The requirements are + ANDed. + items: + description: A label selector requirement is + a selector that contains values, a key, and + an operator that relates the key and values. + properties: + key: + description: key is the label key that the + selector applies to. + type: string + operator: + description: operator represents a key's + relationship to a set of values. Valid + operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. If + the operator is Exists or DoesNotExist, + the values array must be empty. This array + is replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is "In", + and the values array contains only "value". + The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + storageClassName: + description: 'storageClassName is the name of the + StorageClass required by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1' + type: string + volumeMode: + description: volumeMode defines what type of volume + is required by the claim. Value of Filesystem is + implied when not included in claim spec. + type: string + volumeName: + description: volumeName is the binding reference to + the PersistentVolume backing this claim. + type: string + type: object + status: + description: 'status represents the current information/status + of a persistent volume claim. Read-only. More info: + https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' + properties: + accessModes: + description: 'accessModes contains the actual access + modes the volume backing the PVC has. More info: + https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1' + items: + type: string + type: array + allocatedResources: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: allocatedResources is the storage resource + within AllocatedResources tracks the capacity allocated + to a PVC. It may be larger than the actual capacity + when a volume expansion operation is requested. + For storage quota, the larger value from allocatedResources + and PVC.spec.resources is used. If allocatedResources + is not set, PVC.spec.resources alone is used for + quota calculation. If a volume expansion capacity + request is lowered, allocatedResources is only lowered + if there are no expansion operations in progress + and if the actual volume capacity is equal or lower + than the requested capacity. This is an alpha field + and requires enabling RecoverVolumeExpansionFailure + feature. + type: object + capacity: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: capacity represents the actual resources + of the underlying volume. + type: object + conditions: + description: conditions is the current Condition of + persistent volume claim. If underlying persistent + volume is being resized then the Condition will + be set to 'ResizeStarted'. + items: + description: PersistentVolumeClaimCondition contails + details about state of pvc + properties: + lastProbeTime: + description: lastProbeTime is the time we probed + the condition. + format: date-time + type: string + lastTransitionTime: + description: lastTransitionTime is the time + the condition transitioned from one status + to another. + format: date-time + type: string + message: + description: message is the human-readable message + indicating details about last transition. + type: string + reason: + description: reason is a unique, this should + be a short, machine understandable string + that gives the reason for condition's last + transition. If it reports "ResizeStarted" + that means the underlying persistent volume + is being resized. + type: string + status: + type: string + type: + description: PersistentVolumeClaimConditionType + is a valid value of PersistentVolumeClaimCondition.Type + type: string + required: + - status + - type + type: object + type: array + phase: + description: phase represents the current phase of + PersistentVolumeClaim. + type: string + resizeStatus: + description: resizeStatus stores status of resize + operation. ResizeStatus is not set by default but + when expansion is complete resizeStatus is set to + empty string by resize controller or kubelet. This + is an alpha field and requires enabling RecoverVolumeExpansionFailure + feature. + type: string + type: object + type: object + type: array + volumeMounts: + description: VolumeMounts Kubernetes Native `volumeMounts` specification. + items: + description: VolumeMount describes a mounting of a Volume + within a container. + properties: + mountPath: + description: Path within the container at which the volume + should be mounted. Must not contain ':'. + type: string + mountPropagation: + description: mountPropagation determines how mounts are + propagated from the host to container and the other + way around. When not set, MountPropagationNone is used. + This field is beta in 1.10. + type: string + name: + description: This must match the Name of a Volume. + type: string + readOnly: + description: Mounted read-only if true, read-write otherwise + (false or unspecified). Defaults to false. + type: boolean + subPath: + description: Path within the volume from which the container's + volume should be mounted. Defaults to "" (volume's root). + type: string + subPathExpr: + description: Expanded path within the volume from which + the container's volume should be mounted. Behaves similarly + to SubPath but environment variable references $(VAR_NAME) + are expanded using the container's environment. Defaults + to "" (volume's root). SubPathExpr and SubPath are mutually + exclusive. + type: string + required: + - mountPath + - name + type: object + type: array + volumes: + description: Volumes Kubernetes Native `volumes` specification. + items: + description: Volume represents a named volume in a pod that + may be accessed by any container in the pod. + properties: + awsElasticBlockStore: + description: 'awsElasticBlockStore represents an AWS Disk + resource that is attached to a kubelet''s host machine + and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' + properties: + fsType: + description: 'fsType is the filesystem type of the + volume that you want to mount. Tip: Ensure that + the filesystem type is supported by the host operating + system. Examples: "ext4", "xfs", "ntfs". Implicitly + inferred to be "ext4" if unspecified. More info: + https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore + TODO: how do we prevent errors in the filesystem + from compromising the machine' + type: string + partition: + description: 'partition is the partition in the volume + that you want to mount. If omitted, the default + is to mount by volume name. Examples: For volume + /dev/sda1, you specify the partition as "1". Similarly, + the volume partition for /dev/sda is "0" (or you + can leave the property empty).' + format: int32 + type: integer + readOnly: + description: 'readOnly value true will force the readOnly + setting in VolumeMounts. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' + type: boolean + volumeID: + description: 'volumeID is unique ID of the persistent + disk resource in AWS (Amazon EBS volume). More info: + https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' + type: string + required: + - volumeID + type: object + azureDisk: + description: azureDisk represents an Azure Data Disk mount + on the host and bind mount to the pod. + properties: + cachingMode: + description: 'cachingMode is the Host Caching mode: + None, Read Only, Read Write.' + type: string + diskName: + description: diskName is the Name of the data disk + in the blob storage + type: string + diskURI: + description: diskURI is the URI of data disk in the + blob storage + type: string + fsType: + description: fsType is Filesystem type to mount. Must + be a filesystem type supported by the host operating + system. Ex. "ext4", "xfs", "ntfs". Implicitly inferred + to be "ext4" if unspecified. + type: string + kind: + description: 'kind expected values are Shared: multiple + blob disks per storage account Dedicated: single + blob disk per storage account Managed: azure managed + data disk (only in managed availability set). defaults + to shared' + type: string + readOnly: + description: readOnly Defaults to false (read/write). + ReadOnly here will force the ReadOnly setting in + VolumeMounts. + type: boolean + required: + - diskName + - diskURI + type: object + azureFile: + description: azureFile represents an Azure File Service + mount on the host and bind mount to the pod. + properties: + readOnly: + description: readOnly defaults to false (read/write). + ReadOnly here will force the ReadOnly setting in + VolumeMounts. + type: boolean + secretName: + description: secretName is the name of secret that + contains Azure Storage Account Name and Key + type: string + shareName: + description: shareName is the azure share Name + type: string + required: + - secretName + - shareName + type: object + cephfs: + description: cephFS represents a Ceph FS mount on the + host that shares a pod's lifetime + properties: + monitors: + description: 'monitors is Required: Monitors is a + collection of Ceph monitors More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' + items: + type: string + type: array + path: + description: 'path is Optional: Used as the mounted + root, rather than the full Ceph tree, default is + /' + type: string + readOnly: + description: 'readOnly is Optional: Defaults to false + (read/write). ReadOnly here will force the ReadOnly + setting in VolumeMounts. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' + type: boolean + secretFile: + description: 'secretFile is Optional: SecretFile is + the path to key ring for User, default is /etc/ceph/user.secret + More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' + type: string + secretRef: + description: 'secretRef is Optional: SecretRef is + reference to the authentication secret for User, + default is empty. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' + properties: + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + type: object + x-kubernetes-map-type: atomic + user: + description: 'user is optional: User is the rados + user name, default is admin More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' + type: string + required: + - monitors + type: object + cinder: + description: 'cinder represents a cinder volume attached + and mounted on kubelets host machine. More info: https://examples.k8s.io/mysql-cinder-pd/README.md' + properties: + fsType: + description: 'fsType is the filesystem type to mount. + Must be a filesystem type supported by the host + operating system. Examples: "ext4", "xfs", "ntfs". + Implicitly inferred to be "ext4" if unspecified. + More info: https://examples.k8s.io/mysql-cinder-pd/README.md' + type: string + readOnly: + description: 'readOnly defaults to false (read/write). + ReadOnly here will force the ReadOnly setting in + VolumeMounts. More info: https://examples.k8s.io/mysql-cinder-pd/README.md' + type: boolean + secretRef: + description: 'secretRef is optional: points to a secret + object containing parameters used to connect to + OpenStack.' + properties: + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + type: object + x-kubernetes-map-type: atomic + volumeID: + description: 'volumeID used to identify the volume + in cinder. More info: https://examples.k8s.io/mysql-cinder-pd/README.md' + type: string + required: + - volumeID + type: object + configMap: + description: configMap represents a configMap that should + populate this volume + properties: + defaultMode: + description: 'defaultMode is optional: mode bits used + to set permissions on created files by default. + Must be an octal value between 0000 and 0777 or + a decimal value between 0 and 511. YAML accepts + both octal and decimal values, JSON requires decimal + values for mode bits. Defaults to 0644. Directories + within the path are not affected by this setting. + This might be in conflict with other options that + affect the file mode, like fsGroup, and the result + can be other mode bits set.' + format: int32 + type: integer + items: + description: items if unspecified, each key-value + pair in the Data field of the referenced ConfigMap + will be projected into the volume as a file whose + name is the key and content is the value. If specified, + the listed keys will be projected into the specified + paths, and unlisted keys will not be present. If + a key is specified which is not present in the ConfigMap, + the volume setup will error unless it is marked + optional. Paths must be relative and may not contain + the '..' path or start with '..'. + items: + description: Maps a string key to a path within + a volume. + properties: + key: + description: key is the key to project. + type: string + mode: + description: 'mode is Optional: mode bits used + to set permissions on this file. Must be an + octal value between 0000 and 0777 or a decimal + value between 0 and 511. YAML accepts both + octal and decimal values, JSON requires decimal + values for mode bits. If not specified, the + volume defaultMode will be used. This might + be in conflict with other options that affect + the file mode, like fsGroup, and the result + can be other mode bits set.' + format: int32 + type: integer + path: + description: path is the relative path of the + file to map the key to. May not be an absolute + path. May not contain the path element '..'. + May not start with the string '..'. + type: string + required: + - key + - path + type: object + type: array + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: optional specify whether the ConfigMap + or its keys must be defined + type: boolean + type: object + x-kubernetes-map-type: atomic + csi: + description: csi (Container Storage Interface) represents + ephemeral storage that is handled by certain external + CSI drivers (Beta feature). + properties: + driver: + description: driver is the name of the CSI driver + that handles this volume. Consult with your admin + for the correct name as registered in the cluster. + type: string + fsType: + description: fsType to mount. Ex. "ext4", "xfs", "ntfs". + If not provided, the empty value is passed to the + associated CSI driver which will determine the default + filesystem to apply. + type: string + nodePublishSecretRef: + description: nodePublishSecretRef is a reference to + the secret object containing sensitive information + to pass to the CSI driver to complete the CSI NodePublishVolume + and NodeUnpublishVolume calls. This field is optional, + and may be empty if no secret is required. If the + secret object contains more than one secret, all + secret references are passed. + properties: + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + type: object + x-kubernetes-map-type: atomic + readOnly: + description: readOnly specifies a read-only configuration + for the volume. Defaults to false (read/write). + type: boolean + volumeAttributes: + additionalProperties: + type: string + description: volumeAttributes stores driver-specific + properties that are passed to the CSI driver. Consult + your driver's documentation for supported values. + type: object + required: + - driver + type: object + downwardAPI: + description: downwardAPI represents downward API about + the pod that should populate this volume + properties: + defaultMode: + description: 'Optional: mode bits to use on created + files by default. Must be a Optional: mode bits + used to set permissions on created files by default. + Must be an octal value between 0000 and 0777 or + a decimal value between 0 and 511. YAML accepts + both octal and decimal values, JSON requires decimal + values for mode bits. Defaults to 0644. Directories + within the path are not affected by this setting. + This might be in conflict with other options that + affect the file mode, like fsGroup, and the result + can be other mode bits set.' + format: int32 + type: integer + items: + description: Items is a list of downward API volume + file + items: + description: DownwardAPIVolumeFile represents information + to create the file containing the pod field + properties: + fieldRef: + description: 'Required: Selects a field of the + pod: only annotations, labels, name and namespace + are supported.' + properties: + apiVersion: + description: Version of the schema the FieldPath + is written in terms of, defaults to "v1". + type: string + fieldPath: + description: Path of the field to select + in the specified API version. + type: string + required: + - fieldPath + type: object + x-kubernetes-map-type: atomic + mode: + description: 'Optional: mode bits used to set + permissions on this file, must be an octal + value between 0000 and 0777 or a decimal value + between 0 and 511. YAML accepts both octal + and decimal values, JSON requires decimal + values for mode bits. If not specified, the + volume defaultMode will be used. This might + be in conflict with other options that affect + the file mode, like fsGroup, and the result + can be other mode bits set.' + format: int32 + type: integer + path: + description: 'Required: Path is the relative + path name of the file to be created. Must + not be absolute or contain the ''..'' path. + Must be utf-8 encoded. The first item of the + relative path must not start with ''..''' + type: string + resourceFieldRef: + description: 'Selects a resource of the container: + only resources limits and requests (limits.cpu, + limits.memory, requests.cpu and requests.memory) + are currently supported.' + properties: + containerName: + description: 'Container name: required for + volumes, optional for env vars' + type: string + divisor: + anyOf: + - type: integer + - type: string + description: Specifies the output format + of the exposed resources, defaults to + "1" + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + description: 'Required: resource to select' + type: string + required: + - resource + type: object + x-kubernetes-map-type: atomic + required: + - path + type: object + type: array + type: object + emptyDir: + description: 'emptyDir represents a temporary directory + that shares a pod''s lifetime. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' + properties: + medium: + description: 'medium represents what type of storage + medium should back this directory. The default is + "" which means to use the node''s default medium. + Must be an empty string (default) or Memory. More + info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' + type: string + sizeLimit: + anyOf: + - type: integer + - type: string + description: 'sizeLimit is the total amount of local + storage required for this EmptyDir volume. The size + limit is also applicable for memory medium. The + maximum usage on memory medium EmptyDir would be + the minimum value between the SizeLimit specified + here and the sum of memory limits of all containers + in a pod. The default is nil which means that the + limit is undefined. More info: http://kubernetes.io/docs/user-guide/volumes#emptydir' + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + ephemeral: + description: "ephemeral represents a volume that is handled + by a cluster storage driver. The volume's lifecycle + is tied to the pod that defines it - it will be created + before the pod starts, and deleted when the pod is removed. + \n Use this if: a) the volume is only needed while the + pod runs, b) features of normal volumes like restoring + from snapshot or capacity tracking are needed, c) the + storage driver is specified through a storage class, + and d) the storage driver supports dynamic volume provisioning + through a PersistentVolumeClaim (see EphemeralVolumeSource + for more information on the connection between this + volume type and PersistentVolumeClaim). \n Use PersistentVolumeClaim + or one of the vendor-specific APIs for volumes that + persist for longer than the lifecycle of an individual + pod. \n Use CSI for light-weight local ephemeral volumes + if the CSI driver is meant to be used that way - see + the documentation of the driver for more information. + \n A pod can use both types of ephemeral volumes and + persistent volumes at the same time." + properties: + volumeClaimTemplate: + description: "Will be used to create a stand-alone + PVC to provision the volume. The pod in which this + EphemeralVolumeSource is embedded will be the owner + of the PVC, i.e. the PVC will be deleted together + with the pod. The name of the PVC will be `-` where `` is the + name from the `PodSpec.Volumes` array entry. Pod + validation will reject the pod if the concatenated + name is not valid for a PVC (for example, too long). + \n An existing PVC with that name that is not owned + by the pod will *not* be used for the pod to avoid + using an unrelated volume by mistake. Starting the + pod is then blocked until the unrelated PVC is removed. + If such a pre-created PVC is meant to be used by + the pod, the PVC has to updated with an owner reference + to the pod once the pod exists. Normally this should + not be necessary, but it may be useful when manually + reconstructing a broken cluster. \n This field is + read-only and no changes will be made by Kubernetes + to the PVC after it has been created. \n Required, + must not be nil." + properties: + metadata: + description: May contain labels and annotations + that will be copied into the PVC when creating + it. No other fields are allowed and will be + rejected during validation. + properties: + annotations: + additionalProperties: + type: string + type: object + finalizers: + items: + type: string + type: array + labels: + additionalProperties: + type: string + type: object + name: + type: string + namespace: + type: string + type: object + spec: + description: The specification for the PersistentVolumeClaim. + The entire content is copied unchanged into + the PVC that gets created from this template. + The same fields as in a PersistentVolumeClaim + are also valid here. + properties: + accessModes: + description: 'accessModes contains the desired + access modes the volume should have. More + info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1' + items: + type: string + type: array + dataSource: + description: 'dataSource field can be used + to specify either: * An existing VolumeSnapshot + object (snapshot.storage.k8s.io/VolumeSnapshot) + * An existing PVC (PersistentVolumeClaim) + If the provisioner or an external controller + can support the specified data source, it + will create a new volume based on the contents + of the specified data source. When the AnyVolumeDataSource + feature gate is enabled, dataSource contents + will be copied to dataSourceRef, and dataSourceRef + contents will be copied to dataSource when + dataSourceRef.namespace is not specified. + If the namespace is specified, then dataSourceRef + will not be copied to dataSource.' + properties: + apiGroup: + description: APIGroup is the group for + the resource being referenced. If APIGroup + is not specified, the specified Kind + must be in the core API group. For any + other third-party types, APIGroup is + required. + type: string + kind: + description: Kind is the type of resource + being referenced + type: string + name: + description: Name is the name of resource + being referenced + type: string + required: + - kind + - name + type: object + x-kubernetes-map-type: atomic + dataSourceRef: + description: 'dataSourceRef specifies the + object from which to populate the volume + with data, if a non-empty volume is desired. + This may be any object from a non-empty + API group (non core object) or a PersistentVolumeClaim + object. When this field is specified, volume + binding will only succeed if the type of + the specified object matches some installed + volume populator or dynamic provisioner. + This field will replace the functionality + of the dataSource field and as such if both + fields are non-empty, they must have the + same value. For backwards compatibility, + when namespace isn''t specified in dataSourceRef, + both fields (dataSource and dataSourceRef) + will be set to the same value automatically + if one of them is empty and the other is + non-empty. When namespace is specified in + dataSourceRef, dataSource isn''t set to + the same value and must be empty. There + are three important differences between + dataSource and dataSourceRef: * While dataSource + only allows two specific types of objects, + dataSourceRef allows any non-core object, + as well as PersistentVolumeClaim objects. + * While dataSource ignores disallowed values + (dropping them), dataSourceRef preserves + all values, and generates an error if a + disallowed value is specified. * While dataSource + only allows local objects, dataSourceRef + allows objects in any namespaces. (Beta) + Using this field requires the AnyVolumeDataSource + feature gate to be enabled. (Alpha) Using + the namespace field of dataSourceRef requires + the CrossNamespaceVolumeDataSource feature + gate to be enabled.' + properties: + apiGroup: + description: APIGroup is the group for + the resource being referenced. If APIGroup + is not specified, the specified Kind + must be in the core API group. For any + other third-party types, APIGroup is + required. + type: string + kind: + description: Kind is the type of resource + being referenced + type: string + name: + description: Name is the name of resource + being referenced + type: string + namespace: + description: Namespace is the namespace + of resource being referenced Note that + when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant + object is required in the referent namespace + to allow that namespace's owner to accept + the reference. See the ReferenceGrant + documentation for details. (Alpha) This + field requires the CrossNamespaceVolumeDataSource + feature gate to be enabled. + type: string + required: + - kind + - name + type: object + resources: + description: 'resources represents the minimum + resources the volume should have. If RecoverVolumeExpansionFailure + feature is enabled users are allowed to + specify resource requirements that are lower + than previous value but must still be higher + than capacity recorded in the status field + of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources' + properties: + claims: + description: "Claims lists the names of + resources, defined in spec.resourceClaims, + that are used by this container. \n + This is an alpha field and requires + enabling the DynamicResourceAllocation + feature gate. \n This field is immutable. + It can only be set for containers." + items: + description: ResourceClaim references + one entry in PodSpec.ResourceClaims. + properties: + name: + description: Name must match the + name of one entry in pod.spec.resourceClaims + of the Pod where this field is + used. It makes that resource available + inside a container. + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum + amount of compute resources allowed. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum + amount of compute resources required. + If Requests is omitted for a container, + it defaults to Limits if that is explicitly + specified, otherwise to an implementation-defined + value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + type: object + selector: + description: selector is a label query over + volumes to consider for binding. + properties: + matchExpressions: + description: matchExpressions is a list + of label selector requirements. The + requirements are ANDed. + items: + description: A label selector requirement + is a selector that contains values, + a key, and an operator that relates + the key and values. + properties: + key: + description: key is the label key + that the selector applies to. + type: string + operator: + description: operator represents + a key's relationship to a set + of values. Valid operators are + In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array + of string values. If the operator + is In or NotIn, the values array + must be non-empty. If the operator + is Exists or DoesNotExist, the + values array must be empty. This + array is replaced during a strategic + merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator + is "In", and the values array contains + only "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + storageClassName: + description: 'storageClassName is the name + of the StorageClass required by the claim. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1' + type: string + volumeMode: + description: volumeMode defines what type + of volume is required by the claim. Value + of Filesystem is implied when not included + in claim spec. + type: string + volumeName: + description: volumeName is the binding reference + to the PersistentVolume backing this claim. + type: string + type: object + required: + - spec + type: object + type: object + fc: + description: fc represents a Fibre Channel resource that + is attached to a kubelet's host machine and then exposed + to the pod. + properties: + fsType: + description: 'fsType is the filesystem type to mount. + Must be a filesystem type supported by the host + operating system. Ex. "ext4", "xfs", "ntfs". Implicitly + inferred to be "ext4" if unspecified. TODO: how + do we prevent errors in the filesystem from compromising + the machine' + type: string + lun: + description: 'lun is Optional: FC target lun number' + format: int32 + type: integer + readOnly: + description: 'readOnly is Optional: Defaults to false + (read/write). ReadOnly here will force the ReadOnly + setting in VolumeMounts.' + type: boolean + targetWWNs: + description: 'targetWWNs is Optional: FC target worldwide + names (WWNs)' + items: + type: string + type: array + wwids: + description: 'wwids Optional: FC volume world wide + identifiers (wwids) Either wwids or combination + of targetWWNs and lun must be set, but not both + simultaneously.' + items: + type: string + type: array + type: object + flexVolume: + description: flexVolume represents a generic volume resource + that is provisioned/attached using an exec based plugin. + properties: + driver: + description: driver is the name of the driver to use + for this volume. + type: string + fsType: + description: fsType is the filesystem type to mount. + Must be a filesystem type supported by the host + operating system. Ex. "ext4", "xfs", "ntfs". The + default filesystem depends on FlexVolume script. + type: string + options: + additionalProperties: + type: string + description: 'options is Optional: this field holds + extra command options if any.' + type: object + readOnly: + description: 'readOnly is Optional: defaults to false + (read/write). ReadOnly here will force the ReadOnly + setting in VolumeMounts.' + type: boolean + secretRef: + description: 'secretRef is Optional: secretRef is + reference to the secret object containing sensitive + information to pass to the plugin scripts. This + may be empty if no secret object is specified. If + the secret object contains more than one secret, + all secrets are passed to the plugin scripts.' + properties: + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + type: object + x-kubernetes-map-type: atomic + required: + - driver + type: object + flocker: + description: flocker represents a Flocker volume attached + to a kubelet's host machine. This depends on the Flocker + control service being running + properties: + datasetName: + description: datasetName is Name of the dataset stored + as metadata -> name on the dataset for Flocker should + be considered as deprecated + type: string + datasetUUID: + description: datasetUUID is the UUID of the dataset. + This is unique identifier of a Flocker dataset + type: string + type: object + gcePersistentDisk: + description: 'gcePersistentDisk represents a GCE Disk + resource that is attached to a kubelet''s host machine + and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' + properties: + fsType: + description: 'fsType is filesystem type of the volume + that you want to mount. Tip: Ensure that the filesystem + type is supported by the host operating system. + Examples: "ext4", "xfs", "ntfs". Implicitly inferred + to be "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk + TODO: how do we prevent errors in the filesystem + from compromising the machine' + type: string + partition: + description: 'partition is the partition in the volume + that you want to mount. If omitted, the default + is to mount by volume name. Examples: For volume + /dev/sda1, you specify the partition as "1". Similarly, + the volume partition for /dev/sda is "0" (or you + can leave the property empty). More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' + format: int32 + type: integer + pdName: + description: 'pdName is unique name of the PD resource + in GCE. Used to identify the disk in GCE. More info: + https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' + type: string + readOnly: + description: 'readOnly here will force the ReadOnly + setting in VolumeMounts. Defaults to false. More + info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' + type: boolean + required: + - pdName + type: object + gitRepo: + description: 'gitRepo represents a git repository at a + particular revision. DEPRECATED: GitRepo is deprecated. + To provision a container with a git repo, mount an EmptyDir + into an InitContainer that clones the repo using git, + then mount the EmptyDir into the Pod''s container.' + properties: + directory: + description: directory is the target directory name. + Must not contain or start with '..'. If '.' is + supplied, the volume directory will be the git repository. Otherwise, + if specified, the volume will contain the git repository + in the subdirectory with the given name. + type: string + repository: + description: repository is the URL + type: string + revision: + description: revision is the commit hash for the specified + revision. + type: string + required: + - repository + type: object + glusterfs: + description: 'glusterfs represents a Glusterfs mount on + the host that shares a pod''s lifetime. More info: https://examples.k8s.io/volumes/glusterfs/README.md' + properties: + endpoints: + description: 'endpoints is the endpoint name that + details Glusterfs topology. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' + type: string + path: + description: 'path is the Glusterfs volume path. More + info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' + type: string + readOnly: + description: 'readOnly here will force the Glusterfs + volume to be mounted with read-only permissions. + Defaults to false. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' + type: boolean + required: + - endpoints + - path + type: object + hostPath: + description: 'hostPath represents a pre-existing file + or directory on the host machine that is directly exposed + to the container. This is generally used for system + agents or other privileged things that are allowed to + see the host machine. Most containers will NOT need + this. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath + --- TODO(jonesdl) We need to restrict who can use host + directory mounts and who can/can not mount host directories + as read/write.' + properties: + path: + description: 'path of the directory on the host. If + the path is a symlink, it will follow the link to + the real path. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath' + type: string + type: + description: 'type for HostPath Volume Defaults to + "" More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath' + type: string + required: + - path + type: object + iscsi: + description: 'iscsi represents an ISCSI Disk resource + that is attached to a kubelet''s host machine and then + exposed to the pod. More info: https://examples.k8s.io/volumes/iscsi/README.md' + properties: + chapAuthDiscovery: + description: chapAuthDiscovery defines whether support + iSCSI Discovery CHAP authentication + type: boolean + chapAuthSession: + description: chapAuthSession defines whether support + iSCSI Session CHAP authentication + type: boolean + fsType: + description: 'fsType is the filesystem type of the + volume that you want to mount. Tip: Ensure that + the filesystem type is supported by the host operating + system. Examples: "ext4", "xfs", "ntfs". Implicitly + inferred to be "ext4" if unspecified. More info: + https://kubernetes.io/docs/concepts/storage/volumes#iscsi + TODO: how do we prevent errors in the filesystem + from compromising the machine' + type: string + initiatorName: + description: initiatorName is the custom iSCSI Initiator + Name. If initiatorName is specified with iscsiInterface + simultaneously, new iSCSI interface : will be created for the connection. + type: string + iqn: + description: iqn is the target iSCSI Qualified Name. + type: string + iscsiInterface: + description: iscsiInterface is the interface Name + that uses an iSCSI transport. Defaults to 'default' + (tcp). + type: string + lun: + description: lun represents iSCSI Target Lun number. + format: int32 + type: integer + portals: + description: portals is the iSCSI Target Portal List. + The portal is either an IP or ip_addr:port if the + port is other than default (typically TCP ports + 860 and 3260). + items: + type: string + type: array + readOnly: + description: readOnly here will force the ReadOnly + setting in VolumeMounts. Defaults to false. + type: boolean + secretRef: + description: secretRef is the CHAP Secret for iSCSI + target and initiator authentication + properties: + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + type: object + x-kubernetes-map-type: atomic + targetPortal: + description: targetPortal is iSCSI Target Portal. + The Portal is either an IP or ip_addr:port if the + port is other than default (typically TCP ports + 860 and 3260). + type: string + required: + - iqn + - lun + - targetPortal + type: object + name: + description: 'name of the volume. Must be a DNS_LABEL + and unique within the pod. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + nfs: + description: 'nfs represents an NFS mount on the host + that shares a pod''s lifetime More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' + properties: + path: + description: 'path that is exported by the NFS server. + More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' + type: string + readOnly: + description: 'readOnly here will force the NFS export + to be mounted with read-only permissions. Defaults + to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' + type: boolean + server: + description: 'server is the hostname or IP address + of the NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' + type: string + required: + - path + - server + type: object + persistentVolumeClaim: + description: 'persistentVolumeClaimVolumeSource represents + a reference to a PersistentVolumeClaim in the same namespace. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' + properties: + claimName: + description: 'claimName is the name of a PersistentVolumeClaim + in the same namespace as the pod using this volume. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' + type: string + readOnly: + description: readOnly Will force the ReadOnly setting + in VolumeMounts. Default false. + type: boolean + required: + - claimName + type: object + photonPersistentDisk: + description: photonPersistentDisk represents a PhotonController + persistent disk attached and mounted on kubelets host + machine + properties: + fsType: + description: fsType is the filesystem type to mount. + Must be a filesystem type supported by the host + operating system. Ex. "ext4", "xfs", "ntfs". Implicitly + inferred to be "ext4" if unspecified. + type: string + pdID: + description: pdID is the ID that identifies Photon + Controller persistent disk + type: string + required: + - pdID + type: object + portworxVolume: + description: portworxVolume represents a portworx volume + attached and mounted on kubelets host machine + properties: + fsType: + description: fSType represents the filesystem type + to mount Must be a filesystem type supported by + the host operating system. Ex. "ext4", "xfs". Implicitly + inferred to be "ext4" if unspecified. + type: string + readOnly: + description: readOnly defaults to false (read/write). + ReadOnly here will force the ReadOnly setting in + VolumeMounts. + type: boolean + volumeID: + description: volumeID uniquely identifies a Portworx + volume + type: string + required: + - volumeID + type: object + projected: + description: projected items for all in one resources + secrets, configmaps, and downward API + properties: + defaultMode: + description: defaultMode are the mode bits used to + set permissions on created files by default. Must + be an octal value between 0000 and 0777 or a decimal + value between 0 and 511. YAML accepts both octal + and decimal values, JSON requires decimal values + for mode bits. Directories within the path are not + affected by this setting. This might be in conflict + with other options that affect the file mode, like + fsGroup, and the result can be other mode bits set. + format: int32 + type: integer + sources: + description: sources is the list of volume projections + items: + description: Projection that may be projected along + with other supported volume types + properties: + configMap: + description: configMap information about the + configMap data to project + properties: + items: + description: items if unspecified, each + key-value pair in the Data field of the + referenced ConfigMap will be projected + into the volume as a file whose name is + the key and content is the value. If specified, + the listed keys will be projected into + the specified paths, and unlisted keys + will not be present. If a key is specified + which is not present in the ConfigMap, + the volume setup will error unless it + is marked optional. Paths must be relative + and may not contain the '..' path or start + with '..'. + items: + description: Maps a string key to a path + within a volume. + properties: + key: + description: key is the key to project. + type: string + mode: + description: 'mode is Optional: mode + bits used to set permissions on + this file. Must be an octal value + between 0000 and 0777 or a decimal + value between 0 and 511. YAML accepts + both octal and decimal values, JSON + requires decimal values for mode + bits. If not specified, the volume + defaultMode will be used. This might + be in conflict with other options + that affect the file mode, like + fsGroup, and the result can be other + mode bits set.' + format: int32 + type: integer + path: + description: path is the relative + path of the file to map the key + to. May not be an absolute path. + May not contain the path element + '..'. May not start with the string + '..'. + type: string + required: + - key + - path + type: object + type: array + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: optional specify whether the + ConfigMap or its keys must be defined + type: boolean + type: object + x-kubernetes-map-type: atomic + downwardAPI: + description: downwardAPI information about the + downwardAPI data to project + properties: + items: + description: Items is a list of DownwardAPIVolume + file + items: + description: DownwardAPIVolumeFile represents + information to create the file containing + the pod field + properties: + fieldRef: + description: 'Required: Selects a + field of the pod: only annotations, + labels, name and namespace are supported.' + properties: + apiVersion: + description: Version of the schema + the FieldPath is written in + terms of, defaults to "v1". + type: string + fieldPath: + description: Path of the field + to select in the specified API + version. + type: string + required: + - fieldPath + type: object + x-kubernetes-map-type: atomic + mode: + description: 'Optional: mode bits + used to set permissions on this + file, must be an octal value between + 0000 and 0777 or a decimal value + between 0 and 511. YAML accepts + both octal and decimal values, JSON + requires decimal values for mode + bits. If not specified, the volume + defaultMode will be used. This might + be in conflict with other options + that affect the file mode, like + fsGroup, and the result can be other + mode bits set.' + format: int32 + type: integer + path: + description: 'Required: Path is the + relative path name of the file to + be created. Must not be absolute + or contain the ''..'' path. Must + be utf-8 encoded. The first item + of the relative path must not start + with ''..''' + type: string + resourceFieldRef: + description: 'Selects a resource of + the container: only resources limits + and requests (limits.cpu, limits.memory, + requests.cpu and requests.memory) + are currently supported.' + properties: + containerName: + description: 'Container name: + required for volumes, optional + for env vars' + type: string + divisor: + anyOf: + - type: integer + - type: string + description: Specifies the output + format of the exposed resources, + defaults to "1" + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + description: 'Required: resource + to select' + type: string + required: + - resource + type: object + x-kubernetes-map-type: atomic + required: + - path + type: object + type: array + type: object + secret: + description: secret information about the secret + data to project + properties: + items: + description: items if unspecified, each + key-value pair in the Data field of the + referenced Secret will be projected into + the volume as a file whose name is the + key and content is the value. If specified, + the listed keys will be projected into + the specified paths, and unlisted keys + will not be present. If a key is specified + which is not present in the Secret, the + volume setup will error unless it is marked + optional. Paths must be relative and may + not contain the '..' path or start with + '..'. + items: + description: Maps a string key to a path + within a volume. + properties: + key: + description: key is the key to project. + type: string + mode: + description: 'mode is Optional: mode + bits used to set permissions on + this file. Must be an octal value + between 0000 and 0777 or a decimal + value between 0 and 511. YAML accepts + both octal and decimal values, JSON + requires decimal values for mode + bits. If not specified, the volume + defaultMode will be used. This might + be in conflict with other options + that affect the file mode, like + fsGroup, and the result can be other + mode bits set.' + format: int32 + type: integer + path: + description: path is the relative + path of the file to map the key + to. May not be an absolute path. + May not contain the path element + '..'. May not start with the string + '..'. + type: string + required: + - key + - path + type: object + type: array + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: optional field specify whether + the Secret or its key must be defined + type: boolean + type: object + x-kubernetes-map-type: atomic + serviceAccountToken: + description: serviceAccountToken is information + about the serviceAccountToken data to project + properties: + audience: + description: audience is the intended audience + of the token. A recipient of a token must + identify itself with an identifier specified + in the audience of the token, and otherwise + should reject the token. The audience + defaults to the identifier of the apiserver. + type: string + expirationSeconds: + description: expirationSeconds is the requested + duration of validity of the service account + token. As the token approaches expiration, + the kubelet volume plugin will proactively + rotate the service account token. The + kubelet will start trying to rotate the + token if the token is older than 80 percent + of its time to live or if the token is + older than 24 hours.Defaults to 1 hour + and must be at least 10 minutes. + format: int64 + type: integer + path: + description: path is the path relative to + the mount point of the file to project + the token into. + type: string + required: + - path + type: object + type: object + type: array + type: object + quobyte: + description: quobyte represents a Quobyte mount on the + host that shares a pod's lifetime + properties: + group: + description: group to map volume access to Default + is no group + type: string + readOnly: + description: readOnly here will force the Quobyte + volume to be mounted with read-only permissions. + Defaults to false. + type: boolean + registry: + description: registry represents a single or multiple + Quobyte Registry services specified as a string + as host:port pair (multiple entries are separated + with commas) which acts as the central registry + for volumes + type: string + tenant: + description: tenant owning the given Quobyte volume + in the Backend Used with dynamically provisioned + Quobyte volumes, value is set by the plugin + type: string + user: + description: user to map volume access to Defaults + to serivceaccount user + type: string + volume: + description: volume is a string that references an + already created Quobyte volume by name. + type: string + required: + - registry + - volume + type: object + rbd: + description: 'rbd represents a Rados Block Device mount + on the host that shares a pod''s lifetime. More info: + https://examples.k8s.io/volumes/rbd/README.md' + properties: + fsType: + description: 'fsType is the filesystem type of the + volume that you want to mount. Tip: Ensure that + the filesystem type is supported by the host operating + system. Examples: "ext4", "xfs", "ntfs". Implicitly + inferred to be "ext4" if unspecified. More info: + https://kubernetes.io/docs/concepts/storage/volumes#rbd + TODO: how do we prevent errors in the filesystem + from compromising the machine' + type: string + image: + description: 'image is the rados image name. More + info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' + type: string + keyring: + description: 'keyring is the path to key ring for + RBDUser. Default is /etc/ceph/keyring. More info: + https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' + type: string + monitors: + description: 'monitors is a collection of Ceph monitors. + More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' + items: + type: string + type: array + pool: + description: 'pool is the rados pool name. Default + is rbd. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' + type: string + readOnly: + description: 'readOnly here will force the ReadOnly + setting in VolumeMounts. Defaults to false. More + info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' + type: boolean + secretRef: + description: 'secretRef is name of the authentication + secret for RBDUser. If provided overrides keyring. + Default is nil. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' + properties: + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + type: object + x-kubernetes-map-type: atomic + user: + description: 'user is the rados user name. Default + is admin. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' + type: string + required: + - image + - monitors + type: object + scaleIO: + description: scaleIO represents a ScaleIO persistent volume + attached and mounted on Kubernetes nodes. + properties: + fsType: + description: fsType is the filesystem type to mount. + Must be a filesystem type supported by the host + operating system. Ex. "ext4", "xfs", "ntfs". Default + is "xfs". + type: string + gateway: + description: gateway is the host address of the ScaleIO + API Gateway. + type: string + protectionDomain: + description: protectionDomain is the name of the ScaleIO + Protection Domain for the configured storage. + type: string + readOnly: + description: readOnly Defaults to false (read/write). + ReadOnly here will force the ReadOnly setting in + VolumeMounts. + type: boolean + secretRef: + description: secretRef references to the secret for + ScaleIO user and other sensitive information. If + this is not provided, Login operation will fail. + properties: + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + type: object + x-kubernetes-map-type: atomic + sslEnabled: + description: sslEnabled Flag enable/disable SSL communication + with Gateway, default false + type: boolean + storageMode: + description: storageMode indicates whether the storage + for a volume should be ThickProvisioned or ThinProvisioned. + Default is ThinProvisioned. + type: string + storagePool: + description: storagePool is the ScaleIO Storage Pool + associated with the protection domain. + type: string + system: + description: system is the name of the storage system + as configured in ScaleIO. + type: string + volumeName: + description: volumeName is the name of a volume already + created in the ScaleIO system that is associated + with this volume source. + type: string + required: + - gateway + - secretRef + - system + type: object + secret: + description: 'secret represents a secret that should populate + this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' + properties: + defaultMode: + description: 'defaultMode is Optional: mode bits used + to set permissions on created files by default. + Must be an octal value between 0000 and 0777 or + a decimal value between 0 and 511. YAML accepts + both octal and decimal values, JSON requires decimal + values for mode bits. Defaults to 0644. Directories + within the path are not affected by this setting. + This might be in conflict with other options that + affect the file mode, like fsGroup, and the result + can be other mode bits set.' + format: int32 + type: integer + items: + description: items If unspecified, each key-value + pair in the Data field of the referenced Secret + will be projected into the volume as a file whose + name is the key and content is the value. If specified, + the listed keys will be projected into the specified + paths, and unlisted keys will not be present. If + a key is specified which is not present in the Secret, + the volume setup will error unless it is marked + optional. Paths must be relative and may not contain + the '..' path or start with '..'. + items: + description: Maps a string key to a path within + a volume. + properties: + key: + description: key is the key to project. + type: string + mode: + description: 'mode is Optional: mode bits used + to set permissions on this file. Must be an + octal value between 0000 and 0777 or a decimal + value between 0 and 511. YAML accepts both + octal and decimal values, JSON requires decimal + values for mode bits. If not specified, the + volume defaultMode will be used. This might + be in conflict with other options that affect + the file mode, like fsGroup, and the result + can be other mode bits set.' + format: int32 + type: integer + path: + description: path is the relative path of the + file to map the key to. May not be an absolute + path. May not contain the path element '..'. + May not start with the string '..'. + type: string + required: + - key + - path + type: object + type: array + optional: + description: optional field specify whether the Secret + or its keys must be defined + type: boolean + secretName: + description: 'secretName is the name of the secret + in the pod''s namespace to use. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' + type: string + type: object + storageos: + description: storageOS represents a StorageOS volume attached + and mounted on Kubernetes nodes. + properties: + fsType: + description: fsType is the filesystem type to mount. + Must be a filesystem type supported by the host + operating system. Ex. "ext4", "xfs", "ntfs". Implicitly + inferred to be "ext4" if unspecified. + type: string + readOnly: + description: readOnly defaults to false (read/write). + ReadOnly here will force the ReadOnly setting in + VolumeMounts. + type: boolean + secretRef: + description: secretRef specifies the secret to use + for obtaining the StorageOS API credentials. If + not specified, default values will be attempted. + properties: + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + type: object + x-kubernetes-map-type: atomic + volumeName: + description: volumeName is the human-readable name + of the StorageOS volume. Volume names are only + unique within a namespace. + type: string + volumeNamespace: + description: volumeNamespace specifies the scope of + the volume within StorageOS. If no namespace is + specified then the Pod's namespace will be used. This + allows the Kubernetes name scoping to be mirrored + within StorageOS for tighter integration. Set VolumeName + to any name to override the default behaviour. Set + to "default" if you are not using namespaces within + StorageOS. Namespaces that do not pre-exist within + StorageOS will be created. + type: string + type: object + vsphereVolume: + description: vsphereVolume represents a vSphere volume + attached and mounted on kubelets host machine + properties: + fsType: + description: fsType is filesystem type to mount. Must + be a filesystem type supported by the host operating + system. Ex. "ext4", "xfs", "ntfs". Implicitly inferred + to be "ext4" if unspecified. + type: string + storagePolicyID: + description: storagePolicyID is the storage Policy + Based Management (SPBM) profile ID associated with + the StoragePolicyName. + type: string + storagePolicyName: + description: storagePolicyName is the storage Policy + Based Management (SPBM) profile name. + type: string + volumePath: + description: volumePath is the path that identifies + vSphere volume vmdk + type: string + required: + - volumePath + type: object + required: + - name + type: object + type: array + required: + - druid.port + - nodeConfigMountPath + - nodeType + - runtime.properties + type: object + description: Nodes a list of `Druid` Node types and their configurations. + `DruidSpec` is used to create Kubernetes workload specs. Many of + the fields above can be overridden at the specific `NodeSpec` level. + type: object + podAnnotations: + additionalProperties: + type: string + description: PodAnnotations Custom annotations to be populated in + `Druid` pods. + type: object + podLabels: + additionalProperties: + type: string + description: PodLabels Custom labels to be populated in `Druid` pods. + type: object + podManagementPolicy: + default: Parallel + description: PodManagementPolicy + type: string + priorityClassName: + description: PriorityClassName Kubernetes native `priorityClassName` + specification. + type: string + readinessProbe: + description: ReadinessProbe Port is set to `druid.port` if not specified + with httpGet handler. + properties: + exec: + description: Exec specifies the action to take. + properties: + command: + description: Command is the command line to execute inside + the container, the working directory for the command is + root ('/') in the container's filesystem. The command is + simply exec'd, it is not run inside a shell, so traditional + shell instructions ('|', etc) won't work. To use a shell, + you need to explicitly call out to that shell. Exit status + of 0 is treated as live/healthy and non-zero is unhealthy. + items: + type: string + type: array + type: object + failureThreshold: + description: Minimum consecutive failures for the probe to be + considered failed after having succeeded. Defaults to 3. Minimum + value is 1. + format: int32 + type: integer + grpc: + description: GRPC specifies an action involving a GRPC port. This + is a beta field and requires enabling GRPCContainerProbe feature + gate. + properties: + port: + description: Port number of the gRPC service. Number must + be in the range 1 to 65535. + format: int32 + type: integer + service: + description: "Service is the name of the service to place + in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + \n If this is not specified, the default behavior is defined + by gRPC." + type: string + required: + - port + type: object + httpGet: + description: HTTPGet specifies the http request to perform. + properties: + host: + description: Host name to connect to, defaults to the pod + IP. You probably want to set "Host" in httpHeaders instead. + type: string + httpHeaders: + description: Custom headers to set in the request. HTTP allows + repeated headers. + items: + description: HTTPHeader describes a custom header to be + used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: integer + - type: string + description: Name or number of the port to access on the container. + Number must be in the range 1 to 65535. Name must be an + IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: Scheme to use for connecting to the host. Defaults + to HTTP. + type: string + required: + - port + type: object + initialDelaySeconds: + description: 'Number of seconds after the container has started + before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + periodSeconds: + description: How often (in seconds) to perform the probe. Default + to 10 seconds. Minimum value is 1. + format: int32 + type: integer + successThreshold: + description: Minimum consecutive successes for the probe to be + considered successful after having failed. Defaults to 1. Must + be 1 for liveness and startup. Minimum value is 1. + format: int32 + type: integer + tcpSocket: + description: TCPSocket specifies an action involving a TCP port. + properties: + host: + description: 'Optional: Host name to connect to, defaults + to the pod IP.' + type: string + port: + anyOf: + - type: integer + - type: string + description: Number or name of the port to access on the container. + Number must be in the range 1 to 65535. Name must be an + IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + terminationGracePeriodSeconds: + description: Optional duration in seconds the pod needs to terminate + gracefully upon probe failure. The grace period is the duration + in seconds after the processes running in the pod are sent a + termination signal and the time when the processes are forcibly + halted with a kill signal. Set this value longer than the expected + cleanup time for your process. If this value is nil, the pod's + terminationGracePeriodSeconds will be used. Otherwise, this + value overrides the value provided by the pod spec. Value must + be non-negative integer. The value zero indicates stop immediately + via the kill signal (no opportunity to shut down). This is a + beta field and requires enabling ProbeTerminationGracePeriod + feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds + is used if unset. + format: int64 + type: integer + timeoutSeconds: + description: 'Number of seconds after which the probe times out. + Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + type: object + rollingDeploy: + default: true + description: 'RollingDeploy Whether to deploy the components in a + rolling update as described in the documentation: https://druid.apache.org/docs/latest/operations/rolling-updates.html + If set to true then operator checks the rollout status of previous + version workloads before updating the next. This will be done only + for update actions.' + type: boolean + scalePvcSts: + default: false + description: ScalePvcSts When enabled, operator will allow volume + expansion of StatefulSet's PVCs. + type: boolean + securityContext: + description: PodSecurityContext + properties: + fsGroup: + description: "A special supplemental group that applies to all + containers in a pod. Some volume types allow the Kubelet to + change the ownership of that volume to be owned by the pod: + \n 1. The owning GID will be the FSGroup 2. The setgid bit is + set (new files created in the volume will be owned by FSGroup) + 3. The permission bits are OR'd with rw-rw---- \n If unset, + the Kubelet will not modify the ownership and permissions of + any volume. Note that this field cannot be set when spec.os.name + is windows." + format: int64 + type: integer + fsGroupChangePolicy: + description: 'fsGroupChangePolicy defines behavior of changing + ownership and permission of the volume before being exposed + inside Pod. This field will only apply to volume types which + support fsGroup based ownership(and permissions). It will have + no effect on ephemeral volume types such as: secret, configmaps + and emptydir. Valid values are "OnRootMismatch" and "Always". + If not specified, "Always" is used. Note that this field cannot + be set when spec.os.name is windows.' + type: string + runAsGroup: + description: The GID to run the entrypoint of the container process. + Uses runtime default if unset. May also be set in SecurityContext. If + set in both SecurityContext and PodSecurityContext, the value + specified in SecurityContext takes precedence for that container. + Note that this field cannot be set when spec.os.name is windows. + format: int64 + type: integer + runAsNonRoot: + description: Indicates that the container must run as a non-root + user. If true, the Kubelet will validate the image at runtime + to ensure that it does not run as UID 0 (root) and fail to start + the container if it does. If unset or false, no such validation + will be performed. May also be set in SecurityContext. If set + in both SecurityContext and PodSecurityContext, the value specified + in SecurityContext takes precedence. + type: boolean + runAsUser: + description: The UID to run the entrypoint of the container process. + Defaults to user specified in image metadata if unspecified. + May also be set in SecurityContext. If set in both SecurityContext + and PodSecurityContext, the value specified in SecurityContext + takes precedence for that container. Note that this field cannot + be set when spec.os.name is windows. + format: int64 + type: integer + seLinuxOptions: + description: The SELinux context to be applied to all containers. + If unspecified, the container runtime will allocate a random + SELinux context for each container. May also be set in SecurityContext. If + set in both SecurityContext and PodSecurityContext, the value + specified in SecurityContext takes precedence for that container. + Note that this field cannot be set when spec.os.name is windows. + properties: + level: + description: Level is SELinux level label that applies to + the container. + type: string + role: + description: Role is a SELinux role label that applies to + the container. + type: string + type: + description: Type is a SELinux type label that applies to + the container. + type: string + user: + description: User is a SELinux user label that applies to + the container. + type: string + type: object + seccompProfile: + description: The seccomp options to use by the containers in this + pod. Note that this field cannot be set when spec.os.name is + windows. + properties: + localhostProfile: + description: localhostProfile indicates a profile defined + in a file on the node should be used. The profile must be + preconfigured on the node to work. Must be a descending + path, relative to the kubelet's configured seccomp profile + location. Must only be set if type is "Localhost". + type: string + type: + description: "type indicates which kind of seccomp profile + will be applied. Valid options are: \n Localhost - a profile + defined in a file on the node should be used. RuntimeDefault + - the container runtime default profile should be used. + Unconfined - no profile should be applied." + type: string + required: + - type + type: object + supplementalGroups: + description: A list of groups applied to the first process run + in each container, in addition to the container's primary GID, + the fsGroup (if specified), and group memberships defined in + the container image for the uid of the container process. If + unspecified, no additional groups are added to any container. + Note that group memberships defined in the container image for + the uid of the container process are still effective, even if + they are not included in this list. Note that this field cannot + be set when spec.os.name is windows. + items: + format: int64 + type: integer + type: array + sysctls: + description: Sysctls hold a list of namespaced sysctls used for + the pod. Pods with unsupported sysctls (by the container runtime) + might fail to launch. Note that this field cannot be set when + spec.os.name is windows. + items: + description: Sysctl defines a kernel parameter to be set + properties: + name: + description: Name of a property to set + type: string + value: + description: Value of a property to set + type: string + required: + - name + - value + type: object + type: array + windowsOptions: + description: The Windows specific settings applied to all containers. + If unspecified, the options within a container's SecurityContext + will be used. If set in both SecurityContext and PodSecurityContext, + the value specified in SecurityContext takes precedence. Note + that this field cannot be set when spec.os.name is linux. + properties: + gmsaCredentialSpec: + description: GMSACredentialSpec is where the GMSA admission + webhook (https://github.com/kubernetes-sigs/windows-gmsa) + inlines the contents of the GMSA credential spec named by + the GMSACredentialSpecName field. + type: string + gmsaCredentialSpecName: + description: GMSACredentialSpecName is the name of the GMSA + credential spec to use. + type: string + hostProcess: + description: HostProcess determines if a container should + be run as a 'Host Process' container. This field is alpha-level + and will only be honored by components that enable the WindowsHostProcessContainers + feature flag. Setting this field without the feature flag + will result in errors when validating the Pod. All of a + Pod's containers must have the same effective HostProcess + value (it is not allowed to have a mix of HostProcess containers + and non-HostProcess containers). In addition, if HostProcess + is true then HostNetwork must also be set to true. + type: boolean + runAsUserName: + description: The UserName in Windows to run the entrypoint + of the container process. Defaults to the user specified + in image metadata if unspecified. May also be set in PodSecurityContext. + If set in both SecurityContext and PodSecurityContext, the + value specified in SecurityContext takes precedence. + type: string + type: object + type: object + serviceAccount: + description: ServiceAccount + type: string + services: + description: Services Kubernetes services to be created for each workload. + items: + description: Service is a named abstraction of software service + (for example, mysql) consisting of local port (for example 3306) + that the proxy listens on, and the selector that determines which + pods will answer requests sent through the proxy. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this + representation of an object. Servers should convert recognized + schemas to the latest internal value, and may reject unrecognized + values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource + this object represents. Servers may infer this from the endpoint + the client submits requests to. Cannot be updated. In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + description: 'Standard object''s metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata' + properties: + annotations: + additionalProperties: + type: string + type: object + finalizers: + items: + type: string + type: array + labels: + additionalProperties: + type: string + type: object + name: + type: string + namespace: + type: string + type: object + spec: + description: Spec defines the behavior of a service. https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status + properties: + allocateLoadBalancerNodePorts: + description: allocateLoadBalancerNodePorts defines if NodePorts + will be automatically allocated for services with type + LoadBalancer. Default is "true". It may be set to "false" + if the cluster load-balancer does not rely on NodePorts. If + the caller requests specific NodePorts (by specifying + a value), those requests will be respected, regardless + of this field. This field may only be set for services + with type LoadBalancer and will be cleared if the type + is changed to any other type. + type: boolean + clusterIP: + description: 'clusterIP is the IP address of the service + and is usually assigned randomly. If an address is specified + manually, is in-range (as per system configuration), and + is not in use, it will be allocated to the service; otherwise + creation of the service will fail. This field may not + be changed through updates unless the type field is also + being changed to ExternalName (which requires this field + to be blank) or the type field is being changed from ExternalName + (in which case this field may optionally be specified, + as describe above). Valid values are "None", empty string + (""), or a valid IP address. Setting this to "None" makes + a "headless service" (no virtual IP), which is useful + when direct endpoint connections are preferred and proxying + is not required. Only applies to types ClusterIP, NodePort, + and LoadBalancer. If this field is specified when creating + a Service of type ExternalName, creation will fail. This + field will be wiped when updating a Service to type ExternalName. + More info: https://kubernetes.io/docs/concepts/services-networking/service/#virtual-ips-and-service-proxies' + type: string + clusterIPs: + description: "ClusterIPs is a list of IP addresses assigned + to this service, and are usually assigned randomly. If + an address is specified manually, is in-range (as per + system configuration), and is not in use, it will be allocated + to the service; otherwise creation of the service will + fail. This field may not be changed through updates unless + the type field is also being changed to ExternalName (which + requires this field to be empty) or the type field is + being changed from ExternalName (in which case this field + may optionally be specified, as describe above). Valid + values are \"None\", empty string (\"\"), or a valid IP + address. Setting this to \"None\" makes a \"headless + service\" (no virtual IP), which is useful when direct + endpoint connections are preferred and proxying is not + required. Only applies to types ClusterIP, NodePort, + and LoadBalancer. If this field is specified when creating + a Service of type ExternalName, creation will fail. This + field will be wiped when updating a Service to type ExternalName. + \ If this field is not specified, it will be initialized + from the clusterIP field. If this field is specified, + clients must ensure that clusterIPs[0] and clusterIP have + the same value. \n This field may hold a maximum of two + entries (dual-stack IPs, in either order). These IPs must + correspond to the values of the ipFamilies field. Both + clusterIPs and ipFamilies are governed by the ipFamilyPolicy + field. More info: https://kubernetes.io/docs/concepts/services-networking/service/#virtual-ips-and-service-proxies" + items: + type: string + type: array + x-kubernetes-list-type: atomic + externalIPs: + description: externalIPs is a list of IP addresses for which + nodes in the cluster will also accept traffic for this + service. These IPs are not managed by Kubernetes. The + user is responsible for ensuring that traffic arrives + at a node with this IP. A common example is external + load-balancers that are not part of the Kubernetes system. + items: + type: string + type: array + externalName: + description: externalName is the external reference that + discovery mechanisms will return as an alias for this + service (e.g. a DNS CNAME record). No proxying will be + involved. Must be a lowercase RFC-1123 hostname (https://tools.ietf.org/html/rfc1123) + and requires `type` to be "ExternalName". + type: string + externalTrafficPolicy: + description: externalTrafficPolicy describes how nodes distribute + service traffic they receive on one of the Service's "externally-facing" + addresses (NodePorts, ExternalIPs, and LoadBalancer IPs). + If set to "Local", the proxy will configure the service + in a way that assumes that external load balancers will + take care of balancing the service traffic between nodes, + and so each node will deliver traffic only to the node-local + endpoints of the service, without masquerading the client + source IP. (Traffic mistakenly sent to a node with no + endpoints will be dropped.) The default value, "Cluster", + uses the standard behavior of routing to all endpoints + evenly (possibly modified by topology and other features). + Note that traffic sent to an External IP or LoadBalancer + IP from within the cluster will always get "Cluster" semantics, + but clients sending to a NodePort from within the cluster + may need to take traffic policy into account when picking + a node. + type: string + healthCheckNodePort: + description: healthCheckNodePort specifies the healthcheck + nodePort for the service. This only applies when type + is set to LoadBalancer and externalTrafficPolicy is set + to Local. If a value is specified, is in-range, and is + not in use, it will be used. If not specified, a value + will be automatically allocated. External systems (e.g. + load-balancers) can use this port to determine if a given + node holds endpoints for this service or not. If this + field is specified when creating a Service which does + not need it, creation will fail. This field will be wiped + when updating a Service to no longer need it (e.g. changing + type). This field cannot be updated once set. + format: int32 + type: integer + internalTrafficPolicy: + description: InternalTrafficPolicy describes how nodes distribute + service traffic they receive on the ClusterIP. If set + to "Local", the proxy will assume that pods only want + to talk to endpoints of the service on the same node as + the pod, dropping the traffic if there are no local endpoints. + The default value, "Cluster", uses the standard behavior + of routing to all endpoints evenly (possibly modified + by topology and other features). + type: string + ipFamilies: + description: "IPFamilies is a list of IP families (e.g. + IPv4, IPv6) assigned to this service. This field is usually + assigned automatically based on cluster configuration + and the ipFamilyPolicy field. If this field is specified + manually, the requested family is available in the cluster, + and ipFamilyPolicy allows it, it will be used; otherwise + creation of the service will fail. This field is conditionally + mutable: it allows for adding or removing a secondary + IP family, but it does not allow changing the primary + IP family of the Service. Valid values are \"IPv4\" and + \"IPv6\". This field only applies to Services of types + ClusterIP, NodePort, and LoadBalancer, and does apply + to \"headless\" services. This field will be wiped when + updating a Service to type ExternalName. \n This field + may hold a maximum of two entries (dual-stack families, + in either order). These families must correspond to the + values of the clusterIPs field, if specified. Both clusterIPs + and ipFamilies are governed by the ipFamilyPolicy field." + items: + description: IPFamily represents the IP Family (IPv4 or + IPv6). This type is used to express the family of an + IP expressed by a type (e.g. service.spec.ipFamilies). + type: string + type: array + x-kubernetes-list-type: atomic + ipFamilyPolicy: + description: IPFamilyPolicy represents the dual-stack-ness + requested or required by this Service. If there is no + value provided, then this field will be set to SingleStack. + Services can be "SingleStack" (a single IP family), "PreferDualStack" + (two IP families on dual-stack configured clusters or + a single IP family on single-stack clusters), or "RequireDualStack" + (two IP families on dual-stack configured clusters, otherwise + fail). The ipFamilies and clusterIPs fields depend on + the value of this field. This field will be wiped when + updating a service to type ExternalName. + type: string + loadBalancerClass: + description: loadBalancerClass is the class of the load + balancer implementation this Service belongs to. If specified, + the value of this field must be a label-style identifier, + with an optional prefix, e.g. "internal-vip" or "example.com/internal-vip". + Unprefixed names are reserved for end-users. This field + can only be set when the Service type is 'LoadBalancer'. + If not set, the default load balancer implementation is + used, today this is typically done through the cloud provider + integration, but should apply for any default implementation. + If set, it is assumed that a load balancer implementation + is watching for Services with a matching class. Any default + load balancer implementation (e.g. cloud providers) should + ignore Services that set this field. This field can only + be set when creating or updating a Service to type 'LoadBalancer'. + Once set, it can not be changed. This field will be wiped + when a service is updated to a non 'LoadBalancer' type. + type: string + loadBalancerIP: + description: 'Only applies to Service Type: LoadBalancer. + This feature depends on whether the underlying cloud-provider + supports specifying the loadBalancerIP when a load balancer + is created. This field will be ignored if the cloud-provider + does not support the feature. Deprecated: This field was + under-specified and its meaning varies across implementations, + and it cannot support dual-stack. As of Kubernetes v1.24, + users are encouraged to use implementation-specific annotations + when available. This field may be removed in a future + API version.' + type: string + loadBalancerSourceRanges: + description: 'If specified and supported by the platform, + this will restrict traffic through the cloud-provider + load-balancer will be restricted to the specified client + IPs. This field will be ignored if the cloud-provider + does not support the feature." More info: https://kubernetes.io/docs/tasks/access-application-cluster/create-external-load-balancer/' + items: + type: string + type: array + ports: + description: 'The list of ports that are exposed by this + service. More info: https://kubernetes.io/docs/concepts/services-networking/service/#virtual-ips-and-service-proxies' + items: + description: ServicePort contains information on service's + port. + properties: + appProtocol: + description: The application protocol for this port. + This field follows standard Kubernetes label syntax. + Un-prefixed names are reserved for IANA standard + service names (as per RFC-6335 and https://www.iana.org/assignments/service-names). + Non-standard protocols should use prefixed names + such as mycompany.com/my-custom-protocol. + type: string + name: + description: The name of this port within the service. + This must be a DNS_LABEL. All ports within a ServiceSpec + must have unique names. When considering the endpoints + for a Service, this must match the 'name' field + in the EndpointPort. Optional if only one ServicePort + is defined on this service. + type: string + nodePort: + description: 'The port on each node on which this + service is exposed when type is NodePort or LoadBalancer. Usually + assigned by the system. If a value is specified, + in-range, and not in use it will be used, otherwise + the operation will fail. If not specified, a port + will be allocated if this Service requires one. If + this field is specified when creating a Service + which does not need it, creation will fail. This + field will be wiped when updating a Service to no + longer need it (e.g. changing type from NodePort + to ClusterIP). More info: https://kubernetes.io/docs/concepts/services-networking/service/#type-nodeport' + format: int32 + type: integer + port: + description: The port that will be exposed by this + service. + format: int32 + type: integer + protocol: + default: TCP + description: The IP protocol for this port. Supports + "TCP", "UDP", and "SCTP". Default is TCP. + type: string + targetPort: + anyOf: + - type: integer + - type: string + description: 'Number or name of the port to access + on the pods targeted by the service. Number must + be in the range 1 to 65535. Name must be an IANA_SVC_NAME. + If this is a string, it will be looked up as a named + port in the target Pod''s container ports. If this + is not specified, the value of the ''port'' field + is used (an identity map). This field is ignored + for services with clusterIP=None, and should be + omitted or set equal to the ''port'' field. More + info: https://kubernetes.io/docs/concepts/services-networking/service/#defining-a-service' + x-kubernetes-int-or-string: true + required: + - port + type: object + type: array + x-kubernetes-list-map-keys: + - port + - protocol + x-kubernetes-list-type: map + publishNotReadyAddresses: + description: publishNotReadyAddresses indicates that any + agent which deals with endpoints for this Service should + disregard any indications of ready/not-ready. The primary + use case for setting this field is for a StatefulSet's + Headless Service to propagate SRV DNS records for its + Pods for the purpose of peer discovery. The Kubernetes + controllers that generate Endpoints and EndpointSlice + resources for Services interpret this to mean that all + endpoints are considered "ready" even if the Pods themselves + are not. Agents which consume only Kubernetes generated + endpoints through the Endpoints or EndpointSlice resources + can safely assume this behavior. + type: boolean + selector: + additionalProperties: + type: string + description: 'Route service traffic to pods with label keys + and values matching this selector. If empty or not present, + the service is assumed to have an external process managing + its endpoints, which Kubernetes will not modify. Only + applies to types ClusterIP, NodePort, and LoadBalancer. + Ignored if type is ExternalName. More info: https://kubernetes.io/docs/concepts/services-networking/service/' + type: object + x-kubernetes-map-type: atomic + sessionAffinity: + description: 'Supports "ClientIP" and "None". Used to maintain + session affinity. Enable client IP based session affinity. + Must be ClientIP or None. Defaults to None. More info: + https://kubernetes.io/docs/concepts/services-networking/service/#virtual-ips-and-service-proxies' + type: string + sessionAffinityConfig: + description: sessionAffinityConfig contains the configurations + of session affinity. + properties: + clientIP: + description: clientIP contains the configurations of + Client IP based session affinity. + properties: + timeoutSeconds: + description: timeoutSeconds specifies the seconds + of ClientIP type session sticky time. The value + must be >0 && <=86400(for 1 day) if ServiceAffinity + == "ClientIP". Default value is 10800(for 3 hours). + format: int32 + type: integer + type: object + type: object + type: + description: 'type determines how the Service is exposed. + Defaults to ClusterIP. Valid options are ExternalName, + ClusterIP, NodePort, and LoadBalancer. "ClusterIP" allocates + a cluster-internal IP address for load-balancing to endpoints. + Endpoints are determined by the selector or if that is + not specified, by manual construction of an Endpoints + object or EndpointSlice objects. If clusterIP is "None", + no virtual IP is allocated and the endpoints are published + as a set of endpoints rather than a virtual IP. "NodePort" + builds on ClusterIP and allocates a port on every node + which routes to the same endpoints as the clusterIP. "LoadBalancer" + builds on NodePort and creates an external load-balancer + (if supported in the current cloud) which routes to the + same endpoints as the clusterIP. "ExternalName" aliases + this service to the specified externalName. Several other + fields do not apply to ExternalName services. More info: + https://kubernetes.io/docs/concepts/services-networking/service/#publishing-services-service-types' + type: string + type: object + status: + description: 'Most recently observed status of the service. + Populated by the system. Read-only. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status' + properties: + conditions: + description: Current service state + items: + description: "Condition contains details for one aspect + of the current state of this API Resource. --- This + struct is intended for direct use as an array at the + field path .status.conditions. For example, \n type + FooStatus struct{ // Represents the observations of + a foo's current state. // Known .status.conditions.type + are: \"Available\", \"Progressing\", and \"Degraded\" + // +patchMergeKey=type // +patchStrategy=merge // +listType=map + // +listMapKey=type Conditions []metav1.Condition `json:\"conditions,omitempty\" + patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` + \n // other fields }" + properties: + lastTransitionTime: + description: lastTransitionTime is the last time the + condition transitioned from one status to another. + This should be when the underlying condition changed. If + that is not known, then using the time when the + API field changed is acceptable. + format: date-time + type: string + message: + description: message is a human readable message indicating + details about the transition. This may be an empty + string. + maxLength: 32768 + type: string + observedGeneration: + description: observedGeneration represents the .metadata.generation + that the condition was set based upon. For instance, + if .metadata.generation is currently 12, but the + .status.conditions[x].observedGeneration is 9, the + condition is out of date with respect to the current + state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: reason contains a programmatic identifier + indicating the reason for the condition's last transition. + Producers of specific condition types may define + expected values and meanings for this field, and + whether the values are considered a guaranteed API. + The value should be a CamelCase string. This field + may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, + False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: type of condition in CamelCase or in + foo.example.com/CamelCase. --- Many .condition.type + values are consistent across resources like Available, + but because arbitrary conditions can be useful (see + .node.status.conditions), the ability to deconflict + is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map + loadBalancer: + description: LoadBalancer contains the current status of + the load-balancer, if one is present. + properties: + ingress: + description: Ingress is a list containing ingress points + for the load-balancer. Traffic intended for the service + should be sent to these ingress points. + items: + description: 'LoadBalancerIngress represents the status + of a load-balancer ingress point: traffic intended + for the service should be sent to an ingress point.' + properties: + hostname: + description: Hostname is set for load-balancer + ingress points that are DNS based (typically + AWS load-balancers) + type: string + ip: + description: IP is set for load-balancer ingress + points that are IP based (typically GCE or OpenStack + load-balancers) + type: string + ports: + description: Ports is a list of records of service + ports If used, every port defined in the service + should have an entry in it + items: + properties: + error: + description: 'Error is to record the problem + with the service port The format of the + error shall comply with the following + rules: - built-in error values shall be + specified in this file and those shall + use CamelCase names - cloud provider specific + error values must have names that comply + with the format foo.example.com/CamelCase. + --- The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)' + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + port: + description: Port is the port number of + the service port of which status is recorded + here + format: int32 + type: integer + protocol: + default: TCP + description: 'Protocol is the protocol of + the service port of which status is recorded + here The supported values are: "TCP", + "UDP", "SCTP"' + type: string + required: + - port + - protocol + type: object + type: array + x-kubernetes-list-type: atomic + type: object + type: array + type: object + type: object + type: object + type: array + startScript: + default: /druid.sh + description: StartScript Path to Druid's start script to be run on + start. + type: string + startUpProbe: + description: StartUpProbe + properties: + exec: + description: Exec specifies the action to take. + properties: + command: + description: Command is the command line to execute inside + the container, the working directory for the command is + root ('/') in the container's filesystem. The command is + simply exec'd, it is not run inside a shell, so traditional + shell instructions ('|', etc) won't work. To use a shell, + you need to explicitly call out to that shell. Exit status + of 0 is treated as live/healthy and non-zero is unhealthy. + items: + type: string + type: array + type: object + failureThreshold: + description: Minimum consecutive failures for the probe to be + considered failed after having succeeded. Defaults to 3. Minimum + value is 1. + format: int32 + type: integer + grpc: + description: GRPC specifies an action involving a GRPC port. This + is a beta field and requires enabling GRPCContainerProbe feature + gate. + properties: + port: + description: Port number of the gRPC service. Number must + be in the range 1 to 65535. + format: int32 + type: integer + service: + description: "Service is the name of the service to place + in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + \n If this is not specified, the default behavior is defined + by gRPC." + type: string + required: + - port + type: object + httpGet: + description: HTTPGet specifies the http request to perform. + properties: + host: + description: Host name to connect to, defaults to the pod + IP. You probably want to set "Host" in httpHeaders instead. + type: string + httpHeaders: + description: Custom headers to set in the request. HTTP allows + repeated headers. + items: + description: HTTPHeader describes a custom header to be + used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: integer + - type: string + description: Name or number of the port to access on the container. + Number must be in the range 1 to 65535. Name must be an + IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: Scheme to use for connecting to the host. Defaults + to HTTP. + type: string + required: + - port + type: object + initialDelaySeconds: + description: 'Number of seconds after the container has started + before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + periodSeconds: + description: How often (in seconds) to perform the probe. Default + to 10 seconds. Minimum value is 1. + format: int32 + type: integer + successThreshold: + description: Minimum consecutive successes for the probe to be + considered successful after having failed. Defaults to 1. Must + be 1 for liveness and startup. Minimum value is 1. + format: int32 + type: integer + tcpSocket: + description: TCPSocket specifies an action involving a TCP port. + properties: + host: + description: 'Optional: Host name to connect to, defaults + to the pod IP.' + type: string + port: + anyOf: + - type: integer + - type: string + description: Number or name of the port to access on the container. + Number must be in the range 1 to 65535. Name must be an + IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + terminationGracePeriodSeconds: + description: Optional duration in seconds the pod needs to terminate + gracefully upon probe failure. The grace period is the duration + in seconds after the processes running in the pod are sent a + termination signal and the time when the processes are forcibly + halted with a kill signal. Set this value longer than the expected + cleanup time for your process. If this value is nil, the pod's + terminationGracePeriodSeconds will be used. Otherwise, this + value overrides the value provided by the pod spec. Value must + be non-negative integer. The value zero indicates stop immediately + via the kill signal (no opportunity to shut down). This is a + beta field and requires enabling ProbeTerminationGracePeriod + feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds + is used if unset. + format: int64 + type: integer + timeoutSeconds: + description: 'Number of seconds after which the probe times out. + Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + type: object + tolerations: + description: Tolerations Kubernetes native `tolerations` specification. + items: + description: The pod this Toleration is attached to tolerates any + taint that matches the triple using the matching + operator . + properties: + effect: + description: Effect indicates the taint effect to match. Empty + means match all taint effects. When specified, allowed values + are NoSchedule, PreferNoSchedule and NoExecute. + type: string + key: + description: Key is the taint key that the toleration applies + to. Empty means match all taint keys. If the key is empty, + operator must be Exists; this combination means to match all + values and all keys. + type: string + operator: + description: Operator represents a key's relationship to the + value. Valid operators are Exists and Equal. Defaults to Equal. + Exists is equivalent to wildcard for value, so that a pod + can tolerate all taints of a particular category. + type: string + tolerationSeconds: + description: TolerationSeconds represents the period of time + the toleration (which must be of effect NoExecute, otherwise + this field is ignored) tolerates the taint. By default, it + is not set, which means tolerate the taint forever (do not + evict). Zero and negative values will be treated as 0 (evict + immediately) by the system. + format: int64 + type: integer + value: + description: Value is the taint value the toleration matches + to. If the operator is Exists, the value should be empty, + otherwise just a regular string. + type: string + type: object + type: array + updateStrategy: + description: UpdateStrategy + properties: + rollingUpdate: + description: RollingUpdate is used to communicate parameters when + Type is RollingUpdateStatefulSetStrategyType. + properties: + maxUnavailable: + anyOf: + - type: integer + - type: string + description: 'The maximum number of pods that can be unavailable + during the update. Value can be an absolute number (ex: + 5) or a percentage of desired pods (ex: 10%). Absolute number + is calculated from percentage by rounding up. This can not + be 0. Defaults to 1. This field is alpha-level and is only + honored by servers that enable the MaxUnavailableStatefulSet + feature. The field applies to all pods in the range 0 to + Replicas-1. That means if there is any unavailable pod in + the range 0 to Replicas-1, it will be counted towards MaxUnavailable.' + x-kubernetes-int-or-string: true + partition: + description: Partition indicates the ordinal at which the + StatefulSet should be partitioned for updates. During a + rolling update, all pods from ordinal Replicas-1 to Partition + are updated. All pods from ordinal Partition-1 to 0 remain + untouched. This is helpful in being able to do a canary + based deployment. The default value is 0. + format: int32 + type: integer + type: object + type: + description: Type indicates the type of the StatefulSetUpdateStrategy. + Default is RollingUpdate. + type: string + type: object + volumeClaimTemplates: + description: VolumeClaimTemplates Kubernetes Native `VolumeClaimTemplate` + specification. + items: + description: PersistentVolumeClaim is a user's request for and claim + to a persistent volume + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this + representation of an object. Servers should convert recognized + schemas to the latest internal value, and may reject unrecognized + values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource + this object represents. Servers may infer this from the endpoint + the client submits requests to. Cannot be updated. In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + description: 'Standard object''s metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata' + properties: + annotations: + additionalProperties: + type: string + type: object + finalizers: + items: + type: string + type: array + labels: + additionalProperties: + type: string + type: object + name: + type: string + namespace: + type: string + type: object + spec: + description: 'spec defines the desired characteristics of a + volume requested by a pod author. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' + properties: + accessModes: + description: 'accessModes contains the desired access modes + the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1' + items: + type: string + type: array + dataSource: + description: 'dataSource field can be used to specify either: + * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) + * An existing PVC (PersistentVolumeClaim) If the provisioner + or an external controller can support the specified data + source, it will create a new volume based on the contents + of the specified data source. When the AnyVolumeDataSource + feature gate is enabled, dataSource contents will be copied + to dataSourceRef, and dataSourceRef contents will be copied + to dataSource when dataSourceRef.namespace is not specified. + If the namespace is specified, then dataSourceRef will + not be copied to dataSource.' + properties: + apiGroup: + description: APIGroup is the group for the resource + being referenced. If APIGroup is not specified, the + specified Kind must be in the core API group. For + any other third-party types, APIGroup is required. + type: string + kind: + description: Kind is the type of resource being referenced + type: string + name: + description: Name is the name of resource being referenced + type: string + required: + - kind + - name + type: object + x-kubernetes-map-type: atomic + dataSourceRef: + description: 'dataSourceRef specifies the object from which + to populate the volume with data, if a non-empty volume + is desired. This may be any object from a non-empty API + group (non core object) or a PersistentVolumeClaim object. + When this field is specified, volume binding will only + succeed if the type of the specified object matches some + installed volume populator or dynamic provisioner. This + field will replace the functionality of the dataSource + field and as such if both fields are non-empty, they must + have the same value. For backwards compatibility, when + namespace isn''t specified in dataSourceRef, both fields + (dataSource and dataSourceRef) will be set to the same + value automatically if one of them is empty and the other + is non-empty. When namespace is specified in dataSourceRef, + dataSource isn''t set to the same value and must be empty. + There are three important differences between dataSource + and dataSourceRef: * While dataSource only allows two + specific types of objects, dataSourceRef allows any non-core + object, as well as PersistentVolumeClaim objects. * While + dataSource ignores disallowed values (dropping them), + dataSourceRef preserves all values, and generates an error + if a disallowed value is specified. * While dataSource + only allows local objects, dataSourceRef allows objects + in any namespaces. (Beta) Using this field requires the + AnyVolumeDataSource feature gate to be enabled. (Alpha) + Using the namespace field of dataSourceRef requires the + CrossNamespaceVolumeDataSource feature gate to be enabled.' + properties: + apiGroup: + description: APIGroup is the group for the resource + being referenced. If APIGroup is not specified, the + specified Kind must be in the core API group. For + any other third-party types, APIGroup is required. + type: string + kind: + description: Kind is the type of resource being referenced + type: string + name: + description: Name is the name of resource being referenced + type: string + namespace: + description: Namespace is the namespace of resource + being referenced Note that when a namespace is specified, + a gateway.networking.k8s.io/ReferenceGrant object + is required in the referent namespace to allow that + namespace's owner to accept the reference. See the + ReferenceGrant documentation for details. (Alpha) + This field requires the CrossNamespaceVolumeDataSource + feature gate to be enabled. + type: string + required: + - kind + - name + type: object + resources: + description: 'resources represents the minimum resources + the volume should have. If RecoverVolumeExpansionFailure + feature is enabled users are allowed to specify resource + requirements that are lower than previous value but must + still be higher than capacity recorded in the status field + of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources' + properties: + claims: + description: "Claims lists the names of resources, defined + in spec.resourceClaims, that are used by this container. + \n This is an alpha field and requires enabling the + DynamicResourceAllocation feature gate. \n This field + is immutable. It can only be set for containers." + items: + description: ResourceClaim references one entry in + PodSpec.ResourceClaims. + properties: + name: + description: Name must match the name of one entry + in pod.spec.resourceClaims of the Pod where + this field is used. It makes that resource available + inside a container. + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum amount of + compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum amount + of compute resources required. If Requests is omitted + for a container, it defaults to Limits if that is + explicitly specified, otherwise to an implementation-defined + value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + type: object + selector: + description: selector is a label query over volumes to consider + for binding. + properties: + matchExpressions: + description: matchExpressions is a list of label selector + requirements. The requirements are ANDed. + items: + description: A label selector requirement is a selector + that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector + applies to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are In, + NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. + If the operator is In or NotIn, the values array + must be non-empty. If the operator is Exists + or DoesNotExist, the values array must be empty. + This array is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} pairs. + A single {key,value} in the matchLabels map is equivalent + to an element of matchExpressions, whose key field + is "key", the operator is "In", and the values array + contains only "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + storageClassName: + description: 'storageClassName is the name of the StorageClass + required by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1' + type: string + volumeMode: + description: volumeMode defines what type of volume is required + by the claim. Value of Filesystem is implied when not + included in claim spec. + type: string + volumeName: + description: volumeName is the binding reference to the + PersistentVolume backing this claim. + type: string + type: object + status: + description: 'status represents the current information/status + of a persistent volume claim. Read-only. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' + properties: + accessModes: + description: 'accessModes contains the actual access modes + the volume backing the PVC has. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1' + items: + type: string + type: array + allocatedResources: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: allocatedResources is the storage resource + within AllocatedResources tracks the capacity allocated + to a PVC. It may be larger than the actual capacity when + a volume expansion operation is requested. For storage + quota, the larger value from allocatedResources and PVC.spec.resources + is used. If allocatedResources is not set, PVC.spec.resources + alone is used for quota calculation. If a volume expansion + capacity request is lowered, allocatedResources is only + lowered if there are no expansion operations in progress + and if the actual volume capacity is equal or lower than + the requested capacity. This is an alpha field and requires + enabling RecoverVolumeExpansionFailure feature. + type: object + capacity: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: capacity represents the actual resources of + the underlying volume. + type: object + conditions: + description: conditions is the current Condition of persistent + volume claim. If underlying persistent volume is being + resized then the Condition will be set to 'ResizeStarted'. + items: + description: PersistentVolumeClaimCondition contails details + about state of pvc + properties: + lastProbeTime: + description: lastProbeTime is the time we probed the + condition. + format: date-time + type: string + lastTransitionTime: + description: lastTransitionTime is the time the condition + transitioned from one status to another. + format: date-time + type: string + message: + description: message is the human-readable message + indicating details about last transition. + type: string + reason: + description: reason is a unique, this should be a + short, machine understandable string that gives + the reason for condition's last transition. If it + reports "ResizeStarted" that means the underlying + persistent volume is being resized. + type: string + status: + type: string + type: + description: PersistentVolumeClaimConditionType is + a valid value of PersistentVolumeClaimCondition.Type + type: string + required: + - status + - type + type: object + type: array + phase: + description: phase represents the current phase of PersistentVolumeClaim. + type: string + resizeStatus: + description: resizeStatus stores status of resize operation. + ResizeStatus is not set by default but when expansion + is complete resizeStatus is set to empty string by resize + controller or kubelet. This is an alpha field and requires + enabling RecoverVolumeExpansionFailure feature. + type: string + type: object + type: object + type: array + volumeMounts: + description: VolumeMounts Kubernetes Native `VolumeMount` specification. + items: + description: VolumeMount describes a mounting of a Volume within + a container. + properties: + mountPath: + description: Path within the container at which the volume should + be mounted. Must not contain ':'. + type: string + mountPropagation: + description: mountPropagation determines how mounts are propagated + from the host to container and the other way around. When + not set, MountPropagationNone is used. This field is beta + in 1.10. + type: string + name: + description: This must match the Name of a Volume. + type: string + readOnly: + description: Mounted read-only if true, read-write otherwise + (false or unspecified). Defaults to false. + type: boolean + subPath: + description: Path within the volume from which the container's + volume should be mounted. Defaults to "" (volume's root). + type: string + subPathExpr: + description: Expanded path within the volume from which the + container's volume should be mounted. Behaves similarly to + SubPath but environment variable references $(VAR_NAME) are + expanded using the container's environment. Defaults to "" + (volume's root). SubPathExpr and SubPath are mutually exclusive. + type: string + required: + - mountPath + - name + type: object + type: array + volumes: + description: Volumes Kubernetes Native `Volumes` specification. + items: + description: Volume represents a named volume in a pod that may + be accessed by any container in the pod. + properties: + awsElasticBlockStore: + description: 'awsElasticBlockStore represents an AWS Disk resource + that is attached to a kubelet''s host machine and then exposed + to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' + properties: + fsType: + description: 'fsType is the filesystem type of the volume + that you want to mount. Tip: Ensure that the filesystem + type is supported by the host operating system. Examples: + "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" + if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore + TODO: how do we prevent errors in the filesystem from + compromising the machine' + type: string + partition: + description: 'partition is the partition in the volume that + you want to mount. If omitted, the default is to mount + by volume name. Examples: For volume /dev/sda1, you specify + the partition as "1". Similarly, the volume partition + for /dev/sda is "0" (or you can leave the property empty).' + format: int32 + type: integer + readOnly: + description: 'readOnly value true will force the readOnly + setting in VolumeMounts. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' + type: boolean + volumeID: + description: 'volumeID is unique ID of the persistent disk + resource in AWS (Amazon EBS volume). More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' + type: string + required: + - volumeID + type: object + azureDisk: + description: azureDisk represents an Azure Data Disk mount on + the host and bind mount to the pod. + properties: + cachingMode: + description: 'cachingMode is the Host Caching mode: None, + Read Only, Read Write.' + type: string + diskName: + description: diskName is the Name of the data disk in the + blob storage + type: string + diskURI: + description: diskURI is the URI of data disk in the blob + storage + type: string + fsType: + description: fsType is Filesystem type to mount. Must be + a filesystem type supported by the host operating system. + Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" + if unspecified. + type: string + kind: + description: 'kind expected values are Shared: multiple + blob disks per storage account Dedicated: single blob + disk per storage account Managed: azure managed data + disk (only in managed availability set). defaults to shared' + type: string + readOnly: + description: readOnly Defaults to false (read/write). ReadOnly + here will force the ReadOnly setting in VolumeMounts. + type: boolean + required: + - diskName + - diskURI + type: object + azureFile: + description: azureFile represents an Azure File Service mount + on the host and bind mount to the pod. + properties: + readOnly: + description: readOnly defaults to false (read/write). ReadOnly + here will force the ReadOnly setting in VolumeMounts. + type: boolean + secretName: + description: secretName is the name of secret that contains + Azure Storage Account Name and Key + type: string + shareName: + description: shareName is the azure share Name + type: string + required: + - secretName + - shareName + type: object + cephfs: + description: cephFS represents a Ceph FS mount on the host that + shares a pod's lifetime + properties: + monitors: + description: 'monitors is Required: Monitors is a collection + of Ceph monitors More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' + items: + type: string + type: array + path: + description: 'path is Optional: Used as the mounted root, + rather than the full Ceph tree, default is /' + type: string + readOnly: + description: 'readOnly is Optional: Defaults to false (read/write). + ReadOnly here will force the ReadOnly setting in VolumeMounts. + More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' + type: boolean + secretFile: + description: 'secretFile is Optional: SecretFile is the + path to key ring for User, default is /etc/ceph/user.secret + More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' + type: string + secretRef: + description: 'secretRef is Optional: SecretRef is reference + to the authentication secret for User, default is empty. + More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + type: object + x-kubernetes-map-type: atomic + user: + description: 'user is optional: User is the rados user name, + default is admin More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' + type: string + required: + - monitors + type: object + cinder: + description: 'cinder represents a cinder volume attached and + mounted on kubelets host machine. More info: https://examples.k8s.io/mysql-cinder-pd/README.md' + properties: + fsType: + description: 'fsType is the filesystem type to mount. Must + be a filesystem type supported by the host operating system. + Examples: "ext4", "xfs", "ntfs". Implicitly inferred to + be "ext4" if unspecified. More info: https://examples.k8s.io/mysql-cinder-pd/README.md' + type: string + readOnly: + description: 'readOnly defaults to false (read/write). ReadOnly + here will force the ReadOnly setting in VolumeMounts. + More info: https://examples.k8s.io/mysql-cinder-pd/README.md' + type: boolean + secretRef: + description: 'secretRef is optional: points to a secret + object containing parameters used to connect to OpenStack.' + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + type: object + x-kubernetes-map-type: atomic + volumeID: + description: 'volumeID used to identify the volume in cinder. + More info: https://examples.k8s.io/mysql-cinder-pd/README.md' + type: string + required: + - volumeID + type: object + configMap: + description: configMap represents a configMap that should populate + this volume + properties: + defaultMode: + description: 'defaultMode is optional: mode bits used to + set permissions on created files by default. Must be an + octal value between 0000 and 0777 or a decimal value between + 0 and 511. YAML accepts both octal and decimal values, + JSON requires decimal values for mode bits. Defaults to + 0644. Directories within the path are not affected by + this setting. This might be in conflict with other options + that affect the file mode, like fsGroup, and the result + can be other mode bits set.' + format: int32 + type: integer + items: + description: items if unspecified, each key-value pair in + the Data field of the referenced ConfigMap will be projected + into the volume as a file whose name is the key and content + is the value. If specified, the listed keys will be projected + into the specified paths, and unlisted keys will not be + present. If a key is specified which is not present in + the ConfigMap, the volume setup will error unless it is + marked optional. Paths must be relative and may not contain + the '..' path or start with '..'. + items: + description: Maps a string key to a path within a volume. + properties: + key: + description: key is the key to project. + type: string + mode: + description: 'mode is Optional: mode bits used to + set permissions on this file. Must be an octal value + between 0000 and 0777 or a decimal value between + 0 and 511. YAML accepts both octal and decimal values, + JSON requires decimal values for mode bits. If not + specified, the volume defaultMode will be used. + This might be in conflict with other options that + affect the file mode, like fsGroup, and the result + can be other mode bits set.' + format: int32 + type: integer + path: + description: path is the relative path of the file + to map the key to. May not be an absolute path. + May not contain the path element '..'. May not start + with the string '..'. + type: string + required: + - key + - path + type: object + type: array + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + optional: + description: optional specify whether the ConfigMap or its + keys must be defined + type: boolean + type: object + x-kubernetes-map-type: atomic + csi: + description: csi (Container Storage Interface) represents ephemeral + storage that is handled by certain external CSI drivers (Beta + feature). + properties: + driver: + description: driver is the name of the CSI driver that handles + this volume. Consult with your admin for the correct name + as registered in the cluster. + type: string + fsType: + description: fsType to mount. Ex. "ext4", "xfs", "ntfs". + If not provided, the empty value is passed to the associated + CSI driver which will determine the default filesystem + to apply. + type: string + nodePublishSecretRef: + description: nodePublishSecretRef is a reference to the + secret object containing sensitive information to pass + to the CSI driver to complete the CSI NodePublishVolume + and NodeUnpublishVolume calls. This field is optional, + and may be empty if no secret is required. If the secret + object contains more than one secret, all secret references + are passed. + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + type: object + x-kubernetes-map-type: atomic + readOnly: + description: readOnly specifies a read-only configuration + for the volume. Defaults to false (read/write). + type: boolean + volumeAttributes: + additionalProperties: + type: string + description: volumeAttributes stores driver-specific properties + that are passed to the CSI driver. Consult your driver's + documentation for supported values. + type: object + required: + - driver + type: object + downwardAPI: + description: downwardAPI represents downward API about the pod + that should populate this volume + properties: + defaultMode: + description: 'Optional: mode bits to use on created files + by default. Must be a Optional: mode bits used to set + permissions on created files by default. Must be an octal + value between 0000 and 0777 or a decimal value between + 0 and 511. YAML accepts both octal and decimal values, + JSON requires decimal values for mode bits. Defaults to + 0644. Directories within the path are not affected by + this setting. This might be in conflict with other options + that affect the file mode, like fsGroup, and the result + can be other mode bits set.' + format: int32 + type: integer + items: + description: Items is a list of downward API volume file + items: + description: DownwardAPIVolumeFile represents information + to create the file containing the pod field + properties: + fieldRef: + description: 'Required: Selects a field of the pod: + only annotations, labels, name and namespace are + supported.' + properties: + apiVersion: + description: Version of the schema the FieldPath + is written in terms of, defaults to "v1". + type: string + fieldPath: + description: Path of the field to select in the + specified API version. + type: string + required: + - fieldPath + type: object + x-kubernetes-map-type: atomic + mode: + description: 'Optional: mode bits used to set permissions + on this file, must be an octal value between 0000 + and 0777 or a decimal value between 0 and 511. YAML + accepts both octal and decimal values, JSON requires + decimal values for mode bits. If not specified, + the volume defaultMode will be used. This might + be in conflict with other options that affect the + file mode, like fsGroup, and the result can be other + mode bits set.' + format: int32 + type: integer + path: + description: 'Required: Path is the relative path + name of the file to be created. Must not be absolute + or contain the ''..'' path. Must be utf-8 encoded. + The first item of the relative path must not start + with ''..''' + type: string + resourceFieldRef: + description: 'Selects a resource of the container: + only resources limits and requests (limits.cpu, + limits.memory, requests.cpu and requests.memory) + are currently supported.' + properties: + containerName: + description: 'Container name: required for volumes, + optional for env vars' + type: string + divisor: + anyOf: + - type: integer + - type: string + description: Specifies the output format of the + exposed resources, defaults to "1" + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + description: 'Required: resource to select' + type: string + required: + - resource + type: object + x-kubernetes-map-type: atomic + required: + - path + type: object + type: array + type: object + emptyDir: + description: 'emptyDir represents a temporary directory that + shares a pod''s lifetime. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' + properties: + medium: + description: 'medium represents what type of storage medium + should back this directory. The default is "" which means + to use the node''s default medium. Must be an empty string + (default) or Memory. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' + type: string + sizeLimit: + anyOf: + - type: integer + - type: string + description: 'sizeLimit is the total amount of local storage + required for this EmptyDir volume. The size limit is also + applicable for memory medium. The maximum usage on memory + medium EmptyDir would be the minimum value between the + SizeLimit specified here and the sum of memory limits + of all containers in a pod. The default is nil which means + that the limit is undefined. More info: http://kubernetes.io/docs/user-guide/volumes#emptydir' + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + ephemeral: + description: "ephemeral represents a volume that is handled + by a cluster storage driver. The volume's lifecycle is tied + to the pod that defines it - it will be created before the + pod starts, and deleted when the pod is removed. \n Use this + if: a) the volume is only needed while the pod runs, b) features + of normal volumes like restoring from snapshot or capacity + tracking are needed, c) the storage driver is specified through + a storage class, and d) the storage driver supports dynamic + volume provisioning through a PersistentVolumeClaim (see EphemeralVolumeSource + for more information on the connection between this volume + type and PersistentVolumeClaim). \n Use PersistentVolumeClaim + or one of the vendor-specific APIs for volumes that persist + for longer than the lifecycle of an individual pod. \n Use + CSI for light-weight local ephemeral volumes if the CSI driver + is meant to be used that way - see the documentation of the + driver for more information. \n A pod can use both types of + ephemeral volumes and persistent volumes at the same time." + properties: + volumeClaimTemplate: + description: "Will be used to create a stand-alone PVC to + provision the volume. The pod in which this EphemeralVolumeSource + is embedded will be the owner of the PVC, i.e. the PVC + will be deleted together with the pod. The name of the + PVC will be `-` where `` is the name from the `PodSpec.Volumes` array entry. + Pod validation will reject the pod if the concatenated + name is not valid for a PVC (for example, too long). \n + An existing PVC with that name that is not owned by the + pod will *not* be used for the pod to avoid using an unrelated + volume by mistake. Starting the pod is then blocked until + the unrelated PVC is removed. If such a pre-created PVC + is meant to be used by the pod, the PVC has to updated + with an owner reference to the pod once the pod exists. + Normally this should not be necessary, but it may be useful + when manually reconstructing a broken cluster. \n This + field is read-only and no changes will be made by Kubernetes + to the PVC after it has been created. \n Required, must + not be nil." + properties: + metadata: + description: May contain labels and annotations that + will be copied into the PVC when creating it. No other + fields are allowed and will be rejected during validation. + properties: + annotations: + additionalProperties: + type: string + type: object + finalizers: + items: + type: string + type: array + labels: + additionalProperties: + type: string + type: object + name: + type: string + namespace: + type: string + type: object + spec: + description: The specification for the PersistentVolumeClaim. + The entire content is copied unchanged into the PVC + that gets created from this template. The same fields + as in a PersistentVolumeClaim are also valid here. + properties: + accessModes: + description: 'accessModes contains the desired access + modes the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1' + items: + type: string + type: array + dataSource: + description: 'dataSource field can be used to specify + either: * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) + * An existing PVC (PersistentVolumeClaim) If the + provisioner or an external controller can support + the specified data source, it will create a new + volume based on the contents of the specified + data source. When the AnyVolumeDataSource feature + gate is enabled, dataSource contents will be copied + to dataSourceRef, and dataSourceRef contents will + be copied to dataSource when dataSourceRef.namespace + is not specified. If the namespace is specified, + then dataSourceRef will not be copied to dataSource.' + properties: + apiGroup: + description: APIGroup is the group for the resource + being referenced. If APIGroup is not specified, + the specified Kind must be in the core API + group. For any other third-party types, APIGroup + is required. + type: string + kind: + description: Kind is the type of resource being + referenced + type: string + name: + description: Name is the name of resource being + referenced + type: string + required: + - kind + - name + type: object + x-kubernetes-map-type: atomic + dataSourceRef: + description: 'dataSourceRef specifies the object + from which to populate the volume with data, if + a non-empty volume is desired. This may be any + object from a non-empty API group (non core object) + or a PersistentVolumeClaim object. When this field + is specified, volume binding will only succeed + if the type of the specified object matches some + installed volume populator or dynamic provisioner. + This field will replace the functionality of the + dataSource field and as such if both fields are + non-empty, they must have the same value. For + backwards compatibility, when namespace isn''t + specified in dataSourceRef, both fields (dataSource + and dataSourceRef) will be set to the same value + automatically if one of them is empty and the + other is non-empty. When namespace is specified + in dataSourceRef, dataSource isn''t set to the + same value and must be empty. There are three + important differences between dataSource and dataSourceRef: + * While dataSource only allows two specific types + of objects, dataSourceRef allows any non-core + object, as well as PersistentVolumeClaim objects. + * While dataSource ignores disallowed values (dropping + them), dataSourceRef preserves all values, and + generates an error if a disallowed value is specified. + * While dataSource only allows local objects, + dataSourceRef allows objects in any namespaces. + (Beta) Using this field requires the AnyVolumeDataSource + feature gate to be enabled. (Alpha) Using the + namespace field of dataSourceRef requires the + CrossNamespaceVolumeDataSource feature gate to + be enabled.' + properties: + apiGroup: + description: APIGroup is the group for the resource + being referenced. If APIGroup is not specified, + the specified Kind must be in the core API + group. For any other third-party types, APIGroup + is required. + type: string + kind: + description: Kind is the type of resource being + referenced + type: string + name: + description: Name is the name of resource being + referenced + type: string + namespace: + description: Namespace is the namespace of resource + being referenced Note that when a namespace + is specified, a gateway.networking.k8s.io/ReferenceGrant + object is required in the referent namespace + to allow that namespace's owner to accept + the reference. See the ReferenceGrant documentation + for details. (Alpha) This field requires the + CrossNamespaceVolumeDataSource feature gate + to be enabled. + type: string + required: + - kind + - name + type: object + resources: + description: 'resources represents the minimum resources + the volume should have. If RecoverVolumeExpansionFailure + feature is enabled users are allowed to specify + resource requirements that are lower than previous + value but must still be higher than capacity recorded + in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources' + properties: + claims: + description: "Claims lists the names of resources, + defined in spec.resourceClaims, that are used + by this container. \n This is an alpha field + and requires enabling the DynamicResourceAllocation + feature gate. \n This field is immutable. + It can only be set for containers." + items: + description: ResourceClaim references one + entry in PodSpec.ResourceClaims. + properties: + name: + description: Name must match the name + of one entry in pod.spec.resourceClaims + of the Pod where this field is used. + It makes that resource available inside + a container. + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum amount + of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum + amount of compute resources required. If Requests + is omitted for a container, it defaults to + Limits if that is explicitly specified, otherwise + to an implementation-defined value. More info: + https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + type: object + selector: + description: selector is a label query over volumes + to consider for binding. + properties: + matchExpressions: + description: matchExpressions is a list of label + selector requirements. The requirements are + ANDed. + items: + description: A label selector requirement + is a selector that contains values, a key, + and an operator that relates the key and + values. + properties: + key: + description: key is the label key that + the selector applies to. + type: string + operator: + description: operator represents a key's + relationship to a set of values. Valid + operators are In, NotIn, Exists and + DoesNotExist. + type: string + values: + description: values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. + If the operator is Exists or DoesNotExist, + the values array must be empty. This + array is replaced during a strategic + merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is + "In", and the values array contains only "value". + The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + storageClassName: + description: 'storageClassName is the name of the + StorageClass required by the claim. More info: + https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1' + type: string + volumeMode: + description: volumeMode defines what type of volume + is required by the claim. Value of Filesystem + is implied when not included in claim spec. + type: string + volumeName: + description: volumeName is the binding reference + to the PersistentVolume backing this claim. + type: string + type: object + required: + - spec + type: object + type: object + fc: + description: fc represents a Fibre Channel resource that is + attached to a kubelet's host machine and then exposed to the + pod. + properties: + fsType: + description: 'fsType is the filesystem type to mount. Must + be a filesystem type supported by the host operating system. + Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" + if unspecified. TODO: how do we prevent errors in the + filesystem from compromising the machine' + type: string + lun: + description: 'lun is Optional: FC target lun number' + format: int32 + type: integer + readOnly: + description: 'readOnly is Optional: Defaults to false (read/write). + ReadOnly here will force the ReadOnly setting in VolumeMounts.' + type: boolean + targetWWNs: + description: 'targetWWNs is Optional: FC target worldwide + names (WWNs)' + items: + type: string + type: array + wwids: + description: 'wwids Optional: FC volume world wide identifiers + (wwids) Either wwids or combination of targetWWNs and + lun must be set, but not both simultaneously.' + items: + type: string + type: array + type: object + flexVolume: + description: flexVolume represents a generic volume resource + that is provisioned/attached using an exec based plugin. + properties: + driver: + description: driver is the name of the driver to use for + this volume. + type: string + fsType: + description: fsType is the filesystem type to mount. Must + be a filesystem type supported by the host operating system. + Ex. "ext4", "xfs", "ntfs". The default filesystem depends + on FlexVolume script. + type: string + options: + additionalProperties: + type: string + description: 'options is Optional: this field holds extra + command options if any.' + type: object + readOnly: + description: 'readOnly is Optional: defaults to false (read/write). + ReadOnly here will force the ReadOnly setting in VolumeMounts.' + type: boolean + secretRef: + description: 'secretRef is Optional: secretRef is reference + to the secret object containing sensitive information + to pass to the plugin scripts. This may be empty if no + secret object is specified. If the secret object contains + more than one secret, all secrets are passed to the plugin + scripts.' + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + type: object + x-kubernetes-map-type: atomic + required: + - driver + type: object + flocker: + description: flocker represents a Flocker volume attached to + a kubelet's host machine. This depends on the Flocker control + service being running + properties: + datasetName: + description: datasetName is Name of the dataset stored as + metadata -> name on the dataset for Flocker should be + considered as deprecated + type: string + datasetUUID: + description: datasetUUID is the UUID of the dataset. This + is unique identifier of a Flocker dataset + type: string + type: object + gcePersistentDisk: + description: 'gcePersistentDisk represents a GCE Disk resource + that is attached to a kubelet''s host machine and then exposed + to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' + properties: + fsType: + description: 'fsType is filesystem type of the volume that + you want to mount. Tip: Ensure that the filesystem type + is supported by the host operating system. Examples: "ext4", + "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. + More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk + TODO: how do we prevent errors in the filesystem from + compromising the machine' + type: string + partition: + description: 'partition is the partition in the volume that + you want to mount. If omitted, the default is to mount + by volume name. Examples: For volume /dev/sda1, you specify + the partition as "1". Similarly, the volume partition + for /dev/sda is "0" (or you can leave the property empty). + More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' + format: int32 + type: integer + pdName: + description: 'pdName is unique name of the PD resource in + GCE. Used to identify the disk in GCE. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' + type: string + readOnly: + description: 'readOnly here will force the ReadOnly setting + in VolumeMounts. Defaults to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' + type: boolean + required: + - pdName + type: object + gitRepo: + description: 'gitRepo represents a git repository at a particular + revision. DEPRECATED: GitRepo is deprecated. To provision + a container with a git repo, mount an EmptyDir into an InitContainer + that clones the repo using git, then mount the EmptyDir into + the Pod''s container.' + properties: + directory: + description: directory is the target directory name. Must + not contain or start with '..'. If '.' is supplied, the + volume directory will be the git repository. Otherwise, + if specified, the volume will contain the git repository + in the subdirectory with the given name. + type: string + repository: + description: repository is the URL + type: string + revision: + description: revision is the commit hash for the specified + revision. + type: string + required: + - repository + type: object + glusterfs: + description: 'glusterfs represents a Glusterfs mount on the + host that shares a pod''s lifetime. More info: https://examples.k8s.io/volumes/glusterfs/README.md' + properties: + endpoints: + description: 'endpoints is the endpoint name that details + Glusterfs topology. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' + type: string + path: + description: 'path is the Glusterfs volume path. More info: + https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' + type: string + readOnly: + description: 'readOnly here will force the Glusterfs volume + to be mounted with read-only permissions. Defaults to + false. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' + type: boolean + required: + - endpoints + - path + type: object + hostPath: + description: 'hostPath represents a pre-existing file or directory + on the host machine that is directly exposed to the container. + This is generally used for system agents or other privileged + things that are allowed to see the host machine. Most containers + will NOT need this. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath + --- TODO(jonesdl) We need to restrict who can use host directory + mounts and who can/can not mount host directories as read/write.' + properties: + path: + description: 'path of the directory on the host. If the + path is a symlink, it will follow the link to the real + path. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath' + type: string + type: + description: 'type for HostPath Volume Defaults to "" More + info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath' + type: string + required: + - path + type: object + iscsi: + description: 'iscsi represents an ISCSI Disk resource that is + attached to a kubelet''s host machine and then exposed to + the pod. More info: https://examples.k8s.io/volumes/iscsi/README.md' + properties: + chapAuthDiscovery: + description: chapAuthDiscovery defines whether support iSCSI + Discovery CHAP authentication + type: boolean + chapAuthSession: + description: chapAuthSession defines whether support iSCSI + Session CHAP authentication + type: boolean + fsType: + description: 'fsType is the filesystem type of the volume + that you want to mount. Tip: Ensure that the filesystem + type is supported by the host operating system. Examples: + "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" + if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi + TODO: how do we prevent errors in the filesystem from + compromising the machine' + type: string + initiatorName: + description: initiatorName is the custom iSCSI Initiator + Name. If initiatorName is specified with iscsiInterface + simultaneously, new iSCSI interface : will be created for the connection. + type: string + iqn: + description: iqn is the target iSCSI Qualified Name. + type: string + iscsiInterface: + description: iscsiInterface is the interface Name that uses + an iSCSI transport. Defaults to 'default' (tcp). + type: string + lun: + description: lun represents iSCSI Target Lun number. + format: int32 + type: integer + portals: + description: portals is the iSCSI Target Portal List. The + portal is either an IP or ip_addr:port if the port is + other than default (typically TCP ports 860 and 3260). + items: + type: string + type: array + readOnly: + description: readOnly here will force the ReadOnly setting + in VolumeMounts. Defaults to false. + type: boolean + secretRef: + description: secretRef is the CHAP Secret for iSCSI target + and initiator authentication + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + type: object + x-kubernetes-map-type: atomic + targetPortal: + description: targetPortal is iSCSI Target Portal. The Portal + is either an IP or ip_addr:port if the port is other than + default (typically TCP ports 860 and 3260). + type: string + required: + - iqn + - lun + - targetPortal + type: object + name: + description: 'name of the volume. Must be a DNS_LABEL and unique + within the pod. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + nfs: + description: 'nfs represents an NFS mount on the host that shares + a pod''s lifetime More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' + properties: + path: + description: 'path that is exported by the NFS server. More + info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' + type: string + readOnly: + description: 'readOnly here will force the NFS export to + be mounted with read-only permissions. Defaults to false. + More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' + type: boolean + server: + description: 'server is the hostname or IP address of the + NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' + type: string + required: + - path + - server + type: object + persistentVolumeClaim: + description: 'persistentVolumeClaimVolumeSource represents a + reference to a PersistentVolumeClaim in the same namespace. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' + properties: + claimName: + description: 'claimName is the name of a PersistentVolumeClaim + in the same namespace as the pod using this volume. More + info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' + type: string + readOnly: + description: readOnly Will force the ReadOnly setting in + VolumeMounts. Default false. + type: boolean + required: + - claimName + type: object + photonPersistentDisk: + description: photonPersistentDisk represents a PhotonController + persistent disk attached and mounted on kubelets host machine + properties: + fsType: + description: fsType is the filesystem type to mount. Must + be a filesystem type supported by the host operating system. + Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" + if unspecified. + type: string + pdID: + description: pdID is the ID that identifies Photon Controller + persistent disk + type: string + required: + - pdID + type: object + portworxVolume: + description: portworxVolume represents a portworx volume attached + and mounted on kubelets host machine + properties: + fsType: + description: fSType represents the filesystem type to mount + Must be a filesystem type supported by the host operating + system. Ex. "ext4", "xfs". Implicitly inferred to be "ext4" + if unspecified. + type: string + readOnly: + description: readOnly defaults to false (read/write). ReadOnly + here will force the ReadOnly setting in VolumeMounts. + type: boolean + volumeID: + description: volumeID uniquely identifies a Portworx volume + type: string + required: + - volumeID + type: object + projected: + description: projected items for all in one resources secrets, + configmaps, and downward API + properties: + defaultMode: + description: defaultMode are the mode bits used to set permissions + on created files by default. Must be an octal value between + 0000 and 0777 or a decimal value between 0 and 511. YAML + accepts both octal and decimal values, JSON requires decimal + values for mode bits. Directories within the path are + not affected by this setting. This might be in conflict + with other options that affect the file mode, like fsGroup, + and the result can be other mode bits set. + format: int32 + type: integer + sources: + description: sources is the list of volume projections + items: + description: Projection that may be projected along with + other supported volume types + properties: + configMap: + description: configMap information about the configMap + data to project + properties: + items: + description: items if unspecified, each key-value + pair in the Data field of the referenced ConfigMap + will be projected into the volume as a file + whose name is the key and content is the value. + If specified, the listed keys will be projected + into the specified paths, and unlisted keys + will not be present. If a key is specified which + is not present in the ConfigMap, the volume + setup will error unless it is marked optional. + Paths must be relative and may not contain the + '..' path or start with '..'. + items: + description: Maps a string key to a path within + a volume. + properties: + key: + description: key is the key to project. + type: string + mode: + description: 'mode is Optional: mode bits + used to set permissions on this file. + Must be an octal value between 0000 and + 0777 or a decimal value between 0 and + 511. YAML accepts both octal and decimal + values, JSON requires decimal values for + mode bits. If not specified, the volume + defaultMode will be used. This might be + in conflict with other options that affect + the file mode, like fsGroup, and the result + can be other mode bits set.' + format: int32 + type: integer + path: + description: path is the relative path of + the file to map the key to. May not be + an absolute path. May not contain the + path element '..'. May not start with + the string '..'. + type: string + required: + - key + - path + type: object + type: array + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: optional specify whether the ConfigMap + or its keys must be defined + type: boolean + type: object + x-kubernetes-map-type: atomic + downwardAPI: + description: downwardAPI information about the downwardAPI + data to project + properties: + items: + description: Items is a list of DownwardAPIVolume + file + items: + description: DownwardAPIVolumeFile represents + information to create the file containing + the pod field + properties: + fieldRef: + description: 'Required: Selects a field + of the pod: only annotations, labels, + name and namespace are supported.' + properties: + apiVersion: + description: Version of the schema the + FieldPath is written in terms of, + defaults to "v1". + type: string + fieldPath: + description: Path of the field to select + in the specified API version. + type: string + required: + - fieldPath + type: object + x-kubernetes-map-type: atomic + mode: + description: 'Optional: mode bits used to + set permissions on this file, must be + an octal value between 0000 and 0777 or + a decimal value between 0 and 511. YAML + accepts both octal and decimal values, + JSON requires decimal values for mode + bits. If not specified, the volume defaultMode + will be used. This might be in conflict + with other options that affect the file + mode, like fsGroup, and the result can + be other mode bits set.' + format: int32 + type: integer + path: + description: 'Required: Path is the relative + path name of the file to be created. Must + not be absolute or contain the ''..'' + path. Must be utf-8 encoded. The first + item of the relative path must not start + with ''..''' + type: string + resourceFieldRef: + description: 'Selects a resource of the + container: only resources limits and requests + (limits.cpu, limits.memory, requests.cpu + and requests.memory) are currently supported.' + properties: + containerName: + description: 'Container name: required + for volumes, optional for env vars' + type: string + divisor: + anyOf: + - type: integer + - type: string + description: Specifies the output format + of the exposed resources, defaults + to "1" + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + description: 'Required: resource to + select' + type: string + required: + - resource + type: object + x-kubernetes-map-type: atomic + required: + - path + type: object + type: array + type: object + secret: + description: secret information about the secret data + to project + properties: + items: + description: items if unspecified, each key-value + pair in the Data field of the referenced Secret + will be projected into the volume as a file + whose name is the key and content is the value. + If specified, the listed keys will be projected + into the specified paths, and unlisted keys + will not be present. If a key is specified which + is not present in the Secret, the volume setup + will error unless it is marked optional. Paths + must be relative and may not contain the '..' + path or start with '..'. + items: + description: Maps a string key to a path within + a volume. + properties: + key: + description: key is the key to project. + type: string + mode: + description: 'mode is Optional: mode bits + used to set permissions on this file. + Must be an octal value between 0000 and + 0777 or a decimal value between 0 and + 511. YAML accepts both octal and decimal + values, JSON requires decimal values for + mode bits. If not specified, the volume + defaultMode will be used. This might be + in conflict with other options that affect + the file mode, like fsGroup, and the result + can be other mode bits set.' + format: int32 + type: integer + path: + description: path is the relative path of + the file to map the key to. May not be + an absolute path. May not contain the + path element '..'. May not start with + the string '..'. + type: string + required: + - key + - path + type: object + type: array + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: optional field specify whether the + Secret or its key must be defined + type: boolean + type: object + x-kubernetes-map-type: atomic + serviceAccountToken: + description: serviceAccountToken is information about + the serviceAccountToken data to project + properties: + audience: + description: audience is the intended audience + of the token. A recipient of a token must identify + itself with an identifier specified in the audience + of the token, and otherwise should reject the + token. The audience defaults to the identifier + of the apiserver. + type: string + expirationSeconds: + description: expirationSeconds is the requested + duration of validity of the service account + token. As the token approaches expiration, the + kubelet volume plugin will proactively rotate + the service account token. The kubelet will + start trying to rotate the token if the token + is older than 80 percent of its time to live + or if the token is older than 24 hours.Defaults + to 1 hour and must be at least 10 minutes. + format: int64 + type: integer + path: + description: path is the path relative to the + mount point of the file to project the token + into. + type: string + required: + - path + type: object + type: object + type: array + type: object + quobyte: + description: quobyte represents a Quobyte mount on the host + that shares a pod's lifetime + properties: + group: + description: group to map volume access to Default is no + group + type: string + readOnly: + description: readOnly here will force the Quobyte volume + to be mounted with read-only permissions. Defaults to + false. + type: boolean + registry: + description: registry represents a single or multiple Quobyte + Registry services specified as a string as host:port pair + (multiple entries are separated with commas) which acts + as the central registry for volumes + type: string + tenant: + description: tenant owning the given Quobyte volume in the + Backend Used with dynamically provisioned Quobyte volumes, + value is set by the plugin + type: string + user: + description: user to map volume access to Defaults to serivceaccount + user + type: string + volume: + description: volume is a string that references an already + created Quobyte volume by name. + type: string + required: + - registry + - volume + type: object + rbd: + description: 'rbd represents a Rados Block Device mount on the + host that shares a pod''s lifetime. More info: https://examples.k8s.io/volumes/rbd/README.md' + properties: + fsType: + description: 'fsType is the filesystem type of the volume + that you want to mount. Tip: Ensure that the filesystem + type is supported by the host operating system. Examples: + "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" + if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#rbd + TODO: how do we prevent errors in the filesystem from + compromising the machine' + type: string + image: + description: 'image is the rados image name. More info: + https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' + type: string + keyring: + description: 'keyring is the path to key ring for RBDUser. + Default is /etc/ceph/keyring. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' + type: string + monitors: + description: 'monitors is a collection of Ceph monitors. + More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' + items: + type: string + type: array + pool: + description: 'pool is the rados pool name. Default is rbd. + More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' + type: string + readOnly: + description: 'readOnly here will force the ReadOnly setting + in VolumeMounts. Defaults to false. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' + type: boolean + secretRef: + description: 'secretRef is name of the authentication secret + for RBDUser. If provided overrides keyring. Default is + nil. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + type: object + x-kubernetes-map-type: atomic + user: + description: 'user is the rados user name. Default is admin. + More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' + type: string + required: + - image + - monitors + type: object + scaleIO: + description: scaleIO represents a ScaleIO persistent volume + attached and mounted on Kubernetes nodes. + properties: + fsType: + description: fsType is the filesystem type to mount. Must + be a filesystem type supported by the host operating system. + Ex. "ext4", "xfs", "ntfs". Default is "xfs". + type: string + gateway: + description: gateway is the host address of the ScaleIO + API Gateway. + type: string + protectionDomain: + description: protectionDomain is the name of the ScaleIO + Protection Domain for the configured storage. + type: string + readOnly: + description: readOnly Defaults to false (read/write). ReadOnly + here will force the ReadOnly setting in VolumeMounts. + type: boolean + secretRef: + description: secretRef references to the secret for ScaleIO + user and other sensitive information. If this is not provided, + Login operation will fail. + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + type: object + x-kubernetes-map-type: atomic + sslEnabled: + description: sslEnabled Flag enable/disable SSL communication + with Gateway, default false + type: boolean + storageMode: + description: storageMode indicates whether the storage for + a volume should be ThickProvisioned or ThinProvisioned. + Default is ThinProvisioned. + type: string + storagePool: + description: storagePool is the ScaleIO Storage Pool associated + with the protection domain. + type: string + system: + description: system is the name of the storage system as + configured in ScaleIO. + type: string + volumeName: + description: volumeName is the name of a volume already + created in the ScaleIO system that is associated with + this volume source. + type: string + required: + - gateway + - secretRef + - system + type: object + secret: + description: 'secret represents a secret that should populate + this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' + properties: + defaultMode: + description: 'defaultMode is Optional: mode bits used to + set permissions on created files by default. Must be an + octal value between 0000 and 0777 or a decimal value between + 0 and 511. YAML accepts both octal and decimal values, + JSON requires decimal values for mode bits. Defaults to + 0644. Directories within the path are not affected by + this setting. This might be in conflict with other options + that affect the file mode, like fsGroup, and the result + can be other mode bits set.' + format: int32 + type: integer + items: + description: items If unspecified, each key-value pair in + the Data field of the referenced Secret will be projected + into the volume as a file whose name is the key and content + is the value. If specified, the listed keys will be projected + into the specified paths, and unlisted keys will not be + present. If a key is specified which is not present in + the Secret, the volume setup will error unless it is marked + optional. Paths must be relative and may not contain the + '..' path or start with '..'. + items: + description: Maps a string key to a path within a volume. + properties: + key: + description: key is the key to project. + type: string + mode: + description: 'mode is Optional: mode bits used to + set permissions on this file. Must be an octal value + between 0000 and 0777 or a decimal value between + 0 and 511. YAML accepts both octal and decimal values, + JSON requires decimal values for mode bits. If not + specified, the volume defaultMode will be used. + This might be in conflict with other options that + affect the file mode, like fsGroup, and the result + can be other mode bits set.' + format: int32 + type: integer + path: + description: path is the relative path of the file + to map the key to. May not be an absolute path. + May not contain the path element '..'. May not start + with the string '..'. + type: string + required: + - key + - path + type: object + type: array + optional: + description: optional field specify whether the Secret or + its keys must be defined + type: boolean + secretName: + description: 'secretName is the name of the secret in the + pod''s namespace to use. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' + type: string + type: object + storageos: + description: storageOS represents a StorageOS volume attached + and mounted on Kubernetes nodes. + properties: + fsType: + description: fsType is the filesystem type to mount. Must + be a filesystem type supported by the host operating system. + Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" + if unspecified. + type: string + readOnly: + description: readOnly defaults to false (read/write). ReadOnly + here will force the ReadOnly setting in VolumeMounts. + type: boolean + secretRef: + description: secretRef specifies the secret to use for obtaining + the StorageOS API credentials. If not specified, default + values will be attempted. + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + type: object + x-kubernetes-map-type: atomic + volumeName: + description: volumeName is the human-readable name of the + StorageOS volume. Volume names are only unique within + a namespace. + type: string + volumeNamespace: + description: volumeNamespace specifies the scope of the + volume within StorageOS. If no namespace is specified + then the Pod's namespace will be used. This allows the + Kubernetes name scoping to be mirrored within StorageOS + for tighter integration. Set VolumeName to any name to + override the default behaviour. Set to "default" if you + are not using namespaces within StorageOS. Namespaces + that do not pre-exist within StorageOS will be created. + type: string + type: object + vsphereVolume: + description: vsphereVolume represents a vSphere volume attached + and mounted on kubelets host machine + properties: + fsType: + description: fsType is filesystem type to mount. Must be + a filesystem type supported by the host operating system. + Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" + if unspecified. + type: string + storagePolicyID: + description: storagePolicyID is the storage Policy Based + Management (SPBM) profile ID associated with the StoragePolicyName. + type: string + storagePolicyName: + description: storagePolicyName is the storage Policy Based + Management (SPBM) profile name. + type: string + volumePath: + description: volumePath is the path that identifies vSphere + volume vmdk + type: string + required: + - volumePath + type: object + required: + - name + type: object + type: array + zookeeper: + description: 'Zookeeper IGNORED (Future API): In order to make Druid + dependency setup extensible from within Druid operator.' + properties: + spec: + description: RawMessage is a raw encoded JSON value. It implements + Marshaler and Unmarshaler and can be used to delay JSON decoding + or precompute a JSON encoding. + format: byte + type: string + type: + type: string + required: + - spec + - type + type: object + required: + - common.runtime.properties + - nodes + type: object + status: + description: DruidClusterStatus Defines the observed state of Druid. + properties: + configMaps: + items: + type: string + type: array + deployments: + items: + type: string + type: array + druidNodeStatus: + description: 'INSERT ADDITIONAL STATUS FIELD - define observed state + of cluster Important: Run "make" to regenerate code after modifying + this file' + properties: + druidNode: + type: string + druidNodeConditionStatus: + type: string + druidNodeConditionType: + type: string + reason: + type: string + type: object + hpAutoscalers: + items: + type: string + type: array + ingress: + items: + type: string + type: array + persistentVolumeClaims: + items: + type: string + type: array + podDisruptionBudgets: + items: + type: string + type: array + pods: + items: + type: string + type: array + services: + items: + type: string + type: array + statefulSets: + items: + type: string + type: array + type: object + required: + - spec + type: object + served: true + storage: true + subresources: + status: {} diff --git a/data/dataInfra_druid-operator/druid-operator-tiny-cluster-zk.yaml b/data/dataInfra_druid-operator/druid-operator-tiny-cluster-zk.yaml new file mode 100644 index 0000000000..482c24939d --- /dev/null +++ b/data/dataInfra_druid-operator/druid-operator-tiny-cluster-zk.yaml @@ -0,0 +1,71 @@ +--- +apiVersion: v1 +kind: Service +metadata: + name: tiny-cluster-zk +spec: + clusterIP: None + ports: + - name: zk-client-port + port: 2181 + - name: zk-fwr-port + port: 2888 + - name: zk-elec-port + port: 3888 + selector: + zk_cluster: tiny-cluster-zk +--- +apiVersion: apps/v1 +kind: StatefulSet +metadata: + labels: + zk_cluster: tiny-cluster-zk + name: tiny-cluster-zk +spec: + replicas: 1 + selector: + matchLabels: + zk_cluster: tiny-cluster-zk + serviceName: tiny-cluster-zk + template: + metadata: + labels: + zk_cluster: tiny-cluster-zk + spec: + containers: + - env: + - name: ZOO_SERVERS + value: server.1=tiny-cluster-zk-0.tiny-cluster-zk:2888:3888;2181 + - name: SERVER_JVMFLAGS + value: -Xms256m -Xmx256m + image: zookeeper:3.7.0 + name: tiny-cluster-zk + command: + - /bin/sh + args: + - -c + - ZOO_MY_ID=$(( $(echo `hostname -s` | sed 's/[^0-9]//g') + 1 )) /docker-entrypoint.sh zkServer.sh start-foreground + ports: + - containerPort: 2181 + name: zk-client-port + - containerPort: 2888 + name: zk-fwr-port + - containerPort: 3888 + name: zk-elec-port + resources: + limits: + cpu: 1 + memory: 512Mi + requests: + cpu: 1 + memory: 512Mi + volumeMounts: + - mountPath: /data + name: druid-test-zk-data + - mountPath: /datalog + name: druid-test-zk-data-log + volumes: + - name: druid-test-zk-data + emptyDir: {} + - name: druid-test-zk-data-log + emptyDir: {} diff --git a/data/dataInfra_druid-operator/druid-operator-tiny-cluster.yaml b/data/dataInfra_druid-operator/druid-operator-tiny-cluster.yaml new file mode 100644 index 0000000000..c8e637b8df --- /dev/null +++ b/data/dataInfra_druid-operator/druid-operator-tiny-cluster.yaml @@ -0,0 +1,370 @@ +# This spec only works on a single node kubernetes cluster(e.g. typical k8s cluster setup for dev using kind/minikube or single node AWS EKS cluster etc) +# as it uses local disk as "deep storage". +# +apiVersion: "druid.apache.org/v1alpha1" +kind: "Druid" +metadata: + name: tiny-cluster +spec: + image: apache/druid:25.0.0 + # Optionally specify image for all nodes. Can be specify on nodes also + # imagePullSecrets: + # - name: tutu + startScript: /druid.sh + podLabels: + environment: stage + release: alpha + podAnnotations: + dummykey: dummyval + readinessProbe: + httpGet: + path: /status/health + port: 8088 + securityContext: + fsGroup: 1000 + runAsUser: 1000 + runAsGroup: 1000 + services: + - spec: + type: ClusterIP + clusterIP: None + commonConfigMountPath: "/opt/druid/conf/druid/cluster/_common" + jvm.options: |- + -server + -XX:MaxDirectMemorySize=10240g + -Duser.timezone=UTC + -Dfile.encoding=UTF-8 + -Dlog4j.debug + -Djava.util.logging.manager=org.apache.logging.log4j.jul.LogManager + -Djava.io.tmpdir=/druid/data + log4j.config: |- + + + + + + + + + + + + + + common.runtime.properties: | + + # Zookeeper + druid.zk.service.host=tiny-cluster-zk-0.tiny-cluster-zk + druid.zk.paths.base=/druid + druid.zk.service.compress=false + + # Metadata Store + druid.metadata.storage.type=derby + druid.metadata.storage.connector.connectURI=jdbc:derby://localhost:1527/druid/data/derbydb/metadata.db;create=true + druid.metadata.storage.connector.host=localhost + druid.metadata.storage.connector.port=1527 + druid.metadata.storage.connector.createTables=true + + # Deep Storage + druid.storage.type=local + druid.storage.storageDirectory=/druid/deepstorage + # + # Extensions + # + druid.extensions.loadList=["druid-kafka-indexing-service"] + + # + # Service discovery + # + druid.selectors.indexing.serviceName=druid/overlord + druid.selectors.coordinator.serviceName=druid/coordinator + + druid.indexer.logs.type=file + druid.indexer.logs.directory=/druid/data/indexing-logs + druid.lookup.enableLookupSyncOnStartup=false + + metricDimensions.json: |- + { + "query/time" : { "dimensions" : ["dataSource", "type"], "type" : "timer"}, + "query/bytes" : { "dimensions" : ["dataSource", "type"], "type" : "count"}, + "query/node/time" : { "dimensions" : ["server"], "type" : "timer"}, + "query/node/ttfb" : { "dimensions" : ["server"], "type" : "timer"}, + "query/node/bytes" : { "dimensions" : ["server"], "type" : "count"}, + "query/node/backpressure": { "dimensions" : ["server"], "type" : "timer"}, + "query/intervalChunk/time" : { "dimensions" : [], "type" : "timer"}, + + "query/segment/time" : { "dimensions" : [], "type" : "timer"}, + "query/wait/time" : { "dimensions" : [], "type" : "timer"}, + "segment/scan/pending" : { "dimensions" : [], "type" : "gauge"}, + "query/segmentAndCache/time" : { "dimensions" : [], "type" : "timer" }, + "query/cpu/time" : { "dimensions" : ["dataSource", "type"], "type" : "timer" }, + + "query/count" : { "dimensions" : [], "type" : "count" }, + "query/success/count" : { "dimensions" : [], "type" : "count" }, + "query/failed/count" : { "dimensions" : [], "type" : "count" }, + "query/interrupted/count" : { "dimensions" : [], "type" : "count" }, + "query/timeout/count" : { "dimensions" : [], "type" : "count" }, + + "query/cache/delta/numEntries" : { "dimensions" : [], "type" : "count" }, + "query/cache/delta/sizeBytes" : { "dimensions" : [], "type" : "count" }, + "query/cache/delta/hits" : { "dimensions" : [], "type" : "count" }, + "query/cache/delta/misses" : { "dimensions" : [], "type" : "count" }, + "query/cache/delta/evictions" : { "dimensions" : [], "type" : "count" }, + "query/cache/delta/hitRate" : { "dimensions" : [], "type" : "count", "convertRange" : true }, + "query/cache/delta/averageBytes" : { "dimensions" : [], "type" : "count" }, + "query/cache/delta/timeouts" : { "dimensions" : [], "type" : "count" }, + "query/cache/delta/errors" : { "dimensions" : [], "type" : "count" }, + + "query/cache/total/numEntries" : { "dimensions" : [], "type" : "gauge" }, + "query/cache/total/sizeBytes" : { "dimensions" : [], "type" : "gauge" }, + "query/cache/total/hits" : { "dimensions" : [], "type" : "gauge" }, + "query/cache/total/misses" : { "dimensions" : [], "type" : "gauge" }, + "query/cache/total/evictions" : { "dimensions" : [], "type" : "gauge" }, + "query/cache/total/hitRate" : { "dimensions" : [], "type" : "gauge", "convertRange" : true }, + "query/cache/total/averageBytes" : { "dimensions" : [], "type" : "gauge" }, + "query/cache/total/timeouts" : { "dimensions" : [], "type" : "gauge" }, + "query/cache/total/errors" : { "dimensions" : [], "type" : "gauge" }, + + "ingest/events/thrownAway" : { "dimensions" : ["dataSource"], "type" : "count" }, + "ingest/events/unparseable" : { "dimensions" : ["dataSource"], "type" : "count" }, + "ingest/events/duplicate" : { "dimensions" : ["dataSource"], "type" : "count" }, + "ingest/events/processed" : { "dimensions" : ["dataSource", "taskType", "taskId"], "type" : "count" }, + "ingest/events/messageGap" : { "dimensions" : ["dataSource"], "type" : "gauge" }, + "ingest/rows/output" : { "dimensions" : ["dataSource"], "type" : "count" }, + "ingest/persists/count" : { "dimensions" : ["dataSource"], "type" : "count" }, + "ingest/persists/time" : { "dimensions" : ["dataSource"], "type" : "timer" }, + "ingest/persists/cpu" : { "dimensions" : ["dataSource"], "type" : "timer" }, + "ingest/persists/backPressure" : { "dimensions" : ["dataSource"], "type" : "gauge" }, + "ingest/persists/failed" : { "dimensions" : ["dataSource"], "type" : "count" }, + "ingest/handoff/failed" : { "dimensions" : ["dataSource"], "type" : "count" }, + "ingest/merge/time" : { "dimensions" : ["dataSource"], "type" : "timer" }, + "ingest/merge/cpu" : { "dimensions" : ["dataSource"], "type" : "timer" }, + + "ingest/kafka/lag" : { "dimensions" : ["dataSource"], "type" : "gauge" }, + "ingest/kafka/maxLag" : { "dimensions" : ["dataSource"], "type" : "gauge" }, + "ingest/kafka/avgLag" : { "dimensions" : ["dataSource"], "type" : "gauge" }, + + "task/success/count" : { "dimensions" : ["dataSource"], "type" : "count" }, + "task/failed/count" : { "dimensions" : ["dataSource"], "type" : "count" }, + "task/running/count" : { "dimensions" : ["dataSource"], "type" : "gauge" }, + "task/pending/count" : { "dimensions" : ["dataSource"], "type" : "gauge" }, + "task/waiting/count" : { "dimensions" : ["dataSource"], "type" : "gauge" }, + + "taskSlot/total/count" : { "dimensions" : [], "type" : "gauge" }, + "taskSlot/idle/count" : { "dimensions" : [], "type" : "gauge" }, + "taskSlot/busy/count" : { "dimensions" : [], "type" : "gauge" }, + "taskSlot/lazy/count" : { "dimensions" : [], "type" : "gauge" }, + "taskSlot/blacklisted/count" : { "dimensions" : [], "type" : "gauge" }, + + "task/run/time" : { "dimensions" : ["dataSource", "taskType"], "type" : "timer" }, + "segment/added/bytes" : { "dimensions" : ["dataSource", "taskType"], "type" : "count" }, + "segment/moved/bytes" : { "dimensions" : ["dataSource", "taskType"], "type" : "count" }, + "segment/nuked/bytes" : { "dimensions" : ["dataSource", "taskType"], "type" : "count" }, + + "segment/assigned/count" : { "dimensions" : ["tier"], "type" : "count" }, + "segment/moved/count" : { "dimensions" : ["tier"], "type" : "count" }, + "segment/dropped/count" : { "dimensions" : ["tier"], "type" : "count" }, + "segment/deleted/count" : { "dimensions" : ["tier"], "type" : "count" }, + "segment/unneeded/count" : { "dimensions" : ["tier"], "type" : "count" }, + "segment/unavailable/count" : { "dimensions" : ["dataSource"], "type" : "gauge" }, + "segment/underReplicated/count" : { "dimensions" : ["dataSource", "tier"], "type" : "gauge" }, + "segment/cost/raw" : { "dimensions" : ["tier"], "type" : "count" }, + "segment/cost/normalization" : { "dimensions" : ["tier"], "type" : "count" }, + "segment/cost/normalized" : { "dimensions" : ["tier"], "type" : "count" }, + "segment/loadQueue/size" : { "dimensions" : ["server"], "type" : "gauge" }, + "segment/loadQueue/failed" : { "dimensions" : ["server"], "type" : "gauge" }, + "segment/loadQueue/count" : { "dimensions" : ["server"], "type" : "gauge" }, + "segment/dropQueue/count" : { "dimensions" : ["server"], "type" : "gauge" }, + "segment/size" : { "dimensions" : ["dataSource"], "type" : "gauge" }, + "segment/overShadowed/count" : { "dimensions" : [], "type" : "gauge" }, + + "segment/max" : { "dimensions" : [], "type" : "gauge"}, + "segment/used" : { "dimensions" : ["dataSource", "tier", "priority"], "type" : "gauge" }, + "segment/usedPercent" : { "dimensions" : ["dataSource", "tier", "priority"], "type" : "gauge", "convertRange" : true }, + "segment/pendingDelete" : { "dimensions" : [], "type" : "gauge"}, + + "jvm/pool/committed" : { "dimensions" : ["poolKind", "poolName"], "type" : "gauge" }, + "jvm/pool/init" : { "dimensions" : ["poolKind", "poolName"], "type" : "gauge" }, + "jvm/pool/max" : { "dimensions" : ["poolKind", "poolName"], "type" : "gauge" }, + "jvm/pool/used" : { "dimensions" : ["poolKind", "poolName"], "type" : "gauge" }, + "jvm/bufferpool/count" : { "dimensions" : ["bufferpoolName"], "type" : "gauge" }, + "jvm/bufferpool/used" : { "dimensions" : ["bufferpoolName"], "type" : "gauge" }, + "jvm/bufferpool/capacity" : { "dimensions" : ["bufferpoolName"], "type" : "gauge" }, + "jvm/mem/init" : { "dimensions" : ["memKind"], "type" : "gauge" }, + "jvm/mem/max" : { "dimensions" : ["memKind"], "type" : "gauge" }, + "jvm/mem/used" : { "dimensions" : ["memKind"], "type" : "gauge" }, + "jvm/mem/committed" : { "dimensions" : ["memKind"], "type" : "gauge" }, + "jvm/gc/count" : { "dimensions" : ["gcName", "gcGen"], "type" : "count" }, + "jvm/gc/cpu" : { "dimensions" : ["gcName", "gcGen"], "type" : "count" }, + + "ingest/events/buffered" : { "dimensions" : ["serviceName", "bufferCapacity"], "type" : "gauge"}, + + "sys/swap/free" : { "dimensions" : [], "type" : "gauge"}, + "sys/swap/max" : { "dimensions" : [], "type" : "gauge"}, + "sys/swap/pageIn" : { "dimensions" : [], "type" : "gauge"}, + "sys/swap/pageOut" : { "dimensions" : [], "type" : "gauge"}, + "sys/disk/write/count" : { "dimensions" : ["fsDevName"], "type" : "count"}, + "sys/disk/read/count" : { "dimensions" : ["fsDevName"], "type" : "count"}, + "sys/disk/write/size" : { "dimensions" : ["fsDevName"], "type" : "count"}, + "sys/disk/read/size" : { "dimensions" : ["fsDevName"], "type" : "count"}, + "sys/net/write/size" : { "dimensions" : [], "type" : "count"}, + "sys/net/read/size" : { "dimensions" : [], "type" : "count"}, + "sys/fs/used" : { "dimensions" : ["fsDevName", "fsDirName", "fsTypeName", "fsSysTypeName", "fsOptions"], "type" : "gauge"}, + "sys/fs/max" : { "dimensions" : ["fsDevName", "fsDirName", "fsTypeName", "fsSysTypeName", "fsOptions"], "type" : "gauge"}, + "sys/mem/used" : { "dimensions" : [], "type" : "gauge"}, + "sys/mem/max" : { "dimensions" : [], "type" : "gauge"}, + "sys/storage/used" : { "dimensions" : ["fsDirName"], "type" : "gauge"}, + "sys/cpu" : { "dimensions" : ["cpuName", "cpuTime"], "type" : "gauge"}, + + "coordinator-segment/count" : { "dimensions" : ["dataSource"], "type" : "gauge" }, + "historical-segment/count" : { "dimensions" : ["dataSource", "tier", "priority"], "type" : "gauge" }, + + "jetty/numOpenConnections" : { "dimensions" : [], "type" : "gauge" }, + "query/cache/caffeine/total/requests" : { "dimensions" : [], "type" : "gauge" }, + "query/cache/caffeine/total/loadTime" : { "dimensions" : [], "type" : "gauge" }, + "query/cache/caffeine/total/evictionBytes" : { "dimensions" : [], "type" : "gauge" }, + "query/cache/memcached/total" : { "dimensions" : ["[MEM] Reconnecting Nodes (ReconnectQueue)", + "[MEM] Request Rate: All", + "[MEM] Average Bytes written to OS per write", + "[MEM] Average Bytes read from OS per read", + "[MEM] Response Rate: All (Failure + Success + Retry)", + "[MEM] Response Rate: Retry", + "[MEM] Response Rate: Failure", + "[MEM] Response Rate: Success"], + "type" : "gauge" }, + "query/cache/caffeine/delta/requests" : { "dimensions" : [], "type" : "count" }, + "query/cache/caffeine/delta/loadTime" : { "dimensions" : [], "type" : "count" }, + "query/cache/caffeine/delta/evictionBytes" : { "dimensions" : [], "type" : "count" }, + "query/cache/memcached/delta" : { "dimensions" : ["[MEM] Reconnecting Nodes (ReconnectQueue)", + "[MEM] Request Rate: All", + "[MEM] Average Bytes written to OS per write", + "[MEM] Average Bytes read from OS per read", + "[MEM] Response Rate: All (Failure + Success + Retry)", + "[MEM] Response Rate: Retry", + "[MEM] Response Rate: Failure", + "[MEM] Response Rate: Success"], + "type" : "count" } + } + + volumeMounts: + - mountPath: /druid/data + name: data-volume + - mountPath: /druid/deepstorage + name: deepstorage-volume + volumes: + - name: data-volume + emptyDir: {} + - name: deepstorage-volume + hostPath: + path: /tmp/druid/deepstorage + type: DirectoryOrCreate + env: + - name: POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + - name: POD_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + + nodes: + brokers: + # Optionally specify for running broker as Deployment + # kind: Deployment + nodeType: "broker" + # Optionally specify for broker nodes + # imagePullSecrets: + # - name: tutu + druid.port: 8088 + nodeConfigMountPath: "/opt/druid/conf/druid/cluster/query/broker" + replicas: 1 + volumeClaimTemplates: + - metadata: + name: data-volume + spec: + accessModes: + - ReadWriteOnce + resources: + requests: + storage: 2Gi + storageClassName: standard + runtime.properties: | + druid.service=druid/broker + # HTTP server threads + druid.broker.http.numConnections=5 + druid.server.http.numThreads=10 + # Processing threads and buffers + druid.processing.buffer.sizeBytes=1 + druid.processing.numMergeBuffers=1 + druid.processing.numThreads=1 + druid.sql.enable=true + extra.jvm.options: |- + -Xmx512M + -Xms512M + + coordinators: + # Optionally specify for running coordinator as Deployment + # kind: Deployment + nodeType: "coordinator" + druid.port: 8088 + nodeConfigMountPath: "/opt/druid/conf/druid/cluster/master/coordinator-overlord" + replicas: 1 + runtime.properties: | + druid.service=druid/coordinator + + # HTTP server threads + druid.coordinator.startDelay=PT30S + druid.coordinator.period=PT30S + + # Configure this coordinator to also run as Overlord + druid.coordinator.asOverlord.enabled=true + druid.coordinator.asOverlord.overlordService=druid/overlord + druid.indexer.queue.startDelay=PT30S + druid.indexer.runner.type=local + extra.jvm.options: |- + -Xmx512M + -Xms512M + + historicals: + nodeType: "historical" + druid.port: 8088 + nodeConfigMountPath: "/opt/druid/conf/druid/cluster/data/historical" + replicas: 1 + runtime.properties: | + druid.service=druid/historical + druid.server.http.numThreads=5 + druid.processing.buffer.sizeBytes=536870912 + druid.processing.numMergeBuffers=1 + druid.processing.numThreads=1 + + # Segment storage + druid.segmentCache.locations=[{\"path\":\"/druid/data/segments\",\"maxSize\":10737418240}] + druid.server.maxSize=10737418240 + extra.jvm.options: |- + -Xmx512M + -Xms512M + + routers: + nodeType: "router" + druid.port: 8088 + nodeConfigMountPath: "/opt/druid/conf/druid/cluster/query/router" + replicas: 1 + runtime.properties: | + druid.service=druid/router + + # HTTP proxy + druid.router.http.numConnections=10 + druid.router.http.readTimeout=PT5M + druid.router.http.numMaxThreads=10 + druid.server.http.numThreads=10 + + # Service discovery + druid.router.defaultBrokerServiceName=druid/broker + druid.router.coordinatorServiceName=druid/coordinator + + # Management proxy to coordinator / overlord: required for unified web console. + druid.router.managementProxy.enabled=true + extra.jvm.options: |- + -Xmx512M + -Xms512M From b240763ef59e4e0ac866fb01b7ac090d1c40c987 Mon Sep 17 00:00:00 2001 From: hhh <143368491+zyzuiuc@users.noreply.github.com> Date: Sat, 16 Mar 2024 17:51:35 -0500 Subject: [PATCH 34/38] add mysql-operator config files (#356) --- data/mysql_mysql-operator/context.json | 1350 +++++++++++++++++ data/mysql_mysql-operator/deploy-crds.yaml | 1095 +++++++++++++ .../mysql_mysql-operator/deploy-operator.yaml | 199 +++ .../mysql-operator-config.json | 36 + .../mysql-operator-cr.yaml | 23 + data/mysql_mysql-operator/secret.yaml | 19 + 6 files changed, 2722 insertions(+) create mode 100644 data/mysql_mysql-operator/context.json create mode 100644 data/mysql_mysql-operator/deploy-crds.yaml create mode 100644 data/mysql_mysql-operator/deploy-operator.yaml create mode 100644 data/mysql_mysql-operator/mysql-operator-config.json create mode 100644 data/mysql_mysql-operator/mysql-operator-cr.yaml create mode 100644 data/mysql_mysql-operator/secret.yaml diff --git a/data/mysql_mysql-operator/context.json b/data/mysql_mysql-operator/context.json new file mode 100644 index 0000000000..bcf4dcac55 --- /dev/null +++ b/data/mysql_mysql-operator/context.json @@ -0,0 +1,1350 @@ +{ + "crd": { + "body": { + "apiVersion": "apiextensions.k8s.io/v1", + "kind": "CustomResourceDefinition", + "metadata": { + "creationTimestamp": "2024-03-10T01:22:54Z", + "generation": 1, + "name": "innodbclusters.mysql.oracle.com", + "resourceVersion": "625", + "uid": "ba1d54fb-a175-4df8-83fb-4e793e61ec54" + }, + "spec": { + "conversion": { + "strategy": "None" + }, + "group": "mysql.oracle.com", + "names": { + "kind": "InnoDBCluster", + "listKind": "InnoDBClusterList", + "plural": "innodbclusters", + "shortNames": [ + "ic", + "ics" + ], + "singular": "innodbcluster" + }, + "scope": "Namespaced", + "versions": [ + { + "additionalPrinterColumns": [ + { + "description": "Status of the InnoDB Cluster", + "jsonPath": ".status.cluster.status", + "name": "Status", + "type": "string" + }, + { + "description": "Number of ONLINE InnoDB Cluster instances", + "jsonPath": ".status.cluster.onlineInstances", + "name": "Online", + "type": "integer" + }, + { + "description": "Number of InnoDB Cluster instances configured", + "jsonPath": ".spec.instances", + "name": "Instances", + "type": "integer" + }, + { + "description": "Number of Router instances configured for the InnoDB Cluster", + "jsonPath": ".spec.router.instances", + "name": "Routers", + "type": "integer" + }, + { + "jsonPath": ".metadata.creationTimestamp", + "name": "Age", + "type": "date" + } + ], + "name": "v2", + "schema": { + "openAPIV3Schema": { + "properties": { + "metadata": { + "properties": { + "name": { + "maxLength": 40, + "type": "string" + } + }, + "type": "object" + }, + "spec": { + "properties": { + "backupProfiles": { + "description": "Backup profile specifications for the cluster, which can be referenced from backup schedules and one-off backup jobs", + "items": { + "properties": { + "dumpInstance": { + "properties": { + "dumpOptions": { + "description": "A dictionary of key-value pairs passed directly to MySQL Shell's DumpInstance()", + "type": "object", + "x-kubernetes-preserve-unknown-fields": true + }, + "storage": { + "properties": { + "azure": { + "properties": { + "config": { + "description": "Name of a Secret with Azure BLOB Storage configuration and credentials", + "type": "string" + }, + "containerName": { + "description": "Name of the Azure BLOB Storage container where the dump is stored", + "type": "string" + }, + "prefix": { + "description": "Path in the container where the dump files are stored", + "type": "string" + } + }, + "required": [ + "containerName", + "config" + ], + "type": "object" + }, + "ociObjectStorage": { + "properties": { + "bucketName": { + "description": "Name of the OCI bucket where backup is stored", + "type": "string" + }, + "credentials": { + "description": "Name of a Secret with data for accessing the bucket", + "type": "string" + }, + "prefix": { + "description": "Path in bucket where backup is stored", + "type": "string" + } + }, + "required": [ + "bucketName", + "credentials" + ], + "type": "object" + }, + "persistentVolumeClaim": { + "description": "Specification of the PVC to be used. Used 'as is' in pod executing the backup.", + "type": "object", + "x-kubernetes-preserve-unknown-fields": true + }, + "s3": { + "properties": { + "bucketName": { + "description": "Name of the S3 bucket where the dump is stored", + "type": "string" + }, + "config": { + "description": "Name of a Secret with S3 configuration and credentials", + "type": "string" + }, + "endpoint": { + "description": "Override endpoint URL", + "type": "string" + }, + "prefix": { + "description": "Path in the bucket where the dump files are stored", + "type": "string" + }, + "profile": { + "default": "", + "description": "Profile being used in configuration files", + "type": "string" + } + }, + "required": [ + "bucketName", + "config" + ], + "type": "object" + } + }, + "type": "object", + "x-kubernetes-preserve-unknown-fields": true + } + }, + "type": "object" + }, + "name": { + "description": "Embedded backup profile, referenced as backupProfileName elsewhere", + "type": "string" + }, + "podAnnotations": { + "type": "object", + "x-kubernetes-preserve-unknown-fields": true + }, + "podLabels": { + "type": "object", + "x-kubernetes-preserve-unknown-fields": true + }, + "snapshot": { + "properties": { + "storage": { + "properties": { + "azure": { + "properties": { + "config": { + "description": "Name of a Secret with Azure BLOB Storage configuration and credentials", + "type": "string" + }, + "containerName": { + "description": "Name of the Azure BLOB Storage container where the dump is stored", + "type": "string" + }, + "prefix": { + "description": "Path in the container where the dump files are stored", + "type": "string" + } + }, + "required": [ + "containerName", + "config" + ], + "type": "object" + }, + "ociObjectStorage": { + "properties": { + "bucketName": { + "description": "Bucket name where backup is stored", + "type": "string" + }, + "credentials": { + "description": "Name of a Secret with data for accessing the bucket", + "type": "string" + }, + "prefix": { + "description": "Path in bucket where backup is stored", + "type": "string" + } + }, + "required": [ + "bucketName", + "credentials" + ], + "type": "object" + }, + "persistentVolumeClaim": { + "description": "Specification of the PVC to be used. Used 'as is' in pod executing the backup.", + "type": "object", + "x-kubernetes-preserve-unknown-fields": true + }, + "s3": { + "properties": { + "bucketName": { + "description": "Name of the S3 bucket where the dump is stored", + "type": "string" + }, + "config": { + "description": "Name of a Secret with S3 configuration and credentials", + "type": "string" + }, + "endpoint": { + "description": "Override endpoint URL", + "type": "string" + }, + "prefix": { + "description": "Path in the bucket where the dump files are stored", + "type": "string" + }, + "profile": { + "default": "", + "description": "Profile being used in configuration files", + "type": "string" + } + }, + "required": [ + "bucketName", + "config" + ], + "type": "object" + } + }, + "type": "object", + "x-kubernetes-preserve-unknown-fields": true + } + }, + "type": "object" + } + }, + "required": [ + "name" + ], + "type": "object", + "x-kubernetes-preserve-unknown-fields": true + }, + "type": "array" + }, + "backupSchedules": { + "description": "Schedules for periodically executed backups", + "items": { + "properties": { + "backupProfile": { + "description": "backupProfile specification if backupProfileName is not specified", + "properties": { + "dumpInstance": { + "properties": { + "dumpOptions": { + "description": "A dictionary of key-value pairs passed directly to MySQL Shell's DumpInstance()", + "type": "object", + "x-kubernetes-preserve-unknown-fields": true + }, + "storage": { + "properties": { + "azure": { + "properties": { + "config": { + "description": "Name of a Secret with Azure BLOB Storage configuration and credentials", + "type": "string" + }, + "containerName": { + "description": "Name of the Azure BLOB Storage container where the dump is stored", + "type": "string" + }, + "prefix": { + "description": "Path in the container where the dump files are stored", + "type": "string" + } + }, + "required": [ + "containerName", + "config" + ], + "type": "object" + }, + "ociObjectStorage": { + "properties": { + "bucketName": { + "description": "Name of the OCI Bucket where backup is stored", + "type": "string" + }, + "credentials": { + "description": "Name of a Secret with data for accessing the bucket", + "type": "string" + }, + "prefix": { + "description": "Path in bucket where backup is stored", + "type": "string" + } + }, + "required": [ + "bucketName", + "credentials" + ], + "type": "object" + }, + "persistentVolumeClaim": { + "description": "Specification of the PVC to be used. Used 'as is' in pod executing the backup.", + "type": "object", + "x-kubernetes-preserve-unknown-fields": true + }, + "s3": { + "properties": { + "bucketName": { + "description": "Name of the S3 bucket where the dump is stored", + "type": "string" + }, + "config": { + "description": "Name of a Secret with S3 configuration and credentials", + "type": "string" + }, + "endpoint": { + "description": "Override endpoint URL", + "type": "string" + }, + "prefix": { + "description": "Path in the bucket where the dump files are stored", + "type": "string" + }, + "profile": { + "default": "", + "description": "Profile being used in configuration files", + "type": "string" + } + }, + "required": [ + "bucketName", + "config" + ], + "type": "object" + } + }, + "type": "object", + "x-kubernetes-preserve-unknown-fields": true + } + }, + "type": "object" + }, + "podAnnotations": { + "type": "object", + "x-kubernetes-preserve-unknown-fields": true + }, + "podLabels": { + "type": "object", + "x-kubernetes-preserve-unknown-fields": true + } + }, + "type": "object", + "x-kubernetes-preserve-unknown-fields": true + }, + "backupProfileName": { + "description": "Name of the backupProfile to be used", + "type": "string" + }, + "deleteBackupData": { + "default": false, + "description": "Whether to delete the backup data in case the MySQLBackup object created by the job is deleted", + "type": "boolean" + }, + "enabled": { + "default": true, + "description": "Whether the schedule is enabled or not", + "type": "boolean" + }, + "name": { + "description": "Name of the backup schedule", + "type": "string" + }, + "schedule": { + "description": "The schedule of the job, syntax as a cron expression", + "type": "string" + }, + "timeZone": { + "description": "Timezone for the backup schedule, example: 'America/New_York'", + "type": "string" + } + }, + "required": [ + "name", + "schedule" + ], + "type": "object", + "x-kubernetes-preserve-unknown-fields": true + }, + "type": "array" + }, + "baseServerId": { + "default": 1000, + "description": "Base value for MySQL server_id for instances in the cluster", + "maximum": 4294967195, + "minimum": 0, + "type": "integer" + }, + "datadirVolumeClaimTemplate": { + "description": "Template for a PersistentVolumeClaim, to be used as datadir", + "type": "object", + "x-kubernetes-preserve-unknown-fields": true + }, + "edition": { + "description": "MySQL Server Edition (community or enterprise)", + "pattern": "^(community|enterprise)$", + "type": "string" + }, + "imagePullPolicy": { + "description": "Defaults to Always, but set to IfNotPresent in deploy-operator.yaml when deploying Operator", + "type": "string" + }, + "imagePullSecrets": { + "items": { + "properties": { + "name": { + "type": "string" + } + }, + "type": "object" + }, + "type": "array" + }, + "imageRepository": { + "description": "Repository where images are pulled from; defaults to container-registry.oracle.com/mysql", + "type": "string" + }, + "initDB": { + "properties": { + "clone": { + "properties": { + "donorUrl": { + "description": "URL of the cluster to clone from", + "type": "string" + }, + "rootUser": { + "default": "root", + "description": "User name used for cloning", + "type": "string" + }, + "secretKeyRef": { + "properties": { + "name": { + "description": "Secret name with key 'rootPassword' storing the password for the user specified in rootUser", + "type": "string" + } + }, + "required": [ + "name" + ], + "type": "object" + } + }, + "required": [ + "donorUrl", + "secretKeyRef" + ], + "type": "object" + }, + "dump": { + "properties": { + "name": { + "description": "Name of the dump. Not used by the operator, but a descriptive hint for the cluster administrator", + "type": "string" + }, + "options": { + "description": "A dictionary of key-value pairs passed directly to MySQL Shell's loadDump()", + "type": "object", + "x-kubernetes-preserve-unknown-fields": true + }, + "path": { + "description": "Path to the dump in the PVC. Use when specifying persistentVolumeClaim. Omit for ociObjectStorage, S3, or azure.", + "type": "string" + }, + "storage": { + "properties": { + "azure": { + "properties": { + "config": { + "description": "Name of a Secret with Azure BLOB Storage configuration and credentials", + "type": "string" + }, + "containerName": { + "description": "Name of the Azure BLOB Storage container where the dump is stored", + "type": "string" + }, + "prefix": { + "description": "Path in the container where the dump files are stored", + "type": "string" + } + }, + "required": [ + "containerName", + "prefix", + "config" + ], + "type": "object" + }, + "ociObjectStorage": { + "properties": { + "bucketName": { + "description": "Name of the OCI bucket where the dump is stored", + "type": "string" + }, + "credentials": { + "description": "Name of a Secret with data for accessing the bucket", + "type": "string" + }, + "prefix": { + "description": "Path in the bucket where the dump files are stored", + "type": "string" + } + }, + "required": [ + "bucketName", + "prefix", + "credentials" + ], + "type": "object" + }, + "persistentVolumeClaim": { + "description": "Specification of the PVC to be used. Used 'as is' in the cloning pod.", + "type": "object", + "x-kubernetes-preserve-unknown-fields": true + }, + "s3": { + "properties": { + "bucketName": { + "description": "Name of the S3 bucket where the dump is stored", + "type": "string" + }, + "config": { + "description": "Name of a Secret with S3 configuration and credentials", + "type": "string" + }, + "endpoint": { + "description": "Override endpoint URL", + "type": "string" + }, + "prefix": { + "description": "Path in the bucket where the dump files are stored", + "type": "string" + }, + "profile": { + "default": "", + "description": "Profile being used in configuration files", + "type": "string" + } + }, + "required": [ + "bucketName", + "prefix", + "config" + ], + "type": "object" + } + }, + "type": "object", + "x-kubernetes-preserve-unknown-fields": true + } + }, + "required": [ + "storage" + ], + "type": "object" + } + }, + "type": "object", + "x-kubernetes-preserve-unknown-fields": true + }, + "instances": { + "default": 1, + "description": "Number of MySQL replica instances for the cluster", + "maximum": 9, + "minimum": 1, + "type": "integer" + }, + "keyring": { + "description": "Keyring specification", + "properties": { + "encryptedFile": { + "description": "Keyring 'Encrypted File' specification", + "properties": { + "fileName": { + "default": "mysql_keyring", + "description": "Path to the keyring file name inside the storage volume (will be prefixed by mount path)", + "type": "string" + }, + "password": { + "description": "Name of a secret that contains password for the keyring in the key 'keyring_password'", + "type": "string" + }, + "readOnly": { + "default": false, + "description": "Whether to open the keyring file in read-only mode", + "type": "boolean" + }, + "storage": { + "description": "Specification of the volume to be mounted where the keyring file resides", + "type": "object", + "x-kubernetes-preserve-unknown-fields": true + } + }, + "required": [ + "storage", + "password" + ], + "type": "object" + }, + "file": { + "description": "Keyring 'File' specification", + "properties": { + "fileName": { + "default": "mysql_keyring", + "description": "Path to the keyring file name inside the storage volume (will be prefixed by mount path)", + "type": "string" + }, + "readOnly": { + "default": false, + "description": "Whether to open the keyring file in read-only mode", + "type": "boolean" + }, + "storage": { + "description": "Specification of the volume to be mounted where the keyring file resides", + "type": "object", + "x-kubernetes-preserve-unknown-fields": true + } + }, + "required": [ + "storage" + ], + "type": "object" + }, + "oci": { + "description": "Keyring 'OCI' specification", + "properties": { + "caCertificate": { + "description": "Secret that contains ca.crt field with CA certificate bundle file that the keyring_oci plugin uses for Oracle Cloud Infrastructure certificate verification", + "type": "string" + }, + "compartment": { + "description": "Compartment identifier in the form ocid1.compartment.oc1...", + "pattern": "^ocid1\\.compartment\\.", + "type": "string" + }, + "endpoints": { + "properties": { + "encryption": { + "description": "Encryption endpoint URI like {identifier}-crypto.kms.{region}.oraclecloud.com", + "type": "string" + }, + "management": { + "description": "Management endpoint URI like {identifier}-management.kms.{region}.oraclecloud.com", + "type": "string" + }, + "secrets": { + "description": "Secrets endpoint URI like secrets.vaults.{region}.oci.oraclecloud.com", + "type": "string" + }, + "vaults": { + "description": "Vaults endpoint URI like vaults.{region}.oci.oraclecloud.com", + "type": "string" + } + }, + "type": "object" + }, + "keyFingerprint": { + "description": "Private key fingerprint", + "pattern": "([0-9a-f]{2}:){15}[0-9a-f]{2}$", + "type": "string" + }, + "keySecret": { + "description": "A secret that contains the private key under the field 'privatekey'", + "type": "string" + }, + "masterKey": { + "description": "Master key identified in the form ocid1.key.oc1...", + "pattern": "^ocid1\\.key\\.", + "type": "string" + }, + "tenancy": { + "description": "Tenancy identifier in the form ocid1.tenancy.oc1...", + "pattern": "^ocid1\\.tenancy\\.", + "type": "string" + }, + "user": { + "description": "User identifier in the form of ocid1.user.oc1...", + "pattern": "^ocid1\\.user\\.", + "type": "string" + }, + "virtualVault": { + "description": "Vault identifier in the form ocid1.vault.oc1...", + "pattern": "^ocid1\\.vault\\.", + "type": "string" + } + }, + "required": [ + "user", + "keySecret", + "keyFingerprint", + "tenancy" + ], + "type": "object" + } + }, + "type": "object" + }, + "logs": { + "properties": { + "collector": { + "oneOf": [ + { + "required": [ + "image", + "fluentd" + ] + } + ], + "properties": { + "containerName": { + "default": "logcollector", + "description": "Name of the collector container sidecar", + "type": "string" + }, + "env": { + "items": { + "description": "Environment variables to be passed to the image. Definition will be directly copied like podSpec fields are", + "type": "object", + "x-kubernetes-preserve-unknown-fields": true + }, + "type": "array" + }, + "fluentd": { + "description": "Properties of the fluentd log collector", + "oneOf": [ + { + "required": [ + "sinks" + ] + } + ], + "properties": { + "additionalFilterConfiguration": { + "description": "Raw configuration of additional Fluentd filters to be added to the configuration file", + "type": "string" + }, + "errorLog": { + "properties": { + "options": { + "description": "fluentd specific options for the error log", + "type": "object", + "x-kubernetes-preserve-unknown-fields": true + }, + "tag": { + "default": "", + "description": "Tag for the error log records", + "type": "string" + } + }, + "type": "object" + }, + "generalLog": { + "properties": { + "options": { + "description": "fluentd specific options for the general log", + "type": "object", + "x-kubernetes-preserve-unknown-fields": true + }, + "tag": { + "default": "", + "description": "Tag for the general log records", + "type": "string" + } + }, + "type": "object" + }, + "recordAugmentation": { + "properties": { + "annotations": { + "items": { + "properties": { + "annotationName": { + "description": "Name of the pod label that holds the value to be stored under fieldName in the log record", + "type": "string" + }, + "fieldName": { + "description": "Name of the field added to the log record with value from annotationName", + "type": "string" + } + }, + "required": [ + "fieldName", + "annotationName" + ], + "type": "object" + }, + "type": "array" + }, + "enabled": { + "default": false, + "description": "Whether to enable record augmentation with additional data", + "type": "boolean" + }, + "labels": { + "items": { + "properties": { + "fieldName": { + "description": "Name of the field added to the log record with value from labelName", + "type": "string" + }, + "labelName": { + "description": "Name of the pod label that holds the value to be stored under fieldName in the log record", + "type": "string" + } + }, + "required": [ + "fieldName", + "labelName" + ], + "type": "object" + }, + "type": "array" + }, + "podFields": { + "items": { + "properties": { + "fieldName": { + "description": "Name of the field added to the log record with value taken from a field with path stored in fieldPath", + "type": "string" + }, + "fieldPath": { + "description": "Value for the field fieldName. The path should be of the same syntax as the one used for mounting environment variables from field reference - valueFrom.fieldRef.fieldPath . The field will be mounted in the pod as a environment variable, prefixed with a prefix and used then added to the log record. Examples for fieldRef are : spec.nodeName, metadata.namespace, status.podIP, etc.", + "type": "string" + } + }, + "required": [ + "fieldName", + "fieldPath" + ], + "type": "object" + }, + "type": "array" + }, + "resourceFields": { + "items": { + "properties": { + "containerName": { + "type": "string" + }, + "fieldName": { + "description": "Name of the field added to the log record with value taken from a field with path stored in fieldPath", + "type": "string" + }, + "resource": { + "description": "See https://kubernetes.io/docs/tasks/inject-data-application/environment-variable-expose-pod-information/#use-container-fields-as-values-for-environment-variables", + "type": "string" + } + }, + "required": [ + "fieldName", + "containerName", + "resource" + ], + "type": "object" + }, + "type": "array" + }, + "staticFields": { + "items": { + "properties": { + "fieldName": { + "description": "Name of the field added to the log record with value from fieldValue", + "type": "string" + }, + "fieldValue": { + "description": "Value for the static field with name taken from fieldName", + "type": "string" + } + }, + "required": [ + "fieldName", + "fieldValue" + ], + "type": "object" + }, + "type": "array" + } + }, + "type": "object" + }, + "sinks": { + "items": { + "properties": { + "name": { + "description": "Name of the sink. Used only for documentation purposes", + "type": "string" + }, + "rawConfig": { + "description": "Raw configuration of the sink", + "type": "string" + } + }, + "required": [ + "name", + "rawConfig" + ], + "type": "object", + "x-kubernetes-preserve-unknown-fields": true + }, + "type": "array" + }, + "slowQueryLog": { + "properties": { + "options": { + "description": "fluentd specific options for the slow log", + "type": "object", + "x-kubernetes-preserve-unknown-fields": true + }, + "tag": { + "default": "", + "description": "Tag for the slow log records", + "type": "string" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "image": { + "description": "Name of an image, including registry and repository, to be used for the log collector sidecar. If provided it needs to be an image for the configured collector type.", + "type": "string" + } + }, + "type": "object" + }, + "error": { + "properties": { + "collect": { + "default": false, + "description": "Whether error logging data should be collected. Implies that the logging should be enabled. If enabled the error log will be switched to JSON format output", + "type": "boolean" + }, + "verbosity": { + "default": 3, + "description": "Log error verbosity. For details, see the MySQL Server --log-error-verbosity documentation.", + "maximum": 3, + "minimum": 1, + "type": "integer" + } + }, + "type": "object" + }, + "general": { + "properties": { + "collect": { + "default": false, + "description": "Whether general logging data should be collected. Implies that the logging should be enabled.", + "type": "boolean" + }, + "enabled": { + "default": false, + "description": "Whether general logging should be enabled", + "type": "boolean" + } + }, + "type": "object" + }, + "slowQuery": { + "properties": { + "collect": { + "default": false, + "description": "Whether slow query logging data should be collected. Implies that the logging should be enabled.", + "type": "boolean" + }, + "enabled": { + "default": false, + "description": "Whether slow query logging should be enabled", + "type": "boolean" + }, + "longQueryTime": { + "default": 10, + "description": "Long query time threshold", + "minimum": 0, + "type": "number" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "metrics": { + "description": "Configuration of a Prometheus-style metrics provider", + "properties": { + "enable": { + "default": false, + "description": "Toggle to enable or disable the metrics sidecar", + "type": "boolean" + }, + "image": { + "description": "Name of an image to be used for the metrics sidecar, if provided metrics will be enabled", + "type": "string" + }, + "monitor": { + "default": false, + "description": "Create a ServiceMonitor for Prometheus Operator", + "type": "boolean" + }, + "monitorSpec": { + "default": {}, + "description": "Custom configuration for the ServiceMonitor object", + "type": "object", + "x-kubernetes-preserve-unknown-fields": true + }, + "options": { + "description": "Options passed to the metrics provider as command line arguments", + "items": { + "type": "string" + }, + "type": "array" + }, + "tlsSecret": { + "description": "Name of a Secret with TLS certificate, key and CA, which will be mounted at /tls into the container an can be used from webConfig", + "type": "string" + }, + "webConfig": { + "description": "Name of a ConfigMap with a web.config file, if this option is provided a command line option --web.config.file is added", + "type": "string" + } + }, + "required": [ + "enable", + "image" + ], + "type": "object" + }, + "mycnf": { + "description": "Custom configuration additions for my.cnf", + "type": "string" + }, + "podAnnotations": { + "type": "object", + "x-kubernetes-preserve-unknown-fields": true + }, + "podLabels": { + "type": "object", + "x-kubernetes-preserve-unknown-fields": true + }, + "podSpec": { + "type": "object", + "x-kubernetes-preserve-unknown-fields": true + }, + "readReplicas": { + "items": { + "properties": { + "baseServerId": { + "default": 0, + "description": "Base value for MySQL server_id for instances of the readReplica, if 0 it will be assigned automatically", + "maximum": 4294967195, + "minimum": 0, + "type": "integer" + }, + "datadirVolumeClaimTemplate": { + "description": "Template for a PersistentVolumeClaim, to be used as datadir", + "type": "object", + "x-kubernetes-preserve-unknown-fields": true + }, + "instances": { + "default": 1, + "description": "Number of MySQL instances for the set of read replica", + "maximum": 999, + "minimum": 1, + "type": "integer" + }, + "mycnf": { + "description": "Custom configuration additions for my.cnf", + "type": "string" + }, + "name": { + "type": "string" + }, + "podAnnotations": { + "type": "object", + "x-kubernetes-preserve-unknown-fields": true + }, + "podLabels": { + "type": "object", + "x-kubernetes-preserve-unknown-fields": true + }, + "podSpec": { + "type": "object", + "x-kubernetes-preserve-unknown-fields": true + }, + "version": { + "description": "MySQL Server version", + "pattern": "^\\d+\\.\\d+\\.\\d+(-.+)?", + "type": "string" + } + }, + "required": [ + "name", + "baseServerId" + ], + "type": "object" + }, + "type": "array" + }, + "router": { + "description": "MySQL Router specification", + "properties": { + "bootstrapOptions": { + "description": "Command line options passed to MySQL Router while bootstrapping", + "items": { + "type": "string" + }, + "type": "array" + }, + "instances": { + "default": 1, + "description": "Number of MySQL Router instances to deploy", + "minimum": 0, + "type": "integer" + }, + "options": { + "description": "Command line options passed to MySQL Router while running", + "items": { + "type": "string" + }, + "type": "array" + }, + "podAnnotations": { + "type": "object", + "x-kubernetes-preserve-unknown-fields": true + }, + "podLabels": { + "type": "object", + "x-kubernetes-preserve-unknown-fields": true + }, + "podSpec": { + "type": "object", + "x-kubernetes-preserve-unknown-fields": true + }, + "routingOptions": { + "description": "Set routing options for the cluster", + "properties": { + "invalidated_cluster_policy": { + "enum": [ + "drop_all", + "accept_ro" + ], + "type": "string" + }, + "read_only_targets": { + "enum": [ + "all", + "read_replicas", + "secondaries" + ], + "type": "string" + }, + "stats_updates_frequency": { + "default": 0, + "minimum": 0, + "type": "integer" + } + }, + "type": "object" + }, + "tlsSecretName": { + "description": "Name of a TLS type Secret containing MySQL Router certificate and private key used for SSL", + "type": "string" + }, + "version": { + "description": "Override MySQL Router version", + "pattern": "^\\d+\\.\\d+\\.\\d+(-.+)?", + "type": "string" + } + }, + "type": "object" + }, + "secretName": { + "description": "Name of a generic type Secret containing root/default account password", + "type": "string" + }, + "service": { + "description": "Configuration of the Service used by applications connecting to the InnoDB Cluster", + "properties": { + "annotations": { + "description": "Custom annotations for the Service", + "type": "object", + "x-kubernetes-preserve-unknown-fields": true + }, + "defaultPort": { + "default": "mysql-rw", + "description": "Target for the Service's default (3306) port. If mysql-rw traffic will go to the primary and allow read and write operations, with mysql-ro traffic goes to the replica and allows only read operations, with mysql-rw-split the router's read-write-splitting will be targeted", + "enum": [ + "mysql-rw", + "mysql-ro", + "mysql-rw-split" + ], + "type": "string" + }, + "labels": { + "description": "Custom labels for the Service", + "type": "object", + "x-kubernetes-preserve-unknown-fields": true + }, + "type": { + "default": "ClusterIP", + "enum": [ + "ClusterIP", + "NodePort", + "LoadBalancer" + ], + "type": "string" + } + }, + "type": "object" + }, + "serviceAccountName": { + "type": "string" + }, + "tlsCASecretName": { + "description": "Name of a generic type Secret containing CA (ca.pem) and optional CRL (crl.pem) for SSL", + "type": "string" + }, + "tlsSecretName": { + "description": "Name of a TLS type Secret containing Server certificate and private key for SSL", + "type": "string" + }, + "tlsUseSelfSigned": { + "default": false, + "description": "Enables use of self-signed TLS certificates, reducing or disabling TLS based security verifications", + "type": "boolean" + }, + "version": { + "description": "MySQL Server version", + "pattern": "^\\d+\\.\\d+\\.\\d+(-.+)?", + "type": "string" + } + }, + "required": [ + "secretName" + ], + "type": "object" + }, + "status": { + "type": "object", + "x-kubernetes-preserve-unknown-fields": true + } + }, + "required": [ + "spec" + ], + "type": "object" + } + }, + "served": true, + "storage": true, + "subresources": { + "status": {} + } + } + ] + }, + "status": { + "acceptedNames": { + "kind": "InnoDBCluster", + "listKind": "InnoDBClusterList", + "plural": "innodbclusters", + "shortNames": [ + "ic", + "ics" + ], + "singular": "innodbcluster" + }, + "conditions": [ + { + "lastTransitionTime": "2024-03-10T01:22:54Z", + "message": "no conflicts found", + "reason": "NoConflicts", + "status": "True", + "type": "NamesAccepted" + }, + { + "lastTransitionTime": "2024-03-10T01:22:54Z", + "message": "the initial names have been accepted", + "reason": "InitialNamesAccepted", + "status": "True", + "type": "Established" + } + ], + "storedVersions": [ + "v2" + ] + } + }, + "group": "mysql.oracle.com", + "plural": "innodbclusters", + "version": "v2" + }, + "learnrun_time": 426.91398000717163, + "namespace": "mysql-operator", + "preload_images": [ + "container-registry.oracle.com/mysql/community-operator:8.3.0-2.1.2", + "container-registry.oracle.com/mysql/community-server:8.3.0", + "container-registry.oracle.com/mysql/community-router:8.3.0" + ], + "static_analysis_time": 8.106231689453125e-06 +} \ No newline at end of file diff --git a/data/mysql_mysql-operator/deploy-crds.yaml b/data/mysql_mysql-operator/deploy-crds.yaml new file mode 100644 index 0000000000..d25b1bdad1 --- /dev/null +++ b/data/mysql_mysql-operator/deploy-crds.yaml @@ -0,0 +1,1095 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: innodbclusters.mysql.oracle.com +spec: + group: mysql.oracle.com + versions: + - name: v2 + served: true + storage: true + schema: + openAPIV3Schema: + type: object + required: ["spec"] + properties: + metadata: + type: object + properties: + name: + type: string + maxLength: 40 + spec: + type: object + required: ["secretName"] + properties: + secretName: + type: string + description: "Name of a generic type Secret containing root/default account password" + tlsCASecretName: + type: string + description: "Name of a generic type Secret containing CA (ca.pem) and optional CRL (crl.pem) for SSL" + tlsSecretName: + type: string + description: "Name of a TLS type Secret containing Server certificate and private key for SSL" + tlsUseSelfSigned: + type: boolean + default: false + description: "Enables use of self-signed TLS certificates, reducing or disabling TLS based security verifications" + version: + type: string + pattern: '^\d+\.\d+\.\d+(-.+)?' + description: "MySQL Server version" + edition: + type: string + pattern: "^(community|enterprise)$" + description: "MySQL Server Edition (community or enterprise)" + imageRepository: + type: string + description: "Repository where images are pulled from; defaults to container-registry.oracle.com/mysql" + imagePullPolicy: + type: string + description: "Defaults to Always, but set to IfNotPresent in deploy-operator.yaml when deploying Operator" + imagePullSecrets: + type: array + items: + type: object + properties: + name: + type: string + serviceAccountName: + type: string + baseServerId: + type: integer + minimum: 0 + maximum: 4294967195 + default: 1000 + description: "Base value for MySQL server_id for instances in the cluster" + datadirVolumeClaimTemplate: + type: object + x-kubernetes-preserve-unknown-fields: true + description: "Template for a PersistentVolumeClaim, to be used as datadir" + mycnf: + type: string + description: "Custom configuration additions for my.cnf" + instances: + type: integer + minimum: 1 + maximum: 9 + default: 1 + description: "Number of MySQL replica instances for the cluster" + podSpec: + type: object + x-kubernetes-preserve-unknown-fields: true + podAnnotations: + type: object + x-kubernetes-preserve-unknown-fields: true + podLabels: + type: object + x-kubernetes-preserve-unknown-fields: true + keyring: + type: object + description: "Keyring specification" + properties: + file: + type: object + description: "Keyring 'File' specification" + required: ["storage"] + properties: + fileName: + type: string + default: "mysql_keyring" + description: "Path to the keyring file name inside the storage volume (will be prefixed by mount path)" + readOnly: + type: boolean + default: false + description: "Whether to open the keyring file in read-only mode" + storage: + type: object + description : "Specification of the volume to be mounted where the keyring file resides" + x-kubernetes-preserve-unknown-fields: true + encryptedFile: + type: object + description: "Keyring 'Encrypted File' specification" + required: ["storage", "password"] + properties: + fileName: + type: string + default: "mysql_keyring" + description: "Path to the keyring file name inside the storage volume (will be prefixed by mount path)" + readOnly: + type: boolean + default: false + description: "Whether to open the keyring file in read-only mode" + password: + type: string + description: "Name of a secret that contains password for the keyring in the key 'keyring_password'" + storage: + type: object + description : "Specification of the volume to be mounted where the keyring file resides" + x-kubernetes-preserve-unknown-fields: true + oci: + type: object + description: "Keyring 'OCI' specification" + required: ["user", "keySecret", "keyFingerprint", "tenancy"] + properties: + user: + type: string + description: "User identifier in the form of ocid1.user.oc1..." + pattern: '^ocid1\.user\.' + keySecret: + type: string + description: "A secret that contains the private key under the field 'privatekey'" + keyFingerprint: + type: string + description: "Private key fingerprint" + pattern: '([0-9a-f]{2}:){15}[0-9a-f]{2}$' + tenancy: + type: string + description: "Tenancy identifier in the form ocid1.tenancy.oc1..." + pattern: '^ocid1\.tenancy\.' + compartment: + type: string + description: "Compartment identifier in the form ocid1.compartment.oc1..." + pattern: '^ocid1\.compartment\.' + virtualVault: + type: string + description: "Vault identifier in the form ocid1.vault.oc1..." + pattern: '^ocid1\.vault\.' + masterKey: + type: string + description: "Master key identified in the form ocid1.key.oc1..." + pattern: '^ocid1\.key\.' + endpoints: + type: object + description: "" + properties: + encryption: + type: string + description: "Encryption endpoint URI like {identifier}-crypto.kms.{region}.oraclecloud.com" + management: + type: string + description: "Management endpoint URI like {identifier}-management.kms.{region}.oraclecloud.com" + vaults: + type: string + description: "Vaults endpoint URI like vaults.{region}.oci.oraclecloud.com" + secrets: + type: string + description: "Secrets endpoint URI like secrets.vaults.{region}.oci.oraclecloud.com" + caCertificate: + type: string + description: "Secret that contains ca.crt field with CA certificate bundle file that the keyring_oci plugin uses for Oracle Cloud Infrastructure certificate verification" + initDB: + type: object + properties: + clone: + type: object + required: ["donorUrl", "secretKeyRef"] + properties: + donorUrl: + type: string + description: "URL of the cluster to clone from" + rootUser: + type: string + default: "root" + description: "User name used for cloning" + secretKeyRef: + type: object + required: ["name"] + properties: + name: + type: string + description: "Secret name with key 'rootPassword' storing the password for the user specified in rootUser" + dump: + type: object + required: ["storage"] + properties: + name: + type: string + description: "Name of the dump. Not used by the operator, but a descriptive hint for the cluster administrator" + path: + type: string + description: "Path to the dump in the PVC. Use when specifying persistentVolumeClaim. Omit for ociObjectStorage, S3, or azure." + options: + type: object + description: "A dictionary of key-value pairs passed directly to MySQL Shell's loadDump()" + x-kubernetes-preserve-unknown-fields: true + storage: + type: object + properties: + ociObjectStorage: + type: object + required: ["bucketName", "prefix", "credentials"] + properties: + bucketName: + type: string + description: "Name of the OCI bucket where the dump is stored" + prefix: + type: string + description: "Path in the bucket where the dump files are stored" + credentials: + type: string + description: "Name of a Secret with data for accessing the bucket" + s3: + type: object + required: ["bucketName", "prefix", "config"] + properties: + bucketName: + type: string + description: "Name of the S3 bucket where the dump is stored" + prefix: + type: string + description: "Path in the bucket where the dump files are stored" + config: + type: string + description: "Name of a Secret with S3 configuration and credentials" + profile: + type: string + default: "" + description: "Profile being used in configuration files" + endpoint: + type: string + description: "Override endpoint URL" + azure: + type: object + required: ["containerName", "prefix", "config"] + properties: + containerName: + type: string + description: "Name of the Azure BLOB Storage container where the dump is stored" + prefix: + type: string + description: "Path in the container where the dump files are stored" + config: + type: string + description: "Name of a Secret with Azure BLOB Storage configuration and credentials" + persistentVolumeClaim: + type: object + description : "Specification of the PVC to be used. Used 'as is' in the cloning pod." + x-kubernetes-preserve-unknown-fields: true + x-kubernetes-preserve-unknown-fields: true + x-kubernetes-preserve-unknown-fields: true + router: + type: object + description: "MySQL Router specification" + properties: + instances: + type: integer + minimum: 0 + default: 1 + description: "Number of MySQL Router instances to deploy" + tlsSecretName: + type: string + description: "Name of a TLS type Secret containing MySQL Router certificate and private key used for SSL" + version: + type: string + pattern: '^\d+\.\d+\.\d+(-.+)?' + description: "Override MySQL Router version" + podSpec: + type: object + x-kubernetes-preserve-unknown-fields: true + podAnnotations: + type: object + x-kubernetes-preserve-unknown-fields: true + podLabels: + type: object + x-kubernetes-preserve-unknown-fields: true + bootstrapOptions: + description: "Command line options passed to MySQL Router while bootstrapping" + type: array + items: + type: string + options: + description: "Command line options passed to MySQL Router while running" + type: array + items: + type: string + routingOptions: + description: "Set routing options for the cluster" + type: object + properties: + # naming pattern follows Shell's naming documented at + # https://dev.mysql.com/doc/mysql-shell/8.1/en/innodb-clusterset-router-setroutingoption.html + # ClusterSet-related options and tags currently not supported + invalidated_cluster_policy: + type: string + enum: ["drop_all", "accept_ro"] + stats_updates_frequency: + type: integer + default: 0 + minimum: 0 + read_only_targets: + type: string + enum: ["all", "read_replicas", "secondaries"] + service: + type: object + description: "Configuration of the Service used by applications connecting to the InnoDB Cluster" + properties: + type: + type: string + enum: ["ClusterIP", "NodePort", "LoadBalancer"] + default: ClusterIP + annotations: + type: object + description: "Custom annotations for the Service" + x-kubernetes-preserve-unknown-fields: true + labels: + type: object + description: "Custom labels for the Service" + x-kubernetes-preserve-unknown-fields: true + defaultPort: + type: string + description: "Target for the Service's default (3306) port. If mysql-rw traffic will go to the primary and allow read and write operations, with mysql-ro traffic goes to the replica and allows only read operations, with mysql-rw-split the router's read-write-splitting will be targeted" + enum: ["mysql-rw", "mysql-ro", "mysql-rw-split"] + default: "mysql-rw" + + metrics: + type: object + description: "Configuration of a Prometheus-style metrics provider" + required: ["enable", "image"] + properties: + enable: + type: boolean + default: false + description: "Toggle to enable or disable the metrics sidecar" + image: + type: string + description: "Name of an image to be used for the metrics sidecar, if provided metrics will be enabled" + options: + type: array + description: "Options passed to the metrics provider as command line arguments" + items: + type: string + webConfig: + type: string + description: "Name of a ConfigMap with a web.config file, if this option is provided a command line option --web.config.file is added" + tlsSecret: + type: string + description: "Name of a Secret with TLS certificate, key and CA, which will be mounted at /tls into the container an can be used from webConfig" + monitor: + type: boolean + description: "Create a ServiceMonitor for Prometheus Operator" + default: false + monitorSpec: + type: object + x-kubernetes-preserve-unknown-fields: true + description: "Custom configuration for the ServiceMonitor object" + default: {} + + # These are only supported for development purpose: + #dbUser: + # type: object + # description: "MySQL user accoutn to be used for collecting metrics" + # properties: + # name: + # type: string + # description: "The account name, host part will always be localhost" + # default: mysqlmetrics + # grants: + # type: array + # description: "GRANTs given to the account" + # default: [ 'PROCESS', 'REPLICATION CLIENT', 'SELECT' ] + # items: + # type: string + # maxConnections: + # type: integer + # default: 3 + # description: "Maximum number of connections" + + backupProfiles: + type: array + description: "Backup profile specifications for the cluster, which can be referenced from backup schedules and one-off backup jobs" + items: + type: object + required: ["name"] + properties: + name: + type: string + description: "Embedded backup profile, referenced as backupProfileName elsewhere" + podAnnotations: + type: object + x-kubernetes-preserve-unknown-fields: true + podLabels: + type: object + x-kubernetes-preserve-unknown-fields: true + dumpInstance: + type: object + properties: + dumpOptions: + type: object + description: "A dictionary of key-value pairs passed directly to MySQL Shell's DumpInstance()" + x-kubernetes-preserve-unknown-fields: true + storage: + type: object + properties: + ociObjectStorage: + type: object + required: ["bucketName", "credentials"] + properties: + bucketName: + type: string + description: "Name of the OCI bucket where backup is stored" + prefix: + type: string + description: "Path in bucket where backup is stored" + credentials: + type: string + description: "Name of a Secret with data for accessing the bucket" + s3: + type: object + required: ["bucketName", "config"] + properties: + bucketName: + type: string + description: "Name of the S3 bucket where the dump is stored" + prefix: + type: string + description: "Path in the bucket where the dump files are stored" + config: + type: string + description: "Name of a Secret with S3 configuration and credentials" + profile: + type: string + default: "" + description: "Profile being used in configuration files" + endpoint: + type: string + description: "Override endpoint URL" + azure: + type: object + required: ["containerName", "config"] + properties: + containerName: + type: string + description: "Name of the Azure BLOB Storage container where the dump is stored" + prefix: + type: string + description: "Path in the container where the dump files are stored" + config: + type: string + description: "Name of a Secret with Azure BLOB Storage configuration and credentials" + persistentVolumeClaim: + type: object + description : "Specification of the PVC to be used. Used 'as is' in pod executing the backup." + x-kubernetes-preserve-unknown-fields: true + x-kubernetes-preserve-unknown-fields: true + snapshot: + type: object + properties: + storage: + type: object + properties: + ociObjectStorage: + type: object + required: ["bucketName", "credentials"] + properties: + bucketName: + type: string + description: "Bucket name where backup is stored" + prefix: + type: string + description: "Path in bucket where backup is stored" + credentials: + type: string + description: "Name of a Secret with data for accessing the bucket" + s3: + type: object + required: ["bucketName", "config"] + properties: + bucketName: + type: string + description: "Name of the S3 bucket where the dump is stored" + prefix: + type: string + description: "Path in the bucket where the dump files are stored" + config: + type: string + description: "Name of a Secret with S3 configuration and credentials" + profile: + type: string + default: "" + description: "Profile being used in configuration files" + endpoint: + type: string + description: "Override endpoint URL" + azure: + type: object + required: ["containerName", "config"] + properties: + containerName: + type: string + description: "Name of the Azure BLOB Storage container where the dump is stored" + prefix: + type: string + description: "Path in the container where the dump files are stored" + config: + type: string + description: "Name of a Secret with Azure BLOB Storage configuration and credentials" + persistentVolumeClaim: + type: object + description : "Specification of the PVC to be used. Used 'as is' in pod executing the backup." + x-kubernetes-preserve-unknown-fields: true + x-kubernetes-preserve-unknown-fields: true + x-kubernetes-preserve-unknown-fields: true + backupSchedules: + type: array + description: "Schedules for periodically executed backups" + items: + type: object + required: ["name", "schedule"] + x-kubernetes-preserve-unknown-fields: true + properties: + name: + type: string + description: "Name of the backup schedule" + schedule: + type: string + description: "The schedule of the job, syntax as a cron expression" + backupProfileName: + type: string + description: "Name of the backupProfile to be used" + backupProfile: + type: object + description: "backupProfile specification if backupProfileName is not specified" + x-kubernetes-preserve-unknown-fields: true + properties: + podAnnotations: + type: object + x-kubernetes-preserve-unknown-fields: true + podLabels: + type: object + x-kubernetes-preserve-unknown-fields: true + dumpInstance: + type: object + properties: + dumpOptions: + type: object + description: "A dictionary of key-value pairs passed directly to MySQL Shell's DumpInstance()" + x-kubernetes-preserve-unknown-fields: true + storage: + type: object + properties: + ociObjectStorage: + type: object + required: ["bucketName", "credentials"] + properties: + bucketName: + type: string + description: "Name of the OCI Bucket where backup is stored" + prefix: + type: string + description: "Path in bucket where backup is stored" + credentials: + type: string + description: "Name of a Secret with data for accessing the bucket" + s3: + type: object + required: ["bucketName", "config"] + properties: + bucketName: + type: string + description: "Name of the S3 bucket where the dump is stored" + prefix: + type: string + description: "Path in the bucket where the dump files are stored" + config: + type: string + description: "Name of a Secret with S3 configuration and credentials" + profile: + type: string + default: "" + description: "Profile being used in configuration files" + endpoint: + type: string + description: "Override endpoint URL" + azure: + type: object + required: ["containerName", "config"] + properties: + containerName: + type: string + description: "Name of the Azure BLOB Storage container where the dump is stored" + prefix: + type: string + description: "Path in the container where the dump files are stored" + config: + type: string + description: "Name of a Secret with Azure BLOB Storage configuration and credentials" + persistentVolumeClaim: + type: object + description : "Specification of the PVC to be used. Used 'as is' in pod executing the backup." + x-kubernetes-preserve-unknown-fields: true + x-kubernetes-preserve-unknown-fields: true + deleteBackupData: + type: boolean + default: false + description: "Whether to delete the backup data in case the MySQLBackup object created by the job is deleted" + enabled: + type: boolean + default: true + description: "Whether the schedule is enabled or not" + timeZone: + type: string + description: "Timezone for the backup schedule, example: 'America/New_York'" + logs: + type: object + properties: + general: + type: object + properties: + enabled: + type: boolean + default: false + description: "Whether general logging should be enabled" + collect: + type: boolean + default: false + description: "Whether general logging data should be collected. Implies that the logging should be enabled." + error: + type: object + properties: + collect: + type: boolean + default: false + description: "Whether error logging data should be collected. Implies that the logging should be enabled. If enabled the error log will be switched to JSON format output" + verbosity: + type: integer + default: 3 + minimum: 1 + maximum: 3 + description: "Log error verbosity. For details, see the MySQL Server --log-error-verbosity documentation." + slowQuery: + type: object + properties: + enabled: + type: boolean + default: false + description: "Whether slow query logging should be enabled" + longQueryTime: + type: number + minimum: 0 + default: 10 + description: "Long query time threshold" + collect: + type: boolean + default: false + description: "Whether slow query logging data should be collected. Implies that the logging should be enabled." + collector: + type: object + oneOf: + - required: ["image", "fluentd"] + properties: + image: + type: string + description: "Name of an image, including registry and repository, to be used for the log collector sidecar. If provided it needs to be an image for the configured collector type." + containerName: + type: string + default: "logcollector" + description: "Name of the collector container sidecar" + env: + type: array + items: + type: object + description: "Environment variables to be passed to the image. Definition will be directly copied like podSpec fields are" + x-kubernetes-preserve-unknown-fields: true + fluentd: + type: object + description: "Properties of the fluentd log collector" + oneOf: + - required: ["sinks"] + properties: + generalLog: + type: object + properties: + tag: + type: string + default: "" + description: "Tag for the general log records" + options: + type: object + description: "fluentd specific options for the general log" + x-kubernetes-preserve-unknown-fields: true + errorLog: + type: object + properties: + tag: + type: string + default: "" + description: "Tag for the error log records" + options: + type: object + description: "fluentd specific options for the error log" + x-kubernetes-preserve-unknown-fields: true + slowQueryLog: + type: object + properties: + tag: + type: string + default: "" + description: "Tag for the slow log records" + options: + type: object + description: "fluentd specific options for the slow log" + x-kubernetes-preserve-unknown-fields: true + recordAugmentation: + type: object + properties: + enabled: + type: boolean + default: false + description: "Whether to enable record augmentation with additional data" + labels: + type: array + items: + type: object + required: ["fieldName", "labelName"] + properties: + fieldName: + type: string + description: "Name of the field added to the log record with value from labelName" + labelName: + type: string + description: "Name of the pod label that holds the value to be stored under fieldName in the log record" + annotations: + type: array + items: + type: object + required: ["fieldName", "annotationName"] + properties: + fieldName: + type: string + description: "Name of the field added to the log record with value from annotationName" + annotationName: + type: string + description: "Name of the pod label that holds the value to be stored under fieldName in the log record" + staticFields: + type: array + items: + type: object + required: ["fieldName", "fieldValue"] + properties: + fieldName: + type: string + description: "Name of the field added to the log record with value from fieldValue" + fieldValue: + type: string + description: "Value for the static field with name taken from fieldName" + podFields: + type: array + items: + type: object + required: ["fieldName", "fieldPath"] + properties: + fieldName: + type: string + description: "Name of the field added to the log record with value taken from a field with path stored in fieldPath" + fieldPath: + type: string + description: "Value for the field fieldName. The path should be of the same syntax as the one used for mounting environment variables from field reference - valueFrom.fieldRef.fieldPath . The field will be mounted in the pod as a environment variable, prefixed with a prefix and used then added to the log record. Examples for fieldRef are : spec.nodeName, metadata.namespace, status.podIP, etc." + resourceFields: + type: array + items: + type: object + required: ["fieldName", "containerName", "resource"] + properties: + fieldName: + type: string + description: "Name of the field added to the log record with value taken from a field with path stored in fieldPath" + containerName: + type: string + resource: + type: string + description: "See https://kubernetes.io/docs/tasks/inject-data-application/environment-variable-expose-pod-information/#use-container-fields-as-values-for-environment-variables" + additionalFilterConfiguration: + type: string + description: "Raw configuration of additional Fluentd filters to be added to the configuration file" + sinks: + type: array + items: + type: object + required: ["name", "rawConfig"] + x-kubernetes-preserve-unknown-fields: true + properties: + name: + type: string + description: "Name of the sink. Used only for documentation purposes" + rawConfig: + type: "string" + description: "Raw configuration of the sink" + + readReplicas: + type: array + items: + type: object + required: ["name", "baseServerId"] + properties: + name: + type: string + version: + type: string + pattern: '^\d+\.\d+\.\d+(-.+)?' + description: "MySQL Server version" + baseServerId: + type: integer + minimum: 0 + maximum: 4294967195 + default: 0 + description: "Base value for MySQL server_id for instances of the readReplica, if 0 it will be assigned automatically" + datadirVolumeClaimTemplate: + type: object + x-kubernetes-preserve-unknown-fields: true + description: "Template for a PersistentVolumeClaim, to be used as datadir" + mycnf: + type: string + description: "Custom configuration additions for my.cnf" + instances: + type: integer + minimum: 1 + maximum: 999 + default: 1 + description: "Number of MySQL instances for the set of read replica" + podSpec: + type: object + x-kubernetes-preserve-unknown-fields: true + podAnnotations: + type: object + x-kubernetes-preserve-unknown-fields: true + podLabels: + type: object + x-kubernetes-preserve-unknown-fields: true + status: + type: object + x-kubernetes-preserve-unknown-fields: true + subresources: + status: {} + additionalPrinterColumns: + - name: Status + type: string + description: Status of the InnoDB Cluster + jsonPath: .status.cluster.status + - name: Online + type: integer + description: Number of ONLINE InnoDB Cluster instances + jsonPath: .status.cluster.onlineInstances + - name: Instances + type: integer + description: Number of InnoDB Cluster instances configured + jsonPath: .spec.instances + - name: Routers + type: integer + description: Number of Router instances configured for the InnoDB Cluster + jsonPath: .spec.router.instances + - name: Age + type: date + jsonPath: .metadata.creationTimestamp + scope: Namespaced + names: + kind: InnoDBCluster + listKind: InnoDBClusterList + singular: innodbcluster + plural: innodbclusters + shortNames: + - ic + - ics +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: mysqlbackups.mysql.oracle.com +spec: + group: mysql.oracle.com + scope: Namespaced + names: + kind: MySQLBackup + listKind: MySQLBackupList + singular: mysqlbackup + plural: mysqlbackups + shortNames: + - mbk + versions: + - name: v2 + served: true + storage: true + schema: + openAPIV3Schema: + type: object + properties: + spec: + type: object + required: ["clusterName"] + properties: + clusterName: + type: string + backupProfileName: + type: string + backupProfile: + type: object + description: "backupProfile specification if backupProfileName is not specified" + x-kubernetes-preserve-unknown-fields: true + properties: + podAnnotations: + type: object + x-kubernetes-preserve-unknown-fields: true + podLabels: + type: object + x-kubernetes-preserve-unknown-fields: true + dumpInstance: + type: object + properties: + dumpOptions: + type: object + description: "A dictionary of key-value pairs passed directly to MySQL Shell's DumpInstance()" + x-kubernetes-preserve-unknown-fields: true + storage: + type: object + properties: + ociObjectStorage: + type: object + required: ["bucketName", "credentials"] + properties: + bucketName: + type: string + description: "Name of the OCI bucket where backup is stored" + prefix: + type: string + description: "Path in bucket where backup is stored" + credentials: + type: string + description: "Name of a Secret with data for accessing the bucket" + s3: + type: object + required: ["bucketName", "config"] + properties: + bucketName: + type: string + description: "Name of the S3 bucket where the dump is stored" + prefix: + type: string + description: "Path in the bucket where the dump files are stored" + config: + type: string + description: "Name of a Secret with S3 configuration and credentials" + profile: + type: string + default: "" + description: "Profile being used in configuration files" + endpoint: + type: string + description: "Override endpoint URL" + azure: + type: object + required: ["containerName", "config"] + properties: + containerName: + type: string + description: "Name of the Azure BLOB Storage container where the dump is stored" + prefix: + type: string + description: "Path in the container where the dump files are stored" + config: + type: string + description: "Name of a Secret with Azure BLOB Storage configuration and credentials" + persistentVolumeClaim: + type: object + description : "Specification of the PVC to be used. Used 'as is' in pod executing the backup." + x-kubernetes-preserve-unknown-fields: true + x-kubernetes-preserve-unknown-fields: true + addTimestampToBackupDirectory: + type: boolean + default: true + deleteBackupData: + type: boolean + default: false + status: + type: object + properties: + status: + type: string + startTime: + type: string + completionTime: + type: string + elapsedTime: + type: string + output: + type: string + method: + type: string + source: + type: string + bucket: + type: string + ociTenancy: + type: string + container: + type: string + spaceAvailable: + type: string + size: + type: string + message: + type: string + subresources: + status: {} + additionalPrinterColumns: + - name: Cluster + type: string + description: Name of the target cluster + jsonPath: .spec.clusterName + - name: Status + type: string + description: Status of the Backup + jsonPath: .status.status + - name: Output + type: string + description: Name of the produced file/directory + jsonPath: .status.output + - name: Age + type: date + jsonPath: .metadata.creationTimestamp +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: clusterkopfpeerings.zalando.org +spec: + scope: Cluster + group: zalando.org + names: + kind: ClusterKopfPeering + plural: clusterkopfpeerings + singular: clusterkopfpeering + versions: + - name: v1 + served: true + storage: true + schema: + openAPIV3Schema: + type: object + properties: + status: + type: object + x-kubernetes-preserve-unknown-fields: true +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: kopfpeerings.zalando.org +spec: + scope: Namespaced + group: zalando.org + names: + kind: KopfPeering + plural: kopfpeerings + singular: kopfpeering + versions: + - name: v1 + served: true + storage: true + schema: + openAPIV3Schema: + type: object + properties: + status: + type: object + x-kubernetes-preserve-unknown-fields: true diff --git a/data/mysql_mysql-operator/deploy-operator.yaml b/data/mysql_mysql-operator/deploy-operator.yaml new file mode 100644 index 0000000000..51ac92910e --- /dev/null +++ b/data/mysql_mysql-operator/deploy-operator.yaml @@ -0,0 +1,199 @@ +# The main role for the operator +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: mysql-operator +rules: + - apiGroups: [""] + resources: ["pods"] + verbs: ["get", "list", "watch", "patch"] + - apiGroups: [""] + resources: ["pods/status"] + verbs: ["get", "patch", "update", "watch"] + # Kopf needs patch on secrets or the sidecar will throw + # The operator needs this verb to be able to pass it to the sidecar + - apiGroups: [""] + resources: ["secrets"] + verbs: ["get", "create", "list", "watch", "patch"] + - apiGroups: [""] + resources: ["configmaps"] + verbs: ["get", "create", "update", "list", "watch", "patch", "delete"] + - apiGroups: [""] + resources: ["services"] + verbs: ["get", "create", "list", "update", "delete", "patch"] + - apiGroups: [""] + resources: ["serviceaccounts"] + verbs: ["get", "create", "patch"] + - apiGroups: [""] + resources: ["events"] + verbs: ["create", "patch", "update"] + - apiGroups: ["rbac.authorization.k8s.io"] + resources: ["rolebindings"] + verbs: ["get", "create"] + - apiGroups: ["policy"] + resources: ["poddisruptionbudgets"] + verbs: ["get", "create"] + - apiGroups: ["batch"] + resources: ["jobs"] + verbs: ["create"] + - apiGroups: ["batch"] + resources: ["cronjobs"] + verbs: ["get", "create", "update", "delete"] + - apiGroups: ["apps"] + resources: ["deployments", "statefulsets"] + verbs: ["get", "create", "patch", "update", "watch", "delete"] + - apiGroups: ["mysql.oracle.com"] + resources: ["*"] + verbs: ["*"] + - apiGroups: ["zalando.org"] + resources: ["*"] + verbs: ["get", "patch", "list", "watch"] + # Kopf: runtime observation of namespaces & CRDs (addition/deletion). + - apiGroups: [apiextensions.k8s.io] + resources: [customresourcedefinitions] + verbs: [list, watch] + - apiGroups: [""] + resources: [namespaces] + verbs: [list, watch] + - apiGroups: ["monitoring.coreos.com"] + resources: ["servicemonitors"] + verbs: ["get", "create", "patch", "update", "delete"] +--- +# role for the server sidecar +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: mysql-sidecar +rules: + - apiGroups: [""] + resources: ["pods"] + verbs: ["get", "list", "watch", "patch"] + - apiGroups: [""] + resources: ["pods/status"] + verbs: ["get", "patch", "update", "watch"] + # Kopf needs patch on secrets or the sidecar will throw + - apiGroups: [""] + resources: ["secrets"] + verbs: ["get", "create", "list", "watch", "patch"] + - apiGroups: [""] + resources: ["configmaps"] + verbs: ["get", "create", "list", "watch", "patch"] + - apiGroups: [""] + resources: ["services"] + verbs: ["get", "create", "list", "update"] + - apiGroups: [""] + resources: ["serviceaccounts"] + verbs: ["get", "create"] + - apiGroups: [""] + resources: ["events"] + verbs: ["create", "patch", "update"] + - apiGroups: ["apps"] + resources: ["deployments"] + verbs: ["get", "patch"] + - apiGroups: ["mysql.oracle.com"] + resources: ["innodbclusters"] + verbs: ["get", "watch", "list"] + - apiGroups: ["mysql.oracle.com"] + resources: ["mysqlbackups"] + verbs: ["create", "get", "list", "patch", "update", "watch", "delete"] + - apiGroups: ["mysql.oracle.com"] + resources: ["mysqlbackups/status"] + verbs: ["get", "patch", "update", "watch"] +--- +# Give access to the operator +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: mysql-operator-rolebinding +subjects: + - kind: ServiceAccount + name: mysql-operator-sa + namespace: mysql-operator + # TODO The following entry is for dev purposes only + #- kind: Group + # name: system:serviceaccounts + # apiGroup: rbac.authorization.k8s.io +roleRef: + kind: ClusterRole + name: mysql-operator + apiGroup: rbac.authorization.k8s.io +--- +apiVersion: zalando.org/v1 +kind: ClusterKopfPeering +metadata: + name: mysql-operator +--- +apiVersion: v1 +kind: Namespace +metadata: + name: mysql-operator +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: mysql-operator-sa + namespace: mysql-operator +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: mysql-operator + namespace: mysql-operator + labels: + version: "1.0" + app.kubernetes.io/name: mysql-operator + app.kubernetes.io/instance: mysql-operator + app.kubernetes.io/version: 8.3.0-2.1.2 + app.kubernetes.io/component: controller + app.kubernetes.io/managed-by: mysql-operator + app.kubernetes.io/created-by: mysql-operator +spec: + replicas: 1 + selector: + matchLabels: + name: mysql-operator + template: + metadata: + labels: + name: mysql-operator + spec: + containers: + - name: mysql-operator + image: container-registry.oracle.com/mysql/community-operator:8.3.0-2.1.2 + imagePullPolicy: IfNotPresent + args: + [ + "mysqlsh", + "--log-level=@INFO", + "--pym", + "mysqloperator", + "operator", + ] + env: + - name: MYSQLSH_USER_CONFIG_HOME + value: /mysqlsh + - name: MYSQLSH_CREDENTIAL_STORE_SAVE_PASSWORDS + value: never + readinessProbe: + exec: + command: + - cat + - /tmp/mysql-operator-ready + initialDelaySeconds: 1 + periodSeconds: 3 + volumeMounts: + - name: mysqlsh-home + mountPath: /mysqlsh + - name: tmpdir + mountPath: /tmp + securityContext: + runAsUser: 2 + allowPrivilegeEscalation: false + privileged: false + readOnlyRootFilesystem: true + volumes: + - name: mysqlsh-home + emptyDir: {} + - name: tmpdir + emptyDir: {} + serviceAccountName: mysql-operator-sa diff --git a/data/mysql_mysql-operator/mysql-operator-config.json b/data/mysql_mysql-operator/mysql-operator-config.json new file mode 100644 index 0000000000..9408b0460f --- /dev/null +++ b/data/mysql_mysql-operator/mysql-operator-config.json @@ -0,0 +1,36 @@ +{ + "deploy": { + "steps": [ + { + "apply": { + "file": "data/mysql_mysql-operator/deploy-crds.yaml", + "namespace": "default" + } + }, + { + "wait": { + "duration": 10 + } + }, + { + "apply": { + "file": "data/mysql_mysql-operator/deploy-operator.yaml", + "operator": true + } + }, + { + "wait": { + "duration": 10 + } + }, + { + "apply": { + "file": "data/mysql_mysql-operator/secret.yaml", + "operator": true + } + } + ] + }, + "crd_name": "innodbclusters.mysql.oracle.com", + "seed_custom_resource": "data/mysql_mysql-operator/cr.yaml" +} \ No newline at end of file diff --git a/data/mysql_mysql-operator/mysql-operator-cr.yaml b/data/mysql_mysql-operator/mysql-operator-cr.yaml new file mode 100644 index 0000000000..5f51680aea --- /dev/null +++ b/data/mysql_mysql-operator/mysql-operator-cr.yaml @@ -0,0 +1,23 @@ +# Copyright (c) 2020, 2022, Oracle and/or its affiliates. +# +# Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl/ +# +# This sample creates a simple InnoDB Cluster with help from the MySQL Operator. +# This yields: +# 3 MySQL Server Pods; one primary and two secondaries +# 1 MySQL Router Pod +# It uses self-signed TLS certificates. +# It requires a deployed Operator (e.g., deploy/deploy-operator.yaml), +# and requires root user credentials provided by a Kubernetes Secret; +# the Secret is named mypwds in this case (e.g., sample-secret.yaml) +# +apiVersion: mysql.oracle.com/v2 +kind: InnoDBCluster +metadata: + name: test-cluster +spec: + secretName: mypwds + instances: 3 + router: + instances: 1 + tlsUseSelfSigned: true diff --git a/data/mysql_mysql-operator/secret.yaml b/data/mysql_mysql-operator/secret.yaml new file mode 100644 index 0000000000..20c7663784 --- /dev/null +++ b/data/mysql_mysql-operator/secret.yaml @@ -0,0 +1,19 @@ +# Copyright (c) 2020, 2022, Oracle and/or its affiliates. +# +# Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl/ +# +# This sample adds a Secret to reference from an InnoDBCluster manifest. +# It's used to create a privileged MySQL user, a user used by a sysadmin to manage the cluster. +# Although typically named "root", it can be a different name. +# Note: MySQL Operator creates additional (internal) Secrets and MySQL users. +# +# This file requires editing before deployment; other samples here reference the name 'mypwds' +# +apiVersion: v1 +kind: Secret +metadata: + name: mypwds +stringData: + rootUser: root + rootHost: '%' + rootPassword: password From 8812483d04ee761269f7754e84ca13d88491a88e Mon Sep 17 00:00:00 2001 From: lhan0123 <125820059+lhan0123@users.noreply.github.com> Date: Sun, 17 Mar 2024 15:39:27 -0500 Subject: [PATCH 35/38] Add porting config for knative (#354) * port knative configs * update path in config.json --- .../context.json | 2345 +++++++++ .../knative-config.json | 14 + .../knative-cr.yaml | 16 + .../operator.yaml | 4642 +++++++++++++++++ 4 files changed, 7017 insertions(+) create mode 100644 data/knative_knative-operator-serving/context.json create mode 100644 data/knative_knative-operator-serving/knative-config.json create mode 100644 data/knative_knative-operator-serving/knative-cr.yaml create mode 100644 data/knative_knative-operator-serving/operator.yaml diff --git a/data/knative_knative-operator-serving/context.json b/data/knative_knative-operator-serving/context.json new file mode 100644 index 0000000000..38f5401be6 --- /dev/null +++ b/data/knative_knative-operator-serving/context.json @@ -0,0 +1,2345 @@ +{ + "crd": { + "body": { + "apiVersion": "apiextensions.k8s.io/v1", + "kind": "CustomResourceDefinition", + "metadata": { + "creationTimestamp": "2024-02-20T19:17:52Z", + "generation": 2, + "labels": { + "app.kubernetes.io/name": "knative-operator", + "app.kubernetes.io/version": "1.12.3" + }, + "name": "knativeservings.operator.knative.dev", + "resourceVersion": "731", + "uid": "f07395f8-9c93-4b79-9736-51de85628734" + }, + "spec": { + "conversion": { + "strategy": "Webhook", + "webhook": { + "clientConfig": { + "caBundle": "LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUNYRENDQWdPZ0F3SUJBZ0lSQUxXbzBWTkNZRXVrQkRkeTQ5OVhIcjh3Q2dZSUtvWkl6ajBFQXdJd1BURVUKTUJJR0ExVUVDaE1MYTI1aGRHbDJaUzVrWlhZeEpUQWpCZ05WQkFNVEhHOXdaWEpoZEc5eUxYZGxZbWh2YjJzdQpaR1ZtWVhWc2RDNXpkbU13SGhjTk1qUXdNakl3TVRreE9EQTJXaGNOTWpRd01qSTNNVGt4T0RBMldqQTlNUlF3CkVnWURWUVFLRXd0cmJtRjBhWFpsTG1SbGRqRWxNQ01HQTFVRUF4TWNiM0JsY21GMGIzSXRkMlZpYUc5dmF5NWsKWldaaGRXeDBMbk4yWXpCWk1CTUdCeXFHU000OUFnRUdDQ3FHU000OUF3RUhBMElBQk1JTHl5aUUyQjlzMjRYNAp0elA3bEZjUXppalN3cXc5VzRNQ1NkWGNiUk96Qk93OVZvb0dBYlA5cVRLL0tvQ1o4ZjZzcTQ3NHdsUHg0dnczCkZKNXhIbGlqZ2VNd2dlQXdEZ1lEVlIwUEFRSC9CQVFEQWdLRU1CMEdBMVVkSlFRV01CUUdDQ3NHQVFVRkJ3TUIKQmdnckJnRUZCUWNEQWpBUEJnTlZIUk1CQWY4RUJUQURBUUgvTUIwR0ExVWREZ1FXQkJRRlEwaFZZYVVvdU10cQppOFhVTDdqMURHUkpJREIvQmdOVkhSRUVlREIyZ2hCdmNHVnlZWFJ2Y2kxM1pXSm9iMjlyZ2hodmNHVnlZWFJ2CmNpMTNaV0pvYjI5ckxtUmxabUYxYkhTQ0hHOXdaWEpoZEc5eUxYZGxZbWh2YjJzdVpHVm1ZWFZzZEM1emRtT0MKS205d1pYSmhkRzl5TFhkbFltaHZiMnN1WkdWbVlYVnNkQzV6ZG1NdVkyeDFjM1JsY2k1c2IyTmhiREFLQmdncQpoa2pPUFFRREFnTkhBREJFQWlCbGVPRExkeE1Ob01RUXBzbXcwVklTNk9MWE5kcC92VTRUQ0NKclVTSUk5UUlnCkNFeWNwMUdwQU9rZUI2Qy9zMmFHWFRBTVlEWmo3d3hDUy9uNEkwODNsN0U9Ci0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0K", + "service": { + "name": "operator-webhook", + "namespace": "default", + "path": "/resource-conversion", + "port": 443 + } + }, + "conversionReviewVersions": [ + "v1beta1" + ] + } + }, + "group": "operator.knative.dev", + "names": { + "kind": "KnativeServing", + "listKind": "KnativeServingList", + "plural": "knativeservings", + "singular": "knativeserving" + }, + "scope": "Namespaced", + "versions": [ + { + "additionalPrinterColumns": [ + { + "jsonPath": ".status.version", + "name": "Version", + "type": "string" + }, + { + "jsonPath": ".status.conditions[?(@.type==\"Ready\")].status", + "name": "Ready", + "type": "string" + }, + { + "jsonPath": ".status.conditions[?(@.type==\"Ready\")].reason", + "name": "Reason", + "type": "string" + } + ], + "name": "v1beta1", + "schema": { + "openAPIV3Schema": { + "description": "Schema for the knativeservings API", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", + "type": "string" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "type": "object" + }, + "spec": { + "description": "Spec defines the desired state of KnativeServing", + "properties": { + "additionalManifests": { + "description": "A list of the additional serving manifests, which will be installed by the operator", + "items": { + "properties": { + "URL": { + "description": "The link of the additional manifest URL", + "type": "string" + } + }, + "type": "object" + }, + "type": "array" + }, + "config": { + "additionalProperties": { + "additionalProperties": { + "type": "string" + }, + "type": "object" + }, + "description": "A means to override the corresponding entries in the upstream configmaps", + "type": "object" + }, + "controller-custom-certs": { + "description": "Enabling the controller to trust registries with self-signed certificates", + "properties": { + "name": { + "description": "The name of the ConfigMap or Secret", + "type": "string" + }, + "type": { + "description": "One of ConfigMap or Secret", + "enum": [ + "ConfigMap", + "Secret", + "" + ], + "type": "string" + } + }, + "type": "object" + }, + "deployments": { + "description": "A mapping of deployment name to override", + "items": { + "properties": { + "affinity": { + "description": "If specified, the pod's scheduling constraints.", + "properties": { + "nodeAffinity": { + "description": "Describes node affinity scheduling rules for the pod.", + "properties": { + "preferredDuringSchedulingIgnoredDuringExecution": { + "description": "The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding \"weight\" to the sum if the node matches the corresponding matchExpressions; the node(s) with the highest sum are the most preferred.", + "items": { + "description": "An empty preferred scheduling term matches all objects with implicit weight 0 (i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op).", + "properties": { + "preference": { + "description": "A node selector term, associated with the corresponding weight.", + "properties": { + "matchExpressions": { + "description": "A list of node selector requirements by node's labels.", + "items": { + "description": "A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values.", + "properties": { + "key": { + "description": "The label key that the selector applies to.", + "type": "string" + }, + "operator": { + "description": "Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.", + "type": "string" + }, + "values": { + "description": "An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array" + }, + "matchFields": { + "description": "A list of node selector requirements by node's fields.", + "items": { + "description": "A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values.", + "properties": { + "key": { + "description": "The label key that the selector applies to.", + "type": "string" + }, + "operator": { + "description": "Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.", + "type": "string" + }, + "values": { + "description": "An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array" + } + }, + "type": "object" + }, + "weight": { + "description": "Weight associated with matching the corresponding nodeSelectorTerm, in the range 1-100.", + "format": "int32", + "type": "integer" + } + }, + "required": [ + "preference", + "weight" + ], + "type": "object" + }, + "type": "array" + }, + "requiredDuringSchedulingIgnoredDuringExecution": { + "description": "If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to an update), the system may or may not try to eventually evict the pod from its node.", + "properties": { + "nodeSelectorTerms": { + "description": "Required. A list of node selector terms. The terms are ORed.", + "items": { + "description": "A null or empty node selector term matches no objects. The requirements of them are ANDed. The TopologySelectorTerm type implements a subset of the NodeSelectorTerm.", + "properties": { + "matchExpressions": { + "description": "A list of node selector requirements by node's labels.", + "items": { + "description": "A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values.", + "properties": { + "key": { + "description": "The label key that the selector applies to.", + "type": "string" + }, + "operator": { + "description": "Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.", + "type": "string" + }, + "values": { + "description": "An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array" + }, + "matchFields": { + "description": "A list of node selector requirements by node's fields.", + "items": { + "description": "A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values.", + "properties": { + "key": { + "description": "The label key that the selector applies to.", + "type": "string" + }, + "operator": { + "description": "Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.", + "type": "string" + }, + "values": { + "description": "An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array" + } + }, + "type": "object" + }, + "type": "array" + } + }, + "required": [ + "nodeSelectorTerms" + ], + "type": "object" + } + }, + "type": "object" + }, + "podAffinity": { + "description": "Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s)).", + "properties": { + "preferredDuringSchedulingIgnoredDuringExecution": { + "description": "The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding \"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred.", + "items": { + "description": "The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s)", + "properties": { + "podAffinityTerm": { + "description": "Required. A pod affinity term, associated with the corresponding weight.", + "properties": { + "labelSelector": { + "description": "A label query over a set of resources, in this case pods.", + "properties": { + "matchExpressions": { + "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", + "items": { + "description": "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.", + "properties": { + "key": { + "description": "key is the label key that the selector applies to.", + "type": "string" + }, + "operator": { + "description": "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.", + "type": "string" + }, + "values": { + "description": "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array" + }, + "matchLabels": { + "additionalProperties": { + "type": "string" + }, + "description": "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", + "type": "object" + } + }, + "type": "object" + }, + "namespaces": { + "description": "namespaces specifies which namespaces the labelSelector applies to (matches against); null or empty list means \"this pod's namespace\"", + "items": { + "type": "string" + }, + "type": "array" + }, + "topologyKey": { + "description": "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed.", + "type": "string" + } + }, + "required": [ + "topologyKey" + ], + "type": "object" + }, + "weight": { + "description": "weight associated with matching the corresponding podAffinityTerm, in the range 1-100.", + "format": "int32", + "type": "integer" + } + }, + "required": [ + "podAffinityTerm", + "weight" + ], + "type": "object" + }, + "type": "array" + }, + "requiredDuringSchedulingIgnoredDuringExecution": { + "description": "If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied.", + "items": { + "description": "Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running", + "properties": { + "labelSelector": { + "description": "A label query over a set of resources, in this case pods.", + "properties": { + "matchExpressions": { + "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", + "items": { + "description": "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.", + "properties": { + "key": { + "description": "key is the label key that the selector applies to.", + "type": "string" + }, + "operator": { + "description": "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.", + "type": "string" + }, + "values": { + "description": "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array" + }, + "matchLabels": { + "additionalProperties": { + "type": "string" + }, + "description": "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", + "type": "object" + } + }, + "type": "object" + }, + "namespaces": { + "description": "namespaces specifies which namespaces the labelSelector applies to (matches against); null or empty list means \"this pod's namespace\"", + "items": { + "type": "string" + }, + "type": "array" + }, + "topologyKey": { + "description": "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed.", + "type": "string" + } + }, + "required": [ + "topologyKey" + ], + "type": "object" + }, + "type": "array" + } + }, + "type": "object" + }, + "podAntiAffinity": { + "description": "Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s)).", + "properties": { + "preferredDuringSchedulingIgnoredDuringExecution": { + "description": "The scheduler will prefer to schedule pods to nodes that satisfy the anti-affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling anti-affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding \"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred.", + "items": { + "description": "The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s)", + "properties": { + "podAffinityTerm": { + "description": "Required. A pod affinity term, associated with the corresponding weight.", + "properties": { + "labelSelector": { + "description": "A label query over a set of resources, in this case pods.", + "properties": { + "matchExpressions": { + "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", + "items": { + "description": "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.", + "properties": { + "key": { + "description": "key is the label key that the selector applies to.", + "type": "string" + }, + "operator": { + "description": "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.", + "type": "string" + }, + "values": { + "description": "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array" + }, + "matchLabels": { + "additionalProperties": { + "type": "string" + }, + "description": "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", + "type": "object" + } + }, + "type": "object" + }, + "namespaces": { + "description": "namespaces specifies which namespaces the labelSelector applies to (matches against); null or empty list means \"this pod's namespace\"", + "items": { + "type": "string" + }, + "type": "array" + }, + "topologyKey": { + "description": "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed.", + "type": "string" + } + }, + "required": [ + "topologyKey" + ], + "type": "object" + }, + "weight": { + "description": "weight associated with matching the corresponding podAffinityTerm, in the range 1-100.", + "format": "int32", + "type": "integer" + } + }, + "required": [ + "podAffinityTerm", + "weight" + ], + "type": "object" + }, + "type": "array" + }, + "requiredDuringSchedulingIgnoredDuringExecution": { + "description": "If the anti-affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the anti-affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied.", + "items": { + "description": "Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running", + "properties": { + "labelSelector": { + "description": "A label query over a set of resources, in this case pods.", + "properties": { + "matchExpressions": { + "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", + "items": { + "description": "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.", + "properties": { + "key": { + "description": "key is the label key that the selector applies to.", + "type": "string" + }, + "operator": { + "description": "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.", + "type": "string" + }, + "values": { + "description": "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array" + }, + "matchLabels": { + "additionalProperties": { + "type": "string" + }, + "description": "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", + "type": "object" + } + }, + "type": "object" + }, + "namespaces": { + "description": "namespaces specifies which namespaces the labelSelector applies to (matches against); null or empty list means \"this pod's namespace\"", + "items": { + "type": "string" + }, + "type": "array" + }, + "topologyKey": { + "description": "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed.", + "type": "string" + } + }, + "required": [ + "topologyKey" + ], + "type": "object" + }, + "type": "array" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "annotations": { + "additionalProperties": { + "type": "string" + }, + "description": "Annotations overrides labels for the deployment and its template.", + "type": "object" + }, + "env": { + "description": "Env overrides env vars for the containers.", + "items": { + "properties": { + "container": { + "description": "The container name", + "type": "string" + }, + "envVars": { + "description": "The desired EnvVarRequirements", + "items": { + "description": "EnvVar represents an environment variable present in a Container.", + "properties": { + "name": { + "description": "Name of the environment variable. Must be a C_IDENTIFIER.", + "type": "string" + }, + "value": { + "description": "Variable references $(VAR_NAME) are expanded using the previously defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to \"\".", + "type": "string" + }, + "valueFrom": { + "description": "Source for the environment variable's value. Cannot be used if value is not empty.", + "properties": { + "configMapKeyRef": { + "description": "Selects a key of a ConfigMap.", + "properties": { + "key": { + "description": "The key to select.", + "type": "string" + }, + "name": { + "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?", + "type": "string" + }, + "optional": { + "description": "Specify whether the ConfigMap or its key must be defined", + "type": "boolean" + } + }, + "required": [ + "key" + ], + "type": "object" + }, + "fieldRef": { + "description": "Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs.", + "properties": { + "apiVersion": { + "description": "Version of the schema the FieldPath is written in terms of, defaults to \"v1\".", + "type": "string" + }, + "fieldPath": { + "description": "Path of the field to select in the specified API version.", + "type": "string" + } + }, + "required": [ + "fieldPath" + ], + "type": "object" + }, + "resourceFieldRef": { + "description": "Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported.", + "properties": { + "containerName": { + "description": "Container name: required for volumes, optional for env vars", + "type": "string" + }, + "divisor": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "description": "Specifies the output format of the exposed resources, defaults to \"1\"", + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "resource": { + "description": "Required: resource to select", + "type": "string" + } + }, + "required": [ + "resource" + ], + "type": "object" + }, + "secretKeyRef": { + "description": "Selects a key of a secret in the pod's namespace", + "properties": { + "key": { + "description": "The key of the secret to select from. Must be a valid secret key.", + "type": "string" + }, + "name": { + "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?", + "type": "string" + }, + "optional": { + "description": "Specify whether the Secret or its key must be defined", + "type": "boolean" + } + }, + "required": [ + "key" + ], + "type": "object" + } + }, + "type": "object" + } + }, + "required": [ + "name" + ], + "type": "object" + }, + "type": "array" + } + }, + "required": [ + "container" + ], + "type": "object" + }, + "type": "array" + }, + "hostNetwork": { + "description": "Use the host's network namespace if true. Make sure to understand the security implications if you want to enable it. When hostNetwork is enabled, this will set dnsPolicy to ClusterFirstWithHostNet automatically.", + "type": "boolean" + }, + "labels": { + "additionalProperties": { + "type": "string" + }, + "description": "Labels overrides labels for the deployment and its template.", + "type": "object" + }, + "livenessProbes": { + "description": "LivenessProbes overrides liveness probes for the containers.", + "items": { + "description": "ProbesRequirementsOverride enables the user to override any container's env vars.", + "properties": { + "container": { + "description": "The container name", + "type": "string" + }, + "failureThreshold": { + "description": "Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.", + "format": "int32", + "type": "integer" + }, + "initialDelaySeconds": { + "description": "Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes", + "format": "int32", + "type": "integer" + }, + "periodSeconds": { + "description": "How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1.", + "format": "int32", + "type": "integer" + }, + "successThreshold": { + "description": "Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1.", + "format": "int32", + "type": "integer" + }, + "terminationGracePeriodSeconds": { + "description": "Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset.", + "format": "int64", + "type": "integer" + }, + "timeoutSeconds": { + "description": "Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes", + "format": "int32", + "type": "integer" + } + }, + "required": [ + "container" + ], + "type": "object" + }, + "type": "array" + }, + "name": { + "description": "The name of the deployment", + "type": "string" + }, + "nodeSelector": { + "additionalProperties": { + "type": "string" + }, + "description": "NodeSelector overrides nodeSelector for the deployment.", + "type": "object" + }, + "readinessProbes": { + "description": "ReadinessProbes overrides readiness probes for the containers.", + "items": { + "description": "ProbesRequirementsOverride enables the user to override any container's env vars.", + "properties": { + "container": { + "description": "The container name", + "type": "string" + }, + "failureThreshold": { + "description": "Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.", + "format": "int32", + "type": "integer" + }, + "initialDelaySeconds": { + "description": "Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes", + "format": "int32", + "type": "integer" + }, + "periodSeconds": { + "description": "How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1.", + "format": "int32", + "type": "integer" + }, + "successThreshold": { + "description": "Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1.", + "format": "int32", + "type": "integer" + }, + "terminationGracePeriodSeconds": { + "description": "Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset.", + "format": "int64", + "type": "integer" + }, + "timeoutSeconds": { + "description": "Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes", + "format": "int32", + "type": "integer" + } + }, + "required": [ + "container" + ], + "type": "object" + }, + "type": "array" + }, + "replicas": { + "description": "The number of replicas that HA parts of the control plane will be scaled to", + "minimum": 0, + "type": "integer" + }, + "resources": { + "description": "If specified, the container's resources.", + "items": { + "description": "The pod this Resource is used to specify the requests and limits for a certain container based on the name.", + "properties": { + "container": { + "description": "The name of the container", + "type": "string" + }, + "limits": { + "properties": { + "cpu": { + "pattern": "^([+-]?[0-9.]+)([eEinumkKMGTP]*[-+]?[0-9]*)$", + "type": "string" + }, + "memory": { + "pattern": "^([+-]?[0-9.]+)([eEinumkKMGTP]*[-+]?[0-9]*)$", + "type": "string" + } + }, + "type": "object" + }, + "requests": { + "properties": { + "cpu": { + "pattern": "^([+-]?[0-9.]+)([eEinumkKMGTP]*[-+]?[0-9]*)$", + "type": "string" + }, + "memory": { + "pattern": "^([+-]?[0-9.]+)([eEinumkKMGTP]*[-+]?[0-9]*)$", + "type": "string" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "type": "array" + }, + "tolerations": { + "description": "If specified, the pod's tolerations.", + "items": { + "description": "The pod this Toleration is attached to tolerates any taint that matches the triple using the matching operator .", + "properties": { + "effect": { + "description": "Effect indicates the taint effect to match. Empty means match all taint effects. When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute.", + "type": "string" + }, + "key": { + "description": "Key is the taint key that the toleration applies to. Empty means match all taint keys. If the key is empty, operator must be Exists; this combination means to match all values and all keys.", + "type": "string" + }, + "operator": { + "description": "Operator represents a key's relationship to the value. Valid operators are Exists and Equal. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category.", + "type": "string" + }, + "tolerationSeconds": { + "description": "TolerationSeconds represents the period of time the toleration (which must be of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, it is not set, which means tolerate the taint forever (do not evict). Zero and negative values will be treated as 0 (evict immediately) by the system.", + "format": "int64", + "type": "integer" + }, + "value": { + "description": "Value is the taint value the toleration matches to. If the operator is Exists, the value should be empty, otherwise just a regular string.", + "type": "string" + } + }, + "type": "object" + }, + "type": "array" + }, + "topologySpreadConstraints": { + "description": "If specified, the pod's topology spread constraints.", + "items": { + "description": "TopologySpreadConstraint specifies how to spread matching pods among the given topology.", + "properties": { + "labelSelector": { + "description": "LabelSelector is used to find matching pods. Pods that match this label selector are counted to determine the number of pods in their corresponding topology domain.", + "properties": { + "matchExpressions": { + "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", + "items": { + "description": "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.", + "properties": { + "key": { + "description": "key is the label key that the selector applies to.", + "type": "string" + }, + "operator": { + "description": "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.", + "type": "string" + }, + "values": { + "description": "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array" + }, + "matchLabels": { + "additionalProperties": { + "type": "string" + }, + "description": "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", + "type": "object" + } + }, + "type": "object" + }, + "maxSkew": { + "description": "MaxSkew describes the degree to which pods may be unevenly distributed. It's the maximum permitted difference between the number of matching pods in any two topology domains of a given topology type. For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same labelSelector spread as 1/1/0: | zone1 | zone2 | zone3 | | P | P | | - if MaxSkew is 1, incoming pod can only be scheduled to zone3 to become 1/1/1; scheduling it onto zone1(zone2) would make the ActualSkew(2-0) on zone1(zone2) violate MaxSkew(1). - if MaxSkew is 2, incoming pod can be scheduled onto any zone. It's a required field. Default value is 1 and 0 is not allowed.", + "format": "int32", + "type": "integer" + }, + "topologyKey": { + "description": "TopologyKey is the key of node labels. Nodes that have a label with this key and identical values are considered to be in the same topology. We consider each as a \"bucket\", and try to put balanced number of pods into each bucket. It's a required field.", + "type": "string" + }, + "whenUnsatisfiable": { + "description": "WhenUnsatisfiable indicates how to deal with a pod if it doesn't satisfy the spread constraint. - DoNotSchedule (default) tells the scheduler not to schedule it - ScheduleAnyway tells the scheduler to still schedule it It's considered as \"Unsatisfiable\" if and only if placing incoming pod on any topology violates \"MaxSkew\". For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same labelSelector spread as 3/1/1: | zone1 | zone2 | zone3 | | P P P | P | P | If WhenUnsatisfiable is set to DoNotSchedule, incoming pod can only be scheduled to zone2(zone3) to become 3/2/1(3/1/2) as ActualSkew(2-1) on zone2(zone3) satisfies MaxSkew(1). In other words, the cluster can still be imbalanced, but scheduler won't make it *more* imbalanced. It's a required field.", + "type": "string" + } + }, + "required": [ + "maxSkew", + "topologyKey", + "whenUnsatisfiable" + ], + "type": "object" + }, + "type": "array" + } + }, + "type": "object" + }, + "type": "array" + }, + "high-availability": { + "description": "Allows specification of HA control plane", + "properties": { + "replicas": { + "description": "The number of replicas that HA parts of the control plane will be scaled to", + "minimum": 0, + "type": "integer" + } + }, + "type": "object" + }, + "ingress": { + "description": "The ingress configuration for Knative Serving", + "properties": { + "contour": { + "description": "Contour settings", + "properties": { + "enabled": { + "type": "boolean" + } + }, + "type": "object" + }, + "istio": { + "description": "Istio settings", + "properties": { + "enabled": { + "type": "boolean" + }, + "knative-ingress-gateway": { + "description": "A means to override the knative-ingress-gateway", + "properties": { + "selector": { + "additionalProperties": { + "type": "string" + }, + "description": "The selector for the ingress-gateway.", + "type": "object" + }, + "servers": { + "description": "A list of server specifications.", + "items": { + "properties": { + "hosts": { + "description": "One or more hosts exposed by this gateway.", + "items": { + "format": "string", + "type": "string" + }, + "type": "array" + }, + "port": { + "properties": { + "name": { + "description": "Label assigned to the port.", + "format": "string", + "type": "string" + }, + "number": { + "description": "A valid non-negative integer port number.", + "type": "integer" + }, + "protocol": { + "description": "The protocol exposed on the port.", + "format": "string", + "type": "string" + }, + "target_port": { + "description": "A valid non-negative integer target port number.", + "type": "integer" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "type": "array" + } + }, + "type": "object" + }, + "knative-local-gateway": { + "description": "A means to override the knative-local-gateway", + "properties": { + "selector": { + "additionalProperties": { + "type": "string" + }, + "description": "The selector for the ingress-gateway.", + "type": "object" + }, + "servers": { + "description": "A list of server specifications.", + "items": { + "properties": { + "hosts": { + "description": "One or more hosts exposed by this gateway.", + "items": { + "format": "string", + "type": "string" + }, + "type": "array" + }, + "port": { + "properties": { + "name": { + "description": "Label assigned to the port.", + "format": "string", + "type": "string" + }, + "number": { + "description": "A valid non-negative integer port number.", + "type": "integer" + }, + "protocol": { + "description": "The protocol exposed on the port.", + "format": "string", + "type": "string" + }, + "target_port": { + "description": "A valid non-negative integer target port number.", + "type": "integer" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "type": "array" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "kourier": { + "description": "Kourier settings", + "properties": { + "bootstrap-configmap": { + "type": "string" + }, + "enabled": { + "type": "boolean" + }, + "http-port": { + "type": "integer" + }, + "https-port": { + "type": "integer" + }, + "service-load-balancer-ip": { + "type": "string" + }, + "service-type": { + "type": "string" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "manifests": { + "description": "A list of serving manifests, which will be installed by the operator", + "items": { + "properties": { + "URL": { + "description": "The link of the manifest URL", + "type": "string" + } + }, + "type": "object" + }, + "type": "array" + }, + "podDisruptionBudgets": { + "description": "A mapping of podDisruptionBudget name to override", + "items": { + "properties": { + "minAvailable": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "description": "An eviction is allowed if at least \"minAvailable\" pods selected by \"selector\" will still be available after the eviction, i.e. even in the absence of the evicted pod. So for example you can prevent all voluntary evictions by specifying \"100%\".", + "x-kubernetes-int-or-string": true + }, + "name": { + "description": "The name of the podDisruptionBudget", + "type": "string" + } + }, + "type": "object" + }, + "type": "array" + }, + "registry": { + "description": "A means to override the corresponding deployment images in the upstream. This affects both apps/v1.Deployment and caching.internal.knative.dev/v1alpha1.Image.", + "properties": { + "default": { + "description": "The default image reference template to use for all knative images. Takes the form of example-registry.io/custom/path/${NAME}:custom-tag", + "type": "string" + }, + "imagePullSecrets": { + "description": "A list of secrets to be used when pulling the knative images. The secret must be created in the same namespace as the knative-serving deployments, and not the namespace of this resource.", + "items": { + "properties": { + "name": { + "description": "The name of the secret.", + "type": "string" + } + }, + "type": "object" + }, + "type": "array" + }, + "override": { + "additionalProperties": { + "type": "string" + }, + "description": "A map of a container name or image name to the full image location of the individual knative image.", + "type": "object" + } + }, + "type": "object" + }, + "security": { + "description": "The security configuration for Knative Serving", + "properties": { + "securityGuard": { + "description": "Security Guard settings", + "properties": { + "enabled": { + "type": "boolean" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "services": { + "description": "A mapping of service name to override", + "items": { + "properties": { + "annotations": { + "additionalProperties": { + "type": "string" + }, + "description": "Annotations overrides labels for the service", + "type": "object" + }, + "labels": { + "additionalProperties": { + "type": "string" + }, + "description": "Labels overrides labels for the service", + "type": "object" + }, + "name": { + "description": "The name of the service", + "type": "string" + }, + "selector": { + "additionalProperties": { + "type": "string" + }, + "description": "Selector overrides selector for the service", + "type": "object" + } + }, + "type": "object" + }, + "type": "array" + }, + "version": { + "description": "The version of Knative Serving to be installed", + "type": "string" + }, + "workloads": { + "description": "A mapping of deployment or statefulset name to override", + "items": { + "properties": { + "affinity": { + "description": "If specified, the pod's scheduling constraints.", + "properties": { + "nodeAffinity": { + "description": "Describes node affinity scheduling rules for the pod.", + "properties": { + "preferredDuringSchedulingIgnoredDuringExecution": { + "description": "The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding \"weight\" to the sum if the node matches the corresponding matchExpressions; the node(s) with the highest sum are the most preferred.", + "items": { + "description": "An empty preferred scheduling term matches all objects with implicit weight 0 (i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op).", + "properties": { + "preference": { + "description": "A node selector term, associated with the corresponding weight.", + "properties": { + "matchExpressions": { + "description": "A list of node selector requirements by node's labels.", + "items": { + "description": "A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values.", + "properties": { + "key": { + "description": "The label key that the selector applies to.", + "type": "string" + }, + "operator": { + "description": "Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.", + "type": "string" + }, + "values": { + "description": "An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array" + }, + "matchFields": { + "description": "A list of node selector requirements by node's fields.", + "items": { + "description": "A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values.", + "properties": { + "key": { + "description": "The label key that the selector applies to.", + "type": "string" + }, + "operator": { + "description": "Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.", + "type": "string" + }, + "values": { + "description": "An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array" + } + }, + "type": "object" + }, + "weight": { + "description": "Weight associated with matching the corresponding nodeSelectorTerm, in the range 1-100.", + "format": "int32", + "type": "integer" + } + }, + "required": [ + "preference", + "weight" + ], + "type": "object" + }, + "type": "array" + }, + "requiredDuringSchedulingIgnoredDuringExecution": { + "description": "If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to an update), the system may or may not try to eventually evict the pod from its node.", + "properties": { + "nodeSelectorTerms": { + "description": "Required. A list of node selector terms. The terms are ORed.", + "items": { + "description": "A null or empty node selector term matches no objects. The requirements of them are ANDed. The TopologySelectorTerm type implements a subset of the NodeSelectorTerm.", + "properties": { + "matchExpressions": { + "description": "A list of node selector requirements by node's labels.", + "items": { + "description": "A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values.", + "properties": { + "key": { + "description": "The label key that the selector applies to.", + "type": "string" + }, + "operator": { + "description": "Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.", + "type": "string" + }, + "values": { + "description": "An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array" + }, + "matchFields": { + "description": "A list of node selector requirements by node's fields.", + "items": { + "description": "A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values.", + "properties": { + "key": { + "description": "The label key that the selector applies to.", + "type": "string" + }, + "operator": { + "description": "Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.", + "type": "string" + }, + "values": { + "description": "An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array" + } + }, + "type": "object" + }, + "type": "array" + } + }, + "required": [ + "nodeSelectorTerms" + ], + "type": "object" + } + }, + "type": "object" + }, + "podAffinity": { + "description": "Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s)).", + "properties": { + "preferredDuringSchedulingIgnoredDuringExecution": { + "description": "The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding \"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred.", + "items": { + "description": "The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s)", + "properties": { + "podAffinityTerm": { + "description": "Required. A pod affinity term, associated with the corresponding weight.", + "properties": { + "labelSelector": { + "description": "A label query over a set of resources, in this case pods.", + "properties": { + "matchExpressions": { + "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", + "items": { + "description": "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.", + "properties": { + "key": { + "description": "key is the label key that the selector applies to.", + "type": "string" + }, + "operator": { + "description": "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.", + "type": "string" + }, + "values": { + "description": "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array" + }, + "matchLabels": { + "additionalProperties": { + "type": "string" + }, + "description": "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", + "type": "object" + } + }, + "type": "object" + }, + "namespaces": { + "description": "namespaces specifies which namespaces the labelSelector applies to (matches against); null or empty list means \"this pod's namespace\"", + "items": { + "type": "string" + }, + "type": "array" + }, + "topologyKey": { + "description": "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed.", + "type": "string" + } + }, + "required": [ + "topologyKey" + ], + "type": "object" + }, + "weight": { + "description": "weight associated with matching the corresponding podAffinityTerm, in the range 1-100.", + "format": "int32", + "type": "integer" + } + }, + "required": [ + "podAffinityTerm", + "weight" + ], + "type": "object" + }, + "type": "array" + }, + "requiredDuringSchedulingIgnoredDuringExecution": { + "description": "If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied.", + "items": { + "description": "Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running", + "properties": { + "labelSelector": { + "description": "A label query over a set of resources, in this case pods.", + "properties": { + "matchExpressions": { + "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", + "items": { + "description": "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.", + "properties": { + "key": { + "description": "key is the label key that the selector applies to.", + "type": "string" + }, + "operator": { + "description": "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.", + "type": "string" + }, + "values": { + "description": "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array" + }, + "matchLabels": { + "additionalProperties": { + "type": "string" + }, + "description": "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", + "type": "object" + } + }, + "type": "object" + }, + "namespaces": { + "description": "namespaces specifies which namespaces the labelSelector applies to (matches against); null or empty list means \"this pod's namespace\"", + "items": { + "type": "string" + }, + "type": "array" + }, + "topologyKey": { + "description": "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed.", + "type": "string" + } + }, + "required": [ + "topologyKey" + ], + "type": "object" + }, + "type": "array" + } + }, + "type": "object" + }, + "podAntiAffinity": { + "description": "Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s)).", + "properties": { + "preferredDuringSchedulingIgnoredDuringExecution": { + "description": "The scheduler will prefer to schedule pods to nodes that satisfy the anti-affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling anti-affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding \"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred.", + "items": { + "description": "The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s)", + "properties": { + "podAffinityTerm": { + "description": "Required. A pod affinity term, associated with the corresponding weight.", + "properties": { + "labelSelector": { + "description": "A label query over a set of resources, in this case pods.", + "properties": { + "matchExpressions": { + "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", + "items": { + "description": "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.", + "properties": { + "key": { + "description": "key is the label key that the selector applies to.", + "type": "string" + }, + "operator": { + "description": "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.", + "type": "string" + }, + "values": { + "description": "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array" + }, + "matchLabels": { + "additionalProperties": { + "type": "string" + }, + "description": "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", + "type": "object" + } + }, + "type": "object" + }, + "namespaces": { + "description": "namespaces specifies which namespaces the labelSelector applies to (matches against); null or empty list means \"this pod's namespace\"", + "items": { + "type": "string" + }, + "type": "array" + }, + "topologyKey": { + "description": "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed.", + "type": "string" + } + }, + "required": [ + "topologyKey" + ], + "type": "object" + }, + "weight": { + "description": "weight associated with matching the corresponding podAffinityTerm, in the range 1-100.", + "format": "int32", + "type": "integer" + } + }, + "required": [ + "podAffinityTerm", + "weight" + ], + "type": "object" + }, + "type": "array" + }, + "requiredDuringSchedulingIgnoredDuringExecution": { + "description": "If the anti-affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the anti-affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied.", + "items": { + "description": "Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running", + "properties": { + "labelSelector": { + "description": "A label query over a set of resources, in this case pods.", + "properties": { + "matchExpressions": { + "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", + "items": { + "description": "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.", + "properties": { + "key": { + "description": "key is the label key that the selector applies to.", + "type": "string" + }, + "operator": { + "description": "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.", + "type": "string" + }, + "values": { + "description": "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array" + }, + "matchLabels": { + "additionalProperties": { + "type": "string" + }, + "description": "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", + "type": "object" + } + }, + "type": "object" + }, + "namespaces": { + "description": "namespaces specifies which namespaces the labelSelector applies to (matches against); null or empty list means \"this pod's namespace\"", + "items": { + "type": "string" + }, + "type": "array" + }, + "topologyKey": { + "description": "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed.", + "type": "string" + } + }, + "required": [ + "topologyKey" + ], + "type": "object" + }, + "type": "array" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "annotations": { + "additionalProperties": { + "type": "string" + }, + "description": "Annotations overrides labels for the deployment and its template.", + "type": "object" + }, + "env": { + "description": "Env overrides env vars for the containers.", + "items": { + "properties": { + "container": { + "description": "The container name", + "type": "string" + }, + "envVars": { + "description": "The desired EnvVarRequirements", + "items": { + "description": "EnvVar represents an environment variable present in a Container.", + "properties": { + "name": { + "description": "Name of the environment variable. Must be a C_IDENTIFIER.", + "type": "string" + }, + "value": { + "description": "Variable references $(VAR_NAME) are expanded using the previously defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to \"\".", + "type": "string" + }, + "valueFrom": { + "description": "Source for the environment variable's value. Cannot be used if value is not empty.", + "properties": { + "configMapKeyRef": { + "description": "Selects a key of a ConfigMap.", + "properties": { + "key": { + "description": "The key to select.", + "type": "string" + }, + "name": { + "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?", + "type": "string" + }, + "optional": { + "description": "Specify whether the ConfigMap or its key must be defined", + "type": "boolean" + } + }, + "required": [ + "key" + ], + "type": "object" + }, + "fieldRef": { + "description": "Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs.", + "properties": { + "apiVersion": { + "description": "Version of the schema the FieldPath is written in terms of, defaults to \"v1\".", + "type": "string" + }, + "fieldPath": { + "description": "Path of the field to select in the specified API version.", + "type": "string" + } + }, + "required": [ + "fieldPath" + ], + "type": "object" + }, + "resourceFieldRef": { + "description": "Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported.", + "properties": { + "containerName": { + "description": "Container name: required for volumes, optional for env vars", + "type": "string" + }, + "divisor": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "description": "Specifies the output format of the exposed resources, defaults to \"1\"", + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "resource": { + "description": "Required: resource to select", + "type": "string" + } + }, + "required": [ + "resource" + ], + "type": "object" + }, + "secretKeyRef": { + "description": "Selects a key of a secret in the pod's namespace", + "properties": { + "key": { + "description": "The key of the secret to select from. Must be a valid secret key.", + "type": "string" + }, + "name": { + "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?", + "type": "string" + }, + "optional": { + "description": "Specify whether the Secret or its key must be defined", + "type": "boolean" + } + }, + "required": [ + "key" + ], + "type": "object" + } + }, + "type": "object" + } + }, + "required": [ + "name" + ], + "type": "object" + }, + "type": "array" + } + }, + "required": [ + "container" + ], + "type": "object" + }, + "type": "array" + }, + "hostNetwork": { + "description": "Use the host's network namespace if true. Make sure to understand the security implications if you want to enable it. When hostNetwork is enabled, this will set dnsPolicy to ClusterFirstWithHostNet automatically.", + "type": "boolean" + }, + "labels": { + "additionalProperties": { + "type": "string" + }, + "description": "Labels overrides labels for the deployment and its template.", + "type": "object" + }, + "livenessProbes": { + "description": "LivenessProbes overrides liveness probes for the containers.", + "items": { + "description": "ProbesRequirementsOverride enables the user to override any container's env vars.", + "properties": { + "container": { + "description": "The container name", + "type": "string" + }, + "failureThreshold": { + "description": "Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.", + "format": "int32", + "type": "integer" + }, + "initialDelaySeconds": { + "description": "Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes", + "format": "int32", + "type": "integer" + }, + "periodSeconds": { + "description": "How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1.", + "format": "int32", + "type": "integer" + }, + "successThreshold": { + "description": "Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1.", + "format": "int32", + "type": "integer" + }, + "terminationGracePeriodSeconds": { + "description": "Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset.", + "format": "int64", + "type": "integer" + }, + "timeoutSeconds": { + "description": "Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes", + "format": "int32", + "type": "integer" + } + }, + "required": [ + "container" + ], + "type": "object" + }, + "type": "array" + }, + "name": { + "description": "The name of the deployment", + "type": "string" + }, + "nodeSelector": { + "additionalProperties": { + "type": "string" + }, + "description": "NodeSelector overrides nodeSelector for the deployment.", + "type": "object" + }, + "readinessProbes": { + "description": "ReadinessProbes overrides readiness probes for the containers.", + "items": { + "description": "ProbesRequirementsOverride enables the user to override any container's env vars.", + "properties": { + "container": { + "description": "The container name", + "type": "string" + }, + "failureThreshold": { + "description": "Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.", + "format": "int32", + "type": "integer" + }, + "initialDelaySeconds": { + "description": "Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes", + "format": "int32", + "type": "integer" + }, + "periodSeconds": { + "description": "How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1.", + "format": "int32", + "type": "integer" + }, + "successThreshold": { + "description": "Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1.", + "format": "int32", + "type": "integer" + }, + "terminationGracePeriodSeconds": { + "description": "Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset.", + "format": "int64", + "type": "integer" + }, + "timeoutSeconds": { + "description": "Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes", + "format": "int32", + "type": "integer" + } + }, + "required": [ + "container" + ], + "type": "object" + }, + "type": "array" + }, + "replicas": { + "description": "The number of replicas that HA parts of the control plane will be scaled to", + "minimum": 0, + "type": "integer" + }, + "resources": { + "description": "If specified, the container's resources.", + "items": { + "description": "The pod this Resource is used to specify the requests and limits for a certain container based on the name.", + "properties": { + "container": { + "description": "The name of the container", + "type": "string" + }, + "limits": { + "properties": { + "cpu": { + "pattern": "^([+-]?[0-9.]+)([eEinumkKMGTP]*[-+]?[0-9]*)$", + "type": "string" + }, + "memory": { + "pattern": "^([+-]?[0-9.]+)([eEinumkKMGTP]*[-+]?[0-9]*)$", + "type": "string" + } + }, + "type": "object" + }, + "requests": { + "properties": { + "cpu": { + "pattern": "^([+-]?[0-9.]+)([eEinumkKMGTP]*[-+]?[0-9]*)$", + "type": "string" + }, + "memory": { + "pattern": "^([+-]?[0-9.]+)([eEinumkKMGTP]*[-+]?[0-9]*)$", + "type": "string" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "type": "array" + }, + "tolerations": { + "description": "If specified, the pod's tolerations.", + "items": { + "description": "The pod this Toleration is attached to tolerates any taint that matches the triple using the matching operator .", + "properties": { + "effect": { + "description": "Effect indicates the taint effect to match. Empty means match all taint effects. When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute.", + "type": "string" + }, + "key": { + "description": "Key is the taint key that the toleration applies to. Empty means match all taint keys. If the key is empty, operator must be Exists; this combination means to match all values and all keys.", + "type": "string" + }, + "operator": { + "description": "Operator represents a key's relationship to the value. Valid operators are Exists and Equal. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category.", + "type": "string" + }, + "tolerationSeconds": { + "description": "TolerationSeconds represents the period of time the toleration (which must be of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, it is not set, which means tolerate the taint forever (do not evict). Zero and negative values will be treated as 0 (evict immediately) by the system.", + "format": "int64", + "type": "integer" + }, + "value": { + "description": "Value is the taint value the toleration matches to. If the operator is Exists, the value should be empty, otherwise just a regular string.", + "type": "string" + } + }, + "type": "object" + }, + "type": "array" + }, + "topologySpreadConstraints": { + "description": "If specified, the pod's topology spread constraints.", + "items": { + "description": "TopologySpreadConstraint specifies how to spread matching pods among the given topology.", + "properties": { + "labelSelector": { + "description": "LabelSelector is used to find matching pods. Pods that match this label selector are counted to determine the number of pods in their corresponding topology domain.", + "properties": { + "matchExpressions": { + "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", + "items": { + "description": "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.", + "properties": { + "key": { + "description": "key is the label key that the selector applies to.", + "type": "string" + }, + "operator": { + "description": "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.", + "type": "string" + }, + "values": { + "description": "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array" + }, + "matchLabels": { + "additionalProperties": { + "type": "string" + }, + "description": "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", + "type": "object" + } + }, + "type": "object" + }, + "maxSkew": { + "description": "MaxSkew describes the degree to which pods may be unevenly distributed. It's the maximum permitted difference between the number of matching pods in any two topology domains of a given topology type. For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same labelSelector spread as 1/1/0: | zone1 | zone2 | zone3 | | P | P | | - if MaxSkew is 1, incoming pod can only be scheduled to zone3 to become 1/1/1; scheduling it onto zone1(zone2) would make the ActualSkew(2-0) on zone1(zone2) violate MaxSkew(1). - if MaxSkew is 2, incoming pod can be scheduled onto any zone. It's a required field. Default value is 1 and 0 is not allowed.", + "format": "int32", + "type": "integer" + }, + "topologyKey": { + "description": "TopologyKey is the key of node labels. Nodes that have a label with this key and identical values are considered to be in the same topology. We consider each as a \"bucket\", and try to put balanced number of pods into each bucket. It's a required field.", + "type": "string" + }, + "whenUnsatisfiable": { + "description": "WhenUnsatisfiable indicates how to deal with a pod if it doesn't satisfy the spread constraint. - DoNotSchedule (default) tells the scheduler not to schedule it - ScheduleAnyway tells the scheduler to still schedule it It's considered as \"Unsatisfiable\" if and only if placing incoming pod on any topology violates \"MaxSkew\". For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same labelSelector spread as 3/1/1: | zone1 | zone2 | zone3 | | P P P | P | P | If WhenUnsatisfiable is set to DoNotSchedule, incoming pod can only be scheduled to zone2(zone3) to become 3/2/1(3/1/2) as ActualSkew(2-1) on zone2(zone3) satisfies MaxSkew(1). In other words, the cluster can still be imbalanced, but scheduler won't make it *more* imbalanced. It's a required field.", + "type": "string" + } + }, + "required": [ + "maxSkew", + "topologyKey", + "whenUnsatisfiable" + ], + "type": "object" + }, + "type": "array" + }, + "version": { + "description": "Version the cluster should be on.", + "type": "string" + }, + "volumeMounts": { + "description": "VolumeMounts allows configuration of additional VolumeMounts on the output StatefulSet definition. VolumeMounts specified will be appended to other VolumeMounts in the alertmanager container, that are generated as a result of StorageSpec objects.", + "items": { + "description": "VolumeMount describes a mounting of a Volume within a container.", + "properties": { + "mountPath": { + "description": "Path within the container at which the volume should be mounted. Must not contain ':'.", + "type": "string" + }, + "mountPropagation": { + "description": "mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationNone is used. This field is beta in 1.10.", + "type": "string" + }, + "name": { + "description": "This must match the Name of a Volume.", + "type": "string" + }, + "readOnly": { + "description": "Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false.", + "type": "boolean" + }, + "subPath": { + "description": "Path within the volume from which the container's volume should be mounted. Defaults to \"\" (volume's root).", + "type": "string" + }, + "subPathExpr": { + "description": "Expanded path within the volume from which the container's volume should be mounted. Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. Defaults to \"\" (volume's root). SubPathExpr and SubPath are mutually exclusive.", + "type": "string" + } + }, + "required": [ + "mountPath", + "name" + ], + "type": "object" + }, + "type": "array" + } + }, + "type": "object" + }, + "type": "array" + } + }, + "type": "object" + }, + "status": { + "description": "Status defines the observed state of KnativeServing", + "properties": { + "conditions": { + "description": "The latest available observations of a resource's current state.", + "items": { + "properties": { + "lastTransitionTime": { + "description": "LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant).", + "type": "string" + }, + "message": { + "description": "A human readable message indicating details about the transition.", + "type": "string" + }, + "reason": { + "description": "The reason for the condition's last transition.", + "type": "string" + }, + "severity": { + "description": "Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error.", + "type": "string" + }, + "status": { + "description": "Status of the condition, one of True, False, Unknown.", + "type": "string" + }, + "type": { + "description": "Type of condition.", + "type": "string" + } + }, + "required": [ + "type", + "status" + ], + "type": "object" + }, + "type": "array" + }, + "manifests": { + "description": "The list of serving manifests, which have been installed by the operator", + "items": { + "type": "string" + }, + "type": "array" + }, + "observedGeneration": { + "description": "The generation last processed by the controller", + "type": "integer" + }, + "version": { + "description": "The version of the installed release", + "type": "string" + } + }, + "type": "object" + } + }, + "type": "object" + } + }, + "served": true, + "storage": true, + "subresources": { + "status": {} + } + } + ] + }, + "status": { + "acceptedNames": { + "kind": "KnativeServing", + "listKind": "KnativeServingList", + "plural": "knativeservings", + "singular": "knativeserving" + }, + "conditions": [ + { + "lastTransitionTime": "2024-02-20T19:17:52Z", + "message": "no conflicts found", + "reason": "NoConflicts", + "status": "True", + "type": "NamesAccepted" + }, + { + "lastTransitionTime": "2024-02-20T19:17:52Z", + "message": "the initial names have been accepted", + "reason": "InitialNamesAccepted", + "status": "True", + "type": "Established" + } + ], + "storedVersions": [ + "v1beta1" + ] + } + }, + "group": "operator.knative.dev", + "plural": "knativeservings", + "version": "v1beta1" + }, + "learnrun_time": 435.809189081192, + "namespace": "default", + "preload_images": [ + "gcr.io/knative-releases/knative.dev/operator/cmd/webhook:v1.12.3", + "gcr.io/knative-releases/knative.dev/serving/cmd/activator:v1.12.3", + "gcr.io/knative-releases/knative.dev/serving/cmd/autoscaler-hpa:v1.12.3", + "gcr.io/knative-releases/knative.dev/operator/cmd/operator:v1.12.3", + "gcr.io/knative-releases/knative.dev/pkg/apiextensions/storageversion/cmd/migrate:latest", + "gcr.io/knative-releases/knative.dev/serving/cmd/autoscaler:v1.12.3", + "gcr.io/knative-releases/knative.dev/serving/cmd/controller:v1.12.3", + "gcr.io/knative-releases/knative.dev/serving/cmd/webhook:v1.12.3" + ], + "static_analysis_time": 7.152557373046875e-06 +} diff --git a/data/knative_knative-operator-serving/knative-config.json b/data/knative_knative-operator-serving/knative-config.json new file mode 100644 index 0000000000..b9f619216b --- /dev/null +++ b/data/knative_knative-operator-serving/knative-config.json @@ -0,0 +1,14 @@ +{ + "deploy": { + "steps": [ + { + "apply": { + "file": "operator.yaml", + "operator": true + } + } + ] + }, + "crd_name": "knativeservings.operator.knative.dev", + "seed_custom_resource": "knative-cr.yaml" +} diff --git a/data/knative_knative-operator-serving/knative-cr.yaml b/data/knative_knative-operator-serving/knative-cr.yaml new file mode 100644 index 0000000000..0775ab7cfb --- /dev/null +++ b/data/knative_knative-operator-serving/knative-cr.yaml @@ -0,0 +1,16 @@ +apiVersion: operator.knative.dev/v1beta1 +kind: KnativeServing +metadata: + name: test-cluster + namespace: default +spec: + workloads: + - name: controller + resources: + - container: controller + requests: + cpu: 300m + memory: 100Mi + limits: + cpu: 1000m + memory: 250Mi diff --git a/data/knative_knative-operator-serving/operator.yaml b/data/knative_knative-operator-serving/operator.yaml new file mode 100644 index 0000000000..dc521a461c --- /dev/null +++ b/data/knative_knative-operator-serving/operator.yaml @@ -0,0 +1,4642 @@ +# Copyright 2022 The Knative Authors +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# https://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +kind: Secret +metadata: + name: operator-webhook-certs + namespace: default + labels: + app.kubernetes.io/component: operator-webhook + app.kubernetes.io/version: "1.12.3" + app.kubernetes.io/name: knative-operator +# The data is populated at install time. + +--- +# Copyright 2022 The Knative Authors +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# https://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: apps/v1 +kind: Deployment +metadata: + name: operator-webhook + namespace: default + labels: + app.kubernetes.io/component: operator-webhook + app.kubernetes.io/version: "1.12.3" + app.kubernetes.io/name: knative-operator +spec: + selector: + matchLabels: + app: operator-webhook + role: operator-webhook + template: + metadata: + annotations: + sidecar.istio.io/inject: "false" + labels: + app: operator-webhook + role: operator-webhook + app.kubernetes.io/component: operator-webhook + app.kubernetes.io/version: "1.12.3" + app.kubernetes.io/name: knative-operator + spec: + # To avoid node becoming SPOF, spread our replicas to different nodes. + affinity: + podAntiAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + - podAffinityTerm: + labelSelector: + matchLabels: + app: operator-webhook + topologyKey: kubernetes.io/hostname + weight: 100 + serviceAccountName: operator-webhook + containers: + - name: operator-webhook + # This is the Go import path for the binary that is containerized + # and substituted here. + image: gcr.io/knative-releases/knative.dev/operator/cmd/webhook@sha256:67284d01099eb86e0403742929acfe9b8dfe3a440a1a85981858dcbe463580c0 + resources: + requests: + cpu: 100m + memory: 100Mi + limits: + cpu: 500m + memory: 500Mi + env: + - name: POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + - name: SYSTEM_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: CONFIG_LOGGING_NAME + value: config-logging + - name: CONFIG_OBSERVABILITY_NAME + value: config-observability + - name: WEBHOOK_NAME + value: operator-webhook + - name: WEBHOOK_PORT + value: "8443" + - name: WEBHOOK_SECRET_NAME + value: operator-webhook-certs + - name: METRICS_DOMAIN + value: knative.dev/operator + - name: KUBERNETES_MIN_VERSION + value: "" + securityContext: + allowPrivilegeEscalation: false + readOnlyRootFilesystem: true + runAsNonRoot: true + capabilities: + drop: + - all + ports: + - name: metrics + containerPort: 9090 + - name: profiling + containerPort: 8008 + - name: https-webhook + containerPort: 8443 + readinessProbe: + periodSeconds: 1 + httpGet: + scheme: HTTPS + port: 8443 + httpHeaders: + - name: k-kubelet-probe + value: "webhook" + livenessProbe: + periodSeconds: 1 + httpGet: + scheme: HTTPS + port: 8443 + httpHeaders: + - name: k-kubelet-probe + value: "webhook" + failureThreshold: 6 + initialDelaySeconds: 120 + # Our webhook should gracefully terminate by lame ducking first, set this to a sufficiently + # high value that we respect whatever value it has configured for the lame duck grace period. + terminationGracePeriodSeconds: 300 + +--- +# Copyright 2022 The Knative Authors +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# https://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +kind: Service +metadata: + labels: + role: operator-webhook + app.kubernetes.io/component: operator-webhook + app.kubernetes.io/version: "1.12.3" + app.kubernetes.io/name: knative-operator + name: operator-webhook + namespace: default +spec: + ports: + # Define metrics and profiling for them to be accessible within service meshes. + - name: http-metrics + port: 9090 + targetPort: 9090 + - name: http-profiling + port: 8008 + targetPort: 8008 + - name: https-webhook + port: 443 + targetPort: 8443 + selector: + role: operator-webhook + +--- +# Copyright 2021 The Knative Authors +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# https://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: knativeeventings.operator.knative.dev + labels: + app.kubernetes.io/version: "1.12.3" + app.kubernetes.io/name: knative-operator +spec: + group: operator.knative.dev + versions: + - name: v1beta1 + served: true + storage: true + subresources: + status: {} + schema: + openAPIV3Schema: + description: Schema for the knativeeventings API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: Spec defines the desired state of KnativeEventing + properties: + additionalManifests: + description: A list of the additional eventing manifests, which will be installed by the operator + items: + properties: + URL: + description: The link of the additional manifest URL + type: string + type: object + type: array + config: + additionalProperties: + additionalProperties: + type: string + type: object + description: A means to override the corresponding entries in the upstream configmaps + type: object + defaultBrokerClass: + description: The default broker type to use for the brokers Knative creates. If no value is provided, MTChannelBasedBroker will be used. + type: string + high-availability: + description: Allows specification of HA control plane + properties: + replicas: + description: The number of replicas that HA parts of the control plane will be scaled to + minimum: 0 + type: integer + type: object + workloads: + description: A mapping of deployment or statefulset name to override + type: array + items: + type: object + properties: + name: + description: The name of the deployment + type: string + labels: + additionalProperties: + type: string + description: Labels overrides labels for the deployment and its template. + type: object + livenessProbes: + description: LivenessProbes overrides liveness probes for the containers. + items: + description: ProbesRequirementsOverride enables the user to override any container's env vars. + properties: + container: + description: The container name + type: string + failureThreshold: + description: Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. + format: int32 + type: integer + initialDelaySeconds: + description: 'Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + periodSeconds: + description: How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. + format: int32 + type: integer + successThreshold: + description: Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. + format: int32 + type: integer + terminationGracePeriodSeconds: + description: Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. + format: int64 + type: integer + timeoutSeconds: + description: 'Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + required: + - container + type: object + type: array + annotations: + additionalProperties: + type: string + description: Annotations overrides labels for the deployment and its template. + type: object + env: + description: Env overrides env vars for the containers. + items: + properties: + container: + description: The container name + type: string + envVars: + description: The desired EnvVarRequirements + items: + description: EnvVar represents an environment variable present in a Container. + properties: + name: + description: Name of the environment variable. Must be a C_IDENTIFIER. + type: string + value: + description: 'Variable references $(VAR_NAME) are expanded using the previously defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "".' + type: string + valueFrom: + description: Source for the environment variable's value. Cannot be used if value is not empty. + properties: + configMapKeyRef: + description: Selects a key of a ConfigMap. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + optional: + description: Specify whether the ConfigMap or its key must be defined + type: boolean + required: + - key + type: object + fieldRef: + description: 'Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['''']`, `metadata.annotations['''']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs.' + properties: + apiVersion: + description: Version of the schema the FieldPath is written in terms of, defaults to "v1". + type: string + fieldPath: + description: Path of the field to select in the specified API version. + type: string + required: + - fieldPath + type: object + resourceFieldRef: + description: 'Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported.' + properties: + containerName: + description: 'Container name: required for volumes, optional for env vars' + type: string + divisor: + anyOf: + - type: integer + - type: string + description: Specifies the output format of the exposed resources, defaults to "1" + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + description: 'Required: resource to select' + type: string + required: + - resource + type: object + secretKeyRef: + description: Selects a key of a secret in the pod's namespace + properties: + key: + description: The key of the secret to select from. Must be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + optional: + description: Specify whether the Secret or its key must be defined + type: boolean + required: + - key + type: object + type: object + required: + - name + type: object + type: array + required: + - container + type: object + type: array + replicas: + description: The number of replicas that HA parts of the control plane will be scaled to + type: integer + minimum: 0 + nodeSelector: + additionalProperties: + type: string + description: NodeSelector overrides nodeSelector for the deployment. + type: object + readinessProbes: + description: ReadinessProbes overrides readiness probes for the containers. + items: + description: ProbesRequirementsOverride enables the user to override any container's env vars. + properties: + container: + description: The container name + type: string + failureThreshold: + description: Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. + format: int32 + type: integer + initialDelaySeconds: + description: 'Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + periodSeconds: + description: How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. + format: int32 + type: integer + successThreshold: + description: Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. + format: int32 + type: integer + terminationGracePeriodSeconds: + description: Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. + format: int64 + type: integer + timeoutSeconds: + description: 'Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + required: + - container + type: object + type: array + tolerations: + description: If specified, the pod's tolerations. + items: + description: The pod this Toleration is attached to tolerates any taint that matches the triple using the matching operator . + properties: + effect: + description: Effect indicates the taint effect to match. Empty means match all taint effects. When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. + type: string + key: + description: Key is the taint key that the toleration applies to. Empty means match all taint keys. If the key is empty, operator must be Exists; this combination means to match all values and all keys. + type: string + operator: + description: Operator represents a key's relationship to the value. Valid operators are Exists and Equal. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category. + type: string + tolerationSeconds: + description: TolerationSeconds represents the period of time the toleration (which must be of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, it is not set, which means tolerate the taint forever (do not evict). Zero and negative values will be treated as 0 (evict immediately) by the system. + format: int64 + type: integer + value: + description: Value is the taint value the toleration matches to. If the operator is Exists, the value should be empty, otherwise just a regular string. + type: string + type: object + type: array + hostNetwork: + description: Use the host's network namespace if true. Make sure to understand the security implications if you want to enable it. When hostNetwork is enabled, this will set dnsPolicy to ClusterFirstWithHostNet automatically. + type: boolean + topologySpreadConstraints: + description: If specified, the pod's topology spread constraints. + items: + description: TopologySpreadConstraint specifies how to spread matching pods among the given topology. + properties: + labelSelector: + description: LabelSelector is used to find matching pods. Pods that match this label selector are counted to determine the number of pods in their corresponding topology domain. + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. The requirements are ANDed. + items: + description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + properties: + key: + description: key is the label key that the selector applies to. + type: string + operator: + description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + type: object + maxSkew: + description: 'MaxSkew describes the degree to which pods may be unevenly distributed. It''s the maximum permitted difference between the number of matching pods in any two topology domains of a given topology type. For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same labelSelector spread as 1/1/0: | zone1 | zone2 | zone3 | | P | P | | - if MaxSkew is 1, incoming pod can only be scheduled to zone3 to become 1/1/1; scheduling it onto zone1(zone2) would make the ActualSkew(2-0) on zone1(zone2) violate MaxSkew(1). - if MaxSkew is 2, incoming pod can be scheduled onto any zone. It''s a required field. Default value is 1 and 0 is not allowed.' + format: int32 + type: integer + topologyKey: + description: TopologyKey is the key of node labels. Nodes that have a label with this key and identical values are considered to be in the same topology. We consider each as a "bucket", and try to put balanced number of pods into each bucket. It's a required field. + type: string + whenUnsatisfiable: + description: 'WhenUnsatisfiable indicates how to deal with a pod if it doesn''t satisfy the spread constraint. - DoNotSchedule (default) tells the scheduler not to schedule it - ScheduleAnyway tells the scheduler to still schedule it It''s considered as "Unsatisfiable" if and only if placing incoming pod on any topology violates "MaxSkew". For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same labelSelector spread as 3/1/1: | zone1 | zone2 | zone3 | | P P P | P | P | If WhenUnsatisfiable is set to DoNotSchedule, incoming pod can only be scheduled to zone2(zone3) to become 3/2/1(3/1/2) as ActualSkew(2-1) on zone2(zone3) satisfies MaxSkew(1). In other words, the cluster can still be imbalanced, but scheduler won''t make it *more* imbalanced. It''s a required field.' + type: string + required: + - maxSkew + - topologyKey + - whenUnsatisfiable + type: object + type: array + version: + description: Version the cluster should be on. + type: string + volumeMounts: + description: VolumeMounts allows configuration of additional VolumeMounts on the output StatefulSet definition. VolumeMounts specified will be appended to other VolumeMounts in the alertmanager container, that are generated as a result of StorageSpec objects. + items: + description: VolumeMount describes a mounting of a Volume within a container. + properties: + mountPath: + description: Path within the container at which the volume should be mounted. Must not contain ':'. + type: string + mountPropagation: + description: mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationNone is used. This field is beta in 1.10. + type: string + name: + description: This must match the Name of a Volume. + type: string + readOnly: + description: Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. + type: boolean + subPath: + description: Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root). + type: string + subPathExpr: + description: Expanded path within the volume from which the container's volume should be mounted. Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. Defaults to "" (volume's root). SubPathExpr and SubPath are mutually exclusive. + type: string + required: + - mountPath + - name + type: object + type: array + affinity: + description: If specified, the pod's scheduling constraints. + properties: + nodeAffinity: + description: Describes node affinity scheduling rules for the pod. + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node matches the corresponding matchExpressions; the node(s) with the highest sum are the most preferred. + items: + description: An empty preferred scheduling term matches all objects with implicit weight 0 (i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op). + properties: + preference: + description: A node selector term, associated with the corresponding weight. + properties: + matchExpressions: + description: A list of node selector requirements by node's labels. + items: + description: A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + properties: + key: + description: The label key that the selector applies to. + type: string + operator: + description: Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + type: string + values: + description: An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchFields: + description: A list of node selector requirements by node's fields. + items: + description: A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + properties: + key: + description: The label key that the selector applies to. + type: string + operator: + description: Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + type: string + values: + description: An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + type: object + weight: + description: Weight associated with matching the corresponding nodeSelectorTerm, in the range 1-100. + format: int32 + type: integer + required: + - preference + - weight + type: object + type: array + requiredDuringSchedulingIgnoredDuringExecution: + description: If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to an update), the system may or may not try to eventually evict the pod from its node. + properties: + nodeSelectorTerms: + description: Required. A list of node selector terms. The terms are ORed. + items: + description: A null or empty node selector term matches no objects. The requirements of them are ANDed. The TopologySelectorTerm type implements a subset of the NodeSelectorTerm. + properties: + matchExpressions: + description: A list of node selector requirements by node's labels. + items: + description: A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + properties: + key: + description: The label key that the selector applies to. + type: string + operator: + description: Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + type: string + values: + description: An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchFields: + description: A list of node selector requirements by node's fields. + items: + description: A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + properties: + key: + description: The label key that the selector applies to. + type: string + operator: + description: Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + type: string + values: + description: An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + type: object + type: array + required: + - nodeSelectorTerms + type: object + type: object + podAffinity: + description: Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s)). + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred. + items: + description: The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s) + properties: + podAffinityTerm: + description: Required. A pod affinity term, associated with the corresponding weight. + properties: + labelSelector: + description: A label query over a set of resources, in this case pods. + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. The requirements are ANDed. + items: + description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + properties: + key: + description: key is the label key that the selector applies to. + type: string + operator: + description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + type: object + namespaces: + description: namespaces specifies which namespaces the labelSelector applies to (matches against); null or empty list means "this pod's namespace" + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. + type: string + required: + - topologyKey + type: object + weight: + description: weight associated with matching the corresponding podAffinityTerm, in the range 1-100. + format: int32 + type: integer + required: + - podAffinityTerm + - weight + type: object + type: array + requiredDuringSchedulingIgnoredDuringExecution: + description: If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied. + items: + description: Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running + properties: + labelSelector: + description: A label query over a set of resources, in this case pods. + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. The requirements are ANDed. + items: + description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + properties: + key: + description: key is the label key that the selector applies to. + type: string + operator: + description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + type: object + namespaces: + description: namespaces specifies which namespaces the labelSelector applies to (matches against); null or empty list means "this pod's namespace" + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. + type: string + required: + - topologyKey + type: object + type: array + type: object + podAntiAffinity: + description: Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s)). + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule pods to nodes that satisfy the anti-affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling anti-affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred. + items: + description: The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s) + properties: + podAffinityTerm: + description: Required. A pod affinity term, associated with the corresponding weight. + properties: + labelSelector: + description: A label query over a set of resources, in this case pods. + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. The requirements are ANDed. + items: + description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + properties: + key: + description: key is the label key that the selector applies to. + type: string + operator: + description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + type: object + namespaces: + description: namespaces specifies which namespaces the labelSelector applies to (matches against); null or empty list means "this pod's namespace" + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. + type: string + required: + - topologyKey + type: object + weight: + description: weight associated with matching the corresponding podAffinityTerm, in the range 1-100. + format: int32 + type: integer + required: + - podAffinityTerm + - weight + type: object + type: array + requiredDuringSchedulingIgnoredDuringExecution: + description: If the anti-affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the anti-affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied. + items: + description: Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running + properties: + labelSelector: + description: A label query over a set of resources, in this case pods. + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. The requirements are ANDed. + items: + description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + properties: + key: + description: key is the label key that the selector applies to. + type: string + operator: + description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + type: object + namespaces: + description: namespaces specifies which namespaces the labelSelector applies to (matches against); null or empty list means "this pod's namespace" + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. + type: string + required: + - topologyKey + type: object + type: array + type: object + type: object + resources: + description: If specified, the container's resources. + items: + description: The pod this Resource is used to specify the requests and limits for a certain container based on the name. + properties: + container: + description: The name of the container + type: string + limits: + properties: + cpu: + pattern: ^([+-]?[0-9.]+)([eEinumkKMGTP]*[-+]?[0-9]*)$ + type: string + memory: + pattern: ^([+-]?[0-9.]+)([eEinumkKMGTP]*[-+]?[0-9]*)$ + type: string + type: object + requests: + properties: + cpu: + pattern: ^([+-]?[0-9.]+)([eEinumkKMGTP]*[-+]?[0-9]*)$ + type: string + memory: + pattern: ^([+-]?[0-9.]+)([eEinumkKMGTP]*[-+]?[0-9]*)$ + type: string + type: object + type: object + type: array + deployments: + description: A mapping of deployment name to override + type: array + items: + type: object + properties: + name: + description: The name of the deployment + type: string + labels: + additionalProperties: + type: string + description: Labels overrides labels for the deployment and its template. + type: object + annotations: + additionalProperties: + type: string + description: Annotations overrides labels for the deployment and its template. + type: object + env: + description: Env overrides env vars for the containers. + items: + properties: + container: + description: The container name + type: string + envVars: + description: The desired EnvVarRequirements + items: + description: EnvVar represents an environment variable present in a Container. + properties: + name: + description: Name of the environment variable. Must be a C_IDENTIFIER. + type: string + value: + description: 'Variable references $(VAR_NAME) are expanded using the previously defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "".' + type: string + valueFrom: + description: Source for the environment variable's value. Cannot be used if value is not empty. + properties: + configMapKeyRef: + description: Selects a key of a ConfigMap. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + optional: + description: Specify whether the ConfigMap or its key must be defined + type: boolean + required: + - key + type: object + fieldRef: + description: 'Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['''']`, `metadata.annotations['''']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs.' + properties: + apiVersion: + description: Version of the schema the FieldPath is written in terms of, defaults to "v1". + type: string + fieldPath: + description: Path of the field to select in the specified API version. + type: string + required: + - fieldPath + type: object + resourceFieldRef: + description: 'Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported.' + properties: + containerName: + description: 'Container name: required for volumes, optional for env vars' + type: string + divisor: + anyOf: + - type: integer + - type: string + description: Specifies the output format of the exposed resources, defaults to "1" + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + description: 'Required: resource to select' + type: string + required: + - resource + type: object + secretKeyRef: + description: Selects a key of a secret in the pod's namespace + properties: + key: + description: The key of the secret to select from. Must be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + optional: + description: Specify whether the Secret or its key must be defined + type: boolean + required: + - key + type: object + type: object + required: + - name + type: object + type: array + required: + - container + type: object + type: array + livenessProbes: + description: LivenessProbes overrides liveness probes for the containers. + items: + description: ProbesRequirementsOverride enables the user to override any container's env vars. + properties: + container: + description: The container name + type: string + failureThreshold: + description: Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. + format: int32 + type: integer + initialDelaySeconds: + description: 'Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + periodSeconds: + description: How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. + format: int32 + type: integer + successThreshold: + description: Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. + format: int32 + type: integer + terminationGracePeriodSeconds: + description: Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. + format: int64 + type: integer + timeoutSeconds: + description: 'Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + required: + - container + type: object + type: array + replicas: + description: The number of replicas that HA parts of the control plane will be scaled to + type: integer + minimum: 0 + nodeSelector: + additionalProperties: + type: string + description: NodeSelector overrides nodeSelector for the deployment. + type: object + readinessProbes: + description: ReadinessProbes overrides readiness probes for the containers. + items: + description: ProbesRequirementsOverride enables the user to override any container's env vars. + properties: + container: + description: The container name + type: string + failureThreshold: + description: Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. + format: int32 + type: integer + initialDelaySeconds: + description: 'Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + periodSeconds: + description: How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. + format: int32 + type: integer + successThreshold: + description: Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. + format: int32 + type: integer + terminationGracePeriodSeconds: + description: Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. + format: int64 + type: integer + timeoutSeconds: + description: 'Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + required: + - container + type: object + type: array + tolerations: + description: If specified, the pod's tolerations. + items: + description: The pod this Toleration is attached to tolerates any taint that matches the triple using the matching operator . + properties: + effect: + description: Effect indicates the taint effect to match. Empty means match all taint effects. When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. + type: string + key: + description: Key is the taint key that the toleration applies to. Empty means match all taint keys. If the key is empty, operator must be Exists; this combination means to match all values and all keys. + type: string + operator: + description: Operator represents a key's relationship to the value. Valid operators are Exists and Equal. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category. + type: string + tolerationSeconds: + description: TolerationSeconds represents the period of time the toleration (which must be of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, it is not set, which means tolerate the taint forever (do not evict). Zero and negative values will be treated as 0 (evict immediately) by the system. + format: int64 + type: integer + value: + description: Value is the taint value the toleration matches to. If the operator is Exists, the value should be empty, otherwise just a regular string. + type: string + type: object + type: array + hostNetwork: + description: Use the host's network namespace if true. Make sure to understand the security implications if you want to enable it. When hostNetwork is enabled, this will set dnsPolicy to ClusterFirstWithHostNet automatically. + type: boolean + topologySpreadConstraints: + description: If specified, the pod's topology spread constraints. + items: + description: TopologySpreadConstraint specifies how to spread matching pods among the given topology. + properties: + labelSelector: + description: LabelSelector is used to find matching pods. Pods that match this label selector are counted to determine the number of pods in their corresponding topology domain. + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. The requirements are ANDed. + items: + description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + properties: + key: + description: key is the label key that the selector applies to. + type: string + operator: + description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + type: object + maxSkew: + description: 'MaxSkew describes the degree to which pods may be unevenly distributed. It''s the maximum permitted difference between the number of matching pods in any two topology domains of a given topology type. For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same labelSelector spread as 1/1/0: | zone1 | zone2 | zone3 | | P | P | | - if MaxSkew is 1, incoming pod can only be scheduled to zone3 to become 1/1/1; scheduling it onto zone1(zone2) would make the ActualSkew(2-0) on zone1(zone2) violate MaxSkew(1). - if MaxSkew is 2, incoming pod can be scheduled onto any zone. It''s a required field. Default value is 1 and 0 is not allowed.' + format: int32 + type: integer + topologyKey: + description: TopologyKey is the key of node labels. Nodes that have a label with this key and identical values are considered to be in the same topology. We consider each as a "bucket", and try to put balanced number of pods into each bucket. It's a required field. + type: string + whenUnsatisfiable: + description: 'WhenUnsatisfiable indicates how to deal with a pod if it doesn''t satisfy the spread constraint. - DoNotSchedule (default) tells the scheduler not to schedule it - ScheduleAnyway tells the scheduler to still schedule it It''s considered as "Unsatisfiable" if and only if placing incoming pod on any topology violates "MaxSkew". For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same labelSelector spread as 3/1/1: | zone1 | zone2 | zone3 | | P P P | P | P | If WhenUnsatisfiable is set to DoNotSchedule, incoming pod can only be scheduled to zone2(zone3) to become 3/2/1(3/1/2) as ActualSkew(2-1) on zone2(zone3) satisfies MaxSkew(1). In other words, the cluster can still be imbalanced, but scheduler won''t make it *more* imbalanced. It''s a required field.' + type: string + required: + - maxSkew + - topologyKey + - whenUnsatisfiable + type: object + type: array + affinity: + description: If specified, the pod's scheduling constraints. + properties: + nodeAffinity: + description: Describes node affinity scheduling rules for the pod. + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node matches the corresponding matchExpressions; the node(s) with the highest sum are the most preferred. + items: + description: An empty preferred scheduling term matches all objects with implicit weight 0 (i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op). + properties: + preference: + description: A node selector term, associated with the corresponding weight. + properties: + matchExpressions: + description: A list of node selector requirements by node's labels. + items: + description: A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + properties: + key: + description: The label key that the selector applies to. + type: string + operator: + description: Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + type: string + values: + description: An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchFields: + description: A list of node selector requirements by node's fields. + items: + description: A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + properties: + key: + description: The label key that the selector applies to. + type: string + operator: + description: Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + type: string + values: + description: An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + type: object + weight: + description: Weight associated with matching the corresponding nodeSelectorTerm, in the range 1-100. + format: int32 + type: integer + required: + - preference + - weight + type: object + type: array + requiredDuringSchedulingIgnoredDuringExecution: + description: If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to an update), the system may or may not try to eventually evict the pod from its node. + properties: + nodeSelectorTerms: + description: Required. A list of node selector terms. The terms are ORed. + items: + description: A null or empty node selector term matches no objects. The requirements of them are ANDed. The TopologySelectorTerm type implements a subset of the NodeSelectorTerm. + properties: + matchExpressions: + description: A list of node selector requirements by node's labels. + items: + description: A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + properties: + key: + description: The label key that the selector applies to. + type: string + operator: + description: Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + type: string + values: + description: An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchFields: + description: A list of node selector requirements by node's fields. + items: + description: A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + properties: + key: + description: The label key that the selector applies to. + type: string + operator: + description: Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + type: string + values: + description: An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + type: object + type: array + required: + - nodeSelectorTerms + type: object + type: object + podAffinity: + description: Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s)). + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred. + items: + description: The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s) + properties: + podAffinityTerm: + description: Required. A pod affinity term, associated with the corresponding weight. + properties: + labelSelector: + description: A label query over a set of resources, in this case pods. + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. The requirements are ANDed. + items: + description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + properties: + key: + description: key is the label key that the selector applies to. + type: string + operator: + description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + type: object + namespaces: + description: namespaces specifies which namespaces the labelSelector applies to (matches against); null or empty list means "this pod's namespace" + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. + type: string + required: + - topologyKey + type: object + weight: + description: weight associated with matching the corresponding podAffinityTerm, in the range 1-100. + format: int32 + type: integer + required: + - podAffinityTerm + - weight + type: object + type: array + requiredDuringSchedulingIgnoredDuringExecution: + description: If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied. + items: + description: Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running + properties: + labelSelector: + description: A label query over a set of resources, in this case pods. + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. The requirements are ANDed. + items: + description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + properties: + key: + description: key is the label key that the selector applies to. + type: string + operator: + description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + type: object + namespaces: + description: namespaces specifies which namespaces the labelSelector applies to (matches against); null or empty list means "this pod's namespace" + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. + type: string + required: + - topologyKey + type: object + type: array + type: object + podAntiAffinity: + description: Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s)). + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule pods to nodes that satisfy the anti-affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling anti-affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred. + items: + description: The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s) + properties: + podAffinityTerm: + description: Required. A pod affinity term, associated with the corresponding weight. + properties: + labelSelector: + description: A label query over a set of resources, in this case pods. + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. The requirements are ANDed. + items: + description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + properties: + key: + description: key is the label key that the selector applies to. + type: string + operator: + description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + type: object + namespaces: + description: namespaces specifies which namespaces the labelSelector applies to (matches against); null or empty list means "this pod's namespace" + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. + type: string + required: + - topologyKey + type: object + weight: + description: weight associated with matching the corresponding podAffinityTerm, in the range 1-100. + format: int32 + type: integer + required: + - podAffinityTerm + - weight + type: object + type: array + requiredDuringSchedulingIgnoredDuringExecution: + description: If the anti-affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the anti-affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied. + items: + description: Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running + properties: + labelSelector: + description: A label query over a set of resources, in this case pods. + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. The requirements are ANDed. + items: + description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + properties: + key: + description: key is the label key that the selector applies to. + type: string + operator: + description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + type: object + namespaces: + description: namespaces specifies which namespaces the labelSelector applies to (matches against); null or empty list means "this pod's namespace" + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. + type: string + required: + - topologyKey + type: object + type: array + type: object + type: object + resources: + description: If specified, the container's resources. + items: + description: The pod this Resource is used to specify the requests and limits for a certain container based on the name. + properties: + container: + description: The name of the container + type: string + limits: + properties: + cpu: + pattern: ^([+-]?[0-9.]+)([eEinumkKMGTP]*[-+]?[0-9]*)$ + type: string + memory: + pattern: ^([+-]?[0-9.]+)([eEinumkKMGTP]*[-+]?[0-9]*)$ + type: string + type: object + requests: + properties: + cpu: + pattern: ^([+-]?[0-9.]+)([eEinumkKMGTP]*[-+]?[0-9]*)$ + type: string + memory: + pattern: ^([+-]?[0-9.]+)([eEinumkKMGTP]*[-+]?[0-9]*)$ + type: string + type: object + type: object + type: array + services: + description: A mapping of service name to override + type: array + items: + type: object + properties: + name: + description: The name of the service + type: string + labels: + additionalProperties: + type: string + description: Labels overrides labels for the service + type: object + annotations: + additionalProperties: + type: string + description: Annotations overrides labels for the service + type: object + selector: + additionalProperties: + type: string + description: Selector overrides selector for the service + type: object + podDisruptionBudgets: + description: A mapping of podDisruptionBudget name to override + type: array + items: + type: object + properties: + name: + description: The name of the podDisruptionBudget + type: string + minAvailable: + anyOf: + - type: integer + - type: string + description: An eviction is allowed if at least "minAvailable" pods selected by "selector" will still be available after the eviction, i.e. even in the absence of the evicted pod. So for example you can prevent all voluntary evictions by specifying "100%". + x-kubernetes-int-or-string: true + source: + description: The source configuration for Knative Eventing + properties: + ceph: + description: Ceph settings + properties: + enabled: + type: boolean + type: object + github: + description: GitHub settings + properties: + enabled: + type: boolean + type: object + gitlab: + description: GitLab settings + properties: + enabled: + type: boolean + type: object + kafka: + description: Apache Kafka settings + properties: + enabled: + type: boolean + type: object + rabbitmq: + description: RabbitMQ settings + properties: + enabled: + type: boolean + type: object + redis: + description: Redis settings + properties: + enabled: + type: boolean + type: object + type: object + manifests: + description: A list of eventing manifests, which will be installed by the operator + items: + properties: + URL: + description: The link of the manifest URL + type: string + type: object + type: array + registry: + description: A means to override the corresponding deployment images in the upstream. This affects both apps/v1.Deployment and caching.internal.knative.dev/v1alpha1.Image. + properties: + default: + description: The default image reference template to use for all knative images. Takes the form of example-registry.io/custom/path/${NAME}:custom-tag + type: string + imagePullSecrets: + description: A list of secrets to be used when pulling the knative images. The secret must be created in the same namespace as the knative-eventing deployments, and not the namespace of this resource. + items: + properties: + name: + description: The name of the secret. + type: string + type: object + type: array + override: + additionalProperties: + type: string + description: A map of a container name or image name to the full image location of the individual knative image. + type: object + type: object + sinkBindingSelectionMode: + description: Specifies the selection mode for the sinkbinding webhook. If the value is `inclusion`, only namespaces/objects labelled as `bindings.knative.dev/include:true` will be considered. If `exclusion` is selected, only `bindings.knative.dev/exclude:true` label is checked and these will NOT be considered. The default is `exclusion`. + type: string + version: + description: The version of Knative Eventing to be installed + type: string + type: object + status: + properties: + conditions: + description: The latest available observations of a resource's current state. + items: + properties: + lastTransitionTime: + description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). + type: string + message: + description: A human readable message indicating details about the transition. + type: string + reason: + description: The reason for the condition's last transition. + type: string + severity: + description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. + type: string + status: + description: Status of the condition, one of True, False, Unknown. + type: string + type: + description: Type of condition. + type: string + required: + - type + - status + type: object + type: array + manifests: + description: The list of eventing manifests, which have been installed by the operator + items: + type: string + type: array + observedGeneration: + description: The generation last processed by the controller + type: integer + version: + description: The version of the installed release + type: string + type: object + type: object + additionalPrinterColumns: + - jsonPath: .status.version + name: Version + type: string + - jsonPath: .status.conditions[?(@.type=="Ready")].status + name: Ready + type: string + - jsonPath: .status.conditions[?(@.type=="Ready")].reason + name: Reason + type: string + names: + kind: KnativeEventing + listKind: KnativeEventingList + plural: knativeeventings + singular: knativeeventing + scope: Namespaced + conversion: + strategy: Webhook + webhook: + conversionReviewVersions: ["v1beta1"] + clientConfig: + service: + name: operator-webhook + namespace: default + path: /resource-conversion + +--- +# Copyright 2021 The Knative Authors +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# https://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: knativeservings.operator.knative.dev + labels: + app.kubernetes.io/version: "1.12.3" + app.kubernetes.io/name: knative-operator +spec: + group: operator.knative.dev + versions: + - name: v1beta1 + served: true + storage: true + subresources: + status: {} + schema: + openAPIV3Schema: + description: Schema for the knativeservings API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: Spec defines the desired state of KnativeServing + properties: + additionalManifests: + description: A list of the additional serving manifests, which will be installed by the operator + items: + properties: + URL: + description: The link of the additional manifest URL + type: string + type: object + type: array + config: + additionalProperties: + additionalProperties: + type: string + type: object + description: A means to override the corresponding entries in the upstream configmaps + type: object + controller-custom-certs: + description: Enabling the controller to trust registries with self-signed certificates + properties: + name: + description: The name of the ConfigMap or Secret + type: string + type: + description: One of ConfigMap or Secret + enum: + - ConfigMap + - Secret + - "" + type: string + type: object + high-availability: + description: Allows specification of HA control plane + properties: + replicas: + description: The number of replicas that HA parts of the control plane will be scaled to + minimum: 0 + type: integer + type: object + workloads: + description: A mapping of deployment or statefulset name to override + type: array + items: + type: object + properties: + name: + description: The name of the deployment + type: string + labels: + additionalProperties: + type: string + description: Labels overrides labels for the deployment and its template. + type: object + livenessProbes: + description: LivenessProbes overrides liveness probes for the containers. + items: + description: ProbesRequirementsOverride enables the user to override any container's env vars. + properties: + container: + description: The container name + type: string + failureThreshold: + description: Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. + format: int32 + type: integer + initialDelaySeconds: + description: 'Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + periodSeconds: + description: How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. + format: int32 + type: integer + successThreshold: + description: Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. + format: int32 + type: integer + terminationGracePeriodSeconds: + description: Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. + format: int64 + type: integer + timeoutSeconds: + description: 'Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + required: + - container + type: object + type: array + annotations: + additionalProperties: + type: string + description: Annotations overrides labels for the deployment and its template. + type: object + env: + description: Env overrides env vars for the containers. + items: + properties: + container: + description: The container name + type: string + envVars: + description: The desired EnvVarRequirements + items: + description: EnvVar represents an environment variable present in a Container. + properties: + name: + description: Name of the environment variable. Must be a C_IDENTIFIER. + type: string + value: + description: 'Variable references $(VAR_NAME) are expanded using the previously defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "".' + type: string + valueFrom: + description: Source for the environment variable's value. Cannot be used if value is not empty. + properties: + configMapKeyRef: + description: Selects a key of a ConfigMap. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + optional: + description: Specify whether the ConfigMap or its key must be defined + type: boolean + required: + - key + type: object + fieldRef: + description: 'Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['''']`, `metadata.annotations['''']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs.' + properties: + apiVersion: + description: Version of the schema the FieldPath is written in terms of, defaults to "v1". + type: string + fieldPath: + description: Path of the field to select in the specified API version. + type: string + required: + - fieldPath + type: object + resourceFieldRef: + description: 'Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported.' + properties: + containerName: + description: 'Container name: required for volumes, optional for env vars' + type: string + divisor: + anyOf: + - type: integer + - type: string + description: Specifies the output format of the exposed resources, defaults to "1" + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + description: 'Required: resource to select' + type: string + required: + - resource + type: object + secretKeyRef: + description: Selects a key of a secret in the pod's namespace + properties: + key: + description: The key of the secret to select from. Must be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + optional: + description: Specify whether the Secret or its key must be defined + type: boolean + required: + - key + type: object + type: object + required: + - name + type: object + type: array + required: + - container + type: object + type: array + replicas: + description: The number of replicas that HA parts of the control plane will be scaled to + type: integer + minimum: 0 + nodeSelector: + additionalProperties: + type: string + description: NodeSelector overrides nodeSelector for the deployment. + type: object + readinessProbes: + description: ReadinessProbes overrides readiness probes for the containers. + items: + description: ProbesRequirementsOverride enables the user to override any container's env vars. + properties: + container: + description: The container name + type: string + failureThreshold: + description: Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. + format: int32 + type: integer + initialDelaySeconds: + description: 'Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + periodSeconds: + description: How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. + format: int32 + type: integer + successThreshold: + description: Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. + format: int32 + type: integer + terminationGracePeriodSeconds: + description: Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. + format: int64 + type: integer + timeoutSeconds: + description: 'Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + required: + - container + type: object + type: array + tolerations: + description: If specified, the pod's tolerations. + items: + description: The pod this Toleration is attached to tolerates any taint that matches the triple using the matching operator . + properties: + effect: + description: Effect indicates the taint effect to match. Empty means match all taint effects. When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. + type: string + key: + description: Key is the taint key that the toleration applies to. Empty means match all taint keys. If the key is empty, operator must be Exists; this combination means to match all values and all keys. + type: string + operator: + description: Operator represents a key's relationship to the value. Valid operators are Exists and Equal. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category. + type: string + tolerationSeconds: + description: TolerationSeconds represents the period of time the toleration (which must be of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, it is not set, which means tolerate the taint forever (do not evict). Zero and negative values will be treated as 0 (evict immediately) by the system. + format: int64 + type: integer + value: + description: Value is the taint value the toleration matches to. If the operator is Exists, the value should be empty, otherwise just a regular string. + type: string + type: object + type: array + hostNetwork: + description: Use the host's network namespace if true. Make sure to understand the security implications if you want to enable it. When hostNetwork is enabled, this will set dnsPolicy to ClusterFirstWithHostNet automatically. + type: boolean + topologySpreadConstraints: + description: If specified, the pod's topology spread constraints. + items: + description: TopologySpreadConstraint specifies how to spread matching pods among the given topology. + properties: + labelSelector: + description: LabelSelector is used to find matching pods. Pods that match this label selector are counted to determine the number of pods in their corresponding topology domain. + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. The requirements are ANDed. + items: + description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + properties: + key: + description: key is the label key that the selector applies to. + type: string + operator: + description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + type: object + maxSkew: + description: 'MaxSkew describes the degree to which pods may be unevenly distributed. It''s the maximum permitted difference between the number of matching pods in any two topology domains of a given topology type. For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same labelSelector spread as 1/1/0: | zone1 | zone2 | zone3 | | P | P | | - if MaxSkew is 1, incoming pod can only be scheduled to zone3 to become 1/1/1; scheduling it onto zone1(zone2) would make the ActualSkew(2-0) on zone1(zone2) violate MaxSkew(1). - if MaxSkew is 2, incoming pod can be scheduled onto any zone. It''s a required field. Default value is 1 and 0 is not allowed.' + format: int32 + type: integer + topologyKey: + description: TopologyKey is the key of node labels. Nodes that have a label with this key and identical values are considered to be in the same topology. We consider each as a "bucket", and try to put balanced number of pods into each bucket. It's a required field. + type: string + whenUnsatisfiable: + description: 'WhenUnsatisfiable indicates how to deal with a pod if it doesn''t satisfy the spread constraint. - DoNotSchedule (default) tells the scheduler not to schedule it - ScheduleAnyway tells the scheduler to still schedule it It''s considered as "Unsatisfiable" if and only if placing incoming pod on any topology violates "MaxSkew". For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same labelSelector spread as 3/1/1: | zone1 | zone2 | zone3 | | P P P | P | P | If WhenUnsatisfiable is set to DoNotSchedule, incoming pod can only be scheduled to zone2(zone3) to become 3/2/1(3/1/2) as ActualSkew(2-1) on zone2(zone3) satisfies MaxSkew(1). In other words, the cluster can still be imbalanced, but scheduler won''t make it *more* imbalanced. It''s a required field.' + type: string + required: + - maxSkew + - topologyKey + - whenUnsatisfiable + type: object + type: array + version: + description: Version the cluster should be on. + type: string + volumeMounts: + description: VolumeMounts allows configuration of additional VolumeMounts on the output StatefulSet definition. VolumeMounts specified will be appended to other VolumeMounts in the alertmanager container, that are generated as a result of StorageSpec objects. + items: + description: VolumeMount describes a mounting of a Volume within a container. + properties: + mountPath: + description: Path within the container at which the volume should be mounted. Must not contain ':'. + type: string + mountPropagation: + description: mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationNone is used. This field is beta in 1.10. + type: string + name: + description: This must match the Name of a Volume. + type: string + readOnly: + description: Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. + type: boolean + subPath: + description: Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root). + type: string + subPathExpr: + description: Expanded path within the volume from which the container's volume should be mounted. Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. Defaults to "" (volume's root). SubPathExpr and SubPath are mutually exclusive. + type: string + required: + - mountPath + - name + type: object + type: array + affinity: + description: If specified, the pod's scheduling constraints. + properties: + nodeAffinity: + description: Describes node affinity scheduling rules for the pod. + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node matches the corresponding matchExpressions; the node(s) with the highest sum are the most preferred. + items: + description: An empty preferred scheduling term matches all objects with implicit weight 0 (i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op). + properties: + preference: + description: A node selector term, associated with the corresponding weight. + properties: + matchExpressions: + description: A list of node selector requirements by node's labels. + items: + description: A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + properties: + key: + description: The label key that the selector applies to. + type: string + operator: + description: Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + type: string + values: + description: An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchFields: + description: A list of node selector requirements by node's fields. + items: + description: A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + properties: + key: + description: The label key that the selector applies to. + type: string + operator: + description: Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + type: string + values: + description: An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + type: object + weight: + description: Weight associated with matching the corresponding nodeSelectorTerm, in the range 1-100. + format: int32 + type: integer + required: + - preference + - weight + type: object + type: array + requiredDuringSchedulingIgnoredDuringExecution: + description: If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to an update), the system may or may not try to eventually evict the pod from its node. + properties: + nodeSelectorTerms: + description: Required. A list of node selector terms. The terms are ORed. + items: + description: A null or empty node selector term matches no objects. The requirements of them are ANDed. The TopologySelectorTerm type implements a subset of the NodeSelectorTerm. + properties: + matchExpressions: + description: A list of node selector requirements by node's labels. + items: + description: A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + properties: + key: + description: The label key that the selector applies to. + type: string + operator: + description: Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + type: string + values: + description: An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchFields: + description: A list of node selector requirements by node's fields. + items: + description: A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + properties: + key: + description: The label key that the selector applies to. + type: string + operator: + description: Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + type: string + values: + description: An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + type: object + type: array + required: + - nodeSelectorTerms + type: object + type: object + podAffinity: + description: Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s)). + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred. + items: + description: The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s) + properties: + podAffinityTerm: + description: Required. A pod affinity term, associated with the corresponding weight. + properties: + labelSelector: + description: A label query over a set of resources, in this case pods. + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. The requirements are ANDed. + items: + description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + properties: + key: + description: key is the label key that the selector applies to. + type: string + operator: + description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + type: object + namespaces: + description: namespaces specifies which namespaces the labelSelector applies to (matches against); null or empty list means "this pod's namespace" + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. + type: string + required: + - topologyKey + type: object + weight: + description: weight associated with matching the corresponding podAffinityTerm, in the range 1-100. + format: int32 + type: integer + required: + - podAffinityTerm + - weight + type: object + type: array + requiredDuringSchedulingIgnoredDuringExecution: + description: If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied. + items: + description: Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running + properties: + labelSelector: + description: A label query over a set of resources, in this case pods. + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. The requirements are ANDed. + items: + description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + properties: + key: + description: key is the label key that the selector applies to. + type: string + operator: + description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + type: object + namespaces: + description: namespaces specifies which namespaces the labelSelector applies to (matches against); null or empty list means "this pod's namespace" + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. + type: string + required: + - topologyKey + type: object + type: array + type: object + podAntiAffinity: + description: Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s)). + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule pods to nodes that satisfy the anti-affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling anti-affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred. + items: + description: The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s) + properties: + podAffinityTerm: + description: Required. A pod affinity term, associated with the corresponding weight. + properties: + labelSelector: + description: A label query over a set of resources, in this case pods. + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. The requirements are ANDed. + items: + description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + properties: + key: + description: key is the label key that the selector applies to. + type: string + operator: + description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + type: object + namespaces: + description: namespaces specifies which namespaces the labelSelector applies to (matches against); null or empty list means "this pod's namespace" + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. + type: string + required: + - topologyKey + type: object + weight: + description: weight associated with matching the corresponding podAffinityTerm, in the range 1-100. + format: int32 + type: integer + required: + - podAffinityTerm + - weight + type: object + type: array + requiredDuringSchedulingIgnoredDuringExecution: + description: If the anti-affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the anti-affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied. + items: + description: Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running + properties: + labelSelector: + description: A label query over a set of resources, in this case pods. + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. The requirements are ANDed. + items: + description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + properties: + key: + description: key is the label key that the selector applies to. + type: string + operator: + description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + type: object + namespaces: + description: namespaces specifies which namespaces the labelSelector applies to (matches against); null or empty list means "this pod's namespace" + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. + type: string + required: + - topologyKey + type: object + type: array + type: object + type: object + resources: + description: If specified, the container's resources. + items: + description: The pod this Resource is used to specify the requests and limits for a certain container based on the name. + properties: + container: + description: The name of the container + type: string + limits: + properties: + cpu: + pattern: ^([+-]?[0-9.]+)([eEinumkKMGTP]*[-+]?[0-9]*)$ + type: string + memory: + pattern: ^([+-]?[0-9.]+)([eEinumkKMGTP]*[-+]?[0-9]*)$ + type: string + type: object + requests: + properties: + cpu: + pattern: ^([+-]?[0-9.]+)([eEinumkKMGTP]*[-+]?[0-9]*)$ + type: string + memory: + pattern: ^([+-]?[0-9.]+)([eEinumkKMGTP]*[-+]?[0-9]*)$ + type: string + type: object + type: object + type: array + deployments: + description: A mapping of deployment name to override + type: array + items: + type: object + properties: + name: + description: The name of the deployment + type: string + labels: + additionalProperties: + type: string + description: Labels overrides labels for the deployment and its template. + type: object + annotations: + additionalProperties: + type: string + description: Annotations overrides labels for the deployment and its template. + type: object + env: + description: Env overrides env vars for the containers. + items: + properties: + container: + description: The container name + type: string + envVars: + description: The desired EnvVarRequirements + items: + description: EnvVar represents an environment variable present in a Container. + properties: + name: + description: Name of the environment variable. Must be a C_IDENTIFIER. + type: string + value: + description: 'Variable references $(VAR_NAME) are expanded using the previously defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "".' + type: string + valueFrom: + description: Source for the environment variable's value. Cannot be used if value is not empty. + properties: + configMapKeyRef: + description: Selects a key of a ConfigMap. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + optional: + description: Specify whether the ConfigMap or its key must be defined + type: boolean + required: + - key + type: object + fieldRef: + description: 'Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['''']`, `metadata.annotations['''']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs.' + properties: + apiVersion: + description: Version of the schema the FieldPath is written in terms of, defaults to "v1". + type: string + fieldPath: + description: Path of the field to select in the specified API version. + type: string + required: + - fieldPath + type: object + resourceFieldRef: + description: 'Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported.' + properties: + containerName: + description: 'Container name: required for volumes, optional for env vars' + type: string + divisor: + anyOf: + - type: integer + - type: string + description: Specifies the output format of the exposed resources, defaults to "1" + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + description: 'Required: resource to select' + type: string + required: + - resource + type: object + secretKeyRef: + description: Selects a key of a secret in the pod's namespace + properties: + key: + description: The key of the secret to select from. Must be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + optional: + description: Specify whether the Secret or its key must be defined + type: boolean + required: + - key + type: object + type: object + required: + - name + type: object + type: array + required: + - container + type: object + type: array + livenessProbes: + description: LivenessProbes overrides liveness probes for the containers. + items: + description: ProbesRequirementsOverride enables the user to override any container's env vars. + properties: + container: + description: The container name + type: string + failureThreshold: + description: Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. + format: int32 + type: integer + initialDelaySeconds: + description: 'Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + periodSeconds: + description: How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. + format: int32 + type: integer + successThreshold: + description: Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. + format: int32 + type: integer + terminationGracePeriodSeconds: + description: Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. + format: int64 + type: integer + timeoutSeconds: + description: 'Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + required: + - container + type: object + type: array + replicas: + description: The number of replicas that HA parts of the control plane will be scaled to + type: integer + minimum: 0 + nodeSelector: + additionalProperties: + type: string + description: NodeSelector overrides nodeSelector for the deployment. + type: object + readinessProbes: + description: ReadinessProbes overrides readiness probes for the containers. + items: + description: ProbesRequirementsOverride enables the user to override any container's env vars. + properties: + container: + description: The container name + type: string + failureThreshold: + description: Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. + format: int32 + type: integer + initialDelaySeconds: + description: 'Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + periodSeconds: + description: How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. + format: int32 + type: integer + successThreshold: + description: Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. + format: int32 + type: integer + terminationGracePeriodSeconds: + description: Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. + format: int64 + type: integer + timeoutSeconds: + description: 'Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + required: + - container + type: object + type: array + tolerations: + description: If specified, the pod's tolerations. + items: + description: The pod this Toleration is attached to tolerates any taint that matches the triple using the matching operator . + properties: + effect: + description: Effect indicates the taint effect to match. Empty means match all taint effects. When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. + type: string + key: + description: Key is the taint key that the toleration applies to. Empty means match all taint keys. If the key is empty, operator must be Exists; this combination means to match all values and all keys. + type: string + operator: + description: Operator represents a key's relationship to the value. Valid operators are Exists and Equal. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category. + type: string + tolerationSeconds: + description: TolerationSeconds represents the period of time the toleration (which must be of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, it is not set, which means tolerate the taint forever (do not evict). Zero and negative values will be treated as 0 (evict immediately) by the system. + format: int64 + type: integer + value: + description: Value is the taint value the toleration matches to. If the operator is Exists, the value should be empty, otherwise just a regular string. + type: string + type: object + type: array + hostNetwork: + description: Use the host's network namespace if true. Make sure to understand the security implications if you want to enable it. When hostNetwork is enabled, this will set dnsPolicy to ClusterFirstWithHostNet automatically. + type: boolean + topologySpreadConstraints: + description: If specified, the pod's topology spread constraints. + items: + description: TopologySpreadConstraint specifies how to spread matching pods among the given topology. + properties: + labelSelector: + description: LabelSelector is used to find matching pods. Pods that match this label selector are counted to determine the number of pods in their corresponding topology domain. + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. The requirements are ANDed. + items: + description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + properties: + key: + description: key is the label key that the selector applies to. + type: string + operator: + description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + type: object + maxSkew: + description: 'MaxSkew describes the degree to which pods may be unevenly distributed. It''s the maximum permitted difference between the number of matching pods in any two topology domains of a given topology type. For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same labelSelector spread as 1/1/0: | zone1 | zone2 | zone3 | | P | P | | - if MaxSkew is 1, incoming pod can only be scheduled to zone3 to become 1/1/1; scheduling it onto zone1(zone2) would make the ActualSkew(2-0) on zone1(zone2) violate MaxSkew(1). - if MaxSkew is 2, incoming pod can be scheduled onto any zone. It''s a required field. Default value is 1 and 0 is not allowed.' + format: int32 + type: integer + topologyKey: + description: TopologyKey is the key of node labels. Nodes that have a label with this key and identical values are considered to be in the same topology. We consider each as a "bucket", and try to put balanced number of pods into each bucket. It's a required field. + type: string + whenUnsatisfiable: + description: 'WhenUnsatisfiable indicates how to deal with a pod if it doesn''t satisfy the spread constraint. - DoNotSchedule (default) tells the scheduler not to schedule it - ScheduleAnyway tells the scheduler to still schedule it It''s considered as "Unsatisfiable" if and only if placing incoming pod on any topology violates "MaxSkew". For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same labelSelector spread as 3/1/1: | zone1 | zone2 | zone3 | | P P P | P | P | If WhenUnsatisfiable is set to DoNotSchedule, incoming pod can only be scheduled to zone2(zone3) to become 3/2/1(3/1/2) as ActualSkew(2-1) on zone2(zone3) satisfies MaxSkew(1). In other words, the cluster can still be imbalanced, but scheduler won''t make it *more* imbalanced. It''s a required field.' + type: string + required: + - maxSkew + - topologyKey + - whenUnsatisfiable + type: object + type: array + affinity: + description: If specified, the pod's scheduling constraints. + properties: + nodeAffinity: + description: Describes node affinity scheduling rules for the pod. + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node matches the corresponding matchExpressions; the node(s) with the highest sum are the most preferred. + items: + description: An empty preferred scheduling term matches all objects with implicit weight 0 (i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op). + properties: + preference: + description: A node selector term, associated with the corresponding weight. + properties: + matchExpressions: + description: A list of node selector requirements by node's labels. + items: + description: A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + properties: + key: + description: The label key that the selector applies to. + type: string + operator: + description: Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + type: string + values: + description: An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchFields: + description: A list of node selector requirements by node's fields. + items: + description: A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + properties: + key: + description: The label key that the selector applies to. + type: string + operator: + description: Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + type: string + values: + description: An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + type: object + weight: + description: Weight associated with matching the corresponding nodeSelectorTerm, in the range 1-100. + format: int32 + type: integer + required: + - preference + - weight + type: object + type: array + requiredDuringSchedulingIgnoredDuringExecution: + description: If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to an update), the system may or may not try to eventually evict the pod from its node. + properties: + nodeSelectorTerms: + description: Required. A list of node selector terms. The terms are ORed. + items: + description: A null or empty node selector term matches no objects. The requirements of them are ANDed. The TopologySelectorTerm type implements a subset of the NodeSelectorTerm. + properties: + matchExpressions: + description: A list of node selector requirements by node's labels. + items: + description: A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + properties: + key: + description: The label key that the selector applies to. + type: string + operator: + description: Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + type: string + values: + description: An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchFields: + description: A list of node selector requirements by node's fields. + items: + description: A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + properties: + key: + description: The label key that the selector applies to. + type: string + operator: + description: Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + type: string + values: + description: An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + type: object + type: array + required: + - nodeSelectorTerms + type: object + type: object + podAffinity: + description: Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s)). + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred. + items: + description: The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s) + properties: + podAffinityTerm: + description: Required. A pod affinity term, associated with the corresponding weight. + properties: + labelSelector: + description: A label query over a set of resources, in this case pods. + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. The requirements are ANDed. + items: + description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + properties: + key: + description: key is the label key that the selector applies to. + type: string + operator: + description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + type: object + namespaces: + description: namespaces specifies which namespaces the labelSelector applies to (matches against); null or empty list means "this pod's namespace" + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. + type: string + required: + - topologyKey + type: object + weight: + description: weight associated with matching the corresponding podAffinityTerm, in the range 1-100. + format: int32 + type: integer + required: + - podAffinityTerm + - weight + type: object + type: array + requiredDuringSchedulingIgnoredDuringExecution: + description: If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied. + items: + description: Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running + properties: + labelSelector: + description: A label query over a set of resources, in this case pods. + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. The requirements are ANDed. + items: + description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + properties: + key: + description: key is the label key that the selector applies to. + type: string + operator: + description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + type: object + namespaces: + description: namespaces specifies which namespaces the labelSelector applies to (matches against); null or empty list means "this pod's namespace" + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. + type: string + required: + - topologyKey + type: object + type: array + type: object + podAntiAffinity: + description: Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s)). + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule pods to nodes that satisfy the anti-affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling anti-affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred. + items: + description: The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s) + properties: + podAffinityTerm: + description: Required. A pod affinity term, associated with the corresponding weight. + properties: + labelSelector: + description: A label query over a set of resources, in this case pods. + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. The requirements are ANDed. + items: + description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + properties: + key: + description: key is the label key that the selector applies to. + type: string + operator: + description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + type: object + namespaces: + description: namespaces specifies which namespaces the labelSelector applies to (matches against); null or empty list means "this pod's namespace" + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. + type: string + required: + - topologyKey + type: object + weight: + description: weight associated with matching the corresponding podAffinityTerm, in the range 1-100. + format: int32 + type: integer + required: + - podAffinityTerm + - weight + type: object + type: array + requiredDuringSchedulingIgnoredDuringExecution: + description: If the anti-affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the anti-affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied. + items: + description: Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running + properties: + labelSelector: + description: A label query over a set of resources, in this case pods. + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. The requirements are ANDed. + items: + description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + properties: + key: + description: key is the label key that the selector applies to. + type: string + operator: + description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + type: object + namespaces: + description: namespaces specifies which namespaces the labelSelector applies to (matches against); null or empty list means "this pod's namespace" + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. + type: string + required: + - topologyKey + type: object + type: array + type: object + type: object + resources: + description: If specified, the container's resources. + items: + description: The pod this Resource is used to specify the requests and limits for a certain container based on the name. + properties: + container: + description: The name of the container + type: string + limits: + properties: + cpu: + pattern: ^([+-]?[0-9.]+)([eEinumkKMGTP]*[-+]?[0-9]*)$ + type: string + memory: + pattern: ^([+-]?[0-9.]+)([eEinumkKMGTP]*[-+]?[0-9]*)$ + type: string + type: object + requests: + properties: + cpu: + pattern: ^([+-]?[0-9.]+)([eEinumkKMGTP]*[-+]?[0-9]*)$ + type: string + memory: + pattern: ^([+-]?[0-9.]+)([eEinumkKMGTP]*[-+]?[0-9]*)$ + type: string + type: object + type: object + type: array + services: + description: A mapping of service name to override + type: array + items: + type: object + properties: + name: + description: The name of the service + type: string + labels: + additionalProperties: + type: string + description: Labels overrides labels for the service + type: object + annotations: + additionalProperties: + type: string + description: Annotations overrides labels for the service + type: object + selector: + additionalProperties: + type: string + description: Selector overrides selector for the service + type: object + podDisruptionBudgets: + description: A mapping of podDisruptionBudget name to override + type: array + items: + type: object + properties: + name: + description: The name of the podDisruptionBudget + type: string + minAvailable: + anyOf: + - type: integer + - type: string + description: An eviction is allowed if at least "minAvailable" pods selected by "selector" will still be available after the eviction, i.e. even in the absence of the evicted pod. So for example you can prevent all voluntary evictions by specifying "100%". + x-kubernetes-int-or-string: true + ingress: + description: The ingress configuration for Knative Serving + properties: + contour: + description: Contour settings + properties: + enabled: + type: boolean + type: object + istio: + description: Istio settings + properties: + enabled: + type: boolean + knative-ingress-gateway: + description: A means to override the knative-ingress-gateway + properties: + selector: + additionalProperties: + type: string + description: The selector for the ingress-gateway. + type: object + servers: + description: A list of server specifications. + items: + properties: + hosts: + description: One or more hosts exposed by this gateway. + items: + format: string + type: string + type: array + port: + properties: + name: + description: Label assigned to the port. + format: string + type: string + number: + description: A valid non-negative integer port number. + type: integer + target_port: + description: A valid non-negative integer target port number. + type: integer + protocol: + description: The protocol exposed on the port. + format: string + type: string + type: object + type: object + type: array + type: object + knative-local-gateway: + description: A means to override the knative-local-gateway + properties: + selector: + additionalProperties: + type: string + description: The selector for the ingress-gateway. + type: object + servers: + description: A list of server specifications. + items: + properties: + hosts: + description: One or more hosts exposed by this gateway. + items: + format: string + type: string + type: array + port: + properties: + name: + description: Label assigned to the port. + format: string + type: string + number: + description: A valid non-negative integer port number. + type: integer + target_port: + description: A valid non-negative integer target port number. + type: integer + protocol: + description: The protocol exposed on the port. + format: string + type: string + type: object + type: object + type: array + type: object + type: object + kourier: + description: Kourier settings + properties: + enabled: + type: boolean + service-type: + type: string + service-load-balancer-ip: + type: string + bootstrap-configmap: + type: string + http-port: + type: integer + https-port: + type: integer + type: object + type: object + security: + description: The security configuration for Knative Serving + properties: + securityGuard: + description: Security Guard settings + properties: + enabled: + type: boolean + type: object + type: object + manifests: + description: A list of serving manifests, which will be installed by the operator + items: + properties: + URL: + description: The link of the manifest URL + type: string + type: object + type: array + registry: + description: A means to override the corresponding deployment images in the upstream. This affects both apps/v1.Deployment and caching.internal.knative.dev/v1alpha1.Image. + properties: + default: + description: The default image reference template to use for all knative images. Takes the form of example-registry.io/custom/path/${NAME}:custom-tag + type: string + imagePullSecrets: + description: A list of secrets to be used when pulling the knative images. The secret must be created in the same namespace as the knative-serving deployments, and not the namespace of this resource. + items: + properties: + name: + description: The name of the secret. + type: string + type: object + type: array + override: + additionalProperties: + type: string + description: A map of a container name or image name to the full image location of the individual knative image. + type: object + type: object + version: + description: The version of Knative Serving to be installed + type: string + type: object + status: + description: Status defines the observed state of KnativeServing + properties: + conditions: + description: The latest available observations of a resource's current state. + items: + properties: + lastTransitionTime: + description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). + type: string + message: + description: A human readable message indicating details about the transition. + type: string + reason: + description: The reason for the condition's last transition. + type: string + severity: + description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. + type: string + status: + description: Status of the condition, one of True, False, Unknown. + type: string + type: + description: Type of condition. + type: string + required: + - type + - status + type: object + type: array + manifests: + description: The list of serving manifests, which have been installed by the operator + items: + type: string + type: array + observedGeneration: + description: The generation last processed by the controller + type: integer + version: + description: The version of the installed release + type: string + type: object + type: object + additionalPrinterColumns: + - jsonPath: .status.version + name: Version + type: string + - jsonPath: .status.conditions[?(@.type=="Ready")].status + name: Ready + type: string + - jsonPath: .status.conditions[?(@.type=="Ready")].reason + name: Reason + type: string + names: + kind: KnativeServing + listKind: KnativeServingList + plural: knativeservings + singular: knativeserving + scope: Namespaced + conversion: + strategy: Webhook + webhook: + conversionReviewVersions: ["v1beta1"] + clientConfig: + service: + name: operator-webhook + namespace: default + path: /resource-conversion + +--- +# Copyright 2020 The Knative Authors +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# https://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: knative-serving-operator-aggregated + labels: + app.kubernetes.io/version: "1.12.3" + app.kubernetes.io/name: knative-operator +aggregationRule: + clusterRoleSelectors: + # This (along with escalate below) allows the Operator to pick up any + # roles that are provided to the admin of the cluster by knative serving + # automatically. + - matchExpressions: + - {key: serving.knative.dev/release, operator: Exists} +rules: [] # Rules are automatically filled in by the controller manager. +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: knative-serving-operator-aggregated-stable + labels: + app.kubernetes.io/version: "1.12.3" + app.kubernetes.io/name: knative-operator +aggregationRule: + clusterRoleSelectors: + # This (along with escalate below) allows the Operator to pick up any + # roles that are provided to the admin of the cluster by knative serving + # automatically. + - matchExpressions: + - {key: app.kubernetes.io/name, operator: In, values: ["knative-serving"]} +rules: [] # Rules are automatically filled in by the controller manager. +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: knative-eventing-operator-aggregated + labels: + app.kubernetes.io/version: "1.12.3" + app.kubernetes.io/name: knative-operator +aggregationRule: + clusterRoleSelectors: + # This (along with escalate below) allows the Operator to pick up any + # roles that are provided to the admin of the cluster by knative eventing + # automatically. + - matchExpressions: + - {key: eventing.knative.dev/release, operator: Exists} +rules: [] # Rules are automatically filled in by the controller manager. +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: knative-eventing-operator-aggregated-stable + labels: + app.kubernetes.io/version: "1.12.3" + app.kubernetes.io/name: knative-operator +aggregationRule: + clusterRoleSelectors: + # This (along with escalate below) allows the Operator to pick up any + # roles that are provided to the admin of the cluster by knative eventing + # automatically. + - matchExpressions: + - {key: app.kubernetes.io/name, operator: In, values: ["knative-eventing"]} +rules: [] # Rules are automatically filled in by the controller manager. + +--- +# Copyright 2020 The Knative Authors +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# https://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +kind: ClusterRole +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: knative-serving-operator + labels: + app.kubernetes.io/version: "1.12.3" + app.kubernetes.io/name: knative-operator +rules: + - apiGroups: + - operator.knative.dev + resources: + - '*' + verbs: + - '*' + # Bootstrapping permissions. + # Roles that are explicitly bound buch which are specified by this Operator + # MUST be specified here with 'get' and 'bind'. + - apiGroups: + - rbac.authorization.k8s.io + resources: + - clusterroles + resourceNames: + - system:auth-delegator + verbs: + - bind + - get + - apiGroups: + - rbac.authorization.k8s.io + resources: + - roles + resourceNames: + - extension-apiserver-authentication-reader + verbs: + - bind + - get + - apiGroups: + - rbac.authorization.k8s.io + resources: + - clusterroles + - roles + verbs: + - create + - delete + # Escalate is necessary in order to create a role using cluster role aggregation, + # and to allow the Operator to bootstrap itself into the necessary set of + # permissions, even as those continue to evolve upstream. + - escalate + - get + - list + - update + - apiGroups: + - rbac.authorization.k8s.io + resources: + - clusterrolebindings + - rolebindings + verbs: + - create + - delete + - list + - get + - update + # Permissions required for Knative controller + # infra. + - apiGroups: + - apiregistration.k8s.io + resources: + - apiservices + verbs: + - update + - apiGroups: + - "" + resources: + - services + verbs: + - create + - delete + - get + - list + - watch + - apiGroups: + - caching.internal.knative.dev + resources: + - images + verbs: + - '*' + - apiGroups: + - "" + resources: + - namespaces + verbs: + - get + - update + - watch + - apiGroups: + - '' + resources: + - events + verbs: + - create + - update + - patch + - apiGroups: + - '' + resources: + - configmaps + verbs: + - create + - delete + - get + - list + - watch + - apiGroups: + - security.istio.io + - apps + - policy + resources: + - poddisruptionbudgets + - peerauthentications + - deployments + - daemonsets + - replicasets + - statefulsets + verbs: + - create + - delete + - get + - list + - watch + - update + - apiGroups: + - apiregistration.k8s.io + resources: + - apiservices + verbs: + - create + - delete + - get + - list + - apiGroups: + - autoscaling + resources: + - horizontalpodautoscalers + verbs: + - create + - delete + - get + - list + - apiGroups: + - coordination.k8s.io + resources: + - leases + verbs: + - '*' + - apiGroups: + - apiextensions.k8s.io + resources: + - customresourcedefinitions + verbs: + - '*' + # Old resources that need cleaning up that are not in the knative-serving + # namespace. + - apiGroups: + - "" + resources: + - services + - deployments + - horizontalpodautoscalers + resourceNames: + - knative-ingressgateway + verbs: + - delete + - apiGroups: + - "" + resources: + - configmaps + resourceNames: + - config-controller + verbs: + - delete + - apiGroups: + - "" + resources: + - serviceaccounts + resourceNames: + - knative-serving-operator + verbs: + - delete + # for contour TLS + - apiGroups: + - projectcontour.io + resources: + - httpproxies + - tlscertificatedelegations + verbs: + - get + - list + - watch + - update + - create + - delete + - deletecollection + - patch + # for security-guard + - apiGroups: + - guard.security.knative.dev + resources: + - guardians + verbs: + - get + - list + - watch + - create + - update + - patch + - delete + - apiGroups: + - "" + resources: + - configmaps + verbs: + - get + - list + - watch + - create + - update + - patch + - delete + - apiGroups: + - authentication.k8s.io + resources: + - tokenreviews + verbs: + - create + - apiGroups: + - "" + resources: + - pods + verbs: + - get +--- +kind: ClusterRole +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: knative-eventing-operator + labels: + app.kubernetes.io/version: "1.12.3" + app.kubernetes.io/name: knative-operator +rules: + - apiGroups: + - operator.knative.dev + resources: + - '*' + verbs: + - '*' + # Bootstrapping permissions. + # Roles that are explicitly bound buch which are specified by this Operator + # MUST be specified here with 'get' and 'bind'. + - apiGroups: + - rbac.authorization.k8s.io + resources: + - clusterroles + - roles + verbs: + - create + - delete + # Escalate is necessary in order to create a role using cluster role aggregation, + # and to allow the Operator to bootstrap itself into the necessary set of + # permissions, even as those continue to evolve upstream. + - escalate + - get + - list + - update + - apiGroups: + - rbac.authorization.k8s.io + resources: + - clusterrolebindings + - rolebindings + verbs: + - create + - delete + - list + - get + - update + # Permissions required for Knative controller + # infra. + - apiGroups: + - apiregistration.k8s.io + resources: + - apiservices + verbs: + - update + - apiGroups: + - "" + resources: + - services + verbs: + - create + - delete + - get + - list + - watch + - apiGroups: + - caching.internal.knative.dev + resources: + - images + verbs: + - '*' + - apiGroups: + - "" + resources: + - namespaces + verbs: + - get + - update + - watch + - apiGroups: + - '' + resources: + - events + verbs: + - create + - update + - patch + - apiGroups: + - '' + resources: + - configmaps + verbs: + - create + - delete + - get + - list + - watch + - apiGroups: + - apps + resources: + - deployments + - daemonsets + - replicasets + - statefulsets + verbs: + - create + - delete + - get + - list + - watch + - apiGroups: + - apiregistration.k8s.io + resources: + - apiservices + verbs: + - create + - delete + - get + - list + - apiGroups: + - autoscaling + resources: + - horizontalpodautoscalers + verbs: + - create + - delete + - update + - get + - list + - apiGroups: + - coordination.k8s.io + resources: + - leases + verbs: + - '*' + - apiGroups: + - apiextensions.k8s.io + resources: + - customresourcedefinitions + verbs: + - '*' + - apiGroups: + - batch + resources: + - jobs + verbs: + - create + - delete + - update + - get + - list + - watch + # Old resources that need cleaning up that are not in the knative-eventing + # namespace. + - apiGroups: + - "" + resources: + - serviceaccounts + resourceNames: + - knative-eventing-operator + verbs: + - delete + # for RabbitMQ messaging topology objects + - apiGroups: + - rabbitmq.com + resources: + - rabbitmqclusters + verbs: + - "get" + - "list" + - "watch" + - apiGroups: + - rabbitmq.com + resources: + - bindings + - queues + - exchanges + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - rabbitmq.com + resources: + - bindings/status + - queues/status + - exchanges/status + verbs: + - get + # for Kafka eventing source + - apiGroups: + - keda.sh + resources: + - scaledobjects + - scaledobjects/finalizers + - scaledobjects/status + - triggerauthentications + - triggerauthentications/status + verbs: + - get + - list + - watch + - update + - create + - delete + # Internal APIs + - apiGroups: + - "internal.kafka.eventing.knative.dev" + resources: + - "consumers" + - "consumers/status" + - "consumergroups" + - "consumergroups/status" + verbs: + - create + - get + - list + - watch + - patch + - update + - delete + - apiGroups: + - "internal.kafka.eventing.knative.dev" + resources: + - "consumers/finalizers" + - "consumergroups/finalizers" + verbs: + - update + - delete + - apiGroups: + - apps + resources: + - statefulsets/scale + verbs: + - get + - list + - watch + - update + - patch + - apiGroups: + - rbac.authorization.k8s.io + resources: + - clusterrolebindings + verbs: + - watch + - apiGroups: + - "*" + resources: + - configmaps + verbs: + - delete + - apiGroups: + - "*" + resources: + - configmaps + - services + verbs: + - get + - list + - watch + - update + - create + - delete + - apiGroups: + - "*" + resources: + - pods + verbs: + - list + - update + - get + - watch + - apiGroups: + - "*" + resources: + - pods/finalizers + verbs: + - get + - list + - create + - update + - delete + - apiGroups: + - "*" + resources: + - events + verbs: + - patch + - create + - apiGroups: + - "*" + resources: + - secrets + verbs: + - get + - list + - watch + - update + - create + - delete + - apiGroups: + - "*" + resources: + - nodes + verbs: + - get + - list + - watch + - apiGroups: + - "*" + resources: + - serviceaccounts + verbs: + - get + - list + - watch + - update + - create + - delete + - apiGroups: + - "*" + resources: + - configmaps + resourceNames: + - kafka-channel-config + verbs: + - patch + - apiGroups: + - "*" + resources: + - horizontalpodautoscalers + resourceNames: + - kafka-webhook + verbs: + - delete + - apiGroups: + - "*" + resources: + - leases + verbs: + - delete + - apiGroups: + - "*" + resources: + - poddisruptionbudgets + resourceNames: + - kafka-webhook + verbs: + - delete + - apiGroups: + - "*" + resources: + - services + verbs: + - patch + - apiGroups: + - "apps" + resources: + - deployments + verbs: + - deletecollection + # Eventing TLS + - apiGroups: + - "cert-manager.io" + resources: + - certificates + - issuers + verbs: + - create + - delete + - update + - list + - get + - watch + +--- +# Copyright 2020 The Knative Authors +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# https://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +kind: ServiceAccount +metadata: + name: knative-operator + namespace: default + labels: + app.kubernetes.io/version: "1.12.3" + app.kubernetes.io/name: knative-operator + +--- +# Copyright 2020 The Knative Authors +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# https://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# TODO: Consider restriction of non-aggregated role to knativeservings namespaces. +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: knative-serving-operator + labels: + app.kubernetes.io/version: "1.12.3" + app.kubernetes.io/name: knative-operator +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: knative-serving-operator +subjects: + - kind: ServiceAccount + name: knative-operator + namespace: default +--- +# TODO: Consider restriction of non-aggregated role to knativeeventing namespaces. +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: knative-eventing-operator + labels: + app.kubernetes.io/version: "1.12.3" + app.kubernetes.io/name: knative-operator +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: knative-eventing-operator +subjects: + - kind: ServiceAccount + name: knative-operator + namespace: default + +--- +# Copyright 2022 The Knative Authors +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# https://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + namespace: default + name: knative-operator-webhook + labels: + app.kubernetes.io/version: "1.12.3" + app.kubernetes.io/name: knative-operator +rules: + # For manipulating certs into secrets. + - apiGroups: + - "" + resources: + - "secrets" + verbs: + - "get" + - "create" + - "update" + - "list" + - "watch" + - "patch" +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: knative-operator-webhook + labels: + app.kubernetes.io/version: "1.12.3" + app.kubernetes.io/name: knative-operator +rules: + # For watching logging configuration and getting certs. + - apiGroups: + - "" + resources: + - "configmaps" + verbs: + - "get" + - "list" + - "watch" + # For manipulating certs into secrets. + - apiGroups: + - "" + resources: + - "namespaces" + verbs: + - "get" + - "create" + - "update" + - "list" + - "watch" + - "patch" + # finalizers are needed for the owner reference of the webhook + - apiGroups: + - "" + resources: + - "namespaces/finalizers" + verbs: + - "update" + # For getting our Deployment so we can decorate with ownerref. + - apiGroups: + - "apps" + resources: + - "deployments" + verbs: + - "get" + - apiGroups: + - "apps" + resources: + - "deployments/finalizers" + verbs: + - update + # For actually registering our webhook. + - apiGroups: + - "admissionregistration.k8s.io" + resources: + - "mutatingwebhookconfigurations" + - "validatingwebhookconfigurations" + verbs: &everything + - "get" + - "list" + - "create" + - "update" + - "delete" + - "patch" + - "watch" + # For leader election + - apiGroups: + - "coordination.k8s.io" + resources: + - "leases" + verbs: *everything + # Necessary for conversion webhook. These are copied from the serving + # TODO: Do we really need all these permissions? + - apiGroups: ["apiextensions.k8s.io"] + resources: ["customresourcedefinitions"] + verbs: ["get", "list", "create", "update", "delete", "patch", "watch"] + +--- +# Copyright 2020 The Knative Authors +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# https://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +kind: ServiceAccount +metadata: + name: operator-webhook + namespace: default + labels: + app.kubernetes.io/version: "1.12.3" + app.kubernetes.io/name: knative-operator + +--- +# Copyright 2022 The Knative Authors +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# https://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + namespace: default + name: operator-webhook + labels: + app.kubernetes.io/version: "1.12.3" + app.kubernetes.io/name: knative-operator +subjects: + - kind: ServiceAccount + name: operator-webhook + namespace: default +roleRef: + kind: Role + name: knative-operator-webhook + apiGroup: rbac.authorization.k8s.io +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: operator-webhook + labels: + app.kubernetes.io/version: "1.12.3" + app.kubernetes.io/name: knative-operator +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: knative-operator-webhook +subjects: + - kind: ServiceAccount + name: operator-webhook + namespace: default + +--- +# Copyright 2020 The Knative Authors +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# https://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: knative-serving-operator-aggregated + labels: + app.kubernetes.io/version: "1.12.3" + app.kubernetes.io/name: knative-operator +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: knative-serving-operator-aggregated +subjects: + - kind: ServiceAccount + name: knative-operator + namespace: default +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: knative-serving-operator-aggregated-stable + labels: + app.kubernetes.io/version: "1.12.3" + app.kubernetes.io/name: knative-operator +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: knative-serving-operator-aggregated-stable +subjects: + - kind: ServiceAccount + name: knative-operator + namespace: default +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: knative-eventing-operator-aggregated + labels: + app.kubernetes.io/version: "1.12.3" + app.kubernetes.io/name: knative-operator +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: knative-eventing-operator-aggregated +subjects: + - kind: ServiceAccount + name: knative-operator + namespace: default +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: knative-eventing-operator-aggregated-stable + labels: + app.kubernetes.io/version: "1.12.3" + app.kubernetes.io/name: knative-operator +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: knative-eventing-operator-aggregated-stable +subjects: + - kind: ServiceAccount + name: knative-operator + namespace: default + +--- +# Copyright 2019 The Knative Authors +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# https://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +kind: ConfigMap +metadata: + name: config-logging + namespace: default + labels: + app.kubernetes.io/version: "1.12.3" + app.kubernetes.io/name: knative-operator +data: + _example: | + ################################ + # # + # EXAMPLE CONFIGURATION # + # # + ################################ + + # This block is not actually functional configuration, + # but serves to illustrate the available configuration + # options and document them in a way that is accessible + # to users that `kubectl edit` this config map. + # + # These sample configuration options may be copied out of + # this example block and unindented to be in the data block + # to actually change the configuration. + + # Common configuration for all Knative codebase + zap-logger-config: | + { + "level": "info", + "development": false, + "outputPaths": ["stdout"], + "errorOutputPaths": ["stderr"], + "encoding": "json", + "encoderConfig": { + "timeKey": "ts", + "levelKey": "level", + "nameKey": "logger", + "callerKey": "caller", + "messageKey": "msg", + "stacktraceKey": "stacktrace", + "lineEnding": "", + "levelEncoder": "", + "timeEncoder": "iso8601", + "durationEncoder": "", + "callerEncoder": "" + } + } + +--- +# Copyright 2019 The Knative Authors +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# https://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +kind: ConfigMap +metadata: + name: config-observability + namespace: default + labels: + app.kubernetes.io/version: "1.12.3" + app.kubernetes.io/name: knative-operator +data: + _example: | + ################################ + # # + # EXAMPLE CONFIGURATION # + # # + ################################ + + # This block is not actually functional configuration, + # but serves to illustrate the available configuration + # options and document them in a way that is accessible + # to users that `kubectl edit` this config map. + # + # These sample configuration options may be copied out of + # this example block and unindented to be in the data block + # to actually change the configuration. + + # logging.enable-var-log-collection defaults to false. + # The fluentd daemon set will be set up to collect /var/log if + # this flag is true. + logging.enable-var-log-collection: false + + # logging.revision-url-template provides a template to use for producing the + # logging URL that is injected into the status of each Revision. + # This value is what you might use the the Knative monitoring bundle, and provides + # access to Kibana after setting up kubectl proxy. + logging.revision-url-template: | + http://localhost:8001/api/v1/namespaces/knative-monitoring/services/kibana-logging/proxy/app/kibana#/discover?_a=(query:(match:(kubernetes.labels.serving-knative-dev%2FrevisionUID:(query:'${REVISION_UID}',type:phrase)))) + + # metrics.backend-destination field specifies the system metrics destination. + # It supports either prometheus (the default) or stackdriver. + # Note: Using stackdriver will incur additional charges + metrics.backend-destination: prometheus + + # metrics.request-metrics-backend-destination specifies the request metrics + # destination. If non-empty, it enables queue proxy to send request metrics. + # Currently supported values: prometheus, stackdriver. + metrics.request-metrics-backend-destination: prometheus + + # metrics.stackdriver-project-id field specifies the stackdriver project ID. This + # field is optional. When running on GCE, application default credentials will be + # used if this field is not provided. + metrics.stackdriver-project-id: "" + + # metrics.allow-stackdriver-custom-metrics indicates whether it is allowed to send metrics to + # Stackdriver using "global" resource type and custom metric type if the + # metrics are not supported by "knative_revision" resource type. Setting this + # flag to "true" could cause extra Stackdriver charge. + # If metrics.backend-destination is not Stackdriver, this is ignored. + metrics.allow-stackdriver-custom-metrics: "false" + +--- +# Copyright 2020 The Knative Authors +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# https://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: apps/v1 +kind: Deployment +metadata: + name: knative-operator + namespace: default + labels: + app.kubernetes.io/name: knative-operator + app.kubernetes.io/version: "1.12.3" +spec: + replicas: 1 + selector: + matchLabels: + name: knative-operator + template: + metadata: + annotations: + sidecar.istio.io/inject: "false" + labels: + name: knative-operator + app.kubernetes.io/name: knative-operator + app.kubernetes.io/version: "1.12.3" + spec: + serviceAccountName: knative-operator + containers: + - name: knative-operator + image: gcr.io/knative-releases/knative.dev/operator/cmd/operator@sha256:dc94c4bbf8756d7c13d0068fa4286422771526969cbefbc7da0c3eac3d0a7819 + imagePullPolicy: IfNotPresent + env: + - name: POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + - name: SYSTEM_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: METRICS_DOMAIN + value: knative.dev/operator + - name: CONFIG_LOGGING_NAME + value: config-logging + - name: CONFIG_OBSERVABILITY_NAME + value: config-observability + - name: KUBERNETES_MIN_VERSION + value: "" + ports: + - name: metrics + containerPort: 9090 + +--- From c05451ff6d684586d355da4f5488164cdb6d78fb Mon Sep 17 00:00:00 2001 From: Wendi Fu <36181202+Kennn98@users.noreply.github.com> Date: Sun, 17 Mar 2024 13:41:02 -0700 Subject: [PATCH 36/38] Upload the porting configuration for cass-operator (#360) --- data/k8ssandra_cass-operator/context.json | 9280 ++++++++++++ .../k8ssandra_cert-manager.yaml | 5591 ++++++++ .../k8ssandra_cass-operator/k8ssandra_cr.yaml | 11856 ++++++++++++++++ .../k8ssandra_seed_cr.yaml | 28 + .../k8sssandra_config.json | 31 + 5 files changed, 26786 insertions(+) create mode 100644 data/k8ssandra_cass-operator/context.json create mode 100644 data/k8ssandra_cass-operator/k8ssandra_cert-manager.yaml create mode 100644 data/k8ssandra_cass-operator/k8ssandra_cr.yaml create mode 100644 data/k8ssandra_cass-operator/k8ssandra_seed_cr.yaml create mode 100644 data/k8ssandra_cass-operator/k8sssandra_config.json diff --git a/data/k8ssandra_cass-operator/context.json b/data/k8ssandra_cass-operator/context.json new file mode 100644 index 0000000000..5b8a09a429 --- /dev/null +++ b/data/k8ssandra_cass-operator/context.json @@ -0,0 +1,9280 @@ +{ + "crd": { + "body": { + "apiVersion": "apiextensions.k8s.io/v1", + "kind": "CustomResourceDefinition", + "metadata": { + "annotations": { + "controller-gen.kubebuilder.io/version": "v0.12.0" + }, + "creationTimestamp": "2024-03-11T06:38:31Z", + "generation": 1, + "name": "cassandradatacenters.cassandra.datastax.com", + "resourceVersion": "807", + "uid": "f6aa09d1-d070-4328-a6fc-f7851a9f885b" + }, + "spec": { + "conversion": { + "strategy": "None" + }, + "group": "cassandra.datastax.com", + "names": { + "kind": "CassandraDatacenter", + "listKind": "CassandraDatacenterList", + "plural": "cassandradatacenters", + "shortNames": [ + "cassdc", + "cassdcs" + ], + "singular": "cassandradatacenter" + }, + "scope": "Namespaced", + "versions": [ + { + "name": "v1beta1", + "schema": { + "openAPIV3Schema": { + "description": "CassandraDatacenter is the Schema for the cassandradatacenters API", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", + "type": "string" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "type": "object" + }, + "spec": { + "description": "CassandraDatacenterSpec defines the desired state of a CassandraDatacenter", + "properties": { + "additionalAnnotations": { + "additionalProperties": { + "type": "string" + }, + "description": "Additional Annotations allows to define additional labels that will be included in all objects created by the operator. Note, user can override values set by default from the cass-operator and doing so could break cass-operator functionality.", + "type": "object" + }, + "additionalLabels": { + "additionalProperties": { + "type": "string" + }, + "description": "Additional Labels allows to define additional labels that will be included in all objects created by the operator. Note, user can override values set by default from the cass-operator and doing so could break cass-operator functionality.", + "type": "object" + }, + "additionalSeeds": { + "items": { + "type": "string" + }, + "type": "array" + }, + "additionalServiceConfig": { + "description": "AdditionalServiceConfig allows to define additional parameters that are included in the created Services. Note, user can override values set by cass-operator and doing so could break cass-operator functionality. Avoid label \"cass-operator\" and anything that starts with \"cassandra.datastax.com/\"", + "properties": { + "additionalSeedService": { + "description": "ServiceConfigAdditions exposes additional options for each service", + "properties": { + "additionalAnnotations": { + "additionalProperties": { + "type": "string" + }, + "type": "object" + }, + "additionalLabels": { + "additionalProperties": { + "type": "string" + }, + "type": "object" + } + }, + "type": "object" + }, + "allpodsService": { + "description": "ServiceConfigAdditions exposes additional options for each service", + "properties": { + "additionalAnnotations": { + "additionalProperties": { + "type": "string" + }, + "type": "object" + }, + "additionalLabels": { + "additionalProperties": { + "type": "string" + }, + "type": "object" + } + }, + "type": "object" + }, + "dcService": { + "description": "ServiceConfigAdditions exposes additional options for each service", + "properties": { + "additionalAnnotations": { + "additionalProperties": { + "type": "string" + }, + "type": "object" + }, + "additionalLabels": { + "additionalProperties": { + "type": "string" + }, + "type": "object" + } + }, + "type": "object" + }, + "nodePortService": { + "description": "ServiceConfigAdditions exposes additional options for each service", + "properties": { + "additionalAnnotations": { + "additionalProperties": { + "type": "string" + }, + "type": "object" + }, + "additionalLabels": { + "additionalProperties": { + "type": "string" + }, + "type": "object" + } + }, + "type": "object" + }, + "seedService": { + "description": "ServiceConfigAdditions exposes additional options for each service", + "properties": { + "additionalAnnotations": { + "additionalProperties": { + "type": "string" + }, + "type": "object" + }, + "additionalLabels": { + "additionalProperties": { + "type": "string" + }, + "type": "object" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "allowMultipleNodesPerWorker": { + "description": "Turning this option on allows multiple server pods to be created on a k8s worker node, by removing the default pod anti affinity rules. By default the operator creates just one server pod per k8s worker node. Using custom affinity rules might require turning this option on in which case the defaults are not set.", + "type": "boolean" + }, + "canaryUpgrade": { + "description": "Indicates that configuration and container image changes should only be pushed to the first rack of the datacenter", + "type": "boolean" + }, + "canaryUpgradeCount": { + "description": "The number of nodes that will be updated when CanaryUpgrade is true. Note that the value is either 0 or greater than the rack size, then all nodes in the rack will get updated.", + "format": "int32", + "type": "integer" + }, + "cdc": { + "description": "CDC allows configuration of the change data capture agent which can run within the Management API container. Use it to send data to Pulsar.", + "properties": { + "cdcConcurrentProcessors": { + "type": "integer" + }, + "cdcPollIntervalM": { + "type": "integer" + }, + "cdcWorkingDir": { + "type": "string" + }, + "errorCommitLogReprocessEnabled": { + "type": "boolean" + }, + "pulsarAuthParams": { + "type": "string" + }, + "pulsarAuthPluginClassName": { + "type": "string" + }, + "pulsarBatchDelayInMs": { + "type": "integer" + }, + "pulsarKeyBasedBatcher": { + "type": "boolean" + }, + "pulsarMaxPendingMessages": { + "type": "integer" + }, + "pulsarMaxPendingMessagesAcrossPartitions": { + "type": "integer" + }, + "pulsarServiceUrl": { + "minLength": 1, + "type": "string" + }, + "sslAllowInsecureConnection": { + "type": "string" + }, + "sslCipherSuites": { + "type": "string" + }, + "sslEnabledProtocols": { + "type": "string" + }, + "sslHostnameVerificationEnable": { + "type": "string" + }, + "sslKeystorePassword": { + "type": "string" + }, + "sslKeystorePath": { + "type": "string" + }, + "sslProvider": { + "type": "string" + }, + "sslTruststorePassword": { + "type": "string" + }, + "sslTruststorePath": { + "type": "string" + }, + "sslTruststoreType": { + "type": "string" + }, + "topicPrefix": { + "type": "string" + } + }, + "required": [ + "pulsarServiceUrl" + ], + "type": "object" + }, + "clusterName": { + "description": "The name by which CQL clients and instances will know the cluster. If the same cluster name is shared by multiple Datacenters in the same Kubernetes namespace, they will join together in a multi-datacenter cluster.", + "minLength": 2, + "type": "string" + }, + "configBuilderImage": { + "description": "Container image for the config builder init container. Overrides value from ImageConfig ConfigBuilderImage", + "type": "string" + }, + "configBuilderResources": { + "description": "Kubernetes resource requests and limits per server config initialization container.", + "properties": { + "claims": { + "description": "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers.", + "items": { + "description": "ResourceClaim references one entry in PodSpec.ResourceClaims.", + "properties": { + "name": { + "description": "Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container.", + "type": "string" + } + }, + "required": [ + "name" + ], + "type": "object" + }, + "type": "array", + "x-kubernetes-list-map-keys": [ + "name" + ], + "x-kubernetes-list-type": "map" + }, + "limits": { + "additionalProperties": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "description": "Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/", + "type": "object" + }, + "requests": { + "additionalProperties": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "description": "Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/", + "type": "object" + } + }, + "type": "object" + }, + "configSecret": { + "description": "ConfigSecret is the name of a secret that contains configuration for Cassandra. The secret is expected to have a property named config whose value should be a JSON formatted string that should look like this: \n config: |- { \"cassandra-yaml\": { \"read_request_timeout_in_ms\": 10000 }, \"jmv-options\": { \"max_heap_size\": 1024M } } \n ConfigSecret is mutually exclusive with Config. ConfigSecret takes precedence and will be used exclusively if both properties are set. The operator sets a watch such that an update to the secret will trigger an update of the StatefulSets.", + "type": "string" + }, + "datacenterName": { + "description": "DatacenterName allows to override the name of the Cassandra datacenter. Kubernetes objects will be named after a sanitized version of it if set, and if not metadata.name. In Cassandra the DC name will be overridden by this value. It may generate some confusion as objects created for the DC will have a different name than the CasandraDatacenter object itself. This setting can create conflicts if multiple DCs coexist in the same namespace if metadata.name for a DC with no override is set to the same value as the override name of another DC. Use cautiously.", + "type": "string" + }, + "disableSystemLoggerSidecar": { + "description": "Configuration for disabling the simple log tailing sidecar container. Our default is to have it enabled.", + "type": "boolean" + }, + "dockerImageRunsAsCassandra": { + "description": "DEPRECATED This setting does nothing and defaults to true. Use SecurityContext instead.", + "type": "boolean" + }, + "dseWorkloads": { + "properties": { + "analyticsEnabled": { + "type": "boolean" + }, + "graphEnabled": { + "type": "boolean" + }, + "searchEnabled": { + "type": "boolean" + } + }, + "type": "object" + }, + "forceUpgradeRacks": { + "description": "Rack names in this list are set to the latest StatefulSet configuration even if Cassandra nodes are down. Use this to recover from an upgrade that couldn't roll out.", + "items": { + "type": "string" + }, + "type": "array" + }, + "managementApiAuth": { + "description": "Config for the Management API certificates", + "properties": { + "insecure": { + "type": "object" + }, + "manual": { + "properties": { + "clientSecretName": { + "type": "string" + }, + "serverSecretName": { + "type": "string" + }, + "skipSecretValidation": { + "type": "boolean" + } + }, + "required": [ + "clientSecretName", + "serverSecretName" + ], + "type": "object" + } + }, + "type": "object" + }, + "networking": { + "properties": { + "hostNetwork": { + "type": "boolean" + }, + "nodePort": { + "properties": { + "internode": { + "type": "integer" + }, + "internodeSSL": { + "type": "integer" + }, + "native": { + "type": "integer" + }, + "nativeSSL": { + "type": "integer" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "nodeAffinityLabels": { + "additionalProperties": { + "type": "string" + }, + "description": "NodeAffinityLabels to pin the Datacenter, using node affinity", + "type": "object" + }, + "nodeSelector": { + "additionalProperties": { + "type": "string" + }, + "description": "A map of label keys and values to restrict Cassandra node scheduling to k8s workers with matchiing labels. More info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#nodeselector", + "type": "object" + }, + "podTemplateSpec": { + "description": "PodTemplate provides customisation options (labels, annotations, affinity rules, resource requests, and so on) for the cassandra pods", + "properties": { + "metadata": { + "description": "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata", + "properties": { + "annotations": { + "additionalProperties": { + "type": "string" + }, + "type": "object" + }, + "finalizers": { + "items": { + "type": "string" + }, + "type": "array" + }, + "labels": { + "additionalProperties": { + "type": "string" + }, + "type": "object" + }, + "name": { + "type": "string" + }, + "namespace": { + "type": "string" + } + }, + "type": "object" + }, + "spec": { + "description": "Specification of the desired behavior of the pod. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status", + "properties": { + "activeDeadlineSeconds": { + "description": "Optional duration in seconds the pod may be active on the node relative to StartTime before the system will actively try to mark it failed and kill associated containers. Value must be a positive integer.", + "format": "int64", + "type": "integer" + }, + "affinity": { + "description": "If specified, the pod's scheduling constraints", + "properties": { + "nodeAffinity": { + "description": "Describes node affinity scheduling rules for the pod.", + "properties": { + "preferredDuringSchedulingIgnoredDuringExecution": { + "description": "The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding \"weight\" to the sum if the node matches the corresponding matchExpressions; the node(s) with the highest sum are the most preferred.", + "items": { + "description": "An empty preferred scheduling term matches all objects with implicit weight 0 (i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op).", + "properties": { + "preference": { + "description": "A node selector term, associated with the corresponding weight.", + "properties": { + "matchExpressions": { + "description": "A list of node selector requirements by node's labels.", + "items": { + "description": "A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values.", + "properties": { + "key": { + "description": "The label key that the selector applies to.", + "type": "string" + }, + "operator": { + "description": "Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.", + "type": "string" + }, + "values": { + "description": "An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array" + }, + "matchFields": { + "description": "A list of node selector requirements by node's fields.", + "items": { + "description": "A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values.", + "properties": { + "key": { + "description": "The label key that the selector applies to.", + "type": "string" + }, + "operator": { + "description": "Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.", + "type": "string" + }, + "values": { + "description": "An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "weight": { + "description": "Weight associated with matching the corresponding nodeSelectorTerm, in the range 1-100.", + "format": "int32", + "type": "integer" + } + }, + "required": [ + "preference", + "weight" + ], + "type": "object" + }, + "type": "array" + }, + "requiredDuringSchedulingIgnoredDuringExecution": { + "description": "If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to an update), the system may or may not try to eventually evict the pod from its node.", + "properties": { + "nodeSelectorTerms": { + "description": "Required. A list of node selector terms. The terms are ORed.", + "items": { + "description": "A null or empty node selector term matches no objects. The requirements of them are ANDed. The TopologySelectorTerm type implements a subset of the NodeSelectorTerm.", + "properties": { + "matchExpressions": { + "description": "A list of node selector requirements by node's labels.", + "items": { + "description": "A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values.", + "properties": { + "key": { + "description": "The label key that the selector applies to.", + "type": "string" + }, + "operator": { + "description": "Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.", + "type": "string" + }, + "values": { + "description": "An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array" + }, + "matchFields": { + "description": "A list of node selector requirements by node's fields.", + "items": { + "description": "A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values.", + "properties": { + "key": { + "description": "The label key that the selector applies to.", + "type": "string" + }, + "operator": { + "description": "Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.", + "type": "string" + }, + "values": { + "description": "An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "type": "array" + } + }, + "required": [ + "nodeSelectorTerms" + ], + "type": "object", + "x-kubernetes-map-type": "atomic" + } + }, + "type": "object" + }, + "podAffinity": { + "description": "Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s)).", + "properties": { + "preferredDuringSchedulingIgnoredDuringExecution": { + "description": "The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding \"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred.", + "items": { + "description": "The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s)", + "properties": { + "podAffinityTerm": { + "description": "Required. A pod affinity term, associated with the corresponding weight.", + "properties": { + "labelSelector": { + "description": "A label query over a set of resources, in this case pods.", + "properties": { + "matchExpressions": { + "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", + "items": { + "description": "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.", + "properties": { + "key": { + "description": "key is the label key that the selector applies to.", + "type": "string" + }, + "operator": { + "description": "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.", + "type": "string" + }, + "values": { + "description": "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array" + }, + "matchLabels": { + "additionalProperties": { + "type": "string" + }, + "description": "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", + "type": "object" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "namespaceSelector": { + "description": "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means \"this pod's namespace\". An empty selector ({}) matches all namespaces.", + "properties": { + "matchExpressions": { + "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", + "items": { + "description": "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.", + "properties": { + "key": { + "description": "key is the label key that the selector applies to.", + "type": "string" + }, + "operator": { + "description": "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.", + "type": "string" + }, + "values": { + "description": "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array" + }, + "matchLabels": { + "additionalProperties": { + "type": "string" + }, + "description": "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", + "type": "object" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "namespaces": { + "description": "namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means \"this pod's namespace\".", + "items": { + "type": "string" + }, + "type": "array" + }, + "topologyKey": { + "description": "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed.", + "type": "string" + } + }, + "required": [ + "topologyKey" + ], + "type": "object" + }, + "weight": { + "description": "weight associated with matching the corresponding podAffinityTerm, in the range 1-100.", + "format": "int32", + "type": "integer" + } + }, + "required": [ + "podAffinityTerm", + "weight" + ], + "type": "object" + }, + "type": "array" + }, + "requiredDuringSchedulingIgnoredDuringExecution": { + "description": "If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied.", + "items": { + "description": "Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running", + "properties": { + "labelSelector": { + "description": "A label query over a set of resources, in this case pods.", + "properties": { + "matchExpressions": { + "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", + "items": { + "description": "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.", + "properties": { + "key": { + "description": "key is the label key that the selector applies to.", + "type": "string" + }, + "operator": { + "description": "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.", + "type": "string" + }, + "values": { + "description": "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array" + }, + "matchLabels": { + "additionalProperties": { + "type": "string" + }, + "description": "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", + "type": "object" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "namespaceSelector": { + "description": "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means \"this pod's namespace\". An empty selector ({}) matches all namespaces.", + "properties": { + "matchExpressions": { + "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", + "items": { + "description": "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.", + "properties": { + "key": { + "description": "key is the label key that the selector applies to.", + "type": "string" + }, + "operator": { + "description": "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.", + "type": "string" + }, + "values": { + "description": "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array" + }, + "matchLabels": { + "additionalProperties": { + "type": "string" + }, + "description": "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", + "type": "object" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "namespaces": { + "description": "namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means \"this pod's namespace\".", + "items": { + "type": "string" + }, + "type": "array" + }, + "topologyKey": { + "description": "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed.", + "type": "string" + } + }, + "required": [ + "topologyKey" + ], + "type": "object" + }, + "type": "array" + } + }, + "type": "object" + }, + "podAntiAffinity": { + "description": "Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s)).", + "properties": { + "preferredDuringSchedulingIgnoredDuringExecution": { + "description": "The scheduler will prefer to schedule pods to nodes that satisfy the anti-affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling anti-affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding \"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred.", + "items": { + "description": "The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s)", + "properties": { + "podAffinityTerm": { + "description": "Required. A pod affinity term, associated with the corresponding weight.", + "properties": { + "labelSelector": { + "description": "A label query over a set of resources, in this case pods.", + "properties": { + "matchExpressions": { + "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", + "items": { + "description": "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.", + "properties": { + "key": { + "description": "key is the label key that the selector applies to.", + "type": "string" + }, + "operator": { + "description": "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.", + "type": "string" + }, + "values": { + "description": "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array" + }, + "matchLabels": { + "additionalProperties": { + "type": "string" + }, + "description": "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", + "type": "object" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "namespaceSelector": { + "description": "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means \"this pod's namespace\". An empty selector ({}) matches all namespaces.", + "properties": { + "matchExpressions": { + "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", + "items": { + "description": "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.", + "properties": { + "key": { + "description": "key is the label key that the selector applies to.", + "type": "string" + }, + "operator": { + "description": "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.", + "type": "string" + }, + "values": { + "description": "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array" + }, + "matchLabels": { + "additionalProperties": { + "type": "string" + }, + "description": "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", + "type": "object" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "namespaces": { + "description": "namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means \"this pod's namespace\".", + "items": { + "type": "string" + }, + "type": "array" + }, + "topologyKey": { + "description": "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed.", + "type": "string" + } + }, + "required": [ + "topologyKey" + ], + "type": "object" + }, + "weight": { + "description": "weight associated with matching the corresponding podAffinityTerm, in the range 1-100.", + "format": "int32", + "type": "integer" + } + }, + "required": [ + "podAffinityTerm", + "weight" + ], + "type": "object" + }, + "type": "array" + }, + "requiredDuringSchedulingIgnoredDuringExecution": { + "description": "If the anti-affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the anti-affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied.", + "items": { + "description": "Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running", + "properties": { + "labelSelector": { + "description": "A label query over a set of resources, in this case pods.", + "properties": { + "matchExpressions": { + "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", + "items": { + "description": "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.", + "properties": { + "key": { + "description": "key is the label key that the selector applies to.", + "type": "string" + }, + "operator": { + "description": "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.", + "type": "string" + }, + "values": { + "description": "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array" + }, + "matchLabels": { + "additionalProperties": { + "type": "string" + }, + "description": "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", + "type": "object" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "namespaceSelector": { + "description": "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means \"this pod's namespace\". An empty selector ({}) matches all namespaces.", + "properties": { + "matchExpressions": { + "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", + "items": { + "description": "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.", + "properties": { + "key": { + "description": "key is the label key that the selector applies to.", + "type": "string" + }, + "operator": { + "description": "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.", + "type": "string" + }, + "values": { + "description": "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array" + }, + "matchLabels": { + "additionalProperties": { + "type": "string" + }, + "description": "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", + "type": "object" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "namespaces": { + "description": "namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means \"this pod's namespace\".", + "items": { + "type": "string" + }, + "type": "array" + }, + "topologyKey": { + "description": "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed.", + "type": "string" + } + }, + "required": [ + "topologyKey" + ], + "type": "object" + }, + "type": "array" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "automountServiceAccountToken": { + "description": "AutomountServiceAccountToken indicates whether a service account token should be automatically mounted.", + "type": "boolean" + }, + "containers": { + "description": "List of containers belonging to the pod. Containers cannot currently be added or removed. There must be at least one container in a Pod. Cannot be updated.", + "items": { + "description": "A single application container that you want to run within a pod.", + "properties": { + "args": { + "description": "Arguments to the entrypoint. The container image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell", + "items": { + "type": "string" + }, + "type": "array" + }, + "command": { + "description": "Entrypoint array. Not executed within a shell. The container image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell", + "items": { + "type": "string" + }, + "type": "array" + }, + "env": { + "description": "List of environment variables to set in the container. Cannot be updated.", + "items": { + "description": "EnvVar represents an environment variable present in a Container.", + "properties": { + "name": { + "description": "Name of the environment variable. Must be a C_IDENTIFIER.", + "type": "string" + }, + "value": { + "description": "Variable references $(VAR_NAME) are expanded using the previously defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to \"\".", + "type": "string" + }, + "valueFrom": { + "description": "Source for the environment variable's value. Cannot be used if value is not empty.", + "properties": { + "configMapKeyRef": { + "description": "Selects a key of a ConfigMap.", + "properties": { + "key": { + "description": "The key to select.", + "type": "string" + }, + "name": { + "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?", + "type": "string" + }, + "optional": { + "description": "Specify whether the ConfigMap or its key must be defined", + "type": "boolean" + } + }, + "required": [ + "key" + ], + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "fieldRef": { + "description": "Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs.", + "properties": { + "apiVersion": { + "description": "Version of the schema the FieldPath is written in terms of, defaults to \"v1\".", + "type": "string" + }, + "fieldPath": { + "description": "Path of the field to select in the specified API version.", + "type": "string" + } + }, + "required": [ + "fieldPath" + ], + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "resourceFieldRef": { + "description": "Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported.", + "properties": { + "containerName": { + "description": "Container name: required for volumes, optional for env vars", + "type": "string" + }, + "divisor": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "description": "Specifies the output format of the exposed resources, defaults to \"1\"", + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "resource": { + "description": "Required: resource to select", + "type": "string" + } + }, + "required": [ + "resource" + ], + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "secretKeyRef": { + "description": "Selects a key of a secret in the pod's namespace", + "properties": { + "key": { + "description": "The key of the secret to select from. Must be a valid secret key.", + "type": "string" + }, + "name": { + "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?", + "type": "string" + }, + "optional": { + "description": "Specify whether the Secret or its key must be defined", + "type": "boolean" + } + }, + "required": [ + "key" + ], + "type": "object", + "x-kubernetes-map-type": "atomic" + } + }, + "type": "object" + } + }, + "required": [ + "name" + ], + "type": "object" + }, + "type": "array" + }, + "envFrom": { + "description": "List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated.", + "items": { + "description": "EnvFromSource represents the source of a set of ConfigMaps", + "properties": { + "configMapRef": { + "description": "The ConfigMap to select from", + "properties": { + "name": { + "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?", + "type": "string" + }, + "optional": { + "description": "Specify whether the ConfigMap must be defined", + "type": "boolean" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "prefix": { + "description": "An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER.", + "type": "string" + }, + "secretRef": { + "description": "The Secret to select from", + "properties": { + "name": { + "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?", + "type": "string" + }, + "optional": { + "description": "Specify whether the Secret must be defined", + "type": "boolean" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + } + }, + "type": "object" + }, + "type": "array" + }, + "image": { + "description": "Container image name. More info: https://kubernetes.io/docs/concepts/containers/images This field is optional to allow higher level config management to default or override container images in workload controllers like Deployments and StatefulSets.", + "type": "string" + }, + "imagePullPolicy": { + "description": "Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images", + "type": "string" + }, + "lifecycle": { + "description": "Actions that the management system should take in response to container lifecycle events. Cannot be updated.", + "properties": { + "postStart": { + "description": "PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks", + "properties": { + "exec": { + "description": "Exec specifies the action to take.", + "properties": { + "command": { + "description": "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + }, + "httpGet": { + "description": "HTTPGet specifies the http request to perform.", + "properties": { + "host": { + "description": "Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead.", + "type": "string" + }, + "httpHeaders": { + "description": "Custom headers to set in the request. HTTP allows repeated headers.", + "items": { + "description": "HTTPHeader describes a custom header to be used in HTTP probes", + "properties": { + "name": { + "description": "The header field name", + "type": "string" + }, + "value": { + "description": "The header field value", + "type": "string" + } + }, + "required": [ + "name", + "value" + ], + "type": "object" + }, + "type": "array" + }, + "path": { + "description": "Path to access on the HTTP server.", + "type": "string" + }, + "port": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "description": "Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.", + "x-kubernetes-int-or-string": true + }, + "scheme": { + "description": "Scheme to use for connecting to the host. Defaults to HTTP.", + "type": "string" + } + }, + "required": [ + "port" + ], + "type": "object" + }, + "tcpSocket": { + "description": "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified.", + "properties": { + "host": { + "description": "Optional: Host name to connect to, defaults to the pod IP.", + "type": "string" + }, + "port": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "description": "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.", + "x-kubernetes-int-or-string": true + } + }, + "required": [ + "port" + ], + "type": "object" + } + }, + "type": "object" + }, + "preStop": { + "description": "PreStop is called immediately before a container is terminated due to an API request or management event such as liveness/startup probe failure, preemption, resource contention, etc. The handler is not called if the container crashes or exits. The Pod's termination grace period countdown begins before the PreStop hook is executed. Regardless of the outcome of the handler, the container will eventually terminate within the Pod's termination grace period (unless delayed by finalizers). Other management of the container blocks until the hook completes or until the termination grace period is reached. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks", + "properties": { + "exec": { + "description": "Exec specifies the action to take.", + "properties": { + "command": { + "description": "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + }, + "httpGet": { + "description": "HTTPGet specifies the http request to perform.", + "properties": { + "host": { + "description": "Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead.", + "type": "string" + }, + "httpHeaders": { + "description": "Custom headers to set in the request. HTTP allows repeated headers.", + "items": { + "description": "HTTPHeader describes a custom header to be used in HTTP probes", + "properties": { + "name": { + "description": "The header field name", + "type": "string" + }, + "value": { + "description": "The header field value", + "type": "string" + } + }, + "required": [ + "name", + "value" + ], + "type": "object" + }, + "type": "array" + }, + "path": { + "description": "Path to access on the HTTP server.", + "type": "string" + }, + "port": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "description": "Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.", + "x-kubernetes-int-or-string": true + }, + "scheme": { + "description": "Scheme to use for connecting to the host. Defaults to HTTP.", + "type": "string" + } + }, + "required": [ + "port" + ], + "type": "object" + }, + "tcpSocket": { + "description": "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified.", + "properties": { + "host": { + "description": "Optional: Host name to connect to, defaults to the pod IP.", + "type": "string" + }, + "port": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "description": "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.", + "x-kubernetes-int-or-string": true + } + }, + "required": [ + "port" + ], + "type": "object" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "livenessProbe": { + "description": "Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes", + "properties": { + "exec": { + "description": "Exec specifies the action to take.", + "properties": { + "command": { + "description": "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + }, + "failureThreshold": { + "description": "Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.", + "format": "int32", + "type": "integer" + }, + "grpc": { + "description": "GRPC specifies an action involving a GRPC port. This is a beta field and requires enabling GRPCContainerProbe feature gate.", + "properties": { + "port": { + "description": "Port number of the gRPC service. Number must be in the range 1 to 65535.", + "format": "int32", + "type": "integer" + }, + "service": { + "description": "Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). \n If this is not specified, the default behavior is defined by gRPC.", + "type": "string" + } + }, + "required": [ + "port" + ], + "type": "object" + }, + "httpGet": { + "description": "HTTPGet specifies the http request to perform.", + "properties": { + "host": { + "description": "Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead.", + "type": "string" + }, + "httpHeaders": { + "description": "Custom headers to set in the request. HTTP allows repeated headers.", + "items": { + "description": "HTTPHeader describes a custom header to be used in HTTP probes", + "properties": { + "name": { + "description": "The header field name", + "type": "string" + }, + "value": { + "description": "The header field value", + "type": "string" + } + }, + "required": [ + "name", + "value" + ], + "type": "object" + }, + "type": "array" + }, + "path": { + "description": "Path to access on the HTTP server.", + "type": "string" + }, + "port": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "description": "Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.", + "x-kubernetes-int-or-string": true + }, + "scheme": { + "description": "Scheme to use for connecting to the host. Defaults to HTTP.", + "type": "string" + } + }, + "required": [ + "port" + ], + "type": "object" + }, + "initialDelaySeconds": { + "description": "Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes", + "format": "int32", + "type": "integer" + }, + "periodSeconds": { + "description": "How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1.", + "format": "int32", + "type": "integer" + }, + "successThreshold": { + "description": "Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1.", + "format": "int32", + "type": "integer" + }, + "tcpSocket": { + "description": "TCPSocket specifies an action involving a TCP port.", + "properties": { + "host": { + "description": "Optional: Host name to connect to, defaults to the pod IP.", + "type": "string" + }, + "port": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "description": "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.", + "x-kubernetes-int-or-string": true + } + }, + "required": [ + "port" + ], + "type": "object" + }, + "terminationGracePeriodSeconds": { + "description": "Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset.", + "format": "int64", + "type": "integer" + }, + "timeoutSeconds": { + "description": "Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes", + "format": "int32", + "type": "integer" + } + }, + "type": "object" + }, + "name": { + "description": "Name of the container specified as a DNS_LABEL. Each container in a pod must have a unique name (DNS_LABEL). Cannot be updated.", + "type": "string" + }, + "ports": { + "description": "List of ports to expose from the container. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default \"0.0.0.0\" address inside a container will be accessible from the network. Modifying this array with strategic merge patch may corrupt the data. For more information See https://github.com/kubernetes/kubernetes/issues/108255. Cannot be updated.", + "items": { + "description": "ContainerPort represents a network port in a single container.", + "properties": { + "containerPort": { + "description": "Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536.", + "format": "int32", + "type": "integer" + }, + "hostIP": { + "description": "What host IP to bind the external port to.", + "type": "string" + }, + "hostPort": { + "description": "Number of port to expose on the host. If specified, this must be a valid port number, 0 < x < 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this.", + "format": "int32", + "type": "integer" + }, + "name": { + "description": "If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services.", + "type": "string" + }, + "protocol": { + "default": "TCP", + "description": "Protocol for port. Must be UDP, TCP, or SCTP. Defaults to \"TCP\".", + "type": "string" + } + }, + "required": [ + "containerPort" + ], + "type": "object" + }, + "type": "array" + }, + "readinessProbe": { + "description": "Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes", + "properties": { + "exec": { + "description": "Exec specifies the action to take.", + "properties": { + "command": { + "description": "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + }, + "failureThreshold": { + "description": "Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.", + "format": "int32", + "type": "integer" + }, + "grpc": { + "description": "GRPC specifies an action involving a GRPC port. This is a beta field and requires enabling GRPCContainerProbe feature gate.", + "properties": { + "port": { + "description": "Port number of the gRPC service. Number must be in the range 1 to 65535.", + "format": "int32", + "type": "integer" + }, + "service": { + "description": "Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). \n If this is not specified, the default behavior is defined by gRPC.", + "type": "string" + } + }, + "required": [ + "port" + ], + "type": "object" + }, + "httpGet": { + "description": "HTTPGet specifies the http request to perform.", + "properties": { + "host": { + "description": "Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead.", + "type": "string" + }, + "httpHeaders": { + "description": "Custom headers to set in the request. HTTP allows repeated headers.", + "items": { + "description": "HTTPHeader describes a custom header to be used in HTTP probes", + "properties": { + "name": { + "description": "The header field name", + "type": "string" + }, + "value": { + "description": "The header field value", + "type": "string" + } + }, + "required": [ + "name", + "value" + ], + "type": "object" + }, + "type": "array" + }, + "path": { + "description": "Path to access on the HTTP server.", + "type": "string" + }, + "port": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "description": "Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.", + "x-kubernetes-int-or-string": true + }, + "scheme": { + "description": "Scheme to use for connecting to the host. Defaults to HTTP.", + "type": "string" + } + }, + "required": [ + "port" + ], + "type": "object" + }, + "initialDelaySeconds": { + "description": "Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes", + "format": "int32", + "type": "integer" + }, + "periodSeconds": { + "description": "How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1.", + "format": "int32", + "type": "integer" + }, + "successThreshold": { + "description": "Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1.", + "format": "int32", + "type": "integer" + }, + "tcpSocket": { + "description": "TCPSocket specifies an action involving a TCP port.", + "properties": { + "host": { + "description": "Optional: Host name to connect to, defaults to the pod IP.", + "type": "string" + }, + "port": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "description": "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.", + "x-kubernetes-int-or-string": true + } + }, + "required": [ + "port" + ], + "type": "object" + }, + "terminationGracePeriodSeconds": { + "description": "Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset.", + "format": "int64", + "type": "integer" + }, + "timeoutSeconds": { + "description": "Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes", + "format": "int32", + "type": "integer" + } + }, + "type": "object" + }, + "resources": { + "description": "Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/", + "properties": { + "claims": { + "description": "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers.", + "items": { + "description": "ResourceClaim references one entry in PodSpec.ResourceClaims.", + "properties": { + "name": { + "description": "Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container.", + "type": "string" + } + }, + "required": [ + "name" + ], + "type": "object" + }, + "type": "array", + "x-kubernetes-list-map-keys": [ + "name" + ], + "x-kubernetes-list-type": "map" + }, + "limits": { + "additionalProperties": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "description": "Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/", + "type": "object" + }, + "requests": { + "additionalProperties": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "description": "Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/", + "type": "object" + } + }, + "type": "object" + }, + "securityContext": { + "description": "SecurityContext defines the security options the container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/", + "properties": { + "allowPrivilegeEscalation": { + "description": "AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN Note that this field cannot be set when spec.os.name is windows.", + "type": "boolean" + }, + "capabilities": { + "description": "The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. Note that this field cannot be set when spec.os.name is windows.", + "properties": { + "add": { + "description": "Added capabilities", + "items": { + "description": "Capability represent POSIX capabilities type", + "type": "string" + }, + "type": "array" + }, + "drop": { + "description": "Removed capabilities", + "items": { + "description": "Capability represent POSIX capabilities type", + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + }, + "privileged": { + "description": "Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. Note that this field cannot be set when spec.os.name is windows.", + "type": "boolean" + }, + "procMount": { + "description": "procMount denotes the type of proc mount to use for the containers. The default is DefaultProcMount which uses the container runtime defaults for readonly paths and masked paths. This requires the ProcMountType feature flag to be enabled. Note that this field cannot be set when spec.os.name is windows.", + "type": "string" + }, + "readOnlyRootFilesystem": { + "description": "Whether this container has a read-only root filesystem. Default is false. Note that this field cannot be set when spec.os.name is windows.", + "type": "boolean" + }, + "runAsGroup": { + "description": "The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows.", + "format": "int64", + "type": "integer" + }, + "runAsNonRoot": { + "description": "Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.", + "type": "boolean" + }, + "runAsUser": { + "description": "The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows.", + "format": "int64", + "type": "integer" + }, + "seLinuxOptions": { + "description": "The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows.", + "properties": { + "level": { + "description": "Level is SELinux level label that applies to the container.", + "type": "string" + }, + "role": { + "description": "Role is a SELinux role label that applies to the container.", + "type": "string" + }, + "type": { + "description": "Type is a SELinux type label that applies to the container.", + "type": "string" + }, + "user": { + "description": "User is a SELinux user label that applies to the container.", + "type": "string" + } + }, + "type": "object" + }, + "seccompProfile": { + "description": "The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows.", + "properties": { + "localhostProfile": { + "description": "localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must only be set if type is \"Localhost\".", + "type": "string" + }, + "type": { + "description": "type indicates which kind of seccomp profile will be applied. Valid options are: \n Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied.", + "type": "string" + } + }, + "required": [ + "type" + ], + "type": "object" + }, + "windowsOptions": { + "description": "The Windows specific settings applied to all containers. If unspecified, the options from the PodSecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is linux.", + "properties": { + "gmsaCredentialSpec": { + "description": "GMSACredentialSpec is where the GMSA admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the GMSA credential spec named by the GMSACredentialSpecName field.", + "type": "string" + }, + "gmsaCredentialSpecName": { + "description": "GMSACredentialSpecName is the name of the GMSA credential spec to use.", + "type": "string" + }, + "hostProcess": { + "description": "HostProcess determines if a container should be run as a 'Host Process' container. This field is alpha-level and will only be honored by components that enable the WindowsHostProcessContainers feature flag. Setting this field without the feature flag will result in errors when validating the Pod. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.", + "type": "boolean" + }, + "runAsUserName": { + "description": "The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.", + "type": "string" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "startupProbe": { + "description": "StartupProbe indicates that the Pod has successfully initialized. If specified, no other probes are executed until this completes successfully. If this probe fails, the Pod will be restarted, just as if the livenessProbe failed. This can be used to provide different probe parameters at the beginning of a Pod's lifecycle, when it might take a long time to load data or warm a cache, than during steady-state operation. This cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes", + "properties": { + "exec": { + "description": "Exec specifies the action to take.", + "properties": { + "command": { + "description": "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + }, + "failureThreshold": { + "description": "Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.", + "format": "int32", + "type": "integer" + }, + "grpc": { + "description": "GRPC specifies an action involving a GRPC port. This is a beta field and requires enabling GRPCContainerProbe feature gate.", + "properties": { + "port": { + "description": "Port number of the gRPC service. Number must be in the range 1 to 65535.", + "format": "int32", + "type": "integer" + }, + "service": { + "description": "Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). \n If this is not specified, the default behavior is defined by gRPC.", + "type": "string" + } + }, + "required": [ + "port" + ], + "type": "object" + }, + "httpGet": { + "description": "HTTPGet specifies the http request to perform.", + "properties": { + "host": { + "description": "Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead.", + "type": "string" + }, + "httpHeaders": { + "description": "Custom headers to set in the request. HTTP allows repeated headers.", + "items": { + "description": "HTTPHeader describes a custom header to be used in HTTP probes", + "properties": { + "name": { + "description": "The header field name", + "type": "string" + }, + "value": { + "description": "The header field value", + "type": "string" + } + }, + "required": [ + "name", + "value" + ], + "type": "object" + }, + "type": "array" + }, + "path": { + "description": "Path to access on the HTTP server.", + "type": "string" + }, + "port": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "description": "Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.", + "x-kubernetes-int-or-string": true + }, + "scheme": { + "description": "Scheme to use for connecting to the host. Defaults to HTTP.", + "type": "string" + } + }, + "required": [ + "port" + ], + "type": "object" + }, + "initialDelaySeconds": { + "description": "Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes", + "format": "int32", + "type": "integer" + }, + "periodSeconds": { + "description": "How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1.", + "format": "int32", + "type": "integer" + }, + "successThreshold": { + "description": "Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1.", + "format": "int32", + "type": "integer" + }, + "tcpSocket": { + "description": "TCPSocket specifies an action involving a TCP port.", + "properties": { + "host": { + "description": "Optional: Host name to connect to, defaults to the pod IP.", + "type": "string" + }, + "port": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "description": "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.", + "x-kubernetes-int-or-string": true + } + }, + "required": [ + "port" + ], + "type": "object" + }, + "terminationGracePeriodSeconds": { + "description": "Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset.", + "format": "int64", + "type": "integer" + }, + "timeoutSeconds": { + "description": "Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes", + "format": "int32", + "type": "integer" + } + }, + "type": "object" + }, + "stdin": { + "description": "Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false.", + "type": "boolean" + }, + "stdinOnce": { + "description": "Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false", + "type": "boolean" + }, + "terminationMessagePath": { + "description": "Optional: Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated.", + "type": "string" + }, + "terminationMessagePolicy": { + "description": "Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated.", + "type": "string" + }, + "tty": { + "description": "Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. Default is false.", + "type": "boolean" + }, + "volumeDevices": { + "description": "volumeDevices is the list of block devices to be used by the container.", + "items": { + "description": "volumeDevice describes a mapping of a raw block device within a container.", + "properties": { + "devicePath": { + "description": "devicePath is the path inside of the container that the device will be mapped to.", + "type": "string" + }, + "name": { + "description": "name must match the name of a persistentVolumeClaim in the pod", + "type": "string" + } + }, + "required": [ + "devicePath", + "name" + ], + "type": "object" + }, + "type": "array" + }, + "volumeMounts": { + "description": "Pod volumes to mount into the container's filesystem. Cannot be updated.", + "items": { + "description": "VolumeMount describes a mounting of a Volume within a container.", + "properties": { + "mountPath": { + "description": "Path within the container at which the volume should be mounted. Must not contain ':'.", + "type": "string" + }, + "mountPropagation": { + "description": "mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationNone is used. This field is beta in 1.10.", + "type": "string" + }, + "name": { + "description": "This must match the Name of a Volume.", + "type": "string" + }, + "readOnly": { + "description": "Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false.", + "type": "boolean" + }, + "subPath": { + "description": "Path within the volume from which the container's volume should be mounted. Defaults to \"\" (volume's root).", + "type": "string" + }, + "subPathExpr": { + "description": "Expanded path within the volume from which the container's volume should be mounted. Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. Defaults to \"\" (volume's root). SubPathExpr and SubPath are mutually exclusive.", + "type": "string" + } + }, + "required": [ + "mountPath", + "name" + ], + "type": "object" + }, + "type": "array" + }, + "workingDir": { + "description": "Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated.", + "type": "string" + } + }, + "required": [ + "name" + ], + "type": "object" + }, + "type": "array" + }, + "dnsConfig": { + "description": "Specifies the DNS parameters of a pod. Parameters specified here will be merged to the generated DNS configuration based on DNSPolicy.", + "properties": { + "nameservers": { + "description": "A list of DNS name server IP addresses. This will be appended to the base nameservers generated from DNSPolicy. Duplicated nameservers will be removed.", + "items": { + "type": "string" + }, + "type": "array" + }, + "options": { + "description": "A list of DNS resolver options. This will be merged with the base options generated from DNSPolicy. Duplicated entries will be removed. Resolution options given in Options will override those that appear in the base DNSPolicy.", + "items": { + "description": "PodDNSConfigOption defines DNS resolver options of a pod.", + "properties": { + "name": { + "description": "Required.", + "type": "string" + }, + "value": { + "type": "string" + } + }, + "type": "object" + }, + "type": "array" + }, + "searches": { + "description": "A list of DNS search domains for host-name lookup. This will be appended to the base search paths generated from DNSPolicy. Duplicated search paths will be removed.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + }, + "dnsPolicy": { + "description": "Set DNS policy for the pod. Defaults to \"ClusterFirst\". Valid values are 'ClusterFirstWithHostNet', 'ClusterFirst', 'Default' or 'None'. DNS parameters given in DNSConfig will be merged with the policy selected with DNSPolicy. To have DNS options set along with hostNetwork, you have to specify DNS policy explicitly to 'ClusterFirstWithHostNet'.", + "type": "string" + }, + "enableServiceLinks": { + "description": "EnableServiceLinks indicates whether information about services should be injected into pod's environment variables, matching the syntax of Docker links. Optional: Defaults to true.", + "type": "boolean" + }, + "ephemeralContainers": { + "description": "List of ephemeral containers run in this pod. Ephemeral containers may be run in an existing pod to perform user-initiated actions such as debugging. This list cannot be specified when creating a pod, and it cannot be modified by updating the pod spec. In order to add an ephemeral container to an existing pod, use the pod's ephemeralcontainers subresource.", + "items": { + "description": "An EphemeralContainer is a temporary container that you may add to an existing Pod for user-initiated activities such as debugging. Ephemeral containers have no resource or scheduling guarantees, and they will not be restarted when they exit or when a Pod is removed or restarted. The kubelet may evict a Pod if an ephemeral container causes the Pod to exceed its resource allocation. \n To add an ephemeral container, use the ephemeralcontainers subresource of an existing Pod. Ephemeral containers may not be removed or restarted.", + "properties": { + "args": { + "description": "Arguments to the entrypoint. The image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell", + "items": { + "type": "string" + }, + "type": "array" + }, + "command": { + "description": "Entrypoint array. Not executed within a shell. The image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell", + "items": { + "type": "string" + }, + "type": "array" + }, + "env": { + "description": "List of environment variables to set in the container. Cannot be updated.", + "items": { + "description": "EnvVar represents an environment variable present in a Container.", + "properties": { + "name": { + "description": "Name of the environment variable. Must be a C_IDENTIFIER.", + "type": "string" + }, + "value": { + "description": "Variable references $(VAR_NAME) are expanded using the previously defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to \"\".", + "type": "string" + }, + "valueFrom": { + "description": "Source for the environment variable's value. Cannot be used if value is not empty.", + "properties": { + "configMapKeyRef": { + "description": "Selects a key of a ConfigMap.", + "properties": { + "key": { + "description": "The key to select.", + "type": "string" + }, + "name": { + "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?", + "type": "string" + }, + "optional": { + "description": "Specify whether the ConfigMap or its key must be defined", + "type": "boolean" + } + }, + "required": [ + "key" + ], + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "fieldRef": { + "description": "Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs.", + "properties": { + "apiVersion": { + "description": "Version of the schema the FieldPath is written in terms of, defaults to \"v1\".", + "type": "string" + }, + "fieldPath": { + "description": "Path of the field to select in the specified API version.", + "type": "string" + } + }, + "required": [ + "fieldPath" + ], + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "resourceFieldRef": { + "description": "Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported.", + "properties": { + "containerName": { + "description": "Container name: required for volumes, optional for env vars", + "type": "string" + }, + "divisor": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "description": "Specifies the output format of the exposed resources, defaults to \"1\"", + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "resource": { + "description": "Required: resource to select", + "type": "string" + } + }, + "required": [ + "resource" + ], + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "secretKeyRef": { + "description": "Selects a key of a secret in the pod's namespace", + "properties": { + "key": { + "description": "The key of the secret to select from. Must be a valid secret key.", + "type": "string" + }, + "name": { + "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?", + "type": "string" + }, + "optional": { + "description": "Specify whether the Secret or its key must be defined", + "type": "boolean" + } + }, + "required": [ + "key" + ], + "type": "object", + "x-kubernetes-map-type": "atomic" + } + }, + "type": "object" + } + }, + "required": [ + "name" + ], + "type": "object" + }, + "type": "array" + }, + "envFrom": { + "description": "List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated.", + "items": { + "description": "EnvFromSource represents the source of a set of ConfigMaps", + "properties": { + "configMapRef": { + "description": "The ConfigMap to select from", + "properties": { + "name": { + "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?", + "type": "string" + }, + "optional": { + "description": "Specify whether the ConfigMap must be defined", + "type": "boolean" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "prefix": { + "description": "An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER.", + "type": "string" + }, + "secretRef": { + "description": "The Secret to select from", + "properties": { + "name": { + "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?", + "type": "string" + }, + "optional": { + "description": "Specify whether the Secret must be defined", + "type": "boolean" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + } + }, + "type": "object" + }, + "type": "array" + }, + "image": { + "description": "Container image name. More info: https://kubernetes.io/docs/concepts/containers/images", + "type": "string" + }, + "imagePullPolicy": { + "description": "Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images", + "type": "string" + }, + "lifecycle": { + "description": "Lifecycle is not allowed for ephemeral containers.", + "properties": { + "postStart": { + "description": "PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks", + "properties": { + "exec": { + "description": "Exec specifies the action to take.", + "properties": { + "command": { + "description": "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + }, + "httpGet": { + "description": "HTTPGet specifies the http request to perform.", + "properties": { + "host": { + "description": "Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead.", + "type": "string" + }, + "httpHeaders": { + "description": "Custom headers to set in the request. HTTP allows repeated headers.", + "items": { + "description": "HTTPHeader describes a custom header to be used in HTTP probes", + "properties": { + "name": { + "description": "The header field name", + "type": "string" + }, + "value": { + "description": "The header field value", + "type": "string" + } + }, + "required": [ + "name", + "value" + ], + "type": "object" + }, + "type": "array" + }, + "path": { + "description": "Path to access on the HTTP server.", + "type": "string" + }, + "port": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "description": "Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.", + "x-kubernetes-int-or-string": true + }, + "scheme": { + "description": "Scheme to use for connecting to the host. Defaults to HTTP.", + "type": "string" + } + }, + "required": [ + "port" + ], + "type": "object" + }, + "tcpSocket": { + "description": "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified.", + "properties": { + "host": { + "description": "Optional: Host name to connect to, defaults to the pod IP.", + "type": "string" + }, + "port": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "description": "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.", + "x-kubernetes-int-or-string": true + } + }, + "required": [ + "port" + ], + "type": "object" + } + }, + "type": "object" + }, + "preStop": { + "description": "PreStop is called immediately before a container is terminated due to an API request or management event such as liveness/startup probe failure, preemption, resource contention, etc. The handler is not called if the container crashes or exits. The Pod's termination grace period countdown begins before the PreStop hook is executed. Regardless of the outcome of the handler, the container will eventually terminate within the Pod's termination grace period (unless delayed by finalizers). Other management of the container blocks until the hook completes or until the termination grace period is reached. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks", + "properties": { + "exec": { + "description": "Exec specifies the action to take.", + "properties": { + "command": { + "description": "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + }, + "httpGet": { + "description": "HTTPGet specifies the http request to perform.", + "properties": { + "host": { + "description": "Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead.", + "type": "string" + }, + "httpHeaders": { + "description": "Custom headers to set in the request. HTTP allows repeated headers.", + "items": { + "description": "HTTPHeader describes a custom header to be used in HTTP probes", + "properties": { + "name": { + "description": "The header field name", + "type": "string" + }, + "value": { + "description": "The header field value", + "type": "string" + } + }, + "required": [ + "name", + "value" + ], + "type": "object" + }, + "type": "array" + }, + "path": { + "description": "Path to access on the HTTP server.", + "type": "string" + }, + "port": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "description": "Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.", + "x-kubernetes-int-or-string": true + }, + "scheme": { + "description": "Scheme to use for connecting to the host. Defaults to HTTP.", + "type": "string" + } + }, + "required": [ + "port" + ], + "type": "object" + }, + "tcpSocket": { + "description": "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified.", + "properties": { + "host": { + "description": "Optional: Host name to connect to, defaults to the pod IP.", + "type": "string" + }, + "port": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "description": "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.", + "x-kubernetes-int-or-string": true + } + }, + "required": [ + "port" + ], + "type": "object" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "livenessProbe": { + "description": "Probes are not allowed for ephemeral containers.", + "properties": { + "exec": { + "description": "Exec specifies the action to take.", + "properties": { + "command": { + "description": "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + }, + "failureThreshold": { + "description": "Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.", + "format": "int32", + "type": "integer" + }, + "grpc": { + "description": "GRPC specifies an action involving a GRPC port. This is a beta field and requires enabling GRPCContainerProbe feature gate.", + "properties": { + "port": { + "description": "Port number of the gRPC service. Number must be in the range 1 to 65535.", + "format": "int32", + "type": "integer" + }, + "service": { + "description": "Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). \n If this is not specified, the default behavior is defined by gRPC.", + "type": "string" + } + }, + "required": [ + "port" + ], + "type": "object" + }, + "httpGet": { + "description": "HTTPGet specifies the http request to perform.", + "properties": { + "host": { + "description": "Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead.", + "type": "string" + }, + "httpHeaders": { + "description": "Custom headers to set in the request. HTTP allows repeated headers.", + "items": { + "description": "HTTPHeader describes a custom header to be used in HTTP probes", + "properties": { + "name": { + "description": "The header field name", + "type": "string" + }, + "value": { + "description": "The header field value", + "type": "string" + } + }, + "required": [ + "name", + "value" + ], + "type": "object" + }, + "type": "array" + }, + "path": { + "description": "Path to access on the HTTP server.", + "type": "string" + }, + "port": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "description": "Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.", + "x-kubernetes-int-or-string": true + }, + "scheme": { + "description": "Scheme to use for connecting to the host. Defaults to HTTP.", + "type": "string" + } + }, + "required": [ + "port" + ], + "type": "object" + }, + "initialDelaySeconds": { + "description": "Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes", + "format": "int32", + "type": "integer" + }, + "periodSeconds": { + "description": "How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1.", + "format": "int32", + "type": "integer" + }, + "successThreshold": { + "description": "Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1.", + "format": "int32", + "type": "integer" + }, + "tcpSocket": { + "description": "TCPSocket specifies an action involving a TCP port.", + "properties": { + "host": { + "description": "Optional: Host name to connect to, defaults to the pod IP.", + "type": "string" + }, + "port": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "description": "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.", + "x-kubernetes-int-or-string": true + } + }, + "required": [ + "port" + ], + "type": "object" + }, + "terminationGracePeriodSeconds": { + "description": "Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset.", + "format": "int64", + "type": "integer" + }, + "timeoutSeconds": { + "description": "Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes", + "format": "int32", + "type": "integer" + } + }, + "type": "object" + }, + "name": { + "description": "Name of the ephemeral container specified as a DNS_LABEL. This name must be unique among all containers, init containers and ephemeral containers.", + "type": "string" + }, + "ports": { + "description": "Ports are not allowed for ephemeral containers.", + "items": { + "description": "ContainerPort represents a network port in a single container.", + "properties": { + "containerPort": { + "description": "Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536.", + "format": "int32", + "type": "integer" + }, + "hostIP": { + "description": "What host IP to bind the external port to.", + "type": "string" + }, + "hostPort": { + "description": "Number of port to expose on the host. If specified, this must be a valid port number, 0 < x < 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this.", + "format": "int32", + "type": "integer" + }, + "name": { + "description": "If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services.", + "type": "string" + }, + "protocol": { + "default": "TCP", + "description": "Protocol for port. Must be UDP, TCP, or SCTP. Defaults to \"TCP\".", + "type": "string" + } + }, + "required": [ + "containerPort" + ], + "type": "object" + }, + "type": "array", + "x-kubernetes-list-map-keys": [ + "containerPort", + "protocol" + ], + "x-kubernetes-list-type": "map" + }, + "readinessProbe": { + "description": "Probes are not allowed for ephemeral containers.", + "properties": { + "exec": { + "description": "Exec specifies the action to take.", + "properties": { + "command": { + "description": "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + }, + "failureThreshold": { + "description": "Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.", + "format": "int32", + "type": "integer" + }, + "grpc": { + "description": "GRPC specifies an action involving a GRPC port. This is a beta field and requires enabling GRPCContainerProbe feature gate.", + "properties": { + "port": { + "description": "Port number of the gRPC service. Number must be in the range 1 to 65535.", + "format": "int32", + "type": "integer" + }, + "service": { + "description": "Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). \n If this is not specified, the default behavior is defined by gRPC.", + "type": "string" + } + }, + "required": [ + "port" + ], + "type": "object" + }, + "httpGet": { + "description": "HTTPGet specifies the http request to perform.", + "properties": { + "host": { + "description": "Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead.", + "type": "string" + }, + "httpHeaders": { + "description": "Custom headers to set in the request. HTTP allows repeated headers.", + "items": { + "description": "HTTPHeader describes a custom header to be used in HTTP probes", + "properties": { + "name": { + "description": "The header field name", + "type": "string" + }, + "value": { + "description": "The header field value", + "type": "string" + } + }, + "required": [ + "name", + "value" + ], + "type": "object" + }, + "type": "array" + }, + "path": { + "description": "Path to access on the HTTP server.", + "type": "string" + }, + "port": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "description": "Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.", + "x-kubernetes-int-or-string": true + }, + "scheme": { + "description": "Scheme to use for connecting to the host. Defaults to HTTP.", + "type": "string" + } + }, + "required": [ + "port" + ], + "type": "object" + }, + "initialDelaySeconds": { + "description": "Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes", + "format": "int32", + "type": "integer" + }, + "periodSeconds": { + "description": "How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1.", + "format": "int32", + "type": "integer" + }, + "successThreshold": { + "description": "Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1.", + "format": "int32", + "type": "integer" + }, + "tcpSocket": { + "description": "TCPSocket specifies an action involving a TCP port.", + "properties": { + "host": { + "description": "Optional: Host name to connect to, defaults to the pod IP.", + "type": "string" + }, + "port": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "description": "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.", + "x-kubernetes-int-or-string": true + } + }, + "required": [ + "port" + ], + "type": "object" + }, + "terminationGracePeriodSeconds": { + "description": "Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset.", + "format": "int64", + "type": "integer" + }, + "timeoutSeconds": { + "description": "Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes", + "format": "int32", + "type": "integer" + } + }, + "type": "object" + }, + "resources": { + "description": "Resources are not allowed for ephemeral containers. Ephemeral containers use spare resources already allocated to the pod.", + "properties": { + "claims": { + "description": "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers.", + "items": { + "description": "ResourceClaim references one entry in PodSpec.ResourceClaims.", + "properties": { + "name": { + "description": "Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container.", + "type": "string" + } + }, + "required": [ + "name" + ], + "type": "object" + }, + "type": "array", + "x-kubernetes-list-map-keys": [ + "name" + ], + "x-kubernetes-list-type": "map" + }, + "limits": { + "additionalProperties": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "description": "Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/", + "type": "object" + }, + "requests": { + "additionalProperties": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "description": "Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/", + "type": "object" + } + }, + "type": "object" + }, + "securityContext": { + "description": "Optional: SecurityContext defines the security options the ephemeral container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext.", + "properties": { + "allowPrivilegeEscalation": { + "description": "AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN Note that this field cannot be set when spec.os.name is windows.", + "type": "boolean" + }, + "capabilities": { + "description": "The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. Note that this field cannot be set when spec.os.name is windows.", + "properties": { + "add": { + "description": "Added capabilities", + "items": { + "description": "Capability represent POSIX capabilities type", + "type": "string" + }, + "type": "array" + }, + "drop": { + "description": "Removed capabilities", + "items": { + "description": "Capability represent POSIX capabilities type", + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + }, + "privileged": { + "description": "Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. Note that this field cannot be set when spec.os.name is windows.", + "type": "boolean" + }, + "procMount": { + "description": "procMount denotes the type of proc mount to use for the containers. The default is DefaultProcMount which uses the container runtime defaults for readonly paths and masked paths. This requires the ProcMountType feature flag to be enabled. Note that this field cannot be set when spec.os.name is windows.", + "type": "string" + }, + "readOnlyRootFilesystem": { + "description": "Whether this container has a read-only root filesystem. Default is false. Note that this field cannot be set when spec.os.name is windows.", + "type": "boolean" + }, + "runAsGroup": { + "description": "The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows.", + "format": "int64", + "type": "integer" + }, + "runAsNonRoot": { + "description": "Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.", + "type": "boolean" + }, + "runAsUser": { + "description": "The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows.", + "format": "int64", + "type": "integer" + }, + "seLinuxOptions": { + "description": "The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows.", + "properties": { + "level": { + "description": "Level is SELinux level label that applies to the container.", + "type": "string" + }, + "role": { + "description": "Role is a SELinux role label that applies to the container.", + "type": "string" + }, + "type": { + "description": "Type is a SELinux type label that applies to the container.", + "type": "string" + }, + "user": { + "description": "User is a SELinux user label that applies to the container.", + "type": "string" + } + }, + "type": "object" + }, + "seccompProfile": { + "description": "The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows.", + "properties": { + "localhostProfile": { + "description": "localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must only be set if type is \"Localhost\".", + "type": "string" + }, + "type": { + "description": "type indicates which kind of seccomp profile will be applied. Valid options are: \n Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied.", + "type": "string" + } + }, + "required": [ + "type" + ], + "type": "object" + }, + "windowsOptions": { + "description": "The Windows specific settings applied to all containers. If unspecified, the options from the PodSecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is linux.", + "properties": { + "gmsaCredentialSpec": { + "description": "GMSACredentialSpec is where the GMSA admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the GMSA credential spec named by the GMSACredentialSpecName field.", + "type": "string" + }, + "gmsaCredentialSpecName": { + "description": "GMSACredentialSpecName is the name of the GMSA credential spec to use.", + "type": "string" + }, + "hostProcess": { + "description": "HostProcess determines if a container should be run as a 'Host Process' container. This field is alpha-level and will only be honored by components that enable the WindowsHostProcessContainers feature flag. Setting this field without the feature flag will result in errors when validating the Pod. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.", + "type": "boolean" + }, + "runAsUserName": { + "description": "The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.", + "type": "string" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "startupProbe": { + "description": "Probes are not allowed for ephemeral containers.", + "properties": { + "exec": { + "description": "Exec specifies the action to take.", + "properties": { + "command": { + "description": "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + }, + "failureThreshold": { + "description": "Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.", + "format": "int32", + "type": "integer" + }, + "grpc": { + "description": "GRPC specifies an action involving a GRPC port. This is a beta field and requires enabling GRPCContainerProbe feature gate.", + "properties": { + "port": { + "description": "Port number of the gRPC service. Number must be in the range 1 to 65535.", + "format": "int32", + "type": "integer" + }, + "service": { + "description": "Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). \n If this is not specified, the default behavior is defined by gRPC.", + "type": "string" + } + }, + "required": [ + "port" + ], + "type": "object" + }, + "httpGet": { + "description": "HTTPGet specifies the http request to perform.", + "properties": { + "host": { + "description": "Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead.", + "type": "string" + }, + "httpHeaders": { + "description": "Custom headers to set in the request. HTTP allows repeated headers.", + "items": { + "description": "HTTPHeader describes a custom header to be used in HTTP probes", + "properties": { + "name": { + "description": "The header field name", + "type": "string" + }, + "value": { + "description": "The header field value", + "type": "string" + } + }, + "required": [ + "name", + "value" + ], + "type": "object" + }, + "type": "array" + }, + "path": { + "description": "Path to access on the HTTP server.", + "type": "string" + }, + "port": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "description": "Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.", + "x-kubernetes-int-or-string": true + }, + "scheme": { + "description": "Scheme to use for connecting to the host. Defaults to HTTP.", + "type": "string" + } + }, + "required": [ + "port" + ], + "type": "object" + }, + "initialDelaySeconds": { + "description": "Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes", + "format": "int32", + "type": "integer" + }, + "periodSeconds": { + "description": "How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1.", + "format": "int32", + "type": "integer" + }, + "successThreshold": { + "description": "Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1.", + "format": "int32", + "type": "integer" + }, + "tcpSocket": { + "description": "TCPSocket specifies an action involving a TCP port.", + "properties": { + "host": { + "description": "Optional: Host name to connect to, defaults to the pod IP.", + "type": "string" + }, + "port": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "description": "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.", + "x-kubernetes-int-or-string": true + } + }, + "required": [ + "port" + ], + "type": "object" + }, + "terminationGracePeriodSeconds": { + "description": "Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset.", + "format": "int64", + "type": "integer" + }, + "timeoutSeconds": { + "description": "Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes", + "format": "int32", + "type": "integer" + } + }, + "type": "object" + }, + "stdin": { + "description": "Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false.", + "type": "boolean" + }, + "stdinOnce": { + "description": "Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false", + "type": "boolean" + }, + "targetContainerName": { + "description": "If set, the name of the container from PodSpec that this ephemeral container targets. The ephemeral container will be run in the namespaces (IPC, PID, etc) of this container. If not set then the ephemeral container uses the namespaces configured in the Pod spec. \n The container runtime must implement support for this feature. If the runtime does not support namespace targeting then the result of setting this field is undefined.", + "type": "string" + }, + "terminationMessagePath": { + "description": "Optional: Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated.", + "type": "string" + }, + "terminationMessagePolicy": { + "description": "Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated.", + "type": "string" + }, + "tty": { + "description": "Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. Default is false.", + "type": "boolean" + }, + "volumeDevices": { + "description": "volumeDevices is the list of block devices to be used by the container.", + "items": { + "description": "volumeDevice describes a mapping of a raw block device within a container.", + "properties": { + "devicePath": { + "description": "devicePath is the path inside of the container that the device will be mapped to.", + "type": "string" + }, + "name": { + "description": "name must match the name of a persistentVolumeClaim in the pod", + "type": "string" + } + }, + "required": [ + "devicePath", + "name" + ], + "type": "object" + }, + "type": "array" + }, + "volumeMounts": { + "description": "Pod volumes to mount into the container's filesystem. Subpath mounts are not allowed for ephemeral containers. Cannot be updated.", + "items": { + "description": "VolumeMount describes a mounting of a Volume within a container.", + "properties": { + "mountPath": { + "description": "Path within the container at which the volume should be mounted. Must not contain ':'.", + "type": "string" + }, + "mountPropagation": { + "description": "mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationNone is used. This field is beta in 1.10.", + "type": "string" + }, + "name": { + "description": "This must match the Name of a Volume.", + "type": "string" + }, + "readOnly": { + "description": "Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false.", + "type": "boolean" + }, + "subPath": { + "description": "Path within the volume from which the container's volume should be mounted. Defaults to \"\" (volume's root).", + "type": "string" + }, + "subPathExpr": { + "description": "Expanded path within the volume from which the container's volume should be mounted. Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. Defaults to \"\" (volume's root). SubPathExpr and SubPath are mutually exclusive.", + "type": "string" + } + }, + "required": [ + "mountPath", + "name" + ], + "type": "object" + }, + "type": "array" + }, + "workingDir": { + "description": "Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated.", + "type": "string" + } + }, + "required": [ + "name" + ], + "type": "object" + }, + "type": "array" + }, + "hostAliases": { + "description": "HostAliases is an optional list of hosts and IPs that will be injected into the pod's hosts file if specified. This is only valid for non-hostNetwork pods.", + "items": { + "description": "HostAlias holds the mapping between IP and hostnames that will be injected as an entry in the pod's hosts file.", + "properties": { + "hostnames": { + "description": "Hostnames for the above IP address.", + "items": { + "type": "string" + }, + "type": "array" + }, + "ip": { + "description": "IP address of the host file entry.", + "type": "string" + } + }, + "type": "object" + }, + "type": "array" + }, + "hostIPC": { + "description": "Use the host's ipc namespace. Optional: Default to false.", + "type": "boolean" + }, + "hostNetwork": { + "description": "Host networking requested for this pod. Use the host's network namespace. If this option is set, the ports that will be used must be specified. Default to false.", + "type": "boolean" + }, + "hostPID": { + "description": "Use the host's pid namespace. Optional: Default to false.", + "type": "boolean" + }, + "hostUsers": { + "description": "Use the host's user namespace. Optional: Default to true. If set to true or not present, the pod will be run in the host user namespace, useful for when the pod needs a feature only available to the host user namespace, such as loading a kernel module with CAP_SYS_MODULE. When set to false, a new userns is created for the pod. Setting false is useful for mitigating container breakout vulnerabilities even allowing users to run their containers as root without actually having root privileges on the host. This field is alpha-level and is only honored by servers that enable the UserNamespacesSupport feature.", + "type": "boolean" + }, + "hostname": { + "description": "Specifies the hostname of the Pod If not specified, the pod's hostname will be set to a system-defined value.", + "type": "string" + }, + "imagePullSecrets": { + "description": "ImagePullSecrets is an optional list of references to secrets in the same namespace to use for pulling any of the images used by this PodSpec. If specified, these secrets will be passed to individual puller implementations for them to use. More info: https://kubernetes.io/docs/concepts/containers/images#specifying-imagepullsecrets-on-a-pod", + "items": { + "description": "LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace.", + "properties": { + "name": { + "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?", + "type": "string" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "type": "array" + }, + "initContainers": { + "description": "List of initialization containers belonging to the pod. Init containers are executed in order prior to containers being started. If any init container fails, the pod is considered to have failed and is handled according to its restartPolicy. The name for an init container or normal container must be unique among all containers. Init containers may not have Lifecycle actions, Readiness probes, Liveness probes, or Startup probes. The resourceRequirements of an init container are taken into account during scheduling by finding the highest request/limit for each resource type, and then using the max of of that value or the sum of the normal containers. Limits are applied to init containers in a similar fashion. Init containers cannot currently be added or removed. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/", + "items": { + "description": "A single application container that you want to run within a pod.", + "properties": { + "args": { + "description": "Arguments to the entrypoint. The container image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell", + "items": { + "type": "string" + }, + "type": "array" + }, + "command": { + "description": "Entrypoint array. Not executed within a shell. The container image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell", + "items": { + "type": "string" + }, + "type": "array" + }, + "env": { + "description": "List of environment variables to set in the container. Cannot be updated.", + "items": { + "description": "EnvVar represents an environment variable present in a Container.", + "properties": { + "name": { + "description": "Name of the environment variable. Must be a C_IDENTIFIER.", + "type": "string" + }, + "value": { + "description": "Variable references $(VAR_NAME) are expanded using the previously defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to \"\".", + "type": "string" + }, + "valueFrom": { + "description": "Source for the environment variable's value. Cannot be used if value is not empty.", + "properties": { + "configMapKeyRef": { + "description": "Selects a key of a ConfigMap.", + "properties": { + "key": { + "description": "The key to select.", + "type": "string" + }, + "name": { + "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?", + "type": "string" + }, + "optional": { + "description": "Specify whether the ConfigMap or its key must be defined", + "type": "boolean" + } + }, + "required": [ + "key" + ], + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "fieldRef": { + "description": "Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs.", + "properties": { + "apiVersion": { + "description": "Version of the schema the FieldPath is written in terms of, defaults to \"v1\".", + "type": "string" + }, + "fieldPath": { + "description": "Path of the field to select in the specified API version.", + "type": "string" + } + }, + "required": [ + "fieldPath" + ], + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "resourceFieldRef": { + "description": "Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported.", + "properties": { + "containerName": { + "description": "Container name: required for volumes, optional for env vars", + "type": "string" + }, + "divisor": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "description": "Specifies the output format of the exposed resources, defaults to \"1\"", + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "resource": { + "description": "Required: resource to select", + "type": "string" + } + }, + "required": [ + "resource" + ], + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "secretKeyRef": { + "description": "Selects a key of a secret in the pod's namespace", + "properties": { + "key": { + "description": "The key of the secret to select from. Must be a valid secret key.", + "type": "string" + }, + "name": { + "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?", + "type": "string" + }, + "optional": { + "description": "Specify whether the Secret or its key must be defined", + "type": "boolean" + } + }, + "required": [ + "key" + ], + "type": "object", + "x-kubernetes-map-type": "atomic" + } + }, + "type": "object" + } + }, + "required": [ + "name" + ], + "type": "object" + }, + "type": "array" + }, + "envFrom": { + "description": "List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated.", + "items": { + "description": "EnvFromSource represents the source of a set of ConfigMaps", + "properties": { + "configMapRef": { + "description": "The ConfigMap to select from", + "properties": { + "name": { + "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?", + "type": "string" + }, + "optional": { + "description": "Specify whether the ConfigMap must be defined", + "type": "boolean" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "prefix": { + "description": "An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER.", + "type": "string" + }, + "secretRef": { + "description": "The Secret to select from", + "properties": { + "name": { + "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?", + "type": "string" + }, + "optional": { + "description": "Specify whether the Secret must be defined", + "type": "boolean" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + } + }, + "type": "object" + }, + "type": "array" + }, + "image": { + "description": "Container image name. More info: https://kubernetes.io/docs/concepts/containers/images This field is optional to allow higher level config management to default or override container images in workload controllers like Deployments and StatefulSets.", + "type": "string" + }, + "imagePullPolicy": { + "description": "Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images", + "type": "string" + }, + "lifecycle": { + "description": "Actions that the management system should take in response to container lifecycle events. Cannot be updated.", + "properties": { + "postStart": { + "description": "PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks", + "properties": { + "exec": { + "description": "Exec specifies the action to take.", + "properties": { + "command": { + "description": "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + }, + "httpGet": { + "description": "HTTPGet specifies the http request to perform.", + "properties": { + "host": { + "description": "Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead.", + "type": "string" + }, + "httpHeaders": { + "description": "Custom headers to set in the request. HTTP allows repeated headers.", + "items": { + "description": "HTTPHeader describes a custom header to be used in HTTP probes", + "properties": { + "name": { + "description": "The header field name", + "type": "string" + }, + "value": { + "description": "The header field value", + "type": "string" + } + }, + "required": [ + "name", + "value" + ], + "type": "object" + }, + "type": "array" + }, + "path": { + "description": "Path to access on the HTTP server.", + "type": "string" + }, + "port": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "description": "Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.", + "x-kubernetes-int-or-string": true + }, + "scheme": { + "description": "Scheme to use for connecting to the host. Defaults to HTTP.", + "type": "string" + } + }, + "required": [ + "port" + ], + "type": "object" + }, + "tcpSocket": { + "description": "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified.", + "properties": { + "host": { + "description": "Optional: Host name to connect to, defaults to the pod IP.", + "type": "string" + }, + "port": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "description": "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.", + "x-kubernetes-int-or-string": true + } + }, + "required": [ + "port" + ], + "type": "object" + } + }, + "type": "object" + }, + "preStop": { + "description": "PreStop is called immediately before a container is terminated due to an API request or management event such as liveness/startup probe failure, preemption, resource contention, etc. The handler is not called if the container crashes or exits. The Pod's termination grace period countdown begins before the PreStop hook is executed. Regardless of the outcome of the handler, the container will eventually terminate within the Pod's termination grace period (unless delayed by finalizers). Other management of the container blocks until the hook completes or until the termination grace period is reached. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks", + "properties": { + "exec": { + "description": "Exec specifies the action to take.", + "properties": { + "command": { + "description": "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + }, + "httpGet": { + "description": "HTTPGet specifies the http request to perform.", + "properties": { + "host": { + "description": "Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead.", + "type": "string" + }, + "httpHeaders": { + "description": "Custom headers to set in the request. HTTP allows repeated headers.", + "items": { + "description": "HTTPHeader describes a custom header to be used in HTTP probes", + "properties": { + "name": { + "description": "The header field name", + "type": "string" + }, + "value": { + "description": "The header field value", + "type": "string" + } + }, + "required": [ + "name", + "value" + ], + "type": "object" + }, + "type": "array" + }, + "path": { + "description": "Path to access on the HTTP server.", + "type": "string" + }, + "port": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "description": "Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.", + "x-kubernetes-int-or-string": true + }, + "scheme": { + "description": "Scheme to use for connecting to the host. Defaults to HTTP.", + "type": "string" + } + }, + "required": [ + "port" + ], + "type": "object" + }, + "tcpSocket": { + "description": "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified.", + "properties": { + "host": { + "description": "Optional: Host name to connect to, defaults to the pod IP.", + "type": "string" + }, + "port": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "description": "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.", + "x-kubernetes-int-or-string": true + } + }, + "required": [ + "port" + ], + "type": "object" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "livenessProbe": { + "description": "Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes", + "properties": { + "exec": { + "description": "Exec specifies the action to take.", + "properties": { + "command": { + "description": "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + }, + "failureThreshold": { + "description": "Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.", + "format": "int32", + "type": "integer" + }, + "grpc": { + "description": "GRPC specifies an action involving a GRPC port. This is a beta field and requires enabling GRPCContainerProbe feature gate.", + "properties": { + "port": { + "description": "Port number of the gRPC service. Number must be in the range 1 to 65535.", + "format": "int32", + "type": "integer" + }, + "service": { + "description": "Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). \n If this is not specified, the default behavior is defined by gRPC.", + "type": "string" + } + }, + "required": [ + "port" + ], + "type": "object" + }, + "httpGet": { + "description": "HTTPGet specifies the http request to perform.", + "properties": { + "host": { + "description": "Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead.", + "type": "string" + }, + "httpHeaders": { + "description": "Custom headers to set in the request. HTTP allows repeated headers.", + "items": { + "description": "HTTPHeader describes a custom header to be used in HTTP probes", + "properties": { + "name": { + "description": "The header field name", + "type": "string" + }, + "value": { + "description": "The header field value", + "type": "string" + } + }, + "required": [ + "name", + "value" + ], + "type": "object" + }, + "type": "array" + }, + "path": { + "description": "Path to access on the HTTP server.", + "type": "string" + }, + "port": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "description": "Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.", + "x-kubernetes-int-or-string": true + }, + "scheme": { + "description": "Scheme to use for connecting to the host. Defaults to HTTP.", + "type": "string" + } + }, + "required": [ + "port" + ], + "type": "object" + }, + "initialDelaySeconds": { + "description": "Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes", + "format": "int32", + "type": "integer" + }, + "periodSeconds": { + "description": "How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1.", + "format": "int32", + "type": "integer" + }, + "successThreshold": { + "description": "Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1.", + "format": "int32", + "type": "integer" + }, + "tcpSocket": { + "description": "TCPSocket specifies an action involving a TCP port.", + "properties": { + "host": { + "description": "Optional: Host name to connect to, defaults to the pod IP.", + "type": "string" + }, + "port": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "description": "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.", + "x-kubernetes-int-or-string": true + } + }, + "required": [ + "port" + ], + "type": "object" + }, + "terminationGracePeriodSeconds": { + "description": "Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset.", + "format": "int64", + "type": "integer" + }, + "timeoutSeconds": { + "description": "Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes", + "format": "int32", + "type": "integer" + } + }, + "type": "object" + }, + "name": { + "description": "Name of the container specified as a DNS_LABEL. Each container in a pod must have a unique name (DNS_LABEL). Cannot be updated.", + "type": "string" + }, + "ports": { + "description": "List of ports to expose from the container. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default \"0.0.0.0\" address inside a container will be accessible from the network. Modifying this array with strategic merge patch may corrupt the data. For more information See https://github.com/kubernetes/kubernetes/issues/108255. Cannot be updated.", + "items": { + "description": "ContainerPort represents a network port in a single container.", + "properties": { + "containerPort": { + "description": "Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536.", + "format": "int32", + "type": "integer" + }, + "hostIP": { + "description": "What host IP to bind the external port to.", + "type": "string" + }, + "hostPort": { + "description": "Number of port to expose on the host. If specified, this must be a valid port number, 0 < x < 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this.", + "format": "int32", + "type": "integer" + }, + "name": { + "description": "If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services.", + "type": "string" + }, + "protocol": { + "default": "TCP", + "description": "Protocol for port. Must be UDP, TCP, or SCTP. Defaults to \"TCP\".", + "type": "string" + } + }, + "required": [ + "containerPort" + ], + "type": "object" + }, + "type": "array" + }, + "readinessProbe": { + "description": "Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes", + "properties": { + "exec": { + "description": "Exec specifies the action to take.", + "properties": { + "command": { + "description": "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + }, + "failureThreshold": { + "description": "Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.", + "format": "int32", + "type": "integer" + }, + "grpc": { + "description": "GRPC specifies an action involving a GRPC port. This is a beta field and requires enabling GRPCContainerProbe feature gate.", + "properties": { + "port": { + "description": "Port number of the gRPC service. Number must be in the range 1 to 65535.", + "format": "int32", + "type": "integer" + }, + "service": { + "description": "Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). \n If this is not specified, the default behavior is defined by gRPC.", + "type": "string" + } + }, + "required": [ + "port" + ], + "type": "object" + }, + "httpGet": { + "description": "HTTPGet specifies the http request to perform.", + "properties": { + "host": { + "description": "Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead.", + "type": "string" + }, + "httpHeaders": { + "description": "Custom headers to set in the request. HTTP allows repeated headers.", + "items": { + "description": "HTTPHeader describes a custom header to be used in HTTP probes", + "properties": { + "name": { + "description": "The header field name", + "type": "string" + }, + "value": { + "description": "The header field value", + "type": "string" + } + }, + "required": [ + "name", + "value" + ], + "type": "object" + }, + "type": "array" + }, + "path": { + "description": "Path to access on the HTTP server.", + "type": "string" + }, + "port": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "description": "Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.", + "x-kubernetes-int-or-string": true + }, + "scheme": { + "description": "Scheme to use for connecting to the host. Defaults to HTTP.", + "type": "string" + } + }, + "required": [ + "port" + ], + "type": "object" + }, + "initialDelaySeconds": { + "description": "Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes", + "format": "int32", + "type": "integer" + }, + "periodSeconds": { + "description": "How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1.", + "format": "int32", + "type": "integer" + }, + "successThreshold": { + "description": "Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1.", + "format": "int32", + "type": "integer" + }, + "tcpSocket": { + "description": "TCPSocket specifies an action involving a TCP port.", + "properties": { + "host": { + "description": "Optional: Host name to connect to, defaults to the pod IP.", + "type": "string" + }, + "port": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "description": "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.", + "x-kubernetes-int-or-string": true + } + }, + "required": [ + "port" + ], + "type": "object" + }, + "terminationGracePeriodSeconds": { + "description": "Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset.", + "format": "int64", + "type": "integer" + }, + "timeoutSeconds": { + "description": "Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes", + "format": "int32", + "type": "integer" + } + }, + "type": "object" + }, + "resources": { + "description": "Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/", + "properties": { + "claims": { + "description": "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers.", + "items": { + "description": "ResourceClaim references one entry in PodSpec.ResourceClaims.", + "properties": { + "name": { + "description": "Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container.", + "type": "string" + } + }, + "required": [ + "name" + ], + "type": "object" + }, + "type": "array", + "x-kubernetes-list-map-keys": [ + "name" + ], + "x-kubernetes-list-type": "map" + }, + "limits": { + "additionalProperties": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "description": "Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/", + "type": "object" + }, + "requests": { + "additionalProperties": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "description": "Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/", + "type": "object" + } + }, + "type": "object" + }, + "securityContext": { + "description": "SecurityContext defines the security options the container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/", + "properties": { + "allowPrivilegeEscalation": { + "description": "AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN Note that this field cannot be set when spec.os.name is windows.", + "type": "boolean" + }, + "capabilities": { + "description": "The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. Note that this field cannot be set when spec.os.name is windows.", + "properties": { + "add": { + "description": "Added capabilities", + "items": { + "description": "Capability represent POSIX capabilities type", + "type": "string" + }, + "type": "array" + }, + "drop": { + "description": "Removed capabilities", + "items": { + "description": "Capability represent POSIX capabilities type", + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + }, + "privileged": { + "description": "Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. Note that this field cannot be set when spec.os.name is windows.", + "type": "boolean" + }, + "procMount": { + "description": "procMount denotes the type of proc mount to use for the containers. The default is DefaultProcMount which uses the container runtime defaults for readonly paths and masked paths. This requires the ProcMountType feature flag to be enabled. Note that this field cannot be set when spec.os.name is windows.", + "type": "string" + }, + "readOnlyRootFilesystem": { + "description": "Whether this container has a read-only root filesystem. Default is false. Note that this field cannot be set when spec.os.name is windows.", + "type": "boolean" + }, + "runAsGroup": { + "description": "The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows.", + "format": "int64", + "type": "integer" + }, + "runAsNonRoot": { + "description": "Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.", + "type": "boolean" + }, + "runAsUser": { + "description": "The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows.", + "format": "int64", + "type": "integer" + }, + "seLinuxOptions": { + "description": "The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows.", + "properties": { + "level": { + "description": "Level is SELinux level label that applies to the container.", + "type": "string" + }, + "role": { + "description": "Role is a SELinux role label that applies to the container.", + "type": "string" + }, + "type": { + "description": "Type is a SELinux type label that applies to the container.", + "type": "string" + }, + "user": { + "description": "User is a SELinux user label that applies to the container.", + "type": "string" + } + }, + "type": "object" + }, + "seccompProfile": { + "description": "The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows.", + "properties": { + "localhostProfile": { + "description": "localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must only be set if type is \"Localhost\".", + "type": "string" + }, + "type": { + "description": "type indicates which kind of seccomp profile will be applied. Valid options are: \n Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied.", + "type": "string" + } + }, + "required": [ + "type" + ], + "type": "object" + }, + "windowsOptions": { + "description": "The Windows specific settings applied to all containers. If unspecified, the options from the PodSecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is linux.", + "properties": { + "gmsaCredentialSpec": { + "description": "GMSACredentialSpec is where the GMSA admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the GMSA credential spec named by the GMSACredentialSpecName field.", + "type": "string" + }, + "gmsaCredentialSpecName": { + "description": "GMSACredentialSpecName is the name of the GMSA credential spec to use.", + "type": "string" + }, + "hostProcess": { + "description": "HostProcess determines if a container should be run as a 'Host Process' container. This field is alpha-level and will only be honored by components that enable the WindowsHostProcessContainers feature flag. Setting this field without the feature flag will result in errors when validating the Pod. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.", + "type": "boolean" + }, + "runAsUserName": { + "description": "The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.", + "type": "string" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "startupProbe": { + "description": "StartupProbe indicates that the Pod has successfully initialized. If specified, no other probes are executed until this completes successfully. If this probe fails, the Pod will be restarted, just as if the livenessProbe failed. This can be used to provide different probe parameters at the beginning of a Pod's lifecycle, when it might take a long time to load data or warm a cache, than during steady-state operation. This cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes", + "properties": { + "exec": { + "description": "Exec specifies the action to take.", + "properties": { + "command": { + "description": "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + }, + "failureThreshold": { + "description": "Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.", + "format": "int32", + "type": "integer" + }, + "grpc": { + "description": "GRPC specifies an action involving a GRPC port. This is a beta field and requires enabling GRPCContainerProbe feature gate.", + "properties": { + "port": { + "description": "Port number of the gRPC service. Number must be in the range 1 to 65535.", + "format": "int32", + "type": "integer" + }, + "service": { + "description": "Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). \n If this is not specified, the default behavior is defined by gRPC.", + "type": "string" + } + }, + "required": [ + "port" + ], + "type": "object" + }, + "httpGet": { + "description": "HTTPGet specifies the http request to perform.", + "properties": { + "host": { + "description": "Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead.", + "type": "string" + }, + "httpHeaders": { + "description": "Custom headers to set in the request. HTTP allows repeated headers.", + "items": { + "description": "HTTPHeader describes a custom header to be used in HTTP probes", + "properties": { + "name": { + "description": "The header field name", + "type": "string" + }, + "value": { + "description": "The header field value", + "type": "string" + } + }, + "required": [ + "name", + "value" + ], + "type": "object" + }, + "type": "array" + }, + "path": { + "description": "Path to access on the HTTP server.", + "type": "string" + }, + "port": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "description": "Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.", + "x-kubernetes-int-or-string": true + }, + "scheme": { + "description": "Scheme to use for connecting to the host. Defaults to HTTP.", + "type": "string" + } + }, + "required": [ + "port" + ], + "type": "object" + }, + "initialDelaySeconds": { + "description": "Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes", + "format": "int32", + "type": "integer" + }, + "periodSeconds": { + "description": "How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1.", + "format": "int32", + "type": "integer" + }, + "successThreshold": { + "description": "Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1.", + "format": "int32", + "type": "integer" + }, + "tcpSocket": { + "description": "TCPSocket specifies an action involving a TCP port.", + "properties": { + "host": { + "description": "Optional: Host name to connect to, defaults to the pod IP.", + "type": "string" + }, + "port": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "description": "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.", + "x-kubernetes-int-or-string": true + } + }, + "required": [ + "port" + ], + "type": "object" + }, + "terminationGracePeriodSeconds": { + "description": "Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset.", + "format": "int64", + "type": "integer" + }, + "timeoutSeconds": { + "description": "Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes", + "format": "int32", + "type": "integer" + } + }, + "type": "object" + }, + "stdin": { + "description": "Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false.", + "type": "boolean" + }, + "stdinOnce": { + "description": "Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false", + "type": "boolean" + }, + "terminationMessagePath": { + "description": "Optional: Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated.", + "type": "string" + }, + "terminationMessagePolicy": { + "description": "Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated.", + "type": "string" + }, + "tty": { + "description": "Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. Default is false.", + "type": "boolean" + }, + "volumeDevices": { + "description": "volumeDevices is the list of block devices to be used by the container.", + "items": { + "description": "volumeDevice describes a mapping of a raw block device within a container.", + "properties": { + "devicePath": { + "description": "devicePath is the path inside of the container that the device will be mapped to.", + "type": "string" + }, + "name": { + "description": "name must match the name of a persistentVolumeClaim in the pod", + "type": "string" + } + }, + "required": [ + "devicePath", + "name" + ], + "type": "object" + }, + "type": "array" + }, + "volumeMounts": { + "description": "Pod volumes to mount into the container's filesystem. Cannot be updated.", + "items": { + "description": "VolumeMount describes a mounting of a Volume within a container.", + "properties": { + "mountPath": { + "description": "Path within the container at which the volume should be mounted. Must not contain ':'.", + "type": "string" + }, + "mountPropagation": { + "description": "mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationNone is used. This field is beta in 1.10.", + "type": "string" + }, + "name": { + "description": "This must match the Name of a Volume.", + "type": "string" + }, + "readOnly": { + "description": "Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false.", + "type": "boolean" + }, + "subPath": { + "description": "Path within the volume from which the container's volume should be mounted. Defaults to \"\" (volume's root).", + "type": "string" + }, + "subPathExpr": { + "description": "Expanded path within the volume from which the container's volume should be mounted. Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. Defaults to \"\" (volume's root). SubPathExpr and SubPath are mutually exclusive.", + "type": "string" + } + }, + "required": [ + "mountPath", + "name" + ], + "type": "object" + }, + "type": "array" + }, + "workingDir": { + "description": "Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated.", + "type": "string" + } + }, + "required": [ + "name" + ], + "type": "object" + }, + "type": "array" + }, + "nodeName": { + "description": "NodeName is a request to schedule this pod onto a specific node. If it is non-empty, the scheduler simply schedules this pod onto that node, assuming that it fits resource requirements.", + "type": "string" + }, + "nodeSelector": { + "additionalProperties": { + "type": "string" + }, + "description": "NodeSelector is a selector which must be true for the pod to fit on a node. Selector which must match a node's labels for the pod to be scheduled on that node. More info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/", + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "os": { + "description": "Specifies the OS of the containers in the pod. Some pod and container fields are restricted if this is set. \n If the OS field is set to linux, the following fields must be unset: -securityContext.windowsOptions \n If the OS field is set to windows, following fields must be unset: - spec.hostPID - spec.hostIPC - spec.hostUsers - spec.securityContext.seLinuxOptions - spec.securityContext.seccompProfile - spec.securityContext.fsGroup - spec.securityContext.fsGroupChangePolicy - spec.securityContext.sysctls - spec.shareProcessNamespace - spec.securityContext.runAsUser - spec.securityContext.runAsGroup - spec.securityContext.supplementalGroups - spec.containers[*].securityContext.seLinuxOptions - spec.containers[*].securityContext.seccompProfile - spec.containers[*].securityContext.capabilities - spec.containers[*].securityContext.readOnlyRootFilesystem - spec.containers[*].securityContext.privileged - spec.containers[*].securityContext.allowPrivilegeEscalation - spec.containers[*].securityContext.procMount - spec.containers[*].securityContext.runAsUser - spec.containers[*].securityContext.runAsGroup", + "properties": { + "name": { + "description": "Name is the name of the operating system. The currently supported values are linux and windows. Additional value may be defined in future and can be one of: https://github.com/opencontainers/runtime-spec/blob/master/config.md#platform-specific-configuration Clients should expect to handle additional values and treat unrecognized values in this field as os: null", + "type": "string" + } + }, + "required": [ + "name" + ], + "type": "object" + }, + "overhead": { + "additionalProperties": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "description": "Overhead represents the resource overhead associated with running a pod for a given RuntimeClass. This field will be autopopulated at admission time by the RuntimeClass admission controller. If the RuntimeClass admission controller is enabled, overhead must not be set in Pod create requests. The RuntimeClass admission controller will reject Pod create requests which have the overhead already set. If RuntimeClass is configured and selected in the PodSpec, Overhead will be set to the value defined in the corresponding RuntimeClass, otherwise it will remain unset and treated as zero. More info: https://git.k8s.io/enhancements/keps/sig-node/688-pod-overhead/README.md", + "type": "object" + }, + "preemptionPolicy": { + "description": "PreemptionPolicy is the Policy for preempting pods with lower priority. One of Never, PreemptLowerPriority. Defaults to PreemptLowerPriority if unset.", + "type": "string" + }, + "priority": { + "description": "The priority value. Various system components use this field to find the priority of the pod. When Priority Admission Controller is enabled, it prevents users from setting this field. The admission controller populates this field from PriorityClassName. The higher the value, the higher the priority.", + "format": "int32", + "type": "integer" + }, + "priorityClassName": { + "description": "If specified, indicates the pod's priority. \"system-node-critical\" and \"system-cluster-critical\" are two special keywords which indicate the highest priorities with the former being the highest priority. Any other name must be defined by creating a PriorityClass object with that name. If not specified, the pod priority will be default or zero if there is no default.", + "type": "string" + }, + "readinessGates": { + "description": "If specified, all readiness gates will be evaluated for pod readiness. A pod is ready when all its containers are ready AND all conditions specified in the readiness gates have status equal to \"True\" More info: https://git.k8s.io/enhancements/keps/sig-network/580-pod-readiness-gates", + "items": { + "description": "PodReadinessGate contains the reference to a pod condition", + "properties": { + "conditionType": { + "description": "ConditionType refers to a condition in the pod's condition list with matching type.", + "type": "string" + } + }, + "required": [ + "conditionType" + ], + "type": "object" + }, + "type": "array" + }, + "resourceClaims": { + "description": "ResourceClaims defines which ResourceClaims must be allocated and reserved before the Pod is allowed to start. The resources will be made available to those containers which consume them by name. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable.", + "items": { + "description": "PodResourceClaim references exactly one ResourceClaim through a ClaimSource. It adds a name to it that uniquely identifies the ResourceClaim inside the Pod. Containers that need access to the ResourceClaim reference it with this name.", + "properties": { + "name": { + "description": "Name uniquely identifies this resource claim inside the pod. This must be a DNS_LABEL.", + "type": "string" + }, + "source": { + "description": "Source describes where to find the ResourceClaim.", + "properties": { + "resourceClaimName": { + "description": "ResourceClaimName is the name of a ResourceClaim object in the same namespace as this pod.", + "type": "string" + }, + "resourceClaimTemplateName": { + "description": "ResourceClaimTemplateName is the name of a ResourceClaimTemplate object in the same namespace as this pod. \n The template will be used to create a new ResourceClaim, which will be bound to this pod. When this pod is deleted, the ResourceClaim will also be deleted. The name of the ResourceClaim will be -, where is the PodResourceClaim.Name. Pod validation will reject the pod if the concatenated name is not valid for a ResourceClaim (e.g. too long). \n An existing ResourceClaim with that name that is not owned by the pod will not be used for the pod to avoid using an unrelated resource by mistake. Scheduling and pod startup are then blocked until the unrelated ResourceClaim is removed. \n This field is immutable and no changes will be made to the corresponding ResourceClaim by the control plane after creating the ResourceClaim.", + "type": "string" + } + }, + "type": "object" + } + }, + "required": [ + "name" + ], + "type": "object" + }, + "type": "array", + "x-kubernetes-list-map-keys": [ + "name" + ], + "x-kubernetes-list-type": "map" + }, + "restartPolicy": { + "description": "Restart policy for all containers within the pod. One of Always, OnFailure, Never. Default to Always. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#restart-policy", + "type": "string" + }, + "runtimeClassName": { + "description": "RuntimeClassName refers to a RuntimeClass object in the node.k8s.io group, which should be used to run this pod. If no RuntimeClass resource matches the named class, the pod will not be run. If unset or empty, the \"legacy\" RuntimeClass will be used, which is an implicit class with an empty definition that uses the default runtime handler. More info: https://git.k8s.io/enhancements/keps/sig-node/585-runtime-class", + "type": "string" + }, + "schedulerName": { + "description": "If specified, the pod will be dispatched by specified scheduler. If not specified, the pod will be dispatched by default scheduler.", + "type": "string" + }, + "schedulingGates": { + "description": "SchedulingGates is an opaque list of values that if specified will block scheduling the pod. More info: https://git.k8s.io/enhancements/keps/sig-scheduling/3521-pod-scheduling-readiness. \n This is an alpha-level feature enabled by PodSchedulingReadiness feature gate.", + "items": { + "description": "PodSchedulingGate is associated to a Pod to guard its scheduling.", + "properties": { + "name": { + "description": "Name of the scheduling gate. Each scheduling gate must have a unique name field.", + "type": "string" + } + }, + "required": [ + "name" + ], + "type": "object" + }, + "type": "array", + "x-kubernetes-list-map-keys": [ + "name" + ], + "x-kubernetes-list-type": "map" + }, + "securityContext": { + "description": "SecurityContext holds pod-level security attributes and common container settings. Optional: Defaults to empty. See type description for default values of each field.", + "properties": { + "fsGroup": { + "description": "A special supplemental group that applies to all containers in a pod. Some volume types allow the Kubelet to change the ownership of that volume to be owned by the pod: \n 1. The owning GID will be the FSGroup 2. The setgid bit is set (new files created in the volume will be owned by FSGroup) 3. The permission bits are OR'd with rw-rw---- \n If unset, the Kubelet will not modify the ownership and permissions of any volume. Note that this field cannot be set when spec.os.name is windows.", + "format": "int64", + "type": "integer" + }, + "fsGroupChangePolicy": { + "description": "fsGroupChangePolicy defines behavior of changing ownership and permission of the volume before being exposed inside Pod. This field will only apply to volume types which support fsGroup based ownership(and permissions). It will have no effect on ephemeral volume types such as: secret, configmaps and emptydir. Valid values are \"OnRootMismatch\" and \"Always\". If not specified, \"Always\" is used. Note that this field cannot be set when spec.os.name is windows.", + "type": "string" + }, + "runAsGroup": { + "description": "The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container. Note that this field cannot be set when spec.os.name is windows.", + "format": "int64", + "type": "integer" + }, + "runAsNonRoot": { + "description": "Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.", + "type": "boolean" + }, + "runAsUser": { + "description": "The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container. Note that this field cannot be set when spec.os.name is windows.", + "format": "int64", + "type": "integer" + }, + "seLinuxOptions": { + "description": "The SELinux context to be applied to all containers. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container. Note that this field cannot be set when spec.os.name is windows.", + "properties": { + "level": { + "description": "Level is SELinux level label that applies to the container.", + "type": "string" + }, + "role": { + "description": "Role is a SELinux role label that applies to the container.", + "type": "string" + }, + "type": { + "description": "Type is a SELinux type label that applies to the container.", + "type": "string" + }, + "user": { + "description": "User is a SELinux user label that applies to the container.", + "type": "string" + } + }, + "type": "object" + }, + "seccompProfile": { + "description": "The seccomp options to use by the containers in this pod. Note that this field cannot be set when spec.os.name is windows.", + "properties": { + "localhostProfile": { + "description": "localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must only be set if type is \"Localhost\".", + "type": "string" + }, + "type": { + "description": "type indicates which kind of seccomp profile will be applied. Valid options are: \n Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied.", + "type": "string" + } + }, + "required": [ + "type" + ], + "type": "object" + }, + "supplementalGroups": { + "description": "A list of groups applied to the first process run in each container, in addition to the container's primary GID, the fsGroup (if specified), and group memberships defined in the container image for the uid of the container process. If unspecified, no additional groups are added to any container. Note that group memberships defined in the container image for the uid of the container process are still effective, even if they are not included in this list. Note that this field cannot be set when spec.os.name is windows.", + "items": { + "format": "int64", + "type": "integer" + }, + "type": "array" + }, + "sysctls": { + "description": "Sysctls hold a list of namespaced sysctls used for the pod. Pods with unsupported sysctls (by the container runtime) might fail to launch. Note that this field cannot be set when spec.os.name is windows.", + "items": { + "description": "Sysctl defines a kernel parameter to be set", + "properties": { + "name": { + "description": "Name of a property to set", + "type": "string" + }, + "value": { + "description": "Value of a property to set", + "type": "string" + } + }, + "required": [ + "name", + "value" + ], + "type": "object" + }, + "type": "array" + }, + "windowsOptions": { + "description": "The Windows specific settings applied to all containers. If unspecified, the options within a container's SecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is linux.", + "properties": { + "gmsaCredentialSpec": { + "description": "GMSACredentialSpec is where the GMSA admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the GMSA credential spec named by the GMSACredentialSpecName field.", + "type": "string" + }, + "gmsaCredentialSpecName": { + "description": "GMSACredentialSpecName is the name of the GMSA credential spec to use.", + "type": "string" + }, + "hostProcess": { + "description": "HostProcess determines if a container should be run as a 'Host Process' container. This field is alpha-level and will only be honored by components that enable the WindowsHostProcessContainers feature flag. Setting this field without the feature flag will result in errors when validating the Pod. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.", + "type": "boolean" + }, + "runAsUserName": { + "description": "The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.", + "type": "string" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "serviceAccount": { + "description": "DeprecatedServiceAccount is a depreciated alias for ServiceAccountName. Deprecated: Use serviceAccountName instead.", + "type": "string" + }, + "serviceAccountName": { + "description": "ServiceAccountName is the name of the ServiceAccount to use to run this pod. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/", + "type": "string" + }, + "setHostnameAsFQDN": { + "description": "If true the pod's hostname will be configured as the pod's FQDN, rather than the leaf name (the default). In Linux containers, this means setting the FQDN in the hostname field of the kernel (the nodename field of struct utsname). In Windows containers, this means setting the registry value of hostname for the registry key HKEY_LOCAL_MACHINE\\\\SYSTEM\\\\CurrentControlSet\\\\Services\\\\Tcpip\\\\Parameters to FQDN. If a pod does not have FQDN, this has no effect. Default to false.", + "type": "boolean" + }, + "shareProcessNamespace": { + "description": "Share a single process namespace between all of the containers in a pod. When this is set containers will be able to view and signal processes from other containers in the same pod, and the first process in each container will not be assigned PID 1. HostPID and ShareProcessNamespace cannot both be set. Optional: Default to false.", + "type": "boolean" + }, + "subdomain": { + "description": "If specified, the fully qualified Pod hostname will be \"...svc.\". If not specified, the pod will not have a domainname at all.", + "type": "string" + }, + "terminationGracePeriodSeconds": { + "description": "Optional duration in seconds the pod needs to terminate gracefully. May be decreased in delete request. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). If this value is nil, the default grace period will be used instead. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. Defaults to 30 seconds.", + "format": "int64", + "type": "integer" + }, + "tolerations": { + "description": "If specified, the pod's tolerations.", + "items": { + "description": "The pod this Toleration is attached to tolerates any taint that matches the triple using the matching operator .", + "properties": { + "effect": { + "description": "Effect indicates the taint effect to match. Empty means match all taint effects. When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute.", + "type": "string" + }, + "key": { + "description": "Key is the taint key that the toleration applies to. Empty means match all taint keys. If the key is empty, operator must be Exists; this combination means to match all values and all keys.", + "type": "string" + }, + "operator": { + "description": "Operator represents a key's relationship to the value. Valid operators are Exists and Equal. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category.", + "type": "string" + }, + "tolerationSeconds": { + "description": "TolerationSeconds represents the period of time the toleration (which must be of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, it is not set, which means tolerate the taint forever (do not evict). Zero and negative values will be treated as 0 (evict immediately) by the system.", + "format": "int64", + "type": "integer" + }, + "value": { + "description": "Value is the taint value the toleration matches to. If the operator is Exists, the value should be empty, otherwise just a regular string.", + "type": "string" + } + }, + "type": "object" + }, + "type": "array" + }, + "topologySpreadConstraints": { + "description": "TopologySpreadConstraints describes how a group of pods ought to spread across topology domains. Scheduler will schedule pods in a way which abides by the constraints. All topologySpreadConstraints are ANDed.", + "items": { + "description": "TopologySpreadConstraint specifies how to spread matching pods among the given topology.", + "properties": { + "labelSelector": { + "description": "LabelSelector is used to find matching pods. Pods that match this label selector are counted to determine the number of pods in their corresponding topology domain.", + "properties": { + "matchExpressions": { + "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", + "items": { + "description": "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.", + "properties": { + "key": { + "description": "key is the label key that the selector applies to.", + "type": "string" + }, + "operator": { + "description": "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.", + "type": "string" + }, + "values": { + "description": "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array" + }, + "matchLabels": { + "additionalProperties": { + "type": "string" + }, + "description": "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", + "type": "object" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "matchLabelKeys": { + "description": "MatchLabelKeys is a set of pod label keys to select the pods over which spreading will be calculated. The keys are used to lookup values from the incoming pod labels, those key-value labels are ANDed with labelSelector to select the group of existing pods over which spreading will be calculated for the incoming pod. Keys that don't exist in the incoming pod labels will be ignored. A null or empty list means only match against labelSelector.", + "items": { + "type": "string" + }, + "type": "array", + "x-kubernetes-list-type": "atomic" + }, + "maxSkew": { + "description": "MaxSkew describes the degree to which pods may be unevenly distributed. When `whenUnsatisfiable=DoNotSchedule`, it is the maximum permitted difference between the number of matching pods in the target topology and the global minimum. The global minimum is the minimum number of matching pods in an eligible domain or zero if the number of eligible domains is less than MinDomains. For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same labelSelector spread as 2/2/1: In this case, the global minimum is 1. | zone1 | zone2 | zone3 | | P P | P P | P | - if MaxSkew is 1, incoming pod can only be scheduled to zone3 to become 2/2/2; scheduling it onto zone1(zone2) would make the ActualSkew(3-1) on zone1(zone2) violate MaxSkew(1). - if MaxSkew is 2, incoming pod can be scheduled onto any zone. When `whenUnsatisfiable=ScheduleAnyway`, it is used to give higher precedence to topologies that satisfy it. It's a required field. Default value is 1 and 0 is not allowed.", + "format": "int32", + "type": "integer" + }, + "minDomains": { + "description": "MinDomains indicates a minimum number of eligible domains. When the number of eligible domains with matching topology keys is less than minDomains, Pod Topology Spread treats \"global minimum\" as 0, and then the calculation of Skew is performed. And when the number of eligible domains with matching topology keys equals or greater than minDomains, this value has no effect on scheduling. As a result, when the number of eligible domains is less than minDomains, scheduler won't schedule more than maxSkew Pods to those domains. If value is nil, the constraint behaves as if MinDomains is equal to 1. Valid values are integers greater than 0. When value is not nil, WhenUnsatisfiable must be DoNotSchedule. \n For example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same labelSelector spread as 2/2/2: | zone1 | zone2 | zone3 | | P P | P P | P P | The number of domains is less than 5(MinDomains), so \"global minimum\" is treated as 0. In this situation, new pod with the same labelSelector cannot be scheduled, because computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones, it will violate MaxSkew. \n This is a beta field and requires the MinDomainsInPodTopologySpread feature gate to be enabled (enabled by default).", + "format": "int32", + "type": "integer" + }, + "nodeAffinityPolicy": { + "description": "NodeAffinityPolicy indicates how we will treat Pod's nodeAffinity/nodeSelector when calculating pod topology spread skew. Options are: - Honor: only nodes matching nodeAffinity/nodeSelector are included in the calculations. - Ignore: nodeAffinity/nodeSelector are ignored. All nodes are included in the calculations. \n If this value is nil, the behavior is equivalent to the Honor policy. This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag.", + "type": "string" + }, + "nodeTaintsPolicy": { + "description": "NodeTaintsPolicy indicates how we will treat node taints when calculating pod topology spread skew. Options are: - Honor: nodes without taints, along with tainted nodes for which the incoming pod has a toleration, are included. - Ignore: node taints are ignored. All nodes are included. \n If this value is nil, the behavior is equivalent to the Ignore policy. This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag.", + "type": "string" + }, + "topologyKey": { + "description": "TopologyKey is the key of node labels. Nodes that have a label with this key and identical values are considered to be in the same topology. We consider each as a \"bucket\", and try to put balanced number of pods into each bucket. We define a domain as a particular instance of a topology. Also, we define an eligible domain as a domain whose nodes meet the requirements of nodeAffinityPolicy and nodeTaintsPolicy. e.g. If TopologyKey is \"kubernetes.io/hostname\", each Node is a domain of that topology. And, if TopologyKey is \"topology.kubernetes.io/zone\", each zone is a domain of that topology. It's a required field.", + "type": "string" + }, + "whenUnsatisfiable": { + "description": "WhenUnsatisfiable indicates how to deal with a pod if it doesn't satisfy the spread constraint. - DoNotSchedule (default) tells the scheduler not to schedule it. - ScheduleAnyway tells the scheduler to schedule the pod in any location, but giving higher precedence to topologies that would help reduce the skew. A constraint is considered \"Unsatisfiable\" for an incoming pod if and only if every possible node assignment for that pod would violate \"MaxSkew\" on some topology. For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same labelSelector spread as 3/1/1: | zone1 | zone2 | zone3 | | P P P | P | P | If WhenUnsatisfiable is set to DoNotSchedule, incoming pod can only be scheduled to zone2(zone3) to become 3/2/1(3/1/2) as ActualSkew(2-1) on zone2(zone3) satisfies MaxSkew(1). In other words, the cluster can still be imbalanced, but scheduler won't make it *more* imbalanced. It's a required field.", + "type": "string" + } + }, + "required": [ + "maxSkew", + "topologyKey", + "whenUnsatisfiable" + ], + "type": "object" + }, + "type": "array" + }, + "volumes": { + "description": "List of volumes that can be mounted by containers belonging to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes", + "items": { + "description": "Volume represents a named volume in a pod that may be accessed by any container in the pod.", + "properties": { + "awsElasticBlockStore": { + "description": "awsElasticBlockStore represents an AWS Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore", + "properties": { + "fsType": { + "description": "fsType is the filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore TODO: how do we prevent errors in the filesystem from compromising the machine", + "type": "string" + }, + "partition": { + "description": "partition is the partition in the volume that you want to mount. If omitted, the default is to mount by volume name. Examples: For volume /dev/sda1, you specify the partition as \"1\". Similarly, the volume partition for /dev/sda is \"0\" (or you can leave the property empty).", + "format": "int32", + "type": "integer" + }, + "readOnly": { + "description": "readOnly value true will force the readOnly setting in VolumeMounts. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore", + "type": "boolean" + }, + "volumeID": { + "description": "volumeID is unique ID of the persistent disk resource in AWS (Amazon EBS volume). More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore", + "type": "string" + } + }, + "required": [ + "volumeID" + ], + "type": "object" + }, + "azureDisk": { + "description": "azureDisk represents an Azure Data Disk mount on the host and bind mount to the pod.", + "properties": { + "cachingMode": { + "description": "cachingMode is the Host Caching mode: None, Read Only, Read Write.", + "type": "string" + }, + "diskName": { + "description": "diskName is the Name of the data disk in the blob storage", + "type": "string" + }, + "diskURI": { + "description": "diskURI is the URI of data disk in the blob storage", + "type": "string" + }, + "fsType": { + "description": "fsType is Filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.", + "type": "string" + }, + "kind": { + "description": "kind expected values are Shared: multiple blob disks per storage account Dedicated: single blob disk per storage account Managed: azure managed data disk (only in managed availability set). defaults to shared", + "type": "string" + }, + "readOnly": { + "description": "readOnly Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts.", + "type": "boolean" + } + }, + "required": [ + "diskName", + "diskURI" + ], + "type": "object" + }, + "azureFile": { + "description": "azureFile represents an Azure File Service mount on the host and bind mount to the pod.", + "properties": { + "readOnly": { + "description": "readOnly defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts.", + "type": "boolean" + }, + "secretName": { + "description": "secretName is the name of secret that contains Azure Storage Account Name and Key", + "type": "string" + }, + "shareName": { + "description": "shareName is the azure share Name", + "type": "string" + } + }, + "required": [ + "secretName", + "shareName" + ], + "type": "object" + }, + "cephfs": { + "description": "cephFS represents a Ceph FS mount on the host that shares a pod's lifetime", + "properties": { + "monitors": { + "description": "monitors is Required: Monitors is a collection of Ceph monitors More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it", + "items": { + "type": "string" + }, + "type": "array" + }, + "path": { + "description": "path is Optional: Used as the mounted root, rather than the full Ceph tree, default is /", + "type": "string" + }, + "readOnly": { + "description": "readOnly is Optional: Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it", + "type": "boolean" + }, + "secretFile": { + "description": "secretFile is Optional: SecretFile is the path to key ring for User, default is /etc/ceph/user.secret More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it", + "type": "string" + }, + "secretRef": { + "description": "secretRef is Optional: SecretRef is reference to the authentication secret for User, default is empty. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it", + "properties": { + "name": { + "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?", + "type": "string" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "user": { + "description": "user is optional: User is the rados user name, default is admin More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it", + "type": "string" + } + }, + "required": [ + "monitors" + ], + "type": "object" + }, + "cinder": { + "description": "cinder represents a cinder volume attached and mounted on kubelets host machine. More info: https://examples.k8s.io/mysql-cinder-pd/README.md", + "properties": { + "fsType": { + "description": "fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Examples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified. More info: https://examples.k8s.io/mysql-cinder-pd/README.md", + "type": "string" + }, + "readOnly": { + "description": "readOnly defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts. More info: https://examples.k8s.io/mysql-cinder-pd/README.md", + "type": "boolean" + }, + "secretRef": { + "description": "secretRef is optional: points to a secret object containing parameters used to connect to OpenStack.", + "properties": { + "name": { + "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?", + "type": "string" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "volumeID": { + "description": "volumeID used to identify the volume in cinder. More info: https://examples.k8s.io/mysql-cinder-pd/README.md", + "type": "string" + } + }, + "required": [ + "volumeID" + ], + "type": "object" + }, + "configMap": { + "description": "configMap represents a configMap that should populate this volume", + "properties": { + "defaultMode": { + "description": "defaultMode is optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.", + "format": "int32", + "type": "integer" + }, + "items": { + "description": "items if unspecified, each key-value pair in the Data field of the referenced ConfigMap will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the ConfigMap, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'.", + "items": { + "description": "Maps a string key to a path within a volume.", + "properties": { + "key": { + "description": "key is the key to project.", + "type": "string" + }, + "mode": { + "description": "mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.", + "format": "int32", + "type": "integer" + }, + "path": { + "description": "path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'.", + "type": "string" + } + }, + "required": [ + "key", + "path" + ], + "type": "object" + }, + "type": "array" + }, + "name": { + "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?", + "type": "string" + }, + "optional": { + "description": "optional specify whether the ConfigMap or its keys must be defined", + "type": "boolean" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "csi": { + "description": "csi (Container Storage Interface) represents ephemeral storage that is handled by certain external CSI drivers (Beta feature).", + "properties": { + "driver": { + "description": "driver is the name of the CSI driver that handles this volume. Consult with your admin for the correct name as registered in the cluster.", + "type": "string" + }, + "fsType": { + "description": "fsType to mount. Ex. \"ext4\", \"xfs\", \"ntfs\". If not provided, the empty value is passed to the associated CSI driver which will determine the default filesystem to apply.", + "type": "string" + }, + "nodePublishSecretRef": { + "description": "nodePublishSecretRef is a reference to the secret object containing sensitive information to pass to the CSI driver to complete the CSI NodePublishVolume and NodeUnpublishVolume calls. This field is optional, and may be empty if no secret is required. If the secret object contains more than one secret, all secret references are passed.", + "properties": { + "name": { + "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?", + "type": "string" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "readOnly": { + "description": "readOnly specifies a read-only configuration for the volume. Defaults to false (read/write).", + "type": "boolean" + }, + "volumeAttributes": { + "additionalProperties": { + "type": "string" + }, + "description": "volumeAttributes stores driver-specific properties that are passed to the CSI driver. Consult your driver's documentation for supported values.", + "type": "object" + } + }, + "required": [ + "driver" + ], + "type": "object" + }, + "downwardAPI": { + "description": "downwardAPI represents downward API about the pod that should populate this volume", + "properties": { + "defaultMode": { + "description": "Optional: mode bits to use on created files by default. Must be a Optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.", + "format": "int32", + "type": "integer" + }, + "items": { + "description": "Items is a list of downward API volume file", + "items": { + "description": "DownwardAPIVolumeFile represents information to create the file containing the pod field", + "properties": { + "fieldRef": { + "description": "Required: Selects a field of the pod: only annotations, labels, name and namespace are supported.", + "properties": { + "apiVersion": { + "description": "Version of the schema the FieldPath is written in terms of, defaults to \"v1\".", + "type": "string" + }, + "fieldPath": { + "description": "Path of the field to select in the specified API version.", + "type": "string" + } + }, + "required": [ + "fieldPath" + ], + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "mode": { + "description": "Optional: mode bits used to set permissions on this file, must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.", + "format": "int32", + "type": "integer" + }, + "path": { + "description": "Required: Path is the relative path name of the file to be created. Must not be absolute or contain the '..' path. Must be utf-8 encoded. The first item of the relative path must not start with '..'", + "type": "string" + }, + "resourceFieldRef": { + "description": "Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported.", + "properties": { + "containerName": { + "description": "Container name: required for volumes, optional for env vars", + "type": "string" + }, + "divisor": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "description": "Specifies the output format of the exposed resources, defaults to \"1\"", + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "resource": { + "description": "Required: resource to select", + "type": "string" + } + }, + "required": [ + "resource" + ], + "type": "object", + "x-kubernetes-map-type": "atomic" + } + }, + "required": [ + "path" + ], + "type": "object" + }, + "type": "array" + } + }, + "type": "object" + }, + "emptyDir": { + "description": "emptyDir represents a temporary directory that shares a pod's lifetime. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir", + "properties": { + "medium": { + "description": "medium represents what type of storage medium should back this directory. The default is \"\" which means to use the node's default medium. Must be an empty string (default) or Memory. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir", + "type": "string" + }, + "sizeLimit": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "description": "sizeLimit is the total amount of local storage required for this EmptyDir volume. The size limit is also applicable for memory medium. The maximum usage on memory medium EmptyDir would be the minimum value between the SizeLimit specified here and the sum of memory limits of all containers in a pod. The default is nil which means that the limit is undefined. More info: http://kubernetes.io/docs/user-guide/volumes#emptydir", + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + } + }, + "type": "object" + }, + "ephemeral": { + "description": "ephemeral represents a volume that is handled by a cluster storage driver. The volume's lifecycle is tied to the pod that defines it - it will be created before the pod starts, and deleted when the pod is removed. \n Use this if: a) the volume is only needed while the pod runs, b) features of normal volumes like restoring from snapshot or capacity tracking are needed, c) the storage driver is specified through a storage class, and d) the storage driver supports dynamic volume provisioning through a PersistentVolumeClaim (see EphemeralVolumeSource for more information on the connection between this volume type and PersistentVolumeClaim). \n Use PersistentVolumeClaim or one of the vendor-specific APIs for volumes that persist for longer than the lifecycle of an individual pod. \n Use CSI for light-weight local ephemeral volumes if the CSI driver is meant to be used that way - see the documentation of the driver for more information. \n A pod can use both types of ephemeral volumes and persistent volumes at the same time.", + "properties": { + "volumeClaimTemplate": { + "description": "Will be used to create a stand-alone PVC to provision the volume. The pod in which this EphemeralVolumeSource is embedded will be the owner of the PVC, i.e. the PVC will be deleted together with the pod. The name of the PVC will be `-` where `` is the name from the `PodSpec.Volumes` array entry. Pod validation will reject the pod if the concatenated name is not valid for a PVC (for example, too long). \n An existing PVC with that name that is not owned by the pod will *not* be used for the pod to avoid using an unrelated volume by mistake. Starting the pod is then blocked until the unrelated PVC is removed. If such a pre-created PVC is meant to be used by the pod, the PVC has to updated with an owner reference to the pod once the pod exists. Normally this should not be necessary, but it may be useful when manually reconstructing a broken cluster. \n This field is read-only and no changes will be made by Kubernetes to the PVC after it has been created. \n Required, must not be nil.", + "properties": { + "metadata": { + "description": "May contain labels and annotations that will be copied into the PVC when creating it. No other fields are allowed and will be rejected during validation.", + "properties": { + "annotations": { + "additionalProperties": { + "type": "string" + }, + "type": "object" + }, + "finalizers": { + "items": { + "type": "string" + }, + "type": "array" + }, + "labels": { + "additionalProperties": { + "type": "string" + }, + "type": "object" + }, + "name": { + "type": "string" + }, + "namespace": { + "type": "string" + } + }, + "type": "object" + }, + "spec": { + "description": "The specification for the PersistentVolumeClaim. The entire content is copied unchanged into the PVC that gets created from this template. The same fields as in a PersistentVolumeClaim are also valid here.", + "properties": { + "accessModes": { + "description": "accessModes contains the desired access modes the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1", + "items": { + "type": "string" + }, + "type": "array" + }, + "dataSource": { + "description": "dataSource field can be used to specify either: * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) * An existing PVC (PersistentVolumeClaim) If the provisioner or an external controller can support the specified data source, it will create a new volume based on the contents of the specified data source. When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. If the namespace is specified, then dataSourceRef will not be copied to dataSource.", + "properties": { + "apiGroup": { + "description": "APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required.", + "type": "string" + }, + "kind": { + "description": "Kind is the type of resource being referenced", + "type": "string" + }, + "name": { + "description": "Name is the name of resource being referenced", + "type": "string" + } + }, + "required": [ + "kind", + "name" + ], + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "dataSourceRef": { + "description": "dataSourceRef specifies the object from which to populate the volume with data, if a non-empty volume is desired. This may be any object from a non-empty API group (non core object) or a PersistentVolumeClaim object. When this field is specified, volume binding will only succeed if the type of the specified object matches some installed volume populator or dynamic provisioner. This field will replace the functionality of the dataSource field and as such if both fields are non-empty, they must have the same value. For backwards compatibility, when namespace isn't specified in dataSourceRef, both fields (dataSource and dataSourceRef) will be set to the same value automatically if one of them is empty and the other is non-empty. When namespace is specified in dataSourceRef, dataSource isn't set to the same value and must be empty. There are three important differences between dataSource and dataSourceRef: * While dataSource only allows two specific types of objects, dataSourceRef allows any non-core object, as well as PersistentVolumeClaim objects. * While dataSource ignores disallowed values (dropping them), dataSourceRef preserves all values, and generates an error if a disallowed value is specified. * While dataSource only allows local objects, dataSourceRef allows objects in any namespaces. (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled.", + "properties": { + "apiGroup": { + "description": "APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required.", + "type": "string" + }, + "kind": { + "description": "Kind is the type of resource being referenced", + "type": "string" + }, + "name": { + "description": "Name is the name of resource being referenced", + "type": "string" + }, + "namespace": { + "description": "Namespace is the namespace of resource being referenced Note that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details. (Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled.", + "type": "string" + } + }, + "required": [ + "kind", + "name" + ], + "type": "object" + }, + "resources": { + "description": "resources represents the minimum resources the volume should have. If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements that are lower than previous value but must still be higher than capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources", + "properties": { + "claims": { + "description": "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers.", + "items": { + "description": "ResourceClaim references one entry in PodSpec.ResourceClaims.", + "properties": { + "name": { + "description": "Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container.", + "type": "string" + } + }, + "required": [ + "name" + ], + "type": "object" + }, + "type": "array", + "x-kubernetes-list-map-keys": [ + "name" + ], + "x-kubernetes-list-type": "map" + }, + "limits": { + "additionalProperties": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "description": "Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/", + "type": "object" + }, + "requests": { + "additionalProperties": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "description": "Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/", + "type": "object" + } + }, + "type": "object" + }, + "selector": { + "description": "selector is a label query over volumes to consider for binding.", + "properties": { + "matchExpressions": { + "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", + "items": { + "description": "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.", + "properties": { + "key": { + "description": "key is the label key that the selector applies to.", + "type": "string" + }, + "operator": { + "description": "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.", + "type": "string" + }, + "values": { + "description": "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array" + }, + "matchLabels": { + "additionalProperties": { + "type": "string" + }, + "description": "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", + "type": "object" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "storageClassName": { + "description": "storageClassName is the name of the StorageClass required by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1", + "type": "string" + }, + "volumeMode": { + "description": "volumeMode defines what type of volume is required by the claim. Value of Filesystem is implied when not included in claim spec.", + "type": "string" + }, + "volumeName": { + "description": "volumeName is the binding reference to the PersistentVolume backing this claim.", + "type": "string" + } + }, + "type": "object" + } + }, + "required": [ + "spec" + ], + "type": "object" + } + }, + "type": "object" + }, + "fc": { + "description": "fc represents a Fibre Channel resource that is attached to a kubelet's host machine and then exposed to the pod.", + "properties": { + "fsType": { + "description": "fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified. TODO: how do we prevent errors in the filesystem from compromising the machine", + "type": "string" + }, + "lun": { + "description": "lun is Optional: FC target lun number", + "format": "int32", + "type": "integer" + }, + "readOnly": { + "description": "readOnly is Optional: Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts.", + "type": "boolean" + }, + "targetWWNs": { + "description": "targetWWNs is Optional: FC target worldwide names (WWNs)", + "items": { + "type": "string" + }, + "type": "array" + }, + "wwids": { + "description": "wwids Optional: FC volume world wide identifiers (wwids) Either wwids or combination of targetWWNs and lun must be set, but not both simultaneously.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + }, + "flexVolume": { + "description": "flexVolume represents a generic volume resource that is provisioned/attached using an exec based plugin.", + "properties": { + "driver": { + "description": "driver is the name of the driver to use for this volume.", + "type": "string" + }, + "fsType": { + "description": "fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. \"ext4\", \"xfs\", \"ntfs\". The default filesystem depends on FlexVolume script.", + "type": "string" + }, + "options": { + "additionalProperties": { + "type": "string" + }, + "description": "options is Optional: this field holds extra command options if any.", + "type": "object" + }, + "readOnly": { + "description": "readOnly is Optional: defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts.", + "type": "boolean" + }, + "secretRef": { + "description": "secretRef is Optional: secretRef is reference to the secret object containing sensitive information to pass to the plugin scripts. This may be empty if no secret object is specified. If the secret object contains more than one secret, all secrets are passed to the plugin scripts.", + "properties": { + "name": { + "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?", + "type": "string" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + } + }, + "required": [ + "driver" + ], + "type": "object" + }, + "flocker": { + "description": "flocker represents a Flocker volume attached to a kubelet's host machine. This depends on the Flocker control service being running", + "properties": { + "datasetName": { + "description": "datasetName is Name of the dataset stored as metadata -> name on the dataset for Flocker should be considered as deprecated", + "type": "string" + }, + "datasetUUID": { + "description": "datasetUUID is the UUID of the dataset. This is unique identifier of a Flocker dataset", + "type": "string" + } + }, + "type": "object" + }, + "gcePersistentDisk": { + "description": "gcePersistentDisk represents a GCE Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk", + "properties": { + "fsType": { + "description": "fsType is filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk TODO: how do we prevent errors in the filesystem from compromising the machine", + "type": "string" + }, + "partition": { + "description": "partition is the partition in the volume that you want to mount. If omitted, the default is to mount by volume name. Examples: For volume /dev/sda1, you specify the partition as \"1\". Similarly, the volume partition for /dev/sda is \"0\" (or you can leave the property empty). More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk", + "format": "int32", + "type": "integer" + }, + "pdName": { + "description": "pdName is unique name of the PD resource in GCE. Used to identify the disk in GCE. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk", + "type": "string" + }, + "readOnly": { + "description": "readOnly here will force the ReadOnly setting in VolumeMounts. Defaults to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk", + "type": "boolean" + } + }, + "required": [ + "pdName" + ], + "type": "object" + }, + "gitRepo": { + "description": "gitRepo represents a git repository at a particular revision. DEPRECATED: GitRepo is deprecated. To provision a container with a git repo, mount an EmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir into the Pod's container.", + "properties": { + "directory": { + "description": "directory is the target directory name. Must not contain or start with '..'. If '.' is supplied, the volume directory will be the git repository. Otherwise, if specified, the volume will contain the git repository in the subdirectory with the given name.", + "type": "string" + }, + "repository": { + "description": "repository is the URL", + "type": "string" + }, + "revision": { + "description": "revision is the commit hash for the specified revision.", + "type": "string" + } + }, + "required": [ + "repository" + ], + "type": "object" + }, + "glusterfs": { + "description": "glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime. More info: https://examples.k8s.io/volumes/glusterfs/README.md", + "properties": { + "endpoints": { + "description": "endpoints is the endpoint name that details Glusterfs topology. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod", + "type": "string" + }, + "path": { + "description": "path is the Glusterfs volume path. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod", + "type": "string" + }, + "readOnly": { + "description": "readOnly here will force the Glusterfs volume to be mounted with read-only permissions. Defaults to false. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod", + "type": "boolean" + } + }, + "required": [ + "endpoints", + "path" + ], + "type": "object" + }, + "hostPath": { + "description": "hostPath represents a pre-existing file or directory on the host machine that is directly exposed to the container. This is generally used for system agents or other privileged things that are allowed to see the host machine. Most containers will NOT need this. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath --- TODO(jonesdl) We need to restrict who can use host directory mounts and who can/can not mount host directories as read/write.", + "properties": { + "path": { + "description": "path of the directory on the host. If the path is a symlink, it will follow the link to the real path. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath", + "type": "string" + }, + "type": { + "description": "type for HostPath Volume Defaults to \"\" More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath", + "type": "string" + } + }, + "required": [ + "path" + ], + "type": "object" + }, + "iscsi": { + "description": "iscsi represents an ISCSI Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://examples.k8s.io/volumes/iscsi/README.md", + "properties": { + "chapAuthDiscovery": { + "description": "chapAuthDiscovery defines whether support iSCSI Discovery CHAP authentication", + "type": "boolean" + }, + "chapAuthSession": { + "description": "chapAuthSession defines whether support iSCSI Session CHAP authentication", + "type": "boolean" + }, + "fsType": { + "description": "fsType is the filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi TODO: how do we prevent errors in the filesystem from compromising the machine", + "type": "string" + }, + "initiatorName": { + "description": "initiatorName is the custom iSCSI Initiator Name. If initiatorName is specified with iscsiInterface simultaneously, new iSCSI interface : will be created for the connection.", + "type": "string" + }, + "iqn": { + "description": "iqn is the target iSCSI Qualified Name.", + "type": "string" + }, + "iscsiInterface": { + "description": "iscsiInterface is the interface Name that uses an iSCSI transport. Defaults to 'default' (tcp).", + "type": "string" + }, + "lun": { + "description": "lun represents iSCSI Target Lun number.", + "format": "int32", + "type": "integer" + }, + "portals": { + "description": "portals is the iSCSI Target Portal List. The portal is either an IP or ip_addr:port if the port is other than default (typically TCP ports 860 and 3260).", + "items": { + "type": "string" + }, + "type": "array" + }, + "readOnly": { + "description": "readOnly here will force the ReadOnly setting in VolumeMounts. Defaults to false.", + "type": "boolean" + }, + "secretRef": { + "description": "secretRef is the CHAP Secret for iSCSI target and initiator authentication", + "properties": { + "name": { + "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?", + "type": "string" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "targetPortal": { + "description": "targetPortal is iSCSI Target Portal. The Portal is either an IP or ip_addr:port if the port is other than default (typically TCP ports 860 and 3260).", + "type": "string" + } + }, + "required": [ + "iqn", + "lun", + "targetPortal" + ], + "type": "object" + }, + "name": { + "description": "name of the volume. Must be a DNS_LABEL and unique within the pod. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names", + "type": "string" + }, + "nfs": { + "description": "nfs represents an NFS mount on the host that shares a pod's lifetime More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs", + "properties": { + "path": { + "description": "path that is exported by the NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs", + "type": "string" + }, + "readOnly": { + "description": "readOnly here will force the NFS export to be mounted with read-only permissions. Defaults to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs", + "type": "boolean" + }, + "server": { + "description": "server is the hostname or IP address of the NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs", + "type": "string" + } + }, + "required": [ + "path", + "server" + ], + "type": "object" + }, + "persistentVolumeClaim": { + "description": "persistentVolumeClaimVolumeSource represents a reference to a PersistentVolumeClaim in the same namespace. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims", + "properties": { + "claimName": { + "description": "claimName is the name of a PersistentVolumeClaim in the same namespace as the pod using this volume. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims", + "type": "string" + }, + "readOnly": { + "description": "readOnly Will force the ReadOnly setting in VolumeMounts. Default false.", + "type": "boolean" + } + }, + "required": [ + "claimName" + ], + "type": "object" + }, + "photonPersistentDisk": { + "description": "photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine", + "properties": { + "fsType": { + "description": "fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.", + "type": "string" + }, + "pdID": { + "description": "pdID is the ID that identifies Photon Controller persistent disk", + "type": "string" + } + }, + "required": [ + "pdID" + ], + "type": "object" + }, + "portworxVolume": { + "description": "portworxVolume represents a portworx volume attached and mounted on kubelets host machine", + "properties": { + "fsType": { + "description": "fSType represents the filesystem type to mount Must be a filesystem type supported by the host operating system. Ex. \"ext4\", \"xfs\". Implicitly inferred to be \"ext4\" if unspecified.", + "type": "string" + }, + "readOnly": { + "description": "readOnly defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts.", + "type": "boolean" + }, + "volumeID": { + "description": "volumeID uniquely identifies a Portworx volume", + "type": "string" + } + }, + "required": [ + "volumeID" + ], + "type": "object" + }, + "projected": { + "description": "projected items for all in one resources secrets, configmaps, and downward API", + "properties": { + "defaultMode": { + "description": "defaultMode are the mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.", + "format": "int32", + "type": "integer" + }, + "sources": { + "description": "sources is the list of volume projections", + "items": { + "description": "Projection that may be projected along with other supported volume types", + "properties": { + "configMap": { + "description": "configMap information about the configMap data to project", + "properties": { + "items": { + "description": "items if unspecified, each key-value pair in the Data field of the referenced ConfigMap will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the ConfigMap, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'.", + "items": { + "description": "Maps a string key to a path within a volume.", + "properties": { + "key": { + "description": "key is the key to project.", + "type": "string" + }, + "mode": { + "description": "mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.", + "format": "int32", + "type": "integer" + }, + "path": { + "description": "path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'.", + "type": "string" + } + }, + "required": [ + "key", + "path" + ], + "type": "object" + }, + "type": "array" + }, + "name": { + "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?", + "type": "string" + }, + "optional": { + "description": "optional specify whether the ConfigMap or its keys must be defined", + "type": "boolean" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "downwardAPI": { + "description": "downwardAPI information about the downwardAPI data to project", + "properties": { + "items": { + "description": "Items is a list of DownwardAPIVolume file", + "items": { + "description": "DownwardAPIVolumeFile represents information to create the file containing the pod field", + "properties": { + "fieldRef": { + "description": "Required: Selects a field of the pod: only annotations, labels, name and namespace are supported.", + "properties": { + "apiVersion": { + "description": "Version of the schema the FieldPath is written in terms of, defaults to \"v1\".", + "type": "string" + }, + "fieldPath": { + "description": "Path of the field to select in the specified API version.", + "type": "string" + } + }, + "required": [ + "fieldPath" + ], + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "mode": { + "description": "Optional: mode bits used to set permissions on this file, must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.", + "format": "int32", + "type": "integer" + }, + "path": { + "description": "Required: Path is the relative path name of the file to be created. Must not be absolute or contain the '..' path. Must be utf-8 encoded. The first item of the relative path must not start with '..'", + "type": "string" + }, + "resourceFieldRef": { + "description": "Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported.", + "properties": { + "containerName": { + "description": "Container name: required for volumes, optional for env vars", + "type": "string" + }, + "divisor": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "description": "Specifies the output format of the exposed resources, defaults to \"1\"", + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "resource": { + "description": "Required: resource to select", + "type": "string" + } + }, + "required": [ + "resource" + ], + "type": "object", + "x-kubernetes-map-type": "atomic" + } + }, + "required": [ + "path" + ], + "type": "object" + }, + "type": "array" + } + }, + "type": "object" + }, + "secret": { + "description": "secret information about the secret data to project", + "properties": { + "items": { + "description": "items if unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'.", + "items": { + "description": "Maps a string key to a path within a volume.", + "properties": { + "key": { + "description": "key is the key to project.", + "type": "string" + }, + "mode": { + "description": "mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.", + "format": "int32", + "type": "integer" + }, + "path": { + "description": "path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'.", + "type": "string" + } + }, + "required": [ + "key", + "path" + ], + "type": "object" + }, + "type": "array" + }, + "name": { + "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?", + "type": "string" + }, + "optional": { + "description": "optional field specify whether the Secret or its key must be defined", + "type": "boolean" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "serviceAccountToken": { + "description": "serviceAccountToken is information about the serviceAccountToken data to project", + "properties": { + "audience": { + "description": "audience is the intended audience of the token. A recipient of a token must identify itself with an identifier specified in the audience of the token, and otherwise should reject the token. The audience defaults to the identifier of the apiserver.", + "type": "string" + }, + "expirationSeconds": { + "description": "expirationSeconds is the requested duration of validity of the service account token. As the token approaches expiration, the kubelet volume plugin will proactively rotate the service account token. The kubelet will start trying to rotate the token if the token is older than 80 percent of its time to live or if the token is older than 24 hours.Defaults to 1 hour and must be at least 10 minutes.", + "format": "int64", + "type": "integer" + }, + "path": { + "description": "path is the path relative to the mount point of the file to project the token into.", + "type": "string" + } + }, + "required": [ + "path" + ], + "type": "object" + } + }, + "type": "object" + }, + "type": "array" + } + }, + "type": "object" + }, + "quobyte": { + "description": "quobyte represents a Quobyte mount on the host that shares a pod's lifetime", + "properties": { + "group": { + "description": "group to map volume access to Default is no group", + "type": "string" + }, + "readOnly": { + "description": "readOnly here will force the Quobyte volume to be mounted with read-only permissions. Defaults to false.", + "type": "boolean" + }, + "registry": { + "description": "registry represents a single or multiple Quobyte Registry services specified as a string as host:port pair (multiple entries are separated with commas) which acts as the central registry for volumes", + "type": "string" + }, + "tenant": { + "description": "tenant owning the given Quobyte volume in the Backend Used with dynamically provisioned Quobyte volumes, value is set by the plugin", + "type": "string" + }, + "user": { + "description": "user to map volume access to Defaults to serivceaccount user", + "type": "string" + }, + "volume": { + "description": "volume is a string that references an already created Quobyte volume by name.", + "type": "string" + } + }, + "required": [ + "registry", + "volume" + ], + "type": "object" + }, + "rbd": { + "description": "rbd represents a Rados Block Device mount on the host that shares a pod's lifetime. More info: https://examples.k8s.io/volumes/rbd/README.md", + "properties": { + "fsType": { + "description": "fsType is the filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#rbd TODO: how do we prevent errors in the filesystem from compromising the machine", + "type": "string" + }, + "image": { + "description": "image is the rados image name. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it", + "type": "string" + }, + "keyring": { + "description": "keyring is the path to key ring for RBDUser. Default is /etc/ceph/keyring. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it", + "type": "string" + }, + "monitors": { + "description": "monitors is a collection of Ceph monitors. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it", + "items": { + "type": "string" + }, + "type": "array" + }, + "pool": { + "description": "pool is the rados pool name. Default is rbd. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it", + "type": "string" + }, + "readOnly": { + "description": "readOnly here will force the ReadOnly setting in VolumeMounts. Defaults to false. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it", + "type": "boolean" + }, + "secretRef": { + "description": "secretRef is name of the authentication secret for RBDUser. If provided overrides keyring. Default is nil. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it", + "properties": { + "name": { + "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?", + "type": "string" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "user": { + "description": "user is the rados user name. Default is admin. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it", + "type": "string" + } + }, + "required": [ + "image", + "monitors" + ], + "type": "object" + }, + "scaleIO": { + "description": "scaleIO represents a ScaleIO persistent volume attached and mounted on Kubernetes nodes.", + "properties": { + "fsType": { + "description": "fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. \"ext4\", \"xfs\", \"ntfs\". Default is \"xfs\".", + "type": "string" + }, + "gateway": { + "description": "gateway is the host address of the ScaleIO API Gateway.", + "type": "string" + }, + "protectionDomain": { + "description": "protectionDomain is the name of the ScaleIO Protection Domain for the configured storage.", + "type": "string" + }, + "readOnly": { + "description": "readOnly Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts.", + "type": "boolean" + }, + "secretRef": { + "description": "secretRef references to the secret for ScaleIO user and other sensitive information. If this is not provided, Login operation will fail.", + "properties": { + "name": { + "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?", + "type": "string" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "sslEnabled": { + "description": "sslEnabled Flag enable/disable SSL communication with Gateway, default false", + "type": "boolean" + }, + "storageMode": { + "description": "storageMode indicates whether the storage for a volume should be ThickProvisioned or ThinProvisioned. Default is ThinProvisioned.", + "type": "string" + }, + "storagePool": { + "description": "storagePool is the ScaleIO Storage Pool associated with the protection domain.", + "type": "string" + }, + "system": { + "description": "system is the name of the storage system as configured in ScaleIO.", + "type": "string" + }, + "volumeName": { + "description": "volumeName is the name of a volume already created in the ScaleIO system that is associated with this volume source.", + "type": "string" + } + }, + "required": [ + "gateway", + "secretRef", + "system" + ], + "type": "object" + }, + "secret": { + "description": "secret represents a secret that should populate this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret", + "properties": { + "defaultMode": { + "description": "defaultMode is Optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.", + "format": "int32", + "type": "integer" + }, + "items": { + "description": "items If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'.", + "items": { + "description": "Maps a string key to a path within a volume.", + "properties": { + "key": { + "description": "key is the key to project.", + "type": "string" + }, + "mode": { + "description": "mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.", + "format": "int32", + "type": "integer" + }, + "path": { + "description": "path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'.", + "type": "string" + } + }, + "required": [ + "key", + "path" + ], + "type": "object" + }, + "type": "array" + }, + "optional": { + "description": "optional field specify whether the Secret or its keys must be defined", + "type": "boolean" + }, + "secretName": { + "description": "secretName is the name of the secret in the pod's namespace to use. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret", + "type": "string" + } + }, + "type": "object" + }, + "storageos": { + "description": "storageOS represents a StorageOS volume attached and mounted on Kubernetes nodes.", + "properties": { + "fsType": { + "description": "fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.", + "type": "string" + }, + "readOnly": { + "description": "readOnly defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts.", + "type": "boolean" + }, + "secretRef": { + "description": "secretRef specifies the secret to use for obtaining the StorageOS API credentials. If not specified, default values will be attempted.", + "properties": { + "name": { + "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?", + "type": "string" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "volumeName": { + "description": "volumeName is the human-readable name of the StorageOS volume. Volume names are only unique within a namespace.", + "type": "string" + }, + "volumeNamespace": { + "description": "volumeNamespace specifies the scope of the volume within StorageOS. If no namespace is specified then the Pod's namespace will be used. This allows the Kubernetes name scoping to be mirrored within StorageOS for tighter integration. Set VolumeName to any name to override the default behaviour. Set to \"default\" if you are not using namespaces within StorageOS. Namespaces that do not pre-exist within StorageOS will be created.", + "type": "string" + } + }, + "type": "object" + }, + "vsphereVolume": { + "description": "vsphereVolume represents a vSphere volume attached and mounted on kubelets host machine", + "properties": { + "fsType": { + "description": "fsType is filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.", + "type": "string" + }, + "storagePolicyID": { + "description": "storagePolicyID is the storage Policy Based Management (SPBM) profile ID associated with the StoragePolicyName.", + "type": "string" + }, + "storagePolicyName": { + "description": "storagePolicyName is the storage Policy Based Management (SPBM) profile name.", + "type": "string" + }, + "volumePath": { + "description": "volumePath is the path that identifies vSphere volume vmdk", + "type": "string" + } + }, + "required": [ + "volumePath" + ], + "type": "object" + } + }, + "required": [ + "name" + ], + "type": "object" + }, + "type": "array" + } + }, + "required": [ + "containers" + ], + "type": "object" + } + }, + "type": "object" + }, + "racks": { + "description": "A list of the named racks in the datacenter, representing independent failure domains. The number of racks should match the replication factor in the keyspaces you plan to create, and the number of racks cannot easily be changed once a datacenter is deployed.", + "items": { + "description": "Rack ...", + "properties": { + "affinity": { + "description": "Affinity rules to set for this rack only. Merged with values from PodTemplateSpec Affinity as well as NodeAffinityLabels. If you wish to override all the default PodAntiAffinity rules, set allowMultipleWorkers to true, otherwise defaults are applied and then these Affinity settings are merged.", + "properties": { + "nodeAffinity": { + "description": "Describes node affinity scheduling rules for the pod.", + "properties": { + "preferredDuringSchedulingIgnoredDuringExecution": { + "description": "The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding \"weight\" to the sum if the node matches the corresponding matchExpressions; the node(s) with the highest sum are the most preferred.", + "items": { + "description": "An empty preferred scheduling term matches all objects with implicit weight 0 (i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op).", + "properties": { + "preference": { + "description": "A node selector term, associated with the corresponding weight.", + "properties": { + "matchExpressions": { + "description": "A list of node selector requirements by node's labels.", + "items": { + "description": "A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values.", + "properties": { + "key": { + "description": "The label key that the selector applies to.", + "type": "string" + }, + "operator": { + "description": "Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.", + "type": "string" + }, + "values": { + "description": "An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array" + }, + "matchFields": { + "description": "A list of node selector requirements by node's fields.", + "items": { + "description": "A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values.", + "properties": { + "key": { + "description": "The label key that the selector applies to.", + "type": "string" + }, + "operator": { + "description": "Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.", + "type": "string" + }, + "values": { + "description": "An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "weight": { + "description": "Weight associated with matching the corresponding nodeSelectorTerm, in the range 1-100.", + "format": "int32", + "type": "integer" + } + }, + "required": [ + "preference", + "weight" + ], + "type": "object" + }, + "type": "array" + }, + "requiredDuringSchedulingIgnoredDuringExecution": { + "description": "If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to an update), the system may or may not try to eventually evict the pod from its node.", + "properties": { + "nodeSelectorTerms": { + "description": "Required. A list of node selector terms. The terms are ORed.", + "items": { + "description": "A null or empty node selector term matches no objects. The requirements of them are ANDed. The TopologySelectorTerm type implements a subset of the NodeSelectorTerm.", + "properties": { + "matchExpressions": { + "description": "A list of node selector requirements by node's labels.", + "items": { + "description": "A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values.", + "properties": { + "key": { + "description": "The label key that the selector applies to.", + "type": "string" + }, + "operator": { + "description": "Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.", + "type": "string" + }, + "values": { + "description": "An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array" + }, + "matchFields": { + "description": "A list of node selector requirements by node's fields.", + "items": { + "description": "A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values.", + "properties": { + "key": { + "description": "The label key that the selector applies to.", + "type": "string" + }, + "operator": { + "description": "Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.", + "type": "string" + }, + "values": { + "description": "An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "type": "array" + } + }, + "required": [ + "nodeSelectorTerms" + ], + "type": "object", + "x-kubernetes-map-type": "atomic" + } + }, + "type": "object" + }, + "podAffinity": { + "description": "Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s)).", + "properties": { + "preferredDuringSchedulingIgnoredDuringExecution": { + "description": "The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding \"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred.", + "items": { + "description": "The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s)", + "properties": { + "podAffinityTerm": { + "description": "Required. A pod affinity term, associated with the corresponding weight.", + "properties": { + "labelSelector": { + "description": "A label query over a set of resources, in this case pods.", + "properties": { + "matchExpressions": { + "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", + "items": { + "description": "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.", + "properties": { + "key": { + "description": "key is the label key that the selector applies to.", + "type": "string" + }, + "operator": { + "description": "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.", + "type": "string" + }, + "values": { + "description": "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array" + }, + "matchLabels": { + "additionalProperties": { + "type": "string" + }, + "description": "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", + "type": "object" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "namespaceSelector": { + "description": "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means \"this pod's namespace\". An empty selector ({}) matches all namespaces.", + "properties": { + "matchExpressions": { + "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", + "items": { + "description": "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.", + "properties": { + "key": { + "description": "key is the label key that the selector applies to.", + "type": "string" + }, + "operator": { + "description": "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.", + "type": "string" + }, + "values": { + "description": "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array" + }, + "matchLabels": { + "additionalProperties": { + "type": "string" + }, + "description": "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", + "type": "object" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "namespaces": { + "description": "namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means \"this pod's namespace\".", + "items": { + "type": "string" + }, + "type": "array" + }, + "topologyKey": { + "description": "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed.", + "type": "string" + } + }, + "required": [ + "topologyKey" + ], + "type": "object" + }, + "weight": { + "description": "weight associated with matching the corresponding podAffinityTerm, in the range 1-100.", + "format": "int32", + "type": "integer" + } + }, + "required": [ + "podAffinityTerm", + "weight" + ], + "type": "object" + }, + "type": "array" + }, + "requiredDuringSchedulingIgnoredDuringExecution": { + "description": "If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied.", + "items": { + "description": "Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running", + "properties": { + "labelSelector": { + "description": "A label query over a set of resources, in this case pods.", + "properties": { + "matchExpressions": { + "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", + "items": { + "description": "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.", + "properties": { + "key": { + "description": "key is the label key that the selector applies to.", + "type": "string" + }, + "operator": { + "description": "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.", + "type": "string" + }, + "values": { + "description": "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array" + }, + "matchLabels": { + "additionalProperties": { + "type": "string" + }, + "description": "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", + "type": "object" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "namespaceSelector": { + "description": "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means \"this pod's namespace\". An empty selector ({}) matches all namespaces.", + "properties": { + "matchExpressions": { + "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", + "items": { + "description": "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.", + "properties": { + "key": { + "description": "key is the label key that the selector applies to.", + "type": "string" + }, + "operator": { + "description": "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.", + "type": "string" + }, + "values": { + "description": "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array" + }, + "matchLabels": { + "additionalProperties": { + "type": "string" + }, + "description": "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", + "type": "object" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "namespaces": { + "description": "namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means \"this pod's namespace\".", + "items": { + "type": "string" + }, + "type": "array" + }, + "topologyKey": { + "description": "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed.", + "type": "string" + } + }, + "required": [ + "topologyKey" + ], + "type": "object" + }, + "type": "array" + } + }, + "type": "object" + }, + "podAntiAffinity": { + "description": "Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s)).", + "properties": { + "preferredDuringSchedulingIgnoredDuringExecution": { + "description": "The scheduler will prefer to schedule pods to nodes that satisfy the anti-affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling anti-affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding \"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred.", + "items": { + "description": "The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s)", + "properties": { + "podAffinityTerm": { + "description": "Required. A pod affinity term, associated with the corresponding weight.", + "properties": { + "labelSelector": { + "description": "A label query over a set of resources, in this case pods.", + "properties": { + "matchExpressions": { + "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", + "items": { + "description": "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.", + "properties": { + "key": { + "description": "key is the label key that the selector applies to.", + "type": "string" + }, + "operator": { + "description": "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.", + "type": "string" + }, + "values": { + "description": "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array" + }, + "matchLabels": { + "additionalProperties": { + "type": "string" + }, + "description": "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", + "type": "object" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "namespaceSelector": { + "description": "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means \"this pod's namespace\". An empty selector ({}) matches all namespaces.", + "properties": { + "matchExpressions": { + "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", + "items": { + "description": "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.", + "properties": { + "key": { + "description": "key is the label key that the selector applies to.", + "type": "string" + }, + "operator": { + "description": "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.", + "type": "string" + }, + "values": { + "description": "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array" + }, + "matchLabels": { + "additionalProperties": { + "type": "string" + }, + "description": "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", + "type": "object" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "namespaces": { + "description": "namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means \"this pod's namespace\".", + "items": { + "type": "string" + }, + "type": "array" + }, + "topologyKey": { + "description": "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed.", + "type": "string" + } + }, + "required": [ + "topologyKey" + ], + "type": "object" + }, + "weight": { + "description": "weight associated with matching the corresponding podAffinityTerm, in the range 1-100.", + "format": "int32", + "type": "integer" + } + }, + "required": [ + "podAffinityTerm", + "weight" + ], + "type": "object" + }, + "type": "array" + }, + "requiredDuringSchedulingIgnoredDuringExecution": { + "description": "If the anti-affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the anti-affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied.", + "items": { + "description": "Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running", + "properties": { + "labelSelector": { + "description": "A label query over a set of resources, in this case pods.", + "properties": { + "matchExpressions": { + "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", + "items": { + "description": "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.", + "properties": { + "key": { + "description": "key is the label key that the selector applies to.", + "type": "string" + }, + "operator": { + "description": "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.", + "type": "string" + }, + "values": { + "description": "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array" + }, + "matchLabels": { + "additionalProperties": { + "type": "string" + }, + "description": "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", + "type": "object" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "namespaceSelector": { + "description": "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means \"this pod's namespace\". An empty selector ({}) matches all namespaces.", + "properties": { + "matchExpressions": { + "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", + "items": { + "description": "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.", + "properties": { + "key": { + "description": "key is the label key that the selector applies to.", + "type": "string" + }, + "operator": { + "description": "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.", + "type": "string" + }, + "values": { + "description": "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array" + }, + "matchLabels": { + "additionalProperties": { + "type": "string" + }, + "description": "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", + "type": "object" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "namespaces": { + "description": "namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means \"this pod's namespace\".", + "items": { + "type": "string" + }, + "type": "array" + }, + "topologyKey": { + "description": "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed.", + "type": "string" + } + }, + "required": [ + "topologyKey" + ], + "type": "object" + }, + "type": "array" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "name": { + "description": "The rack name", + "minLength": 2, + "type": "string" + }, + "nodeAffinityLabels": { + "additionalProperties": { + "type": "string" + }, + "description": "NodeAffinityLabels to pin the rack, using node affinity", + "type": "object" + }, + "zone": { + "description": "Deprecated. Use nodeAffinityLabels instead. DeprecatedZone name to pin the rack, using node affinity", + "type": "string" + } + }, + "required": [ + "name" + ], + "type": "object" + }, + "type": "array" + }, + "replaceNodes": { + "description": "Deprecated Use CassandraTask replacenode to achieve correct node replacement. A list of pod names that need to be replaced.", + "items": { + "type": "string" + }, + "type": "array" + }, + "resources": { + "description": "Kubernetes resource requests and limits, per pod", + "properties": { + "claims": { + "description": "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers.", + "items": { + "description": "ResourceClaim references one entry in PodSpec.ResourceClaims.", + "properties": { + "name": { + "description": "Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container.", + "type": "string" + } + }, + "required": [ + "name" + ], + "type": "object" + }, + "type": "array", + "x-kubernetes-list-map-keys": [ + "name" + ], + "x-kubernetes-list-type": "map" + }, + "limits": { + "additionalProperties": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "description": "Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/", + "type": "object" + }, + "requests": { + "additionalProperties": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "description": "Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/", + "type": "object" + } + }, + "type": "object" + }, + "rollingRestartRequested": { + "description": "Deprecated. Use CassandraTask for rolling restarts. Whether to do a rolling restart at the next opportunity. The operator will set this back to false once the restart is in progress.", + "type": "boolean" + }, + "serverImage": { + "description": "Cassandra server image name. Use of ImageConfig to match ServerVersion is recommended instead of this value. This value will override anything set in the ImageConfig matching the ServerVersion More info: https://kubernetes.io/docs/concepts/containers/images", + "type": "string" + }, + "serverType": { + "description": "Server type: \"cassandra\" or \"dse\"", + "enum": [ + "cassandra", + "dse" + ], + "type": "string" + }, + "serverVersion": { + "description": "Version string for config builder, used to generate Cassandra server configuration", + "pattern": "(6\\.8\\.\\d+)|(3\\.11\\.\\d+)|(4\\.\\d+\\.\\d+)|(5\\.\\d+\\.\\d+)|(7\\.\\d+\\.\\d+)", + "type": "string" + }, + "serviceAccount": { + "description": "Deprecated DeprecatedServiceAccount Use ServiceAccountName instead, which takes precedence. The k8s service account to use for the server pods", + "type": "string" + }, + "serviceAccountName": { + "description": "ServiceAccountName is the Kubernetes service account to use for the server pods. This takes presedence over DeprecatedServiceAccount and both take precedence over setting it in the PodTemplateSpec.", + "type": "string" + }, + "size": { + "description": "Desired number of Cassandra server nodes", + "format": "int32", + "minimum": 1, + "type": "integer" + }, + "stopped": { + "description": "A stopped CassandraDatacenter will have no running server pods, like using \"stop\" with traditional System V init scripts. Other Kubernetes resources will be left intact, and volumes will re-attach when the CassandraDatacenter workload is resumed.", + "type": "boolean" + }, + "storageConfig": { + "description": "StorageConfig describes the persistent storage request of each server node", + "properties": { + "additionalVolumes": { + "items": { + "description": "AdditionalVolumes defines additional storage configurations", + "properties": { + "mountPath": { + "description": "Mount path into cassandra container", + "type": "string" + }, + "name": { + "description": "Name of the pvc / volume", + "pattern": "[a-z0-9]([-a-z0-9]*[a-z0-9])?", + "type": "string" + }, + "pvcSpec": { + "description": "PVCSpec is a persistent volume claim spec. Either this or VolumeSource is required.", + "properties": { + "accessModes": { + "description": "accessModes contains the desired access modes the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1", + "items": { + "type": "string" + }, + "type": "array" + }, + "dataSource": { + "description": "dataSource field can be used to specify either: * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) * An existing PVC (PersistentVolumeClaim) If the provisioner or an external controller can support the specified data source, it will create a new volume based on the contents of the specified data source. When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. If the namespace is specified, then dataSourceRef will not be copied to dataSource.", + "properties": { + "apiGroup": { + "description": "APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required.", + "type": "string" + }, + "kind": { + "description": "Kind is the type of resource being referenced", + "type": "string" + }, + "name": { + "description": "Name is the name of resource being referenced", + "type": "string" + } + }, + "required": [ + "kind", + "name" + ], + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "dataSourceRef": { + "description": "dataSourceRef specifies the object from which to populate the volume with data, if a non-empty volume is desired. This may be any object from a non-empty API group (non core object) or a PersistentVolumeClaim object. When this field is specified, volume binding will only succeed if the type of the specified object matches some installed volume populator or dynamic provisioner. This field will replace the functionality of the dataSource field and as such if both fields are non-empty, they must have the same value. For backwards compatibility, when namespace isn't specified in dataSourceRef, both fields (dataSource and dataSourceRef) will be set to the same value automatically if one of them is empty and the other is non-empty. When namespace is specified in dataSourceRef, dataSource isn't set to the same value and must be empty. There are three important differences between dataSource and dataSourceRef: * While dataSource only allows two specific types of objects, dataSourceRef allows any non-core object, as well as PersistentVolumeClaim objects. * While dataSource ignores disallowed values (dropping them), dataSourceRef preserves all values, and generates an error if a disallowed value is specified. * While dataSource only allows local objects, dataSourceRef allows objects in any namespaces. (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled.", + "properties": { + "apiGroup": { + "description": "APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required.", + "type": "string" + }, + "kind": { + "description": "Kind is the type of resource being referenced", + "type": "string" + }, + "name": { + "description": "Name is the name of resource being referenced", + "type": "string" + }, + "namespace": { + "description": "Namespace is the namespace of resource being referenced Note that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details. (Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled.", + "type": "string" + } + }, + "required": [ + "kind", + "name" + ], + "type": "object" + }, + "resources": { + "description": "resources represents the minimum resources the volume should have. If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements that are lower than previous value but must still be higher than capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources", + "properties": { + "claims": { + "description": "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers.", + "items": { + "description": "ResourceClaim references one entry in PodSpec.ResourceClaims.", + "properties": { + "name": { + "description": "Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container.", + "type": "string" + } + }, + "required": [ + "name" + ], + "type": "object" + }, + "type": "array", + "x-kubernetes-list-map-keys": [ + "name" + ], + "x-kubernetes-list-type": "map" + }, + "limits": { + "additionalProperties": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "description": "Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/", + "type": "object" + }, + "requests": { + "additionalProperties": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "description": "Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/", + "type": "object" + } + }, + "type": "object" + }, + "selector": { + "description": "selector is a label query over volumes to consider for binding.", + "properties": { + "matchExpressions": { + "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", + "items": { + "description": "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.", + "properties": { + "key": { + "description": "key is the label key that the selector applies to.", + "type": "string" + }, + "operator": { + "description": "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.", + "type": "string" + }, + "values": { + "description": "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array" + }, + "matchLabels": { + "additionalProperties": { + "type": "string" + }, + "description": "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", + "type": "object" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "storageClassName": { + "description": "storageClassName is the name of the StorageClass required by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1", + "type": "string" + }, + "volumeMode": { + "description": "volumeMode defines what type of volume is required by the claim. Value of Filesystem is implied when not included in claim spec.", + "type": "string" + }, + "volumeName": { + "description": "volumeName is the binding reference to the PersistentVolume backing this claim.", + "type": "string" + } + }, + "type": "object" + }, + "volumeSource": { + "description": "VolumeSource to mount the volume from (such as ConfigMap / Secret). This or PVCSpec is required.", + "properties": { + "awsElasticBlockStore": { + "description": "awsElasticBlockStore represents an AWS Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore", + "properties": { + "fsType": { + "description": "fsType is the filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore TODO: how do we prevent errors in the filesystem from compromising the machine", + "type": "string" + }, + "partition": { + "description": "partition is the partition in the volume that you want to mount. If omitted, the default is to mount by volume name. Examples: For volume /dev/sda1, you specify the partition as \"1\". Similarly, the volume partition for /dev/sda is \"0\" (or you can leave the property empty).", + "format": "int32", + "type": "integer" + }, + "readOnly": { + "description": "readOnly value true will force the readOnly setting in VolumeMounts. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore", + "type": "boolean" + }, + "volumeID": { + "description": "volumeID is unique ID of the persistent disk resource in AWS (Amazon EBS volume). More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore", + "type": "string" + } + }, + "required": [ + "volumeID" + ], + "type": "object" + }, + "azureDisk": { + "description": "azureDisk represents an Azure Data Disk mount on the host and bind mount to the pod.", + "properties": { + "cachingMode": { + "description": "cachingMode is the Host Caching mode: None, Read Only, Read Write.", + "type": "string" + }, + "diskName": { + "description": "diskName is the Name of the data disk in the blob storage", + "type": "string" + }, + "diskURI": { + "description": "diskURI is the URI of data disk in the blob storage", + "type": "string" + }, + "fsType": { + "description": "fsType is Filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.", + "type": "string" + }, + "kind": { + "description": "kind expected values are Shared: multiple blob disks per storage account Dedicated: single blob disk per storage account Managed: azure managed data disk (only in managed availability set). defaults to shared", + "type": "string" + }, + "readOnly": { + "description": "readOnly Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts.", + "type": "boolean" + } + }, + "required": [ + "diskName", + "diskURI" + ], + "type": "object" + }, + "azureFile": { + "description": "azureFile represents an Azure File Service mount on the host and bind mount to the pod.", + "properties": { + "readOnly": { + "description": "readOnly defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts.", + "type": "boolean" + }, + "secretName": { + "description": "secretName is the name of secret that contains Azure Storage Account Name and Key", + "type": "string" + }, + "shareName": { + "description": "shareName is the azure share Name", + "type": "string" + } + }, + "required": [ + "secretName", + "shareName" + ], + "type": "object" + }, + "cephfs": { + "description": "cephFS represents a Ceph FS mount on the host that shares a pod's lifetime", + "properties": { + "monitors": { + "description": "monitors is Required: Monitors is a collection of Ceph monitors More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it", + "items": { + "type": "string" + }, + "type": "array" + }, + "path": { + "description": "path is Optional: Used as the mounted root, rather than the full Ceph tree, default is /", + "type": "string" + }, + "readOnly": { + "description": "readOnly is Optional: Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it", + "type": "boolean" + }, + "secretFile": { + "description": "secretFile is Optional: SecretFile is the path to key ring for User, default is /etc/ceph/user.secret More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it", + "type": "string" + }, + "secretRef": { + "description": "secretRef is Optional: SecretRef is reference to the authentication secret for User, default is empty. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it", + "properties": { + "name": { + "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?", + "type": "string" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "user": { + "description": "user is optional: User is the rados user name, default is admin More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it", + "type": "string" + } + }, + "required": [ + "monitors" + ], + "type": "object" + }, + "cinder": { + "description": "cinder represents a cinder volume attached and mounted on kubelets host machine. More info: https://examples.k8s.io/mysql-cinder-pd/README.md", + "properties": { + "fsType": { + "description": "fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Examples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified. More info: https://examples.k8s.io/mysql-cinder-pd/README.md", + "type": "string" + }, + "readOnly": { + "description": "readOnly defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts. More info: https://examples.k8s.io/mysql-cinder-pd/README.md", + "type": "boolean" + }, + "secretRef": { + "description": "secretRef is optional: points to a secret object containing parameters used to connect to OpenStack.", + "properties": { + "name": { + "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?", + "type": "string" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "volumeID": { + "description": "volumeID used to identify the volume in cinder. More info: https://examples.k8s.io/mysql-cinder-pd/README.md", + "type": "string" + } + }, + "required": [ + "volumeID" + ], + "type": "object" + }, + "configMap": { + "description": "configMap represents a configMap that should populate this volume", + "properties": { + "defaultMode": { + "description": "defaultMode is optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.", + "format": "int32", + "type": "integer" + }, + "items": { + "description": "items if unspecified, each key-value pair in the Data field of the referenced ConfigMap will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the ConfigMap, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'.", + "items": { + "description": "Maps a string key to a path within a volume.", + "properties": { + "key": { + "description": "key is the key to project.", + "type": "string" + }, + "mode": { + "description": "mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.", + "format": "int32", + "type": "integer" + }, + "path": { + "description": "path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'.", + "type": "string" + } + }, + "required": [ + "key", + "path" + ], + "type": "object" + }, + "type": "array" + }, + "name": { + "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?", + "type": "string" + }, + "optional": { + "description": "optional specify whether the ConfigMap or its keys must be defined", + "type": "boolean" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "csi": { + "description": "csi (Container Storage Interface) represents ephemeral storage that is handled by certain external CSI drivers (Beta feature).", + "properties": { + "driver": { + "description": "driver is the name of the CSI driver that handles this volume. Consult with your admin for the correct name as registered in the cluster.", + "type": "string" + }, + "fsType": { + "description": "fsType to mount. Ex. \"ext4\", \"xfs\", \"ntfs\". If not provided, the empty value is passed to the associated CSI driver which will determine the default filesystem to apply.", + "type": "string" + }, + "nodePublishSecretRef": { + "description": "nodePublishSecretRef is a reference to the secret object containing sensitive information to pass to the CSI driver to complete the CSI NodePublishVolume and NodeUnpublishVolume calls. This field is optional, and may be empty if no secret is required. If the secret object contains more than one secret, all secret references are passed.", + "properties": { + "name": { + "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?", + "type": "string" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "readOnly": { + "description": "readOnly specifies a read-only configuration for the volume. Defaults to false (read/write).", + "type": "boolean" + }, + "volumeAttributes": { + "additionalProperties": { + "type": "string" + }, + "description": "volumeAttributes stores driver-specific properties that are passed to the CSI driver. Consult your driver's documentation for supported values.", + "type": "object" + } + }, + "required": [ + "driver" + ], + "type": "object" + }, + "downwardAPI": { + "description": "downwardAPI represents downward API about the pod that should populate this volume", + "properties": { + "defaultMode": { + "description": "Optional: mode bits to use on created files by default. Must be a Optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.", + "format": "int32", + "type": "integer" + }, + "items": { + "description": "Items is a list of downward API volume file", + "items": { + "description": "DownwardAPIVolumeFile represents information to create the file containing the pod field", + "properties": { + "fieldRef": { + "description": "Required: Selects a field of the pod: only annotations, labels, name and namespace are supported.", + "properties": { + "apiVersion": { + "description": "Version of the schema the FieldPath is written in terms of, defaults to \"v1\".", + "type": "string" + }, + "fieldPath": { + "description": "Path of the field to select in the specified API version.", + "type": "string" + } + }, + "required": [ + "fieldPath" + ], + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "mode": { + "description": "Optional: mode bits used to set permissions on this file, must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.", + "format": "int32", + "type": "integer" + }, + "path": { + "description": "Required: Path is the relative path name of the file to be created. Must not be absolute or contain the '..' path. Must be utf-8 encoded. The first item of the relative path must not start with '..'", + "type": "string" + }, + "resourceFieldRef": { + "description": "Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported.", + "properties": { + "containerName": { + "description": "Container name: required for volumes, optional for env vars", + "type": "string" + }, + "divisor": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "description": "Specifies the output format of the exposed resources, defaults to \"1\"", + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "resource": { + "description": "Required: resource to select", + "type": "string" + } + }, + "required": [ + "resource" + ], + "type": "object", + "x-kubernetes-map-type": "atomic" + } + }, + "required": [ + "path" + ], + "type": "object" + }, + "type": "array" + } + }, + "type": "object" + }, + "emptyDir": { + "description": "emptyDir represents a temporary directory that shares a pod's lifetime. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir", + "properties": { + "medium": { + "description": "medium represents what type of storage medium should back this directory. The default is \"\" which means to use the node's default medium. Must be an empty string (default) or Memory. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir", + "type": "string" + }, + "sizeLimit": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "description": "sizeLimit is the total amount of local storage required for this EmptyDir volume. The size limit is also applicable for memory medium. The maximum usage on memory medium EmptyDir would be the minimum value between the SizeLimit specified here and the sum of memory limits of all containers in a pod. The default is nil which means that the limit is undefined. More info: http://kubernetes.io/docs/user-guide/volumes#emptydir", + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + } + }, + "type": "object" + }, + "ephemeral": { + "description": "ephemeral represents a volume that is handled by a cluster storage driver. The volume's lifecycle is tied to the pod that defines it - it will be created before the pod starts, and deleted when the pod is removed. \n Use this if: a) the volume is only needed while the pod runs, b) features of normal volumes like restoring from snapshot or capacity tracking are needed, c) the storage driver is specified through a storage class, and d) the storage driver supports dynamic volume provisioning through a PersistentVolumeClaim (see EphemeralVolumeSource for more information on the connection between this volume type and PersistentVolumeClaim). \n Use PersistentVolumeClaim or one of the vendor-specific APIs for volumes that persist for longer than the lifecycle of an individual pod. \n Use CSI for light-weight local ephemeral volumes if the CSI driver is meant to be used that way - see the documentation of the driver for more information. \n A pod can use both types of ephemeral volumes and persistent volumes at the same time.", + "properties": { + "volumeClaimTemplate": { + "description": "Will be used to create a stand-alone PVC to provision the volume. The pod in which this EphemeralVolumeSource is embedded will be the owner of the PVC, i.e. the PVC will be deleted together with the pod. The name of the PVC will be `-` where `` is the name from the `PodSpec.Volumes` array entry. Pod validation will reject the pod if the concatenated name is not valid for a PVC (for example, too long). \n An existing PVC with that name that is not owned by the pod will *not* be used for the pod to avoid using an unrelated volume by mistake. Starting the pod is then blocked until the unrelated PVC is removed. If such a pre-created PVC is meant to be used by the pod, the PVC has to updated with an owner reference to the pod once the pod exists. Normally this should not be necessary, but it may be useful when manually reconstructing a broken cluster. \n This field is read-only and no changes will be made by Kubernetes to the PVC after it has been created. \n Required, must not be nil.", + "properties": { + "metadata": { + "description": "May contain labels and annotations that will be copied into the PVC when creating it. No other fields are allowed and will be rejected during validation.", + "properties": { + "annotations": { + "additionalProperties": { + "type": "string" + }, + "type": "object" + }, + "finalizers": { + "items": { + "type": "string" + }, + "type": "array" + }, + "labels": { + "additionalProperties": { + "type": "string" + }, + "type": "object" + }, + "name": { + "type": "string" + }, + "namespace": { + "type": "string" + } + }, + "type": "object" + }, + "spec": { + "description": "The specification for the PersistentVolumeClaim. The entire content is copied unchanged into the PVC that gets created from this template. The same fields as in a PersistentVolumeClaim are also valid here.", + "properties": { + "accessModes": { + "description": "accessModes contains the desired access modes the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1", + "items": { + "type": "string" + }, + "type": "array" + }, + "dataSource": { + "description": "dataSource field can be used to specify either: * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) * An existing PVC (PersistentVolumeClaim) If the provisioner or an external controller can support the specified data source, it will create a new volume based on the contents of the specified data source. When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. If the namespace is specified, then dataSourceRef will not be copied to dataSource.", + "properties": { + "apiGroup": { + "description": "APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required.", + "type": "string" + }, + "kind": { + "description": "Kind is the type of resource being referenced", + "type": "string" + }, + "name": { + "description": "Name is the name of resource being referenced", + "type": "string" + } + }, + "required": [ + "kind", + "name" + ], + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "dataSourceRef": { + "description": "dataSourceRef specifies the object from which to populate the volume with data, if a non-empty volume is desired. This may be any object from a non-empty API group (non core object) or a PersistentVolumeClaim object. When this field is specified, volume binding will only succeed if the type of the specified object matches some installed volume populator or dynamic provisioner. This field will replace the functionality of the dataSource field and as such if both fields are non-empty, they must have the same value. For backwards compatibility, when namespace isn't specified in dataSourceRef, both fields (dataSource and dataSourceRef) will be set to the same value automatically if one of them is empty and the other is non-empty. When namespace is specified in dataSourceRef, dataSource isn't set to the same value and must be empty. There are three important differences between dataSource and dataSourceRef: * While dataSource only allows two specific types of objects, dataSourceRef allows any non-core object, as well as PersistentVolumeClaim objects. * While dataSource ignores disallowed values (dropping them), dataSourceRef preserves all values, and generates an error if a disallowed value is specified. * While dataSource only allows local objects, dataSourceRef allows objects in any namespaces. (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled.", + "properties": { + "apiGroup": { + "description": "APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required.", + "type": "string" + }, + "kind": { + "description": "Kind is the type of resource being referenced", + "type": "string" + }, + "name": { + "description": "Name is the name of resource being referenced", + "type": "string" + }, + "namespace": { + "description": "Namespace is the namespace of resource being referenced Note that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details. (Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled.", + "type": "string" + } + }, + "required": [ + "kind", + "name" + ], + "type": "object" + }, + "resources": { + "description": "resources represents the minimum resources the volume should have. If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements that are lower than previous value but must still be higher than capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources", + "properties": { + "claims": { + "description": "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers.", + "items": { + "description": "ResourceClaim references one entry in PodSpec.ResourceClaims.", + "properties": { + "name": { + "description": "Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container.", + "type": "string" + } + }, + "required": [ + "name" + ], + "type": "object" + }, + "type": "array", + "x-kubernetes-list-map-keys": [ + "name" + ], + "x-kubernetes-list-type": "map" + }, + "limits": { + "additionalProperties": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "description": "Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/", + "type": "object" + }, + "requests": { + "additionalProperties": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "description": "Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/", + "type": "object" + } + }, + "type": "object" + }, + "selector": { + "description": "selector is a label query over volumes to consider for binding.", + "properties": { + "matchExpressions": { + "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", + "items": { + "description": "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.", + "properties": { + "key": { + "description": "key is the label key that the selector applies to.", + "type": "string" + }, + "operator": { + "description": "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.", + "type": "string" + }, + "values": { + "description": "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array" + }, + "matchLabels": { + "additionalProperties": { + "type": "string" + }, + "description": "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", + "type": "object" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "storageClassName": { + "description": "storageClassName is the name of the StorageClass required by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1", + "type": "string" + }, + "volumeMode": { + "description": "volumeMode defines what type of volume is required by the claim. Value of Filesystem is implied when not included in claim spec.", + "type": "string" + }, + "volumeName": { + "description": "volumeName is the binding reference to the PersistentVolume backing this claim.", + "type": "string" + } + }, + "type": "object" + } + }, + "required": [ + "spec" + ], + "type": "object" + } + }, + "type": "object" + }, + "fc": { + "description": "fc represents a Fibre Channel resource that is attached to a kubelet's host machine and then exposed to the pod.", + "properties": { + "fsType": { + "description": "fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified. TODO: how do we prevent errors in the filesystem from compromising the machine", + "type": "string" + }, + "lun": { + "description": "lun is Optional: FC target lun number", + "format": "int32", + "type": "integer" + }, + "readOnly": { + "description": "readOnly is Optional: Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts.", + "type": "boolean" + }, + "targetWWNs": { + "description": "targetWWNs is Optional: FC target worldwide names (WWNs)", + "items": { + "type": "string" + }, + "type": "array" + }, + "wwids": { + "description": "wwids Optional: FC volume world wide identifiers (wwids) Either wwids or combination of targetWWNs and lun must be set, but not both simultaneously.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + }, + "flexVolume": { + "description": "flexVolume represents a generic volume resource that is provisioned/attached using an exec based plugin.", + "properties": { + "driver": { + "description": "driver is the name of the driver to use for this volume.", + "type": "string" + }, + "fsType": { + "description": "fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. \"ext4\", \"xfs\", \"ntfs\". The default filesystem depends on FlexVolume script.", + "type": "string" + }, + "options": { + "additionalProperties": { + "type": "string" + }, + "description": "options is Optional: this field holds extra command options if any.", + "type": "object" + }, + "readOnly": { + "description": "readOnly is Optional: defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts.", + "type": "boolean" + }, + "secretRef": { + "description": "secretRef is Optional: secretRef is reference to the secret object containing sensitive information to pass to the plugin scripts. This may be empty if no secret object is specified. If the secret object contains more than one secret, all secrets are passed to the plugin scripts.", + "properties": { + "name": { + "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?", + "type": "string" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + } + }, + "required": [ + "driver" + ], + "type": "object" + }, + "flocker": { + "description": "flocker represents a Flocker volume attached to a kubelet's host machine. This depends on the Flocker control service being running", + "properties": { + "datasetName": { + "description": "datasetName is Name of the dataset stored as metadata -> name on the dataset for Flocker should be considered as deprecated", + "type": "string" + }, + "datasetUUID": { + "description": "datasetUUID is the UUID of the dataset. This is unique identifier of a Flocker dataset", + "type": "string" + } + }, + "type": "object" + }, + "gcePersistentDisk": { + "description": "gcePersistentDisk represents a GCE Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk", + "properties": { + "fsType": { + "description": "fsType is filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk TODO: how do we prevent errors in the filesystem from compromising the machine", + "type": "string" + }, + "partition": { + "description": "partition is the partition in the volume that you want to mount. If omitted, the default is to mount by volume name. Examples: For volume /dev/sda1, you specify the partition as \"1\". Similarly, the volume partition for /dev/sda is \"0\" (or you can leave the property empty). More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk", + "format": "int32", + "type": "integer" + }, + "pdName": { + "description": "pdName is unique name of the PD resource in GCE. Used to identify the disk in GCE. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk", + "type": "string" + }, + "readOnly": { + "description": "readOnly here will force the ReadOnly setting in VolumeMounts. Defaults to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk", + "type": "boolean" + } + }, + "required": [ + "pdName" + ], + "type": "object" + }, + "gitRepo": { + "description": "gitRepo represents a git repository at a particular revision. DEPRECATED: GitRepo is deprecated. To provision a container with a git repo, mount an EmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir into the Pod's container.", + "properties": { + "directory": { + "description": "directory is the target directory name. Must not contain or start with '..'. If '.' is supplied, the volume directory will be the git repository. Otherwise, if specified, the volume will contain the git repository in the subdirectory with the given name.", + "type": "string" + }, + "repository": { + "description": "repository is the URL", + "type": "string" + }, + "revision": { + "description": "revision is the commit hash for the specified revision.", + "type": "string" + } + }, + "required": [ + "repository" + ], + "type": "object" + }, + "glusterfs": { + "description": "glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime. More info: https://examples.k8s.io/volumes/glusterfs/README.md", + "properties": { + "endpoints": { + "description": "endpoints is the endpoint name that details Glusterfs topology. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod", + "type": "string" + }, + "path": { + "description": "path is the Glusterfs volume path. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod", + "type": "string" + }, + "readOnly": { + "description": "readOnly here will force the Glusterfs volume to be mounted with read-only permissions. Defaults to false. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod", + "type": "boolean" + } + }, + "required": [ + "endpoints", + "path" + ], + "type": "object" + }, + "hostPath": { + "description": "hostPath represents a pre-existing file or directory on the host machine that is directly exposed to the container. This is generally used for system agents or other privileged things that are allowed to see the host machine. Most containers will NOT need this. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath --- TODO(jonesdl) We need to restrict who can use host directory mounts and who can/can not mount host directories as read/write.", + "properties": { + "path": { + "description": "path of the directory on the host. If the path is a symlink, it will follow the link to the real path. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath", + "type": "string" + }, + "type": { + "description": "type for HostPath Volume Defaults to \"\" More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath", + "type": "string" + } + }, + "required": [ + "path" + ], + "type": "object" + }, + "iscsi": { + "description": "iscsi represents an ISCSI Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://examples.k8s.io/volumes/iscsi/README.md", + "properties": { + "chapAuthDiscovery": { + "description": "chapAuthDiscovery defines whether support iSCSI Discovery CHAP authentication", + "type": "boolean" + }, + "chapAuthSession": { + "description": "chapAuthSession defines whether support iSCSI Session CHAP authentication", + "type": "boolean" + }, + "fsType": { + "description": "fsType is the filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi TODO: how do we prevent errors in the filesystem from compromising the machine", + "type": "string" + }, + "initiatorName": { + "description": "initiatorName is the custom iSCSI Initiator Name. If initiatorName is specified with iscsiInterface simultaneously, new iSCSI interface : will be created for the connection.", + "type": "string" + }, + "iqn": { + "description": "iqn is the target iSCSI Qualified Name.", + "type": "string" + }, + "iscsiInterface": { + "description": "iscsiInterface is the interface Name that uses an iSCSI transport. Defaults to 'default' (tcp).", + "type": "string" + }, + "lun": { + "description": "lun represents iSCSI Target Lun number.", + "format": "int32", + "type": "integer" + }, + "portals": { + "description": "portals is the iSCSI Target Portal List. The portal is either an IP or ip_addr:port if the port is other than default (typically TCP ports 860 and 3260).", + "items": { + "type": "string" + }, + "type": "array" + }, + "readOnly": { + "description": "readOnly here will force the ReadOnly setting in VolumeMounts. Defaults to false.", + "type": "boolean" + }, + "secretRef": { + "description": "secretRef is the CHAP Secret for iSCSI target and initiator authentication", + "properties": { + "name": { + "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?", + "type": "string" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "targetPortal": { + "description": "targetPortal is iSCSI Target Portal. The Portal is either an IP or ip_addr:port if the port is other than default (typically TCP ports 860 and 3260).", + "type": "string" + } + }, + "required": [ + "iqn", + "lun", + "targetPortal" + ], + "type": "object" + }, + "nfs": { + "description": "nfs represents an NFS mount on the host that shares a pod's lifetime More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs", + "properties": { + "path": { + "description": "path that is exported by the NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs", + "type": "string" + }, + "readOnly": { + "description": "readOnly here will force the NFS export to be mounted with read-only permissions. Defaults to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs", + "type": "boolean" + }, + "server": { + "description": "server is the hostname or IP address of the NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs", + "type": "string" + } + }, + "required": [ + "path", + "server" + ], + "type": "object" + }, + "persistentVolumeClaim": { + "description": "persistentVolumeClaimVolumeSource represents a reference to a PersistentVolumeClaim in the same namespace. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims", + "properties": { + "claimName": { + "description": "claimName is the name of a PersistentVolumeClaim in the same namespace as the pod using this volume. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims", + "type": "string" + }, + "readOnly": { + "description": "readOnly Will force the ReadOnly setting in VolumeMounts. Default false.", + "type": "boolean" + } + }, + "required": [ + "claimName" + ], + "type": "object" + }, + "photonPersistentDisk": { + "description": "photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine", + "properties": { + "fsType": { + "description": "fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.", + "type": "string" + }, + "pdID": { + "description": "pdID is the ID that identifies Photon Controller persistent disk", + "type": "string" + } + }, + "required": [ + "pdID" + ], + "type": "object" + }, + "portworxVolume": { + "description": "portworxVolume represents a portworx volume attached and mounted on kubelets host machine", + "properties": { + "fsType": { + "description": "fSType represents the filesystem type to mount Must be a filesystem type supported by the host operating system. Ex. \"ext4\", \"xfs\". Implicitly inferred to be \"ext4\" if unspecified.", + "type": "string" + }, + "readOnly": { + "description": "readOnly defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts.", + "type": "boolean" + }, + "volumeID": { + "description": "volumeID uniquely identifies a Portworx volume", + "type": "string" + } + }, + "required": [ + "volumeID" + ], + "type": "object" + }, + "projected": { + "description": "projected items for all in one resources secrets, configmaps, and downward API", + "properties": { + "defaultMode": { + "description": "defaultMode are the mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.", + "format": "int32", + "type": "integer" + }, + "sources": { + "description": "sources is the list of volume projections", + "items": { + "description": "Projection that may be projected along with other supported volume types", + "properties": { + "configMap": { + "description": "configMap information about the configMap data to project", + "properties": { + "items": { + "description": "items if unspecified, each key-value pair in the Data field of the referenced ConfigMap will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the ConfigMap, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'.", + "items": { + "description": "Maps a string key to a path within a volume.", + "properties": { + "key": { + "description": "key is the key to project.", + "type": "string" + }, + "mode": { + "description": "mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.", + "format": "int32", + "type": "integer" + }, + "path": { + "description": "path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'.", + "type": "string" + } + }, + "required": [ + "key", + "path" + ], + "type": "object" + }, + "type": "array" + }, + "name": { + "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?", + "type": "string" + }, + "optional": { + "description": "optional specify whether the ConfigMap or its keys must be defined", + "type": "boolean" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "downwardAPI": { + "description": "downwardAPI information about the downwardAPI data to project", + "properties": { + "items": { + "description": "Items is a list of DownwardAPIVolume file", + "items": { + "description": "DownwardAPIVolumeFile represents information to create the file containing the pod field", + "properties": { + "fieldRef": { + "description": "Required: Selects a field of the pod: only annotations, labels, name and namespace are supported.", + "properties": { + "apiVersion": { + "description": "Version of the schema the FieldPath is written in terms of, defaults to \"v1\".", + "type": "string" + }, + "fieldPath": { + "description": "Path of the field to select in the specified API version.", + "type": "string" + } + }, + "required": [ + "fieldPath" + ], + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "mode": { + "description": "Optional: mode bits used to set permissions on this file, must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.", + "format": "int32", + "type": "integer" + }, + "path": { + "description": "Required: Path is the relative path name of the file to be created. Must not be absolute or contain the '..' path. Must be utf-8 encoded. The first item of the relative path must not start with '..'", + "type": "string" + }, + "resourceFieldRef": { + "description": "Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported.", + "properties": { + "containerName": { + "description": "Container name: required for volumes, optional for env vars", + "type": "string" + }, + "divisor": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "description": "Specifies the output format of the exposed resources, defaults to \"1\"", + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "resource": { + "description": "Required: resource to select", + "type": "string" + } + }, + "required": [ + "resource" + ], + "type": "object", + "x-kubernetes-map-type": "atomic" + } + }, + "required": [ + "path" + ], + "type": "object" + }, + "type": "array" + } + }, + "type": "object" + }, + "secret": { + "description": "secret information about the secret data to project", + "properties": { + "items": { + "description": "items if unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'.", + "items": { + "description": "Maps a string key to a path within a volume.", + "properties": { + "key": { + "description": "key is the key to project.", + "type": "string" + }, + "mode": { + "description": "mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.", + "format": "int32", + "type": "integer" + }, + "path": { + "description": "path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'.", + "type": "string" + } + }, + "required": [ + "key", + "path" + ], + "type": "object" + }, + "type": "array" + }, + "name": { + "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?", + "type": "string" + }, + "optional": { + "description": "optional field specify whether the Secret or its key must be defined", + "type": "boolean" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "serviceAccountToken": { + "description": "serviceAccountToken is information about the serviceAccountToken data to project", + "properties": { + "audience": { + "description": "audience is the intended audience of the token. A recipient of a token must identify itself with an identifier specified in the audience of the token, and otherwise should reject the token. The audience defaults to the identifier of the apiserver.", + "type": "string" + }, + "expirationSeconds": { + "description": "expirationSeconds is the requested duration of validity of the service account token. As the token approaches expiration, the kubelet volume plugin will proactively rotate the service account token. The kubelet will start trying to rotate the token if the token is older than 80 percent of its time to live or if the token is older than 24 hours.Defaults to 1 hour and must be at least 10 minutes.", + "format": "int64", + "type": "integer" + }, + "path": { + "description": "path is the path relative to the mount point of the file to project the token into.", + "type": "string" + } + }, + "required": [ + "path" + ], + "type": "object" + } + }, + "type": "object" + }, + "type": "array" + } + }, + "type": "object" + }, + "quobyte": { + "description": "quobyte represents a Quobyte mount on the host that shares a pod's lifetime", + "properties": { + "group": { + "description": "group to map volume access to Default is no group", + "type": "string" + }, + "readOnly": { + "description": "readOnly here will force the Quobyte volume to be mounted with read-only permissions. Defaults to false.", + "type": "boolean" + }, + "registry": { + "description": "registry represents a single or multiple Quobyte Registry services specified as a string as host:port pair (multiple entries are separated with commas) which acts as the central registry for volumes", + "type": "string" + }, + "tenant": { + "description": "tenant owning the given Quobyte volume in the Backend Used with dynamically provisioned Quobyte volumes, value is set by the plugin", + "type": "string" + }, + "user": { + "description": "user to map volume access to Defaults to serivceaccount user", + "type": "string" + }, + "volume": { + "description": "volume is a string that references an already created Quobyte volume by name.", + "type": "string" + } + }, + "required": [ + "registry", + "volume" + ], + "type": "object" + }, + "rbd": { + "description": "rbd represents a Rados Block Device mount on the host that shares a pod's lifetime. More info: https://examples.k8s.io/volumes/rbd/README.md", + "properties": { + "fsType": { + "description": "fsType is the filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#rbd TODO: how do we prevent errors in the filesystem from compromising the machine", + "type": "string" + }, + "image": { + "description": "image is the rados image name. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it", + "type": "string" + }, + "keyring": { + "description": "keyring is the path to key ring for RBDUser. Default is /etc/ceph/keyring. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it", + "type": "string" + }, + "monitors": { + "description": "monitors is a collection of Ceph monitors. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it", + "items": { + "type": "string" + }, + "type": "array" + }, + "pool": { + "description": "pool is the rados pool name. Default is rbd. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it", + "type": "string" + }, + "readOnly": { + "description": "readOnly here will force the ReadOnly setting in VolumeMounts. Defaults to false. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it", + "type": "boolean" + }, + "secretRef": { + "description": "secretRef is name of the authentication secret for RBDUser. If provided overrides keyring. Default is nil. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it", + "properties": { + "name": { + "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?", + "type": "string" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "user": { + "description": "user is the rados user name. Default is admin. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it", + "type": "string" + } + }, + "required": [ + "image", + "monitors" + ], + "type": "object" + }, + "scaleIO": { + "description": "scaleIO represents a ScaleIO persistent volume attached and mounted on Kubernetes nodes.", + "properties": { + "fsType": { + "description": "fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. \"ext4\", \"xfs\", \"ntfs\". Default is \"xfs\".", + "type": "string" + }, + "gateway": { + "description": "gateway is the host address of the ScaleIO API Gateway.", + "type": "string" + }, + "protectionDomain": { + "description": "protectionDomain is the name of the ScaleIO Protection Domain for the configured storage.", + "type": "string" + }, + "readOnly": { + "description": "readOnly Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts.", + "type": "boolean" + }, + "secretRef": { + "description": "secretRef references to the secret for ScaleIO user and other sensitive information. If this is not provided, Login operation will fail.", + "properties": { + "name": { + "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?", + "type": "string" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "sslEnabled": { + "description": "sslEnabled Flag enable/disable SSL communication with Gateway, default false", + "type": "boolean" + }, + "storageMode": { + "description": "storageMode indicates whether the storage for a volume should be ThickProvisioned or ThinProvisioned. Default is ThinProvisioned.", + "type": "string" + }, + "storagePool": { + "description": "storagePool is the ScaleIO Storage Pool associated with the protection domain.", + "type": "string" + }, + "system": { + "description": "system is the name of the storage system as configured in ScaleIO.", + "type": "string" + }, + "volumeName": { + "description": "volumeName is the name of a volume already created in the ScaleIO system that is associated with this volume source.", + "type": "string" + } + }, + "required": [ + "gateway", + "secretRef", + "system" + ], + "type": "object" + }, + "secret": { + "description": "secret represents a secret that should populate this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret", + "properties": { + "defaultMode": { + "description": "defaultMode is Optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.", + "format": "int32", + "type": "integer" + }, + "items": { + "description": "items If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'.", + "items": { + "description": "Maps a string key to a path within a volume.", + "properties": { + "key": { + "description": "key is the key to project.", + "type": "string" + }, + "mode": { + "description": "mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.", + "format": "int32", + "type": "integer" + }, + "path": { + "description": "path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'.", + "type": "string" + } + }, + "required": [ + "key", + "path" + ], + "type": "object" + }, + "type": "array" + }, + "optional": { + "description": "optional field specify whether the Secret or its keys must be defined", + "type": "boolean" + }, + "secretName": { + "description": "secretName is the name of the secret in the pod's namespace to use. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret", + "type": "string" + } + }, + "type": "object" + }, + "storageos": { + "description": "storageOS represents a StorageOS volume attached and mounted on Kubernetes nodes.", + "properties": { + "fsType": { + "description": "fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.", + "type": "string" + }, + "readOnly": { + "description": "readOnly defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts.", + "type": "boolean" + }, + "secretRef": { + "description": "secretRef specifies the secret to use for obtaining the StorageOS API credentials. If not specified, default values will be attempted.", + "properties": { + "name": { + "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?", + "type": "string" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "volumeName": { + "description": "volumeName is the human-readable name of the StorageOS volume. Volume names are only unique within a namespace.", + "type": "string" + }, + "volumeNamespace": { + "description": "volumeNamespace specifies the scope of the volume within StorageOS. If no namespace is specified then the Pod's namespace will be used. This allows the Kubernetes name scoping to be mirrored within StorageOS for tighter integration. Set VolumeName to any name to override the default behaviour. Set to \"default\" if you are not using namespaces within StorageOS. Namespaces that do not pre-exist within StorageOS will be created.", + "type": "string" + } + }, + "type": "object" + }, + "vsphereVolume": { + "description": "vsphereVolume represents a vSphere volume attached and mounted on kubelets host machine", + "properties": { + "fsType": { + "description": "fsType is filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.", + "type": "string" + }, + "storagePolicyID": { + "description": "storagePolicyID is the storage Policy Based Management (SPBM) profile ID associated with the StoragePolicyName.", + "type": "string" + }, + "storagePolicyName": { + "description": "storagePolicyName is the storage Policy Based Management (SPBM) profile name.", + "type": "string" + }, + "volumePath": { + "description": "volumePath is the path that identifies vSphere volume vmdk", + "type": "string" + } + }, + "required": [ + "volumePath" + ], + "type": "object" + } + }, + "type": "object" + } + }, + "required": [ + "mountPath", + "name" + ], + "type": "object" + }, + "type": "array" + }, + "cassandraDataVolumeClaimSpec": { + "description": "PersistentVolumeClaimSpec describes the common attributes of storage devices and allows a Source for provider-specific attributes", + "properties": { + "accessModes": { + "description": "accessModes contains the desired access modes the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1", + "items": { + "type": "string" + }, + "type": "array" + }, + "dataSource": { + "description": "dataSource field can be used to specify either: * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) * An existing PVC (PersistentVolumeClaim) If the provisioner or an external controller can support the specified data source, it will create a new volume based on the contents of the specified data source. When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. If the namespace is specified, then dataSourceRef will not be copied to dataSource.", + "properties": { + "apiGroup": { + "description": "APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required.", + "type": "string" + }, + "kind": { + "description": "Kind is the type of resource being referenced", + "type": "string" + }, + "name": { + "description": "Name is the name of resource being referenced", + "type": "string" + } + }, + "required": [ + "kind", + "name" + ], + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "dataSourceRef": { + "description": "dataSourceRef specifies the object from which to populate the volume with data, if a non-empty volume is desired. This may be any object from a non-empty API group (non core object) or a PersistentVolumeClaim object. When this field is specified, volume binding will only succeed if the type of the specified object matches some installed volume populator or dynamic provisioner. This field will replace the functionality of the dataSource field and as such if both fields are non-empty, they must have the same value. For backwards compatibility, when namespace isn't specified in dataSourceRef, both fields (dataSource and dataSourceRef) will be set to the same value automatically if one of them is empty and the other is non-empty. When namespace is specified in dataSourceRef, dataSource isn't set to the same value and must be empty. There are three important differences between dataSource and dataSourceRef: * While dataSource only allows two specific types of objects, dataSourceRef allows any non-core object, as well as PersistentVolumeClaim objects. * While dataSource ignores disallowed values (dropping them), dataSourceRef preserves all values, and generates an error if a disallowed value is specified. * While dataSource only allows local objects, dataSourceRef allows objects in any namespaces. (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled.", + "properties": { + "apiGroup": { + "description": "APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required.", + "type": "string" + }, + "kind": { + "description": "Kind is the type of resource being referenced", + "type": "string" + }, + "name": { + "description": "Name is the name of resource being referenced", + "type": "string" + }, + "namespace": { + "description": "Namespace is the namespace of resource being referenced Note that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details. (Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled.", + "type": "string" + } + }, + "required": [ + "kind", + "name" + ], + "type": "object" + }, + "resources": { + "description": "resources represents the minimum resources the volume should have. If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements that are lower than previous value but must still be higher than capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources", + "properties": { + "claims": { + "description": "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers.", + "items": { + "description": "ResourceClaim references one entry in PodSpec.ResourceClaims.", + "properties": { + "name": { + "description": "Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container.", + "type": "string" + } + }, + "required": [ + "name" + ], + "type": "object" + }, + "type": "array", + "x-kubernetes-list-map-keys": [ + "name" + ], + "x-kubernetes-list-type": "map" + }, + "limits": { + "additionalProperties": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "description": "Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/", + "type": "object" + }, + "requests": { + "additionalProperties": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "description": "Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/", + "type": "object" + } + }, + "type": "object" + }, + "selector": { + "description": "selector is a label query over volumes to consider for binding.", + "properties": { + "matchExpressions": { + "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", + "items": { + "description": "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.", + "properties": { + "key": { + "description": "key is the label key that the selector applies to.", + "type": "string" + }, + "operator": { + "description": "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.", + "type": "string" + }, + "values": { + "description": "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array" + }, + "matchLabels": { + "additionalProperties": { + "type": "string" + }, + "description": "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", + "type": "object" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "storageClassName": { + "description": "storageClassName is the name of the StorageClass required by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1", + "type": "string" + }, + "volumeMode": { + "description": "volumeMode defines what type of volume is required by the claim. Value of Filesystem is implied when not included in claim spec.", + "type": "string" + }, + "volumeName": { + "description": "volumeName is the binding reference to the PersistentVolume backing this claim.", + "type": "string" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "superuserSecretName": { + "description": "This secret defines the username and password for the Cassandra server superuser. If it is omitted, we will generate a secret instead.", + "type": "string" + }, + "systemLoggerImage": { + "description": "Container image for the log tailing sidecar container. Overrides value from ImageConfig SystemLoggerImage", + "type": "string" + }, + "systemLoggerResources": { + "description": "Kubernetes resource requests and limits per system logger container.", + "properties": { + "claims": { + "description": "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers.", + "items": { + "description": "ResourceClaim references one entry in PodSpec.ResourceClaims.", + "properties": { + "name": { + "description": "Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container.", + "type": "string" + } + }, + "required": [ + "name" + ], + "type": "object" + }, + "type": "array", + "x-kubernetes-list-map-keys": [ + "name" + ], + "x-kubernetes-list-type": "map" + }, + "limits": { + "additionalProperties": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "description": "Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/", + "type": "object" + }, + "requests": { + "additionalProperties": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "description": "Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/", + "type": "object" + } + }, + "type": "object" + }, + "tolerations": { + "description": "Tolerations applied to the Cassandra pod. Note that these cannot be overridden with PodTemplateSpec.", + "items": { + "description": "The pod this Toleration is attached to tolerates any taint that matches the triple using the matching operator .", + "properties": { + "effect": { + "description": "Effect indicates the taint effect to match. Empty means match all taint effects. When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute.", + "type": "string" + }, + "key": { + "description": "Key is the taint key that the toleration applies to. Empty means match all taint keys. If the key is empty, operator must be Exists; this combination means to match all values and all keys.", + "type": "string" + }, + "operator": { + "description": "Operator represents a key's relationship to the value. Valid operators are Exists and Equal. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category.", + "type": "string" + }, + "tolerationSeconds": { + "description": "TolerationSeconds represents the period of time the toleration (which must be of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, it is not set, which means tolerate the taint forever (do not evict). Zero and negative values will be treated as 0 (evict immediately) by the system.", + "format": "int64", + "type": "integer" + }, + "value": { + "description": "Value is the taint value the toleration matches to. If the operator is Exists, the value should be empty, otherwise just a regular string.", + "type": "string" + } + }, + "type": "object" + }, + "type": "array" + }, + "users": { + "description": "Cassandra users to bootstrap", + "items": { + "properties": { + "secretName": { + "type": "string" + }, + "superuser": { + "type": "boolean" + } + }, + "required": [ + "secretName", + "superuser" + ], + "type": "object" + }, + "type": "array" + } + }, + "required": [ + "clusterName", + "serverType", + "serverVersion", + "size", + "storageConfig" + ], + "type": "object", + "x-kubernetes-preserve-unknown-fields": true + }, + "status": { + "description": "CassandraDatacenterStatus defines the observed state of CassandraDatacenter", + "properties": { + "cassandraOperatorProgress": { + "description": "Last known progress state of the Cassandra Operator", + "type": "string" + }, + "conditions": { + "items": { + "properties": { + "lastTransitionTime": { + "format": "date-time", + "type": "string" + }, + "message": { + "type": "string" + }, + "reason": { + "type": "string" + }, + "status": { + "type": "string" + }, + "type": { + "type": "string" + } + }, + "required": [ + "message", + "reason", + "status", + "type" + ], + "type": "object" + }, + "type": "array" + }, + "datacenterName": { + "description": "DatacenterName is the name of the override used for the CassandraDatacenter This field is used to perform validation checks preventing a user from changing the override", + "type": "string" + }, + "lastRollingRestart": { + "format": "date-time", + "type": "string" + }, + "lastServerNodeStarted": { + "description": "The timestamp when the operator last started a Server node with the management API", + "format": "date-time", + "type": "string" + }, + "nodeReplacements": { + "items": { + "type": "string" + }, + "type": "array" + }, + "nodeStatuses": { + "additionalProperties": { + "properties": { + "hostID": { + "type": "string" + } + }, + "type": "object" + }, + "type": "object" + }, + "observedGeneration": { + "format": "int64", + "type": "integer" + }, + "quietPeriod": { + "format": "date-time", + "type": "string" + }, + "superUserUpserted": { + "description": "Deprecated. Use usersUpserted instead. The timestamp at which CQL superuser credentials were last upserted to the management API", + "format": "date-time", + "type": "string" + }, + "trackedTasks": { + "description": "TrackedTasks tracks the tasks for completion that were created by the cass-operator", + "items": { + "description": "ObjectReference contains enough information to let you inspect or modify the referred object. --- New uses of this type are discouraged because of difficulty describing its usage when embedded in APIs. 1. Ignored fields. It includes many fields which are not generally honored. For instance, ResourceVersion and FieldPath are both very rarely valid in actual usage. 2. Invalid usage help. It is impossible to add specific help for individual usage. In most embedded usages, there are particular restrictions like, \"must refer only to types A and B\" or \"UID not honored\" or \"name must be restricted\". Those cannot be well described when embedded. 3. Inconsistent validation. Because the usages are different, the validation rules are different by usage, which makes it hard for users to predict what will happen. 4. The fields are both imprecise and overly precise. Kind is not a precise mapping to a URL. This can produce ambiguity during interpretation and require a REST mapping. In most cases, the dependency is on the group,resource tuple and the version of the actual struct is irrelevant. 5. We cannot easily change it. Because this type is embedded in many locations, updates to this type will affect numerous schemas. Don't make new APIs embed an underspecified API type they do not control. \n Instead of using this type, create a locally provided and used type that is well-focused on your reference. For example, ServiceReferences for admission registration: https://github.com/kubernetes/api/blob/release-1.17/admissionregistration/v1/types.go#L533 .", + "properties": { + "apiVersion": { + "description": "API version of the referent.", + "type": "string" + }, + "fieldPath": { + "description": "If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: \"spec.containers{name}\" (where \"name\" refers to the name of the container that triggered the event) or if no container name is specified \"spec.containers[2]\" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. TODO: this design is not final and this field is subject to change in the future.", + "type": "string" + }, + "kind": { + "description": "Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", + "type": "string" + }, + "name": { + "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names", + "type": "string" + }, + "namespace": { + "description": "Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/", + "type": "string" + }, + "resourceVersion": { + "description": "Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency", + "type": "string" + }, + "uid": { + "description": "UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids", + "type": "string" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "type": "array" + }, + "usersUpserted": { + "description": "The timestamp at which managed cassandra users' credentials were last upserted to the management API", + "format": "date-time", + "type": "string" + } + }, + "type": "object" + } + }, + "type": "object" + } + }, + "served": true, + "storage": true, + "subresources": { + "status": {} + } + } + ] + }, + "status": { + "acceptedNames": { + "kind": "CassandraDatacenter", + "listKind": "CassandraDatacenterList", + "plural": "cassandradatacenters", + "shortNames": [ + "cassdc", + "cassdcs" + ], + "singular": "cassandradatacenter" + }, + "conditions": [ + { + "lastTransitionTime": "2024-03-11T06:38:31Z", + "message": "no conflicts found", + "reason": "NoConflicts", + "status": "True", + "type": "NamesAccepted" + }, + { + "lastTransitionTime": "2024-03-11T06:38:31Z", + "message": "the initial names have been accepted", + "reason": "InitialNamesAccepted", + "status": "True", + "type": "Established" + } + ], + "storedVersions": [ + "v1beta1" + ] + } + }, + "group": "cassandra.datastax.com", + "plural": "cassandradatacenters", + "version": "v1beta1" + }, + "learnrun_time": 325.1142063140869, + "namespace": "acto-namespace", + "preload_images": [ + "registry.k8s.io/kube-controller-manager-amd64:v1.29.1", + "registry.k8s.io/kube-scheduler-amd64:v1.29.1", + "cr.k8ssandra.io/k8ssandra/cass-operator:v1.19.0", + "quay.io/jetstack/cert-manager-controller:v1.12.2", + "quay.io/jetstack/cert-manager-webhook:v1.12.2", + "cr.dtsx.io/datastax/cass-config-builder:1.0-ubi8", + "quay.io/jetstack/cert-manager-cainjector:v1.12.2", + "cr.k8ssandra.io/k8ssandra/cass-management-api:4.0.1", + "cr.k8ssandra.io/k8ssandra/system-logger:v1.19.0", + "registry.k8s.io/kube-apiserver-amd64:v1.29.1", + "registry.k8s.io/kube-proxy-amd64:v1.29.1" + ], + "static_analysis_time": 1.2636184692382812e-05 +} \ No newline at end of file diff --git a/data/k8ssandra_cass-operator/k8ssandra_cert-manager.yaml b/data/k8ssandra_cass-operator/k8ssandra_cert-manager.yaml new file mode 100644 index 0000000000..5b0419cc22 --- /dev/null +++ b/data/k8ssandra_cass-operator/k8ssandra_cert-manager.yaml @@ -0,0 +1,5591 @@ +apiVersion: storage.k8s.io/v1 +kind: StorageClass +metadata: + # Changing the name to server-storage is the only change we have made compared to upstream + name: server-storage +provisioner: rancher.io/local-path +volumeBindingMode: WaitForFirstConsumer +reclaimPolicy: Delete +--- +apiVersion: v1 +kind: Namespace +metadata: + name: cert-manager +--- +# Source: cert-manager/templates/crds.yaml +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: certificaterequests.cert-manager.io + labels: + app: 'cert-manager' + app.kubernetes.io/name: 'cert-manager' + app.kubernetes.io/instance: 'cert-manager' + # Generated labels + app.kubernetes.io/version: "v1.12.2" +spec: + group: cert-manager.io + names: + kind: CertificateRequest + listKind: CertificateRequestList + plural: certificaterequests + shortNames: + - cr + - crs + singular: certificaterequest + categories: + - cert-manager + scope: Namespaced + versions: + - name: v1 + subresources: + status: {} + additionalPrinterColumns: + - jsonPath: .status.conditions[?(@.type=="Approved")].status + name: Approved + type: string + - jsonPath: .status.conditions[?(@.type=="Denied")].status + name: Denied + type: string + - jsonPath: .status.conditions[?(@.type=="Ready")].status + name: Ready + type: string + - jsonPath: .spec.issuerRef.name + name: Issuer + type: string + - jsonPath: .spec.username + name: Requestor + type: string + - jsonPath: .status.conditions[?(@.type=="Ready")].message + name: Status + priority: 1 + type: string + - jsonPath: .metadata.creationTimestamp + description: CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC. + name: Age + type: date + schema: + openAPIV3Schema: + description: "A CertificateRequest is used to request a signed certificate from one of the configured issuers. \n All fields within the CertificateRequest's `spec` are immutable after creation. A CertificateRequest will either succeed or fail, as denoted by its `status.state` field. \n A CertificateRequest is a one-shot resource, meaning it represents a single point in time request for a certificate and cannot be re-used." + type: object + required: + - spec + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: Desired state of the CertificateRequest resource. + type: object + required: + - issuerRef + - request + properties: + duration: + description: The requested 'duration' (i.e. lifetime) of the Certificate. This option may be ignored/overridden by some issuer types. + type: string + extra: + description: Extra contains extra attributes of the user that created the CertificateRequest. Populated by the cert-manager webhook on creation and immutable. + type: object + additionalProperties: + type: array + items: + type: string + groups: + description: Groups contains group membership of the user that created the CertificateRequest. Populated by the cert-manager webhook on creation and immutable. + type: array + items: + type: string + x-kubernetes-list-type: atomic + isCA: + description: IsCA will request to mark the certificate as valid for certificate signing when submitting to the issuer. This will automatically add the `cert sign` usage to the list of `usages`. + type: boolean + issuerRef: + description: IssuerRef is a reference to the issuer for this CertificateRequest. If the `kind` field is not set, or set to `Issuer`, an Issuer resource with the given name in the same namespace as the CertificateRequest will be used. If the `kind` field is set to `ClusterIssuer`, a ClusterIssuer with the provided name will be used. The `name` field in this stanza is required at all times. The group field refers to the API group of the issuer which defaults to `cert-manager.io` if empty. + type: object + required: + - name + properties: + group: + description: Group of the resource being referred to. + type: string + kind: + description: Kind of the resource being referred to. + type: string + name: + description: Name of the resource being referred to. + type: string + request: + description: The PEM-encoded x509 certificate signing request to be submitted to the CA for signing. + type: string + format: byte + uid: + description: UID contains the uid of the user that created the CertificateRequest. Populated by the cert-manager webhook on creation and immutable. + type: string + usages: + description: Usages is the set of x509 usages that are requested for the certificate. If usages are set they SHOULD be encoded inside the CSR spec Defaults to `digital signature` and `key encipherment` if not specified. + type: array + items: + description: "KeyUsage specifies valid usage contexts for keys. See: https://tools.ietf.org/html/rfc5280#section-4.2.1.3 https://tools.ietf.org/html/rfc5280#section-4.2.1.12 \n Valid KeyUsage values are as follows: \"signing\", \"digital signature\", \"content commitment\", \"key encipherment\", \"key agreement\", \"data encipherment\", \"cert sign\", \"crl sign\", \"encipher only\", \"decipher only\", \"any\", \"server auth\", \"client auth\", \"code signing\", \"email protection\", \"s/mime\", \"ipsec end system\", \"ipsec tunnel\", \"ipsec user\", \"timestamping\", \"ocsp signing\", \"microsoft sgc\", \"netscape sgc\"" + type: string + enum: + - signing + - digital signature + - content commitment + - key encipherment + - key agreement + - data encipherment + - cert sign + - crl sign + - encipher only + - decipher only + - any + - server auth + - client auth + - code signing + - email protection + - s/mime + - ipsec end system + - ipsec tunnel + - ipsec user + - timestamping + - ocsp signing + - microsoft sgc + - netscape sgc + username: + description: Username contains the name of the user that created the CertificateRequest. Populated by the cert-manager webhook on creation and immutable. + type: string + status: + description: Status of the CertificateRequest. This is set and managed automatically. + type: object + properties: + ca: + description: The PEM encoded x509 certificate of the signer, also known as the CA (Certificate Authority). This is set on a best-effort basis by different issuers. If not set, the CA is assumed to be unknown/not available. + type: string + format: byte + certificate: + description: The PEM encoded x509 certificate resulting from the certificate signing request. If not set, the CertificateRequest has either not been completed or has failed. More information on failure can be found by checking the `conditions` field. + type: string + format: byte + conditions: + description: List of status conditions to indicate the status of a CertificateRequest. Known condition types are `Ready` and `InvalidRequest`. + type: array + items: + description: CertificateRequestCondition contains condition information for a CertificateRequest. + type: object + required: + - status + - type + properties: + lastTransitionTime: + description: LastTransitionTime is the timestamp corresponding to the last status change of this condition. + type: string + format: date-time + message: + description: Message is a human readable description of the details of the last transition, complementing reason. + type: string + reason: + description: Reason is a brief machine readable explanation for the condition's last transition. + type: string + status: + description: Status of the condition, one of (`True`, `False`, `Unknown`). + type: string + enum: + - "True" + - "False" + - Unknown + type: + description: Type of the condition, known values are (`Ready`, `InvalidRequest`, `Approved`, `Denied`). + type: string + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map + failureTime: + description: FailureTime stores the time that this CertificateRequest failed. This is used to influence garbage collection and back-off. + type: string + format: date-time + served: true + storage: true +--- +# Source: cert-manager/templates/crds.yaml +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: certificates.cert-manager.io + labels: + app: 'cert-manager' + app.kubernetes.io/name: 'cert-manager' + app.kubernetes.io/instance: 'cert-manager' + # Generated labels + app.kubernetes.io/version: "v1.12.2" +spec: + group: cert-manager.io + names: + kind: Certificate + listKind: CertificateList + plural: certificates + shortNames: + - cert + - certs + singular: certificate + categories: + - cert-manager + scope: Namespaced + versions: + - name: v1 + subresources: + status: {} + additionalPrinterColumns: + - jsonPath: .status.conditions[?(@.type=="Ready")].status + name: Ready + type: string + - jsonPath: .spec.secretName + name: Secret + type: string + - jsonPath: .spec.issuerRef.name + name: Issuer + priority: 1 + type: string + - jsonPath: .status.conditions[?(@.type=="Ready")].message + name: Status + priority: 1 + type: string + - jsonPath: .metadata.creationTimestamp + description: CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC. + name: Age + type: date + schema: + openAPIV3Schema: + description: "A Certificate resource should be created to ensure an up to date and signed x509 certificate is stored in the Kubernetes Secret resource named in `spec.secretName`. \n The stored certificate will be renewed before it expires (as configured by `spec.renewBefore`)." + type: object + required: + - spec + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: Desired state of the Certificate resource. + type: object + required: + - issuerRef + - secretName + properties: + additionalOutputFormats: + description: AdditionalOutputFormats defines extra output formats of the private key and signed certificate chain to be written to this Certificate's target Secret. This is an Alpha Feature and is only enabled with the `--feature-gates=AdditionalCertificateOutputFormats=true` option on both the controller and webhook components. + type: array + items: + description: CertificateAdditionalOutputFormat defines an additional output format of a Certificate resource. These contain supplementary data formats of the signed certificate chain and paired private key. + type: object + required: + - type + properties: + type: + description: Type is the name of the format type that should be written to the Certificate's target Secret. + type: string + enum: + - DER + - CombinedPEM + commonName: + description: 'CommonName is a common name to be used on the Certificate. The CommonName should have a length of 64 characters or fewer to avoid generating invalid CSRs. This value is ignored by TLS clients when any subject alt name is set. This is x509 behaviour: https://tools.ietf.org/html/rfc6125#section-6.4.4' + type: string + dnsNames: + description: DNSNames is a list of DNS subjectAltNames to be set on the Certificate. + type: array + items: + type: string + duration: + description: The requested 'duration' (i.e. lifetime) of the Certificate. This option may be ignored/overridden by some issuer types. If unset this defaults to 90 days. Certificate will be renewed either 2/3 through its duration or `renewBefore` period before its expiry, whichever is later. Minimum accepted duration is 1 hour. Value must be in units accepted by Go time.ParseDuration https://golang.org/pkg/time/#ParseDuration + type: string + emailAddresses: + description: EmailAddresses is a list of email subjectAltNames to be set on the Certificate. + type: array + items: + type: string + encodeUsagesInRequest: + description: EncodeUsagesInRequest controls whether key usages should be present in the CertificateRequest + type: boolean + ipAddresses: + description: IPAddresses is a list of IP address subjectAltNames to be set on the Certificate. + type: array + items: + type: string + isCA: + description: IsCA will mark this Certificate as valid for certificate signing. This will automatically add the `cert sign` usage to the list of `usages`. + type: boolean + issuerRef: + description: IssuerRef is a reference to the issuer for this certificate. If the `kind` field is not set, or set to `Issuer`, an Issuer resource with the given name in the same namespace as the Certificate will be used. If the `kind` field is set to `ClusterIssuer`, a ClusterIssuer with the provided name will be used. The `name` field in this stanza is required at all times. + type: object + required: + - name + properties: + group: + description: Group of the resource being referred to. + type: string + kind: + description: Kind of the resource being referred to. + type: string + name: + description: Name of the resource being referred to. + type: string + keystores: + description: Keystores configures additional keystore output formats stored in the `secretName` Secret resource. + type: object + properties: + jks: + description: JKS configures options for storing a JKS keystore in the `spec.secretName` Secret resource. + type: object + required: + - create + - passwordSecretRef + properties: + create: + description: Create enables JKS keystore creation for the Certificate. If true, a file named `keystore.jks` will be created in the target Secret resource, encrypted using the password stored in `passwordSecretRef`. The keystore file will be updated immediately. If the issuer provided a CA certificate, a file named `truststore.jks` will also be created in the target Secret resource, encrypted using the password stored in `passwordSecretRef` containing the issuing Certificate Authority + type: boolean + passwordSecretRef: + description: PasswordSecretRef is a reference to a key in a Secret resource containing the password used to encrypt the JKS keystore. + type: object + required: + - name + properties: + key: + description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. + type: string + name: + description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + pkcs12: + description: PKCS12 configures options for storing a PKCS12 keystore in the `spec.secretName` Secret resource. + type: object + required: + - create + - passwordSecretRef + properties: + create: + description: Create enables PKCS12 keystore creation for the Certificate. If true, a file named `keystore.p12` will be created in the target Secret resource, encrypted using the password stored in `passwordSecretRef`. The keystore file will be updated immediately. If the issuer provided a CA certificate, a file named `truststore.p12` will also be created in the target Secret resource, encrypted using the password stored in `passwordSecretRef` containing the issuing Certificate Authority + type: boolean + passwordSecretRef: + description: PasswordSecretRef is a reference to a key in a Secret resource containing the password used to encrypt the PKCS12 keystore. + type: object + required: + - name + properties: + key: + description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. + type: string + name: + description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + literalSubject: + description: LiteralSubject is an LDAP formatted string that represents the [X.509 Subject field](https://datatracker.ietf.org/doc/html/rfc5280#section-4.1.2.6). Use this *instead* of the Subject field if you need to ensure the correct ordering of the RDN sequence, such as when issuing certs for LDAP authentication. See https://github.com/cert-manager/cert-manager/issues/3203, https://github.com/cert-manager/cert-manager/issues/4424. This field is alpha level and is only supported by cert-manager installations where LiteralCertificateSubject feature gate is enabled on both cert-manager controller and webhook. + type: string + privateKey: + description: Options to control private keys used for the Certificate. + type: object + properties: + algorithm: + description: Algorithm is the private key algorithm of the corresponding private key for this certificate. If provided, allowed values are either `RSA`,`Ed25519` or `ECDSA` If `algorithm` is specified and `size` is not provided, key size of 256 will be used for `ECDSA` key algorithm and key size of 2048 will be used for `RSA` key algorithm. key size is ignored when using the `Ed25519` key algorithm. + type: string + enum: + - RSA + - ECDSA + - Ed25519 + encoding: + description: The private key cryptography standards (PKCS) encoding for this certificate's private key to be encoded in. If provided, allowed values are `PKCS1` and `PKCS8` standing for PKCS#1 and PKCS#8, respectively. Defaults to `PKCS1` if not specified. + type: string + enum: + - PKCS1 + - PKCS8 + rotationPolicy: + description: RotationPolicy controls how private keys should be regenerated when a re-issuance is being processed. If set to Never, a private key will only be generated if one does not already exist in the target `spec.secretName`. If one does exists but it does not have the correct algorithm or size, a warning will be raised to await user intervention. If set to Always, a private key matching the specified requirements will be generated whenever a re-issuance occurs. Default is 'Never' for backward compatibility. + type: string + enum: + - Never + - Always + size: + description: Size is the key bit size of the corresponding private key for this certificate. If `algorithm` is set to `RSA`, valid values are `2048`, `4096` or `8192`, and will default to `2048` if not specified. If `algorithm` is set to `ECDSA`, valid values are `256`, `384` or `521`, and will default to `256` if not specified. If `algorithm` is set to `Ed25519`, Size is ignored. No other values are allowed. + type: integer + renewBefore: + description: How long before the currently issued certificate's expiry cert-manager should renew the certificate. The default is 2/3 of the issued certificate's duration. Minimum accepted value is 5 minutes. Value must be in units accepted by Go time.ParseDuration https://golang.org/pkg/time/#ParseDuration + type: string + revisionHistoryLimit: + description: revisionHistoryLimit is the maximum number of CertificateRequest revisions that are maintained in the Certificate's history. Each revision represents a single `CertificateRequest` created by this Certificate, either when it was created, renewed, or Spec was changed. Revisions will be removed by oldest first if the number of revisions exceeds this number. If set, revisionHistoryLimit must be a value of `1` or greater. If unset (`nil`), revisions will not be garbage collected. Default value is `nil`. + type: integer + format: int32 + secretName: + description: SecretName is the name of the secret resource that will be automatically created and managed by this Certificate resource. It will be populated with a private key and certificate, signed by the denoted issuer. + type: string + secretTemplate: + description: SecretTemplate defines annotations and labels to be copied to the Certificate's Secret. Labels and annotations on the Secret will be changed as they appear on the SecretTemplate when added or removed. SecretTemplate annotations are added in conjunction with, and cannot overwrite, the base set of annotations cert-manager sets on the Certificate's Secret. + type: object + properties: + annotations: + description: Annotations is a key value map to be copied to the target Kubernetes Secret. + type: object + additionalProperties: + type: string + labels: + description: Labels is a key value map to be copied to the target Kubernetes Secret. + type: object + additionalProperties: + type: string + subject: + description: Full X509 name specification (https://golang.org/pkg/crypto/x509/pkix/#Name). + type: object + properties: + countries: + description: Countries to be used on the Certificate. + type: array + items: + type: string + localities: + description: Cities to be used on the Certificate. + type: array + items: + type: string + organizationalUnits: + description: Organizational Units to be used on the Certificate. + type: array + items: + type: string + organizations: + description: Organizations to be used on the Certificate. + type: array + items: + type: string + postalCodes: + description: Postal codes to be used on the Certificate. + type: array + items: + type: string + provinces: + description: State/Provinces to be used on the Certificate. + type: array + items: + type: string + serialNumber: + description: Serial number to be used on the Certificate. + type: string + streetAddresses: + description: Street addresses to be used on the Certificate. + type: array + items: + type: string + uris: + description: URIs is a list of URI subjectAltNames to be set on the Certificate. + type: array + items: + type: string + usages: + description: Usages is the set of x509 usages that are requested for the certificate. Defaults to `digital signature` and `key encipherment` if not specified. + type: array + items: + description: "KeyUsage specifies valid usage contexts for keys. See: https://tools.ietf.org/html/rfc5280#section-4.2.1.3 https://tools.ietf.org/html/rfc5280#section-4.2.1.12 \n Valid KeyUsage values are as follows: \"signing\", \"digital signature\", \"content commitment\", \"key encipherment\", \"key agreement\", \"data encipherment\", \"cert sign\", \"crl sign\", \"encipher only\", \"decipher only\", \"any\", \"server auth\", \"client auth\", \"code signing\", \"email protection\", \"s/mime\", \"ipsec end system\", \"ipsec tunnel\", \"ipsec user\", \"timestamping\", \"ocsp signing\", \"microsoft sgc\", \"netscape sgc\"" + type: string + enum: + - signing + - digital signature + - content commitment + - key encipherment + - key agreement + - data encipherment + - cert sign + - crl sign + - encipher only + - decipher only + - any + - server auth + - client auth + - code signing + - email protection + - s/mime + - ipsec end system + - ipsec tunnel + - ipsec user + - timestamping + - ocsp signing + - microsoft sgc + - netscape sgc + status: + description: Status of the Certificate. This is set and managed automatically. + type: object + properties: + conditions: + description: List of status conditions to indicate the status of certificates. Known condition types are `Ready` and `Issuing`. + type: array + items: + description: CertificateCondition contains condition information for an Certificate. + type: object + required: + - status + - type + properties: + lastTransitionTime: + description: LastTransitionTime is the timestamp corresponding to the last status change of this condition. + type: string + format: date-time + message: + description: Message is a human readable description of the details of the last transition, complementing reason. + type: string + observedGeneration: + description: If set, this represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.condition[x].observedGeneration is 9, the condition is out of date with respect to the current state of the Certificate. + type: integer + format: int64 + reason: + description: Reason is a brief machine readable explanation for the condition's last transition. + type: string + status: + description: Status of the condition, one of (`True`, `False`, `Unknown`). + type: string + enum: + - "True" + - "False" + - Unknown + type: + description: Type of the condition, known values are (`Ready`, `Issuing`). + type: string + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map + failedIssuanceAttempts: + description: The number of continuous failed issuance attempts up till now. This field gets removed (if set) on a successful issuance and gets set to 1 if unset and an issuance has failed. If an issuance has failed, the delay till the next issuance will be calculated using formula time.Hour * 2 ^ (failedIssuanceAttempts - 1). + type: integer + lastFailureTime: + description: LastFailureTime is set only if the lastest issuance for this Certificate failed and contains the time of the failure. If an issuance has failed, the delay till the next issuance will be calculated using formula time.Hour * 2 ^ (failedIssuanceAttempts - 1). If the latest issuance has succeeded this field will be unset. + type: string + format: date-time + nextPrivateKeySecretName: + description: The name of the Secret resource containing the private key to be used for the next certificate iteration. The keymanager controller will automatically set this field if the `Issuing` condition is set to `True`. It will automatically unset this field when the Issuing condition is not set or False. + type: string + notAfter: + description: The expiration time of the certificate stored in the secret named by this resource in `spec.secretName`. + type: string + format: date-time + notBefore: + description: The time after which the certificate stored in the secret named by this resource in spec.secretName is valid. + type: string + format: date-time + renewalTime: + description: RenewalTime is the time at which the certificate will be next renewed. If not set, no upcoming renewal is scheduled. + type: string + format: date-time + revision: + description: "The current 'revision' of the certificate as issued. \n When a CertificateRequest resource is created, it will have the `cert-manager.io/certificate-revision` set to one greater than the current value of this field. \n Upon issuance, this field will be set to the value of the annotation on the CertificateRequest resource used to issue the certificate. \n Persisting the value on the CertificateRequest resource allows the certificates controller to know whether a request is part of an old issuance or if it is part of the ongoing revision's issuance by checking if the revision value in the annotation is greater than this field." + type: integer + served: true + storage: true +--- +# Source: cert-manager/templates/crds.yaml +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: challenges.acme.cert-manager.io + labels: + app: 'cert-manager' + app.kubernetes.io/name: 'cert-manager' + app.kubernetes.io/instance: 'cert-manager' + # Generated labels + app.kubernetes.io/version: "v1.12.2" +spec: + group: acme.cert-manager.io + names: + kind: Challenge + listKind: ChallengeList + plural: challenges + singular: challenge + categories: + - cert-manager + - cert-manager-acme + scope: Namespaced + versions: + - additionalPrinterColumns: + - jsonPath: .status.state + name: State + type: string + - jsonPath: .spec.dnsName + name: Domain + type: string + - jsonPath: .status.reason + name: Reason + priority: 1 + type: string + - description: CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC. + jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1 + schema: + openAPIV3Schema: + description: Challenge is a type to represent a Challenge request with an ACME server + type: object + required: + - metadata + - spec + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + type: object + required: + - authorizationURL + - dnsName + - issuerRef + - key + - solver + - token + - type + - url + properties: + authorizationURL: + description: The URL to the ACME Authorization resource that this challenge is a part of. + type: string + dnsName: + description: dnsName is the identifier that this challenge is for, e.g. example.com. If the requested DNSName is a 'wildcard', this field MUST be set to the non-wildcard domain, e.g. for `*.example.com`, it must be `example.com`. + type: string + issuerRef: + description: References a properly configured ACME-type Issuer which should be used to create this Challenge. If the Issuer does not exist, processing will be retried. If the Issuer is not an 'ACME' Issuer, an error will be returned and the Challenge will be marked as failed. + type: object + required: + - name + properties: + group: + description: Group of the resource being referred to. + type: string + kind: + description: Kind of the resource being referred to. + type: string + name: + description: Name of the resource being referred to. + type: string + key: + description: 'The ACME challenge key for this challenge For HTTP01 challenges, this is the value that must be responded with to complete the HTTP01 challenge in the format: `.`. For DNS01 challenges, this is the base64 encoded SHA256 sum of the `.` text that must be set as the TXT record content.' + type: string + solver: + description: Contains the domain solving configuration that should be used to solve this challenge resource. + type: object + properties: + dns01: + description: Configures cert-manager to attempt to complete authorizations by performing the DNS01 challenge flow. + type: object + properties: + acmeDNS: + description: Use the 'ACME DNS' (https://github.com/joohoi/acme-dns) API to manage DNS01 challenge records. + type: object + required: + - accountSecretRef + - host + properties: + accountSecretRef: + description: A reference to a specific 'key' within a Secret resource. In some instances, `key` is a required field. + type: object + required: + - name + properties: + key: + description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. + type: string + name: + description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + host: + type: string + akamai: + description: Use the Akamai DNS zone management API to manage DNS01 challenge records. + type: object + required: + - accessTokenSecretRef + - clientSecretSecretRef + - clientTokenSecretRef + - serviceConsumerDomain + properties: + accessTokenSecretRef: + description: A reference to a specific 'key' within a Secret resource. In some instances, `key` is a required field. + type: object + required: + - name + properties: + key: + description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. + type: string + name: + description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + clientSecretSecretRef: + description: A reference to a specific 'key' within a Secret resource. In some instances, `key` is a required field. + type: object + required: + - name + properties: + key: + description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. + type: string + name: + description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + clientTokenSecretRef: + description: A reference to a specific 'key' within a Secret resource. In some instances, `key` is a required field. + type: object + required: + - name + properties: + key: + description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. + type: string + name: + description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + serviceConsumerDomain: + type: string + azureDNS: + description: Use the Microsoft Azure DNS API to manage DNS01 challenge records. + type: object + required: + - resourceGroupName + - subscriptionID + properties: + clientID: + description: if both this and ClientSecret are left unset MSI will be used + type: string + clientSecretSecretRef: + description: if both this and ClientID are left unset MSI will be used + type: object + required: + - name + properties: + key: + description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. + type: string + name: + description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + environment: + description: name of the Azure environment (default AzurePublicCloud) + type: string + enum: + - AzurePublicCloud + - AzureChinaCloud + - AzureGermanCloud + - AzureUSGovernmentCloud + hostedZoneName: + description: name of the DNS zone that should be used + type: string + managedIdentity: + description: managed identity configuration, can not be used at the same time as clientID, clientSecretSecretRef or tenantID + type: object + properties: + clientID: + description: client ID of the managed identity, can not be used at the same time as resourceID + type: string + resourceID: + description: resource ID of the managed identity, can not be used at the same time as clientID + type: string + resourceGroupName: + description: resource group the DNS zone is located in + type: string + subscriptionID: + description: ID of the Azure subscription + type: string + tenantID: + description: when specifying ClientID and ClientSecret then this field is also needed + type: string + cloudDNS: + description: Use the Google Cloud DNS API to manage DNS01 challenge records. + type: object + required: + - project + properties: + hostedZoneName: + description: HostedZoneName is an optional field that tells cert-manager in which Cloud DNS zone the challenge record has to be created. If left empty cert-manager will automatically choose a zone. + type: string + project: + type: string + serviceAccountSecretRef: + description: A reference to a specific 'key' within a Secret resource. In some instances, `key` is a required field. + type: object + required: + - name + properties: + key: + description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. + type: string + name: + description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + cloudflare: + description: Use the Cloudflare API to manage DNS01 challenge records. + type: object + properties: + apiKeySecretRef: + description: 'API key to use to authenticate with Cloudflare. Note: using an API token to authenticate is now the recommended method as it allows greater control of permissions.' + type: object + required: + - name + properties: + key: + description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. + type: string + name: + description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + apiTokenSecretRef: + description: API token used to authenticate with Cloudflare. + type: object + required: + - name + properties: + key: + description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. + type: string + name: + description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + email: + description: Email of the account, only required when using API key based authentication. + type: string + cnameStrategy: + description: CNAMEStrategy configures how the DNS01 provider should handle CNAME records when found in DNS zones. + type: string + enum: + - None + - Follow + digitalocean: + description: Use the DigitalOcean DNS API to manage DNS01 challenge records. + type: object + required: + - tokenSecretRef + properties: + tokenSecretRef: + description: A reference to a specific 'key' within a Secret resource. In some instances, `key` is a required field. + type: object + required: + - name + properties: + key: + description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. + type: string + name: + description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + rfc2136: + description: Use RFC2136 ("Dynamic Updates in the Domain Name System") (https://datatracker.ietf.org/doc/rfc2136/) to manage DNS01 challenge records. + type: object + required: + - nameserver + properties: + nameserver: + description: The IP address or hostname of an authoritative DNS server supporting RFC2136 in the form host:port. If the host is an IPv6 address it must be enclosed in square brackets (e.g [2001:db8::1]) ; port is optional. This field is required. + type: string + tsigAlgorithm: + description: 'The TSIG Algorithm configured in the DNS supporting RFC2136. Used only when ``tsigSecretSecretRef`` and ``tsigKeyName`` are defined. Supported values are (case-insensitive): ``HMACMD5`` (default), ``HMACSHA1``, ``HMACSHA256`` or ``HMACSHA512``.' + type: string + tsigKeyName: + description: The TSIG Key name configured in the DNS. If ``tsigSecretSecretRef`` is defined, this field is required. + type: string + tsigSecretSecretRef: + description: The name of the secret containing the TSIG value. If ``tsigKeyName`` is defined, this field is required. + type: object + required: + - name + properties: + key: + description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. + type: string + name: + description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + route53: + description: Use the AWS Route53 API to manage DNS01 challenge records. + type: object + required: + - region + properties: + accessKeyID: + description: 'The AccessKeyID is used for authentication. Cannot be set when SecretAccessKeyID is set. If neither the Access Key nor Key ID are set, we fall-back to using env vars, shared credentials file or AWS Instance metadata, see: https://docs.aws.amazon.com/sdk-for-go/v1/developer-guide/configuring-sdk.html#specifying-credentials' + type: string + accessKeyIDSecretRef: + description: 'The SecretAccessKey is used for authentication. If set, pull the AWS access key ID from a key within a Kubernetes Secret. Cannot be set when AccessKeyID is set. If neither the Access Key nor Key ID are set, we fall-back to using env vars, shared credentials file or AWS Instance metadata, see: https://docs.aws.amazon.com/sdk-for-go/v1/developer-guide/configuring-sdk.html#specifying-credentials' + type: object + required: + - name + properties: + key: + description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. + type: string + name: + description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + hostedZoneID: + description: If set, the provider will manage only this zone in Route53 and will not do an lookup using the route53:ListHostedZonesByName api call. + type: string + region: + description: Always set the region when using AccessKeyID and SecretAccessKey + type: string + role: + description: Role is a Role ARN which the Route53 provider will assume using either the explicit credentials AccessKeyID/SecretAccessKey or the inferred credentials from environment variables, shared credentials file or AWS Instance metadata + type: string + secretAccessKeySecretRef: + description: 'The SecretAccessKey is used for authentication. If neither the Access Key nor Key ID are set, we fall-back to using env vars, shared credentials file or AWS Instance metadata, see: https://docs.aws.amazon.com/sdk-for-go/v1/developer-guide/configuring-sdk.html#specifying-credentials' + type: object + required: + - name + properties: + key: + description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. + type: string + name: + description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + webhook: + description: Configure an external webhook based DNS01 challenge solver to manage DNS01 challenge records. + type: object + required: + - groupName + - solverName + properties: + config: + description: Additional configuration that should be passed to the webhook apiserver when challenges are processed. This can contain arbitrary JSON data. Secret values should not be specified in this stanza. If secret values are needed (e.g. credentials for a DNS service), you should use a SecretKeySelector to reference a Secret resource. For details on the schema of this field, consult the webhook provider implementation's documentation. + x-kubernetes-preserve-unknown-fields: true + groupName: + description: The API group name that should be used when POSTing ChallengePayload resources to the webhook apiserver. This should be the same as the GroupName specified in the webhook provider implementation. + type: string + solverName: + description: The name of the solver to use, as defined in the webhook provider implementation. This will typically be the name of the provider, e.g. 'cloudflare'. + type: string + http01: + description: Configures cert-manager to attempt to complete authorizations by performing the HTTP01 challenge flow. It is not possible to obtain certificates for wildcard domain names (e.g. `*.example.com`) using the HTTP01 challenge mechanism. + type: object + properties: + gatewayHTTPRoute: + description: The Gateway API is a sig-network community API that models service networking in Kubernetes (https://gateway-api.sigs.k8s.io/). The Gateway solver will create HTTPRoutes with the specified labels in the same namespace as the challenge. This solver is experimental, and fields / behaviour may change in the future. + type: object + properties: + labels: + description: Custom labels that will be applied to HTTPRoutes created by cert-manager while solving HTTP-01 challenges. + type: object + additionalProperties: + type: string + parentRefs: + description: 'When solving an HTTP-01 challenge, cert-manager creates an HTTPRoute. cert-manager needs to know which parentRefs should be used when creating the HTTPRoute. Usually, the parentRef references a Gateway. See: https://gateway-api.sigs.k8s.io/api-types/httproute/#attaching-to-gateways' + type: array + items: + description: "ParentReference identifies an API object (usually a Gateway) that can be considered a parent of this resource (usually a route). The only kind of parent resource with \"Core\" support is Gateway. This API may be extended in the future to support additional kinds of parent resources, such as HTTPRoute. \n The API object must be valid in the cluster; the Group and Kind must be registered in the cluster for this reference to be valid." + type: object + required: + - name + properties: + group: + description: "Group is the group of the referent. When unspecified, \"gateway.networking.k8s.io\" is inferred. To set the core API group (such as for a \"Service\" kind referent), Group must be explicitly set to \"\" (empty string). \n Support: Core" + type: string + default: gateway.networking.k8s.io + maxLength: 253 + pattern: ^$|^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ + kind: + description: "Kind is kind of the referent. \n Support: Core (Gateway) \n Support: Implementation-specific (Other Resources)" + type: string + default: Gateway + maxLength: 63 + minLength: 1 + pattern: ^[a-zA-Z]([-a-zA-Z0-9]*[a-zA-Z0-9])?$ + name: + description: "Name is the name of the referent. \n Support: Core" + type: string + maxLength: 253 + minLength: 1 + namespace: + description: "Namespace is the namespace of the referent. When unspecified, this refers to the local namespace of the Route. \n Note that there are specific rules for ParentRefs which cross namespace boundaries. Cross-namespace references are only valid if they are explicitly allowed by something in the namespace they are referring to. For example: Gateway has the AllowedRoutes field, and ReferenceGrant provides a generic way to enable any other kind of cross-namespace reference. \n Support: Core" + type: string + maxLength: 63 + minLength: 1 + pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$ + port: + description: "Port is the network port this Route targets. It can be interpreted differently based on the type of parent resource. \n When the parent resource is a Gateway, this targets all listeners listening on the specified port that also support this kind of Route(and select this Route). It's not recommended to set `Port` unless the networking behaviors specified in a Route must apply to a specific port as opposed to a listener(s) whose port(s) may be changed. When both Port and SectionName are specified, the name and port of the selected listener must match both specified values. \n Implementations MAY choose to support other parent resources. Implementations supporting other types of parent resources MUST clearly document how/if Port is interpreted. \n For the purpose of status, an attachment is considered successful as long as the parent resource accepts it partially. For example, Gateway listeners can restrict which Routes can attach to them by Route kind, namespace, or hostname. If 1 of 2 Gateway listeners accept attachment from the referencing Route, the Route MUST be considered successfully attached. If no Gateway listeners accept attachment from this Route, the Route MUST be considered detached from the Gateway. \n Support: Extended \n " + type: integer + format: int32 + maximum: 65535 + minimum: 1 + sectionName: + description: "SectionName is the name of a section within the target resource. In the following resources, SectionName is interpreted as the following: \n * Gateway: Listener Name. When both Port (experimental) and SectionName are specified, the name and port of the selected listener must match both specified values. \n Implementations MAY choose to support attaching Routes to other resources. If that is the case, they MUST clearly document how SectionName is interpreted. \n When unspecified (empty string), this will reference the entire resource. For the purpose of status, an attachment is considered successful if at least one section in the parent resource accepts it. For example, Gateway listeners can restrict which Routes can attach to them by Route kind, namespace, or hostname. If 1 of 2 Gateway listeners accept attachment from the referencing Route, the Route MUST be considered successfully attached. If no Gateway listeners accept attachment from this Route, the Route MUST be considered detached from the Gateway. \n Support: Core" + type: string + maxLength: 253 + minLength: 1 + pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ + serviceType: + description: Optional service type for Kubernetes solver service. Supported values are NodePort or ClusterIP. If unset, defaults to NodePort. + type: string + ingress: + description: The ingress based HTTP01 challenge solver will solve challenges by creating or modifying Ingress resources in order to route requests for '/.well-known/acme-challenge/XYZ' to 'challenge solver' pods that are provisioned by cert-manager for each Challenge to be completed. + type: object + properties: + class: + description: This field configures the annotation `kubernetes.io/ingress.class` when creating Ingress resources to solve ACME challenges that use this challenge solver. Only one of `class`, `name` or `ingressClassName` may be specified. + type: string + ingressClassName: + description: This field configures the field `ingressClassName` on the created Ingress resources used to solve ACME challenges that use this challenge solver. This is the recommended way of configuring the ingress class. Only one of `class`, `name` or `ingressClassName` may be specified. + type: string + ingressTemplate: + description: Optional ingress template used to configure the ACME challenge solver ingress used for HTTP01 challenges. + type: object + properties: + metadata: + description: ObjectMeta overrides for the ingress used to solve HTTP01 challenges. Only the 'labels' and 'annotations' fields may be set. If labels or annotations overlap with in-built values, the values here will override the in-built values. + type: object + properties: + annotations: + description: Annotations that should be added to the created ACME HTTP01 solver ingress. + type: object + additionalProperties: + type: string + labels: + description: Labels that should be added to the created ACME HTTP01 solver ingress. + type: object + additionalProperties: + type: string + name: + description: The name of the ingress resource that should have ACME challenge solving routes inserted into it in order to solve HTTP01 challenges. This is typically used in conjunction with ingress controllers like ingress-gce, which maintains a 1:1 mapping between external IPs and ingress resources. Only one of `class`, `name` or `ingressClassName` may be specified. + type: string + podTemplate: + description: Optional pod template used to configure the ACME challenge solver pods used for HTTP01 challenges. + type: object + properties: + metadata: + description: ObjectMeta overrides for the pod used to solve HTTP01 challenges. Only the 'labels' and 'annotations' fields may be set. If labels or annotations overlap with in-built values, the values here will override the in-built values. + type: object + properties: + annotations: + description: Annotations that should be added to the create ACME HTTP01 solver pods. + type: object + additionalProperties: + type: string + labels: + description: Labels that should be added to the created ACME HTTP01 solver pods. + type: object + additionalProperties: + type: string + spec: + description: PodSpec defines overrides for the HTTP01 challenge solver pod. Check ACMEChallengeSolverHTTP01IngressPodSpec to find out currently supported fields. All other fields will be ignored. + type: object + properties: + affinity: + description: If specified, the pod's scheduling constraints + type: object + properties: + nodeAffinity: + description: Describes node affinity scheduling rules for the pod. + type: object + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node matches the corresponding matchExpressions; the node(s) with the highest sum are the most preferred. + type: array + items: + description: An empty preferred scheduling term matches all objects with implicit weight 0 (i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op). + type: object + required: + - preference + - weight + properties: + preference: + description: A node selector term, associated with the corresponding weight. + type: object + properties: + matchExpressions: + description: A list of node selector requirements by node's labels. + type: array + items: + description: A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + type: object + required: + - key + - operator + properties: + key: + description: The label key that the selector applies to. + type: string + operator: + description: Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + type: string + values: + description: An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. + type: array + items: + type: string + matchFields: + description: A list of node selector requirements by node's fields. + type: array + items: + description: A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + type: object + required: + - key + - operator + properties: + key: + description: The label key that the selector applies to. + type: string + operator: + description: Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + type: string + values: + description: An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. + type: array + items: + type: string + x-kubernetes-map-type: atomic + weight: + description: Weight associated with matching the corresponding nodeSelectorTerm, in the range 1-100. + type: integer + format: int32 + requiredDuringSchedulingIgnoredDuringExecution: + description: If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to an update), the system may or may not try to eventually evict the pod from its node. + type: object + required: + - nodeSelectorTerms + properties: + nodeSelectorTerms: + description: Required. A list of node selector terms. The terms are ORed. + type: array + items: + description: A null or empty node selector term matches no objects. The requirements of them are ANDed. The TopologySelectorTerm type implements a subset of the NodeSelectorTerm. + type: object + properties: + matchExpressions: + description: A list of node selector requirements by node's labels. + type: array + items: + description: A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + type: object + required: + - key + - operator + properties: + key: + description: The label key that the selector applies to. + type: string + operator: + description: Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + type: string + values: + description: An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. + type: array + items: + type: string + matchFields: + description: A list of node selector requirements by node's fields. + type: array + items: + description: A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + type: object + required: + - key + - operator + properties: + key: + description: The label key that the selector applies to. + type: string + operator: + description: Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + type: string + values: + description: An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. + type: array + items: + type: string + x-kubernetes-map-type: atomic + x-kubernetes-map-type: atomic + podAffinity: + description: Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s)). + type: object + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred. + type: array + items: + description: The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s) + type: object + required: + - podAffinityTerm + - weight + properties: + podAffinityTerm: + description: Required. A pod affinity term, associated with the corresponding weight. + type: object + required: + - topologyKey + properties: + labelSelector: + description: A label query over a set of resources, in this case pods. + type: object + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. The requirements are ANDed. + type: array + items: + description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + type: object + required: + - key + - operator + properties: + key: + description: key is the label key that the selector applies to. + type: string + operator: + description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + type: array + items: + type: string + matchLabels: + description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + additionalProperties: + type: string + x-kubernetes-map-type: atomic + namespaceSelector: + description: A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. + type: object + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. The requirements are ANDed. + type: array + items: + description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + type: object + required: + - key + - operator + properties: + key: + description: key is the label key that the selector applies to. + type: string + operator: + description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + type: array + items: + type: string + matchLabels: + description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + additionalProperties: + type: string + x-kubernetes-map-type: atomic + namespaces: + description: namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace". + type: array + items: + type: string + topologyKey: + description: This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. + type: string + weight: + description: weight associated with matching the corresponding podAffinityTerm, in the range 1-100. + type: integer + format: int32 + requiredDuringSchedulingIgnoredDuringExecution: + description: If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied. + type: array + items: + description: Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running + type: object + required: + - topologyKey + properties: + labelSelector: + description: A label query over a set of resources, in this case pods. + type: object + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. The requirements are ANDed. + type: array + items: + description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + type: object + required: + - key + - operator + properties: + key: + description: key is the label key that the selector applies to. + type: string + operator: + description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + type: array + items: + type: string + matchLabels: + description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + additionalProperties: + type: string + x-kubernetes-map-type: atomic + namespaceSelector: + description: A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. + type: object + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. The requirements are ANDed. + type: array + items: + description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + type: object + required: + - key + - operator + properties: + key: + description: key is the label key that the selector applies to. + type: string + operator: + description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + type: array + items: + type: string + matchLabels: + description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + additionalProperties: + type: string + x-kubernetes-map-type: atomic + namespaces: + description: namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace". + type: array + items: + type: string + topologyKey: + description: This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. + type: string + podAntiAffinity: + description: Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s)). + type: object + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule pods to nodes that satisfy the anti-affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling anti-affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred. + type: array + items: + description: The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s) + type: object + required: + - podAffinityTerm + - weight + properties: + podAffinityTerm: + description: Required. A pod affinity term, associated with the corresponding weight. + type: object + required: + - topologyKey + properties: + labelSelector: + description: A label query over a set of resources, in this case pods. + type: object + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. The requirements are ANDed. + type: array + items: + description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + type: object + required: + - key + - operator + properties: + key: + description: key is the label key that the selector applies to. + type: string + operator: + description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + type: array + items: + type: string + matchLabels: + description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + additionalProperties: + type: string + x-kubernetes-map-type: atomic + namespaceSelector: + description: A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. + type: object + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. The requirements are ANDed. + type: array + items: + description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + type: object + required: + - key + - operator + properties: + key: + description: key is the label key that the selector applies to. + type: string + operator: + description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + type: array + items: + type: string + matchLabels: + description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + additionalProperties: + type: string + x-kubernetes-map-type: atomic + namespaces: + description: namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace". + type: array + items: + type: string + topologyKey: + description: This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. + type: string + weight: + description: weight associated with matching the corresponding podAffinityTerm, in the range 1-100. + type: integer + format: int32 + requiredDuringSchedulingIgnoredDuringExecution: + description: If the anti-affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the anti-affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied. + type: array + items: + description: Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running + type: object + required: + - topologyKey + properties: + labelSelector: + description: A label query over a set of resources, in this case pods. + type: object + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. The requirements are ANDed. + type: array + items: + description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + type: object + required: + - key + - operator + properties: + key: + description: key is the label key that the selector applies to. + type: string + operator: + description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + type: array + items: + type: string + matchLabels: + description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + additionalProperties: + type: string + x-kubernetes-map-type: atomic + namespaceSelector: + description: A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. + type: object + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. The requirements are ANDed. + type: array + items: + description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + type: object + required: + - key + - operator + properties: + key: + description: key is the label key that the selector applies to. + type: string + operator: + description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + type: array + items: + type: string + matchLabels: + description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + additionalProperties: + type: string + x-kubernetes-map-type: atomic + namespaces: + description: namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace". + type: array + items: + type: string + topologyKey: + description: This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. + type: string + imagePullSecrets: + description: If specified, the pod's imagePullSecrets + type: array + items: + description: LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. + type: object + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + x-kubernetes-map-type: atomic + nodeSelector: + description: 'NodeSelector is a selector which must be true for the pod to fit on a node. Selector which must match a node''s labels for the pod to be scheduled on that node. More info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/' + type: object + additionalProperties: + type: string + priorityClassName: + description: If specified, the pod's priorityClassName. + type: string + serviceAccountName: + description: If specified, the pod's service account + type: string + tolerations: + description: If specified, the pod's tolerations. + type: array + items: + description: The pod this Toleration is attached to tolerates any taint that matches the triple using the matching operator . + type: object + properties: + effect: + description: Effect indicates the taint effect to match. Empty means match all taint effects. When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. + type: string + key: + description: Key is the taint key that the toleration applies to. Empty means match all taint keys. If the key is empty, operator must be Exists; this combination means to match all values and all keys. + type: string + operator: + description: Operator represents a key's relationship to the value. Valid operators are Exists and Equal. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category. + type: string + tolerationSeconds: + description: TolerationSeconds represents the period of time the toleration (which must be of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, it is not set, which means tolerate the taint forever (do not evict). Zero and negative values will be treated as 0 (evict immediately) by the system. + type: integer + format: int64 + value: + description: Value is the taint value the toleration matches to. If the operator is Exists, the value should be empty, otherwise just a regular string. + type: string + serviceType: + description: Optional service type for Kubernetes solver service. Supported values are NodePort or ClusterIP. If unset, defaults to NodePort. + type: string + selector: + description: Selector selects a set of DNSNames on the Certificate resource that should be solved using this challenge solver. If not specified, the solver will be treated as the 'default' solver with the lowest priority, i.e. if any other solver has a more specific match, it will be used instead. + type: object + properties: + dnsNames: + description: List of DNSNames that this solver will be used to solve. If specified and a match is found, a dnsNames selector will take precedence over a dnsZones selector. If multiple solvers match with the same dnsNames value, the solver with the most matching labels in matchLabels will be selected. If neither has more matches, the solver defined earlier in the list will be selected. + type: array + items: + type: string + dnsZones: + description: List of DNSZones that this solver will be used to solve. The most specific DNS zone match specified here will take precedence over other DNS zone matches, so a solver specifying sys.example.com will be selected over one specifying example.com for the domain www.sys.example.com. If multiple solvers match with the same dnsZones value, the solver with the most matching labels in matchLabels will be selected. If neither has more matches, the solver defined earlier in the list will be selected. + type: array + items: + type: string + matchLabels: + description: A label selector that is used to refine the set of certificate's that this challenge solver will apply to. + type: object + additionalProperties: + type: string + token: + description: The ACME challenge token for this challenge. This is the raw value returned from the ACME server. + type: string + type: + description: The type of ACME challenge this resource represents. One of "HTTP-01" or "DNS-01". + type: string + enum: + - HTTP-01 + - DNS-01 + url: + description: The URL of the ACME Challenge resource for this challenge. This can be used to lookup details about the status of this challenge. + type: string + wildcard: + description: wildcard will be true if this challenge is for a wildcard identifier, for example '*.example.com'. + type: boolean + status: + type: object + properties: + presented: + description: presented will be set to true if the challenge values for this challenge are currently 'presented'. This *does not* imply the self check is passing. Only that the values have been 'submitted' for the appropriate challenge mechanism (i.e. the DNS01 TXT record has been presented, or the HTTP01 configuration has been configured). + type: boolean + processing: + description: Used to denote whether this challenge should be processed or not. This field will only be set to true by the 'scheduling' component. It will only be set to false by the 'challenges' controller, after the challenge has reached a final state or timed out. If this field is set to false, the challenge controller will not take any more action. + type: boolean + reason: + description: Contains human readable information on why the Challenge is in the current state. + type: string + state: + description: Contains the current 'state' of the challenge. If not set, the state of the challenge is unknown. + type: string + enum: + - valid + - ready + - pending + - processing + - invalid + - expired + - errored + served: true + storage: true + subresources: + status: {} +--- +# Source: cert-manager/templates/crds.yaml +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: clusterissuers.cert-manager.io + labels: + app: 'cert-manager' + app.kubernetes.io/name: 'cert-manager' + app.kubernetes.io/instance: "cert-manager" + # Generated labels + app.kubernetes.io/version: "v1.12.2" +spec: + group: cert-manager.io + names: + kind: ClusterIssuer + listKind: ClusterIssuerList + plural: clusterissuers + singular: clusterissuer + categories: + - cert-manager + scope: Cluster + versions: + - name: v1 + subresources: + status: {} + additionalPrinterColumns: + - jsonPath: .status.conditions[?(@.type=="Ready")].status + name: Ready + type: string + - jsonPath: .status.conditions[?(@.type=="Ready")].message + name: Status + priority: 1 + type: string + - jsonPath: .metadata.creationTimestamp + description: CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC. + name: Age + type: date + schema: + openAPIV3Schema: + description: A ClusterIssuer represents a certificate issuing authority which can be referenced as part of `issuerRef` fields. It is similar to an Issuer, however it is cluster-scoped and therefore can be referenced by resources that exist in *any* namespace, not just the same namespace as the referent. + type: object + required: + - spec + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: Desired state of the ClusterIssuer resource. + type: object + properties: + acme: + description: ACME configures this issuer to communicate with a RFC8555 (ACME) server to obtain signed x509 certificates. + type: object + required: + - privateKeySecretRef + - server + properties: + caBundle: + description: Base64-encoded bundle of PEM CAs which can be used to validate the certificate chain presented by the ACME server. Mutually exclusive with SkipTLSVerify; prefer using CABundle to prevent various kinds of security vulnerabilities. If CABundle and SkipTLSVerify are unset, the system certificate bundle inside the container is used to validate the TLS connection. + type: string + format: byte + disableAccountKeyGeneration: + description: Enables or disables generating a new ACME account key. If true, the Issuer resource will *not* request a new account but will expect the account key to be supplied via an existing secret. If false, the cert-manager system will generate a new ACME account key for the Issuer. Defaults to false. + type: boolean + email: + description: Email is the email address to be associated with the ACME account. This field is optional, but it is strongly recommended to be set. It will be used to contact you in case of issues with your account or certificates, including expiry notification emails. This field may be updated after the account is initially registered. + type: string + enableDurationFeature: + description: Enables requesting a Not After date on certificates that matches the duration of the certificate. This is not supported by all ACME servers like Let's Encrypt. If set to true when the ACME server does not support it it will create an error on the Order. Defaults to false. + type: boolean + externalAccountBinding: + description: ExternalAccountBinding is a reference to a CA external account of the ACME server. If set, upon registration cert-manager will attempt to associate the given external account credentials with the registered ACME account. + type: object + required: + - keyID + - keySecretRef + properties: + keyAlgorithm: + description: 'Deprecated: keyAlgorithm field exists for historical compatibility reasons and should not be used. The algorithm is now hardcoded to HS256 in golang/x/crypto/acme.' + type: string + enum: + - HS256 + - HS384 + - HS512 + keyID: + description: keyID is the ID of the CA key that the External Account is bound to. + type: string + keySecretRef: + description: keySecretRef is a Secret Key Selector referencing a data item in a Kubernetes Secret which holds the symmetric MAC key of the External Account Binding. The `key` is the index string that is paired with the key data in the Secret and should not be confused with the key data itself, or indeed with the External Account Binding keyID above. The secret key stored in the Secret **must** be un-padded, base64 URL encoded data. + type: object + required: + - name + properties: + key: + description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. + type: string + name: + description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + preferredChain: + description: 'PreferredChain is the chain to use if the ACME server outputs multiple. PreferredChain is no guarantee that this one gets delivered by the ACME endpoint. For example, for Let''s Encrypt''s DST crosssign you would use: "DST Root CA X3" or "ISRG Root X1" for the newer Let''s Encrypt root CA. This value picks the first certificate bundle in the ACME alternative chains that has a certificate with this value as its issuer''s CN' + type: string + maxLength: 64 + privateKeySecretRef: + description: PrivateKey is the name of a Kubernetes Secret resource that will be used to store the automatically generated ACME account private key. Optionally, a `key` may be specified to select a specific entry within the named Secret resource. If `key` is not specified, a default of `tls.key` will be used. + type: object + required: + - name + properties: + key: + description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. + type: string + name: + description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + server: + description: 'Server is the URL used to access the ACME server''s ''directory'' endpoint. For example, for Let''s Encrypt''s staging endpoint, you would use: "https://acme-staging-v02.api.letsencrypt.org/directory". Only ACME v2 endpoints (i.e. RFC 8555) are supported.' + type: string + skipTLSVerify: + description: 'INSECURE: Enables or disables validation of the ACME server TLS certificate. If true, requests to the ACME server will not have the TLS certificate chain validated. Mutually exclusive with CABundle; prefer using CABundle to prevent various kinds of security vulnerabilities. Only enable this option in development environments. If CABundle and SkipTLSVerify are unset, the system certificate bundle inside the container is used to validate the TLS connection. Defaults to false.' + type: boolean + solvers: + description: 'Solvers is a list of challenge solvers that will be used to solve ACME challenges for the matching domains. Solver configurations must be provided in order to obtain certificates from an ACME server. For more information, see: https://cert-manager.io/docs/configuration/acme/' + type: array + items: + description: An ACMEChallengeSolver describes how to solve ACME challenges for the issuer it is part of. A selector may be provided to use different solving strategies for different DNS names. Only one of HTTP01 or DNS01 must be provided. + type: object + properties: + dns01: + description: Configures cert-manager to attempt to complete authorizations by performing the DNS01 challenge flow. + type: object + properties: + acmeDNS: + description: Use the 'ACME DNS' (https://github.com/joohoi/acme-dns) API to manage DNS01 challenge records. + type: object + required: + - accountSecretRef + - host + properties: + accountSecretRef: + description: A reference to a specific 'key' within a Secret resource. In some instances, `key` is a required field. + type: object + required: + - name + properties: + key: + description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. + type: string + name: + description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + host: + type: string + akamai: + description: Use the Akamai DNS zone management API to manage DNS01 challenge records. + type: object + required: + - accessTokenSecretRef + - clientSecretSecretRef + - clientTokenSecretRef + - serviceConsumerDomain + properties: + accessTokenSecretRef: + description: A reference to a specific 'key' within a Secret resource. In some instances, `key` is a required field. + type: object + required: + - name + properties: + key: + description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. + type: string + name: + description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + clientSecretSecretRef: + description: A reference to a specific 'key' within a Secret resource. In some instances, `key` is a required field. + type: object + required: + - name + properties: + key: + description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. + type: string + name: + description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + clientTokenSecretRef: + description: A reference to a specific 'key' within a Secret resource. In some instances, `key` is a required field. + type: object + required: + - name + properties: + key: + description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. + type: string + name: + description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + serviceConsumerDomain: + type: string + azureDNS: + description: Use the Microsoft Azure DNS API to manage DNS01 challenge records. + type: object + required: + - resourceGroupName + - subscriptionID + properties: + clientID: + description: if both this and ClientSecret are left unset MSI will be used + type: string + clientSecretSecretRef: + description: if both this and ClientID are left unset MSI will be used + type: object + required: + - name + properties: + key: + description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. + type: string + name: + description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + environment: + description: name of the Azure environment (default AzurePublicCloud) + type: string + enum: + - AzurePublicCloud + - AzureChinaCloud + - AzureGermanCloud + - AzureUSGovernmentCloud + hostedZoneName: + description: name of the DNS zone that should be used + type: string + managedIdentity: + description: managed identity configuration, can not be used at the same time as clientID, clientSecretSecretRef or tenantID + type: object + properties: + clientID: + description: client ID of the managed identity, can not be used at the same time as resourceID + type: string + resourceID: + description: resource ID of the managed identity, can not be used at the same time as clientID + type: string + resourceGroupName: + description: resource group the DNS zone is located in + type: string + subscriptionID: + description: ID of the Azure subscription + type: string + tenantID: + description: when specifying ClientID and ClientSecret then this field is also needed + type: string + cloudDNS: + description: Use the Google Cloud DNS API to manage DNS01 challenge records. + type: object + required: + - project + properties: + hostedZoneName: + description: HostedZoneName is an optional field that tells cert-manager in which Cloud DNS zone the challenge record has to be created. If left empty cert-manager will automatically choose a zone. + type: string + project: + type: string + serviceAccountSecretRef: + description: A reference to a specific 'key' within a Secret resource. In some instances, `key` is a required field. + type: object + required: + - name + properties: + key: + description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. + type: string + name: + description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + cloudflare: + description: Use the Cloudflare API to manage DNS01 challenge records. + type: object + properties: + apiKeySecretRef: + description: 'API key to use to authenticate with Cloudflare. Note: using an API token to authenticate is now the recommended method as it allows greater control of permissions.' + type: object + required: + - name + properties: + key: + description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. + type: string + name: + description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + apiTokenSecretRef: + description: API token used to authenticate with Cloudflare. + type: object + required: + - name + properties: + key: + description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. + type: string + name: + description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + email: + description: Email of the account, only required when using API key based authentication. + type: string + cnameStrategy: + description: CNAMEStrategy configures how the DNS01 provider should handle CNAME records when found in DNS zones. + type: string + enum: + - None + - Follow + digitalocean: + description: Use the DigitalOcean DNS API to manage DNS01 challenge records. + type: object + required: + - tokenSecretRef + properties: + tokenSecretRef: + description: A reference to a specific 'key' within a Secret resource. In some instances, `key` is a required field. + type: object + required: + - name + properties: + key: + description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. + type: string + name: + description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + rfc2136: + description: Use RFC2136 ("Dynamic Updates in the Domain Name System") (https://datatracker.ietf.org/doc/rfc2136/) to manage DNS01 challenge records. + type: object + required: + - nameserver + properties: + nameserver: + description: The IP address or hostname of an authoritative DNS server supporting RFC2136 in the form host:port. If the host is an IPv6 address it must be enclosed in square brackets (e.g [2001:db8::1]) ; port is optional. This field is required. + type: string + tsigAlgorithm: + description: 'The TSIG Algorithm configured in the DNS supporting RFC2136. Used only when ``tsigSecretSecretRef`` and ``tsigKeyName`` are defined. Supported values are (case-insensitive): ``HMACMD5`` (default), ``HMACSHA1``, ``HMACSHA256`` or ``HMACSHA512``.' + type: string + tsigKeyName: + description: The TSIG Key name configured in the DNS. If ``tsigSecretSecretRef`` is defined, this field is required. + type: string + tsigSecretSecretRef: + description: The name of the secret containing the TSIG value. If ``tsigKeyName`` is defined, this field is required. + type: object + required: + - name + properties: + key: + description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. + type: string + name: + description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + route53: + description: Use the AWS Route53 API to manage DNS01 challenge records. + type: object + required: + - region + properties: + accessKeyID: + description: 'The AccessKeyID is used for authentication. Cannot be set when SecretAccessKeyID is set. If neither the Access Key nor Key ID are set, we fall-back to using env vars, shared credentials file or AWS Instance metadata, see: https://docs.aws.amazon.com/sdk-for-go/v1/developer-guide/configuring-sdk.html#specifying-credentials' + type: string + accessKeyIDSecretRef: + description: 'The SecretAccessKey is used for authentication. If set, pull the AWS access key ID from a key within a Kubernetes Secret. Cannot be set when AccessKeyID is set. If neither the Access Key nor Key ID are set, we fall-back to using env vars, shared credentials file or AWS Instance metadata, see: https://docs.aws.amazon.com/sdk-for-go/v1/developer-guide/configuring-sdk.html#specifying-credentials' + type: object + required: + - name + properties: + key: + description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. + type: string + name: + description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + hostedZoneID: + description: If set, the provider will manage only this zone in Route53 and will not do an lookup using the route53:ListHostedZonesByName api call. + type: string + region: + description: Always set the region when using AccessKeyID and SecretAccessKey + type: string + role: + description: Role is a Role ARN which the Route53 provider will assume using either the explicit credentials AccessKeyID/SecretAccessKey or the inferred credentials from environment variables, shared credentials file or AWS Instance metadata + type: string + secretAccessKeySecretRef: + description: 'The SecretAccessKey is used for authentication. If neither the Access Key nor Key ID are set, we fall-back to using env vars, shared credentials file or AWS Instance metadata, see: https://docs.aws.amazon.com/sdk-for-go/v1/developer-guide/configuring-sdk.html#specifying-credentials' + type: object + required: + - name + properties: + key: + description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. + type: string + name: + description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + webhook: + description: Configure an external webhook based DNS01 challenge solver to manage DNS01 challenge records. + type: object + required: + - groupName + - solverName + properties: + config: + description: Additional configuration that should be passed to the webhook apiserver when challenges are processed. This can contain arbitrary JSON data. Secret values should not be specified in this stanza. If secret values are needed (e.g. credentials for a DNS service), you should use a SecretKeySelector to reference a Secret resource. For details on the schema of this field, consult the webhook provider implementation's documentation. + x-kubernetes-preserve-unknown-fields: true + groupName: + description: The API group name that should be used when POSTing ChallengePayload resources to the webhook apiserver. This should be the same as the GroupName specified in the webhook provider implementation. + type: string + solverName: + description: The name of the solver to use, as defined in the webhook provider implementation. This will typically be the name of the provider, e.g. 'cloudflare'. + type: string + http01: + description: Configures cert-manager to attempt to complete authorizations by performing the HTTP01 challenge flow. It is not possible to obtain certificates for wildcard domain names (e.g. `*.example.com`) using the HTTP01 challenge mechanism. + type: object + properties: + gatewayHTTPRoute: + description: The Gateway API is a sig-network community API that models service networking in Kubernetes (https://gateway-api.sigs.k8s.io/). The Gateway solver will create HTTPRoutes with the specified labels in the same namespace as the challenge. This solver is experimental, and fields / behaviour may change in the future. + type: object + properties: + labels: + description: Custom labels that will be applied to HTTPRoutes created by cert-manager while solving HTTP-01 challenges. + type: object + additionalProperties: + type: string + parentRefs: + description: 'When solving an HTTP-01 challenge, cert-manager creates an HTTPRoute. cert-manager needs to know which parentRefs should be used when creating the HTTPRoute. Usually, the parentRef references a Gateway. See: https://gateway-api.sigs.k8s.io/api-types/httproute/#attaching-to-gateways' + type: array + items: + description: "ParentReference identifies an API object (usually a Gateway) that can be considered a parent of this resource (usually a route). The only kind of parent resource with \"Core\" support is Gateway. This API may be extended in the future to support additional kinds of parent resources, such as HTTPRoute. \n The API object must be valid in the cluster; the Group and Kind must be registered in the cluster for this reference to be valid." + type: object + required: + - name + properties: + group: + description: "Group is the group of the referent. When unspecified, \"gateway.networking.k8s.io\" is inferred. To set the core API group (such as for a \"Service\" kind referent), Group must be explicitly set to \"\" (empty string). \n Support: Core" + type: string + default: gateway.networking.k8s.io + maxLength: 253 + pattern: ^$|^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ + kind: + description: "Kind is kind of the referent. \n Support: Core (Gateway) \n Support: Implementation-specific (Other Resources)" + type: string + default: Gateway + maxLength: 63 + minLength: 1 + pattern: ^[a-zA-Z]([-a-zA-Z0-9]*[a-zA-Z0-9])?$ + name: + description: "Name is the name of the referent. \n Support: Core" + type: string + maxLength: 253 + minLength: 1 + namespace: + description: "Namespace is the namespace of the referent. When unspecified, this refers to the local namespace of the Route. \n Note that there are specific rules for ParentRefs which cross namespace boundaries. Cross-namespace references are only valid if they are explicitly allowed by something in the namespace they are referring to. For example: Gateway has the AllowedRoutes field, and ReferenceGrant provides a generic way to enable any other kind of cross-namespace reference. \n Support: Core" + type: string + maxLength: 63 + minLength: 1 + pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$ + port: + description: "Port is the network port this Route targets. It can be interpreted differently based on the type of parent resource. \n When the parent resource is a Gateway, this targets all listeners listening on the specified port that also support this kind of Route(and select this Route). It's not recommended to set `Port` unless the networking behaviors specified in a Route must apply to a specific port as opposed to a listener(s) whose port(s) may be changed. When both Port and SectionName are specified, the name and port of the selected listener must match both specified values. \n Implementations MAY choose to support other parent resources. Implementations supporting other types of parent resources MUST clearly document how/if Port is interpreted. \n For the purpose of status, an attachment is considered successful as long as the parent resource accepts it partially. For example, Gateway listeners can restrict which Routes can attach to them by Route kind, namespace, or hostname. If 1 of 2 Gateway listeners accept attachment from the referencing Route, the Route MUST be considered successfully attached. If no Gateway listeners accept attachment from this Route, the Route MUST be considered detached from the Gateway. \n Support: Extended \n " + type: integer + format: int32 + maximum: 65535 + minimum: 1 + sectionName: + description: "SectionName is the name of a section within the target resource. In the following resources, SectionName is interpreted as the following: \n * Gateway: Listener Name. When both Port (experimental) and SectionName are specified, the name and port of the selected listener must match both specified values. \n Implementations MAY choose to support attaching Routes to other resources. If that is the case, they MUST clearly document how SectionName is interpreted. \n When unspecified (empty string), this will reference the entire resource. For the purpose of status, an attachment is considered successful if at least one section in the parent resource accepts it. For example, Gateway listeners can restrict which Routes can attach to them by Route kind, namespace, or hostname. If 1 of 2 Gateway listeners accept attachment from the referencing Route, the Route MUST be considered successfully attached. If no Gateway listeners accept attachment from this Route, the Route MUST be considered detached from the Gateway. \n Support: Core" + type: string + maxLength: 253 + minLength: 1 + pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ + serviceType: + description: Optional service type for Kubernetes solver service. Supported values are NodePort or ClusterIP. If unset, defaults to NodePort. + type: string + ingress: + description: The ingress based HTTP01 challenge solver will solve challenges by creating or modifying Ingress resources in order to route requests for '/.well-known/acme-challenge/XYZ' to 'challenge solver' pods that are provisioned by cert-manager for each Challenge to be completed. + type: object + properties: + class: + description: This field configures the annotation `kubernetes.io/ingress.class` when creating Ingress resources to solve ACME challenges that use this challenge solver. Only one of `class`, `name` or `ingressClassName` may be specified. + type: string + ingressClassName: + description: This field configures the field `ingressClassName` on the created Ingress resources used to solve ACME challenges that use this challenge solver. This is the recommended way of configuring the ingress class. Only one of `class`, `name` or `ingressClassName` may be specified. + type: string + ingressTemplate: + description: Optional ingress template used to configure the ACME challenge solver ingress used for HTTP01 challenges. + type: object + properties: + metadata: + description: ObjectMeta overrides for the ingress used to solve HTTP01 challenges. Only the 'labels' and 'annotations' fields may be set. If labels or annotations overlap with in-built values, the values here will override the in-built values. + type: object + properties: + annotations: + description: Annotations that should be added to the created ACME HTTP01 solver ingress. + type: object + additionalProperties: + type: string + labels: + description: Labels that should be added to the created ACME HTTP01 solver ingress. + type: object + additionalProperties: + type: string + name: + description: The name of the ingress resource that should have ACME challenge solving routes inserted into it in order to solve HTTP01 challenges. This is typically used in conjunction with ingress controllers like ingress-gce, which maintains a 1:1 mapping between external IPs and ingress resources. Only one of `class`, `name` or `ingressClassName` may be specified. + type: string + podTemplate: + description: Optional pod template used to configure the ACME challenge solver pods used for HTTP01 challenges. + type: object + properties: + metadata: + description: ObjectMeta overrides for the pod used to solve HTTP01 challenges. Only the 'labels' and 'annotations' fields may be set. If labels or annotations overlap with in-built values, the values here will override the in-built values. + type: object + properties: + annotations: + description: Annotations that should be added to the create ACME HTTP01 solver pods. + type: object + additionalProperties: + type: string + labels: + description: Labels that should be added to the created ACME HTTP01 solver pods. + type: object + additionalProperties: + type: string + spec: + description: PodSpec defines overrides for the HTTP01 challenge solver pod. Check ACMEChallengeSolverHTTP01IngressPodSpec to find out currently supported fields. All other fields will be ignored. + type: object + properties: + affinity: + description: If specified, the pod's scheduling constraints + type: object + properties: + nodeAffinity: + description: Describes node affinity scheduling rules for the pod. + type: object + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node matches the corresponding matchExpressions; the node(s) with the highest sum are the most preferred. + type: array + items: + description: An empty preferred scheduling term matches all objects with implicit weight 0 (i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op). + type: object + required: + - preference + - weight + properties: + preference: + description: A node selector term, associated with the corresponding weight. + type: object + properties: + matchExpressions: + description: A list of node selector requirements by node's labels. + type: array + items: + description: A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + type: object + required: + - key + - operator + properties: + key: + description: The label key that the selector applies to. + type: string + operator: + description: Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + type: string + values: + description: An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. + type: array + items: + type: string + matchFields: + description: A list of node selector requirements by node's fields. + type: array + items: + description: A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + type: object + required: + - key + - operator + properties: + key: + description: The label key that the selector applies to. + type: string + operator: + description: Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + type: string + values: + description: An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. + type: array + items: + type: string + x-kubernetes-map-type: atomic + weight: + description: Weight associated with matching the corresponding nodeSelectorTerm, in the range 1-100. + type: integer + format: int32 + requiredDuringSchedulingIgnoredDuringExecution: + description: If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to an update), the system may or may not try to eventually evict the pod from its node. + type: object + required: + - nodeSelectorTerms + properties: + nodeSelectorTerms: + description: Required. A list of node selector terms. The terms are ORed. + type: array + items: + description: A null or empty node selector term matches no objects. The requirements of them are ANDed. The TopologySelectorTerm type implements a subset of the NodeSelectorTerm. + type: object + properties: + matchExpressions: + description: A list of node selector requirements by node's labels. + type: array + items: + description: A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + type: object + required: + - key + - operator + properties: + key: + description: The label key that the selector applies to. + type: string + operator: + description: Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + type: string + values: + description: An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. + type: array + items: + type: string + matchFields: + description: A list of node selector requirements by node's fields. + type: array + items: + description: A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + type: object + required: + - key + - operator + properties: + key: + description: The label key that the selector applies to. + type: string + operator: + description: Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + type: string + values: + description: An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. + type: array + items: + type: string + x-kubernetes-map-type: atomic + x-kubernetes-map-type: atomic + podAffinity: + description: Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s)). + type: object + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred. + type: array + items: + description: The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s) + type: object + required: + - podAffinityTerm + - weight + properties: + podAffinityTerm: + description: Required. A pod affinity term, associated with the corresponding weight. + type: object + required: + - topologyKey + properties: + labelSelector: + description: A label query over a set of resources, in this case pods. + type: object + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. The requirements are ANDed. + type: array + items: + description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + type: object + required: + - key + - operator + properties: + key: + description: key is the label key that the selector applies to. + type: string + operator: + description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + type: array + items: + type: string + matchLabels: + description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + additionalProperties: + type: string + x-kubernetes-map-type: atomic + namespaceSelector: + description: A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. + type: object + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. The requirements are ANDed. + type: array + items: + description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + type: object + required: + - key + - operator + properties: + key: + description: key is the label key that the selector applies to. + type: string + operator: + description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + type: array + items: + type: string + matchLabels: + description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + additionalProperties: + type: string + x-kubernetes-map-type: atomic + namespaces: + description: namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace". + type: array + items: + type: string + topologyKey: + description: This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. + type: string + weight: + description: weight associated with matching the corresponding podAffinityTerm, in the range 1-100. + type: integer + format: int32 + requiredDuringSchedulingIgnoredDuringExecution: + description: If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied. + type: array + items: + description: Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running + type: object + required: + - topologyKey + properties: + labelSelector: + description: A label query over a set of resources, in this case pods. + type: object + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. The requirements are ANDed. + type: array + items: + description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + type: object + required: + - key + - operator + properties: + key: + description: key is the label key that the selector applies to. + type: string + operator: + description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + type: array + items: + type: string + matchLabels: + description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + additionalProperties: + type: string + x-kubernetes-map-type: atomic + namespaceSelector: + description: A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. + type: object + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. The requirements are ANDed. + type: array + items: + description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + type: object + required: + - key + - operator + properties: + key: + description: key is the label key that the selector applies to. + type: string + operator: + description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + type: array + items: + type: string + matchLabels: + description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + additionalProperties: + type: string + x-kubernetes-map-type: atomic + namespaces: + description: namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace". + type: array + items: + type: string + topologyKey: + description: This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. + type: string + podAntiAffinity: + description: Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s)). + type: object + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule pods to nodes that satisfy the anti-affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling anti-affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred. + type: array + items: + description: The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s) + type: object + required: + - podAffinityTerm + - weight + properties: + podAffinityTerm: + description: Required. A pod affinity term, associated with the corresponding weight. + type: object + required: + - topologyKey + properties: + labelSelector: + description: A label query over a set of resources, in this case pods. + type: object + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. The requirements are ANDed. + type: array + items: + description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + type: object + required: + - key + - operator + properties: + key: + description: key is the label key that the selector applies to. + type: string + operator: + description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + type: array + items: + type: string + matchLabels: + description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + additionalProperties: + type: string + x-kubernetes-map-type: atomic + namespaceSelector: + description: A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. + type: object + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. The requirements are ANDed. + type: array + items: + description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + type: object + required: + - key + - operator + properties: + key: + description: key is the label key that the selector applies to. + type: string + operator: + description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + type: array + items: + type: string + matchLabels: + description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + additionalProperties: + type: string + x-kubernetes-map-type: atomic + namespaces: + description: namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace". + type: array + items: + type: string + topologyKey: + description: This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. + type: string + weight: + description: weight associated with matching the corresponding podAffinityTerm, in the range 1-100. + type: integer + format: int32 + requiredDuringSchedulingIgnoredDuringExecution: + description: If the anti-affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the anti-affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied. + type: array + items: + description: Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running + type: object + required: + - topologyKey + properties: + labelSelector: + description: A label query over a set of resources, in this case pods. + type: object + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. The requirements are ANDed. + type: array + items: + description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + type: object + required: + - key + - operator + properties: + key: + description: key is the label key that the selector applies to. + type: string + operator: + description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + type: array + items: + type: string + matchLabels: + description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + additionalProperties: + type: string + x-kubernetes-map-type: atomic + namespaceSelector: + description: A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. + type: object + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. The requirements are ANDed. + type: array + items: + description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + type: object + required: + - key + - operator + properties: + key: + description: key is the label key that the selector applies to. + type: string + operator: + description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + type: array + items: + type: string + matchLabels: + description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + additionalProperties: + type: string + x-kubernetes-map-type: atomic + namespaces: + description: namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace". + type: array + items: + type: string + topologyKey: + description: This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. + type: string + imagePullSecrets: + description: If specified, the pod's imagePullSecrets + type: array + items: + description: LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. + type: object + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + x-kubernetes-map-type: atomic + nodeSelector: + description: 'NodeSelector is a selector which must be true for the pod to fit on a node. Selector which must match a node''s labels for the pod to be scheduled on that node. More info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/' + type: object + additionalProperties: + type: string + priorityClassName: + description: If specified, the pod's priorityClassName. + type: string + serviceAccountName: + description: If specified, the pod's service account + type: string + tolerations: + description: If specified, the pod's tolerations. + type: array + items: + description: The pod this Toleration is attached to tolerates any taint that matches the triple using the matching operator . + type: object + properties: + effect: + description: Effect indicates the taint effect to match. Empty means match all taint effects. When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. + type: string + key: + description: Key is the taint key that the toleration applies to. Empty means match all taint keys. If the key is empty, operator must be Exists; this combination means to match all values and all keys. + type: string + operator: + description: Operator represents a key's relationship to the value. Valid operators are Exists and Equal. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category. + type: string + tolerationSeconds: + description: TolerationSeconds represents the period of time the toleration (which must be of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, it is not set, which means tolerate the taint forever (do not evict). Zero and negative values will be treated as 0 (evict immediately) by the system. + type: integer + format: int64 + value: + description: Value is the taint value the toleration matches to. If the operator is Exists, the value should be empty, otherwise just a regular string. + type: string + serviceType: + description: Optional service type for Kubernetes solver service. Supported values are NodePort or ClusterIP. If unset, defaults to NodePort. + type: string + selector: + description: Selector selects a set of DNSNames on the Certificate resource that should be solved using this challenge solver. If not specified, the solver will be treated as the 'default' solver with the lowest priority, i.e. if any other solver has a more specific match, it will be used instead. + type: object + properties: + dnsNames: + description: List of DNSNames that this solver will be used to solve. If specified and a match is found, a dnsNames selector will take precedence over a dnsZones selector. If multiple solvers match with the same dnsNames value, the solver with the most matching labels in matchLabels will be selected. If neither has more matches, the solver defined earlier in the list will be selected. + type: array + items: + type: string + dnsZones: + description: List of DNSZones that this solver will be used to solve. The most specific DNS zone match specified here will take precedence over other DNS zone matches, so a solver specifying sys.example.com will be selected over one specifying example.com for the domain www.sys.example.com. If multiple solvers match with the same dnsZones value, the solver with the most matching labels in matchLabels will be selected. If neither has more matches, the solver defined earlier in the list will be selected. + type: array + items: + type: string + matchLabels: + description: A label selector that is used to refine the set of certificate's that this challenge solver will apply to. + type: object + additionalProperties: + type: string + ca: + description: CA configures this issuer to sign certificates using a signing CA keypair stored in a Secret resource. This is used to build internal PKIs that are managed by cert-manager. + type: object + required: + - secretName + properties: + crlDistributionPoints: + description: The CRL distribution points is an X.509 v3 certificate extension which identifies the location of the CRL from which the revocation of this certificate can be checked. If not set, certificates will be issued without distribution points set. + type: array + items: + type: string + ocspServers: + description: The OCSP server list is an X.509 v3 extension that defines a list of URLs of OCSP responders. The OCSP responders can be queried for the revocation status of an issued certificate. If not set, the certificate will be issued with no OCSP servers set. For example, an OCSP server URL could be "http://ocsp.int-x3.letsencrypt.org". + type: array + items: + type: string + secretName: + description: SecretName is the name of the secret used to sign Certificates issued by this Issuer. + type: string + selfSigned: + description: SelfSigned configures this issuer to 'self sign' certificates using the private key used to create the CertificateRequest object. + type: object + properties: + crlDistributionPoints: + description: The CRL distribution points is an X.509 v3 certificate extension which identifies the location of the CRL from which the revocation of this certificate can be checked. If not set certificate will be issued without CDP. Values are strings. + type: array + items: + type: string + vault: + description: Vault configures this issuer to sign certificates using a HashiCorp Vault PKI backend. + type: object + required: + - auth + - path + - server + properties: + auth: + description: Auth configures how cert-manager authenticates with the Vault server. + type: object + properties: + appRole: + description: AppRole authenticates with Vault using the App Role auth mechanism, with the role and secret stored in a Kubernetes Secret resource. + type: object + required: + - path + - roleId + - secretRef + properties: + path: + description: 'Path where the App Role authentication backend is mounted in Vault, e.g: "approle"' + type: string + roleId: + description: RoleID configured in the App Role authentication backend when setting up the authentication backend in Vault. + type: string + secretRef: + description: Reference to a key in a Secret that contains the App Role secret used to authenticate with Vault. The `key` field must be specified and denotes which entry within the Secret resource is used as the app role secret. + type: object + required: + - name + properties: + key: + description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. + type: string + name: + description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + kubernetes: + description: Kubernetes authenticates with Vault by passing the ServiceAccount token stored in the named Secret resource to the Vault server. + type: object + required: + - role + properties: + mountPath: + description: The Vault mountPath here is the mount path to use when authenticating with Vault. For example, setting a value to `/v1/auth/foo`, will use the path `/v1/auth/foo/login` to authenticate with Vault. If unspecified, the default value "/v1/auth/kubernetes" will be used. + type: string + role: + description: A required field containing the Vault Role to assume. A Role binds a Kubernetes ServiceAccount with a set of Vault policies. + type: string + secretRef: + description: The required Secret field containing a Kubernetes ServiceAccount JWT used for authenticating with Vault. Use of 'ambient credentials' is not supported. + type: object + required: + - name + properties: + key: + description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. + type: string + name: + description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + serviceAccountRef: + description: A reference to a service account that will be used to request a bound token (also known as "projected token"). Compared to using "secretRef", using this field means that you don't rely on statically bound tokens. To use this field, you must configure an RBAC rule to let cert-manager request a token. + type: object + required: + - name + properties: + name: + description: Name of the ServiceAccount used to request a token. + type: string + tokenSecretRef: + description: TokenSecretRef authenticates with Vault by presenting a token. + type: object + required: + - name + properties: + key: + description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. + type: string + name: + description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + caBundle: + description: Base64-encoded bundle of PEM CAs which will be used to validate the certificate chain presented by Vault. Only used if using HTTPS to connect to Vault and ignored for HTTP connections. Mutually exclusive with CABundleSecretRef. If neither CABundle nor CABundleSecretRef are defined, the certificate bundle in the cert-manager controller container is used to validate the TLS connection. + type: string + format: byte + caBundleSecretRef: + description: Reference to a Secret containing a bundle of PEM-encoded CAs to use when verifying the certificate chain presented by Vault when using HTTPS. Mutually exclusive with CABundle. If neither CABundle nor CABundleSecretRef are defined, the certificate bundle in the cert-manager controller container is used to validate the TLS connection. If no key for the Secret is specified, cert-manager will default to 'ca.crt'. + type: object + required: + - name + properties: + key: + description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. + type: string + name: + description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Name of the vault namespace. Namespaces is a set of features within Vault Enterprise that allows Vault environments to support Secure Multi-tenancy. e.g: "ns1" More about namespaces can be found here https://www.vaultproject.io/docs/enterprise/namespaces' + type: string + path: + description: 'Path is the mount path of the Vault PKI backend''s `sign` endpoint, e.g: "my_pki_mount/sign/my-role-name".' + type: string + server: + description: 'Server is the connection address for the Vault server, e.g: "https://vault.example.com:8200".' + type: string + venafi: + description: Venafi configures this issuer to sign certificates using a Venafi TPP or Venafi Cloud policy zone. + type: object + required: + - zone + properties: + cloud: + description: Cloud specifies the Venafi cloud configuration settings. Only one of TPP or Cloud may be specified. + type: object + required: + - apiTokenSecretRef + properties: + apiTokenSecretRef: + description: APITokenSecretRef is a secret key selector for the Venafi Cloud API token. + type: object + required: + - name + properties: + key: + description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. + type: string + name: + description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + url: + description: URL is the base URL for Venafi Cloud. Defaults to "https://api.venafi.cloud/v1". + type: string + tpp: + description: TPP specifies Trust Protection Platform configuration settings. Only one of TPP or Cloud may be specified. + type: object + required: + - credentialsRef + - url + properties: + caBundle: + description: Base64-encoded bundle of PEM CAs which will be used to validate the certificate chain presented by the TPP server. Only used if using HTTPS; ignored for HTTP. If undefined, the certificate bundle in the cert-manager controller container is used to validate the chain. + type: string + format: byte + credentialsRef: + description: CredentialsRef is a reference to a Secret containing the username and password for the TPP server. The secret must contain two keys, 'username' and 'password'. + type: object + required: + - name + properties: + name: + description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + url: + description: 'URL is the base URL for the vedsdk endpoint of the Venafi TPP instance, for example: "https://tpp.example.com/vedsdk".' + type: string + zone: + description: Zone is the Venafi Policy Zone to use for this issuer. All requests made to the Venafi platform will be restricted by the named zone policy. This field is required. + type: string + status: + description: Status of the ClusterIssuer. This is set and managed automatically. + type: object + properties: + acme: + description: ACME specific status options. This field should only be set if the Issuer is configured to use an ACME server to issue certificates. + type: object + properties: + lastPrivateKeyHash: + description: LastPrivateKeyHash is a hash of the private key associated with the latest registered ACME account, in order to track changes made to registered account associated with the Issuer + type: string + lastRegisteredEmail: + description: LastRegisteredEmail is the email associated with the latest registered ACME account, in order to track changes made to registered account associated with the Issuer + type: string + uri: + description: URI is the unique account identifier, which can also be used to retrieve account details from the CA + type: string + conditions: + description: List of status conditions to indicate the status of a CertificateRequest. Known condition types are `Ready`. + type: array + items: + description: IssuerCondition contains condition information for an Issuer. + type: object + required: + - status + - type + properties: + lastTransitionTime: + description: LastTransitionTime is the timestamp corresponding to the last status change of this condition. + type: string + format: date-time + message: + description: Message is a human readable description of the details of the last transition, complementing reason. + type: string + observedGeneration: + description: If set, this represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.condition[x].observedGeneration is 9, the condition is out of date with respect to the current state of the Issuer. + type: integer + format: int64 + reason: + description: Reason is a brief machine readable explanation for the condition's last transition. + type: string + status: + description: Status of the condition, one of (`True`, `False`, `Unknown`). + type: string + enum: + - "True" + - "False" + - Unknown + type: + description: Type of the condition, known values are (`Ready`). + type: string + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map + served: true + storage: true +--- +# Source: cert-manager/templates/crds.yaml +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: issuers.cert-manager.io + labels: + app: 'cert-manager' + app.kubernetes.io/name: 'cert-manager' + app.kubernetes.io/instance: "cert-manager" + # Generated labels + app.kubernetes.io/version: "v1.12.2" +spec: + group: cert-manager.io + names: + kind: Issuer + listKind: IssuerList + plural: issuers + singular: issuer + categories: + - cert-manager + scope: Namespaced + versions: + - name: v1 + subresources: + status: {} + additionalPrinterColumns: + - jsonPath: .status.conditions[?(@.type=="Ready")].status + name: Ready + type: string + - jsonPath: .status.conditions[?(@.type=="Ready")].message + name: Status + priority: 1 + type: string + - jsonPath: .metadata.creationTimestamp + description: CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC. + name: Age + type: date + schema: + openAPIV3Schema: + description: An Issuer represents a certificate issuing authority which can be referenced as part of `issuerRef` fields. It is scoped to a single namespace and can therefore only be referenced by resources within the same namespace. + type: object + required: + - spec + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: Desired state of the Issuer resource. + type: object + properties: + acme: + description: ACME configures this issuer to communicate with a RFC8555 (ACME) server to obtain signed x509 certificates. + type: object + required: + - privateKeySecretRef + - server + properties: + caBundle: + description: Base64-encoded bundle of PEM CAs which can be used to validate the certificate chain presented by the ACME server. Mutually exclusive with SkipTLSVerify; prefer using CABundle to prevent various kinds of security vulnerabilities. If CABundle and SkipTLSVerify are unset, the system certificate bundle inside the container is used to validate the TLS connection. + type: string + format: byte + disableAccountKeyGeneration: + description: Enables or disables generating a new ACME account key. If true, the Issuer resource will *not* request a new account but will expect the account key to be supplied via an existing secret. If false, the cert-manager system will generate a new ACME account key for the Issuer. Defaults to false. + type: boolean + email: + description: Email is the email address to be associated with the ACME account. This field is optional, but it is strongly recommended to be set. It will be used to contact you in case of issues with your account or certificates, including expiry notification emails. This field may be updated after the account is initially registered. + type: string + enableDurationFeature: + description: Enables requesting a Not After date on certificates that matches the duration of the certificate. This is not supported by all ACME servers like Let's Encrypt. If set to true when the ACME server does not support it it will create an error on the Order. Defaults to false. + type: boolean + externalAccountBinding: + description: ExternalAccountBinding is a reference to a CA external account of the ACME server. If set, upon registration cert-manager will attempt to associate the given external account credentials with the registered ACME account. + type: object + required: + - keyID + - keySecretRef + properties: + keyAlgorithm: + description: 'Deprecated: keyAlgorithm field exists for historical compatibility reasons and should not be used. The algorithm is now hardcoded to HS256 in golang/x/crypto/acme.' + type: string + enum: + - HS256 + - HS384 + - HS512 + keyID: + description: keyID is the ID of the CA key that the External Account is bound to. + type: string + keySecretRef: + description: keySecretRef is a Secret Key Selector referencing a data item in a Kubernetes Secret which holds the symmetric MAC key of the External Account Binding. The `key` is the index string that is paired with the key data in the Secret and should not be confused with the key data itself, or indeed with the External Account Binding keyID above. The secret key stored in the Secret **must** be un-padded, base64 URL encoded data. + type: object + required: + - name + properties: + key: + description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. + type: string + name: + description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + preferredChain: + description: 'PreferredChain is the chain to use if the ACME server outputs multiple. PreferredChain is no guarantee that this one gets delivered by the ACME endpoint. For example, for Let''s Encrypt''s DST crosssign you would use: "DST Root CA X3" or "ISRG Root X1" for the newer Let''s Encrypt root CA. This value picks the first certificate bundle in the ACME alternative chains that has a certificate with this value as its issuer''s CN' + type: string + maxLength: 64 + privateKeySecretRef: + description: PrivateKey is the name of a Kubernetes Secret resource that will be used to store the automatically generated ACME account private key. Optionally, a `key` may be specified to select a specific entry within the named Secret resource. If `key` is not specified, a default of `tls.key` will be used. + type: object + required: + - name + properties: + key: + description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. + type: string + name: + description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + server: + description: 'Server is the URL used to access the ACME server''s ''directory'' endpoint. For example, for Let''s Encrypt''s staging endpoint, you would use: "https://acme-staging-v02.api.letsencrypt.org/directory". Only ACME v2 endpoints (i.e. RFC 8555) are supported.' + type: string + skipTLSVerify: + description: 'INSECURE: Enables or disables validation of the ACME server TLS certificate. If true, requests to the ACME server will not have the TLS certificate chain validated. Mutually exclusive with CABundle; prefer using CABundle to prevent various kinds of security vulnerabilities. Only enable this option in development environments. If CABundle and SkipTLSVerify are unset, the system certificate bundle inside the container is used to validate the TLS connection. Defaults to false.' + type: boolean + solvers: + description: 'Solvers is a list of challenge solvers that will be used to solve ACME challenges for the matching domains. Solver configurations must be provided in order to obtain certificates from an ACME server. For more information, see: https://cert-manager.io/docs/configuration/acme/' + type: array + items: + description: An ACMEChallengeSolver describes how to solve ACME challenges for the issuer it is part of. A selector may be provided to use different solving strategies for different DNS names. Only one of HTTP01 or DNS01 must be provided. + type: object + properties: + dns01: + description: Configures cert-manager to attempt to complete authorizations by performing the DNS01 challenge flow. + type: object + properties: + acmeDNS: + description: Use the 'ACME DNS' (https://github.com/joohoi/acme-dns) API to manage DNS01 challenge records. + type: object + required: + - accountSecretRef + - host + properties: + accountSecretRef: + description: A reference to a specific 'key' within a Secret resource. In some instances, `key` is a required field. + type: object + required: + - name + properties: + key: + description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. + type: string + name: + description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + host: + type: string + akamai: + description: Use the Akamai DNS zone management API to manage DNS01 challenge records. + type: object + required: + - accessTokenSecretRef + - clientSecretSecretRef + - clientTokenSecretRef + - serviceConsumerDomain + properties: + accessTokenSecretRef: + description: A reference to a specific 'key' within a Secret resource. In some instances, `key` is a required field. + type: object + required: + - name + properties: + key: + description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. + type: string + name: + description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + clientSecretSecretRef: + description: A reference to a specific 'key' within a Secret resource. In some instances, `key` is a required field. + type: object + required: + - name + properties: + key: + description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. + type: string + name: + description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + clientTokenSecretRef: + description: A reference to a specific 'key' within a Secret resource. In some instances, `key` is a required field. + type: object + required: + - name + properties: + key: + description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. + type: string + name: + description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + serviceConsumerDomain: + type: string + azureDNS: + description: Use the Microsoft Azure DNS API to manage DNS01 challenge records. + type: object + required: + - resourceGroupName + - subscriptionID + properties: + clientID: + description: if both this and ClientSecret are left unset MSI will be used + type: string + clientSecretSecretRef: + description: if both this and ClientID are left unset MSI will be used + type: object + required: + - name + properties: + key: + description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. + type: string + name: + description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + environment: + description: name of the Azure environment (default AzurePublicCloud) + type: string + enum: + - AzurePublicCloud + - AzureChinaCloud + - AzureGermanCloud + - AzureUSGovernmentCloud + hostedZoneName: + description: name of the DNS zone that should be used + type: string + managedIdentity: + description: managed identity configuration, can not be used at the same time as clientID, clientSecretSecretRef or tenantID + type: object + properties: + clientID: + description: client ID of the managed identity, can not be used at the same time as resourceID + type: string + resourceID: + description: resource ID of the managed identity, can not be used at the same time as clientID + type: string + resourceGroupName: + description: resource group the DNS zone is located in + type: string + subscriptionID: + description: ID of the Azure subscription + type: string + tenantID: + description: when specifying ClientID and ClientSecret then this field is also needed + type: string + cloudDNS: + description: Use the Google Cloud DNS API to manage DNS01 challenge records. + type: object + required: + - project + properties: + hostedZoneName: + description: HostedZoneName is an optional field that tells cert-manager in which Cloud DNS zone the challenge record has to be created. If left empty cert-manager will automatically choose a zone. + type: string + project: + type: string + serviceAccountSecretRef: + description: A reference to a specific 'key' within a Secret resource. In some instances, `key` is a required field. + type: object + required: + - name + properties: + key: + description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. + type: string + name: + description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + cloudflare: + description: Use the Cloudflare API to manage DNS01 challenge records. + type: object + properties: + apiKeySecretRef: + description: 'API key to use to authenticate with Cloudflare. Note: using an API token to authenticate is now the recommended method as it allows greater control of permissions.' + type: object + required: + - name + properties: + key: + description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. + type: string + name: + description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + apiTokenSecretRef: + description: API token used to authenticate with Cloudflare. + type: object + required: + - name + properties: + key: + description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. + type: string + name: + description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + email: + description: Email of the account, only required when using API key based authentication. + type: string + cnameStrategy: + description: CNAMEStrategy configures how the DNS01 provider should handle CNAME records when found in DNS zones. + type: string + enum: + - None + - Follow + digitalocean: + description: Use the DigitalOcean DNS API to manage DNS01 challenge records. + type: object + required: + - tokenSecretRef + properties: + tokenSecretRef: + description: A reference to a specific 'key' within a Secret resource. In some instances, `key` is a required field. + type: object + required: + - name + properties: + key: + description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. + type: string + name: + description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + rfc2136: + description: Use RFC2136 ("Dynamic Updates in the Domain Name System") (https://datatracker.ietf.org/doc/rfc2136/) to manage DNS01 challenge records. + type: object + required: + - nameserver + properties: + nameserver: + description: The IP address or hostname of an authoritative DNS server supporting RFC2136 in the form host:port. If the host is an IPv6 address it must be enclosed in square brackets (e.g [2001:db8::1]) ; port is optional. This field is required. + type: string + tsigAlgorithm: + description: 'The TSIG Algorithm configured in the DNS supporting RFC2136. Used only when ``tsigSecretSecretRef`` and ``tsigKeyName`` are defined. Supported values are (case-insensitive): ``HMACMD5`` (default), ``HMACSHA1``, ``HMACSHA256`` or ``HMACSHA512``.' + type: string + tsigKeyName: + description: The TSIG Key name configured in the DNS. If ``tsigSecretSecretRef`` is defined, this field is required. + type: string + tsigSecretSecretRef: + description: The name of the secret containing the TSIG value. If ``tsigKeyName`` is defined, this field is required. + type: object + required: + - name + properties: + key: + description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. + type: string + name: + description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + route53: + description: Use the AWS Route53 API to manage DNS01 challenge records. + type: object + required: + - region + properties: + accessKeyID: + description: 'The AccessKeyID is used for authentication. Cannot be set when SecretAccessKeyID is set. If neither the Access Key nor Key ID are set, we fall-back to using env vars, shared credentials file or AWS Instance metadata, see: https://docs.aws.amazon.com/sdk-for-go/v1/developer-guide/configuring-sdk.html#specifying-credentials' + type: string + accessKeyIDSecretRef: + description: 'The SecretAccessKey is used for authentication. If set, pull the AWS access key ID from a key within a Kubernetes Secret. Cannot be set when AccessKeyID is set. If neither the Access Key nor Key ID are set, we fall-back to using env vars, shared credentials file or AWS Instance metadata, see: https://docs.aws.amazon.com/sdk-for-go/v1/developer-guide/configuring-sdk.html#specifying-credentials' + type: object + required: + - name + properties: + key: + description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. + type: string + name: + description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + hostedZoneID: + description: If set, the provider will manage only this zone in Route53 and will not do an lookup using the route53:ListHostedZonesByName api call. + type: string + region: + description: Always set the region when using AccessKeyID and SecretAccessKey + type: string + role: + description: Role is a Role ARN which the Route53 provider will assume using either the explicit credentials AccessKeyID/SecretAccessKey or the inferred credentials from environment variables, shared credentials file or AWS Instance metadata + type: string + secretAccessKeySecretRef: + description: 'The SecretAccessKey is used for authentication. If neither the Access Key nor Key ID are set, we fall-back to using env vars, shared credentials file or AWS Instance metadata, see: https://docs.aws.amazon.com/sdk-for-go/v1/developer-guide/configuring-sdk.html#specifying-credentials' + type: object + required: + - name + properties: + key: + description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. + type: string + name: + description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + webhook: + description: Configure an external webhook based DNS01 challenge solver to manage DNS01 challenge records. + type: object + required: + - groupName + - solverName + properties: + config: + description: Additional configuration that should be passed to the webhook apiserver when challenges are processed. This can contain arbitrary JSON data. Secret values should not be specified in this stanza. If secret values are needed (e.g. credentials for a DNS service), you should use a SecretKeySelector to reference a Secret resource. For details on the schema of this field, consult the webhook provider implementation's documentation. + x-kubernetes-preserve-unknown-fields: true + groupName: + description: The API group name that should be used when POSTing ChallengePayload resources to the webhook apiserver. This should be the same as the GroupName specified in the webhook provider implementation. + type: string + solverName: + description: The name of the solver to use, as defined in the webhook provider implementation. This will typically be the name of the provider, e.g. 'cloudflare'. + type: string + http01: + description: Configures cert-manager to attempt to complete authorizations by performing the HTTP01 challenge flow. It is not possible to obtain certificates for wildcard domain names (e.g. `*.example.com`) using the HTTP01 challenge mechanism. + type: object + properties: + gatewayHTTPRoute: + description: The Gateway API is a sig-network community API that models service networking in Kubernetes (https://gateway-api.sigs.k8s.io/). The Gateway solver will create HTTPRoutes with the specified labels in the same namespace as the challenge. This solver is experimental, and fields / behaviour may change in the future. + type: object + properties: + labels: + description: Custom labels that will be applied to HTTPRoutes created by cert-manager while solving HTTP-01 challenges. + type: object + additionalProperties: + type: string + parentRefs: + description: 'When solving an HTTP-01 challenge, cert-manager creates an HTTPRoute. cert-manager needs to know which parentRefs should be used when creating the HTTPRoute. Usually, the parentRef references a Gateway. See: https://gateway-api.sigs.k8s.io/api-types/httproute/#attaching-to-gateways' + type: array + items: + description: "ParentReference identifies an API object (usually a Gateway) that can be considered a parent of this resource (usually a route). The only kind of parent resource with \"Core\" support is Gateway. This API may be extended in the future to support additional kinds of parent resources, such as HTTPRoute. \n The API object must be valid in the cluster; the Group and Kind must be registered in the cluster for this reference to be valid." + type: object + required: + - name + properties: + group: + description: "Group is the group of the referent. When unspecified, \"gateway.networking.k8s.io\" is inferred. To set the core API group (such as for a \"Service\" kind referent), Group must be explicitly set to \"\" (empty string). \n Support: Core" + type: string + default: gateway.networking.k8s.io + maxLength: 253 + pattern: ^$|^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ + kind: + description: "Kind is kind of the referent. \n Support: Core (Gateway) \n Support: Implementation-specific (Other Resources)" + type: string + default: Gateway + maxLength: 63 + minLength: 1 + pattern: ^[a-zA-Z]([-a-zA-Z0-9]*[a-zA-Z0-9])?$ + name: + description: "Name is the name of the referent. \n Support: Core" + type: string + maxLength: 253 + minLength: 1 + namespace: + description: "Namespace is the namespace of the referent. When unspecified, this refers to the local namespace of the Route. \n Note that there are specific rules for ParentRefs which cross namespace boundaries. Cross-namespace references are only valid if they are explicitly allowed by something in the namespace they are referring to. For example: Gateway has the AllowedRoutes field, and ReferenceGrant provides a generic way to enable any other kind of cross-namespace reference. \n Support: Core" + type: string + maxLength: 63 + minLength: 1 + pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$ + port: + description: "Port is the network port this Route targets. It can be interpreted differently based on the type of parent resource. \n When the parent resource is a Gateway, this targets all listeners listening on the specified port that also support this kind of Route(and select this Route). It's not recommended to set `Port` unless the networking behaviors specified in a Route must apply to a specific port as opposed to a listener(s) whose port(s) may be changed. When both Port and SectionName are specified, the name and port of the selected listener must match both specified values. \n Implementations MAY choose to support other parent resources. Implementations supporting other types of parent resources MUST clearly document how/if Port is interpreted. \n For the purpose of status, an attachment is considered successful as long as the parent resource accepts it partially. For example, Gateway listeners can restrict which Routes can attach to them by Route kind, namespace, or hostname. If 1 of 2 Gateway listeners accept attachment from the referencing Route, the Route MUST be considered successfully attached. If no Gateway listeners accept attachment from this Route, the Route MUST be considered detached from the Gateway. \n Support: Extended \n " + type: integer + format: int32 + maximum: 65535 + minimum: 1 + sectionName: + description: "SectionName is the name of a section within the target resource. In the following resources, SectionName is interpreted as the following: \n * Gateway: Listener Name. When both Port (experimental) and SectionName are specified, the name and port of the selected listener must match both specified values. \n Implementations MAY choose to support attaching Routes to other resources. If that is the case, they MUST clearly document how SectionName is interpreted. \n When unspecified (empty string), this will reference the entire resource. For the purpose of status, an attachment is considered successful if at least one section in the parent resource accepts it. For example, Gateway listeners can restrict which Routes can attach to them by Route kind, namespace, or hostname. If 1 of 2 Gateway listeners accept attachment from the referencing Route, the Route MUST be considered successfully attached. If no Gateway listeners accept attachment from this Route, the Route MUST be considered detached from the Gateway. \n Support: Core" + type: string + maxLength: 253 + minLength: 1 + pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ + serviceType: + description: Optional service type for Kubernetes solver service. Supported values are NodePort or ClusterIP. If unset, defaults to NodePort. + type: string + ingress: + description: The ingress based HTTP01 challenge solver will solve challenges by creating or modifying Ingress resources in order to route requests for '/.well-known/acme-challenge/XYZ' to 'challenge solver' pods that are provisioned by cert-manager for each Challenge to be completed. + type: object + properties: + class: + description: This field configures the annotation `kubernetes.io/ingress.class` when creating Ingress resources to solve ACME challenges that use this challenge solver. Only one of `class`, `name` or `ingressClassName` may be specified. + type: string + ingressClassName: + description: This field configures the field `ingressClassName` on the created Ingress resources used to solve ACME challenges that use this challenge solver. This is the recommended way of configuring the ingress class. Only one of `class`, `name` or `ingressClassName` may be specified. + type: string + ingressTemplate: + description: Optional ingress template used to configure the ACME challenge solver ingress used for HTTP01 challenges. + type: object + properties: + metadata: + description: ObjectMeta overrides for the ingress used to solve HTTP01 challenges. Only the 'labels' and 'annotations' fields may be set. If labels or annotations overlap with in-built values, the values here will override the in-built values. + type: object + properties: + annotations: + description: Annotations that should be added to the created ACME HTTP01 solver ingress. + type: object + additionalProperties: + type: string + labels: + description: Labels that should be added to the created ACME HTTP01 solver ingress. + type: object + additionalProperties: + type: string + name: + description: The name of the ingress resource that should have ACME challenge solving routes inserted into it in order to solve HTTP01 challenges. This is typically used in conjunction with ingress controllers like ingress-gce, which maintains a 1:1 mapping between external IPs and ingress resources. Only one of `class`, `name` or `ingressClassName` may be specified. + type: string + podTemplate: + description: Optional pod template used to configure the ACME challenge solver pods used for HTTP01 challenges. + type: object + properties: + metadata: + description: ObjectMeta overrides for the pod used to solve HTTP01 challenges. Only the 'labels' and 'annotations' fields may be set. If labels or annotations overlap with in-built values, the values here will override the in-built values. + type: object + properties: + annotations: + description: Annotations that should be added to the create ACME HTTP01 solver pods. + type: object + additionalProperties: + type: string + labels: + description: Labels that should be added to the created ACME HTTP01 solver pods. + type: object + additionalProperties: + type: string + spec: + description: PodSpec defines overrides for the HTTP01 challenge solver pod. Check ACMEChallengeSolverHTTP01IngressPodSpec to find out currently supported fields. All other fields will be ignored. + type: object + properties: + affinity: + description: If specified, the pod's scheduling constraints + type: object + properties: + nodeAffinity: + description: Describes node affinity scheduling rules for the pod. + type: object + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node matches the corresponding matchExpressions; the node(s) with the highest sum are the most preferred. + type: array + items: + description: An empty preferred scheduling term matches all objects with implicit weight 0 (i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op). + type: object + required: + - preference + - weight + properties: + preference: + description: A node selector term, associated with the corresponding weight. + type: object + properties: + matchExpressions: + description: A list of node selector requirements by node's labels. + type: array + items: + description: A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + type: object + required: + - key + - operator + properties: + key: + description: The label key that the selector applies to. + type: string + operator: + description: Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + type: string + values: + description: An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. + type: array + items: + type: string + matchFields: + description: A list of node selector requirements by node's fields. + type: array + items: + description: A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + type: object + required: + - key + - operator + properties: + key: + description: The label key that the selector applies to. + type: string + operator: + description: Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + type: string + values: + description: An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. + type: array + items: + type: string + x-kubernetes-map-type: atomic + weight: + description: Weight associated with matching the corresponding nodeSelectorTerm, in the range 1-100. + type: integer + format: int32 + requiredDuringSchedulingIgnoredDuringExecution: + description: If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to an update), the system may or may not try to eventually evict the pod from its node. + type: object + required: + - nodeSelectorTerms + properties: + nodeSelectorTerms: + description: Required. A list of node selector terms. The terms are ORed. + type: array + items: + description: A null or empty node selector term matches no objects. The requirements of them are ANDed. The TopologySelectorTerm type implements a subset of the NodeSelectorTerm. + type: object + properties: + matchExpressions: + description: A list of node selector requirements by node's labels. + type: array + items: + description: A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + type: object + required: + - key + - operator + properties: + key: + description: The label key that the selector applies to. + type: string + operator: + description: Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + type: string + values: + description: An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. + type: array + items: + type: string + matchFields: + description: A list of node selector requirements by node's fields. + type: array + items: + description: A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + type: object + required: + - key + - operator + properties: + key: + description: The label key that the selector applies to. + type: string + operator: + description: Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + type: string + values: + description: An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. + type: array + items: + type: string + x-kubernetes-map-type: atomic + x-kubernetes-map-type: atomic + podAffinity: + description: Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s)). + type: object + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred. + type: array + items: + description: The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s) + type: object + required: + - podAffinityTerm + - weight + properties: + podAffinityTerm: + description: Required. A pod affinity term, associated with the corresponding weight. + type: object + required: + - topologyKey + properties: + labelSelector: + description: A label query over a set of resources, in this case pods. + type: object + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. The requirements are ANDed. + type: array + items: + description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + type: object + required: + - key + - operator + properties: + key: + description: key is the label key that the selector applies to. + type: string + operator: + description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + type: array + items: + type: string + matchLabels: + description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + additionalProperties: + type: string + x-kubernetes-map-type: atomic + namespaceSelector: + description: A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. + type: object + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. The requirements are ANDed. + type: array + items: + description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + type: object + required: + - key + - operator + properties: + key: + description: key is the label key that the selector applies to. + type: string + operator: + description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + type: array + items: + type: string + matchLabels: + description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + additionalProperties: + type: string + x-kubernetes-map-type: atomic + namespaces: + description: namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace". + type: array + items: + type: string + topologyKey: + description: This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. + type: string + weight: + description: weight associated with matching the corresponding podAffinityTerm, in the range 1-100. + type: integer + format: int32 + requiredDuringSchedulingIgnoredDuringExecution: + description: If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied. + type: array + items: + description: Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running + type: object + required: + - topologyKey + properties: + labelSelector: + description: A label query over a set of resources, in this case pods. + type: object + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. The requirements are ANDed. + type: array + items: + description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + type: object + required: + - key + - operator + properties: + key: + description: key is the label key that the selector applies to. + type: string + operator: + description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + type: array + items: + type: string + matchLabels: + description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + additionalProperties: + type: string + x-kubernetes-map-type: atomic + namespaceSelector: + description: A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. + type: object + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. The requirements are ANDed. + type: array + items: + description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + type: object + required: + - key + - operator + properties: + key: + description: key is the label key that the selector applies to. + type: string + operator: + description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + type: array + items: + type: string + matchLabels: + description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + additionalProperties: + type: string + x-kubernetes-map-type: atomic + namespaces: + description: namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace". + type: array + items: + type: string + topologyKey: + description: This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. + type: string + podAntiAffinity: + description: Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s)). + type: object + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule pods to nodes that satisfy the anti-affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling anti-affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred. + type: array + items: + description: The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s) + type: object + required: + - podAffinityTerm + - weight + properties: + podAffinityTerm: + description: Required. A pod affinity term, associated with the corresponding weight. + type: object + required: + - topologyKey + properties: + labelSelector: + description: A label query over a set of resources, in this case pods. + type: object + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. The requirements are ANDed. + type: array + items: + description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + type: object + required: + - key + - operator + properties: + key: + description: key is the label key that the selector applies to. + type: string + operator: + description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + type: array + items: + type: string + matchLabels: + description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + additionalProperties: + type: string + x-kubernetes-map-type: atomic + namespaceSelector: + description: A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. + type: object + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. The requirements are ANDed. + type: array + items: + description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + type: object + required: + - key + - operator + properties: + key: + description: key is the label key that the selector applies to. + type: string + operator: + description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + type: array + items: + type: string + matchLabels: + description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + additionalProperties: + type: string + x-kubernetes-map-type: atomic + namespaces: + description: namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace". + type: array + items: + type: string + topologyKey: + description: This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. + type: string + weight: + description: weight associated with matching the corresponding podAffinityTerm, in the range 1-100. + type: integer + format: int32 + requiredDuringSchedulingIgnoredDuringExecution: + description: If the anti-affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the anti-affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied. + type: array + items: + description: Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running + type: object + required: + - topologyKey + properties: + labelSelector: + description: A label query over a set of resources, in this case pods. + type: object + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. The requirements are ANDed. + type: array + items: + description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + type: object + required: + - key + - operator + properties: + key: + description: key is the label key that the selector applies to. + type: string + operator: + description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + type: array + items: + type: string + matchLabels: + description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + additionalProperties: + type: string + x-kubernetes-map-type: atomic + namespaceSelector: + description: A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. + type: object + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. The requirements are ANDed. + type: array + items: + description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + type: object + required: + - key + - operator + properties: + key: + description: key is the label key that the selector applies to. + type: string + operator: + description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + type: array + items: + type: string + matchLabels: + description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + additionalProperties: + type: string + x-kubernetes-map-type: atomic + namespaces: + description: namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace". + type: array + items: + type: string + topologyKey: + description: This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. + type: string + imagePullSecrets: + description: If specified, the pod's imagePullSecrets + type: array + items: + description: LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. + type: object + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + x-kubernetes-map-type: atomic + nodeSelector: + description: 'NodeSelector is a selector which must be true for the pod to fit on a node. Selector which must match a node''s labels for the pod to be scheduled on that node. More info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/' + type: object + additionalProperties: + type: string + priorityClassName: + description: If specified, the pod's priorityClassName. + type: string + serviceAccountName: + description: If specified, the pod's service account + type: string + tolerations: + description: If specified, the pod's tolerations. + type: array + items: + description: The pod this Toleration is attached to tolerates any taint that matches the triple using the matching operator . + type: object + properties: + effect: + description: Effect indicates the taint effect to match. Empty means match all taint effects. When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. + type: string + key: + description: Key is the taint key that the toleration applies to. Empty means match all taint keys. If the key is empty, operator must be Exists; this combination means to match all values and all keys. + type: string + operator: + description: Operator represents a key's relationship to the value. Valid operators are Exists and Equal. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category. + type: string + tolerationSeconds: + description: TolerationSeconds represents the period of time the toleration (which must be of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, it is not set, which means tolerate the taint forever (do not evict). Zero and negative values will be treated as 0 (evict immediately) by the system. + type: integer + format: int64 + value: + description: Value is the taint value the toleration matches to. If the operator is Exists, the value should be empty, otherwise just a regular string. + type: string + serviceType: + description: Optional service type for Kubernetes solver service. Supported values are NodePort or ClusterIP. If unset, defaults to NodePort. + type: string + selector: + description: Selector selects a set of DNSNames on the Certificate resource that should be solved using this challenge solver. If not specified, the solver will be treated as the 'default' solver with the lowest priority, i.e. if any other solver has a more specific match, it will be used instead. + type: object + properties: + dnsNames: + description: List of DNSNames that this solver will be used to solve. If specified and a match is found, a dnsNames selector will take precedence over a dnsZones selector. If multiple solvers match with the same dnsNames value, the solver with the most matching labels in matchLabels will be selected. If neither has more matches, the solver defined earlier in the list will be selected. + type: array + items: + type: string + dnsZones: + description: List of DNSZones that this solver will be used to solve. The most specific DNS zone match specified here will take precedence over other DNS zone matches, so a solver specifying sys.example.com will be selected over one specifying example.com for the domain www.sys.example.com. If multiple solvers match with the same dnsZones value, the solver with the most matching labels in matchLabels will be selected. If neither has more matches, the solver defined earlier in the list will be selected. + type: array + items: + type: string + matchLabels: + description: A label selector that is used to refine the set of certificate's that this challenge solver will apply to. + type: object + additionalProperties: + type: string + ca: + description: CA configures this issuer to sign certificates using a signing CA keypair stored in a Secret resource. This is used to build internal PKIs that are managed by cert-manager. + type: object + required: + - secretName + properties: + crlDistributionPoints: + description: The CRL distribution points is an X.509 v3 certificate extension which identifies the location of the CRL from which the revocation of this certificate can be checked. If not set, certificates will be issued without distribution points set. + type: array + items: + type: string + ocspServers: + description: The OCSP server list is an X.509 v3 extension that defines a list of URLs of OCSP responders. The OCSP responders can be queried for the revocation status of an issued certificate. If not set, the certificate will be issued with no OCSP servers set. For example, an OCSP server URL could be "http://ocsp.int-x3.letsencrypt.org". + type: array + items: + type: string + secretName: + description: SecretName is the name of the secret used to sign Certificates issued by this Issuer. + type: string + selfSigned: + description: SelfSigned configures this issuer to 'self sign' certificates using the private key used to create the CertificateRequest object. + type: object + properties: + crlDistributionPoints: + description: The CRL distribution points is an X.509 v3 certificate extension which identifies the location of the CRL from which the revocation of this certificate can be checked. If not set certificate will be issued without CDP. Values are strings. + type: array + items: + type: string + vault: + description: Vault configures this issuer to sign certificates using a HashiCorp Vault PKI backend. + type: object + required: + - auth + - path + - server + properties: + auth: + description: Auth configures how cert-manager authenticates with the Vault server. + type: object + properties: + appRole: + description: AppRole authenticates with Vault using the App Role auth mechanism, with the role and secret stored in a Kubernetes Secret resource. + type: object + required: + - path + - roleId + - secretRef + properties: + path: + description: 'Path where the App Role authentication backend is mounted in Vault, e.g: "approle"' + type: string + roleId: + description: RoleID configured in the App Role authentication backend when setting up the authentication backend in Vault. + type: string + secretRef: + description: Reference to a key in a Secret that contains the App Role secret used to authenticate with Vault. The `key` field must be specified and denotes which entry within the Secret resource is used as the app role secret. + type: object + required: + - name + properties: + key: + description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. + type: string + name: + description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + kubernetes: + description: Kubernetes authenticates with Vault by passing the ServiceAccount token stored in the named Secret resource to the Vault server. + type: object + required: + - role + properties: + mountPath: + description: The Vault mountPath here is the mount path to use when authenticating with Vault. For example, setting a value to `/v1/auth/foo`, will use the path `/v1/auth/foo/login` to authenticate with Vault. If unspecified, the default value "/v1/auth/kubernetes" will be used. + type: string + role: + description: A required field containing the Vault Role to assume. A Role binds a Kubernetes ServiceAccount with a set of Vault policies. + type: string + secretRef: + description: The required Secret field containing a Kubernetes ServiceAccount JWT used for authenticating with Vault. Use of 'ambient credentials' is not supported. + type: object + required: + - name + properties: + key: + description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. + type: string + name: + description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + serviceAccountRef: + description: A reference to a service account that will be used to request a bound token (also known as "projected token"). Compared to using "secretRef", using this field means that you don't rely on statically bound tokens. To use this field, you must configure an RBAC rule to let cert-manager request a token. + type: object + required: + - name + properties: + name: + description: Name of the ServiceAccount used to request a token. + type: string + tokenSecretRef: + description: TokenSecretRef authenticates with Vault by presenting a token. + type: object + required: + - name + properties: + key: + description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. + type: string + name: + description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + caBundle: + description: Base64-encoded bundle of PEM CAs which will be used to validate the certificate chain presented by Vault. Only used if using HTTPS to connect to Vault and ignored for HTTP connections. Mutually exclusive with CABundleSecretRef. If neither CABundle nor CABundleSecretRef are defined, the certificate bundle in the cert-manager controller container is used to validate the TLS connection. + type: string + format: byte + caBundleSecretRef: + description: Reference to a Secret containing a bundle of PEM-encoded CAs to use when verifying the certificate chain presented by Vault when using HTTPS. Mutually exclusive with CABundle. If neither CABundle nor CABundleSecretRef are defined, the certificate bundle in the cert-manager controller container is used to validate the TLS connection. If no key for the Secret is specified, cert-manager will default to 'ca.crt'. + type: object + required: + - name + properties: + key: + description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. + type: string + name: + description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Name of the vault namespace. Namespaces is a set of features within Vault Enterprise that allows Vault environments to support Secure Multi-tenancy. e.g: "ns1" More about namespaces can be found here https://www.vaultproject.io/docs/enterprise/namespaces' + type: string + path: + description: 'Path is the mount path of the Vault PKI backend''s `sign` endpoint, e.g: "my_pki_mount/sign/my-role-name".' + type: string + server: + description: 'Server is the connection address for the Vault server, e.g: "https://vault.example.com:8200".' + type: string + venafi: + description: Venafi configures this issuer to sign certificates using a Venafi TPP or Venafi Cloud policy zone. + type: object + required: + - zone + properties: + cloud: + description: Cloud specifies the Venafi cloud configuration settings. Only one of TPP or Cloud may be specified. + type: object + required: + - apiTokenSecretRef + properties: + apiTokenSecretRef: + description: APITokenSecretRef is a secret key selector for the Venafi Cloud API token. + type: object + required: + - name + properties: + key: + description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. + type: string + name: + description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + url: + description: URL is the base URL for Venafi Cloud. Defaults to "https://api.venafi.cloud/v1". + type: string + tpp: + description: TPP specifies Trust Protection Platform configuration settings. Only one of TPP or Cloud may be specified. + type: object + required: + - credentialsRef + - url + properties: + caBundle: + description: Base64-encoded bundle of PEM CAs which will be used to validate the certificate chain presented by the TPP server. Only used if using HTTPS; ignored for HTTP. If undefined, the certificate bundle in the cert-manager controller container is used to validate the chain. + type: string + format: byte + credentialsRef: + description: CredentialsRef is a reference to a Secret containing the username and password for the TPP server. The secret must contain two keys, 'username' and 'password'. + type: object + required: + - name + properties: + name: + description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + url: + description: 'URL is the base URL for the vedsdk endpoint of the Venafi TPP instance, for example: "https://tpp.example.com/vedsdk".' + type: string + zone: + description: Zone is the Venafi Policy Zone to use for this issuer. All requests made to the Venafi platform will be restricted by the named zone policy. This field is required. + type: string + status: + description: Status of the Issuer. This is set and managed automatically. + type: object + properties: + acme: + description: ACME specific status options. This field should only be set if the Issuer is configured to use an ACME server to issue certificates. + type: object + properties: + lastPrivateKeyHash: + description: LastPrivateKeyHash is a hash of the private key associated with the latest registered ACME account, in order to track changes made to registered account associated with the Issuer + type: string + lastRegisteredEmail: + description: LastRegisteredEmail is the email associated with the latest registered ACME account, in order to track changes made to registered account associated with the Issuer + type: string + uri: + description: URI is the unique account identifier, which can also be used to retrieve account details from the CA + type: string + conditions: + description: List of status conditions to indicate the status of a CertificateRequest. Known condition types are `Ready`. + type: array + items: + description: IssuerCondition contains condition information for an Issuer. + type: object + required: + - status + - type + properties: + lastTransitionTime: + description: LastTransitionTime is the timestamp corresponding to the last status change of this condition. + type: string + format: date-time + message: + description: Message is a human readable description of the details of the last transition, complementing reason. + type: string + observedGeneration: + description: If set, this represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.condition[x].observedGeneration is 9, the condition is out of date with respect to the current state of the Issuer. + type: integer + format: int64 + reason: + description: Reason is a brief machine readable explanation for the condition's last transition. + type: string + status: + description: Status of the condition, one of (`True`, `False`, `Unknown`). + type: string + enum: + - "True" + - "False" + - Unknown + type: + description: Type of the condition, known values are (`Ready`). + type: string + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map + served: true + storage: true +--- +# Source: cert-manager/templates/crds.yaml +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: orders.acme.cert-manager.io + labels: + app: 'cert-manager' + app.kubernetes.io/name: 'cert-manager' + app.kubernetes.io/instance: 'cert-manager' + # Generated labels + app.kubernetes.io/version: "v1.12.2" +spec: + group: acme.cert-manager.io + names: + kind: Order + listKind: OrderList + plural: orders + singular: order + categories: + - cert-manager + - cert-manager-acme + scope: Namespaced + versions: + - name: v1 + subresources: + status: {} + additionalPrinterColumns: + - jsonPath: .status.state + name: State + type: string + - jsonPath: .spec.issuerRef.name + name: Issuer + priority: 1 + type: string + - jsonPath: .status.reason + name: Reason + priority: 1 + type: string + - jsonPath: .metadata.creationTimestamp + description: CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC. + name: Age + type: date + schema: + openAPIV3Schema: + description: Order is a type to represent an Order with an ACME server + type: object + required: + - metadata + - spec + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + type: object + required: + - issuerRef + - request + properties: + commonName: + description: CommonName is the common name as specified on the DER encoded CSR. If specified, this value must also be present in `dnsNames` or `ipAddresses`. This field must match the corresponding field on the DER encoded CSR. + type: string + dnsNames: + description: DNSNames is a list of DNS names that should be included as part of the Order validation process. This field must match the corresponding field on the DER encoded CSR. + type: array + items: + type: string + duration: + description: Duration is the duration for the not after date for the requested certificate. this is set on order creation as pe the ACME spec. + type: string + ipAddresses: + description: IPAddresses is a list of IP addresses that should be included as part of the Order validation process. This field must match the corresponding field on the DER encoded CSR. + type: array + items: + type: string + issuerRef: + description: IssuerRef references a properly configured ACME-type Issuer which should be used to create this Order. If the Issuer does not exist, processing will be retried. If the Issuer is not an 'ACME' Issuer, an error will be returned and the Order will be marked as failed. + type: object + required: + - name + properties: + group: + description: Group of the resource being referred to. + type: string + kind: + description: Kind of the resource being referred to. + type: string + name: + description: Name of the resource being referred to. + type: string + request: + description: Certificate signing request bytes in DER encoding. This will be used when finalizing the order. This field must be set on the order. + type: string + format: byte + status: + type: object + properties: + authorizations: + description: Authorizations contains data returned from the ACME server on what authorizations must be completed in order to validate the DNS names specified on the Order. + type: array + items: + description: ACMEAuthorization contains data returned from the ACME server on an authorization that must be completed in order validate a DNS name on an ACME Order resource. + type: object + required: + - url + properties: + challenges: + description: Challenges specifies the challenge types offered by the ACME server. One of these challenge types will be selected when validating the DNS name and an appropriate Challenge resource will be created to perform the ACME challenge process. + type: array + items: + description: Challenge specifies a challenge offered by the ACME server for an Order. An appropriate Challenge resource can be created to perform the ACME challenge process. + type: object + required: + - token + - type + - url + properties: + token: + description: Token is the token that must be presented for this challenge. This is used to compute the 'key' that must also be presented. + type: string + type: + description: Type is the type of challenge being offered, e.g. 'http-01', 'dns-01', 'tls-sni-01', etc. This is the raw value retrieved from the ACME server. Only 'http-01' and 'dns-01' are supported by cert-manager, other values will be ignored. + type: string + url: + description: URL is the URL of this challenge. It can be used to retrieve additional metadata about the Challenge from the ACME server. + type: string + identifier: + description: Identifier is the DNS name to be validated as part of this authorization + type: string + initialState: + description: InitialState is the initial state of the ACME authorization when first fetched from the ACME server. If an Authorization is already 'valid', the Order controller will not create a Challenge resource for the authorization. This will occur when working with an ACME server that enables 'authz reuse' (such as Let's Encrypt's production endpoint). If not set and 'identifier' is set, the state is assumed to be pending and a Challenge will be created. + type: string + enum: + - valid + - ready + - pending + - processing + - invalid + - expired + - errored + url: + description: URL is the URL of the Authorization that must be completed + type: string + wildcard: + description: Wildcard will be true if this authorization is for a wildcard DNS name. If this is true, the identifier will be the *non-wildcard* version of the DNS name. For example, if '*.example.com' is the DNS name being validated, this field will be 'true' and the 'identifier' field will be 'example.com'. + type: boolean + certificate: + description: Certificate is a copy of the PEM encoded certificate for this Order. This field will be populated after the order has been successfully finalized with the ACME server, and the order has transitioned to the 'valid' state. + type: string + format: byte + failureTime: + description: FailureTime stores the time that this order failed. This is used to influence garbage collection and back-off. + type: string + format: date-time + finalizeURL: + description: FinalizeURL of the Order. This is used to obtain certificates for this order once it has been completed. + type: string + reason: + description: Reason optionally provides more information about a why the order is in the current state. + type: string + state: + description: State contains the current state of this Order resource. States 'success' and 'expired' are 'final' + type: string + enum: + - valid + - ready + - pending + - processing + - invalid + - expired + - errored + url: + description: URL of the Order. This will initially be empty when the resource is first created. The Order controller will populate this field when the Order is first processed. This field will be immutable after it is initially set. + type: string + served: true + storage: true +--- +# Source: cert-manager/templates/cainjector-serviceaccount.yaml +apiVersion: v1 +kind: ServiceAccount +automountServiceAccountToken: true +metadata: + name: cert-manager-cainjector + namespace: cert-manager + labels: + app: cainjector + app.kubernetes.io/name: cainjector + app.kubernetes.io/instance: cert-manager + app.kubernetes.io/component: "cainjector" + app.kubernetes.io/version: "v1.12.2" +--- +# Source: cert-manager/templates/serviceaccount.yaml +apiVersion: v1 +kind: ServiceAccount +automountServiceAccountToken: true +metadata: + name: cert-manager + namespace: cert-manager + labels: + app: cert-manager + app.kubernetes.io/name: cert-manager + app.kubernetes.io/instance: cert-manager + app.kubernetes.io/component: "controller" + app.kubernetes.io/version: "v1.12.2" +--- +# Source: cert-manager/templates/webhook-serviceaccount.yaml +apiVersion: v1 +kind: ServiceAccount +automountServiceAccountToken: true +metadata: + name: cert-manager-webhook + namespace: cert-manager + labels: + app: webhook + app.kubernetes.io/name: webhook + app.kubernetes.io/instance: cert-manager + app.kubernetes.io/component: "webhook" + app.kubernetes.io/version: "v1.12.2" +--- +# Source: cert-manager/templates/webhook-config.yaml +apiVersion: v1 +kind: ConfigMap +metadata: + name: cert-manager-webhook + namespace: cert-manager + labels: + app: webhook + app.kubernetes.io/name: webhook + app.kubernetes.io/instance: cert-manager + app.kubernetes.io/component: "webhook" + app.kubernetes.io/version: "v1.12.2" +data: +--- +# Source: cert-manager/templates/cainjector-rbac.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: cert-manager-cainjector + labels: + app: cainjector + app.kubernetes.io/name: cainjector + app.kubernetes.io/instance: cert-manager + app.kubernetes.io/component: "cainjector" + app.kubernetes.io/version: "v1.12.2" +rules: + - apiGroups: ["cert-manager.io"] + resources: ["certificates"] + verbs: ["get", "list", "watch"] + - apiGroups: [""] + resources: ["secrets"] + verbs: ["get", "list", "watch"] + - apiGroups: [""] + resources: ["events"] + verbs: ["get", "create", "update", "patch"] + - apiGroups: ["admissionregistration.k8s.io"] + resources: ["validatingwebhookconfigurations", "mutatingwebhookconfigurations"] + verbs: ["get", "list", "watch", "update", "patch"] + - apiGroups: ["apiregistration.k8s.io"] + resources: ["apiservices"] + verbs: ["get", "list", "watch", "update", "patch"] + - apiGroups: ["apiextensions.k8s.io"] + resources: ["customresourcedefinitions"] + verbs: ["get", "list", "watch", "update", "patch"] +--- +# Source: cert-manager/templates/rbac.yaml +# Issuer controller role +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: cert-manager-controller-issuers + labels: + app: cert-manager + app.kubernetes.io/name: cert-manager + app.kubernetes.io/instance: cert-manager + app.kubernetes.io/component: "controller" + app.kubernetes.io/version: "v1.12.2" +rules: + - apiGroups: ["cert-manager.io"] + resources: ["issuers", "issuers/status"] + verbs: ["update", "patch"] + - apiGroups: ["cert-manager.io"] + resources: ["issuers"] + verbs: ["get", "list", "watch"] + - apiGroups: [""] + resources: ["secrets"] + verbs: ["get", "list", "watch", "create", "update", "delete"] + - apiGroups: [""] + resources: ["events"] + verbs: ["create", "patch"] +--- +# Source: cert-manager/templates/rbac.yaml +# ClusterIssuer controller role +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: cert-manager-controller-clusterissuers + labels: + app: cert-manager + app.kubernetes.io/name: cert-manager + app.kubernetes.io/instance: cert-manager + app.kubernetes.io/component: "controller" + app.kubernetes.io/version: "v1.12.2" +rules: + - apiGroups: ["cert-manager.io"] + resources: ["clusterissuers", "clusterissuers/status"] + verbs: ["update", "patch"] + - apiGroups: ["cert-manager.io"] + resources: ["clusterissuers"] + verbs: ["get", "list", "watch"] + - apiGroups: [""] + resources: ["secrets"] + verbs: ["get", "list", "watch", "create", "update", "delete"] + - apiGroups: [""] + resources: ["events"] + verbs: ["create", "patch"] +--- +# Source: cert-manager/templates/rbac.yaml +# Certificates controller role +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: cert-manager-controller-certificates + labels: + app: cert-manager + app.kubernetes.io/name: cert-manager + app.kubernetes.io/instance: cert-manager + app.kubernetes.io/component: "controller" + app.kubernetes.io/version: "v1.12.2" +rules: + - apiGroups: ["cert-manager.io"] + resources: ["certificates", "certificates/status", "certificaterequests", "certificaterequests/status"] + verbs: ["update", "patch"] + - apiGroups: ["cert-manager.io"] + resources: ["certificates", "certificaterequests", "clusterissuers", "issuers"] + verbs: ["get", "list", "watch"] + # We require these rules to support users with the OwnerReferencesPermissionEnforcement + # admission controller enabled: + # https://kubernetes.io/docs/reference/access-authn-authz/admission-controllers/#ownerreferencespermissionenforcement + - apiGroups: ["cert-manager.io"] + resources: ["certificates/finalizers", "certificaterequests/finalizers"] + verbs: ["update"] + - apiGroups: ["acme.cert-manager.io"] + resources: ["orders"] + verbs: ["create", "delete", "get", "list", "watch"] + - apiGroups: [""] + resources: ["secrets"] + verbs: ["get", "list", "watch", "create", "update", "delete", "patch"] + - apiGroups: [""] + resources: ["events"] + verbs: ["create", "patch"] +--- +# Source: cert-manager/templates/rbac.yaml +# Orders controller role +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: cert-manager-controller-orders + labels: + app: cert-manager + app.kubernetes.io/name: cert-manager + app.kubernetes.io/instance: cert-manager + app.kubernetes.io/component: "controller" + app.kubernetes.io/version: "v1.12.2" +rules: + - apiGroups: ["acme.cert-manager.io"] + resources: ["orders", "orders/status"] + verbs: ["update", "patch"] + - apiGroups: ["acme.cert-manager.io"] + resources: ["orders", "challenges"] + verbs: ["get", "list", "watch"] + - apiGroups: ["cert-manager.io"] + resources: ["clusterissuers", "issuers"] + verbs: ["get", "list", "watch"] + - apiGroups: ["acme.cert-manager.io"] + resources: ["challenges"] + verbs: ["create", "delete"] + # We require these rules to support users with the OwnerReferencesPermissionEnforcement + # admission controller enabled: + # https://kubernetes.io/docs/reference/access-authn-authz/admission-controllers/#ownerreferencespermissionenforcement + - apiGroups: ["acme.cert-manager.io"] + resources: ["orders/finalizers"] + verbs: ["update"] + - apiGroups: [""] + resources: ["secrets"] + verbs: ["get", "list", "watch"] + - apiGroups: [""] + resources: ["events"] + verbs: ["create", "patch"] +--- +# Source: cert-manager/templates/rbac.yaml +# Challenges controller role +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: cert-manager-controller-challenges + labels: + app: cert-manager + app.kubernetes.io/name: cert-manager + app.kubernetes.io/instance: cert-manager + app.kubernetes.io/component: "controller" + app.kubernetes.io/version: "v1.12.2" +rules: + # Use to update challenge resource status + - apiGroups: ["acme.cert-manager.io"] + resources: ["challenges", "challenges/status"] + verbs: ["update", "patch"] + # Used to watch challenge resources + - apiGroups: ["acme.cert-manager.io"] + resources: ["challenges"] + verbs: ["get", "list", "watch"] + # Used to watch challenges, issuer and clusterissuer resources + - apiGroups: ["cert-manager.io"] + resources: ["issuers", "clusterissuers"] + verbs: ["get", "list", "watch"] + # Need to be able to retrieve ACME account private key to complete challenges + - apiGroups: [""] + resources: ["secrets"] + verbs: ["get", "list", "watch"] + # Used to create events + - apiGroups: [""] + resources: ["events"] + verbs: ["create", "patch"] + # HTTP01 rules + - apiGroups: [""] + resources: ["pods", "services"] + verbs: ["get", "list", "watch", "create", "delete"] + - apiGroups: ["networking.k8s.io"] + resources: ["ingresses"] + verbs: ["get", "list", "watch", "create", "delete", "update"] + - apiGroups: [ "gateway.networking.k8s.io" ] + resources: [ "httproutes" ] + verbs: ["get", "list", "watch", "create", "delete", "update"] + # We require the ability to specify a custom hostname when we are creating + # new ingress resources. + # See: https://github.com/openshift/origin/blob/21f191775636f9acadb44fa42beeb4f75b255532/pkg/route/apiserver/admission/ingress_admission.go#L84-L148 + - apiGroups: ["route.openshift.io"] + resources: ["routes/custom-host"] + verbs: ["create"] + # We require these rules to support users with the OwnerReferencesPermissionEnforcement + # admission controller enabled: + # https://kubernetes.io/docs/reference/access-authn-authz/admission-controllers/#ownerreferencespermissionenforcement + - apiGroups: ["acme.cert-manager.io"] + resources: ["challenges/finalizers"] + verbs: ["update"] + # DNS01 rules (duplicated above) + - apiGroups: [""] + resources: ["secrets"] + verbs: ["get", "list", "watch"] +--- +# Source: cert-manager/templates/rbac.yaml +# ingress-shim controller role +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: cert-manager-controller-ingress-shim + labels: + app: cert-manager + app.kubernetes.io/name: cert-manager + app.kubernetes.io/instance: cert-manager + app.kubernetes.io/component: "controller" + app.kubernetes.io/version: "v1.12.2" +rules: + - apiGroups: ["cert-manager.io"] + resources: ["certificates", "certificaterequests"] + verbs: ["create", "update", "delete"] + - apiGroups: ["cert-manager.io"] + resources: ["certificates", "certificaterequests", "issuers", "clusterissuers"] + verbs: ["get", "list", "watch"] + - apiGroups: ["networking.k8s.io"] + resources: ["ingresses"] + verbs: ["get", "list", "watch"] + # We require these rules to support users with the OwnerReferencesPermissionEnforcement + # admission controller enabled: + # https://kubernetes.io/docs/reference/access-authn-authz/admission-controllers/#ownerreferencespermissionenforcement + - apiGroups: ["networking.k8s.io"] + resources: ["ingresses/finalizers"] + verbs: ["update"] + - apiGroups: ["gateway.networking.k8s.io"] + resources: ["gateways", "httproutes"] + verbs: ["get", "list", "watch"] + - apiGroups: ["gateway.networking.k8s.io"] + resources: ["gateways/finalizers", "httproutes/finalizers"] + verbs: ["update"] + - apiGroups: [""] + resources: ["events"] + verbs: ["create", "patch"] +--- +# Source: cert-manager/templates/rbac.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: cert-manager-view + labels: + app: cert-manager + app.kubernetes.io/name: cert-manager + app.kubernetes.io/instance: cert-manager + app.kubernetes.io/component: "controller" + app.kubernetes.io/version: "v1.12.2" + rbac.authorization.k8s.io/aggregate-to-view: "true" + rbac.authorization.k8s.io/aggregate-to-edit: "true" + rbac.authorization.k8s.io/aggregate-to-admin: "true" +rules: + - apiGroups: ["cert-manager.io"] + resources: ["certificates", "certificaterequests", "issuers"] + verbs: ["get", "list", "watch"] + - apiGroups: ["acme.cert-manager.io"] + resources: ["challenges", "orders"] + verbs: ["get", "list", "watch"] +--- +# Source: cert-manager/templates/rbac.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: cert-manager-edit + labels: + app: cert-manager + app.kubernetes.io/name: cert-manager + app.kubernetes.io/instance: cert-manager + app.kubernetes.io/component: "controller" + app.kubernetes.io/version: "v1.12.2" + rbac.authorization.k8s.io/aggregate-to-edit: "true" + rbac.authorization.k8s.io/aggregate-to-admin: "true" +rules: + - apiGroups: ["cert-manager.io"] + resources: ["certificates", "certificaterequests", "issuers"] + verbs: ["create", "delete", "deletecollection", "patch", "update"] + - apiGroups: ["cert-manager.io"] + resources: ["certificates/status"] + verbs: ["update"] + - apiGroups: ["acme.cert-manager.io"] + resources: ["challenges", "orders"] + verbs: ["create", "delete", "deletecollection", "patch", "update"] +--- +# Source: cert-manager/templates/rbac.yaml +# Permission to approve CertificateRequests referencing cert-manager.io Issuers and ClusterIssuers +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: cert-manager-controller-approve:cert-manager-io + labels: + app: cert-manager + app.kubernetes.io/name: cert-manager + app.kubernetes.io/instance: cert-manager + app.kubernetes.io/component: "cert-manager" + app.kubernetes.io/version: "v1.12.2" +rules: + - apiGroups: ["cert-manager.io"] + resources: ["signers"] + verbs: ["approve"] + resourceNames: ["issuers.cert-manager.io/*", "clusterissuers.cert-manager.io/*"] +--- +# Source: cert-manager/templates/rbac.yaml +# Permission to: +# - Update and sign CertificatSigningeRequests referencing cert-manager.io Issuers and ClusterIssuers +# - Perform SubjectAccessReviews to test whether users are able to reference Namespaced Issuers +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: cert-manager-controller-certificatesigningrequests + labels: + app: cert-manager + app.kubernetes.io/name: cert-manager + app.kubernetes.io/instance: cert-manager + app.kubernetes.io/component: "cert-manager" + app.kubernetes.io/version: "v1.12.2" +rules: + - apiGroups: ["certificates.k8s.io"] + resources: ["certificatesigningrequests"] + verbs: ["get", "list", "watch", "update"] + - apiGroups: ["certificates.k8s.io"] + resources: ["certificatesigningrequests/status"] + verbs: ["update", "patch"] + - apiGroups: ["certificates.k8s.io"] + resources: ["signers"] + resourceNames: ["issuers.cert-manager.io/*", "clusterissuers.cert-manager.io/*"] + verbs: ["sign"] + - apiGroups: ["authorization.k8s.io"] + resources: ["subjectaccessreviews"] + verbs: ["create"] +--- +# Source: cert-manager/templates/webhook-rbac.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: cert-manager-webhook:subjectaccessreviews + labels: + app: webhook + app.kubernetes.io/name: webhook + app.kubernetes.io/instance: cert-manager + app.kubernetes.io/component: "webhook" + app.kubernetes.io/version: "v1.12.2" +rules: +- apiGroups: ["authorization.k8s.io"] + resources: ["subjectaccessreviews"] + verbs: ["create"] +--- +# Source: cert-manager/templates/cainjector-rbac.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: cert-manager-cainjector + labels: + app: cainjector + app.kubernetes.io/name: cainjector + app.kubernetes.io/instance: cert-manager + app.kubernetes.io/component: "cainjector" + app.kubernetes.io/version: "v1.12.2" +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: cert-manager-cainjector +subjects: + - name: cert-manager-cainjector + namespace: cert-manager + kind: ServiceAccount +--- +# Source: cert-manager/templates/rbac.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: cert-manager-controller-issuers + labels: + app: cert-manager + app.kubernetes.io/name: cert-manager + app.kubernetes.io/instance: cert-manager + app.kubernetes.io/component: "controller" + app.kubernetes.io/version: "v1.12.2" +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: cert-manager-controller-issuers +subjects: + - name: cert-manager + namespace: cert-manager + kind: ServiceAccount +--- +# Source: cert-manager/templates/rbac.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: cert-manager-controller-clusterissuers + labels: + app: cert-manager + app.kubernetes.io/name: cert-manager + app.kubernetes.io/instance: cert-manager + app.kubernetes.io/component: "controller" + app.kubernetes.io/version: "v1.12.2" +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: cert-manager-controller-clusterissuers +subjects: + - name: cert-manager + namespace: cert-manager + kind: ServiceAccount +--- +# Source: cert-manager/templates/rbac.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: cert-manager-controller-certificates + labels: + app: cert-manager + app.kubernetes.io/name: cert-manager + app.kubernetes.io/instance: cert-manager + app.kubernetes.io/component: "controller" + app.kubernetes.io/version: "v1.12.2" +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: cert-manager-controller-certificates +subjects: + - name: cert-manager + namespace: cert-manager + kind: ServiceAccount +--- +# Source: cert-manager/templates/rbac.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: cert-manager-controller-orders + labels: + app: cert-manager + app.kubernetes.io/name: cert-manager + app.kubernetes.io/instance: cert-manager + app.kubernetes.io/component: "controller" + app.kubernetes.io/version: "v1.12.2" +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: cert-manager-controller-orders +subjects: + - name: cert-manager + namespace: cert-manager + kind: ServiceAccount +--- +# Source: cert-manager/templates/rbac.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: cert-manager-controller-challenges + labels: + app: cert-manager + app.kubernetes.io/name: cert-manager + app.kubernetes.io/instance: cert-manager + app.kubernetes.io/component: "controller" + app.kubernetes.io/version: "v1.12.2" +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: cert-manager-controller-challenges +subjects: + - name: cert-manager + namespace: cert-manager + kind: ServiceAccount +--- +# Source: cert-manager/templates/rbac.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: cert-manager-controller-ingress-shim + labels: + app: cert-manager + app.kubernetes.io/name: cert-manager + app.kubernetes.io/instance: cert-manager + app.kubernetes.io/component: "controller" + app.kubernetes.io/version: "v1.12.2" +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: cert-manager-controller-ingress-shim +subjects: + - name: cert-manager + namespace: cert-manager + kind: ServiceAccount +--- +# Source: cert-manager/templates/rbac.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: cert-manager-controller-approve:cert-manager-io + labels: + app: cert-manager + app.kubernetes.io/name: cert-manager + app.kubernetes.io/instance: cert-manager + app.kubernetes.io/component: "cert-manager" + app.kubernetes.io/version: "v1.12.2" +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: cert-manager-controller-approve:cert-manager-io +subjects: + - name: cert-manager + namespace: cert-manager + kind: ServiceAccount +--- +# Source: cert-manager/templates/rbac.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: cert-manager-controller-certificatesigningrequests + labels: + app: cert-manager + app.kubernetes.io/name: cert-manager + app.kubernetes.io/instance: cert-manager + app.kubernetes.io/component: "cert-manager" + app.kubernetes.io/version: "v1.12.2" +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: cert-manager-controller-certificatesigningrequests +subjects: + - name: cert-manager + namespace: cert-manager + kind: ServiceAccount +--- +# Source: cert-manager/templates/webhook-rbac.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: cert-manager-webhook:subjectaccessreviews + labels: + app: webhook + app.kubernetes.io/name: webhook + app.kubernetes.io/instance: cert-manager + app.kubernetes.io/component: "webhook" + app.kubernetes.io/version: "v1.12.2" +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: cert-manager-webhook:subjectaccessreviews +subjects: +- apiGroup: "" + kind: ServiceAccount + name: cert-manager-webhook + namespace: cert-manager +--- +# Source: cert-manager/templates/cainjector-rbac.yaml +# leader election rules +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: cert-manager-cainjector:leaderelection + namespace: kube-system + labels: + app: cainjector + app.kubernetes.io/name: cainjector + app.kubernetes.io/instance: cert-manager + app.kubernetes.io/component: "cainjector" + app.kubernetes.io/version: "v1.12.2" +rules: + # Used for leader election by the controller + # cert-manager-cainjector-leader-election is used by the CertificateBased injector controller + # see cmd/cainjector/start.go#L113 + # cert-manager-cainjector-leader-election-core is used by the SecretBased injector controller + # see cmd/cainjector/start.go#L137 + - apiGroups: ["coordination.k8s.io"] + resources: ["leases"] + resourceNames: ["cert-manager-cainjector-leader-election", "cert-manager-cainjector-leader-election-core"] + verbs: ["get", "update", "patch"] + - apiGroups: ["coordination.k8s.io"] + resources: ["leases"] + verbs: ["create"] +--- +# Source: cert-manager/templates/rbac.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: cert-manager:leaderelection + namespace: kube-system + labels: + app: cert-manager + app.kubernetes.io/name: cert-manager + app.kubernetes.io/instance: cert-manager + app.kubernetes.io/component: "controller" + app.kubernetes.io/version: "v1.12.2" +rules: + - apiGroups: ["coordination.k8s.io"] + resources: ["leases"] + resourceNames: ["cert-manager-controller"] + verbs: ["get", "update", "patch"] + - apiGroups: ["coordination.k8s.io"] + resources: ["leases"] + verbs: ["create"] +--- +# Source: cert-manager/templates/webhook-rbac.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: cert-manager-webhook:dynamic-serving + namespace: cert-manager + labels: + app: webhook + app.kubernetes.io/name: webhook + app.kubernetes.io/instance: cert-manager + app.kubernetes.io/component: "webhook" + app.kubernetes.io/version: "v1.12.2" +rules: +- apiGroups: [""] + resources: ["secrets"] + resourceNames: + - 'cert-manager-webhook-ca' + verbs: ["get", "list", "watch", "update"] +# It's not possible to grant CREATE permission on a single resourceName. +- apiGroups: [""] + resources: ["secrets"] + verbs: ["create"] +--- +# Source: cert-manager/templates/cainjector-rbac.yaml +# grant cert-manager permission to manage the leaderelection configmap in the +# leader election namespace +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: cert-manager-cainjector:leaderelection + namespace: kube-system + labels: + app: cainjector + app.kubernetes.io/name: cainjector + app.kubernetes.io/instance: cert-manager + app.kubernetes.io/component: "cainjector" + app.kubernetes.io/version: "v1.12.2" +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: cert-manager-cainjector:leaderelection +subjects: + - kind: ServiceAccount + name: cert-manager-cainjector + namespace: cert-manager +--- +# Source: cert-manager/templates/rbac.yaml +# grant cert-manager permission to manage the leaderelection configmap in the +# leader election namespace +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: cert-manager:leaderelection + namespace: kube-system + labels: + app: cert-manager + app.kubernetes.io/name: cert-manager + app.kubernetes.io/instance: cert-manager + app.kubernetes.io/component: "controller" + app.kubernetes.io/version: "v1.12.2" +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: cert-manager:leaderelection +subjects: + - apiGroup: "" + kind: ServiceAccount + name: cert-manager + namespace: cert-manager +--- +# Source: cert-manager/templates/webhook-rbac.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: cert-manager-webhook:dynamic-serving + namespace: cert-manager + labels: + app: webhook + app.kubernetes.io/name: webhook + app.kubernetes.io/instance: cert-manager + app.kubernetes.io/component: "webhook" + app.kubernetes.io/version: "v1.12.2" +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: cert-manager-webhook:dynamic-serving +subjects: +- apiGroup: "" + kind: ServiceAccount + name: cert-manager-webhook + namespace: cert-manager +--- +# Source: cert-manager/templates/service.yaml +apiVersion: v1 +kind: Service +metadata: + name: cert-manager + namespace: cert-manager + labels: + app: cert-manager + app.kubernetes.io/name: cert-manager + app.kubernetes.io/instance: cert-manager + app.kubernetes.io/component: "controller" + app.kubernetes.io/version: "v1.12.2" +spec: + type: ClusterIP + ports: + - protocol: TCP + port: 9402 + name: tcp-prometheus-servicemonitor + targetPort: 9402 + selector: + app.kubernetes.io/name: cert-manager + app.kubernetes.io/instance: cert-manager + app.kubernetes.io/component: "controller" +--- +# Source: cert-manager/templates/webhook-service.yaml +apiVersion: v1 +kind: Service +metadata: + name: cert-manager-webhook + namespace: cert-manager + labels: + app: webhook + app.kubernetes.io/name: webhook + app.kubernetes.io/instance: cert-manager + app.kubernetes.io/component: "webhook" + app.kubernetes.io/version: "v1.12.2" +spec: + type: ClusterIP + ports: + - name: https + port: 443 + protocol: TCP + targetPort: "https" + selector: + app.kubernetes.io/name: webhook + app.kubernetes.io/instance: cert-manager + app.kubernetes.io/component: "webhook" +--- +# Source: cert-manager/templates/cainjector-deployment.yaml +apiVersion: apps/v1 +kind: Deployment +metadata: + name: cert-manager-cainjector + namespace: cert-manager + labels: + app: cainjector + app.kubernetes.io/name: cainjector + app.kubernetes.io/instance: cert-manager + app.kubernetes.io/component: "cainjector" + app.kubernetes.io/version: "v1.12.2" +spec: + replicas: 1 + selector: + matchLabels: + app.kubernetes.io/name: cainjector + app.kubernetes.io/instance: cert-manager + app.kubernetes.io/component: "cainjector" + template: + metadata: + labels: + app: cainjector + app.kubernetes.io/name: cainjector + app.kubernetes.io/instance: cert-manager + app.kubernetes.io/component: "cainjector" + app.kubernetes.io/version: "v1.12.2" + spec: + serviceAccountName: cert-manager-cainjector + securityContext: + runAsNonRoot: true + seccompProfile: + type: RuntimeDefault + containers: + - name: cert-manager-cainjector + image: "quay.io/jetstack/cert-manager-cainjector:v1.12.2" + imagePullPolicy: IfNotPresent + args: + - --v=2 + - --leader-election-namespace=kube-system + env: + - name: POD_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + nodeSelector: + kubernetes.io/os: linux +--- +# Source: cert-manager/templates/deployment.yaml +apiVersion: apps/v1 +kind: Deployment +metadata: + name: cert-manager + namespace: cert-manager + labels: + app: cert-manager + app.kubernetes.io/name: cert-manager + app.kubernetes.io/instance: cert-manager + app.kubernetes.io/component: "controller" + app.kubernetes.io/version: "v1.12.2" +spec: + replicas: 1 + selector: + matchLabels: + app.kubernetes.io/name: cert-manager + app.kubernetes.io/instance: cert-manager + app.kubernetes.io/component: "controller" + template: + metadata: + labels: + app: cert-manager + app.kubernetes.io/name: cert-manager + app.kubernetes.io/instance: cert-manager + app.kubernetes.io/component: "controller" + app.kubernetes.io/version: "v1.12.2" + annotations: + prometheus.io/path: "/metrics" + prometheus.io/scrape: 'true' + prometheus.io/port: '9402' + spec: + serviceAccountName: cert-manager + securityContext: + runAsNonRoot: true + seccompProfile: + type: RuntimeDefault + containers: + - name: cert-manager-controller + image: "quay.io/jetstack/cert-manager-controller:v1.12.2" + imagePullPolicy: IfNotPresent + args: + - --v=2 + - --cluster-resource-namespace=$(POD_NAMESPACE) + - --leader-election-namespace=kube-system + - --acme-http01-solver-image=quay.io/jetstack/cert-manager-acmesolver:v1.12.2 + - --max-concurrent-challenges=60 + ports: + - containerPort: 9402 + name: http-metrics + protocol: TCP + - containerPort: 9403 + name: http-healthz + protocol: TCP + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + env: + - name: POD_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + nodeSelector: + kubernetes.io/os: linux +--- +# Source: cert-manager/templates/webhook-deployment.yaml +apiVersion: apps/v1 +kind: Deployment +metadata: + name: cert-manager-webhook + namespace: cert-manager + labels: + app: webhook + app.kubernetes.io/name: webhook + app.kubernetes.io/instance: cert-manager + app.kubernetes.io/component: "webhook" + app.kubernetes.io/version: "v1.12.2" +spec: + replicas: 1 + selector: + matchLabels: + app.kubernetes.io/name: webhook + app.kubernetes.io/instance: cert-manager + app.kubernetes.io/component: "webhook" + template: + metadata: + labels: + app: webhook + app.kubernetes.io/name: webhook + app.kubernetes.io/instance: cert-manager + app.kubernetes.io/component: "webhook" + app.kubernetes.io/version: "v1.12.2" + spec: + serviceAccountName: cert-manager-webhook + securityContext: + runAsNonRoot: true + seccompProfile: + type: RuntimeDefault + containers: + - name: cert-manager-webhook + image: "quay.io/jetstack/cert-manager-webhook:v1.12.2" + imagePullPolicy: IfNotPresent + args: + - --v=2 + - --secure-port=10250 + - --dynamic-serving-ca-secret-namespace=$(POD_NAMESPACE) + - --dynamic-serving-ca-secret-name=cert-manager-webhook-ca + - --dynamic-serving-dns-names=cert-manager-webhook + - --dynamic-serving-dns-names=cert-manager-webhook.$(POD_NAMESPACE) + - --dynamic-serving-dns-names=cert-manager-webhook.$(POD_NAMESPACE).svc + + ports: + - name: https + protocol: TCP + containerPort: 10250 + - name: healthcheck + protocol: TCP + containerPort: 6080 + livenessProbe: + httpGet: + path: /livez + port: 6080 + scheme: HTTP + initialDelaySeconds: 60 + periodSeconds: 10 + timeoutSeconds: 1 + successThreshold: 1 + failureThreshold: 3 + readinessProbe: + httpGet: + path: /healthz + port: 6080 + scheme: HTTP + initialDelaySeconds: 5 + periodSeconds: 5 + timeoutSeconds: 1 + successThreshold: 1 + failureThreshold: 3 + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + env: + - name: POD_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + nodeSelector: + kubernetes.io/os: linux +--- +# Source: cert-manager/templates/webhook-mutating-webhook.yaml +apiVersion: admissionregistration.k8s.io/v1 +kind: MutatingWebhookConfiguration +metadata: + name: cert-manager-webhook + labels: + app: webhook + app.kubernetes.io/name: webhook + app.kubernetes.io/instance: cert-manager + app.kubernetes.io/component: "webhook" + app.kubernetes.io/version: "v1.12.2" + annotations: + cert-manager.io/inject-ca-from-secret: "cert-manager/cert-manager-webhook-ca" +webhooks: + - name: webhook.cert-manager.io + rules: + - apiGroups: + - "cert-manager.io" + - "acme.cert-manager.io" + apiVersions: + - "v1" + operations: + - CREATE + - UPDATE + resources: + - "*/*" + admissionReviewVersions: ["v1"] + # This webhook only accepts v1 cert-manager resources. + # Equivalent matchPolicy ensures that non-v1 resource requests are sent to + # this webhook (after the resources have been converted to v1). + matchPolicy: Equivalent + timeoutSeconds: 10 + failurePolicy: Fail + # Only include 'sideEffects' field in Kubernetes 1.12+ + sideEffects: None + clientConfig: + service: + name: cert-manager-webhook + namespace: cert-manager + path: /mutate +--- +# Source: cert-manager/templates/webhook-validating-webhook.yaml +apiVersion: admissionregistration.k8s.io/v1 +kind: ValidatingWebhookConfiguration +metadata: + name: cert-manager-webhook + labels: + app: webhook + app.kubernetes.io/name: webhook + app.kubernetes.io/instance: cert-manager + app.kubernetes.io/component: "webhook" + app.kubernetes.io/version: "v1.12.2" + annotations: + cert-manager.io/inject-ca-from-secret: "cert-manager/cert-manager-webhook-ca" +webhooks: + - name: webhook.cert-manager.io + namespaceSelector: + matchExpressions: + - key: "cert-manager.io/disable-validation" + operator: "NotIn" + values: + - "true" + - key: "name" + operator: "NotIn" + values: + - cert-manager + rules: + - apiGroups: + - "cert-manager.io" + - "acme.cert-manager.io" + apiVersions: + - "v1" + operations: + - CREATE + - UPDATE + resources: + - "*/*" + admissionReviewVersions: ["v1"] + # This webhook only accepts v1 cert-manager resources. + # Equivalent matchPolicy ensures that non-v1 resource requests are sent to + # this webhook (after the resources have been converted to v1). + matchPolicy: Equivalent + timeoutSeconds: 10 + failurePolicy: Fail + sideEffects: None + clientConfig: + service: + name: cert-manager-webhook + namespace: cert-manager + path: /validate diff --git a/data/k8ssandra_cass-operator/k8ssandra_cr.yaml b/data/k8ssandra_cass-operator/k8ssandra_cr.yaml new file mode 100644 index 0000000000..7cdc7c68b3 --- /dev/null +++ b/data/k8ssandra_cass-operator/k8ssandra_cr.yaml @@ -0,0 +1,11856 @@ +apiVersion: v1 +kind: Namespace +metadata: + labels: + control-plane: controller-manager + name: cass-operator +--- +# Source: cass-operator/crds/cassandradatacenters.yaml +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.12.0 + name: cassandradatacenters.cassandra.datastax.com +spec: + group: cassandra.datastax.com + names: + kind: CassandraDatacenter + listKind: CassandraDatacenterList + plural: cassandradatacenters + shortNames: + - cassdc + - cassdcs + singular: cassandradatacenter + scope: Namespaced + versions: + - name: v1beta1 + schema: + openAPIV3Schema: + description: CassandraDatacenter is the Schema for the cassandradatacenters + API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: CassandraDatacenterSpec defines the desired state of a CassandraDatacenter + properties: + additionalAnnotations: + additionalProperties: + type: string + description: Additional Annotations allows to define additional labels + that will be included in all objects created by the operator. Note, + user can override values set by default from the cass-operator and + doing so could break cass-operator functionality. + type: object + additionalLabels: + additionalProperties: + type: string + description: Additional Labels allows to define additional labels + that will be included in all objects created by the operator. Note, + user can override values set by default from the cass-operator and + doing so could break cass-operator functionality. + type: object + additionalSeeds: + items: + type: string + type: array + additionalServiceConfig: + description: AdditionalServiceConfig allows to define additional parameters + that are included in the created Services. Note, user can override + values set by cass-operator and doing so could break cass-operator + functionality. Avoid label "cass-operator" and anything that starts + with "cassandra.datastax.com/" + properties: + additionalSeedService: + description: ServiceConfigAdditions exposes additional options + for each service + properties: + additionalAnnotations: + additionalProperties: + type: string + type: object + additionalLabels: + additionalProperties: + type: string + type: object + type: object + allpodsService: + description: ServiceConfigAdditions exposes additional options + for each service + properties: + additionalAnnotations: + additionalProperties: + type: string + type: object + additionalLabels: + additionalProperties: + type: string + type: object + type: object + dcService: + description: ServiceConfigAdditions exposes additional options + for each service + properties: + additionalAnnotations: + additionalProperties: + type: string + type: object + additionalLabels: + additionalProperties: + type: string + type: object + type: object + nodePortService: + description: ServiceConfigAdditions exposes additional options + for each service + properties: + additionalAnnotations: + additionalProperties: + type: string + type: object + additionalLabels: + additionalProperties: + type: string + type: object + type: object + seedService: + description: ServiceConfigAdditions exposes additional options + for each service + properties: + additionalAnnotations: + additionalProperties: + type: string + type: object + additionalLabels: + additionalProperties: + type: string + type: object + type: object + type: object + allowMultipleNodesPerWorker: + description: Turning this option on allows multiple server pods to + be created on a k8s worker node, by removing the default pod anti + affinity rules. By default the operator creates just one server + pod per k8s worker node. Using custom affinity rules might require + turning this option on in which case the defaults are not set. + type: boolean + canaryUpgrade: + description: Indicates that configuration and container image changes + should only be pushed to the first rack of the datacenter + type: boolean + canaryUpgradeCount: + description: The number of nodes that will be updated when CanaryUpgrade + is true. Note that the value is either 0 or greater than the rack + size, then all nodes in the rack will get updated. + format: int32 + type: integer + cdc: + description: CDC allows configuration of the change data capture agent + which can run within the Management API container. Use it to send + data to Pulsar. + properties: + cdcConcurrentProcessors: + type: integer + cdcPollIntervalM: + type: integer + cdcWorkingDir: + type: string + errorCommitLogReprocessEnabled: + type: boolean + pulsarAuthParams: + type: string + pulsarAuthPluginClassName: + type: string + pulsarBatchDelayInMs: + type: integer + pulsarKeyBasedBatcher: + type: boolean + pulsarMaxPendingMessages: + type: integer + pulsarMaxPendingMessagesAcrossPartitions: + type: integer + pulsarServiceUrl: + minLength: 1 + type: string + sslAllowInsecureConnection: + type: string + sslCipherSuites: + type: string + sslEnabledProtocols: + type: string + sslHostnameVerificationEnable: + type: string + sslKeystorePassword: + type: string + sslKeystorePath: + type: string + sslProvider: + type: string + sslTruststorePassword: + type: string + sslTruststorePath: + type: string + sslTruststoreType: + type: string + topicPrefix: + type: string + required: + - pulsarServiceUrl + type: object + clusterName: + description: The name by which CQL clients and instances will know + the cluster. If the same cluster name is shared by multiple Datacenters + in the same Kubernetes namespace, they will join together in a multi-datacenter + cluster. + minLength: 2 + type: string + configBuilderImage: + description: Container image for the config builder init container. + Overrides value from ImageConfig ConfigBuilderImage + type: string + configBuilderResources: + description: Kubernetes resource requests and limits per server config + initialization container. + properties: + claims: + description: "Claims lists the names of resources, defined in + spec.resourceClaims, that are used by this container. \n This + is an alpha field and requires enabling the DynamicResourceAllocation + feature gate. \n This field is immutable. It can only be set + for containers." + items: + description: ResourceClaim references one entry in PodSpec.ResourceClaims. + properties: + name: + description: Name must match the name of one entry in pod.spec.resourceClaims + of the Pod where this field is used. It makes that resource + available inside a container. + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum amount of compute resources + allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum amount of compute + resources required. If Requests is omitted for a container, + it defaults to Limits if that is explicitly specified, otherwise + to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + type: object + configSecret: + description: "ConfigSecret is the name of a secret that contains configuration + for Cassandra. The secret is expected to have a property named config + whose value should be a JSON formatted string that should look like + this: \n config: |- { \"cassandra-yaml\": { \"read_request_timeout_in_ms\": + 10000 }, \"jmv-options\": { \"max_heap_size\": 1024M } } \n ConfigSecret + is mutually exclusive with Config. ConfigSecret takes precedence + and will be used exclusively if both properties are set. The operator + sets a watch such that an update to the secret will trigger an update + of the StatefulSets." + type: string + datacenterName: + description: DatacenterName allows to override the name of the Cassandra + datacenter. Kubernetes objects will be named after a sanitized version + of it if set, and if not metadata.name. In Cassandra the DC name + will be overridden by this value. It may generate some confusion + as objects created for the DC will have a different name than the + CasandraDatacenter object itself. This setting can create conflicts + if multiple DCs coexist in the same namespace if metadata.name for + a DC with no override is set to the same value as the override name + of another DC. Use cautiously. + type: string + disableSystemLoggerSidecar: + description: Configuration for disabling the simple log tailing sidecar + container. Our default is to have it enabled. + type: boolean + dockerImageRunsAsCassandra: + description: DEPRECATED This setting does nothing and defaults to + true. Use SecurityContext instead. + type: boolean + dseWorkloads: + properties: + analyticsEnabled: + type: boolean + graphEnabled: + type: boolean + searchEnabled: + type: boolean + type: object + forceUpgradeRacks: + description: Rack names in this list are set to the latest StatefulSet + configuration even if Cassandra nodes are down. Use this to recover + from an upgrade that couldn't roll out. + items: + type: string + type: array + managementApiAuth: + description: Config for the Management API certificates + properties: + insecure: + type: object + manual: + properties: + clientSecretName: + type: string + serverSecretName: + type: string + skipSecretValidation: + type: boolean + required: + - clientSecretName + - serverSecretName + type: object + type: object + networking: + properties: + hostNetwork: + type: boolean + nodePort: + properties: + internode: + type: integer + internodeSSL: + type: integer + native: + type: integer + nativeSSL: + type: integer + type: object + type: object + nodeAffinityLabels: + additionalProperties: + type: string + description: NodeAffinityLabels to pin the Datacenter, using node + affinity + type: object + nodeSelector: + additionalProperties: + type: string + description: 'A map of label keys and values to restrict Cassandra + node scheduling to k8s workers with matchiing labels. More info: + https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#nodeselector' + type: object + podTemplateSpec: + description: PodTemplate provides customisation options (labels, annotations, + affinity rules, resource requests, and so on) for the cassandra + pods + properties: + metadata: + description: 'Standard object''s metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata' + properties: + annotations: + additionalProperties: + type: string + type: object + finalizers: + items: + type: string + type: array + labels: + additionalProperties: + type: string + type: object + name: + type: string + namespace: + type: string + type: object + spec: + description: 'Specification of the desired behavior of the pod. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status' + properties: + activeDeadlineSeconds: + description: Optional duration in seconds the pod may be active + on the node relative to StartTime before the system will + actively try to mark it failed and kill associated containers. + Value must be a positive integer. + format: int64 + type: integer + affinity: + description: If specified, the pod's scheduling constraints + properties: + nodeAffinity: + description: Describes node affinity scheduling rules + for the pod. + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule + pods to nodes that satisfy the affinity expressions + specified by this field, but it may choose a node + that violates one or more of the expressions. The + node that is most preferred is the one with the + greatest sum of weights, i.e. for each node that + meets all of the scheduling requirements (resource + request, requiredDuringScheduling affinity expressions, + etc.), compute a sum by iterating through the elements + of this field and adding "weight" to the sum if + the node matches the corresponding matchExpressions; + the node(s) with the highest sum are the most preferred. + items: + description: An empty preferred scheduling term + matches all objects with implicit weight 0 (i.e. + it's a no-op). A null preferred scheduling term + matches no objects (i.e. is also a no-op). + properties: + preference: + description: A node selector term, associated + with the corresponding weight. + properties: + matchExpressions: + description: A list of node selector requirements + by node's labels. + items: + description: A node selector requirement + is a selector that contains values, + a key, and an operator that relates + the key and values. + properties: + key: + description: The label key that the + selector applies to. + type: string + operator: + description: Represents a key's relationship + to a set of values. Valid operators + are In, NotIn, Exists, DoesNotExist. + Gt, and Lt. + type: string + values: + description: An array of string values. + If the operator is In or NotIn, + the values array must be non-empty. + If the operator is Exists or DoesNotExist, + the values array must be empty. + If the operator is Gt or Lt, the + values array must have a single + element, which will be interpreted + as an integer. This array is replaced + during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchFields: + description: A list of node selector requirements + by node's fields. + items: + description: A node selector requirement + is a selector that contains values, + a key, and an operator that relates + the key and values. + properties: + key: + description: The label key that the + selector applies to. + type: string + operator: + description: Represents a key's relationship + to a set of values. Valid operators + are In, NotIn, Exists, DoesNotExist. + Gt, and Lt. + type: string + values: + description: An array of string values. + If the operator is In or NotIn, + the values array must be non-empty. + If the operator is Exists or DoesNotExist, + the values array must be empty. + If the operator is Gt or Lt, the + values array must have a single + element, which will be interpreted + as an integer. This array is replaced + during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + type: object + x-kubernetes-map-type: atomic + weight: + description: Weight associated with matching + the corresponding nodeSelectorTerm, in the + range 1-100. + format: int32 + type: integer + required: + - preference + - weight + type: object + type: array + requiredDuringSchedulingIgnoredDuringExecution: + description: If the affinity requirements specified + by this field are not met at scheduling time, the + pod will not be scheduled onto the node. If the + affinity requirements specified by this field cease + to be met at some point during pod execution (e.g. + due to an update), the system may or may not try + to eventually evict the pod from its node. + properties: + nodeSelectorTerms: + description: Required. A list of node selector + terms. The terms are ORed. + items: + description: A null or empty node selector term + matches no objects. The requirements of them + are ANDed. The TopologySelectorTerm type implements + a subset of the NodeSelectorTerm. + properties: + matchExpressions: + description: A list of node selector requirements + by node's labels. + items: + description: A node selector requirement + is a selector that contains values, + a key, and an operator that relates + the key and values. + properties: + key: + description: The label key that the + selector applies to. + type: string + operator: + description: Represents a key's relationship + to a set of values. Valid operators + are In, NotIn, Exists, DoesNotExist. + Gt, and Lt. + type: string + values: + description: An array of string values. + If the operator is In or NotIn, + the values array must be non-empty. + If the operator is Exists or DoesNotExist, + the values array must be empty. + If the operator is Gt or Lt, the + values array must have a single + element, which will be interpreted + as an integer. This array is replaced + during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchFields: + description: A list of node selector requirements + by node's fields. + items: + description: A node selector requirement + is a selector that contains values, + a key, and an operator that relates + the key and values. + properties: + key: + description: The label key that the + selector applies to. + type: string + operator: + description: Represents a key's relationship + to a set of values. Valid operators + are In, NotIn, Exists, DoesNotExist. + Gt, and Lt. + type: string + values: + description: An array of string values. + If the operator is In or NotIn, + the values array must be non-empty. + If the operator is Exists or DoesNotExist, + the values array must be empty. + If the operator is Gt or Lt, the + values array must have a single + element, which will be interpreted + as an integer. This array is replaced + during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + type: object + x-kubernetes-map-type: atomic + type: array + required: + - nodeSelectorTerms + type: object + x-kubernetes-map-type: atomic + type: object + podAffinity: + description: Describes pod affinity scheduling rules (e.g. + co-locate this pod in the same node, zone, etc. as some + other pod(s)). + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule + pods to nodes that satisfy the affinity expressions + specified by this field, but it may choose a node + that violates one or more of the expressions. The + node that is most preferred is the one with the + greatest sum of weights, i.e. for each node that + meets all of the scheduling requirements (resource + request, requiredDuringScheduling affinity expressions, + etc.), compute a sum by iterating through the elements + of this field and adding "weight" to the sum if + the node has pods which matches the corresponding + podAffinityTerm; the node(s) with the highest sum + are the most preferred. + items: + description: The weights of all of the matched WeightedPodAffinityTerm + fields are added per-node to find the most preferred + node(s) + properties: + podAffinityTerm: + description: Required. A pod affinity term, + associated with the corresponding weight. + properties: + labelSelector: + description: A label query over a set of + resources, in this case pods. + properties: + matchExpressions: + description: matchExpressions is a list + of label selector requirements. The + requirements are ANDed. + items: + description: A label selector requirement + is a selector that contains values, + a key, and an operator that relates + the key and values. + properties: + key: + description: key is the label + key that the selector applies + to. + type: string + operator: + description: operator represents + a key's relationship to a set + of values. Valid operators are + In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array + of string values. If the operator + is In or NotIn, the values array + must be non-empty. If the operator + is Exists or DoesNotExist, the + values array must be empty. + This array is replaced during + a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of + {key,value} pairs. A single {key,value} + in the matchLabels map is equivalent + to an element of matchExpressions, + whose key field is "key", the operator + is "In", and the values array contains + only "value". The requirements are + ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + namespaceSelector: + description: A label query over the set + of namespaces that the term applies to. + The term is applied to the union of the + namespaces selected by this field and + the ones listed in the namespaces field. + null selector and null or empty namespaces + list means "this pod's namespace". An + empty selector ({}) matches all namespaces. + properties: + matchExpressions: + description: matchExpressions is a list + of label selector requirements. The + requirements are ANDed. + items: + description: A label selector requirement + is a selector that contains values, + a key, and an operator that relates + the key and values. + properties: + key: + description: key is the label + key that the selector applies + to. + type: string + operator: + description: operator represents + a key's relationship to a set + of values. Valid operators are + In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array + of string values. If the operator + is In or NotIn, the values array + must be non-empty. If the operator + is Exists or DoesNotExist, the + values array must be empty. + This array is replaced during + a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of + {key,value} pairs. A single {key,value} + in the matchLabels map is equivalent + to an element of matchExpressions, + whose key field is "key", the operator + is "In", and the values array contains + only "value". The requirements are + ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + namespaces: + description: namespaces specifies a static + list of namespace names that the term + applies to. The term is applied to the + union of the namespaces listed in this + field and the ones selected by namespaceSelector. + null or empty namespaces list and null + namespaceSelector means "this pod's namespace". + items: + type: string + type: array + topologyKey: + description: This pod should be co-located + (affinity) or not co-located (anti-affinity) + with the pods matching the labelSelector + in the specified namespaces, where co-located + is defined as running on a node whose + value of the label with key topologyKey + matches that of any node on which any + of the selected pods is running. Empty + topologyKey is not allowed. + type: string + required: + - topologyKey + type: object + weight: + description: weight associated with matching + the corresponding podAffinityTerm, in the + range 1-100. + format: int32 + type: integer + required: + - podAffinityTerm + - weight + type: object + type: array + requiredDuringSchedulingIgnoredDuringExecution: + description: If the affinity requirements specified + by this field are not met at scheduling time, the + pod will not be scheduled onto the node. If the + affinity requirements specified by this field cease + to be met at some point during pod execution (e.g. + due to a pod label update), the system may or may + not try to eventually evict the pod from its node. + When there are multiple elements, the lists of nodes + corresponding to each podAffinityTerm are intersected, + i.e. all terms must be satisfied. + items: + description: Defines a set of pods (namely those + matching the labelSelector relative to the given + namespace(s)) that this pod should be co-located + (affinity) or not co-located (anti-affinity) with, + where co-located is defined as running on a node + whose value of the label with key + matches that of any node on which a pod of the + set of pods is running + properties: + labelSelector: + description: A label query over a set of resources, + in this case pods. + properties: + matchExpressions: + description: matchExpressions is a list + of label selector requirements. The requirements + are ANDed. + items: + description: A label selector requirement + is a selector that contains values, + a key, and an operator that relates + the key and values. + properties: + key: + description: key is the label key + that the selector applies to. + type: string + operator: + description: operator represents a + key's relationship to a set of values. + Valid operators are In, NotIn, Exists + and DoesNotExist. + type: string + values: + description: values is an array of + string values. If the operator is + In or NotIn, the values array must + be non-empty. If the operator is + Exists or DoesNotExist, the values + array must be empty. This array + is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator + is "In", and the values array contains + only "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + namespaceSelector: + description: A label query over the set of namespaces + that the term applies to. The term is applied + to the union of the namespaces selected by + this field and the ones listed in the namespaces + field. null selector and null or empty namespaces + list means "this pod's namespace". An empty + selector ({}) matches all namespaces. + properties: + matchExpressions: + description: matchExpressions is a list + of label selector requirements. The requirements + are ANDed. + items: + description: A label selector requirement + is a selector that contains values, + a key, and an operator that relates + the key and values. + properties: + key: + description: key is the label key + that the selector applies to. + type: string + operator: + description: operator represents a + key's relationship to a set of values. + Valid operators are In, NotIn, Exists + and DoesNotExist. + type: string + values: + description: values is an array of + string values. If the operator is + In or NotIn, the values array must + be non-empty. If the operator is + Exists or DoesNotExist, the values + array must be empty. This array + is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator + is "In", and the values array contains + only "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + namespaces: + description: namespaces specifies a static list + of namespace names that the term applies to. + The term is applied to the union of the namespaces + listed in this field and the ones selected + by namespaceSelector. null or empty namespaces + list and null namespaceSelector means "this + pod's namespace". + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) + or not co-located (anti-affinity) with the + pods matching the labelSelector in the specified + namespaces, where co-located is defined as + running on a node whose value of the label + with key topologyKey matches that of any node + on which any of the selected pods is running. + Empty topologyKey is not allowed. + type: string + required: + - topologyKey + type: object + type: array + type: object + podAntiAffinity: + description: Describes pod anti-affinity scheduling rules + (e.g. avoid putting this pod in the same node, zone, + etc. as some other pod(s)). + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule + pods to nodes that satisfy the anti-affinity expressions + specified by this field, but it may choose a node + that violates one or more of the expressions. The + node that is most preferred is the one with the + greatest sum of weights, i.e. for each node that + meets all of the scheduling requirements (resource + request, requiredDuringScheduling anti-affinity + expressions, etc.), compute a sum by iterating through + the elements of this field and adding "weight" to + the sum if the node has pods which matches the corresponding + podAffinityTerm; the node(s) with the highest sum + are the most preferred. + items: + description: The weights of all of the matched WeightedPodAffinityTerm + fields are added per-node to find the most preferred + node(s) + properties: + podAffinityTerm: + description: Required. A pod affinity term, + associated with the corresponding weight. + properties: + labelSelector: + description: A label query over a set of + resources, in this case pods. + properties: + matchExpressions: + description: matchExpressions is a list + of label selector requirements. The + requirements are ANDed. + items: + description: A label selector requirement + is a selector that contains values, + a key, and an operator that relates + the key and values. + properties: + key: + description: key is the label + key that the selector applies + to. + type: string + operator: + description: operator represents + a key's relationship to a set + of values. Valid operators are + In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array + of string values. If the operator + is In or NotIn, the values array + must be non-empty. If the operator + is Exists or DoesNotExist, the + values array must be empty. + This array is replaced during + a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of + {key,value} pairs. A single {key,value} + in the matchLabels map is equivalent + to an element of matchExpressions, + whose key field is "key", the operator + is "In", and the values array contains + only "value". The requirements are + ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + namespaceSelector: + description: A label query over the set + of namespaces that the term applies to. + The term is applied to the union of the + namespaces selected by this field and + the ones listed in the namespaces field. + null selector and null or empty namespaces + list means "this pod's namespace". An + empty selector ({}) matches all namespaces. + properties: + matchExpressions: + description: matchExpressions is a list + of label selector requirements. The + requirements are ANDed. + items: + description: A label selector requirement + is a selector that contains values, + a key, and an operator that relates + the key and values. + properties: + key: + description: key is the label + key that the selector applies + to. + type: string + operator: + description: operator represents + a key's relationship to a set + of values. Valid operators are + In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array + of string values. If the operator + is In or NotIn, the values array + must be non-empty. If the operator + is Exists or DoesNotExist, the + values array must be empty. + This array is replaced during + a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of + {key,value} pairs. A single {key,value} + in the matchLabels map is equivalent + to an element of matchExpressions, + whose key field is "key", the operator + is "In", and the values array contains + only "value". The requirements are + ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + namespaces: + description: namespaces specifies a static + list of namespace names that the term + applies to. The term is applied to the + union of the namespaces listed in this + field and the ones selected by namespaceSelector. + null or empty namespaces list and null + namespaceSelector means "this pod's namespace". + items: + type: string + type: array + topologyKey: + description: This pod should be co-located + (affinity) or not co-located (anti-affinity) + with the pods matching the labelSelector + in the specified namespaces, where co-located + is defined as running on a node whose + value of the label with key topologyKey + matches that of any node on which any + of the selected pods is running. Empty + topologyKey is not allowed. + type: string + required: + - topologyKey + type: object + weight: + description: weight associated with matching + the corresponding podAffinityTerm, in the + range 1-100. + format: int32 + type: integer + required: + - podAffinityTerm + - weight + type: object + type: array + requiredDuringSchedulingIgnoredDuringExecution: + description: If the anti-affinity requirements specified + by this field are not met at scheduling time, the + pod will not be scheduled onto the node. If the + anti-affinity requirements specified by this field + cease to be met at some point during pod execution + (e.g. due to a pod label update), the system may + or may not try to eventually evict the pod from + its node. When there are multiple elements, the + lists of nodes corresponding to each podAffinityTerm + are intersected, i.e. all terms must be satisfied. + items: + description: Defines a set of pods (namely those + matching the labelSelector relative to the given + namespace(s)) that this pod should be co-located + (affinity) or not co-located (anti-affinity) with, + where co-located is defined as running on a node + whose value of the label with key + matches that of any node on which a pod of the + set of pods is running + properties: + labelSelector: + description: A label query over a set of resources, + in this case pods. + properties: + matchExpressions: + description: matchExpressions is a list + of label selector requirements. The requirements + are ANDed. + items: + description: A label selector requirement + is a selector that contains values, + a key, and an operator that relates + the key and values. + properties: + key: + description: key is the label key + that the selector applies to. + type: string + operator: + description: operator represents a + key's relationship to a set of values. + Valid operators are In, NotIn, Exists + and DoesNotExist. + type: string + values: + description: values is an array of + string values. If the operator is + In or NotIn, the values array must + be non-empty. If the operator is + Exists or DoesNotExist, the values + array must be empty. This array + is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator + is "In", and the values array contains + only "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + namespaceSelector: + description: A label query over the set of namespaces + that the term applies to. The term is applied + to the union of the namespaces selected by + this field and the ones listed in the namespaces + field. null selector and null or empty namespaces + list means "this pod's namespace". An empty + selector ({}) matches all namespaces. + properties: + matchExpressions: + description: matchExpressions is a list + of label selector requirements. The requirements + are ANDed. + items: + description: A label selector requirement + is a selector that contains values, + a key, and an operator that relates + the key and values. + properties: + key: + description: key is the label key + that the selector applies to. + type: string + operator: + description: operator represents a + key's relationship to a set of values. + Valid operators are In, NotIn, Exists + and DoesNotExist. + type: string + values: + description: values is an array of + string values. If the operator is + In or NotIn, the values array must + be non-empty. If the operator is + Exists or DoesNotExist, the values + array must be empty. This array + is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator + is "In", and the values array contains + only "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + namespaces: + description: namespaces specifies a static list + of namespace names that the term applies to. + The term is applied to the union of the namespaces + listed in this field and the ones selected + by namespaceSelector. null or empty namespaces + list and null namespaceSelector means "this + pod's namespace". + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) + or not co-located (anti-affinity) with the + pods matching the labelSelector in the specified + namespaces, where co-located is defined as + running on a node whose value of the label + with key topologyKey matches that of any node + on which any of the selected pods is running. + Empty topologyKey is not allowed. + type: string + required: + - topologyKey + type: object + type: array + type: object + type: object + automountServiceAccountToken: + description: AutomountServiceAccountToken indicates whether + a service account token should be automatically mounted. + type: boolean + containers: + description: List of containers belonging to the pod. Containers + cannot currently be added or removed. There must be at least + one container in a Pod. Cannot be updated. + items: + description: A single application container that you want + to run within a pod. + properties: + args: + description: 'Arguments to the entrypoint. The container + image''s CMD is used if this is not provided. Variable + references $(VAR_NAME) are expanded using the container''s + environment. If a variable cannot be resolved, the + reference in the input string will be unchanged. Double + $$ are reduced to a single $, which allows for escaping + the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce + the string literal "$(VAR_NAME)". Escaped references + will never be expanded, regardless of whether the + variable exists or not. Cannot be updated. More info: + https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' + items: + type: string + type: array + command: + description: 'Entrypoint array. Not executed within + a shell. The container image''s ENTRYPOINT is used + if this is not provided. Variable references $(VAR_NAME) + are expanded using the container''s environment. If + a variable cannot be resolved, the reference in the + input string will be unchanged. Double $$ are reduced + to a single $, which allows for escaping the $(VAR_NAME) + syntax: i.e. "$$(VAR_NAME)" will produce the string + literal "$(VAR_NAME)". Escaped references will never + be expanded, regardless of whether the variable exists + or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' + items: + type: string + type: array + env: + description: List of environment variables to set in + the container. Cannot be updated. + items: + description: EnvVar represents an environment variable + present in a Container. + properties: + name: + description: Name of the environment variable. + Must be a C_IDENTIFIER. + type: string + value: + description: 'Variable references $(VAR_NAME) + are expanded using the previously defined environment + variables in the container and any service environment + variables. If a variable cannot be resolved, + the reference in the input string will be unchanged. + Double $$ are reduced to a single $, which allows + for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" + will produce the string literal "$(VAR_NAME)". + Escaped references will never be expanded, regardless + of whether the variable exists or not. Defaults + to "".' + type: string + valueFrom: + description: Source for the environment variable's + value. Cannot be used if value is not empty. + properties: + configMapKeyRef: + description: Selects a key of a ConfigMap. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the ConfigMap + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + fieldRef: + description: 'Selects a field of the pod: + supports metadata.name, metadata.namespace, + `metadata.labels['''']`, `metadata.annotations['''']`, + spec.nodeName, spec.serviceAccountName, + status.hostIP, status.podIP, status.podIPs.' + properties: + apiVersion: + description: Version of the schema the + FieldPath is written in terms of, defaults + to "v1". + type: string + fieldPath: + description: Path of the field to select + in the specified API version. + type: string + required: + - fieldPath + type: object + x-kubernetes-map-type: atomic + resourceFieldRef: + description: 'Selects a resource of the container: + only resources limits and requests (limits.cpu, + limits.memory, limits.ephemeral-storage, + requests.cpu, requests.memory and requests.ephemeral-storage) + are currently supported.' + properties: + containerName: + description: 'Container name: required + for volumes, optional for env vars' + type: string + divisor: + anyOf: + - type: integer + - type: string + description: Specifies the output format + of the exposed resources, defaults to + "1" + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + description: 'Required: resource to select' + type: string + required: + - resource + type: object + x-kubernetes-map-type: atomic + secretKeyRef: + description: Selects a key of a secret in + the pod's namespace + properties: + key: + description: The key of the secret to + select from. Must be a valid secret + key. + type: string + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + required: + - name + type: object + type: array + envFrom: + description: List of sources to populate environment + variables in the container. The keys defined within + a source must be a C_IDENTIFIER. All invalid keys + will be reported as an event when the container is + starting. When a key exists in multiple sources, the + value associated with the last source will take precedence. + Values defined by an Env with a duplicate key will + take precedence. Cannot be updated. + items: + description: EnvFromSource represents the source of + a set of ConfigMaps + properties: + configMapRef: + description: The ConfigMap to select from + properties: + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the ConfigMap + must be defined + type: boolean + type: object + x-kubernetes-map-type: atomic + prefix: + description: An optional identifier to prepend + to each key in the ConfigMap. Must be a C_IDENTIFIER. + type: string + secretRef: + description: The Secret to select from + properties: + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret must + be defined + type: boolean + type: object + x-kubernetes-map-type: atomic + type: object + type: array + image: + description: 'Container image name. More info: https://kubernetes.io/docs/concepts/containers/images + This field is optional to allow higher level config + management to default or override container images + in workload controllers like Deployments and StatefulSets.' + type: string + imagePullPolicy: + description: 'Image pull policy. One of Always, Never, + IfNotPresent. Defaults to Always if :latest tag is + specified, or IfNotPresent otherwise. Cannot be updated. + More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' + type: string + lifecycle: + description: Actions that the management system should + take in response to container lifecycle events. Cannot + be updated. + properties: + postStart: + description: 'PostStart is called immediately after + a container is created. If the handler fails, + the container is terminated and restarted according + to its restart policy. Other management of the + container blocks until the hook completes. More + info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' + properties: + exec: + description: Exec specifies the action to take. + properties: + command: + description: Command is the command line + to execute inside the container, the working + directory for the command is root ('/') + in the container's filesystem. The command + is simply exec'd, it is not run inside + a shell, so traditional shell instructions + ('|', etc) won't work. To use a shell, + you need to explicitly call out to that + shell. Exit status of 0 is treated as + live/healthy and non-zero is unhealthy. + items: + type: string + type: array + type: object + httpGet: + description: HTTPGet specifies the http request + to perform. + properties: + host: + description: Host name to connect to, defaults + to the pod IP. You probably want to set + "Host" in httpHeaders instead. + type: string + httpHeaders: + description: Custom headers to set in the + request. HTTP allows repeated headers. + items: + description: HTTPHeader describes a custom + header to be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP + server. + type: string + port: + anyOf: + - type: integer + - type: string + description: Name or number of the port + to access on the container. Number must + be in the range 1 to 65535. Name must + be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: Scheme to use for connecting + to the host. Defaults to HTTP. + type: string + required: + - port + type: object + tcpSocket: + description: Deprecated. TCPSocket is NOT supported + as a LifecycleHandler and kept for the backward + compatibility. There are no validation of + this field and lifecycle hooks will fail in + runtime when tcp handler is specified. + properties: + host: + description: 'Optional: Host name to connect + to, defaults to the pod IP.' + type: string + port: + anyOf: + - type: integer + - type: string + description: Number or name of the port + to access on the container. Number must + be in the range 1 to 65535. Name must + be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + type: object + preStop: + description: 'PreStop is called immediately before + a container is terminated due to an API request + or management event such as liveness/startup probe + failure, preemption, resource contention, etc. + The handler is not called if the container crashes + or exits. The Pod''s termination grace period + countdown begins before the PreStop hook is executed. + Regardless of the outcome of the handler, the + container will eventually terminate within the + Pod''s termination grace period (unless delayed + by finalizers). Other management of the container + blocks until the hook completes or until the termination + grace period is reached. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' + properties: + exec: + description: Exec specifies the action to take. + properties: + command: + description: Command is the command line + to execute inside the container, the working + directory for the command is root ('/') + in the container's filesystem. The command + is simply exec'd, it is not run inside + a shell, so traditional shell instructions + ('|', etc) won't work. To use a shell, + you need to explicitly call out to that + shell. Exit status of 0 is treated as + live/healthy and non-zero is unhealthy. + items: + type: string + type: array + type: object + httpGet: + description: HTTPGet specifies the http request + to perform. + properties: + host: + description: Host name to connect to, defaults + to the pod IP. You probably want to set + "Host" in httpHeaders instead. + type: string + httpHeaders: + description: Custom headers to set in the + request. HTTP allows repeated headers. + items: + description: HTTPHeader describes a custom + header to be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP + server. + type: string + port: + anyOf: + - type: integer + - type: string + description: Name or number of the port + to access on the container. Number must + be in the range 1 to 65535. Name must + be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: Scheme to use for connecting + to the host. Defaults to HTTP. + type: string + required: + - port + type: object + tcpSocket: + description: Deprecated. TCPSocket is NOT supported + as a LifecycleHandler and kept for the backward + compatibility. There are no validation of + this field and lifecycle hooks will fail in + runtime when tcp handler is specified. + properties: + host: + description: 'Optional: Host name to connect + to, defaults to the pod IP.' + type: string + port: + anyOf: + - type: integer + - type: string + description: Number or name of the port + to access on the container. Number must + be in the range 1 to 65535. Name must + be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + type: object + type: object + livenessProbe: + description: 'Periodic probe of container liveness. + Container will be restarted if the probe fails. Cannot + be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + properties: + exec: + description: Exec specifies the action to take. + properties: + command: + description: Command is the command line to + execute inside the container, the working + directory for the command is root ('/') in + the container's filesystem. The command is + simply exec'd, it is not run inside a shell, + so traditional shell instructions ('|', etc) + won't work. To use a shell, you need to explicitly + call out to that shell. Exit status of 0 is + treated as live/healthy and non-zero is unhealthy. + items: + type: string + type: array + type: object + failureThreshold: + description: Minimum consecutive failures for the + probe to be considered failed after having succeeded. + Defaults to 3. Minimum value is 1. + format: int32 + type: integer + grpc: + description: GRPC specifies an action involving + a GRPC port. This is a beta field and requires + enabling GRPCContainerProbe feature gate. + properties: + port: + description: Port number of the gRPC service. + Number must be in the range 1 to 65535. + format: int32 + type: integer + service: + description: "Service is the name of the service + to place in the gRPC HealthCheckRequest (see + https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + \n If this is not specified, the default behavior + is defined by gRPC." + type: string + required: + - port + type: object + httpGet: + description: HTTPGet specifies the http request + to perform. + properties: + host: + description: Host name to connect to, defaults + to the pod IP. You probably want to set "Host" + in httpHeaders instead. + type: string + httpHeaders: + description: Custom headers to set in the request. + HTTP allows repeated headers. + items: + description: HTTPHeader describes a custom + header to be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: integer + - type: string + description: Name or number of the port to access + on the container. Number must be in the range + 1 to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: Scheme to use for connecting to + the host. Defaults to HTTP. + type: string + required: + - port + type: object + initialDelaySeconds: + description: 'Number of seconds after the container + has started before liveness probes are initiated. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + periodSeconds: + description: How often (in seconds) to perform the + probe. Default to 10 seconds. Minimum value is + 1. + format: int32 + type: integer + successThreshold: + description: Minimum consecutive successes for the + probe to be considered successful after having + failed. Defaults to 1. Must be 1 for liveness + and startup. Minimum value is 1. + format: int32 + type: integer + tcpSocket: + description: TCPSocket specifies an action involving + a TCP port. + properties: + host: + description: 'Optional: Host name to connect + to, defaults to the pod IP.' + type: string + port: + anyOf: + - type: integer + - type: string + description: Number or name of the port to access + on the container. Number must be in the range + 1 to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + terminationGracePeriodSeconds: + description: Optional duration in seconds the pod + needs to terminate gracefully upon probe failure. + The grace period is the duration in seconds after + the processes running in the pod are sent a termination + signal and the time when the processes are forcibly + halted with a kill signal. Set this value longer + than the expected cleanup time for your process. + If this value is nil, the pod's terminationGracePeriodSeconds + will be used. Otherwise, this value overrides + the value provided by the pod spec. Value must + be non-negative integer. The value zero indicates + stop immediately via the kill signal (no opportunity + to shut down). This is a beta field and requires + enabling ProbeTerminationGracePeriod feature gate. + Minimum value is 1. spec.terminationGracePeriodSeconds + is used if unset. + format: int64 + type: integer + timeoutSeconds: + description: 'Number of seconds after which the + probe times out. Defaults to 1 second. Minimum + value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + type: object + name: + description: Name of the container specified as a DNS_LABEL. + Each container in a pod must have a unique name (DNS_LABEL). + Cannot be updated. + type: string + ports: + description: List of ports to expose from the container. + Not specifying a port here DOES NOT prevent that port + from being exposed. Any port which is listening on + the default "0.0.0.0" address inside a container will + be accessible from the network. Modifying this array + with strategic merge patch may corrupt the data. For + more information See https://github.com/kubernetes/kubernetes/issues/108255. + Cannot be updated. + items: + description: ContainerPort represents a network port + in a single container. + properties: + containerPort: + description: Number of port to expose on the pod's + IP address. This must be a valid port number, + 0 < x < 65536. + format: int32 + type: integer + hostIP: + description: What host IP to bind the external + port to. + type: string + hostPort: + description: Number of port to expose on the host. + If specified, this must be a valid port number, + 0 < x < 65536. If HostNetwork is specified, + this must match ContainerPort. Most containers + do not need this. + format: int32 + type: integer + name: + description: If specified, this must be an IANA_SVC_NAME + and unique within the pod. Each named port in + a pod must have a unique name. Name for the + port that can be referred to by services. + type: string + protocol: + default: TCP + description: Protocol for port. Must be UDP, TCP, + or SCTP. Defaults to "TCP". + type: string + required: + - containerPort + type: object + type: array + readinessProbe: + description: 'Periodic probe of container service readiness. + Container will be removed from service endpoints if + the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + properties: + exec: + description: Exec specifies the action to take. + properties: + command: + description: Command is the command line to + execute inside the container, the working + directory for the command is root ('/') in + the container's filesystem. The command is + simply exec'd, it is not run inside a shell, + so traditional shell instructions ('|', etc) + won't work. To use a shell, you need to explicitly + call out to that shell. Exit status of 0 is + treated as live/healthy and non-zero is unhealthy. + items: + type: string + type: array + type: object + failureThreshold: + description: Minimum consecutive failures for the + probe to be considered failed after having succeeded. + Defaults to 3. Minimum value is 1. + format: int32 + type: integer + grpc: + description: GRPC specifies an action involving + a GRPC port. This is a beta field and requires + enabling GRPCContainerProbe feature gate. + properties: + port: + description: Port number of the gRPC service. + Number must be in the range 1 to 65535. + format: int32 + type: integer + service: + description: "Service is the name of the service + to place in the gRPC HealthCheckRequest (see + https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + \n If this is not specified, the default behavior + is defined by gRPC." + type: string + required: + - port + type: object + httpGet: + description: HTTPGet specifies the http request + to perform. + properties: + host: + description: Host name to connect to, defaults + to the pod IP. You probably want to set "Host" + in httpHeaders instead. + type: string + httpHeaders: + description: Custom headers to set in the request. + HTTP allows repeated headers. + items: + description: HTTPHeader describes a custom + header to be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: integer + - type: string + description: Name or number of the port to access + on the container. Number must be in the range + 1 to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: Scheme to use for connecting to + the host. Defaults to HTTP. + type: string + required: + - port + type: object + initialDelaySeconds: + description: 'Number of seconds after the container + has started before liveness probes are initiated. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + periodSeconds: + description: How often (in seconds) to perform the + probe. Default to 10 seconds. Minimum value is + 1. + format: int32 + type: integer + successThreshold: + description: Minimum consecutive successes for the + probe to be considered successful after having + failed. Defaults to 1. Must be 1 for liveness + and startup. Minimum value is 1. + format: int32 + type: integer + tcpSocket: + description: TCPSocket specifies an action involving + a TCP port. + properties: + host: + description: 'Optional: Host name to connect + to, defaults to the pod IP.' + type: string + port: + anyOf: + - type: integer + - type: string + description: Number or name of the port to access + on the container. Number must be in the range + 1 to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + terminationGracePeriodSeconds: + description: Optional duration in seconds the pod + needs to terminate gracefully upon probe failure. + The grace period is the duration in seconds after + the processes running in the pod are sent a termination + signal and the time when the processes are forcibly + halted with a kill signal. Set this value longer + than the expected cleanup time for your process. + If this value is nil, the pod's terminationGracePeriodSeconds + will be used. Otherwise, this value overrides + the value provided by the pod spec. Value must + be non-negative integer. The value zero indicates + stop immediately via the kill signal (no opportunity + to shut down). This is a beta field and requires + enabling ProbeTerminationGracePeriod feature gate. + Minimum value is 1. spec.terminationGracePeriodSeconds + is used if unset. + format: int64 + type: integer + timeoutSeconds: + description: 'Number of seconds after which the + probe times out. Defaults to 1 second. Minimum + value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + type: object + resources: + description: 'Compute Resources required by this container. + Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + properties: + claims: + description: "Claims lists the names of resources, + defined in spec.resourceClaims, that are used + by this container. \n This is an alpha field and + requires enabling the DynamicResourceAllocation + feature gate. \n This field is immutable. It can + only be set for containers." + items: + description: ResourceClaim references one entry + in PodSpec.ResourceClaims. + properties: + name: + description: Name must match the name of one + entry in pod.spec.resourceClaims of the + Pod where this field is used. It makes that + resource available inside a container. + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum amount + of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum amount + of compute resources required. If Requests is + omitted for a container, it defaults to Limits + if that is explicitly specified, otherwise to + an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + type: object + securityContext: + description: 'SecurityContext defines the security options + the container should be run with. If set, the fields + of SecurityContext override the equivalent fields + of PodSecurityContext. More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/' + properties: + allowPrivilegeEscalation: + description: 'AllowPrivilegeEscalation controls + whether a process can gain more privileges than + its parent process. This bool directly controls + if the no_new_privs flag will be set on the container + process. AllowPrivilegeEscalation is true always + when the container is: 1) run as Privileged 2) + has CAP_SYS_ADMIN Note that this field cannot + be set when spec.os.name is windows.' + type: boolean + capabilities: + description: The capabilities to add/drop when running + containers. Defaults to the default set of capabilities + granted by the container runtime. Note that this + field cannot be set when spec.os.name is windows. + properties: + add: + description: Added capabilities + items: + description: Capability represent POSIX capabilities + type + type: string + type: array + drop: + description: Removed capabilities + items: + description: Capability represent POSIX capabilities + type + type: string + type: array + type: object + privileged: + description: Run container in privileged mode. Processes + in privileged containers are essentially equivalent + to root on the host. Defaults to false. Note that + this field cannot be set when spec.os.name is + windows. + type: boolean + procMount: + description: procMount denotes the type of proc + mount to use for the containers. The default is + DefaultProcMount which uses the container runtime + defaults for readonly paths and masked paths. + This requires the ProcMountType feature flag to + be enabled. Note that this field cannot be set + when spec.os.name is windows. + type: string + readOnlyRootFilesystem: + description: Whether this container has a read-only + root filesystem. Default is false. Note that this + field cannot be set when spec.os.name is windows. + type: boolean + runAsGroup: + description: The GID to run the entrypoint of the + container process. Uses runtime default if unset. + May also be set in PodSecurityContext. If set + in both SecurityContext and PodSecurityContext, + the value specified in SecurityContext takes precedence. + Note that this field cannot be set when spec.os.name + is windows. + format: int64 + type: integer + runAsNonRoot: + description: Indicates that the container must run + as a non-root user. If true, the Kubelet will + validate the image at runtime to ensure that it + does not run as UID 0 (root) and fail to start + the container if it does. If unset or false, no + such validation will be performed. May also be + set in PodSecurityContext. If set in both SecurityContext + and PodSecurityContext, the value specified in + SecurityContext takes precedence. + type: boolean + runAsUser: + description: The UID to run the entrypoint of the + container process. Defaults to user specified + in image metadata if unspecified. May also be + set in PodSecurityContext. If set in both SecurityContext + and PodSecurityContext, the value specified in + SecurityContext takes precedence. Note that this + field cannot be set when spec.os.name is windows. + format: int64 + type: integer + seLinuxOptions: + description: The SELinux context to be applied to + the container. If unspecified, the container runtime + will allocate a random SELinux context for each + container. May also be set in PodSecurityContext. If + set in both SecurityContext and PodSecurityContext, + the value specified in SecurityContext takes precedence. + Note that this field cannot be set when spec.os.name + is windows. + properties: + level: + description: Level is SELinux level label that + applies to the container. + type: string + role: + description: Role is a SELinux role label that + applies to the container. + type: string + type: + description: Type is a SELinux type label that + applies to the container. + type: string + user: + description: User is a SELinux user label that + applies to the container. + type: string + type: object + seccompProfile: + description: The seccomp options to use by this + container. If seccomp options are provided at + both the pod & container level, the container + options override the pod options. Note that this + field cannot be set when spec.os.name is windows. + properties: + localhostProfile: + description: localhostProfile indicates a profile + defined in a file on the node should be used. + The profile must be preconfigured on the node + to work. Must be a descending path, relative + to the kubelet's configured seccomp profile + location. Must only be set if type is "Localhost". + type: string + type: + description: "type indicates which kind of seccomp + profile will be applied. Valid options are: + \n Localhost - a profile defined in a file + on the node should be used. RuntimeDefault + - the container runtime default profile should + be used. Unconfined - no profile should be + applied." + type: string + required: + - type + type: object + windowsOptions: + description: The Windows specific settings applied + to all containers. If unspecified, the options + from the PodSecurityContext will be used. If set + in both SecurityContext and PodSecurityContext, + the value specified in SecurityContext takes precedence. + Note that this field cannot be set when spec.os.name + is linux. + properties: + gmsaCredentialSpec: + description: GMSACredentialSpec is where the + GMSA admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) + inlines the contents of the GMSA credential + spec named by the GMSACredentialSpecName field. + type: string + gmsaCredentialSpecName: + description: GMSACredentialSpecName is the name + of the GMSA credential spec to use. + type: string + hostProcess: + description: HostProcess determines if a container + should be run as a 'Host Process' container. + This field is alpha-level and will only be + honored by components that enable the WindowsHostProcessContainers + feature flag. Setting this field without the + feature flag will result in errors when validating + the Pod. All of a Pod's containers must have + the same effective HostProcess value (it is + not allowed to have a mix of HostProcess containers + and non-HostProcess containers). In addition, + if HostProcess is true then HostNetwork must + also be set to true. + type: boolean + runAsUserName: + description: The UserName in Windows to run + the entrypoint of the container process. Defaults + to the user specified in image metadata if + unspecified. May also be set in PodSecurityContext. + If set in both SecurityContext and PodSecurityContext, + the value specified in SecurityContext takes + precedence. + type: string + type: object + type: object + startupProbe: + description: 'StartupProbe indicates that the Pod has + successfully initialized. If specified, no other probes + are executed until this completes successfully. If + this probe fails, the Pod will be restarted, just + as if the livenessProbe failed. This can be used to + provide different probe parameters at the beginning + of a Pod''s lifecycle, when it might take a long time + to load data or warm a cache, than during steady-state + operation. This cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + properties: + exec: + description: Exec specifies the action to take. + properties: + command: + description: Command is the command line to + execute inside the container, the working + directory for the command is root ('/') in + the container's filesystem. The command is + simply exec'd, it is not run inside a shell, + so traditional shell instructions ('|', etc) + won't work. To use a shell, you need to explicitly + call out to that shell. Exit status of 0 is + treated as live/healthy and non-zero is unhealthy. + items: + type: string + type: array + type: object + failureThreshold: + description: Minimum consecutive failures for the + probe to be considered failed after having succeeded. + Defaults to 3. Minimum value is 1. + format: int32 + type: integer + grpc: + description: GRPC specifies an action involving + a GRPC port. This is a beta field and requires + enabling GRPCContainerProbe feature gate. + properties: + port: + description: Port number of the gRPC service. + Number must be in the range 1 to 65535. + format: int32 + type: integer + service: + description: "Service is the name of the service + to place in the gRPC HealthCheckRequest (see + https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + \n If this is not specified, the default behavior + is defined by gRPC." + type: string + required: + - port + type: object + httpGet: + description: HTTPGet specifies the http request + to perform. + properties: + host: + description: Host name to connect to, defaults + to the pod IP. You probably want to set "Host" + in httpHeaders instead. + type: string + httpHeaders: + description: Custom headers to set in the request. + HTTP allows repeated headers. + items: + description: HTTPHeader describes a custom + header to be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: integer + - type: string + description: Name or number of the port to access + on the container. Number must be in the range + 1 to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: Scheme to use for connecting to + the host. Defaults to HTTP. + type: string + required: + - port + type: object + initialDelaySeconds: + description: 'Number of seconds after the container + has started before liveness probes are initiated. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + periodSeconds: + description: How often (in seconds) to perform the + probe. Default to 10 seconds. Minimum value is + 1. + format: int32 + type: integer + successThreshold: + description: Minimum consecutive successes for the + probe to be considered successful after having + failed. Defaults to 1. Must be 1 for liveness + and startup. Minimum value is 1. + format: int32 + type: integer + tcpSocket: + description: TCPSocket specifies an action involving + a TCP port. + properties: + host: + description: 'Optional: Host name to connect + to, defaults to the pod IP.' + type: string + port: + anyOf: + - type: integer + - type: string + description: Number or name of the port to access + on the container. Number must be in the range + 1 to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + terminationGracePeriodSeconds: + description: Optional duration in seconds the pod + needs to terminate gracefully upon probe failure. + The grace period is the duration in seconds after + the processes running in the pod are sent a termination + signal and the time when the processes are forcibly + halted with a kill signal. Set this value longer + than the expected cleanup time for your process. + If this value is nil, the pod's terminationGracePeriodSeconds + will be used. Otherwise, this value overrides + the value provided by the pod spec. Value must + be non-negative integer. The value zero indicates + stop immediately via the kill signal (no opportunity + to shut down). This is a beta field and requires + enabling ProbeTerminationGracePeriod feature gate. + Minimum value is 1. spec.terminationGracePeriodSeconds + is used if unset. + format: int64 + type: integer + timeoutSeconds: + description: 'Number of seconds after which the + probe times out. Defaults to 1 second. Minimum + value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + type: object + stdin: + description: Whether this container should allocate + a buffer for stdin in the container runtime. If this + is not set, reads from stdin in the container will + always result in EOF. Default is false. + type: boolean + stdinOnce: + description: Whether the container runtime should close + the stdin channel after it has been opened by a single + attach. When stdin is true the stdin stream will remain + open across multiple attach sessions. If stdinOnce + is set to true, stdin is opened on container start, + is empty until the first client attaches to stdin, + and then remains open and accepts data until the client + disconnects, at which time stdin is closed and remains + closed until the container is restarted. If this flag + is false, a container processes that reads from stdin + will never receive an EOF. Default is false + type: boolean + terminationMessagePath: + description: 'Optional: Path at which the file to which + the container''s termination message will be written + is mounted into the container''s filesystem. Message + written is intended to be brief final status, such + as an assertion failure message. Will be truncated + by the node if greater than 4096 bytes. The total + message length across all containers will be limited + to 12kb. Defaults to /dev/termination-log. Cannot + be updated.' + type: string + terminationMessagePolicy: + description: Indicate how the termination message should + be populated. File will use the contents of terminationMessagePath + to populate the container status message on both success + and failure. FallbackToLogsOnError will use the last + chunk of container log output if the termination message + file is empty and the container exited with an error. + The log output is limited to 2048 bytes or 80 lines, + whichever is smaller. Defaults to File. Cannot be + updated. + type: string + tty: + description: Whether this container should allocate + a TTY for itself, also requires 'stdin' to be true. + Default is false. + type: boolean + volumeDevices: + description: volumeDevices is the list of block devices + to be used by the container. + items: + description: volumeDevice describes a mapping of a + raw block device within a container. + properties: + devicePath: + description: devicePath is the path inside of + the container that the device will be mapped + to. + type: string + name: + description: name must match the name of a persistentVolumeClaim + in the pod + type: string + required: + - devicePath + - name + type: object + type: array + volumeMounts: + description: Pod volumes to mount into the container's + filesystem. Cannot be updated. + items: + description: VolumeMount describes a mounting of a + Volume within a container. + properties: + mountPath: + description: Path within the container at which + the volume should be mounted. Must not contain + ':'. + type: string + mountPropagation: + description: mountPropagation determines how mounts + are propagated from the host to container and + the other way around. When not set, MountPropagationNone + is used. This field is beta in 1.10. + type: string + name: + description: This must match the Name of a Volume. + type: string + readOnly: + description: Mounted read-only if true, read-write + otherwise (false or unspecified). Defaults to + false. + type: boolean + subPath: + description: Path within the volume from which + the container's volume should be mounted. Defaults + to "" (volume's root). + type: string + subPathExpr: + description: Expanded path within the volume from + which the container's volume should be mounted. + Behaves similarly to SubPath but environment + variable references $(VAR_NAME) are expanded + using the container's environment. Defaults + to "" (volume's root). SubPathExpr and SubPath + are mutually exclusive. + type: string + required: + - mountPath + - name + type: object + type: array + workingDir: + description: Container's working directory. If not specified, + the container runtime's default will be used, which + might be configured in the container image. Cannot + be updated. + type: string + required: + - name + type: object + type: array + dnsConfig: + description: Specifies the DNS parameters of a pod. Parameters + specified here will be merged to the generated DNS configuration + based on DNSPolicy. + properties: + nameservers: + description: A list of DNS name server IP addresses. This + will be appended to the base nameservers generated from + DNSPolicy. Duplicated nameservers will be removed. + items: + type: string + type: array + options: + description: A list of DNS resolver options. This will + be merged with the base options generated from DNSPolicy. + Duplicated entries will be removed. Resolution options + given in Options will override those that appear in + the base DNSPolicy. + items: + description: PodDNSConfigOption defines DNS resolver + options of a pod. + properties: + name: + description: Required. + type: string + value: + type: string + type: object + type: array + searches: + description: A list of DNS search domains for host-name + lookup. This will be appended to the base search paths + generated from DNSPolicy. Duplicated search paths will + be removed. + items: + type: string + type: array + type: object + dnsPolicy: + description: Set DNS policy for the pod. Defaults to "ClusterFirst". + Valid values are 'ClusterFirstWithHostNet', 'ClusterFirst', + 'Default' or 'None'. DNS parameters given in DNSConfig will + be merged with the policy selected with DNSPolicy. To have + DNS options set along with hostNetwork, you have to specify + DNS policy explicitly to 'ClusterFirstWithHostNet'. + type: string + enableServiceLinks: + description: 'EnableServiceLinks indicates whether information + about services should be injected into pod''s environment + variables, matching the syntax of Docker links. Optional: + Defaults to true.' + type: boolean + ephemeralContainers: + description: List of ephemeral containers run in this pod. + Ephemeral containers may be run in an existing pod to perform + user-initiated actions such as debugging. This list cannot + be specified when creating a pod, and it cannot be modified + by updating the pod spec. In order to add an ephemeral container + to an existing pod, use the pod's ephemeralcontainers subresource. + items: + description: "An EphemeralContainer is a temporary container + that you may add to an existing Pod for user-initiated + activities such as debugging. Ephemeral containers have + no resource or scheduling guarantees, and they will not + be restarted when they exit or when a Pod is removed or + restarted. The kubelet may evict a Pod if an ephemeral + container causes the Pod to exceed its resource allocation. + \n To add an ephemeral container, use the ephemeralcontainers + subresource of an existing Pod. Ephemeral containers may + not be removed or restarted." + properties: + args: + description: 'Arguments to the entrypoint. The image''s + CMD is used if this is not provided. Variable references + $(VAR_NAME) are expanded using the container''s environment. + If a variable cannot be resolved, the reference in + the input string will be unchanged. Double $$ are + reduced to a single $, which allows for escaping the + $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce + the string literal "$(VAR_NAME)". Escaped references + will never be expanded, regardless of whether the + variable exists or not. Cannot be updated. More info: + https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' + items: + type: string + type: array + command: + description: 'Entrypoint array. Not executed within + a shell. The image''s ENTRYPOINT is used if this is + not provided. Variable references $(VAR_NAME) are + expanded using the container''s environment. If a + variable cannot be resolved, the reference in the + input string will be unchanged. Double $$ are reduced + to a single $, which allows for escaping the $(VAR_NAME) + syntax: i.e. "$$(VAR_NAME)" will produce the string + literal "$(VAR_NAME)". Escaped references will never + be expanded, regardless of whether the variable exists + or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' + items: + type: string + type: array + env: + description: List of environment variables to set in + the container. Cannot be updated. + items: + description: EnvVar represents an environment variable + present in a Container. + properties: + name: + description: Name of the environment variable. + Must be a C_IDENTIFIER. + type: string + value: + description: 'Variable references $(VAR_NAME) + are expanded using the previously defined environment + variables in the container and any service environment + variables. If a variable cannot be resolved, + the reference in the input string will be unchanged. + Double $$ are reduced to a single $, which allows + for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" + will produce the string literal "$(VAR_NAME)". + Escaped references will never be expanded, regardless + of whether the variable exists or not. Defaults + to "".' + type: string + valueFrom: + description: Source for the environment variable's + value. Cannot be used if value is not empty. + properties: + configMapKeyRef: + description: Selects a key of a ConfigMap. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the ConfigMap + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + fieldRef: + description: 'Selects a field of the pod: + supports metadata.name, metadata.namespace, + `metadata.labels['''']`, `metadata.annotations['''']`, + spec.nodeName, spec.serviceAccountName, + status.hostIP, status.podIP, status.podIPs.' + properties: + apiVersion: + description: Version of the schema the + FieldPath is written in terms of, defaults + to "v1". + type: string + fieldPath: + description: Path of the field to select + in the specified API version. + type: string + required: + - fieldPath + type: object + x-kubernetes-map-type: atomic + resourceFieldRef: + description: 'Selects a resource of the container: + only resources limits and requests (limits.cpu, + limits.memory, limits.ephemeral-storage, + requests.cpu, requests.memory and requests.ephemeral-storage) + are currently supported.' + properties: + containerName: + description: 'Container name: required + for volumes, optional for env vars' + type: string + divisor: + anyOf: + - type: integer + - type: string + description: Specifies the output format + of the exposed resources, defaults to + "1" + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + description: 'Required: resource to select' + type: string + required: + - resource + type: object + x-kubernetes-map-type: atomic + secretKeyRef: + description: Selects a key of a secret in + the pod's namespace + properties: + key: + description: The key of the secret to + select from. Must be a valid secret + key. + type: string + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + required: + - name + type: object + type: array + envFrom: + description: List of sources to populate environment + variables in the container. The keys defined within + a source must be a C_IDENTIFIER. All invalid keys + will be reported as an event when the container is + starting. When a key exists in multiple sources, the + value associated with the last source will take precedence. + Values defined by an Env with a duplicate key will + take precedence. Cannot be updated. + items: + description: EnvFromSource represents the source of + a set of ConfigMaps + properties: + configMapRef: + description: The ConfigMap to select from + properties: + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the ConfigMap + must be defined + type: boolean + type: object + x-kubernetes-map-type: atomic + prefix: + description: An optional identifier to prepend + to each key in the ConfigMap. Must be a C_IDENTIFIER. + type: string + secretRef: + description: The Secret to select from + properties: + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret must + be defined + type: boolean + type: object + x-kubernetes-map-type: atomic + type: object + type: array + image: + description: 'Container image name. More info: https://kubernetes.io/docs/concepts/containers/images' + type: string + imagePullPolicy: + description: 'Image pull policy. One of Always, Never, + IfNotPresent. Defaults to Always if :latest tag is + specified, or IfNotPresent otherwise. Cannot be updated. + More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' + type: string + lifecycle: + description: Lifecycle is not allowed for ephemeral + containers. + properties: + postStart: + description: 'PostStart is called immediately after + a container is created. If the handler fails, + the container is terminated and restarted according + to its restart policy. Other management of the + container blocks until the hook completes. More + info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' + properties: + exec: + description: Exec specifies the action to take. + properties: + command: + description: Command is the command line + to execute inside the container, the working + directory for the command is root ('/') + in the container's filesystem. The command + is simply exec'd, it is not run inside + a shell, so traditional shell instructions + ('|', etc) won't work. To use a shell, + you need to explicitly call out to that + shell. Exit status of 0 is treated as + live/healthy and non-zero is unhealthy. + items: + type: string + type: array + type: object + httpGet: + description: HTTPGet specifies the http request + to perform. + properties: + host: + description: Host name to connect to, defaults + to the pod IP. You probably want to set + "Host" in httpHeaders instead. + type: string + httpHeaders: + description: Custom headers to set in the + request. HTTP allows repeated headers. + items: + description: HTTPHeader describes a custom + header to be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP + server. + type: string + port: + anyOf: + - type: integer + - type: string + description: Name or number of the port + to access on the container. Number must + be in the range 1 to 65535. Name must + be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: Scheme to use for connecting + to the host. Defaults to HTTP. + type: string + required: + - port + type: object + tcpSocket: + description: Deprecated. TCPSocket is NOT supported + as a LifecycleHandler and kept for the backward + compatibility. There are no validation of + this field and lifecycle hooks will fail in + runtime when tcp handler is specified. + properties: + host: + description: 'Optional: Host name to connect + to, defaults to the pod IP.' + type: string + port: + anyOf: + - type: integer + - type: string + description: Number or name of the port + to access on the container. Number must + be in the range 1 to 65535. Name must + be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + type: object + preStop: + description: 'PreStop is called immediately before + a container is terminated due to an API request + or management event such as liveness/startup probe + failure, preemption, resource contention, etc. + The handler is not called if the container crashes + or exits. The Pod''s termination grace period + countdown begins before the PreStop hook is executed. + Regardless of the outcome of the handler, the + container will eventually terminate within the + Pod''s termination grace period (unless delayed + by finalizers). Other management of the container + blocks until the hook completes or until the termination + grace period is reached. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' + properties: + exec: + description: Exec specifies the action to take. + properties: + command: + description: Command is the command line + to execute inside the container, the working + directory for the command is root ('/') + in the container's filesystem. The command + is simply exec'd, it is not run inside + a shell, so traditional shell instructions + ('|', etc) won't work. To use a shell, + you need to explicitly call out to that + shell. Exit status of 0 is treated as + live/healthy and non-zero is unhealthy. + items: + type: string + type: array + type: object + httpGet: + description: HTTPGet specifies the http request + to perform. + properties: + host: + description: Host name to connect to, defaults + to the pod IP. You probably want to set + "Host" in httpHeaders instead. + type: string + httpHeaders: + description: Custom headers to set in the + request. HTTP allows repeated headers. + items: + description: HTTPHeader describes a custom + header to be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP + server. + type: string + port: + anyOf: + - type: integer + - type: string + description: Name or number of the port + to access on the container. Number must + be in the range 1 to 65535. Name must + be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: Scheme to use for connecting + to the host. Defaults to HTTP. + type: string + required: + - port + type: object + tcpSocket: + description: Deprecated. TCPSocket is NOT supported + as a LifecycleHandler and kept for the backward + compatibility. There are no validation of + this field and lifecycle hooks will fail in + runtime when tcp handler is specified. + properties: + host: + description: 'Optional: Host name to connect + to, defaults to the pod IP.' + type: string + port: + anyOf: + - type: integer + - type: string + description: Number or name of the port + to access on the container. Number must + be in the range 1 to 65535. Name must + be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + type: object + type: object + livenessProbe: + description: Probes are not allowed for ephemeral containers. + properties: + exec: + description: Exec specifies the action to take. + properties: + command: + description: Command is the command line to + execute inside the container, the working + directory for the command is root ('/') in + the container's filesystem. The command is + simply exec'd, it is not run inside a shell, + so traditional shell instructions ('|', etc) + won't work. To use a shell, you need to explicitly + call out to that shell. Exit status of 0 is + treated as live/healthy and non-zero is unhealthy. + items: + type: string + type: array + type: object + failureThreshold: + description: Minimum consecutive failures for the + probe to be considered failed after having succeeded. + Defaults to 3. Minimum value is 1. + format: int32 + type: integer + grpc: + description: GRPC specifies an action involving + a GRPC port. This is a beta field and requires + enabling GRPCContainerProbe feature gate. + properties: + port: + description: Port number of the gRPC service. + Number must be in the range 1 to 65535. + format: int32 + type: integer + service: + description: "Service is the name of the service + to place in the gRPC HealthCheckRequest (see + https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + \n If this is not specified, the default behavior + is defined by gRPC." + type: string + required: + - port + type: object + httpGet: + description: HTTPGet specifies the http request + to perform. + properties: + host: + description: Host name to connect to, defaults + to the pod IP. You probably want to set "Host" + in httpHeaders instead. + type: string + httpHeaders: + description: Custom headers to set in the request. + HTTP allows repeated headers. + items: + description: HTTPHeader describes a custom + header to be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: integer + - type: string + description: Name or number of the port to access + on the container. Number must be in the range + 1 to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: Scheme to use for connecting to + the host. Defaults to HTTP. + type: string + required: + - port + type: object + initialDelaySeconds: + description: 'Number of seconds after the container + has started before liveness probes are initiated. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + periodSeconds: + description: How often (in seconds) to perform the + probe. Default to 10 seconds. Minimum value is + 1. + format: int32 + type: integer + successThreshold: + description: Minimum consecutive successes for the + probe to be considered successful after having + failed. Defaults to 1. Must be 1 for liveness + and startup. Minimum value is 1. + format: int32 + type: integer + tcpSocket: + description: TCPSocket specifies an action involving + a TCP port. + properties: + host: + description: 'Optional: Host name to connect + to, defaults to the pod IP.' + type: string + port: + anyOf: + - type: integer + - type: string + description: Number or name of the port to access + on the container. Number must be in the range + 1 to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + terminationGracePeriodSeconds: + description: Optional duration in seconds the pod + needs to terminate gracefully upon probe failure. + The grace period is the duration in seconds after + the processes running in the pod are sent a termination + signal and the time when the processes are forcibly + halted with a kill signal. Set this value longer + than the expected cleanup time for your process. + If this value is nil, the pod's terminationGracePeriodSeconds + will be used. Otherwise, this value overrides + the value provided by the pod spec. Value must + be non-negative integer. The value zero indicates + stop immediately via the kill signal (no opportunity + to shut down). This is a beta field and requires + enabling ProbeTerminationGracePeriod feature gate. + Minimum value is 1. spec.terminationGracePeriodSeconds + is used if unset. + format: int64 + type: integer + timeoutSeconds: + description: 'Number of seconds after which the + probe times out. Defaults to 1 second. Minimum + value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + type: object + name: + description: Name of the ephemeral container specified + as a DNS_LABEL. This name must be unique among all + containers, init containers and ephemeral containers. + type: string + ports: + description: Ports are not allowed for ephemeral containers. + items: + description: ContainerPort represents a network port + in a single container. + properties: + containerPort: + description: Number of port to expose on the pod's + IP address. This must be a valid port number, + 0 < x < 65536. + format: int32 + type: integer + hostIP: + description: What host IP to bind the external + port to. + type: string + hostPort: + description: Number of port to expose on the host. + If specified, this must be a valid port number, + 0 < x < 65536. If HostNetwork is specified, + this must match ContainerPort. Most containers + do not need this. + format: int32 + type: integer + name: + description: If specified, this must be an IANA_SVC_NAME + and unique within the pod. Each named port in + a pod must have a unique name. Name for the + port that can be referred to by services. + type: string + protocol: + default: TCP + description: Protocol for port. Must be UDP, TCP, + or SCTP. Defaults to "TCP". + type: string + required: + - containerPort + type: object + type: array + x-kubernetes-list-map-keys: + - containerPort + - protocol + x-kubernetes-list-type: map + readinessProbe: + description: Probes are not allowed for ephemeral containers. + properties: + exec: + description: Exec specifies the action to take. + properties: + command: + description: Command is the command line to + execute inside the container, the working + directory for the command is root ('/') in + the container's filesystem. The command is + simply exec'd, it is not run inside a shell, + so traditional shell instructions ('|', etc) + won't work. To use a shell, you need to explicitly + call out to that shell. Exit status of 0 is + treated as live/healthy and non-zero is unhealthy. + items: + type: string + type: array + type: object + failureThreshold: + description: Minimum consecutive failures for the + probe to be considered failed after having succeeded. + Defaults to 3. Minimum value is 1. + format: int32 + type: integer + grpc: + description: GRPC specifies an action involving + a GRPC port. This is a beta field and requires + enabling GRPCContainerProbe feature gate. + properties: + port: + description: Port number of the gRPC service. + Number must be in the range 1 to 65535. + format: int32 + type: integer + service: + description: "Service is the name of the service + to place in the gRPC HealthCheckRequest (see + https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + \n If this is not specified, the default behavior + is defined by gRPC." + type: string + required: + - port + type: object + httpGet: + description: HTTPGet specifies the http request + to perform. + properties: + host: + description: Host name to connect to, defaults + to the pod IP. You probably want to set "Host" + in httpHeaders instead. + type: string + httpHeaders: + description: Custom headers to set in the request. + HTTP allows repeated headers. + items: + description: HTTPHeader describes a custom + header to be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: integer + - type: string + description: Name or number of the port to access + on the container. Number must be in the range + 1 to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: Scheme to use for connecting to + the host. Defaults to HTTP. + type: string + required: + - port + type: object + initialDelaySeconds: + description: 'Number of seconds after the container + has started before liveness probes are initiated. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + periodSeconds: + description: How often (in seconds) to perform the + probe. Default to 10 seconds. Minimum value is + 1. + format: int32 + type: integer + successThreshold: + description: Minimum consecutive successes for the + probe to be considered successful after having + failed. Defaults to 1. Must be 1 for liveness + and startup. Minimum value is 1. + format: int32 + type: integer + tcpSocket: + description: TCPSocket specifies an action involving + a TCP port. + properties: + host: + description: 'Optional: Host name to connect + to, defaults to the pod IP.' + type: string + port: + anyOf: + - type: integer + - type: string + description: Number or name of the port to access + on the container. Number must be in the range + 1 to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + terminationGracePeriodSeconds: + description: Optional duration in seconds the pod + needs to terminate gracefully upon probe failure. + The grace period is the duration in seconds after + the processes running in the pod are sent a termination + signal and the time when the processes are forcibly + halted with a kill signal. Set this value longer + than the expected cleanup time for your process. + If this value is nil, the pod's terminationGracePeriodSeconds + will be used. Otherwise, this value overrides + the value provided by the pod spec. Value must + be non-negative integer. The value zero indicates + stop immediately via the kill signal (no opportunity + to shut down). This is a beta field and requires + enabling ProbeTerminationGracePeriod feature gate. + Minimum value is 1. spec.terminationGracePeriodSeconds + is used if unset. + format: int64 + type: integer + timeoutSeconds: + description: 'Number of seconds after which the + probe times out. Defaults to 1 second. Minimum + value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + type: object + resources: + description: Resources are not allowed for ephemeral + containers. Ephemeral containers use spare resources + already allocated to the pod. + properties: + claims: + description: "Claims lists the names of resources, + defined in spec.resourceClaims, that are used + by this container. \n This is an alpha field and + requires enabling the DynamicResourceAllocation + feature gate. \n This field is immutable. It can + only be set for containers." + items: + description: ResourceClaim references one entry + in PodSpec.ResourceClaims. + properties: + name: + description: Name must match the name of one + entry in pod.spec.resourceClaims of the + Pod where this field is used. It makes that + resource available inside a container. + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum amount + of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum amount + of compute resources required. If Requests is + omitted for a container, it defaults to Limits + if that is explicitly specified, otherwise to + an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + type: object + securityContext: + description: 'Optional: SecurityContext defines the + security options the ephemeral container should be + run with. If set, the fields of SecurityContext override + the equivalent fields of PodSecurityContext.' + properties: + allowPrivilegeEscalation: + description: 'AllowPrivilegeEscalation controls + whether a process can gain more privileges than + its parent process. This bool directly controls + if the no_new_privs flag will be set on the container + process. AllowPrivilegeEscalation is true always + when the container is: 1) run as Privileged 2) + has CAP_SYS_ADMIN Note that this field cannot + be set when spec.os.name is windows.' + type: boolean + capabilities: + description: The capabilities to add/drop when running + containers. Defaults to the default set of capabilities + granted by the container runtime. Note that this + field cannot be set when spec.os.name is windows. + properties: + add: + description: Added capabilities + items: + description: Capability represent POSIX capabilities + type + type: string + type: array + drop: + description: Removed capabilities + items: + description: Capability represent POSIX capabilities + type + type: string + type: array + type: object + privileged: + description: Run container in privileged mode. Processes + in privileged containers are essentially equivalent + to root on the host. Defaults to false. Note that + this field cannot be set when spec.os.name is + windows. + type: boolean + procMount: + description: procMount denotes the type of proc + mount to use for the containers. The default is + DefaultProcMount which uses the container runtime + defaults for readonly paths and masked paths. + This requires the ProcMountType feature flag to + be enabled. Note that this field cannot be set + when spec.os.name is windows. + type: string + readOnlyRootFilesystem: + description: Whether this container has a read-only + root filesystem. Default is false. Note that this + field cannot be set when spec.os.name is windows. + type: boolean + runAsGroup: + description: The GID to run the entrypoint of the + container process. Uses runtime default if unset. + May also be set in PodSecurityContext. If set + in both SecurityContext and PodSecurityContext, + the value specified in SecurityContext takes precedence. + Note that this field cannot be set when spec.os.name + is windows. + format: int64 + type: integer + runAsNonRoot: + description: Indicates that the container must run + as a non-root user. If true, the Kubelet will + validate the image at runtime to ensure that it + does not run as UID 0 (root) and fail to start + the container if it does. If unset or false, no + such validation will be performed. May also be + set in PodSecurityContext. If set in both SecurityContext + and PodSecurityContext, the value specified in + SecurityContext takes precedence. + type: boolean + runAsUser: + description: The UID to run the entrypoint of the + container process. Defaults to user specified + in image metadata if unspecified. May also be + set in PodSecurityContext. If set in both SecurityContext + and PodSecurityContext, the value specified in + SecurityContext takes precedence. Note that this + field cannot be set when spec.os.name is windows. + format: int64 + type: integer + seLinuxOptions: + description: The SELinux context to be applied to + the container. If unspecified, the container runtime + will allocate a random SELinux context for each + container. May also be set in PodSecurityContext. If + set in both SecurityContext and PodSecurityContext, + the value specified in SecurityContext takes precedence. + Note that this field cannot be set when spec.os.name + is windows. + properties: + level: + description: Level is SELinux level label that + applies to the container. + type: string + role: + description: Role is a SELinux role label that + applies to the container. + type: string + type: + description: Type is a SELinux type label that + applies to the container. + type: string + user: + description: User is a SELinux user label that + applies to the container. + type: string + type: object + seccompProfile: + description: The seccomp options to use by this + container. If seccomp options are provided at + both the pod & container level, the container + options override the pod options. Note that this + field cannot be set when spec.os.name is windows. + properties: + localhostProfile: + description: localhostProfile indicates a profile + defined in a file on the node should be used. + The profile must be preconfigured on the node + to work. Must be a descending path, relative + to the kubelet's configured seccomp profile + location. Must only be set if type is "Localhost". + type: string + type: + description: "type indicates which kind of seccomp + profile will be applied. Valid options are: + \n Localhost - a profile defined in a file + on the node should be used. RuntimeDefault + - the container runtime default profile should + be used. Unconfined - no profile should be + applied." + type: string + required: + - type + type: object + windowsOptions: + description: The Windows specific settings applied + to all containers. If unspecified, the options + from the PodSecurityContext will be used. If set + in both SecurityContext and PodSecurityContext, + the value specified in SecurityContext takes precedence. + Note that this field cannot be set when spec.os.name + is linux. + properties: + gmsaCredentialSpec: + description: GMSACredentialSpec is where the + GMSA admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) + inlines the contents of the GMSA credential + spec named by the GMSACredentialSpecName field. + type: string + gmsaCredentialSpecName: + description: GMSACredentialSpecName is the name + of the GMSA credential spec to use. + type: string + hostProcess: + description: HostProcess determines if a container + should be run as a 'Host Process' container. + This field is alpha-level and will only be + honored by components that enable the WindowsHostProcessContainers + feature flag. Setting this field without the + feature flag will result in errors when validating + the Pod. All of a Pod's containers must have + the same effective HostProcess value (it is + not allowed to have a mix of HostProcess containers + and non-HostProcess containers). In addition, + if HostProcess is true then HostNetwork must + also be set to true. + type: boolean + runAsUserName: + description: The UserName in Windows to run + the entrypoint of the container process. Defaults + to the user specified in image metadata if + unspecified. May also be set in PodSecurityContext. + If set in both SecurityContext and PodSecurityContext, + the value specified in SecurityContext takes + precedence. + type: string + type: object + type: object + startupProbe: + description: Probes are not allowed for ephemeral containers. + properties: + exec: + description: Exec specifies the action to take. + properties: + command: + description: Command is the command line to + execute inside the container, the working + directory for the command is root ('/') in + the container's filesystem. The command is + simply exec'd, it is not run inside a shell, + so traditional shell instructions ('|', etc) + won't work. To use a shell, you need to explicitly + call out to that shell. Exit status of 0 is + treated as live/healthy and non-zero is unhealthy. + items: + type: string + type: array + type: object + failureThreshold: + description: Minimum consecutive failures for the + probe to be considered failed after having succeeded. + Defaults to 3. Minimum value is 1. + format: int32 + type: integer + grpc: + description: GRPC specifies an action involving + a GRPC port. This is a beta field and requires + enabling GRPCContainerProbe feature gate. + properties: + port: + description: Port number of the gRPC service. + Number must be in the range 1 to 65535. + format: int32 + type: integer + service: + description: "Service is the name of the service + to place in the gRPC HealthCheckRequest (see + https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + \n If this is not specified, the default behavior + is defined by gRPC." + type: string + required: + - port + type: object + httpGet: + description: HTTPGet specifies the http request + to perform. + properties: + host: + description: Host name to connect to, defaults + to the pod IP. You probably want to set "Host" + in httpHeaders instead. + type: string + httpHeaders: + description: Custom headers to set in the request. + HTTP allows repeated headers. + items: + description: HTTPHeader describes a custom + header to be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: integer + - type: string + description: Name or number of the port to access + on the container. Number must be in the range + 1 to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: Scheme to use for connecting to + the host. Defaults to HTTP. + type: string + required: + - port + type: object + initialDelaySeconds: + description: 'Number of seconds after the container + has started before liveness probes are initiated. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + periodSeconds: + description: How often (in seconds) to perform the + probe. Default to 10 seconds. Minimum value is + 1. + format: int32 + type: integer + successThreshold: + description: Minimum consecutive successes for the + probe to be considered successful after having + failed. Defaults to 1. Must be 1 for liveness + and startup. Minimum value is 1. + format: int32 + type: integer + tcpSocket: + description: TCPSocket specifies an action involving + a TCP port. + properties: + host: + description: 'Optional: Host name to connect + to, defaults to the pod IP.' + type: string + port: + anyOf: + - type: integer + - type: string + description: Number or name of the port to access + on the container. Number must be in the range + 1 to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + terminationGracePeriodSeconds: + description: Optional duration in seconds the pod + needs to terminate gracefully upon probe failure. + The grace period is the duration in seconds after + the processes running in the pod are sent a termination + signal and the time when the processes are forcibly + halted with a kill signal. Set this value longer + than the expected cleanup time for your process. + If this value is nil, the pod's terminationGracePeriodSeconds + will be used. Otherwise, this value overrides + the value provided by the pod spec. Value must + be non-negative integer. The value zero indicates + stop immediately via the kill signal (no opportunity + to shut down). This is a beta field and requires + enabling ProbeTerminationGracePeriod feature gate. + Minimum value is 1. spec.terminationGracePeriodSeconds + is used if unset. + format: int64 + type: integer + timeoutSeconds: + description: 'Number of seconds after which the + probe times out. Defaults to 1 second. Minimum + value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + type: object + stdin: + description: Whether this container should allocate + a buffer for stdin in the container runtime. If this + is not set, reads from stdin in the container will + always result in EOF. Default is false. + type: boolean + stdinOnce: + description: Whether the container runtime should close + the stdin channel after it has been opened by a single + attach. When stdin is true the stdin stream will remain + open across multiple attach sessions. If stdinOnce + is set to true, stdin is opened on container start, + is empty until the first client attaches to stdin, + and then remains open and accepts data until the client + disconnects, at which time stdin is closed and remains + closed until the container is restarted. If this flag + is false, a container processes that reads from stdin + will never receive an EOF. Default is false + type: boolean + targetContainerName: + description: "If set, the name of the container from + PodSpec that this ephemeral container targets. The + ephemeral container will be run in the namespaces + (IPC, PID, etc) of this container. If not set then + the ephemeral container uses the namespaces configured + in the Pod spec. \n The container runtime must implement + support for this feature. If the runtime does not + support namespace targeting then the result of setting + this field is undefined." + type: string + terminationMessagePath: + description: 'Optional: Path at which the file to which + the container''s termination message will be written + is mounted into the container''s filesystem. Message + written is intended to be brief final status, such + as an assertion failure message. Will be truncated + by the node if greater than 4096 bytes. The total + message length across all containers will be limited + to 12kb. Defaults to /dev/termination-log. Cannot + be updated.' + type: string + terminationMessagePolicy: + description: Indicate how the termination message should + be populated. File will use the contents of terminationMessagePath + to populate the container status message on both success + and failure. FallbackToLogsOnError will use the last + chunk of container log output if the termination message + file is empty and the container exited with an error. + The log output is limited to 2048 bytes or 80 lines, + whichever is smaller. Defaults to File. Cannot be + updated. + type: string + tty: + description: Whether this container should allocate + a TTY for itself, also requires 'stdin' to be true. + Default is false. + type: boolean + volumeDevices: + description: volumeDevices is the list of block devices + to be used by the container. + items: + description: volumeDevice describes a mapping of a + raw block device within a container. + properties: + devicePath: + description: devicePath is the path inside of + the container that the device will be mapped + to. + type: string + name: + description: name must match the name of a persistentVolumeClaim + in the pod + type: string + required: + - devicePath + - name + type: object + type: array + volumeMounts: + description: Pod volumes to mount into the container's + filesystem. Subpath mounts are not allowed for ephemeral + containers. Cannot be updated. + items: + description: VolumeMount describes a mounting of a + Volume within a container. + properties: + mountPath: + description: Path within the container at which + the volume should be mounted. Must not contain + ':'. + type: string + mountPropagation: + description: mountPropagation determines how mounts + are propagated from the host to container and + the other way around. When not set, MountPropagationNone + is used. This field is beta in 1.10. + type: string + name: + description: This must match the Name of a Volume. + type: string + readOnly: + description: Mounted read-only if true, read-write + otherwise (false or unspecified). Defaults to + false. + type: boolean + subPath: + description: Path within the volume from which + the container's volume should be mounted. Defaults + to "" (volume's root). + type: string + subPathExpr: + description: Expanded path within the volume from + which the container's volume should be mounted. + Behaves similarly to SubPath but environment + variable references $(VAR_NAME) are expanded + using the container's environment. Defaults + to "" (volume's root). SubPathExpr and SubPath + are mutually exclusive. + type: string + required: + - mountPath + - name + type: object + type: array + workingDir: + description: Container's working directory. If not specified, + the container runtime's default will be used, which + might be configured in the container image. Cannot + be updated. + type: string + required: + - name + type: object + type: array + hostAliases: + description: HostAliases is an optional list of hosts and + IPs that will be injected into the pod's hosts file if specified. + This is only valid for non-hostNetwork pods. + items: + description: HostAlias holds the mapping between IP and + hostnames that will be injected as an entry in the pod's + hosts file. + properties: + hostnames: + description: Hostnames for the above IP address. + items: + type: string + type: array + ip: + description: IP address of the host file entry. + type: string + type: object + type: array + hostIPC: + description: 'Use the host''s ipc namespace. Optional: Default + to false.' + type: boolean + hostNetwork: + description: Host networking requested for this pod. Use the + host's network namespace. If this option is set, the ports + that will be used must be specified. Default to false. + type: boolean + hostPID: + description: 'Use the host''s pid namespace. Optional: Default + to false.' + type: boolean + hostUsers: + description: 'Use the host''s user namespace. Optional: Default + to true. If set to true or not present, the pod will be + run in the host user namespace, useful for when the pod + needs a feature only available to the host user namespace, + such as loading a kernel module with CAP_SYS_MODULE. When + set to false, a new userns is created for the pod. Setting + false is useful for mitigating container breakout vulnerabilities + even allowing users to run their containers as root without + actually having root privileges on the host. This field + is alpha-level and is only honored by servers that enable + the UserNamespacesSupport feature.' + type: boolean + hostname: + description: Specifies the hostname of the Pod If not specified, + the pod's hostname will be set to a system-defined value. + type: string + imagePullSecrets: + description: 'ImagePullSecrets is an optional list of references + to secrets in the same namespace to use for pulling any + of the images used by this PodSpec. If specified, these + secrets will be passed to individual puller implementations + for them to use. More info: https://kubernetes.io/docs/concepts/containers/images#specifying-imagepullsecrets-on-a-pod' + items: + description: LocalObjectReference contains enough information + to let you locate the referenced object inside the same + namespace. + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + type: object + x-kubernetes-map-type: atomic + type: array + initContainers: + description: 'List of initialization containers belonging + to the pod. Init containers are executed in order prior + to containers being started. If any init container fails, + the pod is considered to have failed and is handled according + to its restartPolicy. The name for an init container or + normal container must be unique among all containers. Init + containers may not have Lifecycle actions, Readiness probes, + Liveness probes, or Startup probes. The resourceRequirements + of an init container are taken into account during scheduling + by finding the highest request/limit for each resource type, + and then using the max of of that value or the sum of the + normal containers. Limits are applied to init containers + in a similar fashion. Init containers cannot currently be + added or removed. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/' + items: + description: A single application container that you want + to run within a pod. + properties: + args: + description: 'Arguments to the entrypoint. The container + image''s CMD is used if this is not provided. Variable + references $(VAR_NAME) are expanded using the container''s + environment. If a variable cannot be resolved, the + reference in the input string will be unchanged. Double + $$ are reduced to a single $, which allows for escaping + the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce + the string literal "$(VAR_NAME)". Escaped references + will never be expanded, regardless of whether the + variable exists or not. Cannot be updated. More info: + https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' + items: + type: string + type: array + command: + description: 'Entrypoint array. Not executed within + a shell. The container image''s ENTRYPOINT is used + if this is not provided. Variable references $(VAR_NAME) + are expanded using the container''s environment. If + a variable cannot be resolved, the reference in the + input string will be unchanged. Double $$ are reduced + to a single $, which allows for escaping the $(VAR_NAME) + syntax: i.e. "$$(VAR_NAME)" will produce the string + literal "$(VAR_NAME)". Escaped references will never + be expanded, regardless of whether the variable exists + or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' + items: + type: string + type: array + env: + description: List of environment variables to set in + the container. Cannot be updated. + items: + description: EnvVar represents an environment variable + present in a Container. + properties: + name: + description: Name of the environment variable. + Must be a C_IDENTIFIER. + type: string + value: + description: 'Variable references $(VAR_NAME) + are expanded using the previously defined environment + variables in the container and any service environment + variables. If a variable cannot be resolved, + the reference in the input string will be unchanged. + Double $$ are reduced to a single $, which allows + for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" + will produce the string literal "$(VAR_NAME)". + Escaped references will never be expanded, regardless + of whether the variable exists or not. Defaults + to "".' + type: string + valueFrom: + description: Source for the environment variable's + value. Cannot be used if value is not empty. + properties: + configMapKeyRef: + description: Selects a key of a ConfigMap. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the ConfigMap + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + fieldRef: + description: 'Selects a field of the pod: + supports metadata.name, metadata.namespace, + `metadata.labels['''']`, `metadata.annotations['''']`, + spec.nodeName, spec.serviceAccountName, + status.hostIP, status.podIP, status.podIPs.' + properties: + apiVersion: + description: Version of the schema the + FieldPath is written in terms of, defaults + to "v1". + type: string + fieldPath: + description: Path of the field to select + in the specified API version. + type: string + required: + - fieldPath + type: object + x-kubernetes-map-type: atomic + resourceFieldRef: + description: 'Selects a resource of the container: + only resources limits and requests (limits.cpu, + limits.memory, limits.ephemeral-storage, + requests.cpu, requests.memory and requests.ephemeral-storage) + are currently supported.' + properties: + containerName: + description: 'Container name: required + for volumes, optional for env vars' + type: string + divisor: + anyOf: + - type: integer + - type: string + description: Specifies the output format + of the exposed resources, defaults to + "1" + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + description: 'Required: resource to select' + type: string + required: + - resource + type: object + x-kubernetes-map-type: atomic + secretKeyRef: + description: Selects a key of a secret in + the pod's namespace + properties: + key: + description: The key of the secret to + select from. Must be a valid secret + key. + type: string + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + required: + - name + type: object + type: array + envFrom: + description: List of sources to populate environment + variables in the container. The keys defined within + a source must be a C_IDENTIFIER. All invalid keys + will be reported as an event when the container is + starting. When a key exists in multiple sources, the + value associated with the last source will take precedence. + Values defined by an Env with a duplicate key will + take precedence. Cannot be updated. + items: + description: EnvFromSource represents the source of + a set of ConfigMaps + properties: + configMapRef: + description: The ConfigMap to select from + properties: + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the ConfigMap + must be defined + type: boolean + type: object + x-kubernetes-map-type: atomic + prefix: + description: An optional identifier to prepend + to each key in the ConfigMap. Must be a C_IDENTIFIER. + type: string + secretRef: + description: The Secret to select from + properties: + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret must + be defined + type: boolean + type: object + x-kubernetes-map-type: atomic + type: object + type: array + image: + description: 'Container image name. More info: https://kubernetes.io/docs/concepts/containers/images + This field is optional to allow higher level config + management to default or override container images + in workload controllers like Deployments and StatefulSets.' + type: string + imagePullPolicy: + description: 'Image pull policy. One of Always, Never, + IfNotPresent. Defaults to Always if :latest tag is + specified, or IfNotPresent otherwise. Cannot be updated. + More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' + type: string + lifecycle: + description: Actions that the management system should + take in response to container lifecycle events. Cannot + be updated. + properties: + postStart: + description: 'PostStart is called immediately after + a container is created. If the handler fails, + the container is terminated and restarted according + to its restart policy. Other management of the + container blocks until the hook completes. More + info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' + properties: + exec: + description: Exec specifies the action to take. + properties: + command: + description: Command is the command line + to execute inside the container, the working + directory for the command is root ('/') + in the container's filesystem. The command + is simply exec'd, it is not run inside + a shell, so traditional shell instructions + ('|', etc) won't work. To use a shell, + you need to explicitly call out to that + shell. Exit status of 0 is treated as + live/healthy and non-zero is unhealthy. + items: + type: string + type: array + type: object + httpGet: + description: HTTPGet specifies the http request + to perform. + properties: + host: + description: Host name to connect to, defaults + to the pod IP. You probably want to set + "Host" in httpHeaders instead. + type: string + httpHeaders: + description: Custom headers to set in the + request. HTTP allows repeated headers. + items: + description: HTTPHeader describes a custom + header to be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP + server. + type: string + port: + anyOf: + - type: integer + - type: string + description: Name or number of the port + to access on the container. Number must + be in the range 1 to 65535. Name must + be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: Scheme to use for connecting + to the host. Defaults to HTTP. + type: string + required: + - port + type: object + tcpSocket: + description: Deprecated. TCPSocket is NOT supported + as a LifecycleHandler and kept for the backward + compatibility. There are no validation of + this field and lifecycle hooks will fail in + runtime when tcp handler is specified. + properties: + host: + description: 'Optional: Host name to connect + to, defaults to the pod IP.' + type: string + port: + anyOf: + - type: integer + - type: string + description: Number or name of the port + to access on the container. Number must + be in the range 1 to 65535. Name must + be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + type: object + preStop: + description: 'PreStop is called immediately before + a container is terminated due to an API request + or management event such as liveness/startup probe + failure, preemption, resource contention, etc. + The handler is not called if the container crashes + or exits. The Pod''s termination grace period + countdown begins before the PreStop hook is executed. + Regardless of the outcome of the handler, the + container will eventually terminate within the + Pod''s termination grace period (unless delayed + by finalizers). Other management of the container + blocks until the hook completes or until the termination + grace period is reached. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' + properties: + exec: + description: Exec specifies the action to take. + properties: + command: + description: Command is the command line + to execute inside the container, the working + directory for the command is root ('/') + in the container's filesystem. The command + is simply exec'd, it is not run inside + a shell, so traditional shell instructions + ('|', etc) won't work. To use a shell, + you need to explicitly call out to that + shell. Exit status of 0 is treated as + live/healthy and non-zero is unhealthy. + items: + type: string + type: array + type: object + httpGet: + description: HTTPGet specifies the http request + to perform. + properties: + host: + description: Host name to connect to, defaults + to the pod IP. You probably want to set + "Host" in httpHeaders instead. + type: string + httpHeaders: + description: Custom headers to set in the + request. HTTP allows repeated headers. + items: + description: HTTPHeader describes a custom + header to be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP + server. + type: string + port: + anyOf: + - type: integer + - type: string + description: Name or number of the port + to access on the container. Number must + be in the range 1 to 65535. Name must + be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: Scheme to use for connecting + to the host. Defaults to HTTP. + type: string + required: + - port + type: object + tcpSocket: + description: Deprecated. TCPSocket is NOT supported + as a LifecycleHandler and kept for the backward + compatibility. There are no validation of + this field and lifecycle hooks will fail in + runtime when tcp handler is specified. + properties: + host: + description: 'Optional: Host name to connect + to, defaults to the pod IP.' + type: string + port: + anyOf: + - type: integer + - type: string + description: Number or name of the port + to access on the container. Number must + be in the range 1 to 65535. Name must + be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + type: object + type: object + livenessProbe: + description: 'Periodic probe of container liveness. + Container will be restarted if the probe fails. Cannot + be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + properties: + exec: + description: Exec specifies the action to take. + properties: + command: + description: Command is the command line to + execute inside the container, the working + directory for the command is root ('/') in + the container's filesystem. The command is + simply exec'd, it is not run inside a shell, + so traditional shell instructions ('|', etc) + won't work. To use a shell, you need to explicitly + call out to that shell. Exit status of 0 is + treated as live/healthy and non-zero is unhealthy. + items: + type: string + type: array + type: object + failureThreshold: + description: Minimum consecutive failures for the + probe to be considered failed after having succeeded. + Defaults to 3. Minimum value is 1. + format: int32 + type: integer + grpc: + description: GRPC specifies an action involving + a GRPC port. This is a beta field and requires + enabling GRPCContainerProbe feature gate. + properties: + port: + description: Port number of the gRPC service. + Number must be in the range 1 to 65535. + format: int32 + type: integer + service: + description: "Service is the name of the service + to place in the gRPC HealthCheckRequest (see + https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + \n If this is not specified, the default behavior + is defined by gRPC." + type: string + required: + - port + type: object + httpGet: + description: HTTPGet specifies the http request + to perform. + properties: + host: + description: Host name to connect to, defaults + to the pod IP. You probably want to set "Host" + in httpHeaders instead. + type: string + httpHeaders: + description: Custom headers to set in the request. + HTTP allows repeated headers. + items: + description: HTTPHeader describes a custom + header to be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: integer + - type: string + description: Name or number of the port to access + on the container. Number must be in the range + 1 to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: Scheme to use for connecting to + the host. Defaults to HTTP. + type: string + required: + - port + type: object + initialDelaySeconds: + description: 'Number of seconds after the container + has started before liveness probes are initiated. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + periodSeconds: + description: How often (in seconds) to perform the + probe. Default to 10 seconds. Minimum value is + 1. + format: int32 + type: integer + successThreshold: + description: Minimum consecutive successes for the + probe to be considered successful after having + failed. Defaults to 1. Must be 1 for liveness + and startup. Minimum value is 1. + format: int32 + type: integer + tcpSocket: + description: TCPSocket specifies an action involving + a TCP port. + properties: + host: + description: 'Optional: Host name to connect + to, defaults to the pod IP.' + type: string + port: + anyOf: + - type: integer + - type: string + description: Number or name of the port to access + on the container. Number must be in the range + 1 to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + terminationGracePeriodSeconds: + description: Optional duration in seconds the pod + needs to terminate gracefully upon probe failure. + The grace period is the duration in seconds after + the processes running in the pod are sent a termination + signal and the time when the processes are forcibly + halted with a kill signal. Set this value longer + than the expected cleanup time for your process. + If this value is nil, the pod's terminationGracePeriodSeconds + will be used. Otherwise, this value overrides + the value provided by the pod spec. Value must + be non-negative integer. The value zero indicates + stop immediately via the kill signal (no opportunity + to shut down). This is a beta field and requires + enabling ProbeTerminationGracePeriod feature gate. + Minimum value is 1. spec.terminationGracePeriodSeconds + is used if unset. + format: int64 + type: integer + timeoutSeconds: + description: 'Number of seconds after which the + probe times out. Defaults to 1 second. Minimum + value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + type: object + name: + description: Name of the container specified as a DNS_LABEL. + Each container in a pod must have a unique name (DNS_LABEL). + Cannot be updated. + type: string + ports: + description: List of ports to expose from the container. + Not specifying a port here DOES NOT prevent that port + from being exposed. Any port which is listening on + the default "0.0.0.0" address inside a container will + be accessible from the network. Modifying this array + with strategic merge patch may corrupt the data. For + more information See https://github.com/kubernetes/kubernetes/issues/108255. + Cannot be updated. + items: + description: ContainerPort represents a network port + in a single container. + properties: + containerPort: + description: Number of port to expose on the pod's + IP address. This must be a valid port number, + 0 < x < 65536. + format: int32 + type: integer + hostIP: + description: What host IP to bind the external + port to. + type: string + hostPort: + description: Number of port to expose on the host. + If specified, this must be a valid port number, + 0 < x < 65536. If HostNetwork is specified, + this must match ContainerPort. Most containers + do not need this. + format: int32 + type: integer + name: + description: If specified, this must be an IANA_SVC_NAME + and unique within the pod. Each named port in + a pod must have a unique name. Name for the + port that can be referred to by services. + type: string + protocol: + default: TCP + description: Protocol for port. Must be UDP, TCP, + or SCTP. Defaults to "TCP". + type: string + required: + - containerPort + type: object + type: array + readinessProbe: + description: 'Periodic probe of container service readiness. + Container will be removed from service endpoints if + the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + properties: + exec: + description: Exec specifies the action to take. + properties: + command: + description: Command is the command line to + execute inside the container, the working + directory for the command is root ('/') in + the container's filesystem. The command is + simply exec'd, it is not run inside a shell, + so traditional shell instructions ('|', etc) + won't work. To use a shell, you need to explicitly + call out to that shell. Exit status of 0 is + treated as live/healthy and non-zero is unhealthy. + items: + type: string + type: array + type: object + failureThreshold: + description: Minimum consecutive failures for the + probe to be considered failed after having succeeded. + Defaults to 3. Minimum value is 1. + format: int32 + type: integer + grpc: + description: GRPC specifies an action involving + a GRPC port. This is a beta field and requires + enabling GRPCContainerProbe feature gate. + properties: + port: + description: Port number of the gRPC service. + Number must be in the range 1 to 65535. + format: int32 + type: integer + service: + description: "Service is the name of the service + to place in the gRPC HealthCheckRequest (see + https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + \n If this is not specified, the default behavior + is defined by gRPC." + type: string + required: + - port + type: object + httpGet: + description: HTTPGet specifies the http request + to perform. + properties: + host: + description: Host name to connect to, defaults + to the pod IP. You probably want to set "Host" + in httpHeaders instead. + type: string + httpHeaders: + description: Custom headers to set in the request. + HTTP allows repeated headers. + items: + description: HTTPHeader describes a custom + header to be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: integer + - type: string + description: Name or number of the port to access + on the container. Number must be in the range + 1 to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: Scheme to use for connecting to + the host. Defaults to HTTP. + type: string + required: + - port + type: object + initialDelaySeconds: + description: 'Number of seconds after the container + has started before liveness probes are initiated. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + periodSeconds: + description: How often (in seconds) to perform the + probe. Default to 10 seconds. Minimum value is + 1. + format: int32 + type: integer + successThreshold: + description: Minimum consecutive successes for the + probe to be considered successful after having + failed. Defaults to 1. Must be 1 for liveness + and startup. Minimum value is 1. + format: int32 + type: integer + tcpSocket: + description: TCPSocket specifies an action involving + a TCP port. + properties: + host: + description: 'Optional: Host name to connect + to, defaults to the pod IP.' + type: string + port: + anyOf: + - type: integer + - type: string + description: Number or name of the port to access + on the container. Number must be in the range + 1 to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + terminationGracePeriodSeconds: + description: Optional duration in seconds the pod + needs to terminate gracefully upon probe failure. + The grace period is the duration in seconds after + the processes running in the pod are sent a termination + signal and the time when the processes are forcibly + halted with a kill signal. Set this value longer + than the expected cleanup time for your process. + If this value is nil, the pod's terminationGracePeriodSeconds + will be used. Otherwise, this value overrides + the value provided by the pod spec. Value must + be non-negative integer. The value zero indicates + stop immediately via the kill signal (no opportunity + to shut down). This is a beta field and requires + enabling ProbeTerminationGracePeriod feature gate. + Minimum value is 1. spec.terminationGracePeriodSeconds + is used if unset. + format: int64 + type: integer + timeoutSeconds: + description: 'Number of seconds after which the + probe times out. Defaults to 1 second. Minimum + value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + type: object + resources: + description: 'Compute Resources required by this container. + Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + properties: + claims: + description: "Claims lists the names of resources, + defined in spec.resourceClaims, that are used + by this container. \n This is an alpha field and + requires enabling the DynamicResourceAllocation + feature gate. \n This field is immutable. It can + only be set for containers." + items: + description: ResourceClaim references one entry + in PodSpec.ResourceClaims. + properties: + name: + description: Name must match the name of one + entry in pod.spec.resourceClaims of the + Pod where this field is used. It makes that + resource available inside a container. + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum amount + of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum amount + of compute resources required. If Requests is + omitted for a container, it defaults to Limits + if that is explicitly specified, otherwise to + an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + type: object + securityContext: + description: 'SecurityContext defines the security options + the container should be run with. If set, the fields + of SecurityContext override the equivalent fields + of PodSecurityContext. More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/' + properties: + allowPrivilegeEscalation: + description: 'AllowPrivilegeEscalation controls + whether a process can gain more privileges than + its parent process. This bool directly controls + if the no_new_privs flag will be set on the container + process. AllowPrivilegeEscalation is true always + when the container is: 1) run as Privileged 2) + has CAP_SYS_ADMIN Note that this field cannot + be set when spec.os.name is windows.' + type: boolean + capabilities: + description: The capabilities to add/drop when running + containers. Defaults to the default set of capabilities + granted by the container runtime. Note that this + field cannot be set when spec.os.name is windows. + properties: + add: + description: Added capabilities + items: + description: Capability represent POSIX capabilities + type + type: string + type: array + drop: + description: Removed capabilities + items: + description: Capability represent POSIX capabilities + type + type: string + type: array + type: object + privileged: + description: Run container in privileged mode. Processes + in privileged containers are essentially equivalent + to root on the host. Defaults to false. Note that + this field cannot be set when spec.os.name is + windows. + type: boolean + procMount: + description: procMount denotes the type of proc + mount to use for the containers. The default is + DefaultProcMount which uses the container runtime + defaults for readonly paths and masked paths. + This requires the ProcMountType feature flag to + be enabled. Note that this field cannot be set + when spec.os.name is windows. + type: string + readOnlyRootFilesystem: + description: Whether this container has a read-only + root filesystem. Default is false. Note that this + field cannot be set when spec.os.name is windows. + type: boolean + runAsGroup: + description: The GID to run the entrypoint of the + container process. Uses runtime default if unset. + May also be set in PodSecurityContext. If set + in both SecurityContext and PodSecurityContext, + the value specified in SecurityContext takes precedence. + Note that this field cannot be set when spec.os.name + is windows. + format: int64 + type: integer + runAsNonRoot: + description: Indicates that the container must run + as a non-root user. If true, the Kubelet will + validate the image at runtime to ensure that it + does not run as UID 0 (root) and fail to start + the container if it does. If unset or false, no + such validation will be performed. May also be + set in PodSecurityContext. If set in both SecurityContext + and PodSecurityContext, the value specified in + SecurityContext takes precedence. + type: boolean + runAsUser: + description: The UID to run the entrypoint of the + container process. Defaults to user specified + in image metadata if unspecified. May also be + set in PodSecurityContext. If set in both SecurityContext + and PodSecurityContext, the value specified in + SecurityContext takes precedence. Note that this + field cannot be set when spec.os.name is windows. + format: int64 + type: integer + seLinuxOptions: + description: The SELinux context to be applied to + the container. If unspecified, the container runtime + will allocate a random SELinux context for each + container. May also be set in PodSecurityContext. If + set in both SecurityContext and PodSecurityContext, + the value specified in SecurityContext takes precedence. + Note that this field cannot be set when spec.os.name + is windows. + properties: + level: + description: Level is SELinux level label that + applies to the container. + type: string + role: + description: Role is a SELinux role label that + applies to the container. + type: string + type: + description: Type is a SELinux type label that + applies to the container. + type: string + user: + description: User is a SELinux user label that + applies to the container. + type: string + type: object + seccompProfile: + description: The seccomp options to use by this + container. If seccomp options are provided at + both the pod & container level, the container + options override the pod options. Note that this + field cannot be set when spec.os.name is windows. + properties: + localhostProfile: + description: localhostProfile indicates a profile + defined in a file on the node should be used. + The profile must be preconfigured on the node + to work. Must be a descending path, relative + to the kubelet's configured seccomp profile + location. Must only be set if type is "Localhost". + type: string + type: + description: "type indicates which kind of seccomp + profile will be applied. Valid options are: + \n Localhost - a profile defined in a file + on the node should be used. RuntimeDefault + - the container runtime default profile should + be used. Unconfined - no profile should be + applied." + type: string + required: + - type + type: object + windowsOptions: + description: The Windows specific settings applied + to all containers. If unspecified, the options + from the PodSecurityContext will be used. If set + in both SecurityContext and PodSecurityContext, + the value specified in SecurityContext takes precedence. + Note that this field cannot be set when spec.os.name + is linux. + properties: + gmsaCredentialSpec: + description: GMSACredentialSpec is where the + GMSA admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) + inlines the contents of the GMSA credential + spec named by the GMSACredentialSpecName field. + type: string + gmsaCredentialSpecName: + description: GMSACredentialSpecName is the name + of the GMSA credential spec to use. + type: string + hostProcess: + description: HostProcess determines if a container + should be run as a 'Host Process' container. + This field is alpha-level and will only be + honored by components that enable the WindowsHostProcessContainers + feature flag. Setting this field without the + feature flag will result in errors when validating + the Pod. All of a Pod's containers must have + the same effective HostProcess value (it is + not allowed to have a mix of HostProcess containers + and non-HostProcess containers). In addition, + if HostProcess is true then HostNetwork must + also be set to true. + type: boolean + runAsUserName: + description: The UserName in Windows to run + the entrypoint of the container process. Defaults + to the user specified in image metadata if + unspecified. May also be set in PodSecurityContext. + If set in both SecurityContext and PodSecurityContext, + the value specified in SecurityContext takes + precedence. + type: string + type: object + type: object + startupProbe: + description: 'StartupProbe indicates that the Pod has + successfully initialized. If specified, no other probes + are executed until this completes successfully. If + this probe fails, the Pod will be restarted, just + as if the livenessProbe failed. This can be used to + provide different probe parameters at the beginning + of a Pod''s lifecycle, when it might take a long time + to load data or warm a cache, than during steady-state + operation. This cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + properties: + exec: + description: Exec specifies the action to take. + properties: + command: + description: Command is the command line to + execute inside the container, the working + directory for the command is root ('/') in + the container's filesystem. The command is + simply exec'd, it is not run inside a shell, + so traditional shell instructions ('|', etc) + won't work. To use a shell, you need to explicitly + call out to that shell. Exit status of 0 is + treated as live/healthy and non-zero is unhealthy. + items: + type: string + type: array + type: object + failureThreshold: + description: Minimum consecutive failures for the + probe to be considered failed after having succeeded. + Defaults to 3. Minimum value is 1. + format: int32 + type: integer + grpc: + description: GRPC specifies an action involving + a GRPC port. This is a beta field and requires + enabling GRPCContainerProbe feature gate. + properties: + port: + description: Port number of the gRPC service. + Number must be in the range 1 to 65535. + format: int32 + type: integer + service: + description: "Service is the name of the service + to place in the gRPC HealthCheckRequest (see + https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + \n If this is not specified, the default behavior + is defined by gRPC." + type: string + required: + - port + type: object + httpGet: + description: HTTPGet specifies the http request + to perform. + properties: + host: + description: Host name to connect to, defaults + to the pod IP. You probably want to set "Host" + in httpHeaders instead. + type: string + httpHeaders: + description: Custom headers to set in the request. + HTTP allows repeated headers. + items: + description: HTTPHeader describes a custom + header to be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: integer + - type: string + description: Name or number of the port to access + on the container. Number must be in the range + 1 to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: Scheme to use for connecting to + the host. Defaults to HTTP. + type: string + required: + - port + type: object + initialDelaySeconds: + description: 'Number of seconds after the container + has started before liveness probes are initiated. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + periodSeconds: + description: How often (in seconds) to perform the + probe. Default to 10 seconds. Minimum value is + 1. + format: int32 + type: integer + successThreshold: + description: Minimum consecutive successes for the + probe to be considered successful after having + failed. Defaults to 1. Must be 1 for liveness + and startup. Minimum value is 1. + format: int32 + type: integer + tcpSocket: + description: TCPSocket specifies an action involving + a TCP port. + properties: + host: + description: 'Optional: Host name to connect + to, defaults to the pod IP.' + type: string + port: + anyOf: + - type: integer + - type: string + description: Number or name of the port to access + on the container. Number must be in the range + 1 to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + terminationGracePeriodSeconds: + description: Optional duration in seconds the pod + needs to terminate gracefully upon probe failure. + The grace period is the duration in seconds after + the processes running in the pod are sent a termination + signal and the time when the processes are forcibly + halted with a kill signal. Set this value longer + than the expected cleanup time for your process. + If this value is nil, the pod's terminationGracePeriodSeconds + will be used. Otherwise, this value overrides + the value provided by the pod spec. Value must + be non-negative integer. The value zero indicates + stop immediately via the kill signal (no opportunity + to shut down). This is a beta field and requires + enabling ProbeTerminationGracePeriod feature gate. + Minimum value is 1. spec.terminationGracePeriodSeconds + is used if unset. + format: int64 + type: integer + timeoutSeconds: + description: 'Number of seconds after which the + probe times out. Defaults to 1 second. Minimum + value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + type: object + stdin: + description: Whether this container should allocate + a buffer for stdin in the container runtime. If this + is not set, reads from stdin in the container will + always result in EOF. Default is false. + type: boolean + stdinOnce: + description: Whether the container runtime should close + the stdin channel after it has been opened by a single + attach. When stdin is true the stdin stream will remain + open across multiple attach sessions. If stdinOnce + is set to true, stdin is opened on container start, + is empty until the first client attaches to stdin, + and then remains open and accepts data until the client + disconnects, at which time stdin is closed and remains + closed until the container is restarted. If this flag + is false, a container processes that reads from stdin + will never receive an EOF. Default is false + type: boolean + terminationMessagePath: + description: 'Optional: Path at which the file to which + the container''s termination message will be written + is mounted into the container''s filesystem. Message + written is intended to be brief final status, such + as an assertion failure message. Will be truncated + by the node if greater than 4096 bytes. The total + message length across all containers will be limited + to 12kb. Defaults to /dev/termination-log. Cannot + be updated.' + type: string + terminationMessagePolicy: + description: Indicate how the termination message should + be populated. File will use the contents of terminationMessagePath + to populate the container status message on both success + and failure. FallbackToLogsOnError will use the last + chunk of container log output if the termination message + file is empty and the container exited with an error. + The log output is limited to 2048 bytes or 80 lines, + whichever is smaller. Defaults to File. Cannot be + updated. + type: string + tty: + description: Whether this container should allocate + a TTY for itself, also requires 'stdin' to be true. + Default is false. + type: boolean + volumeDevices: + description: volumeDevices is the list of block devices + to be used by the container. + items: + description: volumeDevice describes a mapping of a + raw block device within a container. + properties: + devicePath: + description: devicePath is the path inside of + the container that the device will be mapped + to. + type: string + name: + description: name must match the name of a persistentVolumeClaim + in the pod + type: string + required: + - devicePath + - name + type: object + type: array + volumeMounts: + description: Pod volumes to mount into the container's + filesystem. Cannot be updated. + items: + description: VolumeMount describes a mounting of a + Volume within a container. + properties: + mountPath: + description: Path within the container at which + the volume should be mounted. Must not contain + ':'. + type: string + mountPropagation: + description: mountPropagation determines how mounts + are propagated from the host to container and + the other way around. When not set, MountPropagationNone + is used. This field is beta in 1.10. + type: string + name: + description: This must match the Name of a Volume. + type: string + readOnly: + description: Mounted read-only if true, read-write + otherwise (false or unspecified). Defaults to + false. + type: boolean + subPath: + description: Path within the volume from which + the container's volume should be mounted. Defaults + to "" (volume's root). + type: string + subPathExpr: + description: Expanded path within the volume from + which the container's volume should be mounted. + Behaves similarly to SubPath but environment + variable references $(VAR_NAME) are expanded + using the container's environment. Defaults + to "" (volume's root). SubPathExpr and SubPath + are mutually exclusive. + type: string + required: + - mountPath + - name + type: object + type: array + workingDir: + description: Container's working directory. If not specified, + the container runtime's default will be used, which + might be configured in the container image. Cannot + be updated. + type: string + required: + - name + type: object + type: array + nodeName: + description: NodeName is a request to schedule this pod onto + a specific node. If it is non-empty, the scheduler simply + schedules this pod onto that node, assuming that it fits + resource requirements. + type: string + nodeSelector: + additionalProperties: + type: string + description: 'NodeSelector is a selector which must be true + for the pod to fit on a node. Selector which must match + a node''s labels for the pod to be scheduled on that node. + More info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/' + type: object + x-kubernetes-map-type: atomic + os: + description: "Specifies the OS of the containers in the pod. + Some pod and container fields are restricted if this is + set. \n If the OS field is set to linux, the following fields + must be unset: -securityContext.windowsOptions \n If the + OS field is set to windows, following fields must be unset: + - spec.hostPID - spec.hostIPC - spec.hostUsers - spec.securityContext.seLinuxOptions + - spec.securityContext.seccompProfile - spec.securityContext.fsGroup + - spec.securityContext.fsGroupChangePolicy - spec.securityContext.sysctls + - spec.shareProcessNamespace - spec.securityContext.runAsUser + - spec.securityContext.runAsGroup - spec.securityContext.supplementalGroups + - spec.containers[*].securityContext.seLinuxOptions - spec.containers[*].securityContext.seccompProfile + - spec.containers[*].securityContext.capabilities - spec.containers[*].securityContext.readOnlyRootFilesystem + - spec.containers[*].securityContext.privileged - spec.containers[*].securityContext.allowPrivilegeEscalation + - spec.containers[*].securityContext.procMount - spec.containers[*].securityContext.runAsUser + - spec.containers[*].securityContext.runAsGroup" + properties: + name: + description: 'Name is the name of the operating system. + The currently supported values are linux and windows. + Additional value may be defined in future and can be + one of: https://github.com/opencontainers/runtime-spec/blob/master/config.md#platform-specific-configuration + Clients should expect to handle additional values and + treat unrecognized values in this field as os: null' + type: string + required: + - name + type: object + overhead: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Overhead represents the resource overhead associated + with running a pod for a given RuntimeClass. This field + will be autopopulated at admission time by the RuntimeClass + admission controller. If the RuntimeClass admission controller + is enabled, overhead must not be set in Pod create requests. + The RuntimeClass admission controller will reject Pod create + requests which have the overhead already set. If RuntimeClass + is configured and selected in the PodSpec, Overhead will + be set to the value defined in the corresponding RuntimeClass, + otherwise it will remain unset and treated as zero. More + info: https://git.k8s.io/enhancements/keps/sig-node/688-pod-overhead/README.md' + type: object + preemptionPolicy: + description: PreemptionPolicy is the Policy for preempting + pods with lower priority. One of Never, PreemptLowerPriority. + Defaults to PreemptLowerPriority if unset. + type: string + priority: + description: The priority value. Various system components + use this field to find the priority of the pod. When Priority + Admission Controller is enabled, it prevents users from + setting this field. The admission controller populates this + field from PriorityClassName. The higher the value, the + higher the priority. + format: int32 + type: integer + priorityClassName: + description: If specified, indicates the pod's priority. "system-node-critical" + and "system-cluster-critical" are two special keywords which + indicate the highest priorities with the former being the + highest priority. Any other name must be defined by creating + a PriorityClass object with that name. If not specified, + the pod priority will be default or zero if there is no + default. + type: string + readinessGates: + description: 'If specified, all readiness gates will be evaluated + for pod readiness. A pod is ready when all its containers + are ready AND all conditions specified in the readiness + gates have status equal to "True" More info: https://git.k8s.io/enhancements/keps/sig-network/580-pod-readiness-gates' + items: + description: PodReadinessGate contains the reference to + a pod condition + properties: + conditionType: + description: ConditionType refers to a condition in + the pod's condition list with matching type. + type: string + required: + - conditionType + type: object + type: array + resourceClaims: + description: "ResourceClaims defines which ResourceClaims + must be allocated and reserved before the Pod is allowed + to start. The resources will be made available to those + containers which consume them by name. \n This is an alpha + field and requires enabling the DynamicResourceAllocation + feature gate. \n This field is immutable." + items: + description: PodResourceClaim references exactly one ResourceClaim + through a ClaimSource. It adds a name to it that uniquely + identifies the ResourceClaim inside the Pod. Containers + that need access to the ResourceClaim reference it with + this name. + properties: + name: + description: Name uniquely identifies this resource + claim inside the pod. This must be a DNS_LABEL. + type: string + source: + description: Source describes where to find the ResourceClaim. + properties: + resourceClaimName: + description: ResourceClaimName is the name of a + ResourceClaim object in the same namespace as + this pod. + type: string + resourceClaimTemplateName: + description: "ResourceClaimTemplateName is the name + of a ResourceClaimTemplate object in the same + namespace as this pod. \n The template will be + used to create a new ResourceClaim, which will + be bound to this pod. When this pod is deleted, + the ResourceClaim will also be deleted. The name + of the ResourceClaim will be -, where is the PodResourceClaim.Name. + Pod validation will reject the pod if the concatenated + name is not valid for a ResourceClaim (e.g. too + long). \n An existing ResourceClaim with that + name that is not owned by the pod will not be + used for the pod to avoid using an unrelated resource + by mistake. Scheduling and pod startup are then + blocked until the unrelated ResourceClaim is removed. + \n This field is immutable and no changes will + be made to the corresponding ResourceClaim by + the control plane after creating the ResourceClaim." + type: string + type: object + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + restartPolicy: + description: 'Restart policy for all containers within the + pod. One of Always, OnFailure, Never. Default to Always. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#restart-policy' + type: string + runtimeClassName: + description: 'RuntimeClassName refers to a RuntimeClass object + in the node.k8s.io group, which should be used to run this + pod. If no RuntimeClass resource matches the named class, + the pod will not be run. If unset or empty, the "legacy" + RuntimeClass will be used, which is an implicit class with + an empty definition that uses the default runtime handler. + More info: https://git.k8s.io/enhancements/keps/sig-node/585-runtime-class' + type: string + schedulerName: + description: If specified, the pod will be dispatched by specified + scheduler. If not specified, the pod will be dispatched + by default scheduler. + type: string + schedulingGates: + description: "SchedulingGates is an opaque list of values + that if specified will block scheduling the pod. More info: + \ https://git.k8s.io/enhancements/keps/sig-scheduling/3521-pod-scheduling-readiness. + \n This is an alpha-level feature enabled by PodSchedulingReadiness + feature gate." + items: + description: PodSchedulingGate is associated to a Pod to + guard its scheduling. + properties: + name: + description: Name of the scheduling gate. Each scheduling + gate must have a unique name field. + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + securityContext: + description: 'SecurityContext holds pod-level security attributes + and common container settings. Optional: Defaults to empty. See + type description for default values of each field.' + properties: + fsGroup: + description: "A special supplemental group that applies + to all containers in a pod. Some volume types allow + the Kubelet to change the ownership of that volume to + be owned by the pod: \n 1. The owning GID will be the + FSGroup 2. The setgid bit is set (new files created + in the volume will be owned by FSGroup) 3. The permission + bits are OR'd with rw-rw---- \n If unset, the Kubelet + will not modify the ownership and permissions of any + volume. Note that this field cannot be set when spec.os.name + is windows." + format: int64 + type: integer + fsGroupChangePolicy: + description: 'fsGroupChangePolicy defines behavior of + changing ownership and permission of the volume before + being exposed inside Pod. This field will only apply + to volume types which support fsGroup based ownership(and + permissions). It will have no effect on ephemeral volume + types such as: secret, configmaps and emptydir. Valid + values are "OnRootMismatch" and "Always". If not specified, + "Always" is used. Note that this field cannot be set + when spec.os.name is windows.' + type: string + runAsGroup: + description: The GID to run the entrypoint of the container + process. Uses runtime default if unset. May also be + set in SecurityContext. If set in both SecurityContext + and PodSecurityContext, the value specified in SecurityContext + takes precedence for that container. Note that this + field cannot be set when spec.os.name is windows. + format: int64 + type: integer + runAsNonRoot: + description: Indicates that the container must run as + a non-root user. If true, the Kubelet will validate + the image at runtime to ensure that it does not run + as UID 0 (root) and fail to start the container if it + does. If unset or false, no such validation will be + performed. May also be set in SecurityContext. If set + in both SecurityContext and PodSecurityContext, the + value specified in SecurityContext takes precedence. + type: boolean + runAsUser: + description: The UID to run the entrypoint of the container + process. Defaults to user specified in image metadata + if unspecified. May also be set in SecurityContext. If + set in both SecurityContext and PodSecurityContext, + the value specified in SecurityContext takes precedence + for that container. Note that this field cannot be set + when spec.os.name is windows. + format: int64 + type: integer + seLinuxOptions: + description: The SELinux context to be applied to all + containers. If unspecified, the container runtime will + allocate a random SELinux context for each container. May + also be set in SecurityContext. If set in both SecurityContext + and PodSecurityContext, the value specified in SecurityContext + takes precedence for that container. Note that this + field cannot be set when spec.os.name is windows. + properties: + level: + description: Level is SELinux level label that applies + to the container. + type: string + role: + description: Role is a SELinux role label that applies + to the container. + type: string + type: + description: Type is a SELinux type label that applies + to the container. + type: string + user: + description: User is a SELinux user label that applies + to the container. + type: string + type: object + seccompProfile: + description: The seccomp options to use by the containers + in this pod. Note that this field cannot be set when + spec.os.name is windows. + properties: + localhostProfile: + description: localhostProfile indicates a profile + defined in a file on the node should be used. The + profile must be preconfigured on the node to work. + Must be a descending path, relative to the kubelet's + configured seccomp profile location. Must only be + set if type is "Localhost". + type: string + type: + description: "type indicates which kind of seccomp + profile will be applied. Valid options are: \n Localhost + - a profile defined in a file on the node should + be used. RuntimeDefault - the container runtime + default profile should be used. Unconfined - no + profile should be applied." + type: string + required: + - type + type: object + supplementalGroups: + description: A list of groups applied to the first process + run in each container, in addition to the container's + primary GID, the fsGroup (if specified), and group memberships + defined in the container image for the uid of the container + process. If unspecified, no additional groups are added + to any container. Note that group memberships defined + in the container image for the uid of the container + process are still effective, even if they are not included + in this list. Note that this field cannot be set when + spec.os.name is windows. + items: + format: int64 + type: integer + type: array + sysctls: + description: Sysctls hold a list of namespaced sysctls + used for the pod. Pods with unsupported sysctls (by + the container runtime) might fail to launch. Note that + this field cannot be set when spec.os.name is windows. + items: + description: Sysctl defines a kernel parameter to be + set + properties: + name: + description: Name of a property to set + type: string + value: + description: Value of a property to set + type: string + required: + - name + - value + type: object + type: array + windowsOptions: + description: The Windows specific settings applied to + all containers. If unspecified, the options within a + container's SecurityContext will be used. If set in + both SecurityContext and PodSecurityContext, the value + specified in SecurityContext takes precedence. Note + that this field cannot be set when spec.os.name is linux. + properties: + gmsaCredentialSpec: + description: GMSACredentialSpec is where the GMSA + admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) + inlines the contents of the GMSA credential spec + named by the GMSACredentialSpecName field. + type: string + gmsaCredentialSpecName: + description: GMSACredentialSpecName is the name of + the GMSA credential spec to use. + type: string + hostProcess: + description: HostProcess determines if a container + should be run as a 'Host Process' container. This + field is alpha-level and will only be honored by + components that enable the WindowsHostProcessContainers + feature flag. Setting this field without the feature + flag will result in errors when validating the Pod. + All of a Pod's containers must have the same effective + HostProcess value (it is not allowed to have a mix + of HostProcess containers and non-HostProcess containers). In + addition, if HostProcess is true then HostNetwork + must also be set to true. + type: boolean + runAsUserName: + description: The UserName in Windows to run the entrypoint + of the container process. Defaults to the user specified + in image metadata if unspecified. May also be set + in PodSecurityContext. If set in both SecurityContext + and PodSecurityContext, the value specified in SecurityContext + takes precedence. + type: string + type: object + type: object + serviceAccount: + description: 'DeprecatedServiceAccount is a depreciated alias + for ServiceAccountName. Deprecated: Use serviceAccountName + instead.' + type: string + serviceAccountName: + description: 'ServiceAccountName is the name of the ServiceAccount + to use to run this pod. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/' + type: string + setHostnameAsFQDN: + description: If true the pod's hostname will be configured + as the pod's FQDN, rather than the leaf name (the default). + In Linux containers, this means setting the FQDN in the + hostname field of the kernel (the nodename field of struct + utsname). In Windows containers, this means setting the + registry value of hostname for the registry key HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Services\\Tcpip\\Parameters + to FQDN. If a pod does not have FQDN, this has no effect. + Default to false. + type: boolean + shareProcessNamespace: + description: 'Share a single process namespace between all + of the containers in a pod. When this is set containers + will be able to view and signal processes from other containers + in the same pod, and the first process in each container + will not be assigned PID 1. HostPID and ShareProcessNamespace + cannot both be set. Optional: Default to false.' + type: boolean + subdomain: + description: If specified, the fully qualified Pod hostname + will be "...svc.". If not specified, the pod will not have a domainname + at all. + type: string + terminationGracePeriodSeconds: + description: Optional duration in seconds the pod needs to + terminate gracefully. May be decreased in delete request. + Value must be non-negative integer. The value zero indicates + stop immediately via the kill signal (no opportunity to + shut down). If this value is nil, the default grace period + will be used instead. The grace period is the duration in + seconds after the processes running in the pod are sent + a termination signal and the time when the processes are + forcibly halted with a kill signal. Set this value longer + than the expected cleanup time for your process. Defaults + to 30 seconds. + format: int64 + type: integer + tolerations: + description: If specified, the pod's tolerations. + items: + description: The pod this Toleration is attached to tolerates + any taint that matches the triple using + the matching operator . + properties: + effect: + description: Effect indicates the taint effect to match. + Empty means match all taint effects. When specified, + allowed values are NoSchedule, PreferNoSchedule and + NoExecute. + type: string + key: + description: Key is the taint key that the toleration + applies to. Empty means match all taint keys. If the + key is empty, operator must be Exists; this combination + means to match all values and all keys. + type: string + operator: + description: Operator represents a key's relationship + to the value. Valid operators are Exists and Equal. + Defaults to Equal. Exists is equivalent to wildcard + for value, so that a pod can tolerate all taints of + a particular category. + type: string + tolerationSeconds: + description: TolerationSeconds represents the period + of time the toleration (which must be of effect NoExecute, + otherwise this field is ignored) tolerates the taint. + By default, it is not set, which means tolerate the + taint forever (do not evict). Zero and negative values + will be treated as 0 (evict immediately) by the system. + format: int64 + type: integer + value: + description: Value is the taint value the toleration + matches to. If the operator is Exists, the value should + be empty, otherwise just a regular string. + type: string + type: object + type: array + topologySpreadConstraints: + description: TopologySpreadConstraints describes how a group + of pods ought to spread across topology domains. Scheduler + will schedule pods in a way which abides by the constraints. + All topologySpreadConstraints are ANDed. + items: + description: TopologySpreadConstraint specifies how to spread + matching pods among the given topology. + properties: + labelSelector: + description: LabelSelector is used to find matching + pods. Pods that match this label selector are counted + to determine the number of pods in their corresponding + topology domain. + properties: + matchExpressions: + description: matchExpressions is a list of label + selector requirements. The requirements are ANDed. + items: + description: A label selector requirement is a + selector that contains values, a key, and an + operator that relates the key and values. + properties: + key: + description: key is the label key that the + selector applies to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are + In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. If the + operator is Exists or DoesNotExist, the + values array must be empty. This array is + replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is "In", + and the values array contains only "value". The + requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + matchLabelKeys: + description: MatchLabelKeys is a set of pod label keys + to select the pods over which spreading will be calculated. + The keys are used to lookup values from the incoming + pod labels, those key-value labels are ANDed with + labelSelector to select the group of existing pods + over which spreading will be calculated for the incoming + pod. Keys that don't exist in the incoming pod labels + will be ignored. A null or empty list means only match + against labelSelector. + items: + type: string + type: array + x-kubernetes-list-type: atomic + maxSkew: + description: 'MaxSkew describes the degree to which + pods may be unevenly distributed. When `whenUnsatisfiable=DoNotSchedule`, + it is the maximum permitted difference between the + number of matching pods in the target topology and + the global minimum. The global minimum is the minimum + number of matching pods in an eligible domain or zero + if the number of eligible domains is less than MinDomains. + For example, in a 3-zone cluster, MaxSkew is set to + 1, and pods with the same labelSelector spread as + 2/2/1: In this case, the global minimum is 1. | zone1 + | zone2 | zone3 | | P P | P P | P | - if MaxSkew + is 1, incoming pod can only be scheduled to zone3 + to become 2/2/2; scheduling it onto zone1(zone2) would + make the ActualSkew(3-1) on zone1(zone2) violate MaxSkew(1). + - if MaxSkew is 2, incoming pod can be scheduled onto + any zone. When `whenUnsatisfiable=ScheduleAnyway`, + it is used to give higher precedence to topologies + that satisfy it. It''s a required field. Default value + is 1 and 0 is not allowed.' + format: int32 + type: integer + minDomains: + description: "MinDomains indicates a minimum number + of eligible domains. When the number of eligible domains + with matching topology keys is less than minDomains, + Pod Topology Spread treats \"global minimum\" as 0, + and then the calculation of Skew is performed. And + when the number of eligible domains with matching + topology keys equals or greater than minDomains, this + value has no effect on scheduling. As a result, when + the number of eligible domains is less than minDomains, + scheduler won't schedule more than maxSkew Pods to + those domains. If value is nil, the constraint behaves + as if MinDomains is equal to 1. Valid values are integers + greater than 0. When value is not nil, WhenUnsatisfiable + must be DoNotSchedule. \n For example, in a 3-zone + cluster, MaxSkew is set to 2, MinDomains is set to + 5 and pods with the same labelSelector spread as 2/2/2: + | zone1 | zone2 | zone3 | | P P | P P | P P | + The number of domains is less than 5(MinDomains), + so \"global minimum\" is treated as 0. In this situation, + new pod with the same labelSelector cannot be scheduled, + because computed skew will be 3(3 - 0) if new Pod + is scheduled to any of the three zones, it will violate + MaxSkew. \n This is a beta field and requires the + MinDomainsInPodTopologySpread feature gate to be enabled + (enabled by default)." + format: int32 + type: integer + nodeAffinityPolicy: + description: "NodeAffinityPolicy indicates how we will + treat Pod's nodeAffinity/nodeSelector when calculating + pod topology spread skew. Options are: - Honor: only + nodes matching nodeAffinity/nodeSelector are included + in the calculations. - Ignore: nodeAffinity/nodeSelector + are ignored. All nodes are included in the calculations. + \n If this value is nil, the behavior is equivalent + to the Honor policy. This is a beta-level feature + default enabled by the NodeInclusionPolicyInPodTopologySpread + feature flag." + type: string + nodeTaintsPolicy: + description: "NodeTaintsPolicy indicates how we will + treat node taints when calculating pod topology spread + skew. Options are: - Honor: nodes without taints, + along with tainted nodes for which the incoming pod + has a toleration, are included. - Ignore: node taints + are ignored. All nodes are included. \n If this value + is nil, the behavior is equivalent to the Ignore policy. + This is a beta-level feature default enabled by the + NodeInclusionPolicyInPodTopologySpread feature flag." + type: string + topologyKey: + description: TopologyKey is the key of node labels. + Nodes that have a label with this key and identical + values are considered to be in the same topology. + We consider each as a "bucket", and try + to put balanced number of pods into each bucket. We + define a domain as a particular instance of a topology. + Also, we define an eligible domain as a domain whose + nodes meet the requirements of nodeAffinityPolicy + and nodeTaintsPolicy. e.g. If TopologyKey is "kubernetes.io/hostname", + each Node is a domain of that topology. And, if TopologyKey + is "topology.kubernetes.io/zone", each zone is a domain + of that topology. It's a required field. + type: string + whenUnsatisfiable: + description: 'WhenUnsatisfiable indicates how to deal + with a pod if it doesn''t satisfy the spread constraint. + - DoNotSchedule (default) tells the scheduler not + to schedule it. - ScheduleAnyway tells the scheduler + to schedule the pod in any location, but giving higher + precedence to topologies that would help reduce the + skew. A constraint is considered "Unsatisfiable" for + an incoming pod if and only if every possible node + assignment for that pod would violate "MaxSkew" on + some topology. For example, in a 3-zone cluster, MaxSkew + is set to 1, and pods with the same labelSelector + spread as 3/1/1: | zone1 | zone2 | zone3 | | P P P + | P | P | If WhenUnsatisfiable is set to DoNotSchedule, + incoming pod can only be scheduled to zone2(zone3) + to become 3/2/1(3/1/2) as ActualSkew(2-1) on zone2(zone3) + satisfies MaxSkew(1). In other words, the cluster + can still be imbalanced, but scheduler won''t make + it *more* imbalanced. It''s a required field.' + type: string + required: + - maxSkew + - topologyKey + - whenUnsatisfiable + type: object + type: array + volumes: + description: 'List of volumes that can be mounted by containers + belonging to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes' + items: + description: Volume represents a named volume in a pod that + may be accessed by any container in the pod. + properties: + awsElasticBlockStore: + description: 'awsElasticBlockStore represents an AWS + Disk resource that is attached to a kubelet''s host + machine and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' + properties: + fsType: + description: 'fsType is the filesystem type of the + volume that you want to mount. Tip: Ensure that + the filesystem type is supported by the host operating + system. Examples: "ext4", "xfs", "ntfs". Implicitly + inferred to be "ext4" if unspecified. More info: + https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore + TODO: how do we prevent errors in the filesystem + from compromising the machine' + type: string + partition: + description: 'partition is the partition in the + volume that you want to mount. If omitted, the + default is to mount by volume name. Examples: + For volume /dev/sda1, you specify the partition + as "1". Similarly, the volume partition for /dev/sda + is "0" (or you can leave the property empty).' + format: int32 + type: integer + readOnly: + description: 'readOnly value true will force the + readOnly setting in VolumeMounts. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' + type: boolean + volumeID: + description: 'volumeID is unique ID of the persistent + disk resource in AWS (Amazon EBS volume). More + info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' + type: string + required: + - volumeID + type: object + azureDisk: + description: azureDisk represents an Azure Data Disk + mount on the host and bind mount to the pod. + properties: + cachingMode: + description: 'cachingMode is the Host Caching mode: + None, Read Only, Read Write.' + type: string + diskName: + description: diskName is the Name of the data disk + in the blob storage + type: string + diskURI: + description: diskURI is the URI of data disk in + the blob storage + type: string + fsType: + description: fsType is Filesystem type to mount. + Must be a filesystem type supported by the host + operating system. Ex. "ext4", "xfs", "ntfs". Implicitly + inferred to be "ext4" if unspecified. + type: string + kind: + description: 'kind expected values are Shared: multiple + blob disks per storage account Dedicated: single + blob disk per storage account Managed: azure + managed data disk (only in managed availability + set). defaults to shared' + type: string + readOnly: + description: readOnly Defaults to false (read/write). + ReadOnly here will force the ReadOnly setting + in VolumeMounts. + type: boolean + required: + - diskName + - diskURI + type: object + azureFile: + description: azureFile represents an Azure File Service + mount on the host and bind mount to the pod. + properties: + readOnly: + description: readOnly defaults to false (read/write). + ReadOnly here will force the ReadOnly setting + in VolumeMounts. + type: boolean + secretName: + description: secretName is the name of secret that + contains Azure Storage Account Name and Key + type: string + shareName: + description: shareName is the azure share Name + type: string + required: + - secretName + - shareName + type: object + cephfs: + description: cephFS represents a Ceph FS mount on the + host that shares a pod's lifetime + properties: + monitors: + description: 'monitors is Required: Monitors is + a collection of Ceph monitors More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' + items: + type: string + type: array + path: + description: 'path is Optional: Used as the mounted + root, rather than the full Ceph tree, default + is /' + type: string + readOnly: + description: 'readOnly is Optional: Defaults to + false (read/write). ReadOnly here will force the + ReadOnly setting in VolumeMounts. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' + type: boolean + secretFile: + description: 'secretFile is Optional: SecretFile + is the path to key ring for User, default is /etc/ceph/user.secret + More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' + type: string + secretRef: + description: 'secretRef is Optional: SecretRef is + reference to the authentication secret for User, + default is empty. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' + properties: + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + type: object + x-kubernetes-map-type: atomic + user: + description: 'user is optional: User is the rados + user name, default is admin More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' + type: string + required: + - monitors + type: object + cinder: + description: 'cinder represents a cinder volume attached + and mounted on kubelets host machine. More info: https://examples.k8s.io/mysql-cinder-pd/README.md' + properties: + fsType: + description: 'fsType is the filesystem type to mount. + Must be a filesystem type supported by the host + operating system. Examples: "ext4", "xfs", "ntfs". + Implicitly inferred to be "ext4" if unspecified. + More info: https://examples.k8s.io/mysql-cinder-pd/README.md' + type: string + readOnly: + description: 'readOnly defaults to false (read/write). + ReadOnly here will force the ReadOnly setting + in VolumeMounts. More info: https://examples.k8s.io/mysql-cinder-pd/README.md' + type: boolean + secretRef: + description: 'secretRef is optional: points to a + secret object containing parameters used to connect + to OpenStack.' + properties: + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + type: object + x-kubernetes-map-type: atomic + volumeID: + description: 'volumeID used to identify the volume + in cinder. More info: https://examples.k8s.io/mysql-cinder-pd/README.md' + type: string + required: + - volumeID + type: object + configMap: + description: configMap represents a configMap that should + populate this volume + properties: + defaultMode: + description: 'defaultMode is optional: mode bits + used to set permissions on created files by default. + Must be an octal value between 0000 and 0777 or + a decimal value between 0 and 511. YAML accepts + both octal and decimal values, JSON requires decimal + values for mode bits. Defaults to 0644. Directories + within the path are not affected by this setting. + This might be in conflict with other options that + affect the file mode, like fsGroup, and the result + can be other mode bits set.' + format: int32 + type: integer + items: + description: items if unspecified, each key-value + pair in the Data field of the referenced ConfigMap + will be projected into the volume as a file whose + name is the key and content is the value. If specified, + the listed keys will be projected into the specified + paths, and unlisted keys will not be present. + If a key is specified which is not present in + the ConfigMap, the volume setup will error unless + it is marked optional. Paths must be relative + and may not contain the '..' path or start with + '..'. + items: + description: Maps a string key to a path within + a volume. + properties: + key: + description: key is the key to project. + type: string + mode: + description: 'mode is Optional: mode bits + used to set permissions on this file. Must + be an octal value between 0000 and 0777 + or a decimal value between 0 and 511. YAML + accepts both octal and decimal values, JSON + requires decimal values for mode bits. If + not specified, the volume defaultMode will + be used. This might be in conflict with + other options that affect the file mode, + like fsGroup, and the result can be other + mode bits set.' + format: int32 + type: integer + path: + description: path is the relative path of + the file to map the key to. May not be an + absolute path. May not contain the path + element '..'. May not start with the string + '..'. + type: string + required: + - key + - path + type: object + type: array + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: optional specify whether the ConfigMap + or its keys must be defined + type: boolean + type: object + x-kubernetes-map-type: atomic + csi: + description: csi (Container Storage Interface) represents + ephemeral storage that is handled by certain external + CSI drivers (Beta feature). + properties: + driver: + description: driver is the name of the CSI driver + that handles this volume. Consult with your admin + for the correct name as registered in the cluster. + type: string + fsType: + description: fsType to mount. Ex. "ext4", "xfs", + "ntfs". If not provided, the empty value is passed + to the associated CSI driver which will determine + the default filesystem to apply. + type: string + nodePublishSecretRef: + description: nodePublishSecretRef is a reference + to the secret object containing sensitive information + to pass to the CSI driver to complete the CSI + NodePublishVolume and NodeUnpublishVolume calls. + This field is optional, and may be empty if no + secret is required. If the secret object contains + more than one secret, all secret references are + passed. + properties: + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + type: object + x-kubernetes-map-type: atomic + readOnly: + description: readOnly specifies a read-only configuration + for the volume. Defaults to false (read/write). + type: boolean + volumeAttributes: + additionalProperties: + type: string + description: volumeAttributes stores driver-specific + properties that are passed to the CSI driver. + Consult your driver's documentation for supported + values. + type: object + required: + - driver + type: object + downwardAPI: + description: downwardAPI represents downward API about + the pod that should populate this volume + properties: + defaultMode: + description: 'Optional: mode bits to use on created + files by default. Must be a Optional: mode bits + used to set permissions on created files by default. + Must be an octal value between 0000 and 0777 or + a decimal value between 0 and 511. YAML accepts + both octal and decimal values, JSON requires decimal + values for mode bits. Defaults to 0644. Directories + within the path are not affected by this setting. + This might be in conflict with other options that + affect the file mode, like fsGroup, and the result + can be other mode bits set.' + format: int32 + type: integer + items: + description: Items is a list of downward API volume + file + items: + description: DownwardAPIVolumeFile represents + information to create the file containing the + pod field + properties: + fieldRef: + description: 'Required: Selects a field of + the pod: only annotations, labels, name + and namespace are supported.' + properties: + apiVersion: + description: Version of the schema the + FieldPath is written in terms of, defaults + to "v1". + type: string + fieldPath: + description: Path of the field to select + in the specified API version. + type: string + required: + - fieldPath + type: object + x-kubernetes-map-type: atomic + mode: + description: 'Optional: mode bits used to + set permissions on this file, must be an + octal value between 0000 and 0777 or a decimal + value between 0 and 511. YAML accepts both + octal and decimal values, JSON requires + decimal values for mode bits. If not specified, + the volume defaultMode will be used. This + might be in conflict with other options + that affect the file mode, like fsGroup, + and the result can be other mode bits set.' + format: int32 + type: integer + path: + description: 'Required: Path is the relative + path name of the file to be created. Must + not be absolute or contain the ''..'' path. + Must be utf-8 encoded. The first item of + the relative path must not start with ''..''' + type: string + resourceFieldRef: + description: 'Selects a resource of the container: + only resources limits and requests (limits.cpu, + limits.memory, requests.cpu and requests.memory) + are currently supported.' + properties: + containerName: + description: 'Container name: required + for volumes, optional for env vars' + type: string + divisor: + anyOf: + - type: integer + - type: string + description: Specifies the output format + of the exposed resources, defaults to + "1" + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + description: 'Required: resource to select' + type: string + required: + - resource + type: object + x-kubernetes-map-type: atomic + required: + - path + type: object + type: array + type: object + emptyDir: + description: 'emptyDir represents a temporary directory + that shares a pod''s lifetime. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' + properties: + medium: + description: 'medium represents what type of storage + medium should back this directory. The default + is "" which means to use the node''s default medium. + Must be an empty string (default) or Memory. More + info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' + type: string + sizeLimit: + anyOf: + - type: integer + - type: string + description: 'sizeLimit is the total amount of local + storage required for this EmptyDir volume. The + size limit is also applicable for memory medium. + The maximum usage on memory medium EmptyDir would + be the minimum value between the SizeLimit specified + here and the sum of memory limits of all containers + in a pod. The default is nil which means that + the limit is undefined. More info: http://kubernetes.io/docs/user-guide/volumes#emptydir' + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + ephemeral: + description: "ephemeral represents a volume that is + handled by a cluster storage driver. The volume's + lifecycle is tied to the pod that defines it - it + will be created before the pod starts, and deleted + when the pod is removed. \n Use this if: a) the volume + is only needed while the pod runs, b) features of + normal volumes like restoring from snapshot or capacity + tracking are needed, c) the storage driver is specified + through a storage class, and d) the storage driver + supports dynamic volume provisioning through a PersistentVolumeClaim + (see EphemeralVolumeSource for more information on + the connection between this volume type and PersistentVolumeClaim). + \n Use PersistentVolumeClaim or one of the vendor-specific + APIs for volumes that persist for longer than the + lifecycle of an individual pod. \n Use CSI for light-weight + local ephemeral volumes if the CSI driver is meant + to be used that way - see the documentation of the + driver for more information. \n A pod can use both + types of ephemeral volumes and persistent volumes + at the same time." + properties: + volumeClaimTemplate: + description: "Will be used to create a stand-alone + PVC to provision the volume. The pod in which + this EphemeralVolumeSource is embedded will be + the owner of the PVC, i.e. the PVC will be deleted + together with the pod. The name of the PVC will + be `-` where `` + is the name from the `PodSpec.Volumes` array entry. + Pod validation will reject the pod if the concatenated + name is not valid for a PVC (for example, too + long). \n An existing PVC with that name that + is not owned by the pod will *not* be used for + the pod to avoid using an unrelated volume by + mistake. Starting the pod is then blocked until + the unrelated PVC is removed. If such a pre-created + PVC is meant to be used by the pod, the PVC has + to updated with an owner reference to the pod + once the pod exists. Normally this should not + be necessary, but it may be useful when manually + reconstructing a broken cluster. \n This field + is read-only and no changes will be made by Kubernetes + to the PVC after it has been created. \n Required, + must not be nil." + properties: + metadata: + description: May contain labels and annotations + that will be copied into the PVC when creating + it. No other fields are allowed and will be + rejected during validation. + properties: + annotations: + additionalProperties: + type: string + type: object + finalizers: + items: + type: string + type: array + labels: + additionalProperties: + type: string + type: object + name: + type: string + namespace: + type: string + type: object + spec: + description: The specification for the PersistentVolumeClaim. + The entire content is copied unchanged into + the PVC that gets created from this template. + The same fields as in a PersistentVolumeClaim + are also valid here. + properties: + accessModes: + description: 'accessModes contains the desired + access modes the volume should have. More + info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1' + items: + type: string + type: array + dataSource: + description: 'dataSource field can be used + to specify either: * An existing VolumeSnapshot + object (snapshot.storage.k8s.io/VolumeSnapshot) + * An existing PVC (PersistentVolumeClaim) + If the provisioner or an external controller + can support the specified data source, + it will create a new volume based on the + contents of the specified data source. + When the AnyVolumeDataSource feature gate + is enabled, dataSource contents will be + copied to dataSourceRef, and dataSourceRef + contents will be copied to dataSource + when dataSourceRef.namespace is not specified. + If the namespace is specified, then dataSourceRef + will not be copied to dataSource.' + properties: + apiGroup: + description: APIGroup is the group for + the resource being referenced. If + APIGroup is not specified, the specified + Kind must be in the core API group. + For any other third-party types, APIGroup + is required. + type: string + kind: + description: Kind is the type of resource + being referenced + type: string + name: + description: Name is the name of resource + being referenced + type: string + required: + - kind + - name + type: object + x-kubernetes-map-type: atomic + dataSourceRef: + description: 'dataSourceRef specifies the + object from which to populate the volume + with data, if a non-empty volume is desired. + This may be any object from a non-empty + API group (non core object) or a PersistentVolumeClaim + object. When this field is specified, + volume binding will only succeed if the + type of the specified object matches some + installed volume populator or dynamic + provisioner. This field will replace the + functionality of the dataSource field + and as such if both fields are non-empty, + they must have the same value. For backwards + compatibility, when namespace isn''t specified + in dataSourceRef, both fields (dataSource + and dataSourceRef) will be set to the + same value automatically if one of them + is empty and the other is non-empty. When + namespace is specified in dataSourceRef, + dataSource isn''t set to the same value + and must be empty. There are three important + differences between dataSource and dataSourceRef: + * While dataSource only allows two specific + types of objects, dataSourceRef allows + any non-core object, as well as PersistentVolumeClaim + objects. * While dataSource ignores disallowed + values (dropping them), dataSourceRef + preserves all values, and generates an + error if a disallowed value is specified. + * While dataSource only allows local objects, + dataSourceRef allows objects in any namespaces. + (Beta) Using this field requires the AnyVolumeDataSource + feature gate to be enabled. (Alpha) Using + the namespace field of dataSourceRef requires + the CrossNamespaceVolumeDataSource feature + gate to be enabled.' + properties: + apiGroup: + description: APIGroup is the group for + the resource being referenced. If + APIGroup is not specified, the specified + Kind must be in the core API group. + For any other third-party types, APIGroup + is required. + type: string + kind: + description: Kind is the type of resource + being referenced + type: string + name: + description: Name is the name of resource + being referenced + type: string + namespace: + description: Namespace is the namespace + of resource being referenced Note + that when a namespace is specified, + a gateway.networking.k8s.io/ReferenceGrant + object is required in the referent + namespace to allow that namespace's + owner to accept the reference. See + the ReferenceGrant documentation for + details. (Alpha) This field requires + the CrossNamespaceVolumeDataSource + feature gate to be enabled. + type: string + required: + - kind + - name + type: object + resources: + description: 'resources represents the minimum + resources the volume should have. If RecoverVolumeExpansionFailure + feature is enabled users are allowed to + specify resource requirements that are + lower than previous value but must still + be higher than capacity recorded in the + status field of the claim. More info: + https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources' + properties: + claims: + description: "Claims lists the names + of resources, defined in spec.resourceClaims, + that are used by this container. \n + This is an alpha field and requires + enabling the DynamicResourceAllocation + feature gate. \n This field is immutable. + It can only be set for containers." + items: + description: ResourceClaim references + one entry in PodSpec.ResourceClaims. + properties: + name: + description: Name must match the + name of one entry in pod.spec.resourceClaims + of the Pod where this field + is used. It makes that resource + available inside a container. + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum + amount of compute resources allowed. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the + minimum amount of compute resources + required. If Requests is omitted for + a container, it defaults to Limits + if that is explicitly specified, otherwise + to an implementation-defined value. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + type: object + selector: + description: selector is a label query over + volumes to consider for binding. + properties: + matchExpressions: + description: matchExpressions is a list + of label selector requirements. The + requirements are ANDed. + items: + description: A label selector requirement + is a selector that contains values, + a key, and an operator that relates + the key and values. + properties: + key: + description: key is the label + key that the selector applies + to. + type: string + operator: + description: operator represents + a key's relationship to a set + of values. Valid operators are + In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array + of string values. If the operator + is In or NotIn, the values array + must be non-empty. If the operator + is Exists or DoesNotExist, the + values array must be empty. + This array is replaced during + a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of + {key,value} pairs. A single {key,value} + in the matchLabels map is equivalent + to an element of matchExpressions, + whose key field is "key", the operator + is "In", and the values array contains + only "value". The requirements are + ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + storageClassName: + description: 'storageClassName is the name + of the StorageClass required by the claim. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1' + type: string + volumeMode: + description: volumeMode defines what type + of volume is required by the claim. Value + of Filesystem is implied when not included + in claim spec. + type: string + volumeName: + description: volumeName is the binding reference + to the PersistentVolume backing this claim. + type: string + type: object + required: + - spec + type: object + type: object + fc: + description: fc represents a Fibre Channel resource + that is attached to a kubelet's host machine and then + exposed to the pod. + properties: + fsType: + description: 'fsType is the filesystem type to mount. + Must be a filesystem type supported by the host + operating system. Ex. "ext4", "xfs", "ntfs". Implicitly + inferred to be "ext4" if unspecified. TODO: how + do we prevent errors in the filesystem from compromising + the machine' + type: string + lun: + description: 'lun is Optional: FC target lun number' + format: int32 + type: integer + readOnly: + description: 'readOnly is Optional: Defaults to + false (read/write). ReadOnly here will force the + ReadOnly setting in VolumeMounts.' + type: boolean + targetWWNs: + description: 'targetWWNs is Optional: FC target + worldwide names (WWNs)' + items: + type: string + type: array + wwids: + description: 'wwids Optional: FC volume world wide + identifiers (wwids) Either wwids or combination + of targetWWNs and lun must be set, but not both + simultaneously.' + items: + type: string + type: array + type: object + flexVolume: + description: flexVolume represents a generic volume + resource that is provisioned/attached using an exec + based plugin. + properties: + driver: + description: driver is the name of the driver to + use for this volume. + type: string + fsType: + description: fsType is the filesystem type to mount. + Must be a filesystem type supported by the host + operating system. Ex. "ext4", "xfs", "ntfs". The + default filesystem depends on FlexVolume script. + type: string + options: + additionalProperties: + type: string + description: 'options is Optional: this field holds + extra command options if any.' + type: object + readOnly: + description: 'readOnly is Optional: defaults to + false (read/write). ReadOnly here will force the + ReadOnly setting in VolumeMounts.' + type: boolean + secretRef: + description: 'secretRef is Optional: secretRef is + reference to the secret object containing sensitive + information to pass to the plugin scripts. This + may be empty if no secret object is specified. + If the secret object contains more than one secret, + all secrets are passed to the plugin scripts.' + properties: + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + type: object + x-kubernetes-map-type: atomic + required: + - driver + type: object + flocker: + description: flocker represents a Flocker volume attached + to a kubelet's host machine. This depends on the Flocker + control service being running + properties: + datasetName: + description: datasetName is Name of the dataset + stored as metadata -> name on the dataset for + Flocker should be considered as deprecated + type: string + datasetUUID: + description: datasetUUID is the UUID of the dataset. + This is unique identifier of a Flocker dataset + type: string + type: object + gcePersistentDisk: + description: 'gcePersistentDisk represents a GCE Disk + resource that is attached to a kubelet''s host machine + and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' + properties: + fsType: + description: 'fsType is filesystem type of the volume + that you want to mount. Tip: Ensure that the filesystem + type is supported by the host operating system. + Examples: "ext4", "xfs", "ntfs". Implicitly inferred + to be "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk + TODO: how do we prevent errors in the filesystem + from compromising the machine' + type: string + partition: + description: 'partition is the partition in the + volume that you want to mount. If omitted, the + default is to mount by volume name. Examples: + For volume /dev/sda1, you specify the partition + as "1". Similarly, the volume partition for /dev/sda + is "0" (or you can leave the property empty). + More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' + format: int32 + type: integer + pdName: + description: 'pdName is unique name of the PD resource + in GCE. Used to identify the disk in GCE. More + info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' + type: string + readOnly: + description: 'readOnly here will force the ReadOnly + setting in VolumeMounts. Defaults to false. More + info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' + type: boolean + required: + - pdName + type: object + gitRepo: + description: 'gitRepo represents a git repository at + a particular revision. DEPRECATED: GitRepo is deprecated. + To provision a container with a git repo, mount an + EmptyDir into an InitContainer that clones the repo + using git, then mount the EmptyDir into the Pod''s + container.' + properties: + directory: + description: directory is the target directory name. + Must not contain or start with '..'. If '.' is + supplied, the volume directory will be the git + repository. Otherwise, if specified, the volume + will contain the git repository in the subdirectory + with the given name. + type: string + repository: + description: repository is the URL + type: string + revision: + description: revision is the commit hash for the + specified revision. + type: string + required: + - repository + type: object + glusterfs: + description: 'glusterfs represents a Glusterfs mount + on the host that shares a pod''s lifetime. More info: + https://examples.k8s.io/volumes/glusterfs/README.md' + properties: + endpoints: + description: 'endpoints is the endpoint name that + details Glusterfs topology. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' + type: string + path: + description: 'path is the Glusterfs volume path. + More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' + type: string + readOnly: + description: 'readOnly here will force the Glusterfs + volume to be mounted with read-only permissions. + Defaults to false. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' + type: boolean + required: + - endpoints + - path + type: object + hostPath: + description: 'hostPath represents a pre-existing file + or directory on the host machine that is directly + exposed to the container. This is generally used for + system agents or other privileged things that are + allowed to see the host machine. Most containers will + NOT need this. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath + --- TODO(jonesdl) We need to restrict who can use + host directory mounts and who can/can not mount host + directories as read/write.' + properties: + path: + description: 'path of the directory on the host. + If the path is a symlink, it will follow the link + to the real path. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath' + type: string + type: + description: 'type for HostPath Volume Defaults + to "" More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath' + type: string + required: + - path + type: object + iscsi: + description: 'iscsi represents an ISCSI Disk resource + that is attached to a kubelet''s host machine and + then exposed to the pod. More info: https://examples.k8s.io/volumes/iscsi/README.md' + properties: + chapAuthDiscovery: + description: chapAuthDiscovery defines whether support + iSCSI Discovery CHAP authentication + type: boolean + chapAuthSession: + description: chapAuthSession defines whether support + iSCSI Session CHAP authentication + type: boolean + fsType: + description: 'fsType is the filesystem type of the + volume that you want to mount. Tip: Ensure that + the filesystem type is supported by the host operating + system. Examples: "ext4", "xfs", "ntfs". Implicitly + inferred to be "ext4" if unspecified. More info: + https://kubernetes.io/docs/concepts/storage/volumes#iscsi + TODO: how do we prevent errors in the filesystem + from compromising the machine' + type: string + initiatorName: + description: initiatorName is the custom iSCSI Initiator + Name. If initiatorName is specified with iscsiInterface + simultaneously, new iSCSI interface : will be created for the connection. + type: string + iqn: + description: iqn is the target iSCSI Qualified Name. + type: string + iscsiInterface: + description: iscsiInterface is the interface Name + that uses an iSCSI transport. Defaults to 'default' + (tcp). + type: string + lun: + description: lun represents iSCSI Target Lun number. + format: int32 + type: integer + portals: + description: portals is the iSCSI Target Portal + List. The portal is either an IP or ip_addr:port + if the port is other than default (typically TCP + ports 860 and 3260). + items: + type: string + type: array + readOnly: + description: readOnly here will force the ReadOnly + setting in VolumeMounts. Defaults to false. + type: boolean + secretRef: + description: secretRef is the CHAP Secret for iSCSI + target and initiator authentication + properties: + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + type: object + x-kubernetes-map-type: atomic + targetPortal: + description: targetPortal is iSCSI Target Portal. + The Portal is either an IP or ip_addr:port if + the port is other than default (typically TCP + ports 860 and 3260). + type: string + required: + - iqn + - lun + - targetPortal + type: object + name: + description: 'name of the volume. Must be a DNS_LABEL + and unique within the pod. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + nfs: + description: 'nfs represents an NFS mount on the host + that shares a pod''s lifetime More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' + properties: + path: + description: 'path that is exported by the NFS server. + More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' + type: string + readOnly: + description: 'readOnly here will force the NFS export + to be mounted with read-only permissions. Defaults + to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' + type: boolean + server: + description: 'server is the hostname or IP address + of the NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' + type: string + required: + - path + - server + type: object + persistentVolumeClaim: + description: 'persistentVolumeClaimVolumeSource represents + a reference to a PersistentVolumeClaim in the same + namespace. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' + properties: + claimName: + description: 'claimName is the name of a PersistentVolumeClaim + in the same namespace as the pod using this volume. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' + type: string + readOnly: + description: readOnly Will force the ReadOnly setting + in VolumeMounts. Default false. + type: boolean + required: + - claimName + type: object + photonPersistentDisk: + description: photonPersistentDisk represents a PhotonController + persistent disk attached and mounted on kubelets host + machine + properties: + fsType: + description: fsType is the filesystem type to mount. + Must be a filesystem type supported by the host + operating system. Ex. "ext4", "xfs", "ntfs". Implicitly + inferred to be "ext4" if unspecified. + type: string + pdID: + description: pdID is the ID that identifies Photon + Controller persistent disk + type: string + required: + - pdID + type: object + portworxVolume: + description: portworxVolume represents a portworx volume + attached and mounted on kubelets host machine + properties: + fsType: + description: fSType represents the filesystem type + to mount Must be a filesystem type supported by + the host operating system. Ex. "ext4", "xfs". + Implicitly inferred to be "ext4" if unspecified. + type: string + readOnly: + description: readOnly defaults to false (read/write). + ReadOnly here will force the ReadOnly setting + in VolumeMounts. + type: boolean + volumeID: + description: volumeID uniquely identifies a Portworx + volume + type: string + required: + - volumeID + type: object + projected: + description: projected items for all in one resources + secrets, configmaps, and downward API + properties: + defaultMode: + description: defaultMode are the mode bits used + to set permissions on created files by default. + Must be an octal value between 0000 and 0777 or + a decimal value between 0 and 511. YAML accepts + both octal and decimal values, JSON requires decimal + values for mode bits. Directories within the path + are not affected by this setting. This might be + in conflict with other options that affect the + file mode, like fsGroup, and the result can be + other mode bits set. + format: int32 + type: integer + sources: + description: sources is the list of volume projections + items: + description: Projection that may be projected + along with other supported volume types + properties: + configMap: + description: configMap information about the + configMap data to project + properties: + items: + description: items if unspecified, each + key-value pair in the Data field of + the referenced ConfigMap will be projected + into the volume as a file whose name + is the key and content is the value. + If specified, the listed keys will be + projected into the specified paths, + and unlisted keys will not be present. + If a key is specified which is not present + in the ConfigMap, the volume setup will + error unless it is marked optional. + Paths must be relative and may not contain + the '..' path or start with '..'. + items: + description: Maps a string key to a + path within a volume. + properties: + key: + description: key is the key to project. + type: string + mode: + description: 'mode is Optional: + mode bits used to set permissions + on this file. Must be an octal + value between 0000 and 0777 or + a decimal value between 0 and + 511. YAML accepts both octal and + decimal values, JSON requires + decimal values for mode bits. + If not specified, the volume defaultMode + will be used. This might be in + conflict with other options that + affect the file mode, like fsGroup, + and the result can be other mode + bits set.' + format: int32 + type: integer + path: + description: path is the relative + path of the file to map the key + to. May not be an absolute path. + May not contain the path element + '..'. May not start with the string + '..'. + type: string + required: + - key + - path + type: object + type: array + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: optional specify whether + the ConfigMap or its keys must be defined + type: boolean + type: object + x-kubernetes-map-type: atomic + downwardAPI: + description: downwardAPI information about + the downwardAPI data to project + properties: + items: + description: Items is a list of DownwardAPIVolume + file + items: + description: DownwardAPIVolumeFile represents + information to create the file containing + the pod field + properties: + fieldRef: + description: 'Required: Selects + a field of the pod: only annotations, + labels, name and namespace are + supported.' + properties: + apiVersion: + description: Version of the + schema the FieldPath is written + in terms of, defaults to "v1". + type: string + fieldPath: + description: Path of the field + to select in the specified + API version. + type: string + required: + - fieldPath + type: object + x-kubernetes-map-type: atomic + mode: + description: 'Optional: mode bits + used to set permissions on this + file, must be an octal value between + 0000 and 0777 or a decimal value + between 0 and 511. YAML accepts + both octal and decimal values, + JSON requires decimal values for + mode bits. If not specified, the + volume defaultMode will be used. + This might be in conflict with + other options that affect the + file mode, like fsGroup, and the + result can be other mode bits + set.' + format: int32 + type: integer + path: + description: 'Required: Path is the + relative path name of the file + to be created. Must not be absolute + or contain the ''..'' path. Must + be utf-8 encoded. The first item + of the relative path must not + start with ''..''' + type: string + resourceFieldRef: + description: 'Selects a resource + of the container: only resources + limits and requests (limits.cpu, + limits.memory, requests.cpu and + requests.memory) are currently + supported.' + properties: + containerName: + description: 'Container name: + required for volumes, optional + for env vars' + type: string + divisor: + anyOf: + - type: integer + - type: string + description: Specifies the output + format of the exposed resources, + defaults to "1" + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + description: 'Required: resource + to select' + type: string + required: + - resource + type: object + x-kubernetes-map-type: atomic + required: + - path + type: object + type: array + type: object + secret: + description: secret information about the + secret data to project + properties: + items: + description: items if unspecified, each + key-value pair in the Data field of + the referenced Secret will be projected + into the volume as a file whose name + is the key and content is the value. + If specified, the listed keys will be + projected into the specified paths, + and unlisted keys will not be present. + If a key is specified which is not present + in the Secret, the volume setup will + error unless it is marked optional. + Paths must be relative and may not contain + the '..' path or start with '..'. + items: + description: Maps a string key to a + path within a volume. + properties: + key: + description: key is the key to project. + type: string + mode: + description: 'mode is Optional: + mode bits used to set permissions + on this file. Must be an octal + value between 0000 and 0777 or + a decimal value between 0 and + 511. YAML accepts both octal and + decimal values, JSON requires + decimal values for mode bits. + If not specified, the volume defaultMode + will be used. This might be in + conflict with other options that + affect the file mode, like fsGroup, + and the result can be other mode + bits set.' + format: int32 + type: integer + path: + description: path is the relative + path of the file to map the key + to. May not be an absolute path. + May not contain the path element + '..'. May not start with the string + '..'. + type: string + required: + - key + - path + type: object + type: array + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: optional field specify whether + the Secret or its key must be defined + type: boolean + type: object + x-kubernetes-map-type: atomic + serviceAccountToken: + description: serviceAccountToken is information + about the serviceAccountToken data to project + properties: + audience: + description: audience is the intended + audience of the token. A recipient of + a token must identify itself with an + identifier specified in the audience + of the token, and otherwise should reject + the token. The audience defaults to + the identifier of the apiserver. + type: string + expirationSeconds: + description: expirationSeconds is the + requested duration of validity of the + service account token. As the token + approaches expiration, the kubelet volume + plugin will proactively rotate the service + account token. The kubelet will start + trying to rotate the token if the token + is older than 80 percent of its time + to live or if the token is older than + 24 hours.Defaults to 1 hour and must + be at least 10 minutes. + format: int64 + type: integer + path: + description: path is the path relative + to the mount point of the file to project + the token into. + type: string + required: + - path + type: object + type: object + type: array + type: object + quobyte: + description: quobyte represents a Quobyte mount on the + host that shares a pod's lifetime + properties: + group: + description: group to map volume access to Default + is no group + type: string + readOnly: + description: readOnly here will force the Quobyte + volume to be mounted with read-only permissions. + Defaults to false. + type: boolean + registry: + description: registry represents a single or multiple + Quobyte Registry services specified as a string + as host:port pair (multiple entries are separated + with commas) which acts as the central registry + for volumes + type: string + tenant: + description: tenant owning the given Quobyte volume + in the Backend Used with dynamically provisioned + Quobyte volumes, value is set by the plugin + type: string + user: + description: user to map volume access to Defaults + to serivceaccount user + type: string + volume: + description: volume is a string that references + an already created Quobyte volume by name. + type: string + required: + - registry + - volume + type: object + rbd: + description: 'rbd represents a Rados Block Device mount + on the host that shares a pod''s lifetime. More info: + https://examples.k8s.io/volumes/rbd/README.md' + properties: + fsType: + description: 'fsType is the filesystem type of the + volume that you want to mount. Tip: Ensure that + the filesystem type is supported by the host operating + system. Examples: "ext4", "xfs", "ntfs". Implicitly + inferred to be "ext4" if unspecified. More info: + https://kubernetes.io/docs/concepts/storage/volumes#rbd + TODO: how do we prevent errors in the filesystem + from compromising the machine' + type: string + image: + description: 'image is the rados image name. More + info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' + type: string + keyring: + description: 'keyring is the path to key ring for + RBDUser. Default is /etc/ceph/keyring. More info: + https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' + type: string + monitors: + description: 'monitors is a collection of Ceph monitors. + More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' + items: + type: string + type: array + pool: + description: 'pool is the rados pool name. Default + is rbd. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' + type: string + readOnly: + description: 'readOnly here will force the ReadOnly + setting in VolumeMounts. Defaults to false. More + info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' + type: boolean + secretRef: + description: 'secretRef is name of the authentication + secret for RBDUser. If provided overrides keyring. + Default is nil. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' + properties: + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + type: object + x-kubernetes-map-type: atomic + user: + description: 'user is the rados user name. Default + is admin. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' + type: string + required: + - image + - monitors + type: object + scaleIO: + description: scaleIO represents a ScaleIO persistent + volume attached and mounted on Kubernetes nodes. + properties: + fsType: + description: fsType is the filesystem type to mount. + Must be a filesystem type supported by the host + operating system. Ex. "ext4", "xfs", "ntfs". Default + is "xfs". + type: string + gateway: + description: gateway is the host address of the + ScaleIO API Gateway. + type: string + protectionDomain: + description: protectionDomain is the name of the + ScaleIO Protection Domain for the configured storage. + type: string + readOnly: + description: readOnly Defaults to false (read/write). + ReadOnly here will force the ReadOnly setting + in VolumeMounts. + type: boolean + secretRef: + description: secretRef references to the secret + for ScaleIO user and other sensitive information. + If this is not provided, Login operation will + fail. + properties: + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + type: object + x-kubernetes-map-type: atomic + sslEnabled: + description: sslEnabled Flag enable/disable SSL + communication with Gateway, default false + type: boolean + storageMode: + description: storageMode indicates whether the storage + for a volume should be ThickProvisioned or ThinProvisioned. + Default is ThinProvisioned. + type: string + storagePool: + description: storagePool is the ScaleIO Storage + Pool associated with the protection domain. + type: string + system: + description: system is the name of the storage system + as configured in ScaleIO. + type: string + volumeName: + description: volumeName is the name of a volume + already created in the ScaleIO system that is + associated with this volume source. + type: string + required: + - gateway + - secretRef + - system + type: object + secret: + description: 'secret represents a secret that should + populate this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' + properties: + defaultMode: + description: 'defaultMode is Optional: mode bits + used to set permissions on created files by default. + Must be an octal value between 0000 and 0777 or + a decimal value between 0 and 511. YAML accepts + both octal and decimal values, JSON requires decimal + values for mode bits. Defaults to 0644. Directories + within the path are not affected by this setting. + This might be in conflict with other options that + affect the file mode, like fsGroup, and the result + can be other mode bits set.' + format: int32 + type: integer + items: + description: items If unspecified, each key-value + pair in the Data field of the referenced Secret + will be projected into the volume as a file whose + name is the key and content is the value. If specified, + the listed keys will be projected into the specified + paths, and unlisted keys will not be present. + If a key is specified which is not present in + the Secret, the volume setup will error unless + it is marked optional. Paths must be relative + and may not contain the '..' path or start with + '..'. + items: + description: Maps a string key to a path within + a volume. + properties: + key: + description: key is the key to project. + type: string + mode: + description: 'mode is Optional: mode bits + used to set permissions on this file. Must + be an octal value between 0000 and 0777 + or a decimal value between 0 and 511. YAML + accepts both octal and decimal values, JSON + requires decimal values for mode bits. If + not specified, the volume defaultMode will + be used. This might be in conflict with + other options that affect the file mode, + like fsGroup, and the result can be other + mode bits set.' + format: int32 + type: integer + path: + description: path is the relative path of + the file to map the key to. May not be an + absolute path. May not contain the path + element '..'. May not start with the string + '..'. + type: string + required: + - key + - path + type: object + type: array + optional: + description: optional field specify whether the + Secret or its keys must be defined + type: boolean + secretName: + description: 'secretName is the name of the secret + in the pod''s namespace to use. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' + type: string + type: object + storageos: + description: storageOS represents a StorageOS volume + attached and mounted on Kubernetes nodes. + properties: + fsType: + description: fsType is the filesystem type to mount. + Must be a filesystem type supported by the host + operating system. Ex. "ext4", "xfs", "ntfs". Implicitly + inferred to be "ext4" if unspecified. + type: string + readOnly: + description: readOnly defaults to false (read/write). + ReadOnly here will force the ReadOnly setting + in VolumeMounts. + type: boolean + secretRef: + description: secretRef specifies the secret to use + for obtaining the StorageOS API credentials. If + not specified, default values will be attempted. + properties: + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + type: object + x-kubernetes-map-type: atomic + volumeName: + description: volumeName is the human-readable name + of the StorageOS volume. Volume names are only + unique within a namespace. + type: string + volumeNamespace: + description: volumeNamespace specifies the scope + of the volume within StorageOS. If no namespace + is specified then the Pod's namespace will be + used. This allows the Kubernetes name scoping + to be mirrored within StorageOS for tighter integration. + Set VolumeName to any name to override the default + behaviour. Set to "default" if you are not using + namespaces within StorageOS. Namespaces that do + not pre-exist within StorageOS will be created. + type: string + type: object + vsphereVolume: + description: vsphereVolume represents a vSphere volume + attached and mounted on kubelets host machine + properties: + fsType: + description: fsType is filesystem type to mount. + Must be a filesystem type supported by the host + operating system. Ex. "ext4", "xfs", "ntfs". Implicitly + inferred to be "ext4" if unspecified. + type: string + storagePolicyID: + description: storagePolicyID is the storage Policy + Based Management (SPBM) profile ID associated + with the StoragePolicyName. + type: string + storagePolicyName: + description: storagePolicyName is the storage Policy + Based Management (SPBM) profile name. + type: string + volumePath: + description: volumePath is the path that identifies + vSphere volume vmdk + type: string + required: + - volumePath + type: object + required: + - name + type: object + type: array + required: + - containers + type: object + type: object + racks: + description: A list of the named racks in the datacenter, representing + independent failure domains. The number of racks should match the + replication factor in the keyspaces you plan to create, and the + number of racks cannot easily be changed once a datacenter is deployed. + items: + description: Rack ... + properties: + affinity: + description: Affinity rules to set for this rack only. Merged + with values from PodTemplateSpec Affinity as well as NodeAffinityLabels. + If you wish to override all the default PodAntiAffinity rules, + set allowMultipleWorkers to true, otherwise defaults are applied + and then these Affinity settings are merged. + properties: + nodeAffinity: + description: Describes node affinity scheduling rules for + the pod. + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule pods + to nodes that satisfy the affinity expressions specified + by this field, but it may choose a node that violates + one or more of the expressions. The node that is most + preferred is the one with the greatest sum of weights, + i.e. for each node that meets all of the scheduling + requirements (resource request, requiredDuringScheduling + affinity expressions, etc.), compute a sum by iterating + through the elements of this field and adding "weight" + to the sum if the node matches the corresponding matchExpressions; + the node(s) with the highest sum are the most preferred. + items: + description: An empty preferred scheduling term matches + all objects with implicit weight 0 (i.e. it's a + no-op). A null preferred scheduling term matches + no objects (i.e. is also a no-op). + properties: + preference: + description: A node selector term, associated + with the corresponding weight. + properties: + matchExpressions: + description: A list of node selector requirements + by node's labels. + items: + description: A node selector requirement + is a selector that contains values, a + key, and an operator that relates the + key and values. + properties: + key: + description: The label key that the + selector applies to. + type: string + operator: + description: Represents a key's relationship + to a set of values. Valid operators + are In, NotIn, Exists, DoesNotExist. + Gt, and Lt. + type: string + values: + description: An array of string values. + If the operator is In or NotIn, the + values array must be non-empty. If + the operator is Exists or DoesNotExist, + the values array must be empty. If + the operator is Gt or Lt, the values + array must have a single element, + which will be interpreted as an integer. + This array is replaced during a strategic + merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchFields: + description: A list of node selector requirements + by node's fields. + items: + description: A node selector requirement + is a selector that contains values, a + key, and an operator that relates the + key and values. + properties: + key: + description: The label key that the + selector applies to. + type: string + operator: + description: Represents a key's relationship + to a set of values. Valid operators + are In, NotIn, Exists, DoesNotExist. + Gt, and Lt. + type: string + values: + description: An array of string values. + If the operator is In or NotIn, the + values array must be non-empty. If + the operator is Exists or DoesNotExist, + the values array must be empty. If + the operator is Gt or Lt, the values + array must have a single element, + which will be interpreted as an integer. + This array is replaced during a strategic + merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + type: object + x-kubernetes-map-type: atomic + weight: + description: Weight associated with matching the + corresponding nodeSelectorTerm, in the range + 1-100. + format: int32 + type: integer + required: + - preference + - weight + type: object + type: array + requiredDuringSchedulingIgnoredDuringExecution: + description: If the affinity requirements specified + by this field are not met at scheduling time, the + pod will not be scheduled onto the node. If the affinity + requirements specified by this field cease to be met + at some point during pod execution (e.g. due to an + update), the system may or may not try to eventually + evict the pod from its node. + properties: + nodeSelectorTerms: + description: Required. A list of node selector terms. + The terms are ORed. + items: + description: A null or empty node selector term + matches no objects. The requirements of them + are ANDed. The TopologySelectorTerm type implements + a subset of the NodeSelectorTerm. + properties: + matchExpressions: + description: A list of node selector requirements + by node's labels. + items: + description: A node selector requirement + is a selector that contains values, a + key, and an operator that relates the + key and values. + properties: + key: + description: The label key that the + selector applies to. + type: string + operator: + description: Represents a key's relationship + to a set of values. Valid operators + are In, NotIn, Exists, DoesNotExist. + Gt, and Lt. + type: string + values: + description: An array of string values. + If the operator is In or NotIn, the + values array must be non-empty. If + the operator is Exists or DoesNotExist, + the values array must be empty. If + the operator is Gt or Lt, the values + array must have a single element, + which will be interpreted as an integer. + This array is replaced during a strategic + merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchFields: + description: A list of node selector requirements + by node's fields. + items: + description: A node selector requirement + is a selector that contains values, a + key, and an operator that relates the + key and values. + properties: + key: + description: The label key that the + selector applies to. + type: string + operator: + description: Represents a key's relationship + to a set of values. Valid operators + are In, NotIn, Exists, DoesNotExist. + Gt, and Lt. + type: string + values: + description: An array of string values. + If the operator is In or NotIn, the + values array must be non-empty. If + the operator is Exists or DoesNotExist, + the values array must be empty. If + the operator is Gt or Lt, the values + array must have a single element, + which will be interpreted as an integer. + This array is replaced during a strategic + merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + type: object + x-kubernetes-map-type: atomic + type: array + required: + - nodeSelectorTerms + type: object + x-kubernetes-map-type: atomic + type: object + podAffinity: + description: Describes pod affinity scheduling rules (e.g. + co-locate this pod in the same node, zone, etc. as some + other pod(s)). + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule pods + to nodes that satisfy the affinity expressions specified + by this field, but it may choose a node that violates + one or more of the expressions. The node that is most + preferred is the one with the greatest sum of weights, + i.e. for each node that meets all of the scheduling + requirements (resource request, requiredDuringScheduling + affinity expressions, etc.), compute a sum by iterating + through the elements of this field and adding "weight" + to the sum if the node has pods which matches the + corresponding podAffinityTerm; the node(s) with the + highest sum are the most preferred. + items: + description: The weights of all of the matched WeightedPodAffinityTerm + fields are added per-node to find the most preferred + node(s) + properties: + podAffinityTerm: + description: Required. A pod affinity term, associated + with the corresponding weight. + properties: + labelSelector: + description: A label query over a set of resources, + in this case pods. + properties: + matchExpressions: + description: matchExpressions is a list + of label selector requirements. The + requirements are ANDed. + items: + description: A label selector requirement + is a selector that contains values, + a key, and an operator that relates + the key and values. + properties: + key: + description: key is the label key + that the selector applies to. + type: string + operator: + description: operator represents + a key's relationship to a set + of values. Valid operators are + In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array + of string values. If the operator + is In or NotIn, the values array + must be non-empty. If the operator + is Exists or DoesNotExist, the + values array must be empty. This + array is replaced during a strategic + merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator + is "In", and the values array contains + only "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + namespaceSelector: + description: A label query over the set of + namespaces that the term applies to. The + term is applied to the union of the namespaces + selected by this field and the ones listed + in the namespaces field. null selector and + null or empty namespaces list means "this + pod's namespace". An empty selector ({}) + matches all namespaces. + properties: + matchExpressions: + description: matchExpressions is a list + of label selector requirements. The + requirements are ANDed. + items: + description: A label selector requirement + is a selector that contains values, + a key, and an operator that relates + the key and values. + properties: + key: + description: key is the label key + that the selector applies to. + type: string + operator: + description: operator represents + a key's relationship to a set + of values. Valid operators are + In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array + of string values. If the operator + is In or NotIn, the values array + must be non-empty. If the operator + is Exists or DoesNotExist, the + values array must be empty. This + array is replaced during a strategic + merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator + is "In", and the values array contains + only "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + namespaces: + description: namespaces specifies a static + list of namespace names that the term applies + to. The term is applied to the union of + the namespaces listed in this field and + the ones selected by namespaceSelector. + null or empty namespaces list and null namespaceSelector + means "this pod's namespace". + items: + type: string + type: array + topologyKey: + description: This pod should be co-located + (affinity) or not co-located (anti-affinity) + with the pods matching the labelSelector + in the specified namespaces, where co-located + is defined as running on a node whose value + of the label with key topologyKey matches + that of any node on which any of the selected + pods is running. Empty topologyKey is not + allowed. + type: string + required: + - topologyKey + type: object + weight: + description: weight associated with matching the + corresponding podAffinityTerm, in the range + 1-100. + format: int32 + type: integer + required: + - podAffinityTerm + - weight + type: object + type: array + requiredDuringSchedulingIgnoredDuringExecution: + description: If the affinity requirements specified + by this field are not met at scheduling time, the + pod will not be scheduled onto the node. If the affinity + requirements specified by this field cease to be met + at some point during pod execution (e.g. due to a + pod label update), the system may or may not try to + eventually evict the pod from its node. When there + are multiple elements, the lists of nodes corresponding + to each podAffinityTerm are intersected, i.e. all + terms must be satisfied. + items: + description: Defines a set of pods (namely those matching + the labelSelector relative to the given namespace(s)) + that this pod should be co-located (affinity) or + not co-located (anti-affinity) with, where co-located + is defined as running on a node whose value of the + label with key matches that of any + node on which a pod of the set of pods is running + properties: + labelSelector: + description: A label query over a set of resources, + in this case pods. + properties: + matchExpressions: + description: matchExpressions is a list of + label selector requirements. The requirements + are ANDed. + items: + description: A label selector requirement + is a selector that contains values, a + key, and an operator that relates the + key and values. + properties: + key: + description: key is the label key that + the selector applies to. + type: string + operator: + description: operator represents a key's + relationship to a set of values. Valid + operators are In, NotIn, Exists and + DoesNotExist. + type: string + values: + description: values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. + If the operator is Exists or DoesNotExist, + the values array must be empty. This + array is replaced during a strategic + merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is + "In", and the values array contains only + "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + namespaceSelector: + description: A label query over the set of namespaces + that the term applies to. The term is applied + to the union of the namespaces selected by this + field and the ones listed in the namespaces + field. null selector and null or empty namespaces + list means "this pod's namespace". An empty + selector ({}) matches all namespaces. + properties: + matchExpressions: + description: matchExpressions is a list of + label selector requirements. The requirements + are ANDed. + items: + description: A label selector requirement + is a selector that contains values, a + key, and an operator that relates the + key and values. + properties: + key: + description: key is the label key that + the selector applies to. + type: string + operator: + description: operator represents a key's + relationship to a set of values. Valid + operators are In, NotIn, Exists and + DoesNotExist. + type: string + values: + description: values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. + If the operator is Exists or DoesNotExist, + the values array must be empty. This + array is replaced during a strategic + merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is + "In", and the values array contains only + "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + namespaces: + description: namespaces specifies a static list + of namespace names that the term applies to. + The term is applied to the union of the namespaces + listed in this field and the ones selected by + namespaceSelector. null or empty namespaces + list and null namespaceSelector means "this + pod's namespace". + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) + or not co-located (anti-affinity) with the pods + matching the labelSelector in the specified + namespaces, where co-located is defined as running + on a node whose value of the label with key + topologyKey matches that of any node on which + any of the selected pods is running. Empty topologyKey + is not allowed. + type: string + required: + - topologyKey + type: object + type: array + type: object + podAntiAffinity: + description: Describes pod anti-affinity scheduling rules + (e.g. avoid putting this pod in the same node, zone, etc. + as some other pod(s)). + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule pods + to nodes that satisfy the anti-affinity expressions + specified by this field, but it may choose a node + that violates one or more of the expressions. The + node that is most preferred is the one with the greatest + sum of weights, i.e. for each node that meets all + of the scheduling requirements (resource request, + requiredDuringScheduling anti-affinity expressions, + etc.), compute a sum by iterating through the elements + of this field and adding "weight" to the sum if the + node has pods which matches the corresponding podAffinityTerm; + the node(s) with the highest sum are the most preferred. + items: + description: The weights of all of the matched WeightedPodAffinityTerm + fields are added per-node to find the most preferred + node(s) + properties: + podAffinityTerm: + description: Required. A pod affinity term, associated + with the corresponding weight. + properties: + labelSelector: + description: A label query over a set of resources, + in this case pods. + properties: + matchExpressions: + description: matchExpressions is a list + of label selector requirements. The + requirements are ANDed. + items: + description: A label selector requirement + is a selector that contains values, + a key, and an operator that relates + the key and values. + properties: + key: + description: key is the label key + that the selector applies to. + type: string + operator: + description: operator represents + a key's relationship to a set + of values. Valid operators are + In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array + of string values. If the operator + is In or NotIn, the values array + must be non-empty. If the operator + is Exists or DoesNotExist, the + values array must be empty. This + array is replaced during a strategic + merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator + is "In", and the values array contains + only "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + namespaceSelector: + description: A label query over the set of + namespaces that the term applies to. The + term is applied to the union of the namespaces + selected by this field and the ones listed + in the namespaces field. null selector and + null or empty namespaces list means "this + pod's namespace". An empty selector ({}) + matches all namespaces. + properties: + matchExpressions: + description: matchExpressions is a list + of label selector requirements. The + requirements are ANDed. + items: + description: A label selector requirement + is a selector that contains values, + a key, and an operator that relates + the key and values. + properties: + key: + description: key is the label key + that the selector applies to. + type: string + operator: + description: operator represents + a key's relationship to a set + of values. Valid operators are + In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array + of string values. If the operator + is In or NotIn, the values array + must be non-empty. If the operator + is Exists or DoesNotExist, the + values array must be empty. This + array is replaced during a strategic + merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator + is "In", and the values array contains + only "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + namespaces: + description: namespaces specifies a static + list of namespace names that the term applies + to. The term is applied to the union of + the namespaces listed in this field and + the ones selected by namespaceSelector. + null or empty namespaces list and null namespaceSelector + means "this pod's namespace". + items: + type: string + type: array + topologyKey: + description: This pod should be co-located + (affinity) or not co-located (anti-affinity) + with the pods matching the labelSelector + in the specified namespaces, where co-located + is defined as running on a node whose value + of the label with key topologyKey matches + that of any node on which any of the selected + pods is running. Empty topologyKey is not + allowed. + type: string + required: + - topologyKey + type: object + weight: + description: weight associated with matching the + corresponding podAffinityTerm, in the range + 1-100. + format: int32 + type: integer + required: + - podAffinityTerm + - weight + type: object + type: array + requiredDuringSchedulingIgnoredDuringExecution: + description: If the anti-affinity requirements specified + by this field are not met at scheduling time, the + pod will not be scheduled onto the node. If the anti-affinity + requirements specified by this field cease to be met + at some point during pod execution (e.g. due to a + pod label update), the system may or may not try to + eventually evict the pod from its node. When there + are multiple elements, the lists of nodes corresponding + to each podAffinityTerm are intersected, i.e. all + terms must be satisfied. + items: + description: Defines a set of pods (namely those matching + the labelSelector relative to the given namespace(s)) + that this pod should be co-located (affinity) or + not co-located (anti-affinity) with, where co-located + is defined as running on a node whose value of the + label with key matches that of any + node on which a pod of the set of pods is running + properties: + labelSelector: + description: A label query over a set of resources, + in this case pods. + properties: + matchExpressions: + description: matchExpressions is a list of + label selector requirements. The requirements + are ANDed. + items: + description: A label selector requirement + is a selector that contains values, a + key, and an operator that relates the + key and values. + properties: + key: + description: key is the label key that + the selector applies to. + type: string + operator: + description: operator represents a key's + relationship to a set of values. Valid + operators are In, NotIn, Exists and + DoesNotExist. + type: string + values: + description: values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. + If the operator is Exists or DoesNotExist, + the values array must be empty. This + array is replaced during a strategic + merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is + "In", and the values array contains only + "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + namespaceSelector: + description: A label query over the set of namespaces + that the term applies to. The term is applied + to the union of the namespaces selected by this + field and the ones listed in the namespaces + field. null selector and null or empty namespaces + list means "this pod's namespace". An empty + selector ({}) matches all namespaces. + properties: + matchExpressions: + description: matchExpressions is a list of + label selector requirements. The requirements + are ANDed. + items: + description: A label selector requirement + is a selector that contains values, a + key, and an operator that relates the + key and values. + properties: + key: + description: key is the label key that + the selector applies to. + type: string + operator: + description: operator represents a key's + relationship to a set of values. Valid + operators are In, NotIn, Exists and + DoesNotExist. + type: string + values: + description: values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. + If the operator is Exists or DoesNotExist, + the values array must be empty. This + array is replaced during a strategic + merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is + "In", and the values array contains only + "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + namespaces: + description: namespaces specifies a static list + of namespace names that the term applies to. + The term is applied to the union of the namespaces + listed in this field and the ones selected by + namespaceSelector. null or empty namespaces + list and null namespaceSelector means "this + pod's namespace". + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) + or not co-located (anti-affinity) with the pods + matching the labelSelector in the specified + namespaces, where co-located is defined as running + on a node whose value of the label with key + topologyKey matches that of any node on which + any of the selected pods is running. Empty topologyKey + is not allowed. + type: string + required: + - topologyKey + type: object + type: array + type: object + type: object + name: + description: The rack name + minLength: 2 + type: string + nodeAffinityLabels: + additionalProperties: + type: string + description: NodeAffinityLabels to pin the rack, using node + affinity + type: object + zone: + description: Deprecated. Use nodeAffinityLabels instead. DeprecatedZone + name to pin the rack, using node affinity + type: string + required: + - name + type: object + type: array + replaceNodes: + description: Deprecated Use CassandraTask replacenode to achieve correct + node replacement. A list of pod names that need to be replaced. + items: + type: string + type: array + resources: + description: Kubernetes resource requests and limits, per pod + properties: + claims: + description: "Claims lists the names of resources, defined in + spec.resourceClaims, that are used by this container. \n This + is an alpha field and requires enabling the DynamicResourceAllocation + feature gate. \n This field is immutable. It can only be set + for containers." + items: + description: ResourceClaim references one entry in PodSpec.ResourceClaims. + properties: + name: + description: Name must match the name of one entry in pod.spec.resourceClaims + of the Pod where this field is used. It makes that resource + available inside a container. + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum amount of compute resources + allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum amount of compute + resources required. If Requests is omitted for a container, + it defaults to Limits if that is explicitly specified, otherwise + to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + type: object + rollingRestartRequested: + description: Deprecated. Use CassandraTask for rolling restarts. Whether + to do a rolling restart at the next opportunity. The operator will + set this back to false once the restart is in progress. + type: boolean + serverImage: + description: 'Cassandra server image name. Use of ImageConfig to match + ServerVersion is recommended instead of this value. This value will + override anything set in the ImageConfig matching the ServerVersion + More info: https://kubernetes.io/docs/concepts/containers/images' + type: string + serverType: + description: 'Server type: "cassandra" or "dse"' + enum: + - cassandra + - dse + type: string + serverVersion: + description: Version string for config builder, used to generate Cassandra + server configuration + pattern: (6\.8\.\d+)|(3\.11\.\d+)|(4\.\d+\.\d+)|(5\.\d+\.\d+)|(7\.\d+\.\d+) + type: string + serviceAccount: + description: Deprecated DeprecatedServiceAccount Use ServiceAccountName + instead, which takes precedence. The k8s service account to use + for the server pods + type: string + serviceAccountName: + description: ServiceAccountName is the Kubernetes service account + to use for the server pods. This takes presedence over DeprecatedServiceAccount + and both take precedence over setting it in the PodTemplateSpec. + type: string + size: + description: Desired number of Cassandra server nodes + format: int32 + minimum: 1 + type: integer + stopped: + description: A stopped CassandraDatacenter will have no running server + pods, like using "stop" with traditional System V init scripts. + Other Kubernetes resources will be left intact, and volumes will + re-attach when the CassandraDatacenter workload is resumed. + type: boolean + storageConfig: + description: StorageConfig describes the persistent storage request + of each server node + properties: + additionalVolumes: + items: + description: AdditionalVolumes defines additional storage configurations + properties: + mountPath: + description: Mount path into cassandra container + type: string + name: + description: Name of the pvc / volume + pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?' + type: string + pvcSpec: + description: PVCSpec is a persistent volume claim spec. + Either this or VolumeSource is required. + properties: + accessModes: + description: 'accessModes contains the desired access + modes the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1' + items: + type: string + type: array + dataSource: + description: 'dataSource field can be used to specify + either: * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) + * An existing PVC (PersistentVolumeClaim) If the provisioner + or an external controller can support the specified + data source, it will create a new volume based on + the contents of the specified data source. When the + AnyVolumeDataSource feature gate is enabled, dataSource + contents will be copied to dataSourceRef, and dataSourceRef + contents will be copied to dataSource when dataSourceRef.namespace + is not specified. If the namespace is specified, then + dataSourceRef will not be copied to dataSource.' + properties: + apiGroup: + description: APIGroup is the group for the resource + being referenced. If APIGroup is not specified, + the specified Kind must be in the core API group. + For any other third-party types, APIGroup is required. + type: string + kind: + description: Kind is the type of resource being + referenced + type: string + name: + description: Name is the name of resource being + referenced + type: string + required: + - kind + - name + type: object + x-kubernetes-map-type: atomic + dataSourceRef: + description: 'dataSourceRef specifies the object from + which to populate the volume with data, if a non-empty + volume is desired. This may be any object from a non-empty + API group (non core object) or a PersistentVolumeClaim + object. When this field is specified, volume binding + will only succeed if the type of the specified object + matches some installed volume populator or dynamic + provisioner. This field will replace the functionality + of the dataSource field and as such if both fields + are non-empty, they must have the same value. For + backwards compatibility, when namespace isn''t specified + in dataSourceRef, both fields (dataSource and dataSourceRef) + will be set to the same value automatically if one + of them is empty and the other is non-empty. When + namespace is specified in dataSourceRef, dataSource + isn''t set to the same value and must be empty. There + are three important differences between dataSource + and dataSourceRef: * While dataSource only allows + two specific types of objects, dataSourceRef allows + any non-core object, as well as PersistentVolumeClaim + objects. * While dataSource ignores disallowed values + (dropping them), dataSourceRef preserves all values, + and generates an error if a disallowed value is specified. + * While dataSource only allows local objects, dataSourceRef + allows objects in any namespaces. (Beta) Using this + field requires the AnyVolumeDataSource feature gate + to be enabled. (Alpha) Using the namespace field of + dataSourceRef requires the CrossNamespaceVolumeDataSource + feature gate to be enabled.' + properties: + apiGroup: + description: APIGroup is the group for the resource + being referenced. If APIGroup is not specified, + the specified Kind must be in the core API group. + For any other third-party types, APIGroup is required. + type: string + kind: + description: Kind is the type of resource being + referenced + type: string + name: + description: Name is the name of resource being + referenced + type: string + namespace: + description: Namespace is the namespace of resource + being referenced Note that when a namespace is + specified, a gateway.networking.k8s.io/ReferenceGrant + object is required in the referent namespace to + allow that namespace's owner to accept the reference. + See the ReferenceGrant documentation for details. + (Alpha) This field requires the CrossNamespaceVolumeDataSource + feature gate to be enabled. + type: string + required: + - kind + - name + type: object + resources: + description: 'resources represents the minimum resources + the volume should have. If RecoverVolumeExpansionFailure + feature is enabled users are allowed to specify resource + requirements that are lower than previous value but + must still be higher than capacity recorded in the + status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources' + properties: + claims: + description: "Claims lists the names of resources, + defined in spec.resourceClaims, that are used + by this container. \n This is an alpha field and + requires enabling the DynamicResourceAllocation + feature gate. \n This field is immutable. It can + only be set for containers." + items: + description: ResourceClaim references one entry + in PodSpec.ResourceClaims. + properties: + name: + description: Name must match the name of one + entry in pod.spec.resourceClaims of the + Pod where this field is used. It makes that + resource available inside a container. + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum amount + of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum amount + of compute resources required. If Requests is + omitted for a container, it defaults to Limits + if that is explicitly specified, otherwise to + an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + type: object + selector: + description: selector is a label query over volumes + to consider for binding. + properties: + matchExpressions: + description: matchExpressions is a list of label + selector requirements. The requirements are ANDed. + items: + description: A label selector requirement is a + selector that contains values, a key, and an + operator that relates the key and values. + properties: + key: + description: key is the label key that the + selector applies to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are + In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. If the + operator is Exists or DoesNotExist, the + values array must be empty. This array is + replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is "In", + and the values array contains only "value". The + requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + storageClassName: + description: 'storageClassName is the name of the StorageClass + required by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1' + type: string + volumeMode: + description: volumeMode defines what type of volume + is required by the claim. Value of Filesystem is implied + when not included in claim spec. + type: string + volumeName: + description: volumeName is the binding reference to + the PersistentVolume backing this claim. + type: string + type: object + volumeSource: + description: VolumeSource to mount the volume from (such + as ConfigMap / Secret). This or PVCSpec is required. + properties: + awsElasticBlockStore: + description: 'awsElasticBlockStore represents an AWS + Disk resource that is attached to a kubelet''s host + machine and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' + properties: + fsType: + description: 'fsType is the filesystem type of the + volume that you want to mount. Tip: Ensure that + the filesystem type is supported by the host operating + system. Examples: "ext4", "xfs", "ntfs". Implicitly + inferred to be "ext4" if unspecified. More info: + https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore + TODO: how do we prevent errors in the filesystem + from compromising the machine' + type: string + partition: + description: 'partition is the partition in the + volume that you want to mount. If omitted, the + default is to mount by volume name. Examples: + For volume /dev/sda1, you specify the partition + as "1". Similarly, the volume partition for /dev/sda + is "0" (or you can leave the property empty).' + format: int32 + type: integer + readOnly: + description: 'readOnly value true will force the + readOnly setting in VolumeMounts. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' + type: boolean + volumeID: + description: 'volumeID is unique ID of the persistent + disk resource in AWS (Amazon EBS volume). More + info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' + type: string + required: + - volumeID + type: object + azureDisk: + description: azureDisk represents an Azure Data Disk + mount on the host and bind mount to the pod. + properties: + cachingMode: + description: 'cachingMode is the Host Caching mode: + None, Read Only, Read Write.' + type: string + diskName: + description: diskName is the Name of the data disk + in the blob storage + type: string + diskURI: + description: diskURI is the URI of data disk in + the blob storage + type: string + fsType: + description: fsType is Filesystem type to mount. + Must be a filesystem type supported by the host + operating system. Ex. "ext4", "xfs", "ntfs". Implicitly + inferred to be "ext4" if unspecified. + type: string + kind: + description: 'kind expected values are Shared: multiple + blob disks per storage account Dedicated: single + blob disk per storage account Managed: azure + managed data disk (only in managed availability + set). defaults to shared' + type: string + readOnly: + description: readOnly Defaults to false (read/write). + ReadOnly here will force the ReadOnly setting + in VolumeMounts. + type: boolean + required: + - diskName + - diskURI + type: object + azureFile: + description: azureFile represents an Azure File Service + mount on the host and bind mount to the pod. + properties: + readOnly: + description: readOnly defaults to false (read/write). + ReadOnly here will force the ReadOnly setting + in VolumeMounts. + type: boolean + secretName: + description: secretName is the name of secret that + contains Azure Storage Account Name and Key + type: string + shareName: + description: shareName is the azure share Name + type: string + required: + - secretName + - shareName + type: object + cephfs: + description: cephFS represents a Ceph FS mount on the + host that shares a pod's lifetime + properties: + monitors: + description: 'monitors is Required: Monitors is + a collection of Ceph monitors More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' + items: + type: string + type: array + path: + description: 'path is Optional: Used as the mounted + root, rather than the full Ceph tree, default + is /' + type: string + readOnly: + description: 'readOnly is Optional: Defaults to + false (read/write). ReadOnly here will force the + ReadOnly setting in VolumeMounts. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' + type: boolean + secretFile: + description: 'secretFile is Optional: SecretFile + is the path to key ring for User, default is /etc/ceph/user.secret + More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' + type: string + secretRef: + description: 'secretRef is Optional: SecretRef is + reference to the authentication secret for User, + default is empty. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' + properties: + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + type: object + x-kubernetes-map-type: atomic + user: + description: 'user is optional: User is the rados + user name, default is admin More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' + type: string + required: + - monitors + type: object + cinder: + description: 'cinder represents a cinder volume attached + and mounted on kubelets host machine. More info: https://examples.k8s.io/mysql-cinder-pd/README.md' + properties: + fsType: + description: 'fsType is the filesystem type to mount. + Must be a filesystem type supported by the host + operating system. Examples: "ext4", "xfs", "ntfs". + Implicitly inferred to be "ext4" if unspecified. + More info: https://examples.k8s.io/mysql-cinder-pd/README.md' + type: string + readOnly: + description: 'readOnly defaults to false (read/write). + ReadOnly here will force the ReadOnly setting + in VolumeMounts. More info: https://examples.k8s.io/mysql-cinder-pd/README.md' + type: boolean + secretRef: + description: 'secretRef is optional: points to a + secret object containing parameters used to connect + to OpenStack.' + properties: + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + type: object + x-kubernetes-map-type: atomic + volumeID: + description: 'volumeID used to identify the volume + in cinder. More info: https://examples.k8s.io/mysql-cinder-pd/README.md' + type: string + required: + - volumeID + type: object + configMap: + description: configMap represents a configMap that should + populate this volume + properties: + defaultMode: + description: 'defaultMode is optional: mode bits + used to set permissions on created files by default. + Must be an octal value between 0000 and 0777 or + a decimal value between 0 and 511. YAML accepts + both octal and decimal values, JSON requires decimal + values for mode bits. Defaults to 0644. Directories + within the path are not affected by this setting. + This might be in conflict with other options that + affect the file mode, like fsGroup, and the result + can be other mode bits set.' + format: int32 + type: integer + items: + description: items if unspecified, each key-value + pair in the Data field of the referenced ConfigMap + will be projected into the volume as a file whose + name is the key and content is the value. If specified, + the listed keys will be projected into the specified + paths, and unlisted keys will not be present. + If a key is specified which is not present in + the ConfigMap, the volume setup will error unless + it is marked optional. Paths must be relative + and may not contain the '..' path or start with + '..'. + items: + description: Maps a string key to a path within + a volume. + properties: + key: + description: key is the key to project. + type: string + mode: + description: 'mode is Optional: mode bits + used to set permissions on this file. Must + be an octal value between 0000 and 0777 + or a decimal value between 0 and 511. YAML + accepts both octal and decimal values, JSON + requires decimal values for mode bits. If + not specified, the volume defaultMode will + be used. This might be in conflict with + other options that affect the file mode, + like fsGroup, and the result can be other + mode bits set.' + format: int32 + type: integer + path: + description: path is the relative path of + the file to map the key to. May not be an + absolute path. May not contain the path + element '..'. May not start with the string + '..'. + type: string + required: + - key + - path + type: object + type: array + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: optional specify whether the ConfigMap + or its keys must be defined + type: boolean + type: object + x-kubernetes-map-type: atomic + csi: + description: csi (Container Storage Interface) represents + ephemeral storage that is handled by certain external + CSI drivers (Beta feature). + properties: + driver: + description: driver is the name of the CSI driver + that handles this volume. Consult with your admin + for the correct name as registered in the cluster. + type: string + fsType: + description: fsType to mount. Ex. "ext4", "xfs", + "ntfs". If not provided, the empty value is passed + to the associated CSI driver which will determine + the default filesystem to apply. + type: string + nodePublishSecretRef: + description: nodePublishSecretRef is a reference + to the secret object containing sensitive information + to pass to the CSI driver to complete the CSI + NodePublishVolume and NodeUnpublishVolume calls. + This field is optional, and may be empty if no + secret is required. If the secret object contains + more than one secret, all secret references are + passed. + properties: + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + type: object + x-kubernetes-map-type: atomic + readOnly: + description: readOnly specifies a read-only configuration + for the volume. Defaults to false (read/write). + type: boolean + volumeAttributes: + additionalProperties: + type: string + description: volumeAttributes stores driver-specific + properties that are passed to the CSI driver. + Consult your driver's documentation for supported + values. + type: object + required: + - driver + type: object + downwardAPI: + description: downwardAPI represents downward API about + the pod that should populate this volume + properties: + defaultMode: + description: 'Optional: mode bits to use on created + files by default. Must be a Optional: mode bits + used to set permissions on created files by default. + Must be an octal value between 0000 and 0777 or + a decimal value between 0 and 511. YAML accepts + both octal and decimal values, JSON requires decimal + values for mode bits. Defaults to 0644. Directories + within the path are not affected by this setting. + This might be in conflict with other options that + affect the file mode, like fsGroup, and the result + can be other mode bits set.' + format: int32 + type: integer + items: + description: Items is a list of downward API volume + file + items: + description: DownwardAPIVolumeFile represents + information to create the file containing the + pod field + properties: + fieldRef: + description: 'Required: Selects a field of + the pod: only annotations, labels, name + and namespace are supported.' + properties: + apiVersion: + description: Version of the schema the + FieldPath is written in terms of, defaults + to "v1". + type: string + fieldPath: + description: Path of the field to select + in the specified API version. + type: string + required: + - fieldPath + type: object + x-kubernetes-map-type: atomic + mode: + description: 'Optional: mode bits used to + set permissions on this file, must be an + octal value between 0000 and 0777 or a decimal + value between 0 and 511. YAML accepts both + octal and decimal values, JSON requires + decimal values for mode bits. If not specified, + the volume defaultMode will be used. This + might be in conflict with other options + that affect the file mode, like fsGroup, + and the result can be other mode bits set.' + format: int32 + type: integer + path: + description: 'Required: Path is the relative + path name of the file to be created. Must + not be absolute or contain the ''..'' path. + Must be utf-8 encoded. The first item of + the relative path must not start with ''..''' + type: string + resourceFieldRef: + description: 'Selects a resource of the container: + only resources limits and requests (limits.cpu, + limits.memory, requests.cpu and requests.memory) + are currently supported.' + properties: + containerName: + description: 'Container name: required + for volumes, optional for env vars' + type: string + divisor: + anyOf: + - type: integer + - type: string + description: Specifies the output format + of the exposed resources, defaults to + "1" + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + description: 'Required: resource to select' + type: string + required: + - resource + type: object + x-kubernetes-map-type: atomic + required: + - path + type: object + type: array + type: object + emptyDir: + description: 'emptyDir represents a temporary directory + that shares a pod''s lifetime. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' + properties: + medium: + description: 'medium represents what type of storage + medium should back this directory. The default + is "" which means to use the node''s default medium. + Must be an empty string (default) or Memory. More + info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' + type: string + sizeLimit: + anyOf: + - type: integer + - type: string + description: 'sizeLimit is the total amount of local + storage required for this EmptyDir volume. The + size limit is also applicable for memory medium. + The maximum usage on memory medium EmptyDir would + be the minimum value between the SizeLimit specified + here and the sum of memory limits of all containers + in a pod. The default is nil which means that + the limit is undefined. More info: http://kubernetes.io/docs/user-guide/volumes#emptydir' + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + ephemeral: + description: "ephemeral represents a volume that is + handled by a cluster storage driver. The volume's + lifecycle is tied to the pod that defines it - it + will be created before the pod starts, and deleted + when the pod is removed. \n Use this if: a) the volume + is only needed while the pod runs, b) features of + normal volumes like restoring from snapshot or capacity + tracking are needed, c) the storage driver is specified + through a storage class, and d) the storage driver + supports dynamic volume provisioning through a PersistentVolumeClaim + (see EphemeralVolumeSource for more information on + the connection between this volume type and PersistentVolumeClaim). + \n Use PersistentVolumeClaim or one of the vendor-specific + APIs for volumes that persist for longer than the + lifecycle of an individual pod. \n Use CSI for light-weight + local ephemeral volumes if the CSI driver is meant + to be used that way - see the documentation of the + driver for more information. \n A pod can use both + types of ephemeral volumes and persistent volumes + at the same time." + properties: + volumeClaimTemplate: + description: "Will be used to create a stand-alone + PVC to provision the volume. The pod in which + this EphemeralVolumeSource is embedded will be + the owner of the PVC, i.e. the PVC will be deleted + together with the pod. The name of the PVC will + be `-` where `` + is the name from the `PodSpec.Volumes` array entry. + Pod validation will reject the pod if the concatenated + name is not valid for a PVC (for example, too + long). \n An existing PVC with that name that + is not owned by the pod will *not* be used for + the pod to avoid using an unrelated volume by + mistake. Starting the pod is then blocked until + the unrelated PVC is removed. If such a pre-created + PVC is meant to be used by the pod, the PVC has + to updated with an owner reference to the pod + once the pod exists. Normally this should not + be necessary, but it may be useful when manually + reconstructing a broken cluster. \n This field + is read-only and no changes will be made by Kubernetes + to the PVC after it has been created. \n Required, + must not be nil." + properties: + metadata: + description: May contain labels and annotations + that will be copied into the PVC when creating + it. No other fields are allowed and will be + rejected during validation. + properties: + annotations: + additionalProperties: + type: string + type: object + finalizers: + items: + type: string + type: array + labels: + additionalProperties: + type: string + type: object + name: + type: string + namespace: + type: string + type: object + spec: + description: The specification for the PersistentVolumeClaim. + The entire content is copied unchanged into + the PVC that gets created from this template. + The same fields as in a PersistentVolumeClaim + are also valid here. + properties: + accessModes: + description: 'accessModes contains the desired + access modes the volume should have. More + info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1' + items: + type: string + type: array + dataSource: + description: 'dataSource field can be used + to specify either: * An existing VolumeSnapshot + object (snapshot.storage.k8s.io/VolumeSnapshot) + * An existing PVC (PersistentVolumeClaim) + If the provisioner or an external controller + can support the specified data source, + it will create a new volume based on the + contents of the specified data source. + When the AnyVolumeDataSource feature gate + is enabled, dataSource contents will be + copied to dataSourceRef, and dataSourceRef + contents will be copied to dataSource + when dataSourceRef.namespace is not specified. + If the namespace is specified, then dataSourceRef + will not be copied to dataSource.' + properties: + apiGroup: + description: APIGroup is the group for + the resource being referenced. If + APIGroup is not specified, the specified + Kind must be in the core API group. + For any other third-party types, APIGroup + is required. + type: string + kind: + description: Kind is the type of resource + being referenced + type: string + name: + description: Name is the name of resource + being referenced + type: string + required: + - kind + - name + type: object + x-kubernetes-map-type: atomic + dataSourceRef: + description: 'dataSourceRef specifies the + object from which to populate the volume + with data, if a non-empty volume is desired. + This may be any object from a non-empty + API group (non core object) or a PersistentVolumeClaim + object. When this field is specified, + volume binding will only succeed if the + type of the specified object matches some + installed volume populator or dynamic + provisioner. This field will replace the + functionality of the dataSource field + and as such if both fields are non-empty, + they must have the same value. For backwards + compatibility, when namespace isn''t specified + in dataSourceRef, both fields (dataSource + and dataSourceRef) will be set to the + same value automatically if one of them + is empty and the other is non-empty. When + namespace is specified in dataSourceRef, + dataSource isn''t set to the same value + and must be empty. There are three important + differences between dataSource and dataSourceRef: + * While dataSource only allows two specific + types of objects, dataSourceRef allows + any non-core object, as well as PersistentVolumeClaim + objects. * While dataSource ignores disallowed + values (dropping them), dataSourceRef + preserves all values, and generates an + error if a disallowed value is specified. + * While dataSource only allows local objects, + dataSourceRef allows objects in any namespaces. + (Beta) Using this field requires the AnyVolumeDataSource + feature gate to be enabled. (Alpha) Using + the namespace field of dataSourceRef requires + the CrossNamespaceVolumeDataSource feature + gate to be enabled.' + properties: + apiGroup: + description: APIGroup is the group for + the resource being referenced. If + APIGroup is not specified, the specified + Kind must be in the core API group. + For any other third-party types, APIGroup + is required. + type: string + kind: + description: Kind is the type of resource + being referenced + type: string + name: + description: Name is the name of resource + being referenced + type: string + namespace: + description: Namespace is the namespace + of resource being referenced Note + that when a namespace is specified, + a gateway.networking.k8s.io/ReferenceGrant + object is required in the referent + namespace to allow that namespace's + owner to accept the reference. See + the ReferenceGrant documentation for + details. (Alpha) This field requires + the CrossNamespaceVolumeDataSource + feature gate to be enabled. + type: string + required: + - kind + - name + type: object + resources: + description: 'resources represents the minimum + resources the volume should have. If RecoverVolumeExpansionFailure + feature is enabled users are allowed to + specify resource requirements that are + lower than previous value but must still + be higher than capacity recorded in the + status field of the claim. More info: + https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources' + properties: + claims: + description: "Claims lists the names + of resources, defined in spec.resourceClaims, + that are used by this container. \n + This is an alpha field and requires + enabling the DynamicResourceAllocation + feature gate. \n This field is immutable. + It can only be set for containers." + items: + description: ResourceClaim references + one entry in PodSpec.ResourceClaims. + properties: + name: + description: Name must match the + name of one entry in pod.spec.resourceClaims + of the Pod where this field + is used. It makes that resource + available inside a container. + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum + amount of compute resources allowed. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the + minimum amount of compute resources + required. If Requests is omitted for + a container, it defaults to Limits + if that is explicitly specified, otherwise + to an implementation-defined value. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + type: object + selector: + description: selector is a label query over + volumes to consider for binding. + properties: + matchExpressions: + description: matchExpressions is a list + of label selector requirements. The + requirements are ANDed. + items: + description: A label selector requirement + is a selector that contains values, + a key, and an operator that relates + the key and values. + properties: + key: + description: key is the label + key that the selector applies + to. + type: string + operator: + description: operator represents + a key's relationship to a set + of values. Valid operators are + In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array + of string values. If the operator + is In or NotIn, the values array + must be non-empty. If the operator + is Exists or DoesNotExist, the + values array must be empty. + This array is replaced during + a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of + {key,value} pairs. A single {key,value} + in the matchLabels map is equivalent + to an element of matchExpressions, + whose key field is "key", the operator + is "In", and the values array contains + only "value". The requirements are + ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + storageClassName: + description: 'storageClassName is the name + of the StorageClass required by the claim. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1' + type: string + volumeMode: + description: volumeMode defines what type + of volume is required by the claim. Value + of Filesystem is implied when not included + in claim spec. + type: string + volumeName: + description: volumeName is the binding reference + to the PersistentVolume backing this claim. + type: string + type: object + required: + - spec + type: object + type: object + fc: + description: fc represents a Fibre Channel resource + that is attached to a kubelet's host machine and then + exposed to the pod. + properties: + fsType: + description: 'fsType is the filesystem type to mount. + Must be a filesystem type supported by the host + operating system. Ex. "ext4", "xfs", "ntfs". Implicitly + inferred to be "ext4" if unspecified. TODO: how + do we prevent errors in the filesystem from compromising + the machine' + type: string + lun: + description: 'lun is Optional: FC target lun number' + format: int32 + type: integer + readOnly: + description: 'readOnly is Optional: Defaults to + false (read/write). ReadOnly here will force the + ReadOnly setting in VolumeMounts.' + type: boolean + targetWWNs: + description: 'targetWWNs is Optional: FC target + worldwide names (WWNs)' + items: + type: string + type: array + wwids: + description: 'wwids Optional: FC volume world wide + identifiers (wwids) Either wwids or combination + of targetWWNs and lun must be set, but not both + simultaneously.' + items: + type: string + type: array + type: object + flexVolume: + description: flexVolume represents a generic volume + resource that is provisioned/attached using an exec + based plugin. + properties: + driver: + description: driver is the name of the driver to + use for this volume. + type: string + fsType: + description: fsType is the filesystem type to mount. + Must be a filesystem type supported by the host + operating system. Ex. "ext4", "xfs", "ntfs". The + default filesystem depends on FlexVolume script. + type: string + options: + additionalProperties: + type: string + description: 'options is Optional: this field holds + extra command options if any.' + type: object + readOnly: + description: 'readOnly is Optional: defaults to + false (read/write). ReadOnly here will force the + ReadOnly setting in VolumeMounts.' + type: boolean + secretRef: + description: 'secretRef is Optional: secretRef is + reference to the secret object containing sensitive + information to pass to the plugin scripts. This + may be empty if no secret object is specified. + If the secret object contains more than one secret, + all secrets are passed to the plugin scripts.' + properties: + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + type: object + x-kubernetes-map-type: atomic + required: + - driver + type: object + flocker: + description: flocker represents a Flocker volume attached + to a kubelet's host machine. This depends on the Flocker + control service being running + properties: + datasetName: + description: datasetName is Name of the dataset + stored as metadata -> name on the dataset for + Flocker should be considered as deprecated + type: string + datasetUUID: + description: datasetUUID is the UUID of the dataset. + This is unique identifier of a Flocker dataset + type: string + type: object + gcePersistentDisk: + description: 'gcePersistentDisk represents a GCE Disk + resource that is attached to a kubelet''s host machine + and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' + properties: + fsType: + description: 'fsType is filesystem type of the volume + that you want to mount. Tip: Ensure that the filesystem + type is supported by the host operating system. + Examples: "ext4", "xfs", "ntfs". Implicitly inferred + to be "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk + TODO: how do we prevent errors in the filesystem + from compromising the machine' + type: string + partition: + description: 'partition is the partition in the + volume that you want to mount. If omitted, the + default is to mount by volume name. Examples: + For volume /dev/sda1, you specify the partition + as "1". Similarly, the volume partition for /dev/sda + is "0" (or you can leave the property empty). + More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' + format: int32 + type: integer + pdName: + description: 'pdName is unique name of the PD resource + in GCE. Used to identify the disk in GCE. More + info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' + type: string + readOnly: + description: 'readOnly here will force the ReadOnly + setting in VolumeMounts. Defaults to false. More + info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' + type: boolean + required: + - pdName + type: object + gitRepo: + description: 'gitRepo represents a git repository at + a particular revision. DEPRECATED: GitRepo is deprecated. + To provision a container with a git repo, mount an + EmptyDir into an InitContainer that clones the repo + using git, then mount the EmptyDir into the Pod''s + container.' + properties: + directory: + description: directory is the target directory name. + Must not contain or start with '..'. If '.' is + supplied, the volume directory will be the git + repository. Otherwise, if specified, the volume + will contain the git repository in the subdirectory + with the given name. + type: string + repository: + description: repository is the URL + type: string + revision: + description: revision is the commit hash for the + specified revision. + type: string + required: + - repository + type: object + glusterfs: + description: 'glusterfs represents a Glusterfs mount + on the host that shares a pod''s lifetime. More info: + https://examples.k8s.io/volumes/glusterfs/README.md' + properties: + endpoints: + description: 'endpoints is the endpoint name that + details Glusterfs topology. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' + type: string + path: + description: 'path is the Glusterfs volume path. + More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' + type: string + readOnly: + description: 'readOnly here will force the Glusterfs + volume to be mounted with read-only permissions. + Defaults to false. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' + type: boolean + required: + - endpoints + - path + type: object + hostPath: + description: 'hostPath represents a pre-existing file + or directory on the host machine that is directly + exposed to the container. This is generally used for + system agents or other privileged things that are + allowed to see the host machine. Most containers will + NOT need this. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath + --- TODO(jonesdl) We need to restrict who can use + host directory mounts and who can/can not mount host + directories as read/write.' + properties: + path: + description: 'path of the directory on the host. + If the path is a symlink, it will follow the link + to the real path. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath' + type: string + type: + description: 'type for HostPath Volume Defaults + to "" More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath' + type: string + required: + - path + type: object + iscsi: + description: 'iscsi represents an ISCSI Disk resource + that is attached to a kubelet''s host machine and + then exposed to the pod. More info: https://examples.k8s.io/volumes/iscsi/README.md' + properties: + chapAuthDiscovery: + description: chapAuthDiscovery defines whether support + iSCSI Discovery CHAP authentication + type: boolean + chapAuthSession: + description: chapAuthSession defines whether support + iSCSI Session CHAP authentication + type: boolean + fsType: + description: 'fsType is the filesystem type of the + volume that you want to mount. Tip: Ensure that + the filesystem type is supported by the host operating + system. Examples: "ext4", "xfs", "ntfs". Implicitly + inferred to be "ext4" if unspecified. More info: + https://kubernetes.io/docs/concepts/storage/volumes#iscsi + TODO: how do we prevent errors in the filesystem + from compromising the machine' + type: string + initiatorName: + description: initiatorName is the custom iSCSI Initiator + Name. If initiatorName is specified with iscsiInterface + simultaneously, new iSCSI interface : will be created for the connection. + type: string + iqn: + description: iqn is the target iSCSI Qualified Name. + type: string + iscsiInterface: + description: iscsiInterface is the interface Name + that uses an iSCSI transport. Defaults to 'default' + (tcp). + type: string + lun: + description: lun represents iSCSI Target Lun number. + format: int32 + type: integer + portals: + description: portals is the iSCSI Target Portal + List. The portal is either an IP or ip_addr:port + if the port is other than default (typically TCP + ports 860 and 3260). + items: + type: string + type: array + readOnly: + description: readOnly here will force the ReadOnly + setting in VolumeMounts. Defaults to false. + type: boolean + secretRef: + description: secretRef is the CHAP Secret for iSCSI + target and initiator authentication + properties: + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + type: object + x-kubernetes-map-type: atomic + targetPortal: + description: targetPortal is iSCSI Target Portal. + The Portal is either an IP or ip_addr:port if + the port is other than default (typically TCP + ports 860 and 3260). + type: string + required: + - iqn + - lun + - targetPortal + type: object + nfs: + description: 'nfs represents an NFS mount on the host + that shares a pod''s lifetime More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' + properties: + path: + description: 'path that is exported by the NFS server. + More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' + type: string + readOnly: + description: 'readOnly here will force the NFS export + to be mounted with read-only permissions. Defaults + to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' + type: boolean + server: + description: 'server is the hostname or IP address + of the NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' + type: string + required: + - path + - server + type: object + persistentVolumeClaim: + description: 'persistentVolumeClaimVolumeSource represents + a reference to a PersistentVolumeClaim in the same + namespace. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' + properties: + claimName: + description: 'claimName is the name of a PersistentVolumeClaim + in the same namespace as the pod using this volume. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' + type: string + readOnly: + description: readOnly Will force the ReadOnly setting + in VolumeMounts. Default false. + type: boolean + required: + - claimName + type: object + photonPersistentDisk: + description: photonPersistentDisk represents a PhotonController + persistent disk attached and mounted on kubelets host + machine + properties: + fsType: + description: fsType is the filesystem type to mount. + Must be a filesystem type supported by the host + operating system. Ex. "ext4", "xfs", "ntfs". Implicitly + inferred to be "ext4" if unspecified. + type: string + pdID: + description: pdID is the ID that identifies Photon + Controller persistent disk + type: string + required: + - pdID + type: object + portworxVolume: + description: portworxVolume represents a portworx volume + attached and mounted on kubelets host machine + properties: + fsType: + description: fSType represents the filesystem type + to mount Must be a filesystem type supported by + the host operating system. Ex. "ext4", "xfs". + Implicitly inferred to be "ext4" if unspecified. + type: string + readOnly: + description: readOnly defaults to false (read/write). + ReadOnly here will force the ReadOnly setting + in VolumeMounts. + type: boolean + volumeID: + description: volumeID uniquely identifies a Portworx + volume + type: string + required: + - volumeID + type: object + projected: + description: projected items for all in one resources + secrets, configmaps, and downward API + properties: + defaultMode: + description: defaultMode are the mode bits used + to set permissions on created files by default. + Must be an octal value between 0000 and 0777 or + a decimal value between 0 and 511. YAML accepts + both octal and decimal values, JSON requires decimal + values for mode bits. Directories within the path + are not affected by this setting. This might be + in conflict with other options that affect the + file mode, like fsGroup, and the result can be + other mode bits set. + format: int32 + type: integer + sources: + description: sources is the list of volume projections + items: + description: Projection that may be projected + along with other supported volume types + properties: + configMap: + description: configMap information about the + configMap data to project + properties: + items: + description: items if unspecified, each + key-value pair in the Data field of + the referenced ConfigMap will be projected + into the volume as a file whose name + is the key and content is the value. + If specified, the listed keys will be + projected into the specified paths, + and unlisted keys will not be present. + If a key is specified which is not present + in the ConfigMap, the volume setup will + error unless it is marked optional. + Paths must be relative and may not contain + the '..' path or start with '..'. + items: + description: Maps a string key to a + path within a volume. + properties: + key: + description: key is the key to project. + type: string + mode: + description: 'mode is Optional: + mode bits used to set permissions + on this file. Must be an octal + value between 0000 and 0777 or + a decimal value between 0 and + 511. YAML accepts both octal and + decimal values, JSON requires + decimal values for mode bits. + If not specified, the volume defaultMode + will be used. This might be in + conflict with other options that + affect the file mode, like fsGroup, + and the result can be other mode + bits set.' + format: int32 + type: integer + path: + description: path is the relative + path of the file to map the key + to. May not be an absolute path. + May not contain the path element + '..'. May not start with the string + '..'. + type: string + required: + - key + - path + type: object + type: array + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: optional specify whether + the ConfigMap or its keys must be defined + type: boolean + type: object + x-kubernetes-map-type: atomic + downwardAPI: + description: downwardAPI information about + the downwardAPI data to project + properties: + items: + description: Items is a list of DownwardAPIVolume + file + items: + description: DownwardAPIVolumeFile represents + information to create the file containing + the pod field + properties: + fieldRef: + description: 'Required: Selects + a field of the pod: only annotations, + labels, name and namespace are + supported.' + properties: + apiVersion: + description: Version of the + schema the FieldPath is written + in terms of, defaults to "v1". + type: string + fieldPath: + description: Path of the field + to select in the specified + API version. + type: string + required: + - fieldPath + type: object + x-kubernetes-map-type: atomic + mode: + description: 'Optional: mode bits + used to set permissions on this + file, must be an octal value between + 0000 and 0777 or a decimal value + between 0 and 511. YAML accepts + both octal and decimal values, + JSON requires decimal values for + mode bits. If not specified, the + volume defaultMode will be used. + This might be in conflict with + other options that affect the + file mode, like fsGroup, and the + result can be other mode bits + set.' + format: int32 + type: integer + path: + description: 'Required: Path is the + relative path name of the file + to be created. Must not be absolute + or contain the ''..'' path. Must + be utf-8 encoded. The first item + of the relative path must not + start with ''..''' + type: string + resourceFieldRef: + description: 'Selects a resource + of the container: only resources + limits and requests (limits.cpu, + limits.memory, requests.cpu and + requests.memory) are currently + supported.' + properties: + containerName: + description: 'Container name: + required for volumes, optional + for env vars' + type: string + divisor: + anyOf: + - type: integer + - type: string + description: Specifies the output + format of the exposed resources, + defaults to "1" + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + description: 'Required: resource + to select' + type: string + required: + - resource + type: object + x-kubernetes-map-type: atomic + required: + - path + type: object + type: array + type: object + secret: + description: secret information about the + secret data to project + properties: + items: + description: items if unspecified, each + key-value pair in the Data field of + the referenced Secret will be projected + into the volume as a file whose name + is the key and content is the value. + If specified, the listed keys will be + projected into the specified paths, + and unlisted keys will not be present. + If a key is specified which is not present + in the Secret, the volume setup will + error unless it is marked optional. + Paths must be relative and may not contain + the '..' path or start with '..'. + items: + description: Maps a string key to a + path within a volume. + properties: + key: + description: key is the key to project. + type: string + mode: + description: 'mode is Optional: + mode bits used to set permissions + on this file. Must be an octal + value between 0000 and 0777 or + a decimal value between 0 and + 511. YAML accepts both octal and + decimal values, JSON requires + decimal values for mode bits. + If not specified, the volume defaultMode + will be used. This might be in + conflict with other options that + affect the file mode, like fsGroup, + and the result can be other mode + bits set.' + format: int32 + type: integer + path: + description: path is the relative + path of the file to map the key + to. May not be an absolute path. + May not contain the path element + '..'. May not start with the string + '..'. + type: string + required: + - key + - path + type: object + type: array + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: optional field specify whether + the Secret or its key must be defined + type: boolean + type: object + x-kubernetes-map-type: atomic + serviceAccountToken: + description: serviceAccountToken is information + about the serviceAccountToken data to project + properties: + audience: + description: audience is the intended + audience of the token. A recipient of + a token must identify itself with an + identifier specified in the audience + of the token, and otherwise should reject + the token. The audience defaults to + the identifier of the apiserver. + type: string + expirationSeconds: + description: expirationSeconds is the + requested duration of validity of the + service account token. As the token + approaches expiration, the kubelet volume + plugin will proactively rotate the service + account token. The kubelet will start + trying to rotate the token if the token + is older than 80 percent of its time + to live or if the token is older than + 24 hours.Defaults to 1 hour and must + be at least 10 minutes. + format: int64 + type: integer + path: + description: path is the path relative + to the mount point of the file to project + the token into. + type: string + required: + - path + type: object + type: object + type: array + type: object + quobyte: + description: quobyte represents a Quobyte mount on the + host that shares a pod's lifetime + properties: + group: + description: group to map volume access to Default + is no group + type: string + readOnly: + description: readOnly here will force the Quobyte + volume to be mounted with read-only permissions. + Defaults to false. + type: boolean + registry: + description: registry represents a single or multiple + Quobyte Registry services specified as a string + as host:port pair (multiple entries are separated + with commas) which acts as the central registry + for volumes + type: string + tenant: + description: tenant owning the given Quobyte volume + in the Backend Used with dynamically provisioned + Quobyte volumes, value is set by the plugin + type: string + user: + description: user to map volume access to Defaults + to serivceaccount user + type: string + volume: + description: volume is a string that references + an already created Quobyte volume by name. + type: string + required: + - registry + - volume + type: object + rbd: + description: 'rbd represents a Rados Block Device mount + on the host that shares a pod''s lifetime. More info: + https://examples.k8s.io/volumes/rbd/README.md' + properties: + fsType: + description: 'fsType is the filesystem type of the + volume that you want to mount. Tip: Ensure that + the filesystem type is supported by the host operating + system. Examples: "ext4", "xfs", "ntfs". Implicitly + inferred to be "ext4" if unspecified. More info: + https://kubernetes.io/docs/concepts/storage/volumes#rbd + TODO: how do we prevent errors in the filesystem + from compromising the machine' + type: string + image: + description: 'image is the rados image name. More + info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' + type: string + keyring: + description: 'keyring is the path to key ring for + RBDUser. Default is /etc/ceph/keyring. More info: + https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' + type: string + monitors: + description: 'monitors is a collection of Ceph monitors. + More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' + items: + type: string + type: array + pool: + description: 'pool is the rados pool name. Default + is rbd. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' + type: string + readOnly: + description: 'readOnly here will force the ReadOnly + setting in VolumeMounts. Defaults to false. More + info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' + type: boolean + secretRef: + description: 'secretRef is name of the authentication + secret for RBDUser. If provided overrides keyring. + Default is nil. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' + properties: + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + type: object + x-kubernetes-map-type: atomic + user: + description: 'user is the rados user name. Default + is admin. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' + type: string + required: + - image + - monitors + type: object + scaleIO: + description: scaleIO represents a ScaleIO persistent + volume attached and mounted on Kubernetes nodes. + properties: + fsType: + description: fsType is the filesystem type to mount. + Must be a filesystem type supported by the host + operating system. Ex. "ext4", "xfs", "ntfs". Default + is "xfs". + type: string + gateway: + description: gateway is the host address of the + ScaleIO API Gateway. + type: string + protectionDomain: + description: protectionDomain is the name of the + ScaleIO Protection Domain for the configured storage. + type: string + readOnly: + description: readOnly Defaults to false (read/write). + ReadOnly here will force the ReadOnly setting + in VolumeMounts. + type: boolean + secretRef: + description: secretRef references to the secret + for ScaleIO user and other sensitive information. + If this is not provided, Login operation will + fail. + properties: + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + type: object + x-kubernetes-map-type: atomic + sslEnabled: + description: sslEnabled Flag enable/disable SSL + communication with Gateway, default false + type: boolean + storageMode: + description: storageMode indicates whether the storage + for a volume should be ThickProvisioned or ThinProvisioned. + Default is ThinProvisioned. + type: string + storagePool: + description: storagePool is the ScaleIO Storage + Pool associated with the protection domain. + type: string + system: + description: system is the name of the storage system + as configured in ScaleIO. + type: string + volumeName: + description: volumeName is the name of a volume + already created in the ScaleIO system that is + associated with this volume source. + type: string + required: + - gateway + - secretRef + - system + type: object + secret: + description: 'secret represents a secret that should + populate this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' + properties: + defaultMode: + description: 'defaultMode is Optional: mode bits + used to set permissions on created files by default. + Must be an octal value between 0000 and 0777 or + a decimal value between 0 and 511. YAML accepts + both octal and decimal values, JSON requires decimal + values for mode bits. Defaults to 0644. Directories + within the path are not affected by this setting. + This might be in conflict with other options that + affect the file mode, like fsGroup, and the result + can be other mode bits set.' + format: int32 + type: integer + items: + description: items If unspecified, each key-value + pair in the Data field of the referenced Secret + will be projected into the volume as a file whose + name is the key and content is the value. If specified, + the listed keys will be projected into the specified + paths, and unlisted keys will not be present. + If a key is specified which is not present in + the Secret, the volume setup will error unless + it is marked optional. Paths must be relative + and may not contain the '..' path or start with + '..'. + items: + description: Maps a string key to a path within + a volume. + properties: + key: + description: key is the key to project. + type: string + mode: + description: 'mode is Optional: mode bits + used to set permissions on this file. Must + be an octal value between 0000 and 0777 + or a decimal value between 0 and 511. YAML + accepts both octal and decimal values, JSON + requires decimal values for mode bits. If + not specified, the volume defaultMode will + be used. This might be in conflict with + other options that affect the file mode, + like fsGroup, and the result can be other + mode bits set.' + format: int32 + type: integer + path: + description: path is the relative path of + the file to map the key to. May not be an + absolute path. May not contain the path + element '..'. May not start with the string + '..'. + type: string + required: + - key + - path + type: object + type: array + optional: + description: optional field specify whether the + Secret or its keys must be defined + type: boolean + secretName: + description: 'secretName is the name of the secret + in the pod''s namespace to use. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' + type: string + type: object + storageos: + description: storageOS represents a StorageOS volume + attached and mounted on Kubernetes nodes. + properties: + fsType: + description: fsType is the filesystem type to mount. + Must be a filesystem type supported by the host + operating system. Ex. "ext4", "xfs", "ntfs". Implicitly + inferred to be "ext4" if unspecified. + type: string + readOnly: + description: readOnly defaults to false (read/write). + ReadOnly here will force the ReadOnly setting + in VolumeMounts. + type: boolean + secretRef: + description: secretRef specifies the secret to use + for obtaining the StorageOS API credentials. If + not specified, default values will be attempted. + properties: + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + type: object + x-kubernetes-map-type: atomic + volumeName: + description: volumeName is the human-readable name + of the StorageOS volume. Volume names are only + unique within a namespace. + type: string + volumeNamespace: + description: volumeNamespace specifies the scope + of the volume within StorageOS. If no namespace + is specified then the Pod's namespace will be + used. This allows the Kubernetes name scoping + to be mirrored within StorageOS for tighter integration. + Set VolumeName to any name to override the default + behaviour. Set to "default" if you are not using + namespaces within StorageOS. Namespaces that do + not pre-exist within StorageOS will be created. + type: string + type: object + vsphereVolume: + description: vsphereVolume represents a vSphere volume + attached and mounted on kubelets host machine + properties: + fsType: + description: fsType is filesystem type to mount. + Must be a filesystem type supported by the host + operating system. Ex. "ext4", "xfs", "ntfs". Implicitly + inferred to be "ext4" if unspecified. + type: string + storagePolicyID: + description: storagePolicyID is the storage Policy + Based Management (SPBM) profile ID associated + with the StoragePolicyName. + type: string + storagePolicyName: + description: storagePolicyName is the storage Policy + Based Management (SPBM) profile name. + type: string + volumePath: + description: volumePath is the path that identifies + vSphere volume vmdk + type: string + required: + - volumePath + type: object + type: object + required: + - mountPath + - name + type: object + type: array + cassandraDataVolumeClaimSpec: + description: PersistentVolumeClaimSpec describes the common attributes + of storage devices and allows a Source for provider-specific + attributes + properties: + accessModes: + description: 'accessModes contains the desired access modes + the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1' + items: + type: string + type: array + dataSource: + description: 'dataSource field can be used to specify either: + * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) + * An existing PVC (PersistentVolumeClaim) If the provisioner + or an external controller can support the specified data + source, it will create a new volume based on the contents + of the specified data source. When the AnyVolumeDataSource + feature gate is enabled, dataSource contents will be copied + to dataSourceRef, and dataSourceRef contents will be copied + to dataSource when dataSourceRef.namespace is not specified. + If the namespace is specified, then dataSourceRef will not + be copied to dataSource.' + properties: + apiGroup: + description: APIGroup is the group for the resource being + referenced. If APIGroup is not specified, the specified + Kind must be in the core API group. For any other third-party + types, APIGroup is required. + type: string + kind: + description: Kind is the type of resource being referenced + type: string + name: + description: Name is the name of resource being referenced + type: string + required: + - kind + - name + type: object + x-kubernetes-map-type: atomic + dataSourceRef: + description: 'dataSourceRef specifies the object from which + to populate the volume with data, if a non-empty volume + is desired. This may be any object from a non-empty API + group (non core object) or a PersistentVolumeClaim object. + When this field is specified, volume binding will only succeed + if the type of the specified object matches some installed + volume populator or dynamic provisioner. This field will + replace the functionality of the dataSource field and as + such if both fields are non-empty, they must have the same + value. For backwards compatibility, when namespace isn''t + specified in dataSourceRef, both fields (dataSource and + dataSourceRef) will be set to the same value automatically + if one of them is empty and the other is non-empty. When + namespace is specified in dataSourceRef, dataSource isn''t + set to the same value and must be empty. There are three + important differences between dataSource and dataSourceRef: + * While dataSource only allows two specific types of objects, + dataSourceRef allows any non-core object, as well as PersistentVolumeClaim + objects. * While dataSource ignores disallowed values (dropping + them), dataSourceRef preserves all values, and generates + an error if a disallowed value is specified. * While dataSource + only allows local objects, dataSourceRef allows objects + in any namespaces. (Beta) Using this field requires the + AnyVolumeDataSource feature gate to be enabled. (Alpha) + Using the namespace field of dataSourceRef requires the + CrossNamespaceVolumeDataSource feature gate to be enabled.' + properties: + apiGroup: + description: APIGroup is the group for the resource being + referenced. If APIGroup is not specified, the specified + Kind must be in the core API group. For any other third-party + types, APIGroup is required. + type: string + kind: + description: Kind is the type of resource being referenced + type: string + name: + description: Name is the name of resource being referenced + type: string + namespace: + description: Namespace is the namespace of resource being + referenced Note that when a namespace is specified, + a gateway.networking.k8s.io/ReferenceGrant object is + required in the referent namespace to allow that namespace's + owner to accept the reference. See the ReferenceGrant + documentation for details. (Alpha) This field requires + the CrossNamespaceVolumeDataSource feature gate to be + enabled. + type: string + required: + - kind + - name + type: object + resources: + description: 'resources represents the minimum resources the + volume should have. If RecoverVolumeExpansionFailure feature + is enabled users are allowed to specify resource requirements + that are lower than previous value but must still be higher + than capacity recorded in the status field of the claim. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources' + properties: + claims: + description: "Claims lists the names of resources, defined + in spec.resourceClaims, that are used by this container. + \n This is an alpha field and requires enabling the + DynamicResourceAllocation feature gate. \n This field + is immutable. It can only be set for containers." + items: + description: ResourceClaim references one entry in PodSpec.ResourceClaims. + properties: + name: + description: Name must match the name of one entry + in pod.spec.resourceClaims of the Pod where this + field is used. It makes that resource available + inside a container. + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum amount of compute + resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum amount of + compute resources required. If Requests is omitted for + a container, it defaults to Limits if that is explicitly + specified, otherwise to an implementation-defined value. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + type: object + selector: + description: selector is a label query over volumes to consider + for binding. + properties: + matchExpressions: + description: matchExpressions is a list of label selector + requirements. The requirements are ANDed. + items: + description: A label selector requirement is a selector + that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector + applies to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are In, NotIn, + Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. + If the operator is In or NotIn, the values array + must be non-empty. If the operator is Exists or + DoesNotExist, the values array must be empty. + This array is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} pairs. + A single {key,value} in the matchLabels map is equivalent + to an element of matchExpressions, whose key field is + "key", the operator is "In", and the values array contains + only "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + storageClassName: + description: 'storageClassName is the name of the StorageClass + required by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1' + type: string + volumeMode: + description: volumeMode defines what type of volume is required + by the claim. Value of Filesystem is implied when not included + in claim spec. + type: string + volumeName: + description: volumeName is the binding reference to the PersistentVolume + backing this claim. + type: string + type: object + type: object + superuserSecretName: + description: This secret defines the username and password for the + Cassandra server superuser. If it is omitted, we will generate a + secret instead. + type: string + systemLoggerImage: + description: Container image for the log tailing sidecar container. + Overrides value from ImageConfig SystemLoggerImage + type: string + systemLoggerResources: + description: Kubernetes resource requests and limits per system logger + container. + properties: + claims: + description: "Claims lists the names of resources, defined in + spec.resourceClaims, that are used by this container. \n This + is an alpha field and requires enabling the DynamicResourceAllocation + feature gate. \n This field is immutable. It can only be set + for containers." + items: + description: ResourceClaim references one entry in PodSpec.ResourceClaims. + properties: + name: + description: Name must match the name of one entry in pod.spec.resourceClaims + of the Pod where this field is used. It makes that resource + available inside a container. + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum amount of compute resources + allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum amount of compute + resources required. If Requests is omitted for a container, + it defaults to Limits if that is explicitly specified, otherwise + to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + type: object + tolerations: + description: Tolerations applied to the Cassandra pod. Note that these + cannot be overridden with PodTemplateSpec. + items: + description: The pod this Toleration is attached to tolerates any + taint that matches the triple using the matching + operator . + properties: + effect: + description: Effect indicates the taint effect to match. Empty + means match all taint effects. When specified, allowed values + are NoSchedule, PreferNoSchedule and NoExecute. + type: string + key: + description: Key is the taint key that the toleration applies + to. Empty means match all taint keys. If the key is empty, + operator must be Exists; this combination means to match all + values and all keys. + type: string + operator: + description: Operator represents a key's relationship to the + value. Valid operators are Exists and Equal. Defaults to Equal. + Exists is equivalent to wildcard for value, so that a pod + can tolerate all taints of a particular category. + type: string + tolerationSeconds: + description: TolerationSeconds represents the period of time + the toleration (which must be of effect NoExecute, otherwise + this field is ignored) tolerates the taint. By default, it + is not set, which means tolerate the taint forever (do not + evict). Zero and negative values will be treated as 0 (evict + immediately) by the system. + format: int64 + type: integer + value: + description: Value is the taint value the toleration matches + to. If the operator is Exists, the value should be empty, + otherwise just a regular string. + type: string + type: object + type: array + users: + description: Cassandra users to bootstrap + items: + properties: + secretName: + type: string + superuser: + type: boolean + required: + - secretName + - superuser + type: object + type: array + required: + - clusterName + - serverType + - serverVersion + - size + - storageConfig + type: object + x-kubernetes-preserve-unknown-fields: true + status: + description: CassandraDatacenterStatus defines the observed state of CassandraDatacenter + properties: + cassandraOperatorProgress: + description: Last known progress state of the Cassandra Operator + type: string + conditions: + items: + properties: + lastTransitionTime: + format: date-time + type: string + message: + type: string + reason: + type: string + status: + type: string + type: + type: string + required: + - message + - reason + - status + - type + type: object + type: array + datacenterName: + description: DatacenterName is the name of the override used for the + CassandraDatacenter This field is used to perform validation checks + preventing a user from changing the override + type: string + lastRollingRestart: + format: date-time + type: string + lastServerNodeStarted: + description: The timestamp when the operator last started a Server + node with the management API + format: date-time + type: string + nodeReplacements: + items: + type: string + type: array + nodeStatuses: + additionalProperties: + properties: + hostID: + type: string + type: object + type: object + observedGeneration: + format: int64 + type: integer + quietPeriod: + format: date-time + type: string + superUserUpserted: + description: Deprecated. Use usersUpserted instead. The timestamp + at which CQL superuser credentials were last upserted to the management + API + format: date-time + type: string + trackedTasks: + description: TrackedTasks tracks the tasks for completion that were + created by the cass-operator + items: + description: "ObjectReference contains enough information to let + you inspect or modify the referred object. --- New uses of this + type are discouraged because of difficulty describing its usage + when embedded in APIs. 1. Ignored fields. It includes many fields + which are not generally honored. For instance, ResourceVersion + and FieldPath are both very rarely valid in actual usage. 2. Invalid + usage help. It is impossible to add specific help for individual + usage. In most embedded usages, there are particular restrictions + like, \"must refer only to types A and B\" or \"UID not honored\" + or \"name must be restricted\". Those cannot be well described + when embedded. 3. Inconsistent validation. Because the usages + are different, the validation rules are different by usage, which + makes it hard for users to predict what will happen. 4. The fields + are both imprecise and overly precise. Kind is not a precise + mapping to a URL. This can produce ambiguity during interpretation + and require a REST mapping. In most cases, the dependency is + on the group,resource tuple and the version of the actual struct + is irrelevant. 5. We cannot easily change it. Because this type + is embedded in many locations, updates to this type will affect + numerous schemas. Don't make new APIs embed an underspecified + API type they do not control. \n Instead of using this type, create + a locally provided and used type that is well-focused on your + reference. For example, ServiceReferences for admission registration: + https://github.com/kubernetes/api/blob/release-1.17/admissionregistration/v1/types.go#L533 + ." + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: 'If referring to a piece of an object instead of + an entire object, this string should contain a valid JSON/Go + field access statement, such as desiredState.manifest.containers[2]. + For example, if the object reference is to a container within + a pod, this would take on a value like: "spec.containers{name}" + (where "name" refers to the name of the container that triggered + the event) or if no container name is specified "spec.containers[2]" + (container with index 2 in this pod). This syntax is chosen + only to have some well-defined way of referencing a part of + an object. TODO: this design is not final and this field is + subject to change in the future.' + type: string + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + resourceVersion: + description: 'Specific resourceVersion to which this reference + is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + type: string + type: object + x-kubernetes-map-type: atomic + type: array + usersUpserted: + description: The timestamp at which managed cassandra users' credentials + were last upserted to the management API + format: date-time + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} + +--- +# Source: cass-operator/crds/cassandratasks.yaml +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.12.0 + name: cassandratasks.control.k8ssandra.io +spec: + group: control.k8ssandra.io + names: + kind: CassandraTask + listKind: CassandraTaskList + plural: cassandratasks + singular: cassandratask + scope: Namespaced + versions: + - additionalPrinterColumns: + - description: Datacenter which the task targets + jsonPath: .spec.datacenter.name + name: Datacenter + type: string + - description: The job that is executed + jsonPath: .spec.jobs[0].command + name: Job + type: string + - description: When the execution of the task is allowed at earliest + jsonPath: .spec.scheduledTime + name: Scheduled + type: date + - description: When the execution of the task started + jsonPath: .status.startTime + name: Started + type: date + - description: When the execution of the task finished + jsonPath: .status.completionTime + name: Completed + type: date + name: v1alpha1 + schema: + openAPIV3Schema: + description: CassandraTask is the Schema for the cassandrajobs API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: CassandraTaskSpec defines the desired state of CassandraTask + properties: + concurrencyPolicy: + description: 'Specifics if this task can be run concurrently with + other active tasks. Valid values are: - "Allow": allows multiple + Tasks to run concurrently on Cassandra cluster - "Forbid" (default): + only a single task is executed at once The "Allow" property is only + valid if all the other active Tasks have "Allow" as well.' + type: string + datacenter: + description: Which datacenter this task is targetting. Note, this + must be a datacenter which the current cass-operator can access + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: 'If referring to a piece of an object instead of + an entire object, this string should contain a valid JSON/Go + field access statement, such as desiredState.manifest.containers[2]. + For example, if the object reference is to a container within + a pod, this would take on a value like: "spec.containers{name}" + (where "name" refers to the name of the container that triggered + the event) or if no container name is specified "spec.containers[2]" + (container with index 2 in this pod). This syntax is chosen + only to have some well-defined way of referencing a part of + an object. TODO: this design is not final and this field is + subject to change in the future.' + type: string + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + resourceVersion: + description: 'Specific resourceVersion to which this reference + is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + type: string + type: object + x-kubernetes-map-type: atomic + jobs: + description: Jobs defines the jobs this task will execute (and their + order) + items: + properties: + args: + description: Arguments are additional parameters for the command + properties: + end_token: + type: string + jobs: + type: integer + keyspace_name: + type: string + new_tokens: + additionalProperties: + type: string + description: NewTokens is a map of pod names to their newly-assigned + tokens. Required for the move command, ignored otherwise. + Pods referenced in this map must exist; any existing pod + not referenced in this map will not be moved. + type: object + no_snapshot: + type: boolean + no_validate: + description: Scrub arguments + type: boolean + pod_name: + type: string + rack: + type: string + skip_corrupted: + type: boolean + source_datacenter: + type: string + split_output: + description: Compaction arguments + type: boolean + start_token: + type: string + tables: + items: + type: string + type: array + type: object + command: + description: Command defines what is run against Cassandra pods + type: string + name: + type: string + required: + - command + - name + type: object + type: array + restartPolicy: + description: RestartPolicy indicates the behavior n case of failure. + Default is Never. + type: string + scheduledTime: + description: ScheduledTime indicates the earliest possible time this + task is executed. This does not necessarily equal to the time it + is actually executed (if other tasks are blocking for example). + If not set, the task will be executed immediately. + format: date-time + type: string + ttlSecondsAfterFinished: + description: TTLSecondsAfterFinished defines how long the completed + job will kept before being cleaned up. If set to 0 the task will + not be cleaned up by the cass-operator. If unset, the default time + (86400s) is used. + format: int32 + type: integer + type: object + status: + description: CassandraTaskStatus defines the observed state of CassandraJob + properties: + active: + description: The number of actively running pods. + type: integer + completionTime: + description: Represents time when the job was completed. It is not + guaranteed to be set in happens-before order across separate operations. + It is represented in RFC3339 form and is in UTC. The completion + time is only set when the job finishes successfully. + format: date-time + type: string + conditions: + description: 'The latest available observations of an object''s current + state. When a Job fails, one of the conditions will have type "Failed" + and status true. When a Job is suspended, one of the conditions + will have type "Suspended" and status true; when the Job is resumed, + the status of this condition will become false. When a Job is completed, + one of the conditions will have type "Complete" and status true. + More info: https://kubernetes.io/docs/concepts/workloads/controllers/jobs-run-to-completion/' + items: + description: "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + \n type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + properties: + lastTransitionTime: + description: lastTransitionTime is the last time the condition + transitioned from one status to another. This should be when + the underlying condition changed. If that is not known, then + using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: message is a human readable message indicating + details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: observedGeneration represents the .metadata.generation + that the condition was set based upon. For instance, if .metadata.generation + is currently 12, but the .status.conditions[x].observedGeneration + is 9, the condition is out of date with respect to the current + state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: reason contains a programmatic identifier indicating + the reason for the condition's last transition. Producers + of specific condition types may define expected values and + meanings for this field, and whether the values are considered + a guaranteed API. The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: type of condition in CamelCase or in foo.example.com/CamelCase. + --- Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + x-kubernetes-list-type: atomic + failed: + description: The number of pods which reached phase Failed. + type: integer + startTime: + description: Represents time when the job controller started processing + a job. When a Job is created in the suspended state, this field + is not set until the first time it is resumed. This field is reset + every time a Job is resumed from suspension. It is represented in + RFC3339 form and is in UTC. + format: date-time + type: string + succeeded: + description: The number of pods which reached phase Succeeded. + type: integer + type: object + type: object + served: true + storage: true + subresources: + status: {} + +--- +# Source: cass-operator/templates/serviceaccount.yaml +apiVersion: v1 +kind: ServiceAccount +metadata: + name: cass-operator + labels: + app.kubernetes.io/name: cass-operator + helm.sh/chart: cass-operator-0.47.0 + app.kubernetes.io/instance: cass-operator + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/part-of: k8ssandra-cass-operator-default +secrets: + - name: cass-operator-token +--- +# Source: cass-operator/templates/configmap.yaml +kind: ConfigMap +metadata: + name: cass-operator-manager-config + labels: + app.kubernetes.io/name: cass-operator + helm.sh/chart: cass-operator-0.47.0 + app.kubernetes.io/instance: cass-operator + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/part-of: k8ssandra-cass-operator-default +apiVersion: v1 +data: + controller_manager_config.yaml: | + apiVersion: config.k8ssandra.io/v1beta1 + kind: OperatorConfig + health: + healthProbeBindAddress: :8081 + metrics: + bindAddress: :8080 + webhook: + port: 9443 + leaderElection: + leaderElect: true + resourceName: b569adb7.cassandra.datastax.com + disableWebhooks: true + imageConfigFile: /configs/image_config.yaml + image_config.yaml: | + apiVersion: config.k8ssandra.io/v1beta1 + kind: ImageConfig + images: + system-logger: cr.k8ssandra.io/k8ssandra/system-logger:v1.19.0 + config-builder: cr.dtsx.io/datastax/cass-config-builder:1.0-ubi8 + k8ssandra-client: cr.k8ssandra.io/k8ssandra/k8ssandra-client:v0.2.2 + imagePullPolicy: IfNotPresent + defaults: + # Note, postfix is ignored if repository is not set + cassandra: + repository: "cr.k8ssandra.io/k8ssandra/cass-management-api" + suffix;: "-ubi8" + dse: + repository: "cr.dtsx.io/datastax/dse-mgmtapi-6_8" + suffix: "-ubi8" +--- +# Source: cass-operator/templates/clusterrole.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: cass-operator-cr + labels: + app.kubernetes.io/name: cass-operator + helm.sh/chart: cass-operator-0.47.0 + app.kubernetes.io/instance: cass-operator + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/part-of: k8ssandra-cass-operator-default +rules: + - apiGroups: + - "" + resources: + - nodes + - persistentvolumes + verbs: + - get + - list + - watch +--- +# Source: cass-operator/templates/clusterrolebinding.yaml +kind: ClusterRoleBinding +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: cass-operator-cr + labels: + app.kubernetes.io/name: cass-operator + helm.sh/chart: cass-operator-0.47.0 + app.kubernetes.io/instance: cass-operator + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/part-of: k8ssandra-cass-operator-default +subjects: + - kind: ServiceAccount + name: cass-operator + namespace: default +roleRef: + kind: ClusterRole + name: cass-operator-cr + apiGroup: rbac.authorization.k8s.io +--- +# Source: cass-operator/templates/leader_election_role.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: cass-operator-leader + labels: + app.kubernetes.io/name: cass-operator + helm.sh/chart: cass-operator-0.47.0 + app.kubernetes.io/instance: cass-operator + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/part-of: k8ssandra-cass-operator-default +rules: + - apiGroups: + - "" + - coordination.k8s.io + resources: + - configmaps + - leases + verbs: + - get + - list + - watch + - create + - update + - patch + - delete + - apiGroups: + - "" + resources: + - events + verbs: + - create + - patch +--- +# Source: cass-operator/templates/role.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: cass-operator + labels: + app.kubernetes.io/name: cass-operator + helm.sh/chart: cass-operator-0.47.0 + app.kubernetes.io/instance: cass-operator + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/part-of: k8ssandra-cass-operator-default +rules: + - apiGroups: + - apps + resources: + - daemonsets + - deployments + - replicasets + - statefulsets + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - apps + resources: + - deployments/finalizers + verbs: + - update + - apiGroups: + - cassandra.datastax.com + resources: + - cassandradatacenters + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - cassandra.datastax.com + resources: + - cassandradatacenters/finalizers + verbs: + - delete + - update + - apiGroups: + - cassandra.datastax.com + resources: + - cassandradatacenters/status + verbs: + - get + - patch + - update + - apiGroups: + - control.k8ssandra.io + resources: + - cassandratasks + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - control.k8ssandra.io + resources: + - cassandratasks/finalizers + verbs: + - update + - apiGroups: + - control.k8ssandra.io + resources: + - cassandratasks/status + verbs: + - get + - patch + - update + - apiGroups: + - "" + resources: + - configmaps + - endpoints + - events + - persistentvolumeclaims + - pods + - secrets + - services + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - "" + resources: + - events + - pods + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - "" + resources: + - namespaces + verbs: + - get + - apiGroups: + - policy + resources: + - poddisruptionbudgets + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +--- +# Source: cass-operator/templates/leader_election_role_binding.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: cass-operator-leader + labels: + app.kubernetes.io/name: cass-operator + helm.sh/chart: cass-operator-0.47.0 + app.kubernetes.io/instance: cass-operator + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/part-of: k8ssandra-cass-operator-default +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: cass-operator-leader +subjects: + - kind: ServiceAccount + name: cass-operator +--- +# Source: cass-operator/templates/rolebinding.yaml +kind: RoleBinding +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: cass-operator + labels: + app.kubernetes.io/name: cass-operator + helm.sh/chart: cass-operator-0.47.0 + app.kubernetes.io/instance: cass-operator + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/part-of: k8ssandra-cass-operator-default +subjects: + - kind: ServiceAccount + name: cass-operator +roleRef: + kind: Role + name: cass-operator + apiGroup: rbac.authorization.k8s.io +--- +# Source: cass-operator/templates/deployment.yaml +apiVersion: apps/v1 +kind: Deployment +metadata: + name: cass-operator + labels: + app.kubernetes.io/name: cass-operator + helm.sh/chart: cass-operator-0.47.0 + app.kubernetes.io/instance: cass-operator + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/part-of: k8ssandra-cass-operator-default + control-plane: cass-operator-controller-manager +spec: + replicas: 1 + selector: + matchLabels: + app.kubernetes.io/name: cass-operator + app.kubernetes.io/instance: cass-operator + app.kubernetes.io/part-of: k8ssandra-cass-operator-default + template: + metadata: + labels: + app.kubernetes.io/name: cass-operator + helm.sh/chart: cass-operator-0.47.0 + app.kubernetes.io/instance: cass-operator + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/part-of: k8ssandra-cass-operator-default + control-plane: cass-operator-controller-manager + spec: + serviceAccountName: cass-operator + securityContext: + {} + containers: + - name: cass-operator + args: + - --config=/configs/controller_manager_config.yaml + command: + - /manager + securityContext: + readOnlyRootFilesystem: true + runAsGroup: 65534 + runAsNonRoot: true + runAsUser: 65534 + image: cr.k8ssandra.io/k8ssandra/cass-operator:v1.19.0 + imagePullPolicy: IfNotPresent + ports: + - containerPort: 8080 + name: metrics + protocol: TCP + volumeMounts: + - mountPath: /configs + name: manager-config + livenessProbe: + httpGet: + path: /healthz + port: 8081 + initialDelaySeconds: 15 + periodSeconds: 20 + readinessProbe: + httpGet: + path: /readyz + port: 8081 + initialDelaySeconds: 5 + periodSeconds: 10 + resources: + {} + env: + - name: WATCH_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + volumes: + - configMap: + name: cass-operator-manager-config + name: manager-config \ No newline at end of file diff --git a/data/k8ssandra_cass-operator/k8ssandra_seed_cr.yaml b/data/k8ssandra_cass-operator/k8ssandra_seed_cr.yaml new file mode 100644 index 0000000000..6608237203 --- /dev/null +++ b/data/k8ssandra_cass-operator/k8ssandra_seed_cr.yaml @@ -0,0 +1,28 @@ +apiVersion: cassandra.datastax.com/v1beta1 +kind: CassandraDatacenter +metadata: + name: test-cluster +spec: + clusterName: cluster1 + serverType: cassandra + serverVersion: 4.0.1 + managementApiAuth: + insecure: {} + size: 1 + storageConfig: + cassandraDataVolumeClaimSpec: + storageClassName: server-storage + accessModes: + - ReadWriteOnce + resources: + requests: + storage: 1Gi + config: + jvm-server-options: + initial_heap_size: "300m" + max_heap_size: "300m" + cassandra-yaml: + num_tokens: 16 + authenticator: PasswordAuthenticator + authorizer: CassandraAuthorizer + role_manager: CassandraRoleManager \ No newline at end of file diff --git a/data/k8ssandra_cass-operator/k8sssandra_config.json b/data/k8ssandra_cass-operator/k8sssandra_config.json new file mode 100644 index 0000000000..85aa81962d --- /dev/null +++ b/data/k8ssandra_cass-operator/k8sssandra_config.json @@ -0,0 +1,31 @@ +{ + "deploy": { + "steps": [ + { + "apply": { + "namespace": null, + "file": "k8sssandra_cass-operator/cert-manager.yaml" + } + }, + { + "wait": { + "duration": 10 + } + }, + { + "apply": { + "file": "k8sssandra_cass-operator/cass-crd.yaml", + "operator": true + } + }, + { + "wait": { + "duration": 10 + } + } + ] + }, + "crd_name": "cassandradatacenters.cassandra.datastax.com", + "seed_custom_resource": "k8sssandra_cass-operator/cr_sample.yaml", + "kubernetes_version": "v1.29.1" +} \ No newline at end of file From 8058d110fe98127d6119c1e288f181b0c9378c5a Mon Sep 17 00:00:00 2001 From: Tianyang Zhou Date: Sun, 17 Mar 2024 15:41:19 -0500 Subject: [PATCH 37/38] port zalando_postgres-operator (#362) --- .../acid.zalan.do_postgresqls.yaml | 4978 +++++++++++++++++ .../api-service.yaml | 12 + data/zalando_postgres-operator/configmap.yaml | 169 + data/zalando_postgres-operator/context.json | 978 ++++ .../operator-service-account-rbac.yaml | 290 + .../postgres-operator.yaml | 45 + .../zalando_postgres-operator-config.json | 39 + .../zalando_postgres-operator-cr.yaml | 21 + 8 files changed, 6532 insertions(+) create mode 100644 data/zalando_postgres-operator/acid.zalan.do_postgresqls.yaml create mode 100644 data/zalando_postgres-operator/api-service.yaml create mode 100644 data/zalando_postgres-operator/configmap.yaml create mode 100644 data/zalando_postgres-operator/context.json create mode 100644 data/zalando_postgres-operator/operator-service-account-rbac.yaml create mode 100644 data/zalando_postgres-operator/postgres-operator.yaml create mode 100644 data/zalando_postgres-operator/zalando_postgres-operator-config.json create mode 100644 data/zalando_postgres-operator/zalando_postgres-operator-cr.yaml diff --git a/data/zalando_postgres-operator/acid.zalan.do_postgresqls.yaml b/data/zalando_postgres-operator/acid.zalan.do_postgresqls.yaml new file mode 100644 index 0000000000..7bae45337c --- /dev/null +++ b/data/zalando_postgres-operator/acid.zalan.do_postgresqls.yaml @@ -0,0 +1,4978 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: postgresqls.acid.zalan.do +spec: + group: acid.zalan.do + names: + kind: postgresql + listKind: postgresqlList + plural: postgresqls + singular: postgresql + shortNames: + - pg + categories: + - all + scope: Namespaced + versions: + - name: v1 + served: true + storage: true + subresources: + status: {} + additionalPrinterColumns: + - name: Team + type: string + description: Team responsible for Postgres cluster + jsonPath: .spec.teamId + - name: Version + type: string + description: PostgreSQL version + jsonPath: .spec.postgresql.version + - name: Pods + type: integer + description: Number of Pods per Postgres cluster + jsonPath: .spec.numberOfInstances + - name: Volume + type: string + description: Size of the bound volume + jsonPath: .spec.volume.size + - name: CPU-Request + type: string + description: Requested CPU for Postgres containers + jsonPath: .spec.resources.requests.cpu + - name: Memory-Request + type: string + description: Requested memory for Postgres containers + jsonPath: .spec.resources.requests.memory + - name: Age + type: date + jsonPath: .metadata.creationTimestamp + - name: Status + type: string + description: Current sync status of postgresql resource + jsonPath: .status.PostgresClusterStatus + schema: + openAPIV3Schema: + type: object + required: + - kind + - apiVersion + - spec + properties: + kind: + type: string + enum: + - postgresql + apiVersion: + type: string + enum: + - acid.zalan.do/v1 + spec: + type: object + required: + - numberOfInstances + - teamId + - postgresql + - volume + properties: + additionalVolumes: + type: array + items: + type: object + required: + - name + - mountPath + - volumeSource + properties: + name: + type: string + mountPath: + type: string + targetContainers: + type: array + nullable: true + items: + type: string + volumeSource: + description: Represents the source of a volume to mount. Only + one of its members may be specified. + properties: + awsElasticBlockStore: + description: 'awsElasticBlockStore represents an AWS Disk + resource that is attached to a kubelet''s host machine + and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' + properties: + fsType: + description: 'fsType is the filesystem type of the volume + that you want to mount. Tip: Ensure that the filesystem + type is supported by the host operating system. Examples: + "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" + if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore + TODO: how do we prevent errors in the filesystem from + compromising the machine' + type: string + partition: + description: 'partition is the partition in the volume + that you want to mount. If omitted, the default is + to mount by volume name. Examples: For volume /dev/sda1, + you specify the partition as "1". Similarly, the volume + partition for /dev/sda is "0" (or you can leave the + property empty).' + format: int32 + type: integer + readOnly: + description: 'readOnly value true will force the readOnly + setting in VolumeMounts. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' + type: boolean + volumeID: + description: 'volumeID is unique ID of the persistent + disk resource in AWS (Amazon EBS volume). More info: + https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' + type: string + required: + - volumeID + type: object + azureDisk: + description: azureDisk represents an Azure Data Disk mount + on the host and bind mount to the pod. + properties: + cachingMode: + description: 'cachingMode is the Host Caching mode: + None, Read Only, Read Write.' + type: string + diskName: + description: diskName is the Name of the data disk in + the blob storage + type: string + diskURI: + description: diskURI is the URI of data disk in the + blob storage + type: string + fsType: + description: fsType is Filesystem type to mount. Must + be a filesystem type supported by the host operating + system. Ex. "ext4", "xfs", "ntfs". Implicitly inferred + to be "ext4" if unspecified. + type: string + kind: + description: 'kind expected values are Shared: multiple + blob disks per storage account Dedicated: single + blob disk per storage account Managed: azure managed + data disk (only in managed availability set). defaults + to shared' + type: string + readOnly: + description: readOnly Defaults to false (read/write). + ReadOnly here will force the ReadOnly setting in VolumeMounts. + type: boolean + required: + - diskName + - diskURI + type: object + azureFile: + description: azureFile represents an Azure File Service + mount on the host and bind mount to the pod. + properties: + readOnly: + description: readOnly defaults to false (read/write). + ReadOnly here will force the ReadOnly setting in VolumeMounts. + type: boolean + secretName: + description: secretName is the name of secret that + contains Azure Storage Account Name and Key + type: string + shareName: + description: shareName is the azure share Name + type: string + required: + - secretName + - shareName + type: object + cephfs: + description: cephFS represents a Ceph FS mount on the host + that shares a pod's lifetime + properties: + monitors: + description: 'monitors is Required: Monitors is a collection + of Ceph monitors More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' + items: + type: string + type: array + path: + description: 'path is Optional: Used as the mounted + root, rather than the full Ceph tree, default is /' + type: string + readOnly: + description: 'readOnly is Optional: Defaults to false + (read/write). ReadOnly here will force the ReadOnly + setting in VolumeMounts. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' + type: boolean + secretFile: + description: 'secretFile is Optional: SecretFile is + the path to key ring for User, default is /etc/ceph/user.secret + More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' + type: string + secretRef: + description: 'secretRef is Optional: SecretRef is reference + to the authentication secret for User, default is + empty. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + type: object + x-kubernetes-map-type: atomic + user: + description: 'user is optional: User is the rados user + name, default is admin More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' + type: string + required: + - monitors + type: object + cinder: + description: 'cinder represents a cinder volume attached + and mounted on kubelets host machine. More info: https://examples.k8s.io/mysql-cinder-pd/README.md' + properties: + fsType: + description: 'fsType is the filesystem type to mount. + Must be a filesystem type supported by the host operating + system. Examples: "ext4", "xfs", "ntfs". Implicitly + inferred to be "ext4" if unspecified. More info: https://examples.k8s.io/mysql-cinder-pd/README.md' + type: string + readOnly: + description: 'readOnly defaults to false (read/write). + ReadOnly here will force the ReadOnly setting in VolumeMounts. + More info: https://examples.k8s.io/mysql-cinder-pd/README.md' + type: boolean + secretRef: + description: 'secretRef is optional: points to a secret + object containing parameters used to connect to OpenStack.' + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + type: object + x-kubernetes-map-type: atomic + volumeID: + description: 'volumeID used to identify the volume in + cinder. More info: https://examples.k8s.io/mysql-cinder-pd/README.md' + type: string + required: + - volumeID + type: object + configMap: + description: configMap represents a configMap that should + populate this volume + properties: + defaultMode: + description: 'defaultMode is optional: mode bits used + to set permissions on created files by default. Must + be an octal value between 0000 and 0777 or a decimal + value between 0 and 511. YAML accepts both octal and + decimal values, JSON requires decimal values for mode + bits. Defaults to 0644. Directories within the path + are not affected by this setting. This might be in + conflict with other options that affect the file mode, + like fsGroup, and the result can be other mode bits + set.' + format: int32 + type: integer + items: + description: items if unspecified, each key-value pair + in the Data field of the referenced ConfigMap will + be projected into the volume as a file whose name + is the key and content is the value. If specified, + the listed keys will be projected into the specified + paths, and unlisted keys will not be present. If a + key is specified which is not present in the ConfigMap, + the volume setup will error unless it is marked optional. + Paths must be relative and may not contain the '..' + path or start with '..'. + items: + description: Maps a string key to a path within a + volume. + properties: + key: + description: key is the key to project. + type: string + mode: + description: 'mode is Optional: mode bits used + to set permissions on this file. Must be an + octal value between 0000 and 0777 or a decimal + value between 0 and 511. YAML accepts both octal + and decimal values, JSON requires decimal values + for mode bits. If not specified, the volume + defaultMode will be used. This might be in conflict + with other options that affect the file mode, + like fsGroup, and the result can be other mode + bits set.' + format: int32 + type: integer + path: + description: path is the relative path of the + file to map the key to. May not be an absolute + path. May not contain the path element '..'. + May not start with the string '..'. + type: string + required: + - key + - path + type: object + type: array + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + optional: + description: optional specify whether the ConfigMap + or its keys must be defined + type: boolean + type: object + x-kubernetes-map-type: atomic + csi: + description: csi (Container Storage Interface) represents + ephemeral storage that is handled by certain external + CSI drivers (Beta feature). + properties: + driver: + description: driver is the name of the CSI driver that + handles this volume. Consult with your admin for the + correct name as registered in the cluster. + type: string + fsType: + description: fsType to mount. Ex. "ext4", "xfs", "ntfs". + If not provided, the empty value is passed to the + associated CSI driver which will determine the default + filesystem to apply. + type: string + nodePublishSecretRef: + description: nodePublishSecretRef is a reference to + the secret object containing sensitive information + to pass to the CSI driver to complete the CSI NodePublishVolume + and NodeUnpublishVolume calls. This field is optional, + and may be empty if no secret is required. If the + secret object contains more than one secret, all secret + references are passed. + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + type: object + x-kubernetes-map-type: atomic + readOnly: + description: readOnly specifies a read-only configuration + for the volume. Defaults to false (read/write). + type: boolean + volumeAttributes: + additionalProperties: + type: string + description: volumeAttributes stores driver-specific + properties that are passed to the CSI driver. Consult + your driver's documentation for supported values. + type: object + required: + - driver + type: object + downwardAPI: + description: downwardAPI represents downward API about the + pod that should populate this volume + properties: + defaultMode: + description: 'Optional: mode bits to use on created + files by default. Must be a Optional: mode bits used + to set permissions on created files by default. Must + be an octal value between 0000 and 0777 or a decimal + value between 0 and 511. YAML accepts both octal and + decimal values, JSON requires decimal values for mode + bits. Defaults to 0644. Directories within the path + are not affected by this setting. This might be in + conflict with other options that affect the file mode, + like fsGroup, and the result can be other mode bits + set.' + format: int32 + type: integer + items: + description: Items is a list of downward API volume + file + items: + description: DownwardAPIVolumeFile represents information + to create the file containing the pod field + properties: + fieldRef: + description: 'Required: Selects a field of the + pod: only annotations, labels, name and namespace + are supported.' + properties: + apiVersion: + description: Version of the schema the FieldPath + is written in terms of, defaults to "v1". + type: string + fieldPath: + description: Path of the field to select in + the specified API version. + type: string + required: + - fieldPath + type: object + x-kubernetes-map-type: atomic + mode: + description: 'Optional: mode bits used to set + permissions on this file, must be an octal value + between 0000 and 0777 or a decimal value between + 0 and 511. YAML accepts both octal and decimal + values, JSON requires decimal values for mode + bits. If not specified, the volume defaultMode + will be used. This might be in conflict with + other options that affect the file mode, like + fsGroup, and the result can be other mode bits + set.' + format: int32 + type: integer + path: + description: 'Required: Path is the relative + path name of the file to be created. Must not + be absolute or contain the ''..'' path. Must + be utf-8 encoded. The first item of the relative + path must not start with ''..''' + type: string + resourceFieldRef: + description: 'Selects a resource of the container: + only resources limits and requests (limits.cpu, + limits.memory, requests.cpu and requests.memory) + are currently supported.' + properties: + containerName: + description: 'Container name: required for + volumes, optional for env vars' + type: string + divisor: + anyOf: + - type: integer + - type: string + description: Specifies the output format of + the exposed resources, defaults to "1" + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + description: 'Required: resource to select' + type: string + required: + - resource + type: object + x-kubernetes-map-type: atomic + required: + - path + type: object + type: array + type: object + emptyDir: + description: 'emptyDir represents a temporary directory + that shares a pod''s lifetime. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' + properties: + medium: + description: 'medium represents what type of storage + medium should back this directory. The default is + "" which means to use the node''s default medium. + Must be an empty string (default) or Memory. More + info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' + type: string + sizeLimit: + anyOf: + - type: integer + - type: string + description: 'sizeLimit is the total amount of local + storage required for this EmptyDir volume. The size + limit is also applicable for memory medium. The maximum + usage on memory medium EmptyDir would be the minimum + value between the SizeLimit specified here and the + sum of memory limits of all containers in a pod. The + default is nil which means that the limit is undefined. + More info: http://kubernetes.io/docs/user-guide/volumes#emptydir' + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + ephemeral: + description: "ephemeral represents a volume that is handled + by a cluster storage driver. The volume's lifecycle is + tied to the pod that defines it - it will be created before + the pod starts, and deleted when the pod is removed. \n + Use this if: a) the volume is only needed while the pod + runs, b) features of normal volumes like restoring from + snapshot or capacity tracking are needed, c) the storage + driver is specified through a storage class, and d) the + storage driver supports dynamic volume provisioning through + a PersistentVolumeClaim (see EphemeralVolumeSource for + more information on the connection between this volume + type and PersistentVolumeClaim). \n Use PersistentVolumeClaim + or one of the vendor-specific APIs for volumes that persist + for longer than the lifecycle of an individual pod. \n + Use CSI for light-weight local ephemeral volumes if the + CSI driver is meant to be used that way - see the documentation + of the driver for more information. \n A pod can use both + types of ephemeral volumes and persistent volumes at the + same time." + properties: + volumeClaimTemplate: + description: "Will be used to create a stand-alone PVC + to provision the volume. The pod in which this EphemeralVolumeSource + is embedded will be the owner of the PVC, i.e. the + PVC will be deleted together with the pod. The name + of the PVC will be `-` where + `` is the name from the `PodSpec.Volumes` + array entry. Pod validation will reject the pod if + the concatenated name is not valid for a PVC (for + example, too long). \n An existing PVC with that name + that is not owned by the pod will *not* be used for + the pod to avoid using an unrelated volume by mistake. + Starting the pod is then blocked until the unrelated + PVC is removed. If such a pre-created PVC is meant + to be used by the pod, the PVC has to updated with + an owner reference to the pod once the pod exists. + Normally this should not be necessary, but it may + be useful when manually reconstructing a broken cluster. + \n This field is read-only and no changes will be + made by Kubernetes to the PVC after it has been created. + \n Required, must not be nil." + properties: + metadata: + description: May contain labels and annotations + that will be copied into the PVC when creating + it. No other fields are allowed and will be rejected + during validation. + type: object + spec: + description: The specification for the PersistentVolumeClaim. + The entire content is copied unchanged into the + PVC that gets created from this template. The + same fields as in a PersistentVolumeClaim are + also valid here. + properties: + accessModes: + description: 'accessModes contains the desired + access modes the volume should have. More + info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1' + items: + type: string + type: array + dataSource: + description: 'dataSource field can be used to + specify either: * An existing VolumeSnapshot + object (snapshot.storage.k8s.io/VolumeSnapshot) + * An existing PVC (PersistentVolumeClaim) + If the provisioner or an external controller + can support the specified data source, it + will create a new volume based on the contents + of the specified data source. If the AnyVolumeDataSource + feature gate is enabled, this field will always + have the same contents as the DataSourceRef + field.' + properties: + apiGroup: + description: APIGroup is the group for the + resource being referenced. If APIGroup + is not specified, the specified Kind must + be in the core API group. For any other + third-party types, APIGroup is required. + type: string + kind: + description: Kind is the type of resource + being referenced + type: string + name: + description: Name is the name of resource + being referenced + type: string + required: + - kind + - name + type: object + x-kubernetes-map-type: atomic + dataSourceRef: + description: 'dataSourceRef specifies the object + from which to populate the volume with data, + if a non-empty volume is desired. This may + be any local object from a non-empty API group + (non core object) or a PersistentVolumeClaim + object. When this field is specified, volume + binding will only succeed if the type of the + specified object matches some installed volume + populator or dynamic provisioner. This field + will replace the functionality of the DataSource + field and as such if both fields are non-empty, + they must have the same value. For backwards + compatibility, both fields (DataSource and + DataSourceRef) will be set to the same value + automatically if one of them is empty and + the other is non-empty. There are two important + differences between DataSource and DataSourceRef: + * While DataSource only allows two specific + types of objects, DataSourceRef allows any + non-core object, as well as PersistentVolumeClaim + objects. * While DataSource ignores disallowed + values (dropping them), DataSourceRef preserves + all values, and generates an error if a disallowed + value is specified. (Beta) Using this field + requires the AnyVolumeDataSource feature gate + to be enabled.' + properties: + apiGroup: + description: APIGroup is the group for the + resource being referenced. If APIGroup + is not specified, the specified Kind must + be in the core API group. For any other + third-party types, APIGroup is required. + type: string + kind: + description: Kind is the type of resource + being referenced + type: string + name: + description: Name is the name of resource + being referenced + type: string + required: + - kind + - name + type: object + x-kubernetes-map-type: atomic + resources: + description: 'resources represents the minimum + resources the volume should have. If RecoverVolumeExpansionFailure + feature is enabled users are allowed to specify + resource requirements that are lower than + previous value but must still be higher than + capacity recorded in the status field of the + claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources' + properties: + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum + amount of compute resources allowed. More + info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum + amount of compute resources required. + If Requests is omitted for a container, + it defaults to Limits if that is explicitly + specified, otherwise to an implementation-defined + value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + type: object + selector: + description: selector is a label query over + volumes to consider for binding. + properties: + matchExpressions: + description: matchExpressions is a list + of label selector requirements. The requirements + are ANDed. + items: + description: A label selector requirement + is a selector that contains values, + a key, and an operator that relates + the key and values. + properties: + key: + description: key is the label key + that the selector applies to. + type: string + operator: + description: operator represents a + key's relationship to a set of values. + Valid operators are In, NotIn, Exists + and DoesNotExist. + type: string + values: + description: values is an array of + string values. If the operator is + In or NotIn, the values array must + be non-empty. If the operator is + Exists or DoesNotExist, the values + array must be empty. This array + is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator + is "In", and the values array contains + only "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + storageClassName: + description: 'storageClassName is the name of + the StorageClass required by the claim. More + info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1' + type: string + volumeMode: + description: volumeMode defines what type of + volume is required by the claim. Value of + Filesystem is implied when not included in + claim spec. + type: string + volumeName: + description: volumeName is the binding reference + to the PersistentVolume backing this claim. + type: string + type: object + required: + - spec + type: object + type: object + fc: + description: fc represents a Fibre Channel resource that + is attached to a kubelet's host machine and then exposed + to the pod. + properties: + fsType: + description: 'fsType is the filesystem type to mount. + Must be a filesystem type supported by the host operating + system. Ex. "ext4", "xfs", "ntfs". Implicitly inferred + to be "ext4" if unspecified. TODO: how do we prevent + errors in the filesystem from compromising the machine' + type: string + lun: + description: 'lun is Optional: FC target lun number' + format: int32 + type: integer + readOnly: + description: 'readOnly is Optional: Defaults to false + (read/write). ReadOnly here will force the ReadOnly + setting in VolumeMounts.' + type: boolean + targetWWNs: + description: 'targetWWNs is Optional: FC target worldwide + names (WWNs)' + items: + type: string + type: array + wwids: + description: 'wwids Optional: FC volume world wide identifiers + (wwids) Either wwids or combination of targetWWNs + and lun must be set, but not both simultaneously.' + items: + type: string + type: array + type: object + flexVolume: + description: flexVolume represents a generic volume resource + that is provisioned/attached using an exec based plugin. + properties: + driver: + description: driver is the name of the driver to use + for this volume. + type: string + fsType: + description: fsType is the filesystem type to mount. + Must be a filesystem type supported by the host operating + system. Ex. "ext4", "xfs", "ntfs". The default filesystem + depends on FlexVolume script. + type: string + options: + additionalProperties: + type: string + description: 'options is Optional: this field holds + extra command options if any.' + type: object + readOnly: + description: 'readOnly is Optional: defaults to false + (read/write). ReadOnly here will force the ReadOnly + setting in VolumeMounts.' + type: boolean + secretRef: + description: 'secretRef is Optional: secretRef is reference + to the secret object containing sensitive information + to pass to the plugin scripts. This may be empty if + no secret object is specified. If the secret object + contains more than one secret, all secrets are passed + to the plugin scripts.' + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + type: object + x-kubernetes-map-type: atomic + required: + - driver + type: object + flocker: + description: flocker represents a Flocker volume attached + to a kubelet's host machine. This depends on the Flocker + control service being running + properties: + datasetName: + description: datasetName is Name of the dataset stored + as metadata -> name on the dataset for Flocker should + be considered as deprecated + type: string + datasetUUID: + description: datasetUUID is the UUID of the dataset. + This is unique identifier of a Flocker dataset + type: string + type: object + gcePersistentDisk: + description: 'gcePersistentDisk represents a GCE Disk resource + that is attached to a kubelet''s host machine and then + exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' + properties: + fsType: + description: 'fsType is filesystem type of the volume + that you want to mount. Tip: Ensure that the filesystem + type is supported by the host operating system. Examples: + "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" + if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk + TODO: how do we prevent errors in the filesystem from + compromising the machine' + type: string + partition: + description: 'partition is the partition in the volume + that you want to mount. If omitted, the default is + to mount by volume name. Examples: For volume /dev/sda1, + you specify the partition as "1". Similarly, the volume + partition for /dev/sda is "0" (or you can leave the + property empty). More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' + format: int32 + type: integer + pdName: + description: 'pdName is unique name of the PD resource + in GCE. Used to identify the disk in GCE. More info: + https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' + type: string + readOnly: + description: 'readOnly here will force the ReadOnly + setting in VolumeMounts. Defaults to false. More info: + https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' + type: boolean + required: + - pdName + type: object + gitRepo: + description: 'gitRepo represents a git repository at a particular + revision. DEPRECATED: GitRepo is deprecated. To provision + a container with a git repo, mount an EmptyDir into an + InitContainer that clones the repo using git, then mount + the EmptyDir into the Pod''s container.' + properties: + directory: + description: directory is the target directory name. + Must not contain or start with '..'. If '.' is supplied, + the volume directory will be the git repository. Otherwise, + if specified, the volume will contain the git repository + in the subdirectory with the given name. + type: string + repository: + description: repository is the URL + type: string + revision: + description: revision is the commit hash for the specified + revision. + type: string + required: + - repository + type: object + glusterfs: + description: 'glusterfs represents a Glusterfs mount on + the host that shares a pod''s lifetime. More info: https://examples.k8s.io/volumes/glusterfs/README.md' + properties: + endpoints: + description: 'endpoints is the endpoint name that details + Glusterfs topology. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' + type: string + path: + description: 'path is the Glusterfs volume path. More + info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' + type: string + readOnly: + description: 'readOnly here will force the Glusterfs + volume to be mounted with read-only permissions. Defaults + to false. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' + type: boolean + required: + - endpoints + - path + type: object + hostPath: + description: 'hostPath represents a pre-existing file or + directory on the host machine that is directly exposed + to the container. This is generally used for system agents + or other privileged things that are allowed to see the + host machine. Most containers will NOT need this. More + info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath + --- TODO(jonesdl) We need to restrict who can use host + directory mounts and who can/can not mount host directories + as read/write.' + properties: + path: + description: 'path of the directory on the host. If + the path is a symlink, it will follow the link to + the real path. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath' + type: string + type: + description: 'type for HostPath Volume Defaults to "" + More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath' + type: string + required: + - path + type: object + iscsi: + description: 'iscsi represents an ISCSI Disk resource that + is attached to a kubelet''s host machine and then exposed + to the pod. More info: https://examples.k8s.io/volumes/iscsi/README.md' + properties: + chapAuthDiscovery: + description: chapAuthDiscovery defines whether support + iSCSI Discovery CHAP authentication + type: boolean + chapAuthSession: + description: chapAuthSession defines whether support + iSCSI Session CHAP authentication + type: boolean + fsType: + description: 'fsType is the filesystem type of the volume + that you want to mount. Tip: Ensure that the filesystem + type is supported by the host operating system. Examples: + "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" + if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi + TODO: how do we prevent errors in the filesystem from + compromising the machine' + type: string + initiatorName: + description: initiatorName is the custom iSCSI Initiator + Name. If initiatorName is specified with iscsiInterface + simultaneously, new iSCSI interface : will be created for the connection. + type: string + iqn: + description: iqn is the target iSCSI Qualified Name. + type: string + iscsiInterface: + description: iscsiInterface is the interface Name that + uses an iSCSI transport. Defaults to 'default' (tcp). + type: string + lun: + description: lun represents iSCSI Target Lun number. + format: int32 + type: integer + portals: + description: portals is the iSCSI Target Portal List. + The portal is either an IP or ip_addr:port if the + port is other than default (typically TCP ports 860 + and 3260). + items: + type: string + type: array + readOnly: + description: readOnly here will force the ReadOnly setting + in VolumeMounts. Defaults to false. + type: boolean + secretRef: + description: secretRef is the CHAP Secret for iSCSI + target and initiator authentication + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + type: object + x-kubernetes-map-type: atomic + targetPortal: + description: targetPortal is iSCSI Target Portal. The + Portal is either an IP or ip_addr:port if the port + is other than default (typically TCP ports 860 and + 3260). + type: string + required: + - iqn + - lun + - targetPortal + type: object + nfs: + description: 'nfs represents an NFS mount on the host that + shares a pod''s lifetime More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' + properties: + path: + description: 'path that is exported by the NFS server. + More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' + type: string + readOnly: + description: 'readOnly here will force the NFS export + to be mounted with read-only permissions. Defaults + to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' + type: boolean + server: + description: 'server is the hostname or IP address of + the NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' + type: string + required: + - path + - server + type: object + persistentVolumeClaim: + description: 'persistentVolumeClaimVolumeSource represents + a reference to a PersistentVolumeClaim in the same namespace. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' + properties: + claimName: + description: 'claimName is the name of a PersistentVolumeClaim + in the same namespace as the pod using this volume. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' + type: string + readOnly: + description: readOnly Will force the ReadOnly setting + in VolumeMounts. Default false. + type: boolean + required: + - claimName + type: object + photonPersistentDisk: + description: photonPersistentDisk represents a PhotonController + persistent disk attached and mounted on kubelets host + machine + properties: + fsType: + description: fsType is the filesystem type to mount. + Must be a filesystem type supported by the host operating + system. Ex. "ext4", "xfs", "ntfs". Implicitly inferred + to be "ext4" if unspecified. + type: string + pdID: + description: pdID is the ID that identifies Photon Controller + persistent disk + type: string + required: + - pdID + type: object + portworxVolume: + description: portworxVolume represents a portworx volume + attached and mounted on kubelets host machine + properties: + fsType: + description: fSType represents the filesystem type to + mount Must be a filesystem type supported by the host + operating system. Ex. "ext4", "xfs". Implicitly inferred + to be "ext4" if unspecified. + type: string + readOnly: + description: readOnly defaults to false (read/write). + ReadOnly here will force the ReadOnly setting in VolumeMounts. + type: boolean + volumeID: + description: volumeID uniquely identifies a Portworx + volume + type: string + required: + - volumeID + type: object + projected: + description: projected items for all in one resources secrets, + configmaps, and downward API + properties: + defaultMode: + description: defaultMode are the mode bits used to set + permissions on created files by default. Must be an + octal value between 0000 and 0777 or a decimal value + between 0 and 511. YAML accepts both octal and decimal + values, JSON requires decimal values for mode bits. + Directories within the path are not affected by this + setting. This might be in conflict with other options + that affect the file mode, like fsGroup, and the result + can be other mode bits set. + format: int32 + type: integer + sources: + description: sources is the list of volume projections + items: + description: Projection that may be projected along + with other supported volume types + properties: + configMap: + description: configMap information about the configMap + data to project + properties: + items: + description: items if unspecified, each key-value + pair in the Data field of the referenced + ConfigMap will be projected into the volume + as a file whose name is the key and content + is the value. If specified, the listed keys + will be projected into the specified paths, + and unlisted keys will not be present. If + a key is specified which is not present + in the ConfigMap, the volume setup will + error unless it is marked optional. Paths + must be relative and may not contain the + '..' path or start with '..'. + items: + description: Maps a string key to a path + within a volume. + properties: + key: + description: key is the key to project. + type: string + mode: + description: 'mode is Optional: mode + bits used to set permissions on this + file. Must be an octal value between + 0000 and 0777 or a decimal value between + 0 and 511. YAML accepts both octal + and decimal values, JSON requires + decimal values for mode bits. If not + specified, the volume defaultMode + will be used. This might be in conflict + with other options that affect the + file mode, like fsGroup, and the result + can be other mode bits set.' + format: int32 + type: integer + path: + description: path is the relative path + of the file to map the key to. May + not be an absolute path. May not contain + the path element '..'. May not start + with the string '..'. + type: string + required: + - key + - path + type: object + type: array + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: optional specify whether the + ConfigMap or its keys must be defined + type: boolean + type: object + x-kubernetes-map-type: atomic + downwardAPI: + description: downwardAPI information about the + downwardAPI data to project + properties: + items: + description: Items is a list of DownwardAPIVolume + file + items: + description: DownwardAPIVolumeFile represents + information to create the file containing + the pod field + properties: + fieldRef: + description: 'Required: Selects a field + of the pod: only annotations, labels, + name and namespace are supported.' + properties: + apiVersion: + description: Version of the schema + the FieldPath is written in terms + of, defaults to "v1". + type: string + fieldPath: + description: Path of the field to + select in the specified API version. + type: string + required: + - fieldPath + type: object + x-kubernetes-map-type: atomic + mode: + description: 'Optional: mode bits used + to set permissions on this file, must + be an octal value between 0000 and + 0777 or a decimal value between 0 + and 511. YAML accepts both octal and + decimal values, JSON requires decimal + values for mode bits. If not specified, + the volume defaultMode will be used. + This might be in conflict with other + options that affect the file mode, + like fsGroup, and the result can be + other mode bits set.' + format: int32 + type: integer + path: + description: 'Required: Path is the + relative path name of the file to + be created. Must not be absolute or + contain the ''..'' path. Must be utf-8 + encoded. The first item of the relative + path must not start with ''..''' + type: string + resourceFieldRef: + description: 'Selects a resource of + the container: only resources limits + and requests (limits.cpu, limits.memory, + requests.cpu and requests.memory) + are currently supported.' + properties: + containerName: + description: 'Container name: required + for volumes, optional for env + vars' + type: string + divisor: + anyOf: + - type: integer + - type: string + description: Specifies the output + format of the exposed resources, + defaults to "1" + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + description: 'Required: resource + to select' + type: string + required: + - resource + type: object + x-kubernetes-map-type: atomic + required: + - path + type: object + type: array + type: object + secret: + description: secret information about the secret + data to project + properties: + items: + description: items if unspecified, each key-value + pair in the Data field of the referenced + Secret will be projected into the volume + as a file whose name is the key and content + is the value. If specified, the listed keys + will be projected into the specified paths, + and unlisted keys will not be present. If + a key is specified which is not present + in the Secret, the volume setup will error + unless it is marked optional. Paths must + be relative and may not contain the '..' + path or start with '..'. + items: + description: Maps a string key to a path + within a volume. + properties: + key: + description: key is the key to project. + type: string + mode: + description: 'mode is Optional: mode + bits used to set permissions on this + file. Must be an octal value between + 0000 and 0777 or a decimal value between + 0 and 511. YAML accepts both octal + and decimal values, JSON requires + decimal values for mode bits. If not + specified, the volume defaultMode + will be used. This might be in conflict + with other options that affect the + file mode, like fsGroup, and the result + can be other mode bits set.' + format: int32 + type: integer + path: + description: path is the relative path + of the file to map the key to. May + not be an absolute path. May not contain + the path element '..'. May not start + with the string '..'. + type: string + required: + - key + - path + type: object + type: array + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: optional field specify whether + the Secret or its key must be defined + type: boolean + type: object + x-kubernetes-map-type: atomic + serviceAccountToken: + description: serviceAccountToken is information + about the serviceAccountToken data to project + properties: + audience: + description: audience is the intended audience + of the token. A recipient of a token must + identify itself with an identifier specified + in the audience of the token, and otherwise + should reject the token. The audience defaults + to the identifier of the apiserver. + type: string + expirationSeconds: + description: expirationSeconds is the requested + duration of validity of the service account + token. As the token approaches expiration, + the kubelet volume plugin will proactively + rotate the service account token. The kubelet + will start trying to rotate the token if + the token is older than 80 percent of its + time to live or if the token is older than + 24 hours.Defaults to 1 hour and must be + at least 10 minutes. + format: int64 + type: integer + path: + description: path is the path relative to + the mount point of the file to project the + token into. + type: string + required: + - path + type: object + type: object + type: array + type: object + quobyte: + description: quobyte represents a Quobyte mount on the host + that shares a pod's lifetime + properties: + group: + description: group to map volume access to Default is + no group + type: string + readOnly: + description: readOnly here will force the Quobyte volume + to be mounted with read-only permissions. Defaults + to false. + type: boolean + registry: + description: registry represents a single or multiple + Quobyte Registry services specified as a string as + host:port pair (multiple entries are separated with + commas) which acts as the central registry for volumes + type: string + tenant: + description: tenant owning the given Quobyte volume + in the Backend Used with dynamically provisioned Quobyte + volumes, value is set by the plugin + type: string + user: + description: user to map volume access to Defaults to + serivceaccount user + type: string + volume: + description: volume is a string that references an already + created Quobyte volume by name. + type: string + required: + - registry + - volume + type: object + rbd: + description: 'rbd represents a Rados Block Device mount + on the host that shares a pod''s lifetime. More info: + https://examples.k8s.io/volumes/rbd/README.md' + properties: + fsType: + description: 'fsType is the filesystem type of the volume + that you want to mount. Tip: Ensure that the filesystem + type is supported by the host operating system. Examples: + "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" + if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#rbd + TODO: how do we prevent errors in the filesystem from + compromising the machine' + type: string + image: + description: 'image is the rados image name. More info: + https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' + type: string + keyring: + description: 'keyring is the path to key ring for RBDUser. + Default is /etc/ceph/keyring. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' + type: string + monitors: + description: 'monitors is a collection of Ceph monitors. + More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' + items: + type: string + type: array + pool: + description: 'pool is the rados pool name. Default is + rbd. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' + type: string + readOnly: + description: 'readOnly here will force the ReadOnly + setting in VolumeMounts. Defaults to false. More info: + https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' + type: boolean + secretRef: + description: 'secretRef is name of the authentication + secret for RBDUser. If provided overrides keyring. + Default is nil. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + type: object + x-kubernetes-map-type: atomic + user: + description: 'user is the rados user name. Default is + admin. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' + type: string + required: + - image + - monitors + type: object + scaleIO: + description: scaleIO represents a ScaleIO persistent volume + attached and mounted on Kubernetes nodes. + properties: + fsType: + description: fsType is the filesystem type to mount. + Must be a filesystem type supported by the host operating + system. Ex. "ext4", "xfs", "ntfs". Default is "xfs". + type: string + gateway: + description: gateway is the host address of the ScaleIO + API Gateway. + type: string + protectionDomain: + description: protectionDomain is the name of the ScaleIO + Protection Domain for the configured storage. + type: string + readOnly: + description: readOnly Defaults to false (read/write). + ReadOnly here will force the ReadOnly setting in VolumeMounts. + type: boolean + secretRef: + description: secretRef references to the secret for + ScaleIO user and other sensitive information. If this + is not provided, Login operation will fail. + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + type: object + x-kubernetes-map-type: atomic + sslEnabled: + description: sslEnabled Flag enable/disable SSL communication + with Gateway, default false + type: boolean + storageMode: + description: storageMode indicates whether the storage + for a volume should be ThickProvisioned or ThinProvisioned. + Default is ThinProvisioned. + type: string + storagePool: + description: storagePool is the ScaleIO Storage Pool + associated with the protection domain. + type: string + system: + description: system is the name of the storage system + as configured in ScaleIO. + type: string + volumeName: + description: volumeName is the name of a volume already + created in the ScaleIO system that is associated with + this volume source. + type: string + required: + - gateway + - secretRef + - system + type: object + secret: + description: 'secret represents a secret that should populate + this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' + properties: + defaultMode: + description: 'defaultMode is Optional: mode bits used + to set permissions on created files by default. Must + be an octal value between 0000 and 0777 or a decimal + value between 0 and 511. YAML accepts both octal and + decimal values, JSON requires decimal values for mode + bits. Defaults to 0644. Directories within the path + are not affected by this setting. This might be in + conflict with other options that affect the file mode, + like fsGroup, and the result can be other mode bits + set.' + format: int32 + type: integer + items: + description: items If unspecified, each key-value pair + in the Data field of the referenced Secret will be + projected into the volume as a file whose name is + the key and content is the value. If specified, the + listed keys will be projected into the specified paths, + and unlisted keys will not be present. If a key is + specified which is not present in the Secret, the + volume setup will error unless it is marked optional. + Paths must be relative and may not contain the '..' + path or start with '..'. + items: + description: Maps a string key to a path within a + volume. + properties: + key: + description: key is the key to project. + type: string + mode: + description: 'mode is Optional: mode bits used + to set permissions on this file. Must be an + octal value between 0000 and 0777 or a decimal + value between 0 and 511. YAML accepts both octal + and decimal values, JSON requires decimal values + for mode bits. If not specified, the volume + defaultMode will be used. This might be in conflict + with other options that affect the file mode, + like fsGroup, and the result can be other mode + bits set.' + format: int32 + type: integer + path: + description: path is the relative path of the + file to map the key to. May not be an absolute + path. May not contain the path element '..'. + May not start with the string '..'. + type: string + required: + - key + - path + type: object + type: array + optional: + description: optional field specify whether the Secret + or its keys must be defined + type: boolean + secretName: + description: 'secretName is the name of the secret in + the pod''s namespace to use. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' + type: string + type: object + storageos: + description: storageOS represents a StorageOS volume attached + and mounted on Kubernetes nodes. + properties: + fsType: + description: fsType is the filesystem type to mount. + Must be a filesystem type supported by the host operating + system. Ex. "ext4", "xfs", "ntfs". Implicitly inferred + to be "ext4" if unspecified. + type: string + readOnly: + description: readOnly defaults to false (read/write). + ReadOnly here will force the ReadOnly setting in VolumeMounts. + type: boolean + secretRef: + description: secretRef specifies the secret to use for + obtaining the StorageOS API credentials. If not specified, + default values will be attempted. + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + type: object + x-kubernetes-map-type: atomic + volumeName: + description: volumeName is the human-readable name of + the StorageOS volume. Volume names are only unique + within a namespace. + type: string + volumeNamespace: + description: volumeNamespace specifies the scope of + the volume within StorageOS. If no namespace is specified + then the Pod's namespace will be used. This allows + the Kubernetes name scoping to be mirrored within + StorageOS for tighter integration. Set VolumeName + to any name to override the default behaviour. Set + to "default" if you are not using namespaces within + StorageOS. Namespaces that do not pre-exist within + StorageOS will be created. + type: string + type: object + vsphereVolume: + description: vsphereVolume represents a vSphere volume attached + and mounted on kubelets host machine + properties: + fsType: + description: fsType is filesystem type to mount. Must + be a filesystem type supported by the host operating + system. Ex. "ext4", "xfs", "ntfs". Implicitly inferred + to be "ext4" if unspecified. + type: string + storagePolicyID: + description: storagePolicyID is the storage Policy Based + Management (SPBM) profile ID associated with the StoragePolicyName. + type: string + storagePolicyName: + description: storagePolicyName is the storage Policy + Based Management (SPBM) profile name. + type: string + volumePath: + description: volumePath is the path that identifies + vSphere volume vmdk + type: string + required: + - volumePath + type: object + type: object + subPath: + type: string + allowedSourceRanges: + type: array + nullable: true + items: + type: string + pattern: '^(\d|[1-9]\d|1\d\d|2[0-4]\d|25[0-5])\.(\d|[1-9]\d|1\d\d|2[0-4]\d|25[0-5])\.(\d|[1-9]\d|1\d\d|2[0-4]\d|25[0-5])\.(\d|[1-9]\d|1\d\d|2[0-4]\d|25[0-5])\/(\d|[1-2]\d|3[0-2])$' + clone: + type: object + required: + - cluster + properties: + cluster: + type: string + s3_endpoint: + type: string + s3_access_key_id: + type: string + s3_secret_access_key: + type: string + s3_force_path_style: + type: boolean + s3_wal_path: + type: string + timestamp: + type: string + pattern: '^([0-9]+)-(0[1-9]|1[012])-(0[1-9]|[12][0-9]|3[01])[Tt]([01][0-9]|2[0-3]):([0-5][0-9]):([0-5][0-9]|60)(\.[0-9]+)?(([+-]([01][0-9]|2[0-3]):[0-5][0-9]))$' + # The regexp matches the date-time format (RFC 3339 Section 5.6) that specifies a timezone as an offset relative to UTC + # Example: 1996-12-19T16:39:57-08:00 + # Note: this field requires a timezone + uid: + format: uuid + type: string + connectionPooler: + type: object + properties: + dockerImage: + type: string + maxDBConnections: + type: integer + mode: + type: string + enum: + - "session" + - "transaction" + numberOfInstances: + type: integer + minimum: 1 + resources: + type: object + properties: + limits: + type: object + properties: + cpu: + type: string + pattern: '^(\d+m|\d+(\.\d{1,3})?)$' + memory: + type: string + pattern: '^(\d+(e\d+)?|\d+(\.\d+)?(e\d+)?[EPTGMK]i?)$' + requests: + type: object + properties: + cpu: + type: string + pattern: '^(\d+m|\d+(\.\d{1,3})?)$' + memory: + type: string + pattern: '^(\d+(e\d+)?|\d+(\.\d+)?(e\d+)?[EPTGMK]i?)$' + schema: + type: string + user: + type: string + databases: + type: object + additionalProperties: + type: string + # Note: usernames specified here as database owners must be declared in the users key of the spec key. + dockerImage: + type: string + enableConnectionPooler: + type: boolean + enableReplicaConnectionPooler: + type: boolean + enableLogicalBackup: + type: boolean + enableMasterLoadBalancer: + type: boolean + enableMasterPoolerLoadBalancer: + type: boolean + enableReplicaLoadBalancer: + type: boolean + enableReplicaPoolerLoadBalancer: + type: boolean + enableShmVolume: + type: boolean + env: + type: array + nullable: true + items: + description: EnvVar represents an environment variable present in + a Container. + properties: + name: + description: Name of the environment variable. Must be a C_IDENTIFIER. + type: string + value: + description: 'Variable references $(VAR_NAME) are expanded using + the previously defined environment variables in the container + and any service environment variables. If a variable cannot + be resolved, the reference in the input string will be unchanged. + Double $$ are reduced to a single $, which allows for escaping + the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce the + string literal "$(VAR_NAME)". Escaped references will never + be expanded, regardless of whether the variable exists or + not. Defaults to "".' + type: string + valueFrom: + description: Source for the environment variable's value. Cannot + be used if value is not empty. + properties: + configMapKeyRef: + description: Selects a key of a ConfigMap. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + optional: + description: Specify whether the ConfigMap or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + fieldRef: + description: 'Selects a field of the pod: supports metadata.name, + metadata.namespace, `metadata.labels['''']`, `metadata.annotations['''']`, + spec.nodeName, spec.serviceAccountName, status.hostIP, + status.podIP, status.podIPs.' + properties: + apiVersion: + description: Version of the schema the FieldPath is + written in terms of, defaults to "v1". + type: string + fieldPath: + description: Path of the field to select in the specified + API version. + type: string + required: + - fieldPath + type: object + x-kubernetes-map-type: atomic + resourceFieldRef: + description: 'Selects a resource of the container: only + resources limits and requests (limits.cpu, limits.memory, + limits.ephemeral-storage, requests.cpu, requests.memory + and requests.ephemeral-storage) are currently supported.' + properties: + containerName: + description: 'Container name: required for volumes, + optional for env vars' + type: string + divisor: + anyOf: + - type: integer + - type: string + description: Specifies the output format of the exposed + resources, defaults to "1" + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + description: 'Required: resource to select' + type: string + required: + - resource + type: object + x-kubernetes-map-type: atomic + secretKeyRef: + description: Selects a key of a secret in the pod's namespace + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + required: + - name + type: object + init_containers: + type: array + description: deprecated + nullable: true + items: + description: A single application container that you want to run + within a pod. + properties: + args: + description: 'Arguments to the entrypoint. The container image''s + CMD is used if this is not provided. Variable references $(VAR_NAME) + are expanded using the container''s environment. If a variable + cannot be resolved, the reference in the input string will + be unchanged. Double $$ are reduced to a single $, which allows + for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will + produce the string literal "$(VAR_NAME)". Escaped references + will never be expanded, regardless of whether the variable + exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' + items: + type: string + type: array + command: + description: 'Entrypoint array. Not executed within a shell. + The container image''s ENTRYPOINT is used if this is not provided. + Variable references $(VAR_NAME) are expanded using the container''s + environment. If a variable cannot be resolved, the reference + in the input string will be unchanged. Double $$ are reduced + to a single $, which allows for escaping the $(VAR_NAME) syntax: + i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". + Escaped references will never be expanded, regardless of whether + the variable exists or not. Cannot be updated. More info: + https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' + items: + type: string + type: array + env: + description: List of environment variables to set in the container. + Cannot be updated. + items: + description: EnvVar represents an environment variable present + in a Container. + properties: + name: + description: Name of the environment variable. Must be + a C_IDENTIFIER. + type: string + value: + description: 'Variable references $(VAR_NAME) are expanded + using the previously defined environment variables in + the container and any service environment variables. + If a variable cannot be resolved, the reference in the + input string will be unchanged. Double $$ are reduced + to a single $, which allows for escaping the $(VAR_NAME) + syntax: i.e. "$$(VAR_NAME)" will produce the string + literal "$(VAR_NAME)". Escaped references will never + be expanded, regardless of whether the variable exists + or not. Defaults to "".' + type: string + valueFrom: + description: Source for the environment variable's value. + Cannot be used if value is not empty. + properties: + configMapKeyRef: + description: Selects a key of a ConfigMap. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether the ConfigMap or + its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + fieldRef: + description: 'Selects a field of the pod: supports + metadata.name, metadata.namespace, `metadata.labels['''']`, + `metadata.annotations['''']`, spec.nodeName, + spec.serviceAccountName, status.hostIP, status.podIP, + status.podIPs.' + properties: + apiVersion: + description: Version of the schema the FieldPath + is written in terms of, defaults to "v1". + type: string + fieldPath: + description: Path of the field to select in the + specified API version. + type: string + required: + - fieldPath + type: object + x-kubernetes-map-type: atomic + resourceFieldRef: + description: 'Selects a resource of the container: + only resources limits and requests (limits.cpu, + limits.memory, limits.ephemeral-storage, requests.cpu, + requests.memory and requests.ephemeral-storage) + are currently supported.' + properties: + containerName: + description: 'Container name: required for volumes, + optional for env vars' + type: string + divisor: + anyOf: + - type: integer + - type: string + description: Specifies the output format of the + exposed resources, defaults to "1" + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + description: 'Required: resource to select' + type: string + required: + - resource + type: object + x-kubernetes-map-type: atomic + secretKeyRef: + description: Selects a key of a secret in the pod's + namespace + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether the Secret or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + required: + - name + type: object + type: array + envFrom: + description: List of sources to populate environment variables + in the container. The keys defined within a source must be + a C_IDENTIFIER. All invalid keys will be reported as an event + when the container is starting. When a key exists in multiple + sources, the value associated with the last source will take + precedence. Values defined by an Env with a duplicate key + will take precedence. Cannot be updated. + items: + description: EnvFromSource represents the source of a set + of ConfigMaps + properties: + configMapRef: + description: The ConfigMap to select from + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether the ConfigMap must be + defined + type: boolean + type: object + x-kubernetes-map-type: atomic + prefix: + description: An optional identifier to prepend to each + key in the ConfigMap. Must be a C_IDENTIFIER. + type: string + secretRef: + description: The Secret to select from + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether the Secret must be defined + type: boolean + type: object + x-kubernetes-map-type: atomic + type: object + type: array + image: + description: 'Container image name. More info: https://kubernetes.io/docs/concepts/containers/images + This field is optional to allow higher level config management + to default or override container images in workload controllers + like Deployments and StatefulSets.' + type: string + imagePullPolicy: + description: 'Image pull policy. One of Always, Never, IfNotPresent. + Defaults to Always if :latest tag is specified, or IfNotPresent + otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' + type: string + lifecycle: + description: Actions that the management system should take + in response to container lifecycle events. Cannot be updated. + properties: + postStart: + description: 'PostStart is called immediately after a container + is created. If the handler fails, the container is terminated + and restarted according to its restart policy. Other management + of the container blocks until the hook completes. More + info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' + properties: + exec: + description: Exec specifies the action to take. + properties: + command: + description: Command is the command line to execute + inside the container, the working directory for + the command is root ('/') in the container's + filesystem. The command is simply exec'd, it is + not run inside a shell, so traditional shell instructions + ('|', etc) won't work. To use a shell, you need + to explicitly call out to that shell. Exit status + of 0 is treated as live/healthy and non-zero is + unhealthy. + items: + type: string + type: array + type: object + httpGet: + description: HTTPGet specifies the http request to perform. + properties: + host: + description: Host name to connect to, defaults to + the pod IP. You probably want to set "Host" in + httpHeaders instead. + type: string + httpHeaders: + description: Custom headers to set in the request. + HTTP allows repeated headers. + items: + description: HTTPHeader describes a custom header + to be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: integer + - type: string + description: Name or number of the port to access + on the container. Number must be in the range + 1 to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: Scheme to use for connecting to the + host. Defaults to HTTP. + type: string + required: + - port + type: object + tcpSocket: + description: Deprecated. TCPSocket is NOT supported + as a LifecycleHandler and kept for the backward compatibility. + There are no validation of this field and lifecycle + hooks will fail in runtime when tcp handler is specified. + properties: + host: + description: 'Optional: Host name to connect to, + defaults to the pod IP.' + type: string + port: + anyOf: + - type: integer + - type: string + description: Number or name of the port to access + on the container. Number must be in the range + 1 to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + type: object + preStop: + description: 'PreStop is called immediately before a container + is terminated due to an API request or management event + such as liveness/startup probe failure, preemption, resource + contention, etc. The handler is not called if the container + crashes or exits. The Pod''s termination grace period + countdown begins before the PreStop hook is executed. + Regardless of the outcome of the handler, the container + will eventually terminate within the Pod''s termination + grace period (unless delayed by finalizers). Other management + of the container blocks until the hook completes or until + the termination grace period is reached. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' + properties: + exec: + description: Exec specifies the action to take. + properties: + command: + description: Command is the command line to execute + inside the container, the working directory for + the command is root ('/') in the container's + filesystem. The command is simply exec'd, it is + not run inside a shell, so traditional shell instructions + ('|', etc) won't work. To use a shell, you need + to explicitly call out to that shell. Exit status + of 0 is treated as live/healthy and non-zero is + unhealthy. + items: + type: string + type: array + type: object + httpGet: + description: HTTPGet specifies the http request to perform. + properties: + host: + description: Host name to connect to, defaults to + the pod IP. You probably want to set "Host" in + httpHeaders instead. + type: string + httpHeaders: + description: Custom headers to set in the request. + HTTP allows repeated headers. + items: + description: HTTPHeader describes a custom header + to be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: integer + - type: string + description: Name or number of the port to access + on the container. Number must be in the range + 1 to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: Scheme to use for connecting to the + host. Defaults to HTTP. + type: string + required: + - port + type: object + tcpSocket: + description: Deprecated. TCPSocket is NOT supported + as a LifecycleHandler and kept for the backward compatibility. + There are no validation of this field and lifecycle + hooks will fail in runtime when tcp handler is specified. + properties: + host: + description: 'Optional: Host name to connect to, + defaults to the pod IP.' + type: string + port: + anyOf: + - type: integer + - type: string + description: Number or name of the port to access + on the container. Number must be in the range + 1 to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + type: object + type: object + livenessProbe: + description: 'Periodic probe of container liveness. Container + will be restarted if the probe fails. Cannot be updated. More + info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + properties: + exec: + description: Exec specifies the action to take. + properties: + command: + description: Command is the command line to execute + inside the container, the working directory for the + command is root ('/') in the container's filesystem. + The command is simply exec'd, it is not run inside + a shell, so traditional shell instructions ('|', etc) + won't work. To use a shell, you need to explicitly + call out to that shell. Exit status of 0 is treated + as live/healthy and non-zero is unhealthy. + items: + type: string + type: array + type: object + failureThreshold: + description: Minimum consecutive failures for the probe + to be considered failed after having succeeded. Defaults + to 3. Minimum value is 1. + format: int32 + type: integer + grpc: + description: GRPC specifies an action involving a GRPC port. + This is a beta field and requires enabling GRPCContainerProbe + feature gate. + properties: + port: + description: Port number of the gRPC service. Number + must be in the range 1 to 65535. + format: int32 + type: integer + service: + description: "Service is the name of the service to + place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + \n If this is not specified, the default behavior + is defined by gRPC." + type: string + required: + - port + type: object + httpGet: + description: HTTPGet specifies the http request to perform. + properties: + host: + description: Host name to connect to, defaults to the + pod IP. You probably want to set "Host" in httpHeaders + instead. + type: string + httpHeaders: + description: Custom headers to set in the request. HTTP + allows repeated headers. + items: + description: HTTPHeader describes a custom header + to be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: integer + - type: string + description: Name or number of the port to access on + the container. Number must be in the range 1 to 65535. + Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: Scheme to use for connecting to the host. + Defaults to HTTP. + type: string + required: + - port + type: object + initialDelaySeconds: + description: 'Number of seconds after the container has + started before liveness probes are initiated. More info: + https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + periodSeconds: + description: How often (in seconds) to perform the probe. + Default to 10 seconds. Minimum value is 1. + format: int32 + type: integer + successThreshold: + description: Minimum consecutive successes for the probe + to be considered successful after having failed. Defaults + to 1. Must be 1 for liveness and startup. Minimum value + is 1. + format: int32 + type: integer + tcpSocket: + description: TCPSocket specifies an action involving a TCP + port. + properties: + host: + description: 'Optional: Host name to connect to, defaults + to the pod IP.' + type: string + port: + anyOf: + - type: integer + - type: string + description: Number or name of the port to access on + the container. Number must be in the range 1 to 65535. + Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + terminationGracePeriodSeconds: + description: Optional duration in seconds the pod needs + to terminate gracefully upon probe failure. The grace + period is the duration in seconds after the processes + running in the pod are sent a termination signal and the + time when the processes are forcibly halted with a kill + signal. Set this value longer than the expected cleanup + time for your process. If this value is nil, the pod's + terminationGracePeriodSeconds will be used. Otherwise, + this value overrides the value provided by the pod spec. + Value must be non-negative integer. The value zero indicates + stop immediately via the kill signal (no opportunity to + shut down). This is a beta field and requires enabling + ProbeTerminationGracePeriod feature gate. Minimum value + is 1. spec.terminationGracePeriodSeconds is used if unset. + format: int64 + type: integer + timeoutSeconds: + description: 'Number of seconds after which the probe times + out. Defaults to 1 second. Minimum value is 1. More info: + https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + type: object + name: + description: Name of the container specified as a DNS_LABEL. + Each container in a pod must have a unique name (DNS_LABEL). + Cannot be updated. + type: string + ports: + description: List of ports to expose from the container. Not + specifying a port here DOES NOT prevent that port from being + exposed. Any port which is listening on the default "0.0.0.0" + address inside a container will be accessible from the network. + Modifying this array with strategic merge patch may corrupt + the data. For more information See https://github.com/kubernetes/kubernetes/issues/108255. + Cannot be updated. + items: + description: ContainerPort represents a network port in a + single container. + properties: + containerPort: + description: Number of port to expose on the pod's IP + address. This must be a valid port number, 0 < x < 65536. + format: int32 + type: integer + hostIP: + description: What host IP to bind the external port to. + type: string + hostPort: + description: Number of port to expose on the host. If + specified, this must be a valid port number, 0 < x < + 65536. If HostNetwork is specified, this must match + ContainerPort. Most containers do not need this. + format: int32 + type: integer + name: + description: If specified, this must be an IANA_SVC_NAME + and unique within the pod. Each named port in a pod + must have a unique name. Name for the port that can + be referred to by services. + type: string + protocol: + default: TCP + description: Protocol for port. Must be UDP, TCP, or SCTP. + Defaults to "TCP". + type: string + required: + - containerPort + type: object + type: array + x-kubernetes-list-map-keys: + - containerPort + - protocol + x-kubernetes-list-type: map + readinessProbe: + description: 'Periodic probe of container service readiness. + Container will be removed from service endpoints if the probe + fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + properties: + exec: + description: Exec specifies the action to take. + properties: + command: + description: Command is the command line to execute + inside the container, the working directory for the + command is root ('/') in the container's filesystem. + The command is simply exec'd, it is not run inside + a shell, so traditional shell instructions ('|', etc) + won't work. To use a shell, you need to explicitly + call out to that shell. Exit status of 0 is treated + as live/healthy and non-zero is unhealthy. + items: + type: string + type: array + type: object + failureThreshold: + description: Minimum consecutive failures for the probe + to be considered failed after having succeeded. Defaults + to 3. Minimum value is 1. + format: int32 + type: integer + grpc: + description: GRPC specifies an action involving a GRPC port. + This is a beta field and requires enabling GRPCContainerProbe + feature gate. + properties: + port: + description: Port number of the gRPC service. Number + must be in the range 1 to 65535. + format: int32 + type: integer + service: + description: "Service is the name of the service to + place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + \n If this is not specified, the default behavior + is defined by gRPC." + type: string + required: + - port + type: object + httpGet: + description: HTTPGet specifies the http request to perform. + properties: + host: + description: Host name to connect to, defaults to the + pod IP. You probably want to set "Host" in httpHeaders + instead. + type: string + httpHeaders: + description: Custom headers to set in the request. HTTP + allows repeated headers. + items: + description: HTTPHeader describes a custom header + to be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: integer + - type: string + description: Name or number of the port to access on + the container. Number must be in the range 1 to 65535. + Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: Scheme to use for connecting to the host. + Defaults to HTTP. + type: string + required: + - port + type: object + initialDelaySeconds: + description: 'Number of seconds after the container has + started before liveness probes are initiated. More info: + https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + periodSeconds: + description: How often (in seconds) to perform the probe. + Default to 10 seconds. Minimum value is 1. + format: int32 + type: integer + successThreshold: + description: Minimum consecutive successes for the probe + to be considered successful after having failed. Defaults + to 1. Must be 1 for liveness and startup. Minimum value + is 1. + format: int32 + type: integer + tcpSocket: + description: TCPSocket specifies an action involving a TCP + port. + properties: + host: + description: 'Optional: Host name to connect to, defaults + to the pod IP.' + type: string + port: + anyOf: + - type: integer + - type: string + description: Number or name of the port to access on + the container. Number must be in the range 1 to 65535. + Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + terminationGracePeriodSeconds: + description: Optional duration in seconds the pod needs + to terminate gracefully upon probe failure. The grace + period is the duration in seconds after the processes + running in the pod are sent a termination signal and the + time when the processes are forcibly halted with a kill + signal. Set this value longer than the expected cleanup + time for your process. If this value is nil, the pod's + terminationGracePeriodSeconds will be used. Otherwise, + this value overrides the value provided by the pod spec. + Value must be non-negative integer. The value zero indicates + stop immediately via the kill signal (no opportunity to + shut down). This is a beta field and requires enabling + ProbeTerminationGracePeriod feature gate. Minimum value + is 1. spec.terminationGracePeriodSeconds is used if unset. + format: int64 + type: integer + timeoutSeconds: + description: 'Number of seconds after which the probe times + out. Defaults to 1 second. Minimum value is 1. More info: + https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + type: object + resources: + description: 'Compute Resources required by this container. + Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + properties: + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum amount of compute + resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum amount of compute + resources required. If Requests is omitted for a container, + it defaults to Limits if that is explicitly specified, + otherwise to an implementation-defined value. More info: + https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + type: object + securityContext: + description: 'SecurityContext defines the security options the + container should be run with. If set, the fields of SecurityContext + override the equivalent fields of PodSecurityContext. More + info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/' + properties: + allowPrivilegeEscalation: + description: 'AllowPrivilegeEscalation controls whether + a process can gain more privileges than its parent process. + This bool directly controls if the no_new_privs flag will + be set on the container process. AllowPrivilegeEscalation + is true always when the container is: 1) run as Privileged + 2) has CAP_SYS_ADMIN Note that this field cannot be set + when spec.os.name is windows.' + type: boolean + capabilities: + description: The capabilities to add/drop when running containers. + Defaults to the default set of capabilities granted by + the container runtime. Note that this field cannot be + set when spec.os.name is windows. + properties: + add: + description: Added capabilities + items: + description: Capability represent POSIX capabilities + type + type: string + type: array + drop: + description: Removed capabilities + items: + description: Capability represent POSIX capabilities + type + type: string + type: array + type: object + privileged: + description: Run container in privileged mode. Processes + in privileged containers are essentially equivalent to + root on the host. Defaults to false. Note that this field + cannot be set when spec.os.name is windows. + type: boolean + procMount: + description: procMount denotes the type of proc mount to + use for the containers. The default is DefaultProcMount + which uses the container runtime defaults for readonly + paths and masked paths. This requires the ProcMountType + feature flag to be enabled. Note that this field cannot + be set when spec.os.name is windows. + type: string + readOnlyRootFilesystem: + description: Whether this container has a read-only root + filesystem. Default is false. Note that this field cannot + be set when spec.os.name is windows. + type: boolean + runAsGroup: + description: The GID to run the entrypoint of the container + process. Uses runtime default if unset. May also be set + in PodSecurityContext. If set in both SecurityContext + and PodSecurityContext, the value specified in SecurityContext + takes precedence. Note that this field cannot be set when + spec.os.name is windows. + format: int64 + type: integer + runAsNonRoot: + description: Indicates that the container must run as a + non-root user. If true, the Kubelet will validate the + image at runtime to ensure that it does not run as UID + 0 (root) and fail to start the container if it does. If + unset or false, no such validation will be performed. + May also be set in PodSecurityContext. If set in both + SecurityContext and PodSecurityContext, the value specified + in SecurityContext takes precedence. + type: boolean + runAsUser: + description: The UID to run the entrypoint of the container + process. Defaults to user specified in image metadata + if unspecified. May also be set in PodSecurityContext. If + set in both SecurityContext and PodSecurityContext, the + value specified in SecurityContext takes precedence. Note + that this field cannot be set when spec.os.name is windows. + format: int64 + type: integer + seLinuxOptions: + description: The SELinux context to be applied to the container. + If unspecified, the container runtime will allocate a + random SELinux context for each container. May also be + set in PodSecurityContext. If set in both SecurityContext + and PodSecurityContext, the value specified in SecurityContext + takes precedence. Note that this field cannot be set when + spec.os.name is windows. + properties: + level: + description: Level is SELinux level label that applies + to the container. + type: string + role: + description: Role is a SELinux role label that applies + to the container. + type: string + type: + description: Type is a SELinux type label that applies + to the container. + type: string + user: + description: User is a SELinux user label that applies + to the container. + type: string + type: object + seccompProfile: + description: The seccomp options to use by this container. + If seccomp options are provided at both the pod & container + level, the container options override the pod options. + Note that this field cannot be set when spec.os.name is + windows. + properties: + localhostProfile: + description: localhostProfile indicates a profile defined + in a file on the node should be used. The profile + must be preconfigured on the node to work. Must be + a descending path, relative to the kubelet's configured + seccomp profile location. Must only be set if type + is "Localhost". + type: string + type: + description: "type indicates which kind of seccomp profile + will be applied. Valid options are: \n Localhost - + a profile defined in a file on the node should be + used. RuntimeDefault - the container runtime default + profile should be used. Unconfined - no profile should + be applied." + type: string + required: + - type + type: object + windowsOptions: + description: The Windows specific settings applied to all + containers. If unspecified, the options from the PodSecurityContext + will be used. If set in both SecurityContext and PodSecurityContext, + the value specified in SecurityContext takes precedence. + Note that this field cannot be set when spec.os.name is + linux. + properties: + gmsaCredentialSpec: + description: GMSACredentialSpec is where the GMSA admission + webhook (https://github.com/kubernetes-sigs/windows-gmsa) + inlines the contents of the GMSA credential spec named + by the GMSACredentialSpecName field. + type: string + gmsaCredentialSpecName: + description: GMSACredentialSpecName is the name of the + GMSA credential spec to use. + type: string + hostProcess: + description: HostProcess determines if a container should + be run as a 'Host Process' container. This field is + alpha-level and will only be honored by components + that enable the WindowsHostProcessContainers feature + flag. Setting this field without the feature flag + will result in errors when validating the Pod. All + of a Pod's containers must have the same effective + HostProcess value (it is not allowed to have a mix + of HostProcess containers and non-HostProcess containers). In + addition, if HostProcess is true then HostNetwork + must also be set to true. + type: boolean + runAsUserName: + description: The UserName in Windows to run the entrypoint + of the container process. Defaults to the user specified + in image metadata if unspecified. May also be set + in PodSecurityContext. If set in both SecurityContext + and PodSecurityContext, the value specified in SecurityContext + takes precedence. + type: string + type: object + type: object + startupProbe: + description: 'StartupProbe indicates that the Pod has successfully + initialized. If specified, no other probes are executed until + this completes successfully. If this probe fails, the Pod + will be restarted, just as if the livenessProbe failed. This + can be used to provide different probe parameters at the beginning + of a Pod''s lifecycle, when it might take a long time to load + data or warm a cache, than during steady-state operation. + This cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + properties: + exec: + description: Exec specifies the action to take. + properties: + command: + description: Command is the command line to execute + inside the container, the working directory for the + command is root ('/') in the container's filesystem. + The command is simply exec'd, it is not run inside + a shell, so traditional shell instructions ('|', etc) + won't work. To use a shell, you need to explicitly + call out to that shell. Exit status of 0 is treated + as live/healthy and non-zero is unhealthy. + items: + type: string + type: array + type: object + failureThreshold: + description: Minimum consecutive failures for the probe + to be considered failed after having succeeded. Defaults + to 3. Minimum value is 1. + format: int32 + type: integer + grpc: + description: GRPC specifies an action involving a GRPC port. + This is a beta field and requires enabling GRPCContainerProbe + feature gate. + properties: + port: + description: Port number of the gRPC service. Number + must be in the range 1 to 65535. + format: int32 + type: integer + service: + description: "Service is the name of the service to + place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + \n If this is not specified, the default behavior + is defined by gRPC." + type: string + required: + - port + type: object + httpGet: + description: HTTPGet specifies the http request to perform. + properties: + host: + description: Host name to connect to, defaults to the + pod IP. You probably want to set "Host" in httpHeaders + instead. + type: string + httpHeaders: + description: Custom headers to set in the request. HTTP + allows repeated headers. + items: + description: HTTPHeader describes a custom header + to be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: integer + - type: string + description: Name or number of the port to access on + the container. Number must be in the range 1 to 65535. + Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: Scheme to use for connecting to the host. + Defaults to HTTP. + type: string + required: + - port + type: object + initialDelaySeconds: + description: 'Number of seconds after the container has + started before liveness probes are initiated. More info: + https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + periodSeconds: + description: How often (in seconds) to perform the probe. + Default to 10 seconds. Minimum value is 1. + format: int32 + type: integer + successThreshold: + description: Minimum consecutive successes for the probe + to be considered successful after having failed. Defaults + to 1. Must be 1 for liveness and startup. Minimum value + is 1. + format: int32 + type: integer + tcpSocket: + description: TCPSocket specifies an action involving a TCP + port. + properties: + host: + description: 'Optional: Host name to connect to, defaults + to the pod IP.' + type: string + port: + anyOf: + - type: integer + - type: string + description: Number or name of the port to access on + the container. Number must be in the range 1 to 65535. + Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + terminationGracePeriodSeconds: + description: Optional duration in seconds the pod needs + to terminate gracefully upon probe failure. The grace + period is the duration in seconds after the processes + running in the pod are sent a termination signal and the + time when the processes are forcibly halted with a kill + signal. Set this value longer than the expected cleanup + time for your process. If this value is nil, the pod's + terminationGracePeriodSeconds will be used. Otherwise, + this value overrides the value provided by the pod spec. + Value must be non-negative integer. The value zero indicates + stop immediately via the kill signal (no opportunity to + shut down). This is a beta field and requires enabling + ProbeTerminationGracePeriod feature gate. Minimum value + is 1. spec.terminationGracePeriodSeconds is used if unset. + format: int64 + type: integer + timeoutSeconds: + description: 'Number of seconds after which the probe times + out. Defaults to 1 second. Minimum value is 1. More info: + https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + type: object + stdin: + description: Whether this container should allocate a buffer + for stdin in the container runtime. If this is not set, reads + from stdin in the container will always result in EOF. Default + is false. + type: boolean + stdinOnce: + description: Whether the container runtime should close the + stdin channel after it has been opened by a single attach. + When stdin is true the stdin stream will remain open across + multiple attach sessions. If stdinOnce is set to true, stdin + is opened on container start, is empty until the first client + attaches to stdin, and then remains open and accepts data + until the client disconnects, at which time stdin is closed + and remains closed until the container is restarted. If this + flag is false, a container processes that reads from stdin + will never receive an EOF. Default is false + type: boolean + terminationMessagePath: + description: 'Optional: Path at which the file to which the + container''s termination message will be written is mounted + into the container''s filesystem. Message written is intended + to be brief final status, such as an assertion failure message. + Will be truncated by the node if greater than 4096 bytes. + The total message length across all containers will be limited + to 12kb. Defaults to /dev/termination-log. Cannot be updated.' + type: string + terminationMessagePolicy: + description: Indicate how the termination message should be + populated. File will use the contents of terminationMessagePath + to populate the container status message on both success and + failure. FallbackToLogsOnError will use the last chunk of + container log output if the termination message file is empty + and the container exited with an error. The log output is + limited to 2048 bytes or 80 lines, whichever is smaller. Defaults + to File. Cannot be updated. + type: string + tty: + description: Whether this container should allocate a TTY for + itself, also requires 'stdin' to be true. Default is false. + type: boolean + volumeDevices: + description: volumeDevices is the list of block devices to be + used by the container. + items: + description: volumeDevice describes a mapping of a raw block + device within a container. + properties: + devicePath: + description: devicePath is the path inside of the container + that the device will be mapped to. + type: string + name: + description: name must match the name of a persistentVolumeClaim + in the pod + type: string + required: + - devicePath + - name + type: object + type: array + volumeMounts: + description: Pod volumes to mount into the container's filesystem. + Cannot be updated. + items: + description: VolumeMount describes a mounting of a Volume + within a container. + properties: + mountPath: + description: Path within the container at which the volume + should be mounted. Must not contain ':'. + type: string + mountPropagation: + description: mountPropagation determines how mounts are + propagated from the host to container and the other + way around. When not set, MountPropagationNone is used. + This field is beta in 1.10. + type: string + name: + description: This must match the Name of a Volume. + type: string + readOnly: + description: Mounted read-only if true, read-write otherwise + (false or unspecified). Defaults to false. + type: boolean + subPath: + description: Path within the volume from which the container's + volume should be mounted. Defaults to "" (volume's root). + type: string + subPathExpr: + description: Expanded path within the volume from which + the container's volume should be mounted. Behaves similarly + to SubPath but environment variable references $(VAR_NAME) + are expanded using the container's environment. Defaults + to "" (volume's root). SubPathExpr and SubPath are mutually + exclusive. + type: string + required: + - mountPath + - name + type: object + type: array + workingDir: + description: Container's working directory. If not specified, + the container runtime's default will be used, which might + be configured in the container image. Cannot be updated. + type: string + required: + - name + type: object + initContainers: + type: array + nullable: true + items: + description: A single application container that you want to run + within a pod. + properties: + args: + description: 'Arguments to the entrypoint. The container image''s + CMD is used if this is not provided. Variable references $(VAR_NAME) + are expanded using the container''s environment. If a variable + cannot be resolved, the reference in the input string will + be unchanged. Double $$ are reduced to a single $, which allows + for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will + produce the string literal "$(VAR_NAME)". Escaped references + will never be expanded, regardless of whether the variable + exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' + items: + type: string + type: array + command: + description: 'Entrypoint array. Not executed within a shell. + The container image''s ENTRYPOINT is used if this is not provided. + Variable references $(VAR_NAME) are expanded using the container''s + environment. If a variable cannot be resolved, the reference + in the input string will be unchanged. Double $$ are reduced + to a single $, which allows for escaping the $(VAR_NAME) syntax: + i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". + Escaped references will never be expanded, regardless of whether + the variable exists or not. Cannot be updated. More info: + https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' + items: + type: string + type: array + env: + description: List of environment variables to set in the container. + Cannot be updated. + items: + description: EnvVar represents an environment variable present + in a Container. + properties: + name: + description: Name of the environment variable. Must be + a C_IDENTIFIER. + type: string + value: + description: 'Variable references $(VAR_NAME) are expanded + using the previously defined environment variables in + the container and any service environment variables. + If a variable cannot be resolved, the reference in the + input string will be unchanged. Double $$ are reduced + to a single $, which allows for escaping the $(VAR_NAME) + syntax: i.e. "$$(VAR_NAME)" will produce the string + literal "$(VAR_NAME)". Escaped references will never + be expanded, regardless of whether the variable exists + or not. Defaults to "".' + type: string + valueFrom: + description: Source for the environment variable's value. + Cannot be used if value is not empty. + properties: + configMapKeyRef: + description: Selects a key of a ConfigMap. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether the ConfigMap or + its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + fieldRef: + description: 'Selects a field of the pod: supports + metadata.name, metadata.namespace, `metadata.labels['''']`, + `metadata.annotations['''']`, spec.nodeName, + spec.serviceAccountName, status.hostIP, status.podIP, + status.podIPs.' + properties: + apiVersion: + description: Version of the schema the FieldPath + is written in terms of, defaults to "v1". + type: string + fieldPath: + description: Path of the field to select in the + specified API version. + type: string + required: + - fieldPath + type: object + x-kubernetes-map-type: atomic + resourceFieldRef: + description: 'Selects a resource of the container: + only resources limits and requests (limits.cpu, + limits.memory, limits.ephemeral-storage, requests.cpu, + requests.memory and requests.ephemeral-storage) + are currently supported.' + properties: + containerName: + description: 'Container name: required for volumes, + optional for env vars' + type: string + divisor: + anyOf: + - type: integer + - type: string + description: Specifies the output format of the + exposed resources, defaults to "1" + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + description: 'Required: resource to select' + type: string + required: + - resource + type: object + x-kubernetes-map-type: atomic + secretKeyRef: + description: Selects a key of a secret in the pod's + namespace + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether the Secret or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + required: + - name + type: object + type: array + envFrom: + description: List of sources to populate environment variables + in the container. The keys defined within a source must be + a C_IDENTIFIER. All invalid keys will be reported as an event + when the container is starting. When a key exists in multiple + sources, the value associated with the last source will take + precedence. Values defined by an Env with a duplicate key + will take precedence. Cannot be updated. + items: + description: EnvFromSource represents the source of a set + of ConfigMaps + properties: + configMapRef: + description: The ConfigMap to select from + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether the ConfigMap must be + defined + type: boolean + type: object + x-kubernetes-map-type: atomic + prefix: + description: An optional identifier to prepend to each + key in the ConfigMap. Must be a C_IDENTIFIER. + type: string + secretRef: + description: The Secret to select from + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether the Secret must be defined + type: boolean + type: object + x-kubernetes-map-type: atomic + type: object + type: array + image: + description: 'Container image name. More info: https://kubernetes.io/docs/concepts/containers/images + This field is optional to allow higher level config management + to default or override container images in workload controllers + like Deployments and StatefulSets.' + type: string + imagePullPolicy: + description: 'Image pull policy. One of Always, Never, IfNotPresent. + Defaults to Always if :latest tag is specified, or IfNotPresent + otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' + type: string + lifecycle: + description: Actions that the management system should take + in response to container lifecycle events. Cannot be updated. + properties: + postStart: + description: 'PostStart is called immediately after a container + is created. If the handler fails, the container is terminated + and restarted according to its restart policy. Other management + of the container blocks until the hook completes. More + info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' + properties: + exec: + description: Exec specifies the action to take. + properties: + command: + description: Command is the command line to execute + inside the container, the working directory for + the command is root ('/') in the container's + filesystem. The command is simply exec'd, it is + not run inside a shell, so traditional shell instructions + ('|', etc) won't work. To use a shell, you need + to explicitly call out to that shell. Exit status + of 0 is treated as live/healthy and non-zero is + unhealthy. + items: + type: string + type: array + type: object + httpGet: + description: HTTPGet specifies the http request to perform. + properties: + host: + description: Host name to connect to, defaults to + the pod IP. You probably want to set "Host" in + httpHeaders instead. + type: string + httpHeaders: + description: Custom headers to set in the request. + HTTP allows repeated headers. + items: + description: HTTPHeader describes a custom header + to be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: integer + - type: string + description: Name or number of the port to access + on the container. Number must be in the range + 1 to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: Scheme to use for connecting to the + host. Defaults to HTTP. + type: string + required: + - port + type: object + tcpSocket: + description: Deprecated. TCPSocket is NOT supported + as a LifecycleHandler and kept for the backward compatibility. + There are no validation of this field and lifecycle + hooks will fail in runtime when tcp handler is specified. + properties: + host: + description: 'Optional: Host name to connect to, + defaults to the pod IP.' + type: string + port: + anyOf: + - type: integer + - type: string + description: Number or name of the port to access + on the container. Number must be in the range + 1 to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + type: object + preStop: + description: 'PreStop is called immediately before a container + is terminated due to an API request or management event + such as liveness/startup probe failure, preemption, resource + contention, etc. The handler is not called if the container + crashes or exits. The Pod''s termination grace period + countdown begins before the PreStop hook is executed. + Regardless of the outcome of the handler, the container + will eventually terminate within the Pod''s termination + grace period (unless delayed by finalizers). Other management + of the container blocks until the hook completes or until + the termination grace period is reached. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' + properties: + exec: + description: Exec specifies the action to take. + properties: + command: + description: Command is the command line to execute + inside the container, the working directory for + the command is root ('/') in the container's + filesystem. The command is simply exec'd, it is + not run inside a shell, so traditional shell instructions + ('|', etc) won't work. To use a shell, you need + to explicitly call out to that shell. Exit status + of 0 is treated as live/healthy and non-zero is + unhealthy. + items: + type: string + type: array + type: object + httpGet: + description: HTTPGet specifies the http request to perform. + properties: + host: + description: Host name to connect to, defaults to + the pod IP. You probably want to set "Host" in + httpHeaders instead. + type: string + httpHeaders: + description: Custom headers to set in the request. + HTTP allows repeated headers. + items: + description: HTTPHeader describes a custom header + to be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: integer + - type: string + description: Name or number of the port to access + on the container. Number must be in the range + 1 to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: Scheme to use for connecting to the + host. Defaults to HTTP. + type: string + required: + - port + type: object + tcpSocket: + description: Deprecated. TCPSocket is NOT supported + as a LifecycleHandler and kept for the backward compatibility. + There are no validation of this field and lifecycle + hooks will fail in runtime when tcp handler is specified. + properties: + host: + description: 'Optional: Host name to connect to, + defaults to the pod IP.' + type: string + port: + anyOf: + - type: integer + - type: string + description: Number or name of the port to access + on the container. Number must be in the range + 1 to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + type: object + type: object + livenessProbe: + description: 'Periodic probe of container liveness. Container + will be restarted if the probe fails. Cannot be updated. More + info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + properties: + exec: + description: Exec specifies the action to take. + properties: + command: + description: Command is the command line to execute + inside the container, the working directory for the + command is root ('/') in the container's filesystem. + The command is simply exec'd, it is not run inside + a shell, so traditional shell instructions ('|', etc) + won't work. To use a shell, you need to explicitly + call out to that shell. Exit status of 0 is treated + as live/healthy and non-zero is unhealthy. + items: + type: string + type: array + type: object + failureThreshold: + description: Minimum consecutive failures for the probe + to be considered failed after having succeeded. Defaults + to 3. Minimum value is 1. + format: int32 + type: integer + grpc: + description: GRPC specifies an action involving a GRPC port. + This is a beta field and requires enabling GRPCContainerProbe + feature gate. + properties: + port: + description: Port number of the gRPC service. Number + must be in the range 1 to 65535. + format: int32 + type: integer + service: + description: "Service is the name of the service to + place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + \n If this is not specified, the default behavior + is defined by gRPC." + type: string + required: + - port + type: object + httpGet: + description: HTTPGet specifies the http request to perform. + properties: + host: + description: Host name to connect to, defaults to the + pod IP. You probably want to set "Host" in httpHeaders + instead. + type: string + httpHeaders: + description: Custom headers to set in the request. HTTP + allows repeated headers. + items: + description: HTTPHeader describes a custom header + to be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: integer + - type: string + description: Name or number of the port to access on + the container. Number must be in the range 1 to 65535. + Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: Scheme to use for connecting to the host. + Defaults to HTTP. + type: string + required: + - port + type: object + initialDelaySeconds: + description: 'Number of seconds after the container has + started before liveness probes are initiated. More info: + https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + periodSeconds: + description: How often (in seconds) to perform the probe. + Default to 10 seconds. Minimum value is 1. + format: int32 + type: integer + successThreshold: + description: Minimum consecutive successes for the probe + to be considered successful after having failed. Defaults + to 1. Must be 1 for liveness and startup. Minimum value + is 1. + format: int32 + type: integer + tcpSocket: + description: TCPSocket specifies an action involving a TCP + port. + properties: + host: + description: 'Optional: Host name to connect to, defaults + to the pod IP.' + type: string + port: + anyOf: + - type: integer + - type: string + description: Number or name of the port to access on + the container. Number must be in the range 1 to 65535. + Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + terminationGracePeriodSeconds: + description: Optional duration in seconds the pod needs + to terminate gracefully upon probe failure. The grace + period is the duration in seconds after the processes + running in the pod are sent a termination signal and the + time when the processes are forcibly halted with a kill + signal. Set this value longer than the expected cleanup + time for your process. If this value is nil, the pod's + terminationGracePeriodSeconds will be used. Otherwise, + this value overrides the value provided by the pod spec. + Value must be non-negative integer. The value zero indicates + stop immediately via the kill signal (no opportunity to + shut down). This is a beta field and requires enabling + ProbeTerminationGracePeriod feature gate. Minimum value + is 1. spec.terminationGracePeriodSeconds is used if unset. + format: int64 + type: integer + timeoutSeconds: + description: 'Number of seconds after which the probe times + out. Defaults to 1 second. Minimum value is 1. More info: + https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + type: object + name: + description: Name of the container specified as a DNS_LABEL. + Each container in a pod must have a unique name (DNS_LABEL). + Cannot be updated. + type: string + ports: + description: List of ports to expose from the container. Not + specifying a port here DOES NOT prevent that port from being + exposed. Any port which is listening on the default "0.0.0.0" + address inside a container will be accessible from the network. + Modifying this array with strategic merge patch may corrupt + the data. For more information See https://github.com/kubernetes/kubernetes/issues/108255. + Cannot be updated. + items: + description: ContainerPort represents a network port in a + single container. + properties: + containerPort: + description: Number of port to expose on the pod's IP + address. This must be a valid port number, 0 < x < 65536. + format: int32 + type: integer + hostIP: + description: What host IP to bind the external port to. + type: string + hostPort: + description: Number of port to expose on the host. If + specified, this must be a valid port number, 0 < x < + 65536. If HostNetwork is specified, this must match + ContainerPort. Most containers do not need this. + format: int32 + type: integer + name: + description: If specified, this must be an IANA_SVC_NAME + and unique within the pod. Each named port in a pod + must have a unique name. Name for the port that can + be referred to by services. + type: string + protocol: + default: TCP + description: Protocol for port. Must be UDP, TCP, or SCTP. + Defaults to "TCP". + type: string + required: + - containerPort + type: object + type: array + x-kubernetes-list-map-keys: + - containerPort + - protocol + x-kubernetes-list-type: map + readinessProbe: + description: 'Periodic probe of container service readiness. + Container will be removed from service endpoints if the probe + fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + properties: + exec: + description: Exec specifies the action to take. + properties: + command: + description: Command is the command line to execute + inside the container, the working directory for the + command is root ('/') in the container's filesystem. + The command is simply exec'd, it is not run inside + a shell, so traditional shell instructions ('|', etc) + won't work. To use a shell, you need to explicitly + call out to that shell. Exit status of 0 is treated + as live/healthy and non-zero is unhealthy. + items: + type: string + type: array + type: object + failureThreshold: + description: Minimum consecutive failures for the probe + to be considered failed after having succeeded. Defaults + to 3. Minimum value is 1. + format: int32 + type: integer + grpc: + description: GRPC specifies an action involving a GRPC port. + This is a beta field and requires enabling GRPCContainerProbe + feature gate. + properties: + port: + description: Port number of the gRPC service. Number + must be in the range 1 to 65535. + format: int32 + type: integer + service: + description: "Service is the name of the service to + place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + \n If this is not specified, the default behavior + is defined by gRPC." + type: string + required: + - port + type: object + httpGet: + description: HTTPGet specifies the http request to perform. + properties: + host: + description: Host name to connect to, defaults to the + pod IP. You probably want to set "Host" in httpHeaders + instead. + type: string + httpHeaders: + description: Custom headers to set in the request. HTTP + allows repeated headers. + items: + description: HTTPHeader describes a custom header + to be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: integer + - type: string + description: Name or number of the port to access on + the container. Number must be in the range 1 to 65535. + Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: Scheme to use for connecting to the host. + Defaults to HTTP. + type: string + required: + - port + type: object + initialDelaySeconds: + description: 'Number of seconds after the container has + started before liveness probes are initiated. More info: + https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + periodSeconds: + description: How often (in seconds) to perform the probe. + Default to 10 seconds. Minimum value is 1. + format: int32 + type: integer + successThreshold: + description: Minimum consecutive successes for the probe + to be considered successful after having failed. Defaults + to 1. Must be 1 for liveness and startup. Minimum value + is 1. + format: int32 + type: integer + tcpSocket: + description: TCPSocket specifies an action involving a TCP + port. + properties: + host: + description: 'Optional: Host name to connect to, defaults + to the pod IP.' + type: string + port: + anyOf: + - type: integer + - type: string + description: Number or name of the port to access on + the container. Number must be in the range 1 to 65535. + Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + terminationGracePeriodSeconds: + description: Optional duration in seconds the pod needs + to terminate gracefully upon probe failure. The grace + period is the duration in seconds after the processes + running in the pod are sent a termination signal and the + time when the processes are forcibly halted with a kill + signal. Set this value longer than the expected cleanup + time for your process. If this value is nil, the pod's + terminationGracePeriodSeconds will be used. Otherwise, + this value overrides the value provided by the pod spec. + Value must be non-negative integer. The value zero indicates + stop immediately via the kill signal (no opportunity to + shut down). This is a beta field and requires enabling + ProbeTerminationGracePeriod feature gate. Minimum value + is 1. spec.terminationGracePeriodSeconds is used if unset. + format: int64 + type: integer + timeoutSeconds: + description: 'Number of seconds after which the probe times + out. Defaults to 1 second. Minimum value is 1. More info: + https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + type: object + resources: + description: 'Compute Resources required by this container. + Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + properties: + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum amount of compute + resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum amount of compute + resources required. If Requests is omitted for a container, + it defaults to Limits if that is explicitly specified, + otherwise to an implementation-defined value. More info: + https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + type: object + securityContext: + description: 'SecurityContext defines the security options the + container should be run with. If set, the fields of SecurityContext + override the equivalent fields of PodSecurityContext. More + info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/' + properties: + allowPrivilegeEscalation: + description: 'AllowPrivilegeEscalation controls whether + a process can gain more privileges than its parent process. + This bool directly controls if the no_new_privs flag will + be set on the container process. AllowPrivilegeEscalation + is true always when the container is: 1) run as Privileged + 2) has CAP_SYS_ADMIN Note that this field cannot be set + when spec.os.name is windows.' + type: boolean + capabilities: + description: The capabilities to add/drop when running containers. + Defaults to the default set of capabilities granted by + the container runtime. Note that this field cannot be + set when spec.os.name is windows. + properties: + add: + description: Added capabilities + items: + description: Capability represent POSIX capabilities + type + type: string + type: array + drop: + description: Removed capabilities + items: + description: Capability represent POSIX capabilities + type + type: string + type: array + type: object + privileged: + description: Run container in privileged mode. Processes + in privileged containers are essentially equivalent to + root on the host. Defaults to false. Note that this field + cannot be set when spec.os.name is windows. + type: boolean + procMount: + description: procMount denotes the type of proc mount to + use for the containers. The default is DefaultProcMount + which uses the container runtime defaults for readonly + paths and masked paths. This requires the ProcMountType + feature flag to be enabled. Note that this field cannot + be set when spec.os.name is windows. + type: string + readOnlyRootFilesystem: + description: Whether this container has a read-only root + filesystem. Default is false. Note that this field cannot + be set when spec.os.name is windows. + type: boolean + runAsGroup: + description: The GID to run the entrypoint of the container + process. Uses runtime default if unset. May also be set + in PodSecurityContext. If set in both SecurityContext + and PodSecurityContext, the value specified in SecurityContext + takes precedence. Note that this field cannot be set when + spec.os.name is windows. + format: int64 + type: integer + runAsNonRoot: + description: Indicates that the container must run as a + non-root user. If true, the Kubelet will validate the + image at runtime to ensure that it does not run as UID + 0 (root) and fail to start the container if it does. If + unset or false, no such validation will be performed. + May also be set in PodSecurityContext. If set in both + SecurityContext and PodSecurityContext, the value specified + in SecurityContext takes precedence. + type: boolean + runAsUser: + description: The UID to run the entrypoint of the container + process. Defaults to user specified in image metadata + if unspecified. May also be set in PodSecurityContext. If + set in both SecurityContext and PodSecurityContext, the + value specified in SecurityContext takes precedence. Note + that this field cannot be set when spec.os.name is windows. + format: int64 + type: integer + seLinuxOptions: + description: The SELinux context to be applied to the container. + If unspecified, the container runtime will allocate a + random SELinux context for each container. May also be + set in PodSecurityContext. If set in both SecurityContext + and PodSecurityContext, the value specified in SecurityContext + takes precedence. Note that this field cannot be set when + spec.os.name is windows. + properties: + level: + description: Level is SELinux level label that applies + to the container. + type: string + role: + description: Role is a SELinux role label that applies + to the container. + type: string + type: + description: Type is a SELinux type label that applies + to the container. + type: string + user: + description: User is a SELinux user label that applies + to the container. + type: string + type: object + seccompProfile: + description: The seccomp options to use by this container. + If seccomp options are provided at both the pod & container + level, the container options override the pod options. + Note that this field cannot be set when spec.os.name is + windows. + properties: + localhostProfile: + description: localhostProfile indicates a profile defined + in a file on the node should be used. The profile + must be preconfigured on the node to work. Must be + a descending path, relative to the kubelet's configured + seccomp profile location. Must only be set if type + is "Localhost". + type: string + type: + description: "type indicates which kind of seccomp profile + will be applied. Valid options are: \n Localhost - + a profile defined in a file on the node should be + used. RuntimeDefault - the container runtime default + profile should be used. Unconfined - no profile should + be applied." + type: string + required: + - type + type: object + windowsOptions: + description: The Windows specific settings applied to all + containers. If unspecified, the options from the PodSecurityContext + will be used. If set in both SecurityContext and PodSecurityContext, + the value specified in SecurityContext takes precedence. + Note that this field cannot be set when spec.os.name is + linux. + properties: + gmsaCredentialSpec: + description: GMSACredentialSpec is where the GMSA admission + webhook (https://github.com/kubernetes-sigs/windows-gmsa) + inlines the contents of the GMSA credential spec named + by the GMSACredentialSpecName field. + type: string + gmsaCredentialSpecName: + description: GMSACredentialSpecName is the name of the + GMSA credential spec to use. + type: string + hostProcess: + description: HostProcess determines if a container should + be run as a 'Host Process' container. This field is + alpha-level and will only be honored by components + that enable the WindowsHostProcessContainers feature + flag. Setting this field without the feature flag + will result in errors when validating the Pod. All + of a Pod's containers must have the same effective + HostProcess value (it is not allowed to have a mix + of HostProcess containers and non-HostProcess containers). In + addition, if HostProcess is true then HostNetwork + must also be set to true. + type: boolean + runAsUserName: + description: The UserName in Windows to run the entrypoint + of the container process. Defaults to the user specified + in image metadata if unspecified. May also be set + in PodSecurityContext. If set in both SecurityContext + and PodSecurityContext, the value specified in SecurityContext + takes precedence. + type: string + type: object + type: object + startupProbe: + description: 'StartupProbe indicates that the Pod has successfully + initialized. If specified, no other probes are executed until + this completes successfully. If this probe fails, the Pod + will be restarted, just as if the livenessProbe failed. This + can be used to provide different probe parameters at the beginning + of a Pod''s lifecycle, when it might take a long time to load + data or warm a cache, than during steady-state operation. + This cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + properties: + exec: + description: Exec specifies the action to take. + properties: + command: + description: Command is the command line to execute + inside the container, the working directory for the + command is root ('/') in the container's filesystem. + The command is simply exec'd, it is not run inside + a shell, so traditional shell instructions ('|', etc) + won't work. To use a shell, you need to explicitly + call out to that shell. Exit status of 0 is treated + as live/healthy and non-zero is unhealthy. + items: + type: string + type: array + type: object + failureThreshold: + description: Minimum consecutive failures for the probe + to be considered failed after having succeeded. Defaults + to 3. Minimum value is 1. + format: int32 + type: integer + grpc: + description: GRPC specifies an action involving a GRPC port. + This is a beta field and requires enabling GRPCContainerProbe + feature gate. + properties: + port: + description: Port number of the gRPC service. Number + must be in the range 1 to 65535. + format: int32 + type: integer + service: + description: "Service is the name of the service to + place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + \n If this is not specified, the default behavior + is defined by gRPC." + type: string + required: + - port + type: object + httpGet: + description: HTTPGet specifies the http request to perform. + properties: + host: + description: Host name to connect to, defaults to the + pod IP. You probably want to set "Host" in httpHeaders + instead. + type: string + httpHeaders: + description: Custom headers to set in the request. HTTP + allows repeated headers. + items: + description: HTTPHeader describes a custom header + to be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: integer + - type: string + description: Name or number of the port to access on + the container. Number must be in the range 1 to 65535. + Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: Scheme to use for connecting to the host. + Defaults to HTTP. + type: string + required: + - port + type: object + initialDelaySeconds: + description: 'Number of seconds after the container has + started before liveness probes are initiated. More info: + https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + periodSeconds: + description: How often (in seconds) to perform the probe. + Default to 10 seconds. Minimum value is 1. + format: int32 + type: integer + successThreshold: + description: Minimum consecutive successes for the probe + to be considered successful after having failed. Defaults + to 1. Must be 1 for liveness and startup. Minimum value + is 1. + format: int32 + type: integer + tcpSocket: + description: TCPSocket specifies an action involving a TCP + port. + properties: + host: + description: 'Optional: Host name to connect to, defaults + to the pod IP.' + type: string + port: + anyOf: + - type: integer + - type: string + description: Number or name of the port to access on + the container. Number must be in the range 1 to 65535. + Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + terminationGracePeriodSeconds: + description: Optional duration in seconds the pod needs + to terminate gracefully upon probe failure. The grace + period is the duration in seconds after the processes + running in the pod are sent a termination signal and the + time when the processes are forcibly halted with a kill + signal. Set this value longer than the expected cleanup + time for your process. If this value is nil, the pod's + terminationGracePeriodSeconds will be used. Otherwise, + this value overrides the value provided by the pod spec. + Value must be non-negative integer. The value zero indicates + stop immediately via the kill signal (no opportunity to + shut down). This is a beta field and requires enabling + ProbeTerminationGracePeriod feature gate. Minimum value + is 1. spec.terminationGracePeriodSeconds is used if unset. + format: int64 + type: integer + timeoutSeconds: + description: 'Number of seconds after which the probe times + out. Defaults to 1 second. Minimum value is 1. More info: + https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + type: object + stdin: + description: Whether this container should allocate a buffer + for stdin in the container runtime. If this is not set, reads + from stdin in the container will always result in EOF. Default + is false. + type: boolean + stdinOnce: + description: Whether the container runtime should close the + stdin channel after it has been opened by a single attach. + When stdin is true the stdin stream will remain open across + multiple attach sessions. If stdinOnce is set to true, stdin + is opened on container start, is empty until the first client + attaches to stdin, and then remains open and accepts data + until the client disconnects, at which time stdin is closed + and remains closed until the container is restarted. If this + flag is false, a container processes that reads from stdin + will never receive an EOF. Default is false + type: boolean + terminationMessagePath: + description: 'Optional: Path at which the file to which the + container''s termination message will be written is mounted + into the container''s filesystem. Message written is intended + to be brief final status, such as an assertion failure message. + Will be truncated by the node if greater than 4096 bytes. + The total message length across all containers will be limited + to 12kb. Defaults to /dev/termination-log. Cannot be updated.' + type: string + terminationMessagePolicy: + description: Indicate how the termination message should be + populated. File will use the contents of terminationMessagePath + to populate the container status message on both success and + failure. FallbackToLogsOnError will use the last chunk of + container log output if the termination message file is empty + and the container exited with an error. The log output is + limited to 2048 bytes or 80 lines, whichever is smaller. Defaults + to File. Cannot be updated. + type: string + tty: + description: Whether this container should allocate a TTY for + itself, also requires 'stdin' to be true. Default is false. + type: boolean + volumeDevices: + description: volumeDevices is the list of block devices to be + used by the container. + items: + description: volumeDevice describes a mapping of a raw block + device within a container. + properties: + devicePath: + description: devicePath is the path inside of the container + that the device will be mapped to. + type: string + name: + description: name must match the name of a persistentVolumeClaim + in the pod + type: string + required: + - devicePath + - name + type: object + type: array + volumeMounts: + description: Pod volumes to mount into the container's filesystem. + Cannot be updated. + items: + description: VolumeMount describes a mounting of a Volume + within a container. + properties: + mountPath: + description: Path within the container at which the volume + should be mounted. Must not contain ':'. + type: string + mountPropagation: + description: mountPropagation determines how mounts are + propagated from the host to container and the other + way around. When not set, MountPropagationNone is used. + This field is beta in 1.10. + type: string + name: + description: This must match the Name of a Volume. + type: string + readOnly: + description: Mounted read-only if true, read-write otherwise + (false or unspecified). Defaults to false. + type: boolean + subPath: + description: Path within the volume from which the container's + volume should be mounted. Defaults to "" (volume's root). + type: string + subPathExpr: + description: Expanded path within the volume from which + the container's volume should be mounted. Behaves similarly + to SubPath but environment variable references $(VAR_NAME) + are expanded using the container's environment. Defaults + to "" (volume's root). SubPathExpr and SubPath are mutually + exclusive. + type: string + required: + - mountPath + - name + type: object + type: array + workingDir: + description: Container's working directory. If not specified, + the container runtime's default will be used, which might + be configured in the container image. Cannot be updated. + type: string + required: + - name + type: object + logicalBackupSchedule: + type: string + pattern: '^(\d+|\*)(/\d+)?(\s+(\d+|\*)(/\d+)?){4}$' + maintenanceWindows: + type: array + items: + type: string + pattern: '^\ *((Mon|Tue|Wed|Thu|Fri|Sat|Sun):(2[0-3]|[01]?\d):([0-5]?\d)|(2[0-3]|[01]?\d):([0-5]?\d))-((Mon|Tue|Wed|Thu|Fri|Sat|Sun):(2[0-3]|[01]?\d):([0-5]?\d)|(2[0-3]|[01]?\d):([0-5]?\d))\ *$' + masterServiceAnnotations: + type: object + additionalProperties: + type: string + nodeAffinity: + type: object + properties: + preferredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + required: + - preference + - weight + properties: + preference: + type: object + properties: + matchExpressions: + type: array + items: + type: object + required: + - key + - operator + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchFields: + type: array + items: + type: object + required: + - key + - operator + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + weight: + format: int32 + type: integer + requiredDuringSchedulingIgnoredDuringExecution: + type: object + required: + - nodeSelectorTerms + properties: + nodeSelectorTerms: + type: array + items: + type: object + properties: + matchExpressions: + type: array + items: + type: object + required: + - key + - operator + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchFields: + type: array + items: + type: object + required: + - key + - operator + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + numberOfInstances: + type: integer + minimum: 0 + patroni: + type: object + properties: + failsafe_mode: + type: boolean + initdb: + type: object + additionalProperties: + type: string + loop_wait: + type: integer + maximum_lag_on_failover: + type: integer + pg_hba: + type: array + items: + type: string + retry_timeout: + type: integer + slots: + type: object + additionalProperties: + type: object + additionalProperties: + type: string + synchronous_mode: + type: boolean + synchronous_mode_strict: + type: boolean + synchronous_node_count: + type: integer + ttl: + type: integer + podAnnotations: + type: object + additionalProperties: + type: string + pod_priority_class_name: + type: string + description: deprecated + podPriorityClassName: + type: string + postgresql: + type: object + required: + - version + properties: + version: + type: string + enum: + - "10" + - "11" + - "12" + - "13" + - "14" + - "15" + parameters: + type: object + additionalProperties: + type: string + preparedDatabases: + type: object + additionalProperties: + type: object + properties: + defaultUsers: + type: boolean + extensions: + type: object + additionalProperties: + type: string + schemas: + type: object + additionalProperties: + type: object + properties: + defaultUsers: + type: boolean + defaultRoles: + type: boolean + secretNamespace: + type: string + replicaLoadBalancer: + type: boolean + description: deprecated + replicaServiceAnnotations: + type: object + additionalProperties: + type: string + resources: + type: object + properties: + limits: + type: object + properties: + cpu: + type: string + # Decimal natural followed by m, or decimal natural followed by + # dot followed by up to three decimal digits. + # + # This is because the Kubernetes CPU resource has millis as the + # maximum precision. The actual values are checked in code + # because the regular expression would be huge and horrible and + # not very helpful in validation error messages; this one checks + # only the format of the given number. + # + # https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/#meaning-of-cpu + pattern: '^(\d+m|\d+(\.\d{1,3})?)$' + # Note: the value specified here must not be zero or be lower + # than the corresponding request. + memory: + type: string + # You can express memory as a plain integer or as a fixed-point + # integer using one of these suffixes: E, P, T, G, M, k. You can + # also use the power-of-two equivalents: Ei, Pi, Ti, Gi, Mi, Ki + # + # https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/#meaning-of-memory + pattern: '^(\d+(e\d+)?|\d+(\.\d+)?(e\d+)?[EPTGMK]i?)$' + # Note: the value specified here must not be zero or be higher + # than the corresponding limit. + hugepages-2Mi: + type: string + pattern: '^(\d+(e\d+)?|\d+(\.\d+)?(e\d+)?[EPTGMK]i?)$' + hugepages-1Gi: + type: string + pattern: '^(\d+(e\d+)?|\d+(\.\d+)?(e\d+)?[EPTGMK]i?)$' + requests: + type: object + properties: + cpu: + type: string + pattern: '^(\d+m|\d+(\.\d{1,3})?)$' + memory: + type: string + pattern: '^(\d+(e\d+)?|\d+(\.\d+)?(e\d+)?[EPTGMK]i?)$' + hugepages-2Mi: + type: string + pattern: '^(\d+(e\d+)?|\d+(\.\d+)?(e\d+)?[EPTGMK]i?)$' + hugepages-1Gi: + type: string + pattern: '^(\d+(e\d+)?|\d+(\.\d+)?(e\d+)?[EPTGMK]i?)$' + schedulerName: + type: string + serviceAnnotations: + type: object + additionalProperties: + type: string + sidecars: + type: array + nullable: true + items: + description: Sidecar defines a container to be run in the same pod + as the Postgres container. + properties: + env: + items: + description: EnvVar represents an environment variable present + in a Container. + properties: + name: + description: Name of the environment variable. Must be + a C_IDENTIFIER. + type: string + value: + description: 'Variable references $(VAR_NAME) are expanded + using the previously defined environment variables in + the container and any service environment variables. + If a variable cannot be resolved, the reference in the + input string will be unchanged. Double $$ are reduced + to a single $, which allows for escaping the $(VAR_NAME) + syntax: i.e. "$$(VAR_NAME)" will produce the string + literal "$(VAR_NAME)". Escaped references will never + be expanded, regardless of whether the variable exists + or not. Defaults to "".' + type: string + valueFrom: + description: Source for the environment variable's value. + Cannot be used if value is not empty. + properties: + configMapKeyRef: + description: Selects a key of a ConfigMap. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether the ConfigMap or + its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + fieldRef: + description: 'Selects a field of the pod: supports + metadata.name, metadata.namespace, `metadata.labels['''']`, + `metadata.annotations['''']`, spec.nodeName, + spec.serviceAccountName, status.hostIP, status.podIP, + status.podIPs.' + properties: + apiVersion: + description: Version of the schema the FieldPath + is written in terms of, defaults to "v1". + type: string + fieldPath: + description: Path of the field to select in the + specified API version. + type: string + required: + - fieldPath + type: object + x-kubernetes-map-type: atomic + resourceFieldRef: + description: 'Selects a resource of the container: + only resources limits and requests (limits.cpu, + limits.memory, limits.ephemeral-storage, requests.cpu, + requests.memory and requests.ephemeral-storage) + are currently supported.' + properties: + containerName: + description: 'Container name: required for volumes, + optional for env vars' + type: string + divisor: + anyOf: + - type: integer + - type: string + description: Specifies the output format of the + exposed resources, defaults to "1" + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + description: 'Required: resource to select' + type: string + required: + - resource + type: object + x-kubernetes-map-type: atomic + secretKeyRef: + description: Selects a key of a secret in the pod's + namespace + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether the Secret or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + required: + - name + type: object + type: array + image: + type: string + name: + type: string + ports: + items: + description: ContainerPort represents a network port in a + single container. + properties: + containerPort: + description: Number of port to expose on the pod's IP + address. This must be a valid port number, 0 < x < 65536. + format: int32 + type: integer + hostIP: + description: What host IP to bind the external port to. + type: string + hostPort: + description: Number of port to expose on the host. If + specified, this must be a valid port number, 0 < x < + 65536. If HostNetwork is specified, this must match + ContainerPort. Most containers do not need this. + format: int32 + type: integer + name: + description: If specified, this must be an IANA_SVC_NAME + and unique within the pod. Each named port in a pod + must have a unique name. Name for the port that can + be referred to by services. + type: string + protocol: + default: TCP + description: Protocol for port. Must be UDP, TCP, or SCTP. + Defaults to "TCP". + type: string + required: + - containerPort + type: object + type: array + resources: + description: Resources describes requests and limits for the + cluster resouces. + properties: + limits: + description: ResourceDescription describes CPU and memory + resources defined for a cluster. + properties: + cpu: + type: string + hugepages-1Gi: + type: string + hugepages-2Mi: + type: string + memory: + type: string + required: + - cpu + - hugepages-1Gi + - hugepages-2Mi + - memory + type: object + requests: + description: ResourceDescription describes CPU and memory + resources defined for a cluster. + properties: + cpu: + type: string + hugepages-1Gi: + type: string + hugepages-2Mi: + type: string + memory: + type: string + required: + - cpu + - hugepages-1Gi + - hugepages-2Mi + - memory + type: object + type: object + type: object + spiloRunAsUser: + type: integer + spiloRunAsGroup: + type: integer + spiloFSGroup: + type: integer + standby: + type: object + properties: + s3_wal_path: + type: string + gs_wal_path: + type: string + standby_host: + type: string + standby_port: + type: string + oneOf: + - required: + - s3_wal_path + - required: + - gs_wal_path + - required: + - standby_host + streams: + type: array + items: + type: object + required: + - applicationId + - database + - tables + properties: + applicationId: + type: string + batchSize: + type: integer + database: + type: string + enableRecovery: + type: boolean + filter: + type: object + additionalProperties: + type: string + tables: + type: object + additionalProperties: + type: object + required: + - eventType + properties: + eventType: + type: string + idColumn: + type: string + payloadColumn: + type: string + recoveryEventType: + type: string + teamId: + type: string + tls: + type: object + required: + - secretName + properties: + secretName: + type: string + certificateFile: + type: string + privateKeyFile: + type: string + caFile: + type: string + caSecretName: + type: string + tolerations: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + enum: + - Equal + - Exists + value: + type: string + effect: + type: string + enum: + - NoExecute + - NoSchedule + - PreferNoSchedule + tolerationSeconds: + type: integer + useLoadBalancer: + type: boolean + description: deprecated + users: + type: object + additionalProperties: + type: array + nullable: true + items: + type: string + enum: + - bypassrls + - BYPASSRLS + - nobypassrls + - NOBYPASSRLS + - createdb + - CREATEDB + - nocreatedb + - NOCREATEDB + - createrole + - CREATEROLE + - nocreaterole + - NOCREATEROLE + - inherit + - INHERIT + - noinherit + - NOINHERIT + - login + - LOGIN + - nologin + - NOLOGIN + - replication + - REPLICATION + - noreplication + - NOREPLICATION + - superuser + - SUPERUSER + - nosuperuser + - NOSUPERUSER + usersIgnoringSecretRotation: + type: array + nullable: true + items: + type: string + usersWithInPlaceSecretRotation: + type: array + nullable: true + items: + type: string + usersWithSecretRotation: + type: array + nullable: true + items: + type: string + volume: + type: object + required: + - size + properties: + iops: + type: integer + selector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + required: + - key + - operator + properties: + key: + type: string + operator: + type: string + enum: + - DoesNotExist + - Exists + - In + - NotIn + values: + type: array + items: + type: string + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} pairs. A + single {key,value} in the matchLabels map is equivalent + to an element of matchExpressions, whose key field is "key", + the operator is "In", and the values array contains only + "value". The requirements are ANDed. + type: object + size: + type: string + pattern: '^(\d+(e\d+)?|\d+(\.\d+)?(e\d+)?[EPTGMK]i?)$' + # Note: the value specified here must not be zero. + storageClass: + type: string + subPath: + type: string + throughput: + type: integer + status: + type: object + additionalProperties: + type: string diff --git a/data/zalando_postgres-operator/api-service.yaml b/data/zalando_postgres-operator/api-service.yaml new file mode 100644 index 0000000000..616448177c --- /dev/null +++ b/data/zalando_postgres-operator/api-service.yaml @@ -0,0 +1,12 @@ +apiVersion: v1 +kind: Service +metadata: + name: postgres-operator +spec: + type: ClusterIP + ports: + - port: 8080 + protocol: TCP + targetPort: 8080 + selector: + name: postgres-operator diff --git a/data/zalando_postgres-operator/configmap.yaml b/data/zalando_postgres-operator/configmap.yaml new file mode 100644 index 0000000000..6a10ade2cf --- /dev/null +++ b/data/zalando_postgres-operator/configmap.yaml @@ -0,0 +1,169 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: postgres-operator +data: + # additional_owner_roles: "cron_admin" + # additional_pod_capabilities: "SYS_NICE" + # additional_secret_mount: "some-secret-name" + # additional_secret_mount_path: "/some/dir" + api_port: "8080" + aws_region: eu-central-1 + cluster_domain: cluster.local + cluster_history_entries: "1000" + cluster_labels: application:spilo + cluster_name_label: cluster-name + connection_pooler_default_cpu_limit: "1" + connection_pooler_default_cpu_request: "500m" + connection_pooler_default_memory_limit: 100Mi + connection_pooler_default_memory_request: 100Mi + connection_pooler_image: "registry.opensource.zalan.do/acid/pgbouncer:master-32" + # connection_pooler_max_db_connections: 60 + # connection_pooler_mode: "transaction" + # connection_pooler_number_of_instances: 2 + # connection_pooler_schema: "pooler" + # connection_pooler_user: "pooler" + crd_categories: "all" + # custom_service_annotations: "keyx:valuez,keya:valuea" + # custom_pod_annotations: "keya:valuea,keyb:valueb" + db_hosted_zone: db.example.com + debug_logging: "true" + default_cpu_limit: "1" + default_cpu_request: 100m + default_memory_limit: 500Mi + default_memory_request: 100Mi + # delete_annotation_date_key: delete-date + # delete_annotation_name_key: delete-clustername + docker_image: ghcr.io/zalando/spilo-15:3.0-p1 + # downscaler_annotations: "deployment-time,downscaler/*" + # enable_admin_role_for_users: "true" + # enable_crd_registration: "true" + # enable_cross_namespace_secret: "false" + enable_finalizers: "false" + # enable_database_access: "true" + enable_ebs_gp3_migration: "false" + # enable_ebs_gp3_migration_max_size: "1000" + # enable_init_containers: "true" + # enable_lazy_spilo_upgrade: "false" + enable_master_load_balancer: "false" + enable_master_pooler_load_balancer: "false" + enable_password_rotation: "false" + enable_patroni_failsafe_mode: "false" + enable_pgversion_env_var: "true" + # enable_pod_antiaffinity: "false" + # enable_pod_disruption_budget: "true" + # enable_postgres_team_crd: "false" + # enable_postgres_team_crd_superusers: "false" + enable_readiness_probe: "false" + enable_replica_load_balancer: "false" + enable_replica_pooler_load_balancer: "false" + # enable_shm_volume: "true" + # enable_sidecars: "true" + enable_spilo_wal_path_compat: "true" + enable_team_id_clustername_prefix: "false" + enable_team_member_deprecation: "false" + # enable_team_superuser: "false" + enable_teams_api: "false" + # etcd_host: "" + external_traffic_policy: "Cluster" + # gcp_credentials: "" + # ignored_annotations: "" + # infrastructure_roles_secret_name: "postgresql-infrastructure-roles" + # infrastructure_roles_secrets: "secretname:monitoring-roles,userkey:user,passwordkey:password,rolekey:inrole" + # ignore_instance_limits_annotation_key: "" + # inherited_annotations: owned-by + # inherited_labels: application,environment + # kube_iam_role: "" + # kubernetes_use_configmaps: "false" + # log_s3_bucket: "" + # logical_backup_azure_storage_account_name: "" + # logical_backup_azure_storage_container: "" + # logical_backup_azure_storage_account_key: "" + # logical_backup_cpu_limit: "" + # logical_backup_cpu_request: "" + logical_backup_docker_image: "registry.opensource.zalan.do/acid/logical-backup:v1.10.1" + # logical_backup_google_application_credentials: "" + logical_backup_job_prefix: "logical-backup-" + # logical_backup_memory_limit: "" + # logical_backup_memory_request: "" + logical_backup_provider: "s3" + # logical_backup_s3_access_key_id: "" + logical_backup_s3_bucket: "my-bucket-url" + # logical_backup_s3_region: "" + # logical_backup_s3_endpoint: "" + # logical_backup_s3_secret_access_key: "" + logical_backup_s3_sse: "AES256" + # logical_backup_s3_retention_time: "" + logical_backup_schedule: "30 00 * * *" + # logical_backup_cronjob_environment_secret: "" + major_version_upgrade_mode: "manual" + # major_version_upgrade_team_allow_list: "" + master_dns_name_format: "{cluster}.{namespace}.{hostedzone}" + # master_legacy_dns_name_format: "{cluster}.{team}.{hostedzone}" + # master_pod_move_timeout: 20m + # max_instances: "-1" + # min_instances: "-1" + # max_cpu_request: "1" + # max_memory_request: 4Gi + # min_cpu_limit: 250m + # min_memory_limit: 250Mi + # minimal_major_version: "11" + # node_readiness_label: "status:ready" + # node_readiness_label_merge: "OR" + # oauth_token_secret_name: postgresql-operator + # pam_configuration: | + # https://info.example.com/oauth2/tokeninfo?access_token= uid realm=/employees + # pam_role_name: zalandos + patroni_api_check_interval: "1s" + patroni_api_check_timeout: "5s" + # password_rotation_interval: "90" + # password_rotation_user_retention: "180" + pdb_name_format: "postgres-{cluster}-pdb" + persistent_volume_claim_retention_policy: "when_deleted:retain,when_scaled:retain" + # pod_antiaffinity_preferred_during_scheduling: "false" + # pod_antiaffinity_topology_key: "kubernetes.io/hostname" + pod_deletion_wait_timeout: 10m + # pod_environment_configmap: "default/my-custom-config" + # pod_environment_secret: "my-custom-secret" + pod_label_wait_timeout: 10m + pod_management_policy: "ordered_ready" + # pod_priority_class_name: "postgres-pod-priority" + pod_role_label: spilo-role + # pod_service_account_definition: "" + pod_service_account_name: "postgres-pod" + # pod_service_account_role_binding_definition: "" + pod_terminate_grace_period: 5m + # postgres_superuser_teams: "postgres_superusers" + # protected_role_names: "admin,cron_admin" + ready_wait_interval: 3s + ready_wait_timeout: 30s + repair_period: 5m + replica_dns_name_format: "{cluster}-repl.{namespace}.{hostedzone}" + # replica_legacy_dns_name_format: "{cluster}-repl.{team}.{hostedzone}" + replication_username: standby + resource_check_interval: 3s + resource_check_timeout: 10m + resync_period: 30m + ring_log_lines: "100" + role_deletion_suffix: "_deleted" + secret_name_template: "{username}.{cluster}.credentials.{tprkind}.{tprgroup}" + share_pgsocket_with_sidecars: "false" + # sidecar_docker_images: "" + # set_memory_request_to_limit: "false" + spilo_allow_privilege_escalation: "true" + # spilo_runasuser: 101 + # spilo_runasgroup: 103 + # spilo_fsgroup: 103 + spilo_privileged: "false" + storage_resize_mode: "pvc" + super_username: postgres + # target_major_version: "15" + # team_admin_role: "admin" + # team_api_role_configuration: "log_statement:all" + # teams_api_url: http://fake-teams-api.default.svc.cluster.local + # toleration: "key:db-only,operator:Exists,effect:NoSchedule" + # wal_az_storage_account: "" + # wal_gs_bucket: "" + # wal_s3_bucket: "" + watched_namespace: "*" # listen to all namespaces + workers: "8" diff --git a/data/zalando_postgres-operator/context.json b/data/zalando_postgres-operator/context.json new file mode 100644 index 0000000000..6d0f926513 --- /dev/null +++ b/data/zalando_postgres-operator/context.json @@ -0,0 +1,978 @@ +{ + "crd": { + "body": { + "apiVersion": "apiextensions.k8s.io/v1", + "kind": "CustomResourceDefinition", + "metadata": { + "creationTimestamp": "2024-02-23T20:11:49Z", + "generation": 2, + "name": "postgresqls.acid.zalan.do", + "resourceVersion": "675", + "uid": "4ea4947f-12b7-45b1-831c-47f619300721" + }, + "spec": { + "conversion": { + "strategy": "None" + }, + "group": "acid.zalan.do", + "names": { + "categories": [ + "all" + ], + "kind": "postgresql", + "listKind": "postgresqlList", + "plural": "postgresqls", + "shortNames": [ + "pg" + ], + "singular": "postgresql" + }, + "scope": "Namespaced", + "versions": [ + { + "additionalPrinterColumns": [ + { + "description": "Team responsible for Postgres cluster", + "jsonPath": ".spec.teamId", + "name": "Team", + "type": "string" + }, + { + "description": "PostgreSQL version", + "jsonPath": ".spec.postgresql.version", + "name": "Version", + "type": "string" + }, + { + "description": "Number of Pods per Postgres cluster", + "jsonPath": ".spec.numberOfInstances", + "name": "Pods", + "type": "integer" + }, + { + "description": "Size of the bound volume", + "jsonPath": ".spec.volume.size", + "name": "Volume", + "type": "string" + }, + { + "description": "Requested CPU for Postgres containers", + "jsonPath": ".spec.resources.requests.cpu", + "name": "CPU-Request", + "type": "string" + }, + { + "description": "Requested memory for Postgres containers", + "jsonPath": ".spec.resources.requests.memory", + "name": "Memory-Request", + "type": "string" + }, + { + "jsonPath": ".metadata.creationTimestamp", + "name": "Age", + "type": "date" + }, + { + "description": "Current sync status of postgresql resource", + "jsonPath": ".status.PostgresClusterStatus", + "name": "Status", + "type": "string" + } + ], + "name": "v1", + "schema": { + "openAPIV3Schema": { + "properties": { + "apiVersion": { + "enum": [ + "acid.zalan.do/v1" + ], + "type": "string" + }, + "kind": { + "enum": [ + "postgresql" + ], + "type": "string" + }, + "spec": { + "properties": { + "additionalVolumes": { + "items": { + "properties": { + "mountPath": { + "type": "string" + }, + "name": { + "type": "string" + }, + "subPath": { + "type": "string" + }, + "targetContainers": { + "items": { + "type": "string" + }, + "nullable": true, + "type": "array" + }, + "volumeSource": { + "type": "object", + "x-kubernetes-preserve-unknown-fields": true + } + }, + "required": [ + "name", + "mountPath", + "volumeSource" + ], + "type": "object" + }, + "type": "array" + }, + "allowedSourceRanges": { + "items": { + "pattern": "^(\\d|[1-9]\\d|1\\d\\d|2[0-4]\\d|25[0-5])\\.(\\d|[1-9]\\d|1\\d\\d|2[0-4]\\d|25[0-5])\\.(\\d|[1-9]\\d|1\\d\\d|2[0-4]\\d|25[0-5])\\.(\\d|[1-9]\\d|1\\d\\d|2[0-4]\\d|25[0-5])\\/(\\d|[1-2]\\d|3[0-2])$", + "type": "string" + }, + "nullable": true, + "type": "array" + }, + "clone": { + "properties": { + "cluster": { + "type": "string" + }, + "s3_access_key_id": { + "type": "string" + }, + "s3_endpoint": { + "type": "string" + }, + "s3_force_path_style": { + "type": "boolean" + }, + "s3_secret_access_key": { + "type": "string" + }, + "s3_wal_path": { + "type": "string" + }, + "timestamp": { + "pattern": "^([0-9]+)-(0[1-9]|1[012])-(0[1-9]|[12][0-9]|3[01])[Tt]([01][0-9]|2[0-3]):([0-5][0-9]):([0-5][0-9]|60)(\\.[0-9]+)?(([+-]([01][0-9]|2[0-3]):[0-5][0-9]))$", + "type": "string" + }, + "uid": { + "format": "uuid", + "type": "string" + } + }, + "required": [ + "cluster" + ], + "type": "object" + }, + "connectionPooler": { + "properties": { + "dockerImage": { + "type": "string" + }, + "maxDBConnections": { + "type": "integer" + }, + "mode": { + "enum": [ + "session", + "transaction" + ], + "type": "string" + }, + "numberOfInstances": { + "minimum": 1, + "type": "integer" + }, + "resources": { + "properties": { + "limits": { + "properties": { + "cpu": { + "pattern": "^(\\d+m|\\d+(\\.\\d{1,3})?)$", + "type": "string" + }, + "memory": { + "pattern": "^(\\d+(e\\d+)?|\\d+(\\.\\d+)?(e\\d+)?[EPTGMK]i?)$", + "type": "string" + } + }, + "type": "object" + }, + "requests": { + "properties": { + "cpu": { + "pattern": "^(\\d+m|\\d+(\\.\\d{1,3})?)$", + "type": "string" + }, + "memory": { + "pattern": "^(\\d+(e\\d+)?|\\d+(\\.\\d+)?(e\\d+)?[EPTGMK]i?)$", + "type": "string" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "schema": { + "type": "string" + }, + "user": { + "type": "string" + } + }, + "type": "object" + }, + "databases": { + "additionalProperties": { + "type": "string" + }, + "type": "object" + }, + "dockerImage": { + "type": "string" + }, + "enableConnectionPooler": { + "type": "boolean" + }, + "enableLogicalBackup": { + "type": "boolean" + }, + "enableMasterLoadBalancer": { + "type": "boolean" + }, + "enableMasterPoolerLoadBalancer": { + "type": "boolean" + }, + "enableReplicaConnectionPooler": { + "type": "boolean" + }, + "enableReplicaLoadBalancer": { + "type": "boolean" + }, + "enableReplicaPoolerLoadBalancer": { + "type": "boolean" + }, + "enableShmVolume": { + "type": "boolean" + }, + "env": { + "items": { + "type": "object", + "x-kubernetes-preserve-unknown-fields": true + }, + "nullable": true, + "type": "array" + }, + "initContainers": { + "items": { + "type": "object", + "x-kubernetes-preserve-unknown-fields": true + }, + "nullable": true, + "type": "array" + }, + "init_containers": { + "description": "deprecated", + "items": { + "type": "object", + "x-kubernetes-preserve-unknown-fields": true + }, + "nullable": true, + "type": "array" + }, + "logicalBackupSchedule": { + "pattern": "^(\\d+|\\*)(/\\d+)?(\\s+(\\d+|\\*)(/\\d+)?){4}$", + "type": "string" + }, + "maintenanceWindows": { + "items": { + "pattern": "^\\ *((Mon|Tue|Wed|Thu|Fri|Sat|Sun):(2[0-3]|[01]?\\d):([0-5]?\\d)|(2[0-3]|[01]?\\d):([0-5]?\\d))-((Mon|Tue|Wed|Thu|Fri|Sat|Sun):(2[0-3]|[01]?\\d):([0-5]?\\d)|(2[0-3]|[01]?\\d):([0-5]?\\d))\\ *$", + "type": "string" + }, + "type": "array" + }, + "masterServiceAnnotations": { + "additionalProperties": { + "type": "string" + }, + "type": "object" + }, + "nodeAffinity": { + "properties": { + "preferredDuringSchedulingIgnoredDuringExecution": { + "items": { + "properties": { + "preference": { + "properties": { + "matchExpressions": { + "items": { + "properties": { + "key": { + "type": "string" + }, + "operator": { + "type": "string" + }, + "values": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array" + }, + "matchFields": { + "items": { + "properties": { + "key": { + "type": "string" + }, + "operator": { + "type": "string" + }, + "values": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array" + } + }, + "type": "object" + }, + "weight": { + "format": "int32", + "type": "integer" + } + }, + "required": [ + "preference", + "weight" + ], + "type": "object" + }, + "type": "array" + }, + "requiredDuringSchedulingIgnoredDuringExecution": { + "properties": { + "nodeSelectorTerms": { + "items": { + "properties": { + "matchExpressions": { + "items": { + "properties": { + "key": { + "type": "string" + }, + "operator": { + "type": "string" + }, + "values": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array" + }, + "matchFields": { + "items": { + "properties": { + "key": { + "type": "string" + }, + "operator": { + "type": "string" + }, + "values": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array" + } + }, + "type": "object" + }, + "type": "array" + } + }, + "required": [ + "nodeSelectorTerms" + ], + "type": "object" + } + }, + "type": "object" + }, + "numberOfInstances": { + "minimum": 0, + "type": "integer" + }, + "patroni": { + "properties": { + "failsafe_mode": { + "type": "boolean" + }, + "initdb": { + "additionalProperties": { + "type": "string" + }, + "type": "object" + }, + "loop_wait": { + "type": "integer" + }, + "maximum_lag_on_failover": { + "type": "integer" + }, + "pg_hba": { + "items": { + "type": "string" + }, + "type": "array" + }, + "retry_timeout": { + "type": "integer" + }, + "slots": { + "additionalProperties": { + "additionalProperties": { + "type": "string" + }, + "type": "object" + }, + "type": "object" + }, + "synchronous_mode": { + "type": "boolean" + }, + "synchronous_mode_strict": { + "type": "boolean" + }, + "synchronous_node_count": { + "type": "integer" + }, + "ttl": { + "type": "integer" + } + }, + "type": "object" + }, + "podAnnotations": { + "additionalProperties": { + "type": "string" + }, + "type": "object" + }, + "podPriorityClassName": { + "type": "string" + }, + "pod_priority_class_name": { + "description": "deprecated", + "type": "string" + }, + "postgresql": { + "properties": { + "parameters": { + "additionalProperties": { + "type": "string" + }, + "type": "object" + }, + "version": { + "enum": [ + "10", + "11", + "12", + "13", + "14", + "15" + ], + "type": "string" + } + }, + "required": [ + "version" + ], + "type": "object" + }, + "preparedDatabases": { + "additionalProperties": { + "properties": { + "defaultUsers": { + "type": "boolean" + }, + "extensions": { + "additionalProperties": { + "type": "string" + }, + "type": "object" + }, + "schemas": { + "additionalProperties": { + "properties": { + "defaultRoles": { + "type": "boolean" + }, + "defaultUsers": { + "type": "boolean" + } + }, + "type": "object" + }, + "type": "object" + }, + "secretNamespace": { + "type": "string" + } + }, + "type": "object" + }, + "type": "object" + }, + "replicaLoadBalancer": { + "description": "deprecated", + "type": "boolean" + }, + "replicaServiceAnnotations": { + "additionalProperties": { + "type": "string" + }, + "type": "object" + }, + "resources": { + "properties": { + "limits": { + "properties": { + "cpu": { + "pattern": "^(\\d+m|\\d+(\\.\\d{1,3})?)$", + "type": "string" + }, + "memory": { + "pattern": "^(\\d+(e\\d+)?|\\d+(\\.\\d+)?(e\\d+)?[EPTGMK]i?)$", + "type": "string" + } + }, + "type": "object" + }, + "requests": { + "properties": { + "cpu": { + "pattern": "^(\\d+m|\\d+(\\.\\d{1,3})?)$", + "type": "string" + }, + "memory": { + "pattern": "^(\\d+(e\\d+)?|\\d+(\\.\\d+)?(e\\d+)?[EPTGMK]i?)$", + "type": "string" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "schedulerName": { + "type": "string" + }, + "serviceAnnotations": { + "additionalProperties": { + "type": "string" + }, + "type": "object" + }, + "sidecars": { + "items": { + "type": "object", + "x-kubernetes-preserve-unknown-fields": true + }, + "nullable": true, + "type": "array" + }, + "spiloFSGroup": { + "type": "integer" + }, + "spiloRunAsGroup": { + "type": "integer" + }, + "spiloRunAsUser": { + "type": "integer" + }, + "standby": { + "oneOf": [ + { + "required": [ + "s3_wal_path" + ] + }, + { + "required": [ + "gs_wal_path" + ] + }, + { + "required": [ + "standby_host" + ] + } + ], + "properties": { + "gs_wal_path": { + "type": "string" + }, + "s3_wal_path": { + "type": "string" + }, + "standby_host": { + "type": "string" + }, + "standby_port": { + "type": "string" + } + }, + "type": "object" + }, + "streams": { + "items": { + "properties": { + "applicationId": { + "type": "string" + }, + "batchSize": { + "type": "integer" + }, + "database": { + "type": "string" + }, + "filter": { + "additionalProperties": { + "type": "string" + }, + "type": "object" + }, + "tables": { + "additionalProperties": { + "properties": { + "eventType": { + "type": "string" + }, + "idColumn": { + "type": "string" + }, + "payloadColumn": { + "type": "string" + } + }, + "required": [ + "eventType" + ], + "type": "object" + }, + "type": "object" + } + }, + "required": [ + "applicationId", + "database", + "tables" + ], + "type": "object" + }, + "type": "array" + }, + "teamId": { + "type": "string" + }, + "tls": { + "properties": { + "caFile": { + "type": "string" + }, + "caSecretName": { + "type": "string" + }, + "certificateFile": { + "type": "string" + }, + "privateKeyFile": { + "type": "string" + }, + "secretName": { + "type": "string" + } + }, + "required": [ + "secretName" + ], + "type": "object" + }, + "tolerations": { + "items": { + "properties": { + "effect": { + "enum": [ + "NoExecute", + "NoSchedule", + "PreferNoSchedule" + ], + "type": "string" + }, + "key": { + "type": "string" + }, + "operator": { + "enum": [ + "Equal", + "Exists" + ], + "type": "string" + }, + "tolerationSeconds": { + "type": "integer" + }, + "value": { + "type": "string" + } + }, + "type": "object" + }, + "type": "array" + }, + "useLoadBalancer": { + "description": "deprecated", + "type": "boolean" + }, + "users": { + "additionalProperties": { + "items": { + "enum": [ + "bypassrls", + "BYPASSRLS", + "nobypassrls", + "NOBYPASSRLS", + "createdb", + "CREATEDB", + "nocreatedb", + "NOCREATEDB", + "createrole", + "CREATEROLE", + "nocreaterole", + "NOCREATEROLE", + "inherit", + "INHERIT", + "noinherit", + "NOINHERIT", + "login", + "LOGIN", + "nologin", + "NOLOGIN", + "replication", + "REPLICATION", + "noreplication", + "NOREPLICATION", + "superuser", + "SUPERUSER", + "nosuperuser", + "NOSUPERUSER" + ], + "type": "string" + }, + "nullable": true, + "type": "array" + }, + "type": "object" + }, + "usersWithInPlaceSecretRotation": { + "items": { + "type": "string" + }, + "nullable": true, + "type": "array" + }, + "usersWithSecretRotation": { + "items": { + "type": "string" + }, + "nullable": true, + "type": "array" + }, + "volume": { + "properties": { + "iops": { + "type": "integer" + }, + "selector": { + "properties": { + "matchExpressions": { + "items": { + "properties": { + "key": { + "type": "string" + }, + "operator": { + "enum": [ + "DoesNotExist", + "Exists", + "In", + "NotIn" + ], + "type": "string" + }, + "values": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array" + }, + "matchLabels": { + "type": "object", + "x-kubernetes-preserve-unknown-fields": true + } + }, + "type": "object" + }, + "size": { + "pattern": "^(\\d+(e\\d+)?|\\d+(\\.\\d+)?(e\\d+)?[EPTGMK]i?)$", + "type": "string" + }, + "storageClass": { + "type": "string" + }, + "subPath": { + "type": "string" + }, + "throughput": { + "type": "integer" + } + }, + "required": [ + "size" + ], + "type": "object" + } + }, + "required": [ + "numberOfInstances", + "teamId", + "postgresql", + "volume" + ], + "type": "object" + }, + "status": { + "additionalProperties": { + "type": "string" + }, + "type": "object" + } + }, + "required": [ + "kind", + "apiVersion", + "spec" + ], + "type": "object" + } + }, + "served": true, + "storage": true, + "subresources": { + "status": {} + } + } + ] + }, + "status": { + "acceptedNames": { + "categories": [ + "all" + ], + "kind": "postgresql", + "listKind": "postgresqlList", + "plural": "postgresqls", + "shortNames": [ + "pg" + ], + "singular": "postgresql" + }, + "conditions": [ + { + "lastTransitionTime": "2024-02-23T20:11:49Z", + "message": "no conflicts found", + "reason": "NoConflicts", + "status": "True", + "type": "NamesAccepted" + }, + { + "lastTransitionTime": "2024-02-23T20:11:49Z", + "message": "the initial names have been accepted", + "reason": "InitialNamesAccepted", + "status": "True", + "type": "Established" + } + ], + "storedVersions": [ + "v1" + ] + } + }, + "group": "acid.zalan.do", + "plural": "postgresqls", + "version": "v1" + }, + "learnrun_time": 242.06629610061646, + "namespace": "acto-namespace", + "preload_images": [ + "ghcr.io/zalando/spilo-15:3.0-p1", + "registry.opensource.zalan.do/acid/postgres-operator:v1.10.1" + ], + "static_analysis_time": 5.4836273193359375e-06 +} \ No newline at end of file diff --git a/data/zalando_postgres-operator/operator-service-account-rbac.yaml b/data/zalando_postgres-operator/operator-service-account-rbac.yaml new file mode 100644 index 0000000000..adc7e4edf0 --- /dev/null +++ b/data/zalando_postgres-operator/operator-service-account-rbac.yaml @@ -0,0 +1,290 @@ +apiVersion: v1 +kind: ServiceAccount +metadata: + name: postgres-operator + # namespace: acto-namespace + +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: postgres-operator +rules: +# all verbs allowed for custom operator resources +- apiGroups: + - acid.zalan.do + resources: + - postgresqls + - postgresqls/status + - operatorconfigurations + verbs: + - create + - delete + - deletecollection + - get + - list + - patch + - update + - watch +# operator only reads PostgresTeams +- apiGroups: + - acid.zalan.do + resources: + - postgresteams + verbs: + - get + - list + - watch +# all verbs allowed for event streams (Zalando-internal feature) +# - apiGroups: +# - zalando.org +# resources: +# - fabriceventstreams +# verbs: +# - create +# - delete +# - deletecollection +# - get +# - list +# - patch +# - update +# - watch +# to create or get/update CRDs when starting up +- apiGroups: + - apiextensions.k8s.io + resources: + - customresourcedefinitions + verbs: + - create + - get + - patch + - update +# to read configuration from ConfigMaps +- apiGroups: + - "" + resources: + - configmaps + verbs: + - get +# to send events to the CRs +- apiGroups: + - "" + resources: + - events + verbs: + - create + - get + - list + - patch + - update + - watch +# to manage endpoints which are also used by Patroni +- apiGroups: + - "" + resources: + - endpoints + verbs: + - create + - delete + - deletecollection + - get + - list + - patch + - update + - watch +# to CRUD secrets for database access +- apiGroups: + - "" + resources: + - secrets + verbs: + - create + - delete + - get + - update +# to check nodes for node readiness label +- apiGroups: + - "" + resources: + - nodes + verbs: + - get + - list + - watch +# to read or delete existing PVCs. Creation via StatefulSet +- apiGroups: + - "" + resources: + - persistentvolumeclaims + verbs: + - delete + - get + - list + - patch + - update + # to read existing PVs. Creation should be done via dynamic provisioning +- apiGroups: + - "" + resources: + - persistentvolumes + verbs: + - get + - list + - update # only for resizing AWS volumes +# to watch Spilo pods and do rolling updates. Creation via StatefulSet +- apiGroups: + - "" + resources: + - pods + verbs: + - delete + - get + - list + - patch + - update + - watch +# to resize the filesystem in Spilo pods when increasing volume size +- apiGroups: + - "" + resources: + - pods/exec + verbs: + - create +# to CRUD services to point to Postgres cluster instances +- apiGroups: + - "" + resources: + - services + verbs: + - create + - delete + - get + - patch + - update +# to CRUD the StatefulSet which controls the Postgres cluster instances +- apiGroups: + - apps + resources: + - statefulsets + - deployments + verbs: + - create + - delete + - get + - list + - patch +# to CRUD cron jobs for logical backups +- apiGroups: + - batch + resources: + - cronjobs + verbs: + - create + - delete + - get + - list + - patch + - update +# to get namespaces operator resources can run in +- apiGroups: + - "" + resources: + - namespaces + verbs: + - get +# to define PDBs. Update happens via delete/create +- apiGroups: + - policy + resources: + - poddisruptionbudgets + verbs: + - create + - delete + - get +# to create ServiceAccounts in each namespace the operator watches +- apiGroups: + - "" + resources: + - serviceaccounts + verbs: + - get + - create +# to create role bindings to the postgres-pod service account +- apiGroups: + - rbac.authorization.k8s.io + resources: + - rolebindings + verbs: + - get + - create +# to grant privilege to run privileged pods (not needed by default) +#- apiGroups: +# - extensions +# resources: +# - podsecuritypolicies +# resourceNames: +# - privileged +# verbs: +# - use + +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: postgres-operator +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: postgres-operator +subjects: +- kind: ServiceAccount + name: postgres-operator + namespace: acto-namespace + +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: postgres-pod +rules: +# Patroni needs to watch and manage endpoints +- apiGroups: + - "" + resources: + - endpoints + verbs: + - create + - delete + - deletecollection + - get + - list + - patch + - update + - watch +# Patroni needs to watch pods +- apiGroups: + - "" + resources: + - pods + verbs: + - get + - list + - patch + - update + - watch +# to let Patroni create a headless service +- apiGroups: + - "" + resources: + - services + verbs: + - create +# to grant privilege to run privileged pods (not needed by default) +#- apiGroups: +# - extensions +# resources: +# - podsecuritypolicies +# resourceNames: +# - privileged +# verbs: +# - use diff --git a/data/zalando_postgres-operator/postgres-operator.yaml b/data/zalando_postgres-operator/postgres-operator.yaml new file mode 100644 index 0000000000..0ea7e32032 --- /dev/null +++ b/data/zalando_postgres-operator/postgres-operator.yaml @@ -0,0 +1,45 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: postgres-operator + labels: + application: postgres-operator +spec: + replicas: 1 + strategy: + type: "Recreate" + selector: + matchLabels: + name: postgres-operator + template: + metadata: + labels: + name: postgres-operator + spec: + serviceAccountName: postgres-operator + containers: + - name: postgres-operator + image: registry.opensource.zalan.do/acid/postgres-operator:v1.10.1 + imagePullPolicy: IfNotPresent + resources: + requests: + cpu: 100m + memory: 250Mi + limits: + cpu: 500m + memory: 500Mi + securityContext: + runAsUser: 1000 + runAsNonRoot: true + readOnlyRootFilesystem: true + allowPrivilegeEscalation: false + env: + # provided additional ENV vars can overwrite individual config map entries + - name: CONFIG_MAP_NAME + value: "postgres-operator" + # In order to use the CRD OperatorConfiguration instead, uncomment these lines and comment out the two lines above + # - name: POSTGRES_OPERATOR_CONFIGURATION_OBJECT + # value: postgresql-operator-default-configuration + # Define an ID to isolate controllers from each other + # - name: CONTROLLER_ID + # value: "second-operator" diff --git a/data/zalando_postgres-operator/zalando_postgres-operator-config.json b/data/zalando_postgres-operator/zalando_postgres-operator-config.json new file mode 100644 index 0000000000..cce1fdbb72 --- /dev/null +++ b/data/zalando_postgres-operator/zalando_postgres-operator-config.json @@ -0,0 +1,39 @@ +{ + "deploy": { + "steps": [ + { + "apply": { + "file": "data/zalando_postgres-operator/acid.zalan.do_postgresqls.yaml", + "namespace": "acto-namespace" + } + }, + { + "apply": { + "file": "data/zalando_postgres-operator/configmap.yaml", + "namespace": "acto-namespace" + } + }, + { + "apply": { + "file": "data/zalando_postgres-operator/operator-service-account-rbac.yaml", + "namespace": "acto-namespace" + } + }, + { + "apply": { + "file": "data/zalando_postgres-operator/postgres-operator.yaml", + "operator": true, + "namespace": "acto-namespace" + } + }, + { + "apply": { + "file": "data/zalando_postgres-operator/api-service.yaml", + "namespace": "acto-namespace" + } + } + ] + }, + "crd_name": "postgresqls.acid.zalan.do", + "seed_custom_resource": "data/zalando_postgres-operator/zalando_postgres-operator-cr.yaml" +} diff --git a/data/zalando_postgres-operator/zalando_postgres-operator-cr.yaml b/data/zalando_postgres-operator/zalando_postgres-operator-cr.yaml new file mode 100644 index 0000000000..884f42b261 --- /dev/null +++ b/data/zalando_postgres-operator/zalando_postgres-operator-cr.yaml @@ -0,0 +1,21 @@ +apiVersion: "acid.zalan.do/v1" +kind: postgresql +metadata: + name: test-cluster + namespace: acto-namespace +spec: + teamId: "acid" + volume: + size: 1Gi + numberOfInstances: 2 + users: + zalando: # database owner + - superuser + - createdb + foo_user: [] # role for application foo + databases: + foo: zalando # dbname: owner + preparedDatabases: + bar: {} + postgresql: + version: "15" From fce3e392e9f62ec4eb1012c4f15dffefb5b02c72 Mon Sep 17 00:00:00 2001 From: Xinze Zheng <112009367+xinze-zheng@users.noreply.github.com> Date: Sun, 17 Mar 2024 20:41:42 +0000 Subject: [PATCH 38/38] Port clickhouse, didn't rename files because no one else is working on clickhouse (#363) --- data/clickhouse-operator/config.json | 21 + data/clickhouse-operator/context.json | 1974 ++++++++++++ data/clickhouse-operator/cr.yaml | 37 + data/clickhouse-operator/operator.yaml | 3878 +++++++++++++++++++++++ data/clickhouse-operator/zookeeper.yaml | 289 ++ 5 files changed, 6199 insertions(+) create mode 100644 data/clickhouse-operator/config.json create mode 100644 data/clickhouse-operator/context.json create mode 100644 data/clickhouse-operator/cr.yaml create mode 100644 data/clickhouse-operator/operator.yaml create mode 100644 data/clickhouse-operator/zookeeper.yaml diff --git a/data/clickhouse-operator/config.json b/data/clickhouse-operator/config.json new file mode 100644 index 0000000000..36a5caf166 --- /dev/null +++ b/data/clickhouse-operator/config.json @@ -0,0 +1,21 @@ +{ + "deploy": { + "steps": [ + { + "apply": { + "file": "data/clickhouse-operator/zookeeper.yaml", + "namespace": "zoo3ns" + } + }, + { + "apply": { + "file": "data/clickhouse-operator/operator.yaml", + "operator_container_name": "clickhouse-operator", + "operator": true + } + } + ] + }, + "crd_name": "clickhouseinstallations.clickhouse.altinity.com", + "seed_custom_resource": "data/clickhouse-operator/cr.yaml" +} \ No newline at end of file diff --git a/data/clickhouse-operator/context.json b/data/clickhouse-operator/context.json new file mode 100644 index 0000000000..1b9180b23f --- /dev/null +++ b/data/clickhouse-operator/context.json @@ -0,0 +1,1974 @@ +{ + "crd": { + "body": { + "apiVersion": "apiextensions.k8s.io/v1", + "kind": "CustomResourceDefinition", + "metadata": { + "creationTimestamp": "2024-02-29T05:53:48Z", + "generation": 1, + "labels": { + "clickhouse.altinity.com/chop": "0.22.2" + }, + "name": "clickhouseinstallations.clickhouse.altinity.com", + "resourceVersion": "1045", + "uid": "57ef1064-57fc-4302-96f0-1408261aeebc" + }, + "spec": { + "conversion": { + "strategy": "None" + }, + "group": "clickhouse.altinity.com", + "names": { + "kind": "ClickHouseInstallation", + "listKind": "ClickHouseInstallationList", + "plural": "clickhouseinstallations", + "shortNames": [ + "chi" + ], + "singular": "clickhouseinstallation" + }, + "scope": "Namespaced", + "versions": [ + { + "additionalPrinterColumns": [ + { + "description": "Operator version", + "jsonPath": ".status.chop-version", + "name": "version", + "priority": 1, + "type": "string" + }, + { + "description": "Clusters count", + "jsonPath": ".status.clusters", + "name": "clusters", + "type": "integer" + }, + { + "description": "Shards count", + "jsonPath": ".status.shards", + "name": "shards", + "priority": 1, + "type": "integer" + }, + { + "description": "Hosts count", + "jsonPath": ".status.hosts", + "name": "hosts", + "type": "integer" + }, + { + "description": "TaskID", + "jsonPath": ".status.taskID", + "name": "taskID", + "priority": 1, + "type": "string" + }, + { + "description": "CHI status", + "jsonPath": ".status.status", + "name": "status", + "type": "string" + }, + { + "description": "Updated hosts count", + "jsonPath": ".status.hostsUpdated", + "name": "hosts-updated", + "priority": 1, + "type": "integer" + }, + { + "description": "Added hosts count", + "jsonPath": ".status.hostsAdded", + "name": "hosts-added", + "priority": 1, + "type": "integer" + }, + { + "description": "Completed hosts count", + "jsonPath": ".status.hostsCompleted", + "name": "hosts-completed", + "type": "integer" + }, + { + "description": "Hosts deleted count", + "jsonPath": ".status.hostsDeleted", + "name": "hosts-deleted", + "priority": 1, + "type": "integer" + }, + { + "description": "Hosts to be deleted count", + "jsonPath": ".status.hostsDelete", + "name": "hosts-delete", + "priority": 1, + "type": "integer" + }, + { + "description": "Client access endpoint", + "jsonPath": ".status.endpoint", + "name": "endpoint", + "priority": 1, + "type": "string" + }, + { + "description": "Age of the resource", + "jsonPath": ".metadata.creationTimestamp", + "name": "age", + "type": "date" + } + ], + "name": "v1", + "schema": { + "openAPIV3Schema": { + "description": "define a set of Kubernetes resources (StatefulSet, PVC, Service, ConfigMap) which describe behavior one or more ClickHouse clusters", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", + "type": "string" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "type": "object" + }, + "spec": { + "description": "Specification of the desired behavior of one or more ClickHouse clusters\nMore info: https://github.com/Altinity/clickhouse-operator/blob/master/docs/custom_resource_explained.md\n", + "properties": { + "configuration": { + "description": "allows configure multiple aspects and behavior for `clickhouse-server` instance and also allows describe multiple `clickhouse-server` clusters inside one `chi` resource", + "properties": { + "clusters": { + "description": "describes ClickHouse clusters layout and allows change settings on cluster-level, shard-level and replica-level\nevery cluster is a set of StatefulSet, one StatefulSet contains only one Pod with `clickhouse-server`\nall Pods will rendered in part of ClickHouse configs, mounted from ConfigMap as `/etc/clickhouse-server/config.d/chop-generated-remote_servers.xml`\nClusters will use for Distributed table engine, more details: https://clickhouse.tech/docs/en/engines/table-engines/special/distributed/\nIf `cluster` contains zookeeper settings (could be inherited from top `chi` level), when you can create *ReplicatedMergeTree tables\n", + "items": { + "properties": { + "files": { + "description": "optional, allows define content of any setting file inside each `Pod` on current cluster during generate `ConfigMap` which will mount in `/etc/clickhouse-server/config.d/` or `/etc/clickhouse-server/conf.d/` or `/etc/clickhouse-server/users.d/`\noverride top-level `chi.spec.configuration.files`\n", + "type": "object", + "x-kubernetes-preserve-unknown-fields": true + }, + "insecure": { + "description": "optional, open insecure ports for cluster, defaults to \"yes\"", + "enum": [ + "", + "0", + "1", + "False", + "false", + "True", + "true", + "No", + "no", + "Yes", + "yes", + "Off", + "off", + "On", + "on", + "Disable", + "disable", + "Enable", + "enable", + "Disabled", + "disabled", + "Enabled", + "enabled" + ], + "type": "string" + }, + "layout": { + "description": "describe current cluster layout, how much shards in cluster, how much replica in shard\nallows override settings on each shard and replica separatelly\n", + "properties": { + "replicas": { + "description": "optional, allows override top-level `chi.spec.configuration` and cluster-level `chi.spec.configuration.clusters` configuration for each replica and each shard relates to selected replica, use it only if you fully understand what you do", + "items": { + "properties": { + "files": { + "description": "optional, allows define content of any setting file inside each `Pod` only in one replica during generate `ConfigMap` which will mount in `/etc/clickhouse-server/config.d/` or `/etc/clickhouse-server/conf.d/` or `/etc/clickhouse-server/users.d/`\noverride top-level `chi.spec.configuration.files` and cluster-level `chi.spec.configuration.clusters.files`, will ignore if `chi.spec.configuration.clusters.layout.shards` presents\n", + "type": "object", + "x-kubernetes-preserve-unknown-fields": true + }, + "name": { + "description": "optional, by default replica name is generated, but you can override it and setup custom name", + "maxLength": 15, + "minLength": 1, + "pattern": "^[a-zA-Z0-9-]{0,15}$", + "type": "string" + }, + "settings": { + "description": "optional, allows configure `clickhouse-server` settings inside ... tag in `Pod` only in one replica during generate `ConfigMap` which will mount in `/etc/clickhouse-server/conf.d/`\noverride top-level `chi.spec.configuration.settings`, cluster-level `chi.spec.configuration.clusters.settings` and will ignore if shard-level `chi.spec.configuration.clusters.layout.shards` present\nMore details: https://clickhouse.tech/docs/en/operations/settings/settings/\n", + "type": "object", + "x-kubernetes-preserve-unknown-fields": true + }, + "shards": { + "description": "optional, list of shards related to current replica, will ignore if `chi.spec.configuration.clusters.layout.shards` presents", + "items": { + "properties": { + "files": { + "description": "optional, allows define content of any setting file inside each `Pod` only in one shard related to current replica during generate `ConfigMap` which will mount in `/etc/clickhouse-server/config.d/` or `/etc/clickhouse-server/conf.d/` or `/etc/clickhouse-server/users.d/`\noverride top-level `chi.spec.configuration.files` and cluster-level `chi.spec.configuration.clusters.files`, will ignore if `chi.spec.configuration.clusters.layout.shards` presents\n", + "type": "object", + "x-kubernetes-preserve-unknown-fields": true + }, + "httpPort": { + "description": "optional, setup `Pod.spec.containers.ports` with name `http` for selected shard, override `chi.spec.templates.hostTemplates.spec.httpPort`\nallows connect to `clickhouse-server` via HTTP protocol via kubernetes `Service`\n", + "maximum": 65535, + "minimum": 1, + "type": "integer" + }, + "httpsPort": { + "maximum": 65535, + "minimum": 1, + "type": "integer" + }, + "insecure": { + "description": "optional, open insecure ports for cluster, defaults to \"yes\"\n", + "enum": [ + "", + "0", + "1", + "False", + "false", + "True", + "true", + "No", + "no", + "Yes", + "yes", + "Off", + "off", + "On", + "on", + "Disable", + "disable", + "Enable", + "enable", + "Disabled", + "disabled", + "Enabled", + "enabled" + ], + "type": "string" + }, + "interserverHTTPPort": { + "description": "optional, setup `Pod.spec.containers.ports` with name `interserver` for selected shard, override `chi.spec.templates.hostTemplates.spec.interserverHTTPPort`\nallows connect between replicas inside same shard during fetch replicated data parts HTTP protocol\n", + "maximum": 65535, + "minimum": 1, + "type": "integer" + }, + "name": { + "description": "optional, by default shard name is generated, but you can override it and setup custom name", + "maxLength": 15, + "minLength": 1, + "pattern": "^[a-zA-Z0-9-]{0,15}$", + "type": "string" + }, + "secure": { + "description": "optional, open secure ports\n", + "enum": [ + "", + "0", + "1", + "False", + "false", + "True", + "true", + "No", + "no", + "Yes", + "yes", + "Off", + "off", + "On", + "on", + "Disable", + "disable", + "Enable", + "enable", + "Disabled", + "disabled", + "Enabled", + "enabled" + ], + "type": "string" + }, + "settings": { + "description": "optional, allows configure `clickhouse-server` settings inside ... tag in `Pod` only in one shard related to current replica during generate `ConfigMap` which will mount in `/etc/clickhouse-server/conf.d/`\noverride top-level `chi.spec.configuration.settings`, cluster-level `chi.spec.configuration.clusters.settings` and replica-level `chi.spec.configuration.clusters.layout.replicas.settings`\nMore details: https://clickhouse.tech/docs/en/operations/settings/settings/\n", + "type": "object", + "x-kubernetes-preserve-unknown-fields": true + }, + "tcpPort": { + "description": "optional, setup `Pod.spec.containers.ports` with name `tcp` for selected shard, override `chi.spec.templates.hostTemplates.spec.tcpPort`\nallows connect to `clickhouse-server` via TCP Native protocol via kubernetes `Service`\n", + "maximum": 65535, + "minimum": 1, + "type": "integer" + }, + "templates": { + "description": "optional, configuration of the templates names which will use for generate Kubernetes resources according to selected replica\noverride top-level `chi.spec.configuration.templates`, cluster-level `chi.spec.configuration.clusters.templates`, replica-level `chi.spec.configuration.clusters.layout.replicas.templates`\n", + "properties": { + "clusterServiceTemplate": { + "description": "optional, template name from chi.spec.templates.serviceTemplates, allows customization for each `Service` resource which will created by `clickhouse-operator` which cover each clickhouse cluster described in `chi.spec.configuration.clusters`", + "type": "string" + }, + "dataVolumeClaimTemplate": { + "description": "optional, template name from chi.spec.templates.volumeClaimTemplates, allows customization each `PVC` which will mount for clickhouse data directory in each `Pod` during render and reconcile every StatefulSet.spec resource described in `chi.spec.configuration.clusters`", + "type": "string" + }, + "hostTemplate": { + "description": "optional, template name from chi.spec.templates.hostTemplates, which will apply to configure every `clickhouse-server` instance during render ConfigMap resources which will mount into `Pod`", + "type": "string" + }, + "logVolumeClaimTemplate": { + "description": "optional, template name from chi.spec.templates.volumeClaimTemplates, allows customization each `PVC` which will mount for clickhouse log directory in each `Pod` during render and reconcile every StatefulSet.spec resource described in `chi.spec.configuration.clusters`", + "type": "string" + }, + "podTemplate": { + "description": "optional, template name from chi.spec.templates.podTemplates, allows customization each `Pod` resource during render and reconcile each StatefulSet.spec resource described in `chi.spec.configuration.clusters`", + "type": "string" + }, + "replicaServiceTemplate": { + "description": "optional, template name from chi.spec.templates.serviceTemplates, allows customization for each `Service` resource which will created by `clickhouse-operator` which cover each replica inside each shard inside each clickhouse cluster described in `chi.spec.configuration.clusters`", + "type": "string" + }, + "serviceTemplate": { + "description": "optional, template name from chi.spec.templates.serviceTemplates, allows customization for one `Service` resource which will created by `clickhouse-operator` which cover all clusters in whole `chi` resource", + "type": "string" + }, + "shardServiceTemplate": { + "description": "optional, template name from chi.spec.templates.serviceTemplates, allows customization for each `Service` resource which will created by `clickhouse-operator` which cover each shard inside clickhouse cluster described in `chi.spec.configuration.clusters`", + "type": "string" + }, + "volumeClaimTemplate": { + "description": "DEPRECATED! VolumeClaimTemplate is deprecated in favor of DataVolumeClaimTemplate and LogVolumeClaimTemplate", + "type": "string" + } + }, + "type": "object" + }, + "tlsPort": { + "maximum": 65535, + "minimum": 1, + "type": "integer" + } + }, + "type": "object" + }, + "type": "array" + }, + "shardsCount": { + "description": "optional, count of shards related to current replica, you can override each shard behavior on low-level `chi.spec.configuration.clusters.layout.replicas.shards`", + "minimum": 1, + "type": "integer" + }, + "templates": { + "description": "optional, configuration of the templates names which will use for generate Kubernetes resources according to selected replica\noverride top-level `chi.spec.configuration.templates`, cluster-level `chi.spec.configuration.clusters.templates`\n", + "properties": { + "clusterServiceTemplate": { + "description": "optional, template name from chi.spec.templates.serviceTemplates, allows customization for each `Service` resource which will created by `clickhouse-operator` which cover each clickhouse cluster described in `chi.spec.configuration.clusters`", + "type": "string" + }, + "dataVolumeClaimTemplate": { + "description": "optional, template name from chi.spec.templates.volumeClaimTemplates, allows customization each `PVC` which will mount for clickhouse data directory in each `Pod` during render and reconcile every StatefulSet.spec resource described in `chi.spec.configuration.clusters`", + "type": "string" + }, + "hostTemplate": { + "description": "optional, template name from chi.spec.templates.hostTemplates, which will apply to configure every `clickhouse-server` instance during render ConfigMap resources which will mount into `Pod`", + "type": "string" + }, + "logVolumeClaimTemplate": { + "description": "optional, template name from chi.spec.templates.volumeClaimTemplates, allows customization each `PVC` which will mount for clickhouse log directory in each `Pod` during render and reconcile every StatefulSet.spec resource described in `chi.spec.configuration.clusters`", + "type": "string" + }, + "podTemplate": { + "description": "optional, template name from chi.spec.templates.podTemplates, allows customization each `Pod` resource during render and reconcile each StatefulSet.spec resource described in `chi.spec.configuration.clusters`", + "type": "string" + }, + "replicaServiceTemplate": { + "description": "optional, template name from chi.spec.templates.serviceTemplates, allows customization for each `Service` resource which will created by `clickhouse-operator` which cover each replica inside each shard inside each clickhouse cluster described in `chi.spec.configuration.clusters`", + "type": "string" + }, + "serviceTemplate": { + "description": "optional, template name from chi.spec.templates.serviceTemplates, allows customization for one `Service` resource which will created by `clickhouse-operator` which cover all clusters in whole `chi` resource", + "type": "string" + }, + "shardServiceTemplate": { + "description": "optional, template name from chi.spec.templates.serviceTemplates, allows customization for each `Service` resource which will created by `clickhouse-operator` which cover each shard inside clickhouse cluster described in `chi.spec.configuration.clusters`", + "type": "string" + }, + "volumeClaimTemplate": { + "description": "DEPRECATED! VolumeClaimTemplate is deprecated in favor of DataVolumeClaimTemplate and LogVolumeClaimTemplate", + "type": "string" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "type": "array" + }, + "replicasCount": { + "description": "how much replicas in each shards for current ClickHouse cluster will run in Kubernetes, each replica is a separate `StatefulSet` which contains only one `Pod` with `clickhouse-server` instance, every shard contains 1 replica by default", + "type": "integer" + }, + "shards": { + "description": "optional, allows override top-level `chi.spec.configuration`, cluster-level `chi.spec.configuration.clusters` settings for each shard separately, use it only if you fully understand what you do", + "items": { + "properties": { + "definitionType": { + "description": "DEPRECATED - to be removed soon", + "type": "string" + }, + "files": { + "description": "optional, allows define content of any setting file inside each `Pod` only in one shard during generate `ConfigMap` which will mount in `/etc/clickhouse-server/config.d/` or `/etc/clickhouse-server/conf.d/` or `/etc/clickhouse-server/users.d/`\noverride top-level `chi.spec.configuration.files` and cluster-level `chi.spec.configuration.clusters.files`\n", + "type": "object", + "x-kubernetes-preserve-unknown-fields": true + }, + "internalReplication": { + "description": "optional, `true` by default when `chi.spec.configuration.clusters[].layout.ReplicaCount` > 1 and 0 otherwise\nallows setup setting which will use during insert into tables with `Distributed` engine for insert only in one live replica and other replicas will download inserted data during replication,\nwill apply in inside ConfigMap which will mount in /etc/clickhouse-server/config.d/chop-generated-remote_servers.xml\nMore details: https://clickhouse.tech/docs/en/engines/table-engines/special/distributed/\n", + "enum": [ + "", + "0", + "1", + "False", + "false", + "True", + "true", + "No", + "no", + "Yes", + "yes", + "Off", + "off", + "On", + "on", + "Disable", + "disable", + "Enable", + "enable", + "Disabled", + "disabled", + "Enabled", + "enabled" + ], + "type": "string" + }, + "name": { + "description": "optional, by default shard name is generated, but you can override it and setup custom name", + "maxLength": 15, + "minLength": 1, + "pattern": "^[a-zA-Z0-9-]{0,15}$", + "type": "string" + }, + "replicas": { + "description": "optional, allows override behavior for selected replicas from cluster-level `chi.spec.configuration.clusters` and shard-level `chi.spec.configuration.clusters.layout.shards`\n", + "items": { + "properties": { + "files": { + "description": "optional, allows define content of any setting file inside `Pod` only in one replica during generate `ConfigMap` which will mount in `/etc/clickhouse-server/config.d/` or `/etc/clickhouse-server/conf.d/` or `/etc/clickhouse-server/users.d/`\noverride top-level `chi.spec.configuration.files`, cluster-level `chi.spec.configuration.clusters.files` and shard-level `chi.spec.configuration.clusters.layout.shards.files`\n", + "type": "object", + "x-kubernetes-preserve-unknown-fields": true + }, + "httpPort": { + "description": "optional, setup `Pod.spec.containers.ports` with name `http` for selected replica, override `chi.spec.templates.hostTemplates.spec.httpPort`\nallows connect to `clickhouse-server` via HTTP protocol via kubernetes `Service`\n", + "maximum": 65535, + "minimum": 1, + "type": "integer" + }, + "httpsPort": { + "maximum": 65535, + "minimum": 1, + "type": "integer" + }, + "insecure": { + "description": "optional, open insecure ports for cluster, defaults to \"yes\"\n", + "enum": [ + "", + "0", + "1", + "False", + "false", + "True", + "true", + "No", + "no", + "Yes", + "yes", + "Off", + "off", + "On", + "on", + "Disable", + "disable", + "Enable", + "enable", + "Disabled", + "disabled", + "Enabled", + "enabled" + ], + "type": "string" + }, + "interserverHTTPPort": { + "description": "optional, setup `Pod.spec.containers.ports` with name `interserver` for selected replica, override `chi.spec.templates.hostTemplates.spec.interserverHTTPPort`\nallows connect between replicas inside same shard during fetch replicated data parts HTTP protocol\n", + "maximum": 65535, + "minimum": 1, + "type": "integer" + }, + "name": { + "description": "optional, by default replica name is generated, but you can override it and setup custom name", + "maxLength": 15, + "minLength": 1, + "pattern": "^[a-zA-Z0-9-]{0,15}$", + "type": "string" + }, + "secure": { + "description": "optional, open secure ports\n", + "enum": [ + "", + "0", + "1", + "False", + "false", + "True", + "true", + "No", + "no", + "Yes", + "yes", + "Off", + "off", + "On", + "on", + "Disable", + "disable", + "Enable", + "enable", + "Disabled", + "disabled", + "Enabled", + "enabled" + ], + "type": "string" + }, + "settings": { + "description": "optional, allows configure `clickhouse-server` settings inside ... tag in `Pod` only in one replica during generate `ConfigMap` which will mount in `/etc/clickhouse-server/conf.d/`\noverride top-level `chi.spec.configuration.settings`, cluster-level `chi.spec.configuration.clusters.settings` and shard-level `chi.spec.configuration.clusters.layout.shards.settings`\nMore details: https://clickhouse.tech/docs/en/operations/settings/settings/\n", + "type": "object", + "x-kubernetes-preserve-unknown-fields": true + }, + "tcpPort": { + "description": "optional, setup `Pod.spec.containers.ports` with name `tcp` for selected replica, override `chi.spec.templates.hostTemplates.spec.tcpPort`\nallows connect to `clickhouse-server` via TCP Native protocol via kubernetes `Service`\n", + "maximum": 65535, + "minimum": 1, + "type": "integer" + }, + "templates": { + "description": "optional, configuration of the templates names which will use for generate Kubernetes resources according to selected replica\noverride top-level `chi.spec.configuration.templates`, cluster-level `chi.spec.configuration.clusters.templates` and shard-level `chi.spec.configuration.clusters.layout.shards.templates`\n", + "properties": { + "clusterServiceTemplate": { + "description": "optional, template name from chi.spec.templates.serviceTemplates, allows customization for each `Service` resource which will created by `clickhouse-operator` which cover each clickhouse cluster described in `chi.spec.configuration.clusters`", + "type": "string" + }, + "dataVolumeClaimTemplate": { + "description": "optional, template name from chi.spec.templates.volumeClaimTemplates, allows customization each `PVC` which will mount for clickhouse data directory in each `Pod` during render and reconcile every StatefulSet.spec resource described in `chi.spec.configuration.clusters`", + "type": "string" + }, + "hostTemplate": { + "description": "optional, template name from chi.spec.templates.hostTemplates, which will apply to configure every `clickhouse-server` instance during render ConfigMap resources which will mount into `Pod`", + "type": "string" + }, + "logVolumeClaimTemplate": { + "description": "optional, template name from chi.spec.templates.volumeClaimTemplates, allows customization each `PVC` which will mount for clickhouse log directory in each `Pod` during render and reconcile every StatefulSet.spec resource described in `chi.spec.configuration.clusters`", + "type": "string" + }, + "podTemplate": { + "description": "optional, template name from chi.spec.templates.podTemplates, allows customization each `Pod` resource during render and reconcile each StatefulSet.spec resource described in `chi.spec.configuration.clusters`", + "type": "string" + }, + "replicaServiceTemplate": { + "description": "optional, template name from chi.spec.templates.serviceTemplates, allows customization for each `Service` resource which will created by `clickhouse-operator` which cover each replica inside each shard inside each clickhouse cluster described in `chi.spec.configuration.clusters`", + "type": "string" + }, + "serviceTemplate": { + "description": "optional, template name from chi.spec.templates.serviceTemplates, allows customization for one `Service` resource which will created by `clickhouse-operator` which cover all clusters in whole `chi` resource", + "type": "string" + }, + "shardServiceTemplate": { + "description": "optional, template name from chi.spec.templates.serviceTemplates, allows customization for each `Service` resource which will created by `clickhouse-operator` which cover each shard inside clickhouse cluster described in `chi.spec.configuration.clusters`", + "type": "string" + }, + "volumeClaimTemplate": { + "description": "DEPRECATED! VolumeClaimTemplate is deprecated in favor of DataVolumeClaimTemplate and LogVolumeClaimTemplate", + "type": "string" + } + }, + "type": "object" + }, + "tlsPort": { + "maximum": 65535, + "minimum": 1, + "type": "integer" + } + }, + "type": "object" + }, + "type": "array" + }, + "replicasCount": { + "description": "optional, how much replicas in selected shard for selected ClickHouse cluster will run in Kubernetes, each replica is a separate `StatefulSet` which contains only one `Pod` with `clickhouse-server` instance,\nshard contains 1 replica by default\noverride cluster-level `chi.spec.configuration.clusters.layout.replicasCount`\n", + "minimum": 1, + "type": "integer" + }, + "settings": { + "description": "optional, allows configure `clickhouse-server` settings inside ... tag in each `Pod` only in one shard during generate `ConfigMap` which will mount in `/etc/clickhouse-server/config.d/`\noverride top-level `chi.spec.configuration.settings` and cluster-level `chi.spec.configuration.clusters.settings`\nMore details: https://clickhouse.tech/docs/en/operations/settings/settings/\n", + "type": "object", + "x-kubernetes-preserve-unknown-fields": true + }, + "templates": { + "description": "optional, configuration of the templates names which will use for generate Kubernetes resources according to selected shard\noverride top-level `chi.spec.configuration.templates` and cluster-level `chi.spec.configuration.clusters.templates`\n", + "properties": { + "clusterServiceTemplate": { + "description": "optional, template name from chi.spec.templates.serviceTemplates, allows customization for each `Service` resource which will created by `clickhouse-operator` which cover each clickhouse cluster described in `chi.spec.configuration.clusters`", + "type": "string" + }, + "dataVolumeClaimTemplate": { + "description": "optional, template name from chi.spec.templates.volumeClaimTemplates, allows customization each `PVC` which will mount for clickhouse data directory in each `Pod` during render and reconcile every StatefulSet.spec resource described in `chi.spec.configuration.clusters`", + "type": "string" + }, + "hostTemplate": { + "description": "optional, template name from chi.spec.templates.hostTemplates, which will apply to configure every `clickhouse-server` instance during render ConfigMap resources which will mount into `Pod`", + "type": "string" + }, + "logVolumeClaimTemplate": { + "description": "optional, template name from chi.spec.templates.volumeClaimTemplates, allows customization each `PVC` which will mount for clickhouse log directory in each `Pod` during render and reconcile every StatefulSet.spec resource described in `chi.spec.configuration.clusters`", + "type": "string" + }, + "podTemplate": { + "description": "optional, template name from chi.spec.templates.podTemplates, allows customization each `Pod` resource during render and reconcile each StatefulSet.spec resource described in `chi.spec.configuration.clusters`", + "type": "string" + }, + "replicaServiceTemplate": { + "description": "optional, template name from chi.spec.templates.serviceTemplates, allows customization for each `Service` resource which will created by `clickhouse-operator` which cover each replica inside each shard inside each clickhouse cluster described in `chi.spec.configuration.clusters`", + "type": "string" + }, + "serviceTemplate": { + "description": "optional, template name from chi.spec.templates.serviceTemplates, allows customization for one `Service` resource which will created by `clickhouse-operator` which cover all clusters in whole `chi` resource", + "type": "string" + }, + "shardServiceTemplate": { + "description": "optional, template name from chi.spec.templates.serviceTemplates, allows customization for each `Service` resource which will created by `clickhouse-operator` which cover each shard inside clickhouse cluster described in `chi.spec.configuration.clusters`", + "type": "string" + }, + "volumeClaimTemplate": { + "description": "DEPRECATED! VolumeClaimTemplate is deprecated in favor of DataVolumeClaimTemplate and LogVolumeClaimTemplate", + "type": "string" + } + }, + "type": "object" + }, + "weight": { + "description": "optional, 1 by default, allows setup shard setting which will use during insert into tables with `Distributed` engine,\nwill apply in inside ConfigMap which will mount in /etc/clickhouse-server/config.d/chop-generated-remote_servers.xml\nMore details: https://clickhouse.tech/docs/en/engines/table-engines/special/distributed/\n", + "type": "integer" + } + }, + "type": "object" + }, + "type": "array" + }, + "shardsCount": { + "description": "how much shards for current ClickHouse cluster will run in Kubernetes, each shard contains shared-nothing part of data and contains set of replicas, cluster contains 1 shard by default", + "type": "integer" + }, + "type": { + "description": "DEPRECATED - to be removed soon", + "type": "string" + } + }, + "type": "object" + }, + "name": { + "description": "cluster name, used to identify set of ClickHouse servers and wide used during generate names of related Kubernetes resources", + "maxLength": 15, + "minLength": 1, + "pattern": "^[a-zA-Z0-9-]{0,15}$", + "type": "string" + }, + "schemaPolicy": { + "description": "describes how schema is propagated within replicas and shards\n", + "properties": { + "replica": { + "description": "how schema is propagated within a replica", + "enum": [ + "", + "None", + "All" + ], + "type": "string" + }, + "shard": { + "description": "how schema is propagated between shards", + "enum": [ + "", + "None", + "All", + "DistributedTablesOnly" + ], + "type": "string" + } + }, + "type": "object" + }, + "secret": { + "description": "optional, shared secret value to secure cluster communications", + "properties": { + "auto": { + "description": "Auto-generate shared secret value to secure cluster communications", + "enum": [ + "", + "0", + "1", + "False", + "false", + "True", + "true", + "No", + "no", + "Yes", + "yes", + "Off", + "off", + "On", + "on", + "Disable", + "disable", + "Enable", + "enable", + "Disabled", + "disabled", + "Enabled", + "enabled" + ], + "type": "string" + }, + "value": { + "description": "Cluster shared secret value in plain text", + "type": "string" + }, + "valueFrom": { + "description": "Cluster shared secret source", + "properties": { + "secretKeyRef": { + "description": "Selects a key of a secret in the clickhouse installation namespace.\nShould not be used if value is not empty.\n", + "properties": { + "key": { + "description": "The key of the secret to select from. Must be a valid secret key.", + "type": "string" + }, + "name": { + "description": "Name of the referent. More info:\nhttps://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\n", + "type": "string" + }, + "optional": { + "description": "Specify whether the Secret or its key must be defined", + "type": "boolean" + } + }, + "required": [ + "name", + "key" + ], + "type": "object" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "secure": { + "description": "optional, open secure ports for cluster", + "enum": [ + "", + "0", + "1", + "False", + "false", + "True", + "true", + "No", + "no", + "Yes", + "yes", + "Off", + "off", + "On", + "on", + "Disable", + "disable", + "Enable", + "enable", + "Disabled", + "disabled", + "Enabled", + "enabled" + ], + "type": "string" + }, + "settings": { + "description": "optional, allows configure `clickhouse-server` settings inside ... tag in each `Pod` only in one cluster during generate `ConfigMap` which will mount in `/etc/clickhouse-server/config.d/`\noverride top-level `chi.spec.configuration.settings`\nMore details: https://clickhouse.tech/docs/en/operations/settings/settings/\n", + "type": "object", + "x-kubernetes-preserve-unknown-fields": true + }, + "templates": { + "description": "optional, configuration of the templates names which will use for generate Kubernetes resources according to selected cluster\noverride top-level `chi.spec.configuration.templates`\n", + "properties": { + "clusterServiceTemplate": { + "description": "optional, template name from chi.spec.templates.serviceTemplates, allows customization for each `Service` resource which will created by `clickhouse-operator` which cover each clickhouse cluster described in `chi.spec.configuration.clusters`", + "type": "string" + }, + "dataVolumeClaimTemplate": { + "description": "optional, template name from chi.spec.templates.volumeClaimTemplates, allows customization each `PVC` which will mount for clickhouse data directory in each `Pod` during render and reconcile every StatefulSet.spec resource described in `chi.spec.configuration.clusters`", + "type": "string" + }, + "hostTemplate": { + "description": "optional, template name from chi.spec.templates.hostTemplates, which will apply to configure every `clickhouse-server` instance during render ConfigMap resources which will mount into `Pod`", + "type": "string" + }, + "logVolumeClaimTemplate": { + "description": "optional, template name from chi.spec.templates.volumeClaimTemplates, allows customization each `PVC` which will mount for clickhouse log directory in each `Pod` during render and reconcile every StatefulSet.spec resource described in `chi.spec.configuration.clusters`", + "type": "string" + }, + "podTemplate": { + "description": "optional, template name from chi.spec.templates.podTemplates, allows customization each `Pod` resource during render and reconcile each StatefulSet.spec resource described in `chi.spec.configuration.clusters`", + "type": "string" + }, + "replicaServiceTemplate": { + "description": "optional, template name from chi.spec.templates.serviceTemplates, allows customization for each `Service` resource which will created by `clickhouse-operator` which cover each replica inside each shard inside each clickhouse cluster described in `chi.spec.configuration.clusters`", + "type": "string" + }, + "serviceTemplate": { + "description": "optional, template name from chi.spec.templates.serviceTemplates, allows customization for one `Service` resource which will created by `clickhouse-operator` which cover all clusters in whole `chi` resource", + "type": "string" + }, + "shardServiceTemplate": { + "description": "optional, template name from chi.spec.templates.serviceTemplates, allows customization for each `Service` resource which will created by `clickhouse-operator` which cover each shard inside clickhouse cluster described in `chi.spec.configuration.clusters`", + "type": "string" + }, + "volumeClaimTemplate": { + "description": "DEPRECATED! VolumeClaimTemplate is deprecated in favor of DataVolumeClaimTemplate and LogVolumeClaimTemplate", + "type": "string" + } + }, + "type": "object" + }, + "zookeeper": { + "description": "optional, allows configure .. section in each `Pod` only in current ClickHouse cluster, during generate `ConfigMap` which will mounted in `/etc/clickhouse-server/config.d/`\noverride top-level `chi.spec.configuration.zookeeper` settings\n", + "properties": { + "identity": { + "description": "optional access credentials string with `user:password` format used when use digest authorization in Zookeeper", + "type": "string" + }, + "nodes": { + "description": "describe every available zookeeper cluster node for interaction", + "items": { + "properties": { + "host": { + "description": "dns name or ip address for Zookeeper node", + "type": "string" + }, + "port": { + "description": "TCP port which used to connect to Zookeeper node", + "maximum": 65535, + "minimum": 0, + "type": "integer" + }, + "secure": { + "description": "if a secure connection to Zookeeper is required", + "enum": [ + "", + "0", + "1", + "False", + "false", + "True", + "true", + "No", + "no", + "Yes", + "yes", + "Off", + "off", + "On", + "on", + "Disable", + "disable", + "Enable", + "enable", + "Disabled", + "disabled", + "Enabled", + "enabled" + ], + "type": "string" + } + }, + "type": "object" + }, + "type": "array" + }, + "operation_timeout_ms": { + "description": "one operation timeout during Zookeeper transactions", + "type": "integer" + }, + "root": { + "description": "optional root znode path inside zookeeper to store ClickHouse related data (replication queue or distributed DDL)", + "type": "string" + }, + "session_timeout_ms": { + "description": "session timeout during connect to Zookeeper", + "type": "integer" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "type": "array" + }, + "files": { + "description": "allows define content of any setting file inside each `Pod` during generate `ConfigMap` which will mount in `/etc/clickhouse-server/config.d/` or `/etc/clickhouse-server/conf.d/` or `/etc/clickhouse-server/users.d/`\nevery key in this object is the file name\nevery value in this object is the file content\nyou can use `!!binary |` and base64 for binary files, see details here https://yaml.org/type/binary.html\neach key could contains prefix like USERS, COMMON, HOST or config.d, users.d, cond.d, wrong prefixes will ignored, subfolders also will ignored\nMore details: https://github.com/Altinity/clickhouse-operator/blob/master/docs/chi-examples/05-settings-05-files-nested.yaml\n", + "type": "object", + "x-kubernetes-preserve-unknown-fields": true + }, + "profiles": { + "description": "allows configure .. section in each `Pod` during generate `ConfigMap` which will mount in `/etc/clickhouse-server/users.d/`\nyou can configure any aspect of settings profile\nMore details: https://clickhouse.tech/docs/en/operations/settings/settings-profiles/\nYour yaml code will convert to XML, see examples https://github.com/Altinity/clickhouse-operator/blob/master/docs/custom_resource_explained.md#specconfigurationprofiles\n", + "type": "object", + "x-kubernetes-preserve-unknown-fields": true + }, + "quotas": { + "description": "allows configure .. section in each `Pod` during generate `ConfigMap` which will mount in `/etc/clickhouse-server/users.d/`\nyou can configure any aspect of resource quotas\nMore details: https://clickhouse.tech/docs/en/operations/quotas/\nYour yaml code will convert to XML, see examples https://github.com/Altinity/clickhouse-operator/blob/master/docs/custom_resource_explained.md#specconfigurationquotas\n", + "type": "object", + "x-kubernetes-preserve-unknown-fields": true + }, + "settings": { + "description": "allows configure `clickhouse-server` settings inside ... tag in each `Pod` during generate `ConfigMap` which will mount in `/etc/clickhouse-server/config.d/`\nMore details: https://clickhouse.tech/docs/en/operations/settings/settings/\nYour yaml code will convert to XML, see examples https://github.com/Altinity/clickhouse-operator/blob/master/docs/custom_resource_explained.md#specconfigurationsettings\n", + "type": "object", + "x-kubernetes-preserve-unknown-fields": true + }, + "users": { + "description": "allows configure .. section in each `Pod` during generate `ConfigMap` which will mount in `/etc/clickhouse-server/users.d/`\nyou can configure password hashed, authorization restrictions, database level security row filters etc.\nMore details: https://clickhouse.tech/docs/en/operations/settings/settings-users/\nYour yaml code will convert to XML, see examples https://github.com/Altinity/clickhouse-operator/blob/master/docs/custom_resource_explained.md#specconfigurationusers\n", + "type": "object", + "x-kubernetes-preserve-unknown-fields": true + }, + "zookeeper": { + "description": "allows configure .. section in each `Pod` during generate `ConfigMap` which will mounted in `/etc/clickhouse-server/config.d/`\n`clickhouse-operator` itself doesn't manage Zookeeper, please install Zookeeper separatelly look examples on https://github.com/Altinity/clickhouse-operator/tree/master/deploy/zookeeper/\ncurrently, zookeeper (or clickhouse-keeper replacement) used for *ReplicatedMergeTree table engines and for `distributed_ddl`\nMore details: https://clickhouse.tech/docs/en/operations/server-configuration-parameters/settings/#server-settings_zookeeper\n", + "properties": { + "identity": { + "description": "optional access credentials string with `user:password` format used when use digest authorization in Zookeeper", + "type": "string" + }, + "nodes": { + "description": "describe every available zookeeper cluster node for interaction", + "items": { + "properties": { + "host": { + "description": "dns name or ip address for Zookeeper node", + "type": "string" + }, + "port": { + "description": "TCP port which used to connect to Zookeeper node", + "maximum": 65535, + "minimum": 0, + "type": "integer" + }, + "secure": { + "description": "if a secure connection to Zookeeper is required", + "enum": [ + "", + "0", + "1", + "False", + "false", + "True", + "true", + "No", + "no", + "Yes", + "yes", + "Off", + "off", + "On", + "on", + "Disable", + "disable", + "Enable", + "enable", + "Disabled", + "disabled", + "Enabled", + "enabled" + ], + "type": "string" + } + }, + "type": "object" + }, + "type": "array" + }, + "operation_timeout_ms": { + "description": "one operation timeout during Zookeeper transactions", + "type": "integer" + }, + "root": { + "description": "optional root znode path inside zookeeper to store ClickHouse related data (replication queue or distributed DDL)", + "type": "string" + }, + "session_timeout_ms": { + "description": "session timeout during connect to Zookeeper", + "type": "integer" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "defaults": { + "description": "define default behavior for whole ClickHouseInstallation, some behavior can be re-define on cluster, shard and replica level\nMore info: https://github.com/Altinity/clickhouse-operator/blob/master/docs/custom_resource_explained.md#specdefaults\n", + "properties": { + "distributedDDL": { + "description": "allows change `` settings\nMore info: https://clickhouse.tech/docs/en/operations/server-configuration-parameters/settings/#server-settings-distributed_ddl\n", + "properties": { + "profile": { + "description": "Settings from this profile will be used to execute DDL queries", + "type": "string" + } + }, + "type": "object" + }, + "replicasUseFQDN": { + "description": "define should replicas be specified by FQDN in ``.\nIn case of \"no\" will use short hostname and clickhouse-server will use kubernetes default suffixes for DNS lookup\n\"yes\" by default\n", + "enum": [ + "", + "0", + "1", + "False", + "false", + "True", + "true", + "No", + "no", + "Yes", + "yes", + "Off", + "off", + "On", + "on", + "Disable", + "disable", + "Enable", + "enable", + "Disabled", + "disabled", + "Enabled", + "enabled" + ], + "type": "string" + }, + "storageManagement": { + "description": "default storage management options", + "properties": { + "provisioner": { + "description": "defines `PVC` provisioner - be it StatefulSet or the Operator", + "enum": [ + "", + "StatefulSet", + "Operator" + ], + "type": "string" + }, + "reclaimPolicy": { + "description": "defines behavior of `PVC` deletion.\n`Delete` by default, if `Retain` specified then `PVC` will be kept when deleting StatefulSet\n", + "enum": [ + "", + "Retain", + "Delete" + ], + "type": "string" + } + }, + "type": "object" + }, + "templates": { + "description": "optional, configuration of the templates names which will use for generate Kubernetes resources according to one or more ClickHouse clusters described in current ClickHouseInstallation (chi) resource", + "properties": { + "clusterServiceTemplate": { + "description": "optional, template name from chi.spec.templates.serviceTemplates, allows customization for each `Service` resource which will created by `clickhouse-operator` which cover each clickhouse cluster described in `chi.spec.configuration.clusters`", + "type": "string" + }, + "dataVolumeClaimTemplate": { + "description": "optional, template name from chi.spec.templates.volumeClaimTemplates, allows customization each `PVC` which will mount for clickhouse data directory in each `Pod` during render and reconcile every StatefulSet.spec resource described in `chi.spec.configuration.clusters`", + "type": "string" + }, + "hostTemplate": { + "description": "optional, template name from chi.spec.templates.hostTemplates, which will apply to configure every `clickhouse-server` instance during render ConfigMap resources which will mount into `Pod`", + "type": "string" + }, + "logVolumeClaimTemplate": { + "description": "optional, template name from chi.spec.templates.volumeClaimTemplates, allows customization each `PVC` which will mount for clickhouse log directory in each `Pod` during render and reconcile every StatefulSet.spec resource described in `chi.spec.configuration.clusters`", + "type": "string" + }, + "podTemplate": { + "description": "optional, template name from chi.spec.templates.podTemplates, allows customization each `Pod` resource during render and reconcile each StatefulSet.spec resource described in `chi.spec.configuration.clusters`", + "type": "string" + }, + "replicaServiceTemplate": { + "description": "optional, template name from chi.spec.templates.serviceTemplates, allows customization for each `Service` resource which will created by `clickhouse-operator` which cover each replica inside each shard inside each clickhouse cluster described in `chi.spec.configuration.clusters`", + "type": "string" + }, + "serviceTemplate": { + "description": "optional, template name from chi.spec.templates.serviceTemplates, allows customization for one `Service` resource which will created by `clickhouse-operator` which cover all clusters in whole `chi` resource", + "type": "string" + }, + "shardServiceTemplate": { + "description": "optional, template name from chi.spec.templates.serviceTemplates, allows customization for each `Service` resource which will created by `clickhouse-operator` which cover each shard inside clickhouse cluster described in `chi.spec.configuration.clusters`", + "type": "string" + }, + "volumeClaimTemplate": { + "description": "DEPRECATED! VolumeClaimTemplate is deprecated in favor of DataVolumeClaimTemplate and LogVolumeClaimTemplate", + "type": "string" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "namespaceDomainPattern": { + "description": "Custom domain pattern which will be used for DNS names of `Service` or `Pod`.\nTypical use scenario - custom cluster domain in Kubernetes cluster\nExample: %s.svc.my.test\n", + "type": "string" + }, + "reconciling": { + "description": "optional, allows tuning reconciling cycle for ClickhouseInstallation from clickhouse-operator side", + "properties": { + "cleanup": { + "description": "optional, define behavior for cleanup Kubernetes resources during reconcile cycle", + "properties": { + "reconcileFailedObjects": { + "description": "what clickhouse-operator shall do when reconciling Kubernetes resources are failed, default behavior is `Retain`", + "properties": { + "configMap": { + "description": "behavior policy for failed ConfigMap reconciling, Retain by default", + "enum": [ + "", + "Retain", + "Delete" + ], + "type": "string" + }, + "pvc": { + "description": "behavior policy for failed PVC reconciling, Retain by default", + "enum": [ + "", + "Retain", + "Delete" + ], + "type": "string" + }, + "service": { + "description": "behavior policy for failed Service reconciling, Retain by default", + "enum": [ + "", + "Retain", + "Delete" + ], + "type": "string" + }, + "statefulSet": { + "description": "behavior policy for failed StatefulSet reconciling, Retain by default", + "enum": [ + "", + "Retain", + "Delete" + ], + "type": "string" + } + }, + "type": "object" + }, + "unknownObjects": { + "description": "what clickhouse-operator shall do when found Kubernetes resources which should be managed with clickhouse-operator, but not have `ownerReference` to any currently managed `ClickHouseInstallation` resource, default behavior is `Delete`", + "properties": { + "configMap": { + "description": "behavior policy for unknown ConfigMap, Delete by default", + "enum": [ + "", + "Retain", + "Delete" + ], + "type": "string" + }, + "pvc": { + "description": "behavior policy for unknown PVC, Delete by default", + "enum": [ + "", + "Retain", + "Delete" + ], + "type": "string" + }, + "service": { + "description": "behavior policy for unknown Service, Delete by default", + "enum": [ + "", + "Retain", + "Delete" + ], + "type": "string" + }, + "statefulSet": { + "description": "behavior policy for unknown StatefulSet, Delete by default", + "enum": [ + "", + "Retain", + "Delete" + ], + "type": "string" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "configMapPropagationTimeout": { + "description": "Timeout in seconds for `clickhouse-operator` to wait for modified `ConfigMap` to propagate into the `Pod`\nMore details: https://kubernetes.io/docs/concepts/configuration/configmap/#mounted-configmaps-are-updated-automatically\n", + "maximum": 3600, + "minimum": 0, + "type": "integer" + }, + "policy": { + "description": "DEPRECATED", + "type": "string" + } + }, + "type": "object" + }, + "restart": { + "description": "In case 'RollingUpdate' specified, the operator will always restart ClickHouse pods during reconcile.\nThis options is used in rare cases when force restart is required and is typically removed after the use in order to avoid unneeded restarts.\n", + "enum": [ + "", + "RollingUpdate" + ], + "type": "string" + }, + "stop": { + "description": "Allows to stop all ClickHouse clusters defined in a CHI.\nWorks as the following:\n - When `stop` is `1` operator sets `Replicas: 0` in each StatefulSet. Thie leads to having all `Pods` and `Service` deleted. All PVCs are kept intact.\n - When `stop` is `0` operator sets `Replicas: 1` and `Pod`s and `Service`s will created again and all retained PVCs will be attached to `Pod`s.\n", + "enum": [ + "", + "0", + "1", + "False", + "false", + "True", + "true", + "No", + "no", + "Yes", + "yes", + "Off", + "off", + "On", + "on", + "Disable", + "disable", + "Enable", + "enable", + "Disabled", + "disabled", + "Enabled", + "enabled" + ], + "type": "string" + }, + "taskID": { + "description": "Allows to define custom taskID for CHI update and watch status of this update execution.\nDisplayed in all .status.taskID* fields.\nBy default (if not filled) every update of CHI manifest will generate random taskID\n", + "type": "string" + }, + "templates": { + "description": "allows define templates which will use for render Kubernetes resources like StatefulSet, ConfigMap, Service, PVC, by default, clickhouse-operator have own templates, but you can override it", + "properties": { + "hostTemplates": { + "description": "hostTemplate will use during apply to generate `clickhose-server` config files", + "items": { + "properties": { + "name": { + "description": "template name, could use to link inside top-level `chi.spec.defaults.templates.hostTemplate`, cluster-level `chi.spec.configuration.clusters.templates.hostTemplate`, shard-level `chi.spec.configuration.clusters.layout.shards.temlates.hostTemplate`, replica-level `chi.spec.configuration.clusters.layout.replicas.templates.hostTemplate`", + "type": "string" + }, + "portDistribution": { + "description": "define how will distribute numeric values of named ports in `Pod.spec.containers.ports` and clickhouse-server configs", + "items": { + "properties": { + "type": { + "description": "type of distribution, when `Unspecified` (default value) then all listen ports on clickhouse-server configuration in all Pods will have the same value, when `ClusterScopeIndex` then ports will increment to offset from base value depends on shard and replica index inside cluster with combination of `chi.spec.templates.podTemlates.spec.HostNetwork` it allows setup ClickHouse cluster inside Kubernetes and provide access via external network bypass Kubernetes internal network", + "enum": [ + "", + "Unspecified", + "ClusterScopeIndex" + ], + "type": "string" + } + }, + "type": "object" + }, + "type": "array" + }, + "spec": { + "properties": { + "files": { + "description": "optional, allows define content of any setting file inside each `Pod` where this template will apply during generate `ConfigMap` which will mount in `/etc/clickhouse-server/config.d/` or `/etc/clickhouse-server/conf.d/` or `/etc/clickhouse-server/users.d/`\n", + "type": "object", + "x-kubernetes-preserve-unknown-fields": true + }, + "httpPort": { + "description": "optional, setup `http_port` inside `clickhouse-server` settings for each Pod where current template will apply\nif specified, should have equal value with `chi.spec.templates.podTemplates.spec.containers.ports[name=http]`\nMore info: https://clickhouse.tech/docs/en/interfaces/http/\n", + "maximum": 65535, + "minimum": 1, + "type": "integer" + }, + "httpsPort": { + "maximum": 65535, + "minimum": 1, + "type": "integer" + }, + "insecure": { + "description": "optional, open insecure ports for cluster, defaults to \"yes\"\n", + "enum": [ + "", + "0", + "1", + "False", + "false", + "True", + "true", + "No", + "no", + "Yes", + "yes", + "Off", + "off", + "On", + "on", + "Disable", + "disable", + "Enable", + "enable", + "Disabled", + "disabled", + "Enabled", + "enabled" + ], + "type": "string" + }, + "interserverHTTPPort": { + "description": "optional, setup `interserver_http_port` inside `clickhouse-server` settings for each Pod where current template will apply\nif specified, should have equal value with `chi.spec.templates.podTemplates.spec.containers.ports[name=interserver]`\nMore info: https://clickhouse.tech/docs/en/operations/server-configuration-parameters/settings/#interserver-http-port\n", + "maximum": 65535, + "minimum": 1, + "type": "integer" + }, + "name": { + "description": "by default, hostname will generate, but this allows define custom name for each `clickhuse-server`", + "maxLength": 15, + "minLength": 1, + "pattern": "^[a-zA-Z0-9-]{0,15}$", + "type": "string" + }, + "secure": { + "description": "optional, open secure ports\n", + "enum": [ + "", + "0", + "1", + "False", + "false", + "True", + "true", + "No", + "no", + "Yes", + "yes", + "Off", + "off", + "On", + "on", + "Disable", + "disable", + "Enable", + "enable", + "Disabled", + "disabled", + "Enabled", + "enabled" + ], + "type": "string" + }, + "settings": { + "description": "optional, allows configure `clickhouse-server` settings inside ... tag in each `Pod` where this template will apply during generate `ConfigMap` which will mount in `/etc/clickhouse-server/conf.d/`\nMore details: https://clickhouse.tech/docs/en/operations/settings/settings/\n", + "type": "object", + "x-kubernetes-preserve-unknown-fields": true + }, + "tcpPort": { + "description": "optional, setup `tcp_port` inside `clickhouse-server` settings for each Pod where current template will apply\nif specified, should have equal value with `chi.spec.templates.podTemplates.spec.containers.ports[name=tcp]`\nMore info: https://clickhouse.tech/docs/en/interfaces/tcp/\n", + "maximum": 65535, + "minimum": 1, + "type": "integer" + }, + "templates": { + "description": "be careful, this part of CRD allows override template inside template, don't use it if you don't understand what you do", + "properties": { + "clusterServiceTemplate": { + "description": "optional, template name from chi.spec.templates.serviceTemplates, allows customization for each `Service` resource which will created by `clickhouse-operator` which cover each clickhouse cluster described in `chi.spec.configuration.clusters`", + "type": "string" + }, + "dataVolumeClaimTemplate": { + "description": "optional, template name from chi.spec.templates.volumeClaimTemplates, allows customization each `PVC` which will mount for clickhouse data directory in each `Pod` during render and reconcile every StatefulSet.spec resource described in `chi.spec.configuration.clusters`", + "type": "string" + }, + "hostTemplate": { + "description": "optional, template name from chi.spec.templates.hostTemplates, which will apply to configure every `clickhouse-server` instance during render ConfigMap resources which will mount into `Pod`", + "type": "string" + }, + "logVolumeClaimTemplate": { + "description": "optional, template name from chi.spec.templates.volumeClaimTemplates, allows customization each `PVC` which will mount for clickhouse log directory in each `Pod` during render and reconcile every StatefulSet.spec resource described in `chi.spec.configuration.clusters`", + "type": "string" + }, + "podTemplate": { + "description": "optional, template name from chi.spec.templates.podTemplates, allows customization each `Pod` resource during render and reconcile each StatefulSet.spec resource described in `chi.spec.configuration.clusters`", + "type": "string" + }, + "replicaServiceTemplate": { + "description": "optional, template name from chi.spec.templates.serviceTemplates, allows customization for each `Service` resource which will created by `clickhouse-operator` which cover each replica inside each shard inside each clickhouse cluster described in `chi.spec.configuration.clusters`", + "type": "string" + }, + "serviceTemplate": { + "description": "optional, template name from chi.spec.templates.serviceTemplates, allows customization for one `Service` resource which will created by `clickhouse-operator` which cover all clusters in whole `chi` resource", + "type": "string" + }, + "shardServiceTemplate": { + "description": "optional, template name from chi.spec.templates.serviceTemplates, allows customization for each `Service` resource which will created by `clickhouse-operator` which cover each shard inside clickhouse cluster described in `chi.spec.configuration.clusters`", + "type": "string" + }, + "volumeClaimTemplate": { + "description": "DEPRECATED! VolumeClaimTemplate is deprecated in favor of DataVolumeClaimTemplate and LogVolumeClaimTemplate", + "type": "string" + } + }, + "type": "object" + }, + "tlsPort": { + "maximum": 65535, + "minimum": 1, + "type": "integer" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "type": "array" + }, + "podTemplates": { + "description": "podTemplate will use during render `Pod` inside `StatefulSet.spec` and allows define rendered `Pod.spec`, pod scheduling distribution and pod zone\nMore information: https://github.com/Altinity/clickhouse-operator/blob/master/docs/custom_resource_explained.md#spectemplatespodtemplates\n", + "items": { + "properties": { + "distribution": { + "description": "DEPRECATED, shortcut for `chi.spec.templates.podTemplates.spec.affinity.podAntiAffinity`", + "enum": [ + "", + "Unspecified", + "OnePerHost" + ], + "type": "string" + }, + "generateName": { + "description": "allows define format for generated `Pod` name, look to https://github.com/Altinity/clickhouse-operator/blob/master/docs/custom_resource_explained.md#spectemplatesservicetemplates for details about aviailable template variables", + "type": "string" + }, + "metadata": { + "description": "allows pass standard object's metadata from template to Pod\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata\n", + "type": "object", + "x-kubernetes-preserve-unknown-fields": true + }, + "name": { + "description": "template name, could use to link inside top-level `chi.spec.defaults.templates.podTemplate`, cluster-level `chi.spec.configuration.clusters.templates.podTemplate`, shard-level `chi.spec.configuration.clusters.layout.shards.temlates.podTemplate`, replica-level `chi.spec.configuration.clusters.layout.replicas.templates.podTemplate`", + "type": "string" + }, + "podDistribution": { + "description": "define ClickHouse Pod distribution policy between Kubernetes Nodes inside Shard, Replica, Namespace, CHI, another ClickHouse cluster", + "items": { + "properties": { + "number": { + "description": "define, how much ClickHouse Pods could be inside selected scope with selected distribution type", + "maximum": 65535, + "minimum": 0, + "type": "integer" + }, + "scope": { + "description": "scope for apply each podDistribution", + "enum": [ + "", + "Unspecified", + "Shard", + "Replica", + "Cluster", + "ClickHouseInstallation", + "Namespace" + ], + "type": "string" + }, + "topologyKey": { + "description": "use for inter-pod affinity look to `pod.spec.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution.podAffinityTerm.topologyKey`, More info: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#inter-pod-affinity-and-anti-affinity", + "type": "string" + }, + "type": { + "description": "you can define multiple affinity policy types", + "enum": [ + "", + "Unspecified", + "ClickHouseAntiAffinity", + "ShardAntiAffinity", + "ReplicaAntiAffinity", + "AnotherNamespaceAntiAffinity", + "AnotherClickHouseInstallationAntiAffinity", + "AnotherClusterAntiAffinity", + "MaxNumberPerNode", + "NamespaceAffinity", + "ClickHouseInstallationAffinity", + "ClusterAffinity", + "ShardAffinity", + "ReplicaAffinity", + "PreviousTailAffinity", + "CircularReplication" + ], + "type": "string" + } + }, + "type": "object" + }, + "type": "array" + }, + "spec": { + "description": "allows define whole Pod.spec inside StaefulSet.spec, look to https://kubernetes.io/docs/concepts/workloads/pods/#pod-templates for details", + "type": "object", + "x-kubernetes-preserve-unknown-fields": true + }, + "zone": { + "description": "allows define custom zone name and will separate ClickHouse `Pods` between nodes, shortcut for `chi.spec.templates.podTemplates.spec.affinity.podAntiAffinity`", + "properties": { + "key": { + "description": "optional, if defined, allows select kubernetes nodes by label with `name` equal `key`", + "type": "string" + }, + "values": { + "description": "optional, if defined, allows select kubernetes nodes by label with `value` in `values`", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "type": "array" + }, + "serviceTemplates": { + "description": "allows define template for rendering `Service` which would get endpoint from Pods which scoped chi-wide, cluster-wide, shard-wide, replica-wide level\n", + "items": { + "properties": { + "generateName": { + "description": "allows define format for generated `Service` name, look to https://github.com/Altinity/clickhouse-operator/blob/master/docs/custom_resource_explained.md#spectemplatesservicetemplates for details about aviailable template variables", + "type": "string" + }, + "metadata": { + "description": "allows pass standard object's metadata from template to Service\nCould be use for define specificly for Cloud Provider metadata which impact to behavior of service\nMore info: https://kubernetes.io/docs/concepts/services-networking/service/\n", + "type": "object", + "x-kubernetes-preserve-unknown-fields": true + }, + "name": { + "description": "template name, could use to link inside\nchi-level `chi.spec.defaults.templates.serviceTemplate`\ncluster-level `chi.spec.configuration.clusters.templates.clusterServiceTemplate`\nshard-level `chi.spec.configuration.clusters.layout.shards.temlates.shardServiceTemplate`\nreplica-level `chi.spec.configuration.clusters.layout.replicas.templates.replicaServiceTemplate` or `chi.spec.configuration.clusters.layout.shards.replicas.replicaServiceTemplate`\n", + "type": "string" + }, + "spec": { + "description": "describe behavior of generated Service\nMore info: https://kubernetes.io/docs/concepts/services-networking/service/\n", + "type": "object", + "x-kubernetes-preserve-unknown-fields": true + } + }, + "type": "object" + }, + "type": "array" + }, + "volumeClaimTemplates": { + "description": "allows define template for rendering `PVC` kubernetes resource, which would use inside `Pod` for mount clickhouse `data`, clickhouse `logs` or something else", + "items": { + "properties": { + "metadata": { + "description": "allows to pass standard object's metadata from template to PVC\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata\n", + "type": "object", + "x-kubernetes-preserve-unknown-fields": true + }, + "name": { + "description": "template name, could use to link inside\ntop-level `chi.spec.defaults.templates.dataVolumeClaimTemplate` or `chi.spec.defaults.templates.logVolumeClaimTemplate`,\ncluster-level `chi.spec.configuration.clusters.templates.dataVolumeClaimTemplate` or `chi.spec.configuration.clusters.templates.logVolumeClaimTemplate`,\nshard-level `chi.spec.configuration.clusters.layout.shards.temlates.dataVolumeClaimTemplate` or `chi.spec.configuration.clusters.layout.shards.temlates.logVolumeClaimTemplate`\nreplica-level `chi.spec.configuration.clusters.layout.replicas.templates.dataVolumeClaimTemplate` or `chi.spec.configuration.clusters.layout.replicas.templates.logVolumeClaimTemplate`\n", + "type": "string" + }, + "provisioner": { + "description": "defines `PVC` provisioner - be it StatefulSet or the Operator", + "enum": [ + "", + "StatefulSet", + "Operator" + ], + "type": "string" + }, + "reclaimPolicy": { + "description": "defines behavior of `PVC` deletion.\n`Delete` by default, if `Retain` specified then `PVC` will be kept when deleting StatefulSet\n", + "enum": [ + "", + "Retain", + "Delete" + ], + "type": "string" + }, + "spec": { + "description": "allows define all aspects of `PVC` resource\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes/#persistentvolumeclaims\n", + "type": "object", + "x-kubernetes-preserve-unknown-fields": true + } + }, + "type": "object" + }, + "type": "array" + } + }, + "type": "object" + }, + "templating": { + "description": "Optional, defines policy for applying current ClickHouseInstallationTemplate to ClickHouseInstallation(s)", + "properties": { + "chiSelector": { + "description": "Optional, defines selector for ClickHouseInstallation(s) to be templated with ClickhouseInstallationTemplate", + "type": "object", + "x-kubernetes-preserve-unknown-fields": true + }, + "policy": { + "description": "When defined as `auto` inside ClickhouseInstallationTemplate, this ClickhouseInstallationTemplate\nwill be auto-added into ClickHouseInstallation, selectable by `chiSelector`.\nDefault value is `manual`, meaning ClickHouseInstallation should request this ClickhouseInstallationTemplate explicitly.\n", + "enum": [ + "", + "auto", + "manual" + ], + "type": "string" + } + }, + "type": "object" + }, + "troubleshoot": { + "description": "Allows to troubleshoot Pods during CrashLoopBack state.\nThis may happen when wrong configuration applied, in this case `clickhouse-server` wouldn't start.\nCommand within ClickHouse container is modified with `sleep` in order to avoid quick restarts\nand give time to troubleshoot via CLI.\nLiveness and Readiness probes are disabled as well.\n", + "enum": [ + "", + "0", + "1", + "False", + "false", + "True", + "true", + "No", + "no", + "Yes", + "yes", + "Off", + "off", + "On", + "on", + "Disable", + "disable", + "Enable", + "enable", + "Disabled", + "disabled", + "Enabled", + "enabled" + ], + "type": "string" + }, + "useTemplates": { + "description": "list of `ClickHouseInstallationTemplate` (chit) resource names which will merge with current `Chi` manifest during render Kubernetes resources to create related ClickHouse clusters", + "items": { + "properties": { + "name": { + "description": "name of `ClickHouseInstallationTemplate` (chit) resource", + "type": "string" + }, + "namespace": { + "description": "Kubernetes namespace where need search `chit` resource, depending on `watchNamespaces` settings in `clichouse-operator`", + "type": "string" + }, + "useType": { + "description": "optional, current strategy is only merge, and current `chi` settings have more priority than merged template `chit`", + "enum": [ + "", + "merge" + ], + "type": "string" + } + }, + "type": "object" + }, + "type": "array" + } + }, + "type": "object" + }, + "status": { + "description": "Current ClickHouseInstallation manifest status, contains many fields like a normalized configuration, clickhouse-operator version, current action and all applied action list, current taskID and all applied taskIDs and other", + "properties": { + "action": { + "description": "Action", + "type": "string" + }, + "actions": { + "description": "Actions", + "items": { + "type": "string" + }, + "nullable": true, + "type": "array" + }, + "chop-commit": { + "description": "ClickHouse operator git commit SHA", + "type": "string" + }, + "chop-date": { + "description": "ClickHouse operator build date", + "type": "string" + }, + "chop-ip": { + "description": "IP address of the operator's pod which managed this CHI", + "type": "string" + }, + "chop-version": { + "description": "ClickHouse operator version", + "type": "string" + }, + "clusters": { + "description": "Clusters count", + "minimum": 0, + "type": "integer" + }, + "endpoint": { + "description": "Endpoint", + "type": "string" + }, + "error": { + "description": "Last error", + "type": "string" + }, + "errors": { + "description": "Errors", + "items": { + "type": "string" + }, + "nullable": true, + "type": "array" + }, + "fqdns": { + "description": "Pods FQDNs", + "items": { + "type": "string" + }, + "nullable": true, + "type": "array" + }, + "generation": { + "description": "Generation", + "minimum": 0, + "type": "integer" + }, + "hosts": { + "description": "Hosts count", + "minimum": 0, + "type": "integer" + }, + "hostsAdded": { + "description": "Added Hosts count", + "minimum": 0, + "type": "integer" + }, + "hostsCompleted": { + "description": "Completed Hosts count", + "minimum": 0, + "type": "integer" + }, + "hostsDelete": { + "description": "About to delete Hosts count", + "minimum": 0, + "type": "integer" + }, + "hostsDeleted": { + "description": "Deleted Hosts count", + "minimum": 0, + "type": "integer" + }, + "hostsUpdated": { + "description": "Updated Hosts count", + "minimum": 0, + "type": "integer" + }, + "hostsWithTablesCreated": { + "description": "List of hosts with tables created by the operator", + "items": { + "type": "string" + }, + "nullable": true, + "type": "array" + }, + "normalized": { + "description": "Normalized CHI requested", + "type": "object", + "x-kubernetes-preserve-unknown-fields": true + }, + "normalizedCompleted": { + "description": "Normalized CHI completed", + "type": "object", + "x-kubernetes-preserve-unknown-fields": true + }, + "pod-ips": { + "description": "Pod IPs", + "items": { + "type": "string" + }, + "nullable": true, + "type": "array" + }, + "pods": { + "description": "Pods", + "items": { + "type": "string" + }, + "nullable": true, + "type": "array" + }, + "replicas": { + "description": "Replicas count", + "minimum": 0, + "type": "integer" + }, + "shards": { + "description": "Shards count", + "minimum": 0, + "type": "integer" + }, + "status": { + "description": "Status", + "type": "string" + }, + "taskID": { + "description": "Current task id", + "type": "string" + }, + "taskIDsCompleted": { + "description": "Completed task ids", + "items": { + "type": "string" + }, + "nullable": true, + "type": "array" + }, + "taskIDsStarted": { + "description": "Started task ids", + "items": { + "type": "string" + }, + "nullable": true, + "type": "array" + }, + "usedTemplates": { + "description": "List of templates used to build this CHI", + "items": { + "type": "object", + "x-kubernetes-preserve-unknown-fields": true + }, + "nullable": true, + "type": "array", + "x-kubernetes-preserve-unknown-fields": true + } + }, + "type": "object" + } + }, + "required": [ + "spec" + ], + "type": "object" + } + }, + "served": true, + "storage": true, + "subresources": { + "status": {} + } + } + ] + }, + "status": { + "acceptedNames": { + "kind": "ClickHouseInstallation", + "listKind": "ClickHouseInstallationList", + "plural": "clickhouseinstallations", + "shortNames": [ + "chi" + ], + "singular": "clickhouseinstallation" + }, + "conditions": [ + { + "lastTransitionTime": "2024-02-29T05:53:48Z", + "message": "no conflicts found", + "reason": "NoConflicts", + "status": "True", + "type": "NamesAccepted" + }, + { + "lastTransitionTime": "2024-02-29T05:53:48Z", + "message": "the initial names have been accepted", + "reason": "InitialNamesAccepted", + "status": "True", + "type": "Established" + } + ], + "storedVersions": [ + "v1" + ] + } + }, + "group": "clickhouse.altinity.com", + "plural": "clickhouseinstallations", + "version": "v1" + }, + "learnrun_time": 416.1729121208191, + "namespace": "acto-clickhouse", + "preload_images": [ + "docker.io/altinity/clickhouse-operator:0.22.2", + "docker.io/library/zookeeper:3.8.1", + "docker.io/altinity/metrics-exporter:0.22.2", + "docker.io/clickhouse/clickhouse-server:22.3" + ], + "static_analysis_time": 7.62939453125e-06 +} \ No newline at end of file diff --git a/data/clickhouse-operator/cr.yaml b/data/clickhouse-operator/cr.yaml new file mode 100644 index 0000000000..6f5e9e766b --- /dev/null +++ b/data/clickhouse-operator/cr.yaml @@ -0,0 +1,37 @@ +apiVersion: "clickhouse.altinity.com/v1" +kind: "ClickHouseInstallation" + +metadata: + name: "test-cluster" + +spec: + defaults: + templates: + dataVolumeClaimTemplate: default + podTemplate: clickhouse:19.6 + + configuration: + zookeeper: + nodes: + - host: zookeeper.zoo3.ns + clusters: + - name: replicated + layout: + shardsCount: 2 + replicasCount: 2 + + templates: + volumeClaimTemplates: + - name: default + spec: + accessModes: + - ReadWriteOnce + resources: + requests: + storage: 500Mi + podTemplates: + - name: clickhouse:19.6 + spec: + containers: + - name: clickhouse-pod + image: clickhouse/clickhouse-server:22.3 \ No newline at end of file diff --git a/data/clickhouse-operator/operator.yaml b/data/clickhouse-operator/operator.yaml new file mode 100644 index 0000000000..b2bad09194 --- /dev/null +++ b/data/clickhouse-operator/operator.yaml @@ -0,0 +1,3878 @@ +# Template Parameters: +# +# KIND=ClickHouseInstallation +# SINGULAR=clickhouseinstallation +# PLURAL=clickhouseinstallations +# SHORT=chi +# OPERATOR_VERSION=0.22.2 +# +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: clickhouseinstallations.clickhouse.altinity.com + labels: + clickhouse.altinity.com/chop: 0.22.2 +spec: + group: clickhouse.altinity.com + scope: Namespaced + names: + kind: ClickHouseInstallation + singular: clickhouseinstallation + plural: clickhouseinstallations + shortNames: + - chi + versions: + - name: v1 + served: true + storage: true + additionalPrinterColumns: + - name: version + type: string + description: Operator version + priority: 1 # show in wide view + jsonPath: .status.chop-version + - name: clusters + type: integer + description: Clusters count + jsonPath: .status.clusters + - name: shards + type: integer + description: Shards count + priority: 1 # show in wide view + jsonPath: .status.shards + - name: hosts + type: integer + description: Hosts count + jsonPath: .status.hosts + - name: taskID + type: string + description: TaskID + priority: 1 # show in wide view + jsonPath: .status.taskID + - name: status + type: string + description: CHI status + jsonPath: .status.status + - name: hosts-updated + type: integer + description: Updated hosts count + priority: 1 # show in wide view + jsonPath: .status.hostsUpdated + - name: hosts-added + type: integer + description: Added hosts count + priority: 1 # show in wide view + jsonPath: .status.hostsAdded + - name: hosts-completed + type: integer + description: Completed hosts count + jsonPath: .status.hostsCompleted + - name: hosts-deleted + type: integer + description: Hosts deleted count + priority: 1 # show in wide view + jsonPath: .status.hostsDeleted + - name: hosts-delete + type: integer + description: Hosts to be deleted count + priority: 1 # show in wide view + jsonPath: .status.hostsDelete + - name: endpoint + type: string + description: Client access endpoint + priority: 1 # show in wide view + jsonPath: .status.endpoint + - name: age + type: date + description: Age of the resource + # Displayed in all priorities + jsonPath: .metadata.creationTimestamp + subresources: + status: {} + schema: + openAPIV3Schema: + description: "define a set of Kubernetes resources (StatefulSet, PVC, Service, ConfigMap) which describe behavior one or more ClickHouse clusters" + type: object + required: + - spec + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + status: + type: object + description: "Current ClickHouseInstallation manifest status, contains many fields like a normalized configuration, clickhouse-operator version, current action and all applied action list, current taskID and all applied taskIDs and other" + properties: + chop-version: + type: string + description: "ClickHouse operator version" + chop-commit: + type: string + description: "ClickHouse operator git commit SHA" + chop-date: + type: string + description: "ClickHouse operator build date" + chop-ip: + type: string + description: "IP address of the operator's pod which managed this CHI" + clusters: + type: integer + minimum: 0 + description: "Clusters count" + shards: + type: integer + minimum: 0 + description: "Shards count" + replicas: + type: integer + minimum: 0 + description: "Replicas count" + hosts: + type: integer + minimum: 0 + description: "Hosts count" + status: + type: string + description: "Status" + taskID: + type: string + description: "Current task id" + taskIDsStarted: + type: array + description: "Started task ids" + nullable: true + items: + type: string + taskIDsCompleted: + type: array + description: "Completed task ids" + nullable: true + items: + type: string + action: + type: string + description: "Action" + actions: + type: array + description: "Actions" + nullable: true + items: + type: string + error: + type: string + description: "Last error" + errors: + type: array + description: "Errors" + nullable: true + items: + type: string + hostsUpdated: + type: integer + minimum: 0 + description: "Updated Hosts count" + hostsAdded: + type: integer + minimum: 0 + description: "Added Hosts count" + hostsCompleted: + type: integer + minimum: 0 + description: "Completed Hosts count" + hostsDeleted: + type: integer + minimum: 0 + description: "Deleted Hosts count" + hostsDelete: + type: integer + minimum: 0 + description: "About to delete Hosts count" + pods: + type: array + description: "Pods" + nullable: true + items: + type: string + pod-ips: + type: array + description: "Pod IPs" + nullable: true + items: + type: string + fqdns: + type: array + description: "Pods FQDNs" + nullable: true + items: + type: string + endpoint: + type: string + description: "Endpoint" + generation: + type: integer + minimum: 0 + description: "Generation" + normalized: + type: object + description: "Normalized CHI requested" + x-kubernetes-preserve-unknown-fields: true + normalizedCompleted: + type: object + description: "Normalized CHI completed" + x-kubernetes-preserve-unknown-fields: true + hostsWithTablesCreated: + type: array + description: "List of hosts with tables created by the operator" + nullable: true + items: + type: string + usedTemplates: + type: array + description: "List of templates used to build this CHI" + nullable: true + x-kubernetes-preserve-unknown-fields: true + items: + type: object + x-kubernetes-preserve-unknown-fields: true + spec: + type: object + # x-kubernetes-preserve-unknown-fields: true + description: | + Specification of the desired behavior of one or more ClickHouse clusters + More info: https://github.com/Altinity/clickhouse-operator/blob/master/docs/custom_resource_explained.md + properties: + taskID: + type: string + description: | + Allows to define custom taskID for CHI update and watch status of this update execution. + Displayed in all .status.taskID* fields. + By default (if not filled) every update of CHI manifest will generate random taskID + stop: &TypeStringBool + type: string + description: | + Allows to stop all ClickHouse clusters defined in a CHI. + Works as the following: + - When `stop` is `1` operator sets `Replicas: 0` in each StatefulSet. Thie leads to having all `Pods` and `Service` deleted. All PVCs are kept intact. + - When `stop` is `0` operator sets `Replicas: 1` and `Pod`s and `Service`s will created again and all retained PVCs will be attached to `Pod`s. + enum: + # List StringBoolXXX constants from model + - "" + - "0" + - "1" + - "False" + - "false" + - "True" + - "true" + - "No" + - "no" + - "Yes" + - "yes" + - "Off" + - "off" + - "On" + - "on" + - "Disable" + - "disable" + - "Enable" + - "enable" + - "Disabled" + - "disabled" + - "Enabled" + - "enabled" + restart: + type: string + description: | + In case 'RollingUpdate' specified, the operator will always restart ClickHouse pods during reconcile. + This options is used in rare cases when force restart is required and is typically removed after the use in order to avoid unneeded restarts. + enum: + - "" + - "RollingUpdate" + troubleshoot: + <<: *TypeStringBool + description: | + Allows to troubleshoot Pods during CrashLoopBack state. + This may happen when wrong configuration applied, in this case `clickhouse-server` wouldn't start. + Command within ClickHouse container is modified with `sleep` in order to avoid quick restarts + and give time to troubleshoot via CLI. + Liveness and Readiness probes are disabled as well. + namespaceDomainPattern: + type: string + description: | + Custom domain pattern which will be used for DNS names of `Service` or `Pod`. + Typical use scenario - custom cluster domain in Kubernetes cluster + Example: %s.svc.my.test + templating: + type: object + # nullable: true + description: "Optional, defines policy for applying current ClickHouseInstallationTemplate to ClickHouseInstallation(s)" + properties: + policy: + type: string + description: | + When defined as `auto` inside ClickhouseInstallationTemplate, this ClickhouseInstallationTemplate + will be auto-added into ClickHouseInstallation, selectable by `chiSelector`. + Default value is `manual`, meaning ClickHouseInstallation should request this ClickhouseInstallationTemplate explicitly. + enum: + - "" + - "auto" + - "manual" + chiSelector: + type: object + description: "Optional, defines selector for ClickHouseInstallation(s) to be templated with ClickhouseInstallationTemplate" + # nullable: true + x-kubernetes-preserve-unknown-fields: true + reconciling: + type: object + description: "optional, allows tuning reconciling cycle for ClickhouseInstallation from clickhouse-operator side" + # nullable: true + properties: + policy: + type: string + description: DEPRECATED + configMapPropagationTimeout: + type: integer + description: | + Timeout in seconds for `clickhouse-operator` to wait for modified `ConfigMap` to propagate into the `Pod` + More details: https://kubernetes.io/docs/concepts/configuration/configmap/#mounted-configmaps-are-updated-automatically + minimum: 0 + maximum: 3600 + cleanup: + type: object + description: "optional, define behavior for cleanup Kubernetes resources during reconcile cycle" + # nullable: true + properties: + unknownObjects: + type: object + description: "what clickhouse-operator shall do when found Kubernetes resources which should be managed with clickhouse-operator, but not have `ownerReference` to any currently managed `ClickHouseInstallation` resource, default behavior is `Delete`" + # nullable: true + properties: + statefulSet: &TypeObjectsCleanup + type: string + description: "behavior policy for unknown StatefulSet, Delete by default" + enum: + # List ObjectsCleanupXXX constants from model + - "" + - "Retain" + - "Delete" + pvc: + type: string + <<: *TypeObjectsCleanup + description: "behavior policy for unknown PVC, Delete by default" + configMap: + <<: *TypeObjectsCleanup + description: "behavior policy for unknown ConfigMap, Delete by default" + service: + <<: *TypeObjectsCleanup + description: "behavior policy for unknown Service, Delete by default" + reconcileFailedObjects: + type: object + description: "what clickhouse-operator shall do when reconciling Kubernetes resources are failed, default behavior is `Retain`" + # nullable: true + properties: + statefulSet: + <<: *TypeObjectsCleanup + description: "behavior policy for failed StatefulSet reconciling, Retain by default" + pvc: + <<: *TypeObjectsCleanup + description: "behavior policy for failed PVC reconciling, Retain by default" + configMap: + <<: *TypeObjectsCleanup + description: "behavior policy for failed ConfigMap reconciling, Retain by default" + service: + <<: *TypeObjectsCleanup + description: "behavior policy for failed Service reconciling, Retain by default" + defaults: + type: object + description: | + define default behavior for whole ClickHouseInstallation, some behavior can be re-define on cluster, shard and replica level + More info: https://github.com/Altinity/clickhouse-operator/blob/master/docs/custom_resource_explained.md#specdefaults + # nullable: true + properties: + replicasUseFQDN: + <<: *TypeStringBool + description: | + define should replicas be specified by FQDN in ``. + In case of "no" will use short hostname and clickhouse-server will use kubernetes default suffixes for DNS lookup + "yes" by default + distributedDDL: + type: object + description: | + allows change `` settings + More info: https://clickhouse.tech/docs/en/operations/server-configuration-parameters/settings/#server-settings-distributed_ddl + # nullable: true + properties: + profile: + type: string + description: "Settings from this profile will be used to execute DDL queries" + storageManagement: + type: object + description: default storage management options + properties: + provisioner: &TypePVCProvisioner + type: string + description: "defines `PVC` provisioner - be it StatefulSet or the Operator" + enum: + - "" + - "StatefulSet" + - "Operator" + reclaimPolicy: &TypePVCReclaimPolicy + type: string + description: | + defines behavior of `PVC` deletion. + `Delete` by default, if `Retain` specified then `PVC` will be kept when deleting StatefulSet + enum: + - "" + - "Retain" + - "Delete" + templates: &TypeTemplateNames + type: object + description: "optional, configuration of the templates names which will use for generate Kubernetes resources according to one or more ClickHouse clusters described in current ClickHouseInstallation (chi) resource" + # nullable: true + properties: + hostTemplate: + type: string + description: "optional, template name from chi.spec.templates.hostTemplates, which will apply to configure every `clickhouse-server` instance during render ConfigMap resources which will mount into `Pod`" + podTemplate: + type: string + description: "optional, template name from chi.spec.templates.podTemplates, allows customization each `Pod` resource during render and reconcile each StatefulSet.spec resource described in `chi.spec.configuration.clusters`" + dataVolumeClaimTemplate: + type: string + description: "optional, template name from chi.spec.templates.volumeClaimTemplates, allows customization each `PVC` which will mount for clickhouse data directory in each `Pod` during render and reconcile every StatefulSet.spec resource described in `chi.spec.configuration.clusters`" + logVolumeClaimTemplate: + type: string + description: "optional, template name from chi.spec.templates.volumeClaimTemplates, allows customization each `PVC` which will mount for clickhouse log directory in each `Pod` during render and reconcile every StatefulSet.spec resource described in `chi.spec.configuration.clusters`" + serviceTemplate: + type: string + description: "optional, template name from chi.spec.templates.serviceTemplates, allows customization for one `Service` resource which will created by `clickhouse-operator` which cover all clusters in whole `chi` resource" + clusterServiceTemplate: + type: string + description: "optional, template name from chi.spec.templates.serviceTemplates, allows customization for each `Service` resource which will created by `clickhouse-operator` which cover each clickhouse cluster described in `chi.spec.configuration.clusters`" + shardServiceTemplate: + type: string + description: "optional, template name from chi.spec.templates.serviceTemplates, allows customization for each `Service` resource which will created by `clickhouse-operator` which cover each shard inside clickhouse cluster described in `chi.spec.configuration.clusters`" + replicaServiceTemplate: + type: string + description: "optional, template name from chi.spec.templates.serviceTemplates, allows customization for each `Service` resource which will created by `clickhouse-operator` which cover each replica inside each shard inside each clickhouse cluster described in `chi.spec.configuration.clusters`" + volumeClaimTemplate: + type: string + description: "DEPRECATED! VolumeClaimTemplate is deprecated in favor of DataVolumeClaimTemplate and LogVolumeClaimTemplate" + configuration: + type: object + description: "allows configure multiple aspects and behavior for `clickhouse-server` instance and also allows describe multiple `clickhouse-server` clusters inside one `chi` resource" + # nullable: true + properties: + zookeeper: &TypeZookeeperConfig + type: object + description: | + allows configure .. section in each `Pod` during generate `ConfigMap` which will mounted in `/etc/clickhouse-server/config.d/` + `clickhouse-operator` itself doesn't manage Zookeeper, please install Zookeeper separatelly look examples on https://github.com/Altinity/clickhouse-operator/tree/master/deploy/zookeeper/ + currently, zookeeper (or clickhouse-keeper replacement) used for *ReplicatedMergeTree table engines and for `distributed_ddl` + More details: https://clickhouse.tech/docs/en/operations/server-configuration-parameters/settings/#server-settings_zookeeper + # nullable: true + properties: + nodes: + type: array + description: "describe every available zookeeper cluster node for interaction" + # nullable: true + items: + type: object + #required: + # - host + properties: + host: + type: string + description: "dns name or ip address for Zookeeper node" + port: + type: integer + description: "TCP port which used to connect to Zookeeper node" + minimum: 0 + maximum: 65535 + secure: + <<: *TypeStringBool + description: "if a secure connection to Zookeeper is required" + session_timeout_ms: + type: integer + description: "session timeout during connect to Zookeeper" + operation_timeout_ms: + type: integer + description: "one operation timeout during Zookeeper transactions" + root: + type: string + description: "optional root znode path inside zookeeper to store ClickHouse related data (replication queue or distributed DDL)" + identity: + type: string + description: "optional access credentials string with `user:password` format used when use digest authorization in Zookeeper" + users: + type: object + description: | + allows configure .. section in each `Pod` during generate `ConfigMap` which will mount in `/etc/clickhouse-server/users.d/` + you can configure password hashed, authorization restrictions, database level security row filters etc. + More details: https://clickhouse.tech/docs/en/operations/settings/settings-users/ + Your yaml code will convert to XML, see examples https://github.com/Altinity/clickhouse-operator/blob/master/docs/custom_resource_explained.md#specconfigurationusers + # nullable: true + x-kubernetes-preserve-unknown-fields: true + profiles: + type: object + description: | + allows configure .. section in each `Pod` during generate `ConfigMap` which will mount in `/etc/clickhouse-server/users.d/` + you can configure any aspect of settings profile + More details: https://clickhouse.tech/docs/en/operations/settings/settings-profiles/ + Your yaml code will convert to XML, see examples https://github.com/Altinity/clickhouse-operator/blob/master/docs/custom_resource_explained.md#specconfigurationprofiles + # nullable: true + x-kubernetes-preserve-unknown-fields: true + quotas: + type: object + description: | + allows configure .. section in each `Pod` during generate `ConfigMap` which will mount in `/etc/clickhouse-server/users.d/` + you can configure any aspect of resource quotas + More details: https://clickhouse.tech/docs/en/operations/quotas/ + Your yaml code will convert to XML, see examples https://github.com/Altinity/clickhouse-operator/blob/master/docs/custom_resource_explained.md#specconfigurationquotas + # nullable: true + x-kubernetes-preserve-unknown-fields: true + settings: &TypeSettings + type: object + description: | + allows configure `clickhouse-server` settings inside ... tag in each `Pod` during generate `ConfigMap` which will mount in `/etc/clickhouse-server/config.d/` + More details: https://clickhouse.tech/docs/en/operations/settings/settings/ + Your yaml code will convert to XML, see examples https://github.com/Altinity/clickhouse-operator/blob/master/docs/custom_resource_explained.md#specconfigurationsettings + # nullable: true + x-kubernetes-preserve-unknown-fields: true + files: &TypeFiles + type: object + description: | + allows define content of any setting file inside each `Pod` during generate `ConfigMap` which will mount in `/etc/clickhouse-server/config.d/` or `/etc/clickhouse-server/conf.d/` or `/etc/clickhouse-server/users.d/` + every key in this object is the file name + every value in this object is the file content + you can use `!!binary |` and base64 for binary files, see details here https://yaml.org/type/binary.html + each key could contains prefix like USERS, COMMON, HOST or config.d, users.d, cond.d, wrong prefixes will ignored, subfolders also will ignored + More details: https://github.com/Altinity/clickhouse-operator/blob/master/docs/chi-examples/05-settings-05-files-nested.yaml + # nullable: true + x-kubernetes-preserve-unknown-fields: true + clusters: + type: array + description: | + describes ClickHouse clusters layout and allows change settings on cluster-level, shard-level and replica-level + every cluster is a set of StatefulSet, one StatefulSet contains only one Pod with `clickhouse-server` + all Pods will rendered in part of ClickHouse configs, mounted from ConfigMap as `/etc/clickhouse-server/config.d/chop-generated-remote_servers.xml` + Clusters will use for Distributed table engine, more details: https://clickhouse.tech/docs/en/engines/table-engines/special/distributed/ + If `cluster` contains zookeeper settings (could be inherited from top `chi` level), when you can create *ReplicatedMergeTree tables + # nullable: true + items: + type: object + #required: + # - name + properties: + name: + type: string + description: "cluster name, used to identify set of ClickHouse servers and wide used during generate names of related Kubernetes resources" + minLength: 1 + # See namePartClusterMaxLen const + maxLength: 15 + pattern: "^[a-zA-Z0-9-]{0,15}$" + zookeeper: + <<: *TypeZookeeperConfig + description: | + optional, allows configure .. section in each `Pod` only in current ClickHouse cluster, during generate `ConfigMap` which will mounted in `/etc/clickhouse-server/config.d/` + override top-level `chi.spec.configuration.zookeeper` settings + settings: + <<: *TypeSettings + description: | + optional, allows configure `clickhouse-server` settings inside ... tag in each `Pod` only in one cluster during generate `ConfigMap` which will mount in `/etc/clickhouse-server/config.d/` + override top-level `chi.spec.configuration.settings` + More details: https://clickhouse.tech/docs/en/operations/settings/settings/ + files: + <<: *TypeFiles + description: | + optional, allows define content of any setting file inside each `Pod` on current cluster during generate `ConfigMap` which will mount in `/etc/clickhouse-server/config.d/` or `/etc/clickhouse-server/conf.d/` or `/etc/clickhouse-server/users.d/` + override top-level `chi.spec.configuration.files` + templates: + <<: *TypeTemplateNames + description: | + optional, configuration of the templates names which will use for generate Kubernetes resources according to selected cluster + override top-level `chi.spec.configuration.templates` + schemaPolicy: + type: object + description: | + describes how schema is propagated within replicas and shards + properties: + replica: + type: string + description: "how schema is propagated within a replica" + enum: + # List SchemaPolicyReplicaXXX constants from model + - "" + - "None" + - "All" + shard: + type: string + description: "how schema is propagated between shards" + enum: + # List SchemaPolicyShardXXX constants from model + - "" + - "None" + - "All" + - "DistributedTablesOnly" + insecure: + <<: *TypeStringBool + description: optional, open insecure ports for cluster, defaults to "yes" + secure: + <<: *TypeStringBool + description: optional, open secure ports for cluster + secret: + type: object + description: "optional, shared secret value to secure cluster communications" + properties: + auto: + <<: *TypeStringBool + description: "Auto-generate shared secret value to secure cluster communications" + value: + description: "Cluster shared secret value in plain text" + type: string + valueFrom: + description: "Cluster shared secret source" + type: object + properties: + secretKeyRef: + description: | + Selects a key of a secret in the clickhouse installation namespace. + Should not be used if value is not empty. + type: object + properties: + name: + description: | + Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + key: + description: The key of the secret to select from. Must be a valid secret key. + type: string + optional: + description: Specify whether the Secret or its key must be defined + type: boolean + required: + - name + - key + layout: + type: object + description: | + describe current cluster layout, how much shards in cluster, how much replica in shard + allows override settings on each shard and replica separatelly + # nullable: true + properties: + type: + type: string + description: "DEPRECATED - to be removed soon" + shardsCount: + type: integer + description: "how much shards for current ClickHouse cluster will run in Kubernetes, each shard contains shared-nothing part of data and contains set of replicas, cluster contains 1 shard by default" + replicasCount: + type: integer + description: "how much replicas in each shards for current ClickHouse cluster will run in Kubernetes, each replica is a separate `StatefulSet` which contains only one `Pod` with `clickhouse-server` instance, every shard contains 1 replica by default" + shards: + type: array + description: "optional, allows override top-level `chi.spec.configuration`, cluster-level `chi.spec.configuration.clusters` settings for each shard separately, use it only if you fully understand what you do" + # nullable: true + items: + type: object + properties: + name: + type: string + description: "optional, by default shard name is generated, but you can override it and setup custom name" + minLength: 1 + # See namePartShardMaxLen const + maxLength: 15 + pattern: "^[a-zA-Z0-9-]{0,15}$" + definitionType: + type: string + description: "DEPRECATED - to be removed soon" + weight: + type: integer + description: | + optional, 1 by default, allows setup shard setting which will use during insert into tables with `Distributed` engine, + will apply in inside ConfigMap which will mount in /etc/clickhouse-server/config.d/chop-generated-remote_servers.xml + More details: https://clickhouse.tech/docs/en/engines/table-engines/special/distributed/ + internalReplication: + <<: *TypeStringBool + description: | + optional, `true` by default when `chi.spec.configuration.clusters[].layout.ReplicaCount` > 1 and 0 otherwise + allows setup setting which will use during insert into tables with `Distributed` engine for insert only in one live replica and other replicas will download inserted data during replication, + will apply in inside ConfigMap which will mount in /etc/clickhouse-server/config.d/chop-generated-remote_servers.xml + More details: https://clickhouse.tech/docs/en/engines/table-engines/special/distributed/ + settings: + <<: *TypeSettings + description: | + optional, allows configure `clickhouse-server` settings inside ... tag in each `Pod` only in one shard during generate `ConfigMap` which will mount in `/etc/clickhouse-server/config.d/` + override top-level `chi.spec.configuration.settings` and cluster-level `chi.spec.configuration.clusters.settings` + More details: https://clickhouse.tech/docs/en/operations/settings/settings/ + files: + <<: *TypeFiles + description: | + optional, allows define content of any setting file inside each `Pod` only in one shard during generate `ConfigMap` which will mount in `/etc/clickhouse-server/config.d/` or `/etc/clickhouse-server/conf.d/` or `/etc/clickhouse-server/users.d/` + override top-level `chi.spec.configuration.files` and cluster-level `chi.spec.configuration.clusters.files` + templates: + <<: *TypeTemplateNames + description: | + optional, configuration of the templates names which will use for generate Kubernetes resources according to selected shard + override top-level `chi.spec.configuration.templates` and cluster-level `chi.spec.configuration.clusters.templates` + replicasCount: + type: integer + description: | + optional, how much replicas in selected shard for selected ClickHouse cluster will run in Kubernetes, each replica is a separate `StatefulSet` which contains only one `Pod` with `clickhouse-server` instance, + shard contains 1 replica by default + override cluster-level `chi.spec.configuration.clusters.layout.replicasCount` + minimum: 1 + replicas: + type: array + description: | + optional, allows override behavior for selected replicas from cluster-level `chi.spec.configuration.clusters` and shard-level `chi.spec.configuration.clusters.layout.shards` + # nullable: true + items: + # Host + type: object + properties: + name: + type: string + description: "optional, by default replica name is generated, but you can override it and setup custom name" + minLength: 1 + # See namePartReplicaMaxLen const + maxLength: 15 + pattern: "^[a-zA-Z0-9-]{0,15}$" + insecure: + <<: *TypeStringBool + description: | + optional, open insecure ports for cluster, defaults to "yes" + secure: + <<: *TypeStringBool + description: | + optional, open secure ports + tcpPort: + type: integer + description: | + optional, setup `Pod.spec.containers.ports` with name `tcp` for selected replica, override `chi.spec.templates.hostTemplates.spec.tcpPort` + allows connect to `clickhouse-server` via TCP Native protocol via kubernetes `Service` + minimum: 1 + maximum: 65535 + tlsPort: + type: integer + minimum: 1 + maximum: 65535 + httpPort: + type: integer + description: | + optional, setup `Pod.spec.containers.ports` with name `http` for selected replica, override `chi.spec.templates.hostTemplates.spec.httpPort` + allows connect to `clickhouse-server` via HTTP protocol via kubernetes `Service` + minimum: 1 + maximum: 65535 + httpsPort: + type: integer + minimum: 1 + maximum: 65535 + interserverHTTPPort: + type: integer + description: | + optional, setup `Pod.spec.containers.ports` with name `interserver` for selected replica, override `chi.spec.templates.hostTemplates.spec.interserverHTTPPort` + allows connect between replicas inside same shard during fetch replicated data parts HTTP protocol + minimum: 1 + maximum: 65535 + settings: + <<: *TypeSettings + description: | + optional, allows configure `clickhouse-server` settings inside ... tag in `Pod` only in one replica during generate `ConfigMap` which will mount in `/etc/clickhouse-server/conf.d/` + override top-level `chi.spec.configuration.settings`, cluster-level `chi.spec.configuration.clusters.settings` and shard-level `chi.spec.configuration.clusters.layout.shards.settings` + More details: https://clickhouse.tech/docs/en/operations/settings/settings/ + files: + <<: *TypeFiles + description: | + optional, allows define content of any setting file inside `Pod` only in one replica during generate `ConfigMap` which will mount in `/etc/clickhouse-server/config.d/` or `/etc/clickhouse-server/conf.d/` or `/etc/clickhouse-server/users.d/` + override top-level `chi.spec.configuration.files`, cluster-level `chi.spec.configuration.clusters.files` and shard-level `chi.spec.configuration.clusters.layout.shards.files` + templates: + <<: *TypeTemplateNames + description: | + optional, configuration of the templates names which will use for generate Kubernetes resources according to selected replica + override top-level `chi.spec.configuration.templates`, cluster-level `chi.spec.configuration.clusters.templates` and shard-level `chi.spec.configuration.clusters.layout.shards.templates` + replicas: + type: array + description: "optional, allows override top-level `chi.spec.configuration` and cluster-level `chi.spec.configuration.clusters` configuration for each replica and each shard relates to selected replica, use it only if you fully understand what you do" + # nullable: true + items: + type: object + properties: + name: + type: string + description: "optional, by default replica name is generated, but you can override it and setup custom name" + minLength: 1 + # See namePartShardMaxLen const + maxLength: 15 + pattern: "^[a-zA-Z0-9-]{0,15}$" + settings: + <<: *TypeSettings + description: | + optional, allows configure `clickhouse-server` settings inside ... tag in `Pod` only in one replica during generate `ConfigMap` which will mount in `/etc/clickhouse-server/conf.d/` + override top-level `chi.spec.configuration.settings`, cluster-level `chi.spec.configuration.clusters.settings` and will ignore if shard-level `chi.spec.configuration.clusters.layout.shards` present + More details: https://clickhouse.tech/docs/en/operations/settings/settings/ + files: + <<: *TypeFiles + description: | + optional, allows define content of any setting file inside each `Pod` only in one replica during generate `ConfigMap` which will mount in `/etc/clickhouse-server/config.d/` or `/etc/clickhouse-server/conf.d/` or `/etc/clickhouse-server/users.d/` + override top-level `chi.spec.configuration.files` and cluster-level `chi.spec.configuration.clusters.files`, will ignore if `chi.spec.configuration.clusters.layout.shards` presents + templates: + <<: *TypeTemplateNames + description: | + optional, configuration of the templates names which will use for generate Kubernetes resources according to selected replica + override top-level `chi.spec.configuration.templates`, cluster-level `chi.spec.configuration.clusters.templates` + shardsCount: + type: integer + description: "optional, count of shards related to current replica, you can override each shard behavior on low-level `chi.spec.configuration.clusters.layout.replicas.shards`" + minimum: 1 + shards: + type: array + description: "optional, list of shards related to current replica, will ignore if `chi.spec.configuration.clusters.layout.shards` presents" + # nullable: true + items: + # Host + type: object + properties: + name: + type: string + description: "optional, by default shard name is generated, but you can override it and setup custom name" + minLength: 1 + # See namePartReplicaMaxLen const + maxLength: 15 + pattern: "^[a-zA-Z0-9-]{0,15}$" + insecure: + <<: *TypeStringBool + description: | + optional, open insecure ports for cluster, defaults to "yes" + secure: + <<: *TypeStringBool + description: | + optional, open secure ports + tcpPort: + type: integer + description: | + optional, setup `Pod.spec.containers.ports` with name `tcp` for selected shard, override `chi.spec.templates.hostTemplates.spec.tcpPort` + allows connect to `clickhouse-server` via TCP Native protocol via kubernetes `Service` + minimum: 1 + maximum: 65535 + tlsPort: + type: integer + minimum: 1 + maximum: 65535 + httpPort: + type: integer + description: | + optional, setup `Pod.spec.containers.ports` with name `http` for selected shard, override `chi.spec.templates.hostTemplates.spec.httpPort` + allows connect to `clickhouse-server` via HTTP protocol via kubernetes `Service` + minimum: 1 + maximum: 65535 + httpsPort: + type: integer + minimum: 1 + maximum: 65535 + interserverHTTPPort: + type: integer + description: | + optional, setup `Pod.spec.containers.ports` with name `interserver` for selected shard, override `chi.spec.templates.hostTemplates.spec.interserverHTTPPort` + allows connect between replicas inside same shard during fetch replicated data parts HTTP protocol + minimum: 1 + maximum: 65535 + settings: + <<: *TypeSettings + description: | + optional, allows configure `clickhouse-server` settings inside ... tag in `Pod` only in one shard related to current replica during generate `ConfigMap` which will mount in `/etc/clickhouse-server/conf.d/` + override top-level `chi.spec.configuration.settings`, cluster-level `chi.spec.configuration.clusters.settings` and replica-level `chi.spec.configuration.clusters.layout.replicas.settings` + More details: https://clickhouse.tech/docs/en/operations/settings/settings/ + files: + <<: *TypeFiles + description: | + optional, allows define content of any setting file inside each `Pod` only in one shard related to current replica during generate `ConfigMap` which will mount in `/etc/clickhouse-server/config.d/` or `/etc/clickhouse-server/conf.d/` or `/etc/clickhouse-server/users.d/` + override top-level `chi.spec.configuration.files` and cluster-level `chi.spec.configuration.clusters.files`, will ignore if `chi.spec.configuration.clusters.layout.shards` presents + templates: + <<: *TypeTemplateNames + description: | + optional, configuration of the templates names which will use for generate Kubernetes resources according to selected replica + override top-level `chi.spec.configuration.templates`, cluster-level `chi.spec.configuration.clusters.templates`, replica-level `chi.spec.configuration.clusters.layout.replicas.templates` + templates: + type: object + description: "allows define templates which will use for render Kubernetes resources like StatefulSet, ConfigMap, Service, PVC, by default, clickhouse-operator have own templates, but you can override it" + # nullable: true + properties: + hostTemplates: + type: array + description: "hostTemplate will use during apply to generate `clickhose-server` config files" + # nullable: true + items: + type: object + #required: + # - name + properties: + name: + description: "template name, could use to link inside top-level `chi.spec.defaults.templates.hostTemplate`, cluster-level `chi.spec.configuration.clusters.templates.hostTemplate`, shard-level `chi.spec.configuration.clusters.layout.shards.temlates.hostTemplate`, replica-level `chi.spec.configuration.clusters.layout.replicas.templates.hostTemplate`" + type: string + portDistribution: + type: array + description: "define how will distribute numeric values of named ports in `Pod.spec.containers.ports` and clickhouse-server configs" + # nullable: true + items: + type: object + #required: + # - type + properties: + type: + type: string + description: "type of distribution, when `Unspecified` (default value) then all listen ports on clickhouse-server configuration in all Pods will have the same value, when `ClusterScopeIndex` then ports will increment to offset from base value depends on shard and replica index inside cluster with combination of `chi.spec.templates.podTemlates.spec.HostNetwork` it allows setup ClickHouse cluster inside Kubernetes and provide access via external network bypass Kubernetes internal network" + enum: + # List PortDistributionXXX constants + - "" + - "Unspecified" + - "ClusterScopeIndex" + spec: + # Host + type: object + properties: + name: + type: string + description: "by default, hostname will generate, but this allows define custom name for each `clickhuse-server`" + minLength: 1 + # See namePartReplicaMaxLen const + maxLength: 15 + pattern: "^[a-zA-Z0-9-]{0,15}$" + insecure: + <<: *TypeStringBool + description: | + optional, open insecure ports for cluster, defaults to "yes" + secure: + <<: *TypeStringBool + description: | + optional, open secure ports + tcpPort: + type: integer + description: | + optional, setup `tcp_port` inside `clickhouse-server` settings for each Pod where current template will apply + if specified, should have equal value with `chi.spec.templates.podTemplates.spec.containers.ports[name=tcp]` + More info: https://clickhouse.tech/docs/en/interfaces/tcp/ + minimum: 1 + maximum: 65535 + tlsPort: + type: integer + minimum: 1 + maximum: 65535 + httpPort: + type: integer + description: | + optional, setup `http_port` inside `clickhouse-server` settings for each Pod where current template will apply + if specified, should have equal value with `chi.spec.templates.podTemplates.spec.containers.ports[name=http]` + More info: https://clickhouse.tech/docs/en/interfaces/http/ + minimum: 1 + maximum: 65535 + httpsPort: + type: integer + minimum: 1 + maximum: 65535 + interserverHTTPPort: + type: integer + description: | + optional, setup `interserver_http_port` inside `clickhouse-server` settings for each Pod where current template will apply + if specified, should have equal value with `chi.spec.templates.podTemplates.spec.containers.ports[name=interserver]` + More info: https://clickhouse.tech/docs/en/operations/server-configuration-parameters/settings/#interserver-http-port + minimum: 1 + maximum: 65535 + settings: + <<: *TypeSettings + description: | + optional, allows configure `clickhouse-server` settings inside ... tag in each `Pod` where this template will apply during generate `ConfigMap` which will mount in `/etc/clickhouse-server/conf.d/` + More details: https://clickhouse.tech/docs/en/operations/settings/settings/ + files: + <<: *TypeFiles + description: | + optional, allows define content of any setting file inside each `Pod` where this template will apply during generate `ConfigMap` which will mount in `/etc/clickhouse-server/config.d/` or `/etc/clickhouse-server/conf.d/` or `/etc/clickhouse-server/users.d/` + templates: + <<: *TypeTemplateNames + description: "be careful, this part of CRD allows override template inside template, don't use it if you don't understand what you do" + + podTemplates: + type: array + description: | + podTemplate will use during render `Pod` inside `StatefulSet.spec` and allows define rendered `Pod.spec`, pod scheduling distribution and pod zone + More information: https://github.com/Altinity/clickhouse-operator/blob/master/docs/custom_resource_explained.md#spectemplatespodtemplates + # nullable: true + items: + type: object + #required: + # - name + properties: + name: + type: string + description: "template name, could use to link inside top-level `chi.spec.defaults.templates.podTemplate`, cluster-level `chi.spec.configuration.clusters.templates.podTemplate`, shard-level `chi.spec.configuration.clusters.layout.shards.temlates.podTemplate`, replica-level `chi.spec.configuration.clusters.layout.replicas.templates.podTemplate`" + generateName: + type: string + description: "allows define format for generated `Pod` name, look to https://github.com/Altinity/clickhouse-operator/blob/master/docs/custom_resource_explained.md#spectemplatesservicetemplates for details about aviailable template variables" + zone: + type: object + description: "allows define custom zone name and will separate ClickHouse `Pods` between nodes, shortcut for `chi.spec.templates.podTemplates.spec.affinity.podAntiAffinity`" + #required: + # - values + properties: + key: + type: string + description: "optional, if defined, allows select kubernetes nodes by label with `name` equal `key`" + values: + type: array + description: "optional, if defined, allows select kubernetes nodes by label with `value` in `values`" + # nullable: true + items: + type: string + distribution: + type: string + description: "DEPRECATED, shortcut for `chi.spec.templates.podTemplates.spec.affinity.podAntiAffinity`" + enum: + - "" + - "Unspecified" + - "OnePerHost" + podDistribution: + type: array + description: "define ClickHouse Pod distribution policy between Kubernetes Nodes inside Shard, Replica, Namespace, CHI, another ClickHouse cluster" + # nullable: true + items: + type: object + #required: + # - type + properties: + type: + type: string + description: "you can define multiple affinity policy types" + enum: + # List PodDistributionXXX constants + - "" + - "Unspecified" + - "ClickHouseAntiAffinity" + - "ShardAntiAffinity" + - "ReplicaAntiAffinity" + - "AnotherNamespaceAntiAffinity" + - "AnotherClickHouseInstallationAntiAffinity" + - "AnotherClusterAntiAffinity" + - "MaxNumberPerNode" + - "NamespaceAffinity" + - "ClickHouseInstallationAffinity" + - "ClusterAffinity" + - "ShardAffinity" + - "ReplicaAffinity" + - "PreviousTailAffinity" + - "CircularReplication" + scope: + type: string + description: "scope for apply each podDistribution" + enum: + # list PodDistributionScopeXXX constants + - "" + - "Unspecified" + - "Shard" + - "Replica" + - "Cluster" + - "ClickHouseInstallation" + - "Namespace" + number: + type: integer + description: "define, how much ClickHouse Pods could be inside selected scope with selected distribution type" + minimum: 0 + maximum: 65535 + topologyKey: + type: string + description: "use for inter-pod affinity look to `pod.spec.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution.podAffinityTerm.topologyKey`, More info: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#inter-pod-affinity-and-anti-affinity" + spec: + # TODO specify PodSpec + type: object + description: "allows define whole Pod.spec inside StaefulSet.spec, look to https://kubernetes.io/docs/concepts/workloads/pods/#pod-templates for details" + # nullable: true + x-kubernetes-preserve-unknown-fields: true + metadata: + type: object + description: | + allows pass standard object's metadata from template to Pod + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata + # nullable: true + x-kubernetes-preserve-unknown-fields: true + + volumeClaimTemplates: + type: array + description: "allows define template for rendering `PVC` kubernetes resource, which would use inside `Pod` for mount clickhouse `data`, clickhouse `logs` or something else" + # nullable: true + items: + type: object + #required: + # - name + # - spec + properties: + name: + type: string + description: | + template name, could use to link inside + top-level `chi.spec.defaults.templates.dataVolumeClaimTemplate` or `chi.spec.defaults.templates.logVolumeClaimTemplate`, + cluster-level `chi.spec.configuration.clusters.templates.dataVolumeClaimTemplate` or `chi.spec.configuration.clusters.templates.logVolumeClaimTemplate`, + shard-level `chi.spec.configuration.clusters.layout.shards.temlates.dataVolumeClaimTemplate` or `chi.spec.configuration.clusters.layout.shards.temlates.logVolumeClaimTemplate` + replica-level `chi.spec.configuration.clusters.layout.replicas.templates.dataVolumeClaimTemplate` or `chi.spec.configuration.clusters.layout.replicas.templates.logVolumeClaimTemplate` + provisioner: *TypePVCProvisioner + reclaimPolicy: *TypePVCReclaimPolicy + metadata: + type: object + description: | + allows to pass standard object's metadata from template to PVC + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata + # nullable: true + x-kubernetes-preserve-unknown-fields: true + spec: + type: object + description: | + allows define all aspects of `PVC` resource + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes/#persistentvolumeclaims + # nullable: true + x-kubernetes-preserve-unknown-fields: true + serviceTemplates: + type: array + description: | + allows define template for rendering `Service` which would get endpoint from Pods which scoped chi-wide, cluster-wide, shard-wide, replica-wide level + # nullable: true + items: + type: object + #required: + # - name + # - spec + properties: + name: + type: string + description: | + template name, could use to link inside + chi-level `chi.spec.defaults.templates.serviceTemplate` + cluster-level `chi.spec.configuration.clusters.templates.clusterServiceTemplate` + shard-level `chi.spec.configuration.clusters.layout.shards.temlates.shardServiceTemplate` + replica-level `chi.spec.configuration.clusters.layout.replicas.templates.replicaServiceTemplate` or `chi.spec.configuration.clusters.layout.shards.replicas.replicaServiceTemplate` + generateName: + type: string + description: "allows define format for generated `Service` name, look to https://github.com/Altinity/clickhouse-operator/blob/master/docs/custom_resource_explained.md#spectemplatesservicetemplates for details about aviailable template variables" + metadata: + # TODO specify ObjectMeta + type: object + description: | + allows pass standard object's metadata from template to Service + Could be use for define specificly for Cloud Provider metadata which impact to behavior of service + More info: https://kubernetes.io/docs/concepts/services-networking/service/ + # nullable: true + x-kubernetes-preserve-unknown-fields: true + spec: + # TODO specify ServiceSpec + type: object + description: | + describe behavior of generated Service + More info: https://kubernetes.io/docs/concepts/services-networking/service/ + # nullable: true + x-kubernetes-preserve-unknown-fields: true + useTemplates: + type: array + description: "list of `ClickHouseInstallationTemplate` (chit) resource names which will merge with current `Chi` manifest during render Kubernetes resources to create related ClickHouse clusters" + # nullable: true + items: + type: object + #required: + # - name + properties: + name: + type: string + description: "name of `ClickHouseInstallationTemplate` (chit) resource" + namespace: + type: string + description: "Kubernetes namespace where need search `chit` resource, depending on `watchNamespaces` settings in `clichouse-operator`" + useType: + type: string + description: "optional, current strategy is only merge, and current `chi` settings have more priority than merged template `chit`" + enum: + # List useTypeXXX constants from model + - "" + - "merge" +--- +# Template Parameters: +# +# KIND=ClickHouseInstallationTemplate +# SINGULAR=clickhouseinstallationtemplate +# PLURAL=clickhouseinstallationtemplates +# SHORT=chit +# OPERATOR_VERSION=0.22.2 +# +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: clickhouseinstallationtemplates.clickhouse.altinity.com + labels: + clickhouse.altinity.com/chop: 0.22.2 +spec: + group: clickhouse.altinity.com + scope: Namespaced + names: + kind: ClickHouseInstallationTemplate + singular: clickhouseinstallationtemplate + plural: clickhouseinstallationtemplates + shortNames: + - chit + versions: + - name: v1 + served: true + storage: true + additionalPrinterColumns: + - name: version + type: string + description: Operator version + priority: 1 # show in wide view + jsonPath: .status.chop-version + - name: clusters + type: integer + description: Clusters count + jsonPath: .status.clusters + - name: shards + type: integer + description: Shards count + priority: 1 # show in wide view + jsonPath: .status.shards + - name: hosts + type: integer + description: Hosts count + jsonPath: .status.hosts + - name: taskID + type: string + description: TaskID + priority: 1 # show in wide view + jsonPath: .status.taskID + - name: status + type: string + description: CHI status + jsonPath: .status.status + - name: hosts-updated + type: integer + description: Updated hosts count + priority: 1 # show in wide view + jsonPath: .status.hostsUpdated + - name: hosts-added + type: integer + description: Added hosts count + priority: 1 # show in wide view + jsonPath: .status.hostsAdded + - name: hosts-completed + type: integer + description: Completed hosts count + jsonPath: .status.hostsCompleted + - name: hosts-deleted + type: integer + description: Hosts deleted count + priority: 1 # show in wide view + jsonPath: .status.hostsDeleted + - name: hosts-delete + type: integer + description: Hosts to be deleted count + priority: 1 # show in wide view + jsonPath: .status.hostsDelete + - name: endpoint + type: string + description: Client access endpoint + priority: 1 # show in wide view + jsonPath: .status.endpoint + - name: age + type: date + description: Age of the resource + # Displayed in all priorities + jsonPath: .metadata.creationTimestamp + subresources: + status: {} + schema: + openAPIV3Schema: + description: "define a set of Kubernetes resources (StatefulSet, PVC, Service, ConfigMap) which describe behavior one or more ClickHouse clusters" + type: object + required: + - spec + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + status: + type: object + description: "Current ClickHouseInstallation manifest status, contains many fields like a normalized configuration, clickhouse-operator version, current action and all applied action list, current taskID and all applied taskIDs and other" + properties: + chop-version: + type: string + description: "ClickHouse operator version" + chop-commit: + type: string + description: "ClickHouse operator git commit SHA" + chop-date: + type: string + description: "ClickHouse operator build date" + chop-ip: + type: string + description: "IP address of the operator's pod which managed this CHI" + clusters: + type: integer + minimum: 0 + description: "Clusters count" + shards: + type: integer + minimum: 0 + description: "Shards count" + replicas: + type: integer + minimum: 0 + description: "Replicas count" + hosts: + type: integer + minimum: 0 + description: "Hosts count" + status: + type: string + description: "Status" + taskID: + type: string + description: "Current task id" + taskIDsStarted: + type: array + description: "Started task ids" + nullable: true + items: + type: string + taskIDsCompleted: + type: array + description: "Completed task ids" + nullable: true + items: + type: string + action: + type: string + description: "Action" + actions: + type: array + description: "Actions" + nullable: true + items: + type: string + error: + type: string + description: "Last error" + errors: + type: array + description: "Errors" + nullable: true + items: + type: string + hostsUpdated: + type: integer + minimum: 0 + description: "Updated Hosts count" + hostsAdded: + type: integer + minimum: 0 + description: "Added Hosts count" + hostsCompleted: + type: integer + minimum: 0 + description: "Completed Hosts count" + hostsDeleted: + type: integer + minimum: 0 + description: "Deleted Hosts count" + hostsDelete: + type: integer + minimum: 0 + description: "About to delete Hosts count" + pods: + type: array + description: "Pods" + nullable: true + items: + type: string + pod-ips: + type: array + description: "Pod IPs" + nullable: true + items: + type: string + fqdns: + type: array + description: "Pods FQDNs" + nullable: true + items: + type: string + endpoint: + type: string + description: "Endpoint" + generation: + type: integer + minimum: 0 + description: "Generation" + normalized: + type: object + description: "Normalized CHI requested" + x-kubernetes-preserve-unknown-fields: true + normalizedCompleted: + type: object + description: "Normalized CHI completed" + x-kubernetes-preserve-unknown-fields: true + hostsWithTablesCreated: + type: array + description: "List of hosts with tables created by the operator" + nullable: true + items: + type: string + usedTemplates: + type: array + description: "List of templates used to build this CHI" + nullable: true + x-kubernetes-preserve-unknown-fields: true + items: + type: object + x-kubernetes-preserve-unknown-fields: true + spec: + type: object + # x-kubernetes-preserve-unknown-fields: true + description: | + Specification of the desired behavior of one or more ClickHouse clusters + More info: https://github.com/Altinity/clickhouse-operator/blob/master/docs/custom_resource_explained.md + properties: + taskID: + type: string + description: | + Allows to define custom taskID for CHI update and watch status of this update execution. + Displayed in all .status.taskID* fields. + By default (if not filled) every update of CHI manifest will generate random taskID + stop: &TypeStringBool + type: string + description: | + Allows to stop all ClickHouse clusters defined in a CHI. + Works as the following: + - When `stop` is `1` operator sets `Replicas: 0` in each StatefulSet. Thie leads to having all `Pods` and `Service` deleted. All PVCs are kept intact. + - When `stop` is `0` operator sets `Replicas: 1` and `Pod`s and `Service`s will created again and all retained PVCs will be attached to `Pod`s. + enum: + # List StringBoolXXX constants from model + - "" + - "0" + - "1" + - "False" + - "false" + - "True" + - "true" + - "No" + - "no" + - "Yes" + - "yes" + - "Off" + - "off" + - "On" + - "on" + - "Disable" + - "disable" + - "Enable" + - "enable" + - "Disabled" + - "disabled" + - "Enabled" + - "enabled" + restart: + type: string + description: | + In case 'RollingUpdate' specified, the operator will always restart ClickHouse pods during reconcile. + This options is used in rare cases when force restart is required and is typically removed after the use in order to avoid unneeded restarts. + enum: + - "" + - "RollingUpdate" + troubleshoot: + <<: *TypeStringBool + description: | + Allows to troubleshoot Pods during CrashLoopBack state. + This may happen when wrong configuration applied, in this case `clickhouse-server` wouldn't start. + Command within ClickHouse container is modified with `sleep` in order to avoid quick restarts + and give time to troubleshoot via CLI. + Liveness and Readiness probes are disabled as well. + namespaceDomainPattern: + type: string + description: | + Custom domain pattern which will be used for DNS names of `Service` or `Pod`. + Typical use scenario - custom cluster domain in Kubernetes cluster + Example: %s.svc.my.test + templating: + type: object + # nullable: true + description: "Optional, defines policy for applying current ClickHouseInstallationTemplate to ClickHouseInstallation(s)" + properties: + policy: + type: string + description: | + When defined as `auto` inside ClickhouseInstallationTemplate, this ClickhouseInstallationTemplate + will be auto-added into ClickHouseInstallation, selectable by `chiSelector`. + Default value is `manual`, meaning ClickHouseInstallation should request this ClickhouseInstallationTemplate explicitly. + enum: + - "" + - "auto" + - "manual" + chiSelector: + type: object + description: "Optional, defines selector for ClickHouseInstallation(s) to be templated with ClickhouseInstallationTemplate" + # nullable: true + x-kubernetes-preserve-unknown-fields: true + reconciling: + type: object + description: "optional, allows tuning reconciling cycle for ClickhouseInstallation from clickhouse-operator side" + # nullable: true + properties: + policy: + type: string + description: DEPRECATED + configMapPropagationTimeout: + type: integer + description: | + Timeout in seconds for `clickhouse-operator` to wait for modified `ConfigMap` to propagate into the `Pod` + More details: https://kubernetes.io/docs/concepts/configuration/configmap/#mounted-configmaps-are-updated-automatically + minimum: 0 + maximum: 3600 + cleanup: + type: object + description: "optional, define behavior for cleanup Kubernetes resources during reconcile cycle" + # nullable: true + properties: + unknownObjects: + type: object + description: "what clickhouse-operator shall do when found Kubernetes resources which should be managed with clickhouse-operator, but not have `ownerReference` to any currently managed `ClickHouseInstallation` resource, default behavior is `Delete`" + # nullable: true + properties: + statefulSet: &TypeObjectsCleanup + type: string + description: "behavior policy for unknown StatefulSet, Delete by default" + enum: + # List ObjectsCleanupXXX constants from model + - "" + - "Retain" + - "Delete" + pvc: + type: string + <<: *TypeObjectsCleanup + description: "behavior policy for unknown PVC, Delete by default" + configMap: + <<: *TypeObjectsCleanup + description: "behavior policy for unknown ConfigMap, Delete by default" + service: + <<: *TypeObjectsCleanup + description: "behavior policy for unknown Service, Delete by default" + reconcileFailedObjects: + type: object + description: "what clickhouse-operator shall do when reconciling Kubernetes resources are failed, default behavior is `Retain`" + # nullable: true + properties: + statefulSet: + <<: *TypeObjectsCleanup + description: "behavior policy for failed StatefulSet reconciling, Retain by default" + pvc: + <<: *TypeObjectsCleanup + description: "behavior policy for failed PVC reconciling, Retain by default" + configMap: + <<: *TypeObjectsCleanup + description: "behavior policy for failed ConfigMap reconciling, Retain by default" + service: + <<: *TypeObjectsCleanup + description: "behavior policy for failed Service reconciling, Retain by default" + defaults: + type: object + description: | + define default behavior for whole ClickHouseInstallation, some behavior can be re-define on cluster, shard and replica level + More info: https://github.com/Altinity/clickhouse-operator/blob/master/docs/custom_resource_explained.md#specdefaults + # nullable: true + properties: + replicasUseFQDN: + <<: *TypeStringBool + description: | + define should replicas be specified by FQDN in ``. + In case of "no" will use short hostname and clickhouse-server will use kubernetes default suffixes for DNS lookup + "yes" by default + distributedDDL: + type: object + description: | + allows change `` settings + More info: https://clickhouse.tech/docs/en/operations/server-configuration-parameters/settings/#server-settings-distributed_ddl + # nullable: true + properties: + profile: + type: string + description: "Settings from this profile will be used to execute DDL queries" + storageManagement: + type: object + description: default storage management options + properties: + provisioner: &TypePVCProvisioner + type: string + description: "defines `PVC` provisioner - be it StatefulSet or the Operator" + enum: + - "" + - "StatefulSet" + - "Operator" + reclaimPolicy: &TypePVCReclaimPolicy + type: string + description: | + defines behavior of `PVC` deletion. + `Delete` by default, if `Retain` specified then `PVC` will be kept when deleting StatefulSet + enum: + - "" + - "Retain" + - "Delete" + templates: &TypeTemplateNames + type: object + description: "optional, configuration of the templates names which will use for generate Kubernetes resources according to one or more ClickHouse clusters described in current ClickHouseInstallation (chi) resource" + # nullable: true + properties: + hostTemplate: + type: string + description: "optional, template name from chi.spec.templates.hostTemplates, which will apply to configure every `clickhouse-server` instance during render ConfigMap resources which will mount into `Pod`" + podTemplate: + type: string + description: "optional, template name from chi.spec.templates.podTemplates, allows customization each `Pod` resource during render and reconcile each StatefulSet.spec resource described in `chi.spec.configuration.clusters`" + dataVolumeClaimTemplate: + type: string + description: "optional, template name from chi.spec.templates.volumeClaimTemplates, allows customization each `PVC` which will mount for clickhouse data directory in each `Pod` during render and reconcile every StatefulSet.spec resource described in `chi.spec.configuration.clusters`" + logVolumeClaimTemplate: + type: string + description: "optional, template name from chi.spec.templates.volumeClaimTemplates, allows customization each `PVC` which will mount for clickhouse log directory in each `Pod` during render and reconcile every StatefulSet.spec resource described in `chi.spec.configuration.clusters`" + serviceTemplate: + type: string + description: "optional, template name from chi.spec.templates.serviceTemplates, allows customization for one `Service` resource which will created by `clickhouse-operator` which cover all clusters in whole `chi` resource" + clusterServiceTemplate: + type: string + description: "optional, template name from chi.spec.templates.serviceTemplates, allows customization for each `Service` resource which will created by `clickhouse-operator` which cover each clickhouse cluster described in `chi.spec.configuration.clusters`" + shardServiceTemplate: + type: string + description: "optional, template name from chi.spec.templates.serviceTemplates, allows customization for each `Service` resource which will created by `clickhouse-operator` which cover each shard inside clickhouse cluster described in `chi.spec.configuration.clusters`" + replicaServiceTemplate: + type: string + description: "optional, template name from chi.spec.templates.serviceTemplates, allows customization for each `Service` resource which will created by `clickhouse-operator` which cover each replica inside each shard inside each clickhouse cluster described in `chi.spec.configuration.clusters`" + volumeClaimTemplate: + type: string + description: "DEPRECATED! VolumeClaimTemplate is deprecated in favor of DataVolumeClaimTemplate and LogVolumeClaimTemplate" + configuration: + type: object + description: "allows configure multiple aspects and behavior for `clickhouse-server` instance and also allows describe multiple `clickhouse-server` clusters inside one `chi` resource" + # nullable: true + properties: + zookeeper: &TypeZookeeperConfig + type: object + description: | + allows configure .. section in each `Pod` during generate `ConfigMap` which will mounted in `/etc/clickhouse-server/config.d/` + `clickhouse-operator` itself doesn't manage Zookeeper, please install Zookeeper separatelly look examples on https://github.com/Altinity/clickhouse-operator/tree/master/deploy/zookeeper/ + currently, zookeeper (or clickhouse-keeper replacement) used for *ReplicatedMergeTree table engines and for `distributed_ddl` + More details: https://clickhouse.tech/docs/en/operations/server-configuration-parameters/settings/#server-settings_zookeeper + # nullable: true + properties: + nodes: + type: array + description: "describe every available zookeeper cluster node for interaction" + # nullable: true + items: + type: object + #required: + # - host + properties: + host: + type: string + description: "dns name or ip address for Zookeeper node" + port: + type: integer + description: "TCP port which used to connect to Zookeeper node" + minimum: 0 + maximum: 65535 + secure: + <<: *TypeStringBool + description: "if a secure connection to Zookeeper is required" + session_timeout_ms: + type: integer + description: "session timeout during connect to Zookeeper" + operation_timeout_ms: + type: integer + description: "one operation timeout during Zookeeper transactions" + root: + type: string + description: "optional root znode path inside zookeeper to store ClickHouse related data (replication queue or distributed DDL)" + identity: + type: string + description: "optional access credentials string with `user:password` format used when use digest authorization in Zookeeper" + users: + type: object + description: | + allows configure .. section in each `Pod` during generate `ConfigMap` which will mount in `/etc/clickhouse-server/users.d/` + you can configure password hashed, authorization restrictions, database level security row filters etc. + More details: https://clickhouse.tech/docs/en/operations/settings/settings-users/ + Your yaml code will convert to XML, see examples https://github.com/Altinity/clickhouse-operator/blob/master/docs/custom_resource_explained.md#specconfigurationusers + # nullable: true + x-kubernetes-preserve-unknown-fields: true + profiles: + type: object + description: | + allows configure .. section in each `Pod` during generate `ConfigMap` which will mount in `/etc/clickhouse-server/users.d/` + you can configure any aspect of settings profile + More details: https://clickhouse.tech/docs/en/operations/settings/settings-profiles/ + Your yaml code will convert to XML, see examples https://github.com/Altinity/clickhouse-operator/blob/master/docs/custom_resource_explained.md#specconfigurationprofiles + # nullable: true + x-kubernetes-preserve-unknown-fields: true + quotas: + type: object + description: | + allows configure .. section in each `Pod` during generate `ConfigMap` which will mount in `/etc/clickhouse-server/users.d/` + you can configure any aspect of resource quotas + More details: https://clickhouse.tech/docs/en/operations/quotas/ + Your yaml code will convert to XML, see examples https://github.com/Altinity/clickhouse-operator/blob/master/docs/custom_resource_explained.md#specconfigurationquotas + # nullable: true + x-kubernetes-preserve-unknown-fields: true + settings: &TypeSettings + type: object + description: | + allows configure `clickhouse-server` settings inside ... tag in each `Pod` during generate `ConfigMap` which will mount in `/etc/clickhouse-server/config.d/` + More details: https://clickhouse.tech/docs/en/operations/settings/settings/ + Your yaml code will convert to XML, see examples https://github.com/Altinity/clickhouse-operator/blob/master/docs/custom_resource_explained.md#specconfigurationsettings + # nullable: true + x-kubernetes-preserve-unknown-fields: true + files: &TypeFiles + type: object + description: | + allows define content of any setting file inside each `Pod` during generate `ConfigMap` which will mount in `/etc/clickhouse-server/config.d/` or `/etc/clickhouse-server/conf.d/` or `/etc/clickhouse-server/users.d/` + every key in this object is the file name + every value in this object is the file content + you can use `!!binary |` and base64 for binary files, see details here https://yaml.org/type/binary.html + each key could contains prefix like USERS, COMMON, HOST or config.d, users.d, cond.d, wrong prefixes will ignored, subfolders also will ignored + More details: https://github.com/Altinity/clickhouse-operator/blob/master/docs/chi-examples/05-settings-05-files-nested.yaml + # nullable: true + x-kubernetes-preserve-unknown-fields: true + clusters: + type: array + description: | + describes ClickHouse clusters layout and allows change settings on cluster-level, shard-level and replica-level + every cluster is a set of StatefulSet, one StatefulSet contains only one Pod with `clickhouse-server` + all Pods will rendered in part of ClickHouse configs, mounted from ConfigMap as `/etc/clickhouse-server/config.d/chop-generated-remote_servers.xml` + Clusters will use for Distributed table engine, more details: https://clickhouse.tech/docs/en/engines/table-engines/special/distributed/ + If `cluster` contains zookeeper settings (could be inherited from top `chi` level), when you can create *ReplicatedMergeTree tables + # nullable: true + items: + type: object + #required: + # - name + properties: + name: + type: string + description: "cluster name, used to identify set of ClickHouse servers and wide used during generate names of related Kubernetes resources" + minLength: 1 + # See namePartClusterMaxLen const + maxLength: 15 + pattern: "^[a-zA-Z0-9-]{0,15}$" + zookeeper: + <<: *TypeZookeeperConfig + description: | + optional, allows configure .. section in each `Pod` only in current ClickHouse cluster, during generate `ConfigMap` which will mounted in `/etc/clickhouse-server/config.d/` + override top-level `chi.spec.configuration.zookeeper` settings + settings: + <<: *TypeSettings + description: | + optional, allows configure `clickhouse-server` settings inside ... tag in each `Pod` only in one cluster during generate `ConfigMap` which will mount in `/etc/clickhouse-server/config.d/` + override top-level `chi.spec.configuration.settings` + More details: https://clickhouse.tech/docs/en/operations/settings/settings/ + files: + <<: *TypeFiles + description: | + optional, allows define content of any setting file inside each `Pod` on current cluster during generate `ConfigMap` which will mount in `/etc/clickhouse-server/config.d/` or `/etc/clickhouse-server/conf.d/` or `/etc/clickhouse-server/users.d/` + override top-level `chi.spec.configuration.files` + templates: + <<: *TypeTemplateNames + description: | + optional, configuration of the templates names which will use for generate Kubernetes resources according to selected cluster + override top-level `chi.spec.configuration.templates` + schemaPolicy: + type: object + description: | + describes how schema is propagated within replicas and shards + properties: + replica: + type: string + description: "how schema is propagated within a replica" + enum: + # List SchemaPolicyReplicaXXX constants from model + - "" + - "None" + - "All" + shard: + type: string + description: "how schema is propagated between shards" + enum: + # List SchemaPolicyShardXXX constants from model + - "" + - "None" + - "All" + - "DistributedTablesOnly" + insecure: + <<: *TypeStringBool + description: optional, open insecure ports for cluster, defaults to "yes" + secure: + <<: *TypeStringBool + description: optional, open secure ports for cluster + secret: + type: object + description: "optional, shared secret value to secure cluster communications" + properties: + auto: + <<: *TypeStringBool + description: "Auto-generate shared secret value to secure cluster communications" + value: + description: "Cluster shared secret value in plain text" + type: string + valueFrom: + description: "Cluster shared secret source" + type: object + properties: + secretKeyRef: + description: | + Selects a key of a secret in the clickhouse installation namespace. + Should not be used if value is not empty. + type: object + properties: + name: + description: | + Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + key: + description: The key of the secret to select from. Must be a valid secret key. + type: string + optional: + description: Specify whether the Secret or its key must be defined + type: boolean + required: + - name + - key + layout: + type: object + description: | + describe current cluster layout, how much shards in cluster, how much replica in shard + allows override settings on each shard and replica separatelly + # nullable: true + properties: + type: + type: string + description: "DEPRECATED - to be removed soon" + shardsCount: + type: integer + description: "how much shards for current ClickHouse cluster will run in Kubernetes, each shard contains shared-nothing part of data and contains set of replicas, cluster contains 1 shard by default" + replicasCount: + type: integer + description: "how much replicas in each shards for current ClickHouse cluster will run in Kubernetes, each replica is a separate `StatefulSet` which contains only one `Pod` with `clickhouse-server` instance, every shard contains 1 replica by default" + shards: + type: array + description: "optional, allows override top-level `chi.spec.configuration`, cluster-level `chi.spec.configuration.clusters` settings for each shard separately, use it only if you fully understand what you do" + # nullable: true + items: + type: object + properties: + name: + type: string + description: "optional, by default shard name is generated, but you can override it and setup custom name" + minLength: 1 + # See namePartShardMaxLen const + maxLength: 15 + pattern: "^[a-zA-Z0-9-]{0,15}$" + definitionType: + type: string + description: "DEPRECATED - to be removed soon" + weight: + type: integer + description: | + optional, 1 by default, allows setup shard setting which will use during insert into tables with `Distributed` engine, + will apply in inside ConfigMap which will mount in /etc/clickhouse-server/config.d/chop-generated-remote_servers.xml + More details: https://clickhouse.tech/docs/en/engines/table-engines/special/distributed/ + internalReplication: + <<: *TypeStringBool + description: | + optional, `true` by default when `chi.spec.configuration.clusters[].layout.ReplicaCount` > 1 and 0 otherwise + allows setup setting which will use during insert into tables with `Distributed` engine for insert only in one live replica and other replicas will download inserted data during replication, + will apply in inside ConfigMap which will mount in /etc/clickhouse-server/config.d/chop-generated-remote_servers.xml + More details: https://clickhouse.tech/docs/en/engines/table-engines/special/distributed/ + settings: + <<: *TypeSettings + description: | + optional, allows configure `clickhouse-server` settings inside ... tag in each `Pod` only in one shard during generate `ConfigMap` which will mount in `/etc/clickhouse-server/config.d/` + override top-level `chi.spec.configuration.settings` and cluster-level `chi.spec.configuration.clusters.settings` + More details: https://clickhouse.tech/docs/en/operations/settings/settings/ + files: + <<: *TypeFiles + description: | + optional, allows define content of any setting file inside each `Pod` only in one shard during generate `ConfigMap` which will mount in `/etc/clickhouse-server/config.d/` or `/etc/clickhouse-server/conf.d/` or `/etc/clickhouse-server/users.d/` + override top-level `chi.spec.configuration.files` and cluster-level `chi.spec.configuration.clusters.files` + templates: + <<: *TypeTemplateNames + description: | + optional, configuration of the templates names which will use for generate Kubernetes resources according to selected shard + override top-level `chi.spec.configuration.templates` and cluster-level `chi.spec.configuration.clusters.templates` + replicasCount: + type: integer + description: | + optional, how much replicas in selected shard for selected ClickHouse cluster will run in Kubernetes, each replica is a separate `StatefulSet` which contains only one `Pod` with `clickhouse-server` instance, + shard contains 1 replica by default + override cluster-level `chi.spec.configuration.clusters.layout.replicasCount` + minimum: 1 + replicas: + type: array + description: | + optional, allows override behavior for selected replicas from cluster-level `chi.spec.configuration.clusters` and shard-level `chi.spec.configuration.clusters.layout.shards` + # nullable: true + items: + # Host + type: object + properties: + name: + type: string + description: "optional, by default replica name is generated, but you can override it and setup custom name" + minLength: 1 + # See namePartReplicaMaxLen const + maxLength: 15 + pattern: "^[a-zA-Z0-9-]{0,15}$" + insecure: + <<: *TypeStringBool + description: | + optional, open insecure ports for cluster, defaults to "yes" + secure: + <<: *TypeStringBool + description: | + optional, open secure ports + tcpPort: + type: integer + description: | + optional, setup `Pod.spec.containers.ports` with name `tcp` for selected replica, override `chi.spec.templates.hostTemplates.spec.tcpPort` + allows connect to `clickhouse-server` via TCP Native protocol via kubernetes `Service` + minimum: 1 + maximum: 65535 + tlsPort: + type: integer + minimum: 1 + maximum: 65535 + httpPort: + type: integer + description: | + optional, setup `Pod.spec.containers.ports` with name `http` for selected replica, override `chi.spec.templates.hostTemplates.spec.httpPort` + allows connect to `clickhouse-server` via HTTP protocol via kubernetes `Service` + minimum: 1 + maximum: 65535 + httpsPort: + type: integer + minimum: 1 + maximum: 65535 + interserverHTTPPort: + type: integer + description: | + optional, setup `Pod.spec.containers.ports` with name `interserver` for selected replica, override `chi.spec.templates.hostTemplates.spec.interserverHTTPPort` + allows connect between replicas inside same shard during fetch replicated data parts HTTP protocol + minimum: 1 + maximum: 65535 + settings: + <<: *TypeSettings + description: | + optional, allows configure `clickhouse-server` settings inside ... tag in `Pod` only in one replica during generate `ConfigMap` which will mount in `/etc/clickhouse-server/conf.d/` + override top-level `chi.spec.configuration.settings`, cluster-level `chi.spec.configuration.clusters.settings` and shard-level `chi.spec.configuration.clusters.layout.shards.settings` + More details: https://clickhouse.tech/docs/en/operations/settings/settings/ + files: + <<: *TypeFiles + description: | + optional, allows define content of any setting file inside `Pod` only in one replica during generate `ConfigMap` which will mount in `/etc/clickhouse-server/config.d/` or `/etc/clickhouse-server/conf.d/` or `/etc/clickhouse-server/users.d/` + override top-level `chi.spec.configuration.files`, cluster-level `chi.spec.configuration.clusters.files` and shard-level `chi.spec.configuration.clusters.layout.shards.files` + templates: + <<: *TypeTemplateNames + description: | + optional, configuration of the templates names which will use for generate Kubernetes resources according to selected replica + override top-level `chi.spec.configuration.templates`, cluster-level `chi.spec.configuration.clusters.templates` and shard-level `chi.spec.configuration.clusters.layout.shards.templates` + replicas: + type: array + description: "optional, allows override top-level `chi.spec.configuration` and cluster-level `chi.spec.configuration.clusters` configuration for each replica and each shard relates to selected replica, use it only if you fully understand what you do" + # nullable: true + items: + type: object + properties: + name: + type: string + description: "optional, by default replica name is generated, but you can override it and setup custom name" + minLength: 1 + # See namePartShardMaxLen const + maxLength: 15 + pattern: "^[a-zA-Z0-9-]{0,15}$" + settings: + <<: *TypeSettings + description: | + optional, allows configure `clickhouse-server` settings inside ... tag in `Pod` only in one replica during generate `ConfigMap` which will mount in `/etc/clickhouse-server/conf.d/` + override top-level `chi.spec.configuration.settings`, cluster-level `chi.spec.configuration.clusters.settings` and will ignore if shard-level `chi.spec.configuration.clusters.layout.shards` present + More details: https://clickhouse.tech/docs/en/operations/settings/settings/ + files: + <<: *TypeFiles + description: | + optional, allows define content of any setting file inside each `Pod` only in one replica during generate `ConfigMap` which will mount in `/etc/clickhouse-server/config.d/` or `/etc/clickhouse-server/conf.d/` or `/etc/clickhouse-server/users.d/` + override top-level `chi.spec.configuration.files` and cluster-level `chi.spec.configuration.clusters.files`, will ignore if `chi.spec.configuration.clusters.layout.shards` presents + templates: + <<: *TypeTemplateNames + description: | + optional, configuration of the templates names which will use for generate Kubernetes resources according to selected replica + override top-level `chi.spec.configuration.templates`, cluster-level `chi.spec.configuration.clusters.templates` + shardsCount: + type: integer + description: "optional, count of shards related to current replica, you can override each shard behavior on low-level `chi.spec.configuration.clusters.layout.replicas.shards`" + minimum: 1 + shards: + type: array + description: "optional, list of shards related to current replica, will ignore if `chi.spec.configuration.clusters.layout.shards` presents" + # nullable: true + items: + # Host + type: object + properties: + name: + type: string + description: "optional, by default shard name is generated, but you can override it and setup custom name" + minLength: 1 + # See namePartReplicaMaxLen const + maxLength: 15 + pattern: "^[a-zA-Z0-9-]{0,15}$" + insecure: + <<: *TypeStringBool + description: | + optional, open insecure ports for cluster, defaults to "yes" + secure: + <<: *TypeStringBool + description: | + optional, open secure ports + tcpPort: + type: integer + description: | + optional, setup `Pod.spec.containers.ports` with name `tcp` for selected shard, override `chi.spec.templates.hostTemplates.spec.tcpPort` + allows connect to `clickhouse-server` via TCP Native protocol via kubernetes `Service` + minimum: 1 + maximum: 65535 + tlsPort: + type: integer + minimum: 1 + maximum: 65535 + httpPort: + type: integer + description: | + optional, setup `Pod.spec.containers.ports` with name `http` for selected shard, override `chi.spec.templates.hostTemplates.spec.httpPort` + allows connect to `clickhouse-server` via HTTP protocol via kubernetes `Service` + minimum: 1 + maximum: 65535 + httpsPort: + type: integer + minimum: 1 + maximum: 65535 + interserverHTTPPort: + type: integer + description: | + optional, setup `Pod.spec.containers.ports` with name `interserver` for selected shard, override `chi.spec.templates.hostTemplates.spec.interserverHTTPPort` + allows connect between replicas inside same shard during fetch replicated data parts HTTP protocol + minimum: 1 + maximum: 65535 + settings: + <<: *TypeSettings + description: | + optional, allows configure `clickhouse-server` settings inside ... tag in `Pod` only in one shard related to current replica during generate `ConfigMap` which will mount in `/etc/clickhouse-server/conf.d/` + override top-level `chi.spec.configuration.settings`, cluster-level `chi.spec.configuration.clusters.settings` and replica-level `chi.spec.configuration.clusters.layout.replicas.settings` + More details: https://clickhouse.tech/docs/en/operations/settings/settings/ + files: + <<: *TypeFiles + description: | + optional, allows define content of any setting file inside each `Pod` only in one shard related to current replica during generate `ConfigMap` which will mount in `/etc/clickhouse-server/config.d/` or `/etc/clickhouse-server/conf.d/` or `/etc/clickhouse-server/users.d/` + override top-level `chi.spec.configuration.files` and cluster-level `chi.spec.configuration.clusters.files`, will ignore if `chi.spec.configuration.clusters.layout.shards` presents + templates: + <<: *TypeTemplateNames + description: | + optional, configuration of the templates names which will use for generate Kubernetes resources according to selected replica + override top-level `chi.spec.configuration.templates`, cluster-level `chi.spec.configuration.clusters.templates`, replica-level `chi.spec.configuration.clusters.layout.replicas.templates` + templates: + type: object + description: "allows define templates which will use for render Kubernetes resources like StatefulSet, ConfigMap, Service, PVC, by default, clickhouse-operator have own templates, but you can override it" + # nullable: true + properties: + hostTemplates: + type: array + description: "hostTemplate will use during apply to generate `clickhose-server` config files" + # nullable: true + items: + type: object + #required: + # - name + properties: + name: + description: "template name, could use to link inside top-level `chi.spec.defaults.templates.hostTemplate`, cluster-level `chi.spec.configuration.clusters.templates.hostTemplate`, shard-level `chi.spec.configuration.clusters.layout.shards.temlates.hostTemplate`, replica-level `chi.spec.configuration.clusters.layout.replicas.templates.hostTemplate`" + type: string + portDistribution: + type: array + description: "define how will distribute numeric values of named ports in `Pod.spec.containers.ports` and clickhouse-server configs" + # nullable: true + items: + type: object + #required: + # - type + properties: + type: + type: string + description: "type of distribution, when `Unspecified` (default value) then all listen ports on clickhouse-server configuration in all Pods will have the same value, when `ClusterScopeIndex` then ports will increment to offset from base value depends on shard and replica index inside cluster with combination of `chi.spec.templates.podTemlates.spec.HostNetwork` it allows setup ClickHouse cluster inside Kubernetes and provide access via external network bypass Kubernetes internal network" + enum: + # List PortDistributionXXX constants + - "" + - "Unspecified" + - "ClusterScopeIndex" + spec: + # Host + type: object + properties: + name: + type: string + description: "by default, hostname will generate, but this allows define custom name for each `clickhuse-server`" + minLength: 1 + # See namePartReplicaMaxLen const + maxLength: 15 + pattern: "^[a-zA-Z0-9-]{0,15}$" + insecure: + <<: *TypeStringBool + description: | + optional, open insecure ports for cluster, defaults to "yes" + secure: + <<: *TypeStringBool + description: | + optional, open secure ports + tcpPort: + type: integer + description: | + optional, setup `tcp_port` inside `clickhouse-server` settings for each Pod where current template will apply + if specified, should have equal value with `chi.spec.templates.podTemplates.spec.containers.ports[name=tcp]` + More info: https://clickhouse.tech/docs/en/interfaces/tcp/ + minimum: 1 + maximum: 65535 + tlsPort: + type: integer + minimum: 1 + maximum: 65535 + httpPort: + type: integer + description: | + optional, setup `http_port` inside `clickhouse-server` settings for each Pod where current template will apply + if specified, should have equal value with `chi.spec.templates.podTemplates.spec.containers.ports[name=http]` + More info: https://clickhouse.tech/docs/en/interfaces/http/ + minimum: 1 + maximum: 65535 + httpsPort: + type: integer + minimum: 1 + maximum: 65535 + interserverHTTPPort: + type: integer + description: | + optional, setup `interserver_http_port` inside `clickhouse-server` settings for each Pod where current template will apply + if specified, should have equal value with `chi.spec.templates.podTemplates.spec.containers.ports[name=interserver]` + More info: https://clickhouse.tech/docs/en/operations/server-configuration-parameters/settings/#interserver-http-port + minimum: 1 + maximum: 65535 + settings: + <<: *TypeSettings + description: | + optional, allows configure `clickhouse-server` settings inside ... tag in each `Pod` where this template will apply during generate `ConfigMap` which will mount in `/etc/clickhouse-server/conf.d/` + More details: https://clickhouse.tech/docs/en/operations/settings/settings/ + files: + <<: *TypeFiles + description: | + optional, allows define content of any setting file inside each `Pod` where this template will apply during generate `ConfigMap` which will mount in `/etc/clickhouse-server/config.d/` or `/etc/clickhouse-server/conf.d/` or `/etc/clickhouse-server/users.d/` + templates: + <<: *TypeTemplateNames + description: "be careful, this part of CRD allows override template inside template, don't use it if you don't understand what you do" + + podTemplates: + type: array + description: | + podTemplate will use during render `Pod` inside `StatefulSet.spec` and allows define rendered `Pod.spec`, pod scheduling distribution and pod zone + More information: https://github.com/Altinity/clickhouse-operator/blob/master/docs/custom_resource_explained.md#spectemplatespodtemplates + # nullable: true + items: + type: object + #required: + # - name + properties: + name: + type: string + description: "template name, could use to link inside top-level `chi.spec.defaults.templates.podTemplate`, cluster-level `chi.spec.configuration.clusters.templates.podTemplate`, shard-level `chi.spec.configuration.clusters.layout.shards.temlates.podTemplate`, replica-level `chi.spec.configuration.clusters.layout.replicas.templates.podTemplate`" + generateName: + type: string + description: "allows define format for generated `Pod` name, look to https://github.com/Altinity/clickhouse-operator/blob/master/docs/custom_resource_explained.md#spectemplatesservicetemplates for details about aviailable template variables" + zone: + type: object + description: "allows define custom zone name and will separate ClickHouse `Pods` between nodes, shortcut for `chi.spec.templates.podTemplates.spec.affinity.podAntiAffinity`" + #required: + # - values + properties: + key: + type: string + description: "optional, if defined, allows select kubernetes nodes by label with `name` equal `key`" + values: + type: array + description: "optional, if defined, allows select kubernetes nodes by label with `value` in `values`" + # nullable: true + items: + type: string + distribution: + type: string + description: "DEPRECATED, shortcut for `chi.spec.templates.podTemplates.spec.affinity.podAntiAffinity`" + enum: + - "" + - "Unspecified" + - "OnePerHost" + podDistribution: + type: array + description: "define ClickHouse Pod distribution policy between Kubernetes Nodes inside Shard, Replica, Namespace, CHI, another ClickHouse cluster" + # nullable: true + items: + type: object + #required: + # - type + properties: + type: + type: string + description: "you can define multiple affinity policy types" + enum: + # List PodDistributionXXX constants + - "" + - "Unspecified" + - "ClickHouseAntiAffinity" + - "ShardAntiAffinity" + - "ReplicaAntiAffinity" + - "AnotherNamespaceAntiAffinity" + - "AnotherClickHouseInstallationAntiAffinity" + - "AnotherClusterAntiAffinity" + - "MaxNumberPerNode" + - "NamespaceAffinity" + - "ClickHouseInstallationAffinity" + - "ClusterAffinity" + - "ShardAffinity" + - "ReplicaAffinity" + - "PreviousTailAffinity" + - "CircularReplication" + scope: + type: string + description: "scope for apply each podDistribution" + enum: + # list PodDistributionScopeXXX constants + - "" + - "Unspecified" + - "Shard" + - "Replica" + - "Cluster" + - "ClickHouseInstallation" + - "Namespace" + number: + type: integer + description: "define, how much ClickHouse Pods could be inside selected scope with selected distribution type" + minimum: 0 + maximum: 65535 + topologyKey: + type: string + description: "use for inter-pod affinity look to `pod.spec.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution.podAffinityTerm.topologyKey`, More info: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#inter-pod-affinity-and-anti-affinity" + spec: + # TODO specify PodSpec + type: object + description: "allows define whole Pod.spec inside StaefulSet.spec, look to https://kubernetes.io/docs/concepts/workloads/pods/#pod-templates for details" + # nullable: true + x-kubernetes-preserve-unknown-fields: true + metadata: + type: object + description: | + allows pass standard object's metadata from template to Pod + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata + # nullable: true + x-kubernetes-preserve-unknown-fields: true + + volumeClaimTemplates: + type: array + description: "allows define template for rendering `PVC` kubernetes resource, which would use inside `Pod` for mount clickhouse `data`, clickhouse `logs` or something else" + # nullable: true + items: + type: object + #required: + # - name + # - spec + properties: + name: + type: string + description: | + template name, could use to link inside + top-level `chi.spec.defaults.templates.dataVolumeClaimTemplate` or `chi.spec.defaults.templates.logVolumeClaimTemplate`, + cluster-level `chi.spec.configuration.clusters.templates.dataVolumeClaimTemplate` or `chi.spec.configuration.clusters.templates.logVolumeClaimTemplate`, + shard-level `chi.spec.configuration.clusters.layout.shards.temlates.dataVolumeClaimTemplate` or `chi.spec.configuration.clusters.layout.shards.temlates.logVolumeClaimTemplate` + replica-level `chi.spec.configuration.clusters.layout.replicas.templates.dataVolumeClaimTemplate` or `chi.spec.configuration.clusters.layout.replicas.templates.logVolumeClaimTemplate` + provisioner: *TypePVCProvisioner + reclaimPolicy: *TypePVCReclaimPolicy + metadata: + type: object + description: | + allows to pass standard object's metadata from template to PVC + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata + # nullable: true + x-kubernetes-preserve-unknown-fields: true + spec: + type: object + description: | + allows define all aspects of `PVC` resource + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes/#persistentvolumeclaims + # nullable: true + x-kubernetes-preserve-unknown-fields: true + serviceTemplates: + type: array + description: | + allows define template for rendering `Service` which would get endpoint from Pods which scoped chi-wide, cluster-wide, shard-wide, replica-wide level + # nullable: true + items: + type: object + #required: + # - name + # - spec + properties: + name: + type: string + description: | + template name, could use to link inside + chi-level `chi.spec.defaults.templates.serviceTemplate` + cluster-level `chi.spec.configuration.clusters.templates.clusterServiceTemplate` + shard-level `chi.spec.configuration.clusters.layout.shards.temlates.shardServiceTemplate` + replica-level `chi.spec.configuration.clusters.layout.replicas.templates.replicaServiceTemplate` or `chi.spec.configuration.clusters.layout.shards.replicas.replicaServiceTemplate` + generateName: + type: string + description: "allows define format for generated `Service` name, look to https://github.com/Altinity/clickhouse-operator/blob/master/docs/custom_resource_explained.md#spectemplatesservicetemplates for details about aviailable template variables" + metadata: + # TODO specify ObjectMeta + type: object + description: | + allows pass standard object's metadata from template to Service + Could be use for define specificly for Cloud Provider metadata which impact to behavior of service + More info: https://kubernetes.io/docs/concepts/services-networking/service/ + # nullable: true + x-kubernetes-preserve-unknown-fields: true + spec: + # TODO specify ServiceSpec + type: object + description: | + describe behavior of generated Service + More info: https://kubernetes.io/docs/concepts/services-networking/service/ + # nullable: true + x-kubernetes-preserve-unknown-fields: true + useTemplates: + type: array + description: "list of `ClickHouseInstallationTemplate` (chit) resource names which will merge with current `Chi` manifest during render Kubernetes resources to create related ClickHouse clusters" + # nullable: true + items: + type: object + #required: + # - name + properties: + name: + type: string + description: "name of `ClickHouseInstallationTemplate` (chit) resource" + namespace: + type: string + description: "Kubernetes namespace where need search `chit` resource, depending on `watchNamespaces` settings in `clichouse-operator`" + useType: + type: string + description: "optional, current strategy is only merge, and current `chi` settings have more priority than merged template `chit`" + enum: + # List useTypeXXX constants from model + - "" + - "merge" +--- +# Template Parameters: +# +# NONE +# +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: clickhouseoperatorconfigurations.clickhouse.altinity.com + labels: + clickhouse.altinity.com/chop: 0.22.2 +spec: + group: clickhouse.altinity.com + scope: Namespaced + names: + kind: ClickHouseOperatorConfiguration + singular: clickhouseoperatorconfiguration + plural: clickhouseoperatorconfigurations + shortNames: + - chopconf + versions: + - name: v1 + served: true + storage: true + additionalPrinterColumns: + - name: namespaces + type: string + description: Watch namespaces + jsonPath: .status + - name: age + type: date + description: Age of the resource + # Displayed in all priorities + jsonPath: .metadata.creationTimestamp + schema: + openAPIV3Schema: + type: object + description: "allows customize `clickhouse-operator` settings, need restart clickhouse-operator pod after adding, more details https://github.com/Altinity/clickhouse-operator/blob/master/docs/operator_configuration.md" + x-kubernetes-preserve-unknown-fields: true + properties: + status: + type: object + x-kubernetes-preserve-unknown-fields: true + spec: + type: object + description: | + Allows to define settings of the clickhouse-operator. + More info: https://github.com/Altinity/clickhouse-operator/blob/master/config/config.yaml + Check into etc-clickhouse-operator* ConfigMaps if you need more control + x-kubernetes-preserve-unknown-fields: true + properties: + watch: + type: object + description: "Parameters for watch kubernetes resources which used by clickhouse-operator deployment" + properties: + namespaces: + type: array + description: "List of namespaces where clickhouse-operator watches for events." + items: + type: string + clickhouse: + type: object + description: "Clickhouse related parameters used by clickhouse-operator" + properties: + configuration: + type: object + properties: + file: + type: object + properties: + path: + type: object + properties: + common: + type: string + description: "Path to the folder where ClickHouse configuration files common for all instances within a CHI are located. Default - config.d" + host: + type: string + description: "Path to the folder where ClickHouse configuration files unique for each instance (host) within a CHI are located. Default - conf.d" + user: + type: string + description: "Path to the folder where ClickHouse configuration files with users settings are located. Files are common for all instances within a CHI. Default - users.d" + user: + type: object + description: "Default parameters for any user which will create" + properties: + default: + type: object + properties: + profile: + type: string + description: "ClickHouse server configuration `...` for any " + quota: + type: string + description: "ClickHouse server configuration `...` for any " + networksIP: + type: array + description: "ClickHouse server configuration `...` for any " + items: + type: string + password: + type: string + description: "ClickHouse server configuration `...` for any " + network: + type: object + description: "Default network parameters for any user which will create" + properties: + hostRegexpTemplate: + type: string + description: "ClickHouse server configuration `...` for any " + configurationRestartPolicy: + type: object + description: "Configuration restart policy describes what configuration changes require ClickHouse restart" + properties: + rules: + type: array + description: "Array of set of rules per specified ClickHouse versions" + items: + type: object + properties: + version: + type: string + description: "ClickHouse version expression" + rules: + type: array + description: "Set of configuration rules for specified ClickHouse version" + items: + type: object + description: "setting: value pairs for configuration restart policy" + access: + type: object + description: "parameters which use for connect to clickhouse from clickhouse-operator deployment" + properties: + scheme: + type: string + description: "The scheme to user for connecting to ClickHouse. Possible values: http, https, auto" + username: + type: string + description: "ClickHouse username to be used by operator to connect to ClickHouse instances, deprecated, use chCredentialsSecretName" + password: + type: string + description: "ClickHouse password to be used by operator to connect to ClickHouse instances, deprecated, use chCredentialsSecretName" + rootCA: + type: string + description: "Root certificate authority that clients use when verifying server certificates. Used for https connection to ClickHouse" + secret: + type: object + properties: + namespace: + type: string + description: "Location of k8s Secret with username and password to be used by operator to connect to ClickHouse instances" + name: + type: string + description: "Name of k8s Secret with username and password to be used by operator to connect to ClickHouse instances" + port: + type: integer + minimum: 1 + maximum: 65535 + description: "Port to be used by operator to connect to ClickHouse instances" + timeouts: + type: object + description: "Timeouts used to limit connection and queries from the operator to ClickHouse instances, In seconds" + properties: + connect: + type: integer + minimum: 1 + maximum: 10 + description: "Timout to setup connection from the operator to ClickHouse instances. In seconds." + query: + type: integer + minimum: 1 + maximum: 600 + description: "Timout to perform SQL query from the operator to ClickHouse instances. In seconds." + metrics: + type: object + description: "parameters which use for connect to fetch metrics from clickhouse by clickhouse-operator" + properties: + timeouts: + type: object + description: | + Timeouts used to limit connection and queries from the metrics exporter to ClickHouse instances + Specified in seconds. + properties: + collect: + type: integer + minimum: 1 + maximum: 600 + description: | + Timeout used to limit metrics collection request. In seconds. + Upon reaching this timeout metrics collection is aborted and no more metrics are collected in this cycle. + All collected metrics are returned. + template: + type: object + description: "Parameters which are used if you want to generate ClickHouseInstallationTemplate custom resources from files which are stored inside clickhouse-operator deployment" + properties: + chi: + type: object + properties: + policy: + type: string + description: | + CHI template updates handling policy + Possible policy values: + - ReadOnStart. Accept CHIT updates on the operators start only. + - ApplyOnNextReconcile. Accept CHIT updates at all time. Apply news CHITs on next regular reconcile of the CHI + enum: + - "" + - "ReadOnStart" + - "ApplyOnNextReconcile" + path: + type: string + description: "Path to folder where ClickHouseInstallationTemplate .yaml manifests are located." + reconcile: + type: object + description: "allow tuning reconciling process" + properties: + runtime: + type: object + description: "runtime parameters for clickhouse-operator process which are used during reconcile cycle" + properties: + reconcileCHIsThreadsNumber: + type: integer + minimum: 1 + maximum: 65535 + description: "How many goroutines will be used to reconcile CHIs in parallel, 10 by default" + reconcileShardsThreadsNumber: + type: integer + minimum: 1 + maximum: 65535 + description: "How many goroutines will be used to reconcile shards of a cluster in parallel, 1 by default" + reconcileShardsMaxConcurrencyPercent: + type: integer + minimum: 0 + maximum: 100 + description: "The maximum percentage of cluster shards that may be reconciled in parallel, 50 percent by default." + statefulSet: + type: object + description: "Allow change default behavior for reconciling StatefulSet which generated by clickhouse-operator" + properties: + create: + type: object + description: "Behavior during create StatefulSet" + properties: + onFailure: + type: string + description: | + What to do in case created StatefulSet is not in Ready after `statefulSetUpdateTimeout` seconds + Possible options: + 1. abort - do nothing, just break the process and wait for admin. + 2. delete - delete newly created problematic StatefulSet. + 3. ignore (default) - ignore error, pretend nothing happened and move on to the next StatefulSet. + update: + type: object + description: "Behavior during update StatefulSet" + properties: + timeout: + type: integer + description: "How many seconds to wait for created/updated StatefulSet to be Ready" + pollInterval: + type: integer + description: "How many seconds to wait between checks for created/updated StatefulSet status" + onFailure: + type: string + description: | + What to do in case updated StatefulSet is not in Ready after `statefulSetUpdateTimeout` seconds + Possible options: + 1. abort - do nothing, just break the process and wait for admin. + 2. rollback (default) - delete Pod and rollback StatefulSet to previous Generation. Pod would be recreated by StatefulSet based on rollback-ed configuration. + 3. ignore - ignore error, pretend nothing happened and move on to the next StatefulSet. + host: + type: object + description: | + Whether the operator during reconcile procedure should wait for a ClickHouse host: + - to be excluded from a ClickHouse cluster + - to complete all running queries + - to be included into a ClickHouse cluster + respectfully before moving forward + + properties: + wait: + type: object + properties: + exclude: &TypeStringBool + type: string + description: "Whether the operator during reconcile procedure should wait for a ClickHouse host to be excluded from a ClickHouse cluster" + enum: + # List StringBoolXXX constants from model + - "" + - "0" + - "1" + - "False" + - "false" + - "True" + - "true" + - "No" + - "no" + - "Yes" + - "yes" + - "Off" + - "off" + - "On" + - "on" + - "Disable" + - "disable" + - "Enable" + - "enable" + - "Disabled" + - "disabled" + - "Enabled" + - "enabled" + queries: + <<: *TypeStringBool + description: "Whether the operator during reconcile procedure should wait for a ClickHouse host to complete all running queries" + include: + <<: *TypeStringBool + description: "Whether the operator during reconcile procedure should wait for a ClickHouse host to be included into a ClickHouse cluster" + annotation: + type: object + description: "defines which metadata.annotations items will include or exclude during render StatefulSet, Pod, PVC resources" + properties: + include: + type: array + description: | + When propagating labels from the chi's `metadata.annotations` section to child objects' `metadata.annotations`, + include annotations with names from the following list + items: + type: string + exclude: + type: array + description: | + When propagating labels from the chi's `metadata.annotations` section to child objects' `metadata.annotations`, + exclude annotations with names from the following list + items: + type: string + label: + type: object + description: "defines which metadata.labels will include or exclude during render StatefulSet, Pod, PVC resources" + properties: + include: + type: array + description: | + When propagating labels from the chi's `metadata.labels` section to child objects' `metadata.labels`, + include labels from the following list + items: + type: string + exclude: + type: array + items: + type: string + description: | + When propagating labels from the chi's `metadata.labels` section to child objects' `metadata.labels`, + exclude labels from the following list + appendScope: + <<: *TypeStringBool + description: | + Whether to append *Scope* labels to StatefulSet and Pod + - "LabelShardScopeIndex" + - "LabelReplicaScopeIndex" + - "LabelCHIScopeIndex" + - "LabelCHIScopeCycleSize" + - "LabelCHIScopeCycleIndex" + - "LabelCHIScopeCycleOffset" + - "LabelClusterScopeIndex" + - "LabelClusterScopeCycleSize" + - "LabelClusterScopeCycleIndex" + - "LabelClusterScopeCycleOffset" + statefulSet: + type: object + description: "define StatefulSet-specific parameters" + properties: + revisionHistoryLimit: + type: integer + description: | + revisionHistoryLimit is the maximum number of revisions that will be + maintained in the StatefulSet's revision history. + Look details in `statefulset.spec.revisionHistoryLimit` + pod: + type: object + description: "define pod specific parameters" + properties: + terminationGracePeriod: + type: integer + description: | + Optional duration in seconds the pod needs to terminate gracefully. + Look details in `pod.spec.terminationGracePeriodSeconds` + logger: + type: object + description: "allow setup clickhouse-operator logger behavior" + properties: + logtostderr: + type: string + description: "boolean, allows logs to stderr" + alsologtostderr: + type: string + description: "boolean allows logs to stderr and files both" + v: + type: string + description: "verbosity level of clickhouse-operator log, default - 1 max - 9" + stderrthreshold: + type: string + vmodule: + type: string + description: | + Comma-separated list of filename=N, where filename (can be a pattern) must have no .go ext, and N is a V level. + Ex.: file*=2 sets the 'V' to 2 in all files with names like file*. + log_backtrace_at: + type: string + description: | + It can be set to a file and line number with a logging line. + Ex.: file.go:123 + Each time when this line is being executed, a stack trace will be written to the Info log. +--- +# Template Parameters: +# +# COMMENT= +# NAMESPACE=kube-system +# NAME=clickhouse-operator +# +# Setup ServiceAccount +apiVersion: v1 +kind: ServiceAccount +metadata: + name: clickhouse-operator + namespace: acto-clickhouse + labels: + clickhouse.altinity.com/chop: 0.22.2 +--- +# Template Parameters: +# +# NAMESPACE=kube-system +# COMMENT=# +# ROLE_KIND=ClusterRole +# ROLE_NAME=clickhouse-operator-kube-system +# ROLE_BINDING_KIND=ClusterRoleBinding +# ROLE_BINDING_NAME=clickhouse-operator-kube-system +# +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: clickhouse-operator-kube-system + #namespace: acto-clickhouse + labels: + clickhouse.altinity.com/chop: 0.22.2 +rules: +- apiGroups: + - "" + resources: + - configmaps + - services + - persistentvolumeclaims + - secrets + verbs: + - get + - list + - patch + - update + - watch + - create + - delete +- apiGroups: + - "" + resources: + - endpoints + verbs: + - get + - list + - watch +- apiGroups: + - "" + resources: + - events + verbs: + - create +- apiGroups: + - "" + resources: + - persistentvolumes + verbs: + - get + - list + - patch + - update + - watch +- apiGroups: + - "" + resources: + - pods + verbs: + - get + - list + - patch + - update + - watch + - delete +- apiGroups: + - apps + resources: + - statefulsets + verbs: + - get + - list + - patch + - update + - watch + - create + - delete +- apiGroups: + - apps + resources: + - replicasets + verbs: + - get + - patch + - update + - delete +- apiGroups: + - apps + resourceNames: + - clickhouse-operator + resources: + - deployments + verbs: + - get + - patch + - update + - delete +- apiGroups: + - policy + resources: + - poddisruptionbudgets + verbs: + - get + - list + - patch + - update + - watch + - create + - delete +- apiGroups: + - clickhouse.altinity.com + resources: + - clickhouseinstallations + verbs: + - get + - patch + - update + - delete +- apiGroups: + - clickhouse.altinity.com + resources: + - clickhouseinstallations + - clickhouseinstallationtemplates + - clickhouseoperatorconfigurations + verbs: + - get + - list + - watch +- apiGroups: + - clickhouse.altinity.com + resources: + - clickhouseinstallations/finalizers + - clickhouseinstallationtemplates/finalizers + - clickhouseoperatorconfigurations/finalizers + verbs: + - update +- apiGroups: + - clickhouse.altinity.com + resources: + - clickhouseinstallations/status + - clickhouseinstallationtemplates/status + - clickhouseoperatorconfigurations/status + verbs: + - get + - update + - patch + - create + - delete +- apiGroups: + - "" + resources: + - secrets + verbs: + - get + - list +- apiGroups: + - apiextensions.k8s.io + resources: + - customresourcedefinitions + verbs: + - get + - list +--- +# Setup ClusterRoleBinding between ClusterRole and ServiceAccount. +# ClusterRoleBinding is namespace-less and must have unique name +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: clickhouse-operator-kube-system + #namespace: acto-clickhouse + labels: + clickhouse.altinity.com/chop: 0.22.2 +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: clickhouse-operator-kube-system +subjects: +- kind: ServiceAccount + name: clickhouse-operator + namespace: acto-clickhouse +--- +# Template Parameters: +# +# NAME=etc-clickhouse-operator-files +# NAMESPACE=kube-system +# COMMENT= +# +apiVersion: v1 +kind: ConfigMap +metadata: + name: etc-clickhouse-operator-files + namespace: acto-clickhouse + labels: + clickhouse.altinity.com/chop: 0.22.2 + app: clickhouse-operator +data: + config.yaml: | + # IMPORTANT + # This file is auto-generated + # Do not edit this file - all changes would be lost + # Edit appropriate template in the following folder: + # deploy/builder/templates-config + # IMPORTANT + # + # Template parameters available: + # WATCH_NAMESPACES= + # CH_USERNAME_PLAIN= + # CH_PASSWORD_PLAIN= + # CH_CREDENTIALS_SECRET_NAMESPACE= + # CH_CREDENTIALS_SECRET_NAME=clickhouse-operator + + ################################################ + ## + ## Watch section + ## + ################################################ + watch: + # List of namespaces where clickhouse-operator watches for events. + # Concurrently running operators should watch on different namespaces. + # IMPORTANT + # Regexp is applicable. + #namespaces: ["dev", "test"] + namespaces: [] + + clickhouse: + configuration: + ################################################ + ## + ## Configuration files section + ## + ################################################ + file: + path: + # Path to the folder where ClickHouse configuration files common for all instances within a CHI are located. + common: config.d + # Path to the folder where ClickHouse configuration files unique for each instance (host) within a CHI are located. + host: conf.d + # Path to the folder where ClickHouse configuration files with users' settings are located. + # Files are common for all instances within a CHI. + user: users.d + ################################################ + ## + ## Configuration users section + ## + ################################################ + user: + # Default settings for user accounts, created by the operator. + # IMPORTANT. These are not access credentials or settings for 'default' user account, + # it is a template for filling out missing fields for all user accounts to be created by the operator, + # with the following EXCEPTIONS: + # 1. 'default' user account DOES NOT use provided password, but uses all the rest of the fields. + # Password for 'default' user account has to be provided explicitly, if to be used. + # 2. CHOP user account DOES NOT use: + # - profile setting. It uses predefined profile called 'clickhouse_operator' + # - quota setting. It uses empty quota name. + # - networks IP setting. Operator specifies 'networks/ip' user setting to match operators' pod IP only. + # - password setting. Password for CHOP account is used from 'clickhouse.access.*' section + default: + # Default values for ClickHouse user account(s) created by the operator + # 1. user/profile - string + # 2. user/quota - string + # 3. user/networks/ip - multiple strings + # 4. user/password - string + # These values can be overwritten on per-user basis. + profile: "default" + quota: "default" + networksIP: + - "::1" + - "127.0.0.1" + password: "default" + ################################################ + ## + ## Configuration network section + ## + ################################################ + network: + # Default host_regexp to limit network connectivity from outside + hostRegexpTemplate: "(chi-{chi}-[^.]+\\d+-\\d+|clickhouse\\-{chi})\\.{namespace}\\.svc\\.cluster\\.local$" + + ################################################ + ## + ## Configuration restart policy section + ## Configuration restart policy describes what configuration changes require ClickHouse restart + ## + ################################################ + configurationRestartPolicy: + rules: + # IMPORTANT! + # Default version will also be used in case ClickHouse version is unknown. + # ClickHouse version may be unknown due to host being down - for example, because of incorrect "settings" section. + # ClickHouse is not willing to start in case incorrect/unknown settings are provided in config file. + - version: "*" + rules: + - settings/*: "yes" + - settings/dictionaries_config: "no" + - settings/logger: "no" + - settings/macros/*: "no" + - settings/max_server_memory_*: "no" + - settings/max_*_to_drop: "no" + - settings/max_concurrent_queries: "no" + - settings/models_config: "no" + - settings/user_defined_executable_functions_config: "no" + + - zookeeper/*: "yes" + + - files/*.xml: "yes" + - files/config.d/*.xml: "yes" + - files/config.d/*dict*.xml: "no" + + - profiles/default/background_*_pool_size: "yes" + - profiles/default/max_*_for_server: "yes" + - version: "21.*" + rules: + - settings/logger: "yes" + + ################################################# + ## + ## Access to ClickHouse instances + ## + ################################################ + access: + # Possible values for 'scheme' are: + # 1. http - force http to be used to connect to ClickHouse instances + # 2. https - force https to be used to connect to ClickHouse instances + # 3. auto - either http or https is selected based on open ports + scheme: "auto" + # ClickHouse credentials (username, password and port) to be used by the operator to connect to ClickHouse instances. + # These credentials are used for: + # 1. Metrics requests + # 2. Schema maintenance + # 3. DROP DNS CACHE + # User with these credentials can be specified in additional ClickHouse .xml config files, + # located in 'clickhouse.configuration.file.path.user' folder + username: "" + password: "" + rootCA: "" + + # Location of the k8s Secret with username and password to be used by the operator to connect to ClickHouse instances. + # Can be used instead of explicitly specified username and password available in sections: + # - clickhouse.access.username + # - clickhouse.access.password + # Secret should have two keys: + # 1. username + # 2. password + secret: + # Empty `namespace` means that k8s secret would be looked in the same namespace where operator's pod is running. + namespace: "" + # Empty `name` means no k8s Secret would be looked for + name: "clickhouse-operator" + # Port where to connect to ClickHouse instances to + port: 8123 + + # Timeouts used to limit connection and queries from the operator to ClickHouse instances + # Specified in seconds. + timeouts: + # Timout to setup connection from the operator to ClickHouse instances. In seconds. + connect: 1 + # Timout to perform SQL query from the operator to ClickHouse instances. In seconds. + query: 4 + + ################################################# + ## + ## Metrics collection + ## + ################################################ + + metrics: + # Timeouts used to limit connection and queries from the metrics exporter to ClickHouse instances + # Specified in seconds. + timeouts: + # Timeout used to limit metrics collection request. In seconds. + # Upon reaching this timeout metrics collection is aborted and no more metrics are collected in this cycle. + # All collected metrics are returned. + collect: 9 + + ################################################ + ## + ## Template(s) management section + ## + ################################################ + template: + chi: + # CHI template updates handling policy + # Possible policy values: + # - ReadOnStart. Accept CHIT updates on the operators start only. + # - ApplyOnNextReconcile. Accept CHIT updates at all time. Apply news CHITs on next regular reconcile of the CHI + policy: ApplyOnNextReconcile + + # Path to the folder where ClickHouseInstallation templates .yaml manifests are located. + # Templates are added to the list of all templates and used when CHI is reconciled. + # Templates are applied in sorted alpha-numeric order. + path: templates.d + + ################################################ + ## + ## Reconcile section + ## + ################################################ + reconcile: + # Reconcile runtime settings + runtime: + # Max number of concurrent CHI reconciles in progress + reconcileCHIsThreadsNumber: 10 + + # The operator reconciles shards concurrently in each CHI with the following limitations: + # 1. Number of shards being reconciled (and thus having hosts down) in each CHI concurrently + # can not be greater than 'reconcileShardsThreadsNumber'. + # 2. Percentage of shards being reconciled (and thus having hosts down) in each CHI concurrently + # can not be greater than 'reconcileShardsMaxConcurrencyPercent'. + # 3. The first shard is always reconciled alone. Concurrency starts from the second shard and onward. + # Thus limiting number of shards being reconciled (and thus having hosts down) in each CHI by both number and percentage + + # Max number of concurrent shard reconciles within one CHI in progress + reconcileShardsThreadsNumber: 5 + # Max percentage of concurrent shard reconciles within one CHI in progress + reconcileShardsMaxConcurrencyPercent: 50 + + # Reconcile StatefulSet scenario + statefulSet: + # Create StatefulSet scenario + create: + # What to do in case created StatefulSet is not in 'Ready' after `reconcile.statefulSet.update.timeout` seconds + # Possible options: + # 1. abort - abort the process, do nothing with the problematic StatefulSet, leave it as it is, + # do not try to fix or delete or update it, just abort reconcile cycle. + # Do not proceed to the next StatefulSet(s) and wait for an admin to assist. + # 2. delete - delete newly created problematic StatefulSet and follow 'abort' path afterwards. + # 3. ignore - ignore an error, pretend nothing happened, continue reconcile and move on to the next StatefulSet. + onFailure: ignore + + # Update StatefulSet scenario + update: + # How many seconds to wait for created/updated StatefulSet to be 'Ready' + timeout: 300 + # How many seconds to wait between checks/polls for created/updated StatefulSet status + pollInterval: 5 + # What to do in case updated StatefulSet is not in 'Ready' after `reconcile.statefulSet.update.timeout` seconds + # Possible options: + # 1. abort - abort the process, do nothing with the problematic StatefulSet, leave it as it is, + # do not try to fix or delete or update it, just abort reconcile cycle. + # Do not proceed to the next StatefulSet(s) and wait for an admin to assist. + # 2. rollback - delete Pod and rollback StatefulSet to previous Generation. + # Pod would be recreated by StatefulSet based on rollback-ed StatefulSet configuration. + # Follow 'abort' path afterwards. + # 3. ignore - ignore an error, pretend nothing happened, continue reconcile and move on to the next StatefulSet. + onFailure: abort + + # Reconcile Host scenario + host: + # Whether the operator during reconcile procedure should wait for a ClickHouse host: + # - to be excluded from a ClickHouse cluster + # - to complete all running queries + # - to be included into a ClickHouse cluster + # respectfully before moving forward + wait: + exclude: true + queries: true + include: false + + ################################################ + ## + ## Annotations management section + ## + ################################################ + annotation: + # Applied when: + # 1. Propagating annotations from the CHI's `metadata.annotations` to child objects' `metadata.annotations`, + # 2. Propagating annotations from the CHI Template's `metadata.annotations` to CHI's `metadata.annotations`, + # Include annotations from the following list: + # Applied only when not empty. Empty list means "include all, no selection" + include: [] + # Exclude annotations from the following list: + exclude: [] + + ################################################ + ## + ## Labels management section + ## + ################################################ + label: + # Applied when: + # 1. Propagating labels from the CHI's `metadata.labels` to child objects' `metadata.labels`, + # 2. Propagating labels from the CHI Template's `metadata.labels` to CHI's `metadata.labels`, + # Include labels from the following list: + # Applied only when not empty. Empty list means "include all, no selection" + include: [] + # Exclude labels from the following list: + # Applied only when not empty. Empty list means "nothing to exclude, no selection" + exclude: [] + # Whether to append *Scope* labels to StatefulSet and Pod. + # Full list of available *scope* labels check in 'labeler.go' + # LabelShardScopeIndex + # LabelReplicaScopeIndex + # LabelCHIScopeIndex + # LabelCHIScopeCycleSize + # LabelCHIScopeCycleIndex + # LabelCHIScopeCycleOffset + # LabelClusterScopeIndex + # LabelClusterScopeCycleSize + # LabelClusterScopeCycleIndex + # LabelClusterScopeCycleOffset + appendScope: "no" + + ################################################ + ## + ## StatefulSet management section + ## + ################################################ + statefulSet: + revisionHistoryLimit: 0 + + ################################################ + ## + ## Pod management section + ## + ################################################ + pod: + # Grace period for Pod termination. + # How many seconds to wait between sending + # SIGTERM and SIGKILL during Pod termination process. + # Increase this number is case of slow shutdown. + terminationGracePeriod: 30 + + ################################################ + ## + ## Log parameters section + ## + ################################################ + logger: + logtostderr: "true" + alsologtostderr: "false" + v: "1" + stderrthreshold: "" + vmodule: "" + log_backtrace_at: "" + +--- +# Template Parameters: +# +# NAME=etc-clickhouse-operator-confd-files +# NAMESPACE=kube-system +# COMMENT= +# +apiVersion: v1 +kind: ConfigMap +metadata: + name: etc-clickhouse-operator-confd-files + namespace: acto-clickhouse + labels: + clickhouse.altinity.com/chop: 0.22.2 + app: clickhouse-operator +data: +--- +# Template Parameters: +# +# NAME=etc-clickhouse-operator-configd-files +# NAMESPACE=kube-system +# COMMENT= +# +apiVersion: v1 +kind: ConfigMap +metadata: + name: etc-clickhouse-operator-configd-files + namespace: acto-clickhouse + labels: + clickhouse.altinity.com/chop: 0.22.2 + app: clickhouse-operator +data: + 01-clickhouse-01-listen.xml: | + + + + + + + + + :: + 0.0.0.0 + 1 + + + 01-clickhouse-02-logger.xml: | + + + + + + + + + + debug + /var/log/clickhouse-server/clickhouse-server.log + /var/log/clickhouse-server/clickhouse-server.err.log + 1000M + 10 + + 1 + + + + 01-clickhouse-03-query_log.xml: | + + + + + + + + + system + query_log
+ Engine = MergeTree PARTITION BY event_date ORDER BY event_time TTL event_date + interval 30 day + 7500 + + + + + 01-clickhouse-04-part_log.xml: | + + + + + + + + + system + part_log
+ Engine = MergeTree PARTITION BY event_date ORDER BY event_time TTL event_date + interval 30 day + 7500 + + + + 01-clickhouse-05-trace_log.xml: | + + + + + + + + + system + trace_log
+ Engine = MergeTree PARTITION BY event_date ORDER BY event_time TTL event_date + interval 30 day + 7500 + + + +--- +# Template Parameters: +# +# NAME=etc-clickhouse-operator-templatesd-files +# NAMESPACE=kube-system +# COMMENT= +# +apiVersion: v1 +kind: ConfigMap +metadata: + name: etc-clickhouse-operator-templatesd-files + namespace: acto-clickhouse + labels: + clickhouse.altinity.com/chop: 0.22.2 + app: clickhouse-operator +data: + 001-templates.json.example: | + { + "apiVersion": "clickhouse.altinity.com/v1", + "kind": "ClickHouseInstallationTemplate", + "metadata": { + "name": "01-default-volumeclaimtemplate" + }, + "spec": { + "templates": { + "volumeClaimTemplates": [ + { + "name": "chi-default-volume-claim-template", + "spec": { + "accessModes": [ + "ReadWriteOnce" + ], + "resources": { + "requests": { + "storage": "2Gi" + } + } + } + } + ], + "podTemplates": [ + { + "name": "chi-default-oneperhost-pod-template", + "distribution": "OnePerHost", + "spec": { + "containers" : [ + { + "name": "clickhouse", + "image": "clickhouse/clickhouse-server:22.3", + "ports": [ + { + "name": "http", + "containerPort": 8123 + }, + { + "name": "client", + "containerPort": 9000 + }, + { + "name": "interserver", + "containerPort": 9009 + } + ] + } + ] + } + } + ] + } + } + } + + default-pod-template.yaml.example: | + apiVersion: "clickhouse.altinity.com/v1" + kind: "ClickHouseInstallationTemplate" + metadata: + name: "default-oneperhost-pod-template" + spec: + templates: + podTemplates: + - name: default-oneperhost-pod-template + distribution: "OnePerHost" + default-storage-template.yaml.example: | + apiVersion: "clickhouse.altinity.com/v1" + kind: "ClickHouseInstallationTemplate" + metadata: + name: "default-storage-template-2Gi" + spec: + templates: + volumeClaimTemplates: + - name: default-storage-template-2Gi + spec: + accessModes: + - ReadWriteOnce + resources: + requests: + storage: 2Gi + + readme: | + Templates in this folder are packaged with an operator and available via 'useTemplate' +--- +# Template Parameters: +# +# NAME=etc-clickhouse-operator-usersd-files +# NAMESPACE=kube-system +# COMMENT= +# +apiVersion: v1 +kind: ConfigMap +metadata: + name: etc-clickhouse-operator-usersd-files + namespace: acto-clickhouse + labels: + clickhouse.altinity.com/chop: 0.22.2 + app: clickhouse-operator +data: + 01-clickhouse-operator-profile.xml: | + + + + + + + + + + + + 0 + 1 + 10 + 0 + 0 + + + + + 02-clickhouse-default-profile.xml: | + + + + + + + + + + 2 + 1 + 1000 + 1 + 1 + 1 + nearest_hostname + 0 + + + + +--- +# +# Template parameters available: +# NAMESPACE=kube-system +# COMMENT= +# OPERATOR_VERSION=0.22.2 +# CH_USERNAME_SECRET_PLAIN=clickhouse_operator +# CH_PASSWORD_SECRET_PLAIN=clickhouse_operator_password +# +apiVersion: v1 +kind: Secret +metadata: + name: clickhouse-operator + namespace: acto-clickhouse + labels: + clickhouse.altinity.com/chop: 0.22.2 + app: clickhouse-operator +type: Opaque +stringData: + username: clickhouse_operator + password: clickhouse_operator_password +--- +# Template Parameters: +# +# NAMESPACE=kube-system +# COMMENT= +# OPERATOR_IMAGE=altinity/clickhouse-operator:0.22.2 +# OPERATOR_IMAGE_PULL_POLICY=Always +# METRICS_EXPORTER_IMAGE=altinity/metrics-exporter:0.22.2 +# METRICS_EXPORTER_IMAGE_PULL_POLICY=Always +# +# Setup Deployment for clickhouse-operator +# Deployment would be created in kubectl-specified namespace +kind: Deployment +apiVersion: apps/v1 +metadata: + name: clickhouse-operator + namespace: acto-clickhouse + labels: + clickhouse.altinity.com/chop: 0.22.2 + app: clickhouse-operator +spec: + replicas: 1 + selector: + matchLabels: + app: clickhouse-operator + template: + metadata: + labels: + app: clickhouse-operator + annotations: + prometheus.io/port: '8888' + prometheus.io/scrape: 'true' + clickhouse-operator-metrics/port: '9999' + clickhouse-operator-metrics/scrape: 'true' + spec: + serviceAccountName: clickhouse-operator + volumes: + - name: etc-clickhouse-operator-folder + configMap: + name: etc-clickhouse-operator-files + - name: etc-clickhouse-operator-confd-folder + configMap: + name: etc-clickhouse-operator-confd-files + - name: etc-clickhouse-operator-configd-folder + configMap: + name: etc-clickhouse-operator-configd-files + - name: etc-clickhouse-operator-templatesd-folder + configMap: + name: etc-clickhouse-operator-templatesd-files + - name: etc-clickhouse-operator-usersd-folder + configMap: + name: etc-clickhouse-operator-usersd-files + containers: + - name: clickhouse-operator + image: altinity/clickhouse-operator:0.22.2 + imagePullPolicy: IfNotPresent + volumeMounts: + - name: etc-clickhouse-operator-folder + mountPath: /etc/clickhouse-operator + - name: etc-clickhouse-operator-confd-folder + mountPath: /etc/clickhouse-operator/conf.d + - name: etc-clickhouse-operator-configd-folder + mountPath: /etc/clickhouse-operator/config.d + - name: etc-clickhouse-operator-templatesd-folder + mountPath: /etc/clickhouse-operator/templates.d + - name: etc-clickhouse-operator-usersd-folder + mountPath: /etc/clickhouse-operator/users.d + env: + # Pod-specific + # spec.nodeName: ip-172-20-52-62.ec2.internal + - name: OPERATOR_POD_NODE_NAME + valueFrom: + fieldRef: + fieldPath: spec.nodeName + # metadata.name: clickhouse-operator-6f87589dbb-ftcsf + - name: OPERATOR_POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + # metadata.namespace: acto-clickhouse + - name: OPERATOR_POD_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + # status.podIP: 100.96.3.2 + - name: OPERATOR_POD_IP + valueFrom: + fieldRef: + fieldPath: status.podIP + # spec.serviceAccount: clickhouse-operator + # spec.serviceAccountName: clickhouse-operator + - name: OPERATOR_POD_SERVICE_ACCOUNT + valueFrom: + fieldRef: + fieldPath: spec.serviceAccountName + + # Container-specific + - name: OPERATOR_CONTAINER_CPU_REQUEST + valueFrom: + resourceFieldRef: + containerName: clickhouse-operator + resource: requests.cpu + - name: OPERATOR_CONTAINER_CPU_LIMIT + valueFrom: + resourceFieldRef: + containerName: clickhouse-operator + resource: limits.cpu + - name: OPERATOR_CONTAINER_MEM_REQUEST + valueFrom: + resourceFieldRef: + containerName: clickhouse-operator + resource: requests.memory + - name: OPERATOR_CONTAINER_MEM_LIMIT + valueFrom: + resourceFieldRef: + containerName: clickhouse-operator + resource: limits.memory + ports: + - containerPort: 9999 + name: metrics + + - name: metrics-exporter + image: altinity/metrics-exporter:0.22.2 + imagePullPolicy: IfNotPresent + volumeMounts: + - name: etc-clickhouse-operator-folder + mountPath: /etc/clickhouse-operator + - name: etc-clickhouse-operator-confd-folder + mountPath: /etc/clickhouse-operator/conf.d + - name: etc-clickhouse-operator-configd-folder + mountPath: /etc/clickhouse-operator/config.d + - name: etc-clickhouse-operator-templatesd-folder + mountPath: /etc/clickhouse-operator/templates.d + - name: etc-clickhouse-operator-usersd-folder + mountPath: /etc/clickhouse-operator/users.d + env: + # Pod-specific + # spec.nodeName: ip-172-20-52-62.ec2.internal + - name: OPERATOR_POD_NODE_NAME + valueFrom: + fieldRef: + fieldPath: spec.nodeName + # metadata.name: clickhouse-operator-6f87589dbb-ftcsf + - name: OPERATOR_POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + # metadata.namespace: acto-clickhouse + - name: OPERATOR_POD_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + # status.podIP: 100.96.3.2 + - name: OPERATOR_POD_IP + valueFrom: + fieldRef: + fieldPath: status.podIP + # spec.serviceAccount: clickhouse-operator + # spec.serviceAccountName: clickhouse-operator + - name: OPERATOR_POD_SERVICE_ACCOUNT + valueFrom: + fieldRef: + fieldPath: spec.serviceAccountName + + # Container-specific + - name: OPERATOR_CONTAINER_CPU_REQUEST + valueFrom: + resourceFieldRef: + containerName: clickhouse-operator + resource: requests.cpu + - name: OPERATOR_CONTAINER_CPU_LIMIT + valueFrom: + resourceFieldRef: + containerName: clickhouse-operator + resource: limits.cpu + - name: OPERATOR_CONTAINER_MEM_REQUEST + valueFrom: + resourceFieldRef: + containerName: clickhouse-operator + resource: requests.memory + - name: OPERATOR_CONTAINER_MEM_LIMIT + valueFrom: + resourceFieldRef: + containerName: clickhouse-operator + resource: limits.memory + ports: + - containerPort: 8888 + name: metrics +--- +# Template Parameters: +# +# NAMESPACE=kube-system +# COMMENT= +# +# Setup ClusterIP Service to provide monitoring metrics for Prometheus +# Service would be created in kubectl-specified namespace +# In order to get access outside of k8s it should be exposed as: +# kubectl --namespace prometheus port-forward service/prometheus 9090 +# and point browser to localhost:9090 +kind: Service +apiVersion: v1 +metadata: + name: clickhouse-operator-metrics + namespace: acto-clickhouse + labels: + clickhouse.altinity.com/chop: 0.22.2 + app: clickhouse-operator +spec: + ports: + - port: 8888 + name: clickhouse-metrics + - port: 9999 + name: operator-metrics + selector: + app: clickhouse-operator diff --git a/data/clickhouse-operator/zookeeper.yaml b/data/clickhouse-operator/zookeeper.yaml new file mode 100644 index 0000000000..741e7c7a12 --- /dev/null +++ b/data/clickhouse-operator/zookeeper.yaml @@ -0,0 +1,289 @@ +apiVersion: v1 +kind: Namespace +metadata: + labels: + app.kubernetes.io/name: zoo3ns + name: zoo3ns +--- +# Setup Service to provide access to Zookeeper for clients +apiVersion: v1 +kind: Service +metadata: + # DNS would be like zookeeper.zoons + name: zookeeper + labels: + app: zookeeper +spec: + ports: + - port: 2181 + name: client + - port: 7000 + name: prometheus + selector: + app: zookeeper + what: node +--- +# Setup Service to provide access to Zookeeper for clients +apiVersion: v1 +kind: Service +metadata: + # DNS would be like zookeeper.zoons + name: zookeeper + namespace: zoo3ns + labels: + app: zookeeper +spec: + ports: + - port: 2181 + name: client + - port: 7000 + name: prometheus + selector: + app: zookeeper + what: node +--- +# Setup Headless Service for StatefulSet +apiVersion: v1 +kind: Service +metadata: + # DNS would be like zookeeper-0.zookeepers.etc + name: zookeepers + namespace: zoo3ns + labels: + app: zookeeper +spec: + ports: + - port: 2888 + name: server + - port: 3888 + name: leader-election + clusterIP: None + selector: + app: zookeeper + what: node +--- +# Setup max number of unavailable pods in StatefulSet +apiVersion: policy/v1 +kind: PodDisruptionBudget +metadata: + name: zookeeper-pod-disruption-budget + namespace: zoo3ns +spec: + selector: + matchLabels: + app: zookeeper + maxUnavailable: 1 +--- +# Setup Zookeeper StatefulSet +# Possible params: +# 1. replicas +# 2. memory +# 3. cpu +# 4. storage +# 5. storageClassName +# 6. user to run app +apiVersion: apps/v1 +kind: StatefulSet +metadata: + # nodes would be named as zookeeper-0, zookeeper-1, zookeeper-2 + name: zookeeper + namespace: zoo3ns + labels: + app: zookeeper +spec: + selector: + matchLabels: + app: zookeeper + serviceName: zookeepers + replicas: 3 + updateStrategy: + type: RollingUpdate + podManagementPolicy: OrderedReady + template: + metadata: + labels: + app: zookeeper + what: node + annotations: + prometheus.io/port: '7000' + prometheus.io/scrape: 'true' + spec: + affinity: + podAntiAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + - labelSelector: + matchExpressions: + - key: "app" + operator: In + values: + - zookeeper + # TODO think about multi-AZ EKS + # topologyKey: topology.kubernetes.io/zone + topologyKey: "kubernetes.io/hostname" + containers: + - name: kubernetes-zookeeper + imagePullPolicy: IfNotPresent + image: "docker.io/zookeeper:3.8.1" + resources: + requests: + memory: "512M" + cpu: "1" + limits: + memory: "4Gi" + cpu: "2" + ports: + - containerPort: 2181 + name: client + - containerPort: 2888 + name: server + - containerPort: 3888 + name: leader-election + - containerPort: 7000 + name: prometheus + env: + - name: SERVERS + value: "3" + +# See those links for proper startup settings: +# https://github.com/kow3ns/kubernetes-zookeeper/blob/master/docker/scripts/start-zookeeper +# https://clickhouse.yandex/docs/en/operations/tips/#zookeeper +# https://github.com/ClickHouse/ClickHouse/issues/11781 + command: + - bash + - -x + - -c + - | + HOST=`hostname -s` && + DOMAIN=`hostname -d` && + CLIENT_PORT=2181 && + SERVER_PORT=2888 && + ELECTION_PORT=3888 && + PROMETHEUS_PORT=7000 && + ZOO_DATA_DIR=/var/lib/zookeeper/data && + ZOO_DATA_LOG_DIR=/var/lib/zookeeper/datalog && + { + echo "clientPort=${CLIENT_PORT}" + echo 'tickTime=2000' + echo 'initLimit=300' + echo 'syncLimit=10' + echo 'maxClientCnxns=2000' + echo 'maxTimeToWaitForEpoch=2000' + echo 'maxSessionTimeout=60000000' + echo "dataDir=${ZOO_DATA_DIR}" + echo "dataLogDir=${ZOO_DATA_LOG_DIR}" + echo 'autopurge.snapRetainCount=10' + echo 'autopurge.purgeInterval=1' + echo 'preAllocSize=131072' + echo 'snapCount=3000000' + echo 'leaderServes=yes' + echo 'standaloneEnabled=false' + echo '4lw.commands.whitelist=*' + echo 'metricsProvider.className=org.apache.zookeeper.metrics.prometheus.PrometheusMetricsProvider' + echo "metricsProvider.httpPort=${PROMETHEUS_PORT}" + echo "skipACL=true" + echo "fastleader.maxNotificationInterval=10000" + } > /conf/zoo.cfg && + { + echo "zookeeper.root.logger=CONSOLE" + echo "zookeeper.console.threshold=INFO" + echo "log4j.rootLogger=\${zookeeper.root.logger}" + echo "log4j.appender.CONSOLE=org.apache.log4j.ConsoleAppender" + echo "log4j.appender.CONSOLE.Threshold=\${zookeeper.console.threshold}" + echo "log4j.appender.CONSOLE.layout=org.apache.log4j.PatternLayout" + echo "log4j.appender.CONSOLE.layout.ConversionPattern=%d{ISO8601} - %-5p [%t:%C{1}@%L] - %m%n" + } > /conf/log4j.properties && + echo 'JVMFLAGS="-Xms128M -Xmx4G -XX:ActiveProcessorCount=8 -XX:+AlwaysPreTouch -Djute.maxbuffer=8388608 -XX:MaxGCPauseMillis=50"' > /conf/java.env && + if [[ $HOST =~ (.*)-([0-9]+)$ ]]; then + NAME=${BASH_REMATCH[1]} && + ORD=${BASH_REMATCH[2]}; + else + echo "Failed to parse name and ordinal of Pod" && + exit 1; + fi && + mkdir -pv ${ZOO_DATA_DIR} && + mkdir -pv ${ZOO_DATA_LOG_DIR} && + whoami && + chown -Rv zookeeper "$ZOO_DATA_DIR" "$ZOO_DATA_LOG_DIR" && + export MY_ID=$((ORD+1)) && + echo $MY_ID > $ZOO_DATA_DIR/myid && + for (( i=1; i<=$SERVERS; i++ )); do + echo "server.$i=$NAME-$((i-1)).$DOMAIN:$SERVER_PORT:$ELECTION_PORT" >> /conf/zoo.cfg; + done && + if [[ $SERVERS -eq 1 ]]; then + echo "group.1=1" >> /conf/zoo.cfg; + else + echo "group.1=1:2:3" >> /conf/zoo.cfg; + fi && + for (( i=1; i<=$SERVERS; i++ )); do + WEIGHT=1 + if [[ $i == 1 ]]; then + WEIGHT=10 + fi + echo "weight.$i=$WEIGHT" >> /conf/zoo.cfg; + done && + zkServer.sh start-foreground + readinessProbe: + exec: + command: + - bash + - -c + - ' + IFS=; + MNTR=$(exec 3<>/dev/tcp/127.0.0.1/2181 ; printf "mntr" >&3 ; tee <&3; exec 3<&- ;); + while [[ "$MNTR" == "This ZooKeeper instance is not currently serving requests" ]]; + do + echo "wait mntr works"; + sleep 1; + MNTR=$(exec 3<>/dev/tcp/127.0.0.1/2181 ; printf "mntr" >&3 ; tee <&3; exec 3<&- ;); + done; + STATE=$(echo -e $MNTR | grep zk_server_state | cut -d " " -f 2); + if [[ "$STATE" =~ "leader" ]]; then + echo "check leader state"; + SYNCED_FOLLOWERS=$(echo -e $MNTR | grep zk_synced_followers | awk -F"[[:space:]]+" "{print \$2}" | cut -d "." -f 1); + if [[ "$SYNCED_FOLLOWERS" != "0" ]]; then + ./bin/zkCli.sh ls /; + exit $?; + else + exit 0; + fi; + elif [[ "$STATE" =~ "follower" ]]; then + echo "check follower state"; + PEER_STATE=$(echo -e $MNTR | grep zk_peer_state); + if [[ "$PEER_STATE" =~ "following - broadcast" ]]; then + ./bin/zkCli.sh ls /; + exit $?; + else + exit 1; + fi; + else + exit 1; + fi + ' + initialDelaySeconds: 10 + periodSeconds: 60 + timeoutSeconds: 60 + livenessProbe: + exec: + command: + - bash + - -xc + - 'date && OK=$(exec 3<>/dev/tcp/127.0.0.1/2181 ; printf "ruok" >&3 ; IFS=; tee <&3; exec 3<&- ;); if [[ "$OK" == "imok" ]]; then exit 0; else exit 1; fi' + initialDelaySeconds: 10 + periodSeconds: 30 + timeoutSeconds: 5 + volumeMounts: + - name: datadir-volume + mountPath: /var/lib/zookeeper + # Run as a non-privileged user + securityContext: + runAsUser: 1000 + fsGroup: 1000 + volumeClaimTemplates: + - metadata: + name: datadir-volume + spec: + accessModes: + - ReadWriteOnce + resources: + requests: + storage: 25Gi \ No newline at end of file